Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 465 lines (403 sloc) 18.039 kb
867414f @kasperg Initial commit: Drupal 7 core
authored
1 <?php
2
3 /**
4 * Root directory of Drupal installation.
5 */
6 define('DRUPAL_ROOT', getcwd());
7
8 /**
9 * @file
10 * Administrative page for handling updates from one Drupal version to another.
11 *
12 * Point your browser to "http://www.example.com/update.php" and follow the
13 * instructions.
14 *
15 * If you are not logged in using either the site maintenance account or an
16 * account with the "Administer software updates" permission, you will need to
17 * modify the access check statement inside your settings.php file. After
18 * finishing the upgrade, be sure to open settings.php again, and change it
19 * back to its original state!
20 */
21
22 /**
23 * Global flag indicating that update.php is being run.
24 *
25 * When this flag is set, various operations do not take place, such as invoking
26 * hook_init() and hook_exit(), css/js preprocessing, and translation.
27 */
28 define('MAINTENANCE_MODE', 'update');
29
30 function update_selection_page() {
31 drupal_set_title('Drupal database update');
32 $elements = drupal_get_form('update_script_selection_form');
33 $output = drupal_render($elements);
34
35 update_task_list('select');
36
37 return $output;
38 }
39
40 function update_script_selection_form($form, &$form_state) {
41 $count = 0;
42 $incompatible_count = 0;
43 $form['start'] = array(
44 '#tree' => TRUE,
45 '#type' => 'fieldset',
46 '#collapsed' => TRUE,
47 '#collapsible' => TRUE,
48 );
49
50 // Ensure system.module's updates appear first.
51 $form['start']['system'] = array();
52
53 $updates = update_get_update_list();
54 $starting_updates = array();
55 $incompatible_updates_exist = FALSE;
56 foreach ($updates as $module => $update) {
57 if (!isset($update['start'])) {
58 $form['start'][$module] = array(
59 '#type' => 'item',
60 '#title' => $module . ' module',
61 '#markup' => $update['warning'],
62 '#prefix' => '<div class="messages warning">',
63 '#suffix' => '</div>',
64 );
65 $incompatible_updates_exist = TRUE;
66 continue;
67 }
68 if (!empty($update['pending'])) {
69 $starting_updates[$module] = $update['start'];
70 $form['start'][$module] = array(
71 '#type' => 'hidden',
72 '#value' => $update['start'],
73 );
74 $form['start'][$module . '_updates'] = array(
75 '#theme' => 'item_list',
76 '#items' => $update['pending'],
77 '#title' => $module . ' module',
78 );
79 }
80 if (isset($update['pending'])) {
81 $count = $count + count($update['pending']);
82 }
83 }
84
85 // Find and label any incompatible updates.
86 foreach (update_resolve_dependencies($starting_updates) as $function => $data) {
87 if (!$data['allowed']) {
88 $incompatible_updates_exist = TRUE;
89 $incompatible_count++;
90 $module_update_key = $data['module'] . '_updates';
91 if (isset($form['start'][$module_update_key]['#items'][$data['number']])) {
92 $text = $data['missing_dependencies'] ? 'This update will been skipped due to the following missing dependencies: <em>' . implode(', ', $data['missing_dependencies']) . '</em>' : "This update will be skipped due to an error in the module's code.";
93 $form['start'][$module_update_key]['#items'][$data['number']] .= '<div class="warning">' . $text . '</div>';
94 }
95 // Move the module containing this update to the top of the list.
96 $form['start'] = array($module_update_key => $form['start'][$module_update_key]) + $form['start'];
97 }
98 }
99
100 // Warn the user if any updates were incompatible.
101 if ($incompatible_updates_exist) {
102 drupal_set_message('Some of the pending updates cannot be applied because their dependencies were not met.', 'warning');
103 }
104
105 if (empty($count)) {
106 drupal_set_message(t('No pending updates.'));
107 unset($form);
108 $form['links'] = array(
109 '#markup' => theme('item_list', array('items' => update_helpful_links())),
110 );
111 }
112 else {
113 $form['help'] = array(
114 '#markup' => '<p>The version of Drupal you are updating from has been automatically detected.</p>',
115 '#weight' => -5,
116 );
117 if ($incompatible_count) {
118 $form['start']['#title'] = format_plural(
119 $count,
120 '1 pending update (@number_applied to be applied, @number_incompatible skipped)',
121 '@count pending updates (@number_applied to be applied, @number_incompatible skipped)',
122 array('@number_applied' => $count - $incompatible_count, '@number_incompatible' => $incompatible_count)
123 );
124 }
125 else {
126 $form['start']['#title'] = format_plural($count, '1 pending update', '@count pending updates');
127 }
128 $form['has_js'] = array(
129 '#type' => 'hidden',
130 '#default_value' => FALSE,
131 );
132 $form['actions'] = array('#type' => 'actions');
133 $form['actions']['submit'] = array(
134 '#type' => 'submit',
135 '#value' => 'Apply pending updates',
136 );
137 }
138 return $form;
139 }
140
141 function update_helpful_links() {
142 // NOTE: we can't use l() here because the URL would point to
143 // 'update.php?q=admin'.
