The new international community forum! |
Please log in or register.
The date and time is now September 6, 2010, 08:06:03 PM
|
|
|
|
|   |
|
capoferro
Newbie
PBLang is super!!!
Posts: 8
|
free access to posts (April 20, 2009, 12:25:01 AM) |
 |
There's a security issue that give access to posts messages through simple url request.
There's possible to construct an url such us http://www.mypblang.com/db/posts/1_1_1 and you will get php code as plain ascii text in return with the referered post.
I know you can avoid this using .htaccess but that has two problemas, first not every pblang installation uses apache web server and second this depends on properly configured apache which is not always the case .
I think the solution to this security hole is quite easy because posts are really stored as php code files. The solution is quite simple with just two changes:
1. append php extension to all files (i.e. use 1_1_1.php rather than 1_1_1), this way file will be executed if some one access it directly and never will see actual code (that is actual post)
2. add this line as first line of code in each file storing information:
quote:
| if (eregi('1_1_1', $_SERVER['PHP_SELF'])) die('Access Denied'); |
this way if some one access the file directly (via url) it will get an "Access Denied" message. Accessing via pblang is guaranteed as long as the file is included (i.e. include (db/posts/1_1_1.php); )
I think this can help.
greets
|
 Status: logged off |
 |
|
|
|
|
Software PBLang 4.67.20.a © 2002-2008 by Martin Senftleben & the PBLang-Team
|
|