From c29cc92587926d879ffec3bd1701910ed999ad69 Mon Sep 17 00:00:00 2001 From: Arturo Gonzalez Date: Wed, 1 Jun 2016 10:43:22 +0200 Subject: [PATCH 1/9] Rolling release in progress... (Alert when minor release are available) --- pandora_console/general/header.php | 10 ++- pandora_console/include/api.php | 16 ++++- pandora_console/include/functions_db.php | 85 ++++++++++++++++++++++++ pandora_console/pandoradb_data.sql | 3 +- 4 files changed, 111 insertions(+), 3 deletions(-) diff --git a/pandora_console/general/header.php b/pandora_console/general/header.php index bd2e0afe7c..f9f5a6da12 100644 --- a/pandora_console/general/header.php +++ b/pandora_console/general/header.php @@ -230,9 +230,17 @@ config_check(); //====================================================== - + $check_minor_release_available = false; $pandora_management = check_acl($config['id_user'], 0, "PM"); + if (is_user_admin($config['id_user'])) { + $check_minor_release_available = db_check_minor_relase_available (); + + if ($check_minor_release_available) { + set_pandora_error_for_header('There are one or more minor releases waiting for update', 'minor release/s available'); + } + } + if ($config["alert_cnt"] > 0) { echo ''; diff --git a/pandora_console/include/api.php b/pandora_console/include/api.php index 1397b70644..457c63f8b3 100644 --- a/pandora_console/include/api.php +++ b/pandora_console/include/api.php @@ -56,7 +56,21 @@ $no_login_msg = ""; // Don't change the format, it is parsed by applications switch($info) { case 'version': - echo 'Pandora FMS ' . $pandora_version . ' - ' . $build_version; + if (!$config["minor_release_open"]) { + $config["minor_release_open"] = 0; + } + if (enterprise_installed()) { + if (!$config["minor_release_enterprise"]) { + $config["minor_release_enterprise"] = 0; + } + } + + if (enterprise_installed()) { + echo 'Pandora FMS ' . $pandora_version . ' - ' . $build_version . " MR" . $config["minor_release_enterprise"]; + } + else { + echo 'Pandora FMS ' . $pandora_version . ' - ' . $build_version . " MR" . $config["minor_release_open"]; + } exit; } diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index d8b469cdc9..68ff6fa0e6 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -1273,4 +1273,89 @@ function db_process_file ($path, $handle_error = true) { } } +/** + * Search for minor release files. + * + * @return bool Return if minor release is available or not + */ +function db_check_minor_relase_available () { + global $config; + + $dir = $config["homedir"]."/extras/mr"; + + $have_ent_minor = false; + $have_open_minor = false; + + if (file_exists($dir) && is_dir($dir)) { + if (is_readable($dir)) { + $files = scandir($dir); // Get all the files from the directory ordered by asc + if ($files !== false) { + // Enterprise installed + if (enterprise_installed()) { + $pattern = "/^\d+\.open.sql$/"; + $sqlfiles = preg_grep($pattern, $files); // Get the name of the correct files + $pattern = "/\.open.sql$/"; + $replacement = ""; + $sqlfiles_num = preg_replace($pattern, $replacement, $sqlfiles); // Get the number of the file + + $sqlfiles = null; + + if ($sqlfiles_num) { + foreach ($sqlfiles_num as $sqlfile_num) { + $file = "$dir/$sqlfile_num.sql"; + if ($config["minor_release_open"] < $sqlfile_num) { + $have_open_minor = true; + } + } + } + + $pattern2 = "/^\d+\.ent.sql$/"; + $sqlfiles2 = preg_grep($pattern2, $files); // Get the name of the correct files + $files = null; + $pattern2 = "/\.ent.sql$/"; + $replacement2 = ""; + $sqlfiles_num2 = preg_replace($pattern2, $replacement2, $sqlfiles2); // Get the number of the file + + $sqlfiles2 = null; + + if ($sqlfiles_num2) { + foreach ($sqlfiles_num2 as $sqlfile_num2) { + $file = "$dir/$sqlfile_num2.sql"; + if ($config["minor_release_enterprise"] < $sqlfile_num2) { + $have_ent_minor = true; + } + } + } + } + else { + $pattern = "/^\d+\.open.sql$/"; + $sqlfiles = preg_grep($pattern, $files); // Get the name of the correct files + $files = null; + $pattern = "/\.open.sql$/"; + $replacement = ""; + $sqlfiles_num = preg_replace($pattern, $replacement, $sqlfiles); // Get the number of the file + + $sqlfiles = null; + + if ($sqlfiles_num) { + foreach ($sqlfiles_num as $sqlfile_num) { + $file = "$dir/$sqlfile_num.sql"; + if ($config["minor_release"] < $sqlfile_num) { + $have_open_minor = true; + } + } + } + } + } + } + } + + if ($have_open_minor || $have_ent_minor) { + return true; + } + else { + return false; + } +} + ?> \ No newline at end of file diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql index 39e046f3c2..696148d3dd 100644 --- a/pandora_console/pandoradb_data.sql +++ b/pandora_console/pandoradb_data.sql @@ -108,7 +108,8 @@ INSERT INTO `tconfig` (`token`, `value`) VALUES ('custom_report_front_logo', 'images/pandora_logo_white.jpg'), ('custom_report_front_header', ''), ('custom_report_front_footer', ''), -('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.0009765625":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}'); +('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.0009765625":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}'), +('minor_release_open', 0); UNLOCK TABLES; From 0618dbbab3190c086d549a0d15144ebe350a5b44 Mon Sep 17 00:00:00 2001 From: Arturo Gonzalez Date: Wed, 1 Jun 2016 14:43:31 +0200 Subject: [PATCH 2/9] Rolling release in progress... (Added minor releases) --- pandora_console/general/footer.php | 16 +- pandora_console/include/db/mysql.php | 235 +++++++++++++++++++++++ pandora_console/include/functions.php | 14 ++ pandora_console/include/functions_db.php | 11 +- pandora_console/index.php | 23 +++ 5 files changed, 291 insertions(+), 8 deletions(-) diff --git a/pandora_console/general/footer.php b/pandora_console/general/footer.php index 23022c3d75..d134e8c715 100644 --- a/pandora_console/general/footer.php +++ b/pandora_console/general/footer.php @@ -26,8 +26,22 @@ if (! file_exists ($config["homedir"] . $license_file)) { $license_file = 'general/license/pandora_info_en.html'; } +if (!$config["minor_release_open"]) { + $config["minor_release_open"] = 0; +} +if (enterprise_installed()) { + if (!$config["minor_release_enterprise"]) { + $config["minor_release_enterprise"] = 0; + } +} + echo ''; -echo sprintf(__('Pandora FMS %s - Build %s', $pandora_version, $build_version)); +if (enterprise_installed()) { + echo sprintf(__('Pandora FMS %s - Build %s - MR %s', $pandora_version, $build_version, $config["minor_release_enterprise"])); +} +else { + echo sprintf(__('Pandora FMS %s - Build %s - MR %s', $pandora_version, $build_version, $config["minor_release_open"])); +} echo '
'; echo ''. __('Page generated at') . ' '. ui_print_timestamp ($time, true, array ("prominent" => "timestamp")); //Always use timestamp here echo ''; diff --git a/pandora_console/include/db/mysql.php b/pandora_console/include/db/mysql.php index 3f4a924f67..2419c54bb0 100644 --- a/pandora_console/include/db/mysql.php +++ b/pandora_console/include/db/mysql.php @@ -1175,4 +1175,239 @@ function mysql_db_process_file ($path, $handle_error = true) { return false; } } + +// --------------------------------------------------------------- +// Initiates a transaction and run the queries of an sql file +// --------------------------------------------------------------- + +function db_run_sql_file ($location) { + global $config; + + // Load file + $commands = file_get_contents($location); + + // Delete comments + $lines = explode("\n", $commands); + $commands = ''; + foreach ($lines as $line) { + $line = trim($line); + if ($line && !preg_match('/^--/', $line) && !preg_match('/^\/\*/', $line)) { + $commands .= $line; + } + } + + // Convert to array + $commands = explode(";", $commands); + + // Run commands + mysql_db_process_sql_begin(); // Begin transaction + foreach ($commands as $command) { + if (trim($command)) { + $result = mysql_query($command); + + if (!$result) { + break; // Error + } + } + } + if ($result) { + mysql_db_process_sql_commit(); // Save results + return true; + } + else { + mysql_db_process_sql_rollback(); // Undo results + return false; + } +} + +/** + * Process the file or files in /extras/mr and apply minor releases. + * + * @return string Return error/success message. + */ +function db_update_schema () { + global $config; + + $dir = $config["homedir"]."/extras/mr"; + $message = ''; + + if (file_exists($dir) && is_dir($dir)) { + if (is_readable($dir)) { + if (enterprise_installed()) { + $files = scandir($dir); // Get all the files from the directory ordered by asc + + if ($files !== false) { + $pattern = "/^\d+\.open\.sql$/"; + $sqlfiles = preg_grep($pattern, $files); // Get the name of the correct files + $pattern = "/\.open\.sql$/"; + $replacement = ""; + $sqlfiles_num = preg_replace($pattern, $replacement, $sqlfiles); // Get the number of the file + $sqlfiles = null; + + if ($sqlfiles_num) { + foreach ($sqlfiles_num as $sqlfile_num) { + + $file = "$dir/$sqlfile_num.open.sql"; + + if ($config["minor_release_open"] >= $sqlfile_num) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + $file_dest = "$dir/updated/$sqlfile_num.open.sql"; + if (copy($file, $file_dest)) { + unlink($file); + } + } + else { + $result = db_run_sql_file($file); + + if ($result) { + $update_config = update_config_token("minor_release_open", $sqlfile_num); + if ($update_config) { + $config["minor_release_open"] = $sqlfile_num; + } + + if ($config["minor_release_open"] == $sqlfile_num) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + + $file_dest = "$dir/updated/$sqlfile_num.open.sql"; + + if (copy($file, $file_dest)) { + unlink($file); + } + } + + $message = "

