From 4ca4b70b2260e58431737f4d8e57a0cf78254b97 Mon Sep 17 00:00:00 2001
From: Diederik de Groot <dkgroot@talon.nl>
Date: Thu, 15 Mar 2018 15:27:36 +0100
Subject: [PATCH] Renamed variable $path to $config Concatenate paths instead
 of depending on absolute ones Format debug output

---
 tftpboot/index.cnf | 22 ++++++++--------
 tftpboot/index.php | 63 +++++++++++++++++++++++++---------------------
 2 files changed, 46 insertions(+), 39 deletions(-)

diff --git a/tftpboot/index.cnf b/tftpboot/index.cnf
index b6f1788..fd91003 100644
--- a/tftpboot/index.cnf
+++ b/tftpboot/index.cnf
@@ -1,11 +1,13 @@
 [main]
-tftp = /tftpboot
-;firmware = /tftpboot/firmware
-;settings = /tftpboot/settings
-;wallpapers = /tftpboot/wallpapers
-;ringtones = /tftpboot/ringtones
-;locales = /tftpboot/locales
-;countries = /tftpboot/locales/countries
-;languages = /tftpboot/locales/languages
-;deflanguages = /tftpboot/locales/languages/English_United_States
-;debug = on ; The output in the browser window for more information
\ No newline at end of file
+debug = on ; The output in the browser window for more information
+
+tftproot = /tftpboot
+
+;firmware = firmware
+;settings = settings
+;wallpapers = wallpapers
+;ringtones = ringtones
+;locales = locales
+;countries = locales/countries
+;languages = locales/languages
+;default_language = English_United_States
diff --git a/tftpboot/index.php b/tftpboot/index.php
index ad3df0a..7607245 100644
--- a/tftpboot/index.php
+++ b/tftpboot/index.php
@@ -9,12 +9,21 @@
 $ini_array = parse_ini_file('index.cnf');
 if (!empty($ini_array)) {
     foreach ($ini_array as $key => $value) {
-        $path[$key] = $value;
+        $config[$key] = $value;
     }
 }
 
-$path['tftp'] = (!empty($path['tftp'])) ? $path['tftp'] : '/tftpboot';
-$print_debug = (!empty($path['debug'])) ? $path['debug'] : 'off';
+if (empty($config['firmware'])) 	{ $config['firmware'] = 'firmware';}
+if (empty($config['settings'])) 	{$config['settings'] = 'settings';}
+if (empty($config['wallpapers'])) 	{$config['wallpapers'] = 'wallpapers';}
+if (empty($config['ringtones'])) 	{$config['ringtones'] = 'ringtones';}
+if (empty($config['locales'])) 		{$config['locales'] = 'locales';}
+if (empty($config['countries'])) 	{$config['countries'] = 'countries';}
+if (empty($config['languages'])) 	{$config['languages'] = 'languages';}
+if (empty($config['default_language']))	{$config['default_language'] = $config['languages']. 'English_United_States';}
+
+$config['tftproot'] = (!empty($config['tftproot'])) ? $config['tftproot'] : '/tftpboot';
+$print_debug = (!empty($config['debug'])) ? $config['debug'] : 'off';
 $print_debug = ($print_debug == 1) ? 'on' : $print_debug;
 
 $request = $_REQUEST;
@@ -27,22 +36,18 @@ $fw_suffix = array('.bin', '.loads', '.sbn', '.sb2', '.sbin', '.zz', '.zup');
 
 $ringtones_list = array('distinctive.xml', 'ringlist.xml');
 
-if (empty($path['firmware'])) { $path['firmware'] = $path['tftp']. '/firmware';}
-if (empty($path['settings'])) {$path['settings'] = $path['tftp']. '/settings';}
-if (empty($path['wallpapers'])) {$path['wallpapers'] = $path['tftp']. '/wallpapers';}
-if (empty($path['ringtones'])) {$path['ringtones'] = $path['tftp']. '/ringtones';}
-if (empty($path['locales'])) {$path['locales'] = $path['tftp']. '/locales';}
-if (empty($path['countries'])) {$path['countries'] = $path['tftp']. '/locales/countries';}
-if (empty($path['languages'])) {$path['languages'] = $path['tftp']. '/locales/languages';}
-if (empty($path['deflanguages'])) {$path['deflanguages'] = $path['languages']. '/English_United_States';}
 $locale_list = array('-dictionary.', 'dictionary-ext.', '-dictionary.utf-8.', '-kate.xml', '-font.xml', '-font.dat','-tones.xml',
                      'be-sccp.jar', 'tc-sccp.jar', 'td-sccp.jar', 'ipc-sccp.jar', 'mk-sccp.jar', '_locale.loads', 'i-button-help.xml');
+
 if ($print_debug == 'on') {
-    print_r('<br> Init Pach: <br>');
-    print_r($path);
-    print_r('<br> Request: <br>');
+    print_r("<br> Config:<pre>");
+    print_r($config);
+    print("</pre>");
+    print_r("<br> Request:<br><pre>");
     print_r($request);
+    print("</pre>");
 }
+
 $req_file_full_path = '' ;
 
