[irc/unrealircd/unrealircd-webpanel.git] / inc / common.php

<?php
if (version_compare(PHP_VERSION, '8.0.0', '<'))
	die("This webserver is using PHP version ".PHP_VERSION." but we require at least PHP 8.0.0.<br>".
	    "If you already installed PHP8 but are still seeing this error, then it means ".
	    "apache/nginx/.. is loading an older PHP version. Eg. on Debian/Ubuntu you need ".
	    "<code>apt-get install libapache2-mod-php8.2</code> (or a similar version) and ".
	    "<code>apt-get remove libapache2-mod-php7.4</code> (or a similar version). ".
	    "You may also need to choose again the PHP module to load in apache via <code>a2enmod php8.2</code>");

define('UPATH', dirname(__DIR__));

function get_config($setting)
{
	GLOBAL $config;

	$item = $config;
	foreach(explode("::", $setting) as $x)
	{
		if (isset($item[$x]))
			$item = $item[$x];
		else
			return NULL;
	}
	return $item;
}

function page_requires_no_config()
{
	if (str_ends_with($_SERVER['SCRIPT_FILENAME'],"install.php") ||
	    str_ends_with($_SERVER['SCRIPT_FILENAME'],"installation.php"))
	{
		return TRUE;
	}
	return FALSE;
}

function page_requires_no_login()
{
	if (str_ends_with($_SERVER['SCRIPT_FILENAME'],"login/index.php") ||
	    page_requires_no_config())
	{
		return TRUE;
	}
	return FALSE;
}

function read_config_file()
{
	GLOBAL $config;
	GLOBAL $config_transition_unreal_server;

	$config = Array();
	if (!file_exists(UPATH."/config/config.php") && file_exists(UPATH."/config.php"))
	{
		require_once UPATH . "/config.php";
		require_once UPATH . "/config/compat.php";
	}
	if ((@include(UPATH . "/config/config.php")) !== 1)
		return false;
	if (isset($config['unrealircd']))
		$config_transition_unreal_server = true;
	/* Upgrade needed? */
	$plugins_modified = false;
	foreach ($config["plugins"] as $k=>$v)
	{
		if ($v == "sql_auth")
		{
			$config["plugins"][$k] = "sql_db";
			$plugins_modified = true;
		} else
		if ($v == "file_auth")
		{
			$config["plugins"][$k] = "file_db";
			$plugins_modified = true;
		}
	}
	if ($plugins_modified)
		write_config_file();

	return true;
}

function read_config_db()
{
	GLOBAL $config;

	if (page_requires_no_config())
		return;

	$merge = DbSettings::get();
	/* DB settings overwrite config.php keys: */
	$config = array_merge($config, $merge);
}

function config_is_file_item($name)
{
	if (($name == "plugins") ||
	    ($name == "mysql") ||
	    ($name == "base_url") ||
	    ($name == "secrets"))
	{
		return true;
	}
	return false;
}

function write_config_file()
{
	GLOBAL $config;

	$file_settings = [];
	foreach($config as $k=>$v)
	{
		if (config_is_file_item($k))
			$file_settings[$k] = $v;
	}

	$cfg_filename = UPATH.'/config/config.php';
	$tmpfile = UPATH.'/config/config.tmp.'.bin2hex(random_bytes(8)).'.php';
	$fd = fopen($tmpfile, "w");
	if (!$fd)
		die("Could not write to temporary config file $tmpfile.<br>We need write permissions on the config/ directory!<br>");

	$str = var_export($file_settings, true);
	if ($str === null)
		die("Error while running write_config_file() -- weird!");
	if (!fwrite($fd, "<?php\n".
		    "/* This config file is written automatically by the UnrealIRCd webpanel.\n".
		    " * You are not really supposed to edit it manually.\n".
		    " */\n".
		    '$config = '.$str.";\n"))
	{
		die("Error writing to config file $tmpfile (on fwrite).<br>");
	}
	if (!fclose($fd))
		die("Error writing to config file $tmpfile (on close).<br>");
	/* Now atomically rename the file */
	if (!rename($tmpfile, $cfg_filename))
		die("Could not write (rename) to file ".$cfg_filename."<br>");
	if (function_exists('opcache_invalidate'))
		opcache_invalidate($cfg_filename);

