diff options
author | VirtualTam <virtualtam@flibidi.net> | 2015-11-11 22:49:58 +0100 |
---|---|---|
committer | VirtualTam <virtualtam@flibidi.net> | 2015-11-24 01:12:35 +0100 |
commit | 2e28269baed195d58bbe169841eed176b171db76 (patch) | |
tree | f743e785edf708454ab53efa13f38e35f10447e6 /index.php | |
parent | c580024cfbe5f0d290b09157b9665d1b4131d7f4 (diff) | |
download | Shaarli-2e28269baed195d58bbe169841eed176b171db76.tar.gz Shaarli-2e28269baed195d58bbe169841eed176b171db76.tar.zst Shaarli-2e28269baed195d58bbe169841eed176b171db76.zip |
install: check file/directory permissions for Shaarli resources
Relates to #40
Relates to #372
Additions:
- FileUtils: IOException
- ApplicationUtils:
- check if Shaarli resources are accessible with sufficient permissions
- basic test coverage
- index.php:
- check access permissions and redirect to an error page if needed:
- before running the first installation
Modifications:
- LinkDB:
- factorize datastore write code
- check if the datastore
(exists AND is writeable) OR (doesn't exist AND its parent dir is writable)
- raise an IOException if needed
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 36 |
1 files changed, 27 insertions, 9 deletions
@@ -44,6 +44,9 @@ $GLOBALS['config']['DATASTORE'] = $GLOBALS['config']['DATADIR'].'/datastore.php' | |||
44 | // Banned IPs | 44 | // Banned IPs |
45 | $GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php'; | 45 | $GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php'; |
46 | 46 | ||
47 | // Access log | ||
48 | $GLOBALS['config']['LOG_FILE'] = $GLOBALS['config']['DATADIR'].'/log.txt'; | ||
49 | |||
47 | // For updates check of Shaarli | 50 | // For updates check of Shaarli |
48 | $GLOBALS['config']['UPDATECHECK_FILENAME'] = $GLOBALS['config']['DATADIR'].'/lastupdatecheck.txt'; | 51 | $GLOBALS['config']['UPDATECHECK_FILENAME'] = $GLOBALS['config']['DATADIR'].'/lastupdatecheck.txt'; |
49 | 52 | ||
@@ -52,7 +55,7 @@ $GLOBALS['config']['RAINTPL_TMP'] = 'tmp/'; | |||
52 | // Raintpl template directory (keep the trailing slash!) | 55 | // Raintpl template directory (keep the trailing slash!) |
53 | $GLOBALS['config']['RAINTPL_TPL'] = 'tpl/'; | 56 | $GLOBALS['config']['RAINTPL_TPL'] = 'tpl/'; |
54 | 57 | ||
55 | // Thuumbnail cache directory | 58 | // Thumbnail cache directory |
56 | $GLOBALS['config']['CACHEDIR'] = 'cache'; | 59 | $GLOBALS['config']['CACHEDIR'] = 'cache'; |
57 | 60 | ||
58 | // Atom & RSS feed cache directory | 61 | // Atom & RSS feed cache directory |
@@ -141,8 +144,10 @@ if (is_file($GLOBALS['config']['CONFIG_FILE'])) { | |||
141 | } | 144 | } |
142 | 145 | ||
143 | // Shaarli library | 146 | // Shaarli library |
147 | require_once 'application/ApplicationUtils.php'; | ||
144 | require_once 'application/Cache.php'; | 148 | require_once 'application/Cache.php'; |
145 | require_once 'application/CachedPage.php'; | 149 | require_once 'application/CachedPage.php'; |
150 | require_once 'application/FileUtils.php'; | ||
146 | require_once 'application/HttpUtils.php'; | 151 | require_once 'application/HttpUtils.php'; |
147 | require_once 'application/LinkDB.php'; | 152 | require_once 'application/LinkDB.php'; |
148 | require_once 'application/TimeZone.php'; | 153 | require_once 'application/TimeZone.php'; |
@@ -155,9 +160,9 @@ require_once 'application/Router.php'; | |||
155 | // Ensure the PHP version is supported | 160 | // Ensure the PHP version is supported |
156 | try { | 161 | try { |
157 | checkPHPVersion('5.3', PHP_VERSION); | 162 | checkPHPVersion('5.3', PHP_VERSION); |
158 | } catch(Exception $e) { | 163 | } catch(Exception $exc) { |
