opensourcemirror
/
dokuwiki
mirror of https://github.com/splitbrain/dokuwiki.git
1
0
Fork 0
Code Issues Releases Wiki Activity

SECURITY: fix local file inclusion with register globals 

Ignore-this: ce01faedc6c3d9370362b0e1e39ded36

This fixes a security hole when register_globals is enabled. An exploit is
in the wild: http://www.milw0rm.com/exploits/8781

darcs-hash:20090526145030-7ad00-c0483e021f47898c8597f3bfbdd26c637f891d86.gz
This commit is contained in:
Andreas Gohr 2009-05-26 16:50:30 +02:00
parent 7715e68ec4
commit ccaeaa85e8
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/init.php
View File

@ -10,6 +10,9 @@
}
define('DOKU_START_TIME', delta_time());
global $config_cascade;
$config_cascade = '';
// if available load a preload config file
$preload = fullpath(dirname(__FILE__)).'/preload.php';
if (@file_exists($preload)) include($preload);
@ -42,7 +45,6 @@
global $cache_metadata; $cache_metadata = array();
//set the configuration cascade - but only if its not already been set in preload.php
global $config_cascade;
if (empty($config_cascade)) {
$config_cascade = array(
'main' => array(