diff --git a/docs/NEWS b/docs/NEWS
index 499bbff6..0f3c40c1 100644
--- a/docs/NEWS
+++ b/docs/NEWS
@@ -350,7 +350,14 @@ Version 1.1-alpha5()
* Removed config option "XHTML11 compliance" and enabled by default
now (garvinhicking)
-Version 1.0.3 ()
+Version 1.0.4 ()
+------------------------------------------------------------------------
+
+ * Fix local file inclusion bug on systems with two conditions:
+ register_globals=on AND missing .htaccess for restricting access to
+ .inc.php files. (garvinhicking)
+
+Version 1.0.3 (November 7th, 2006)
------------------------------------------------------------------------
* Fix PHP 5.2.0 compatibility issue. (garvinhicking)
diff --git a/include/admin/configuration.inc.php b/include/admin/configuration.inc.php
index a4af5e2f..4ecb2cfd 100644
--- a/include/admin/configuration.inc.php
+++ b/include/admin/configuration.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
umask(0000);
$umask = 0775;
@define('IN_installer', true);
@@ -47,7 +51,7 @@ switch ($_POST['installAction'] && serendipity_checkFormToken()) {
$permalinkNew[] = $serendipity[$permitem['var']];
}
}
- }
+ }
if (serendipity_checkPermission('siteConfiguration') && serialize($permalinkOld) != serialize($permalinkNew)) {
printf(ATTEMPT_WRITE_FILE, $serendipity['serendipityPath'] . '.htaccess');
diff --git a/include/admin/installer.inc.php b/include/admin/installer.inc.php
index 40f1da73..3da52dfd 100644
--- a/include/admin/installer.inc.php
+++ b/include/admin/installer.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
umask(0000);
$umask = 0775;
@define('IN_installer', true);
diff --git a/include/compat.inc.php b/include/compat.inc.php
index 467968c6..8bf2f09c 100644
--- a/include/compat.inc.php
+++ b/include/compat.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_COMPAT')) {
return;
}
@@ -38,11 +42,11 @@ function memSnap($tshow = '') {
static $avail = null;
static $show = true;
static $memUsage = 0;
-
+
if (!$show) {
return false;
}
-
+
if ($avail === false) {
return true;
} elseif ($avail === null) {
@@ -53,11 +57,11 @@ function memSnap($tshow = '') {
return false;
}
}
-
+
if ($memUsage === 0) {
$memUsage = $avail;
}
-
+
$current = memory_get_usage();
echo '[' . date('d.m.Y H:i') . '] ' . number_format($current - $memUsage, 2, ',', '.') . ' label "' . $tshow . '", totalling ' . number_format($current, 2, ',', '.') . '
' . "\n";
$memUsage = $current;
@@ -222,7 +226,7 @@ function serendipity_getCharset() {
$charset = '';
}
}
-
+
if (!empty($serendipity['POST']['charset'])) {
if ($serendipity['POST']['charset'] == 'UTF-8/') {
$charset = 'UTF-8/';
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 09058b6e..24aeba5b 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_FUNCTIONS')) {
return;
}
@@ -323,7 +327,7 @@ function serendipity_walkRecursive($ary, $child_name = 'id', $parent_name = 'par
if ($depth !== 0) {
return true;
}
-
+
if (count($_remain) > 0) {
// Remaining items need to be appended
foreach($_remain AS $key => $data) {
@@ -1146,7 +1150,7 @@ function &serendipity_pickKey(&$array, $key, $default) {
function serendipity_db_time() {
static $ts = null;
static $cache = 300; // Seconds to cache
-
+
if ($ts === null) {
$now = time();
$ts = $now - ($now % $cache) + $cache;
diff --git a/include/functions_calendars.inc.php b/include/functions_calendars.inc.php
index 421775ad..2c8dae47 100644
--- a/include/functions_calendars.inc.php
+++ b/include/functions_calendars.inc.php
@@ -2,11 +2,15 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
- if (defined('S9Y_FRAMEWORK_CALENDARS')) {
- return;
- }
- @define('S9Y_FRAMEWORK_CALENDARS', true);
