author | Dan |
Thu, 27 Nov 2008 10:57:50 -0500 | |
changeset 313 | 6080514218ca |
parent 293 | fbe306070c40 |
child 318 | eec2dfd2f0a3 |
permissions | -rwxr-xr-x |
0 | 1 |
<?php |
2 |
||
3 |
/* |
|
4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
293
fbe306070c40
Fixed (again) the user -> user_id transition in enano_tags table
Dan
parents:
285
diff
changeset
|
5 |
* Version 1.0.5 (Ferrishyn) |
0 | 6 |
* upgrade.php - upgrade script |
7 |
* Copyright (C) 2006-2007 Dan Fuhry |
|
8 |
* |
|
9 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
10 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
11 |
* |
|
12 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
13 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
14 |
*/ |
|
15 |
||
232
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
16 |
define('IN_ENANO_INSTALL', 'true'); |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
17 |
define('IN_ENANO_UPGRADE', 'true'); |
0 | 18 |
|
19 |
if(!defined('scriptPath')) { |
|
20 |
$sp = dirname($_SERVER['REQUEST_URI']); |
|
21 |
if($sp == '/' || $sp == '\\') $sp = ''; |
|
22 |
define('scriptPath', $sp); |
|
23 |
} |
|
24 |
||
25 |
if(!defined('contentPath')) { |
|
26 |
$sp = dirname($_SERVER['REQUEST_URI']); |
|
27 |
if($sp == '/' || $sp == '\\') $sp = ''; |
|
28 |
define('contentPath', $sp); |
|
29 |
} |
|
30 |
||
232
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
31 |
global $this_page, $sideinfo; |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
32 |
|
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
33 |
function microtime_float() |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
34 |
{ |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
35 |
list($usec, $sec) = explode(" ", microtime()); |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
36 |
return ((float)$usec + (float)$sec); |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
37 |
} |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
38 |
|
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
39 |
global $_starttime; |
2b60c89dc27f
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan
parents:
218
diff
changeset
|
40 |
$_starttime = microtime_float(); |
0 | 41 |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
42 |
// Determine directory (special case for development servers) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
43 |
if ( strpos(__FILE__, '/repo/') && file_exists('.enanodev') ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
44 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
45 |
$filename = str_replace('/repo/', '/', __FILE__); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
46 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
47 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
48 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
49 |
$filename = __FILE__; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
50 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
51 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
52 |
define('ENANO_ROOT', dirname($filename)); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
53 |
|
0 | 54 |
require(ENANO_ROOT.'/includes/constants.php'); |
55 |
||
56 |
if(defined('ENANO_DEBUG')) |
|
57 |
{ |
|
58 |
require_once(ENANO_ROOT.'/includes/debugger/debugConsole.php'); |
|
59 |
} |
|
60 |
else |
|
61 |
{ |
|
62 |
function dc_here($m) { return false; } |
|
63 |
function dc_dump($a, $g) { return false; } |
|
64 |
function dc_watch($n) { return false; } |
|
65 |
function dc_start_timer($u) { return false; } |
|
66 |
function dc_stop_timer($m) { return false; } |
|
67 |
} |
|
68 |
||
69 |
// SCRIPT CONFIGURATION |
|
70 |
// Everything related to versions goes here! |
|
71 |
||
72 |
// Valid versions to upgrade from |
|
293
fbe306070c40
Fixed (again) the user -> user_id transition in enano_tags table
Dan
parents:
285
diff
changeset
|
73 |
$valid_versions = Array('1.0b1', '1.0b2', '1.0b3', '1.0b4', '1.0RC1', '1.0RC2', '1.0RC3', '1.0', '1.0.1', '1.0.1.1', '1.0.2b1', '1.0.2', '1.0.3', '1.0.4'); |
0 | 74 |
|
75 |
// Basically a list of dependencies, which should be resolved automatically |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
76 |
// If, for example, upgrading from 1.0b1 to 1.0RC1 requires one extra query that would not |
0 | 77 |
// normally be required (for whatever reason) then you would add a custom version number to the array under key '1.0b1'. |
78 |
$deps_list = Array( |
|
79 |
'1.0b1' => Array('1.0b2'), |
|
80 |
'1.0b2' => Array('1.0b3'), |
|
81 |
'1.0b3' => Array('1.0b4'), |
|
82 |
'1.0b4' => Array('1.0RC1'), |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
83 |
'1.0RC1' => Array('1.0RC2'), |
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents:
33
diff
changeset
|
84 |
'1.0RC2' => Array('1.0RC3'), |
129
0b5244001799
Rebranded as 1.0.1.1; fixed category page drawing bug; updated link to GPL in the about page to the GPLv2
