/**
* Creates a ZIP package of the extension and prepares it for downloading.
* @param string $ext_name The name of the extension.
* @return null|bool
*/
public static function download_extension($ext_name)
{
$composery = files::getComposer(objects::$phpbb_root_path . 'ext/' . $ext_name);
if (!$composery) {
return false;
}
$string = @file_get_contents($composery);
if ($string === false) {
return false;
}
$json_a = json_decode($string, true);
$composer_ext_name = isset($json_a['name']) ? $json_a['name'] : '';
$composer_ext_type = isset($json_a['type']) ? $json_a['type'] : '';
if ($composer_ext_name !== $ext_name || $composer_ext_type !== "phpbb-extension") {
return false;
}
$ext_version = isset($json_a['version']) ? $json_a['version'] : '0.0.0';
$ext_delete_suffix = objects::$request->variable('ext_delete_suffix', false);
if ($ext_delete_suffix) {
$restore_composery = false;
if (isset($json_a['version']) && preg_match("/^([\\d]+\\.[\\d]+\\.[\\d]+)(.+)\$/u", $ext_version, $matches)) {
$restore_composery = $string;
$fp = @fopen($composery, 'w');
if ($fp) {
$string = preg_replace("/\"version\"\\:[\\s]*\"" . preg_quote($ext_version, "/") . "\"/u", "\"version\": \"" . $matches[1] . "\"", $string);
fwrite($fp, $string);
fclose($fp);
$ext_version = $matches[1];
}
}
}
$download_name = str_replace('/', '_', $ext_name) . "_" . str_replace('.', '_', $ext_version);
$ext_tmp = objects::$phpbb_root_path . 'ext/' . objects::$upload_ext_name . '/tmp/' . (int) objects::$user->data['user_id'];
// Ensure that we don't have any previous files in the working directory.
if (is_dir($ext_tmp)) {
if (!files::catch_errors(files::rrmdir($ext_tmp))) {
return false;
}
} else {
files::recursive_mkdir($ext_tmp);
}
$download_path = $ext_tmp . '/' . $download_name;
files::save_zip_archive('ext/' . $ext_name . '/', $download_name, $ext_tmp);
filedownload::download_file($download_path, $download_name, 'application/zip');
files::rrmdir($ext_tmp);
// No errors are printed here.
if ($ext_delete_suffix && $restore_composery) {
$fp = @fopen($composery, 'w');
if ($fp) {
fwrite($fp, $restore_composery);
fclose($fp);
}
}
}
function main($id, $mode)
{
global $config, $user, $cache, $template, $request, $phpbb_root_path, $phpEx, $phpbb_log, $phpbb_extension_manager, $phpbb_container;
// General settings for displaying the page.
$this->page_title = $user->lang['ACP_UPLOAD_EXT_TITLE'];
$this->tpl_name = 'acp_upload';
$user->add_lang(array('install', 'acp/extensions', 'migrator'));
$user->add_lang_ext('boardtools/upload', 'upload');
// Instead of using new pages we do it here.
$file = $request->variable('file', '');
if ($file != '') {
filetree::get_file($file);
}
// This is the dir where we will store zip files of extensions.
$this->zip_dir = $phpbb_root_path . $config['upload_ext_dir'];
// get any url vars
$action = $request->variable('action', 'main');
$this->main_link = $this->u_action;
$this->back_link = $request->is_ajax() ? '' : adm_back_link($this->u_action);
$template->assign_var('U_ACTION', $this->u_action);
// The links from phpbb.com does not contain .zip suffix. We need to handle this case.
$phpbb_link_template = '#^(https://)www.phpbb.com/customise/db/download/([0-9]*?)(/composer|/manual)?/?(\\?sid\\=[a-zA-Z0-9]*?)?$#i';
// Work with objects class instead of $this.
