/** * Install constructor. * * @param \Twig_Environment $twig * @param array $data */ public function __construct(\Twig_Environment $twig, array $data = []) { if (!Halite::isLibsodiumSetupCorrectly()) { echo \file_get_contents(\dirname(__DIR__) . '/error_pages/old-libsodium.html'); exit(255); } $this->twig = $twig; $this->data = $data; $this->data['airship_version'] = \AIRSHIP_VERSION; $this->csrf = new CSRF(); // We do this to prevent someone from coming along and reading your // half-finished configuration settings (e.g. database passwords): if (empty($this->data['step'])) { $this->data['step'] = 1; } if (empty($this->data['token'])) { $this->data['token'] = Base64::encode(\random_bytes(33)); \setcookie('installer', $this->data['token'], \time() + 8640000, '/'); \Airship\redirect('/'); } elseif (empty($_COOKIE['installer'])) { echo 'No installer authorization token found.', "\n"; exit(255); } elseif (!\hash_equals($this->data['token'], $_COOKIE['installer'])) { // This effectively locks unauthorized users out of the system while installing echo 'Invalid installer authorization token.', "\n"; exit(255); } $dirs = ['comments', 'csp_hash', 'csp_static', 'hash', 'markdown', 'static', 'twig']; foreach ($dirs as $d) { if (!\is_dir(\dirname(__DIR__) . '/tmp/cache/' . $d)) { \mkdir(\dirname(__DIR__) . '/tmp/cache/' . $d, 0775, true); } } }