2 if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
3 /*********************************************************************************
4 * SugarCRM is a customer relationship management program developed by
5 * SugarCRM, Inc. Copyright (C) 2004-2011 SugarCRM Inc.
7 * This program is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU Affero General Public License version 3 as published by the
9 * Free Software Foundation with the addition of the following permission added
10 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
11 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
12 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
14 * This program is distributed in the hope that it will be useful, but WITHOUT
15 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
16 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
19 * You should have received a copy of the GNU Affero General Public License along with
20 * this program; if not, see http://www.gnu.org/licenses or write to the Free
21 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
24 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
25 * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
27 * The interactive user interfaces in modified source and object code versions
28 * of this program must display Appropriate Legal Notices, as required under
29 * Section 5 of the GNU Affero General Public License version 3.
31 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
32 * these Appropriate Legal Notices must retain the display of the "Powered by
33 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
34 * technical reasons, the Appropriate Legal Notices must display the words
35 * "Powered by SugarCRM".
36 ********************************************************************************/
40 if(!is_admin($GLOBALS['current_user'])){
41 sugar_die($GLOBALS['app_strings']['ERR_NOT_ADMIN']);
43 require_once('modules/Administration/UpgradeWizardCommon.php');
44 require_once('ModuleInstall/PackageManager/PackageManagerDisplay.php');
45 require_once('ModuleInstall/ModuleScanner.php');
47 $uh = new UpgradeHistory();
49 function unlinkTempFiles() {
51 @unlink($_FILES['upgrade_zip']['tmp_name']);
52 @unlink(getAbsolutePath($sugar_config['upload_dir'].$_FILES['upgrade_zip']['name'],true));
55 // make sure dirs exist
56 foreach( $GLOBALS['subdirs'] as $subdir ){
57 mkdir_recursive( "$base_upgrade_dir/$subdir" );
60 // get labels and text that are specific to either Module Loader or Upgrade Wizard
61 if( $view == "module") {
62 $uploaddLabel = $mod_strings['LBL_UW_UPLOAD_MODULE'];
63 $descItemsQueued = $mod_strings['LBL_UW_DESC_MODULES_QUEUED'];
64 $descItemsInstalled = $mod_strings['LBL_UW_DESC_MODULES_INSTALLED'];
68 $uploaddLabel = $mod_strings['LBL_UPLOAD_UPGRADE'];
69 $descItemsQueued = $mod_strings['DESC_FILES_QUEUED'];
70 $descItemsInstalled = $mod_strings['DESC_FILES_INSTALLED'];
74 // check that the upload limit is set to 6M or greater
77 define('SUGARCRM_MIN_UPLOAD_MAX_FILESIZE_BYTES', 6 * 1024 * 1024); // 6 Megabytes
79 $upload_max_filesize = ini_get('upload_max_filesize');
80 $upload_max_filesize_bytes = return_bytes($upload_max_filesize);
81 if($upload_max_filesize_bytes < constant('SUGARCRM_MIN_UPLOAD_MAX_FILESIZE_BYTES'))
83 $GLOBALS['log']->debug("detected upload_max_filesize: $upload_max_filesize");
84 print('<p class="error">' . $mod_strings['MSG_INCREASE_UPLOAD_MAX_FILESIZE'] . ' '
85 . get_cfg_var('cfg_file_path') . "</p>\n");
89 // process "run" commands
92 if( isset( $_REQUEST['run'] ) && ($_REQUEST['run'] != "") ){
93 $run = $_REQUEST['run'];
95 if( $run == "upload" ){
97 if(isset($_REQUEST['release_id']) && $_REQUEST['release_id'] != ""){
98 require_once('ModuleInstall/PackageManager.php');
99 $pm = new PackageManager();
100 $tempFile = $pm->download('','',$_REQUEST['release_id'], getAbsolutePath($sugar_config['upload_dir'],true));
102 $base_filename = urldecode($tempFile);
104 elseif(!empty($_REQUEST['load_module_from_dir'])){
105 //copy file to proper location then call performSetup
106 $tempFile = getAbsolutePath($sugar_config['upload_dir'].$_REQUEST['upgrade_zip_escaped'],true);
107 copy($_REQUEST['load_module_from_dir'].'/'.$_REQUEST['upgrade_zip_escaped'], $tempFile);
110 $base_filename = urldecode( $_REQUEST['upgrade_zip_escaped'] );
111 }else if( empty( $_FILES['upgrade_zip']['tmp_name'] ) ){
