PageRenderTime 59ms CodeModel.GetById 25ms RepoModel.GetById 1ms app.codeStats 0ms

/inc/mod_old/modules.inc.php

https://gitlab.com/dddudeman/Haruko
PHP | 773 lines | 738 code | 0 blank | 35 comment | 1 complexity | 86a19b2ca5154493eeaad15e5ec4c0f1 MD5 | raw file
Possible License(s): BSD-3-Clause, WTFPL 
    

  1. <?php
    2. 

  2. if (!defined("IN_MOD"))
    3. 

  3. {
    4. 

  4. 	die("Nah, I won't serve that file to you.");
    5. 

  5. }
    6. 

  6. $mitsuba->admin->reqPermission("modules.view");
    7. 

  7. 		$search = "";
    8. 

  8. 		$replace = "";
    9. 

  9. 		
    10. 

  10. 		if ((!empty($_GET['cfg'])) && ($_GET['cfg'] == 1) && (!empty($_GET['n'])))
    11. 

  11. 		{
    12. 

  12. 			$mitsuba->admin->reqPermission("modules.config");
    13. 

  13. 

  14. 			$result = $conn->query("SELECT * FROM modules WHERE namespace='".$conn->real_escape_string($_GET['n'])."';");
    15. 

  15. 			if ($result->num_rows != 1)
    16. 

  16. 			{
    17. 

  17. 				echo "<b style='color: red;'>".$lang['mod/module_not_installed']."</b>";
    18. 

  18. 			} else {
    19. 

  19. 				$dir = "./modules/".$_GET['n'];
    20. 

  20. 				include($dir."/install.php");
    21. 

  21. 				$installer = new $json->install_class($conn, $mitsuba);
    22. 

  22. 				$installer->uninstall();
    23. 

  23. 				exit;
    24. 

  24. 			}
    25. 

  25. 		}
    26. 

  26. 

  27. 		if ((!empty($_POST['mode'])) && ($_POST['mode'] == "upload"))
    28. 

  28. 		{
    29. 

  29. 			$mitsuba->admin->reqPermission("modules.upload");
    30. 

  30. 			$mitsuba->admin->ui->checkToken($_POST['token']);
    31. 

  31. 			if (empty($_FILES['upfile']['tmp_name']))
    32. 

  32. 			{
    33. 

  33. 				echo "<b style='color: red;'>".$lang['mod/no_file']."</b>";
    34. 

  34. 			} else {
    35. 

  35. 				$filename = strtolower(preg_replace('/[^a-zA-Z0-9_ %\[\]\.\(\)%&-]/s', '', $_FILES['upfile']['name']));
    36. 

  36. 				//Zip file checks
    37. 

  37. 				$tmpname = $_FILES['upfile']['tmp_name'];
    38. 

  38. 				$zip = new ZipArchive();
    39. 

  39. 				if ($zip->open($tmpname) !== TRUE) {
    40. 

  40. 					echo "<b style='color: red;'>".$lang['mod/no_file']."</b>";
    41. 

  41. 				} elseif (is_null($zip->locateName("module.json")))
    42. 

  42. 				{
    43. 

  43. 					echo "<b style='color: red;'>".$lang['mod/invalid_module']."</b>";	
    44. 

  44. 				} elseif ((is_null($zip->locateName("install.php"))) || (is_null($zip->locateName("config.php")))) //Does the archive contain install.php and config.php?
    45. 

  45. 				{
    46. 

  46. 					echo "<b style='color: red;'>".$lang['mod/invalid_module']."</b>";	
    47. 

  47. 				} else {
    48. 

  48. 					//Is the JSON valid?
    49. 

  49. 					$json = json_decode($zip->getFromIndex($zip->locateName("module.json")));
    50. 

  50. 					if (is_null($json))
    51. 

  51. 					{
    52. 

  52. 						echo "<b style='color: red;'>".$lang['mod/invalid_module']."</b>";	
    53. 

  53. 					} elseif ((empty($json->name)) || (empty($json->namespace)) || (empty($json->description)) || (empty($json->author)) || (empty($json->version)) || (empty($json->install_class)) || (empty($json->config_class)))
    54. 

  54. 					{
    55. 

  55. 						echo "<b style='color: red;'>".$lang['mod/invalid_module']."</b>";	
    56. 

  56. 					} elseif (is_dir("./modules/".$json->namespace."/")) {
    57. 

  57. 						echo "<b style='color: red;'>".sprintf($lang['mod/module_dir_exists'], $json->namespace)."</b>";	
    58. 

  58. 					} else {
    59. 

  59. 						mkdir("./modules/".$json->namespace);
    60. 

  60. 						$zip->extractTo("./modules/".$json->namespace."/");
    61. 

  61. 						echo "<b style='color: green;'>".$lang['mod/module_uploaded']."</b>";
    62. 

  62. 					}
    63. 

