Newer
Older
KmSchedule / print.php
<!DOCTYPE html>
<?php
define('KmSchedule','KmSchedule');
  include("config.php");

  if(isset($_GET['file'])){$file = $_GET['file'];}else{$file = "";}


?>
<html lang="en" dir="ltr">
  <head>
    <meta charset="utf-8">
    <title><?= $siteName ?></title>
    <link rel="stylesheet" href="css/printcss.css">
  </head>

  <body>
    <?php
      if ($file!="" && file_exists($privateRoot.'schedules/'.$file.'.html')) {
        $filePath = $privateRoot.'schedules/'.$file.'html';
        $path_parts = pathinfo($filePath);

        // check that the filepath is indeed in the schedules directory
        // help prevent ../../../.. attacks
        if ($path_parts['dirname'] == $privateRoot.'schedules') {
          readfile($privateRoot.'schedules/'.$file.'.html');
        }else {
          echo "Something went wrong";
        }
      }else {
        echo "Something went wrong";
      }
    ?>
  </body>
</html>