Show a warning in the installer if the used PHP version is vulnerable to the NULL...

author Lukas Reschke <lukas@statuscode.ch>

Wed, 20 Mar 2013 07:44:33 +0000 (08:44 +0100)

committer VicDeo <victor.dubiniuk@gmail.com>

Sun, 31 Mar 2013 12:51:29 +0000 (16:51 +0400)
author Lukas Reschke <lukas@statuscode.ch>
Wed, 20 Mar 2013 07:44:33 +0000 (08:44 +0100)
committer VicDeo <victor.dubiniuk@gmail.com>
Sun, 31 Mar 2013 12:51:29 +0000 (16:51 +0400)
diff --git a/core/templates/installation.php b/core/templates/installation.php

index 842686932c77f92947ea63b8c32a635027cc0539..c70903cba552ae4f3a3d2c6f3ba37be830161fe1 100644 (file)
--- a/core/templates/installation.php
+++ b/core/templates/installation.php
@@ -19,6 +19,13 @@
                 <?php endforeach; ?>
         </ul>
         <?php endif; ?>
+       <?php if($_['vulnerableToNullByte']): ?>
+       <fieldset class="warning">
+               <legend><strong><?php p($l->t('Security Warning'));?></strong></legend>
+               <p><?php p($l->t('Your PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243)'));?><br/>
+               <?php p($l->t('Please update your PHP installation to use ownCloud securely.'));?></p>
+       </fieldset>
+       <?php endif; ?>
         <?php if(!$_['secureRNG']): ?>
         <fieldset class="warning">
                 <legend><strong><?php p($l->t('Security Warning'));?></strong></legend>
author	Lukas Reschke <lukas@statuscode.ch>
	Wed, 20 Mar 2013 07:44:33 +0000 (08:44 +0100)
committer	VicDeo <victor.dubiniuk@gmail.com>
	Sun, 31 Mar 2013 12:51:29 +0000 (16:51 +0400)