".__('The database schema has been updated to the minor release')." $sqlfile_num

"; + } + else { + $message = "

".__('An error occurred while updating the database schema to the minor release')." $sqlfile_num

"; + break; + } + } + } + } + + $pattern2 = "/^\d+\.ent\.sql$/"; + $sqlfiles2 = preg_grep($pattern2, $files); // Get the name of the correct files + $files = null; + $pattern2 = "/\.ent\.sql$/"; + $replacement2 = ""; + $sqlfiles_num2 = preg_replace($pattern2, $replacement2, $sqlfiles2); // Get the number of the file + $sqlfiles2 = null; + + if ($sqlfiles_num2) { + foreach ($sqlfiles_num2 as $sqlfile_num2) { + + $file = "$dir/$sqlfile_num2.ent.sql"; + + if ($config["minor_release_enterprise"] >= $sqlfile_num2) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + $file_dest = "$dir/updated/$sqlfile_num2.ent.sql"; + if (copy($file, $file_dest)) { + unlink($file); + } + } + else { + $result = db_run_sql_file($file); + + if ($result) { + $update_config2 = update_config_token("minor_release_enterprise", $sqlfile_num2); + if ($update_config2) { + $config["minor_release_enterprise"] = $sqlfile_num2; + } + + if ($config["minor_release_enterprise"] == $sqlfile_num2) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + $file_dest = "$dir/updated/$sqlfile_num2.ent.sql"; + if (copy($file, $file_dest)) { + unlink($file); + } + } + + $message = "

".__('The database schema has been updated to the minor release')." $sqlfile_num2

"; + } + else { + $message = "

".__('An error occurred while updating the database schema to the minor release')." $sqlfile_num2

