Remove remaining settings initialization in index.php
Except for those which require external data (timezone and $_SERVER).
This commit is contained in:
parent
da10377b3c
commit
7f179985b4
3 changed files with 42 additions and 78 deletions
|
@ -191,6 +191,29 @@ public function updateMethodConfigToJson()
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Escape settings which have been manually escaped in every request in previous versions:
|
||||||
|
* - general.title
|
||||||
|
* - general.header_link
|
||||||
|
* - extras.redirector
|
||||||
|
*
|
||||||
|
* @return bool true if the update is successful, false otherwise.
|
||||||
|
*/
|
||||||
|
public function escapeUnescapedConfig()
|
||||||
|
{
|
||||||
|
$conf = ConfigManager::getInstance();
|
||||||
|
try {
|
||||||
|
$conf->set('general.title', escape($conf->get('general.title')));
|
||||||
|
$conf->set('general.header_link', escape($conf->get('general.header_link')));
|
||||||
|
$conf->set('extras.redirector', escape($conf->get('extras.redirector')));
|
||||||
|
$conf->write($this->isLoggedIn);
|
||||||
|
} catch (Exception $e) {
|
||||||
|
error_log($e->getMessage());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -9,6 +9,9 @@
|
||||||
* Class ConfigManager
|
* Class ConfigManager
|
||||||
*
|
*
|
||||||
* Singleton, manages all Shaarli's settings.
|
* Singleton, manages all Shaarli's settings.
|
||||||
|
* See the documentation for more information on settings:
|
||||||
|
* - doc/Shaarli-configuration.html
|
||||||
|
* - https://github.com/shaarli/Shaarli/wiki/Shaarli-configuration
|
||||||
*/
|
*/
|
||||||
class ConfigManager
|
class ConfigManager
|
||||||
{
|
{
|
||||||
|
@ -286,81 +289,40 @@ protected static function setConfig($settings, $value, &$conf)
|
||||||
*/
|
*/
|
||||||
protected function setDefaultValues()
|
protected function setDefaultValues()
|
||||||
{
|
{
|
||||||
// Data subdirectory
|
|
||||||
$this->setEmpty('path.data_dir', 'data');
|
$this->setEmpty('path.data_dir', 'data');
|
||||||
|
|
||||||
// Main configuration file
|
|
||||||
$this->setEmpty('path.config', 'data/config.php');
|
$this->setEmpty('path.config', 'data/config.php');
|
||||||
|
|
||||||
// Link datastore
|
|
||||||
$this->setEmpty('path.datastore', 'data/datastore.php');
|
$this->setEmpty('path.datastore', 'data/datastore.php');
|
||||||
|
|
||||||
// Banned IPs
|
|
||||||
$this->setEmpty('path.ban_file', 'data/ipbans.php');
|
$this->setEmpty('path.ban_file', 'data/ipbans.php');
|
||||||
|
|
||||||
// Processed updates file.
|
|
||||||
$this->setEmpty('path.updates', 'data/updates.txt');
|
$this->setEmpty('path.updates', 'data/updates.txt');
|
||||||
|
|
||||||
// Access log
|
|
||||||
$this->setEmpty('path.log', 'data/log.txt');
|
$this->setEmpty('path.log', 'data/log.txt');
|
||||||
|
|
||||||
// For updates check of Shaarli
|
|
||||||
$this->setEmpty('path.update_check', 'data/lastupdatecheck.txt');
|
$this->setEmpty('path.update_check', 'data/lastupdatecheck.txt');
|
||||||
|
|
||||||
// Set ENABLE_UPDATECHECK to disabled by default.
|
|
||||||
$this->setEmpty('general.check_updates', false);
|
|
||||||
|
|
||||||
// RainTPL cache directory (keep the trailing slash!)
|
|
||||||
$this->setEmpty('path.raintpl_tmp', 'tmp/');
|
|
||||||
// Raintpl template directory (keep the trailing slash!)
|
|
||||||
$this->setEmpty('path.raintpl_tpl', 'tpl/');
|
$this->setEmpty('path.raintpl_tpl', 'tpl/');
|
||||||
|
$this->setEmpty('path.raintpl_tmp', 'tmp/');
|
||||||
// Thumbnail cache directory
|
|
||||||
$this->setEmpty('path.thumbnails_cache', 'cache');
|
$this->setEmpty('path.thumbnails_cache', 'cache');
|
||||||
|
|
||||||
// Atom & RSS feed cache directory
|
|
||||||
$this->setEmpty('path.page_cache', 'pagecache');
|
$this->setEmpty('path.page_cache', 'pagecache');
|
||||||
|
|
||||||
// Ban IP after this many failures
|
|
||||||
$this->setEmpty('security.ban_after', 4);
|
$this->setEmpty('security.ban_after', 4);
|
||||||
// Ban duration for IP address after login failures (in seconds)
|
|
||||||
$this->setEmpty('security.ban_after', 1800);
|
$this->setEmpty('security.ban_after', 1800);
|
||||||
|
$this->setEmpty('security.session_protection_disabled', false);
|
||||||
|
|
||||||
// Feed options
|
$this->setEmpty('general.check_updates', false);
|
||||||
// Enable RSS permalinks by default.
