diff options
| -rw-r--r-- | admin/include/functions_upgrade.php | 64 | ||||
| -rw-r--r-- | upgrade.php | 14 |
2 files changed, 38 insertions, 40 deletions
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php index 91110e4ff..46d3837fe 100644 --- a/admin/include/functions_upgrade.php +++ b/admin/include/functions_upgrade.php @@ -112,9 +112,39 @@ WHERE id IN ("' . implode('","', $plugins) . '") } // Check access rights -function check_upgrade_access_rights($current_release, $username, $password) +function check_upgrade_access_rights() { - global $conf, $page; + global $conf, $page, $current_release; + + if (version_compare($current_release, '2.0', '>=') and isset($_COOKIE[session_name()])) + { + // Check if user is already connected as webmaster + session_start(); + if (!empty($_SESSION['pwg_uid'])) + { + $query = ' +SELECT status + FROM '.USER_INFOS_TABLE.' + WHERE user_id = '.$_SESSION['pwg_uid'].' +;'; + pwg_query($query); + + $row = pwg_db_fetch_assoc(pwg_query($query)); + if (isset($row['status']) and $row['status'] == 'webmaster') + { + define('PHPWG_IN_UPGRADE', true); + return; + } + } + } + + if (!isset($_POST['username']) or !isset($_POST['password'])) + { + return; + } + + $username = $_POST['password']; + $password = $_POST['password']; if(!@get_magic_quotes_gpc()) { @@ -230,34 +260,4 @@ function upgrade_db_connect() my_error(l10n($e->getMessage()), true); } } - -/** - * Get languages defined in the language directory - */ -function get_fs_languages($target_charset = null) -{ - if ( empty($target_charset) ) - { - $target_charset = get_pwg_charset(); - } - $target_charset = strtolower($target_charset); - - $dir = opendir(PHPWG_ROOT_PATH.'language'); - - while ($file = readdir($dir)) - { - $path = PHPWG_ROOT_PATH.'language/'.$file; - if (!is_link($path) and is_dir($path) and file_exists($path.'/iso.txt')) - { - list($language_name) = @file($path.'/iso.txt'); - - $languages[$file] = convert_charset($language_name, $target_charset); - } - } - closedir($dir); - @asort($languages); - - return $languages; -} - ?>
\ No newline at end of file diff --git a/upgrade.php b/upgrade.php index 7383a5e8a..9d8d78ff8 100644 --- a/upgrade.php +++ b/upgrade.php @@ -36,9 +36,6 @@ if ($php_end_tag === false) die('Cannot find php end tag in '.$config_file); } -include_once(PHPWG_ROOT_PATH.'include/functions.inc.php'); -include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); - include(PHPWG_ROOT_PATH.'local/config/database.inc.php'); include(PHPWG_ROOT_PATH . 'include/config_default.inc.php'); @include(PHPWG_ROOT_PATH. 'local/config/config.inc.php'); @@ -49,6 +46,9 @@ include_once(PHPWG_ROOT_PATH.'include/constants.php'); define('PREFIX_TABLE', $prefixeTable); define('UPGRADES_PATH', PHPWG_ROOT_PATH.'install/db'); +include_once(PHPWG_ROOT_PATH.'include/functions.inc.php'); +include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); + // +-----------------------------------------------------------------------+ // | functions | // +-----------------------------------------------------------------------+ @@ -279,12 +279,10 @@ $page['infos'] = array(); $page['errors'] = array(); $mysql_changes = array(); -if (isset($_POST['username']) and isset($_POST['password'])) -{ - check_upgrade_access_rights($current_release, $_POST['username'], $_POST['password']); -} +check_upgrade_access_rights(); -if (isset($_POST['submit']) and check_upgrade()) +if ((isset($_POST['submit']) or isset($_GET['now'])) + and check_upgrade()) { $upgrade_file = PHPWG_ROOT_PATH.'install/upgrade_'.$current_release.'.php'; if (is_file($upgrade_file)) |