static function post($url, $post_data_array, $extra_headers = array())
{
$post_data_raw = self::_encode_post_data($post_data_array, $extra_headers);
/* Read the web page into a buffer */
list($response_status, $response_headers, $response_body) = remote::do_request($url, 'POST', $extra_headers, $post_data_raw);
return array($response_body, $response_status, $response_headers);
}
/**
* Fech version info from the Gallery website.
*/
static function fetch_version_info()
{
$result = new stdClass();
try {
list($status, $headers, $body) = remote::do_request(upgrade_checker::CHECK_URL);
if ($status == "HTTP/1.1 200 OK") {
$result->status = "success";
foreach (explode("\n", $body) as $line) {
if ($line) {
list($key, $val) = explode("=", $line, 2);
$result->data[$key] = $val;
}
}
} else {
$result->status = "error";
}
} catch (Exception $e) {
Kohana_Log::add("error", sprintf("%s in %s at line %s:\n%s", $e->getMessage(), $e->getFile(), $e->getLine(), $e->getTraceAsString()));
}
$result->timestamp = time();
Cache::instance()->set("upgrade_checker_version_info", serialize($result), null, 86400 * 365);
}
/**
* Verify that our htaccess based permission system actually works. Create a temporary
* directory containing an .htaccess file that uses mod_rewrite to redirect /verify to
* /success. Then request that url. If we retrieve it successfully, then our redirects are
* working and our permission system works.
*/
static function htaccess_works()
{
$success_url = url::file("var/tmp/security_test/success");
@mkdir(VARPATH . "tmp/security_test");
if ($fp = @fopen(VARPATH . "tmp/security_test/.htaccess", "w+")) {
fwrite($fp, "RewriteEngine On\n");
fwrite($fp, "RewriteRule verify {$success_url} [L]\n");
fclose($fp);
}
if ($fp = @fopen(VARPATH . "tmp/security_test/success", "w+")) {
fwrite($fp, "success");
fclose($fp);
}
list($response) = remote::do_request(url::abs_file("var/tmp/security_test/verify"));
$works = $response == "HTTP/1.1 200 OK";
@dir::unlink(VARPATH . "tmp/security_test");
return $works;
}
/**
* Verify that our htaccess based permission system actually works. Create a temporary
* directory containing an .htaccess file that uses mod_rewrite to redirect /verify to
* /success. Then request that url. If we retrieve it successfully, then our redirects are
* working and our permission system works.
*/
static function htaccess_works()
{
$success_url = url::file("var/security_test/success");
@mkdir(VARPATH . "security_test");
try {
if ($fp = @fopen(VARPATH . "security_test/.htaccess", "w+")) {
fwrite($fp, "Options +FollowSymLinks\n");
fwrite($fp, "RewriteEngine On\n");
fwrite($fp, "RewriteRule verify {$success_url} [L]\n");
fclose($fp);
}
if ($fp = @fopen(VARPATH . "security_test/success", "w+")) {
fwrite($fp, "success");
fclose($fp);
}
// Proxy our authorization headers so that if the entire Gallery is covered by Basic Auth
// this callback will still work.
$headers = array();
if (function_exists("apache_request_headers")) {
$arh = apache_request_headers();
if (!empty($arh["Authorization"])) {
$headers["Authorization"] = $arh["Authorization"];
}
}
list($status, $headers, $body) = remote::do_request(url::abs_file("var/security_test/verify"), "GET", $headers);
$works = $status == "HTTP/1.1 200 OK" && $body == "success";
} catch (Exception $e) {
@dir::unlink(VARPATH . "security_test");
throw $e;
}
@dir::unlink(VARPATH . "security_test");
return $works;
}
