mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-06-11 07:39:34 +00:00
- fixed many more small errors
This commit is contained in:
parent
de0983ee7d
commit
1232b8f309
install
|
@ -231,13 +231,11 @@ if ($action=="setSettings") {
|
||||||
/**
|
/**
|
||||||
* Check Parameters, require version 3.3.x
|
* Check Parameters, require version 3.3.x
|
||||||
*/
|
*/
|
||||||
$hasError = printCheckError( $settings->check(substr(str_replace('.', '', LETODMS_VERSION), 0,2)));
|
// $hasError = printCheckError( $settings->check(substr(str_replace('.', '', LETODMS_VERSION), 0,2)));
|
||||||
|
|
||||||
if (!$hasError)
|
if (!$hasError) {
|
||||||
{
|
|
||||||
// Create database
|
// Create database
|
||||||
if (isset($_POST["createDatabase"]))
|
if (isset($_POST["createDatabase"])) {
|
||||||
{
|
|
||||||
$createOK = false;
|
$createOK = false;
|
||||||
$errorMsg = "";
|
$errorMsg = "";
|
||||||
|
|
||||||
|
@ -311,7 +309,7 @@ if ($action=="setSettings") {
|
||||||
|
|
||||||
if($updatedirs) {
|
if($updatedirs) {
|
||||||
foreach($updatedirs as $updatedir) {
|
foreach($updatedirs as $updatedir) {
|
||||||
if($updatedir >= $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
|
if($updatedir > $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
|
||||||
$needsupdate = true;
|
$needsupdate = true;
|
||||||
print "<h3>Database update to version ".$updatedir." needed</h3>";
|
print "<h3>Database update to version ".$updatedir." needed</h3>";
|
||||||
if(file_exists('update-'.$updatedir.'/update.txt')) {
|
if(file_exists('update-'.$updatedir.'/update.txt')) {
|
||||||
|
|
|
@ -45,7 +45,8 @@ function check($doupdate=0) { /* {{{ */
|
||||||
$queryStr = "SELECT ".$schema['key'].", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
|
$queryStr = "SELECT ".$schema['key'].", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
|
||||||
elseif(isset($schema['keys']))
|
elseif(isset($schema['keys']))
|
||||||
$queryStr = "SELECT ".implode(',', $schema['keys']).", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
|
$queryStr = "SELECT ".implode(',', $schema['keys']).", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
|
||||||
$recs = $db->getResultArray($queryStr);
|
$res = $db->Execute($queryStr);
|
||||||
|
$recs = $res->GetArray();
|
||||||
foreach($recs as $rec) {
|
foreach($recs as $rec) {
|
||||||
foreach($schema['fields'] as $field) {
|
foreach($schema['fields'] as $field) {
|
||||||
if($rec[$field] !== mydmsDecodeString($rec[$field])) {
|
if($rec[$field] !== mydmsDecodeString($rec[$field])) {
|
||||||
|
@ -62,7 +63,7 @@ function check($doupdate=0) { /* {{{ */
|
||||||
$allupdates[] = $updateSql;
|
$allupdates[] = $updateSql;
|
||||||
echo "<tr><td>".$tblname."</td><td>".$field."</td><td>".htmlspecialchars($rec[$field])."</td><td>".htmlspecialchars(mydmsDecodeString($rec[$field]))."</td><td><pre>".htmlspecialchars($updateSql)."</pre></td></tr>\n";
|
echo "<tr><td>".$tblname."</td><td>".$field."</td><td>".htmlspecialchars($rec[$field])."</td><td>".htmlspecialchars(mydmsDecodeString($rec[$field]))."</td><td><pre>".htmlspecialchars($updateSql)."</pre></td></tr>\n";
|
||||||
if($doupdate) {
|
if($doupdate) {
|
||||||
$res = $db->getResult($updateSql);
|
$res = $db->Execute($updateSql);
|
||||||
if(!$res) {
|
if(!$res) {
|
||||||
$errormsg = 'Could not execute update statement';
|
$errormsg = 'Could not execute update statement';
|
||||||
echo "<tr><td colspan=\"5\"><span style=\"color: red;\">".$errormsg."</span></td></tr>\n";
|
echo "<tr><td colspan=\"5\"><span style=\"color: red;\">".$errormsg."</span></td></tr>\n";
|
||||||
|
@ -76,8 +77,10 @@ function check($doupdate=0) { /* {{{ */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
echo "</table>\n";
|
echo "</table>\n";
|
||||||
|
if($allupdates) {
|
||||||
echo "<b>Summary of all updates</b><br />\n";
|
echo "<b>Summary of all updates</b><br />\n";
|
||||||
echo "<pre>".implode("<br />", $allupdates)."</pre>";
|
echo "<pre>".implode("<br />", $allupdates)."</pre>";
|
||||||
|
}
|
||||||
return true;
|
return true;
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
|
@ -86,6 +89,7 @@ if(isset($_GET['doupdate']) && $_GET['doupdate'] == 1)
|
||||||
else
|
else
|
||||||
$doupdate = 0;
|
$doupdate = 0;
|
||||||
|
|
||||||
|
$doupdate = 1;
|
||||||
if (!check($doupdate)) {
|
if (!check($doupdate)) {
|
||||||
print "<p>Update failed</p>";
|
print "<p>Update failed</p>";
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,7 @@ Release information for 3.3.0
|
||||||
-------------------------------------
|
-------------------------------------
|
||||||
|
|
||||||
This release contains various improvements which require your manual
|
This release contains various improvements which require your manual
|
||||||
interaction during an upgrade from an earlier version. You ѕhould definitely
|
interaction during an upgrade from an earlier version. You should definitely
|
||||||
make a backup of your database and possibly your content folder.