Dan
parents:
113
diff
changeset
|
85 |
'1.0RC3' => Array('1.0'), |
142
ca9118d9c0f2
Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Dan
parents:
129
diff
changeset
|
86 |
'1.0' => Array('1.0.1'), |
148 | 87 |
'1.0.1' => Array('1.0.1.1'), |
285 | 88 |
'1.0.1.1' => Array('1.0.2b1'), |
89 |
'1.0.2b1' => Array('1.0.2'), |
|
293
fbe306070c40
Fixed (again) the user -> user_id transition in enano_tags table
Dan
parents:
285
diff
changeset
|
90 |
'1.0.2' => Array('1.0.3'), |
fbe306070c40
Fixed (again) the user -> user_id transition in enano_tags table
Dan
parents:
285
diff
changeset
|
91 |
'1.0.3' => Array('1.0.4') |
0 | 92 |
); |
293
fbe306070c40
Fixed (again) the user -> user_id transition in enano_tags table
Dan
parents:
285
diff
changeset
|
93 |
$this_version = '1.0.5'; |
0 | 94 |
$func_list = Array( |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
95 |
'1.0' => Array('u_1_0_1_update_del_votes'), |
31
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
96 |
'1.0b4' => Array('u_1_0_RC1_update_user_ids', 'u_1_0_RC1_add_admins_to_group', 'u_1_0_RC1_alter_files_table', 'u_1_0_RC1_destroy_session_cookie', 'u_1_0_RC1_set_contact_email', 'u_1_0_RC1_update_page_text'), // , |
16
64e0d3d4cf14
Emergency version change to 1.0rc3 to fix XSS vulnerabilities
Dan
parents:
0
diff
changeset
|
97 |
// '1.0RC2' => Array('u_1_0_populate_userpage_comments') |
233
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
98 |
'1.0RC3' => Array('u_1_0_RC3_make_users_extra'), |
240
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
99 |
'1.0.2b1' => Array('u_1_0_2_nuke_template_cache', 'u_1_0_2_rebuild_search_index') |
0 | 100 |
); |
101 |
||
102 |
if(!isset($_GET['mode'])) |
|
103 |
{ |
|
104 |
$_GET['mode'] = 'login'; |
|
105 |
} |
|
106 |
||
107 |
function err($t) |
|
108 |
{ |
|
109 |
global $template; |
|
110 |
echo $t; |
|
111 |
$template->footer(); |
|
112 |
exit; |
|
113 |
} |
|
114 |
||
115 |
require(ENANO_ROOT.'/includes/template.php'); |
|
116 |
||
117 |
// Initialize the session manager |
|
118 |
require(ENANO_ROOT.'/includes/functions.php'); |
|
119 |
require(ENANO_ROOT.'/includes/dbal.php'); |
|
120 |
require(ENANO_ROOT.'/includes/paths.php'); |
|
121 |
require(ENANO_ROOT.'/includes/sessions.php'); |
|
122 |
require(ENANO_ROOT.'/includes/plugins.php'); |
|
123 |
require(ENANO_ROOT.'/includes/rijndael.php'); |
|
124 |
require(ENANO_ROOT.'/includes/render.php'); |
|
248 | 125 |
require(ENANO_ROOT.'/includes/search.php'); |
0 | 126 |
$db = new mysql(); |
127 |
$db->connect(); |
|
128 |
||
129 |
$plugins = new pluginLoader(); |
|
130 |
||
131 |
if(!defined('ENANO_CONFIG_FETCHED')) |
|
132 |
{ |
|
133 |
// Select and fetch the site configuration |
|
134 |
$e = $db->sql_query('SELECT config_name, config_value FROM '.table_prefix.'config;'); |
|
135 |
if ( !$e ) |
|
136 |
{ |
|
137 |
$db->_die('Some critical configuration information could not be selected.'); |
|
138 |
} |
|
139 |
else |
|
140 |
{ |
|
141 |
define('ENANO_CONFIG_FETCHED', ''); // Used in die_semicritical to figure out whether to call getConfig() or not |
|
142 |
} |
|
143 |
||
144 |
$enano_config = Array(); |
|
145 |
while($r = $db->fetchrow()) |
|
146 |
{ |
|
147 |
$enano_config[$r['config_name']] = $r['config_value']; |
|
148 |
} |
|
149 |
$db->free_result(); |
|
150 |
} |
|
151 |
||
152 |
$v = enano_version(); |
|
153 |
if(in_array($v, Array(false, '', '1.0b3', '1.0b4'))) |
|
154 |
{ |
|
155 |
$ul_admin = 2; |
|
156 |
$ul_mod = 1; |
|
157 |
$ul_member = 0; |
|
158 |
$ul_guest = -1; |
|
159 |
} |
|
160 |
else |
|
161 |
{ |
|
162 |
$ul_admin = USER_LEVEL_ADMIN; |
|
163 |
$ul_mod = USER_LEVEL_MOD; |
|
164 |
$ul_member = USER_LEVEL_MEMBER; |
|
165 |
$ul_guest = USER_LEVEL_GUEST; |
|
166 |
} |
|
167 |
||
168 |
$_GET['title'] = 'unset'; |
|
169 |
||
170 |
$session = new sessionManager(); |
|
171 |
$paths = new pathManager(); |
|
172 |
$session->start(); |
|
173 |
||
174 |
$template = new template_nodb(); |
|
175 |
$template->load_theme('oxygen', 'bleu', false); |
|
176 |
||
177 |
$modestrings = Array( |
|
178 |
'login' => 'Administrative login', |
|
179 |
'welcome' => 'Welcome', |
|
180 |
'setversion' => 'Select Enano version', |
|
181 |
'confirm' => 'Confirm upgrade', |
|
182 |
'upgrade' => 'Database installation', |
|
183 |
'finish' => 'Upgrade complete' |
|
184 |
); |
|
185 |
||
186 |
$sideinfo = ''; |
|
187 |
$vars = $template->extract_vars('elements.tpl'); |
|
188 |
$p = $template->makeParserText($vars['sidebar_button']); |
|
189 |
foreach ( $modestrings as $id => $str ) |
|
190 |
{ |
|
191 |
if ( $_GET['mode'] == $id ) |
|
192 |
{ |
|
193 |
$flags = 'style="font-weight: bold; text-decoration: underline;"'; |
|
194 |
$this_page = $str; |
|
195 |
} |
|
196 |
else |
|
197 |
{ |
|
198 |
$flags = ''; |
|
199 |
} |
|
200 |
$p->assign_vars(Array( |
|
201 |
'HREF' => '#', |
|
202 |