-
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
+if (defined('S9Y_FRAMEWORK_CALENDARS')) {
+ return;
+}
+@define('S9Y_FRAMEWORK_CALENDARS', true);
+
/**
* Gregorian to Persian Convertor
*
@@ -20,42 +24,42 @@
function g2p($g_y, $g_m, $g_d){
$g_days_in_month = array(31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31);
$j_days_in_month = array(31, 31, 31, 31, 31, 31, 30, 30, 30, 30, 30, 29);
-
+
$gy = $g_y-1600;
$gm = $g_m-1;
$gd = $g_d-1;
-
+
$g_day_no = 365*$gy+floor(($gy+3)/4)-floor(($gy+99)/100)+floor(($gy+399)/400);
-
+
for ($i=0; $i < $gm; ++$i){
$g_day_no += $g_days_in_month[$i];
}
-
+
if ($gm>1 && (($gy%4==0 && $gy%100!=0) || ($gy%400==0))){
/* leap and after Feb */
++$g_day_no;
}
-
+
$g_day_no += $gd;
$j_day_no = $g_day_no-79;
$j_np = floor($j_day_no/12053);
$j_day_no %= 12053;
$jy = 979+33*$j_np+4*floor($j_day_no/1461);
$j_day_no %= 1461;
-
+
if ($j_day_no >= 366) {
$jy += floor(($j_day_no-1)/365);
$j_day_no = ($j_day_no-1)%365;
}
$j_all_days = $j_day_no+1;
-
+
for ($i = 0; $i < 11 && $j_day_no >= $j_days_in_month[$i]; ++$i) {
$j_day_no -= $j_days_in_month[$i];
}
-
+
$jm = $i+1;
$jd = $j_day_no+1;
-
+
return array($jy, $jm, $jd, $j_all_days);
}
@@ -107,10 +111,10 @@ function p2g($j_y, $j_m, $j_d){
}
$gm = $i+1;
$gd = $g_day_no+1;
-
+
return array($gy, $gm, $gd);
}
-
+
/**
* Format a string according to Persian calendar (UTF)
*
@@ -121,11 +125,11 @@ function p2g($j_y, $j_m, $j_d){
* @return string Formatted local time/date according to locale settings
*/
function persian_strftime_utf($format, $timestamp='') {
-
+
if($timestamp==''){
$timestamp = mktime();
}
-
+
$g_d=date('j', $timestamp);
$g_m=date('n', $timestamp);
$g_y=date('Y', $timestamp);
@@ -155,12 +159,12 @@ function persian_strftime_utf($format, $timestamp='') {
'Wed' => '5',
'Thu' => '6',
'Fri' => '7');
-
+
// calculate string
$output_str='';
-
+
for ($i=0; $i1 && (($g_y%4==0 && $g_y%100!=0) || ($g_y%400==0))){
$j_days_in_month[12]++;
$leap = 1;
}
-
+
$j_month_name = array('', 'فروردین', 'اردیبهشت', 'خرداد', 'تیر',
'مرداد', 'شهریور', 'مهر', 'آبان', 'آذر', 'دی', 'بهمن', 'اسفند');
$j_week_name = array('Saturday' => 'شنبه',
@@ -311,12 +315,12 @@ function persian_date_utf($format, $timestamp='') {
'Wed' => '5',
'Thu' => '6',
'Fri' => '7');
-
+
// calculate string
$output_str='';
-
+
for ($i=0; $i $comment) {
if (!isset($entry_comments[$comment['entry_id']])) {
@@ -341,7 +345,7 @@ function serendipity_printCommentsByAuthor() {
}
$entry_comments[$comment['entry_id']]['comments'][] = $comment;
}
-
+
foreach($entry_comments AS $entry_id => $_data) {
$entry_comments[$entry_id]['tpl_comments'] =& serendipity_printComments($_data['comments'], VIEWMODE_LINEAR, 0, null, 'COMMENTS', 'comments.tpl');
}
@@ -356,10 +360,10 @@ function serendipity_printCommentsByAuthor() {
$and .= ' AND co.status = \'approved\'';
}
- $cc = serendipity_db_query("SELECT count(co.id) AS counter
+ $cc = serendipity_db_query("SELECT count(co.id) AS counter
FROM {$serendipity['dbPrefix']}comments AS co
- WHERE co.entry_id > 0
- AND co.type LIKE '" . $type . "'
+ WHERE co.entry_id > 0
+ AND co.type LIKE '" . $type . "'
AND co.status = 'approved' " . $sql_where . "
GROUP BY co.author", true, 'assoc');
if (!isset($cc['counter'])) {
diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php
index f8ec76d6..e03c2d37 100644
--- a/include/functions_config.inc.php
+++ b/include/functions_config.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_CONFIG')) {
return;
}
diff --git a/include/functions_entries.inc.php b/include/functions_entries.inc.php
index ec0845e1..5911b2e6 100644
