Fix Setup hardening

Combodo · Dec 19, 2018 · 75fbb83 · 75fbb83
1 parent 3219957
commit 75fbb83
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/setup/ajax.dataloader.php b/setup/ajax.dataloader.php
@@ -147,7 +147,10 @@ function FatalErrorCatcher($sOutput)
 $sOperation = Utils::ReadParam('operation', '');
 try
 {
-	if (!is_writable(utils::GetConfigFilePath())) throw new Exception('Setup operations are not allowed outside of the setup');
+	if (is_file(utils::GetConfigFilePath()) && !is_writable(utils::GetConfigFilePath()))
+	{
+		throw new Exception('Setup operations are not allowed outside of the setup');
+	}
 
 	switch($sOperation)
 	{