diff options
| -rw-r--r-- | inc/html.php | 6 | ||||
| -rw-r--r-- | lib/scripts/script.js | 31 |
2 files changed, 6 insertions, 31 deletions
diff --git a/inc/html.php b/inc/html.php index 299795cc9..0bf5842ef 100644 --- a/inc/html.php +++ b/inc/html.php @@ -1394,6 +1394,12 @@ function html_admin(){ ); } + // data security check + echo '<a style="background: transparent url(data/security.png) left top no-repeat; + display: block; width:380px; height:73px; border:none; float:right" + target="_blank" + href="http://www.dokuwiki.org/security#web_access_security"></a>'; + print p_locale_xhtml('admin'); // Admin Tasks diff --git a/lib/scripts/script.js b/lib/scripts/script.js index 84114923f..c79c9b683 100644 --- a/lib/scripts/script.js +++ b/lib/scripts/script.js @@ -538,34 +538,3 @@ addInitEvent(function(){ } }); -/** - * Check data directory security - * - * Tries to access data/_dummy from the client. - * In a proper setup this should fail, if it succeeds a warning is displayed. - * This is only done on the Admin screen - */ -addInitEvent(function(){ - var isadmin = $('admin__version'); - if(!isadmin) return; - - var ajax = new sack(DOKU_BASE + 'data/_dummy'); - ajax.AjaxFailedAlert = ''; - ajax.encodeURIString = false; - if(ajax.failed) return true; - ajax.method = 'GET'; - - ajax.onCompletion = function(){ - if(this.response && (this.response.substr(0,14) == 'data directory')){ - var msg = document.createElement('div'); - msg.className = 'error'; - msg.innerHTML = '<b>Important:</b> Your <code>data</code> directory is not properly '+ - 'secured. This is a serious security problem and should be fixed '+ - 'immeadiately.<br /> You can find more info on our '+ - '<a href="http://www.dokuwiki.org/security#web_access_security">security page</a>.'; - var container = $('admin__version').parentNode; - container.insertBefore(msg,container.childNodes[0]); - } - }; - ajax.runAJAX(); -}); |