Rev 32 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 32 | Rev 33 | ||
---|---|---|---|
Line 1... | Line 1... | ||
1 | <?php /* <ViaThinkSoftSignature> |
1 | <?php /* <ViaThinkSoftSignature> |
2 | TAItYQDND8ibGUd1YC/f04SIIzeSm99JNg+mmSjefJjt841dZ7o9BCrAGDh2jiv+7 |
2 | IvzBH2MGR7iuY8ypKdaWeNlTFUDviDbO7/OB8VBORbHEEsLkTdH/PYxpmlvrI5KWl |
3 | akv0WmInOLOjoJPsglVIAEEBh/SfaxvzGfprA8vj54DZ11seUBF7jXUy+WCVapBke |
3 | NwVu87C8TziS10APkoVpPaMR/5UtGbU8dNEuBzMZOkH2sLSmjYqj8Eo+RswjNtFHc |
4 | yAGvtEAIZ5gToiyzs0aE94svxZZfpC7clFRhqON5u1XMZhdSsVgEfzJcIJroq35NE |
4 | nmn6lEmHHXYDibl+8ante/SL15CBYBaFS5ZEt96tZHz1z6v31QVpmOmSfMoKFlnhJ |
5 | 2IRUebM4La1mBuopQWwx6FSFuxUjwcn7Q/zUP1rCwU8VAL/ycbG10FGNtYU14sOXl |
5 | G9mnmfJlplnUJuYk84LIgUe4rBrvU6bivOkkTNOg0MKQdcWDb6y1j20fojGbUWXkc |
6 | ymQoh2A2ODFO2LYpMxh+7vHASw2Nnk6BhuvQAwM3C+SBW56SkWZK/JkRXLN9NoqKk |
6 | RzaKESzNS/cA8shEuaO4UwXifkuxwgzRpzGR19k83xLnzvboPmbqt9BWgtKrV09Is |
7 | 5uxSC6YUlsi1OPJULaVWOoBvjUIau809jeeW72COFRjZKkX266Rv7mm6wrcxoOIXh |
7 | UbEOEcczA6r0/phKLMl1svf6syhyPuEmmplyxzobiOgoclwUbTqNyJU06M78HkJZ0 |
8 | Cj+m2bP42thx+Df1i4/CFFsxg/sHvorkwS+6B+0kGl1+2Ghwx3L94F+ThJxWtGOhM |
8 | Apjh3M56pKAxfJE0PLusZT6Fj2F2Ww0Y85rtF41NfWb4LmHFBiys+SL5eYZ8vSQEF |
9 | Jawl3weaWZuojsU79HRnqBK+Yy8Shuzq/k+FonrJE4FE4oogIf7pzXGKOqXvjtXxG |
9 | Dlot/K9qGb24UUWP0IiGrIL1b+0huGdb1L6msWVM4DMJDcA+L0afMfxKccQsAslfA |
10 | DoWCa/hotEFcs+mCYeAAjpDf2V8qSFKT2odHjJwLklKpIov+Tlr/XtMrZtCIDjDh3 |
10 | lOEq+PL3tbrcyWyxcmvnNopr0/8ZjLWr8Vc6B2oT7Y7SgqPeChsGAIR8k9tB26K9l |
11 | KBH6/9+8Bw5S5nFGvNfThSihlWKloqvysKDiCxIaLCOszzWNgsUUbUgppv2NFFzso |
11 | eCSC87JnHnJY98wc7acgoLAIdTI4Djfsp47/Ke21FLRtW6PbV20wzFcxEiECKT6U0 |
12 | QkJ22yObljS6p47cYnNmd5Pp3q9+JCTn5epn+XP4RRN3Z+ax7tiusqqVnlik0pwb3 |
12 | P2x8oWaRK1FD5UQpm0qoDV1G0R/GrkbjSgK5Or1OTeDF/cGL47LQy2Z9IUbmzc9o5 |
13 | +9Yrl4Pq4QkloolrEnsQtyy3xlrk53fVCWoA3aLNcYVHN8Nl4OjyIEImLbkNPddHz |
13 | S47WI4+4UxBTgEluO5REwg7lBBh3T8o6VdpjWSwuES+tgvhBCc0eGhHfDAlwDkxaA |
14 | RUqGSNgoEZDKKbfi7i52VssHWzv/9HzHvNpoThbln8C3q8WFlgnuSStpwZSonZEPo |
14 | cKBdUyP0SPbc8OKQySmjmNCwFWsu6W/IbZDDWoyA1eZtJL5x5EY8sDGY3tEPPWZ6r |
15 | 9wvnVo8orJjLzflkjPtBLIS7EL+R66RqpP3PF1lTi4Xl6fh9BFxif9juBSsCaJAjV |
15 | BdK/F9OocrLiAyqP3ExjGg895KlxEzF1udxxtUL/sjZcz31/MAkYylqCl2eOdUa6l |
16 | H0YECXyGiNPb1XcUXrDhWUrCViloHDq6sEQgW64s33SGqksFXG6IN/NV+54mW0hG4 |
16 | 4iFv6hWyNnxdkEvHB0MIxHE/1JKYqXTckGiBz758ATyFxwz7B+Ln5H4Cck6DHP1e9 |
17 | PUzIZ6Bgu9HggpfgFSAuzAW5xTMq/ng19pjo9y7cdeSnMF43BPhg3SSdvX2W8oRn1 |
17 | 5VT33ScKyh0D4CQSd/MNe/JxvyjQEDdbpJDZ/Nm/kxjhkLkYvz4sQGdS/oxYCmLXM |
18 | Fv5BHbsvw5vvHJUf+kUA5YN0IRUtOmoDB2Z4kkzuP9VBLoqK9KWG9PXZ5sMWp6ib9 |
18 | xO2ESmZI+thCSdLz4sFRvikCQIPlU6VuxmsKXMoa1irESaDqcYfcVOIL8chUvikwQ |
19 | 1KqMuFbx4y5NI9kjwhCQXuDAF2bJhtCHuPU+IyjhWqtFTWhD583AaHjt0gaVzkcuN |
19 | 3GH8hNVV257SJN3MO8Nd2Fj/WpgIgV5TXRsfk/KujjnF62zkLc0eATo0vkwVlQ+9d |
20 | umskt4IR5Yqvo6oDtWCP7YRWJnzAFB9zDItFk1OjjomaSkKQvhztITWO4N3jmtonG |
20 | gtTHL4R40c+jy1u0jDRxvtkgJ5dIETpkvzpu0/thWRXIv+sTtTQ/a60S4ZkHGM3za |
21 | PkIUkR8DWEYLZUSP+zWV9UZ2yE5KYAwgXIstx2ovLSvV6f5kyz+z+x0sU7fo4m0qa |
21 | 0GCX+lu83OpzrYkb0HTjrfA04k2SgvxtV1z0vqj5mPCSIEGx76LEApCHvPCl1QecK |
22 | 2HjjwaFSWf/yGHDkEch/5woquK4YWrrlFzCQZmhok6tSF8WS+eb6Ci4/wsCa1Znx4 |
