refactoring as recommended by Scrutinizer

This commit is contained in:
El RIDO 2017-10-08 19:16:09 +02:00
parent 81ac232710
commit a5d5f6066a
No known key found for this signature in database
GPG key ID: 0F5C940A6BD81F92
4 changed files with 31 additions and 46 deletions

View file

@ -12,6 +12,7 @@
namespace PrivateBin; namespace PrivateBin;
use PrivateBin\Persistence\DataStore;
use Exception; use Exception;
use PDO; use PDO;
@ -22,13 +23,6 @@ use PDO;
*/ */
class Configuration class Configuration
{ {
/**
* First line in INI file, to hide contents
*
* @const string
*/
const PROTECTION_LINE = ';<?php http_response_code(403); /*';
/** /**
* parsed configuration * parsed configuration
* *
@ -112,27 +106,12 @@ class Configuration
// rename INI files to avoid configuration leakage // rename INI files to avoid configuration leakage
if (is_readable($configIni)) { if (is_readable($configIni)) {
$context = stream_context_create(); DataStore::prependRename($configIni, $configFile, ';');
// don't overwrite already converted file
if (!is_file($configFile)) {
$iniHandle = fopen($configIni, 'r', false, $context);
file_put_contents($configFile, self::PROTECTION_LINE . PHP_EOL);
file_put_contents($configFile, $iniHandle, FILE_APPEND);
fclose($iniHandle);
}
unlink($configIni);
// cleanup sample, too // cleanup sample, too
$configSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php'; $configIniSample = $configIni . '.sample';
$configIniSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample';
if (is_readable($configIniSample)) { if (is_readable($configIniSample)) {
if (!is_readable($configSample)) { DataStore::prependRename($configIniSample, PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php', ';');
$iniSampleHandle = fopen($configIniSample, 'r', false, $context);
file_put_contents($configSample, self::PROTECTION_LINE . PHP_EOL);
file_put_contents($configSample, $iniSampleHandle, FILE_APPEND);
fclose($iniSampleHandle);
}
unlink($configIniSample);
} }
} }

View file

@ -135,31 +135,16 @@ class Filesystem extends AbstractData
$pastePath = $basePath . '.php'; $pastePath = $basePath . '.php';
// convert to PHP protected files if needed // convert to PHP protected files if needed
if (is_readable($basePath)) { if (is_readable($basePath)) {
$context = stream_context_create(); DataStore::prependRename($basePath, $pastePath);
// don't overwrite already converted file
if (!is_file($pastePath)) {
$handle = fopen($basePath, 'r', false, $context);
file_put_contents($pastePath, DataStore::PROTECTION_LINE . PHP_EOL);
file_put_contents($pastePath, $handle, FILE_APPEND);
fclose($handle);
}
unlink($basePath);
// convert comments, too // convert comments, too
$discdir = self::_dataid2discussionpath($pasteid); $discdir = self::_dataid2discussionpath($pasteid);
if (is_dir($discdir)) { if (is_dir($discdir)) {
$dir = dir($discdir); $dir = dir($discdir);
while (false !== ($filename = $dir->read())) { while (false !== ($filename = $dir->read())) {
if (substr($filename, -4) !== '.php' && strlen($filename) >= 16) { if (substr($filename, -4) !== '.php' && strlen($filename) >= 16) {
$commentFilename = $discdir . $filename . '.php'; $commentFilename = $discdir . $filename . '.php';
// don't overwrite already converted file DataStore::prependRename($discdir . $filename, $commentFilename);
if (!is_file($commentFilename)) {
$handle = fopen($discdir . $filename, 'r', false, $context);
file_put_contents($commentFilename, DataStore::PROTECTION_LINE . PHP_EOL);
file_put_contents($commentFilename, $handle, FILE_APPEND);
fclose($handle);
}
unlink($discdir . $filename);
} }
} }
$dir->close(); $dir->close();

View file

@ -23,7 +23,7 @@ use PrivateBin\Json;
class DataStore extends AbstractPersistence class DataStore extends AbstractPersistence
{ {
/** /**
* First line in JSON files, to hide contents * first line in file, to protect its contents
* *
* @const string * @const string
*/ */
@ -58,10 +58,32 @@ class DataStore extends AbstractPersistence
* @access public * @access public
* @static * @static
* @param string $filename * @param string $filename
* @return array $data * @return stdClass|false $data
*/ */
public static function get($filename) public static function get($filename)
{ {
return json_decode(substr(file_get_contents($filename), strlen(self::PROTECTION_LINE . PHP_EOL))); return json_decode(substr(file_get_contents($filename), strlen(self::PROTECTION_LINE . PHP_EOL)));
} }
/**
* rename a file, prepending the protection line at the beginning
*
* @access public
* @static
* @param string $srcFile
* @param string $destFile
* @param string $prefix (optional)
* @return void
*/
public static function prependRename($srcFile, $destFile, $prefix = '')
{
// don't overwrite already converted file
if (!is_readable($destFile)) {
$handle = fopen($srcFile, 'r', false, stream_context_create());
file_put_contents($destFile, $prefix . DataStore::PROTECTION_LINE . PHP_EOL);
file_put_contents($destFile, $handle, FILE_APPEND);
fclose($handle);
}
unlink($srcFile);
}
} }

View file

@ -39,7 +39,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$options['purge']['dir'] = $this->_path; $options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path; $options['traffic']['dir'] = $this->_path;
$options['model_options']['dir'] = $this->_path; $options['model_options']['dir'] = $this->_path;
Helper::confBackup();
Helper::createIniFile(CONF, $options); Helper::createIniFile(CONF, $options);
ServerSalt::setPath($this->_path); ServerSalt::setPath($this->_path);
} }