In-Portal Issue Tracker

Welcome to the In-Portal Open Source CMS Issue Tracker! This is a central management / tracking tool for all types of tasks / issues / bugs for the In-Portal Project. Before reporting any issues, please make sure to read the Guide into Issue Tracker and How to Properly Test and Report Bugs!
Main | My View | View Issues | Change Log | Roadmap | Docs | Wiki | Repositories
  

View Revisions: Issue #159 All Revisions ] Back to Issue ]
Summary 0000159: Prevent of Execution of System Files of files other, then "index.php" and "admin/index.php"
Revision 2009-08-16 21:07:28 by Dmitry
Description Currently there is possible to execute individual In-Portal files. Usually people doesn't do that, but just in case I propose to add mentioned later code to all files with ".php" extension, that doesn't contain class declarations or are unit configs.

Code: defined('FULL_PATH') or die('restricted access!');
Revision 2009-08-16 20:58:42 by Dmitry
Description Currently there is possible to execute individual In-Portal files. Usually people doesn't do that, but just in case I propose to add mentioned later code to all files with ".php" extension, that doesn't contain class declarations or are unit configs.

Code:
if (!defined('FULL_PATH')) {
    die('This file is a component of the In-Portal software and cannot be used standalone.');
}

Main | My View | View Issues | Change Log | Roadmap | Docs | Wiki | Repositories
  

Web Development by Intechnic
In-Portal Open Source CMS
In-Portal Open Source CMS
Copyright © 2000 - 2009 MantisBT Group

Powered by Mantis Bugtracker