author | Dan Fuhry <dan@enanocms.org> |
Wed, 13 Mar 2013 00:18:23 -0400 (2013-03-13) | |
changeset 346 | 35b0a72083ca |
parent 344 | 0fa28c5aabe9 |
permissions | -rwxr-xr-x |
0 | 1 |
<?php |
2 |
||
3 |
/* |
|
4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
318 | 5 |
* Version 1.0.6 (Roane) |
0 | 6 |
* upgrade.php - upgrade script |
7 |
* Copyright (C) 2006-2007 Dan Fuhry |
|
8 |
* |
|
9 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
10 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
11 |
* |
|
12 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
13 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
14 |
*/ |
|
15 |
||
232
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
16 |
define('IN_ENANO_INSTALL', 'true'); |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
17 |
define('IN_ENANO_UPGRADE', 'true'); |
0 | 18 |
|
19 |
if(!defined('scriptPath')) { |
|
20 |
$sp = dirname($_SERVER['REQUEST_URI']); |
|
21 |
if($sp == '/' || $sp == '\\') $sp = ''; |
|
22 |
define('scriptPath', $sp); |
|
23 |
} |
|
24 |
||
25 |
if(!defined('contentPath')) { |
|
26 |
$sp = dirname($_SERVER['REQUEST_URI']); |
|
27 |
if($sp == '/' || $sp == '\\') $sp = ''; |
|
28 |
define('contentPath', $sp); |
|
29 |
} |
|
30 |
||
232
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
31 |
global $this_page, $sideinfo; |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
32 |
|
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
33 |
function microtime_float() |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
34 |
{ |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
35 |
list($usec, $sec) = explode(" ", microtime()); |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
36 |
return ((float)$usec + (float)$sec); |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
37 |
} |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
38 |
|
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
39 |
global $_starttime; |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
40 |
$_starttime = microtime_float(); |
0 | 41 |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
42 |
// Determine directory (special case for development servers) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
43 |
if ( strpos(__FILE__, '/repo/') && file_exists('.enanodev') ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
44 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
45 |
$filename = str_replace('/repo/', '/', __FILE__); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
46 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
47 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
48 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
49 |
$filename = __FILE__; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
50 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
51 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
52 |
define('ENANO_ROOT', dirname($filename)); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
53 |
|
0 | 54 |
require(ENANO_ROOT.'/includes/constants.php'); |
55 |
||
56 |
if(defined('ENANO_DEBUG')) |
|
57 |
{ |
|
58 |
require_once(ENANO_ROOT.'/includes/debugger/debugConsole.php'); |
|
59 |
} |
|
60 |
else |
|
61 |
{ |
|
62 |
function dc_here($m) { return false; } |
|
63 |
function dc_dump($a, $g) { return false; } |
|
64 |
function dc_watch($n) { return false; } |
|
65 |
function dc_start_timer($u) { return false; } |
|
66 |
function dc_stop_timer($m) { return false; } |
|
67 |
} |
|
68 |
||
69 |
// SCRIPT CONFIGURATION |
|
70 |
// Everything related to versions goes here! |
|
71 |
||
72 |
// Valid versions to upgrade from |
|
344 | 73 |
$valid_versions = Array('1.0b1', '1.0b2', '1.0b3', '1.0b4', '1.0RC1', '1.0RC2', '1.0RC3', '1.0', '1.0.1', '1.0.1.1', '1.0.2b1', '1.0.2', '1.0.3', '1.0.4', '1.0.5', '1.0.6', '1.0.6pl1', '1.0.6pl2', '1.0.6pl3'); |
0 | 74 |
|
75 |
// Basically a list of dependencies, which should be resolved automatically |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
76 |
// If, for example, upgrading from 1.0b1 to 1.0RC1 requires one extra query that would not |
0 | 77 |
// normally be required (for whatever reason) then you would add a custom version number to the array under key '1.0b1'. |
78 |
$deps_list = Array( |
|
79 |
'1.0b1' => Array('1.0b2'), |
|
80 |
'1.0b2' => Array('1.0b3'), |
|
81 |
'1.0b3' => Array('1.0b4'), |
|
82 |
'1.0b4' => Array('1.0RC1'), |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
83 |
'1.0RC1' => Array('1.0RC2'), |
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents:
33
diff
changeset
|
84 |
'1.0RC2' => Array('1.0RC3'), |
129
0b5244001799
Rebranded as 1.0.1.1; fixed category page drawing bug; updated link to GPL in the about page to the GPLv2
Dan
parents:
113
diff
changeset
|
85 |
'1.0RC3' => Array('1.0'), |
142
ca9118d9c0f2
Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Dan
parents:
129
diff
changeset
|
86 |
'1.0' => Array('1.0.1'), |
148 | 87 |
'1.0.1' => Array('1.0.1.1'), |
285 | 88 |
'1.0.1.1' => Array('1.0.2b1'), |
89 |
'1.0.2b1' => Array('1.0.2'), |
|
293
fbe306070c40
Fixed (again) the user -> user_id transition in enano_tags table
Dan
parents:
285
diff
changeset
|
90 |
'1.0.2' => Array('1.0.3'), |
318 | 91 |
'1.0.3' => Array('1.0.4'), |
331 | 92 |
'1.0.4' => Array('1.0.5'), |
339 | 93 |
'1.0.5' => array('1.0.6'), |
340
b3ffcc800def
Version bump to 1.0.6pl3 (the real release number)
Dan Fuhry <dan@enanocms.org>
parents:
339
diff
changeset
|
94 |
'1.0.6' => array('1.0.6pl1'), |
344 | 95 |
'1.0.6pl1' => array('1.0.6pl2'), |
96 |
'1.0.6pl2' => array('1.0.6pl3') |
|
0 | 97 |
); |
344 | 98 |
$this_version = '1.0.6pl4'; |
0 | 99 |
$func_list = Array( |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
100 |
'1.0' => Array('u_1_0_1_update_del_votes'), |
31
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
101 |
'1.0b4' => Array('u_1_0_RC1_update_user_ids', 'u_1_0_RC1_add_admins_to_group', 'u_1_0_RC1_alter_files_table', 'u_1_0_RC1_destroy_session_cookie', 'u_1_0_RC1_set_contact_email', 'u_1_0_RC1_update_page_text'), // , |
16
64e0d3d4cf14
Emergency version change to 1.0rc3 to fix XSS vulnerabilities
Dan
parents:
0
diff
changeset
|
102 |
// '1.0RC2' => Array('u_1_0_populate_userpage_comments') |
233
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
103 |
'1.0RC3' => Array('u_1_0_RC3_make_users_extra'), |
240
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
104 |
'1.0.2b1' => Array('u_1_0_2_nuke_template_cache', 'u_1_0_2_rebuild_search_index') |
0 | 105 |
); |
106 |
||
107 |
if(!isset($_GET['mode'])) |
|
108 |
{ |
|
109 |
$_GET['mode'] = 'login'; |
|
110 |
} |
|
111 |
||
112 |
function err($t) |
|
113 |
{ |
|
114 |
global $template; |
|
115 |
echo $t; |
|
116 |
$template->footer(); |
|
117 |
exit; |
|
118 |
} |
|
119 |
||
120 |
require(ENANO_ROOT.'/includes/template.php'); |
|
121 |
||
122 |
// Initialize the session manager |
|
123 |
require(ENANO_ROOT.'/includes/functions.php'); |
|
124 |
require(ENANO_ROOT.'/includes/dbal.php'); |
|
125 |
require(ENANO_ROOT.'/includes/paths.php'); |
|
126 |
require(ENANO_ROOT.'/includes/sessions.php'); |
|
127 |
require(ENANO_ROOT.'/includes/plugins.php'); |
|
128 |
require(ENANO_ROOT.'/includes/rijndael.php'); |
|
129 |
require(ENANO_ROOT.'/includes/render.php'); |
|
248 | 130 |
require(ENANO_ROOT.'/includes/search.php'); |
0 | 131 |
$db = new mysql(); |
132 |
$db->connect(); |
|
133 |
||
134 |
$plugins = new pluginLoader(); |
|
135 |
||
136 |
if(!defined('ENANO_CONFIG_FETCHED')) |
|
137 |
{ |
|
138 |
// Select and fetch the site configuration |
|
139 |
$e = $db->sql_query('SELECT config_name, config_value FROM '.table_prefix.'config;'); |
|
140 |
if ( !$e ) |
|
141 |
{ |
|
142 |
$db->_die('Some critical configuration information could not be selected.'); |
|
143 |
} |
|
144 |
else |
|
145 |
{ |
|
146 |
define('ENANO_CONFIG_FETCHED', ''); // Used in die_semicritical to figure out whether to call getConfig() or not |
|
147 |
} |
|
148 |
||
149 |
$enano_config = Array(); |
|
150 |
while($r = $db->fetchrow()) |
|
151 |
{ |
|
152 |
$enano_config[$r['config_name']] = $r['config_value']; |
|
153 |
} |
|
154 |
$db->free_result(); |
|
155 |
} |
|
156 |
||
157 |
$v = enano_version(); |
|
158 |
if(in_array($v, Array(false, '', '1.0b3', '1.0b4'))) |
|
159 |
{ |
|
160 |
$ul_admin = 2; |
|
161 |
$ul_mod = 1; |
|
162 |
$ul_member = 0; |
|
163 |
$ul_guest = -1; |
|
164 |
} |
|
165 |
else |
|
166 |
{ |
|
167 |
$ul_admin = USER_LEVEL_ADMIN; |
|
168 |
$ul_mod = USER_LEVEL_MOD; |
|
169 |
$ul_member = USER_LEVEL_MEMBER; |
|
170 |
$ul_guest = USER_LEVEL_GUEST; |
|
171 |
} |
|
172 |
||
173 |
$_GET['title'] = 'unset'; |
|
174 |
||
175 |
$session = new sessionManager(); |
|
176 |
$paths = new pathManager(); |
|
177 |
$session->start(); |
|
178 |
||
179 |
$template = new template_nodb(); |
|
180 |
$template->load_theme('oxygen', 'bleu', false); |
|
181 |
||
182 |
$modestrings = Array( |
|
183 |
'login' => 'Administrative login', |
|
184 |
'welcome' => 'Welcome', |
|
185 |
'setversion' => 'Select Enano version', |
|
186 |
'confirm' => 'Confirm upgrade', |
|
187 |
'upgrade' => 'Database installation', |
|
188 |
'finish' => 'Upgrade complete' |
|
189 |
); |
|
190 |
||
191 |
$sideinfo = ''; |
|
192 |
$vars = $template->extract_vars('elements.tpl'); |
|
193 |
$p = $template->makeParserText($vars['sidebar_button']); |
|
194 |
foreach ( $modestrings as $id => $str ) |
|
195 |
{ |
|
196 |
if ( $_GET['mode'] == $id ) |
|
197 |
{ |
|
198 |
$flags = 'style="font-weight: bold; text-decoration: underline;"'; |
|
199 |
$this_page = $str; |
|
200 |
} |
|
201 |
else |
|
202 |
{ |
|
203 |
$flags = ''; |
|
204 |
} |
|
205 |
$p->assign_vars(Array( |
|
206 |
