X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-extensions.php;h=a8181f2999675750fbd1b211011c091c21f555bc;hp=0bff9ad22c1e379a7b7a78be1bc62a504b07538f;hb=963e55ca1ea79e255f235e359cde9f7862191dc5;hpb=b5912168d72ae511eb623c3d92540c82d31b93c5 diff --git a/inc/modules/admin/what-extensions.php b/inc/modules/admin/what-extensions.php index 0bff9ad22c..a8181f2999 100644 --- a/inc/modules/admin/what-extensions.php +++ b/inc/modules/admin/what-extensions.php @@ -32,7 +32,7 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) { +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } @@ -40,11 +40,11 @@ if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) { // Add description as navigation point ADD_DESCR("admin", basename(__FILE__)); -global $CACHE, $KEEP_ACTIVE, $CACHE_FILE; +global $cacheInstance, $cacheArray, $cacheMode; // Normally we want the overview of all registered extensions $do = "overview"; -$SEL = "0"; +$SEL = 0; if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']); if (!empty($_GET['reg_ext'])) { @@ -53,15 +53,15 @@ if (!empty($_GET['reg_ext'])) { // The ID comes from task management and it is - of course - *not* the extension's name! } elseif ((isset($_POST['change'])) && ($SEL > 0) && (!IS_DEMO())) { // De-/activate extensions - foreach ($_POST['sel'] as $id=>$active) { + foreach ($_POST['sel'] as $id => $active) { // Shall we keep the extension always active? - if ((isset($KEEP_ACTIVE[GET_EXT_NAME($id)])) && ($KEEP_ACTIVE[GET_EXT_NAME($id)] == 'Y') && ($active == 'N')) { + if ((isset($cacheArray['active_extensions'][GET_EXT_NAME($id)])) && ($cacheArray['active_extensions'][GET_EXT_NAME($id)] == "Y") && ($active == "N")) { // Keep this extension active! } else { // De/activate extension - $ACT = 'N'; $EXT_LOAD_MODE = "deactivate"; - if ($active == 'N') { $ACT = 'Y'; $EXT_LOAD_MODE = "activate"; } - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='".$ACT."' WHERE id=%d AND ext_active='%s' LIMIT 1", + $ACT = "N"; $EXT_LOAD_MODE = "deactivate"; + if ($active == "N") { $ACT = "Y"; $EXT_LOAD_MODE = "activate"; } + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='".$ACT."' WHERE id=%s AND ext_active='%s' LIMIT 1", array(bigintval($id), $active), __FILE__, __LINE__); // Run embeded SQL commands @@ -72,8 +72,8 @@ if (!empty($_GET['reg_ext'])) { // Change settings like CSS file load if (isset($_POST['modify'])) { // Change entries - $CACHE_UPDATE = "0"; - foreach ($_POST['sel'] as $id=>$sel) { + $cache_update = 0; + foreach ($_POST['sel'] as $id => $sel) { // Secure ID $id = bigintval($id); @@ -83,11 +83,11 @@ if (!empty($_GET['reg_ext'])) { $active = $_POST['active'][$id]; if (GET_EXT_VERSION("sql_patches") >= "0.0.6") { // Update also CSS column when extensions sql_patches is newer or exact v0.0.6 - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%s LIMIT 1", array($_POST['css'][$id], $active, $id), __FILE__, __LINE__); } else { // When extension is older than v0.0.6 there is no column for the CSS information - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%s LIMIT 1", array($active, $id), __FILE__, __LINE__); } @@ -109,17 +109,17 @@ if (!empty($_GET['reg_ext'])) { } else { // Edit selected entries $SW = "2"; $OUT = ""; - foreach ($_POST['sel'] as $id=>$sel) { + foreach ($_POST['sel'] as $id => $sel) { // Edit this extension? - if (($sel == 'Y') || ($sel == 'N')) { + if (($sel == "Y") || ($sel == "N")) { // Load required data if (GET_EXT_VERSION("sql_patches") >= "0.0.6") { - $result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%s LIMIT 1", array(bigintval($id)), __FILE__, __LINE__); list($name, $css, $active) = SQL_FETCHROW($result); SQL_FREERESULT($result); } else { - $result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%s LIMIT 1", array(bigintval($id)), __FILE__, __LINE__); list($name, $active) = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -143,7 +143,7 @@ if (!empty($_GET['reg_ext'])) { $OUT .