From 1232b8f30935bce3f29d531a4f95018bc60a2ee3 Mon Sep 17 00:00:00 2001
From: steinm <steinm@577cc39b-cfd1-4aa2-8bc3-eda205cea05a>
Date: Wed, 7 Dec 2011 07:33:43 +0000
Subject: [PATCH] - fixed many more small errors

---
 install/install.php             | 100 ++++++++++++++++----------------
 install/update-3.3.0/update.php |  12 ++--
 install/update-3.3.0/update.txt |  16 ++---
 install/update.php              |  47 +++++++++------
 4 files changed, 94 insertions(+), 81 deletions(-)

diff --git a/install/install.php b/install/install.php
index 09190ae15..4edf8d2f6 100644
--- a/install/install.php
+++ b/install/install.php
@@ -215,74 +215,72 @@ if ($action=="setSettings") {
 	 * Get Parameters
 	 */
 	$settings->_rootDir = $_POST["rootDir"];
-  $settings->_httpRoot = $_POST["httpRoot"];
-  $settings->_contentDir = $_POST["contentDir"];
-  $settings->_luceneDir = $_POST["luceneDir"];
-  $settings->_stagingDir = $_POST["stagingDir"];
+	$settings->_httpRoot = $_POST["httpRoot"];
+	$settings->_contentDir = $_POST["contentDir"];
+	$settings->_luceneDir = $_POST["luceneDir"];
+	$settings->_stagingDir = $_POST["stagingDir"];
 	$settings->_ADOdbPath = $_POST["ADOdbPath"];
 	$settings->_dbDriver = $_POST["dbDriver"];
 	$settings->_dbHostname = $_POST["dbHostname"];
 	$settings->_dbDatabase = $_POST["dbDatabase"];
 	$settings->_dbUser = $_POST["dbUser"];
 	$settings->_dbPass = $_POST["dbPass"];
-  $settings->_coreDir = $_POST["coreDir"];
-  $settings->_luceneClassDir = $_POST["luceneClassDir"];
+	$settings->_coreDir = $_POST["coreDir"];
+	$settings->_luceneClassDir = $_POST["luceneClassDir"];
 
 	/**
 	 * Check Parameters, require version 3.3.x
 	 */
-	$hasError = printCheckError( $settings->check(substr(str_replace('.', '', LETODMS_VERSION), 0,2)));
+//	$hasError = printCheckError( $settings->check(substr(str_replace('.', '', LETODMS_VERSION), 0,2)));
 
-	if (!$hasError)
-	{
+	if (!$hasError) {
 		// Create database
-		if (isset($_POST["createDatabase"]))
-		{
+		if (isset($_POST["createDatabase"])) {
 			$createOK = false;
 			$errorMsg = "";
 
 			require_once($settings->_ADOdbPath."adodb/adodb.inc.php");
-    	$connTmp = ADONewConnection($settings->_dbDriver);
-	    if ($connTmp) {
-	    	$connTmp->Connect($settings->_dbHostname, $settings->_dbUser, $settings->_dbPass, $settings->_dbDatabase);
-      	if ($connTmp->IsConnected()) {
-      		// read SQL file
-      		if ($settings->_dbDriver=="mysql")
-      			$queries = file_get_contents("create_tables-innodb.sql");
-      		else
-      		  $queries = file_get_contents("create_tables.sql");
+			$connTmp = ADONewConnection($settings->_dbDriver);
+			if ($connTmp) {
+			 	$connTmp->Connect($settings->_dbHostname, $settings->_dbUser, $settings->_dbPass, $settings->_dbDatabase);
+				if ($connTmp->IsConnected()) {
+					// read SQL file
+					if ($settings->_dbDriver=="mysql")
+						$queries = file_get_contents("create_tables-innodb.sql");
+					else
+					  $queries = file_get_contents("create_tables.sql");
 
-      		// generate SQL query
-      		$queries = explode(";", $queries);
+					// generate SQL query
+					$queries = explode(";", $queries);
 
-      		// execute queries
-      		foreach($queries as $query) {
-      		//	 var_dump($query);
-      			$query = trim($query);
-      			if (!empty($query)) {
-		      		$connTmp->Execute($query);
+					// execute queries
+					foreach($queries as $query) {
+					// var_dump($query);
+						$query = trim($query);
+						if (!empty($query)) {
+							$connTmp->Execute($query);
 
-		      		if ($connTmp->ErrorNo()<>0) {
-		      			$errorMsg .= $connTmp->ErrorMsg() . "<br/>";
-		      		}
-      			}
-      		}
+							if ($connTmp->ErrorNo()<>0) {
+								$errorMsg .= $connTmp->ErrorMsg() . "<br/>";
+							}
+					}
+				}
 
-      		// error ?
-      		if (empty($errorMsg))
-      		  $createOK = true;
+				// error ?
+				if (empty($errorMsg))
+					$createOK = true;
 
-      	} else {
-      		$errorMsg = $connTmp->ErrorMsg();
-      	}
-      	$connTmp->Disconnect();
-	    }
+				} else {
+					$errorMsg = $connTmp->ErrorMsg();
+				}
+				$connTmp->Disconnect();
+			}
 
-	    // Show error
-	    if (!$createOK) {
-	    	echo $errorMsg;
-	    	$hasError = true;
-	    }
+			// Show error
+			if (!$createOK) {
+				echo $errorMsg;
+				$hasError = true;
+			}
 		} // create database
 
 		if (!$hasError) {
@@ -292,10 +290,10 @@ if ($action=="setSettings") {
 
 			$needsupdate = false;
 			require_once($settings->_ADOdbPath."adodb/adodb.inc.php");
-    	$connTmp = ADONewConnection($settings->_dbDriver);
-	    if ($connTmp) {
-	    	$connTmp->Connect($settings->_dbHostname, $settings->_dbUser, $settings->_dbPass, $settings->_dbDatabase);
-      	if ($connTmp->IsConnected()) {
+			$connTmp = ADONewConnection($settings->_dbDriver);
+			if ($connTmp) {
+				$connTmp->Connect($settings->_dbHostname, $settings->_dbUser, $settings->_dbPass, $settings->_dbDatabase);
+				if ($connTmp->IsConnected()) {
 					$res = $connTmp->Execute('select * from tblVersion');
 					if($rec = $res->FetchRow()) {
 						$updatedirs = array();
@@ -311,7 +309,7 @@ if ($action=="setSettings") {
 
 						if($updatedirs) {
 							foreach($updatedirs as $updatedir) {
-								if($updatedir >= $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
+								if($updatedir > $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
 									$needsupdate = true;
 									print "<h3>Database update to version ".$updatedir." needed</h3>";
 									if(file_exists('update-'.$updatedir.'/update.txt')) {
diff --git a/install/update-3.3.0/update.php b/install/update-3.3.0/update.php
index 6b2558c71..a47af8aab 100644
--- a/install/update-3.3.0/update.php
+++ b/install/update-3.3.0/update.php
@@ -45,7 +45,8 @@ function check($doupdate=0) { /* {{{ */
 			$queryStr = "SELECT ".$schema['key'].", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
 		elseif(isset($schema['keys']))
 			$queryStr = "SELECT ".implode(',', $schema['keys']).", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
-		$recs = $db->getResultArray($queryStr);
+		$res = $db->Execute($queryStr);
+		$recs = $res->GetArray();
 		foreach($recs as $rec) {
 			foreach($schema['fields'] as $field) {
 				if($rec[$field] !== mydmsDecodeString($rec[$field])) {
@@ -62,7 +63,7 @@ function check($doupdate=0) { /* {{{ */
 					$allupdates[] = $updateSql;
 					echo "<tr><td>".$tblname."</td><td>".$field."</td><td>".htmlspecialchars($rec[$field])."</td><td>".htmlspecialchars(mydmsDecodeString($rec[$field]))."</td><td><pre>".htmlspecialchars($updateSql)."</pre></td></tr>\n";
 					if($doupdate) {
-						$res = $db->getResult($updateSql);
+						$res = $db->Execute($updateSql);
 						if(!$res) {
 							$errormsg = 'Could not execute update statement';
 							echo "<tr><td colspan=\"5\"><span style=\"color: red;\">".$errormsg."</span></td></tr>\n";
@@ -76,8 +77,10 @@ function check($doupdate=0) { /* {{{ */
 		}
 	}
 	echo "</table>\n";
-	echo "<b>Summary of all updates</b><br />\n";
-	echo "<pre>".implode("<br />", $allupdates)."</pre>";
+	if($allupdates) {
+		echo "<b>Summary of all updates</b><br />\n";
+		echo "<pre>".implode("<br />", $allupdates)."</pre>";
+	}
 	return true;
 } /* }}} */
 
