hi tl.
Quote:
tl wrotes:
Well, if people have been reminded constantly by Xoops Admin and don't even bother to remove the install directory, they may deserve to be attacked and not worthy of Protector protection?
I know several XOOPS sites with '_install' directory.
Attackers can know the sites informations easily via accessing XOOPS_URL/_install/index.php
Of course, there are too many patterns of renaming by users.
(install_, install.bak etc.)
admin.php cannot search all patterns.
Just adding a line checking whether '_INSTALL_CHARSET' is defined or not makes all patterns safe.
(The line is enough light to be ignored)
Thus, I've judged this is worthy code for Protector.