Project

General

Profile

« Previous | Next » 

Revision 1561

Added by Dietmar almost 13 years ago

secureForm Fix for hosting with load balancing

View differences:

branches/2.8.x/CHANGELOG
11 11
! = Update/Change
12 12

  
13 13
=========================== add small Features 2.8.2 ==========================
14
05 Jan-2012 Build 1561 Dietmar Woellbrink (Luisehahne)
15
# secureForm Fix for hosting with load balancing
14 16
04 Jan-2012 Build 1560 Dietmar Woellbrink (Luisehahne)
15 17
! upgrade script start automatically after uploading a new version and login to the backend
16 18
04 Jan-2012 Build 1559 Dietmar Woellbrink (Luisehahne)
branches/2.8.x/wb/admin/start/index.php
52 52
	if($database->query($sql)) { }
53 53
}
54 54
// ---------------------------------------
55

  
55 56
// check if it is neccessary to start the uograde-script
56
$sql = 'SELECT `value` FROM `'.TABLE_PREFIX.'settings` WHERE `name`=\'wb_revision\'';
57
if($wb_revision=$database->get_one($sql)) {
58
	if (version_compare($wb_revision, REVISION ) < 0) {
59
		if(!headers_sent()) {
60
			header('Location: '.WB_URL.'/upgrade-script.php');
61
		    exit;
62
		} else {
63
		    echo "<p style=\"text-align:center;\"> The <strong>upgrade script</strong> could not be start automatically.\n" .
64
		         "Please click <a style=\"font-weight:bold;\" " .
65
		         "href=\"".WB_URL."/upgrade-script.php\">on this link</a> to start the script!</p>\n";
66
		    exit;
57
if(file_exists(WB_PATH.'/upgrade-script.php')) {
58
	// check if it is neccessary to start the uograde-script
59
	$sql = 'SELECT `value` FROM `'.TABLE_PREFIX.'settings` WHERE `name`=\'wb_revision\'';
60
	if($wb_revision=$database->get_one($sql)) {
61
		if (version_compare($wb_revision, REVISION ) < 0) {
62
			if(!headers_sent()) {
63
				header('Location: '.WB_URL.'/upgrade-script.php');
64
			    exit;
65
			} else {
66
			    echo "<p style=\"text-align:center;\"> The <strong>upgrade script</strong> could not be start automatically.\n" .
67
			         "Please click <a style=\"font-weight:bold;\" " .
68
			         "href=\"".WB_URL."/upgrade-script.php\">on this link</a> to start the script!</p>\n";
69
			    exit;
70
			}
67 71
		}
68 72
	}
69 73
}
......
114 118
}
115 119

  
116 120
$msg = (file_exists(WB_PATH.'/install/')) ?  $MESSAGE['START']['INSTALL_DIR_EXISTS'] : '';
117
$msg .= (file_exists(WB_PATH.'/upgrade-script.php')) ? '<br />'.$MESSAGE['START_UPGRADE_SCRIPT_EXISTS'] : '';
121
$msg .= (file_exists(WB_PATH.'/upgrade-script.php') ? '<br />'.$MESSAGE['START_UPGRADE_SCRIPT_EXISTS'] : '');
118 122

  
119 123
// Check if installation directory still exists
120 124
if(file_exists(WB_PATH.'/install/') || file_exists(WB_PATH.'/upgrade-script.php') ) {
branches/2.8.x/wb/admin/interface/version.php
52 52

  
53 53
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
54 54
if(!defined('VERSION')) define('VERSION', '2.8.2');
55
if(!defined('REVISION')) define('REVISION', '1560');
55
if(!defined('REVISION')) define('REVISION', '1561');
56 56
if(!defined('SP')) define('SP', 'SP2');
branches/2.8.x/wb/framework/SecureForm.mtab.php
173 173

