admin.php does not display any sites

[tmccormi]

Fix or delete? I vote to just delete it, it's a huge security hole.

[teryhill]

What about the customers that have multi sites and they are updating them?

Sent from my iPhone

On Oct 7, 2016, at 2:10 PM, Tony McCormick notifications@github.com wrote:

Fix or delete? I vote to just delete it, it's a huge security hole.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

[tmccormi]

It's a clunky tool and it does not require entering a password to use it. Bad Form. I'm OK with it, but It would be better to put that logic in the login screen.

If upgrade is required, force the admin to login and run it before allowing ANY other logins. People can login now and use an updated system without running the db updates / patches at all.

AND we officially do NOT have any support for upgrades except for developers. Remember?

[aethelwulffe]

Agree it is a bad security policy, except when only localhost can access it, but I am not sure there is any way of creating multiple sites if it does not exist...

On 10/7/2016 2:19 PM, Tony McCormick wrote:

It's a clunky tool and it does not require entering a password to use it. Bad Form. I'm OK with it, but It would be better to put that logic in the login screen.

If upgrade is required, force the admin to login and run it before allowing ANY other logins. People can login now and use an updated system without running the db updates / patches at all.

AND we officially do NOT have any support for upgrades except for developers. Remember?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/LibreEHR/LibreEHR/issues/234#issuecomment-252324346, or mute the thread https://github.com/notifications/unsubscribe-auth/AAhzF7Bka27bfIL9BszR8YOnbLpwMQ9Lks5qxo0tgaJpZM4KRTwA.

[tmccormi]

manually ...

• mkdir sites/Newsite
• cp -vR (sourcerepo)/sites/* Newsite/
• run setup with ?site=Newsite

Or run setup and select (Create from Site) but it's does not do a good job of making a clean newsite dir

[tmccormi]

i'm working on tweaks to AutoDeploy script as well.

[aethelwulffe]

Bump?

[tmccormi]

I tested Autodeploy and New installs work fine. I think admin.php should be remove and the login should check if upgrade is required and force admin user to login to run the upgrade. Preventing anyone else from running until that happens.

[aethelwulffe]

And the multi site feature go bye-bye? Fine with that I suppose, the only real issue being that some users DO INDEED use multiple sites without having a vendor. This includes training sites and the like. If we want a tool inside the application that adds another site without using the anonymous admin.php, I will gladly take on that task. That will require an "upgrade this site/all sites" tool inside of it too. That would, however be a great time to allow the tool to act as a diffing editor, as well as display the changes and documentation for SQL upgrades.

[tmccormi]

No multi site works fine.

[tmccormi]

I just talking about the upgrade/setup part of admin.php being a security risk. Right now admin.php is just plain busted.

[aethelwulffe]

admin.php is the multi-site utility, thus the confusion.

[tmccormi]

it's only one way to get to multisite. setup.php as well and any call to the base url with ?site=SITENAME works just fine

Tony McCormick, CTO www.mi-squared.com Support: 866-735-0897, Direct: 713-574-6709 My Calendar: http://bit.ly/XznvDo

tóg go bog ē - Best advice from a pub owner in Ireland, to take it easy.

On Mon, Dec 5, 2016 at 12:09 PM, Art Eaton notifications@github.com wrote:

admin.php is the multi-site utility, thus the confusion.

— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub https://github.com/LibreHealthIO/LibreEHR/issues/234#issuecomment-264962653, or mute the thread https://github.com/notifications/unsubscribe-auth/AARci74HASPvXN4kguVBQUVNyJZ_55z0ks5rFG-AgaJpZM4KRTwA .

-- Please be aware that e-mail communication can be intercepted in transmission or misdirected. Please consider communicating any sensitive information by telephone. The information contained in this message may be privileged and confidential. If you are NOT the intended recipient, please notify the sender immediately with a copy to hipaa-security@mrsb-ltd.com and destroy this message.

[aethelwulffe]

I'm talking about ... oh nevermind. There needs to be a end-user flavor of way to do anything before it can be called a feature. I'll just deal with it.

[teryhill]

but it is a lot easier for the office ladies to use admin.php than to remember the url changes

[aethelwulffe]

In any case, a "clone database" from the setup either fails or takes 40 minutes. We revised that bit to run it in just a few seconds. The setup needs a login and all that rot, so I figure this is a good little project to do.

On 12/5/2016 3:20 PM, Terry Hill wrote:

but it is a lot easier for the office ladies to use admin.php than to remember the url changes

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/LibreHealthIO/LibreEHR/issues/234#issuecomment-264965324, or mute the thread https://github.com/notifications/unsubscribe-auth/AAhzF7tdm9DBl0N1-49dl02ldl7G17kOks5rFHH3gaJpZM4KRTwA.

[aethelwulffe]

I say we snuff admin.php and all of it's upgrade stuff and work on an internal utility when it is time. Busted stuff isn't worth having.

310

[tmccormi]

Ken has the start of a migration model that will work. See his latest commit. Stills needs a secure, control UI with rollback. But it's better than what we have inherited.

eb7f392 Development 101 ken (#297)

[tmccormi]

Can these be removed:

• sql_upgrade.php
• sql_patch.php
• sql/0_0_1-to-1_0_0_upgrade.sql
• sql/libreehr_upgrade.sql
• sql/patch.sql

At the next release we can provide migration script, if not the start of a new admin UI

[teryhill]

should be able to as long as we understand how to use the new migration script

[tmccormi]

yes. if there's a new migration it will be run at login (i think.) the migrations are run after all the plugins are loaded. The plugin system is started at the end of globals.php, and that loads all the plugins, etc.

We can adapt. Take a look at one of the migration php scripts. It's using the same format as the upgrade_sql.php ..