 if (!empty($req_file)) {
@@ -53,22 +58,22 @@ if (!empty($req_file)) {
     $orig_req_file_name = end($req_data_ar);
     $req_file_name = $orig_req_file_name;
     
-    if (strpos('.sgn;', strtolower($orig_req_file_name).';') !== FALSE) {	// handle signed files
+    if (strpos('.sgn;', strtolower($orig_req_file_name).';') !== FALSE) {		// handle signed files
         $signed = TRUE;
-        $req_file_name = basename($orig_req_file_name, '.sgn');			// strip signed part
+        $req_file_name = basename($orig_req_file_name, '.sgn');				// strip signed part
     }
 
         
-    if (file_exists($path['tftp'].'/'.$orig_req_file_name))					// prevent "/../...//" browsing - (eliminate back door)
+    if (file_exists($config['tftproot'].'/'.$req_file_name))				// prevent "/../...//" browsing - (eliminate back door)
     {
-        $req_file_full_path = $path['tftp'].'/'.$req_file_name;
+        $req_file_full_path = $config['tftproot'].'/'.$req_file_name;
     } 
     else 
     { 
         $tmp_file = explode('.', $req_file_name);
         
-        if (strpos_array($req_file_name, $fw_suffix,'any') !== FALSE) {		// Firmware file was requested
-            $firmware_list = find_all_files($path['firmware']);
+        if (strpos_array($req_file_name, $fw_suffix,'any') !== FALSE) {			// Firmware file was requested
+            $firmware_list = find_all_files($config['tftproot'].'/'.$config['firmware']);
             $pos2 = strpos_array($firmware_list, $req_file_name, 'any'); 		// case unsensitive
             if ($pos2 !== FALSE) { 							// Request Firmware 
                 $req_file_full_path = $firmware_list[$pos2];
@@ -81,37 +86,37 @@ if (!empty($req_file)) {
 
             //if (strpos_array($req_file_name, $settings_suffix, 'any') !==  FALSE) { 	// Request Settings
             if (strpos(strtolower($req_file_name), '.cnf.xml') !==  FALSE) {		// Request Settings
-                $tmp_file = $path['settings'].'/'.$req_file_name;
+                $tmp_file = $config['tftproot'].'/'.$config['settings'].'/'.$req_file_name;
             }
             else if (strpos(strtolower($req_file), '/desktops/') !== FALSE) { 		// Request Wallpapers
-                $tmp_file = $path['wallpapers'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
+                $tmp_file = $config['tftproot'].'/'.$config['wallpapers'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
             }
             else if (strpos_array($ringtones_list, $req_file_name, 'any') !== FALSE) {	// Request RingTones
-                $tmp_file = $path['ringtones'].'/ringlist.xml';
+                $tmp_file = $config['tftproot'].'/'.$config['ringtones'].'/ringlist.xml';
             } 
             else if (strpos_array($req_file, $locale_list, 'any') !== FALSE) { 		// Request Languages
                 if (!empty($req_data_ar[$req_data_len-1])) {
-                    $tmp_file = $path['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
+                    $tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
                 } else {
-                    $tmp_file = $path['deflanguages'].'/'. $req_file_name;
+                    $tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'.$config['default_language'].'/'. $req_file_name;
                 }
             }
             
 /*
             else if (strpos(strtolower($req_file), '-tones.xml') !== FALSE) { 		// Request Countries
-                $tmp_file = $path['countries'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
+                $tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['countries'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
             }
  
             else if (strpos(strtolower($req_file), '-dictionary.') !== FALSE) { 		// Request Countries
-                $tmp_file = $path['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
+                $tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
             }
 
             else if (strpos_array($req_file, $locale_list, 'any') !== FALSE) { 		// Request Languages
-                $tmp_file = $path['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
+                $tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
             }
 
             else if (strpos(strtolower($req_file), '-dictionary.jar') !== FALSE) { 	// Request Countries
-                $tmp_file = $path['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
+                $tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
             }
 */
             if ($print_debug == 'on'){ print_r('<br>File : '. $req_file_name. ' not found.<br>');}