From a1e6ae0f159e9cae29683078e358e10d7675badd Mon Sep 17 00:00:00 2001
From: patdenice <patdenice@piwigo.org>
Date: Sat, 22 Nov 2008 23:34:58 +0000
Subject: merge -c2900 from trunk to branch 2.0. - Bug fixed: username or
 password with accented character are now accepted for upgrade. - Simplify
 query in  pwg_session_write function. - Retrieve data with cURL method in
 fetchRemote function now work with forwarded URL.

git-svn-id: http://piwigo.org/svn/branches/2.0@2901 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 admin/include/functions.php         | 23 +++++++++++++----------
 admin/include/functions_upgrade.php | 10 ++++++++--
 2 files changed, 21 insertions(+), 12 deletions(-)

(limited to 'admin')

diff --git a/admin/include/functions.php b/admin/include/functions.php
index 1c938ca56..a8193d3af 100644
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@@ -1948,6 +1948,10 @@ function cat_admin_access($category_id)
  */
 function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0)
 {
+  // After 3 redirections, return false
+  if ($step > 3) return false;
+
+  // Initialize $dest
   is_resource($dest) or $dest = '';
 
   // Try curl to read remote file
@@ -1955,16 +1959,20 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0)
   {
     $ch = @curl_init();
     @curl_setopt($ch, CURLOPT_URL, $src);
-    @curl_setopt($ch, CURLOPT_HEADER, 0);
+    @curl_setopt($ch, CURLOPT_HEADER, 1);
     @curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
-    is_resource($dest) ?
-      @curl_setopt($ch, CURLOPT_FILE, $dest):
-      @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     $content = @curl_exec($ch);
+    $header_length = @curl_getinfo($ch, CURLINFO_HEADER_SIZE);
     @curl_close($ch);
     if ($content !== false)
     {
-      is_resource($dest) or $dest = $content;
+      if (preg_match('/Location:\s+?(.+)/', substr($content, 0, $header_length), $m))
+      {
+        return fetchRemote($m[1], $dest, $user_agent, $step+1);
+      }
+      $content = substr($content, $header_length);
+      is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
       return true;
     }
   }
@@ -1981,11 +1989,6 @@ function fetchRemote($src, &$dest, $user_agent='Piwigo', $step=0)
   }
 
   // Try fsockopen to read remote file
-  if ($step > 3)
-  {
-    return false;
-  }
-
   $src = parse_url($src);
   $host = $src['host'];
   $path = isset($src['path']) ? $src['path'] : '/';
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php
index 65b0a21ed..01ffb75b8 100644
--- a/admin/include/functions_upgrade.php
+++ b/admin/include/functions_upgrade.php
@@ -141,7 +141,13 @@ function check_upgrade_access_rights($current_release, $username, $password)
     $username = mysql_real_escape_string($username);
   }
 
-  if (version_compare($current_release, '1.5.0', '<'))
+  if (version_compare($current_release, '2.0', '<'))
+  {
+    $username = utf8_decode($username);
+    $password = utf8_decode($password);
+  }
+
+  if (version_compare($current_release, '1.5', '<'))
   {
     $query = '
 SELECT password, status
@@ -166,7 +172,7 @@ WHERE '.$conf['user_fields']['username'].'="'.$username.'"
     $conf['pass_convert'] = create_function('$s', 'return md5($s);');
   }
 
-  if ($row['password'] != $conf['pass_convert']($_POST['password']))
+  if ($row['password'] != $conf['pass_convert']($password))
   {
     array_push($page['errors'], l10n('invalid_pwd'));
   }
-- 
cgit v1.2.3