fix first time setup issues

oelna · Sep 29, 2023 · ce10317 · ce10317
1 parent 17be6db
commit ce10317
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 7 deletions.
diff --git a/index.php b/index.php
@@ -10,7 +10,10 @@
 		}
 	}
 
-	if(count($settings) <= 1 && path(0) !== 'settings') {
+	// check if we are running for the first time
+	$is_setup = (isset($settings) && !empty($settings['do_setup']) && $settings['do_setup'] == 1) ? true : false;
+
+	if($is_setup && path(0) !== 'settings') {
 		// first time setup
 		header('Location: '.$config['url_detected'].'/settings');
 		die();

diff --git a/lib/database.php b/lib/database.php
@@ -176,6 +176,7 @@
 			);
 			CREATE UNIQUE INDEX `settings_keys` ON settings (`settings_key`);
 			INSERT INTO `settings` (settings_key, settings_value, settings_updated) VALUES ('installation_signature', '".$install_signature."', ".NOW.");
+			INSERT INTO `settings` (settings_key, settings_value, settings_updated) VALUES ('do_setup', '1', ".NOW.");
 			INSERT INTO `settings` (settings_key, settings_value, settings_updated) VALUES ('passkey', '', ".NOW.");
 		");
 	} catch(PDOException $e) {

diff --git a/lib/functions.php b/lib/functions.php
@@ -21,20 +21,22 @@ function get_host($preserve_port=false) {
 function check_login($force_login=false) {
 	global $config;
 
+	$cookie_life = !empty($config['cookie_life']) ? $config['cookie_life'] : 3600;
+
 	// todo: improve this https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice
 	if(isset($_COOKIE['microblog_login']) || $force_login == true) {
 		$hash = hash('sha256', $config['installation_signature']);
 		if((isset($_COOKIE['microblog_login']) && $_COOKIE['microblog_login'] === $hash) || $force_login == true) {
 			// correct auth data, extend cookie life
 			$host = get_host(false); // cookies are port-agnostic
 			$domain = ($host != 'localhost') ? $host : false;
-			setcookie('microblog_login', $hash, NOW+$config['cookie_life'], '/', $domain, false);
+			setcookie('microblog_login', $hash, NOW+$cookie_life, '/', $domain, false);
 
 			return true;
 		} else {
 			// invalid cookie data
 			unset($_COOKIE['microblog_login']);
-			setcookie('microblog_login', '', time()-3600, '/', false, false);
+			setcookie('microblog_login', '', NOW-3600, '/', false, false);
 		}
 	}
 

diff --git a/templates/settings.inc.php b/templates/settings.inc.php
@@ -1,16 +1,17 @@
 <?php
 	if(!defined('ROOT')) die('Don\'t call this directly.');
 
-	if(count($settings) > 1 && !$config['logged_in']) {
+	if(!$is_setup && !$config['logged_in']) {
 		// wrong data, kick user to login page
 		header('HTTP/1.0 401 Unauthorized');
 		header('Location: '.$config['url'].'/login');
 		die();
 	}
 
-	$is_setup = false;
-	if(count($settings) <= 1) {
-		$is_setup = true;
+	if($is_setup) {
+		// allow the user in
+		$config['logged_in'] = check_login(true);
+
 		$settings = array_merge($default_settings, $old_config); // respect existing config file
 
 		// generate some values
@@ -81,6 +82,8 @@
 			<fieldset>
 				<legend>General</legend>
 
+				<?php if($is_setup): ?><input name="s[do_setup]" type="hidden" value="0" /><?php endif; ?>
+
 				<dl>
 					<dt><label for="s-url">URL</label></dt>
 					<dd><input id="s-url" name="s[url]" type="text" value="<?= $is_setup ? $config['url_detected'] : ($settings['url'] ?? '') ?>" placeholder="The URL of your microblog" /></dd>