/** * Main driver to handle the uploaded autotag * * Determines if a new style (supports automated installer) or * an old style. * * @return string Formatted HTML containing the page body * */ function processAutotagUpload() { global $_CONF, $_PLUGINS, $_TABLES, $autotagData, $LANG32, $_DB_dbms, $_DB_table_prefix; $retval = ''; $upgrade = false; $errors = ''; if (count($_FILES) > 0 && $_FILES['autotagfile']['error'] != UPLOAD_ERR_NO_FILE) { require_once $_CONF['path_system'] . 'classes/upload.class.php'; $upload = new upload(); if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) { $upload->setLogFile($_CONF['path'] . 'logs/error.log'); $upload->setDebug(true); } $upload->setMaxFileUploads(1); $upload->setMaxFileSize(4194304); $upload->setAllowedMimeTypes(array('application/x-gzip' => '.gz,.gzip,tgz', 'application/zip' => '.zip')); $upload->setFieldName('autotagfile'); if (!$upload->setPath($_CONF['path_data'] . 'temp')) { return _at_errorBox($upload->printErrors(false)); exit; } $filename = COM_sanitizeFilename($_FILES['autotagfile']['name'], true); $upload->setFileNames($filename); $upload->uploadFiles(); if ($upload->areErrors()) { return _at_errorBox($upload->printErrors(false)); exit; } $Finalfilename = $_CONF['path_data'] . 'temp/' . $filename; } else { return _at_errorBox($LANG32[46]); } // decompress into temp directory if (function_exists('set_time_limit')) { @set_time_limit(60); } if (!($tmp = _io_mktmpdir())) { return _at_errorBox($LANG32[47]); } if (!COM_decompress($Finalfilename, $_CONF['path_data'] . $tmp)) { _pi_deleteDir($_CONF['path_data'] . $tmp); return _at_errorBox($LANG32[48]); } @unlink($Finalfilename); // read XML data file, places in $autotagData; $autotagData = array(); $rc = _at_parseXML($_CONF['path_data'] . $tmp); if ($rc == -1) { // no xml file found _pi_deleteDir($_CONF['path_data'] . $tmp); return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion'])); } if (!isset($autotagData['id']) || !isset($autotagData['version'])) { _pi_deleteDir($_CONF['path_data'] . $tmp); return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion'])); } // proper glfusion version if (!COM_checkVersion(GVERSION, $autotagData['glfusionversion'])) { _pi_deleteDir($_CONF['path_data'] . $tmp); return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion'])); } if (!COM_checkVersion(phpversion(), $autotagData['phpversion'])) { $retval .= sprintf($LANG32[50], $autotagData['phpversion']); _pi_deleteDir($_CONF['path_data'] . $tmp); return _at_errorBox(sprintf($LANG32[50], $autotagData['phpversion'])); } if ($errors != '') { _pi_deleteDir($_CONF['path_data'] . $tmp); return _at_errorBox($errors); } // check to see if an auto tag already exists... // removed so we can update existing auto tags /* $result = DB_query("SELECT * FROM {$_TABLES['autotags']} WHERE tag='".DB_escapeString($autotagData['id'])."'"); if ( DB_numRows($result) > 0 ) { _pi_deleteDir($_CONF['path_data'].$tmp); return _at_errorBox(sprintf($LANG32[52],$autotagData['id'])); } */ $permError = 0; $permErrorList = ''; if (function_exists('set_time_limit')) { @set_time_limit(30); } // test copy to proper directories $autotagData['id'] = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', $autotagData['id']); list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $autotagData['id'] . '/', $_CONF['path_system'] . 'autotags/'); if ($rc > 0) { $permError = 1; foreach ($failed as $filename) { $permErrorList .= sprintf($LANG32[41], $filename); } } if ($permError != 0) { $errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44]; _pi_deleteDir($_CONF['path_data'] . $tmp); return _at_errorBox($errorMessage); } $T = new Template($_CONF['path_layout'] . 