  63. 				}
    64. 

  64. 				$zip->close();
    65. 

  65. 			}
    66. 

  66. 		}
    67. 

  67. 		
    68. 

  68. 		
    69. 

  69. 		if ((!empty($_GET['ins'])) && ($_GET['ins'] == 1) && (!empty($_GET['n'])))
    70. 

  70. 		{
    71. 

  71. 			$mitsuba->admin->reqPermission("modules.install");
    72. 

  72. 			$result = $conn->query("SELECT * FROM modules WHERE namespace='".$conn->real_escape_string($_GET['n'])."';");
    73. 

  73. 			if ($result->num_rows == 1)
    74. 

  74. 			{
    75. 

  75. 				echo "<b style='color: red;'>".$lang['mod/module_already_installed']."</b>";
    76. 

  76. 			} else {
    77. 

  77. 				$dir = "./modules/".$_GET['n'];
    78. 

  78. 				//Validate JSON
    79. 

  79. 				if ((is_dir($dir)) &&(file_exists($dir."/module.json")) && (file_exists($dir."/install.php")) && (file_exists($dir."/config.php")))
    80. 

  80. 				{
    81. 

  81. 					$json = json_decode(file_get_contents($dir."/module.json"));
    82. 

  82. 					if ((!is_null($json)) && (!empty($json->name)) && (!empty($json->namespace)) && (!empty($json->description)) && (!empty($json->author)) && (!empty($json->version)) && (!empty($json->install_class)) && (!empty($json->config_class)))
    83. 

  83. 					{
    84. 

  84. 						//We can haz module!
    85. 

  85. 						$continue = 1;
    86. 

  86. 

  87. 						//Check post fields
    88. 

  88. 						if ($continue)
    89. 

  89. 						{
    90. 

  90. 							if ((!empty($json->new_post_fields)) && (is_array($json->new_post_fields)))
    91. 

  91. 							{
    92. 

  92. 								$all_fields = $conn->query("SHOW COLUMNS FROM posts;");
    93. 

  93. 								$fields = array();
    94. 

  94. 								while ($row = $all_fields->fetch_assoc())
    95. 

  95. 								{
    96. 

  96. 									$fields[$row['Field']] = 1;
    97. 

  97. 								}
    98. 

  98. 								foreach ($json->new_post_fields as $field) {
    99. 

  99. 									if (!empty($fields[$field->name]))
    100. 

  100. 									{
    101. 

  101. 										//We haz a conflicting field o_O
    102. 

  102. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].sprintf($lang['mod/module_post_field_conflict'], $field->name)."</b>";
    103. 

  103. 										$continue = 0;
    104. 

  104. 										break;
    105. 

  105. 									}
    106. 

  106. 								}
    107. 

  107. 							}
    108. 

  108. 						}
    109. 

  109. 						//Check permissions
    110. 

  110. 						if ($continue)
    111. 

  111. 						{
    112. 

  112. 							if ((!empty($json->new_permissions)) && (is_array($json->new_permissions)))
    113. 

  113. 							{
    114. 

  114. 								$all_permissions = $conn->query("SELECT * FROM permissions");
    115. 

  115. 								$permissions = array();
    116. 

  116. 								while ($row = $all_permissions->fetch_assoc())
    117. 

  117. 								{
    118. 

  118. 									$permissions[$row['name']] = 1;
    119. 

  119. 								}
    120. 

  120. 								foreach ($json->new_permissions as $permission) {
    121. 

  121. 									if (!empty($permissions["modules.".$json->namespace.".".$permission->name]))
    122. 

  122. 									{
    123. 

  123. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].sprintf($lang['mod/module_permission_conflict'], "modules.".$json->namespace.".".$permission->name)."</b>";
    124. 

  124. 										$continue = 0;
    125. 

  125. 										break;
    126. 

  126. 									}
    127. 

  127. 								}
    128. 

  128. 							}
    129. 

  129. 						}
    130. 

  130. 						//Check config
    131. 

  131. 						if ($continue)
    132. 

  132. 						{
    133. 

  133. 							if ((!empty($json->new_config)) && (is_array($json->new_config)))
    134. 

  134. 							{
    135. 

  135. 								$all_config = $conn->query("SELECT * FROM module_config WHERE namespace='".$conn->real_escape_string($json->namespace)."'");
    136. 

  136. 								$econfig = array();
    137. 

  137. 								while ($row = $all_config->fetch_assoc())
    138. 

  138. 								{
    139. 

  139. 									$econfig[$row['name']] = 1;
    140. 

  140. 								}
    141. 

  141. 								foreach ($json->new_config as $config) {
    142. 

  142. 									if (!empty($econfig[$config->name]))
    143. 

  143. 									{
    144. 

  144. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].sprintf($lang['mod/module_config_conflict'], $config->name)."</b>";
    145. 