"; + break; + } + } + } + } + } + } + else { + $files = scandir($dir); // Get all the files from the directory ordered by asc + + if ($files !== false) { + $pattern = "/^\d+\.open\.sql$/"; + $sqlfiles = preg_grep($pattern, $files); // Get the name of the correct files + $files = null; + $pattern = "/\.open\.sql$/"; + $replacement = ""; + $sqlfiles_num = preg_replace($pattern, $replacement, $sqlfiles); // Get the number of the file + $sqlfiles = null; + + if ($sqlfiles_num) { + foreach ($sqlfiles_num as $sqlfile_num) { + + $file = "$dir/$sqlfile_num.open.sql"; + + if ($config["minor_release_open"] >= $sqlfile_num) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + $file_dest = "$dir/updated/$sqlfile_num.open.sql"; + if (copy($file, $file_dest)) { + unlink($file); + } + } + else { + $result = db_run_sql_file($file); + + if ($result) { + $update_config = update_config_token("minor_release_open", $sqlfile_num); + if ($update_config) { + $config["minor_release_open"] = $sqlfile_num; + } + + if ($config["minor_release_open"] == $sqlfile_num) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + + $file_dest = "$dir/updated/$sqlfile_num.open.sql"; + if (copy($file, $file_dest)) { + unlink($file); + } + } + + $message = "

".__('The database schema has been updated to the minor release')." $sqlfile_num

"; + } + else { + $message = "

".__('An error occurred while updating the database schema to the minor release ')." $sqlfile_num

"; + break; + } + } + } + } + } + } + } + else { + $message = "

".__('The directory '.$dir.' should have read permissions in order to update the database schema')."

"; + } + } + else { + $message = "

".__('The directory '.$dir.' does not exist')."

