moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-04 16:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-15716 Tightened dataroot security checks and and 'loud' administrator warning

Browse source
This commit is contained in:
skodak 2008-08-21 15:29:42 +00:00
parent bd2bf45169
commit bba0beaee2
9 changed files with 142 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

15
admin/index.php
View file

@ -538,6 +538,12 @@
}
}
/// setup critical warnings before printing admin tree block
$insecuredataroot = is_dataroot_insecure(true);
$register_globals_enabled = ini_get_bool('register_globals');
$SESSION->admin_critical_warning = ($register_globals_enabled || $insecuredataroot==INSECURE_DATAROOT_ERROR);
$adminroot =& admin_get_root();
/// Check if there are any new admin settings which have still yet to be set
@ -562,12 +568,15 @@
print_box(get_string("upgrade$CFG->upgrade", "admin", "$CFG->wwwroot/$CFG->admin/upgrade$CFG->upgrade.php"));
}
if (ini_get_bool('register_globals')) {
print_box(get_string('globalswarning', 'admin'), 'generalbox adminwarning');
if ($register_globals_enabled) {
print_box(get_string('globalswarning', 'admin'), 'generalbox adminerror');
}
if (is_dataroot_insecure()) {
if ($insecuredataroot == INSECURE_DATAROOT_WARNING) {
print_box(get_string('datarootsecuritywarning', 'admin', $CFG->dataroot), 'generalbox adminwarning');
} else if ($insecuredataroot == INSECURE_DATAROOT_ERROR) {
print_box(get_string('datarootsecurityerror', 'admin', $CFG->dataroot), 'generalbox adminerror');
}
if (defined('WARN_DISPLAY_ERRORS_ENABLED')) {