'FLAGS' => $flags . ' onclick="return false;"', |
|
203 |
'TEXT' => $str |
|
204 |
)); |
|
205 |
$sideinfo .= $p->run(); |
|
206 |
} |
|
207 |
||
208 |
$template->init_vars(); |
|
209 |
||
210 |
function upg_assign_vars($schema) |
|
211 |
{ |
|
212 |
$schema = str_replace('{{SITE_NAME}}', mysql_real_escape_string(getConfig('site_name')), $schema); |
|
213 |
$schema = str_replace('{{SITE_DESC}}', mysql_real_escape_string(getConfig('site_desc')), $schema); |
|
214 |
$schema = str_replace('{{COPYRIGHT}}', mysql_real_escape_string(getConfig('copyright_notice')), $schema); |
|
215 |
$schema = str_replace('{{TABLE_PREFIX}}', table_prefix, $schema); |
|
216 |
if(getConfig('wiki_mode')=='1') $schema = str_replace('{{WIKI_MODE}}', '1', $schema); |
|
217 |
else $schema = str_replace('{{WIKI_MODE}}', '0', $schema); |
|
218 |
return $schema; |
|
219 |
} |
|
220 |
||
221 |
/* Version-specific functions */ |
|
222 |
||
223 |
function u_1_0_RC1_update_user_ids() |
|
224 |
{ |
|
225 |
global $db; |
|
226 |
// First, make sure this hasn't already been done |
|
227 |
$q = $db->sql_query('SELECT username FROM '.table_prefix.'users WHERE user_id=1;'); |
|
228 |
if ( !$q ) |
|
229 |
$db->_die(); |
|
230 |
$row = $db->fetchrow(); |
|
231 |
if ( $row['username'] == 'Anonymous' ) |
|
232 |
return true; |
|
233 |
// Find the first unused user ID |
|
234 |
$used = Array(); |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
235 |
$q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users;'); |
0 | 236 |
if ( !$q ) |
237 |
$db->_die(); |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
238 |
$notfirst = false; |
0 | 239 |
while ( $row = $db->fetchrow() ) |
240 |
{ |
|
241 |
$i = intval($row['user_id']); |
|
242 |
$used[$i] = true; |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
243 |
if ( !isset($used[$i - 1]) && $notfirst ) |
0 | 244 |
{ |
245 |
$id = $i - 1; |
|
246 |
break; |
|
247 |
} |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
248 |
$notfirst = true; |
0 | 249 |
} |
250 |
if ( !isset($id) ) |
|
251 |
$id = $i + 1; |
|
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
252 |
if ( $id == 0 ) |
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
253 |
$id = 2; |
0 | 254 |
$db->free_result(); |
255 |
||
256 |
$q = $db->sql_query('UPDATE '.table_prefix.'users SET user_id=' . $id . ' WHERE user_id=1;'); |
|
257 |
if(!$q) |
|
258 |
$db->_die(); |
|
259 |
$q = $db->sql_query('UPDATE '.table_prefix.'users SET user_id=1 WHERE user_id=-1 AND username=\'Anonymous\';'); |
|
260 |
if(!$q) |
|
261 |
$db->_die(); |
|
262 |
||
263 |
} |
|
264 |
||
265 |
function u_1_0_RC1_add_admins_to_group() |
|
266 |
{ |
|
267 |
global $db; |
|
268 |
$q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE user_level=' . USER_LEVEL_ADMIN . ';'); |
|
269 |
if ( !$q ) |
|
270 |
$db->_die(); |
|
271 |
$base = 'INSERT INTO '.table_prefix.'group_members(group_id,user_id) VALUES'; |
|
272 |
$blocks = Array(); |
|
273 |
while ( $row = $db->fetchrow($q) ) |
|
274 |
{ |
|
275 |
$blocks[] = '(2,' . $row['user_id'] . ')'; |
|
276 |
} |
|
277 |
$blocks = implode(',', $blocks); |
|
278 |
$sql = $base . $blocks . ';'; |
|
279 |
if(!$db->sql_query($sql)) |
|
280 |
$db->_die(); |
|
281 |
} |
|
282 |
||
283 |
function u_1_0_RC1_alter_files_table() |
|
284 |
{ |
|
285 |
global $db; |
|
286 |
if(!is_dir(ENANO_ROOT.'/files')) |
|
287 |
@mkdir(ENANO_ROOT . '/files'); |
|
288 |
if(!is_dir(ENANO_ROOT.'/files')) |
|
289 |
die('ERROR: Couldn\'t create files directory'); |
|
290 |
$q = $db->sql_unbuffered_query('SELECT * FROM '.table_prefix.'files;', $db->_conn); |
|
291 |
if(!$q) $db->_die(); |
|
292 |
while ( $row = $db->fetchrow() ) |
|
293 |
{ |
|
294 |
$file_data = base64_decode($row['data']); |
|
295 |
$path = ENANO_ROOT . '/files/' . md5( $row['filename'] . '_' . $file_data ) . '_' . $row['time_id'] . $row['file_extension']; |
|
296 |
@unlink($path); |
|
297 |
$handle = @fopen($path, 'w'); |
|
298 |
if(!$handle) |
|
299 |
die('fopen failed'); |
|
300 |
fwrite($handle, $file_data); |
|
301 |
fclose($handle); |
|
302 |
||
303 |
} |
|
304 |
||
305 |
$q = $db->sql_query('ALTER TABLE '.table_prefix.'files DROP PRIMARY KEY, ADD COLUMN file_id int(12) NOT NULL auto_increment FIRST, ADD PRIMARY KEY (file_id), ADD COLUMN file_key varchar(32) NOT NULL;'); |
|
306 |
if(!$q) $db->_die(); |
|
307 |
||
308 |
$list = Array(); |
|
309 |
$q = $db->sql_unbuffered_query('SELECT * FROM '.table_prefix.'files;', $db->_conn); |
|
310 |
if(!$q) $db->_die(); |
|
311 |
while ( $row = $db->fetchrow($q) ) |
|
312 |
{ |
|
313 |
$file_data = base64_decode($row['data']); |
|
314 |
$key = md5( $row['filename'] . '_' . $file_data ); |
|
315 |
$list[] = 'UPDATE '.table_prefix.'files SET file_key=\'' . $key . '\' WHERE file_id=' . $row['file_id'] . ';'; |
|
316 |
} |
|
317 |
||
318 |
foreach ( $list as $sql ) |
|
319 |
{ |
|
320 |
if(!$db->sql_query($sql)) $db->_die(); |
