mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-11-22 04:23:01 +00:00
Require the site secret to use the first-run installer
This commit is contained in:
parent
1dc0438a18
commit
215c0d41ef
1 changed files with 12 additions and 4 deletions
|
@ -13,10 +13,6 @@ register_module([
|
|||
|
||||
// TODO: Figure out how to detect pre-existing wikis here
|
||||
|
||||
if(!$firstrun_complete && count(glob("._peppermint_secret_*")) == 0) {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @api {get} ?action=firstrun Display the firstrun page
|
||||
* @apiName FirstRun
|
||||
|
@ -56,6 +52,13 @@ register_module([
|
|||
<p>Welcome to Pepperminty Wiki.</p>
|
||||
<p>Fill out the below form to get your wiki up and running!</p>
|
||||
<form method='post' action='?action=firstrun-complete'>
|
||||
<fieldset>
|
||||
<legend>Authorisation</legend>
|
||||
|
||||
<p><em>Find your wiki secret in the <code>secret</code> property inside <code>peppermint.json</code>. Don't forget to avoid copying the quotes surrounding the value!</em></p>
|
||||
<label for='secret'>Wiki Secret:</label>
|
||||
<input type='password' id='secret' name='secret' />
|
||||
</fieldset>
|
||||
<fieldset>
|
||||
<legend>Admin account details</legend>
|
||||
|
||||
|
@ -98,6 +101,11 @@ register_module([
|
|||
exit(page_renderer::render_main("Setup complete - Error - $settings->sitename", "<p>Oops! Looks like $settings->sitename is already setup and ready to go! Go to the <a href='?action=$settings->defaultaction&page=".rawurlencode($settings->defaultpage)."'>" . htmlentities($settings->defaultpage)."</a> to get started!</p>"));
|
||||
}
|
||||
|
||||
if($_POST["secret"] !== $settings->secret) {
|
||||
http_response_code(401);
|
||||
exit(page_renderer::render_main("Incorrect secret - Pepperminty Wiki", "<p>Oops! That secret was incorrect. Open <code>peppermint.json</code> that is automatically written to the directory alongside the <code>index.php</code> that you uploaded to your web server and copy the value of the <code>secret</code> property into the wiki secret box on the previous page, taking care to avoid copying the quotation marks.</p>"));
|
||||
}
|
||||
|
||||
// $_POST: username, email-address, password, password-again, wiki-name, data-dir
|
||||
|
||||
if(empty($_POST["username"])) {
|
||||
|
|
Loading…
Reference in a new issue