aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
Diffstat (limited to 'admin')
-rw-r--r--admin/include/functions.php108
-rw-r--r--admin/include/functions_upgrade.php2
-rw-r--r--admin/include/pclzip.lib.php2
-rw-r--r--admin/include/plugins.class.php12
-rw-r--r--admin/intro.php9
-rw-r--r--admin/plugins_new.php6
-rw-r--r--admin/plugins_update.php6
7 files changed, 122 insertions, 23 deletions
diff --git a/admin/include/functions.php b/admin/include/functions.php
index 658033e0c..e67925073 100644
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@@ -1922,4 +1922,112 @@ function cat_admin_access($category_id)
return true;
}
+/**
+ * Retrieve data from external URL
+ *
+ * @param string $src: URL
+ * @param global $dest: can be a file ressource or string
+ * @return bool
+ */
+function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0)
+{
+ is_resource($dest) or $dest = '';
+
+ // Try curl to read remote file
+ if (function_exists('curl_init'))
+ {
+ $ch = @curl_init();
+ @curl_setopt($ch, CURLOPT_URL, $src);
+ @curl_setopt($ch, CURLOPT_HEADER, 0);
+ @curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
+ is_resource($dest) ?
+ @curl_setopt($ch, CURLOPT_FILE, $dest):
+ @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ $content = @curl_exec($ch);
+ @curl_close($ch);
+ if ($content !== false)
+ {
+ is_resource($dest) or $dest = $content;
+ return true;
+ }
+ }
+
+ // Try file_get_contents to read remote file
+ if (ini_get('allow_url_fopen'))
+ {
+ $content = @file_get_contents($src);
+ if ($content !== false)
+ {
+ is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
+ return true;
+ }
+ }
+
+ // Try fsockopen to read remote file
+ if ($step > 3)
+ {
+ return false;
+ }
+
+ $src = parse_url($src);
+ $host = $src['host'];
+ $path = isset($src['path']) ? $src['path'] : '/';
+ $path .= isset($src['query']) ? '?'.$src['query'] : '';
+
+ if (($s = @fsockopen($host,80,$errno,$errstr,5)) === false)
+ {
+ return false;
+ }
+
+ fwrite($s,
+ "GET ".$path." HTTP/1.0\r\n"
+ ."Host: ".$host."\r\n"
+ ."User-Agent: ".$user_agent."\r\n"
+ ."Accept: */*\r\n"
+ ."\r\n"
+ );
+
+ $i = 0;
+ $in_content = false;
+ while (!feof($s))
+ {
+ $line = fgets($s);
+
+ if (rtrim($line,"\r\n") == '' && !$in_content)
+ {
+ $in_content = true;
+ $i++;
+ continue;
+ }
+ if ($i == 0)
+ {
+ if (!preg_match('/HTTP\/(\\d\\.\\d)\\s*(\\d+)\\s*(.*)/',rtrim($line,"\r\n"), $m))
+ {
+ fclose($s);
+ return false;
+ }
+ $status = (integer) $m[2];
+ if ($status < 200 || $status >= 400)
+ {
+ fclose($s);
+ return false;
+ }
+ }
+ if (!$in_content)
+ {
+ if (preg_match('/Location:\s+?(.+)$/',rtrim($line,"\r\n"),$m))
+ {
+ fclose($s);
+ return fetchRemote(trim($m[1]),$dest,$user_agent,$step+1);
+ }
+ $i++;
+ continue;
+ }
+ is_resource($dest) ? @fwrite($dest, $line) : $dest .= $line;
+ $i++;
+ }
+ fclose($s);
+ return true;
+}
+
?> \ No newline at end of file
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php
index 80086c5c9..c80a01848 100644
--- a/admin/include/functions_upgrade.php
+++ b/admin/include/functions_upgrade.php
@@ -127,7 +127,7 @@ WHERE id IN ("' . implode('","', $plugins) . '")
mysql_query($query);
array_push($page['infos'],
- l10n('deactivated plugins') . '<pre>' . implode(', ', $plugins) . '</pre>');
+ l10n('deactivated plugins').'<br /><br /><i>'.implode(', ', $plugins).'</i><br />');
}
}
diff --git a/admin/include/pclzip.lib.php b/admin/include/pclzip.lib.php
index adc5c1992..5acca70bd 100644
--- a/admin/include/pclzip.lib.php
+++ b/admin/include/pclzip.lib.php
@@ -3565,4 +3565,4 @@ function PclZipUtilTranslateWinPath($p_path, $p_remove_disk_letter=true)
}
return $p_path;
}
-?>
+?> \ No newline at end of file
diff --git a/admin/include/plugins.class.php b/admin/include/plugins.class.php
