[5.0] Introduce a CLI UI for creating a public folder

[dgrammatiko]

Pull Request for Issue # .

Summary of Changes

• Added 1 new command on the main joomla.php CLI:

site
  site:create-public-folder       Create a public folder

• Added one more step on the CLI installation (will do nothing if nothing inserted):

 Please enter the absolute path to the public folder:

• The code is requiring [5.0] Allow JPATH constants overridable and make SiteRouter JPATH_PUBLIC aware #41570

3rd Part Devs impact:

• If you have no direct Entry Point (similar to index.php) you're not affected. But since there might be legitimate cases (backup script, auditing scripts, etc) that boot their own app instead of Joomla there's this idea to make life easier:

Hmm, now that I'm thinking about 3rd PD maybe a simple XML line like the following is all that's needed. We parse all the admin component manifests and symlink the entry points

<exposed-entrypoints>
  <path>administrator/components/com_foo/dangerous-entry.php</path>
  <path>administrator/components/com_foo/another-dangerous-entry.php</path>
</exposed-entrypoints>

• Another possible conflict might be that most folders in the public folder would get by default an htaccess file with <files>deny from all</files>, meaning NO MORE PHP FILES inside media, images and any other media manager storage folder. If your extension is placing PHP files in these folders you're doing it very wrong, please consider moving them to their appropriate folder.

• Have some input? Please share it..

Testing Instructions

Testing a NEW installation

• Apply this PR, ie check out this PR
• go to the installation folder in your root Joomla installation: cd installation
• run the command: php joomla.php install
• insert the FULL path for the public folder, ie

• Switch your server to the new directory.

Testing an EXISTING installation

• Download the package for the GitHub or check out this PR

• go to the cli folder in your root Joomla installation: cd cli

• run the command: php joomla.php site:create-public-folder

• insert the FULL path for the public folder, ie

• Switch your server to the new directory.

Actual result BEFORE applying this Pull Request

Expected result AFTER applying this Pull Request

Link to documentations

WIP

@SniperSister @HLeithner @wilsonge thoughts?

@Hackwar I would appreciated some fixes here and some help for the installation CLI

[brianteeman]

Suggested change

	throw new \Exception('Unable to write on the given directory, check the permissions', 200);
	throw new \Exception('Unable to write on the given directory, check the permissions', 200);

should that be "unable to create the ..."

you call it a folder elsewhere not a directory

[dgrammatiko]

Legit, tbh let's wait for someone from the security/maintainers validate this before wasting our time here

[HLeithner]

Here is my reference implementation with the update pr #41570

Root index.php

<?php

/**
 * @package    Joomla.Site
 *
 * @copyright  (C) 2005 Open Source Matters, Inc. <https://www.joomla.org>
 * @license    GNU General Public License version 2 or later; see LICENSE.txt
 */

define('JPATH_ROOT', "/web/joomla.domain.tld");
define('JPATH_BASE', JPATH_ROOT);
define('JPATH_PUBLIC', "/web/joomla.domain.tld/public");

require_once JPATH_BASE . '/index.php';

Administrator and API index.php

<?php

/**
 * @package    Joomla.Site
 *
 * @copyright  (C) 2005 Open Source Matters, Inc. <https://www.joomla.org>
 * @license    GNU General Public License version 2 or later; see LICENSE.txt
 */

define('JPATH_ROOT', "/web/joomla.domain.tld");
define('JPATH_BASE', JPATH_ROOT . "/administrator"); // -->> change this to api for api folder <<--
define('JPATH_PUBLIC', "/web/joomla.domain.tld/public");

require_once JPATH_BASE . '/index.php';

additional to this you only have the symlink to extract.php in admin/com/com_joomlaupdate/extract.php and the the media and image folder in root.

.htaccess, robots.txt of course make sense too.

that's it everything else can be removed.

[HLeithner]

btw. it's also possible to do this from web installation and afterwards in the global configuration.

Additionally this could be configure able from .htaccess with a simple rewrite rule, but that's not untested by me.

RewriteEngine On
RewriteRule ^(.*)$ public/$1

[dgrammatiko]

Here is my reference implementation

Applied. Just as a recap the helper is:

• symlinking the extract.php

• symlinking the media folder

• symlinking all the folders defined in the filesystem-local plugin

• creating the entry points index.php, administrator/index.php and api/index.php

• copying .htaccess or htaccess.txt and robots.txt

[HLeithner]

Thanks, documentation needed and some improvement, but I would like to have this in beta1 so people could test this feature.

[dgrammatiko]

@HLeithner should I do the docs on a deployment category or something else (security?)

[HLeithner]

migration in the manual, and installation and if we have already something it good to mention it in security