From 5c5ed6db491dfe88d18b2cbb278db46c849bb461 Mon Sep 17 00:00:00 2001 From: Tim Otten Date: Wed, 24 Feb 2021 21:01:26 -0800 Subject: [PATCH] (security/core#97) PHP CLI guard is the opposite of correct --- sql/GenerateData.php | 2 +- sql/GenerateGroups.php | 2 +- sql/GenerateMailing.php | 2 +- sql/GenerateReportData.php | 2 +- tools/bin/scripts/NormalizePhone.php | 2 +- tools/bin/scripts/ckeditorConfigScraper.php | 2 +- tools/bin/scripts/set-version.php | 2 +- tools/bin/scripts/testProcess.php | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/sql/GenerateData.php b/sql/GenerateData.php index fe7b5b511d..40dca615a1 100644 --- a/sql/GenerateData.php +++ b/sql/GenerateData.php @@ -69,7 +69,7 @@ * */ -if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) { +if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) { header("HTTP/1.0 404 Not Found"); return; } diff --git a/sql/GenerateGroups.php b/sql/GenerateGroups.php index 704b924f86..18381428ea 100644 --- a/sql/GenerateGroups.php +++ b/sql/GenerateGroups.php @@ -14,7 +14,7 @@ * @package CRM * @copyright CiviCRM LLC https://civicrm.org/licensing */ -if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) { +if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) { header("HTTP/1.0 404 Not Found"); return; } diff --git a/sql/GenerateMailing.php b/sql/GenerateMailing.php index c70e51772d..1ea8e744e8 100644 --- a/sql/GenerateMailing.php +++ b/sql/GenerateMailing.php @@ -14,7 +14,7 @@ * @package CRM * @copyright CiviCRM LLC https://civicrm.org/licensing */ -if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) { +if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) { header("HTTP/1.0 404 Not Found"); return; diff --git a/sql/GenerateReportData.php b/sql/GenerateReportData.php index dee5d43e4a..bfb77ad0b3 100644 --- a/sql/GenerateReportData.php +++ b/sql/GenerateReportData.php @@ -76,7 +76,7 @@ * php versions. * @todo look to remove this file completely. */ -if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) { +if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) { header("HTTP/1.0 404 Not Found"); return; } diff --git a/tools/bin/scripts/NormalizePhone.php b/tools/bin/scripts/NormalizePhone.php index 35a6526f09..18e4e9d872 100644 --- a/tools/bin/scripts/NormalizePhone.php +++ b/tools/bin/scripts/NormalizePhone.php @@ -16,7 +16,7 @@ * issues * */ -if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) { +if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) { header("HTTP/1.0 404 Not Found"); return; } diff --git a/tools/bin/scripts/ckeditorConfigScraper.php b/tools/bin/scripts/ckeditorConfigScraper.php index d98366e9d7..3486200238 100644 --- a/tools/bin/scripts/ckeditorConfigScraper.php +++ b/tools/bin/scripts/ckeditorConfigScraper.php @@ -1,5 +1,5 @@ 0)) { +if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) { header("HTTP/1.0 404 Not Found"); return; } diff --git a/tools/bin/scripts/set-version.php b/tools/bin/scripts/set-version.php index c95606d019..10220baf2a 100755 --- a/tools/bin/scripts/set-version.php +++ b/tools/bin/scripts/set-version.php @@ -10,7 +10,7 @@ /* *********************************************************************** */ /* Boot */ -if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)) { +if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) { header("HTTP/1.0 404 Not Found"); return; } diff --git a/tools/bin/scripts/testProcess.php b/tools/bin/scripts/testProcess.php index fc8e19a07e..a9238fc9a8 100644 --- a/tools/bin/scripts/testProcess.php +++ b/tools/bin/scripts/testProcess.php @@ -1,5 +1,5 @@ 0)) { +if (!(php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) { header("HTTP/1.0 404 Not Found"); return; } -- 2.25.1