It is pretty standard practice now for desktop applications to be self-updating. On the Mac, every non-Apple program that uses Sparkle in my book is an instant win. For Windows developers, this has already been discussed at length. I have not yet found information on self-updating web applications, and I hope you can help.
现在,桌面应用程序的自我更新是非常标准的做法。在Mac电脑上,每一个在我的书中使用闪光的非苹果程序都是即时的胜利。对于Windows开发人员来说,这已经被详细讨论过了。我还没有找到关于自我更新web应用程序的信息,希望您能有所帮助。
I am building a web application that is meant to be installed like Wordpress or Drupal - unzip it in a directory, hit some install page, and it's ready to go. In order to have broad server compatibility, I've been asked to use PHP and MySQL -- is that **MP? In any event, it has to be broadly cross-platform. For context, this is basically a unified web messaging application for small businesses. It's not another CMS platform, think webmail.
我正在构建一个可以像Wordpress或Drupal那样安装的web应用程序——在目录中解压缩它,点击一些安装页面,它就可以运行了。为了具有广泛的服务器兼容性,我被要求使用PHP和MySQL——这是**MP吗?无论如何,它必须是广泛的跨平台。对于上下文,这基本上是一个针对小型企业的统一的web消息传递应用程序。这不是另一个CMS平台,想想webmail吧。
I want to know about self-updating web applications. First of all, (1) is this a bad idea? As of Wordpress 2.7 the automatic update is a single button, which seems easy, and yet I can imagine so many ways this could go terribly, terribly wrong. Also, isn't the idea that the web files are writable by the web process a security hole?
我想知道自我更新的web应用程序。首先,这是个坏主意吗?从Wordpress 2.7开始,自动更新只是一个简单的按钮,看起来很简单,但是我可以想象有很多方法可以让它变得非常非常糟糕。另外,web文件是否可以通过web进程写入安全漏洞?
(2) Is it worth the development time? There are probably millions of WP installs in the world, so it's probably worth the time it took the WP team to make it easy, saving millions of man hours worldwide. I can only imagine a few thousand installs of my software -- is building self-upgrade worth the time investment, or can I assume that users sophisticated enough to download and install web software in the first place could go through an upgrade checklist?
(2)值得开发时间吗?世界上可能有数百万的WP安装,因此WP团队花了很多时间使其变得简单,从而在全世界节省了数百万人的工作时间,这可能是值得的。我只能想象我的软件安装了几千次——构建自我升级是否值得花费时间,或者我是否可以假设足够复杂的用户可以通过升级检查表来下载和安装web软件?
If it's not a security disaster or waste of time, then (3) I'm looking for suggestions from anyone who has done it before. Do you keep a version table in your database? How do you manage DB upgrades? What method do you use for rolling back a partial upgrade in the context of a self-updating web application? Did using an ORM layer make it easier or harder? Do you keep a delta of version changes or do you just blow out the whole thing every time?
如果这不是安全灾难或浪费时间,那么(3)我在寻找以前做过的人的建议。是否在数据库中保留版本表?如何管理DB升级?在自更新web应用程序的上下文中,使用什么方法回滚部分升级?使用ORM层使它更容易还是更困难?你是保持版本的变化还是每次都把所有的东西都吹掉?
I appreciate your thoughts on this.
我很感激你对这件事的看法。
7 个解决方案
#1
13
Frankly, it really does depend on your userbase. There are tons of PHP applications that don't automatically upgrade themselves. Their users are either technical enough to handle the upgrade process, or just don't upgrade.
坦白地说,它确实依赖于你的用户群。有很多PHP应用程序不会自动升级自己。他们的用户要么是足够的技术来处理升级过程,要么就是不升级。
I purpose two steps:
我的目的两个步骤:
1) Seriously ask yourself what your users are likely to really need. Will self-updating provide enough of a boost to adoption to justify the additional work? If you're confident the answer is yes, just do it.
1)认真地问问自己,你的用户可能真正需要什么。自我更新是否会为额外的工作提供足够的支持?如果你确信答案是肯定的,那就去做。
Since you're asking here, I'd guess that you don't know yet. In that case, I purpose step 2:
既然你在问,我猜你还不知道。在这种情况下,我打算第2步:
2) Release version 1.0 without the feature. Wait for user feedback. Your users may immediately cry for a simpler upgrade process, in which case you should prioritize it. Alternately, you may find that your users are much more concerned with some other feature.
