mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-12-25 08:32:57 +08:00
2f67fb2196
Added optional Strict-Transport-Security in _include.php TODO: put them in ./rainloop/v/0.0.0/app/templates/Views/Admin/AdminSettingsSecurity.html
223 lines
7.7 KiB
PHP
223 lines
7.7 KiB
PHP
<?php
|
|
|
|
if (defined('APP_VERSION'))
|
|
{
|
|
if (!defined('APP_REQUEST_RND'))
|
|
{
|
|
ini_set('register_globals', 0);
|
|
ini_set('zend.ze1_compatibility_mode', 0);
|
|
|
|
define('APP_REQUEST_RND', function_exists('uuid_create') ? md5(uuid_create(UUID_TYPE_DEFAULT)) : bin2hex(random_bytes(16)));
|
|
define('APP_VERSION_ROOT_PATH', APP_INDEX_ROOT_PATH.'rainloop/v/'.APP_VERSION.'/');
|
|
|
|
define('APP_USE_APC_CACHE', true);
|
|
|
|
// "img-src https:" is allowed due to remote images in e-mails
|
|
define('APP_DEFAULT_CSP', "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https:; style-src 'self' 'unsafe-inline'");
|
|
|
|
if (function_exists('date_default_timezone_set'))
|
|
{
|
|
date_default_timezone_set('UTC');
|
|
}
|
|
|
|
$sSite = strtolower(trim(empty($_SERVER['HTTP_HOST']) ? (empty($_SERVER['SERVER_NAME']) ? '' : $_SERVER['SERVER_NAME']) : $_SERVER['HTTP_HOST']));
|
|
$sSite = 'www.' === substr($sSite, 0, 4) ? substr($sSite, 4) : $sSite;
|
|
$sSite = preg_replace('/^.+@/', '', preg_replace('/:[\d]+$/', '', $sSite));
|
|
$sSite = in_array($sSite, array('localhost', '127.0.0.1', '::1', '::1/128', '0:0:0:0:0:0:0:1')) ? 'localhost' : trim($sSite);
|
|
$sSite = 0 === strlen($sSite) ? 'localhost' : $sSite;
|
|
|
|
define('APP_SITE', $sSite);
|
|
unset($sSite);
|
|
|
|
define('APP_DEFAULT_PRIVATE_DATA_NAME', '_default_');
|
|
|
|
$sPrivateDataFolderInternalName = is_file(APP_INDEX_ROOT_PATH.'MULTIPLY') ? APP_SITE : '';
|
|
define('APP_PRIVATE_DATA_NAME', 0 === strlen($sPrivateDataFolderInternalName) ? APP_DEFAULT_PRIVATE_DATA_NAME : $sPrivateDataFolderInternalName);
|
|
define('APP_MULTIPLY', 0 < strlen($sPrivateDataFolderInternalName) && APP_DEFAULT_PRIVATE_DATA_NAME !== APP_PRIVATE_DATA_NAME);
|
|
|
|
define('APP_DUMMY', '********');
|
|
define('APP_DEV_VERSION', '0.0.0');
|
|
define('APP_REPOSITORY_PATH', 'http://repository.rainloop.net/v1/');
|
|
define('APP_REPO_CORE_FILE', 'http://repository.rainloop.net/v2/core.{{channel}}.json');
|
|
|
|
$sCustomDataPath = '';
|
|
$sCustomConfiguration = '';
|
|
|
|
if (is_file(APP_INDEX_ROOT_PATH.'include.php'))
|
|
{
|
|
include_once APP_INDEX_ROOT_PATH.'include.php';
|
|
}
|
|
|
|
$sCustomDataPath = function_exists('__get_custom_data_full_path') ? rtrim(trim(__get_custom_data_full_path()), '\\/') : $sCustomDataPath;
|
|
define('APP_DATA_FOLDER_PATH', 0 === strlen($sCustomDataPath) ? APP_INDEX_ROOT_PATH.'data/' : $sCustomDataPath.'/');
|
|
