[Openfirst-cvscommit] base/config index.php,1.8,1.9
Brought to you by:
xtimg
Menu
▾
▴
[Openfirst-cvscommit] base/config index.php,1.8,1.9
|
From: Tim G. <xt...@us...> - 2004-04-09 18:14:05
|
Update of /cvsroot/openfirst/base/config In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11624 Modified Files: index.php Log Message: Add security warnings if an insecure setup is detected. Index: index.php =================================================================== RCS file: /cvsroot/openfirst/base/config/index.php,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** index.php 5 Apr 2004 10:34:26 -0000 1.8 --- index.php 9 Apr 2004 18:00:43 -0000 1.9 *************** *** 40,43 **** --- 40,51 ---- </table> + <?php + if(is_writable("./globals.php") && file_exists("./first.php")) { + echo("<p><strong>Warning: </strong> Your globals.php file is writable by the web user. Also, first.php is still in existance. After you have setup the openFIRST web portal system, it is safe to remove first.php. Removing first.php prevents the accidental reset of configuration information and prevents external users from altering your configuration. For maximal security, you should also change the filesystem permissions so that globals.php is not writable by the web user."); + } elseif(is_writable("./globals.php")) { + echo("<p><strong>Warning: </strong> Your globals.php file is writable by the web user. For maximal security, you should change the filesystem permissions to correct this.</p>"); + } + ?> + <table> <tr> |
