diff options
| author | RaindropsSys <raindrops@equestria.dev> | 2024-01-01 22:06:37 +0100 |
|---|---|---|
| committer | RaindropsSys <raindrops@equestria.dev> | 2024-01-01 22:06:37 +0100 |
| commit | 356196cc01ceee49ca650ffcba14fe6b8b6d3007 (patch) | |
| tree | 6b2894e08afd2781db6797de91b42493b1c84b53 /router.php | |
| parent | 603c7fe54d0a214231de7d2392dff17550e2a827 (diff) | |
| download | starshine-356196cc01ceee49ca650ffcba14fe6b8b6d3007.tar.gz starshine-356196cc01ceee49ca650ffcba14fe6b8b6d3007.tar.bz2 starshine-356196cc01ceee49ca650ffcba14fe6b8b6d3007.zip | |
Updated 22 files, added 146 files and deleted .DS_Store (automated)
Diffstat (limited to 'router.php')
| -rw-r--r-- | router.php | 10 |
1 files changed, 7 insertions, 3 deletions
@@ -32,18 +32,22 @@ if (isset($parts[0])) { } else { error(404); } + } elseif ($parts[0] === "warrant" || $parts[0] === "pubkey") { + header("Content-Type: text/plain"); + header("Content-Length: " . filesize($_SERVER['DOCUMENT_ROOT'] . "/" . $parts[0])); + readfile($_SERVER['DOCUMENT_ROOT'] . "/" . $parts[0]); } else { global $realLang; - if (ctype_alpha($parts[0])) { - if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lang/" . $parts[0] . ".json")) { + if (preg_match("/[a-zA-Z_\-\d]/m", $parts[0])) { + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lang/" . $parts[0] . ".json") && $parts[0] !== "package" && $parts[0] !== "package-lock") { $realLang = $parts[0]; $resourcePathParts = array_values(array_filter(array_slice($parts, 1), function ($i) { return !str_contains($i, ".."); })); - if (isset($resourcePathParts[0]) && ($resourcePathParts[0] === "includes" || str_starts_with($resourcePathParts[0], ".") || $resourcePathParts[0] === "version")) { + if (isset($resourcePathParts[0]) && ($resourcePathParts[0] === "includes" || str_starts_with($resourcePathParts[0], ".") || $resourcePathParts[0] === "version" || $resourcePathParts[0] === "annoucement" || $resourcePathParts[0] === "warrantgen.js")) { error(403); } |