diff options
author | nodiscc <nodiscc@gmail.com> | 2014-12-16 19:26:11 +0100 |
---|---|---|
committer | nodiscc <nodiscc@gmail.com> | 2014-12-16 19:26:11 +0100 |
commit | 712501812b6f927b048b9d7f767cb15a370b3c81 (patch) | |
tree | fd21a6fbb6acc767f7c20fdfd9f25cc35335360d /index.php | |
parent | 038acd3a7f5f8e4e9ef665b9bbd0971dc37bde33 (diff) | |
parent | 509762236b4074bc7f1d344c5436fe8983db60dc (diff) | |
download | Shaarli-712501812b6f927b048b9d7f767cb15a370b3c81.tar.gz Shaarli-712501812b6f927b048b9d7f767cb15a370b3c81.tar.zst Shaarli-712501812b6f927b048b9d7f767cb15a370b3c81.zip |
Merge pull request #81 from nodiscc/prevent-disclosure
Prevent full path and PHP version disclosures
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -89,7 +89,7 @@ header("Cache-Control: post-check=0, pre-check=0", false); | |||
89 | header("Pragma: no-cache"); | 89 | header("Pragma: no-cache"); |
90 | 90 | ||
91 | // Directories creations (Note that your web host may require different rights than 705.) | 91 | // Directories creations (Note that your web host may require different rights than 705.) |
92 | if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory ('.realpath(dirname(__FILE__)).').</pre>'); | 92 | if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory.').</pre>'); |
93 | 93 | ||
94 | // Handling of old config file which do not have the new parameters. | 94 | // Handling of old config file which do not have the new parameters. |
95 | if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl()); | 95 | if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl()); |
@@ -118,7 +118,7 @@ function checkphpversion() | |||
118 | if (version_compare(PHP_VERSION, '5.1.0') < 0) | 118 | if (version_compare(PHP_VERSION, '5.1.0') < 0) |
119 | { | 119 | { |
120 | header('Content-Type: text/plain; charset=utf-8'); | 120 | header('Content-Type: text/plain; charset=utf-8'); |
121 | echo 'Your server supports PHP '.PHP_VERSION.'. Shaarli requires at least php 5.1.0, and thus cannot run. Sorry.'; | 121 | echo 'Your PHP version is obsolete! Shaarli requires at least php 5.1.0, and thus cannot run. Sorry. Your PHP version has known security vulnerabilities and should be updated as soon as possible.'; |
122 | exit; | 122 | exit; |
123 | } | 123 | } |
124 | } | 124 | } |