	/* Do not re-read config, as it would reinitialize config
	 * without having the DB settings read. (And it also
	 * serves no purpose)
	 */
	return true;
}

// XXX: handle unsetting of config items :D - explicit unset function ?

function write_config($setting = null)
{
	GLOBAL $config;

	/* Specific request? Easy, write only this setting to the DB (never used for file) */
	if ($setting !== null)
	{
		return DbSettings::set($setting, $config[$setting]);
	}

	/* Otherwise write the whole config.
	 * TODO: avoid writing settings file if unneeded,
	 *       as it is more noisy than db settings.
	 */
	$db_settings = [];

	foreach($config as $k=>$v)
	{
		if (!config_is_file_item($k))
			$db_settings[$k] = $v;
	}

	if (!write_config_file())
		return false;

	foreach($db_settings as $k=>$v)
	{
		$ret = DbSettings::set($k, $v);
		if (!$ret)
			return $ret;
	}

	return true;
}

function get_version()
{
	$fd = @fopen(UPATH."/.git/FETCH_HEAD", "r");
	if ($fd === false)
		return "unknown";
	$line = fgets($fd, 512);
	fclose($fd);
	$commit = substr($line, 0, 8);
	return $commit; /* short git commit id */
}

function generate_secrets()
{
	GLOBAL $config;

	if (!isset($config['secrets']))
		$config['secrets'] = Array();

	if (!isset($config['secrets']['pepper']))
		$config['secrets']['pepper'] = rtrim(base64_encode(random_bytes(16)),'=');

	if (!isset($config['secrets']['key']))
		$config['secrets']['key'] = rtrim(base64_encode(sodium_crypto_aead_xchacha20poly1305_ietf_keygen()),'=');
}

function get_active_rpc_server()
{
	$servers = get_config("unrealircd");
	if (empty($servers))
		return;
	// TODO: make user able to override this - either in user or in session

	foreach ($servers as $displayname=>$e)
	{
		if (isset($e["default"]) && $e["default"])
			return $displayname;
	}
	return null;
}

/* Set a new default RPC server */
function set_default_rpc_server($name)
{
	GLOBAL $config;

	/* Mark all other servers as non-default */
	foreach ($config["unrealircd"] as $n=>$e)
		if ($n != $name)
			$config["unrealircd"][$n]["default"] = false;
	$config["unrealircd"][$name]["default"] = true;
}

/* Ensure at least 1 server is default */
function set_at_least_one_default_rpc_server()
{
	GLOBAL $config;

	$has_default_rpc_server = false;
	foreach ($config["unrealircd"] as $name=>$e)
		if ($e["default"])
			$has_default_rpc_server = true;
	if (!$has_default_rpc_server)
	{
		/* Make first server in the list the default */
		foreach ($config["unrealircd"] as $name=>$e)
		{
			$config["unrealircd"][$name]["default"] = true;
			break;
		}
	}
}

function secret_encrypt(string $text)
{
	GLOBAL $config;

	$key = base64_decode($config['secrets']['key']);
	$nonce = \random_bytes(\SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES);
	$encrypted_text = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($text, '', $nonce, $key);
	return "secret:".rtrim(base64_encode($nonce),'=').':'.rtrim(base64_encode($encrypted_text),'='); // secret:base64(NONCE):base64(ENCRYPTEDTEXT)
}

function secret_decrypt(string $crypted)
{
	GLOBAL $config;

	$key = base64_decode($config['secrets']['key']);
	$d = explode(":", $crypted);
	if (count($d) != 3)
		return null;
	$nonce = base64_decode($d[1]);
	$ciphertext = base64_decode($d[2]);

	$ret = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, '', $nonce, $key);
	if ($ret === false)
		return null;
	return $ret;
}

function upgrade_check()
{
	GLOBAL $config_transition_unreal_server;
	GLOBAL $config;

	/* Moving of a config.php item to DB: */
	if ($config_transition_unreal_server)
		write_config();

