************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Add description as navigation point
ADD_DESCR("admin", basename(__FILE__));
-global $CACHE, $KEEP_ACTIVE, $CACHE_FILE;
+global $cacheInstance, $cacheArray, $cacheMode;
// Normally we want the overview of all registered extensions
$do = "overview";
-$SEL = "0";
+$SEL = 0;
if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);
if (!empty($_GET['reg_ext'])) {
// The ID comes from task management and it is - of course - *not* the extension's name!
} elseif ((isset($_POST['change'])) && ($SEL > 0) && (!IS_DEMO())) {
// De-/activate extensions
- foreach ($_POST['sel'] as $id=>$active) {
+ foreach ($_POST['sel'] as $id => $active) {
// Shall we keep the extension always active?
- if ((isset($KEEP_ACTIVE[GET_EXT_NAME($id)])) && ($KEEP_ACTIVE[GET_EXT_NAME($id)] == "Y") && ($active == "N")) {
+ if ((isset($cacheArray['active_extensions'][GET_EXT_NAME($id)])) && ($cacheArray['active_extensions'][GET_EXT_NAME($id)] == "Y") && ($active == "N")) {
// Keep this extension active!
} else {
// De/activate extension
$ACT = "N"; $EXT_LOAD_MODE = "deactivate";
if ($active == "N") { $ACT = "Y"; $EXT_LOAD_MODE = "activate"; }
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='".$ACT."' WHERE id=%d AND ext_active='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='".$ACT."' WHERE id=%s AND ext_active='%s' LIMIT 1",
array(bigintval($id), $active), __FILE__, __LINE__);
// Run embeded SQL commands
// Change settings like CSS file load
if (isset($_POST['modify'])) {
// Change entries
- $CACHE_UPDATE = "0";
- foreach ($_POST['sel'] as $id=>$sel) {
+ $cache_update = 0;
+ foreach ($_POST['sel'] as $id => $sel) {
// Secure ID
$id = bigintval($id);
$active = $_POST['active'][$id];
if (GET_EXT_VERSION("sql_patches") >= "0.0.6") {
// Update also CSS column when extensions sql_patches is newer or exact v0.0.6
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%s LIMIT 1",
array($_POST['css'][$id], $active, $id), __FILE__, __LINE__);
} else {
// When extension is older than v0.0.6 there is no column for the CSS information
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%s LIMIT 1",
array($active, $id), __FILE__, __LINE__);
}
// Run SQLs on activation / deactivation
switch ($active) {
- case "Y": $EXT_LOAD_MODE = "activate"; break;
- case "N": $EXT_LOAD_MODE = "deactivate"; break;
+ case 'Y': $EXT_LOAD_MODE = "activate"; break;
+ case 'N': $EXT_LOAD_MODE = "deactivate"; break;
}
// Run embeded SQL commands
}
// Extensions changed
- OUTPUT_HTML ("<P align=\"center\">");
+ OUTPUT_HTML("<P align=\"center\">");
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_EXT_CHANGED);
- OUTPUT_HTML ("</P>");
+ OUTPUT_HTML("</P>");
} else {
// Edit selected entries
$SW = "2"; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel) {
+ foreach ($_POST['sel'] as $id => $sel) {
// Edit this extension?
if (($sel == "Y") || ($sel == "N")) {
// Load required data
if (GET_EXT_VERSION("sql_patches") >= "0.0.6") {
- $result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($name, $css, $active) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
} else {
- $result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($name, $active) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
$OUT .= LOAD_TEMPLATE("admin_extensions_edit_row", true, $content);
$SW = 3 - $SW;
}
- }
+ } // END - foreach
define('__EXTENSIONS_ROWS', $OUT);
// Load template
} elseif ((isset($_POST['delete'])) && ($SEL > 0) && (!IS_DEMO())) {
// List extensions and when verbose is enabled SQL statements which will be executed
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel) {
+ foreach ($_POST['sel'] as $id => $sel) {
+ // Init variables
$VERBOSE_OUT = ""; $SQLs = array();
- // Load extension's data
- $result = SQL_QUERY_ESC("SELECT ext_name, ext_version FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
- list($ext_name, $ext_ver) = SQL_FETCHROW($result);
+
+ // Secure id number
+ $id = bigintval($id);
+
+ // Get extension name
+ $ext_name = GET_EXT_NAME($id);
+ $ext_ver = GET_EXT_VERSION($ext_name);
// Free the result
SQL_FREERESULT($result);
- if ($CONFIG['verbose_sql']) {
+ if ($_CONFIG['verbose_sql']) {
// Load SQL commands in remove mode
$EXT_LOAD_MODE = "remove";
- $file = sprintf(PATH."inc/extensions/ext-%s.php", $ext_name);
+ $file = sprintf("%sinc/extensions/ext-%s.php", PATH, $ext_name);
include($file);
// Generate extra table with loaded SQL commands
$VERBOSE_OUT = EXTENSION_VERBOSE_TABLE($SQLs);
- }
+ } // END - if
// Prepare data for the row template
$content = array(
// Load row template and switch color
$OUT .= LOAD_TEMPLATE("admin_extensions_delete_row", true, $content);
$SW = 3 - $SW;
- }
+ } // END - foreach
define('__EXTENSIONS_ROWS', $OUT);
// Load template
$do = "delete";
} elseif ((isset($_POST['remove'])) && ($SEL > 0) && (!IS_DEMO())) {
// Remove extensions from DB (you have to delete all files manually!)
