Changeset 2836 for trunk/admin/include/functions_upgrade.php

Timestamp:

Nov 6, 2008, 3:44:51 PM (15 years ago)

Author:

patdenice

Message:

• Webmaster or administrator can login to run upgrade.
• Inserting upgrade line in mysql.inc.php still work.
• Convert espagnol upgrade file to utf8.
• Minor changes in upgrade processus.
• Remove all comments in pclzip.lib.php.

File:

• trunk/admin/include/functions_upgrade.php (modified) (2 diffs)

trunk/admin/include/functions_upgrade.php

@@ -24 +24 @@
 function check_upgrade()
 {
-  // Is Piwigo already installed ?
-  if (!defined('PHPWG_IN_UPGRADE') or !PHPWG_IN_UPGRADE)
+  if (defined('PHPWG_IN_UPGRADE'))
   {
-    $message = 'Piwigo is not in upgrade mode. In include/mysql.inc.php,
-insert line
-<pre style="background-color:lightgray">
-define(\'PHPWG_IN_UPGRADE\', true);
-</pre>
-if you want to upgrade';
-    die($message);
+    return PHPWG_IN_UPGRADE;
   }
+  return false;
 }
 
@@ -138 +132 @@
 }
 
+// Check access rights
+function check_upgrade_access_rights($current_release, $username, $password)
+{
+  global $conf, $page;
+
+  if (version_compare($current_release, '1.5.0', '<'))
+  {
+    $query = '
+SELECT password, status
+FROM '.PREFIX_TABLE.'users
+WHERE username = "'.$username.'"
+;';
+  }
+  else
+  {
+    $query = '
+SELECT u.password, ui.status
+FROM '.$conf['users_table'].' AS u
+INNER JOIN '.PREFIX_TABLE.'user_infos AS ui
+ON u.id = ui.user_id
+WHERE '.$conf['user_fields']['username'].'="'.$username.'"
+;';
+  }
+  $row = mysql_fetch_assoc(mysql_query($query));
+
+  if (!isset($conf['pass_convert']))
+  {
+    $conf['pass_convert'] = create_function('$s', 'return md5($s);');
+  }
+
+  if ($row['password'] != $conf['pass_convert']($_POST['password']))
+  {
+    array_push($page['errors'], l10n('invalid_pwd'));
+  }
+  elseif ($row['status'] != 'admin' and $row['status'] != 'webmaster')
+  {
+    array_push($page['errors'], l10n('You do not have access rights to run upgrade'));
+  }
+  else
+  {
+    define('PHPWG_IN_UPGRADE', true);
+  }
+}
 ?>