'admin/autotag'); $T->set_file('form', 'autotag_upload_confirm.thtml'); $T->set_var(array('form_action_url' => $_CONF['site_admin_url'] . '/autotag_upload.php', 'action' => 'processupload', 'pi_name' => $autotagData['id'], 'pi_version' => $autotagData['version'], 'pi_url' => $autotagData['url'], 'pi_gl_version' => $autotagData['glfusionversion'], 'pi_desc' => $autotagData['description'], 'pi_author' => $autotagData['author'], 'upgrade' => $upgrade, 'temp_dir' => $tmp)); $retval .= $T->parse('output', 'form'); return $retval; }
/** * Perform the upgrade starting at the current version. * * @since version 0.4.0 * @return integer Error code, 0 for success */ function PAYPAL_do_upgrade() { global $_TABLES, $_CONF, $_PP_CONF, $_PP_DEFAULTS, $PP_UPGRADE, $_PLUGIN_INFO; if (isset($_PLUGIN_INFO[$_PP_CONF['pi_name']])) { $current_ver = $_PLUGIN_INFO[$_PP_CONF['pi_name']]; } else { return false; } // Get the config instance, several upgrades might need it $c = config::get_instance(); if (!COM_checkVersion($current_ver, '0.2')) { // upgrade to 0.2.2 $current_ver = '0.2.2'; if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.0')) { // upgrade to 0.4.0 $current_ver = '0.4.0'; if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!plugin_initconfig_paypal()) { return false; } // Migrate existing categories to the new category table $r = DB_query("SELECT DISTINCT category\n FROM {$_TABLES['paypal.products']}\n WHERE category <> '' and category IS NOT NULL"); if (DB_error()) { COM_errorLog("Could not retrieve old categories", 1); return false; } if (DB_numRows($r) > 0) { while ($A = DB_fetchArray($r, false)) { DB_query("INSERT INTO {$_TABLES['paypal.categories']}\n (cat_name)\n VALUES ('{$A['category']}')"); if (DB_error()) { COM_errorLog("Could not add new category {$A['category']}", 1); return false; } $cats[$A['category']] = DB_insertID(); } // Now populate the cross-reference table $r = DB_query("SELECT id, category\n FROM {$_TABLES['paypal.products']}"); if (DB_error()) { COM_errorLog("Error retrieving category data from products", 1); return false; } if (DB_numRows($r) > 0) { while ($A = DB_fetchArray($r, false)) { DB_query("UPDATE {$_TABLES['paypal.products']}\n SET cat_id = '{$cats[$A['category']]}'\n WHERE id = '{$A['id']}'"); if (DB_error()) { COM_errorLog("Error updating prodXcat table", 1); return false; } } } DB_query("ALTER TABLE {$_TABLES['paypal.products']}\n DROP category"); } // Add buttons to the product records or they won't be shown. // Old paypal version always has buy_now and add_cart buttons. $buttons = serialize(array('buy_now' => '', 'add_cart' => '')); DB_query("UPDATE {$_TABLES['paypal.products']} \n SET buttons='{$buttons}',\n dt_add = UNIX_TIMESTAMP()"); // Finally, rename any existing config.php file since we now use // the online configuration. $pi_path = $_CONF['path'] . '/plugins/' . $_PP_CONF['pi_name']; if (is_file($pi_path . '/config.php')) { COM_errorLog("Renaming old config.php file to {$pi_path}/config.old.php", 1); if (!rename($pi_path . '/config.php', $pi_path . '/config.old.php')) { COM_errorLog("Failed to rename old config.php file. Manual intervention needed", 1); } } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.1')) { // upgrade to 0.4.1 $current_ver = '0.4.1'; if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if ($c->group_exists($_PP_CONF['pi_name'])) { $c->add('blk_random_limit', $_PP_DEFAULTS['blk_random_limit'], 'text', 0, 30, 2, 