Prevent visitors from reading shaarli version

* fixes https://github.com/shaarli/Shaarli/issues/122 * the shaarli version is now in a php comment block, which prevents visitors from reading it when it is place on a PHP-enabled server, but still allows the update mechanism to read it from the source on github.
author: nodiscc <nodiscc@gmail.com> 2015-02-25 13:25:45 +0100
committer: nodiscc <nodiscc@gmail.com> 2015-02-25 13:25:45 +0100
commit: dbcad7406eedaeba259a6e1584ba3b0823115c8d (patch)
tree: 3a3078a99295182d810cf86b5fb62b9e3abe4279 /index.php
parent: 0c5746061e49fb857ce2c170ade8ad7dc594a405 (diff)
download: Shaarli-dbcad7406eedaeba259a6e1584ba3b0823115c8d.tar.gz
Shaarli-dbcad7406eedaeba259a6e1584ba3b0823115c8d.tar.zst
Shaarli-dbcad7406eedaeba259a6e1584ba3b0823115c8d.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/index.php b/index.php
index 9d4ce156..99c37652 100644
--- a/index.php
+++ b/index.php
@@ -184,8 +184,8 @@ function checkUpdate()
    if (!is_file($GLOBALS['config']['UPDATECHECK_FILENAME']) || (filemtime($GLOBALS['config']['UPDATECHECK_FILENAME'])<time()-($GLOBALS['config']['UPDATECHECK_INTERVAL'])))
    {
        $version=shaarli_version;
-        list($httpstatus,$headers,$data) = getHTTP('https://raw.githubusercontent.com/shaarli/Shaarli/master/shaarli_version.txt',2);
+        list($httpstatus,$headers,$data) = getHTTP('https://raw.githubusercontent.com/shaarli/Shaarli/master/shaarli_version.php',2);
-        if (strpos($httpstatus,'200 OK')!==false) $version=$data;
+        if (strpos($httpstatus,'200 OK')!==false) $version=str_replace(' */ ?>','',str_replace('<?php /* ','',$data));
        // If failed, never mind. We don't want to bother the user with that.
        file_put_contents($GLOBALS['config']['UPDATECHECK_FILENAME'],$version); // touch file date
    }
author	nodiscc <nodiscc@gmail.com>	2015-02-25 13:25:45 +0100
committer	nodiscc <nodiscc@gmail.com>	2015-02-25 13:25:45 +0100
commit	dbcad7406eedaeba259a6e1584ba3b0823115c8d (patch)
tree	3a3078a99295182d810cf86b5fb62b9e3abe4279 /index.php
parent	0c5746061e49fb857ce2c170ade8ad7dc594a405 (diff)
download	Shaarli-dbcad7406eedaeba259a6e1584ba3b0823115c8d.tar.gz Shaarli-dbcad7406eedaeba259a6e1584ba3b0823115c8d.tar.zst Shaarli-dbcad7406eedaeba259a6e1584ba3b0823115c8d.zip

diff --git a/index.php b/index.php index 9d4ce156..99c37652 100644 --- a/index.php +++ b/index.php
@@ -184,8 +184,8 @@ function checkUpdate()
184	if (!is_file($GLOBALS['config']['UPDATECHECK_FILENAME']) \|\| (filemtime($GLOBALS['config']['UPDATECHECK_FILENAME'])<time()-($GLOBALS['config']['UPDATECHECK_INTERVAL'])))	184	if (!is_file($GLOBALS['config']['UPDATECHECK_FILENAME']) \|\| (filemtime($GLOBALS['config']['UPDATECHECK_FILENAME'])<time()-($GLOBALS['config']['UPDATECHECK_INTERVAL'])))
185	{	185	{
186	$version=shaarli_version;	186	$version=shaarli_version;
187	list($httpstatus,$headers,$data) = getHTTP('https://raw.githubusercontent.com/shaarli/Shaarli/master/shaarli_version.txt',2);	187	list($httpstatus,$headers,$data) = getHTTP('https://raw.githubusercontent.com/shaarli/Shaarli/master/shaarli_version.php',2);
188	if (strpos($httpstatus,'200 OK')!==false) $version=$data;	188	if (strpos($httpstatus,'200 OK')!==false) $version=str_replace(' / ?>','',str_replace('<?php / ','',$data));
189	// If failed, never mind. We don't want to bother the user with that.	189	// If failed, never mind. We don't want to bother the user with that.
190	file_put_contents($GLOBALS['config']['UPDATECHECK_FILENAME'],$version); // touch file date	190	file_put_contents($GLOBALS['config']['UPDATECHECK_FILENAME'],$version); // touch file date
191	}	191	}