Security line in all includes changed
[mailer.git] / inc / install-inc.php
index 9bdd5f3..55eb350 100644 (file)
@@ -36,7 +36,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
@@ -45,9 +45,10 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
 function install_WriteData ($file, $comment, $prefix, $suffix, $DATA, $sneak=0) {
        // Initialize all and count up the "seak" value
        $done = false;
-       $next = 0;
+       $next = -1;
        $sneak++;
-       if ((file_exists($file)) && (is_readable($file))) {
+
+       if (FILE_READABLE($file)) {
                $search = "CFG: ".$comment;
                $tmp = $file.".tmp";
                $fp = @fopen($file, 'r') or OUTPUT_HTML("<STRONG>READ:</STRONG> ".$file."<br />");
@@ -56,15 +57,22 @@ function install_WriteData ($file, $comment, $prefix, $suffix, $DATA, $sneak=0)
                        if (is_resource($fp_tmp)) {
                                while (!feof($fp)) {
                                        $line = fgets ($fp, 10240);
-                                       if (strpos($line, $search) > -1) $next = 0;
+                                       //* DEBUG: */ echo $search."/<font color=\"red\">".htmlentities($line)."</font><br />\n";
+                                       $found = strpos($line, $search);
+                                       //* DEBUG: */ echo "FOUND: <font color=\"brown\">";
+                                       //* DEBUG: */ var_dump($found);
+                                       //* DEBUG: */ echo "</font><br />\n";
+                                       if ($found !== false) $next = 0;
                                        if ($next > -1) {
                                                if ($next == $sneak) {
                                                        $next = -1;
                                                        $line = $prefix.$DATA.$suffix."\n";
+                                                       //* DEBUG: */ echo "NEW: <font color=\"blue\">".htmlentities($line)."</font><br />\n";
                                                } else {
                                                        $next++;
                                                }
                                        }
+                                       //* DEBUG: */ echo "WRITE: <font color=\"green\">".htmlentities($line)."</font><br />\n";
                                        fputs($fp_tmp, $line);
                                }
                                fclose($fp_tmp);
@@ -158,7 +166,7 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
                if (empty($mysql['prefix'])) $mysql['prefix'] = "mxchange_";
                if ((sizeof($FATAL) > 0) || (!empty($FATAL[0]))) {
                        OUTPUT_HTML("<SPAN class=\"install_fatal\">");
-                       foreach ($FATAL as $key=>$err) {
+                       foreach ($FATAL as $key => $err) {
                                OUTPUT_HTML("  <STRONG>&middot;</STRONG>&nbsp;".FATAL_NO.($key + 1).":&nbsp;".$err."<br />");
                        }
                        OUTPUT_HTML("</SPAN><br />");
@@ -303,7 +311,7 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
 <TR><TD colspan=\"2\" height=\"21\" class=\"seperator\">&nbsp;</TD></TR>
 <TR>
   <TD colspan=\"2\" align=\"center\">");
-               foreach ($mysql as $key=>$value) {
+               foreach ($mysql as $key => $value) {
                        OUTPUT_HTML("    <INPUT type=\"hidden\" name=\"mysql[".$key."]\" value=\"".$value."\">");
                }
                OUTPUT_HTML("    <INPUT type=\"hidden\" name=\"spath\" value=\"".__SPATH_VALUE."\">
@@ -334,12 +342,12 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
                                $db = SQL_SELECT_DB($mysql['dbase'], $link, __FILE__, __LINE__);
                                if ($db) {
                                        // Automatically run install.sql
-                                       if ((file_exists($_POST['spath']."install/tables.sql")) && (file_exists($_POST['spath']."install/menu-".GET_LANGUAGE().".sql"))) {
+                                       if ((FILE_READABLE($_POST['spath']."install/tables.sql")) && (FILE_READABLE($_POST['spath']."install/menu-".GET_LANGUAGE().".sql"))) {
                                                // Both exists so import them
                                                foreach (array("tables.sql", "menu-".GET_LANGUAGE().".sql") as $dump) {
                                                        // Should be save here because file_exists() is there but we check it again. :)
                                                        $file = secureString($_POST['spath']) . "install/" . $dump;
-                                                       if ((file_exists($file)) && (is_readable($file))) {
+                                                       if (FILE_READABLE($file)) {
                                                                // Load the file
                                                                $sql = implode("", file($file));
 
@@ -410,7 +418,7 @@ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndT
                                }
                                define('__FATAL_ERROR_LI', $OUT);
                                $OUT = "";
-                               foreach ($mysql as $key=>$value)
+                               foreach ($mysql as $key => $value)
                                {
                                        $OUT .= "    <INPUT type=\"hidden\" name=\"mysql[".$key."]\" value=\"".$value."\">\n";
                                }