Rss-Bridge/lib/Configuration.php

<?php
class Configuration {

	public static $VERSION = 'dev.2018-11-10';

	public static $config = null;

	public static function verifyInstallation() {

		// Check PHP version
		if(version_compare(PHP_VERSION, '5.6.0') === -1)
			die('RSS-Bridge requires at least PHP version 5.6.0!');

		// extensions check
		if(!extension_loaded('openssl'))
			die('"openssl" extension not loaded. Please check "php.ini"');

		if(!extension_loaded('libxml'))
			die('"libxml" extension not loaded. Please check "php.ini"');

		if(!extension_loaded('mbstring'))
			die('"mbstring" extension not loaded. Please check "php.ini"');

		if(!extension_loaded('simplexml'))
			die('"simplexml" extension not loaded. Please check "php.ini"');

		if(!extension_loaded('curl'))
			die('"curl" extension not loaded. Please check "php.ini"');

		if(!extension_loaded('json'))
			die('"json" extension not loaded. Please check "php.ini"');

		// Check cache folder permissions (write permissions required)
		if(!is_writable(PATH_CACHE))
			die('RSS-Bridge does not have write permissions for ' . PATH_CACHE . '!');

		// Check whitelist file permissions
		if(!file_exists(WHITELIST) && !is_writable(dirname(WHITELIST)))
			die('RSS-Bridge does not have write permissions for ' . WHITELIST . '!');

	}

	public static function loadConfiguration() {

		if(!file_exists('config.default.ini.php'))
			die('The default configuration file "config.default.ini.php" is missing!');

		Configuration::$config = parse_ini_file('config.default.ini.php', true, INI_SCANNER_TYPED);
		if(!Configuration::$config)
			die('Error parsing config.default.ini.php');

		if(file_exists('config.ini.php')) {
			// Replace default configuration with custom settings
			foreach(parse_ini_file('config.ini.php', true, INI_SCANNER_TYPED) as $header => $section) {
				foreach($section as $key => $value) {
					// Skip unknown sections and keys
					if(array_key_exists($header, Configuration::$config) && array_key_exists($key, Configuration::$config[$header])) {
						Configuration::$config[$header][$key] = $value;
					}
				}
			}
		}

		if(!is_string(self::getConfig('proxy', 'url')))
			die('Parameter [proxy] => "url" is not a valid string! Please check "config.ini.php"!');

		if(!empty(self::getConfig('proxy', 'url')))
			define('PROXY_URL', self::getConfig('proxy', 'url'));

		if(!is_bool(self::getConfig('proxy', 'by_bridge')))
			die('Parameter [proxy] => "by_bridge" is not a valid Boolean! Please check "config.ini.php"!');

		define('PROXY_BYBRIDGE', self::getConfig('proxy', 'by_bridge'));

		if(!is_string(self::getConfig('proxy', 'name')))
			die('Parameter [proxy] => "name" is not a valid string! Please check "config.ini.php"!');

		define('PROXY_NAME', self::getConfig('proxy', 'name'));

		if(!is_bool(self::getConfig('cache', 'custom_timeout')))
			die('Parameter [cache] => "custom_timeout" is not a valid Boolean! Please check "config.ini.php"!');

		define('CUSTOM_CACHE_TIMEOUT', self::getConfig('cache', 'custom_timeout'));

		if(!is_bool(self::getConfig('authentication', 'enable')))
			die('Parameter [authentication] => "enable" is not a valid Boolean! Please check "config.ini.php"!');

		if(!is_string(self::getConfig('authentication', 'username')))
			die('Parameter [authentication] => "username" is not a valid string! Please check "config.ini.php"!');

		if(!is_string(self::getConfig('authentication', 'password')))
			die('Parameter [authentication] => "password" is not a valid string! Please check "config.ini.php"!');

		if(!empty(self::getConfig('admin', 'email'))
		&& !filter_var(self::getConfig('admin', 'email'), FILTER_VALIDATE_EMAIL))
			die('Parameter [admin] => "email" is not a valid email address! Please check "config.ini.php"!');

	}

	public static function getConfig($category, $key) {

		if(array_key_exists($category, self::$config) && array_key_exists($key, self::$config[$category])) {
			return self::$config[$category][$key];
		}

		return null;

	}

	public static function getVersion() {

		$headFile = '.git/HEAD';

		// '@' is used to mute open_basedir warning
		if(@is_readable($headFile)) {

			$revisionHashFile = '.git/' . substr(file_get_contents($headFile), 5, -1);
			$branchName = explode('/', $revisionHashFile)[3];
			if(file_exists($revisionHashFile)) {
				return 'git.' . $branchName . '.' . substr(file_get_contents($revisionHashFile), 0, 7);
			}
		}

		return Configuration::$VERSION;

