diff --git a/build/generate_filelist_xml.php b/build/generate_filelist_xml.php
index 07e87dd86bb7f5be1fcd30dc6ed4f6bb0f6b6166..01809439bf10652c79b91df3b6e929c1d9511e3d 100755
--- a/build/generate_filelist_xml.php
+++ b/build/generate_filelist_xml.php
@@ -42,35 +42,55 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php");
if (empty($argv[1]))
{
- print "Usage: ".$script_file." release=x.y.z\n";
+ print "Usage: ".$script_file." release=x.y.z[-...] [includecustom=1]\n";
exit -1;
}
parse_str($argv[1]);
+if (! empty($argv[2])) parse_str($argv[2]);
-if ($release != DOL_VERSION)
+if (empty($includecustom))
{
- print 'Error: release is not version declared into filefunc.in.php.'."\n";
- exit -1;
+ $includecustom=0;
+
+ if (DOL_VERSION != $release)
+ {
+ print 'Error: When parameter "includecustom" is not set, version declared into filefunc.in.php ('.DOL_VERSION.') must be exact same value than "release" parmater.'."\n";
+ print "Usage: ".$script_file." release=x.y.z[-...] [includecustom=1]\n";
+ exit -1;
+ }
+}
+else
+{
+ if (! preg_match('/'.preg_quote(DOL_VERSION,'/').'-/',$release))
+ {
+ print 'Error: When parameter "includecustom" is not set, version declared into ('.DOL_VERSION.') must be used with a suffix into "release" parmater (ex: '.DOL_VERSION.'-mydistrib).'."\n";
+ print "Usage: ".$script_file." release=x.y.z[-...] [includecustom=1]\n";
+ exit -1;
+ }
}
+print "Version: ".$release."\n";
+print "Include custom: ".$includecustom."\n";
+
//$outputfile=dirname(__FILE__).'/../htdocs/install/filelist-'.$release.'.xml';
$outputdir=dirname(__FILE__).'/../htdocs/install';
-print 'Delete current files '.$outputdir.'/filelist*.xml'."\n";
-dol_delete_file($outputdir.'/filelist*.xml',0,1,1);
+print 'Delete current files '.$outputdir.'/filelist-'.$release.'.xml'."\n";
+dol_delete_file($outputdir.'/filelist-'.$release.'.xml',0,1,1);
$outputfile=$outputdir.'/filelist-'.$release.'.xml';
$fp = fopen($outputfile,'w');
fputs($fp, '<?xml version="1.0" encoding="UTF-8" ?>'."\n");
fputs($fp, '<checksum_list version="'.$release.'">'."\n");
-fputs($fp, '<dolibarr_htdocs_dir>'."\n");
+fputs($fp, '<dolibarr_htdocs_dir includecustom="'.$includecustom.'">'."\n");
$checksumconcat=array();
+// TODO Replace RecursiveDirectoryIterator with dol_dir_list
$dir_iterator1 = new RecursiveDirectoryIterator(dirname(__FILE__).'/../htdocs/');
$iterator1 = new RecursiveIteratorIterator($dir_iterator1);
-// need to ignore document custom etc
-$files = new RegexIterator($iterator1, '#^(?:[A-Z]:)?(?:/(?!(?:custom|documents|conf|install|nltechno))[^/]+)+/[^/]+\.(?:php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$#i');
+// Need to ignore document custom etc. Note: this also ignore natively symbolic links.
+$files = new RegexIterator($iterator1, '#^(?:[A-Z]:)?(?:/(?!(?:'.($includecustom?'':'custom\/|').'documents\/|conf\/|install\/))[^/]+)+/[^/]+\.(?:php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$#i');
$dir='';
$needtoclose=0;
foreach ($files as $file) {
@@ -102,10 +122,11 @@ $checksumconcat=array();
fputs($fp, '<dolibarr_script_dir version="'.$release.'">'."\n");
+// TODO Replace RecursiveDirectoryIterator with dol_dir_list
$dir_iterator2 = new RecursiveDirectoryIterator(dirname(__FILE__).'/../scripts/');
$iterator2 = new RecursiveIteratorIterator($dir_iterator2);
-// need to ignore document custom etc
-$files = new RegexIterator($iterator2, '#^(?:[A-Z]:)?(?:/(?!(?:custom|documents|conf|install|nltechno))[^/]+)+/[^/]+\.(?:php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$#i');
+// Need to ignore document custom etc. Note: this also ignore natively symbolic links.
