diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/functions.php | 66 | ||||
-rwxr-xr-x | include/login_form.php | 2 | ||||
-rwxr-xr-x | include/sanity_check.php | 206 | ||||
-rw-r--r-- | include/sessions.php | 2 |
4 files changed, 22 insertions, 254 deletions
diff --git a/include/functions.php b/include/functions.php index d4505ac24..92db41ad8 100644 --- a/include/functions.php +++ b/include/functions.php @@ -168,68 +168,64 @@ /* compat shims */ + /** function is @deprecated */ + function get_schema_version() { + return Config::get_schema_version(); + } + + /** function is @deprecated */ function _debug($msg) { Debug::log($msg); } - // @deprecated + /** function is @deprecated */ function getFeedUnread($feed, $is_cat = false) { return Feeds::_get_counters($feed, $is_cat, true, $_SESSION["uid"]); } - // @deprecated + /** function is @deprecated */ function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) { return Sanitizer::sanitize($str, $force_remove_images, $owner, $site_url, $highlight_words, $article_id); } - // @deprecated + /** function is @deprecated */ function fetch_file_contents($params) { return UrlHelper::fetch($params); } - // @deprecated + /** function is @deprecated */ function rewrite_relative_url($url, $rel_url) { return UrlHelper::rewrite_relative($url, $rel_url); } - // @deprecated + /** function is @deprecated */ function validate_url($url) { return UrlHelper::validate($url); } - // @deprecated + /** function is @deprecated */ function authenticate_user($login, $password, $check_only = false, $service = false) { return UserHelper::authenticate($login, $password, $check_only, $service); } - // @deprecated + /** function is @deprecated */ function smart_date_time($timestamp, $tz_offset = 0, $owner_uid = false, $eta_min = false) { return TimeHelper::smart_date_time($timestamp, $tz_offset, $owner_uid, $eta_min); } - // @deprecated + /** function is @deprecated */ function make_local_datetime($timestamp, $long, $owner_uid = false, $no_smart_dt = false, $eta_min = false) { return TimeHelper::make_local_datetime($timestamp, $long, $owner_uid, $no_smart_dt, $eta_min); } - /* end compat shims */ - - function get_ssl_certificate_id() { - if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] ?? false) { - return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] . - $_SERVER["REDIRECT_SSL_CLIENT_V_START"] . - $_SERVER["REDIRECT_SSL_CLIENT_V_END"] . - $_SERVER["REDIRECT_SSL_CLIENT_S_DN"]); - } - if ($_SERVER["SSL_CLIENT_M_SERIAL"] ?? false) { - return sha1($_SERVER["SSL_CLIENT_M_SERIAL"] . - $_SERVER["SSL_CLIENT_V_START"] . - $_SERVER["SSL_CLIENT_V_END"] . - $_SERVER["SSL_CLIENT_S_DN"]); - } - return ""; + // this returns Config::SELF_URL_PATH sans ending slash + /** function is @deprecated */ + function get_self_url_prefix() { + return Config::get_self_url(); } + /* end compat shims */ + // this is used for user http parameters unless HTML code is actually needed function clean($param) { if (is_array($param)) { @@ -303,10 +299,6 @@ return $s ? 1 : 0; } - function get_schema_version() { - return Config::get_schema_version(); - } - function file_is_locked($filename) { if (file_exists(Config::get(Config::LOCK_DIRECTORY) . "/$filename")) { if (function_exists('flock')) { @@ -371,24 +363,6 @@ return vsprintf(_ngettext(array_shift($args), array_shift($args), array_shift($args)), $args); } - function is_server_https() { - return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || - (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'); - } - - function is_prefix_https() { - return parse_url(Config::get(Config::SELF_URL_PATH), PHP_URL_SCHEME) == 'https'; - } - - // this returns Config::get(Config::SELF_URL_PATH) sans ending slash - function get_self_url_prefix() { - if (strrpos(Config::get(Config::SELF_URL_PATH), "/") === strlen(Config::get(Config::SELF_URL_PATH))-1) { - return substr(Config::get(Config::SELF_URL_PATH), 0, strlen(Config::get(Config::SELF_URL_PATH))-1); - } else { - return Config::get(Config::SELF_URL_PATH); - } - } - function encrypt_password($pass, $salt = '', $mode2 = false) { if ($salt && $mode2) { return "MODE2:" . hash('sha256', $salt . $pass); diff --git a/include/login_form.php b/include/login_form.php index 06bf57470..91850b768 100755 --- a/include/login_form.php +++ b/include/login_form.php @@ -85,7 +85,7 @@ </script> -<?php $return = urlencode(make_self_url()) ?