]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | /** | |
3 | * Shaarli (application) utilities | |
4 | */ | |
5 | class ApplicationUtils | |
6 | { | |
7 | private static $GIT_URL = 'https://raw.githubusercontent.com/shaarli/Shaarli'; | |
8 | private static $GIT_BRANCHES = array('master', 'stable'); | |
9 | private static $VERSION_FILE = 'shaarli_version.php'; | |
10 | private static $VERSION_START_TAG = '<?php /* '; | |
11 | private static $VERSION_END_TAG = ' */ ?>'; | |
12 | ||
13 | /** | |
14 | * Gets the latest version code from the Git repository | |
15 | * | |
16 | * The code is read from the raw content of the version file on the Git server. | |
17 | * | |
18 | * @param string $url URL to reach to get the latest version. | |
19 | * @param int $timeout Timeout to check the URL (in seconds). | |
20 | * | |
21 | * @return mixed the version code from the repository if available, else 'false' | |
22 | */ | |
23 | public static function getLatestGitVersionCode($url, $timeout=2) | |
24 | { | |
25 | list($headers, $data) = get_http_response($url, $timeout); | |
26 | ||
27 | if (strpos($headers[0], '200 OK') === false) { | |
28 | error_log('Failed to retrieve ' . $url); | |
29 | return false; | |
30 | } | |
31 | ||
32 | return str_replace( | |
33 | array(self::$VERSION_START_TAG, self::$VERSION_END_TAG, PHP_EOL), | |
34 | array('', '', ''), | |
35 | $data | |
36 | ); | |
37 | } | |
38 | ||
39 | /** | |
40 | * Checks if a new Shaarli version has been published on the Git repository | |
41 | * | |
42 | * Updates checks are run periodically, according to the following criteria: | |
43 | * - the update checks are enabled (install, global config); | |
44 | * - the user is logged in (or this is an open instance); | |
45 | * - the last check is older than a given interval; | |
46 | * - the check is non-blocking if the HTTPS connection to Git fails; | |
47 | * - in case of failure, the update file's modification date is updated, | |
48 | * to avoid intempestive connection attempts. | |
49 | * | |
50 | * @param string $currentVersion the current version code | |
51 | * @param string $updateFile the file where to store the latest version code | |
52 | * @param int $checkInterval the minimum interval between update checks (in seconds | |
53 | * @param bool $enableCheck whether to check for new versions | |
54 | * @param bool $isLoggedIn whether the user is logged in | |
55 | * @param string $branch check update for the given branch | |
56 | * | |
57 | * @throws Exception an invalid branch has been set for update checks | |
58 | * | |
59 | * @return mixed the new version code if available and greater, else 'false' | |
60 | */ | |
61 | public static function checkUpdate($currentVersion, | |
62 | $updateFile, | |
63 | $checkInterval, | |
64 | $enableCheck, | |
65 | $isLoggedIn, | |
66 | $branch='stable') | |
67 | { | |
68 | if (! $isLoggedIn) { | |
69 | // Do not check versions for visitors | |
70 | return false; | |
71 | } | |
72 | ||
73 | if (empty($enableCheck)) { | |
74 | // Do not check if the user doesn't want to | |
75 | return false; | |
76 | } | |
77 | ||
78 | if (is_file($updateFile) && (filemtime($updateFile) > time() - $checkInterval)) { | |
79 | // Shaarli has checked for updates recently - skip HTTP query | |
80 | $latestKnownVersion = file_get_contents($updateFile); | |
81 | ||
82 | if (version_compare($latestKnownVersion, $currentVersion) == 1) { | |
83 | return $latestKnownVersion; | |
84 | } | |
85 | return false; | |
86 | } | |
87 | ||
88 | if (! in_array($branch, self::$GIT_BRANCHES)) { | |
89 | throw new Exception( | |
90 | 'Invalid branch selected for updates: "' . $branch . '"' | |
91 | ); | |
