function register_global_array( $sg ) { Static $superGlobals = array( 'e' => '_ENV' , 'g' => '_GET' , 'p' => '_POST' , 'c' => '_COOKIE' , 'r' => '_REQUEST' , 's' => '_SERVER' , 'f' => '_FILES' ); Global ${$superGlobals[$sg]}; foreach( ${$superGlobals[$sg]} as $key => $val ) { $GLOBALS[$key] = $val; } } function register_globals( $order = 'gpc' ) { $_SERVER; //See Note Below $_ENV; $_REQUEST; $order = str_split( strtolower( $order ) ); array_map( 'register_global_array' , $order ); } function render404() { http_response_code(404); ?>
Oops! The page you're looking for doesn't exist, or requires you to login first.
Go back to homepage } register_globals( 'GPCFRES' ); $SITELABEL = "ss"; $WHITELABELVARS = json_decode(file_get_contents("/home/webapps/wl/conf/wlabelcfg.json"), true); //syslog(134, "2:" . $REDIRECT_PROJ . ":" . $HTTP_HOST); // Load the internationalization library include_once "/home/webapps/i18n/classes/header.php"; $langlist = array("en"=>"English", "de"=>"Deutsch", "es"=>"EspaƱol"); $filelist = array(); header("Content-Security-Policy: frame-ancestors 'self';"); $protected_projects = array("websql"=>1, "stats"=>1, "competitive"=>1); if(array_key_exists($REDIRECT_PROJ, $protected_projects) || strstr($REDIRECT_FN, "adm/")) { if($HTTP_HOST=="secure1.securityspace.com") { $auth_tokens = array("p0"=>"1416c725f94bd3399ff85e280e9bfb11"); // PROD } else { $auth_tokens = array("p0"=>"1416c725f94bd3399ff85e280e9bfb11"); // non-PROD } $authnumber = 0; $authtimeout = 0; if (!isset($_SERVER['PHP_AUTH_USER'])) { header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="websql'.$authnumber.'"'); exit('This page requires authentication'); } if($_SERVER['PHP_AUTH_USER']!="admin" || hash('ripemd128',$_SERVER['PHP_AUTH_PW'])!=$auth_tokens["p".$authnumber]) { header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="websql'.$authnumber.'"'); exit('Unauthorized!'); } } // Block catid.html if not logged in. if(strstr($REDIRECT_FN, "catid.html")) { if (!array_key_exists('asaut', $_COOKIE) || strlen($_COOKIE['asaut'])<10) { render404(); exit; } } // Survey has some legacy garbage floating around, handle it first if($REDIRECT_PROJ=="s_survey") { if (!array_key_exists('asaut', $_COOKIE) || strlen($_COOKIE['asaut'])<10) { render404(); exit; } if(strstr($REDIRECT_FN, "/")) { if(strstr($REDIRECT_FN, "sdata/")) { $fn = "/home/webapps/data/s_survey/shtml/" . str_replace("sdata/", "", $REDIRECT_FN); if(!is_file($fn)) { $fn = $fn . "/index.html"; if(!is_file($fn)) { $fn = "/home/webapps/sspace/html.en/indexredir.html"; } } header("Content-Type: text/html; charset=utf-8"); include_once $fn; } else { // Our data directories contain a couple of gifs, specifically // in the man.YYYYMM dirs. If we find one here, make sure the // appropriate header is spit out and then dump out the data if(strstr($REDIRECT_FN, ".gif")) { header ("Content-type: image/gif"); readfile("/home/webapps/data/s_survey/html/" . str_replace("data/", "", $REDIRECT_FN)); } else { $fn = "/home/webapps/data/s_survey/html/" . str_replace("data/", "", $REDIRECT_FN); if(!is_file($fn)) { $fn = $fn . "/index.html"; if(!is_file($fn)) { $fn = "/home/webapps/sspace/html.en/indexredir.html"; } } header("Content-Type: text/html; charset=utf-8"); include_once $fn; } } exit; } } // Quick rewrite for DNS dynamic updates. if($REDIRECT_PROJ=="nic" && $REDIRECT_FN=="update") { $REDIRECT_PROJ = "dns"; $REDIRECT_FN = "dynamic.html"; } $preferred = "/home/webapps/$REDIRECT_PROJ/html.$REDIRECT_I18N/".$REDIRECT_FN; // If we have version control built into the javascript files for cache busting, // break that out now, but also, issue a long lived header. if(preg_match("/^(.*)\.(v[0-9]+\.[0-9a-z]+)\.js$/", $preferred, $m)) { header("Cache-Control: public,max-age=864000"); // 10 days // syslog(134, "Javascript $preferred redirected to " . $m[1] . ".js"); $preferred = $m[1] . ".js"; } // Now, either we're going to the preferred file, or the english file. If neither exist, // send them to our home page. if(!is_file($preferred)) { $preferred = "/home/webapps/$REDIRECT_PROJ/html.en/$REDIRECT_FN"; if(!is_file($preferred)) { syslog(134, "Probable attack from [$REMOTE_ADDR]. File [$preferred] requested."); render404(); exit; } } if(substr($REDIRECT_FN, -4)==".txt") { header("Content-Type: text/plain; charset=utf-8"); } else if(substr($REDIRECT_FN, -4)==".pdf") { $fp = fopen($preferred, 'rb'); header("Content-Type: application/pdf"); header("Content-Length: " . filesize($preferred)); // dump the pdf file fpassthru($fp); exit; } else if(substr($REDIRECT_FN, -4)==".ppt") { $fp = fopen($preferred, 'rb'); header("Content-Type: application/powerpoint"); header("Content-Length: " . filesize($preferred)); // dump the pdf file fpassthru($fp); exit; } else if(substr($REDIRECT_FN, -3)==".js") { header("Content-Type: application/javascript"); } else if(substr($REDIRECT_FN, -4)==".css") { header("Content-Type: text/css"); } else { header("Content-Type: text/html; charset=utf-8"); } include_once $preferred; ?>