X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2FApplicationUtils.php;h=a3b2dcb18effa309c6d776961913cfe6f1385de0;hb=1004742f09b55ff781c13745781b9a7e90986faa;hp=6d878110cfe984f7e5b6e71d8d0801a888e673eb;hpb=05f21ea82130dca0bf49a16630105d1c5649e6c6;p=github%2Fshaarli%2FShaarli.git diff --git a/application/ApplicationUtils.php b/application/ApplicationUtils.php index 6d878110..a3b2dcb1 100644 --- a/application/ApplicationUtils.php +++ b/application/ApplicationUtils.php @@ -4,9 +4,13 @@ */ class ApplicationUtils { + /** + * @var string File containing the current version + */ + public static $VERSION_FILE = 'shaarli_version.php'; + private static $GIT_URL = 'https://raw.githubusercontent.com/shaarli/Shaarli'; - private static $GIT_BRANCHES = array('master', 'stable'); - private static $VERSION_FILE = 'shaarli_version.php'; + private static $GIT_BRANCHES = array('latest', 'stable'); private static $VERSION_START_TAG = ''; @@ -15,17 +19,44 @@ class ApplicationUtils * * The code is read from the raw content of the version file on the Git server. * + * @param string $url URL to reach to get the latest version. + * @param int $timeout Timeout to check the URL (in seconds). + * * @return mixed the version code from the repository if available, else 'false' */ - public static function getLatestGitVersionCode($url, $timeout=2) + public static function getLatestGitVersionCode($url, $timeout = 2) { - list($headers, $data) = get_http_url($url, $timeout); + list($headers, $data) = get_http_response($url, $timeout); if (strpos($headers[0], '200 OK') === false) { error_log('Failed to retrieve ' . $url); return false; } + return $data; + } + + /** + * Retrieve the version from a remote URL or a file. + * + * @param string $remote URL or file to fetch. + * @param int $timeout For URLs fetching. + * + * @return bool|string The version or false if it couldn't be retrieved. + */ + public static function getVersion($remote, $timeout = 2) + { + if (startsWith($remote, 'http')) { + if (($data = static::getLatestGitVersionCode($remote, $timeout)) === false) { + return false; + } + } else { + if (! is_file($remote)) { + return false; + } + $data = file_get_contents($remote); + } + return str_replace( array(self::$VERSION_START_TAG, self::$VERSION_END_TAG, PHP_EOL), array('', '', ''), @@ -49,23 +80,24 @@ class ApplicationUtils * @param int $checkInterval the minimum interval between update checks (in seconds * @param bool $enableCheck whether to check for new versions * @param bool $isLoggedIn whether the user is logged in + * @param string $branch check update for the given branch + * + * @throws Exception an invalid branch has been set for update checks * * @return mixed the new version code if available and greater, else 'false' */ - public static function checkUpdate($currentVersion, - $updateFile, - $checkInterval, - $enableCheck, - $isLoggedIn, - $branch='stable') - { - if (! $isLoggedIn) { - // Do not check versions for visitors - return false; - } - - if (empty($enableCheck)) { - // Do not check if the user doesn't want to + public static function checkUpdate( + $currentVersion, + $updateFile, + $checkInterval, + $enableCheck, + $isLoggedIn, + $branch = 'stable' + ) { + // Do not check versions for visitors + // Do not check if the user doesn't want to + // Do not check with dev version + if (! $isLoggedIn || empty($enableCheck) || $currentVersion === 'dev') { return false; } @@ -87,7 +119,7 @@ class ApplicationUtils // Late Static Binding allows overriding within tests // See http://php.net/manual/en/language.oop5.late-static-bindings.php - $latestVersion = static::getLatestGitVersionCode( + $latestVersion = static::getVersion( self::$GIT_URL . '/' . $branch . '/' . self::$VERSION_FILE ); @@ -118,60 +150,63 @@ class ApplicationUtils public static function checkPHPVersion($minVersion, $curVersion) { if (version_compare($curVersion, $minVersion) < 0) { - throw new Exception( + $msg = t( 'Your PHP version is obsolete!' - .' Shaarli requires at least PHP '.$minVersion.', and thus cannot run.' - .' Your PHP version has known security vulnerabilities and should be' - .' updated as soon as possible.' + . ' Shaarli requires at least PHP %s, and thus cannot run.' + . ' Your PHP version has known security vulnerabilities and should be' + . ' updated as soon as possible.' ); + throw new Exception(sprintf($msg, $minVersion)); } } /** * Checks Shaarli has the proper access permissions to its resources * - * @param array $globalConfig The $GLOBALS['config'] array + * @param ConfigManager $conf Configuration Manager instance. * * @return array A list of the detected configuration issues */ - public static function checkResourcePermissions($globalConfig) + public static function checkResourcePermissions($conf) { $errors = array(); + $rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/'); // Check script and template directories are readable foreach (array( 'application', 'inc', 'plugins', - $globalConfig['RAINTPL_TPL'] + $rainTplDir, + $rainTplDir.'/'.$conf->get('resource.theme'), ) as $path) { if (! is_readable(realpath($path))) { - $errors[] = '"'.$path.'" directory is not readable'; + $errors[] = '"'.$path.'" '. t('directory is not readable'); } } - // Check cache and data directories are readable and writeable + // Check cache and data directories are readable and writable foreach (array( - $globalConfig['CACHEDIR'], - $globalConfig['DATADIR'], - $globalConfig['PAGECACHE'], - $globalConfig['RAINTPL_TMP'] + $conf->get('resource.thumbnails_cache'), + $conf->get('resource.data_dir'), + $conf->get('resource.page_cache'), + $conf->get('resource.raintpl_tmp'), ) as $path) { if (! is_readable(realpath($path))) { - $errors[] = '"'.$path.'" directory is not readable'; + $errors[] = '"'.$path.'" '. t('directory is not readable'); } if (! is_writable(realpath($path))) { - $errors[] = '"'.$path.'" directory is not writable'; + $errors[] = '"'.$path.'" '. t('directory is not writable'); } } - // Check configuration files are readable and writeable + // Check configuration files are readable and writable foreach (array( - $globalConfig['CONFIG_FILE'], - $globalConfig['DATASTORE'], - $globalConfig['IPBANS_FILENAME'], - $globalConfig['LOG_FILE'], - $globalConfig['UPDATECHECK_FILENAME'] + $conf->getConfigFileExt(), + $conf->get('resource.datastore'), + $conf->get('resource.ban_file'), + $conf->get('resource.log'), + $conf->get('resource.update_check'), ) as $path) { if (! is_file(realpath($path))) { # the file may not exist yet @@ -179,13 +214,28 @@ class ApplicationUtils } if (! is_readable(realpath($path))) { - $errors[] = '"'.$path.'" file is not readable'; + $errors[] = '"'.$path.'" '. t('file is not readable'); } if (! is_writable(realpath($path))) { - $errors[] = '"'.$path.'" file is not writable'; + $errors[] = '"'.$path.'" '. t('file is not writable'); } } return $errors; } + + /** + * Returns a salted hash representing the current Shaarli version. + * + * Useful for assets browser cache. + * + * @param string $currentVersion of Shaarli + * @param string $salt User personal salt, also used for the authentication + * + * @return string version hash + */ + public static function getVersionHash($currentVersion, $salt) + { + return hash_hmac('sha256', $currentVersion, $salt); + } }