Self update

.gitignore

@@ -1,33 +1,35 @@
-#Vagrant
-.vagrant/
-
-# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm
-*.iml
-## Directory-based project format:
-.idea/
-
-## File-based project format:
-*.ipr
-*.iws
-
-#Exclude composer vendor folders
-vendor
-composer.lock
-
-# Uploaded Images
-thumbnails
-
-# SASS
-.sass-cache
-
-#skins
-adminlte
-font-awesome
-ionicons
-
-# Configuration files with passwords
-src/Include/Config.php
-
-target
-/src/orm/model/ChurchCRM/Base/
-/src/orm/model/ChurchCRM/Map/
+#Vagrant
+.vagrant/
+
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm
+*.iml
+## Directory-based project format:
+.idea/
+
+## File-based project format:
+*.ipr
+*.iws
+
+#Exclude composer vendor folders
+vendor
+composer.lock
+
+# Uploaded Images
+thumbnails
+
+# SASS
+.sass-cache
+
+#skins
+adminlte
+font-awesome
+ionicons
+
+# Configuration files with passwords
+src/Include/Config.php
+
+target
+/src/orm/model/ChurchCRM/Base/
+/src/orm/model/ChurchCRM/Map/
+/src/signatures.json
+/src/integrityCheck.json

build.xml

@@ -29,6 +29,7 @@
                 <include name="**"/>
                 <exclude name="Images/Person/thumbnails/*.jpg"/>
                 <exclude name="composer.lock"/>
+                <exclude name="signatures.json"/>
                 <exclude name="Include/Config.php"/>
                 <exclude name="vendor/almasaeed2010/**"/>
                 <exclude name="vendor/components/**"/>
@@ -41,6 +42,11 @@
                 <exclude name="skin/adminlte/plugins/datatables/extensions/TableTools/images/psd/**"/>
             </fileset>
         </copy>
+
+        <echo message="Generating code signature file..."/>
+        <exec command = "php generateSignatures.php ${sourcedir}/churchcrm" passthru="true"/>
+
+
 
     </target>
 

generateSignatures.php

@@ -0,0 +1,36 @@
+<?php
+
+/* 
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+$CRMRoot = $argv[1];
+$CRMRootLen = strlen($CRMRoot);
+$signatureFile = $CRMRoot."/signatures.json";
+$composerFile = file_get_contents(__DIR__. "/src/composer.json");
+$composerJson = json_decode($composerFile, true);
+
+echo "Creating Signature Definition at: ".$signatureFile."\r\n";
+
+$signatureData = new stdClass();
+$signatureData->version = $composerJson["version"];
+$signatureData->files =  array();
+
+$projectFiles = new RecursiveDirectoryIterator($CRMRoot);
+$Iterator = new RecursiveIteratorIterator($projectFiles);
+$Regex = new RegexIterator($Iterator, '/^.+\.(php|js)$/i', RecursiveRegexIterator::GET_MATCH);
+foreach ($Regex as $obj )
+{
+  $file = new stdClass();
+  $file->filename = substr($obj[0], $CRMRootLen+1);
+  $file->sha1 = sha1_file($CRMRoot."/".$file->filename);
+  array_push($signatureData->files, $file);
+}
+
+ksort($signatureData->files);
+
+$signatureData->sha1 = sha1(json_encode($signatureData->files));
+file_put_contents($signatureFile, json_encode($signatureData));
+
+?>

src/Include/HeaderNotLoggedIn.php

@@ -24,4 +24,8 @@
   <title>ChurchCRM: <?= gettext($sPageTitle) ?></title>
 </head>
 <body class="hold-transition login-page">
+
+  <script language="javascript" type="text/javascript">
+    window.CRM = {root: "<?= $sRootPath ?>"};
+  </script>
 

