From: <dam...@us...> - 2004-03-25 23:21:18
|
Update of /cvsroot/tikiwiki/tiki/modules In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32702 Modified Files: Tag: release_eta_carinea_rc1 mod-top_pages.php Log Message: Security Fix: Path Disclosure patch Index: mod-top_pages.php =================================================================== RCS file: /cvsroot/tikiwiki/tiki/modules/mod-top_pages.php,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.8.1 diff -u -d -r1.1.1.1 -r1.1.1.1.8.1 --- mod-top_pages.php 8 Oct 2002 13:54:47 -0000 1.1.1.1 +++ mod-top_pages.php 25 Mar 2004 23:10:27 -0000 1.1.1.1.8.1 @@ -1,4 +1,10 @@ <?php + +//this script may only be included - so its better to die if called directly. +if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== false) { + die("This script cannot be called directly"); +} + $ranking = $tikilib->get_top_pages($module_rows); $smarty->assign('modTopPages',$ranking); -?> \ No newline at end of file +?> |