/** * The function that uploads the specified extension. * * @param string $action Requested action. * @return bool */ public function upload_ext($action) { global $phpbb_root_path, $phpEx, $phpbb_log, $phpbb_extension_manager, $template, $user, $request; $file = $this->proceed_upload($action); if (!$file && $action != 'upload_local') { files::catch_errors($user->lang['EXT_UPLOAD_ERROR']); return false; } // What is a safe limit of execution time? Half the max execution time should be safe. $safe_time_limit = ini_get('max_execution_time') / 2; $start_time = time(); // We skip working with a zip file if we are enabling/restarting the extension. if ($action != 'force_update') { $dest_file = $this->get_dest_file($action, $file, objects::$zip_dir); if (!$dest_file) { files::catch_errors($user->lang['EXT_UPLOAD_ERROR']); return false; } // We need to use the user ID and the time to escape from problems with simultaneous uploads. // We suppose that one user can upload only one extension per session. $ext_tmp = objects::$upload_ext_name . '/tmp/' . (int) $user->data['user_id']; // Ensure that we don't have any previous files in the working directory. if (is_dir($phpbb_root_path . 'ext/' . $ext_tmp)) { if (!files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp))) { if ($action != 'upload_local') { $file->remove(); } return false; } } if (!class_exists('\\compress_zip')) { include $phpbb_root_path . 'includes/functions_compress.' . $phpEx; } $zip = new \compress_zip('r', $dest_file); $zip->extract($phpbb_root_path . 'ext/' . $ext_tmp . '/'); $zip->close(); $composery = files::getComposer($phpbb_root_path . 'ext/' . $ext_tmp); if (!$composery) { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); if ($action != 'upload_local') { $file->remove(); } files::catch_errors($user->lang['ACP_UPLOAD_EXT_ERROR_COMP']); return false; } $string = @file_get_contents($composery); if ($string === false) { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); if ($action != 'upload_local') { $file->remove(); } files::catch_errors($user->lang['EXT_UPLOAD_ERROR']); return false; } $json_a = json_decode($string, true); $destination = isset($json_a['name']) ? $json_a['name'] : ''; $destination = str_replace('.', '', $destination); $ext_version = isset($json_a['version']) ? $json_a['version'] : '0.0.0'; if (strpos($destination, '/') === false) { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); if ($action != 'upload_local') { $file->remove(); } files::catch_errors($user->lang['ACP_UPLOAD_EXT_ERROR_DEST']); return false; } else { if (strpos($destination, objects::$upload_ext_name) !== false) { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); if ($action != 'upload_local') { $file->remove(); } files::catch_errors($user->lang['ACP_UPLOAD_EXT_ERROR_TRY_SELF']); return false; } } $display_name = isset($json_a['extra']['display-name']) ? $json_a['extra']['display-name'] : $destination; if (!isset($json_a['type']) || $json_a['type'] != "phpbb-extension") { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); if ($action != 'upload_local') { $file->remove(); } files::catch_errors($user->lang['NOT_AN_EXTENSION']); return false; } $source = substr($composery, 0, -14); $source_for_check = $ext_tmp . '/' . $destination; // At first we need to change the directory structure to something like ext/tmp/vendor/extension. // We need it to escape from problems with dots on validation. if ($source != $phpbb_root_path . 'ext/' . $source_for_check) { if (!files::catch_errors(files::rcopy($source, $phpbb_root_path . 'ext/' . $source_for_check))) { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); if ($action != 'upload_local') { $file->remove(); } return false; } $source = $phpbb_root_path . 