'HREF' => '#', |
|
207 |
'FLAGS' => $flags . ' onclick="return false;"', |
|
208 |
'TEXT' => $str |
|
209 |
)); |
|
210 |
$sideinfo .= $p->run(); |
|
211 |
} |
|
212 |
||
213 |
$template->init_vars(); |
|
214 |
||
215 |
function upg_assign_vars($schema) |
|
216 |
{ |
|
217 |
$schema = str_replace('{{SITE_NAME}}', mysql_real_escape_string(getConfig('site_name')), $schema); |
|
218 |
$schema = str_replace('{{SITE_DESC}}', mysql_real_escape_string(getConfig('site_desc')), $schema); |
|
219 |
$schema = str_replace('{{COPYRIGHT}}', mysql_real_escape_string(getConfig('copyright_notice')), $schema); |
|
220 |
$schema = str_replace('{{TABLE_PREFIX}}', table_prefix, $schema); |
|
221 |
if(getConfig('wiki_mode')=='1') $schema = str_replace('{{WIKI_MODE}}', '1', $schema); |
|
222 |
else $schema = str_replace('{{WIKI_MODE}}', '0', $schema); |
|
223 |
return $schema; |
|
224 |
} |
|
225 |
||
226 |
/* Version-specific functions */ |
|
227 |
||
228 |
function u_1_0_RC1_update_user_ids() |
|
229 |
{ |
|
230 |
global $db; |
|
231 |
// First, make sure this hasn't already been done |
|
232 |
$q = $db->sql_query('SELECT username FROM '.table_prefix.'users WHERE user_id=1;'); |
|
233 |
if ( !$q ) |
|
234 |
$db->_die(); |
|
235 |
$row = $db->fetchrow(); |
|
236 |
if ( $row['username'] == 'Anonymous' ) |
|
237 |
return true; |
|
238 |
// Find the first unused user ID |
|
239 |
$used = Array(); |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
240 |
$q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users;'); |
0 | 241 |
if ( !$q ) |
242 |
$db->_die(); |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
243 |
$notfirst = false; |
0 | 244 |
while ( $row = $db->fetchrow() ) |
245 |
{ |
|
246 |
$i = intval($row['user_id']); |
|
247 |
$used[$i] = true; |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
248 |
if ( !isset($used[$i - 1]) && $notfirst ) |
0 | 249 |
{ |
250 |
$id = $i - 1; |
|
251 |
break; |
|
252 |
} |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
253 |
$notfirst = true; |
0 | 254 |
} |
255 |
if ( !isset($id) ) |
|
256 |
$id = $i + 1; |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
257 |
if ( $id == 0 ) |
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
258 |
$id = 2; |
0 | 259 |
$db->free_result(); |
260 |
||
261 |
$q = $db->sql_query('UPDATE '.table_prefix.'users SET user_id=' . $id . ' WHERE user_id=1;'); |
|
262 |
if(!$q) |
|
263 |
$db->_die(); |
|
264 |
$q = $db->sql_query('UPDATE '.table_prefix.'users SET user_id=1 WHERE user_id=-1 AND username=\'Anonymous\';'); |
|
265 |
if(!$q) |
|
266 |
$db->_die(); |
|
267 |
||
268 |
} |
|
269 |
||
270 |
function u_1_0_RC1_add_admins_to_group() |
|
271 |
{ |
|
272 |
global $db; |
|
273 |
$q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE user_level=' . USER_LEVEL_ADMIN . ';'); |
|
274 |
if ( !$q ) |
|
275 |
$db->_die(); |
|
276 |
$base = 'INSERT INTO '.table_prefix.'group_members(group_id,user_id) VALUES'; |
|
277 |
$blocks = Array(); |
|
278 |
while ( $row = $db->fetchrow($q) ) |
|
279 |
{ |
|
280 |
$blocks[] = '(2,' . $row['user_id'] . ')'; |
|
281 |
} |
|
282 |
$blocks = implode(',', $blocks); |
|
283 |
$sql = $base . $blocks . ';'; |
|
284 |
if(!$db->sql_query($sql)) |
|
285 |
$db->_die(); |
|
286 |
} |
|
287 |
||
288 |
function u_1_0_RC1_alter_files_table() |
|
289 |
{ |
|
290 |
global $db; |
|
291 |
if(!is_dir(ENANO_ROOT.'/files')) |
|
292 |
@mkdir(ENANO_ROOT . '/files'); |
|
293 |
if(!is_dir(ENANO_ROOT.'/files')) |
|
294 |
die('ERROR: Couldn\'t create files directory'); |
|
295 |
$q = $db->sql_unbuffered_query('SELECT * FROM '.table_prefix.'files;', $db->_conn); |
|
296 |
if(!$q) $db->_die(); |
|
297 |
while ( $row = $db->fetchrow() ) |
|
298 |
{ |
|
299 |
$file_data = base64_decode($row['data']); |
|
300 |
$path = ENANO_ROOT . '/files/' . md5( $row['filename'] . '_' . $file_data ) . '_' . $row['time_id'] . $row['file_extension']; |
|
301 |
@unlink($path); |
|
302 |
$handle = @fopen($path, 'w'); |
|
303 |
if(!$handle) |
|
304 |
die('fopen failed'); |
|
305 |
fwrite($handle, $file_data); |
|
306 |
fclose($handle); |
|
307 |
||
308 |
} |
|
309 |
||
310 |
$q = $db->sql_query('ALTER TABLE '.table_prefix.'files DROP PRIMARY KEY, ADD COLUMN file_id int(12) NOT NULL auto_increment FIRST, ADD PRIMARY KEY (file_id), ADD COLUMN file_key varchar(32) NOT NULL;'); |
|
311 |
if(!$q) $db->_die(); |
|
312 |
||
313 |
$list = Array(); |
|
314 |
$q = $db->sql_unbuffered_query('SELECT * FROM '.table_prefix.'files;', $db->_conn); |
|
315 |
if(!$q) $db->_die(); |
|
316 |
while ( $row = $db->fetchrow($q) ) |
|
317 |
{ |
|
318 |
$file_data = base64_decode($row['data']); |
|
319 |
$key = md5( $row['filename'] . '_' . $file_data ); |
|
320 |
$list[] = 'UPDATE '.table_prefix.'files SET file_key=\'' . $key . '\' WHERE file_id=' . $row['file_id'] . ';'; |
|
321 |
} |
|
322 |
||
323 |