2)发布版本1.0没有这个特性。等待用户的反馈。您的用户可能会立即要求更简单的升级过程,在这种情况下,您应该优先考虑它。另外,您可能会发现您的用户更关心其他一些特性。
Guessing at what your users want without asking them is a good way to waste a lot of development time on things people don't actually need.
猜测用户想要什么而不询问他们是在人们实际上不需要的东西上浪费大量开发时间的好方法。
#2
4
I've been thinking about this lately in regards to database schema changes. At the moment I'm digging into WordPress to see how they've handled database changes between revisions. Here's what I've found so far:
我最近一直在考虑关于数据库模式更改的问题。目前我正在深入研究WordPress,看看他们是如何在修订之间处理数据库更改的。以下是我迄今为止发现的:
$wp_db_version is loaded from wp-includes/version.php. This variable corresponds to a Subversion revision number, and is updated when wp-admin/includes/schema.php is changed. (Possibly through a hook? I'm not sure.) When wp-admin/admin.php is loaded, the WordPress option named db_version is read from the database. If this number is not equal to $wp_db_version, wp-admin/upgrade.php is loaded.
$wp_db_version从wp-include /version.php加载。该变量对应于Subversion修订号,并在wp-admin/include /schema时更新。php是改变。(可能是通过一个钩子?我不确定。)当wp-admin / admin。加载php后,将从数据库中读取名为db_version的WordPress选项。如果这个数字不等于$wp_db_version,则执行wp-admin/upgrade。php是加载。
wp-admin/includes/upgrade.php includes a function called dbDelta(). dbDelta() scans $wp_queries (a string of SQL queries that will create the most recent database schema from scratch) and compares it to the schema in the database, altering the tables as necessary so that the schema is brought up-to-date.
wp-admin /包括/升级。php包含一个名为dbDelta()的函数。dbDelta()扫描$wp_queries(一串SQL查询,它将从头创建最新的数据库模式),并将其与数据库中的模式进行比较,必要时更改表,以使模式获得最新的。
upgrade.php then runs a function called upgrade_all() which runs specific upgrade_NNN() functions if $wp_db_version is less than target values. (ie. upgrade_250(), the WordPress 2.5.0 upgrade, will be run if the database version is less than 7499.) Each of these functions run their own data migration and population procedures, some of which are called during the initial database setup script. Nicely cuts down on duplicate code.
升级。然后php运行一个名为upgrade_all()的函数,如果$wp_db_version小于目标值,该函数将运行特定的upgrade_NNN()函数。(即。upgrade_250(), WordPress 2.5.0升级,如果数据库版本小于7499,将运行。每个函数都运行自己的数据迁移和填充过程,其中一些过程在初始数据库设置脚本中调用。很好地减少了重复的代码。
So, that's one way to do it.
这是一种方法。
#3
4
Yes it would be a security feature if PHP went and overwrote its files from some place on the internet with no warning. There's no guarantee that the server is connecting correctly to your update server (it might download someone code crafted by someone else if DNS poisoning occured) - giving someone else access to your client's data. Therefore digital signing would be important.
是的,如果PHP在没有任何警告的情况下从internet上的某个地方覆盖它的文件,这将是一个安全特性。不能保证服务器正在正确地连接到您的更新服务器(如果出现DNS中毒,它可能会下载某人编写的代码)——允许其他人访问您的客户机数据。因此,数字签名是很重要的。
The user could control updates by setting permissions on the web directory so that PHP only has read access to the files - this procedure could simply be documented with your program.
用户可以通过设置web目录上的权限来控制更新,这样PHP就只能对文件进行读访问——这个过程可以简单地用程序记录下来。
One question remains (I really don't know the answer to): can PHP overwrite files if it's currently using them (e.g. if the update.php file itself needed to be updated)? Worth testing.
