MMF/simple-machines-forum
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
simple-machines-forum/Sources/Subs-Package.php

3180 lines
99 KiB
PHP
Raw Normal View History

Import SMF 2.1.4
2024-07-22 14:45:07 +00:00
<?php
/**
* This file's central purpose of existence is that of making the package
* manager work nicely. It contains functions for handling tar.gz and zip
* files, as well as a simple xml parser to handle the xml package stuff.
* Not to mention a few functions to make file handling easier.
*
* Simple Machines Forum (SMF)
*
* @package SMF
* @author Simple Machines https://www.simplemachines.org
* @copyright 2022 Simple Machines and individual contributors
* @license https://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.1.3
*/
if (!defined('SMF'))
die('No direct access...');
/**
* Reads an archive from either a remote location or from the local filesystem.
*
* @param string $gzfilename The path to the tar.gz file
* @param string $destination The path to the desitnation directory
* @param bool $single_file If true returns the contents of the file specified by destination if it exists
* @param bool $overwrite Whether to overwrite existing files
* @param null|array $files_to_extract Specific files to extract
* @return array|false An array of information about extracted files or false on failure
*/
function read_tgz_file($gzfilename, $destination, $single_file = false, $overwrite = false, $files_to_extract = null)
{
$data = substr($gzfilename, 0, 7) == 'http://' || substr($gzfilename, 0, 8) == 'https://'
? fetch_web_data($gzfilename)
: file_get_contents($gzfilename);
if ($data === false)
return false;
// Too short for magic numbers? No fortune cookie for you!
if (strlen($data) < 2)
return false;
if ($data[0] == "\x1f" && $data[1] == "\x8b")
return read_tgz_data($data, $destination, $single_file, $overwrite, $files_to_extract);
// Okay, this ain't no tar.gz, but maybe it's a zip file.
elseif ($data[0] == 'P' && $data[1] == 'K')
return read_zip_data($data, $destination, $single_file, $overwrite, $files_to_extract);
return false;
}
/**
* Extracts a file or files from the .tar.gz contained in data.
*
* detects if the file is really a .zip file, and if so returns the result of read_zip_data
*
* if destination is null
* - returns a list of files in the archive.
*
* if single_file is true
* - returns the contents of the file specified by destination, if it exists, or false.
* - destination can start with * and / to signify that the file may come from any directory.
* - destination should not begin with a / if single_file is true.
*
* overwrites existing files with newer modification times if and only if overwrite is true.
* creates the destination directory if it doesn't exist, and is is specified.
* requires zlib support be built into PHP.
* returns an array of the files extracted.
* if files_to_extract is not equal to null only extracts file within this array.
*
* @param string $data The gzipped tarball
* @param null|string $destination The destination
* @param bool $single_file Whether to only extract a single file
* @param bool $overwrite Whether to overwrite existing data
* @param null|array $files_to_extract If set, only extracts the specified files
* @return array|false An array of information about the extracted files or false on failure
*/
function read_tgz_data($data, $destination, $single_file = false, $overwrite = false, $files_to_extract = null)
{
// Make sure we have this loaded.
loadLanguage('Packages');
// This function sorta needs gzinflate!
if (!function_exists('gzinflate'))
fatal_lang_error('package_no_lib', 'critical', array('package_no_zlib', 'package_no_package_manager'));
umask(0);
if (!$single_file && $destination !== null && !file_exists($destination))
mktree($destination, 0777);
$flags = unpack('Ct/Cf', substr($data, 2, 2));
// Not deflate!
if ($flags['t'] != 8)
return false;
$flags = $flags['f'];
$offset = 10;
$octdec = array('mode', 'uid', 'gid', 'size', 'mtime', 'checksum');
// "Read" the filename and comment.
// @todo Might be mussed.
if ($flags & 12)
{
while ($flags & 8 && $data[$offset++] != "\0")
continue;
while ($flags & 4 && $data[$offset++] != "\0")
continue;
}
$crc = unpack('Vcrc32/Visize', substr($data, strlen($data) - 8, 8));
$data = @gzinflate(substr($data, $offset, strlen($data) - 8 - $offset));
// smf_crc32 and crc32 may not return the same results, so we accept either.
if ($crc['crc32'] != smf_crc32($data) && $crc['crc32'] != crc32($data))
return false;
$blocks = strlen($data) / 512 - 1;
$offset = 0;
$return = array();
while ($offset < $blocks)
{
$header = substr($data, $offset << 9, 512);
$current = unpack('a100filename/a8mode/a8uid/a8gid/a12size/a12mtime/a8checksum/a1type/a100linkname/a6magic/a2version/a32uname/a32gname/a8devmajor/a8devminor/a155path', $header);
// Blank record? This is probably at the end of the file.
if (empty($current['filename']))
{
$offset += 512;
continue;
}
foreach ($current as $k => $v)
{
if (in_array($k, $octdec))
$current[$k] = octdec(trim($v));
else
$current[$k] = trim($v);
}
if ($current['type'] == '5' && substr($current['filename'], -1) != '/')
$current['filename'] .= '/';
$checksum = 256;
for ($i = 0; $i < 148; $i++)
$checksum += ord($header[$i]);
for ($i = 156; $i < 512; $i++)
$checksum += ord($header[$i]);
if ($current['checksum'] != $checksum)
break;
$size = ceil($current['size'] / 512);
$current['data'] = substr($data, ++$offset << 9, $current['size']);
$offset += $size;
// Not a directory and doesn't exist already...
if (substr($current['filename'], -1, 1) != '/' && $destination !== null && !file_exists($destination . '/' . $current['filename']))
$write_this = true;
// File exists... check if it is newer.
elseif (substr($current['filename'], -1, 1) != '/')
$write_this = $overwrite || ($destination !== null && filemtime($destination . '/' . $current['filename']) < $current['mtime']);
// Folder... create.
elseif ($destination !== null && !$single_file)
{
// Protect from accidental parent directory writing...
$current['filename'] = strtr($current['filename'], array('../' => '', '/..' => ''));
if (!file_exists($destination . '/' . $current['filename']))
mktree($destination . '/' . $current['filename'], 0777);
$write_this = false;
}
else
$write_this = false;
if ($write_this && $destination !== null)
{
if (strpos($current['filename'], '/') !== false && !$single_file)
mktree($destination . '/' . dirname($current['filename']), 0777);
// Is this the file we're looking for?
if ($single_file && ($destination == $current['filename'] || $destination == '*/' . basename($current['filename'])))
return $current['data'];
// If we're looking for another file, keep going.
elseif ($single_file)
continue;
// Looking for restricted files?
elseif ($files_to_extract !== null && !in_array($current['filename'], $files_to_extract))
continue;
package_put_contents($destination . '/' . $current['filename'], $current['data']);
}
if (substr($current['filename'], -1, 1) != '/')
$return[] = array(
'filename' => $current['filename'],
'md5' => md5($current['data']),
'preview' => substr($current['data'], 0, 100),
'size' => $current['size'],
'skipped' => false
);
}
if ($destination !== null && !$single_file)
package_flush_cache();
if ($single_file)
return false;
else
return $return;
}
/**
* Extract zip data.
*
* If single_file is true, destination can start with * and / to signify that the file may come from any directory.
* Destination should not begin with a / if single_file is true.
*
* @param string $data ZIP data
* @param string $destination Null to display a listing of files in the archive, the destination for the files in the archive or the name of a single file to display (if $single_file is true)
* @param boolean $single_file If true, returns the contents of the file specified by destination or false if the file can't be found (default value is false).
* @param boolean $overwrite If true, will overwrite files with newer modication times. Default is false.
* @param array $files_to_extract
* @return mixed If destination is null, return a short array of a few file details optionally delimited by $files_to_extract. If $single_file is true, return contents of a file as a string; false otherwise
*/
function read_zip_data($data, $destination, $single_file = false, $overwrite = false, $files_to_extract = null)
{
umask(0);
if ($destination !== null && !file_exists($destination) && !$single_file)
mktree($destination, 0777);
// Search for the end of directory signature 0x06054b50.
if (($data_ecr = strrpos($data, "\x50\x4b\x05\x06")) === false)
return false;
$return = array();
// End of central directory record (EOCD)
$cdir = unpack('vdisk/@4/vdisk_entries/ventries/@12/Voffset', substr($data, $data_ecr + 4, 16));
// We only support a single disk.
if ($cdir['disk_entries'] != $cdir['entries'])
return false;
// First central file directory
$pos_entry = $cdir['offset'];
for ($i = 0; $i < $cdir['entries']; $i++)
{
// Central directory file header
$header = unpack('Vcompressed_size/@8/vlen1/vlen2/vlen3/vdisk/@22/Voffset', substr($data, $pos_entry + 20, 26));
// Sanity check: same disk?
if ($header['disk'] != $cdir['disk'])
continue;
// Next central file directory
$pos_entry += 46 + $header['len1'] + $header['len2'] + $header['len3'];
// Local file header (so called because it is in the same file as the data in multi-part archives)
$file_info = unpack(
'vflag/vcompression/vmtime/vmdate/Vcrc/Vcompressed_size/Vsize/vfilename_len/vextra_len',
substr($data, $header['offset'] + 6, 24)
);
$file_info['filename'] = substr($data, $header['offset'] + 30, $file_info['filename_len']);
$is_file = substr($file_info['filename'], -1) != '/';
/*
* If the bit at offset 3 (0x08) of the general-purpose flags field
* is set, then the CRC-32 and file sizes are not known when the header
* is written. The fields in the local header are filled with zero, and
* the CRC-32 and size are appended in a 12-byte structure (optionally
* preceded by a 4-byte signature) immediately after the compressed data:
*/
if ($file_info['flag'] & 0x08)
{
$gplen = $header['offset'] + 30 + $file_info['filename_len'] + $file_info['extra_len'] + $header['compressed_size'];
// The spec allows for an optional header in the general purpose record
if (substr($data, $gplen, 4) === "\x50\x4b\x07\x08")
$gplen += 4;
if (($general_purpose = unpack('Vcrc/Vcompressed_size/Vsize', substr($data, $gplen, 12))) !== false)
$file_info = $general_purpose + $file_info;
}
$write_this = false;
if ($destination !== null)
{
// If this is a file, and it doesn't exist.... happy days!
if ($is_file)
$write_this = !file_exists($destination . '/' . $file_info['filename']) || $overwrite;
// This is a directory, so we're gonna want to create it. (probably...)
elseif (!$single_file)
{
$file_info['filename'] = strtr($file_info['filename'], array('../' => '', '/..' => ''));
if (!file_exists($destination . '/' . $file_info['filename']))
mktree($destination . '/' . $file_info['filename'], 0777);
}
}
// Get the actual compressed data.
$file_info['data'] = substr(
$data,
$header['offset'] + 30 + $file_info['filename_len'] + $file_info['extra_len'],
$file_info['compressed_size']
);
// Only for the deflate method (the most common)
if ($file_info['compression'] == 8)
$file_info['data'] = gzinflate($file_info['data']);
// We do not support any other compresion methods.
elseif ($file_info['compression'] != 0)
continue;
// PKZip/ITU-T V.42 CRC-32
if (hash('crc32b', $file_info['data']) !== sprintf('%08x', $file_info['crc']))
continue;
// Okay! We can write this file, looks good from here...
if ($write_this)
{
// If we're looking for a specific file, and this is it... ka-bam, baby.
if ($single_file && ($destination == $file_info['filename'] || $destination == '*/' . basename($file_info['filename'])))
return $file_info['data'];
// Oh, another file? Fine. You don't like this file, do you? I know how it is. Yeah... just go away. No, don't apologize. I know this file's just not *good enough* for you.
elseif ($single_file || ($files_to_extract !== null && !in_array($file_info['filename'], $files_to_extract)))
continue;
if (!$single_file && strpos($file_info['filename'], '/') !== false)
mktree($destination . '/' . dirname($file_info['filename']), 0777);
package_put_contents($destination . '/' . $file_info['filename'], $file_info['data']);
}
if ($is_file)
$return[] = array(
'filename' => $file_info['filename'],
'md5' => md5($file_info['data']),
'preview' => substr($file_info['data'], 0, 100),
'size' => $file_info['size'],
'skipped' => false
);
}
if ($destination !== null && !$single_file)
package_flush_cache();
return $single_file ? false : $return;
}
/**
* Checks the existence of a remote file since file_exists() does not do remote.