unset($sCustomDataPath);
|
|
|
|
$sCustomConfiguration = function_exists('__get_additional_configuration_name') ? trim(__get_additional_configuration_name()) : $sCustomConfiguration;
|
|
define('APP_ADDITIONAL_CONFIGURATION_NAME', $sCustomConfiguration);
|
|
unset($sCustomConfiguration);
|
|
|
|
define('APP_DATA_FOLDER_PATH_UNIX', str_replace('\\', '/', APP_DATA_FOLDER_PATH));
|
|
|
|
$sSalt = is_file(APP_DATA_FOLDER_PATH.'SALT.php') ? file_get_contents(APP_DATA_FOLDER_PATH.'SALT.php') : '';
|
|
$sData = is_file(APP_DATA_FOLDER_PATH.'DATA.php') ? file_get_contents(APP_DATA_FOLDER_PATH.'DATA.php') : '';
|
|
$sInstalled = is_file(APP_DATA_FOLDER_PATH.'INSTALLED') ? file_get_contents(APP_DATA_FOLDER_PATH.'INSTALLED') : '';
|
|
|
|
// installation checking data folder
|
|
if (APP_VERSION !== $sInstalled)
|
|
{
|
|
include APP_VERSION_ROOT_PATH.'check.php';
|
|
|
|
$sCheckName = 'delete_if_you_see_it_after_install';
|
|
$sCheckFolder = APP_DATA_FOLDER_PATH.$sCheckName;
|
|
$sCheckFilePath = APP_DATA_FOLDER_PATH.$sCheckName.'/'.$sCheckName.'.file';
|
|
|
|
is_file($sCheckFilePath) && unlink($sCheckFilePath);
|
|
is_dir($sCheckFolder) && rmdir($sCheckFolder);
|
|
|
|
if (!is_dir(APP_DATA_FOLDER_PATH))
|
|
{
|
|
mkdir(APP_DATA_FOLDER_PATH, 0755);
|
|
}
|
|
else
|
|
{
|
|
chmod(APP_DATA_FOLDER_PATH, 0755);
|
|
}
|
|
|
|
$sTest = '';
|
|
switch (true)
|
|
{
|
|
case !is_dir(APP_DATA_FOLDER_PATH):
|
|
$sTest = 'is_dir';
|
|
break;
|
|
case !is_readable(APP_DATA_FOLDER_PATH):
|
|
$sTest = 'is_readable';
|
|
break;
|
|
case !is_writable(APP_DATA_FOLDER_PATH):
|
|
$sTest = 'is_writable';
|
|
break;
|
|
case !mkdir($sCheckFolder, 0755):
|
|
$sTest = 'mkdir';
|
|
break;
|
|
case false === file_put_contents($sCheckFilePath, time()):
|
|
$sTest = 'file_put_contents';
|
|
break;
|
|
case !unlink($sCheckFilePath):
|
|
$sTest = 'unlink';
|
|
break;
|
|
case !rmdir($sCheckFolder):
|
|
$sTest = 'rmdir';
|
|
break;
|
|
}
|
|
|
|
if (!empty($sTest))
|
|
{
|
|
echo '[202] Data folder permissions error ['.$sTest.']';
|
|
exit(202);
|
|
}
|
|
|
|
unset($sCheckName, $sCheckFilePath, $sCheckFolder, $sTest);
|
|
}
|
|
|
|
if (false === $sSalt)
|
|
{
|
|
// random salt
|
|
file_put_contents(APP_DATA_FOLDER_PATH.'SALT.php', '<'.'?php //'.bin2hex(random_bytes(48)));
|
|
}
|
|
|
|
define('APP_SALT', md5($sSalt.APP_PRIVATE_DATA_NAME.$sSalt));
|
|
define('APP_PRIVATE_DATA', APP_DATA_FOLDER_PATH.'_data_'.($sData ? md5($sData) : '').'/'.APP_PRIVATE_DATA_NAME.'/');
|
|
|
|
define('APP_PLUGINS_PATH', APP_PRIVATE_DATA.'plugins/');
|
|
|
|
if (APP_VERSION !== $sInstalled || (APP_MULTIPLY && !is_dir(APP_PRIVATE_DATA)))
|
|
{
|
|
define('APP_INSTALLED_START', true);
|
|
define('APP_INSTALLED_VERSION', $sInstalled);
