From 7e6a34459febe4c01eae773b30660dccc9f004cd Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Tue, 16 Feb 2021 12:11:21 +0100
Subject: [PATCH] Reject major com.woltlab.wcf upgrades via package upload
---
.../form/PackageStartInstallForm.class.php | 22 +++++++++++++++++++
wcfsetup/install/lang/de.xml | 1 +
wcfsetup/install/lang/en.xml | 1 +
3 files changed, 24 insertions(+)
diff --git a/wcfsetup/install/files/lib/acp/form/PackageStartInstallForm.class.php b/wcfsetup/install/files/lib/acp/form/PackageStartInstallForm.class.php
index 97d993ac04..bcc7c5a44b 100755
--- a/wcfsetup/install/files/lib/acp/form/PackageStartInstallForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/PackageStartInstallForm.class.php
@@ -139,6 +139,28 @@ class PackageStartInstallForm extends AbstractForm {
}
}
+ $requirements = PackageValidationManager::getInstance()->getPackageValidationArchive()->getArchive()->getOpenRequirements();
+ foreach ($requirements as $requirement) {
+ if ($requirement['name'] !== 'com.woltlab.wcf') {
+ continue;
+ }
+ if ($requirement['action'] !== 'update') {
+ continue;
+ }
+ if (!isset($requirement['file'])) {
+ continue;
+ }
+
+ $existingVersion = explode('.', $requirement['existingVersion']);
+ $minversion = explode('.', $requirement['minversion']);
+ if (
+ $existingVersion[0] !== $minversion[0]
+ || $existingVersion[1] !== $minversion[1]
+ ) {
+ throw new UserInputException('uploadPackage', 'majorUpgrade');
+ }
+ }
+
$this->package = PackageValidationManager::getInstance()->getPackageValidationArchive()->getPackage();
}
diff --git a/wcfsetup/install/lang/de.xml b/wcfsetup/install/lang/de.xml
index 7df1922a6d..21779c7154 100644
--- a/wcfsetup/install/lang/de.xml
+++ b/wcfsetup/install/lang/de.xml
@@ -1263,6 +1263,7 @@ GmbH=Gesellschaft mit beschränkter Haftung]]></item>
<item name="wcf.acp.package.error.uniqueAlreadyInstalled"><![CDATA[Dieses Paket ist bereits installiert und kann nicht mehrfach installiert werden.]]></item>
<item name="wcf.acp.package.error.noValidInstall"><![CDATA[Das angegebene Paket lässt keine Neuinstallation zu.]]></item>
<item name="wcf.acp.package.error.noValidUpdate"><![CDATA[Paket â{$package->packageName|language}â kann mit dem angegebenen Archiv nicht aktualisiert werden.]]></item>
+ <item name="wcf.acp.package.error.majorUpgrade"><![CDATA[Das Paket aktualisiert die Installation auf eine neue Major-Version. Aus Stabilitätsgründen können Major-Upgrades ausschlieÃlich über die Paketserver durchgeführt werden. Detaillierte Informationen zur Durchführung des Upgrades finden sich <a href="https://manual.woltlab.com/de/updates/" class="externalURL">in unserem Handbuch</a>.]]></item>
<item name="wcf.acp.package.identifier"><![CDATA[Bezeichner]]></item>
<item name="wcf.acp.package.information.properties"><![CDATA[Eigenschaften]]></item>
<item name="wcf.acp.package.information.title"><![CDATA[Informationen]]></item>
diff --git a/wcfsetup/install/lang/en.xml b/wcfsetup/install/lang/en.xml
index c54a143ebf..3e9e6463e6 100644
--- a/wcfsetup/install/lang/en.xml
+++ b/wcfsetup/install/lang/en.xml
@@ -1268,6 +1268,7 @@
<item name="wcf.acp.package.error.uniqueAlreadyInstalled"><![CDATA[This package is already installed.]]></item>
<item name="wcf.acp.package.error.noValidInstall"><![CDATA[The selected package does not support an installation.]]></item>
<item name="wcf.acp.package.error.noValidUpdate"><![CDATA[Package â{$package->packageName|language}â cannot be updated using the selected archive.]]></item>
+ <item name="wcf.acp.package.error.majorUpgrade"><![CDATA[The package updates your community to a new major version. For stability reasons major upgrades may only be performed via the update servers. Detailed information regarding the upgrade process can be found <a href="https://manual.woltlab.com/en/updates/" class="externalURL">in our manual</a>.]]></item>
<item name="wcf.acp.package.identifier"><![CDATA[Identifier]]></item>
<item name="wcf.acp.package.information.properties"><![CDATA[Properties]]></item>
<item name="wcf.acp.package.information.title"><![CDATA[Details]]></item>
--
2.20.1