xss attack vector in bbcode.php - check for proc_open being disabled for security reasons in install

2013-02-26 19:41:44 -08:00
parent ed2ff18cac
commit 70e766c2bf
2 changed files with 17 additions and 11 deletions
--- a/mod/setup.php
+++ b/mod/setup.php
@@ -397,6 +397,12 @@ function check_funcs(&$checks) {
 			check_add($ck_funcs, t('Apache mod_rewrite module'), true, true, "");
 		}
 	}
+	if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) {
+		check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini'));
+	}
+	else {
+		check_add($ck_funcs, t('proc_open'), true, true, "");
+	}

 	if(! function_exists('curl_init')){
 		$ck_funcs[0]['status']= false;