diff options
Diffstat (limited to 'admin')
-rw-r--r-- | admin/include/functions.php | 81 | ||||
-rw-r--r-- | admin/include/languages.class.php | 32 | ||||
-rw-r--r-- | admin/include/plugins.class.php | 42 | ||||
-rw-r--r-- | admin/include/themes.class.php | 42 | ||||
-rw-r--r-- | admin/site_manager.php | 8 |
5 files changed, 137 insertions, 68 deletions
diff --git a/admin/include/functions.php b/admin/include/functions.php index e7e6b1a16..15c057771 100644 --- a/admin/include/functions.php +++ b/admin/include/functions.php @@ -1684,7 +1684,7 @@ function cat_admin_access($category_id) * @param global $dest: can be a file ressource or string * @return bool */ -function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0) +function fetchRemote($src, &$dest, $get_data=array(), $post_data=array(), $user_agent='Piwigo', $step=0) { // Try to retrieve data from local file? if (!url_is_remote($src)) @@ -1701,27 +1701,14 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0) } } - // Send anonymous data to piwigo server - if ($_SERVER['HTTP_HOST'] != 'localhost' and $step==0 - and preg_match('#^http://(?:[a-z]+\.)?piwigo\.org#', $src)) - { - global $conf; - - $src = add_url_params($src, array( - 'uuid' => hash_hmac('md5', get_absolute_root_url(), $conf['secret_key']), - 'os' => urlencode(PHP_OS), - 'pwgversion' => urlencode(PHPWG_VERSION), - 'phpversion' => urlencode(phpversion()), - 'dbengine' => urlencode(DB_ENGINE), - 'dbversion' => urlencode(pwg_get_db_version()), - ) - ); - $src = str_replace('&', '&', $src); - } - // After 3 redirections, return false if ($step > 3) return false; + // Initialization + $method = empty($post_data) ? 'GET' : 'POST'; + $request = empty($post_data) ? '' : http_build_query($post_data, '', '&'); + $src = add_url_params($src, $get_data, '&'); + // Initialize $dest is_resource($dest) or $dest = ''; @@ -1733,6 +1720,11 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0) @curl_setopt($ch, CURLOPT_HEADER, 1); @curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + if ($method == 'POST') + { + @curl_setopt($ch, CURLOPT_POST, 1); + @curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); + } $content = @curl_exec($ch); $header_length = @curl_getinfo($ch, CURLINFO_HEADER_SIZE); $status = @curl_getinfo($ch, CURLINFO_HTTP_CODE); @@ -1741,7 +1733,7 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0) { if (preg_match('/Location:\s+?(.+)/', substr($content, 0, $header_length), $m)) { - return fetchRemote($m[1], $dest, $user_agent, $step+1); + return fetchRemote($m[1], $dest, array(), array(), $user_agent, $step+1); } $content = substr($content, $header_length); is_resource($dest) ? @fwrite($dest, $content) : $dest = $content; @@ -1752,7 +1744,15 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0) // Try file_get_contents to read remote file if (ini_get('allow_url_fopen')) { - $content = @file_get_contents($src); + $opts = array( + 'http' => array( + 'method' => $method, + 'content' => $request, + 'user_agent' => $user_agent, + ) + ); + $context = @stream_context_create($opts); + $content = @file_get_contents($src, false, $context); if ($content !== false) { is_resource($dest) ? @fwrite($dest, $content) : $dest = $content; @@ -1771,13 +1771,16 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0) return false; } - fwrite($s, - "GET ".$path." HTTP/1.0\r\n" - ."Host: ".$host."\r\n" - ."User-Agent: ".$user_agent."\r\n" - ."Accept: */*\r\n" - ."\r\n" - ); + $http_request = $method." ".$path." HTTP/1.0\r\n"; + $http_request .= "Host: ".$host."\r\n"; + $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; + $http_request .= "Content-Length: ".strlen($request)."\r\n"; + $http_request .= "User-Agent: ".$user_agent."\r\n"; + $http_request .= "Accept: */*\r\n"; + $http_request .= "\r\n"; + $http_request .= $request; + + fwrite($s, $http_request); $i = 0; $in_content = false; @@ -1810,7 +1813,7 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0) if (preg_match('/Location:\s+?(.