From c0a2b55cd057b7747c6ba7ac3b243dd89408b40c Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 17:31:47 +0200 Subject: [PATCH 01/12] bug suppression de fichiers involontaire --- pages/visitor/candidature/save.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/visitor/candidature/save.php b/pages/visitor/candidature/save.php index d34024b..fd8e138 100644 --- a/pages/visitor/candidature/save.php +++ b/pages/visitor/candidature/save.php @@ -461,7 +461,7 @@ $aResponse["message"]["type"] = "success"; //if edit clean old file if($bEdit){ - vars::removeDirectory(dirname($OldCandidature->getPath_pic())); + // vars::removeDirectory(dirname($OldCandidature->getPath_pic())); $aResponse["message"]["text"] = "Modification enregistrée !"; }else{ $aResponse["message"]["text"] = "Candidature envoyée correctement !"; From 598fa90171bb53fd9cb3777529597cdeefef80d4 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 17:32:06 +0200 Subject: [PATCH 02/12] =?UTF-8?q?Mise=20=C3=A0=20jour=20du=20message=20de?= =?UTF-8?q?=20maintenance=20(francais)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- web/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/index.php b/web/index.php index 86940bb..6fe019e 100644 --- a/web/index.php +++ b/web/index.php @@ -10,7 +10,7 @@ require_once 'maintenance.php'; } if($bMaintenance){ - echo "

Under maintenance, please try later ...

"; + echo "

Site Web en maintenance, merci de réessayer plus tard.

Informations : candidature@mavoix.info

"; }else{ //composer loader require_once '../vendor/autoload.php'; From 5f02faf37e167c802ad1a581ee20eaa732fb4883 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 18:54:56 +0200 Subject: [PATCH 03/12] Script de test de fichiers manquants --- pages/admin/candidature/hotfix-1-9-2.php | 31 +++++++++++++++++++ .../admin/candidature/hotfix-1-9-2.html.twig | 7 +++++ web/config.sample.php | 3 +- 3 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 pages/admin/candidature/hotfix-1-9-2.php create mode 100644 templates/admin/candidature/hotfix-1-9-2.html.twig diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php new file mode 100644 index 0000000..a120184 --- /dev/null +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -0,0 +1,31 @@ + IMPOSSIBLE DE TROUVER : ".$sPath.""; + } + return $sOut; +} + +if( ConfigService::get("enable-script-hotfix-1-9-2") ) { + + //liste les candidatures en base + $oListeCandidature = new CandidatureListe(); + $oListeCandidature->applyRules4ListAdmin(); + $aCandidatures = $oListeCandidature->getPage(); + // parcrous les candidatures + foreach ($aCandidatures as $aCandidature) { + + $aDataScript["out"] .="
CANDIDATURE :".$aCandidature["id"]; + $aDataScript["out"] .= testPath($aCandidature["path_pic"]); + $aDataScript["out"] .= testPath($aCandidature["path_certificate"]); + $aDataScript["out"] .= testPath($aCandidature["path_idcard"]); + $aDataScript["out"] .= testPath($aCandidature["path_idcard_verso"]); + $aDataScript["out"] .= testPath($aCandidature["path_criminal_record"]); + + } +}else{ + $aDataScript["out"] .= "
EXECUTION BLOQUE (cf. fichier de config)
"; +} \ No newline at end of file diff --git a/templates/admin/candidature/hotfix-1-9-2.html.twig b/templates/admin/candidature/hotfix-1-9-2.html.twig new file mode 100644 index 0000000..96ba898 --- /dev/null +++ b/templates/admin/candidature/hotfix-1-9-2.html.twig @@ -0,0 +1,7 @@ +{% extends "admin/base.html.twig" %} + + +{% block body %} + HOTFIX + {{ out|raw }} +{% endblock %} \ No newline at end of file diff --git a/web/config.sample.php b/web/config.sample.php index fb305dc..57f5233 100644 --- a/web/config.sample.php +++ b/web/config.sample.php @@ -41,4 +41,5 @@ $_CONFIG["mime-type-limit"] = array('image/jpeg'=>'jpg','image/png'=>'png'); $_CONFIG["enable-captcha"] = true; //enable or disable captcha $_CONFIG["enable-captcha-editlink"] = true; //enable or disable captcha for ask edit link form -$_CONFIG["enable-script-hotfix-1-9-1"] = false; //activer pour permettre l'execution du script de rattrapage du hotfix \ No newline at end of file +$_CONFIG["enable-script-hotfix-1-9-1"] = false; //activer pour permettre l'execution du script de rattrapage du hotfix +$_CONFIG["enable-script-hotfix-1-9-2"] = false; //activer pour permettre l'execution du script de rattrapage du hotfix \ No newline at end of file From d02c44d8ab19498515b3c20efa063dafaf734b10 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 19:03:29 +0200 Subject: [PATCH 04/12] modification du Script de test de fichiers manquants (n'affiche rien si tout est bon) --- pages/admin/candidature/hotfix-1-9-2.