40, true, $_PP_CONF['pi_name']); $c->add('blk_featured_limit', $_PP_DEFAULTS['blk_featured_limit'], 'text', 0, 30, 2, 50, true, $_PP_CONF['pi_name']); $c->add('blk_popular_limit', $_PP_DEFAULTS['blk_popular_limit'], 'text', 0, 30, 2, 60, true, $_PP_CONF['pi_name']); $c->add('fs_debug', NULL, 'fieldset', 0, 50, NULL, 0, true, $_PP_CONF['pi_name']); $c->add('debug', $_PP_DEFAULTS['debug'], 'select', 0, 50, 2, 10, true, $_PP_CONF['pi_name']); } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.2')) { // upgrade to 0.4.2 $current_ver = '0.4.2'; if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.3')) { // upgrade to 0.4.3 // this adds a field that was possibly missing in the initial // installation, but could have been added in the 0.4.1 update. So, // an error is to be expected and ignored $current_ver = '0.4.3'; if (!PAYPAL_do_upgrade_sql($current_ver, true)) { return false; } if ($c->group_exists($_PP_CONF['pi_name'])) { $c->add('def_expiration', $_PP_DEFAULTS['def_expiration'], 'text', 0, 30, 0, 40, true, $_PP_CONF['pi_name']); } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.4')) { $current_ver = '0.4.4'; // Remove individual block selections and combine into one $displayblocks = 0; if ($_PP_CONF['leftblocks'] == 1) { $displayblocks += 1; } if ($_PP_CONF['rightblocks'] == 1) { $displayblocks += 2; } $c->del('leftblocks', 'paypal'); $c->del('rightblocks', 'paypal'); $c->add('displayblocks', $displayblocks, 'select', 0, 0, 13, 210, true, $_PP_CONF['pi_name']); $c->add('debug_ipn', $_PP_DEFAULTS['debug_ipn'], 'select', 0, 50, 2, 20, true, $_PP_CONF['pi_name']); if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.5')) { $current_ver = '0.4.5'; // Add notification email override $c->add('admin_email_addr', $_PP_DEFAULTS['admin_email_addr'], 'text', 0, 0, 0, 40, true, $_PP_CONF['pi_name']); if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.4.5')) { $current_ver = '0.4.5'; // Move the buy_now buttons into a separate table $sql = "SELECT id, buttons FROM {$_TABLES['paypal.products']}"; $res = DB_query($sql, 1); while ($A = DB_fetchArray($res, false)) { $id = $A['id']; $btns = @unserialize($A['buttons']); if ($btns && isset($btns['buy_now'])) { $button = DB_escapeString($btns['buy_now']); } else { $button = ''; } DB_query("INSERT INTO {$_TABLES['paypal.buttons']} VALUES\n ('{$id}', 'paypal', '{$button}')", 1); } if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.0')) { $current_ver = '0.5.0'; // Perform the main database upgrades // The first few lines get the schema updated for elements that // may have been missed (0.4.4 wasn't updated properly). // Errors need to be ignored for these. DB_query("ALTER TABLE {$_TABLES['paypal.products']}\n ADD options text after show_popular", 1); DB_query("ALTER TABLE {$_TABLES['paypal.purchases']}\n ADD token varchar(40) after price", 1); if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } // Move the global PayPal-specific configurations into the config table $receiver_email = DB_escapeString($_PP_CONF['receiver_email'][0]); $gwconfig = array('bus_prod_email' => $receiver_email, 'bus_test_email' => $receiver_email, 'micro_prod_email' => $receiver_email, 'micro_test_email' => $receiver_email, 'micro_threshold' => 10, 'prod_url' => 'https://www.paypal.com', 'sandbox_url' => 'https://www.sandbox.paypal.com', 'test_mode' => (int) $_PP_CONF['testing'], 'prv_key' => DB_escapeString($_PP_CONF['prv_key']), 'pub_key' => DB_escapeString($_PP_CONF['pub_key']), 'pp_cert' => DB_escapeString($_PP_CONF['pp_cert']), 'pp_cert_id' => DB_escapeString($_PP_CONF['pp_cert_id']), 'micro_cert_id' => DB_escapeString($_PP_CONF['pp_cert_id']), 