  145. 										$continue = 0;
    146. 

  146. 										break;
    147. 

  147. 									}
    148. 

  148. 								}
    149. 

  149. 							}
    150. 

  150. 						}
    151. 

  151. 						//Check board config
    152. 

  152. 						if ($continue)
    153. 

  153. 						{
    154. 

  154. 							if ((!empty($json->new_boardconfig)) && (is_array($json->new_boardconfig)))
    155. 

  155. 							{
    156. 

  156. 								$all_fields = $conn->query("SHOW COLUMNS FROM boards;");
    157. 

  157. 								$fields = array();
    158. 

  158. 								while ($row = $all_fields->fetch_assoc())
    159. 

  159. 								{
    160. 

  160. 									$fields[$row['Field']] = 1;
    161. 

  161. 								}
    162. 

  162. 								foreach ($json->new_boardconfig as $field) {
    163. 

  163. 									if (!empty($fields[$field->name]))
    164. 

  164. 									{
    165. 

  165. 										//We haz a conflicting field o_O
    166. 

  166. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].sprintf($lang['mod/module_board_field_conflict'], $field->name)."</b>";
    167. 

  167. 										$continue = 0;
    168. 

  168. 										break;
    169. 

  169. 									}
    170. 

  170. 								}
    171. 

  171. 							}
    172. 

  172. 						}
    173. 

  173. 						//Check new classes
    174. 

  174. 						if ($continue)
    175. 

  175. 						{
    176. 

  176. 							if ((!empty($json->new_classes)) && (is_array($json->new_classes)))
    177. 

  177. 							{
    178. 

  178. 								foreach ($json->new_classes as $field) {
    179. 

  179. 									$name = $field->name;
    180. 

  180. 									if (!empty($mitsuba->$name))
    181. 

  181. 									{
    182. 

  182. 										//We haz a conflicting field o_O
    183. 

  183. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].sprintf($lang['mod/module_class_conflict'], $field->name)."</b>";
    184. 

  184. 										$continue = 0;
    185. 

  185. 										break;
    186. 

  186. 									}
    187. 

  187. 								}
    188. 

  188. 							}
    189. 

  189. 						}
    190. 

  190. 						//Check extra tables
    191. 

  191. 						if ($continue)
    192. 

  192. 						{
    193. 

  193. 							if ((!empty($json->new_tables)) && (is_array($json->new_tables)))
    194. 

  194. 							{
    195. 

  195. 								$all_fields = $conn->query("SHOW TABLES;");
    196. 

  196. 								$fields = array();
    197. 

  197. 								while ($row = $all_fields->fetch_row())
    198. 

  198. 								{
    199. 

  199. 									$fields[$row[0]] = 1;
    200. 

  200. 								}
    201. 

  201. 								foreach ($json->new_tables as $table) {
    202. 

  202. 									if (!empty($fields[$table]))
    203. 

  203. 									{
    204. 

  204. 										//We haz a conflicting field o_O
    205. 

  205. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].sprintf($lang['mod/module_table_conflict'], $table)."</b>";
    206. 

  206. 										$continue = 0;
    207. 

  207. 										break;
    208. 

  208. 									}
    209. 

  209. 								}
    210. 

  210. 							}
    211. 

  211. 						}
    212. 

  212. 						//Check panel pages
    213. 

  213. 						if ($continue)
    214. 

  214. 						{
    215. 

  215. 							if ((!empty($json->panel_pages)) && (is_array($json->panel_pages)))
    216. 

  216. 							{
    217. 

  217. 								$all_fields = $conn->query("SELECT * FROM module_pages;");
    218. 

  218. 								$fields = array();
    219. 

  219. 								while ($row = $all_fields->fetch_assoc())
    220. 

  220. 								{
    221. 

  221. 									$fields[$row['url']] = 1;
    222. 

  222. 								}
    223. 

  223. 								foreach ($json->panel_pages as $pages) {
    224. 

  224. 									if (!empty($fields[$pages->url]))
    225. 

  225. 									{
    226. 

  226. 										//We haz a conflicting field o_O
    227. 

  227. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].sprintf($lang['mod/module_page_conflict'], $field->page)."</b>";
    228. 

  228. 										$continue = 0;
    229. 

  229. 										break;
    230. 

  230. 									}
    231. 

  231. 								}
    232. 

  232. 							}
    233. 

  233. 						}
    234. 

  234. 

  235. 						$continue = 1;
    236. 

  236. 						$undo_queries = array();
    237. 

  237. 						//Create post fields
    238. 

  238. 						if ($continue)
    239. 

  239. 						{
    240. 

  240. 							if ((!empty($json->new_post_fields)) && (is_array($json->new_post_fields)))
    241. 

  241. 							{
    242. 

  242. 								foreach ($json->new_post_fields as $field) {
    243. 