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php index a120184..c2f4313 100644 --- a/pages/admin/candidature/hotfix-1-9-2.php +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -17,13 +17,15 @@ function testPath($sPath){ $aCandidatures = $oListeCandidature->getPage(); // parcrous les candidatures foreach ($aCandidatures as $aCandidature) { - - $aDataScript["out"] .="
CANDIDATURE :".$aCandidature["id"]; - $aDataScript["out"] .= testPath($aCandidature["path_pic"]); - $aDataScript["out"] .= testPath($aCandidature["path_certificate"]); - $aDataScript["out"] .= testPath($aCandidature["path_idcard"]); - $aDataScript["out"] .= testPath($aCandidature["path_idcard_verso"]); - $aDataScript["out"] .= testPath($aCandidature["path_criminal_record"]); + $sOut=""; + $sOut.= testPath($aCandidature["path_pic"]); + $sOut.= testPath($aCandidature["path_certificate"]); + $sOut.= testPath($aCandidature["path_idcard"]); + $sOut.= testPath($aCandidature["path_idcard_verso"]); + $sOut.= testPath($aCandidature["path_criminal_record"]); + if($sOut!=""){ + $aDataScript["out"] .="
CANDIDATURE :".$aCandidature["id"].$sOut; + } } }else{ From 3435acb87ce9c7df63b78108b6120853020f5e7c Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 19:10:13 +0200 Subject: [PATCH 05/12] modification du Script de test de fichiers manquants (compteurs) --- pages/admin/candidature/hotfix-1-9-2.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php index c2f4313..51130fa 100644 --- a/pages/admin/candidature/hotfix-1-9-2.php +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -1,10 +1,15 @@ IMPOSSIBLE DE TROUVER : ".$sPath.""; + $nCountFiles++; } return $sOut; } @@ -24,10 +29,14 @@ function testPath($sPath){ $sOut.= testPath($aCandidature["path_idcard_verso"]); $sOut.= testPath($aCandidature["path_criminal_record"]); if($sOut!=""){ + $nCountCandidats++; $aDataScript["out"] .="
CANDIDATURE :".$aCandidature["id"].$sOut; } - } + $aDataScript["out"] .= "
"; + $aDataScript["out"] .= "
candidatures : $nCountCandidats
"; + $aDataScript["out"] .= "
fichiers : $nCountFiles
"; + }else{ $aDataScript["out"] .= "
EXECUTION BLOQUE (cf. fichier de config)
"; } \ No newline at end of file From f84462262b063b0fcc941bb8343889eb58356bc5 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 20:21:43 +0200 Subject: [PATCH 06/12] =?UTF-8?q?script=20de=20r=C3=A9cuperation=20de=20fi?= =?UTF-8?q?chier?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pages/admin/candidature/hotfix-1-9-2.php | 50 ++++++++++++++++++++---- 1 file changed, 43 insertions(+), 7 deletions(-) diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php index 51130fa..873fe06 100644 --- a/pages/admin/candidature/hotfix-1-9-2.php +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -3,13 +3,49 @@ global $nCountFiles; $nCountFiles=0; $nCountCandidats=0; - -function testPath($sPath){ +if(!isset($_GET["action"])){ + $_GET["action"]=''; +} +function testPath($sPath,$sField,$nId){ global $nCountFiles; $sOut=""; if(!file_exists($sPath) && $sPath!=""){ $sOut.="
IMPOSSIBLE DE TROUVER : ".$sPath."
"; $nCountFiles++; + if( $_GET["action"]=="tentative-recup" || $_GET["action"]=="recup" ){ + $sSql="SELECT $sField FROM `candidature-backup` WHERE id='".$nId."'"; + $stmt=DbLink::getInstance()->prepare($sSql); + $stmt->execute(array()); + $data=$stmt->fetchAll(); + if(count($data)){ + $sFile=$data[0][$sField]; + if(file_exists($sFile)){ + $sOut.="
--- Fichier récupérable : ".$sFile."
"; + if($_GET["action"]=="recup"){ + $candidature=new Candidature(array("id"=>$nId)); + $candidature->hydrateFromBDD(array("*")); + switch($sField){ + case "path_pic": $candidature->setPath_pic($sFile); break; + case "path_certificate": $candidature->setPath_certificate($sFile); break; + case "path_idcard": $candidature->setPath_idcard($sFile); break; + case "path_idcard_verso": $candidature->setPath_idcard_verso($sFile); break; + case "path_criminal_record": $candidature->setPath_criminal_record($sFile); break; + } + + //$candidature->save(); + $sOut.="
------- Fichier récupéré : ".$sFile."
