Only check if PHPIDS file can be written if it is enabled

digininja · digininja · commit 84da38a7ca63 · 2017-04-17T12:56:28.000+01:00
diff --git a/security.php b/security.php
@@ -62,8 +62,17 @@
 }
 
 $phpIdsHtml = 'PHPIDS is currently: ';
+
+// Able to write to the PHPIDS log file?
+$WarningHtml = '';
+
 if( dvwaPhpIdsIsEnabled() ) {
 	$phpIdsHtml .= '<em>enabled</em>. [<a href="?phpids=off">Disable PHPIDS</a>]';
+
+	# Only check if PHPIDS is enabled
+	if( !is_writable( $PHPIDSPath ) ) {
+		$WarningHtml .= "<div class=\"warning\"><em>Cannot write to the PHPIDS log file</em>: ${PHPIDSPath}</div>";
+	}
 }
 else {
 	$phpIdsHtml .= '<em>disabled</em>. [<a href="?phpids=on">Enable PHPIDS</a>]';
@@ -72,13 +81,6 @@
 // Anti-CSRF
 generateSessionToken();
 
-// Able to write to the PHPIDS log file?
-$WarningHtml = '';
-if( !is_writable( $PHPIDSPath ) ) {
-	$WarningHtml .= "<div class=\"warning\"><em>Cannot write to the PHPIDS log file</em>: ${PHPIDSPath}</div>";
-}
-
-
 $page[ 'body' ] .= "
 <div class=\"body_padded\">
 	<h1>DVWA Security <img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/lock.png\" /></h1>
