mirror of
https://github.com/OpenXE-org/OpenXE.git
synced 2024-12-25 14:10:28 +01:00
5421 lines
170 KiB
PHP
5421 lines
170 KiB
PHP
<?php
|
|
use Xentral\Core\LegacyConfig\ConfigLoader;
|
|
@date_default_timezone_set("Europe/Berlin");
|
|
@ini_set('default_charset', 'UTF-8');
|
|
|
|
@ini_set('display_errors', 'off');
|
|
@error_reporting(0);
|
|
@ini_set("magic_quotes_runtime", 0);
|
|
@ignore_user_abort(true);
|
|
|
|
require_once dirname(__DIR__) . '/xentral_autoloader.php';
|
|
if (class_exists(Config::class)){
|
|
$config = new Config();
|
|
$updateHost = $config->updateHost ?: 'update.xentral.biz';
|
|
}else{
|
|
$updateHost = 'update.xentral.biz';
|
|
}
|
|
define('XENTRAL_UPDATE_HOST', $updateHost);
|
|
|
|
class erpAPI_Update
|
|
{
|
|
function __construct($app)
|
|
{
|
|
$this->app=$app;
|
|
}
|
|
|
|
function Branch()
|
|
{
|
|
return '';
|
|
}
|
|
|
|
function Version()
|
|
{
|
|
return '';
|
|
}
|
|
|
|
|
|
function RevisionPlain()
|
|
{
|
|
return '';
|
|
}
|
|
|
|
|
|
function Revision()
|
|
{
|
|
return '';
|
|
}
|
|
function Startseite()
|
|
{
|
|
if($this->app->User->GetID()!='')
|
|
{
|
|
$rand = md5(mt_rand());
|
|
header('Location: update.php?rand='.$rand);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
function calledOnceAfterLogin()
|
|
{
|
|
|
|
|
|
}
|
|
|
|
function Firmendaten($value)
|
|
{
|
|
$id = $this->app->DB->Select("SELECT max(id) FROM firmendaten");
|
|
if($id)
|
|
{
|
|
return $this->app->DB->Select("SELECT $value FROM firmendaten WHERE id = '$id' LIMIT 1");
|
|
}
|
|
return '';
|
|
}
|
|
|
|
/**
|
|
* @param $name
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function GetKonfiguration($name) {
|
|
return $this->app->DB->Select("SELECT wert FROM konfiguration WHERE name='$name' LIMIT 1");
|
|
}
|
|
|
|
/**
|
|
* @param string $name
|
|
* @param string $value
|
|
*/
|
|
public function SetKonfigurationValue($name, $value) {
|
|
$this->app->DB->Delete("DELETE FROM konfiguration WHERE name='$name' LIMIT 1");
|
|
$this->app->DB->Insert("INSERT INTO konfiguration (name,wert,firma,adresse) VALUES ('$name','$value',1,0)");
|
|
}
|
|
|
|
/**
|
|
* @param bool $active
|
|
*/
|
|
public function setMaintainance($active = true, $mode = 'updatedb') {
|
|
$tags = json_encode('update');
|
|
if(!$active) {
|
|
if($this->GetKonfiguration('update_maintenance') == '0') {
|
|
return;
|
|
}
|
|
$this->SetKonfigurationValue('update_maintenance', 0);
|
|
$this->SetKonfigurationValue('update_maintenance_mode', '');
|
|
$this->app->DB->Delete("DELETE FROM notification_message WHERE tags = '$tags'");
|
|
return;
|
|
}
|
|
if(true) {
|
|
return;//@todo remove in 20.1
|
|
}
|
|
if($this->GetKonfiguration('update_maintenance') == '1') {
|
|
$this->SetKonfigurationValue('update_maintenance_time', time());
|
|
return;
|
|
}
|
|
|
|
$this->app->DB->Insert(
|
|
"INSERT INTO notification_message (user_id, type, title, message, tags, options_json, priority, created_at)
|
|
SELECT u.id, 'warning', 'laufender Updateprozess','Bitte schließen Sie Ihre Aufgaben','$tags','',1,NOW()
|
|
FROM `user` AS u
|
|
INNER JOIN useronline uo on u.id = uo.user_id AND uo.login = 1"
|
|
);
|
|
|
|
$this->SetKonfigurationValue('update_maintenance', 1);
|
|
$this->SetKonfigurationValue('update_maintenance_time', time());
|
|
}
|
|
|
|
function ClearDataBeforeOutput($text)
|
|
{
|
|
$text = str_replace('form action=""','form action="#"',$text);
|
|
$text = str_replace('NONBLOCKINGZERO','',$text);
|
|
$text = str_replace("'","'",$text);
|
|
return $text;
|
|
}
|
|
|
|
function convertToHtml($str) {
|
|
if (version_compare(PHP_VERSION, '5.3.4') >= 0) {
|
|
$trans_tbl = array_flip(get_html_translation_table(HTML_ENTITIES, ENT_COMPAT, 'UTF-8'));
|
|
} else {
|
|
$trans_tbl = array_flip(get_html_translation_table(HTML_ENTITIES, ENT_COMPAT));
|
|
if (!empty($trans_tbl)) {
|
|
foreach ($trans_tbl as $key => $entry) {
|
|
$trans_tbl[$key] = utf8_encode($entry);
|
|
}
|
|
}
|
|
}
|
|
|
|
// MS Word strangeness..
|
|
// smart single/ double quotes:
|
|
$trans_tbl[chr(39)] = ''';
|
|
$trans_tbl[chr(145)] = '\'';
|
|
$trans_tbl[chr(146)] = '\'';
|
|
//$trans_tbl[chr(147)] = '"';
|
|
$trans_tbl[chr(148)] = '"';
|
|
$trans_tbl[chr(142)] = 'é';
|
|
//
|
|
//$trans_tbl[$this->unicode_chr(65279)] = "BENE";
|
|
//$str = str_replace("\xFF\xFE", "BENE", $str);
|
|
|
|
|
|
return strtr ($str, $trans_tbl);
|
|
}
|
|
|
|
function superentities( $str ){
|
|
// get rid of existing entities else double-escape
|
|
|
|
$str = html_entity_decode(stripslashes($str),ENT_QUOTES| ENT_HTML5,'UTF-8');
|
|
// $str = str_replace("'","'",$str);
|
|
// return $str;
|
|
$ar = preg_split('/(?<!^)(?!$)/u', $str ); // return array of every multi-byte character
|
|
foreach ($ar as $c){
|
|
$o = ord($c);
|
|
if ( (strlen($c) > 1) || /* multi-byte [unicode] */
|
|
($o <32 || $o > 126) || /* <- control / latin weirdos -> */
|
|
($o >33 && $o < 35) ||/* quotes + ambersand */
|
|
($o >35 && $o < 40) ||/* quotes + ambersand */
|
|
($o >59 && $o < 63) /* html */
|
|
) {
|
|
// convert to numeric entity
|
|
//$c = @mb_encode_numericentity($c,array (0x0, 0xffff, 0, 0xffff), 'UTF-8');
|
|
$c = $this->convertToHtml($c);
|
|
}
|
|
if(!isset($str2))$str2 = '';
|
|
$str2 .= $c;
|
|
}
|
|
return $str2;
|
|
}
|
|
|
|
}
|
|
class UpdateerpooSystem extends UpdateApplication
|
|
{
|
|
public $obj;
|
|
public $starttime;
|
|
public $endtime;
|
|
|
|
public function __construct($config,$group="")
|
|
{
|
|
parent::__construct($config,$group);
|
|
if(isset($_GET['action']) && $_GET['action'] == 'ajax' && isset($_GET['cmd']) && 'upgradedb' == $_GET['cmd'])
|
|
{
|
|
$className = 'erpAPI';
|
|
//$methodName = 'UpgradeDatabase';
|
|
if(file_exists(__DIR__.'/lib/class.erpapi.php'))
|
|
{
|
|
include_once(__DIR__.'/lib/class.erpapi.php');
|
|
}
|
|
if(file_exists(__DIR__.'/lib/class.erpapi_custom.php'))
|
|
{
|
|
include_once(__DIR__.'/lib/class.erpapi_custom.php');
|
|
$className = 'erpAPICustom';
|
|
}
|
|
//$r = new ReflectionMethod($className, $methodName);
|
|
//$params = $r->getParameters();
|
|
//$anzargs = count($params);
|
|
$this->erp = new $className($this);
|
|
}else{
|
|
$this->erp = new erpAPI_Update($this);
|
|
}
|
|
}
|
|
}
|
|
|
|
class Md5Dateien
|
|
{
|
|
var $Dateien;
|
|
function __construct($quellverzeichnis)
|
|
{
|
|
$this->getVerzeichnis($quellverzeichnis, '', 0, '');
|
|
}
|
|
|
|
function getVerzeichnis($quellverzeichnis, $zielverzeichnis, $lvl, $relativ){
|
|
//echo "Verzeichnis: ".$quellverzeichnis." ".$zielverzeichnis. "\r\n";
|
|
|
|
$quelllast = $quellverzeichnis;
|
|
if($quellverzeichnis[strlen($quellverzeichnis) - 1] === '/') {
|
|
$quelllast = substr($quellverzeichnis, 0, strlen($quellverzeichnis) - 1);
|
|
}
|
|
|
|
$path_parts = pathinfo($quelllast);
|
|
|
|
$quelllast = $path_parts['basename'];
|
|
|
|
if(file_exists($quellverzeichnis))
|
|
{
|
|
if(($quelllast !== 'importer' && $quelllast !== 'userdata') || $lvl != 1){
|
|
if ($handle = opendir($quellverzeichnis)) {
|
|
while (false !== ($entry = readdir($handle))) {
|
|
|
|
if($entry !== '.' && $entry !== '..' && $entry !== '.git' && $entry !== '.svn' && $entry != 'user.inc.php' && $entry != 'user_db_version.php' && $entry != 'pygen')
|
|
{
|
|
if(is_dir($quellverzeichnis.'/'.$entry))
|
|
{
|
|
if(!($lvl == 1 && $entry === 'vorlagen' && strpos($quellverzeichnis,'www')))
|
|
{
|
|
$this->getVerzeichnis($quellverzeichnis.(strrpos($quellverzeichnis,'/')!==strlen($quellverzeichnis)-1?'/':'').$entry,$zielverzeichnis .(strrpos($zielverzeichnis,'/')!==strlen($zielverzeichnis)-1?'/':'').$entry, $lvl + 1,$relativ.'/'.$entry);
|
|
}
|
|
} else {
|
|
if(!($lvl == 0 && ($entry === 'INSTALL' || $entry === 'LICENSE_LIST' || $entry == 'LICENSE' || $entry == 'README' || $entry == 'gitlog.txt')))
|
|
{
|
|
//$this->getFile($quellverzeichnis.(strrpos($quellverzeichnis,'/')!==strlen($quellverzeichnis)-1?'/':'').$entry,$zielverzeichnis .(strrpos($zielverzeichnis,'/')!==strlen($zielverzeichnis)-1?'/':'').$entry,$relativ.'/'.$entry);
|
|
if(strtolower(substr($entry,-4)) === '.php') {
|
|
$this->Dateien[$relativ.'/'.$entry] = md5_file($quellverzeichnis.(strrpos($quellverzeichnis,'/')!==strlen($quellverzeichnis)-1?'/':'').$entry);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
@closedir($handle);
|
|
}
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
}
|
|
|
|
class UpdateDB{
|
|
|
|
var $dbname;
|
|
var $connection;
|
|
|
|
function __construct($dbhost,$dbname,$dbuser,$dbpass,&$app="",$dbport=3306)
|
|
{
|
|
$this->app = &$app;
|
|
$this->dbname=$dbname;
|
|
|
|
$this->connection = mysqli_connect($dbhost, $dbuser, $dbpass, '', $dbport);
|
|
mysqli_select_db($this->connection,$dbname);
|
|
|
|
mysqli_query($this->connection,"SET NAMES 'utf8'");
|
|
mysqli_query($this->connection,"SET SESSION SQL_MODE := ''");
|
|
mysqli_query($this->connection,"SET CHARACTER SET 'utf8'");
|
|
mysqli_query($this->connection,'SET lc_time_names = "de_DE" ');
|
|
|
|
}
|
|
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function GetVersion()
|
|
{
|
|
if(empty($this->connection)) {
|
|
return '';
|
|
}
|
|
$version_string = mysqli_get_server_info($this->connection);
|
|
$version_string = substr($version_string,0,3);
|
|
$version_string = str_replace('.','',$version_string);
|
|
if($version_string < 57) {
|
|
$version = $this->Select('SELECT VERSION()');
|
|
if(strripos($version, 'maria') !== false && $version[0] === '1' && str_replace('.','', substr($version,0,4)) >= 102) {
|
|
return '57';
|
|
}
|
|
}
|
|
return $version_string;
|
|
}
|
|
|
|
function Close()
|
|
{
|
|
mysqli_close($this->connection);
|
|
}
|
|
|
|
function SelectDB($database)
|
|
{
|
|
mysqli_select_db($database);
|
|
}
|
|
|
|
function Fetch_Assoc($sql) {
|
|
return mysqli_fetch_assoc($sql);
|
|
}
|
|
|
|
function free($query = null){
|
|
// Speicher freimachen
|
|
if(is_null($query))return mysqli_free_result($this->_result);
|
|
return mysqli_free_result($query);
|
|
}
|
|
|
|
function ColumnExists($table, $column)
|
|
{
|
|
if($table=='' || $column=='')
|
|
return false;
|
|
|
|
$exists = $this->Select("SELECT COUNT(*)
|
|
FROM information_schema.columns
|
|
WHERE table_schema = '{$this->dbname}'
|
|
AND table_name = '$table' AND column_name = '$column'");
|
|
return $exists;
|
|
}
|
|
|
|
function Select($sql){
|
|
if(mysqli_query($this->connection,$sql)){
|
|
$this->results = mysqli_query($this->connection,$sql);
|
|
/**
|
|
* Abbrechen query mit SET beginnt
|
|
*/
|
|
if (substr(strtolower($sql),0,3) === 'set') {
|
|
return "";
|
|
}
|
|
$count = 0;
|
|
$data = array();
|
|
while( $row = @mysqli_fetch_array($this->results)){
|
|
$data[$count] = $row;
|
|
$count++;
|
|
}
|
|
@mysqli_free_result($this->results);
|
|
} else return false;
|
|
if(is_array($data))
|
|
{
|
|
if(count($data) === 1) {
|
|
return $data[0][0];
|
|
}
|
|
if(count($data) < 1) {
|
|
$data='';
|
|
}
|
|
} else {
|
|
$data='';
|
|
}
|
|
return $data;
|
|
}
|
|
|
|
public function SelectRow($sql)
|
|
{
|
|
if(empty($sql) || empty($this->connection))
|
|
{
|
|
return null;
|
|
}
|
|
$this->results = @mysqli_query($this->connection,$sql);
|
|
if(!$this->results)
|
|
{
|
|
return null;
|
|
}
|
|
|
|
$count = 0;
|
|
$data = null;
|
|
if( $row = @mysqli_fetch_array($this->results)){
|
|
unset($ArrData);
|
|
// erstelle datensatz array
|
|
foreach($row as $key=>$value){
|
|
if(!is_numeric($key))
|
|
{
|
|
$ArrData[$key]=$value;
|
|
}
|
|
}
|
|
if(!empty($ArrData)){
|
|
$data = $ArrData;
|
|
}
|
|
$count++;
|
|
}
|
|
@mysqli_free_result($this->results);
|
|
return $data;
|
|
}
|
|
|
|
function SelectArr($sql){
|
|
//if(mysqli_query($this->connection,$sql)){
|
|
if(1){
|
|
$this->results = mysqli_query($this->connection,$sql);
|
|
$count = 0;
|
|
$data = array();
|
|
while( $row = @mysqli_fetch_array($this->results)){
|
|
unset($ArrData);
|
|
// erstelle datensatz array
|
|
foreach($row as $key=>$value){
|
|
if(!is_numeric($key)) {
|
|
$ArrData[$key]=$value;
|
|
}
|
|
}
|
|
$data[$count] = $ArrData;
|
|
$count++;
|
|
}
|
|
@mysqli_free_result($this->results);
|
|
}
|
|
return $data;
|
|
}
|
|
|
|
function Result($sql){ return mysqli_result(mysqli_query($this->connection,$sql), 0);}
|
|
|
|
function GetInsertID(){ return mysqli_insert_id($this->connection);}
|
|
|
|
function GetArray($sql){
|
|
$i=0;
|
|
$result = mysqli_query($this->connection,$sql);
|
|
while($row = mysqli_fetch_assoc($result)) {
|
|
foreach ($row as $key=>$value){
|
|
$tmp[$i][$key]=$value;
|
|
}
|
|
$i++;
|
|
}
|
|
return $tmp;
|
|
}
|
|
|
|
function Insert($sql){ $this->LogSQL($sql,"insert"); return mysqli_query($this->connection,$sql); }
|
|
function InsertWithoutLog($sql){ return mysqli_query($this->connection,$sql); }
|
|
function Update($sql){$this->LogSQL($sql,"update"); return mysqli_query($this->connection,$sql); }
|
|
function UpdateWithoutLog($sql){ return mysqli_query($this->connection,$sql); }
|
|
function Delete($sql){$this->LogSQL($sql,"delete"); return mysqli_query($this->connection,$sql); }
|
|
|
|
function LogSQL($sql,$befehl)
|
|
{
|
|
|
|
}
|
|
|
|
function Count($sql){
|
|
if(mysqli_query($this->connection,$sql)){
|
|
return mysqli_num_rows(mysqli_query($this->connection,$sql));
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
function CheckTableExistence($table){
|
|
$result = mysqli_query($this->connection,"SELECT * FROM $table LIMIT 1");
|
|
if (!$result) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
|
|
function CheckColExistence($table,$col)
|
|
{
|
|
if($this->CheckTableExistence($table)){
|
|
$result = mysqli_query($this->connection,"SHOW COLUMNS FROM $table");
|
|
if (!$result) {
|
|
echo 'Could not run query: ' . mysqli_error();
|
|
exit;
|
|
}
|
|
if (mysqli_num_rows($result) > 0) {
|
|
while ($row = mysqli_fetch_assoc($result)) {
|
|
if($row['Field']==$col)
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
|
|
|
|
|
|
function GetColArray($table)
|
|
{
|
|
if($this->CheckTableExistence($table)){
|
|
$result = mysqli_query($this->connection,"SHOW COLUMNS FROM $table");
|
|
if (!$result) {
|
|
echo 'Could not run query: ' . mysqli_error();
|
|
exit;
|
|
}
|
|
if (mysqli_num_rows($result) > 0) {
|
|
while ($row = mysqli_fetch_assoc($result)) {
|
|
$ret[]=$row['Field'];
|
|
}
|
|
return $ret;
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
function GetColAssocArray($table)
|
|
{
|
|
if($this->CheckTableExistence($table)){
|
|
$result = mysqli_query($this->connection,"SHOW COLUMNS FROM $table");
|
|
if (!$result) {
|
|
echo 'Could not run query: ' . mysqli_error();
|
|
exit;
|
|
}
|
|
if (mysqli_num_rows($result) > 0) {
|
|
while ($row = mysqli_fetch_assoc($result)) {
|
|
$ret[$row['Field']]="";
|
|
}
|
|
return $ret;
|
|
}
|
|
}
|
|
}
|
|
|
|
function UpdateArr($tablename,$pk,$pkname,$ArrCols, $escape = false)
|
|
{
|
|
if(count($ArrCols)>0){
|
|
|
|
$zielspalten = $this->SelectArr("show columns from `$tablename`");
|
|
if($zielspalten)
|
|
{
|
|
foreach($zielspalten as $val)$ziel[$val['Field']] = true;
|
|
}
|
|
$sql = "UPDATE `$tablename` SET ";
|
|
foreach($ArrCols as $key=>$value)
|
|
{
|
|
if($key!=$pkname && (isset($ziel[$key]) || !$zielspalten))
|
|
{
|
|
$sqla[] = $key." = '".($escape?$this->real_escape_string($value):$value)."' ";
|
|
}
|
|
}
|
|
|
|
$sql .= implode(', ',$sqla)." WHERE `$pkname`='$pk' LIMIT 1";
|
|
$this->Update($sql);
|
|
|
|
if(mysqli_error($this->connection))
|
|
{
|
|
foreach($ArrCols as $key=>$value){
|
|
if($key!=$pkname) {
|
|
$this->Query("UPDATE `$tablename` SET `$key`='$value'
|
|
WHERE `$pkname`='$pk' LIMIT 1");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
function InsertArr($tablename,$pkname,$ArrCols)
|
|
{
|
|
// save primary than update
|
|
$this->Query("INSERT INTO `$tablename` (id) VALUES ('')");
|
|
|
|
$pk = $this->GetInsertID();
|
|
$this->UpdateArr($tablename,$pk,$pkname,$ArrCols);
|
|
}
|
|
|
|
/// get table content with specified cols
|
|
function SelectTable($tablename,$cols){
|
|
|
|
$firstcol = true;
|
|
if(count($cols)==0)
|
|
$selection = '*';
|
|
else
|
|
{
|
|
$selection = '';
|
|
foreach($cols as $value)
|
|
{
|
|
if(!$firstcol)
|
|
$selection .= ',';
|
|
|
|
$selection .= $value;
|
|
|
|
$firstcol=false;
|
|
}
|
|
}
|
|
|
|
$sql = "SELECT $selection FROM $tablename";
|
|
return $this->SelectArr($sql);
|
|
}
|
|
|
|
|
|
|
|
function Query($query){
|
|
$ret = mysqli_query($this->connection,$query);
|
|
if(mysqli_errno($this->connection) == 1118) {
|
|
mysqli_query($this->connection, 'SET innodb_strict_mode = OFF');
|
|
$ret = mysqli_query($this->connection, $query);
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
function Fetch_Array($sql) {
|
|
return mysqli_fetch_array($sql);
|
|
}
|
|
|
|
|
|
function MysqlCopyRow($TableName, $IDFieldName, $IDToDuplicate)
|
|
{
|
|
if ($TableName AND $IDFieldName AND $IDToDuplicate > 0) {
|
|
$sql = "SELECT * FROM $TableName WHERE $IDFieldName = $IDToDuplicate";
|
|
$result = @mysqli_query($this->connection,$sql);
|
|
if ($result) {
|
|
$sql = "INSERT INTO $TableName SET ";
|
|
$row = mysqli_fetch_array($result);
|
|
$RowKeys = array_keys($row);
|
|
$RowValues = array_values($row);
|
|
$cKey = count($RowKeys);
|
|
for ($i=3;$i<$cKey;$i+=2) {
|
|
if ($i!=3) { $sql .= ", "; }
|
|
$sql .= $RowKeys[$i] . " = '" . $RowValues[$i] . "'";
|
|
}
|
|
@mysqli_query($this->connection,$sql);
|
|
return $this->GetInsertID();
|
|
}
|
|
}
|
|
}
|
|
|
|
function real_escape_string($value)
|
|
{
|
|
return mysqli_real_escape_string($this->connection, $value);
|
|
}
|
|
|
|
function affected_rows()
|
|
{
|
|
return mysqli_affected_rows($this->connection);
|
|
}
|
|
|
|
function error()
|
|
{
|
|
return mysqli_error($this->connection);
|
|
}
|
|
}
|
|
|
|
class UpgradeClient
|
|
{
|
|
var $localmd5sums;
|
|
var $erp;
|
|
var $http_code;
|
|
public $errormsg;
|
|
|
|
function __construct($conf, $app)
|
|
{
|
|
$this->app = $app;
|
|
$this->erp = $app->erp;
|
|
$this->conf = $conf;
|
|
|
|
}
|
|
|
|
|
|
function Connect()
|
|
{
|
|
// check connection then stop
|
|
|
|
}
|
|
|
|
|
|
function CheckCRT()
|
|
{
|
|
$updateHost = XENTRAL_UPDATE_HOST;
|
|
$cert = shell_exec("openssl s_client -connect {$updateHost}:443 < /dev/null 2>/dev/null | openssl x509 -in /dev/stdin");
|
|
if($cert==$this->conf['cert']."\n") {
|
|
return 1;
|
|
}
|
|
echo "wrong\n";
|
|
exit;
|
|
}
|
|
|
|
function TestModul($modul)
|
|
{
|
|
$parameter['version']=@$this->conf['version'];
|
|
$parameter['module'] = $modul;
|
|
|
|
return $this->Request('settestmodul',$parameter);
|
|
}
|
|
|
|
function CheckVersionen($funktionen = null, $returnfirst = false)
|
|
{
|
|
$phpversion = PHP_VERSION;
|
|
$ioncube_loader_version = '';
|
|
$this->app->Tpl->Set('PHPVERSION',$phpversion);
|
|
$this->app->Tpl->Set('IONCUBEVERSION','');
|
|
if(!is_dir(dirname(__DIR__).'/download')){
|
|
if(!@mkdir(dirname(__DIR__) . '/download') && !is_dir(dirname(__DIR__) . '/download')){
|
|
$message = 'Im Hauptordner von xentral kann der Ordner "download" Verzeichnis nicht angelegt werden, Prüfen Sie die Rechte';
|
|
if($returnfirst) {
|
|
return ['error'=>$message,'version'=>''];
|
|
}
|
|
return $message;
|
|
}
|
|
}
|
|
if(function_exists('ioncube_loader_version'))
|
|
{
|
|
$ioncube_loader_version = (String)ioncube_loader_version();
|
|
$this->app->Tpl->Set('IONCUBEVERSION',$ioncube_loader_version);
|
|
}
|
|
if($funktionen) {
|
|
$parameter['funktionen'] = $funktionen;
|
|
}
|
|
$parameter['version']=@$this->conf['version'];
|
|
$parameter['phpversion'] = $phpversion;
|
|
$parameter['mysqlversion'] = $this->app->DB->GetVersion();
|
|
if(property_exists($this->app, 'multidb')){
|
|
$parameter['multidb'] = !empty($this->app->multidb);
|
|
}
|
|
$result = $this->Request('versionen',$parameter);
|
|
if($result == ''){
|
|
$result = $this->Request('versionen',$parameter);
|
|
}
|
|
if($result == ''){
|
|
