fix(contact.php): use is_readable() instead of file_exists() for config

When contact-config.php exists but is unreadable by PHP-FPM (e.g. owned by
www-data while pool runs as nginx), file_exists() returns true but
require_once throws a fatal error → 500.

Production was hitting this: contact-config.php was 'www-data:www-data 640'
but the sag24 PHP-FPM pool runs as 'nginx'. Form returned HTTP 500 on every
POST including legitimate ones — contact form effectively dead.

Server side: chown nginx:nginx /opt/www/sag24.ru/contact-config.php (already
applied). This commit makes the script defensive against the same scenario
in the future.
This commit is contained in:
2026-05-06 01:27:12 +03:00
parent 5dea9c4a52
commit ac0467290c

View File

@@ -4,9 +4,10 @@ header('Access-Control-Allow-Origin: https://sag24.ru');
header('Access-Control-Allow-Methods: POST');
header('Access-Control-Allow-Headers: Content-Type');
// Load secrets from outside webroot (not in git)
// Load secrets from outside webroot (not in git).
// Use is_readable() not file_exists() — PHP-FPM may lack read permission even when file is present.
$configFile = dirname(__DIR__, 2) . '/contact-config.php';
if (file_exists($configFile)) {
if (is_readable($configFile)) {
require_once $configFile;
} else {
// Fallback values for local development (override via contact-config.php on server)