moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-07 01:46:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-51261 admin: Support upgrade key requirement on the site upgrade

Browse source 
The upgrade key can be defined in the main config.php as
$CFG->upgradekey.  If it is defined there, then its value must be
provided every time the site is being upgraded, regardless the
administrator is logged in or not.
This commit is contained in:
David Mudrák 2015-09-10 00:39:43 +02:00
parent a277654f7f
commit 98b32c9e7e
5 changed files with 101 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

35
admin/index.php
View file

@ -54,6 +54,16 @@ if (!function_exists('json_encode') || !function_exists('json_decode')) {
define('NO_OUTPUT_BUFFERING', true);
if (isset($_POST['upgradekey'])) {
// Before you start reporting issues about the collision attacks against
// SHA-1, you should understand that we are not actually attempting to do
// any cryptography here. This is hashed purely so that the key is not
// that apparent in the address bar itself. Anyone who catches the HTTP
// traffic can immediately use it as a valid admin key.
header('Location: index.php?cache=0&upgradekeyhash='.sha1($_POST['upgradekey']));
die();
}
if ((isset($_GET['cache']) and $_GET['cache'] === '0')
or (isset($_POST['cache']) and $_POST['cache'] === '0')
or (!isset($_POST['cache']) and !isset($_GET['cache']) and empty($_GET['sesskey']) and empty($_POST['sesskey']))) {
@ -95,10 +105,14 @@ $showallplugins = optional_param('showallplugins', 0, PARAM_BOOL);
$agreelicense = optional_param('agreelicense', 0, PARAM_BOOL);
$fetchupdates = optional_param('fetchupdates', 0, PARAM_BOOL);
$newaddonreq = optional_param('installaddonrequest', null, PARAM_RAW);
$upgradekeyhash = optional_param('upgradekeyhash', null, PARAM_ALPHANUM);
// Set up PAGE.
$url = new moodle_url('/admin/index.php');
$url->param('cache', $cache);
if (isset($upgradekeyhash)) {
$url->param('upgradekeyhash', $upgradekeyhash);
}
$PAGE->set_url($url);
unset($url);
@ -203,7 +217,7 @@ if (!core_tables_exist()) {
$PAGE->set_heading($strinstallation . ' - Moodle ' . $CFG->target_release);
$output = $PAGE->get_renderer('core', 'admin');
$url = new moodle_url('/admin/index.php', array('agreelicense' => 1, 'confirmrelease' => 1, 'lang' => $CFG->lang));
$url = new moodle_url($PAGE->url, array('agreelicense' => 1, 'confirmrelease' => 1, 'lang' => $CFG->lang));
echo $output->unsatisfied_dependencies_page($version, $failed, $url);
die();
}
@ -253,11 +267,13 @@ if (empty($CFG->version)) {
// Detect config cache inconsistency, this happens when you switch branches on dev servers.
if ($CFG->version != $DB->get_field('config', 'value', array('name'=>'version'))) {
purge_all_caches();
redirect(new moodle_url('/admin/index.php'), 'Config cache inconsistency detected, resetting caches...');
redirect(new moodle_url($PAGE->url), 'Config cache inconsistency detected, resetting caches...');
}
if (!$cache and $version > $CFG->version) { // upgrade
check_upgrade_key($upgradekeyhash);
// Warning about upgrading a test site.
$testsite = false;
if (defined('BEHAT_SITE_RUNNING')) {
@ -318,7 +334,7 @@ if (!$cache and $version > $CFG->version) { // upgrade
$PAGE->set_heading($strplugincheck);
$PAGE->set_cacheable(false);
$reloadurl = new moodle_url('/admin/index.php', array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0));
$reloadurl = new moodle_url($PAGE->url, array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0));
if ($fetchupdates) {
// No sesskey support guaranteed here, because sessions might not work yet.
@ -342,15 +358,15 @@ if (!$cache and $version > $CFG->version) { // upgrade
}
echo $output->upgrade_plugin_check_page(core_plugin_manager::instance(), \core\update\checker::instance(),
$version, $showallplugins, $reloadurl,
new moodle_url('/admin/index.php', array('confirmupgrade'=>1, 'confirmrelease'=>1, 'confirmplugincheck'=>1, 'cache'=>0)));
$version, $showallplugins, $reloadurl, new moodle_url($PAGE->url, array(
'confirmupgrade' => 1, 'confirmrelease' => 1, 'confirmplugincheck' => 1, 'cache' => 0)));
die();
} else {
// Always verify plugin dependencies!
$failed = array();
if (!core_plugin_manager::instance()->all_plugins_ok($version, $failed)) {
$reloadurl = new moodle_url('/admin/index.php', array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0));
$reloadurl = new moodle_url($PAGE->url, array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0));
echo $output->unsatisfied_dependencies_page($version, $failed, $reloadurl);
die();
}
@ -374,6 +390,9 @@ if (!$cache and $branch <> $CFG->branch) { // Update the branch
}
if (!$cache and moodle_needs_upgrading()) {
check_upgrade_key($upgradekeyhash);
if (!$PAGE->headerprinted) {
// means core upgrade or installation was not already done
@ -413,7 +432,7 @@ if (!$cache and moodle_needs_upgrading()) {
echo $output->upgrade_plugin_check_page(core_plugin_manager::instance(), \core\update\checker::instance(),
$version, $showallplugins,
new moodle_url($PAGE->url),
new moodle_url('/admin/index.php', array('confirmplugincheck'=>1, 'cache'=>0)));
new moodle_url($PAGE->url, array('confirmplugincheck' => 1, 'cache' => 0)));
die();
}
@ -422,7 +441,7 @@ if (!$cache and moodle_needs_upgrading()) {
if (!core_plugin_manager::instance()->all_plugins_ok($version, $failed)) {
/** @var core_admin_renderer $output */
$output = $PAGE->get_renderer('core', 'admin');
$reloadurl = new moodle_url('/admin/index.php', array('cache' => 0));
$reloadurl = new moodle_url($PAGE->url, array('cache' => 0));
echo $output->unsatisfied_dependencies_page($version, $failed, $reloadurl);
die();
}

