summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/gallery/helpers/gallery_installer.php22
-rw-r--r--modules/gallery/module.info2
2 files changed, 21 insertions, 3 deletions
diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php
index cf701ed4..bffef8e6 100644
--- a/modules/gallery/helpers/gallery_installer.php
+++ b/modules/gallery/helpers/gallery_installer.php
@@ -204,6 +204,9 @@ class gallery_installer {
foreach (array("albums", "logs", "modules", "resizes", "thumbs", "tmp", "uploads") as $dir) {
@mkdir(VARPATH . $dir);
+ if (in_array($dir, array("logs", "tmp", "uploads"))) {
+ self::_protect_directory(VARPATH . $dir);
+ }
}
access::register_permission("view", "View");
@@ -284,7 +287,7 @@ class gallery_installer {
// @todo this string needs to be picked up by l10n_scanner
module::set_var("gallery", "credits", "Powered by <a href=\"%url\">Gallery %version</a>");
module::set_var("gallery", "simultaneous_upload_limit", 5);
- module::set_version("gallery", 23);
+ module::set_version("gallery", 25);
}
static function upgrade($version) {
@@ -494,7 +497,7 @@ class gallery_installer {
module::set_version("gallery", $version = 23);
}
- if ($version = 23) {
+ if ($version == 23) {
$db->query("CREATE TABLE {failed_logins} (
`id` int(9) NOT NULL auto_increment,
`count` int(9) NOT NULL,
@@ -504,6 +507,13 @@ class gallery_installer {
DEFAULT CHARSET=utf8;");
module::set_version("gallery", $version = 24);
}
+
+ if ($version == 24) {
+ foreach (array("logs", "tmp", "uploads") as $dir) {
+ self::_protect_directory(VARPATH . $dir);
+ }
+ module::set_version("gallery", $version = 25);
+ }
}
static function uninstall() {
@@ -528,4 +538,12 @@ class gallery_installer {
system("/bin/rm -rf " . VARPATH . $entry);
}
}
+
+ static function _protect_directory($dir) {
+ $fp = @fopen("$dir/.htaccess", "w+");
+ fwrite($fp, "DirectoryIndex .htaccess\nSetHandler Gallery_Security_Do_Not_Remove\n" .
+ "Options None\n<IfModule mod_rewrite.c>\nRewriteEngine off\n</IfModule>\n" .
+ "Order allow,deny\nDeny from all\n");
+ fclose($fp);
+ }
}
diff --git a/modules/gallery/module.info b/modules/gallery/module.info
index 5d0dd3c5..50a1505f 100644
--- a/modules/gallery/module.info
+++ b/modules/gallery/module.info
@@ -1,3 +1,3 @@
name = "Gallery 3"
description = "Gallery core application"
-version = 24
+version = 25
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 15:26:53 +0000