From 680c82638f9c0a93ee8df98130eefb435c720de8 Mon Sep 17 00:00:00 2001
From: Ryan <ryantl66@gmail.com>
Date: Sat, 4 Oct 2025 01:55:02 -0400
Subject: [PATCH] Chore: keep BASE_URL fallback, prefer env SHARE_URL; fix
 HTTPS auto-detect

---
 CHANGELOG.md            |  7 +++++++
 README.md               |  1 +
 config/config.php       | 16 ++++++++++++----
 public/js/adminPanel.js |  2 +-
 start.sh                | 25 +++++++++++++++++++++----
 5 files changed, 42 insertions(+), 9 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 736650f..a4e6af1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Changelog
 
+## Changes 10/4/2025 v1.3.11
+
+Chore: keep BASE_URL fallback, prefer env SHARE_URL; fix HTTPS auto-detect
+
+- Remove no-op sed of SHARE_URL from start.sh (env already used)
+- Build default share link with correct scheme (http/https, proxy-aware)
+
 ## Changes 10/4/2025 v1.3.10
 
 Fix: index externally added files on startup; harden start.sh (#46)
diff --git a/README.md b/README.md
index 771a318..6051785 100644
--- a/README.md
+++ b/README.md
@@ -95,6 +95,7 @@ services:
       SECURE: "false"
       PERSISTENT_TOKENS_KEY: "please_change_this_@@"
       SCAN_ON_START: "true"
+      CHOWN_ON_START: "true"
     volumes:
       - ./uploads:/var/www/uploads
       - ./users:/var/www/users
diff --git a/config/config.php b/config/config.php
index bd9754e..8dfbb58 100644
--- a/config/config.php
+++ b/config/config.php
@@ -196,13 +196,21 @@ if (AUTH_BYPASS) {
         $_SESSION['disableUpload'] = $perms['disableUpload'] ?? false;
     }
 }
-// Share URL fallback
+
+// Share URL fallback (keep BASE_URL behavior)
 define('BASE_URL', 'http://yourwebsite/uploads/');
+
+// Detect scheme correctly (works behind proxies too)
+$proto = $_SERVER['HTTP_X_FORWARDED_PROTO'] ?? (
+           (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http'
+         );
+$host  = $_SERVER['HTTP_HOST'] ?? 'localhost';
+
 if (strpos(BASE_URL, 'yourwebsite') !== false) {
-    $defaultShare = isset($_SERVER['HTTP_HOST'])
-        ? "http://{$_SERVER['HTTP_HOST']}/api/file/share.php"
-        : "http://localhost/api/file/share.php";
+    $defaultShare = "{$proto}://{$host}/api/file/share.php";
 } else {
     $defaultShare = rtrim(BASE_URL, '/') . "/api/file/share.php";
 }
+
+// Final: env var wins, else fallback
 define('SHARE_URL', getenv('SHARE_URL') ?: $defaultShare);
\ No newline at end of file
diff --git a/public/js/adminPanel.js b/public/js/adminPanel.js
index 94af402..30e6f69 100644
--- a/public/js/adminPanel.js
+++ b/public/js/adminPanel.js
@@ -3,7 +3,7 @@ import { loadAdminConfigFunc } from './auth.js';
 import { showToast, toggleVisibility, attachEnterKeyListener } from './domUtils.js';
 import { sendRequest } from './networkUtils.js';
 
-const version = "v1.3.9";
+const version = "v1.3.11";
 const adminTitle = `${t("admin_panel")} <small style="font-size:12px;color:gray;">${version}</small>`;
 
 // ————— Inject updated styles —————
diff --git a/start.sh b/start.sh
index 25ed609..63af648 100644
--- a/start.sh
+++ b/start.sh
@@ -3,6 +3,21 @@ set -euo pipefail
 umask 002
 echo "🚀 Running start.sh..."
 
+# Remap www-data to match provided PUID/PGID (e.g., Unraid 99:100)
+if [ -n "${PGID:-}" ]; then
+  current_gid="$(getent group www-data | cut -d: -f3 || true)"
+  if [ "${current_gid}" != "${PGID}" ]; then
+    groupmod -o -g "${PGID}" www-data || true
+  fi
+fi
+if [ -n "${PUID:-}" ]; then
+  current_uid="$(id -u www-data 2>/dev/null || echo '')"
+  target_gid="${PGID:-$(getent group www-data | cut -d: -f3)}"
+  if [ "${current_uid}" != "${PUID}" ]; then
+    usermod -o -u "${PUID}" -g "${target_gid}" www-data || true
+  fi
+fi
+
 # 1) Token‐key warning (guarded for -u)
 if [ "${PERSISTENT_TOKENS_KEY:-}" = "default_please_change_this_key" ] || [ -z "${PERSISTENT_TOKENS_KEY:-}" ]; then
   echo "⚠️ WARNING: Using default/empty persistent tokens key—override for production."
@@ -18,7 +33,6 @@ if [ -f "${CONFIG_FILE}" ]; then
     sed -i "s|define('TOTAL_UPLOAD_SIZE',[[:space:]]*'[^']*');|define('TOTAL_UPLOAD_SIZE', '${TOTAL_UPLOAD_SIZE}');|" "${CONFIG_FILE}"
   fi
   [ -n "${SECURE:-}" ]            && sed -i "s|\$envSecure = getenv('SECURE');|\$envSecure = '${SECURE}';|" "${CONFIG_FILE}"
-  [ -n "${SHARE_URL:-}" ]         && sed -i "s|define('SHARE_URL',[[:space:]]*'[^']*');|define('SHARE_URL', '${SHARE_URL}');|" "${CONFIG_FILE}"
 fi
 
 # 2.1) Prepare metadata/log & sessions
@@ -117,9 +131,12 @@ if [ "${SCAN_ON_START:-}" = "true" ]; then
   fi
 fi
 
-# 10) Final ownership sanity for data dirs
-chown -R www-data:www-data /var/www/metadata /var/www/uploads
-chmod -R u+rwX /var/www/metadata /var/www/uploads
+# 10) Final ownership sanity for data dirs (optional; default true)
+if [ "${CHOWN_ON_START:-true}" = "true" ]; then
+  echo "[startup] Normalizing ownership on uploads/metadata..."
+  chown -R www-data:www-data /var/www/metadata /var/www/uploads
+  chmod -R u+rwX /var/www/metadata /var/www/uploads
+fi
 
 echo "🔥 Starting Apache..."
 exec apachectl -D FOREGROUND