modules/UpgradeWizard/upload.php

   1 <?php
   2 if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
   3 /*********************************************************************************
   4  * SugarCRM Community Edition is a customer relationship management program developed by
   5  * SugarCRM, Inc. Copyright (C) 2004-2011 SugarCRM Inc.
   6  *
   7  * This program is free software; you can redistribute it and/or modify it under
   8  * the terms of the GNU Affero General Public License version 3 as published by the
   9  * Free Software Foundation with the addition of the following permission added
  10  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
  11  * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
  12  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
  13  *
  14  * This program is distributed in the hope that it will be useful, but WITHOUT
  15  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  16  * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
  17  * details.
  18  *
  19  * You should have received a copy of the GNU Affero General Public License along with
  20  * this program; if not, see http://www.gnu.org/licenses or write to the Free
  21  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  22  * 02110-1301 USA.
  23  *
  24  * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
  25  * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
  26  *
  27  * The interactive user interfaces in modified source and object code versions
  28  * of this program must display Appropriate Legal Notices, as required under
  29  * Section 5 of the GNU Affero General Public License version 3.
  30  *
  31  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
  32  * these Appropriate Legal Notices must retain the display of the "Powered by
  33  * SugarCRM" logo. If the display of the logo is not reasonably feasible for
  34  * technical reasons, the Appropriate Legal Notices must display the words
  35  * "Powered by SugarCRM".
  36  ********************************************************************************/
  37
  38 /*********************************************************************************
  39
  40  * Description:
  41  * Portions created by SugarCRM are Copyright (C) SugarCRM, Inc. All Rights
  42  * Reserved. Contributor(s): ______________________________________..
  43  * *******************************************************************************/
  44 logThis('At upload.php');
  45
  46 //set the upgrade progress status.
  47 set_upgrade_progress('upload','in_progress');
  48
  49
  50 $stop = true; // flag to show "next"
  51 $run = isset($_REQUEST['run']) ? $_REQUEST['run'] : '';
  52 $out = '';
  53
  54 if(file_exists('ModuleInstall/PackageManager/PackageManagerDisplay.php')) {
  55         require_once('ModuleInstall/PackageManager/PackageManagerDisplay.php');
  56 }
  57
  58 ///////////////////////////////////////////////////////////////////////////////
  59 ////    UPLOAD FILE PROCESSING
  60 switch($run) {
  61         case 'upload':
  62                 logThis('running upload');
  63         $perform = false;
  64         $tempFile = '';
  65
  66                 if(isset($_REQUEST['release_id']) && $_REQUEST['release_id'] != ""){
  67             require_once('ModuleInstall/PackageManager/PackageManager.php');
  68             $pm = new PackageManager();
  69             $tempFile = '';
  70             $perform = false;
  71             if(!empty($_SESSION['ML_PATCHES'])){
  72                 $release_map = $_SESSION['ML_PATCHES'][$_REQUEST['release_id']];
  73                 if(!empty($release_map)){
  74                         $tempFile = $pm->download($release_map['category_id'], $release_map['package_id'], $_REQUEST['release_id'], getcwd().'/'.$sugar_config['upload_dir']);
  75                         $perform = true;
  76                                         if($release_map['type'] != 'patch'){
  77                                                 $pm->performSetup($tempFile, $release_map['type'], false);
  78                                                 header('Location: index.php?module=Administration&action=UpgradeWizard&view=module');
  79                                         }
  80                 }
  81             }
  82
  83             $base_filename = urldecode($tempFile);
  84         }
  85         else if( empty( $_FILES['upgrade_zip']['tmp_name'] ) ) {
  86                         logThis('ERROR: no file uploaded!');
  87                         echo $mod_strings['ERR_UW_NO_FILE_UPLOADED'];
  88
  89                         // add PHP error if isset
  90                         if(isset($_FILES['upgrade_zip']['error']) && !empty($_FILES['upgrade_zip']['error'])) {
  91                                 $out = "<b><span class='error'>{$mod_strings['ERR_UW_PHP_FILE_ERRORS'][$_FILES['upgrade_zip']['error']]}</span></b><br />";
  92                         }
  93                 } else {
  94                         if(!move_uploaded_file($_FILES['upgrade_zip']['tmp_name'], getcwd().'/'.$sugar_config['upload_dir'].$_FILES['upgrade_zip']['name'])) {
  95                                 logThis('ERROR: could not move temporary file to final destination!');
