aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authornodiscc <nodiscc@gmail.com>2014-12-16 19:26:11 +0100
committernodiscc <nodiscc@gmail.com>2014-12-16 19:26:11 +0100
commit712501812b6f927b048b9d7f767cb15a370b3c81 (patch)
treefd21a6fbb6acc767f7c20fdfd9f25cc35335360d
parent038acd3a7f5f8e4e9ef665b9bbd0971dc37bde33 (diff)
parent509762236b4074bc7f1d344c5436fe8983db60dc (diff)
downloadShaarli-712501812b6f927b048b9d7f767cb15a370b3c81.tar.gz
Shaarli-712501812b6f927b048b9d7f767cb15a370b3c81.tar.zst
Shaarli-712501812b6f927b048b9d7f767cb15a370b3c81.zip
Merge pull request #81 from nodiscc/prevent-disclosure
Prevent full path and PHP version disclosures
-rw-r--r--index.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/index.php b/index.php
index 38958a79..4bbd902f 100644
--- a/index.php
+++ b/index.php
@@ -89,7 +89,7 @@ header("Cache-Control: post-check=0, pre-check=0", false);
89header("Pragma: no-cache"); 89header("Pragma: no-cache");
90 90
91// Directories creations (Note that your web host may require different rights than 705.) 91// Directories creations (Note that your web host may require different rights than 705.)
92if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory ('.realpath(dirname(__FILE__)).').</pre>'); 92if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory.').</pre>');
93 93
94// Handling of old config file which do not have the new parameters. 94// Handling of old config file which do not have the new parameters.
95if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl()); 95if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl());
@@ -118,7 +118,7 @@ function checkphpversion()
118 if (version_compare(PHP_VERSION, '5.1.0') < 0) 118 if (version_compare(PHP_VERSION, '5.1.0') < 0)
119 { 119 {
120 header('Content-Type: text/plain; charset=utf-8'); 120 header('Content-Type: text/plain; charset=utf-8');
121 echo 'Your server supports PHP '.PHP_VERSION.'. Shaarli requires at least php 5.1.0, and thus cannot run. Sorry.'; 121 echo 'Your PHP version is obsolete! Shaarli requires at least php 5.1.0, and thus cannot run. Sorry. Your PHP version has known security vulnerabilities and should be updated as soon as possible.';
122 exit; 122 exit;
123 } 123 }
124} 124}