aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpatdenice <patdenice@piwigo.org>2008-11-07 13:56:00 +0000
committerpatdenice <patdenice@piwigo.org>2008-11-07 13:56:00 +0000
commit2f586c6791ee2d07e71245d308e2c7f1158b2b7d (patch)
treeb336c1f75085c1055928c20458586ce2a68f190c
parent5f1fe1d4f9b67b44b7166444de6034a4e6dadfdf (diff)
merge -c2838 from trunk to branch 2.0
- improve 1.3.1 upgrade (automatic write in mysql.inc.php). - translate 1.3.1 upgrade informations messages. - security fix in upgrade login. git-svn-id: http://piwigo.org/svn/branches/2.0@2839 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--admin/include/functions_upgrade.php11
-rw-r--r--install/upgrade_1.3.1.php43
-rw-r--r--language/de_DE/upgrade.lang.php5
-rw-r--r--language/en_UK/upgrade.lang.php5
-rw-r--r--language/es_ES/upgrade.lang.php5
-rw-r--r--language/fr_FR/upgrade.lang.php5
-rw-r--r--language/it_IT/upgrade.lang.php5
-rw-r--r--language/nl_NL/upgrade.lang.php5
8 files changed, 69 insertions, 15 deletions
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php
index afa6596e8..80086c5c9 100644
--- a/admin/include/functions_upgrade.php
+++ b/admin/include/functions_upgrade.php
@@ -136,11 +136,16 @@ function check_upgrade_access_rights($current_release, $username, $password)
{
global $conf, $page;
+ if(!get_magic_quotes_gpc())
+ {
+ $username = mysql_real_escape_string($username);
+ }
+
if (version_compare($current_release, '1.5.0', '<'))
{
$query = '
SELECT password, status
-FROM '.PREFIX_TABLE.'users
+FROM '.USERS_TABLE.'
WHERE username = "'.$username.'"
;';
}
@@ -149,8 +154,8 @@ WHERE username = "'.$username.'"
$query = '
SELECT u.password, ui.status
FROM '.$conf['users_table'].' AS u
-INNER JOIN '.PREFIX_TABLE.'user_infos AS ui
-ON u.id = ui.user_id
+INNER JOIN '.USER_INFOS_TABLE.' AS ui
+ON u.'.$conf['user_fields']['id'].'=ui.user_id
WHERE '.$conf['user_fields']['username'].'="'.$username.'"
;';
}
diff --git a/install/upgrade_1.3.1.php b/install/upgrade_1.3.1.php
index 8bc0d1c93..436f25953 100644
--- a/install/upgrade_1.3.1.php
+++ b/install/upgrade_1.3.1.php
@@ -578,24 +578,43 @@ UPDATE '.CATEGORIES_TABLE.'
pwg_query($query);
}
-$page['infos'] = array_merge(
- $page['infos'],
- array(
- 'all sub-categories of private categories become private',
+// load the config file
+$config_file = PHPWG_ROOT_PATH.'include/mysql.inc.php';
+$config_file_contents = @file_get_contents($config_file);
+if ($config_file_contents === false)
+{
+ die('CANNOT LOAD '.$config_file);
+}
+$php_end_tag = strrpos($config_file_contents, '?'.'>');
+if ($php_end_tag === false)
+{
+ die('CANNOT FIND PHP END TAG IN '.$config_file);
+}
+if (!is_writable($config_file))
+{
+ die('FILE NOT WRITABLE '.$config_file);
+}
- 'user permissions and group permissions have been erased',
+// Insert define('PHPWG_INSTALLED', true); in mysql.inc.php
+$config_file_contents =
+ substr($config_file_contents, 0, $php_end_tag).'