* will return false if the file is "moved permanently" or similar.
*
* @param string $url The URL to parse
* @return bool Whether the specified URL exists
*/
function url_exists($url)
{
$a_url = parse_iri($url);
if (!isset($a_url['scheme']))
return false;
// Attempt to connect...
$temp = '';
$fid = fsockopen($a_url['host'], !isset($a_url['port']) ? 80 : $a_url['port'], $temp, $temp, 8);
if (!$fid)
return false;
fputs($fid, 'HEAD ' . $a_url['path'] . ' HTTP/1.0' . "\r\n" . 'Host: ' . $a_url['host'] . "\r\n\r\n");
$head = fread($fid, 1024);
fclose($fid);
return preg_match('~^HTTP/.+\s+(20[01]|30[127])~i', $head) == 1;
}
/**
* Loads and returns an array of installed packages.
*
* default sort order is package_installed time
*
* @return array An array of info about installed packages
*/
function loadInstalledPackages()
{
global $smcFunc;
// Load the packages from the database - note this is ordered by install time to ensure latest package uninstalled first.
$request = $smcFunc['db_query']('', '
SELECT id_install, package_id, filename, name, version, time_installed
FROM {db_prefix}log_packages
WHERE install_state != {int:not_installed}
ORDER BY time_installed DESC',
array(
'not_installed' => 0,
)
);
$installed = array();
$found = array();
while ($row = $smcFunc['db_fetch_assoc']($request))
{
// Already found this? If so don't add it twice!
if (in_array($row['package_id'], $found))
continue;
$found[] = $row['package_id'];
$row = htmlspecialchars__recursive($row);
$installed[] = array(
'id' => $row['id_install'],
'name' => $smcFunc['htmlspecialchars']($row['name']),
'filename' => $row['filename'],
'package_id' => $row['package_id'],
'version' => $smcFunc['htmlspecialchars']($row['version']),
'time_installed' => !empty($row['time_installed']) ? $row['time_installed'] : 0,
);
}
$smcFunc['db_free_result']($request);
return $installed;
}
/**
* Loads a package's information and returns a representative array.
* - expects the file to be a package in Packages/.
* - returns a error string if the package-info is invalid.
* - otherwise returns a basic array of id, version, filename, and similar information.
* - an xmlArray is available in 'xml'.
*
* @param string $gzfilename The path to the file
* @return array|string An array of info about the file or a string indicating an error
*/
function getPackageInfo($gzfilename)
{
global $sourcedir, $packagesdir;
// Extract package-info.xml from downloaded file. (*/ is used because it could be in any directory.)
if (strpos($gzfilename, 'http://') !== false || strpos($gzfilename, 'https://') !== false)
$packageInfo = read_tgz_data($gzfilename, 'package-info.xml', true);
else
{
if (!file_exists($packagesdir . '/' . $gzfilename))
return 'package_get_error_not_found';
if (is_file($packagesdir . '/' . $gzfilename))
$packageInfo = read_tgz_file($packagesdir . '/' . $gzfilename, '*/package-info.xml', true);
elseif (file_exists($packagesdir . '/' . $gzfilename . '/package-info.xml'))
$packageInfo = file_get_contents($packagesdir . '/' . $gzfilename . '/package-info.xml');
else
return 'package_get_error_missing_xml';
}
// Nothing?
if (empty($packageInfo))
{
// Perhaps they are trying to install a theme, lets tell them nicely this is the wrong function
$packageInfo = read_tgz_file($packagesdir . '/' . $gzfilename, '*/theme_info.xml', true);
if (!empty($packageInfo))
return 'package_get_error_is_theme';
else
return 'package_get_error_is_zero';
}
// Parse package-info.xml into an xmlArray.
require_once($sourcedir . '/Class-Package.php');
$packageInfo = new xmlArray($packageInfo);
// @todo Error message of some sort?
if (!$packageInfo->exists('package-info[0]'))
return 'package_get_error_packageinfo_corrupt';
$packageInfo = $packageInfo->path('package-info[0]');
$package = $packageInfo->to_array();
$package = htmlspecialchars__recursive($package);
$package['xml'] = $packageInfo;
$package['filename'] = $gzfilename;
// Don't want to mess with code...
$types = array('install', 'uninstall', 'upgrade');
foreach ($types as $type)
{
if (isset($package[$type]['code']))
{
$package[$type]['code'] = un_htmlspecialchars($package[$type]['code']);
}
}
if (!isset($package['type']))
$package['type'] = 'modification';
return $package;
}
/**
* Create a chmod control for chmoding files.
*
* @param array $chmodFiles Which files to chmod
* @param array $chmodOptions Options for chmod
* @param bool $restore_write_status Whether to restore write status
* @return array An array of file info
*/
function create_chmod_control($chmodFiles = array(), $chmodOptions = array(), $restore_write_status = false)
{
global $context, $modSettings, $package_ftp, $boarddir, $txt, $sourcedir, $scripturl;
// If we're restoring the status of existing files prepare the data.
if ($restore_write_status && isset($_SESSION['pack_ftp']) && !empty($_SESSION['pack_ftp']['original_perms']))
{
/**
* Get a listing of files that will need to be set back to the original state
*
* @param null $dummy1
* @param null $dummy2
* @param null $dummy3
* @param bool $do_change
* @return array An array of info about the files that need to be restored back to their original state
*/
function list_restoreFiles($dummy1, $dummy2, $dummy3, $do_change)
{
global $txt;
$restore_files = array();
foreach ($_SESSION['pack_ftp']['original_perms'] as $file => $perms)
{
// Check the file still exists, and the permissions were indeed different than now.
$file_permissions = @fileperms($file);
if (!file_exists($file) || $file_permissions == $perms)
{
unset($_SESSION['pack_ftp']['original_perms'][$file]);
continue;
}
// Are we wanting to change the permission?
if ($do_change && isset($_POST['restore_files']) && in_array($file, $_POST['restore_files']))
{
// Use FTP if we have it.
// @todo where does $package_ftp get set?
if (!empty($package_ftp))
{
$ftp_file = strtr($file, array($_SESSION['pack_ftp']['root'] => ''));
$package_ftp->chmod($ftp_file, $perms);
}
else
smf_chmod($file, $perms);
$new_permissions = @fileperms($file);
$result = $new_permissions == $perms ? 'success' : 'failure';
unset($_SESSION['pack_ftp']['original_perms'][$file]);
}
elseif ($do_change)
{
$new_permissions = '';
$result = 'skipped';
unset($_SESSION['pack_ftp']['original_perms'][$file]);
}
// Record the results!
$restore_files[] = array(
'path' => $file,
'old_perms_raw' => $perms,
'old_perms' => substr(sprintf('%o', $perms), -4),
'cur_perms' => substr(sprintf('%o', $file_permissions), -4),
'new_perms' => isset($new_permissions) ? substr(sprintf('%o', $new_permissions), -4) : '',
'result' => isset($result) ? $result : '',
'writable_message' => '<span style="color: ' . (@is_writable($file) ? 'green' : 'red') . '">' . (@is_writable($file) ? $txt['package_file_perms_writable'] : $txt['package_file_perms_not_writable']) . '</span>',
);
}
return $restore_files;
}
$listOptions = array(
'id' => 'restore_file_permissions',
'title' => $txt['package_restore_permissions'],
'get_items' => array(
'function' => 'list_restoreFiles',
'params' => array(
!empty($_POST['restore_perms']),
),
),
'columns' => array(
'path' => array(
'header' => array(
'value' => $txt['package_restore_permissions_filename'],
),
'data' => array(
'db' => 'path',
'class' => 'smalltext',
),
),
'old_perms' => array(
'header' => array(
'value' => $txt['package_restore_permissions_orig_status'],
),
'data' => array(
'db' => 'old_perms',
'class' => 'smalltext',
),
),
'cur_perms' => array(
'header' => array(
'value' => $txt['package_restore_permissions_cur_status'],
),
'data' => array(
'function' => function($rowData) use ($txt)
{
$formatTxt = $rowData['result'] == '' || $rowData['result'] == 'skipped' ? $txt['package_restore_permissions_pre_change'] : $txt['package_restore_permissions_post_change'];
return sprintf($formatTxt, $rowData['cur_perms'], $rowData['new_perms'], $rowData['writable_message']);
},
'class' => 'smalltext',
),
),
'check' => array(
'header' => array(
'value' => '<input type="checkbox" onclick="invertAll(this, this.form);">',
'class' => 'centercol',
),
'data' => array(
'sprintf' => array(
'format' => '<input type="checkbox" name="restore_files[]" value="%1$s">',
'params' => array(
'path' => false,
),
),
'class' => 'centercol',
),
),
'result' => array(
'header' => array(
'value' => $txt['package_restore_permissions_result'],
),
'data' => array(
'function' => function($rowData) use ($txt)
{
return $txt['package_restore_permissions_action_' . $rowData['result']];
},
'class' => 'smalltext',
),
),
),
'form' => array(
'href' => !empty($chmodOptions['destination_url']) ? $chmodOptions['destination_url'] : $scripturl . '?action=admin;area=packages;sa=perms;restore;' . $context['session_var'] . '=' . $context['session_id'],
),
'additional_rows' => array(
array(
'position' => 'below_table_data',
'value' => '<input type="submit" name="restore_perms" value="' . $txt['package_restore_permissions_restore'] . '" class="button">',
'class' => 'titlebg',
),
array(
'position' => 'after_title',
'value' => '<span class="smalltext">' . $txt['package_restore_permissions_desc'] . '</span>',
'class' => 'windowbg',
),
),
);
// Work out what columns and the like to show.
if (!empty($_POST['restore_perms']))
{
$listOptions['additional_rows'][1]['value'] = sprintf($txt['package_restore_permissions_action_done'], $scripturl . '?action=admin;area=packages;sa=perms;' . $context['session_var'] . '=' . $context['session_id']);
unset($listOptions['columns']['check'], $listOptions['form'], $listOptions['additional_rows'][0]);
$context['sub_template'] = 'show_list';
$context['default_list'] = 'restore_file_permissions';
}
else
{
unset($listOptions['columns']['result']);
}
// Create the list for display.
require_once($sourcedir . '/Subs-List.php');
createList($listOptions);
// If we just restored permissions then whereever we are, we are now done and dusted.
if (!empty($_POST['restore_perms']))
obExit();
}
// Otherwise, it's entirely irrelevant?
elseif ($restore_write_status)
return true;
// This is where we report what we got up to.
$return_data = array(
'files' => array(
'writable' => array(),
'notwritable' => array(),
),
);
// If we have some FTP information already, then let's assume it was required and try to get ourselves connected.
if (!empty($_SESSION['pack_ftp']['connected']))
{
// Load the file containing the ftp_connection class.
require_once($sourcedir . '/Class-Package.php');
$package_ftp = new ftp_connection($_SESSION['pack_ftp']['server'], $_SESSION['pack_ftp']['port'], $_SESSION['pack_ftp']['username'], package_crypt($_SESSION['pack_ftp']['password']));
}
// Just got a submission did we?
if (empty($package_ftp) && isset($_POST['ftp_username']))
{
require_once($sourcedir . '/Class-Package.php');
$ftp = new ftp_connection($_POST['ftp_server'], $_POST['ftp_port'], $_POST['ftp_username'], $_POST['ftp_password']);
// We're connected, jolly good!
if ($ftp->error === false)
{
// Common mistake, so let's try to remedy it...
if (!$ftp->chdir($_POST['ftp_path']))
{
$ftp_error = $ftp->last_message;
$ftp->chdir(preg_replace('~^/home[2]?/[^/]+?~', '', $_POST['ftp_path']));
}
if (!in_array($_POST['ftp_path'], array('', '/')))
{
$ftp_root = strtr($boarddir, array($_POST['ftp_path'] => ''));
if (substr($ftp_root, -1) == '/' && ($_POST['ftp_path'] == '' || substr($_POST['ftp_path'], 0, 1) == '/'))
$ftp_root = substr($ftp_root, 0, -1);
}
else
$ftp_root = $boarddir;
$_SESSION['pack_ftp'] = array(
'server' => $_POST['ftp_server'],
'port' => $_POST['ftp_port'],
'username' => $_POST['ftp_username'],
'password' => package_crypt($_POST['ftp_password']),
'path' => $_POST['ftp_path'],
'root' => $ftp_root,
'connected' => true,
);
if (!isset($modSettings['package_path']) || $modSettings['package_path'] != $_POST['ftp_path'])
updateSettings(array('package_path' => $_POST['ftp_path']));
// This is now the primary connection.
