From b2e09c54f5d8ae2c7f4695588644195a2b14cf80 Mon Sep 17 00:00:00 2001
From: Christophe HENRY <christophe.henry@sbgodin.fr>
Date: Thu, 18 Mar 2021 15:55:49 +0100
Subject: [PATCH] FIX empty 404 and source file access

An empty existing file triggered 404 error.

It was possible to get the source of any file (including .php).
---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index e30f66c..57af85c 100644
--- a/index.php
+++ b/index.php
@@ -53,7 +53,7 @@ $fileContents = @file_get_contents($filePath);
 
 
 ######################################## 404 page
-if (empty($fileContents)) {
+if (!file_exists($filePath) || !preg_match("/\.gmi$/", $url)) {
     error_log("HtmGem: 404 $url $filePath");
     http_response_code(404); ?>
 <!DOCTYPE html>