diff options
Diffstat (limited to 'bin')
-rw-r--r-- | bin/modcss.php | 88 |
1 files changed, 53 insertions, 35 deletions
diff --git a/bin/modcss.php b/bin/modcss.php index 993153994..3ee1e2310 100644 --- a/bin/modcss.php +++ b/bin/modcss.php @@ -24,46 +24,64 @@ require INSTALL_PATH . 'program/include/iniset.php'; $RCMAIL = rcmail::get_instance(); -$source = ""; -if (!empty($RCMAIL->user->ID) && ($url = preg_replace('/[^a-z0-9.-_\?\$&=%]/i', '', $_GET['u']))) -{ - $a_uri = parse_url($url); - $port = $a_uri['port'] ? $a_uri['port'] : 80; - $host = $a_uri['host']; - $path = $a_uri['path'] . ($a_uri['query'] ? '?'.$a_uri['query'] : ''); +$source = ''; +$error = 'Requires a valid user session and source url'; +if (empty($RCMAIL->user->ID)) { + header('HTTP/1.1 403 Forbidden'); + echo $error; + exit; +} + +$url = preg_replace('/[^a-z0-9.-_\?\$&=%]/i', '', $_GET['u']); +if ($url === null) { + header('HTTP/1.1 403 Forbidden'); + echo $error; + exit; +} - if ($fp = fsockopen($host, $port, $errno, $errstr, 30)) - { - $out = "GET $path HTTP/1.0\r\n"; - $out .= "Host: $host\r\n"; - $out .= "Connection: Close\r\n\r\n"; - fwrite($fp, $out); +$a_uri = parse_url($url); +$port = $a_uri['port'] ? $a_uri['port'] : 80; +$host = $a_uri['host']; +$path = $a_uri['path'] . ($a_uri['query'] ? '?'.$a_uri['query'] : ''); - $header = true; - while (!feof($fp)) - { - $line = trim(fgets($fp, 4048)); - - if ($header && preg_match('/^HTTP\/1\..\s+(\d+)/', $line, $regs) && intval($regs[1]) != 200) - break; - else if (empty($line) && $header) - $header = false; - else if (!$header) - $source .= "$line\n"; - } - fclose($fp); - } +if (!($fp = fsockopen($host, $port, $errno, $errstr, 30))) { + header('HTTP/1.1 500 Internal Server Error'); + echo $error; + exit; } -if (!empty($source)) -{ - header("Content-Type: text/css"); - echo rcmail_mod_css_styles($source, preg_replace('/[^a-z0-9]/i', '', $_GET['c']), $url); +$out = "GET $path HTTP/1.0\r\n"; +$out .= "Host: $host\r\n"; +$out .= "Connection: Close\r\n\r\n"; +fwrite($fp, $out); + +$header = true; +while (!feof($fp)) { + $line = trim(fgets($fp, 4048)); + + if ($header + && preg_match('/^HTTP\/1\..\s+(\d+)/', $line, $regs) + && intval($regs[1]) != 200) { + break; + } else if (empty($line) && $header) { + $header = false; + } else if (!$header) { + $source .= "$line\n"; + } + fclose($fp); } -else { - header("HTTP/1.0 404 Not Found"); - echo "Requires a valid user session and source url"; + +if (!empty($source)) { + header('Content-Type: text/css'); + echo rcmail_mod_css_styles( + $source, + preg_replace('/[^a-z0-9]/i', '', $_GET['c']), + $url + ); + exit; } -?> +header('HTTP/1.0 404 Not Found'); +echo $error; +exit; |