Skip to content

Commit

Permalink
upgrade sugar to version 6.5.20
Browse files Browse the repository at this point in the history
  • Loading branch information
@mattlorimer
mattlorimer committed Dec 24, 2014
1 parent 6bf6a62 commit 3881ed5
Show file tree
Hide file tree
Showing 30 changed files with 581 additions and 416 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Expand Up @@ -7,6 +7,7 @@ upload/*
!upload/index.html
# Ignore some files and directories from the custom directory.
custom/history/*
custom/blowfish/*
custom/modulebuilder/*
custom/working/*
custom/modules/*/Ext/
Expand Down
195 changes: 114 additions & 81 deletions ModuleInstall/ModuleScanner.php
View file
Expand Up @@ -13,24 +13,24 @@
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
* details.
*
*
* You should have received a copy of the GNU Affero General Public License along with
* this program; if not, see http://www.gnu.org/licenses or write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*
*
* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
* SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
*
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
Expand Down Expand Up @@ -211,6 +211,7 @@ class ModuleScanner{
'sugar_fopen',
'sugar_mkdir',
'sugar_file_put_contents',
'sugar_file_put_contents_atomic',
'sugar_chgrp',
'sugar_chmod',
'sugar_touch',
Expand Down Expand Up @@ -649,29 +650,66 @@ public function scanFile($file){
return $issues;
}

/**
* checks files.md5 file to see if the file is from sugar
* ONLY WORKS ON FILES
*
* @param string $path
* @return bool
*/
public function sugarFileExists($path)
{
static $md5 = array();
if (empty($md5) && file_exists('files.md5')) {
include ('files.md5');
$md5 = $md5_string;
}
if ($path[0] != '.' || $path[1] != '/') {
$path = './' . $path;
}
if (isset($md5[$path])) {
return true;
}

/*
* checks files.md5 file to see if the file is from sugar
* ONLY WORKS ON FILES
*/
public function sugarFileExists($path){
static $md5 = array();
if(empty($md5) && file_exists('files.md5'))
{
include('files.md5');
$md5 = $md5_string;
}
if(isset($md5['./' . $path]))return true;

return false;
}

}
/**
* Normalize a path to not contain dots & multiple slashes
*
* @param string $path
* @return string false
*/
public function normalizePath($path)
{
if (DIRECTORY_SEPARATOR != '/') {
// convert to / for OSes that use other separators
$path = str_replace(DIRECTORY_SEPARATOR, '/', $path);
}
$res = array();
foreach (explode("/", $path) as $component) {
if (empty($component)) {
continue;
}
if ($component == '.') {
continue;
}
if ($component == '..') {
// this is not allowed, bail
return false;
}
$res[] = $component;
}

return join("/", $res);
}

/**
*This function will scan the Manifest for disabled actions specified in $GLOBALS['sugar_config']['moduleInstaller']['disableActions']
*if $GLOBALS['sugar_config']['moduleInstaller']['disableRestrictedCopy'] is set to false or not set it will call on scanCopy to ensure that it is not overriding files
*/
public function scanManifest($manifestPath){
public function scanManifest($manifestPath)
{
$issues = array();
if(!file_exists($manifestPath)){
$this->issues['manifest'][$manifestPath] = translate('ML_NO_MANIFEST');
Expand All @@ -698,70 +736,65 @@ public function scanManifest($manifestPath){
}
}

//now lets scan for files that will override our files
if(empty($this->config['disableRestrictedCopy']) && isset($installdefs['copy'])){
foreach($installdefs['copy'] as $copy){
$from = str_replace('<basepath>', $this->pathToModule, $copy['from']);
$to = $copy['to'];
if(substr_count($from, '..')){
$this->issues['copy'][$from] = translate('ML_PATH_MAY_NOT_CONTAIN').' ".." -' . $from;
}
if(substr_count($to, '..')){
$this->issues['copy'][$to] = translate('ML_PATH_MAY_NOT_CONTAIN'). ' ".." -' . $to;
}
while(substr_count($from, '//')){
$from = str_replace('//', '/', $from);
}
while(substr_count($to, '//')){
$to = str_replace('//', '/', $to);
}
$this->scanCopy($from, $to);
}
}
if(!empty($issues)){
$this->issues['manifest'][$manifestPath] = $issues;
}



