From bdbe2c3ac66ddcc33065710f22047bb53307ffb2 Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 24 May 2022 17:43:23 -0700 Subject: [PATCH 1/7] Added a simple .env checker into the upgrader Signed-off-by: snipe --- upgrade.php | 103 +++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 90 insertions(+), 13 deletions(-) diff --git a/upgrade.php b/upgrade.php index 705624a914..dbf30f6489 100644 --- a/upgrade.php +++ b/upgrade.php @@ -1,7 +1,7 @@ $line) { + + if ((strlen($line) > 1) && (strpos($line, "#") !== 0)) { + + list ($env_key, $env_value) = $env_line = explode('=', $line); + + $env_value = trim($env_value); + + if ($env_key == 'APP_URL') { + + $app_url_length = strlen($env_value); + + if (($env_value!="null") && ($env_value!="")) { + echo '√ Your APP_URL is not null or blank. It is set to '.$env_value."\n"; + + if (!str_begins(trim($env_value), 'http://') && (!str_begins($env_value, 'https://'))) { + echo '✘ APP_URL ERROR in Line #'.$line_num.' of your .env: Your APP_URL should start with https:// or http://!! It is currently set to: '.$env_value; + $env_error_count++; + } else { + echo '√ Your APP_URL is set to '.$env_value.' and starts with the protocol (https:// or http://)'."\n"; + } + + if (str_ends(trim($env_value), "/")) { + echo '✘ APP_URL ERROR in Line #'.$line_num.' of your .env: Your APP_URL should NOT end with a trailing slash. It is currently set to: '.$env_value; + $env_error_count++; + } else { + echo '√ Your APP_URL ('.$env_value.') does not have a trailing slash.'."\n"; + } + + + } else { + echo "✘ APP_URL ERROR in Line #".$line_num.": Your APP_URL CANNOT be set to null or left blank.\n"; + $env_error_count++; + } + + } + + + } + +} + +if ($env_error_count > 0) { + echo "\n\n--------------------- !! ERROR !! ----------------------\n"; + echo "Your .env file is misconfigured. Upgrade cannot continue.\n"; + echo "------------------------- :( ---------------------------\n"; + echo "ABORTING THE INSTALLER \n"; + echo "Please correct the issues above in ".getcwd()."/.env and try again.\n"; + echo "------------------------- :( ---------------------------\n"; + exit; +} + +echo "--------------------------------------------------------\n"; +echo "STEP 2: Checking PHP requirements: \n"; +echo "--------------------------------------------------------\n\n"; + +if (version_compare(PHP_VERSION, $required_php_min, '<')) { echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ERROR !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n"; echo "This version of PHP (".PHP_VERSION.") is not compatible with Snipe-IT.\n"; - echo "Snipe-IT requires PHP version ".$required_version." or greater. Please upgrade \n"; + echo "Snipe-IT requires PHP version ".$required_php_min." or greater. Please upgrade \n"; echo "your version of PHP (web/php-fcgi and cli) and try running this script again.\n\n\n"; exit; } else { - echo "Current PHP version: (" . PHP_VERSION . ") is at least ".$required_version." - continuing... \n"; + echo "Current PHP version: (" . PHP_VERSION . ") is at least ".$required_php_min." - continuing... \n"; echo sprintf("FYI: The php.ini used by this PHP is: %s\n\n", get_cfg_var('cfg_file_path')); } @@ -133,20 +200,20 @@ if ($ext_missing!='') { echo "--------------------------------------------------------\n"; -echo "STEP 2: Backing up database: \n"; +echo "STEP 3: Backing up database: \n"; echo "--------------------------------------------------------\n\n"; $backup = shell_exec('php artisan snipeit:backup'); echo '-- '.$backup."\n\n"; echo "--------------------------------------------------------\n"; -echo "STEP 3: Putting application into maintenance mode: \n"; +echo "STEP 4: Putting application into maintenance mode: \n"; echo "--------------------------------------------------------\n\n"; $down = shell_exec('php artisan down'); echo '-- '.$down."\n"; echo "--------------------------------------------------------\n"; -echo "STEP 4: Pulling latest from Git (".$branch." branch): \n"; +echo "STEP 5: Pulling latest from Git (".$branch." branch): \n"; echo "--------------------------------------------------------\n\n"; $git_version = shell_exec('git --version'); @@ -172,7 +239,7 @@ if ((strpos('git version', $git_version)) === false) { echo "--------------------------------------------------------\n"; -echo "Step 5: Cleaning up old cached files:\n"; +echo "STEP 6: Cleaning up old cached files:\n"; echo "--------------------------------------------------------\n\n"; // Build an array of the files we generally want to delete because they @@ -205,7 +272,7 @@ echo '-- '.