aboutsummaryrefslogtreecommitdiff
path: root/app/Controllers/updateController.php
diff options
context:
space:
mode:
authorGravatar Marien Fressinaud <dev@marienfressinaud.fr> 2014-08-12 20:15:46 +0200
committerGravatar Marien Fressinaud <dev@marienfressinaud.fr> 2014-08-12 20:15:46 +0200
commit909d8747ba09f9c9a6ac895f1f4f0763bdb27a55 (patch)
treed3b848870d6c3721716057e215ebaf93271dd52c /app/Controllers/updateController.php
parent1e71e672501f1d57a3d13cc7cb185f65a28c7b1d (diff)
Update system now uses HTTPS connection
- Add some curl checks - Refactor code
Diffstat (limited to 'app/Controllers/updateController.php')
-rw-r--r--app/Controllers/updateController.php60
1 files changed, 32 insertions, 28 deletions
diff --git a/app/Controllers/updateController.php b/app/Controllers/updateController.php
index fa62f4a70..857d975b2 100644
--- a/app/Controllers/updateController.php
+++ b/app/Controllers/updateController.php
@@ -44,43 +44,47 @@ class FreshRSS_update_Controller extends Minz_ActionController {
$c = curl_init(FRESHRSS_UPDATE_WEBSITE);
curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true);
+ curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2);
$result = curl_exec($c);
+ $c_status = curl_getinfo($c, CURLINFO_HTTP_CODE);
+ curl_close($c);
- if (curl_getinfo($c, CURLINFO_HTTP_CODE) == 200) {
- $res_array = explode("\n", $result, 2);
- $status = $res_array[0];
-
- if (strpos($status, 'UPDATE') === 0) {
- $script = $res_array[1];
- if (file_put_contents(UPDATE_FILENAME, $script) !== false) {
- $this->view->message = array(
- 'status' => 'good',
- 'title' => _t('ok'),
- 'body' => _t('update_can_apply', _url('update', 'apply'))
- );
- } else {
- $this->view->message = array(
- 'status' => 'bad',
- 'title' => _t('damn'),
- 'body' => _t('update_problem', 'Cannot save the update script')
- );
- }
- } else {
- $this->view->message = array(
- 'status' => 'bad',
- 'title' => _t('damn'),
- 'body' => _t('no_update')
- );
- }
- } else {
+ if ($c_status !== 200) {
$this->view->message = array(
'status' => 'bad',
'title' => _t('damn'),
'body' => _t('update_server_not_found', FRESHRSS_UPDATE_WEBSITE)
);
+ return;
}
- curl_close($c);
+ $res_array = explode("\n", $result, 2);
+ $status = $res_array[0];
+ if (strpos($status, 'UPDATE') !== 0) {
+ $this->view->message = array(
+ 'status' => 'bad',
+ 'title' => _t('damn'),
+ 'body' => _t('no_update')
+ );
+
+ return;
+ }
+
+ $script = $res_array[1];
+ if (file_put_contents(UPDATE_FILENAME, $script) !== false) {
+ $this->view->message = array(
+ 'status' => 'good',
+ 'title' => _t('ok'),
+ 'body' => _t('update_can_apply', _url('update', 'apply'))
+ );
+ } else {
+ $this->view->message = array(
+ 'status' => 'bad',
+ 'title' => _t('damn'),
+ 'body' => _t('update_problem', 'Cannot save the update script')
+ );
+ }
}
public function applyAction() {
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-10 15:19:34 +0000