> +<?php $return = urlencode(Config::make_self_url()) ?> <div class="container"> diff --git a/include/sanity_check.php b/include/sanity_check.php deleted file mode 100755 index 3d6a496b5..000000000 --- a/include/sanity_check.php +++ /dev/null @@ -1,206 +0,0 @@ -<?php - /* WARNING! If you modify this file, you are ON YOUR OWN! */ - - function make_self_url() { - $proto = is_server_https() ? 'https' : 'http'; - - return $proto . '://' . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; - } - - function make_self_url_path() { - if (!isset($_SERVER["HTTP_HOST"])) return false; - - $proto = is_server_https() ? 'https' : 'http'; - $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); - - return $url_path; - } - - function check_mysql_tables() { - $pdo = Db::pdo(); - - $sth = $pdo->prepare("SELECT engine, table_name FROM information_schema.tables WHERE - table_schema = ? AND table_name LIKE 'ttrss_%' AND engine != 'InnoDB'"); - $sth->execute([Config::get(Config::DB_NAME)]); - - $bad_tables = []; - - while ($line = $sth->fetch()) { - array_push($bad_tables, $line); - } - - return $bad_tables; - } - - function initial_sanity_check() { - - $errors = array(); - - if (strpos(Config::get(Config::PLUGINS), "auth_") === false) { - array_push($errors, "Please enable at least one authentication module via Config::get(Config::PLUGINS) constant in config.php"); - } - - if (function_exists('posix_getuid') && posix_getuid() == 0) { - array_push($errors, "Please don't run this script as root."); - } - - if (version_compare(PHP_VERSION, '7.1.0', '<')) { - array_push($errors, "PHP version 7.1.0 or newer required. You're using " . PHP_VERSION . "."); - } - - if (!class_exists("UConverter")) { - array_push($errors, "PHP UConverter class is missing, it's provided by the Internationalization (intl) module."); - } - - if (!is_writable(Config::get(Config::CACHE_DIR) . "/images")) { - array_push($errors, "Image cache is not writable (chmod -R 777 ".Config::get(Config::CACHE_DIR)."/images)"); - } - - if (!is_writable(Config::get(Config::CACHE_DIR) . "/upload")) { - array_push($errors, "Upload cache is not writable (chmod -R 777 ".Config::get(Config::CACHE_DIR)."/upload)"); - } - - if (!is_writable(Config::get(Config::CACHE_DIR) . "/export")) { - array_push($errors, "Data export cache is not writable (chmod -R 777 ".Config::get(Config::CACHE_DIR)."/export)"); - } - - if (Config::get(Config::SINGLE_USER_MODE) && class_exists("PDO")) { - $pdo = Db::pdo(); - - $res = $pdo->query("SELECT id FROM ttrss_users WHERE id = 1"); - - if (!$res->fetch()) { - array_push($errors, "SINGLE_USER_MODE is enabled but default admin account is not found."); - } - } - - if (php_sapi_name() != "cli") { - $ref_self_url_path = make_self_url_path(); - - if ($ref_self_url_path) { - $ref_self_url_path = preg_replace("/\w+\.php$/", "", $ref_self_url_path); - } - - if (Config::get(Config::SELF_URL_PATH) == "http://example.org/tt-rss/") { - $hint = $ref_self_url_path ? "(possible value: <b>$ref_self_url_path</b>)" : ""; - array_push($errors, - "Please set SELF_URL_PATH to the correct value for your server: $hint"); - } - - if ($ref_self_url_path && - (!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) && - Config::get(Config::SELF_URL_PATH) != $ref_self_url_path && Config::get(Config::SELF_URL_PATH) != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) { - array_push($errors, - "Please set SELF_URL_PATH to the correct value detected for your server: <b>$ref_self_url_path</b> (you're using: <b>" . Config::get(Config::SELF_URL_PATH) . "</b>)"); - } - } - - if (!is_writable(Config::get(Config::ICONS_DIR))) { - array_push($errors, "ICONS_DIR defined in config.php is not writable (chmod -R 777 ".Config::get(Config::ICONS_DIR).").