  96                                 unlinkTempFiles();
  97                                 $out = "<b><span class='error'>{$mod_strings['ERR_UW_NOT_VALID_UPLOAD']}</span></b><br />";
  98                         } else {
  99                                 $tempFile = getcwd().'/'.$sugar_config['upload_dir'].$_FILES['upgrade_zip']['name'];
 100                                 logThis('File uploaded to '.$tempFile);
 101                 $base_filename = urldecode( $_REQUEST['upgrade_zip_escaped'] );
 102                 $perform = true;
 103                         }
 104         }
 105         if($perform){
 106
 107                     $manifest_file = extractManifest($tempFile);
 108
 109                         if(is_file($manifest_file)) {
 110                         require_once( $manifest_file );
 111                                 $error = validate_manifest( $manifest );
 112                                 if(!empty($error)) {
 113                                         $out = "<b><span class='error'>{$error}</span></b><br />";
 114                                         break;
 115                                 }
 116                                 $upgrade_zip_type = $manifest['type'];
 117
 118                                 // exclude the bad permutations
 119                                 if($upgrade_zip_type != "patch") {
 120                                         logThis('ERROR: incorrect patch type found: '.$upgrade_zip_type);
 121                                         unlinkTempFiles();
 122                                         $out = "<b><span class='error'>{$mod_strings['ERR_UW_ONLY_PATCHES']}</span></b><br />";
 123                                         break;
 124                                 }
 125
 126
 127                                 $base_filename = preg_replace( "#\\\\#", "/", $base_filename );
 128                                 $base_filename = basename( $base_filename );
 129
 130                                 mkdir_recursive( "$base_upgrade_dir/$upgrade_zip_type" );
 131                                 $target_path = "$base_upgrade_dir/$upgrade_zip_type/$base_filename";
 132                                 $target_manifest = remove_file_extension( $target_path ) . "-manifest.php";
 133
 134                                 if(isset($manifest['icon']) && $manifest['icon'] != "" ) {
 135                                         logThis('extracting icons.');
 136                                          $icon_location = extractFile( $tempFile ,$manifest['icon'] );
 137                                          $path_parts = pathinfo( $icon_location );
 138                                          copy( $icon_location, remove_file_extension( $target_path ) . "-icon." . $path_parts['extension'] );
 139                                 }
 140
 141                                 if(copy($tempFile , $target_path)){
 142                                         logThis('copying manifest.php to final destination.');
 143                                         copy($manifest_file, $target_manifest);
 144                                         $out .= "<b>{$base_filename} {$mod_strings['LBL_UW_FILE_UPLOADED']}.</b><br>\n";
 145                                 } else {
 146                                         logThis('ERROR: cannot copy manifest.php to final destination.');
 147                                         $out .= "<b><span class='error'>{$mod_strings['ERR_UW_UPLOAD_ERR']}</span></b><br />";
 148                                         break;
 149                                 }
 150                         } else {
 151                                 logThis('ERROR: no manifest.php file found!');
 152                                 unlinkTempFiles();
 153                                 $out = "<b><span class='error'>{$mod_strings['ERR_UW_NO_MANIFEST']}</span></b><br />";
 154                                 break;
 155                         }
 156                         $_SESSION['install_file'] = clean_path($tempFile);
 157                         logThis('zip file moved to ['.$_SESSION['install_file'].']');
 158                         //rrs serialize manifest for saving in the db
 159                         $serial_manifest = array();
 160                         $serial_manifest['manifest'] = (isset($manifest) ? $manifest : '');
 161                         $serial_manifest['installdefs'] = (isset($installdefs) ? $installdefs : '');
 162                         $serial_manifest['upgrade_manifest'] = (isset($upgrade_manifest) ? $upgrade_manifest : '');
 163                         $_SESSION['install_manifest'] = base64_encode(serialize($serial_manifest));
 164                 }
 165
 166                 if(!empty($tempFile)) {
 167                         upgradeUWFiles($tempFile);
 168                         //set the upgrade progress status. actually it should be set when a file is uploaded
 169                         set_upgrade_progress('upload','done');
 170
 171                 }
 172
 173         break; // end 'upload'
 174
 175         case 'delete':
 176                 logThis('running delete');
 177
 178         if(!isset($_REQUEST['install_file']) || ($_REQUEST['install_file'] == "")) {
