diff --git a/cfg/conf.ini.sample b/cfg/conf.ini.sample index d457b89..4771d13 100644 --- a/cfg/conf.ini.sample +++ b/cfg/conf.ini.sample @@ -3,9 +3,6 @@ ; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration. [main] -; (optional) set a project name to be displayed on the website -; name = "PrivateBin" - ; enable or disable the discussion feature, defaults to true discussion = true @@ -21,10 +18,6 @@ fileupload = false ; preselect the burn-after-reading feature, defaults to false burnafterreadingselected = false -; delete a burn after reading paste immediatly after it is first accessed from -; the server and do not wait for a successful decryption -instantburnafterreading = false - ; which display mode to preselect by default, defaults to "plaintext" ; make sure the value exists in [formatter_options] defaultformatter = "plaintext" @@ -32,10 +25,10 @@ defaultformatter = "plaintext" ; (optional) set a syntax highlighting theme, as found in css/prettify/ ; syntaxhighlightingtheme = "sons-of-obsidian" -; size limit per paste or comment in bytes, defaults to 2 Mebibytes +; size limit per paste or comment in bytes, defaults to 2 Mibibytes sizelimit = 2097152 -; template to include, default is "bootstrap" (tpl/bootstrap.php) +; template to include, default is "bootstrap" (tpl/bootstrap.html) template = "bootstrap" ; (optional) notice to display @@ -67,14 +60,17 @@ languageselection = false ; custom scripts from third-party domains to your templates, e.g. tracking ; scripts or run your site behind certain DDoS-protection services. ; Check the documentation at https://content-security-policy.com/ -; Note: If you use a bootstrap theme, you can remove the allow-popups from the sandbox restrictions. -; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups" +; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self' data:; referrer no-referrer;" ; stay compatible with PrivateBin Alpha 0.19, less secure ; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of ; sha256 in HMAC for the deletion token zerobincompatibility = false +; allows you to specify the name of the web server you are using to use ParseBin. +; If you use nginx or other webserver, delete semicolon +; webserver = "nginx" + [expire] ; expire value that is selected per default ; make sure the value exists in [expire_options] diff --git a/lib/Configuration.php b/lib/Configuration.php index b6b9f6f..7e34f80 100644 --- a/lib/Configuration.php +++ b/lib/Configuration.php @@ -36,13 +36,11 @@ class Configuration */ private static $_defaults = array( 'main' => array( - 'name' => 'PrivateBin', 'discussion' => true, 'opendiscussion' => false, 'password' => true, 'fileupload' => false, 'burnafterreadingselected' => false, - 'instantburnafterreading' => false, 'defaultformatter' => 'plaintext', 'syntaxhighlightingtheme' => null, 'sizelimit' => 2097152, @@ -52,8 +50,9 @@ class Configuration 'languagedefault' => '', 'urlshortener' => '', 'icon' => 'identicon', - 'cspheader' => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups', + 'cspheader' => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; referrer no-referrer;', 'zerobincompatibility' => false, + 'webserver' => 'apache', ), 'expire' => array( 'default' => '1week', @@ -241,7 +240,7 @@ class Configuration public function getSection($section) { if (!array_key_exists($section, $this->_configuration)) { - throw new Exception(I18n::_('%s requires configuration section [%s] to be present in configuration file.', I18n::_($this->getKey('name')), $section), 3); + throw new Exception(I18n::_('PrivateBin requires configuration section [%s] to be present in configuration file.', $section), 3); } return $this->_configuration[$section]; } diff --git a/lib/Persistence/AbstractPersistence.php b/lib/Persistence/AbstractPersistence.php index 64fb530..0492040 100644 --- a/lib/Persistence/AbstractPersistence.php +++ b/lib/Persistence/AbstractPersistence.php @@ -36,6 +36,7 @@ abstract class AbstractPersistence * @access public * @static * @param string $path + * @return void */ public static function setPath($path) { @@ -79,26 +80,32 @@ abstract class AbstractPersistence * @access protected * @static * @throws Exception + * @return void */ protected static function _initialize() { // Create storage directory if it does not exist. if (!is_dir(self::$_path)) { - if (!@mkdir(self::$_path, 0700)) { + if (!@mkdir(self::$_path)) { throw new Exception('unable to create directory ' . self::$_path, 10); } } - $file = self::$_path . DIRECTORY_SEPARATOR . '.htaccess'; - if (!is_file($file)) { - $writtenBytes = @file_put_contents( - $file, - 'Require all denied' . PHP_EOL, - LOCK_EX - ); - if ($writtenBytes === false || $writtenBytes < 19) { - throw new Exception('unable to write to file ' . $file, 11); - } - } + + if (property_exists($data->meta, 'webserver') && $data->meta->webserver && $this->_conf->getKey('webserver') == "Apache") { + // Create .htaccess file if it does not exist. + $file = self::$_path . DIRECTORY_SEPARATOR . '.htaccess'; + if (!is_file($file)) { + $writtenBytes = @file_put_contents( + $file, + 'Allow from none' . PHP_EOL . + 'Deny from all' . PHP_EOL, + LOCK_EX + ); + if ($writtenBytes === false || $writtenBytes < 30) { + throw new Exception('unable to write to file ' . $file, 11); + } + } + } } /**