	}

}
Add basic authentication support (#728) * Move configuration in its own class in order to reduce the verbosity of index.php * Add authentication mechanism using HTTP auth * Add a method to get the config parameters * Remove the installation checks from the index page * Log all failed authentication attempts 2018-06-27 19:09:41 +02:00			`<?php`
			`class Configuration {`

Bump version to dev.2018-11-10 2018-11-10 18:11:49 +01:00			`public static $VERSION = 'dev.2018-11-10';`
Add recuperation of the current version from git if available (#731) * Add recuperation of the current version from git if available * Include version when auto-reporting an error 2018-06-30 10:24:22 +02:00
Add basic authentication support (#728) * Move configuration in its own class in order to reduce the verbosity of index.php * Add authentication mechanism using HTTP auth * Add a method to get the config parameters * Remove the installation checks from the index page * Log all failed authentication attempts 2018-06-27 19:09:41 +02:00			`public static $config = null;`

			`public static function verifyInstallation() {`

			`// Check PHP version`
core: Replace PHP_VERSION_REQUIRED by static text The required PHP version is used in one place only and therefore shouldn't require a constant 2018-11-05 19:07:33 +01:00			`if(version_compare(PHP_VERSION, '5.6.0') === -1)`
			`die('RSS-Bridge requires at least PHP version 5.6.0!');`
Add basic authentication support (#728) * Move configuration in its own class in order to reduce the verbosity of index.php * Add authentication mechanism using HTTP auth * Add a method to get the config parameters * Remove the installation checks from the index page * Log all failed authentication attempts 2018-06-27 19:09:41 +02:00
			`// extensions check`
			`if(!extension_loaded('openssl'))`
			`die('"openssl" extension not loaded. Please check "php.ini"');`

			`if(!extension_loaded('libxml'))`
			`die('"libxml" extension not loaded. Please check "php.ini"');`

			`if(!extension_loaded('mbstring'))`
			`die('"mbstring" extension not loaded. Please check "php.ini"');`

			`if(!extension_loaded('simplexml'))`
			`die('"simplexml" extension not loaded. Please check "php.ini"');`

			`if(!extension_loaded('curl'))`
			`die('"curl" extension not loaded. Please check "php.ini"');`

Add extension check for the "json" extension. 2018-08-22 17:21:20 +02:00			`if(!extension_loaded('json'))`
			`die('"json" extension not loaded. Please check "php.ini"');`

Add basic authentication support (#728) * Move configuration in its own class in order to reduce the verbosity of index.php * Add authentication mechanism using HTTP auth * Add a method to get the config parameters * Remove the installation checks from the index page * Log all failed authentication attempts 2018-06-27 19:09:41 +02:00			`// Check cache folder permissions (write permissions required)`
core: Replace CACHE_DIR by PATH_CACHE Move CACHE_DIR from index.php to /lib/RssBridge.php and change name to PATH_CACHE. PATH_CACHE is one of the core paths of RSS-Bridge and should therefore be defined in the core file RssBridge.php. 2018-11-06 18:35:40 +01:00			`if(!is_writable(PATH_CACHE))`
			`die('RSS-Bridge does not have write permissions for ' . PATH_CACHE . '!');`
Add basic authentication support (#728) * Move configuration in its own class in order to reduce the verbosity of index.php * Add authentication mechanism using HTTP auth * Add a method to get the config parameters * Remove the installation checks from the index page * Log all failed authentication attempts 2018-06-27 19:09:41 +02:00
core: Define path to whitelist.txt in rssbridge.php 2018-11-10 19:51:37 +01:00			`// Check whitelist file permissions`
			`if(!file_exists(WHITELIST) && !is_writable(dirname(WHITELIST)))`
			`die('RSS-Bridge does not have write permissions for ' . WHITELIST . '!');`
Add basic authentication support (#728) * Move configuration in its own class in order to reduce the verbosity of index.php * Add authentication mechanism using HTTP auth * Add a method to get the config parameters * Remove the installation checks from the index page * Log all failed authentication attempts 2018-06-27 19:09:41 +02:00
			`}`

			`public static function loadConfiguration() {`

			`if(!file_exists('config.default.ini.php'))`
			`die('The default configuration file "config.default.ini.php" is missing!');`

			`Configuration::$config = parse_ini_file('config.default.ini.php', true, INI_SCANNER_TYPED);`
			`if(!Configuration::$config)`
			`die('Error parsing config.default.ini.php');`