112 echo $mod_strings['ERR_UW_NO_UPLOAD_FILE'];
115 $ext = end(explode(".", $_FILES['upgrade_zip']['name']));
116 if($ext === $_FILES['upgrade_zip']['name'] || $ext != 'zip' || !move_uploaded_file($_FILES['upgrade_zip']['tmp_name'], getAbsolutePath($sugar_config['upload_dir'].$_FILES['upgrade_zip']['name'],true))) {
118 sugar_die("Invalid Package");
120 $tempFile = getAbsolutePath($sugar_config['upload_dir'].$_FILES['upgrade_zip']['name'],true);
122 $base_filename = urldecode( $_REQUEST['upgrade_zip_escaped'] );
126 $manifest_file = extractManifest( $tempFile );
127 if(is_file($manifest_file))
129 //SCAN THE MANIFEST FILE TO MAKE SURE NO COPIES OR ANYTHING ARE HAPPENING IN IT
130 $ms = new ModuleScanner();
131 $fileIssues = $ms->scanFile($manifest_file);
132 if(!empty($fileIssues)){
133 echo '<h2>' . $mod_strings['ML_MANIFEST_ISSUE'] . '</h2><br>';
134 $ms->displayIssues();
137 require_once( $manifest_file );
138 validate_manifest( $manifest );
140 $upgrade_zip_type = $manifest['type'];
142 // exclude the bad permutations
143 if( $view == "module" )
145 if ($upgrade_zip_type != "module" && $upgrade_zip_type != "theme" && $upgrade_zip_type != "langpack")
148 die($mod_strings['ERR_UW_NOT_ACCEPTIBLE_TYPE']);
151 elseif( $view == "default" )
153 if($upgrade_zip_type != "patch" )
156 die($mod_strings['ERR_UW_ONLY_PATCHES']);
160 //$base_filename = urldecode( $_REQUEST['upgrade_zip_escaped'] );
161 $base_filename = preg_replace( "#\\\\#", "/", $base_filename );
162 $base_filename = basename( $base_filename );
164 mkdir_recursive( "$base_upgrade_dir/$upgrade_zip_type" );
165 $target_path = "$base_upgrade_dir/$upgrade_zip_type/$base_filename";
166 $target_manifest = remove_file_extension( $target_path ) . "-manifest.php";
168 if( isset($manifest['icon']) && $manifest['icon'] != "" ){
169 $icon_location = extractFile( $tempFile ,$manifest['icon'] );
170 $path_parts = pathinfo( $icon_location );
171 copy( $icon_location, remove_file_extension( $target_path ) . "-icon." . $path_parts['extension'] );
174 if( copy( $tempFile , $target_path ) ){
175 copy( $manifest_file, $target_manifest );
176 $GLOBALS['ML_STATUS_MESSAGE'] = $base_filename.$mod_strings['LBL_UW_UPLOAD_SUCCESS'];
179 $GLOBALS['ML_STATUS_MESSAGE'] = $mod_strings['ERR_UW_UPLOAD_ERROR'];
185 die($mod_strings['ERR_UW_NO_MANIFEST']);
189 else if( $run == $mod_strings['LBL_UW_BTN_DELETE_PACKAGE'] ){
190 if(!empty ($_REQUEST['install_file']) ){
191 die($mod_strings['ERR_UW_NO_UPLOAD_FILE']);
194 $delete_me = hashToFile($delete_me);
196 $checkFile = clean_path(trim(strtolower($delete_me)));
198 if(false !== strpos($checkFile, '.zip')) { // is zip file?
199 if(false !== strpos($checkFile, $sugar_config['upload_dir'])) { // is in upload dir?
200 if(false === strpos($checkFile, "..")) { // no dir navigation
201 if(!file_exists($checkFile)) { // file exists?
202 if(unlink($delete_me)) { // successful deletion?
203 echo "Package $delete_me has been removed.<br>";
205 die("Problem removing package $delete_me.");
208 die("<span class='error'>File to be deleted does not exist.</span>");
211 die("<span class='error'>Path is trying to navigate folders.</span>");
214 die("<span class='error'>File is not located in SugarCRM's upload cache directory.</span>");
217 die("<span class='error'>File is not a zipped archive.</span>");
222 if( $view == "module") {
223 print( get_module_title($mod_strings['LBL_MODULE_NAME'], $mod_strings['LBL_MODULE_LOADER_TITLE'], true) );
226 print( get_module_title($mod_strings['LBL_MODULE_NAME'], $mod_strings['LBL_MODULE_NAME'].": ".$mod_strings['LBL_UPGRADE_WIZARD_TITLE'], true) );
230 if(!empty($GLOBALS['sugar_config']['use_common_ml_dir']) && $GLOBALS['sugar_config']['use_common_ml_dir'] && !empty($GLOBALS['sugar_config']['common_ml_dir'])){
232 $form = '<form name="move_form" action="index.php?module=Administration&view=module&action=UpgradeWizard" method="post" ><input type=hidden name="run" value="upload" /><input type=hidden name="load_module_from_dir" id="load_module_from_dir" value="'.$GLOBALS['sugar_config']['common_ml_dir'].'" /><input type=hidden name="upgrade_zip_escaped" value="" />';
233 $form .= '<br>'.$mod_strings['LBL_MODULE_UPLOAD_DISABLE_HELP_TEXT'].'</br>';
234 $form .='<table width="100%" class="edit view"><tr><th align="left">'.$mod_strings['LBL_ML_NAME'].'</th><th align="left">'.$mod_strings['LBL_ML_ACTION'].'</th></tr>';
