From 70e766c2bfb4f145564912837864f27aafc82ea2 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 26 Feb 2013 19:41:44 -0800
Subject: xss attack vector in bbcode.php - check for proc_open being disabled
 for security reasons in install

---
 mod/setup.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'mod/setup.php')

diff --git a/mod/setup.php b/mod/setup.php
index 37bb572f9..cd303205e 100755
--- a/mod/setup.php
+++ b/mod/setup.php
@@ -397,6 +397,12 @@ function check_funcs(&$checks) {
 			check_add($ck_funcs, t('Apache mod_rewrite module'), true, true, "");
 		}
 	}
+	if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) {
+		check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini'));
+	}
+	else {
+		check_add($ck_funcs, t('proc_open'), true, true, "");
+	}
 
 	if(! function_exists('curl_init')){
 		$ck_funcs[0]['status']= false;
-- 
cgit v1.2.3