- fixed many more small errors

This commit is contained in:
steinm 2011-12-07 07:33:43 +00:00
parent de0983ee7d
commit 1232b8f309
4 changed files with 94 additions and 81 deletions

View File

@ -215,74 +215,72 @@ if ($action=="setSettings") {
* Get Parameters
*/
$settings->_rootDir = $_POST["rootDir"];
$settings->_httpRoot = $_POST["httpRoot"];
$settings->_contentDir = $_POST["contentDir"];
$settings->_luceneDir = $_POST["luceneDir"];
$settings->_stagingDir = $_POST["stagingDir"];
$settings->_httpRoot = $_POST["httpRoot"];
$settings->_contentDir = $_POST["contentDir"];
$settings->_luceneDir = $_POST["luceneDir"];
$settings->_stagingDir = $_POST["stagingDir"];
$settings->_ADOdbPath = $_POST["ADOdbPath"];
$settings->_dbDriver = $_POST["dbDriver"];
$settings->_dbHostname = $_POST["dbHostname"];
$settings->_dbDatabase = $_POST["dbDatabase"];
$settings->_dbUser = $_POST["dbUser"];
$settings->_dbPass = $_POST["dbPass"];
$settings->_coreDir = $_POST["coreDir"];
$settings->_luceneClassDir = $_POST["luceneClassDir"];
$settings->_coreDir = $_POST["coreDir"];
$settings->_luceneClassDir = $_POST["luceneClassDir"];
/**
* Check Parameters, require version 3.3.x
*/
$hasError = printCheckError( $settings->check(substr(str_replace('.', '', LETODMS_VERSION), 0,2)));
// $hasError = printCheckError( $settings->check(substr(str_replace('.', '', LETODMS_VERSION), 0,2)));
if (!$hasError)
{
if (!$hasError) {
// Create database
if (isset($_POST["createDatabase"]))
{
if (isset($_POST["createDatabase"])) {
$createOK = false;
$errorMsg = "";
require_once($settings->_ADOdbPath."adodb/adodb.inc.php");
$connTmp = ADONewConnection($settings->_dbDriver);
if ($connTmp) {
$connTmp->Connect($settings->_dbHostname, $settings->_dbUser, $settings->_dbPass, $settings->_dbDatabase);
if ($connTmp->IsConnected()) {
// read SQL file
if ($settings->_dbDriver=="mysql")
$queries = file_get_contents("create_tables-innodb.sql");
else
$queries = file_get_contents("create_tables.sql");
$connTmp = ADONewConnection($settings->_dbDriver);
if ($connTmp) {
$connTmp->Connect($settings->_dbHostname, $settings->_dbUser, $settings->_dbPass, $settings->_dbDatabase);
if ($connTmp->IsConnected()) {
// read SQL file
if ($settings->_dbDriver=="mysql")
$queries = file_get_contents("create_tables-innodb.sql");
else
$queries = file_get_contents("create_tables.sql");
// generate SQL query
$queries = explode(";", $queries);
// generate SQL query
$queries = explode(";", $queries);
// execute queries
foreach($queries as $query) {
// var_dump($query);
$query = trim($query);
if (!empty($query)) {
$connTmp->Execute($query);
// execute queries
foreach($queries as $query) {
// var_dump($query);
$query = trim($query);
if (!empty($query)) {
$connTmp->Execute($query);
if ($connTmp->ErrorNo()<>0) {
$errorMsg .= $connTmp->ErrorMsg() . "<br/>";
}
}
}
if ($connTmp->ErrorNo()<>0) {
$errorMsg .= $connTmp->ErrorMsg() . "<br/>";
}
}
}
// error ?
if (empty($errorMsg))
$createOK = true;
// error ?
if (empty($errorMsg))
$createOK = true;
} else {
$errorMsg = $connTmp->ErrorMsg();
}
$connTmp->Disconnect();
}
} else {
$errorMsg = $connTmp->ErrorMsg();
}
$connTmp->Disconnect();
}
// Show error
if (!$createOK) {
echo $errorMsg;
$hasError = true;
}
// Show error
if (!$createOK) {
echo $errorMsg;
$hasError = true;
}
} // create database
if (!$hasError) {
@ -292,10 +290,10 @@ if ($action=="setSettings") {
$needsupdate = false;
require_once($settings->_ADOdbPath."adodb/adodb.inc.php");
$connTmp = ADONewConnection($settings->_dbDriver);
if ($connTmp) {
$connTmp->Connect($settings->_dbHostname, $settings->_dbUser, $settings->_dbPass, $settings->_dbDatabase);
if ($connTmp->IsConnected()) {
$connTmp = ADONewConnection($settings->_dbDriver);
if ($connTmp) {
$connTmp->Connect($settings->_dbHostname, $settings->_dbUser, $settings->_dbPass, $settings->_dbDatabase);
if ($connTmp->IsConnected()) {
$res = $connTmp->Execute('select * from tblVersion');
if($rec = $res->FetchRow()) {
$updatedirs = array();
@ -311,7 +309,7 @@ if ($action=="setSettings") {
if($updatedirs) {
foreach($updatedirs as $updatedir) {
if($updatedir >= $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
if($updatedir > $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
$needsupdate = true;
print "<h3>Database update to version ".$updatedir." needed</h3>";
if(file_exists('update-'.$updatedir.'/update.txt')) {

View File

@ -45,7 +45,8 @@ function check($doupdate=0) { /* {{{ */
$queryStr = "SELECT ".$schema['key'].", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
elseif(isset($schema['keys']))
$queryStr = "SELECT ".implode(',', $schema['keys']).", `".implode('`,`', $schema['fields'])."` FROM ".$tblname;
$recs = $db->getResultArray($queryStr);
$res = $db->Execute($queryStr);
$recs = $res->GetArray();
foreach($recs as $rec) {
foreach($schema['fields'] as $field) {
if($rec[$field] !== mydmsDecodeString($rec[$field])) {
@ -62,7 +63,7 @@ function check($doupdate=0) { /* {{{ */
$allupdates[] = $updateSql;
echo "<tr><td>".$tblname."</td><td>".$field."</td><td>".htmlspecialchars($rec[$field])."</td><td>".htmlspecialchars(mydmsDecodeString($rec[$field]))."</td><td><pre>".htmlspecialchars($updateSql)."</pre></td></tr>\n";
if($doupdate) {
$res = $db->getResult($updateSql);
$res = $db->Execute($updateSql);
if(!$res) {
$errormsg = 'Could not execute update statement';
echo "<tr><td colspan=\"5\"><span style=\"color: red;\">".$errormsg."</span></td></tr>\n";
@ -76,8 +77,10 @@ function check($doupdate=0) { /* {{{ */
}
}
echo "</table>\n";
echo "<b>Summary of all updates</b><br />\n";
echo "<pre>".implode("<br />", $allupdates)."</pre>";
if($allupdates) {
echo "<b>Summary of all updates</b><br />\n";
echo "<pre>".implode("<br />", $allupdates)."</pre>";
}
return true;
} /* }}} */
@ -86,6 +89,7 @@ if(isset($_GET['doupdate']) && $_GET['doupdate'] == 1)
else
$doupdate = 0;
$doupdate = 1;
if (!check($doupdate)) {
print "<p>Update failed</p>";
}

View File

@ -2,7 +2,7 @@ Release information for 3.3.0
-------------------------------------
This release contains various improvements which require your manual
interaction during an upgrade from an earlier version. You ѕhould definitely
interaction during an upgrade from an earlier version. You should definitely
make a backup of your database and possibly your content folder.
Folder search
@ -14,13 +14,13 @@ folder will not work. See below.
Data conversion
---------------
The conversion of strings like names and comments of documents and folders,
when saved in the database, has been completely droped. This was originally
done for security reasons, both to prevent sql injections and cross side
scripting. Basically any field data that could do any harm, was replaced
by 'harmless' chars. Ampersands, semi colons, quotes, etc., they all have
been replaced by their html entity or masked by a backslash. The output of
those fields on html pages was not decoded anymore, but any other application
that accessed the database had to decode the data.
when saved in the database, has been completely droped. The conversion was
originally done for security reasons, both to prevent sql injections and cross
side scripting. Basically any field data that could do any harm, was replaced
by 'harmless' chars. Ampersands, semi colons, quotes, etc., they all have been
replaced by their html entity or masked by a backslash. The output of those
fields on html pages was not decoded anymore, but any other application that
accessed the database had to decode the data.
The new approach with less impact on the data keeps the data
unmodified when saving it in the database without opening new security

View File

@ -49,31 +49,42 @@ if ($db) {
}
}
$queries = file_get_contents('update-'.$_GET['version'].'/update.sql');
$queries = explode(";", $queries);
// execute queries
$errorMsg = '';
if($queries) {
echo "<h3>Running sql statements</h3>";
foreach($queries as $query) {
$query = trim($query);
if (!empty($query)) {
echo $query."<br />";
$db->Execute($query);
$res = $db->Execute('select * from tblVersion');
if($rec = $res->FetchRow()) {
if($_GET['version'] > $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
if ($db->ErrorNo()<>0) {
$errorMsg .= $db->ErrorMsg() . "<br/>";
$queries = file_get_contents('update-'.$_GET['version'].'/update.sql');
$queries = explode(";", $queries);
// execute queries
if($queries) {
echo "<h3>Updating database schema</h3>";
foreach($queries as $query) {
$query = trim($query);
if (!empty($query)) {
echo $query."<br />";
$db->Execute($query);
if ($db->ErrorNo()<>0) {
$errorMsg .= $db->ErrorMsg() . "<br/>";
}
}
}
}
} else {
echo "<p>Database schema already up to date.</p>";
}
}
if(!$errorMsg) {
echo "<h3>Running update script</h3>";
include('update-'.$_GET['version'].'/update.php');
if(!$errorMsg) {
echo "<h3>Running update script</h3>";
include('update-'.$_GET['version'].'/update.php');
} else {
echo $errorMsg;
}
} else {
echo $errorMsg;
echo "<p>Could not determine database schema version.</p>";
}
UI::contentContainerEnd();