Rev 1068 | Rev 1073 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1068 | Rev 1072 | ||
---|---|---|---|
Line 40... | Line 40... | ||
40 | /*public*/ const PATH_RELATIVE_TO_ROOT = 4; // e.g. "/oidplus/" |
40 | /*public*/ const PATH_RELATIVE_TO_ROOT = 4; // e.g. "/oidplus/" |
41 | /*public*/ const PATH_RELATIVE_TO_ROOT_CANONICAL = 5; // e.g. "/oidplus/" (if baseconfig CANONICAL_SYSTEM_URL is set) |
41 | /*public*/ const PATH_RELATIVE_TO_ROOT_CANONICAL = 5; // e.g. "/oidplus/" (if baseconfig CANONICAL_SYSTEM_URL is set) |
42 | 42 | ||
43 | // These plugin types can contain HTML code and therefore may |
43 | // These plugin types can contain HTML code and therefore may |
44 | // emit (non-setup) CSS/JS code via their manifest. |
44 | // emit (non-setup) CSS/JS code via their manifest. |
- | 45 | // Note that design plugins may only output CSS, not JS. |
|
45 | /*public*/ const INTERACTIVE_PLUGIN_TYPES = array( |
46 | /*public*/ const INTERACTIVE_PLUGIN_TYPES = array( |
46 | 'publicPages', |
47 | 'publicPages', |
47 | 'raPages', |
48 | 'raPages', |
48 | 'adminPages', |
49 | 'adminPages', |
49 | 'objectTypes', |
50 | 'objectTypes', |
Line 826... | Line 827... | ||
826 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest does not declare a PHP main class')); |
827 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest does not declare a PHP main class')); |
827 | } |
828 | } |
828 | if (!self::pluginCheckDisabled($class_name)) { |
829 | if (!self::pluginCheckDisabled($class_name)) { |
829 | continue; // Plugin is disabled |
830 | continue; // Plugin is disabled |
830 | } |
831 | } |
- | 832 | ||
- | 833 | // Do some basic checks on the plugin PHP main class |
|
831 | if (!class_exists($class_name)) { |
834 | if (!class_exists($class_name)) { |
832 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest declares PHP main class as "%1", but it could not be found',$class_name)); |
835 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest declares PHP main class as "%1", but it could not be found',$class_name)); |
833 | } |
836 | } |
834 | if (!is_subclass_of($class_name, $expectedPluginClass)) { |
837 | if (!is_subclass_of($class_name, $expectedPluginClass)) { |
835 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Plugin main class "%1" is expected to be a subclass of "%2"',$class_name,$expectedPluginClass)); |
838 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Plugin main class "%1" is expected to be a subclass of "%2"',$class_name,$expectedPluginClass)); |
Line 839... | Line 842... | ||
839 | } |
842 | } |
840 | if (($manifest->getTypeClass()!=$expectedPluginClass) && (!is_subclass_of($manifest->getTypeClass(),$expectedPluginClass))) { |
843 | if (($manifest->getTypeClass()!=$expectedPluginClass) && (!is_subclass_of($manifest->getTypeClass(),$expectedPluginClass))) { |
841 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Class declared in manifest is "%1" does not fit expected class for this plugin type "%2"',$manifest->getTypeClass(),$expectedPluginClass)); |
844 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Class declared in manifest is "%1" does not fit expected class for this plugin type "%2"',$manifest->getTypeClass(),$expectedPluginClass)); |
842 | } |
845 | } |
843 | 846 | ||
- | 847 | // Do some basic checks on the plugin OID |
|
844 | $plugin_oid = $manifest->getOid(); |
848 | $plugin_oid = $manifest->getOid(); |
845 | if (!$plugin_oid) { |
849 | if (!$plugin_oid) { |
846 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Does not have an OID')); |
850 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Does not have an OID')); |
847 | } |
851 | } |
848 | if (!oid_valid_dotnotation($plugin_oid, false, false, 2)) { |
852 | if (!oid_valid_dotnotation($plugin_oid, false, false, 2)) { |
Line 850... | Line 854... | ||
850 | } |
854 | } |
851 | if (isset($known_plugin_oids[$plugin_oid])) { |
855 | if (isset($known_plugin_oids[$plugin_oid])) { |
852 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('The OID "%1" is already used by the plugin "%2"',$plugin_oid,$known_plugin_oids[$plugin_oid])); |
856 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('The OID "%1" is already used by the plugin "%2"',$plugin_oid,$known_plugin_oids[$plugin_oid])); |
853 | } |
857 | } |
854 | 858 | ||
- | 859 | // Additional check: Are third-party plugins using ViaThinkSoft plugin folders, OIDs or class namespaces? |
|
855 | $full_plugin_dir = dirname($manifest->getManifestFile()); |
860 | $full_plugin_dir = dirname($manifest->getManifestFile()); |
856 | $full_plugin_dir = substr($full_plugin_dir, strlen(OIDplus::localpath())); |
861 | $full_plugin_dir = substr($full_plugin_dir, strlen(OIDplus::localpath())); |
857 | - | ||
858 | $dir_is_viathinksoft = str_starts_with($full_plugin_dir, 'plugins/viathinksoft/') || str_starts_with($full_plugin_dir, 'plugins\\viathinksoft\\'); |
862 | $dir_is_viathinksoft = str_starts_with($full_plugin_dir, 'plugins/viathinksoft/') || str_starts_with($full_plugin_dir, 'plugins\\viathinksoft\\'); |
859 | $oid_is_viathinksoft = str_starts_with($plugin_oid, '1.3.6.1.4.1.37476.2.5.2.4.'); // { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 37476 products(2) oidplus(5) v2(2) plugins(4) } |
863 | $oid_is_viathinksoft = str_starts_with($plugin_oid, '1.3.6.1.4.1.37476.2.5.2.4.'); // { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 37476 products(2) oidplus(5) v2(2) plugins(4) } |
860 | $class_is_viathinksoft = str_starts_with($class_name, 'ViaThinkSoft\\'); |
864 | $class_is_viathinksoft = str_starts_with($class_name, 'ViaThinkSoft\\'); |
- | 865 | if ($oid_is_viathinksoft != $class_is_viathinksoft) { |
|
- | 866 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Third-party plugins must not use the ViaThinkSoft PHP namespace. Please use your own vendor namespace.')); |
|
- | 867 | } |
|
- | 868 | $plugin_is_viathinksoft = $oid_is_viathinksoft && $class_is_viathinksoft; |
|
861 | if ($dir_is_viathinksoft != $oid_is_viathinksoft) { |
869 | if ($dir_is_viathinksoft != $plugin_is_viathinksoft) { |
862 | throw new OIDplusException(_L('Plugin "%1" is misplaced',$plugintype_folder.'/'.$pluginname_folder).': '._L('The plugin is in the wrong folder. The folder %1 can only be used by official ViaThinkSoft plugins','plugins/viathinksoft/')); |
870 | throw new OIDplusException(_L('Plugin "%1" is misplaced',$plugintype_folder.'/'.$pluginname_folder).': '._L('The plugin is in the wrong folder. The folder %1 can only be used by official ViaThinkSoft plugins','plugins/viathinksoft/')); |
863 | } |
871 | } |
- | 872 | ||
- | 873 | // Additional check: does the plugin define JS/CSS although it is not an interactive plugin type? |
|
- | 874 | $has_js = $manifest->getJSFiles(); |
|
- | 875 | $has_css = $manifest->getCSSFiles(); |
|
- | 876 | $is_interactive = in_array(basename($plugintype_folder), OIDplus::INTERACTIVE_PLUGIN_TYPES); |
|
- | 877 | $is_design = basename($plugintype_folder) === 'design'; |
|
- | 878 | if (!$is_interactive && $has_js) { |
|
- | 879 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('%1 files are included in the manifest XML, but this plugin type does not allow such files.','JavaScript')); |
|
- | 880 | } |
|
864 | if ($dir_is_viathinksoft != $class_is_viathinksoft) { |
881 | if (!$is_interactive && !$is_design && $has_css) { |
865 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Third-party plugins must not use the ViaThinkSoft PHP namespace. Please use your own vendor namespace.')); |
882 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('%1 files are included in the manifest XML, but this plugin type does not allow such files.','CSS')); |
- | 883 | } |
|
- | 884 | ||
- | 885 | // Additional check: Check "Setup CSS" and "Setup JS" (Allowed for plugin types: database, captcha) |
|
- | 886 | $has_js_setup = $manifest->getJSFilesSetup(); |
|
- | 887 | $has_css_setup = $manifest->getCSSFilesSetup(); |
|
- | 888 | $is_database = basename($plugintype_folder) === 'database'; |
|
- | 889 | $is_captcha = basename($plugintype_folder) === 'captcha'; |
|
- | 890 | if (!$is_database && !$is_captcha && $has_js_setup) { |
|
- | 891 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('%1 files are included in the manifest XML, but this plugin type does not allow such files.','Setup JavaScript')); |
|
- | 892 | } |
|
- | 893 | if (!$is_database && !$is_captcha && $has_css_setup) { |
|
- | 894 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('%1 files are included in the manifest XML, but this plugin type does not allow such files.','Setup CSS')); |
|
866 | } |
895 | } |
867 | 896 | ||
- | 897 | // Additional check: Are all CSS/JS files there? |
|
- | 898 | $tmp = $manifest->getManifestLinkedFiles(); |
|
- | 899 | foreach ($tmp as $file) { |
|
- | 900 | if (!file_exists($file)) { |
|
868 | $known_plugin_oids[$plugin_oid] = $plugintype_folder.'/'.$pluginname_folder; |
