WB 2.11.0

<?php

/**

 *

 * @category        backend

 * @package         installation

 * @author          WebsiteBaker Project

 * @copyright       Website Baker Org. e.V.

 * @link            http://wwebsitebaker.org/

 * @license         http://www.gnu.org/licenses/gpl.html

 * @platform        WebsiteBaker 2.8.3

 * @requirements    PHP 5.3.6 and higher

 * @version         $Id$

 * @filesource      $HeadURL$

 * @lastmodified    $Date$

 *

 */

// Stop execution if PHP version is too old

// PHP less then 5.6.0 is prohibited ---

if (version_compare(PHP_VERSION, '5.6.0', '<')) {

    $sMsg = '<p style="color: #ff0000;">WebsiteBaker is not able to run with PHP-Version less then 5.6.0!!<br />'

          . 'Please change your PHP-Version to any kind from 5.6.0 and up!<br />'

          . 'If you have problems to solve that, ask your hosting provider for it.<br  />'

          . 'The very best solution is the use of PHP-7.0 and up</p>';

    die($sMsg);

}

/* ************************************************************************** */

function sanitizeConfigFile($sConfigFile)

{

    $sFileMarker = '*** auto generated config file for '.getNewVersionString();

// check if config is writeable

    if (!is_readable($sConfigFile)) {

        throw new RuntimeException('sorry, '.basename($sConfigFile).' is not readable or does not exists!');

    }

    $sCfgContent = file_get_contents($sConfigFile);

// check if config is created by WB

    if (!preg_match('/'.preg_quote($sFileMarker, '/').'/siU', $sCfgContent)) {

        if (!is_writeable($sConfigFile)) {

            $sMsg = 'The file ['.basename($sConfigFile).'] is not writeable and can not be corrected!'."\n"

                  . 'Please grant neccessary rights to the file and restart this program!';

            throw new RuntimeException($sMsg);

        }

        // clean from includes

        $sPattern = '/\n[^;]*(require|include).*framework\/initialize\.php.*$/siU';

        $sCfgContent = preg_replace($sPattern, "\n",$sCfgContent);

        // create temporary file

        $sTmpFilename = tempnam(__DIR__.'/temp', '~config');

        // fill it with old content

        file_put_contents($sTmpFilename, $sCfgContent);

        // include this file

        include $sTmpFilename;

        // it can be deleted now

        unlink($sTmpFilename);

        // collect and check available data

        $aValues = ['ADMIN_DIRECTORY' => ''];

        if (!defined('ADMIN_DIRECTORY')) {

            if (defined('ADMIN_URL')) {

                $aValues['ADMIN_DIRECTORY'] = trim(str_replace(str_replace('\\', '/', WB_URL), '', str_replace('\\', '/', ADMIN_URL)), '/');

            }

        } else { $aValues['ADMIN_DIRECTORY'] = ADMIN_DIRECTORY; }

        $aValues['WB_URL']       = defined('WB_URL')       ? WB_URL       : '';

        $aValues['DB_TYPE']      = defined('DB_TYPE')      ? DB_TYPE      : 'mysqli';

        $aValues['DB_HOST']      = defined('DB_HOST')      ? DB_HOST      : '';

        $aValues['DB_PORT']      = defined('DB_PORT')      ? DB_PORT      : '3306';

        $aValues['DB_NAME']      = defined('DB_NAME')      ? DB_NAME      : '';

        $aValues['DB_USERNAME']  = defined('DB_USERNAME')  ? DB_USERNAME  : '';

        $aValues['DB_PASSWORD']  = defined('DB_PASSWORD')  ? DB_PASSWORD  : '';

        $aValues['DB_CHARSET']   = ((defined('DB_CHARSET') && trim(DB_CHARSET) != '') ? DB_CHARSET : 'utf8');

        $aValues['TABLE_PREFIX'] = defined('TABLE_PREFIX') ? TABLE_PREFIX : 'wb_';

