1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-11-22 16:33:00 +00:00

Merge pull request #179 from nivex/patch-1

Fix compromise detection
This commit is contained in:
Starbeamrainbowlabs 2020-01-10 17:08:19 +00:00 committed by GitHub
commit 27a7349e70
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -49,11 +49,11 @@ register_module([
if(!$settings->disable_peppermint_access_check && if(!$settings->disable_peppermint_access_check &&
php_sapi_name() !== "cli-server") { // The CLI server is single threaded, so it can't support loopback requests php_sapi_name() !== "cli-server") { // The CLI server is single threaded, so it can't support loopback requests
$request_url = full_url(); $request_url = full_url();
$request_url = preg_replace("/\/(index.php)?\?.*$/", "/peppermint.json", $request_url); $request_url = preg_replace("/\/(index.php)?\?.*$/", "/$settingsFilename", $request_url);
@file_get_contents($request_url); @file_get_contents($request_url);
// $http_response_header is a global reserved variable. More information: https://devdocs.io/php/reserved.variables.httpresponseheader // $http_response_header is a global reserved variable. More information: https://devdocs.io/php/reserved.variables.httpresponseheader
$response_code = intval(explode(" ", $http_response_header[0])[1]); $response_code = intval(explode(" ", $http_response_header[0])[1]);
if($response_code >= 200 || $response_code < 300) { if($response_code >= 200 && $response_code < 300) {
file_put_contents("$settingsFilename.compromised", "compromised"); file_put_contents("$settingsFilename.compromised", "compromised");
http_response_code(307); http_response_code(307);
header("location: index.php"); header("location: index.php");