$package_ftp = $ftp;
}
}
// Now try to simply make the files writable, with whatever we might have.
if (!empty($chmodFiles))
{
foreach ($chmodFiles as $k => $file)
{
// Sometimes this can somehow happen maybe?
if (empty($file))
unset($chmodFiles[$k]);
// Already writable?
elseif (@is_writable($file))
$return_data['files']['writable'][] = $file;
else
{
// Now try to change that.
$return_data['files'][package_chmod($file, 'writable', true) ? 'writable' : 'notwritable'][] = $file;
}
}
}
// Have we still got nasty files which ain't writable? Dear me we need more FTP good sir.
if (empty($package_ftp) && (!empty($return_data['files']['notwritable']) || !empty($chmodOptions['force_find_error'])))
{
if (!isset($ftp) || $ftp->error !== false)
{
if (!isset($ftp))
{
require_once($sourcedir . '/Class-Package.php');
$ftp = new ftp_connection(null);
}
elseif ($ftp->error !== false && !isset($ftp_error))
$ftp_error = $ftp->last_message === null ? '' : $ftp->last_message;
list ($username, $detect_path, $found_path) = $ftp->detect_path($boarddir);
if ($found_path)
$_POST['ftp_path'] = $detect_path;
elseif (!isset($_POST['ftp_path']))
$_POST['ftp_path'] = isset($modSettings['package_path']) ? $modSettings['package_path'] : $detect_path;
if (!isset($_POST['ftp_username']))
$_POST['ftp_username'] = $username;
}
$context['package_ftp'] = array(
'server' => isset($_POST['ftp_server']) ? $_POST['ftp_server'] : (isset($modSettings['package_server']) ? $modSettings['package_server'] : 'localhost'),
'port' => isset($_POST['ftp_port']) ? $_POST['ftp_port'] : (isset($modSettings['package_port']) ? $modSettings['package_port'] : '21'),
'username' => isset($_POST['ftp_username']) ? $_POST['ftp_username'] : (isset($modSettings['package_username']) ? $modSettings['package_username'] : ''),
'path' => $_POST['ftp_path'],
'error' => empty($ftp_error) ? null : $ftp_error,
'destination' => !empty($chmodOptions['destination_url']) ? $chmodOptions['destination_url'] : '',
);
// Which files failed?
if (!isset($context['notwritable_files']))
$context['notwritable_files'] = array();
$context['notwritable_files'] = array_merge($context['notwritable_files'], $return_data['files']['notwritable']);
// Sent here to die?
if (!empty($chmodOptions['crash_on_error']))
{
$context['page_title'] = $txt['package_ftp_necessary'];
$context['sub_template'] = 'ftp_required';
obExit();
}
}
return $return_data;
}
/**
* Use FTP functions to work with a package download/install
*
* @param string $destination_url The destination URL
* @param null|array $files The files to CHMOD
* @param bool $return Whether to return an array of file info if there's an error
* @return array An array of file info
*/
function packageRequireFTP($destination_url, $files = null, $return = false)
{
global $context, $modSettings, $package_ftp, $boarddir, $txt, $sourcedir;
// Try to make them writable the manual way.
if ($files !== null)
{
foreach ($files as $k => $file)
{
// If this file doesn't exist, then we actually want to look at the directory, no?
if (!file_exists($file))
$file = dirname($file);
// This looks odd, but it's an attempt to work around PHP suExec.
if (!@is_writable($file))
smf_chmod($file, 0755);
if (!@is_writable($file))
smf_chmod($file, 0777);
if (!@is_writable(dirname($file)))
smf_chmod($file, 0755);
if (!@is_writable(dirname($file)))
smf_chmod($file, 0777);
$fp = is_dir($file) ? @opendir($file) : @fopen($file, 'rb');
if (@is_writable($file) && $fp)
{
unset($files[$k]);
if (!is_dir($file))
fclose($fp);
else
closedir($fp);
}
}
// No FTP required!
if (empty($files))
return array();
}
// They've opted to not use FTP, and try anyway.
if (isset($_SESSION['pack_ftp']) && $_SESSION['pack_ftp'] == false)
{
if ($files === null)
return array();
foreach ($files as $k => $file)
{
// This looks odd, but it's an attempt to work around PHP suExec.
if (!file_exists($file))
{
mktree(dirname($file), 0755);
@touch($file);
smf_chmod($file, 0755);
}
if (!@is_writable($file))
smf_chmod($file, 0777);
if (!@is_writable(dirname($file)))
smf_chmod(dirname($file), 0777);
if (@is_writable($file))
unset($files[$k]);
}
return $files;
}
elseif (isset($_SESSION['pack_ftp']))
{
// Load the file containing the ftp_connection class.
require_once($sourcedir . '/Class-Package.php');
$package_ftp = new ftp_connection($_SESSION['pack_ftp']['server'], $_SESSION['pack_ftp']['port'], $_SESSION['pack_ftp']['username'], package_crypt($_SESSION['pack_ftp']['password']));
if ($files === null)
return array();
foreach ($files as $k => $file)
{
$ftp_file = strtr($file, array($_SESSION['pack_ftp']['root'] => ''));
// This looks odd, but it's an attempt to work around PHP suExec.
if (!file_exists($file))
{
mktree(dirname($file), 0755);
$package_ftp->create_file($ftp_file);
$package_ftp->chmod($ftp_file, 0755);
}
if (!@is_writable($file))
$package_ftp->chmod($ftp_file, 0777);
if (!@is_writable(dirname($file)))
$package_ftp->chmod(dirname($ftp_file), 0777);
if (@is_writable($file))
unset($files[$k]);
}
return $files;
}
if (isset($_POST['ftp_none']))
{
$_SESSION['pack_ftp'] = false;
$files = packageRequireFTP($destination_url, $files, $return);
return $files;
}
elseif (isset($_POST['ftp_username']))
{
require_once($sourcedir . '/Class-Package.php');
$ftp = new ftp_connection($_POST['ftp_server'], $_POST['ftp_port'], $_POST['ftp_username'], $_POST['ftp_password']);
if ($ftp->error === false)
{
// Common mistake, so let's try to remedy it...
if (!$ftp->chdir($_POST['ftp_path']))
{
$ftp_error = $ftp->last_message;
$ftp->chdir(preg_replace('~^/home[2]?/[^/]+?~', '', $_POST['ftp_path']));
}
}
}
if (!isset($ftp) || $ftp->error !== false)
{
if (!isset($ftp))
{
require_once($sourcedir . '/Class-Package.php');
$ftp = new ftp_connection(null);
}
elseif ($ftp->error !== false && !isset($ftp_error))
$ftp_error = $ftp->last_message === null ? '' : $ftp->last_message;
list ($username, $detect_path, $found_path) = $ftp->detect_path($boarddir);
if ($found_path)
$_POST['ftp_path'] = $detect_path;
elseif (!isset($_POST['ftp_path']))
$_POST['ftp_path'] = isset($modSettings['package_path']) ? $modSettings['package_path'] : $detect_path;
if (!isset($_POST['ftp_username']))
$_POST['ftp_username'] = $username;
$context['package_ftp'] = array(
'server' => isset($_POST['ftp_server']) ? $_POST['ftp_server'] : (isset($modSettings['package_server']) ? $modSettings['package_server'] : 'localhost'),
'port' => isset($_POST['ftp_port']) ? $_POST['ftp_port'] : (isset($modSettings['package_port']) ? $modSettings['package_port'] : '21'),
'username' => isset($_POST['ftp_username']) ? $_POST['ftp_username'] : (isset($modSettings['package_username']) ? $modSettings['package_username'] : ''),
'path' => $_POST['ftp_path'],
'error' => empty($ftp_error) ? null : $ftp_error,
'destination' => $destination_url,
);
// If we're returning dump out here.
if ($return)
return $files;
$context['page_title'] = $txt['package_ftp_necessary'];
$context['sub_template'] = 'ftp_required';
obExit();
}
else
{
if (!in_array($_POST['ftp_path'], array('', '/')))
{
$ftp_root = strtr($boarddir, array($_POST['ftp_path'] => ''));
if (substr($ftp_root, -1) == '/' && ($_POST['ftp_path'] == '' || $_POST['ftp_path'][0] == '/'))
$ftp_root = substr($ftp_root, 0, -1);
}
else
$ftp_root = $boarddir;
$_SESSION['pack_ftp'] = array(
'server' => $_POST['ftp_server'],
'port' => $_POST['ftp_port'],
'username' => $_POST['ftp_username'],
'password' => package_crypt($_POST['ftp_password']),
'path' => $_POST['ftp_path'],
'root' => $ftp_root,
);
if (!isset($modSettings['package_path']) || $modSettings['package_path'] != $_POST['ftp_path'])
updateSettings(array('package_path' => $_POST['ftp_path']));
$files = packageRequireFTP($destination_url, $files, $return);
}
return $files;
}
/**
* Parses the actions in package-info.xml file from packages.
*
* - package should be an xmlArray with package-info as its base.
* - testing_only should be true if the package should not actually be applied.
* - method can be upgrade, install, or uninstall. Its default is install.
* - previous_version should be set to the previous installed version of this package, if any.
* - does not handle failure terribly well; testing first is always better.
*
* @param xmlArray &$packageXML The info from the package-info file
* @param bool $testing_only Whether we're only testing
* @param string $method The method ('install', 'upgrade', or 'uninstall')
* @param string $previous_version The previous version of the mod, if method is 'upgrade'
* @return array An array of those changes made.
*/
function parsePackageInfo(&$packageXML, $testing_only = true, $method = 'install', $previous_version = '')
{
global $packagesdir, $context, $temp_path, $language, $smcFunc;
// Mayday! That action doesn't exist!!
if (empty($packageXML) || !$packageXML->exists($method))
return array();
// We haven't found the package script yet...
$script = false;
$the_version = SMF_VERSION;
// Emulation support...
if (!empty($_SESSION['version_emulate']))
$the_version = $_SESSION['version_emulate'];
// Single package emulation
if (!empty($_REQUEST['ve']) && !empty($_REQUEST['package']))
{
$the_version = $_REQUEST['ve'];
$_SESSION['single_version_emulate'][$_REQUEST['package']] = $the_version;
}
if (!empty($_REQUEST['package']) && (!empty($_SESSION['single_version_emulate'][$_REQUEST['package']])))
$the_version = $_SESSION['single_version_emulate'][$_REQUEST['package']];
// Get all the versions of this method and find the right one.
$these_methods = $packageXML->set($method);
foreach ($these_methods as $this_method)
{
// They specified certain versions this part is for.
if ($this_method->exists('@for'))
{
// Don't keep going if this won't work for this version of SMF.
if (!matchPackageVersion($the_version, $this_method->fetch('@for')))
continue;
}
// Upgrades may go from a certain old version of the mod.
if ($method == 'upgrade' && $this_method->exists('@from'))
{
// Well, this is for the wrong old version...
if (!matchPackageVersion($previous_version, $this_method->fetch('@from')))
continue;
}
// We've found it!
$script = $this_method;
break;
}
// Bad news, a matching script wasn't found!
if (!($script instanceof xmlArray))
return array();
// Find all the actions in this method - in theory, these should only be allowed actions. (* means all.)
$actions = $script->set('*');
$return = array();
$temp_auto = 0;
$temp_path = $packagesdir . '/temp/' . (isset($context['base_path']) ? $context['base_path'] : '');
$context['readmes'] = array();
$context['licences'] = array();
// This is the testing phase... nothing shall be done yet.
foreach ($actions as $action)
{
$actionType = $action->name();
if (in_array($actionType, array('readme', 'code', 'database', 'modification', 'redirect', 'license')))
{
// Allow for translated readme and license files.
if ($actionType == 'readme' || $actionType == 'license')
{
$type = $actionType . 's';
if ($action->exists('@lang'))
{
// Auto-select the language based on either request variable or current language.
if ((isset($_REQUEST['readme']) && $action->fetch('@lang') == $_REQUEST['readme']) || (isset($_REQUEST['license']) && $action->fetch('@lang') == $_REQUEST['license']) || (!isset($_REQUEST['readme']) && $action->fetch('@lang') == $language) || (!isset($_REQUEST['license']) && $action->fetch('@lang') == $language))
{
// In case the user put the blocks in the wrong order.
if (isset($context[$type]['selected']) && $context[$type]['selected'] == 'default')
$context[$type][] = 'default';
$context[$type]['selected'] = $smcFunc['htmlspecialchars']($action->fetch('@lang'));
}
else
{
// We don't want this now, but we'll allow the user to select to read it.
$context[$type][] = $smcFunc['htmlspecialchars']($action->fetch('@lang'));
continue;
}
}
// Fallback when we have no lang parameter.
else
{
// Already selected one for use?
if (isset($context[$type]['selected']))
{
$context[$type][] = 'default';
continue;
}
else
$context[$type]['selected'] = 'default';
}
}
// @todo Make sure the file actually exists? Might not work when testing?
if ($action->exists('@type') && $action->fetch('@type') == 'inline')
{
$filename = $temp_path . '$auto_' . $temp_auto++ . (in_array($actionType, array('readme', 'redirect', 'license')) ? '.txt' : ($actionType == 'code' || $actionType == 'database' ? '.php' : '.mod'));
package_put_contents($filename, $action->fetch('.'));
$filename = strtr($filename, array($temp_path => ''));
}
else
$filename = $action->fetch('.');
$return[] = array(
'type' => $actionType,
'filename' => $filename,
'description' => '',
'reverse' => $action->exists('@reverse') && $action->fetch('@reverse') == 'true',
'boardmod' => $action->exists('@format') && $action->fetch('@format') == 'boardmod',
'redirect_url' => $action->exists('@url') ? $action->fetch('@url') : '',
'redirect_timeout' => $action->exists('@timeout') ? (int) $action->fetch('@timeout') : '',
'parse_bbc' => $action->exists('@parsebbc') && $action->fetch('@parsebbc') == 'true',
'language' => (($actionType == 'readme' || $actionType == 'license') && $action->exists('@lang') && $action->fetch('@lang') == $language) ? $language : '',
);
continue;
}
elseif ($actionType == 'hook')
{
$return[] = array(
'type' => $actionType,
'function' => $action->exists('@function') ? $action->fetch('@function') : '',
'hook' => $action->exists('@hook') ? $action->fetch('@hook') : $action->fetch('.'),
'include_file' => $action->exists('@file') ? $action->fetch('@file') : '',
'reverse' => $action->exists('@reverse') && $action->fetch('@reverse') == 'true' ? true : false,
'object' => $action->exists('@object') && $action->fetch('@object') == 'true' ? true : false,
'description' => '',
);
continue;
}
elseif ($actionType == 'credits')
{
// quick check of any supplied url
$url = $action->exists('@url') ? $action->fetch('@url') : '';
if (strlen(trim($url)) > 0 && substr($url, 0, 7) !== 'http://' && substr($url, 0, 8) !== 'https://')
{
$url = 'http://' . $url;
if (strlen($url) < 8 || (substr($url, 0, 7) !== 'http://' && substr($url, 0, 8) !== 'https://'))
$url = '';
}
$return[] = array(
'type' => $actionType,
'url' => $url,
'license' => $action->exists('@license') ? $action->fetch('@license') : '',
'licenseurl' => $action->exists('@licenseurl') ? $action->fetch('@licenseurl') : '',
'copyright' => $action->exists('@copyright') ? $action->fetch('@copyright') : '',
'title' => $action->fetch('.'),
);
continue;
}
elseif ($actionType == 'requires')
{
$return[] = array(
'type' => $actionType,
'id' => $action->exists('@id') ? $action->fetch('@id') : '',
'version' => $action->exists('@version') ? $action->fetch('@version') : $action->fetch('.'),
'description' => '',
);
continue;
}
elseif ($actionType == 'error')
{
$return[] = array(
'type' => 'error',
);
}
elseif (in_array($actionType, array('require-file', 'remove-file', 'require-dir', 'remove-dir', 'move-file', 'move-dir', 'create-file', 'create-dir')))
{
$this_action = &$return[];
$this_action = array(
'type' => $actionType,
'filename' => $action->fetch('@name'),
'description' => $action->fetch('.')
);
// If there is a destination, make sure it makes sense.
if (substr($actionType, 0, 6) != 'remove')
{
$this_action['unparsed_destination'] = $action->fetch('@destination');
$this_action['destination'] = parse_path($action->fetch('@destination')) . '/' . basename($this_action['filename']);
}
else
{
$this_action['unparsed_filename'] = $this_action['filename'];
$this_action['filename'] = parse_path($this_action['filename']);
}
// If we're moving or requiring (copying) a file.
if (substr($actionType, 0, 4) == 'move' || substr($actionType, 0, 7) == 'require')
{
if ($action->exists('@from'))
$this_action['source'] = parse_path($action->fetch('@from'));
else
$this_action['source'] = $temp_path . $this_action['filename'];
}
// Check if these things can be done. (chmod's etc.)
if ($actionType == 'create-dir')
{
if (!mktree($this_action['destination'], false))
{
$temp = $this_action['destination'];
while (!file_exists($temp) && strlen($temp) > 1)
$temp = dirname($temp);
$return[] = array(
'type' => 'chmod',
'filename' => $temp
);
}
}
elseif ($actionType == 'create-file')
{
if (!mktree(dirname($this_action['destination']), false))
{
$temp = dirname($this_action['destination']);
while (!file_exists($temp) && strlen($temp) > 1)
$temp = dirname($temp);
$return[] = array(
'type' => 'chmod',
'filename' => $temp
);
}
if (!is_writable($this_action['destination']) && (file_exists($this_action['destination']) || !is_writable(dirname($this_action['destination']))))
$return[] = array(
'type' => 'chmod',
'filename' => $this_action['destination']
);
}
elseif ($actionType == 'require-dir')
{
if (!mktree($this_action['destination'], false))
{
$temp = $this_action['destination'];
while (!file_exists($temp) && strlen($temp) > 1)
$temp = dirname($temp);
$return[] = array(
'type' => 'chmod',
'filename' => $temp
);
}
}
elseif ($actionType == 'require-file')
{
if ($action->exists('@theme'))
$this_action['theme_action'] = $action->fetch('@theme');
if (!mktree(dirname($this_action['destination']), false))
{
$temp = dirname($this_action['destination']);
while (!file_exists($temp) && strlen($temp) > 1)
$temp = dirname($temp);
$return[] = array(
'type' => 'chmod',
'filename' => $temp
);
}
if (!is_writable($this_action['destination']) && (file_exists($this_action['destination']) || !is_writable(dirname($this_action['destination']))))
$return[] = array(
'type' => 'chmod',
'filename' => $this_action['destination']
);
}
elseif ($actionType == 'move-dir' || $actionType == 'move-file')
{
if (!mktree(dirname($this_action['destination']), false))
{
$temp = dirname($this_action['destination']);
while (!file_exists($temp) && strlen($temp) > 1)
$temp = dirname($temp);
$return[] = array(
'type' => 'chmod',
'filename' => $temp
);
}
if (!is_writable($this_action['destination']) && (file_exists($this_action['destination']) || !is_writable(dirname($this_action['destination']))))
$return[] = array(
'type' => 'chmod',
'filename' => $this_action['destination']
);
}
elseif ($actionType == 'remove-dir')
{
if (!is_writable($this_action['filename']) && file_exists($this_action['filename']))
$return[] = array(
'type' => 'chmod',
'filename' => $this_action['filename']
);
}
elseif ($actionType == 'remove-file')
{
if (!is_writable($this_action['filename']) && file_exists($this_action['filename']))
$return[] = array(
'type' => 'chmod',
'filename' => $this_action['filename']
);
}
}
else
{
$return[] = array(
'type' => 'error',
'error_msg' => 'unknown_action',
'error_var' => $actionType
);
}
}
// Only testing - just return a list of things to be done.
if ($testing_only)
return $return;
umask(0);
$failure = false;
$not_done = array(array('type' => '!'));
foreach ($return as $action)
{
if (in_array($action['type'], array('modification', 'code', 'database', 'redirect', 'hook', 'credits')))
$not_done[] = $action;
if ($action['type'] == 'create-dir')
{
if (!mktree($action['destination'], 0755) || !is_writable($action['destination']))
$failure |= !mktree($action['destination'], 0777);
}
elseif ($action['type'] == 'create-file')
{
if (!mktree(dirname($action['destination']), 0755) || !is_writable(dirname($action['destination'])))
$failure |= !mktree(dirname($action['destination']), 0777);
// Create an empty file.
package_put_contents($action['destination'], package_get_contents($action['source']), $testing_only);
if (!file_exists($action['destination']))
$failure = true;
}
elseif ($action['type'] == 'require-dir')
{
copytree($action['source'], $action['destination']);
// Any other theme folders?
if (!empty($context['theme_copies']) && !empty($context['theme_copies'][$action['type']][$action['destination']]))
foreach ($context['theme_copies'][$action['type']][$action['destination']] as $theme_destination)
copytree($action['source'], $theme_destination);
}
elseif ($action['type'] == 'require-file')
{
if (!mktree(dirname($action['destination']), 0755) || !is_writable(dirname($action['destination'])))
$failure |= !mktree(dirname($action['destination']), 0777);
package_put_contents($action['destination'], package_get_contents($action['source']), $testing_only);
$failure |= !copy($action['source'], $action['destination']);
// Any other theme files?
if (!empty($context['theme_copies']) && !empty($context['theme_copies'][$action['type']][$action['destination']]))
foreach ($context['theme_copies'][$action['type']][$action['destination']] as $theme_destination)
{
if (!mktree(dirname($theme_destination), 0755) || !is_writable(dirname($theme_destination)))
$failure |= !mktree(dirname($theme_destination), 0777);
package_put_contents($theme_destination, package_get_contents($action['source']), $testing_only);
$failure |= !copy($action['source'], $theme_destination);
}
}
elseif ($action['type'] == 'move-file')
{
if (!mktree(dirname($action['destination']), 0755) || !is_writable(dirname($action['destination'])))
$failure |= !mktree(dirname($action['destination']), 0777);
$failure |= !rename($action['source'], $action['destination']);
}
elseif ($action['type'] == 'move-dir')
{
if (!mktree($action['destination'], 0755) || !is_writable($action['destination']))
$failure |= !mktree($action['destination'], 0777);
$failure |= !rename($action['source'], $action['destination']);
}
elseif ($action['type'] == 'remove-dir')
{
deltree($action['filename']);
// Any other theme folders?
if (!empty($context['theme_copies']) && !empty($context['theme_copies'][$action['type']][$action['filename']]))
foreach ($context['theme_copies'][$action['type']][$action['filename']] as $theme_destination)
deltree($theme_destination);
}
elseif ($action['type'] == 'remove-file')
{
// Make sure the file exists before deleting it.
if (file_exists($action['filename']))
{
package_chmod($action['filename']);
$failure |= !unlink($action['filename']);
}
// The file that was supposed to be deleted couldn't be found.
else
$failure = true;
// Any other theme folders?
if (!empty($context['theme_copies']) && !empty($context['theme_copies'][$action['type']][$action['filename']]))
foreach ($context['theme_copies'][$action['type']][$action['filename']] as $theme_destination)
if (file_exists($theme_destination))
$failure |= !unlink($theme_destination);
else
$failure = true;
}
}
return $not_done;
}
/**
* Checks if version matches any of the versions in `$versions`.
*
* - supports comma separated version numbers, with or without whitespace.
* - supports lower and upper bounds. (1.0-1.2)
* - returns true if the version matched.
*
* @param string $versions The versions that this package will install on
* @param boolean $reset Whether to reset $near_version
* @param string $the_version The forum version
* @return string|bool Highest install value string or false
*/
function matchHighestPackageVersion($versions, $reset, $the_version)
{
static $near_version = 0;
if ($reset)
$near_version = 0;
// Normalize the $versions while we remove our previous Doh!
