function RemoteInit()
{
global $langmessage;
if (empty($_REQUEST['name']) || empty($_REQUEST['type']) || empty($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) {
message($langmessage['OOPS']);
return false;
}
if ($_REQUEST['type'] != 'plugin' && $_REQUEST['type'] != 'theme') {
message($langmessage['OOPS']);
return false;
}
if (!admin_tools::CanRemoteInstall()) {
message($langmessage['OOPS']);
return false;
}
$addonName =& $_REQUEST['name'];
$this->addon_name = $addonName;
$this->InitInstall_Vars();
return true;
}
/**
* Prepare and output any inline Javascript for the current page
* @static
*/
function GetHead_InlineJS()
{
global $page, $linkPrefix;
ob_start();
if (gpdebugjs) {
echo 'var debugjs=true;';
}
if (common::LoggedIn()) {
echo 'var isadmin=true';
echo ',gpBLink="' . common::HrefEncode($linkPrefix) . '"';
//here because of index.php
gpsession::GPUIVars();
if (!admin_tools::CanRemoteInstall()) {
echo ',gpRem=false';
}
echo ',post_nonce="' . common::new_nonce('post', true) . '"';
echo ';';
gpOutput::GP_STYLES();
}
echo $page->head_script;
if (!empty($page->jQueryCode)) {
echo '$(function(){';
echo $page->jQueryCode;
echo '});';
}
$inline = ob_get_clean();
if (!empty($inline)) {
echo "\n<script type=\"text/javascript\">/* <![CDATA[ */\n";
echo $inline;
echo "\n/* ]]> */</script>";
}
}
/**
* Determine if $session_id represents a valid session and if so start the session
*
*/
static function start($session_id, $sessions = false)
{
global $langmessage, $dataDir, $wbMessageBuffer;
static $locked_message = false;
//get the session file
if (!$sessions) {
$sessions = self::GetSessionIds();
if (!isset($sessions[$session_id])) {
msg('hmm: ' . gp_session_cookie);
self::cookie(gp_session_cookie);
//make sure the cookie is deleted
msg($langmessage['Session Expired'] . ' (timeout)');
return false;
}
}
$sess_info = $sessions[$session_id];
//check ~ip, ~user agent ...
if (gp_browser_auth && !empty($sess_info['uid'])) {
$auth_uid = self::auth_browseruid();
$auth_uid_legacy = self::auth_browseruid(true);
//legacy option added to prevent logging users out, added 2.0b2
if ($sess_info['uid'] != $auth_uid && $sess_info['uid'] != $auth_uid_legacy) {
self::cookie(gp_session_cookie);
//make sure the cookie is deleted
msg($langmessage['Session Expired'] . ' (browser auth)');
return false;
}
}
$session_file = $dataDir . '/data/_sessions/' . $sess_info['file_name'];
if ($session_file === false || !gpFiles::Exists($session_file)) {
self::cookie(gp_session_cookie);
//make sure the cookie is deleted
msg($langmessage['Session Expired'] . ' (invalid)');
return false;
}
//prevent browser caching when editing
Header('Last-Modified: ' . gmdate('D, j M Y H:i:s') . ' GMT');
Header('Expires: ' . gmdate('D, j M Y H:i:s', time()) . ' GMT');
Header('Cache-Control: no-store, no-cache, must-revalidate');
// HTTP/1.1
Header('Cache-Control: post-check=0, pre-check=0', false);
Header('Pragma: no-cache');
// HTTP/1.0
$GLOBALS['gpAdmin'] = self::SessionData($session_file, $checksum);
//lock to prevent conflicting edits
if (gp_lock_time > 0 && (!empty($GLOBALS['gpAdmin']['editing']) || !empty($GLOBALS['gpAdmin']['granted']))) {
$expires = gp_lock_time;
if (!gpFiles::Lock('admin', sha1(sha1($session_id)), $expires)) {
msg($langmessage['site_locked'] . ' ' . sprintf($langmessage['lock_expires_in'], ceil($expires / 60)));
$locked_message = true;
} else {
unset($GLOBALS['gpAdmin']['locked']);
}
}
//extend cookie?
