Issues (10)

lib/Configuration.php (1 issue)

Labels
Severity
1
<?php
2
/**
3
 * PrivateBin
4
 *
5
 * a zero-knowledge paste bin
6
 *
7
 * @link      https://github.com/PrivateBin/PrivateBin
8
 * @copyright 2012 S├ębastien SAUVAGE (sebsauvage.net)
9
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
10
 * @version   1.3.1
11
 */
12
13
namespace PrivateBin;
14
15
use Exception;
16
use PDO;
17
use PrivateBin\Persistence\DataStore;
18
19
/**
20
 * Configuration
21
 *
22
 * parses configuration file, ensures default values present
23
 */
24
class Configuration
25
{
26
    /**
27
     * parsed configuration
28
     *
29
     * @var array
30
     */
31
    private $_configuration;
32
33
    /**
34
     * default configuration
35
     *
36
     * @var array
37
     */
38
    private static $_defaults = array(
39
        'main' => array(
40
            'name'                     => 'PrivateBin',
41
            'discussion'               => true,
42
            'opendiscussion'           => false,
43
            'password'                 => true,
44
            'fileupload'               => false,
45
            'burnafterreadingselected' => false,
46
            'defaultformatter'         => 'plaintext',
47
            'syntaxhighlightingtheme'  => null,
48
            'sizelimit'                => 10485760,
49
            'template'                 => 'bootstrap',
50
            'notice'                   => '',
51
            'languageselection'        => false,
52
            'languagedefault'          => '',
53
            'urlshortener'             => '',
54
            'qrcode'                   => true,
55
            'icon'                     => 'identicon',
56
            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src * blob:; script-src \'self\' \'unsafe-eval\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals',
57
            'zerobincompatibility'     => false,
58
            'httpwarning'              => true,
59
            'compression'              => 'zlib',
60
        ),
61
        'expire' => array(
62
            'default' => '1week',
63
        ),
64
        'expire_options' => array(
65
            '5min'   => 300,
66
            '10min'  => 600,
67
            '1hour'  => 3600,
68
            '1day'   => 86400,
69
            '1week'  => 604800,
70
            '1month' => 2592000,
71
            '1year'  => 31536000,
72
            'never'  => 0,
73
        ),
74
        'formatter_options' => array(
75
            'plaintext'          => 'Plain Text',
76
            'syntaxhighlighting' => 'Source Code',
77
            'markdown'           => 'Markdown',
78
        ),
79
        'traffic' => array(
80
            'limit'  => 10,
81
            'header' => null,
82
            'dir'    => 'data',
83
        ),
84
        'purge' => array(
85
            'limit'     => 300,
86
            'batchsize' => 10,
87
            'dir'       => 'data',
88
        ),
89
        'model' => array(
90
            'class' => 'Filesystem',
91
        ),
92
        'model_options' => array(
93
            'dir' => 'data',
94
        ),
95
    );
96
97
    /**
98
     * parse configuration file and ensure default configuration values are present
99
     *
100
     * @throws Exception
101
     */
102 114
    public function __construct()
103
    {
104 114
        $config     = array();
105 114
        $configFile = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.php';
106 114
        $configIni  = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini';
107
108
        // rename INI files to avoid configuration leakage
109 114
        if (is_readable($configIni)) {
110 2
            DataStore::prependRename($configIni, $configFile, ';');
111
112
            // cleanup sample, too
113 2
            $configIniSample = $configIni . '.sample';
114 2
            if (is_readable($configIniSample)) {
115 2
                DataStore::prependRename($configIniSample, PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php', ';');
116
            }
117
        }
118
119 114
        if (is_readable($configFile)) {
120 112
            $config = parse_ini_file($configFile, true);
121 112
            foreach (array('main', 'model', 'model_options') as $section) {
122 112
                if (!array_key_exists($section, $config)) {
0 ignored issues
show
It seems like $config can also be of type false; however, parameter $search of array_key_exists() does only seem to accept array, maybe add an additional type check? ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

