安全补丁 2008.07.10

[hnyilee]

在 admin/inculdes 下放一个apache的access control file
#cat admin/inculdes/.htaccess
文件内容如下:
# This is used with Apache WebServers
# The following blocks direct HTTP requests in this directory recursively
#
# This does not affect PHP includes/require functions
#
# Example: direct access to http://server/admin/includes/application_top.php will not work with the following installed

<Files *.php>
Order Deny,Allow
Deny from all
Allow from localhost
</Files>

前提是apache 配置文件里AllowOverride 不能设置为None

[davidden]

我看了一下，好像文件里已经都有了这个代码了

[luweijie]

我把JACK给的代码插入到admin/includes/languages/english.php这个文件中（这个文件之前是schinese.php,我装的是1.38的中文版，我想做成中文后台英文前台,就把这个schinese.php文件的名称改成english.php),之后就在后台首页顶部出现如下信息：Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\zen-cart\admin\includes\languages\english.php:1) in C:\xampp\htdocs\zen-cart\admin\includes\init_includes\init_templates.php on line 36
请问大家遇到过这样的情况吗？知道的请告知怎么解决，先谢谢了！