|
|
||||||
// This corresponds to the default behavior of shaarli before this was added as an option.
|
|
||||||
$this->setEmpty('general.rss_permalinks', true);
|
$this->setEmpty('general.rss_permalinks', true);
|
||||||
// If true, an extra "ATOM feed" button will be displayed in the toolbar
|
|
||||||
$this->setEmpty('extras.show_atom', false);
|
|
||||||
|
|
||||||
// Link display options
|
|
||||||
$this->setEmpty('extras.hide_public_links', false);
|
|
||||||
$this->setEmpty('extras.hide_timestamps', false);
|
|
||||||
$this->setEmpty('general.links_per_page', 20);
|
$this->setEmpty('general.links_per_page', 20);
|
||||||
|
|
||||||
// Private checkbox is checked by default
|
|
||||||
$this->setEmpty('general.default_private_links', false);
|
$this->setEmpty('general.default_private_links', false);
|
||||||
|
|
||||||
// Open Shaarli (true): anyone can add/edit/delete links without having to login
|
|
||||||
$this->setEmpty('extras.open_shaarli', false);
|
|
||||||
|
|
||||||
// Thumbnails
|
|
||||||
// Display thumbnails in links
|
|
||||||
$this->setEmpty('general.enable_thumbnails', true);
|
$this->setEmpty('general.enable_thumbnails', true);
|
||||||
// Store thumbnails in a local cache
|
|
||||||
$this->setEmpty('general.enable_localcache', true);
|
$this->setEmpty('general.enable_localcache', true);
|
||||||
|
|
||||||
// Update check frequency for Shaarli. 86400 seconds=24 hours
|
|
||||||
$this->setEmpty('general.check_updates_branch', 'stable');
|
$this->setEmpty('general.check_updates_branch', 'stable');
|
||||||
$this->setEmpty('general.check_updates_interval', 86400);
|
$this->setEmpty('general.check_updates_interval', 86400);
|
||||||
|
$this->setEmpty('general.header_link', '?');
|
||||||
|
$this->setEmpty('general.enabled_plugins', array('qrcode'));
|
||||||
|
|
||||||
|
$this->setEmpty('extras.show_atom', false);
|
||||||
|
$this->setEmpty('extras.hide_public_links', false);
|
||||||
|
$this->setEmpty('extras.hide_timestamps', false);
|
||||||
|
$this->setEmpty('extras.open_shaarli', false);
|
||||||
$this->setEmpty('extras.redirector', '');
|
$this->setEmpty('extras.redirector', '');
|
||||||
$this->setEmpty('extras.redirector_encode_url', true);
|
$this->setEmpty('extras.redirector_encode_url', true);
|
||||||
|
|
||||||
// Enabled plugins.
|
|
||||||
$this->setEmpty('general.enabled_plugins', array('qrcode'));
|
|
||||||
|
|
||||||
// Initialize plugin parameters array.
|
|
||||||
$this->setEmpty('plugins', array());
|
$this->setEmpty('plugins', array());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -370,7 +332,7 @@ protected function setDefaultValues()
|
||||||
* @param string $key Setting key.
|
* @param string $key Setting key.
|
||||||
* @param mixed $value Setting value.
|
* @param mixed $value Setting value.
|
||||||
*/
|
*/
|
||||||
protected function setEmpty($key, $value)
|
public function setEmpty($key, $value)
|
||||||
{
|
{
|
||||||
if (! $this->exists($key)) {
|
if (! $this->exists($key)) {
|
||||||
$this->set($key, $value);
|
$this->set($key, $value);
|
||||||
|
|
33
index.php
33
index.php
|
@ -106,7 +106,8 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
$conf = ConfigManager::getInstance();
|
$conf = ConfigManager::getInstance();
|
||||||
|
$conf->setEmpty('general.timezone', date_default_timezone_get());
|
||||||
|
$conf->setEmpty('general.title', 'Shared links on '. escape(index_url($_SERVER)));
|
||||||
RainTPL::$tpl_dir = $conf->get('path.raintpl_tpl'); // template directory
|
RainTPL::$tpl_dir = $conf->get('path.raintpl_tpl'); // template directory
|
||||||
RainTPL::$cache_dir = $conf->get('path.raintpl_tmp'); // cache directory
|
RainTPL::$cache_dir = $conf->get('path.raintpl_tmp'); // cache directory
|
||||||
|
|
||||||
|
@ -132,23 +133,6 @@ function stripslashes_deep($value) { $value = is_array($value) ? array_map('stri
|
||||||
header("Cache-Control: post-check=0, pre-check=0", false);
|
header("Cache-Control: post-check=0, pre-check=0", false);
|
||||||
header("Pragma: no-cache");
|
header("Pragma: no-cache");
|
||||||
|
|
||||||
// Handling of old config file which do not have the new parameters.
