|
blocks.gif
blocks.gif
blocks.gif
blocks.gif
blocks.gif
|
 |
story.gif
|
|
|
|
|
|
 |
 |
 |
|
Fixes: URL's that end with trailing slash, like index.php/ wreck havoc in PHP Nuke |
|
| |
|
| |
PHP Nuke |
BobMarion posted on ravenphpscripts.com:
I got an email today asking me if there was a bug on my site. The person mistyped the url as http://www.nukescripts.net/index.php/ and it caused an interesting effect. The index page loaded but would not load any of the style of graphics it should have. I then tested that with /admin.php/ and it caused the same effect. While this is not an exploit it is very upsetting that it happens at all so here is the cure: Open your mainfile.php and put:
if($_SERVER['REQUEST_URI'] != "/" AND substr($_SERVER['REQUEST_URI'], -1) == "/") { header("Location: http://".$_SERVER['HTTP_HOST'].rtrim($_SERVER['REQUEST_URI'],'/'));
}
right after the opening < ?php.
If your running NukeSentinel™ place it above the NukeSentinel™ inclusion and after the < ?php .
If you use Apache and have access to either the httpd.conf file or the .htaccess file, you can use the following code at the server level:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/(.*) $1
This fix brought to you by NukeScripts and Raven PHPScripts.
|
|
|
|
 |
|
 |
|
|
|
blocks.gif
blocks.gif
blocks.gif
blocks.gif
|