$versions = explode(',', str_replace(array(' ', '2.0rc1-1'), array('', '2.0rc1.1'), strtolower($versions)));
// Loop through each version, save the highest we can find
foreach ($versions as $for)
{
// Adjust for those wild cards
if (strpos($for, '*') !== false)
$for = str_replace('*', '0dev0', $for) . '-' . str_replace('*', '999', $for);
// If we have a range, grab the lower value, done this way so it looks normal-er to the user e.g. 2.0 vs 2.0.99
if (strpos($for, '-') !== false)
list ($for, $higher) = explode('-', $for);
// Do the compare, if the for is greater, than what we have but not greater than what we are running .....
if (compareVersions($near_version, $for) === -1 && compareVersions($for, $the_version) !== 1)
$near_version = $for;
}
return !empty($near_version) ? $near_version : false;
}
/**
* Checks if the forum version matches any of the available versions from the package install xml.
* - supports comma separated version numbers, with or without whitespace.
* - supports lower and upper bounds. (1.0-1.2)
* - returns true if the version matched.
*
* @param string $version The forum version
* @param string $versions The versions that this package will install on
* @return bool Whether the version matched
*/
function matchPackageVersion($version, $versions)
{
// Make sure everything is lowercase and clean of spaces and unpleasant history.
$version = str_replace(array(' ', '2.0rc1-1'), array('', '2.0rc1.1'), strtolower($version));
$versions = explode(',', str_replace(array(' ', '2.0rc1-1'), array('', '2.0rc1.1'), strtolower($versions)));
// Perhaps we do accept anything?
if (in_array('all', $versions))
return true;
// Loop through each version.
foreach ($versions as $for)
{
// Wild card spotted?
if (strpos($for, '*') !== false)
$for = str_replace('*', '0dev0', $for) . '-' . str_replace('*', '999', $for);
// Do we have a range?
if (strpos($for, '-') !== false)
{
list ($lower, $upper) = explode('-', $for);
// Compare the version against lower and upper bounds.
if (compareVersions($version, $lower) > -1 && compareVersions($version, $upper) < 1)
return true;
}
// Otherwise check if they are equal...
elseif (compareVersions($version, $for) === 0)
return true;
}
return false;
}
/**
* Compares two versions and determines if one is newer, older or the same, returns
* - (-1) if version1 is lower than version2
* - (0) if version1 is equal to version2
* - (1) if version1 is higher than version2
*
* @param string $version1 The first version
* @param string $version2 The second version
* @return int -1 if version2 is greater than version1, 0 if they're equal, 1 if version1 is greater than version2
*/
function compareVersions($version1, $version2)
{
static $categories;
$versions = array();
foreach (array(1 => $version1, $version2) as $id => $version)
{
// Clean the version and extract the version parts.
$clean = str_replace(array(' ', '2.0rc1-1'), array('', '2.0rc1.1'), strtolower($version));
preg_match('~(\d+)(?:\.(\d+|))?(?:\.)?(\d+|)(?:(alpha|beta|rc)(\d+|)(?:\.)?(\d+|))?(?:(dev))?(\d+|)~', $clean, $parts);
// Build an array of parts.
$versions[$id] = array(
'major' => !empty($parts[1]) ? (int) $parts[1] : 0,
'minor' => !empty($parts[2]) ? (int) $parts[2] : 0,
'patch' => !empty($parts[3]) ? (int) $parts[3] : 0,
'type' => empty($parts[4]) ? 'stable' : $parts[4],
'type_major' => !empty($parts[5]) ? (int) $parts[5] : 0,
'type_minor' => !empty($parts[6]) ? (int) $parts[6] : 0,
'dev' => !empty($parts[7]),
);
}
// Are they the same, perhaps?
if ($versions[1] === $versions[2])
return 0;
// Get version numbering categories...
if (!isset($categories))
$categories = array_keys($versions[1]);
// Loop through each category.
foreach ($categories as $category)
{
// Is there something for us to calculate?
if ($versions[1][$category] !== $versions[2][$category])
{
// Dev builds are a problematic exception.
// (stable) dev < (stable) but (unstable) dev = (unstable)
if ($category == 'type')
return $versions[1][$category] > $versions[2][$category] ? ($versions[1]['dev'] ? -1 : 1) : ($versions[2]['dev'] ? 1 : -1);
elseif ($category == 'dev')
return $versions[1]['dev'] ? ($versions[2]['type'] == 'stable' ? -1 : 0) : ($versions[1]['type'] == 'stable' ? 1 : 0);
// Otherwise a simple comparison.
else
return $versions[1][$category] > $versions[2][$category] ? 1 : -1;
}
}
// They are the same!
return 0;
}
/**
* Parses special identifiers out of the specified path.
*
* @param string $path The path
* @return string The parsed path
*/
function parse_path($path)
{
global $modSettings, $boarddir, $sourcedir, $settings, $temp_path, $txt;
$dirs = array(
'\\' => '/',
'$boarddir' => $boarddir,
'$sourcedir' => $sourcedir,
'$avatardir' => $modSettings['avatar_directory'],
'$avatars_dir' => $modSettings['avatar_directory'],
'$themedir' => $settings['default_theme_dir'],
'$imagesdir' => $settings['default_theme_dir'] . '/' . basename($settings['default_images_url']),
'$themes_dir' => $boarddir . '/Themes',
'$languagedir' => $settings['default_theme_dir'] . '/languages',
'$languages_dir' => $settings['default_theme_dir'] . '/languages',
'$smileysdir' => $modSettings['smileys_dir'],
'$smileys_dir' => $modSettings['smileys_dir'],
);
// do we parse in a package directory?
if (!empty($temp_path))
$dirs['$package'] = $temp_path;
if (strlen($path) == 0)
{
loadLanguage('Errors');
trigger_error($txt['parse_path_filename_required'], E_USER_ERROR);
}
return strtr($path, $dirs);
}
/**
* Deletes a directory, and all the files and direcories inside it.
* requires access to delete these files.
*
* @param string $dir A directory
* @param bool $delete_dir If false, only deletes everything inside the directory but not the directory itself
*/
function deltree($dir, $delete_dir = true)
{
/** @var ftp_connection $package_ftp */
global $package_ftp;
if (!file_exists($dir))
return;
$current_dir = @opendir($dir);
if ($current_dir == false)
{
if ($delete_dir && isset($package_ftp))
{
$ftp_file = strtr($dir, array($_SESSION['pack_ftp']['root'] => ''));
if (!is_dir($dir))
$package_ftp->chmod($ftp_file, 0777);
$package_ftp->unlink($ftp_file);
}
return;
}
while ($entryname = readdir($current_dir))
{
if (in_array($entryname, array('.', '..')))
continue;
if (is_dir($dir . '/' . $entryname))
deltree($dir . '/' . $entryname);
else
{
// Here, 755 doesn't really matter since we're deleting it anyway.
if (isset($package_ftp))
{
$ftp_file = strtr($dir . '/' . $entryname, array($_SESSION['pack_ftp']['root'] => ''));
if (!is_writable($dir . '/' . $entryname))
$package_ftp->chmod($ftp_file, 0777);
$package_ftp->unlink($ftp_file);
}
else
{
if (!is_writable($dir . '/' . $entryname))
smf_chmod($dir . '/' . $entryname, 0777);
unlink($dir . '/' . $entryname);
}
}
}
closedir($current_dir);
if ($delete_dir)
{
if (isset($package_ftp))
{
$ftp_file = strtr($dir, array($_SESSION['pack_ftp']['root'] => ''));
if (!is_writable($dir . '/' . $entryname))
$package_ftp->chmod($ftp_file, 0777);
$package_ftp->unlink($ftp_file);
}
else
{
if (!is_writable($dir))
smf_chmod($dir, 0777);
@rmdir($dir);
}
}
}
/**
* Creates the specified tree structure with the mode specified.
* creates every directory in path until it finds one that already exists.
*
* @param string $strPath The path
* @param int $mode The permission mode for CHMOD (0666, etc.)
* @return bool True if successful, false otherwise
*/
function mktree($strPath, $mode)
{
/** @var ftp_connection $package_ftp */
global $package_ftp;
if (is_dir($strPath))
{
if (!is_writable($strPath) && $mode !== false)
{
if (isset($package_ftp))
$package_ftp->chmod(strtr($strPath, array($_SESSION['pack_ftp']['root'] => '')), $mode);
else
smf_chmod($strPath, $mode);
}
$test = @opendir($strPath);
if ($test)
{
closedir($test);
return is_writable($strPath);
}
else
return false;
}
// Is this an invalid path and/or we can't make the directory?
if ($strPath == dirname($strPath) || !mktree(dirname($strPath), $mode))
return false;
if (!is_writable(dirname($strPath)) && $mode !== false)
{
if (isset($package_ftp))
$package_ftp->chmod(dirname(strtr($strPath, array($_SESSION['pack_ftp']['root'] => ''))), $mode);
else
smf_chmod(dirname($strPath), $mode);
}
if ($mode !== false && isset($package_ftp))
return $package_ftp->create_dir(strtr($strPath, array($_SESSION['pack_ftp']['root'] => '')));
elseif ($mode === false)
{
$test = @opendir(dirname($strPath));
if ($test)
{
closedir($test);
return true;
}
else
return false;
}
else
{
@mkdir($strPath, $mode);
$test = @opendir($strPath);
if ($test)
{
closedir($test);
return true;
}
else
return false;
}
}
/**
* Copies one directory structure over to another.
* requires the destination to be writable.
*
* @param string $source The directory to copy
* @param string $destination The directory to copy $source to
*/
function copytree($source, $destination)
{
/** @var ftp_connection $package_ftp */
global $package_ftp;
if (!file_exists($destination) || !is_writable($destination))
mktree($destination, 0755);
if (!is_writable($destination))
mktree($destination, 0777);
$current_dir = opendir($source);
if ($current_dir == false)
return;
while ($entryname = readdir($current_dir))
{
if (in_array($entryname, array('.', '..')))
continue;
if (isset($package_ftp))
$ftp_file = strtr($destination . '/' . $entryname, array($_SESSION['pack_ftp']['root'] => ''));
if (is_file($source . '/' . $entryname))
{
if (isset($package_ftp) && !file_exists($destination . '/' . $entryname))
$package_ftp->create_file($ftp_file);
elseif (!file_exists($destination . '/' . $entryname))
@touch($destination . '/' . $entryname);
}
package_chmod($destination . '/' . $entryname);
if (is_dir($source . '/' . $entryname))
copytree($source . '/' . $entryname, $destination . '/' . $entryname);
elseif (file_exists($destination . '/' . $entryname))
package_put_contents($destination . '/' . $entryname, package_get_contents($source . '/' . $entryname));
else
copy($source . '/' . $entryname, $destination . '/' . $entryname);
}
closedir($current_dir);
}
/**
* Create a tree listing for a given directory path
*
* @param string $path The path
* @param string $sub_path The sub-path
* @return array An array of information about the files at the specified path/subpath
*/
function listtree($path, $sub_path = '')
{
$data = array();
$dir = @dir($path . $sub_path);
if (!$dir)
return array();
while ($entry = $dir->read())
{
if ($entry == '.' || $entry == '..')
continue;
if (is_dir($path . $sub_path . '/' . $entry))
$data = array_merge($data, listtree($path, $sub_path . '/' . $entry));
else
$data[] = array(
'filename' => $sub_path == '' ? $entry : $sub_path . '/' . $entry,
'size' => filesize($path . $sub_path . '/' . $entry),
'skipped' => false,
);
}
$dir->close();
return $data;
}
/**
* Parses a xml-style modification file (file).
*
* @param string $file The modification file to parse
* @param bool $testing Whether we're just doing a test
* @param bool $undo If true, specifies that the modifications should be undone. Used when uninstalling. Doesn't work with regex.
* @param array $theme_paths An array of information about custom themes to apply the changes to
* @return array An array of those changes made.
