]> git.immae.eu Git - github/shaarli/Shaarli.git/blame_incremental - application/ApplicationUtils.php
API - Apache - Specify allowed HTTP method in .htaccess
[github/shaarli/Shaarli.git] / application / ApplicationUtils.php
... / ...
CommitLineData
1<?php
2/**
3 * Shaarli (application) utilities
4 */
5class ApplicationUtils
6{
7 /**
8 * @var string File containing the current version
9 */
10 public static $VERSION_FILE = 'shaarli_version.php';
11
12 private static $GIT_URL = 'https://raw.githubusercontent.com/shaarli/Shaarli';
13 private static $GIT_BRANCHES = array('latest', 'stable');
14 private static $VERSION_START_TAG = '<?php /* ';
15 private static $VERSION_END_TAG = ' */ ?>';
16
17 /**
18 * Gets the latest version code from the Git repository
19 *
20 * The code is read from the raw content of the version file on the Git server.
21 *
22 * @param string $url URL to reach to get the latest version.
23 * @param int $timeout Timeout to check the URL (in seconds).
24 *
25 * @return mixed the version code from the repository if available, else 'false'
26 */
27 public static function getLatestGitVersionCode($url, $timeout=2)
28 {
29 list($headers, $data) = get_http_response($url, $timeout);
30
31 if (strpos($headers[0], '200 OK') === false) {
32 error_log('Failed to retrieve ' . $url);
33 return false;
34 }
35
36 return $data;
37 }
38
39 /**
40 * Retrieve the version from a remote URL or a file.
41 *
42 * @param string $remote URL or file to fetch.
43 * @param int $timeout For URLs fetching.
44 *
45 * @return bool|string The version or false if it couldn't be retrieved.
46 */
47 public static function getVersion($remote, $timeout = 2)
48 {
49 if (startsWith($remote, 'http')) {
50 if (($data = static::getLatestGitVersionCode($remote, $timeout)) === false) {
51 return false;
52 }
53 } else {
54 if (! is_file($remote)) {
55 return false;
56 }
57 $data = file_get_contents($remote);
58 }
59
60 return str_replace(
61 array(self::$VERSION_START_TAG, self::$VERSION_END_TAG, PHP_EOL),
62 array('', '', ''),
63 $data
64 );
65 }
66
67 /**
68 * Checks if a new Shaarli version has been published on the Git repository
69 *
70 * Updates checks are run periodically, according to the following criteria:
71 * - the update checks are enabled (install, global config);
72 * - the user is logged in (or this is an open instance);
73 * - the last check is older than a given interval;
74 * - the check is non-blocking if the HTTPS connection to Git fails;
75 * - in case of failure, the update file's modification date is updated,
76 * to avoid intempestive connection attempts.
77 *
78 * @param string $currentVersion the current version code
79 * @param string $updateFile the file where to store the latest version code
80 * @param int $checkInterval the minimum interval between update checks (in seconds
81 * @param bool $enableCheck whether to check for new versions
82 * @param bool $isLoggedIn whether the user is logged in
83 * @param string $branch check update for the given branch
84 *
85 * @throws Exception an invalid branch has been set for update checks
86 *
87 * @return mixed the new version code if available and greater, else 'false'
88 */
89 public static function checkUpdate($currentVersion,
90 $updateFile,
91 $checkInterval,
92 $enableCheck,
93 $isLoggedIn,
94 $branch='stable')
95 {
96 // Do not check versions for visitors
97 // Do not check if the user doesn't want to
98 // Do not check with dev version
99 if (! $isLoggedIn || empty($enableCheck) || $currentVersion === 'dev') {
100 return false;
101 }
102
103 if (is_file($updateFile) && (filemtime($updateFile) > time() - $checkInterval)) {
104 // Shaarli has checked for updates recently - skip HTTP query
105 $latestKnownVersion = file_get_contents($updateFile);
106
107 if (version_compare($latestKnownVersion, $currentVersion) == 1) {
