PEAK XOOPS - mainfile.php looks a bit different 
mainfile.php looks a bit different
- You cannot open a new topic into this forum
- Guests cannot post into this forum
Previous post
-
Next post
|
Parent
-
Children.1
|
Posted on 2005/2/20 23:12
powadha
Posts: 16
Posts: 16
After adding the lines as suggested everything works. I do have a slight difference in the file. It looks like:
I see the:
nowhere in any example, should I remove it or is this just something that is different in my installation?
Regards
define('XOOPS_DB_PCONNECT', 0);
define('XOOPS_GROUP_ADMIN', '1');
define('XOOPS_GROUP_USERS', '2');
define('XOOPS_GROUP_ANONYMOUS', '3');
include( XOOPS_ROOT_PATH . '/modules/protector/include/precheck.inc.php' ) ;
if (!isset($xoopsOption['nocommon']) && XOOPS_ROOT_PATH != '') {
include XOOPS_ROOT_PATH."/include/common.php";
}
include( XOOPS_ROOT_PATH . '/modules/protector/include/postcheck.inc.php' ) ;
}
?>I see the:
&& XOOPS_ROOT_PATH != '')nowhere in any example, should I remove it or is this just something that is different in my installation?
Regards
Votes:9
Average:6.67
tl
Posts: 84
Posts: 84
You must have copied and pasted codes and left the extra codes there.
It is likely coming from this line of codes:
Yes, you can safely delete the extra line.
It is likely coming from this line of codes:
if (!isset($xoopsOption['nocommon']) && XOOPS_ROOT_PATH != '') {Yes, you can safely delete the extra line.
&& XOOPS_ROOT_PATH != '' {
Votes:9
Average:4.44
GIJOE
Posts: 4110
Posts: 4110
hmmm... I've just seen it!
mainfile.php of newly installed from XOOPS 2.0.9.2 has this check.
Perhaps, this is a protection against accessing mainfile.dist.php directly.
Anyway, the difference is not so important about mainfile.php.
mainfile.php of newly installed from XOOPS 2.0.9.2 has this check.
Perhaps, this is a protection against accessing mainfile.dist.php directly.
Anyway, the difference is not so important about mainfile.php.
Votes:11
Average:3.64
Dave_L
From: Virginia, USA
Posts: 35
From: Virginia, USA
Posts: 35
That was the result of a suggestion I made.
XOOPS_ROOT_PATH used to have a default value that served as an example. The problem is that if that default value happened to be the path to an actual file on the server, and the file was writable by "others", it could be possible for someone to inject a trojan. That's not really very likely, but that could be said about many security exploits.
I discussed that with Mithrandir, and the outcome was to default XOOPS_ROOT_PATH to an empty string, with an example provided in the comments.
He added the check XOOPS_ROOT_PATH != "" to make sure that an actual value was provided during installation.
These changes also prevent the occurence of an error message that reveals an actual file system path:
Quote:
XOOPS_ROOT_PATH used to have a default value that served as an example. The problem is that if that default value happened to be the path to an actual file on the server, and the file was writable by "others", it could be possible for someone to inject a trojan. That's not really very likely, but that could be said about many security exploits.
I discussed that with Mithrandir, and the outcome was to default XOOPS_ROOT_PATH to an empty string, with an example provided in the comments.
He added the check XOOPS_ROOT_PATH != "" to make sure that an actual value was provided during installation.
These changes also prevent the occurence of an error message that reveals an actual file system path:
Quote:
Warning: main(/path/to/xoops/directory/include/common.php): failed to open stream: No such file or directory in /home/xoops/public_html/mainfile.dist.php on line 93
Votes:12
Average:5.83
GIJOE
Posts: 4110
Posts: 4110
Thank you for detailed explanation.
Certainly, the check has some meanings.
I've just told it to ORETEKI maintainer.
Certainly, the check has some meanings.
I've just told it to ORETEKI maintainer.
Votes:10
Average:3.00
Previous post
-
Next post
|
Parent
-
No child
|
Posted on 2005/4/23 19:16
powadha
Posts: 16
Posts: 16
Thanx guys, cleared it up for me!
Votes:11
Average:6.36
Login