fix: hardening for opcache.enable_file_override

If the PHP instance has aggressive caching enabled, with `opcache.enable_file_override` and sufficiently long or disabled `opcache.validate_timestamps`, `file_exists($versionFileName)` can retrun true after the file was removed from disk. `require_once $versionFileName;` however requires the file to exist on disk, even if it has an OPcache entry.

With this commit, the cache entry is invalidated before `file_exists($versionFileName)` is called, to harden the updater for instances with `opcache.enable_file_override`.

Signed-off-by: MichaIng <micha@dietpi.com>

Author: MichaIng

index.php

@@ -82,6 +82,11 @@ public function __construct(
 		}
 
 		$versionFileName = $this->nextcloudDir . '/version.php';
+		// Invalidate version.php OPcache entry to assure file_exists() returns
+		// false after files were removed while opcache.enable_file_override is set.
+		if (function_exists('opcache_invalidate')) {
+			opcache_invalidate($versionFileName, true);
+		}
 		if (!file_exists($versionFileName)) {
 			// fallback to version in config.php
 			$version = $this->getConfigOptionString('version');