use Friendica\BaseObject;
use Friendica\Database\DBA;
+use Friendica\Util\Strings;
/**
* Some functions to handle addons
*/
public static function uninstall($addon)
{
+ $addon = Strings::sanitizeFilePathItem($addon);
+
Logger::notice("Addon {addon}: {action}", ['action' => 'uninstall', 'addon' => $addon]);
DBA::delete('addon', ['name' => $addon]);
*/
public static function install($addon)
{
- // silently fail if addon was removed
+ $addon = Strings::sanitizeFilePathItem($addon);
+ // silently fail if addon was removed of if $addon is funky
if (!file_exists('addon/' . $addon . '/' . $addon . '.php')) {
return false;
}
+
Logger::notice("Addon {addon}: {action}", ['action' => 'install', 'addon' => $addon]);
$t = @filemtime('addon/' . $addon . '/' . $addon . '.php');
@include_once('addon/' . $addon . '/' . $addon . '.php');
if (!self::isEnabled($addon)) {
self::$addons[] = $addon;
}
+
return true;
} else {
Logger::error("Addon {addon}: {action} failed", ['action' => 'uninstall', 'addon' => $addon]);
$addon_list = explode(',', $addons);
- if (count($addon_list)) {
- foreach ($addon_list as $addon) {
- $addon = trim($addon);
- $fname = 'addon/' . $addon . '/' . $addon . '.php';
-
- if (file_exists($fname)) {
- $t = @filemtime($fname);
- foreach ($installed as $i) {
- if (($i['name'] == $addon) && ($i['timestamp'] != $t)) {
-
- Logger::notice("Addon {addon}: {action}", ['action' => 'reload', 'addon' => $i['name']]);
- @include_once($fname);
-
- if (function_exists($addon . '_uninstall')) {
- $func = $addon . '_uninstall';
- $func(self::getApp());
- }
- if (function_exists($addon . '_install')) {
- $func = $addon . '_install';
- $func(self::getApp());
- }
- DBA::update('addon', ['timestamp' => $t], ['id' => $i['id']]);
+ foreach ($addon_list as $addon) {
+ $addon = Strings::sanitizeFilePathItem(trim($addon));
+ $fname = 'addon/' . $addon . '/' . $addon . '.php';
+ if (file_exists($fname)) {
+ $t = @filemtime($fname);
+ foreach ($installed as $i) {
+ if (($i['name'] == $addon) && ($i['timestamp'] != $t)) {
+
+ Logger::notice("Addon {addon}: {action}", ['action' => 'reload', 'addon' => $i['name']]);
+ @include_once($fname);
+
+ if (function_exists($addon . '_uninstall')) {
+ $func = $addon . '_uninstall';
+ $func(self::getApp());
+ }
+ if (function_exists($addon . '_install')) {
+ $func = $addon . '_install';
+ $func(self::getApp());
}
+ DBA::update('addon', ['timestamp' => $t], ['id' => $i['id']]);
}
}
}
{
$a = self::getApp();
+ $addon = Strings::sanitizeFilePathItem($addon);
+
$info = [
'name' => $addon,
'description' => "",
use Friendica\BaseObject;
use Friendica\Database\DBA;
+use Friendica\Util\Strings;
/**
* Provide Language, Translation, and Localization functions to the application
*/
private static function loadTranslationTable($lang)
{
+ $lang = Strings::sanitizeFilePathItem($lang);
+
if ($lang === self::$lang) {
return;
}
// load enabled addons strings
$addons = DBA::select('addon', ['name'], ['installed' => true]);
while ($p = DBA::fetch($addons)) {
- $name = $p['name'];
+ $name = Strings::sanitizeFilePathItem($p['name']);
if (file_exists("addon/$name/lang/$lang/strings.php")) {
include "addon/$name/lang/$lang/strings.php";
}
projects / friendica.git / commitdiff