 179                 logThis('ERROR: trying to delete non-existent file: ['.$_REQUEST['install_file'].']');
 180             $error = $mod_strings['ERR_UW_NO_FILE_UPLOADED'];
 181         }
 182
 183         // delete file in upgrades/patch
 184         $delete_me = urldecode( $_REQUEST['install_file'] );
 185         if(@unlink($delete_me)) {
 186                 logThis('unlinking: '.$delete_me);
 187             $out = basename($delete_me).$mod_strings['LBL_UW_FILE_DELETED'];
 188         } else {
 189                 logThis('ERROR: could not delete ['.$delete_me.']');
 190                         $error = $mod_strings['ERR_UW_FILE_NOT_DELETED'].$delete_me;
 191         }
 192
 193         // delete file in cache/upload
 194         $fileS = explode('/', $delete_me);
 195         $c = count($fileS);
 196         $fileName = (isset($fileS[$c-1]) && !empty($fileS[$c-1])) ? $fileS[$c-1] : $fileS[$c-2];
 197         $deleteUpload = getcwd().'/'.$sugar_config['upload_dir'].$fileName;
 198         logThis('Trying to delete '.$deleteUpload);
 199         if(!@unlink($deleteUpload)) {
 200                 logThis('ERROR: could not delete: ['.$deleteUpload.']');
 201                 $error = $mod_strings['ERR_UW_FILE_NOT_DELETED'].$sugar_config['upload_dir'].$fileName;
 202         }
 203
 204         if(!empty($error)) {
 205                         $out = "<b><span class='error'>{$error}</span></b><br />";
 206         }
 207
 208         unlinkTempFiles();
 209         unlinkUploadFiles();
 210         //set the upgrade progress status. actually it should be set when a file is uploaded
 211                 set_upgrade_progress('upload','in_progress');
 212
 213         break;
 214 }
 215 ////    END UPLOAD FILE PROCESSING FORM
 216 ///////////////////////////////////////////////////////////////////////////////
 217
 218
 219 ///////////////////////////////////////////////////////////////////////////////
 220 ////    READY TO INSTALL UPGRADES
 221 $validReturn = getValidPatchName();
 222 $ready = $validReturn['ready'];
 223 $disabled = $validReturn['disabled'];
 224 ////    END READY TO INSTALL UPGRADES
 225 ///////////////////////////////////////////////////////////////////////////////
 226
 227 if(isset($_SESSION['install_file']) && !empty($_SESSION['install_file']) && is_file($_SESSION['install_file'])) {
 228         $stop = false;
 229 } else {
 230         $stop = true;
 231 }
 232 if($stop == false) set_upgrade_progress('upload','done');
 233 $frozen = $out;
 234
 235 if(!$stop){
 236     if(!empty($GLOBALS['top_message'])){
 237         $GLOBALS['top_message'] .= "<br />";
 238     }
 239     else{
 240         $GLOBALS['top_message'] = '';
 241     }
 242     $GLOBALS['top_message'] .= "<b>{$mod_strings['LBL_UPLOAD_SUCCESS']}</b>";
 243 }
 244 else if(!$frozen){
 245     $GLOBALS['top_message'] .= "<br />";
 246 }
 247 else{
 248     $GLOBALS['top_message'] = "<b>{$frozen}</b>";
 249 }
 250
 251 ///////////////////////////////////////////////////////////////////////////////
 252 ////    UPLOAD FORM
 253 $form = '';
 254 if(empty($GLOBALS['sugar_config']['disable_uw_upload'])){
 255 $form =<<<eoq
 256 <form name="the_form" id='the_form' enctype="multipart/form-data" action="index.php" method="post">
 257         <input type="hidden" name="module" value="UpgradeWizard">
 258         <input type="hidden" name="action" value="index">
 259         <input type="hidden" name="step" value="{$_REQUEST['step']}">
 260         <input type="hidden" name="run" value="upload">
 261 <table width="100%" border="0" cellspacing="0" cellpadding="0" class="edit view">
 262 <tr><td>
 263         <table width="450" border="0" cellspacing="0" cellpadding="0">
 264                 <tr>
 265                         <td>
 266                                 {$mod_strings['LBL_SELECT_FILE']}
 267                                 <input type="file" onchange="uploadCheck();" name="upgrade_zip" id="upgrade_zip" size="40" />
 268                         </td>
 269                         <td valign="bottom">&nbsp;
 270                                 <input id="upload_button" class='button' type=button
 271                                                 {$disabled}
 272                                                 disabled="disabled"
 273                                                 value="{$mod_strings['LBL_UW_TITLE_UPLOAD']}"
 274                                                 onClick="uploadCheck();upgradeP('uploadingUpgradePackage', false);document.the_form.upgrade_zip_escaped.value = escape( document.the_form.upgrade_zip.value );document.the_form.submit();" />
 275                                 <input type=hidden name="upgrade_zip_escaped" value="" />
 276                         </td>
 277                 </tr>
 278         </table>
 279 </td></tr>
 280 </table>
 281 </form>
 282 eoq;
 283 }
 284 $hidden_fields = "<input type=\"hidden\" name=\"module\" value=\"UpgradeWizard\">";
 285 $hidden_fields .= "<input type=\"hidden\" name=\"action\" value=\"index\">";
 286 $hidden_fields .= "<input type=\"hidden\" name=\"step\" value=\"{$_REQUEST['step']}\">";
 287 $hidden_fields .= "<input type=\"hidden\" name=\"run\" value=\"upload\">";
 288 $form2 = '';
 289 /*  Removing Install From Sugar tab from Upgradewizard.
