Fix ignore file integrity check on filefunc.inc.php for deb/rpm package

build/debian/patches/use-etc-dolibarr-conf.patch

@@ -9,6 +9,19 @@ Forwarded: not-needed
 Last-Update: 2013-07-29
 ---
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/htdocs/filefunc.inc.php
++++ b/htdocs/filefunc.inc.php
+@@ -63,8 +63,8 @@ $conffiletoshowshort = "conf.php";
+ $conffile = "conf/conf.php";
+ $conffiletoshow = "htdocs/conf/conf.php";
+ // For debian/redhat like systems
+-//$conffile = "/etc/dolibarr/conf.php";
+-//$conffiletoshow = "/etc/dolibarr/conf.php";
++$conffile = "/etc/dolibarr/conf.php";
++$conffiletoshow = "/etc/dolibarr/conf.php";
+ 
+ 
+ // Include configuration
 --- a/htdocs/install/inc.php
 +++ b/htdocs/install/inc.php
 @@ -73,8 +73,8 @@ $conffiletoshowshort = "conf.php";

build/rpm/dolibarr-forrpm.patch

@@ -1,3 +1,17 @@
+diff -up htdocs/filefunc.inc.php.patch htdocs/filefunc.inc.php
+--- htdocs/filefunc.inc.php.patch	2011-09-03 02:32:48.666952000 +0200
++++ htdocs/filefunc.inc.php	2011-09-03 02:33:00.510952001 +0200
+@@ -63,8 +63,8 @@ 
+ $conffile = "conf/conf.php";
+ $conffiletoshow = "htdocs/conf/conf.php";
+ // For debian/redhat like systems
+-//$conffile = "/etc/dolibarr/conf.php";
+-//$conffiletoshow = "/etc/dolibarr/conf.php";
++$conffile = "/etc/dolibarr/conf.php";
++$conffiletoshow = "/etc/dolibarr/conf.php";
+ 
+ 
+ // Include configuration
 diff -up htdocs/install/inc.php.patch htdocs/install/inc.php
 --- htdocs/install/inc.php.patch	2011-09-03 02:33:26.450952000 +0200
 +++ htdocs/install/inc.php	2011-09-03 02:33:36.286952001 +0200

build/rpm/dolibarr_fedora.spec

@@ -215,6 +215,7 @@ done >>%{name}.lang
 %_datadir/dolibarr/htdocs/webservices
 %_datadir/dolibarr/htdocs/website
 %_datadir/dolibarr/htdocs/*.ico
+%_datadir/dolibarr/htdocs/*.patch
 %_datadir/dolibarr/htdocs/*.php
 %_datadir/dolibarr/htdocs/*.txt
 

build/rpm/dolibarr_generic.spec

@@ -295,6 +295,7 @@ done >>%{name}.lang
 %_datadir/dolibarr/htdocs/webservices
 %_datadir/dolibarr/htdocs/website
 %_datadir/dolibarr/htdocs/*.ico
+%_datadir/dolibarr/htdocs/*.patch
 %_datadir/dolibarr/htdocs/*.php
 %_datadir/dolibarr/htdocs/*.txt
 

build/rpm/dolibarr_mandriva.spec

@@ -212,6 +212,7 @@ done >>%{name}.lang
 %_datadir/dolibarr/htdocs/webservices
 %_datadir/dolibarr/htdocs/website
 %_datadir/dolibarr/htdocs/*.ico
+%_datadir/dolibarr/htdocs/*.patch
 %_datadir/dolibarr/htdocs/*.php
 %_datadir/dolibarr/htdocs/*.txt
 

build/rpm/dolibarr_opensuse.spec

@@ -223,6 +223,7 @@ done >>%{name}.lang
 %_datadir/dolibarr/htdocs/webservices
 %_datadir/dolibarr/htdocs/website
 %_datadir/dolibarr/htdocs/*.ico
+%_datadir/dolibarr/htdocs/*.patch
 %_datadir/dolibarr/htdocs/*.php
 %_datadir/dolibarr/htdocs/*.txt
 

htdocs/admin/system/dolibarr.php

@@ -49,7 +49,7 @@ $version='0.0';
 