|
321 |
} |
|
322 |
||
323 |
if(!$db->sql_query('ALTER TABLE '.table_prefix.'files DROP data')) $db->_die(); |
|
324 |
||
325 |
} |
|
326 |
||
327 |
function u_1_0_RC1_destroy_session_cookie() |
|
328 |
{ |
|
329 |
unset($_COOKIE['sid']); |
|
330 |
setcookie('sid', '', time()-3600*24, scriptPath); |
|
331 |
setcookie('sid', '', time()-3600*24, scriptPath.'/'); |
|
332 |
} |
|
333 |
||
334 |
function u_1_0_RC1_set_contact_email() |
|
335 |
{ |
|
336 |
global $db; |
|
337 |
$q = $db->sql_query('SELECT email FROM '.table_prefix.'users WHERE user_level='.USER_LEVEL_ADMIN.' ORDER BY user_level ASC LIMIT 1;'); |
|
338 |
if(!$q) |
|
339 |
$db->_die(); |
|
340 |
$row = $db->fetchrow(); |
|
341 |
setConfig('contact_email', $row['email']); |
|
342 |
} |
|
343 |
||
344 |
function u_1_0_RC1_update_page_text() |
|
345 |
{ |
|
346 |
global $db; |
|
347 |
$q = $db->sql_unbuffered_query('SELECT page_id,namespace,page_text,char_tag FROM '.table_prefix.'page_text'); |
|
348 |
if (!$q) |
|
349 |
$db->_die(); |
|
350 |
||
351 |
$qs = array(); |
|
352 |
||
353 |
while ( $row = $db->fetchrow($q) ) |
|
354 |
{ |
|
355 |
$row['page_text'] = str_replace(Array( |
|
356 |
"{QUOT:{$row['char_tag']}}", |
|
357 |
"{APOS:{$row['char_tag']}}", |
|
358 |
"{SLASH:{$row['char_tag']}}" |
|
359 |
), Array( |
|
360 |
'"', "'", '\\' |
|
361 |
), $row['page_text']); |
|
362 |
$qs[] = 'UPDATE '.table_prefix.'page_text SET page_text=\'' . mysql_real_escape_string($row['page_text']) . '\' |
|
363 |
WHERE page_id=\'' . mysql_real_escape_string($row['page_id']) . '\' AND |
|
364 |
namespace=\'' . mysql_real_escape_string($row['namespace']) . '\';'; |
|
365 |
} |
|
366 |
||
367 |
foreach($qs as $query) |
|
368 |
{ |
|
369 |
if(!$db->sql_query($query)) |
|
370 |
$db->_die(); |
|
371 |
} |
|
372 |
} |
|
373 |
||
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
374 |
function u_1_0_1_update_del_votes() |
0 | 375 |
{ |
376 |
global $db; |
|
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
377 |
$q = $db->sql_query('SELECT urlname, namespace, delvote_ips FROM '.table_prefix.'pages;'); |
0 | 378 |
if ( !$q ) |
379 |
$db->_die(); |
|
380 |
||
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
381 |
while ( $row = $db->fetchrow($q) ) |
0 | 382 |
{ |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
383 |
$ips = strval($row['delvote_ips']); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
384 |
if ( is_array( @unserialize($ips) ) ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
385 |
continue; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
386 |
$ips = explode('|', $ips); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
387 |
$new = array( |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
388 |
'ip' => array(), |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
389 |
'u' => array() |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
390 |
); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
391 |
$i = 0; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
392 |
$prev = ''; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
393 |
$prev_is_ip = false; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
394 |
foreach ( $ips as $ip ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
395 |
{ |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
396 |
$i++; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
397 |
$current_is_ip = is_valid_ip($ip); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
398 |
if ( $current_is_ip && $prev_is_ip ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
399 |
{ |
113
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
400 |
$i++; |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
401 |
$new['u'][] = $prev; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
402 |
} |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
403 |
if ( $current_is_ip ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
404 |
{ |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
405 |
$new['ip'][] = $ip; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
406 |
} |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
407 |
else |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
408 |
{ |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
409 |
$new['u'][] = $ip; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
410 |
} |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
411 |
$prev = $ip; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
412 |
$prev_is_ip = $current_is_ip; |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
413 |
} |
113
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
414 |
if ( $i % 2 == 1 && $prev_is_ip ) |
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
415 |
{ |
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
416 |
$new['u'][] = $ip; |
6f357b951f7a
Oops - fixed small glitch in delvote_ips converter code