// now lets scan for files that will override our files
if (empty($this->config['disableRestrictedCopy']) && isset($installdefs['copy'])) {
foreach ($installdefs['copy'] as $copy) {
$from = $this->normalizePath($copy['from']);
if ($from === false) {
$this->issues['copy'][$copy['from']] = translate('ML_PATH_MAY_NOT_CONTAIN') .' ".." -' . $copy['from'];
continue;
}
$from = str_replace('<basepath>', $this->pathToModule, $from);
$to = $this->normalizePath($copy['to']);
if ($to === false) {
$this->issues['copy'][$copy['to']] = translate('ML_PATH_MAY_NOT_CONTAIN') . ' ".." -' . $copy['to'];
continue;
}
if ($to === '') {
$to = ".";
}
$this->scanCopy($from, $to);
}
}
if (!empty($issues)) {
$this->issues['manifest'][$manifestPath] = $issues;
}
}

/**
* Takes in where the file will is specified to be copied from and to
* and ensures that there is no official sugar file there.
* If the file exists it will check
* against the MD5 file list to see if Sugar Created the file
* @param string $from source filename
* @param string $to destination filename
*/
public function scanCopy($from, $to)
{
// if the file doesn't exist for the $to then it is not overriding anything
if (!file_exists($to)) {
return;
}
if (is_dir($from)) {
$d = dir($from);
while ($e = $d->read()) {
if ($e == '.' || $e == '..') {
continue;
}
$this->scanCopy($from . '/' . $e, $to . '/' . $e);
}
return;
}
// if $to is a dir and $from is a file then make $to a full file path as well
if (is_dir($to) && is_file($from)) {
$to = rtrim($to, '/'). '/' . basename($from);
}
// if the $to is a file and it is found in sugarFileExists then don't allow overriding it
if (is_file($to) && $this->sugarFileExists($to)) {
$this->issues['copy'][$from] = translate('ML_OVERRIDE_CORE_FILES') . '(' . $to . ')';
}


/**
* Takes in where the file will is specified to be copied from and to
* and ensures that there is no official sugar file there. If the file exists it will check
* against the MD5 file list to see if Sugar Created the file
*
*/
function scanCopy($from, $to){
//if the file doesn't exist for the $to then it is not overriding anything
if(!file_exists($to))return;
//if $to is a dir and $from is a file then make $to a full file path as well
if(is_dir($to) && is_file($from)){
if(substr($to,-1) === '/'){
$to = substr($to, 0 , strlen($to) - 1);
}
$to .= '/'. basename($from);
}
//if the $to is a file and it is found in sugarFileExists then don't allow overriding it
if(is_file($to) && $this->sugarFileExists($to)){
$this->issues['copy'][$from] = translate('ML_OVERRIDE_CORE_FILES') . '(' . $to . ')';
}

if(is_dir($from)){
$d = dir($from);
while($e = $d->read()){
if($e == '.' || $e == '..')continue;
$this->scanCopy($from .'/'. $e, $to .'/' . $e);
}
}





}
}


/**
Expand Down
4 changes: 1 addition & 3 deletions Zend/Oauth/Token.php
View file
Expand Up @@ -278,8 +278,6 @@ public function __sleep()
*/
public function __wakeup()
{
if ($this->_httpUtility === null) {
$this->_httpUtility = new Zend_Oauth_Http_Utility;
}
$this->_httpUtility = new Zend_Oauth_Http_Utility;
}
}

0 comments on commit 3881ed5

Please sign in to comment.