diff --git a/build/generate_filelist_xml.php b/build/generate_filelist_xml.php index 07e87dd86bb..01809439bf1 100755 --- a/build/generate_filelist_xml.php +++ b/build/generate_filelist_xml.php @@ -42,35 +42,55 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"); if (empty($argv[1])) { - print "Usage: ".$script_file." release=x.y.z\n"; + print "Usage: ".$script_file." release=x.y.z[-...] [includecustom=1]\n"; exit -1; } parse_str($argv[1]); +if (! empty($argv[2])) parse_str($argv[2]); -if ($release != DOL_VERSION) +if (empty($includecustom)) { - print 'Error: release is not version declared into filefunc.in.php.'."\n"; - exit -1; + $includecustom=0; + + if (DOL_VERSION != $release) + { + print 'Error: When parameter "includecustom" is not set, version declared into filefunc.in.php ('.DOL_VERSION.') must be exact same value than "release" parmater.'."\n"; + print "Usage: ".$script_file." release=x.y.z[-...] [includecustom=1]\n"; + exit -1; + } } +else +{ + if (! preg_match('/'.preg_quote(DOL_VERSION,'/').'-/',$release)) + { + print 'Error: When parameter "includecustom" is not set, version declared into ('.DOL_VERSION.') must be used with a suffix into "release" parmater (ex: '.DOL_VERSION.'-mydistrib).'."\n"; + print "Usage: ".$script_file." release=x.y.z[-...] [includecustom=1]\n"; + exit -1; + } +} + +print "Version: ".$release."\n"; +print "Include custom: ".$includecustom."\n"; //$outputfile=dirname(__FILE__).'/../htdocs/install/filelist-'.$release.'.xml'; $outputdir=dirname(__FILE__).'/../htdocs/install'; -print 'Delete current files '.$outputdir.'/filelist*.xml'."\n"; -dol_delete_file($outputdir.'/filelist*.xml',0,1,1); +print 'Delete current files '.$outputdir.'/filelist-'.$release.'.xml'."\n"; +dol_delete_file($outputdir.'/filelist-'.$release.'.xml',0,1,1); $outputfile=$outputdir.'/filelist-'.$release.'.xml'; $fp = fopen($outputfile,'w'); fputs($fp, ''."\n"); fputs($fp, ''."\n"); -fputs($fp, ''."\n"); +fputs($fp, ''."\n"); $checksumconcat=array(); +// TODO Replace RecursiveDirectoryIterator with dol_dir_list $dir_iterator1 = new RecursiveDirectoryIterator(dirname(__FILE__).'/../htdocs/'); $iterator1 = new RecursiveIteratorIterator($dir_iterator1); -// need to ignore document custom etc -$files = new RegexIterator($iterator1, '#^(?:[A-Z]:)?(?:/(?!(?:custom|documents|conf|install|nltechno))[^/]+)+/[^/]+\.(?:php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$#i'); +// Need to ignore document custom etc. Note: this also ignore natively symbolic links. +$files = new RegexIterator($iterator1, '#^(?:[A-Z]:)?(?:/(?!(?:'.($includecustom?'':'custom\/|').'documents\/|conf\/|install\/))[^/]+)+/[^/]+\.(?:php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$#i'); $dir=''; $needtoclose=0; foreach ($files as $file) { @@ -102,10 +122,11 @@ $checksumconcat=array(); fputs($fp, ''."\n"); +// TODO Replace RecursiveDirectoryIterator with dol_dir_list $dir_iterator2 = new RecursiveDirectoryIterator(dirname(__FILE__).'/../scripts/'); $iterator2 = new RecursiveIteratorIterator($dir_iterator2); -// need to ignore document custom etc -$files = new RegexIterator($iterator2, '#^(?:[A-Z]:)?(?:/(?!(?:custom|documents|conf|install|nltechno))[^/]+)+/[^/]+\.(?:php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$#i'); +// Need to ignore document custom etc. Note: this also ignore natively symbolic links. +$files = new RegexIterator($iterator2, '#^(?:[A-Z]:)?(?:/(?!(?:custom|documents|conf|install))[^/]+)+/[^/]+\.(?:php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$#i'); $dir=''; $needtoclose=0; foreach ($files as $file) { diff --git a/htdocs/admin/system/filecheck.php b/htdocs/admin/system/filecheck.php index c0ff5d75819..7536c6df793 100644 --- a/htdocs/admin/system/filecheck.php +++ b/htdocs/admin/system/filecheck.php @@ -90,19 +90,22 @@ print $langs->trans("MakeIntegrityAnalysisFrom").':
'; print ''."\n"; if (dol_is_file($xmlfile)) { - print ' '.$langs->trans("LocalSignature").' = '.$xmlshortfile.'
