Welcome, Guest. Please Login or Register.
April 27, 2025, 05:46:11 PM
Home Help Search Log in Register
News: If you are still using YaBB SE, please consider upgrading to SMF as soon as possible.

YaBB SE Community  |  Development  |  Completed mods  |  [Code 1.5.2] Lockdown Directories 1.0 « previous next »
Pages: [1] Reply Ignore Print
Author Topic: [Code 1.5.2] Lockdown Directories 1.0  (Read 1085 times)
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830


ICQ - 179721867unknownbrackets@hotmail.com WWW
[Code 1.5.2] Lockdown Directories 1.0
« on: May 11, 2003, 12:40:34 AM »		 Reply with quote
Only for use with YaBB SE, pfaBB, and YaPP.  Use with any other forum software or distribution is strictly prohibited.  (this includes ttForum/ttCMS.)

All this does, or should do, is chmod the folders and directories correctly according to the FAQ here:
http://www.yabbse.org/community/index.php?board=135;action=display;threadid=15904

Do note that this requires that PHP be *able* to do the chmod.  If you want to run this as a different user, you'll need shell access.... something like:

> ssh www.yourdomain.com -lyouruser
Password: (type it here...)
$ cd /home/yourdomain/public_html/yabbse
$ php -f chmod_fix.php
$ exit
> exit

Also note, I run Windows so I wasn't able to comprehensively test this....

Code Select
<?php

require('Settings.php');
require_once($sourcedir '/Subs.php');
require_once($sourcedir '/Errors.php');
require_once($sourcedir '/Load.php');
require_once($sourcedir '/Security.php');

$dbcon mysql_connect($db_server$db_user$db_passwd) or die(mysql_error());
mysql_select_db($db_name) or die(mysql_error());

$request mysql_query("
   SELECT variable, value
   FROM {$db_prefix}settings
   WHERE variable != 'agreement'") or database_error(__FILE____LINE__);
$modSettings = array();
while ($row mysql_fetch_row($request))
   $modSettings[$row[0]] = $row[1];
mysql_free_result($request);

LoadCookie();
LoadUserSettings();

if ($modSettings['userLanguage'] == && !empty($settings[23]))
   include_once($boarddir '/' $settings[23]);
else
   include_once($boarddir '/' $language);

is_admin();

RestrictFiles();

function RestrictFiles()
{
   global $boarddir$sourcedir$imagesdir$facesdir$modSettings$helpfile;

   // /
   chmod_dir($boarddir0755false);
   // /attachments
   chmod_dir($modSettings['attachmentUploadDir'], $modSettings['attachmentEnable'] == '1' 0777 0755);
   // /Sources
   chmod_dir($sourcedir0711);
   // /Packages
   chmod_dir($boarddir '/Packages'0755);
   // /YaBBImages/*.*
   chmod_dir($imagesdir0711);
   // /YaBBImages/avatars
   chmod($imagesdir '/avatars'0755);
   // /YaBBHelp/*.*
   chmod_dir(dirname($helpfile), 0711);

   // Now the files.....
   chmod($boarddir '/Settings.php'0644);
   chmod($boarddir '/Settings_bak.php'0644);
   chmod($boarddir '/template.php'0644);
}

function chmod_dir($dirname$setting$recurse true)
{
   @set_time_limit(30);

   // We need to read through it first.
   chmod($dirname0755);

   // Read through it..
   $dir dir($dirname);
   while ($entry $dir->read())
   {
      // Recurse on subdirectories.
      if (is_dir($dirname '/' $entry) && $recurse)
         chmod_dir($dirname '/' $entry$setting);
      // Just chmod the files restrictively.
      elseif (is_file($dirname '/' $entry))
         chmod($dirname '/' $entry0644);
   }

   // Properly chmod the directory.
   chmod($dirname$setting);
}

?>

-[Unknown]
Logged
Pages: [1] Reply Ignore Print 
YaBB SE Community  |  Development  |  Completed mods  |  [Code 1.5.2] Lockdown Directories 1.0 « previous - next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
© 2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.1.4 © 2023, Simple Machines
 Valid XHTML 1.0! Valid CSS

Page created in 0.030 seconds with 16 queries.