get rid of the need for allow_url_fopen
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -17,7 +17,6 @@
|
||||
* @since 0.9.35
|
||||
*
|
||||
*/
|
||||
|
||||
define('AREA', 'admin');
|
||||
require './lib/init.php';
|
||||
|
||||
@@ -26,14 +25,13 @@ define('UPDATE_URI', "https://version.froxlor.org/Froxlor/legacy/" . $version);
|
||||
define('RELEASE_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip");
|
||||
define('CHECKSUM_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip.sha256");
|
||||
|
||||
// check for allow_url_fopen
|
||||
if (ini_get('allow_url_fopen') === false) {
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 1));
|
||||
}
|
||||
|
||||
// check for archive-stuff
|
||||
if (! extension_loaded('zip')) {
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 2));
|
||||
redirectTo($filename, array(
|
||||
's' => $s,
|
||||
'page' => 'error',
|
||||
'errno' => 2
|
||||
));
|
||||
}
|
||||
|
||||
// display initial version check
|
||||
@@ -43,14 +41,11 @@ if ($page == 'overview') {
|
||||
$log->logAction(ADM_ACTION, LOG_NOTICE, "checking auto-update");
|
||||
|
||||
// check for new version
|
||||
$latestversion = @file(UPDATE_URI);
|
||||
$latestversion = HttpClient::urlGet(UPDATE_URI);
|
||||
|
||||
if (isset($latestversion[0])) {
|
||||
$latestversion = explode('|', $latestversion[0]);
|
||||
$latestversion = explode('|', $latestversion);
|
||||
|
||||
if (is_array($latestversion)
|
||||
&& count($latestversion) >= 1
|
||||
) {
|
||||
if (is_array($latestversion) && count($latestversion) >= 1) {
|
||||
$_version = $latestversion[0];
|
||||
$_message = isset($latestversion[1]) ? $latestversion[1] : '';
|
||||
$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
|
||||
@@ -65,7 +60,11 @@ if ($page == 'overview') {
|
||||
if (! preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
|
||||
// check for customized version to not output
|
||||
// "There is a newer version of froxlor" besides the error-message
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 3));
|
||||
redirectTo($filename, array(
|
||||
's' => $s,
|
||||
'page' => 'error',
|
||||
'errno' => 3
|
||||
));
|
||||
} elseif (version_compare2($version, $_version) == - 1) {
|
||||
// there is a newer version - yay
|
||||
$isnewerversion = 1;
|
||||
@@ -81,20 +80,15 @@ if ($page == 'overview') {
|
||||
$hiddenparams = '<input type="hidden" name="newversion" value="' . $_version . '" />';
|
||||
$yesfile = $filename . '?s=' . $s . '&page=getdownload';
|
||||
eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
|
||||
exit;
|
||||
}
|
||||
elseif ($isnewerversion == 0) {
|
||||
exit();
|
||||
} elseif ($isnewerversion == 0) {
|
||||
// all good
|
||||
standard_success('noupdatesavail');
|
||||
} else {
|
||||
standard_error('customized_version');
|
||||
}
|
||||
}
|
||||
}
|
||||
// error (something weird came from version.froxlor.org)
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 5));
|
||||
}
|
||||
// download the new archive
|
||||
}// download the new archive
|
||||
elseif ($page == 'getdownload') {
|
||||
|
||||
// retrieve the new version from the form
|
||||
@@ -107,9 +101,6 @@ elseif ($page == 'getdownload') {
|
||||
$toLoad = str_replace('{version}', $newversion, RELEASE_URI);
|
||||
$toCheck = str_replace('{version}', $newversion, CHECKSUM_URI);
|
||||
|
||||
// get archive data
|
||||
$newArchive = @file_get_contents($toLoad);
|
||||
|
||||
// check for local destination folder
|
||||
if (! is_dir(FROXLOR_INSTALL_DIR . '/updates/')) {
|
||||
mkdir(FROXLOR_INSTALL_DIR . '/updates/');
|
||||
@@ -125,17 +116,19 @@ elseif ($page == 'getdownload') {