  
174 174
	private function _generate_serverdata(){
175 175

  
176
	 	$serverdata  = ( isset($_SERVER['SERVER_SIGNATURE']) ) ? $_SERVER['SERVER_SIGNATURE'] : '2';
176
		$usedOctets = ( defined('FINGERPRINT_WITH_IP_OCTETS') ) ? (intval(FINGERPRINT_WITH_IP_OCTETS) % 5) : 2;
177
		$serverdata  = '';
178
	 	$serverdata .= ( isset($_SERVER['SERVER_SIGNATURE']) ) ? $_SERVER['SERVER_SIGNATURE'] : '2';
177 179
		$serverdata .= ( isset($_SERVER['SERVER_SOFTWARE']) ) ? $_SERVER['SERVER_SOFTWARE'] : '3';
178 180
		$serverdata .= ( isset($_SERVER['SERVER_NAME']) ) ? $_SERVER['SERVER_NAME'] : '5';
179
		$serverdata .= ( isset($_SERVER['SERVER_ADDR']) ) ? $_SERVER['SERVER_ADDR'] : '7';
181
		$serverIp = ( isset($_SERVER['SERVER_ADDR']) ) ? $_SERVER['SERVER_ADDR'] : '';
182
		if(($serverIp != '') && ($usedOctets > 0)){
183
			$ip = explode('.', $serverIp);
184
			while(sizeof($ip) > $usedOctets) { array_pop($ip); }
185
			$serverdata .= implode('.', $ip);
186
		}else {
187
			$serverdata .= '7';
188
		}
180 189
		$serverdata .= ( isset($_SERVER['SERVER_PORT']) ) ? $_SERVER['SERVER_PORT'] : '11';
181 190
		$serverdata .= ( isset($_SERVER['SERVER_ADMIN']) ) ? $_SERVER['SERVER_ADMIN'] : '13';
182 191
		$serverdata .= PHP_VERSION;
branches/2.8.x/wb/framework/SecureForm.php
83 83

  
84 84
	private function _generate_fingerprint()
85 85
	{
86
		$usedOctets = ( defined('FINGERPRINT_WITH_IP_OCTETS') ) ? (intval(FINGERPRINT_WITH_IP_OCTETS) % 5) : 2;
86 87
		// server depending values
87
		$fingerprint  = ( isset($_SERVER['SERVER_SIGNATURE']) ) ? $_SERVER['SERVER_SIGNATURE'] : '2';
88
		$fingerprint  = '';
89
		$fingerprint .= ( isset($_SERVER['SERVER_SIGNATURE']) ) ? $_SERVER['SERVER_SIGNATURE'] : '2';
88 90
		$fingerprint .= ( isset($_SERVER['SERVER_SOFTWARE']) ) ? $_SERVER['SERVER_SOFTWARE'] : '3';
89 91
		$fingerprint .= ( isset($_SERVER['SERVER_NAME']) ) ? $_SERVER['SERVER_NAME'] : '5';
90
		$fingerprint .= ( isset($_SERVER['SERVER_ADDR']) ) ? $_SERVER['SERVER_ADDR'] : '7';
92
		$serverIp = ( isset($_SERVER['SERVER_ADDR']) ) ? $_SERVER['SERVER_ADDR'] : '';
93
		if(($serverIp != '') && ($usedOctets > 0)){
94
			$ip = explode('.', $serverIp);
95
			while(sizeof($ip) > $usedOctets) { array_pop($ip); }
96
			$fingerprint .= implode('.', $ip);
97
		}else {
98
			$fingerprint .= '7';
99
		}
91 100
		$fingerprint .= ( isset($_SERVER['SERVER_PORT']) ) ? $_SERVER['SERVER_PORT'] : '11';
92 101
		$fingerprint .= ( isset($_SERVER['SERVER_ADMIN']) ) ? $_SERVER['SERVER_ADMIN'] : '13';
93 102
		$fingerprint .= __FILE__;
94 103
		$fingerprint .= PHP_VERSION;
95 104
		// client depending values
96 105
		$fingerprint .= ( isset($_SERVER['HTTP_USER_AGENT']) ) ? $_SERVER['HTTP_USER_AGENT'] : '19';
97
		$usedOctets = ( defined('FINGERPRINT_WITH_IP_OCTETS') ) ? (intval(FINGERPRINT_WITH_IP_OCTETS) % 5) : 2;
106
		// $usedOctets = ( defined('FINGERPRINT_WITH_IP_OCTETS') ) ? (intval(FINGERPRINT_WITH_IP_OCTETS) % 5) : 2;
98 107
		$clientIp = ( isset($_SERVER['REMOTE_ADDR'])  ? $_SERVER['REMOTE_ADDR'] : '' );
99 108
		if(($clientIp != '') && ($usedOctets > 0)){
100 109
			$ip = explode('.', $clientIp);

Also available in: Unified diff