mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-11-24 05:03:00 +00:00
add peppermint_json_perms setting to auto chmod peppermint.json on save
This commit is contained in:
parent
16ce60feb1
commit
c245ea44c2
6 changed files with 27 additions and 9 deletions
|
@ -27,7 +27,7 @@ $modules = glob("modules/*.php");
|
||||||
$module_index = [];
|
$module_index = [];
|
||||||
// Defined just in case a module needs to reference them when we require() them
|
// Defined just in case a module needs to reference them when we require() them
|
||||||
// to gain information
|
// to gain information
|
||||||
$env = $paths = new stdClass();
|
$env = new stdClass(); $paths = new stdClass();
|
||||||
$paths->extra_data_directory = "build/._extra_data";
|
$paths->extra_data_directory = "build/._extra_data";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -37,7 +37,8 @@ if(!file_exists($settingsFilename)) {
|
||||||
// Copy the default settings over to the main settings array
|
// Copy the default settings over to the main settings array
|
||||||
foreach ($guiConfig as $key => $value)
|
foreach ($guiConfig as $key => $value)
|
||||||
$settings->$key = $value->default;
|
$settings->$key = $value->default;
|
||||||
if(file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT)) === false) {
|
// From below if statement: file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT))
|
||||||
|
if(save_settings() === false) {
|
||||||
http_response_code(503);
|
http_response_code(503);
|
||||||
header("content-type: text/plain");
|
header("content-type: text/plain");
|
||||||
exit("Oops! It looks like $settings->sitename wasn't able to write peppermint.json to disk.\nThis file contains all of $settings->sitename's settings, so it's really important!\nHave you checked that PHP has write access to the directory that index.php is located in (and all it's contents and subdirectories)? Try\n\nsudo chown USERNAME:USERNAME -R path/to/directory\n\nand\n\nsudo chmod -R 0644 path/to/directory;\nsudo chmod -R +X path/to/directory\n\n....where USERNAME is the username that the PHP process is running under.");
|
exit("Oops! It looks like $settings->sitename wasn't able to write peppermint.json to disk.\nThis file contains all of $settings->sitename's settings, so it's really important!\nHave you checked that PHP has write access to the directory that index.php is located in (and all it's contents and subdirectories)? Try\n\nsudo chown USERNAME:USERNAME -R path/to/directory\n\nand\n\nsudo chmod -R 0644 path/to/directory;\nsudo chmod -R +X path/to/directory\n\n....where USERNAME is the username that the PHP process is running under.");
|
||||||
|
@ -68,8 +69,10 @@ if(!property_exists($settings, "secret")) {
|
||||||
$settings->secret = bin2hex(random_bytes(16));
|
$settings->secret = bin2hex(random_bytes(16));
|
||||||
$settings_upgraded = true;
|
$settings_upgraded = true;
|
||||||
}
|
}
|
||||||
if($settings_upgraded)
|
if($settings_upgraded) {
|
||||||
file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT));
|
save_settings();
|
||||||
|
// file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT));
|
||||||
|
}
|
||||||
|
|
||||||
// If:
|
// If:
|
||||||
// * The first-run wizard hasn't been completed
|
// * The first-run wizard hasn't been completed
|
||||||
|
@ -80,7 +83,8 @@ if($settings_upgraded)
|
||||||
// Note we added this additional specific check because in Docker containers we recommend that firstrun_complete be manually preset to false, which would previously get autset to true as we thought it was a pre-existing wiki when it isn't! Note also we don't yet have access to the pageindex at this stage, so we can't check that either.
|
// Note we added this additional specific check because in Docker containers we recommend that firstrun_complete be manually preset to false, which would previously get autset to true as we thought it was a pre-existing wiki when it isn't! Note also we don't yet have access to the pageindex at this stage, so we can't check that either.
