diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-05-28 02:19:53 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-28 02:19:53 -0700 |
| commit | 1a095fffe50437dbe7814c52886a58b6309ce8eb (patch) | |
| tree | ecbe0c63ccd93aeb515bb32036c24f1f3f64e81d /modules/g2_import/helpers/g2_import.php | |
| parent | c8aa9ed440f698bc725b21b2808af88001aaacee (diff) | |
Prepend all code files we copy from Gallery2 and put into var with our
code preamble for security.
Update File_Structure_Test::code_files_start_with_preamble_test to
check all the php files in var, too.
Diffstat (limited to 'modules/g2_import/helpers/g2_import.php')
| -rw-r--r-- | modules/g2_import/helpers/g2_import.php | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index 60dd593f..51dc8705 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -79,7 +79,8 @@ class g2_import_Core { array( "require_once('$base_dir/modules/core/classes/GalleryDataCache.class');", "require('$base_dir/modules/core/classes/GalleryEmbed.class');"), - file("$base_dir/embed.php"))); + array_merge(array("<?php defined(\"SYSPATH\") or die(\"No direct script access.\") ?>\n"), + file("$base_dir/embed.php")))); file_put_contents( "$mod_path/main.php", @@ -90,7 +91,8 @@ class g2_import_Core { array( "include(dirname(__FILE__) . '/bootstrap.inc');", "require_once('$base_dir/init.inc');"), - file("$base_dir/main.php"))); + array_merge(array("<?php defined(\"SYSPATH\") or die(\"No direct script access.\") ?>\n"), + file("$base_dir/main.php")))); file_put_contents( "$mod_path/bootstrap.inc", @@ -103,7 +105,8 @@ class g2_import_Core { "require_once('$base_dir/modules/core/classes/GalleryDataCache.class');", "define('GALLERY_CONFIG_DIR', '$base_dir');", "\$gallery =& new G2_Gallery();"), - file("$base_dir/bootstrap.inc"))); + array_merge(array("<?php defined(\"SYSPATH\") or die(\"No direct script access.\") ?>\n"), + file("$base_dir/bootstrap.inc")))); file_put_contents( "$mod_path/Gallery.class", @@ -112,7 +115,8 @@ class g2_import_Core { "function Gallery"), array("class G2_Gallery", "function G2_Gallery"), - file("$base_dir/modules/core/classes/Gallery.class"))); + array_merge(array("<?php defined(\"SYSPATH\") or die(\"No direct script access.\") ?>\n"), + file("$base_dir/modules/core/classes/Gallery.class")))); } require("$mod_path/embed.php"); |