| 1 |
1361
|
Luisehahne
|
<?php
|
| 2 |
|
|
/**
|
| 3 |
|
|
*
|
| 4 |
|
|
* @category admin
|
| 5 |
|
|
* @package modules
|
| 6 |
1529
|
Luisehahne
|
* @author Ryan Djurovich, Christian Sommer, WebsiteBaker Project
|
| 7 |
1361
|
Luisehahne
|
* @copyright 2009-2011, Website Baker Org. e.V.
|
| 8 |
|
|
* @link http://www.websitebaker2.org/
|
| 9 |
|
|
* @license http://www.gnu.org/licenses/gpl.html
|
| 10 |
|
|
* @platform WebsiteBaker 2.8.x
|
| 11 |
1374
|
Luisehahne
|
* @requirements PHP 5.2.2 and higher
|
| 12 |
1361
|
Luisehahne
|
* @version $Id$
|
| 13 |
|
|
* @filesource $HeadURL$
|
| 14 |
|
|
* @lastmodified $Date$
|
| 15 |
|
|
*
|
| 16 |
|
|
*/
|
| 17 |
|
|
|
| 18 |
|
|
/**
|
| 19 |
|
|
* check if there is anything to do
|
| 20 |
|
|
*/
|
| 21 |
|
|
|
| 22 |
|
|
/**
|
| 23 |
|
|
* check if user has permissions to access this file
|
| 24 |
|
|
*/
|
| 25 |
|
|
// include WB configuration file and WB admin class
|
| 26 |
|
|
require_once('../../config.php');
|
| 27 |
|
|
|
| 28 |
2098
|
darkviper
|
$oTrans = Translate::getInstance();
|
| 29 |
|
|
$oTrans->enableAddon('admin\\modules');
|
| 30 |
|
|
|
| 31 |
1361
|
Luisehahne
|
// check user permissions for admintools (redirect users with wrong permissions)
|
| 32 |
|
|
$admin = new admin('Admintools', 'admintools', false, false);
|
| 33 |
1457
|
Luisehahne
|
|
| 34 |
|
|
if (!(isset($_POST['action']) && in_array($_POST['action'], array('install', 'upgrade', 'uninstall')))) { die(header('Location: index.php?advanced')); }
|
| 35 |
|
|
if (!(isset($_POST['file']) && $_POST['file'] != '' && (strpos($_POST['file'], '..') === false))){ die(header('Location: index.php?advanced')); }
|
| 36 |
|
|
|
| 37 |
|
|
$js_back = ADMIN_URL . '/modules/index.php?advanced';
|
| 38 |
|
|
if( !$admin->checkFTAN() )
|
| 39 |
|
|
{
|
| 40 |
|
|
$admin->print_header();
|
| 41 |
2098
|
darkviper
|
$admin->print_error($oTrans->MESSAGE_GENERIC_SECURITY_ACCESS, $js_back);
|
| 42 |
1457
|
Luisehahne
|
}
|
| 43 |
|
|
|
| 44 |
1361
|
Luisehahne
|
if ($admin->get_permission('admintools') == false) { die(header('Location: ../../index.php')); }
|
| 45 |
|
|
|
| 46 |
|
|
// check if the referer URL if available
|
| 47 |
1603
|
Luisehahne
|
$referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] :
|
| 48 |
1361
|
Luisehahne
|
(isset($HTTP_SERVER_VARS['HTTP_REFERER']) ? $HTTP_SERVER_VARS['HTTP_REFERER'] : '');
|
| 49 |
1603
|
Luisehahne
|
$referer = '';
|
| 50 |
1361
|
Luisehahne
|
// if referer is set, check if script was invoked from "admin/modules/index.php"
|
| 51 |
|
|
$required_url = ADMIN_URL . '/modules/index.php';
|
| 52 |
|
|
if ($referer != '' && (!(strpos($referer, $required_url) !== false || strpos($referer, $required_url) !== false)))
|
| 53 |
|
|
{ die(header('Location: ../../index.php')); }
|
| 54 |
|
|
|
| 55 |
|
|
// include WB functions file
|
| 56 |
|
|
require_once(WB_PATH . '/framework/functions.php');
|
| 57 |
|
|
|
| 58 |
2098
|
darkviper
|
//// load WB language file
|
| 59 |
|
|
//require_once(WB_PATH . '/languages/' . LANGUAGE .'.php');
|
| 60 |
1361
|
Luisehahne
|
|
| 61 |
|
|
// create Admin object with admin header
|
| 62 |
|
|
$admin = new admin('Addons', '', true, false);
|
| 63 |
|
|
|
| 64 |
|
|
/**
|
| 65 |
|
|
* Manually execute the specified module file (install.php, upgrade.php or uninstall.php)
|
| 66 |
|
|
*/
|
| 67 |
|
|
// check if specified module folder exists
|
| 68 |
|
|
$mod_path = WB_PATH . '/modules/' . basename(WB_PATH . '/' . $_POST['file']);
|
| 69 |
|
|
|
| 70 |
|
|
// let the old variablename if module use it
|
| 71 |
|
|
$module_dir = $mod_path;
|
| 72 |
|
|
if (!file_exists($mod_path . '/' . $_POST['action'] . '.php'))
|
| 73 |
|
|
{
|
| 74 |
1457
|
Luisehahne
|
$admin->print_header();
|
| 75 |
2098
|
darkviper
|
$admin->print_error($oTrans->TEXT_NOT_FOUND.': <tt>"'.htmlentities(basename($mod_path)).'/'.$_POST['action'].'.php"</tt> ', $js_back);
|
| 76 |
1361
|
Luisehahne
|
}
|
| 77 |
|
|
|
| 78 |
|
|
// include modules install.php script
|
| 79 |
|
|
require($mod_path . '/' . $_POST['action'] . '.php');
|
| 80 |
|
|
|
| 81 |
|
|
// load module info into database and output status message
|
| 82 |
|
|
load_module($mod_path, false);
|
| 83 |
2098
|
darkviper
|
$msg = $oTrans->TEXT_EXECUTE . ': <tt>"' . htmlentities(basename($mod_path)) . '/' . $_POST['action'] . '.php"</tt>';
|
| 84 |
1361
|
Luisehahne
|
|
| 85 |
|
|
switch ($_POST['action'])
|
| 86 |
|
|
{
|
| 87 |
|
|
case 'install':
|
| 88 |
1457
|
Luisehahne
|
// $admin->print_header();
|
| 89 |
1361
|
Luisehahne
|
$admin->print_success($msg, $js_back);
|
| 90 |
|
|
break;
|
| 91 |
|
|
|
| 92 |
|
|
case 'upgrade':
|
| 93 |
|
|
upgrade_module(basename($mod_path), false);
|
| 94 |
1457
|
Luisehahne
|
// $admin->print_header();
|
| 95 |
1361
|
Luisehahne
|
$admin->print_success($msg, $js_back);
|
| 96 |
|
|
break;
|
| 97 |
|
|
|
| 98 |
|
|
case 'uninstall':
|
| 99 |
1457
|
Luisehahne
|
// $admin->print_header();
|
| 100 |
1361
|
Luisehahne
|
$admin->print_success($msg, $js_back);
|
| 101 |
|
|
break;
|
| 102 |
|
|
}
|