if (!in_array('thumb_w', $cols)) {
safe_alter('txp_image', "ADD thumb_w int(8) NOT NULL DEFAULT 0");
}
if (!in_array('thumb_h', $cols)) {
safe_alter('txp_image', "ADD thumb_h int(8) NOT NULL DEFAULT 0");
}
// Plugin flags.
$cols = getThings('DESCRIBE `' . PFX . 'txp_plugin`');
if (!in_array('flags', $cols)) {
safe_alter('txp_plugin', "ADD flags SMALLINT UNSIGNED NOT NULL DEFAULT 0");
}
// Default theme.
if (!safe_field("name", 'txp_prefs', "name = 'theme_name'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'theme_name', val = 'classic', type = '1', event = 'admin', html = 'themename', position = '160'");
}
safe_alter('txp_plugin', "MODIFY code MEDIUMTEXT NOT NULL");
safe_alter('txp_plugin', "MODIFY code_restore MEDIUMTEXT NOT NULL");
safe_alter('txp_prefs', "MODIFY val TEXT NOT NULL");
// Add author column to files and links, boldy assuming that the publisher in
// charge of updating this site is the author of any existing content items.
foreach (array('txp_file', 'txp_link') as $table) {
$cols = getThings("DESCRIBE `" . PFX . $table . "`");
if (!in_array('author', $cols)) {
safe_alter($table, "ADD author varchar(64) NOT NULL DEFAULT ''");
safe_create_index($table, 'author', 'author_idx');
safe_update($table, "author = '" . doSlash($txp_user) . "'", "1 = 1");
}
}
// Add indices on author columns.
safe_create_index('textpattern', 'AuthorID', 'author_idx');
safe_create_index('txp_image', 'author', 'author_idx');
<?php
/*
$HeadURL$
$LastChangedRevision$
*/
safe_upgrade_table('textpattern', array('markup_body' => 'varchar(32)', 'markup_excerpt' => 'varchar(32)'));
// user-specific preferences
safe_upgrade_table('txp_prefs_user', array('id' => DB_AUTOINC . ' PRIMARY KEY', 'user' => "varchar(64) NOT NULL default ''", 'name' => "varchar(255) NOT NULL default ''", 'val' => "varchar(255) NOT NULL default ''"));
// unique index on user+name
safe_upgrade_index('txp_prefs_user', 'user_idx', 'unique', 'user, name');
if (!safe_column_exists('txp_section', 'id')) {
safe_alter('txp_section', 'drop primary key');
}
safe_upgrade_table('txp_section', array('id' => DB_AUTOINC . ' PRIMARY KEY', 'path' => "varchar(255) not null default ''", 'parent' => 'INT', 'lft' => 'INT not null default 0', 'rgt' => 'INT not null default 0', 'inherit' => 'SMALLINT not null default 0'));
safe_update('txp_section', 'path=name', "path=''");
// shortname has to be unique within a parent
if (!safe_index_exists('txp_section', 'parent_idx')) {
safe_upgrade_index('txp_section', 'parent_idx', 'unique', 'parent,name');
}
#if (!safe_index_exists('txp_section', 'path_idx'))
# safe_upgrade_index('txp_section', 'path_idx', 'unique', 'path');
safe_update('txp_section', 'parent=0', "name='default'");
$root_id = safe_field('id', 'txp_section', "name='default'");
safe_update('txp_section', "parent='" . $root_id . "'", "parent IS NULL");
include_once txpath . '/lib/txplib_tree.php';
tree_rebuild('txp_section', $root_id, 1);
// <txp:message /> is dropped
safe_update('txp_form', "Form = REPLACE(Form, '<txp:message', '<txp:comment_message')", "1 = 1");
// Expiry datetime for articles
safe_upgrade_table('textpattern', array('Expires' => "datetime NOT NULL default '0000-00-00 00:00:00' after `Posted`"));
*
* This file is part of Textpattern.
*
* Textpattern is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation, version 2.
*
* Textpattern is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Textpattern. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('TXP_UPDATE')) {
exit("Nothing here. You can't access this file directly.");
}
// Updates comment email length.
safe_alter('txp_discuss', "MODIFY email VARCHAR(254) NOT NULL DEFAULT ''");
// Store IPv6 properly in logs.
safe_alter('txp_log', "MODIFY ip VARCHAR(45) NOT NULL DEFAULT ''");
// Save sections correctly in articles.
safe_alter('textpattern', "MODIFY Section VARCHAR(255) NOT NULL DEFAULT ''");
// Ensure all memory-mappable columns have defaults
safe_alter('txp_form', "MODIFY name VARCHAR(64) NOT NULL DEFAULT ''");
safe_alter('txp_page', "MODIFY name VARCHAR(128) NOT NULL DEFAULT ''");
safe_alter('txp_prefs', "MODIFY prefs_id INT NOT NULL DEFAULT '1'");
safe_alter('txp_prefs', "MODIFY name VARCHAR(255) NOT NULL DEFAULT ''");
safe_alter('txp_section', "MODIFY name VARCHAR(128) NOT NULL DEFAULT ''");
<?php
/*
$HeadURL: https://textpattern.googlecode.com/svn/releases/4.5.7/source/textpattern/update/_to_4.3.0.php $
$LastChangedRevision: 4011 $
*/
if (!defined('TXP_UPDATE')) {
exit("Nothing here. You can't access this file directly.");
}
// Raw CSS is now the only option
safe_delete('txp_prefs', "event='css' and name='edit_raw_css_by_default'");
$rs = getRows('select name,css from `' . PFX . 'txp_css`');
foreach ($rs as $row) {
if (preg_match('%^[a-zA-Z0-9/+]*={0,2}$%', $row['css'])) {
// Data is still base64 encoded
safe_update('txp_css', "css = '" . doSlash(base64_decode($row['css'])) . "'", "name = '" . doSlash($row['name']) . "'");
}
}
// add column for file title
$cols = getThings('describe `' . PFX . 'txp_file`');
if (!in_array('title', $cols)) {
safe_alter('txp_file', "ADD `title` VARCHAR( 255 ) NULL AFTER `filename`");
}
safe_alter('txp_plugin', "ADD load_order TINYINT UNSIGNED NOT NULL DEFAULT 5");
}
# Enable XML-RPC server?
if (!safe_field('name', 'txp_prefs', "name = 'enable_xmlrpc_server'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'enable_xmlrpc_server', val = 0, type = 1, event = 'admin', html = 'yesnoradio', position = 130");
}
if (!safe_field('name', 'txp_prefs', "name = 'smtp_from'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'smtp_from', val = '', type = 1, event = 'admin', position = 110");
}
if (!safe_field('val', 'txp_prefs', "name='author_list_pageby'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'author_list_pageby', val = 25, type = 2");
}
# Expiry datetime for articles
$txp = getThings('describe `' . PFX . 'textpattern`');
if (!in_array('Expires', $txp)) {
safe_alter("textpattern", "add `Expires` datetime NOT NULL default '0000-00-00 00:00:00' after `Posted`");
}
$has_expires_idx = 0;
$rs = getRows('show index from `' . PFX . 'textpattern`');
foreach ($rs as $row) {
if ($row['Key_name'] == 'Expires_idx') {
$has_expires_idx = 1;
}
}
if (!$has_expires_idx) {
safe_query('alter ignore table `' . PFX . 'textpattern` add index Expires_idx(Expires)');