+$files = new RegexIterator($iterator2, '#^(?:[A-Z]:)?(?:/(?!(?:custom|documents|conf|install))[^/]+)+/[^/]+\.(?:php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$#i');
$dir='';
$needtoclose=0;
foreach ($files as $file) {
diff --git a/htdocs/admin/system/filecheck.php b/htdocs/admin/system/filecheck.php
index c0ff5d75819a9dcee897bf460f24f24106c426ec..7536c6df793d2cb8b40541b848ddd69aeb4b8189 100644
--- a/htdocs/admin/system/filecheck.php
+++ b/htdocs/admin/system/filecheck.php
@@ -90,19 +90,22 @@ print $langs->trans("MakeIntegrityAnalysisFrom").':<br>';
print '<!-- for a local check target=local&xmlshortfile=... -->'."\n";
if (dol_is_file($xmlfile))
{
- print '<input type="radio" name="target" value="local"'.((! GETPOST('target') || GETPOST('target') == 'local') ? 'checked="checked"':'').'"> '.$langs->trans("LocalSignature").' = '.$xmlshortfile.'<br>';
+ print '<input type="radio" name="target" value="local"'.((! GETPOST('target') || GETPOST('target') == 'local') ? 'checked="checked"':'').'"> '.$langs->trans("LocalSignature").' = ';
+ print '<input name="xmlshortfile" class="flat minwidth200" value="'.dol_escape_htmltag($xmlshortfile).'">';
+ print '<br>';
}
else
{
- print '<input type="radio" name="target" value="local"> '.$langs->trans("LocalSignature").' = '.$xmlshortfile;
- if (! GETPOST('xmlshortfile')) print ' <span class="warning">('.$langs->trans("AvailableOnlyOnPackagedVersions").')</span>';
+ print '<input type="radio" name="target" value="local"> '.$langs->trans("LocalSignature").' = ';
+ print '<input name="xmlshortfile" class="flat minwidth200" value="'.dol_escape_htmltag($xmlshortfile).'">';
+ print ' <span class="warning">('.$langs->trans("AvailableOnlyOnPackagedVersions").')</span>';
print '<br>';
}
print '<!-- for a remote target=remote&xmlremote=... -->'."\n";
if ($enableremotecheck)
{
print '<input type="radio" name="target" value="remote"'.(GETPOST('target') == 'remote' ? 'checked="checked"':'').'> '.$langs->trans("RemoteSignature").' = ';
- print '<input name="xmlremote" class="flat quatrevingtpercent" value="'.$xmlremote.'"><br>';
+ print '<input name="xmlremote" class="flat quatrevingtpercent" value="'.dol_escape_htmltag($xmlremote).'"><br>';
}
else
{
@@ -150,21 +153,41 @@ if (GETPOST('target') == 'remote')
if ($xml)
{
$checksumconcat = array();
-
+ $file_list = array();
+ $out = '';
+
// Scan htdocs
if (is_object($xml->dolibarr_htdocs_dir[0]))
{
- $file_list = array();
- $ret = getFilesUpdated($file_list, $xml->dolibarr_htdocs_dir[0], '', DOL_DOCUMENT_ROOT, $checksumconcat); // Fill array $file_list
-
- print_fiche_titre($langs->trans("FilesMissing"));
+ //var_dump($xml->dolibarr_htdocs_dir[0]['includecustom']);exit;
+ $includecustom=(empty($xml->dolibarr_htdocs_dir[0]['includecustom'])?0:$xml->dolibarr_htdocs_dir[0]['includecustom']);
+
+ // Defined qualified files (must be same than into generate_filelist_xml.php)
+ $regextoinclude='\.(php|css|html|js|json|tpl|jpg|png|gif|sql|lang)$';
+ $regextoexclude='('.($includecustom?'':'custom|').'documents|conf|install)$'; // Exclude dirs
+ $scanfiles = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, $regextoinclude, $regextoexclude);
+
+ // Fill file_list with files in signature, new files, modified files
+ $ret = getFilesUpdated($file_list, $xml->dolibarr_htdocs_dir[0], '', DOL_DOCUMENT_ROOT, $checksumconcat, $scanfiles); // Fill array $file_list
+ // Complete with list of new files
+ foreach ($scanfiles as $keyfile => $valfile)
+ {
+ $tmprelativefilename=preg_replace('/^'.preg_quote(DOL_DOCUMENT_ROOT,'/').'/','', $valfile['fullname']);
+ if (! in_array($tmprelativefilename, $file_list['insignature']))
+ {
+ $md5newfile=@md5_file($valfile['fullname']); // Can fails if we don't have permission to open/read file
+ $file_list['added'][]=array('filename'=>$tmprelativefilename, 'md5'=>$md5newfile);