'; + print ' '.$langs->trans("LocalSignature").' = '; + print ''; + print '
'; } else { - print ' '.$langs->trans("LocalSignature").' = '.$xmlshortfile; - if (! GETPOST('xmlshortfile')) print ' ('.$langs->trans("AvailableOnlyOnPackagedVersions").')'; + print ' '.$langs->trans("LocalSignature").' = '; + print ''; + print ' ('.$langs->trans("AvailableOnlyOnPackagedVersions").')'; print '
'; } print ''."\n"; if ($enableremotecheck) { print ' '.$langs->trans("RemoteSignature").' = '; - print '
'; + print '
'; } else { @@ -150,21 +153,41 @@ if (GETPOST('target') == 'remote') if ($xml) { $checksumconcat = array(); - + $file_list = array(); + $out = ''; + // Scan htdocs if (is_object($xml->dolibarr_htdocs_dir[0])) { - $file_list = array(); - $ret = getFilesUpdated($file_list, $xml->dolibarr_htdocs_dir[0], '', DOL_DOCUMENT_ROOT, $checksumconcat); // Fill array $file_list - - print_fiche_titre($langs->trans("FilesMissing")); + //var_dump($xml->dolibarr_htdocs_dir[0]['includecustom']);exit; + $includecustom=(empty($xml->dolibarr_htdocs_dir[0]['includecustom'])?0:$xml->dolibarr_htdocs_dir[0]['includecustom']); + + // Defined qualified files (must be same than into generate_filelist_xml.php) + $regextoinclude='\.(php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$'; + $regextoexclude='('.($includecustom?'':'custom|').'documents|conf|install)$'; // Exclude dirs + $scanfiles = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, $regextoinclude, $regextoexclude); + + // Fill file_list with files in signature, new files, modified files + $ret = getFilesUpdated($file_list, $xml->dolibarr_htdocs_dir[0], '', DOL_DOCUMENT_ROOT, $checksumconcat, $scanfiles); // Fill array $file_list + // Complete with list of new files + foreach ($scanfiles as $keyfile => $valfile) + { + $tmprelativefilename=preg_replace('/^'.preg_quote(DOL_DOCUMENT_ROOT,'/').'/','', $valfile['fullname']); + if (! in_array($tmprelativefilename, $file_list['insignature'])) + { + $md5newfile=@md5_file($valfile['fullname']); // Can fails if we don't have permission to open/read file + $file_list['added'][]=array('filename'=>$tmprelativefilename, 'md5'=>$md5newfile); + } + } - print ''; - print ''; - print ''; - print ''; - print ''; - print ''."\n"; + $out.=load_fiche_titre($langs->trans("FilesMissing")); + + $out.='
#' . $langs->trans("Filename") . '' . $langs->trans("ExpectedChecksum") . '
'; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''."\n"; $var = true; $tmpfilelist = dol_sort_array($file_list['missing'], 'filename'); if (is_array($tmpfilelist) && count($tmpfilelist)) @@ -174,32 +197,32 @@ if ($xml) { $i++; $var = !$var; - print ''; - print '' . "\n"; - print '' . "\n"; - print '' . "\n"; - print "\n"; + $out.=''; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.="\n"; } } else { - print ''; + $out.=''; } - print '
#' . $langs->trans("Filename") . '' . $langs->trans("ExpectedChecksum") . '
'.$i.''.$file['filename'].''.$file['expectedmd5'].'
'.$i.''.$file['filename'].''.$file['expectedmd5'].'
'.$langs->trans("None").'
'.$langs->trans("None").'
