}
if ($dirfile == "") {
echo BB_Translate("A filename was not specified.");
} else {
if (!@move_uploaded_file($_FILES["Filedata"]["tmp_name"], $dir . "/" . $dirfile)) {
echo BB_Translate("Unable to move temporary file to final location. Check the permissions of the target directory and destination file.");
} else {
@chmod($dir . "/" . $dirfile, 0444 | $bb_writeperms);
echo "OK";
BB_RunPluginAction("post_bb_main_edit_site_opt_file_explorer_ajaxupload");
}
}
} else {
if ($bb_account["type"] == "dev" && $_REQUEST["bb_action"] == "bb_main_edit_site_opt_file_explorer_upload_submit" && BB_IsSecExtraOpt("dir")) {
BB_RunPluginAction("pre_bb_main_edit_site_opt_file_explorer_upload_submit");
$info = BB_IsValidURL($_REQUEST["url"], array("protocol" => "http"));
if (!$info["success"]) {
BB_PropertyFormError($info["error"]);
}
$dir = BB_GetRealPath($_REQUEST["dir"]);
if ($dir == "") {
$dir = ".";
}
$dirfile = preg_replace('/\\.+/', ".", preg_replace('/[^A-Za-z0-9_.\\-]/', "_", $_REQUEST["destfile"]));
if ($dirfile == ".") {
$dirfile = "";
}
// Automatically calculate the new filename based on the URL.
if ($dirfile == "") {
$ext = "";
if (isset($info["headers"]["content-type"])) {
function BB_InstallExtension($id)
{
global $bb_extensions_info, $bb_writeperms, $bb_paths;
BB_RunPluginAction("pre_bb_installextension");
if (!defined("BB_CORE_VER")) {
return array("success" => false, "error" => "Core version not defined.");
}
if (!function_exists("zip_open")) {
return array("success" => false, "error" => "Required function 'zip_open' does not exist. Ask your hosting provider to enable ZIP file functionality for PHP.");
}
// Remove any existing installation of this extension.
if (!BB_UninstallExtension($id)) {
return array("success" => false, "error" => "Unable to remove the existing extension.");
}
if (isset($bb_paths)) {
$rootpath = $bb_paths["ROOT_PATH"];
$supportpath = $bb_paths["SUPPORT_PATH"];
$widgetpath = $bb_paths["WIDGET_PATH"];
$pluginpath = $bb_paths["PLUGIN_PATH"];
$langpath = $bb_paths["LANG_PATH"];
} else {
$rootpath = ROOT_PATH;
$supportpath = SUPPORT_PATH;
$widgetpath = WIDGET_PATH;
$pluginpath = PLUGIN_PATH;
$langpath = LANG_PATH;
}
@unlink($rootpath . "/install_extension.zip");
if (file_exists($rootpath . "/install_extension.zip")) {
return array("success" => false, "error" => "Unable to remove ZIP file from another extension installation attempt.");
}
$url = "https://barebonescms.com/extend/api/?action=install&core_ver=" . urlencode(BB_CORE_VER) . "&id=" . urlencode($id);
BB_RunPluginActionInfo("pre_bb_installextension_url", $url);
$info = BB_IsValidURL($url);
if (!$info["success"]) {
return $info;
}
$data = @json_decode(trim($info["data"]), true);
if ($data === false) {
return array("success" => false, "error" => "Invalid data returned from the Barebones CMS distribution server.");
}
if (!$data["success"]) {
return $data;
}
if (!isset($data["data"])) {
return array("success" => false, "error" => "ZIP file data is missing.");
}
$data2 = @base64_decode(str_replace(array("-", "_"), array("+", "/"), $data["data"]));
if ($data2 === false) {
return array("success" => false, "error" => "Invalid ZIP file data returned from the Barebones CMS distribution server.");
}
if (BB_WriteFile($rootpath . "/install_extension.zip", $data2) === false) {
return array("success" => false, "error" => "Unable to write ZIP file data to a temporary file.");
}
// Find the 'package.json' file.
$zip = @zip_open($rootpath . "/install_extension.zip");
if (!is_resource($zip)) {
return array("success" => false, "error" => "Unable to open ZIP file. Possibly a temporary issue. Try again later. If the problem persists, notify CubicleSoft.");
}
$basepath = false;
$packageinfo = false;
$entry = @zip_read($zip);
while ($packageinfo === false && is_resource($entry)) {
$name = @zip_entry_name($entry);
$name = str_replace("\\", "/", $name);
$origname = $name;
$pos = strrpos($name, "/");
if ($pos !== false) {
$name = substr($name, $pos + 1);
}
if ($name === "package.json") {
if (@zip_entry_open($zip, $entry)) {
$packageinfo = @zip_entry_read($entry, @zip_entry_filesize($entry));
@zip_entry_close($entry);
if ($packageinfo !== false) {
$packageinfo = @json_decode($packageinfo, true);
}
if ($packageinfo === false) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but is invalid or corrupted.");
}
if (!isset($packageinfo["id"])) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but is missing 'id'.");
} else {
if (!is_string($packageinfo["id"])) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'id' is not a string.");
} else {
if ($packageinfo["id"] === "") {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'id' is an empty string.");
} else {
if ($packageinfo["id"] !== $id) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'id' in the package does not match the expected extension ID.");
} else {
if (!isset($packageinfo["version"])) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but is missing 'version'.");
} else {
if (!is_string($packageinfo["version"])) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'version' is not a string.");
} else {
if ($packageinfo["version"] === "") {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'version' is an empty string.");
} else {
if ($packageinfo["version"] !== $data["ver"]) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but the 'version' in the package does not match the expected version.");
} else {
if (!isset($packageinfo["files"])) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but is missing 'files'.");
} else {
if (!is_array($packageinfo["files"])) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'files' is not an array.");
} else {
if (!count($packageinfo["files"])) {
return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'files' is an empty array.");
}
}
}
}
}
}
}
}
}
}
}
$basepath = (string) substr($origname, 0, -12);
}
}
$entry = @zip_read($zip);
}
@zip_close($zip);
if ($packageinfo === false) {
return array("success" => false, "error" => "ZIP file is missing a 'package.json' file.");
}
// If the extension has external file prerequisites, then verify the files.
if (isset($packageinfo["dependency_check"]) && is_array($packageinfo["dependency_check"])) {
foreach ($packageinfo["dependency_check"] as $name => $error) {
$name = str_replace("\\", "/", $name);
$error = htmlspecialchars($error);
$checkdir = substr($name, -1) === "/";
$name = BB_GetRealPath($name);
$pos = strpos($name, "/");
if ($pos !== false) {
$basedir = substr($name, 0, $pos);
if ($basedir === "support") {
$name = BB_GetRealPath($supportpath . substr($name, $pos));
} else {
if ($basedir === "widgets") {
$name = BB_GetRealPath($widgetpath . substr($name, $pos));
} else {
if ($basedir === "plugins") {
$name = BB_GetRealPath($pluginpath . substr($name, $pos));
} else {
if ($basedir === "lang") {
$name = BB_GetRealPath($langpath . substr($name, $pos));
}
}
}
}
}
if ($checkdir && !is_dir($rootpath . "/" . $name)) {
return array("success" => false, "error" => $error);
} else {
if (!$checkdir && !is_file($rootpath . "/" . $name)) {
return array("success" => false, "error" => $error);
}
}
}
}
// Extract files to the correct locations.
$zip = @zip_open($rootpath . "/install_extension.zip");
if (!is_resource($zip)) {
return array("success" => false, "error" => "Unable to open ZIP file. Possibly a temporary issue. Try again later. If the problem persists, notify CubicleSoft.");
}
$bb_extensions_info["exts"][$id] = array("id" => $id, "name" => $data["name"], "type" => $data["type"], "type_disp" => $data["type_disp"], "author" => $data["author"], "ver" => $data["ver"], "files" => array());
$entry = @zip_read($zip);
while (is_resource($entry)) {
$name = @zip_entry_name($entry);
$name = str_replace("\\", "/", $name);
if ($basepath === substr($name, 0, strlen($basepath))) {
$name = substr($name, strlen($basepath));
// Attempt to match an option in 'files'.
$match = false;
foreach ($packageinfo["files"] as $src => $dest) {
if ($src === $name) {
$match = $dest;
$name = "";
} else {
if (substr($src, -1) === "*" && substr($src, 0, -1) === substr($name, 0, strlen($src) - 1)) {
$match = $dest;
$name = substr($name, strlen($src) - 1);
}
}
}
if ($match !== false) {
if ($match === "support") {
$match = $supportpath . "/";
} else {
if ($match === "widgets") {
$match = $widgetpath . "/";
} else {
if ($match === "plugins") {
$match = $pluginpath . "/";
} else {
if ($match === "lang") {
$match = $langpath . "/";
}
}
}
}
$match .= $name;
$makedir = substr($match, -1) === "/";
$dest = BB_GetRealPath($match);
if ($makedir) {
@mkdir($rootpath . "/" . $dest, 0777, true);
@chmod($rootpath . "/" . $dest, 0555 | $bb_writeperms);
} else {
if (@zip_entry_open($zip, $entry)) {
$filedata = @zip_entry_read($entry, @zip_entry_filesize($entry));
@zip_entry_close($entry);
if ($filedata === false) {
return array("success" => false, "error" => "An error occurred while reading '" . htmlspecialchars($name) . "'.");
} else {
$dirpath = dirname($dest);
if ($dirpath != "" && $dirpath != ".") {
@mkdir($rootpath . "/" . $dirpath, 0777, true);
@chmod($rootpath . "/" . $dirpath, 0555 | $bb_writeperms);
}
if (BB_WriteFile($rootpath . "/" . $dest, $filedata) === false) {
return array("success" => false, "error" => "An error occurred while writing '" . htmlspecialchars($dest) . "'.");
}
$bb_extensions_info["exts"][$id]["files"][] = $dest;
}
}
}
}
}
$entry = @zip_read($zip);
}
@zip_close($zip);
@unlink($rootpath . "/install_extension.zip");
if (!BB_SaveExtensionsCache()) {
return array("success" => false, "error" => "Unable to save extension information to the cache.");
}
BB_RunPluginAction("post_bb_installextension");
return array("success" => true);
}