+ }
+ }
- print '<table class="noborder">';
- print '<tr class="liste_titre">';
- print '<td>#</td>';
- print '<td>' . $langs->trans("Filename") . '</td>';
- print '<td align="center">' . $langs->trans("ExpectedChecksum") . '</td>';
- print '</tr>'."\n";
+ $out.=load_fiche_titre($langs->trans("FilesMissing"));
+
+ $out.='<table class="noborder">';
+ $out.='<tr class="liste_titre">';
+ $out.='<td>#</td>';
+ $out.='<td>' . $langs->trans("Filename") . '</td>';
+ $out.='<td align="center">' . $langs->trans("ExpectedChecksum") . '</td>';
+ $out.='</tr>'."\n";
$var = true;
$tmpfilelist = dol_sort_array($file_list['missing'], 'filename');
if (is_array($tmpfilelist) && count($tmpfilelist))
@@ -174,32 +197,32 @@ if ($xml)
{
$i++;
$var = !$var;
- print '<tr ' . $bc[$var] . '>';
- print '<td>'.$i.'</td>' . "\n";
- print '<td>'.$file['filename'].'</td>' . "\n";
- print '<td align="center">'.$file['expectedmd5'].'</td>' . "\n";
- print "</tr>\n";
+ $out.='<tr ' . $bc[$var] . '>';
+ $out.='<td>'.$i.'</td>' . "\n";
+ $out.='<td>'.$file['filename'].'</td>' . "\n";
+ $out.='<td align="center">'.$file['expectedmd5'].'</td>' . "\n";
+ $out.="</tr>\n";
}
}
else
{
- print '<tr ' . $bc[false] . '><td colspan="3" class="opacitymedium">'.$langs->trans("None").'</td></tr>';
+ $out.='<tr ' . $bc[false] . '><td colspan="3" class="opacitymedium">'.$langs->trans("None").'</td></tr>';
}
- print '</table>';
+ $out.='</table>';
- print '<br>';
+ $out.='<br>';
- print_fiche_titre($langs->trans("FilesUpdated"));
+ $out.=load_fiche_titre($langs->trans("FilesModified"));
- print '<table class="noborder">';
- print '<tr class="liste_titre">';
- print '<td>#</td>';
- print '<td>' . $langs->trans("Filename") . '</td>';
- print '<td align="center">' . $langs->trans("ExpectedChecksum") . '</td>';
- print '<td align="center">' . $langs->trans("CurrentChecksum") . '</td>';
- print '<td align="right">' . $langs->trans("Size") . '</td>';
- print '<td align="right">' . $langs->trans("DateModification") . '</td>';
- print '</tr>'."\n";
+ $out.='<table class="noborder">';
+ $out.='<tr class="liste_titre">';
+ $out.='<td>#</td>';
+ $out.='<td>' . $langs->trans("Filename") . '</td>';
+ $out.='<td align="center">' . $langs->trans("ExpectedChecksum") . '</td>';
+ $out.='<td align="center">' . $langs->trans("CurrentChecksum") . '</td>';
+ $out.='<td align="right">' . $langs->trans("Size") . '</td>';
+ $out.='<td align="right">' . $langs->trans("DateModification") . '</td>';
+ $out.='</tr>'."\n";
$var = true;
$tmpfilelist2 = dol_sort_array($file_list['updated'], 'filename');
if (is_array($tmpfilelist2) && count($tmpfilelist2))
@@ -209,30 +232,70 @@ if ($xml)
{
$i++;
$var = !$var;
- print '<tr ' . $bc[$var] . '>';
- print '<td>'.$i.'</td>' . "\n";
- print '<td>'.$file['filename'].'</td>' . "\n";
- print '<td align="center">'.$file['expectedmd5'].'</td>' . "\n";
- print '<td align="center">'.$file['md5'].'</td>' . "\n";
- print '<td align="right">'.dol_print_size(dol_filesize(DOL_DOCUMENT_ROOT.'/'.$file['filename'])).'</td>' . "\n";
- print '<td align="right">'.dol_print_date(dol_filemtime(DOL_DOCUMENT_ROOT.'/'.$file['filename']),'dayhour').'</td>' . "\n";
- print "</tr>\n";
+ $out.='<tr ' . $bc[$var] . '>';
+ $out.='<td>'.$i.'</td>' . "\n";
+ $out.='<td>'.$file['filename'].'</td>' . "\n";
+ $out.='<td align="center">'.$file['expectedmd5'].'</td>' . "\n";
+ $out.='<td align="center">'.$file['md5'].'</td>' . "\n";
+ $out.='<td align="right">'.dol_print_size(dol_filesize(DOL_DOCUMENT_ROOT.'/'.$file['filename'])).'</td>' . "\n";
+ $out.='<td align="right">'.dol_print_date(dol_filemtime(DOL_DOCUMENT_ROOT.'/'.$file['filename']),'dayhour').'</td>' . "\n";
+ $out.="</tr>\n";
}
}
else
{
- print '<tr ' . $bc[false] . '><td colspan="5" class="opacitymedium">'.$langs->trans("None").'</td></tr>';
