From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
bin/installto.sh | 66 +++++++++++++++++++++++++-------
1 files changed, 51 insertions(+), 15 deletions(-)
diff --git a/bin/installto.sh b/bin/installto.sh
index 47c959a..4bbf462 100755
--- a/bin/installto.sh
+++ b/bin/installto.sh
@@ -5,8 +5,11 @@
| bin/installto.sh |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2011, The Roundcube Dev Team |
- | Licensed under the GNU GPL |
+ | Copyright (C) 2014, The Roundcube Dev Team |
+ | |
+ | Licensed under the GNU General Public License version 3 or |
+ | any later version with exceptions for skins & plugins. |
+ | See the README file for a full license statement. |
| |
| PURPOSE: |
| Update an existing Roundcube installation with files from |
@@ -14,29 +17,26 @@
+-----------------------------------------------------------------------+
| Author: Thomas Bruederli <roundcube@gmail.com> |
+-----------------------------------------------------------------------+
-
- $Id$
-
*/
-define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' );
+define('INSTALL_PATH', realpath(__DIR__ . '/..') . '/' );
require_once INSTALL_PATH . 'program/include/clisetup.php';
$target_dir = unslashify($_SERVER['argv'][1]);
if (empty($target_dir) || !is_dir(realpath($target_dir)))
- die("Invalid target: not a directory\nUsage: installto.sh <TARGET>\n");
+ rcube::raise_error("Invalid target: not a directory\nUsage: installto.sh <TARGET>", false, true);
// read version from iniset.php
$iniset = @file_get_contents($target_dir . '/program/include/iniset.php');
if (!preg_match('/define\(.RCMAIL_VERSION.,\s*.([0-9.]+[a-z-]*)/', $iniset, $m))
- die("No valid Roundcube installation found at $target_dir\n");
+ rcube::raise_error("No valid Roundcube installation found at $target_dir", false, true);
$oldversion = $m[1];
-if (version_compare($oldversion, RCMAIL_VERSION, '>='))
- die("Installation at target location is up-to-date!\n");
+if (version_compare(version_parse($oldversion), version_parse(RCMAIL_VERSION), '>='))
+ rcube::raise_error("Installation at target location is up-to-date!", false, true);
echo "Upgrading from $oldversion. Do you want to continue? (y/N)\n";
$input = trim(fgets(STDIN));
@@ -44,23 +44,59 @@
if (strtolower($input) == 'y') {
$err = false;
echo "Copying files to target location...";
- foreach (array('program','installer','bin','SQL','plugins','skins/default') as $dir) {
+
+ // Save a copy of original .htaccess file (#1490623)
+ if (file_exists("$target_dir/.htaccess")) {
+ $htaccess_copied = copy("$target_dir/.htaccess", "$target_dir/.htaccess.orig");
+ }
+
+ $dirs = array('program','installer','bin','SQL','plugins','skins');
+ if (is_dir(INSTALL_PATH . 'vendor') && !is_file(INSTALL_PATH . 'composer.json')) {
+ $dirs[] = 'vendor';
+ }
+ foreach ($dirs as $dir) {
if (!system("rsync -avC " . INSTALL_PATH . "$dir/* $target_dir/$dir/")) {
$err = true;
break;
}
}
- foreach (array('index.php','.htaccess','config/main.inc.php.dist','config/db.inc.php.dist','CHANGELOG','README','UPGRADING') as $file) {
+ foreach (array('index.php','.htaccess','config/defaults.inc.php','composer.json-dist','CHANGELOG','README.md','UPGRADING','LICENSE','INSTALL') as $file) {
if (!system("rsync -av " . INSTALL_PATH . "$file $target_dir/$file")) {
$err = true;
break;
}
}
- echo "done.\n\n";
-
+
+ // remove old (<1.0) .htaccess file
+ @unlink("$target_dir/program/.htaccess");
+ echo "done.";
+
+ // Inform the user about .htaccess change
+ if (!empty($htaccess_copied)) {
+ if (file_get_contents("$target_dir/.htaccess") != file_get_contents("$target_dir/.htaccess.orig")) {
+ echo "\n!! Old .htaccess file saved as .htaccess.orig !!";
+ }
+ else {
+ @unlink("$target_dir/.htaccess.orig");
+ }
+ }
+
+ echo "\n\n";
+
+ if (is_dir("$target_dir/skins/default")) {
+ echo "Removing old default skin...";
+ system("rm -rf $target_dir/skins/default $target_dir/plugins/jqueryui/themes/default");
+ foreach (glob(INSTALL_PATH . "plugins/*/skins") as $plugin_skin_dir) {
+ $plugin_skin_dir = preg_replace('!^.*' . INSTALL_PATH . '!', '', $plugin_skin_dir);
+ if (is_dir("$target_dir/$plugin_skin_dir/classic"))
+ system("rm -rf $target_dir/$plugin_skin_dir/default");
+ }
+ echo "done.\n\n";
+ }
+
if (!$err) {
echo "Running update script at target...\n";
- system("cd $target_dir && bin/update.sh --version=$oldversion");
+ system("cd $target_dir && php bin/update.sh --version=$oldversion");
echo "All done.\n";
}
}
--
Gitblit v1.9.1