From 54e12185b67e18a13a443171561b857a1b05d954 Mon Sep 17 00:00:00 2001
From: mattab <matthieu.aubry@gmail.com>
Date: Sat, 25 Mar 2017 00:10:54 +0100
Subject: [PATCH] Tweak comment

---
 config/global.ini.php | 5 +++--
 core/CronArchive.php  | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/config/global.ini.php b/config/global.ini.php
index 1dc2dda825..d12f73c1c0 100644
--- a/config/global.ini.php
+++ b/config/global.ini.php
@@ -539,8 +539,9 @@ enable_load_data_infile = 1
 ; - links to Uninstall themes will be disabled (but user can still enable/disable themes)
 enable_plugins_admin = 1
 
-; By setting this option to 1, it will be possible to upload plugin archives directly in Piwik
-; Enabling this opens a remote code execution vulnarability, which yould be used by attackers gaining access to Piwik admin
+; By setting this option to 1, it will be possible for Super Users to upload Piwik plugin ZIP archives directly in Piwik Administration.
+; Enabling this opens a remote code execution vulnerability where
+; an attacker who gained Super User access could execute custom PHP code in a Piwik plugin.
 enable_plugin_upload = 0
 
 ; By setting this option to 0, you can prevent Super User from editing the Geolocation settings.
diff --git a/core/CronArchive.php b/core/CronArchive.php
index cc8a1de71c..d9ed8c6311 100644
--- a/core/CronArchive.php
+++ b/core/CronArchive.php
@@ -1017,7 +1017,7 @@ class CronArchive
     private function checkResponse($response, $url)
     {
         if (empty($response)
-            || stripos($response, 'error')
+            || stripos($response, 'error') !== false
         ) {
             return $this->logNetworkError($url, $response);
         }
-- 
GitLab