+ $out.='<tr ' . $bc[false] . '><td colspan="5" class="opacitymedium">'.$langs->trans("None").'</td></tr>';
}
- print '</table>';
+ $out.='</table>';
+
+ $out.='<br>';
- if (empty($tmpfilelist) && empty($tmpfilelist2))
+ $out.=load_fiche_titre($langs->trans("FilesAdded"));
+
+ $out.='<table class="noborder">';
+ $out.='<tr class="liste_titre">';
+ $out.='<td>#</td>';
+ $out.='<td>' . $langs->trans("Filename") . '</td>';
+ $out.='<td align="center">' . $langs->trans("ExpectedChecksum") . '</td>';
+ $out.='<td align="center">' . $langs->trans("CurrentChecksum") . '</td>';
+ $out.='<td align="right">' . $langs->trans("Size") . '</td>';
+ $out.='<td align="right">' . $langs->trans("DateModification") . '</td>';
+ $out.='</tr>'."\n";
+ $var = true;
+ $tmpfilelist3 = dol_sort_array($file_list['added'], 'filename');
+ if (is_array($tmpfilelist3) && count($tmpfilelist3))
+ {
+ $i = 0;
+ foreach ($tmpfilelist3 as $file)
+ {
+ $i++;
+ $var = !$var;
+ $out.='<tr ' . $bc[$var] . '>';
+ $out.='<td>'.$i.'</td>' . "\n";
+ $out.='<td>'.$file['filename'].'</td>' . "\n";
+ $out.='<td align="center">'.$file['expectedmd5'].'</td>' . "\n";
+ $out.='<td align="center">'.$file['md5'].'</td>' . "\n";
+ $out.='<td align="right">'.dol_print_size(dol_filesize(DOL_DOCUMENT_ROOT.'/'.$file['filename'])).'</td>' . "\n";
+ $out.='<td align="right">'.dol_print_date(dol_filemtime(DOL_DOCUMENT_ROOT.'/'.$file['filename']),'dayhour').'</td>' . "\n";
+ $out.="</tr>\n";
+ }
+ }
+ else
+ {
+ $out.='<tr ' . $bc[false] . '><td colspan="5" class="opacitymedium">'.$langs->trans("None").'</td></tr>';
+ }
+ $out.='</table>';
+
+
+ // Show warning
+ if (empty($tmpfilelist) && empty($tmpfilelist2) && empty($tmpfilelist3))
{
setEventMessage($langs->trans("FileIntegrityIsStrictlyConformedWithReference"));
}
else
{
setEventMessage($langs->trans("FileIntegritySomeFilesWereRemovedOrModified"), 'warnings');
- }
+ }
}
else
{
@@ -253,13 +316,30 @@ if ($xml)
asort($checksumconcat); // Sort list of checksum
//var_dump($checksumconcat);
$checksumget = md5(join(',',$checksumconcat));
- $checksumtoget = $xml->dolibarr_htdocs_dir_checksum;
-
- print '<br>';
+ $checksumtoget = trim((string) $xml->dolibarr_htdocs_dir_checksum);
+ /*var_dump(count($file_list['added']));
+ var_dump($checksumget);
+ var_dump($checksumtoget);
+ var_dump($checksumget == $checksumtoget);*/
print_fiche_titre($langs->trans("GlobalChecksum")).'<br>';
print $langs->trans("ExpectedChecksum").' = '. ($checksumtoget ? $checksumtoget : $langs->trans("Unknown")) .'<br>';
- print $langs->trans("CurrentChecksum").' = '.$checksumget;
+ print $langs->trans("CurrentChecksum").' = ';
+ if ($checksumget == $checksumtoget)
+ {
+ if (count($file_list['added'])) print $checksumget.' - <span class="warning">'.$langs->trans("FileIntegrityIsOkButFilesWereAdded").'</span>';
+ else print '<span class="ok">'.$checksumget.'</span>';
+ }
+ else
+ {
+ print '<span class="error">'.$checksumget.'</span>';
+ }
+
+ print '<br>';
+ print '<br>';
+
+ // Output detail
+ print $out;
}
@@ -287,10 +367,11 @@ function getFilesUpdated(&$file_list, SimpleXMLElement $dir, $path = '', $pathre
{
$exclude = 'install';
- foreach ($dir->md5file as $file)
+ foreach ($dir->md5file as $file) // $file is a simpleXMLElement
{
$filename = $path.$file['name'];
-
+ $file_list['insignature'][] = $filename;
+
//if (preg_match('#'.$exclude.'#', $filename)) continue;
if (!file_exists($pathref.'/'.$filename))
@@ -309,3 +390,4 @@ function getFilesUpdated(&$file_list, SimpleXMLElement $dir, $path = '', $pathre
return $file_list;
}
+
diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index c1aadd3df6d79b1f9658265c2504fef5289b75d2..1f7974775b54615a360cee0e19ebaa25d055f68e 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -44,8 +44,8 @@ function dol_basename($pathfile)
* @param string $path Starting path from which to search. This is a full path.
