Added checks in the installer

.htaccess

@@ -1,6 +1,8 @@
 Options -Indexes
-RewriteEngine On
-RewriteRule ^(app|bin|bootstrap|resources|storage|vendor|logs)(/.*|)$ - [NC,F]
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteCond %{REQUEST_FILENAME} !-d
-RewriteRule ^(.*)$ index.php [QSA,L]
+<IfModule mod_rewrite.c>
+    RewriteEngine On
+    RewriteRule ^(app|bin|bootstrap|resources|storage|vendor|logs)(/.*|)$ - [NC,F]
+    RewriteCond %{REQUEST_FILENAME} !-f
+    RewriteCond %{REQUEST_FILENAME} !-d
+    RewriteRule ^(.*)$ index.php [QSA,L]
+</IfModule>

app/Controllers/DashboardController.php

@@ -128,6 +128,11 @@ public function getThemes(Request $request, Response $response): Response
 
 	public function applyTheme(Request $request, Response $response): Response
 	{
+		if (!is_writable('static/bootstrap/css/bootstrap.min.css')) {
+			Session::alert(lang('cannot_write_file'), 'danger');
+			return redirect($response, route('system'));
+		}
+
 		file_put_contents('static/bootstrap/css/bootstrap.min.css', file_get_contents($request->getParam('css')));
 		return redirect($response, 'system')
 			->withAddedHeader('Cache-Control', 'no-cache, no-store, must-revalidate')

install/index.php

@@ -131,8 +131,16 @@ function migrate($config)
 		$config['db']['username'] = $request->getParam('db_user');
 		$config['db']['password'] = $request->getParam('db_password');
 
+		if (!is_writable($config['storage_dir'])) {
+			Session::alert('The storage folder is not writable (' . $config['storage_dir'] . ')', 'danger');
+			return redirect($response, '.');
+		}
 
-		file_put_contents(__DIR__ . '/../config.php', '<?php' . PHP_EOL . 'return ' . var_export($config, true) . ';');
+		$ret = file_put_contents(__DIR__ . '/../config.php', '<?php' . PHP_EOL . 'return ' . var_export($config, true) . ';');
+		if ($ret === false) {
+			Session::alert('The config folder is not writable (' . __DIR__ . '/../config.php' . ')', 'danger');
+			return redirect($response, '.');
+		}
 	}
 
 	$dsn = $config['db']['connection'] === 'sqlite' ? __DIR__ . '/../' . $config['db']['dsn'] : $config['db']['dsn'];
@@ -142,7 +150,8 @@ function migrate($config)
 
 		migrate($config);
 	} catch (PDOException $exception) {
-
+		Session::alert("Cannot connect to the database: {$exception->getMessage()} [{$exception->getCode()}]", 'danger');
+		return redirect($response, '.');
 	}
 
 	if (!$installed) {

install/templates/install.twig

@@ -19,6 +19,14 @@
 </head>
 <body>
 <div class="container">
+    {% for type, message in alerts %}
+        <div class="alert alert-{{ type }} alert-dismissible fade show" role="alert">
+            {{ message }}
+            <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+                <span aria-hidden="true">&times;</span>
+            </button>
+        </div>
+    {% endfor %}
     <div class="row justify-content-center">
         <div class="col-md-8">
             <div class="card mt-3">

resources/lang/en.lang.php

@@ -84,4 +84,5 @@
 	'user_deleted' => 'User deleted.',
 	'cannot_delete' => 'You cannot delete yourself.',
 	'cannot_demote' => 'You cannot demote yourself.',
+	'cannot_write_file' => 'The destination path is not writable.',
 ];

resources/lang/it.lang.php

@@ -84,4 +84,5 @@
 	'user_deleted' => 'Utente rimosso.',
 	'cannot_delete' => 'Non puoi eliminare te stesso.',
 	'cannot_demote' => 'Non puoi degradare te stesso. ',
+	'cannot_write_file' => 'Il percorso di destinazione non è scrivibile.',
 ];