|
||||||
if(!$settings->firstrun_complete && $settings_upgraded && $did_upgrade_firstrun_key) {
|
if(!$settings->firstrun_complete && $settings_upgraded && $did_upgrade_firstrun_key) {
|
||||||
$settings->firstrun_complete = true;
|
$settings->firstrun_complete = true;
|
||||||
file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT));
|
save_settings();
|
||||||
|
// file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT));
|
||||||
}
|
}
|
||||||
|
|
||||||
// Insert the default CSS if requested
|
// Insert the default CSS if requested
|
||||||
|
|
|
@ -724,11 +724,23 @@ function minify_css(string $css_str) : string {
|
||||||
/**
|
/**
|
||||||
* Saves the settings file back to peppermint.json.
|
* Saves the settings file back to peppermint.json.
|
||||||
* @package core
|
* @package core
|
||||||
|
* @param stdObject [$new_settings=null] A new settings object to REPLACE the old one with - use with extreme care! A value of null (default) indicates that the existing global $settings object will be saved.
|
||||||
* @return bool Whether the settings were saved successfully.
|
* @return bool Whether the settings were saved successfully.
|
||||||
*/
|
*/
|
||||||
function save_settings() {
|
function save_settings($new_settings=null, $filepath=null) {
|
||||||
global $paths, $settings;
|
global $paths, $settings;
|
||||||
return file_put_contents($paths->settings_file, json_encode($settings, JSON_PRETTY_PRINT)) !== false;
|
$result = file_put_contents(
|
||||||
|
isset($paths->settings_file) ? $paths->settings_file : "peppermint.json",
|
||||||
|
json_encode(
|
||||||
|
$new_settings == null ? $settings : $new_settings,
|
||||||
|
JSON_PRETTY_PRINT)
|
||||||
|
) !== false;
|
||||||
|
if($settings->peppermint_json_perms !== null) {
|
||||||
|
$perms = octdec($settings->peppermint_json_perms);
|
||||||
|
if(!chmod($paths->settings_file, $perms))
|
||||||
|
error_log("Warning: Failed to chmod peppermint.json at {$paths->settings_file}"); // Complain about inability to chmod but don't claim we can't save
|
||||||
|
}
|
||||||
|
return $result;
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Save the page index back to disk, respecting $settings->minify_pageindex
|
* Save the page index back to disk, respecting $settings->minify_pageindex
|
||||||
|
|
|
@ -196,7 +196,8 @@ SCRIPT;
|
||||||
// Take a backup of the current settings file
|
// Take a backup of the current settings file
|
||||||
rename($paths->settings_file, "$paths->settings_file.bak");
|
rename($paths->settings_file, "$paths->settings_file.bak");
|
||||||
// Save the new settings file
|
// Save the new settings file
|
||||||
file_put_contents($paths->settings_file, json_encode($newSettings, JSON_PRETTY_PRINT));
|
save_settings($newSettings);
|
||||||
|
// file_put_contents($paths->settings_file, json_encode($newSettings, JSON_PRETTY_PRINT));
|
||||||
|
|
||||||
$content = "<h1>Master settings updated successfully</h1>\n";
|
$content = "<h1>Master settings updated successfully</h1>\n";
|
||||||
$content .= "<p>$settings->sitename's master settings file has been updated successfully. A backup of the original settings has been created under the name <code>peppermint.json.bak</code>, just in case. You can <a href='?action=configure'>go back</a> and continue editing the master settings file, or you can go to the <a href='?action=view&page=" . rawurlencode($settings->defaultpage) . "'>" . htmlentities($settings->defaultpage) . "</a>.</p>\n";
|
$content .= "<p>$settings->sitename's master settings file has been updated successfully. A backup of the original settings has been created under the name <code>peppermint.json.bak</code>, just in case. You can <a href='?action=configure'>go back</a> and continue editing the master settings file, or you can go to the <a href='?action=view&page=" . rawurlencode($settings->defaultpage) . "'>" . htmlentities($settings->defaultpage) . "</a>.</p>\n";
|
||||||
|
|
|
@ -238,7 +238,7 @@ function do_password_hash_code_update() {
|
||||||
$settings->password_cost = $new_cost;
|
$settings->password_cost = $new_cost;
|
||||||
// Save the current time in the settings
|
// Save the current time in the settings
|
||||||
$settings->password_cost_time_lastcheck = time();
|
$settings->password_cost_time_lastcheck = time();
|
||||||
file_put_contents($paths->settings_file, json_encode($settings, JSON_PRETTY_PRINT));
|
