handle cert request better

capsule/cgi-bin/counter.php

@@ -17,16 +17,18 @@ if(isset($_SERVER['TLS_CLIENT_HASH'])) {
 ?>
 <?php
 
-if($client!="") {
-  $fp=fopen("count.txt", "r");
-  $count=fgets($fp);
-  $count=substr($count, 0, -1);
-  $hash=fgets($fp);
-  $hash=substr($hash, 0, -1);
-  fclose($fp);
+$fp=fopen("count.txt", "r");
+$count=fgets($fp);
+$count=substr($count, 0, -1);
+$hash=fgets($fp);
+$hash=substr($hash, 0, -1);
+fclose($fp);
 
+if($client!="") {
   if($query!="") {
-    if($query=="go") {
+    if($query=="cert") {
+      echo "30 counter.php\r\n";
+    } else if($query=="count") {
       echo "10 please enter your number\r\n";
     } else {
       if($query==$count+1) {
@@ -35,9 +37,6 @@ if($client!="") {
 	fwrite($fp, $client."\n");
 	fclose($fp);
 	echo "30 counter.php\r\n";
-#        echo "20 text/gemini\r\n";
-#	echo "$query $count\n";
-#	echo "foo\n";
       } else {
         echo "20 text/gemini\r\n";
 ?>
@@ -65,7 +64,7 @@ The last count was <?=$count?> by <?=$hash?>
 
 If you want to count, click here
 
-=> counter.php?go
+=> counter.php?count
 
 <?php
     }
@@ -76,8 +75,9 @@ If you want to count, click here
 ?>
 # The counting game
 
-To get started please provide your cert here
-=> counter.php?go
+To get started please provide your cert
+(the current number is <?=$count?>)
+=> counter.php?cert
 <?php
   } else {
     echo "60 please identify yourself\r\n";

capsule/cgi-bin/paste.php

@@ -14,6 +14,11 @@ if(isset($_SERVER['PATH_INFO'])) {
   $path="";
 }
 
+# avoid path traversal
+if(preg_match("/[^0-9a-f]/", $path)) {
+  $path="";
+}
+
 ?>
 <?php
 
@@ -29,7 +34,7 @@ if($path!="") {
   }
 } else {
 if($query!="") {
-  if($query=="1") {
+  if($query=="1" || $query="1=") {
     echo "10 please enter your paste text\r\n";
   } else {
     $r=md5(mt_rand());