diff options
Diffstat (limited to 'modules/system/system.install')
| -rw-r--r-- | modules/system/system.install | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/modules/system/system.install b/modules/system/system.install index e37b7b5e2..23e2e442b 100644 --- a/modules/system/system.install +++ b/modules/system/system.install @@ -77,6 +77,15 @@ function system_requirements($phase) { // If PHP is old, it's not safe to continue with the requirements check. return $requirements; } + // Check that htmlspecialchars() is secure if the site is running any PHP + // version older than 5.2.5. We don't simply require 5.2.5, because Ubuntu + // 8.04 ships with PHP 5.2.4, but includes the necessary security patch. + elseif (version_compare($phpversion, '5.2.5') < 0 && strlen(@htmlspecialchars(chr(0xC0) . chr(0xAF), ENT_QUOTES, 'UTF-8'))) { + $requirements['php']['description'] = $t('Your PHP installation is too old. Drupal requires at least PHP 5.2.5, or PHP @version with the htmlspecialchars security patch backported.', array('@version' => DRUPAL_MINIMUM_PHP)); + $requirements['php']['severity'] = REQUIREMENT_ERROR; + // If PHP is old, it's not safe to continue with the requirements check. + return $requirements; + } // Test PHP register_globals setting. $requirements['php_register_globals'] = array( |