if (isset($GLOBALS['gpAdmin']['remember'])) {
$elapsed = time() - $GLOBALS['gpAdmin']['remember'];
if ($elapsed > 604800) {
//7 days
$GLOBALS['gpAdmin']['remember'] = time();
self::cookie(gp_session_cookie, $session_id);
}
}
register_shutdown_function(array('gpsession', 'close'), $session_file, $checksum);
self::SaveSetting();
//make sure forms have admin nonce
ob_start(array('gpsession', 'AdminBuffer'));
gpOutput::$lang_values += array('cancel' => 'ca', 'update' => 'up', 'caption' => 'cp', 'Width' => 'Width', 'Height' => 'Height');
common::LoadComponents('sortable,autocomplete,gp-admin,gp-admin-css');
admin_tools::VersionsAndCheckTime();
gpOutput::$inline_vars += array('gpRem' => admin_tools::CanRemoteInstall());
//prepend messages from message buffer
if (isset($GLOBALS['gpAdmin']['message_buffer']) && count($GLOBALS['gpAdmin']['message_buffer'])) {
$wbMessageBuffer = array_merge($GLOBALS['gpAdmin']['message_buffer'], $wbMessageBuffer);
unset($GLOBALS['gpAdmin']['message_buffer']);
}
//alias
if (isset($_COOKIE['gp_alias'])) {
$GLOBALS['gpAdmin']['useralias'] = $_COOKIE['gp_alias'];
} else {
$GLOBALS['gpAdmin']['useralias'] = $GLOBALS['gpAdmin']['username'];
}
return true;
}
/**
* Get the remote package
*
*/
function GetRemote()
{
global $langmessage;
includeFile('tool/RemoteGet.php');
// check values
if (empty($this->type) || empty($this->id) || !is_numeric($this->id)) {
$this->message($langmessage['OOPS'] . ' (Invalid Request)');
return false;
}
// allowed to remote install?
switch ($this->type) {
case 'plugin':
if (!gp_remote_plugins) {
$this->message($langmessage['OOPS'] . ' (Can\'t remote install plugins)');
return false;
}
break;
case 'theme':
if (!gp_remote_themes) {
$this->message($langmessage['OOPS'] . ' (Can\'t remote install themes)');
return false;
}
break;
default:
$this->message($langmessage['OOPS'] . ' (Invalid Type)');
return false;
}
// able to remote install?
if (!admin_tools::CanRemoteInstall()) {
$this->message($langmessage['OOPS'] . ' (Can\'t remote install)');
return false;
}
// download
$download_link = addon_browse_path;
if ($this->type == 'theme') {
$download_link .= '/Themes';
} else {
$download_link .= '/Plugins';
}
$download_link .= '?cmd=install&id=' . rawurlencode($this->id);
// purchase order id
if (!$this->order) {
$this->order = $this->GetOrder($this->id);
}
if ($this->order) {
$download_link .= '&order=' . rawurlencode($this->order);
}
// get package from remote
$full_result = gpRemoteGet::Get($download_link);
if ((int) $full_result['response']['code'] < 200 && (int) $full_result['response']['code'] >= 300) {
$this->message($langmessage['download_failed'] . ' (1)');
return false;
}
// download failed and a message was sent
if (isset($full_result['headers']['x-error'])) {
$this->message(htmlspecialchars($full_result['headers']['x-error']));
$this->message(sprintf($langmessage['download_failed_xerror'], 'href="' . $this->DetailUrl($_POST['type'], $_POST['id']) . '" data-cmd="remote"'));
return false;
}
$result = $full_result['body'];
$md5 =& $full_result['headers']['x-md5'];
//check md5
$package_md5 = md5($result);
if ($package_md5 != $md5) {
$this->message($langmessage['download_failed_md5'] . ' <br/> (Package Checksum ' . $package_md5 . ' != Expected Checksum ' . $md5 . ')');
return false;
}
//save contents
$tempfile = $this->TempFile('.zip');
if (!gpFiles::Save($tempfile, $result)) {
$this->message($langmessage['download_failed'] . ' (Package not saved)');
return false;
}
$this->source = $this->TempFile();
$success = $this->ExtractArchive($this->source, $tempfile);
unlink($tempfile);
return $success;
}
