<?php ob_start(); ?>
<html>
<head>
<title>Hack This Site! :: Browsing Source</title>
<link rel="StyleSheet" href="codes.css" type="text/css" media="screen" />
</head>
<body>
<?php

    $want_path 
htmlentities($_GET['g']);
    
$startwith $_SERVER['DOCUMENT_ROOT'];
    
// Relative -> absolute.
    
$want_path "$startwith/$want_path/";
    
// Path resolution and ok-ness.
    
$path_parts pathinfo($want_path.'/no_exist_file');
    
$full_file htmlentities (realpath($path_parts['dirname']."/source.php"));
    
$full_path htmlentities (realpath($path_parts['dirname']));
    
$rel_path strip_abs($full_path);
    
$source_file htmlentities($_GET['f']);
    
$source_full_file=$full_path.'/'.$source_file;
    
$source_rel_file $rel_path '/'$source_file;


    
// Ok if the file exists and it's in the site dir.
    
$ok false;
    if (!empty(
$full_file) && strstr($full_file$startwith) == $full_file)
    {
        
$ok true;
    }

    
// If a sourceok regulation file exists.
    
if (file_exists($full_file) && $ok)
    {
        include(
$full_file);
        
// If the file is NOT in the ok list.
        
if (!in_array($source_file$ok) && $source_file != 'source.php')
          {
            
// List the stuff we can see.
            
echo "<h2>Index of $rel_path</h2><hr />";
            echo 
"<ol style=\"list-style-type: none;\">";
            echo 
"<li><span style=\"font-family: 'Courier New', monospace;\">[DIR]</span> <a href=\"loopdeloop.php\">Go Back</a></li>";

            foreach(
$ok as $file_in_ok)
            {

                
$file_in_ok htmlentities ($file_in_ok);
                echo 
"<li>";
                    echo 
"<span style=\"font-family: 'Courier New', monospace;\">[PHP]</span>";
                    echo 
"<a href=\"viewhts.php?g=$rel_path&f=$file_in_ok\">$file_in_ok</a>";
                echo 
"</li>";

            }
            echo 
"<li><span style=\"font-family: 'Courier New', monospace;\">[PHP]</span><a href=\"viewhts.php?g=$rel_path&f=source.php\">source.php</a></li>";
            echo 
"</ol>";

          }
          else
          {
            echo 
"<a href=\"viewhts.php?g=$rel_path\">go back</a> ";
            echo 
"<a href=\"viewhts.php?g=$rel_path&f=$source_file&mode=line\">see line numbers</a> ";
            echo 
"<a href=\"viewhts.php?g=$rel_path&f=$source_file&mode=raw\">get (semi)raw file</a> ";
            echo 
"<a href=\"viewhts.php?g=$rel_path&f=$source_file&mode=download\">download file</a> ";
            echo 
"<br />you are viewing $source_rel_file<br />";
                echo 
"<a href=\"viewhts.php?g=$rel_path\">Back to Directory</a><br /><br />";

            echo 
"<hr />";

            switch (@
$_GET['mode']) {
                case 
'line':
                    
highlight_num($source_full_file);
                    break;
                case 
'raw':
                    echo 
"<pre>"htmlentities(file_get_contents($source_full_file)) ."</pre>";
                    break;
                case 
'download':
                    
ob_end_clean();
                    
header('Content-type: text/plain');
                    
header('Content-Disposition: attachment; filename="' $source_file '"');
                    
readfile($source_full_file);
                    echo 
"You are currently viewing the HTS source code.  Copyright held by HTS developers. No permission to reproduce is given.";
                    exit;
                    break;
                case 
'file':
                default:
                        
highlight_file($source_full_file);
            }
            echo 
"<hr />";
            echo 
"You are currently viewing the HTS source code.  Copyright held by HTS developers. No permission to reproduce is given.";

          }
    }
    else
    {
        
highlight_file(__FILE__);
           echo 
"<hr />";
            echo 
"You are currently viewing the HTS source code.  Copyright held by HTS developers. No permission to reproduce is given.";
    }
    function 
highlight_num($file)
    {
        echo 
'<code class="num">'implode(range(1count(file($file))), '<br />'), '</code>';
          
highlight_file($file);
    }
?>
</body>
</html>
<?php
    ob_end_flush
();
    function 
strip_abs($path)
    {
        global 
$startwith;
        return 
substr($pathstrlen($startwith));
    }
?>

You are currently viewing the HTS source code. Copyright held by HTS developers. No permission to reproduce is given.