$view_clear; echo "\n"; echo "--------------------------------------------------------\n"; -echo "Step 6: Updating composer dependencies:\n"; +echo "STEP 7: Updating composer dependencies:\n"; echo "(This may take a moment.)\n"; echo "--------------------------------------------------------\n\n"; @@ -231,7 +298,7 @@ echo $composer; echo "--------------------------------------------------------\n"; -echo "Step 7: Migrating database:\n"; +echo "STEP 8: Migrating database:\n"; echo "--------------------------------------------------------\n\n"; $migrations = shell_exec('php artisan migrate --force'); @@ -239,7 +306,7 @@ echo $migrations."\n"; echo "--------------------------------------------------------\n"; -echo "Step 8: Checking for OAuth keys:\n"; +echo "STEP 9: Checking for OAuth keys:\n"; echo "--------------------------------------------------------\n\n"; @@ -253,7 +320,7 @@ if ((!file_exists('storage/oauth-public.key')) || (!file_exists('storage/oauth-p echo "--------------------------------------------------------\n"; -echo "Step 9: Taking application out of maintenance mode:\n"; +echo "STEP 10: Taking application out of maintenance mode:\n"; echo "--------------------------------------------------------\n\n"; $up = shell_exec('php artisan up'); @@ -267,3 +334,13 @@ echo "your upgraded Snipe-IT!\n"; echo "--------------------------------------------------------\n\n"; +function str_begins($haystack, $needle) { + return 0 === substr_compare($haystack, $needle, 0, strlen($needle)); +} + +function str_ends($haystack, $needle) { + return 0 === substr_compare($haystack, $needle, -strlen($needle)); +} + + + From 132b164a741da9a169455d717ccf3f5b00a9fcfa Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 24 May 2022 17:51:46 -0700 Subject: [PATCH 2/7] Slightly clarified error text Signed-off-by: snipe --- upgrade.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/upgrade.php b/upgrade.php index dbf30f6489..1e409e820a 100644 --- a/upgrade.php +++ b/upgrade.php @@ -60,14 +60,14 @@ foreach ($env as $line_num => $line) { echo '√ Your APP_URL is not null or blank. It is set to '.$env_value."\n"; if (!str_begins(trim($env_value), 'http://') && (!str_begins($env_value, 'https://'))) { - echo '✘ APP_URL ERROR in Line #'.$line_num.' of your .env: Your APP_URL should start with https:// or http://!! It is currently set to: '.$env_value; + echo '✘ APP_URL ERROR in your .env on line #'.$line_num.' of your .env: Your APP_URL should start with https:// or http://!! It is currently set to: '.$env_value; $env_error_count++; } else { echo '√ Your APP_URL is set to '.$env_value.' and starts with the protocol (https:// or http://)'."\n"; } if (str_ends(trim($env_value), "/")) { - echo '✘ APP_URL ERROR in Line #'.$line_num.' of your .env: Your APP_URL should NOT end with a trailing slash. It is currently set to: '.$env_value; + echo '✘ APP_URL ERROR in your .env on line #'.$line_num.' of your .env: Your APP_URL should NOT end with a trailing slash. It is currently set to: '.$env_value; $env_error_count++; } else { echo '√ Your APP_URL ('.$env_value.') does not have a trailing slash.'."\n"; @@ -75,7 +75,7 @@ foreach ($env as $line_num => $line) { } else { - echo "✘ APP_URL ERROR in Line #".$line_num.": Your APP_URL CANNOT be set to null or left blank.\n"; + echo "✘ APP_URL ERROR in your .env on line #".$line_num.": Your APP_URL CANNOT be set to null or left blank.\n"; $env_error_count++; } From 15d0fb4feb0e58dc6174dfa234e34a9d0396e43a Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 24 May 2022 18:40:15 -0700 Subject: [PATCH 3/7] Added permissions check Signed-off-by: snipe --- upgrade.php | 68 ++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 60 insertions(+), 8 deletions(-) diff --git a/upgrade.php b/upgrade.php index 1e409e820a..6aecab705d 100644 --- a/upgrade.php +++ b/upgrade.php @@ -26,6 +26,7 @@ echo "--------------------------------------------------------\n\n"; echo "This script will attempt to: \n\n"; echo "- validate some very basic .env file settings \n"; echo "- check your PHP version and extension requirements \n"; +echo "- check directory permissions \n"; echo "- do a git pull to bring you to the latest version \n"; echo "- run composer install to get your vendors up to date \n"; echo "- run migrations to get your schema up to date \n"; @@ -199,21 +200,72 @@ if ($ext_missing!