diff options
Diffstat (limited to 'application/ApplicationUtils.php')
| -rw-r--r-- | application/ApplicationUtils.php | 83 |
1 files changed, 63 insertions, 20 deletions
diff --git a/application/ApplicationUtils.php b/application/ApplicationUtils.php index 7f963e97..911873a0 100644 --- a/application/ApplicationUtils.php +++ b/application/ApplicationUtils.php | |||
| @@ -4,9 +4,13 @@ | |||
| 4 | */ | 4 | */ |
| 5 | class ApplicationUtils | 5 | class ApplicationUtils |
| 6 | { | 6 | { |
| 7 | /** | ||
| 8 | * @var string File containing the current version | ||
| 9 | */ | ||
| 10 | public static $VERSION_FILE = 'shaarli_version.php'; | ||
| 11 | |||
| 7 | private static $GIT_URL = 'https://raw.githubusercontent.com/shaarli/Shaarli'; | 12 | private static $GIT_URL = 'https://raw.githubusercontent.com/shaarli/Shaarli'; |
| 8 | private static $GIT_BRANCHES = array('master', 'stable'); | 13 | private static $GIT_BRANCHES = array('latest', 'stable'); |
| 9 | private static $VERSION_FILE = 'shaarli_version.php'; | ||
| 10 | private static $VERSION_START_TAG = '<?php /* '; | 14 | private static $VERSION_START_TAG = '<?php /* '; |
| 11 | private static $VERSION_END_TAG = ' */ ?>'; | 15 | private static $VERSION_END_TAG = ' */ ?>'; |
| 12 | 16 | ||
| @@ -29,6 +33,30 @@ class ApplicationUtils | |||
| 29 | return false; | 33 | return false; |
| 30 | } | 34 | } |
| 31 | 35 | ||
| 36 | return $data; | ||
| 37 | } | ||
| 38 | |||
| 39 | /** | ||
| 40 | * Retrieve the version from a remote URL or a file. | ||
| 41 | * | ||
| 42 | * @param string $remote URL or file to fetch. | ||
| 43 | * @param int $timeout For URLs fetching. | ||
| 44 | * | ||
| 45 | * @return bool|string The version or false if it couldn't be retrieved. | ||
| 46 | */ | ||
| 47 | public static function getVersion($remote, $timeout = 2) | ||
| 48 | { | ||
| 49 | if (startsWith($remote, 'http')) { | ||
| 50 | if (($data = static::getLatestGitVersionCode($remote, $timeout)) === false) { | ||
| 51 | return false; | ||
| 52 | } | ||
| 53 | } else { | ||
| 54 | if (! is_file($remote)) { | ||
| 55 | return false; | ||
| 56 | } | ||
| 57 | $data = file_get_contents($remote); | ||
| 58 | } | ||
| 59 | |||
| 32 | return str_replace( | 60 | return str_replace( |
| 33 | array(self::$VERSION_START_TAG, self::$VERSION_END_TAG, PHP_EOL), | 61 | array(self::$VERSION_START_TAG, self::$VERSION_END_TAG, PHP_EOL), |
| 34 | array('', '', ''), | 62 | array('', '', ''), |
| @@ -65,13 +93,10 @@ class ApplicationUtils | |||
| 65 | $isLoggedIn, | 93 | $isLoggedIn, |
| 66 | $branch='stable') | 94 | $branch='stable') |
| 67 | { | 95 | { |
| 68 | if (! $isLoggedIn) { | 96 | // Do not check versions for visitors |
| 69 | // Do not check versions for visitors | 97 | // Do not check if the user doesn't want to |
| 70 | return false; | 98 | // Do not check with dev version |
| 71 | } | 99 | if (! $isLoggedIn || empty($enableCheck) || $currentVersion === 'dev') { |
| 72 | |||
| 73 | if (empty($enableCheck)) { | ||
| 74 | // Do not check if the user doesn't want to | ||
| 75 | return false; | 100 | return false; |
| 76 | } | 101 | } |
| 77 | 102 | ||
| @@ -93,7 +118,7 @@ class ApplicationUtils | |||
| 93 | 118 | ||
| 94 | // Late Static Binding allows overriding within tests | 119 | // Late Static Binding allows overriding within tests |
| 95 | // See http://php.net/manual/en/language.oop5.late-static-bindings.php | 120 | // See http://php.net/manual/en/language.oop5.late-static-bindings.php |
| 96 | $latestVersion = static::getLatestGitVersionCode( | 121 | $latestVersion = static::getVersion( |
| 97 | self::$GIT_URL . '/' . $branch . '/' . self::$VERSION_FILE | 122 | self::$GIT_URL . '/' . $branch . '/' . self::$VERSION_FILE |
| 98 | ); | 123 | ); |
| 99 | 124 | ||
| @@ -124,12 +149,13 @@ class ApplicationUtils | |||
| 124 | public static function checkPHPVersion($minVersion, $curVersion) | 149 | public static function checkPHPVersion($minVersion, $curVersion) |
