chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r12809] Updated default files and dirs permissions (using database security parameter)

Browse Source
skala
Yannick Warnier 19 years ago
parent 5e5fced195
commit 85dfb152e6
11 changed files with 56 additions and 28 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      main/admin/user_add.php
  2. 6
      main/document/create_document.php
  3. 7
      main/document/edit_document.php
  4. 19
      main/install/install_functions.inc.php
  5. 21
      main/install/update-files-1.6.x-1.8.0.inc.php
  6. 5
      main/install/update_files.inc.php
  7. 4
      main/install/upgrade.php
  8. 4
      main/mySpace/admin.php
  9. 4
      main/mySpace/coaches.php
  10. 4
      main/mySpace/progression.php
  11. 4
      main/mySpace/teachers.php

6
main/admin/user_add.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: user_add.php 12379 2007-05-11 09:16:27Z elixir_julian $ <?php // $Id: user_add.php 12809 2007-07-30 21:44:36Z yannoo $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -169,8 +169,10 @@ if( $form->validate())
$picture_uri = ''; $picture_uri = '';
if (strlen($picture['name']) > 0) if (strlen($picture['name']) > 0)
{ {
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
if(!is_dir(api_get_path(SYS_CODE_PATH).'upload/users/')){ if(!is_dir(api_get_path(SYS_CODE_PATH).'upload/users/')){
mkdir(api_get_path(SYS_CODE_PATH).'upload/users/', 0777); mkdir(api_get_path(SYS_CODE_PATH).'upload/users/', $perm);
} }
$picture_uri = uniqid('').'_'.replace_dangerous_char($picture['name']); $picture_uri = uniqid('').'_'.replace_dangerous_char($picture['name']);
$picture_location = api_get_path(SYS_CODE_PATH).'upload/users/'.$picture_uri; $picture_location = api_get_path(SYS_CODE_PATH).'upload/users/'.$picture_uri;

6
main/document/create_document.php
Unescape View File

@ -1,5 +1,5 @@
<?php <?php
// $Id: create_document.php 12759 2007-07-19 07:52:56Z elixir_inter $ // $Id: create_document.php 12809 2007-07-30 21:44:36Z yannoo $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -304,9 +304,11 @@ if ($form->validate())
fclose($fp); fclose($fp);
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
if (!is_dir($filepath.'css')) if (!is_dir($filepath.'css'))
{ {
mkdir($filepath.'css', 0777); mkdir($filepath.'css', $perm);
$doc_id = add_document($_course, $dir.'css', 'folder', 0, 'css'); $doc_id = add_document($_course, $dir.'css', 'folder', 0, 'css');

7
main/document/edit_document.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: edit_document.php 12759 2007-07-19 07:52:56Z elixir_inter $ <?php // $Id: edit_document.php 12809 2007-07-30 21:44:36Z yannoo $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -378,9 +378,12 @@ if($is_allowedToEdit)
fclose($fp); fclose($fp);
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
if(!is_dir($filepath.'css')) if(!is_dir($filepath.'css'))
{ {
mkdir($filepath.'css',0777); mkdir($filepath.'css',$perm);
$doc_id=add_document($_course,$dir.'css','folder',0,'css'); $doc_id=add_document($_course,$dir.'css','folder',0,'css');

19
main/install/install_functions.inc.php
Unescape View File

@ -557,49 +557,54 @@ function display_requirements($installType, $badUpdatePath, $update_from_version
{ {
$error=false; $error=false;
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
$perm_file = api_get_setting('permissions_for_new_files');
$perm_file = octdec(!empty($perm_file)?$perm_file:'0660');
//First, attempt to set writing permissions if we don't have them yet //First, attempt to set writing permissions if we don't have them yet
//0xxx is an octal number, this is the required format //0xxx is an octal number, this is the required format
$notwritable = array(); $notwritable = array();
if(!is_writable('../inc/conf')) if(!is_writable('../inc/conf'))
{ {
$notwritable[]='../inc/conf'; $notwritable[]='../inc/conf';
@chmod('../inc/conf',0777); @chmod('../inc/conf',$perm);
} }
if(!is_writable('../garbage')) if(!is_writable('../garbage'))
{ {
$notwritable[]='../garbage'; $notwritable[]='../garbage';
@chmod('../garbage',0777); @chmod('../garbage',$perm);
} }
if(!is_writable('../upload')) if(!is_writable('../upload'))
{ {
$notwritable[]='../upload'; $notwritable[]='../upload';
@chmod('../upload', 0777); @chmod('../upload', $perm);
} }
if(!is_writable('../../archive')) if(!is_writable('../../archive'))
{ {
$notwritable[]='../../archive'; $notwritable[]='../../archive';
@chmod('../../archive',0777); @chmod('../../archive',$perm);
} }
if(!is_writable('../../courses')) if(!is_writable('../../courses'))
{ {
$notwritable[]='../../courses'; $notwritable[]='../../courses';
@chmod('../../courses',0777); @chmod('../../courses',$perm);
} }
if(!is_writable('../../home')) if(!is_writable('../../home'))
{ {
$notwritable[]='../../home'; $notwritable[]='../../home';
@chmod('../../home',0777); @chmod('../../home',$perm);
} }
if(file_exists('../inc/conf/configuration.php') && !is_writable('../inc/conf/configuration.php')) if(file_exists('../inc/conf/configuration.php') && !is_writable('../inc/conf/configuration.php'))
{ {
$notwritable[]='../inc/conf/configuration.php'; $notwritable[]='../inc/conf/configuration.php';
@chmod('../inc/conf/configuration.php',0666); @chmod('../inc/conf/configuration.php',$perm_file);
} }
//Second, if this fails, report an error //Second, if this fails, report an error

