Add a temporary fix to handle security problem of fckeditor; disabling

file upload functions.

Bump PKGREVISION.

3 files changed, 38 insertions, 3 deletions

diff --git a/www/geeklog/Makefile b/www/geeklog/Makefile
index 2fe3d72a8d9..4262cc6dbf0 100644
--- a/www/geeklog/Makefile
+++ b/www/geeklog/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.4 2006/06/18 08:34:05 taca Exp $
+# $NetBSD: Makefile,v 1.5 2006/06/30 17:16:27 taca Exp $
 #
 
 DISTNAME=	geeklog-${VER}
 PKGNAME=	geeklog-${VER:S/sr/./}
-PKGREVISION=	1
+PKGREVISION=	2
 CATEGORIES=	www
 MASTER_SITES=	http://www.geeklog.net/filemgmt/upload_dir/
 
diff --git a/www/geeklog/distinfo b/www/geeklog/distinfo
index 4a0b2954976..67ea2af42bf 100644
--- a/www/geeklog/distinfo
+++ b/www/geeklog/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.1.1.1 2006/06/15 13:26:42 taca Exp $
+$NetBSD: distinfo,v 1.2 2006/06/30 17:16:27 taca Exp $
 
 SHA1 (geeklog-1.4.0sr3.tar.gz) = e2d2fd41285c0cdad1e09cc935bcdb200179846f
 RMD160 (geeklog-1.4.0sr3.tar.gz) = 70d6b625d61fe954626a29a4860d4a59ce155391
@@ -9,3 +9,4 @@ SHA1 (patch-ac) = a976a962b28a2c40db4d0ef78d4f8472d1ece5ef
 SHA1 (patch-ad) = 674392480791cd99e21982ff61b81257d4e2e765
 SHA1 (patch-ae) = b7e533ff938f192ac08938cff6615ece9e37bd2f
 SHA1 (patch-af) = 2976c0bdb5f892521172a7e4d2e44a66ab386ef5
+SHA1 (patch-ag) = 176a1c279d9cf002dcf01abdce396a95c414dee7
diff --git a/www/geeklog/patches/patch-ag b/www/geeklog/patches/patch-ag
new file mode 100644
index 00000000000..bed50038dc4
--- /dev/null
+++ b/www/geeklog/patches/patch-ag
@@ -0,0 +1,34 @@
+$NetBSD: patch-ag,v 1.1 2006/06/30 17:16:27 taca Exp $
+
+Give first aid to file uploader security problem.
+
+--- public_html/fckeditor/fckconfig.js.orig	2006-05-28 18:41:40.000000000 +0900
++++ public_html/fckeditor/fckconfig.js
+@@ -160,17 +160,17 @@ FCKConfig.ImageDlgHideAdvanced    = fals
+ 
+ FCKConfig.FlashDlgHideAdvanced    = false ;
+ 
+-FCKConfig.LinkBrowser = true ;
++FCKConfig.LinkBrowser = false ;
+ FCKConfig.LinkBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Connector=connectors/php/connector.php' ;
+ FCKConfig.LinkBrowserWindowWidth    = screen.width * 0.7 ;    // 70%
+ FCKConfig.LinkBrowserWindowHeight    = screen.height * 0.7 ;    // 70%
+ 
+-FCKConfig.ImageBrowser = true ;
++FCKConfig.ImageBrowser = false ;
+ FCKConfig.ImageBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Type=Image&Connector=connectors/php/connector.php' ;
+ FCKConfig.ImageBrowserWindowWidth  = screen.width * 0.7 ;    // 70% ;
+ FCKConfig.ImageBrowserWindowHeight = screen.height * 0.7 ;    // 70% ;
+ 
+-FCKConfig.FlashBrowser = true ;
++FCKConfig.FlashBrowser = false ;
+ FCKConfig.FlashBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Type=Flash&Connector=connectors/php/connector.php' ;
+ FCKConfig.FlashBrowserWindowWidth  = screen.width * 0.7 ;    //70% ;
+ FCKConfig.FlashBrowserWindowHeight = screen.height * 0.7 ;    //70% ;
+@@ -198,4 +198,4 @@ FCKConfig.SmileyColumns = 8 ;
+ FCKConfig.SmileyWindowWidth        = 320 ;
+ FCKConfig.SmileyWindowHeight    = 240 ;
+ 
+-if( window.console ) window.console.log( 'Config is loaded!' ) ;    // @Packager.Compactor.RemoveLine
+\ No newline at end of file
++if( window.console ) window.console.log( 'Config is loaded!' ) ;    // @Packager.Compactor.RemoveLine