/**
* Output the response.
* @param array $data The name of the extension and the status of the process.
* The text of the error can also be provided if the status is 'error'.
*/
protected static function response(array $data)
{
if (objects::$is_ajax) {
$output = new \phpbb\json_response();
$output->send($data);
} else {
if ($data['status'] !== 'error') {
load::details($data['ext_name'], $data['status']);
} else {
files::catch_errors($data['error']);
}
}
}
/**
* The function that uploads the specified extension.
*
* @param string $action Requested action.
* @return bool
*/
public function upload_ext($action)
{
global $phpbb_root_path, $phpEx, $phpbb_log, $phpbb_extension_manager, $template, $user, $request;
$file = $this->proceed_upload($action);
if (!$file && $action != 'upload_local') {
files::catch_errors($user->lang['EXT_UPLOAD_ERROR']);
return false;
}
// What is a safe limit of execution time? Half the max execution time should be safe.
$safe_time_limit = ini_get('max_execution_time') / 2;
$start_time = time();
// We skip working with a zip file if we are enabling/restarting the extension.
if ($action != 'force_update') {
$dest_file = $this->get_dest_file($action, $file, objects::$zip_dir);
if (!$dest_file) {
files::catch_errors($user->lang['EXT_UPLOAD_ERROR']);
return false;
}
// We need to use the user ID and the time to escape from problems with simultaneous uploads.
// We suppose that one user can upload only one extension per session.
$ext_tmp = objects::$upload_ext_name . '/tmp/' . (int) $user->data['user_id'];
// Ensure that we don't have any previous files in the working directory.
if (is_dir($phpbb_root_path . 'ext/' . $ext_tmp)) {
if (!files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp))) {
if ($action != 'upload_local') {
$file->remove();
}
return false;
}
}
if (!class_exists('\\compress_zip')) {
include $phpbb_root_path . 'includes/functions_compress.' . $phpEx;
}
$zip = new \compress_zip('r', $dest_file);
$zip->extract($phpbb_root_path . 'ext/' . $ext_tmp . '/');
$zip->close();
$composery = files::getComposer($phpbb_root_path . 'ext/' . $ext_tmp);
if (!$composery) {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
if ($action != 'upload_local') {
$file->remove();
}
files::catch_errors($user->lang['ACP_UPLOAD_EXT_ERROR_COMP']);
return false;
}
$string = @file_get_contents($composery);
if ($string === false) {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
if ($action != 'upload_local') {
$file->remove();
}
files::catch_errors($user->lang['EXT_UPLOAD_ERROR']);
return false;
}
$json_a = json_decode($string, true);
$destination = isset($json_a['name']) ? $json_a['name'] : '';
$destination = str_replace('.', '', $destination);
$ext_version = isset($json_a['version']) ? $json_a['version'] : '0.0.0';
if (strpos($destination, '/') === false) {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
if ($action != 'upload_local') {
$file->remove();
}
files::catch_errors($user->lang['ACP_UPLOAD_EXT_ERROR_DEST']);
return false;
} else {
if (strpos($destination, objects::$upload_ext_name) !== false) {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
if ($action != 'upload_local') {
$file->remove();
}
files::catch_errors($user->lang['ACP_UPLOAD_EXT_ERROR_TRY_SELF']);
return false;
}
}
$display_name = isset($json_a['extra']['display-name']) ? $json_a['extra']['display-name'] : $destination;
if (!isset($json_a['type']) || $json_a['type'] != "phpbb-extension") {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
if ($action != 'upload_local') {
$file->remove();
}
files::catch_errors($user->lang['NOT_AN_EXTENSION']);
return false;
}
$source = substr($composery, 0, -14);
$source_for_check = $ext_tmp . '/' . $destination;
// At first we need to change the directory structure to something like ext/tmp/vendor/extension.
// We need it to escape from problems with dots on validation.
if ($source != $phpbb_root_path . 'ext/' . $source_for_check) {
if (!files::catch_errors(files::rcopy($source, $phpbb_root_path . 'ext/' . $source_for_check))) {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
if ($action != 'upload_local') {
$file->remove();
}
return false;
}
$source = $phpbb_root_path . 'ext/' . $source_for_check;
}
// Validate the extension to check if it can be used on the board.
$md_manager = $phpbb_extension_manager->create_extension_metadata_manager($source_for_check, $template);
try {
if ($md_manager->get_metadata() === false || $md_manager->validate_require_phpbb() === false || $md_manager->validate_require_php() === false) {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
if ($action != 'upload_local') {
$file->remove();
}
files::catch_errors($user->lang['EXTENSION_NOT_AVAILABLE']);
return false;
}
} catch (\phpbb\extension\exception $e) {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
if ($action != 'upload_local') {
$file->remove();
}
files::catch_errors($e . ' ' . $user->lang['ACP_UPLOAD_EXT_ERROR_NOT_SAVED']);
return false;
}
// Save/remove the uploaded archive file.
if ($action != 'upload_local') {
if ($request->variable('keepext', false) == false) {
$file->remove();
} else {
$display_name = str_replace(array('/', '\\'), '_', $display_name);
$ext_version = str_replace(array('/', '\\'), '_', $ext_version);
$file_base_name = substr($dest_file, 0, strrpos($dest_file, '/') + 1) . $display_name . "_" . $ext_version;
// Save this file and any other files that were uploaded with the same name.
if (@file_exists($file_base_name . ".zip")) {
$finder = 1;
while (@file_exists($file_base_name . "(" . $finder . ").zip")) {
$finder++;
}
@rename($dest_file, $file_base_name . "(" . $finder . ").zip");
} else {
@rename($dest_file, $file_base_name . ".zip");
}
}
}
// Here we can assume that all checks are done.