"; + } + + return $message; +} + ?> diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index b632f7004c..7ac39285e7 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -2619,4 +2619,18 @@ function pandora_setlocale() { setlocale(LC_ALL, str_replace(array_keys($replace_locale), $replace_locale, $user_language)); } + +function update_config_token ($cfgtoken, $cfgvalue) { + global $config; + + $delete = db_process_sql ("DELETE FROM tconfig WHERE token = '$cfgtoken'"); + $insert = db_process_sql ("INSERT INTO tconfig (token, value) VALUES ('$cfgtoken', '$cfgvalue')"); + + if ($delete && $insert) { + return true; + } + else { + return false; + } +} ?> diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index 68ff6fa0e6..4a6c8ff684 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -1292,9 +1292,9 @@ function db_check_minor_relase_available () { if ($files !== false) { // Enterprise installed if (enterprise_installed()) { - $pattern = "/^\d+\.open.sql$/"; + $pattern = "/^\d+\.open\.sql$/"; $sqlfiles = preg_grep($pattern, $files); // Get the name of the correct files - $pattern = "/\.open.sql$/"; + $pattern = "/\.open\.sql$/"; $replacement = ""; $sqlfiles_num = preg_replace($pattern, $replacement, $sqlfiles); // Get the number of the file @@ -1302,17 +1302,16 @@ function db_check_minor_relase_available () { if ($sqlfiles_num) { foreach ($sqlfiles_num as $sqlfile_num) { - $file = "$dir/$sqlfile_num.sql"; if ($config["minor_release_open"] < $sqlfile_num) { $have_open_minor = true; } } } - $pattern2 = "/^\d+\.ent.sql$/"; + $pattern2 = "/^\d+\.ent\.sql$/"; $sqlfiles2 = preg_grep($pattern2, $files); // Get the name of the correct files $files = null; - $pattern2 = "/\.ent.sql$/"; + $pattern2 = "/\.ent\.sql$/"; $replacement2 = ""; $sqlfiles_num2 = preg_replace($pattern2, $replacement2, $sqlfiles2); // Get the number of the file @@ -1320,7 +1319,6 @@ function db_check_minor_relase_available () { if ($sqlfiles_num2) { foreach ($sqlfiles_num2 as $sqlfile_num2) { - $file = "$dir/$sqlfile_num2.sql"; if ($config["minor_release_enterprise"] < $sqlfile_num2) { $have_ent_minor = true; } @@ -1339,7 +1337,6 @@ function db_check_minor_relase_available () { if ($sqlfiles_num) { foreach ($sqlfiles_num as $sqlfile_num) { - $file = "$dir/$sqlfile_num.sql"; if ($config["minor_release"] < $sqlfile_num) { $have_open_minor = true; } diff --git a/pandora_console/index.php b/pandora_console/index.php index 7875442db3..0ab42a79b0 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -174,6 +174,7 @@ if ($change_pass == 1) { $changed_pass = login_update_password_check ($password_old, $password_new, $password_confirm, $id); } +$minor_release_message = false; $searchPage = false; $search = get_parameter_get("head_search_keywords"); if (strlen($search) > 0) { @@ -430,6 +431,8 @@ if (! isset ($config['id_user'])) { db_logon ($nick_in_db, $_SERVER['REMOTE_ADDR']); $_SESSION['id_usuario'] = $nick_in_db; $config['id_user'] = $nick_in_db; + + $minor_release_message = db_update_schema(); //========================================================== //-------- SET THE CUSTOM CONFIGS OF USER ------------------ @@ -596,6 +599,26 @@ if ($old_global_counter_chat != $now_global_counter_chat) { $_SESSION['new_chat'] = true; } +if ($minor_release_message) { + echo "
$minor_release_message
"; + echo ""; +} + if (get_parameter ('login', 0) !== 0) { // Display news dialog include_once("general/news_dialog.php"); From b706e92b3452c83a2200b0e6b1c3f3626c88136f Mon Sep 17 00:00:00 2001 From: Arturo Gonzalez Date: Wed, 1 Jun 2016 15:26:19 +0200 Subject: [PATCH 3/9] Rolling release in progress... (Fixed an important thing) --- pandora_console/index.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pandora_console/index.php b/pandora_console/index.php index 0ab42a79b0..f22a42bf34 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -432,7 +432,9 @@ if (! isset ($config['id_user'])) { $_SESSION['id_usuario'] = $nick_in_db; $config['id_user'] = $nick_in_db; - $minor_release_message = db_update_schema(); + if (is_user_admin($config['id_user'])) { + $minor_release_message = db_update_schema(); + } //========================================================== //-------- SET THE CUSTOM CONFIGS OF USER ------------------ From 8c20874a8812a47805ab252b12397f991d719b2c Mon Sep 17 00:00:00 2001 From: Arturo Gonzalez Date: Tue, 19 Jul 2016 12:39:03 +0200 Subject: [PATCH 4/9] Changed rolling release manager system. --- pandora_console/general/header.php | 10 +- .../include/ajax/rolling_release.ajax.php | 104 ++++++++++ pandora_console/include/db/mysql.php | 190 ------------------ pandora_console/include/functions.php | 57 ++++++ pandora_console/index.php | 137 +++++++++++-- 5 files changed, 280 insertions(+), 218 deletions(-) create mode 100644 pandora_console/include/ajax/rolling_release.ajax.php diff --git a/pandora_console/general/header.php b/pandora_console/general/header.php index f9f5a6da12..2323d41e45 100644 --- a/pandora_console/general/header.php +++ b/pandora_console/general/header.php @@ -233,12 +233,10 @@ config_check(); $check_minor_release_available = false; $pandora_management = check_acl($config['id_user'], 0, "PM"); - if (is_user_admin($config['id_user'])) { - $check_minor_release_available = db_check_minor_relase_available (); - - if ($check_minor_release_available) { - set_pandora_error_for_header('There are one or more minor releases waiting for update', 'minor release/s available'); - } + $check_minor_release_available = db_check_minor_relase_available (); + + if ($check_minor_release_available) { + set_pandora_error_for_header('There are one or more minor releases waiting for update, there are required administrator permissions', 'minor release/s available'); } if ($config["alert_cnt"] > 0) { diff --git a/pandora_console/include/ajax/rolling_release.ajax.php b/pandora_console/include/ajax/rolling_release.ajax.php new file mode 100644 index 0000000000..274cda1088 --- /dev/null +++ b/pandora_console/include/ajax/rolling_release.ajax.php @@ -0,0 +1,104 @@ += $number) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + $file_dest = "$dir/updated/$number.open.sql"; + if (copy($file, $file_dest)) { + unlink($file); + } + } + else { + $result = db_run_sql_file($file); + + if ($result) { + $update_config = update_config_token("minor_release_open", $number); + if ($update_config) { + $config["minor_release_open"] = $number; + } + + if ($config["minor_release_open"] == $number) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + + $file_dest = "$dir/updated/$number.open.sql"; + + if (copy($file, $file_dest)) { + unlink($file); + } + } + } + else { + $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); + $message = "An error occurred while updating the database schema to the minor release " . $number; + fwrite($error_file, $message); + fclose($error_file); + } + } + } + else { + $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); + $message = "The directory ' . $dir . ' should have read permissions in order to update the database schema"; + fwrite($error_file, $message); + fclose($error_file); + } + } + else { + $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); + $message = "The directory ' . $dir . ' does not exist"; + fwrite($error_file, $message); + fclose($error_file); + } + + echo $message; + return; + } + else if ($check_finish) { + $check = db_check_minor_relase_available(); + + if (file_exists($config["homedir"] . "/extras/mr/error.txt")) { + unlink($config["homedir"] . "/extras/mr/error.txt"); + $check = 2; + } + + echo $check; + return; + } + else if ($check_minor_number) { + echo $config['minor_release_open']; + return; + } +} + +?> diff --git a/pandora_console/include/db/mysql.php b/pandora_console/include/db/mysql.php index 2419c54bb0..d0b372fa00 100644 --- a/pandora_console/include/db/mysql.php +++ b/pandora_console/include/db/mysql.php @@ -1220,194 +1220,4 @@ function db_run_sql_file ($location) { } } -/** - * Process the file or files in /extras/mr and apply minor releases. - * - * @return string Return error/success message. - */ -function db_update_schema () { - global $config; - - $dir = $config["homedir"]."/extras/mr"; - $message = ''; - - if (file_exists($dir) && is_dir($dir)) { - if (is_readable($dir)) { - if (enterprise_installed()) { - $files = scandir($dir); // Get all the files from the directory ordered by asc - - if ($files !== false) { - $pattern = "/^\d+\.open\.sql$/"; - $sqlfiles = preg_grep($pattern, $files); // Get the name of the correct files - $pattern = "/\.open\.sql$/"; - $replacement = ""; - $sqlfiles_num = preg_replace($pattern, $replacement, $sqlfiles); // Get the number of the file - $sqlfiles = null; - - if ($sqlfiles_num) { - foreach ($sqlfiles_num as $sqlfile_num) { - - $file = "$dir/$sqlfile_num.open.sql"; - - if ($config["minor_release_open"] >= $sqlfile_num) { - if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { - mkdir($dir."/updated"); - } - $file_dest = "$dir/updated/$sqlfile_num.open.sql"; - if (copy($file, $file_dest)) { - unlink($file); - } - } - else { - $result = db_run_sql_file($file); - - if ($result) { - $update_config = update_config_token("minor_release_open", $sqlfile_num); - if ($update_config) { - $config["minor_release_open"] = $sqlfile_num; - } - - if ($config["minor_release_open"] == $sqlfile_num) { - if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { - mkdir($dir."/updated"); - } - - $file_dest = "$dir/updated/$sqlfile_num.open.sql"; - - if (copy($file, $file_dest)) { - unlink($file); - } - } - - $message = "

".__('The database schema has been updated to the minor release')." $sqlfile_num

"; - } - else { - $message = "

".__('An error occurred while updating the database schema to the minor release')." $sqlfile_num

"; - break; - } - } - } - } - - $pattern2 = "/^\d+\.ent\.sql$/"; - $sqlfiles2 = preg_grep($pattern2, $files); // Get the name of the correct files - $files = null; - $pattern2 = "/\.ent\.sql$/"; - $replacement2 = ""; - $sqlfiles_num2 = preg_replace($pattern2, $replacement2, $sqlfiles2); // Get the number of the file - $sqlfiles2 = null; - - if ($sqlfiles_num2) { - foreach ($sqlfiles_num2 as $sqlfile_num2) { - - $file = "$dir/$sqlfile_num2.ent.sql"; - - if ($config["minor_release_enterprise"] >= $sqlfile_num2) { - if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { - mkdir($dir."/updated"); - } - $file_dest = "$dir/updated/$sqlfile_num2.ent.sql"; - if (copy($file, $file_dest)) { - unlink($file); - } - } - else { - $result = db_run_sql_file($file); - - if ($result) { - $update_config2 = update_config_token("minor_release_enterprise", $sqlfile_num2); - if ($update_config2) { - $config["minor_release_enterprise"] = $sqlfile_num2; - } - - if ($config["minor_release_enterprise"] == $sqlfile_num2) { - if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { - mkdir($dir."/updated"); - } - $file_dest = "$dir/updated/$sqlfile_num2.ent.sql"; - if (copy($file, $file_dest)) { - unlink($file); - } - } - - $message = "