objects::$cache =& $cache;
objects::$config =& $config;
objects::$log =& $phpbb_log;
objects::$phpEx = $phpEx;
objects::$phpbb_container =& $phpbb_container;
objects::$phpbb_extension_manager =& $phpbb_extension_manager;
objects::$phpbb_link_template = $phpbb_link_template;
objects::$phpbb_root_path = $phpbb_root_path;
objects::$request =& $request;
objects::$template =& $template;
objects::$tpl_name =& $this->tpl_name;
objects::$u_action = $this->u_action;
objects::$user =& $user;
objects::$zip_dir =& $this->zip_dir;
// Get the information about Upload Extensions - START
objects::$upload_ext_name = 'boardtools/upload';
updater::get_manager();
// Get the information about Upload Extensions - END
// Detect whether this is an Ajax request - START
$ajax_action = $request->variable('ajax_action', '');
objects::$is_ajax = false;
if ($request->is_ajax() && !empty($ajax_action)) {
$template->assign_vars(array('HAS_AJAX' => true, 'IS_AJAX' => true));
objects::$is_ajax = true;
switch ($ajax_action) {
case 'list_from_cdb':
case 'main':
$this->tpl_name = 'acp_upload_main';
break;
case 'set_config_force_unstable':
$ajax_action = 'set_config_version_check_force_unstable';
// no break
// no break
case 'list':
$this->tpl_name = 'acp_upload_list';
break;
case 'local_upload':
$ajax_action = 'upload';
// no break
// no break
case 'upload_language':
case 'upload':
case 'force_update':
case 'enable':
case 'disable':
case 'purge':
case 'restore_languages':
case 'faq':
case 'details':
$this->tpl_name = 'acp_upload_details';
break;
case 'zip_packages':
$this->tpl_name = 'acp_upload_zip_packages';
break;
case 'uninstalled':
$this->tpl_name = 'acp_upload_uninstalled';
break;
case 'versioncheck_force':
extensions::ajax_versioncheck($request->variable('ext_name', ''));
break;
}
$action = $ajax_action;
/*
* Do not output anything (including errors) besides the result object.
* Errors can still be shown in nice box.
* Do it here - page-specific actions go below.
*/
ob_start();
} else {
$template->assign_vars(array('S_LOAD_ACTION' => $action, 'U_MAIN_PAGE_URL' => build_url(array('action', 'ajax', 'ext_name', 'ext_show', 'lang', 'result'))));
if ($request->variable('ajax', 0) === 1) {
// Only needed to correctly load the template.
$template->assign_var('HAS_AJAX', true);
}
}
// Detect whether this is an Ajax request - END
$original_action = $action;
switch ($action) {
case 'details':
$ext_name = $request->variable('ext_name', objects::$upload_ext_name);
$ext_show = $request->variable('ext_show', '');
load::details($ext_name, $ext_show);
break;
case 'faq':
load::details(objects::$upload_ext_name, 'faq');
break;
case 'enable':
$ext_name = $request->variable('ext_name', '');
extensions::enable($ext_name);
break;
case 'disable':
$ext_name = $request->variable('ext_name', '');
extensions::disable($ext_name);
break;
case 'purge':
$ext_name = $request->variable('ext_name', '');
// Check the link hash for the case of forced updates. An additional safety layer.
$check_link_hash = check_link_hash($request->variable('hash', ''), 'purge.' . $ext_name);
if (objects::$is_ajax && load::ajax_confirm_box(true) || $check_link_hash || confirm_box(true)) {
extensions::purge($ext_name);
} else {
if (objects::$is_ajax) {
$md_manager = objects::$phpbb_extension_manager->create_extension_metadata_manager($ext_name, objects::$template);
load::ajax_confirm_box(false, $user->lang('EXTENSION_DELETE_DATA_CONFIRM', $md_manager->get_metadata('display-name')), build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'ext_name' => $ext_name)));
} else {
$md_manager = objects::$phpbb_extension_manager->create_extension_metadata_manager($ext_name, objects::$template);
confirm_box(false, $user->lang('EXTENSION_DELETE_DATA_CONFIRM', $md_manager->get_metadata('display-name')), build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'ext_name' => $ext_name)));
}
}
break;
case 'restore_languages':
$ext_name = $request->variable('ext_name', '');
$zip_file = $request->variable('archive', '');
extensions::restore_languages($ext_name, $zip_file);
load::details($ext_name, 'details');
break;
case 'upload_language':
$lang_action = 'upload';
/* If we unpack a zip file - ensure that we work locally */
if ($request->variable('local_upload', '') != '') {
$lang_action = 'upload_local';
} else {
if (strpos($request->variable('remote_upload', ''), 'http://') === 0 || strpos($request->variable('remote_upload', ''), 'https://') === 0) {
$lang_action = 'upload_remote';
}
}
$ext_name = $request->variable('ext_name', '');
$lang_name = $request->variable('ext_lang_name', '');
if ($this->upload_lang($lang_action, $ext_name, $lang_name)) {
load::details($ext_name, 'languages');
}
break;
case 'upload':
/* If we unpack a zip file - ensure that we work locally */
if ($request->variable('local_upload', '') != '') {
$action = 'upload_local';
} else {
if (strpos($request->variable('remote_upload', ''), 'http://') === 0 || strpos($request->variable('remote_upload', ''), 'https://') === 0) {
$action = 'upload_remote';
}
}
// no break
// no break
case 'force_update':
$this->upload_ext($action);
$template->assign_vars(array('U_UPLOAD' => $this->main_link . '&action=upload', 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"'));
break;
case 'zip_packages':
if (($result = $request->variable('result', '')) == 'deleted' || $result == 'deleted1') {
$template->assign_var('EXT_ZIPS_DELETED', $user->lang('EXT_ZIP' . ($result == 'deleted' ? 'S' : '') . '_DELETE_SUCCESS'));
}
load::zip_files();
$template->assign_vars(array('S_ZIP_PACKAGES' => true, 'U_DELETE_ACTION' => objects::$u_action . "&action=delete_zip"));
break;
case 'uninstalled':
if (($result = $request->variable('result', '')) == 'deleted' || $result == 'deleted1') {
$template->assign_var('EXTS_DELETED', $user->lang('EXT' . ($result == 'deleted' ? 'S' : '') . '_DELETE_SUCCESS'));
}
extensions::list_available_exts($phpbb_extension_manager);
$template->assign_vars(array('S_UNINSTALLED' => true, 'U_DELETE_ACTION' => objects::$u_action . "&action=delete_ext"));
break;
case 'download':
$zip_name = $request->variable('zip_name', '');
$ext_name = $request->variable('ext_name', '');
if ($zip_name != '') {
$download_name = substr($zip_name, 0, -4);
// Ensure that downloads can be done only from the $zip_dir directory.
