forked from Mirrors/openclonk
masterserver: be more verbose when reporting an error while registering a new update
parent
23aa72f52f
commit
f471955a72
|
@ -41,38 +41,11 @@ if ($link && $db) {
|
|||
$server->cleanUp(true); //Cleanup old stuff
|
||||
|
||||
// register new release
|
||||
if (ParseINI::parseValue('oc_enable_update', $config) == 1 && isset($_REQUEST['action']) && $_REQUEST['action'] == 'release-file' && isset($_REQUEST['file']) && isset($_REQUEST['hash']) && isset($_REQUEST['new_version']) && isset($_REQUEST['platform'])) {
|
||||
$absolutefile = ParseINI::parseValue('oc_update_path', $config) . $_REQUEST['file'];
|
||||
if (file_exists($absolutefile)) {
|
||||
if(hash_hmac_file('sha256', $absolutefile, ParseINI::parseValue('oc_update_secret', $config)) == $_REQUEST['hash']) {
|
||||
$old_version = isset($_REQUEST['old_version']) && !empty($_REQUEST['old_version']) ? explode(',', mysql_real_escape_string($_REQUEST['old_version'], $link)) : array();
|
||||
$new_version = mysql_real_escape_string($_REQUEST['new_version'], $link);
|
||||
$platform = mysql_real_escape_string($_REQUEST['platform'], $link);
|
||||
$file = mysql_real_escape_string($_REQUEST['file'], $link);
|
||||
if (!empty($old_version)) {
|
||||
if (isset($_REQUEST['delete_old_files']) && $_REQUEST['delete_old_files'] == 'yes') {
|
||||
$result = mysql_query('SELECT `file` FROM `' . $prefix . 'update` WHERE `new_version` != \'' . $new_version . '\' AND `old_version` != \'\' AND `platform` = \'' . $platform . '\'');
|
||||
while (($row = mysql_fetch_assoc($result)) != false) {
|
||||
unlink(ParseINI::parseValue('oc_update_path', $config) . $row['file']);
|
||||
}
|
||||
}
|
||||
mysql_query('DELETE FROM `' . $prefix . 'update` WHERE `new_version` != \'' . $new_version . '\' AND `old_version` != \'\' AND `platform` = \'' . $platform . '\'');
|
||||
foreach ($old_version as $version) {
|
||||
mysql_query('INSERT INTO `' . $prefix . 'update` (`old_version`, `new_version`, `platform`, `file`) VALUES (\'' . $version . '\', \'' . $new_version . '\', \'' . $platform . '\', \'' . $file . '\')');
|
||||
}
|
||||
} else {
|
||||
if (isset($_REQUEST['delete_old_files']) && $_REQUEST['delete_old_files'] == 'yes') {
|
||||
$row = mysql_fetch_assoc(mysql_query('SELECT `file` FROM `' . $prefix . 'update` WHERE `old_version` = \'\' AND `platform` = \'' . $platform . '\''));
|
||||
unlink(ParseINI::parseValue('oc_update_path', $config) . $row['file']);
|
||||
}
|
||||
mysql_query('DELETE FROM `' . $prefix . 'update` WHERE `old_version` = \'\' AND `platform` = \'' . $platform . '\'');
|
||||
mysql_query('INSERT INTO `' . $prefix . 'update` (`old_version`, `new_version`, `platform`, `file`) VALUES (\'\', \'' . $new_version . '\', \'' . $platform . '\', \'' . $file . '\')');
|
||||
}
|
||||
} else {
|
||||
C4Network::sendAnswer(C4Network::createError('Hash incorrect.'));
|
||||
}
|
||||
} else {
|
||||
C4Network::sendAnswer(C4Network::createError('Specified file not found.'));
|
||||
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'release-file') {
|
||||
try {
|
||||
registerRelease();
|
||||
} catch(Exception $e) {
|
||||
C4Network::sendAnswer(C4Network::createError($e->getMessage()));
|
||||
}
|
||||
// prepare data for the engine
|
||||
} else if (isset($GLOBALS['HTTP_RAW_POST_DATA'])) {
|
||||
|
@ -181,4 +154,74 @@ if ($link && $db) {
|
|||
else {
|
||||
C4Network::sendAnswer(C4Network::createError('Database error.'));
|
||||
}
|
||||
|
||||
