From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
bin/update.sh | 39 ++++++++++++++++++++++++++++++++-------
1 files changed, 32 insertions(+), 7 deletions(-)
diff --git a/bin/update.sh b/bin/update.sh
index 2631440..5bc01be 100755
--- a/bin/update.sh
+++ b/bin/update.sh
@@ -5,7 +5,7 @@
| bin/update.sh |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2010-2014, The Roundcube Dev Team |
+ | Copyright (C) 2010-2015, The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
@@ -156,10 +156,8 @@
// check database schema
if ($RCI->config['db_dsnw']) {
echo "Executing database schema update.\n";
- system("php " . INSTALL_PATH . "bin/updatedb.sh --package=roundcube --version=" . $opts['version']
- . " --dir=" . INSTALL_PATH . "SQL", $res);
-
- $success = !$res;
+ $success = rcmail_utils::db_update(INSTALL_PATH . 'SQL', 'roundcube', $opts['version'],
+ array('errors' => true));
}
// update composer dependencies
@@ -181,6 +179,33 @@
*/
}
+ // update the repositories section with the new dependencies
+ if (is_array($composer_template['repositories'])) {
+ if (!is_array($composer_data['repositories'])) {
+ $composer_data['repositories'] = array();
+ }
+
+ foreach ($composer_template['repositories'] as $repo) {
+ $rkey = $repo['type'] . preg_replace('/^https?:/', '', $repo['url']) . $repo['package']['name'];
+ $existing = false;
+ foreach ($composer_data['repositories'] as $k => $_repo) {
+ if ($rkey == $_repo['type'] . preg_replace('/^https?:/', '', $_repo['url']) . $_repo['package']['name']) {
+ $existing = true;
+ break;
+ }
+ // remove old repos
+ else if (strpos($_repo['url'], 'git://git.kolab.org') === 0) {
+ unset($composer_data['repositories'][$k]);
+ }
+ }
+ if (!$existing) {
+ $composer_data['repositories'][] = $repo;
+ }
+ }
+
+ $composer_data['repositories'] = array_values($composer_data['repositories']);
+ }
+
// use the JSON encoder from the Composer package
if (is_file('composer.phar')) {
include 'phar://composer.phar/src/Composer/Json/JsonFile.php';
@@ -188,7 +213,7 @@
}
// PHP 5.4's json_encode() does the job, too
else if (defined('JSON_PRETTY_PRINT')) {
- $comsposer_json = json_encode($composer_data, JSON_PRETTY_PRINT & JSON_UNESCAPED_SLASHES);
+ $comsposer_json = json_encode($composer_data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
}
else {
$success = false;
@@ -218,7 +243,7 @@
// index contacts for fulltext searching
if ($opts['version'] && version_compare(version_parse($opts['version']), '0.6.0', '<')) {
- system("php " . INSTALL_PATH . 'bin/indexcontacts.sh');
+ rcmail_utils::indexcontacts();
}
if ($success) {
--
Gitblit v1.9.1