235 if ($handle = opendir($GLOBALS['sugar_config']['common_ml_dir'])) {
236 while (false !== ($filename = readdir($handle))) {
237 if($filename == '.' || $filename == '..' || !preg_match("#.*\.zip\$#", $filename)) {
240 $form .= '<tr><td>'.$filename.'</td><td><input type=button class="button" value="'.$mod_strings['LBL_UW_BTN_UPLOAD'].'" onClick="document.move_form.upgrade_zip_escaped.value = escape( \''.$filename.'\');document.move_form.submit();" /></td></tr>';
243 $form .= '</table></form>';
248 <form name="the_form" enctype="multipart/form-data" action="{$form_action}" method="post" >
249 <table width="100%" border="0" cellspacing="0" cellpadding="0" class="edit view">
251 <table width="450" border="0" cellspacing="0" cellpadding="0">
252 <tr><td style="white-space:nowrap; padding-right: 10px !important;">
254 <input type="file" name="upgrade_zip" size="40" />
257 <input type=button class="button" value="{$mod_strings['LBL_UW_BTN_UPLOAD']}" onClick="document.the_form.upgrade_zip_escaped.value = escape( document.the_form.upgrade_zip.value );document.the_form.submit();" />
258 <input type=hidden name="run" value="upload" />
259 <input type=hidden name="upgrade_zip_escaped" value="" />
262 </table></td></tr></table>
266 $hidden_fields = "<input type=hidden name=\"run\" value=\"upload\" />";
267 $hidden_fields .= "<input type=hidden name=\"mode\"/>";
268 $form2 = PackageManagerDisplay::buildPackageDisplay($form, $hidden_fields, $form_action, array('module'));
276 // scan for new files (that are not installed)
277 /*print( "$descItemsQueued<br>\n");
279 $upgrade_contents = findAllFiles( "$base_upgrade_dir", array() );
280 $upgrades_available = 0;
282 print( "<table>\n" );
283 print( "<tr><th></th><th align=left>{$mod_strings['LBL_ML_NAME']}</th><th>{$mod_strings['LBL_ML_TYPE']}</th><th>{$mod_strings['LBL_ML_VERSION']}</th><th>{$mod_strings['LBL_ML_PUBLISHED']}</th><th>{$mod_strings['LBL_ML_UNINSTALLABLE']}</th><th>{$mod_strings['LBL_ML_DESCRIPTION']}</th></tr>\n" );
284 foreach($upgrade_contents as $upgrade_content)
286 if(!preg_match("#.*\.zip\$#", $upgrade_content))
291 $upgrade_content = clean_path($upgrade_content);
292 $the_base = basename($upgrade_content);
293 $the_md5 = md5_file($upgrade_content);
294 $md5_matches = $uh->findByMd5($the_md5);
296 if(0 == sizeof($md5_matches))
298 $target_manifest = remove_file_extension( $upgrade_content ) . '-manifest.php';
299 require_once($target_manifest);
301 $name = empty($manifest['name']) ? $upgrade_content : $manifest['name'];
302 $version = empty($manifest['version']) ? '' : $manifest['version'];
303 $published_date = empty($manifest['published_date']) ? '' : $manifest['published_date'];
305 $description = empty($manifest['description']) ? 'None' : $manifest['description'];
306 $uninstallable = empty($manifest['is_uninstallable']) ? 'No' : 'Yes';
307 $type = getUITextForType( $manifest['type'] );
308 $manifest_type = $manifest['type'];
310 if($view == 'default' && $manifest_type != 'patch')
316 && $manifest_type != 'module' && $manifest_type != 'theme' && $manifest_type != 'langpack')
321 if(empty($manifest['icon']))
323 $icon = getImageForType( $manifest['type'] );
327 $path_parts = pathinfo( $manifest['icon'] );
328 $icon = "<img src=\"" . remove_file_extension( $upgrade_content ) . "-icon." . $path_parts['extension'] . "\">";
331 $upgrades_available++;
332 print( "<tr><td>$icon</td><td>$name</td><td>$type</td><td>$version</td><td>$published_date</td><td>$uninstallable</td><td>$description</td>\n" );
334 $upgrade_content = urlencode($upgrade_content);
337 <form action="{$form_action}_prepare" method="post">
338 <td><input type=submit name="btn_mode" onclick="this.form.mode.value='Install';this.form.submit();" value="{$mod_strings['LBL_UW_BTN_INSTALL']}" /></td>
339 <input type=hidden name="install_file" value="{$upgrade_content}" />
340 <input type=hidden name="mode"/>
343 <form action="{$form_action}" method="post">
344 <td><input type=submit name="run" value="{$mod_strings['LBL_UW_BTN_DELETE_PACKAGE']}" /></td>
345 <input type=hidden name="install_file" value="{$upgrade_content}" />
352 print( "</table>\n" );
354 if( $upgrades_available == 0 ){
355 print($mod_strings['LBL_UW_NONE']);
362 $GLOBALS['log']->info( "Upgrade Wizard view");
367 </table></td></tr></table>