New and upgraded sites will be given a default .htaccess file in their

dataroot directory SC#64

diff --git a/lib/db/mysql.php b/lib/db/mysql.php
index 1f2dcac732a4f3ce8a779754b2c5172ba9086be4..e6eef77ce2ad18422aa0b79482c5a3ea5bf6ba32 100644 (file)
--- a/lib/db/mysql.php
+++ b/lib/db/mysql.php
@@ -1092,6 +1092,17 @@ function main_upgrade($oldversion=0) {
         modify_database('', "INSERT INTO prefix_log_display VALUES ('message', 'block contact', 'user', 'CONCAT(firstname,\" \",lastname)'); ");
         modify_database('', "INSERT INTO prefix_log_display VALUES ('message', 'unblock contact', 'user', 'CONCAT(firstname,\" \",lastname)'); ");
     }
+
+    if ($oldversion < 2005011000) {     // Create a .htaccess file in dataroot, just in case
+        if (!file_exists($CFG->dataroot.'/.htaccess')) {
+            if ($handle = fopen($CFG->dataroot.'/.htaccess', 'w')) {   // For safety
+                @fwrite($handle, "deny from all\r\n");
+                @fclose($handle); 
+                notify("Created a default .htaccess file in $CFG->dataroot");
+            }
+        }
+    }
+
     return $result;
 
 }

diff --git a/lib/db/postgres7.php b/lib/db/postgres7.php
index 7452d98cf8131b40bc9b4128bd26d949fb744e65..9367c836c71217860060ff70781298afa5b3318d 100644 (file)
--- a/lib/db/postgres7.php
+++ b/lib/db/postgres7.php
@@ -868,6 +868,16 @@ function main_upgrade($oldversion=0) {
                             ");
     }
 
+    if ($oldversion < 2005011000) {     // Create a .htaccess file in dataroot, just in case
+        if (!file_exists($CFG->dataroot.'/.htaccess')) {
+            if ($handle = fopen($CFG->dataroot.'/.htaccess', 'w')) {   // For safety
+                @fwrite($handle, "deny from all\r\n");
+                @fclose($handle); 
+                notify("Created a default .htaccess file in $CFG->dataroot");
+            }
+        }
+    }
+
     return $result;
 }
 

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 31bd9e115b2079653f5c7d2edf69cdcd1a78d9ad..fcb190cbe186bab84486b5ffd2d3b79edba1563f 100644 (file)
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -2567,6 +2567,10 @@ function make_upload_directory($directory, $shownotices=true) {
             }
             return false;
         }
+        if ($handle = fopen($currdir.'/.htaccess', 'w')) {   // For safety
+            @fwrite($handle, "deny from all\r\n");
+            @fclose($handle); 
+        }
     }
 
     $dirarray = explode('/', $directory);

diff --git a/version.php b/version.php
index 4841f05b45bf681527b3f4e71225b432310cea0e..e2a5c22d3c3845497210ff7a24e2b8d28c15a6a4 100644 (file)
--- a/version.php
+++ b/version.php
@@ -6,7 +6,7 @@
 // This is compared against the values stored in the database to determine 
 // whether upgrades should be performed (see lib/db/*.php)
 
-   $version = 2005010100;  // YYYYMMDD = date of first major branch release 1.4
+   $version = 2005011000;  // YYYYMMDD = date of first major branch release 1.4
                            //       XY = increments within a single day
 
    $release = '1.5 UNSTABLE DEVELOPMENT';    // Human-friendly version name