[4.4] Improve error messages of uploaded package check in Joomla Update (#41947)

* Joomlaupdate better error message - downgrade

* Joomlaupdate better error message - download links

* Joomlaupdate better error message - package naming

* Joomlaupdate better error messages

* Add name of selected package to error messages

* Use escaped double quotes nstead of single quotes for html properties

---------

Co-authored-by: Quy <[email protected]>

Author: richard67

administrator/components/com_joomlaupdate/src/Model/UpdateModel.php

@@ -985,9 +985,9 @@ public function upload()
 
         // Check the uploaded file (throws RuntimeException when a check failed)
         if (\extension_loaded('zip')) {
-            $this->checkPackageFileZip($userfile['tmp_name']);
+            $this->checkPackageFileZip($userfile['tmp_name'], $userfile['name']);
         } else {
-            $this->checkPackageFileNoZip($userfile['tmp_name']);
+            $this->checkPackageFileNoZip($userfile['tmp_name'], $userfile['name']);
         }
 
         // Build the appropriate paths.
@@ -1814,64 +1814,66 @@ public function collectError(string $context, \Throwable $error)
     /**
      * Check the update package with ZipArchive class from zip PHP extension
      *
-     * @param   string  $filePath  Full path to the update package to test
+     * @param   string  $filePath     Full path to the uploaded update package (temporary file) to test
+     * @param   string  $packageName  Name of the selected update package
      *
      * @return  void
      *
      * @since   4.4.0
      * @throws  \RuntimeException
      */
-    private function checkPackageFileZip(string $filePath)
+    private function checkPackageFileZip(string $filePath, $packageName)
     {
         $zipArchive = new \ZipArchive();
 
         if ($zipArchive->open($filePath) !== true) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         if ($zipArchive->locateName('installation/index.php') !== false) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE', $packageName), 500);
         }
 
         $manifestFile = $zipArchive->getFromName('administrator/manifests/files/joomla.xml');
 
         if ($manifestFile === false) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE', $packageName), 500);
         }
 
-        $this->checkManifestXML($manifestFile);
+        $this->checkManifestXML($manifestFile, $packageName);
     }
 
     /**
      * Check the update package without using the ZipArchive class from zip PHP extension
      *
-     * @param   string  $filePath  Full path to the update package to test
+     * @param   string  $filePath  Full path to the uploaded update package (temporary file) to test
+     * @param   string  $packageName  Name of the selected update package
      *
      * @return  void
      *
      * @see     https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT
      * @since   4.4.0
      * @throws  \RuntimeException
      */
-    private function checkPackageFileNoZip(string $filePath)
+    private function checkPackageFileNoZip(string $filePath, $packageName)
     {
         // The file must exist and be readable
         if (!file_exists($filePath) || !is_readable($filePath)) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         // The file must be at least 1KiB (anything less is not even a real file!)
         $filesize = filesize($filePath);
 
         if ($filesize < 1024) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         // Open the file
         $fp = @fopen($filePath, 'rb');
 
         if ($fp === false) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         // Read chunks of max. 1MiB size
@@ -1898,7 +1900,7 @@ private function checkPackageFileNoZip(string $filePath)
             if ($fileChunk === false || strlen($fileChunk) !== $readsize) {
                 @fclose($fp);
 
-                throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+                throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
             }
 
             $posFirstHeader = strpos($fileChunk, $headerSignature);
@@ -1917,7 +1919,7 @@ private function checkPackageFileNoZip(string $filePath)
                 if (substr($fileChunk, $pos - 46, 4) == $headerSignature && substr($fileChunk, $pos - 18, 2) == $sizeSignatureIndexPhp) {
                     @fclose($fp);
 
-                    throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE'), 500);
+                    throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE', $packageName), 500);
                 }
 
                 $offset = $pos + 22;
@@ -1952,14 +1954,14 @@ private function checkPackageFileNoZip(string $filePath)
         if (!$headerFound) {
             @fclose($fp);
 
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         // If no central directory file header found for the manifest XML file it's not a valid Joomla package
         if (!$headerInfo) {
             @fclose($fp);
 
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE', $packageName), 500);
         }
 