| 125 | { | 150 | { |
| 126 | if (version_compare($curVersion, $minVersion) < 0) { | 151 | if (version_compare($curVersion, $minVersion) < 0) { |
| 127 | throw new Exception( | 152 | $msg = t( |
| 128 | 'Your PHP version is obsolete!' | 153 | 'Your PHP version is obsolete!' |
| 129 | .' Shaarli requires at least PHP '.$minVersion.', and thus cannot run.' | 154 | . ' Shaarli requires at least PHP %s, and thus cannot run.' |
| 130 | .' Your PHP version has known security vulnerabilities and should be' | 155 | . ' Your PHP version has known security vulnerabilities and should be' |
| 131 | .' updated as soon as possible.' | 156 | . ' updated as soon as possible.' |
| 132 | ); | 157 | ); |
| 158 | throw new Exception(sprintf($msg, $minVersion)); | ||
| 133 | } | 159 | } |
| 134 | } | 160 | } |
| 135 | 161 | ||
| @@ -143,16 +169,18 @@ class ApplicationUtils | |||
| 143 | public static function checkResourcePermissions($conf) | 169 | public static function checkResourcePermissions($conf) |
| 144 | { | 170 | { |
| 145 | $errors = array(); | 171 | $errors = array(); |
| 172 | $rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/'); | ||
| 146 | 173 | ||
| 147 | // Check script and template directories are readable | 174 | // Check script and template directories are readable |
| 148 | foreach (array( | 175 | foreach (array( |
| 149 | 'application', | 176 | 'application', |
| 150 | 'inc', | 177 | 'inc', |
| 151 | 'plugins', | 178 | 'plugins', |
| 152 | $conf->get('resource.raintpl_tpl'), | 179 | $rainTplDir, |
| 180 | $rainTplDir.'/'.$conf->get('resource.theme'), | ||
| 153 | ) as $path) { | 181 | ) as $path) { |
| 154 | if (! is_readable(realpath($path))) { | 182 | if (! is_readable(realpath($path))) { |
| 155 | $errors[] = '"'.$path.'" directory is not readable'; | 183 | $errors[] = '"'.$path.'" '. t('directory is not readable'); |
| 156 | } | 184 | } |
| 157 | } | 185 | } |
| 158 | 186 | ||
| @@ -164,10 +192,10 @@ class ApplicationUtils | |||
| 164 | $conf->get('resource.raintpl_tmp'), | 192 | $conf->get('resource.raintpl_tmp'), |
| 165 | ) as $path) { | 193 | ) as $path) { |
| 166 | if (! is_readable(realpath($path))) { | 194 | if (! is_readable(realpath($path))) { |
| 167 | $errors[] = '"'.$path.'" directory is not readable'; | 195 | $errors[] = '"'.$path.'" '. t('directory is not readable'); |
| 168 | } | 196 | } |
| 169 | if (! is_writable(realpath($path))) { | 197 | if (! is_writable(realpath($path))) { |
| 170 | $errors[] = '"'.$path.'" directory is not writable'; | 198 | $errors[] = '"'.$path.'" '. t('directory is not writable'); |
| 171 | } | 199 | } |
| 172 | } | 200 | } |
| 173 | 201 | ||
| @@ -185,13 +213,28 @@ class ApplicationUtils | |||
| 185 | } | 213 | } |
| 186 | 214 | ||
| 187 | if (! is_readable(realpath($path))) { | 215 | if (! is_readable(realpath($path))) { |
| 188 | $errors[] = '"'.$path.'" file is not readable'; | 216 | $errors[] = '"'.$path.'" '. t('file is not readable'); |
| 189 | } | 217 | } |
| 190 | if (! is_writable(realpath($path))) { | 218 | if (! is_writable(realpath($path))) { |
| 191 | $errors[] = '"'.$path.'" file is not writable'; | 219 | $errors[] = '"'.$path.'" '. t('file is not writable'); |
| 192 | } | 220 | } |
| 193 | } | 221 | } |
| 194 | 222 | ||
| 195 | return $errors; | 223 | return $errors; |
| 196 | } | 224 | } |
| 225 | |||
| 226 | /** | ||
| 227 | * Returns a salted hash representing the current Shaarli version. | ||
| 228 | * | ||
| 229 | * Useful for assets browser cache. | ||
| 230 | * | ||
| 231 | * @param string $currentVersion of Shaarli | ||
| 232 | * @param string $salt User personal salt, also used for the authentication | ||
| 233 | * | ||
| 234 | * @return string version hash | ||
| 235 | */ | ||
| 236 | public static function getVersionHash($currentVersion, $salt) | ||
| 237 | { | ||
| 238 | return hash_hmac('sha256', $currentVersion, $salt); | ||
| 239 | } | ||
| 197 | } | 240 | } |