Fixed #9712: Applications should be able to check for latest updates …

…against Mantis.

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@5697 f5dc347c-c33d-0410-90a0-b07cc1902cb9

admin/schema.php

@@ -411,3 +411,5 @@
 
 $upgrade[] = Array( 'AddColumnSQL', Array( db_get_table( 'mantis_custom_field_table' ), "
   filter_by 		L 		NOTNULL DEFAULT \" '1' \"" ) );
+$upgrade[] = Array( 'AddColumnSQL', Array( db_get_table( 'mantis_project_version_table' ), "
+    upgrade_tag        C(128)       NOTNULL DEFAULT '' " ) );

check_version.php

@@ -0,0 +1,121 @@
+<?php
+# Mantis - a php based bugtracking system
+
+# Mantis is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# Mantis is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Mantis.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * @package MantisBT
+ * @version $Id$
+ * @copyright Copyright (C) 2000 - 2008  Mantis Team   - mantisbt-dev@lists.sourceforge.net
+ * @link http://www.mantisbt.org
+ */
+
+require_once( 'core.php' );
+
+$t_core_path = config_get( 'core_path' );
+
+require_once( $t_core_path . 'version_api.php' );
+
+$f_protocol_version = gpc_get_int( 'protocol_version', -1 );
+$f_project_id = gpc_get_int( 'project_id', -1 );
+$f_version = gpc_get_string( 'version', '' );
+
+# Make sure that IE can download the attachments under https.
+header( 'Pragma: public' );
+header( 'Content-Type: text/plain' );
+
+# Protocol Version 1
+#
+# <operation result>
+# <multi line parameters>
+#
+# operation result: up_to_date | update_available | access_denied | failure
+#
+# up_to_date has no parameters
+#
+# update_available Parameters:
+# latest version
+# changelog link
+# version description
+#
+# Access Denied has no parameters.  Issue for case where access is denied or project/version doesn't exist.
+#
+# Failure:
+# error message (e.g. database failure, in maintenance, etc)
+
+$t_latest_supported_protocol = 1;
+$t_access_denied_string = VERSION_CHECK_ACCESS_DENIED . "\n";
+$t_failure_string = VERSION_CHECK_FAILURE . "\n";
+
+# Make sure protocol version is specified.
+if ( $f_protocol_version == -1 ) {
+	echo $t_failure_string, "protocol version not specified.\n";
+	die;
+}
+
+# Make sure request version is supported.
+if ( $f_protocol_version < 1 || $f_protocol_version > $t_latest_supported_protocol ) {
+	echo $t_failure_string, "protocol version '" . $f_protocol_version . "' not supported.\n";
+	die;
+}
+
+# Make sure project id is specified.
+if ( $f_project_id == -1 ) {
+	echo $t_failure_string, "project id not specified.\n";
+	die;
+}
+
+# Make sure version name is specified.
+if ( $f_version == '' ) {
+	echo $t_failure_string, "version name not specified.\n";
+	die;
+}
+
+# Retrieve configuration
+$t_public_projects = config_get( 'check_version_for_public_projects_enabled' );
+$t_private_projects = config_get( 'check_version_for_public_projects_enabled' );
+
+# if the feature is disabled for all kinds of projects, then return access denied response.
+if ( !$t_public_projects && !$t_private_projects ) {
+	echo $t_access_denied_string;
+	die;
+}
+
+# if only public projects available, make sure the request is not referring to a public project.
+if ( !$t_private_projects ) {
+	$t_view_state = project_get_field( $f_project_id, 'view_state');
+	if ( $t_view_state != VS_PUBLIC ) {
+		echo $t_access_denied_string;
+		die;
+	}
+}
+
+$t_client_version_id = version_get_id( $f_version, $f_project_id );
+if ( $t_client_version_id === false ) {
+	echo $t_failure_string, "version not found.\n";
+	die;
+}
+
+$t_version = version_get_latest_by_upgrade_tag( $t_client_version_id );
+
+if ( $t_version->id == $t_client_version_id ) {
+	echo VERSION_CHECK_UP_TO_DATE . "\n";
+	die;
+}
+
+echo VERSION_CHECK_UPDATE_AVAILABLE . "\n";
+echo $t_version->version, "\n";
+$t_path = config_get( 'path' );
+echo $t_path . "changelog_page.php?version=", $t_version->id, "\n";
+echo $t_version->description, "\n";

config_defaults_inc.php

@@ -2038,3 +2038,21 @@
 	# threshold to see due date
 	$g_due_date_view_threshold = NOBODY;
 
