Security: Remove deprecated file. Last used before 2016 and contains code enabling RCE.

ywarnier · ywarnier · commit 0ee56d480c5b · 2024-10-10T01:01:33.000+02:00
diff --git a/plugin/vchamilo/js/host_form.js b/plugin/vchamilo/js/host_form.js
@@ -17,26 +17,6 @@ function opencnxpopup(webroot) {
     var windowobj = window.open(url, '', options);
 }
 
-/**
- * Pop-up testing connection with database.
- */
-function opendatapathpopup(webroot) {
-
-    // Input data.
-    var datapath = document.getElementById('id_vdatapath').value;
-
-    // PHP file linked the pop-up, and name.
-    var url = webroot + "/plugin/vchamilo/views/manage.testdatapath.php?dataroot=" + escape(datapath);
-
-    // Pop-up's options.
-    var options = "width=500,height=300,toolbar=no,menubar=no,location=no,scrollbars=no,status=no";
-
-    // Opening the pop-up (title not working in Firefox).
-    var windowobj = window.open(url, '', options);
-    // Needed to be valid in IE.
-    // windowobj.document.title = vchamilo_testdatapath;
-}
-
 /**
  * Activates/desactivates services selection.
  */
diff --git a/plugin/vchamilo/views/manage.testdatapath.php b/plugin/vchamilo/views/manage.testdatapath.php
@@ -1,63 +1,3 @@
 <?php
-/* For licensing terms, see /license.txt */
-
-/**
- * Tests presence of course directories.
- *
- * @package vchamilo
- * @category plugin
- *
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL
- */
-
-// Loading configuration.
-require_once __DIR__.'/../../../main/inc/global.inc.php';
-
-api_protect_admin_script();
-
-$plugin = VChamiloPlugin::create();
-
-// Retrieve parameters for database connection test.
-$dataroot = $_REQUEST['dataroot'];
-
-$absalternatecourse = Virtual::getConfig('vchamilo', 'course_real_root');
-if (!empty($absalternatecourse)) {
-    // this is the relocated case
-    $coursedir = str_replace('//', '/', $absalternatecourse.'/'.$dataroot);
-} else {
-    // this is the standard local case
-    $coursedir = api_get_path(SYS_PATH).$dataroot;
-}
-
-if (is_dir($coursedir)) {
-    $DIR = opendir($coursedir);
-    $cpt = 0;
-    $hasfiles = false;
-    while (($file = readdir($DIR)) && !$hasfiles) {
-        if (!preg_match("/^\\./", $file)) {
-            $hasfiles = true;
-        }
-    }
-    closedir($DIR);
-
-    if ($hasfiles) {
-        echo '<div class="error">'.$plugin->get_lang('datapathnotavailable').'</div>';
-    } else {
-        echo '<div class="success">'.$plugin->get_lang('datapathavailable').'</div>';
-    }
-    echo stripslashes($coursedir);
-} else {
-    if (@mkdir($coursedir, 02777, true)) {
-        echo '<div class="success">'.$plugin->get_lang('datapathcreated').'</div>';
-    } else {
-        echo '<div class="error">'.$plugin->get_lang('couldnotcreatedataroot').'</div>';
-    }
-    echo stripslashes($coursedir);
-}
-
-echo "</p>";
-
-$closestr = $plugin->get_lang('closewindow');
-echo "<center>";
-echo "<input class='btn' type=\"button\" name=\"close\" value=\"$closestr\" onclick=\"self.close();\" />";
-echo "</center>";
+// Deprecated and vulnerable. Blanked as substitute to removal due to minor version update method.
+exit;