--- a/include/functions_entries.inc.php
+++ b/include/functions_entries.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_ENTRIES')) {
return;
}
diff --git a/include/functions_entries_admin.inc.php b/include/functions_entries_admin.inc.php
index 5927e062..6321489d 100644
--- a/include/functions_entries_admin.inc.php
+++ b/include/functions_entries_admin.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_ENTRIES_ADMIN')) {
return;
}
diff --git a/include/functions_images.inc.php b/include/functions_images.inc.php
index 44a1af20..f29d50c5 100644
--- a/include/functions_images.inc.php
+++ b/include/functions_images.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_IMAGES')) {
return;
}
@@ -3315,15 +3319,15 @@ function serendipity_checkDirUpload($dir) {
return true;
}
*/
-
+
$allowed = serendipity_ACLGet(0, 'directory', 'write', $dir);
$mygroups = serendipity_checkPermission(null, null, true);
-
+
// Usergroup "0" always means that access is granted. If no array exists, no ACL restrictions have been set and all is fine.
if (!is_array($allowed) || isset($allowed[0])) {
return true;
}
-
+
if (!is_array($mygroups)) {
return true;
}
@@ -3334,6 +3338,6 @@ function serendipity_checkDirUpload($dir) {
break;
}
}
-
+
return false;
}
diff --git a/include/functions_images_crop.inc.php b/include/functions_images_crop.inc.php
index a9087acb..3992a3b1 100644
--- a/include/functions_images_crop.inc.php
+++ b/include/functions_images_crop.inc.php
@@ -258,7 +258,7 @@ class imgedit {
$this->slice_to_x = $this->slice_from_x + $this->slice_width;
$this->slice_to_y = $this->slice_from_y + $this->slice_height;
- // TODO:
+ // TODO:
// - Operate also on PNG, TIFF etc.
// - Support image magick
// - Save file as new image!
@@ -283,7 +283,7 @@ class imgedit {
rename($new_img_name, $this->img_name);
$http_new_file = preg_replace('@^' . preg_quote($serendipity['serendipityPath'] . $serendipity['uploadPath']) . '@', '', $this->img_name);
serendipity_makeThumbnail(basename($http_new_file), dirname($http_new_file) . '/');
-
+
$this->img_name = $new_img_name;
$this->img_width = $new_img_width;
$this->img_height = $new_img_height;
@@ -295,9 +295,9 @@ class imgedit {
function increment($fullfile) {
$d = dirname($fullfile) . '/';
$f = basename($fullfile);
-
+
$f = time() . '.' . $f;
-
+
return $d . $f;
}
@@ -391,7 +391,7 @@ class imgedit {
// Set the template variables
function setVars() {
-
+
$this->imgedit_smarty['zoombox_width'] = $this->zoombox_width;
$this->imgedit_smarty['zoombox_padding'] = $this->zoombox_width + 20;
$this->imgedit_smarty['area_width'] = $this->area_width;
@@ -448,4 +448,3 @@ class imgedit {
return true;
}
}
-?>
\ No newline at end of file
diff --git a/include/functions_installer.inc.php b/include/functions_installer.inc.php
index 2a72978a..69d7ce6a 100644
--- a/include/functions_installer.inc.php
+++ b/include/functions_installer.inc.php
@@ -2,6 +2,9 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
if (defined('S9Y_FRAMEWORK_INSTALLER')) {
return;
diff --git a/include/functions_permalinks.inc.php b/include/functions_permalinks.inc.php
index a11c1ab3..85680a04 100644
--- a/include/functions_permalinks.inc.php
+++ b/include/functions_permalinks.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_PERMALINKS')) {
return;
}
diff --git a/include/functions_plugins_admin.inc.php b/include/functions_plugins_admin.inc.php
index 5ed42b4d..fd9bd58a 100644
--- a/include/functions_plugins_admin.inc.php
+++ b/include/functions_plugins_admin.inc.php
@@ -2,6 +2,9 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
if (defined('S9Y_FRAMEWORK_PLUGINS_ADMIN')) {
return;
