Skip redirect to login, if configuration file permissions are wrong

author hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>

Fri, 20 Apr 2007 06:54:56 +0000 (06:54 +0000)

committer hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>

Fri, 20 Apr 2007 06:54:56 +0000 (06:54 +0000)
author hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Fri, 20 Apr 2007 06:54:56 +0000 (06:54 +0000)
committer hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Fri, 20 Apr 2007 06:54:56 +0000 (06:54 +0000)
diff --git a/setup/class_setupStep_Finish.inc b/setup/class_setupStep_Finish.inc

index 579ce622688083a4465bd8a7b6e8da1b23446777..8e23e44371ed99a1c0d64e128da74c24f9510f32 100644 (file)
--- a/setup/class_setupStep_Finish.inc
+++ b/setup/class_setupStep_Finish.inc
@@ -60,8 +60,11 @@ class Step_Finish extends setup_step
       */
      $exists = file_exists(CONFIG_DIR."/".CONFIG_FILE); 
  
-    /* Redirect to GOsa login */
-    if(isset($_POST['next']) && $exists){
+    /* Redirect to GOsa login, if : 
+     *   - gosa.conf exists
+     *   - Permisssion are set correctly 
+     */ 
+    if(isset($_POST['next']) && $exists && !is_world_readable(CONFIG_DIR."/".CONFIG_FILE)){
        session_destroy();
        header("Location: index.php");
        exit();
@@ -95,6 +98,8 @@ class Step_Finish extends setup_step
      
      if($exists && $this->is_world_readable(CONFIG_DIR."/".CONFIG_FILE)){
        $err_msg = _("Your configuration file is currently world readable. This is a big security risk. Please updated the file permissions!");
+    }elseif(!$exists){
+      $err_msg = _("The configuration is currently not readable or it does not exists.");
      }
  
      $smarty = get_smarty();
author	hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Fri, 20 Apr 2007 06:54:56 +0000 (06:54 +0000)
committer	hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Fri, 20 Apr 2007 06:54:56 +0000 (06:54 +0000)