$download_name = str_replace('../', '', $download_name);
$filename = objects::$zip_dir . '/' . $download_name;
$mimetype = 'application/zip';
if (!filedownload::download_file($filename, $download_name, $mimetype)) {
redirect($this->main_link);
}
} else {
if ($ext_name != '') {
if (!extensions::download_extension($ext_name)) {
files::catch_errors($user->lang('EXT_DOWNLOAD_ERROR', $ext_name));
}
} else {
redirect($this->main_link);
}
}
break;
case 'set_config_version_check_force_unstable':
if (objects::$is_ajax && load::ajax_confirm_box(true) || confirm_box(true)) {
objects::$config->set('extension_force_unstable', true);
if (objects::$is_ajax) {
$output = new \phpbb\json_response();
$output->send(array('status' => 'success'));
} else {
objects::$template->assign_var('FORCE_UNSTABLE_UPDATED', true);
}
} else {
$force_unstable = objects::$request->variable('force_unstable', 0);
if ($force_unstable) {
$s_hidden_fields = build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'force_unstable' => $force_unstable));
if (objects::$is_ajax) {
load::ajax_confirm_box(false, objects::$user->lang('EXTENSION_FORCE_UNSTABLE_CONFIRM'), $s_hidden_fields);
} else {
confirm_box(false, objects::$user->lang('EXTENSION_FORCE_UNSTABLE_CONFIRM'), $s_hidden_fields);
}
break;
} else {
objects::$config->set('extension_force_unstable', false);
if (objects::$is_ajax) {
$output = new \phpbb\json_response();
$output->send(array('status' => 'success'));
} else {
objects::$template->assign_var('FORCE_UNSTABLE_UPDATED', true);
}
}
}
// no break
// no break
case 'list':
extensions::list_all_exts();
objects::$template->assign_vars(array('S_EXT_LIST' => true, 'U_VERSIONCHECK_FORCE' => objects::$u_action . '&action=list&versioncheck_force=1', 'FORCE_UNSTABLE' => $config['extension_force_unstable'], 'SET_FORCE_UNSTABLE' => objects::$request->variable('set_force_unstable', false), 'U_ACTION_LIST' => objects::$u_action . '&action=list'));
add_form_key('version_check_settings');
break;
case 'delete_ext':
case 'delete_zip':
$ext_name = $request->variable('ext_name', '', true);
$zip_name = $request->variable('zip_name', '', true);
$marked = $request->variable('mark', array(''), true);
$deletemark = $request->variable('delmarked', false, false, \phpbb\request\request_interface::POST);
if ($action == 'delete_ext' && $ext_name != '') {
$marked = array(0 => $ext_name);
} else {
if ($action == 'delete_zip' && $zip_name != '') {
$marked = array(0 => $zip_name);
}
}
if (sizeof($marked)) {
if ($action == 'delete_ext') {
if (confirm_box(true)) {
$no_errors = true;
foreach ($marked as $ext_number => $ext_name) {
// Ensure that we can delete extensions only in ext/ directory.
$ext_name = str_replace('.', '', $ext_name);
if (substr_count($ext_name, '/') === 1 && is_dir($phpbb_root_path . 'ext/' . $ext_name)) {
$dir = substr($ext_name, 0, strpos($ext_name, '/'));
$extensions = sizeof(glob($phpbb_root_path . 'ext/' . $dir . '/*'));
$dir = $extensions === 1 ? $dir : $ext_name;
$no_errors = files::rrmdir($phpbb_root_path . 'ext/' . $dir, true);
// No catching here.
