-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapi_includes.php
More file actions
74 lines (61 loc) · 2.89 KB
/
api_includes.php
File metadata and controls
74 lines (61 loc) · 2.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php
/* ────────────────────────────────────────────────────────────────────────── */
/* api_includes.php */
/* ────────────────────────────────────────────────────────────────────────── */
/* ──────── Made with ❤️ by darknetzz @ https://github.com/darknetzz ──────── */
/* ────────────────────────────────────────────────────────────────────────── */
/*
If you have a file named custom_[anything from $include].php,
the custom file will be included instead of the main file.
I did this mostly because I needed to test stuff for myself without git pushing.
*/
try {
$includes = [
'api_base',
'api_endpoints',
'api_keys',
'api_aliases',
];
foreach ($includes as $include) {
# Folder (will replace Custom)
$folder = explode("_", $include)[1];
// Security: Validate folder name to prevent path traversal
if (!preg_match('/^[a-zA-Z0-9_-]+$/', $folder)) {
die("Invalid include folder name: ".htmlspecialchars($folder, ENT_QUOTES, 'UTF-8'));
}
# Custom (will replace Default)
$custom = 'custom_'.$include.'.php';
# Default
$default = $include.'.php';
# Directory with this prefix will be included
if (is_dir($folder)) {
foreach (glob($folder."/*.php") as $file) {
// Security: Verify the file is actually in the expected directory
$realFolder = realpath($folder);
$realFile = realpath($file);
if ($realFile && $realFolder && strpos($realFile, $realFolder) === 0) {
require_once($file);
}
}
# We don't continue here because we want to include the custom file if it exists as well
# Actually, we might want to...
continue;
}
# The custom file will be included instead of the default file
if (file_exists($custom)) {
define('INCLUDE_'.strtoupper($include), $custom);
require_once($custom);
continue;
}
# The default file will be included
if (file_exists($default)) {
define('INCLUDE_'.strtoupper($include), $default);
require_once($default);
continue;
}
die("Failed to include $include<br>");
}
} catch (Exception $e) {
die($e->getMessage());
}
?>