diff --git a/README.md b/README.md index fc962cc..9c62eca 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Niver is a set of 3 network services: ## Status -I plan to create and maintain a public stable instance of Niver, but I haven't done so yet. Thus Niver is not yet tested with real world and long-term usages, and **should be considered alpha software**. +I plan to create and maintain a public stable instance of Niver, but I haven't done so yet. Thus Niver is not yet tested with real world and long-term usages, and is **alpha software**. ## Detailed features diff --git a/fn/auth.php b/fn/auth.php index a414eb0..f4c5c4c 100644 --- a/fn/auth.php +++ b/fn/auth.php @@ -9,18 +9,18 @@ const PLACEHOLDER_PASSWORD = '•••••••••••••••• // Password storage security const ALGO_PASSWORD = PASSWORD_ARGON2ID; const OPTIONS_PASSWORD = [ - "memory_cost" => 65536, - "time_cost" => 4, - "threads" => 64, + 'memory_cost' => 65536, + 'time_cost' => 4, + 'threads' => 64, ]; function checkPasswordFormat($password) { - if (preg_match("/" . PASSWORD_REGEX . "/u", $password) !== 1) + if (preg_match('/' . PASSWORD_REGEX . '/u', $password) !== 1) output(403, 'Password malformed.'); } function checkUsernameFormat($username) { - if (preg_match("/" . USERNAME_REGEX . "/u", $username) !== 1) + if (preg_match('/' . USERNAME_REGEX . '/u', $username) !== 1) output(403, 'Username malformed.'); } @@ -43,7 +43,7 @@ function outdatedPasswordHash($username) { function changePassword($username, $password) { $db = new PDO('sqlite:' . DB_PATH); - $stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username"); + $stmt = $db->prepare('UPDATE users SET password = :password WHERE username = :username'); $stmt->bindValue(':username', $username); $stmt->bindValue(':password', hashPassword($password)); @@ -75,7 +75,7 @@ function rateLimitAccount($requestedTokens) { // Update $db = new PDO('sqlite:' . DB_PATH); - $stmt = $db->prepare("UPDATE users SET bucket_tokens = :bucket_tokens, bucket_last_update = :bucket_last_update WHERE username = :username"); + $stmt = $db->prepare('UPDATE users SET bucket_tokens = :bucket_tokens, bucket_last_update = :bucket_last_update WHERE username = :username'); $stmt->bindValue(':username', $_SESSION['username']); $stmt->bindValue(':bucket_tokens', $tokens); $stmt->bindValue(':bucket_last_update', time()); diff --git a/fn/common.php b/fn/common.php index c97808e..300dffb 100644 --- a/fn/common.php +++ b/fn/common.php @@ -6,13 +6,13 @@ function output($code, $msg = '', $logs = ['']) { global $final_message; $shortCode = $code / 100 % 10; $final_message = match ($shortCode) { - 2 => ($msg === '') ? '' : "
\n", - 4 => "\n", - 5 => "\n", + 2 => ($msg === '') ? '' : '' . LF, + 4 => '' . LF, + 5 => '' . LF, }; http_response_code($code); if ($shortCode === 5) - error_log("Niver internal error: " . strip_tags($msg) . implode("\n", $logs)); + error_log('Niver internal error: ' . strip_tags($msg) . implode(LF, $logs)); if ($code !== 200) executePage(); } @@ -39,14 +39,14 @@ function insert($table, $values) { $query .= "$key, "; } - $query .= ") VALUES("; + $query .= ') VALUES('; foreach ($values as $key => $val) { if ($key === array_key_last($values)) $query .= ":$key"; else $query .= ":$key, "; } - $query .= ")"; + $query .= ')'; $db = new PDO('sqlite:' . DB_PATH); @@ -65,7 +65,7 @@ function query($action, $table, $conditions = [], $column = NULL) { 'delete' => 'DELETE', }; - $query .= " FROM $table"; + $query .