= LOAD_TEMPLATE("admin_extensions_edit_row", true, $content); $SW = 3 - $SW; } - } + } // END - foreach define('__EXTENSIONS_ROWS', $OUT); // Load template @@ -153,12 +153,16 @@ if (!empty($_GET['reg_ext'])) { } elseif ((isset($_POST['delete'])) && ($SEL > 0) && (!IS_DEMO())) { // List extensions and when verbose is enabled SQL statements which will be executed $SW = 2; $OUT = ""; - foreach ($_POST['sel'] as $id=>$sel) { + foreach ($_POST['sel'] as $id => $sel) { + // Init variables $VERBOSE_OUT = ""; $SQLs = array(); - // Load extension's data - $result = SQL_QUERY_ESC("SELECT ext_name, ext_version FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); - list($ext_name, $ext_ver) = SQL_FETCHROW($result); + + // Secure id number + $id = bigintval($id); + + // Get extension name + $ext_name = GET_EXT_NAME($id); + $ext_ver = GET_EXT_VERSION($ext_name); // Free the result SQL_FREERESULT($result); @@ -166,12 +170,12 @@ if (!empty($_GET['reg_ext'])) { if ($_CONFIG['verbose_sql']) { // Load SQL commands in remove mode $EXT_LOAD_MODE = "remove"; - $file = sprintf(PATH."inc/extensions/ext-%s.php", $ext_name); + $file = sprintf("%sinc/extensions/ext-%s.php", PATH, $ext_name); include($file); // Generate extra table with loaded SQL commands $VERBOSE_OUT = EXTENSION_VERBOSE_TABLE($SQLs); - } + } // END - if // Prepare data for the row template $content = array( @@ -185,7 +189,7 @@ if (!empty($_GET['reg_ext'])) { // Load row template and switch color $OUT .= LOAD_TEMPLATE("admin_extensions_delete_row", true, $content); $SW = 3 - $SW; - } + } // END - foreach define('__EXTENSIONS_ROWS', $OUT); // Load template @@ -193,8 +197,8 @@ if (!empty($_GET['reg_ext'])) { $do = "delete"; } elseif ((isset($_POST['remove'])) && ($SEL > 0) && (!IS_DEMO())) { // Remove extensions from DB (you have to delete all files manually!) - $CACHE_UPDATE = "0"; - foreach ($_POST['sel'] as $id=>$active) { + $cache_update = 0; + foreach ($_POST['sel'] as $id => $active) { // Secure ID number $id = bigintval($id); @@ -202,12 +206,8 @@ if (!empty($_GET['reg_ext'])) { if ($active == 1) { // Run embeded SQL commands EXTENSION_RUN_SQLS($id, "remove"); - - // Delete this extension (remember to remove it from your server *before* you click on welcome! - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); - } - } + } // END - if + } // END - foreach } elseif (!empty($_GET['do']) && (!IS_DEMO())) { // Other things to do $do = SQL_ESCAPE(strip_tags($_GET['do'])); @@ -220,7 +220,7 @@ if (!empty($_GET['reg_ext'])) { $where = ""; if (!empty($_GET['active'])) { $where = sprintf("WHERE ext_active = '%s'", SQL_ESCAPE(strip_tags($_GET['active']))); -} +} // END - if // Case selection switch ($do) { @@ -282,7 +282,7 @@ case "overview": // List all registered extensions case "register": // Register new extension $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE assigned_admin='%s' AND task_type='EXTENSION' LIMIT 1", - array(bigintval(GET_ADMIN_ID($_SESSION['admin_login']))), __FILE__, __LINE__); + array(bigintval(GET_ADMIN_ID(get_session('admin_login')))), __FILE__, __LINE__); $task_found = SQL_NUMROWS($result); // Free result @@ -291,28 +291,33 @@ case "register": // Register new extension // Is the ID number valid and the task was found? if (($id > 0) && ($task_found == 1)) { // ID is valid so begin with registration, we first want to it's real name from task management (subject column) - $result = SQL_QUERY_ESC("SELECT subject FROM "._MYSQL_PREFIX."