diff options
author | patdenice <patdenice@piwigo.org> | 2008-11-07 13:56:00 +0000 |
---|---|---|
committer | patdenice <patdenice@piwigo.org> | 2008-11-07 13:56:00 +0000 |
commit | 2f586c6791ee2d07e71245d308e2c7f1158b2b7d (patch) | |
tree | b336c1f75085c1055928c20458586ce2a68f190c | |
parent | 5f1fe1d4f9b67b44b7166444de6034a4e6dadfdf (diff) |
merge -c2838 from trunk to branch 2.0
- improve 1.3.1 upgrade (automatic write in mysql.inc.php).
- translate 1.3.1 upgrade informations messages.
- security fix in upgrade login.
git-svn-id: http://piwigo.org/svn/branches/2.0@2839 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r-- | admin/include/functions_upgrade.php | 11 | ||||
-rw-r--r-- | install/upgrade_1.3.1.php | 43 | ||||
-rw-r--r-- | language/de_DE/upgrade.lang.php | 5 | ||||
-rw-r--r-- | language/en_UK/upgrade.lang.php | 5 | ||||
-rw-r--r-- | language/es_ES/upgrade.lang.php | 5 | ||||
-rw-r--r-- | language/fr_FR/upgrade.lang.php | 5 | ||||
-rw-r--r-- | language/it_IT/upgrade.lang.php | 5 | ||||
-rw-r--r-- | language/nl_NL/upgrade.lang.php | 5 |
8 files changed, 69 insertions, 15 deletions
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php index afa6596e8..80086c5c9 100644 --- a/admin/include/functions_upgrade.php +++ b/admin/include/functions_upgrade.php @@ -136,11 +136,16 @@ function check_upgrade_access_rights($current_release, $username, $password) { global $conf, $page; + if(!get_magic_quotes_gpc()) + { + $username = mysql_real_escape_string($username); + } + if (version_compare($current_release, '1.5.0', '<')) { $query = ' SELECT password, status -FROM '.PREFIX_TABLE.'users +FROM '.USERS_TABLE.' WHERE username = "'.$username.'" ;'; } @@ -149,8 +154,8 @@ WHERE username = "'.$username.'" $query = ' SELECT u.password, ui.status FROM '.$conf['users_table'].' AS u -INNER JOIN '.PREFIX_TABLE.'user_infos AS ui -ON u.id = ui.user_id +INNER JOIN '.USER_INFOS_TABLE.' AS ui +ON u.'.$conf['user_fields']['id'].'=ui.user_id WHERE '.$conf['user_fields']['username'].'="'.$username.'" ;'; } diff --git a/install/upgrade_1.3.1.php b/install/upgrade_1.3.1.php index 8bc0d1c93..436f25953 100644 --- a/install/upgrade_1.3.1.php +++ b/install/upgrade_1.3.1.php @@ -578,24 +578,43 @@ UPDATE '.CATEGORIES_TABLE.' pwg_query($query); } -$page['infos'] = array_merge( - $page['infos'], - array( - 'all sub-categories of private categories become private', +// load the config file +$config_file = PHPWG_ROOT_PATH.'include/mysql.inc.php'; +$config_file_contents = @file_get_contents($config_file); +if ($config_file_contents === false) +{ + die('CANNOT LOAD '.$config_file); +} +$php_end_tag = strrpos($config_file_contents, '?'.'>'); +if ($php_end_tag === false) +{ + die('CANNOT FIND PHP END TAG IN '.$config_file); +} +if (!is_writable($config_file)) +{ + die('FILE NOT WRITABLE '.$config_file); +} - 'user permissions and group permissions have been erased', +// Insert define('PHPWG_INSTALLED', true); in mysql.inc.php +$config_file_contents = + substr($config_file_contents, 0, $php_end_tag).' +define(\'PHPWG_INSTALLED\', true); +'.substr($config_file_contents, $php_end_tag); - 'only thumbnails prefix and webmaster mail address have been saved from -previous configuration', +$fp = @fopen( $config_file, 'w' ); +@fputs($fp, $config_file_contents, strlen($config_file_contents)); +@fclose($fp); - 'in include/mysql.inc.php, before -<pre style="background-color:lightgray">?></pre> -insert -<pre style="background-color:lightgray">define(\'PHPWG_INSTALLED\', true);</pre>' +// Send infos +$page['infos'] = array_merge( + $page['infos'], + array( + l10n('all sub-categories of private categories become private'), + l10n('user permissions and group permissions have been erased'), + l10n('only thumbnails prefix and webmaster mail saved') ) ); - // now we upgrade from 1.4.0 include_once(PHPWG_ROOT_PATH.'install/upgrade_1.4.0.php'); ?>
