From 1aa87a3442a59d0acf3ce8cc6583612845dfe42e Mon Sep 17 00:00:00 2001
From: ovclas <ovclas@gmail.com>
Date: Fri, 11 May 2012 09:35:07 +0000
Subject: [PATCH] Webshell defense

git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@10672 201d5d3c-b55e-5fd7-737f-ddc643e51545
---
 modules/install/install.admin.controller.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/install/install.admin.controller.php b/modules/install/install.admin.controller.php
index b96c1d93a..6eb8dbfff 100644
--- a/modules/install/install.admin.controller.php
+++ b/modules/install/install.admin.controller.php
@@ -146,6 +146,10 @@
             $buff = '<?php if(!defined("__ZBXE__")) exit();'."\n";
             foreach($ftp_info as $key => $val) {
                 if(!$val) continue;
+				if(preg_match('/(<\?|<\?php|\?>)/xsm', preg_replace('/\s/', '', $val)))
+				{
+					continue;
+				}
                 $buff .= sprintf("\$ftp_info->%s = '%s';\n", $key, str_replace("'","\\'",$val));
             }
             $buff .= "?>";