Jump to content


Photo

How to code a patch for a PHP application?

php patch application update

Best Answer ignace, 12 November 2013 - 02:23 PM

That's correct. Of course there are some things to consider when doing this, like you should block all incoming traffic and refer them to a maintenance page. You should keep track of changed files and the changes to the database should be possible to be reversed.

So it's best to leave the decision of updating to the user and deleting database fields should be avoided. Go to the full post


  • Please log in to reply
6 replies to this topic

#1 akrashdi

akrashdi

    Newbie

  • New Members
  • Pip
  • 5 posts

Posted 06 November 2013 - 01:14 AM

Hi,

 

I have developed a small PHP and MySQL application that people can download from my website and install on their websites.

 

Obviously I will be improving this application with more features and bug fixes. My question is how do I go about updating others applications installed on their websites, by offering them "new updates available" link?

 

I was thinking to ask them to download the whole application again and upload it to their server. This new version will include an 
"update script" thorugh which database updates (table structure changes etc.) can be performed.

 

Whats the best way of doing it?

 

Appreciated..

 


Edited by akrashdi, 06 November 2013 - 01:18 AM.


#2 r3wt

r3wt

    Advanced Member

  • Members
  • PipPipPip
  • 44 posts

Posted 06 November 2013 - 02:08 AM

so basically you are asking how to put a backdoor into the application? why on earth would you want to do this? 

 

basically off the top of my head (pseudo code)

 

insert this line into whatever error div you have, say its called $e

$current_ver = "1.0.1.9";

if (new_ver_available($current_ver) === true) {

echo '<div id="e"> a new version is available. click <a href="">here.</a> to upgrade.</div>';
}

function private new_ver_available($current_ver,$external_ver){

$dbOptions = array(
	'db_host' => 'ip of db you want to connect to',
	'db_user' => 'user for the db',
	'db_pass' => 'password',
	'db_name' => 'name of db'
);

your db connect script goes here(eg mysqli_connect ....)

your iteration logic here eg. (for int=0 $i...)

if ($current_ver === $external_ver)//absolute match of boolean
{
return false;
}else{
return true;
}

 



#3 akrashdi

akrashdi

    Newbie

  • New Members
  • Pip
  • 5 posts

Posted 07 November 2013 - 02:25 AM

Actually the title of this post went with a little typo. It should be 

How to code a patch for a PHP application?

 

People who install my PHP application on their websites, how can I update that application with new version?

 

In other words, how should I create patches for my (PHP+MySQL) application that people have installed on their websites.



#4 ignace

ignace

    Now mod flavored

  • Moderators
  • 6,251 posts
  • LocationBelgium

Posted 07 November 2013 - 03:26 AM

Basically your script would call a script on your server, passing the version number. Something like:
 
$latest_version = file_get_contents('http://yourdomain.top/get-latest-version.php?version=' . $current_version);

switch (version_compare($latest_version, $current_version)) {
  case 0: // equal
    echo 'You have the latest version';
    break;
  case 1: // newer
    echo 'Update to version ' . $latest_version;
    break;
}
To get the update patch is a little more difficult. Assuming you use git and tag your releases with the version numbers you can:
 
$version = $_GET['from_version'];
$filename = $_GET['filename'];

// validate $version and $filename

exec('git diff --name-only ' . $version . ' HEAD', $output);

// iterate over $output to get all $changed_files
$temp = tempnam('/tmp', 'zip_');

$zip = new ZipArchive();
if ($zip->open($temp)) {
  foreach ($changed_files as $file) {
    $zip->addLocalFile($file);
  }
  $zip->close();
}

// send it as a download
header('Cache-Control: private');
header('Content-Disposition: attachment; filename=' . $filename . '.zip');
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($tempnam));
header('Content-Transfer-Encoding: binary');
readfile($tempnam);
The calling script then unzips the file and overwrites all files. Updating the database is a little more tricky. Your script would need to know how the database "should" look to be able to generate the alter table statements, you can do this using Doctrine's DBAL which allows you to define your tables in PHP code and then run a diff against the actual database to get the needed changes or you can try write it yourself:
 
$tables = array(
  'table1' => array(
    'fields' => array(
      'field1' => array('mysql' => 'INTEGER UNSIGNED NOT NULL AUTO_INCREMENT', 'sqlite' => '..', ..),
      ..
    ),
    'indexes' => array(
      'index1' => array('..')
    ),
  ),
  'table2' => array(
    ..
  )
);
then iterate over each table, does it exist? if not, create the table and the fields and it's indexes otherwise iterate over all fields and indexes.

If you come across a field that does not exist in the fields array then delete it, if the field is not in the database, create it, if it exists check if the definition matches. update if it doesnt.

Edited by ignace, 07 November 2013 - 03:43 AM.


#5 akrashdi

akrashdi

    Newbie

  • New Members
  • Pip
  • 5 posts

Posted 12 November 2013 - 01:06 PM

Nicely explained, 

 

So, someone else's website running my application will get a ZIP file of the new version from my website. A script within the application will UNZIP that file and overwrite existing application files with it. Then the database script will run SQL queries that will modify table structure of the database as needed.

 

Please correct me if I misunderstood it. 


Edited by akrashdi, 12 November 2013 - 01:12 PM.


#6 ignace

ignace

    Now mod flavored

  • Moderators
  • 6,251 posts
  • LocationBelgium

Posted 12 November 2013 - 02:23 PM   Best Answer

That's correct. Of course there are some things to consider when doing this, like you should block all incoming traffic and refer them to a maintenance page. You should keep track of changed files and the changes to the database should be possible to be reversed.

So it's best to leave the decision of updating to the user and deleting database fields should be avoided.

Edited by ignace, 12 November 2013 - 02:28 PM.


#7 akrashdi

akrashdi

    Newbie

  • New Members
  • Pip
  • 5 posts

Posted 14 November 2013 - 04:45 AM

Zabardast (Awesome), Thanks.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com