Unlink .htpasswd and remove old db entries on security initialize.

git-svn-id: file:///Users/Shitiz/Downloads/lssvn/source/phpsurveyor@1911 b72ed6b6-b9f8-46b5-92b4-906544132732
LimeSurvey · Aug 13, 2006 · 8921a5c · 8921a5c
1 parent db71337
commit 8921a5c
Showing 1 changed file with 10 additions and 6 deletions.
diff --git a/admin/usercontrol.php b/admin/usercontrol.php
@@ -34,15 +34,20 @@
 #############################################################
 */
 
-include("classes/htaccess.class.php");
+include("classes/core/htaccess.class.php");
 
 if (empty($homedir)) {die("Cannot run this script directly");}
 if ($accesscontrol <> 1) {exit;}
 
 //REDIRECT EVERYTHING HERE IF THERE IS NO .htaccess FILE.
 if (!file_exists("$homedir/.htaccess") && $action == "setup")
 {
-
+	// Remove old .htpasswd and db entries incase
+	if (file_exists("$homedir/.htpasswd")) unlink("$homedir/.htpasswd");
+	$dq="DELETE FROM ".db_table_name('users');
+	$dr=$connect->Execute($dq);
+
+	// Start Creating
 	$addsummary = "<br />"._("Creating default htaccess file")."<br />\n";
 	$ht = new htaccess("$homedir/.htaccess","$homedir/.htpasswd");
 	$ht->setAuthType("Basic");
@@ -64,17 +69,16 @@
 	}
 	else
 	{
+		unlink("$homedir/.htpasswd"); // Remove .htpasswd since it might have been written and operation failed?
 		$addsummary .= _("Error occurred creating htpasswd file")."<br /><br />\n<font size='1'>"._("If you are using a windows server it is recommended that you copy the apache htpasswd.exe file into your admin folder for this function to work properly. This file is usually found in /apache group/apache/bin/")."<br /></font>\n";
 	}
 	$addsummary .= "<br />\n<a href='$scriptname?action=editusers'>"._("Continue")."</a><br />&nbsp;\n";
 }
 elseif ($action == "deleteall")
 {
 	$addsummary = "<br /><strong>"._("Removing security settings")."..</strong><br />\n";
-	$fname1="$homedir/.htaccess";
-	unlink($fname1);
-	$fname1="$homedir/.htpasswd";
-	unlink($fname1);
+	if (file_exists("$homedir/.htaccess")) unlink("$homedir/.htaccess");
+	if (file_exists("$homedir/.htpasswd")) unlink("$homedir/.htpasswd");
 	$dq="DELETE FROM ".db_table_name('users');
 	$dr=$connect->Execute($dq);
 	$addsummary .= _("Access file, password file and user database deleted");