security fix
[openemr.git] / sql_patch.php
blob19d30a5014d0afc329f5c86932d8ca01019add46
1 <?php
2 // Copyright (C) 2008-2010 Rod Roark <rod@sunsetsystems.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
8 //
9 // This may be run after an upgraded OpenEMR has been installed.
10 // Its purpose is to upgrade the MySQL OpenEMR database as needed
11 // for the new release.
13 // Checks if the server's PHP version is compatible with OpenEMR:
14 require_once(dirname(__FILE__) . "/common/compatibility/Checker.php");
16 use OpenEMR\Common\Checker;
18 $response = Checker::checkPhpVersion();
19 if ($response !== true) {
20 die($response);
23 // Disable PHP timeout. This will not work in safe mode.
24 ini_set('max_execution_time', '0');
26 $ignoreAuth = true; // no login required
28 require_once('interface/globals.php');
29 require_once('library/sql_upgrade_fx.php');
31 use OpenEMR\Services\VersionService;
33 $versionService = new VersionService();
35 // Fetching current version because it was updated by the sql_upgrade_fx
36 // script and this script will further modify it.
37 $currentVersion = $versionService->fetch();
39 $desiredVersion = $currentVersion;
40 $desiredVersion->setDatabase($v_database);
41 $desiredVersion->setTag($v_tag);
42 $desiredVersion->setRealPatch($v_realpatch);
43 $desiredVersion->setPatch($v_patch);
44 $desiredVersion->setMinor($v_minor);
45 $desiredVersion->setMajor($v_major);
47 // Force logging off
48 $GLOBALS["enable_auditlog"]=0;
50 $EMRversion = trim(preg_replace('/\s*\([^)]*\)/', '', $GLOBALS['openemr_version']));
54 <html>
55 <head>
56 <title>OpenEMR <?php echo attr($EMRversion) ?> <?php echo xlt('Database Patch'); ?></title>
57 <link rel='STYLESHEET' href='interface/themes/style_blue.css'>
58 <link rel="shortcut icon" href="public/images/favicon.ico" />
59 </head>
60 <body style="color:green;">
62 <div style="box-shadow: 3px 3px 5px 6px #ccc; border-radius: 20px; padding: 10px 40px;background-color:#EFEFEF; width:500px; margin:40px auto">
64 <p style="font-weight:bold; font-size:1.8em; text-align:center">OpenEMR <?php echo text($EMRversion),' ',xlt('Database Patch'),' ',text($desiredVersion->getRealPatch()) ?></p>
65 <p style="font-weight:bold; text-align:center;"><?php echo xlt('Applying Patch to site'),' : ',text($_SESSION['site_id']) ?></p>
68 <?php
69 upgradeFromSqlFile('patch.sql');
70 flush();
72 echo '<p style="font-weight:bold; text-align:left; color:green">',xlt('Updating global configuration defaults'),'...</p>';
73 require_once("library/globals.inc.php");
74 foreach ($GLOBALS_METADATA as $grpname => $grparr) {
75 foreach ($grparr as $fldid => $fldarr) {
76 list($fldname, $fldtype, $flddef, $flddesc) = $fldarr;
77 if (is_array($fldtype) || (substr($fldtype, 0, 2) !== 'm_')) {
78 $row = sqlQuery("SELECT count(*) AS count FROM globals WHERE gl_name = '$fldid'");
79 if (empty($row['count'])) {
80 sqlStatement("INSERT INTO globals ( gl_name, gl_index, gl_value ) " .
81 "VALUES ( '$fldid', '0', '$flddef' )");
87 $canRealPatchBeApplied = $versionService->canRealPatchBeApplied($desiredVersion);
88 if ($canRealPatchBeApplied) {
89 echo '<p style="font-weight:bold; text-align:left;">',xlt('Updating version indicators'),'...</p>';
90 $result = $versionService->update($desiredVersion);
92 if (!$result) {
93 echo '<p style="font-weight:bold; text-align:left; color:red">',xlt('Unable insert version information into database'),'...</p>';
97 echo '<p style="text-align:center; font-size:1.8em;">',xlt('Database Patch'),' ',text($desiredVersion->getRealPatch()),' ',xlt('finished'),'.</p>';
99 echo '<p style="text-align:center; font-size:1.8em;">OpenEMR ',xlt('Version'),' = ',text($EMRversion.'('.$desiredVersion->getRealPatch().')'),'.</p>';
101 echo '<p><a style="border-radius: 10px; padding:5px; width:200px; margin:0 auto; background-color:green; color:white; font-weight:bold; display:block; text-align:center;" href="index.php?site=',attr($_SESSION['site_id']).'">',xlt('Log in'),'</a></p>';
103 if (isset($_SERVER['HTTP_REFERER'])) {
104 $split = preg_split('/\//', $_SERVER['HTTP_REFERER']);
105 if ($split[count($split) - 1] == 'admin.php') {
106 echo '<p><a style="border-radius: 10px; padding:5px; width:200px; margin:0 auto; background-color:green; color:white; font-weight:bold; display:block; text-align:center;" href="admin.php">',xlt('Back to Admin Page'),'</a></p>';
111 </div>
112 </body>
113 </html>