On Feb 11, 2008, at 5:30 PM, till wrote: > Please read my comment on the corrosponding ticket: > http://trac.roundcube.net/ticket/1483912#comment:16
From the comment : > We have to add a note that people don't leave this file on the > server, maybe we should add something where people cannot login > when check.php is in the "root"? A "nag" if statement is a good solution IMHO. Several web applications I have installed either check for the existence of troubleshooting / install scripts at the login stage to remind admins of a possible attack vector. You might not want to prevent login, in case the admin is in the process of testing. IMHO a big red message is enough. Looking through the script : It doesn't use the DB backend chosen from the config file, it has MDB2 hardcoded during the TZ check. As a result I get - > Fatal error: Call to undefined function: raise_error() in /Users/ > chasd/Sites/roundcube/program/include/rcube_mdb2.inc on line 104 Charles Dostale System Admin - Silver Oaks Communications http://www.silveroaks.com/ 824 17th Street, Moline IL 61265 _______________________________________________ List info: http://lists.roundcube.net/dev/