        // build the new config content

        $sConfigContent

            = '<?php'."\n"

            . '/*'."\n"

            . ' '.$sFileMarker."\n"

            . ' ****[WebsiteBaker]****'."\n"

            . ' *** created at '.date('Y-m-d h:i:s e')."\n"

            . ' */'."\n"

            . '// define(\'DEBUG\', false);'."\n"

            . 'define(\'DB_TYPE\',         \''.$aValues['DB_TYPE'].'\');'."\n"

            . 'define(\'DB_HOST\',         \''.$aValues['DB_HOST'].'\');'."\n"

            . 'define(\'DB_PORT\',         \''.$aValues['DB_PORT'].'\');'."\n"

            . 'define(\'DB_NAME\',         \''.$aValues['DB_NAME'].'\');'."\n"

            . 'define(\'DB_USERNAME\',     \''.$aValues['DB_USERNAME'].'\');'."\n"

            . 'define(\'DB_PASSWORD\',     \''.$aValues['DB_PASSWORD'].'\');'."\n"

            . 'define(\'DB_CHARSET\',      \''.$aValues['DB_CHARSET'].'\');'."\n"

            . 'define(\'TABLE_PREFIX\',    \''.$aValues['TABLE_PREFIX'].'\');'."\n"

            . "\n"

            . 'define(\'WB_URL\',          \''.$aValues['WB_URL'].'\'); '

            . '// no trailing slash or backslash!!'."\n"

            . 'define(\'ADMIN_DIRECTORY\', \''.$aValues['ADMIN_DIRECTORY'].'\'); '

            . '// no leading/trailing slash or backslash!! A simple directory name only!!'."\n"

            . "\n"

            . 'require_once __DIR__.\'/framework/initialize.php\';'."\n"

            . '// --- end of file ----------------------------------'."\n"

        ;

        if (false === file_put_contents($sConfigFile, $sConfigContent)) {

            $sMsg = 'Write file ['.basename($sConfigFile).'] failed!'."\n"

                  . 'Please create the file manualy. You ca find an example at '

                  . '<a href="http://wiki.websitebaker.org/" title="WB-wiki">WebsiteBaker Wiki</a>';

            throw new RuntimeException($sMsg);

        }

        $sMsg = 'Update file ['.basename($sConfigFile).'] successful done!';

        throw new RuntimeException($sMsg);

    }

}

/* ************************************************************************** */

function getOldVersionString()

{

    $sRetval = '';

    $sConfigFile = file_get_contents(__DIR__.'/config.php');

    $sPattern = '=(\ \*\*\*[^\*]*?WebsiteBaker.*? )(?:[0-9][^ \n]*?)$=ism';

    if (preg_match($sPattern, $sConfigFile, $aMatches)) {

        $sRetval = $aMatches[0];

    }

    return $sRetval;

}

/* ************************************************************************** */

function getNewVersionString()

{

    $sAdminDirectory = searchAdminDir();

    $sVersionFile = file_get_contents(__DIR__.'/'.$sAdminDirectory.'/interface/version.php');

    $sPattern = '=define\s*\(\'VERSION\'\,\s*\'([^\']*)\'=is';

    $sRetval = ((preg_match($sPattern, $sVersionFile, $aMatches)) ? $aMatches[1] : '???');

    return $sRetval;

}

/* ************************************************************************** */

function updateConfigPhP($sConfigFile, $sOldVersionString)

{

    $sNewVersion = getNewVersionString();

    $sql = 'SELECT `value` FROM `'.TABLE_PREFIX.'settings` '

         . 'WHERE `name`=\'wb_version\'';

    $sOldVersion = $GLOBALS['database']->get_one($sql);

    if ($sNewVersion != $sOldVersion) {

    // new upgrade detected

        $sVersionString = ' *** WebsiteBaker upgrade from '.$sOldVersion.' to '.$sNewVersion;

    } else {

    // modify old string if needed

        $sVersionString = ($sOldVersionString ?: ' *** WebsiteBaker '.$sNewVersion);

