From fa72f1feb22c6a72c7b473fd4d2cbcc1e53d0415 Mon Sep 17 00:00:00 2001 From: Luciano Rossi Date: Thu, 23 Jun 2016 15:57:23 -0300 Subject: [PATCH] issue #717 Automated installation script --- lhc_web/cli/lib/install.php | 97 ++++++++++++++++++++++--------------- 1 file changed, 59 insertions(+), 38 deletions(-) diff --git a/lhc_web/cli/lib/install.php b/lhc_web/cli/lib/install.php index 19abecaa0c..88b9fd9661 100644 --- a/lhc_web/cli/lib/install.php +++ b/lhc_web/cli/lib/install.php @@ -30,42 +30,21 @@ function __destruct() } function step1() { - # Validate if owner or group is www-data. - # Validate if which one them has access 'rwx'. - $Errors = array(); - if (!is_writable("cache/cacheconfig")) - $Errors[] = "cache/cacheconfig is not writable"; - - if (!is_writable("settings/")) - $Errors[] = "settings/ is not writable"; - - if (!is_writable("cache/translations")) - $Errors[] = "cache/translations is not writable"; - - if (!is_writable("cache/userinfo")) - $Errors[] = "cache/userinfo is not writable"; - - if (!is_writable("cache/compiledtemplates")) - $Errors[] = "cache/compiledtemplates is not writable"; - - if (!is_writable("var/storage")) - $Errors[] = "var/storage is not writable"; - - if (!is_writable("var/storageform")) - $Errors[] = "var/storageform is not writable"; - - if (!is_writable("var/userphoto")) - $Errors[] = "var/userphoto is not writable"; - - if (!is_writable("var/tmpfiles")) - $Errors[] = "var/tmpfiles is not writable"; - - if (!is_writable("var/storagetheme")) - $Errors[] = "var/storagetheme is not writable"; - - if (!is_writable("var/storageadmintheme")) - $Errors[] = "var/storageadmintheme is not writable"; + $directories = $this->_scandir('cache'); + $this->file_is_writable(array('cache'),'', $Errors); + $this->file_is_writable($directories, 'cache/', $Errors); + $this->file_is_writable(array('settings'), '', $Errors); + $var_directories = array( + 'var/storage', + 'var/storageform', + 'var/storagetheme', + 'var/storageadmintheme', + 'var/tmpfiles', + 'var/userphoto', + ); + $this->file_is_writable(array('var'),'', $Errors); + $this->file_is_writable($var_directories, '', $Errors); if (!extension_loaded ('pdo_mysql' )) $Errors[] = "php-pdo extension not detected. Please install php extension"; @@ -97,9 +76,13 @@ function step2() { $Errors = array(); $database = $this->settings['db']; foreach ($database as $key => $value) { - #if (empty($database[$key])) { - # $Errors[] = "Please enter database $key"; - #} + if (!filter_var($database[$key], FILTER_UNSAFE_RAW)) { + $Errors[] = "Please enter database $key"; + } + } + if (!filter_var($database['database'], FILTER_SANITIZE_STRING)) + { + $Errors[] = 'Please enter database name'; } if (count($Errors) == 0) { @@ -1305,4 +1288,42 @@ function print_errors($errors) { } exit(-1); } + + private function file_perms($file, $octal = true) { + if(!file_exists($file)) return false; + + $perms = fileperms($file); + + $cut = $octal ? 2 : 3; + + return substr(decoct($perms), $cut); + } + private function file_is_writable($directories, $preffix = '', &$Errors) { + foreach ($directories as $directory) { + $error = false; + syslog(LOG_DEBUG, "Evaluate $directory if writable"); + $owner = fileowner($preffix.$directory); + $group = filegroup($preffix.$directory); + $permission = $this->file_perms($preffix.$directory); + if ($permission[2] == 7) { + continue; + } + if ($owner == 33 and $permission[0] != 7) { + $error = true; + } + if ($group == 33 and $permission[1] != 7) { + $error = true; + } + if ($error) { + $Errors[] = $preffix.$directory." is not writable"; + } + } + } + + private function _scandir($directory) { + $directories = scandir($directory); + $directories = array_diff($directories, ['.']); + $directories = array_diff($directories, ['..']); + return $directories; + } }