+)$/',rtrim($line,"\r\n"),$m)) { fclose($s); - return fetchRemote(trim($m[1]),$dest,$user_agent,$step+1); + return fetchRemote(trim($m[1]),$dest,array(),array(),$user_agent,$step+1); } $i++; continue; @@ -2023,4 +2026,24 @@ function get_fckb_tag_ids($raw_tags) return $tag_ids; } + +function get_hosting_technical_details() +{ + global $conf; + + $details = array(); + if ($conf['send_hosting_technical_details'] and $_SERVER['HTTP_HOST'] != 'localhost') + { + $details = array( + 'uuid' => hash_hmac('md5', get_absolute_root_url(), $conf['secret_key']), + 'os' => urlencode(PHP_OS), + 'pwgversion' => urlencode(PHPWG_VERSION), + 'phpversion' => urlencode(phpversion()), + 'dbengine' => urlencode(DB_ENGINE), + 'dbversion' => urlencode(pwg_get_db_version()), + ); + } + + return $details; +} ?>
\ No newline at end of file diff --git a/admin/include/languages.class.php b/admin/include/languages.class.php index 88b37da36..4fd73d4af 100644 --- a/admin/include/languages.class.php +++ b/admin/include/languages.class.php @@ -196,13 +196,16 @@ UPDATE '.USER_INFOS_TABLE.' { global $user; - $pem_category_id = 8; + $get_data = array( + 'category_id' => 8, + 'format' => 'php', + ); // Retrieve PEM versions $version = PHPWG_VERSION; $versions_to_check = array(); - $url = PEM_URL . '/api/get_version_list.php?category_id='.$pem_category_id.'&format=php'; - if (fetchRemote($url, $result) and $pem_versions = @unserialize($result)) + $url = PEM_URL . '/api/get_version_list.php'; + if (fetchRemote($url, $result, $get_data, get_hosting_technical_details()) and $pem_versions = @unserialize($result)) { if (!preg_match('/^\d+\.\d+\.\d+/', $version)) { @@ -223,11 +226,15 @@ UPDATE '.USER_INFOS_TABLE.' } // Retrieve PEM languages infos - $url = PEM_URL . '/api/get_revision_list.php?category_id='.$pem_category_id.'&format=php&last_revision_only=true'; - $url .= '&version=' . implode(',', $versions_to_check); - $url .= '&lang='.$user['language']; - - if (fetchRemote($url, $result)) + $url = PEM_URL . '/api/get_revision_list.php'; + $get_data = array_merge($get_data, array( + 'last_revision_only' => 'true', + 'version' => implode(',', $versions_to_check), + 'lang' => $user['language'], + ) + ); + + if (fetchRemote($url, $result, $get_data)) { $pem_languages = @unserialize($result); if (!is_array($pem_languages)) @@ -258,10 +265,13 @@ UPDATE '.USER_INFOS_TABLE.' { if ($archive = tempnam( PHPWG_ROOT_PATH.'language', 'zip')) { - $url = PEM_URL . '/download.php?rid=' . $revision; - $url .= '&origin=piwigo_' . $action; + $url = PEM_URL . '/download.php'; + $get_data = array( + 'rid' => $revision, + 'origin' => 'piwigo_'.$action, + ); - if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle)) + if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle, $get_data)) { fclose($handle); include(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php'); diff --git a/admin/include/plugins.class.php b/admin/include/plugins.class.php index 2de666c04..169a50b76 100644 --- a/admin/include/plugins.class.php +++ b/admin/include/plugins.class.php @@ -290,11 +290,16 @@ DELETE FROM ' . PLUGINS_TABLE . ' WHERE id=\'' . $plugin_id . '\''; { global $user; + $get_data = array( + 'category_id' => 12, + 'format' => 'php', + ); + // Retrieve PEM versions $version = PHPWG_VERSION; $versions_to_check = array(); - $url = PEM_URL . '/api/get_version_list.php?category_id=12&format=php'; - if (fetchRemote($url, $result) and $pem_versions = @unserialize($result)) + $url = PEM_URL . '/api/get_version_list.php'; + if (fetchRemote($url, $result, $get_data, get_hosting_technical_details()) and $pem_versions = @unserialize($result)) { if (!preg_match('/^\d+\.\d+\.\d+/', $version)) { @@ -325,17 +330,27 @@ DELETE FROM ' . PLUGINS_TABLE . ' WHERE id=\'' . $plugin_id . '\''; } // Retrieve PEM plugins infos - $url = PEM_URL . '/api/get_revision_list.php?category_id=12&format=php&last_revision_only=true'; - $url .= '&version=' . implode(',', $versions_to_check); - $url .= '&lang=' . substr($user['language'], 0, 2); - $url .= '&get_nb_downloads=true'; + $url = PEM_URL . '/api/get_revision_list.php'; + $get_data = array_merge($get_data, array( + 'last_revision_only' => 'true', + 'version' => implode(',', $versions_to_check), + 'lang' => substr($user['language'], 0, 2), + 'get_nb_downloads' => 'true', + ) + ); if (!empty($plugins_to_check)) { - $url .