'encrypt' => (int) $_PP_CONF['encrypt_buttons']); $db_config = DB_escapeString(@serialize($gwconfig)); $services = array('buy_now' => 1, 'pay_now' => 1, 'checkout' => 1, 'donation' => 1, 'subscribe' => 1, 'external' => 1); $db_services = DB_escapeString(@serialize($services)); $sql = "INSERT INTO {$_TABLES['paypal.gateways']}\n (id, orderby, enabled, description, config, services)\n VALUES\n ('paypal', 10, 1, 'Paypal Website Payments Standard',\n '{$db_config}', '{$db_services}'),\n ('amazon', 20, 0, 'Amazon SimplePay', '', '{$db_services}')"; //echo $sql;die; // ... and remove Paypal-specific configs from the main config system $c->del('receiver_email', 'paypal'); $c->del('testing', 'paypal'); $c->del('paypal_url', 'paypal'); $c->del('prod_url', 'paypal'); $c->del('use_css_menus', 'paypal'); // Just not used any more $c->del('encrypt_buttons', 'paypal'); $c->del('prv_key', 'paypal'); $c->del('pub_key', 'paypal'); $c->del('pp_cert', 'paypal'); $c->del('pp_cert_id', 'paypal'); // Add new plugin config items $c->add('fs_addresses', NULL, 'fieldset', 0, 60, NULL, 0, true, $_PP_CONF['pi_name']); $c->add('get_street', $_PP_DEFAULTS['get_street'], 'select', 0, 60, 14, 10, true, $_PP_CONF['pi_name']); $c->add('get_city', $_PP_DEFAULTS['get_city'], 'select', 0, 60, 14, 20, true, $_PP_CONF['pi_name']); $c->add('get_state', $_PP_DEFAULTS['get_state'], 'select', 0, 60, 14, 30, true, $_PP_CONF['pi_name']); $c->add('get_country', $_PP_DEFAULTS['get_country'], 'select', 0, 60, 14, 40, true, $_PP_CONF['pi_name']); $c->add('get_postal', $_PP_DEFAULTS['get_postal'], 'select', 0, 60, 14, 50, true, $_PP_CONF['pi_name']); $c->add('weight_unit', $_PP_DEFAULTS['weight_unit'], 'select', 0, 0, 15, 230, true, $_PP_CONF['pi_name']); $c->add('ena_cart', $PP_DEFAULTS['ena_cart'], 'select', 0, 0, 2, 220, true, $_PP_CONF['pi_name']); DB_query("UPDATE {$_TABLES['conf_values']}\n SET sort_order=80\n WHERE name='tmpdir'\n AND group_name='paypal'"); DB_query($sql, 1); if (DB_error()) { COM_errorLog("Error Executing SQL: {$sql}", 1); } // Convert saved buttons in the product records to simple text strings // indicating the type of button to use. Don't save the button in the // new cache table; that will be done when the button is needed. DB_query("UPDATE {$_TABLES['paypal.products']} SET buttons='buy_now'"); // Create order records and associate with the existing purchase table. // We create our own sid to try and use the original purchase date. // Since this function runs so fast, there could still be duplicate // sid's so we check for an existing sid before trying to use it. // If that happens, the order_id will just be a current sid. $sql = "SELECT * FROM {$_TABLES['paypal.purchases']}"; $res = DB_query($sql); if ($res && DB_numRows($res) > 0) { USES_paypal_class_order(); while ($A = DB_fetchArray($res, false)) { $dt_tm = explode(' ', $A['purchase_date']); list($y, $m, $d) = explode('-', $dt_tm[0]); list($h, $i, $s) = explode(':', $dt_tm[1]); $sid = $y . $m . $d . $h . $i . $s; $order_id = $sid . mt_rand(0, 999); while (DB_count($_TABLES['paypal.orders'], 'order_id', $order_id) > 0) { $order_id = COM_makeSid(); } // Discovered that the "price" field isn't filled in for the // purchase table. Read the IPN data and use mc_gross. $IPN = DB_getItem($_TABLES['paypal.ipnlog'], 'ipn_data', "txn_id = '" . DB_escapeString($A['txn_id']) . "'"); $price = 0; if (!empty($IPN)) { $data = @unserialize($IPN); if ($data && isset($data['mc_gross'])) { $price = (double) $data['mc_gross']; if (isset($data['tax'])) { $tax = (double) $data['tax']; $price -= $tax; } else { $tax = 0; } if (isset($data['shipping'])) { $shipping = (double) $data['shipping']; $price -= $shipping; } else { $shipping = 0; } if (isset($data['handling'])) { $handling = (double) $data['handling']; $price -= $handling; } else { $handling = 0; } } } $ord = new ppOrder($order_id); $ord->uid = $A['user_id']; $ord->order_date = DB_escapeString($A['purchase_date']); $ord->status = PP_STATUS_PAID; $ord->pmt_method = 'paypal'; $ord->pmt_txn_id = $A['txn_id']; $ord->tax = $tax; $ord->shipping = $shipping; $ord->handling = $handling; $order_id = $ord->Save(); // Also, split out the item number from any attributes. // Starting with 0.5.0 we store the actual item number // and options separately. // * PAYPAL_explode_opts() not available in this version * list($item_num, $options) = explode('|', $A['product_id']); if (!$options) { $options = ''; } DB_query("UPDATE {$_TABLES['paypal.purchases']} SET\n order_id = '" . DB_escapeString($order_id) . "',\n price = '{$price}',\n product_id = '" . DB_escapeString($item_num) . "',\n options = '" . DB_escapeString($options) . "'\n WHERE txn_id = '{$A['txn_id']}'"); } } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.2')) { $current_ver = '0.5.2'; $error = PAYPAL_do_upgrade_sql($current_ver); if ($error) { return $error; } $c->add('centerblock', $_PP_DEFAULTS['centerblock'], 'select', 0, 0, 2, 215, true, $_PP_CONF['pi_name']); if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.4')) { $current_ver = '0.5.4'; // Addes the currency table and formatting functions if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.6')) { $current_ver = '0.5.6'; // SQL updates in 0.5.4 weren't included in new installation, so check // if they're done and add them to the upgrade process if not. $res = DB_query("SHOW TABLES LIKE '{$_TABLES['paypal.currency']}'", 1); if (!$res || DB_numRows($res) < 1) { // Add the table $PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][0]; // Populate with data $PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][1]; } $res = DB_query("SHOW COLUMNS FROM {$_TABLES['paypal.products']}\n LIKE 'sale_price'", 1); if (!$res || DB_numRows($res) < 1) { // Add the field to the products table $PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][2]; } if (!PAYPAL_do_upgrade_sql('0.5.6')) { return false; } // Add new product defaults for onhand tracking $c->add('def_track_onhand', $_PP_DEFAULTS['def_track_onhand'], 'select', 0, 30, 2, 50, true, $_PP_CONF['pi_name']); $c->add('def_oversell', $_PP_DEFAULTS['def_oversell'], 'select', 0, 30, 16, 60, true, $_PP_CONF['pi_name']); if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.7')) { $current_ver = '0.5.7'; $gid = (int) DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='{$_PP_CONF['pi_name']} Admin'"); if ($gid < 1) { $gid = 1; } // default to Root if paypal group not found DB_query("INSERT INTO {$_TABLES['vars']}\n SET name='paypal_gid', value={$gid}"); $c->add('product_tpl_ver', $_PP_DEFAULTS['product_tpl_ver'], 'select', 0, 30, 2, 70, true, $_PP_CONF['pi_name']); $c->add('list_tpl_ver', $_PP_DEFAULTS['list_tpl_ver'], 'select', 0, 30, 0, 80, true, $_PP_CONF['pi_name']); $c->add('cache_max_age', $_PP_DEFAULTS['cache_max_age'], 'text', 0, 40, 2, 40, true, $_PP_CONF['pi_name']); // Create cache directory if (!is_dir($_PP_DEFAULTS['tmpdir'] . 'cache')) { @mkdir($_PP_DEFAULTS['tmpdir'] . 'cache', '0755', true); } if (!PAYPAL_do_upgrade_sql($current_ver)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.8')) { $current_ver = '0.5.8'; // Add terms and conditions link $c->add('tc_link', $_PP_DEFAULTS['tc_link'], 'text', 0, 40, 2, 50, true, $_PP_CONF['pi_name']); // Upgrade sql changes from owner/group/member/anon perms to group id // First update the group_id based on the perms. $sql = "SELECT cat_id,group_id,perm_group,perm_members,perm_anon\n FROM {$_TABLES['paypal.categories']}"; $res = DB_query($sql, 1); while ($A = DB_fetchArray($res, false)) { if ($A['perm_anon'] >= 2) { $grp_id = 2; } elseif ($A['perm_members'] >= 2) { $grp_id = 13; } else { $grp_id = $A['group_id']; } if ($A['group_id'] != $grp_id) { $grp_id = (int) $grp_id; DB_query("UPDATE {$_TABLES['paypal.categories']}\n SET group_id = {$grp_id}\n WHERE cat_id = {$A['cat_id']}"); } } // Remove Amazon Simplepay gateway file to prevent re-enabling @unlink(PAYPAL_PI_PATH . '/classes/gateways/amazon.class.php'); if (!PAYPAL_do_upgrade_sql($current_ver, true)) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } if (!COM_checkVersion($current_ver, '0.5.9')) { $current_ver = '0.5.9'; // Add shop phone and email conf values, fix subgroup ID for shop info $c->add('shop_phone', '', 'text', 10, 100, 0, 30, true, $_PP_CONF['pi_name']); $c->add('shop_email', $_PP_DEFAULTS['shop_email'], 'text', 10, 100, 0, 40, true, $_PP_CONF['pi_name']); // Create default path for downloads (even if not used) @mkdir($_CONF['path'] . 'data/' . $_PP_CONF['pi_name'] . '/files', true); // Remove stray .htaccess file that interferes with plugin removal @unlink(PAYPAL_PI_PATH . '/files/.htaccess'); if (!PAYPAL_do_upgrade_sql('0.5.9')) { return false; } if (!PAYPAL_do_set_version($current_ver)) { return false; } } CTL_clearCache($_PP_CONF['pi_name']); COM_errorLog("Successfully updated the {$_PP_CONF['pi_display_name']} Plugin", 1); return true; }
function INSTALLER_install($A) { global $_TABLES; COM_errorLog("AutoInstall: **** Start Installation ****"); if (!isset($A['installer']) or $A['installer']['version'] != INSTALLER_VERSION) { COM_errorLog('AutoInstall: Invalid or Unknown installer version'); COM_errorLog("AutoInstall: **** END Installation ****"); return 2; } if (!isset($A['plugin'])) { COM_errorLog("AutoInstall: Missing plugin description!"); COM_errorLog("AutoInstall: **** END Installation ****"); return 1; } if (!isset($A['plugin']['name'])) { COM_errorLog("AutoInstall: Missing plugin name!"); COM_errorLog("AutoInstall: **** END Installation ****"); return 1; } if (!COM_checkVersion(GVERSION, $A['plugin']['gl_ver'])) { COM_errorLog("AutoInstall: Plugin requires glFusion v" . $A['plugin']['gl_ver'] . " or greater"); COM_errorLog("AutoInstall: **** END Installation ****"); return 1; } $pluginName = $A['plugin']['name']; $vars = array('__groups' => array(), '__features' => array(), '__blocks' => array()); $reverse = array(); foreach ($A as $meta => $step) { if ($meta === 'installer') { // must use === when since 0 == 'anystring' is true } elseif ($meta === 'plugin') { if (!isset($step['name'])) { COM_errorLog("AutoInstall: Missing plugin name!"); INSTALLER_fail($pluginName, $reverse); COM_errorLog("AutoInstall: **** END Installation ****"); return 1; } } else { $function = "INSTALLER_install_{$step['type']}"; if (function_exists($function)) { $result = $function($step, $vars); if (is_numeric($result)) { INSTALLER_fail($pluginName, $reverse); COM_errorLog("AutoInstall: **** END Installation ****"); return $result; } else { if (!empty($result)) { $reverse[] = $result; } } } else { $dump = var_dump($step); COM_errorLog('Can\'t process step: ' . $dump); INSTALLER_fail($pluginName, $reverse); COM_errorLog("AutoInstall: **** END Installation ****"); return 1; } } } $plugin = $A['plugin']; $cfgFunction = 'plugin_load_configuration_' . $plugin['name']; // Load the online configuration records if (function_exists($cfgFunction)) { if (!