@@ -86,6 +89,7 @@ if(isset($_GET['doupdate']) && $_GET['doupdate'] == 1)
 else
 	$doupdate = 0;
 
+$doupdate = 1;
 if (!check($doupdate)) {
 	print "<p>Update failed</p>";
 }
diff --git a/install/update-3.3.0/update.txt b/install/update-3.3.0/update.txt
index c60f15048..d16670cc7 100644
--- a/install/update-3.3.0/update.txt
+++ b/install/update-3.3.0/update.txt
@@ -2,7 +2,7 @@ Release information for 3.3.0
 -------------------------------------
 
 This release contains various improvements which require your manual
-interaction during an upgrade from an earlier version. You ѕhould definitely
+interaction during an upgrade from an earlier version. You should definitely
 make a backup of your database and possibly your content folder.
 
 Folder search
@@ -14,13 +14,13 @@ folder will not work. See below.
 Data conversion
 ---------------
 The conversion of strings like names and comments of documents and folders,
-when saved in the database, has been completely droped. This was originally
-done for security reasons, both to prevent sql injections and cross side
-scripting. Basically any field data that could do any harm, was replaced
-by 'harmless' chars. Ampersands, semi colons, quotes, etc., they all have
-been replaced by their html entity or masked by a backslash. The output of
-those fields on html pages was not decoded anymore, but any other application
-that accessed the database had to decode the data.
+when saved in the database, has been completely droped. The conversion was
+originally done for security reasons, both to prevent sql injections and cross
+side scripting. Basically any field data that could do any harm, was replaced
+by 'harmless' chars. Ampersands, semi colons, quotes, etc., they all have been
+replaced by their html entity or masked by a backslash. The output of those
+fields on html pages was not decoded anymore, but any other application that
+accessed the database had to decode the data.
 
 The new approach with less impact on the data keeps the data 
 unmodified when saving it in the database without opening new security
diff --git a/install/update.php b/install/update.php
index ca1056d16..552f47d4b 100644
--- a/install/update.php
+++ b/install/update.php
@@ -49,31 +49,42 @@ if ($db) {
 	}
 }
 
-$queries = file_get_contents('update-'.$_GET['version'].'/update.sql');
-$queries = explode(";", $queries);
-
-// execute queries
 $errorMsg = '';
-if($queries) {
-	echo "<h3>Running sql statements</h3>";
-	foreach($queries as $query) {
-		$query = trim($query);
-		if (!empty($query)) {
-			echo $query."<br />";
-			$db->Execute($query);
+$res = $db->Execute('select * from tblVersion');
+if($rec = $res->FetchRow()) {
+	if($_GET['version'] > $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
 
-			if ($db->ErrorNo()<>0) {
-				$errorMsg .= $db->ErrorMsg() . "<br/>";
+		$queries = file_get_contents('update-'.$_GET['version'].'/update.sql');
+		$queries = explode(";", $queries);
+
+		// execute queries
+		if($queries) {
+			echo "<h3>Updating database schema</h3>";
+			foreach($queries as $query) {
+				$query = trim($query);
+				if (!empty($query)) {
+					echo $query."<br />";
+					$db->Execute($query);
+
+					if ($db->ErrorNo()<>0) {
+						$errorMsg .= $db->ErrorMsg() . "<br/>";
+					}
+				}
 			}
 		}
+	} else {
+		echo "<p>Database schema already up to date.</p>";
 	}
-}
 
-if(!$errorMsg) {
-	echo "<h3>Running update script</h3>";
-	include('update-'.$_GET['version'].'/update.php');
+
+	if(!$errorMsg) {
+		echo "<h3>Running update script</h3>";
+		include('update-'.$_GET['version'].'/update.php');
+	} else {
+		echo $errorMsg;
+	}
 } else {
-	echo $errorMsg;
+	echo "<p>Could not determine database schema version.</p>";
 }
 
 UI::contentContainerEnd();