From 82ce328866eeb1956c777f881445c06fc3218fc9 Mon Sep 17 00:00:00 2001 From: ghost Date: Wed, 13 Sep 2023 18:33:57 +0300 Subject: [PATCH] add environment whitelist, move configuration example to examples folder --- .gitignore | 1 - .../config => example/environment}/env.example.php | 0 src/config/bootstrap.php | 14 ++++++++++---- 3 files changed, 10 insertions(+), 5 deletions(-) rename {src/config => example/environment}/env.example.php (100%) diff --git a/.gitignore b/.gitignore index b75f30f..83ed2f2 100644 --- a/.gitignore +++ b/.gitignore @@ -6,7 +6,6 @@ /src/config/*.php !/src/config/bootstrap.php -!/src/config/env.example.php /src/public/api/manifest.json /src/public/api/users.json diff --git a/src/config/env.example.php b/example/environment/env.example.php similarity index 100% rename from src/config/env.example.php rename to example/environment/env.example.php diff --git a/src/config/bootstrap.php b/src/config/bootstrap.php index bc682ae..81148d9 100644 --- a/src/config/bootstrap.php +++ b/src/config/bootstrap.php @@ -9,17 +9,23 @@ if (empty($_SERVER['PHP_ENV'])) $_SERVER['PHP_ENV'] = 'default'; } +// Validate environment whitelist +if (!in_array($_SERVER['PHP_ENV'], ['default', 'mirror', 'dev', 'test', 'prod'])) +{ + exit (_('Environment not supported! Check /src/config/bootstrap.php to add exception.')); +} + // Generate configuration file if not exists -if (!file_exists(sprintf('%s/env.%s.php', __DIR__, $_SERVER['PHP_ENV']))) +if (!file_exists(__DIR__ . '/../../env.' . $_SERVER['PHP_ENV'] . '.php')) { copy( - __DIR__ . '/env.example.php', - sprintf('%s/env.%s.php', __DIR__, $_SERVER['PHP_ENV']) + __DIR__ . '/../../example/environment/env.example.php', + __DIR__ . '/env.' . $_SERVER['PHP_ENV'] . '.php' ); } // Load environment configuration -require_once sprintf('%s/env.%s.php', __DIR__, $_SERVER['PHP_ENV']); +require_once __DIR__ . '/env.' . $_SERVER['PHP_ENV'] . '.php'; // Local internal dependencies require_once __DIR__ . '/../library/database.php';