User tests: Successful: Unsuccessful:
StackOverflow emailed me this https://joomla.stackexchange.com/questions/29123/cli-directory-is-publicly-accessible-is-it-supposed-to-be-is-that-safe/29181
They were correct, that Joomla 4 did not have any test for CLI use when the scripts were called from the web.
The code proposed is back ported from the Joomla-framework Joomla\Console\Application
constructor and so should be "good enough"
Go to http://example.com/cli/joomla.php in a web browser.
With debug on/error reporting = maximum
With debug off/error_reporting none
White screen of death - which is a good thing.
Status | New | ⇒ | Pending |
Category | ⇒ | Libraries |
Just like I stated:
The code proposed is back ported from the Joomla-framework Joomla\Console\Application constructor and so should be "good enough"
It should also be noted that its the same code that is currently used in Joomla 3
I have tested this item
Just like I stated:
The code proposed is back ported from the Joomla-framework Joomla\Console\Application constructor and so should be "good enough"
^^ ok sorry missed this part, looks strange anyway but ok
Im not saying its perfect, but at least its consistent :)
There are a few uses of php_sapi_name
in Joomla 3 but the only use of php_sapi_name
in Joomla 4 appears to be in vendor libs.
I have tested this item
perfectible but better than before
Status | Pending | ⇒ | Ready to Commit |
RTC
Labels |
Added:
?
?
|
Previous tests and RTC are still valid since last commit was just a change in a code comment.
Status | Ready to Commit | ⇒ | Fixed in Code Base |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2021-05-19 22:28:23 |
Closed_By | ⇒ | wilsonge | |
Labels |
Added:
?
Removed: ? |
Somewhat unconvinced this belongs here vs in the entry file itself for the cli. But better than nothing for sure. easy to move around in the future. Thanks!
its a direct copy of the same code in a constructor in the CliApplication.php
Sure but in that place every CLI app had a different entry point. In J4 the one true way (xD) is that we'll have a single entry point like site/admin is - so should be a bit simpler to manage and less confusing for 3rd party devs who don't need to look at the file. But anyhow it's fine for now
is there a reason why you not simple do
if (\php_sapi_name() === 'cli') {
?