************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Normally we want the overview of all registered extensions
$do = "overview";
-$SEL = "0";
+$SEL = 0;
if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);
if (!empty($_GET['reg_ext'])) {
// The ID comes from task management and it is - of course - *not* the extension's name!
} elseif ((isset($_POST['change'])) && ($SEL > 0) && (!IS_DEMO())) {
// De-/activate extensions
- foreach ($_POST['sel'] as $id=>$active) {
+ foreach ($_POST['sel'] as $id => $active) {
// Shall we keep the extension always active?
if ((isset($cacheArray['active_extensions'][GET_EXT_NAME($id)])) && ($cacheArray['active_extensions'][GET_EXT_NAME($id)] == "Y") && ($active == "N")) {
// Keep this extension active!
// De/activate extension
$ACT = "N"; $EXT_LOAD_MODE = "deactivate";
if ($active == "N") { $ACT = "Y"; $EXT_LOAD_MODE = "activate"; }
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='".$ACT."' WHERE id=%d AND ext_active='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='".$ACT."' WHERE id=%s AND ext_active='%s' LIMIT 1",
array(bigintval($id), $active), __FILE__, __LINE__);
// Run embeded SQL commands
// Change settings like CSS file load
if (isset($_POST['modify'])) {
// Change entries
- $cacheInstance_UPDATE = "0";
- foreach ($_POST['sel'] as $id=>$sel) {
+ $cache_update = 0;
+ foreach ($_POST['sel'] as $id => $sel) {
// Secure ID
$id = bigintval($id);
$active = $_POST['active'][$id];
if (GET_EXT_VERSION("sql_patches") >= "0.0.6") {
// Update also CSS column when extensions sql_patches is newer or exact v0.0.6
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%s LIMIT 1",
array($_POST['css'][$id], $active, $id), __FILE__, __LINE__);
} else {
// When extension is older than v0.0.6 there is no column for the CSS information
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%s LIMIT 1",
array($active, $id), __FILE__, __LINE__);
}
} else {
// Edit selected entries
$SW = "2"; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel) {
+ foreach ($_POST['sel'] as $id => $sel) {
// Edit this extension?
if (($sel == "Y") || ($sel == "N")) {
// Load required data
if (GET_EXT_VERSION("sql_patches") >= "0.0.6") {
- $result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($name, $css, $active) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
} else {
- $result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($name, $active) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
} elseif ((isset($_POST['delete'])) && ($SEL > 0) && (!IS_DEMO())) {
// List extensions and when verbose is enabled SQL statements which will be executed
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel) {
+ foreach ($_POST['sel'] as $id => $sel) {
// Init variables
$VERBOSE_OUT = ""; $SQLs = array();
$do = "delete";
} elseif ((isset($_POST['remove'])) && ($SEL > 0) && (!IS_DEMO())) {
// Remove extensions from DB (you have to delete all files manually!)
- $cacheInstance_UPDATE = "0";
- foreach ($_POST['sel'] as $id=>$active) {
+ $cache_update = 0;
+ foreach ($_POST['sel'] as $id => $active) {
// Secure ID number
$id = bigintval($id);
// Is the ID number valid and the task was found?
if (($id > 0) && ($task_found == 1)) {
// ID is valid so begin with registration, we first want to it's real name from task management (subject column)
- $result = SQL_QUERY_ESC("SELECT subject FROM "._MYSQL_PREFIX."_task_system WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT subject FROM "._MYSQL_PREFIX."_task_system WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($subj) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Disable cache update by default
- $cacheInstance_UPDATE = "0";
+ $cache_update = 0;
if (!empty($subj)) {
// Extract extension's name from subject...
$ext_name = trim(substr($subj, 1, strpos($subj, ":") - 1));
if ($cacheInstance->cache_file("config" , true)) $cacheInstance->cache_destroy();
if ($cacheInstance->cache_file("extensions", true)) $cacheInstance->cache_destroy();
if ($cacheInstance->cache_file("mod_reg" , true)) $cacheInstance->cache_destroy();
- }
+ } // END - if
} elseif (GET_EXT_VERSION($ext_name) != "") {
// Motify the admin that we have a problem here...
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_ALREADY);
case "search": // Search for new extensions on our server
// Get response from our server
- $response = MXCHANGE_OPEN("extensions.php");
+ $response = GET_URL("extensions.php");
// Are extensions found?
if (($response[sizeof($response) - 1] == "[EOF]") && ($response[0] != "[EOF]"))
// Get count of extensions for validation
$count = trim($response[sizeof($response) - 2]);
- foreach ($response as $id=>$value)
+ foreach ($response as $id => $value)
{
$value = str_replace("\n", "", $value); $ver = "";
// Leave loop when data is invalid or EOF?
if (empty($cver)) $cver = "-.-";
// Is the extension already installed or not?
- if (!file_exists($file) || ($ver != $cver))
+ if (!FILE_READABLE($file) || ($ver != $cver))
{
// No, it isn't. So let's add this one!
$EXT_SEARCH['fname'][] = $name;
$INFO = ADMIN_EXT_NO_INFO_FOUND;
// Trim every data line
- foreach ($LANG_DUMMY as $k=>$v)
+ foreach ($LANG_DUMMY as $k => $v)
{
$v = trim($v);
if (substr($v, 3) == "") $v = "---";
// Extensions where found which are not downloaded and installed
$SW = 2; $OUT = ""; $TSIZE = 0;
- foreach ($EXT_SEARCH['fname'] as $id=>$name)
+ foreach ($EXT_SEARCH['fname'] as $id => $name)
{
// Generate download link
$LINK = SERVER_URL."/extensions/ext-".$name.".zip";