			`if(file_exists('config.ini.php')) {`
			`// Replace default configuration with custom settings`
			`foreach(parse_ini_file('config.ini.php', true, INI_SCANNER_TYPED) as $header => $section) {`
			`foreach($section as $key => $value) {`
			`// Skip unknown sections and keys`
			`if(array_key_exists($header, Configuration::$config) && array_key_exists($key, Configuration::$config[$header])) {`
			`Configuration::$config[$header][$key] = $value;`
			`}`
			`}`
			`}`
			`}`

			`if(!is_string(self::getConfig('proxy', 'url')))`
			`die('Parameter [proxy] => "url" is not a valid string! Please check "config.ini.php"!');`

			`if(!empty(self::getConfig('proxy', 'url')))`
			`define('PROXY_URL', self::getConfig('proxy', 'url'));`

			`if(!is_bool(self::getConfig('proxy', 'by_bridge')))`
			`die('Parameter [proxy] => "by_bridge" is not a valid Boolean! Please check "config.ini.php"!');`

			`define('PROXY_BYBRIDGE', self::getConfig('proxy', 'by_bridge'));`

			`if(!is_string(self::getConfig('proxy', 'name')))`
			`die('Parameter [proxy] => "name" is not a valid string! Please check "config.ini.php"!');`

			`define('PROXY_NAME', self::getConfig('proxy', 'name'));`

			`if(!is_bool(self::getConfig('cache', 'custom_timeout')))`
			`die('Parameter [cache] => "custom_timeout" is not a valid Boolean! Please check "config.ini.php"!');`

			`define('CUSTOM_CACHE_TIMEOUT', self::getConfig('cache', 'custom_timeout'));`

			`if(!is_bool(self::getConfig('authentication', 'enable')))`
			`die('Parameter [authentication] => "enable" is not a valid Boolean! Please check "config.ini.php"!');`

			`if(!is_string(self::getConfig('authentication', 'username')))`
			`die('Parameter [authentication] => "username" is not a valid string! Please check "config.ini.php"!');`

			`if(!is_string(self::getConfig('authentication', 'password')))`
			`die('Parameter [authentication] => "password" is not a valid string! Please check "config.ini.php"!');`

[Configuration] Use FILTER_VALIDATE_EMAIL on admin/email This prevents including arbitrary data as email address. 2018-11-10 18:42:36 +01:00			`if(!empty(self::getConfig('admin', 'email'))`
			`&& !filter_var(self::getConfig('admin', 'email'), FILTER_VALIDATE_EMAIL))`
			`die('Parameter [admin] => "email" is not a valid email address! Please check "config.ini.php"!');`

Add basic authentication support (#728) * Move configuration in its own class in order to reduce the verbosity of index.php * Add authentication mechanism using HTTP auth * Add a method to get the config parameters * Remove the installation checks from the index page * Log all failed authentication attempts 2018-06-27 19:09:41 +02:00			`}`

			`public static function getConfig($category, $key) {`

			`if(array_key_exists($category, self::$config) && array_key_exists($key, self::$config[$category])) {`
			`return self::$config[$category][$key];`
			`}`

			`return null;`

			`}`

Add recuperation of the current version from git if available (#731) * Add recuperation of the current version from git if available * Include version when auto-reporting an error 2018-06-30 10:24:22 +02:00			`public static function getVersion() {`

			`$headFile = '.git/HEAD';`

[Configuration] Fix open_basedir warnings (#887) If .git/HEAD isn't in open_basedir it'd throw ugly warnings. Suppress errors while checking if file is readable 2018-10-27 10:53:45 +02:00			`// '@' is used to mute open_basedir warning`
			`if(@is_readable($headFile)) {`
Add recuperation of the current version from git if available (#731) * Add recuperation of the current version from git if available * Include version when auto-reporting an error 2018-06-30 10:24:22 +02:00
			`$revisionHashFile = '.git/' . substr(file_get_contents($headFile), 5, -1);`
			`$branchName = explode('/', $revisionHashFile)[3];`
			`if(file_exists($revisionHashFile)) {`
			`return 'git.' . $branchName . '.' . substr(file_get_contents($revisionHashFile), 0, 7);`
			`}`
			`}`

			`return Configuration::$VERSION;`

			`}`

Add basic authentication support (#728) * Move configuration in its own class in order to reduce the verbosity of index.php * Add authentication mechanism using HTTP auth * Add a method to get the config parameters * Remove the installation checks from the index page * Log all failed authentication attempts 2018-06-27 19:09:41 +02:00			`}`