- moved from ..

2024-11-26 15:32:13 +00:00 · 2011-12-06 12:42:58 +00:00 · 2011-12-06 12:42:58 +00:00 · 1221996207
commit 1221996207
parent 400d09c20d
12 changed files with 554 additions and 0 deletions
--- a/install/update-1.8.1/update.php
+++ b/install/update-1.8.1/update.php
@ -0,0 +1,124 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.AccessUtils.php");
+include("../inc/inc.ClassAccess.php");
+include("../inc/inc.ClassDocument.php");
+include("../inc/inc.ClassFolder.php");
+include("../inc/inc.ClassGroup.php");
+include("../inc/inc.ClassUser.php");
+include("../inc/inc.DBAccess.php");
+include("../inc/inc.FileUtils.php");
+include("../inc/inc.Authentication.php");
+
+print "<html></body>";
+
+if (!$user->isAdmin()) {
+	print "<b>ERROR: You must be administrator to execute the update</b>";
+	die;
+}
+
+function update_content()
+{
+
+	GLOBAL $db,$settings;
+	
+	// create temp folder
+	if (!makedir($settings->_contentDir."/temp")) return false;
+	
+	// for all contents
+	$queryStr = "SELECT * FROM tblDocumentContent";
+	$contents = $db->getResultArray($queryStr);
+	
+	if (is_bool($contents)&&!$contents) return false;
+	
+	for ($i=0;$i<count($contents);$i++){
+	
+		// create temp/documentID folder
+		if (!makedir($settings->_contentDir."/temp/".$contents[$i]["document"])) return false;
+		
+		// move every content in temp/documentID/version.fileType
+		$source = $settings->_contentDir."/".$contents[$i]["dir"]."/data".$contents[$i]["fileType"];
+
+		$target = $settings->_contentDir."/temp/".$contents[$i]["document"]."/".$contents[$i]["version"].$contents[$i]["fileType"];		
+		if (!copyFile($source, $target)) return false;
+	}
+	
+	
+	// change directory
+	if (!renameDir($settings->_contentDir."/".$settings->_contentOffsetDir,$settings->_contentDir."/old")) return false;
+	if (!renameDir($settings->_contentDir."/temp",$settings->_contentDir."/".$settings->_contentOffsetDir)) return false;
+	
+	return true;
+}
+
+function update_db()
+{
+	GLOBAL $db,$settings;
+
+	// for all contents
+	$queryStr = "SELECT * FROM tblDocumentContent";
+	$contents = $db->getResultArray($queryStr);
+	
+	if (is_bool($contents)&&!$contents) return false;
+	
+	for ($i=0;$i<count($contents);$i++){
+	
+		$queryStr = "UPDATE tblDocumentContent set dir = '". $settings->_contentOffsetDir."/".$contents[$i]["document"]."/' WHERE document = ".$contents[$i]["document"];
+		if (!$db->getResult($queryStr)) return false;
+	
+	}
+
+	// run the update-2.0.sql
+	$fd = fopen ("update.sql", "r");
+	
+	if (is_bool($fd)&&!$fd) return false;
+	
+	$queryStr = fread($fd, filesize("update.sql"));
+	
+	if (is_bool($queryStr)&&!$queryStr) return false;
+	
+	fclose ($fd);
+	if (!$db->getResult($queryStr)) return false;
+	
+	return true;
+}
+
+
+print "<b>Updating ...please wait</b><br>";
+
+
+if (!update_content()) {
+	print "<b>ERROR: An error occurred during the directory reordering</b>";
+	die;
+}
+
+if (!update_db()) {
+	print "<b>ERROR: An error occurred during the DB update</b>";
+	print "<br><b>Please try to execute the update.sql manually</b>";
+	die;
+}
+
+print "<b>Update done</b><br>";
+
+
print "</body></html>";
+
+?>
--- a/install/update-1.8.1/update.sql
+++ b/install/update-1.8.1/update.sql
@ -0,0 +1,33 @@
+-- mysql -uroot -ppassword mydms < update.sql
+-- this script must be executed when updating form a version < 1.8.1
+
+-- --------------------------------------------------------
+
+-- 
+-- New table for document-related files
+-- 
+
+CREATE TABLE `tblDocumentFiles` (
+  `id` int(11) NOT NULL auto_increment,
+  `document` int(11) NOT NULL default '0',
+  `userID` int(11) NOT NULL default '0',
+  `comment` text,
+  `name` varchar(150) default NULL,
+  `date` int(12) default NULL,
+  `dir` varchar(255) NOT NULL default '',
+  `orgFileName` varchar(150) NOT NULL default '',
+  `fileType` varchar(10) NOT NULL default '',
+  `mimeType` varchar(70) NOT NULL default '',  
+  PRIMARY KEY  (`id`)
+) ;
+
+-- --------------------------------------------------------
+
+-- 
+-- Not longer required by new filesystem structure
+-- 
+
+DROP TABLE `tblDirPath`;
+DROP TABLE `tblPathList`;
+
+
--- a/install/update-1.9.0/update.php