  243. 									if (!$conn->query("ALTER TABLE posts ADD `".$conn->real_escape_string($field->name)."` ".$conn->real_escape_string($field->definition)))
    244. 

  244. 									{
    245. 

  245. 										//Oh crap we haz an error!
    246. 

  246. 										$continue = 0;
    247. 

  247. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    248. 

  248. 										foreach ($undo_queries as $query) {
    249. 

  249. 											$conn->query($query);
    250. 

  250. 										}
    251. 

  251. 										break;
    252. 

  252. 									} else {
    253. 

  253. 										$undo_queries[] = "ALTER TABLE posts DROP `".$conn->real_escape_string($field->name)."`;";
    254. 

  254. 										if (!$conn->query("INSERT INTO module_fields (`namespace`, `name`, `type`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($field->name)."', 'postfield');"))
    255. 

  255. 										{
    256. 

  256. 											//Oh crap we haz an error!
    257. 

  257. 											$continue = 0;
    258. 

  258. 											echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    259. 

  259. 											foreach ($undo_queries as $query) {
    260. 

  260. 												$conn->query($query);
    261. 

  261. 											}
    262. 

  262. 											break;
    263. 

  263. 										} else {
    264. 

  264. 											$undo_queries[] = "DELETE FROM module_fields WHERE namespace='".$conn->real_escape_string($json->namespace)."' AND name='".$conn->real_escape_string($field->name)."';";
    265. 

  265. 										}
    266. 

  266. 									}
    267. 

  267. 

  268. 								}
    269. 

  269. 							}
    270. 

  270. 						}
    271. 

  271. 						//Create permissions
    272. 

  272. 						if ($continue)
    273. 

  273. 						{
    274. 

  274. 							if ((!empty($json->new_permissions)) && (is_array($json->new_permissions)))
    275. 

  275. 							{
    276. 

  276. 								$id = $conn->query("SELECT * FROM permissions_categories WHERE name='module';")->fetch_assoc()['id'];
    277. 

  277. 								foreach ($json->new_permissions as $permission) {
    278. 

  278. 									if (!$conn->query("INSERT INTO `permissions` (`name`, `description`, `category`) VALUES ('".$conn->real_escape_string($permission->name)."', '".$conn->real_escape_string($permission->description)."', ".$id.")"))
    279. 

  279. 									{
    280. 

  280. 										//Oh crap we haz an error!
    281. 

  281. 										$continue = 0;
    282. 

  282. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    283. 

  283. 										foreach ($undo_queries as $query) {
    284. 

  284. 											$conn->query($query);
    285. 

  285. 										}
    286. 

  286. 										break;
    287. 

  287. 									} else {
    288. 

  288. 										$undo_queries[] = "DELETE FROM `permissions` WHERE name='".$conn->real_escape_string($permission->name)."';";
    289. 

  289. 									}
    290. 

  290. 

  291. 								}
    292. 

  292. 							}
    293. 

  293. 						}
    294. 

  294. 						//Create config
    295. 

  295. 						if ($continue)
    296. 

  296. 						{
    297. 

  297. 							if ((!empty($json->new_config)) && (is_array($json->new_config)))
    298. 

  298. 							{
    299. 

  299. 								foreach ($json->new_config as $config) {
    300. 

  300. 									if (!$conn->query("INSERT INTO `module_config` (`namespace`, `name`, `description`, `default_value`, `value`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($config->name)."', '".$conn->real_escape_string($config->description)."', '".$conn->real_escape_string($config->default_value)."', '".$conn->real_escape_string($config->default_value)."')"))
    301. 

  301. 									{
    302. 

  302. 										//Oh crap we haz an error!
    303. 

  303. 										$continue = 0;
    304. 

  304. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    305. 

  305. 										foreach ($undo_queries as $query) {
    306. 

  306. 											$conn->query($query);
    307. 

  307. 										}
    308. 

  308. 										break;
    309. 

  309. 									} else {
    310. 

  310. 										$undo_queries[] = "DELETE FROM `module_config` WHERE name='".$conn->real_escape_string($config->name)."' AND namespace='".$conn->real_escape_string($json->namespace)."';";
    311. 

  311. 									}
    312. 

  312. 

  313. 								}
    314. 

  314. 							}
    315. 

  315. 						}
    316. 

  316. 						//Create board config
    317. 

  317. 						if ($continue)
    318. 

  318. 						{
    319. 

  319. 							if ((!empty($json->new_boardconfig)) && (is_array($json->new_boardconfig)))
    320. 

  320. 							{
    321. 

  321. 								foreach ($json->new_boardconfig as $config) {
    322. 

  322. 									if (!$conn->query("INSERT INTO `module_boardconfig` (`namespace`, `name`, `description`, `default_value`, `value`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($config->name)."', '".$conn->real_escape_string($config->description)."', '".$conn->real_escape_string($config->default_value)."', '".$conn->real_escape_string($config->default_value)."')"))
    323. 