}
# Publish expired articles, or return 410?
if (!safe_field('name', 'txp_prefs', "name = 'publish_expired_articles'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'publish_expired_articles', val = '0', type = '1', event='publish', html='yesnoradio', position='130'");
}
safe_alter('txp_file', "ADD modified DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00'");
$update_files = 1;
}
if (!in_array('created', $txpfile)) {
safe_alter('txp_file', "ADD created DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00'");
$update_files = 1;
}
if (!in_array('size', $txpfile)) {
safe_alter('txp_file', "ADD size BIGINT");
$update_files = 1;
}
if (!in_array('downloads', $txpfile)) {
safe_alter('txp_file', "ADD downloads INT DEFAULT '0' NOT NULL");
}
if (array_intersect(array('modified', 'created'), $txpfile)) {
safe_alter('txp_file', "\n MODIFY modified DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',\n MODIFY created DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00'");
}
// Copy existing file timestamps into the new database columns.
if ($update_files) {
$prefs = get_prefs();
$rs = safe_rows("*", 'txp_file', "1 = 1");
foreach ($rs as $row) {
$path = build_file_path(@$prefs['file_base_path'], @$row['filename']);
if ($path and $stat = @stat($path)) {
safe_update('txp_file', "created = '" . strftime('%Y-%m-%d %H:%M:%S', $stat['ctime']) . "', modified = '" . strftime('%Y-%m-%d %H:%M:%S', $stat['mtime']) . "', size = '" . doSlash(sprintf('%u', $stat['size'])) . "'", "id = '" . doSlash($row['id']) . "'");
}
}
}
safe_update('textpattern', "Keywords = TRIM(BOTH ',' FROM \n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(Keywords, '\n', ','),\n '\r', ','),\n '\t', ','),\n ' ', ' '),\n ' ', ' '),\n ' ', ' '),\n ' ,', ','),\n ', ', ','),\n ',,,,', ','),\n ',,', ','),\n ',,', ',')\n )", "Keywords != ''");
// Shift preferences to more intuitive spots.
// Give positions, leave enough room for later additions.
safe_alter('txp_section', "MODIFY page VARCHAR(255) NOT NULL default '', MODIFY css VARCHAR(255) NOT NULL default ''");
// Save sections correctly in articles.
safe_alter('textpattern', "MODIFY Section VARCHAR(255) NOT NULL default ''");
safe_alter('txp_section', "MODIFY name VARCHAR(255) NOT NULL");
// Plugins can have longer version numbers.
safe_alter('txp_plugin', "MODIFY version VARCHAR(255) NOT NULL DEFAULT '1.0'");
// Translation strings should allow more than 255 characters.
safe_alter('txp_lang', "MODIFY data TEXT");
// Add meta description to articles...
$cols = getThings('describe `' . PFX . 'textpattern`');
if (!in_array('description', $cols)) {
safe_alter('textpattern', "ADD description VARCHAR(255) NOT NULL DEFAULT '' AFTER Keywords");
}
// ... categories...
$cols = getThings('describe `' . PFX . 'txp_category`');
if (!in_array('description', $cols)) {
safe_alter('txp_category', "ADD description VARCHAR(255) NOT NULL DEFAULT '' AFTER title");
}
// ... and sections.
$cols = getThings('describe `' . PFX . 'txp_section`');
if (!in_array('description', $cols)) {
safe_alter('txp_section', "ADD description VARCHAR(255) NOT NULL DEFAULT '' AFTER css");
}
// Remove textpattern.com ping pref.
if (safe_field('name', 'txp_prefs', "name = 'ping_textpattern_com'")) {
safe_delete('txp_prefs', "name = 'ping_textpattern_com'");
}
// Add default publishing status pref.
if (!get_pref('default_publish_status')) {
set_pref('default_publish_status', STATUS_LIVE, 'publish', PREF_CORE, 'defaultPublishStatus', 15, PREF_PRIVATE);
}
*
* This file is part of Textpattern.
*
* Textpattern is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation, version 2.
*
* Textpattern is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Textpattern. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('TXP_UPDATE')) {
exit("Nothing here. You can't access this file directly.");
}
// Updates comment email length.
safe_alter('txp_discuss', "MODIFY email VARCHAR(254) NOT NULL default ''");
// Store IPv6 properly in logs.
safe_alter('txp_log', "MODIFY ip VARCHAR(45) NOT NULL default ''");
// Save sections correctly in articles.
safe_alter('textpattern', "MODIFY Section VARCHAR(128) NOT NULL default ''");
// Ensure all memory-mappable columns have defaults
safe_alter('txp_form', "MODIFY `name` VARCHAR(64) NOT NULL default ''");
safe_alter('txp_page', "MODIFY `name` VARCHAR(128) NOT NULL default ''");
safe_alter('txp_prefs', "MODIFY `prefs_id` INT(11) NOT NULL default '1'");
safe_alter('txp_prefs', "MODIFY `name` VARCHAR(255) NOT NULL default ''");
safe_alter('txp_section', "MODIFY `name` VARCHAR(128) NOT NULL default ''");
function image_replace()
{
global $txpcfg, $extensions, $txp_user, $img_dir, $path_from_root;
extract($txpcfg);
$id = gps('id');
$file = $_FILES['thefile']['tmp_name'];
$name = $_FILES['thefile']['name'];
list($w, $h, $extension) = getimagesize($file);
if ($extensions[$extension]) {
$ext = $extensions[$extension];
$name = substr($name, 0, strrpos($name, '.'));
$name .= $ext;
$name2db = doSlash($name);
$rs = safe_update("txp_image", "w = '{$w}',\n\t\t\t\t h = '{$h}',\n\t\t\t\t ext = '{$ext}',\n\t\t\t\t `name` = '{$name2db}',\n\t\t\t\t `date` = now(),\n\t\t\t\t author = '{$txp_user}'", "id = {$id}\n\t\t\t");
if (!$rs) {
image_list('there was a problem saving image data');
} else {
$newpath = $doc_root . $path_from_root . $img_dir . '/' . $id . $ext;
$newpath = str_replace('//', '/', $newpath);
if (move_uploaded_file($file, $newpath) == false) {
safe_delete("txp_image", "id='{$id}'");
safe_alter("txp_image", "auto_increment={$id}");
image_list($newpath . sp . gTxt('upload_dir_perms'));
} else {
chmod($newpath, 0755);
image_edit(messenger('image', $name, 'uploaded'), $id);
}
}
} else {
image_list(gTxt('only_graphic_files_allowed'));
}
}
function file_insert()
{
global $txpcfg, $extensions, $txp_user, $file_base_path, $file_max_upload_size;
extract($txpcfg);
extract(doSlash(gpsa(array('category', 'permissions', 'description'))));
$name = file_get_uploaded_name();
$file = file_get_uploaded();
if ($file === false) {
// could not get uploaded file
file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(@$_FILES['file']['error']));
return;
}
if ($file_max_upload_size < filesize($file)) {
