Permalink
Browse files

Prevent direct access to enable and disable scripts.

Although it usually fails because of missing librarires malicous user can still access enable and disable PHP script via direct URL:

http://www.example.com/frog/plugins/jquery/enable.php
http://www.example.com/frog/plugins/jquery/disable.php
  • Loading branch information...
1 parent 793ac66 commit 8ace24efabe2b6e7e5b1ad8072ab90fc99b4038a @tuupola committed Apr 27, 2009
Showing with 18 additions and 0 deletions.
  1. +18 −0 enable.php
View
@@ -1,5 +1,23 @@
<?php
+/*
+ * jQuery - Add jQuery to Frog CMS admin interface.
+ *
+ * Copyright (c) 2008-2009 Mika Tuupola
+ *
+ * Licensed under the MIT license:
+ * http://www.opensource.org/licenses/mit-license.php
+ *
+ * Project home:
+ * http://www.appelsiini.net/
+ *
+ */
+
+/* Prevent direct access. */
+if (!defined("FRAMEWORK_STARTING_MICROTIME")) {
+ die("All your base are belong to us!");
+}
+
/* Force jQuery to be the first plugin. */
unset(Plugin::$plugins['jquery']);
Plugin::$plugins = array('jquery' => 1) + Plugin::$plugins;

0 comments on commit 8ace24e

Please sign in to comment.