 if ($action == 'getlastversion')
 {
-    $result = getURLContent('http://sourceforge.net/projects/dolibarr/rss');
+    $result = getURLContent('https://sourceforge.net/projects/dolibarr/rss');
     //var_dump($result['content']);
     $sfurl = simplexml_load_string($result['content']);
 }

htdocs/core/lib/files.lib.php

@@ -2777,28 +2777,42 @@ function dol_readcachefile($directory, $filename)
  */
 function getFilesUpdated(&$file_list, SimpleXMLElement $dir, $path = '', $pathref = '', &$checksumconcat = array())
 {
+	global $conffile;
+
 	$exclude = 'install';
 
 	foreach ($dir->md5file as $file)    // $file is a simpleXMLElement
 	{
 		$filename = $path.$file['name'];
 		$file_list['insignature'][] = $filename;
+		$expectedmd5 = (string) $file;
 
 		//if (preg_match('#'.$exclude.'#', $filename)) continue;
 
 		if (!file_exists($pathref.'/'.$filename))
 		{
-			$file_list['missing'][] = array('filename'=>$filename, 'expectedmd5'=>(string) $file);
+			$file_list['missing'][] = array('filename'=>$filename, 'expectedmd5'=>$expectedmd5);
 		}
 		else
 		{
 			$md5_local = md5_file($pathref.'/'.$filename);
-			if ($md5_local != (string) $file) $file_list['updated'][] = array('filename'=>$filename, 'expectedmd5'=>(string) $file, 'md5'=>(string) $md5_local);
-			$checksumconcat[] = $md5_local;
+
+			if ($conffile == '/etc/dolibarr/conf.php' && $filename == '/filefunc.inc.php')	// For install with deb or rpm, we ignore test on filefunc.inc.php that was modified by package
+			{
+				$checksumconcat[] = $expectedmd5;
+			}
+			else
+			{
+				if ($md5_local != $expectedmd5) $file_list['updated'][] = array('filename'=>$filename, 'expectedmd5'=>$expectedmd5, 'md5'=>(string) $md5_local);
+				$checksumconcat[] = $md5_local;
+			}
 		}
 	}
 
-	foreach ($dir->dir as $subdir) getFilesUpdated($file_list, $subdir, $path.$subdir['name'].'/', $pathref, $checksumconcat);
+	foreach ($dir->dir as $subdir)			// $subdir['name'] is  '' or '/accountancy/admin' for example
+	{
+		getFilesUpdated($file_list, $subdir, $path.$subdir['name'].'/', $pathref, $checksumconcat);
+	}
 
 	return $file_list;
 }

htdocs/filefunc.inc.php

@@ -62,30 +62,16 @@ $conffiletoshowshort = "conf.php";
 $conffile = "conf/conf.php";
 $conffiletoshow = "htdocs/conf/conf.php";
 // For debian/redhat like systems
-if (! file_exists($conffile))
-{
-	$conffile = "/etc/dolibarr/conf.php";
-	$conffiletoshow = "/etc/dolibarr/conf.php";
-}
+//$conffile = "/etc/dolibarr/conf.php";
+//$conffiletoshow = "/etc/dolibarr/conf.php";
+
 
 // Include configuration
 // --- End of part replaced by Dolibarr packager makepack-dolibarr
 
-// Replace conf filename with "conf" parameter on url by GET
-/* Disabled. This is a serious security hole
-if (! empty($_GET['conf']))
-{
-	$confname=basename($_GET['conf']);
-    setcookie('dolconf', $confname, 0, '/');
-    $conffile = 'conf/'.$confname.'.php';
-} else {
-	$confname=basename(empty($_COOKIE['dolconf']) ? 'conf' : $_COOKIE['dolconf']);
-	$conffile = 'conf/'.$confname.'.php';
-}
-*/
 
 // Include configuration
-$result=@include_once $conffile;	// Keep @ because with some error reporting this break the redirect
+$result=@include_once $conffile;	// Keep @ because with some error reporting this break the redirect done when file not found
 
 if (! $result && ! empty($_SERVER["GATEWAY_INTERFACE"]))    // If install not done and we are in a web session
 {