"; + + } + }else{ + $sOut.="
--- Fichier irrécupérable
"; + } + } + + + + } + + } return $sOut; } @@ -23,11 +59,11 @@ function testPath($sPath){ // parcrous les candidatures foreach ($aCandidatures as $aCandidature) { $sOut=""; - $sOut.= testPath($aCandidature["path_pic"]); - $sOut.= testPath($aCandidature["path_certificate"]); - $sOut.= testPath($aCandidature["path_idcard"]); - $sOut.= testPath($aCandidature["path_idcard_verso"]); - $sOut.= testPath($aCandidature["path_criminal_record"]); + $sOut.= testPath($aCandidature["path_pic"],"path_pic",$aCandidature["id"]); + $sOut.= testPath($aCandidature["path_certificate"],"path_certificate",$aCandidature["id"]); + $sOut.= testPath($aCandidature["path_idcard"],"path_idcard",$aCandidature["id"]); + $sOut.= testPath($aCandidature["path_idcard_verso"],"path_idcard_verso",$aCandidature["id"]); + $sOut.= testPath($aCandidature["path_criminal_record"],"path_idcard_verso",$aCandidature["id"]); if($sOut!=""){ $nCountCandidats++; $aDataScript["out"] .="
CANDIDATURE :".$aCandidature["id"].$sOut; From 67affa3de25d01c8b0a6f65f53f40422f695e101 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 20:30:19 +0200 Subject: [PATCH 07/12] =?UTF-8?q?script=20de=20r=C3=A9cuperation=20de=20fi?= =?UTF-8?q?chier=20(ajout=20de=20la=20sauvegarde)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pages/admin/candidature/hotfix-1-9-2.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php index 873fe06..4dd6d23 100644 --- a/pages/admin/candidature/hotfix-1-9-2.php +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -32,7 +32,7 @@ function testPath($sPath,$sField,$nId){ case "path_criminal_record": $candidature->setPath_criminal_record($sFile); break; } - //$candidature->save(); + $candidature->save(); $sOut.="
------- Fichier récupéré : ".$sFile."
"; } From 2b13d6af1362d84854252356320ca3cfa1fe6f94 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 20:37:08 +0200 Subject: [PATCH 08/12] =?UTF-8?q?script=20de=20r=C3=A9cuperation=20de=20fi?= =?UTF-8?q?chier=20(css)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pages/admin/candidature/hotfix-1-9-2.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php index 4dd6d23..a1df2fc 100644 --- a/pages/admin/candidature/hotfix-1-9-2.php +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -31,13 +31,12 @@ function testPath($sPath,$sField,$nId){ case "path_idcard_verso": $candidature->setPath_idcard_verso($sFile); break; case "path_criminal_record": $candidature->setPath_criminal_record($sFile); break; } - $candidature->save(); $sOut.="
------- Fichier récupéré : ".$sFile."
"; } }else{ - $sOut.="
--- Fichier irrécupérable
"; + $sOut.="
--- Fichier irrécupérable
"; } } From 538fdf8f248e35206198a2c70a3675025f12f673 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 20:48:45 +0200 Subject: [PATCH 09/12] =?UTF-8?q?script=20de=20r=C3=A9cuperation=20de=20fi?= =?UTF-8?q?chier=20(ajout=20du=20champ=20recherch=C3=A9)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pages/admin/candidature/hotfix-1-9-2.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php index a1df2fc..dceccc7 100644 --- a/pages/admin/candidature/hotfix-1-9-2.php +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -10,7 +10,7 @@ function testPath($sPath,$sField,$nId){ global $nCountFiles; $sOut=""; if(!file_exists($sPath) && $sPath!=""){ - $sOut.="
IMPOSSIBLE DE TROUVER : ".$sPath."
"; + $sOut.="
IMPOSSIBLE DE TROUVER $sField : ".$sPath."
"; $nCountFiles++; if( $_GET["action"]=="tentative-recup" || $_GET["action"]=="recup" ){ $sSql="SELECT $sField FROM `candidature-backup` WHERE id='".$nId."'"; @@ -20,7 +20,7 @@ function testPath($sPath,$sField,$nId){ if(count($data)){ $sFile=$data[0][$sField]; if(file_exists($sFile)){ - $sOut.="
--- Fichier récupérable : ".$sFile."
"; + $sOut.="
--- Fichier récupérable $sField : ".$sFile."
