From 057596e314c5783e97473468f61050782f907d15 Mon Sep 17 00:00:00 2001 From: garvinhicking Date: Sun, 14 Jan 2007 13:57:20 +0000 Subject: [PATCH] Upgrade spartacus to perform stricter content-filtering checks --- .../lang_en.inc.php | 7 ++-- .../serendipity_event_spartacus.php | 35 +++++++++++++------ 2 files changed, 29 insertions(+), 13 deletions(-) diff --git a/plugins/serendipity_event_spartacus/lang_en.inc.php b/plugins/serendipity_event_spartacus/lang_en.inc.php index 26beb18..1657c22 100644 --- a/plugins/serendipity_event_spartacus/lang_en.inc.php +++ b/plugins/serendipity_event_spartacus/lang_en.inc.php @@ -15,7 +15,7 @@ @define('PLUGIN_EVENT_SPARTACUS_FETCHED_BYTES_CACHE', 'Fetched %s bytes from already existing file on your server. Saving file as %s...'); @define('PLUGIN_EVENT_SPARTACUS_FETCHED_DONE', 'Data successfully fetched.'); @define('PLUGIN_EVENT_SPARTACUS_REPOSITORY_ERROR', '
(The repository returned error code %s.)
'); -@define('PLUGIN_EVENT_SPARTACUS_HEALTHCHECK', '

Unable to retrieve data from SPARTACUS repository. Checking for repository availability.

'); +@define('PLUGIN_EVENT_SPARTACUS_HEALTHCHECK', '

Unable to retrieve data from SPARTACUS repository. Checking for repository availability on %s.

'); @define('PLUGIN_EVENT_SPARTACUS_HEALTHERROR', '

The SPARTACUS health site returned an error (HTTP code %s). This indicates that the SPARTACUS health site is down. Please try again later.

'); @define('PLUGIN_EVENT_SPARTACUS_HEALTHLINK', '

Click here to view the SPARTACUS health site and determine if it is responding.

'); @define('PLUGIN_EVENT_SPARTACUS_HEALTHBLOCKED', '

SPARTACUS attempted to connect to Google and failed (error %d: %s).
Your server is blocking outgoing connections. SPARTACUS will not function because it cannot contact the SPARTACUS repository. Please contact your website provider and ask them to allow outgoing connections to web sites.

Plugins can still be installed from your local directories. Simply download the plugin from the SPARTACUS web repository, unzip it, and upload the files to your Serendipity plugin directory.