".__('The database schema has been updated to the minor release')." $sqlfile_num2

"; - } - else { - $message = "

".__('An error occurred while updating the database schema to the minor release')." $sqlfile_num2

"; - break; - } - } - } - } - } - } - else { - $files = scandir($dir); // Get all the files from the directory ordered by asc - - if ($files !== false) { - $pattern = "/^\d+\.open\.sql$/"; - $sqlfiles = preg_grep($pattern, $files); // Get the name of the correct files - $files = null; - $pattern = "/\.open\.sql$/"; - $replacement = ""; - $sqlfiles_num = preg_replace($pattern, $replacement, $sqlfiles); // Get the number of the file - $sqlfiles = null; - - if ($sqlfiles_num) { - foreach ($sqlfiles_num as $sqlfile_num) { - - $file = "$dir/$sqlfile_num.open.sql"; - - if ($config["minor_release_open"] >= $sqlfile_num) { - if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { - mkdir($dir."/updated"); - } - $file_dest = "$dir/updated/$sqlfile_num.open.sql"; - if (copy($file, $file_dest)) { - unlink($file); - } - } - else { - $result = db_run_sql_file($file); - - if ($result) { - $update_config = update_config_token("minor_release_open", $sqlfile_num); - if ($update_config) { - $config["minor_release_open"] = $sqlfile_num; - } - - if ($config["minor_release_open"] == $sqlfile_num) { - if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { - mkdir($dir."/updated"); - } - - $file_dest = "$dir/updated/$sqlfile_num.open.sql"; - if (copy($file, $file_dest)) { - unlink($file); - } - } - - $message = "

".__('The database schema has been updated to the minor release')." $sqlfile_num

"; - } - else { - $message = "

".__('An error occurred while updating the database schema to the minor release ')." $sqlfile_num

"; - break; - } - } - } - } - } - } - } - else { - $message = "

".__('The directory '.$dir.' should have read permissions in order to update the database schema')."

"; - } - } - else { - $message = "

".__('The directory '.$dir.' does not exist')."

