# Valid web server entry point, enable includes
define( 'MEDIAWIKI', true );
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+ die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
require_once( 'includes/Defines.php' );
require_once( './LocalSettings.php' );
require_once( 'includes/Setup.php' );
unset( $IP );
@ini_set( 'allow_url_fopen', 0 ); # For security...
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+ die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
# Valid web server entry point, enable includes.
# Please don't move this line to includes/Defines.php. This line essentially defines
# a valid entry point. If you put it in includes/Defines.php, then any script that includes
$wgDBadminuser = $wgDBadminpassword = $wgDBserver = $wgDBname = $wgEnableProfileInfo = false;
define("MEDIAWIKI", 1);
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+ print $GLOBALS;
+ die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
require_once("./includes/Defines.php");
require_once("./LocalSettings.php");
unset( $IP );
$wgCommandLineMode = false;
define( 'MEDIAWIKI', true );
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+ die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
require_once( './includes/Defines.php' );
require_once( './LocalSettings.php' );
define( 'MEDIAWIKI', true );
unset( $IP );
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+ die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
$wgNoOutputBuffer = true;
require_once( './includes/Defines.php' );
unset($IP);
define('MEDIAWIKI', true);
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+ die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
require_once('./includes/Defines.php');
if (!file_exists('LocalSettings.php'))