. */ /** * @brief Script called by an ajax object to return the content of a javascript file * * Script called by an ajax object to return the content of a javascript file * * @file * @author Claire Figueras * @date $date$ * @version $Revision$ * @ingroup apps */ header('content-type: text/javascript'); if (empty($_REQUEST['scripts'])) { echo ''; exit(); } $authorizedPaths = ['change_doctype.js']; $arr_scripts = explode('$$', $_REQUEST['scripts']); for ($i=0; $i '') { $arr_scripts[$i] = str_replace("\\", "", $arr_scripts[$i]); $arr_scripts[$i] = str_replace("/", "", $arr_scripts[$i]); $arr_scripts[$i] = str_replace("..", "", $arr_scripts[$i]); if (in_array($arr_scripts[$i], $authorizedPaths)) { $arr_scripts[$i] = 'modules/templates/js/' . $arr_scripts[$i]; } echo file_get_contents($arr_scripts[$i]); } } exit();