"; - } - - return $message; -} - ?> diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 7ac39285e7..773aa39a14 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -2633,4 +2633,61 @@ function update_config_token ($cfgtoken, $cfgvalue) { return false; } } + +function update_conf_minor_release() { + global $config; + + $config['minor_release_open'] = db_get_value ('value', 'tconfig', 'token', 'minor_release_open'); + + if (enterprise_installed()) { + $config['minor_release_enterprise'] = db_get_value ('value', 'tconfig', 'token', 'minor_release_enterprise'); + } +} + +function get_number_of_mr($mode) { + global $config; + + $dir = $config["homedir"]."/extras/mr"; + $mr_size = array(); + + if (file_exists($dir) && is_dir($dir)) { + if (is_readable($dir)) { + if ($mode == 'open') { + $files = scandir($dir); // Get all the files from the directory ordered by asc + + if ($files !== false) { + $pattern = "/^\d+\.open\.sql$/"; + $sqlfiles = preg_grep($pattern, $files); // Get the name of the correct files + $pattern = "/\.open\.sql$/"; + $replacement = ""; + $sqlfiles_num = preg_replace($pattern, $replacement, $sqlfiles); + + foreach ($sqlfiles_num as $num) { + $mr_size[] = $num; + } + } + } + else { + if (enterprise_installed()) { + $files2 = scandir($dir); // Get all the files from the directory ordered by asc + + if ($files2 !== false) { + $pattern2 = "/^\d+\.ent\.sql$/"; + $sqlfiles2 = preg_grep($pattern2, $files2); // Get the name of the correct files + + $pattern2 = "/\.ent\.sql$/"; + $replacement2 = ""; + $sqlfiles_num2 = preg_replace($pattern2, $replacement2, $sqlfiles2); // Get the number of the file + + foreach ($sqlfiles_num2 as $num2) { + $mr_size[] = $num2; + } + } + } + } + } + } + return $mr_size; +} + ?> diff --git a/pandora_console/index.php b/pandora_console/index.php index f22a42bf34..efa920bb18 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -433,7 +433,43 @@ if (! isset ($config['id_user'])) { $config['id_user'] = $nick_in_db; if (is_user_admin($config['id_user'])) { - $minor_release_message = db_update_schema(); + $have_minor_releases = db_check_minor_relase_available(); + + if ($have_minor_releases) { + $size_mr_o = get_number_of_mr('open'); + $size_mr_e = get_number_of_mr('enterprise'); + echo "
" . __('') . "
"; + ?> + + $minor_release_message"; - echo ""; -} - if (get_parameter ('login', 0) !== 0) { // Display news dialog include_once("general/news_dialog.php"); @@ -848,7 +864,84 @@ require('include/php_to_js_values.php'); return rv; }; })(); - + + function apply_minor_release (n_mr_o, n_mr_e) { + $.each(n_mr_o, function(i, open_mr) { + var params = {}; + var error = false; + params["updare_rr_open"] = 1; + params["number"] = open_mr; + params["page"] = "include/ajax/rolling_release.ajax"; + + jQuery.ajax ({ + data: params, + async: false, + dataType: "html", + type: "POST", + url: "ajax.php", + success: function (data) { + if (data != "") { + alert("Error: " + data); + error = true; + } + } + }); + + if (error == true) { + return false; + } + }); + + $.each(n_mr_e, function(i, e_mr) { + var params = {}; + var error2 = false; + params["updare_rr_enterprise"] = 1; + params["number"] = e_mr; + params["page"] = "enterprise/include/ajax/rolling_release.ajax"; + + jQuery.ajax ({ + data: params, + async: false, + dataType: "html", + type: "POST", + url: "ajax.php", + success: function (data) { + if (data != "") { + alert("Error: " + data); + error2 = true; + } + } + }); + + if (error2 == true) { + return false; + } + }); + + check_is_finished_mr(); + } + + function check_is_finished_mr () { + var params = {}; + params["check_finish"] = 1; + params["page"] = "include/ajax/rolling_release.ajax"; + + jQuery.ajax ({ + data: params, + dataType: "html", + type: "POST", + url: "ajax.php", + success: function (data) { + if (data == 1) { + setInterval(check_is_finished_mr, 2000); + } + else if (data == 0) { + alert("Updated finished successfully"); + } + } + }); + } + //Dynamically assign footer position and width. function adjustFooter() { /* From eefb094df6a87385d7dde1504ebf63099c170a52 Mon Sep 17 00:00:00 2001 From: Arturo Gonzalez Date: Tue, 19 Jul 2016 13:48:56 +0200 Subject: [PATCH 5/9] Added restriction to dangerous querys (drop database). --- .../include/ajax/rolling_release.ajax.php | 99 +++++++++++-------- 1 file changed, 59 insertions(+), 40 deletions(-) diff --git a/pandora_console/include/ajax/rolling_release.ajax.php b/pandora_console/include/ajax/rolling_release.ajax.php index 274cda1088..0c5a121621 100644 --- a/pandora_console/include/ajax/rolling_release.ajax.php +++ b/pandora_console/include/ajax/rolling_release.ajax.php @@ -27,59 +27,78 @@ if (is_ajax ()) { $dir = $config["homedir"]."/extras/mr"; $file = "$dir/$number.open.sql"; - if (file_exists($dir) && is_dir($dir)) { - if (is_readable($dir)) { - if ($config["minor_release_open"] >= $number) { - if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { - mkdir($dir."/updated"); - } - $file_dest = "$dir/updated/$number.open.sql"; - if (copy($file, $file_dest)) { - unlink($file); - } - } - else { - $result = db_run_sql_file($file); - - if ($result) { - $update_config = update_config_token("minor_release_open", $number); - if ($update_config) { - $config["minor_release_open"] = $number; + + $dangerous_query = false; + $mr_file = fopen($file, "r"); + while (!feof($mr_file)) { + $line = fgets($mr_file); + if ((preg_match("/^drop/", $line)) || + (preg_match("/^DROP/", $line))) { + $dangerous_query = true; + } + } + + if ($dangerous_query) { + $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); + $message = "The sql file contains a dangerous query"; + fwrite($error_file, $message); + fclose($error_file); + } + else { + if (file_exists($dir) && is_dir($dir)) { + if (is_readable($dir)) { + if ($config["minor_release_open"] >= $number) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); } - - if ($config["minor_release_open"] == $number) { - if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { - mkdir($dir."/updated"); - } - - $file_dest = "$dir/updated/$number.open.sql"; - - if (copy($file, $file_dest)) { - unlink($file); - } + $file_dest = "$dir/updated/$number.open.sql"; + if (copy($file, $file_dest)) { + unlink($file); } } else { - $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); - $message = "An error occurred while updating the database schema to the minor release " . $number; - fwrite($error_file, $message); - fclose($error_file); + $result = db_run_sql_file($file); + + if ($result) { + $update_config = update_config_token("minor_release_open", $number); + if ($update_config) { + $config["minor_release_open"] = $number; + } + + if ($config["minor_release_open"] == $number) { + if (!file_exists($dir."/updated") || !is_dir($dir."/updated")) { + mkdir($dir."/updated"); + } + + $file_dest = "$dir/updated/$number.open.sql"; + + if (copy($file, $file_dest)) { + unlink($file); + } + } + } + else { + $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); + $message = "An error occurred while updating the database schema to the minor release " . $number; + fwrite($error_file, $message); + fclose($error_file); + } } } + else { + $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); + $message = "The directory ' . $dir . ' should have read permissions in order to update the database schema"; + fwrite($error_file, $message); + fclose($error_file); + } } else { $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); - $message = "The directory ' . $dir . ' should have read permissions in order to update the database schema"; + $message = "The directory ' . $dir . ' does not exist"; fwrite($error_file, $message); fclose($error_file); } } - else { - $error_file = fopen($config["homedir"] . "/extras/mr/error.txt", "w"); - $message = "The directory ' . $dir . ' does not exist"; - fwrite($error_file, $message); - fclose($error_file); - } echo $message; return; From 70c771013c87f9b137a51c344cc6e212739513e5 Mon Sep 17 00:00:00 2001 From: Arturo Gonzalez Date: Tue, 19 Jul 2016 15:39:31 +0200 Subject: [PATCH 6/9] Fixed things in rolling release develop --- .../include/ajax/rolling_release.ajax.php | 20 +-------- pandora_console/index.php | 41 ++++++------------- 2 files changed, 14 insertions(+), 47 deletions(-) diff --git a/pandora_console/include/ajax/rolling_release.ajax.php b/pandora_console/include/ajax/rolling_release.ajax.php index 0c5a121621..37da049647 100644 --- a/pandora_console/include/ajax/rolling_release.ajax.php +++ b/pandora_console/include/ajax/rolling_release.ajax.php @@ -15,12 +15,9 @@ // Only accesible by ajax if (is_ajax ()) { global $config; - check_login(); $updare_rr_open = get_parameter('updare_rr_open', 0); - $check_minor_number = get_parameter('check_minor_number', 0); - $check_finish = get_parameter('check_finish', 0); if ($updare_rr_open) { $number = get_parameter('number'); @@ -33,7 +30,7 @@ if (is_ajax ()) { while (!feof($mr_file)) { $line = fgets($mr_file); if ((preg_match("/^drop/", $line)) || - (preg_match("/^DROP/", $line))) { + (preg_match("/^truncate table/", $line))) { $dangerous_query = true; } } @@ -103,21 +100,6 @@ if (is_ajax ()) { echo $message; return; } - else if ($check_finish) { - $check = db_check_minor_relase_available(); - - if (file_exists($config["homedir"] . "/extras/mr/error.txt")) { - unlink($config["homedir"] . "/extras/mr/error.txt"); - $check = 2; - } - - echo $check; - return; - } - else if ($check_minor_number) { - echo $config['minor_release_open']; - return; - } } ?> diff --git a/pandora_console/index.php b/pandora_console/index.php index efa920bb18..364c2d40cf 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -450,8 +450,8 @@ if (! isset ($config['id_user'])) { opacity: 0.5, background: 'black' }, - width: 400, - height: 150, + width: 600, + height: 350, buttons: { "Apply minor releases": function() { var n_mr_o = ''; @@ -464,7 +464,12 @@ if (! isset ($config['id_user'])) { } } }); - $('#mr_dialog2').text('Do you want to apply minor releases?'); + + var dialog_text = "

