aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--admin/include/functions_upgrade.php64
-rw-r--r--upgrade.php14
2 files changed, 38 insertions, 40 deletions
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php
index 91110e4ff..46d3837fe 100644
--- a/admin/include/functions_upgrade.php
+++ b/admin/include/functions_upgrade.php
@@ -112,9 +112,39 @@ WHERE id IN ("' . implode('","', $plugins) . '")
}
// Check access rights
-function check_upgrade_access_rights($current_release, $username, $password)
+function check_upgrade_access_rights()
{
- global $conf, $page;
+ global $conf, $page, $current_release;
+
+ if (version_compare($current_release, '2.0', '>=') and isset($_COOKIE[session_name()]))
+ {
+ // Check if user is already connected as webmaster
+ session_start();
+ if (!empty($_SESSION['pwg_uid']))
+ {
+ $query = '
+SELECT status
+ FROM '.USER_INFOS_TABLE.'
+ WHERE user_id = '.$_SESSION['pwg_uid'].'
+;';
+ pwg_query($query);
+
+ $row = pwg_db_fetch_assoc(pwg_query($query));
+ if (isset($row['status']) and $row['status'] == 'webmaster')
+ {
+ define('PHPWG_IN_UPGRADE', true);
+ return;
+ }
+ }
+ }
+
+ if (!isset($_POST['username']) or !isset($_POST['password']))
+ {
+ return;
+ }
+
+ $username = $_POST['password'];
+ $password = $_POST['password'];
if(!@get_magic_quotes_gpc())
{
@@ -230,34 +260,4 @@ function upgrade_db_connect()
my_error(l10n($e->getMessage()), true);
}
}
-
-/**
- * Get languages defined in the language directory
- */
-function get_fs_languages($target_charset = null)
-{
- if ( empty($target_charset) )
- {
- $target_charset = get_pwg_charset();
- }
- $target_charset = strtolower($target_charset);
-
- $dir = opendir(PHPWG_ROOT_PATH.'language');
-
- while ($file = readdir($dir))
- {
- $path = PHPWG_ROOT_PATH.'language/'.$file;
- if (!is_link($path) and is_dir($path) and file_exists($path.'/iso.txt'))
- {
- list($language_name) = @file($path.'/iso.txt');
-
- $languages[$file] = convert_charset($language_name, $target_charset);
- }
- }
- closedir($dir);
- @asort($languages);
-
- return $languages;
-}
-
?> \ No newline at end of file
diff --git a/upgrade.php b/upgrade.php
index 7383a5e8a..9d8d78ff8 100644
--- a/upgrade.php
+++ b/upgrade.php
@@ -36,9 +36,6 @@ if ($php_end_tag === false)
die('Cannot find php end tag in '.$config_file);
}
-include_once(PHPWG_ROOT_PATH.'include/functions.inc.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-
include(PHPWG_ROOT_PATH.'local/config/database.inc.php');
include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
@include(PHPWG_ROOT_PATH. 'local/config/config.inc.php');
@@ -49,6 +46,9 @@ include_once(PHPWG_ROOT_PATH.'include/constants.php');
define('PREFIX_TABLE', $prefixeTable);
define('UPGRADES_PATH', PHPWG_ROOT_PATH.'install/db');
+include_once(PHPWG_ROOT_PATH.'include/functions.inc.php');
+include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
+
// +-----------------------------------------------------------------------+
// | functions |
// +-----------------------------------------------------------------------+
@@ -279,12 +279,10 @@ $page['infos'] = array();
$page['errors'] = array();
$mysql_changes = array();
-if (isset($_POST['username']) and isset($_POST['password']))
-{
- check_upgrade_access_rights($current_release, $_POST['username'], $_POST['password']);
-}
+check_upgrade_access_rights();
-if (isset($_POST['submit']) and check_upgrade())
+if ((isset($_POST['submit']) or isset($_GET['now']))
+ and check_upgrade())
{
$upgrade_file = PHPWG_ROOT_PATH.'install/upgrade_'.$current_release.'.php';
if (is_file($upgrade_file))