|
||||
@unlink($localArchive);
|
||||
}
|
||||
|
||||
// store archive
|
||||
$fh = fopen($localArchive, 'w');
|
||||
if (!fwrite($fh, $newArchive)) {
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 4));
|
||||
// get archive data
|
||||
try {
|
||||
HttpClient::fileGet($toLoad, $localArchive);
|
||||
} catch (Exception $e) {
|
||||
redirectTo($filename, array(
|
||||
's' => $s,
|
||||
'page' => 'error',
|
||||
'errno' => 4
|
||||
));
|
||||
}
|
||||
|
||||
// close file-handle
|
||||
fclose($fh);
|
||||
|
||||
// validate the integrity of the downloaded file
|
||||
$_shouldsum = @file_get_contents($toCheck);
|
||||
$_shouldsum = HttpClient::urlGet($toCheck);
|
||||
if (! empty($_shouldsum)) {
|
||||
$_t = explode(" ", $_shouldsum);
|
||||
$shouldsum = $_t[0];
|
||||
@@ -145,25 +138,34 @@ elseif ($page == 'getdownload') {
|
||||
$filesum = hash_file('sha256', $localArchive);
|
||||
|
||||
if ($filesum != $shouldsum) {
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 9));
|
||||
redirectTo($filename, array(
|
||||
's' => $s,
|
||||
'page' => 'error',
|
||||
'errno' => 9
|
||||
));
|
||||
}
|
||||
|
||||
// to the next step
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'extract', 'archive' => basename($localArchive)));
|
||||
redirectTo($filename, array(
|
||||
's' => $s,
|
||||
'page' => 'extract',
|
||||
'archive' => basename($localArchive)
|
||||
));
|
||||
}
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 6));
|
||||
}
|
||||
// extract and install new version
|
||||
redirectTo($filename, array(
|
||||
's' => $s,
|
||||
'page' => 'error',
|
||||
'errno' => 6
|
||||
));
|
||||
}// extract and install new version
|
||||
elseif ($page == 'extract') {
|
||||
|
||||
$toExtract = isset($_GET['archive']) ? $_GET['archive'] : null;
|
||||
$localArchive = FROXLOR_INSTALL_DIR . '/updates/' . $toExtract;
|
||||
|
||||
if (isset($_POST['send'])
|
||||
&& $_POST['send'] == 'send'
|
||||
) {
|
||||
if (isset($_POST['send']) && $_POST['send'] == 'send') {
|
||||
// decompress from zip
|
||||
$zip = new ZipArchive;
|
||||
$zip = new ZipArchive();
|
||||
$res = $zip->open($localArchive);
|
||||
if ($res === true) {
|
||||
$log->logAction(ADM_ACTION, LOG_NOTICE, "Extracting " . $localArchive . " to " . FROXLOR_INSTALL_DIR);
|
||||
@@ -173,15 +175,25 @@ elseif ($page == 'extract') {
|
||||
@unlink($localArchive);
|
||||
} else {
|
||||
// error
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 8));
|
||||
redirectTo($filename, array(
|
||||
's' => $s,
|
||||
'page' => 'error',
|
||||
'errno' => 8
|
||||
));
|
||||
}
|
||||
|
||||
// redirect to update-page?
|
||||
redirectTo('admin_updates.php', array('s' => $s));
|
||||
redirectTo('admin_updates.php', array(
|
||||
's' => $s
|
||||
));
|
||||
}
|
||||
|
||||
if (! file_exists($localArchive)) {
|
||||
redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 7));
|
||||
redirectTo($filename, array(
|
||||
's' => $s,
|
||||
'page' => 'error',
|
||||
'errno' => 7
|
||||
));
|
||||
}
|
||||
|
||||
$text = 'Extract downloaded archive "' . $toExtract . '"?';
|
||||
@@ -189,14 +201,12 @@ elseif ($page == 'extract') {
|
||||
$yesfile = $filename . '?s=' . $s . '&page=extract&archive=' . $toExtract;
|
||||
eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
|
||||
}
|
||||
|
||||
// display error
|
||||
elseif ($page == 'error') {
|
||||
|
||||
// retrieve error-number via url-parameter
|
||||
$errno = isset($_GET['errno']) ? (int) $_GET['errno'] : 0;
|
||||
|
||||
// 1 = no allow_url_fopen
|
||||
// 2 = no Zlib
|
||||
// 3 = custom version detected
|
||||
// 4 = could not store archive to local hdd
|
||||
