diff options
Diffstat (limited to 'phpBB/phpbb/version_helper.php')
| -rw-r--r-- | phpBB/phpbb/version_helper.php | 266 |
1 files changed, 238 insertions, 28 deletions
diff --git a/phpBB/phpbb/version_helper.php b/phpBB/phpbb/version_helper.php index e4f68f5aab..a73fbfbfbe 100644 --- a/phpBB/phpbb/version_helper.php +++ b/phpBB/phpbb/version_helper.php @@ -13,6 +13,8 @@ namespace phpbb; +use phpbb\exception\version_check_exception; + /** * Class to handle version checking and comparison */ @@ -34,6 +36,11 @@ class version_helper protected $file = 'versions.json'; /** + * @var bool Use SSL or not + */ + protected $use_ssl = false; + + /** * @var string Current version installed */ protected $current_version; @@ -53,8 +60,22 @@ class version_helper /** @var \phpbb\file_downloader */ protected $file_downloader; - /** @var \phpbb\user */ - protected $user; + protected $version_schema = array( + 'stable' => array( + 'current' => 'version', + 'download' => 'url', + 'announcement' => 'url', + 'eol' => 'url', + 'security' => 'bool', + ), + 'unstable' => array( + 'current' => 'version', + 'download' => 'url', + 'announcement' => 'url', + 'eol' => 'url', + 'security' => 'bool', + ), + ); /** * Constructor @@ -62,14 +83,12 @@ class version_helper * @param \phpbb\cache\service $cache * @param \phpbb\config\config $config * @param \phpbb\file_downloader $file_downloader - * @param \phpbb\user $user */ - public function __construct(\phpbb\cache\service $cache, \phpbb\config\config $config, \phpbb\file_downloader $file_downloader, \phpbb\user $user) + public function __construct(\phpbb\cache\service $cache, \phpbb\config\config $config, \phpbb\file_downloader $file_downloader) { $this->cache = $cache; $this->config = $config; $this->file_downloader = $file_downloader; - $this->user = $user; if (defined('PHPBB_QA')) { @@ -85,13 +104,15 @@ class version_helper * @param string $host Host (e.g. version.phpbb.com) * @param string $path Path to file (e.g. /phpbb) * @param string $file File name (Default: versions.json) + * @param bool $use_ssl Use SSL or not (Default: false) * @return version_helper */ - public function set_file_location($host, $path, $file = 'versions.json') + public function set_file_location($host, $path, $file = 'versions.json', $use_ssl = false) { $this->host = $host; $this->path = $path; $this->file = $file; + $this->use_ssl = $use_ssl; return $this; } @@ -168,7 +189,7 @@ class version_helper * @param bool $force_update Ignores cached data. Defaults to false. * @param bool $force_cache Force the use of the cache. Override $force_update. * @return string - * @throws \RuntimeException + * @throws version_check_exception */ public function get_latest_on_current_branch($force_update = false, $force_cache = false) { @@ -177,7 +198,7 @@ class version_helper $self = $this; $current_version = $this->current_version; - // Filter out any versions less than to the current version + // Filter out any versions less than the current version $versions = array_filter($versions, function($data) use ($self, $current_version) { return $self->compare($data['current'], $current_version, '>='); }); @@ -194,12 +215,118 @@ class version_helper } /** + * Gets the latest update for the current branch the user is on + * Will suggest versions from newer branches when EoL has been reached + * and/or version from newer branch is needed for having all known security + * issues fixed. + * + * @param bool $force_update Ignores cached data. Defaults to false. + * @param bool $force_cache Force the use of the cache. Override $force_update. + * @return array Version info or empty array if there are no updates + * @throws \RuntimeException + */ + public function get_update_on_branch($force_update = false, $force_cache = false) + { + $versions = $this->get_versions_matching_stability($force_update, $force_cache); + + $self = $this; + $current_version = $this->current_version; + + // Filter out any versions less than the current version + $versions = array_filter($versions, function($data) use ($self, $current_version) { + return $self->compare($data['current'], $current_version, '>='); + }); + + // Get the lowest version from the previous list. + $update_info = array_reduce($versions, function($value, $data) use ($self, $current_version) { + if ($value === null && $self->compare($data['current'], $current_version, '>=')) + { + if (!$data['eol'] && (!$data['security'] || $self->compare($data['security'], $data['current'], '<='))) + { + return ($self->compare($data['current'], $current_version, '>')) ? $data : array(); + } + else + { + return null; + } + } + + return $value; + }); + + return $update_info === null ? array() : $update_info; + } + + /** + * Gets the latest extension update for the current phpBB branch the user is on + * Will suggest versions from newer branches when EoL has been reached + * and/or version from newer branch is needed for having all known security + * issues fixed. + * + * @param bool $force_update Ignores cached data. Defaults to false. + * @param bool $force_cache Force the use of the cache. Override $force_update. + * @return array Version info or empty array if there are no updates + * @throws \RuntimeException + */ + public function get_ext_update_on_branch($force_update = false, $force_cache = false) + { + $versions = $this->get_versions_matching_stability($force_update, $force_cache); + + $self = $this; + $current_version = $this->current_version; + + // Get current phpBB branch from version, e.g.: 3.2 + preg_match('/^(\d+\.\d+).*$/', $this->config['version'], $matches); + $current_branch = $matches[1]; + + // Filter out any versions less than the current version + $versions = array_filter($versions, function($data) use ($self, $current_version) { + return $self->compare($data['current'], $current_version, '>='); + }); + + // Filter out any phpbb branches less than the current version + $branches = array_filter(array_keys($versions), function($branch) use ($self, $current_branch) { + return $self->compare($branch, $current_branch, '>='); + }); + if (!empty($branches)) + { + $versions = array_intersect_key($versions, array_flip($branches)); + } + else + { + // If branches are empty, it means the current phpBB branch is newer than any branch the + // extension was validated against. Reverse sort the versions array so we get the newest + // validated release available. + krsort($versions); + } + + // Get the first available version from the previous list. + $update_info = array_reduce($versions, function($value, $data) use ($self, $current_version) { + if ($value === null && $self->compare($data['current'], $current_version, '>=')) + { + if (!