diff options
| author | Frank Karlitschek <frank@owncloud.org> | 2012-06-21 14:07:04 +0200 |
|---|---|---|
| committer | Frank Karlitschek <frank@owncloud.org> | 2012-06-21 14:07:04 +0200 |
| commit | e95055b2bdcd70568c4b4e21424800cab47a582b (patch) | |
| tree | a7e8ffd6ff780e898da1d8c7445991016d681ab9 /settings | |
| parent | 09d2f767276f6054148425966fda89e189d621f0 (diff) | |
| download | nextcloud-server-e95055b2bdcd70568c4b4e21424800cab47a582b.tar.gz nextcloud-server-e95055b2bdcd70568c4b4e21424800cab47a582b.zip | |
check if the data directory is accessible via http. Show a big security warning if yes
Diffstat (limited to 'settings')
| -rwxr-xr-x[-rw-r--r--] | settings/admin.php | 2 | ||||
| -rw-r--r-- | settings/css/settings.css | 5 | ||||
| -rwxr-xr-x[-rw-r--r--] | settings/templates/admin.php | 15 |
3 files changed, 21 insertions, 1 deletions
diff --git a/settings/admin.php b/settings/admin.php index a997bad4e3c..8369ee64e06 100644..100755 --- a/settings/admin.php +++ b/settings/admin.php @@ -15,6 +15,7 @@ OC_App::setActiveNavigationEntry( "admin" ); $tmpl = new OC_Template( 'settings', 'admin', 'user'); $forms=OC_App::getForms('admin'); +$htaccessworking=OC_Util::ishtaccessworking(); $entries=OC_Log_Owncloud::getEntries(3); function compareEntries($a,$b){ @@ -24,6 +25,7 @@ usort($entries, 'compareEntries'); $tmpl->assign('loglevel',OC_Config::getValue( "loglevel", 2 )); $tmpl->assign('entries',$entries); +$tmpl->assign('htaccessworking',$htaccessworking); $tmpl->assign('forms',array()); foreach($forms as $form){ $tmpl->append('forms',$form); diff --git a/settings/css/settings.css b/settings/css/settings.css index df1e3cfd3c2..80e96df5e66 100644 --- a/settings/css/settings.css +++ b/settings/css/settings.css @@ -48,5 +48,8 @@ li.active { color:#000; } small.externalapp { color:#FFF; background-color:#BBB; font-weight:bold; font-size:6pt; padding:4px; border-radius: 4px;} span.version { margin-left:3em; color:#ddd; } -/* LOF */ +/* LOG */ #log { white-space:normal; } + +/* ADMIN */ +span.securitywarning {color:#C33; font-weight:bold; } diff --git a/settings/templates/admin.php b/settings/templates/admin.php index 38c6042c82a..a9f727d6764 100644..100755 --- a/settings/templates/admin.php +++ b/settings/templates/admin.php @@ -6,6 +6,21 @@ $levels=array('Debug','Info','Warning','Error','Fatal'); ?> +<?php + +if(!$_['htaccessworking']) { +?> +<fieldset class="personalblock"> + <legend><strong><?php echo $l->t('Security Warning');?></strong></legend> + + <span class="securitywarning">Your data directory and your files are probably accessible from the internet. The .htaccess file that ownCloud provides is not working. We strongly suggest that you configure your webserver in a way that the data directory is no longer accessible or you move the data directory outside the webserver document root.</span> + +</fieldset> +<?php +} +?> + + <?php foreach($_['forms'] as $form){ echo $form; };?> |