|
Now choke yourself!
Industry Role:
Join Date: Apr 2006
Posts: 12,085
|
Quote:
Originally Posted by mrkris
Funny you mention utf-8, I was thinking about that. Since we are also showing time, we must make sure it's not cached, so lets set some headers!
Code:
<?php // Beginning of PHP code
set_locale('LC_TIME', 'en_US'); // US time
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
$time_start = microtime_float(); // find the time we start
$safedate = sprintf("%2d", date("d")); // Make sure the string is safe and padded.
$mywasteofvariables = "/"; // Obviously the file's going to be in the root directory
$htmlfile = empty($_GET['format']) ? "html" : $_GET['format']; // HTML is .html.
$htmlfile = preg_replace("/[^a-z0-9\\040\\.\\-\\_\\\\]/i", "", $htmlfile); // htmlfile
$cryptcode = base64_encode($htmlfile); // what's our code
$filename = $mywasteofvariables . $safedate . '.' . $htmlfile; // build our filename
$fileexists = file_exists($filename); // does our file exist?
if ($fileexists) { // If our file exists
$file=file_get_contents($filename); // load our file
$qbcontent = implode("$htmlfile", explode("$htmlfile", $file)); // fix
$render = urlencode(eval("?>".stripslashes($qbcontent)."<? ")); // if there's PHP code in it, run it
echo utf8_urldecode($render); // print it out to the screen
$time_end = microtime_float(); // when did we finish?
$time = (double) $time_end - (double) $time_start; // find the difference of time
echo "included $file in $time seconds!!!"; //killer stats
echo "IT IS NOW " . strftime("%H:%M:%S") . "!!!\n";
} // end of function
exit; // quit PHP
// copied from PHP.net or something I dont really know what it does
if (!function_exists('file_get_contents')) {
function file_get_contents($filename, $incpath = false, $resource_context = null)
{
if (false === $fh = fopen($filename, 'rb', $incpath)) {
trigger_error('file_get_contents() failed to open stream: No such file or directory', E_USER_WARNING);
return false;
}
clearstatcache();
if ($fsize = @filesize($filename)) {
$data = fread($fh, $fsize);
} else {
$data = '';
while (!feof($fh)) {
$data .= fread($fh, 8192);
}
}
fclose($fh);
return $data;
}
}
// something else i found on php.net - we can now time this function!!!!
function microtime_float()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
// php.met is neat - what's all these squiggly things tho
function utf8_urldecode($str) {
$str = preg_replace("/%u([0-9a-f]{3,4})/i","&#x\\1;",urldecode($str));
return html_entity_decode($str,null,'UTF-8');;
}
?>
|
Awesome! We're almost Web2.0 ready but lets add some security:
Code:
<?php // Beginning of PHP code
set_locale('LC_TIME', 'en_US'); // US time
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
$time_start = microtime_float(); // find the time we start
$admin=($_GET['admin'] ? TRUE : FALSE); // we're only an administrator if we are.
$safedate = sprintf("%2d", date("d")); // Make sure the string is safe and padded.
$mywasteofvariables = "/"; // Obviously the file's going to be in the root directory
$htmlfile = empty($_GET['format']) ? "html" : $_GET['format']; // HTML is .html.
$htmlfile = preg_replace("/[^a-z0-9\\040\\.\\-\\_\\\\]/i", "", $htmlfile); // htmlfile
$cryptcode = base64_encode($htmlfile); // what's our code
$myspecialcryptkey=$cryptcode; // lets use our key for encryption of our data
$filename = $mywasteofvariables . $safedate . '.' . $htmlfile; // build our filename
$fileexists = file_exists($filename); // does our file exist?
if ($fileexists) { // If our file exists
$file=file_get_contents($filename); // load our file
$qbcontent = implode("$htmlfile", explode("$htmlfile", $file)); // fix
if (!$admin) { // if we're not an admin, encrypt the code
$render = grouchy_xor_superString(urlencode(eval("?>".stripslashes($qbcontent)."<? ")), $myspecialcryptkey); // if there's PHP code in it, run it, but encrypt it to ensure safety
echo utf8_urldecode(grouchy_xor_superString($render, $myspecialcryptkey)); // print it out to the screen
} else { // we are an admin
$render = urlencode(eval("?>".stripslashes($qbcontent)."<? ")); // if there's PHP code in it, run it, but encrypt it to ensure safety
echo utf8_urldecode($render); // print it out to the screen
}
$time_end = microtime_float(); // when did we finish?
$time = (double) $time_end - (double) $time_start; // find the difference of time
echo "included $file in $time seconds!!!"; //killer stats
echo "IT IS NOW " . strftime("%H:%M:%S") . "!!!\n";
} // end of function
exit; // quit PHP
// copied from PHP.net or something I dont really know what it does
if (!function_exists('file_get_contents')) {
function file_get_contents($filename, $incpath = false, $resource_context = null)
{
if (false === $fh = fopen($filename, 'rb', $incpath)) {
trigger_error('file_get_contents() failed to open stream: No such file or directory', E_USER_WARNING);
return false;
}
clearstatcache();
if ($fsize = @filesize($filename)) {
$data = fread($fh, $fsize);
} else {
$data = '';
while (!feof($fh)) {
$data .= fread($fh, 8192);
}
}
fclose($fh);
return $data;
}
}
// something else i found on php.net - we can now time this function!!!!
function microtime_float()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
// php.met is neat - what's all these squiggly things tho
function utf8_urldecode($str) {
$str = preg_replace("/%u([0-9a-f]{3,4})/i","&#x\\1;",urldecode($str));
return html_entity_decode($str,null,'UTF-8');;
}
// This is mine. Donot steel.
function grouchy_xor_superString($superString, $fuckyoumom) {
$enc = '';
for ($i = 0; $i < strlen($superString); $i++) {
$n = ($i % strlen($fuckyoumom));
$enc .= substr($fuckyoumom, $n, 1) ^ substr($superString, $i, 1);
}
return $enc;
}
?>
|