122
                if (!array_key_exists($section, /** @scrutinizer ignore-type */ $config)) {
Loading history...
123 112
                    throw new Exception(I18n::_('PrivateBin requires configuration section [%s] to be present in configuration file.', $section), 2);
124
                }
125
            }
126
        }
127
128 111
        $opts = '_options';
129 111
        foreach (self::getDefaults() as $section => $values) {
130
            // fill missing sections with default values
131 111
            if (!array_key_exists($section, $config) || count($config[$section]) == 0) {
132 6
                $this->_configuration[$section] = $values;
133 6
                if (array_key_exists('dir', $this->_configuration[$section])) {
134 6
                    $this->_configuration[$section]['dir'] = PATH . $this->_configuration[$section]['dir'];
135
                }
136 6
                continue;
137
            }
138
            // provide different defaults for database model
139
            elseif (
140 105
                $section == 'model_options' && in_array(
141 105
                    $this->_configuration['model']['class'],
142 105
                    array('Database', 'privatebin_db', 'zerobin_db')
143
                )
144
            ) {
145
                $values = array(
146 54
                    'dsn' => 'sqlite:' . PATH . 'data' . DIRECTORY_SEPARATOR . 'db.sq3',
147
                    'tbl' => null,
148
                    'usr' => null,
149
                    'pwd' => null,
150
                    'opt' => array(PDO::ATTR_PERSISTENT => true),
151
                );
152
            }
153
154
            // "*_options" sections don't require all defaults to be set
155
            if (
156 105
                $section !== 'model_options' &&
157 105
                ($from = strlen($section) - strlen($opts)) >= 0 &&
158 105
                strpos($section, $opts, $from) !== false
159
            ) {
160 105
                if (is_int(current($values))) {
161 105
                    $config[$section] = array_map('intval', $config[$section]);
162
                }
163 105
                $this->_configuration[$section] = $config[$section];
164
            }
165
            // check for missing keys and set defaults if necessary
166
            else {
167 105
                foreach ($values as $key => $val) {
168 105
                    if ($key == 'dir') {
169 105
                        $val = PATH . $val;
170
                    }
171 105
                    $result = $val;
172 105
                    if (array_key_exists($key, $config[$section])) {
173 105
                        if ($val === null) {
174 3
                            $result = $config[$section][$key];
175 105
                        } elseif (is_bool($val)) {
176 105
                            $val = strtolower($config[$section][$key]);
177 105
                            if (in_array($val, array('true', 'yes', 'on'))) {
178 1
                                $result = true;
179 105
                            } elseif (in_array($val, array('false', 'no', 'off'))) {
180 1
                                $result = false;
181
                            } else {
182 105
                                $result = (bool) $config[$section][$key];
183
                            }
184 105
                        } elseif (is_int($val)) {
185 105
                            $result = (int) $config[$section][$key];
186 105
                        } elseif (is_string($val) && !empty($config[$section][$key])) {
187 105
                            $result = (string) $config[$section][$key];
188
                        }
189
                    }
190 105
                    $this->_configuration[$section][$key] = $result;
191
                }
192
            }
193
        }
194
195
        // support for old config file format, before the fork was renamed and PSR-4 introduced
196 111
        $this->_configuration['model']['class'] = str_replace(
197 111
            'zerobin_', 'privatebin_',
198 111
            $this->_configuration['model']['class']
199
        );
200
201 111
        $this->_configuration['model']['class'] = str_replace(
202 111
            array('privatebin_data', 'privatebin_db'),
203 111
            array('Filesystem', 'Database'),
204 111
            $this->_configuration['model']['class']
205
        );
206
207
        // ensure a valid expire default key is set
208 111
        if (!array_key_exists($this->_configuration['expire']['default'], $this->_configuration['expire_options'])) {
209 1
            $this->_configuration['expire']['default'] = key($this->_configuration['expire_options']);
210
        }
211 111
    }
212
213
    /**
214
     * get configuration as array
215
     *
216
     * @return array
217
     */
218 6
    public function get()
219
    {
220 6
        return $this->_configuration;
221
    }
222
223
    /**
224
     * get default configuration as array
225
     *
226
     * @return array
227
     */
228 112
    public static function getDefaults()
229
    {
230 112
        return self::$_defaults;
231
    }
232
233
    /**
234
     * get a key from the configuration, typically the main section or all keys
235
     *
236
     * @param string $key
237
     * @param string $section defaults to main
238
     * @throws Exception
239
     * @return mixed
240
     */
241 101
    public function getKey($key, $section = 'main')
242
    {
243 101
        $options = $this->getSection($section);
244 101
        if (!array_key_exists($key, $options)) {
245 1
            throw new Exception(I18n::_('Invalid data.') . " $section / $key", 4);
246
        }
247 100
        return $this->_configuration[$section][$key];
248
    }
249
250
    /**
251
     * get a section from the configuration, must exist
252
     *
253
     * @param string $section
254
     * @throws Exception
255
     * @return mixed
256
     */
257 101
    public function getSection($section)
258
    {
259 101
        if (!array_key_exists($section, $this->_configuration)) {
260 1
            throw new Exception(I18n::_('%s requires configuration section [%s] to be present in configuration file.', I18n::_($this->getKey('name')), $section), 3);
261
        }
262 101
        return $this->_configuration[$section];
263
    }
264
}
265