$message = 'Der Updateserver scheint nicht erreichbar zu sein Bitte prüfen Sie die Netzwerkeinstellungen';
|
|
if($returnfirst) {
|
|
return ['error'=>$message,'version'=>''];
|
|
}
|
|
return $message;
|
|
}
|
|
$ret = '';
|
|
$aktvers = '';
|
|
$masterkey1erlaubt = $ioncube_loader_version?true:false;
|
|
$masterkey2erlaubt = $ioncube_loader_version?true:false;
|
|
$masterkey3erlaubt = $ioncube_loader_version?true:false;
|
|
$masterkey4erlaubt = $ioncube_loader_version?true:false;
|
|
$isPhp72 = (float)substr($phpversion,0,3) >= 7.2;
|
|
$isPhp73 = (float)substr($phpversion,0,3) >= 7.3;
|
|
$php73Warning = false;
|
|
$isMysql57 = $this->app->DB->GetVersion() >= 57;
|
|
$allow201 = $isPhp72 && $isMysql57;
|
|
if(!$allow201) {
|
|
$masterkey4erlaubt = false;
|
|
}
|
|
if(strlen($phpversion) > 2 && $phpversion[0] == '5' && $phpversion[2] < 6) {
|
|
$masterkey2erlaubt = false;
|
|
$masterkey3erlaubt = false;
|
|
$masterkey4erlaubt = false;
|
|
}
|
|
if((int)$phpversion[0] < 7) {
|
|
$masterkey3erlaubt = false;
|
|
$masterkey4erlaubt = false;
|
|
}
|
|
if($phpversion && $phpversion[0] === '8') {
|
|
$masterkey1erlaubt = false;
|
|
$masterkey2erlaubt = false;
|
|
}
|
|
if($phpversion && $phpversion[0] === '7') {
|
|
$masterkey1erlaubt = false;
|
|
}
|
|
if(strlen($phpversion) > 2 && $phpversion[0] === '7' && $phpversion[2] !== '0') {
|
|
$masterkey1erlaubt = false;
|
|
$masterkey2erlaubt = false;
|
|
}
|
|
if(strlen($phpversion) > 2 && $phpversion[0] === '7' && $phpversion[2] === '0') {
|
|
$masterkey1erlaubt = false;
|
|
$masterkey3erlaubt = false;
|
|
$masterkey4erlaubt = false;
|
|
}
|
|
if(strlen($ioncube_loader_version) > 2 && $ioncube_loader_version[0]< 5 && $ioncube_loader_version[1] === '.') {
|
|
$masterkey1erlaubt = false;
|
|
$masterkey2erlaubt = false;
|
|
}
|
|
$return = [];
|
|
if(strpos($result, 'ERROR') === false) {
|
|
$resulta = explode(';',$result);
|
|
|
|
if($masterkey1erlaubt && $masterkey2erlaubt && $masterkey3erlaubt) //Pruefung der PHP-Version ist fehlgeschlagen => nehme aktuelle Version als Basis
|
|
{
|
|
$versa = explode(':',$resulta[0],2);
|
|
$aktvers = $versa[0];
|
|
$revision = explode('_', $aktvers);
|
|
$revision = $revision[count($revision)-1];
|
|
if(strpos($aktvers, 'masterkey1') !== false) {
|
|
$aktmasterkey = 'masterkey1';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey2') !== false) {
|
|
$aktmasterkey = 'masterkey2';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey3') !== false) {
|
|
$aktmasterkey = 'masterkey3';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey3') !== false) {
|
|
$aktmasterkey = 'masterkey3';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey4') !== false) {
|
|
$aktmasterkey = 'masterkey4';
|
|
}
|
|
else {
|
|
$aktmasterkey = '';
|
|
}
|
|
if($aktmasterkey === 'masterkey3' && $revision >= 20.2 && !$allow201) {
|
|
$aktvers = '';
|
|
}
|
|
elseif($aktmasterkey === 'masterkey4' && $revision >= 20.3 && !$allow201) {
|
|
$aktvers = '';
|
|
}
|
|
else{
|
|
if($aktmasterkey === 'masterkey1') {
|
|
$masterkey2erlaubt = false;
|
|
$masterkey3erlaubt = false;
|
|
$masterkey4erlaubt = false;
|
|
}
|
|
elseif($aktmasterkey === 'masterkey2') {
|
|
$masterkey1erlaubt = false;
|
|
$masterkey3erlaubt = false;
|
|
$masterkey4erlaubt = false;
|
|
}
|
|
elseif($aktmasterkey === 'masterkey3') {
|
|
$masterkey1erlaubt = false;
|
|
$masterkey2erlaubt = false;
|
|
}
|
|
elseif($aktmasterkey === 'masterkey4') {
|
|
$masterkey1erlaubt = false;
|
|
$masterkey2erlaubt = false;
|
|
}
|
|
}
|
|
}
|
|
|
|
foreach($resulta as $k => $v) {
|
|
$versa = explode(':',$resulta[$k],2);
|
|
$revision = explode('_', $versa[0]);
|
|
$revision = $revision[count($revision)-1];
|
|
|
|
if($returnfirst && empty($return)){
|
|
$return['current_version'] = $versa[0];
|
|
}
|
|
|
|
if(!$masterkey1erlaubt && strpos($versa[0], 'masterkey1')!== false) {
|
|
unset($resulta[$k]);
|
|
}
|
|
elseif(!$masterkey2erlaubt && strpos($versa[0], 'masterkey2')!== false) {
|
|
unset($resulta[$k]);
|
|
}
|
|
elseif(!$masterkey3erlaubt && strpos($versa[0], 'masterkey3')!== false) {
|
|
unset($resulta[$k]);
|
|
}
|
|
elseif(!$masterkey4erlaubt && strpos($versa[0], 'masterkey4')!== false) {
|
|
unset($resulta[$k]);
|
|
}
|
|
elseif($revision >= 20.2 && !$allow201 && strpos($versa[0], 'masterkey3')!== false) {
|
|
unset($resulta[$k]);
|
|
}
|
|
elseif($revision >= 20.3 && !$allow201 && strpos($versa[0], 'masterkey4')!== false) {
|
|
unset($resulta[$k]);
|
|
}
|
|
elseif($revision >= 21.1 && !$isPhp73 && strpos($versa[0], 'masterkey4')!== false) {
|
|
$php73Warning = true;
|
|
unset($resulta[$k]);
|
|
}
|
|
elseif($aktvers == '') {
|
|
$aktvers = $versa[0];
|
|
if(strpos($aktvers, 'masterkey1') !== false) {
|
|
$aktmasterkey = 'masterkey1';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey2') !== false) {
|
|
$aktmasterkey = 'masterkey2';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey3') !== false) {
|
|
$aktmasterkey = 'masterkey3';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey3') !== false) {
|
|
$aktmasterkey = 'masterkey3';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey4') !== false) {
|
|
$aktmasterkey = 'masterkey4';
|
|
}
|
|
else {
|
|
$aktmasterkey = '';
|
|
}
|
|
}
|
|
}
|
|
|
|
foreach($resulta as $k => $v) {
|
|
$versa = explode(':',$resulta[$k],2);
|
|
if(!$aktvers) {
|
|
$aktvers = $versa[0];
|
|
if(strpos($aktvers, 'masterkey1') !== false) {
|
|
$aktmasterkey = 'masterkey1';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey2') !== false) {
|
|
$aktmasterkey = 'masterkey2';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey3') !== false) {
|
|
$aktmasterkey = 'masterkey3';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey3') !== false) {
|
|
$aktmasterkey = 'masterkey3';
|
|
}
|
|
elseif(strpos($aktvers, 'masterkey4') !== false) {
|
|
$aktmasterkey = 'masterkey4';
|
|
}
|
|
else {
|
|
$aktmasterkey = '';
|
|
}
|
|
if($aktmasterkey === 'masterkey1' && !$masterkey1erlaubt) {
|
|
$aktmasterkey = '';
|
|
}
|
|
if($aktmasterkey === 'masterkey2' && !$masterkey2erlaubt) {
|
|
$aktmasterkey = '';
|
|
}
|
|
if($aktmasterkey === 'masterkey3' && !$masterkey3erlaubt) {
|
|
$aktmasterkey = '';
|
|
}
|
|
if($aktmasterkey === 'masterkey4' && !$masterkey4erlaubt) {
|
|
$aktmasterkey = '';
|
|
}
|
|
}
|
|
if(strpos($versa[0],'masterkey')!== false) {
|
|
if(!$ioncube_loader_version)
|
|
{
|
|
unset($resulta[$k]);
|
|
}else{
|
|
if(strpos($versa[0],'masterkey2')!== false)
|
|
{
|
|
if($phpversion && $phpversion[0] == '5' && $phpversion[2] < 6)
|
|
{
|
|
unset($resulta[$k]);
|
|
if(in_array($aktmasterkey, ['masterkey2','masterkey3','masterkey4'])) {
|
|
$aktmasterkey = '';
|
|
}
|
|
}else{
|
|
if(in_array($aktmasterkey, ['masterkey3','masterkey4']) && (int)$phpversion[0] < 7) {
|
|
$aktmasterkey = '';
|
|
}
|
|
if(in_array($aktmasterkey, ['masterkey3','masterkey4']) && ($phpversion[0] == '7' && $phpversion[2] == '0')) {
|
|
$aktmasterkey = '';
|
|
}
|
|
if($ioncube_loader_version[0]< 5 && $ioncube_loader_version[1] === '.')
|
|
{
|
|
unset($resulta[$k]);
|
|
if(in_array($aktmasterkey, ['masterkey2','masterkey3','masterkey4'])) {
|
|
$aktmasterkey = "";
|
|
}
|
|
|
|
}elseif($phpversion && $phpversion[0] == '7' && (int)$phpversion[2] > 0)
|
|
{
|
|
unset($resulta[$k]);
|
|
if($aktmasterkey === 'masterkey2')$aktmasterkey = "";
|
|
}
|
|
}
|
|
}
|
|
elseif(strpos($versa[0],'masterkey1')!== false)
|
|
{
|
|
if($phpversion && (int)$phpversion[0] >= '7')
|
|
{
|
|
unset($resulta[$k]);
|
|
if($aktmasterkey === 'masterkey1')$aktmasterkey = "";
|
|
}
|
|
}
|
|
elseif(strpos($versa[0],'masterkey3')!== false)
|
|
{
|
|
if($phpversion && $phpversion[0] == '5' && $phpversion[2] < 6)
|
|
{
|
|
unset($resulta[$k]);
|
|
if(in_array($aktmasterkey, ['masterkey2','masterkey3','masterkey4'])) {
|
|
$aktmasterkey = '';
|
|
}
|
|
}else{
|
|
if((int)$phpversion[0] < 7)
|
|
{
|
|
unset($resulta[$k]);
|
|
if($aktmasterkey === 'masterkey3')$aktmasterkey = "";
|
|
}
|
|
if($phpversion[0] === '7' && $phpversion[2] === '0')
|
|
{
|
|
if(in_array($aktmasterkey, ['masterkey3','masterkey4'])) {
|
|
$aktmasterkey = '';
|
|
}
|
|
unset($resulta[$k]);
|
|
}
|
|
if($ioncube_loader_version[0]< 5 && $ioncube_loader_version[1] === '.')
|
|
{
|
|
unset($resulta[$k]);
|
|
if(in_array($aktmasterkey, ['masterkey2','masterkey3','masterkey4'])) {
|
|
$aktmasterkey = '';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
elseif(strpos($versa[0],'masterkey4') !== false) {
|
|
if(!$masterkey4erlaubt) {
|
|
unset($resulta[$k]);
|
|
}
|
|
}
|
|
}
|
|
if(isset($resulta[$k])) {
|
|
if($masterkey1erlaubt && strpos($versa[0],'masterkey1')!== false && $aktmasterkey == '')
|
|
{
|
|
$aktmasterkey = 'masterkey1';
|
|
}
|
|
elseif($masterkey2erlaubt && strpos($versa[0],'masterkey2')!== false && $aktmasterkey == '') {
|
|
$aktmasterkey = 'masterkey2';
|
|
}
|
|
elseif($masterkey3erlaubt && strpos($versa[0],'masterkey3')!== false && $aktmasterkey == '') {
|
|
$aktmasterkey = 'masterkey3';
|
|
}
|
|
elseif($masterkey4erlaubt && strpos($versa[0],'masterkey4')!== false && $aktmasterkey == '') {
|
|
$aktmasterkey = 'masterkey4';
|
|
}
|
|
$nochioncubes[$versa[0]] = $k;
|
|
}
|
|
}
|
|
}
|
|
|
|
if(count($resulta) > 1) {
|
|
foreach($resulta as $k => $v) {
|
|
$versa = explode(':',$resulta[$k],2);
|
|
if(strpos($versa[0], 'masterkey') !== false) {
|
|
if(!isset($nochioncubes[$versa[0]])) {
|
|
unset($resulta[$k]);
|
|
}
|
|
else{
|
|
$key1 = str_replace(['masterkey2','masterkey3','masterkey4',],'masterkey1', $versa[0]);
|
|
$key2 = str_replace(['masterkey1','masterkey3','masterkey4',],'masterkey2', $versa[0]);
|
|
$key3 = str_replace(['masterkey1','masterkey2','masterkey4',],'masterkey3', $versa[0]);
|
|
$key4 = str_replace(['masterkey1','masterkey2','masterkey3',],'masterkey4', $versa[0]);
|
|
switch($aktmasterkey) {
|
|
case 'masterkey1':
|
|
if(isset($nochioncubes[$key1]) && isset($nochioncubes[$key2]))
|
|
{
|
|
unset($nochioncubes[$key2]);
|
|
}
|
|
if(isset($nochioncubes[$key1]) && isset($nochioncubes[$key3])) {
|
|
unset($nochioncubes[$key3]);
|
|
}
|
|
if(isset($nochioncubes[$key1]) && isset($nochioncubes[$key4])) {
|
|
unset($nochioncubes[$key4]);
|
|
}
|
|
if(isset($nochioncubes[$key2]) && isset($nochioncubes[$key3]))
|
|
{
|
|
unset($nochioncubes[$key3]);
|
|
}
|
|
break;
|
|
case 'masterkey2':
|
|
if(isset($nochioncubes[$key2]) && isset($nochioncubes[$key1])) {
|
|
unset($nochioncubes[$key1]);
|
|
}
|
|
if(isset($nochioncubes[$key2]) && isset($nochioncubes[$key3])) {
|
|
unset($nochioncubes[$key3]);
|
|
}
|
|
if(isset($nochioncubes[$key2]) && isset($nochioncubes[$key4])) {
|
|
unset($nochioncubes[$key4]);
|
|
}
|
|
if(isset($nochioncubes[$key1]) && isset($nochioncubes[$key3])) {
|
|
unset($nochioncubes[$key3]);
|
|
}
|
|
break;
|
|
case 'masterkey3':
|
|
if(isset($nochioncubes[$key3]) && isset($nochioncubes[$key1]))
|
|
{
|
|
unset($nochioncubes[$key1]);
|
|
}
|
|
if(isset($nochioncubes[$key3]) && isset($nochioncubes[$key2]))
|
|
{
|
|
unset($nochioncubes[$key2]);
|
|
}
|
|
if(isset($nochioncubes[$key1]) && isset($nochioncubes[$key2]))
|
|
{
|
|
unset($nochioncubes[$key1]);
|
|
}
|
|
break;
|
|
case 'masterkey4':
|
|
if(isset($nochioncubes[$key4]) && isset($nochioncubes[$key1])) {
|
|
unset($nochioncubes[$key1]);
|
|
}
|
|
if(isset($nochioncubes[$key4]) && isset($nochioncubes[$key2])) {
|
|
unset($nochioncubes[$key2]);
|
|
}
|
|
if(isset($nochioncubes[$key4]) && isset($nochioncubes[$key3])) {
|
|
unset($nochioncubes[$key3]);
|
|
}
|
|
if(isset($nochioncubes[$key1]) && isset($nochioncubes[$key2])) {
|
|
unset($nochioncubes[$key1]);
|
|
}
|
|
break;
|
|
}
|
|
if(!isset($nochioncubes[$versa[0]])) {
|
|
unset($resulta[$k]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if(count($resulta) > 1)
|
|
{
|
|
$ret = '<select id="verssel" onchange="versel()">';
|
|
$i = 0;
|
|
$isVersion211Exists = false;
|
|
foreach($resulta as $resu)
|
|
{
|
|
$versa = explode(':',$resu,2);
|
|
if($returnfirst) {
|
|
$return['version'] = $versa[0];
|
|
return $return;
|
|
}
|
|
if($i === 0) {
|
|
$this->app->Tpl->Set('AKTVERSION', $versa[0]);
|
|
}
|
|
$ret .= '<option value="'.$versa[0].'">'.$versa[1].'</option>';
|
|
if($versa[0] === 'ent_masterkey4_21.1') {
|
|
$isVersion211Exists = true;
|
|
}
|
|
$i++;
|
|
}
|
|
$ret .= '</select>';
|
|
$ret .= '<input class="button2" type="button" value="Updaten" id="upgrade" onclick="upgrade()" />';
|
|
if($isVersion211Exists){
|
|
$ret .= '<div style="padding-top:3rem">
|
|
<b style="color:red;font-size:150%">
|
|
Um beim Versand von Versandbestätigungen (Trackingmails) an Ihre Kunden mehr Flexibilität zu bieten,<br />
|
|
kann der Versand sowohl pro Projekt als auch pro Versandart aktiviert werden.<br />
|
|
Einstellungen in einer einzelnen Versandart stechen die aus dem Projekt.<br />
|
|
Es empfiehlt sich daher, die Einstellungen gemäß der eigenen Anforderungen zu überprüfen.<br />
|
|
Für jede Versandart, für die Versandbestätigungen per E-Mail an die Kunden gesendet werden sollen,<br />
|
|
ist die Einstellung in der Versandart zu setzen.<br />
|
|
Eine genaue Erläuterung über das aktuelle Verhalten findet sich
|
|
<a target="_blank" style="color:red;"
|
|
href="https://community.xentral.com/hc/de/articles/360017571259-Logistikprozesse#toc-14"
|
|
>
|
|
hier</a>
|
|
</b>
|
|
</div>';
|
|
}
|
|
}
|
|
elseif(count($resulta) == 1) {
|
|
$resu = reset($resulta);
|
|
//foreach($resulta as $resu)
|
|
//{
|
|
$versa = explode(':',$resu,2);
|
|
if($returnfirst) {
|
|
$return['version'] = $versa[0];
|
|
return $return;
|
|
}
|
|
$this->app->Tpl->Set('AKTVERSION', $versa[0]);
|
|
$ret .= '<input type="button" class="button2" value="'.$versa[1].'" id="upgrade" onclick="upgrade()" />';
|
|
//}
|
|
}else{
|
|
if($ioncube_loader_version !== '' && !$masterkey1erlaubt && !$masterkey2erlaubt && !$masterkey3erlaubt)
|
|
{
|
|
$message = 'Die Ioncubeversion ist zu alt';
|
|
$ret .= $message;
|
|
}else{
|
|
$message = 'Ioncube nicht verfügbar';
|
|
$ret .= $message;
|
|
}
|
|
if($returnfirst) {
|
|
return ['error' => $message, 'version' => ''];
|
|
}
|
|
}
|
|
if($php73Warning && count($resulta) > 0) {
|
|
$ret .= '<br />'.'<b style="color:red;font-size:150%">
|
|
Fehler: Ihre PHP-Version '
|
|
. $phpversion
|
|
. ' ist nicht kompatibel mit xentral 21.1 (Es wird mindestens PHP 7.3 benötigt)
|
|
</b>';
|
|
}
|
|
}
|
|
else{
|
|
$this->errormsg = substr($result, 6);
|
|
if($returnfirst) {
|
|
return ['error'=>$this->errormsg,'version'=>''];
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
return $ret;
|
|
}
|
|
|
|
function CheckMd5()
|
|
{
|
|
$parameter['version']=@$this->conf['version'];
|
|
$parameter['withsize'] = 1;
|
|
|
|
return $this->Request('md5list',$parameter);
|
|
}
|
|
|
|
function CopyFile($files, $maxtime = 10)
|
|
{
|
|
$parameter['versionname']=@$this->conf['versionname'];
|
|
$startzeit = microtime(true);
|
|
if(empty($files)) {
|
|
return array('tocopy'=>null);
|
|
}
|
|
foreach($files as $k => $file) {
|
|
$file = json_decode(json_encode($file),true);
|
|
if(isset($file['typ'])) {
|
|
switch($file['typ']) {
|
|
case 'getfile':
|
|
case 'getfilecustom':
|
|
case 'getfilemodules':
|
|
|
|
break;
|
|
default:
|
|
$file['typ'] = '';
|
|
break;
|
|
}
|
|
}
|
|
else {
|
|
$file['typ'] = '';
|
|
}
|
|
if(!isset($file['file']) || !isset($file['md5sum']) || !$file['file'] || $file['typ'] === '') {
|
|
unset($files[$k]);
|
|
}
|
|
else{
|
|
$parameter['file']=$file['file'];
|
|
$parameter['md5sum']=$file['md5sum'];
|
|
$ffile = $file['file'];
|
|
$_file = dirname(__DIR__).'/download/'.$ffile;
|
|
$_fileto = dirname(__DIR__).'/'.$ffile;
|
|
|
|
$ffa = explode('/',$ffile);
|
|
$_f = '';
|
|
$cffa = count($ffa)-1;
|
|
for($i = 0; $i < $cffa; $i++) {
|
|
$_f .= $ffa[$i];
|
|
if(is_file(dirname(__DIR__).'/'.$_f)) {
|
|
$this->removeEmptyFile(dirname(__DIR__).'/'.$_f);
|
|
}
|
|
if(!is_dir(dirname(__DIR__).'/'.$_f) &&
|
|
!@mkdir(dirname(__DIR__).'/'.$_f) &&
|
|
!is_dir(dirname(__DIR__).'/'.$_f)
|
|
) {
|
|
continue;
|
|
}
|
|
$_f .= '/';
|
|
}
|
|
|
|
if(file_exists($_file)) {
|
|
if(substr($file['md5sum'],0,3)=== 'DEL') {
|
|
if($this->CheckVersandZahlungsweise($_file)) {
|
|
@unlink($_file);
|
|
}
|
|
}
|
|
elseif(md5_file($_file)==$file['md5sum']) {
|
|
if(is_dir($_fileto) && is_file($_file)){
|
|
$this->removeEmptyFolder($_fileto);
|
|
}
|
|
|
|
if(@copy($_file,$_fileto)) {
|
|
if(md5_file($_fileto)==$file['md5sum']){
|
|
unset($files[$k]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if(substr($file['md5sum'],0,3)=== 'DEL') {
|
|
unset($files[$k]);
|
|
}
|
|
}
|
|
if($maxtime > 0 && microtime(true) - $startzeit > $maxtime) {
|
|
break;
|
|
}
|
|
}
|
|
if(empty($files)) {
|
|
return array('tocopy'=>null);
|
|
}
|
|
foreach($files as $k => $file) {
|
|
$data[] = $file;
|
|
}
|
|
|
|
return array('tocopy'=>$data);
|
|
}
|
|
|
|
function CheckVersandZahlungsweise($datei){
|
|
if(strpos($datei, 'versandart') !== false) {
|
|
$dateia = pathinfo($datei);
|
|
$versandart = $dateia['filename'];
|
|
if(strpos($versandart, 'versandarten_')) {
|
|
$versandart = str_replace('versandarten_', '', $versandart);
|
|
}
|
|
if($this->app->DB->Select(
|
|
"SELECT id
|
|
FROM versandarten
|
|
WHERE modul = '".$this->app->DB->real_escape_string($versandart)."' AND ifnull(geloescht,0) = 0 AND aktiv = 1
|
|
LIMIT 1"
|
|
)) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
if(strpos($datei, 'zahlungsweise') !== false) {
|
|
$dateia = pathinfo($datei);
|
|
$zahlungsweise = $dateia['filename'];
|
|
if($this->app->DB->Select(
|
|
"SELECT id
|
|
FROM `zahlungsweisen`
|
|
WHERE modul = '".$this->app->DB->real_escape_string($zahlungsweise)."' AND ifnull(geloescht,0) = 0 AND aktiv = 1
|
|
LIMIT 1"
|
|
)) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
if(strpos($datei, 'cronjobs') !== false) {
|
|
$dateia = pathinfo($datei);
|
|
$cronjob = $dateia['filename'];
|
|
if($this->app->DB->Select(
|
|
"SELECT id
|
|
FROM `prozessstarter`
|
|
WHERE parameter = '".$this->app->DB->real_escape_string($cronjob)."' AND aktiv = 1
|
|
LIMIT 1"
|
|
)) {
|
|
return false;
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
|
|
function ChangeVersion()
|
|
{
|
|
$parameter['version']=@$this->conf['version'];
|
|
$parameter['versionname']=@$this->conf['versionname'];
|
|
if($parameter['versionname'] && $parameter['versionname'] != $parameter['version']) {
|
|
$changeversion = $this->Request('changeversion',$parameter);
|
|
}
|
|
return $changeversion;
|
|
}
|
|
|
|
function removeEmptyFile($file) {
|
|
if(is_file($file) && filesize($file) === 0) {
|
|
@unlink($file);
|
|
}
|
|
}
|
|
|
|
function removeEmptyFolder($folder)
|
|
{
|
|
if(empty($folder) || !is_dir($folder)){
|
|
return;
|
|
}
|
|
if(!($handle = opendir($folder))) {
|
|
return;
|
|
}
|
|
|
|
while (false !== ($entry = readdir($handle))) {
|
|
if($entry !== '.' && $entry !== '..') {
|
|
closedir($handle);
|
|
return;
|
|
}
|
|
}
|
|
closedir($handle);
|
|
rmdir($folder);
|
|
}
|
|
|
|
function DownloadFile($files, $maxtime = 15, $echo = false)
|
|
{
|
|
$startzeit = microtime(true);
|
|
$parameter['version']=@$this->conf['version'];
|
|
$parameter['versionname']=@$this->conf['versionname'];
|
|
|
|
$parameter['version']=@$this->conf['version'];
|
|
$parameter['versionname']=@$this->conf['versionname'];
|
|
if($parameter['versionname'] && $parameter['versionname'] != $parameter['version']) {
|
|
$changeversion = $this->Request('changeversion',$parameter);
|
|
}
|
|
if(empty($files)) {
|
|
return array('todownload'=>null);
|
|
}
|
|
$countFiles = count($files);
|
|
$batches = [];
|
|
$batch = [];
|
|
$keyToBatch = [];
|
|
foreach($files as $k => $file) {
|
|
$file = json_decode(json_encode($file), true);
|
|
if(isset($file['typ'])){
|
|
switch ($file['typ']) {
|
|
case 'getfile':
|
|
case 'getfilecustom':
|
|
case 'getfilemodules':
|
|
|
|
break;
|
|
default:
|
|
