mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-04-13 11:28:26 -04:00
Code Issues Packages Projects Releases Wiki Activity

System Info Permissions

Browse Source 
System Info Permissions Fix
This commit is contained in:
WebShells
2020-09-22 15:48:18 +03:00
committed by jekkos
parent 9528624c0e
commit 2743a6cf15
2 changed files with 21 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
application/language/en-US/config_lang.php
View File

@@ -155,8 +155,8 @@ $lang["config_invoice_email_message"] = "Invoice Email Template";
$lang["config_invoice_enable"] = "Enable Invoicing";
$lang["config_invoice_printer"] = "Invoice Printer";
$lang["config_invoice_type"] = "Invoice Type";
$lang["config_is_readable"] = "is readable, but the permissions are higher than 660.";
$lang["config_is_writable"] = "is writable, but the permissions are higher than 750.";
$lang["config_is_readable"] = "is readable, but the permissions are incorrectly set. Please set it to 640 or 660 and refresh.";
$lang["config_is_writable"] = "is writable, but the permissions are incorrectly set. Please set it to 750 and refresh.";
$lang["config_jsprintsetup_required"] = "Warning: This functionality will only work if you have the FireFox jsPrintSetup addon installed. Save anyway?";
$lang["config_language"] = "Language";
$lang["config_last_used_invoice_number"] = "Last used Invoice Number";
@@ -205,7 +205,7 @@ $lang["config_number_locale_tooltip"] = "Find a suitable locale through this lin
$lang["config_os_timezone"] = "OSPOS Timezone:";
$lang["config_ospos_info"] = "OSPOS Installation Info";
$lang["config_payment_options_order"] = "Payment Options Order";
$lang["config_perm_risk"] = "Permissions higher than 750 for write and 660 for read leaves this software at risk.";
$lang["config_perm_risk"] = "Incorrect permissions leaves this software at risk.";
$lang["config_phone"] = "Company Phone";
$lang["config_phone_required"] = "Company Phone is a required field.";
$lang["config_print_bottom_margin"] = "Margin Bottom";