*/
function parseModification($file, $testing = true, $undo = false, $theme_paths = array())
{
global $boarddir, $sourcedir, $txt, $modSettings;
@set_time_limit(600);
require_once($sourcedir . '/Class-Package.php');
$xml = new xmlArray(strtr($file, array("\r" => '')));
$actions = array();
$everything_found = true;
if (!$xml->exists('modification') || !$xml->exists('modification/file'))
{
$actions[] = array(
'type' => 'error',
'filename' => '-',
'debug' => $txt['package_modification_malformed']
);
return $actions;
}
// Get the XML data.
$files = $xml->set('modification/file');
// Use this for holding all the template changes in this mod.
$template_changes = array();
// This is needed to hold the long paths, as they can vary...
$long_changes = array();
// First, we need to build the list of all the files likely to get changed.
foreach ($files as $file)
{
// What is the filename we're currently on?
$filename = parse_path(trim($file->fetch('@name')));
// Now, we need to work out whether this is even a template file...
foreach ($theme_paths as $id => $theme)
{
// If this filename is relative, if so take a guess at what it should be.
$real_filename = $filename;
if (strpos($filename, 'Themes') === 0)
$real_filename = $boarddir . '/' . $filename;
if (strpos($real_filename, $theme['theme_dir']) === 0)
{
$template_changes[$id][] = substr($real_filename, strlen($theme['theme_dir']) + 1);
$long_changes[$id][] = $filename;
}
}
}
// Custom themes to add.
$custom_themes_add = array();
// If we have some template changes, we need to build a master link of what new ones are required for the custom themes.
if (!empty($template_changes[1]))
{
foreach ($theme_paths as $id => $theme)
{
// Default is getting done anyway, so no need for involvement here.
if ($id == 1)
continue;
// For every template, do we want it? Yea, no, maybe?
foreach ($template_changes[1] as $index => $template_file)
{
// What, it exists and we haven't already got it?! Lordy, get it in!
if (file_exists($theme['theme_dir'] . '/' . $template_file) && (!isset($template_changes[$id]) || !in_array($template_file, $template_changes[$id])))
{
// Now let's add it to the "todo" list.
$custom_themes_add[$long_changes[1][$index]][$id] = $theme['theme_dir'] . '/' . $template_file;
}
}
}
}
foreach ($files as $file)
{
// This is the actual file referred to in the XML document...
$files_to_change = array(
1 => parse_path(trim($file->fetch('@name'))),
);
// Sometimes though, we have some additional files for other themes, if we have add them to the mix.
if (isset($custom_themes_add[$files_to_change[1]]))
$files_to_change += $custom_themes_add[$files_to_change[1]];
// Now, loop through all the files we're changing, and, well, change them ;)
foreach ($files_to_change as $theme => $working_file)
{
if ($working_file[0] != '/' && $working_file[1] != ':')
{
loadLanguage('Errors');
trigger_error(sprintf($txt['parse_modification_filename_not_full_path'], $working_file), E_USER_WARNING);
$working_file = $boarddir . '/' . $working_file;
}
// Doesn't exist - give an error or what?
if (!file_exists($working_file) && (!$file->exists('@error') || !in_array(trim($file->fetch('@error')), array('ignore', 'skip'))))
{
$actions[] = array(
'type' => 'missing',
'filename' => $working_file,
'debug' => $txt['package_modification_missing']
);
$everything_found = false;
continue;
}
// Skip the file if it doesn't exist.
elseif (!file_exists($working_file) && $file->exists('@error') && trim($file->fetch('@error')) == 'skip')
{
$actions[] = array(
'type' => 'skipping',
'filename' => $working_file,
);
continue;
}
// Okay, we're creating this file then...?
elseif (!file_exists($working_file))
$working_data = '';
// Phew, it exists! Load 'er up!
else
$working_data = str_replace("\r", '', package_get_contents($working_file));
$actions[] = array(
'type' => 'opened',
'filename' => $working_file
);
$operations = $file->exists('operation') ? $file->set('operation') : array();
foreach ($operations as $operation)
{
// Convert operation to an array.
$actual_operation = array(
'searches' => array(),
'error' => $operation->exists('@error') && in_array(trim($operation->fetch('@error')), array('ignore', 'fatal', 'required')) ? trim($operation->fetch('@error')) : 'fatal',
);
// The 'add' parameter is used for all searches in this operation.
$add = $operation->exists('add') ? $operation->fetch('add') : '';
// Grab all search items of this operation (in most cases just 1).
$searches = $operation->set('search');
foreach ($searches as $i => $search)
$actual_operation['searches'][] = array(
'position' => $search->exists('@position') && in_array(trim($search->fetch('@position')), array('before', 'after', 'replace', 'end')) ? trim($search->fetch('@position')) : 'replace',
'is_reg_exp' => $search->exists('@regexp') && trim($search->fetch('@regexp')) === 'true',
'loose_whitespace' => $search->exists('@whitespace') && trim($search->fetch('@whitespace')) === 'loose',
'search' => $search->fetch('.'),
'add' => $add,
'preg_search' => '',
'preg_replace' => '',
);
// At least one search should be defined.
if (empty($actual_operation['searches']))
{
$actions[] = array(
'type' => 'failure',
'filename' => $working_file,
'search' => $search['search'],
'is_custom' => $theme > 1 ? $theme : 0,
);
// Skip to the next operation.
continue;
}
// Reverse the operations in case of undoing stuff.
if ($undo)
{
foreach ($actual_operation['searches'] as $i => $search)
{
// Reverse modification of regular expressions are not allowed.
if ($search['is_reg_exp'])
{
if ($actual_operation['error'] === 'fatal')
$actions[] = array(
'type' => 'failure',
'filename' => $working_file,
'search' => $search['search'],
'is_custom' => $theme > 1 ? $theme : 0,
);
// Continue to the next operation.
continue 2;
}
// The replacement is now the search subject...
if ($search['position'] === 'replace' || $search['position'] === 'end')
$actual_operation['searches'][$i]['search'] = $search['add'];
else
{
// Reversing a before/after modification becomes a replacement.
$actual_operation['searches'][$i]['position'] = 'replace';
if ($search['position'] === 'before')
$actual_operation['searches'][$i]['search'] .= $search['add'];
elseif ($search['position'] === 'after')
$actual_operation['searches'][$i]['search'] = $search['add'] . $search['search'];
}
// ...and the search subject is now the replacement.
$actual_operation['searches'][$i]['add'] = $search['search'];
}
}
// Sort the search list so the replaces come before the add before/after's.
if (count($actual_operation['searches']) !== 1)
{
$replacements = array();
foreach ($actual_operation['searches'] as $i => $search)
{
if ($search['position'] === 'replace')
{
$replacements[] = $search;
unset($actual_operation['searches'][$i]);
}
}
$actual_operation['searches'] = array_merge($replacements, $actual_operation['searches']);
}
// Create regular expression replacements from each search.
foreach ($actual_operation['searches'] as $i => $search)
{
// Not much needed if the search subject is already a regexp.
if ($search['is_reg_exp'])
$actual_operation['searches'][$i]['preg_search'] = $search['search'];
else
{
// Make the search subject fit into a regular expression.
$actual_operation['searches'][$i]['preg_search'] = preg_quote($search['search'], '~');
// Using 'loose', a random amount of tabs and spaces may be used.
if ($search['loose_whitespace'])
$actual_operation['searches'][$i]['preg_search'] = preg_replace('~[ \t]+~', '[ \t]+', $actual_operation['searches'][$i]['preg_search']);
}
// Shuzzup. This is done so we can safely use a regular expression. ($0 is bad!!)
$actual_operation['searches'][$i]['preg_replace'] = strtr($search['add'], array('$' => '[$PACK' . 'AGE1$]', '\\' => '[$PACK' . 'AGE2$]'));
// Before, so the replacement comes after the search subject :P
if ($search['position'] === 'before')
{
$actual_operation['searches'][$i]['preg_search'] = '(' . $actual_operation['searches'][$i]['preg_search'] . ')';
$actual_operation['searches'][$i]['preg_replace'] = '$1' . $actual_operation['searches'][$i]['preg_replace'];
}
// After, after what?
elseif ($search['position'] === 'after')
{
$actual_operation['searches'][$i]['preg_search'] = '(' . $actual_operation['searches'][$i]['preg_search'] . ')';
$actual_operation['searches'][$i]['preg_replace'] .= '$1';
}
// Position the replacement at the end of the file (or just before the closing PHP tags).
elseif ($search['position'] === 'end')
{
if ($undo)
{
$actual_operation['searches'][$i]['preg_replace'] = '';
}
else
{
$actual_operation['searches'][$i]['preg_search'] = '(\\n\\?\\>)?$';
$actual_operation['searches'][$i]['preg_replace'] .= '$1';
}
}
// Testing 1, 2, 3...
$failed = preg_match('~' . $actual_operation['searches'][$i]['preg_search'] . '~s', $working_data) === 0;
// Nope, search pattern not found.
if ($failed && $actual_operation['error'] === 'fatal')
{
$actions[] = array(
'type' => 'failure',
'filename' => $working_file,
'search' => $actual_operation['searches'][$i]['preg_search'],
'search_original' => $actual_operation['searches'][$i]['search'],
'replace_original' => $actual_operation['searches'][$i]['add'],
'position' => $search['position'],
'is_custom' => $theme > 1 ? $theme : 0,
'failed' => $failed,
);
$everything_found = false;
continue;
}
// Found, but in this case, that means failure!
elseif (!$failed && $actual_operation['error'] === 'required')
{
$actions[] = array(
'type' => 'failure',
'filename' => $working_file,
'search' => $actual_operation['searches'][$i]['preg_search'],
'search_original' => $actual_operation['searches'][$i]['search'],
'replace_original' => $actual_operation['searches'][$i]['add'],
'position' => $search['position'],
'is_custom' => $theme > 1 ? $theme : 0,
'failed' => $failed,
);
$everything_found = false;
continue;
}
// Replace it into nothing? That's not an option...unless it's an undoing end.
if ($search['add'] === '' && ($search['position'] !== 'end' || !$undo))
continue;
// Finally, we're doing some replacements.
$working_data = preg_replace('~' . $actual_operation['searches'][$i]['preg_search'] . '~s', $actual_operation['searches'][$i]['preg_replace'], $working_data, 1);
$actions[] = array(
'type' => 'replace',
'filename' => $working_file,
'search' => $actual_operation['searches'][$i]['preg_search'],
'replace' => $actual_operation['searches'][$i]['preg_replace'],
'search_original' => $actual_operation['searches'][$i]['search'],
'replace_original' => $actual_operation['searches'][$i]['add'],
'position' => $search['position'],
'failed' => $failed,
'ignore_failure' => $failed && $actual_operation['error'] === 'ignore',
'is_custom' => $theme > 1 ? $theme : 0,
);
}
}
// Fix any little helper symbols ;).
$working_data = strtr($working_data, array('[$PACK' . 'AGE1$]' => '$', '[$PACK' . 'AGE2$]' => '\\'));
package_chmod($working_file);
if ((file_exists($working_file) && !is_writable($working_file)) || (!file_exists($working_file) && !is_writable(dirname($working_file))))
$actions[] = array(
'type' => 'chmod',
'filename' => $working_file
);
if (basename($working_file) == 'Settings_bak.php')
continue;
if (!$testing && !empty($modSettings['package_make_backups']) && file_exists($working_file))
{
// No, no, not Settings.php!
if (basename($working_file) == 'Settings.php')
@copy($working_file, dirname($working_file) . '/Settings_bak.php');
else
@copy($working_file, $working_file . '~');
}
// Always call this, even if in testing, because it won't really be written in testing mode.
package_put_contents($working_file, $working_data, $testing);
$actions[] = array(
'type' => 'saved',
'filename' => $working_file,
'is_custom' => $theme > 1 ? $theme : 0,
);
}
}
$actions[] = array(
'type' => 'result',
'status' => $everything_found
);
return $actions;
}
/**
* Parses a boardmod-style (.mod) modification file
*
* @param string $file The modification file to parse
* @param bool $testing Whether we're just doing a test
* @param bool $undo If true, specifies that the modifications should be undone. Used when uninstalling.
* @param array $theme_paths An array of information about custom themes to apply the changes to
* @return array An array of those changes made.
*/
function parseBoardMod($file, $testing = true, $undo = false, $theme_paths = array())
{
global $boarddir, $sourcedir, $settings, $modSettings, $txt;
@set_time_limit(600);
$file = strtr($file, array("\r" => ''));
$working_file = null;
$working_search = null;
$working_data = '';
$replace_with = null;
$actions = array();
$everything_found = true;
// This holds all the template changes in the standard mod file.
$template_changes = array();
// This is just the temporary file.
$temp_file = $file;
// This holds the actual changes on a step counter basis.
$temp_changes = array();
$counter = 0;
$step_counter = 0;
// Before we do *anything*, let's build a list of what we're editing, as it's going to be used for other theme edits.
while (preg_match('~<(edit file|file|search|search for|add|add after|replace|add before|add above|above|before)>\n(.*?)\n</\\1>~is', $temp_file, $code_match) != 0)
{
$counter++;
// Get rid of the old stuff.
$temp_file = substr_replace($temp_file, '', strpos($temp_file, $code_match[0]), strlen($code_match[0]));
// No interest to us?
if ($code_match[1] != 'edit file' && $code_match[1] != 'file')
{
// It's a step, let's add that to the current steps.
if (isset($temp_changes[$step_counter]))
$temp_changes[$step_counter]['changes'][] = $code_match[0];
continue;
}
// We've found a new edit - let's make ourself heard, kind of.
$step_counter = $counter;
$temp_changes[$step_counter] = array(
'title' => $code_match[0],
'changes' => array(),
);
$filename = parse_path($code_match[2]);
// Now, is this a template file, and if so, which?
foreach ($theme_paths as $id => $theme)
{
// If this filename is relative, if so take a guess at what it should be.
if (strpos($filename, 'Themes') === 0)
$filename = $boarddir . '/' . $filename;
if (strpos($filename, $theme['theme_dir']) === 0)
$template_changes[$id][$counter] = substr($filename, strlen($theme['theme_dir']) + 1);
}
}
// Reference for what theme ID this action belongs to.
$theme_id_ref = array();
// Now we know what templates we need to touch, cycle through each theme and work out what we need to edit.
if (!empty($template_changes[1]))
{
foreach ($theme_paths as $id => $theme)
{
// Don't do default, it means nothing to me.
if ($id == 1)
continue;
// Now, for each file do we need to edit it?
foreach ($template_changes[1] as $pos => $template_file)
{
// It does? Add it to the list darlin'.
if (file_exists($theme['theme_dir'] . '/' . $template_file) && (!isset($template_changes[$id][$pos]) || !in_array($template_file, $template_changes[$id][$pos])))
{
// Actually add it to the mod file too, so we can see that it will work ;)
if (!empty($temp_changes[$pos]['changes']))
{
$file .= "\n\n" . '<edit file>' . "\n" . $theme['theme_dir'] . '/' . $template_file . "\n" . '</edit file>' . "\n\n" . implode("\n\n", $temp_changes[$pos]['changes']);
$theme_id_ref[$counter] = $id;
$counter += 1 + count($temp_changes[$pos]['changes']);
}
}
}
}
}
$counter = 0;
$is_custom = 0;
while (preg_match('~<(edit file|file|search|search for|add|add after|replace|add before|add above|above|before)>\n(.*?)\n</\\1>~is', $file, $code_match) != 0)
{
// This is for working out what we should be editing.
$counter++;
// Edit a specific file.
if ($code_match[1] == 'file' || $code_match[1] == 'edit file')
{
// Backup the old file.
if ($working_file !== null)
{
package_chmod($working_file);
// Don't even dare.
if (basename($working_file) == 'Settings_bak.php')
continue;
if (!is_writable($working_file))
$actions[] = array(
'type' => 'chmod',
'filename' => $working_file
);
if (!$testing && !empty($modSettings['package_make_backups']) && file_exists($working_file))
{
if (basename($working_file) == 'Settings.php')
@copy($working_file, dirname($working_file) . '/Settings_bak.php');
else
@copy($working_file, $working_file . '~');
}
package_put_contents($working_file, $working_data, $testing);
}
if ($working_file !== null)
$actions[] = array(
'type' => 'saved',
'filename' => $working_file,
'is_custom' => $is_custom,
);
// Is this "now working on" file a theme specific one?
$is_custom = isset($theme_id_ref[$counter - 1]) ? $theme_id_ref[$counter - 1] : 0;
// Make sure the file exists!
$working_file = parse_path($code_match[2]);
if ($working_file[0] != '/' && $working_file[1] != ':')
{
loadLanguage('Errors');
trigger_error(sprintf($txt['parse_boardmod_filename_not_full_path'], $working_file), E_USER_WARNING);
$working_file = $boarddir . '/' . $working_file;
}
if (!file_exists($working_file))
{
$places_to_check = array($boarddir, $sourcedir, $settings['default_theme_dir'], $settings['default_theme_dir'] . '/languages');
foreach ($places_to_check as $place)
if (file_exists($place . '/' . $working_file))
{
$working_file = $place . '/' . $working_file;
break;
}
}
if (file_exists($working_file))
{
// Load the new file.
$working_data = str_replace("\r", '', package_get_contents($working_file));
$actions[] = array(
'type' => 'opened',
'filename' => $working_file
);
}
else
{
$actions[] = array(
'type' => 'missing',
'filename' => $working_file
);
$working_file = null;
$everything_found = false;
}
// Can't be searching for something...
$working_search = null;
}
// Search for a specific string.
elseif (($code_match[1] == 'search' || $code_match[1] == 'search for') && $working_file !== null)
{
if ($working_search !== null)
{
$actions[] = array(
'type' => 'error',
'filename' => $working_file
);
$everything_found = false;
}
$working_search = $code_match[2];
}
// Must've already loaded a search string.
elseif ($working_search !== null)
{
// This is the base string....
$replace_with = $code_match[2];
// Add this afterward...
if ($code_match[1] == 'add' || $code_match[1] == 'add after')
$replace_with = $working_search . "\n" . $replace_with;
// Add this beforehand.
elseif ($code_match[1] == 'before' || $code_match[1] == 'add before' || $code_match[1] == 'above' || $code_match[1] == 'add above')
$replace_with .= "\n" . $working_search;
// Otherwise.. replace with $replace_with ;).
}
// If we have a search string, replace string, and open file..
if ($working_search !== null && $replace_with !== null && $working_file !== null)
{
// Make sure it's somewhere in the string.
if ($undo)
{
$temp = $replace_with;
$replace_with = $working_search;
$working_search = $temp;
}
if (strpos($working_data, $working_search) !== false)
{
$working_data = str_replace($working_search, $replace_with, $working_data);
$actions[] = array(
'type' => 'replace',
'filename' => $working_file,
'search' => $working_search,
'replace' => $replace_with,
'search_original' => $working_search,
'replace_original' => $replace_with,
'position' => $code_match[1] == 'replace' ? 'replace' : ($code_match[1] == 'add' || $code_match[1] == 'add after' ? 'before' : 'after'),
'is_custom' => $is_custom,
'failed' => false,
);
}
// It wasn't found!
else
{
$actions[] = array(
'type' => 'failure',
'filename' => $working_file,
'search' => $working_search,
'is_custom' => $is_custom,
'search_original' => $working_search,
'replace_original' => $replace_with,
'position' => $code_match[1] == 'replace' ? 'replace' : ($code_match[1] == 'add' || $code_match[1] == 'add after' ? 'before' : 'after'),
'is_custom' => $is_custom,
'failed' => true,
);
$everything_found = false;
}
// These don't hold any meaning now.
$working_search = null;
$replace_with = null;
}
// Get rid of the old tag.
$file = substr_replace($file, '', strpos($file, $code_match[0]), strlen($code_match[0]));
}
// Backup the old file.
if ($working_file !== null)
{
package_chmod($working_file);
if (!is_writable($working_file))
$actions[] = array(
'type' => 'chmod',
'filename' => $working_file
);
if (!$testing && !empty($modSettings['package_make_backups']) && file_exists($working_file))
{
if (basename($working_file) == 'Settings.php')
@copy($working_file, dirname($working_file) . '/Settings_bak.php');
else
@copy($working_file, $working_file . '~');
}
package_put_contents($working_file, $working_data, $testing);
}
if ($working_file !== null)
$actions[] = array(
'type' => 'saved',
'filename' => $working_file,
'is_custom' => $is_custom,
);
$actions[] = array(
'type' => 'result',
'status' => $everything_found
);
return $actions;
}
/**
* Get the physical contents of a packages file
*
* @param string $filename The package file
* @return string The contents of the specified file
*/
function package_get_contents($filename)
{
global $package_cache, $modSettings;
if (!isset($package_cache))
{
$mem_check = setMemoryLimit('128M');
// Windows doesn't seem to care about the memory_limit.
if (!empty($modSettings['package_disable_cache']) || $mem_check || stripos(PHP_OS, 'win') !== false)
$package_cache = array();
else
$package_cache = false;
}
if (strpos($filename, 'Packages/') !== false || $package_cache === false || !isset($package_cache[$filename]))
return file_get_contents($filename);
else
return $package_cache[$filename];
}
/**
* Writes data to a file, almost exactly like the file_put_contents() function.
* uses FTP to create/chmod the file when necessary and available.
* uses text mode for text mode file extensions.
* returns the number of bytes written.
*
* @param string $filename The name of the file
* @param string $data The data to write to the file
* @param bool $testing Whether we're just testing things
* @return int The length of the data written (in bytes)
*/
function package_put_contents($filename, $data, $testing = false)
{
/** @var ftp_connection $package_ftp */
global $package_ftp, $package_cache, $modSettings;
static $text_filetypes = array('php', 'txt', '.js', 'css', 'vbs', 'tml', 'htm');
if (!isset($package_cache))
{
// Try to increase the memory limit - we don't want to run out of ram!
$mem_check = setMemoryLimit('128M');
if (!empty($modSettings['package_disable_cache']) || $mem_check || stripos(PHP_OS, 'win') !== false)
$package_cache = array();
else
$package_cache = false;
}
if (isset($package_ftp))
$ftp_file = strtr($filename, array($_SESSION['pack_ftp']['root'] => ''));
if (!file_exists($filename) && isset($package_ftp))
$package_ftp->create_file($ftp_file);
elseif (!file_exists($filename))
@touch($filename);
package_chmod($filename);
if (!$testing && (strpos($filename, 'Packages/') !== false || $package_cache === false))
{
$fp = @fopen($filename, in_array(substr($filename, -3), $text_filetypes) ? 'w' : 'wb');
// We should show an error message or attempt a rollback, no?
if (!$fp)
return false;
fwrite($fp, $data);
fclose($fp);
}
elseif (strpos($filename, 'Packages/') !== false || $package_cache === false)
return strlen($data);
else
{
$package_cache[$filename] = $data;
// Permission denied, eh?
$fp = @fopen($filename, 'r+');
if (!$fp)
return false;
fclose($fp);
}
return strlen($data);
}
/**
* Flushes the cache from memory to the filesystem
*
* @param bool $trash
*/
function package_flush_cache($trash = false)
{
/** @var ftp_connection $package_ftp */
global $package_ftp, $package_cache, $txt;
static $text_filetypes = array('php', 'txt', '.js', 'css', 'vbs', 'tml', 'htm');
if (empty($package_cache))
return;
// First, let's check permissions!
foreach ($package_cache as $filename => $data)
{
if (isset($package_ftp))
$ftp_file = strtr($filename, array($_SESSION['pack_ftp']['root'] => ''));
if (!file_exists($filename) && isset($package_ftp))
$package_ftp->create_file($ftp_file);
elseif (!file_exists($filename))
@touch($filename);
$result = package_chmod($filename);
// if we are not doing our test pass, then lets do a full write check
// bypass directories when doing this test
if ((!$trash) && !is_dir($filename))
{
// acid test, can we really open this file for writing?
$fp = ($result) ? fopen($filename, 'r+') : $result;
if (!$fp)
{
// We should have package_chmod()'d them before, no?!
loadLanguage('Errors');
trigger_error($txt['package_flush_cache_not_writable'], E_USER_WARNING);
return;
}
fclose($fp);
}
}
if ($trash)
{
$package_cache = array();
return;
}
// Write the cache to disk here.