  323. 									{
    324. 

  324. 										//Oh crap we haz an error!
    325. 

  325. 										$continue = 0;
    326. 

  326. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    327. 

  327. 										foreach ($undo_queries as $query) {
    328. 

  328. 											$conn->query($query);
    329. 

  329. 										}
    330. 

  330. 										break;
    331. 

  331. 									} else {
    332. 

  332. 										$undo_queries[] = "DELETE FROM `module_boardconfig` WHERE name='".$conn->real_escape_string($config->name)."' AND namespace='".$conn->real_escape_string($json->namespace)."';";
    333. 

  333. 										if (!$conn->query("ALTER TABLE boards ADD `".$conn->real_escape_string($config->name)."` ".$conn->real_escape_string($config->definition)))
    334. 

  334. 										{
    335. 

  335. 											//Oh crap we haz an error!
    336. 

  336. 											$continue = 0;
    337. 

  337. 											echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    338. 

  338. 											foreach ($undo_queries as $query) {
    339. 

  339. 												$conn->query($query);
    340. 

  340. 											}
    341. 

  341. 											break;
    342. 

  342. 										} else {
    343. 

  343. 											$undo_queries[] = "ALTER TABLE posts DROP `".$conn->real_escape_string($config->name)."`;";
    344. 

  344. 										}
    345. 

  345. 									}
    346. 

  346. 

  347. 								}
    348. 

  348. 							}
    349. 

  349. 						}
    350. 

  350. 						//Create new classes
    351. 

  351. 						if ($continue)
    352. 

  352. 						{
    353. 

  353. 							if ((!empty($json->new_classes)) && (is_array($json->new_classes)))
    354. 

  354. 							{
    355. 

  355. 								foreach ($json->new_classes as $class) {
    356. 

  356. 									if (!$conn->query("INSERT INTO `module_classes` (`namespace`, `name`, `file`, `class`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($class->name)."', '".$conn->real_escape_string($class->file)."', '".$conn->real_escape_string($class->class)."')"))
    357. 

  357. 									{
    358. 

  358. 										//Oh crap we haz an error!
    359. 

  359. 										$continue = 0;
    360. 

  360. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    361. 

  361. 										foreach ($undo_queries as $query) {
    362. 

  362. 											$conn->query($query);
    363. 

  363. 										}
    364. 

  364. 										break;
    365. 

  365. 									} else {
    366. 

  366. 										$undo_queries[] = "DELETE FROM `module_classes` WHERE name='".$conn->real_escape_string($class->name)."';";
    367. 

  367. 									}
    368. 

  368. 								}
    369. 

  369. 							}
    370. 

  370. 						}
    371. 

  371. 						//Create panel pages
    372. 

  372. 						if ($continue)
    373. 

  373. 						{
    374. 

  374. 							if ((!empty($json->panel_pages)) && (is_array($json->panel_pages)))
    375. 

  375. 							{
    376. 

  376. 								foreach ($json->panel_pages as $page) {
    377. 

  377. 									if (!$conn->query("INSERT INTO `module_pages` (`namespace`, `url`, `file`, `class`, `method`) VALUES ('".$conn->real_escape_string($page->namespace)."', '".$conn->real_escape_string($page->url)."', '".$conn->real_escape_string($page->file)."', '".$conn->real_escape_string($page->class)."', '".$conn->real_escape_string($page->method)."')"))
    378. 

  378. 									{
    379. 

  379. 										//Oh crap we haz an error!
    380. 

  380. 										$continue = 0;
    381. 

  381. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    382. 

  382. 										foreach ($undo_queries as $query) {
    383. 

  383. 											$conn->query($query);
    384. 

  384. 										}
    385. 

  385. 										break;
    386. 

  386. 									} else {
    387. 

  387. 										$undo_queries[] = "DELETE FROM `module_pages` WHERE url='".$conn->real_escape_string($page->url)."' AND namespace='".$conn->real_escape_string($json->namespace)."';";
    388. 

  388. 									}
    389. 

  389. 								}
    390. 

  390. 							}
    391. 

  391. 						}
    392. 

  392. 						//Create events
    393. 

  393. 						if ($continue)
    394. 

  394. 						{
    395. 

  395. 							if ((!empty($json->events)) && (is_array($json->events)))
    396. 

  396. 							{
    397. 

  397. 								foreach ($json->events as $event) {
    398. 

  398. 									if (!$conn->query("INSERT INTO `module_events` (`namespace`, `event`, `file`, `class`, `method`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($event->event)."', '".$conn->real_escape_string($event->file)."', '".$conn->real_escape_string($event->class)."', '".$conn->real_escape_string($event->method)."')"))
    399. 

  399. 									{
    400. 

  400. 										//Oh crap we haz an error!
    401. 

  401. 										$continue = 0;
    402. 

