/
help.php
71 lines (59 loc) · 2.18 KB
/
help.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
// $Id$
//
// Authors:
// Jeff Buchbinder <jeff@freemedsoftware.org>
//
// FreeMED Electronic Medical Record and Practice Management System
// Copyright (C) 1999-2013 FreeMED Software Foundation
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include_once ( 'lib/freemed.php' );
error_reporting ( );
set_error_handler("help_standard_error_handler");
unset ( $parts ); unset ( $file );
$parts = explode ( '/', $_SERVER['PATH_INFO'] );
$ui = $parts[1];
$locale = !empty($parts[2]) ? $parts[2] : "en_US";
// Check for sanitized parameters
if (!preg_match("/^[[:alpha:]]+$/", $ui) || !preg_match("/^[[:alpha:]_]+$/", $locale)) {
print "Hack attempt.\n";
die();
}
$path = str_replace ( $parts[0].'/'.$parts[1].'/'.$parts[2], '', $_SERVER['PATH_INFO'] );
// Strip leading slash if it exists ...
if ( substr( $path, 0, 1 ) == '/' ) {
$path = substr ( $path, - (strlen($path)-1) );
}
$fullpath = dirname(__FILE__)."/ui/${ui}/help/${locale}/${path}";
if ( file_exists( $fullpath . "." . $locale . ".html" ) ) {
$fullpath .= "." . $locale . ".html";
}
if ( !file_exists( $fullpath ) ) {
print "Help index ${path} not present.";
exit;
}
readfile( $fullpath );
//----------------- Functions ----------------------------------------------
function help_standard_error_handler ($no, $str, $file, $line, $context = '') {
switch ($no) {
case E_USER_ERROR:
die('
<div style="border: 1px solid #000000; background-color: #ffff00; color: #000000; font-family: sans-serif; padding: 1em; font-size: 8pt;">'.$str.'</div>
');
break;
}
}
?>