diff --git a/application/ApplicationUtils.php b/application/ApplicationUtils.php new file mode 100644 index 0000000..6fb07f3 --- /dev/null +++ b/application/ApplicationUtils.php @@ -0,0 +1,69 @@ +path = $path; + $this->message = 'Error accessing '.$this->path; + } +} diff --git a/application/LinkDB.php b/application/LinkDB.php index 8473350..15fadbc 100644 --- a/application/LinkDB.php +++ b/application/LinkDB.php @@ -212,11 +212,7 @@ You use the community supported version of the original Shaarli project, by Seba $this->_links[$link['linkdate']] = $link; // Write database to disk - // TODO: raise an exception if the file is not write-able - file_put_contents( - $this->_datastore, - self::$phpPrefix.base64_encode(gzdeflate(serialize($this->_links))).self::$phpSuffix - ); + $this->writeDB(); } /** @@ -267,6 +263,28 @@ You use the community supported version of the original Shaarli project, by Seba } } + /** + * Saves the database from memory to disk + * + * @throws IOException the datastore is not writable + */ + private function writeDB() + { + if (is_file($this->_datastore) && !is_writeable($this->_datastore)) { + // The datastore exists but is not writeable + throw new IOException($this->_datastore); + } else if (!is_file($this->_datastore) && !is_writeable(dirname($this->_datastore))) { + // The datastore does not exist and its parent directory is not writeable + throw new IOException(dirname($this->_datastore)); + } + + file_put_contents( + $this->_datastore, + self::$phpPrefix.base64_encode(gzdeflate(serialize($this->_links))).self::$phpSuffix + ); + + } + /** * Saves the database from memory to disk * @@ -278,10 +296,9 @@ You use the community supported version of the original Shaarli project, by Seba // TODO: raise an Exception instead die('You are not authorized to change the database.'); } - file_put_contents( - $this->_datastore, - self::$phpPrefix.base64_encode(gzdeflate(serialize($this->_links))).self::$phpSuffix - ); + + $this->writeDB(); + invalidateCaches($pageCacheDir); } diff --git a/index.php b/index.php index be181a2..654f7f8 100644 --- a/index.php +++ b/index.php @@ -44,6 +44,9 @@ $GLOBALS['config']['DATASTORE'] = $GLOBALS['config']['DATADIR'].'/datastore.php' // Banned IPs $GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php'; +// Access log +$GLOBALS['config']['LOG_FILE'] = $GLOBALS['config']['DATADIR'].'/log.txt'; + // For updates check of Shaarli $GLOBALS['config']['UPDATECHECK_FILENAME'] = $GLOBALS['config']['DATADIR'].'/lastupdatecheck.txt'; @@ -52,7 +55,7 @@ $GLOBALS['config']['RAINTPL_TMP'] = 'tmp/'; // Raintpl template directory (keep the trailing slash!) $GLOBALS['config']['RAINTPL_TPL'] = 'tpl/'; -// Thuumbnail cache directory +// Thumbnail cache directory $GLOBALS['config']['CACHEDIR'] = 'cache'; // Atom & RSS feed cache directory @@ -141,8 +144,10 @@ if (is_file($GLOBALS['config']['CONFIG_FILE'])) { } // Shaarli library +require_once 'application/ApplicationUtils.php'; require_once 'application/Cache.php'; require_once 'application/CachedPage.php'; +require_once 'application/FileUtils.php'; require_once 'application/HttpUtils.php'; require_once 'application/LinkDB.php'; require_once 'application/TimeZone.php'; @@ -155,9 +160,9 @@ require_once 'application/Router.php'; // Ensure the PHP version is supported try { checkPHPVersion('5.3', PHP_VERSION); -} catch(Exception $e) { +} catch(Exception $exc) { header('Content-Type: text/plain; charset=utf-8'); - echo $e->getMessage(); + echo $exc->getMessage(); exit; } @@ -216,9 +221,6 @@ header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); -// Directories creations (Note that your web host may require different rights than 705.) -if (!is_writable(realpath(dirname(__FILE__)))) die('
ERROR: Shaarli does not have the right to write in its own directory.'); - // Handling of old config file which do not have the new parameters. if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(index_url($_SERVER)); if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); @@ -228,8 +230,24 @@ if (empty($GLOBALS['privateLinkByDefault'])) $GLOBALS['privateLinkByDefault']=fa if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; // I really need to rewrite Shaarli with a proper configuation manager. -// Run config screen if first run: if (! is_file($GLOBALS['config']['CONFIG_FILE'])) { + // Ensure Shaarli has proper access to its resources + $errors = ApplicationUtils::checkResourcePermissions($GLOBALS['config']); + + if ($errors != array()) { + $message = '
Insufficient permissions: