fix possible exploit

author jimmacfx <jimmacfx@4fa712ea-3c06-0410-9261-c11b4c06c003>

Mon, 14 May 2007 10:31:23 +0000 (10:31 +0000)

committer jimmacfx <jimmacfx@4fa712ea-3c06-0410-9261-c11b4c06c003>

Mon, 14 May 2007 10:31:23 +0000 (10:31 +0000)
author jimmacfx <jimmacfx@4fa712ea-3c06-0410-9261-c11b4c06c003>
Mon, 14 May 2007 10:31:23 +0000 (10:31 +0000)
committer jimmacfx <jimmacfx@4fa712ea-3c06-0410-9261-c11b4c06c003>
Mon, 14 May 2007 10:31:23 +0000 (10:31 +0000)
diff --git a/www/inc/config.inc.php b/www/inc/config.inc.php

index 9bb611f6e7ce67bd532f735611ee236abb44e86b..8ea321107afe415ec012b2f1991ff8d1ac362ad6 100644 (file)
--- a/www/inc/config.inc.php
+++ b/www/inc/config.inc.php
@@ -1,12 +1,6 @@
  <?php
  #base dirname
-   //dirname("__FILE__/..")
-       $ThisScript=preg_replace('/\?.*$/', '', $_SERVER['REQUEST_URI']);
-       $ScriptFileName=$_SERVER['SCRIPT_FILENAME'];
-       $HostName=$_SERVER['SERVER_NAME']; 
-       $ThisUrl = $_SERVER['REQUEST_URI'];
-  eregi("^(.*)/[^/]*$", $ScriptFileName, $x);
-  $root = $x[1];
+  $root = dirname(__FILE__);
  # ===========================================================================
  # dir index
          $sortinmonth = 0;// 1 - alphabetically
@@ -96,7 +90,7 @@ $scnamegallery = "Photo Gallery Index";
  ## Gallery Directory
  # This is a path relative to the directory where original is installed
  # eg. it can be "../galleries" to use a galleries dir above the original dir.
-  $gallery_dir="../galleries";
+  $gallery_dir="galleries";
  
  #Enable this to access extended tracking functionality
  #depends on sqlite
author	jimmacfx <jimmacfx@4fa712ea-3c06-0410-9261-c11b4c06c003>
	Mon, 14 May 2007 10:31:23 +0000 (10:31 +0000)
committer	jimmacfx <jimmacfx@4fa712ea-3c06-0410-9261-c11b4c06c003>
	Mon, 14 May 2007 10:31:23 +0000 (10:31 +0000)