getSecurityType() == DUPX_Security::SECURITY_NONE) { DUPX_HTTP::post_with_html($page_url, array( 'action_step' => '1', 'csrf_token' => DUPX_CSRF::generate('step1') )); exit; } //POSTBACK: valid security if ($security->securityCheck()) { DUPX_HTTP::post_with_html($page_url, array( 'action_step' => '1', 'csrf_token' => DUPX_CSRF::generate('step1'), 'secure-pass' => $_POST['secure-pass'], 'secure-archive' => $_POST['secure-archive'] ) ); exit; } $page_err = isset($_POST['secure-try']) ? 1 : 0; switch (DUPX_Security::getInstance()->getSecurityType()) { case DUPX_Security::SECURITY_PASSWORD: $errorMsg = 'Invalid Password! Please try again...'; break; case DUPX_Security::SECURITY_ARCHIVE: $errorMsg = 'Invalid Archive name! Please try again...'; break; case DUPX_Security::SECURITY_NONE: default: $errorMsg = ''; break; } $css_why_display = ($GLOBALS['DUPX_STATE']->mode === DUPX_InstallerMode::OverwriteInstall) ? "" : "no-display"; $archive_name = isset($_POST['secure-archive']) ? $_POST['secure-archive'] : ''; ?>
Installer Security

This screen will show under the following conditions:
  • Password Protection: If the file was password protected when it was created then the password input below should be enabled. If the input is disabled then no password was set.
  • Simple Installer Name: If no password is set and you are performing an "Overwrite Install" on a public server (non localhost) without a secure installer.php file name (i.e. [hash]_installer.php). Then users will need to enter the archive file for a valid security check. If the Archive File Name input is disabled then it can be ignored.
getSecurityType() == $security::SECURITY_PASSWORD) { $attrs['required'] = 'required'; } else { $attrs['placeholder'] = 'Password not enabled'; $attrs['disabled'] = 'disabled'; } DUPX_U_Html::inputPasswordToggle('secure-pass', 'secure-pass', array(), $attrs); ?>
mode === DUPX_InstallerMode::OverwriteInstall) : ?>
getSecurityType() == $security::SECURITY_ARCHIVE ? '' : 'disabled'); ?>>