|
||||
@@ -86,12 +86,8 @@ if ($page == 'overview') {
|
||||
|| (isset($lookfornewversion) && $lookfornewversion == 'yes')
|
||||
) {
|
||||
$update_check_uri = 'http://version.froxlor.org/Froxlor/legacy/' . $version;
|
||||
|
||||
if (ini_get('allow_url_fopen')) {
|
||||
$latestversion = @file($update_check_uri);
|
||||
|
||||
if (isset($latestversion[0])) {
|
||||
$latestversion = explode('|', $latestversion[0]);
|
||||
$latestversion = HttpClient::urlGet($update_check_uri);
|
||||
$latestversion = explode('|', $latestversion);
|
||||
|
||||
if (is_array($latestversion)
|
||||
&& count($latestversion) >= 1
|
||||
@@ -119,12 +115,6 @@ if ($page == 'overview') {
|
||||
} else {
|
||||
redirectTo($update_check_uri.'/pretty', NULL, false);
|
||||
}
|
||||
} else {
|
||||
redirectTo($update_check_uri.'/pretty', NULL, false);
|
||||
}
|
||||
} else {
|
||||
redirectTo($update_check_uri.'/pretty', NULL, false);
|
||||
}
|
||||
} else {
|
||||
$lookfornewversion_lable = $lng['admin']['lookfornewversion']['clickhere'];
|
||||
$lookfornewversion_link = htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
|
||||
|
||||
60
lib/ajax.php
60
lib/ajax.php
@@ -27,6 +27,7 @@ require './classes/database/class.Database.php';
|
||||
require './classes/settings/class.Settings.php';
|
||||
require './functions/validate/function.validate_ip.php';
|
||||
require './functions/validate/function.validateDomain.php';
|
||||
require './lib/classes/cURL/class.HttpClient.php';
|
||||
|
||||
if (isset($_POST['action'])) {
|
||||
$action = $_POST['action'];
|
||||
@@ -44,24 +45,16 @@ if ($action == "newsfeed") {
|
||||
}
|
||||
|
||||
if (function_exists("simplexml_load_file") == false) {
|
||||
die();
|
||||
outputItem("Newsfeed not available due to missing php-simplexml extension", "Please install the php-simplexml extension in order to view our newsfeed.");
|
||||
exit();
|
||||
}
|
||||
|
||||
if (function_exists('curl_version')) {
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_URL, $feed);
|
||||
curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/'.$version);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
||||
$output = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
$output = HttpClient::urlGet($feed);
|
||||
$news = simplexml_load_string(trim($output));
|
||||
} else {
|
||||
if (ini_get('allow_url_fopen')) {
|
||||
ini_set('user_agent', 'Froxlor/'.$version);
|
||||
$news = simplexml_load_file($feed, null, LIBXML_NOCDATA);
|
||||
} else {
|
||||
$news = false;
|
||||
}
|
||||
outputItem("Newsfeed not available due to missing php-curl extension", "Please install the php-curl extension in order to view our newsfeed.");
|
||||
exit();
|
||||
}
|
||||
|
||||
if ($news !== false) {
|
||||
@@ -74,19 +67,7 @@ if ($action == "newsfeed") {
|
||||
$content = preg_replace("/[\r\n]+/", " ", strip_tags($item->description));
|
||||
$content = substr($content, 0, 150) . "...";
|
||||
|
||||
echo "<li class=\"clearfix\">
|
||||
<div class=\"newsfeed-body clearfix\">
|
||||
<div class=\"header\">
|
||||
<strong class=\"primary-font\"><a href=\"{$link}\" target=\"_blank\">{$title}</a></strong>
|
||||
<small class=\"pull-right text-muted\">
|
||||
<i class=\"fa fa-clock-o fa-fw\"></i> {$date}
|
||||
</small>
|
||||
</div>
|
||||
<p>
|
||||
{$content}
|
||||
</p>
|
||||
</div>
|
||||
</li>";
|
||||
outputItem($title, $content, $link, $date);
|
||||
}
|
||||
} else {
|
||||
echo "";
|
||||
@@ -94,3 +75,30 @@ if ($action == "newsfeed") {
|
||||
} else {
|
||||
echo "No action set.";
|
||||
}
|
||||
|
||||
function outputItem($title, $content, $link = null, $date = null)
|
||||
{
