Roxen.git / server / base_server / roxen.pike

version» Context lines:

Roxen.git/server/base_server/roxen.pike:1:   // This file is part of Roxen WebServer.   // Copyright © 1996 - 2004, Roxen IS.   //   // The Roxen WebServer main program.   //   // Per Hedbor, Henrik Grubbström, Pontus Hagland, David Hedbor and others.   // ABS and suicide systems contributed freely by Francesco Chemolli    - constant cvs_version="$Id: roxen.pike,v 1.974 2008/05/07 10:51:29 mast Exp $"; + constant cvs_version="$Id: roxen.pike,v 1.975 2008/05/09 16:23:59 mast Exp $";      //! @appears roxen   //!   //! The Roxen WebServer main program.      // The argument cache. Used by the image cache.   ArgCache argcache;      // Some headerfiles   #define IN_ROXEN
Roxen.git/server/base_server/roxen.pike:4682:    mapping w = Image._decode( data, tocolor );    if( w->image ) return w;    return 0;   }      constant decode_layers = Image.decode_layers;      mapping low_load_image(string f, RequestID id, void|mapping err)   {    string data; -  Stdio.File file; +     if(id->misc->_load_image_called < 5)    {    // We were recursing very badly with the demo module here...    id->misc->_load_image_called++;    if(!(data=id->conf->try_get_file(f, id, 0, 0, 0, err)))    {    // This is a major security hole! It can load any (image) file    // in the low-level file system using the server's user privileges.    //    // file=Stdio.File();
Roxen.git/server/base_server/roxen.pike:4721:    }    }    id->misc->_load_image_called = 0;    if(!data) return 0;    return low_decode_image( data );   }      array(Image.Layer)|mapping load_layers(string f, RequestID id, mapping|void opt)   {    string data; -  Stdio.File file; +     mapping res = ([]);    if(id->misc->_load_image_called < 5)    {    // We were recursing very badly with the demo module here...    id->misc->_load_image_called++;    if(!(data=id->conf->try_get_file(f, id, 0, 0, 0, res)))    {    // This is a major security hole! It can load any (image) file    // in the low-level file system using the server's user privileges.    //