unlink($file);
file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(UPLOAD_ERR_FORM_SIZE));
return;
}
if (!is_file(build_file_path($file_base_path, $name))) {
$id = file_db_add($name, $category, $permissions, $description);
if (!$id) {
file_list(gTxt('file_upload_failed') . ' (db_add)');
} else {
$id = assert_int($id);
$newpath = build_file_path($file_base_path, trim($name));
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id = {$id}");
safe_alter("txp_file", "auto_increment={$id}");
if (isset($GLOBALS['ID'])) {
unset($GLOBALS['ID']);
}
file_list($newpath . ' ' . gTxt('upload_dir_perms'));
// clean up file
} else {
file_set_perm($newpath);
$message = gTxt('file_uploaded', array('{name}' => $name));
file_edit($message, $id);
}
}
} else {
$message = gTxt('file_already_exists', array('{name}' => $name));
file_list($message);
}
}
function mem_self_register_install()
{
global $mem_self;
extract(doSlash(gpsa(array('admin_email', 'admin_name', 'new_user_priv', 'use_ign_db', 'add_address', 'add_phone'))));
if (!isset($new_user_priv) || empty($new_user_priv)) {
$new_user_priv = '0';
}
$log = array();
if (!($rs = safe_field('val,html', 'txp_prefs', "name='mem_self_use_ign_db'"))) {
if (set_pref('mem_self_use_ign_db', $use_ign_db, 'self_reg', 1, 0, 'yesnoradio')) {
$log[] = mem_self_gTxt('log_added_pref', array('{name}' => 'mem_self_use_ign_db'));
} else {
$log[] = mem_self_gTxt('log_pref_failed', array('{name}' => 'mem_self_use_ign_db', '{error}' => mysql_error()));
}
} else {
if ($rs['html'] != 'yesnoradio') {
safe_update('txp_prefs', "html='yesnoradio'", "name='mem_self_use_ign_db'");
}
$log[] = mem_self_gTxt('log_pref_exists', array('{name}' => 'mem_self_use_ign_db', '{value}' => $rs));
}
$user_table = mem_get_user_table_name();
$xtra_columns = mem_get_extra_user_columns();
if ($add_address) {
if (!in_array('address', $xtra_columns)) {
if (safe_alter($user_table, "ADD `address` VARCHAR( 128 )")) {
$log[] = mem_self_gTxt('log_col_added', array('{name}' => 'address', '{table}' => $user_table));
} else {
$log[] = mem_self_gTxt('log_col_failed', array('{name}' => 'address', '{table}' => $user_table, '{error}' => mysql_error()));
}
} else {
$log[] = mem_self_gTxt('log_col_exists', array('{name}' => 'address', '{table}' => $user_table));
}
}
if ($add_phone) {
if (!in_array('phone', $xtra_columns)) {
if (safe_alter($user_table, "ADD `phone` VARCHAR( 32 )")) {
$log[] = mem_self_gTxt('log_col_added', array('{name}' => 'phone', '{table}' => $user_table));
} else {
$log[] = mem_self_gTxt('log_col_failed', array('{name}' => 'phone', '{table}' => $user_table, '{error}' => mysql_error()));
}
} else {
$log[] = mem_self_gTxt('log_col_exists', array('{name}' => 'phone', '{table}' => $user_table));
}
}
if (!($rs = safe_field('val', 'txp_prefs', "name='mem_self_admin_email'"))) {
if (set_pref('mem_self_admin_email', $admin_email, 'self_reg', 1)) {
$log[] = mem_self_gTxt('log_added_pref', array('{name}' => 'mem_self_admin_email'));
} else {
$log[] = mem_self_gTxt('log_pref_failed', array('{name}' => 'mem_self_admin_email', '{error}' => mysql_error()));
}
} else {
$log[] = mem_self_gTxt('log_pref_exists', array('{name}' => 'mem_self_admin_email', '{value}' => $rs));
}
if (!($rs = safe_field('val', 'txp_prefs', "name='mem_self_admin_name'"))) {
if (set_pref('mem_self_admin_name', $admin_name, 'self_reg', 1)) {
$log[] = mem_self_gTxt('log_added_pref', array('{name}' => 'mem_self_admin_name'));
} else {
$log[] = mem_self_gTxt('log_pref_failed', array('{name}' => 'mem_self_admin_name', '{error}' => mysql_error()));
}
} else {
$log[] = mem_self_gTxt('log_pref_exists', array('{name}' => 'mem_self_admin_name', '{value}' => $rs));
}
if (!($rs = safe_row('val,html', 'txp_prefs', "name='mem_self_new_user_priv'"))) {
if (set_pref('mem_self_new_user_priv', $new_user_priv, 'self_reg', 1, 0, 'priv_levels')) {
$log[] = mem_self_gTxt('log_added_pref', array('{name}' => 'mem_self_new_user_priv'));
$mem_self['new_user_priv'] = $new_user_priv;
} else {
$log[] = mem_self_gTxt('log_pref_failed', array('{name}' => 'mem_self_newuser_priv', '{error}' => mysql_error()));
}
} else {
safe_update('txp_prefs', "html='priv_levels'", "name='mem_self_new_user_priv'");
$log[] = mem_self_gTxt('log_pref_exists', array('{name}' => 'mem_self_new_user_priv', '{value}' => $rs));
}
// create default registration form
$form_html = <<<EOF
\t<fieldset>
\t<legend>Register</legend>
\t\t<txp:mem_form_text name="RealName" label="Full Name" /><br />
\t\t<br />
\t\t
\t\t<txp:mem_form_text name="name" label="Username" /><br />
\t\t<br />
\t\t
\t\t<txp:mem_form_email name="email" label="E-Mail" /><br />
\t\t<br />
\t\t<txp:mem_form_submit />
\t</fieldset>
EOF;
$form = fetch('Form', 'txp_form', 'name', 'self_register_form');
if (!$form) {
if (safe_insert('txp_form', "name='self_register_form',type='misc',Form='{$form_html}'")) {
$log[] = mem_self_gTxt('log_form_added', array('{name}' => 'self_register_form'));
} else {
$log[] = mem_self_gTxt('log_form_failed', array('{name}' => 'self_register_form', '{error}' => mysql_error())) . br . '<textpattern style="width:300px;height:150px;">' . htmlspecialchars($form_html) . '</textarea>';
}
} else {
$log[] = mem_self_gTxt('log_form_found', array('{name}' => 'self_register_form'));
}
// create default successful registration form to show the user
$form_html = <<<EOF
<h3>Account Created</h3>
<p>An email containing your password has been sent to <txp:mem_profile var="email" />.</p>
EOF;
$form = fetch('Form', 'txp_form', 'name', 'self_register_success');
if (!$form) {
if (safe_insert('txp_form', "name='self_register_success',type='misc',Form='{$form_html}'")) {
$log[] = mem_self_gTxt('log_form_added', array('{name}' => 'self_register_success'));
} else {
$log[] = mem_self_gTxt('log_form_failed', array('{name}' => 'self_register_success', '{error}' => mysql_error())) . br . '<textpattern style="width:300px;height:150px;">' . htmlspecialchars($form_html) . '</textarea>';
}
} else {
$log[] = mem_self_gTxt('log_form_found', array('{name}' => 'self_register_success'));
}
// create default successful registration email form
$form_html = <<<EOF
Dear <txp:mem_name />,
Thank you for registering at <txp:mem_siteurl />.
