From 2197b150122f887ff04a9f12f5f94843d4c5f846 Mon Sep 17 00:00:00 2001 From: Shish Date: Wed, 24 Jun 2020 14:53:36 +0100 Subject: [PATCH] Add core/sanitize_php.php A small number of PHP-sanity things (eg don't silently ignore errors) to be included right at the very start of index.php and tests/bootstrap.php --- core/database.php | 5 +++- core/install.php | 30 +++------------------ core/sanitize_php.php | 63 +++++++++++++++++++++++++++++++++++++++++++ core/util.php | 36 ++----------------------- index.php | 35 ++++++++---------------- tests/bootstrap.php | 3 ++- 6 files changed, 86 insertions(+), 86 deletions(-) create mode 100644 core/sanitize_php.php diff --git a/core/database.php b/core/database.php index 59afd839..bd135c2d 100644 --- a/core/database.php +++ b/core/database.php @@ -78,7 +78,10 @@ class Database } elseif ($db_proto === DatabaseDriver::SQLITE) { $this->engine = new SQLite(); } else { - die('Unknown PDO driver: '.$db_proto); + die_nicely( + 'Unknown PDO driver: '.$db_proto, + "Please check that this is a valid driver, installing the PHP modules if needed" + ); } } diff --git a/core/install.php b/core/install.php index 6b117698..d739646e 100644 --- a/core/install.php +++ b/core/install.php @@ -20,7 +20,7 @@ function install() date_default_timezone_set('UTC'); if (is_readable("data/config/shimmie.conf.php")) { - exit_with_page( + die_nicely( "Shimmie is already installed.", "data/config/shimmie.conf.php exists, how did you get here?" ); @@ -69,7 +69,7 @@ function do_install($dsn) create_tables(new Database($dsn)); write_config($dsn); } catch (InstallerException $e) { - exit_with_page($e->title, $e->body, $e->code); + die_nicely($e->title, $e->body, $e->code); } } @@ -117,7 +117,7 @@ function ask_questions() $warn_msg = $warnings ? "

Warnings

".implode("\n

", $warnings) : ""; $err_msg = $errors ? "

Errors

".implode("\n

", $errors) : ""; - exit_with_page( + die_nicely( "Install Options", <<If you aren't redirected, click here to Continue." ); @@ -324,25 +324,3 @@ function write_config($dsn) ); } } - -function exit_with_page($title, $body, $code=0) -{ - print(" - - - Shimmie Installer - - - - -

-

Shimmie Installer

-

$title

-
- $body -
-
- -"); - exit($code); -} diff --git a/core/sanitize_php.php b/core/sanitize_php.php new file mode 100644 index 00000000..259eb71d --- /dev/null +++ b/core/sanitize_php.php @@ -0,0 +1,63 @@ +=") === false) { + print " +Shimmie does not support versions of PHP lower than $min_php +(PHP reports that it is version ".phpversion()."). +If your web host is running an older version, they are dangerously out of +date and you should plan on moving elsewhere. +"; + exit; +} + +# ini_set('zend.assertions', '1'); // generate assertions +ini_set('assert.exception', '1'); // throw exceptions when failed +set_error_handler(function ($errNo, $errStr) { + // Should we turn ALL notices into errors? PHP allows a lot of + // terrible things to happen by default... + if (strpos($errStr, 'Use of undefined constant ') === 0) { + throw new Exception("PHP Error#$errNo: $errStr"); + } else { + return false; + } +}); + +ob_start(); + +if (PHP_SAPI === 'cli' || PHP_SAPI == 'phpdbg') { + if (isset($_SERVER['REMOTE_ADDR'])) { + die("CLI with remote addr? Confused, not taking the risk."); + } + $_SERVER['REMOTE_ADDR'] = "0.0.0.0"; + $_SERVER['HTTP_HOST'] = ""; +} + +function die_nicely($title, $body, $code=0) +{ + print(" + + + Shimmie + + + + +
+