108 return $latestKnownVersion;
109 }
110 return false;
111 }
112
113 if (! in_array($branch, self::$GIT_BRANCHES)) {
114 throw new Exception(
115 'Invalid branch selected for updates: "' . $branch . '"'
116 );
117 }
118
119 // Late Static Binding allows overriding within tests
120 // See http://php.net/manual/en/language.oop5.late-static-bindings.php
121 $latestVersion = static::getVersion(
122 self::$GIT_URL . '/' . $branch . '/' . self::$VERSION_FILE
123 );
124
125 if (! $latestVersion) {
126 // Only update the file's modification date
127 file_put_contents($updateFile, $currentVersion);
128 return false;
129 }
130
131 // Update the file's content and modification date
132 file_put_contents($updateFile, $latestVersion);
133
134 if (version_compare($latestVersion, $currentVersion) == 1) {
135 return $latestVersion;
136 }
137
138 return false;
139 }
140
141 /**
142 * Checks the PHP version to ensure Shaarli can run
143 *
144 * @param string $minVersion minimum PHP required version
145 * @param string $curVersion current PHP version (use PHP_VERSION)
146 *
147 * @throws Exception the PHP version is not supported
148 */
149 public static function checkPHPVersion($minVersion, $curVersion)
150 {
151 if (version_compare($curVersion, $minVersion) < 0) {
152 $msg = t(
153 'Your PHP version is obsolete!'
154 . ' Shaarli requires at least PHP %s, and thus cannot run.'
155 . ' Your PHP version has known security vulnerabilities and should be'
156 . ' updated as soon as possible.'
157 );
158 throw new Exception(sprintf($msg, $minVersion));
159 }
160 }
161
162 /**
163 * Checks Shaarli has the proper access permissions to its resources
164 *
165 * @param ConfigManager $conf Configuration Manager instance.
166 *
167 * @return array A list of the detected configuration issues
168 */
169 public static function checkResourcePermissions($conf)
170 {
171 $errors = array();
172 $rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/');
173
174 // Check script and template directories are readable
175 foreach (array(
176 'application',
177 'inc',
178 'plugins',
179 $rainTplDir,
180 $rainTplDir.'/'.$conf->get('resource.theme'),
181 ) as $path) {
182 if (! is_readable(realpath($path))) {
183 $errors[] = '"'.$path.'" '. t('directory is not readable');
184 }
185 }
186
187 // Check cache and data directories are readable and writable
188 foreach (array(
189 $conf->get('resource.thumbnails_cache'),
190 $conf->get('resource.data_dir'),
191 $conf->get('resource.page_cache'),
192 $conf->get('resource.raintpl_tmp'),
193 ) as $path) {
194 if (! is_readable(realpath($path))) {
195 $errors[] = '"'.$path.'" '. t('directory is not readable');
196 }
197 if (! is_writable(realpath($path))) {
198 $errors[] = '"'.$path.'" '. t('directory is not writable');
199 }
200 }
201
202 // Check configuration files are readable and writable
203 foreach (array(
204 $conf->getConfigFileExt(),
205 $conf->get('resource.datastore'),
206 $conf->get('resource.ban_file'),
207 $conf->get('resource.log'),
208 $conf->get('resource.update_check'),
209 ) as $path) {
210 if (! is_file(realpath($path))) {
211 # the file may not exist yet
212 continue;
213 }
214
215 if (! is_readable(realpath($path))) {
216 $errors[] = '"'.$path.'" '. t('file is not readable');
217 }
218 if (! is_writable(realpath($path))) {
219 $errors[] = '"'.$path.'" '. t('file is not writable');
220 }
221 }
222
223 return $errors;
224 }
225
226 /**
227 * Returns a salted hash representing the current Shaarli version.
228 *
229 * Useful for assets browser cache.
230 *
231 * @param string $currentVersion of Shaarli
232 * @param string $salt User personal salt, also used for the authentication
233 *
234 * @return string version hash
235 */
236 public static function getVersionHash($currentVersion, $salt)
237 {
238 return hash_hmac('sha256', $currentVersion, $salt);
239 }
240}