|
||||
function registerRelease()
|
||||
{
|
||||
// check request validity
|
||||
|
||||
if (ParseINI::parseValue('oc_enable_update', $config) != 1)
|
||||
throw new Exception('Update disabled on this server.');
|
||||
|
||||
// mandatory parameters
|
||||
if (!isset($_REQUEST['file']))
|
||||
throw new Exception('Missing mandatory parameter "file"');
|
||||
|
||||
if (!isset($_REQUEST['hash']))
|
||||
throw new Exception('Missing mandatory parameter "hash"');
|
||||
|
||||
if (!isset($_REQUEST['new_version']))
|
||||
throw new Exception('Missing mandatory parameter "new_version"');
|
||||
|
||||
if (!isset($_REQUEST['platform']))
|
||||
throw new Exception('Missing mandatory parameter "platform"');
|
||||
|
||||
if (!isset($_REQUEST['hash']))
|
||||
throw new Exception('Missing mandatory parameter "hash"');
|
||||
|
||||
// authorization
|
||||
$absolutefile = ParseINI::parseValue('oc_update_path', $config) . $_REQUEST['file'];
|
||||
|
||||
if (!file_exists($absolutefile))
|
||||
throw new Exception('Specified file "'.$absolutefile.'" not found.');
|
||||
|
||||
$filehash = hash_hmac_file('sha256', $absolutefile, ParseINI::parseValue('oc_update_secret', $config));
|
||||
|
||||
if ($filehash != $_REQUEST['hash'])
|
||||
throw new Exception('Authorization failure: Hash incorrect.');
|
||||
|
||||
// checks done, now update DB
|
||||
$old_version = array();
|
||||
if (isset($_REQUEST['old_version']) && !empty($_REQUEST['old_version']))
|
||||
$old_version = explode(',', mysql_real_escape_string($_REQUEST['old_version'], $link));
|
||||
|
||||
$delete_old_files = false;
|
||||
if (isset($_REQUEST['delete_old_files']) && $_REQUEST['delete_old_files'] == 'yes')
|
||||
$delete_old_files = true;
|
||||
|
||||
$new_version = mysql_real_escape_string($_REQUEST['new_version'], $link);
|
||||
$platform = mysql_real_escape_string($_REQUEST['platform'], $link);
|
||||
$file = mysql_real_escape_string($_REQUEST['file'], $link);
|
||||
|
||||
if (!empty($old_version)) {
|
||||
if ($delete_old_files) {
|
||||
$result = mysql_query('SELECT `file` FROM `' . $prefix . 'update` WHERE `new_version` != \'' . $new_version . '\' AND `old_version` != \'\' AND `platform` = \'' . $platform . '\'');
|
||||
while (($row = mysql_fetch_assoc($result)) != false) {
|
||||
unlink(ParseINI::parseValue('oc_update_path', $config) . $row['file']);
|
||||
}
|
||||
}
|
||||
mysql_query('DELETE FROM `' . $prefix . 'update` WHERE `new_version` != \'' . $new_version . '\' AND `old_version` != \'\' AND `platform` = \'' . $platform . '\'');
|
||||
foreach ($old_version as $version) {
|
||||
mysql_query('INSERT INTO `' . $prefix . 'update` (`old_version`, `new_version`, `platform`, `file`) VALUES (\'' . $version . '\', \'' . $new_version . '\', \'' . $platform . '\', \'' . $file . '\')');
|
||||
}
|
||||
} else {
|
||||
if ($delete_old_files) {
|
||||
$row = mysql_fetch_assoc(mysql_query('SELECT `file` FROM `' . $prefix . 'update` WHERE `old_version` = \'\' AND `platform` = \'' . $platform . '\''));
|
||||
unlink(ParseINI::parseValue('oc_update_path', $config) . $row['file']);
|
||||
}
|
||||
mysql_query('DELETE FROM `' . $prefix . 'update` WHERE `old_version` = \'\' AND `platform` = \'' . $platform . '\'');
|
||||
mysql_query('INSERT INTO `' . $prefix . 'update` (`old_version`, `new_version`, `platform`, `file`) VALUES (\'\', \'' . $new_version . '\', \'' . $platform . '\', \'' . $file . '\')');
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue