Rev 1068 | Rev 1073 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1068 | Rev 1072 | ||
|---|---|---|---|
| Line 40... | Line 40... | ||
| 40 | /*public*/ const PATH_RELATIVE_TO_ROOT = 4; // e.g. "/oidplus/" |
40 | /*public*/ const PATH_RELATIVE_TO_ROOT = 4; // e.g. "/oidplus/" |
| 41 | /*public*/ const PATH_RELATIVE_TO_ROOT_CANONICAL = 5; // e.g. "/oidplus/" (if baseconfig CANONICAL_SYSTEM_URL is set) |
41 | /*public*/ const PATH_RELATIVE_TO_ROOT_CANONICAL = 5; // e.g. "/oidplus/" (if baseconfig CANONICAL_SYSTEM_URL is set) |
| 42 | 42 | ||
| 43 | // These plugin types can contain HTML code and therefore may |
43 | // These plugin types can contain HTML code and therefore may |
| 44 | // emit (non-setup) CSS/JS code via their manifest. |
44 | // emit (non-setup) CSS/JS code via their manifest. |
| - | 45 | // Note that design plugins may only output CSS, not JS. |
|
| 45 | /*public*/ const INTERACTIVE_PLUGIN_TYPES = array( |
46 | /*public*/ const INTERACTIVE_PLUGIN_TYPES = array( |
| 46 | 'publicPages', |
47 | 'publicPages', |
| 47 | 'raPages', |
48 | 'raPages', |
| 48 | 'adminPages', |
49 | 'adminPages', |
| 49 | 'objectTypes', |
50 | 'objectTypes', |
| Line 826... | Line 827... | ||
| 826 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest does not declare a PHP main class')); |
827 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest does not declare a PHP main class')); |
| 827 | } |
828 | } |
| 828 | if (!self::pluginCheckDisabled($class_name)) { |
829 | if (!self::pluginCheckDisabled($class_name)) { |
| 829 | continue; // Plugin is disabled |
830 | continue; // Plugin is disabled |
| 830 | } |
831 | } |
| - | 832 | ||
| - | 833 | // Do some basic checks on the plugin PHP main class |
|
| 831 | if (!class_exists($class_name)) { |
834 | if (!class_exists($class_name)) { |
| 832 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest declares PHP main class as "%1", but it could not be found',$class_name)); |
835 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest declares PHP main class as "%1", but it could not be found',$class_name)); |
| 833 | } |
836 | } |
| 834 | if (!is_subclass_of($class_name, $expectedPluginClass)) { |
837 | if (!is_subclass_of($class_name, $expectedPluginClass)) { |
| 835 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Plugin main class "%1" is expected to be a subclass of "%2"',$class_name,$expectedPluginClass)); |
838 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Plugin main class "%1" is expected to be a subclass of "%2"',$class_name,$expectedPluginClass)); |
| Line 839... | Line 842... | ||
| 839 | } |
842 | } |
| 840 | if (($manifest->getTypeClass()!=$expectedPluginClass) && (!is_subclass_of($manifest->getTypeClass(),$expectedPluginClass))) { |
843 | if (($manifest->getTypeClass()!=$expectedPluginClass) && (!is_subclass_of($manifest->getTypeClass(),$expectedPluginClass))) { |
| 841 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Class declared in manifest is "%1" does not fit expected class for this plugin type "%2"',$manifest->getTypeClass(),$expectedPluginClass)); |
844 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Class declared in manifest is "%1" does not fit expected class for this plugin type "%2"',$manifest->getTypeClass(),$expectedPluginClass)); |
| 842 | } |
845 | } |
| 843 | 846 | ||
| - | 847 | // Do some basic checks on the plugin OID |
|
| 844 | $plugin_oid = $manifest->getOid(); |
848 | $plugin_oid = $manifest->getOid(); |
| 845 | if (!$plugin_oid) { |
849 | if (!$plugin_oid) { |
| 846 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Does not have an OID')); |
850 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Does not have an OID')); |
| 847 | } |
851 | } |
| 848 | if (!oid_valid_dotnotation($plugin_oid, false, false, 2)) { |
852 | if (!oid_valid_dotnotation($plugin_oid, false, false, 2)) { |
| Line 850... | Line 854... | ||
| 850 | } |
854 | } |
| 851 | if (isset($known_plugin_oids[$plugin_oid])) { |
855 | if (isset($known_plugin_oids[$plugin_oid])) { |
| 852 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('The OID "%1" is already used by the plugin "%2"',$plugin_oid,$known_plugin_oids[$plugin_oid])); |
856 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('The OID "%1" is already used by the plugin "%2"',$plugin_oid,$known_plugin_oids[$plugin_oid])); |
| 853 | } |
857 | } |
| 854 | 858 | ||
| - | 859 | // Additional check: Are third-party plugins using ViaThinkSoft plugin folders, OIDs or class namespaces? |
|