'; + $out.=''; - print '
'; + $out.='
'; - print_fiche_titre($langs->trans("FilesUpdated")); + $out.=load_fiche_titre($langs->trans("FilesModified")); - print ''; - print ''; - print ''; - print ''; - print ''; - print ''; - print ''; - print ''; - print ''."\n"; + $out.='
#' . $langs->trans("Filename") . '' . $langs->trans("ExpectedChecksum") . '' . $langs->trans("CurrentChecksum") . '' . $langs->trans("Size") . '' . $langs->trans("DateModification") . '
'; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''."\n"; $var = true; $tmpfilelist2 = dol_sort_array($file_list['updated'], 'filename'); if (is_array($tmpfilelist2) && count($tmpfilelist2)) @@ -209,30 +232,70 @@ if ($xml) { $i++; $var = !$var; - print ''; - print '' . "\n"; - print '' . "\n"; - print '' . "\n"; - print '' . "\n"; - print '' . "\n"; - print '' . "\n"; - print "\n"; + $out.=''; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.="\n"; } } else { - print ''; + $out.=''; } - print '
#' . $langs->trans("Filename") . '' . $langs->trans("ExpectedChecksum") . '' . $langs->trans("CurrentChecksum") . '' . $langs->trans("Size") . '' . $langs->trans("DateModification") . '
'.$i.''.$file['filename'].''.$file['expectedmd5'].''.$file['md5'].''.dol_print_size(dol_filesize(DOL_DOCUMENT_ROOT.'/'.$file['filename'])).''.dol_print_date(dol_filemtime(DOL_DOCUMENT_ROOT.'/'.$file['filename']),'dayhour').'
'.$i.''.$file['filename'].''.$file['expectedmd5'].''.$file['md5'].''.dol_print_size(dol_filesize(DOL_DOCUMENT_ROOT.'/'.$file['filename'])).''.dol_print_date(dol_filemtime(DOL_DOCUMENT_ROOT.'/'.$file['filename']),'dayhour').'
'.$langs->trans("None").'
'.$langs->trans("None").'
'; + $out.=''; - if (empty($tmpfilelist) && empty($tmpfilelist2)) + $out.='
'; + + $out.=load_fiche_titre($langs->trans("FilesAdded")); + + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''; + $out.=''."\n"; + $var = true; + $tmpfilelist3 = dol_sort_array($file_list['added'], 'filename'); + if (is_array($tmpfilelist3) && count($tmpfilelist3)) + { + $i = 0; + foreach ($tmpfilelist3 as $file) + { + $i++; + $var = !$var; + $out.=''; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.='' . "\n"; + $out.="\n"; + } + } + else + { + $out.=''; + } + $out.='
#' . $langs->trans("Filename") . '' . $langs->trans("ExpectedChecksum") . '' . $langs->trans("CurrentChecksum") . '' . $langs->trans("Size") . '' . $langs->trans("DateModification") . '
'.$i.''.$file['filename'].''.$file['expectedmd5'].''.$file['md5'].''.dol_print_size(dol_filesize(DOL_DOCUMENT_ROOT.'/'.$file['filename'])).''.dol_print_date(dol_filemtime(DOL_DOCUMENT_ROOT.'/'.$file['filename']),'dayhour').'
'.$langs->trans("None").'
'; + + + // Show warning + if (empty($tmpfilelist) && empty($tmpfilelist2) && empty($tmpfilelist3)) { setEventMessage($langs->trans("FileIntegrityIsStrictlyConformedWithReference")); } else { setEventMessage($langs->trans("FileIntegritySomeFilesWereRemovedOrModified"), 'warnings'); - } + } } else { @@ -253,13 +316,30 @@ if ($xml) asort($checksumconcat); // Sort list of checksum //var_dump($checksumconcat); $checksumget = md5(join(',',$checksumconcat)); - $checksumtoget = $xml->dolibarr_htdocs_dir_checksum; - - print '
'; + $checksumtoget = trim((string) $xml->dolibarr_htdocs_dir_checksum); + /*var_dump(count($file_list['added'])); + var_dump($checksumget); + var_dump($checksumtoget); + var_dump($checksumget == $checksumtoget);*/ print_fiche_titre($langs->trans("GlobalChecksum")).'
'; print $langs->trans("ExpectedChecksum").' = '. ($checksumtoget ? $checksumtoget : $langs->trans("Unknown")) .'