    }

    $sCfgContent = file_get_contents($sConfigFile);

    file_put_contents($sConfigFile, str_replace(' ****[WebsiteBaker]****', $sVersionString, $sCfgContent));

    $sVersionString = sprintf($sVersionString, $sNewVersion);

}

/* ************************************************************************** */

function searchAdminDir()

{

    $sBaseDir = __DIR__.'/*';

    $sAdminFolder = false;

    foreach (glob($sBaseDir, GLOB_MARK|GLOB_ONLYDIR) as $sFolder) {

        $sFolder = str_replace('\\', '/', $sFolder);

        if (

            file_exists($sFolder.'access/') &&

            file_exists($sFolder.'interface/') &&

            file_exists($sFolder.'groups/')

        ) {

            $sAdminFolder = trim(basename($sFolder), '/');

            break;

        }

    }

    if (!$sAdminFolder) {

        throw new RuntimeException('sorry, '.basename($sConfigFile).' is not readable or does not exists!');

    }

    return $sAdminFolder;

}

/* ************************************************************************** */

/* *** start script ********************************************************* */

/* ************************************************************************** */

$sOldVersionString = getOldVersionString();

// exception handling

try {

    sanitizeConfigFile(__DIR__.'/config.php');

} catch(Exception $e) {

    $sProtokol   = ((!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off' ) ? 'http' : 'https') . '://';

    $sSriptname = trim(isset($_SERVER['SCRIPT_URI'])

                   ? $_SERVER['SCRIPT_URI'].'?'.$_SERVER['QUERY_STRING']

                   : (isset($_SERVER['REQUEST_URI'])

                     ? $_SERVER['REQUEST_URI']

                     : $_SERVER['SCRIPT_NAME']),'/');

    $sReloadLink = $sProtokol.$_SERVER['HTTP_HOST'].($_SERVER['SERVER_PORT'] == 80 ? '' : $_SERVER['SERVER_PORT'].':').'/'.$sSriptname;

    $aTmp = explode('?', $sReloadLink, 2);

    $sReloadLink = $aTmp[0].'?ts='.dechex(time());

    $sOutput

        = '<!DOCTYPE html><html lang="en-US"><head>'

        . '<meta name="viewport" content="width=device-width, initial-scale=1.0">'

        . '<meta charset="UTF-8"><meta name="robots" content="noindex,nofollow">'

        . '<meta http-equiv="expires" content="0">'

        . '<title>System Message</title></head>'

        . '<body><h1>WebsiteBaker - System Message</h1><hr>'

        . '<p>'.nl2br($e->getMessage(), false).'</p>'

        . '<form><button style="margin: 5px 50px;" type="submit" formmethod="get" formaction="'.$sReloadLink.'">'

        . 'Restart Programm<br>(or press F5)</button></form>'

        . '<hr></body></html>';

    echo $sOutput;

    flush();

    die;

}

/* ************************************************************************** */

// include the new config and initialize

if (!defined('WB_URL')) { require_once(__DIR__.'/config.php'); }

updateConfigPhP(__DIR__.'/config.php', $sOldVersionString);

if (!function_exists('make_dir'))  {require(__DIR__.'/framework/functions.php');}

if (!class_exists('admin', false)) {require(__DIR__.'/framework/class.admin.php');}

$admin = new admin('Addons', 'modules', false, false);

/* display a status message on the screen **************************************

 * @param string $message: the message to show

 * @param string $class:   kind of message as a css-class

 * @param string $element: witch HTML-tag use to cover the message

 * @return void

 */

    function status_msg($message, $class='check', $element='p')

    {

        // returns a status message

        $msg  = '<'.$element.' class="'.$class.'" style="padding: 0 0 2.00em 0.825em; ">';

    #    $msg .= '<h4>'.strtoupper(strtok($class, ' ')).'</h4>';

        $msg .= $message.'</'.$element.'>';

        echo '<div class="message">'.$msg.'</div>';

    }

    if (is_readable(WB_PATH.'/install/ModuleWhiteList')){

        $aModuleWhiteList = file(WB_PATH.'/install/ModuleWhiteList', FILE_IGNORE_NEW_LINES|FILE_SKIP_EMPTY_LINES);

    } else {

        $aModuleWhiteList =

              array (

                    'captcha_control',

                    'ckeditor',

                    'code',

                    'droplets',

                    'form',

                    'jsadmin',

                    'menu_link',

                    'mod_multilingual',

                    'news',

                    'output_filter',

                    'show_menu2',

                    'wrapper',

                    'wysiwyg'

            );

    }

$aDefaultSettings = array (

    'app_name' => 'wb-1281',

    'confirmed_registration' => '0',

    'debug' => 'false',

    'default_charset' => 'utf-8',

    'default_date_format' => 'M d Y',

    'default_language' => 'en',

    'default_template' => 'DefaultTemplate',

    'default_theme' => 'DefaultTheme',

    'default_time_format' => 'g:i A',

    'default_timezone' => '',

    'er_level' => '',

    'frontend_login' => 'false',

    'frontend_signup' => 'false',

    'home_folders' => 'true',

    'homepage_redirection' => 'false',

    'intro_page' => 'false',

    'manage_sections' => 'true',

    'media_directory' => '/media',

    'mediasettings' => '',

    'multiple_menus' => 'true',

    'operating_system' => 'linux',

    'page_extension' => '.php',

    'page_icon_dir' => '/templates/*/title_images',

    'page_languages' => 'true',

    'page_level_limit' => '4',

    'page_spacer' => '-',

    'page_trash' => 'inline',

    'pages_directory' => '/pages',

    'redirect_timer' => '1000',

    'rename_files_on_upload' => 'ph.*?,cgi,pl,pm,exe,com,bat,pif,cmd,src,asp,aspx,js',

    'search' => 'public',

    'sec_anchor' => 'Sec',

    'sec_token_fingerprint' => 'true',

    'sec_token_netmask4' => '24',

    'sec_token_netmask6' => '64',

    'sec_token_life_time' => '1800',

    'section_blocks' => 'true',

    'server_email' => 'info@example.com',

    'smart_login' => 'true',

    'string_dir_mode' => '0755',

    'string_file_mode' => '0644',

    'system_locked' => '0',

    'warn_page_leave' => '1',

    'wb_revision' => '',

    'wb_sp' => '',

    'wb_version' => '',

    'wbmailer_default_sendername' => 'WB Mailer',

    'wbmailer_routine' => 'phpmail',

    'wbmailer_smtp_auth' => '',

    'wbmailer_smtp_host' => 'localhost',

    'wbmailer_smtp_password' => '',

    'wbmailer_smtp_port' => '25',

    'wbmailer_smtp_secure' => 'TLS',

    'wbmailer_smtp_username' => '',

    'website_description' => '',

    'website_footer' => '',

    'website_header' => '',

    'website_keywords' => '',

    'website_signature' => '',

    'website_title' => '',

    'wysiwyg_editor' => 'ckeditor',

    'wysiwyg_style' => 'font-family: Verdana => Arial => Helvetica => sans-serif; font-size: 12px;',

);

// database tables including in WB package

$table_list = array ('settings','groups','addons','pages','sections','search','users');

$OK               = ' <span class="ok">OK</span> ';

$FAIL             = ' <span class="error">FAILED</span> ';

$DEFAULT_THEME    = 'DefaultTheme';

$DEFAULT_TEMPLATE = (@DEFAULT_TEMPLATE?:'DefaultTemplate');

if (@DEFAULT_THEME != $DEFAULT_THEME) {

  db_update_key_value('settings', 'default_theme', $DEFAULT_THEME);

  exit();

}

$sScriptUrl = $_SERVER['SCRIPT_NAME'];