Your login name: <txp:mem_username />
Your password: <txp:mem_password />
If you have any questions please reply to this email address.
Sincerely,
<txp:mem_admin_name />
<txp:mem_admin_email />
EOF;
$form = fetch('Form', 'txp_form', 'name', 'self_register_email');
if (!$form) {
if (safe_insert('txp_form', "name='self_register_email',type='misc',Form='{$form_html}'")) {
$log[] = mem_self_gTxt('log_form_added', array('{name}' => 'self_register_email'));
} else {
$log[] = mem_self_gTxt('log_form_failed', array('{name}' => 'self_register_email', '{error}' => mysql_error())) . br . '<textpattern style="width:300px;height:150px;">' . htmlspecialchars($form_html) . '</textarea>';
}
} else {
$log[] = mem_self_gTxt('log_form_found', array('{name}' => 'self_register_email'));
}
$tag_help = '<txp:mem_self_register_form form="self_register_form" />';
$log[] = mem_self_gTxt('log_xmpl_tag') . br . '<textarea style="width:400px;height:40px;">' . htmlspecialchars($tag_help) . '</textarea>';
return doWrap($log, 'ul', 'li');
}
function image_data($file, $meta = '', $id = '', $uploaded = true)
{
global $txpcfg, $txp_user, $prefs, $file_max_upload_size;
$extensions = array(0, '.gif', '.jpg', '.png', '.swf');
extract($txpcfg);
$name = $file['name'];
$error = $file['error'];
$file = $file['tmp_name'];
if ($uploaded) {
$file = get_uploaded_file($file);
if ($file_max_upload_size < filesize($file)) {
unlink($file);
return upload_get_errormsg(UPLOAD_ERR_FORM_SIZE);
}
}
list($w, $h, $extension) = @getimagesize($file);
if ($file !== false && @$extensions[$extension]) {
$ext = $extensions[$extension];
$name = doSlash(substr($name, 0, strrpos($name, '.')) . $ext);
if ($meta == false) {
$meta = array('category' => '', 'caption' => '', 'alt' => '');
}
extract(doSlash($meta));
$q = "\n\t\t\tname = '{$name}',\n\t\t\text = '{$ext}',\n\t\t\tw = {$w},\n\t\t\th = {$h},\n\t\t\talt = '{$alt}',\n\t\t\tcaption = '{$caption}',\n\t\t\tcategory = '{$category}',\n\t\t\tdate = now(),\n\t\t\tauthor = '{$txp_user}'\n\t\t";
if (empty($id)) {
$rs = safe_insert('txp_image', $q);
$id = $GLOBALS['ID'] = mysql_insert_id();
} else {
$id = assert_int($id);
$rs = safe_update('txp_image', $q, "id = {$id}");
}
if (!$rs) {
return gTxt('image_save_error');
} else {
$newpath = IMPATH . $id . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
$id = assert_int($id);
safe_delete('txp_image', "id = {$id}");
safe_alter('txp_image', "auto_increment = {$id}");
if (isset($GLOBALS['ID'])) {
unset($GLOBALS['ID']);
}
return $newpath . sp . gTxt('upload_dir_perms');
} else {
@chmod($newpath, 0644);
// Auto-generate a thumbnail using the last settings
if (isset($prefs['thumb_w'], $prefs['thumb_h'], $prefs['thumb_crop'])) {
img_makethumb($id, $prefs['thumb_w'], $prefs['thumb_h'], $prefs['thumb_crop']);
}
update_lastmod();
$message = gTxt('image_uploaded', array('{name}' => $name));
return array($message, $id);
}
}
} else {
// missing or invalid file
if ($file === false) {
return upload_get_errormsg($error);
} else {
return gTxt('only_graphic_files_allowed');
}
}
}
if (!defined('TXP_UPDATE')) {
exit("Nothing here. You can't access this file directly.");
}
$txpplugin = getThings('DESCRIBE `' . PFX . 'txp_plugin`');
if (!in_array('load_order', $txpplugin)) {
safe_alter('txp_plugin', "ADD load_order TINYINT UNSIGNED NOT NULL DEFAULT 5");
}
// Enable XML-RPC server?
if (!safe_field("name", 'txp_prefs', "name = 'enable_xmlrpc_server'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'enable_xmlrpc_server', val = 0, type = 1, event = 'admin', html = 'yesnoradio', position = 130");
}
if (!safe_field("name", 'txp_prefs', "name = 'smtp_from'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'smtp_from', val = '', type = 1, event = 'admin', position = 110");
}
if (!safe_field("val", 'txp_prefs', "name = 'author_list_pageby'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'author_list_pageby', val = 25, type = 2");
}
// Expiry datetime for articles.
$txp = getThings("DESCRIBE `" . PFX . "textpattern`");
if (!in_array('Expires', $txp)) {
safe_alter('textpattern', "ADD Expires DATETIME AFTER Posted");
}
safe_create_index('textpattern', 'Expires', 'Expires_idx');
// Publish expired articles, or return 410?
if (!safe_field("name", 'txp_prefs', "name = 'publish_expired_articles'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'publish_expired_articles', val = '0', type = '1', event = 'publish', html = 'yesnoradio', position = '130'");
}
// Searchable article fields hidden preference.
if (!safe_field("name", 'txp_prefs', "name = 'searchable_article_fields'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'searchable_article_fields', val = 'Title, Body', type = '2', event = 'publish', html = 'text_input', position = '0'");
}
function cleanup_4a_cb($table, $field, $attributes)
{
$langs = MLPLanguageHandler::get_site_langs();
foreach ($langs as $lang) {
$f = _l10n_make_field_name($field, $lang);
$sql = "DROP `{$f}`";
$ok = @safe_alter($table, $sql);
$this->add_report_item(gTxt('l10n-drop_field', array('{field}' => $f, '{table}' => $table)), $ok, true);
}
}
function file_insert()
{
global $txpcfg, $extensions, $txp_user, $file_base_path;
extract($txpcfg);
extract(doSlash(gpsa(array('category', 'permissions', 'description'))));
$name = file_get_uploaded_name();
$file = file_get_uploaded();
if ($file === false) {
// could not get uploaded file
file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg($_FILES['file']['error']));
return;
}
if (!is_file(build_file_path($file_base_path, $name))) {
$id = file_db_add($name, $category, $permissions, $description);
if (!$id) {
file_list(gTxt('file_upload_failed') . ' (db_add)');
} else {
$newpath = build_file_path($file_base_path, trim($name));
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id='{$id}'");
safe_alter("txp_file", "auto_increment={$id}");
file_list($newpath . ' ' . gTxt('upload_dir_perms'));
// clean up file
} else {
file_set_perm($newpath);
file_edit(messenger('file', $name, 'uploaded'), $id);
}
}
} else {
file_list(messenger(gTxt('file'), $name, gTxt('already_exists')));
}
}
safe_alter('textpattern', "MODIFY LastMod DATETIME NOT NULL");
safe_alter('textpattern', "MODIFY feed_time DATE NOT NULL");
//0000-00-00
safe_alter('txp_discuss', "MODIFY posted DATETIME NOT NULL");
safe_alter('txp_discuss_nonce', "MODIFY issue_time DATETIME NOT NULL");
safe_alter('txp_file', "MODIFY created DATETIME NOT NULL");
safe_alter('txp_file', "MODIFY modified DATETIME NOT NULL");
safe_alter('txp_image', "MODIFY date DATETIME NOT NULL");
safe_alter('txp_link', "MODIFY date DATETIME NOT NULL");
safe_alter('txp_log', "MODIFY time DATETIME NOT NULL");
safe_alter('txp_users', "MODIFY last_access DATETIME NULL DEFAULT NULL");
// remove logs and nonces with zero dates.
