diff options
| -rw-r--r-- | backend.php | 1 | ||||
| -rw-r--r-- | classes/config.php | 213 | ||||
| -rw-r--r-- | classes/pref/prefs.php | 18 | ||||
| -rw-r--r-- | classes/sanitizer.php | 6 | ||||
| -rw-r--r-- | include/functions.php | 66 | ||||
| -rwxr-xr-x | include/login_form.php | 2 | ||||
| -rwxr-xr-x | include/sanity_check.php | 206 | ||||
| -rw-r--r-- | include/sessions.php | 2 | ||||
| -rw-r--r-- | index.php | 4 | ||||
| -rw-r--r-- | plugins/auth_remote/init.php | 2 | ||||
| -rw-r--r-- | plugins/bookmarklets/init.php | 2 | ||||
| -rw-r--r-- | prefs.php | 3 | ||||
| -rw-r--r-- | public.php | 3 | ||||
| -rwxr-xr-x | update.php | 3 | ||||
| -rwxr-xr-x | update_daemon2.php | 3 |
15 files changed, 269 insertions, 265 deletions
diff --git a/backend.php b/backend.php index b6377c48f..4184e87c8 100644 --- a/backend.php +++ b/backend.php @@ -101,7 +101,6 @@ $op = "pluginhandler"; } */ - // TODO: figure out if is this still needed $op = str_replace("-", "_", $op); $override = PluginHost::getInstance()->lookup_handler($op, $method); diff --git a/classes/config.php b/classes/config.php index ee1d3cb4a..cc8710f5b 100644 --- a/classes/config.php +++ b/classes/config.php @@ -183,4 +183,217 @@ class Config { return $instance->_get($param); } + // this returns Config::SELF_URL_PATH sans ending slash + static function get_self_url() { + $self_url_path = self::get(Config::SELF_URL_PATH); + + if (substr($self_url_path, -1) === "/") { + return substr($self_url_path, 0, -1); + } else { + return $self_url_path; + } + } + + static function is_server_https() { + return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || + (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'); + } + + static function make_self_url() { + $proto = self::is_server_https() ? 'https' : 'http'; + + return $proto . '://' . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; + } + + /* sanity check stuff */ + + private static function make_self_url_path() { + if (!isset($_SERVER["HTTP_HOST"])) return false; + + $proto = self::is_server_https() ? 'https' : 'http'; + $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); + + return $url_path; + } + + private static function check_mysql_tables() { + $pdo = Db::pdo(); + + $sth = $pdo->prepare("SELECT engine, table_name FROM information_schema.tables WHERE + table_schema = ? AND table_name LIKE 'ttrss_%' AND engine != 'InnoDB'"); + $sth->execute([self::get(Config::DB_NAME)]); + + $bad_tables = []; + + while ($line = $sth->fetch()) { + array_push($bad_tables, $line); + } + + return $bad_tables; + } + + static function sanity_check() { + + $errors = array(); + + if (strpos(self::get(Config::PLUGINS), "auth_") === false) { + array_push($errors, "Please enable at least one authentication module via PLUGINS"); + } + + if (function_exists('posix_getuid') && posix_getuid() == 0) { + array_push($errors, "Please don't run this script as root."); + } + + if (version_compare(PHP_VERSION, '7.1.0', '<')) { + array_push($errors, "PHP version 7.1.0 or newer required. You're using " . PHP_VERSION . "."); + } + + if (!class_exists("UConverter")) { + array_push($errors, "PHP UConverter class is missing, it's provided by the Internationalization (intl) module."); + } + + if (!is_writable(self::get(Config::CACHE_DIR) . "/images")) { + array_push($errors, "Image cache is not writable (chmod -R 777 ".self::get(Config::CACHE_DIR)."/images)"); + } + + if (!is_writable(self::get(Config::CACHE_DIR) . "/upload")) { + array_push($errors, "Upload cache is not writable (chmod -R 777 ".self::get(Config::CACHE_DIR)."/upload)"); + } + + if (!is_writable(self::get(Config::CACHE_DIR) . "/export")) { + array_push($errors, "Data export cache is not writable (chmod -R 777 ".self::get(Config::CACHE_DIR)."