Revision 1457
Added by Dietmar almost 13 years ago
manual_install.php | ||
---|---|---|
21 | 21 |
* check if there is anything to do |
22 | 22 |
*/ |
23 | 23 |
|
24 |
if (!(isset($_POST['action']) && in_array($_POST['action'], array('install', 'upgrade', 'uninstall')))) { die(header('Location: index.php?advanced')); } |
|
25 |
if (!(isset($_POST['file']) && $_POST['file'] != '' && (strpos($_POST['file'], '..') === false))){ die(header('Location: index.php?advanced')); } |
|
26 |
|
|
27 | 24 |
/** |
28 | 25 |
* check if user has permissions to access this file |
29 | 26 |
*/ |
... | ... | |
33 | 30 |
|
34 | 31 |
// check user permissions for admintools (redirect users with wrong permissions) |
35 | 32 |
$admin = new admin('Admintools', 'admintools', false, false); |
33 |
|
|
34 |
if (!(isset($_POST['action']) && in_array($_POST['action'], array('install', 'upgrade', 'uninstall')))) { die(header('Location: index.php?advanced')); } |
|
35 |
if (!(isset($_POST['file']) && $_POST['file'] != '' && (strpos($_POST['file'], '..') === false))){ die(header('Location: index.php?advanced')); } |
|
36 |
|
|
37 |
$js_back = ADMIN_URL . '/modules/index.php?advanced'; |
|
38 |
if( !$admin->checkFTAN() ) |
|
39 |
{ |
|
40 |
$admin->print_header(); |
|
41 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back); |
|
42 |
} |
|
43 |
|
|
36 | 44 |
if ($admin->get_permission('admintools') == false) { die(header('Location: ../../index.php')); } |
37 | 45 |
|
38 | 46 |
// check if the referer URL if available |
... | ... | |
52 | 60 |
|
53 | 61 |
// create Admin object with admin header |
54 | 62 |
$admin = new admin('Addons', '', true, false); |
55 |
$js_back = ADMIN_URL . '/modules/index.php?advanced'; |
|
56 | 63 |
|
57 | 64 |
/** |
58 | 65 |
* Manually execute the specified module file (install.php, upgrade.php or uninstall.php) |
... | ... | |
64 | 71 |
$module_dir = $mod_path; |
65 | 72 |
if (!file_exists($mod_path . '/' . $_POST['action'] . '.php')) |
66 | 73 |
{ |
74 |
$admin->print_header(); |
|
67 | 75 |
$admin->print_error($TEXT['NOT_FOUND'].': <tt>"'.htmlentities(basename($mod_path)).'/'.$_POST['action'].'.php"</tt> ', $js_back); |
68 | 76 |
} |
69 | 77 |
|
... | ... | |
77 | 85 |
switch ($_POST['action']) |
78 | 86 |
{ |
79 | 87 |
case 'install': |
88 |
// $admin->print_header(); |
|
80 | 89 |
$admin->print_success($msg, $js_back); |
81 | 90 |
break; |
82 | 91 |
|
83 | 92 |
case 'upgrade': |
84 | 93 |
upgrade_module(basename($mod_path), false); |
94 |
// $admin->print_header(); |
|
85 | 95 |
$admin->print_success($msg, $js_back); |
86 | 96 |
break; |
87 | 97 |
|
88 | 98 |
case 'uninstall': |
99 |
// $admin->print_header(); |
|
89 | 100 |
$admin->print_success($msg, $js_back); |
90 | 101 |
break; |
91 | 102 |
} |
92 | 103 |
|
93 |
?> |
|
94 | 104 |
Also available in: Unified diff
Preparing 2.8.2 stable, last tests