+++ b/install/update-1.9.0/update.php
@ -0,0 +1,73 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.AccessUtils.php");
+include("../inc/inc.ClassAccess.php");
+include("../inc/inc.ClassDocument.php");
+include("../inc/inc.ClassFolder.php");
+include("../inc/inc.ClassGroup.php");
+include("../inc/inc.ClassUser.php");
+include("../inc/inc.DBAccess.php");
+include("../inc/inc.FileUtils.php");
+include("../inc/inc.Authentication.php");
+
+print "<html></body>";
+
+if (!$user->isAdmin()) {
+	print "<b>ERROR: You must be administrator to execute the update</b>";
+	die;
+}
+
+function update_db()
+{
+	global $db;
+
+	$fd = fopen ("update.sql", "r");
+	
+	if (is_bool($fd)&&!$fd) return false;
+
+	$queryStr = fread($fd, filesize("update.sql"));
+	
+	if (is_bool($queryStr)&&!$queryStr) return false;
+	
+	fclose ($fd);
+	if (!$db->getResult($queryStr)) return false;
+	
+	return true;
+}
+
+print "<b>Updating ...please wait</b><br>";
+
+print "<pre>";
+
+if (!update_db()) {
+
+	print "</pre>";
+
+	print "<b>ERROR: An error occurred during the DB update</b>";
+	print "<br><b>Please try to execute the update.sql manually</b>";
+	die;
+
+}else print "</pre><b>Update done</b><br>";
+
+
print "</body></html>";
+
+?>
--- a/install/update-1.9.0/update.sql
+++ b/install/update-1.9.0/update.sql
@ -0,0 +1,38 @@
+-- mysql -uyouruser -pyourpassword yourdb < update.sql
+-- this script must be executed when updating form a version < 1.9
+
+-- --------------------------------------------------------
+
+-- 
+-- New field for hidden users
+-- 
+
+ALTER TABLE `tblUsers` ADD `hidden` smallint(1) NOT NULL default '0' ;
+
+-- 
+-- New field for group manager permission
+-- 
+
+ALTER TABLE `tblGroupMembers` ADD `manager` smallint(1) NOT NULL default '0' ;
+
+-- 
+-- Table structure for mandatory reviewers
+-- 
+
+CREATE TABLE `tblMandatoryReviewers` (
+  `userID` int(11) NOT NULL default '0',
+  `reviewerUserID` int(11) NOT NULL default '0',
+  `reviewerGroupID` int(11) NOT NULL default '0',
+  PRIMARY KEY  (`userID`,`reviewerUserID`,`reviewerGroupID`)
+) ;
+
+-- 
+-- Table structure for mandatory approvers
+-- 
+
+CREATE TABLE `tblMandatoryApprovers` (
+  `userID` int(11) NOT NULL default '0',
+  `approverUserID` int(11) NOT NULL default '0',
+  `approverGroupID` int(11) NOT NULL default '0',
+  PRIMARY KEY  (`userID`,`approverUserID`,`approverGroupID`)
+) ;
--- a/install/update-2.0.1/update.php
+++ b/install/update-2.0.1/update.php
@ -0,0 +1,73 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.AccessUtils.php");
+include("../inc/inc.ClassAccess.php");
+include("../inc/inc.ClassDocument.php");
+include("../inc/inc.ClassFolder.php");
+include("../inc/inc.ClassGroup.php");
+include("../inc/inc.ClassUser.php");
+include("../inc/inc.DBAccess.php");
+include("../inc/inc.FileUtils.php");
+include("../inc/inc.Authentication.php");
+
+print "<html></body>";
+
+if (!$user->isAdmin()) {
+	print "<b>ERROR: You must be administrator to execute the update</b>";
+	die;
+}
+
+function update_db()
+{
+	global $db;
+
+	$fd = fopen ("update.sql", "r");
+	
+	if (is_bool($fd)&&!$fd) return false;
+
+	$queryStr = fread($fd, filesize("update.sql"));
+	
+	if (is_bool($queryStr)&&!$queryStr) return false;
+	
+	fclose ($fd);
+	if (!$db->getResult($queryStr)) return false;
+	
+	return true;
+}
+
+print "<b>Updating ...please wait</b><br>";
+
+print "<pre>";
+
+if (!update_db()) {
+
+	print "</pre>";
+
+	print "<b>ERROR: An error occurred during the DB update</b>";
+	print "<br><b>Please try to execute the update.sql manually</b>";
+	die;
+
+}else print "</pre><b>Update done</b><br>";
+
+
print "</body></html>";
+
+?>
--- a/install/update-2.0.1/update.sql
+++ b/install/update-2.0.1/update.sql
@ -0,0 +1,19 @@
+-- mysql -uyouruser -pyourpassword yourdb < update.sql
+-- this script must be executed when updating form a version < 2.0
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for events (calendar)
+-- 
+
+CREATE TABLE `tblEvents` (
+  `id` int(11) NOT NULL auto_increment,
+  `name` varchar(150) default NULL,
+  `comment` text,
+  `start` int(12) default NULL,
+  `stop` int(12) default NULL,
+  `date` int(12) default NULL,
