View Issue Details

IDProjectCategoryView StatusLast Update
0000380WackoWikisecuritypublic2011-05-31 21:24
ReporteradministratorAssigned Toadministrator 
PrioritynormalSeveritytweakReproducibilityN/A
Status resolvedResolutionfixed 
Product Version4.3.rc 
Target Version5.0.betaFixed in Version5.0.beta 
Summary0000380: Don't allow *.php files to be called directly
DescriptionThe *.php files in the wacko/ folder should not do anything if
they're called directly by the user. There *.php files should only
do something if they're called from within the engine.

set in index.php and admin.php:
define('IN_WACKO', true);

set in include files:
if (!defined('IN_WACKO'))
{
    exit;
}
TagsNo tags attached.

Activities

administrator

2011-02-16 09:58

administrator   ~0000779

this can be done later more graded based on the dependencies

Issue History

Date Modified Username Field Change
2011-02-16 09:52 administrator New Issue
2011-02-16 09:52 administrator Status new => assigned
2011-02-16 09:52 administrator Assigned To => administrator
2011-02-16 09:58 administrator Note Added: 0000779
2011-02-16 09:58 administrator Status assigned => resolved
2011-02-16 09:58 administrator Resolution open => fixed
2011-02-16 09:58 administrator Fixed in Version => 5.0.beta
2011-05-31 21:24 administrator Build => R5.0.beta