	/* Our own stuff may need upgrading.. */
	/* - generating secrets */
	if (!isset($config['secrets']))
	{
		generate_secrets();
		write_config_file();
	}
	/* - encrypting rpc_password */
	if (isset($config['unrealircd']) &&
	    isset($config['unrealircd']['rpc_password']) &&
	    !str_starts_with($config['unrealircd']['rpc_password'], "secret:"))
	{
		$ret = secret_encrypt($config['unrealircd']['rpc_password']);
		if ($ret !== false)
		{
			$config['unrealircd']['rpc_password'] = $ret;
			write_config('unrealircd');
		}
	}
	/* $config["unrealircd"] should be an array now.. */
	if (isset($config['unrealircd']) && isset($config['unrealircd']['rpc_password']))
	{
		$config["unrealircd"]["default"] = true;
		$config['unrealircd'] = [
			"Primary" => $config['unrealircd']];
		write_config("unrealircd");
	}

	$version = get_version();
	if (!isset($config['webpanel_version']))
		$config['webpanel_version'] = '';
	if ($version != $config['webpanel_version'])
	{
		$versioninfo = [
			"old_version" => $config['webpanel_version'],
			"new_version" => $version
			];
		/* And inform the hook (eg the database backends) */
		Hook::run(HOOKTYPE_UPGRADE, $versioninfo);
		/* And set the new version now that the upgrade is "done" */
		$config['webpanel_version'] = $version;
		write_config("webpanel_version");
	}
}

function panel_start_session($user = false)
{
	if (!isset($_SESSION))
	{
		session_set_cookie_params(86400); // can't set this to session_timeout due to catch-22
		session_start();
	}

	if ($user === false)
	{
		$user = unreal_get_current_user();
		if ($user === false)
			return false;
	}

	$timeout = 3600;
	if (isset($user->user_meta['session_timeout']))
		$timeout = (INT)$user->user_meta['session_timeout'];

	if (!isset($_SESSION['session_timeout']))
		$_SESSION['session_timeout'] = $timeout;

	$_SESSION['last-activity'] = time();
	return true;
}

/* Now read the config, and redirect to install screen if we don't have it */
$config_transition_unreal_server = false;
if (!read_config_file())
{
	if (page_requires_no_config())
	{
		/* Allow empty conf */
	} else
	if (!file_exists(UPATH."/config/config.php") && !file_exists(UPATH."/config.php"))
	{
		header("Location: settings/install.php");
		die();
	}
}

require_once UPATH . "/Classes/class-hook.php";
if (!is_dir(UPATH . "/vendor"))
	die("The vendor/ directory is missing. Most likely the admin forgot to run 'composer install'\n");
require_once UPATH . '/vendor/autoload.php';
require_once UPATH . "/Classes/class-cmodes.php";
require_once UPATH . "/inc/defines.php";
require_once UPATH . "/misc/strings.php";
require_once UPATH . "/misc/channel-lookup-misc.php";
require_once UPATH . "/misc/user-lookup-misc.php";
require_once UPATH . "/misc/server-lookup-misc.php";
require_once UPATH . "/misc/ip-whois-misc.php";
require_once UPATH . "/Classes/class-log.php";
require_once UPATH . "/Classes/class-message.php";
require_once UPATH . "/Classes/class-rpc.php";
require_once UPATH . "/Classes/class-paneluser.php";
require_once UPATH . "/plugins.php";

/* Do various checks and reading, except during setup step 1. */
if (!page_requires_no_config())
{
	/* Now that plugins are loaded, read config from DB */
	read_config_db();

	/* Check if anything needs upgrading (eg on panel version change) */
	upgrade_check();

	/* And a check... */
	if (!get_config("base_url"))
		die("The base_url was not found in your config. Setup went wrong?");
}

$pages = [
	"Overview"     => ["url"=>""],
	"Users"        => ["url"=>"users"],
	"Channels"     => ["url"=>"channels"],
	"Servers"      => ["url"=>"servers"],
	"Server Bans"  => [
		"Server Bans" => ["url" => "server-bans"],
		"Name Bans" => ["url" => "server-bans/name-bans.php"],
		"Ban Exceptions" => ["url" => "server-bans/ban-exceptions.php"],
	],
	"Spamfilter"   => ["url" => "spamfilter.php"],
	"Tools" => [
		"IP WHOIS" => ["url" => "tools/ip-whois.php"],
	],
	"Settings" => [
		"Plugins" => ["url" => "settings/plugins.php"],
		"RPC Servers" => ["url" => "settings/rpc-servers.php"],
	],
	
	"News" => ["url" => "news.php"],
];

if (!panel_start_session())
{
	if (!page_requires_no_login())
	{
		if (!is_auth_provided())
			die("No authentication plugin loaded. You must load either sql_db, file_db, or a similar auth plugin!");
		$current_page = $_SERVER['REQUEST_URI'];
		header("Location: ".get_config("base_url")."login/?redirect=".urlencode($current_page));
		die;
	}
} else {
	$pages["Settings"]["Accounts"] = ["url" => "settings"];
	if (current_user_can(PERMISSION_MANAGE_USERS))
		$pages["Settings"]["Role Editor"] = ["url"=>"settings/user-role-edit.php"];
	$user = unreal_get_current_user();
	if ($user)
	{
		/* Add logout page, if logged in */
		$pages["Logout"] = ["url"=>"login/?logout=true"];
	}
}

Hook::run(HOOKTYPE_NAVBAR, $pages);

/* Example to add new menu item:
 * 
 * class MyPlugin
 * {
 * 
 *	  function __construct()
 *	  {
 *		  Hook::func(HOOKTYPE_NAVBAR, [$this, 'add_menu'])
 *	  }
 * 
 *	  function add_menu(&$pages) // this should pass by reference (using the & prefix)
 *	  {
 *		  $page_name = "My New Page";
 *		  $page_link = "link/to/page.php";
 *		  $pages[$page_name] = $page_link;
 *	  }
 * }
*/
Commit	Line	Data
e98b5a51	1	<?php
81fe28b9	2	if (version_compare(PHP_VERSION, '8.0.0', '<'))
fcd08f14	3	die("This webserver is using PHP version ".PHP_VERSION." but we require at least PHP 8.0.0.<br>".
81fe28b9 BM	4	"If you already installed PHP8 but are still seeing this error, then it means ".
	5	"apache/nginx/.. is loading an older PHP version. Eg. on Debian/Ubuntu you need ".
	6	"<code>apt-get install libapache2-mod-php8.2</code> (or a similar version) and ".
	7	"<code>apt-get remove libapache2-mod-php7.4</code> (or a similar version). ".
	8	"You may also need to choose again the PHP module to load in apache via <code>a2enmod php8.2</code>");
	9
91f0829e	10	define('UPATH', dirname(__DIR__));
ea90b321 BM	11
	12	function get_config($setting)
	13	{
	14	GLOBAL $config;
	15
	16	$item = $config;
	17	foreach(explode("::", $setting) as $x)
	18	{
	19	if (isset($item[$x]))
	20	$item = $item[$x];
	21	else
	22	return NULL;
	23	}
	24	return $item;
	25	}
	26
36470548 BM	27	function page_requires_no_config()
	28	{
	29	if (str_ends_with($_SERVER['SCRIPT_FILENAME'],"install.php") \|\|
2dbe2544	30	str_ends_with($_SERVER['SCRIPT_FILENAME'],"installation.php"))
36470548 BM	31	{
	32	return TRUE;
	33	}
	34	return FALSE;
	35	}
	36
cd1dee97 BM	37	function page_requires_no_login()
	38	{
	39	if (str_ends_with($_SERVER['SCRIPT_FILENAME'],"login/index.php") \|\|
	40	page_requires_no_config())
	41	{
	42	return TRUE;
	43	}
	44	return FALSE;
	45	}
	46
65fcaafb	47	function read_config_file()
b41fa16f BM	48	{
b41fa16f BM	49	GLOBAL $config;
f1027274	50	GLOBAL $config_transition_unreal_server;
b41fa16f	51
b41fa16f	52	$config = Array();
b41fa16f BM	53	if (!file_exists(UPATH."/config/config.php") && file_exists(UPATH."/config.php"))
	54	{
	55	require_once UPATH . "/config.php";
	56	require_once UPATH . "/config/compat.php";
	57	}
cd1dee97	58	if ((@include(UPATH . "/config/config.php")) !== 1)
e1461204	59	return false;
f1027274 BM	60	if (isset($config['unrealircd']))
f1027274 BM	61	$config_transition_unreal_server = true;
ce25dde2 BM	62	/* Upgrade needed? */
	63	$plugins_modified = false;
	64	foreach ($config["plugins"] as $k=>$v)
	65	{
	66	if ($v == "sql_auth")
	67	{
	68	$config["plugins"][$k] = "sql_db";
	69	$plugins_modified = true;
	70	} else
	71	if ($v == "file_auth")
	72	{
	73	$config["plugins"][$k] = "file_db";
	74	$plugins_modified = true;
	75	}
	76	}
	77	if ($plugins_modified)
	78	write_config_file();
	79
e1461204	80	return true;
b41fa16f	81	}
ea90b321	82
65fcaafb BM	83	function read_config_db()
	84	{
	85	GLOBAL $config;
	86
5107db2f BM	87	if (page_requires_no_config())
	88	return;
	89
65fcaafb BM	90	$merge = DbSettings::get();
	91	/* DB settings overwrite config.php keys: */
	92	$config = array_merge($config, $merge);
	93	}
	94
b41fa16f	95	function config_is_file_item($name)
ea90b321	96	{
f1027274	97	if (($name == "plugins") \|\|
65fcaafb	98	($name == "mysql") \|\|
6b08fcb9 BM	99	($name == "base_url") \|\|
6b08fcb9 BM	100	($name == "secrets"))
b41fa16f BM	101	{
	102	return true;
	103	}
	104	return false;
	105	}
	106
	107	function write_config_file()
fc51fb47	108	{
b41fa16f BM	109	GLOBAL $config;
	110
	111	$file_settings = [];
	112	foreach($config as $k=>$v)
	113	{
	114	if (config_is_file_item($k))
	115	$file_settings[$k] = $v;
	116	}
	117
	118	$cfg_filename = UPATH.'/config/config.php';
	119	$tmpfile = UPATH.'/config/config.tmp.'.bin2hex(random_bytes(8)).'.php';
	120	$fd = fopen($tmpfile, "w");
	121	if (!$fd)
	122	die("Could not write to temporary config file $tmpfile.<br>We need write permissions on the config/ directory!<br>");
	123
	124	$str = var_export($file_settings, true);
	125	if ($str === null)
	126	die("Error while running write_config_file() -- weird!");
	127	if (!fwrite($fd, "<?php\n".
	128	"/* This config file is written automatically by the UnrealIRCd webpanel.\n".
	129	" * You are not really supposed to edit it manually.\n".
	130	" */\n".
	131	'$config = '.$str.";\n"))
	132	{
	133	die("Error writing to config file $tmpfile (on fwrite).<br>");
	134	}
	135	if (!fclose($fd))
	136	die("Error writing to config file $tmpfile (on close).<br>");
	137	/* Now atomically rename the file */
	138	if (!rename($tmpfile, $cfg_filename))
	139	die("Could not write (rename) to file ".$cfg_filename."<br>");
9f303b7c BM	140	if (function_exists('opcache_invalidate'))
9f303b7c BM	141	opcache_invalidate($cfg_filename);
b41fa16f BM	142
	143	/* Do not re-read config, as it would reinitialize config
	144	* without having the DB settings read. (And it also
	145	* serves no purpose)
	146	*/
65fcaafb	147	return true;
b41fa16f BM	148	}
	149
	150	// XXX: handle unsetting of config items :D - explicit unset function ?
	151
	152	function write_config($setting = null)
2dbe2544	153	{
b41fa16f BM	154	GLOBAL $config;
	155
	156	/* Specific request? Easy, write only this setting to the DB (never used for file) */
	157	if ($setting !== null)
	158	{
e1461204	159	return DbSettings::set($setting, $config[$setting]);
b41fa16f BM	160	}
	161
	162	/* Otherwise write the whole config.
	163	* TODO: avoid writing settings file if unneeded,
	164	* as it is more noisy than db settings.
	165	*/
	166	$db_settings = [];
	167
	168	foreach($config as $k=>$v)
	169	{
	170	if (!config_is_file_item($k))
	171	$db_settings[$k] = $v;
	172	}
	173
	174	if (!write_config_file())
	175	return false;
	176
	177	foreach($db_settings as $k=>$v)
	178	{
	179	$ret = DbSettings::set($k, $v);
	180	if (!$ret)
	181	return $ret;
	182	}
	183
	184	return true;
	185	}
	186
e1461204 BM	187	function get_version()
	188	{
	189	$fd = @fopen(UPATH."/.git/FETCH_HEAD", "r");
	190	if ($fd === false)
	191	return "unknown";
	192	$line = fgets($fd, 512);
	193	fclose($fd);
	194	$commit = substr($line, 0, 8);
	195	return $commit; /* short git commit id */
	196	}
	197
6b08fcb9 BM	198	function generate_secrets()
	199	{
	200	GLOBAL $config;
	201
	202	if (!isset($config['secrets']))
	203	$config['secrets'] = Array();
	204
	205	if (!isset($config['secrets']['pepper']))
	206	$config['secrets']['pepper'] = rtrim(base64_encode(random_bytes(16)),'=');
	207
	208	if (!isset($config['secrets']['key']))
	209	$config['secrets']['key'] = rtrim(base64_encode(sodium_crypto_aead_xchacha20poly1305_ietf_keygen()),'=');
	210	}
	211
b056895f BM	212	function get_active_rpc_server()
b056895f BM	213	{
c9e0e590 BM	214	$servers = get_config("unrealircd");
	215	if (empty($servers))
	216	return;
b056895f BM	217	// TODO: make user able to override this - either in user or in session
b056895f BM	218
c9e0e590	219	foreach ($servers as $displayname=>$e)
b056895f BM	220	{
	221	if (isset($e["default"]) && $e["default"])
	222	return $displayname;
	223	}
	224	return null;
	225	}
	226
	227	/* Set a new default RPC server */
	228	function set_default_rpc_server($name)
	229	{
	230	GLOBAL $config;
	231
	232	/* Mark all other servers as non-default */
	233	foreach ($config["unrealircd"] as $n=>$e)
	234	if ($n != $name)
	235	$config["unrealircd"][$n]["default"] = false;
	236	$config["unrealircd"][$name]["default"] = true;
	237	}
	238
	239	/* Ensure at least 1 server is default */
	240	function set_at_least_one_default_rpc_server()
	241	{
	242	GLOBAL $config;
	243
	244	$has_default_rpc_server = false;
	245	foreach ($config["unrealircd"] as $name=>$e)
	246	if ($e["default"])
	247	$has_default_rpc_server = true;
	248	if (!$has_default_rpc_server)
	249	{
	250	/* Make first server in the list the default */
	251	foreach ($config["unrealircd"] as $name=>$e)
	252	{
	253	$config["unrealircd"][$name]["default"] = true;
	254	break;
	255	}
	256	}
	257	}
	258
a4850187 BM	259	function secret_encrypt(string $text)
	260	{
	261	GLOBAL $config;
	262
	263	$key = base64_decode($config['secrets']['key']);
	264	$nonce = \random_bytes(\SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES);
	265	$encrypted_text = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($text, '', $nonce, $key);
	266	return "secret:".rtrim(base64_encode($nonce),'=').':'.rtrim(base64_encode($encrypted_text),'='); // secret:base64(NONCE):base64(ENCRYPTEDTEXT)
	267	}
	268
	269	function secret_decrypt(string $crypted)
	270	{
	271	GLOBAL $config;
	272
	273	$key = base64_decode($config['secrets']['key']);
	274	$d = explode(":", $crypted);
	275	if (count($d) != 3)
	276	return null;
	277	$nonce = base64_decode($d[1]);
	278	$ciphertext = base64_decode($d[2]);
	279
	280	$ret = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, '', $nonce, $key);
	281	if ($ret === false)
	282	return null;
	283	return $ret;
	284	}
	285
e1461204 BM	286	function upgrade_check()
	287	{
	288	GLOBAL $config_transition_unreal_server;
79e2577d	289	GLOBAL $config;
e1461204 BM	290
	291	/* Moving of a config.php item to DB: */
	292	if ($config_transition_unreal_server)
	293	write_config();
	294
6b08fcb9	295	/* Our own stuff may need upgrading.. */
a4850187	296	/* - generating secrets */
6b08fcb9 BM	297	if (!isset($config['secrets']))
	298	{
	299	generate_secrets();
	300	write_config_file();
	301	}
a4850187 BM	302	/* - encrypting rpc_password */
	303	if (isset($config['unrealircd']) &&
	304	isset($config['unrealircd']['rpc_password']) &&
	305	!str_starts_with($config['unrealircd']['rpc_password'], "secret:"))
	306	{
	307	$ret = secret_encrypt($config['unrealircd']['rpc_password']);
	308	if ($ret !== false)
	309	{
	310	$config['unrealircd']['rpc_password'] = $ret;
	311	write_config('unrealircd');
	312	}
	313	}
41aad10c BM	314	/* $config["unrealircd"] should be an array now.. */
	315	if (isset($config['unrealircd']) && isset($config['unrealircd']['rpc_password']))
	316	{
	317	$config["unrealircd"]["default"] = true;
	318	$config['unrealircd'] = [
	319	"Primary" => $config['unrealircd']];
	320	write_config("unrealircd");
	321	}
6b08fcb9	322
e1461204 BM	323	$version = get_version();
	324	if (!isset($config['webpanel_version']))
	325	$config['webpanel_version'] = '';
	326	if ($version != $config['webpanel_version'])
	327	{
	328	$versioninfo = [
	329	"old_version" => $config['webpanel_version'],
	330	"new_version" => $version
	331	];
6b08fcb9	332	/* And inform the hook (eg the database backends) */
e1461204 BM	333	Hook::run(HOOKTYPE_UPGRADE, $versioninfo);
	334	/* And set the new version now that the upgrade is "done" */
	335	$config['webpanel_version'] = $version;
	336	write_config("webpanel_version");
	337	}
	338	}
	339
d3e3ec08 BM	340	function panel_start_session($user = false)
	341	{
	342	if (!isset($_SESSION))
	343	{
	344	session_set_cookie_params(86400); // can't set this to session_timeout due to catch-22
	345	session_start();
	346	}
	347
	348	if ($user === false)
	349	{
	350	$user = unreal_get_current_user();
	351	if ($user === false)
	352	return false;
	353	}
	354
cd1dee97 BM	355	$timeout = 3600;
	356	if (isset($user->user_meta['session_timeout']))
	357	$timeout = (INT)$user->user_meta['session_timeout'];
	358
d3e3ec08 BM	359	if (!isset($_SESSION['session_timeout']))
	360	$_SESSION['session_timeout'] = $timeout;
	361
cd1dee97	362	$_SESSION['last-activity'] = time();
d3e3ec08 BM	363	return true;
	364	}
	365
b41fa16f	366	/* Now read the config, and redirect to install screen if we don't have it */
f1027274	367	$config_transition_unreal_server = false;
65fcaafb	368	if (!read_config_file())
fc51fb47	369	{
b41fa16f BM	370	if (page_requires_no_config())
	371	{
	372	/* Allow empty conf */
	373	} else
	374	if (!file_exists(UPATH."/config/config.php") && !file_exists(UPATH."/config.php"))
	375	{
	376	header("Location: settings/install.php");
	377	die();
b41fa16f	378	}
ea90b321	379	}
e1461204	380
c06c1713	381	require_once UPATH . "/Classes/class-hook.php";
c4f272ad BM	382	if (!is_dir(UPATH . "/vendor"))
c4f272ad BM	383	die("The vendor/ directory is missing. Most likely the admin forgot to run 'composer install'\n");
e98b5a51	384	require_once UPATH . '/vendor/autoload.php';
e92763ac	385	require_once UPATH . "/Classes/class-cmodes.php";
caf7fe32	386	require_once UPATH . "/inc/defines.php";
d72d1923	387	require_once UPATH . "/misc/strings.php";
e92763ac	388	require_once UPATH . "/misc/channel-lookup-misc.php";
d72d1923 VP	389	require_once UPATH . "/misc/user-lookup-misc.php";
	390	require_once UPATH . "/misc/server-lookup-misc.php";
	391	require_once UPATH . "/misc/ip-whois-misc.php";
	392	require_once UPATH . "/Classes/class-log.php";
	393	require_once UPATH . "/Classes/class-message.php";
	394	require_once UPATH . "/Classes/class-rpc.php";
6930484c	395	require_once UPATH . "/Classes/class-paneluser.php";
d72d1923	396	require_once UPATH . "/plugins.php";
1e6ffd06	397
cd1dee97 BM	398	/* Do various checks and reading, except during setup step 1. */
	399	if (!page_requires_no_config())
	400	{
	401	/* Now that plugins are loaded, read config from DB */
	402	read_config_db();
e1461204	403
cd1dee97 BM	404	/* Check if anything needs upgrading (eg on panel version change) */
cd1dee97 BM	405	upgrade_check();
65fcaafb	406
cd1dee97 BM	407	/* And a check... */
	408	if (!get_config("base_url"))
	409	die("The base_url was not found in your config. Setup went wrong?");
	410	}
65fcaafb	411
5a7f0cde	412	$pages = [
dd903e52 BM	413	"Overview" => ["url"=>""],
	414	"Users" => ["url"=>"users"],
	415	"Channels" => ["url"=>"channels"],
	416	"Servers" => ["url"=>"servers"],
d6f10d25	417	"Server Bans" => [
dd903e52 BM	418	"Server Bans" => ["url" => "server-bans"],
	419	"Name Bans" => ["url" => "server-bans/name-bans.php"],
	420	"Ban Exceptions" => ["url" => "server-bans/ban-exceptions.php"],
d6f10d25	421	],
dd903e52	422	"Spamfilter" => ["url" => "spamfilter.php"],
d6f10d25	423	"Tools" => [
dd903e52	424	"IP WHOIS" => ["url" => "tools/ip-whois.php"],
d6f10d25 BM	425	],
d6f10d25 BM	426	"Settings" => [
dd903e52 BM	427	"Plugins" => ["url" => "settings/plugins.php"],
dd903e52 BM	428	"RPC Servers" => ["url" => "settings/rpc-servers.php"],
d6f10d25	429	],
180b8ec1	430
dd903e52	431	"News" => ["url" => "news.php"],
5a7f0cde	432	];
c00c34d2	433
cd1dee97 BM	434	if (!panel_start_session())
	435	{
	436	if (!page_requires_no_login())
	437	{
c51ca81c	438	if (!is_auth_provided())
ce25dde2	439	die("No authentication plugin loaded. You must load either sql_db, file_db, or a similar auth plugin!");
cd1dee97 BM	440	$current_page = $_SERVER['REQUEST_URI'];
cd1dee97 BM	441	header("Location: ".get_config("base_url")."login/?redirect=".urlencode($current_page));
fb06ed6c	442	die;
cd1dee97	443	}
c51ca81c	444	} else {
dd903e52	445	$pages["Settings"]["Accounts"] = ["url" => "settings"];
1634b6ac	446	if (current_user_can(PERMISSION_MANAGE_USERS))
dd903e52	447	$pages["Settings"]["Role Editor"] = ["url"=>"settings/user-role-edit.php"];
c00c34d2 VP	448	$user = unreal_get_current_user();
	449	if ($user)
	450	{
	451	/* Add logout page, if logged in */
dd903e52	452	$pages["Logout"] = ["url"=>"login/?logout=true"];
c00c34d2 VP	453	}
c00c34d2 VP	454	}
c51ca81c	455
90dc8f2b VP	456	Hook::run(HOOKTYPE_NAVBAR, $pages);
	457
	458	/* Example to add new menu item:
90dc8f2b VP	459	*
	460	* class MyPlugin
	461	* {
	462	*
55fd88eb VP	463	* function __construct()
	464	* {
	465	* Hook::func(HOOKTYPE_NAVBAR, [$this, 'add_menu'])
	466	* }
90dc8f2b	467	*
55fd88eb VP	468	* function add_menu(&$pages) // this should pass by reference (using the & prefix)
	469	* {
	470	* $page_name = "My New Page";
	471	* $page_link = "link/to/page.php";
	472	* $pages[$page_name] = $page_link;
	473	* }
90dc8f2b VP	474	* }
90dc8f2b VP	475	*/