$cfgFunction()) { COM_errorLog("AutoInstall: Failed to load the default configuration"); INSTALLER_fail($pluginName, $reverse); COM_errorLog("AutoInstall: **** END Installation ****"); return 1; } } else { COM_errorLog("AutoInstall: No default config found: " . $cfgFunction); } // Finally, register the plugin with glFusion COM_errorLog("AutoInstall: Registering {$plugin['display']} plugin with glFusion", 1); // silently delete an existing entry DB_delete($_TABLES['plugins'], 'pi_name', $plugin['name']); DB_query("INSERT INTO {$_TABLES['plugins']} (pi_name, pi_version, pi_gl_version, pi_homepage, pi_enabled) " . "VALUES ('{$plugin['name']}', '{$plugin['ver']}', '{$plugin['gl_ver']}', '{$plugin['url']}', 1)", 1); // run any post install routines $postInstallFunction = 'plugin_postinstall_' . $plugin['name']; if (function_exists($postInstallFunction)) { $postInstallFunction(); } else { COM_errorLog("AutoInstall: No post installation routine found."); } COM_errorLog("AutoInstall: **** END Installation ****"); CTL_clearCache(); return 0; }
/** * Main driver to handle the uploaded plugin * * Determines if a new style (supports automated installer) or * an old style. * * @return string Formatted HTML containing the page body * */ function processPluginUpload() { global $_CONF, $_PLUGINS, $_PLUGIN_INFO, $_TABLES, $pluginData, $LANG_ADMIN, $LANG32, $_DB_dbms, $_DB_table_prefix, $_IMAGE_TYPE; $retval = ''; $upgrade = false; if (count($_FILES) > 0 && $_FILES['pluginfile']['error'] != UPLOAD_ERR_NO_FILE) { require_once $_CONF['path_system'] . 'classes/upload.class.php'; $upload = new upload(); if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) { $upload->setLogFile($_CONF['path'] . 'logs/error.log'); $upload->setDebug(true); } $upload->setMaxFileUploads(1); $upload->setMaxFileSize(25165824); $upload->setAllowedMimeTypes(array('application/x-gzip' => '.gz,.gzip,tgz', 'application/zip' => '.zip', 'application/x-tar' => '.tar,.tar.gz,.gz', 'application/x-gzip-compressed' => '.tar.gz,.tgz,.gz')); $upload->setFieldName('pluginfile'); if (!$upload->setPath($_CONF['path_data'] . 'temp')) { return _pi_errorBox($upload->printErrors(false)); exit; } $filename = $_FILES['pluginfile']['name']; $upload->setFileNames($filename); $upload->uploadFiles(); if ($upload->areErrors()) { return _pi_errorBox($upload->printErrors(false)); exit; } $Finalfilename = $_CONF['path_data'] . 'temp/' . $filename; } else { return _pi_errorBox($LANG32[46]); } // decompress into temp directory if (function_exists('set_time_limit')) { @set_time_limit(60); } if (!($tmp = _io_mktmpdir())) { return _pi_errorBox($LANG32[47]); } if (!COM_decompress($Finalfilename, $_CONF['path_data'] . $tmp)) { _pi_deleteDir($_CONF['path_data'] . $tmp); return _pi_errorBox($LANG32[48]); } @unlink($Finalfilename); // read XML data file, places in $pluginData; $pluginData = array(); $rc = _pi_parseXML($_CONF['path_data'] . $tmp); if ($rc == -1) { // no xml file found return processOldPlugin($tmp); } if (!isset($pluginData['id']) || !isset($pluginData['version'])) { return processOldPlugin($tmp); } // proper glfusion version if (!COM_checkVersion(GVERSION, $pluginData['glfusionversion'])) { _pi_deleteDir($_CONF['path_data'] . $tmp); return _pi_errorBox(sprintf($LANG32[49], $pluginData['glfusionversion'])); } if (!COM_checkVersion(phpversion(), $pluginData['phpversion'])) { $retval .