source: branches/2.0/admin/include/functions_upgrade.php @ 2901

Last change on this file since 2901 was 2901, checked in by patdenice, 16 years ago

merge -c2900 from trunk to branch 2.0.

  • Bug fixed: username or password with accented character are now accepted for upgrade.
  • Simplify query in pwg_session_write function.
  • Retrieve data with cURL method in fetchRemote function now work with forwarded URL.
  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 6.0 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24function check_upgrade()
25{
26  if (defined('PHPWG_IN_UPGRADE'))
27  {
28    return PHPWG_IN_UPGRADE;
29  }
30  return false;
31}
32
33// concerning upgrade, we use the default tables
34function prepare_conf_upgrade()
35{
36  global $prefixeTable;
37
38  // $conf is not used for users tables
39  // define cannot be re-defined
40  define('CATEGORIES_TABLE', $prefixeTable.'categories');
41  define('COMMENTS_TABLE', $prefixeTable.'comments');
42  define('CONFIG_TABLE', $prefixeTable.'config');
43  define('FAVORITES_TABLE', $prefixeTable.'favorites');
44  define('GROUP_ACCESS_TABLE', $prefixeTable.'group_access');
45  define('GROUPS_TABLE', $prefixeTable.'groups');
46  define('HISTORY_TABLE', $prefixeTable.'history');
47  define('HISTORY_SUMMARY_TABLE', $prefixeTable.'history_summary');
48  define('IMAGE_CATEGORY_TABLE', $prefixeTable.'image_category');
49  define('IMAGES_TABLE', $prefixeTable.'images');
50  define('SESSIONS_TABLE', $prefixeTable.'sessions');
51  define('SITES_TABLE', $prefixeTable.'sites');
52  define('USER_ACCESS_TABLE', $prefixeTable.'user_access');
53  define('USER_GROUP_TABLE', $prefixeTable.'user_group');
54  define('USERS_TABLE', $prefixeTable.'users');
55  define('USER_INFOS_TABLE', $prefixeTable.'user_infos');
56  define('USER_FEED_TABLE', $prefixeTable.'user_feed');
57  define('WAITING_TABLE', $prefixeTable.'waiting');
58  define('RATE_TABLE', $prefixeTable.'rate');
59  define('USER_CACHE_TABLE', $prefixeTable.'user_cache');
60  define('USER_CACHE_CATEGORIES_TABLE', $prefixeTable.'user_cache_categories');
61  define('CADDIE_TABLE', $prefixeTable.'caddie');
62  define('UPGRADE_TABLE', $prefixeTable.'upgrade');
63  define('SEARCH_TABLE', $prefixeTable.'search');
64  define('USER_MAIL_NOTIFICATION_TABLE', $prefixeTable.'user_mail_notification');
65  define('TAGS_TABLE', $prefixeTable.'tags');
66  define('IMAGE_TAG_TABLE', $prefixeTable.'image_tag');
67  define('PLUGINS_TABLE', $prefixeTable.'plugins');
68  define('OLD_PERMALINKS_TABLE', $prefixeTable.'old_permalinks');
69}
70
71// Create empty local files to avoid log errors
72function create_empty_local_files()
73{
74   $files =
75      array (
76         PHPWG_ROOT_PATH . 'template-common/local-layout.css',
77         PHPWG_ROOT_PATH . 'template/yoga/local-layout.css'
78         );
79
80   foreach ($files as $path)
81   {
82      if (!file_exists ($path))
83      {
84         $file = @fopen($path, "w");
85         @fwrite($file , '/* You can modify this file */');
86         @fclose($file);
87      }
88   }
89}
90
91// Deactivate all non-standard plugins
92function deactivate_non_standard_plugins()
93{
94  global $page;
95
96  $standard_plugins = array(
97    'add_index',
98    'admin_advices',
99    'admin_multi_view',
100    'c13y_upgrade',
101    'event_tracer',
102    'language_switch',
103    'LocalFilesEditor'
104    );
105
106  $query = '
107SELECT id
108FROM '.PREFIX_TABLE.'plugins
109WHERE state = "active"
110AND id NOT IN ("' . implode('","', $standard_plugins) . '")
111;';
112
113  $result = pwg_query($query);
114  $plugins = array();
115  while ($row = mysql_fetch_assoc($result))
116  {
117    array_push($plugins, $row['id']);
118  }
119
120  if (!empty($plugins))
121  {
122    $query = '
123UPDATE '.PREFIX_TABLE.'plugins
124SET state="inactive"
125WHERE id IN ("' . implode('","', $plugins) . '")
126;';
127    pwg_query($query);
128
129    array_push($page['infos'],
130      l10n('deactivated plugins').'<p><i>'.implode(', ', $plugins).'</i></p>');
131  }
132}
133
134// Check access rights
135function check_upgrade_access_rights($current_release, $username, $password)
136{
137  global $conf, $page;
138
139  if(!get_magic_quotes_gpc())
140  {
141    $username = mysql_real_escape_string($username);
142  }
143
144  if (version_compare($current_release, '2.0', '<'))
145  {
146    $username = utf8_decode($username);
147    $password = utf8_decode($password);
148  }
149
150  if (version_compare($current_release, '1.5', '<'))
151  {
152    $query = '
153SELECT password, status
154FROM '.USERS_TABLE.'
155WHERE username = "'.$username.'"
156;';
157  }
158  else
159  {
160    $query = '
161SELECT u.password, ui.status
162FROM '.$conf['users_table'].' AS u
163INNER JOIN '.USER_INFOS_TABLE.' AS ui
164ON u.'.$conf['user_fields']['id'].'=ui.user_id
165WHERE '.$conf['user_fields']['username'].'="'.$username.'"
166;';
167  }
168  $row = mysql_fetch_assoc(pwg_query($query));
169
170  if (!isset($conf['pass_convert']))
171  {
172    $conf['pass_convert'] = create_function('$s', 'return md5($s);');
173  }
174
175  if ($row['password'] != $conf['pass_convert']($password))
176  {
177    array_push($page['errors'], l10n('invalid_pwd'));
178  }
179  elseif ($row['status'] != 'admin' and $row['status'] != 'webmaster')
180  {
181    array_push($page['errors'], l10n('You do not have access rights to run upgrade'));
182  }
183  else
184  {
185    define('PHPWG_IN_UPGRADE', true);
186  }
187}
188?>
Note: See TracBrowser for help on using the repository browser.