|
||||
echo "<li class=\"clearfix\">
|
||||
<div class=\"newsfeed-body clearfix\">
|
||||
<div class=\"header\">
|
||||
<strong class=\"primary-font\">";
|
||||
if (! empty($link)) {
|
||||
echo "<a href=\"{$link}\" target=\"_blank\">";
|
||||
}
|
||||
echo $title;
|
||||
if (! empty($link)) {
|
||||
echo "</a>";
|
||||
}
|
||||
echo "</strong>";
|
||||
if (! empty($date)) {
|
||||
echo "<small class=\"pull-right text-muted\">
|
||||
<i class=\"fa fa-clock-o fa-fw\"></i> {$date}
|
||||
</small>";
|
||||
}
|
||||
echo "</div>
|
||||
<p>
|
||||
{$content}
|
||||
</p>
|
||||
</div>
|
||||
</li>";
|
||||
}
|
||||
|
||||
60
lib/classes/cURL/class.HttpClient.php
Normal file
60
lib/classes/cURL/class.HttpClient.php
Normal file
@@ -0,0 +1,60 @@
|
||||
<?php
|
||||
|
||||
class HttpClient
|
||||
{
|
||||
|
||||
/**
|
||||
* Executes simple GET request
|
||||
*
|
||||
* @param string $url
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public static function urlGet($url)
|
||||
{
|
||||
include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
|
||||
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
||||
$output = curl_exec($ch);
|
||||
if ($output === false) {
|
||||
$e = curl_error($ch);
|
||||
curl_close($ch);
|
||||
throw new \Exception("Curl error: " . $e);
|
||||
}
|
||||
curl_close($ch);
|
||||
return $output;
|
||||
}
|
||||
|
||||
/**
|
||||
* Downloads and stores a file from an url
|
||||
*
|
||||
* @param string $url
|
||||
* @param string $target
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public static function fileGet($url, $target)
|
||||
{
|
||||
include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
|
||||
$fh = fopen($target, 'w');
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
|
||||
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
||||
curl_setopt($ch, CURLOPT_TIMEOUT, 50);
|
||||
//give curl the file pointer so that it can write to it
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
||||
curl_setopt($ch, CURLOPT_FILE, $fh);
|
||||
$output = curl_exec($ch);
|
||||
if ($output === false) {
|
||||
$e = curl_error($ch);
|
||||
curl_close($ch);
|
||||
throw new \Exception("Curl error: " . $e);
|
||||
}
|
||||
curl_close($ch);
|
||||
return $output;
|
||||
}
|
||||
}
|
||||
@@ -216,9 +216,8 @@ class lescript
|
||||
// simple self check
|
||||
if (Settings::Get('system.disable_le_selfcheck') == '0')
|
||||
{
|
||||
$selfcheckContextOptions = array('http' => array('header' => "User-Agent: Froxlor/".$this->version));
|
||||
$selfcheckContext = stream_context_create($selfcheckContextOptions);
|
||||
if ($payload !== trim(@file_get_contents($uri, false, $selfcheckContext))) {
|
||||
$selfcheckpayload = HttpClient::urlGet($uri);
|
||||
if ($payload !== trim($selfcheckpayload)) {
|
||||
$errmsg = json_encode(error_get_last());
|
||||
if ($errmsg != "null") {
|
||||
$errmsg = "; PHP error: " . $errmsg;
|
||||
|
||||
@@ -233,13 +233,8 @@ class lescript_v2
|
||||
|
||||
// simple self check
|
||||
if (Settings::Get('system.disable_le_selfcheck') == '0') {
|
||||
$selfcheckContextOptions = array(
|
||||
'http' => array(
|
||||
'header' => "User-Agent: Froxlor/" . $this->version
|
||||
)
|
||||
);
|
||||
$selfcheckContext = stream_context_create($selfcheckContextOptions);
|
||||
if ($payload !== trim(@file_get_contents($uri, false, $selfcheckContext))) {
|
||||
$selfcheckpayload = HttpClient::urlGet($uri);
|
||||
if ($payload !== trim($selfcheckpayload)) {
|
||||
$errmsg = json_encode(error_get_last());
|
||||
if ($errmsg != "null") {
|
||||
$errmsg = "; PHP error: " . $errmsg;
|
||||
|
||||
Reference in New Issue
Block a user