diff --git a/index.php b/index.php index 03765dd..71ed918 100644 --- a/index.php +++ b/index.php @@ -30,23 +30,18 @@ define('WHITELIST_FILE', __DIR__ . '/whitelist.txt'); /* Create a file named 'DEBUG' for enabling debug mode. - For further security, you may put whitelisted IP addresses - in the 'DEBUG' file, one IP per line. Empty file allows anyone(!). - Debugging allows displaying PHP error messages and bypasses the cache: this can allow a malicious - client to retrieve data about your server and hammer a provider throught your rss-bridge instance. + For further security, you may put whitelisted IP addresses in the file, + one IP per line. Empty file allows anyone(!). + Debugging allows displaying PHP error messages and bypasses the cache: this + can allow a malicious client to retrieve data about your server and hammer + a provider throught your rss-bridge instance. */ if(file_exists('DEBUG')) { - $debug_enabled = true; $debug_whitelist = trim(file_get_contents('DEBUG')); - if(strlen($debug_whitelist) > 0) { - $debug_enabled = false; - foreach(explode("\n", $debug_whitelist) as $allowed_ip) { - if(trim($allowed_ip) === $_SERVER['REMOTE_ADDR']) { - $debug_enabled = true; - break; - } - } - } + + $debug_enabled = empty($debug_whitelist) + || in_array($_SERVER['REMOTE_ADDR'], explode("\n", $debug_whitelist)); + if($debug_enabled) { ini_set('display_errors', '1'); error_reporting(E_ALL);