Dan
parents:
112
diff
changeset
|
417 |
} |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
418 |
$new = serialize($new); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
419 |
$e = $db->sql_query('UPDATE '.table_prefix.'pages SET delvote_ips=\'' . $db->escape($new) . '\' WHERE urlname=\'' . $db->escape($row['urlname']) . '\' AND namespace=\'' . $db->escape($row['namespace']) . '\';'); |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
420 |
if ( !$e ) |
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
421 |
$db->_die(); |
0 | 422 |
} |
112
008b1c42be72
Rewrote all code related to delvote_ips column to use serialize()
Dan
parents:
110
diff
changeset
|
423 |
$db->free_result($q); |
0 | 424 |
} |
425 |
||
31
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
426 |
function u_1_0_RC3_make_users_extra() |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
427 |
{ |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
428 |
global $db; |
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
429 |
$q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE user_id > 0;'); |
31
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
430 |
if ( !$q ) |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
431 |
$db->_die(); |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
432 |
|
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
433 |
$ids = array(); |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
434 |
while ( $row = $db->fetchrow() ) |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
435 |
{ |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
436 |
$ids[] = intval($row['user_id']); |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
437 |
} |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
438 |
|
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
439 |
$ids = '(' . implode('),(', $ids) . ')'; |
95
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
440 |
if ( $ids == '' ) |
1dac77b46f07
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
dan
parents:
91
diff
changeset
|
441 |
return false; |
31
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
442 |
$sql = "INSERT INTO " . table_prefix . "users_extra(user_id) VALUES$ids;"; |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
443 |
|
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
444 |
if ( !$db->sql_query($sql) ) |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
445 |
$db->_die(); |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
446 |
} |
dc8741857bde
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents:
21
diff
changeset
|
447 |
|
233
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
448 |
function u_1_0_2_nuke_template_cache() |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
449 |
{ |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
450 |
$dir = @opendir(ENANO_ROOT . '/cache'); |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
451 |
if ( !$dir ) |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
452 |
{ |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
453 |
return false; |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
454 |
} |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
455 |
while ( ($fname = @readdir($dir)) ) |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
456 |
{ |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
457 |
if ( preg_match('/\.tpl\.php$/', $fname) ) |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
458 |
{ |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
459 |
unlink( ENANO_ROOT . '/cache/' . $fname ); |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
460 |
} |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
461 |
} |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
462 |
} |
1201c9412cb6
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan
parents:
232
diff
changeset
|
463 |
|
240
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
464 |
function u_1_0_2_rebuild_search_index() |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
465 |
{ |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
466 |
global $paths; |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
467 |
@set_time_limit(0); |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
468 |
$paths->rebuild_search_index(); |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
469 |
} |
ee1fc84f12a8
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan
parents:
233
diff
changeset
|
470 |
|
0 | 471 |
switch($_GET['mode']) |
472 |
{ |
|
473 |
case "login": |
|
110 | 474 |
if ( $session->user_logged_in && $session->user_level < $ul_admin ) |
475 |
{ |
|
476 |
$template->header(); |
|
477 |
echo '<p>Your user account does not have permission to perform an upgrade of Enano. Return to the <a href="index.php">index page</a>.</p>'; |
|
478 |
$template->footer(); |
|
479 |
exit; |
|
480 |
