1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-09 10:16:36 +02:00

the chmod change i already had within the changelog (by mistake). This should further secure writable directories and created files.

Installation need to be tested on different hosts.

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8763 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2008-08-16 19:06:18 +00:00
parent da65cd1397
commit 068096531f
10 changed files with 165 additions and 55 deletions

View File

@@ -562,7 +562,7 @@ class queue
$fp = @fopen($this->cache_file . '.lock', 'wb');
fclose($fp);
@chmod($this->cache_file . '.lock', 0666);
phpbb_chmod($this->cache_file . '.lock', 'write-all');
include($this->cache_file);
@@ -683,7 +683,7 @@ class queue
break;
}
}
if (!sizeof($this->queue_data))
{
@unlink($this->cache_file);
@@ -697,7 +697,7 @@ class queue
@flock($fp, LOCK_UN);
fclose($fp);
@chmod($this->cache_file, 0666);
phpbb_chmod($this->cache_file, 'rwrite');
}
}
@@ -713,11 +713,11 @@ class queue
{
return;
}
if (file_exists($this->cache_file))
{
include($this->cache_file);
foreach ($this->queue_data as $object => $data_ary)
{
if (isset($this->data[$object]) && sizeof($this->data[$object]))
@@ -738,7 +738,7 @@ class queue
@flock($fp, LOCK_UN);
fclose($fp);
@chmod($this->cache_file, 0666);
phpbb_chmod($this->cache_file, 'rwrite');
}
}
}
@@ -1047,7 +1047,7 @@ class smtp_class
$err_msg .= $message;
}
}
/**
* Log into server and get possible auth codes if neccessary
*/
@@ -1108,7 +1108,7 @@ class smtp_class
return false;
}
// If EHLO fails, we try HELO
// If EHLO fails, we try HELO
$this->server_send("HELO {$local_host}");
if ($err_msg = $this->server_parse('250', __LINE__))
{
@@ -1129,7 +1129,7 @@ class smtp_class
{
return false;
}
if (!isset($this->commands['AUTH']))
{
return (isset($user->lang['SMTP_NO_AUTH_SUPPORT'])) ? $user->lang['SMTP_NO_AUTH_SUPPORT'] : 'SMTP server does not support authentication';
@@ -1290,7 +1290,7 @@ class smtp_class
}
$md5_challenge = base64_decode($this->responses[0]);
// Parse the md5 challenge - from AUTH_SASL (PEAR)
$tokens = array();
while (preg_match('/^([a-z-]+)=("[^"]+(?<!\\\)"|[^,]+)/i', $md5_challenge, $matches))