mirror/provision_sccp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Renamed variable $path to $config

Browse Source 
Concatenate paths instead of depending on absolute ones
Format debug output
This commit is contained in:
Diederik de Groot
2018-03-15 15:27:36 +01:00
parent e7c4915e11
commit 4ca4b70b22
2 changed files with 46 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tftpboot/index.cnf
View File

@@ -1,11 +1,13 @@
[main]
tftp = /tftpboot
;firmware = /tftpboot/firmware
;settings = /tftpboot/settings
;wallpapers = /tftpboot/wallpapers
;ringtones = /tftpboot/ringtones
;locales = /tftpboot/locales
;countries = /tftpboot/locales/countries
;languages = /tftpboot/locales/languages
;deflanguages = /tftpboot/locales/languages/English_United_States
;debug = on ; The output in the browser window for more information
debug = on ; The output in the browser window for more information
tftproot = /tftpboot
;firmware = firmware
;settings = settings
;wallpapers = wallpapers
;ringtones = ringtones
;locales = locales
;countries = locales/countries
;languages = locales/languages
;default_language = English_United_States

63
tftpboot/index.php
View File

@@ -9,12 +9,21 @@
$ini_array = parse_ini_file('index.cnf');
if (!empty($ini_array)) {
foreach ($ini_array as $key => $value) {
$path[$key] = $value;
$config[$key] = $value;
}
}
$path['tftp'] = (!empty($path['tftp'])) ? $path['tftp'] : '/tftpboot';
$print_debug = (!empty($path['debug'])) ? $path['debug'] : 'off';
if (empty($config['firmware'])) { $config['firmware'] = 'firmware';}
if (empty($config['settings'])) {$config['settings'] = 'settings';}
if (empty($config['wallpapers'])) {$config['wallpapers'] = 'wallpapers';}
if (empty($config['ringtones'])) {$config['ringtones'] = 'ringtones';}
if (empty($config['locales'])) {$config['locales'] = 'locales';}
if (empty($config['countries'])) {$config['countries'] = 'countries';}
if (empty($config['languages'])) {$config['languages'] = 'languages';}
if (empty($config['default_language'])) {$config['default_language'] = $config['languages']. 'English_United_States';}
$config['tftproot'] = (!empty($config['tftproot'])) ? $config['tftproot'] : '/tftpboot';
$print_debug = (!empty($config['debug'])) ? $config['debug'] : 'off';
$print_debug = ($print_debug == 1) ? 'on' : $print_debug;
$request = $_REQUEST;
@@ -27,22 +36,18 @@ $fw_suffix = array('.bin', '.loads', '.sbn', '.sb2', '.sbin', '.zz', '.zup');
$ringtones_list = array('distinctive.xml', 'ringlist.xml');
if (empty($path['firmware'])) { $path['firmware'] = $path['tftp']. '/firmware';}
if (empty($path['settings'])) {$path['settings'] = $path['tftp']. '/settings';}
if (empty($path['wallpapers'])) {$path['wallpapers'] = $path['tftp']. '/wallpapers';}
if (empty($path['ringtones'])) {$path['ringtones'] = $path['tftp']. '/ringtones';}
if (empty($path['locales'])) {$path['locales'] = $path['tftp']. '/locales';}
if (empty($path['countries'])) {$path['countries'] = $path['tftp']. '/locales/countries';}
if (empty($path['languages'])) {$path['languages'] = $path['tftp']. '/locales/languages';}
if (empty($path['deflanguages'])) {$path['deflanguages'] = $path['languages']. '/English_United_States';}
$locale_list = array('-dictionary.', 'dictionary-ext.', '-dictionary.utf-8.', '-kate.xml', '-font.xml', '-font.dat','-tones.xml',
'be-sccp.jar', 'tc-sccp.jar', 'td-sccp.jar', 'ipc-sccp.jar', 'mk-sccp.jar', '_locale.loads', 'i-button-help.xml');
if ($print_debug == 'on') {
print_r('<br> Init Pach: <br>');
print_r($path);
print_r('<br> Request: <br>');
print_r("<br> Config:<pre>");
print_r($config);
print("</pre>");
print_r("<br> Request:<br><pre>");
print_r($request);
print("</pre>");
}
$req_file_full_path = '' ;
if (!empty($req_file)) {