} |
|
0 | 481 |
if($session->user_logged_in && $session->user_level >= $ul_admin) |
482 |
{ |
|
483 |
if(isset($_POST['login'])) |
|
484 |
{ |
|
485 |
$session->login_without_crypto($_POST['username'], $_POST['password'], false, $ul_admin); |
|
486 |
if($session->sid_super) |
|
487 |
{ |
|
488 |
header('Location: upgrade.php?mode=welcome&auth='.$session->sid_super); |
|
489 |
exit; |
|
490 |
} |
|
491 |
} |
|
492 |
$template->header(); |
|
493 |
?> |
|
494 |
<form action="upgrade.php?mode=login" method="post"> |
|
495 |
<table border="0" style="margin-left: auto; margin-right: auto; margin-top: 5px;" cellspacing="1" cellpadding="4"> |
|
496 |
<tr> |
|
497 |
<th colspan="2">You must re-authenticate to perform this upgrade.</th> |
|
498 |
</tr> |
|
499 |
<?php |
|
500 |
if(isset($_POST['login'])) |
|
501 |
{ |
|
502 |
echo '<tr><td colspan="2"><p style="color: red;">Login failed. Bad password?</p></td></tr>'; |
|
503 |
} |
|
504 |
?> |
|
505 |
<tr> |
|
506 |
<td>Username:</td><td><input type="text" name="username" size="30" /></td> |
|
507 |
</tr> |
|
508 |
<tr> |
|
509 |
<td>Password:</td><td><input type="password" name="password" size="30" /></td> |
|
510 |
</tr> |
|
511 |
<tr> |
|
512 |
<td colspan="2" style="text-align: center;"><input type="submit" name="login" value="Log in" /> |
|
513 |
</tr> |
|
514 |
</table> |
|
515 |
</form> |
|
516 |
<?php |
|
517 |
} |
|
518 |
else |
|
519 |
{ |
|
520 |
if(isset($_POST['login'])) |
|
521 |
{ |
|
522 |
$result = $session->login_without_crypto($_POST['username'], $_POST['password'], false, $ul_member); |
|
523 |
if($result == 'success') |
|
524 |
{ |
|
525 |
header('Location: upgrade.php'); |
|
526 |
exit; |
|
527 |
} |
|
528 |
} |
|
529 |
$template->header(); |
|
530 |
?> |
|
531 |
<form action="upgrade.php?mode=login" method="post"> |
|
532 |
<table border="0" style="margin-left: auto; margin-right: auto; margin-top: 5px;" cellspacing="1" cellpadding="4"> |
|
533 |
<tr> |
|
534 |
<th colspan="2">Please log in to continue with this upgrade.</th> |
|
535 |
</tr> |
|
536 |
<?php |
|
537 |
if(isset($_POST['login'])) |
|
538 |
{ |
|
539 |
echo '<tr><td colspan="2"><p style="color: red;">Login failed. Bad password?</p></td></tr>'; |
|
540 |
} |
|
541 |
?> |
|
542 |
<tr> |
|
543 |
<td>Username:</td><td><input type="text" name="username" size="30" /></td> |
|
544 |
</tr> |
|
545 |
<tr> |
|
546 |
<td>Password:</td><td><input type="password" name="password" size="30" /></td> |
|
547 |
</tr> |
|
548 |
<tr> |
|
549 |
<td colspan="2" style="text-align: center;"><input type="submit" name="login" value="Log in" /> |
|
550 |
</tr> |
|
551 |
</table> |
|
552 |
</form> |
|
553 |
<?php |
|
554 |
} |
|
555 |
break; |
|
556 |
case "welcome": |
|
557 |
if(!$session->sid_super) { $template->header(); echo '<p>No admin session found! Please <a href="upgrade.php">restart the upgrade</a>.</p>'; $template->footer(); exit; } |
|
558 |
||
559 |
// Just show a simple welcome page to display version information |
|
560 |
$template->header(); |
|
561 |
require('config.php'); |
|
562 |
||
563 |
?> |
|
564 |
||
565 |
<div style="text-align: center; margin-top: 10px;"> |
|
566 |
<img alt="[ Enano CMS Project logo ]" src="images/enano-artwork/installer-greeting-blue.png" style="display: block; margin: 0 auto; padding-left: 134px;" /> |
|
567 |
<h2>Welcome to the Enano upgrade wizard</h2> |
|
568 |
<?php |
|
569 |
if ( file_exists('./_nightly.php') ) |
|
570 |
{ |
|
571 |
echo '<div class="warning-box" style="text-align: left; margin: 10px auto; display: table; width: 60%;"><b>You are about to upgrade to a NIGHTLY BUILD of Enano.</b><br />Nightly builds CANNOT be re-upgraded to the final release. They may also contain serious flaws, security problems, or extraneous debugging information. Continuing this process on a production site is NOT recommended.</div>'; |
|
572 |
} |
|
573 |
?> |
|
574 |
</div> |
|
575 |
<div style="display: table; margin: 0 auto;"> |
|
576 |
<p>You are about to upgrade Enano to version <b><?php echo $this_version; ?></b>. Before you continue, please ensure that:</p> |
|
577 |
<ul> |
|
578 |
<li>You have completely backed up your database (<b><?php echo "$dbhost:$dbname"; ?></b>)</li> |
|
579 |
<li>You have backed up the entire Enano directory (<b><?php echo ENANO_ROOT; ?></b>)</li> |
|
580 |
<li>You have reviewed the release notes for this version, and you<br />are comfortable with any known bugs or issues</li> |
|
91 | 581 |
<li>If you've configured Enano to work using a MySQL user with restricted<br />privileges, you need to enable ALTER, CREATE TABLE, and CREATE INDEX privileges<br />for this upgrade to work.</li> |
0 | 582 |
</ul> |
583 |
</div> |
|
584 |
<div style="text-align: center; margin-top: 10px;"> |
|
585 |
<form action="upgrade.php?mode=setversion&auth=<?php echo $session->sid_super; ?>" method="post"> |
|
586 |
<input type="submit" value="Continue with upgrade" /> |
