PhpDig.net - View Single Post - Security update breaks sites that call the search function from another directory

pittster · 01-15-2004, 06:30 AM

Hey everyone,

If you use the function to display the results and add the following lines at the top of the script:

// prevent remote command execution
if ((isset($relative_script_path)) &&
($relative_script_path != ".") &&
($relative_script_path != "..")) {
exit();
}

and you are running the function from a directory other than the phpdig directory, your script will break.

Be sure to add "&&($relative_script_path != "../your_relative_script_path")" to the end of that if statement.

01-15-2004, 06:30 AM	#1
pittster Green Mole Join Date: Sep 2003 Posts: 2	Security update breaks sites that call the search function from another directory Hey everyone, If you use the function to display the results and add the following lines at the top of the script: // prevent remote command execution if ((isset($relative_script_path)) && ($relative_script_path != ".") && ($relative_script_path != "..")) { exit(); } and you are running the function from a directory other than the phpdig directory, your script will break. Be sure to add "&&($relative_script_path != "../your_relative_script_path")" to the end of that if statement.