KXStudio Website https://kx.studio/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

40 lines
1.3KB

  1. <?php
  2. # Constant: USE_ZLIB
  3. # Use zlib to provide GZIP compression
  4. define('USE_ZLIB', true);
  5. $valid_files = "jquery.js plugins.js";
  6. if (!in_array($_GET['file'], explode(" ", $valid_files)) and strpos($_GET['file'], "/themes/") === false)
  7. exit("Access Denied.");
  8. if (substr_count($_GET['file'], "..") > 0 )
  9. exit("GTFO.");
  10. if (extension_loaded('zlib') and USE_ZLIB and ini_get('zlib.output_compression') === 'On') {
  11. @ini_set('zlib.output_compression', 'Off');
  12. ob_start("ob_gzhandler");
  13. header("Content-Encoding: gzip");
  14. } else
  15. ob_start();
  16. header("Content-Type: application/x-javascript");
  17. if (strpos($_GET['file'], "/themes/") === 0) {
  18. # Constant: MAIN_DIR
  19. # Absolute path to the Chyrp root
  20. define('MAIN_DIR', dirname(dirname(dirname(__FILE__))));
  21. header("Last-Modified: ".@date("r", filemtime(MAIN_DIR.$_GET['file'])));
  22. if (file_exists(MAIN_DIR.$_GET['file']))
  23. readfile(MAIN_DIR.$_GET['file']);
  24. else
  25. echo "alert('File not found: ".addslashes($_GET['file'])."')";
  26. } elseif (file_exists($_GET['file'])) {
  27. header("Last-Modified: ".@date("r", filemtime($_GET['file'])));
  28. readfile($_GET['file']);
  29. } else
  30. echo "alert('File not found: ".addslashes($_GET['file'])."')";
  31. ob_end_flush();