Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

NEW The upgrade process can be done by creating a file upgrade.unlock

Browse Source
This commit is contained in:
Laurent Destailleur 2023-02-02 12:58:12 +01:00
parent 8f0f9af94a
commit fc64d78247
12 changed files with 52 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
htdocs/core/modules/modImport.class.php
View File

@ -32,7 +32,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/modules/DolibarrModules.class.php';
*/
class modImport extends DolibarrModules
{
/**
* Constructor. Define names, constants, directories, boxes, permissions
*

1
htdocs/core/modules/modUser.class.php
View File

@ -32,7 +32,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/modules/DolibarrModules.class.php';
*/
class modUser extends DolibarrModules
{
/**
* Constructor. Define names, constants, directories, boxes, permissions
*

1
htdocs/install/check.php
View File

@ -27,6 +27,7 @@
* \brief Test if file conf can be modified and if does not exists, test if install process can create it
*/
define('ALLOWED_IF_UPGRADE_UNLOCK_FOUND', 1);
include_once 'inc.php';
global $langs;

50
htdocs/install/inc.php
View File

@ -180,33 +180,27 @@ if (!empty($dolibarr_main_document_root_alt)) {
}
// Security check (old method, when directory is renamed /install.lock)
if (preg_match('/install\.lock/i', $_SERVER["SCRIPT_FILENAME"])) {
if (!is_object($langs)) {
$langs = new Translate('..', $conf);
$langs->setDefaultLang('auto');
}
$langs->load("install");
// Check install.lock (for both install and upgrade)
header("X-Content-Type-Options: nosniff");
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
print $langs->trans("YouTryInstallDisabledByDirLock");
if (!empty($dolibarr_main_url_root)) {
print 'Click on following link, <a href="'.$dolibarr_main_url_root.'/admin/index.php?mainmenu=home&leftmenu=setup'.(GETPOSTISSET("login") ? '&username='.urlencode(GETPOST("login")) : '').'">';
print $langs->trans("ClickHereToGoToApp");
print '</a>';
}
exit;
}
$lockfile = DOL_DATA_ROOT.'/install.lock';
$lockfile = DOL_DATA_ROOT.'/install.lock'; // To lock all /install pages
$lockfile2 = DOL_DOCUMENT_ROOT.'/install.lock'; // To lock all /install pages (recommended)
$upgradeunlockfile = DOL_DATA_ROOT.'/upgrade.unlock'; // To unlock upgrade process
$upgradeunlockfile2 = DOL_DOCUMENT_ROOT.'/upgrade.unlock'; // To unlock upgrade process
if (constant('DOL_DATA_ROOT') === null) {
// We don't have a configuration file yet
// Try to detect any lockfile in the default documents path
$lockfile = '../../documents/install.lock';
$upgradeunlockfile = '../../documents/upgrade.unlock';
}
if (@file_exists($lockfile)) {
$islocked=false;
if (@file_exists($lockfile) || @file_exists($lockfile2)) {
if (!defined('ALLOWED_IF_UPGRADE_UNLOCK_FOUND') || (! @file_exists($upgradeunlockfile) && ! @file_exists($upgradeunlockfile2))) {
// If this is a dangerous install page (ALLOWED_IF_UPGRADE_UNLOCK_FOUND not defined) or
// if there is no upgrade unlock files, we lock the pages.
$islocked = true;
}
}
if ($islocked) { // Pages are locked
if (!isset($langs) || !is_object($langs)) {
$langs = new Translate('..', $conf);
$langs->setDefaultLang('auto');
@ -216,14 +210,22 @@ if (@file_exists($lockfile)) {
header("X-Content-Type-Options: nosniff");
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
print $langs->trans("YouTryInstallDisabledByFileLock");
if (GETPOST('action') != 'upgrade') {
print $langs->trans("YouTryInstallDisabledByFileLock").'<br>';
} else {
print $langs->trans("YouTryUpgradeDisabledByMissingFileUnLock").'<br>';
}
if (!empty($dolibarr_main_url_root)) {
print $langs->trans("ClickOnLinkOrRemoveManualy").'<br>';
if (GETPOST('action') != 'upgrade') {
print $langs->trans("ClickOnLinkOrRemoveManualy").'<br>';
} else {
print $langs->trans("ClickOnLinkOrCreateUnlockFileManualy").'<br>';
}
print '<a href="'.$dolibarr_main_url_root.'/admin/index.php?mainmenu=home&leftmenu=setup'.(GETPOSTISSET("login") ? '&username='.urlencode(GETPOST("login")) : '').'">';
print $langs->trans("ClickHereToGoToApp");
print '</a>';
} else {
print 'If you always reach this page, you must remove install.lock file manually.<br>';
print 'If you always reach this page, you must remove the install.lock file manually.<br>';
}
exit;
}