|
|
|
|
file_put_contents(APP_DATA_FOLDER_PATH.'INSTALLED', APP_VERSION);
|
|
file_put_contents(APP_DATA_FOLDER_PATH.'VERSION', APP_VERSION);
|
|
file_put_contents(APP_DATA_FOLDER_PATH.'index.html', 'Forbidden');
|
|
file_put_contents(APP_DATA_FOLDER_PATH.'index.php', 'Forbidden');
|
|
|
|
if (!is_file(APP_DATA_FOLDER_PATH.'.htaccess') && is_file(APP_VERSION_ROOT_PATH.'app/.htaccess'))
|
|
{
|
|
copy(APP_VERSION_ROOT_PATH.'app/.htaccess', APP_DATA_FOLDER_PATH.'.htaccess');
|
|
}
|
|
|
|
if (!is_dir(APP_PRIVATE_DATA))
|
|
{
|
|
mkdir(APP_PRIVATE_DATA, 0755, true);
|
|
}
|
|
|
|
foreach (array('logs', 'cache', 'configs', 'plugins', 'storage') as $sName)
|
|
{
|
|
if (!is_dir(APP_PRIVATE_DATA.$sName))
|
|
{
|
|
mkdir(APP_PRIVATE_DATA.$sName, 0755, true);
|
|
}
|
|
}
|
|
|
|
if (!file_exists(APP_PRIVATE_DATA.'domains/disabled'))
|
|
{
|
|
if (!is_dir(APP_PRIVATE_DATA.'domains'))
|
|
{
|
|
mkdir(APP_PRIVATE_DATA.'domains', 0755);
|
|
}
|
|
|
|
if (is_dir(APP_PRIVATE_DATA.'domains'))
|
|
{
|
|
$sFile = $sNewFile = $sNewFileName = '';
|
|
$aFiles = glob(APP_VERSION_ROOT_PATH.'app/domains/*');
|
|
|
|
if (is_array($aFiles) && 0 < \count($aFiles))
|
|
{
|
|
foreach ($aFiles as $sFile)
|
|
{
|
|
if (is_file($sFile))
|
|
{
|
|
$sNewFileName = basename($sFile);
|
|
if ('default.ini.dist' !== $sNewFileName)
|
|
{
|
|
$sNewFile = APP_PRIVATE_DATA.'domains/'.$sNewFileName;
|
|
if (!file_exists($sNewFile))
|
|
{
|
|
copy($sFile, $sNewFile);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// $sClearedSiteName = preg_replace('/^(www|demo|rainloop|webmail|email|mail|imap|imap4|smtp)\./i', '', trim(APP_SITE));
|
|
// if (!empty($sClearedSiteName) && file_exists(APP_VERSION_ROOT_PATH.'app/domains/default.ini.dist') &&
|
|
// !file_exists(APP_PRIVATE_DATA.'domains/'.$sClearedSiteName.'.ini'))
|
|
// {
|
|
// $sConfigTemplate = file_get_contents(APP_VERSION_ROOT_PATH.'app/domains/default.ini.dist');
|
|
// if (!empty($sConfigTemplate))
|
|
// {
|
|
// file_put_contents(APP_PRIVATE_DATA.'domains/'.$sClearedSiteName.'.ini', strtr($sConfigTemplate, array(
|
|
// 'IMAP_HOST' => 'localhost' !== $sClearedSiteName? 'imap.'.$sClearedSiteName : $sClearedSiteName,
|
|
// 'IMAP_PORT' => '993',
|
|
// 'SMTP_HOST' => 'localhost' !== $sClearedSiteName? 'smtp.'.$sClearedSiteName : $sClearedSiteName,
|
|
// 'SMTP_PORT' => '465'
|
|
// )));
|
|
// }
|
|
//
|
|
// unset($sConfigTemplate);
|
|
// }
|
|
|
|
unset($aFiles, $sFile, $sNewFileName, $sNewFile);
|
|
}
|
|
}
|
|
}
|
|
|
|
unset($sSalt, $sData, $sInstalled, $sPrivateDataFolderInternalName);
|
|
}
|
|
|
|
include APP_VERSION_ROOT_PATH.'app/handle.php';
|
|
|
|
if (defined('RAINLOOP_EXIT_ON_END') && RAINLOOP_EXIT_ON_END)
|
|
{
|
|
exit(0);
|
|
}
|
|
}
|