safe_delete('txp_discuss_nonce', "DATE(issue_time) = '0000-00-00'");
safe_delete('txp_log', "DATE(time) = '0000-00-00'");
// replace zero dates (which shouldn't exist, really) with somewhat sensible values
safe_update('textpattern', "Posted = NOW()", "DATE(Posted) = '0000-00-00'");
safe_update('textpattern', "Expires = NULL", "DATE(Expires) = '0000-00-00'");
safe_update('textpattern', "LastMod = Posted", "DATE(LastMod) = '0000-00-00'");
safe_update('txp_discuss', "posted = NOW()", "DATE(posted) = '0000-00-00'");
safe_update('txp_file', "created = NOW()", "DATE(created) = '0000-00-00'");
safe_update('txp_file', "modified = created", "DATE(modified) = '0000-00-00'");
safe_update('txp_image', "date = NOW()", "DATE(date) = '0000-00-00'");
safe_update('txp_link', "date = NOW()", "DATE(date) = '0000-00-00'");
safe_update('txp_users', "last_access = NULL", "DATE(last_access) = '0000-00-00'");
safe_update('textpattern', "feed_time = DATE(Posted)", "feed_time = '0000-00-00'");
// category names are max 64 chars when created/edited, so don't pretend they can be longer
safe_alter('textpattern', "MODIFY Category1 VARCHAR(64) NOT NULL DEFAULT ''");
safe_alter('textpattern', "MODIFY Category2 VARCHAR(64) NOT NULL DEFAULT ''");
safe_alter('txp_file', "MODIFY category VARCHAR(64) NOT NULL DEFAULT ''");
safe_alter('txp_image', "MODIFY category VARCHAR(64) NOT NULL DEFAULT ''");
*/
if (!defined('TXP_UPDATE')) {
exit("Nothing here. You can't access this file directly.");
}
// Doctype prefs.
if (!safe_field("name", 'txp_prefs', "name = 'doctype'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'doctype', val = 'xhtml', type = '0', event = 'publish', html = 'doctypes', position = '190'");
}
// Publisher's email address.
if (!safe_field("name", 'txp_prefs', "name = 'publisher_email'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'publisher_email', val = '', type = 1, event = 'admin', position = 115");
}
// Goodbye raw ?php support.
if (safe_field("name", 'txp_prefs', "name = 'allow_raw_php_scripting'")) {
safe_delete('txp_prefs', "name = 'allow_raw_php_scripting'");
}
safe_alter('txp_users', "\n MODIFY RealName VARCHAR(255) NOT NULL DEFAULT '',\n MODIFY email VARCHAR(254) NOT NULL DEFAULT ''");
// Remove any setup strings from lang table.
safe_delete('txp_lang', "event = 'setup'");
safe_create_index('textpattern', 'url_title', 'url_title_idx');
// Remove is_default from txp_section table and make it a preference.
if (!safe_field("name", 'txp_prefs', "name = 'default_section'")) {
$current_default_section = safe_field("name", 'txp_section', "is_default = 1");
safe_insert('txp_prefs', "prefs_id = 1, name = 'default_section', val = '" . doSlash($current_default_section) . "', type = '2', event = 'section', html = 'text_input', position = '0'");
}
$cols = getThings("DESCRIBE `" . PFX . "txp_section`");
if (in_array('is_default', $cols)) {
safe_alter('txp_section', "DROP is_default");
}
safe_alter('txp_css', "MODIFY css MEDIUMTEXT NOT NULL");
if (!in_array('nonce', $txpuser)) {
safe_alter("txp_users", "add `nonce` varchar(64) not null");
}
// 1.0rc: checking nonce in txp_users table
$txpusers = safe_rows('name, nonce', 'txp_users', '1');
if ($txpusers) {
foreach ($txpusers as $a) {
extract($a);
if (!$nonce) {
$nonce = md5(uniqid(rand(), true));
safe_update('txp_users', "nonce='{$nonce}'", "name = '{$name}'");
}
}
}
// 1.0rc: expanding password field in txp_users
safe_alter('txp_users', "CHANGE `pass` `pass` VARCHAR( 128 ) NOT NULL");
$popcom = fetch("*", 'txp_form', 'name', "popup_comments");
if (!$popcom) {
$popform = <<<eod
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
\t<meta http-equiv="content-type" content="text/html; charset=utf-8" />
\t<link rel="Stylesheet" href="<txp:css />" type="text/css" />
\t<title><txp:page_title /></title>
</head>
<body>
<div style="text-align: left; padding: 1em; width:300px">
\t<txp:popup_comments />
break;
case 'comments_require_name':
case 'comments_require_email':
$html = 'yesnoradio';
$evt = 'comments';
break;
default:
$html = 'yesnoradio';
$evt = 'publish';
break;
}
safe_insert('txp_prefs', "val = '{$val}', name = '{$key}' , prefs_id ='1', type='1', html='{$html}', event='{$evt}'");
}
}
}
safe_alter('txp_prefs', "CHANGE `html` `html` VARCHAR( 64 ) DEFAULT 'text_input' NOT NULL");
safe_update('txp_prefs', "html='text_input'", "html=''");
if (!fetch('form', 'txp_form', 'name', 'search_results')) {
$form = <<<EOF
<h3><txp:permlink><txp:title /></txp:permlink></h3>
<p><txp:search_result_excerpt /><br/>
<small><txp:permlink><txp:permlink /></txp:permlink> ·
<txp:posted /></small></p>
EOF;
safe_insert('txp_form', "name='search_results', type='article', Form='{$form}'");
}
if (!safe_query("SELECT 1 FROM `" . PFX . "txp_lang` LIMIT 0")) {
// do install
safe_query("CREATE TABLE `" . PFX . "txp_lang` (\n\t\t\t`id` INT( 9 ) NOT NULL AUTO_INCREMENT ,\n\t\t\t`lang` VARCHAR(16),\n\t\t\t`name` VARCHAR(64),\n\t\t\t`event` VARCHAR( 64 ) ,\n\t\t\t`data` TINYTEXT,\n\t\t\t`lastmod` timestamp,\n\t\t\tPRIMARY KEY ( `id` ),\n\t\t\tUNIQUE INDEX (`lang`,`name`),\n\t\t\tINDEX (`lang`, `event`)\n\t\t\t) {$tabletype};");
require_once txpath . '/lib/IXRClass.php';
$client = new IXR_Client('http://rpc.textpattern.com');
if (!safe_field("name", 'txp_prefs', "name = 'default_event'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'default_event', val = 'article', type = '1', event = 'admin', html = 'default_event', position = '150'");
}
// Add columns for thumbnail dimensions.