foreach ( $list as $sql ) |
|
324 |
{ |
|
325 |
if(!$db->sql_query($sql)) $db->_die(); |
|
326 |
} |
|
327 |
||
328 |
if(!$db->sql_query('ALTER TABLE '.table_prefix.'files DROP data')) $db->_die(); |
|
329 |
||
330 |
} |
|
331 |
||
332 |
function u_1_0_RC1_destroy_session_cookie() |
|
333 |
{ |
|
334 |
unset($_COOKIE['sid']); |
|
335 |
setcookie('sid', '', time()-3600*24, scriptPath); |
|
336 |
setcookie('sid', '', time()-3600*24, scriptPath.'/'); |
|
337 |
} |
|
338 |
||
339 |
function u_1_0_RC1_set_contact_email() |
|
340 |
{ |
|
341 |
global $db; |
|
342 |
$q = $db->sql_query('SELECT email FROM '.table_prefix.'users WHERE user_level='.USER_LEVEL_ADMIN.' ORDER BY user_level ASC LIMIT 1;'); |
|
343 |
if(!$q) |
|
344 |
$db->_die(); |
|
345 |
$row = $db->fetchrow(); |
|
346 |
setConfig('contact_email', $row['email']); |
|
347 |
} |
|
348 |
||
349 |
function u_1_0_RC1_update_page_text() |
|
350 |
{ |
|
351 |
global $db; |
|
352 |
$q = $db->sql_unbuffered_query('SELECT page_id,namespace,page_text,char_tag FROM '.table_prefix.'page_text'); |
|
353 |
if (!$q) |
|
354 |
$db->_die(); |
|
355 |
||
356 |
$qs = array(); |
|
357 |
||
358 |
while ( $row = $db->fetchrow($q) ) |
|
359 |
{ |
|
360 |
$row['page_text'] = str_replace(Array( |
|
361 |
"{QUOT:{$row['char_tag']}}", |
|
362 |
"{APOS:{$row['char_tag']}}", |
|
363 |
"{SLASH:{$row['char_tag']}}" |
|
364 |
), Array( |
|
365 |
'"', "'", '\\' |
|
366 |
), $row['page_text']); |
|
367 |
$qs[] = 'UPDATE '.table_prefix.'page_text SET page_text=\'' . mysql_real_escape_string($row['page_text']) . '\' |
|
368 |
WHERE page_id=\'' . mysql_real_escape_string($row['page_id']) . '\' AND |
|
369 |
namespace=\'' . mysql_real_escape_string($row['namespace']) . '\';'; |
|
370 |
} |
|
371 |
||
372 |
foreach($qs as $query) |
|
373 |
{ |
|
374 |
if(!$db->sql_query($query)) |
|
375 |
$db->_die(); |
|
376 |
} |
|
377 |
} |
|
378 |
||
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
379 |
function u_1_0_1_update_del_votes() |
0 | 380 |
{ |
381 |
global $db; |
|
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
382 |
$q = $db->sql_query('SELECT urlname, namespace, delvote_ips FROM '.table_prefix.'pages;'); |
0 | 383 |
if ( !$q ) |
384 |
$db->_die(); |
|
385 |
||
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
386 |
while ( $row = $db->fetchrow($q) ) |
0 | 387 |
{ |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
388 |
$ips = strval($row['delvote_ips']); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
389 |
if ( is_array( @unserialize($ips) ) ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
390 |
continue; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
391 |
$ips = explode('|', $ips); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
392 |
$new = array( |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
393 |
'ip' => array(), |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
394 |
'u' => array() |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
395 |
); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
396 |
$i = 0; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
397 |
$prev = ''; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
398 |
$prev_is_ip = false; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
399 |
foreach ( $ips as $ip ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
400 |
{ |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
401 |
$i++; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
402 |
$current_is_ip = is_valid_ip($ip); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
403 |
if ( $current_is_ip && $prev_is_ip ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
404 |
{ |
113
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
405 |
$i++; |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
406 |
$new['u'][] = $prev; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
407 |
} |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
408 |
if ( $current_is_ip ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
409 |
{ |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
410 |
$new['ip'][] = $ip; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
411 |
} |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
412 |
else |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
413 |
{ |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
414 |
$new['u'][] = $ip; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
415 |
} |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
416 |
$prev = $ip; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
417 |
$prev_is_ip = $current_is_ip; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
418 |
} |
113
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
419 |
if ( $i % 2 == 1 && $prev_is_ip ) |
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
420 |
{ |