'; - print $langs->trans("CurrentChecksum").' = '.$checksumget; + print $langs->trans("CurrentChecksum").' = '; + if ($checksumget == $checksumtoget) + { + if (count($file_list['added'])) print $checksumget.' - '.$langs->trans("FileIntegrityIsOkButFilesWereAdded").''; + else print ''.$checksumget.''; + } + else + { + print ''.$checksumget.''; + } + + print '
'; + print '
'; + + // Output detail + print $out; } @@ -287,10 +367,11 @@ function getFilesUpdated(&$file_list, SimpleXMLElement $dir, $path = '', $pathre { $exclude = 'install'; - foreach ($dir->md5file as $file) + foreach ($dir->md5file as $file) // $file is a simpleXMLElement { $filename = $path.$file['name']; - + $file_list['insignature'][] = $filename; + //if (preg_match('#'.$exclude.'#', $filename)) continue; if (!file_exists($pathref.'/'.$filename)) @@ -309,3 +390,4 @@ function getFilesUpdated(&$file_list, SimpleXMLElement $dir, $path = '', $pathre return $file_list; } + diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index c1aadd3df6d..1f7974775b5 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -44,8 +44,8 @@ function dol_basename($pathfile) * @param string $path Starting path from which to search. This is a full path. * @param string $types Can be "directories", "files", or "all" * @param int $recursive Determines whether subdirectories are searched - * @param string $filter Regex filter to restrict list. This regex value must be escaped for '/', since this char is used for preg_match function - * @param array $excludefilter Array of Regex for exclude filter (example: array('(\.meta|_preview\.png)$','^\.')) + * @param string $filter Regex filter to restrict list. This regex value must be escaped for '/', since this char is used for preg_match function. Filter is checked into basename only. + * @param array $excludefilter Array of Regex for exclude filter (example: array('(\.meta|_preview\.png)$','^\.')). Exclude is checked into fullpath. * @param string $sortcriteria Sort criteria ("","fullname","name","date","size") * @param string $sortorder Sort order (SORT_ASC, SORT_DESC) * @param int $mode 0=Return array minimum keys loaded (faster), 1=Force all keys like date and size to be loaded (slower), 2=Force load of date only, 3=Force load of size only @@ -104,7 +104,7 @@ function dol_dir_list($path, $types="all", $recursive=0, $filter="", $excludefil $filesize=''; $file_list = array(); - while (false !== ($file = readdir($dir))) + while (false !== ($file = readdir($dir))) // $file is always a basename (into directory $newpath) { if (! utf8_check($file)) $file=utf8_encode($file); // To be sure data is stored in utf8 in memory @@ -137,7 +137,7 @@ function dol_dir_list($path, $types="all", $recursive=0, $filter="", $excludefil if ($loaddate || $sortcriteria == 'date') $filedate=dol_filemtime($path."/".$file); if ($loadsize || $sortcriteria == 'size') $filesize=dol_filesize($path."/".$file); - if (! $filter || preg_match('/'.$filter.'/i',$file)) // We do not search key $filter into $path, only into $file + if (! $filter || preg_match('/'.$filter.'/i',$file)) // We do not search key $filter into all $path, only into $file part { preg_match('/([^\/]+)\/[^\/]+$/',$path.'/'.$file,$reg); $level1name=(isset($reg[1])?$reg[1]:''); diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 202618b7b43..defcafa7b65 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -11,13 +11,16 @@ VersionRecommanded=Recommended FileCheck=Files integrity checker FileCheckDesc=This tool allows you to check the integrity of files of your application, comparing each files with the official ones. You can use this tool to detect if some files were modified by a hacker for example. FileIntegrityIsStrictlyConformedWithReference=Files integrity is strictly conformed with the reference. -FileIntegritySomeFilesWereRemovedOrModified=Files integrity check has failed. Some files were modified of removed. +FileIntegrityIsOkButFilesWereAdded=Files integrity check has passed, however some new files were added. +FileIntegritySomeFilesWereRemovedOrModified=Files integrity check has failed. Some files were modified, removed or added. GlobalChecksum=Global checksum MakeIntegrityAnalysisFrom=Make integrity analysis of application files from LocalSignature=Embedded local signature (less reliable) RemoteSignature=Remote distant signature (more reliable) FilesMissing=Missing Files FilesUpdated=Updated Files +FilesModified=Modified Files +FilesAdded=Added Files FileCheckDolibarr=Check integrity of application files AvailableOnlyOnPackagedVersions=The local file for integrity checking is only available when application is installed from a certified package XmlNotFound=Xml Integrity File of application not found