[geeklog-cvs] Geeklog-1.x/public_html/fckeditor/editor/filemanager/connectors/php upload.php, 1.2, 1.3
Dirk Haun
dhaun at qs1489.pair.com
Tue Sep 2 15:02:49 EDT 2008
Update of /cvsroot/geeklog/Geeklog-1.x/public_html/fckeditor/editor/filemanager/connectors/php
In directory qs1489.pair.com:/tmp/cvs-serv85011/public_html/fckeditor/editor/filemanager/connectors/php
Modified Files:
upload.php
Log Message:
Prevent direct execution of the FCKeditor upload script (reported by t0pP8uZz)
Index: upload.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/fckeditor/editor/filemanager/connectors/php/upload.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** upload.php 5 May 2008 00:35:25 -0000 1.2
--- upload.php 2 Sep 2008 19:02:46 -0000 1.3
***************
*** 23,26 ****
--- 23,30 ----
*/
+ if (strpos($_SERVER['PHP_SELF'], 'upload.php') !== false) {
+ die('This file can not be used on its own!');
+ }
+
require('./config.php') ;
require('./util.php') ;
More information about the geeklog-cvs
mailing list