X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-extensions.php;h=a8181f2999675750fbd1b211011c091c21f555bc;hp=d574a547ca66d0b70c6c9de92d95fc8cb550e3ec;hb=963e55ca1ea79e255f235e359cde9f7862191dc5;hpb=75ad748a68473ace540251427a74fb781b1145e9 diff --git a/inc/modules/admin/what-extensions.php b/inc/modules/admin/what-extensions.php index d574a547ca..a8181f2999 100644 --- a/inc/modules/admin/what-extensions.php +++ b/inc/modules/admin/what-extensions.php @@ -32,7 +32,7 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) { +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } @@ -40,11 +40,11 @@ if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) { // Add description as navigation point ADD_DESCR("admin", basename(__FILE__)); -global $CACHE, $KEEP_ACTIVE, $CACHE_FILE; +global $cacheInstance, $cacheArray, $cacheMode; // Normally we want the overview of all registered extensions $do = "overview"; -$SEL = "0"; +$SEL = 0; if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']); if (!empty($_GET['reg_ext'])) { @@ -53,15 +53,15 @@ if (!empty($_GET['reg_ext'])) { // The ID comes from task management and it is - of course - *not* the extension's name! } elseif ((isset($_POST['change'])) && ($SEL > 0) && (!IS_DEMO())) { // De-/activate extensions - foreach ($_POST['sel'] as $id=>$active) { + foreach ($_POST['sel'] as $id => $active) { // Shall we keep the extension always active? - if ((isset($KEEP_ACTIVE[GET_EXT_NAME($id)])) && ($KEEP_ACTIVE[GET_EXT_NAME($id)] == "Y") && ($active == "N")) { + if ((isset($cacheArray['active_extensions'][GET_EXT_NAME($id)])) && ($cacheArray['active_extensions'][GET_EXT_NAME($id)] == "Y") && ($active == "N")) { // Keep this extension active! } else { // De/activate extension $ACT = "N"; $EXT_LOAD_MODE = "deactivate"; if ($active == "N") { $ACT = "Y"; $EXT_LOAD_MODE = "activate"; } - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='".$ACT."' WHERE id=%d AND ext_active='%s' LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='".$ACT."' WHERE id=%s AND ext_active='%s' LIMIT 1", array(bigintval($id), $active), __FILE__, __LINE__); // Run embeded SQL commands @@ -72,8 +72,8 @@ if (!empty($_GET['reg_ext'])) { // Change settings like CSS file load if (isset($_POST['modify'])) { // Change entries - $CACHE_UPDATE = "0"; - foreach ($_POST['sel'] as $id=>$sel) { + $cache_update = 0; + foreach ($_POST['sel'] as $id => $sel) { // Secure ID $id = bigintval($id); @@ -83,18 +83,18 @@ if (!empty($_GET['reg_ext'])) { $active = $_POST['active'][$id]; if (GET_EXT_VERSION("sql_patches") >= "0.0.6") { // Update also CSS column when extensions sql_patches is newer or exact v0.0.6 - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%s LIMIT 1", array($_POST['css'][$id], $active, $id), __FILE__, __LINE__); } else { // When extension is older than v0.0.6 there is no column for the CSS information - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%s LIMIT 1", array($active, $id), __FILE__, __LINE__); } // Run SQLs on activation / deactivation switch ($active) { - case "Y": $EXT_LOAD_MODE = "activate"; break; - case "N": $EXT_LOAD_MODE = "deactivate"; break; + case 'Y': $EXT_LOAD_MODE = "activate"; break; + case 'N': $EXT_LOAD_MODE = "deactivate"; break; } // Run embeded SQL commands @@ -103,23 +103,23 @@ if (!empty($_GET['reg_ext'])) { } // Extensions changed - OUTPUT_HTML ("
"); + OUTPUT_HTML("
"); LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_EXT_CHANGED); - OUTPUT_HTML ("
