fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-23 12:22:15 +09:00
Code Issues Projects Releases Packages Wiki Activity

XSS, Webshell defence

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@12278 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ovclas 2012-11-22 02:37:50 +00:00
parent fdcafe536e
commit 0c0604d24d
2 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/install/install.admin.controller.php
View file

@ -150,7 +150,7 @@
$buff = '<?php if(!defined("__ZBXE__")) exit();'."\n";
foreach($ftp_info as $key => $val) {
if(!$val) continue;
if(preg_match('/(<\?|<\?php|\?>)/xsm', preg_replace('/\s/', '', $val)))
if(preg_match('/(<\?|<\?php|\?>|fputs|fopen|fwrite|fgets|fread|\/\*|\*\/|chr\()/xsm', preg_replace('/\s/', '', $val)))
{
continue;
}