$sThemeUrl = WB_URL.'/templates/'.(is_readable(WB_URL.'/templates/'.$DEFAULT_THEME) ? $DEFAULT_THEME:'DefaultTheme');

$stepID = 0;

$dirRemove = array(

            '[INCLUDE]lightbox/',

            '[MODULES]SecureFormSwitcher/',

            '[MODULES]fckeditor/',

            '[INSTALL]sources/'

/*

            '[TEMPLATE]allcss/',

            '[TEMPLATE]blank/',

            '[TEMPLATE]round/',

            '[TEMPLATE]simple/',

*/

         );

$filesRemove = array(

            '[ROOT]SP5_UPGRADE_DE',

            '[ROOT]SP5_UPGRADE_EN',

            '[ROOT]SP6_UPGRADE_EN',

            '[ROOT]SP7_UPGRADE_EN',

            '[ROOT]README-FIX',

            '[ROOT]/var/logs/php_error.log',

            '[DOCU]SP7_UPGRADE_EN',

            '[DOCU]README-FIX',

            '[ACCOUNT]template.html',

            '[ADMIN]preferences/details.php',

            '[ADMIN]preferences/email.php',

            '[ADMIN]preferences/password.php',

            '[ADMIN]settings/setting.js',

            '[ADMIN]settings/array.php',

            '[FRAMEWORK]class.login.php',

            '[FRAMEWORK]SecureForm.mtab.php',

            '[FRAMEWORK]SecureForm.php',

            '[FRAMEWORK]class.wbmailer.php.new',

            '[INCLUDE]idna_convert\ReadMe.txt',

            '[INCLUDE]idna_convert\LICENCE',

            '[INCLUDE]idna_convert\example.php',

            '[INSTALL]install_struct.sql',

            '[INSTALL]install_data.sql',

/*  */

            '[MODULES]ckeditor/ckeditor/plugins/plugin.js',

            '[MODULES]captcha_control/uninstall.php',

            '[MODULES]jsadmin/uninstall.php',

            '[MODULES]menu_link/uninstall.php',

            '[MODULES]output_filter/uninstall.php',

            '[MODULES]output_filter/filters/canonical.php',

            '[MODULES]output_filter/filters/filterScript.php',

            '[MODULES]output_filter/filters/filterSysvarMedia.php',

            '[MODULES]show_menu2/uninstall.php',

            '[MODULES]wysiwyg/uninstall.php',

            '[MODULES]droplets/add_droplet.php',

            '[MODULES]droplets/backup_droplets.php',

            '[MODULES]droplets/delete_droplet.php',

            '[MODULES]droplets/modify_droplet.php',

            '[MODULES]droplets/save_droplet.php',

            '[MODULES]droplets/languages/DA.php',

            '[MODULES]form/save_field.php',

            '[TEMPLATE]wb_theme/uninstall.php',

            '[TEMPLATE]wb_theme/templates/access.htt',

            '[TEMPLATE]wb_theme/templates/addons.htt',

            '[TEMPLATE]wb_theme/templates/admintools.htt',

            '[TEMPLATE]wb_theme/templates/error.htt',

            '[TEMPLATE]wb_theme/templates/groups.htt',

            '[TEMPLATE]wb_theme/templates/groups_form.htt',

            '[TEMPLATE]wb_theme/templates/languages.htt',

            '[TEMPLATE]wb_theme/templates/languages_details.htt',

            '[TEMPLATE]wb_theme/templates/media.htt',

            '[TEMPLATE]wb_theme/templates/media_browse.htt',

            '[TEMPLATE]wb_theme/templates/media_rename.htt',

            '[TEMPLATE]wb_theme/templates/modules.htt',

            '[TEMPLATE]wb_theme/templates/modules_details.htt',

            '[TEMPLATE]wb_theme/templates/pages.htt',

            '[TEMPLATE]wb_theme/templates/pages_modify.htt',

            '[TEMPLATE]wb_theme/templates/pages_sections.htt',

            '[TEMPLATE]wb_theme/templates/pages_settings.htt',

