[Phaos] PHP view source class.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
R4000
Forum Contributor
Posts: 168
Joined: Wed Mar 08, 2006 12:50 pm
Location: Cambridge, United Kingdom

[Phaos] PHP view source class.

Post by R4000 »

Hey all, i have another quick request.

Could somebody possibley help me finish this class.

Basicly it is a file called source_view.class.php
that allows your to do:

Code: Select all

$source = new sourceView("file.php");
$source->viewSource();
And it will print a pretty source of the php file, with line numbers and everything.

So far i have:

Code: Select all

class sourceView {
  var $_file = "";
  function sourceView($file){
    $this->_file = $file;
  }
  function _checkPathSafe(){
    // NEED TO HAVE A NICE LITTLE THING TO MAKE SURE THE PATH IS SAFE..
    if(file_exists($this->_file)) return true;
    return false;
  }
  function viewSource(){
    if(!$this->_file || !$this->_checkPathSafe()) exit;
    echo "<table id=\"source_view\"><tr><td width=\"30\"><code>";
    for ($i = 1; $i <= count(file($this->_file)); $i++) echo $i.".<br>";
    echo "</code></td><td><code>";
    highlight_file($this->_file);
    echo "</code></td></tr></table>";    
  }
}
I just need to mod the _checkPathSafe so it only allows files in the directory or beneath the same as sourceview.php
so:

Code: Select all

$source->viewSource("../blah.php"); => fails.
$source->viewSource("/usr/..."); => fails.
$source->viewSource("./file.php"); => works.
$source->viewSource("file.php"); => works.
$source->viewSource("folder/subfolder/anotherfolder/file.php"); => works.
$source->viewSource("./folder/subfolder/anotherfolder/file.php"); => works.
Any tips?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I'd look up Geshi ;)
User avatar
R4000
Forum Contributor
Posts: 168
Joined: Wed Mar 08, 2006 12:50 pm
Location: Cambridge, United Kingdom

Post by R4000 »

Okay, did do, looks nice... gonna use it.

but have you any idea to do the path thing? cause i dont wanna open my system up to hack0rz xD
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

realpath() and compard to getcwd()
Post Reply