='') { } + echo "--------------------------------------------------------\n"; -echo "STEP 3: Backing up database: \n"; +echo "STEP 3: Checking directory permissions: \n"; +echo "--------------------------------------------------------\n\n"; + + +$writable_dirs_array = + [ + 'bootstrap/cache', + 'storage', + 'storage/logs', + 'storage/logs/laravel.log', + 'storage/framework', + 'storage/framework/cache', + 'storage/framework/sessions', + 'storage/framework/views', + 'storage/app', + 'storage/app/backups', + 'storage/app/backups-temp', + 'storage/private_uploads', + 'public/uploads', + ]; + +$dirs_writable = ''; +$dirs_not_writable = ''; + +// Loop through the directories that need to be writable +foreach ($writable_dirs_array as $writable_dir) { + if (is_writable($writable_dir)) { + $dirs_writable .= '√ '.getcwd().'/'.$writable_dir." is writable \n"; + } else { + $dirs_not_writable .= '✘ PERMISSIONS ERROR: '.getcwd().'/'.$writable_dir." is NOT writable\n"; + } +} + +echo $dirs_writable."\n"; + +// Print out a useful error message +if ($dirs_not_writable!='') { + echo "--------------------------------------------------------\n"; + echo "The following directories/files do not seem writable: \n"; + echo "--------------------------------------------------------\n"; + + echo $dirs_not_writable; + + echo "--------------------- !! ERROR !! ----------------------\n"; + echo "Please check the permissions on the directories above and re-run this script.\n"; + echo "------------------------- :( ---------------------------\n"; +} + + +echo "--------------------------------------------------------\n"; +echo "STEP 4: Backing up database: \n"; echo "--------------------------------------------------------\n\n"; $backup = shell_exec('php artisan snipeit:backup'); echo '-- '.$backup."\n\n"; echo "--------------------------------------------------------\n"; -echo "STEP 4: Putting application into maintenance mode: \n"; +echo "STEP 5: Putting application into maintenance mode: \n"; echo "--------------------------------------------------------\n\n"; $down = shell_exec('php artisan down'); echo '-- '.$down."\n"; echo "--------------------------------------------------------\n"; -echo "STEP 5: Pulling latest from Git (".$branch." branch): \n"; +echo "STEP 6: Pulling latest from Git (".$branch." branch): \n"; echo "--------------------------------------------------------\n\n"; $git_version = shell_exec('git --version'); @@ -239,7 +291,7 @@ if ((strpos('git version', $git_version)) === false) { echo "--------------------------------------------------------\n"; -echo "STEP 6: Cleaning up old cached files:\n"; +echo "STEP 7: Cleaning up old cached files:\n"; echo "--------------------------------------------------------\n\n"; // Build an array of the files we generally want to delete because they @@ -272,7 +324,7 @@ echo '-- '.$view_clear; echo "\n"; echo "--------------------------------------------------------\n"; -echo "STEP 7: Updating composer dependencies:\n"; +echo "STEP 8: Updating composer dependencies:\n"; echo "(This may take a moment.)\n"; echo "--------------------------------------------------------\n\n"; @@ -298,7 +350,7 @@ echo $composer; echo "--------------------------------------------------------\n"; -echo "STEP 8: Migrating database:\n"; +echo "STEP 9: Migrating database:\n"; echo "--------------------------------------------------------\n\n"; $migrations = shell_exec('php artisan migrate --force'); @@ -306,7 +358,7 @@ echo $migrations."\n"; echo "--------------------------------------------------------\n"; -echo "STEP 9: Checking for OAuth keys:\n"; +echo "STEP 10: Checking for OAuth keys:\n"; echo "--------------------------------------------------------\n\n"; @@ -320,7 +372,7 @@ if ((!file_exists('storage/oauth-public.key')) || (!file_exists('storage/oauth-p echo "--------------------------------------------------------\n"; -echo "STEP 10: Taking application out of maintenance mode:\n"; +echo "STEP 11: Taking application out of maintenance mode:\n"; echo "--------------------------------------------------------\n\n"; $up = shell_exec('php artisan up'); From 116ce931ce1c943fc3d3733919a5a0cb93f59b53 Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 24 May 2022 18:44:32 -0700 Subject: [PATCH 4/7] Fixed path name to backup temp dir Signed-off-by: snipe --- upgrade.