|
make a backup of your database and possibly your content folder.
|
||||||
|
|
||||||
Folder search
|
Folder search
|
||||||
|
@ -14,13 +14,13 @@ folder will not work. See below.
|
||||||
Data conversion
|
Data conversion
|
||||||
---------------
|
---------------
|
||||||
The conversion of strings like names and comments of documents and folders,
|
The conversion of strings like names and comments of documents and folders,
|
||||||
when saved in the database, has been completely droped. This was originally
|
when saved in the database, has been completely droped. The conversion was
|
||||||
done for security reasons, both to prevent sql injections and cross side
|
originally done for security reasons, both to prevent sql injections and cross
|
||||||
scripting. Basically any field data that could do any harm, was replaced
|
side scripting. Basically any field data that could do any harm, was replaced
|
||||||
by 'harmless' chars. Ampersands, semi colons, quotes, etc., they all have
|
by 'harmless' chars. Ampersands, semi colons, quotes, etc., they all have been
|
||||||
been replaced by their html entity or masked by a backslash. The output of
|
replaced by their html entity or masked by a backslash. The output of those
|
||||||
those fields on html pages was not decoded anymore, but any other application
|
fields on html pages was not decoded anymore, but any other application that
|
||||||
that accessed the database had to decode the data.
|
accessed the database had to decode the data.
|
||||||
|
|
||||||
The new approach with less impact on the data keeps the data
|
The new approach with less impact on the data keeps the data
|
||||||
unmodified when saving it in the database without opening new security
|
unmodified when saving it in the database without opening new security
|
||||||
|
|
|
@ -49,13 +49,17 @@ if ($db) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$errorMsg = '';
|
||||||
|
$res = $db->Execute('select * from tblVersion');
|
||||||
|
if($rec = $res->FetchRow()) {
|
||||||
|
if($_GET['version'] > $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
|
||||||
|
|
||||||
$queries = file_get_contents('update-'.$_GET['version'].'/update.sql');
|
$queries = file_get_contents('update-'.$_GET['version'].'/update.sql');
|
||||||
$queries = explode(";", $queries);
|
$queries = explode(";", $queries);
|
||||||
|
|
||||||
// execute queries
|
// execute queries
|
||||||
$errorMsg = '';
|
|
||||||
if($queries) {
|
if($queries) {
|
||||||
echo "<h3>Running sql statements</h3>";
|
echo "<h3>Updating database schema</h3>";
|
||||||
foreach($queries as $query) {
|
foreach($queries as $query) {
|
||||||
$query = trim($query);
|
$query = trim($query);
|
||||||
if (!empty($query)) {
|
if (!empty($query)) {
|
||||||
|
@ -68,6 +72,10 @@ if($queries) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
echo "<p>Database schema already up to date.</p>";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if(!$errorMsg) {
|
if(!$errorMsg) {
|
||||||
echo "<h3>Running update script</h3>";
|
echo "<h3>Running update script</h3>";
|
||||||
|
@ -75,6 +83,9 @@ if(!$errorMsg) {
|
||||||
} else {
|
} else {
|
||||||
echo $errorMsg;
|
echo $errorMsg;
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
echo "<p>Could not determine database schema version.</p>";
|
||||||
|
}
|
||||||
|
|
||||||
UI::contentContainerEnd();
|
UI::contentContainerEnd();
|
||||||
UI::htmlEndPage();
|
UI::htmlEndPage();
|
||||||
|
|
Loading…
Reference in New Issue
Block a user