diff options
author | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-06-30 08:17:05 +0000 |
---|---|---|
committer | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-06-30 08:17:05 +0000 |
commit | 0995d62be320ced7c533d805fe887d78741bfbb8 (patch) | |
tree | abf7c1965af8e3b240fd02b2798ba74e94674a3f /install.php | |
parent | 15bf4681c2111344d688e1323c293a9070cfed0a (diff) | |
download | brdo-0995d62be320ced7c533d805fe887d78741bfbb8.tar.gz brdo-0995d62be320ced7c533d805fe887d78741bfbb8.tar.bz2 |
#99011 follow up patch my merlinofchaos: inform users if the settings.php or the settings directory in use is not write protected after installation.
Diffstat (limited to 'install.php')
-rw-r--r-- | install.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/install.php b/install.php index e0a6cd7d7..8334327e8 100644 --- a/install.php +++ b/install.php @@ -107,12 +107,13 @@ function install_main() { drupal_install_profile($profile, $modules); // Warn about settings.php permissions risk - $settings_file = './'. conf_path() .'/settings.php'; - if (!drupal_verify_install_file($settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE)) { - drupal_set_message(st('All necessary changes to %file have been made, so you should now remove write permissions to this file. Failure to remove write permissions to this file is a security risk.', array('%file' => $settings_file)), 'error'); + $settings_dir = './'. conf_path(); + $settings_file = $settings_dir .'/settings.php'; + if (!drupal_verify_install_file($settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE) || !drupal_verify_install_file($settings_dir, FILE_NOT_WRITABLE, 'dir')) { + drupal_set_message(st('All necessary changes to %dir and %file have been made, so you should now remove write permissions to them. Failure to remove write permissions to them is a security risk.', array('%dir' => $settings_dir, '%file' => $settings_file)), 'error'); } else { - drupal_set_message(st('All necessary changes to %file have been made. It has been set to read-only for security.', array('%file' => $settings_file))); + drupal_set_message(st('All necessary changes to %dir and %file have been made. They have been set to read-only for security.', array('%dir' => $settings_dir, '%file' => $settings_file))); } } |