Home Explore Help
Sign In
kotnik
/
shaarli
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 5ebc1d504b
Branches Tags
shaarli
/
application
/
ApplicationUtils.php

ApplicationUtils.php 7.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Shaarli (application) utilities
    4. 

  4.  */
    5. 

  5. class ApplicationUtils
    6. 

  6. {
    7. 

  7.     private static $GIT_URL = 'https://raw.githubusercontent.com/shaarli/Shaarli';
    8. 

  8.     private static $GIT_BRANCHES = array('master', 'stable');
    9. 

  9.     private static $VERSION_FILE = 'shaarli_version.php';
    10. 

  10.     private static $VERSION_START_TAG = '<?php /* ';
    11. 

  11.     private static $VERSION_END_TAG = ' */ ?>';
    12. 

  12. 

  13.     /**
    14. 

  14.      * Gets the latest version code from the Git repository
    15. 

  15.      *
    16. 

  16.      * The code is read from the raw content of the version file on the Git server.
    17. 

  17.      *
    18. 

  18.      * @param string $url     URL to reach to get the latest version.
    19. 

  19.      * @param int    $timeout Timeout to check the URL (in seconds).
    20. 

  20.      *
    21. 

  21.      * @return mixed the version code from the repository if available, else 'false'
    22. 

  22.      */
    23. 

  23.     public static function getLatestGitVersionCode($url, $timeout=2)
    24. 

  24.     {
    25. 

  25.         list($headers, $data) = get_http_response($url, $timeout);
    26. 

  26. 

  27.         if (strpos($headers[0], '200 OK') === false) {
    28. 

  28.             error_log('Failed to retrieve ' . $url);
    29. 

  29.             return false;
    30. 

  30.         }
    31. 

  31. 

  32.         return str_replace(
    33. 

  33.             array(self::$VERSION_START_TAG, self::$VERSION_END_TAG, PHP_EOL),
    34. 

  34.             array('', '', ''),
    35. 

  35.             $data
    36. 

  36.         );
    37. 

  37.     }
    38. 

  38. 

  39.     /**
    40. 

  40.      * Checks if a new Shaarli version has been published on the Git repository
    41. 

  41.      *
    42. 

  42.      * Updates checks are run periodically, according to the following criteria:
    43. 

  43.      * - the update checks are enabled (install, global config);
    44. 

  44.      * - the user is logged in (or this is an open instance);
    45. 

  45.      * - the last check is older than a given interval;
    46. 

  46.      * - the check is non-blocking if the HTTPS connection to Git fails;
    47. 

  47.      * - in case of failure, the update file's modification date is updated,
    48. 

  48.      *   to avoid intempestive connection attempts.
    49. 

  49.      *
    50. 

  50.      * @param string $currentVersion the current version code
    51. 

  51.      * @param string $updateFile     the file where to store the latest version code
    52. 

  52.      * @param int    $checkInterval  the minimum interval between update checks (in seconds
    53. 

  53.      * @param bool   $enableCheck    whether to check for new versions
    54. 

  54.      * @param bool   $isLoggedIn     whether the user is logged in
    55. 

  55.      * @param string $branch         check update for the given branch
    56. 

  56.      *
    57. 

  57.      * @throws Exception an invalid branch has been set for update checks
    58. 

  58.      *
    59. 

  59.      * @return mixed the new version code if available and greater, else 'false'
    60. 

  60.      */
    61. 

  61.     public static function checkUpdate($currentVersion,
    62. 

  62.                                        $updateFile,
    63. 

  63.                                        $checkInterval,
    64. 

  64.                                        $enableCheck,
    65. 

  65.                                        $isLoggedIn,
    66. 

  66.                                        $branch='stable')
    67. 

  67.     {
    68. 

  68.         if (! $isLoggedIn) {
    69. 

  69.             // Do not check versions for visitors
    70. 

  70.             return false;
    71. 

  71.         }
    72. 

  72. 

  73.         if (empty($enableCheck)) {
    74. 

  74.             // Do not check if the user doesn't want to
    75. 

  75.             return false;
    76. 

  76.         }
    77. 

  77. 

  78.         if (is_file($updateFile) && (filemtime($updateFile) > time() - $checkInterval)) {
    79. 

  79.             // Shaarli has checked for updates recently - skip HTTP query
    80. 

  80.             $latestKnownVersion = file_get_contents($updateFile);
    81. 

  81. 

  82.             if (version_compare($latestKnownVersion, $currentVersion) == 1) {
    83. 

  83.                 return $latestKnownVersion;
    84. 

  84.             }
    85. 

  85.             return false;
    86. 

  86.         }
    87. 

  87. 

  88.         if (! in_array($branch, self::$GIT_BRANCHES)) {
    89. 

  89.             throw new Exception(
    90. 

  90.                 'Invalid branch selected for updates: "' . $branch . '"'
    91. 

  91.             );
    92. 

  92.         }
    93. 

  93. 

  94.         // Late Static Binding allows overriding within tests
    95. 