22 | ze+Jd6kZVOY/JFuU02o2iRx+7fYFxAHoXOmjZMfSlLAQ+/vvs7TA3hsbXMcihhLfg |
23 | w== |
23 | w== |
24 | </ViaThinkSoftSignature> */ ?> |
24 | </ViaThinkSoftSignature> */ ?> |
25 | <?php |
25 | <?php |
26 | 26 | ||
27 | /* |
27 | /* |
Line 58... | Line 58... | ||
58 | 58 | ||
59 | if (!file_exists($local_path . '/version.php')) { |
59 | if (!file_exists($local_path . '/version.php')) { |
60 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'".'); |
60 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'".'); |
61 | } |
61 | } |
62 | 62 | ||
63 | // TODO: this is a security vulnerability if an non-root user can control the input of version.php ! |
63 | // We don't include version.php because it would be a security vulnerability |
64 | $vendor = 'unknown'; |
64 | // code injection if somebody controls version.php |
- | 65 | $cont = file_get_contents($local_path . '/version.php'); |
|
- | 66 | if (preg_match('@\\$(OC_Version)\\s*=\\s*array\\(\\s*(.+)\\s*,\\s*(.+)\\s*,\\s*(.+)\\s*,\\s*(.+)\\s*\\)\\s*;@ismU', $cont, $m)) { |
|
65 | $OC_Version = array(0,0,0,0); |
67 | $OC_Version = array($m[2],$m[3],$m[4],$m[5]); |
- | 68 | } else { |
|
- | 69 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_Version".'); |
|
- | 70 | } |
|
- | 71 | if (preg_match('@\\$(OC_VersionString)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) { |
|
66 | $OC_VersionString = 'unknown'; |
72 | $OC_VersionString = $m[3]; |
- | 73 | } else { |
|
- | 74 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_VersionString".'); |
|
- | 75 | } |
|
- | 76 | if (preg_match('@\\$(OC_Edition)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) { |
|
67 | $OC_Edition = 'unknown'; |
77 | $OC_Edition = $m[3]; |
- | 78 | } else { |
|
- | 79 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_Edition".'); |
|
- | 80 | } |
|
- | 81 | if (preg_match('@\\$(OC_Channel)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) { |
|
68 | $OC_Channel = 'unknown'; |
82 | $OC_Channel = $m[3]; |
- | 83 | } else { |
|
- | 84 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_Channel".'); |
|
- | 85 | } |
|
- | 86 | if (preg_match('@\\$(OC_Build)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) { |
|
69 | $OC_Build = 'unknown'; |
87 | $OC_Build = $m[3]; |
- | 88 | } else { |
|
70 | include $local_path . '/version.php'; |
89 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "OC_Build".'); |
71 | 90 | } |
|
- | 91 | if (preg_match('@\\$(vendor)\\s*=\\s*([\'"])(.*)\\2\\s*;@ismU', $cont, $m)) { |
|
- | 92 | $vendor = $m[3]; |
|
72 | if ($vendor != 'owncloud') { |
93 | if ($vendor != 'owncloud') { |
73 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". It is "$vendor".'); |
94 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". It is "'.$vendor.'".'); |
- | 95 | } |
|
- | 96 | } else { |
|
- | 97 | throw new Exception('This is not a valid ownCloud installation in "'.$local_path.'". Missing "vendor".'); |
|
74 | } |
98 | } |
75 | 99 | ||
76 | // Owncloud\Updater\Utils\Fetcher::DEFAULT_BASE_URL |
100 | // Owncloud\Updater\Utils\Fetcher::DEFAULT_BASE_URL |
77 | $baseUrl = 'https://updates.owncloud.com/server/'; |
101 | $baseUrl = 'https://updates.owncloud.com/server/'; |
78 | 102 |