21
main/install/update-files-1.6.x-1.8.0.inc.php
Unescape View File

@ -1,4 +1,4 @@
<?php //$Id: update-files-1.6.x-1.8.0.inc.php 12086 2007-04-23 13:02:44Z yannoo $ <?php //$Id: update-files-1.6.x-1.8.0.inc.php 12809 2007-07-30 21:44:36Z yannoo $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -75,6 +75,9 @@ if (defined('DOKEOS_INSTALL') || defined('DOKEOS_COURSE_UPDATE'))
error_log('Getting courses for files updates: '.$sql,0); error_log('Getting courses for files updates: '.$sql,0);
$result=mysql_query($sql); $result=mysql_query($sql);
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
while($courses_directories=mysql_fetch_array($result)){ while($courses_directories=mysql_fetch_array($result)){
$currentCourseRepositorySys = $sys_course_path.$courses_directories["directory"]."/"; $currentCourseRepositorySys = $sys_course_path.$courses_directories["directory"]."/";
@ -95,22 +98,22 @@ if (defined('DOKEOS_INSTALL') || defined('DOKEOS_COURSE_UPDATE'))
//document > audio //document > audio
if(!is_dir($currentCourseRepositorySys."document/audio")){ if(!is_dir($currentCourseRepositorySys."document/audio")){
mkdir($currentCourseRepositorySys."document/audio",0777); mkdir($currentCourseRepositorySys."document/audio",$perm);
insert_db($db_name,"audio",get_lang('Audio')); insert_db($db_name,"audio",get_lang('Audio'));
} }
//document > flash //document > flash
if(!is_dir($currentCourseRepositorySys."document/flash")){ if(!is_dir($currentCourseRepositorySys."document/flash")){
mkdir($currentCourseRepositorySys."document/flash",0777); mkdir($currentCourseRepositorySys."document/flash",$perm);
insert_db($db_name,"flash",get_lang('Flash')); insert_db($db_name,"flash",get_lang('Flash'));
} }
//document > images //document > images
if(!is_dir($currentCourseRepositorySys."document/images")){ if(!is_dir($currentCourseRepositorySys."document/images")){
mkdir($currentCourseRepositorySys."document/images",0777); mkdir($currentCourseRepositorySys."document/images",$perm);
insert_db($db_name,"images",get_lang('Images')); insert_db($db_name,"images",get_lang('Images'));
} }
if(!is_dir($currentCourseRepositorySys."document/video")){ if(!is_dir($currentCourseRepositorySys."document/video")){
mkdir($currentCourseRepositorySys."document/video",0777); mkdir($currentCourseRepositorySys."document/video",$perm);
insert_db($db_name,"video",get_lang('Video')); insert_db($db_name,"video",get_lang('Video'));
} }
@ -118,20 +121,20 @@ if (defined('DOKEOS_INSTALL') || defined('DOKEOS_COURSE_UPDATE'))
//upload //upload
if(!is_dir($currentCourseRepositorySys."upload")){ if(!is_dir($currentCourseRepositorySys."upload")){
mkdir($currentCourseRepositorySys."upload",0777); mkdir($currentCourseRepositorySys."upload",$perm);
} }
//upload > blog //upload > blog
if(!is_dir($currentCourseRepositorySys."upload/blog")){ if(!is_dir($currentCourseRepositorySys."upload/blog")){
mkdir($currentCourseRepositorySys."upload/blog",0777); mkdir($currentCourseRepositorySys."upload/blog",$perm);
} }
//upload > forum //upload > forum
if(!is_dir($currentCourseRepositorySys."upload/forum")){ if(!is_dir($currentCourseRepositorySys."upload/forum")){
mkdir($currentCourseRepositorySys."upload/forum",0777); mkdir($currentCourseRepositorySys."upload/forum",$perm);
} }
//upload > test //upload > test
if(!is_dir($currentCourseRepositorySys."upload/test")){ if(!is_dir($currentCourseRepositorySys."upload/test")){
mkdir($currentCourseRepositorySys."upload/test",0777); mkdir($currentCourseRepositorySys."upload/test",$perm);
} }
//Updating index file in courses directories to change claroline/ into main/ //Updating index file in courses directories to change claroline/ into main/

