Merge pull request #67 from PhilippMundhenk/PhilippMundhenk-patch-1

pedropombeiro · web-flow · commit 3ee8580fb50e · 2025-02-16T17:33:06.000+01:00
added PHP7 support
diff --git a/html/download.php b/html/download.php
@@ -2,7 +2,17 @@
 if ($_SERVER['REQUEST_METHOD'] == 'GET') {
         if(array_key_exists("file", $_GET)) {
                 $file = $_GET["file"];
-                if(str_contains($file, "..") || str_contains($file, "/")) {
+                $evil = false;
+                if (!function_exists('str_contains')) {
+                        if(strpos($file, "..") !== false || strpos($file, "/") !== false) {
+                                $evil=true;
+                        }
+                } else {
+                        if(str_contains($file, "..") || str_contains($file, "/")) {
+                                $evil=true;
+                        }
+                }
+                if($evil === true) {
                         header($_SERVER["SERVER_PROTOCOL"] . " 400 OK");
                         die("Error: Dont't be evil!");
                 }
@@ -20,4 +30,4 @@
                 die("Error: No file provided!");
         }
 }
-?>
+?>
