| /trunk/TODO |
|---|
| 8,7 → 8,6 |
| ... At least give a hint to the documentation, so they know how to run the tool and how to enter the cost in the configuration (for RA and Admin) |
| ... or in the setup page make an extra control how complex the admin password should be? but be aware that nobody enters a too big number (it makes DoS possible!) |
| - system log plugin: Only show 100 events and let the user switch pages. To avoid that you load a page with 10000+ log entries! |
| - check if there are more PHP extensions which are required, and add them to includes/oidplus_dependency.inc.php |
| SECURITY Improvements: |
| - Small security issue: A visitor can check which plugins are installed by either entering a "goto" command (e.g. "oidplus:vnag_version_check") |
| /trunk/includes/oidplus_dependency.inc.php |
|---|
| 20,6 → 20,18 |
| function oidplus_get_missing_dependencies() { |
| $missing_dependencies = array(); |
| if (!extension_loaded('standard')) { |
| $missing_dependencies[] = 'standard'; |
| } |
| if (!extension_loaded('Core')) { |
| $missing_dependencies[] = 'Core'; |
| } |
| if (!extension_loaded('SPL')) { |
| $missing_dependencies[] = 'SPL'; |
| } |
| if (!extension_loaded('iconv')) { |
| // Alpine Linux: apk add php-iconv |
| $missing_dependencies[] = 'iconv'; |