save_settings();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -270,6 +270,7 @@
|
||||||
"sessionlifetime": { "type": "number", "description": "Again, you shouldn't need to change this under normal circumstances. This setting controls the lifetime of a login session. Defaults to 24 hours, but it may get cut off sooner depending on the underlying PHP session lifetime.", "default": 86400 },
|
"sessionlifetime": { "type": "number", "description": "Again, you shouldn't need to change this under normal circumstances. This setting controls the lifetime of a login session. Defaults to 24 hours, but it may get cut off sooner depending on the underlying PHP session lifetime.", "default": 86400 },
|
||||||
"cookie_secure": { "type": "text", "description": "Whether to set the 'Secure' flag on all cookies. This prevents cookies from being transmitted over an unencrypted connection. Default: auto (sets the flag if HTTPS is detected). Other possible values: false (the flag is never set), true (the flag will always be set, regardless of whether HTTPS is detected or not)", "default": "auto" },
|
"cookie_secure": { "type": "text", "description": "Whether to set the 'Secure' flag on all cookies. This prevents cookies from being transmitted over an unencrypted connection. Default: auto (sets the flag if HTTPS is detected). Other possible values: false (the flag is never set), true (the flag will always be set, regardless of whether HTTPS is detected or not)", "default": "auto" },
|
||||||
"disable_peppermint_access_check": { "type": "checkbox", "description": "Disables the access check for peppermint.json on first-run. <strong>VERY DANGEROUS</strong>. Use only for development. Note that it's recommend to block access to peppermint.json for a reason - it contains your site secret and password hashes, so an attacker could do all <em>sorts</em> of nefarious things if it's left unblocked.", "default": false },
|
"disable_peppermint_access_check": { "type": "checkbox", "description": "Disables the access check for peppermint.json on first-run. <strong>VERY DANGEROUS</strong>. Use only for development. Note that it's recommend to block access to peppermint.json for a reason - it contains your site secret and password hashes, so an attacker could do all <em>sorts</em> of nefarious things if it's left unblocked.", "default": false },
|
||||||
|
"peppermint_json_perms": { "type": "text", "description": "The permissions to chmod peppermint.json to after saving it. Defaults to null, which means do not alter permissions. String must be a linux octal string with a leading 0: for example 0640. WARNING: Do <strong>NOT</strong> mark peppermint.json as 0777 - this is very insecure! Generally 0660, 0640, and 0600 work well for most purposes. Do not edit this setting unless you know what you're doing!", "default": null },
|
||||||
"css_theme_autoupdate_url": { "type": "url", "description": "A url that points to the css theme file to check for updates. If blank, then automatic updates are disabled.", "default": "" },
|
"css_theme_autoupdate_url": { "type": "url", "description": "A url that points to the css theme file to check for updates. If blank, then automatic updates are disabled.", "default": "" },
|
||||||
"css_theme_autoupdate_interval": { "type": "number", "description": "The interval, in seconds, that updates to the theme should be checked for. Defaults to every week. A value of -1 disables automatic updates.", "default": 604800 },
|
"css_theme_autoupdate_interval": { "type": "number", "description": "The interval, in seconds, that updates to the theme should be checked for. Defaults to every week. A value of -1 disables automatic updates.", "default": 604800 },
|
||||||
"css_theme_autoupdate_lastcheck": { "type": "number", "description": "The timestamp of the last time that updates for the selected theme were last checked for. To disable automatic updates, you should set <code>css_theme_autoupdate_interval</code> to <code>-1</code> instead of changing this setting.", "default": 0 },
|
"css_theme_autoupdate_lastcheck": { "type": "number", "description": "The timestamp of the last time that updates for the selected theme were last checked for. To disable automatic updates, you should set <code>css_theme_autoupdate_interval</code> to <code>-1</code> instead of changing this setting.", "default": 0 },
|
||||||
|
|
Loading…
Reference in a new issue