159 | header('Content-Type: text/plain; charset=utf-8'); | 164 | header('Content-Type: text/plain; charset=utf-8'); |
160 | echo $e->getMessage(); | 165 | echo $exc->getMessage(); |
161 | exit; | 166 | exit; |
162 | } | 167 | } |
163 | 168 | ||
@@ -216,9 +221,6 @@ header("Cache-Control: no-store, no-cache, must-revalidate"); | |||
216 | header("Cache-Control: post-check=0, pre-check=0", false); | 221 | header("Cache-Control: post-check=0, pre-check=0", false); |
217 | header("Pragma: no-cache"); | 222 | header("Pragma: no-cache"); |
218 | 223 | ||
219 | // Directories creations (Note that your web host may require different rights than 705.) | ||
220 | if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory.</pre>'); | ||
221 | |||
222 | // Handling of old config file which do not have the new parameters. | 224 | // Handling of old config file which do not have the new parameters. |
223 | if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(index_url($_SERVER)); | 225 | if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(index_url($_SERVER)); |
224 | if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); | 226 | if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); |
@@ -228,8 +230,24 @@ if (empty($GLOBALS['privateLinkByDefault'])) $GLOBALS['privateLinkByDefault']=fa | |||
228 | if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; | 230 | if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; |
229 | // I really need to rewrite Shaarli with a proper configuation manager. | 231 | // I really need to rewrite Shaarli with a proper configuation manager. |
230 | 232 | ||
231 | // Run config screen if first run: | ||
232 | if (! is_file($GLOBALS['config']['CONFIG_FILE'])) { | 233 | if (! is_file($GLOBALS['config']['CONFIG_FILE'])) { |
234 | // Ensure Shaarli has proper access to its resources | ||
235 | $errors = ApplicationUtils::checkResourcePermissions($GLOBALS['config']); | ||
236 | |||
237 | if ($errors != array()) { | ||
238 | $message = '<p>Insufficient permissions:</p><ul>'; | ||
239 | |||
240 | foreach ($errors as $error) { | ||
241 | $message .= '<li>'.$error.'</li>'; | ||
242 | } | ||
243 | $message .= '</ul>'; | ||
244 | |||
245 | header('Content-Type: text/html; charset=utf-8'); | ||
246 | echo $message; | ||
247 | exit; | ||
248 | } | ||
249 | |||
250 | // Display the installation form if no existing config is found | ||
233 | install(); | 251 | install(); |
234 | } | 252 | } |
235 | 253 | ||
@@ -319,7 +337,7 @@ function checkUpdate() | |||
319 | function logm($message) | 337 | function logm($message) |
320 | { | 338 | { |
321 | $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n"; | 339 | $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n"; |
322 | file_put_contents($GLOBALS['config']['DATADIR'].'/log.txt',$t,FILE_APPEND); | 340 | file_put_contents($GLOBAL['config']['LOG_FILE'], $t, FILE_APPEND); |
323 | } | 341 | } |
324 | 342 | ||
325 | // In a string, converts URLs to clickable links. | 343 | // In a string, converts URLs to clickable links. |
@@ -1461,7 +1479,7 @@ function renderPage() | |||
1461 | $value['tags']=trim(implode(' ',$tags)); | 1479 | $value['tags']=trim(implode(' ',$tags)); |
1462 | $LINKSDB[$key]=$value; | 1480 | $LINKSDB[$key]=$value; |
1463 | } | 1481 | } |
1464 | $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); // Save to disk. | 1482 | $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); |
1465 | echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; | 1483 | echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; |
1466 | exit; | 1484 | exit; |
1467 | } | 1485 | } |