[geeklog-cvs] Geeklog-1.x/system/classes openidhelper.class.php, 1.1, 1.2 sanitize.class.php, 1.8, 1.9 search.class.php, 1.67, 1.68
Dirk Haun
dhaun at qs1489.pair.com
Sun Sep 21 04:37:15 EDT 2008
- Previous message (by thread): [geeklog-cvs] Geeklog-1.x/system lib-admin.php, 1.135, 1.136 lib-comment.php, 1.68, 1.69 lib-custom.php, 1.42, 1.43 lib-custom.php.dist, 1.3, 1.4 lib-database.php, 1.53, 1.54 lib-mbyte.php, 1.20, 1.21 lib-pingback.php, 1.14, 1.15 lib-plugins.php, 1.149, 1.150 lib-security.php, 1.74, 1.75 lib-sessions.php, 1.46, 1.47 lib-story.php, 1.132, 1.133 lib-syndication.php, 1.44, 1.45 lib-trackback.php, 1.51, 1.52 lib-user.php, 1.48, 1.49 lib-webservices.php, 1.43, 1.44
- Next message (by thread): [geeklog-cvs] Geeklog-1.x/plugins/links install_defaults.php, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvsroot/geeklog/Geeklog-1.x/system/classes
In directory qs1489.pair.com:/tmp/cvs-serv33344/system/classes
Modified Files:
openidhelper.class.php sanitize.class.php search.class.php
Log Message:
Fixed protection against direct execution on non-case sensitive file systems
Index: search.class.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/classes/search.class.php,v
retrieving revision 1.67
retrieving revision 1.68
diff -C2 -d -r1.67 -r1.68
*** search.class.php 20 Jul 2008 17:17:09 -0000 1.67
--- search.class.php 21 Sep 2008 08:37:12 -0000 1.68
***************
*** 33,41 ****
// $Id$
! if (strpos ($_SERVER['PHP_SELF'], 'search.class.php') !== false) {
! die ('This file can not be used on its own.');
}
! require_once ($_CONF['path_system'] . 'classes/plugin.class.php');
/**
--- 33,41 ----
// $Id$
! if (strpos(strtolower($_SERVER['PHP_SELF']), 'search.class.php') !== false) {
! die('This file can not be used on its own.');
}
! require_once $_CONF['path_system'] . 'classes/plugin.class.php';
/**
Index: openidhelper.class.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/classes/openidhelper.class.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** openidhelper.class.php 26 May 2007 19:31:59 -0000 1.1
--- openidhelper.class.php 21 Sep 2008 08:37:12 -0000 1.2
***************
*** 3,7 ****
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Geeklog 1.4 |
// +---------------------------------------------------------------------------+
// | openidhelper.class.php |
--- 3,7 ----
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Geeklog 1.5 |
// +---------------------------------------------------------------------------+
// | openidhelper.class.php |
***************
*** 9,16 ****
// | OpenID helper classes |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2007 by the following authors: |
// | |
// | Authors: Choplair - chopinou AT choplair DOT org |
! // | Dirk Haun - dirk AT haun-online DOT de
// +---------------------------------------------------------------------------+
// | |
--- 9,16 ----
// | OpenID helper classes |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2007-2008 by the following authors: |
// | |
// | Authors: Choplair - chopinou AT choplair DOT org |
! // | Dirk Haun - dirk AT haun-online DOT de |
// +---------------------------------------------------------------------------+
// | |
***************
*** 33,37 ****
// $Id$
! if (strpos($_SERVER['PHP_SELF'], 'openidhelper.class.php') !== false) {
die('This file can not be used on its own.');
}
--- 33,37 ----
// $Id$
! if (strpos(strtolower($_SERVER['PHP_SELF']), 'openidhelper.class.php') !== false) {
die('This file can not be used on its own.');
}
Index: sanitize.class.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/classes/sanitize.class.php,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** sanitize.class.php 9 Sep 2006 12:52:06 -0000 1.8
--- sanitize.class.php 21 Sep 2008 08:37:12 -0000 1.9
***************
*** 3,7 ****
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Geeklog 1.4 |
// +---------------------------------------------------------------------------+
// | sanitize.class.php |
--- 3,7 ----
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Geeklog 1.5 |
// +---------------------------------------------------------------------------+
// | sanitize.class.php |
***************
*** 9,13 ****
// | Geeklog data filtering or sanitizing class library. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2002-2006 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
--- 9,13 ----
// | Geeklog data filtering or sanitizing class library. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2002-2008 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
***************
*** 37,42 ****
*/
! if (strpos ($_SERVER['PHP_SELF'], 'sanitize.class.php') !== false) {
! die ('This file can not be used on its own.');
}
--- 37,42 ----
*/
! if (strpos(strtolower($_SERVER['PHP_SELF']), 'sanitize.class.php') !== false) {
! die('This file can not be used on its own.');
}
***************
*** 44,48 ****
* Include the base kses class if not already loaded
*/
! require_once($_CONF['path_system'] . 'classes/kses.class.php');
class sanitize extends kses {
--- 44,48 ----
* Include the base kses class if not already loaded
*/
! require_once $_CONF['path_system'] . 'classes/kses.class.php';
class sanitize extends kses {
- Previous message (by thread): [geeklog-cvs] Geeklog-1.x/system lib-admin.php, 1.135, 1.136 lib-comment.php, 1.68, 1.69 lib-custom.php, 1.42, 1.43 lib-custom.php.dist, 1.3, 1.4 lib-database.php, 1.53, 1.54 lib-mbyte.php, 1.20, 1.21 lib-pingback.php, 1.14, 1.15 lib-plugins.php, 1.149, 1.150 lib-security.php, 1.74, 1.75 lib-sessions.php, 1.46, 1.47 lib-story.php, 1.132, 1.133 lib-syndication.php, 1.44, 1.45 lib-trackback.php, 1.51, 1.52 lib-user.php, 1.48, 1.49 lib-webservices.php, 1.43, 1.44
- Next message (by thread): [geeklog-cvs] Geeklog-1.x/plugins/links install_defaults.php, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the geeklog-cvs
mailing list