diff --git a/.htaccess b/.htaccess index 4c9a599e0236361dd4347ba56480e877fd194c9d..a2cbcaf46312ba5aaf0ab7088c989ddde93be9ac 100644 --- a/.htaccess +++ b/.htaccess @@ -1,6 +1,8 @@ Options -Indexes -RewriteEngine On -RewriteRule ^(app|bin|bootstrap|resources|storage|vendor|logs)(/.*|)$ - [NC,F] -RewriteCond %{REQUEST_FILENAME} !-f -RewriteCond %{REQUEST_FILENAME} !-d -RewriteRule ^(.*)$ index.php [QSA,L] \ No newline at end of file + + RewriteEngine On + RewriteRule ^(app|bin|bootstrap|resources|storage|vendor|logs)(/.*|)$ - [NC,F] + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteRule ^(.*)$ index.php [QSA,L] + \ No newline at end of file diff --git a/app/Controllers/DashboardController.php b/app/Controllers/DashboardController.php index 661cc40744bf9a0ff09f8f95d670deb0df9a235b..8c621a0f361faa022b571c53f097d265eae4bbb7 100644 --- a/app/Controllers/DashboardController.php +++ b/app/Controllers/DashboardController.php @@ -128,6 +128,11 @@ class DashboardController extends Controller public function applyTheme(Request $request, Response $response): Response { + if (!is_writable('static/bootstrap/css/bootstrap.min.css')) { + Session::alert(lang('cannot_write_file'), 'danger'); + return redirect($response, route('system')); + } + file_put_contents('static/bootstrap/css/bootstrap.min.css', file_get_contents($request->getParam('css'))); return redirect($response, 'system') ->withAddedHeader('Cache-Control', 'no-cache, no-store, must-revalidate') diff --git a/install/index.php b/install/index.php index 00e6368692e2a76e1ae6d7f765659ec0578dd2dd..425bf08a4137b4b9a4bf50239a26255f50679f84 100644 --- a/install/index.php +++ b/install/index.php @@ -131,8 +131,16 @@ $app->post('/', function (Request $request, Response $response) use (&$config) { $config['db']['username'] = $request->getParam('db_user'); $config['db']['password'] = $request->getParam('db_password'); + if (!is_writable($config['storage_dir'])) { + Session::alert('The storage folder is not writable (' . $config['storage_dir'] . ')', 'danger'); + return redirect($response, '.'); + } - file_put_contents(__DIR__ . '/../config.php', 'post('/', function (Request $request, Response $response) use (&$config) { migrate($config); } catch (PDOException $exception) { - + Session::alert("Cannot connect to the database: {$exception->getMessage()} [{$exception->getCode()}]", 'danger'); + return redirect($response, '.'); } if (!$installed) { diff --git a/install/templates/install.twig b/install/templates/install.twig index 2f23916a558a69eaad5f8d92f2f77038b169eeb6..a7916755309dc882b8718a2ff998ac4e118963b2 100644 --- a/install/templates/install.twig +++ b/install/templates/install.twig @@ -19,6 +19,14 @@
+ {% for type, message in alerts %} + + {% endfor %}
diff --git a/resources/lang/en.lang.php b/resources/lang/en.lang.php index b49fc1c6dbad2d68b4e6b90ec00a7c88e7f0fbaa..13b5d45c9dd09e11a2254cad65961f48cedea948 100644 --- a/resources/lang/en.lang.php +++ b/resources/lang/en.lang.php @@ -84,4 +84,5 @@ return [ 'user_deleted' => 'User deleted.', 'cannot_delete' => 'You cannot delete yourself.', 'cannot_demote' => 'You cannot demote yourself.', + 'cannot_write_file' => 'The destination path is not writable.', ]; \ No newline at end of file diff --git a/resources/lang/it.lang.php b/resources/lang/it.lang.php index 91c1ce0112e2f0e47e4280bd461e11f22c52422e..9a0a0ef1cd2d45368663bbf4be8b2659f4e817c7 100644 --- a/resources/lang/it.lang.php +++ b/resources/lang/it.lang.php @@ -84,4 +84,5 @@ return [ 'user_deleted' => 'Utente rimosso.', 'cannot_delete' => 'Non puoi eliminare te stesso.', 'cannot_demote' => 'Non puoi degradare te stesso. ', + 'cannot_write_file' => 'Il percorso di destinazione non รจ scrivibile.', ]; \ No newline at end of file