= $new ? '&extension_exclude=' : '&extension_include='; - $url .= implode(',', $plugins_to_check); + if ($new) + { + $get_data['extension_exclude'] = implode(',', $plugins_to_check); + } + else + { + $get_data['extension_include'] = implode(',', $plugins_to_check); + } } - if (fetchRemote($url, $result)) + if (fetchRemote($url, $result, $get_data)) { $pem_plugins = @unserialize($result); if (!is_array($pem_plugins)) @@ -386,10 +401,13 @@ DELETE FROM ' . PLUGINS_TABLE . ' WHERE id=\'' . $plugin_id . '\''; { if ($archive = tempnam( PHPWG_PLUGINS_PATH, 'zip')) { - $url = PEM_URL . '/download.php?rid=' . $revision; - $url .= '&origin=piwigo_' . $action; + $url = PEM_URL . '/download.php'; + $get_data = array( + 'rid' => $revision, + 'origin' => 'piwigo_'.$action, + ); - if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle)) + if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle, $get_data)) { fclose($handle); include(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php'); diff --git a/admin/include/themes.class.php b/admin/include/themes.class.php index 7601f6d60..b00172d31 100644 --- a/admin/include/themes.class.php +++ b/admin/include/themes.class.php @@ -447,13 +447,16 @@ SELECT { global $user; - $pem_category_id = 10; + $get_data = array( + 'category_id' => 10, + 'format' => 'php', + ); // Retrieve PEM versions $version = PHPWG_VERSION; $versions_to_check = array(); - $url = PEM_URL . '/api/get_version_list.php?category_id='.$pem_category_id.'&format=php'; - if (fetchRemote($url, $result) and $pem_versions = @unserialize($result)) + $url = PEM_URL . '/api/get_version_list.php'; + if (fetchRemote($url, $result, $get_data, get_hosting_technical_details()) and $pem_versions = @unserialize($result)) { if (!preg_match('/^\d+\.\d+\.\d+/', $version)) { @@ -484,17 +487,27 @@ SELECT } // Retrieve PEM themes infos - $url = PEM_URL . '/api/get_revision_list.php?category_id='.$pem_category_id.'&format=php&last_revision_only=true'; - $url .= '&version=' . implode(',', $versions_to_check); - $url .= '&lang=' . substr($user['language'], 0, 2); - $url .= '&get_nb_downloads=true'; + $url = PEM_URL . '/api/get_revision_list.php'; + $get_data = array_merge($get_data, array( + 'last_revision_only' => 'true', + 'version' => implode(',', $versions_to_check), + 'lang' => substr($user['language'], 0, 2), + 'get_nb_downloads' => 'true', + ) + ); if (!empty($themes_to_check)) { - $url .= $new ? '&extension_exclude=' : '&extension_include='; - $url .= implode(',', $themes_to_check); + if ($new) + { + $get_data['extension_exclude'] = implode(',', $themes_to_check); + } + else + { + $get_data['extension_include'] = implode(',', $themes_to_check); + } } - if (fetchRemote($url, $result)) + if (fetchRemote($url, $result, $get_data)) { $pem_themes = @unserialize($result); if (!is_array($pem_themes)) @@ -546,10 +559,13 @@ SELECT { if ($archive = tempnam( PHPWG_THEMES_PATH, 'zip')) { - $url = PEM_URL . '/download.php?rid=' . $revision; - $url .= '&origin=piwigo_' . $action; + $url = PEM_URL . '/download.php'; + $get_data = array( + 'rid' => $revision, + 'origin' => 'piwigo_'.$action, + ); - if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle)) + if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle, $get_data)) { fclose($handle); include(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php'); diff --git a/admin/site_manager.php b/admin/site_manager.php index cb3a69318..b125f6181 100644 --- a/admin/site_manager.php +++ b/admin/site_manager.php @@ -116,9 +116,11 @@ SELECT COUNT(id) AS count if ( ! isset($_POST['no_check']) ) { $clf_url = $url.'create_listing_file.php'; - $clf_url.= '?action=test'; - $clf_url.= '&version='.PHPWG_VERSION; - if (fetchRemote($clf_url, $result)) + $get_data = array( + 'action' => 'test', + 'version' => PHPWG_VERSION, + ); + if (fetchRemote($clf_url, $result, $get_data)) { $lines = explode("\r\n", $result); $first_line = strip_tags($lines[0]); |