aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpatdenice <patdenice@piwigo.org>2008-11-22 23:33:17 +0000
committerpatdenice <patdenice@piwigo.org>2008-11-22 23:33:17 +0000
commit61d8bf79c169e601b480bf54fc393c453b8874a0 (patch)
treef0485e149a81af666dc65672986aab081f335d7c
parentc612fd5074defafd3c56749d16b86cef1e539012 (diff)
- Bug fixed: username or password with accented character are now accepted for upgrade.
- Simplify query in pwg_session_write function. - Retrieve data with cURL method in fetchRemote function now work with forwarded URL. git-svn-id: http://piwigo.org/svn/trunk@2900 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--admin/include/functions.php23
-rw-r--r--admin/include/functions_upgrade.php10
-rw-r--r--include/functions_session.inc.php13
3 files changed, 22 insertions, 24 deletions
diff --git a/admin/include/functions.php b/admin/include/functions.php
index 1c938ca56..a8193d3af 100644
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@@ -1948,6 +1948,10 @@ function cat_admin_access($category_id)
*/
function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0)
{
+ // After 3 redirections, return false
+ if ($step > 3) return false;
+
+ // Initialize $dest
is_resource($dest) or $dest = '';
// Try curl to read remote file
@@ -1955,16 +1959,20 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0)
{
$ch = @curl_init();
@curl_setopt($ch, CURLOPT_URL, $src);
- @curl_setopt($ch, CURLOPT_HEADER, 0);
+ @curl_setopt($ch, CURLOPT_HEADER, 1);
@curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
- is_resource($dest) ?
- @curl_setopt($ch, CURLOPT_FILE, $dest):
- @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$content = @curl_exec($ch);
+ $header_length = @curl_getinfo($ch, CURLINFO_HEADER_SIZE);
@curl_close($ch);
if ($content !== false)
{
- is_resource($dest) or $dest = $content;
+ if (preg_match('/Location:\s+?(.+)/', substr($content, 0, $header_length), $m))
+ {
+ return fetchRemote($m[1], $dest, $user_agent, $step+1);
+ }
+ $content = substr($content, $header_length);
+ is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
return true;
}
}
@@ -1981,11 +1989,6 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0)
}
// Try fsockopen to read remote file
- if ($step > 3)
- {
- return false;
- }
-
$src = parse_url($src);
$host = $src['host'];
$path = isset($src['path']) ? $src['path'] : '/';
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php
index 65b0a21ed..01ffb75b8 100644
--- a/admin/include/functions_upgrade.php
+++ b/admin/include/functions_upgrade.php
@@ -141,7 +141,13 @@ function check_upgrade_access_rights($current_release, $username, $password)
$username = mysql_real_escape_string($username);
}
- if (version_compare($current_release, '1.5.0', '<'))
+ if (version_compare($current_release, '2.0', '<'))
+ {
+ $username = utf8_decode($username);
+ $password = utf8_decode($password);
+ }
+
+ if (version_compare($current_release, '1.5', '<'))
{
$query = '
SELECT password, status
@@ -166,7 +172,7 @@ WHERE '.$conf['user_fields']['username'].'="'.$username.'"
$conf['pass_convert'] = create_function('$s', 'return md5($s);');
}
- if ($row['password'] != $conf['pass_convert']($_POST['password']))
+ if ($row['password'] != $conf['pass_convert']($password))
{
array_push($page['errors'], l10n('invalid_pwd'));
}
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php
index 728fc8fba..dd3e1b24c 100644
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@@ -131,18 +131,7 @@ SELECT data
function pwg_session_write($session_id, $data)
{
$query = '
-UPDATE '.SESSIONS_TABLE.'
- SET expiration = now(),
- data = \''.$data.'\'
- WHERE id = \''.get_remote_addr_session_hash().$session_id.'\'
-;';
- pwg_query($query);
- if ( mysql_affected_rows()>0 )
- {
- return true;
- }
- $query = '
-INSERT INTO '.SESSIONS_TABLE.'
+REPLACE INTO '.SESSIONS_TABLE.'
(id,data,expiration)
VALUES(\''.get_remote_addr_session_hash().$session_id.'\',\''.$data.'\',now())
;';