43
application/views/configs/system_info.php
View File

@@ -65,8 +65,8 @@
echo ' - ' . substr(sprintf("%o",fileperms($logs)),-4) . ' | ' . '<font color="red"> Not Writable &#x2717 </font>';
}
clearstatcache();
if (is_writable($logs) && substr(decoct(fileperms($logs)), -4) >= 751 ) {
echo ' | <font color="red">Vulnerable &#x2717</font>';
if (is_writable($logs) && substr(decoct(fileperms($logs)), -4) != 750 ) {
echo ' | <font color="red">Vulnerable or Incorrect Permissions &#x2717</font>';
} else {
echo ' | <font color="green">Security Check Passed &#x2713 </font>';
}
@@ -81,8 +81,8 @@
echo ' - ' . substr(sprintf("%o",fileperms($uploads)),-4) . ' | ' . '<font color="red"> Not Writable &#x2717 </font>';
}
clearstatcache();
if (is_writable($uploads) && substr(decoct(fileperms($uploads)), -4) >= 751 ) {
echo ' | <font color="red">Vulnerable &#x2717</font>';
if (is_writable($uploads) && substr(decoct(fileperms($uploads)), -4) != 750 ) {
echo ' | <font color="red">Vulnerable or Incorrect Permissions &#x2717</font>';
} else {
echo ' | <font color="green">Security Check Passed &#x2713 </font>';
}
@@ -97,8 +97,8 @@
echo ' - ' . substr(sprintf("%o",fileperms($images)),-4) . ' | ' . '<font color="red"> Not Writable &#x2717 </font>';
}
clearstatcache();
if (is_writable($images) && substr(decoct(fileperms($images)), -4) >= 751 ) {
echo ' | <font color="red">Vulnerable &#x2717</font>';
if (substr(decoct(fileperms($images)), -4) != 750 ) {
echo ' | <font color="red">Vulnerable or Incorrect Permissions &#x2717</font>';
} else {
echo ' | <font color="green">Security Check Passed &#x2713 </font>';
}
@@ -113,8 +113,8 @@
echo ' - ' . substr(sprintf("%o",fileperms($importcustomers)),-4) . ' | ' . '<font color="red"> Not Readable &#x2717 </font>';
}
clearstatcache();
if (is_writable($importcustomers) && substr(decoct(fileperms($importcustomers)), -4) > 660 ) {
echo ' | <font color="red">Vulnerable &#x2717</font>';
if (!((substr(decoct(fileperms($importcustomers)), -4) == 640) || (substr(decoct(fileperms($importcustomers)), -4) == 660) )) {
echo ' | <font color="red">Vulnerable or Incorrect Permissions &#x2717</font>';
} else {
echo ' | <font color="green">Security Check Passed &#x2713 </font>';
}
@@ -122,34 +122,27 @@
?>
<br>
<?php
if((substr(decoct(fileperms($logs)), -4) <= 750 && substr(decoct(fileperms($logs)), -4) >= 700)
&& (substr(decoct(fileperms($uploads)), -4) <= 750 && substr(decoct(fileperms($uploads)), -4) >= 700)
&& (substr(decoct(fileperms($images)), -4) <= 750 && substr(decoct(fileperms($images)), -4) >= 700)
&& (substr(decoct(fileperms($importcustomers)), -4) <= 660 && substr(decoct(fileperms($importcustomers)), -4) >= 400)) {
echo '<br><font color="green">' . $this->lang->line('config_all_set') . ' </font>';
}
else {
echo '<br><font color="red">' . $this->lang->line('config_file_perm') . '</font><br>';
}
if(substr(decoct(fileperms($logs)), -4) >= 751
OR substr(decoct(fileperms($uploads)), -4) >= 751
OR substr(decoct(fileperms($images)), -4) >= 751
OR substr(decoct(fileperms($importcustomers)), -4) > 660) {
if(!((substr(decoct(fileperms($logs)), -4) == 750) && (substr(decoct(fileperms($uploads)), -4) == 750) && (substr(decoct(fileperms($images)), -4) == 750)
&& ((substr(decoct(fileperms($importcustomers)), -4) == 640) || (substr(decoct(fileperms($importcustomers)), -4) == 660)))) {
// OR substr(decoct(fileperms($uploads)), -4) != 750
// OR substr(decoct(fileperms($images)), -4) != 750
// OR substr(decoct(fileperms($importcustomers)), -4) != 660) {
echo '<br><font color="red"><strong>' . $this->lang->line('config_security_issue') . '</strong> <br>' . $this->lang->line('config_perm_risk') . '</font><br>';
}
else {
echo '<br><font color="green">' . $this->lang->line('config_no_risk') . '</strong> <br> </font>';
}
if(substr(decoct(fileperms($logs)), -4) > 750) {
if(substr(decoct(fileperms($logs)), -4) != 750) {
echo '<br><font color="red"> &#187; [application/logs:] ' . $this->lang->line('config_is_writable') . '</font>';
}
if(substr(decoct(fileperms($uploads)), -4) > 750) {
if(substr(decoct(fileperms($uploads)), -4) != 750) {
echo '<br><font color="red"> &#187; [public/uploads:] ' . $this->lang->line('config_is_writable') . '</font>';
}
if(substr(decoct(fileperms($images)), -4) > 750) {
if(substr(decoct(fileperms($images)), -4) != 750) {
echo '<br><font color="red"> &#187; [public/uploads/item_pics:] ' . $this->lang->line('config_is_writable') . '</font>';
}
if(substr(decoct(fileperms($importcustomers)), -4) > 660) {
if(!((substr(decoct(fileperms($importcustomers)), -4) == 640) || (substr(decoct(fileperms($importcustomers)), -4) == 660))) {
echo '<br><font color="red"> &#187; [import_customers.csv:] ' . $this->lang->line('config_is_readable') . '</font>';
}
?>