Unable to get file from GET request
Posted: Fri Aug 27, 2004 4:38 am
I have this code that will retrieve HTML files from a common folder, some checks are perfomed to ensure that only certain directories and files are allowed to be included in the main index.php file.
What's happening now is that after I've added some new HTML files into the common folder and I "attempt" to load those new files, I would get a FILE NOT FOUND error.
I've adjusted the acceptable pages array and made sure that the files are indeed in the correct directories but no luck....
What's happening now is that after I've added some new HTML files into the common folder and I "attempt" to load those new files, I would get a FILE NOT FOUND error.
I've adjusted the acceptable pages array and made sure that the files are indeed in the correct directories but no luck....
Code: Select all
<?php
$acceptable_pages = array(
'index',
'view',
'post',
'registerbuyer',
'registerseller',
'search',
'stories',
'form',
'submitted',
'cafe',
'playroom',
'theatre',
'artloft',
'servicearea',
'internetstations',
'workbays',
'news40',
's60',
's60r',
's80',
'v50',
'v70',
'c70',
'xc70',
'xc90',
'exteriorcarcare',
'interiorcarcare',
'batterycare',
'engineoil',
'coolantmixture',
'wipermaintenance',
'bookaservice',
'bookaserviceform',
'bookaservicesubmitted',
'servicepromotions',
'servicepromotions01',
'servicepromotions02',
'xmas2003',
'eve1',
'clothing',
'accessories',
'stationery',
'gifts',
'sportsleisure',
'scalemodels',
'volvooceanrace',
'wallpapersnews40',
'wallpaperss60',
'wallpaperss80',
'wallpapersv50',
'wallpapersv70',
'wallpapersc70',
'wallpapersxc70',
'wallpapersxc90',
'commercials',
'commercial01',
'commercial02',
'commercial03',
'films',
'pda',
'15k',
'30k',
'45k',
'60k',
'75k',
'90k',
'105k',
'120k',
'135k',
'150k',
'165k',
'180k',
'195k',
'210k',
'225k',
'240k',
'255k',
'270k',
'285k',
'300k',
'termsandconditions'
);
$acceptable_subdirs = array(
'index',
'aboutsmmotors',
'companylocation',
'facilities',
'salesconsultants',
'serviceconsultants',
'careers',
'carguide',
'safetytips',
'aftersalesservice',
'maintenanceservice',
'carreviews',
'whatcustomerssay',
'rental',
'lifestylemerchandise',
'preownedvolvos',
'events',
'survivorsclub',
'messageboard',
'contests',
'downloads',
'sendecard',
'subscribe'
);
$acceptable_dirs = array(
'home',
'smmotors',
'volvo',
'forlife',
'sitemap',
'contactus',
'privacypolicy',
'recommend'
);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script language="javascript">
if (screen.width > 800 || screen.height > 600)
{document.write('<link rel="stylesheet" type="text/css" media="screen, projection" href="/css/screenNormal.css" />');}
else {document.write('<link rel="stylesheet" type="text/css" media="screen, projection" href="/css/screen800.css" />');}
</script>
<noscript>
<link rel="stylesheet" type="text/css" media="screen, projection" href="/css/screenNormal.css" />
</noscript>
<link rel="stylesheet" type="text/css" media="print" href="/css/print.css" />
<style type="text/css" media="screen">
<!--
/* IE/Mac Only Styles
----------------------------------------------- */
/*\*//*/
@import "/css/screenNormal.css";
/**/
-->
</style>
<?php /**/
$subdir = $_REQUEST[ 'subdir' ];
if ($subdir=="aftersalesservice" or "downloads") echo "<script type="text/javascript" src="/js/nav.js"></script>";
?>
</head>
<body <?php $dir = $_REQUEST[ 'dir' ]; if ( in_array( $dir, $acceptable_dirs ) ) { print "id="$dir""; } else { print "id="404""; } ?>>
<div id="wrapper">
<div id="header">
<h1>
<a href="/" title="title"><span>link text</span></a>
<img id="logo" src="/images/logo.gif" width="153" height="21" alt="Logo" />
</h1>
</div>
<?php
$subdir = $_REQUEST[ 'subdir' ];
?>
<div class="reset"><!-- --></div>
<div id="maincontent">
<div id="maincontent2">
<div id="realcontent">
<?php /**/
foreach($_REQUEST as $key => $val){
echo "$key => $val\n";
}
$dir = $_REQUEST[ 'dir' ];
$subdir = $_REQUEST[ 'subdir' ];
$page = $_REQUEST[ 'page' ];
if ( in_array( $page, $acceptable_pages ) && in_array( $subdir, $acceptable_subdirs ) && in_array( $dir, $acceptable_dirs ) )
{
@require_once($_SERVER["DOCUMENT_ROOT"]. "/includes/$dir/$subdir/$page.html");
}
else
{
@require_once($_SERVER["DOCUMENT_ROOT"]. "/includes/404.php");
}
?>
</div>
<div class="reset"><!-- --></div>
</div>
</div>
</div>
</body>
</html>
?>