'ext/' . $source_for_check; } // Validate the extension to check if it can be used on the board. $md_manager = $phpbb_extension_manager->create_extension_metadata_manager($source_for_check, $template); try { if ($md_manager->get_metadata() === false || $md_manager->validate_require_phpbb() === false || $md_manager->validate_require_php() === false) { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); if ($action != 'upload_local') { $file->remove(); } files::catch_errors($user->lang['EXTENSION_NOT_AVAILABLE']); return false; } } catch (\phpbb\extension\exception $e) { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); if ($action != 'upload_local') { $file->remove(); } files::catch_errors($e . ' ' . $user->lang['ACP_UPLOAD_EXT_ERROR_NOT_SAVED']); return false; } // Save/remove the uploaded archive file. if ($action != 'upload_local') { if ($request->variable('keepext', false) == false) { $file->remove(); } else { $display_name = str_replace(array('/', '\\'), '_', $display_name); $ext_version = str_replace(array('/', '\\'), '_', $ext_version); $file_base_name = substr($dest_file, 0, strrpos($dest_file, '/') + 1) . $display_name . "_" . $ext_version; // Save this file and any other files that were uploaded with the same name. if (@file_exists($file_base_name . ".zip")) { $finder = 1; while (@file_exists($file_base_name . "(" . $finder . ").zip")) { $finder++; } @rename($dest_file, $file_base_name . "(" . $finder . ").zip"); } else { @rename($dest_file, $file_base_name . ".zip"); } } } // Here we can assume that all checks are done. // Now we are able to install the uploaded extension to the correct path. } else { // All checks were done previously. Now we only need to restore the variables. // We try to restore the data of the current upload. $ext_tmp = objects::$upload_ext_name . '/tmp/' . (int) $user->data['user_id']; if (!is_dir($phpbb_root_path . 'ext/' . $ext_tmp) || !($composery = files::getComposer($phpbb_root_path . 'ext/' . $ext_tmp)) || !($string = @file_get_contents($composery))) { files::catch_errors($user->lang['ACP_UPLOAD_EXT_WRONG_RESTORE']); return false; } $json_a = json_decode($string, true); $destination = isset($json_a['name']) ? $json_a['name'] : ''; $destination = str_replace('.', '', $destination); if (strpos($destination, '/') === false) { files::catch_errors($user->lang['ACP_UPLOAD_EXT_WRONG_RESTORE']); return false; } $source = substr($composery, 0, -14); } $made_update = false; // Delete the previous version of extension files - we're able to update them. if (is_dir($phpbb_root_path . 'ext/' . $destination)) { // At first we need to disable the extension if it is enabled. if ($phpbb_extension_manager->is_enabled($destination)) { while ($phpbb_extension_manager->disable_step($destination)) { // Are we approaching the time limit? If so, we want to pause the update and continue after refreshing. if (time() - $start_time >= $safe_time_limit) { $template->assign_var('S_NEXT_STEP', objects::$user->lang['EXTENSION_DISABLE_IN_PROGRESS']); // No need to specify the name of the extension. We suppose that it is the one in ext/tmp/USER_ID folder. if ($request->is_ajax()) { $response_object = new \phpbb\json_response(); $response_object->send(array("FORCE_UPDATE" => true)); } else { meta_refresh(0, $this->main_link . '&action=force_update'); } return false; } } $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_EXT_DISABLE', time(), array($destination)); $made_update = true; } $old_ext_name = $destination; if ($old_composery = files::getComposer($phpbb_root_path . 'ext/' . $destination)) { if (!($old_string = @file_get_contents($old_composery))) { $old_ext_name = $old_ext_name . '_' . '0.0.0'; } else { $old_json_a = json_decode($old_string, true); $old_display_name = isset($old_json_a['extra']['display-name']) ? $old_json_a['extra']['display-name'] : $old_ext_name; $old_ext_version = isset($old_json_a['version']) ? $old_json_a['version'] : '0.0.0'; $old_ext_name = $old_display_name . '_' . $old_ext_version; } } $dest_name = str_replace(array('/', '\\'), '_', $old_ext_name) . '_old'; $file_base_name = objects::$zip_dir . '/' . $dest_name; // Save this file and any other files that were uploaded with the same name. if (@file_exists($file_base_name . ".zip")) { $finder = 1; while (@file_exists($file_base_name . "(" . $finder . ").zip")) { $finder++; } $dest_name .