It's not the most beatiful patch. (die is evil) but it seems to work. Is it secure enough?
Daniel van Eeden <[EMAIL PROTECTED]>
Common subdirectories: phpix-2.0.2.orig/albums and phpix-2.0.2/albums Only in phpix-2.0.2: build-stamp Common subdirectories: phpix-2.0.2.orig/CVS and phpix-2.0.2/CVS Common subdirectories: phpix-2.0.2.orig/debian and phpix-2.0.2/debian diff -u phpix-2.0.2.orig/index.phtml phpix-2.0.2/index.phtml --- phpix-2.0.2.orig/index.phtml 2003-04-28 02:45:50.000000000 +0200 +++ phpix-2.0.2/index.phtml 2004-01-31 14:59:51.000000000 +0100 @@ -12,6 +12,23 @@ $version = "2.0.2-debian"; +/* security checks */ +if ($album) { + if (!is_dir("/var/www/phpix/albums/" . $album)) { + die("Acces denied."); + } + $wgetpos = strpos($album,"wget"); + $fetchpos = strpos($album,"fetch"); + if (($fetchpos === true) or ($wgetpos === true)) { + die("Acces denied."); + } +} +if ($pic) { + if (!is_file("/var/www/phpix/albums/" . $album . "/" . $pic)) { + die("Acces denied."); + } +} + print "<HTML>\n"; print "<HEAD>\n"; if ($mode == "album" or $mode == "view") { Only in phpix-2.0.2: phpix.1 Only in phpix-2.0.2: phpix-create-new-instance.1