sbrl-github/Pepperminty-Wiki
sbrl-github/Pepperminty-Wiki
1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-11-22 16:33:00 +00:00
Code Activity

Fix full_url() and make email_user report correctly

Browse source
This commit is contained in:
Starbeamrainbowlabs 2018-05-12 17:24:08 +01:00
parent 269fa8f83c
commit ef530baaed
Signed by: sbrl
GPG key ID: 1BE5172E637709C2
2 changed files with 14 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Changelog.md
View file

@ -6,6 +6,8 @@ This file holds the changelog for Pepperminty Wiki. This is the master list of t
## Fixed ## Fixed
- [Security] Made the site secret generator cryptographically secure. If you created your wiki before this change, you might want to change your site secret in `peppermint.json` to something more secure with a site like [random.org](https://www.random.org/). - [Security] Made the site secret generator cryptographically secure. If you created your wiki before this change, you might want to change your site secret in `peppermint.json` to something more secure with a site like [random.org](https://www.random.org/).
- The PHP function `openssl_pseudo_random_bytes()` was being used before, but [apparently that's not cryptographically secure](https://paragonie.com/blog/2015/07/how-safely-generate-random-strings-and-integers-in-php). - The PHP function `openssl_pseudo_random_bytes()` was being used before, but [apparently that's not cryptographically secure](https://paragonie.com/blog/2015/07/how-safely-generate-random-strings-and-integers-in-php).
- [Module API] Fix `full_url()` logic
- [Module API] Mak `email_user()` correctly return email sending failures
## Changed ## Changed
- Password hashing has been overhauled! A totally new-and-different system is being used now, so you'll need to rehash all your passwords. - Password hashing has been overhauled! A totally new-and-different system is being used now, so you'll need to rehash all your passwords.

16
core.php
View file

@ -169,6 +169,7 @@ function url_origin( $s = false, $use_forwarded_host = false )
*/ */
function full_url( $s = false, $use_forwarded_host = false ) function full_url( $s = false, $use_forwarded_host = false )
{ {
if($s == false) $s = $_SERVER;
return url_origin( $s, $use_forwarded_host ) . $s['REQUEST_URI']; return url_origin( $s, $use_forwarded_host ) . $s['REQUEST_URI'];
} }
@ -662,6 +663,15 @@ function render_editor($editorName)
return "<span class='editor'>&#9998; $editorName</span>"; return "<span class='editor'>&#9998; $editorName</span>";
} }
/**
* Saves the settings file back to peppermint.json.
* @return bool Whether the settings were saved successfully.
*/
function save_settings() {
global $paths, $settings;
file_put_contents($paths->settings_file, json_encode($settings, JSON_PRETTY_PRINT)) !== false;
}
/** /**
* Saves the currently logged in user's data back to peppermint.json. * Saves the currently logged in user's data back to peppermint.json.
* @package core * @package core
@ -675,9 +685,8 @@ function save_userdata()
return false; return false;
$settings->users->{$env->user} = $env->user_data; $settings->users->{$env->user} = $env->user_data;
file_put_contents($paths->settings_file, json_encode($settings, JSON_PRETTY_PRINT));
return true; return save_settings();
} }
/** /**
@ -733,8 +742,7 @@ function email_user($username, $subject, $body)
foreach($headers as $header => $value) foreach($headers as $header => $value)
$compiled_headers .= "$header: $value\r\n"; $compiled_headers .= "$header: $value\r\n";
mail($settings->users->{$username}->emailAddress, $subject, $body, $compiled_headers, "-t"); return mail($settings->users->{$username}->emailAddress, $subject, $body, $compiled_headers, "-t");
return true;
} }
/** /**
* Sends a plain text email to a list of users, replacing {username} with each user's name. * Sends a plain text email to a list of users, replacing {username} with each user's name.