|
|
Posted by Vince Morgan on 03/19/07 00:51
"starman7" <starman7@hotmail.com> wrote in message
news:1174227227.401596.99820@o5g2000hsb.googlegroups.com...
i'm installing a custom php bulletin board, the below code complains
about its configuration file having spaces or carriage feeds before or
after the beginning or end of the code. as far as i could tell the
above code evaluated for reasons other that that ... as my config.php
had no spaces, etc. and worked completely after removal of this block,
and even partially while the block remained - (but displayed the
error).
can anyone describe what this code does, and advise if removing it
makes the app any less secure? i removed it and everything worked as
expected. and/or suggest replacement code i can suggest to the author?
also - why is it looking at dbuser?
$config_content = @file_get_contents($phpbb_root_path . 'config.'.
$phpEx);
The above code loads the config.php file
if ( strpos($config_content, 'dbuser') && (substr($config_content, 0,
5) != '<?php' || substr($config_content, -2) != '?>') )
The above checks that there is not databefore "<?php" at the top, and then
that "?>" is right at the end. If it does not pass the test it outputs the
below message.
If you remove the above code you don't load the file, or test for illegal
chars, so the problem seems to go away.
It's "config.php" that needs the attention.
print('· You have <u>damaged</u>: <b>config.'.$phpEx.'</b> file !<br /
>· File must begin with: <b><?php</b> and finish with <b>?></b>
with any other chars (spaces, tabs or new line) before <?php and
after ?><br />· You must correct the file !<br />· Remember <u>it
is not mistake</u>, if your text editor can not see this space, tab or
new line, use other editor with operating multi (CR/LF) format or
create new file with clean content.<br />· Forum will not work
correctly with damaged config.php file.<hr /><br />');
}
HTH
Vince Morgan
Navigation:
[Reply to this message]
|