From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
bin/installto.sh | 37 +++++++++++++++++++++++++++++++------
1 files changed, 31 insertions(+), 6 deletions(-)
diff --git a/bin/installto.sh b/bin/installto.sh
index 8e1ab1f..4bbf462 100755
--- a/bin/installto.sh
+++ b/bin/installto.sh
@@ -5,7 +5,7 @@
| bin/installto.sh |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2012, The Roundcube Dev Team |
+ | Copyright (C) 2014, The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
@@ -19,7 +19,7 @@
+-----------------------------------------------------------------------+
*/
-define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' );
+define('INSTALL_PATH', realpath(__DIR__ . '/..') . '/' );
require_once INSTALL_PATH . 'program/include/clisetup.php';
@@ -44,19 +44,44 @@
if (strtolower($input) == 'y') {
$err = false;
echo "Copying files to target location...";
- foreach (array('program','installer','bin','SQL','plugins','skins') as $dir) {
+
+ // Save a copy of original .htaccess file (#1490623)
+ if (file_exists("$target_dir/.htaccess")) {
+ $htaccess_copied = copy("$target_dir/.htaccess", "$target_dir/.htaccess.orig");
+ }
+
+ $dirs = array('program','installer','bin','SQL','plugins','skins');
+ if (is_dir(INSTALL_PATH . 'vendor') && !is_file(INSTALL_PATH . 'composer.json')) {
+ $dirs[] = 'vendor';
+ }
+ foreach ($dirs as $dir) {
if (!system("rsync -avC " . INSTALL_PATH . "$dir/* $target_dir/$dir/")) {
$err = true;
break;
}
}
- foreach (array('index.php','.htaccess','config/main.inc.php.dist','config/db.inc.php.dist','CHANGELOG','README.md','UPGRADING','LICENSE') as $file) {
+ foreach (array('index.php','.htaccess','config/defaults.inc.php','composer.json-dist','CHANGELOG','README.md','UPGRADING','LICENSE','INSTALL') as $file) {
if (!system("rsync -av " . INSTALL_PATH . "$file $target_dir/$file")) {
$err = true;
break;
}
}
- echo "done.\n\n";
+
+ // remove old (<1.0) .htaccess file
+ @unlink("$target_dir/program/.htaccess");
+ echo "done.";
+
+ // Inform the user about .htaccess change
+ if (!empty($htaccess_copied)) {
+ if (file_get_contents("$target_dir/.htaccess") != file_get_contents("$target_dir/.htaccess.orig")) {
+ echo "\n!! Old .htaccess file saved as .htaccess.orig !!";
+ }
+ else {
+ @unlink("$target_dir/.htaccess.orig");
+ }
+ }
+
+ echo "\n\n";
if (is_dir("$target_dir/skins/default")) {
echo "Removing old default skin...";
@@ -71,7 +96,7 @@
if (!$err) {
echo "Running update script at target...\n";
- system("cd $target_dir && bin/update.sh --version=$oldversion");
+ system("cd $target_dir && php bin/update.sh --version=$oldversion");
echo "All done.\n";
}
}
--
Gitblit v1.9.1