mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-01-05 06:01:52 +00:00
[2.0.1] Improve directory permissions checks. UNTESTED!!!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1205 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
dc0fb7d2b4
commit
401612dc3a
1
NEWS
1
NEWS
@ -17,6 +17,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
|||||||
(mostly harmless, except for the fact that it would be a little slower)
|
(mostly harmless, except for the fact that it would be a little slower)
|
||||||
- Configuration objects with different serials do not clobber each
|
- Configuration objects with different serials do not clobber each
|
||||||
others when revision numbers are unequal
|
others when revision numbers are unequal
|
||||||
|
- Improve Serializer DefinitionCache directory permissions checks
|
||||||
. Rewire some test-cases to swallow errors rather than expect them
|
. Rewire some test-cases to swallow errors rather than expect them
|
||||||
. HTMLDefinition printer updated with some of the new attributes
|
. HTMLDefinition printer updated with some of the new attributes
|
||||||
. DefinitionCache keys reordered to reflect precedence: version number,
|
. DefinitionCache keys reordered to reflect precedence: version number,
|
||||||
|
@ -21,14 +21,14 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
if (!$this->checkDefType($def)) return;
|
if (!$this->checkDefType($def)) return;
|
||||||
$file = $this->generateFilePath($config);
|
$file = $this->generateFilePath($config);
|
||||||
if (file_exists($file)) return false;
|
if (file_exists($file)) return false;
|
||||||
$this->_prepareDir($config);
|
if (!$this->_prepareDir($config)) return false;
|
||||||
return $this->_write($file, serialize($def));
|
return $this->_write($file, serialize($def));
|
||||||
}
|
}
|
||||||
|
|
||||||
function set($def, $config) {
|
function set($def, $config) {
|
||||||
if (!$this->checkDefType($def)) return;
|
if (!$this->checkDefType($def)) return;
|
||||||
$file = $this->generateFilePath($config);
|
$file = $this->generateFilePath($config);
|
||||||
$this->_prepareDir($config);
|
if (!$this->_prepareDir($config)) return false;
|
||||||
return $this->_write($file, serialize($def));
|
return $this->_write($file, serialize($def));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -36,7 +36,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
if (!$this->checkDefType($def)) return;
|
if (!$this->checkDefType($def)) return;
|
||||||
$file = $this->generateFilePath($config);
|
$file = $this->generateFilePath($config);
|
||||||
if (!file_exists($file)) return false;
|
if (!file_exists($file)) return false;
|
||||||
$this->_prepareDir($config);
|
if (!$this->_prepareDir($config)) return false;
|
||||||
return $this->_write($file, serialize($def));
|
return $this->_write($file, serialize($def));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -53,6 +53,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
}
|
}
|
||||||
|
|
||||||
function flush($config) {
|
function flush($config) {
|
||||||
|
if (!$this->_prepareDir($config)) return false;
|
||||||
$dir = $this->generateDirectoryPath($config);
|
$dir = $this->generateDirectoryPath($config);
|
||||||
$dh = opendir($dir);
|
$dh = opendir($dir);
|
||||||
while (false !== ($filename = readdir($dh))) {
|
while (false !== ($filename = readdir($dh))) {
|
||||||
@ -63,7 +64,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
}
|
}
|
||||||
|
|
||||||
function cleanup($config) {
|
function cleanup($config) {
|
||||||
$this->_prepareDir($config);
|
if (!$this->_prepareDir($config)) return false;
|
||||||
$dir = $this->generateDirectoryPath($config);
|
$dir = $this->generateDirectoryPath($config);
|
||||||
$dh = opendir($dir);
|
$dh = opendir($dir);
|
||||||
while (false !== ($filename = readdir($dh))) {
|
while (false !== ($filename = readdir($dh))) {
|
||||||
@ -125,12 +126,64 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Prepares the directory that this type stores the serials in
|
* Prepares the directory that this type stores the serials in
|
||||||
|
* @return True if successful
|
||||||
*/
|
*/
|
||||||
function _prepareDir($config) {
|
function _prepareDir($config) {
|
||||||
$directory = $this->generateDirectoryPath($config);
|
$directory = $this->generateDirectoryPath($config);
|
||||||
if (!is_dir($directory)) {
|
if (!is_dir($directory)) {
|
||||||
|
$base = $this->generateBaseDirectoryPath($config);
|
||||||
|
if (!is_dir($base)) {
|
||||||
|
trigger_error('Base directory '.$base.' does not exist,
|
||||||
|
please create or change using %Cache.SerializerPath',
|
||||||
|
E_USER_ERROR);
|
||||||
|
return false;
|
||||||
|
} elseif (!$this->_testPermissions($base)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
mkdir($directory);
|
mkdir($directory);
|
||||||
|
} elseif (!$this->_testPermissions($directory)) {
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tests permissions on a directory and throws out friendly
|
||||||
|
* error messages and attempts to chmod it itself if possible
|
||||||
|
*/
|
||||||
|
function _testPermissions($dir) {
|
||||||
|
// early abort, if it is writable, everything is hunky-dory
|
||||||
|
if (is_writable($dir)) return true;
|
||||||
|
if (!is_dir($dir)) {
|
||||||
|
// generally, you'll want to handle this beforehand
|
||||||
|
// so a more specific error message can be given
|
||||||
|
trigger_error('Directory '.$dir.' does not exist',
|
||||||
|
E_USER_ERROR);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (function_exists('posix_getuid')) {
|
||||||
|
// POSIX system, we can give more specific advice
|
||||||
|
if (fileowner($dir) === posix_getuid()) {
|
||||||
|
// we can chmod it ourselves
|
||||||
|
chmod($dir, 0755);
|
||||||
|
return true;
|
||||||
|
} elseif (filegroup($dir) === posix_getgid()) {
|
||||||
|
$chmod = '775';
|
||||||
|
} else {
|
||||||
|
// PHP's probably running as nobody, so we'll
|
||||||
|
// need to give global permissions
|
||||||
|
$chmod = '777';
|
||||||
|
}
|
||||||
|
trigger_error('Directory '.$dir.' not writable, '.
|
||||||
|
'please chmod to ' . $chmod,
|
||||||
|
E_USER_ERROR);
|
||||||
|
} else {
|
||||||
|
// generic error message
|
||||||
|
trigger_error('Directory '.$dir.' not writable, '.
|
||||||
|
'please alter file permissions',
|
||||||
|
E_USER_ERROR);
|
||||||
|
}
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user