/** * Handle uploaded plugin * * @return string HTML: redirect or main plugin screen + error message * */ function plugin_upload() { global $_CONF, $_TABLES; $retval = ''; $path_admin = $_CONF['path_html'] . substr($_CONF['site_admin_url'], strlen($_CONF['site_url']) + 1) . '/'; $upload_success = false; // If an error occured while uploading the file. $error_msg = plugin_getUploadError($_FILES['plugin']); if (!empty($error_msg)) { $retval .= plugin_main($error_msg); } else { require_once $_CONF['path_system'] . 'classes/unpacker.class.php'; $plugin_file = $_CONF['path_data'] . $_FILES['plugin']['name']; // Name the plugin file $archive = new unpacker($_FILES['plugin']['tmp_name'], $_FILES['plugin']['type']); $tmp = $archive->getlist(); // Grab the contents of the tarball to see what the plugin name is $dirname = preg_replace('/\\/.*$/', '', $tmp[0]['filename']); if (empty($dirname)) { // If $dirname is blank it's probably because the user uploaded a non Tarball file. $retval = COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=100'); } else { $pi_did_exist = false; // plugin directory already existed $pi_had_entry = false; // plugin had an entry in the database $pi_was_enabled = false; // plugin was enabled if (file_exists($_CONF['path'] . 'plugins/' . $dirname)) { $pi_did_exist = true; // plugin directory already exists $pstatus = DB_query("SELECT pi_name, pi_enabled FROM {$_TABLES['plugins']} WHERE pi_name = '{$dirname}'"); $A = DB_fetchArray($pstatus); if (isset($A['pi_name'])) { $pi_had_entry = true; $pi_was_enabled = $A['pi_enabled'] == 1; } $callback = 'plugin_enablestatechange_' . $dirname; if ($pi_was_enabled) { // disable temporarily while we move the files around if (is_callable($callback)) { changePluginStatus($dirname); } else { DB_change($_TABLES['plugins'], 'pi_enabled', 0, 'pi_name', $dirname); } } require_once 'System.php'; $plugin_dir = $_CONF['path'] . 'plugins/' . $dirname; if (file_exists($plugin_dir . '.previous')) { @System::rm('-rf ' . $plugin_dir . '.previous'); } if (file_exists($plugin_dir)) { rename($plugin_dir, $plugin_dir . '.previous'); } $public_dir = $_CONF['path_html'] . $dirname; if (file_exists($public_dir . '.previous')) { @System::rm('-rf ' . $public_dir . '.previous'); } if (file_exists($public_dir)) { rename($public_dir, $public_dir . '.previous'); } $admin_dir = $path_admin . 'plugins/' . $dirname; if (file_exists($admin_dir . '.previous')) { @System::rm('-rf ' . $admin_dir . '.previous'); } if (file_exists($admin_dir)) { rename($admin_dir, $admin_dir . '.previous'); } } /** * Install the plugin * This doesn't work if the public_html & public_html/admin/plugins directories aren't 777 */ // Extract the tarball to data so we can get the $pi_name name from admin/install.php $archive->unpack($_CONF['path'] . 'data/', array($dirname . '/admin/install.php')); $plugin_inst = $_CONF['path'] . 'data/' . $dirname . '/admin/install.php'; $fdata = ''; $fhandle = @fopen($plugin_inst, 'r'); if ($fhandle) { $fdata = fread($fhandle, filesize($plugin_inst)); fclose($fhandle); } /* // Remove the plugin from data/ require_once 'System.php'; @System::rm('-rf ' . $_CONF['path'] . 'data/' . $dirname); */ // Some plugins seem to expect files under the data directory to // be unchanged while they are disabled. Let's leave the files untouched. /** * One time I wanted to install a muffler on my car and * needed to match up the outside diameter of the car's * exhaust pipe to the inside diameter of the muffler. * Unfortunately, when I went to the auto parts store they * didn't have a coupling adapter that would perfectly * match the two pipes, only a bunch of smaller adapters. * I ended up using about 4 small adapters to step down * one size at a time to the size of the muffler's input. * * It's kind of like this regular expression: * */ $fdata = preg_replace('/\\n/', '', $fdata); $fdata = preg_replace('/ /', '', $fdata); $pi_name = preg_replace('/^.*\\$pi\\_name=\'/', '', $fdata); $pi_name = preg_replace('/\'.*$/', '', $pi_name); // Some plugins don't have $pi_name set in their install.php file, // This means our regex won't work and we should just use $dirname if (preg_match('/\\<\\?php/', $pi_name) || preg_match('/--/', $pi_name)) { $pi_name = $dirname; } elseif (empty($pi_name)) { $pi_name = $dirname; } // Extract the uploaded archive to the plugins directory $upload_success = $archive->unpack($_CONF['path'] . 'plugins/'); $plg_path = $_CONF['path'] . 'plugins/' . $pi_name . '/'; if ($upload_success) { if (file_exists($plg_path . 'public_html')) { rename($plg_path . 