dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
264b933
)
Clean up a few scriptlets
author
Brion Vibber
<brion@users.mediawiki.org>
Thu, 14 Oct 2004 02:13:12 +0000
(
02:13
+0000)
committer
Brion Vibber
<brion@users.mediawiki.org>
Thu, 14 Oct 2004 02:13:12 +0000
(
02:13
+0000)
img_auth.php
patch
|
blob
|
history
includes/Database.php
patch
|
blob
|
history
includes/killthread.php
patch
|
blob
|
history
includes/proxy_check.php
patch
|
blob
|
history
index.php
patch
|
blob
|
history
diff --git
a/img_auth.php
b/img_auth.php
index
803ec15
..
4ec68ea
100644
(file)
--- a/
img_auth.php
+++ b/
img_auth.php
@@
-8,9
+8,14
@@
# Valid web server entry point, enable includes
define( "MEDIAWIKI", true );
# Valid web server entry point, enable includes
define( "MEDIAWIKI", true );
+require_once( "includes/Defines.php" );
require_once( "./LocalSettings.php" );
require_once( "includes/Setup.php" );
require_once( "./LocalSettings.php" );
require_once( "includes/Setup.php" );
+if( !isset( $_SERVER['PATH_INFO'] ) ) {
+ wfForbidden();
+}
+
# Get filenames/directories
$filename = realpath( $wgUploadDirectory . $_SERVER['PATH_INFO'] );
$realUploadDirectory = realpath( $wgUploadDirectory );
# Get filenames/directories
$filename = realpath( $wgUploadDirectory . $_SERVER['PATH_INFO'] );
$realUploadDirectory = realpath( $wgUploadDirectory );
@@
-25,10
+30,19
@@
if ( is_array( $wgWhitelistRead ) && !in_array( $imageName, $wgWhitelistRead ) &
wfForbidden();
}
wfForbidden();
}
+if( !file_exists( $filename ) ) {
+ wfForbidden();
+}
+if( is_dir( $filename ) ) {
+ wfForbidden();
+}
+
# Write file
$type = wfGetType( $filename );
if ( $type ) {
header("Content-type: $type");
# Write file
$type = wfGetType( $filename );
if ( $type ) {
header("Content-type: $type");
+} else {
+ header("Content-type: application/x-wiki");
}
readfile( $filename );
}
readfile( $filename );
@@
-128,8
+142,6
@@
model/mesh msh mesh silo
model/vrml wrl vrml
text/calendar ics ifb
text/css css
model/vrml wrl vrml
text/calendar ics ifb
text/css css
-text/html html htm
-text/plain asc txt
text/richtext rtx
text/rtf rtf
text/sgml sgml sgm
text/richtext rtx
text/rtf rtf
text/sgml sgml sgm
@@
-147,7
+159,7
@@
END_STRING;
$endl = "
";
$types = explode( $endl, $types );
$endl = "
";
$types = explode( $endl, $types );
- if ( !preg_match( "/\.(
.
*?)$/", $filename, $matches ) ) {
+ if ( !preg_match( "/\.(
[^.]
*?)$/", $filename, $matches ) ) {
return false;
}
return false;
}
diff --git
a/includes/Database.php
b/includes/Database.php
index
2d6c87d
..
982e81c
100644
(file)
--- a/
includes/Database.php
+++ b/
includes/Database.php
@@
-836,7
+836,7
@@
class Database {
if( function_exists( 'mysql_thread_id' ) ) {
# This will kill the query if it's still running after $timeout seconds.
$tid = mysql_thread_id( $this->mConn );
if( function_exists( 'mysql_thread_id' ) ) {
# This will kill the query if it's still running after $timeout seconds.
$tid = mysql_thread_id( $this->mConn );
- exec( "php $IP/killthread.php $timeout $tid &>/dev/null &" );
+ exec( "php $IP/
includes/
killthread.php $timeout $tid &>/dev/null &" );
}
}
}
}
diff --git
a/includes/killthread.php
b/includes/killthread.php
index
ce7e4a9
..
669a7ce
100644
(file)
--- a/
includes/killthread.php
+++ b/
includes/killthread.php
@@
-7,15
+7,20
@@
/**
*
*/
/**
*
*/
+if( php_sapi_name() != 'cli' ) {
+ die('');
+}
+
+define( 'MEDIAWIKI', 1 );
$wgCommandLineMode = true;
unset( $IP );
ini_set( 'allow_url_fopen', 0 ); # For security...
$wgCommandLineMode = true;
unset( $IP );
ini_set( 'allow_url_fopen', 0 ); # For security...
-require_once( './LocalSettings.php' );
+require_once( '.
.
/LocalSettings.php' );
-# Windows requires ';' as separator, ':' for Unix
-
$sep = strchr( $include_path = ini_get( 'include_path' ), ';' ) ? ';' : ':'
;
-ini_set( 'include_path', "$IP$sep$include_path" );
+if( !$wgAllowSysopQueries ) {
+
die( "Queries disabled.\n" )
;
+}
require_once( 'Setup.php' );
require_once( 'Setup.php' );
diff --git
a/includes/proxy_check.php
b/includes/proxy_check.php
index
b017f32
..
583e8fd
100644
(file)
--- a/
includes/proxy_check.php
+++ b/
includes/proxy_check.php
@@
-4,6
+4,10
@@
* @package MediaWiki
*/
* @package MediaWiki
*/
+if( php_sapi_name() != 'cli' ) {
+ die('');
+}
+
/**
*
*/
/**
*
*/
diff --git
a/index.php
b/index.php
index
39c815a
..
dec3d89
100644
(file)
--- a/
index.php
+++ b/
index.php
@@
-153,10
+153,10
@@
if( !is_null( $search ) && $search !== '' ) {
wfCreativeCommonsRdf( $wgArticle );
}
break;
wfCreativeCommonsRdf( $wgArticle );
}
break;
- case "credits":
- require_once( "includes/Credits.php" );
+ case "credits":
+ require_once( "includes/Credits.php" );
showCreditsPage( $wgArticle );
showCreditsPage( $wgArticle );
- break;
+ break;
case "edit":
case "submit":
if( !$wgCommandLineMode && !$wgRequest->checkSessionCookie() ) {
case "edit":
case "submit":
if( !$wgCommandLineMode && !$wgRequest->checkSessionCookie() ) {