File: /home/nexper/www/67.225.167.226/public_html/crm/modules/Administration/UpgradeWizard.php
<?php
if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
/**
* Upgrade Wizard
*
* SugarCRM is a customer relationship management program developed by
* SugarCRM, Inc. Copyright (C) 2004 - 2009 SugarCRM Inc.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License version 3 as published by the
* Free Software Foundation with the addition of the following permission added
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, see http://www.gnu.org/licenses or write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*
* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
* SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU General Public License version 3.
*
* In accordance with Section 7(b) of the GNU General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* SugarCRM" logo. If the display of the logo is not reasonably feasible for
* technical reasons, the Appropriate Legal Notices must display the words
* "Powered by SugarCRM".
*/
require_once('modules/Administration/UpgradeWizardCommon.php');
require_once('ModuleInstall/PackageManager/PackageManagerDisplay.php');
global $mod_strings;
$uh = new UpgradeHistory();
function unlinkTempFiles() {
global $sugar_config;
@unlink($_FILES['upgrade_zip']['tmp_name']);
@unlink(getAbsolutePath($sugar_config['upload_dir'].$_FILES['upgrade_zip']['name'],true));
}
// make sure dirs exist
foreach( $GLOBALS['subdirs'] as $subdir ){
mkdir_recursive( "$base_upgrade_dir/$subdir" );
}
// get labels and text that are specific to either Module Loader or Upgrade Wizard
if( $view == "module") {
$uploaddLabel = $mod_strings['LBL_UW_UPLOAD_MODULE'];
$descItemsQueued = $mod_strings['LBL_UW_DESC_MODULES_QUEUED'];
$descItemsInstalled = $mod_strings['LBL_UW_DESC_MODULES_INSTALLED'];
}
else {
$uploaddLabel = $mod_strings['LBL_UPLOAD_UPGRADE'];
$descItemsQueued = $mod_strings['DESC_FILES_QUEUED'];
$descItemsInstalled = $mod_strings['DESC_FILES_INSTALLED'];
}
//
// check that the upload limit is set to 6M or greater
//
define('SUGARCRM_MIN_UPLOAD_MAX_FILESIZE_BYTES', 6 * 1024 * 1024); // 6 Megabytes
$upload_max_filesize = ini_get('upload_max_filesize');
$upload_max_filesize_bytes = return_bytes($upload_max_filesize);
if($upload_max_filesize_bytes < constant('SUGARCRM_MIN_UPLOAD_MAX_FILESIZE_BYTES'))
{
$GLOBALS['log']->debug("detected upload_max_filesize: $upload_max_filesize");
print('<p class="error">' . $mod_strings['MSG_INCREASE_UPLOAD_MAX_FILESIZE'] . ' '
. get_cfg_var('cfg_file_path') . "</p>\n");
}
//
// process "run" commands
//
if( isset( $_REQUEST['run'] ) && ($_REQUEST['run'] != "") ){
$run = $_REQUEST['run'];
if( $run == "upload" ){
$perform = false;
if(isset($_REQUEST['release_id']) && $_REQUEST['release_id'] != ""){
require_once('ModuleInstall/PackageManager.php');
$pm = new PackageManager();
$tempFile = $pm->download('','',$_REQUEST['release_id'], getAbsolutePath($sugar_config['upload_dir'],true));
$perform = true;
$base_filename = urldecode($tempFile);
}
elseif(!empty($_REQUEST['load_module_from_dir'])){
//copy file to proper location then call performSetup
$tempFile = getAbsolutePath($sugar_config['upload_dir'].$_REQUEST['upgrade_zip_escaped'],true);
copy($_REQUEST['load_module_from_dir'].'/'.$_REQUEST['upgrade_zip_escaped'], $tempFile);
$perform = true;
$base_filename = urldecode( $_REQUEST['upgrade_zip_escaped'] );
}else if( empty( $_FILES['upgrade_zip']['tmp_name'] ) ){
echo $mod_strings['ERR_UW_NO_UPLOAD_FILE'];
}
else{
if(!move_uploaded_file($_FILES['upgrade_zip']['tmp_name'], getAbsolutePath($sugar_config['upload_dir'].$_FILES['upgrade_zip']['name'],true))) {
unlinkTempFiles();
die($mod_strings['ERR_NOT_VALID_UPLOAD']);
} else {
$tempFile = getAbsolutePath($sugar_config['upload_dir'].$_FILES['upgrade_zip']['name'],true);
$perform = true;
$base_filename = urldecode( $_REQUEST['upgrade_zip_escaped'] );
}
}
if($perform){
$manifest_file = extractManifest( $tempFile );
if(is_file($manifest_file))
{
require_once( $manifest_file );
validate_manifest( $manifest );
$upgrade_zip_type = $manifest['type'];
// exclude the bad permutations
if( $view == "module" )
{
if ($upgrade_zip_type != "module" && $upgrade_zip_type != "theme" && $upgrade_zip_type != "langpack")
{
unlinkTempFiles();
die($mod_strings['ERR_UW_NOT_ACCEPTIBLE_TYPE']);
}
}
elseif( $view == "default" )
{
if($upgrade_zip_type != "patch" )
{
unlinkTempFiles();
die($mod_strings['ERR_UW_ONLY_PATCHES']);
}
}
//$base_filename = urldecode( $_REQUEST['upgrade_zip_escaped'] );
$base_filename = preg_replace( "#\\\\#", "/", $base_filename );
$base_filename = basename( $base_filename );
mkdir_recursive( "$base_upgrade_dir/$upgrade_zip_type" );
$target_path = "$base_upgrade_dir/$upgrade_zip_type/$base_filename";
$target_manifest = remove_file_extension( $target_path ) . "-manifest.php";
if( isset($manifest['icon']) && $manifest['icon'] != "" ){
$icon_location = extractFile( $tempFile ,$manifest['icon'] );
$path_parts = pathinfo( $icon_location );
copy( $icon_location, remove_file_extension( $target_path ) . "-icon." . $path_parts['extension'] );
}
if( copy( $tempFile , $target_path ) ){
copy( $manifest_file, $target_manifest );
$GLOBALS['ML_STATUS_MESSAGE'] = $base_filename.$mod_strings['LBL_UW_UPLOAD_SUCCESS'];
}
else{
$GLOBALS['ML_STATUS_MESSAGE'] = $mod_strings['ERR_UW_UPLOAD_ERROR'];
}
}
else
{
unlinkTempFiles();
die($mod_strings['ERR_UW_NO_MANIFEST']);
}
}
}
else if( $run == $mod_strings['LBL_UW_BTN_DELETE_PACKAGE'] ){
if( !isset($_REQUEST['install_file']) || ($_REQUEST['install_file'] == "") ){
die($mod_strings['ERR_UW_NO_UPLOAD_FILE']);
}
$delete_me = urldecode( $_REQUEST['install_file'] );
$checkFile = clean_path(trim(strtolower($delete_me)));
if(false !== strpos($checkFile, '.zip')) { // is zip file?
if(false !== strpos($checkFile, $sugar_config['upload_dir'])) { // is in upload dir?
if(false === strpos($checkFile, "..")) { // no dir navigation
if(!file_exists($checkFile)) { // file exists?
if(unlink($delete_me)) { // successful deletion?
echo "Package $delete_me has been removed.<br>";
} else {
die("Problem removing package $delete_me.");
}
} else {
die("<span class='error'>File to be deleted does not exist.</span>");
}
} else {
die("<span class='error'>Path is trying to navigate folders.</span>");
}
} else {
die("<span class='error'>File is not located in SugarCRM's upload cache directory.</span>");
}
} else {
die("<span class='error'>File is not a zipped archive.</span>");
}
}
}
print( "<p>\n" );
if( $view == "module") {
print( get_module_title($mod_strings['LBL_MODULE_NAME'], $mod_strings['LBL_MODULE_NAME'].": ".$mod_strings['LBL_MODULE_LOADER_TITLE'], true) );
}
else {
print( get_module_title($mod_strings['LBL_MODULE_NAME'], $mod_strings['LBL_MODULE_NAME'].": ".$mod_strings['LBL_UPGRADE_WIZARD_TITLE'], true) );
}
print( "</p>\n" );
// upload link
if(!empty($GLOBALS['sugar_config']['use_common_ml_dir']) && $GLOBALS['sugar_config']['use_common_ml_dir'] && !empty($GLOBALS['sugar_config']['common_ml_dir'])){
//rrs
$form = '<form name="move_form" action="index.php?module=Administration&view=module&action=UpgradeWizard" method="post" ><input type=hidden name="run" value="upload" /><input type=hidden name="load_module_from_dir" id="load_module_from_dir" value="'.$GLOBALS['sugar_config']['common_ml_dir'].'" /><input type=hidden name="upgrade_zip_escaped" value="" /><table width="100%" class="tabForm"><tr><th align="left">'.$mod_strings['LBL_ML_NAME'].'</th><th align="left">'.$mod_strings['LBL_ML_ACTION'].'</th></tr>';
if ($handle = opendir($GLOBALS['sugar_config']['common_ml_dir'])) {
while (false !== ($filename = readdir($handle))) {
if($filename == '.' || $filename == '..' || !preg_match("#.*\.zip\$#", $filename)) {
continue;
}
$form .= '<tr><td>'.$filename.'</td><td><input type=button class="button" value="'.$mod_strings['LBL_UW_BTN_UPLOAD'].'" onClick="document.move_form.upgrade_zip_escaped.value = escape( \''.$filename.'\');document.move_form.submit();" /></td></tr>';
