From 08a6f6bde20055de5a08ea8afed5097783a5f164 Mon Sep 17 00:00:00 2001 From: wn Date: Sat, 12 Dec 2020 09:47:10 -0600 Subject: Only do sanity checks for self URL if we can create a valid URL. 'sanity_check.php' gets included in 'update.php' and 'update_daemon2.php', where a Host request header is likely not provided. --- include/sanity_check.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/sanity_check.php b/include/sanity_check.php index 86dc7a5f0..e6c0e5d4b 100755 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -21,6 +21,8 @@ } function make_self_url_path() { + if (!isset($_SERVER["HTTP_HOST"])) return false; + $proto = is_server_https() ? 'https' : 'http'; $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); @@ -115,14 +117,18 @@ } $ref_self_url_path = make_self_url_path(); - $ref_self_url_path = preg_replace("/\w+\.php$/", "", $ref_self_url_path); + + if ($ref_self_url_path) { + $ref_self_url_path = preg_replace("/\w+\.php$/", "", $ref_self_url_path); + } if (SELF_URL_PATH == "http://example.org/tt-rss/") { + $hint = $ref_self_url_path ? "(possible value: $ref_self_url_path)" : ""; array_push($errors, - "Please set SELF_URL_PATH to the correct value for your server (possible value: $ref_self_url_path)"); + "Please set SELF_URL_PATH to the correct value for your server $hint"); } - if (isset($_SERVER["HTTP_HOST"]) && + if ($ref_self_url_path && (!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) && SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) { array_push($errors, -- cgit v1.2.3-54-g00ecf From 6bdf4a1a25f1fc2e84fdc65e3e6a74578536f137 Mon Sep 17 00:00:00 2001 From: wn Date: Sat, 12 Dec 2020 09:50:43 -0600 Subject: Switch to 'get_error_types()' to ensure availability in 'include/functions.php'. The global in 'sanity_check()' was null... possibly due to circular requires? --- errors.php | 42 ++++++++++++++++++++++-------------------- include/functions.php | 4 ++-- 2 files changed, 24 insertions(+), 22 deletions(-) (limited to 'include') diff --git a/errors.php b/errors.php index deadb1e24..68164974b 100644 --- a/errors.php +++ b/errors.php @@ -4,48 +4,50 @@ require_once "functions.php"; - $ERRORS[0] = ""; + function get_error_types() { + $ERRORS[0] = ""; - $ERRORS[1] = __("This program requires XmlHttpRequest " . - "to function properly. Your browser doesn't seem to support it."); + $ERRORS[1] = __("This program requires XmlHttpRequest " . + "to function properly. Your browser doesn't seem to support it."); - $ERRORS[2] = __("This program requires cookies " . - "to function properly. Your browser doesn't seem to support them."); + $ERRORS[2] = __("This program requires cookies " . + "to function properly. Your browser doesn't seem to support them."); - $ERRORS[3] = __("Backend sanity check failed."); + $ERRORS[3] = __("Backend sanity check failed."); - $ERRORS[4] = __("Frontend sanity check failed."); + $ERRORS[4] = __("Frontend sanity check failed."); - $ERRORS[5] = __("Incorrect database schema version. <a href='db-updater.php'>Please update</a>."); + $ERRORS[5] = __("Incorrect database schema version. <a href='db-updater.php'>Please update</a>."); - $ERRORS[6] = __("Request not authorized."); + $ERRORS[6] = __("Request not authorized."); - $ERRORS[7] = __("No operation to perform."); + $ERRORS[7] = __("No operation to perform."); - $ERRORS[8] = __("Could not display feed: query failed. Please check label match syntax or local configuration."); + $ERRORS[8] = __("Could not display feed: query failed. Please check label match syntax or local configuration."); - $ERRORS[8] = __("Denied. Your access level is insufficient to access this page."); + $ERRORS[8] = __("Denied. Your access