还有一个问题(我真的不知道答案):如果PHP现在正在使用它们(例如,如果更新的话),它会覆盖文件吗?php文件本身需要更新)?值得一试。
#4
3
I suppose you've already ruled this out, but you could host it as a service. (Think wordpress.com)
我想你已经排除了这种可能性,但是你可以把它作为一种服务来托管。(比如wordpress.com)
#5
3
I'd suggest that you package your application with pear and set up a channel. Your users can then upgrade the application through a standard interface (pear). It's not entirely automatic (unless the users have some kind of automation running on top of pear), but it's standard, so any sysadmin can maintain it.
我建议您将应用程序打包为pear并设置一个通道。然后,用户可以通过标准接口(pear)升级应用程序。它不是完全自动的(除非用户在pear上运行某种自动化),但是它是标准的,所以任何系统管理员都可以维护它。
#6
1
I think your best option is an update checking mechanism that will alert the administrator when there are update(s).
我认为您最好的选择是一个更新检查机制,当有更新时它会通知管理员。
As you mention, there are a number of potential security problems. Due to those alone, I would suggest not doing this. Instead, try creating a fairly smart upgrading script.
如你所提到的,有许多潜在的安全问题。由于只有这些人,我建议不要这样做。相反,尝试创建一个相当聪明的升级脚本。
#7
1
Just my 2 cents: I'd consider an automatically self updating application within my CMS as a security hole, so if you decide to code this feature, you should consider to implement different levels of this behavior:
我的看法是:我认为我的CMS系统中有一个自动自我更新的应用程序是一个安全漏洞,所以如果您决定编写这个特性,您应该考虑实现不同级别的这种行为:
- Automatically update
- 自动更新
- Check for updates and notify
- 检查更新并通知
- Disable
- 禁用
#1
13
Frankly, it really does depend on your userbase. There are tons of PHP applications that don't automatically upgrade themselves. Their users are either technical enough to handle the upgrade process, or just don't upgrade.
坦白地说,它确实依赖于你的用户群。有很多PHP应用程序不会自动升级自己。他们的用户要么是足够的技术来处理升级过程,要么就是不升级。
I purpose two steps:
我的目的两个步骤:
1) Seriously ask yourself what your users are likely to really need. Will self-updating provide enough of a boost to adoption to justify the additional work? If you're confident the answer is yes, just do it.
1)认真地问问自己,你的用户可能真正需要什么。自我更新是否会为额外的工作提供足够的支持?如果你确信答案是肯定的,那就去做。
Since you're asking here, I'd guess that you don't know yet. In that case, I purpose step 2:
既然你在问,我猜你还不知道。在这种情况下,我打算第2步:
2) Release version 1.0 without the feature. Wait for user feedback. Your users may immediately cry for a simpler upgrade process, in which case you should prioritize it. Alternately, you may find that your users are much more concerned with some other feature.
2)发布版本1.0没有这个特性。等待用户的反馈。您的用户可能会立即要求更简单的升级过程,在这种情况下,您应该优先考虑它。另外,您可能会发现您的用户更关心其他一些特性。
Guessing at what your users want without asking them is a good way to waste a lot of development time on things people don't actually need.
猜测用户想要什么而不询问他们是在人们实际上不需要的东西上浪费大量开发时间的好方法。
#2
4
I've been thinking about this lately in regards to database schema changes. At the moment I'm digging into WordPress to see how they've handled database changes between revisions. Here's what I've found so far:
我最近一直在考虑关于数据库模式更改的问题。目前我正在深入研究WordPress,看看他们是如何在修订之间处理数据库更改的。以下是我迄今为止发现的:
$wp_db_version is loaded from wp-includes/version.php. This variable corresponds to a Subversion revision number, and is updated when wp-admin/includes/schema.php is changed. (Possibly through a hook? I'm not sure.) When wp-admin/admin.php is loaded, the WordPress option named db_version is read from the database. If this number is not equal to $wp_db_version, wp-admin/upgrade.php is loaded.