}
}
$form .= '</table></form>';
//rrs
}else{
$form =<<<eoq
<form name="the_form" enctype="multipart/form-data" action="{$form_action}" method="post" >
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="tabForm">
<tr><td>
<table width="450" border="0" cellspacing="0" cellpadding="0">
<tr><td>
{$uploaddLabel}
<input type="file" name="upgrade_zip" size="40" />
</td>
<td>
<input type=button class="button" value="{$mod_strings['LBL_UW_BTN_UPLOAD']}" onClick="document.the_form.upgrade_zip_escaped.value = escape( document.the_form.upgrade_zip.value );document.the_form.submit();" />
<input type=hidden name="run" value="upload" />
<input type=hidden name="upgrade_zip_escaped" value="" />
</td>
</tr>
</table></td></tr></table>
</form>
eoq;
}
$hidden_fields = "<input type=hidden name=\"run\" value=\"upload\" />";
$hidden_fields .= "<input type=hidden name=\"mode\"/>";
$form2 = PackageManagerDisplay::buildPackageDisplay($form, $hidden_fields, $form_action, array('module'));
$form3 =<<<eoq3
eoq3;
echo $form2.$form3;
// scan for new files (that are not installed)
/*print( "$descItemsQueued<br>\n");
print( "<ul>\n" );
$upgrade_contents = findAllFiles( "$base_upgrade_dir", array() );
$upgrades_available = 0;
print( "<table>\n" );
print( "<tr><th></th><th align=left>{$mod_strings['LBL_ML_NAME']}</th><th>{$mod_strings['LBL_ML_TYPE']}</th><th>{$mod_strings['LBL_ML_VERSION']}</th><th>{$mod_strings['LBL_ML_PUBLISHED']}</th><th>{$mod_strings['LBL_ML_UNINSTALLABLE']}</th><th>{$mod_strings['LBL_ML_DESCRIPTION']}</th></tr>\n" );
foreach($upgrade_contents as $upgrade_content)
{
if(!preg_match("#.*\.zip\$#", $upgrade_content))
{
continue;
}
$upgrade_content = clean_path($upgrade_content);
$the_base = basename($upgrade_content);
$the_md5 = md5_file($upgrade_content);
$md5_matches = $uh->findByMd5($the_md5);
if(0 == sizeof($md5_matches))
{
$target_manifest = remove_file_extension( $upgrade_content ) . '-manifest.php';
require_once($target_manifest);
$name = empty($manifest['name']) ? $upgrade_content : $manifest['name'];
$version = empty($manifest['version']) ? '' : $manifest['version'];
$published_date = empty($manifest['published_date']) ? '' : $manifest['published_date'];
$icon = '';
$description = empty($manifest['description']) ? 'None' : $manifest['description'];
$uninstallable = empty($manifest['is_uninstallable']) ? 'No' : 'Yes';
$type = getUITextForType( $manifest['type'] );
$manifest_type = $manifest['type'];
if($view == 'default' && $manifest_type != 'patch')
{
continue;
}
if($view == 'module'
&& $manifest_type != 'module' && $manifest_type != 'theme' && $manifest_type != 'langpack')
{
continue;
}
if(empty($manifest['icon']))
{
$icon = getImageForType( $manifest['type'] );
}
else
{
$path_parts = pathinfo( $manifest['icon'] );
$icon = "<img src=\"" . remove_file_extension( $upgrade_content ) . "-icon." . $path_parts['extension'] . "\">";
}
$upgrades_available++;
print( "<tr><td>$icon</td><td>$name</td><td>$type</td><td>$version</td><td>$published_date</td><td>$uninstallable</td><td>$description</td>\n" );
$upgrade_content = urlencode($upgrade_content);
$form2 =<<<eoq
<form action="{$form_action}_prepare" method="post">
<td><input type=submit name="btn_mode" onclick="this.form.mode.value='Install';this.form.submit();" value="{$mod_strings['LBL_UW_BTN_INSTALL']}" /></td>
<input type=hidden name="install_file" value="{$upgrade_content}" />
<input type=hidden name="mode"/>
</form>
<form action="{$form_action}" method="post">
<td><input type=submit name="run" value="{$mod_strings['LBL_UW_BTN_DELETE_PACKAGE']}" /></td>
<input type=hidden name="install_file" value="{$upgrade_content}" />
</form>
</tr>
eoq;
echo $form2;
}
}
print( "</table>\n" );
if( $upgrades_available == 0 ){
print($mod_strings['LBL_UW_NONE']);
}
print( "</ul>\n" );
?>
*/
$GLOBALS['log']->info( "Upgrade Wizard view");
?>
</td>
</tr>
</table></td></tr></table>