diff options
Diffstat (limited to 'rrd.php')
| -rw-r--r-- | rrd.php | 11 |
1 files changed, 9 insertions, 2 deletions
| @@ -4,7 +4,13 @@ require_once 'conf/common.inc.php'; | |||
| 4 | require_once 'inc/functions.inc.php'; | 4 | require_once 'inc/functions.inc.php'; |
| 5 | require_once 'inc/html.inc.php'; | 5 | require_once 'inc/html.inc.php'; |
| 6 | 6 | ||
| 7 | if ( $file = validateRRDPath($CONFIG['datadir'], urldecode($_SERVER["QUERY_STRING"])) ) { | 7 | $path = filter_input(INPUT_GET, 'path'); |
| 8 | if (!$path) { | ||
| 9 | // legacy option: rrd.php?some.host/load/load.rrd | ||
| 10 | $path = urldecode(filter_input(INPUT_SERVER, 'QUERY_STRING')); | ||
| 11 | } | ||
| 12 | |||
| 13 | if ( $file = validateRRDPath($CONFIG['datadir'], $path) ) { | ||
| 8 | header('Content-Type: application/octet-stream'); | 14 | header('Content-Type: application/octet-stream'); |
| 9 | header('Content-Disposition: attachment; filename='.basename($file)); | 15 | header('Content-Disposition: attachment; filename='.basename($file)); |
| 10 | header("Expires: " .date(DATE_RFC822,strtotime($CONFIG['cache']." seconds"))); | 16 | header("Expires: " .date(DATE_RFC822,strtotime($CONFIG['cache']." seconds"))); |
| @@ -15,10 +21,11 @@ if ( $file = validateRRDPath($CONFIG['datadir'], urldecode($_SERVER["QUERY_STRIN | |||
| 15 | header('HTTP/1.0 403 Forbidden'); | 21 | header('HTTP/1.0 403 Forbidden'); |
| 16 | 22 | ||
| 17 | html_start(); | 23 | html_start(); |
| 24 | $html_weburl = htmlentities($CONFIG['weburl']); | ||
| 18 | echo <<<EOT | 25 | echo <<<EOT |
| 19 | <fieldset id="forbidden"> | 26 | <fieldset id="forbidden"> |
| 20 | <legend>forbidden</legend> | 27 | <legend>forbidden</legend> |
| 21 | <p><a href="{$CONFIG['weburl']}">Return home...</a></p> | 28 | <p><a href="{$html_weburl}">Return home...</a></p> |
| 22 | </fieldset> | 29 | </fieldset> |
| 23 | 30 | ||
| 24 | EOT; | 31 | EOT; |