= ' FROM ' . $table; foreach ($conditions as $key => $val) { if ($key === array_key_first($conditions)) diff --git a/fn/dns.php b/fn/dns.php index 1d58f3d..d32cca4 100644 --- a/fn/dns.php +++ b/fn/dns.php @@ -1,21 +1,21 @@ knotc failed with exit code ' . $code['begin'] . ': ' . $output['begin'][0] . '.'); foreach ($cmds as $cmd) { - exec(CONF['dns']['knotc_path'] . " conf-" . $cmd, $output['op'], $code['op']); + exec(CONF['dns']['knotc_path'] . ' conf-' . $cmd, $output['op'], $code['op']); if ($code['op'] !== 0) { - exec(CONF['dns']['knotc_path'] . " conf-abort"); + exec(CONF['dns']['knotc_path'] . ' conf-abort'); output(500, 'knotcConfExec:knotc
failed with exit code ' . $code['op'] . ': ' . $output['op'][0] . '.');
}
}
- exec(CONF['dns']['knotc_path'] . " conf-commit", $output['commit'], $code['commit']);
+ exec(CONF['dns']['knotc_path'] . ' conf-commit', $output['commit'], $code['commit']);
if ($code['commit'] !== 0) {
- exec(CONF['dns']['knotc_path'] . " conf-abort");
+ exec(CONF['dns']['knotc_path'] . ' conf-abort');
output(500, 'knotcConfExec: knotc
failed with exit code ' . $code['commit'] . ': ' . $output['commit'][0] . '.');
}
}
@@ -23,34 +23,34 @@ function knotcConfExec($cmds) {
function knotcZoneExec($zone, $cmd) {
$action = checkAction($_POST['action']);
- exec(CONF['dns']['knotc_path'] . " zone-begin " . $zone, $output['begin'], $code['begin']);
+ exec(CONF['dns']['knotc_path'] . ' zone-begin ' . $zone, $output['begin'], $code['begin']);
if ($code['begin'] !== 0)
output(500, 'knotcZoneExec: knotc
failed with exit code ' . $code['begin'] . ': ' . $output['begin'][0] . '.');
- exec(CONF['dns']['knotc_path'] . " zone-" . $action . "set " . $zone . " " . implode(" ", $cmd), $output['op'], $code['op']);
+ exec(CONF['dns']['knotc_path'] . ' zone-' . $action . 'set ' . $zone . ' ' . implode(' ', $cmd), $output['op'], $code['op']);
if ($code['op'] !== 0) {
- exec(CONF['dns']['knotc_path'] . " zone-abort " . $zone);
+ exec(CONF['dns']['knotc_path'] . ' zone-abort ' . $zone);
output(500, 'knotcZoneExec: knotc
failed with exit code ' . $code['op'] . ': ' . $output['op'][0] . '.');
}
- exec(CONF['dns']['knotc_path'] . " zone-commit " . $zone, $output['commit'], $code['commit']);
+ exec(CONF['dns']['knotc_path'] . ' zone-commit ' . $zone, $output['commit'], $code['commit']);
if ($code['commit'] !== 0) {
- exec(CONF['dns']['knotc_path'] . " zone-abort " . $zone);
+ exec(CONF['dns']['knotc_path'] . ' zone-abort ' . $zone);
output(500, 'knotcZoneExec: knotc
failed with exit code ' . $code['commit'] . ': ' . $output['commit'][0] . '.');
}
}
function checkIpFormat($ip) {
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
- return "A";
+ return 'A';
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
- return "AAAA";
+ return 'AAAA';
output(403, 'IP address malformed.');
}
function checkAbsoluteDomainFormat($domain) {
// If the domain must end with a dot
- if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){2,127}$/", $domain))
+ if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match('/^([a-z0-9_-]{1,63}\.){2,127}$/', $domain))
output(403, 'Domain malformed.');
}
diff --git a/fn/ht.php b/fn/ht.php
index 42b99d1..56d8767 100644
--- a/fn/ht.php
+++ b/fn/ht.php
@@ -2,7 +2,7 @@
function checkDomainFormat($domain) {
// If the domain must end without a dot
- if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/", $domain))
+ if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match('/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/', $domain))