  95.         // See http://php.net/manual/en/language.oop5.late-static-bindings.php
    96. 

  96.         $latestVersion = static::getLatestGitVersionCode(
    97. 

  97.             self::$GIT_URL . '/' . $branch . '/' . self::$VERSION_FILE
    98. 

  98.         );
    99. 

  99. 

  100.         if (! $latestVersion) {
    101. 

  101.             // Only update the file's modification date
    102. 

  102.             file_put_contents($updateFile, $currentVersion);
    103. 

  103.             return false;
    104. 

  104.         }
    105. 

  105. 

  106.         // Update the file's content and modification date
    107. 

  107.         file_put_contents($updateFile, $latestVersion);
    108. 

  108. 

  109.         if (version_compare($latestVersion, $currentVersion) == 1) {
    110. 

  110.             return $latestVersion;
    111. 

  111.         }
    112. 

  112. 

  113.         return false;
    114. 

  114.     }
    115. 

  115. 

  116.     /**
    117. 

  117.      * Checks the PHP version to ensure Shaarli can run
    118. 

  118.      *
    119. 

  119.      * @param string $minVersion minimum PHP required version
    120. 

  120.      * @param string $curVersion current PHP version (use PHP_VERSION)
    121. 

  121.      *
    122. 

  122.      * @throws Exception the PHP version is not supported
    123. 

  123.      */
    124. 

  124.     public static function checkPHPVersion($minVersion, $curVersion)
    125. 

  125.     {
    126. 

  126.         if (version_compare($curVersion, $minVersion) < 0) {
    127. 

  127.             throw new Exception(
    128. 

  128.                 'Your PHP version is obsolete!'
    129. 

  129.                 .' Shaarli requires at least PHP '.$minVersion.', and thus cannot run.'
    130. 

  130.                 .' Your PHP version has known security vulnerabilities and should be'
    131. 

  131.                 .' updated as soon as possible.'
    132. 

  132.             );
    133. 

  133.         }
    134. 

  134.     }
    135. 

  135. 

  136.     /**
    137. 

  137.      * Checks Shaarli has the proper access permissions to its resources
    138. 

  138.      *
    139. 

  139.      * @param ConfigManager $conf Configuration Manager instance.
    140. 

  140.      *
    141. 

  141.      * @return array A list of the detected configuration issues
    142. 

  142.      */
    143. 

  143.     public static function checkResourcePermissions($conf)
    144. 

  144.     {
    145. 

  145.         $errors = array();
    146. 

  146. 

  147.         // Check script and template directories are readable
    148. 

  148.         foreach (array(
    149. 

  149.             'application',
    150. 

  150.             'inc',
    151. 

  151.             'plugins',
    152. 

  152.             $conf->get('resource.raintpl_tpl'),
    153. 

  153.         ) as $path) {
    154. 

  154.             if (! is_readable(realpath($path))) {
    155. 

  155.                 $errors[] = '"'.$path.'" directory is not readable';
    156. 

  156.             }
    157. 

  157.         }
    158. 

  158. 

  159.         // Check cache and data directories are readable and writable
    160. 

  160.         foreach (array(
    161. 

  161.             $conf->get('resource.thumbnails_cache'),
    162. 

  162.             $conf->get('resource.data_dir'),
    163. 

  163.             $conf->get('resource.page_cache'),
    164. 

  164.             $conf->get('resource.raintpl_tmp'),
    165. 

  165.         ) as $path) {
    166. 

  166.             if (! is_readable(realpath($path))) {
    167. 

  167.                 $errors[] = '"'.$path.'" directory is not readable';
    168. 

  168.             }
    169. 

  169.             if (! is_writable(realpath($path))) {
    170. 

  170.                 $errors[] = '"'.$path.'" directory is not writable';
    171. 

  171.             }
    172. 

  172.         }
    173. 

  173. 

  174.         // Check configuration files are readable and writable
    175. 

  175.         foreach (array(
    176. 

  176.             $conf->getConfigFileExt(),
    177. 

  177.             $conf->get('resource.datastore'),
    178. 

  178.             $conf->get('resource.ban_file'),
    179. 

  179.             $conf->get('resource.log'),
    180. 

  180.             $conf->get('resource.update_check'),
    181. 

  181.         ) as $path) {
    182. 

  182.             if (! is_file(realpath($path))) {
    183. 

  183.                 # the file may not exist yet
    184. 

  184.                 continue;
    185. 

  185.             }
    186. 

  186. 

  187.             if (! is_readable(realpath($path))) {
    188. 

  188.                 $errors[] = '"'.$path.'" file is not readable';
    189. 

  189.             }
    190. 

  190.             if (! is_writable(realpath($path))) {
    191. 

  191.                 $errors[] = '"'.$path.'" file is not writable';
    192. 

  192.             }
    193. 

  193.         }
    194. 

  194. 

  195.         return $errors;
    196. 

  196.     }
    197. 

  197. }
    198.