_task_system WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT subject FROM "._MYSQL_PREFIX."_task_system WHERE id=%s LIMIT 1", array(bigintval($id)), __FILE__, __LINE__); list($subj) = SQL_FETCHROW($result); SQL_FREERESULT($result); // Disable cache update by default - $CACHE_UPDATE = "0"; + $cache_update = 0; if (!empty($subj)) { // Extract extension's name from subject... $ext_name = trim(substr($subj, 1, strpos($subj, ":") - 1)); // ... so we can finally register and load it in registration mode $status = EXTENSION_REGISTER($ext_name, $id); - if ($status) { + if ($status == true) { // Extension was found and successfully registered LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_EXTENSION_REGISTERED); // Do we need to update cache file? - if ((EXT_IS_ACTIVE("cache")) && ($CACHE_FILE != "no")) { + if ((EXT_IS_ACTIVE("cache")) && ($cacheMode != "no")) { // Remove cache file (will be auto-created again!) - if ($CACHE->cache_file("extensions", true)) $CACHE->cache_destroy(); - } + if ($cacheInstance->cache_file("config" , true)) $cacheInstance->cache_destroy(); + if ($cacheInstance->cache_file("extensions", true)) $cacheInstance->cache_destroy(); + if ($cacheInstance->cache_file("mod_reg" , true)) $cacheInstance->cache_destroy(); + } // END - if + } elseif (GET_EXT_VERSION($ext_name) != "") { + // Motify the admin that we have a problem here... + LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_ALREADY); } else { // Motify the admin that we have a problem here... LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_404); @@ -332,7 +337,7 @@ case "register": // Register new extension case "search": // Search for new extensions on our server // Get response from our server - $response = MXCHANGE_OPEN("extensions.php"); + $response = GET_URL("extensions.php"); // Are extensions found? if (($response[sizeof($response) - 1] == "[EOF]") && ($response[0] != "[EOF]")) @@ -349,14 +354,14 @@ case "search": // Search for new extensions on our server // Get count of extensions for validation $count = trim($response[sizeof($response) - 2]); - foreach ($response as $id=>$value) + foreach ($response as $id => $value) { $value = str_replace("\n", "", $value); $ver = ""; // Leave loop when data is invalid or EOF? if ((substr($value, 0, 4) == "ext-") && (substr($value, -4) == ".zip")) { $name = substr($value, 4, -4); - $file = sprintf(PATH."inc/extensions/ext-%s.php", $name); + $file = sprintf("%sinc/extensions/ext-%s.php", PATH, $name); $ver = trim(substr($response[$id + 3], 4)); // Load current extension's version @@ -364,7 +369,7 @@ case "search": // Search for new extensions on our server if (empty($cver)) $cver = "-.-"; // Is the extension already installed or not? - if (!file_exists($file) || ($ver != $cver)) + if (!FILE_READABLE($file) || ($ver != $cver)) { // No, it isn't. So let's add this one! $EXT_SEARCH['fname'][] = $name; @@ -378,7 +383,7 @@ case "search": // Search for new extensions on our server $INFO = ADMIN_EXT_NO_INFO_FOUND; // Trim every data line - foreach ($LANG_DUMMY as $k=>$v) + foreach ($LANG_DUMMY as $k => $v) { $v = trim($v); if (substr($v, 3) == "") $v = "---"; @@ -407,7 +412,7 @@ case "search": // Search for new extensions on our server // Extensions where found which are not downloaded and installed $SW = 2; $OUT = ""; $TSIZE = 0; - foreach ($EXT_SEARCH['fname'] as $id=>$name) + foreach ($EXT_SEARCH['fname'] as $id => $name) { // Generate download link $LINK = SERVER_URL."/extensions/ext-".$name.".zip";