= "(" . $finder . ")"; } // Save the previous version of the extension that is being updated in a zip archive file. files::save_zip_archive('ext/' . $destination . '/', $dest_name, objects::$zip_dir); $saved_zip_file = $dest_name . ".zip"; $saved_zip_file = $request->escape($saved_zip_file, true); $template->assign_var('EXT_OLD_ZIP_SAVED', objects::$user->lang('EXT_SAVED_OLD_ZIP', $saved_zip_file)); // Check languages missing in the new version. $old_langs = files::get_languages($phpbb_root_path . 'ext/' . $destination . '/language'); $new_langs = files::get_languages($source . '/language'); $old_langs = array_diff($old_langs, $new_langs); if (sizeof($old_langs)) { $last_lang = array_pop($old_langs); $template->assign_vars(array('S_EXT_LANGS_RESTORE_ZIP' => urlencode($saved_zip_file), 'EXT_RESTORE_DIRECTORIES' => sizeof($old_langs) ? objects::$user->lang('EXT_RESTORE_LANGUAGES', '<strong>' . implode('</strong>, <strong>', $old_langs) . '</strong>', "<strong>{$last_lang}</strong>") : objects::$user->lang('EXT_RESTORE_LANGUAGE', "<strong>{$last_lang}</strong>"))); } if (!files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $destination))) { return false; } } if (!files::catch_errors(files::rcopy($source, $phpbb_root_path . 'ext/' . $destination))) { files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)); return false; } // No enabling at this stage. Admins should have a chance to revise the uploaded scripts. if (!files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp))) { return false; } load::details($destination, $made_update ? 'updated' : 'uploaded'); return true; }
/** * Gets missing language directories for an extension from a specified zip file. * @param string $ext_name The name of the extension. * @param string $zip_file The name of zip file. * @return null|bool */ public static function restore_languages($ext_name, $zip_file) { $ext_tmp = objects::$phpbb_root_path . 'ext/' . objects::$upload_ext_name . '/tmp/' . (int) objects::$user->data['user_id']; // Ensure that we don't have any previous files in the working directory. if (is_dir($ext_tmp)) { if (!files::catch_errors(files::rrmdir($ext_tmp))) { files::catch_errors(objects::$user->lang['ERROR_DIRECTORIES_NOT_RESTORED']); return false; } } if (!class_exists('\\compress_zip')) { include objects::$phpbb_root_path . 'includes/functions_compress.' . objects::$phpEx; } $zip = new \compress_zip('r', objects::$zip_dir . '/' . $zip_file); $zip->extract($ext_tmp . '/'); $zip->close(); $composery = files::getComposer($ext_tmp); if (!$composery) { files::catch_errors(files::rrmdir($ext_tmp)); files::catch_errors(objects::$user->lang['ERROR_ZIP_NO_COMPOSER']); files::catch_errors(objects::$user->lang['ERROR_DIRECTORIES_NOT_RESTORED']); return false; } $source = substr($composery, 0, -14); // Check languages missing in the new version. $ext_path = objects::$phpbb_root_path . 'ext/' . $ext_name; $old_langs = files::get_languages($source . '/language'); $new_langs = files::get_languages($ext_path . '/language'); $old_langs = array_diff($old_langs, $new_langs); if (sizeof($old_langs)) { foreach ($old_langs as $lang) { files::catch_errors(files::rcopy($source . '/language/' . $lang, $ext_path . '/language/' . $lang)); } objects::$template->assign_var('EXT_LANGUAGES_RESTORED', true); } files::catch_errors(files::rrmdir($ext_tmp)); }
/** * The function that displays the details page. * @param string $ext_name The name of the extension. * @param string $ext_show The section that we need to display. */ public static function details($ext_name, $ext_show) { if (!$ext_name) { redirect(objects::$u_action . '&action=list'); } $show_lang_page = false; $load_full_page = objects::$request->variable('ajax', 0) === 1; // If they've specified an extension, let's load the metadata manager and validate it. if ($ext_name !== objects::$upload_ext_name) { $ext_md_manager = new \phpbb\extension\metadata_manager($ext_name, objects::$config, objects::$phpbb_extension_manager, objects::$template, objects::$user, objects::$phpbb_root_path); try { $ext_md_manager->get_metadata('all'); $ext_name = $ext_md_manager->get_metadata('name'); // Just to be sure of the name. $display_name = $ext_md_manager->get_metadata('display-name'); // Output it to the template $ext_md_manager->output_template_data(); try { $updates_available = extensions::version_check($ext_md_manager, objects::$request->variable('versioncheck_force', false)); objects::$template->assign_vars(array('S_UP_TO_DATE' => empty($updates_available), 'S_VERSIONCHECK' => true, 'UP_TO_DATE_MSG' => objects::$user->lang(empty($updates_available) ? 