/export)"); + } + + if (self::get(Config::SINGLE_USER_MODE) && class_exists("PDO")) { + if (UserHelper::get_login_by_id(1) != "admin") { + array_push($errors, "SINGLE_USER_MODE is enabled but default admin account (ID: 1) is not found."); + } + } + + if (php_sapi_name() != "cli") { + $ref_self_url_path = self::make_self_url_path(); + + if ($ref_self_url_path) { + $ref_self_url_path = preg_replace("/\w+\.php$/", "", $ref_self_url_path); + } + + if (self::get(Config::SELF_URL_PATH) == "http://example.org/tt-rss/") { + $hint = $ref_self_url_path ? "(possible value: <b>$ref_self_url_path</b>)" : ""; + array_push($errors, + "Please set SELF_URL_PATH to the correct value for your server: $hint"); + } + + if ($ref_self_url_path && + (!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) && + self::get(Config::SELF_URL_PATH) != $ref_self_url_path && self::get(Config::SELF_URL_PATH) != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) { + array_push($errors, + "Please set SELF_URL_PATH to the correct value detected for your server: <b>$ref_self_url_path</b> (you're using: <b>" . self::get(Config::SELF_URL_PATH) . "</b>)"); + } + } + + if (!is_writable(self::get(Config::ICONS_DIR))) { + array_push($errors, "ICONS_DIR defined in config.php is not writable (chmod -R 777 ".self::get(Config::ICONS_DIR).").\n"); + } + + if (!is_writable(self::get(Config::LOCK_DIRECTORY))) { + array_push($errors, "LOCK_DIRECTORY is not writable (chmod -R 777 ".self::get(Config::LOCK_DIRECTORY).").\n"); + } + + if (!function_exists("curl_init") && !ini_get("allow_url_fopen")) { + array_push($errors, "PHP configuration option allow_url_fopen is disabled, and CURL functions are not present. Either enable allow_url_fopen or install PHP extension for CURL."); + } + + if (!function_exists("json_encode")) { + array_push($errors, "PHP support for JSON is required, but was not found."); + } + + if (!class_exists("PDO")) { + array_push($errors, "PHP support for PDO is required but was not found."); + } + + if (!function_exists("mb_strlen")) { + array_push($errors, "PHP support for mbstring functions is required but was not found."); + } + + if (!function_exists("hash")) { + array_push($errors, "PHP support for hash() function is required but was not found."); + } + + if (ini_get("safe_mode")) { + array_push($errors, "PHP safe mode setting is obsolete and not supported by tt-rss."); + } + + if (!function_exists("mime_content_type")) { + array_push($errors, "PHP function mime_content_type() is missing, try enabling fileinfo module."); + } + + if (!class_exists("DOMDocument")) { + array_push($errors, "PHP support for DOMDocument is required, but was not found."); + } + + if (self::get(Config::DB_TYPE) == "mysql") { + $bad_tables = self::check_mysql_tables(); + + if (count($bad_tables) > 0) { + $bad_tables_fmt = []; + + foreach ($bad_tables as $bt) { + array_push($bad_tables_fmt, sprintf("%s (%s)", $bt['table_name'], $bt['engine'])); + } + + $msg = "<p>The following tables use an unsupported MySQL engine: <b>" . + implode(", ", $bad_tables_fmt) . "</b>.</p>"; + + $msg .= "<p>The only supported engine on MySQL is InnoDB. MyISAM lacks functionality to run + tt-rss. + Please backup your data (via OPML) and re-import the schema before continuing.</p> + <p><b>WARNING: importing the schema would mean LOSS OF ALL YOUR DATA.</b></p>"; + + + array_push($errors, $msg); + } + } + + if (count($errors) > 0 && php_sapi_name() != "cli") { ?> + <!DOCTYPE html> + <html> + <head> + <title>Startup failed</title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> + <link rel="stylesheet" type="text/css" href="themes/light.css"> + </head> + <body class="sanity_failed flat ttrss_utility"> + <div class="content"> + <h1>Startup failed</h1> + + <p>Please fix errors indicated by the following messages:</p> + + <?php foreach ($errors as $error) { echo self::format_error($error); } ?> + + <p>You might want to check tt-rss <a target="_blank" href="https://tt-rss.org/wiki.php">wiki</a> or the + <a target="_blank" href="https://community.tt-rss.org/">forums</a> for more information. Please search the forums before creating new topic + for your question.</p> + </div> + </body> + </html> + + <?php + die; + } else if (count($errors) > 0) { + echo "Please fix errors indicated by the following messages:\n\n"; + + foreach ($errors as $error) { + echo " * " . strip_tags($error)."\n"; + } + + echo "\nYou might want to check tt-rss wiki or the forums for more information.