+  `userID` int(11) NOT NULL default '0',
+  PRIMARY KEY  (`id`)
+) ;
--- a/install/update-3.0.0/update.sql
+++ b/install/update-3.0.0/update.sql
@ -0,0 +1,12 @@
+ALTER TABLE tblUsers ADD COLUMN `role` smallint(1) NOT NULL default '0' AFTER `isAdmin`;
+UPDATE tblUsers SET `role` = 1 WHERE `isAdmin` = 1;
+UPDATE tblUsers SET `role` = 2 WHERE `id` = 2;
+ALTER TABLE tblUsers DROP COLUMN isAdmin;
+ALTER TABLE tblFolders ADD COLUMN `date` int(12) default NULL AFTER `comment`;
+CREATE TABLE `tblVersion` (
+	`date` datetime,
+	`major` smallint,
+	`minor` smallint,
+	`subminor` smallint
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+INSERT INTO tblVersion VALUES (NOW(), 3, 0, 0);
--- a/install/update-3.1.0/update.sql
+++ b/install/update-3.1.0/update.sql
@ -0,0 +1,10 @@
+CREATE TABLE `tblCategory` (
+  `id` int(11) NOT NULL auto_increment,
+  `name` text NOT NULL,
+  PRIMARY KEY  (`id`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+INSERT INTO tblCategory VALUES (0, '');
+CREATE TABLE `tblDocumentCategory` (
+  `categoryID` int(11) NOT NULL default 0,
+  `documentID` int(11) NOT NULL default 0
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
--- a/install/update-3.2.0/update.sql
+++ b/install/update-3.2.0/update.sql
@ -0,0 +1 @@
+UPDATE tblVersion set major=3, minor=2, subminor=0;
--- a/install/update-3.3.0/update.php
+++ b/install/update-3.3.0/update.php
@ -0,0 +1,116 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Version.php");
+include("../inc/inc.Settings.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.ClassUI.php");
+include("../inc/inc.Authentication.php");
+
+if (!$user->isAdmin()) {
+	print "<b>ERROR: You must be administrator to execute the update</b>";
+	die;
+}
+
+function check($doupdate=0) {
+	global $db, $settings;
+
+	$arr = array();
+	$arr['tblDocuments'] = array('key'=>'id', 'fields'=>array('name', 'comment', 'keywords'));
+	$arr['tblDocumentFiles'] = array('key'=>'id', 'fields'=>array('name', 'comment', 'mimeType'));
+	$arr['tblFolders'] = array('key'=>'id', 'fields'=>array('name', 'comment'));
+	$arr['tblUsers'] = array('key'=>'id', 'fields'=>array('fullName', 'comment'));
+	$arr['tblGroups'] = array('key'=>'id', 'fields'=>array('name', 'comment'));
+	$arr['tblKeywords'] = array('key'=>'id', 'fields'=>array('keywords'));
+	$arr['tblKeywordCategories'] = array('key'=>'id', 'fields'=>array('name'));
+	$arr['tblCategory'] = array('key'=>'id', 'fields'=>array('name'));
+	$arr['tblEvents'] = array('key'=>'id', 'fields'=>array('name', 'comment'));
+	$arr['tblDocumentApproveLog'] = array('key'=>'approveLogId', 'fields'=>array('comment'));
+	$arr['tblDocumentStatusLog'] = array('key'=>'statusLogId', 'fields'=>array('comment'));
+	$arr['tblDocumentReviewLog'] = array('key'=>'reviewLogId', 'fields'=>array('comment'));
+	$arr['tblDocumentContent'] = array('keys'=>array('document', 'version'), 'fields'=>array('comment', 'mimeType'));
+
+	$allupdates = array();
+	echo "<table>\n";
+	echo "<tr><th>Table</th><th>Field</th><th>Old Value</th><th>New Value</th><th>Update statement</th></tr>\n";
+	foreach($arr as $tblname => $schema) {
+		if(isset($schema['key']))
+			$queryStr = "SELECT ".$schema['key'].", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
+		elseif(isset($schema['keys']))
+			$queryStr = "SELECT ".implode(',', $schema['keys']).", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
+		$recs = $db->getResultArray($queryStr);
+		foreach($recs as $rec) {
+			foreach($schema['fields'] as $field) {
+				if($rec[$field] !== mydmsDecodeString($rec[$field])) {
+					$updateSql = "UPDATE ".$tblname." SET `".$field."`=".$db->qstr(mydmsDecodeString($rec[$field]))." where ";
+					if(isset($schema['key']))
+						$updateSql .= $schema['key']."=".$rec[$schema['key']];
+					elseif(isset($schema['keys'])) {
+						$where = array();
+						foreach($schema['keys'] as $key) {
+							$where[] = $key."=".$rec[$key];
+						}
+						$updateSql .= implode(' AND ', $where);
+					}
+					$allupdates[] = $updateSql;
+					echo "<tr><td>".$tblname."</td><td>".$field."</td><td>".htmlspecialchars($rec[$field])."</td><td>".htmlspecialchars(mydmsDecodeString($rec[$field]))."</td><td><pre>".htmlspecialchars($updateSql)."</pre></td></tr>\n";
