From d0b981757ab416dfd182e6b91e7f9a66132116f9 Mon Sep 17 00:00:00 2001
From: vbenincasa <vbenincasa@gmail.com>
Date: Wed, 09 Jun 2010 15:08:15 -0400
Subject: [PATCH]  - Sanitize CSS universal selector from e-mails. Without this fix any message can play with the CSS from entire mail window or mail preview frame. Test case:  <style type="text/css">*{ background: #000; }</style>

---
 bin/update.sh |   38 ++++++++++++++++++++++++++++++--------
 1 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/bin/update.sh b/bin/update.sh
index 5be7633..7a4d1cf 100755
--- a/bin/update.sh
+++ b/bin/update.sh
@@ -1,6 +1,8 @@
-#!/usr/bin/php
+#!/usr/bin/env php
 <?php
-
+if (php_sapi_name() != 'cli') {
+    die('Not on the "shell" (php-cli).');
+}
 define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' );
 
 require_once INSTALL_PATH . 'program/include/iniset.php';
@@ -10,7 +12,10 @@
 $RCI->load_config();
 
 if ($RCI->configured) {
+  $success = true;
+  
   if ($messages = $RCI->check_config()) {
+    $success = false;
     $err = 0;
 
     // list missing config options
@@ -19,7 +24,7 @@
       echo "(These config options should be present in the current configuration)\n";
 
       foreach ($messages['missing'] as $msg) {
-        echo '- ' . $msg['prop'] . ($msg['name'] ? ': ' . $msg['name'] : '') . "\n";
+        echo "- '" . $msg['prop'] . ($msg['name'] ? "': " . $msg['name'] : "'") . "\n";
         $err++;
       }
       echo "\n";
@@ -31,7 +36,7 @@
       echo "(These config options have been replaced or renamed)\n";
 
       foreach ($messages['replaced'] as $msg) {
-        echo "- " . $msg['prop'] . "\t\t was replaced by " . $msg['replacement'] . "\n";
+        echo "- '" . $msg['prop'] . "' was replaced by '" . $msg['replacement'] . "'\n";
         $err++;
       }
       echo "\n";
@@ -43,7 +48,7 @@
       echo "(You still have some obsolete or inexistent properties set. This isn't a problem but should be noticed)\n";
 
       foreach ($messages['obsolete'] as $msg) {
-        echo "- " . $msg['prop'] . ($msg['name'] ? ': ' . $msg['name'] : '') . "\n";
+        echo "- '" . $msg['prop'] . ($msg['name'] ? "': " . $msg['name'] : "'") . "\n";
         $err++;
       }
       echo "\n";
@@ -98,9 +103,26 @@
       echo "Please fix your config files and run this script again!\n";
       echo "See ya.\n";
     }
-
   }
-  else {
+
+  // check database schema
+  if ($RCI->config['db_dsnw']) {
+    $DB = new rcube_mdb2($RCI->config['db_dsnw'], '', false);
+    $DB->db_connect('w');
+    if ($db_error_msg = $DB->is_error()) {
+      echo "Error connecting to database: $db_error_msg\n";
+      $success = false;
+    }
+    else if ($RCI->db_schema_check($DB, false)) {
+      $updatefile = INSTALL_PATH . 'SQL/' . $DB->db_provider . '.update.sql';
+      echo "WARNING: Database schema needs to be updated!\n";
+      echo "Open $updatefile and execute all queries that are superscribed with the currently installed version number\n";
+      $success = false;
+    }
+  }
+  
+  
+  if ($success) {
     echo "This instance of RoundCube is up-to-date.\n";
     echo "Have fun!\n";
   }
@@ -112,4 +134,4 @@
 
 echo "\n";
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1