$output .= span_fail($_lang['status_failed']); } else { $dbase = trim($_POST['dbase'], '`'); $table_prefix = $_POST['table_prefix']; $database_collation = getOption('database_collation'); $database_connection_method = $_POST['database_connection_method']; if (get_magic_quotes_gpc()) { $dbase = stripslashes($dbase); $table_prefix = stripslashes($table_prefix); $database_collation = stripslashes($database_collation); $database_connection_method = stripslashes($database_connection_method); } $dbase = modx_escape($dbase); $table_prefix = modx_escape($table_prefix); $database_collation = modx_escape($database_collation); $database_connection_method = modx_escape($database_connection_method); $tbl_site_content = "`{$dbase}`.`{$table_prefix}site_content`"; $pass = false; if (!@mysql_select_db($dbase, $conn)) { // create database if (function_exists('mysql_set_charset')) { mysql_set_charset('utf8'); } $query = "CREATE DATABASE `{$dbase}` CHARACTER SET 'utf8' COLLATE {$database_collation}"; if (!@mysql_query($query)) { $output .= span_fail($query . $_lang['status_failed_could_not_create_database']); } else { $output .= span_pass($_lang['status_passed_database_created']); $pass = true; } } elseif (@mysql_query("SELECT COUNT(id) FROM {$tbl_site_content}")) {
function getCreateDbCategory($category, $sqlParser) { $dbase = $sqlParser->dbname; $table_prefix = $sqlParser->prefix; $category_id = 0; if (!empty($category)) { $category = modx_escape($category); $rs = mysql_query("SELECT id FROM {$dbase}.`{$table_prefix}categories` WHERE category = '{$category}'"); if (mysql_num_rows($rs) && ($row = mysql_fetch_assoc($rs))) { $category_id = $row['id']; } else { $q = "INSERT INTO {$dbase}.`{$table_prefix}categories` (`category`) VALUES ('{$category}')"; $rs = mysql_query($q); if ($rs) { $category_id = mysql_insert_id(); } } } return $category_id; }
} if (in_array($k, $snippets) || $installSample) { $name = modx_escape($moduleSnippet[0]); $desc = modx_escape($moduleSnippet[1]); $filecontent = $moduleSnippet[2]; $properties = modx_escape($moduleSnippet[3]); $category = modx_escape($moduleSnippet[4]); if (!is_file($filecontent)) { echo '<p> ' . $name . ': <span class="notok">' . $_lang['unable_install_snippet'] . " '{$filecontent}' " . $_lang['not_found'] . '.</span></p>'; } else { // Create the category if it does not already exist $category = getCreateDbCategory($category, $sqlParser); $snippet = end(preg_split("@(//)?\\s*\\<\\?php@", file_get_contents($filecontent))); // remove installer docblock $snippet = preg_replace("@^.*?/\\*\\*.*?\\*/\\s+@s", '', $snippet, 1); $snippet = modx_escape($snippet); $rs = mysql_query("SELECT * FROM {$tbl_site_snippets} WHERE name='{$name}'"); if (mysql_num_rows($rs)) { $row = mysql_fetch_assoc($rs); $props = propUpdate($properties, $row['properties']); if (!@mysql_query("UPDATE {$tbl_site_snippets} SET snippet='{$snippet}', description='{$desc}', properties='{$props}' WHERE name='{$name}'")) { echo '<p>' . mysql_error() . '</p>'; return; } echo "<p> {$name}: <span class=\"ok\">" . $_lang['upgraded'] . '</span></p>'; } else { if (!@mysql_query("INSERT INTO {$tbl_site_snippets} (name,description,snippet,properties,category) VALUES('{$name}','{$desc}','{$snippet}','{$properties}',{$category})")) { echo '<p>' . mysql_error() . '</p>'; return; } echo "<p> {$name}: <span class=\"ok\">" . $_lang['installed'] . '</span></p>';