2006 // filter URI path $uri='.'.$_SERVER['REQUEST_URI']; if(!preg_match('/^\.\/DL\/[A-Z]+\/[A-Z]+\/[A-Z0-9_-]+\.HTML$/',$uri)) exit; // check if real path is still within document directory $securedir=realpath($_SERVER['DOCUMENT_ROOT'].'/fileadmin/user_upload'); if(!$securedir) exit; $file=realpath($uri); if(strpos($file,$securedir)!==0) exit; $inject='' .'
'; // $inject="\nDiese Seite drucken"; echo preg_replace('/]*>/i','$0'.$inject,file_get_contents($file)); exit; ?>