$wp_db_version从wp-include /version.php加载。该变量对应于Subversion修订号,并在wp-admin/include /schema时更新。php是改变。(可能是通过一个钩子?我不确定。)当wp-admin / admin。加载php后,将从数据库中读取名为db_version的WordPress选项。如果这个数字不等于$wp_db_version,则执行wp-admin/upgrade。php是加载。
wp-admin/includes/upgrade.php includes a function called dbDelta(). dbDelta() scans $wp_queries (a string of SQL queries that will create the most recent database schema from scratch) and compares it to the schema in the database, altering the tables as necessary so that the schema is brought up-to-date.
wp-admin /包括/升级。php包含一个名为dbDelta()的函数。dbDelta()扫描$wp_queries(一串SQL查询,它将从头创建最新的数据库模式),并将其与数据库中的模式进行比较,必要时更改表,以使模式获得最新的。
upgrade.php then runs a function called upgrade_all() which runs specific upgrade_NNN() functions if $wp_db_version is less than target values. (ie. upgrade_250(), the WordPress 2.5.0 upgrade, will be run if the database version is less than 7499.) Each of these functions run their own data migration and population procedures, some of which are called during the initial database setup script. Nicely cuts down on duplicate code.
升级。然后php运行一个名为upgrade_all()的函数,如果$wp_db_version小于目标值,该函数将运行特定的upgrade_NNN()函数。(即。upgrade_250(), WordPress 2.5.0升级,如果数据库版本小于7499,将运行。每个函数都运行自己的数据迁移和填充过程,其中一些过程在初始数据库设置脚本中调用。很好地减少了重复的代码。
So, that's one way to do it.
这是一种方法。
#3
4
Yes it would be a security feature if PHP went and overwrote its files from some place on the internet with no warning. There's no guarantee that the server is connecting correctly to your update server (it might download someone code crafted by someone else if DNS poisoning occured) - giving someone else access to your client's data. Therefore digital signing would be important.
是的,如果PHP在没有任何警告的情况下从internet上的某个地方覆盖它的文件,这将是一个安全特性。不能保证服务器正在正确地连接到您的更新服务器(如果出现DNS中毒,它可能会下载某人编写的代码)——允许其他人访问您的客户机数据。因此,数字签名是很重要的。
The user could control updates by setting permissions on the web directory so that PHP only has read access to the files - this procedure could simply be documented with your program.
用户可以通过设置web目录上的权限来控制更新,这样PHP就只能对文件进行读访问——这个过程可以简单地用程序记录下来。
One question remains (I really don't know the answer to): can PHP overwrite files if it's currently using them (e.g. if the update.php file itself needed to be updated)? Worth testing.
还有一个问题(我真的不知道答案):如果PHP现在正在使用它们(例如,如果更新的话),它会覆盖文件吗?php文件本身需要更新)?值得一试。
#4
3
I suppose you've already ruled this out, but you could host it as a service. (Think wordpress.com)
我想你已经排除了这种可能性,但是你可以把它作为一种服务来托管。(比如wordpress.com)
#5
3
I'd suggest that you package your application with pear and set up a channel. Your users can then upgrade the application through a standard interface (pear). It's not entirely automatic (unless the users have some kind of automation running on top of pear), but it's standard, so any sysadmin can maintain it.
我建议您将应用程序打包为pear并设置一个通道。然后,用户可以通过标准接口(pear)升级应用程序。它不是完全自动的(除非用户在pear上运行某种自动化),但是它是标准的,所以任何系统管理员都可以维护它。
#6
1
I think your best option is an update checking mechanism that will alert the administrator when there are update(s).
我认为您最好的选择是一个更新检查机制,当有更新时它会通知管理员。
As you mention, there are a number of potential security problems. Due to those alone, I would suggest not doing this. Instead, try creating a fairly smart upgrading script.
如你所提到的,有许多潜在的安全问题。由于只有这些人,我建议不要这样做。相反,尝试创建一个相当聪明的升级脚本。
#7
1
Just my 2 cents: I'd consider an automatically self updating application within my CMS as a security hole, so if you decide to code this feature, you should consider to implement different levels of this behavior:
我的看法是:我认为我的CMS系统中有一个自动自我更新的应用程序是一个安全漏洞,所以如果您决定编写这个特性,您应该考虑实现不同级别的这种行为:
- Automatically update
- 自动更新
- Check for updates and notify
- 检查更新并通知
- Disable
- 禁用