|
|
||||||
if (! $conf->exists('general.title')) {
|
|
||||||
$conf->set('general.title', 'Shared links on '. escape(index_url($_SERVER)));
|
|
||||||
}
|
|
||||||
if (! $conf->exists('general.timezone')) {
|
|
||||||
$conf->set('general.timezone', date_default_timezone_get());
|
|
||||||
}
|
|
||||||
if (! $conf->exists('security.session_protection_disabled')) {
|
|
||||||
$conf->set('security.session_protection_disabled', false);
|
|
||||||
}
|
|
||||||
if (! $conf->exists('general.default_private_links')) {
|
|
||||||
$conf->set('general.default_private_links', false);
|
|
||||||
}
|
|
||||||
if (! $conf->exists('general.header_link')) {
|
|
||||||
$conf->set('general.header_link', '?');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (! is_file($conf->getConfigFile())) {
|
if (! is_file($conf->getConfigFile())) {
|
||||||
// Ensure Shaarli has proper access to its resources
|
// Ensure Shaarli has proper access to its resources
|
||||||
$errors = ApplicationUtils::checkResourcePermissions();
|
$errors = ApplicationUtils::checkResourcePermissions();
|
||||||
|
@ -170,11 +154,6 @@ function stripslashes_deep($value) { $value = is_array($value) ? array_map('stri
|
||||||
install();
|
install();
|
||||||
}
|
}
|
||||||
|
|
||||||
// FIXME! Update these value with Updater and escpae it during the install/config save.
|
|
||||||
$conf->set('general.title', escape($conf->get('general.title')));
|
|
||||||
$conf->set('general.header_link', escape($conf->get('general.header_link')));
|
|
||||||
$conf->set('extras.redirector', escape($conf->get('extras.redirector')));
|
|
||||||
|
|
||||||
// a token depending of deployment salt, user password, and the current ip
|
// a token depending of deployment salt, user password, and the current ip
|
||||||
define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt')));
|
define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt')));
|
||||||
|
|
||||||
|
@ -1101,9 +1080,9 @@ function renderPage()
|
||||||
$tz = $_POST['continent'] . '/' . $_POST['city'];
|
$tz = $_POST['continent'] . '/' . $_POST['city'];
|
||||||
}
|
}
|
||||||
$conf->set('general.timezone', $tz);
|
$conf->set('general.timezone', $tz);
|
||||||
$conf->set('general.title', $_POST['title']);
|
$conf->set('general.title', escape($_POST['title']));
|
||||||
$conf->set('general.header_link', $_POST['titleLink']);
|
$conf->set('general.header_link', escape($_POST['titleLink']));
|
||||||
$conf->set('extras.redirector', $_POST['redirector']);
|
$conf->set('extras.redirector', escape($_POST['redirector']));
|
||||||
$conf->set('security.session_protection_disabled', !empty($_POST['disablesessionprotection']));
|
$conf->set('security.session_protection_disabled', !empty($_POST['disablesessionprotection']));
|
||||||
$conf->set('general.default_private_links', !empty($_POST['privateLinkByDefault']));
|
$conf->set('general.default_private_links', !empty($_POST['privateLinkByDefault']));
|
||||||
$conf->set('general.rss_permalinks', !empty($_POST['enableRssPermalinks']));
|
$conf->set('general.rss_permalinks', !empty($_POST['enableRssPermalinks']));
|
||||||
|
@ -1951,7 +1930,7 @@ function install()
|
||||||
$conf->set('credentials.salt', $salt);
|
$conf->set('credentials.salt', $salt);
|
||||||
$conf->set('credentials.hash', sha1($_POST['setpassword'] . $login . $salt));
|
$conf->set('credentials.hash', sha1($_POST['setpassword'] . $login . $salt));
|
||||||
if (!empty($_POST['title'])) {
|
if (!empty($_POST['title'])) {
|
||||||
$conf->set('general.title', $_POST['title']);
|
$conf->set('general.title', escape($_POST['title']));
|
||||||
} else {
|
} else {
|
||||||
$conf->set('general.title', 'Shared links on '.escape(index_url($_SERVER)));
|
$conf->set('general.title', 'Shared links on '.escape(index_url($_SERVER)));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue