Looks safe to me!

[Aaron]

<?php
if(!$file){
   if(isset($_GET['file'])){
       $file = $_GET['file'];
   }
}
function highlight_num($file){
   $lines = implode(range(1, count(file($file))), '<br />');
   $content = highlight_file($file, true);
   echo '
       <style type="text/css">
           .num {float: left;color: gray;font-size: 13px;font-family: monospace;text-align: right;margin-right: 6pt;padding-right: 6pt;border-right: 1px solid gray;}
           body {margin: 0px; margin-left: 5px;}
           td {vertical-align: top;}
           code {white-space: nowrap;}
   </style>';
   echo "<table><tr><td class=\"num\">\n$lines\n</td><td>\n$content\n</td></tr></table>";
}
/* Call on the function via a $_GET */
if(isset($_GET['debug']) && $_GET['debug'] == "num"){ //make it so it has numbered lines.
   highlight_num($file);
   exit;
}
else if(isset($_GET['debug'])){ //default without numbered lines.
   highlight_file($file);
   exit();
}
?>

[RetiredTacos]

okay

[Guest The_Monkey]

So, why did you post this?

 

The code does look fine, except for the fact that we could look at the source of any php file on your server.

[Aaron]

The code does look fine, except for the fact that we could look at the source of any php file on your server.

You are the only person i've seen yet were i've posted this find that.. Thank you! I added that just to see if anyone could find it.

 

And I posted it so people would use it ;D

[Guest The_Monkey]

You are the only person i've seen yet were i've posted this find that.. Thank you! I added that just to see if anyone could find it.

 

And I posted it so people would use it ;D

 

But use it for what? And why do you feel the need to test people?

 

Next thing you are going to do is post stupid forms with SQL injection vulnerabilities. Stop the madness and make a point next time.

[Aaron]

For debugging their code if they aren't able to view line numbers with highlighted code.

 

See the thing was I created that hole without knowing it then I reviewed my code before putting it up and laughed at my self.

[Cr(+)sshair]

I've seen that before.

 

 

Fail is fail.

Edited September 28, 2010 by Cr(+)sshair

[Guest The_Monkey]

For debugging their code if they aren't able to view line numbers with highlighted code.

 

That is a shitty way to debug code...might as well go into your editor and look at the code that way.

 

You would be better off writing a debug class in PHP. I'll provide a screen shot of our class at the college in action.

 

[Cr(+)sshair]

if(!$file){

if(isset($_GET['file'])){

$file = $_GET['file'];

 

LOL WHY WOULD YOU DO THAT?

[Aaron]

I wanted to view any file on my server, and I was writing it at like 3AM. After I looked at it I realized how stupid it was of me for putting that in there.

[Cr(+)sshair]

All I really see is:

 

http://www.dreamincode.net/code/snippet929.htm + http://php.net/manual/en/function.highlight-file.php + maybe / http://pastebin.com/Pqn0wNCd

 

 

But why did you have to post this exact code at two other forums then here? lol

[JessicaJoy]

All I really see is:

 

http://www.dreamincode.net/code/snippet929.htm + http://php.net/manual/en/function.highlight-file.php + maybe / http://pastebin.com/Pqn0wNCd

 

 

But why did you have to post this exact code at two other forums then here? lol

 

oh pz

[Guest The_Monkey]

If you want to view any file on your server...do the following:

 

1. Get an editor (I like jEdit, it runs off of the java run time)

2. Put in FTP credentials, or if directly networked to the server, access it via the file system

3. Open file in editor

4. ????

5. Profit

 

+++++++EDIT++++++++

 

If you have to write code to view the files on your server, UR DOING IT WRONG!

[RetiredTacos]

So I think you need to re-format.

[Aaron]

If you have to write code to view the files on your server, UR DOING IT WRONG!

Say I update a file then later on I find out it has an error and I want to find the line REALLY FAST without having to open Dreamweaver then this would help.

[D3nL]

ITT: guy gets ripped by other coders.

[Guest The_Monkey]

Say I update a file then later on I find out it has an error and I want to find the line REALLY FAST without having to open Dreamweaver then this would help.

 

That right there is an oxymoron.

 

Stop writing PHP in dreamweaver!

 

Use an actual editor, and really fast will be faster than viewing the code in a web browser.

[RetiredTacos]

ITT - Monkey pwnz young coders

[Aaron]

Yes because Dreamweaver isn't an actual editor.

[Bob the Android Penguin]

Notepad++ or GTFO

[Guest The_Monkey]

Notepad++ or GTFO

 

There are other editors out there besides Notepad++, so you GTFO.

 

Dreamweaver is a WYSIWYG more so than an editor.

 

I use jEdit because of it's awesome macro support. I can create a new project on my dev server that will setup all of the base classes and files needed in seconds.

[F4ithl3ss]

You guys are this cool

[YOUTUBE]CLqsdPUfnno[/YOUTUBE]

[enigma#]

Notepad? lol

That's what I use, but it's just for Perl... so nothing special there.

I have Visual Studio 2010 for C++ and other languages (but I don't code, maybe a bit of Vbasic though). Like Monkey said, there are soo many IDEs and editors out there... >.<

Edited September 29, 2010 by enigma#

[Guest The_Monkey]

Like Monkey said, there are soo many IDEs and editors out there... >.<

 

This * 1,000 internets = Script Kiddie MindSplosion