mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-11-29 06:23:01 +00:00
Fix compromise detection
Compromise detection has inverted logic handling response_code and did not honor the settingsFilename variable.
This commit is contained in:
parent
5fdd91ce4c
commit
3396c25002
1 changed files with 2 additions and 2 deletions
|
@ -49,11 +49,11 @@ register_module([
|
||||||
if(!$settings->disable_peppermint_access_check &&
|
if(!$settings->disable_peppermint_access_check &&
|
||||||
php_sapi_name() !== "cli-server") { // The CLI server is single threaded, so it can't support loopback requests
|
php_sapi_name() !== "cli-server") { // The CLI server is single threaded, so it can't support loopback requests
|
||||||
$request_url = full_url();
|
$request_url = full_url();
|
||||||
$request_url = preg_replace("/\/(index.php)?\?.*$/", "/peppermint.json", $request_url);
|
$request_url = preg_replace("/\/(index.php)?\?.*$/", "/".$settingsFilename, $request_url);
|
||||||
@file_get_contents($request_url);
|
@file_get_contents($request_url);
|
||||||
// $http_response_header is a global reserved variable. More information: https://devdocs.io/php/reserved.variables.httpresponseheader
|
// $http_response_header is a global reserved variable. More information: https://devdocs.io/php/reserved.variables.httpresponseheader
|
||||||
$response_code = intval(explode(" ", $http_response_header[0])[1]);
|
$response_code = intval(explode(" ", $http_response_header[0])[1]);
|
||||||
if($response_code >= 200 || $response_code < 300) {
|
if($response_code >= 200 && $response_code < 300) {
|
||||||
file_put_contents("$settingsFilename.compromised", "compromised");
|
file_put_contents("$settingsFilename.compromised", "compromised");
|
||||||
http_response_code(307);
|
http_response_code(307);
|
||||||
header("location: index.php");
|
header("location: index.php");
|
||||||
|
|
Loading…
Reference in a new issue