  402. 										echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    403. 

  403. 										foreach ($undo_queries as $query) {
    404. 

  404. 											$conn->query($query);
    405. 

  405. 										}
    406. 

  406. 										break;
    407. 

  407. 									} else {
    408. 

  408. 										$undo_queries[] = "DELETE FROM `module_events` WHERE event='".$conn->real_escape_string($event->event)."' AND namespace='".$conn->real_escape_string($json->namespace)."';";
    409. 

  409. 									}
    410. 

  410. 								}
    411. 

  411. 							}
    412. 

  412. 						}
    413. 

  413. 

  414. 						//Add to modules table
    415. 

  415. 						if ($continue)
    416. 

  416. 						{
    417. 

  417. 							if (!$conn->query("INSERT INTO `modules` (`namespace`, `name`, `description`, `author`, `version`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($json->name)."', '".$conn->real_escape_string($json->description)."', '".$conn->real_escape_string($json->author)."', '".$conn->real_escape_string($json->version)."');"))
    418. 

  418. 							{
    419. 

  419. 								//Oh crap we haz an error!
    420. 

  420. 								$continue = 0;
    421. 

  421. 								echo "<b style='color:red;'>".$lang['mod/module_install_error'].$conn->error."</b>";
    422. 

  422. 								foreach ($undo_queries as $query) {
    423. 

  423. 									$conn->query($query);
    424. 

  424. 								}
    425. 

  425. 								break;
    426. 

  426. 							} else {
    427. 

  427. 								$undo_queries[] = "DELETE FROM `modules` WHERE namespace='".$conn->real_escape_string($json->namespace)."';";
    428. 

  428. 							}
    429. 

  429. 						}
    430. 

  430. 

  431. 

  432. 						//Execute install.php (create extra tables etc.)
    433. 

  433. 						if ($continue)
    434. 

  434. 						{
    435. 

  435. 							include($dir."/install.php");
    436. 

  436. 							$installer = new $json->install_class($conn, $mitsuba);
    437. 

  437. 							$installer->install();
    438. 

  438. 							echo "<b style='color: green;'>".$lang['mod/module_installed']."</b>";
    439. 

  439. 						}
    440. 

  440. 					} else {
    441. 

  441. 						echo "<b style='color: red;'>".$lang['mod/module_invalid_json']."</b>";
    442. 

  442. 					}
    443. 

  443. 				} else {
    444. 

  444. 					echo "<b style='color: red;'>".$lang['mod/module_no_file']."</b>";
    445. 

  445. 				}
    446. 

  446. 			}
    447. 

  447. 		}
    448. 

  448. 

  449. 		if ((!empty($_GET['unins'])) && ($_GET['unins'] == 1) && (!empty($_GET['n'])))
    450. 

  450. 		{
    451. 

  451. 			$mitsuba->admin->reqPermission("modules.uninstall");
    452. 

  452. 			$result = $conn->query("SELECT * FROM modules WHERE namespace='".$conn->real_escape_string($_GET['n'])."';");
    453. 

  453. 			if ($result->num_rows != 1)
    454. 

  454. 			{
    455. 

  455. 				echo "<b style='color: red;'>".$lang['mod/module_not_installed']."</b>";
    456. 

  456. 			} else {
    457. 

  457. 				$dir = "./modules/".$_GET['n'];
    458. 

  458. 				//Validate JSON
    459. 

  459. 				if ((is_dir($dir)) &&(file_exists($dir."/module.json")) && (file_exists($dir."/install.php")) && (file_exists($dir."/config.php")))
    460. 

  460. 				{
    461. 

  461. 					$json = json_decode(file_get_contents($dir."/module.json"));
    462. 

  462. 					if ((!is_null($json)) && (!empty($json->name)) && (!empty($json->namespace)) && (!empty($json->description)) && (!empty($json->author)) && (!empty($json->version)) && (!empty($json->install_class)) && (!empty($json->config_class)))
    463. 

  463. 					{
    464. 

  464. 						$continue = 1;
    465. 

  465. 						$undo_queries = array();
    466. 

  466. 						//Create post fields
    467. 

  467. 						if ($continue)
    468. 

  468. 						{
    469. 

  469. 							if ((!empty($json->new_post_fields)) && (is_array($json->new_post_fields)))
    470. 

  470. 							{
    471. 

  471. 								foreach ($json->new_post_fields as $field) {
    472. 

  472. 									if (!$conn->query("ALTER TABLE posts DROP `".$conn->real_escape_string($field->name)."`;"))
    473. 

  473. 									{
    474. 

  474. 										//Oh crap we haz an error!
    475. 

  475. 										$continue = 0;
    476. 

  476. 										echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    477. 

  477. 										foreach ($undo_queries as $query) {
    478. 

  478. 											$conn->query($query);
    479. 

  479. 										}
    480. 

  480. 										break;
    481. 