'UP_TO_DATE' : 'NOT_UP_TO_DATE', $ext_md_manager->get_metadata('display-name')))); foreach ($updates_available as $branch => $version_data) { objects::$template->assign_block_vars('updates_available', $version_data); } } catch (\RuntimeException $e) { objects::$template->assign_vars(array('S_VERSIONCHECK_STATUS' => $e->getCode(), 'VERSIONCHECK_FAIL_REASON' => $e->getMessage() !== objects::$user->lang('VERSIONCHECK_FAIL') ? $e->getMessage() : '')); } } catch (\phpbb\extension\exception $e) { // Display errors in the details tab. objects::$template->assign_vars(array('META_NAME' => $ext_name, 'NOT_AVAILABLE' => $e)); $display_name = $ext_name; } objects::$template->assign_vars(array('S_IS_ENABLED' => objects::$phpbb_extension_manager->is_enabled($ext_name), 'S_IS_DISABLED' => objects::$phpbb_extension_manager->is_disabled($ext_name))); if (!objects::$is_ajax) { objects::$template->assign_var('S_DETAILS', true); // We output everything if required. if ($load_full_page) { $ext_show = 'readme'; } } } else { $display_name = objects::$md_manager->get_metadata('display-name'); objects::$md_manager->output_template_data(); // Output update link to the template if Upload Extensions Updater is installed and updates are available. updater::set_update_link(); // We output everything if this is an ajax request or if we load languages page for Upload Extensions. if ($ext_show == 'languages' && $load_full_page) { objects::$template->assign_var('S_EXT_DETAILS_SHOW_LANGUAGES', "true"); // "true" is the specially handled text $show_lang_page = true; $ext_show = 'readme'; } if (objects::$is_ajax || $ext_show == 'faq' || $load_full_page) { objects::$user->add_lang_ext('boardtools/upload', 'upload', false, true); $faq_sections = 0; foreach (objects::$user->help as $help_ary) { if ($help_ary[0] == '--') { $faq_sections++; objects::$template->assign_block_vars('upload_ext_faq_block', array('BLOCK_TITLE' => $help_ary[1], 'SECTION_NUMBER' => $faq_sections)); continue; } objects::$template->assign_block_vars('upload_ext_faq_block.faq_row', array('FAQ_QUESTION' => $help_ary[0], 'FAQ_ANSWER' => $help_ary[1])); } if (!objects::$is_ajax && !$show_lang_page) { objects::$template->assign_vars(array('SHOW_DETAILS_TAB' => 'faq')); } if ($ext_show == 'faq') { objects::$template->assign_var('S_EXT_DETAILS_SHOW_FAQ', "true"); // "true" is the specially handled text } } if (!objects::$is_ajax) { objects::$template->assign_var('S_UPLOAD_DETAILS', true); // We output everything if required. if ($load_full_page) { $ext_show = 'readme'; } } else { objects::$tpl_name = 'acp_ext_details'; } } if (file_exists(objects::$phpbb_root_path . 'ext/' . $ext_name . '/README.md') && !objects::$request->is_ajax()) { objects::$template->assign_var('EXT_DETAILS_README', true); } if (file_exists(objects::$phpbb_root_path . 'ext/' . $ext_name . '/CHANGELOG.md') && !objects::$request->is_ajax()) { objects::$template->assign_var('EXT_DETAILS_CHANGELOG', true); } switch ($ext_show) { case 'uploaded': objects::$template->assign_var('EXT_UPLOADED', true); break; case 'updated': objects::$template->assign_var('EXT_UPDATED', true); break; case 'enabled': objects::$template->assign_var('EXT_ENABLE_STATUS', objects::$user->lang['EXT_ENABLED']); break; case 'disabled': objects::$template->assign_var('EXT_ENABLE_STATUS', objects::$user->lang['EXT_DISABLED']); break; case 'purged': objects::$template->assign_var('EXT_ENABLE_STATUS', objects::$user->lang['EXT_PURGED']); break; case 'update': objects::$template->assign_vars(array('EXT_DETAILS_UPDATE' => true, 'SHOW_DETAILS_TAB' => 'update')); break; } // We output everything if this is an ajax request or if we load languages page for Upload Extensions. if (objects::$is_ajax) { if ($ext_show == 'languages') { objects::$template->assign_var('S_EXT_DETAILS_SHOW_LANGUAGES', "true"); // "true" is the specially handled text } $ext_show = 'readme'; } switch ($ext_show) { case 'faq': case 'update': break; case 'readme': $string = @file_get_contents(objects::$phpbb_root_path . 