Пример #1
0
 /**
  * After loading the Security bolt in place, configure it.
  */
 public function tightenSecurityBolt()
 {
     static $tightened = false;
     if ($tightened) {
         // This was already run once.
         return;
     }
     $state = State::instance();
     $db = isset($this->db) ? $this->db : \Airship\get_database();
     $this->airship_auth = Gears::get('Authentication', $state->keyring['auth.password_key'], $db);
     $this->airship_perms = Gears::get('Permissions', $db);
 }
Пример #2
0
    $script = ROOT . '/CommandLine/continuum.php';
    /**
     * @security Make sure this is never compromised:
     */
    \shell_exec('php -dphar.readonly=0 ' . \escapeshellarg($script) . ' >/dev/null 2>&1 &');
    \file_put_contents(ROOT . '/tmp/last_update_check.txt', time());
}
/**
 * Let's load the latest gear for our autoloader
 */
define('CABIN_NAME', $active['name']);
define('CABIN_DIR', ROOT . '/Cabin/' . $active['name']);
// Turn all of this cabins' Landings and Blueprints into gears:
require ROOT . '/cabin_gears.php';
$lens->addGlobal('ACTIVE_CABIN', \CABIN_NAME);
$autoPilot = Gears::get('AutoPilot', $active, $lens, $dbPool);
if ($autoPilot instanceof AutoPilot) {
    $autoPilot->setActiveCabin($active, $state->active_cabin);
}
// Load everything else:
require ROOT . '/symlinks.php';
require ROOT . '/motifs.php';
require ROOT . '/security.php';
require ROOT . '/email.php';
$state->autoPilot = $autoPilot;
/**
 * Final step: Let's turn on the autopilot
 */
if (!empty($state->universal['debug'])) {
    try {
        \error_reporting(E_ALL);
Пример #3
0
if (\file_exists(ROOT . '/config/Cabin/' . $active['name'] . '/twig_vars.json')) {
    $_settings = \Airship\loadJSON(ROOT . '/config/Cabin/' . $active['name'] . '/twig_vars.json');
    $lens->addGlobal('SETTINGS', $_settings);
}
// Now let's load all the lens.php files, which are added by Gadgets:
foreach ($lensLoad as $incl) {
    include $incl;
}
/**
 * Let's load up the databases
 */
$dbPool = [];
require ROOT . '/database.php';
// Airship manifest:
$manifest = \Airship\loadJSON(ROOT . '/config/manifest.json');
$state->manifest = $manifest;
$htmlpurifier = new \HTMLPurifier(\HTMLPurifier_Config::createDefault());
$state->HTMLPurifier = $htmlpurifier;
/**
 * Load up all of the keys used by the application:
 */
require_once ROOT . '/keys.php';
/**
 * Set up the logger
 */
require_once ROOT . '/config/logger.php';
/**
 * Automatic security updates
 */
$hail = Gears::get('Hail', new HTTPClient($state->universal['guzzle']));
$state->hail = $hail;
Пример #4
0
 /**
  * Process account recovery
  *
  * @param array $post
  * @return bool
  */
 protected function processRecoverAccount(array $post) : bool
 {
     $username = $post['forgot_passphrase_for'];
     $airBrake = Gears::get('AirBrake');
     if (IDE_HACKS) {
         $airBrake = new AirBrake();
     }
     $failFast = $airBrake->failFast($username, $_SERVER['REMOTE_ADDR'], $airBrake::ACTION_RECOVER);
     if ($failFast) {
         $this->lens('recover_account', ['form_message' => \__('You are doing that too fast. Please wait a few seconds and try again.')]);
     } elseif (!$airBrake->getFastExit()) {
         $delay = $airBrake->getDelay($username, $_SERVER['REMOTE_ADDR'], $airBrake::ACTION_RECOVER);
         if ($delay > 0) {
             \usleep($delay * 1000);
         }
     }
     try {
         $recoverInfo = $this->acct->getRecoveryInfo($username);
     } catch (UserNotFound $ex) {
         // Username not found. Is this a harvester?
         $airBrake->registerAccountRecoveryAttempt($username, $_SERVER['REMOTE_ADDR']);
         $this->log('Password reset attempt for nonexistent user.', LogLevel::NOTICE, ['username' => $username]);
         return false;
     }
     if (!$recoverInfo['allow_reset'] || empty($recoverInfo['email'])) {
         // Opted out or no email address? Act like the user doesn't exist.