\n"; + echo "Please search the forums before creating new topic for your question.\n"; + + exit(1); + } + } + + private static function format_error($msg) { + return "<div class=\"alert alert-danger\">$msg</div>"; + } } diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index de03b34dc..3436e4f60 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -694,7 +694,7 @@ class Pref_Prefs extends Handler_Protected { print \Controls\input_tag($pref_name, $value, "text", ["readonly" => true], "SSL_CERT_SERIAL"); - $cert_serial = htmlspecialchars(get_ssl_certificate_id()); + $cert_serial = htmlspecialchars(self::_get_ssl_certificate_id()); $has_serial = ($cert_serial) ? true : false; print \Controls\button_tag(__('Register'), "", [ @@ -1408,4 +1408,20 @@ class Pref_Prefs extends Handler_Protected { $this->appPasswordList(); } + + static function _get_ssl_certificate_id() { + if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] ?? false) { + return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] . + $_SERVER["REDIRECT_SSL_CLIENT_V_START"] . + $_SERVER["REDIRECT_SSL_CLIENT_V_END"] . + $_SERVER["REDIRECT_SSL_CLIENT_S_DN"]); + } + if ($_SERVER["SSL_CLIENT_M_SERIAL"] ?? false) { + return sha1($_SERVER["SSL_CLIENT_M_SERIAL"] . + $_SERVER["SSL_CLIENT_V_START"] . + $_SERVER["SSL_CLIENT_V_END"] . + $_SERVER["SSL_CLIENT_S_DN"]); + } + return ""; + } } diff --git a/classes/sanitizer.php b/classes/sanitizer.php index 52feb5e28..5bb5f2efc 100644 --- a/classes/sanitizer.php +++ b/classes/sanitizer.php @@ -49,6 +49,10 @@ class Sanitizer { return false; } + private static function is_prefix_https() { + return parse_url(Config::get(Config::SELF_URL_PATH), PHP_URL_SCHEME) == 'https'; + } + public static function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) { if (!$owner && isset($_SESSION["uid"])) @@ -125,7 +129,7 @@ class Sanitizer { if (!self::iframe_whitelisted($entry)) { $entry->setAttribute('sandbox', 'allow-scripts'); } else { - if (is_prefix_https()) { + if (self::is_prefix_https()) { $entry->setAttribute("src", str_replace("http://", "https://", $entry->getAttribute("src"))); diff --git a/include/functions.php b/include/functions.php index d4505ac24..92db41ad8 100644 --- a/include/functions.php +++ b/include/functions.php @@ -168,68 +168,64 @@ /* compat shims */ + /** function is @deprecated */ + function get_schema_version() { + return Config::get_schema_version(); + } + + /** function is @deprecated */ function _debug($msg) { Debug::log($msg); } - // @deprecated + /** function is @deprecated */ function getFeedUnread($feed, $is_cat = false) { return Feeds::_get_counters($feed, $is_cat, true, $_SESSION["uid"]); } - // @deprecated + /** function is @deprecated */ function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) { return Sanitizer::sanitize($str, $force_remove_images, $owner, $site_url, $highlight_words, $article_id); } - // @deprecated + /** function is @deprecated */ function fetch_file_contents($params) { return UrlHelper::fetch($params); } - // @deprecated + /** function is @deprecated */ function rewrite_relative_url($url, $rel_url) { return UrlHelper::rewrite_relative($url, $rel_url); } - // @deprecated + /** function is @deprecated */ function validate_url($url) { return UrlHelper::validate($url); } - // @deprecated + /** function is @deprecated */ function authenticate_user($login, $password, $check_only = false, $service = false) { return UserHelper::authenticate($login, $password, $check_only, $service); } - // @deprecated + /** function is @deprecated */ function smart_date_time($timestamp, $tz_offset = 0, $owner_uid = false, $eta_min = false) { return TimeHelper::smart_date_time($timestamp, $tz_offset, $owner_uid, $eta_min); } - // @deprecated + /** function is @deprecated */ function make_local_datetime($timestamp, $long, $owner_uid = false, $no_smart_dt = false, $eta_min = false) { return TimeHelper::make_local_datetime($timestamp, $long, $owner_uid, $no_smart_dt, $eta_min); } - /* end compat shims */ - - function