}
}
if ($no_errors) {
if ($request->is_ajax()) {
trigger_error($user->lang('EXT' . (sizeof($marked) > 1 ? 'S' : '') . '_DELETE_SUCCESS'));
} else {
redirect(objects::$u_action . '&action=uninstalled&result=deleted' . (sizeof($marked) > 1 ? '' : '1'));
}
} else {
trigger_error($user->lang['EXT_DELETE_ERROR'] . $this->back_link, E_USER_WARNING);
}
} else {
$confirm_text = sizeof($marked) > 1 ? $user->lang('EXTENSIONS_DELETE_CONFIRM', sizeof($marked)) : $user->lang('EXTENSION_DELETE_CONFIRM', $marked[0]);
confirm_box(false, $confirm_text, build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'mark' => $marked, 'delmarked' => $deletemark)));
}
} else {
if ($action == 'delete_zip') {
if (confirm_box(true)) {
$no_errors = true;
foreach ($marked as $zip_number => $zip_name) {
// No catching here.
$no_errors = files::rrmdir(objects::$zip_dir . '/' . substr($zip_name, 0, -4) . '.zip', true);
}
if ($no_errors) {
if ($request->is_ajax()) {
trigger_error($user->lang('EXT_ZIP' . (sizeof($marked) > 1 ? 'S' : '') . '_DELETE_SUCCESS'));
} else {
redirect(objects::$u_action . '&action=zip_packages&result=deleted' . (sizeof($marked) > 1 ? '' : '1'));
}
} else {
trigger_error($user->lang['EXT_ZIP_DELETE_ERROR'] . $this->back_link, E_USER_WARNING);
}
} else {
$confirm_text = sizeof($marked) > 1 ? $user->lang('EXTENSIONS_ZIP_DELETE_CONFIRM', sizeof($marked)) : $user->lang('EXTENSION_ZIP_DELETE_CONFIRM', $marked[0]);
confirm_box(false, $confirm_text, build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'mark' => $marked, 'delmarked' => $deletemark)));
}
}
}
} else {
files::catch_errors($user->lang['EXT_DELETE_NO_FILE']);
}
break;
case 'delete_language':
$ext_name = $request->variable('ext_name', '', true);
$marked = $request->variable('mark', array(''), true);
$deletemark = $request->variable('delmarked', false, false, \phpbb\request\request_interface::POST);
if (sizeof($marked) && !empty($ext_name)) {
if (confirm_box(true)) {
$no_errors = false;
foreach ($marked as $lang_number => $lang_name) {
// Ensure that we can delete extensions only in ext/ directory.
$ext_name = str_replace('.', '', $ext_name);
$lang_name = str_replace('.', '', $lang_name);
$lang_dir = $phpbb_root_path . 'ext/' . $ext_name . '/language/' . $lang_name;
if (substr_count($ext_name, '/') === 1 && !empty($lang_name) && is_dir($lang_dir)) {
$no_errors = files::rrmdir($lang_dir, true);
// No catching here.
}
}
if ($no_errors) {
if ($request->is_ajax()) {
$result_text = $user->lang('EXT_LANGUAGE' . (sizeof($marked) > 1 ? 'S' : '') . '_DELETE_SUCCESS');
if ($ext_name === objects::$upload_ext_name && in_array(objects::$user->lang_name, $marked)) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $result_text, 'REFRESH_DATA' => array('time' => 3, 'url' => redirect(objects::$u_action . '&action=details&ext_show=languages&ajax=1', true))));
} else {
trigger_error($result_text);
}
} else {
redirect(objects::$u_action . '&action=details&ext_name=' . urlencode($ext_name) . '&ext_show=languages&result=deleted' . (sizeof($marked) > 1 ? '' : '1'));
}
} else {
trigger_error($user->lang['EXT_LANGUAGE_DELETE_ERROR'] . $this->back_link, E_USER_WARNING);
}
} else {
$confirm_text = sizeof($marked) > 1 ? $user->lang('EXT_LANGUAGES_DELETE_CONFIRM', sizeof($marked)) : $user->lang('EXT_LANGUAGE_DELETE_CONFIRM', $marked[0]);
confirm_box(false, $confirm_text, build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'ext_name' => $ext_name, 'mark' => $marked, 'delmarked' => $deletemark)));
}
} else {
files::catch_errors($user->lang['EXT_DELETE_NO_FILE']);
}
break;
case 'list_from_cdb':
objects::$template->assign_var('S_SHOW_VALID_PHPBB_EXTENSIONS', true);
$this->get_valid_extensions();
// no break
// no break
case 'main':
default:
$template->assign_vars(array('U_UPLOAD' => $this->main_link . '&action=upload', 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"'));
break;
}
if ($this->catch_errors() && objects::$is_ajax) {
$this->output_response('error', $original_action);
} else {
if (objects::$is_ajax) {
$this->output_response('success', $original_action);
}
}
}