"); + OUTPUT_HTML(""); } else { // Edit selected entries $SW = "2"; $OUT = ""; - foreach ($_POST['sel'] as $id=>$sel) { + foreach ($_POST['sel'] as $id => $sel) { // Edit this extension? if (($sel == "Y") || ($sel == "N")) { // Load required data if (GET_EXT_VERSION("sql_patches") >= "0.0.6") { - $result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%s LIMIT 1", array(bigintval($id)), __FILE__, __LINE__); list($name, $css, $active) = SQL_FETCHROW($result); SQL_FREERESULT($result); } else { - $result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%s LIMIT 1", array(bigintval($id)), __FILE__, __LINE__); list($name, $active) = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -143,7 +143,7 @@ if (!empty($_GET['reg_ext'])) { $OUT .= LOAD_TEMPLATE("admin_extensions_edit_row", true, $content); $SW = 3 - $SW; } - } + } // END - foreach define('__EXTENSIONS_ROWS', $OUT); // Load template @@ -153,25 +153,29 @@ if (!empty($_GET['reg_ext'])) { } elseif ((isset($_POST['delete'])) && ($SEL > 0) && (!IS_DEMO())) { // List extensions and when verbose is enabled SQL statements which will be executed $SW = 2; $OUT = ""; - foreach ($_POST['sel'] as $id=>$sel) { + foreach ($_POST['sel'] as $id => $sel) { + // Init variables $VERBOSE_OUT = ""; $SQLs = array(); - // Load extension's data - $result = SQL_QUERY_ESC("SELECT ext_name, ext_version FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); - list($ext_name, $ext_ver) = SQL_FETCHROW($result); + + // Secure id number + $id = bigintval($id); + + // Get extension name + $ext_name = GET_EXT_NAME($id); + $ext_ver = GET_EXT_VERSION($ext_name); // Free the result SQL_FREERESULT($result); - if ($CONFIG['verbose_sql']) { + if ($_CONFIG['verbose_sql']) { // Load SQL commands in remove mode $EXT_LOAD_MODE = "remove"; - $file = sprintf(PATH."inc/extensions/ext-%s.php", $ext_name); + $file = sprintf("%sinc/extensions/ext-%s.php", PATH, $ext_name); include($file); // Generate extra table with loaded SQL commands $VERBOSE_OUT = EXTENSION_VERBOSE_TABLE($SQLs); - } + } // END - if // Prepare data for the row template $content = array( @@ -185,7 +189,7 @@ if (!empty($_GET['reg_ext'])) { // Load row template and switch color $OUT .= LOAD_TEMPLATE("admin_extensions_delete_row", true, $content); $SW = 3 - $SW; - } + } // END - foreach define('__EXTENSIONS_ROWS', $OUT); // Load template @@ -193,8 +197,8 @@ if (!empty($_GET['reg_ext'])) { $do = "delete"; } elseif ((isset($_POST['remove'])) && ($SEL > 0) && (!IS_DEMO())) { // Remove extensions from DB (you have to delete all files manually!) - $CACHE_UPDATE = "0"; - foreach ($_POST['sel'] as $id=>$active) { + $cache_update = 0; + foreach ($_POST['sel'] as $id => $active) { // Secure ID number $id = bigintval($id); @@ -202,12 +206,8 @@ if (!empty($_GET['reg_ext'])) { if ($active == 1) { // Run embeded SQL commands EXTENSION_RUN_SQLS($id, "remove"); - - // Delete this extension (remember to remove it from your server *before* you click on welcome! - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); - } - } + } // END - if + } // END - foreach } elseif (!empty($_GET['do']) && (!IS_DEMO())) { // Other things to do $do = SQL_ESCAPE(strip_tags($_GET['do'])); @@ -220,7 +220,7 @@ if (!empty($_GET['reg_ext'])) { $where = ""; if (!empty($_GET['active'])) { $where = sprintf("WHERE ext_active = '%s'", SQL_ESCAPE(strip_tags($_GET['active']))); -} +} // END - if // Case selection switch ($do) { @@ -277,12 +277,12 @@ case "overview": // List all registered extensions LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_EXTENSION_REGISTERED.""); } // Link for checking for new or updated extensions - OUTPUT_HTML ("