output(403, 'Domain malformed.');
}
@@ -13,7 +13,7 @@ function formatDomain($domain) {
}
function listFsDirs($username) {
- $absoluteDirs = glob(CONF['ht']['ht_path'] . "/" . $username . "/*/", GLOB_ONLYDIR);
+ $absoluteDirs = glob(CONF['ht']['ht_path'] . '/' . $username . '/*/', GLOB_ONLYDIR);
$dirs = [];
foreach ($absoluteDirs as $absoluteDir)
if (preg_match('/^[\p{L}\p{N}_-]{1,64}$/u', basename($absoluteDir)))
@@ -28,7 +28,7 @@ function addSite($username, $siteDir, $domain, $domainType, $protocol) {
'domain' => $domain,
'domain_type' => $domainType,
'protocol' => $protocol,
- 'creation_date' => date("Y-m-d H:i:s"),
+ 'creation_date' => date('Y-m-d H:i:s'),
]);
}
@@ -52,7 +52,7 @@ function htDeleteSite($dir, $domainType, $protocol) {
output(500, 'Failed to delete Tor configuration.');
// Reload Tor
- exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
+ exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['systemctl_path'] . ' reload ' . CONF['ht']['tor_service'], $output, $code);
if ($code !== 0)
output(500, 'Failed to reload Tor.');
@@ -79,7 +79,7 @@ function htDeleteSite($dir, $domainType, $protocol) {
if ($domainType === 'dns') {
// Delete Let's Encrypt certificate
- exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " delete --quiet --cert-name " . $domain, $output, $code);
+ exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['certbot_path'] . ' delete --quiet --cert-name ' . $domain, $output, $code);
if ($code !== 0)
output(500, 'Certbot failed to delete the Let\'s Encrypt certificate.');
}
diff --git a/fn/ns.php b/fn/ns.php
index 2463bdd..af8a667 100644
--- a/fn/ns.php
+++ b/fn/ns.php
@@ -64,7 +64,7 @@ function nsDeleteZone($zone) {
output(500, 'Failed to remove Knot zone file.');
// Remove Knot related data
- exec(CONF['dns']['knotc_path'] . " zone-purge " . $zone);
+ exec(CONF['dns']['knotc_path'] . ' zone-purge ' . $zone);
// Remove from database
query('delete', 'zones', [
diff --git a/fn/reg.php b/fn/reg.php
index 53359a3..4c9f05d 100644
--- a/fn/reg.php
+++ b/fn/reg.php
@@ -14,7 +14,7 @@ function regDeleteDomain($domain) {
$regFile = file_get_contents(CONF['reg']['registry_file']);
if ($regFile === false)
output(500, 'Failed to read current registry File.');
- $regFile = preg_replace("#[^\n]{0,1024}" . $domain . " {0,1024}[^\n]{0,1024}\n#", "", $regFile);
+ $regFile = preg_replace('/[^\n]{0,1024}' . $domain . ' {0,1024}[^\n]{0,1024}\n/', '', $regFile);
if (file_put_contents(CONF['reg']['registry_file'], $regFile) === false)
output(500, 'Failed to write new registry file.');
diff --git a/pages/auth/register.php b/pages/auth/register.php
index 751842b..69cbba3 100644
--- a/pages/auth/register.php
+++ b/pages/auth/register.php
@@ -13,7 +13,7 @@ if (processForm(false)) {
insert('users', [
'username' => $_POST['username'],
'password' => hashPassword($_POST['password']),
- 'registration_date' => date("Y-m-d H:i:s"),
+ 'registration_date' => date('Y-m-d H:i:s'),
'bucket_tokens' => 0,
'bucket_last_update' => 0,
'type' => 'testing',
@@ -21,18 +21,18 @@ if (processForm(false)) {
// Setup SFTP directory
umask(0002);
- if (mkdir(CONF['ht']['ht_path'] . "/" . $_POST['username'], 0775) !== true)
+ if (mkdir(CONF['ht']['ht_path'] . '/' . $_POST['username'], 0775) !== true)
output(500, 'Can\'t create user directory.');
- exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['chgrp_path'] . " " . CONF['ht']['sftpgo_group'] . " " . CONF['ht']['ht_path'] . "/" . $_POST['username'] . " --no-dereference", result_code: $code);
+ exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['chgrp_path'] . ' ' . CONF['ht']['sftpgo_group'] . ' ' . CONF['ht']['ht_path'] . '/' . $_POST['username'] . ' --no-dereference', result_code: $code);
if ($code !== 0)
output(500, 'Can\'t change user directory group.');
// Setup Tor config directory
- if (mkdir(CONF['ht']['tor_config_path'] . "/" . $_POST['username'], 0755) !== true)
+ if (mkdir(CONF['ht']['tor_config_path'] . '/' . $_POST['username'], 0755) !== true)
output(500, 'Can\'t create Tor config directory.');
// Setup Tor keys directory
- exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['mkdir_path'] . " --mode=0700 " . CONF['ht']['tor_keys_path'] . "/" . $_POST['username'], result_code: $code);
+ exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['mkdir_path'] . ' --mode=0700 ' . CONF['ht']['tor_keys_path'] . '/' . $_POST['username'], result_code: $code);
if ($code !== 0)
output(500, 'Can\'t create Tor keys directory.');
diff --git a/pages/auth/unregister.php b/pages/auth/unregister.php
index bcf9e3b..3122319 100644
--- a/pages/auth/unregister.php
+++ b/pages/auth/unregister.php
@@ -24,7 +24,7 @@ if (processForm()) {
], 'site_dir') as $dir)
htDeleteSite($dir, domainType: 'dns', protocol: 'http');
- exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code);
+ exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['rm_path'] . ' --recursive ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'], result_code: $code);
if ($code !== 0)
output(500, 'Can\'t remove Tor keys directory.');
@@ -36,7 +36,7 @@ if (processForm()) {
query('delete', 'users', ['username' => $_SESSION['username']]);
- require "logout.php";
+ require 'logout.php';
output(200, 'Compte supprimé.');
}
diff --git a/pages/ht/add-http-dns.php b/pages/ht/add-http-dns.php
index 3a20fe6..f39fc42 100644
--- a/pages/ht/add-http-dns.php
+++ b/pages/ht/add-http-dns.php
@@ -1,7 +1,7 @@
&1 ' . CONF['ht']['sudo_path'] . ' ' . CONF['ht']['certbot_path'] . ' certonly' . (($_SESSION['type'] === 'trusted') ? '' : ' --test-cert') . ' --key-type rsa --rsa-key-size 3072 --webroot --webroot-path /srv/niver/acme --domain ' . $_POST['domain'], $output, $returnCode);
if ($returnCode !== 0)
@@ -54,11 +54,11 @@ if (processForm()) {
include inc/ht-tls.conf;
}
';
- if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
+ if (file_put_contents(CONF['ht']['nginx_config_path'] . '/' . $_POST['domain'] . '.conf', $nginxConf) === false)
output(500, 'Failed to write Nginx configuration.');
// Reload Nginx
- exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
+ exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['systemctl_path'] . ' reload nginx', result_code: $code);
if ($code !== 0)
output(500, 'Failed to reload Nginx.');
@@ -99,10 +99,8 @@ $proof = getAuthToken();
Ce compte n\'héberge aucun site sur cette instance.
' . "\n"; + echo '
Ce compte n\'héberge aucun site sur cette instance.
' . LF; else { - echo '
flag
.');
- if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
+ if (!(preg_match('/^[a-z]{1,127}$/', $_POST['tag'])))
output(403, 'Wrong value for tag
.');
- if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
+ if (!(preg_match('/^[a-z0-9.-]{1,255}$/', $_POST['value'])))
output(403, 'Wrong value for value
.');
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
- "CAA",
+ 'CAA',
$_POST['flag'],
$_POST['tag'],
$_POST['value']
@@ -32,7 +32,7 @@ if (processForm()) {