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
421 |
$new['u'][] = $ip; |
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
422 |
} |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
423 |
$new = serialize($new); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
424 |
$e = $db->sql_query('UPDATE '.table_prefix.'pages SET delvote_ips=\'' . $db->escape($new) . '\' WHERE urlname=\'' . $db->escape($row['urlname']) . '\' AND namespace=\'' . $db->escape($row['namespace']) . '\';'); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
425 |
if ( !$e ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
426 |
$db->_die(); |
0 | 427 |
} |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
428 |
$db->free_result($q); |
0 | 429 |
} |
430 |
||
31
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
431 |
function u_1_0_RC3_make_users_extra() |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
432 |
{ |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
433 |
global $db; |
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
434 |
$q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE user_id > 0;'); |
31
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
435 |
if ( !$q ) |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
436 |
$db->_die(); |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
437 |
|
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
438 |
$ids = array(); |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
439 |
while ( $row = $db->fetchrow() ) |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
440 |
{ |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
441 |
$ids[] = intval($row['user_id']); |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
442 |
} |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
443 |
|
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
444 |
$ids = '(' . implode('),(', $ids) . ')'; |
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
445 |
if ( $ids == '' ) |
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
446 |
return false; |
31
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
447 |
$sql = "INSERT INTO " . table_prefix . "users_extra(user_id) VALUES$ids;"; |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
448 |
|
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
449 |
if ( !$db->sql_query($sql) ) |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
450 |
$db->_die(); |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
451 |
} |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
452 |
|
233
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
453 |
function u_1_0_2_nuke_template_cache() |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
454 |
{ |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
455 |
$dir = @opendir(ENANO_ROOT . '/cache'); |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
456 |
if ( !$dir ) |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
457 |
{ |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
458 |
return false; |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
459 |
} |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
460 |
while ( ($fname = @readdir($dir)) ) |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
461 |
{ |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
462 |
if ( preg_match('/\.tpl\.php$/', $fname) ) |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
463 |
{ |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
464 |
unlink( ENANO_ROOT . '/cache/' . $fname ); |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
465 |
} |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
466 |
} |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
467 |
} |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
468 |
|
240
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
469 |
function u_1_0_2_rebuild_search_index() |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
470 |
{ |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
471 |
global $paths; |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
472 |
@set_time_limit(0); |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
473 |
$paths->rebuild_search_index(); |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
474 |
} |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
475 |
|
0 | 476 |
switch($_GET['mode']) |
477 |
{ |
|
478 |
case "login": |
|
110 | 479 |
if ( $session->user_logged_in && $session->user_level < $ul_admin ) |
480 |
{ |
|
481 |
$template->header(); |
|
482 |
echo '<p>Your user account does not have permission to perform an upgrade of Enano. Return to the <a href="index.php">index page</a>.</p>'; |
|
483 |
$template->footer(); |
|
484 |
exit; |
|
485 |
} |
|
0 | 486 |
if($session->user_logged_in && $session->user_level >= $ul_admin) |
487 |
{ |
|
488 |
if(isset($_POST['login'])) |
