*/
//define('DRUPAL_ROOT', '/var/www/html');
+// If you need to enable debugging, uncomment this line and set a unique key.
+// Then, add a debug_key parameter to your GET string matching this key.
+// define('AD_DEBUG_KEY', 'CHANGE_ME_BEFORE_UNCOMMENTING');
+
/**
* The main adserve logic.
*/
if (!isset($variables->loaded) || $variable == 'variable_load') {
if ($variable == 'variable_load' && isset($value)) {
$values['debug'] = isset($value['debug']) ? $value['debug'] : '';
+ $values['debug_key'] = isset($value['debug_key']) ? $value['debug_key'] : '';
$values['c'] = isset($value['adcache']) ? $value['adcache'] : '';
$values['n'] = isset($value['nids']) ? $value['nids'] : '';
$values['t'] = isset($value['tids']) ? $value['tids'] : '';
$values['k'] = isset($value['hostid']) ? $value['hostid'] : '';
$values['q'] = isset($value['quantity']) ? $value['quantity'] : 1;
$values['m'] = isset($value['ad_display']) ? $value['ad_display'] : 0;
- unset($value);
}
else {
$values = $_GET;
}
+ // Don't trust the GET parameter for 'debug' unless the debugging key
+ // matches.
+ if (!(defined('AD_DEBUG_KEY') && $values['debug_key'] == AD_DEBUG_KEY && isset($values['debug']))) {
+ $values['debug'] = '';
+ }
+ unset($value);
+
// Don't use getcwd as path may involve symbolic links
$variables->ad_dir = dirname($_SERVER['SCRIPT_FILENAME']);
// 'debug' is an integer.
if ($variables->debug) {
foreach ($variables as $variable => $val) {
- echo "$variable: '$val'<br />\n";
+ echo "$variable: '" . htmlspecialchars($val) . "'<br />\n";
}
if ($variables->debug == 1) exit;
}
foreach ($conf as $var => $val) {
$variables->$var = $val;
if ($variables->debug) {
- echo "Override $var: '$val'<br />\n";
+ echo "Variable $var was overridden by value in settings.php.<br />\n";
}
}
$overridden = TRUE;
echo "Dumping \$variables:<br />\n";
echo '<pre>';
foreach ($variables as $var => $val) {
- echo " $var($val)<br />\n";
+ echo " $var(" . htmlspecialchars($val) . ")<br />\n";
}
echo '</pre>';
}
projects / project/ad.git / commitdiff