+	#############################
+	# Checking for Updates
+	#############################
+
+	# Ability for applications to anonymously check for updates available for public projects.
+	# This feature exposes the availability of released version names, project ids, and the
+	# version descriptions.  This feature works independent of anonymous access.
+	$g_check_version_for_public_projects_enabled = OFF;
+
+	# Ability for clients to anonymously check for updates available for private projects.
+	# This feature exposes the availability of released version names, project ids, and the
+	# version descriptions.  This feature works independent of anonymous access.
+	$g_check_version_for_private_projects_enabled = OFF;
+
+	# Enable Mantis checking for updates for its own code base.
+	# This is shown for administrators on the Manage Overview Page.
+	# @@@ Apache seems to crash if remote URL is not found.
+	$g_check_version_for_mantis_enabled = OFF;

core/check_version_api.php

@@ -0,0 +1,127 @@
+<?php
+# Mantis - a php based bugtracking system
+
+# Mantis is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# Mantis is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Mantis.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * @package MantisBT
+ * @version $Id$
+ * @copyright Copyright (C) 2000 - 2008  Mantis Team   - mantisbt-dev@lists.sourceforge.net
+ * @link http://www.mantisbt.org
+ */
+
+/**
+ * A class that includes the response information of a version update check.
+ */
+class VersionUpdateInfo
+{
+	var $result = '';
+	var $name = '';
+	var $changelog_url = '';
+	var $description = '';
+}
+
+/**
+ * Retrieve contents from remotely stored file
+ */
+function get_remote_file( $host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 10 ) {
+	if ( $fsock = @fsockopen( $host, $port, $errno, $errstr, $timeout ) ) {
+		@fputs( $fsock, "GET $directory/$filename HTTP/1.1\r\n" );
+		@fputs( $fsock, "HOST: $host\r\n" );
+		@fputs( $fsock, "Connection: close\r\n\r\n" );
+
+		$file_info = '';
+		$get_info = false;
+
+		while ( !@feof( $fsock ) ) {
+			if ( $get_info ) {
+				$file_info .= @fread( $fsock, 1024 );
+			} else {
+				$line = @fgets( $fsock, 1024 );
+				if ( $line == "\r\n" ) {
+					$get_info = true;
+				} else if ( stripos( $line, '404 not found') !== false ) {
+					$errstr = '404';
+					return false;
+				}
+			}
+		}
+
+		@fclose($fsock);
+	} else {
+		if ( $errstr ) {
+			return false;
+		}
+
+		$errstr = 'fsock open disabled.';
+		return false;
+	}
+
+	return $file_info;
+}
+
+/**
+ * Connects to Mantis Bug Tracker to retrieve the latest release that is considered an update to the current release.
+ */
+function version_check() {
+	$t_errstr = '';
+	$t_errno = 0;
+	$t_version_update = new VersionUpdateInfo();
+
+	$t_context = stream_context_create(array(
+	    'http' => array(
+	        'timeout' => 1
+	        )
+	    )
+	); 
+
+	#$t_result = @file_get_contents( 'http://127.0.0.1/mantisbt/check_version.php?protocol_version=1&project_id=1&version=1.0.0' );
+	$t_result = @file_get_contents( 'http://www.mantisbt.org/bugs/check_version.php?protocol_version=1&project_id=1&version=1.0.0', 0, $t_context );
+	#$t_result = get_remote_file( '127.0.0.1', '/mantisbt', 'check_version.php?protocol_version=1&project_id=1&version=1.0.0', $t_errstr, $t_errno );
+	#$t_result = get_remote_file( 'mantisbt.org', '/bugs', 'check_version.php?protocol_version=1&project_id=1&version=' . urlencode( MANTIS_VERSION ), $t_errstr, $t_errno, 80, 1 );
+
+	# If unable to read the file, then try another attempt with the sub-domain format.
+	if ( $t_result === false || is_blank( $t_result ) || $t_errno != 0 ) {
+		$t_version_update->result = 'failure';
+		$t_version_update->description = $t_errno . ': ' . $t_errstr;
+		return $t_version_update;
+	}
+
+	$t_lines = explode( "\n", $t_result, 4 );
+
+	switch ( $t_lines[0] ) {
+		case VERSION_CHECK_UP_TO_DATE:
+			$t_version_update->result = $t_lines[0];
+			break;
+		case VERSION_CHECK_UPDATE_AVAILABLE:
+			$t_version_update->result = $t_lines[0];
+			$t_version_update->name = $t_lines[1];
+			$t_version_update->changelog_url = $t_lines[2];
+			$t_version_update->description = $t_lines[3];
+			break;
+		case VERSION_CHECK_ACCESS_DENIED:
+			$t_version_update->result = $t_lines[0];
+			break;
+		case VERSION_CHECK_FAILURE:
+		default:
+			$t_version_update->result = VERSION_CHECK_FAILURE;
+			if ( isset( $t_lines[1] ) ) {
+				$t_version_update->description = $t_lines[1];
+			}
+			break;
+	}
+
+	return $t_version_update;
+}
+?>

core/constant_inc.php

@@ -465,3 +465,9 @@
 # Timeline types
 define( 'TIMELINE_TARGETTED', 1 );
 define( 'TIMELINE_FIXED', 2 );
+
+# Version Check Result Strings
+define( 'VERSION_CHECK_UP_TO_DATE', 'up_to_date' );
+define( 'VERSION_CHECK_UPDATE_AVAILABLE', 'update_available' );
+define( 'VERSION_CHECK_ACCESS_DENIED', 'access_denied' );
+define( 'VERSION_CHECK_FAILURE', 'failure' );