92 | } | |
93 | ||
94 | // Late Static Binding allows overriding within tests | |
95 | // See http://php.net/manual/en/language.oop5.late-static-bindings.php | |
96 | $latestVersion = static::getLatestGitVersionCode( | |
97 | self::$GIT_URL . '/' . $branch . '/' . self::$VERSION_FILE | |
98 | ); | |
99 | ||
100 | if (! $latestVersion) { | |
101 | // Only update the file's modification date | |
102 | file_put_contents($updateFile, $currentVersion); | |
103 | return false; | |
104 | } | |
105 | ||
106 | // Update the file's content and modification date | |
107 | file_put_contents($updateFile, $latestVersion); | |
108 | ||
109 | if (version_compare($latestVersion, $currentVersion) == 1) { | |
110 | return $latestVersion; | |
111 | } | |
112 | ||
113 | return false; | |
114 | } | |
115 | ||
116 | /** | |
117 | * Checks the PHP version to ensure Shaarli can run | |
118 | * | |
119 | * @param string $minVersion minimum PHP required version | |
120 | * @param string $curVersion current PHP version (use PHP_VERSION) | |
121 | * | |
122 | * @throws Exception the PHP version is not supported | |
123 | */ | |
124 | public static function checkPHPVersion($minVersion, $curVersion) | |
125 | { | |
126 | if (version_compare($curVersion, $minVersion) < 0) { | |
127 | throw new Exception( | |
128 | 'Your PHP version is obsolete!' | |
129 | .' Shaarli requires at least PHP '.$minVersion.', and thus cannot run.' | |
130 | .' Your PHP version has known security vulnerabilities and should be' | |
131 | .' updated as soon as possible.' | |
132 | ); | |
133 | } | |
134 | } | |
135 | ||
136 | /** | |
137 | * Checks Shaarli has the proper access permissions to its resources | |
138 | * | |
139 | * @param ConfigManager $conf Configuration Manager instance. | |
140 | * | |
141 | * @return array A list of the detected configuration issues | |
142 | */ | |
143 | public static function checkResourcePermissions($conf) | |
144 | { | |
145 | $errors = array(); | |
146 | ||
147 | // Check script and template directories are readable | |
148 | foreach (array( | |
149 | 'application', | |
150 | 'inc', | |
151 | 'plugins', | |
152 | $conf->get('resource.raintpl_tpl'), | |
153 | ) as $path) { | |
154 | if (! is_readable(realpath($path))) { | |
155 | $errors[] = '"'.$path.'" directory is not readable'; | |
156 | } | |
157 | } | |
158 | ||
159 | // Check cache and data directories are readable and writable | |
160 | foreach (array( | |
161 | $conf->get('resource.thumbnails_cache'), | |
162 | $conf->get('resource.data_dir'), | |
163 | $conf->get('resource.page_cache'), | |
164 | $conf->get('resource.raintpl_tmp'), | |
165 | ) as $path) { | |
166 | if (! is_readable(realpath($path))) { | |
167 | $errors[] = '"'.$path.'" directory is not readable'; | |
168 | } | |
169 | if (! is_writable(realpath($path))) { | |
170 | $errors[] = '"'.$path.'" directory is not writable'; | |
171 | } | |
172 | } | |
173 | ||
174 | // Check configuration files are readable and writable | |
175 | foreach (array( | |
176 | $conf->getConfigFileExt(), | |
177 | $conf->get('resource.datastore'), | |
178 | $conf->get('resource.ban_file'), | |
179 | $conf->get('resource.log'), | |
180 | $conf->get('resource.update_check'), | |
181 | ) as $path) { | |
182 | if (! is_file(realpath($path))) { | |
183 | # the file may not exist yet | |
184 | continue; | |
185 | } | |
186 | ||
187 | if (! is_readable(realpath($path))) { | |
188 | $errors[] = '"'.$path.'" file is not readable'; | |
189 | } | |
190 | if (! is_writable(realpath($path))) { | |
191 | $errors[] = '"'.$path.'" file is not writable'; | |
192 | } | |
193 | } | |
194 | ||
195 | return $errors; | |
196 | } | |
197 | } |