         // Read the local file header of the manifest XML file
@@ -1972,7 +1974,7 @@ private function checkPackageFileNoZip(string $filePath)
         if (!$localHeaderInfo['Compressed']) {
             @fclose($fp);
 
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE', $packageName), 500);
         }
 
         // Read the compressed manifest XML file content
@@ -2002,34 +2004,35 @@ private function checkPackageFileNoZip(string $filePath)
         }
 
         if (!$manifestFile) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE', $packageName), 500);
         }
 
-        $this->checkManifestXML($manifestFile);
+        $this->checkManifestXML($manifestFile, $packageName);
     }
 
     /**
      * Check content of manifest XML file in update package
      *
-     * @param   string  $manifest  Content of the manifest XML file
+     * @param   string  $manifest     Content of the manifest XML file
+     * @param   string  $packageName  Name of the selected update package
      *
      * @return  void
      *
      * @since   4.4.0
      * @throws  \RuntimeException
      */
-    private function checkManifestXML(string $manifest)
+    private function checkManifestXML(string $manifest, $packageName)
     {
         $manifestXml = simplexml_load_string($manifest);
 
         if (!$manifestXml) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND', $packageName), 500);
         }
 
         $versionPackage = (string) $manifestXml->version ?: '';
 
         if (!$versionPackage) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND', $packageName), 500);
         }
 
         $currentVersion = JVERSION;
@@ -2040,7 +2043,7 @@ private function checkManifestXML(string $manifest)
         }
 
         if (version_compare($versionPackage, $currentVersion, 'lt')) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_DOWNGRADE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_DOWNGRADE', $packageName, $versionPackage, $currentVersion), 500);
         }
     }
 }

administrator/language/en-GB/com_joomlaupdate.ini

@@ -177,11 +177,11 @@ COM_JOOMLAUPDATE_VIEW_UPDATE_FINALISE_HEAD_DESC="To complete the update Process
 COM_JOOMLAUPDATE_VIEW_UPDATE_PERCENT="Percent complete"
 COM_JOOMLAUPDATE_VIEW_UPLOAD_CAPTIVE_INTRO_BODY="Make sure that the update file you have uploaded comes from the official Joomla download page. Afterwards, please confirm that you want to install it by re-entering the login information for your site "%s" below."
 COM_JOOMLAUPDATE_VIEW_UPLOAD_CAPTIVE_INTRO_HEAD="Are you sure you want to install the file you uploaded?"
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_DOWNGRADE="The update package file has a lower version than the current Joomla version. You cannot downgrade a Joomla site."
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE="The uploaded package file looks like it is a full installation package of Joomla which can only be used for creating new sites. You can only use the \"Upgrade Package (.zip)\" to update your site."
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE="The uploaded package file is not a Joomla update package. It does not contain the \"administrator/manifests/files/joomla.xml\" file."
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND="The uploaded package file is not a Joomla update package. It does not contain valid version information."
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN="The uploaded package file is either not a ZIP file or is corrupted."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_DOWNGRADE="The uploaded package file \"%1$s\" has a lower version \"%2$s\" than the installed version \"%3$s\". You cannot downgrade a Joomla site.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the Joomla Upgrade Package of a <em><strong>newer version</strong></em>."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE="The uploaded package file \"%s\" looks like it is a full installation package of Joomla which can only be used for creating new sites. You can only use the <em><strong>Upgrade Package</strong></em> to update your site.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the Joomla <em><strong>Upgrade Package</strong></em> of the right version."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE="The uploaded package file \"%s\" is not a Joomla update package. It does not contain the \"administrator/manifests/files/joomla.xml\" file.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the right Joomla <em><strong>Upgrade Package</strong></em>."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND="The uploaded package file \"%s\" is not a Joomla update package. It does not contain valid version information.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the right Joomla <em><strong>Upgrade Package</strong></em>."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN="The uploaded package file \"%s\" is either not a ZIP file or is corrupted.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the desired Joomla <em><strong>Upgrade Package in ZIP format</strong></em>."
 COM_JOOMLAUPDATE_VIEW_UPLOAD_PACKAGE_FILE="Joomla package file"
 COM_JOOMLAUPDATE_XML_DESCRIPTION="Updates Joomla to the latest version with one click."