. */ session_start(); $ip=''; if(isset($_SESSION['logged']) AND $_SESSION['logged']==true OR isset($_SESSION['pubviewer']) AND $_SESSION['pubviewer']==true) { if(isset($_GET['ip'])) { $ip=$_GET['ip']; } elseif(isset($_SESSION['server_ip'])) { $ip=$_SESSION['server_ip']; } $name=str_replace("\\","",$_REQUEST['name']); $name=str_replace("/","",$name); if(str_replace('icon_', '', $name)==100 OR str_replace('icon_', '', $name)==200 OR str_replace('icon_', '', $name)==300 OR str_replace('icon_', '', $name)==500 OR str_replace('icon_', '', $name)==600) { $path='../icons/'; } else { $path='../icons/'.$ip.'-'.$_GET['port'].'/'; } $mime=getimagesize($path.$name); if(strpos($mime['mime'], "image")===false) { die('error'); } else { header('Content-type: '.$mime['mime']); echo file_get_contents($path.$name); } } else { echo "The file can not be executed alone."; } ?>