Merge pull request #81 from nodiscc/prevent-disclosure
Prevent full path and PHP version disclosures
This commit is contained in:
commit
712501812b
1 changed files with 2 additions and 2 deletions
|
@ -89,7 +89,7 @@ function stripslashes_deep($value) { $value = is_array($value) ? array_map('stri
|
||||||
header("Pragma: no-cache");
|
header("Pragma: no-cache");
|
||||||
|
|
||||||
// Directories creations (Note that your web host may require different rights than 705.)
|
// Directories creations (Note that your web host may require different rights than 705.)
|
||||||
if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory ('.realpath(dirname(__FILE__)).').</pre>');
|
if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory.').</pre>');
|
||||||
|
|
||||||
// Handling of old config file which do not have the new parameters.
|
// Handling of old config file which do not have the new parameters.
|
||||||
if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl());
|
if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl());
|
||||||
|
@ -118,7 +118,7 @@ function checkphpversion()
|
||||||
if (version_compare(PHP_VERSION, '5.1.0') < 0)
|
if (version_compare(PHP_VERSION, '5.1.0') < 0)
|
||||||
{
|
{
|
||||||
header('Content-Type: text/plain; charset=utf-8');
|
header('Content-Type: text/plain; charset=utf-8');
|
||||||
echo 'Your server supports PHP '.PHP_VERSION.'. Shaarli requires at least php 5.1.0, and thus cannot run. Sorry.';
|
echo 'Your PHP version is obsolete! Shaarli requires at least php 5.1.0, and thus cannot run. Sorry. Your PHP version has known security vulnerabilities and should be updated as soon as possible.';
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue