/**
* Allows modules to register a file which should be allowed to load the
* config.php directly.
*
* This is only allowed in installation context!
*
* @access public
* @param string $module - module name
* @param string $filepath - relative file path
**/
public static function sec_register_file($module, $filepath)
{
global $admin;
if (!CAT_Backend::isBackend() && !is_object($admin) && !defined('CAT_INSTALL')) {
self::getInstance()->log()->logCrit("sec_register_file() called outside admin context!");
self::$error = "sec_register_file() called outside admin context!";
return false;
}
// check permissions
if (!CAT_Users::checkPermission('Addons', 'modules_install') && !defined('CAT_INSTALL')) {
self::getInstance()->log()->logCrit("sec_register_file() called without modules_install perms!");
self::$error = "sec_register_file() called without modules_install perms!";
return false;
}
// this will remove ../.. from $filepath
$filepath = CAT_Helper_Directory::sanitizePath($filepath);
if (!is_dir(CAT_PATH . '/modules/' . $module)) {
self::getInstance()->log()->logCrit("sec_register_file() called for non existing module [{$module}] (path: [{$filepath}])");
self::$error = "sec_register_file() called for non existing module [{$module}] (path: [{$filepath}])";
return false;
}
if (!file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/' . $filepath))) {
self::getInstance()->log()->logCrit("sec_register_file() called for non existing file [{$filepath}] (module: [{$module}])");
self::$error = "sec_register_file() called for non existing file [{$filepath}] (module: [{$module}])";
return false;
}
$self = self::getInstance();
$q = $self->db()->query('SELECT * FROM `:prefix:addons` WHERE directory=:dir', array('dir' => $module));
if (!$q->rowCount()) {
self::getInstance()->log()->logCrit("sec_register_file() called for non existing module [{$module}] (path: [{$filepath}]) - not found in addons table!");
self::$error = "sec_register_file() called for non existing module [{$module}] (path: [{$filepath}]) - not found in addons table!";
return false;
}
$row = $q->fetchRow();
// remove trailing / from $filepath
$filepath = preg_replace('~^/~', '', $filepath);
$q = $self->db()->query('SELECT * FROM `:prefix:class_secure` WHERE module=:mod AND filepath=:path', array('mod' => $row['addon_id'], 'path' => '/modules/' . $module . '/' . $filepath));
if (!$q->rowCount()) {
$self->db()->query('REPLACE INTO `:prefix:class_secure` VALUES ( :id, :path )', array('id' => $row['addon_id'], 'path' => '/modules/' . $module . '/' . $filepath));
return $self->db()->isError() ? false : true;
}
return true;
}
/**
* Print the admin footer
*
* @access public
**/
public static function print_footer()
{
global $parser;
$tpl_data = array();
// init template search paths
self::initPaths();
$data['CAT_VERSION'] = CAT_Registry::get('CAT_VERSION');
$data['CAT_BUILD'] = CAT_Registry::get('CAT_BUILD');
$data['CAT_CORE'] = CAT_Registry::get('CAT_CORE');
$data['permissions']['pages'] = CAT_Users::checkPermission('pages', 'pages') ? true : false;
$self = isset($this) && is_object($this) ? $this : self::getInstance();
// ========================================================================
// ! Try to get the actual version of the backend-theme from the database
// ========================================================================
$backend_theme_version = '-';
if (defined('DEFAULT_THEME')) {
$backend_theme_version = $self->db()->query("SELECT `version` from `:prefix:addons` where `directory`=:theme", array('theme' => DEFAULT_THEME))->fetchColumn();
}
$data['THEME_VERSION'] = $backend_theme_version;
$data['THEME_NAME'] = DEFAULT_THEME;
global $_be_mem, $_be_time;
$data['system_information'] = array(array('name' => $self->lang()->translate('PHP version'), 'status' => phpversion()), array('name' => $self->lang()->translate('Memory usage'), 'status' => '~ ' . sprintf('%0.2f', (memory_get_usage() - $_be_mem) / (1024 * 1024)) . ' MB'), array('name' => $self->lang()->translate('Script run time'), 'status' => '~ ' . sprintf('%0.2f', microtime(TRUE) - $_be_time) . ' sec'));
// ====================
// ! Parse the footer
// ====================
$parser->output('footer', $data);
// ======================================
// ! make sure to flush the output buffer
// ======================================
if (ob_get_level() > 1) {
while (ob_get_level() > 0) {
ob_end_flush();
}
}
}