  481. 									} else {
    482. 

  482. 										$undo_queries[] = "ALTER TABLE posts ADD `".$conn->real_escape_string($field->name)."` ".$conn->real_escape_string($field->definition);
    483. 

  483. 										if (!$conn->query("DELETE FROM module_fields WHERE namespace='".$conn->real_escape_string($json->namespace)."' AND name='".$conn->real_escape_string($field->name)."';"))
    484. 

  484. 										{
    485. 

  485. 											//Oh crap we haz an error!
    486. 

  486. 											$continue = 0;
    487. 

  487. 											echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    488. 

  488. 											foreach ($undo_queries as $query) {
    489. 

  489. 												$conn->query($query);
    490. 

  490. 											}
    491. 

  491. 											break;
    492. 

  492. 										} else {
    493. 

  493. 											$undo_queries[] = "INSERT INTO module_fields (`namespace`, `name`, `type`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($field->name)."', 'postfield');";
    494. 

  494. 										}
    495. 

  495. 									}
    496. 

  496. 

  497. 								}
    498. 

  498. 							}
    499. 

  499. 						}
    500. 

  500. 						//Create permissions
    501. 

  501. 						if ($continue)
    502. 

  502. 						{
    503. 

  503. 							if ((!empty($json->new_permissions)) && (is_array($json->new_permissions)))
    504. 

  504. 							{
    505. 

  505. 								$id = $conn->query("SELECT * FROM permissions_categories WHERE name='module';")->fetch_assoc()['id'];
    506. 

  506. 								foreach ($json->new_permissions as $permission) {
    507. 

  507. 									if (!$conn->query("DELETE FROM `permissions` WHERE name='".$conn->real_escape_string($permission->name)."';"))
    508. 

  508. 									{
    509. 

  509. 										//Oh crap we haz an error!
    510. 

  510. 										$continue = 0;
    511. 

  511. 										echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    512. 

  512. 										foreach ($undo_queries as $query) {
    513. 

  513. 											$conn->query($query);
    514. 

  514. 										}
    515. 

  515. 										break;
    516. 

  516. 									} else {
    517. 

  517. 										$undo_queries[] = "INSERT INTO `permissions` (`name`, `description`, `category`) VALUES ('".$conn->real_escape_string($permission->name)."', '".$conn->real_escape_string($permission->description)."', ".$id.")";
    518. 

  518. 									}
    519. 

  519. 

  520. 								}
    521. 

  521. 							}
    522. 

  522. 						}
    523. 

  523. 						//Create config
    524. 

  524. 						if ($continue)
    525. 

  525. 						{
    526. 

  526. 							if ((!empty($json->new_config)) && (is_array($json->new_config)))
    527. 

  527. 							{
    528. 

  528. 								foreach ($json->new_config as $config) {
    529. 

  529. 									if (!$conn->query("DELETE FROM `module_config` WHERE name='".$conn->real_escape_string($config->name)."' AND namespace='".$conn->real_escape_string($json->namespace)."';"))
    530. 

  530. 									{
    531. 

  531. 										//Oh crap we haz an error!
    532. 

  532. 										$continue = 0;
    533. 

  533. 										echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    534. 

  534. 										foreach ($undo_queries as $query) {
    535. 

  535. 											$conn->query($query);
    536. 

  536. 										}
    537. 

  537. 										break;
    538. 

  538. 									} else {
    539. 

  539. 										$undo_queries[] = "INSERT INTO `module_config` (`namespace`, `name`, `description`, `default_value`, `value`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($config->name)."', '".$conn->real_escape_string($config->description)."', '".$conn->real_escape_string($config->default_value)."', '".$conn->real_escape_string($config->default_value)."')";
    540. 

  540. 									}
    541. 

  541. 

  542. 								}
    543. 

  543. 							}
    544. 

  544. 						}
    545. 

  545. 						//Create board config
    546. 

  546. 						if ($continue)
    547. 

  547. 						{
    548. 

  548. 							if ((!empty($json->new_boardconfig)) && (is_array($json->new_boardconfig)))
    549. 

  549. 							{
    550. 

  550. 								foreach ($json->new_boardconfig as $config) {
    551. 

  551. 									if (!$conn->query("DELETE FROM `module_boardconfig` WHERE name='".$conn->real_escape_string($config->name)."' AND namespace='".$conn->real_escape_string($json->namespace)."';"))
    552. 

  552. 									{
    553. 

  553. 										//Oh crap we haz an error!
    554. 

  554. 										$continue = 0;
    555. 

  555. 										echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    556. 

  556. 										foreach ($undo_queries as $query) {
    557. 

  557. 											$conn->query($query);
    558. 

  558. 										}
    559. 

  559. 										break;
    560. 

  560. 									} else {
    561. 

