View unparsed PHP code

NOTICE: This PHP script was originally written by Scott Hurring. The original code for this script can be found by clicking here.

<?php 
/* 
    View-source script 
    Will display the source code to any valid URL on a website 
    (except directories listed in $protected)

** Please see 'readme.txt' for more information

@authour Scott Hurring [scott at hurring dot com] 
    @version 1.1 
    @license Free; if you give credit to me

MODIFIED BY: Dave Lauderdale (www.digi-dl.com)

// *ADDED BY D.L.
//  Don't run this code unless form has been processed
if($showIt == "yes")
{

/*
    Your website's document_root 
    Using $GLOBALS['DOCUMENT_ROOT'] should (if using apache) be sufficient. 
    */

// *NOTE BY D.L. 
// If you are using a Micro$oft IIS server then your document root 
// should look something like this:   $DOC_ROOT = "C:\\Inetpub\\wwwroot\\";
// Check with your servers administrator for more details if need be.

$DOC_ROOT = $GLOBALS['DOCUMENT_ROOT'];

/* 
    Protected directories that users aren't allowed to view code in 
    Generally, any directory that contains files with passwords or 
    sensitive information should be excluded.

For example: to protect "http://server.com/protect_me/", enter '/protect_me' in the array below. 
    */

$protected = array( 
    '/protect_me/', 
    );

// --- You probably don't need to edit below this line

// How to present this file (as colorized PHP or plain-text) 
    $type = ($_REQUEST['type'] ? $_REQUEST['type'] : 'color'); 
     
    // The URL requested 
    $url = $_REQUEST['url']; 
    if (!$url) 
        die("You did not request anything!");

// Strip out non-alphanumeric chars 
    $url = preg_replace('![^a-zA-Z0-9\._/-]!', '', $url); 
    // Strip out all double dots 
    $url = preg_replace('(\.\.)', '', $url); 
 
    // What file does this URL point to?   
    $file     = $DOC_ROOT . $url; 
    // Get the "real" path of the requested'd file 
    $real_path    = realpath($file);        // full path 
    // Get just the directory name 
    $dir_name    = dirname($real_path);    // just the directory (leave out filename) 
     
    //print "file=$file<br>\nreal_path=$real_path<br>\ndir_name=$dir_name<br>\n"; 
     
    // Does the URL requested resolve to a valid path on the server? 
    if (!$real_path) 
        die("File does not exist"); 
     
    // Is there a directory part to this request? 
    // If $url is a directory, this test will fail.  This script can only be used 
    // to view individual files -- if $url is a directory, this script will die. 
    if (!is_dir($dir_name)) 
        die("Non-existant or Invalid directory"); 
     
    // Compare the requested file's directory against our list of "protected" directories. 
    // If the req'd file is in one of the these directories, this script will die. 
    //print "requested dir = $dir<BR>"; 
    foreach ($protected as $idir) { 
        $invalid_path = realpath($DOC_ROOT . $idir); 
    //print "compared with bad_dir = $invalid_path<BR>"; 
    if ($dir_name == $invalid_path) 
        die("Invalid directory"); 
    } 
     
    // Now, attempt to resolve where the requested directory is in the document_root 
    $dir_name .= '/'; 
    if (! preg_match("!^{$main->doc_root}!", $dir_name) ) 
        die("Invalid file, not in document root"); 
     
    // Is the file a real file? 
    if (!is_file($real_path)) 
        die("Invalid file, doesn't exist"); 
     
    /* 
    If execution gets here, we've established that the reqeusted 
    URL is a valid file in the document_root and NOT in any 
    of the protected directories.   
     
    So now, a decision is made how to present the requested file. 
    */ 
     
    if ($type == 'plain') { 
    // Mozilla will understand, MSIE will not. 
    header("Content-type: text/plain\n\n"); 
         
    /* 
    MSIE has a real problem coping with Content-Type: and certain other directives 
    and instead will usually try and decide (based on file contents and/or name) 
    what to do with a file... so i'll print out a little note letting people know 
    to click on "View Source" to get the actual code, *NOT* to cut-paste directly 
    from the browser! 
    */ 
    if (preg_match('/MSIE/', $GLOBALS['HTTP_USER_AGENT'])) { 
        $MSIE = 1; 
        print "<font color=red><B>ALERT!! MSIE won't properly handle the".  
        "\"Content-type: text/plain\" directive.<br>\n". 
        "Please do NOT copy the following data directly from the browser window,<br>\n". 
         "because it is not what you want. (MSIE has mangled it).<br>\n". 
        "To get the source code for this document, you must right click <br>\n". 
        "this document and select \"View Source\".</B></font><br><br><br><br><br>\n". 
        "\n\n"; 
    } 
         
    // Get all the lines in the file and print them directly out 
    readfile($real_path); 
     exit; 
    } 
// *ADDED BY D.L.
}

//  Create a userinput form so user can enter the url into a
//  form instead of sending url to script as part of a link
else
{
    echo <<<EOC

<title>View Unparsed PHP code</title>
    </head>
    <body>
    <center>
    <br>
    <p style="font:10pt arial">Enter a URL (relative to document root) below and press submit.
    <br>
    <br>
    <form method=post action=$PHP_SELF>
    <input type=hidden name=showIt value=yes>
    <input type=text name=url value="">
    <input type=submit value=submit>
    </form>
    </body></html>

EOC;
}
?>

<? /*  *ADDED BY D.L.  Don't show the below code if user has not yet submitted the form data */ ?>
<? if($showIt != "yes") exit; ?>

<? /* *MODIFIED BY D.L. */ ?>

</td></tr></table> 
<br>
<br>
<div style="font:11pt arial">

<a href="<? $PHP_SELF ?>">Click here</a> to go back.
</div>

Click here to go back.