Security line in all includes changed

[mailer.git] / inc / install-inc.php

diff --git a/inc/install-inc.php b/inc/install-inc.php
index 850d6fae7e6b0390cd862f7983989ce4f7ccd64f..55eb350f4fd272dab2db9fa5976de5e90018b5eb 100644 (file)
--- a/inc/install-inc.php
+++ b/inc/install-inc.php
@@ -36,7 +36,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
@@ -45,10 +45,10 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
 function install_WriteData ($file, $comment, $prefix, $suffix, $DATA, $sneak=0) {
        // Initialize all and count up the "seak" value
        $done = false;
-       $next = 0;
+       $next = -1;
        $sneak++;
 
-       if ((file_exists($file)) && (is_readable($file))) {
+       if (FILE_READABLE($file)) {
                $search = "CFG: ".$comment;
                $tmp = $file.".tmp";
                $fp = @fopen($file, 'r') or OUTPUT_HTML("<STRONG>READ:</STRONG> ".$file."<br />");
@@ -60,7 +60,7 @@ function install_WriteData ($file, $comment, $prefix, $suffix, $DATA, $sneak=0)
                                        //* DEBUG: */ echo $search."/<font color=\"red\">".htmlentities($line)."</font><br />\n";
                                        $found = strpos($line, $search);
                                        //* DEBUG: */ echo "FOUND: <font color=\"brown\">";
-                                       var_dump($found);
+                                       //* DEBUG: */ var_dump($found);
                                        //* DEBUG: */ echo "</font><br />\n";
                                        if ($found !== false) $next = 0;
                                        if ($next > -1) {
@@ -166,7 +166,7 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
                if (empty($mysql['prefix'])) $mysql['prefix'] = "mxchange_";
                if ((sizeof($FATAL) > 0) || (!empty($FATAL[0]))) {
                        OUTPUT_HTML("<SPAN class=\"install_fatal\">");
-                       foreach ($FATAL as $key=>$err) {
+                       foreach ($FATAL as $key => $err) {
                                OUTPUT_HTML("  <STRONG>&middot;</STRONG>&nbsp;".FATAL_NO.($key + 1).":&nbsp;".$err."<br />");
                        }
                        OUTPUT_HTML("</SPAN><br />");
@@ -311,7 +311,7 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
 <TR><TD colspan=\"2\" height=\"21\" class=\"seperator\">&nbsp;</TD></TR>
 <TR>
   <TD colspan=\"2\" align=\"center\">");
-               foreach ($mysql as $key=>$value) {
+               foreach ($mysql as $key => $value) {
                        OUTPUT_HTML("    <INPUT type=\"hidden\" name=\"mysql[".$key."]\" value=\"".$value."\">");
                }
                OUTPUT_HTML("    <INPUT type=\"hidden\" name=\"spath\" value=\"".__SPATH_VALUE."\">
@@ -342,12 +342,12 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
                                $db = SQL_SELECT_DB($mysql['dbase'], $link, __FILE__, __LINE__);
                                if ($db) {
                                        // Automatically run install.sql
-                                       if ((file_exists($_POST['spath']."install/tables.sql")) && (file_exists($_POST['spath']."install/menu-".GET_LANGUAGE().".sql"))) {
+                                       if ((FILE_READABLE($_POST['spath']."install/tables.sql")) && (FILE_READABLE($_POST['spath']."install/menu-".GET_LANGUAGE().".sql"))) {
                                                // Both exists so import them
                                                foreach (array("tables.sql", "menu-".GET_LANGUAGE().".sql") as $dump) {
                                                        // Should be save here because file_exists() is there but we check it again. :)
                                                        $file = secureString($_POST['spath']) . "install/" . $dump;
-                                                       if ((file_exists($file)) && (is_readable($file))) {
+                                                       if (FILE_READABLE($file)) {
                                                                // Load the file
                                                                $sql = implode("", file($file));
 
@@ -398,7 +398,6 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
                                                install_WriteData($_POST['spath']."inc/config.php", "SMTP-USER", "define('SMTP_USER', \"", "\");", $_POST['smtp_user'], 0);
                                                install_WriteData($_POST['spath']."inc/config.php", "SMTP-PASSWORD", "define('SMTP_PASSWORD', \"", "\");", $_POST['smtp_pass'], 0);
                                                install_WriteData($_POST['spath']."inc/config.php", "INSTALLED", "define('mxchange_installed', ", ");", "true", 0);
-                                               die();
 
                                                // Close the link
                                                SQL_CLOSE($link, __FILE__, __LINE__);
@@ -419,7 +418,7 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
                                }
                                define('__FATAL_ERROR_LI', $OUT);
                                $OUT = "";
-                               foreach ($mysql as $key=>$value)
+                               foreach ($mysql as $key => $value)
                                {
                                        $OUT .= "    <INPUT type=\"hidden\" name=\"mysql[".$key."]\" value=\"".$value."\">\n";
                                }