Updating Joomla 1.0 and 1.5

Brad Baker, a founding member of the Joomla project, likens not keeping your Joomla installation up to date to driving a racing car without a helmet or seatbelt. Here’s how to buckle up.

This article is for updating Joomla versions prior to 1.6. For Joomla 1.6 and later, see Upgrading from an existing version on the Joomla documentation project.

I often customize Joomla’s code, so I need a means of updating that gives me full manual control so that my work is not overwritten, as documented below. If you use Joomla out of the box, however, you might find that a tool such as Update Manager suits your needs and makes the task easier.

BEFORE BEGINNING
Are you updating or migrating? In Joomla-speak, updating means to go from one maintenance release to another — for example, from 1.5.22 to 1.5.23. Migrating means to go from one minor release to another — for example, from 1.5.23 to 1.6.0. This article focuses on updating.

Migrating adds additional issues which this article does not consider, but you should. For example, in the two migrations I have done — from 1.0 to 1.5, and 1.5 to 1.6 — all old extensions and templates had to be replaced with new ones. If you are migrating, you will want to confirm beforehand that adequate extensions and templates exist for your new version of Joomla. Also be sure to read the Joomla documentation project’s relevant migration guide.

Patches are released to upgrade from a particular version to a particular version. If for instance you are running Joomla 1.0.12 and want to upgrade to 1.0.13, you will need the 1.0.12 to 1.0.13 patch package. If you have a particularly old installation, you may have to apply multiple patches to get up to date. Recent patches are available from the download section of joomla.org; older patches are unofficially collected in Phil Taylor’s repository.

If you have done any customization to Joomla’s code, see if the patch will overwrite your customized files. To do this, first uncompress the patch package to a temporary directory on your local workstation. How you do this depends upon the compression format of the patch; in my order of preference they are:

  • For a gzipped tar patch, tar -zxf patch.tar.gz
  • For a bzipped tar patch, tar -jxf patch.tar.bz2
  • For a zipped patch, unzip -o patch.zip

Then open a diff editor like Meld and do a directory comparison (File – New – Directory Comparison): one pane showing the patch directory and the other pane showing the directory of your customized files. Then simply browse the differences, making note of any customized files that will be overwritten. Incorporate any changes in the patched files to your customized files, because after we apply the patch on the server we will upload the customized files to overwrite the patch files. The end result will be files that are both patched and customized.

As before making any system change, first perform a global check-in, a manual security check, and backup. Then take the site offline just before patching.

APPLY THE PATCH
You have three options. In order of preference, they are:

1. The preferred method on a remote box is to use scp to upload the compressed patch package to the Joomla docroot, and use ssh to uncompress it there. Delete the patch package afterward:

$ cd /path/to/patch/
$ scp patch.tar.gz user@remote-host.example.com:public_html/
$ ssh user@remote-host.example.com
% cd public_html/
% tar -zxf patch.tar.gz
% rm patch.tar.gz
% exit

On a local installation, the procedure is similar. Determine the owner and group of Joomla’s files (on my local installation that is apache:apache). Then change the owner and group of the patch package accordingly, and uncompress it as that user. On my local installation the commands were:

$ su
# cd /var/www/html/joomla1.5/
# cp /path/to/patch.tar.gz .
# chown apache: patch.tar.gz
# su apache
$ tar -zxf patch.tar.gz
$ rm patch.tar.gz

On my box, su apache gives the non-fatal error sh: /root/.bashrc: Permission denied which may be ignored.

2. The second best method is to upload and then uncompress the package using your web host’s file manager. Delete the patch package afterward.

3. As a last resort, uncompress the package locally and upload the files via FTP. The Joomla team pointedly discourages this.

Whichever method you choose, upload any customized files after applying the patch and to take the site back online.

POST-PATCH CHECK
Insure there are no obvious problems that need to be addressed. In particular take a look at Help – System Info – Directory Permissions. Also make sure third-party components are not obviously broken. As a final step, perform another security check run and manual backup.

REFERENCES
Patch instructions

Advertisements

About Warren Post

So far: Customer support guy, jungle guide, IT consultant, beach bum, entrepreneur, teacher, diplomat, over-enthusiastic cyclist. Tomorrow: who knows?
This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

One Response to Updating Joomla 1.0 and 1.5

  1. Pingback: Securing Joomla with GuardXT | A maze of twisty little passages

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s