+					if($doupdate) {
+						$res = $db->getResult($updateSql);
+						if(!$res) {
+							$errormsg = 'Could not execute update statement';
+							echo "<tr><td colspan=\"5\"><span style=\"color: red;\">".$errormsg."</span></td></tr>\n";
+						} else {
+							$errormsg = 'Object updated';
+							echo "<tr><td colspan=\"5\"><span style=\"color: green;\">".$errormsg."</span></td></tr>\n";
+						}
+					}
+				}
+			}
+		}
+	}
+	echo "</table>\n";
+	echo "<b>Summary of all updates</b><br />\n";
+	echo "<pre>".implode("<br />", $allupdates)."</pre>";
+	return true;
+}
+
+UI::htmlStartPage('Database update');
+UI::globalNavigation();
+UI::pageNavigation('Database update');
+UI::contentContainerStart();
+
+if(isset($_GET['doupdate']) && $_GET['doupdate'] == 1)
+	$doupdate = 1;
+else
+	$doupdate = 0;
+
+if (!check($doupdate)) {
+	die;
+}
+
+if(!$doupdate) {
+	print "<p>If the above update statements look ok, either execute them in your prefered mysql client or click on the link below.</p>";
+	print "<a href=\"?doupdate=1\">Execute update</a><br />\n";
+}
+
+UI::contentContainerEnd();
+UI::htmlEndPage();
+?>
--- a/install/update-3.3.0/update.sql
+++ b/install/update-3.3.0/update.sql
@ -0,0 +1,4 @@
+UPDATE tblVersion set major=3, minor=3, subminor=0;
+ALTER TABLE tblDocumentContent MODIFY mimeType varchar(100);
+ALTER TABLE tblDocumentFiles MODIFY mimeType varchar(100);
+ALTER TABLE tblFolders ADD COLUMN `folderList` text NOT NULL;
--- a/install/update-3.3.0/update.txt
+++ b/install/update-3.3.0/update.txt
@ -0,0 +1,51 @@
+Release information for 3.3.0
+-------------------------------------
+
+This release contains various improvements which require your manual
+interaction during an upgrade from an earlier version. You ѕhould definitely
+make a backup of your database and possibly your content folder.
+
+Folder search
+-------------
+The new folder search has introduced a new database field which has to
+be initially filled. Without that field searching for subfolders in a
+folder will not work.
+
+Data conversion
+---------------
+The conversion of strings like names and comments of documents and folders,
+when saved in the database, has been completely droped. This was originally
+done for security reasons, both to prevent sql injections and cross side
+scripting. Basically any field data that could do any harm, was replaced
+by 'harmless' chars. Ampersands, semi colons, quotes, etc., they all have
+been replaced by their html entity or masked by a backslash. The output of
+those fields on html pages was not decoded anymore, but any other application
+that accessed the database had to decode the data.
+
+The new approach with less impact on the data keeps the data 
+unmodified when saving it in the database without opening new security
+wholes. Protection against cross side scripting is done when the data
+is placed on a html page.
+
+As a consequence the complete database has to be searched for those
+previously converted strings and converted back into the original value. 
+
+For both of the above improvements a php script is provided which has to be
+called after the database update.
+
+Content directory
+-----------------
+Each document in LetoDMS is associated with a directory in the file system.
+Consequently, there is a limitation of documents set by the maximum number
+of subdirectories in a directory of the filesystem. The currently most used
+filesystem on Linux (ext3) supports only 31998 directories. In order to
+overcome this limitation another level of directories has been put inbetween
+the content directory and the document directory numbered from 1 to maxDirId.
+
+If you intend to switch to the new content directory format, you will have
+to create a new directory with name '1' below the content dir and move all
+document directories into it. If you have already a document with id 1, you
+must choose a different name for your new sub directory and rename to 1 after
+all document directories have been moved.
+
+
				`@ -0,0 +1 @@`
				`UPDATE tblVersion set major=3, minor=2, subminor=0;`