$file['typ'] = '';
|
|
break;
|
|
}
|
|
|
|
}else{
|
|
$file['typ'] = '';
|
|
}
|
|
if(!isset($file['file']) || !isset($file['md5sum']) || !$file['file'] || $file['typ'] === ''){
|
|
$files[$k]['error'] = $file['file'];
|
|
unset($files[$k]);
|
|
}else{
|
|
if(substr($file['md5sum'], 0, 3) === 'DEL'){
|
|
continue;
|
|
}
|
|
$parameter['file'] = $file['file'];
|
|
$parameter['md5sum'] = $file['md5sum'];
|
|
$ffile = $file['file'];
|
|
$_file = dirname(__DIR__) . '/download/' . $ffile;
|
|
$ffa = explode('/', $ffile);
|
|
$_f = '';
|
|
for ($i = 0; $i < count($ffa) - 1; $i++) {
|
|
$_f .= $ffa[$i];
|
|
if(is_file(dirname(__DIR__) . '/download/' . $_f)){
|
|
@unlink(dirname(__DIR__) . '/download/' . $_f);
|
|
}
|
|
if(!is_dir(dirname(__DIR__) . '/download/' . $_f) &&
|
|
!@mkdir(dirname(__DIR__) . '/download/' . $_f) &&
|
|
!is_dir(dirname(__DIR__) . '/download/' . $_f)){
|
|
continue;
|
|
}
|
|
$_f .= '/';
|
|
}
|
|
}
|
|
switch($file['typ']) {
|
|
case 'getfile':
|
|
$batch[] = $k;
|
|
$keyToBatch[$k] = count($batches);
|
|
if(count($batch) >= 10) {
|
|
$batches[] = $batch;
|
|
$batch = [];
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
if(!empty($batch)) {
|
|
$batches[] = $batch;
|
|
}
|
|
|
|
foreach($files as $k => $file) {
|
|
$file = json_decode(json_encode($file),true);
|
|
if(isset($file['typ'])) {
|
|
switch($file['typ']) {
|
|
case 'getfile':
|
|
case 'getfilecustom':
|
|
case 'getfilemodules':
|
|
|
|
break;
|
|
default:
|
|
$file['typ'] = '';
|
|
break;
|
|
}
|
|
|
|
}
|
|
else {
|
|
$file['typ'] = '';
|
|
}
|
|
if(!isset($file['file']) || !isset($file['md5sum']) || !$file['file'] || $file['typ'] === '') {
|
|
$files[$k]['error'] = $file['file'];
|
|
unset($files[$k]);
|
|
}
|
|
else{
|
|
if(substr($file['md5sum'],0,3) === 'DEL') {
|
|
continue;
|
|
}
|
|
$parameter['file']=$file['file'];
|
|
$parameter['md5sum']=$file['md5sum'];
|
|
$ffile = $file['file'];
|
|
$_file = dirname(__DIR__).'/download/'.$ffile;
|
|
$ffa = explode('/',$ffile);
|
|
$_f = '';
|
|
for($i = 0; $i < count($ffa)-1; $i++) {
|
|
$_f .= $ffa[$i];
|
|
if(is_file(dirname(__DIR__).'/download/'.$_f)) {
|
|
@unlink(dirname(__DIR__).'/download/'.$_f);
|
|
}
|
|
if(!is_dir(dirname(__DIR__).'/download/'.$_f) &&
|
|
!@mkdir(dirname(__DIR__).'/download/'.$_f) &&
|
|
!is_dir(dirname(__DIR__).'/download/'.$_f)) {
|
|
continue;
|
|
}
|
|
$_f .= '/';
|
|
}
|
|
if($echo) {
|
|
echo "\rDownload Files: ".($k < $countFiles?$k+1:$countFiles).' / '.$countFiles."... ";
|
|
}
|
|
if(isset($keyToBatch[$k]) && isset($batches[$keyToBatch[$k]])) {
|
|
$batch = $batches[$keyToBatch[$k]];
|
|
if(count($batch) > 1) {
|
|
$parameter2 = $parameter;
|
|
$parameter2['parameters'] = [];
|
|
foreach ($batch as $key2) {
|
|
$file2 = $files[$key2];
|
|
$parameter2['parameters'][] = $parameter;
|
|
$parameter2['parameters'][count($parameter2['parameters']) - 1]['file'] = $file2['file'];
|
|
$parameter2['parameters'][count($parameter2['parameters']) - 1]['md5sum'] = $file2['md5sum'];
|
|
}
|
|
$result2 = explode('|', $this->Request('getfiles', $parameter2));
|
|
if(count($result2) === count($batch)) {
|
|
foreach ($batch as $bachKey => $key2) {
|
|
$file2 = $files[$key2];
|
|
if(
|
|
@file_put_contents(dirname(__DIR__).'/download/'.$file2['file'], @base64_decode($result2[$bachKey]))
|
|
) {
|
|
if(dirname(__DIR__).'/download/'.$file2['file'] === $file2['md5sum']){
|
|
unset($files[$key2]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
unset($result2);
|
|
}
|
|
unset($batches[$keyToBatch[$k]]);
|
|
}
|
|
if(is_file($_file) && md5_file($_file)==$file['md5sum']) {
|
|
unset($files[$k]);
|
|
continue;
|
|
}
|
|
$result = $this->Request($file['typ'],$parameter);
|
|
$output = @base64_decode($result);
|
|
if(strlen($output) > 0 && is_dir($_file)) {
|
|
$this->removeEmptyFolder($_file);
|
|
}
|
|
if(@file_put_contents($_file, $output)) {
|
|
if(md5_file($_file)==$file['md5sum']) {
|
|
unset($files[$k]);
|
|
}
|
|
else {
|
|
$files[$k]['error'] = 'md5 failed';
|
|
}
|
|
}
|
|
else{
|
|
$files[$k]['error'] = 'file_put_contents ' .$_file. ' failed '.$file['typ'].' ' .json_encode($parameter);
|
|
}
|
|
}
|
|
if($maxtime > 0 && microtime(true) - $startzeit > $maxtime) {
|
|
break;
|
|
}
|
|
}
|
|
if(empty($files)) {
|
|
return array('todownload'=>null);
|
|
}
|
|
foreach($files as $k => $file) {
|
|
if(substr($file['md5sum'],0,3) !== 'DEL'){
|
|
$data[] = $file;
|
|
}
|
|
}
|
|
return array('todownload'=>$data);
|
|
}
|
|
|
|
/**
|
|
* @return int[]|string|string[]
|
|
*/
|
|
public function downloadZips()
|
|
{
|
|
@clearstatcache();
|
|
if(!function_exists('system')) {
|
|
return ['zip' => 'system not found'];
|
|
}
|
|
$this->app->erp->setMaintainance(true);
|
|
$parameter['version']=@$this->conf['version'];
|
|
$parameter['versionname']=@$this->conf['versionname'];
|
|
|
|
if($parameter['versionname'] !== 'ent_masterkey4_20.3') {
|
|
return ['zip' => 'not ent_masterkey4_20.3'];
|
|
}
|
|
$parameter['withsize'] = 1;
|
|
if(!is_dir(dirname(__DIR__).'/download/')) {
|
|
if(!@mkdir(dirname(__DIR__).'/download/') && !is_dir(dirname(__DIR__).'/download/')) {
|
|
$this->app->erp->setMaintainance(false);
|
|
return 'ERROR: Downloadverzeichnis konnte nicht erstellt werden';
|
|
}
|
|
}
|
|
$ret = ['zip' => 0];
|
|
foreach([
|
|
'ent_masterkey4_20.3_4_wo_userdata.zip' => '',
|
|
'ent_masterkey4_20.3_4_vendor.zip' => '/vendor',
|
|
'ent_masterkey4_20.3_4_www.zip' => '/zip',
|
|
] as $file => $subfolder
|
|
) {
|
|
$parameter['file'] = $file;
|
|
if(file_put_contents(
|
|
dirname(__DIR__) . '/download/' . $file,
|
|
$this->Request('getversionzip', $parameter)
|
|
)) {
|
|
if(
|
|
!is_dir(dirname(__DIR__).'/download' . $subfolder)
|
|
&& !@mkdir(dirname(__DIR__).'/download/' . $subfolder)
|
|
&& !is_dir(dirname(__DIR__).'/download/' . $subfolder)
|
|
) {
|
|
continue;
|
|
}
|
|
system(
|
|
'cd '.dirname(__DIR__).'/download'
|
|
.' && unzip '.$file.' -d '
|
|
.dirname(__DIR__).'/download'.$subfolder
|
|
);
|
|
unlink(dirname(__DIR__).'/download/' . $subfolder);
|
|
$ret['zip']++;
|
|
}
|
|
else {
|
|
$ret['zip_error'][] = 'coudl not save '.$file;
|
|
}
|
|
}
|
|
|
|
return $ret;
|
|
}
|
|
|
|
/**
|
|
* @param bool $updatefiles
|
|
*
|
|
* @return array|mixed|string
|
|
*/
|
|
public function CheckFiles($updatefiles = false)
|
|
{
|
|
@clearstatcache();
|
|
$this->app->erp->setMaintainance(true);
|
|
$parameter['version']=@$this->conf['version'];
|
|
$parameter['versionname']=@$this->conf['versionname'];
|
|
$parameter['withsize'] = 1;
|
|
|
|
if(!is_dir(dirname(__DIR__).'/download/')) {
|
|
if(!@mkdir(dirname(__DIR__).'/download/') && !is_dir(dirname(__DIR__).'/download/')) {
|
|
$this->app->erp->setMaintainance(false);
|
|
return 'ERROR: Downloadverzeichnis konnte nicht erstellt werden';
|
|
}
|
|
}
|
|
$tmpfile = md5(microtime(true));
|
|
if(!($fh = fopen(dirname(__DIR__).'/download/'.$tmpfile,'w'))) {
|
|
$this->app->erp->setMaintainance(false);
|
|
return 'ERROR: Downloadverzeichnis hat keine Schreibrechte';
|
|
}
|
|
fclose($fh);
|
|
$eigenguser = fileowner(dirname(__DIR__).'/download/'.$tmpfile);
|
|
$eigengroup = filegroup(dirname(__DIR__).'/download/'.$tmpfile);
|
|
@unlink(dirname(__DIR__).'/download/'.$tmpfile);
|
|
$_result = $this->Request('md5list', $parameter);
|
|
$maxRetries = 5;
|
|
while(empty($_result) && $maxRetries > 0) {
|
|
$maxRetries--;
|
|
usleep(2000000);
|
|
$_result = $this->Request('md5list', $parameter);
|
|
}
|
|
if(isset($this->errormsg) && $this->errormsg) {
|
|
$this->app->erp->setMaintainance(false);
|
|
return 'ERROR: '.$this->errormsg;
|
|
}
|
|
if($_result==='ERROR') {
|
|
$this->app->erp->setMaintainance(false);
|
|
return 'ERROR FROM SERVER (Perhaps a wrong license?)';
|
|
}
|
|
$_result2 = '';
|
|
$_result3 = '';
|
|
if(!$updatefiles){
|
|
$_result2 = $this->Request('md5listmodules', $parameter);
|
|
if(empty($_result2) && (!empty($this->http_code) && strpos($this->http_code,'5') === 0)){
|
|
usleep(1000000);
|
|
$_result2 = $this->Request('md5listmodules', $parameter);
|
|
}
|
|
if($_result2 === 'ERROR'){
|
|
$this->app->erp->setMaintainance(false);
|
|
return "ERROR FROM SERVER (Perhaps a wrong license?)";
|
|
}
|
|
$_result3 = $this->Request('md5listcustom', $parameter);
|
|
if(empty($_result3)){
|
|
usleep(2000000);
|
|
$_result3 = $this->Request('md5listcustom', $parameter);
|
|
}
|
|
if($_result3 === 'ERROR'){
|
|
$this->app->erp->setMaintainance(false);
|
|
return "ERROR FROM SERVER (Perhaps a wrong license?)";
|
|
}
|
|
}
|
|
$result = '';
|
|
$result2 = '';
|
|
$result3 = '';
|
|
$resulta = explode(';',$_result);
|
|
$resulta2 = explode(';',$_result2);
|
|
$resulta3 = explode(';',$_result3);
|
|
unset($_result, $_result2, $_result3);
|
|
|
|
if($resulta3) {
|
|
foreach($resulta3 as $r) {
|
|
if($r)
|
|
{
|
|
$result3.= 'getfilecustom:'.$r.';';
|
|
$ra = explode(':',$r);
|
|
$dats[] = $ra[0];
|
|
}
|
|
}
|
|
unset($resulta3);
|
|
}
|
|
if($resulta2){
|
|
foreach($resulta2 as $r) {
|
|
if($r) {
|
|
$ra = explode(':',$r);
|
|
if(!isset($dats) || !in_array($ra[0], $dats)) {
|
|
$result2.= 'getfilemodules:'.$r.';';
|
|
$dats[] = $ra[0];
|
|
}
|
|
}
|
|
}
|
|
unset($resulta2);
|
|
}
|
|
if($resulta) {
|
|
foreach($resulta as $r) {
|
|
if($r) {
|
|
$ra = explode(':',$r);
|
|
if(!isset($dats) || !in_array($ra[0], $dats)) {
|
|
$result.= 'getfile:'.$r.';';
|
|
}
|
|
}
|
|
}
|
|
unset($resulta);
|
|
}
|
|
|
|
$result .= $result2.$result3;
|
|
unset($result2, $result3, $dats);
|
|
|
|
//$rows = explode(";",$result);
|
|
$rows = explode(';',$result);
|
|
$res['result'] = $result;
|
|
$res['parameter'] = $parameter;
|
|
$downloadind = 0;
|
|
$copyind = 0;
|
|
if(count($rows)>0) {
|
|
foreach($rows as $value) {
|
|
unset($single_row);
|
|
$single_row = explode(':',$value);
|
|
if(!(count($single_row)>=3 && strlen($single_row[0])>4 && strlen($single_row[2])>3)) {
|
|
continue;
|
|
}
|
|
$typ = $single_row[0];
|
|
$file = $single_row[1];
|
|
$file_lokal = dirname(__DIR__).'/'.($file);
|
|
$md5sum = $single_row[2];
|
|
$size = isset($single_row[3])?$single_row[3]:false;
|
|
|
|
$parameter['file']=$file;
|
|
$parameter['md5sum']=$md5sum;
|
|
|
|
if($file==='./upgradesystemclient.php') {
|
|
continue;
|
|
}
|
|
if(
|
|
(!$updatefiles && ($file==="./www/update.php" ||
|
|
$file==="./www/update.tpl" ||
|
|
$file==="./www/updatelogin.tpl" ||
|
|
$file === './www/jquery-update.js' ||
|
|
$file === './www/jquery-ui-update.js' ||
|
|
$file === 'jquery-ui.min.css'))
|
|
|| ($updatefiles && ($file!=="./www/update.php" &&
|
|
$file!=="./www/update.tpl" &&
|
|
$file!=="./www/updatelogin.tpl" &&
|
|
$file !== './www/jquery-update.js' &&
|
|
$file !== './www/jquery-ui-update.js' &&
|
|
$file !== 'jquery-ui.min.css'))
|
|
|
|
){
|
|
continue;
|
|
}
|
|
|
|
$bla[] = $file_lokal;
|
|
if(is_file($file_lokal)){
|
|
if(substr($md5sum,0,3) === 'DEL'){
|
|
if($this->CheckVersandZahlungsweise($file_lokal)) {
|
|
@unlink($file_lokal);
|
|
}
|
|
continue;
|
|
}
|
|
if(md5_file($file_lokal)==$md5sum){
|
|
continue;
|
|
}
|
|
|
|
$fileowner = fileowner($file_lokal);
|
|
$filegroup = filegroup($file_lokal);
|
|
$perms = fileperms($file_lokal);
|
|
$o = ($perms & 0x0080);
|
|
$g = ($perms & 0x0010);
|
|
$a = ($perms & 0x0002);
|
|
// pruefe ob datei angelegt werden kann, wenn das passt ist eh alles gut
|
|
if(touch(dirname(__DIR__).'/download/chkrights') && file_exists(dirname(__DIR__).'/download/chkrights')) {
|
|
@unlink(dirname(__DIR__).'/download/chkrights');
|
|
}
|
|
else if($eigenguser && $eigengroup){
|
|
if($fileowner != $eigenguser){
|
|
if($filegroup != $eigengroup){
|
|
if(!$a){
|
|
return array('error'=>'ERROR Fehlende Schreibrechte in '.$file_lokal);
|
|
}
|
|
}
|
|
else{
|
|
if(!$g) {
|
|
return array('error'=>'ERROR Fehlende Schreibrechte in '.$file_lokal);
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
if(!$o) {
|
|
return array('error'=>'ERROR Fehlende Schreibrechte in '.$file_lokal);
|
|
}
|
|
}
|
|
}
|
|
$bla[] = array(
|
|
'fileowner'=>$fileowner,
|
|
'filegroup'=>$filegroup,
|
|
'perms'=>$perms,
|
|
'o'=>$o,
|
|
'g'=>$g,
|
|
'a'=>$a,
|
|
);
|
|
if(is_file(dirname(__DIR__).'/download/'.$file)){
|
|
if(md5_file(dirname(__DIR__).'/download/'.$file)!=$md5sum){
|
|
$res['download'][$downloadind] = array('typ'=>$typ,'file'=>$file,'md5sum'=>$md5sum,'size'=>$size);
|
|
$downloadexists[$typ][$file] = $downloadind;
|
|
$downloadind++;
|
|
}
|
|
else{
|
|
$res['copy'][$copyind] = array('typ'=>$typ,'file'=>$file,'md5sum'=>$md5sum,'size'=>$size);
|
|
$copyexists[$typ][$file] = $copyind;
|
|
$copyind++;
|
|
}
|
|
}
|
|
else{
|
|
$res['download'][$downloadind] = array('typ'=>$typ,'file'=>$file,'md5sum'=>$md5sum,'size'=>$size);
|
|
$downloadexists[$typ][$file] = $downloadind;
|
|
$downloadind++;
|
|
}
|
|
}
|
|
else if($file!='') {
|
|
if(substr($md5sum,0,3) === 'DEL') {
|
|
continue;
|
|
}
|
|
if(is_file(dirname(__DIR__).'/download/'.$file)) {
|
|
if(md5_file(dirname(__DIR__).'/download/'.$file)!=$md5sum) {
|
|
$fileowner = fileowner(dirname(__DIR__).'/download/'.ltrim($file,'.'));
|
|
$filegroup = filegroup(dirname(__DIR__).'/download/'.ltrim($file,'.'));
|
|
$perms = fileperms(dirname(__DIR__).'/download/'.ltrim($file,'.'));
|
|
$o = ($perms & 0x0080);
|
|
$g = ($perms & 0x0010);
|
|
$a = ($perms & 0x0002);
|
|
|
|
// pruefe ob datei angelegt werden kann, wenn das passt ist eh alles gut
|
|
if(touch(dirname(__DIR__).'/download/chkrights')) {
|
|
unlink(dirname(__DIR__).'/download/chkrights');
|
|
}
|
|
else if($eigenguser && $eigengroup) {
|
|
if($fileowner != $eigenguser) {
|
|
if($filegroup != $eigengroup) {
|
|
if(!$a) {
|
|
return array('error'=>'ERROR Fehlende Schreibrechte im Downloadordner');
|
|
}
|
|
}
|
|
else{
|
|
if(!$g) {
|
|
return array('error'=>'ERROR Fehlende Schreibrechte im Downloadordner');
|
|
}
|
|
}
|
|
}
|
|
else{
|
|
if(!$o) {
|
|
return array('error'=>'ERROR Fehlende Schreibrechte im Downloadordner');
|
|
}
|
|
}
|
|
}
|
|
|
|
$res['download'][$downloadind] = array('typ'=>$typ,'file'=>$file,'md5sum'=>$md5sum,'size'=>$size);
|
|
$downloadexists[$typ][$file] = $downloadind;
|
|
$downloadind++;
|
|
}
|
|
else{
|
|
$res['copy'][$copyind] = array('typ'=>$typ,'file'=>$file,'md5sum'=>$md5sum,'size'=>$size);
|
|
$copyexists[$typ][$file] = $copyind;
|
|
$copyind++;
|
|
}
|
|
}
|
|
else {
|
|
$res['download'][$downloadind] = array('typ'=>$typ,'file'=>$file,'md5sum'=>$md5sum,'size'=>$size);
|
|
$downloadexists[$typ][$file] = $downloadind;
|
|
$downloadind++;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if(!empty($res['download']) && count($res['download']) > 0) {
|
|
foreach($res['download'] as $key => $val) {
|
|
if(isset($val['md5sum']) && substr($val['md5sum'],0,3) === 'DEL') {
|
|
unset($res['download'][$key]);
|
|
}
|
|
}
|
|
}
|
|
|
|
return $this->CheckRights($res, $eigenguser, $eigengroup);
|
|
}
|
|
|
|
protected function CheckFileFolder($file, $eigenguser, $eigengroup)
|
|
{
|
|
if(is_file($file)) {
|
|
if($handle = @fopen($file,'a+')) {
|
|
fclose($handle);
|
|
return false;
|
|
}
|
|
$fileowner = fileowner($file);
|
|
if($fileowner !== $eigenguser) {
|
|
if(@chown($file,$eigenguser) && ($handle = @fopen($file,'a+'))) {
|
|
fclose($handle);
|
|
return false;
|
|
}
|
|
}
|
|
$perms = fileperms($file);
|
|
$filegroup = filegroup($file);
|
|
if($fileowner === $eigenguser) {
|
|
if(@chmod($file, $perms | 0600)) {
|
|
return false;
|
|
}
|
|
}
|
|
if($filegroup === $eigengroup) {
|
|
if(@chmod($file, $perms | 0060)) {
|
|
return false;
|
|
}
|
|
}
|
|
if(@chown($file,$perms | 0006)) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
if(!is_dir($file)) {
|
|
return false;
|
|
}
|
|
|
|
if(is_file($file.'/chkrights')) {
|
|
@unlink($file.'/chkrights');
|
|
}
|
|
if(!is_file($file.'/chkrights') && @touch($file.'/chkrights')){
|
|
if(is_file($file.'/chkrights')){
|
|
@unlink($file . '/chkrights');
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
$fileowner = fileowner($file);
|
|
if($fileowner !== $eigenguser) {
|
|
if(chown($file,$eigenguser) && @touch($file.'/chkrights')) {
|
|
@unlink($file.'/chkrights');
|
|
return false;
|
|
}
|
|
}
|
|
$perms = fileperms($file);
|
|
$filegroup = filegroup($file);
|
|
if($fileowner === $eigenguser) {
|
|
if(@chmod($file, $perms | 0700) && @touch($file.'/chkrights')) {
|
|
@unlink($file.'/chkrights');
|
|
return false;
|
|
}
|
|
}
|
|
if($filegroup === $eigengroup) {
|
|
if(@chmod($file, $perms | 0070) && @touch($file.'/chkrights')) {
|
|
@unlink($file.'/chkrights');
|
|
return false;
|
|
}
|
|
}
|
|
if(@chown($file,$perms | 0007) && @touch($file.'/chkrights')) {
|
|
@unlink($file.'/chkrights');
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
protected function CheckRights($res, $eigenguser, $eigengroup)
|
|
{
|
|
$foldertocheck = [];
|
|
if(!empty($res['download'])) {
|
|
foreach($res['download'] as $k => $v) {
|
|
$file = ltrim(ltrim($v['file'],'.'),'/');
|
|
if($file === '.') {
|
|
continue;
|
|
}
|
|
if($this->CheckFileFolder(dirname(__DIR__).'/'.$file, $eigenguser, $eigengroup)) {
|
|
$res['FileError'][] = dirname(__DIR__).'/'.$file;
|
|
}
|
|
if($this->CheckFileFolder(dirname(__DIR__).'/download/'.$file, $eigenguser, $eigengroup)) {
|
|
$res['FileError'][] = dirname(__DIR__).'/download/'.$file;
|
|
}
|
|
$dfile = dirname($file);
|
|
if($dfile === '.') {
|
|
$folder = dirname(__DIR__);
|
|
}
|
|
else{
|
|
$folder = dirname(__DIR__) . '/' . $dfile;
|
|
}
|
|
$foldertocheck[substr_count($folder,'/')][$folder] = true;
|
|
if($dfile === '.') {
|
|
$folder = dirname(__DIR__). '/download';
|
|
}
|
|
else{
|
|
$folder = dirname(__DIR__) . '/download/' . $dfile;
|
|
}
|
|
$foldertocheck[substr_count($folder,'/')][$folder] = true;
|
|
}
|
|
}
|
|
if(!empty($res['copy'])) {
|
|
foreach($res['copy'] as $k => $v) {
|
|
$file = ltrim(ltrim($v['file'],'.'),'/');
|
|
if($file === '.') {
|
|
continue;
|
|
}
|
|
if($this->CheckFileFolder(dirname(__DIR__).'/'.$file, $eigenguser, $eigengroup)) {
|
|
$res['FileError'][] = dirname(__DIR__).'/'.$file;
|
|
}
|
|
$dfile = dirname($file);
|
|
if($dfile === '.') {
|
|
$folder = dirname(__DIR__);
|
|
}
|
|
else {
|
|
$folder = dirname(__DIR__) . '/' . $dfile;
|
|
}
|
|
$foldertocheck[substr_count($folder,'/')][$folder] = true;
|
|
}
|
|
}
|
|
if(!empty($foldertocheck)) {
|
|
foreach($foldertocheck as $lvl => $folderarr) {
|
|
foreach($folderarr as $k => $v) {
|
|
if($this->CheckFileFolder($k, $eigenguser, $eigengroup)) {
|
|
$res['FolderError'][] = $k;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return $res;
|
|
}
|
|
|
|
function CheckUpdate()
|
|
{
|
|
$parameter['version']=@$this->conf['version'];
|
|
$result = $this->Request('md5list',$parameter);
|
|
|
|
if($result==='ERROR') {
|
|
echo "Updates: ERROR FROM SERVER (Perhaps a wrong license?)\n";
|
|
return;
|
|
}
|
|
|
|
$rows = explode(";",$result);
|
|
|
|
if(count($rows)>0)
|
|
{
|
|
foreach($rows as $value)
|
|
{
|
|
unset($single_row);
|
|
$single_row = explode(":",$value);
|
|
|
|
if(count($single_row)>=2 && strlen($single_row[0])>3 && strlen($single_row[1])>3)
|
|
{
|
|
$file = $single_row[0];
|
|
$md5sum = $single_row[1];
|
|
if(substr($md5sum,0,3) === 'DEL')continue;
|
|
$parameter['file']=$file;
|
|
$parameter['md5sum']=$md5sum;
|
|
|
|
if($file==='./upgradesystemclient.php')
|
|
{
|
|
|
|
}
|
|
else if(is_file($file))
|
|
{
|
|
// pruefe md5sum
|
|
if(md5_file($file)!=$md5sum)
|
|
{
|
|
// wenn update dann UPD_
|
|
echo "update <- $file\n";
|
|
$result = $this->Request("getfile",$parameter);
|
|
$output = (base64_decode($result));
|
|
//$output = preg_replace('/[^(\x22-\x7F)\x0A]*/','', $output);
|
|
file_put_contents($file."UPD", $output);
|
|
/*
|
|
$fp = fopen($file."UPD","wb+");
|
|
fwrite($fp,base64_decode($result));
|
|
fclose($fp);
|
|
*/
|
|
// pruefsuemme neu berechnen wenn passt umbenennen und ins archiv
|
|
echo md5_file($file."UPD");
|
|