Do you want to apply minor releases?


"; + dialog_text = dialog_text + "

We recommend launch a planned downtime to this process


"; + dialog_text = dialog_text + "index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.list\">Planned downtimes
" + + $('#mr_dialog2').html(dialog_text); $('#mr_dialog2').dialog('open'); }); @@ -866,9 +871,9 @@ require('include/php_to_js_values.php'); })(); function apply_minor_release (n_mr_o, n_mr_e) { + var error = false; $.each(n_mr_o, function(i, open_mr) { var params = {}; - var error = false; params["updare_rr_open"] = 1; params["number"] = open_mr; params["page"] = "include/ajax/rolling_release.ajax"; @@ -891,10 +896,9 @@ require('include/php_to_js_values.php'); return false; } }); - + var error2 = false; $.each(n_mr_e, function(i, e_mr) { var params = {}; - var error2 = false; params["updare_rr_enterprise"] = 1; params["number"] = e_mr; params["page"] = "enterprise/include/ajax/rolling_release.ajax"; @@ -918,28 +922,9 @@ require('include/php_to_js_values.php'); } }); - check_is_finished_mr(); - } - - function check_is_finished_mr () { - var params = {}; - params["check_finish"] = 1; - params["page"] = "include/ajax/rolling_release.ajax"; - - jQuery.ajax ({ - data: params, - dataType: "html", - type: "POST", - url: "ajax.php", - success: function (data) { - if (data == 1) { - setInterval(check_is_finished_mr, 2000); - } - else if (data == 0) { - alert("Updated finished successfully"); - } - } - }); + if (!error && !error2) { + alert("Updated finished successfully"); + } } //Dynamically assign footer position and width. From 902d0fac9a1daac876593a0de7be28102e6e6540 Mon Sep 17 00:00:00 2001 From: Arturo Gonzalez Date: Wed, 20 Jul 2016 10:08:31 +0200 Subject: [PATCH 7/9] Control PHP restrictions to minor release process. --- pandora_console/index.php | 165 ++++++++++++++++++++++---------------- 1 file changed, 95 insertions(+), 70 deletions(-) diff --git a/pandora_console/index.php b/pandora_console/index.php index 364c2d40cf..e976d43c83 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -36,7 +36,7 @@ if ($develop_bypass != 1) { exit; } } - + if (filesize("include/config.php") == 0) { include ("install.php"); exit; @@ -99,7 +99,7 @@ if (!empty ($config["https"]) && empty ($_SERVER['HTTPS'])) { if (sizeof ($_REQUEST)) //Some (old) browsers don't like the ?&key=var $query .= '?1=1'; - + //We don't clean these variables up as they're only being passed along foreach ($_GET as $key => $value) { if ($key == 1) @@ -110,11 +110,11 @@ if (!empty ($config["https"]) && empty ($_SERVER['HTTPS'])) { $query .= '&'.$key.'='.$value; } $url = ui_get_full_url($query); - + // Prevent HTTP response splitting attacks // http://en.wikipedia.org/wiki/HTTP_response_splitting $url = str_replace ("\n", "", $url); - + header ('Location: '.$url); exit; //Always exit after sending location headers } @@ -140,10 +140,10 @@ echo '' . "\n"; //This starts the page head. In the call back function, things from $page['head'] array will be processed into the head ob_start ('ui_process_page_head'); -// Enterprise main +// Enterprise main enterprise_include ('index.php'); -// This tag is included in the buffer passed to ui_process_page_head so +// This tag is included in the buffer passed to ui_process_page_head so // technically it can be stripped echo '' . "\n"; @@ -165,12 +165,12 @@ $process_login = false; $change_pass = get_parameter_post('renew_password', 0); if ($change_pass == 1) { - + $password_old = (string) get_parameter_post ('old_password', ''); $password_new = (string) get_parameter_post ('new_password', ''); $password_confirm = (string) get_parameter_post ('confirm_new_password', ''); $id = (string) get_parameter_post ('login', ''); - + $changed_pass = login_update_password_check ($password_old, $password_new, $password_confirm, $id); } @@ -189,40 +189,40 @@ if (strlen($search) > 0) { if (! isset ($config['id_user'])) { if (isset ($_GET["login"])) { include_once('include/functions_db.php'); //Include it to use escape_string_sql function - + $config["auth_error"] = ""; //Set this to the error message from the authorization mechanism $nick = get_parameter_post ("nick"); //This is the variable with the login $pass = get_parameter_post ("pass"); //This is the variable with the password $nick = db_escape_string_sql($nick); $pass = db_escape_string_sql($pass); - + //Since now, only the $pass variable are needed unset ($_GET['pass'], $_POST['pass'], $_REQUEST['pass']); - + // If the auth_code exists, we assume the user has come through the double auth page if (isset ($_POST['auth_code'])) { $double_auth_success = false; - + // The double authentication is activated and the user has surpassed the first step (the login). // Now the authentication code provided will be checked. if (isset ($_SESSION['prepared_login_da'])) { if (isset ($_SESSION['prepared_login_da']['id_user']) && isset ($_SESSION['prepared_login_da']['timestamp'])) { - + // The user has a maximum of 5 minutes to introduce the double auth code $dauth_period = SECONDS_2MINUTES; $now = time(); $dauth_time = $_SESSION['prepared_login_da']['timestamp']; - + if ($now - $dauth_period < $dauth_time) { // Nick $nick = $_SESSION["prepared_login_da"]['id_user']; // Code $code = (string) get_parameter_post ("auth_code"); - + if (!empty($code)) { $result = validate_double_auth_code($nick, $code); - + if ($result === true) { // Double auth success $double_auth_success = true; @@ -232,7 +232,7 @@ if (! isset ($config['id_user'])) { $login_screen = 'double_auth'; // Error message $config["auth_error"] = __("Invalid code"); - + if (!isset($_SESSION['prepared_login_da']['attempts'])) $_SESSION['prepared_login_da']['attempts'] = 0; $_SESSION['prepared_login_da']['attempts']++; @@ -243,7 +243,7 @@ if (! isset ($config['id_user'])) { $login_screen = 'double_auth'; // Error message $config["auth_error"] = __("The code shouldn't be empty"); - + if (!isset($_SESSION['prepared_login_da']['attempts'])) $_SESSION['prepared_login_da']['attempts'] = 0; $_SESSION['prepared_login_da']['attempts']++; @@ -252,7 +252,7 @@ if (! isset ($config['id_user'])) { else { // Expired login unset ($_SESSION['prepared_login_da']); - + // Error message $config["auth_error"] = __('Expired login'); } @@ -260,7 +260,7 @@ if (! isset ($config['id_user'])) { else { // If the code doesn't exist, remove the prepared login unset ($_SESSION['prepared_login_da']); - + // Error message $config["auth_error"] = __('Login error'); } @@ -270,10 +270,10 @@ if (! isset ($config['id_user'])) { // Error message $config["auth_error"] = __('Login error'); } - + // Remove the authenticator code unset ($_POST['auth_code'], $code); - + if (!$double_auth_success) { $login_failed = true; require_once ('general/login_page.php'); @@ -305,27 +305,27 @@ if (! isset ($config['id_user'])) { // The auth file can set $config["auth_error"] to an informative error output or reference their internal error messages to it // process_user_login should return false in case of errors or invalid login, the nickname if correct $nick_in_db = process_user_login ($nick, $pass); - + $expired_pass = false; - + if (($nick_in_db != false) && ((!is_user_admin($nick) || $config['enable_pass_policy_admin'])) && (defined('PANDORA_ENTERPRISE')) && ($config['enable_pass_policy'])) { include_once(ENTERPRISE_DIR . "/include/auth/mysql.php"); - + $blocked = login_check_blocked($nick); - + if ($blocked) { require_once ('general/login_page.php'); db_pandora_audit("Password expired", "Password expired: ".$nick, $nick); while (@ob_end_flush ()); exit (""); } - + //Checks if password has expired $check_status = check_pass_status($nick, $pass); - + switch ($check_status) { case PASSSWORD_POLICIES_FIRST_CHANGE: //first change case PASSSWORD_POLICIES_EXPIRED: //pass expired @@ -335,10 +335,10 @@ if (! isset ($config['id_user'])) { } } } - + if (($nick_in_db !== false) && $expired_pass) { //login ok and password has expired - + require_once ('general/login_page.php'); db_pandora_audit("Password expired", "Password expired: " . $nick, $nick); @@ -347,7 +347,7 @@ if (! isset ($config['id_user'])) { } else if (($nick_in_db !== false) && (!$expired_pass)) { //login ok and password has not expired - + // Double auth check if ((!isset ($double_auth_success) || !$double_auth_success) && is_double_auth_enabled($nick_in_db)) { // Store this values in the session to know if the user login was correct @@ -356,24 +356,24 @@ if (! isset ($config['id_user'])) { 'timestamp' => time(), 'attempts' => 0 ); - + // Load the page to introduce the double auth code $login_screen = 'double_auth'; require_once ('general/login_page.php'); while (@ob_end_flush ()); exit (""); } - + //login ok and password has not expired $process_login = true; - + echo ""; - + if (!isset($_GET["sec2"]) && !isset($_GET["sec"])) { // Avoid the show homepage when the user go to // a specific section of pandora // for example when timeout the sesion - + unset ($_GET["sec2"]); $_GET["sec"] = "general/logon_ok"; $home_page =''; @@ -425,9 +425,9 @@ if (! isset ($config['id_user'])) { $_GET["sec"] = "general/logon_ok"; } } - + } - + db_logon ($nick_in_db, $_SERVER['REMOTE_ADDR']); $_SESSION['id_usuario'] = $nick_in_db; $config['id_user'] = $nick_in_db; @@ -435,6 +435,27 @@ if (! isset ($config['id_user'])) { if (is_user_admin($config['id_user'])) { $have_minor_releases = db_check_minor_relase_available(); + // PHP configuration values + $PHPupload_max_filesize = config_return_in_bytes(ini_get('upload_max_filesize')); + $PHPmemory_limit = config_return_in_bytes(ini_get('memory_limit')); + $PHPmax_execution_time = ini_get('max_execution_time'); + + if ($PHPmax_execution_time !== '0') { + set_time_limit(0); + } + + $PHPupload_max_filesize_min = config_return_in_bytes('800M'); + + if ($PHPupload_max_filesize < $PHPupload_max_filesize_min) { + ini_set('upload_max_filesize', config_return_in_bytes('800M')); + } + + $PHPmemory_limit_min = config_return_in_bytes('500M'); + + if ($PHPmemory_limit < $PHPmemory_limit_min && $PHPmemory_limit !== '-1') { + ini_set('memory_limit', config_return_in_bytes('500M')); + } + if ($have_minor_releases) { $size_mr_o = get_number_of_mr('open'); $size_mr_e = get_number_of_mr('enterprise'); @@ -476,18 +497,22 @@ if (! isset ($config['id_user'])) { $param) { @@ -788,7 +813,7 @@ else { } if (isset($_GET['sec2'])) { $file = $_GET['sec2'] . '.php'; - + if (!file_exists ($file)) { unset($_GET['sec2']); require('general/logon_ok.php'); @@ -849,15 +874,15 @@ require('include/php_to_js_values.php');