+define(\'PHPWG_INSTALLED\', true);
+'.substr($config_file_contents, $php_end_tag);
- 'only thumbnails prefix and webmaster mail address have been saved from
-previous configuration',
+$fp = @fopen( $config_file, 'w' );
+@fputs($fp, $config_file_contents, strlen($config_file_contents));
+@fclose($fp);
- 'in include/mysql.inc.php, before
-<pre style="background-color:lightgray">?&gt;</pre>
-insert
-<pre style="background-color:lightgray">define(\'PHPWG_INSTALLED\', true);</pre>'
+// Send infos
+$page['infos'] = array_merge(
+ $page['infos'],
+ array(
+ l10n('all sub-categories of private categories become private'),
+ l10n('user permissions and group permissions have been erased'),
+ l10n('only thumbnails prefix and webmaster mail saved')
)
);
-
// now we upgrade from 1.4.0
include_once(PHPWG_ROOT_PATH.'install/upgrade_1.4.0.php');
?> \ No newline at end of file
diff --git a/language/de_DE/upgrade.lang.php b/language/de_DE/upgrade.lang.php
index 0b3511a49..d01a05d4f 100644
--- a/language/de_DE/upgrade.lang.php
+++ b/language/de_DE/upgrade.lang.php
@@ -37,4 +37,9 @@ $lang['deactivated plugins'] = 'As a precaution, following plugins have been dea
$lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.';
$lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade';
+// Upgrade informations from upgrade_1.3.1.php
+$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private';
+$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased';
+$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration';
+
?> \ No newline at end of file
diff --git a/language/en_UK/upgrade.lang.php b/language/en_UK/upgrade.lang.php
index 6bbc221c1..ececab250 100644
--- a/language/en_UK/upgrade.lang.php
+++ b/language/en_UK/upgrade.lang.php
@@ -36,4 +36,9 @@ $lang['deactivated plugins'] = 'As a precaution, following plugins have been dea
$lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.';
$lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade';
+// Upgrade infoformations from upgrade_1.3.1.php
+$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private';
+$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased';
+$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration';
+
?> \ No newline at end of file
diff --git a/language/es_ES/upgrade.lang.php b/language/es_ES/upgrade.lang.php
index b18741016..dff3a074f 100644
--- a/language/es_ES/upgrade.lang.php
+++ b/language/es_ES/upgrade.lang.php
@@ -36,4 +36,9 @@ $lang['deactivated plugins'] = 'Por precaución, el plugins siguiente han sido d
/*TODO*/$lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.';
/*TODO*/$lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade';
+// Upgrade informations from upgrade_1.3.1.php
+/*TODO*/$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private';
+/*TODO*/$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased';
+/*TODO*/$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration';
+
?> \ No newline at end of file
diff --git a/language/fr_FR/upgrade.lang.php b/language/fr_FR/upgrade.lang.php
index 13d8d0bf2..9ae5ef7e2 100644
--- a/language/fr_FR/upgrade.lang.php
+++ b/language/fr_FR/upgrade.lang.php
@@ -37,4 +37,9 @@ $lang['deactivated plugins'] = 'Par précaution, les plugins suivants ont été
$lang['upgrade login message'] = 'Seul un adminitrateur peut lancer la mise à jour: veuillez vous identifier ci-dessous.';
$lang['You do not have access rights to run upgrade'] = 'Vous n\'avez pas les droits necessaires pour lancer la mise à jour.';
+// Upgrade informations from upgrade_1.3.1.php
+$lang['all sub-categories of private categories become private'] = 'Toutes les sous-catégories de catégories privées deviennent privées';
+$lang['user permissions and group permissions have been erased'] = 'Les permissions des utilisateurs et des groupes ont été effacées';
+$lang['only thumbnails prefix and webmaster mail saved'] = 'Seuls le préfixe des miniatures et l\'adresse email du webmestre ont étés sauvegardés de la configuration précédente';
+
?> \ No newline at end of file
diff --git a/language/it_IT/upgrade.lang.php b/language/it_IT/upgrade.lang.php
index fe4bd92dc..0487b7576 100644
--- a/language/it_IT/upgrade.lang.php
+++ b/language/it_IT/upgrade.lang.php
@@ -38,4 +38,9 @@ $lang['deactivated plugins'] = 'As a precaution, following plugins have been dea
$lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.';
$lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade';
+// Upgrade infoformations from upgrade_1.3.1.php
+$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private';
+$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased';
+$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration';
+
?> \ No newline at end of file
diff --git a/language/nl_NL/upgrade.lang.php b/language/nl_NL/upgrade.lang.php
index fe4bd92dc..0487b7576 100644
--- a/language/nl_NL/upgrade.lang.php
+++ b/language/nl_NL/upgrade.lang.php
@@ -38,4 +38,9 @@ $lang['deactivated plugins'] = 'As a precaution, following plugins have been dea
$lang['upgrade login message'] = 'Only administrator can run upgrade: please sign in below.';
$lang['You do not have access rights to run upgrade'] = 'You do not have access rights to run upgrade';
+// Upgrade infoformations from upgrade_1.3.1.php
+$lang['all sub-categories of private categories become private'] = 'All sub-categories of private categories become private';
+$lang['user permissions and group permissions have been erased'] = 'User permissions and group permissions have been erased';
+$lang['only thumbnails prefix and webmaster mail saved'] = 'Only thumbnails prefix and webmaster mail address have been saved from previous configuration';
+
?> \ No newline at end of file