diff --git a/livesupport/modules/storageServer/var/install/install.php b/livesupport/modules/storageServer/var/install/install.php index f538d2168..cb0de1617 100644 --- a/livesupport/modules/storageServer/var/install/install.php +++ b/livesupport/modules/storageServer/var/install/install.php @@ -23,10 +23,19 @@ Author : $Author: tomas $ - Version : $Revision: 1.11 $ + Version : $Revision: 1.12 $ Location : $Source: /home/paul/cvs2svn-livesupport/newcvsrepo/livesupport/modules/storageServer/var/install/install.php,v $ ------------------------------------------------------------------------------*/ +// no remote execution +$arr = array_diff_assoc($_SERVER, $_ENV); +if($arr["DOCUMENT_ROOT"] != ""){ + header("HTTP/1.1 400"); + header("Content-type: text/plain; charset=UTF-8"); + echo "400 Not executable\r\n"; + exit; +} + require_once '../conf.php'; require_once 'DB.php'; require_once '../GreenBox.php'; diff --git a/livesupport/modules/storageServer/var/install/uninstall.php b/livesupport/modules/storageServer/var/install/uninstall.php index 1e08260c2..296525617 100644 --- a/livesupport/modules/storageServer/var/install/uninstall.php +++ b/livesupport/modules/storageServer/var/install/uninstall.php @@ -23,10 +23,19 @@ Author : $Author: tomas $ - Version : $Revision: 1.9 $ + Version : $Revision: 1.10 $ Location : $Source: /home/paul/cvs2svn-livesupport/newcvsrepo/livesupport/modules/storageServer/var/install/uninstall.php,v $ ------------------------------------------------------------------------------*/ +// no remote execution +$arr = array_diff_assoc($_SERVER, $_ENV); +if($arr["DOCUMENT_ROOT"] != ""){ + header("HTTP/1.1 400"); + header("Content-type: text/plain; charset=UTF-8"); + echo "400 Not executable\r\n"; + exit; +} + require_once '../conf.php'; require_once 'DB.php'; require_once '../GreenBox.php';