[geeklog-cvs] Geeklog-1.x/public_html/admin/install index.php, 1.45, 1.46
Dirk Haun
dhaun at qs1489.pair.com
Sat Jun 14 09:02:27 EDT 2008
- Previous message (by thread): [geeklog-cvs] Geeklog-1.x/plugins/links/language german.php, 1.8, 1.9 german_formal.php, 1.6, 1.7 german_formal_utf-8.php, 1.6, 1.7 german_utf-8.php, 1.6, 1.7
- Next message (by thread): [geeklog-cvs] Geeklog-1.x/public_html/docs history,1.660,1.661
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvsroot/geeklog/Geeklog-1.x/public_html/admin/install
In directory qs1489.pair.com:/tmp/cvs-serv22156/public_html/admin/install
Modified Files:
index.php
Log Message:
Security vs. convenience: Don't display the database credentials from db-config.php
Index: index.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/admin/install/index.php,v
retrieving revision 1.45
retrieving revision 1.46
diff -C2 -d -r1.45 -r1.46
*** index.php 7 Jun 2008 13:38:48 -0000 1.45
--- index.php 14 Jun 2008 13:02:25 -0000 1.46
***************
*** 158,166 ****
}
}
! $db_host = isset($_POST['db_host']) ? $_POST['db_host'] : $_DB_host;
! $db_name = isset($_POST['db_name']) ? $_POST['db_name'] : $_DB_name;
! $db_user = isset($_POST['db_user']) ? $_POST['db_user'] : ($_DB_user != 'username' ? $_DB_user : '');
! $db_pass = isset($_POST['db_pass']) ? $_POST['db_pass'] : ($_DB_pass != 'password' ? $_DB_pass : '');
! $db_prefix = isset($_POST['db_prefix']) ? $_POST['db_prefix'] : $_DB_table_prefix;
$site_url = isset($_POST['site_url']) ? $_POST['site_url'] : 'http://' . $_SERVER['HTTP_HOST'] . preg_replace('/\/admin.*/', '', $_SERVER['PHP_SELF']) ;
--- 158,178 ----
}
}
! if (($_DB_host != 'localhost') || ($_DB_name != 'geeklog') ||
! ($_DB_user != 'username') || ($_DB_pass != 'password')) {
! // only display those if they all have their default values
! $_DB_host = '';
! $_DB_name = '';
! $_DB_user = '';
! $_DB_pass = '';
! }
! $db_host = isset($_POST['db_host']) ? $_POST['db_host']
! : ($_DB_host != 'localhost' ? '' : $_DB_host);
! $db_name = isset($_POST['db_name']) ? $_POST['db_name']
! : ($_DB_name != 'geeklog' ? '' : $_DB_name);
! $db_user = isset($_POST['db_user']) ? $_POST['db_user']
! : ($_DB_user != 'username' ? '' : $_DB_user);
! $db_pass = isset($_POST['db_pass']) ? $_POST['db_pass'] : '';
! $db_prefix = isset($_POST['db_prefix']) ? $_POST['db_prefix']
! : $_DB_table_prefix;
$site_url = isset($_POST['site_url']) ? $_POST['site_url'] : 'http://' . $_SERVER['HTTP_HOST'] . preg_replace('/\/admin.*/', '', $_SERVER['PHP_SELF']) ;
- Previous message (by thread): [geeklog-cvs] Geeklog-1.x/plugins/links/language german.php, 1.8, 1.9 german_formal.php, 1.6, 1.7 german_formal_utf-8.php, 1.6, 1.7 german_utf-8.php, 1.6, 1.7
- Next message (by thread): [geeklog-cvs] Geeklog-1.x/public_html/docs history,1.660,1.661
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the geeklog-cvs
mailing list