901 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('File %1 was defined in manifest, but it is not existing',$file)); |
- | 902 | } |
|
- | 903 | } |
|
869 | 904 | ||
- | 905 | // For the next check, we need an instance of the object |
|
870 | $obj = new $class_name(); |
906 | $obj = new $class_name(); |
871 | 907 | ||
- | 908 | // Additional check: Does the plugin misuse implementsFeature()? |
|
- | 909 | // This is not enabled b default, because the GUID generation is slow on some machines. |
|
- | 910 | // Also, it is very unlikely that someone misuses implementsFeature(). |
|
872 | if (OIDplus::baseConfig()->getValue('DEBUG')) { |
911 | if (OIDplus::baseConfig()->getValue('DEBUG')) { |
873 | if ($obj->implementsFeature($fake_feature)) { |
912 | if ($obj->implementsFeature($fake_feature)) { |
874 | // see https://devblogs.microsoft.com/oldnewthing/20040211-00/?p=40663 |
913 | // see https://devblogs.microsoft.com/oldnewthing/20040211-00/?p=40663 |
875 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('implementsFeature() always returns true')); |
914 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('implementsFeature() always returns true')); |
876 | } |
915 | } |
877 | } |
916 | } |
878 | 917 | ||
879 | // TODO: Maybe as additional plugin-test, we should also check if plugins are allowed to define CSS/JS, i.e. the plugin type is element of OIDplus::INTERACTIVE_PLUGIN_TYPES |
- | |
880 | $tmp = $manifest->getManifestLinkedFiles(); |
- | |
881 | foreach ($tmp as $file) { |
- | |
882 | if (!file_exists($file)) { |
- | |
883 | throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('File %1 was defined in manifest, but it is not existing',$file)); |
- | |
884 | } |
- | |
885 | } |
- | |
886 | - | ||
887 | // Now we can continue |
918 | // Now we can continue |
888 | - | ||
- | 919 | $known_plugin_oids[$plugin_oid] = $plugintype_folder.'/'.$pluginname_folder; |
|
889 | $out[] = $class_name; |
920 | $out[] = $class_name; |
890 | if (!is_null($registerCallback)) { |
921 | if (!is_null($registerCallback)) { |
891 | call_user_func($registerCallback, $obj); |
922 | call_user_func($registerCallback, $obj); |
892 | 923 | ||
893 | // Alternative approaches: |
924 | // Alternative approaches: |
Line 1173... | Line 1204... | ||
1173 | 1204 | ||
1174 | // --- System URL, System ID, PKI, and other functions |
1205 | // --- System URL, System ID, PKI, and other functions |
1175 | 1206 | ||
1176 | private static function recognizeSystemUrl() { |
1207 | private static function recognizeSystemUrl() { |
1177 | try { |
1208 | try { |
1178 | $url = OIDplus::webpath(null,self::PATH_ABSOLUTE_CANONICAL); // TODO: canonical or not? |
1209 | $url = OIDplus::webpath(null,self::PATH_ABSOLUTE_CANONICAL); |
1179 | OIDplus::config()->setValue('last_known_system_url', $url); |
1210 | OIDplus::config()->setValue('last_known_system_url', $url); |
1180 | } catch (\Exception $e) { |
1211 | } catch (\Exception $e) { |
1181 | } |
1212 | } |
1182 | } |
1213 | } |
1183 | 1214 | ||
Line 1460... | Line 1491... | ||
1460 | try { |
1491 | try { |
1461 | $ver_prev = OIDplus::config()->getValue("last_known_version"); |
1492 | $ver_prev = OIDplus::config()->getValue("last_known_version"); |
1462 | $ver_now = OIDplus::getVersion(); |
1493 | $ver_now = OIDplus::getVersion(); |
1463 | if (($ver_now != '') && ($ver_prev != '') && ($ver_now != $ver_prev)) { |
1494 | if (($ver_now != '') && ($ver_prev != '') && ($ver_now != $ver_prev)) { |
1464 | // TODO: Problem: When the system was updated using SVN, then the IP address of the next random visitor of the website is logged! |
1495 | // TODO: Problem: When the system was updated using SVN, then the IP address of the next random visitor of the website is logged! |
1465 | OIDplus::logger()->log("[INFO]A!", "System version changed from '$ver_prev' to '$ver_now'"); |
1496 | OIDplus::logger()->log("[INFO]A!", "Detected system version change from '$ver_prev' to '$ver_now'"); |
1466 | 1497 | ||
1467 | // Just to be sure, recanonize objects (we don't do it at every page visit due to performance reasons) |
1498 | // Just to be sure, recanonize objects (we don't do it at every page visit due to performance reasons) |
1468 | self::recanonizeObjects(); |
1499 | self::recanonizeObjects(); |
1469 | } |
1500 | } |
1470 | OIDplus::config()->setValue("last_known_version", $ver_now); |
1501 | OIDplus::config()->setValue("last_known_version", $ver_now); |