mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-11-25 17:23:00 +00:00
Add secret GET param to debug action
This commit is contained in:
parent
8d67a8290c
commit
2198755af8
3 changed files with 10 additions and 6 deletions
|
@ -35,7 +35,10 @@ if(!file_exists($settingsFilename)) {
|
||||||
$settings->$key = $value->default;
|
$settings->$key = $value->default;
|
||||||
// Generate a random secret
|
// Generate a random secret
|
||||||
$settings->secret = bin2hex(random_bytes(16));
|
$settings->secret = bin2hex(random_bytes(16));
|
||||||
file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT));
|
if(file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT)) === false) {
|
||||||
|
http_response_code(503);
|
||||||
|
exit("Oops! It looks like $settings->sitename wasn't able to write peppermint.json to disk.\nThis file contains all of $settings->sitename's settings, so it's really important!\nHave you checked that PHP has write access to the directory that index.php is located in (and all it's contents and subdirectories)? Try\n\nsudo chown USERNAME:USERNAME -R path/to/directory\n\nand\n\nsudo chmod -R 0644 path/to/directory;\nsudo chmod -R +X path/too/directory\n\n....where USERNAME is the username that the PHP process is running under.");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
$settings = json_decode(file_get_contents("peppermint.json"));
|
$settings = json_decode(file_get_contents("peppermint.json"));
|
||||||
|
|
|
@ -202,10 +202,10 @@
|
||||||
{
|
{
|
||||||
"id": "page-debug-info",
|
"id": "page-debug-info",
|
||||||
"name": "Debug Information",
|
"name": "Debug Information",
|
||||||
"version": "0.1.1",
|
"version": "0.2",
|
||||||
"author": "Starbeamrainbowlabs",
|
"author": "Starbeamrainbowlabs",
|
||||||
"description": "Adds a debug action for administrator use only that collects a load of useful information to make reporting bugs easier.",
|
"description": "Adds a debug action for administrator use only that collects a load of useful information to make reporting bugs easier.",
|
||||||
"lastupdate": 1524415876,
|
"lastupdate": 1568229660,
|
||||||
"optional": false,
|
"optional": false,
|
||||||
"extra_data": []
|
"extra_data": []
|
||||||
},
|
},
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
register_module([
|
register_module([
|
||||||
"name" => "Debug Information",
|
"name" => "Debug Information",
|
||||||
"version" => "0.1.1",
|
"version" => "0.2",
|
||||||
"author" => "Starbeamrainbowlabs",
|
"author" => "Starbeamrainbowlabs",
|
||||||
"description" => "Adds a debug action for administrator use only that collects a load of useful information to make reporting bugs easier.",
|
"description" => "Adds a debug action for administrator use only that collects a load of useful information to make reporting bugs easier.",
|
||||||
"id" => "page-debug-info",
|
"id" => "page-debug-info",
|
||||||
|
@ -14,6 +14,8 @@ register_module([
|
||||||
* @apiPermission Moderator
|
* @apiPermission Moderator
|
||||||
*
|
*
|
||||||
* @apiUse UserNotModeratorError
|
* @apiUse UserNotModeratorError
|
||||||
|
*
|
||||||
|
* @apiParam {string} secret Optional. If you're not logged in as a moderator or better, then specifying the secret works as a substitute.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -27,8 +29,7 @@ register_module([
|
||||||
global $settings, $env, $paths, $version, $commit;
|
global $settings, $env, $paths, $version, $commit;
|
||||||
header("content-type: text/plain");
|
header("content-type: text/plain");
|
||||||
|
|
||||||
if(!$env->is_admin)
|
if(!$env->is_admin && (isset($_GET["secret"]) && $_GET["secret"] !== $settings->secret)) {
|
||||||
{
|
|
||||||
exit("You must be logged in as an moderator in order to generate debugging information.");
|
exit("You must be logged in as an moderator in order to generate debugging information.");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue