Corrections pour fonctionner sur un hébergement mutualisé

app/Config/bootstrap.php

@@ -110,7 +110,7 @@
  * Default application language
  */
 Configure::write('Config.language', 'eng');
-
+Configure::write('Session.save', 'cake');
 /**
  * Sonerezh constants declarations
  */

app/Config/core.php

@@ -222,18 +222,23 @@
 	Configure::write('Session', array(
 		'defaults' => 'php',
 		'cookie' => 'Sonerezh',
-		'timeout' => 4320
+		'timeout' => 4320,
+		'ini' => array(
+			'session.save_handler' => 'files',
+			'session.cookie_lifetime' => 0,
+			'session.cookie_httponly' => 0
+		)
 	));
 
 /**
  * A random string used in security hashing methods.
  */
-	Configure::write('Security.salt', 'AUZCf9nyl8MvKoeElb2elVOPzCxny7TZRIrWHFlS');
+	Configure::write('Security.salt', 'LKoCJQ0LKeN6gXzCNfsEtzyhBH803OEDoS6Yz6ya');
 
 /**
  * A random numeric string (digits only) used to encrypt/decrypt strings.
  */
-	Configure::write('Security.cipherSeed', '8584443986453549548448780006040768989077');
+	Configure::write('Security.cipherSeed', '1603162903989056101141254979932991296475');
 
 /**
  * Apply timestamps with the last modified time to static assets (js, css, images).

app/Controller/AppController.php

@@ -183,4 +183,19 @@ private function __setLanguage() {
         $this->Cookie->write('lang', $locale);
         Configure::write('Config.language', $locale);
     }
+
+    public function func_enabled($func) {
+        $disabled = explode(',', ini_get('disable_functions'));
+        foreach ($disabled as $disableFunction) {
+            $is_disabled[] = trim($disableFunction);
+        }
+        if (in_array($func,$is_disabled)) {
+            $it_is_disabled["m"] = $func.'() has been disabled for security reasons in php.ini';
+            $it_is_disabled["s"] = 0;
+        } else {
+            $it_is_disabled["m"] = $func.'() is allow to use';
+            $it_is_disabled["s"] = 1;
+        }
+        return $it_is_disabled;
+    }
 }

app/Controller/Component/ImageComponent.php

@@ -12,7 +12,12 @@ public function resize($img, $to, $width = 0, $height = 0) {
 
         $dimensions = getimagesize($img);
         $ratio		= $dimensions[0] / $dimensions[1];
-        $exif = exif_read_data($img);
+        $extension = strtolower(end(explode(".", $img)));
+        if (in_array($extention,array('jpg','jpeg','gif'))) {
+            $exif = exif_read_data($img);
+        } else {
+            $exif = array();
+        }
         $rotation = 0;
 
         if (isset($exif['Orientation'])) {

app/Controller/InstallersController.php

@@ -27,6 +27,7 @@ public function beforeFilter() {
      * The first users is also created here, with the administrator role, and the default settings are applied.
      */
     public function index() {
+        clearstatcache();
         $this->view = "index";
         $requirements = array();
         $missing_requirements = false;
@@ -40,11 +41,15 @@ public function index() {
             $missing_requirements = true;
         }
 
-		if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
-			$libavtools = shell_exec("where avconv") || shell_exec("where ffmpeg");//WIN
-		} else {
-			$libavtools = shell_exec("which avconv") || shell_exec("which ffmpeg");//NO WIN
-		}
+        if ($this->func_enabled('shell_exec')['s'] == 1) {
+    		if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+    			$libavtools = shell_exec("where avconv") || shell_exec("where ffmpeg");//WIN
+    		} else {
+    			$libavtools = shell_exec("which avconv") || shell_exec("which ffmpeg");//NO WIN
+    		}
+        } else {
+            $libavtools = false;
+        }
 
         if ($libavtools) {
             $requirements['libavtools'] = array('label' => 'success', 'message' => __('libav-tools (avconv) is installed!'));
@@ -135,12 +140,17 @@ public function index() {
             // Write app/Config/database.php
             $db_config_file = new File(APP.'Config'.DS.'database.php');
 
-            if ($db_config_file->create()) {
+            if ($db_config_file->create() === true) {
                 $db_config_data = "<?php\n";
                 $db_config_data .= "class DATABASE_CONFIG {\n";
                 $db_config_data .= 'public $default = '.var_export($db_config_array, true).";\n";
                 $db_config_data .= '}';
-                $db_config_file->write($db_config_data);
+                // $db_config_file->write($db_config_data,'w',false);
+                file_put_contents(APP.'Config'.DS.'database.php', $db_config_data);
+                if (!file_exists($db_config_file->path)) {
+                    $this->Flash->error(__('Unable to write configuration file.'));
+                    return;
+                }
             } else {
                 $this->Flash->error(__('Unable to write configuration file.'));
                 return;
@@ -169,7 +179,7 @@ public function index() {
                 $db_connection = ConnectionManager::getDataSource('default');
                 $db_connection->connect();
             } catch (Exception $e) {
-                $db_config_file->delete();
+               // $db_config_file->delete();
                 $this->Flash->error(__('Could not connect to database'));
                 return;
             }

app/Controller/SongsController.php

@@ -211,7 +211,7 @@ public function albums() {
         }
 
         if (empty($songs)) {
-            $this->Flash->info('<strong>'.__('Oops!').'</strong> '.__('The database is empty...'));
+            $this->Flash->info(__('Oops!').__('The database is empty...'));
         }
 
         $this->set(compact('songs', 'playlists', 'latests'));
@@ -321,7 +321,7 @@ public function artists() {
         }
 
         if (empty($parsed)) {
-            $this->Flash->info("<strong>".__('Oops!')."</strong> ".__('The database is empty...'));
+            $this->Flash->info(__('Oops!').__('The database is empty...'));
         }
         $this->set(array('songs' => $parsed, 'playlists' => $playlists));
     }
@@ -364,7 +364,7 @@ public function index() {
         $songs = $this->SortComponent->sortByBand($songs);
 
         if (empty($songs)) {
-            $this->Flash->info("<strong>".__('Oops!')."</strong> ".__('The database is empty...'));
+            $this->Flash->info(__('Oops!').__('The database is empty...'));
         }
 
         $this->set(compact('songs', 'playlists'));
@@ -450,7 +450,7 @@ public function search() {
             }
 
             if (empty($parsed)) {
-                $this->Flash->error("<strong>".__('Oops!')."</strong> ".__('No results.'));
+                $this->Flash->error(__('Oops!').__('No results.'));
             }
             $this->set('songs', $parsed);
         }

app/Model/User.php

@@ -145,7 +145,7 @@ public function beforeValidate($options = array()) {
     }
 
     public function isThereAnAdmin() {
-        if (AuthComponent::user('id') == $this->data[$this->alias]['id'] && isset($this->data[$this->alias]['role'])) {
+        if (isset($this->data[$this->alias]['id']) && AuthComponent::user('id') == $this->data[$this->alias]['id'] && isset($this->data[$this->alias]['role'])) {
 
             $users = $this->find('count');
 

app/webroot/index.php

@@ -61,7 +61,7 @@
  * The following line differs from its sibling
  * /lib/Cake/Console/Templates/skel/webroot/index.php
  */
-//define('CAKE_CORE_INCLUDE_PATH', ROOT . DS . 'lib');
+define('CAKE_CORE_INCLUDE_PATH', ROOT . DS . 'lib');
 
 /**
  * Editing below this line should NOT be necessary.
@@ -87,11 +87,11 @@
 	if (function_exists('ini_set')) {
 		ini_set('include_path', ROOT . DS . 'lib' . PATH_SEPARATOR . ini_get('include_path'));
 	}
-	if (!include 'Cake' . DS . 'bootstrap.php') {
+	if (!include('Cake' . DS . 'bootstrap.php')) {
 		$failed = true;
 	}
 } else {
-	if (!include CAKE_CORE_INCLUDE_PATH . DS . 'Cake' . DS . 'bootstrap.php') {
+	if (!include(CAKE_CORE_INCLUDE_PATH . DS . 'Cake' . DS . 'bootstrap.php')) {
 		$failed = true;
 	}
 }

lib/Cake/Cache/Engine/FileEngine.php

@@ -349,7 +349,7 @@ protected function _setKey($key, $createKey = false) {
 			return false;
 		}
 		if (empty($this->_File) || $this->_File->getBaseName() !== $key) {
-			$exists = file_exists($path->getPathname());
+			$exists = file_exists(trim($path->getPathname()));
 			try {
 				$this->_File = $path->openFile('c+');
 			} catch (Exception $e) {
@@ -358,7 +358,7 @@ protected function _setKey($key, $createKey = false) {
 			}
 			unset($path);
 
-			if (!$exists && !chmod($this->_File->getPathname(), (int)$this->settings['mask'])) {
+			if (!$exists && !chmod(trim($this->_File->getPathname()), (int)$this->settings['mask'])) {
 				trigger_error(__d(
 					'cake_dev', 'Could not apply permission mask "%s" on cache file "%s"',
 					array($this->_File->getPathname(), $this->settings['mask'])), E_USER_WARNING);

lib/Cake/I18n/I18n.php

@@ -432,7 +432,7 @@ protected function _bindTextDomain($domain) {
 				if (is_file($file . '.mo')) {
 					$translations = static::loadMo($file . '.mo');
 				}
-				if ($translations === false && is_file($file . '.po')) {
+				if ($translations === false && is_file(trim($file) . '.po')) {
 					$translations = static::loadPo($file . '.po');
 				}
 

lib/Cake/Model/Datasource/CakeSession.php

@@ -546,12 +546,13 @@ protected static function _configureSession() {
 		if (!isset($sessionConfig['cacheLimiter'])) {
 			$sessionConfig['cacheLimiter'] = 'must-revalidate';
 		}
-
 		if (empty($_SESSION)) {
 			if (!empty($sessionConfig['ini']) && is_array($sessionConfig['ini'])) {
 				foreach ($sessionConfig['ini'] as $setting => $value) {
-					if (ini_set($setting, $value) === false) {
-						throw new CakeSessionException(__d('cake_dev', 'Unable to configure the session, setting %s failed.', $setting));
+					if (ini_get($setting) != $value) {
+						if (ini_set($setting, $value) === false) {
+							throw new CakeSessionException(__d('cake_dev', 'Unable to configure the session, setting %s failed.', $setting));
+						}
 					}
 				}
 			}