get_ssl_certificate_id() { - if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] ?? false) { - return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] . - $_SERVER["REDIRECT_SSL_CLIENT_V_START"] . - $_SERVER["REDIRECT_SSL_CLIENT_V_END"] . - $_SERVER["REDIRECT_SSL_CLIENT_S_DN"]); - } - if ($_SERVER["SSL_CLIENT_M_SERIAL"] ?? false) { - return sha1($_SERVER["SSL_CLIENT_M_SERIAL"] . - $_SERVER["SSL_CLIENT_V_START"] . - $_SERVER["SSL_CLIENT_V_END"] . - $_SERVER["SSL_CLIENT_S_DN"]); - } - return ""; + // this returns Config::SELF_URL_PATH sans ending slash + /** function is @deprecated */ + function get_self_url_prefix() { + return Config::get_self_url(); } + /* end compat shims */ + // this is used for user http parameters unless HTML code is actually needed function clean($param) { if (is_array($param)) { @@ -303,10 +299,6 @@ return $s ? 1 : 0; } - function get_schema_version() { - return Config::get_schema_version(); - } - function file_is_locked($filename) { if (file_exists(Config::get(Config::LOCK_DIRECTORY) . "/$filename")) { if (function_exists('flock')) { @@ -371,24 +363,6 @@ return vsprintf(_ngettext(array_shift($args), array_shift($args), array_shift($args)), $args); } - function is_server_https() { - return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || - (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'); - } - - function is_prefix_https() { - return parse_url(Config::get(Config::SELF_URL_PATH), PHP_URL_SCHEME) == 'https'; - } - - // this returns Config::get(Config::SELF_URL_PATH) sans ending slash - function get_self_url_prefix() { - if (strrpos(Config::get(Config::SELF_URL_PATH), "/") === strlen(Config::get(Config::SELF_URL_PATH))-1) { - return substr(Config::get(Config::SELF_URL_PATH), 0, strlen(Config::get(Config::SELF_URL_PATH))-1); - } else { - return Config::get(Config::SELF_URL_PATH); - } - } - function encrypt_password($pass, $salt = '', $mode2 = false) { if ($salt && $mode2) { return "MODE2:" . hash('sha256', $salt . $pass); diff --git a/include/login_form.php b/include/login_form.php index 06bf57470..91850b768 100755 --- a/include/login_form.php +++ b/include/login_form.php @@ -85,7 +85,7 @@ </script> -<?php $return = urlencode(make_self_url()) ?> +<?php $return = urlencode(Config::make_self_url()) ?> <div class="container"> diff --git a/include/sanity_check.php b/include/sanity_check.php deleted file mode 100755 index 3d6a496b5..000000000 --- a/include/sanity_check.php +++ /dev/null @@ -1,206 +0,0 @@ -<?php - /* WARNING! If you modify this file, you are ON YOUR OWN! */ - - function make_self_url() { - $proto = is_server_https() ? 'https' : 'http'; - - return $proto . '://' . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; - } - - function make_self_url_path() { - if (!isset($_SERVER["HTTP_HOST"])) return false; - - $proto = is_server_https() ? 'https' : 'http'; - $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); - - return $url_path; - } - - function check_mysql_tables() { - $pdo = Db::pdo(); - - $sth = $pdo->prepare("SELECT engine, table_name FROM information_schema.tables WHERE - table_schema = ? AND table_name LIKE 'ttrss_%' AND engine != 'InnoDB'"); - $sth->execute([Config::get(Config::DB_NAME)]); - - $bad_tables = []; - - while ($line = $sth->fetch()) { - array_push($bad_tables, $line); - } - - return $bad_tables; - } - - function initial_sanity_check() { - - $errors = array(); - - if (strpos(Config::get(Config::PLUGINS), "auth_") === false) { - array_push($errors, "Please enable at least one authentication module via Config::get(Config::PLUGINS) constant in config.php"); - } - - if (function_exists('posix_getuid') && posix_getuid() == 0) { - array_push($errors, "Please don't run this script as root."); - } - - if (version_compare(PHP_VERSION, '7.1.0', '<')) { - array_push($errors, "PHP version 7.1.0 or newer required. You're using " . PHP_VERSION . "."); - } - - if (!class_exists("UConverter")) { - array_push($errors, "PHP UConverter class is missing, it's provided by the Internationalization (intl) module."); - } - - if (!is_writable(Config::get(Config::CACHE_DIR) . "/images")) { - array_push($errors, "Image cache is not writable (chmod -R 777 ".Config::get(Config::CACHE_DIR)."