X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2FApplicationUtils.php;h=7fe3cb3245a9791f2a0324a3f6fd3ec377421cfc;hb=9778a1551ce708b9f421a181806412a05410f1fb;hp=85dcbeebdb164858680ff68b9fbc1048340d05f1;hpb=b786c8836f0576d4feb1543471950c5d24bc7939;p=github%2Fshaarli%2FShaarli.git

diff --git a/application/ApplicationUtils.php b/application/ApplicationUtils.php
index 85dcbeeb..7fe3cb32 100644
--- a/application/ApplicationUtils.php
+++ b/application/ApplicationUtils.php
@@ -1,4 +1,9 @@
 <?php
+namespace Shaarli;
+
+use Exception;
+use Shaarli\Config\ConfigManager;
+
 /**
  * Shaarli (application) utilities
  */
@@ -24,7 +29,7 @@ class ApplicationUtils
      *
      * @return mixed the version code from the repository if available, else 'false'
      */
-    public static function getLatestGitVersionCode($url, $timeout=2)
+    public static function getLatestGitVersionCode($url, $timeout = 2)
     {
         list($headers, $data) = get_http_response($url, $timeout);
 
@@ -51,7 +56,7 @@ class ApplicationUtils
                 return false;
             }
         } else {
-            if (! is_file($remote)) {
+            if (!is_file($remote)) {
                 return false;
             }
             $data = file_get_contents($remote);
@@ -86,17 +91,18 @@ class ApplicationUtils
      *
      * @return mixed the new version code if available and greater, else 'false'
      */
-    public static function checkUpdate($currentVersion,
-                                       $updateFile,
-                                       $checkInterval,
-                                       $enableCheck,
-                                       $isLoggedIn,
-                                       $branch='stable')
-    {
+    public static function checkUpdate(
+        $currentVersion,
+        $updateFile,
+        $checkInterval,
+        $enableCheck,
+        $isLoggedIn,
+        $branch = 'stable'
+    ) {
         // Do not check versions for visitors
         // Do not check if the user doesn't want to
         // Do not check with dev version
-        if (! $isLoggedIn || empty($enableCheck) || $currentVersion === 'dev') {
+        if (!$isLoggedIn || empty($enableCheck) || $currentVersion === 'dev') {
             return false;
         }
 
@@ -110,7 +116,7 @@ class ApplicationUtils
             return false;
         }
 
-        if (! in_array($branch, self::$GIT_BRANCHES)) {
+        if (!in_array($branch, self::$GIT_BRANCHES)) {
             throw new Exception(
                 'Invalid branch selected for updates: "' . $branch . '"'
             );
@@ -122,7 +128,7 @@ class ApplicationUtils
             self::$GIT_URL . '/' . $branch . '/' . self::$VERSION_FILE
         );
 
-        if (! $latestVersion) {
+        if (!$latestVersion) {
             // Only update the file's modification date
             file_put_contents($updateFile, $currentVersion);
             return false;
@@ -149,12 +155,13 @@ class ApplicationUtils
     public static function checkPHPVersion($minVersion, $curVersion)
     {
         if (version_compare($curVersion, $minVersion) < 0) {
-            throw new Exception(
+            $msg = t(
                 'Your PHP version is obsolete!'
-                .' Shaarli requires at least PHP '.$minVersion.', and thus cannot run.'
-                .' Your PHP version has known security vulnerabilities and should be'
-                .' updated as soon as possible.'
+                . ' Shaarli requires at least PHP %s, and thus cannot run.'
+                . ' Your PHP version has known security vulnerabilities and should be'
+                . ' updated as soon as possible.'
             );
+            throw new Exception(sprintf($msg, $minVersion));
         }
     }
 
@@ -168,56 +175,72 @@ class ApplicationUtils
     public static function checkResourcePermissions($conf)
     {
         $errors = array();
+        $rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/');
 
         // Check script and template directories are readable
         foreach (array(
-            'application',
-            'inc',
-            'plugins',
-            $conf->get('resource.raintpl_tpl'),
-            $conf->get('resource.raintpl_tpl').'/'.$conf->get('resource.theme'),
-        ) as $path) {
-            if (! is_readable(realpath($path))) {
-                $errors[] = '"'.$path.'" directory is not readable';
+                     'application',
+                     'inc',
+                     'plugins',
+                     $rainTplDir,
+                     $rainTplDir . '/' . $conf->get('resource.theme'),
+                 ) as $path) {
+            if (!is_readable(realpath($path))) {
+                $errors[] = '"' . $path . '" ' . t('directory is not readable');
             }
         }
 
         // Check cache and data directories are readable and writable
         foreach (array(
-            $conf->get('resource.thumbnails_cache'),
-            $conf->get('resource.data_dir'),
-            $conf->get('resource.page_cache'),
-            $conf->get('resource.raintpl_tmp'),
-        ) as $path) {
-            if (! is_readable(realpath($path))) {
-                $errors[] = '"'.$path.'" directory is not readable';
+                     $conf->get('resource.thumbnails_cache'),
+                     $conf->get('resource.data_dir'),
+                     $conf->get('resource.page_cache'),
+                     $conf->get('resource.raintpl_tmp'),
+                 ) as $path) {
+            if (!is_readable(realpath($path))) {
+                $errors[] = '"' . $path . '" ' . t('directory is not readable');
             }
-            if (! is_writable(realpath($path))) {
-                $errors[] = '"'.$path.'" directory is not writable';
+            if (!is_writable(realpath($path))) {
+                $errors[] = '"' . $path . '" ' . t('directory is not writable');
             }
         }
 
         // Check configuration files are readable and writable
         foreach (array(
-            $conf->getConfigFileExt(),
-            $conf->get('resource.datastore'),
-            $conf->get('resource.ban_file'),
-            $conf->get('resource.log'),
-            $conf->get('resource.update_check'),
-        ) as $path) {
-            if (! is_file(realpath($path))) {
+                     $conf->getConfigFileExt(),
+                     $conf->get('resource.datastore'),
+                     $conf->get('resource.ban_file'),
+                     $conf->get('resource.log'),
+                     $conf->get('resource.update_check'),
+                 ) as $path) {
+            if (!is_file(realpath($path))) {
                 # the file may not exist yet
                 continue;
             }
 
-            if (! is_readable(realpath($path))) {
-                $errors[] = '"'.$path.'" file is not readable';
+            if (!is_readable(realpath($path))) {
+                $errors[] = '"' . $path . '" ' . t('file is not readable');
             }
-            if (! is_writable(realpath($path))) {
-                $errors[] = '"'.$path.'" file is not writable';
+            if (!is_writable(realpath($path))) {
+                $errors[] = '"' . $path . '" ' . t('file is not writable');
             }
         }
 
         return $errors;
     }
+
+    /**
+     * Returns a salted hash representing the current Shaarli version.
+     *
+     * Useful for assets browser cache.
+     *
+     * @param string $currentVersion of Shaarli
+     * @param string $salt           User personal salt, also used for the authentication
+     *
+     * @return string version hash
+     */
+    public static function getVersionHash($currentVersion, $salt)
+    {
+        return hash_hmac('sha256', $currentVersion, $salt);
+    }
 }