$cols = getThings("DESCRIBE `" . PFX . "txp_image`");
if (!in_array('thumb_w', $cols)) {
safe_alter('txp_image', "\n ADD thumb_w int(8) NOT NULL DEFAULT 0,\n ADD thumb_h int(8) NOT NULL DEFAULT 0");
}
// Plugin flags.
$cols = getThings('DESCRIBE `' . PFX . 'txp_plugin`');
if (!in_array('flags', $cols)) {
safe_alter('txp_plugin', "ADD flags SMALLINT UNSIGNED NOT NULL DEFAULT 0");
}
// Default theme.
if (!safe_field("name", 'txp_prefs', "name = 'theme_name'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'theme_name', val = 'classic', type = '1', event = 'admin', html = 'themename', position = '160'");
}
safe_alter('txp_plugin', "\n CHANGE code code MEDIUMTEXT NOT NULL,\n CHANGE code_restore code_restore MEDIUMTEXT NOT NULL");
safe_alter('txp_prefs', "CHANGE val val TEXT NOT NULL");
// Add author column to files and links, boldy assuming that the publisher in
// charge of updating this site is the author of any existing content items.
foreach (array('txp_file', 'txp_link') as $table) {
$cols = getThings("DESCRIBE `" . PFX . $table . "`");
if (!in_array('author', $cols)) {
safe_alter($table, "\n ADD author varchar(64) NOT NULL DEFAULT '',\n ADD INDEX author_idx (author)");
safe_update($table, "author = '" . doSlash($txp_user) . "'", '1 = 1');
}
}
// Add indices on author columns.
safe_create_index('textpattern', 'AuthorID', 'author_idx');
safe_create_index('txp_image', 'author', 'author_idx');
function file_insert()
{
global $txp_user, $file_base_path, $file_max_upload_size;
if (!has_privs('file.edit.own')) {
file_list(gTxt('restricted_area'));
return;
}
extract(doSlash(gpsa(array('category', 'permissions', 'description'))));
$name = file_get_uploaded_name();
$file = file_get_uploaded();
if ($file === false) {
// could not get uploaded file
file_list(array(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg($_FILES['thefile']['error']), E_ERROR));
return;
}
$size = filesize($file);
if ($file_max_upload_size < $size) {
unlink($file);
file_list(array(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(UPLOAD_ERR_FORM_SIZE), E_ERROR));
return;
}
$newname = sanitizeForFile($name);
$newpath = build_file_path($file_base_path, $newname);
if (!is_file($newname)) {
$id = file_db_add($newname, $category, $permissions, $description, $size);
if (!$id) {
file_list(array(gTxt('file_upload_failed') . ' (db_add)', E_ERROR));
} else {
$id = assert_int($id);
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id = {$id}");
safe_alter("txp_file", "auto_increment={$id}");
if (isset($GLOBALS['ID'])) {
unset($GLOBALS['ID']);
}
file_list(array($newpath . ' ' . gTxt('upload_dir_perms'), E_ERROR));
// clean up file
} else {
file_set_perm($newpath);
$message = gTxt('file_uploaded', array('{name}' => htmlspecialchars($newname)));
file_edit($message, $id);
}
}
} else {
$message = gTxt('file_already_exists', array('{name}' => $newname));
file_list($message);
}
}
safe_alter('txp_css', "DROP INDEX name, ADD UNIQUE name (name(250))");
safe_alter('txp_file', "DROP INDEX filename, ADD UNIQUE filename (filename(250))");
safe_alter('txp_form', "DROP PRIMARY KEY, ADD PRIMARY KEY (name(250))");
safe_alter('txp_page', "DROP PRIMARY KEY, ADD PRIMARY KEY (name(250))");
safe_alter('txp_section', "DROP PRIMARY KEY, ADD PRIMARY KEY (name(250))");
safe_alter('txp_prefs', "DROP INDEX prefs_idx, ADD UNIQUE prefs_idx (prefs_id, name(185), user_name)");
safe_alter('txp_prefs', "DROP INDEX name, ADD INDEX name (name(250))");
safe_alter('textpattern', "DROP INDEX section_status_idx, ADD INDEX section_status_idx (Section(249), Status)");
safe_alter('textpattern', "DROP INDEX url_title_idx, ADD INDEX url_title_idx (url_title(250))");
// txp_discuss_nonce didn't have a primary key in 4.0.3, so we recreate its index in two steps
safe_drop_index('txp_discuss_nonce', "PRIMARY");
safe_alter('txp_discuss_nonce', "ADD PRIMARY KEY (nonce(250))");
// Fix typo: textinput should be text_input
safe_update('txp_prefs', "html = 'text_input'", "name = 'timezone_key'");
// Fix typo: position 40 should be 0 (because it's a hidden pref)
safe_update('txp_prefs', "position = 0", "name = 'language'");
// Fix typo: position should be 60 instead of 30 (so it appears just below the site name)
safe_update('txp_prefs', "position = 60", "name = 'site_slogan'");
// Enforce some table changes that happened after 4.0.3 but weren't part of update scripts until now
safe_alter('txp_css', "MODIFY name VARCHAR(255) NOT NULL");
safe_alter('txp_lang', "MODIFY lang VARCHAR(16) NOT NULL");
safe_alter('txp_lang', "MODIFY name VARCHAR(64) NOT NULL");
safe_alter('txp_lang', "MODIFY event VARCHAR(64) NOT NULL");
safe_drop_index('txp_form', "name");
safe_drop_index('txp_page', "name");
safe_drop_index('txp_plugin', "name_2");
safe_drop_index('txp_section', "name");
// The txp_priv table was created for version 1.0, but never used nor created in later versions.
safe_drop('txp_priv');
// Add generic token table.
