diff options
Diffstat (limited to 'inc/html.php')
| -rw-r--r-- | inc/html.php | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/inc/html.php b/inc/html.php index a48f18bff..c2723bceb 100644 --- a/inc/html.php +++ b/inc/html.php @@ -1473,7 +1473,7 @@ function html_edit(){ } ?> <div class="editBox"> - <div class="toolbar"> + <div class="toolbar group"> <div id="draft__status"><?php if(!empty($INFO['draft'])) echo $lang['draftdate'].' '.dformat();?></div> <div id="tool__bar"><?php if ($wr && $data['media_manager']){?><a href="<?php echo DOKU_BASE?>lib/exe/mediamanager.php?ns=<?php echo $INFO['namespace']?>" target="_blank"><?php echo $lang['mediaselect'] ?></a><?php }?></div> @@ -1636,11 +1636,16 @@ function html_admin(){ } // data security check - // @todo: could be checked and only displayed if $conf['savedir'] is under the web root - echo '<a style="border:none; float:right;" - href="http://www.dokuwiki.org/security#web_access_security"> - <img src="data/security.png" alt="Your data directory seems to be protected properly." - onerror="this.parentNode.style.display=\'none\'" /></a>'; + // simple check if the 'savedir' is relative and accessible when appended to DOKU_URL + // it verifies either: + // 'savedir' has been moved elsewhere, or + // has protection to prevent the webserver serving files from it + if (substr($conf['savedir'],0,2) == './'){ + echo '<a style="border:none; float:right;" + href="http://www.dokuwiki.org/security#web_access_security"> + <img src="'.DOKU_URL.$conf['savedir'].'/security.png" alt="Your data directory seems to be protected properly." + onerror="this.parentNode.style.display=\'none\'" /></a>'; + } print p_locale_xhtml('admin'); |