diff options
| author |   Markus Rothe <corsair@gentoo.org> | 2005-05-25 12:22:45 +0000 |
|---|---|---|
| committer | Markus Rothe <corsair@gentoo.org> | 2005-05-25 12:22:45 +0000 |
| commit | fc8300a192e6d55c72b5d108884db1623beeaa7b (patch) | |
| tree | 7269d3c55bfbaaaaebe4ce1b32e87bcad15988b6 /dev-php | |
| parent | Stable on x86. (diff) | |
| download | gentoo-2-fc8300a192e6d55c72b5d108884db1623beeaa7b.tar.gz gentoo-2-fc8300a192e6d55c72b5d108884db1623beeaa7b.tar.bz2 gentoo-2-fc8300a192e6d55c72b5d108884db1623beeaa7b.zip | |
moved phpsysinfo-2.3-xss-and-path.patch from http source to FILESDIR, as I
now was able to prevent cvs from changing the $Id lines in the patch -
hopefully...
Diffstat (limited to 'dev-php')
| -rw-r--r-- | dev-php/phpsysinfo/files/phpsysinfo-2.3-xss-and-path.patch | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/dev-php/phpsysinfo/files/phpsysinfo-2.3-xss-and-path.patch b/dev-php/phpsysinfo/files/phpsysinfo-2.3-xss-and-path.patch new file mode 100644 index 000000000000..b4eea8ac0335 --- /dev/null +++ b/dev-php/phpsysinfo/files/phpsysinfo-2.3-xss-and-path.patch @@ -0,0 +1,120 @@ +--- index.php.orig 2005-04-02 06:48:00.000000000 +0000 ++++ index.php 2005-03-23 16:35:50.000000000 +0000 +@@ -122,7 +122,7 @@ + require('./includes/mb/class.' . $sensor_program . '.inc.php'); + $mbinfo = new mbinfo; + } else { +- echo '<center><b>Error: ' . $sensor_program . ' is not currently supported</b></center>'; ++ echo '<center><b>Error: ' . htmlentities($sensor_program) . ' is not currently supported</b></center>'; + exit; + } + } +--- includes/system_header.php.orig 2005-04-02 06:48:14.000000000 +0000 ++++ includes/system_header.php 2005-03-23 16:30:38.000000000 +0000 +@@ -18,6 +18,11 @@ + // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + + // $Id: system_header.php,v 1.21 2003/11/08 23:49:16 precision Exp $ ++ ++if (eregi('system_header.php', $_SERVER['PHP_SELF'])) { ++ exit; ++} ++ + header("Cache-Control: no-cache, must-revalidate"); + if (!isset($charset)) { + $charset = 'iso-8859-1'; +--- includes/system_footer.php.orig 2005-04-02 06:48:23.000000000 +0000 ++++ includes/system_footer.php 2005-03-23 16:33:59.000000000 +0000 +@@ -13,6 +13,11 @@ + // along with this program; if not, write to the Free Software + // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + // $Id: system_footer.php,v 1.38 2004/08/13 23:02:32 webbie Exp $ ++ ++if (eregi('system_footer.php', $_SERVER['PHP_SELF'])) { ++ exit; ++} ++ + if (!$hide_picklist) { + echo "<center>"; + +--- includes/XPath.class.php.orig 2005-04-02 06:48:29.000000000 +0000 ++++ includes/XPath.class.php 2005-03-23 16:27:33.000000000 +0000 +@@ -4969,7 +4969,7 @@ + $pos += $afterText ? 1 : 0; + $parentNode['textParts'] = array_merge( + array_slice($parentNode['textParts'], 0, $pos), +- '', ++ array(''), + array_slice($parentNode['textParts'], $pos) + ); + +@@ -5051,7 +5051,7 @@ + $pos -= $afterText ? 0 : 1; + $parentNode['textParts'] = array_merge( + array_slice($parentNode['textParts'], 0, $pos), +- '', ++ array(''), + array_slice($parentNode['textParts'], $pos) + ); + // We are going from bottom to top, but the user will want results from top to bottom. +--- includes/os/class.Darwin.inc.php.orig 2005-04-02 06:48:39.000000000 +0000 ++++ includes/os/class.Darwin.inc.php 2005-03-23 16:40:36.000000000 +0000 +@@ -19,8 +19,13 @@ + + // $Id: class.Darwin.inc.php,v 1.16 2004/06/26 23:46:36 webbie Exp $ + ++if(!file_exists('./includes/os/class.BSD.common.inc.php')) { ++ exit; ++} ++ + require('./includes/os/class.BSD.common.inc.php'); + ++ + echo "<p align=center><b>Note: The Darwin version of phpSysInfo is work in progress, some things currently don't work</b></p>"; + + class sysinfo extends bsd_common { +--- includes/os/class.NetBSD.inc.php.orig 2005-04-02 06:48:46.000000000 +0000 ++++ includes/os/class.NetBSD.inc.php 2005-03-23 16:41:25.000000000 +0000 +@@ -19,8 +19,13 @@ + + // $Id: class.NetBSD.inc.php,v 1.11 2004/06/26 23:46:36 webbie Exp $ + ++if(!file_exists('./includes/os/class.BSD.common.inc.php')) { ++ exit; ++} ++ + require('./includes/os/class.BSD.common.inc.php'); + ++ + class sysinfo extends bsd_common { + var $cpu_regexp; + var $scsi_regexp; +--- includes/os/class.FreeBSD.inc.php.orig 2005-04-02 06:48:54.000000000 +0000 ++++ includes/os/class.FreeBSD.inc.php 2005-03-23 16:41:02.000000000 +0000 +@@ -19,6 +19,10 @@ + + // $Id: class.FreeBSD.inc.php,v 1.10 2004/06/26 23:46:36 webbie Exp $ + ++if(!file_exists('./includes/os/class.BSD.common.inc.php')) { ++ exit; ++} ++ + require('./includes/os/class.BSD.common.inc.php'); + + class sysinfo extends bsd_common { +--- includes/os/class.OpenBSD.inc.php.orig 2005-04-02 06:49:02.000000000 +0000 ++++ includes/os/class.OpenBSD.inc.php 2005-03-23 16:41:19.000000000 +0000 +@@ -19,8 +19,13 @@ + + // $Id: class.OpenBSD.inc.php,v 1.14 2004/07/02 02:33:16 webbie Exp $ + ++if(!file_exists('./includes/os/class.BSD.common.inc.php')) { ++ exit; ++} ++ + require('./includes/os/class.BSD.common.inc.php'); + ++ + class sysinfo extends bsd_common { + var $cpu_regexp; + var $scsi_regexp; |