'public_html', $_CONF['path_html'] . $pi_name); } if (file_exists($plg_path . 'admin')) { rename($plg_path . 'admin', $path_admin . 'plugins/' . $pi_name); } } unset($archive); // Collect some garbage // cleanup when uploading a new version require_once 'System.php'; if ($pi_did_exist) { $plugin_dir = $_CONF['path'] . 'plugins/' . $dirname; if (file_exists($plugin_dir . '.previous')) { @System::rm('-rf ' . $plugin_dir . '.previous'); } $public_dir = $_CONF['path_html'] . $dirname; if (file_exists($public_dir . '.previous')) { @System::rm('-rf ' . $public_dir . '.previous'); } $admin_dir = $path_admin . 'plugins/' . $dirname; if (file_exists($admin_dir . '.previous')) { @System::rm('-rf ' . $admin_dir . '.previous'); } if ($pi_was_enabled) { // Enable the plugin again if (is_callable($callback)) { changePluginStatus($dirname); } else { DB_change($_TABLES['plugins'], 'pi_enabled', 1, 'pi_name', $dirname); } } } $msg_with_plugin_name = false; if ($pi_did_exist) { if ($pi_was_enabled) { // check if we have to perform an update $pi_version = DB_getItem($_TABLES['plugins'], 'pi_version', "pi_name = '{$dirname}'"); $code_version = PLG_chkVersion($dirname); if (!empty($code_version) && $code_version != $pi_version) { /** * At this point, we would have to call PLG_upgrade(). * However, we've loaded the plugin's old functions.inc * (in lib-common.php). We can't load the new one here * now since that would result in duplicate function * definitions. Solution: Trigger a reload (with the new * functions.inc) and continue there. */ $url = $_CONF['site_admin_url'] . '/plugins.php' . '?mode=continue_upgrade' . '&codeversion=' . urlencode($code_version) . '&piversion=' . urlencode($pi_version) . '&plugin=' . urlencode($dirname); echo COM_refresh($url); exit; } else { $msg = 98; // successfully uploaded } } else { $msg = 98; // successfully uploaded } } elseif (file_exists($plg_path . 'autoinstall.php')) { // if the plugin has an autoinstall.php, install it now if (plugin_autoinstall($pi_name)) { PLG_pluginStateChange($pi_name, 'installed'); $msg = 44; // successfully installed } else { $msg = 72; // an error occured while installing the plugin } } else { $msg = 98; // successfully uploaded } $url = $_CONF['site_admin_url'] . '/plugins.php?msg=' . $msg; if ($msg_with_plugin_name) { $url .= '&plugin=' . $dirname; } $retval = COM_refresh($url); } } return $retval; }
$display .= do_update($pi_name); } elseif ($mode == 'info_installed') { $display .= COM_siteHeader('menu', $LANG32[13]); $display .= plugin_info_installed(COM_applyFilter($_GET['pi_name'])); $display .= COM_siteFooter(); } elseif ($mode == 'info_uninstalled') { $display .= COM_siteHeader('menu', $LANG32[13]); $display .= plugin_info_uninstalled(COM_applyFilter($_GET['pi_name'])); $display .= COM_siteFooter(); } elseif ($mode == 'toggle') { SEC_checkToken(); $pi_name = ''; if (!empty($_GET['pi_name'])) { $pi_name = COM_applyFilter($_GET['pi_name']); } changePluginStatus($pi_name); $sorting = ''; if (!empty($_GET['order']) && !empty($_GET['direction'])) { // Remember how the list was sorted $ord = trim($_GET['order']); $dir = trim($_GET['direction']); $old = trim($_GET['prevorder']); $sorting = "?order={$ord}&direction={$dir}&prevorder={$old}"; } $display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php' . $sorting); } elseif ($mode == 'change_load_order' && SEC_checkToken()) { change_load_order(COM_applyFilter($_GET['pi_name']), COM_applyFilter($_GET['where'])); $display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php'); } elseif ($mode == 'autoinstall' && SEC_checkToken()) { if (SEC_hasRights('plugin.install')) { $plugin = '';
} return $retval; } // MAIN $display = ''; if (isset($_POST['pluginenabler'])) { // JavaScript-triggered POST request if (isset($_POST['updatethisplugin'])) { // translate into a standard update request (see below) $_POST['mode'] = $LANG32[34]; $_POST['pi_name'] = $_POST['updatethisplugin']; } elseif (SEC_checkToken()) { if (isset($_POST['enabledplugins'])) { changePluginStatus($_POST['enabledplugins']); } else { changePluginStatus(array()); } // force a refresh so that the information of the plugin that was just // enabled / disabled (menu entries, etc.) is displayed properly header('Location: ' . $_CONF['site_admin_url'] . '/plugins.php'); exit; } } $mode = ''; if (isset($_POST['mode'])) { $mode = $_POST['mode']; } elseif (isset($_GET['mode'])) { $mode = $_GET['mode']; } if ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) { $pi_name = COM_applyFilter($_POST['pi_name']);