Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-04-26 22:30:18 +00:00
Code Issues Projects Releases Packages Wiki Activity

Normalize use of form security tokens in Admin modules

Browse source 
# Conflicts:
#	src/Module/Admin/Logs/Settings.php
This commit is contained in:
Hypolite Petovan 2020-09-08 10:42:25 -04:00
parent 2ce15cae1a
commit 9bc2c5a52e
12 changed files with 43 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

37
src/Module/Admin/Logs/Settings.php
View file

@ -33,25 +33,26 @@ class Settings extends BaseAdmin
{
parent::post($parameters);
if (!empty($_POST['page_logs'])) {
parent::checkFormSecurityTokenRedirectOnError('/admin/logs', 'admin_logs');
$logfile = (!empty($_POST['logfile']) ? Strings::escapeTags(trim($_POST['logfile'])) : '');
$debugging = !empty($_POST['debugging']);
$loglevel = ($_POST['loglevel'] ?? '') ?: LogLevel::ERROR;
if (is_file($logfile) &&
!is_writeable($logfile)) {
notice(DI::l10n()->t('The logfile \'%s\' is not writable. No logging possible', $logfile));
return;
}
DI::config()->set('system', 'logfile', $logfile);
DI::config()->set('system', 'debugging', $debugging);
DI::config()->set('system', 'loglevel', $loglevel);
if (empty($_POST['page_logs'])) {
return;
}
info(DI::l10n()->t("Log settings updated."));
self::checkFormSecurityTokenRedirectOnError('/admin/logs', 'admin_logs');
$logfile = (!empty($_POST['logfile']) ? Strings::escapeTags(trim($_POST['logfile'])) : '');
$debugging = !empty($_POST['debugging']);
$loglevel = ($_POST['loglevel'] ?? '') ?: LogLevel::ERROR;
if (is_file($logfile) &&
!is_writeable($logfile)) {
notice(DI::l10n()->t('The logfile \'%s\' is not writable. No logging possible', $logfile));
return;
}
DI::config()->set('system', 'logfile', $logfile);
DI::config()->set('system', 'debugging', $debugging);
DI::config()->set('system', 'loglevel', $loglevel);
DI::baseUrl()->redirect('admin/logs');
}
@ -86,7 +87,7 @@ class Settings extends BaseAdmin
'$debugging' => ['debugging', DI::l10n()->t("Enable Debugging"), DI::config()->get('system', 'debugging'), ""],
'$logfile' => ['logfile', DI::l10n()->t("Log file"), DI::config()->get('system', 'logfile'), DI::l10n()->t("Must be writable by web server. Relative to your Friendica top-level directory.")],
'$loglevel' => ['loglevel', DI::l10n()->t("Log level"), DI::config()->get('system', 'loglevel'), "", $log_choices],
'$form_security_token' => parent::getFormSecurityToken("admin_logs"),
'$form_security_token' => self::getFormSecurityToken("admin_logs"),
'$phpheader' => DI::l10n()->t("PHP logging"),
'$phphint' => DI::l10n()->t("To temporarily enable logging of PHP errors and warnings you can prepend the following to the index.php file of your installation. The filename set in the 'error_log' line is relative to the friendica top-level directory and must be writeable by the web server. The option '1' for 'log_errors' and 'display_errors' is to enable these options, set to '0' to disable them."),
'$phplogcode' => "error_reporting(E_ERROR | E_WARNING | E_PARSE);\nini_set('error_log','php.out');\nini_set('log_errors','1');\nini_set('display_errors', '1');",