2
htdocs/install/index.php
View File

@ -23,6 +23,8 @@
* \brief Show page to select language. This is done only for a first installation.
* For a reinstall this page redirect to page check.php
*/
define('ALLOWED_IF_UPGRADE_UNLOCK_FOUND', 1);
include_once 'inc.php';
include_once '../core/class/html.form.class.php';
include_once '../core/class/html.formadmin.class.php';

1
htdocs/install/mysql/migration/17.0.0-18.0.0.sql
View File

@ -37,6 +37,7 @@
-- VMYSQL4.3 ALTER TABLE llx_hrm_skillrank CHANGE COLUMN `rank` rankorder integer;
-- VPGSQL8.2 ALTER TABLE llx_hrm_skillrank CHANGE COLUMN rank rankorder integer;
ALTER TABLE llx_accounting_system CHANGE COLUMN fk_pays fk_country integer;
-- v18

19
htdocs/install/step5.php
View File

@ -24,8 +24,18 @@
* \file htdocs/install/step5.php
* \ingroup install
* \brief Last page of upgrade / install process
*
* This page is called with parameter action=set by step4.php or action=upgrade by upgrade2.php
* For installation:
* It creates the login admin and set the MAIN_SECURITY_SALT to a random value.
* It set the value for MAIN_VERSION_LAST_INSTALL
* It creates the install.lock and shows the final message.
* For upgrade:
* It updates the value for MAIN_VERSION_LAST_UPGRADE.
* It (re)creates the install.lock and shows the final message.
*/
define('ALLOWED_IF_UPGRADE_UNLOCK_FOUND', 1);
include_once 'inc.php';
if (file_exists($conffile)) {
include_once $conffile;
@ -384,7 +394,7 @@ if ($action == "set") {
if (empty($force_install_lockinstall) || $force_install_lockinstall == 1) {
$force_install_lockinstall = 444; // For backward compatibility
}
fwrite($fp, "This is a lock file to prevent use of install pages (set with permission ".$force_install_lockinstall.")");
fwrite($fp, "This is a lock file to prevent use of install or upgrade pages (set with permission ".$force_install_lockinstall.")");
fclose($fp);
@chmod($lockfile, octdec($force_install_lockinstall));
$createlock = 1;
@ -416,8 +426,9 @@ if ($action == "set") {
} elseif (empty($action) || preg_match('/upgrade/i', $action)) {
// If upgrade
if (empty($conf->global->MAIN_VERSION_LAST_UPGRADE) || ($conf->global->MAIN_VERSION_LAST_UPGRADE == DOL_VERSION)) {
// Upgrade is finished (database is on same version than files)
print '<img class="valignmiddle inline-block paddingright" src="../theme/common/octicons/build/svg/checklist.svg" width="20" alt="Configuration"> <span class="valignmiddle">'.$langs->trans("SystemIsUpgraded")."</span><br>";
// Upgrade is finished (database is on the same version than files)
print '<img class="valignmiddle inline-block paddingright" src="../theme/common/octicons/build/svg/checklist.svg" width="20" alt="Configuration">';
print ' <span class="valignmiddle">'.$langs->trans("SystemIsUpgraded")."</span><br>";
// Create install.lock file if it does not exists.
// Note: it should always exists. A better solution to allow upgrade will be to add an upgrade.unlock file
@ -430,7 +441,7 @@ if ($action == "set") {
if (empty($force_install_lockinstall) || $force_install_lockinstall == 1) {
$force_install_lockinstall = 444; // For backward compatibility
}
fwrite($fp, "This is a lock file to prevent use of install pages (set with permission ".$force_install_lockinstall.")");
fwrite($fp, "This is a lock file to prevent use of install or upgrade pages (set with permission ".$force_install_lockinstall.")");
fclose($fp);
@chmod($lockfile, octdec($force_install_lockinstall));
$createlock = 1;

1
htdocs/install/upgrade.php
View File

@ -36,6 +36,7 @@
* \brief Run migration script
*/
define('ALLOWED_IF_UPGRADE_UNLOCK_FOUND', 1);
include_once 'inc.php';
if (!file_exists($conffile)) {
print 'Error: Dolibarr config file was not found. This may means that Dolibarr is not installed yet. Please call the page "/install/index.php" instead of "/install/upgrade.php").';

1
htdocs/install/upgrade2.php
View File

@ -38,6 +38,7 @@
* \brief Upgrade some data
*/
define('ALLOWED_IF_UPGRADE_UNLOCK_FOUND', 1);
include_once 'inc.php';
if (!file_exists($conffile)) {
print 'Error: Dolibarr config file was not found. This may means that Dolibarr is not installed yet. Please call the page "/install/index.php" instead of "/install/upgrade.php").';

4
htdocs/langs/en_US/install.lang
View File

@ -88,7 +88,7 @@ LoginAlreadyExists=Already exists
DolibarrAdminLogin=Dolibarr admin login
AdminLoginAlreadyExists=Dolibarr administrator account '<b>%s</b>' already exists. Go back if you want to create another one.
FailedToCreateAdminLogin=Failed to create Dolibarr administrator account.
WarningRemoveInstallDir=Warning, for security reasons, once the install or upgrade is complete, you should add a file called <b>install.lock</b> into the Dolibarr document directory in order to prevent the accidental/malicious use of the install tools again.
WarningRemoveInstallDir=Warning, for security reasons, once the installation process is complete, you must add a file called <b>install.lock</b> into the Dolibarr document directory in order to prevent the accidental/malicious use of the install tools again.
FunctionNotAvailableInThisPHP=Not available in this PHP
ChoosedMigrateScript=Choose migration script
DataMigration=Database migration (data)
@ -208,8 +208,10 @@ HideNotAvailableOptions=Hide unavailable options
ErrorFoundDuringMigration=Error(s) were reported during the migration process so next step is not available. To ignore errors, you can <a href="%s">click here</a>, but the application or some features may not work correctly until the errors are resolved.
YouTryInstallDisabledByDirLock=The application tried to self-upgrade, but the install/upgrade pages have been disabled for security (directory renamed with .lock suffix).<br>
YouTryInstallDisabledByFileLock=The application tried to self-upgrade, but the install/upgrade pages have been disabled for security (by the existence of a lock file <strong>install.lock</strong> in the dolibarr documents directory).<br>
YouTryUpgradeDisabledByMissingFileUnLock=The application tried to self-upgrade, but the upgrade process is currently not allowed.<br>
ClickHereToGoToApp=Click here to go to your application
ClickOnLinkOrRemoveManualy=If an upgrade is in progress, please wait. If not, click on the following link. If you always see this same page, you must remove/rename the file install.lock in the documents directory.
ClickOnLinkOrCreateUnlockFileManualy=If an upgrade is in progress, please wait... If not, you must create a file upgrade.unlock into the Dolibarr documents directory.
Loaded=Loaded
FunctionTest=Function test
NodoUpgradeAfterDB=No action requested by external modules after upgrade of database

1
htdocs/theme/eldy/global.inc.php
View File

@ -4867,6 +4867,7 @@ div.divphotoref > div > .photowithmargin, div.divphotoref > img.photowithmargin,
{
content:url(<?php echo dol_buildpath($path.'/theme/'.$theme.'/img/logo_setup.svg', 1) ?>); /* content is used to best fit the container */
display: inline-block;
opacity: 0.2;
}
.nographyet
{

1
htdocs/theme/md/style.css.php
View File

@ -4892,6 +4892,7 @@ div.divphotoref > img.photowithmargin, div.divphotoref > a > .photowithmargin {
{
content:url(<?php echo dol_buildpath($path.'/theme/'.$theme.'/img/logo_setup.svg', 1) ?>); /* content is used to best fit the container */
display: inline-block;
opacity: 0.2;
}
.nographyet
{