php/archived-web-php
1
0
Fork 0
mirror of https://github.com/php/web-php.git synced 2026-03-24 07:12:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8621612ca54cb79c5fd49aab7489f78dc741cd91
archived-web-php/cached.php
Peter Kokot dd8d8bf863 Sync final and leading newlines 
This patch adds some missing newlines, trims some multiple redundant
final newlines into a single one, and trims few redundant leading
newlines.

According to POSIX, a line is a sequence of zero or more non-'<newline>'
characters plus a terminating '<newline>' character. [1] Files should
normally have at least one final newline character.

C89 [2] and later standards [3] mention a final newline:
"A source file that is not empty shall end in a new-line character,
which shall not be immediately preceded by a backslash character."

Although it is not mandatory for all files to have a final newline
fixed, a more consistent and homogeneous approach brings less of commit
differences issues and a better development experience in certain text
editors and IDEs.

[1] http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_206
[2] https://port70.net/~nsz/c/c89/c89-draft.html#2.1.1.2
[3] https://port70.net/~nsz/c/c99/n1256.html#5.1.1.2
2018-10-17 12:37:26 +02:00

53 lines
1.4 KiB
PHP
Raw Blame History

<?php
/*
Yes, we know this can be used to view the source for any file
in the docroot directory. This is intentional and not an LFI
vulnerability. The source code for everything in the docroot
is publicly available at
https://github.com/php/web-php
so there is no vulnerability here. You can't use this to view
anything that is private.
*/
$_SERVER['BASE_PAGE'] = 'cached.php';
include_once 'include/prepend.inc';
if (!isset($_GET["f"])) {
header("Location: http://php.net/");
exit;
}
$pwd = realpath($_SERVER["DOCUMENT_ROOT"]);
$abs = $pwd. "/" .(string)$_GET["f"];
$abs = realpath($abs);
if (strncmp($abs, $pwd, strlen($pwd)) != 0) {
header("Location: http://php.net/" . strtr($_GET["f"],array("\r"=>"","\n"=>"")));
exit;
}
if (isset($_GET["t"])) {
$time = (int)$_GET["t"];
} else {
$time = filemtime($abs);
}
$tsstring = gmdate("D, d M Y H:i:s ", $time) . "GMT";
if (isset($_SERVER["HTTP_IF_MODIFIED_SINCE"]) &&
($_SERVER["HTTP_IF_MODIFIED_SINCE"] == $tsstring)) {
header("HTTP/1.1 304 Not Modified");
exit;
}
header("Last-Modified: " . $tsstring);
header("Cache-Control: no-transform,public,max-age=2678400,s-maxage=2678400");
if (substr($abs, -3) == ".js" || substr($abs, -5) == ".json") {
header("Content-Type: application/javascript");
} elseif (substr($abs, -4) == ".css") {
header("Content-Type: text/css");
}
readfile($abs);
Reference in New Issue View Git Blame Copy Permalink