codes****@googl*****
codes****@googl*****
2008年 9月 4日 (木) 12:17:30 JST
Author: tacahi
Date: Wed Sep 3 20:16:53 2008
New Revision: 396
Modified:
branches/geeklog-1.4.x/geeklog/public_html/fckeditor/editor/filemanager/upload/php/upload.php
Log:
FCKeditorのファイルアップロードに関する脆弱性への対応を適用しました。
Modified:
branches/geeklog-1.4.x/geeklog/public_html/fckeditor/editor/filemanager/upload/php/upload.php
==============================================================================
---
branches/geeklog-1.4.x/geeklog/public_html/fckeditor/editor/filemanager/upload/php/upload.php
(original)
+++
branches/geeklog-1.4.x/geeklog/public_html/fckeditor/editor/filemanager/upload/php/upload.php
Wed Sep 3 20:16:53 2008
@@ -18,6 +18,10 @@
* Frederico Caldeira Knabben (fredc****@fcked*****)
*/
+if (strpos($_SERVER['PHP_SELF'], 'upload.php') !== false) {
+ die('This file can not be used on its own!');
+}
+
require('config.php') ;
require('util.php') ;