summaryrefslogtreecommitdiff
path: root/doc/www.powerfulproxy.com/public_html/do_it.php
diff options
context:
space:
mode:
authorNick <nick@somerandomnick.ano>2011-05-11 05:30:41 +0000
committerNick <nick@somerandomnick.ano>2011-05-11 05:30:41 +0000
commitce951043c47a3bf383f02c72865bacd175a98baf (patch)
treeacc27de2df53420e1fe80f8eeba163ca1a1eea21 /doc/www.powerfulproxy.com/public_html/do_it.php
parentdabc763736c79d86784004a85af9c889960f55c8 (diff)
downloadresdb-ce951043c47a3bf383f02c72865bacd175a98baf.tar.gz
resdb-ce951043c47a3bf383f02c72865bacd175a98baf.zip
added host and IP verification to powerfulproxy
Diffstat (limited to 'doc/www.powerfulproxy.com/public_html/do_it.php')
-rw-r--r--doc/www.powerfulproxy.com/public_html/do_it.php3
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/www.powerfulproxy.com/public_html/do_it.php b/doc/www.powerfulproxy.com/public_html/do_it.php
index 20ac8de..0a5fedb 100644
--- a/doc/www.powerfulproxy.com/public_html/do_it.php
+++ b/doc/www.powerfulproxy.com/public_html/do_it.php
@@ -9,6 +9,9 @@ if (count($pall) <= 1) die('Unexpected path format');
array_shift($pall);
$proto = array_shift($pall);
$host = array_shift($pall);
+$hostparts = explode('.', $host);
+if (ip2long(long2ip($host))===$host) if ($hostparts[0]!='1') die('Bad IP');
+if (!preg_match("/ano|ntwrk$/",array_pop($hostparts))) die('Bad host');
$path = implode('/', $pall);
array_pop($pall);
$rp = implode('/', $pall);