index ff478be83..13c2940a4 100644
--- a/admin/include/plugins.class.php
+++ b/admin/include/plugins.class.php
@@ -268,8 +268,7 @@ DELETE FROM ' . PLUGINS_TABLE . ' WHERE id="' . $plugin_id . '"';
$version = PHPWG_VERSION;
$versions_to_check = array();
$url = PEM_URL . '/api/get_version_list.php?category_id=12&format=php';
- if ($source = @file_get_contents($url)
- and $pem_versions = @unserialize($source))
+ if (fetchRemote($url, $result) and $pem_versions = @unserialize($result))
{
if (!preg_match('/^\d+\.\d+\.\d+/', $version))
{
@@ -308,9 +307,9 @@ DELETE FROM ' . PLUGINS_TABLE . ' WHERE id="' . $plugin_id . '"';
$url .= $new ? '&extension_exclude=' : '&extension_include=';
$url .= implode(',', $plugins_to_check);
}
- if ($source = @file_get_contents($url))
+ if (fetchRemote($url, $result))
{
- $pem_plugins = @unserialize($source);
+ $pem_plugins = @unserialize($result);
if (!is_array($pem_plugins))
{
return false;
@@ -321,6 +320,7 @@ DELETE FROM ' . PLUGINS_TABLE . ' WHERE id="' . $plugin_id . '"';
}
return true;
}
+ return false;
}
/**
@@ -357,8 +357,10 @@ DELETE FROM ' . PLUGINS_TABLE . ' WHERE id="' . $plugin_id . '"';
{
$url = PEM_URL . '/download.php?rid=' . $revision;
$url .= '&origin=piwigo_' . $action;
- if (@copy($url, $archive))
+
+ if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle))
{
+ fclose($handle);
include(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php');
$zip = new PclZip($archive);
if ($list = $zip->listContent())
diff --git a/admin/intro.php b/admin/intro.php
index 1e1b75f45..f118aa678 100644
--- a/admin/intro.php
+++ b/admin/intro.php
@@ -42,17 +42,14 @@ check_status(ACCESS_ADMINISTRATOR);
// Check for upgrade : code inspired from punbb
if (isset($_GET['action']) and 'check_upgrade' == $_GET['action'])
{
- if (!ini_get('allow_url_fopen'))
+ if (!fetchRemote(PHPWG_URL.'/latest_version', $result))
{
- array_push(
- $page['errors'],
- l10n('Unable to check for upgrade since allow_url_fopen is disabled.')
- );
+ array_push($page['errors'], l10n('Unable to check for upgrade.'));
}
else
{
$versions = array('current' => PHPWG_VERSION);
- $lines = @file(PHPWG_URL.'/latest_version');
+ $lines = @explode("\r\n", $result);
// if the current version is a BSF (development branch) build, we check
// the first line, for stable versions, we check the second line
diff --git a/admin/plugins_new.php b/admin/plugins_new.php
index d2c2ce52f..e86dc0a16 100644
--- a/admin/plugins_new.php
+++ b/admin/plugins_new.php
@@ -89,11 +89,7 @@ $template->assign('order_selected', $link.$order);
// +-----------------------------------------------------------------------+
// | start template output |
// +-----------------------------------------------------------------------+
-if (!ini_get('allow_url_fopen'))
-{
- array_push($page['errors'], l10n('Unable to retrieve server informations since allow_url_fopen is disabled.'));
-}
-elseif ($plugins->get_server_plugins(true))
+if ($plugins->get_server_plugins(true))
{
$plugins->sort_server_plugins($order);
diff --git a/admin/plugins_update.php b/admin/plugins_update.php
index 6040a26a3..944fd3b1a 100644
--- a/admin/plugins_update.php
+++ b/admin/plugins_update.php
@@ -97,11 +97,7 @@ set_plugins_tabsheet($page['page']);
// +-----------------------------------------------------------------------+
// | start template output |
// +-----------------------------------------------------------------------+
-if (!ini_get('allow_url_fopen'))
-{
- array_push($page['errors'], l10n('Unable to connect to PEM server since allow_url_fopen is disabled.'));
-}
-elseif ($plugins->get_server_plugins())
+if ($plugins->get_server_plugins())
{
foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
{