}
require_once NOALYSS_INCLUDE . '/class_database.php';
require_once NOALYSS_INCLUDE . '/class_dossier.php';
require_once NOALYSS_INCLUDE . '/ac_common.php';
require_once NOALYSS_INCLUDE . '/constant.php';
require_once NOALYSS_INCLUDE . '/function_javascript.php';
require_once NOALYSS_INCLUDE . '/class_extension.php';
require_once NOALYSS_INCLUDE . '/class_html_input.php';
require_once NOALYSS_INCLUDE . '/class_iselect.php';
require_once NOALYSS_INCLUDE . '/constant.security.php';
require_once NOALYSS_INCLUDE . '/class_user.php';
/**
 * included from do.php + extension_choice.inc.php
 */
// find file and check security
global $cn, $g_user;
$ext = new Extension($cn);
if ($ext->search($_REQUEST['plugin_code']) == -1) {
    echo_warning("plugin non trouvé");
    return;
}
if ($ext->can_request($g_user->login) == -1) {
    alert("Plugin non authorisé");
    return;
}
if (!file_exists(NOALYSS_PLUGIN . '/' . trim($ext->me_file))) {
    alert(j(_("Ce fichier n'existe pas ")));
    return;
}
echo '<div class="content">';
require_once NOALYSS_PLUGIN . DIRECTORY_SEPARATOR . trim($ext->me_file);
Beispiel #2
0
if (isset($_REQUEST['plugin_code'])) {
    if (LOGINPUT) {
        $file_loginput = fopen($_ENV['TMP'] . '/scenario-' . $_SERVER['REQUEST_TIME'] . '.php', 'a+');
        fwrite($file_loginput, "<?php \n");
        fwrite($file_loginput, '//@description:' . $_REQUEST['plugin_code'] . "\n");
        fwrite($file_loginput, '$_GET=' . var_export($_GET, true));
        fwrite($file_loginput, ";\n");
        fwrite($file_loginput, '$_POST=' . var_export($_POST, true));
        fwrite($file_loginput, ";\n");
        fwrite($file_loginput, '$_POST[\'gDossier\']=$gDossierLogInput;');
        fwrite($file_loginput, "\n");
        fwrite($file_loginput, '$_GET[\'gDossier\']=$gDossierLogInput;');
        fwrite($file_loginput, "\n");
        fwrite($file_loginput, ' $_REQUEST=array_merge($_GET,$_POST);');
        fwrite($file_loginput, "\n");
        fwrite($file_loginput, "include '" . basename(__FILE__) . "';\n");
        fclose($file_loginput);
    }
    $ext = new Extension($cn);
    if ($ext->search($_REQUEST['plugin_code']) != -1) {
        /* security */
        if (!isset($_SESSION['g_user']) || $ext->can_request($_SESSION['g_user']) == 0) {
            exit;
        }
        /* call the ajax script */
        require_once NOALYSS_PLUGIN . DIRECTORY_SEPARATOR . dirname(trim($ext->getp('me_file'))) . DIRECTORY_SEPARATOR . 'ajax.php';
    } else {
        alert(j(_("Cette extension n'existe pas ")));
        exit;
    }
}