[geeklog-cvs] Geeklog-1.x/public_html/admin auth.inc.php, 1.39, 1.40
Dirk Haun
dhaun at qs1489.pair.com
Sun Sep 21 04:37:11 EDT 2008
Update of /cvsroot/geeklog/Geeklog-1.x/public_html/admin
In directory qs1489.pair.com:/tmp/cvs-serv33344/public_html/admin
Modified Files:
auth.inc.php
Log Message:
Fixed protection against direct execution on non-case sensitive file systems
Index: auth.inc.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/admin/auth.inc.php,v
retrieving revision 1.39
retrieving revision 1.40
diff -C2 -d -r1.39 -r1.40
*** auth.inc.php 9 Mar 2008 17:05:00 -0000 1.39
--- auth.inc.php 21 Sep 2008 08:37:09 -0000 1.40
***************
*** 35,39 ****
// this file can't be used on its own
! if (strpos($_SERVER['PHP_SELF'], 'auth.inc.php') !== false) {
die('This file can not be used on its own.');
}
--- 35,39 ----
// this file can't be used on its own
! if (strpos(strtolower($_SERVER['PHP_SELF']), 'auth.inc.php') !== false) {
die('This file can not be used on its own.');
}
More information about the geeklog-cvs
mailing list