level is insufficient to access this page."); - $ERRORS[9] = __("Configuration check failed"); + $ERRORS[9] = __("Configuration check failed"); - $ERRORS[10] = __("Your version of MySQL is not currently supported. Please see official site for more information."); + $ERRORS[10] = __("Your version of MySQL is not currently supported. Please see official site for more information."); - $ERRORS[11] = "[This error is not returned by server]"; + $ERRORS[11] = "[This error is not returned by server]"; - $ERRORS[12] = __("SQL escaping test failed, check your database and PHP configuration"); + $ERRORS[12] = __("SQL escaping test failed, check your database and PHP configuration"); - $ERRORS[13] = __("Method not found"); + $ERRORS[13] = __("Method not found"); - $ERRORS[14] = __("Plugin not found"); + $ERRORS[14] = __("Plugin not found"); - $ERRORS[15] = __("Encoding data as JSON failed"); + $ERRORS[15] = __("Encoding data as JSON failed"); + } if ($_REQUEST['mode'] == 'js') { header("Content-Type: text/javascript; charset=UTF-8"); print "var ERRORS = [];\n"; - foreach ($ERRORS as $id => $error) { + foreach (get_error_types() as $id => $error) { $error = preg_replace("/\n/", "", $error); $error = preg_replace("/\"/", "\\\"", $error); diff --git a/include/functions.php b/include/functions.php index ceb7fbd9e..2f4ee8e35 100644 --- a/include/functions.php +++ b/include/functions.php @@ -327,7 +327,7 @@ function sanity_check() { require_once 'errors.php'; - global $ERRORS; + $ERRORS = get_error_types(); $error_code = 0; $schema_version = get_schema_version(true); @@ -540,7 +540,7 @@ */ function error_json($code) { require_once "errors.php"; - global $ERRORS; + $ERRORS = get_error_types(); @$message = $ERRORS[$code]; -- cgit v1.2.3-54-g00ecf From 936b91a7e656169c7cc2f4652ee4ab9114d11dbc Mon Sep 17 00:00:00 2001 From: wn Date: Sat, 12 Dec 2020 09:53:08 -0600 Subject: Don't do deprecated 'libxml_disable_entity_loader(true)' under PHP 8. https://github.com/php/php-src/blob/2d467abc46ec4ee97484d4e35909bed322600037/UPGRADING#L886 --- include/functions.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/functions.php b/include/functions.php index 2f4ee8e35..a70b4ac44 100644 --- a/include/functions.php +++ b/include/functions.php @@ -18,7 +18,10 @@ $fetch_effective_url = false; $fetch_curl_used = false; - libxml_disable_entity_loader(true); + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + libxml_disable_entity_loader(true); + } + libxml_use_internal_errors(true); // separate test because this is included before sanity checks -- cgit v1.2.3-54-g00ecf From c68f2aabc929221b6c5af5ff51d28b990f6cd0f1 Mon Sep 17 00:00:00 2001 From: wn Date: Sat, 12 Dec 2020 09:56:10 -0600 Subject: Make 'ttrss_error_handler' compatible w/ 8. https://github.com/php/php-src/blob/2d467abc46ec4ee97484d4e35909bed322600037/UPGRADING#L43 https://github.com/php/php-src/blob/2d467abc46ec4ee97484d4e35909bed322600037/UPGRADING#L63 --- include/errorhandler.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/errorhandler.php b/include/errorhandler.php index 95c9edc69..188c8c5ce 100644 --- a/include/errorhandler.php +++ b/include/errorhandler.php @@ -31,7 +31,13 @@ function format_backtrace($trace) { return $rv; } -function ttrss_error_handler($errno, $errstr, $file, $line, $context) { +function ttrss_error_handler($errno, $errstr, $file, $line) { + if (version_compare(PHP_VERSION, '8.0.0', '<')) { + if (error_reporting() == 0 || !$errno) return false; + } else { + if (!(error_reporting() & $errno)) return false; + } + if (error_reporting() == 0 || !$errno) return false; $file = substr(str_replace(dirname(dirname(__FILE__)), "", $file), 1); -- cgit v1.2.3-54-g00ecf