From 8c4f28e8218f0ffb4c01bfd99c7420114b839c4e Mon Sep 17 00:00:00 2001
From: jan <jan@jandecaluwe.com>
Date: Thu, 12 May 2005 22:42:25 +0200
Subject: Turn sensitive files into scripts that exit immediately

darcs-hash:20050512204225-45605-bee22b4df3d23374bc4922ede8f48106ea217209.gz
---
 inc/init.php | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

(limited to 'inc/init.php')

diff --git a/inc/init.php b/inc/init.php
index 075469ddb..621466196 100644
--- a/inc/init.php
+++ b/inc/init.php
@@ -70,6 +70,10 @@
   $conf['mediadir']      = realpath($conf['mediadir']);
   if(!$conf['mediadir'])   msg('Wrong mediadir! Check config!',-1);
 
+  // automatic upgrade to script versions of certain files
+  scriptify('conf/users.auth');
+  scriptify('conf/acl.auth');
+
 /**
  * remove magic quotes recursivly
  *
@@ -135,6 +139,32 @@ function getBaseURL($abs=false){
   return $proto.$host.$port.$dir;
 }
 
+function scriptify($file) {
+  // checks
+  if (!is_readable($file)) {
+    return;
+  }
+  $fn = $file.'.php';
+  if (@file_exists($fn)) {
+    return;
+  }
+  $fh = fopen($fn, 'w');
+  if (!$fh) {
+    die($fn.' is not writable!');
+  }
+  // write php exit hack first
+  fwrite($fh, "# $fn\n");
+  fwrite($fh, '# <?php exit()?>'."\n");
+  fwrite($fh, "# Don't modify the lines above\n");
+  fwrite($fh, "#\n");
+  // copy existing lines
+  $lines = file($file);
+  foreach ($lines as $line){
+    fwrite($fh, $line);
+  }
+  $fclose($fh);
+}
+
 
 
 //Setup VIM: ex: et ts=2 enc=utf-8 :
-- 
cgit v1.2.3