|
587 |
</form> |
|
588 |
</div> |
|
589 |
||
590 |
<?php |
|
591 |
||
592 |
break; |
|
593 |
case "setversion": |
|
594 |
if(!$session->sid_super) { $template->header(); echo '<p>No admin session found! Please <a href="upgrade.php">restart the upgrade</a>.</p>'; $template->footer(); exit; } |
|
595 |
$v = ( function_exists('enano_version') ) ? enano_version() : ''; |
|
596 |
if(!in_array($v, $valid_versions) && $v != '') |
|
597 |
{ |
|
598 |
$template->header(); |
|
599 |
?> |
|
600 |
<p>Your version of Enano (<?php echo $v; ?>) can't be upgraded to this version (<?php echo $this_version; ?>).</p> |
|
601 |
<?php |
|
602 |
break; |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
603 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
604 |
else if($v == '') |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
605 |
{ |
0 | 606 |
// OK, we don't know which version he's running. So we'll cheat ;-) |
607 |
$template->header(); |
|
608 |
echo "<form action='upgrade.php?mode=confirm&auth={$session->sid_super}' method='post'>"; |
|
609 |
?> |
|
610 |
<p>Sorry, we couldn't detect which version of Enano you're running on your server. Please select which version of Enano you have below, and make absolutely sure that you're correct.</p> |
|
611 |
<p><select name="version"><?php |
|
612 |
foreach($valid_versions as $c) |
|
613 |
{ |
|
614 |
echo "<option value='{$c}'>{$c}</option>"; |
|
615 |
} |
|
616 |
?></select></p> |
|
617 |
<p> |
|
618 |
<input type="submit" value="Continue" /> |
|
619 |
</p> |
|
620 |
<?php |
|
621 |
echo `</form>`; |
|
622 |
break; |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
623 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
624 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
625 |
{ |
0 | 626 |
header('Location: upgrade.php?mode=confirm&auth='.$session->sid_super); |
627 |
} |
|
628 |
break; |
|
629 |
case "confirm": |
|
630 |
$enano_version = ( isset($_POST['version']) ) ? $_POST['version'] : enano_version(); |
|
631 |
||
632 |
$template->header(); |
|
633 |
if(!$session->sid_super) { echo '<p>No admin session found! Please <a href="upgrade.php">restart the upgrade</a>.</p>'; $template->footer(); exit; } |
|
634 |
?> |
|
635 |
<form action="upgrade.php?mode=upgrade&auth=<?php echo $session->sid_super; ?>" method="post"> |
|
636 |
<table border="0" style="margin-left: auto; margin-right: auto; margin-top: 5px;" cellspacing="1" cellpadding="4"> |
|
637 |
<tr> |
|
638 |
<td colspan="2"><p><b>Are you sure you want to perform this upgrade?</b></p><p>You can still cancel the upgrade process now. If<br />the upgrade fails, you will need to roll back<br />any actions made using manual SQL queries.</p><p><b>Please clear your browser cache or<br />shift-reload after the upgrade.</b><br />If you fail to do so, some page elements may<br />be broken.</td> |
|
639 |
</tr> |
|
640 |
<tr> |
|
641 |
<td colspan="2" style="text-align: center;"> |
|
642 |
<input type="hidden" name="enano_version" value="<?php echo $enano_version; ?>" /> |
|
643 |
<input type="submit" name="doit" value="Upgrade Enano!" /> |
|
644 |
</td> |
|
645 |
</tr> |
|
646 |
</table> |
|
647 |
</form> |
|
648 |
<?php |
|
649 |
break; |
|
650 |
case "upgrade": |
|
651 |
$template->header(); |
|
652 |
if(!$session->sid_super) { echo '<p>No admin session found! Please <a href="upgrade.php">restart the upgrade</a>.</p>'; $template->footer(); exit; } |
|
653 |
if(!isset($_POST['enano_version'])) { echo '<p>Can\'t find the version information on the POST query, are you trying to do this upgrade directly? Please <a href="upgrade.php">restart the upgrade</a>.</p>'; break; } |
|
654 |
$enano_version = $_POST['enano_version']; |
|
655 |
echo '<p>Preparing for schema execution...'; |
|
656 |
// Build an array of queries |
|
657 |
$schema = file_get_contents('upgrade.sql'); |
|
658 |
||
659 |
// Strip out and process version blocks |
|
148 | 660 |
preg_match_all('#---BEGIN ([0-9A-z\.\-]*?)---'."\n".'((.*?)'."\n)?".'---END \\1---#is', $schema, $matches); |
0 | 661 |
|
662 |
$from_list =& $matches[1]; |
|
148 | 663 |
$query_list =& $matches[3]; |
0 | 664 |
|
665 |
foreach($matches[0] as $m) |
|
666 |
{ |
|
667 |
$schema = str_replace($m, '', $schema); |
|
668 |
} |
|
669 |
$schema = explode("\n", $schema); |
|
670 |
foreach($schema as $k => $q) |
|
671 |
{ |
|
672 |
if(substr($q, 0, 2) == '--' || $q == '') |
|
673 |
{ |
|
674 |
unset($schema[$k]); |
|
675 |
//die('<pre>'.htmlspecialchars(print_r($schema, true)).'</pre>'); |
|
676 |
} |
|
677 |
else |
|
678 |
{ |
|
679 |
$schema[$k] = upg_assign_vars($schema[$k]); |
|
680 |
} |
|
681 |
} |
|
682 |
||
683 |
foreach($query_list as $k => $q) |
|
684 |
{ |
|
685 |
$query_list[$k] = explode("\n", $query_list[$k]); |
|
686 |
foreach($query_list[$k] as $i => $s) |
|
687 |
{ |
|
688 |
$tq =& $query_list[$k][$i]; |
|
689 |
