makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 22:28:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

Prevent sqlite databases within the forum directory

Browse source 
git-svn-id: file:///svn/phpbb/trunk@6136 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Graham Eames 2006-07-01 21:45:35 +00:00
parent 6df6eb0e60
commit 4c457ecc92
2 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
phpBB/install/install_install.php
View file

@ -1613,6 +1613,13 @@ class install_install extends module
return false; return false;
} }
// Make sure we don't have a daft user who thinks having the SQLite database in the forum directory is a good idea
if ($dbms == 'sqlite' && stripos(phpbb_realpath($dbhost), phpbb_realpath('../')) === 0)
{
$error[] = $lang['INST_ERR_DB_FORUM_PATH'];
return false;
}
// Try and connect ... // Try and connect ...
if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false))) if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false)))
{ {

1
phpBB/language/en/install.php
View file

@ -148,6 +148,7 @@ $lang = array_merge($lang, array(
'INSTALL_START' => 'Start Install', 'INSTALL_START' => 'Start Install',
'INSTALL_TEST' => 'Test Again', 'INSTALL_TEST' => 'Test Again',
'INST_ERR_DB_CONNECT' => 'Could not connect to the database, see error message below', 'INST_ERR_DB_CONNECT' => 'Could not connect to the database, see error message below',
'INST_ERR_DB_FORUM_PATH' => 'The database file specified is within your forum directory tree. You should put this file in a non web-accessible location',
'INST_ERR_DB_NO_ERROR' => 'No error message given', 'INST_ERR_DB_NO_ERROR' => 'No error message given',
'INST_ERR_DB_NO_MYSQL4' => 'The version of MySQL installed on this machine is incompatible with the "MySQL 4.x/5.x" option you have selected. Please try the "MySQL 3.23.x/4.x" option instead.', 'INST_ERR_DB_NO_MYSQL4' => 'The version of MySQL installed on this machine is incompatible with the "MySQL 4.x/5.x" option you have selected. Please try the "MySQL 3.23.x/4.x" option instead.',
'INST_ERR_DB_NO_MYSQLI' => 'The version of MySQL installed on this machine is incompatible with the "MySQL 4.1.x/5.x with MySQLi Extension" option you have selected. Please try the "MySQL 4.x/5.x" or "MySQL 3.23.x/4.x" option instead.', 'INST_ERR_DB_NO_MYSQLI' => 'The version of MySQL installed on this machine is incompatible with the "MySQL 4.1.x/5.x with MySQLi Extension" option you have selected. Please try the "MySQL 4.x/5.x" or "MySQL 3.23.x/4.x" option instead.',