echo "-".$md5sum."\n";
|
|
if(md5_file($file."UPD")==$md5sum)
|
|
{
|
|
echo "update ok $file\n";
|
|
rename($file."UPD",$file);
|
|
}
|
|
}
|
|
} else if($file!="") {
|
|
echo "datei <- $file\n";
|
|
// pruefe ob es verzeichnis gibt
|
|
$verzeichnis = dirname($file);
|
|
if(!is_dir($verzeichnis))
|
|
{
|
|
echo "verzeichnis <- $verzeichnis\n";
|
|
mkdir($verzeichnis,0777,true);
|
|
}
|
|
$result = $this->Request("getfile",$parameter);
|
|
$output = base64_decode($result);
|
|
//$output = iconv("UTF-8","ISO-8859-1//IGNORE",$output);
|
|
//$output = iconv("ISO-8859-1","UTF-8",$output);
|
|
//$output = preg_replace('/[^(\x20-\x7F)\x0A]*/','', $output);
|
|
file_put_contents($file."NEW", $output);
|
|
/*$fp = fopen($file."NEW","wb+");
|
|
fwrite($fp,base64_decode($result));
|
|
fclose($fp);
|
|
*/
|
|
if(md5_file($file."NEW")==$md5sum)
|
|
{
|
|
echo "datei ok $file\n";
|
|
rename($file."NEW",$file);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
function CheckUpdateModules()
|
|
{
|
|
//$this->dir_rekursiv("./");
|
|
//$parameter['md5sums'] = $this->localmd5sums;
|
|
//shell_exec('find ./ -exec md5sum "{}" \;');
|
|
|
|
|
|
$parameter['version']=@$this->conf['version'];
|
|
$result = $this->Request('md5listmodules',$parameter);
|
|
|
|
if($result==='ERROR') {
|
|
echo "Modules: ERROR FROM SERVER (Perhaps a wrong license?)\n"; return;
|
|
}
|
|
|
|
$rows = explode(";",$result);
|
|
|
|
if(count($rows)>0)
|
|
{
|
|
foreach($rows as $value)
|
|
{
|
|
unset($single_row);
|
|
$single_row = explode(":",$value);
|
|
|
|
if(count($single_row)>=2 && strlen($single_row[0])>3 && strlen($single_row[1])>3)
|
|
{
|
|
|
|
$file = $single_row[0];
|
|
$md5sum = $single_row[1];
|
|
if(substr($md5sum,0,3) === 'DEL') {
|
|
continue;
|
|
}
|
|
$parameter['file']=$file;
|
|
$parameter['md5sum']=$md5sum;
|
|
|
|
if($file==="./upgradesystemclient.php")
|
|
{
|
|
|
|
}
|
|
else if(is_file($file))
|
|
{
|
|
// pruefe md5sum
|
|
if(md5_file($file)!=$md5sum)
|
|
{
|
|
// wenn update dann UPD_
|
|
echo "update (M) <- $file\n";
|
|
$result = $this->Request("getfilemodules",$parameter);
|
|
$output = (base64_decode($result));
|
|
//$output = preg_replace('/[^(\x22-\x7F)\x0A]*/','', $output);
|
|
file_put_contents($file."UPD", $output);
|
|
/*
|
|
$fp = fopen($file."UPD","wb+");
|
|
fwrite($fp,base64_decode($result));
|
|
fclose($fp);
|
|
*/
|
|
// pruefsuemme neu berechnen wenn passt umbenennen und ins archiv
|
|
echo md5_file($file."UPD");
|
|
echo "-".$md5sum."\n";
|
|
if(md5_file($file."UPD")==$md5sum)
|
|
{
|
|
echo "update (M) ok $file\n";
|
|
rename($file."UPD",$file);
|
|
}
|
|
}
|
|
} else if($file!='') {
|
|
echo "datei (M) <- $file\n";
|
|
// pruefe ob es verzeichnis gibt
|
|
$verzeichnis = dirname($file);
|
|
if(!is_dir($verzeichnis))
|
|
{
|
|
echo "verzeichnis (M) <- $verzeichnis\n";
|
|
mkdir($verzeichnis,0777,true);
|
|
}
|
|
$result = $this->Request("getfilemodules",$parameter);
|
|
$output = base64_decode($result);
|
|
//$output = iconv("UTF-8","ISO-8859-1//IGNORE",$output);
|
|
//$output = iconv("ISO-8859-1","UTF-8",$output);
|
|
//$output = preg_replace('/[^(\x20-\x7F)\x0A]*/','', $output);
|
|
file_put_contents($file."NEW", $output);
|
|
/*$fp = fopen($file."NEW","wb+");
|
|
fwrite($fp,base64_decode($result));
|
|
fclose($fp);
|
|
*/
|
|
if(md5_file($file."NEW")==$md5sum)
|
|
{
|
|
echo "datei (M) ok $file\n";
|
|
rename($file."NEW",$file);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
function CheckUpdateCustom()
|
|
{
|
|
$parameter['version']=@$this->conf['version'];
|
|
$result = $this->Request("md5listcustom",$parameter);
|
|
|
|
if($result==='ERROR') {
|
|
echo "Custom: ERROR FROM SERVER (Perhaps a wrong license?)\n"; return;
|
|
}
|
|
|
|
$rows = explode(";",$result);
|
|
|
|
if(count($rows)>0)
|
|
{
|
|
foreach($rows as $value)
|
|
{
|
|
unset($single_row);
|
|
$single_row = explode(":",$value);
|
|
|
|
if(count($single_row)>=2 && strlen($single_row[0])>3 && strlen($single_row[1])>3)
|
|
{
|
|
|
|
$file = $single_row[0];
|
|
$md5sum = $single_row[1];
|
|
|
|
$parameter['file']=$file;
|
|
$parameter['md5sum']=$md5sum;
|
|
if(substr($md5sum,0,3) === 'DEL') {
|
|
continue;
|
|
}
|
|
if($file==='./upgradesystemclient.php')
|
|
{
|
|
|
|
}
|
|
else if(is_file($file))
|
|
{
|
|
// pruefe md5sum
|
|
if(md5_file($file)!=$md5sum)
|
|
{
|
|
// wenn update dann UPD_
|
|
echo "update (C) <- $file\n";
|
|
$result = $this->Request("getfilecustom",$parameter);
|
|
|
|
$output = (base64_decode($result));
|
|
//$output = preg_replace('/[^(\x22-\x7F)\x0A]*/','', $output);
|
|
file_put_contents($file."UPD", $output);
|
|
/*
|
|
$fp = fopen($file."UPD","wb+");
|
|
fwrite($fp,base64_decode($result));
|
|
fclose($fp);
|
|
*/
|
|
// pruefsuemme neu berechnen wenn passt umbenennen und ins archiv
|
|
echo md5_file($file."UPD");
|
|
echo "-".$md5sum."\n";
|
|
if(md5_file($file."UPD")==$md5sum)
|
|
{
|
|
echo "update (C) ok $file\n";
|
|
rename($file."UPD",$file);
|
|
}
|
|
}
|
|
} else if($file!="") {
|
|
echo "datei (C) <- $file\n";
|
|
// pruefe ob es verzeichnis gibt
|
|
$verzeichnis = dirname($file);
|
|
if(!is_dir($verzeichnis))
|
|
{
|
|
echo "verzeichnis (C) <- $verzeichnis\n";
|
|
mkdir($verzeichnis,0777,true);
|
|
}
|
|
$result = $this->Request("getfilecustom",$parameter);
|
|
$output = base64_decode($result);
|
|
//$output = iconv("UTF-8","ISO-8859-1//IGNORE",$output);
|
|
//$output = iconv("ISO-8859-1","UTF-8",$output);
|
|
//$output = preg_replace('/[^(\x20-\x7F)\x0A]*/','', $output);
|
|
file_put_contents($file."NEW", $output);
|
|
/*$fp = fopen($file."NEW","wb+");
|
|
fwrite($fp,base64_decode($result));
|
|
fclose($fp);
|
|
*/
|
|
if(md5_file($file."NEW")==$md5sum)
|
|
{
|
|
echo "datei (C) ok $file\n";
|
|
rename($file."NEW",$file);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
function DownloadUpdate()
|
|
{
|
|
|
|
|
|
}
|
|
|
|
function CheckDownloadedUpdate()
|
|
{
|
|
|
|
|
|
}
|
|
|
|
function ExecuteUpdate()
|
|
{
|
|
|
|
}
|
|
|
|
|
|
function Request($command,$parameter)
|
|
{
|
|
$erp = $this->erp;
|
|
|
|
$auth['serial']=trim($erp->Firmendaten('lizenz'));//$this->conf['serial'];
|
|
$auth['authkey']=trim($erp->Firmendaten('schluessel'));//$this->conf['authkey'];
|
|
if(empty($auth['serial']) || empty($auth['authkey']))
|
|
{
|
|
$this->errormsg = 'Bitte tragen Sie die Lizenzdaten in den <a style="color:red;" target="_blank" href="index.php?module=firmendaten&action=edit#tabs-10">Grundeinstellungen</a> ein.';
|
|
return '';
|
|
}
|
|
if(!empty($_SERVER['SERVER_NAME']) && $_SERVER['SERVER_NAME'] !== '') {
|
|
$auth['SERVER_NAME'] = $_SERVER['SERVER_NAME'];
|
|
}
|
|
elseif(!empty($_SERVER['HTTP_HOST'])) {
|
|
$auth['SERVER_NAME'] = $_SERVER['HTTP_HOST'];
|
|
}
|
|
else {
|
|
$auth['SERVER_NAME'] = '';
|
|
}
|
|
$auth = base64_encode(json_encode($auth));
|
|
|
|
$parameter = base64_encode(json_encode($parameter));
|
|
|
|
$client = new UpdateHttpClient($this->conf['host'],$this->conf['port']);
|
|
$client->post('/upgradesystem.php', [
|
|
'authjson' => $auth,
|
|
'parameterjson'=>$parameter,
|
|
'command'=>(String)$command ,
|
|
'withdel' => 1
|
|
]
|
|
);
|
|
$pageContents = $client->getContent();
|
|
if(!empty($client->errormsg)){
|
|
$this->errormsg = $client->errormsg;
|
|
}
|
|
$this->http_code = (string)$client->getStatus();
|
|
|
|
return $pageContents;
|
|
}
|
|
|
|
function dir_rekursiv($verzeichnis)
|
|
{
|
|
$handle = opendir($verzeichnis);
|
|
|
|
while ($datei = readdir($handle))
|
|
{
|
|
if ($datei !== '.' && $datei !== '..')
|
|
{
|
|
if (is_dir($verzeichnis.$datei)) // Wenn Verzeichniseintrag ein Verzeichnis ist
|
|
{
|
|
// Erneuter Funktionsaufruf, um das aktuelle Verzeichnis auszulesen
|
|
$this->dir_rekursiv($verzeichnis.$datei.'/');
|
|
}
|
|
else
|
|
{
|
|
// Wenn Verzeichnis-Eintrag eine Datei ist, diese ausgeben
|
|
$this->localmd5sums[$verzeichnis.$datei] = md5_file($verzeichnis.$datei);
|
|
}
|
|
}
|
|
}
|
|
closedir($handle);
|
|
}
|
|
}
|
|
|
|
|
|
/* Version 0.9, 6th April 2003 - Simon Willison ( http://simon.incutio.com/ )
|
|
Manual: http://scripts.incutio.com/httpclient/
|
|
*/
|
|
|
|
class UpdateHttpClient {
|
|
// Request vars
|
|
var $host;
|
|
var $port;
|
|
var $path;
|
|
var $method;
|
|
var $postdata = '';
|
|
var $cookies = array();
|
|
var $referer;
|
|
var $accept = 'text/xml,application/xml,application/xhtml+xml,text/html,text/plain,image/png,image/jpeg,image/gif,*/*';
|
|
var $accept_encoding = 'gzip';
|
|
var $accept_language = 'en-us';
|
|
var $user_agent = 'Incutio HttpClient v0.9';
|
|
// Options
|
|
var $timeout = 20;
|
|
var $use_gzip = true;
|
|
var $persist_cookies = true; // If true, received cookies are placed in the $this->cookies array ready for the next request
|
|
// Note: This currently ignores the cookie path (and time) completely. Time is not important,
|
|
// but path could possibly lead to security problems.
|
|
var $persist_referers = true; // For each request, sends path of last request as referer
|
|
var $debug = false;
|
|
var $handle_redirects = true; // Auaomtically redirect if Location or URI header is found
|
|
var $max_redirects = 5;
|
|
var $headers_only = false; // If true, stops receiving once headers have been read.
|
|
// Basic authorization variables
|
|
var $username;
|
|
var $password;
|
|
// Response vars
|
|
var $status;
|
|
var $headers = array();
|
|
var $content = '';
|
|
var $errormsg;
|
|
// Tracker variables
|
|
var $redirect_count = 0;
|
|
var $cookie_host = '';
|
|
function __construct($host, $port=80) {
|
|
$this->host = $host;
|
|
$this->port = $port;
|
|
}
|
|
function get($path, $data = false) {
|
|
$this->path = $path;
|
|
$this->method = 'GET';
|
|
if ($data) {
|
|
$this->path .= '?'.$this->buildQueryString($data);
|
|
}
|
|
return $this->doRequest();
|
|
}
|
|
function post($path, $data) {
|
|
$this->path = $path;
|
|
$this->method = 'POST';
|
|
$this->postdata = $this->buildQueryString($data);
|
|
return $this->doRequest();
|
|
}
|
|
function buildQueryString($data) {
|
|
$querystring = '';
|
|
if (is_array($data)) {
|
|
// Change data in to postable data
|
|
foreach ($data as $key => $val) {
|
|
if (is_array($val)) {
|
|
foreach ($val as $val2) {
|
|
$querystring .= urlencode($key).'='.urlencode($val2).'&';
|
|
}
|
|
} else {
|
|
$querystring .= urlencode($key).'='.urlencode($val).'&';
|
|
}
|
|
}
|
|
$querystring = substr($querystring, 0, -1); // Eliminate unnecessary &
|
|
} else {
|
|
$querystring = $data;
|
|
}
|
|
return $querystring;
|
|
}
|
|
function doRequest() {
|
|
// Performs the actual HTTP request, returning true or false depending on outcome
|
|
|
|
if(!@fsockopen('ssl://'.$this->host, $this->port, $errno, $errstr, $this->timeout) && $this->port==443)
|
|
{
|
|
$this->port=80;
|
|
}
|
|
|
|
if($this->port==443){
|
|
$url = 'ssl://' . $this->host;
|
|
}
|
|
else{
|
|
$url = $this->host;
|
|
}
|
|
|
|
if (!$fp = @fsockopen($url, $this->port, $errno, $errstr, $this->timeout)) {
|
|
// Set error message
|
|
switch($errno) {
|
|
case -3:
|
|
$this->errormsg = 'Socket creation failed (-3)';
|
|
$this->errormsg .= ' '.$errstr;
|
|
$this->debug($this->errormsg);
|
|
break;
|
|
case -4:
|
|
$this->errormsg = 'DNS lookup failure (-4)';
|
|
$this->errormsg .= ' '.$errstr;
|
|
$this->debug($this->errormsg);
|
|
break;
|
|
case -5:
|
|
$this->errormsg = 'Connection refused or timed out (-5)';
|
|
$this->errormsg .= ' '.$errstr;
|
|
$this->debug($this->errormsg);
|
|
break;
|
|
default:
|
|
$this->errormsg = 'Connection failed ('.$errno.')';
|
|
$this->errormsg .= ' '.$errstr;
|
|
$this->debug($this->errormsg);
|
|
}
|
|
return false;
|
|
}
|
|
stream_set_timeout($fp, $this->timeout);
|
|
$request = $this->buildRequest();
|
|
$this->debug('Request', $request);
|
|
fwrite($fp, $request);
|
|
// Reset all the variables that should not persist between requests
|
|
$this->headers = array();
|
|
$this->content = '';
|
|
$this->errormsg = '';
|
|
// Set a couple of flags
|
|
$inHeaders = true;
|
|
$atStart = true;
|
|
// Now start reading back the response
|
|
while (!feof($fp)) {
|
|
$line = fgets($fp, 4096);
|
|
if ($atStart) {
|
|
// Deal with first line of returned data
|
|
$atStart = false;
|
|
if (!preg_match('/HTTP\/(\\d\\.\\d)\\s*(\\d+)\\s*(.*)/', $line, $m)) {
|
|
$this->errormsg = "Status code line invalid: ".htmlentities($line);
|
|
$this->debug($this->errormsg);
|
|
//return false;
|
|
}
|
|
$http_version = $m[1]; // not used
|
|
$this->status = $m[2];
|
|
$status_string = $m[3]; // not used
|
|
$this->debug(trim($line));
|
|
continue;
|
|
}
|
|
if ($inHeaders) {
|
|
if (trim($line) == '') {
|
|
$inHeaders = false;
|
|
$this->debug('Received Headers', $this->headers);
|
|
if ($this->headers_only) {
|
|
break; // Skip the rest of the input
|
|
}
|
|
continue;
|
|
}
|
|
if (!preg_match('/([^:]+):\\s*(.*)/', $line, $m)) {
|
|
// Skip to the next header
|
|
continue;
|
|
}
|
|
$key = strtolower(trim($m[1]));
|
|
$val = trim($m[2]);
|
|
// Deal with the possibility of multiple headers of same name
|
|
if (isset($this->headers[$key])) {
|
|
if (is_array($this->headers[$key])) {
|
|
$this->headers[$key][] = $val;
|
|
} else {
|
|
$this->headers[$key] = array($this->headers[$key], $val);
|
|
}
|
|
} else {
|
|
$this->headers[$key] = $val;
|
|
}
|
|
continue;
|
|
}
|
|
// We're not in the headers, so append the line to the contents
|
|
$this->content .= $line;
|
|
}
|
|
fclose($fp);
|
|
|
|
// If data is compressed, uncompress it
|
|
if (isset($this->headers['content-encoding']) && $this->headers['content-encoding'] == 'gzip') {
|
|
$this->debug('Content is gzip encoded, unzipping it');
|
|
$this->content = substr($this->content, 10); // See http://www.php.net/manual/en/function.gzencode.php
|
|
$this->content = gzinflate($this->content);
|
|
}
|
|
// If $persist_cookies, deal with any cookies
|
|
if ($this->persist_cookies && isset($this->headers['set-cookie']) && $this->host == $this->cookie_host) {
|
|
$cookies = $this->headers['set-cookie'];
|
|
if (!is_array($cookies)) {
|
|
$cookies = array($cookies);
|
|
}
|
|
foreach ($cookies as $cookie) {
|
|
if (preg_match('/([^=]+)=([^;]+);/', $cookie, $m)) {
|
|
$this->cookies[$m[1]] = $m[2];
|
|
}
|
|
}
|
|
// Record domain of cookies for security reasons
|
|
$this->cookie_host = $this->host;
|
|
}
|
|
// If $persist_referers, set the referer ready for the next request
|
|
if ($this->persist_referers) {
|
|
$this->debug('Persisting referer: '.$this->getRequestURL());
|
|
$this->referer = $this->getRequestURL();
|
|
}
|
|
// Finally, if handle_redirects and a redirect is sent, do that
|
|
if ($this->handle_redirects) {
|
|
if (++$this->redirect_count >= $this->max_redirects) {
|
|
$this->errormsg = 'Verbindung konnte nicht aufgebaut werden. Bitte wenden Sie sich an Ihre IT. Eventuell sind SSL-Zertifikate nicht vorhanden bzw. abgelaufen';
|
|
$this->debug($this->errormsg);
|
|
$this->redirect_count = 0;
|
|
return false;
|
|
}
|
|
$location = isset($this->headers['location']) ? $this->headers['location'] : '';
|
|
$uri = isset($this->headers['uri']) ? $this->headers['uri'] : '';
|
|
if ($location || $uri) {
|
|
$url = parse_url($location.$uri);
|
|
// This will FAIL if redirect is to a different site
|
|
return $this->get($url['path']);
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
function buildRequest() {
|
|
$headers = array();
|
|
$headers[] = "{$this->method} {$this->path} HTTP/1.0"; // Using 1.1 leads to all manner of problems, such as "chunked" encoding
|
|
$headers[] = "Host: {$this->host}";
|
|
$headers[] = "User-Agent: {$this->user_agent}";
|
|
$headers[] = "Accept: {$this->accept}";
|
|
if ($this->use_gzip) {
|
|
$headers[] = "Accept-encoding: {$this->accept_encoding}";
|
|
}
|
|
$headers[] = "Accept-language: {$this->accept_language}";
|
|
if ($this->referer) {
|
|
$headers[] = "Referer: {$this->referer}";
|
|
}
|
|
// Cookies
|
|
if ($this->cookies) {
|
|
$cookie = 'Cookie: ';
|
|
foreach ($this->cookies as $key => $value) {
|
|
$cookie .= "$key=$value; ";
|
|
}
|
|
$headers[] = $cookie;
|
|
}
|
|
// Basic authentication
|
|
if ($this->username && $this->password) {
|
|
$headers[] = 'Authorization: BASIC '.base64_encode($this->username.':'.$this->password);
|
|
}
|
|
// If this is a POST, set the content type and length
|
|
if ($this->postdata) {
|
|
$headers[] = 'Content-Type: application/x-www-form-urlencoded';
|
|
$headers[] = 'Content-Length: '.strlen($this->postdata);
|
|
}
|
|
$request = implode("\r\n", $headers)."\r\n\r\n".$this->postdata;
|
|
return $request;
|
|
}
|
|
function getStatus() {
|
|
return $this->status;
|
|
}
|
|
function getContent() {
|
|
return $this->content;
|
|
}
|
|
function getHeaders() {
|
|
return $this->headers;
|
|
}
|
|
function getHeader($header) {
|
|
$header = strtolower($header);
|
|
if (isset($this->headers[$header])) {
|
|
return $this->headers[$header];
|
|
}
|
|
return false;
|
|
}
|
|
function getError() {
|
|
return $this->errormsg;
|
|
}
|
|
function getCookies() {
|
|
return $this->cookies;
|
|
}
|
|
function getRequestURL() {
|
|
$url = 'http://'.$this->host;
|
|
if ($this->port != 80) {
|
|
$url .= ':'.$this->port;
|
|
}
|
|
$url .= $this->path;
|
|
return $url;
|
|
}
|
|
// Setter methods
|
|
function setUserAgent($string) {
|
|
$this->user_agent = $string;
|
|
}
|
|
function setAuthorization($username, $password) {
|
|
$this->username = $username;
|
|
$this->password = $password;
|
|
}
|
|
function setCookies($array) {
|
|
$this->cookies = $array;
|
|
}
|
|
// Option setting methods
|
|
function useGzip($boolean) {
|
|
$this->use_gzip = $boolean;
|
|
}
|
|
function setPersistCookies($boolean) {
|
|
$this->persist_cookies = $boolean;
|
|
}
|
|
function setPersistReferers($boolean) {
|
|
$this->persist_referers = $boolean;
|
|
}
|
|
function setHandleRedirects($boolean) {
|
|
$this->handle_redirects = $boolean;
|
|
}
|
|
function setMaxRedirects($num) {
|
|
$this->max_redirects = $num;
|
|
}
|
|
function setHeadersOnly($boolean) {
|
|
$this->headers_only = $boolean;
|
|
}
|
|
function setDebug($boolean) {
|
|
$this->debug = $boolean;
|
|
}
|
|
// "Quick" static methods
|
|
function quickGet($url) {
|
|
$bits = parse_url($url);
|
|
$host = $bits['host'];
|
|
$port = isset($bits['port']) ? $bits['port'] : 80;
|
|
$path = isset($bits['path']) ? $bits['path'] : '/';
|
|
if (isset($bits['query'])) {
|
|
$path .= '?'.$bits['query'];
|
|
}
|
|
$client = new UpdateHttpClient($host, $port);
|
|
if (!$client->get($path)) {
|
|
return false;
|
|
}
|
|
return $client->getContent();
|
|
}
|
|
function quickPost($url, $data) {
|
|
$bits = parse_url($url);
|
|
$host = $bits['host'];
|
|
$port = isset($bits['port']) ? $bits['port'] : 80;
|
|
$path = isset($bits['path']) ? $bits['path'] : '/';
|
|
$client = new UpdateHttpClient($host, $port);
|
|
if (!$client->post($path, $data)) {
|
|
return false;
|
|
}
|
|
return $client->getContent();
|
|
|
|
}
|
|
function debug($msg, $object = false) {
|
|
if ($this->debug) {
|
|
print '<div style="border: 1px solid red; padding: 0.5em; margin: 0.5em;"><strong>HttpClient Debug:</strong> '.$msg;
|
|
if ($object) {
|
|
ob_start();
|
|
print_r($object);
|
|
$content = htmlentities(ob_get_contents());
|
|
ob_end_clean();
|
|
print '<pre>'.$content.'</pre>';
|
|
}
|
|
print '</div>';
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
class UpdatePage
|
|
{
|
|
var $engine;
|
|
function __construct(&$app)
|
|
{
|
|
$this->app = &$app;
|
|
//$this->engine = &$engine;
|
|
}
|
|
|
|
/// load a themeset set
|
|
function LoadTheme($theme)
|
|
{
|
|
//$this->app->Tpl->ReadTemplatesFromPath("themes/$theme/templates/");
|
|
$this->app->Tpl->ReadTemplatesFromPath("themes/$theme/templates/");
|
|
}
|
|
|
|
/// show complete page
|
|
function Show()
|
|
{
|
|
return $this->app->Tpl->FinalParse('update.tpl');
|
|
}
|
|
}
|
|
|
|
class UpdateSession {
|
|
|
|
// set check to true when user have permissions
|
|
private $check = false;
|
|
|
|
public $module;
|
|
public $action;
|
|
|
|
// application object
|
|
public $app;
|
|
public $reason;
|
|
|
|
|
|
function __construct()
|
|
{
|
|
|
|
|
|
}
|
|
|
|
|
|
function Check($appObj)
|
|
{
|
|
$this->app = $appObj;
|
|
$this->check = true;
|
|
|
|
if(!$this->app->acl->CheckTimeOut()){
|
|
$this->check = false;
|
|
$this->reason = 'PLEASE_LOGIN';
|
|
} else {
|
|
//benutzer ist schon mal erfolgreich angemeldet
|
|
if($this->app->User->GetType()==='admin'){
|
|
$this->check = true;
|
|
} else {
|
|
$this->reason = 'NO_PERMISSIONS';
|
|
$this->check = false;
|
|
}
|
|
}
|
|
}
|
|
|
|
function GetCheck() {
|
|
return $this->check;
|
|
}
|
|
|
|
function UserSessionCheck()
|
|
{
|
|
$this->check=false;
|
|
$this->reason='PLEASE_LOGIN';
|
|
//$this->reason="SESSION_TIMEOUT";
|
|
return true;
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
class UpdateWawiString
|
|
{
|
|
|
|
|
|
function __construct()
|
|
{
|
|
}
|
|
|
|
function Convert($value,$input,$output)
|
|
{
|
|
if($input==''){
|
|
return $value;
|
|
}
|
|
|
|
$array = $this->FindPercentValues($input);
|
|
$regexp = $this->BuildRegExp($array);
|
|
|
|
$elements =
|
|
preg_split($regexp,$value,-1,PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY);
|
|
|
|
// input und elements stimmmen ueberein
|
|
|
|
$newout = $output;
|
|
$i = 0;
|
|
foreach($array as $key=>$v)
|
|
{
|
|
$newout = str_replace($key,$elements[$i],$newout);
|
|
$i++;
|
|
}
|
|
return $newout;
|
|
}
|
|
|
|
|
|
function BuildRegExp($array)
|
|
{
|
|
|
|
$regexp = '/^';
|
|
foreach($array as $value)
|
|
{
|
|
$value = str_replace('.','\.',$value);
|
|
$value = str_replace('+','\+',$value);
|
|
$value = str_replace('*','\*',$value);
|
|
$value = str_replace('?','\?',$value);
|
|
$regexp .= '(\S+)'.$value;
|
|
}
|
|
$regexp .= '/';
|
|
|
|
return $regexp;
|
|
}
|
|
|
|
function FindPercentValues($pattern)
|
|
{
|
|
$hash = '';
|
|
$collect = '';
|
|
preg_match_all('/(?:(%[0-9]+)|.)/i', $pattern, $matches);
|
|
$hash = '';
|
|
$collect = '';
|
|
|
|
$start = true;
|
|
foreach($matches[1] as $key=>$value)
|
|
{
|
|
if($value==''){
|
|
$collecting = true;
|
|
}
|
|
else
|
|
{
|
|
$collecting = false;
|
|
$oldhash = $hash;
|
|
$hash = $value;
|
|
}
|
|
|
|
if(!$collecting)
|
|
{
|
|
if(!$start){
|
|
$replace[$oldhash] = $collect;
|
|
}
|
|
$collect='';
|
|
}
|
|
else{
|
|
$collect .= $matches[0][$key];
|
|
}
|
|
$start = false;
|
|
}
|
|
$replace[$hash] = $collect;
|
|
return $replace;
|
|
}
|
|
|
|
function encodeText($string)
|
|
{
|
|
$string = str_replace("\\r\\n","#BR#",$string);
|
|
$string = str_replace("\n","#BR#",$string);
|
|
$encoded = htmlspecialchars(stripslashes($string), ENT_QUOTES);
|
|
|
|
return $encoded;
|
|
}
|
|
|
|
function decodeText($_str, $_form=true)
|
|
{
|
|
if ($_form) {
|
|
$_str = str_replace("#BR#", "\r\n", $_str);
|
|
}
|
|
else {
|
|
$_str = str_replace("#BR#", "<br>", $_str);
|
|
}
|
|
return($_str);
|
|
}
|
|
|
|
function valid_utf8( $string )
|
|
{
|
|
return !((bool)preg_match('~\xF5\xF6\xF7\xF8\xF9\xFA\xFB\xFC\xFD\xFE\xFF\xC0\xC1~ms',$string));
|
|
}
|
|
|
|
}
|
|
class UpdatephpWFAPI
|
|
{
|
|
function __construct(&$app)
|
|
{
|
|
$this->app=&$app;
|
|
}
|
|
|
|
function ReBuildPageFrame()
|
|
{
|
|
$this->app->Tpl->ResetParser();
|
|
$this->BuildPageFrame();
|
|
}
|
|
|
|
|
|
function BuildPageFrame()
|
|
{
|
|
$this->app->Tpl->ReadTemplatesFromPath("phpwf/defaulttemplates/");
|
|
|
|
// build template tree
|
|
$this->app->Page->LoadTheme($this->app->WFconf[defaulttheme]);
|
|
|
|
|
|
// start acutally application instance
|
|
$this->app->Tpl->ReadTemplatesFromPath("pages/content/_gen");
|
|
$this->app->Tpl->ReadTemplatesFromPath("pages/content/");
|
|
}
|
|
|
|
|
|
function StartRequestedCommand()
|
|
{
|
|
$defaultpage = $this->app->WFconf['defaultpage'];
|
|
$defaultpageaction = $this->app->WFconf['defaultpageaction'];
|
|
|
|
$module = $this->app->Secure->GetGET('module','alpha');
|
|
$action = $this->app->Secure->GetGET('action','alpha');
|
|
|
|
if(!file_exists("pages/".$module.".php"))
|
|
$module = $defaultpage;
|
|
|
|
if($action=='') {
|
|
$action = $defaultpageaction;
|
|
}
|
|
if(!$this->app->acl->Check($this->app->User->GetType(),$module,$action))
|
|
return;
|
|
|
|
|
|
// start module
|
|
if(file_exists("pages/".$module.".php"))
|
|
{
|
|
include("pages/".$module.".php");
|
|
//create dynamical an object
|
|
$constr=strtoupper($module[0]).substr($module, 1);
|
|
$myApp = new $constr($this->app);
|
|
}
|
|
else
|
|
{
|
|
echo $this->app->WFM->Error("Module <b>$module</b> doesn't exists in pages/");
|
|
|
|
}
|
|
$this->app->acl->CheckTimeOut();
|
|
}
|
|
|
|
/// mit dem "erstellen Formular" einfach bearbeiten liste + formular anzeigen
|
|
function EasyTableList($tablename,$cols,$parsetarget,$pkname,$delmsg,$delmsgcol)
|
|
{
|
|
// show list
|
|
|
|
// create html table
|
|
$table = new HTMLTable("0","100%");
|
|
$table->AddRowAsHeading($cols);
|
|
|
|
$all = $this->app->DB->SelectTable($tablename,$cols);
|
|
|
|
$table->AddField($all);
|
|
|
|
$action = $this->app->Secure->GetGET("action","alpha");
|
|
$module = $this->app->Secure->GetGET("module","alpha");
|
|
|
|
$table->AddCompleteCol(0,
|
|
"<a href=\"index.php?module=$module&action=$action&id=%col%\">bearbeiten</a>");
|
|
|
|
$table->AddCompleteCol(0,
|
|
"<a href=\"#\" onclick=\"str = confirm('{$delmsg}');
|
|
if(str!='' & str!=null)
|
|
window.document.location.href='index.php?module=$module&action=$action&id=%col%&formaction=delete';\">
|
|
loeschen</a>",$delmsgcol);
|
|
|
|
$table->ChangingRowColors('#ffffff','#dddddd');
|
|
|
|
$this->app->Tpl->Set($parsetarget,$table->Get());
|
|
}
|
|
|
|
function Message($msg,$parsetarget='MSGBOX')
|
|
{
|
|
$this->app->Tpl->Add('MSGBOXTEXT',$msg);
|
|
$this->app->Tpl->Parse($parsetarget,"messagebox.tpl");
|
|
}
|
|
// emailvorlage aus db senden
|
|
|
|
function EmailFromTemplate($template,$to,$values)
|
|
{
|
|
$betreff = $this->app->DB->Select("SELECT betreff
|
|
FROM emailvorlagen WHERE name='$template' LIMIT 1");
|
|
|
|
$nachricht = $this->app->DB->Select("SELECT nachricht
|
|
FROM emailvorlagen WHERE name='$template' LIMIT 1");
|
|
|
|
if(count($values) > 0)
|
|
{
|
|
foreach($values as $key=>$value)
|
|
{
|
|
$nachricht = str_replace("%".$key."%",$value,$nachricht);
|
|
$betreff = str_replace("%".$key."%",$value,$betreff);
|
|
}
|
|
}
|
|
|
|
$nachricht = str_replace('#BR#',"\n",$nachricht);
|
|
mail($to,$betreff,$nachricht,"From: ActConnect Team <info@actconnect.de>");
|
|
|
|
}
|
|
}
|
|
class UpdateSecure
|
|
{
|
|
var $GET;
|
|
var $POST;
|
|
|
|
|
|
function __construct(&$app){
|
|
$this->app = &$app;
|
|
// clear global variables, that everybody have to go over secure layer
|
|
$this->GET = $_GET;
|
|
// $_GET="";
|
|
$this->POST = $_POST;
|
|
// $_POST="";
|
|
|
|
$this->AddRule('notempty','reg','.'); // at least one sign
|
|
$this->AddRule('alpha','reg','[a-zA-Z]');
|
|
$this->AddRule('digit','reg','[0-9]');
|
|
$this->AddRule('space','reg','[ ]');
|
|
$this->AddRule('specialchars','reg','[_-]');
|
|
$this->AddRule('email','reg','^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$');
|
|
$this->AddRule('datum','reg','([0-9]{1,2})\.([0-9]{1,2})\.([0-9]{4})');
|
|
|
|
$this->AddRule('username','glue','alpha+digit');
|
|
$this->AddRule('password','glue','alpha+digit+specialchars');
|
|
}
|
|
|
|
|
|
function GetGET($name,$rule="",$maxlength="",$sqlcheckoff="")
|
|
{
|
|
return $this->Syntax(isset($this->GET[$name])?$this->GET[$name]:'',$rule,$maxlength,$sqlcheckoff);
|
|
}
|
|
|
|
function GetPOST($name,$rule="",$maxlength="",$sqlcheckoff="")
|
|
{
|
|
return $this->Syntax(isset($this->POST[$name])?$this->POST[$name]:'',$rule,$maxlength,$sqlcheckoff);
|
|
}
|
|
|
|
function GetPOSTForForms($name,$rule="",$maxlength="",$sqlcheckoff="")
|
|
{
|
|
return $this->SyntaxForForms($this->POST[$name],$rule,$maxlength,$sqlcheckoff);
|
|
}
|
|
|
|
|
|
|
|
function GetPOSTArray()
|
|
{
|
|
if(count($this->POST)>0)
|
|
{
|
|
foreach($this->POST as $key=>$value)
|
|
{
|
|
$key = $this->GetPOST($key,"alpha+digit+specialchars",20);
|
|
$ret[$key]=$this->GetPOST($value);
|
|
}
|
|
}
|
|
if(isset($ret))return $ret;
|
|
}
|
|
|
|
function GetGETArray()
|
|
{
|
|
if(count($this->GET)>0)
|
|
{
|
|
foreach($this->GET as $key=>$value)
|
|
{
|
|
$key = $this->GetGET($key,"alpha+digit+specialchars",20);
|
|
$ret[$key]=$this->GetGET($value);
|
|
}
|
|
}
|
|
if(isset($ret)) {
|
|
return $ret;
|
|
}
|
|
}
|
|
|
|
function stripallslashes($string) {
|
|
|
|
while(strstr($string,'\\')) {
|
|
$string = stripslashes($string);
|
|
}
|
|
return $string;
|
|
}
|
|
|
|
function smartstripslashes($str) {
|
|
$cd1 = substr_count($str, "\"");
|
|
$cd2 = substr_count($str, "\\\"");
|
|
$cs1 = substr_count($str, "'");
|
|
$cs2 = substr_count($str, "\\'");
|
|
$tmp = strtr($str, array("\\\"" => "", "\\'" => ""));
|
|
$cb1 = substr_count($tmp, "\\");
|
|
$cb2 = substr_count($tmp, "\\\\");
|
|
if ($cd1 == $cd2 && $cs1 == $cs2 && $cb1 == 2 * $cb2) {
|
|
return strtr($str, array("\\\"" => "\"", "\\'" => "'", "\\\\" => "\\"));
|
|
}
|
|
return $str;
|
|
}
|
|
|
|
function SyntaxForForms($value,$rule,$maxlength="",$sqlcheckoff="")
|
|
{
|
|
return $value;//mysqli_real_escape_string($this->app->DB->connection,$value);//mysqli_real_escape_string($value);
|
|
}
|
|
|
|
// check actual value with given rule
|
|
function Syntax($value,$rule,$maxlength="",$sqlcheckoff="")
|
|
{
|
|
$value = str_replace("\xef\xbb\xbf","NONBLOCKINGZERO",$value);
|
|
if(is_array($value))
|
|
{
|
|
return $value;
|
|
}
|
|
|
|
$value = $this->stripallslashes($value);
|
|
$value = $this->smartstripslashes($value);
|
|
|
|
$value = $this->app->erp->superentities($value);
|
|
|
|
if($rule=='' && $sqlcheckoff == '')
|
|
{
|
|
return mysqli_real_escape_string($this->app->DB->connection,$value);//mysqli_real_escape_string($value);
|
|
}
|
|
if($rule=='' && $sqlcheckoff != '')
|
|
{
|
|
return $value;
|
|
}
|
|
|
|
// build complete regexp
|
|
|
|
// check if rule exists
|
|
|
|
if($this->GetRegexp($rule)!=""){
|
|
//$v = '/^['.$this->GetRegexp($rule).']+$/';
|
|
$v = $this->GetRegexp($rule);
|
|
if (preg_match_all('/'.$v.'/i', $value, $teffer) )
|
|
{
|
|
if($sqlcheckoff==""){
|
|
return mysqli_real_escape_string($this->app->DB->connection, $value);//mysqli_real_escape_string($value);
|
|
}
|
|
return $value;
|
|
}
|
|
return '';
|
|
}
|
|
|
|
echo "<table border=\"1\" width=\"100%\" bgcolor=\"#FFB6C1\">
|
|
<tr><td>Rule <b>$rule</b> doesn't exists!</td></tr></table>";
|
|
return '';
|
|
}
|
|
|
|
|
|
function RuleCheck($value,$rule)
|
|
{
|
|
$v = $this->GetRegexp($rule);
|
|
if (preg_match_all('/'.$v.'/i', $value, $teffer) ){
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
function AddRule($name,$type,$rule)
|
|
{
|
|
// type: reg = regular expression
|
|
// type: glue ( already exists rules copy to new e.g. number+digit)
|
|
$this->rules[$name]=array('type'=>$type,'rule'=>$rule);
|
|
}
|
|
|
|
// get complete regexp by rule name
|
|
function GetRegexp($rule)
|
|
{
|
|
$rules = explode("+",$rule);
|
|
$ret = '';
|
|
foreach($rules as $key)
|
|
{
|
|
// check if rule is last in glue string
|
|
if($this->rules[$key]['type']==="glue")
|
|
{
|
|
$subrules = explode("+",$this->rules[$key]['rule']);
|
|
if(count($subrules)>0)
|
|
{
|
|
foreach($subrules as $subkey)
|
|
{
|
|
$ret .= $this->GetRegexp($subkey);
|
|
}
|
|
}
|
|
}
|
|
elseif($this->rules[$key]['type']==="reg")
|
|
{
|
|
$ret .= $this->rules[$key]['rule'];
|
|
}
|
|
}
|
|
if($ret=="")
|
|
$ret = "none";
|
|
return $ret;
|
|
}
|
|
|
|
}
|
|
class UpdateAcl
|
|
{
|
|
/** @var UpdateApplication */
|
|
public $app;
|
|
public function __construct($app)
|
|
{
|
|
$this->app = $app;
|
|
if(!empty($_COOKIE['DBSELECTED']))
|
|
{
|
|
$this->app->changeDbConf($_COOKIE['DBSELECTED']);
|
|
}
|
|
}
|
|
|
|
|
|
function CheckTimeOut()
|
|
{
|
|
$this->session_id = session_id();
|
|
|
|
if(isset($_COOKIE['CH42SESSION']) && $_COOKIE['CH42SESSION']!='')
|
|
{
|
|
$this->session_id = $_COOKIE["CH42SESSION"];
|
|
$this->app->DB->Update("UPDATE useronline SET time=NOW(),login=1 WHERE sessionid='".$this->app->DB->real_escape_string($_COOKIE["CH42SESSION"])."' LIMIT 1");
|
|
}
|
|
|
|
// check if user is applied
|
|
// $this->app->DB->Delete("DELETE FROM useronline WHERE user_id='".$this->app->User->GetID()."' AND sessionid!='".$this->session_id."'");
|
|
$sessid = $this->app->DB->Select("SELECT sessionid FROM useronline,user WHERE
|
|
login='1' AND sessionid='".$this->app->DB->real_escape_string($this->session_id)."' AND user.id=useronline.user_id AND user.activ='1' LIMIT 1");
|
|
|
|
if($this->session_id == $sessid)
|
|
{
|
|
// check if time is expired
|
|
$time = $this->app->DB->Select("SELECT UNIX_TIMESTAMP(time) FROM useronline,user WHERE
|
|
login='1' AND sessionid='".$this->app->DB->real_escape_string($this->session_id)."' AND user.id=useronline.user_id AND user.activ='1' LIMIT 1");
|
|
|
|
if((time()-$time) > $this->app->Conf->WFconf['logintimeout'])
|
|
{
|
|
if(!isset($_COOKIE['CH42SESSION']) || $_COOKIE['CH42SESSION']=='')
|
|
{
|
|
//$this->app->WF->ReBuildPageFrame();
|
|
$this->Logout("Ihre Zeit ist abgelaufen, bitte melden Sie sich erneut an.",true);
|
|
return false;
|
|
}
|
|
}
|
|
else {
|
|
// update time
|
|
$this->app->DB->Update("UPDATE useronline,user SET useronline.time=NOW() WHERE
|
|
login='1' AND sessionid='".$this->app->DB->real_escape_string($this->session_id)."' AND user.id=useronline.user_id AND user.activ='1'");
|
|
|
|
session_write_close(); // Blockade wegnehmen
|
|
|
|
return true;
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
function Check($usertype,$module='',$action='', $userid='')
|
|
{
|
|
return $usertype==='admin';
|
|
}
|
|
|
|
function Login()
|
|
{
|
|
$multidbs = $this->app->getDbs();
|
|
if(count($multidbs) > 1)
|
|
{
|
|
$options = '';
|
|
foreach($multidbs as $k => $v)
|
|
{
|
|
$options .= '<option value="'.$k.'">'.$v.'</options>';
|
|
}
|
|
$this->app->Tpl->Add('MULTIDB','<tr><td>Datenbank: <select name="db">'.$options.'</select><input type="hidden" name="dbselect" value="true"></td></tr>');
|
|
}
|
|
$db = $this->app->Secure->GetPOST('db');
|
|
if(!empty($db))
|
|
{
|
|
if($this->app->changeDbConf($db))
|
|
{
|
|
setcookie('DBSELECTED', $db);
|
|
}
|
|
}
|
|
$username = $this->app->DB->real_escape_string($this->app->Secure->GetPOST("username"));
|
|
$password = $this->app->Secure->GetPOST('password');
|
|
$passwordunescaped = $this->app->Secure->GetPOST('password','','','noescape');
|
|
$stechuhrdevice = $this->app->Secure->GetPOST('stechuhrdevice');
|
|
|
|
$token = $this->app->Secure->GetPOST('token');
|
|
|
|
|
|
if($username=='' && ($password=='' || $token=='') && $stechuhrdevice == ''){
|
|
setcookie('nonavigation',false);
|
|
$this->app->Tpl->Set('LOGINMSG',"Bitte geben Sie Benutzername und Passwort ein.");
|
|
|
|
$this->app->Tpl->Parse('PAGE',"updatelogin.tpl");
|
|
}
|
|
else {
|
|
// Benutzer hat Daten angegeben
|
|
$encrypted = $this->app->DB->Select("SELECT password FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
$encrypted_md5 = $this->app->DB->Select("SELECT passwordmd5 FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
$fehllogins= $this->app->DB->Select("SELECT fehllogins FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
|
|
$type= $this->app->DB->Select("SELECT type FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
$externlogin= $this->app->DB->Select("SELECT externlogin FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
$hwtoken = $this->app->DB->Select("SELECT hwtoken FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
$usesha512 = true;
|
|
$salt = $this->app->DB->Select("SELECT salt FROM user WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
$passwordsha512 = $this->app->DB->Select("SELECT passwordsha512 FROM user WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
if($this->app->DB->error())$usesha512 = false;
|
|
$usepasswordhash = true;
|
|
$passwordhash = $this->app->DB->Select("SELECT passwordhash FROM `user` WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
if($this->app->DB->error())$usepasswordhash = false;
|
|
$stechuhrdevicelogin = false;
|
|
$code = $this->app->Secure->GetPOST('code');
|
|
$devices = $this->app->DB->SelectArr("SELECT * from stechuhrdevice where aktiv = 1 and code = '$code'");
|
|
if($devices)
|
|
{
|
|
$IP = $_SERVER['REMOTE_ADDR'];
|
|
foreach($devices as $device)
|
|
{
|
|
$IP = ip2long($_SERVER['REMOTE_ADDR']);
|
|
$devIP = ip2long($device['IP']);
|
|
$submask = ip2long($device['submask']);
|
|
|
|
$maskIP = $IP & $submask;
|
|
$dbIP = $devIP & $submask;
|
|
if($maskIP == $dbIP)
|
|
{
|
|
$stechuhrdevicelogin = true;
|
|
}
|
|
}
|
|
}
|
|
if($code && !$stechuhrdevicelogin)
|
|
{
|
|
setcookie('nonavigation',false);
|
|
$this->app->Tpl->Set('RESETSTORAGE','
|
|
var devicecode = localStorage.getItem("devicecode");
|
|
if(devicecode)
|
|
{
|
|
localStorage.setItem("devicecode", "");
|
|
}
|
|
|
|
');
|
|
}
|
|
|
|
$user_id="";
|
|
|
|
$userip = $_SERVER['REMOTE_ADDR'];
|
|
$ip_arr = explode('.',$userip);
|
|
|
|
if($ip_arr[0]=="192" || $ip_arr[0]=="10" || $ip_arr[0]=="127")
|
|
$localconnection = 1;
|
|
else
|
|
$localconnection = 0;
|
|
|
|
|
|
//HACK intern immer Passwort
|
|
//if($localconnection==1)
|
|
// $hwtoken=0;
|
|
if($stechuhrdevicelogin && $stechuhrdevice)
|
|
{
|
|
$nr = substr($stechuhrdevice,0,6);
|
|
if(is_numeric($nr) && strlen($stechuhrdevice) > 200)
|
|
{
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user WHERE username = '$nr' and hwtoken = 4 LIMIT 1");
|
|
if($user_id)
|
|
{
|
|
|
|
$encrypted = $this->app->DB->Select("SELECT password FROM user
|
|
WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
|
|
$encrypted_md5 = $this->app->DB->Select("SELECT passwordmd5 FROM user
|
|
WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
|
|
$fehllogins= $this->app->DB->Select("SELECT fehllogins FROM user
|
|
WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
|
|
//$fehllogins=0;
|
|
|
|
$type= $this->app->DB->Select("SELECT type FROM user
|
|
WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
|
|
$externlogin= $this->app->DB->Select("SELECT externlogin FROM user
|
|
WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
|
|
$hwtoken = $this->app->DB->Select("SELECT hwtoken FROM user
|
|
WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
|
|
$usesha512 = true;
|
|
$salt = $this->app->DB->Select("SELECT salt FROM user WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
$passwordsha512 = $this->app->DB->Select("SELECT passwordsha512 FROM user WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
if($this->app->DB->error())
|
|
{
|
|
$usesha512 = false;
|
|
}
|
|
$usepasswordhash = true;
|
|
$passwordhash = $this->app->DB->Select("SELECT passwordhash FROM `user` WHERE id='".$user_id."' AND activ='1' LIMIT 1");
|
|
if($this->app->DB->error())$usepasswordhash = false;
|
|
$stechuhruser = $this->app->DB->Select("SELECT stechuhrdevice FROM user WHERE id = '$user_id'");
|
|
{
|
|
if($stechuhrdevice == $stechuhruser)
|
|
{
|
|
setcookie('nonavigation',true);
|
|
} elseif($stechuhruser == "") {
|
|
$this->app->DB->Update("UPDATE user set stechuhrdevice = '$stechuhrdevice' where id = '$user_id' LIMIT 1");
|
|
setcookie('nonavigation',true);
|
|
} else {
|
|
$user_id = "";
|
|
setcookie('nonavigation',false);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
elseif($hwtoken==1) //motp
|
|
{
|
|
setcookie('nonavigation',false);
|
|
$pin = $this->app->DB->Select("SELECT motppin FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
$secret = $this->app->DB->Select("SELECT motpsecret FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
if($this->mOTP($pin,$token,$secret) && $fehllogins<8 && (md5($password ) == $encrypted_md5 || md5($passwordunescaped ) == $encrypted_md5))
|
|
{
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
} else { $user_id = ""; }
|
|
|
|
}
|
|
//picosafe login
|
|
else if ($hwtoken==2)
|
|
{
|
|
setcookie('nonavigation',false);
|
|
//include("/var/www/wawision/trunk/phpwf/plugins/class.picosafelogin.php");
|
|
$myPicosafe = new PicosafeLogin();
|
|
|
|
$aes = $this->app->DB->Select("SELECT hwkey FROM user WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
$datablock = $this->app->DB->Select("SELECT hwdatablock FROM user WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
$counter = $this->app->DB->Select("SELECT hwcounter FROM user WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
$myPicosafe->SetUserAES($aes);
|
|
$myPicosafe->SetUserDatablock($datablock);
|
|
$myPicosafe->SetUserCounter($counter);
|
|
|
|
if($encrypted_md5!="")
|
|
{
|
|
if ( $myPicosafe->LoginOTP($token) && (md5($password) == $encrypted_md5 || md5($passwordunescaped) == $encrypted_md5) && $fehllogins<8)
|
|
{
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
// Update counter
|
|
$newcounter = $myPicosafe->GetLastValidCounter();
|
|
$this->app->DB->Update("UPDATE user SET hwcounter='$newcounter' WHERE id='$user_id' LIMIT 1");
|
|
|
|
} else {
|
|
//echo $myPicosafe->error_message;
|
|
$user_id = "";
|
|
}
|
|
} else {
|
|
|
|
if ( $myPicosafe->LoginOTP($token) && (crypt( $password, $encrypted ) == $encrypted || crypt( $passwordunescaped, $encrypted ) == $encrypted) && $fehllogins<8)
|
|
{
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
// Update counter
|
|
$newcounter = $myPicosafe->GetLastValidCounter();
|
|
$this->app->DB->Update("UPDATE user SET hwcounter='$newcounter' WHERE id='$user_id' LIMIT 1");
|
|
|
|
} else {
|
|
//echo $myPicosafe->error_message;
|
|
$user_id = '';
|
|
}
|
|
}
|
|
}
|
|
//wawision otp
|
|
else if ($hwtoken==3)
|
|
{
|
|
setcookie('nonavigation',false);
|
|
$wawi = new WaWisionOTP();
|
|
$hwkey = $this->app->DB->Select("SELECT hwkey FROM user WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
$hwcounter = $this->app->DB->Select("SELECT hwcounter FROM user WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
$hwdatablock = $this->app->DB->Select("SELECT hwdatablock FROM user WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
//$wawi->SetKey($hwkey);
|
|
//$wawi->SetCounter($hwcounter);
|
|
|
|
$serial =$hwdatablock;
|
|
//$key = pack('V*', 0x01,0x02,0x03,0x04);
|
|
$hwkey = trim(str_replace(' ','',$hwkey));
|
|
$hwkey_array = explode(",",$hwkey);
|
|
$key = pack('V*', $hwkey_array[0], $hwkey_array[1], $hwkey_array[2], $hwkey_array[3]);
|
|
$check = (int)$wawi->wawision_pad_verify($token,$key,$serial);
|
|
|
|
// Fix fuer HW
|
|
if($check >= 2147483647) $check = 0;
|
|
|
|
if($encrypted_md5!="")
|
|
{
|
|
if ( $check > 0 && (md5($password) == $encrypted_md5 || md5($passwordunescaped) == $encrypted_md5) && $fehllogins<8 && $check > $hwcounter)
|
|
{
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
// Update counter
|
|
$this->app->DB->Update("UPDATE user SET hwcounter='$check' WHERE id='$user_id' LIMIT 1");
|
|
$this->app->erp->SystemLog("xentral Login OTP Success User: $username Token: $token");
|
|
|
|
} else {
|
|
if($check===false)
|
|
{
|
|
$this->app->erp->SystemLog("xentral Login OTP Falscher Key (Unkown Key) User: $username Token: $token");
|
|
} else if ($check < $hwcounter && $check > 0)
|
|
{
|
|
$this->app->erp->SystemLog("xentral Login OTP Counter Fehler (Replay Attacke) User: $username Token: $token");
|
|
}
|
|
//echo $myPicosafe->error_message;
|
|
$user_id = "";
|
|
}
|
|
} else {
|
|
/*
|
|
if ( $wawi->LoginOTP($token) && crypt( $password, $encrypted ) == $encrypted && $fehllogins<8)
|
|
{
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
// Update counter
|
|
$newcounter = $wawi->GetLastValidCounter();
|
|
$this->app->DB->Update("UPDATE user SET hwcounter='$newcounter' WHERE id='$user_id' LIMIT 1");
|
|
} else {
|
|
|
|
*/
|
|
//echo $myPicosafe->error_message;
|
|
$user_id = '';
|
|
// }
|
|
}
|
|
}
|
|
|
|
else {
|
|
setcookie('nonavigation',false);
|
|
|
|
|
|
|
|
if(isset($passwordhash) && $passwordhash != '' && $usepasswordhash)
|
|
{
|
|
$checkunescaped = password_verify ( $passwordunescaped , $passwordhash );
|
|
if(!$checkunescaped)
|
|
{
|
|
$checkescaped = password_verify ( $password , $passwordhash );
|
|
}else {
|
|
$checkescaped = false;
|
|
}
|
|
if($checkunescaped || $checkescaped)
|
|
{
|
|
$user_id = $this->app->DB->Select("SELECT id FROM `user`
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
if($checkescaped && $user_id)
|
|
{
|
|
$options = array(
|
|
'cost' => 12,
|
|
);
|
|
$passwordhash = @password_hash($passwordunescaped, PASSWORD_BCRYPT, $options);
|
|
$this->app->DB->Update("UPDATE `user` SET passwordhash = '".$this->app->DB->real_escape_string($passwordhash)."',
|
|
password='',passwordmd5='', salt = '', passwordsha512 = ''
|
|
WHERE id = '".$user_id."' LIMIT 1");
|
|
}
|
|
}else{
|
|
$user_id = '';
|
|
}
|
|
}elseif(!empty($passwordsha512) && $usesha512)
|
|
{
|
|
if(hash('sha512',$passwordunescaped.$salt) === $passwordsha512 && $fehllogins<8)
|
|
{
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
}else{
|
|
$user_id = '';
|
|
}
|
|
}elseif($encrypted_md5!=''){
|
|
if ((md5($password ) == $encrypted_md5 || md5($passwordunescaped) == $encrypted_md5) && $fehllogins<8)
|
|
{
|
|
if(isset($this->app->Conf->WFdbType) && $this->app->Conf->WFdbType=="postgre"){
|
|
$user_id = $this->app->DB->Select("SELECT id FROM \"user\"
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
} else {
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
}
|
|
if($user_id && $usesha512)
|
|
{
|
|
$salt = $this->app->DB->Select("SELECT salt FROM user WHERE id = '$user_id' LIMIT 1");
|
|
$sha512 = $this->app->DB->Select("SELECT passwordsha512 FROM user WHERE id = '$user_id' LIMIT 1");
|
|
if(empty($salt) && empty($sha512))
|
|
{
|
|
$salt = hash('sha512',microtime(true));
|
|
$sha512 = hash('sha512',$passwordunescaped.$salt);
|
|
$this->app->DB->Update("UPDATE user SET salt = '$salt', passwordsha512 = '$sha512' WHERE id = '$user_id' LIMIT 1");
|
|
}
|
|
}
|
|
}
|
|
else { $user_id = ""; }
|
|
} else {
|
|
if (((crypt( $password, $encrypted ) == $encrypted) || (crypt( $passwordunescaped, $encrypted ) == $encrypted)) && $fehllogins<8)
|
|
{
|
|
if(isset($this->app->Conf->WFdbType) && $this->app->Conf->WFdbType=="postgre"){
|
|
$user_id = $this->app->DB->Select("SELECT id FROM \"user\"
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
} else {
|
|
$user_id = $this->app->DB->Select("SELECT id FROM user
|
|
WHERE username='".$username."' AND activ='1' LIMIT 1");
|
|
|
|
}
|
|
if($user_id && $usesha512)
|
|
{
|
|
$salt = $this->app->DB->Select("SELECT salt FROM user WHERE id = '$user_id' LIMIT 1");
|
|
$sha512 = $this->app->DB->Select("SELECT passwordsha512 FROM user WHERE id = '$user_id' LIMIT 1");
|
|
if(empty($salt) && empty($sha512))
|
|
{
|
|
$salt = hash('sha512',microtime(true));
|
|
$sha512 = hash('sha512',$passwordunescaped.$salt);
|
|
$this->app->DB->Update("UPDATE user SET salt = '$salt', passwordsha512 = '$sha512' WHERE id = '$user_id' LIMIT 1");
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
$user_id = '';
|
|
}
|
|
}
|
|
}
|
|
|
|
//$password = substr($password, 0, 8); //TODO !!! besseres verfahren!!
|
|
|
|
//pruefen ob extern login erlaubt ist!!
|
|
|
|
// wenn keine externerlogin erlaubt ist und verbindung extern
|
|
if($externlogin==0 && $localconnection==0)
|
|
{
|
|
$this->app->Tpl->Set('LOGINERRORMSG',"Es ist kein externer Login mit diesem Account erlaubt.");
|
|
$this->app->Tpl->Parse('PAGE','updatelogin.tpl');
|
|
}
|
|
else if(is_numeric($user_id))
|
|
{
|
|
|
|
$this->app->DB->Delete("DELETE FROM useronline WHERE user_id='".$user_id."'");
|
|
|
|
if($this->session_id != ''){
|
|
$this->app->DB->Insert("INSERT INTO useronline (user_id, sessionid, ip, login, time)
|
|
VALUES ('" . $user_id . "','" . $this->session_id . "','" . $_SERVER['REMOTE_ADDR'] . "','1',NOW())");
|
|
} else {
|
|
$this->app->Tpl->Set('LOGINERRORMSG','Session ID can not be empty');
|
|
$this->app->Tpl->Parse('PAGE','updatelogin.tpl');
|
|
return;
|
|
}
|
|
$this->app->DB->Select("UPDATE user SET fehllogins=0
|
|
WHERE username='".$username."' LIMIT 1");
|
|
if(method_exists($this->app->User,'createCache')) {
|
|
$this->app->User->createCache();
|
|
}
|
|
header('Location: update.php?rand='.md5(mt_rand()));
|
|
exit;
|
|
}
|
|
else if ($fehllogins>=8)
|
|
{
|
|
$this->app->Tpl->Set('LOGINERRORMSG',"Max. Anzahl an Fehllogins erreicht. Bitte wenden Sie sich an Ihren Administrator.");
|
|
$this->app->Tpl->Parse('PAGE',"updatelogin.tpl");
|
|
}
|
|
else
|
|
{
|
|
|
|
if(isset($this->app->Conf->WFdbType) && $this->app->Conf->WFdbType=="postgre")
|
|
$this->app->DB->Select("UPDATE \"user\" SET fehllogins=fehllogins+1 WHERE username='".$username."'");
|
|
else
|
|
$this->app->DB->Select("UPDATE user SET fehllogins=fehllogins+1 WHERE username='".$username."' LIMIT 1");
|
|
|
|
$this->app->Tpl->Set('LOGINERRORMSG',"Benutzername oder Passwort falsch.");
|
|
$this->app->Tpl->Parse('PAGE',"updatelogin.tpl");
|
|
}
|
|
}
|
|
}
|
|
|
|
function Logout($msg="",$logout=false)
|
|
{
|
|
setcookie('DBSELECTED','');
|
|
if($logout)
|
|
$this->app->Tpl->Parse('PAGE',"sessiontimeout.tpl");
|
|
|
|
$username = $this->app->User->GetName();
|
|
$this->app->DB->Delete("DELETE FROM useronline WHERE user_id='".$this->app->User->GetID()."'");
|
|
if(method_exists($this->app->User,'createCache')) {
|
|
$this->app->User->createCache();
|
|
}
|
|
session_destroy();
|
|
session_start();
|
|
session_regenerate_id(true);
|
|
$_SESSION['database']="";
|
|
|
|
|
|
if(!$logout)
|
|
{
|
|
header("Location: ".$this->app->http."://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['REQUEST_URI']),'/'));
|
|
exit;
|
|
}
|
|
//$this->app->Tpl->Set(LOGINERRORMSG,$msg);
|
|
//$this->app->Tpl->Parse(PAGE,"updatelogin.tpl");
|
|
}
|
|
|
|
|
|
function CreateAclDB()
|
|
{
|
|
|
|
}
|
|
|
|
function mOTP($pin,$otp,$initsecret)
|
|
{
|
|
|
|
$maxperiod = 3*60; // in seconds = +/- 3 minutes
|
|
$time=gmdate("U");
|
|
for($i = $time - $maxperiod; $i <= $time + $maxperiod; $i++)
|
|
{
|
|
$md5 = substr(md5(substr($i,0,-1).$initsecret.$pin),0,6);
|
|
|
|
if($otp == $md5) {
|
|
return(true);
|
|
}
|
|
}
|
|
return(false);
|
|
}
|
|
|
|
|
|
|
|
}
|
|
class UpdateUser
|
|
{
|
|
var $cache;
|
|
function __construct(&$app)
|
|
{
|
|
$this->app = &$app;
|
|
}
|
|
|
|
function GetID()
|
|
{
|
|
if(!empty($_COOKIE['CH42SESSION']) && $_COOKIE['CH42SESSION']!='') {
|
|
$tmp = $_COOKIE['CH42SESSION'];
|
|
} else {
|
|
$tmp = session_id();
|
|
}
|
|
if($tmp == '') {
|
|
return 0;
|
|
}
|
|
if(!$this->cache || $this->cache['time'] +10 < microtime(true) || $this->cache['tmp'] != $tmp)
|
|
{
|
|
$this->cache = null;
|
|
$user_id = $this->app->DB->Select("SELECT user_id FROM useronline WHERE sessionid='".$this->app->DB->real_escape_string($tmp)."' AND login ='1'");
|
|
if($user_id)
|
|
{
|
|
$this->cache['user_id'] = $user_id;
|
|
$this->cache['tmp'] = $tmp;
|
|
$this->cache['time'] = microtime(true);
|
|
}
|
|
return $user_id;
|
|
}
|
|
|
|
return $this->cache['user_id'];
|
|
}
|
|
|
|
function GetType()
|
|
{
|
|
if($this->GetID()<=0){
|
|
return $this->app->Conf->WFconf['defaultgroup'];
|
|
}
|
|
|
|
if(isset($this->cache['type'])) {
|
|
return $this->cache['type'];
|
|
}
|
|
|
|
$type = $this->app->DB->Select("SELECT type FROM user WHERE id='".$this->GetID()."'");
|
|
$this->cache['type'] = $type;
|
|
|
|
if($type=="")
|
|
{
|
|
$type = $this->app->Conf->WFconf['defaultgroup'];
|
|
$this->cache['type'] = $type;
|
|
}
|
|
|
|
return $type;
|
|
}
|
|
|
|
function GetParameter($index)
|
|
{
|
|
$id = $this->GetID();
|
|
|
|
if($index!="")
|
|
{
|
|
|
|
$settings = $this->app->DB->Select("SELECT settings FROM user WHERE id='$id' LIMIT 1");
|
|
|
|
$settings = unserialize($settings);
|
|
|
|
if(isset($settings[$index]))
|
|
return $settings[$index];
|
|
}
|
|
}
|
|
|
|
// value koennen beliebige Datentypen aus php sein (serialisiert)
|
|
function SetParameter($index,$value)
|
|
{
|
|
$id = $this->GetID();
|
|
|
|
if($index!="" && isset($value))
|
|
{
|
|
$settings = $this->app->DB->Select("SELECT settings FROM user WHERE id='$id' LIMIT 1");
|
|
$settings = unserialize($settings);
|
|
|
|
$settings[$index] = $value;
|
|
|
|
$settings = serialize($settings);
|
|
$this->app->DB->Update("UPDATE user SET settings='$settings' WHERE id='$id' LIMIT 1");
|
|
$this->cache = null;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
function GetUsername()
|
|
{
|
|
if(isset($this->cache['username'])) {
|
|
return $this->cache['username'];
|
|
}
|
|
$username = $this->app->DB->Select("SELECT username FROM user WHERE id='".$this->GetID()."'");
|
|
$this->cache['username'] = $username;
|
|
return $username;
|
|
}
|
|
|
|
function GetDescription()
|
|
{
|
|
return $this->GetName();
|
|
}
|
|
|
|
function GetMail()
|
|
{
|
|
return $this->app->DB->Select("SELECT email FROM adresse WHERE id='".$this->GetAdresse()."'");
|
|
}
|
|
|
|
|
|
function GetName()
|
|
{
|
|
if(isset($this->cache['name']))return $this->cache['name'];
|
|
$name = $this->app->DB->Select("SELECT name FROM adresse WHERE id='".$this->GetAdresse()."'");
|
|
$this->cache['name'] = $name;
|
|
return $name;
|
|
}
|
|
|
|
function GetSprachen()
|
|
{
|
|
$sprachen = $this->app->DB->Select("SELECT sprachen FROM user WHERE id = '".(int)$this->GetId()."' LIMIT 1");
|
|
if($sprachen)
|
|
{
|
|
$sprachena = explode(';',str_replace(',',';',$sprachen));
|
|
foreach($sprachena as $sprache)
|
|
{
|
|
$sprache = trim($sprache);
|
|
if($sprache != '')$ret[] = $sprache;
|
|
}
|
|
if(isset($ret)) {
|
|
return $ret;
|
|
}
|
|
}
|
|
return array('german','english');
|
|
}
|
|
|
|
function GetSprache()
|
|
{
|
|
$sprachen = $this->GetSprachen();
|
|
return $sprachen[0];
|
|
}
|
|
|
|
|
|
function GetAdresse()
|
|
{
|
|
if(isset($this->cache['adresse'])) {
|
|
return $this->cache['adresse'];
|
|
}
|
|
|
|
$adresse = $this->app->DB->Select("SELECT adresse FROM user WHERE id='".$this->GetID()."'");
|
|
$this->cache['adresse'] = $adresse;
|
|
return $adresse;
|
|
}
|
|
|
|
function GetProjektleiter()
|
|
{
|
|
$result = $this->app->DB->SelectArr("SELECT parameter FROM adresse_rolle WHERE subjekt='Projektleiter' AND (bis='0000-00-00' OR bis < NOW()) AND adresse='".$this->app->User->GetAdresse()."'");
|
|
|
|
if(!empty($result)){
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
|
|
|
|
function DefaultProjekt()
|
|
{
|
|
$adresse = $this->GetAdresse();
|
|
$projekt = $this->app->DB->Select("SELECT projekt FROM adresse WHERE id='".$adresse."'");
|
|
if($projekt <=0)
|
|
$projekt = $this->app->DB->Select("SELECT standardprojekt FROM firma WHERE id='".$this->app->User->GetFirma()."' LIMIT 1");
|
|
|
|
return $projekt;
|
|
}
|
|
|
|
function GetEmail()
|
|
{
|
|
$adresse = $this->GetAdresse();
|
|
return $this->app->DB->Select("SELECT email FROM adresse WHERE id='".$adresse."'");
|
|
}
|
|
|
|
|
|
function GetFirma()
|
|
{
|
|
return 1;
|
|
}
|
|
|
|
|
|
function GetFirmaName()
|
|
{
|
|
if(isset($this->cache['firmaname']))return $this->cache['firmaname'];
|
|
$name = $this->app->DB->Select("SELECT name FROM firma WHERE id='".$this->GetFirma()."'");
|
|
$this->cache['firmaname'] = $name;
|
|
return $name;
|
|
}
|
|
|
|
|
|
function GetField($field)
|
|
{
|
|
return $this->app->DB->Select("SELECT $field FROM user WHERE id='".$this->GetID()."'");
|
|
}
|
|
|
|
|
|
}
|
|
|
|
class UpdateThemeTemplate {
|
|
var $NAME; //Name des Templates
|
|
var $PATH; //PFAD des Templates
|
|
var $parsed; //Zustand
|
|
var $ORIGINAL; //Parse - Text Vorlage
|
|
var $VARS; //assoziatives Array mit Variablennamen als Index
|
|
var $Elements;
|
|
var $vararraycreated;
|
|
function __construct($_path, $_file){
|
|
|
|
$this->vararraycreated = false;
|
|
$this->PATH=$_path;
|
|
$this->NAME=$_file;
|
|
$this->readFile();
|
|
}
|
|
|
|
function readFile()
|
|
{
|
|
$_path = $this->PATH;
|
|
$_file = $this->NAME;
|
|
$fp=@fopen($_path.$_file,"r");
|
|
if($fp){
|
|
if(filesize($_path.$_file)>0)
|
|
$contents = fread ($fp, filesize($_path.$_file));
|
|
fclose($fp);
|
|
}else die($_path.$_file.' not found');
|
|
$this->ORIGINAL=isset($contents)?$contents:'';
|
|
//$this->CreateVarArray();
|
|
}
|
|
|
|
function CreateVarArray(){
|
|
$this->vararraycreated = true;
|
|
$this->SetVar('','');
|
|
$pattern = '/((\[[A-Z0-9_]+\]))/';
|
|
preg_match_all($pattern,$this->ORIGINAL,$matches, PREG_OFFSET_CAPTURE);
|
|
|
|
//TODO Parser umbauen, damit Variablen nicht doppelt genommen werden.
|
|
if(count($matches[0]) > 0)
|
|
{
|
|
$cmatches = count($matches[0]);
|
|
for($i=0;$i<$cmatches;$i++)
|
|
{
|
|
$this->Elements[$i]['before'] = substr($this->ORIGINAL, $i==0?0:($matches[0][$i-1][1] +strlen($matches[0][$i-1][0]) ), $matches[0][$i][1] - ($i==0 ?0 : ($matches[0][$i-1][1]+strlen($matches[0][$i-1][0])) ) );
|
|
$this->Elements[$i]['el'] = $matches[0][$i][0];
|
|
$this->Elements[$i]['el'] = str_replace('[','',$this->Elements[$i]['el']);
|
|
$this->Elements[$i]['el'] = str_replace(']','',$this->Elements[$i]['el']);
|
|
if($i > 0)$this->Elements[$i-1]['nach'] = $this->Elements[$i]['before'];
|
|
}
|
|
$this->Elements[count($matches[0])-1]['nach'] = substr($this->ORIGINAL, $matches[0][count($matches[0])-1][1]+strlen($matches[0][count($matches[0])-1][0]));
|
|
}
|
|
$cmatches = count($matches[0]);
|
|
for($i=0;$i<$cmatches;$i++)
|
|
{
|
|
$matches[0][$i][0] = str_replace('[','',$matches[0][$i][0]);
|
|
$matches[0][$i][0] = str_replace(']','',$matches[0][$i][0]);
|
|
if(!isset($this->VARS[$matches[0][$i][0]]))
|
|
{
|
|
$this->SetVar($matches[0][$i][0],'');
|
|
}
|
|
}
|
|
}
|
|
|
|
function Parsed()
|
|
{
|
|
return 1;
|
|
}
|
|
|
|
function AddVar($_var, $_value){ $this->VARS[$_var]=$this->VARS[$_var].$_value; }
|
|
function SetVar($_var, $_value){ $this->VARS[$_var]=$_value; }
|
|
|
|
}
|
|
|
|
/*********************** Class PcmsTemplate ****************************/
|
|
/// Main Parser for building the html skin (gui)
|
|
class UpdateTemplateParser {
|
|
var $TEMPLATELIST;
|
|
var $VARARRAY;
|
|
var $VARVARARRAY;
|
|
|
|
function __construct(&$app){
|
|
$this->app = &$app;
|
|
$this->TEMPLATELIST=null;
|
|
$this->VARVARARRAY = null;
|
|
$this->ReadTemplatesFromPath('');
|
|
}
|
|
|
|
|
|
function GetVars($tplfile)
|
|
{
|
|
$fp=@fopen($tplfile,"r");
|
|
if($fp){
|
|
$contents = fread ($fp, filesize($tplfile));
|
|
fclose($fp);
|
|
}
|
|
$suchmuster = '/[\[][A-Z_]+[\]]/';
|
|
preg_match_all($suchmuster, $contents, $treffer);
|
|
return $treffer[0];
|
|
}
|
|
|
|
function ResetParser()
|
|
{
|
|
unset($this->TEMPLATELIST);
|
|
unset($this->VARARRAY);
|
|
}
|
|
|
|
function ReadTemplatesFromPath($_path){
|
|
if(is_file(__DIR__.'/update.tpl'))
|
|
{
|
|
$this->TEMPLATELIST['update.tpl'] = new UpdateThemeTemplate(__DIR__.'/','update.tpl');
|
|
}else die(__DIR__.'/update.tpl nicht gefunden');
|
|
if(is_file(__DIR__.'/updatelogin.tpl'))
|
|
{
|
|
$this->TEMPLATELIST['updatelogin.tpl'] = new UpdateThemeTemplate(__DIR__.'/','updatelogin.tpl');
|
|
}else die(__DIR__.'/updatelogin.tpl nicht gefunden');
|
|
}
|
|
|
|
function CreateVarArray(){
|
|
foreach($this->TEMPLATELIST as $template=>$templatename){
|
|
if(count($this->TEMPLATELIST[$template]->VARS) > 0){
|
|
foreach($this->TEMPLATELIST[$template]->VARS as $key=>$value){
|
|
$this->VARARRAY[$key]=$value;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
function ShowVariables(){
|
|
foreach($this->VARARRAY as $key=>$value)
|
|
echo "<b>$key =></b>".htmlspecialchars($value)."<br>";
|
|
}
|
|
|
|
function ParseVariables($text){
|
|
foreach($this->VARARRAY as $key=>$value)
|
|
{
|
|
if($key=!"")
|
|
$text = str_replace('['.$key.']',$value,$text);
|
|
}
|
|
// fill empty vars
|
|
return $text;
|
|
}
|
|
|
|
function ShowTemplates(){
|
|
foreach ($this->TEMPLATELIST as $key=> $value){
|
|
foreach ($value as $key1=> $text){
|
|
if(!is_array($text))echo "$key ".htmlspecialchars($text)."<br>";
|
|
if(is_array($text))foreach($text as $key2=>$value2) echo $key2." ".$value2;
|
|
}
|
|
echo "<br><br>";
|
|
}
|
|
}
|
|
|
|
function Set($_var,$_value, $variable = false){ $this->VARARRAY[$_var]=$_value; if($variable)$this->VARVARARRAY[$_var] = $variable;}
|
|
|
|
function Add($_var,$_value, $variable = false){
|
|
$this->VARARRAY[$_var]=isset($this->VARARRAY[$_var])?$this->VARARRAY[$_var].$_value:$_value;
|
|
if($variable)$this->VARVARARRAY[$_var] = $variable;
|
|
}
|
|
|
|
function Get($_var){
|
|
return $this->VARARRAY[$_var]." ";
|
|
}
|
|
|
|
function Output($_template)
|
|
{
|
|
echo $this->app->erp->ClearDataBeforeOutput($this->Parse("",$_template,1));
|
|
}
|
|
|
|
|
|
function OutputAsString($_template)
|
|
{
|
|
return $this->app->erp->ClearDataBeforeOutput($this->Parse("",$_template,1));
|
|
}
|
|
|
|
|
|
function Parse($_var, $_template,$return=0){
|
|
|
|
//$this->AjaxParse();
|
|
//if($_var == 'PAGE')$this->app->erp->ParseMenu();
|
|
$this->ParseVarVars();
|
|
if($_template!=""){
|
|
if(isset($this->TEMPLATELIST[$_template]) && !($this->TEMPLATELIST[$_template]->vararraycreated))
|
|
{
|
|
$this->TEMPLATELIST[$_template]->CreateVarArray();
|
|
}
|
|
|
|
//alle template variablen aufuellen mit den werten aus VARARRAY
|
|
if(isset($this->TEMPLATELIST[$_template]) && isset($this->TEMPLATELIST[$_template]->VARS) && count($this->TEMPLATELIST[$_template]->VARS)>0){
|
|
foreach ($this->TEMPLATELIST[$_template]->VARS as $key=> $value){
|
|
$this->TEMPLATELIST[$_template]->SetVar($key,isset($this->VARARRAY[$key])?$this->VARARRAY[$key]:'');
|
|
}
|
|
|
|
//ORIGINAL auffuellen
|
|
$tmptpl = $this->TEMPLATELIST[$_template]->ORIGINAL;
|
|
foreach ($this->TEMPLATELIST[$_template]->VARS as $key=>$value){
|
|
if(!is_numeric($key) && $key!="")
|
|
$tmptpl = str_replace("[".$key."]",$value, $tmptpl);
|
|
}
|
|
} else $tmptpl = '';
|
|
//aufgefuelltes ORIGINAL in $t_var add($_var,ORIGINAL)
|
|
if($return==1)
|
|
return $tmptpl;
|
|
else
|
|
$this->Add($_var,$tmptpl);
|
|
}
|
|
}
|
|
|
|
function AddAndParse($_var, $_value, $_varparse, $_templateparse){
|
|
$this->Set($_var, $_value);
|
|
$this->Parse($_varparse,$_templateparse);
|
|
}
|
|
|
|
function ParseVarVars()
|
|
{
|
|
$pattern = '/((\[[A-Z0-9_]+\]))/';
|
|
if(!empty($this->VARVARARRAY) && is_array($this->VARVARARRAY))
|
|
{
|
|
foreach($this->VARVARARRAY as $k => $el)
|
|
{
|
|
preg_match_all($pattern,$this->VARARRAY[$k],$matches, PREG_OFFSET_CAPTURE);
|
|
|
|
$cmatches = $matches[0]?count($matches[0]):0;
|
|
for($i=0;$i<$cmatches;$i++)
|
|
{
|
|
$matches[0][$i][0] = str_replace('[','',$matches[0][$i][0]);
|
|
$matches[0][$i][0] = str_replace(']','',$matches[0][$i][0]);
|
|
if(isset($this->VARARRAY[$matches[0][$i][0]]))
|
|
{
|
|
$this->VARARRAY[$k] = str_replace('['.$matches[0][$i][0].']',$this->VARARRAY[$matches[0][$i][0]],$this->VARARRAY[$k]);
|
|
}
|
|
}
|
|
unset($matches);
|
|
}
|
|
}
|
|
}
|
|
|
|
function FinalParse($_template){
|
|
|
|
$this->ParseVarVars();
|
|
if(isset($this->TEMPLATELIST[$_template]) && !($this->TEMPLATELIST[$_template]->vararraycreated))
|
|
{
|
|
$this->TEMPLATELIST[$_template]->CreateVarArray();
|
|
}
|
|
$print = $this->app->Secure->GetGET("print");
|
|
$printcontent = $this->app->Secure->GetGET("printcontent");
|
|
|
|
if($printcontent=="") $printcontent="TAB1";
|
|
if($print=="true") {
|
|
$out = str_replace("[PRINT]",$this->VARARRAY[$printcontent],$this->TEMPLATELIST['print.tpl']->ORIGINAL);
|
|
echo $out;
|
|
exit;
|
|
}
|
|
|
|
if($_template!="" && isset($this->TEMPLATELIST[$_template]) && isset($this->TEMPLATELIST[$_template]->VARS)){
|
|
//alle template variablen aufuellen mit den werten aus VARARRAY
|
|
if(count($this->TEMPLATELIST[$_template]->VARS)>0){
|
|
foreach ($this->TEMPLATELIST[$_template]->VARS as $key=> $value)
|
|
{
|
|
$this->TEMPLATELIST[$_template]->SetVar($key,(isset($this->VARARRAY[$key])?$this->VARARRAY[$key]:''));
|
|
}
|
|
}
|
|
}
|
|
//ORIGINAL auffuellen
|
|
|
|
|
|
$new = false;
|
|
if($new)
|
|
{
|
|
//macht Noch Probleme
|
|
$tmptpl = '';
|
|
if(!empty($this->TEMPLATELIST[$_template]->Elements))
|
|
{
|
|
|
|
|
|
foreach($this->TEMPLATELIST[$_template]->Elements as $k)
|
|
{
|
|
$tmptpl .= $k['before'];
|
|
if(!empty($this->TEMPLATELIST[$_template]->VARS[$k['el']]))
|
|
{
|
|
$tmptpl .= $this->TEMPLATELIST[$_template]->VARS[$k['el']];
|
|
}
|
|
}
|
|
$tmptpl .= $this->TEMPLATELIST[$_template]->Elements[count($this->TEMPLATELIST[$_template]->Elements)-1]['nach'];
|
|
}else $tmptpl = $this->TEMPLATELIST[$_template]->ORIGINAL;
|
|
}else
|
|
{
|
|
$tmptpl = $this->TEMPLATELIST[$_template]->ORIGINAL;
|
|
if(count($this->TEMPLATELIST[$_template]->VARS)>0){
|
|
foreach ($this->TEMPLATELIST[$_template]->VARS as $key=>$value)
|
|
{
|
|
if($key!="")
|
|
$tmptpl = str_replace("[".$key."]",$value, $tmptpl);
|
|
}
|
|
}
|
|
|
|
if(count($this->VARARRAY)>0)
|
|
foreach($this->VARARRAY as $key=>$value)
|
|
{
|
|
if($key!="")
|
|
$tmptpl = str_replace('['.$key.']',$value,$tmptpl);
|
|
}
|
|
}
|
|
|
|
$tmptpl = $this->app->erp->ClearDataBeforeOutput($tmptpl);
|
|
return $tmptpl;
|
|
}
|
|
|
|
function AjaxParse()
|
|
{
|
|
|
|
}
|
|
|
|
|
|
function KeywordParse()
|
|
{
|
|
|
|
foreach($this->TEMPLATELIST as $key=>$value)
|
|
{
|
|
foreach ($this->TEMPLATELIST[$key]->VARS as $var=>$tmp)
|
|
if(strstr($var,"AJAX"))
|
|
{
|
|
echo $var;
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
class UpdateApplication
|
|
{
|
|
|
|
var $ActionHandlerList;
|
|
var $ActionHandlerDefault;
|
|
public $Conf;
|
|
protected $multidb;
|
|
|
|
public function __construct($config, $group='')
|
|
{
|
|
session_cache_limiter('private');
|
|
@session_start();
|
|
|
|
$this->Conf= $config;
|
|
if(file_exists(dirname(__DIR__) .'/conf/multidb.conf.php'))
|
|
{
|
|
$multidb = include dirname(__DIR__) .'/conf/multidb.conf.php';
|
|
if(!empty($multidb))
|
|
{
|
|
$this->Conf->origDB = $this->Conf->WFdbname;
|
|
foreach($multidb as $key => $value)
|
|
{
|
|
if(is_array($value))
|
|
{
|
|
if(is_numeric($key) && !empty($value['dbname']))
|
|
{
|
|
$this->multidb[] = [
|
|
'dbname'=>$value['dbname'],
|
|
'dbhost'=>!empty($value['dbhost'])?$value['dbhost']:$this->Conf->WFdbhost,
|
|
'dbport'=>!empty($value['dbport'])?$value['dbport']:$this->Conf->WFdbport,
|
|
'dbuser'=>!empty($value['dbuser'])?$value['dbuser']:$this->Conf->WFdbuser,
|
|
'dbpass'=>!empty($value['dbpass'])?$value['dbpass']:$this->Conf->WFdbpass,
|
|
'description'=>!empty($value['description'])?$value['description']:$value['dbname'],
|
|
'cronjob'=>!empty($value['cronjob'])?$value['cronjob']:0
|
|
];
|
|
}elseif(!is_numeric($key)){
|
|
$this->multidb[] = [
|
|
'dbname'=>!empty($value['dbname'])?$value['dbname']:$key,
|
|
'dbhost'=>!empty($value['dbhost'])?$value['dbhost']:$this->Conf->WFdbhost,
|
|
'dbport'=>!empty($value['dbport'])?$value['dbport']:$this->Conf->WFdbport,
|
|
'dbuser'=>!empty($value['dbuser'])?$value['dbuser']:$this->Conf->WFdbuser,
|
|
'dbpass'=>!empty($value['dbpass'])?$value['dbpass']:$this->Conf->WFdbpass,
|
|
'description'=>!empty($value['description'])?$value['description']:(!empty($value['dbname'])?$value['dbname']:$key),
|
|
'cronjob'=>!empty($value['cronjob'])?$value['cronjob']:0
|
|
];
|
|
}
|
|
}else{
|
|
if(is_numeric($key))
|
|
{
|
|
$this->multidb[] = [
|
|
'dbname'=>$value,
|
|
'dbhost'=>$this->Conf->WFdbhost,
|
|
'dbport'=>$this->Conf->WFdbport,
|
|
'dbuser'=>$this->Conf->WFdbuser,
|
|
'dbpass'=>$this->Conf->WFdbpass,
|
|
'description'=>$value,
|
|
'cronjob'=>0
|
|
];
|
|
}else{
|
|
$this->multidb[] = [
|
|
'dbname'=>$key,
|
|
'dbhost'=>$this->Conf->WFdbhost,
|
|
'dbport'=>$this->Conf->WFdbport,
|
|
'dbuser'=>$this->Conf->WFdbuser,
|
|
'dbpass'=>$this->Conf->WFdbpass,
|
|
'description'=>$key,
|
|
'cronjob'=>0
|
|
];
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=="on")
|
|
$this->http = "https";
|
|
else
|
|
$this->http = "http";
|
|
|
|
|
|
$this->Secure = new UpdateSecure($this); // empty $_GET, and $_POST so you
|
|
|
|
// have to need the secure layer always
|
|
$this->Tpl = new UpdateTemplateParser($this);
|
|
|
|
$this->User = new UpdateUser($this);
|
|
$this->acl = new UpdateAcl($this);
|
|
$this->WF = new UpdatephpWFAPI($this);
|
|
$this->String = new UpdateWawiString();
|
|
|
|
$this->BuildNavigation = true;
|
|
|
|
$this->DB = new UpdateDB($this->Conf->WFdbhost,$this->Conf->WFdbname,$this->Conf->WFdbuser,$this->Conf->WFdbpass,$this,$this->Conf->WFdbport);
|
|
$this->Tpl->ReadTemplatesFromPath('');
|
|
}
|
|
|
|
|
|
public function getDbs()
|
|
{
|
|
$ret = [];
|
|
$ret[$this->Conf->WFdbname] = $this->Conf->WFdbname;
|
|
if(!empty($this->multidb))
|
|
{
|
|
foreach($this->multidb as $key => $value)
|
|
{
|
|
if($this->Conf->WFdbname !== $value['dbname']){
|
|
$ret[$value['dbname']] = $value['description'];
|
|
}elseif(!empty($value['description']) && $value['description'] !== $this->Conf->WFdbname){
|
|
$ret[$this->Conf->WFdbname] = $value['description'];
|
|
}
|
|
}
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
public function getCronjobDbs()
|
|
{
|
|
$ret = [];
|
|
if(!empty($this->multidb))
|
|
{
|
|
$nocron = [];
|
|
foreach($this->multidb as $key => $value)
|
|
{
|
|
if($value['cronjob']){
|
|
$ret[] = $value['dbname'];
|
|
}else{
|
|
$nocron[] = $value['dbname'];
|
|
}
|
|
}
|
|
if(empty($ret[$this->Conf->WFdbname]) && empty($nocron[$this->Conf->WFdbname]))
|
|
{
|
|
$ret[] = $this->Conf->WFdbname;
|
|
}
|
|
}else{
|
|
$ret[] = $this->Conf->WFdbname;
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
public function changeDbConf($dbname)
|
|
{
|
|
if(empty($dbname))
|
|
{
|
|
return false;
|
|
}
|
|
if($this->Conf->WFdbname === $dbname)
|
|
{
|
|
return false;
|
|
}
|
|
if(!empty($this->multidb))
|
|
{
|
|
foreach($this->multidb as $value)
|
|
{
|
|
if($value['dbname'] === $dbname)
|
|
{
|
|
$this->Conf->WFdbname = $dbname;
|
|
$this->Conf->WFdbhost = $value['dbhost'];
|
|
$this->Conf->WFdbport = $value['dbport'];
|
|
$this->Conf->WFdbuser = $value['dbuser'];
|
|
$this->Conf->WFdbpass = $value['dbpass'];
|
|
$this->DB = new DB($this->Conf->WFdbhost,$this->Conf->WFdbname,$this->Conf->WFdbuser,$this->Conf->WFdbpass,$this,$this->Conf->WFdbport);
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
|
|
function __destruct() {
|
|
$this->DB->Close();
|
|
}
|
|
|
|
function ActionHandlerInit(&$caller)
|
|
{
|
|
$this->caller = &$caller;
|
|
}
|
|
|
|
|
|
function ActionHandler($command,$function)
|
|
{
|
|
$this->ActionHandlerList[$command]=$function;
|
|
}
|
|
|
|
function DefaultActionHandler($command)
|
|
{
|
|
$this->ActionHandlerDefault=$command;
|
|
}
|
|
|
|
|
|
function ActionHandlerListen(&$app)
|
|
{
|
|
$fkt = '';
|
|
$action = $app->Secure->GetGET("action","alpha");
|
|
if($action!="")
|
|
{
|
|
if(isset($this->ActionHandlerList[$action]))$fkt = $this->ActionHandlerList[$action];
|
|
}
|
|
else
|
|
{
|
|
if(empty($this->ActionHandlerDefault) && isset($this->ActionHandlerList['list']))
|
|
{
|
|
if(empty($action))$app->Secure->GET['action'] = 'list';
|
|
$this->ActionHandlerDefault = 'list';
|
|
}
|
|
if(isset($this->ActionHandlerDefault))$fkt = $this->ActionHandlerList[$this->ActionHandlerDefault];
|
|
}
|
|
|
|
// check permissions
|
|
if($fkt)@$this->caller->$fkt();
|
|
}
|
|
}
|
|
|
|
class UpdatePlayer {
|
|
|
|
public $DefautTemplates;
|
|
public $DefautTheme;
|
|
|
|
/** @var UpdateApplication $app */
|
|
public $app;
|
|
|
|
function __construct()
|
|
{
|
|
$this->DefautTemplates='defaulttemplates';
|
|
$this->DefautTheme='default';
|
|
}
|
|
|
|
/**
|
|
* @param UpdateSession $sessionObj
|
|
*/
|
|
function Run($sessionObj)
|
|
{
|
|
$this->app = $sessionObj->app;
|
|
// play application only when layer 2 said that its ok
|
|
if(!$sessionObj->GetCheck()) {
|
|
if($sessionObj->reason==='PLEASE_LOGIN')
|
|
{
|
|
$action = 'login';
|
|
$this->app->Secure->GET['action']='login';
|
|
} else {
|
|
$action = 'login';
|
|
}
|
|
} else {
|
|
$action = $this->app->Secure->GetGET('action','alpha');
|
|
}
|
|
$this->app->Tpl->Set('YEAR',date('Y'));
|
|
$this->app->Tpl->Set('BENUTZER',$this->app->User->GetName());
|
|
//$this->app->Tpl->Set('REVISION',$this->app->erp->Revision(). " (".$this->app->erp->Branch().")");
|
|
//$this->app->Tpl->Set('REVISIONID',$this->app->erp->RevisionPlain());
|
|
//$this->app->Tpl->Set('BRANCH',$this->app->erp->Branch());
|
|
|
|
$this->app->Tpl->Set(
|
|
'LIZENZHINWEIS',' <a href="https://xentral.com/lizenzhinweis" target="_blank">Lizenzhinweis</a>'
|
|
);
|
|
switch($action)
|
|
{
|
|
case 'login':
|
|
$this->app->Tpl->Set('UEBERSCHRIFT',"xentral · Enterprise Warehouse Management");
|
|
$this->app->acl->Login();
|
|
echo $this->app->Tpl->FinalParse('update.tpl');
|
|
break;
|
|
case 'ajax':
|
|
$data = null;
|
|
$WAWISION['host']=XENTRAL_UPDATE_HOST;
|
|
$WAWISION['port']="443";
|
|
$cmd = $this->app->Secure->GetGET('cmd');
|
|
switch($cmd){
|
|
case 'checkforupdate':
|
|
$this->app->erp->setMaintainance(true);
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$_data = $myUpd->CheckFiles(true);
|
|
if(empty($_data) || (is_string($_data) && strpos($_data, 'ERROR') === 0)) {
|
|
$_data = $myUpd->CheckFiles(true);
|
|
}
|
|
if(is_string($_data) && strpos($_data, 'ERROR') === 0) {
|
|
$this->app->erp->setMaintainance(false);
|
|
$data['error'] = $_data;
|
|
}
|
|
else {
|
|
if(isset($_data['download']) && count($_data['download']) > 0) {
|
|
$files = $_data['download'];
|
|
$myUpd->DownloadFile($files);
|
|
$_data = $myUpd->CheckFiles(true);
|
|
if(isset($_data['download']) && count($_data['download']) > 0) {
|
|
$files = $_data['download'];
|
|
$myUpd->DownloadFile($files);
|
|
$_data = $myUpd->CheckFiles(true);
|
|
}
|
|
elseif(empty($_data['copy'])) {
|
|
$_data = $myUpd->CheckFiles(true);
|
|
}
|
|
if(!isset($_data['download']) || count($_data['download']) == 0) {
|
|
$data['reload'] = 1;
|
|
}
|
|
}
|
|
if(isset($_data['copy']) && count($_data['copy']) > 0) {
|
|
$files = $_data['copy'];
|
|
$data3 = $myUpd->CopyFile($files);
|
|
$_data = $myUpd->CheckFiles(true);
|
|
if(!isset($_data['copy']) || count($_data['copy']) == 0) {
|
|
$data['reload'] = 1;
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate(__FILE__);
|
|
opcache_invalidate(__DIR__ . '/update.tpl');
|
|
}
|
|
}
|
|
}
|
|
}
|
|
break;
|
|
case 'changeversion':
|
|
$version = $this->app->Secure->GetPOST('version');
|
|
if($version) {
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$data['version'] = $myUpd->ChangeVersion();
|
|
}
|
|
else {
|
|
$data['error']= 'Fehler: Keine Version';
|
|
}
|
|
break;
|
|
case 'checkfiles':
|
|
$version = $this->app->Secure->GetPOST('version');
|
|
if($version) {
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$data = $myUpd->CheckFiles();
|
|
}
|
|
else {
|
|
$data['error'] = 'Fehler: Keine Version';
|
|
}
|
|
break;
|
|
case 'checkfileszip':
|
|
$version = $this->app->Secure->GetPOST('version');
|
|
if($version){
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$_data = $myUpd->CheckFiles();
|
|
$data['zip'] = 0;
|
|
$data['copy'] = isset($_data['copy']) && isset($_data['copy'][0]) ? count($_data['copy']) : 0;
|
|
$data['download'] = isset($_data['download']) && isset($_data['download'][0]) ? count($_data['download']) : 0;
|
|
if($data['download'] > 500) {
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$zipResonse = $myUpd->downloadZips();
|
|
if(is_array($zipResonse)) {
|
|
$data = array_merge($data, $zipResonse);
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
$data = 'Fehler: Keine Version';
|
|
}
|
|
break;
|
|
case 'checkfiles2':
|
|
$version = $this->app->Secure->GetPOST('version');
|
|
if($version) {
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$_data = $myUpd->CheckFiles();
|
|
$data['copy'] = isset($_data['copy']) && isset($_data['copy'][0])?count($_data['copy']):0;
|
|
$data['download'] = isset($_data['download']) && isset($_data['download'][0])?count($_data['download']):0;
|
|
if(!empty($_data['FileError'])) {
|
|
$data['FileError'] = $_data['FileError'];
|
|
}
|
|
if(!empty($_data['FolderError'])) {
|
|
$data['FolderError'] = $_data['FolderError'];
|
|
}
|
|
if(isset($_data['error'])){
|
|
$data['error'] = $_data['error'];
|
|
}
|
|
//$data = 'download '.(isset($data['download']) && isset($data['download'][0])?count($data['download']).' :'.$data['download'][0]['file']:0).' copy '.(isset($data['copy']) && isset($data['copy'][0])?count($data['copy']).' :'.$data['copy'][0]['file']:0);
|
|
}
|
|
else {
|
|
$data = 'Fehler: Keine Version';
|
|
}
|
|
break;
|
|
case 'downloadfiles2':
|
|
$version = $this->app->Secure->GetPOST('version');
|
|
if($version) {
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$files = false;
|
|
if($version) {
|
|
$data2 = $myUpd->CheckFiles();
|
|
if(isset($data2['download']))$files = $data2['download'];
|
|
}
|
|
if($version && $files) {
|
|
$data3 = $myUpd->DownloadFile($files);
|
|
$data['todownload'] = (isset($data3['todownload']) && is_array($data3['todownload']))?count($data3['todownload']):0;
|
|
}
|
|
else {
|
|
$data['todownload'] = null;
|
|
}
|
|
}
|
|
else{
|
|
$data['error'] = 'Keine Version';
|
|
}
|
|
break;
|
|
case 'downloadfiles':
|
|
$version = $this->app->Secure->GetPOST('version');
|
|
if($version) {
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$files = json_decode(json_encode($this->app->Secure->GetPOST('files')),true);
|
|
if($version && !$files)
|
|
{
|
|
$data2 = $myUpd->CheckFiles();
|
|
if(isset($data2['todownload']))$files = $data2['todownload'];
|
|
}
|
|
if($version && $files) {
|
|
$data = $myUpd->DownloadFile($files);
|
|
}
|
|
else {
|
|
$data['todownload'] = null;
|
|
}
|
|
}
|
|
else{
|
|
$data['error'] = 'Keine Version';
|
|
}
|
|
break;
|
|
case 'copyfiles':
|
|
$version = $this->app->Secure->GetPOST('version');
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
|
|
$files = json_decode(json_encode($this->app->Secure->GetPOST('files')),true);
|
|
if($version && !$files) {
|
|
$data2 = $myUpd->CheckFiles();
|
|
if(isset($data2['todownload'])) {
|
|
$myUpd->DownloadFile($data2['todownload']);
|
|
}
|
|
elseif(isset($data2['tocopy'])) {
|
|
$files = $data2['tocopy'];
|
|
}
|
|
}
|
|
|
|
if($version && $files) {
|
|
$data = $myUpd->CopyFile($files);
|
|
}
|
|
elseif(!$version) {
|
|
$data = array('error'=>'Keine Version');
|
|
}
|
|
else{
|
|
$data = array('error'=>'Keine Version');
|
|
}
|
|
break;
|
|
case 'copyfiles2':
|
|
$version = $this->app->Secure->GetPOST('version');
|
|
$WAWISION['versionname'] = $version;
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
|
|
$files = false;
|
|
if($version) {
|
|
$data2 = $myUpd->CheckFiles();
|
|
if(isset($data2['download'])) {
|
|
$myUpd->DownloadFile($data2['download']);
|
|
$data2 = $myUpd->CheckFiles();
|
|
}
|
|
|
|
if(isset($data2['copy'])) {
|
|
$files = $data2['copy'];
|
|
}
|
|
}
|
|
|
|
if($version && $files){
|
|
$data3 = $myUpd->CopyFile($files);
|
|
$data['tocopy'] = (isset($data3['tocopy']) && is_array($data3['tocopy']))?count($data3['tocopy']) : 0;
|
|
if($data['tocopy'] === 0 && function_exists('opcache_reset')) {
|
|
echo json_encode($data);
|
|
opcache_reset();
|
|
exit;
|
|
}
|
|
}
|
|
elseif(!$version) {
|
|
$data = array('error'=>'Keine Version');
|
|
}
|
|
else{
|
|
$data['tocopy'] = 0;
|
|
}
|
|
break;
|
|
case 'upgradedb':
|
|
$nummer = $this->app->Secure->GetPOST('nummer');
|
|
$tmp = $this->app->Conf->WFuserdata . '/tmp/' . $this->app->Conf->WFdbname.'/';
|
|
if(!empty($tmp)) {
|
|
$oldTmp = dirname($tmp).'/';
|
|
foreach(['cache_services.php','cache_javascript.php','cache_classmap.php'] as $file) {
|
|
// Aktuelle Cache-Dateien (MultiDB) löschen
|
|
if(file_exists($tmp.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmp . $file, true);
|
|
}
|
|
@unlink($tmp.$file);
|
|
}
|
|
// Cache-Dateien aus Zeiten vor MultiDB löschen
|
|
if(file_exists($oldTmp.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($oldTmp . $file, true);
|
|
}
|
|
@unlink($oldTmp.$file);
|
|
}
|
|
}
|
|
}
|
|
$className = 'erpAPI';
|
|
if(class_exists('erpAPICustom')) {
|
|
$className = 'erpAPICustom';
|
|
}
|
|
$this->app = new ApplicationCore();
|
|
$methodName = 'UpgradeDatabase';
|
|
try {
|
|
$r = new ReflectionMethod($className, $methodName);
|
|
$params = $r->getParameters();
|
|
$anzargs = count($params);
|
|
}
|
|
catch(Exception $e) {
|
|
$anzargs = 0;
|
|
}
|
|
$obj = new $className($this->app);
|
|
if($obj) {
|
|
$this->app->erp = $obj;
|
|
if(method_exists($obj,'GetTMP')) {
|
|
$tmp = $obj->GetTMP();
|
|
if(!empty($tmp)) {
|
|
$oldTmp = dirname($tmp).'/';
|
|
foreach(['cache_services.php','cache_javascript.php','cache_classmap.php'] as $file) {
|
|
// Aktuelle Cache-Dateien (MultiDB) löschen
|
|
if(file_exists($tmp.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmp . $file, true);
|
|
}
|
|
@unlink($tmp.$file);
|
|
}
|
|
// Cache-Dateien aus Zeiten vor MultiDB löschen
|
|
if(file_exists($oldTmp.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($oldTmp . $file, true);
|
|
}
|
|
@unlink($oldTmp.$file);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if($anzargs > 0) {
|
|
ob_start();
|
|
$data['nr'] = $obj->$methodName($nummer);
|
|
ob_end_clean();
|
|
}
|
|
else{
|
|
ob_start();
|
|
$data['nr'] = $obj->$methodName();
|
|
ob_end_clean();
|
|
}
|
|
echo json_encode($data);
|
|
try {
|
|
$multiDbConfs = ConfigLoader::loadAll();
|
|
$dbname = $this->app->Conf->WFdbname;
|
|
//$cronjobDbs = $this->app->getDbs();
|
|
//if(!empty($cronjobDbs)){
|
|
if(!empty($multiDbConfs)){
|
|
//$first = true;
|
|
foreach ($multiDbConfs as $multiDbKey => $multiDbConf) {
|
|
if($multiDbConf->WFdbname === $dbname) {
|
|
continue;
|
|
}
|
|
|
|
$tmp = $this->app->Conf->WFuserdata . '/tmp/' . $multiDbConf->WFdbname.'/';
|
|
if(!empty($tmp)) {
|
|
foreach(['cache_services.php','cache_javascript.php','cache_classmap.php'] as $file) {
|
|
// Aktuelle Cache-Dateien (MultiDB) löschen
|
|
if(file_exists($tmp.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmp . $file, true);
|
|
}
|
|
@unlink($tmp.$file);
|
|
}
|
|
}
|
|
}
|
|
|
|
unset($this->app);
|
|
$this->app = new ApplicationCore($multiDbConf);
|
|
$this->app->DB = new DB(
|
|
$multiDbConf->WFdbhost,
|
|
$multiDbConf->WFdbname,
|
|
$multiDbConf->WFdbuser,
|
|
$multiDbConf->WFdbpass,
|
|
$this->app,
|
|
$multiDbConf->WFdbport
|
|
);
|
|
$obj->app->DB = $this->app->DB;
|
|
//foreach ($cronjobDbs as $cronjobDb => $cronjobValue) {
|
|
//if($first) {
|
|
// $first = false;
|
|
// continue;
|
|
//}
|
|
//$this->app->changeDbConf($cronjobDb);
|
|
|
|
if($anzargs > 0){
|
|
ob_start();
|
|
$obj->app->DatabaseUpgrade->emptyTableCache();
|
|
$obj->$methodName($nummer);
|
|
ob_end_clean();
|
|
}
|
|
else{
|
|
ob_start();
|
|
$obj->app->DatabaseUpgrade->emptyTableCache();
|
|
$obj->$methodName();
|
|
ob_end_clean();
|
|
}
|
|
if($anzargs > 0 && $nummer < 12) {
|
|
$this->app->erp->setMaintainance(true);
|
|
}
|
|
else {
|
|
$this->app->erp->setMaintainance(false);
|
|
}
|
|
$this->app->erp->SetKonfigurationValue('welcome_changelog_last_save', '');
|
|
$obj->SetKonfigurationValue('welcome_changelog_last_save', '');
|
|
}
|
|
}
|
|
|
|
} catch (Exception $e) {
|
|
|
|
}
|
|
if($anzargs > 0 && $nummer < 12) {
|
|
$this->app->erp->setMaintainance(true, 'updatedb');
|
|
}
|
|
else {
|
|
$this->app->erp->setMaintainance(false, 'updatedb');
|
|
}
|
|
$this->app->erp->SetKonfigurationValue('welcome_changelog_last_save', '');
|
|
exit;
|
|
break;
|
|
}
|
|
|
|
echo json_encode($data);
|
|
exit;
|
|
break;
|
|
default:
|
|
$this->KopiereOrdner(dirname(__DIR__).'/www',dirname(__DIR__).'/www_oss');
|
|
$this->KopiereOrdner(dirname(__DIR__).'/phpwf',dirname(__DIR__).'/phpwf_oss');
|
|
$this->KopiereOrdner(dirname(__DIR__).'/version.php',dirname(__DIR__).'/version_oss.php');
|
|
if(empty($_GET['rand'])) {
|
|
$rand = md5(mt_rand());
|
|
header('Location: update.php?rand='.$rand);
|
|
exit;
|
|
}
|
|
$WAWISION['host']=XENTRAL_UPDATE_HOST;
|
|
$WAWISION['port']='443';
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
|
|
$dateien = new Md5Dateien(dirname(__DIR__).'/www/');
|
|
$dateien2 = new Md5Dateien(dirname(__DIR__).'/phpwf/');
|
|
if(isset($dateien2->Dateien)) {
|
|
if($dateien->Dateien && is_array($dateien->Dateien)) {
|
|
$dateien->Dateien = array_merge($dateien->Dateien, $dateien2->Dateien);
|
|
}
|
|
else{
|
|
$dateien = $dateien2;
|
|
}
|
|
}
|
|
$lines = [];
|
|
$request['dateien'] = $dateien->Dateien;
|
|
$funktions_ind = [];
|
|
$funktions = [];
|
|
if(!empty($dateien->Dateien) && is_array($dateien->Dateien)) {
|
|
foreach($dateien->Dateien as $k => $v) {
|
|
if(
|
|
strtolower(substr($k,-4)) !== '.php'
|
|
|| strpos($k, '_custom') === false
|
|
|| strpos($k,'/vendor/') !== false
|
|
) {
|
|
continue;
|
|
}
|
|
|
|
$datei = __DIR__.'/..'.$k;
|
|
if(!file_exists($datei)) {
|
|
continue;
|
|
}
|
|
|
|
$fh = fopen($datei, 'r');
|
|
if(!$fh) {
|
|
continue;
|
|
}
|
|
|
|
$f_ind = -1;
|
|
$i = -1;
|
|
while(($line = fgets($fh)) !== false) {
|
|
$i++;
|
|
$lines[$i] = $line;
|
|
if(!empty($funktions_ind) && !empty($funktions_ind[$k])) {
|
|
foreach($funktions_ind[$k] as $k2 => $v2) {
|
|
if($v2 + 5 >= $i) {
|
|
$funktions[$k][$k2][] = $line;
|
|
}
|
|
}
|
|
}
|
|
if(strpos($line, 'function') === false) {
|
|
continue;
|
|
}
|
|
$f_ind++;
|
|
$newBorder = 0;
|
|
for($j = $i - 1; $j >= 0; $j--) {
|
|
if(strpos($lines[$j],'*') !== false) {
|
|
$newBorder = $i - $j;
|
|
}
|
|
else{
|
|
break;
|
|
}
|
|
}
|
|
|
|
$border = 5;
|
|
if($newBorder > 5) {
|
|
$border = $newBorder;
|
|
if($border > 25) {
|
|
$border = 25;
|
|
}
|
|
}
|
|
for($j = $i-$border; $j <= $i; $j++) {
|
|
if($j > -1) {
|
|
$funktions[$k][$f_ind][] = $lines[$j];
|
|
}
|
|
}
|
|
$funktions_ind[$k][$f_ind] = $i;
|
|
}
|
|
if(isset($lines)) {
|
|
unset($lines);
|
|
}
|
|
fclose($fh);
|
|
}
|
|
}
|
|
$res = $myUpd->CheckVersionen(!empty($funktions)?$funktions:null);
|
|
if(!empty($myUpd->errormsg)) {
|
|
if(is_string($myUpd->errormsg)) {
|
|
if($myUpd->errormsg === 'ERROR') {
|
|
$myUpd->errormsg = 'Fehler: Die Lizenzdaten sind fehlerhaft / Lizenz abgelaufen';
|
|
}
|
|
$res = '<b style="color:red;font-size:150%">Fehler: '.$myUpd->errormsg.'</b>';
|
|
}
|
|
else{
|
|
$res = json_encode($myUpd->errormsg);
|
|
}
|
|
}
|
|
if($res === 'ERROR') {
|
|
$res = '<b style="color:red;font-size:150%">Fehler: Die Lizenzdaten sind fehlerhaft / Lizenz abgelaufen</b>';
|
|
}
|
|
$this->app->Tpl->Add('PAGE',"<br><center>".$res."</center>");
|
|
echo $this->app->Tpl->FinalParse('update.tpl');
|
|
break;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @param string $quelle
|
|
* @param string $ziel
|
|
*/
|
|
public function KopiereOrdner($quelle, $ziel){
|
|
if(!file_exists($quelle)) {
|
|
return;
|
|
}
|
|
if(is_dir($quelle)) {
|
|
if(!is_dir($ziel)&& !@mkdir($ziel) && !is_dir($ziel)) {
|
|
return;
|
|
}
|
|
$handle = opendir($quelle);
|
|
if(!$handle) {
|
|
return;
|
|
}
|
|
$entries = [];
|
|
while (false !== ($entry = readdir($handle))) {
|
|
if($entry === '.' || $entry === '..') {
|
|
continue;
|
|
}
|
|
$entries[] = $entry;
|
|
}
|
|
closedir($handle);
|
|
if(empty($entries)) {
|
|
return;
|
|
}
|
|
foreach($entries as $entry) {
|
|
$this->KopiereOrdner(rtrim($quelle,'/').'/'.$entry, rtrim($ziel,'/').'/'.$entry);
|
|
}
|
|
return;
|
|
}
|
|
if(file_exists($ziel)) {
|
|
return;
|
|
}
|
|
|
|
@copy($quelle, $ziel);
|
|
}
|
|
|
|
}
|
|
if(!empty($intern)){
|
|
if(is_file(dirname(__DIR__).'/conf/main.conf.php')){
|
|
error_reporting(0);
|
|
include_once dirname(__DIR__) . '/conf/main.conf.php';
|
|
$config = new Config();
|
|
$tmp = $config->WFuserdata . '/tmp/' . $config->WFdbname.'/';
|
|
$app = new UpdateerpooSystem($config);
|
|
$player = new UpdatePlayer();
|
|
$player->KopiereOrdner(dirname(__DIR__).'/www',dirname(__DIR__).'/www_oss');
|
|
$player->KopiereOrdner(dirname(__DIR__).'/phpwf',dirname(__DIR__).'/phpwf_oss');
|
|
$player->KopiereOrdner(dirname(__DIR__).'/version.php',dirname(__DIR__).'/version_oss.php');
|
|
|
|
$WAWISION['host']= XENTRAL_UPDATE_HOST;
|
|
$WAWISION['port']='443';
|
|
if(!empty($createversion)) {
|
|
$WAWISION['version'] = $createversion;
|
|
}
|
|
$myUpd = new UpgradeClient($WAWISION, $app);
|
|
|
|
$dateien = new Md5Dateien(dirname(__DIR__).'/www/');
|
|
$dateien2 = new Md5Dateien(dirname(__DIR__).'/phpwf/');
|
|
if(isset($dateien2->Dateien)) {
|
|
if($dateien->Dateien && is_array($dateien->Dateien)) {
|
|
$dateien->Dateien = array_merge($dateien->Dateien, $dateien2->Dateien);
|
|
}
|
|
else{
|
|
$dateien = $dateien2;
|
|
}
|
|
}
|
|
$request['dateien'] = $dateien->Dateien;
|
|
$funktions_ind = [];
|
|
if(!empty($dateien->Dateien) && is_array($dateien->Dateien)) {
|
|
foreach($dateien->Dateien as $k => $v) {
|
|
if(!(strtolower(substr($k,-4)) === '.php' &&
|
|
strpos($k, '_custom') !== false)) {
|
|
continue;
|
|
}
|
|
|
|
$datei = __DIR__.'/..'.$k;
|
|
if(!file_exists($datei)) {
|
|
continue;
|
|
}
|
|
|
|
$fh = fopen($datei, 'r');
|
|
if(!$fh) {
|
|
continue;
|
|
}
|
|
|
|
$f_ind = -1;
|
|
$i = -1;
|
|
while(($line = fgets($fh)) !== false) {
|
|
$i++;
|
|
$lines[$i] = $line;
|
|
if(!empty($funktions_ind) && !empty($funktions_ind[$k])) {
|
|
foreach($funktions_ind[$k] as $k2 => $v2) {
|
|
if($v2 + 5 >= $i) {
|
|
$funktions[$k][$k2][] = $line;
|
|
}
|
|
}
|
|
}
|
|
if(strpos($line, 'function') !== false) {
|
|
$f_ind++;
|
|
for($j = $i-5; $j <= $i; $j++) {
|
|
if($j > -1) {
|
|
$funktions[$k][$f_ind][] = $lines[$j];
|
|
}
|
|
}
|
|
$funktions_ind[$k][$f_ind] = $i;
|
|
}
|
|
}
|
|
if(isset($lines)) {
|
|
unset($lines);
|
|
}
|
|
fclose($fh);
|
|
}
|
|
}
|
|
|
|
$res = $myUpd->CheckVersionen(null,true);
|
|
if(empty($res) || (is_string($res) && stripos($res,'Error') === 0) || !empty($res['error'])) {
|
|
usleep(1000000);
|
|
$res = $myUpd->CheckVersionen(null,true);
|
|
}
|
|
if(!empty($res['current_version'])) {
|
|
$WAWISION['version'] = $res['current_version'];
|
|
$myUpd = new UpgradeClient($WAWISION, $app);
|
|
}
|
|
elseif(!empty($res['version'])) {
|
|
$WAWISION['version'] = $res['version'];
|
|
}
|
|
|
|
$res = $myUpd->CheckVersionen(null,true);
|
|
if(empty($res) || (is_string($res) && stripos($res,'Error') === 0) || !empty($res['error'])) {
|
|
usleep(1000000);
|
|
$res = $myUpd->CheckVersionen(null,true);
|
|
}
|
|
if(!empty($res['current_version'] && !empty($res['version']) && $res['current_version'] !== $res['version'])) {
|
|
if(empty($allowChangeVersion)) {
|
|
echo 'Version '.$res['version'].' ist nicht kompatibel zur eingestellten '.$res['current_version'].": abgebrochen\r\n";
|
|
echo "benutzen Sie\n";
|
|
echo "php upgradesystem changeversion\n";
|
|
echo "um die Version umsustellen\n";
|
|
return;
|
|
}
|
|
|
|
$parameter['version']=$res['current_version'];
|
|
$parameter['versionname']=$res['version'];
|
|
if($parameter['versionname'] && $parameter['versionname'] != $parameter['version']) {
|
|
$changeversion = $myUpd->Request('changeversion',$parameter);
|
|
if(empty($changeversion) || (is_string($changeversion) && stripos($changeversion,'Error') === 0)) {
|
|
usleep(1000000);
|
|
$changeversion = $myUpd->Request('changeversion',$parameter);
|
|
}
|
|
if(!empty($changeversion)) {
|
|
$res['version'] = $changeversion;
|
|
}
|
|
}
|
|
}
|
|
|
|
$version = '';
|
|
if(!empty($res['version'])) {
|
|
$version = $res['version'];
|
|
}
|
|
elseif(!empty($res['error'])) {
|
|
print_r($res['error']);
|
|
echo "\n";
|
|
return;
|
|
}
|
|
$files = false;
|
|
if($version) {
|
|
|
|
$data2 = $myUpd->CheckFiles();
|
|
$maxRetries = 3;
|
|
while((is_string($data2) && stripos($data2,'Error') === 0) || !isset($data2['download'])){
|
|
usleep(1000000);
|
|
$data2 = $myUpd->CheckFiles();
|
|
$maxRetries--;
|
|
if($maxRetries <= 0) {
|
|
break;
|
|
}
|
|
}
|
|
|
|
if(isset($data2['download'])){
|
|
echo 'Download Files: ...';
|
|
$myUpd->DownloadFile($data2['download'], 0, true);
|
|
if(!is_file(dirname(__DIR__) . '/key.php') && !is_file(dirname(__DIR__) . '/download/key.php')) {
|
|
$myUpd->DownloadFile($data2['download'], 0, true);
|
|
}
|
|
$data2 = $myUpd->CheckFiles();
|
|
$maxRetries = 3;
|
|
while(is_string($data2) && stripos($data2,'Error') === 0) {
|
|
usleep(1000000);
|
|
$data2 = $myUpd->CheckFiles();
|
|
$maxRetries--;
|
|
if($maxRetries <= 0) {
|
|
break;
|
|
}
|
|
}
|
|
if(!empty($data2['download'])) {
|
|
$myUpd->DownloadFile($data2['download'], 0, true);
|
|
$data2 = $myUpd->CheckFiles();
|
|
}
|
|
echo "done\n";
|
|
}
|
|
if((is_string($data2) && stripos($data2,'Error') === 0) || !isset($data2['copy'])) {
|
|
usleep(1000000);
|
|
$data2 = $myUpd->CheckFiles();
|
|
}
|
|
if(isset($data2['copy'])) {
|
|
$files = $data2['copy'];
|
|
}
|
|
}
|
|
|
|
if($version && $files) {
|
|
echo 'Copy Files...';
|
|
$data3 = $myUpd->CopyFile($files, 0);
|
|
$data2 = $myUpd->CheckFiles();
|
|
if(isset($data2['download'])){
|
|
$myUpd->DownloadFile($data2['download'], 0, true);
|
|
$data2 = $myUpd->CheckFiles();
|
|
if(isset($data2['copy'])) {
|
|
$files = $data2['copy'];
|
|
$data3 = $myUpd->CopyFile($files, 0);
|
|
}
|
|
}
|
|
$data['tocopy'] = (isset($data3['tocopy']) && is_array($data3['tocopy']))?count($data3['tocopy']):0;
|
|
echo "done\n";
|
|
}
|
|
elseif(!$version) {
|
|
$data = array('error'=>'Keine Version');
|
|
}
|
|
else{
|
|
$data['tocopy'] = 0;
|
|
}
|
|
|
|
if(!empty($tmp)) {
|
|
$tmpOld = dirname($tmp).'/';
|
|
foreach(['cache_services.php','cache_javascript.php','cache_classmap.php'] as $file) {
|
|
if(file_exists($tmp.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmp . $file, true);
|
|
}
|
|
@unlink($tmp.$file);
|
|
}
|
|
if(file_exists($tmpOld.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmpOld . $file, true);
|
|
}
|
|
@unlink($tmpOld.$file);
|
|
}
|
|
}
|
|
}
|
|
if(file_exists(dirname(__DIR__).'/xentral_autoloader.php')){
|
|
$app = new ApplicationCore($config);
|
|
}
|
|
$className = 'erpAPI';
|
|
if(class_exists('erpAPICustom')) {
|
|
$className = 'erpAPICustom';
|
|
}
|
|
$methodName = 'UpgradeDatabase';
|
|
$nummer = 0;
|
|
$r = new ReflectionMethod($className, $methodName);
|
|
$params = $r->getParameters();
|
|
$anzargs = count($params);
|
|
$obj = new $className($app);
|
|
if($obj) {
|
|
$app->erp = $obj;
|
|
if(method_exists($obj,'GetTMP')) {
|
|
$tmp = $obj->GetTMP();
|
|
$tmpOld = dirname($tmp).'/';
|
|
if(!empty($tmp)) {
|
|
foreach(['cache_services.php','cache_javascript.php','cache_classmap.php'] as $file) {
|
|
if(file_exists($tmp.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmp . $file, true);
|
|
}
|
|
@unlink($tmp.$file);
|
|
}
|
|
if(file_exists($tmpOld.$file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmpOld . $file, true);
|
|
}
|
|
@unlink($tmpOld.$file);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
echo 'Upgrade DB...';
|
|
if($anzargs > 0) {
|
|
ob_start();
|
|
$data['nr'] = $obj->$methodName($nummer);
|
|
ob_end_clean();
|
|
}
|
|
else {
|
|
ob_start();
|
|
$data['nr'] = $obj->$methodName();
|
|
ob_end_clean();
|
|
}
|
|
echo "done\n";
|
|
}
|
|
}
|
|
elseif(!empty($testapp)) {
|
|
$WAWISION['host']=XENTRAL_UPDATE_HOST;
|
|
$WAWISION['port']='443';
|
|
$myUpd = new UpgradeClient($WAWISION, $this->app);
|
|
$result = $myUpd->TestModul($testapp);
|
|
if(empty($result) || (is_string($result) && stripos($result,'Error') === 0)) {
|
|
usleep(1000000);
|
|
$result = $myUpd->TestModul($testapp);
|
|
}
|
|
}
|
|
else{
|
|
if(is_file(dirname(__DIR__).'/conf/main.conf.php')) {
|
|
include_once dirname(__DIR__).'/conf/main.conf.php';
|
|
if(empty($_GET['action'])) {
|
|
header('Expires: Thu, 19 Nov 1981 08:52:00 GMT');
|
|
header('Cache-Control: no-store, no-cache, must-revalidate');
|
|
header('Pragma: no-cache');
|
|
}
|
|
|
|
if(isset($_GET['action']) && $_GET['action'] === 'ajax' && isset($_GET['cmd']) && 'upgradedb' === $_GET['cmd']){
|
|
$config = new Config();
|
|
$tmp = $config->WFuserdata.'/tmp/';
|
|
foreach(['cache_services.php','cache_javascript.php','cache_classmap.php'] as $file) {
|
|
if(file_exists($tmp . $file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmp . $file, true);
|
|
}
|
|
@unlink($tmp.$file);
|
|
}
|
|
if(file_exists($tmp . $config->WFdbname . '/' . $file)) {
|
|
if(function_exists('opcache_invalidate')) {
|
|
opcache_invalidate($tmp . $config->WFdbname . '/' . $file, true);
|
|
}
|
|
@unlink($tmp . $config->WFdbname . '/' . $file);
|
|
}
|
|
}
|
|
|
|
$config = ConfigLoader::load();
|
|
}
|
|
else {
|
|
$config = new Config();
|
|
}
|
|
$app = new UpdateerpooSystem($config);
|
|
$session = new UpdateSession();
|
|
$session->Check($app);
|
|
$player = new UpdatePlayer();
|
|
$player->Run($session);
|
|
}
|
|
}
|