\n"); - } - - if (!is_writable(Config::get(Config::LOCK_DIRECTORY))) { - array_push($errors, "LOCK_DIRECTORY is not writable (chmod -R 777 ".Config::get(Config::LOCK_DIRECTORY).").\n"); - } - - if (!function_exists("curl_init") && !ini_get("allow_url_fopen")) { - array_push($errors, "PHP configuration option allow_url_fopen is disabled, and CURL functions are not present. Either enable allow_url_fopen or install PHP extension for CURL."); - } - - if (!function_exists("json_encode")) { - array_push($errors, "PHP support for JSON is required, but was not found."); - } - - if (!class_exists("PDO")) { - array_push($errors, "PHP support for PDO is required but was not found."); - } - - if (!function_exists("mb_strlen")) { - array_push($errors, "PHP support for mbstring functions is required but was not found."); - } - - if (!function_exists("hash")) { - array_push($errors, "PHP support for hash() function is required but was not found."); - } - - if (ini_get("safe_mode")) { - array_push($errors, "PHP safe mode setting is obsolete and not supported by tt-rss."); - } - - if (!function_exists("mime_content_type")) { - array_push($errors, "PHP function mime_content_type() is missing, try enabling fileinfo module."); - } - - if (!class_exists("DOMDocument")) { - array_push($errors, "PHP support for DOMDocument is required, but was not found."); - } - - if (Config::get(Config::DB_TYPE) == "mysql") { - $bad_tables = check_mysql_tables(); - - if (count($bad_tables) > 0) { - $bad_tables_fmt = []; - - foreach ($bad_tables as $bt) { - array_push($bad_tables_fmt, sprintf("%s (%s)", $bt['table_name'], $bt['engine'])); - } - - $msg = "<p>The following tables use an unsupported MySQL engine: <b>" . - implode(", ", $bad_tables_fmt) . "</b>.</p>"; - - $msg .= "<p>The only supported engine on MySQL is InnoDB. MyISAM lacks functionality to run - tt-rss. - Please backup your data (via OPML) and re-import the schema before continuing.</p> - <p><b>WARNING: importing the schema would mean LOSS OF ALL YOUR DATA.</b></p>"; - - - array_push($errors, $msg); - } - } - - if (count($errors) > 0 && php_sapi_name() != "cli") { ?> - <!DOCTYPE html> - <html> - <head> - <title>Startup failed</title> - <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> - <link rel="stylesheet" type="text/css" href="themes/light.css"> - </head> - <body class='sanity_failed claro ttrss_utility'> - <div class="content"> - - <h1>Startup failed</h1> - - <p>Tiny Tiny RSS was unable to start properly. This usually means a misconfiguration or an incomplete upgrade. Please fix - errors indicated by the following messages:</p> - - <?php foreach ($errors as $error) { echo format_error($error); } ?> - - <p>You might want to check tt-rss <a href="https://tt-rss.org/wiki.php">wiki</a> or the - <a href="https://community.tt-rss.org/">forums</a> for more information. Please search the forums before creating new topic - for your question.</p> - - </div> - </body> - </html> - - <?php - die; - } else if (count($errors) > 0) { - echo "Tiny Tiny RSS was unable to start properly. This usually means a misconfiguration or an incomplete upgrade.\n"; - echo "Please fix errors indicated by the following messages:\n\n"; - - foreach ($errors as $error) { - echo " * " . strip_tags($error)."\n"; - } - - echo "\nYou might want to check tt-rss wiki or the forums for more information.\n"; - echo "Please search the forums before creating new topic for your question.\n"; - - exit(-1); - } - } - - initial_sanity_check(); - -?> diff --git a/include/sessions.php b/include/sessions.php index 891a6b3fa..04c24cf72 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -9,7 +9,7 @@ $session_expire = min(2147483647 - time() - 1, max(\Config::get(\Config::SESSION_COOKIE_LIFETIME), 86400)); $session_name = \Config::get(\Config::SESSION_NAME); - if (is_server_https()) { + if (\Config::is_server_https()) { ini_set("session.cookie_secure", "true"); } |