// Now we are able to install the uploaded extension to the correct path.
} else {
// All checks were done previously. Now we only need to restore the variables.
// We try to restore the data of the current upload.
$ext_tmp = objects::$upload_ext_name . '/tmp/' . (int) $user->data['user_id'];
if (!is_dir($phpbb_root_path . 'ext/' . $ext_tmp) || !($composery = files::getComposer($phpbb_root_path . 'ext/' . $ext_tmp)) || !($string = @file_get_contents($composery))) {
files::catch_errors($user->lang['ACP_UPLOAD_EXT_WRONG_RESTORE']);
return false;
}
$json_a = json_decode($string, true);
$destination = isset($json_a['name']) ? $json_a['name'] : '';
$destination = str_replace('.', '', $destination);
if (strpos($destination, '/') === false) {
files::catch_errors($user->lang['ACP_UPLOAD_EXT_WRONG_RESTORE']);
return false;
}
$source = substr($composery, 0, -14);
}
$made_update = false;
// Delete the previous version of extension files - we're able to update them.
if (is_dir($phpbb_root_path . 'ext/' . $destination)) {
// At first we need to disable the extension if it is enabled.
if ($phpbb_extension_manager->is_enabled($destination)) {
while ($phpbb_extension_manager->disable_step($destination)) {
// Are we approaching the time limit? If so, we want to pause the update and continue after refreshing.
if (time() - $start_time >= $safe_time_limit) {
$template->assign_var('S_NEXT_STEP', objects::$user->lang['EXTENSION_DISABLE_IN_PROGRESS']);
// No need to specify the name of the extension. We suppose that it is the one in ext/tmp/USER_ID folder.
if ($request->is_ajax()) {
$response_object = new \phpbb\json_response();
$response_object->send(array("FORCE_UPDATE" => true));
} else {
meta_refresh(0, $this->main_link . '&action=force_update');
}
return false;
}
}
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_EXT_DISABLE', time(), array($destination));
$made_update = true;
}
$old_ext_name = $destination;
if ($old_composery = files::getComposer($phpbb_root_path . 'ext/' . $destination)) {
if (!($old_string = @file_get_contents($old_composery))) {
$old_ext_name = $old_ext_name . '_' . '0.0.0';
} else {
$old_json_a = json_decode($old_string, true);
$old_display_name = isset($old_json_a['extra']['display-name']) ? $old_json_a['extra']['display-name'] : $old_ext_name;
$old_ext_version = isset($old_json_a['version']) ? $old_json_a['version'] : '0.0.0';
$old_ext_name = $old_display_name . '_' . $old_ext_version;
}
}
$dest_name = str_replace(array('/', '\\'), '_', $old_ext_name) . '_old';
$file_base_name = objects::$zip_dir . '/' . $dest_name;
// Save this file and any other files that were uploaded with the same name.
if (@file_exists($file_base_name . ".zip")) {
$finder = 1;
while (@file_exists($file_base_name . "(" . $finder . ").zip")) {
$finder++;
}
$dest_name .= "(" . $finder . ")";
}
// Save the previous version of the extension that is being updated in a zip archive file.
files::save_zip_archive('ext/' . $destination . '/', $dest_name, objects::$zip_dir);
$saved_zip_file = $dest_name . ".zip";
$saved_zip_file = $request->escape($saved_zip_file, true);
$template->assign_var('EXT_OLD_ZIP_SAVED', objects::$user->lang('EXT_SAVED_OLD_ZIP', $saved_zip_file));
// Check languages missing in the new version.
$old_langs = files::get_languages($phpbb_root_path . 'ext/' . $destination . '/language');
$new_langs = files::get_languages($source . '/language');
$old_langs = array_diff($old_langs, $new_langs);
if (sizeof($old_langs)) {
$last_lang = array_pop($old_langs);
$template->assign_vars(array('S_EXT_LANGS_RESTORE_ZIP' => urlencode($saved_zip_file), 'EXT_RESTORE_DIRECTORIES' => sizeof($old_langs) ? objects::$user->lang('EXT_RESTORE_LANGUAGES', '<strong>' . implode('</strong>, <strong>', $old_langs) . '</strong>', "<strong>{$last_lang}</strong>") : objects::$user->lang('EXT_RESTORE_LANGUAGE', "<strong>{$last_lang}</strong>")));
}
if (!files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $destination))) {
return false;
}
}
if (!files::catch_errors(files::rcopy($source, $phpbb_root_path . 'ext/' . $destination))) {
files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp));
return false;
}
// No enabling at this stage. Admins should have a chance to revise the uploaded scripts.
if (!files::catch_errors(files::rrmdir($phpbb_root_path . 'ext/' . $ext_tmp))) {
return false;
}
load::details($destination, $made_update ? 'updated' : 'uploaded');
return true;
}
