Rev 299 | Rev 305 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 299 | Rev 301 | ||
|---|---|---|---|
| Line 25... | Line 25... | ||
| 25 | <h2 id="systemCheckCaption" style="display:none">System check</h2> |
25 | <h2 id="systemCheckCaption" style="display:none">System check</h2> |
| 26 | 26 | ||
| 27 | <div id="dirAccessWarning"></div> |
27 | <div id="dirAccessWarning"></div> |
| 28 | 28 | ||
| 29 | <script> |
29 | <script> |
| - | 30 | function RemoveLastDirectoryPartOf(the_url) { |
|
| - | 31 | var the_arr = the_url.split('/'); |
|
| - | 32 | if (the_arr.pop() == '') the_arr.pop(); |
|
| - | 33 | return( the_arr.join('/') ); |
|
| - | 34 | } |
|
| 30 | function checkAccess(dir) { |
35 | function checkAccess(dir) { |
| - | 36 | url = '../' + dir; |
|
| - | 37 | visibleUrl = RemoveLastDirectoryPartOf(window.location.href) + '/' + dir; // xhr.responseURL not available in IE |
|
| - | 38 | ||
| 31 | var xhr = new XMLHttpRequest(); |
39 | var xhr = new XMLHttpRequest(); |
| 32 | xhr.onreadystatechange = function() { |
40 | xhr.onreadystatechange = function() { |
| 33 | if (xhr.readyState === 4) { |
41 | if (xhr.readyState === 4) { |
| 34 | if (xhr.status === 200) { |
42 | if (xhr.status === 200) { |
| 35 | document.getElementById('systemCheckCaption').style.display = 'block'; |
43 | document.getElementById('systemCheckCaption').style.display = 'block'; |
| 36 | document.getElementById('dirAccessWarning').innerHTML = document.getElementById('dirAccessWarning').innerHTML + 'Attention: The following directory is world-readable: <a target="_blank" href="'+xhr.responseURL+'">'+xhr.responseURL+'</a> ! You need to configure your web server to restrict access to this directory! (For Apache see <i>.htaccess</i>, for Microsoft IIS see <i>web.config</i>, for Nginx see <i>nginx.conf</i>)<br>'; |
44 | document.getElementById('dirAccessWarning').innerHTML = document.getElementById('dirAccessWarning').innerHTML + 'Attention: The following directory is world-readable: <a target="_blank" href="'+url+'">'+visibleUrl+'</a> ! You need to configure your web server to restrict access to this directory! (For Apache see <i>.htaccess</i>, for Microsoft IIS see <i>web.config</i>, for Nginx see <i>nginx.conf</i>)<br>'; |
| 37 | } |
45 | } |
| 38 | } |
46 | } |
| 39 | }; |
47 | }; |
| 40 | 48 | ||
| 41 | xhr.open('GET', dir); |
49 | xhr.open('GET', url); |
| 42 | xhr.send(); |
50 | xhr.send(); |
| 43 | } |
51 | } |
| 44 | 52 | ||
| 45 | document.getElementById('dirAccessWarning').innerHTML = ""; |
53 | document.getElementById('dirAccessWarning').innerHTML = ""; |
| 46 | checkAccess('../userdata/'); |
54 | checkAccess('userdata/'); |
| 47 | checkAccess('../dev/'); |
55 | checkAccess('dev/'); |
| 48 | checkAccess('../includes/'); |
56 | checkAccess('includes/'); |
| 49 | //checkAccess('../plugins/publicPages/100_whois/whois/cli/'); |
57 | //checkAccess('plugins/publicPages/100_whois/whois/cli/'); |
| 50 | </script> |
58 | </script> |
| 51 | 59 | ||
| 52 | <div id="step1"> |
60 | <div id="step1"> |
| 53 | <h2>Step 1: Enter setup information</h2> |
61 | <h2>Step 1: Enter setup information</h2> |
| 54 | 62 | ||