mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-11-22 04:23:01 +00:00
StorageBox: Fix crash when index.php is a symlink
This commit is contained in:
parent
d99ca1685c
commit
bb9a56f59a
2 changed files with 4 additions and 4 deletions
|
@ -19,7 +19,8 @@ This file holds the changelog for Pepperminty Wiki. This is the master list of t
|
||||||
- [security] Ensured that the `returnto` GET parameter leads you only to another place on your Pepperminty Wiki instance (thanks, @JamieSlome)
|
- [security] Ensured that the `returnto` GET parameter leads you only to another place on your Pepperminty Wiki instance (thanks, @JamieSlome)
|
||||||
- [security] Ensure that Javascript in SVGs never gets executed (it's too challenging to strip it, since it could be lurking in many different places - according to [this answer](https://stackoverflow.com/a/68505306/1460422) even Inkscape doesn't strip all Javascript when asked to)
|
- [security] Ensure that Javascript in SVGs never gets executed (it's too challenging to strip it, since it could be lurking in many different places - according to [this answer](https://stackoverflow.com/a/68505306/1460422) even Inkscape doesn't strip all Javascript when asked to)
|
||||||
- [security] Fixed XSS when the `action` GET param doesn't match a known action
|
- [security] Fixed XSS when the `action` GET param doesn't match a known action
|
||||||
- StorageBox: create SQLite DB ifi it doesn't exist explicitly with `touch()`, because some systems are weird
|
- StorageBox: Create SQLite DB if it doesn't exist explicitly with `touch()`, because some systems are weird
|
||||||
|
- StorageBox: Fix crash when `index.php` is a symbolic link
|
||||||
- Fixed erroneous additional entries in complex tables of contents
|
- Fixed erroneous additional entries in complex tables of contents
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -54,9 +54,8 @@ class StorageBox {
|
||||||
*/
|
*/
|
||||||
function __construct(string $filename) {
|
function __construct(string $filename) {
|
||||||
$firstrun = !file_exists($filename);
|
$firstrun = !file_exists($filename);
|
||||||
$filename_db = path_resolve($filename, __DIR__);
|
if(!file_exists($filename)) touch($filename);
|
||||||
if(!file_exists($filename_db)) touch($filename_db);
|
$this->db = new \PDO("sqlite:$filename"); // HACK: This might not work on some systems, because it depends on the current working directory
|
||||||
$this->db = new \PDO("sqlite:$filename_db"); // HACK: This might not work on some systems, because it depends on the current working directory
|
|
||||||
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||||
if($firstrun) {
|
if($firstrun) {
|
||||||
$this->query("CREATE TABLE IF NOT EXISTS store (key TEXT UNIQUE NOT NULL, value TEXT)");
|
$this->query("CREATE TABLE IF NOT EXISTS store (key TEXT UNIQUE NOT NULL, value TEXT)");
|
||||||
|
|
Loading…
Reference in a new issue