dinislage/PrestaShop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[*] BO: Add an option to htaccess generator to disable mod_security (some rules reject ajax file upload)

Browse Source
This commit is contained in:
Rémi Gaillard
2013-02-12 11:35:10 +01:00
parent d6f21bd9f9
commit f5cf54ef3b
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
classes/Tools.php
+7 -1
View File
@@ -1492,7 +1492,7 @@ class ToolsCore
return Tools::getHttpHost();
}
public static function generateHtaccess($path = null, $rewrite_settings = null, $cache_control = null, $specific = '', $disable_multiviews = null, $medias = false)
public static function generateHtaccess($path = null, $rewrite_settings = null, $cache_control = null, $specific = '', $disable_multiviews = null, $medias = false, $disable_modsec = null)
{
if (defined('PS_INSTALLATION_IN_PROGRESS'))
return true;
@@ -1505,6 +1505,9 @@ class ToolsCore
if (is_null($disable_multiviews))
$disable_multiviews = (int)Configuration::get('PS_HTACCESS_DISABLE_MULTIVIEWS');
if ($disable_modsec === null)
$disable_modsec = (int)Configuration::get('PS_HTACCESS_DISABLE_MODSEC');
// Check current content of .htaccess and save all code outside of prestashop comments
$specific_before = $specific_after = '';
if (file_exists($path))
@@ -1567,6 +1570,9 @@ class ToolsCore
if ($disable_multiviews)
fwrite($write_fd, "\n# Disable Multiviews\nOptions -Multiviews\n\n");
if ($disable_modsec)
fwrite($write_fd, "<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
fwrite($write_fd, "RewriteEngine on\n");
if (!$medias)
controllers/admin/AdminMetaController.php
+11 -1
View File
@@ -75,6 +75,7 @@ class AdminMetaControllerCore extends AdminController
$url_description = '';
if ($this->checkConfiguration($this->ht_file))
{
$general_fields['PS_HTACCESS_DISABLE_MULTIVIEWS'] = array(
'title' => $this->l('Disable apache multiviews'),
'desc' => $this->l('Enable this option only if you have problems with URL rewriting.'),
@@ -82,6 +83,15 @@ class AdminMetaControllerCore extends AdminController
'cast' => 'intval',
'type' => 'bool',
);
$general_fields['PS_HTACCESS_DISABLE_MODSEC'] = array(
'title' => $this->l('Disable apache mod security'),
'desc' => $this->l('Some features could not work correctly with a specific configuration of apache mod security. We recommend to turn it off.'),
'validation' => 'isBool',
'cast' => 'intval',
'type' => 'bool',
);
}
else
{
$url_description = $this->l('Before being able to use this tool, you need to:');
@@ -459,7 +469,7 @@ class AdminMetaControllerCore extends AdminController
public function updateOptionPsRewritingSettings()
{
Configuration::updateValue('PS_REWRITING_SETTINGS', (int)Tools::getValue('PS_REWRITING_SETTINGS'));
Tools::generateHtaccess($this->ht_file, null, null, '', Tools::getValue('PS_HTACCESS_DISABLE_MULTIVIEWS'));
Tools::generateHtaccess($this->ht_file, null, null, '', Tools::getValue('PS_HTACCESS_DISABLE_MULTIVIEWS'), false, Tools::getValue('PS_HTACCESS_DISABLE_MODSEC'));
Tools::enableCache();
Tools::clearCache($this->context->smarty);