= sprintf($LANG32[50], $pluginData['phpversion']); _pi_deleteDir($_CONF['path_data'] . $tmp); return _pi_errorBox(sprintf($LANG32[50], $pluginData['phpversion'])); } // check prerequisites $errors = ''; if (isset($pluginData['requires']) && is_array($pluginData['requires'])) { foreach ($pluginData['requires'] as $reqPlugin) { list($reqPlugin, $required_ver) = explode(',', $reqPlugin); if (!isset($_PLUGIN_INFO[$reqPlugin])) { // required plugin not installed $errors .= sprintf($LANG32[51], $pluginData['id'], $reqPlugin, $reqPlugin); } elseif (!empty($required_ver)) { $installed_ver = $_PLUGIN_INFO[$reqPlugin]; if (!COM_checkVersion($installed_ver, $required_ver)) { // required plugin installed, but wrong version $errors .= sprintf($LANG32[90], $required_ver, $reqPlugin, $installed_ver, $reqPlugin); } } } } if ($errors != '') { _pi_deleteDir($_CONF['path_data'] . $tmp); return _pi_errorBox($errors); } // check if plugin already exists // if it does, check that this is an upgrade // if not, error // else validate we really want to upgrade $result = DB_query("SELECT * FROM {$_TABLES['plugins']} WHERE pi_name='" . DB_escapeString($pluginData['id']) . "'"); if (DB_numRows($result) > 0) { $P = DB_fetchArray($result); if ($P['pi_version'] == $pluginData['version']) { _pi_deleteDir($_CONF['path_data'] . $tmp); return _pi_errorBox(sprintf($LANG32[52], $pluginData['id'])); } // if we are here, it must be an upgrade or disabled plugin.... $rc = COM_checkVersion($pluginData['version'], $P['pi_version']); if ($rc < 1) { _pi_deleteDir($_CONF['path_data'] . $tmp); return _pi_errorBox(sprintf($LANG32[53], $pluginData['id'], $pluginData['version'], $P['pi_version'])); } if ($P['pi_enabled'] != 1) { _pi_deleteDir($_CONF['path_data'] . $tmp); return _pi_errorBox($LANG32[72]); } $upgrade = true; } $permError = 0; $permErrorList = ''; if (function_exists('set_time_limit')) { @set_time_limit(30); } // test copy to proper directories list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/', $_CONF['path'] . 'plugins/' . $pluginData['id']); if ($rc > 0) { $permError = 1; foreach ($failed as $filename) { $permErrorList .= sprintf($LANG32[41], $filename); } } list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/admin/', $_CONF['path_html'] . 'admin/plugins/' . $pluginData['id']); if ($rc > 0) { $permError = 1; foreach ($failed as $filename) { $permErrorList .= sprintf($LANG32[41], $filename); } } list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/public_html/', $_CONF['path_html'] . $pluginData['id']); if ($rc > 0) { $permError = 1; foreach ($failed as $filename) { $permErrorList .= sprintf($LANG32[41], $filename); } } if ($permError != 0) { $errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44]; _pi_deleteDir($_CONF['path_data'] . $tmp); return _pi_errorBox($errorMessage); } USES_lib_admin(); $menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home'])); $T = new Template($_CONF['path_layout'] . 'admin/plugins'); $T->set_file('form', 'plugin_upload_confirm.thtml'); $T->set_var('admin_menu', ADMIN_createMenu($menu_arr, $pluginData['id'] . ' ' . $LANG32[62], $_CONF['layout_url'] . '/images/icons/plugins.' . $_IMAGE_TYPE)); $T->set_var(array('form_action_url' => $_CONF['site_admin_url'] . '/plugin_upload.php', 'action' => 'processupload', 'pi_name' => $pluginData['id'], 'pi_version' => $pluginData['version'], 'pi_url' => $pluginData['url'], 'pi_gl_version' => $pluginData['glfusionversion'], 'pi_desc' => $pluginData['description'], 'pi_author' => $pluginData['author'], 'plugin_old_version' => $P['pi_version'], 'upgrade' => $upgrade, 'temp_dir' => $tmp)); $retval .= $T->parse('output', 'form'); return $retval; }