'ext/' . $ext_name . '/README.md'); if ($string !== false) { $readme = \Michelf\MarkdownExtra::defaultTransform($string); if (!objects::$is_ajax && !$load_full_page) { objects::$template->assign_vars(array('SHOW_DETAILS_TAB' => 'readme', 'EXT_DETAILS_MARKDOWN' => $readme)); } else { objects::$template->assign_var('EXT_DETAILS_README', $readme); } } if (!objects::$is_ajax && !$load_full_page) { break; } case 'changelog': $string = @file_get_contents(objects::$phpbb_root_path . 'ext/' . $ext_name . '/CHANGELOG.md'); if ($string !== false) { $changelog = \Michelf\MarkdownExtra::defaultTransform($string); if (!objects::$is_ajax && !$load_full_page) { objects::$template->assign_vars(array('SHOW_DETAILS_TAB' => 'changelog', 'EXT_DETAILS_MARKDOWN' => $changelog)); } else { objects::$template->assign_var('EXT_DETAILS_CHANGELOG', $changelog); } } if (!objects::$is_ajax && !$load_full_page) { break; } case 'languages': if (($result = objects::$request->variable('result', '')) == 'deleted' || $result == 'deleted1') { objects::$template->assign_var('EXT_LANGUAGE_UPLOADED', objects::$user->lang('EXT_LANGUAGE' . ($result == 'deleted' ? 'S' : '') . '_DELETE_SUCCESS')); } else { if ($result == 'language_uploaded') { $load_lang = objects::$request->variable('lang', ''); objects::$template->assign_vars(array('EXT_LOAD_LANG' => $load_lang, 'EXT_LANGUAGE_UPLOADED' => objects::$user->lang('EXT_LANGUAGE_UPLOADED', $load_lang))); } } $language_directory = objects::$phpbb_root_path . 'ext/' . $ext_name . '/language'; $langs = files::get_languages($language_directory); $default_lang = in_array(objects::$config['default_lang'], $langs) ? objects::$config['default_lang'] : 'en'; foreach ($langs as $lang) { $lang_info = languages::details($language_directory, $lang); objects::$template->assign_block_vars('ext_languages', array('NAME' => $lang_info['name'] . ($lang === $default_lang ? ' (' . objects::$user->lang('DEFAULT') . ')' : ''))); } objects::$template->assign_vars(array('EXT_DETAILS_LANGUAGES' => true)); if (!objects::$is_ajax && (!$load_full_page || $show_lang_page)) { objects::$template->assign_var('SHOW_DETAILS_TAB', 'languages'); if (!$load_full_page) { break; } } case 'filetree': filetree::$ext_name = $ext_name; $ext_file = objects::$request->variable('ext_file', '/composer.json'); objects::$template->assign_vars(array('EXT_DETAILS_FILETREE' => true, 'FILETREE' => filetree::php_file_tree(objects::$phpbb_root_path . 'ext/' . $ext_name, objects::$user->lang('ACP_UPLOAD_EXT_CONT', $display_name), objects::$u_action), 'FILENAME' => substr($ext_file, strrpos($ext_file, '/') + 1), 'CONTENT' => highlight_string(@file_get_contents(objects::$phpbb_root_path . 'ext/' . $ext_name . $ext_file), true))); if (!objects::$is_ajax && !$load_full_page) { objects::$template->assign_var('SHOW_DETAILS_TAB', 'filetree'); break; } case 'tools': objects::$template->assign_vars(array('EXT_DETAILS_TOOLS' => true)); if (!objects::$is_ajax && !$load_full_page) { objects::$template->assign_var('SHOW_DETAILS_TAB', 'tools'); break; } default: if (!$show_lang_page) { objects::$template->assign_vars(array('SHOW_DETAILS_TAB' => 'details')); } break; } objects::$template->assign_vars(array('U_ACTION_LIST' => objects::$u_action . '&action=list', 'U_UPLOAD' => objects::$u_action . '&action=upload_language', 'U_DELETE_ACTION' => objects::$u_action . '&action=delete_language&ext_name=' . urlencode($ext_name), 'U_BACK' => objects::$u_action . '&action=list', 'U_EXT_DETAILS' => objects::$u_action . '&action=details&ext_name=' . urlencode($ext_name), 'U_VERSIONCHECK_FORCE' => objects::$u_action . '&action=details&versioncheck_force=1&ext_name=' . urlencode($ext_name), 'UPDATE_EXT_PURGE_DATA' => objects::$user->lang('EXTENSION_DELETE_DATA_CONFIRM', $display_name), 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"', 'S_LOAD_FULL_PAGE' => $load_full_page)); }