diff options
| author | Tom Schaefer <tom@tomschaefer.org> | 2010-07-26 11:55:01 -0400 |
|---|---|---|
| committer | Tom Schaefer <tom@tomschaefer.org> | 2010-07-26 11:55:01 -0400 |
| commit | df7c02eb588a9a5f4b14401ea9bde564132b4e0e (patch) | |
| tree | cb3f412ec78ae8b97ac5a245338f407eba4fbd90 /config/filemgr/rbfminc/config.tmp | |
| parent | 0e9d556a1c497f9f3bf52e710447541325d69ec6 (diff) | |
| download | pfsense-packages-df7c02eb588a9a5f4b14401ea9bde564132b4e0e.tar.gz pfsense-packages-df7c02eb588a9a5f4b14401ea9bde564132b4e0e.tar.bz2 pfsense-packages-df7c02eb588a9a5f4b14401ea9bde564132b4e0e.zip | |
Add filemgr package
new file: config/filemgr/file_manager.tmp
new file: config/filemgr/filemgr.inc
new file: config/filemgr/filemgr.xml
new file: config/filemgr/index.tmp
new file: config/filemgr/rbfmimg/bg_footer.png
new file: config/filemgr/rbfmimg/bg_header.png
new file: config/filemgr/rbfmimg/bg_page.png
new file: config/filemgr/rbfmimg/file_editor_bg.png
new file: config/filemgr/rbfmimg/folder.png
new file: config/filemgr/rbfmimg/folder_go.png
new file: config/filemgr/rbfmimg/folder_up.png
new file: config/filemgr/rbfmimg/go.png
new file: config/filemgr/rbfmimg/ico_delete.png
new file: config/filemgr/rbfmimg/ico_download.png
new file: config/filemgr/rbfmimg/ico_file.png
new file: config/filemgr/rbfmimg/ico_html.png
new file: config/filemgr/rbfmimg/ico_open_as_web.png
new file: config/filemgr/rbfmimg/ico_php.png
new file: config/filemgr/rbfmimg/ico_picture.png
new file: config/filemgr/rbfmimg/ico_rename.png
new file: config/filemgr/rbfmimg/ico_script_edit.png
new file: config/filemgr/rbfmimg/ico_use_file.png
new file: config/filemgr/rbfmimg/ico_use_file_inactive.png
new file: config/filemgr/rbfmimg/index.html
new file: config/filemgr/rbfmimg/new.png
new file: config/filemgr/rbfminc/config.tmp
new file: config/filemgr/rbfminc/download.tmp
new file: config/filemgr/rbfminc/file_editor_style.css
new file: config/filemgr/rbfminc/functions.tmp
new file: config/filemgr/rbfminc/index.html
new file: config/filemgr/rbfminc/rename.tmp
new file: config/filemgr/rbfminc/session.tmp
modified: pkg_config.7.xml
modified: pkg_config.8.xml
new file: pkg_config.8.xml.amd64~
Diffstat (limited to 'config/filemgr/rbfminc/config.tmp')
| -rw-r--r-- | config/filemgr/rbfminc/config.tmp | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/config/filemgr/rbfminc/config.tmp b/config/filemgr/rbfminc/config.tmp new file mode 100644 index 00000000..47a7563a --- /dev/null +++ b/config/filemgr/rbfminc/config.tmp @@ -0,0 +1,95 @@ +<?php + + +$initial_folder = "/"; //initial folder +$only_below = 0; // 0=you can brows all server; 1=you can brows only the $initial_folder and below + +//Login info {Please change the initial username and password} +$username = 'admin'; +$password = 'admin'; + + + +/***********************************/ +// Protect against GLOBALS tricks +if (isset($_POST['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($_GET['GLOBALS']) || isset($_COOKIE['GLOBALS'])){ + die("Hacking attempt"); +} + +if (isset($_SESSION) && !is_array($_SESSION)){ + die("Hacking attempt"); +} + +if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on'){ + $not_unset = array('_GET', '_POST', '_COOKIE', 'HTTP_SERVER_VARS', '_SESSION', 'HTTP_ENV_VARS', '_FILES'); + + if (!isset($_SESSION) || !is_array($_SESSION)){ + $_SESSION = array(); + } + $input = array_merge($_GET, $_POST, $_COOKIE, $HTTP_SERVER_VARS, $_SESSION, $HTTP_ENV_VARS, $_FILES); + + unset($input['input']); + unset($input['not_unset']); + + while (list($var,) = @each($input)){ + if (in_array($var, $not_unset)){ + die('Hacking attempt!'); + } + unset($$var); + } + + unset($input); +} + +if( !get_magic_quotes_gpc() ){ + if( is_array($_GET) ){ + while( list($k, $v) = each($_GET) ){ + if( is_array($_GET[$k]) ) + { + while( list($k2, $v2) = each($_GET[$k]) ){ + $_GET[$k][$k2] = addslashes($v2); + } + @reset($_GET[$k]); + }else{ + $_GET[$k] = addslashes($v); + } + } + @reset($_GET); + } + + if( is_array($_POST) ){ + while( list($k, $v) = each($_POST) ){ + if( is_array($_POST[$k]) ) + { + while( list($k2, $v2) = each($_POST[$k]) ){ + $_POST[$k][$k2] = addslashes($v2); + } + @reset($_POST[$k]); + }else{ + $_POST[$k] = addslashes($v); + } + } + @reset($_POST); + } + + if( is_array($_COOKIE) ){ + while( list($k, $v) = each($_COOKIE) ){ + if( is_array($_COOKIE[$k]) ){ + while( list($k2, $v2) = each($_COOKIE[$k]) ){ + $_COOKIE[$k][$k2] = addslashes($v2); + } + @reset($_COOKIE[$k]); + }else{ + $_COOKIE[$k] = addslashes($v); + } + } + @reset($_COOKIE); + } +} +//END Protect against GLOBALS tricks +/***********************************/ +//if($username == 'admin' and $password == 'admin'){ + //$security_issues = "<div align='center' style='color: red;'><b>Security issue</b>: Please change your username or password</div>"; +//} +$security_issues = "<br />"; +?>
\ No newline at end of file |