$_SERVER, '$_REQUEST' => $_REQUEST, '$_GET' => $_GET, '$_POST' => $_POST, '$_COOKIE' => $_COOKIE, '$_FILES' => $_FILES ); $ignore = array( 'PATH', 'SHELL', 'USER', 'PHP_FCGI_CHILDREN', 'PHP_FCGI_MAX_REQUESTS', 'HTTP_CACHE_CONTROL', 'DOCUMENT_ROOT', 'PATH_INFO' ); $offender_file = "offenders/".$remote_ip.".txt"; if (!is_file($offender_file)) { // echo "-Creating ".$offender_file."\n"; $fh = fopen($offender_file, "w"); fputs($fh,''); fclose($fh); } $fh = fopen($offender_file, "a"); // echo "# DUMPINFOS [$remote_ip] BEGINS\n"; fwrite($fh,"# DUMPINFOS [$remote_ip] BEGINS\n"); // echo "# DUMPINFOS reason: $reason\n"; fwrite($fh,"# DUMPINFOS reason: $reason\n"); foreach ($globals as $globalkey => $global) { // echo "dumpinfos: globalkey:$globalkey\n"; foreach ($global as $key => $value) { $show=1; foreach ($ignore as $keyname) { if ($keyname == $key) { $show=0; break; } //SCRIPT_FILENAME value:/var/www/txtblog/index.php } if ($show != "1") { continue; } if ("$key" == "SCRIPT_FILENAME") { $value = (preg_replace('/^\/.*\//', '/.../', $value)); } // echo "globalkey:$globalkey key:$key value:$value\n"; fwrite($fh,"globalkey:$globalkey key:$key value:$value\n"); } } fwrite($fh,"# DUMPINFOS [$remote_ip] ENDS\n"); fwrite($fh,"\n"); fclose($fh); // header("Location: ?mode=offenders&showentry=".$remote_ip.".txt"); // echo "# DUMPINFOS [$remote_ip] ENDS\n"; die(); } // check if input is valid. Send to offenders if not function checkvar($testvar) { if ("$testvar" == "") { return; } $testvar = (preg_replace('/.txt$/', '', $testvar)); $testvar = (preg_replace('/[a-z]/', '', $testvar)); $testvar = (preg_replace('/[A-Z]/', '', $testvar)); $testvar = (preg_replace('/[0-9]/', '', $testvar)); $testvar = (preg_replace('/-/', '', $testvar)); $testvar = (preg_replace('/\./', '', $testvar)); if ("$testvar" != "") { // dumpinfos("ERR: UNCLEAN ($testvar)"); die(); } } // Output buffered until everything checked out ob_start(); // header('Content-Type: text/plain'); echo "\n"; echo "
\n"; echo "\n"; echo "\n";
if (isset($_GET["mode"])) {
$mode=$_GET["mode"];
checkvar($mode);
// echo "got passed var mode:$mode\n";
} else {
$mode="";
}
if (isset($_GET["showentry"])) {
$showentry=$_GET["showentry"];
checkvar($showentry);
// echo "got passed var showentry:$showentry\n";
} else {
$showentry="";
}
if (isset($_GET["shownum"])) {
$shownum=$_GET["shownum"];
checkvar($shownum);
// echo "got passed var shownum:$shownum\n";
} else {
$shownum="";
}
if ($mode == "source") {
//clear out old stuffs
ob_end_clean();
//Show as text file
header("Content-Type: text/plain");
//dump index.php
$fh = fopen('index.php', "r");
while (1) {
if (feof($fh)) {
break;
}
$line = fgets($fh);
// $line = trim($line);
// if ("$line" == "") {
// continue;
// }
echo "$line";
}
fclose($fh);
die();
}
if ($mode == "") {
$mode = "txtblog";
}
if ($mode == "offenders") {
ob_end_clean();
header("Location: /txtblog/");
die();
// $dir = "offenders";
} else {
if ($mode == "txtblog") {
$dir = ".";
} else {
ob_end_clean();
header("Location: /txtblog/");
die();
// dumpinfos("unknown mode:$mode");
}
}
// echo "Listing dir:$dir\n";
$show_match = 0;
if ($handle = opendir($dir)) {
while (false !== ($file = readdir($handle)))
{
if ($file != "." && $file != ".." && $file != "index.php")
{
if (is_dir($file)) { continue; }
if (preg_replace('/^\.txt$/', '', $file) != $file) { continue; }
(preg_replace('/ /', '%20', $file) == $file);
if ($file == $showentry) {
$show_match = 1;
}
// if ("$dir" == ".") {
$list[] = $file;
// } else {
// $list[] = $dir."/".$file;
// }
}
}
closedir($handle);
}
rsort($list);
if (("$showentry" != "") && ("$show_match" == "0")) {
// print "showentry removing unfound entry: $showentry\n";
dumpinfos("unfound showentry:$showentry");
$showentry="";
}
if ("$showentry" == "") {
if ("$list[0]" != "") {
$showentry="$list[0]";
print "showentry using first in list: $showentry\n";
} else {
print "no entries found to choose first one to show.\n";
}
} else {
//show requested
print "showentry: $showentry\n";
}
if ($showentry != "") {
echo "\n";
print "\n# BEGIN $showentry\n";
// if ($mode == "offenders") {
// $showfile=$dir."/".$showentry;
// } else {
$showfile=$showentry;
// }
if (!is_file($showfile)) {
dumpinfos("file does not exist for showentry:$showentry showfile:$showfile");
}
$fh = fopen($showfile, "r");
while (1) {
if (feof($fh)) {
break;
}
$line = fgets($fh);
// $line = trim($line);
// (preg_replace('/\r/', '', $line) == $line);
if (trim("$line") == "") {
if (trim("$lline") == "") {
continue;
}
}
$lline = $line;
print "$line";
}
fclose($fh);
print "# EOF $showentry\n";
echo "
\n";
} else {
print "# Nothing to show.\n";
}
/* if ("$mode" == "offenders") {
print "\n# Feel free to TEST and add an entry for all to see.\n";
}
*/
print "\n";
//show list
foreach ($list as $file)
{
if ($file == $showentry) {
print "$file\n";
continue;
}
print "$file\n";
}
echo "\n";
// echo "[ home | source | offenders ]\n";
echo "[ home | source ]\n";
echo "\n";
echo "
\n";
echo "\n";
echo "\n";
die();
?>