From 66358414f2b1f8587239ee8ef6cb2e6e65ae4784 Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 8 Dec 2017 11:27:37 +0900 Subject: [PATCH] =?UTF-8?q?pht=20=ED=8C=8C=EC=9D=BC=20=EC=97=85=EB=A1=9C?= =?UTF-8?q?=EB=93=9C=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95=20?= =?UTF-8?q?adm1nkyj(=EA=B9=80=EC=9A=A9=EC=A7=84,=20http://adm1nkyj.kr)=20?= =?UTF-8?q?=EB=8B=98=20=EC=A0=9C=EB=B3=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/qawrite_update.php | 2 +- bbs/write_update.php | 2 +- install/install_db.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/bbs/qawrite_update.php b/bbs/qawrite_update.php index b00d0827bc..69a4efa82d 100644 --- a/bbs/qawrite_update.php +++ b/bbs/qawrite_update.php @@ -200,7 +200,7 @@ $upload[$i]['filesize'] = $filesize; // 아래의 문자열이 들어간 파일은 -x 를 붙여서 웹경로를 알더라도 실행을 하지 못하도록 함 - $filename = preg_replace("/\.(php|phtm|htm|cgi|pl|exe|jsp|asp|inc)/i", "$0-x", $filename); + $filename = preg_replace("/\.(php|pht|phtm|htm|cgi|pl|exe|jsp|asp|inc)/i", "$0-x", $filename); shuffle($chars_array); $shuffle = implode('', $chars_array); diff --git a/bbs/write_update.php b/bbs/write_update.php index 2dbbddde13..2b37dbd230 100644 --- a/bbs/write_update.php +++ b/bbs/write_update.php @@ -524,7 +524,7 @@ $upload[$i]['filesize'] = $filesize; // 아래의 문자열이 들어간 파일은 -x 를 붙여서 웹경로를 알더라도 실행을 하지 못하도록 함 - $filename = preg_replace("/\.(php|phtm|htm|cgi|pl|exe|jsp|asp|inc)/i", "$0-x", $filename); + $filename = preg_replace("/\.(php|pht|phtm|htm|cgi|pl|exe|jsp|asp|inc)/i", "$0-x", $filename); shuffle($chars_array); $shuffle = implode('', $chars_array); diff --git a/install/install_db.php b/install/install_db.php index 1612d09b6b..425e52de1c 100644 --- a/install/install_db.php +++ b/install/install_db.php @@ -287,7 +287,7 @@ function safe_install_string_check( $str ) { // data 디렉토리 및 하위 디렉토리에서는 .htaccess .htpasswd .php .phtml .html .htm .inc .cgi .pl 파일을 실행할수 없게함. $f = fopen($data_path.'/.htaccess', 'w'); $str = << + Order allow,deny Deny from all