How to code a patch for a PHP application?

akrashdi · November 6, 2013

Hi,

I have developed a small PHP and MySQL application that people can download from my website and install on their websites.

Obviously I will be improving this application with more features and bug fixes. My question is how do I go about updating others applications installed on their websites, by offering them "new updates available" link?

I was thinking to ask them to download the whole application again and upload it to their server. This new version will include an
"update script" thorugh which database updates (table structure changes etc.) can be performed.

Whats the best way of doing it?

Appreciated..

Edited November 6, 2013 by akrashdi

r3wt · November 6, 2013

so basically you are asking how to put a backdoor into the application? why on earth would you want to do this?

basically off the top of my head (pseudo code)

insert this line into whatever error div you have, say its called $e

$current_ver = "1.0.1.9";

if (new_ver_available($current_ver) === true) {

echo '<div id="e"> a new version is available. click <a href="">here.</a> to upgrade.</div>';
}

function private new_ver_available($current_ver,$external_ver){

$dbOptions = array(
	'db_host' => 'ip of db you want to connect to',
	'db_user' => 'user for the db',
	'db_pass' => 'password',
	'db_name' => 'name of db'
);

your db connect script goes here(eg mysqli_connect ....)

your iteration logic here eg. (for int=0 $i...)

if ($current_ver === $external_ver)//absolute match of boolean
{
return false;
}else{
return true;
}

akrashdi · November 7, 2013

Actually the title of this post went with a little typo. It should be

How to code a patch for a PHP application?

People who install my PHP application on their websites, how can I update that application with new version?

In other words, how should I create patches for my (PHP+MySQL) application that people have installed on their websites.

ignace · November 7, 2013

Basically your script would call a script on your server, passing the version number. Something like:

$latest_version = file_get_contents('http://yourdomain.top/get-latest-version.php?version=' . $current_version);

switch (version_compare($latest_version, $current_version)) {
  case 0: // equal
    echo 'You have the latest version';
    break;
  case 1: // newer
    echo 'Update to version ' . $latest_version;
    break;
}

To get the update patch is a little more difficult. Assuming you use git and tag your releases with the version numbers you can:

$version = $_GET['from_version'];
$filename = $_GET['filename'];

// validate $version and $filename

exec('git diff --name-only ' . $version . ' HEAD', $output);

// iterate over $output to get all $changed_files
$temp = tempnam('/tmp', 'zip_');

$zip = new ZipArchive();
if ($zip->open($temp)) {
  foreach ($changed_files as $file) {
    $zip->addLocalFile($file);
  }
  $zip->close();
}

// send it as a download
header('Cache-Control: private');
header('Content-Disposition: attachment; filename=' . $filename . '.zip');
header('Content-Type: application/octet-stream');
header('Content-Length: ' . filesize($tempnam));
header('Content-Transfer-Encoding: binary');
readfile($tempnam);

The calling script then unzips the file and overwrites all files. Updating the database is a little more tricky. Your script would need to know how the database "should" look to be able to generate the alter table statements, you can do this using Doctrine's DBAL which allows you to define your tables in PHP code and then run a diff against the actual database to get the needed changes or you can try write it yourself:

$tables = array(
  'table1' => array(
    'fields' => array(
      'field1' => array('mysql' => 'INTEGER UNSIGNED NOT NULL AUTO_INCREMENT', 'sqlite' => '..', ..),
      ..
    ),
    'indexes' => array(
      'index1' => array('..')
    ),
  ),
  'table2' => array(
    ..
  )
);

then iterate over each table, does it exist? if not, create the table and the fields and it's indexes otherwise iterate over all fields and indexes.

If you come across a field that does not exist in the fields array then delete it, if the field is not in the database, create it, if it exists check if the definition matches. update if it doesnt.

Edited November 7, 2013 by ignace

akrashdi · November 12, 2013

Nicely explained,

So, someone else's website running my application will get a ZIP file of the new version from my website. A script within the application will UNZIP that file and overwrite existing application files with it. Then the database script will run SQL queries that will modify table structure of the database as needed.

Please correct me if I misunderstood it.

Edited November 12, 2013 by akrashdi

ignace · November 12, 2013

That's correct. Of course there are some things to consider when doing this, like you should block all incoming traffic and refer them to a maintenance page. You should keep track of changed files and the changes to the database should be possible to be reversed.

So it's best to leave the decision of updating to the user and deleting database fields should be avoided.

Edited November 12, 2013 by ignace

akrashdi · November 14, 2013

Zabardast (Awesome), Thanks.

Sign In

How to code a patch for a PHP application?

Recommended Posts

akrashdi

Link to comment

Share on other sites

r3wt

Link to comment

Share on other sites

akrashdi

Link to comment

Share on other sites

ignace

Link to comment

Share on other sites

akrashdi

Link to comment

Share on other sites

ignace

Link to comment

Share on other sites

akrashdi

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information