|
489 |
{ |
|
490 |
$session->login_without_crypto($_POST['username'], $_POST['password'], false, $ul_admin); |
|
491 |
if($session->sid_super) |
|
492 |
{ |
|
493 |
header('Location: upgrade.php?mode=welcome&auth='.$session->sid_super); |
|
494 |
exit; |
|
495 |
} |
|
496 |
} |
|
497 |
$template->header(); |
|
498 |
?> |
|
499 |
<form action="upgrade.php?mode=login" method="post"> |
|
500 |
<table border="0" style="margin-left: auto; margin-right: auto; margin-top: 5px;" cellspacing="1" cellpadding="4"> |
|
501 |
<tr> |
|
502 |
<th colspan="2">You must re-authenticate to perform this upgrade.</th> |
|
503 |
</tr> |
|
504 |
<?php |
|
505 |
if(isset($_POST['login'])) |
|
506 |
{ |
|
507 |
echo '<tr><td colspan="2"><p style="color: red;">Login failed. Bad password?</p></td></tr>'; |
|
508 |
} |
|
509 |
?> |
|
510 |
<tr> |
|
511 |
<td>Username:</td><td><input type="text" name="username" size="30" /></td> |
|
512 |
</tr> |
|
513 |
<tr> |
|
514 |
<td>Password:</td><td><input type="password" name="password" size="30" /></td> |
|
515 |
</tr> |
|
516 |
<tr> |
|
517 |
<td colspan="2" style="text-align: center;"><input type="submit" name="login" value="Log in" /> |
|
518 |
</tr> |
|
519 |
</table> |
|
520 |
</form> |
|
521 |
<?php |
|
522 |
} |
|
523 |
else |
|
524 |
{ |
|
525 |
if(isset($_POST['login'])) |
|
526 |
{ |
|
527 |
$result = $session->login_without_crypto($_POST['username'], $_POST['password'], false, $ul_member); |
|
528 |
if($result == 'success') |
|
529 |
{ |
|
530 |
header('Location: upgrade.php'); |
|
531 |
exit; |
|
532 |
} |
|
533 |
} |
|
534 |
$template->header(); |
|
535 |
?> |
|
536 |
<form action="upgrade.php?mode=login" method="post"> |
|
537 |
<table border="0" style="margin-left: auto; margin-right: auto; margin-top: 5px;" cellspacing="1" cellpadding="4"> |
|
538 |
<tr> |
|
539 |
<th colspan="2">Please log in to continue with this upgrade.</th> |
|
540 |
</tr> |
|
541 |
<?php |
|
542 |
if(isset($_POST['login'])) |
|
543 |
{ |
|
544 |
echo '<tr><td colspan="2"><p style="color: red;">Login failed. Bad password?</p></td></tr>'; |
|
545 |
} |
|
546 |
?> |
|
547 |
<tr> |
|
548 |
<td>Username:</td><td><input type="text" name="username" size="30" /></td> |
|
549 |
</tr> |
|
550 |
<tr> |
|
551 |
<td>Password:</td><td><input type="password" name="password" size="30" /></td> |
|
552 |
</tr> |
|
553 |
<tr> |
|
554 |
<td colspan="2" style="text-align: center;"><input type="submit" name="login" value="Log in" /> |
|
555 |
</tr> |
|
556 |
</table> |
|
557 |
</form> |
|
558 |
<?php |
|
559 |
} |
|
560 |
break; |
|
561 |
case "welcome": |
|
562 |
if(!$session->sid_super) { $template->header(); echo '<p>No admin session found! Please <a href="upgrade.php">restart the upgrade</a>.</p>'; $template->footer(); exit; } |
|
563 |
||
564 |
// Just show a simple welcome page to display version information |
|
565 |
$template->header(); |
|
566 |
require('config.php'); |
|
567 |
||
568 |
?> |
|
569 |
||
570 |
<div style="text-align: center; margin-top: 10px;"> |
|
318 | 571 |
<img alt="[ Enano CMS Project logo ]" src="images/enano-artwork/installer-greeting-blue.png" style="display: block; margin: 0 auto; padding-left: 114px;" /> |
0 | 572 |
<h2>Welcome to the Enano upgrade wizard</h2> |
573 |
<?php |
|
574 |
if ( file_exists('./_nightly.php') ) |
|
575 |
{ |
|
576 |
echo '<div class="warning-box" style="text-align: left; margin: 10px auto; display: table; width: 60%;"><b>You are about to upgrade to a NIGHTLY BUILD of Enano.</b><br />Nightly builds CANNOT be re-upgraded to the final release. They may also contain serious flaws, security problems, or extraneous debugging information. Continuing this process on a production site is NOT recommended.</div>'; |
|
577 |
} |
|
578 |
?> |
|
579 |
</div> |
|
580 |
<div style="display: table; margin: 0 auto;"> |
|
581 |
<p>You are about to upgrade Enano to version <b><?php echo $this_version; ?></b>. Before you continue, please ensure that:</p> |
|
582 |
<ul> |
|
583 |
<li>You have completely backed up your database (<b><?php echo "$dbhost:$dbname"; ?></b>)</li> |
|
584 |
<li>You have backed up the entire Enano directory (<b><?php echo ENANO_ROOT; ?></b>)</li> |
|
585 |
<li>You have reviewed the release notes for this version, and you<br />are comfortable with any known bugs or issues</li> |
|
91 | 586 |
<li>If you've configured Enano to work using a MySQL user with restricted<br />privileges, you need to enable ALTER, CREATE TABLE, and CREATE INDEX privileges<br />for this upgrade to work.</li> |
0 | 587 |
</ul> |
588 |
</div> |
|
589 |
<div style="text-align: center; margin-top: 10px;"> |
|
590 |
<form action="upgrade.php?mode=setversion&auth=<?php echo $session->sid_super; ?>" method="post"> |
|
591 |
<input type="submit" value="Continue with upgrade" /> |
|
592 |
</form> |
|
593 |
</div> |
|
594 |
||
