Compare commits
2 Commits
1d03eee56e
...
25bac47c3e
| Author | SHA1 | Date | |
|---|---|---|---|
| 25bac47c3e | |||
| 7b4b4306a6 |
|
|
@ -1,6 +1,6 @@
|
||||||
# Comics Viewer
|
# Comics Viewer
|
||||||
|
|
||||||
This small project provides a web based viewer for comics in the CBZ and CBR formats.
|
This small project provides a web based viewer for comics in the CBZ and CBR formats. Bear in mind that much of the code in this project is **very** old and has had lots of "just get it working" updates over the decades (not kidding) to keep up with changing PHP API requirements. It is *sooooo* not pretty (but should be *safe*).
|
||||||
|
|
||||||
## This project requires
|
## This project requires
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,16 +5,18 @@ require '../header.php';
|
||||||
require_login();
|
require_login();
|
||||||
|
|
||||||
if ( isset($_REQUEST['comic']) ) {
|
if ( isset($_REQUEST['comic']) ) {
|
||||||
$comic = makePathSafe(base64_decode(urldecode(($_REQUEST['comic']))));
|
$comicfull = realpath(COMICSDIR . base64_decode(urldecode($_REQUEST['comic'])));
|
||||||
$comicfull = COMICSDIR . $comic;
|
if ( $comicfull === false ) exit();
|
||||||
|
if ( substr($comicfull, 0, strlen(COMICSDIR)) != COMICSDIR ) exit();
|
||||||
|
$comic = substr($comicfull, strlen(COMICSDIR));
|
||||||
$comicoutputurl = "comics" . str_replace("#", "", $comic) . "/";
|
$comicoutputurl = "comics" . str_replace("#", "", $comic) . "/";
|
||||||
$comicoutputfull = "../" . EXTRACTSDIR . str_replace("#", "", $comic) . "/";
|
$comicoutputfull = "../" . EXTRACTSDIR . str_replace("#", "", $comic) . "/";
|
||||||
} else {
|
} else {
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
$ext = strtolower(substr($comic, -3));
|
$ext = strtolower(substr($comicfull, -3));
|
||||||
$_SESSION['comfile'] = basename($comic);
|
$_SESSION['comfile'] = basename($comicfull);
|
||||||
|
|
||||||
$data = array();
|
$data = array();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,8 +5,9 @@ require 'header.php';
|
||||||
require_login();
|
require_login();
|
||||||
|
|
||||||
if ( isset($_REQUEST['comic']) ) {
|
if ( isset($_REQUEST['comic']) ) {
|
||||||
$comic = makePathSafe(base64_decode(urldecode(($_REQUEST['comic']))));
|
$comicfull = realpath(COMICSDIR . base64_decode(urldecode($_REQUEST['comic'])));
|
||||||
$comicfull = COMICSDIR . $comic;
|
if ( $comicfull === false ) exit();
|
||||||
|
if ( substr($comicfull, 0, strlen(COMICSDIR)) != COMICSDIR ) exit();
|
||||||
} else {
|
} else {
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,30 +5,6 @@ function microtime_float() {
|
||||||
return ((float)$usec + (float)$sec);
|
return ((float)$usec + (float)$sec);
|
||||||
}
|
}
|
||||||
|
|
||||||
function makePathSafe($path = "") {
|
|
||||||
if ( $path == "" ) return "";
|
|
||||||
// Stick forward slashes on the ends to make matching more consistent
|
|
||||||
$path = "/" . $path . "/";
|
|
||||||
// Remove all instances of dots between forward slashes
|
|
||||||
while ( preg_match("/\/\.{0,}\//", $path) ) {
|
|
||||||
$path = preg_replace("/\/\.{0,}\//", "/", $path);
|
|
||||||
}
|
|
||||||
// Replace all instances of two consecutive forward slashes
|
|
||||||
while ( strpos($path, "//") !== false ) {
|
|
||||||
$path = str_replace("//", "/", $path);
|
|
||||||
}
|
|
||||||
// Remove all leading forward slashes
|
|
||||||
while ( substr($path, 0, 1) == '/' ) {
|
|
||||||
$path = substr($path, 1);
|
|
||||||
}
|
|
||||||
// Remove all trailing forward slashes
|
|
||||||
while ( substr($path, -1) == '/' ) {
|
|
||||||
$path = substr($path, 0, strlen($path)-1);
|
|
||||||
}
|
|
||||||
$path = "/" . $path;
|
|
||||||
return $path;
|
|
||||||
}
|
|
||||||
|
|
||||||
function makeThumb($item = "") {
|
function makeThumb($item = "") {
|
||||||
if ( $item == "" ) { return false; }
|
if ( $item == "" ) { return false; }
|
||||||
if ( is_dir($item) ) {
|
if ( is_dir($item) ) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user