lindeas
/
jilo-web
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 6 Wiki Activity

Fixes config editing

main
Yasen Pramatarov 2025-04-11 18:29:47 +03:00
parent d253d87515
commit d72dd5fabc
1 changed files with 27 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
app/pages/config.php
View File

@ -18,18 +18,24 @@ $logObject = new Log($dbWeb);
$configObject = new Config(); $configObject = new Config();
// For AJAX requests // For AJAX requests
$isAjax = !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && $isAjax = !empty($_SERVER['HTTP_X_REQUESTED_WITH']) &&
strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'; strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
// Set JSON content type for AJAX requests
if ($isAjax) {
header('Content-Type: application/json');
}
// Ensure config file path is set // Ensure config file path is set
if (!isset($config_file) || empty($config_file)) { if (!isset($config_file) || empty($config_file)) {
if ($isAjax) { if ($isAjax) {
ApiResponse::error('Config file path not set'); ApiResponse::error('Config file path not set');
exit;
} else { } else {
Feedback::flash('ERROR', 'DEFAULT', 'Config file path not set'); Feedback::flash('ERROR', 'DEFAULT', 'Config file path not set');
header('Location: ' . htmlspecialchars($app_root)); header('Location: ' . htmlspecialchars($app_root));
exit;
} }
exit;
} }
// Check if file is writable // Check if file is writable
@ -37,6 +43,10 @@ $isWritable = is_writable($config_file);
$configMessage = ''; $configMessage = '';
if (!$isWritable) { if (!$isWritable) {
$configMessage = Feedback::render('ERROR', 'DEFAULT', 'Config file is not writable', false); $configMessage = Feedback::render('ERROR', 'DEFAULT', 'Config file is not writable', false);
if ($isAjax) {
ApiResponse::error('Config file is not writable', null, 403);
exit;
}
} }
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
@ -45,10 +55,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$logObject->insertLog($user_id, "Unauthorized: User \"$currentUser\" tried to edit config file. IP: $user_IP", 'system'); $logObject->insertLog($user_id, "Unauthorized: User \"$currentUser\" tried to edit config file. IP: $user_IP", 'system');
if ($isAjax) { if ($isAjax) {
ApiResponse::error('Forbidden: You do not have permission to edit the config file', null, 403); ApiResponse::error('Forbidden: You do not have permission to edit the config file', null, 403);
exit;
} else { } else {
include '../app/templates/error-unauthorized.php'; include '../app/templates/error-unauthorized.php';
exit;
} }
exit;
} }
// Apply rate limiting // Apply rate limiting
@ -65,6 +76,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($jsonData === false) { if ($jsonData === false) {
$logObject->insertLog($user_id, "Failed to read request data for config update", 'system'); $logObject->insertLog($user_id, "Failed to read request data for config update", 'system');
ApiResponse::error('Failed to read request data'); ApiResponse::error('Failed to read request data');
exit;
} }
// Try to parse JSON // Try to parse JSON
@ -72,6 +84,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (json_last_error() !== JSON_ERROR_NONE) { if (json_last_error() !== JSON_ERROR_NONE) {
$error = json_last_error_msg(); $error = json_last_error_msg();
ApiResponse::error('Invalid JSON data received: ' . $error); ApiResponse::error('Invalid JSON data received: ' . $error);
exit;
} }
// Try to update config file // Try to update config file
@ -81,18 +94,19 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
} else { } else {
ApiResponse::error($result['error']); ApiResponse::error($result['error']);
} }
} exit;
// Handle non-AJAX POST
$result = $configObject->editConfigFile($_POST, $config_file);
if ($result['success']) {
Feedback::flash('NOTICE', 'DEFAULT', 'Config file updated successfully', true);
} else { } else {
Feedback::flash('ERROR', 'DEFAULT', "Error updating config file: " . $result['error'], true); // Handle non-AJAX POST
} $result = $configObject->editConfigFile($_POST, $config_file);
if ($result['success']) {
Feedback::flash('NOTICE', 'DEFAULT', 'Config file updated successfully', true);
} else {
Feedback::flash('ERROR', 'DEFAULT', "Error updating config file: " . $result['error'], true);
}
header('Location: ' . htmlspecialchars($app_root) . '?page=config'); header('Location: ' . htmlspecialchars($app_root) . '?page=config');
exit; exit;
}
} }
// Only include template for non-AJAX requests // Only include template for non-AJAX requests