Restore latest version check which also fixes Issue#128
This commit is contained in:
parent
9d835d3ed2
commit
07b3dc3f1d
|
@ -993,6 +993,7 @@ class Adminer {
|
||||||
?>
|
?>
|
||||||
<h1>
|
<h1>
|
||||||
<?php echo $this->name(); ?> <span class="version"><?php echo $VERSION; ?></span>
|
<?php echo $this->name(); ?> <span class="version"><?php echo $VERSION; ?></span>
|
||||||
|
<a href="https://download.adminerevo.org/latest/adminer/"<?php echo target_blank(); ?> id="version"><?php echo (version_compare($VERSION, $_COOKIE["adminer_version"]) < 0 ? h($_COOKIE["adminer_version"]) : ""); ?></a>
|
||||||
</h1>
|
</h1>
|
||||||
<?php
|
<?php
|
||||||
if ($missing == "auth") {
|
if ($missing == "auth") {
|
||||||
|
|
|
@ -35,21 +35,9 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
|
||||||
<body class="<?php echo lang('ltr'); ?> nojs <?php echo $GLOBALS['project']; ?>">
|
<body class="<?php echo lang('ltr'); ?> nojs <?php echo $GLOBALS['project']; ?>">
|
||||||
<?php
|
<?php
|
||||||
$filename = get_temp_dir() . "/adminer.version";
|
$filename = get_temp_dir() . "/adminer.version";
|
||||||
if (!$_COOKIE["adminer_version"] && function_exists('openssl_verify') && file_exists($filename) && filemtime($filename) + 86400 > time()) { // 86400 - 1 day in seconds
|
if (!$_COOKIE["adminer_version"] && file_exists($filename) && filemtime($filename) + 86400 > time()) { // 86400 - 1 day in seconds
|
||||||
$version = unserialize(file_get_contents($filename));
|
$version = unserialize(file_get_contents($filename));
|
||||||
$public = "-----BEGIN PUBLIC KEY-----
|
$_COOKIE["adminer_version"] = $version["version"]; // doesn't need to send to the browser
|
||||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqWOVuF5uw7/+Z70djoK
|
|
||||||
RlHIZFZPO0uYRezq90+7Amk+FDNd7KkL5eDve+vHRJBLAszF/7XKXe11xwliIsFs
|
|
||||||
DFWQlsABVZB3oisKCBEuI71J4kPH8dKGEWR9jDHFw3cWmoH3PmqImX6FISWbG3B8
|
|
||||||
h7FIx3jEaw5ckVPVTeo5JRm/1DZzJxjyDenXvBQ/6o9DgZKeNDgxwKzH+sw9/YCO
|
|
||||||
jHnq1cFpOIISzARlrHMa/43YfeNRAm/tsBXjSxembBPo7aQZLAWHmaj5+K19H10B
|
|
||||||
nCpz9Y++cipkVEiKRGih4ZEvjoFysEOdRLj6WiD/uUNky4xGeA6LaJqh5XpkFkcQ
|
|
||||||
fQIDAQAB
|
|
||||||
-----END PUBLIC KEY-----
|
|
||||||
";
|
|
||||||
if (openssl_verify($version["version"], base64_decode($version["signature"]), $public) == 1) {
|
|
||||||
$_COOKIE["adminer_version"] = $version["version"]; // doesn't need to send to the browser
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
<script<?php echo nonce(); ?>>
|
<script<?php echo nonce(); ?>>
|
||||||
|
@ -133,8 +121,8 @@ function csp() {
|
||||||
return array(
|
return array(
|
||||||
array(
|
array(
|
||||||
"script-src" => "'self' 'unsafe-inline' 'nonce-" . get_nonce() . "' 'strict-dynamic'", // 'self' is a fallback for browsers not supporting 'strict-dynamic', 'unsafe-inline' is a fallback for browsers not supporting 'nonce-'
|
"script-src" => "'self' 'unsafe-inline' 'nonce-" . get_nonce() . "' 'strict-dynamic'", // 'self' is a fallback for browsers not supporting 'strict-dynamic', 'unsafe-inline' is a fallback for browsers not supporting 'nonce-'
|
||||||
"connect-src" => "'self'",
|
"connect-src" => "'self' https://api.github.com/repos/adminerevo/adminerevo/releases/latest",
|
||||||
"frame-src" => "https://www.adminer.org",
|
"frame-src" => "'self'",
|
||||||
"object-src" => "'none'",
|
"object-src" => "'none'",
|
||||||
"base-uri" => "'none'",
|
"base-uri" => "'none'",
|
||||||
"form-action" => "'self'",
|
"form-action" => "'self'",
|
||||||
|
|
|
@ -101,27 +101,22 @@ function cookie(assign, days) {
|
||||||
*/
|
*/
|
||||||
function verifyVersion(current, url, token) {
|
function verifyVersion(current, url, token) {
|
||||||
cookie('adminer_version=0', 1);
|
cookie('adminer_version=0', 1);
|
||||||
var iframe = document.createElement('iframe');
|
ajax('https://api.github.com/repos/adminerevo/adminerevo/releases/latest', function (request) {
|
||||||
iframe.src = 'https://www.adminer.org/version/?current=' + current;
|
var data = window.JSON ? JSON.parse(request.responseText) : eval('(' + request.responseText + ')');
|
||||||
iframe.frameBorder = 0;
|
version = data.tag_name.replace(/[^\d.]/g, '');
|
||||||
iframe.marginHeight = 0;
|
|
||||||
iframe.scrolling = 'no';
|
if (version) {
|
||||||
iframe.style.width = '7ex';
|
cookie('adminer_version=' + version, 1);
|
||||||
iframe.style.height = '1.25em';
|
var data = 'version=' + version;
|
||||||
if (window.postMessage && window.addEventListener) {
|
ajax(url + 'script=version', function () {
|
||||||
iframe.style.display = 'none';
|
}, data + '&token=' + token);
|
||||||
addEventListener('message', function (event) {
|
|
||||||
if (event.origin == 'https://www.adminer.org') {
|
if (version != current) {
|
||||||
var match = /version=(.+)/.exec(event.data);
|
qs('#version').innerText = version;
|
||||||
if (match) {
|
|
||||||
cookie('adminer_version=' + match[1], 1);
|
|
||||||
ajax(url + 'script=version', function () {
|
|
||||||
}, event.data + '&token=' + token);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}, false);
|
}
|
||||||
}
|
|
||||||
qs('#version').appendChild(iframe);
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Get value of select
|
/** Get value of select
|
||||||
|
|
Loading…
Reference in a new issue