<html>
<head>
<?php    
$src = $_GET["src"];

    if(!$src){
        $source = "source.php3";
    }else{
        $source = $src;

        # hopefully this will keep some of the script kiddies out...
        if(ereg("//",$source) || ereg("\.\.",$source)){
            $source = "source.php3";
        }else{
            $source = ereg_replace("^\/","",$source);
            $source = ereg_replace("/$","/index.php3",$source);
            $source = ereg_replace("\.\.\/","",$source);
            $source = ereg_replace("\.\.","",$source);
            $source = ereg_replace("//","",$source);
            $source = ereg_replace("[^-A-Za-z0-9./]","",$source);
        }
    }
    $title = "Source of http://david.weekly.org/".$source;
?>
<title><?php echo $title; ?></title>
</head>
<body bgcolor=#efefff>
<font face=trebuchet,arial,helvetica>
<font size=+2><?php echo $title; ?></font>
<?php if($src) { ?>
    <br>
    (<A href="/source.php3">here's how i print the source</a>
     | <a href="/copyright.php3">the copyright</a>)
<?php } ?>
<p>


<?php show_source($source); ?>
</font>
</body>
</html>