handle cert request better
This commit is contained in:
parent
60656f444d
commit
90fd17c089
|
@ -17,16 +17,18 @@ if(isset($_SERVER['TLS_CLIENT_HASH'])) {
|
|||
?>
|
||||
<?php
|
||||
|
||||
if($client!="") {
|
||||
$fp=fopen("count.txt", "r");
|
||||
$count=fgets($fp);
|
||||
$count=substr($count, 0, -1);
|
||||
$hash=fgets($fp);
|
||||
$hash=substr($hash, 0, -1);
|
||||
fclose($fp);
|
||||
$fp=fopen("count.txt", "r");
|
||||
$count=fgets($fp);
|
||||
$count=substr($count, 0, -1);
|
||||
$hash=fgets($fp);
|
||||
$hash=substr($hash, 0, -1);
|
||||
fclose($fp);
|
||||
|
||||
if($client!="") {
|
||||
if($query!="") {
|
||||
if($query=="go") {
|
||||
if($query=="cert") {
|
||||
echo "30 counter.php\r\n";
|
||||
} else if($query=="count") {
|
||||
echo "10 please enter your number\r\n";
|
||||
} else {
|
||||
if($query==$count+1) {
|
||||
|
@ -35,9 +37,6 @@ if($client!="") {
|
|||
fwrite($fp, $client."\n");
|
||||
fclose($fp);
|
||||
echo "30 counter.php\r\n";
|
||||
# echo "20 text/gemini\r\n";
|
||||
# echo "$query $count\n";
|
||||
# echo "foo\n";
|
||||
} else {
|
||||
echo "20 text/gemini\r\n";
|
||||
?>
|
||||
|
@ -65,7 +64,7 @@ The last count was <?=$count?> by <?=$hash?>
|
|||
|
||||
If you want to count, click here
|
||||
|
||||
=> counter.php?go
|
||||
=> counter.php?count
|
||||
|
||||
<?php
|
||||
}
|
||||
|
@ -76,8 +75,9 @@ If you want to count, click here
|
|||
?>
|
||||
# The counting game
|
||||
|
||||
To get started please provide your cert here
|
||||
=> counter.php?go
|
||||
To get started please provide your cert
|
||||
(the current number is <?=$count?>)
|
||||
=> counter.php?cert
|
||||
<?php
|
||||
} else {
|
||||
echo "60 please identify yourself\r\n";
|
||||
|
|
|
@ -14,6 +14,11 @@ if(isset($_SERVER['PATH_INFO'])) {
|
|||
$path="";
|
||||
}
|
||||
|
||||
# avoid path traversal
|
||||
if(preg_match("/[^0-9a-f]/", $path)) {
|
||||
$path="";
|
||||
}
|
||||
|
||||
?>
|
||||
<?php
|
||||
|
||||
|
@ -29,7 +34,7 @@ if($path!="") {
|
|||
}
|
||||
} else {
|
||||
if($query!="") {
|
||||
if($query=="1") {
|
||||
if($query=="1" || $query="1=") {
|
||||
echo "10 please enter your paste text\r\n";
|
||||
} else {
|
||||
$r=md5(mt_rand());
|
||||
|
|
Loading…
Reference in New Issue
Block a user