            '[TEMPLATE]wb_theme/templates/preferences.htt',

            '[TEMPLATE]wb_theme/templates/setparameter.htt',

//            '[TEMPLATE]wb_theme/templates/settings.htt', SP7 replace this

            '[TEMPLATE]wb_theme/templates/start.htt',

            '[TEMPLATE]wb_theme/templates/success.htt',

            '[TEMPLATE]wb_theme/templates/templates.htt',

            '[TEMPLATE]wb_theme/templates/templates_details.htt',

            '[TEMPLATE]wb_theme/templates/users.htt',

            '[TEMPLATE]wb_theme/templates/users_form.htt',

            '[ACCOUNT]preferences_form.php.old',

            '[ADMIN]themes/templates/admintools.htt.old',

            '[INCLUDE]pclzip/Constants.php.old',

            '[INCLUDE]pclzip/pclzip.lib.php.old',

            '[LANGUAGES]NL.zip',

            '[MODULES]droplets/data/archiv/Droplet_ShortUrl_20170111_155201.zip',

            '[MODULES]droplets/themes/default/css/backend.css.org',

            '[MODULES]form/backend.css.new',

            '[MODULES]form/frontend.css.new',

            '[MODULES]show_menu2/README.de.txt',

            '[MODULES]show_menu2/README.en.txt',

            '[MODULES]wrapper/languages/DE.info',

            '[TEMPLATE]DefaultTemplate/PLACEHOLDER',

            '[TEMPLATE]DefaultTheme/PLACEHOLDER',

         );

// analyze/check database tables

function mysqlCheckTables( $dbName )

{

    global $database, $table_list,$FAIL;

    $table_prefix = TABLE_PREFIX;

    $sql = 'SHOW TABLES FROM `'.$dbName.'`';

    $result = $database->query($sql);

    $data = array();

    $retVal = array();

    $x = 0;

//    while( ( $row = @mysqli_fetch_array( $result, MYSQLI_NUM ) ) == true )

    while (( $row = $result->fetchRow(MYSQLI_NUM)) == true)

    {

                $sql = "CHECK TABLE `" . $row[0].'`';

                $analyze = $database->query($sql);

                if( $analyze ) {

                    $rowFetch = $analyze->fetchRow(MYSQLI_ASSOC);

                    $data[$x]['Op'] = $rowFetch["Op"];

                    $data[$x]['Msg_type'] = $rowFetch["Msg_type"];

                    $msgColor = '<span class="error">';

                    $data[$x]['Table'] = $row[0];

                    $retVal[] = $row[0];

                   // print  " ";

                    $msgColor = ($rowFetch["Msg_text"] == 'OK') ? '<span class="ok">' : '<span class="error">';

                    $data[$x]['Msg_text'] = $msgColor.$rowFetch["Msg_text"].'</span>';

                   // print  "";

                    $x++;

                 } else {

                    echo '<br /><b>'.$sql.'</b>'.$FAIL.'<br />';

                }

   }

    return $retVal; //$data;

}

// check existings tables for upgrade or install

function check_wb_tables()

{

    global $database,$table_list;

 // if prefix inludes '_' or '%'

 $search_for = addcslashes ( TABLE_PREFIX, '%_' );

 $get_result = $database->query( 'SHOW TABLES LIKE "'.$search_for.'%"');

        // $get_result = $database->query( "SHOW TABLES FROM ".DB_NAME);

        $all_tables = array();

        if($get_result->numRows() > 0)

        {

            while ($data = $get_result->fetchRow())

            {

                $tmp = str_replace(TABLE_PREFIX, '', $data[0]);

                if(in_array($tmp,$table_list))

                {

                    $all_tables[] = $tmp;

                }

            }

        }

     return $all_tables;

}

// check existing tables

$all_tables = check_wb_tables();