| 855 | $full_plugin_dir = dirname($manifest->getManifestFile()); |
860 | $full_plugin_dir = dirname($manifest->getManifestFile()); |
| 856 | $full_plugin_dir = substr($full_plugin_dir, strlen(OIDplus::localpath())); |
861 | $full_plugin_dir = substr($full_plugin_dir, strlen(OIDplus::localpath())); |
| 857 | - | ||
| 858 | $dir_is_viathinksoft = str_starts_with($full_plugin_dir, 'plugins/viathinksoft/') || str_starts_with($full_plugin_dir, 'plugins\\viathinksoft\\'); |
862 | $dir_is_viathinksoft = str_starts_with($full_plugin_dir, 'plugins/viathinksoft/') || str_starts_with($full_plugin_dir, 'plugins\\viathinksoft\\'); |
| 859 | $oid_is_viathinksoft = str_starts_with($plugin_oid, '1.3.6.1.4.1.37476.2.5.2.4.'); // { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 37476 products(2) oidplus(5) v2(2) plugins(4) } |
863 | $oid_is_viathinksoft = str_starts_with($plugin_oid, '1.3.6.1.4.1.37476.2.5.2.4.'); // { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 37476 products(2) oidplus(5) v2(2) plugins(4) } |
| 860 | $class_is_viathinksoft = str_starts_with($class_name, 'ViaThinkSoft\\'); |
864 | $class_is_viathinksoft = str_starts_with($class_name, 'ViaThinkSoft\\'); |
| - | 865 | if ($oid_is_viathinksoft != $class_is_viathinksoft) { |
|
| - | 866 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Third-party plugins must not use the ViaThinkSoft PHP namespace. Please use your own vendor namespace.')); |
|
| - | 867 | } |
|
| - | 868 | $plugin_is_viathinksoft = $oid_is_viathinksoft && $class_is_viathinksoft; |
|
| 861 | if ($dir_is_viathinksoft != $oid_is_viathinksoft) { |
869 | if ($dir_is_viathinksoft != $plugin_is_viathinksoft) { |
| 862 | throw new OIDplusException(_L('Plugin "%1" is misplaced',$plugintype_folder.'/'.$pluginname_folder).': '._L('The plugin is in the wrong folder. The folder %1 can only be used by official ViaThinkSoft plugins','plugins/viathinksoft/')); |
870 | throw new OIDplusException(_L('Plugin "%1" is misplaced',$plugintype_folder.'/'.$pluginname_folder).': '._L('The plugin is in the wrong folder. The folder %1 can only be used by official ViaThinkSoft plugins','plugins/viathinksoft/')); |
| 863 | } |
871 | } |
| - | 872 | ||
| - | 873 | // Additional check: does the plugin define JS/CSS although it is not an interactive plugin type? |
|
| - | 874 | $has_js = $manifest->getJSFiles(); |
|
| - | 875 | $has_css = $manifest->getCSSFiles(); |
|
| - | 876 | $is_interactive = in_array(basename($plugintype_folder), OIDplus::INTERACTIVE_PLUGIN_TYPES); |
|
| - | 877 | $is_design = basename($plugintype_folder) === 'design'; |
|
| - | 878 | if (!$is_interactive && $has_js) { |
|
| - | 879 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('%1 files are included in the manifest XML, but this plugin type does not allow such files.','JavaScript')); |
|
| - | 880 | } |
|
| 864 | if ($dir_is_viathinksoft != $class_is_viathinksoft) { |
881 | if (!$is_interactive && !$is_design && $has_css) { |
| 865 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Third-party plugins must not use the ViaThinkSoft PHP namespace. Please use your own vendor namespace.')); |
882 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('%1 files are included in the manifest XML, but this plugin type does not allow such files.','CSS')); |
| - | 883 | } |
|
| - | 884 | ||
| - | 885 | // Additional check: Check "Setup CSS" and "Setup JS" (Allowed for plugin types: database, captcha) |
|
| - | 886 | $has_js_setup = $manifest->getJSFilesSetup(); |
|
| - | 887 | $has_css_setup = $manifest->getCSSFilesSetup(); |
|
| - | 888 | $is_database = basename($plugintype_folder) === 'database'; |
|
| - | 889 | $is_captcha = basename($plugintype_folder) === 'captcha'; |
|
| - | 890 | if (!$is_database && !$is_captcha && $has_js_setup) { |
|
| - | 891 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('%1 files are included in the manifest XML, but this plugin type does not allow such files.','Setup JavaScript')); |
|
| - | 892 | } |
|
| - | 893 | if (!$is_database && !$is_captcha && $has_css_setup) { |
|
| - | 894 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('%1 files are included in the manifest XML, but this plugin type does not allow such files.','Setup CSS')); |
|
| 866 | } |
895 | } |
| 867 | 896 | ||
| - | 897 | // Additional check: Are all CSS/JS files there? |
|
| - | 898 | $tmp = $manifest->getManifestLinkedFiles(); |
|
| - | 899 | foreach ($tmp as $file) { |
|
| - | 900 | if (!file_exists($file)) { |
|
| 868 | $known_plugin_oids[$plugin_oid] = $plugintype_folder.'/'.$pluginname_folder; |
