From 939bce138060b727dc96764df88fbb8e4e7049c7 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Fri, 5 Dec 2008 16:18:51 +0000 Subject: [PATCH] More extension-depending menus secured --- inc/databases.php | 2 +- inc/modules/admin/overview-inc.php | 2 +- inc/modules/guest/action- | 6 ++++++ inc/modules/guest/action-admin.php | 3 +++ inc/modules/guest/action-main.php | 3 +++ inc/modules/guest/action-members.php | 3 +++ inc/modules/guest/action-sponsor.php | 6 ++++++ inc/modules/guest/action-themes.php | 3 +++ inc/modules/guest/what-wernis_portal.php | 3 +++ inc/modules/index.php | 3 +++ inc/modules/member/action- | 3 +++ inc/modules/member/action-bank.php | 3 +++ inc/modules/member/action-order.php | 3 +++ inc/modules/member/action-surfbar.php | 3 +++ inc/modules/member/action-themes.php | 3 +++ inc/modules/member/what-bank_create.php | 3 +++ inc/modules/member/what-bank_deposit.php | 3 +++ inc/modules/member/what-bank_infos.php | 3 +++ inc/modules/member/what-bank_output.php | 3 +++ inc/modules/member/what-bank_withdraw.php | 3 +++ inc/modules/member/what-payout.php | 1 - inc/modules/member/what-refback.php | 1 - inc/modules/member/what-sponsor.php | 3 +++ inc/modules/member/what-surfbar_book.php | 1 - inc/modules/member/what-surfbar_list.php | 3 +++ inc/modules/member/what-surfbar_start.php | 1 - inc/modules/member/what-surfbar_stats.php | 3 +++ inc/modules/member/what-themes.php | 3 +++ inc/modules/member/what-wernis.php | 1 - 29 files changed, 74 insertions(+), 7 deletions(-) diff --git a/inc/databases.php b/inc/databases.php index d31263f640..ad12324fb3 100644 --- a/inc/databases.php +++ b/inc/databases.php @@ -114,7 +114,7 @@ define('USAGE_BASE', "usage"); define('SERVER_URL', "http://www.mxchange.org"); // Current SVN revision -define('CURR_SVN_REVISION', "597"); +define('CURR_SVN_REVISION', "598"); // Take a prime number which is long (if you know a longer one please try it out!) define('_PRIME', 591623); diff --git a/inc/modules/admin/overview-inc.php b/inc/modules/admin/overview-inc.php index 5e84a577fd..fe806cb55e 100644 --- a/inc/modules/admin/overview-inc.php +++ b/inc/modules/admin/overview-inc.php @@ -445,7 +445,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { ); // Do we have extension task? - if (($type == "EXTENSION") && (!GET_EXT_VERSION($infos) == "")) { + if (($type == "EXTENSION") && (GET_EXT_VERSION($infos) == "")) { // Load extension row template LOAD_TEMPLATE("admin_overview_list_ext_rows", false, $content); } else { diff --git a/inc/modules/guest/action- b/inc/modules/guest/action- index 0814201b13..c5c60dbc49 100644 --- a/inc/modules/guest/action- +++ b/inc/modules/guest/action- @@ -35,6 +35,12 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); +} elseif (!EXT_IS_ACTIVE("")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, ""); + return; +} elseif ($BLOCK_MODE) { + // Block mode detected + return; } // Add description as navigation point diff --git a/inc/modules/guest/action-admin.php b/inc/modules/guest/action-admin.php index 17443554f4..d62329fd1a 100644 --- a/inc/modules/guest/action-admin.php +++ b/inc/modules/guest/action-admin.php @@ -35,6 +35,9 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); +} elseif ($BLOCK_MODE) { + // Block mode detected + return; } if (GET_ACTION("guest", $GLOBALS['what']) == "admin") { diff --git a/inc/modules/guest/action-main.php b/inc/modules/guest/action-main.php index a1c35d51cd..3177c10227 100644 --- a/inc/modules/guest/action-main.php +++ b/inc/modules/guest/action-main.php @@ -35,6 +35,9 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); +} elseif ($BLOCK_MODE) { + // Block mode detected + return; } // Add description as navigation point diff --git a/inc/modules/guest/action-members.php b/inc/modules/guest/action-members.php index d066e56036..75779be80c 100644 --- a/inc/modules/guest/action-members.php +++ b/inc/modules/guest/action-members.php @@ -35,6 +35,9 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); +} elseif ($BLOCK_MODE) { + // Block mode detected + return; } // Add description as navigation point diff --git a/inc/modules/guest/action-sponsor.php b/inc/modules/guest/action-sponsor.php index deeabb891b..2cd8983eda 100644 --- a/inc/modules/guest/action-sponsor.php +++ b/inc/modules/guest/action-sponsor.php @@ -34,6 +34,12 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); +} elseif (!EXT_IS_ACTIVE("sponsor")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor"); + return; +} elseif ($BLOCK_MODE) { + // Block mode detected + return; } // Add description as navigation point diff --git a/inc/modules/guest/action-themes.php b/inc/modules/guest/action-themes.php index a94178bff6..522158d0ab 100644 --- a/inc/modules/guest/action-themes.php +++ b/inc/modules/guest/action-themes.php @@ -35,6 +35,9 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); +} elseif (!EXT_IS_ACTIVE("theme")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "theme"); + return; } // Already loaded? diff --git a/inc/modules/guest/what-wernis_portal.php b/inc/modules/guest/what-wernis_portal.php index dae458d7fb..0cb400b6cb 100644 --- a/inc/modules/guest/what-wernis_portal.php +++ b/inc/modules/guest/what-wernis_portal.php @@ -35,6 +35,9 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); +} elseif (!EXT_IS_ACTIVE("wernis")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "wernis"); + return; } // Special file diff --git a/inc/modules/index.php b/inc/modules/index.php index e43f686935..1ac4b99122 100644 --- a/inc/modules/index.php +++ b/inc/modules/index.php @@ -107,6 +107,9 @@ if (($_CONFIG['guest_menu'] == "Y") || (!EXT_IS_ACTIVE("sql_patches", true))) { // TDs between menu and content LOAD_TEMPLATE("guest_menu_content"); +// Disable block-mode by default +$BLOCK_MODE = false; + $INC_ACTION = sprintf("%sinc/modules/guest/action-%s.php", PATH, $act); if ((FILE_READABLE($INC_ACTION)) && (VALIDATE_MENU_ACTION("guest", $act, $GLOBALS['what']))) { // Requested module is available so we load it diff --git a/inc/modules/member/action- b/inc/modules/member/action- index 67fc3812cb..171ebea3ad 100644 --- a/inc/modules/member/action- +++ b/inc/modules/member/action- @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_LOGGED_IN()) { LOAD_URL(URL."/modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, ""); + return; } elseif ($BLOCK_MODE) { // Block mode detected return; diff --git a/inc/modules/member/action-bank.php b/inc/modules/member/action-bank.php index 0e60f78b6b..459b46d176 100644 --- a/inc/modules/member/action-bank.php +++ b/inc/modules/member/action-bank.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("bank")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "bank"); + return; } elseif ($BLOCK_MODE) { // Block mode detected return; diff --git a/inc/modules/member/action-order.php b/inc/modules/member/action-order.php index 3bb82fa237..5b1492cab3 100644 --- a/inc/modules/member/action-order.php +++ b/inc/modules/member/action-order.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("order")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order"); + return; } elseif ($BLOCK_MODE) { // Block mode detected return; diff --git a/inc/modules/member/action-surfbar.php b/inc/modules/member/action-surfbar.php index 19b460abbe..f1f864698d 100644 --- a/inc/modules/member/action-surfbar.php +++ b/inc/modules/member/action-surfbar.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL(URL."/modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("surfbar")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "surfbar"); + return; } elseif ($BLOCK_MODE) { // Block mode detected return; diff --git a/inc/modules/member/action-themes.php b/inc/modules/member/action-themes.php index fc90a45ed7..493833f320 100644 --- a/inc/modules/member/action-themes.php +++ b/inc/modules/member/action-themes.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("theme")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "theme"); + return; } // Already defined? diff --git a/inc/modules/member/what-bank_create.php b/inc/modules/member/what-bank_create.php index c5cffb56af..5d50ac7dda 100644 --- a/inc/modules/member/what-bank_create.php +++ b/inc/modules/member/what-bank_create.php @@ -35,6 +35,9 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); +} elseif (!EXT_IS_ACTIVE("bank")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "bank"); + return; } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); } diff --git a/inc/modules/member/what-bank_deposit.php b/inc/modules/member/what-bank_deposit.php index c5cffb56af..9316759fe2 100644 --- a/inc/modules/member/what-bank_deposit.php +++ b/inc/modules/member/what-bank_deposit.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("bank")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "bank"); + return; } // Add description as navigation point diff --git a/inc/modules/member/what-bank_infos.php b/inc/modules/member/what-bank_infos.php index c5cffb56af..9316759fe2 100644 --- a/inc/modules/member/what-bank_infos.php +++ b/inc/modules/member/what-bank_infos.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("bank")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "bank"); + return; } // Add description as navigation point diff --git a/inc/modules/member/what-bank_output.php b/inc/modules/member/what-bank_output.php index c5cffb56af..9316759fe2 100644 --- a/inc/modules/member/what-bank_output.php +++ b/inc/modules/member/what-bank_output.