licensing
--- USER SIDE ---
[index.php]
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<?php
$providerdir = "http://www.example.com/licensing/"; // De URL naar de script-provider
$escape_arr = array();
for ($i = 0; $i < 33; $i++) {
$escapearr[] = chr($i);
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$files = file($providerdir . "/index.inc");
for ($i = 0; $i < count($files); $i++) {
$files[$i] = str_replace($escapearr,"",$files[$i]);
$file = file($providerdir . "?get_file=" . $files[$i] . "&id=" . $_POST["id"]);
if ($file[0] != "Error: Unlicensed") {
$filearr = explode("/", $files[$i]);
if (count($filearr) > 1) {
$filedir = $filearr[0];
for ($k = 1; $k < count($filearr) - 1; $k++) {
$filedir .= $filearr[$k];
}
if (!file_exists($filedir)) {
mkdir($filedir);
}
}
$fh = fopen($files[$i], "w");
for ($j = 0; $j < count($file); $j++) {
fwrite($fh, $file[$j]);
}
fclose($fh);
echo("Notice: copied " . $files[$i] . " succesfully<br />\n");
}
else {
echo("Error: Unlicensed<br />\n");
}
}
}
else {
echo("<form method=\"post\" action=\"" . $_SERVER["PHP_SELF"] . "\"><input type=\"text\" name=\"id\"><input type=\"submit\" value=\"Submit\"></form>");
}
?>
$providerdir = "http://www.example.com/licensing/"; // De URL naar de script-provider
$escape_arr = array();
for ($i = 0; $i < 33; $i++) {
$escapearr[] = chr($i);
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$files = file($providerdir . "/index.inc");
for ($i = 0; $i < count($files); $i++) {
$files[$i] = str_replace($escapearr,"",$files[$i]);
$file = file($providerdir . "?get_file=" . $files[$i] . "&id=" . $_POST["id"]);
if ($file[0] != "Error: Unlicensed") {
$filearr = explode("/", $files[$i]);
if (count($filearr) > 1) {
$filedir = $filearr[0];
for ($k = 1; $k < count($filearr) - 1; $k++) {
$filedir .= $filearr[$k];
}
if (!file_exists($filedir)) {
mkdir($filedir);
}
}
$fh = fopen($files[$i], "w");
for ($j = 0; $j < count($file); $j++) {
fwrite($fh, $file[$j]);
}
fclose($fh);
echo("Notice: copied " . $files[$i] . " succesfully<br />\n");
}
else {
echo("Error: Unlicensed<br />\n");
}
}
}
else {
echo("<form method=\"post\" action=\"" . $_SERVER["PHP_SELF"] . "\"><input type=\"text\" name=\"id\"><input type=\"submit\" value=\"Submit\"></form>");
}
?>
[/index.php]
--- PROVIDER SIDE ---
[index.php]
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?php
$ids = array("123456789"); // kan vervangen worden met een id-array uit de db
$lines = array();
$fh = fopen("index.inc", "r");
while(!feof($fh)) {
$line = fgets($fh);
$line = trim($line);
if($line != "") {
$lines[] = $line;
}
}
fclose($fh);
for ($i = 0; $i < count($lines); $i++) {
if ($lines[$i] == $_GET["get_file"]) {
$ok = true;
$get_file = $lines[$i];
}
}
if ($ok == true && in_array($_GET["id"], $ids)) {
$fh = fopen("files/" . $get_file, "r");
while(!feof($fh)) {
$line = fgets($fh);
$line = trim($line);
echo($line . "\n");
}
fclose($fh);
}
else {
echo("Error: Unlicensed");
}
?>
$ids = array("123456789"); // kan vervangen worden met een id-array uit de db
$lines = array();
$fh = fopen("index.inc", "r");
while(!feof($fh)) {
$line = fgets($fh);
$line = trim($line);
if($line != "") {
$lines[] = $line;
}
}
fclose($fh);
for ($i = 0; $i < count($lines); $i++) {
if ($lines[$i] == $_GET["get_file"]) {
$ok = true;
$get_file = $lines[$i];
}
}
if ($ok == true && in_array($_GET["id"], $ids)) {
$fh = fopen("files/" . $get_file, "r");
while(!feof($fh)) {
$line = fgets($fh);
$line = trim($line);
echo($line . "\n");
}
fclose($fh);
}
else {
echo("Error: Unlicensed");
}
?>
[/index.php]
[index.inc]
echo.php
[/index.inc]
[files/.htaccess]
order allow,deny
deny from all
[/files/.htaccess]
[files/echo.php]
[/files/echo.php]