Closed danielmarschall closed 1 year ago
Joomla does this:
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
see https://github.com/joomla/joomla-cms/blob/4.2-dev/components/com_contact/src/Model/FeaturedModel.php
TODO:
Add INSIDE_OIDPLUS
in oidplus.inc.php again (Positive side effect: This makes old versions of 3p-plugins work again https://github.com/tushev/uitweaks-oidplus-plugin/blob/main/plugins/tushevorg/publicPages/2000_uitweaks/OIDplusPagePublicUITweaks.class.php#L27 )
Add following line to all *.class.php files (also all 3rd party plugins).
// phpcs:disable PSR1.Files.SideEffects
\defined('INSIDE_OIDPLUS') or die;
// phpcs:enable PSR1.Files.SideEffects
Fixed in SVN Rev 1086
Example:
https://..../oidplus/plugins/viathinksoft/auth/A1_phpgeneric_salted_hex/OIDplusAuthPluginPhpGenericSaltedHex.class.php
If PHP outputs errors, the path of the serverfile will be shown => Security risk
In any case, the server error log gets filled with errors.
We probably need to go back to the old behavior of adding a constant "INSIDE_OIDPLUS" and checking if this constant exists??