safe_create('txp_token', "\nid INT NOT NULL AUTO_INCREMENT,\nreference_id INT DEFAULT 0,\ntype VARCHAR(255) DEFAULT '',\nselector CHAR(12) DEFAULT '',\ntoken VARCHAR(255) DEFAULT '',\nexpires DATETIME DEFAULT '0000-00-00 00:00:00',\nPRIMARY KEY (id)\n");
function file_insert()
{
global $txpcfg, $extensions, $txp_user, $file_base_path, $file_max_upload_size;
extract($txpcfg);
extract(doSlash(gpsa(array('category', 'permissions', 'description'))));
$name = file_get_uploaded_name();
$file = file_get_uploaded();
if ($file === false) {
// could not get uploaded file
file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg($_FILES['thefile']['error']));
return;
}
$size = filesize($file);
if ($file_max_upload_size < $size) {
unlink($file);
file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(UPLOAD_ERR_FORM_SIZE));
return;
}
// Remove control characters and " * \ : < > ? / |
// Remove duplicate dots and any leading or trailing dots/spaces
$newname = preg_replace('/[\\x00-\\x1f\\x22\\x2a\\x2f\\x3a\\x3c\\x3e\\x3f\\x5c\\x7c\\x7f]+/', '', $name);
$newname = preg_replace('/[.]{2,}/', '.', trim($newname, '. '));
$newpath = build_file_path($file_base_path, $newname);
if (!is_file($newname)) {
$id = file_db_add($newname, $category, $permissions, $description, $size);
if (!$id) {
file_list(gTxt('file_upload_failed') . ' (db_add)');
} else {
$id = assert_int($id);
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id = {$id}");
safe_alter("txp_file", "auto_increment={$id}");
if (isset($GLOBALS['ID'])) {
unset($GLOBALS['ID']);
}
file_list($newpath . ' ' . gTxt('upload_dir_perms'));
// clean up file
} else {
file_set_perm($newpath);
$message = gTxt('file_uploaded', array('{name}' => htmlspecialchars($newname)));
file_edit($message, $id);
}
}
} else {
$message = gTxt('file_already_exists', array('{name}' => $newname));
file_list($message);
}
}
function image_data($file, $meta = '', $id = '', $uploaded = true)
{
global $txpcfg, $extensions, $txp_user, $prefs, $file_max_upload_size, $event;
extract($txpcfg);
$name = $file['name'];
$error = $file['error'];
$file = $file['tmp_name'];
if ($uploaded) {
$file = get_uploaded_file($file);
if ($file_max_upload_size < filesize($file)) {
unlink($file);
return upload_get_errormsg(UPLOAD_ERR_FORM_SIZE);
}
}
if (empty($file)) {
return upload_get_errormsg(UPLOAD_ERR_NO_FILE);
}
list($w, $h, $extension) = getimagesize($file);
if ($file !== false && @$extensions[$extension]) {
$ext = $extensions[$extension];
$name = substr($name, 0, strrpos($name, '.')) . $ext;
$safename = doSlash($name);
if ($meta == false) {
$meta = array('category' => '', 'caption' => '', 'alt' => '');
}
extract(doSlash($meta));
$q = "\n\t\t\t\tname = '{$safename}',\n\t\t\t\text = '{$ext}',\n\t\t\t\tw = {$w},\n\t\t\t\th = {$h},\n\t\t\t\talt = '{$alt}',\n\t\t\t\tcaption = '{$caption}',\n\t\t\t\tcategory = '{$category}',\n\t\t\t\tdate = now(),\n\t\t\t\tauthor = '" . doSlash($txp_user) . "'\n\t\t\t";
if (empty($id)) {
$rs = safe_insert('txp_image', $q);
$id = $GLOBALS['ID'] = mysql_insert_id();
} else {
$id = assert_int($id);
$rs = safe_update('txp_image', $q, "id = {$id}");
}
if (!$rs) {
return gTxt('image_save_error');
} else {
$newpath = IMPATH . $id . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
$id = assert_int($id);
safe_delete('txp_image', "id = {$id}");
safe_alter('txp_image', "auto_increment = {$id}");
if (isset($GLOBALS['ID'])) {
unset($GLOBALS['ID']);
}
return $newpath . sp . gTxt('upload_dir_perms');
} else {
@chmod($newpath, 0644);
// GD is supported
if (check_gd($ext)) {
// Auto-generate a thumbnail using the last settings
if (isset($prefs['thumb_w'], $prefs['thumb_h'], $prefs['thumb_crop'])) {
$width = intval($prefs['thumb_w']);
$height = intval($prefs['thumb_h']);
if ($width > 0 or $height > 0) {
$t = new txp_thumb($id);
$t->crop = $prefs['thumb_crop'] == '1';
$t->hint = '0';
$t->width = $width;
$t->height = $height;
$t->write();
}
}
}
$message = gTxt('image_uploaded', array('{name}' => $name));
update_lastmod();
// call post-upload plugins with new image's $id
callback_event('image_uploaded', $event, false, $id);
return array($message, $id);
}
}
} else {
if ($file === false) {
return upload_get_errormsg($error);
} else {
return gTxt('only_graphic_files_allowed');
}
}
}
safe_alter('txp_file', "add modified datetime NOT NULL default '0000-00-00 00:00:00'");
$update_files = 1;
}
if (!in_array('created', $txpfile)) {
safe_alter('txp_file', "add created datetime NOT NULL default '0000-00-00 00:00:00'");
$update_files = 1;
}
if (!in_array('size', $txpfile)) {
safe_alter('txp_file', "add size bigint");
$update_files = 1;
}
if (!in_array('downloads', $txpfile)) {
safe_alter('txp_file', "ADD downloads INT DEFAULT '0' NOT NULL");
}
if (array_intersect(array('modified', 'created'), $txpfile)) {
safe_alter('txp_file', "MODIFY modified datetime NOT NULL default '0000-00-00 00:00:00', MODIFY created datetime NOT NULL default '0000-00-00 00:00:00'");
}
// copy existing file timestamps into the new database columns
if ($update_files) {
$prefs = get_prefs();
$rs = safe_rows('*', 'txp_file', '1=1');
foreach ($rs as $row) {
$path = build_file_path(@$prefs['file_base_path'], @$row['filename']);
if ($path and $stat = @stat($path)) {
safe_update('txp_file', "created='" . strftime('%Y-%m-%d %H:%M:%S', $stat['ctime']) . "', modified='" . strftime('%Y-%m-%d %H:%M:%S', $stat['mtime']) . "', size='" . doSlash(sprintf('%u', $stat['size'])) . "'", "id='" . doSlash($row['id']) . "'");
}
}
}
safe_update('textpattern', "Keywords=TRIM(BOTH ',' FROM REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(Keywords,'\n',','),'\r',','),'\t',','),' ',' '),' ',' '),' ',' '),' ,',','),', ',','),',,,,',','),',,',','),',,',','))", "Keywords != ''");
// shift preferences to more intuitive spots
// give positions, leave enough room for later additions
function image_data($file, $category = '', $id = '', $uploaded = true)
{
global $txpcfg, $extensions, $txp_user;
extract($txpcfg);
$name = $file['name'];
$error = $file['error'];
$file = $file['tmp_name'];
if ($uploaded) {
$file = get_uploaded_file($file);
}
list($w, $h, $extension) = getimagesize($file);
if ($file !== false && @$extensions[$extension]) {
$ext = $extensions[$extension];
$name = substr($name, 0, strrpos($name, '.'));
$name .= $ext;
$name2db = doSlash($name);
$q = "w = '{$w}',\n\t\t\t\t h = '{$h}',\n\t\t\t\t ext = '{$ext}',\n\t\t\t\t name = '{$name2db}',\n\t\t\t\t date = now(),\n\t\t\t\t caption = '',\n\t\t\t\t author = '{$txp_user}'";
if (empty($id)) {
$q .= ", category = '{$category}'";
$rs = safe_insert("txp_image", $q);
$id = mysql_insert_id();
} else {
$id = doSlash($id);
$rs = safe_update('txp_image', $q, "id = {$id}");
}
if (!$rs) {
return gTxt('image_save_error');
} else {
$newpath = IMPATH . $id . $ext;
if (shift_uploaded_file($file, $newpath) == false) {
safe_delete("txp_image", "id='{$id}'");
safe_alter("txp_image", "auto_increment={$id}");
return $newpath . sp . gTxt('upload_dir_perms');
} else {
chmod($newpath, 0755);
return array(messenger('image', $name, 'uploaded'), $id);
}
}
} else {
if ($file === false) {
return upload_get_errormsg($error);
} else {
return gTxt('only_graphic_files_allowed');
}
}
}
$cols = getThings('describe `' . PFX . 'txp_plugin`');
if (!in_array('flags', $cols)) {
safe_alter('txp_plugin', "ADD flags SMALLINT UNSIGNED NOT NULL DEFAULT 0");
}
// Default theme.