if(substr($s, 0, 2) == '--' || $s == '') |
|
690 |
{ |
|
691 |
unset($query_list[$k][$i]); |
|
692 |
//die('<pre>'.htmlspecialchars(print_r($schema, true)).'</pre>'); |
|
693 |
} |
|
694 |
else |
|
695 |
{ |
|
696 |
$query_list[$k][$i] = upg_assign_vars($query_list[$k][$i]); |
|
697 |
} |
|
698 |
} |
|
699 |
$query_list[$k] = array_values($query_list[$k]); |
|
700 |
} |
|
701 |
||
702 |
$assoc_list = Array(); |
|
703 |
||
704 |
foreach($from_list as $i => $v) |
|
705 |
{ |
|
706 |
$assoc_list[$v] = $query_list[$i]; |
|
707 |
} |
|
708 |
||
709 |
$schema = array_values($schema); |
|
710 |
||
711 |
$deps_resolved = false; |
|
712 |
$installing_versions = Array($enano_version); |
|
713 |
||
714 |
while(true) |
|
715 |
{ |
|
716 |
$v = array_keys($deps_list); |
|
717 |
foreach($v as $i => $ver) |
|
718 |
{ |
|
719 |
if(in_array($ver, $installing_versions)) |
|
720 |
{ |
|
721 |
// $ver is on the list of versions to be installed. Add its dependencies to the list of versions to install. |
|
722 |
foreach($deps_list[$ver] as $dep) |
|
723 |
{ |
|
724 |
if(!in_array($dep, $installing_versions)) |
|
725 |
{ |
|
726 |
$installing_versions[] = $dep; |
|
727 |
} |
|
728 |
} |
|
729 |
} |
|
730 |
if($i == count($deps_list) - 1) |
|
731 |
{ |
|
732 |
break 2; |
|
733 |
} |
|
734 |
} |
|
735 |
} |
|
736 |
||
737 |
foreach($installing_versions as $this_ver) |
|
738 |
{ |
|
739 |
$schema = array_merge($schema, $assoc_list[$this_ver]); |
|
740 |
} |
|
741 |
||
742 |
// Time for some proper SQL syntax! |
|
743 |
// Also check queries for so-called injection attempts to make |
|
744 |
// sure that it doesn't fail during the upgrade process and |
|
745 |
// leave the user with a half-upgraded database |
|
746 |
foreach($schema as $s => $q) |
|
747 |
{ |
|
748 |
if(substr($q, strlen($q)-1, 1) != ';') |
|
749 |
{ |
|
750 |
$schema[$s] .= ';'; |
|
751 |
} |
|
752 |
if ( !$db->check_query($schema[$s]) ) |
|
753 |
{ |
|
754 |
// Uh-oh, the check failed, bail out |
|
755 |
// The DBAL runs sanity checks on all queries for safety, |
|
756 |
// so if the check fails in mid-upgrade we are in deep |
|
757 |
// dodo doo-doo. |
|
758 |
echo 'Query failed sanity check, this should never happen and is a bug.</p><p>Query was:</p><pre>'.$schema[$s].'</pre>'; |
|
759 |
break 2; |
|
760 |
} |
|
761 |
} |
|
762 |
||
763 |
$schema = array_values($schema); |
|
764 |
||
765 |
// Used extensively for debugging |
|
766 |
// echo '<pre>'.htmlspecialchars(print_r($schema, true)).'</pre>'; |
|
767 |
// break; |
|
768 |
||
769 |
echo 'done!<br />Executing upgrade schema...'; |
|
770 |
||
771 |
// OK, do the loop, baby!!! |
|
772 |
foreach($schema as $q) |
|
773 |
{ |
|
218
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
774 |
if ( substr($q, 0, 1) == '@' ) |
0 | 775 |
{ |
218
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
776 |
// if the first character is @, don't fail on error |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
777 |
$db->sql_query(substr($q, 1)); |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
778 |
} |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
779 |
else |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
780 |
{ |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
781 |
if ( !$db->sql_query($q) ) |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
782 |
{ |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
783 |
echo $db->get_error(); |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
784 |
break 2; |
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
parents:
184
diff
changeset
|
785 |
} |
0 | 786 |
} |
787 |
} |
|
788 |
||
789 |
// Call any custom functions |
|
790 |
foreach ( $installing_versions as $ver ) |
|
791 |
{ |
|
792 |
if ( isset($func_list[$ver]) ) |
|
793 |
{ |
|
794 |
foreach($func_list[$ver] as $function) |
|
795 |
{ |
|
796 |
@call_user_func($function); |
|
797 |
} |
|
798 |
} |
|
799 |
} |
|
800 |
||
74
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
parents:
73
diff
changeset
|
801 |
// Log the upgrade |
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
parents:
73
diff
changeset
|
802 |
$q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,page_text,edit_summary) VALUES(\'security\', \'upgrade_enano\', ' . time() . ', \'' . date('d M Y h:i a') . '\', \'' . mysql_real_escape_string($session->username) . '\', \'' . mysql_real_escape_string($this_version) . '\', \'' . mysql_real_escape_string($_SERVER['REMOTE_ADDR']) . '\');'); |
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
parents:
73
diff
changeset
|
803 |
|
0 | 804 |
echo 'done!</p>'; |
805 |
echo '<p>You will be redirected shortly. If you aren\'t redirected, <a href="index.php">click here</a>.</p> |
|
806 |
<script type="text/javascript">setTimeout("window.location=\'index.php\'", 2000)</script>'; |
|
807 |
break; |
|
808 |
} |
|
809 |
$template->footer(); |
|
810 |
||
811 |
?> |