- $CACHE_UPDATE = "0";
- foreach ($_POST['sel'] as $id=>$active) {
+ $cache_update = 0;
+ foreach ($_POST['sel'] as $id => $active) {
// Secure ID number
$id = bigintval($id);
if ($active == 1) {
// Run embeded SQL commands
EXTENSION_RUN_SQLS($id, "remove");
-
- // Delete this extension (remember to remove it from your server *before* you click on welcome!
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
- }
- }
+ } // END - if
+ } // END - foreach
} elseif (!empty($_GET['do']) && (!IS_DEMO())) {
// Other things to do
$do = SQL_ESCAPE(strip_tags($_GET['do']));
$where = "";
if (!empty($_GET['active'])) {
$where = sprintf("WHERE ext_active = '%s'", SQL_ESCAPE(strip_tags($_GET['active'])));
-}
+} // END - if
// Case selection
switch ($do) {
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_EXTENSION_REGISTERED."</FONT>");
}
// Link for checking for new or updated extensions
- OUTPUT_HTML ("<BR><A href=\"".URL."/modules.php?module=admin&what=extensions&do=search\">".ADMIN_SEARCH_NEW_EXTENSIONS."</A>");
+ OUTPUT_HTML("<br /><A href=\"".URL."/modules.php?module=admin&what=extensions&do=search\">".ADMIN_SEARCH_NEW_EXTENSIONS."</A>");
break;
case "register": // Register new extension
$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE assigned_admin='%s' AND task_type='EXTENSION' LIMIT 1",
- array(bigintval(GET_ADMIN_ID($_COOKIE['admin_login']))), __FILE__, __LINE__);
+ array(bigintval(GET_ADMIN_ID(get_session('admin_login')))), __FILE__, __LINE__);
$task_found = SQL_NUMROWS($result);
// Free result
// Is the ID number valid and the task was found?
if (($id > 0) && ($task_found == 1)) {
// ID is valid so begin with registration, we first want to it's real name from task management (subject column)
- $result = SQL_QUERY_ESC("SELECT subject FROM "._MYSQL_PREFIX."_task_system WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT subject FROM "._MYSQL_PREFIX."_task_system WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($subj) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Disable cache update by default
- $CACHE_UPDATE = "0";
+ $cache_update = 0;
if (!empty($subj)) {
// Extract extension's name from subject...
$ext_name = trim(substr($subj, 1, strpos($subj, ":") - 1));
// ... so we can finally register and load it in registration mode
$status = EXTENSION_REGISTER($ext_name, $id);
- if ($status) {
+ if ($status == true) {
// Extension was found and successfully registered
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_EXTENSION_REGISTERED);
// Do we need to update cache file?
- if ((EXT_IS_ACTIVE("cache")) && ($CACHE_FILE != "no")) {
+ if ((EXT_IS_ACTIVE("cache")) && ($cacheMode != "no")) {
// Remove cache file (will be auto-created again!)
- if ($CACHE->cache_file("extensions", true)) $CACHE->cache_destroy();
- }
+ if ($cacheInstance->cache_file("config" , true)) $cacheInstance->cache_destroy();
+ if ($cacheInstance->cache_file("extensions", true)) $cacheInstance->cache_destroy();
+ if ($cacheInstance->cache_file("mod_reg" , true)) $cacheInstance->cache_destroy();
+ } // END - if
+ } elseif (GET_EXT_VERSION($ext_name) != "") {
+ // Motify the admin that we have a problem here...
+ LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_ALREADY);
} else {
// Motify the admin that we have a problem here...
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_404);
case "search": // Search for new extensions on our server
// Get response from our server
- $response = MXCHANGE_OPEN("extensions.php");
+ $response = GET_URL("extensions.php");
// Are extensions found?
if (($response[sizeof($response) - 1] == "[EOF]") && ($response[0] != "[EOF]"))
// Get count of extensions for validation
$count = trim($response[sizeof($response) - 2]);
- foreach ($response as $id=>$value)
+ foreach ($response as $id => $value)
{
$value = str_replace("\n", "", $value); $ver = "";
// Leave loop when data is invalid or EOF?
if ((substr($value, 0, 4) == "ext-") && (substr($value, -4) == ".zip"))
{
$name = substr($value, 4, -4);
- $file = sprintf(PATH."inc/extensions/ext-%s.php", $name);
+ $file = sprintf("%sinc/extensions/ext-%s.php", PATH, $name);
$ver = trim(substr($response[$id + 3], 4));
// Load current extension's version
if (empty($cver)) $cver = "-.-";
// Is the extension already installed or not?
- if (!file_exists($file) || ($ver != $cver))
+ if (!FILE_READABLE($file) || ($ver != $cver))
{
// No, it isn't. So let's add this one!
$EXT_SEARCH['fname'][] = $name;
$INFO = ADMIN_EXT_NO_INFO_FOUND;
// Trim every data line
- foreach ($LANG_DUMMY as $k=>$v)
+ foreach ($LANG_DUMMY as $k => $v)
{
$v = trim($v);
if (substr($v, 3) == "") $v = "---";
// Extensions where found which are not downloaded and installed
$SW = 2; $OUT = ""; $TSIZE = 0;
- foreach ($EXT_SEARCH['fname'] as $id=>$name)
+ foreach ($EXT_SEARCH['fname'] as $id => $name)
{
// Generate download link
$LINK = SERVER_URL."/extensions/ext-".$name.".zip";
'link' => $LINK,
'last' => MAKE_DATETIME($EXT_SEARCH['fctime'][$id], "2"),
'size' => TRANSLATE_COMMA(round($EXT_SEARCH['fsize'][$id] / 1.024) / 1000),
- 'info' => stripslashes($EXT_SEARCH['infos'][$id]),
+ 'info' => $EXT_SEARCH['infos'][$id],
);
// Load row template add current size to total size and switch color