src/IntegrityCheck.php

@@ -0,0 +1,94 @@
+<?php
+/*******************************************************************************
+*
+*  filename    : GroupList.php
+*  website     : http://www.churchcrm.io
+*  copyright   : Copyright 2001, 2002 Deane Barker
+*
+*
+*  Additional Contributors:
+*  2006 Ed Davis
+*  2016 Charles Crossan
+*
+*
+*  Copyright Contributors
+*
+*  ChurchCRM is free software; you can redistribute it and/or modify
+*  it under the terms of the GNU General Public License as published by
+*  the Free Software Foundation; either version 2 of the License, or
+*  (at your option) any later version.
+*
+*  This file best viewed in a text editor with tabs stops set to 4 characters
+*
+******************************************************************************/
+//Include the function library
+require 'Include/Config.php';
+require 'Include/Functions.php';
+
+
+//Set the page title
+$sPageTitle = gettext('Integrity Check Results');
+if (!$_SESSION['bFinance'])
+{
+  Redirect("index.php");
+  exit;
+}
+require 'Include/Header.php'; 
+$CRMInstallRoot = __DIR__;
+$integrityCheckFile = $CRMInstallRoot."/integrityCheck.json";
+$IntegrityCheckDetails = json_decode(file_get_contents($integrityCheckFile));
+
+?>
+
+<div class="box box-body">
+  <p><?= gettext("Previous Integrity Check Result:") ?>
+<?php 
+  if ($IntegrityCheckDetails->status == "failure")
+  {
+    ?>
+    <span style="color:red"><?=  gettext("Failure") ?></span>
+  <?php  
+  }
+  else
+  {
+    ?>
+    <span style="color:green"><?=  gettext("Success") ?></span>
+  <?php  
+  }
+  ?>
+  </p>
+  <?php  
+  if (isset($IntegrityCheckDetails->message))
+  {
+    ?>
+  <p><?= gettext("Details:")?> <?=  $IntegrityCheckDetails->message ?></p>
+
+  <?php
+  }
+  if(count($IntegrityCheckDetails->files) > 0 )
+  {
+    ?>
+  <p><?= gettext("Files failing integrity check:") ?>
+  <ul>
+    <?php
+    foreach ($IntegrityCheckDetails->files as $file)
+    {
+      ?>
+    <li>FileName: <?= $file->filename ?>
+      <ul>
+        <li>Expected Hash: <?= $file->expectedhash ?></li>
+        <li>Actual Hash: <?= $file->actualhash ?></li>
+      </ul>
+    </li>
+      <?php
+    }
+    ?>
+  </ul>
+  <?php
+  }
+?>
+</div>
+
+<?php
+require 'Include/Footer.php';
+?>

src/Service/SystemService.php

@@ -363,24 +363,119 @@ function reportIssue($data)
 
   function runTimerJobs()
   {
+    global $sEnableExternalBackupTarget, $sExternalBackupAutoInterval, $sLastBackupTimeStamp;
+    global $sEnableIntegrityCheck, $sIntegrityCheckInterval, $sLastIntegrityCheckTimeStamp;
     //start the external backup timer job
     if ($sEnableExternalBackupTarget && $sExternalBackupAutoInterval > 0)  //if remote backups are enabled, and the interval is greater than zero
     {
       try {
-        $now = new DateTime();  //get the current time
-        $previous = new DateTime($sLastBackupTimeStamp); // get a DateTime object for the last time a backup was done.
+        $now = new \DateTime();  //get the current time
+        $previous = new \DateTime($sLastBackupTimeStamp); // get a DateTime object for the last time a backup was done.
         $diff = $previous->diff($now);  // calculate the difference.
         if (!$sLastBackupTimeStamp || $diff->h >= $sExternalBackupAutoInterval)  // if there was no previous backup, or if the interval suggests we do a backup now.
         {
           $systemService->copyBackupToExternalStorage();  // Tell system service to do an external storage backup.
-          $now = new DateTime();  // update the LastBackupTimeStamp.
+          $now = new \DateTime();  // update the LastBackupTimeStamp.
           $sSQL = "UPDATE config_cfg SET cfg_value='" . $now->format('Y-m-d H:i:s') . "' WHERE cfg_name='sLastBackupTimeStamp'";
           $rsUpdate = RunQuery($sSQL);
         }
       } catch (Exception $exc) {
         // an error in the auto-backup shouldn't prevent the page from loading...
       }
     }
+    if ($sEnableIntegrityCheck && $sIntegrityCheckInterval > 0)
+    {
+      $now = new \DateTime();  //get the current time
+      $previous = new \DateTime($sLastIntegrityCheckTimeStamp); // get a DateTime object for the last time a backup was done.
+      $diff = $previous->diff($now);  // calculate the difference.
+      if (!$sLastIntegrityCheckTimeStamp || $diff->h >= $sIntegrityCheckInterval)  // if there was no previous backup, or if the interval suggests we do a backup now.
+      {
+        $CRMInstallRoot = dirname(__DIR__);
+        $integrityCheckFile = $CRMInstallRoot."/integrityCheck.json";
+        $appIntegrity = $this->verifyApplicationIntegrity();
+        file_put_contents($integrityCheckFile, json_encode($appIntegrity));
+        $now = new \DateTime();  // update the LastBackupTimeStamp.
+        $sSQL = "UPDATE config_cfg SET cfg_value='" . $now->format('Y-m-d H:i:s') . "' WHERE cfg_name='sLastIntegrityCheckTimeStamp'";
+        $rsUpdate = RunQuery($sSQL);
+      }
+    }
   }
 
