Revision 1457
Added by Dietmar almost 13 years ago
| manual_install.php | ||
|---|---|---|
| 21 | 21 |
* check if there is anything to do |
| 22 | 22 |
*/ |
| 23 | 23 |
|
| 24 |
if (!(isset($_POST['action']) && in_array($_POST['action'], array('install', 'upgrade', 'uninstall')))) { die(header('Location: index.php?advanced')); }
|
|
| 25 |
if (!(isset($_POST['file']) && $_POST['file'] != '' && (strpos($_POST['file'], '..') === false))){ die(header('Location: index.php?advanced')); }
|
|
| 26 |
|
|
| 27 | 24 |
/** |
| 28 | 25 |
* check if user has permissions to access this file |
| 29 | 26 |
*/ |
| ... | ... | |
| 33 | 30 |
|
| 34 | 31 |
// check user permissions for admintools (redirect users with wrong permissions) |
| 35 | 32 |
$admin = new admin('Admintools', 'admintools', false, false);
|
| 33 |
|
|
| 34 |
if (!(isset($_POST['action']) && in_array($_POST['action'], array('install', 'upgrade', 'uninstall')))) { die(header('Location: index.php?advanced')); }
|
|
| 35 |
if (!(isset($_POST['file']) && $_POST['file'] != '' && (strpos($_POST['file'], '..') === false))){ die(header('Location: index.php?advanced')); }
|
|
| 36 |
|
|
| 37 |
$js_back = ADMIN_URL . '/modules/index.php?advanced'; |
|
| 38 |
if( !$admin->checkFTAN() ) |
|
| 39 |
{
|
|
| 40 |
$admin->print_header(); |
|
| 41 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back); |
|
| 42 |
} |
|
| 43 |
|
|
| 36 | 44 |
if ($admin->get_permission('admintools') == false) { die(header('Location: ../../index.php')); }
|
| 37 | 45 |
|
| 38 | 46 |
// check if the referer URL if available |
| ... | ... | |
| 52 | 60 |
|
| 53 | 61 |
// create Admin object with admin header |
| 54 | 62 |
$admin = new admin('Addons', '', true, false);
|
| 55 |
$js_back = ADMIN_URL . '/modules/index.php?advanced'; |
|
| 56 | 63 |
|
| 57 | 64 |
/** |
| 58 | 65 |
* Manually execute the specified module file (install.php, upgrade.php or uninstall.php) |
| ... | ... | |
| 64 | 71 |
$module_dir = $mod_path; |
| 65 | 72 |
if (!file_exists($mod_path . '/' . $_POST['action'] . '.php')) |
| 66 | 73 |
{
|
| 74 |
$admin->print_header(); |
|
| 67 | 75 |
$admin->print_error($TEXT['NOT_FOUND'].': <tt>"'.htmlentities(basename($mod_path)).'/'.$_POST['action'].'.php"</tt> ', $js_back); |
| 68 | 76 |
} |
| 69 | 77 |
|
| ... | ... | |
| 77 | 85 |
switch ($_POST['action']) |
| 78 | 86 |
{
|
| 79 | 87 |
case 'install': |
| 88 |
// $admin->print_header(); |
|
| 80 | 89 |
$admin->print_success($msg, $js_back); |
| 81 | 90 |
break; |
| 82 | 91 |
|
| 83 | 92 |
case 'upgrade': |
| 84 | 93 |
upgrade_module(basename($mod_path), false); |
| 94 |
// $admin->print_header(); |
|
| 85 | 95 |
$admin->print_success($msg, $js_back); |
| 86 | 96 |
break; |
| 87 | 97 |
|
| 88 | 98 |
case 'uninstall': |
| 99 |
// $admin->print_header(); |
|
| 89 | 100 |
$admin->print_success($msg, $js_back); |
| 90 | 101 |
break; |
| 91 | 102 |
} |
| 92 | 103 |
|
| 93 |
?> |
|
| 94 | 104 | |
Also available in: Unified diff
Preparing 2.8.2 stable, last tests