(security/core#97) PHP CLI guard is the opposite of correct

author Tim Otten <totten@civicrm.org>

Thu, 25 Feb 2021 05:01:26 +0000 (21:01 -0800)

committer Seamus Lee <seamuslee001@gmail.com>

Wed, 17 Mar 2021 21:51:44 +0000 (08:51 +1100)
author Tim Otten <totten@civicrm.org>
Thu, 25 Feb 2021 05:01:26 +0000 (21:01 -0800)
committer Seamus Lee <seamuslee001@gmail.com>
Wed, 17 Mar 2021 21:51:44 +0000 (08:51 +1100)
diff --git a/sql/GenerateData.php b/sql/GenerateData.php

index fe7b5b511d7f8963a456ae4fe5af4a6937b9b7ab..40dca615a15c95dd4be554118078f8350b5b619d 100644 (file)
--- a/sql/GenerateData.php
+++ b/sql/GenerateData.php
@@ -69,7 +69,7 @@
   *
   */
  
-if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) {
+if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    header("HTTP/1.0 404 Not Found");
    return;
  }
diff --git a/sql/GenerateGroups.php b/sql/GenerateGroups.php

index 704b924f8660919d2ed99005cd11278bedf0741f..18381428ea9132eaab2d375abdca02dde137c171 100644 (file)
--- a/sql/GenerateGroups.php
+++ b/sql/GenerateGroups.php
@@ -14,7 +14,7 @@
   * @package CRM
   * @copyright CiviCRM LLC https://civicrm.org/licensing
   */
-if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) {
+if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    header("HTTP/1.0 404 Not Found");
    return;
  }
diff --git a/sql/GenerateMailing.php b/sql/GenerateMailing.php

index c70e51772d6232e47a18faecca6904f1202a96e6..1ea8e744e8d04b977eb6631dc3343d4a004f7217 100644 (file)
--- a/sql/GenerateMailing.php
+++ b/sql/GenerateMailing.php
@@ -14,7 +14,7 @@
   * @package CRM
   * @copyright CiviCRM LLC https://civicrm.org/licensing
   */
-if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) {
+if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    header("HTTP/1.0 404 Not Found");
  
    return;
diff --git a/sql/GenerateReportData.php b/sql/GenerateReportData.php

index dee5d43e4af31801b753fb054b3ba9ca707c0a86..bfb77ad0b35447e09aa7491965126f0c06f68bcc 100644 (file)
--- a/sql/GenerateReportData.php
+++ b/sql/GenerateReportData.php
@@ -76,7 +76,7 @@
   * php versions.
   * @todo look to remove this file completely.
   */
-if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) {
+if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    header("HTTP/1.0 404 Not Found");
    return;
  }
diff --git a/tools/bin/scripts/NormalizePhone.php b/tools/bin/scripts/NormalizePhone.php

index 35a6526f09ad39308ae68efe58eab296f58cd2a6..18e4e9d87292d2a2a8c449930209bc3227627029 100644 (file)
--- a/tools/bin/scripts/NormalizePhone.php
+++ b/tools/bin/scripts/NormalizePhone.php
@@ -16,7 +16,7 @@
   * issues
   *
   */
-if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) {
+if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    header("HTTP/1.0 404 Not Found");
    return;
  }
diff --git a/tools/bin/scripts/ckeditorConfigScraper.php b/tools/bin/scripts/ckeditorConfigScraper.php

index d98366e9d71ed486b03f86a58b3e0284b71287c9..348620023887da6bb3cec622c6671245e2378eb5 100644 (file)
--- a/tools/bin/scripts/ckeditorConfigScraper.php
+++ b/tools/bin/scripts/ckeditorConfigScraper.php
@@ -1,5 +1,5 @@
  <?php
-if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) {
+if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    header("HTTP/1.0 404 Not Found");
    return;
  }
diff --git a/tools/bin/scripts/set-version.php b/tools/bin/scripts/set-version.php

index c95606d01928d2579100405bde5314db76d6e499..10220baf2a6dd2f54cbd77998c321af18f7c72d7 100755 (executable)
--- a/tools/bin/scripts/set-version.php
+++ b/tools/bin/scripts/set-version.php
@@ -10,7 +10,7 @@
  
  /* *********************************************************************** */
  /* Boot */
-if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) {
+if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    header("HTTP/1.0 404 Not Found");
    return;
  }
diff --git a/tools/bin/scripts/testProcess.php b/tools/bin/scripts/testProcess.php

index fc8e19a07e23406a33a4e13dfbe109076da90705..a9238fc9a8a64b62ccf56229757b3f5d9fa2191b 100644 (file)
--- a/tools/bin/scripts/testProcess.php
+++ b/tools/bin/scripts/testProcess.php
@@ -1,5 +1,5 @@
  <?php
-if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) {
+if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    header("HTTP/1.0 404 Not Found");
    return;
  }
author	Tim Otten <totten@civicrm.org>
	Thu, 25 Feb 2021 05:01:26 +0000 (21:01 -0800)
committer	Seamus Lee <seamuslee001@gmail.com>
	Wed, 17 Mar 2021 21:51:44 +0000 (08:51 +1100)
sql/GenerateData.php		patch \| blob \| blame \| history
sql/GenerateGroups.php		patch \| blob \| blame \| history
sql/GenerateMailing.php		patch \| blob \| blame \| history
sql/GenerateReportData.php		patch \| blob \| blame \| history
tools/bin/scripts/NormalizePhone.php		patch \| blob \| blame \| history
tools/bin/scripts/ckeditorConfigScraper.php		patch \| blob \| blame \| history
tools/bin/scripts/set-version.php		patch \| blob \| blame \| history
tools/bin/scripts/testProcess.php		patch \| blob \| blame \| history