Page 1 of 1
Web App Upgrader
Posted: Wed Sep 14, 2011 10:24 am
by volomike
I am looking for a third-party component that saves me time so that I don't have to code this. (I'm on a tight deadline.) I need a component that lets my customer click a button to upgrade his web app. Needs to work with PHP on Linux and work in most shared hosting situations if possible. Anything out there that's best-of-breed and recommended? I guess I would pay up to $40 USD for such a script, but I want to use something tested and mainstream if possible.
The typical scenario is that it works pretty much like how you can upgrade WordPress with a single click.
Re: Web App Upgrader
Posted: Wed Sep 14, 2011 2:22 pm
by volomike
This isn't looking good. I've asked around and the only answer I get is, "Look at how WordPress does it." If I had time for that, the WP way would be the first place I'd look. But I'm struggling on time here, trying to make a deadline, and don't want to have to write this component myself if there's a best-of-breed component (even one I have to pay for) out there.
Re: Web App Upgrader
Posted: Wed Sep 14, 2011 4:31 pm
by John Cartwright
I wouldn't expect to find any canned solutions for such a specific issue. The "upgrade" functionality certainly will differ from application to application.
Re: Web App Upgrader
Posted: Fri Sep 16, 2011 9:08 am
by volomike
The feedback I've gotten around on the web has either been:
* Look how WP does it.
* Don't do it -- make the user run some instructions. (And then they say that WP Upgrader got hacked recently.)
In general I need to:
- Detect that an update is on the server that's newer than the version locally. This requires Curl, and, failing that, polyfills that API with file_get_contents() unless that API fails too. If so, it warns the user that the software cannot routinely check for updates because Curl API is not enabled.
- Prompt the user in the admin.
- The user clicks Update and confirms Yes to update. It also uses a captcha to prevent a remote exploit attack.
- The system receives the request and confirms the captcha in order to prevent a remote attack.
- The file system is tested to see if it can (a) overwrite an existing test file, and (b) copy files. It tests to see if these APIs have not been blocked. If they have been blocked, the script stops with an error and some instructions in order to make it work.
- The existing site files are backed up to a new folder in the backup folder. If it cannot complete, then it informs that there is not enough disk space to perform the action.
- The SQL database is exported to this new folder in the backup folder. If it cannot complete, then it informs that there is not enough disk space to perform the action.
- The folder in the backup folder is compressed as an attempt. If the APIs fail, the script just moves on and leaves the folder uncompressed. However, if it works, and confirms the zip file was created, it then attempts to remove the folder in the backup folder. If that folder cannot be removed, it simply ignores this and moves on. That way, it's not disruptive but does try to tidy up disk space.
- In the backup folder, there's a download folder. If it's not empty, the system removes the folder and recreates it again. If it cannot do this, then the script stops with an error and instructions for the user.
- The zip from the remote server is downloaded and uncompressed into the download folder. If this cannot work, then the script stops with an error and instructions to the user.
- An index.html is copied out for the site. This informs incoming connections that the site is down for maintenance, to check back soon.
- The script then uses the uncompressed files to overwrite it's existing files. If it cannot continue, again, error + instructions.
- The script then detects what version of SQL tables are on the server, and then downloads the proper SQL file needed to move from that site's version to the new version. This SQL file's general nature will be to do ALTER TABLE requests, but perhaps more. It then runs this script. If this fails to run, again error + instructions.
- Once complete, a short system test is performed to ensure the site is in functioning order. If it is not, then error + instructions.
- The index.html file is removed.
- The script informs the admin that the site software has been upgraded.