595 |
<?php |
|
596 |
||
597 |
break; |
|
598 |
case "setversion": |
|
599 |
if(!$session->sid_super) { $template->header(); echo '<p>No admin session found! Please <a href="upgrade.php">restart the upgrade</a>.</p>'; $template->footer(); exit; } |
|
600 |
$v = ( function_exists('enano_version') ) ? enano_version() : ''; |
|
601 |
if(!in_array($v, $valid_versions) && $v != '') |
|
602 |
{ |
|
603 |
$template->header(); |
|
604 |
?> |
|
605 |
<p>Your version of Enano (<?php echo $v; ?>) can't be upgraded to this version (<?php echo $this_version; ?>).</p> |
|
606 |
<?php |
|
607 |
break; |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
608 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
609 |
else if($v == '') |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
610 |
{ |
0 | 611 |
// OK, we don't know which version he's running. So we'll cheat ;-) |
612 |
$template->header(); |
|
613 |
echo "<form action='upgrade.php?mode=confirm&auth={$session->sid_super}' method='post'>"; |
|
614 |
?> |
|
615 |
<p>Sorry, we couldn't detect which version of Enano you're running on your server. Please select which version of Enano you have below, and make absolutely sure that you're correct.</p> |
|
616 |
<p><select name="version"><?php |
|
617 |
foreach($valid_versions as $c) |
|
618 |
{ |
|
619 |
echo "<option value='{$c}'>{$c}</option>"; |
|
620 |
} |
|
621 |
?></select></p> |
|
622 |
<p> |
|
623 |
<input type="submit" value="Continue" /> |
|
624 |
</p> |
|
625 |
<?php |
|
626 |
echo `</form>`; |
|
627 |
break; |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
628 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
629 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
630 |
{ |
0 | 631 |
header('Location: upgrade.php?mode=confirm&auth='.$session->sid_super); |
632 |
} |
|
633 |
break; |
|
634 |
case "confirm": |
|
635 |
$enano_version = ( isset($_POST['version']) ) ? $_POST['version'] : enano_version(); |
|
636 |
||
637 |
$template->header(); |
|
638 |
if(!$session->sid_super) { echo '<p>No admin session found! Please <a href="upgrade.php">restart the upgrade</a>.</p>'; $template->footer(); exit; } |
|
639 |
?> |
|
640 |
<form action="upgrade.php?mode=upgrade&auth=<?php echo $session->sid_super; ?>" method="post"> |
|
641 |
<table border="0" style="margin-left: auto; margin-right: auto; margin-top: 5px;" cellspacing="1" cellpadding="4"> |
|
642 |
<tr> |
|
643 |
<td colspan="2"><p><b>Are you sure you want to perform this upgrade?</b></p><p>You can still cancel the upgrade process now. If<br />the upgrade fails, you will need to roll back<br />any actions made using manual SQL queries.</p><p><b>Please clear your browser cache or<br />shift-reload after the upgrade.</b><br />If you fail to do so, some page elements may<br />be broken.</td> |
|
644 |
</tr> |
|
645 |
<tr> |
|
646 |
<td colspan="2" style="text-align: center;"> |
|
647 |
<input type="hidden" name="enano_version" value="<?php echo $enano_version; ?>" /> |
|
648 |
<input type="submit" name="doit" value="Upgrade Enano!" /> |
|
649 |
</td> |
|
650 |
</tr> |
|
651 |
</table> |
|
652 |
</form> |
|
653 |
<?php |
|
654 |
break; |
|
655 |
case "upgrade": |
|
656 |
$template->header(); |
|
657 |
if(!$session->sid_super) { echo '<p>No admin session found! Please <a href="upgrade.php">restart the upgrade</a>.</p>'; $template->footer(); exit; } |
|
658 |
if(!isset($_POST['enano_version'])) { echo '<p>Can\'t find the version information on the POST query, are you trying to do this upgrade directly? Please <a href="upgrade.php">restart the upgrade</a>.</p>'; break; } |
|
659 |
$enano_version = $_POST['enano_version']; |
|
660 |
echo '<p>Preparing for schema execution...'; |
|
661 |
// Build an array of queries |
|
662 |
$schema = file_get_contents('upgrade.sql'); |
|
663 |
||
664 |
// Strip out and process version blocks |
|
148 | 665 |
preg_match_all('#---BEGIN ([0-9A-z\.\-]*?)---'."\n".'((.*?)'."\n)?".'---END \\1---#is', $schema, $matches); |
0 | 666 |
|
667 |
$from_list =& $matches[1]; |
|
148 | 668 |
$query_list =& $matches[3]; |
0 | 669 |
|
670 |
foreach($matches[0] as $m) |
|
671 |
{ |
|
672 |
$schema = str_replace($m, '', $schema); |
|
673 |
} |
|
674 |
$schema = explode("\n", $schema); |
|
675 |
foreach($schema as $k => $q) |
|
676 |
{ |
|
677 |
if(substr($q, 0, 2) == '--' || $q == '') |
|
678 |
{ |
|
679 |
unset($schema[$k]); |
|
680 |
//die('<pre>'.htmlspecialchars(print_r($schema, true)).'</pre>'); |
|
681 |
} |
|
682 |
else |
|
683 |
{ |
|
684 |
$schema[$k] = upg_assign_vars($schema[$k]); |
|
685 |
} |
|
686 |
} |
|
687 |
||
688 |
foreach($query_list as $k => $q) |
|
689 |
{ |
|
690 |
$query_list[$k] = explode("\n", $query_list[$k]); |
|
691 |
foreach($query_list[$k] as $i => $s) |
|
692 |
{ |
|
693 |
$tq =& $query_list[$k][$i]; |
|
694 |
if(substr($s, 0, 2) == '--' || $s == '') |
