[Pkg-owncloud-commits] [owncloud] 60/73: Show a warning in the installer if .htaccess is not working
David Prévot
taffit at alioth.debian.org
Fri Nov 8 23:09:12 UTC 2013
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to annotated tag v4.0.10
in repository owncloud.
commit 4a1f1a49a0fdad2f95b09c9c3c352fe3c74c9542
Author: Lukas Reschke <lukas at statuscode.ch>
Date: Mon Oct 15 23:25:10 2012 +0200
Show a warning in the installer if .htaccess is not working
---
core/templates/installation.php | 6 ++++++
lib/setup.php | 7 +++++++
2 files changed, 13 insertions(+)
diff --git a/core/templates/installation.php b/core/templates/installation.php
index e27b31b..98eede3 100644
--- a/core/templates/installation.php
+++ b/core/templates/installation.php
@@ -25,6 +25,12 @@
<span><?php echo $l->t('Without a secure random number generator an attacker may be able to predict password reset tokens and take over your account.');?></span>
</fieldset>
<?php endif; ?>
+ <?php if(!$_['htaccessWorking']): ?>
+ <fieldset style="color: #B94A48; background-color: #F2DEDE; border-color: #EED3D7;">
+ <legend><strong><?php echo $l->t('Security Warning');?></strong></legend>
+ <span><?php echo $l->t('Your data directory and your files are probably accessible from the internet. The .htaccess file that ownCloud provides is not working. We strongly suggest that you configure your webserver in a way that the data directory is no longer accessible or you move the data directory outside the webserver document root.');?></span>
+ </fieldset>
+ <?php endif; ?>
<fieldset>
<legend><?php echo $l->t( 'Create an <strong>admin account</strong>' ); ?></legend>
<p class="infield">
diff --git a/lib/setup.php b/lib/setup.php
index 8d80e9d..44fa47a 100644
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -5,12 +5,19 @@ $hasMySQL = is_callable('mysql_connect');
$hasPostgreSQL = is_callable('pg_connect');
$datadir = OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data');
+// Test if .htaccess is working
+$content = "<Directory /data>\n";
+$content.= "Deny from All\n";
+$content.= "</Directory>";
+file_put_contents(OC::$SERVERROOT.'/data/.htaccess', $content);
+
$opts = array(
'hasSQLite' => $hasSQLite,
'hasMySQL' => $hasMySQL,
'hasPostgreSQL' => $hasPostgreSQL,
'directory' => $datadir,
'secureRNG' => OC_Util::secureRNG_available(),
+ 'htaccessWorking' => OC_Util::ishtaccessworking(),
'errors' => array(),
);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list