+  function downloadLatestRelease()
+  {
+    $release = $this->getLatestRelese();
+    $CRMInstallRoot = dirname(__DIR__);
+    $UpgradeDir = $CRMInstallRoot."/Upgrade";
+    $url = $release['assets'][0]['browser_download_url'];
+    mkdir($UpgradeDir);
+    file_put_contents($UpgradeDir."/".basename($url), file_get_contents($url));
+    $returnFile= array();
+    $returnFile['fileName'] = basename($url);
+    $returnFile['fullPath'] = $UpgradeDir."/".basename($url);
+    $returnFile['sha1'] = sha1_file($UpgradeDir."/".basename($url));
+    return $returnFile;
+  }
+
+  function doUpgrade($zipFilename,$sha1)
+  {
+    ini_set('max_execution_time',60);
+    $CRMInstallRoot = dirname(__DIR__);
+    if($sha1 == sha1_file($zipFilename))
+    {
+      $zip = new \ZipArchive();
+      if ($zip->open($zipFilename) == TRUE) 
+      {
+        for($i = 0; $i < $zip->numFiles; $i++) 
+        {
+            $archivedFileName = $zip->getNameIndex($i);
+            $targetFilename = str_replace("churchcrm/","/",$archivedFileName);
+            if ($targetFilename != "/Service/SystemService.php")  // save the best for last.
+            {
+              copy("zip://".$zipFilename."#".$archivedFileName, $CRMInstallRoot.$targetFilename);
+            }
+        } 
+        $zip->close();
+      }
+      return "It is done";
+    }
+    else
+    {
+       return "hashes dont match.  don't touch it!";
+    }
+
+  }
+
+  function verifyApplicationIntegrity()
+  {
+    $CRMInstallRoot = dirname(__DIR__);
+    $signatureFile = $CRMInstallRoot."/signatures.json";
+    $signatureData = json_decode(file_get_contents($signatureFile));
+    $signatureFailures = array();
+
+    if (sha1(json_encode($signatureData->files)) == $signatureData->sha1)
+    {
+      foreach ($signatureData->files as $file)
+      {
+        $actualHash = sha1_file($CRMInstallRoot."/".$file->filename);
+        if ( $actualHash != $file->sha1 )
+        {
+          array_push($signatureFailures, array("filename"=>$file->filename,"expectedhash"=>$file->sha1,"actualhash"=>$actualHash));
+        }
+      }
+    }
+    else
+    {
+      return array("status"=>"failure","message"=>"Signature Definition file signature failed validation");
+    }
+
+    if(count($signatureFailures) > 0 )
+    {
+      return array("status"=>"failure","files"=>$signatureFailures);
+    }
+    else 
+    {
+       return array("status"=>"success");
+    }
+
+  }
 }

src/Service/TaskService.php

@@ -17,6 +17,8 @@ public function __construct()
 
   function getAdminTasks() {
     requireUserGroupMembership("bAdmin");
+    $CRMInstallRoot = dirname(__DIR__);
+    $integrityCheckData = json_decode(file_get_contents($CRMInstallRoot."/integrityCheck.json"));
     $sSQL = "SELECT cfg_name, IFNULL(cfg_value, cfg_default) AS value FROM config_cfg";
     $rsConfig = mysql_query($sSQL);			// Can't use RunQuery -- not defined yet
     if ($rsConfig) {
@@ -42,7 +44,11 @@ function getAdminTasks() {
     }
 
     if ($this->latestVersion != null && $this->latestVersion["name"] != $this->installedVersion) {
-      array_push($tasks, $this->addTask("New Release ". $this->latestVersion["name"], $this->latestVersion["html_url"], true));
+      array_push($tasks, $this->addTask("New Release ". $this->latestVersion["name"], $this->baseURL."/UpgradeCRM.php", true));
+    }
+
+    if($integrityCheckData->status == "failure") {
+      array_push($tasks, $this->addTask("Application Integrity Check Failed", $this->baseURL."/IntegrityCheck.php", true));
     }
 
     return $tasks;