/images)"); - } - - if (!is_writable(Config::get(Config::CACHE_DIR) . "/upload")) { - array_push($errors, "Upload cache is not writable (chmod -R 777 ".Config::get(Config::CACHE_DIR)."/upload)"); - } - - if (!is_writable(Config::get(Config::CACHE_DIR) . "/export")) { - array_push($errors, "Data export cache is not writable (chmod -R 777 ".Config::get(Config::CACHE_DIR)."/export)"); - } - - if (Config::get(Config::SINGLE_USER_MODE) && class_exists("PDO")) { - $pdo = Db::pdo(); - - $res = $pdo->query("SELECT id FROM ttrss_users WHERE id = 1"); - - if (!$res->fetch()) { - array_push($errors, "SINGLE_USER_MODE is enabled but default admin account is not found."); - } - } - - if (php_sapi_name() != "cli") { - $ref_self_url_path = make_self_url_path(); - - if ($ref_self_url_path) { - $ref_self_url_path = preg_replace("/\w+\.php$/", "", $ref_self_url_path); - } - - if (Config::get(Config::SELF_URL_PATH) == "http://example.org/tt-rss/") { - $hint = $ref_self_url_path ? "(possible value: <b>$ref_self_url_path</b>)" : ""; - array_push($errors, - "Please set SELF_URL_PATH to the correct value for your server: $hint"); - } - - if ($ref_self_url_path && - (!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) && - Config::get(Config::SELF_URL_PATH) != $ref_self_url_path && Config::get(Config::SELF_URL_PATH) != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) { - array_push($errors, - "Please set SELF_URL_PATH to the correct value detected for your server: <b>$ref_self_url_path</b> (you're using: <b>" . Config::get(Config::SELF_URL_PATH) . "</b>)"); - } - } - - if (!is_writable(Config::get(Config::ICONS_DIR))) { - array_push($errors, "ICONS_DIR defined in config.php is not writable (chmod -R 777 ".Config::get(Config::ICONS_DIR).").\n"); - } - - if (!is_writable(Config::get(Config::LOCK_DIRECTORY))) { - array_push($errors, "LOCK_DIRECTORY is not writable (chmod -R 777 ".Config::get(Config::LOCK_DIRECTORY).").\n"); - } - - if (!function_exists("curl_init") && !ini_get("allow_url_fopen")) { - array_push($errors, "PHP configuration option allow_url_fopen is disabled, and CURL functions are not present. Either enable allow_url_fopen or install PHP extension for CURL."); - } - - if (!function_exists("json_encode")) { - array_push($errors, "PHP support for JSON is required, but was not found."); - } - - if (!class_exists("PDO")) { - array_push($errors, "PHP support for PDO is required but was not found."); - } - - if (!function_exists("mb_strlen")) { - array_push($errors, "PHP support for mbstring functions is required but was not found."); - } - - if (!function_exists("hash")) { - array_push($errors, "PHP support for hash() function is required but was not found."); - } - - if (ini_get("safe_mode")) { - array_push($errors, "PHP safe mode setting is obsolete and not supported by tt-rss."); - } - - if (!function_exists("mime_content_type")) { - array_push($errors, "PHP function mime_content_type() is missing, try enabling fileinfo module."); - } - - if (!class_exists("DOMDocument")) { - array_push($errors, "PHP support for DOMDocument is required, but was not found."); - } - - if (Config::get(Config::DB_TYPE) == "mysql") { - $bad_tables = check_mysql_tables(); - - if (count($bad_tables) > 0) { - $bad_tables_fmt = []; - - foreach ($bad_tables as $bt) { - array_push($bad_tables_fmt, sprintf("%s (%s)", $bt['table_name'], $bt['engine'])); - } - - $msg = "<p>The following tables use an unsupported MySQL engine: <b>" . - implode(", ", $bad_tables_fmt) . "</b>.</p>"; - - $msg .= "<p>The only supported engine on MySQL is InnoDB. MyISAM lacks functionality to run - tt-rss. - Please backup your data (via OPML) and re-import the schema before continuing.</p> - <p><b>WARNING: importing the schema would mean LOSS OF ALL YOUR DATA.</b></p>"; - - - array_push($errors, $msg); - } - } - - if (count($errors) > 0 && php_sapi_name() != "cli") { ?