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/upgrade.php b/upgrade.php index 6aecab705d..bc6f484a21 100644 --- a/upgrade.php +++ b/upgrade.php @@ -218,7 +218,7 @@ $writable_dirs_array = 'storage/framework/views', 'storage/app', 'storage/app/backups', - 'storage/app/backups-temp', + 'storage/app/backup-temp', 'storage/private_uploads', 'public/uploads', ]; @@ -247,10 +247,11 @@ if ($dirs_not_writable!='') { echo "--------------------- !! ERROR !! ----------------------\n"; echo "Please check the permissions on the directories above and re-run this script.\n"; - echo "------------------------- :( ---------------------------\n"; + echo "------------------------- :( ---------------------------\n\n"; } + echo "--------------------------------------------------------\n"; echo "STEP 4: Backing up database: \n"; echo "--------------------------------------------------------\n\n"; From b67ed3eac2cebe53ecc192bca74d75e5e85825ee Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 24 May 2022 19:24:03 -0700 Subject: [PATCH 5/7] Check for present APP_KEY as well Signed-off-by: snipe --- upgrade.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/upgrade.php b/upgrade.php index bc6f484a21..34be8a65b1 100644 --- a/upgrade.php +++ b/upgrade.php @@ -53,6 +53,15 @@ foreach ($env as $line_num => $line) { $env_value = trim($env_value); + if ($env_key == 'APP_KEY') { + if (($env_value=='') || (strlen($env_value) < 20)) { + echo "✘ APP_KEY ERROR in your .env: Your APP_KEY should not be blank. Run php artisan key:generate to generate one."; + $env_error_count++; + } else { + echo "√ Your APP_KEY is not blank. \n"; + } + } + if ($env_key == 'APP_URL') { $app_url_length = strlen($env_value); From 8fdedf94419675d1dd9a940111d1a96d0c4ad808 Mon Sep 17 00:00:00 2001 From: Brady Wetherington Date: Tue, 24 May 2022 19:30:22 -0700 Subject: [PATCH 6/7] Downgraded/Removed log statements --- app/Models/Ldap.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/Models/Ldap.php b/app/Models/Ldap.php index 3ff82744c0..14be2fd56b 100644 --- a/app/Models/Ldap.php +++ b/app/Models/Ldap.php @@ -304,14 +304,13 @@ class Ldap extends Model // HUGE thanks to this article: https://stackoverflow.com/questions/68275972/how-to-get-paged-ldap-queries-in-php-8-and-read-more-than-1000-entries // which helped me wrap my head around paged results! - \Log::info("ldap conn is: ".$ldapconn." basedn is: $base_dn, filter is: $filter - count is: $count. page size is: $page_size"); //FIXME - remove // if a $count is set and it's smaller than $page_size then use that as the page size $ldap_controls = []; //if($count == -1) { //count is -1 means we have to employ paging to query the entire directory $ldap_controls = [['oid' => LDAP_CONTROL_PAGEDRESULTS, 'iscritical' => false, 'value' => ['size'=> $count == -1||$count>$page_size ? $page_size : $count, 'cookie' => $cookie]]]; //} $search_results = ldap_search($ldapconn, $base_dn, $filter, [], 0, /* $page_size */ -1, -1, LDAP_DEREF_NEVER, $ldap_controls); // TODO - I hate the @, and I hate that we get a full page even if we ask for 10 records. Can we use an ldap_control? - \Log::info("did the search run? I guess so if you got here!"); + \Log::debug("did the search run? I guess so if you got here!"); if (! $search_results) { return redirect()->route('users.index')->with('error', trans('admin/users/message.error.ldap_could_not_search').ldap_error($ldapconn)); // TODO this is never called in any routed context - only from the Artisan command. So this redirect will never work. } From 43e97ea6ea564599305c5ad5a80ebc3d956f4604 Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 24 May 2022 19:36:01 -0700 Subject: [PATCH 7/7] Make printout more consistent Signed-off-by: snipe --- upgrade.php | 43 +++++++++++++++++++++++++------------------ 1 file changed, 25 insertions(+), 18 deletions(-) diff --git a/upgrade.php b/upgrade.php index 34be8a65b1..92d75f3a28 100644 --- a/upgrade.php +++ b/upgrade.php @@ -43,6 +43,8 @@ echo "--------------------------------------------------------\n\n"; // Check the .env looks ok $env = file('.env'); $env_error_count = 0; +$env_good = ''; +$env_bad = ''; // Loop through each line of the .env foreach ($env as $line_num => $line) { @@ -51,14 +53,16 @@ foreach ($env as $line_num => $line) { list ($env_key, $env_value) = $env_line = explode('=', $line); + // The array starts at 0 + $show_line_num = $line_num+1; + $env_value = trim($env_value); if ($env_key == 'APP_KEY') { if (($env_value=='') || (strlen($env_value) < 20)) { - echo "✘ APP_KEY ERROR in your .env: Your APP_KEY should not be blank. Run php artisan key:generate to generate one."; - $env_error_count++; + $env_bad .= "✘ APP_KEY ERROR in your .env on line #'.$show_line_num.': Your APP_KEY should not be blank. Run `php artisan key:generate` to generate one.\n"; } else { - echo "√ Your APP_KEY is not blank. \n"; + $env_good .= "√ Your APP_KEY is not blank. \n"; } } @@ -67,26 +71,23 @@ foreach ($env as $line_num => $line) { $app_url_length = strlen($env_value); if (($env_value!="null") && ($env_value!="")) { - echo '√ Your APP_URL is not null or blank. It is set to '.$env_value."\n"; + $env_good .= '√ Your APP_URL is not null or blank. It is set to '.$env_value."\n"; if (!str_begins(trim($env_value), 'http://') && (!str_begins($env_value, 'https://'))) { - echo '✘ APP_URL ERROR in your .env on line #'.$line_num.' of your .env: Your APP_URL should start with https:// or http://!! It is currently set to: '.$env_value; - $env_error_count++; + $env_bad .= '✘ APP_URL ERROR in your .env on line #'.$show_line_num.': Your APP_URL should start with https:// or http://!! It is currently set to: '.$env_value; } else { - echo '√ Your APP_URL is set to '.$env_value.' and starts with the protocol (https:// or http://)'."\n"; + $env_good .= '√ Your APP_URL is set to '.$env_value.' and starts with the protocol (https:// or http://)'."\n"; } if (str_ends(trim($env_value), "/")) { - echo '✘ APP_URL ERROR in your .env on line #'.$line_num.' of your .env: Your APP_URL should NOT end with a trailing slash. It is currently set to: '.$env_value; - $env_error_count++; + $env_bad .= '✘ APP_URL ERROR in your .env on line #'.$show_line_num.': Your APP_URL should NOT end with a trailing slash. It is currently set to: '.$env_value; } else { - echo '√ Your APP_URL ('.$env_value.') does not have a trailing slash.'."\n"; + $env_good .= '√ Your APP_URL ('.$env_value.') does not have a trailing slash.'."\n"; } } else { - echo "✘ APP_URL ERROR in your .env on line #".$line_num.": Your APP_URL CANNOT be set to null or left blank.\n"; - $env_error_count++; + $env_bad .= "✘ APP_URL ERROR in your .env on line #".$show_line_num.": Your APP_URL CANNOT be set to null or left blank.\n"; } } @@ -96,16 +97,22 @@ foreach ($env as $line_num => $line) { } -if ($env_error_count > 0) { - echo "\n\n--------------------- !! ERROR !! ----------------------\n"; +echo $env_good; + +if ($env_bad !='') { + + echo "\n--------------------- !! ERROR !! ----------------------\n"; echo "Your .env file is misconfigured. Upgrade cannot continue.\n"; - echo "------------------------- :( ---------------------------\n"; + echo "--------------------------------------------------------\n\n"; + echo $env_bad; + echo "\n\n--------------------------------------------------------\n"; echo "ABORTING THE INSTALLER \n"; echo "Please correct the issues above in ".getcwd()."/.env and try again.\n"; - echo "------------------------- :( ---------------------------\n"; + echo "--------------------------------------------------------\n"; exit; } + echo "--------------------------------------------------------\n"; echo "STEP 2: Checking PHP requirements: \n"; echo "--------------------------------------------------------\n\n"; @@ -198,10 +205,10 @@ if ($ext_missing!='') { echo "--------------------- !! ERROR !! ----------------------\n"; echo $ext_missing; - echo "------------------------- :( ---------------------------\n"; + echo "--------------------------------------------------------\n"; echo "ABORTING THE INSTALLER \n"; echo "Please install the extensions above and re-run this script.\n"; - echo "------------------------- :( ---------------------------\n"; + echo "--------------------------------------------------------\n"; exit; } else { echo $ext_installed."\n";