"; if($_GET["action"]=="recup"){ $candidature=new Candidature(array("id"=>$nId)); $candidature->hydrateFromBDD(array("*")); @@ -32,13 +32,14 @@ function testPath($sPath,$sField,$nId){ case "path_criminal_record": $candidature->setPath_criminal_record($sFile); break; } $candidature->save(); - $sOut.="
------- Fichier récupéré : ".$sFile."
"; + $sOut.="
------- Fichier récupéré $sField : ".$sFile."
"; } }else{ - $sOut.="
--- Fichier irrécupérable
"; + $sOut.="
--- Fichier irrécupérable $sField
"; } } + $sOut.="
IMPOSSIBLE DE RECUPERER LA BACKUP $sField : ".$sPath."
"; From 06bd2aa906629926b8b798af8df2140d3a22e44f Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 20:52:00 +0200 Subject: [PATCH 10/12] =?UTF-8?q?script=20de=20r=C3=A9cuperation=20de=20fi?= =?UTF-8?q?chier=20(ajout=20du=20else=20et=20correction=20bug)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pages/admin/candidature/hotfix-1-9-2.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php index dceccc7..773a1be 100644 --- a/pages/admin/candidature/hotfix-1-9-2.php +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -38,8 +38,10 @@ function testPath($sPath,$sField,$nId){ }else{ $sOut.="
--- Fichier irrécupérable $sField
"; } + }else{ + $sOut.="
IMPOSSIBLE DE RECUPERER LA BACKUP $sField : ".$sPath."
"; } - $sOut.="
IMPOSSIBLE DE RECUPERER LA BACKUP $sField : ".$sPath."
"; + @@ -63,7 +65,7 @@ function testPath($sPath,$sField,$nId){ $sOut.= testPath($aCandidature["path_certificate"],"path_certificate",$aCandidature["id"]); $sOut.= testPath($aCandidature["path_idcard"],"path_idcard",$aCandidature["id"]); $sOut.= testPath($aCandidature["path_idcard_verso"],"path_idcard_verso",$aCandidature["id"]); - $sOut.= testPath($aCandidature["path_criminal_record"],"path_idcard_verso",$aCandidature["id"]); + $sOut.= testPath($aCandidature["path_criminal_record"],"path_criminal_record",$aCandidature["id"]); if($sOut!=""){ $nCountCandidats++; $aDataScript["out"] .="
CANDIDATURE :".$aCandidature["id"].$sOut; From 0fb46e8be8b22045119880119440065687e9bcf4 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 21:00:17 +0200 Subject: [PATCH 11/12] =?UTF-8?q?script=20de=20r=C3=A9cuperation=20de=20fi?= =?UTF-8?q?chier=20(nettoyage=20des=20champs=20avec=20des=20fichiers=20qui?= =?UTF-8?q?=20n'existent=20plus)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pages/admin/candidature/hotfix-1-9-2.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/pages/admin/candidature/hotfix-1-9-2.php b/pages/admin/candidature/hotfix-1-9-2.php index 773a1be..b6a1d4d 100644 --- a/pages/admin/candidature/hotfix-1-9-2.php +++ b/pages/admin/candidature/hotfix-1-9-2.php @@ -37,6 +37,19 @@ function testPath($sPath,$sField,$nId){ } }else{ $sOut.="
--- Fichier irrécupérable $sField
"; + if($_GET["action"]=="recup"){ + $candidature=new Candidature(array("id"=>$nId)); + $candidature->hydrateFromBDD(array("*")); + switch($sField){ + case "path_pic": $candidature->setPath_pic(""); break; + case "path_certificate": $candidature->setPath_certificate(""); break; + case "path_idcard": $candidature->setPath_idcard(""); break; + case "path_idcard_verso": $candidature->setPath_idcard_verso(""); break; + case "path_criminal_record": $candidature->setPath_criminal_record(""); break; + } + $candidature->save(); + } + } }else{ $sOut.="
IMPOSSIBLE DE RECUPERER LA BACKUP $sField : ".$sPath."
"; From dae6e63d6ab393dd00783c730fe91cc9268c7949 Mon Sep 17 00:00:00 2001 From: Clement Date: Mon, 1 May 2017 21:13:43 +0200 Subject: [PATCH 12/12] Note de version --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index cbd618e..9d77340 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Candidature #MAVOIX v1.9.1 +# Candidature #MAVOIX v1.9.2 Soumission et publication des inscriptions au tirage au sort [#MAVOIX](https://mavoix.info). @@ -9,6 +9,10 @@ Version de test : https://candidature.maudry.fr ## Notes de version +### 1.9.2 + +- Hotfix script de récupération de fichiers manquants effacés (grâce à la sauvegarde) + ### 1.9.1 - Hotfix faille de sécurité qui permettait la récupération des justificatifs des candidats