         $airBrake->registerAccountRecoveryAttempt($username, $_SERVER['REMOTE_ADDR']);
         return false;
     }
     $token = $this->acct->createRecoveryToken((int) $recoverInfo['userid']);
     if (empty($token)) {
         return false;
     }
     $state = State::instance();
     if (IDE_HACKS) {
         $state->mailer = new Sendmail();
         $state->gpgMailer = new GPGMailer($state->mailer);
     }
     $message = (new Message())->addTo($recoverInfo['email'], $username)->setSubject('Password Reset')->setFrom($state->universal['email']['from'] ?? 'no-reply@' . $_SERVER['HTTP_HOST'])->setBody($this->recoveryMessage($token));
     try {
         if (!empty($recoverInfo['gpg_public_key'])) {
             // This will be encrypted with the user's public key:
             $state->gpgMailer->send($message, $recoverInfo['gpg_public_key']);
         } else {
             // This will be sent as-is:
             $state->mailer->send($message);
         }
     } catch (InvalidArgumentException $ex) {
         return false;
     }
     return true;
 }
Пример #5
0
 /**
  * Translation (lookup table based on a key)
  * 
  * @param string $key
  * @param mixed ...$params
  * @return string
  */
 function trk(string $key, ...$params) : string
 {
     static $gear = null;
     if ($gear === null) {
         $gear = Gears::get('Translation');
     }
     if (!empty($params)) {
         \array_walk($params, '\\Airship\\LensFunctions\\get_purified');
     }
     $state = State::instance();
     return $gear->lookup($key, (string) ($state->lang ?? 'en-us'), ...$params);
 }
Пример #6
0
<?php

declare (strict_types=1);
use Airship\Engine\{Gears, Hail, Keyggdrasil, State};
/**
 * Keyggdrasil updater -- either throw this in a cronjob or let it get
 * triggered every time a page loads after enough time has elapsed
 *
 * @global State $state
 * @global Hail $hail
 */
\ignore_user_abort(true);
\set_time_limit(0);
require_once \dirname(__DIR__) . '/bootstrap.php';
if (\is_readable(ROOT . '/config/databases.json')) {
    /**
     * Initialize the channel updater service
     */
    $channels = \Airship\loadJSON(ROOT . '/config/channels.json');
    $database = \Airship\get_database();
    $state->logger->info('Keyggdrasil started');
    $keyUpdater = Gears::get('TreeUpdater', $hail, $database, $channels);
    if (IDE_HACKS) {
        $keyUpdater = new Keyggdrasil($hail, $database, $channels);
    }
    $keyUpdater->doUpdate();
    $state->logger->info('Keyggdrasil concluded');
} else {
    // We can't update keys without a place to persist the changes
}
Пример #7
0
/**
 * Is this user an administrator?
 *
 * @param int $userID
 * @return bool
 * @throws \Airship\Alerts\Database\DBException
 */
function is_admin(int $userID = 0) : bool
{
    static $perm = null;
    if ($perm === null) {
        $perm = Gears::get('Permissions', \Airship\get_database());
        if (!$perm instanceof Permissions) {
            return false;
        }
    }
    if ($userID < 1) {
        $userID = \Airship\LensFunctions\userid();
    }
    return $perm->isSuperUser($userID);
}
Пример #8
0
<?php

declare (strict_types=1);
use Airship\Engine\{Gears, Hail, State};
/**
 * @global State $state
 * @global Hail $hail
 */
// Always check for changes to channel keys before initiating update
require_once __DIR__ . '/channel.php';
/**
 * Initialize the automatic updater service
 * @var \Airship\Engine\Continuum
 */
$autoUpdater = Gears::get('AutoUpdater', $hail);
if (IDE_HACKS) {
    // Just for the sake of auto-completion:
    $autoUpdater = new \Airship\Engine\Continuum($hail);
}
$state->logger->info('Automatic update started');
try {
    $autoUpdater->doUpdateCheck();
} catch (\Throwable $ex) {
    $state->logger->critical('Tree update failed: ' . \get_class($ex), \Airship\throwableToArray($ex));
    exit(255);
}
$state->logger->info('Automatic update concluded');
\Airship\clear_cache();
exit(0);