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("bank")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "bank"); + return; } // Add description as navigation point diff --git a/inc/modules/member/what-bank_withdraw.php b/inc/modules/member/what-bank_withdraw.php index c5cffb56af..9316759fe2 100644 --- a/inc/modules/member/what-bank_withdraw.php +++ b/inc/modules/member/what-bank_withdraw.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("bank")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "bank"); + return; } // Add description as navigation point diff --git a/inc/modules/member/what-payout.php b/inc/modules/member/what-payout.php index d352d80cf7..1c81b69455 100644 --- a/inc/modules/member/what-payout.php +++ b/inc/modules/member/what-payout.php @@ -40,7 +40,6 @@ if (!defined('__SECURITY')) { // Not logged in LOAD_URL("modules.php?module=index"); } elseif (!EXT_IS_ACTIVE("payout")) { - // Extension "payout" is not active ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "payout"); return; } diff --git a/inc/modules/member/what-refback.php b/inc/modules/member/what-refback.php index efc0964132..a3e61a45a1 100644 --- a/inc/modules/member/what-refback.php +++ b/inc/modules/member/what-refback.php @@ -39,7 +39,6 @@ if (!defined('__SECURITY')) { // User is not logged in LOAD_URL("modules.php?module=index"); } elseif (!EXT_IS_ACTIVE("refback")) { - // Extension "refback" is not active ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "refback"); return; } diff --git a/inc/modules/member/what-sponsor.php b/inc/modules/member/what-sponsor.php index 0360d6ecb0..059429d87f 100644 --- a/inc/modules/member/what-sponsor.php +++ b/inc/modules/member/what-sponsor.php @@ -36,6 +36,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL(URL."/modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("sponsor")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor"); + return; } // Add description as navigation point diff --git a/inc/modules/member/what-surfbar_book.php b/inc/modules/member/what-surfbar_book.php index 977548668f..b81c7d785c 100644 --- a/inc/modules/member/what-surfbar_book.php +++ b/inc/modules/member/what-surfbar_book.php @@ -39,7 +39,6 @@ if (!defined('__SECURITY')) { // Redirect LOAD_URL(URL."/modules.php?module=index"); } elseif (!EXT_IS_ACTIVE("surfbar")) { - // Extension "surfbar" is not active ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "surfbar"); return; } diff --git a/inc/modules/member/what-surfbar_list.php b/inc/modules/member/what-surfbar_list.php index b9ac2954a1..243d4800b5 100644 --- a/inc/modules/member/what-surfbar_list.php +++ b/inc/modules/member/what-surfbar_list.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL(URL."/modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("surfbar")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "surfbar"); + return; } // Add description as navigation point diff --git a/inc/modules/member/what-surfbar_start.php b/inc/modules/member/what-surfbar_start.php index d7eff2727c..7e2f7036bb 100644 --- a/inc/modules/member/what-surfbar_start.php +++ b/inc/modules/member/what-surfbar_start.php @@ -39,7 +39,6 @@ if (!defined('__SECURITY')) { // Not logged in LOAD_URL("modules.php?module=index"); } elseif (!EXT_IS_ACTIVE("surfbar")) { - // Extension "surfbar" is not active ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "surfbar"); return; } diff --git a/inc/modules/member/what-surfbar_stats.php b/inc/modules/member/what-surfbar_stats.php index 7e7101b6f8..38ae863068 100644 --- a/inc/modules/member/what-surfbar_stats.php +++ b/inc/modules/member/what-surfbar_stats.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL(URL."/modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("surfbar")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "surfbar"); + return; } // Add description as navigation point diff --git a/inc/modules/member/what-themes.php b/inc/modules/member/what-themes.php index ec009de394..ecce7b10fc 100644 --- a/inc/modules/member/what-themes.php +++ b/inc/modules/member/what-themes.php @@ -37,6 +37,9 @@ if (!defined('__SECURITY')) { require($INC); } elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif (!EXT_IS_ACTIVE("theme")) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "theme"); + return; } // Add description as navigation point diff --git a/inc/modules/member/what-wernis.php b/inc/modules/member/what-wernis.php index 8578e52479..227d5031a0 100644 --- a/inc/modules/member/what-wernis.php +++ b/inc/modules/member/what-wernis.php @@ -39,7 +39,6 @@ if (!defined('__SECURITY')) { // User is not logged in LOAD_URL("modules.php?module=index"); } elseif (!EXT_IS_ACTIVE("wernis")) { - // Extension "wernis" is not activated ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "wernis"); return; } -- 2.39.2