* @param string $types Can be "directories", "files", or "all"
* @param int $recursive Determines whether subdirectories are searched
- * @param string $filter Regex filter to restrict list. This regex value must be escaped for '/', since this char is used for preg_match function
- * @param array $excludefilter Array of Regex for exclude filter (example: array('(\.meta|_preview\.png)$','^\.'))
+ * @param string $filter Regex filter to restrict list. This regex value must be escaped for '/', since this char is used for preg_match function. Filter is checked into basename only.
+ * @param array $excludefilter Array of Regex for exclude filter (example: array('(\.meta|_preview\.png)$','^\.')). Exclude is checked into fullpath.
* @param string $sortcriteria Sort criteria ("","fullname","name","date","size")
* @param string $sortorder Sort order (SORT_ASC, SORT_DESC)
* @param int $mode 0=Return array minimum keys loaded (faster), 1=Force all keys like date and size to be loaded (slower), 2=Force load of date only, 3=Force load of size only
@@ -104,7 +104,7 @@ function dol_dir_list($path, $types="all", $recursive=0, $filter="", $excludefil
$filesize='';
$file_list = array();
- while (false !== ($file = readdir($dir)))
+ while (false !== ($file = readdir($dir))) // $file is always a basename (into directory $newpath)
{
if (! utf8_check($file)) $file=utf8_encode($file); // To be sure data is stored in utf8 in memory
@@ -137,7 +137,7 @@ function dol_dir_list($path, $types="all", $recursive=0, $filter="", $excludefil
if ($loaddate || $sortcriteria == 'date') $filedate=dol_filemtime($path."/".$file);
if ($loadsize || $sortcriteria == 'size') $filesize=dol_filesize($path."/".$file);
- if (! $filter || preg_match('/'.$filter.'/i',$file)) // We do not search key $filter into $path, only into $file
+ if (! $filter || preg_match('/'.$filter.'/i',$file)) // We do not search key $filter into all $path, only into $file part
{
preg_match('/([^\/]+)\/[^\/]+$/',$path.'/'.$file,$reg);
$level1name=(isset($reg[1])?$reg[1]:'');
diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index 202618b7b43af6e4dae0a988d646de85a1ab3582..defcafa7b658950b1725d02f4e2d11deff23ec5e 100644
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -11,13 +11,16 @@ VersionRecommanded=Recommended
FileCheck=Files integrity checker
FileCheckDesc=This tool allows you to check the integrity of files of your application, comparing each files with the official ones. You can use this tool to detect if some files were modified by a hacker for example.
FileIntegrityIsStrictlyConformedWithReference=Files integrity is strictly conformed with the reference.
-FileIntegritySomeFilesWereRemovedOrModified=Files integrity check has failed. Some files were modified of removed.
+FileIntegrityIsOkButFilesWereAdded=Files integrity check has passed, however some new files were added.
+FileIntegritySomeFilesWereRemovedOrModified=Files integrity check has failed. Some files were modified, removed or added.
GlobalChecksum=Global checksum
MakeIntegrityAnalysisFrom=Make integrity analysis of application files from
LocalSignature=Embedded local signature (less reliable)
RemoteSignature=Remote distant signature (more reliable)
FilesMissing=Missing Files
FilesUpdated=Updated Files
+FilesModified=Modified Files
+FilesAdded=Added Files
FileCheckDolibarr=Check integrity of application files
AvailableOnlyOnPackagedVersions=The local file for integrity checking is only available when application is installed from a certified package
XmlNotFound=Xml Integrity File of application not found