mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-01 20:30:39 +02:00
Code Issues Releases Wiki Activity

Prevent plugins without an admin url from displaying in admin navigation. And disallow 'theme' as a plugin name.

Browse Source
This commit is contained in:
Cameron
2012-11-27 23:03:17 -08:00
parent eb8cf3179f
commit 2986dd62be
2 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
e107_core/shortcodes/batch/admin_shortcodes.php
View File

@@ -1307,14 +1307,22 @@ class admin_shortcodes
{ {
while($row = $sql->db_Fetch()) while($row = $sql->db_Fetch())
{ {
if($plug->parse_plugin($row['plugin_path'])) if($plug->parse_plugin($row['plugin_path']))
{ {
$plug_vars = $plug->plug_vars; $plug_vars = $plug->plug_vars;
if($row['plugin_path']=='tinymce')
{
// print_a($plug_vars);
}
e107::loadLanFiles($row['plugin_path'], 'admin'); e107::loadLanFiles($row['plugin_path'], 'admin');
if(varset($plug_vars['adminLinks']['link'])) if(varset($plug_vars['adminLinks']['link']))
{ {
if($row['plugin_category'] == 'menu') if($row['plugin_category'] == 'menu' || !vartrue($plug_vars['adminLinks']['link'][0]['@attributes']['url']))
{ {
continue; continue;
} }

13
e107_handlers/plugin_class.php
View File

@@ -58,6 +58,11 @@ class e107plugin
'e_featurebox' 'e_featurebox'
); );
var $disAllowed = array(
'theme'
);
// List of all plugin variables which need to be checked - install required if one or more set and non-empty // List of all plugin variables which need to be checked - install required if one or more set and non-empty
// Deprecated in 0.8 (used in plugin.php only). Probably delete in 0.9 // Deprecated in 0.8 (used in plugin.php only). Probably delete in 0.9
var $all_eplug_install_variables = array( var $all_eplug_install_variables = array(
@@ -181,6 +186,14 @@ class e107plugin
$mes->add("Folder error: <i>{$p['path']}</i>. 'e107_' is not permitted within plugin folder names.", E_MESSAGE_WARNING); $mes->add("Folder error: <i>{$p['path']}</i>. 'e107_' is not permitted within plugin folder names.", E_MESSAGE_WARNING);
continue; continue;
} }
if(in_array($path,$this->disAllowed))
{
$mes->addWarning("Folder error: <i>{$p['path']}</i> is not permitted as an acceptable folder name.");
continue;
}
$plug['plug_action'] = 'scan'; // Make sure plugin.php knows what we're up to $plug['plug_action'] = 'scan'; // Make sure plugin.php knows what we're up to
if (!$this->parse_plugin($p['path'])) if (!$this->parse_plugin($p['path']))