diff --git a/include/functions_rss.inc.php b/include/functions_rss.inc.php
index b397b523..451b2c7b 100644
--- a/include/functions_rss.inc.php
+++ b/include/functions_rss.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_RSS')) {
return;
}
diff --git a/include/functions_smarty.inc.php b/include/functions_smarty.inc.php
index 55aeba39..2a2602a5 100644
--- a/include/functions_smarty.inc.php
+++ b/include/functions_smarty.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_SMARTY')) {
return;
}
@@ -354,7 +358,7 @@ function serendipity_smarty_showCommentForm($params, &$smarty) {
if (!isset($params['data'])) {
$params['data'] = $serendipity['POST'];
}
-
+
if (!isset($params['showToolbar'])) {
$params['showToolbar'] = true;
}
diff --git a/include/functions_trackbacks.inc.php b/include/functions_trackbacks.inc.php
index 4425be33..1781acab 100644
--- a/include/functions_trackbacks.inc.php
+++ b/include/functions_trackbacks.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_TRACKBACKS')) {
return;
}
diff --git a/include/functions_upgrader.inc.php b/include/functions_upgrader.inc.php
index 515bcf53..804f5a55 100644
--- a/include/functions_upgrader.inc.php
+++ b/include/functions_upgrader.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_UPGRADER')) {
return;
}
@@ -89,7 +93,7 @@ function serendipity_fixPlugins($case) {
'serendipity_event_searchhighlight',
'serendipity_event_textile'
);
-
+
$elements = array(
'ENTRY_BODY',
'EXTENDED_BODY',
@@ -102,24 +106,24 @@ function serendipity_fixPlugins($case) {
$where[] = "name LIKE '$plugin:%'";
}
- $rows = serendipity_db_query("SELECT name, value, authorid
- FROM {$serendipity['dbPrefix']}config
+ $rows = serendipity_db_query("SELECT name, value, authorid
+ FROM {$serendipity['dbPrefix']}config
WHERE " . implode(' OR ', $where));
if (!is_array($rows)) {
return false;
}
-
+
foreach($rows AS $row) {
if (preg_match('@^(serendipity_event_.+):([a-z0-9]+)/(.+)@i', $row['name'], $plugin_data)) {
foreach($elements AS $element) {
if ($plugin_data[3] != constant($element)) {
continue;
}
-
+
$new = $plugin_data[1] . ':' . $plugin_data[2] . '/' . $element;
serendipity_db_query("UPDATE {$serendipity['dbPrefix']}config
SET name = '$new'
- WHERE name = '{$row['name']}'
+ WHERE name = '{$row['name']}'
AND value = '{$row['value']}'
AND authorid = '{$row['authorid']}'");
}
diff --git a/include/genpage.inc.php b/include/genpage.inc.php
index 36f02da8..504a12a0 100644
--- a/include/genpage.inc.php
+++ b/include/genpage.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (!defined('S9Y_FRAMEWORK')) {
include('serendipity_config.inc.php');
}
@@ -97,7 +101,7 @@ if ($serendipity['smarty_raw_mode']) {
case 'comments':
serendipity_printCommentsByAuthor();
// use 'content_message' for pagination?
-
+
break;
// Show the archive
diff --git a/include/lang.inc.php b/include/lang.inc.php
index 5f62335f..e2302a11 100644
--- a/include/lang.inc.php
+++ b/include/lang.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (!defined('serendipity_LANG_LOADED') || serendipity_LANG_LOADED !== true) {
$charset = serendipity_getCharset();
diff --git a/include/plugin_internal.inc.php b/include/plugin_internal.inc.php
index 17cc3f49..fefade7e 100644
--- a/include/plugin_internal.inc.php
+++ b/include/plugin_internal.inc.php
@@ -2,6 +2,10 @@
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (defined('S9Y_FRAMEWORK_PLUGIN_INTERNAL')) {
return;
}
diff --git a/templates/kubrick/config.inc.php b/templates/kubrick/config.inc.php
index 091e22ce..8d5978f4 100644
--- a/templates/kubrick/config.inc.php
+++ b/templates/kubrick/config.inc.php
@@ -1,5 +1,9 @@