if (!safe_field('name', 'txp_prefs', "name = 'theme_name'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'theme_name', val = 'classic', type = '1', event = 'admin', html = 'themename', position = '160'");
}
safe_alter('txp_plugin', 'CHANGE code code MEDIUMTEXT NOT NULL, CHANGE code_restore code_restore MEDIUMTEXT NOT NULL');
safe_alter('txp_prefs', 'CHANGE val val TEXT NOT NULL');
// Add author column to files and links,
// Boldy assuming that the publisher in charge of updating this site is the author of any existing content items.
foreach (array('txp_file', 'txp_link') as $table) {
$cols = getThings('describe `' . PFX . $table . '`');
if (!in_array('author', $cols)) {
safe_alter($table, "ADD author varchar(255) NOT NULL default '', ADD INDEX author_idx (author)");
safe_update($table, "author='" . doSlash($txp_user) . "'", '1=1');
}
}
// Add indices on author columns.
foreach (array('textpattern' => 'AuthorID', 'txp_image' => 'author') as $table => $col) {
$has_idx = 0;
$rs = getRows('show index from `' . PFX . $table . '`');
foreach ($rs as $row) {
if ($row['Key_name'] == 'author_idx') {
$has_idx = 1;
}
}
if (!$has_idx) {
safe_query('ALTER IGNORE TABLE `' . PFX . $table . '` ADD INDEX author_idx(' . $col . ')');
}
function file_insert()
{
global $txp_user, $file_base_path, $file_max_upload_size;
require_privs('file.edit.own');
extract(doSlash(array_map('assert_string', gpsa(array('category', 'title', 'permissions', 'description')))));
$name = file_get_uploaded_name();
$file = file_get_uploaded();
if ($file === false) {
// Could not get uploaded file.
file_list(array(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg($_FILES['thefile']['error']), E_ERROR));
return;
}
$size = filesize($file);
if ($file_max_upload_size < $size) {
unlink($file);
file_list(array(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(UPLOAD_ERR_FORM_SIZE), E_ERROR));
return;
}
$newname = sanitizeForFile($name);
$newpath = build_file_path($file_base_path, $newname);
if (!is_file($newpath) && !safe_count('txp_file', "filename = '" . doSlash($newname) . "'")) {
$id = file_db_add(doSlash($newname), $category, $permissions, $description, $size, $title);
if (!$id) {
file_list(array(gTxt('file_upload_failed') . ' (db_add)', E_ERROR));
} else {
$id = assert_int($id);
if (!shift_uploaded_file($file, $newpath)) {
safe_delete("txp_file", "id = {$id}");
safe_alter("txp_file", "auto_increment={$id}");
if (isset($GLOBALS['ID'])) {
unset($GLOBALS['ID']);
}
file_list(array($newpath . ' ' . gTxt('upload_dir_perms'), E_ERROR));
// Clean up file.
} else {
file_set_perm($newpath);
update_lastmod('file_uploaded', compact('id', 'newname', 'title', 'category', 'description'));
file_edit(gTxt('file_uploaded', array('{name}' => $newname)), $id);
}
}
} else {
file_list(array(gTxt('file_already_exists', array('{name}' => $newname)), E_ERROR));
}
}
if (!safe_field('name', 'txp_prefs', "name = 'publisher_email'")) {
safe_insert('txp_prefs', "prefs_id = 1, name = 'publisher_email', val = '', type = 1, event = 'admin', position = 115");
}
// goodbye raw ?php support
if (safe_field('name', 'txp_prefs', "name = 'allow_raw_php_scripting'")) {
safe_delete('txp_prefs', "name = 'allow_raw_php_scripting'");
}
safe_alter('txp_users', "MODIFY RealName VARCHAR(255) NOT NULL default '', MODIFY email VARCHAR(254) NOT NULL default ''");
// Remove any setup strings from lang table
safe_delete('txp_lang', "event='setup'");
$has_idx = 0;
$rs = getRows('show index from `' . PFX . 'textpattern`');
foreach ($rs as $row) {
if ($row['Key_name'] == 'url_title_idx') {
$has_idx = 1;
}
}
if (!$has_idx) {
safe_query('alter ignore table `' . PFX . 'textpattern` add index url_title_idx(`url_title`)');
}
// Remove is_default from txp_section table and make it a preference
if (!safe_field('name', 'txp_prefs', "name = 'default_section'")) {
$current_default_section = safe_field('name', 'txp_section', 'is_default=1');
safe_insert('txp_prefs', "prefs_id = 1, name = 'default_section', val = '" . doSlash($current_default_section) . "', type = '2', event = 'section', html = 'text_input', position = '0'");
}
$cols = getThings('describe `' . PFX . 'txp_section`');
if (in_array('is_default', $cols)) {
safe_alter('txp_section', "DROP `is_default`");
}
safe_alter('txp_css', 'MODIFY css MEDIUMTEXT NOT NULL');
* This file is part of Textpattern.
*
* Textpattern is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation, version 2.
*
* Textpattern is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Textpattern. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('TXP_UPDATE')) {
exit("Nothing here. You can't access this file directly.");
}
// Raw CSS is now the only option.
safe_delete('txp_prefs', "event = 'css' AND name = 'edit_raw_css_by_default'");
$rs = getRows("SELECT name, css FROM `" . PFX . "txp_css`");
foreach ($rs as $row) {
if (preg_match('%^[a-zA-Z0-9/+]*={0,2}$%', $row['css'])) {
// Data is still base64 encoded.
safe_update('txp_css', "css = '" . doSlash(base64_decode($row['css'])) . "'", "name = '" . doSlash($row['name']) . "'");
}
}
// Add column for file title.
$cols = getThings("DESCRIBE `" . PFX . "txp_file`");
if (!in_array('title', $cols)) {
safe_alter('txp_file', "ADD title VARCHAR(255) NULL AFTER filename");
}