\ No newline at end of file diff --git a/language/de_DE/upgrade.lang.php b/language/de_DE/upgrade.lang.php index 0b3511a49..d01a05d4f 100644 --- a/language/de_DE/upgrade.lang.php +++ b/language/de_DE/upgrade.lang.php @@ -37,4 +37,9 @@ $lang['deactivated plugins'] = 'As a precaution, following plugins have been dea $lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.'; $lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade'; +// Upgrade informations from upgrade_1.3.1.php +$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private'; +$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased'; +$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration'; + ?>
\ No newline at end of file diff --git a/language/en_UK/upgrade.lang.php b/language/en_UK/upgrade.lang.php index 6bbc221c1..ececab250 100644 --- a/language/en_UK/upgrade.lang.php +++ b/language/en_UK/upgrade.lang.php @@ -36,4 +36,9 @@ $lang['deactivated plugins'] = 'As a precaution, following plugins have been dea $lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.'; $lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade'; +// Upgrade infoformations from upgrade_1.3.1.php +$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private'; +$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased'; +$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration'; + ?>
\ No newline at end of file diff --git a/language/es_ES/upgrade.lang.php b/language/es_ES/upgrade.lang.php index b18741016..dff3a074f 100644 --- a/language/es_ES/upgrade.lang.php +++ b/language/es_ES/upgrade.lang.php @@ -36,4 +36,9 @@ $lang['deactivated plugins'] = 'Por precaución, el plugins siguiente han sido d /*TODO*/$lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.'; /*TODO*/$lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade'; +// Upgrade informations from upgrade_1.3.1.php +/*TODO*/$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private'; +/*TODO*/$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased'; +/*TODO*/$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration'; + ?>
\ No newline at end of file diff --git a/language/fr_FR/upgrade.lang.php b/language/fr_FR/upgrade.lang.php index 13d8d0bf2..9ae5ef7e2 100644 --- a/language/fr_FR/upgrade.lang.php +++ b/language/fr_FR/upgrade.lang.php @@ -37,4 +37,9 @@ $lang['deactivated plugins'] = 'Par précaution, les plugins suivants ont été $lang['upgrade login message'] = 'Seul un adminitrateur peut lancer la mise à jour: veuillez vous identifier ci-dessous.'; $lang['You do not have access rights to run upgrade'] = 'Vous n\'avez pas les droits necessaires pour lancer la mise à jour.'; +// Upgrade informations from upgrade_1.3.1.php +$lang['all sub-categories of private categories become private'] = 'Toutes les sous-catégories de catégories privées deviennent privées'; +$lang['user permissions and group permissions have been erased'] = 'Les permissions des utilisateurs et des groupes ont été effacées'; +$lang['only thumbnails prefix and webmaster mail saved'] = 'Seuls le préfixe des miniatures et l\'adresse email du webmestre ont étés sauvegardés de la configuration précédente'; + ?>
\ No newline at end of file diff --git a/language/it_IT/upgrade.lang.php b/language/it_IT/upgrade.lang.php index fe4bd92dc..0487b7576 100644 --- a/language/it_IT/upgrade.lang.php +++ b/language/it_IT/upgrade.lang.php @@ -38,4 +38,9 @@ $lang['deactivated plugins'] = 'As a precaution, following plugins have been dea $lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.'; $lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade'; +// Upgrade infoformations from upgrade_1.3.1.php +$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private'; +$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased'; +$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration'; + ?>
\ No newline at end of file diff --git a/language/nl_NL/upgrade.lang.php b/language/nl_NL/upgrade.lang.php index fe4bd92dc..0487b7576 100644 --- a/language/nl_NL/upgrade.lang.php +++ b/language/nl_NL/upgrade.lang.php @@ -38,4 +38,9 @@ $lang['deactivated plugins'] = 'As a precaution, following plugins have been dea $lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.'; $lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade'; +// Upgrade infoformations from upgrade_1.3.1.php +$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private'; +$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased'; +$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration'; + ?>
\ No newline at end of file |