public static function ajax_fixFPD_callback()
{
$issues = new wfIssues();
$issue = $issues->getIssueByID($_POST['issueID']);
if (!$issue) {
return array('cerrorMsg' => "We could not find that issue in our database.");
}
$htaccess = ABSPATH . '/.htaccess';
$change = "<IfModule mod_php5.c>\n\tphp_value display_errors 0\n</IfModule>";
$content = "";
if (file_exists($htaccess)) {
$content = file_get_contents($htaccess);
}
if (@file_put_contents($htaccess, trim($content . "\n" . $change), LOCK_EX) === false) {
return array('cerrorMsg' => "You don't have permission to repair .htaccess. You need to either fix the file\n\t\t\t\tmanually using FTP or change the file permissions and ownership so that your web server has write access to repair the file.");
}
if (wfScanEngine::testForFullPathDisclosure()) {
// Didn't fix it, so revert the changes and return an error
file_put_contents($htaccess, $content, LOCK_EX);
return array('cerrorMsg' => "Modifying the .htaccess file did not resolve the issue, so the original .htaccess file\n\t\t\t\twas restored. You can fix this manually by setting <code>display_errors</code> to <code>Off</code> in\n\t\t\t\tyour php.ini if your site is on a VPS or dedicated server that you control.");
}
$issues->updateIssue($_POST['issueID'], 'delete');
return array('ok' => 1);
}