 290 if(class_exists("PackageManagerDisplay")) {
 291         $form2 = PackageManagerDisplay::buildPatchDisplay($form, $hidden_fields, 'index.php', array('patch', 'module'));
 292 }
 293 */
 294 if($form2 == null){
 295         $form2 = $form;
 296 }
 297 $form3 =<<<eoq2
 298 <br>
 299
 300 <table width="100%" border="0" cellspacing="0" cellpadding="0" class="edit view">
 301 <tr><td>
 302
 303         <table width="100%" border="0" cellspacing="0" cellpadding="0">
 304                 <tr>
 305                         <td>
 306                                 {$mod_strings['LBL_UW_FILES_QUEUED']}<br>
 307                                 {$ready}
 308                         </td>
 309                 </tr>
 310         </table>
 311 </td></tr>
 312 </table>
 313 <script type="text/javascript" language="Javascript" src="include/JSON.js"></script>
 314 <script>
 315  function fileBrowseLoaded(){
 316         //alert(document.the_form.upgrade_zip.value.length);
 317         if(escape(document.the_form.upgrade_zip.value).length == 0 || escape(document.the_form.upgrade_zip.value) == 'undefined'){
 318        document.the_form.upload_button.disabled= 'disabled';
 319         }
 320         else{
 321                 document.the_form.upload_button.disabled= '';
 322         }
 323         var len = escape(document.the_form.upgrade_zip.value).length;
 324  }
 325
 326  function uploadCheck(){
 327    var len = escape(document.the_form.upgrade_zip.value).length;
 328    var file_extn = escape(document.the_form.upgrade_zip.value).substr(len-3,len);
 329    if(file_extn.toLowerCase() !='zip'){
 330                 //document.the_form.upgrade_zip.value = '';
 331                 //document.getElementById("upgrade_zip").value = '';
 332                 alert('Not a zip file');
 333                 document.getElementById("upgrade_zip").value='';
 334                 document.getElementById("upload_button").disabled='disabled';
 335    }
 336    else{
 337         //AJAX call for checking the file size and comparing with php.ini settings.
 338         var callback = {
 339                  success:function(r) {
 340                      var file_size = r.responseText;
 341                      //alert(file_size.length);
 342                      if(file_size.length >0){
 343                        var msg = SUGAR.language.get('UpgradeWizard','LBL_UW_FILE_SIZE');
 344                        msg1 =SUGAR.language.get('UpgradeWizard','LBL_UW_FILE_BIGGER_MSG');
 345                        msg2 = SUGAR.language.get('UpgradeWizard','LBL_BYTES_WEBSERVER_MSG');
 346                        if(msg  == 'undefined') msg = 'The file size, ';
 347                        if(msg1 == 'undefined') msg1 = ' Bytes, is greater than what is allowed by the upload_max_filesize and/or the post_max_size settings in php.ini. Change the settings so that they are greater than ';
 348                        if(msg2 == 'undefined') msg2 = ' Bytes and restart the webserver.';
 349                        msg = msg+file_size+msg1;
 350                        msg = msg+file_size+msg2;
 351                        alert(msg);
 352                        document.getElementById("upload_button").disabled='disabled';
 353                      }
 354                      else{
 355                        document.getElementById("upload_button").disabled='';
 356                      }
 357                  }
 358         }
 359
 360     //var file_name = document.getElementById('upgrade_zip').value;
 361         var file_name = document.the_form.upgrade_zip.value;
 362         postData = 'file_name=' + JSON.stringify(file_name) + '&module=UpgradeWizard&action=UploadFileCheck&to_pdf=1';
 363         YAHOO.util.Connect.asyncRequest('POST', 'index.php', callback, postData);
 364    }
 365 }
 366 </script>
 367 eoq2;
 368 $form5 =<<<eoq5
 369 <br>
 370 <div id="upgradeDiv" style="display:none">
 371     <table cellspacing="0" cellpadding="0" border="0">
 372         <tr><td>
 373            <p><img src='modules/UpgradeWizard/processing.gif'></p>
 374         </td></tr>
 375      </table>
 376  </div>
 377
 378 eoq5;
 379 $uwMain = $form2.$form3.$form5;
 380 ////    END UPLOAD FORM
 381 ///////////////////////////////////////////////////////////////////////////////
 382 //set the upgrade progress status. actually it should be set when a file is uploaded
 383 //set_upgrade_progress('upload','done');
 384
 385
 386 $showBack               = true;
 387 $showCancel             = true;
 388 $showRecheck    = false;
 389 $showNext               = true;
 390
 391 $stepBack               = $_REQUEST['step'] - 1;
 392 $stepNext               = $_REQUEST['step'] + 1;
 393 $stepCancel             = -1;
 394 $stepRecheck    = $_REQUEST['step'];
 395
 396
 397 $_SESSION['step'][$steps['files'][$_REQUEST['step']]] = ($stop) ? 'failed' : 'success';
 398
 399 ?>