Jump to content
ryan

Module: ProcessWire Core Upgrade

Recommended Posts

What I'd really like to do as the next step with this is make it support upgrade by FTP. That would provide a nicer and safer solution for those that don't have writable file systems on their servers.

Please consider using  SFTP/SCP instead of  FTP

Maybe this one could help, but i guess you already know about it   :

http://phpseclib.sourceforge.net/

Had no trouble upgrading/downgrading my test installations :-)

Share this post


Link to post
Share on other sites

@NorbertH yep, make PW closed on github and require SSH key passphrases & upgrade your personal account from free to paid with a credit card. :rolleyes:

Is there a reason you would you secure public data that's openly available?

Share this post


Link to post
Share on other sites

Is there a reason you would you secure public data that's openly available?

There are reasons, because it's not only about what's being transfered, but also who is transfering data to whoever else. But I don't think that should matter in this case. 

Share this post


Link to post
Share on other sites

@NorbertH: Yes, this shouldn't matter in this case because WellKnown-OpenSource-Files are transferred from local filesystem to local FTP server only. :lol:

Share this post


Link to post
Share on other sites

I've not tried this yet but it looks great!

I've got a kind of multisite setup where the 'wire' and 'modules' folders are symlinks to a centralised installation.

(each site has it's own database)

Will this still work for such a setup?

Share this post


Link to post
Share on other sites

I think @NorbertH's motivation might be that he doesn't want standard FTP enabled on his server at all. I think it is about keeping the server in general more secure, rather than protecting the actual transfer of PW files.

Is that correct?

  • Like 2

Share this post


Link to post
Share on other sites

@adrian: the context of that FTP transfer is _only_ for shared hosting environments where you are not in the comfortable situation to have wire folder write access without setting it to write for all (0777). But I don't know of any shared hosting environments that does _not_ have FTP enabled. But I do know of many that also do not have SFTP / SCP or SSH. Some may have FTPES.

So, FTP is already enabled on those Servers, why not using it for transferring from local file system to local FTP? I cannot see any downside here.

If you have your own server or are not in (cheap) shared hosting, you always can use other ways I believe.

Maybe @NorbertH has quoted a to small piece of Ryans statement, so that it got a bit out of context?

  • Like 1

Share this post


Link to post
Share on other sites

Hey horst - good points about shared servers for sure!

I guess I am in the unusual situation of managing my own servers so I have disabled FTP, but I do have SFTP enabled.

To compare, I know that Wordpress does not support SFTP by default which would make their automatic core upgrade process useless for me - lucky I don't want to use WP :)

I'll probably still be using git pull for all my PW upgrades, because of the write permissions I have set on my servers, but I think it would be nice to have this module support all possible options. 

  • Like 1

Share this post


Link to post
Share on other sites

https://uberspace.de/ is a shared hosting which doesn't have ftp :)

nice to know, but at uberspace there is no need to work around not writeable wire folders:

Alle Scriptsprachen laufen bei uns unter suEXEC, also mit deinen eigenen Userrechten.

As I understand this, PHP can write to all your own directories, but every one cannot. So, uberspace is not a "cheap" shared hosting, technically. :)

PHP only needs 0755 here, whereas on many other (cheap) shared hosts it would need 0777 what should be avoided.

Share this post


Link to post
Share on other sites

Seemed a reasonable thing to do, install module and upgrade. But I get a lot of undefined indexes at back-end. I used modules manager to get the upgrade module (was only one there)..

Notice: Undefined index: upgrade_available in C:\xampp\htdocs\dating\site\modules\AutoUpgrade\AutoUpgrade\AutoUpgrade.module on line 38

Notice: Undefined index: last_checked in C:\xampp\htdocs\dating\site\modules\AutoUpgrade\AutoUpgrade\AutoUpgrade.module on line 38

Warning: file_get_contents(https://api.github.com/repos/ryancramerdesign/Processwire): failed to open stream: HTTP request failed! HTTP/1.0 403 Forbidden in C:\xampp\htdocs\dating\site\modules\AutoUpgrade\AutoUpgrade\AutoUpgrade.module on line 39

Notice: Undefined index: git in C:\xampp\htdocs\dating\site\modules\AutoUpgrade\AutoUpgrade\AutoUpgrade.module on line 44

--------------------------------

Now I am afraid to continue - should I delete the module (how)? Or continue? or was the one I installed wrong?

Going back to module manager - dropdowns don't work and get Javascript alert:

DataTables warning (table id = 'mm_datatable'): DataTables warning: JSON data from server could not be parsed. This is caused by a JSON formatting error.

Share this post


Link to post
Share on other sites

Apparently the one I installed is named AutoUpgrade (Admin Helpers) - which does not work - at least : give so many errors...

Just deleted it and now installed Processwire Upgrade - does not give errors on install...

Just my 2 cents: I think it is confusing to have modules doing the same, in same directories. But for some reason have either old code or not tested code. If not compatible they should be removed. Or brought under it's own version...

-- EDIT --

Ryan's module works flawless ! good job! just upgraded to new version and everything looks great :-)

Share this post


Link to post
Share on other sites

On the modules site of AutoUpgrade is to read under Compatibility: 2.1 and 2.2

In ModulesManager it is signed as ALPHA state, not Beta or Stable, but ALPHA!

So, don't know if it is actually already in, because I used an old version of ModulesManager to check what it displays, it would be good to see the compatibility numbers or those with only lesser version numbers then the actually used PW version should be not listed, maybe.

Edited by horst
added comment about ModulesManager

Share this post


Link to post
Share on other sites

lol. I see that now... by using: "more" link. I used modules manager and clicked the download button on the right side.

my 2 cents is now: add a column named "compatibility"...

post-2177-0-62315900-1410642449_thumb.pn

Share this post


Link to post
Share on other sites

Just for your information - I also got an: Unable to open ZIP file, error code: 19  (downloaded filesize was 133 kb time and time again.)

Then I changed my php on the server from php 5.4.33 to 5.5 and the upgrade went flawlessly from PW 2.5.0 to 2.5.3

 Maybe this info can be useful to someone ...

Kind regards,

Bernard

  • Like 1

Share this post


Link to post
Share on other sites

I have the same issue as tobaco. In two installations I can see several modules in the upgrade list, including 'Upgrades', but not the core stable and dev versions.

PW 2.5.3 & Upgrades 0.0.2.

At some point they were there however, because I used Upgrades to upgrade from 2.5.0 to 2.5.3.

Share this post


Link to post
Share on other sites

Some update. When I changed the Admin theme from default to Reno, the core stable and dev updates showed up. And worked flawless to update from PW 2.5.3 to 2.5.8.

Edit: and now it also works in the default Admin theme.

Share this post


Link to post
Share on other sites

Is this module in the core? If not, it should be (even if uninstalled by default) because it makes it easy to update the site and only an updated site is a safe site ;)

Share this post


Link to post
Share on other sites

Some update. When I changed the Admin theme from default to Reno, the core stable and dev updates showed up. And worked flawless to update from PW 2.5.3 to 2.5.8.

Edit: and now it also works in the default Admin theme.

There aren't any connections to the admin theme with this module. But installing AdminThemeReno would have cleared the modules cache, so I'm thinking that's most likely what was needed (a modules refresh). 

Is this module in the core? If not, it should be (even if uninstalled by default) because it makes it easy to update the site...

It will go into the core once I can add the option of FTP/SFTP/FTPS installation as an option for upgrading/installing modules and core. 

...only an updated site is a safe site

Your statement is true with Drumlapress, but not with ProcessWire as far as we know. While newer core versions add new security enhancements and such, running an older version of PW doesn't mean your site isn't safe. If a site is running smoothly and does everything the client wants, I tend to leave it alone. Even if upgrades are relatively safe and easy, there's always a rare chance that something will break and need an update as a result of upgrading the PW core or any module. There are plenty of good reasons to upgrade, but since there are no known security vulnerabilities in past versions as of yet, having a safe site is not currently one of them. 

  • Like 4

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...