From 0bf50873ac9425b2595cd735cae90940b4a0f748 Mon Sep 17 00:00:00 2001 From: Alex Cabal Date: Wed, 23 Mar 2022 13:06:28 -0500 Subject: [PATCH] Move reading secret constants into files that need them to prevent crashes when scripts are run by users without permissions to read secrets --- lib/Constants.php | 6 ++++-- lib/Email.php | 3 +++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/Constants.php b/lib/Constants.php index a6d8d4a3..9256d4f0 100644 --- a/lib/Constants.php +++ b/lib/Constants.php @@ -37,9 +37,11 @@ const CAPTCHA_IMAGE_HEIGHT = 72; const CAPTCHA_IMAGE_WIDTH = 230; const NO_REPLY_EMAIL_ADDRESS = 'admin@standardebooks.org'; +// We don't define the email username/password in this file to +// 1) avoid a filesystem read when email isn't being used, and +// 2) allow scripts run by users not in the www-data group to succeed, otherwise they will not be able to open secret files on startup and crash +const POSTMARK_SECRET_FILE_PATH = SITE_ROOT . '/config/secrets/postmarkapp.com'; const EMAIL_SMTP_HOST = 'smtp-broadcasts.postmarkapp.com'; -define('EMAIL_SMTP_USERNAME', trim(file_get_contents(SITE_ROOT . '/config/secrets/postmarkapp.com')) ?: ''); -const EMAIL_SMTP_PASSWORD = EMAIL_SMTP_USERNAME; const EMAIL_POSTMARK_STREAM_BROADCAST = 'the-standard-ebooks-newsletter'; const REST = 0; diff --git a/lib/Email.php b/lib/Email.php index e8cbc596..082ff2b2 100644 --- a/lib/Email.php +++ b/lib/Email.php @@ -2,6 +2,9 @@ use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\Exception; +define('EMAIL_SMTP_USERNAME', trim(file_get_contents(POSTMARK_SECRET_FILE_PATH)) ?: ''); +const EMAIL_SMTP_PASSWORD = EMAIL_SMTP_USERNAME; + class Email{ public $To = ''; public $From = '';