39
admin/renderer.php
View file

@ -43,7 +43,8 @@ class core_admin_renderer extends plugin_renderer_base {
$copyrightnotice = text_to_html(get_string('gpl3'));
$copyrightnotice = str_replace('target="_blank"', 'onclick="this.target=\'_blank\'"', $copyrightnotice); // extremely ugly validation hack
$continue = new single_button(new moodle_url('/admin/index.php', array('lang'=>$CFG->lang, 'agreelicense'=>1)), get_string('continue'), 'get');
$continue = new single_button(new moodle_url($this->page->url, array(
'lang' => $CFG->lang, 'agreelicense' => 1)), get_string('continue'), 'get');
$output .= $this->header();
$output .= $this->heading('<a href="http://moodle.org">Moodle</a> - Modular Object-Oriented Dynamic Learning Environment');
@ -96,10 +97,11 @@ class core_admin_renderer extends plugin_renderer_base {
$output .= $this->environment_check_table($envstatus, $environment_results);
if (!$envstatus) {
$output .= $this->upgrade_reload(new moodle_url('/admin/index.php', array('agreelicense' => 1, 'lang' => $CFG->lang)));
$output .= $this->upgrade_reload(new moodle_url($this->page->url, array('agreelicense' => 1, 'lang' => $CFG->lang)));
} else {
$output .= $this->notification(get_string('environmentok', 'admin'), 'notifysuccess');
$output .= $this->continue_button(new moodle_url('/admin/index.php', array('agreelicense'=>1, 'confirmrelease'=>1, 'lang'=>$CFG->lang)));
$output .= $this->continue_button(new moodle_url($this->page->url, array(
'agreelicense' => 1, 'confirmrelease' => 1, 'lang' => $CFG->lang)));
}
$output .= $this->footer();
@ -140,7 +142,7 @@ class core_admin_renderer extends plugin_renderer_base {
public function upgrade_confirm_page($strnewversion, $maturity, $testsite) {
$output = '';
$continueurl = new moodle_url('/admin/index.php', array('confirmupgrade' => 1, 'cache' => 0));
$continueurl = new moodle_url($this->page->url, array('confirmupgrade' => 1, 'cache' => 0));
$continue = new single_button($continueurl, get_string('continue'), 'get');
$cancelurl = new moodle_url('/admin/index.php');
@ -170,7 +172,7 @@ class core_admin_renderer extends plugin_renderer_base {
$output .= $this->environment_check_table($envstatus, $environment_results);
if (!$envstatus) {
$output .= $this->upgrade_reload(new moodle_url('/admin/index.php'), array('confirmupgrade' => 1, 'cache' => 0));
$output .= $this->upgrade_reload(new moodle_url($this->page->url, array('confirmupgrade' => 1, 'cache' => 0)));
} else {
$output .= $this->notification(get_string('environmentok', 'admin'), 'notifysuccess');
@ -179,7 +181,8 @@ class core_admin_renderer extends plugin_renderer_base {
$output .= $this->box(get_string('langpackwillbeupdated', 'admin'), 'generalbox', 'notice');
}
$output .= $this->continue_button(new moodle_url('/admin/index.php', array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0)));
$output .= $this->continue_button(new moodle_url($this->page->url, array(
'confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0)));
}
$output .= $this->footer();
@ -991,7 +994,7 @@ class core_admin_renderer extends plugin_renderer_base {
$out = $this->output->container_start('nonehighlighted', 'plugins-check-info');
$out .= $this->output->heading(get_string('nonehighlighted', 'core_plugin'));
if (empty($options['full'])) {
$out .= html_writer::link(new moodle_url('/admin/index.php',
$out .= html_writer::link(new moodle_url($this->page->url,
array('confirmupgrade' => 1, 'confirmrelease' => 1, 'showallplugins' => 1, 'cache' => 0)),
get_string('nonehighlightedinfo', 'core_plugin'));
}
@ -1572,4 +1575,26 @@ class core_admin_renderer extends plugin_renderer_base {
return $output;
}
/**
* Render a simple page for providing the upgrade key.
*
* @param moodle_url|string $url
* @return string
*/
public function upgradekey_form_page($url) {
$output = '';
$output .= $this->header();
$output .= $this->container_start('upgradekeyreq');
$output .= $this->heading(get_string('upgradekeyreq', 'core_admin'));
$output .= html_writer::start_tag('form', array('method' => 'POST', 'action' => $url));
$output .= html_writer::empty_tag('input', array('name' => 'upgradekey', 'type' => 'password'));
$output .= html_writer::empty_tag('input', array('value' => get_string('submit'), 'type' => 'submit'));
$output .= html_writer::end_tag('form');
$output .= $this->container_end();
$output .= $this->footer();
return $output;
}
}