protected function updateOptions($token) { global $currentIndex; if ($this->tabAccess['edit'] === '1') { foreach ($this->_fieldsOptions as $key => $field) { if ($this->validateField(Tools14::getValue($key), $field)) { // check if a method updateOptionFieldName is available $method_name = 'updateOption' . Tools14::toCamelCase($key, true); if (method_exists($this, $method_name)) { $this->{$method_name}(Tools14::getValue($key)); } elseif ($field['type'] == 'textLang' or $field['type'] == 'textareaLang') { $languages = Language::getLanguages(false); $list = array(); foreach ($languages as $language) { $val = isset($field['cast']) ? $field['cast'](Tools14::getValue($key . '_' . $language['id_lang'])) : Tools14::getValue($key . '_' . $language['id_lang']); if (Validate::isCleanHtml($val)) { $list[$language['id_lang']] = $val; } else { $this->_errors[] = Tools14::displayError('Can not add configuration ' . $key . ' for lang ' . Language::getIsoById((int) $language['id_lang'])); } } Configuration::updateValue($key, $list); } else { $val = isset($field['cast']) ? $field['cast'](Tools14::getValue($key)) : Tools14::getValue($key); if (Validate::isCleanHtml($val)) { Configuration::updateValue($key, $val); } else { $this->_errors[] = Tools14::displayError('Can not add configuration ' . $key); } } } } if (count($this->_errors) <= 0) { Tools14::redirectAdmin($currentIndex . '&conf=6&token=' . $token); } } else { $this->_errors[] = Tools14::displayError('You do not have permission to edit here.'); } }
define('_PS_ADMIN_DIR_', _PS_ROOT_DIR_ . DIRECTORY_SEPARATOR . $_POST['dir']); define('PS_ADMIN_DIR', _PS_ADMIN_DIR_); // Retro-compatibility //require(_PS_ADMIN_DIR_.'/functions.php'); include AUTOUPGRADE_MODULE_DIR . 'init.php'; $adminObj = new $tab(); $adminObj->ajax = true; if (is_object($adminObj)) { if ($adminObj->checkToken()) { // the differences with index.php is here $adminObj->ajaxPreProcess(); $action = Tools14::getValue('action'); // no need to use displayConf() here if (!empty($action) and method_exists($adminObj, 'ajaxProcess' . Tools14::toCamelCase($action))) { $adminObj->{'ajaxProcess' . Tools14::toCamelCase($action)}(); } else { $adminObj->ajaxProcess(); } // @TODO We should use a displayAjaxError $adminObj->displayErrors(); if (!empty($action) and method_exists($adminObj, 'displayAjax' . Tools14::toCamelCase($action))) { $adminObj->{'displayAjax' . $action}(); } else { $adminObj->displayAjax(); } } else { // If this is an XSS attempt, then we should only display a simple, secure page ob_clean(); $adminObj->displayInvalidToken(); } }