1 --- util.c.old 2009-06-04 11:05:41.000000000 +0200
2 +++ util.c 2009-06-05 13:23:17.000000000 +0200
4 ** Purpose: Various utility routines used by cgiwrap
8 #include "cgiwrap.h" /* Headers for all CGIwrap source files */
12 int len = strlen(string);
13 int elen = strlen(ending);
15 - if ( len >= elen && !strncmp(string + len - elen, ending, elen) )
16 + if ( len >= elen && !strncasecmp(string + len - elen, ending, elen) )
24 + * Check Mime Magic to determine if file is really a php script, Bartosz Swiatek 04.06.2009
27 +int FileMagicSaysItsPHP(char *file)
29 + magic_t magic_filed;
30 + magic_filed = magic_open(MAGIC_ERROR);
31 + magic_load(magic_filed , NULL);
32 + if(magic_filed == NULL)
34 + const char *ftype = magic_file(magic_filed , file);
35 + const char *stype = "PHP script text";
36 + int len = strlen(stype);
37 + int cmp = strncmp(ftype,stype,len);
38 + DEBUG_Str(" FileMagicSysItsPHP ftype=", ftype );
39 + DEBUG_Str(" FileMagicSysItsPHP stype=", stype );
40 + DEBUG_Int(" FileMagicSysItsPHP strncmp=", cmp);
41 + magic_close(magic_filed);
46 * Check if a path is safe to use
47 * Return true if 'path' contains any whitespace or non-printables
48 * Return true if 'path' contains '../'
49 --- cgiwrap.c.old 2009-05-18 15:58:53.000000000 +0200
50 +++ cgiwrap.c 2009-06-05 13:18:20.000000000 +0200
52 StringEndsWith(scriptPath, ".php") ||
53 StringEndsWith(scriptPath, ".php3") ||
54 StringEndsWith(scriptPath, ".php4") ||
55 - StringEndsWith(scriptPath, ".phtml") )
56 + StringEndsWith(scriptPath, ".php5") ||
57 + StringEndsWith(scriptPath, ".php6") ||
58 + StringEndsWith(scriptPath, ".php7") ||
59 + StringEndsWith(scriptPath, ".htm") ||
60 + StringEndsWith(scriptPath, ".html") ||
61 + StringEndsWith(scriptPath, ".phtml") ||
62 + !FileMagicSaysItsPHP(scriptPath))
64 Context.interpreted_script = 1;
65 interPath = PATH_PROG_PHP;