Shimmie

+

$title

+
+ $body +
+
+ +"); + if ($code != 0) { + http_response_code(500); + } + exit($code); +} diff --git a/core/util.php b/core/util.php index 94a5f663..4f98114e 100644 --- a/core/util.php +++ b/core/util.php @@ -554,58 +554,26 @@ function _load_theme_files() require_all(_get_themelet_files(get_theme())); } -function _sanitise_environment(): void +function _set_up_shimmie_environment(): void { global $tracer_enabled; - $min_php = "7.3"; - if (version_compare(phpversion(), $min_php, ">=") === false) { - print " -Shimmie does not support versions of PHP lower than $min_php -(PHP reports that it is version ".phpversion()."). -If your web host is running an older version, they are dangerously out of -date and you should plan on moving elsewhere. -"; - exit; - } - if (file_exists("images") && !file_exists("data/images")) { - die("As of Shimmie 2.7 images and thumbs should be moved to data/images and data/thumbs"); + die_nicely("Upgrade error", "As of Shimmie 2.7 images and thumbs should be moved to data/images and data/thumbs"); } if (TIMEZONE) { date_default_timezone_set(TIMEZONE); } - # ini_set('zend.assertions', '1'); // generate assertions - ini_set('assert.exception', '1'); // throw exceptions when failed if (DEBUG) { error_reporting(E_ALL); } - set_error_handler(function ($errNo, $errStr) { - // Should we turn ALL notices into errors? PHP allows a lot of - // terrible things to happen by default... - if (strpos($errStr, 'Use of undefined constant ') === 0) { - throw new Exception("PHP Error#$errNo: $errStr"); - } else { - return false; - } - }); // The trace system has a certain amount of memory consumption every time it is used, // so to prevent running out of memory during complex operations code that uses it should // check if tracer output is enabled before making use of it. $tracer_enabled = constant('TRACE_FILE')!==null; - - ob_start(); - - if (PHP_SAPI === 'cli' || PHP_SAPI == 'phpdbg') { - if (isset($_SERVER['REMOTE_ADDR'])) { - die("CLI with remote addr? Confused, not taking the risk."); - } - $_SERVER['REMOTE_ADDR'] = "0.0.0.0"; - $_SERVER['HTTP_HOST'] = ""; - } } diff --git a/index.php b/index.php index 4bf1bbaf..46a60f4b 100644 --- a/index.php +++ b/index.php @@ -3,31 +3,18 @@ * Make sure that shimmie is correctly installed * \* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ +require_once "core/sanitize_php.php"; + if (!file_exists("vendor/")) { $cwd = getcwd(); - print << - - - Shimmie Error - - - - -
-

Install Error

-

Shimmie is unable to find the composer vendor directory.

-
-

To finish installing, you need to run composer install - in the shimmie directory ($cwd).

-

(If you don't have composer, get it here)

-
-
- - -EOD; - http_response_code(500); - exit; + die_nicely( + "Shimmie is unable to find the composer vendor directory.", + " +

To finish installing, you need to run composer install + in the shimmie directory ($cwd).

+

(If you don't have composer, get it here)

+ " + ); } if (!file_exists("data/config/shimmie.conf.php")) { @@ -50,7 +37,7 @@ require_once "core/polyfills.php"; require_once "core/util.php"; global $cache, $config, $database, $user, $page, $_tracer; -_sanitise_environment(); +_set_up_shimmie_environment(); $_tracer = new EventTracer(); $_tracer->begin("Bootstrap"); _load_core_files(); diff --git a/tests/bootstrap.php b/tests/bootstrap.php index 34747d01..3bb01e3c 100644 --- a/tests/bootstrap.php +++ b/tests/bootstrap.php @@ -3,6 +3,7 @@ use PHPUnit\Framework\TestCase; chdir(dirname(dirname(__FILE__))); +require_once "core/sanitize_php.php"; require_once "vendor/autoload.php"; require_once "tests/defines.php"; require_once "core/sys_config.php"; @@ -15,7 +16,7 @@ if (file_exists("tests/trace.json")) { } global $cache, $config, $database, $user, $page, $_tracer; -_sanitise_environment(); +_set_up_shimmie_environment(); $tracer_enabled = true; $_tracer = new EventTracer(); $_tracer->begin("bootstrap");