?><!DOCTYPE HTML>

<html lang="en">

<head>

<meta charset="utf-8" />

<title>Upgrade script</title>

<style type="text/css">

html { overflow: -moz-scrollbars-vertical; /* Force firefox to always show room for a vertical scrollbar */ }

body {

    margin:0;

    padding:0;

    border:0;

    background: #EBF7FC;

    color:#000;

    font-family: 'Trebuchet MS', Verdana, Arial, Helvetica, Sans-Serif;

    font-size: small;

    height:101%;

}

#container {

    width:85%;

    background: #A8BCCB url("<?php echo $sThemeUrl;?>/images/background.png") repeat-x;

    border:1px solid #000;

    color:#000;

    margin:2em auto;

    padding:0 15px;

    min-height: 500px;

    text-align:left;

}

p { line-height:1.5em; }

form {

    display: inline-block;

    line-height: 20px;

    vertical-align: baseline;

}

input[type="submit"].restart {

    background-color: #FFDBDB;

    font-weight: bold;

}

h1,h2,h3,h4,h5,h6 {

    font-family: Verdana, Arial, Helvetica, sans-serif;

    color: #369;

    margin-top: 1.0em;

    margin-bottom: 0.1em;

}

h1 { font-size:150%; }

h2 { font-size: 130%; border-bottom: 1px #CCC solid; }

h3 { font-size: 120%; }

.ok, .error { font-weight:bold; }

.ok { color:green; }

.error { color: red; }

.check { color:#555; }

.content { margin-left: 1.925em; }

.warning {

    width: 98%;

    background:#FCDADA;

    padding:0.2em;

    margin-top:0.5em;

    border: 1px solid black;

}

.error p { color: #369; }

.info {

    width: 98%;

    background:#C3E3C3;

    padding:0.2em;

    margin-top:0.5em;

    border: 1px solid black;

}

.message { padding: 0; }

</style>

</head>

<body>

<div id="container">

<img src="<?php echo $sThemeUrl;?>/images/logo.png" alt="WebsiteBaker Project" />

<h1>WebsiteBaker Upgrade</h1>

<?php

    if( version_compare( WB_VERSION, '2.7', '<' )) {

        status_msg('It is not possible to upgrade from WebsiteBaker Versions before 2.7.<br />For upgrading to version '.VERSION.' you must upgrade first to v.2.8 at least!!!', 'warning', 'div');

        echo '<br />';

        echo "

        </body>

        </html>

        ";

        exit();

    }

$oldVersionOutput  = trim(''.WB_VERSION.'+'.( defined('WB_SP') ? WB_SP : ''), '+').' (r'.WB_REVISION.')';

$newVersionOutput  = trim(''.VERSION.'+'.( defined('SP') ? SP : ''), '+').' (r'.REVISION.')';

$oldVersion  = trim(''.WB_VERSION.'+'.WB_REVISION.'+'.( defined('WB_SP') ? WB_SP : ''), '+');

$newVersion  = trim(''.VERSION.'+'.REVISION.'+'.( defined('SP') ? SP : ''), '+');

if ( WB_VERSION != '2.8.4'){

    if (version_compare($oldVersion, $newVersion, '>') === true) {

        status_msg('It is not possible to upgrade from WebsiteBaker Versions '.WB_VERSION.'!<br />For upgrading to version '.$newVersionOutput.' you have to upgrade first to v.2.8.3 at least!!!', 'warning', 'div');

        echo '<br />';

        echo "

        </body>

        </html>

        ";

        exit();

    }

}

if($admin->get_user_id()!=1){

  status_msg('<br /><h3>WebsiteBaker upgrading is not possible!<br />Before upgrading '

            .'to Revision '.REVISION.' you have to login as System-Administrator!</h3>',

            'warning', 'div');

  echo '<br /><br />';

// delete remember key of current user from database

  //if (isset($_SESSION['USER_ID']) && isset($database)) {

  //     $table = TABLE_PREFIX . 'users';

  //     $sql = "UPDATE `$table` SET `remember_key` = '' WHERE `user_id` = '" . (int) $_SESSION['USER_ID'] . "'";

  //     $database->doQuery($sql);

  //}

// delete remember key cookie if set

  if (isset($_COOKIE['REMEMBER_KEY']) && !headers_sent() ) {

    setcookie('REMEMBER_KEY', '', time() - 3600, '/');

  }

  // delete most critical session variables manually

  $_SESSION['USER_ID'] = null;

  $_SESSION['GROUP_ID'] = null;

  $_SESSION['GROUPS_ID'] = null;

  $_SESSION['USERNAME'] = null;

  $_SESSION['PAGE_PERMISSIONS'] = null;

  $_SESSION['SYSTEM_PERMISSIONS'] = null;

  // overwrite session array

  $_SESSION = array();

  // delete session cookie if set

  if (isset($_COOKIE[session_name()]) && !headers_sent()) {

    setcookie(session_name(), '', time() - 42000, '/');

  }

  // delete the session itself

  session_destroy();

  status_msg('<br /><h3>You have to login as System-Adminstrator start '

            .'upgrade-script.php again!</h3>',

             'info', 'div');

  echo '<br /><br />';

  if(defined('ADMIN_URL')) {

    echo '<form action="'.ADMIN_URL.'/index.php" method="post">'

        .'&nbsp;<input name="backend_send" type="submit" value="Kick me to the Login" />'

        .'</form>';

  }

  echo '<br /><br /></div>'

      .'</div>'

      .'</div>'

      .'</body>'

      .'</html>';

  exit();

}

?>

<p>This script upgrades an existing WebsiteBaker <strong> <?php echo $oldVersionOutput; ?></strong> installation to the <strong> <?php echo $newVersionOutput ?> </strong>.<br />The upgrade script alters the existing WB database to reflect the changes introduced with WB 2.8.x</p>

<?php

/**

 * Check if disclaimer was accepted

 */

if (!(isset($_POST['backup_confirmed']) && $_POST['backup_confirmed'] == 'confirmed')) { ?>

<h2>Step 1: Backup your files</h2>

<p>It is highly recommended to <strong>create a manual backup</strong> of the entire <strong>/pages folder</strong> and the <strong>MySQL database</strong> before proceeding.<br /><strong class="error">Note: </strong>The upgrade script alters some settings of your existing database!!! You need to confirm the disclaimer before proceeding.</p>

<form name="send" action="<?php echo $sScriptUrl;?>" method="post">

    <textarea cols="80" rows="5">DISCLAIMER: The WebsiteBaker upgrade script is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. One needs to confirm that a manual backup of the /pages folder (including all files and subfolders contained in it) and backup of the entire WebsiteBaker MySQL database was created before you can proceed.</textarea>

    <br /><br /><input name="backup_confirmed" type="checkbox" value="confirmed" />&nbsp;I confirm that a manual backup of the /pages folder and the MySQL database was created.

    <br /><br /><input name="send" type="submit" value="Start upgrade script" />

    </form>

    <br />

<?php

    status_msg('<h4>You need to confirm that you have created a manual backup of the /pages directory and the MySQL database before you can proceed.</h4>', 'warning', 'div');

    echo '<br />';

    echo "</div>

    </body>

    </html>

    ";

    exit();

}

// function to add a var/value-pair into settings-table

function db_add_key_value($key, $value) {

    global $database, $OK, $FAIL;

    $table = TABLE_PREFIX.'settings';

    $query = $database->query("SELECT value FROM $table WHERE name = '$key' ");

    if($query->numRows() > 0) {

        echo "$key: already exists. $OK.<br />";

        return true;

    } else {

        $database->query("INSERT INTO $table (name,value) VALUES ('$key', '$value')");

        echo ($database->is_error() ? $database->get_error().'<br />' : '');

        $query = $database->query("SELECT value FROM $table WHERE name = '$key' ");

        if($query->numRows() > 0) {

            echo "$key: $OK.<br />";

            return true;

        } else {

            echo "$key: $FAIL!<br />";