xinha security issue, temporarily disabled all PHP plugins
This commit is contained in:
@@ -1,4 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
|
die('disabled in s9y');
|
||||||
/** Write the appropriate xinha_config directives to pass data to a PHP (Plugin) backend file.
|
/** Write the appropriate xinha_config directives to pass data to a PHP (Plugin) backend file.
|
||||||
*
|
*
|
||||||
* ImageManager Example:
|
* ImageManager Example:
|
||||||
|
|||||||
@@ -1,23 +0,0 @@
|
|||||||
<html>
|
|
||||||
<head>
|
|
||||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
||||||
<title>Example of Xinha</title>
|
|
||||||
<link rel="stylesheet" href="full_example.css" />
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<?php
|
|
||||||
if (get_magic_quotes_gpc()) {
|
|
||||||
$_REQUEST = array_map('stripslashes',$_REQUEST);
|
|
||||||
}
|
|
||||||
// or in php.ini
|
|
||||||
//; Magic quotes for incoming GET/POST/Cookie data.
|
|
||||||
//magic_quotes_gpc = Off
|
|
||||||
foreach($_REQUEST as $key=>$value){
|
|
||||||
if(substr($key,0,10) == 'myTextarea') {
|
|
||||||
echo '<h3 style="border-bottom:1px solid black;">'.$key.'(source):</h3><xmp style="border:1px solid black; width: 100%; height: 200px; overflow: auto;">'.$value.'</xmp><br/>';
|
|
||||||
echo '<h3 style="border-bottom:1px solid black;">'.$key.'(preview):</h3>'.$value;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
?>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
||||||
@@ -1,4 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
|
die('disabled in s9y');
|
||||||
/**
|
/**
|
||||||
* ExtendedFileManager configuration file.
|
* ExtendedFileManager configuration file.
|
||||||
* Authors: Wei Zhuo, Afru
|
* Authors: Wei Zhuo, Afru
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
|
die('disabled in s9y');
|
||||||
$send_to = 'Website Enquiries <enquiries@' . preg_replace('/^www./', '', $_SERVER['HTTP_HOST']) . '>';
|
$send_to = 'Website Enquiries <enquiries@' . preg_replace('/^www./', '', $_SERVER['HTTP_HOST']) . '>';
|
||||||
|
|
||||||
$emailfield = NULL;
|
$emailfield = NULL;
|
||||||
|
|||||||
@@ -1,4 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
|
die('disabled in s9y');
|
||||||
|
|
||||||
##
|
##
|
||||||
## Plugin for htmlArea, to run code through the server's HTML Tidy
|
## Plugin for htmlArea, to run code through the server's HTML Tidy
|
||||||
## By Adam Wright, for The University of Western Australia
|
## By Adam Wright, for The University of Western Australia
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
|
die('disabled in s9y');
|
||||||
/**
|
/**
|
||||||
* Image Manager configuration file.
|
* Image Manager configuration file.
|
||||||
* @author $Author:gogo $
|
* @author $Author:gogo $
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
<?PHP
|
<?PHP
|
||||||
|
die('disabled in s9y');
|
||||||
//this plugin only use the relativ webpath to the picturefolder
|
//this plugin only use the relativ webpath to the picturefolder
|
||||||
//default ~ /Xinha/plugins/InsertPicture/demo_pictures/
|
//default ~ /Xinha/plugins/InsertPicture/demo_pictures/
|
||||||
strstr( PHP_OS, "WIN") ? $strPathSeparator = "\\" : $strPathSeparator = "/";
|
strstr( PHP_OS, "WIN") ? $strPathSeparator = "\\" : $strPathSeparator = "/";
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
|
die('disabled in s9y');
|
||||||
$snippets_file = 'snippets.html';
|
$snippets_file = 'snippets.html';
|
||||||
|
|
||||||
include_once('../../contrib/php-xinha.php');
|
include_once('../../contrib/php-xinha.php');
|
||||||
|
|||||||
@@ -4,7 +4,7 @@
|
|||||||
// 2005-08-17 YmL:
|
// 2005-08-17 YmL:
|
||||||
// . security fix on unchecked variables. Original author missed quite a few
|
// . security fix on unchecked variables. Original author missed quite a few
|
||||||
// holes.
|
// holes.
|
||||||
|
die('disabled in s9y');
|
||||||
umask(000);
|
umask(000);
|
||||||
$temptext = tempnam('/tmp', 'spell_');
|
$temptext = tempnam('/tmp', 'spell_');
|
||||||
if ((!isset($_POST['dictionary'])) || (strlen(trim($_POST['dictionary'])) < 1))
|
if ((!isset($_POST['dictionary'])) || (strlen(trim($_POST['dictionary'])) < 1))
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
|
die('disabled in s9y');
|
||||||
$text = stripslashes($_POST['content']);
|
$text = stripslashes($_POST['content']);
|
||||||
|
|
||||||
// Convert UTF-8 multi-bytes into decimal character entities. This is because
|
// Convert UTF-8 multi-bytes into decimal character entities. This is because
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
|
die('disabled in s9y');
|
||||||
/** This PHP file is intended for use with XMLHTTPRequest from Xinha
|
/** This PHP file is intended for use with XMLHTTPRequest from Xinha
|
||||||
* it requrns javascript to set the Xinha html with tidied html that is
|
* it requrns javascript to set the Xinha html with tidied html that is
|
||||||
* submitted in a $_POST parameter called 'content'
|
* submitted in a $_POST parameter called 'content'
|
||||||
|
|||||||
Reference in New Issue
Block a user