Fixes config editing
parent
d253d87515
commit
d72dd5fabc
|
|
@ -21,22 +21,32 @@ $configObject = new Config();
|
|||
$isAjax = !empty($_SERVER['HTTP_X_REQUESTED_WITH']) &&
|
||||
strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
|
||||
|
||||
// Set JSON content type for AJAX requests
|
||||
if ($isAjax) {
|
||||
header('Content-Type: application/json');
|
||||
}
|
||||
|
||||
// Ensure config file path is set
|
||||
if (!isset($config_file) || empty($config_file)) {
|
||||
if ($isAjax) {
|
||||
ApiResponse::error('Config file path not set');
|
||||
exit;
|
||||
} else {
|
||||
Feedback::flash('ERROR', 'DEFAULT', 'Config file path not set');
|
||||
header('Location: ' . htmlspecialchars($app_root));
|
||||
}
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
// Check if file is writable
|
||||
$isWritable = is_writable($config_file);
|
||||
$configMessage = '';
|
||||
if (!$isWritable) {
|
||||
$configMessage = Feedback::render('ERROR', 'DEFAULT', 'Config file is not writable', false);
|
||||
if ($isAjax) {
|
||||
ApiResponse::error('Config file is not writable', null, 403);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
|
|
@ -45,11 +55,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
$logObject->insertLog($user_id, "Unauthorized: User \"$currentUser\" tried to edit config file. IP: $user_IP", 'system');
|
||||
if ($isAjax) {
|
||||
ApiResponse::error('Forbidden: You do not have permission to edit the config file', null, 403);
|
||||
exit;
|
||||
} else {
|
||||
include '../app/templates/error-unauthorized.php';
|
||||
}
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
// Apply rate limiting
|
||||
require '../app/includes/rate_limit_middleware.php';
|
||||
|
|
@ -65,6 +76,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
if ($jsonData === false) {
|
||||
$logObject->insertLog($user_id, "Failed to read request data for config update", 'system');
|
||||
ApiResponse::error('Failed to read request data');
|
||||
exit;
|
||||
}
|
||||
|
||||
// Try to parse JSON
|
||||
|
|
@ -72,6 +84,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
if (json_last_error() !== JSON_ERROR_NONE) {
|
||||
$error = json_last_error_msg();
|
||||
ApiResponse::error('Invalid JSON data received: ' . $error);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Try to update config file
|
||||
|
|
@ -81,8 +94,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
} else {
|
||||
ApiResponse::error($result['error']);
|
||||
}
|
||||
}
|
||||
|
||||
exit;
|
||||
} else {
|
||||
// Handle non-AJAX POST
|
||||
$result = $configObject->editConfigFile($_POST, $config_file);
|
||||
if ($result['success']) {
|
||||
|
|
@ -94,6 +107,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
header('Location: ' . htmlspecialchars($app_root) . '?page=config');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
// Only include template for non-AJAX requests
|
||||
if (!$isAjax) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue