mirror of
https://github.com/Mibew/i18n.git
synced 2025-11-04 10:35:08 +03:00
fix cr in .htaccess; disable drop tables; do not show change password/delete install folder if admin has password; check file permissions/checksum
This commit is contained in:
Evgeny Gryaznov
parent
f832e38e75
commit
c6c614b3c2
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,4 +1,5 @@
|
||||
src/messenger/.idea/workspace.xml
|
||||
src/messenger/webim/install/package
|
||||
src/messenger/absent_*
|
||||
src/messenger/release*
|
||||
.DS_Store
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
#!/usr/bin/perl
|
||||
|
||||
use Digest::MD5 qw(md5 md5_hex md5_base64);
|
||||
|
||||
@rules = (
|
||||
["redirect(ed)?\\.tpl", 1],
|
||||
["\\.tpl", 0],
|
||||
@ -115,8 +117,12 @@ sub file_content($) {
|
||||
my $oldslash = $/;
|
||||
$/ = EOI;
|
||||
$content = <IN1>;
|
||||
$content =~ s/\r//g;
|
||||
close( IN1 );
|
||||
if($content =~ s/\r//g) {
|
||||
open( OUT1, "> $input") or die "cannot fix $input";
|
||||
print OUT1 $content;
|
||||
close(OUT1);
|
||||
}
|
||||
$/ = $oldslash;
|
||||
return $content;
|
||||
}
|
||||
@ -153,8 +159,21 @@ sub process_php($) {
|
||||
}
|
||||
}
|
||||
|
||||
sub file_checksum($) {
|
||||
my ($source) = @_;
|
||||
if($source =~ /\.(png|gif|jpg|ico|wav)$/) {
|
||||
return "-";
|
||||
}
|
||||
|
||||
my $content = file_content($source);
|
||||
return md5_hex($content);
|
||||
}
|
||||
|
||||
@allsources = ();
|
||||
|
||||
sub process_one($) {
|
||||
my($source) = @_;
|
||||
push @allsources, $source unless $source =~ /$webimPath\/locales/ && $source !~ /$webimPath\/locales\/(en|names)/ || $source =~ /\/package$/;
|
||||
|
||||
if($source !~ /\.(php|tpl)$/) {
|
||||
return;
|
||||
@ -216,3 +235,11 @@ for $key(sort grep { $messagekeys{$_} == 1 } keys %messagekeys) {
|
||||
print OUT "$key\n";
|
||||
}
|
||||
close( OUT );
|
||||
|
||||
open( OUT, "> $webimPath/install/package") or die "cannot write file, $!";
|
||||
for $key(sort @allsources) {
|
||||
$digest = file_checksum($key);
|
||||
$key =~ s/$webimPath\///;
|
||||
print OUT "$key $digest\n";
|
||||
}
|
||||
close( OUT );
|
||||
|
||||
@ -57,6 +57,10 @@ if ($act == "silentcreateall") {
|
||||
create_table($id, $link);
|
||||
}
|
||||
} else if ($act == "dt") {
|
||||
|
||||
# comment this line to be able to drop tables
|
||||
show_install_err("For security reasons, removing tables is disabled by default");
|
||||
|
||||
foreach (array_keys($dbtables) as $id) {
|
||||
mysql_query("DROP TABLE IF EXISTS $id", $link) or show_install_err(' Query failed: ' . mysql_error($link));
|
||||
}
|
||||
|
||||
@ -54,6 +54,90 @@ function check_webimroot()
|
||||
return true;
|
||||
}
|
||||
|
||||
function fpermissions($file)
|
||||
{
|
||||
$perms = fileperms($file);
|
||||
if (($perms & 0x8000) == 0x8000) {
|
||||
$info = '-';
|
||||
} elseif (($perms & 0x4000) == 0x4000) {
|
||||
$info = 'd';
|
||||
} else {
|
||||
$info = '?';
|
||||
}
|
||||
|
||||
// Owner
|
||||
$info .= (($perms & 0x0100) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0080) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0040) ?
|
||||
(($perms & 0x0800) ? 's' : 'x') :
|
||||
(($perms & 0x0800) ? 'S' : '-'));
|
||||
|
||||
// Group
|
||||
$info .= (($perms & 0x0020) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0010) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0008) ?
|
||||
(($perms & 0x0400) ? 's' : 'x') :
|
||||
(($perms & 0x0400) ? 'S' : '-'));
|
||||
|
||||
// World
|
||||
$info .= (($perms & 0x0004) ? 'r' : '-');
|
||||
$info .= (($perms & 0x0002) ? 'w' : '-');
|
||||
$info .= (($perms & 0x0001) ?
|
||||
(($perms & 0x0200) ? 't' : 'x') :
|
||||
(($perms & 0x0200) ? 'T' : '-'));
|
||||
|
||||
return $info;
|
||||
}
|
||||
|
||||
function check_files()
|
||||
{
|
||||
global $page, $errors, $webimroot;
|
||||
|
||||
$packageFile = dirname(__FILE__) . "/package";
|
||||
$fp = @fopen($packageFile, "r");
|
||||
if ($fp === FALSE) {
|
||||
$errors[] = "Cannot open file $webimroot/install/package";
|
||||
if (file_exists($packageFile)) {
|
||||
$errors[] = getlocal2("install.check_permissions", array(fpermissions($packageFile)));
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
$knownFiles = array();
|
||||
while (!feof($fp)) {
|
||||
$line = fgets($fp, 4096);
|
||||
$keyval = preg_split("/ /", $line, 2);
|
||||
if (isset($keyval[1])) {
|
||||
$knownFiles[$keyval[0]] = trim($keyval[1]);
|
||||
}
|
||||
}
|
||||
fclose($fp);
|
||||
|
||||
foreach ($knownFiles as $file => $sum) {
|
||||
$relativeName = dirname(__FILE__) . "/../$file";
|
||||
if (!is_readable($relativeName)) {
|
||||
if (file_exists($relativeName)) {
|
||||
$errors[] = "Cannot read file $webimroot/$file";
|
||||
$errors[] = getlocal2("install.check_permissions", array(fpermissions($relativeName)));
|
||||
} else {
|
||||
$errors[] = "File is absent: $webimroot/$file";
|
||||
}
|
||||
return false;
|
||||
}
|
||||
if ($sum != "-") {
|
||||
$result = md5_file($relativeName);
|
||||
if ($result != $sum) {
|
||||
$errors[] = "Checksum differs for $webimroot/$file";
|
||||
$errors[] = getlocal("install.check_files");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$page['done'][] = getlocal("install.0.package");
|
||||
return true;
|
||||
}
|
||||
|
||||
function check_connection()
|
||||
{
|
||||
global $mysqlhost, $mysqllogin, $mysqlpass, $page, $errors, $webimroot;
|
||||
@ -144,7 +228,8 @@ function check_columns($link)
|
||||
return true;
|
||||
}
|
||||
|
||||
function check_sound() {
|
||||
function check_sound()
|
||||
{
|
||||
global $page;
|
||||
|
||||
$page['soundcheck'] = true;
|
||||
@ -154,6 +239,19 @@ function check_sound() {
|
||||
));
|
||||
}
|
||||
|
||||
function check_admin($link)
|
||||
{
|
||||
global $mysqlprefix;
|
||||
$result = mysql_query("select * from ${mysqlprefix}chatoperator where vclogin = 'admin'", $link);
|
||||
if ($result) {
|
||||
$line = mysql_fetch_array($result, MYSQL_ASSOC);
|
||||
mysql_free_result($result);
|
||||
return $line['vcpassword'] != md5('');
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
function check_status()
|
||||
{
|
||||
global $page, $webimroot, $settings, $dbversion;
|
||||
@ -162,6 +260,10 @@ function check_status()
|
||||
return;
|
||||
}
|
||||
|
||||
if (!check_files()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$link = check_connection();
|
||||
if (!$link) {
|
||||
return;
|
||||
@ -186,9 +288,11 @@ function check_status()
|
||||
|
||||
$page['done'][] = getlocal("installed.message");
|
||||
|
||||
if (!check_admin($link)) {
|
||||
$page['nextstep'] = getlocal("installed.login_link");
|
||||
$page['nextnotice'] = getlocal2("installed.notice", array("${webimroot}/install/"));
|
||||
$page['nextstepurl'] = "$webimroot/";
|
||||
}
|
||||
|
||||
$page['show_small_login'] = true;
|
||||
|
||||
|
||||
@ -166,6 +166,7 @@ image.chat.history=/locales/en/images/history.gif
|
||||
image.chat.message=/locales/en/images/message.gif
|
||||
image.chat.sprite=/locales/en/images/wmchat.png
|
||||
install.0.app=Application path is {0}
|
||||
install.0.package=Mibew package is verified.
|
||||
install.1.connected=You are connected to MySQL server version {0}
|
||||
install.2.create=Create database "{0}"
|
||||
install.2.db_exists=Database "{0}" is created.
|
||||
@ -178,6 +179,8 @@ install.4.notice=Structure of your tables should be adjusted for new version of
|
||||
install.5.text=Click to check the sound: {0} and {1}
|
||||
install.5.newmessage=New Message
|
||||
install.5.newvisitor=New Visitor
|
||||
install.check_permissions=Insufficient file permissions {0}
|
||||
install.check_files=Please, re-upload files to the server.
|
||||
install.connection.error=Could not connect, please check server settings in config.php. Error: {0}
|
||||
install.done=Completed:
|
||||
install.err.back=Resvole problem and try again. Press <a>back</a> to return to wizard.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user