144 $links[] = '<a href="' . base_path() . '">Front page</a>';
145 $links[] = '<a href="' . base_path() . '?q=admin">Administration pages</a>';
146 return $links;
147 }
148
149 function update_results_page() {
150 drupal_set_title('Drupal database update');
151 $links = update_helpful_links();
152
153 update_task_list();
154 // Report end result.
155 if (module_exists('dblog')) {
156 $log_message = ' All errors have been <a href="' . base_path() . '?q=admin/reports/dblog">logged</a>.';
157 }
158 else {
159 $log_message = ' All errors have been logged.';
160 }
161
162 if ($_SESSION['update_success']) {
163 $output = '<p>Updates were attempted. If you see no failures below, you may proceed happily to the <a href="' . base_path() . '?q=admin">administration pages</a>. Otherwise, you may need to update your database manually.' . $log_message . '</p>';
164 }
165 else {
166 list($module, $version) = array_pop(reset($_SESSION['updates_remaining']));
167 $output = '<p class="error">The update process was aborted prematurely while running <strong>update #' . $version . ' in ' . $module . '.module</strong>.' . $log_message;
168 if (module_exists('dblog')) {
169 $output .= ' You may need to check the <code>watchdog</code> database table manually.';
170 }
171 $output .= '</p>';
172 }
173
174 if (!empty($GLOBALS['update_free_access'])) {
175 $output .= "<p><strong>Reminder: don't forget to set the <code>\$update_free_access</code> value in your <code>settings.php</code> file back to <code>FALSE</code>.</strong></p>";
176 }
177
178 $output .= theme('item_list', array('items' => $links));
179
180 // Output a list of queries executed.
181 if (!empty($_SESSION['update_results'])) {
182 $all_messages = '';
183 foreach ($_SESSION['update_results'] as $module => $updates) {
184 if ($module != '#abort') {
185 $module_has_message = FALSE;
186 $query_messages = '';
187 foreach ($updates as $number => $queries) {
188 $messages = array();
189 foreach ($queries as $query) {
190 // If there is no message for this update, don't show anything.
191 if (empty($query['query'])) {
192 continue;
193 }
194
195 if ($query['success']) {
196 $messages[] = '<li class="success">' . $query['query'] . '</li>';
197 }
198 else {
199 $messages[] = '<li class="failure"><strong>Failed:</strong> ' . $query['query'] . '</li>';
200 }
201 }
202
203 if ($messages) {
204 $module_has_message = TRUE;
205 $query_messages .= '<h4>Update #' . $number . "</h4>\n";
206 $query_messages .= '<ul>' . implode("\n", $messages) . "</ul>\n";
207 }
208 }
209
210 // If there were any messages in the queries then prefix them with the
211 // module name and add it to the global message list.
212 if ($module_has_message) {
213 $all_messages .= '<h3>' . $module . " module</h3>\n" . $query_messages;
214 }
215 }
216 }
217 if ($all_messages) {
218 $output .= '<div id="update-results"><h2>The following updates returned messages</h2>';
219 $output .= $all_messages;
220 $output .= '</div>';
221 }
222 }
223 unset($_SESSION['update_results']);
224 unset($_SESSION['update_success']);
225
226 return $output;
227 }
228
229 function update_info_page() {
230 // Change query-strings on css/js files to enforce reload for all users.
231 _drupal_flush_css_js();
232 // Flush the cache of all data for the update status module.