> - <!DOCTYPE html> - <html> - <head> - <title>Startup failed</title> - <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> - <link rel="stylesheet" type="text/css" href="themes/light.css"> - </head> - <body class='sanity_failed claro ttrss_utility'> - <div class="content"> - - <h1>Startup failed</h1> - - <p>Tiny Tiny RSS was unable to start properly. This usually means a misconfiguration or an incomplete upgrade. Please fix - errors indicated by the following messages:</p> - - <?php foreach ($errors as $error) { echo format_error($error); } ?> - - <p>You might want to check tt-rss <a href="https://tt-rss.org/wiki.php">wiki</a> or the - <a href="https://community.tt-rss.org/">forums</a> for more information. Please search the forums before creating new topic - for your question.</p> - - </div> - </body> - </html> - - <?php - die; - } else if (count($errors) > 0) { - echo "Tiny Tiny RSS was unable to start properly. This usually means a misconfiguration or an incomplete upgrade.\n"; - echo "Please fix errors indicated by the following messages:\n\n"; - - foreach ($errors as $error) { - echo " * " . strip_tags($error)."\n"; - } - - echo "\nYou might want to check tt-rss wiki or the forums for more information.\n"; - echo "Please search the forums before creating new topic for your question.\n"; - - exit(-1); - } - } - - initial_sanity_check(); - -?> diff --git a/include/sessions.php b/include/sessions.php index 891a6b3fa..04c24cf72 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -9,7 +9,7 @@ $session_expire = min(2147483647 - time() - 1, max(\Config::get(\Config::SESSION_COOKIE_LIFETIME), 86400)); $session_name = \Config::get(\Config::SESSION_NAME); - if (is_server_https()) { + if (\Config::is_server_https()) { ini_set("session.cookie_secure", "true"); } @@ -13,14 +13,14 @@ require_once "autoload.php"; require_once "sessions.php"; require_once "functions.php"; - require_once "sanity_check.php"; + + Config::sanity_check(); if (!init_plugins()) return; UserHelper::login_sequence(); header('Content-Type: text/html; charset=utf-8'); - ?> <!DOCTYPE html> <html> diff --git a/plugins/auth_remote/init.php b/plugins/auth_remote/init.php index f24364ffd..0ac51ce4e 100644 --- a/plugins/auth_remote/init.php +++ b/plugins/auth_remote/init.php @@ -18,7 +18,7 @@ class Auth_Remote extends Auth_Base { } function get_login_by_ssl_certificate() { - $cert_serial = get_ssl_certificate_id(); + $cert_serial = Pref_Prefs::_get_ssl_certificate_id(); if ($cert_serial) { $sth = $this->pdo->prepare("SELECT login FROM ttrss_user_prefs2, ttrss_users diff --git a/plugins/bookmarklets/init.php b/plugins/bookmarklets/init.php index 967918823..82ed6c97f 100644 --- a/plugins/bookmarklets/init.php +++ b/plugins/bookmarklets/init.php @@ -292,7 +292,7 @@ class Bookmarklets extends Plugin { print_error("Not logged in"); ?> - <form action="public.php?return=<?= urlencode(make_self_url()) ?>" method="post"> + <form action="public.php?return=<?= urlencode(Config::make_self_url()) ?>" method="post"> <input type="hidden" name="op" value="login"> @@ -5,7 +5,8 @@ require_once "autoload.php"; require_once "sessions.php"; require_once "functions.php"; - require_once "sanity_check.php"; + + Config::sanity_check(); if (!init_plugins()) return; diff --git a/public.php b/public.php index 28f95d0a9..f44a94c01 100644 --- a/public.php +++ b/public.php @@ -5,7 +5,8 @@ require_once "autoload.php"; require_once "sessions.php"; require_once "functions.php"; - require_once "sanity_check.php"; + + Config::sanity_check(); startup_gettext(); diff --git a/update.php b/update.php index 41b052f6e..63700cc0c 100755 --- a/update.php +++ b/update.php @@ -9,7 +9,8 @@ require_once "autoload.php"; require_once "functions.php"; - require_once "sanity_check.php"; + + Config::sanity_check(); function make_stampfile($filename) { $fp = fopen(Config::get(Config::LOCK_DIRECTORY) . "/$filename", "w"); diff --git a/update_daemon2.php b/update_daemon2.php index 1e8b1d072..8168c576e 100755 --- a/update_daemon2.php +++ b/update_daemon2.php @@ -10,7 +10,8 @@ require_once "autoload.php"; require_once "functions.php"; - require_once "sanity_check.php"; + + Config::sanity_check(); if (!function_exists('pcntl_fork')) { die("error: This script requires PHP compiled with PCNTL module.\n"); |