MINOR Moved SQLite3Database::safe_dir() to two new methods on SQLite3DatabaseConfigurationHelper (create_db_dir() and secure_db_dir()), more flexible and useable from the helper class in install.php context without requiring class inclusions pre-manifest build (see r101054 for installer enhancements)

This commit is contained in:
Ingo Schommer 2010-03-15 06:43:49 +00:00
parent c39c78d148
commit 4443df5171
2 changed files with 66 additions and 24 deletions

View File

@ -88,7 +88,10 @@ class SQLite3Database extends SS_Database {
$this->lives_in_memory = false;
}
self::safe_dir($parameters['path']);
if(!file_exists($parameters['path'])) {
SQLiteDatabaseConfigurationHelper::create_db_dir($parameters['path']);
SQLiteDatabaseConfigurationHelper::secure_db_dir($parameters['path']);
}
$this->dbConn = new SQLite3($file, SQLITE3_OPEN_READWRITE | SQLITE3_OPEN_CREATE, $parameters['key']);
@ -117,13 +120,6 @@ class SQLite3Database extends SS_Database {
return null;
}
public static function safe_dir($path) {
if($path == ASSETS_PATH . '/.sqlitedb/' && !file_exists($path)) {
mkdir($path);
file_put_contents($path . '.htaccess', 'deny from all');
}
}
/**
* Returns true if this database supports collations
* TODO: get rid of this?

View File

@ -28,11 +28,18 @@ class SQLiteDatabaseConfigurationHelper implements DatabaseConfigurationHelper {
* @return array Result - e.g. array('success' => true, 'error' => 'details of error')
*/
public function requireDatabaseServer($databaseConfig) {
if(is_writable($databaseConfig['path'])) {
$path = $databaseConfig['path'];
if(!$path) {
$success = false;
$error = 'No database path provided';
}
// check if parent folder is writeable
elseif(is_writable(dirname($path))) {
$success = true;
} else {
$success = false;
$error = 'Webserver can\'t write database file to ' . $databaseConfig['path'];
$error = 'Webserver can\'t write database file to path "' . $path . '"';
}
return array(
@ -43,21 +50,31 @@ class SQLiteDatabaseConfigurationHelper implements DatabaseConfigurationHelper {
/**
* Ensure a database connection is possible using credentials provided.
*
* @todo Validate path
*
* @param array $databaseConfig Associative array of db configuration, e.g. "type", "path" etc
* @return array Result - e.g. array('success' => true, 'error' => 'details of error')
*/
public function requireDatabaseConnection($databaseConfig) {
$success = false;
$error = '';
SQLite3Database::safe_dir($databaseConfig['path']);
$file = $databaseConfig['path'] . '/' . $databaseConfig['database'];
$path = $databaseConfig['path'];
if($path && $databaseConfig['database']) {
// create and secure db directory
if(!file_exists($path)) {
self::create_db_dir($path);
}
self::secure_db_dir($path);
$file = $path . '/' . $databaseConfig['database'];
$file = preg_replace('/\/$/', '', $file);
if($databaseConfig['type'] == 'SQLitePDODatabase' || version_compare(phpversion(), '5.3.0', '<')) {
$conn = @(new PDO("sqlite:$file"));
} else {
$conn = @(new SQLite3($file, SQLITE3_OPEN_READWRITE | SQLITE3_OPEN_CREATE, $parameters['key']));
$conn = @(new SQLite3($file, SQLITE3_OPEN_READWRITE | SQLITE3_OPEN_CREATE));
}
if($conn) {
@ -66,6 +83,10 @@ class SQLiteDatabaseConfigurationHelper implements DatabaseConfigurationHelper {
$success = false;
$error = '';
}
} else {
$success = false;
}
return array(
'success' => $success,
@ -106,4 +127,29 @@ class SQLiteDatabaseConfigurationHelper implements DatabaseConfigurationHelper {
);
}
/**
* Creates the provided directory and prepares it for
* storing SQLlite. Use {@link secure_db_dir()} to
* secure it against unauthorized access.
*
* @param String $path Absolute path, usually with a hidden folder.
* @return boolean
*/
public static function create_db_dir($path) {
return (!file_exists($path)) ? mkdir($path) : true;
}
/**
* Secure the provided directory via web-access
* by placing a .htaccess file in it.
* This is just required if the database directory
* is placed within a publically accessible webroot (the
* default path is in a hidden folder within assets/).
*
* @param String $path Absolute path, containing a SQLite datatbase
* @return boolean
*/
public static function secure_db_dir($path) {
file_put_contents($path . '/.htaccess', 'deny from all');
}
}