@@ -53,22 +58,22 @@ if (!empty($req_file)) {
$orig_req_file_name = end($req_data_ar);
$req_file_name = $orig_req_file_name;
if (strpos('.sgn;', strtolower($orig_req_file_name).';') !== FALSE) { // handle signed files
if (strpos('.sgn;', strtolower($orig_req_file_name).';') !== FALSE) { // handle signed files
$signed = TRUE;
$req_file_name = basename($orig_req_file_name, '.sgn'); // strip signed part
$req_file_name = basename($orig_req_file_name, '.sgn'); // strip signed part
}
if (file_exists($path['tftp'].'/'.$orig_req_file_name)) // prevent "/../...//" browsing - (eliminate back door)
if (file_exists($config['tftproot'].'/'.$req_file_name)) // prevent "/../...//" browsing - (eliminate back door)
{
$req_file_full_path = $path['tftp'].'/'.$req_file_name;
$req_file_full_path = $config['tftproot'].'/'.$req_file_name;
}
else
{
$tmp_file = explode('.', $req_file_name);
if (strpos_array($req_file_name, $fw_suffix,'any') !== FALSE) { // Firmware file was requested
$firmware_list = find_all_files($path['firmware']);
if (strpos_array($req_file_name, $fw_suffix,'any') !== FALSE) { // Firmware file was requested
$firmware_list = find_all_files($config['tftproot'].'/'.$config['firmware']);
$pos2 = strpos_array($firmware_list, $req_file_name, 'any'); // case unsensitive
if ($pos2 !== FALSE) { // Request Firmware
$req_file_full_path = $firmware_list[$pos2];
@@ -81,37 +86,37 @@ if (!empty($req_file)) {
//if (strpos_array($req_file_name, $settings_suffix, 'any') !== FALSE) { // Request Settings
if (strpos(strtolower($req_file_name), '.cnf.xml') !== FALSE) { // Request Settings
$tmp_file = $path['settings'].'/'.$req_file_name;
$tmp_file = $config['tftproot'].'/'.$config['settings'].'/'.$req_file_name;
}
else if (strpos(strtolower($req_file), '/desktops/') !== FALSE) { // Request Wallpapers
$tmp_file = $path['wallpapers'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
$tmp_file = $config['tftproot'].'/'.$config['wallpapers'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
}
else if (strpos_array($ringtones_list, $req_file_name, 'any') !== FALSE) { // Request RingTones
$tmp_file = $path['ringtones'].'/ringlist.xml';
$tmp_file = $config['tftproot'].'/'.$config['ringtones'].'/ringlist.xml';
}
else if (strpos_array($req_file, $locale_list, 'any') !== FALSE) { // Request Languages
if (!empty($req_data_ar[$req_data_len-1])) {
$tmp_file = $path['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
$tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
} else {
$tmp_file = $path['deflanguages'].'/'. $req_file_name;
$tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'.$config['default_language'].'/'. $req_file_name;
}
}
/*
else if (strpos(strtolower($req_file), '-tones.xml') !== FALSE) { // Request Countries
$tmp_file = $path['countries'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
$tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['countries'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
}
else if (strpos(strtolower($req_file), '-dictionary.') !== FALSE) { // Request Countries
$tmp_file = $path['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
$tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
}
else if (strpos_array($req_file, $locale_list, 'any') !== FALSE) { // Request Languages
$tmp_file = $path['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
$tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
}
else if (strpos(strtolower($req_file), '-dictionary.jar') !== FALSE) { // Request Countries
$tmp_file = $path['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
$tmp_file = $config['tftproot'].'/'.$config['locales'].'/'.$config['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
}
*/
if ($print_debug == 'on'){ print_r('<br>File : '. $req_file_name. ' not found.<br>');}