233 if (db_table_exists('cache_update')) {
234 cache_clear_all('*', 'cache_update', TRUE);
235 }
236
237 update_task_list('info');
238 drupal_set_title('Drupal database update');
239 $token = drupal_get_token('update');
240 $output = '<p>Use this utility to update your database whenever a new release of Drupal or a module is installed.</p><p>For more detailed information, see the <a href="http://drupal.org/upgrade">upgrading handbook</a>. If you are unsure what these terms mean you should probably contact your hosting provider.</p>';
241 $output .= "<ol>\n";
242 $output .= "<li><strong>Back up your database</strong>. This process will change your database values and in case of emergency you may need to revert to a backup.</li>\n";
243 $output .= "<li><strong>Back up your code</strong>. Hint: when backing up module code, do not leave that backup in the 'modules' or 'sites/*/modules' directories as this may confuse Drupal's auto-discovery mechanism.</li>\n";
244 $output .= '<li>Put your site into <a href="' . base_path() . '?q=admin/config/development/maintenance">maintenance mode</a>.</li>' . "\n";
245 $output .= "<li>Install your new files in the appropriate location, as described in the handbook.</li>\n";
246 $output .= "</ol>\n";
247 $output .= "<p>When you have performed the steps above, you may proceed.</p>\n";
248 $output .= '<form method="post" action="update.php?op=selection&amp;token=' . $token . '"><p><input type="submit" value="Continue" class="form-submit" /></p></form>';
249 $output .= "\n";
250 return $output;
251 }
252
253 function update_access_denied_page() {
254 drupal_add_http_header('Status', '403 Forbidden');
255 watchdog('access denied', 'update.php', NULL, WATCHDOG_WARNING);
256 drupal_set_title('Access denied');
257 return '<p>Access denied. You are not authorized to access this page. Log in using either an account with the <em>administer software updates</em> permission or the site maintenance account (the account you created during installation). If you cannot log in, you will have to edit <code>settings.php</code> to bypass this access check. To do this:</p>
258 <ol>
259 <li>With a text editor find the settings.php file on your system. From the main Drupal directory that you installed all the files into, go to <code>sites/your_site_name</code> if such directory exists, or else to <code>sites/default</code> which applies otherwise.</li>
260 <li>There is a line inside your settings.php file that says <code>$update_free_access = FALSE;</code>. Change it to <code>$update_free_access = TRUE;</code>.</li>
261 <li>As soon as the update.php script is done, you must change the settings.php file back to its original form with <code>$update_free_access = FALSE;</code>.</li>
262 <li>To avoid having this problem in the future, remember to log in to your website using either an account with the <em>administer software updates</em> permission or the site maintenance account (the account you created during installation) before you backup your database at the beginning of the update process.</li>
263 </ol>';
264 }
265
266 /**
267 * Determines if the current user is allowed to run update.php.
268 *
269 * @return
270 * TRUE if the current user should be granted access, or FALSE otherwise.
271 */
272 function update_access_allowed() {
273 global $update_free_access, $user;
274
275 // Allow the global variable in settings.php to override the access check.
276 if (!empty($update_free_access)) {
277 return TRUE;
278 }
279 // Calls to user_access() might fail during the Drupal 6 to 7 update process,
280 // so we fall back on requiring that the user be logged in as user #1.
281 try {
282 require_once DRUPAL_ROOT . '/' . drupal_get_path('module', 'user') . '/user.module';
283 return user_access('administer software updates');
284 }
285 catch (Exception $e) {
286 return ($user->uid == 1);
287 }
288 }
289
290 /**
291 * Add the update task list to the current page.
292 */
293 function update_task_list($active = NULL) {
294 // Default list of tasks.
295 $tasks = array(
296 'requirements' => 'Verify requirements',
297 'info' => 'Overview',
298 'select' => 'Review updates',
299 'run' => 'Run updates',
300 'finished' => 'Review log',
301 );
302
303 drupal_add_region_content('sidebar_first', theme('task_list', array('items' => $tasks, 'active' => $active)));
304 }
305
306 /**
307 * Returns (and optionally stores) extra requirements that only apply during
308 * particular parts of the update.php process.
309 */
310 function update_extra_requirements($requirements = NULL) {
311 static $extra_requirements = array();
312 if (isset($requirements)) {
313 $extra_requirements += $requirements;
314 }
315 return $extra_requirements;
316 }
317
318 /**
319 * Check update requirements and report any errors.
320 */
321 function update_check_requirements() {
322 // Check requirements of all loaded modules.
323 $requirements = module_invoke_all('requirements', 'update');
324 $requirements += update_extra_requirements();
325 $severity = drupal_requirements_severity($requirements);
326
327 // If there are issues, report them.
328 if ($severity == REQUIREMENT_ERROR) {
329 update_task_list('requirements');
330 drupal_set_title('Requirements problem');
331 $status_report = theme('status_report', array('requirements' => $requirements));
332 $status_report .= 'Check the error messages and <a href="' . check_url(request_uri()) . '">try again</a>.';
333 print theme('update_page', array('content' => $status_report));
334 exit();
335 }
336 }
337
338 // Some unavoidable errors happen because the database is not yet up-to-date.
339 // Our custom error handler is not yet installed, so we just suppress them.
340 ini_set('display_errors', FALSE);
341
342 // We prepare a minimal bootstrap for the update requirements check to avoid
343 // reaching the PHP memory limit.