$data['eol'] && (!$data['security'] || $self->compare($data['security'], $data['current'], '<='))) + { + return $self->compare($data['current'], $current_version, '>') ? $data : array(); + } + else + { + return null; + } + } + + return $value; + }); + + return $update_info === null ? array() : $update_info; + } + + /** * Obtains the latest version information * * @param bool $force_update Ignores cached data. Defaults to false. * @param bool $force_cache Force the use of the cache. Override $force_update. - * @return string - * @throws \RuntimeException + * @return array + * @throws version_check_exception */ public function get_suggested_updates($force_update = false, $force_cache = false) { @@ -219,8 +346,8 @@ class version_helper * * @param bool $force_update Ignores cached data. Defaults to false. * @param bool $force_cache Force the use of the cache. Override $force_update. - * @return string Version info - * @throws \RuntimeException + * @return array Version info + * @throws version_check_exception */ public function get_versions_matching_stability($force_update = false, $force_cache = false) { @@ -239,34 +366,27 @@ class version_helper * * @param bool $force_update Ignores cached data. Defaults to false. * @param bool $force_cache Force the use of the cache. Override $force_update. - * @return string Version info, includes stable and unstable data - * @throws \RuntimeException + * @return array Version info, includes stable and unstable data + * @throws version_check_exception */ public function get_versions($force_update = false, $force_cache = false) { - $cache_file = '_versioncheck_' . $this->host . $this->path . $this->file; + $cache_file = '_versioncheck_' . $this->host . $this->path . $this->file . $this->use_ssl; $info = $this->cache->get($cache_file); if ($info === false && $force_cache) { - throw new \RuntimeException($this->user->lang('VERSIONCHECK_FAIL')); + throw new version_check_exception('VERSIONCHECK_FAIL'); } else if ($info === false || $force_update) { - try { - $info = $this->file_downloader->get($this->host, $this->path, $this->file); - } - catch (\phpbb\exception\runtime_exception $exception) - { - $prepare_parameters = array_merge(array($exception->getMessage()), $exception->get_parameters()); - throw new \RuntimeException(call_user_func_array(array($this->user, 'lang'), $prepare_parameters)); - } + $info = $this->file_downloader->get($this->host, $this->path, $this->file, $this->use_ssl ? 443 : 80); $error_string = $this->file_downloader->get_error_string(); if (!empty($error_string)) { - throw new \RuntimeException($error_string); + throw new version_check_exception($error_string); } $info = json_decode($info, true); @@ -283,17 +403,107 @@ class version_helper if (empty($info['stable']) && empty($info['unstable'])) { - $this->user->add_lang('acp/common'); - - throw new \RuntimeException($this->user->lang('VERSIONCHECK_FAIL')); + throw new version_check_exception('VERSIONCHECK_FAIL'); } $info['stable'] = (empty($info['stable'])) ? array() : $info['stable']; $info['unstable'] = (empty($info['unstable'])) ? $info['stable'] : $info['unstable']; + $info = $this->validate_versions($info); + $this->cache->put($cache_file, $info, 86400); // 24 hours } return $info; } + + /** + * Validate versions info input + * + * @param array $versions_info Decoded json data array. Will be modified + * and cleaned by this method + * + * @return array Versions info array + * @throws version_check_exception + */ + public function validate_versions($versions_info) + { + $array_diff = array_diff_key($versions_info, array($this->version_schema)); + + // Remove excessive data + if (count($array_diff) > 0) + { + $old_versions_info = $versions_info; + $versions_info = array( + 'stable' => !empty($old_versions_info['stable']) ? $old_versions_info['stable'] : array(), + 'unstable' => !empty($old_versions_info['unstable']) ? $old_versions_info['unstable'] : array(), + ); + unset($old_versions_info); + } + + foreach ($versions_info as $stability_type => &$versions_data) + { + foreach ($versions_data as $branch => &$version_data) + { + if (!preg_match('/^[0-9a-z\-\.]+$/i', $branch)) + { + unset($versions_data[$branch]); + continue; + } + + $stability_diff = array_diff_key($version_data, $this->version_schema[$stability_type]); + + if (count($stability_diff) > 0) + { + $old_version_data = $version_data; + $version_data = array(); + foreach ($this->version_schema[$stability_type] as $key => $value) + { + if (isset($old_version_data[$key])) + { + $version_data[$key] = $old_version_data[$key]; + } + } + unset($old_version_data); + } + + foreach ($version_data as $key => &$value) + { + if (!isset($this->version_schema[$stability_type][$key])) + { + unset($version_data[$key]); + throw new version_check_exception('VERSIONCHECK_INVALID_ENTRY'); + } + + switch ($this->version_schema[$stability_type][$key]) + { + case 'bool': + $value = (bool) $value; + break; + + case 'url': + if (!empty($value) && !preg_match('#^' . get_preg_expression('url') . '$#iu', $value) && + !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $value)) + { + throw new version_check_exception('VERSIONCHECK_INVALID_URL'); + } + break; + + case 'version': + if (!empty($value) && !preg_match(get_preg_expression('semantic_version'), $value)) + { + throw new version_check_exception('VERSIONCHECK_INVALID_VERSION'); + } + break; + + default: + // Shouldn't be possible to trigger this + throw new version_check_exception('VERSIONCHECK_INVALID_ENTRY'); + } + } + } + } + + return $versions_info; + } } |