I really recommend people who are using Apache to implement
following htaccess rules:
# Restrict direct access to script file types and templates
Deny from all
In this case index-ajax.php was in root and made me vulnerable, but this removes direct access to all php files in assets folder.
"Some multiTV options will not work with that. But I will try to add a .htaccess in the multiTV folder."--Jako
[ed. note: mrhaw last edited this post 5 years, 4 months ago.]
When upgrading AjaxSearch to this version on MODX 1.0.10, I encounter this issue:
Fatal error: Call to undefined method DBAPI::freeResult() in PATH\TO\MODX\assets\snippets\ajaxSearch\classes\ajaxSearchRequest.class.inc.php on line 69
Strange... Is this method applied to a more recent MODX version?