1
whilst we're on the subject, how about a few small security additions to the XOOPS installer.
if we add this line to /install/index.php
if (file_exists('../install.lock'))
{
print "The installer has been locked. Make sure you havn't installed
this before and re-running it again.";
exit;
}
this will check for a file called install.lock in the root folder.
then later after the install process has completed, we can add this >
if ($fp = @fopen( '../install.lock', 'w' ))
{
@fwrite( $fp, 'XOOPS Installed', 29 );
@fclose($fp);
}
this will create a file in the root folder called install.lock
also you could use >
if(@unlink("./index.php"))
{
print "XOOPS Installed!!The installer index.php file has now been deleted from your server for security reasons";
}
else
{
print "XOOPS Installed!!Please delete the install folder from your server for security reasons";
}
the above will automatically delete the install/index.php file from the server after installation has completed.
if it can't delete automatically it displays a message asking you to delete it
or you could use this script below to automatically remove the whole install folder & sub folders.
function rmdirRecursive($path,$followLinks=false) {
$dir = opendir($path) ;
while ( $entry = readdir($dir) ) {
if ( is_file( "$path/$entry" ) || ((!$followLinks) && is_link("$path/$entry")) ) {
echo ( "unlink $path/$entry;n" );
unlink( "$path/$entry" ); // this is the line that does the deleting (comment it out when testing)
} elseif ( is_dir( "$path/$entry" ) && $entry!='.' && $entry!='..' ) {
rmdirRecursive( "$path/$entry" ) ;
}
}
closedir($dir) ;
echo "rmdir $path;n";
return rmdir($path); // (comment this out out when testing)
}
?>
