mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-12 09:34:54 +02:00
Code Issues Releases Wiki Activity

Issue #233 - Fixed LAN issue and added additional checks for plugins. Useful for developers also.

Browse Source
This commit is contained in:
Cameron
2013-05-04 15:42:55 -07:00
parent ea0cf34569
commit d76d4c4ef2
2 changed files with 78 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
e107_handlers/plugin_class.php
View File

@@ -2614,18 +2614,61 @@ class e107plugin
return implode(",", $p_addons);
}
function checkAddon($plugin_path, $e_xxx)
{ // Return 0 = OK, 1 = Fail, 2 = inaccessible
/**
* Check Plugin Addon for errors.
* @return array or numeric. 0 = OK, 1 = Fail, 2 = inaccessible
*/
function checkAddon($plugin_path, $e_xxx)
{
if (is_readable(e_PLUGIN.$plugin_path."/".$e_xxx.".php"))
{
$file_text = file_get_contents(e_PLUGIN.$plugin_path."/".$e_xxx.".php");
if ((substr($file_text, 0, 5) != '<'.'?php') || ((substr($file_text, -2, 2) != '?'.'>') && (strrpos($file_text, '?'.'>') !== FALSE)))
{
return 1;
}
return 0;
$content = file_get_contents(e_PLUGIN.$plugin_path."/".$e_xxx.".php");
}
return 2;
else
{
return 2;
}
if(substr($e_xxx, - 4, 4) == '_sql')
{
if(strpos($content,'INSERT INTO')!==false)
{
return array('type'=> 'error', 'msg'=>"INSERT sql commands are not permitted here. Use a ".$plugin_path."_setup.php file instead.");
}
else
{
return 0;
}
}
// Generic markup check
if ((substr($content, 0, 5) != '<'.'?php') || ((substr($content, -2, 2) != '?'.'>') && (strrpos($content, '?'.'>') !== FALSE)))
{
return 1;
}
if($e_xxx == 'e_meta' && strpos($content,'<script')!==false)
{
return array('type'=> 'warning', 'msg'=>"Contains script tags. Use e_header.php with the e107::js() function instead.");
}
if($e_xxx == 'e_latest' && strpos($content,'<div')!==false)
{
return array('type'=> 'warning', 'msg'=>"Using deprecated method. See e_latest.php in the forum plugin for an example.");
}
if($e_xxx == 'e_status' && strpos($content,'<div')!==false)
{
return array('type'=> 'warning', 'msg'=>"Using deprecated method. See e_status.php in the forum plugin for an example.");
}
return 0;
}
// Entry point to read plugin configuration data