344 require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
345 require_once DRUPAL_ROOT . '/includes/update.inc';
346 require_once DRUPAL_ROOT . '/includes/common.inc';
347 require_once DRUPAL_ROOT . '/includes/file.inc';
348 require_once DRUPAL_ROOT . '/includes/entity.inc';
349 require_once DRUPAL_ROOT . '/includes/unicode.inc';
350 update_prepare_d7_bootstrap();
351
352 // Temporarily disable configurable timezones so the upgrade process uses the
353 // site-wide timezone. This prevents a PHP notice during session initlization
354 // and before offsets have been converted in user_update_7002().
355 $configurable_timezones = variable_get('configurable_timezones', 1);
356 $conf['configurable_timezones'] = 0;
357
358 // Determine if the current user has access to run update.php.
359 drupal_bootstrap(DRUPAL_BOOTSTRAP_SESSION);
360
361 // Reset configurable timezones.
362 $conf['configurable_timezones'] = $configurable_timezones;
363
364 // Only allow the requirements check to proceed if the current user has access
365 // to run updates (since it may expose sensitive information about the site's
366 // configuration).
367 $op = isset($_REQUEST['op']) ? $_REQUEST['op'] : '';
368 if (empty($op) && update_access_allowed()) {
369 require_once DRUPAL_ROOT . '/includes/install.inc';
370 require_once DRUPAL_ROOT . '/modules/system/system.install';
371
372 // Load module basics.
373 include_once DRUPAL_ROOT . '/includes/module.inc';
374 $module_list['system']['filename'] = 'modules/system/system.module';
375 module_list(TRUE, FALSE, FALSE, $module_list);
376 drupal_load('module', 'system');
377
378 // Reset the module_implements() cache so that any new hook implementations
379 // in updated code are picked up.
380 module_implements('', FALSE, TRUE);
381
382 // Set up $language, since the installer components require it.
383 drupal_language_initialize();
384
385 // Set up theme system for the maintenance page.
386 drupal_maintenance_theme();
387
388 // Check the update requirements for Drupal.
389 update_check_requirements();
390
391 // Redirect to the update information page if all requirements were met.
392 install_goto('update.php?op=info');
393 }
394
395 // update_fix_d7_requirements() needs to run before bootstrapping beyond path.
396 // So bootstrap to DRUPAL_BOOTSTRAP_LANGUAGE then include unicode.inc.
397
398 drupal_bootstrap(DRUPAL_BOOTSTRAP_LANGUAGE);
399 include_once DRUPAL_ROOT . '/includes/unicode.inc';
400
401 update_fix_d7_requirements();
402
403 // Now proceed with a full bootstrap.
404
405 drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
406 drupal_maintenance_theme();
407
408 // Turn error reporting back on. From now on, only fatal errors (which are
409 // not passed through the error handler) will cause a message to be printed.
410 ini_set('display_errors', TRUE);
411
412 // Only proceed with updates if the user is allowed to run them.
413 if (update_access_allowed()) {
414
415 include_once DRUPAL_ROOT . '/includes/install.inc';
416 include_once DRUPAL_ROOT . '/includes/batch.inc';
417 drupal_load_updates();
418
419 update_fix_compatibility();
420
421 // Check the update requirements for all modules.
422 update_check_requirements();
423
424 $op = isset($_REQUEST['op']) ? $_REQUEST['op'] : '';
425 switch ($op) {
426 // update.php ops.
427
428 case 'selection':
429 if (isset($_GET['token']) && $_GET['token'] == drupal_get_token('update')) {
430 $output = update_selection_page();
431 break;
432 }
433
434 case 'Apply pending updates':
435 if (isset($_GET['token']) && $_GET['token'] == drupal_get_token('update')) {
436 update_batch($_POST['start'], $base_url . '/update.php?op=results', $base_url . '/update.php');
437 break;
438 }
439
440 case 'info':
441 $output = update_info_page();
442 break;
443
444 case 'results':
445 $output = update_results_page();
446 break;
447
448 // Regular batch ops : defer to batch processing API.
449 default:
450 update_task_list('run');
451 $output = _batch_page();
452 break;
453 }
454 }
455 else {
456 $output = update_access_denied_page();
457 }
458 if (isset($output) && $output) {
459 // Explictly start a session so that the update.php token will be accepted.
460 drupal_session_start();
461 // We defer the display of messages until all updates are done.
462 $progress_page = ($batch = batch_get()) && isset($batch['running']);
463 print theme('update_page', array('content' => $output, 'show_messages' => !$progress_page));
464 }
Something went wrong with that request. Please try again.