Show a warning in the installer if the used PHP version is vulnerable to the NULL Byte attack

author: Lukas Reschke <lukas@statuscode.ch> 2013-03-20 08:44:33 +0100
committer: Lukas Reschke <lukas@statuscode.ch> 2013-03-20 08:44:33 +0100
commit: 68d55648d5904a86d21fb5258684687a31929011 (patch)
tree: a0723ca41a528d206a65a34437d4b1e0cf07a5c0 /core/templates/installation.php
parent: dc41cf081cac227f0d73b56542fa6295285e170c (diff)
download: nextcloud-server-68d55648d5904a86d21fb5258684687a31929011.tar.gz
nextcloud-server-68d55648d5904a86d21fb5258684687a31929011.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/core/templates/installation.php b/core/templates/installation.php
index 842686932c7..c70903cba55 100644
--- a/core/templates/installation.php
+++ b/core/templates/installation.php
@@ -19,6 +19,13 @@
 		<?php endforeach; ?>
 	</ul>
 	<?php endif; ?>
+	<?php if($_['vulnerableToNullByte']): ?>
+	<fieldset class="warning">
+		<legend><strong><?php p($l->t('Security Warning'));?></strong></legend>
+		<p><?php p($l->t('Your PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243)'));?><br/>
+		<?php p($l->t('Please update your PHP installation to use ownCloud securely.'));?></p>
+	</fieldset>
+	<?php endif; ?>
 	<?php if(!$_['secureRNG']): ?>
 	<fieldset class="warning">
 		<legend><strong><?php p($l->t('Security Warning'));?></strong></legend>
author	Lukas Reschke <lukas@statuscode.ch>	2013-03-20 08:44:33 +0100
committer	Lukas Reschke <lukas@statuscode.ch>	2013-03-20 08:44:33 +0100
commit	68d55648d5904a86d21fb5258684687a31929011 (patch)
tree	a0723ca41a528d206a65a34437d4b1e0cf07a5c0 /core/templates/installation.php
parent	dc41cf081cac227f0d73b56542fa6295285e170c (diff)
download	nextcloud-server-68d55648d5904a86d21fb5258684687a31929011.tar.gz nextcloud-server-68d55648d5904a86d21fb5258684687a31929011.zip