'); @@ -33,4 +33,7 @@ @define('PLUGIN_EVENT_SPARTACUS_CHECK_SIDEBAR', 'Check for new sidebar plugins'); @define('PLUGIN_EVENT_SPARTACUS_CHECK_EVENT', 'Check for new event plugins'); @define('PLUGIN_EVENT_SPARTACUS_CHECK_HINT', 'Hint: You can upgrade multiple plugins at once by clicking the upgrade-link with your middle mouse button, so that it opens in a new window/tab of your browser. Note that upgrading all plugins automatically could lead to network timeouts and garbaged files, thus this functionality does not exist intentionally.'); -?> + +@define('PLUGIN_EVENT_SPARTACUS_TRYCURL', 'Trying to use cURL library as fallback...'); +@define('PLUGIN_EVENT_SPARTACUS_CURLFAIL', 'cURL library returned a failure, too.'); +@define('PLUGIN_EVENT_SPARTACUS_HEALTFIREWALLED', 'It was not possible to download the required files from the Spartacus repository, but the health of our repository was retrievable. This means your provider uses a content-based firewall and does not allow to fetch PHP code over the web by using mod_security or other reverse proxies. You either need to ask your provider to turn this off, or you cannot use the Spartacus plugin and need to download files manually.'); diff --git a/plugins/serendipity_event_spartacus/serendipity_event_spartacus.php b/plugins/serendipity_event_spartacus/serendipity_event_spartacus.php index 5cc4f16..ddb950c 100644 --- a/plugins/serendipity_event_spartacus/serendipity_event_spartacus.php +++ b/plugins/serendipity_event_spartacus/serendipity_event_spartacus.php @@ -39,7 +39,7 @@ class serendipity_event_spartacus extends serendipity_event $propbag->add('description', PLUGIN_EVENT_SPARTACUS_DESC); $propbag->add('stackable', false); $propbag->add('author', 'Garvin Hicking'); - $propbag->add('version', '2.10'); + $propbag->add('version', '2.11'); $propbag->add('requirements', array( 'serendipity' => '0.9', 'smarty' => '2.6.7', @@ -109,6 +109,13 @@ class serendipity_event_spartacus extends serendipity_event 'http://php-blog.cvs.sourceforge.net/*checkout*/php-blog/', 'http://s9y.org/mirror/', 'http://svn.berlios.de/viewcvs/serendipity/' + ), + + 'files_health' => array( + 'http://netmirror.org/' => 'http://netmirror.org/mirror/serendipity/last.txt', + 'http://php-blog.cvs.sourceforge.net/' => 'http://php-blog.cvs.sourceforge.net/*checkout*/php-blog/serendipity/docs/LICENSE', + 'http://s9y.org/' => 'http://s9y.org/', + 'http://svn.berlios.de/' => 'http://svn.berlios.de/viewcvs/serendipity/' ) ); @@ -291,10 +298,11 @@ class serendipity_event_spartacus extends serendipity_event $options = array(); serendipity_plugin_api::hook_event('backend_http_request', $options, 'spartacus'); serendipity_request_start(); + $req = &new HTTP_Request($url, $options); if (PEAR::isError($req->sendRequest()) || $req->getResponseCode() != '200') { - $resolved_url = $url . ' (at IP ' . $url_ip . ')'; + $resolved_url = $url . ' (IP ' . $url_ip . ')'; $this->outputMSG('error', sprintf(PLUGIN_EVENT_SPARTACUS_FETCHERROR, $resolved_url)); //--JAM: START FIREWALL DETECTION if ($req->getResponseCode()) { @@ -302,7 +310,7 @@ class serendipity_event_spartacus extends serendipity_event } $check_health = true; if (function_exists('curl_init')) { - echo PLUGIN_EVENT_SPARTACUS_TRYCURL . "\n"; + $this->outputMSG('notice', PLUGIN_EVENT_SPARTACUS_TRYCURL); $curl_handle=curl_init(); curl_setopt($curl_handle, CURLOPT_URL, $url); curl_setopt($curl_handle, CURLOPT_HEADER, 0); @@ -316,43 +324,48 @@ class serendipity_event_spartacus extends serendipity_event } } if ($check_health) { - echo PLUGIN_EVENT_SPARTACUS_HEALTHCHECK . "\n"; /*--JAM: Useful for later, when we have a health monitor for SPARTACUS $propbag = new serendipity_property_bag; $this->introspect($propbag); $health_url = 'http://spartacus.s9y.org/spartacus_health.php?version=' . $propbag->get('version'); */ + // Garvin: Temporary health. Better than nothing, eh? $health_url = $url; $matches = array(); preg_match('#http://[^/]*/#', $url, $matches); if ($matches[0]) { $health_url = $matches[0]; } + + $mirrors = $this->getMirrors('files_health', true); + $health_url = $mirrors[$health_url]; + $this->outputMSG('notice', sprintf(PLUGIN_EVENT_SPARTACUS_HEALTHCHECK, $health_url)); + $health_options = $options; serendipity_plugin_api::hook_event('backend_http_request', $health_options, 'spartacus_health'); $health_req = &new HTTP_Request($health_url, $health_options); $health_result = $health_req->sendRequest(); - if (PEAR::isError($health_result)) - { + if (PEAR::isError($health_result)) { $fp = @fsockopen('www.google.com', 80, $errno, $errstr); if (!$fp) { $this->outputMSG('error', sprintf(PLUGIN_EVENT_SPARTACUS_HEALTHBLOCKED, $errno, $errstr)); } else { - echo PLUGIN_EVENT_SPARTACUS_HEALTHDOWN; - printf(PLUGIN_EVENT_SPARTACUS_HEALTHLINK, $health_url); + $this->outputMSG('error', PLUGIN_EVENT_SPARTACUS_HEALTHDOWN); + $this->outputMSG('notice', sprintf(PLUGIN_EVENT_SPARTACUS_HEALTHLINK, $health_url)); fclose($fp); } } else if ($health_req->getResponseCode() != '200') { - printf(PLUGIN_EVENT_SPARTACUS_HEALTHERROR, $health_req->getResponseCode()); - printf(PLUGIN_EVENT_SPARTACUS_HEALTHLINK, $health_url); + $this->outputMSG('error', sprintf(PLUGIN_EVENT_SPARTACUS_HEALTHERROR, $health_req->getResponseCode())); + $this->outputMSG('notice', sprintf(PLUGIN_EVENT_SPARTACUS_HEALTHLINK, $health_url)); } else { + $this->outputMSG('error', PLUGIN_EVENT_SPARTACUS_HEALTFIREWALLED); //--JAM: Parse response and display it. } //--JAM: END FIREWALL DETECTION if (file_exists($target) && filesize($target) > 0) { $data = file_get_contents($target); $this->outputMSG('success', sprintf(PLUGIN_EVENT_SPARTACUS_FETCHED_BYTES_CACHE, strlen($data), $target)); - echo '
'; + echo "
\n"; } } else { // Fetch file -- 2.39.5