Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow hosted content to be executable for the links page #5782

Closed
gadzet21 opened this issue Jun 28, 2024 · 2 comments
Closed

Allow hosted content to be executable for the links page #5782

gadzet21 opened this issue Jun 28, 2024 · 2 comments
Labels
bug Undesired behaviour confirmed Bug is confirm by dev team resolved A fixed issue
Milestone
1.2.28

Comments

@gadzet21
Copy link
Contributor

Hi,
Changing the include_once function to file_get_contents resulted in the php code not being processed.
This change occurred in the commit below - in Cacti version 1.2.26 (same in version 1.2.27)
a2af4f8

A simple example on the php-example.html file in the /include/content directory
Instead of parsing the php code, it shows it as a comment:
image

Debian 9 and 12, Apache 2.4, PHP 7.0 and 8.2

Regards,
Jacek
@gadzet21 gadzet21 added bug Undesired behaviour unverified Some days we don't have a clue labels Jun 28, 2024
@TheWitness
Copy link
Member

Yea, it was a part of the hardening project, but the bug was for files outside of the 'content' folder. So, I'm okay with this.

TheWitness added a commit that referenced this issue Jun 29, 2024
@TheWitness
Fixing #5782 - Problem with External Links
71c1724 
Function file_get_contents() instead of include_once() in file link.php
TheWitness added a commit that referenced this issue Jun 29, 2024
@TheWitness
Fixing #5782 - Problem with External Links
c6c6601 
Function file_get_contents() instead of include_once() in file link.php
@TheWitness TheWitness added resolved A fixed issue confirmed Bug is confirm by dev team and removed unverified Some days we don't have a clue labels Jun 29, 2024
@TheWitness TheWitness added this to the 1.2.28 milestone Jun 29, 2024
@TheWitness
Copy link
Member

Resolved now. Thanks for reporting.

@github-actions github-actions bot locked and limited conversation to collaborators Sep 28, 2024
@netniV netniV changed the title Function file_get_contents in file link.php Allow hosted content to be executable for the links page Sep 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Undesired behaviour confirmed Bug is confirm by dev team resolved A fixed issue
Projects
None yet
Milestone
1.2.28
Development

No branches or pull requests
2 participants
@TheWitness @gadzet21