aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
authorVirtualTam <virtualtam@flibidi.net>2015-11-11 22:49:58 +0100
committerVirtualTam <virtualtam@flibidi.net>2015-11-24 01:12:35 +0100
commit2e28269baed195d58bbe169841eed176b171db76 (patch)
treef743e785edf708454ab53efa13f38e35f10447e6 /index.php
parentc580024cfbe5f0d290b09157b9665d1b4131d7f4 (diff)
downloadShaarli-2e28269baed195d58bbe169841eed176b171db76.tar.gz
Shaarli-2e28269baed195d58bbe169841eed176b171db76.tar.zst
Shaarli-2e28269baed195d58bbe169841eed176b171db76.zip
install: check file/directory permissions for Shaarli resources
Relates to #40 Relates to #372 Additions: - FileUtils: IOException - ApplicationUtils: - check if Shaarli resources are accessible with sufficient permissions - basic test coverage - index.php: - check access permissions and redirect to an error page if needed: - before running the first installation Modifications: - LinkDB: - factorize datastore write code - check if the datastore (exists AND is writeable) OR (doesn't exist AND its parent dir is writable) - raise an IOException if needed Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'index.php')
-rw-r--r--index.php36
1 files changed, 27 insertions, 9 deletions
diff --git a/index.php b/index.php
index be181a2c..654f7f8f 100644
--- a/index.php
+++ b/index.php
@@ -44,6 +44,9 @@ $GLOBALS['config']['DATASTORE'] = $GLOBALS['config']['DATADIR'].'/datastore.php'
44// Banned IPs 44// Banned IPs
45$GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php'; 45$GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php';
46 46
47// Access log
48$GLOBALS['config']['LOG_FILE'] = $GLOBALS['config']['DATADIR'].'/log.txt';
49
47// For updates check of Shaarli 50// For updates check of Shaarli
48$GLOBALS['config']['UPDATECHECK_FILENAME'] = $GLOBALS['config']['DATADIR'].'/lastupdatecheck.txt'; 51$GLOBALS['config']['UPDATECHECK_FILENAME'] = $GLOBALS['config']['DATADIR'].'/lastupdatecheck.txt';
49 52
@@ -52,7 +55,7 @@ $GLOBALS['config']['RAINTPL_TMP'] = 'tmp/';
52// Raintpl template directory (keep the trailing slash!) 55// Raintpl template directory (keep the trailing slash!)
53$GLOBALS['config']['RAINTPL_TPL'] = 'tpl/'; 56$GLOBALS['config']['RAINTPL_TPL'] = 'tpl/';
54 57
55// Thuumbnail cache directory 58// Thumbnail cache directory
56$GLOBALS['config']['CACHEDIR'] = 'cache'; 59$GLOBALS['config']['CACHEDIR'] = 'cache';
57 60
58// Atom & RSS feed cache directory 61// Atom & RSS feed cache directory
@@ -141,8 +144,10 @@ if (is_file($GLOBALS['config']['CONFIG_FILE'])) {
141} 144}
142 145
143// Shaarli library 146// Shaarli library
147require_once 'application/ApplicationUtils.php';
144require_once 'application/Cache.php'; 148require_once 'application/Cache.php';
145require_once 'application/CachedPage.php'; 149require_once 'application/CachedPage.php';
150require_once 'application/FileUtils.php';
146require_once 'application/HttpUtils.php'; 151require_once 'application/HttpUtils.php';
147require_once 'application/LinkDB.php'; 152require_once 'application/LinkDB.php';
148require_once 'application/TimeZone.php'; 153require_once 'application/TimeZone.php';
@@ -155,9 +160,9 @@ require_once 'application/Router.php';
155// Ensure the PHP version is supported 160// Ensure the PHP version is supported
156try { 161try {
157 checkPHPVersion('5.3', PHP_VERSION); 162 checkPHPVersion('5.3', PHP_VERSION);
158} catch(Exception $e) { 163} catch(Exception $exc) {
159 header('Content-Type: text/plain; charset=utf-8'); 164 header('Content-Type: text/plain; charset=utf-8');
160 echo $e->getMessage(); 165 echo $exc->getMessage();
161 exit; 166 exit;
162} 167}
163 168
@@ -216,9 +221,6 @@ header("Cache-Control: no-store, no-cache, must-revalidate");
216header("Cache-Control: post-check=0, pre-check=0", false); 221header("Cache-Control: post-check=0, pre-check=0", false);
217header("Pragma: no-cache"); 222header("Pragma: no-cache");
218 223
219// Directories creations (Note that your web host may require different rights than 705.)
220if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory.</pre>');
221
222// Handling of old config file which do not have the new parameters. 224// Handling of old config file which do not have the new parameters.
223if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(index_url($_SERVER)); 225if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(index_url($_SERVER));
224if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); 226if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get();
@@ -228,8 +230,24 @@ if (empty($GLOBALS['privateLinkByDefault'])) $GLOBALS['privateLinkByDefault']=fa
228if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; 230if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?';
229// I really need to rewrite Shaarli with a proper configuation manager. 231// I really need to rewrite Shaarli with a proper configuation manager.
230 232
231// Run config screen if first run:
232if (! is_file($GLOBALS['config']['CONFIG_FILE'])) { 233if (! is_file($GLOBALS['config']['CONFIG_FILE'])) {
234 // Ensure Shaarli has proper access to its resources
235 $errors = ApplicationUtils::checkResourcePermissions($GLOBALS['config']);
236
237 if ($errors != array()) {
238 $message = '<p>Insufficient permissions:</p><ul>';
239
240 foreach ($errors as $error) {
241 $message .= '<li>'.$error.'</li>';
242 }
243 $message .= '</ul>';
244
245 header('Content-Type: text/html; charset=utf-8');
246 echo $message;
247 exit;
248 }
249
250 // Display the installation form if no existing config is found
233 install(); 251 install();
234} 252}
235 253
@@ -319,7 +337,7 @@ function checkUpdate()
319function logm($message) 337function logm($message)
320{ 338{
321 $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n"; 339 $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n";
322 file_put_contents($GLOBALS['config']['DATADIR'].'/log.txt',$t,FILE_APPEND); 340 file_put_contents($GLOBAL['config']['LOG_FILE'], $t, FILE_APPEND);
323} 341}
324 342
325// In a string, converts URLs to clickable links. 343// In a string, converts URLs to clickable links.
@@ -1461,7 +1479,7 @@ function renderPage()
1461 $value['tags']=trim(implode(' ',$tags)); 1479 $value['tags']=trim(implode(' ',$tags));
1462 $LINKSDB[$key]=$value; 1480 $LINKSDB[$key]=$value;
1463 } 1481 }
1464 $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); // Save to disk. 1482 $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']);
1465 echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; 1483 echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>';
1466 exit; 1484 exit;
1467 } 1485 }