901 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('File %1 was defined in manifest, but it is not existing',$file)); |
| - | 902 | } |
|
| - | 903 | } |
|
| 869 | 904 | ||
| - | 905 | // For the next check, we need an instance of the object |
|
| 870 | $obj = new $class_name(); |
906 | $obj = new $class_name(); |
| 871 | 907 | ||
| - | 908 | // Additional check: Does the plugin misuse implementsFeature()? |
|
| - | 909 | // This is not enabled b default, because the GUID generation is slow on some machines. |
|
| - | 910 | // Also, it is very unlikely that someone misuses implementsFeature(). |
|
| 872 | if (OIDplus::baseConfig()->getValue('DEBUG')) { |
911 | if (OIDplus::baseConfig()->getValue('DEBUG')) { |
| 873 | if ($obj->implementsFeature($fake_feature)) { |
912 | if ($obj->implementsFeature($fake_feature)) { |
| 874 | // see https://devblogs.microsoft.com/oldnewthing/20040211-00/?p=40663 |
913 | // see https://devblogs.microsoft.com/oldnewthing/20040211-00/?p=40663 |
| 875 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('implementsFeature() always returns true')); |
914 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('implementsFeature() always returns true')); |
| 876 | } |
915 | } |
| 877 | } |
916 | } |
| 878 | 917 | ||
| 879 | // TODO: Maybe as additional plugin-test, we should also check if plugins are allowed to define CSS/JS, i.e. the plugin type is element of OIDplus::INTERACTIVE_PLUGIN_TYPES |
- | |
| 880 | $tmp = $manifest->getManifestLinkedFiles(); |
- | |
| 881 | foreach ($tmp as $file) { |
- | |
| 882 | if (!file_exists($file)) { |
- | |
| 883 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('File %1 was defined in manifest, but it is not existing',$file)); |
- | |
| 884 | } |
- | |
| 885 | } |
- | |
| 886 | - | ||
| 887 | // Now we can continue |
918 | // Now we can continue |
| 888 | - | ||
| - | 919 | $known_plugin_oids[$plugin_oid] = $plugintype_folder.'/'.$pluginname_folder; |
|
| 889 | $out[] = $class_name; |
920 | $out[] = $class_name; |
| 890 | if (!is_null($registerCallback)) { |
921 | if (!is_null($registerCallback)) { |
| 891 | call_user_func($registerCallback, $obj); |
922 | call_user_func($registerCallback, $obj); |
| 892 | 923 | ||
| 893 | // Alternative approaches: |
924 | // Alternative approaches: |
| Line 1173... | Line 1204... | ||
| 1173 | 1204 | ||
| 1174 | // --- System URL, System ID, PKI, and other functions |
1205 | // --- System URL, System ID, PKI, and other functions |
| 1175 | 1206 | ||
| 1176 | private static function recognizeSystemUrl() { |
1207 | private static function recognizeSystemUrl() { |
| 1177 | try { |
1208 | try { |
| 1178 | $url = OIDplus::webpath(null,self::PATH_ABSOLUTE_CANONICAL); // TODO: canonical or not? |
1209 | $url = OIDplus::webpath(null,self::PATH_ABSOLUTE_CANONICAL); |
| 1179 | OIDplus::config()->setValue('last_known_system_url', $url); |
1210 | OIDplus::config()->setValue('last_known_system_url', $url); |
| 1180 | } catch (\Exception $e) { |
1211 | } catch (\Exception $e) { |
| 1181 | } |
1212 | } |
| 1182 | } |
1213 | } |
| 1183 | 1214 | ||
| Line 1460... | Line 1491... | ||
| 1460 | try { |
1491 | try { |
| 1461 | $ver_prev = OIDplus::config()->getValue("last_known_version"); |
1492 | $ver_prev = OIDplus::config()->getValue("last_known_version"); |
| 1462 | $ver_now = OIDplus::getVersion(); |
1493 | $ver_now = OIDplus::getVersion(); |
| 1463 | if (($ver_now != '') && ($ver_prev != '') && ($ver_now != $ver_prev)) { |
1494 | if (($ver_now != '') && ($ver_prev != '') && ($ver_now != $ver_prev)) { |
| 1464 | // TODO: Problem: When the system was updated using SVN, then the IP address of the next random visitor of the website is logged! |
1495 | // TODO: Problem: When the system was updated using SVN, then the IP address of the next random visitor of the website is logged! |
| 1465 | OIDplus::logger()->log("[INFO]A!", "System version changed from '$ver_prev' to '$ver_now'"); |
1496 | OIDplus::logger()->log("[INFO]A!", "Detected system version change from '$ver_prev' to '$ver_now'"); |
| 1466 | 1497 | ||
| 1467 | // Just to be sure, recanonize objects (we don't do it at every page visit due to performance reasons) |
1498 | // Just to be sure, recanonize objects (we don't do it at every page visit due to performance reasons) |
| 1468 | self::recanonizeObjects(); |
1499 | self::recanonizeObjects(); |
| 1469 | } |
1500 | } |
| 1470 | OIDplus::config()->setValue("last_known_version", $ver_now); |
1501 | OIDplus::config()->setValue("last_known_version", $ver_now); |