5
main/install/update_files.inc.php
Unescape View File

@ -152,6 +152,9 @@ if (defined('DOKEOS_INSTALL') || defined('DOKEOS_COURSE_UPDATE'))
$newPath = str_replace('\\', '/', realpath('../..')).'/'; $newPath = str_replace('\\', '/', realpath('../..')).'/';
$oldPath = $_POST['updatePath']; $oldPath = $_POST['updatePath'];
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
foreach ($coursePath as $key => $course) foreach ($coursePath as $key => $course)
{ {
$mysql_base_course = $courseDB[$key]; $mysql_base_course = $courseDB[$key];
@ -181,7 +184,7 @@ if (defined('DOKEOS_INSTALL') || defined('DOKEOS_COURSE_UPDATE'))
fclose($fp); fclose($fp);
} }
@ mkdir($oldPath.$course.'/temp', 0777); @ mkdir($oldPath.$course.'/temp', $perm);
@ rename($oldPath.$course, $newPath.'courses/'.$course); @ rename($oldPath.$course, $newPath.'courses/'.$course);

4
main/install/upgrade.php
Unescape View File

@ -160,9 +160,11 @@ class Page_Requirements extends HTML_QuickForm_Page
{ {
$writable_folders = array ('../inc/conf', '../garbage', '../upload', '../../archive', '../../courses', '../../home'); $writable_folders = array ('../inc/conf', '../garbage', '../upload', '../../archive', '../../courses', '../../home');
$not_writable = array (); $not_writable = array ();
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
foreach ($writable_folders as $index => $folder) foreach ($writable_folders as $index => $folder)
{ {
if (!is_writable($folder) && !@ chmod($folder, 0777)) if (!is_writable($folder) && !@ chmod($folder, $perm))
{ {
$not_writable[] = $folder; $not_writable[] = $folder;
} }

4
main/mySpace/admin.php
Unescape View File

@ -68,7 +68,9 @@ $tbl_admin = Database :: get_main_table(TABLE_MAIN_ADMIN);
fwrite($open,$info); fwrite($open,$info);
fclose($open); fclose($open);
chmod($fileName,0777); $perm = api_get_setting('permissions_for_new_files');
$perm = octdec(!empty($perm)?$perm:'0660');
chmod($fileName,$perm);
header("Location:".$archiveURL.$fileName); header("Location:".$archiveURL.$fileName);
} }

4
main/mySpace/coaches.php
Unescape View File

@ -77,7 +77,9 @@ $tbl_track_login = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_
fwrite($open,$info); fwrite($open,$info);
fclose($open); fclose($open);
chmod($fileName,0777); $perm = api_get_setting('permissions_for_new_files');
$perm = octdec(!empty($perm)?$perm:'0660');
chmod($fileName,$perm);
header("Location:".$archiveURL.$fileName); header("Location:".$archiveURL.$fileName);
} }

4
main/mySpace/progression.php
Unescape View File

@ -64,7 +64,9 @@ $tbl_track_exercice = Database :: get_statistic_table(STATISTIC_TRACK_E_EXERCICE
fwrite($open,$info); fwrite($open,$info);
fclose($open); fclose($open);
chmod($fileName,0777); $perm = api_get_setting('permissions_for_new_files');
$perm = octdec(!empty($perm)?$perm:'0660');
chmod($fileName,$perm);
$message = get_lang('UsageDatacreated'); $message = get_lang('UsageDatacreated');
header("Location:".$archiveURL.$fileName); header("Location:".$archiveURL.$fileName);

4
main/mySpace/teachers.php
Unescape View File

@ -69,7 +69,9 @@ function exportCsv($a_header,$a_data)
fwrite($open,$info); fwrite($open,$info);
fclose($open); fclose($open);
chmod($fileName,0777); $perm = api_get_setting('permissions_for_new_files');
$perm = octdec(!empty($perm)?$perm:'0660');
chmod($fileName,$perm);
header("Location:".$archiveURL.$fileName); header("Location:".$archiveURL.$fileName);
} }

Write Preview
Loading…
Cancel
Save