codes****@googl*****
codes****@googl*****
2008年 9月 26日 (金) 23:26:52 JST
Author: mystralkk
Date: Fri Sep 26 07:24:00 2008
New Revision: 752
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/config.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/dataproxy.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/article.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/calendar.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/comments.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/dokuwiki.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/faqman.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/filemgmt.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/forum.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/links.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/mediagallery.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/polls.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/staticpages.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/trackback.class.php
trunk/geeklog-1-jp-extended/plugins/dataproxy/functions.inc
trunk/geeklog-1-jp-extended/public_html/admin/plugins/dataproxy/install.html
trunk/geeklog-1-jp-extended/public_html/admin/plugins/dataproxy/install_ja.html
Log:
dataproxyへのインクルードファイルの直接呼び出し防止策をjp-extendedにも反映し
ました。
Modified: trunk/geeklog-1-jp-extended/plugins/dataproxy/config.php
==============================================================================
--- trunk/geeklog-1-jp-extended/plugins/dataproxy/config.php (original)
+++ trunk/geeklog-1-jp-extended/plugins/dataproxy/config.php Fri Sep 26
07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'config.php') !== false) {
+ die('This file can not be used on its own.');
+}
+
global $_DB_table_prefix, $_TABLES;
// set Plugin Table Prefix the Same as Geeklogs
@@ -45,6 +49,6 @@
// Plugin info
-$_DPXY_CONF['pi_version'] = '1.1.2'; // Plugin Version
+$_DPXY_CONF['pi_version'] = '1.1.3'; // Plugin Version
$_DPXY_CONF['gl_version'] = '1.4.0'; // GL Version plugin for
$_DPXY_CONF['pi_url'] = 'http://mystral-kk.net/'; // Plugin Homepage
Modified: trunk/geeklog-1-jp-extended/plugins/dataproxy/dataproxy.php
==============================================================================
--- trunk/geeklog-1-jp-extended/plugins/dataproxy/dataproxy.php (original)
+++ trunk/geeklog-1-jp-extended/plugins/dataproxy/dataproxy.php Fri Sep 26
07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'dataproxy.php') !== false) {
+ die('This file can not be used on its own.');
+}
+
/**
* @class DataproxyDriver
* @description the parent class of all classes to retrieve data from
plugins
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/article.class.php
==============================================================================
--- trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/article.class.php
(original)
+++ trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/article.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'article.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_article extends DataproxyDriver
{
var $driver_name = 'article';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/calendar.class.php
==============================================================================
---
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/calendar.class.php
(original)
+++
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/calendar.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'calendar.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_calendar extends DataproxyDriver
{
var $driver_name = 'calendar';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/comments.class.php
==============================================================================
---
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/comments.class.php
(original)
+++
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/comments.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'comment.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_comments extends DataproxyDriver
{
var $driver_name = 'comments';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/dokuwiki.class.php
==============================================================================
---
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/dokuwiki.class.php
(original)
+++
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/dokuwiki.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'dokuwiki.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_dokuwiki extends DataproxyDriver
{
var $driver_name = 'dokuwiki';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/faqman.class.php
==============================================================================
--- trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/faqman.class.php
(original)
+++ trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/faqman.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'faqman.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_faqman extends DataproxyDriver
{
var $driver_name = 'faqman';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/filemgmt.class.php
==============================================================================
---
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/filemgmt.class.php
(original)
+++
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/filemgmt.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'filemgmt.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_filemgmt extends DataproxyDriver
{
var $driver_name = 'filemgmt';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/forum.class.php
==============================================================================
--- trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/forum.class.php
(original)
+++ trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/forum.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'forum.class.php') !== false)
{
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_forum extends DataproxyDriver {
var $driver_name = 'forum';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/links.class.php
==============================================================================
--- trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/links.class.php
(original)
+++ trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/links.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'links.class.php') !== false)
{
+ die('This file can not be used on its own.');
+}
+
/**
* Links plugin supports URL rwrite in individual links but doesn't do so in
* categories, e.g.:
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/mediagallery.class.php
==============================================================================
---
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/mediagallery.class.php
(original)
+++
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/mediagallery.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'mediagallery.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_mediagallery extends DataproxyDriver
{
var $driver_name = 'mediagallery';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/polls.class.php
==============================================================================
--- trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/polls.class.php
(original)
+++ trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/polls.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'polls.class.php') !== false)
{
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_polls extends DataproxyDriver
{
var $driver_name = 'polls';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/staticpages.class.php
==============================================================================
---
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/staticpages.class.php
(original)
+++
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/staticpages.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'staticpages.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_staticpages extends DataproxyDriver
{
var $driver_name = 'staticpages';
Modified:
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/trackback.class.php
==============================================================================
---
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/trackback.class.php
(original)
+++
trunk/geeklog-1-jp-extended/plugins/dataproxy/drivers/trackback.class.php
Fri Sep 26 07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'trackback.class.php') !==
false) {
+ die('This file can not be used on its own.');
+}
+
class Dataproxy_trackback extends DataproxyDriver
{
var $driver_name = 'trackback';
Modified: trunk/geeklog-1-jp-extended/plugins/dataproxy/functions.inc
==============================================================================
--- trunk/geeklog-1-jp-extended/plugins/dataproxy/functions.inc (original)
+++ trunk/geeklog-1-jp-extended/plugins/dataproxy/functions.inc Fri Sep 26
07:24:00 2008
@@ -31,6 +31,10 @@
//
|
|
//
+---------------------------------------------------------------------------+
+if (strpos(strtolower($_SERVER['PHP_SELF']), 'functions.inc') !== false) {
+ die('This file can not be used on its own.');
+}
+
//define( 'DATAPROXY_DEBUG', true );
/**
Modified:
trunk/geeklog-1-jp-extended/public_html/admin/plugins/dataproxy/install.html
==============================================================================
---
trunk/geeklog-1-jp-extended/public_html/admin/plugins/dataproxy/install.html
(original)
+++
trunk/geeklog-1-jp-extended/public_html/admin/plugins/dataproxy/install.html
Fri Sep 26 07:24:00 2008
@@ -70,6 +70,13 @@
<th>Description</th>
</tr>
<tr>
+ <td align="right">1.1.3</td>
+ <td>2008-09-26</td>
+ <td>
+ <span class="fix">Fixed</span> Upgraded to prevent include-files to be
directly accessed in some case-insensitive file systems (e.g. MS Windows).
+ </td>
+ </tr>
+ <tr>
<td align="right">1.1.2</td>
<td>2008-09-14</td>
<td>
Modified:
trunk/geeklog-1-jp-extended/public_html/admin/plugins/dataproxy/install_ja.html
==============================================================================
---
trunk/geeklog-1-jp-extended/public_html/admin/plugins/dataproxy/install_ja.html
(original)
+++
trunk/geeklog-1-jp-extended/public_html/admin/plugins/dataproxy/install_ja.html
Fri Sep 26 07:24:00 2008
@@ -74,6 +74,13 @@
<th>内容</th>
</tr>
<tr>
+ <td align="right">1.1.3</td>
+ <td>2008-09-26</td>
+ <td>
+ <span class="fix">修正</span> 大文字小文字を区別しないファイルシステム
(MS Windowsなど)で、インクルードファイルが直接アクセスされるのを防ぐ措置を
追加しました。
+ </td>
+ </tr>
+ <tr>
<td align="right">1.1.2</td>
<td>2008-09-14</td>
<td>