On Feb 12, 2008 4:31 PM, chasd chasd@silveroaks.com wrote:
On Feb 11, 2008, at 5:30 PM, till wrote:
Please read my comment on the corrosponding ticket: http://trac.roundcube.net/ticket/1483912#comment:16
From the comment :
We have to add a note that people don't leave this file on the server, maybe we should add something where people cannot login when check.php is in the "root"?
A "nag" if statement is a good solution IMHO. Several web applications I have installed either check for the existence of troubleshooting / install scripts at the login stage to remind admins of a possible attack vector. You might not want to prevent login, in case the admin is in the process of testing. IMHO a big red message is enough.
Looking through the script :
It doesn't use the DB backend chosen from the config file, it has MDB2 hardcoded during the TZ check. As a result I get -
Fatal error: Call to undefined function: raise_error() in /Users/ chasd/Sites/roundcube/program/include/rcube_mdb2.inc on line 104
Did you just get the script or full trunk?
Full trunk contains MDB2: http://trac.roundcube.net/browser/trunk/roundcubemail/program/lib/
Since I set the include_path() in the beginning, MDB2 should therefor be available.
Personally I don't intend to "support" DB that much longer. It's old, slower and also deprecated. Which is why I hardcoded.
Let me know, Till _______________________________________________ List info: http://lists.roundcube.net/dev/