|
695 |
{ |
|
696 |
unset($query_list[$k][$i]); |
|
697 |
//die('<pre>'.htmlspecialchars(print_r($schema, true)).'</pre>'); |
|
698 |
} |
|
699 |
else |
|
700 |
{ |
|
701 |
$query_list[$k][$i] = upg_assign_vars($query_list[$k][$i]); |
|
702 |
} |
|
703 |
} |
|
704 |
$query_list[$k] = array_values($query_list[$k]); |
|
705 |
} |
|
706 |
||
707 |
$assoc_list = Array(); |
|
708 |
||
709 |
foreach($from_list as $i => $v) |
|
710 |
{ |
|
711 |
$assoc_list[$v] = $query_list[$i]; |
|
712 |
} |
|
713 |
||
714 |
$schema = array_values($schema); |
|
715 |
||
716 |
$deps_resolved = false; |
|
717 |
$installing_versions = Array($enano_version); |
|
718 |
||
719 |
while(true) |
|
720 |
{ |
|
721 |
$v = array_keys($deps_list); |
|
722 |
foreach($v as $i => $ver) |
|
723 |
{ |
|
724 |
if(in_array($ver, $installing_versions)) |
|
725 |
{ |
|
726 |
// $ver is on the list of versions to be installed. Add its dependencies to the list of versions to install. |
|
727 |
foreach($deps_list[$ver] as $dep) |
|
728 |
{ |
|
729 |
if(!in_array($dep, $installing_versions)) |
|
730 |
{ |
|
731 |
$installing_versions[] = $dep; |
|
732 |
} |
|
733 |
} |
|
734 |
} |
|
735 |
if($i == count($deps_list) - 1) |
|
736 |
{ |
|
737 |
break 2; |
|
738 |
} |
|
739 |
} |
|
740 |
} |
|
741 |
||
742 |
foreach($installing_versions as $this_ver) |
|
743 |
{ |
|
744 |
$schema = array_merge($schema, $assoc_list[$this_ver]); |
|
745 |
} |
|
746 |
||
747 |
// Time for some proper SQL syntax! |
|
748 |
// Also check queries for so-called injection attempts to make |
|
749 |
// sure that it doesn't fail during the upgrade process and |
|
750 |
// leave the user with a half-upgraded database |
|
751 |
foreach($schema as $s => $q) |
|
752 |
{ |
|
753 |
if(substr($q, strlen($q)-1, 1) != ';') |
|
754 |
{ |
|
755 |
$schema[$s] .= ';'; |
|
756 |
} |
|
757 |
if ( !$db->check_query($schema[$s]) ) |
|
758 |
{ |
|
759 |
// Uh-oh, the check failed, bail out |
|
760 |
// The DBAL runs sanity checks on all queries for safety, |
|
761 |
// so if the check fails in mid-upgrade we are in deep |
|
762 |
// dodo doo-doo. |
|
763 |
echo 'Query failed sanity check, this should never happen and is a bug.</p><p>Query was:</p><pre>'.$schema[$s].'</pre>'; |
|
764 |
break 2; |
|
765 |
} |
|
766 |
} |
|
767 |
||
768 |
$schema = array_values($schema); |
|
769 |
||
770 |
// Used extensively for debugging |
|
771 |
// echo '<pre>'.htmlspecialchars(print_r($schema, true)).'</pre>'; |
|
772 |
// break; |
|
773 |
||
774 |
echo 'done!<br />Executing upgrade schema...'; |
|
775 |
||
776 |
// OK, do the loop, baby!!! |
|
777 |
foreach($schema as $q) |
|
778 |
{ |
|
218
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
779 |
if ( substr($q, 0, 1) == '@' ) |
0 | 780 |
{ |
218
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
781 |
// if the first character is @, don't fail on error |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
782 |
$db->sql_query(substr($q, 1)); |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
783 |
} |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
784 |
else |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
785 |
{ |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
786 |
if ( !$db->sql_query($q) ) |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
787 |
{ |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
788 |
echo $db->get_error(); |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
789 |
break 2; |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
790 |
} |
0 | 791 |
} |
792 |
} |
|
793 |
||
794 |
// Call any custom functions |
|
795 |
foreach ( $installing_versions as $ver ) |
|
796 |
{ |
|
797 |
if ( isset($func_list[$ver]) ) |
|
798 |
{ |
|
799 |
foreach($func_list[$ver] as $function) |
|
800 |
{ |
|
801 |
@call_user_func($function); |
|
802 |
} |
|
803 |
} |
|
804 |
} |
|
805 |
||
74
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
parents:
73
diff
changeset
|
806 |
// Log the upgrade |
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
parents:
73
diff
changeset
|
807 |
$q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,page_text,edit_summary) VALUES(\'security\', \'upgrade_enano\', ' . time() . ', \'' . date('d M Y h:i a') . '\', \'' . mysql_real_escape_string($session->username) . '\', \'' . mysql_real_escape_string($this_version) . '\', \'' . mysql_real_escape_string($_SERVER['REMOTE_ADDR']) . '\');'); |
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
parents:
73
diff
changeset
|
808 |
|
0 | 809 |
echo 'done!</p>'; |
810 |
echo '<p>You will be redirected shortly. If you aren\'t redirected, <a href="index.php">click here</a>.</p> |
|
811 |
<script type="text/javascript">setTimeout("window.location=\'index.php\'", 2000)</script>'; |
|
812 |
break; |
|
813 |
} |
|
814 |
$template->footer(); |
|
815 |
||
816 |
?> |