diff options
-rw-r--r-- | sanity_check.php | 7 | ||||
-rw-r--r-- | utils/xml-export.php (renamed from xml-export.php) | 0 | ||||
-rw-r--r-- | utils/xml-import.php (renamed from xml-import.php) | 0 |
3 files changed, 7 insertions, 0 deletions
diff --git a/sanity_check.php b/sanity_check.php index 322aa9bf1..21fc08199 100644 --- a/sanity_check.php +++ b/sanity_check.php @@ -12,4 +12,11 @@ subdirectory of TT-RSS tree."; exit; } + + if (file_exists("xml-export.php") || file_exists("xml-import.php")) { + print "<b>Fatal Error</b>: XML Import/Export tools (<b>xml-export.php</b> + and <b>xml-import.php</b>) could be used maliciously. Please remove them + from your TT-RSS instance."; + exit; + } ?> diff --git a/xml-export.php b/utils/xml-export.php index 620331fba..620331fba 100644 --- a/xml-export.php +++ b/utils/xml-export.php diff --git a/xml-import.php b/utils/xml-import.php index 6cae60e0d..6cae60e0d 100644 --- a/xml-import.php +++ b/utils/xml-import.php |