// Bypass directories when doing so - no data to write & the fopen will crash.
foreach ($package_cache as $filename => $data)
{
if (!is_dir($filename))
{
$fp = fopen($filename, in_array(substr($filename, -3), $text_filetypes) ? 'w' : 'wb');
fwrite($fp, $data);
fclose($fp);
}
}
$package_cache = array();
}
/**
* Try to make a file writable.
*
* @param string $filename The name of the file
* @param string $perm_state The permission state - can be either 'writable' or 'execute'
* @param bool $track_change Whether to track this change
* @return boolean True if it worked, false if it didn't
*/
function package_chmod($filename, $perm_state = 'writable', $track_change = false)
{
/** @var ftp_connection $package_ftp */
global $package_ftp;
if (file_exists($filename) && is_writable($filename) && $perm_state == 'writable')
return true;
// Start off checking without FTP.
if (!isset($package_ftp) || $package_ftp === false)
{
for ($i = 0; $i < 2; $i++)
{
$chmod_file = $filename;
// Start off with a less aggressive test.
if ($i == 0)
{
// If this file doesn't exist, then we actually want to look at whatever parent directory does.
$subTraverseLimit = 2;
while (!file_exists($chmod_file) && $subTraverseLimit)
{
$chmod_file = dirname($chmod_file);
$subTraverseLimit--;
}
// Keep track of the writable status here.
$file_permissions = @fileperms($chmod_file);
}
else
{
// This looks odd, but it's an attempt to work around PHP suExec.
if (!file_exists($chmod_file) && $perm_state == 'writable')
{
$file_permissions = @fileperms(dirname($chmod_file));
mktree(dirname($chmod_file), 0755);
@touch($chmod_file);
smf_chmod($chmod_file, 0755);
}
else
$file_permissions = @fileperms($chmod_file);
}
// This looks odd, but it's another attempt to work around PHP suExec.
if ($perm_state != 'writable')
smf_chmod($chmod_file, $perm_state == 'execute' ? 0755 : 0644);
else
{
if (!@is_writable($chmod_file))
smf_chmod($chmod_file, 0755);
if (!@is_writable($chmod_file))
smf_chmod($chmod_file, 0777);
if (!@is_writable(dirname($chmod_file)))
smf_chmod($chmod_file, 0755);
if (!@is_writable(dirname($chmod_file)))
smf_chmod($chmod_file, 0777);
}
// The ultimate writable test.
if ($perm_state == 'writable')
{
$fp = is_dir($chmod_file) ? @opendir($chmod_file) : @fopen($chmod_file, 'rb');
if (@is_writable($chmod_file) && $fp)
{
if (!is_dir($chmod_file))
fclose($fp);
else
closedir($fp);
// It worked!
if ($track_change)
$_SESSION['pack_ftp']['original_perms'][$chmod_file] = $file_permissions;
return true;
}
}
elseif ($perm_state != 'writable' && isset($_SESSION['pack_ftp']['original_perms'][$chmod_file]))
unset($_SESSION['pack_ftp']['original_perms'][$chmod_file]);
}
// If we're here we're a failure.
return false;
}
// Otherwise we do have FTP?
elseif ($package_ftp !== false && !empty($_SESSION['pack_ftp']))
{
$ftp_file = strtr($filename, array($_SESSION['pack_ftp']['root'] => ''));
// This looks odd, but it's an attempt to work around PHP suExec.
if (!file_exists($filename) && $perm_state == 'writable')
{
$file_permissions = @fileperms(dirname($filename));
mktree(dirname($filename), 0755);
$package_ftp->create_file($ftp_file);
$package_ftp->chmod($ftp_file, 0755);
}
else
$file_permissions = @fileperms($filename);
if ($perm_state != 'writable')
{
$package_ftp->chmod($ftp_file, $perm_state == 'execute' ? 0755 : 0644);
}
else
{
if (!@is_writable($filename))
$package_ftp->chmod($ftp_file, 0777);
if (!@is_writable(dirname($filename)))
$package_ftp->chmod(dirname($ftp_file), 0777);
}
if (@is_writable($filename))
{
if ($track_change)
$_SESSION['pack_ftp']['original_perms'][$filename] = $file_permissions;
return true;
}
elseif ($perm_state != 'writable' && isset($_SESSION['pack_ftp']['original_perms'][$filename]))
unset($_SESSION['pack_ftp']['original_perms'][$filename]);
}
// Oh dear, we failed if we get here.
return false;
}
/**
* Used to crypt the supplied ftp password in this session
*
* @param string $pass The password
* @return string The encrypted password
*/
function package_crypt($pass)
{
$n = strlen($pass);
$salt = session_id();
while (strlen($salt) < $n)
$salt .= session_id();
for ($i = 0; $i < $n; $i++)
$pass[$i] = chr(ord($pass[$i]) ^ (ord($salt[$i]) - 32));
return $pass;
}
/**
* @param string $dir
* @param string $filename The filename without an extension
* @param string $ext
* @return string The filename with a number appended but no extension
* @since 2.1
*/
function package_unique_filename($dir, $filename, $ext)
{
if (file_exists($dir . '/' . $filename . '.' . $ext))
{
$i = 1;
while (file_exists($dir . '/' . $filename . '_' . $i . '.' . $ext))
$i++;
$filename .= '_' . $i;
}
return $filename;
}
/**
* Creates a backup of forum files prior to modifying them
*
* @param string $id The name of the backup
* @return bool True if it worked, false if it didn't
*/
function package_create_backup($id = 'backup')
{
global $sourcedir, $boarddir, $packagesdir, $smcFunc;
$files = array();
$base_files = array('index.php', 'SSI.php', 'agreement.txt', 'cron.php', 'proxy.php', 'ssi_examples.php', 'ssi_examples.shtml', 'subscriptions.php');
foreach ($base_files as $file)
{
if (file_exists($boarddir . '/' . $file))
$files[empty($_REQUEST['use_full_paths']) ? $file : $boarddir . '/' . $file] = $boarddir . '/' . $file;
}
$dirs = array(
$sourcedir => empty($_REQUEST['use_full_paths']) ? 'Sources/' : strtr($sourcedir . '/', '\\', '/')
);
$request = $smcFunc['db_query']('', '
SELECT value
FROM {db_prefix}themes
WHERE id_member = {int:no_member}
AND variable = {string:theme_dir}',
array(
'no_member' => 0,
'theme_dir' => 'theme_dir',
)
);
while ($row = $smcFunc['db_fetch_assoc']($request))
$dirs[$row['value']] = empty($_REQUEST['use_full_paths']) ? 'Themes/' . basename($row['value']) . '/' : strtr($row['value'] . '/', '\\', '/');
$smcFunc['db_free_result']($request);
try
{
foreach ($dirs as $dir => $dest)
{
$iter = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS),
RecursiveIteratorIterator::CHILD_FIRST,
RecursiveIteratorIterator::CATCH_GET_CHILD // Ignore "Permission denied"
);
foreach ($iter as $entry => $dir)
{
if ($dir->isDir())
continue;
if (preg_match('~^(\.{1,2}|CVS|backup.*|help|images|.*\~|.*minified_[a-z0-9]{32}\.(js|css))$~', $entry) != 0)
continue;
$files[empty($_REQUEST['use_full_paths']) ? str_replace(realpath($boarddir), '', $entry) : $entry] = $entry;
}
}
$obj = new ArrayObject($files);
$iterator = $obj->getIterator();
if (!file_exists($packagesdir . '/backups'))
mktree($packagesdir . '/backups', 0777);
if (!is_writable($packagesdir . '/backups'))
package_chmod($packagesdir . '/backups');
$output_file = $packagesdir . '/backups/' . smf_strftime('%Y-%m-%d_') . preg_replace('~[$\\\\/:<>|?*"\']~', '', $id);
$output_ext = '.tar';
$output_ext_target = '.tar.gz';
if (file_exists($output_file . $output_ext_target))
{
$i = 2;
while (file_exists($output_file . '_' . $i . $output_ext_target))
$i++;
$output_file = $output_file . '_' . $i . $output_ext;
}
else
$output_file .= $output_ext;
@set_time_limit(300);
if (function_exists('apache_reset_timeout'))
@apache_reset_timeout();
// Phar doesn't handle open_basedir restrictions very well and throws a PHP Warning. Ignore that.
set_error_handler(
function($errno, $errstr, $errfile, $errline)
{
// error was suppressed with the @-operator
if (0 === error_reporting())
return false;
if (strpos($errstr, 'PharData::__construct(): open_basedir') === false && strpos($errstr, 'PharData::compress(): open_basedir') === false)
log_error($errstr, 'general', $errfile, $errline);
return true;
}
);
$a = new PharData($output_file);
$a->buildFromIterator($iterator);
$a->compress(Phar::GZ);
restore_error_handler();
/*
* Destroying the local var tells PharData to close its internal
* file pointer, enabling us to delete the uncompressed tarball.
*/
unset($a);
unlink($output_file);
}
catch (Exception $e)
{
log_error($e->getMessage(), 'backup');
return false;
}
return true;
}
if (!function_exists('smf_crc32'))
{
/**
* crc32 doesn't work as expected on 64-bit functions - make our own.
* https://php.net/crc32#79567
*
* @param string $number
* @return string The crc32
*/
function smf_crc32($number)
{
$crc = crc32($number);
if ($crc & 0x80000000)
{
$crc ^= 0xffffffff;
$crc += 1;
$crc = -$crc;
}
return $crc;
}
}
/**
* Validate a package during install
*
* @param array $package Package data
* @return array Results from the package validation.
*/
function package_validate_installtest($package)
{
global $context;
// Don't validate directories.
$context['package_sha256_hash'] = is_dir($package['file_name']) ? null : hash_file('sha256', $package['file_name']);
$sendData = array(array(
'sha256_hash' => $context['package_sha256_hash'],
'file_name' => basename($package['file_name']),
'custom_id' => $package['custom_id'],
'custom_type' => $package['custom_type'],
));
return package_validate_send($sendData);
}
/**
* Validate multiple packages.
*
* @param array $packages Package data
* @return array Results from the package validation.
*/
function package_validate($packages)
{
global $context, $smcFunc;
// Setup our send data.
$sendData = array();
// Go through all packages and get them ready to send up.
foreach ($packages as $id_package => $package)
{
$sha256_hash = hash_file('sha256', $package);
$packageInfo = getPackageInfo($package);
$packageID = '';
if (isset($packageInfo['id']))
$packageID = $packageInfo['id'];
$packageType = 'modification';
if (isset($package['type']))
$packageType = $package['type'];
$sendData[] = array(
'sha256_hash' => $sha256_hash,
'file_name' => basename($package),
'custom_id' => $packageID,
'custom_type' => $packageType,
);
}
return package_validate_send($sendData);
}
/**
* Sending data off to validate packages.
*
* @param array $sendData Json encoded data to be sent to the validation servers.
* @return array Results from the package validation.
*/
function package_validate_send($sendData)
{
global $context, $smcFunc;
// First lets get all package servers into here.
if (empty($context['package_servers']))
{
$request = $smcFunc['db_query']('', '
SELECT id_server, name, validation_url, extra
FROM {db_prefix}package_servers
WHERE validation_url != {string:empty}',
array(
'empty' => '',
));
$context['package_servers'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request))
$context['package_servers'][$row['id_server']] = $row;
$smcFunc['db_free_result']($request);
}
$the_version = SMF_VERSION;
if (!empty($_SESSION['version_emulate']))
$the_version = $_SESSION['version_emulate'];
// Test each server.
$return_data = array();
foreach ($context['package_servers'] as $id_server => $server)
{
$return_data[$id_server] = array();
// Sub out any variables we support in the validation url.
$validate_url = strtr($server['validation_url'], array(
'{SMF_VERSION}' => urlencode($the_version)
));
$results = fetch_web_data($validate_url, 'data=' . json_encode($sendData));
$parsed_data = $smcFunc['json_decode']($results, true);
if (is_array($parsed_data) && isset($parsed_data['data']) && is_array($parsed_data['data']))
{
foreach ($parsed_data['data'] as $sha256_hash => $status)
{
if ((string) $status === 'blacklist')
$context['package_blacklist_found'] = true;
$return_data[$id_server][(string) $sha256_hash] = 'package_validation_status_' . ((string) $status);
}
}
}
return $return_data;
}
?>
Reference in a new issue Copy permalink