  561. 										$undo_queries[] = "INSERT INTO `module_boardconfig` (`namespace`, `name`, `description`, `default_value`, `value`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($config->name)."', '".$conn->real_escape_string($config->description)."', '".$conn->real_escape_string($config->default_value)."', '".$conn->real_escape_string($config->default_value)."')";
    562. 

  562. 										if (!$conn->query("ALTER TABLE posts DROP `".$conn->real_escape_string($config->name)."`;"))
    563. 

  563. 										{
    564. 

  564. 											//Oh crap we haz an error!
    565. 

  565. 											$continue = 0;
    566. 

  566. 											echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    567. 

  567. 											foreach ($undo_queries as $query) {
    568. 

  568. 												$conn->query($query);
    569. 

  569. 											}
    570. 

  570. 											break;
    571. 

  571. 										} else {
    572. 

  572. 											$undo_queries[] = "ALTER TABLE boards ADD `".$conn->real_escape_string($config->name)."` ".$conn->real_escape_string($config->definition);
    573. 

  573. 										}
    574. 

  574. 									}
    575. 

  575. 

  576. 								}
    577. 

  577. 							}
    578. 

  578. 						}
    579. 

  579. 						//Create new classes
    580. 

  580. 						if ($continue)
    581. 

  581. 						{
    582. 

  582. 							if ((!empty($json->new_classes)) && (is_array($json->new_classes)))
    583. 

  583. 							{
    584. 

  584. 								foreach ($json->new_classes as $class) {
    585. 

  585. 									if (!$conn->query("DELETE FROM `module_classes` WHERE name='".$conn->real_escape_string($class->name)."';"))
    586. 

  586. 									{
    587. 

  587. 										//Oh crap we haz an error!
    588. 

  588. 										$continue = 0;
    589. 

  589. 										echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    590. 

  590. 										foreach ($undo_queries as $query) {
    591. 

  591. 											$conn->query($query);
    592. 

  592. 										}
    593. 

  593. 										break;
    594. 

  594. 									} else {
    595. 

  595. 										$undo_queries[] = "INSERT INTO `module_classes` (`namespace`, `name`, `file`, `class`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($class->name)."', '".$conn->real_escape_string($class->file)."', '".$conn->real_escape_string($class->class)."')";
    596. 

  596. 									}
    597. 

  597. 								}
    598. 

  598. 							}
    599. 

  599. 						}
    600. 

  600. 						//Create panel pages
    601. 

  601. 						if ($continue)
    602. 

  602. 						{
    603. 

  603. 							if ((!empty($json->panel_pages)) && (is_array($json->panel_pages)))
    604. 

  604. 							{
    605. 

  605. 								foreach ($json->panel_pages as $page) {
    606. 

  606. 									if (!$conn->query("DELETE FROM `module_pages` WHERE url='".$conn->real_escape_string($page->url)."' AND namespace='".$conn->real_escape_string($json->namespace)."';"))
    607. 

  607. 									{
    608. 

  608. 										//Oh crap we haz an error!
    609. 

  609. 										$continue = 0;
    610. 

  610. 										echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    611. 

  611. 										foreach ($undo_queries as $query) {
    612. 

  612. 											$conn->query($query);
    613. 

  613. 										}
    614. 

  614. 										break;
    615. 

  615. 									} else {
    616. 

  616. 										$undo_queries[] = "INSERT INTO `module_pages` (`namespace`, `url`, `file`, `class`, `method`) VALUES ('".$conn->real_escape_string($page->namespace)."', '".$conn->real_escape_string($page->url)."', '".$conn->real_escape_string($page->file)."', '".$conn->real_escape_string($page->class)."', '".$conn->real_escape_string($page->method)."')";
    617. 

  617. 									}
    618. 

  618. 								}
    619. 

  619. 							}
    620. 

  620. 						}
    621. 

  621. 						//Create events
    622. 

  622. 						if ($continue)
    623. 

  623. 						{
    624. 

  624. 							if ((!empty($json->events)) && (is_array($json->events)))
    625. 

  625. 							{
    626. 

  626. 								foreach ($json->events as $event) {
    627. 

  627. 									if (!$conn->query("DELETE FROM `module_events` WHERE event='".$conn->real_escape_string($event->event)."' AND namespace='".$conn->real_escape_string($json->namespace)."';"))
    628. 

  628. 									{
    629. 

  629. 										//Oh crap we haz an error!
    630. 

  630. 										$continue = 0;
    631. 

  631. 										echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    632. 

  632. 										foreach ($undo_queries as $query) {
    633. 

  633. 											$conn->query($query);
    634. 

  634. 										}
    635. 

  635. 										break;
    636. 

  636. 									} else {
    637. 

  637. 										$undo_queries[] = "INSERT INTO `module_events` (`namespace`, `event`, `file`, `class`, `method`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($event->event)."', '".$conn->real_escape_string($event->file)."', '".$conn->real_escape_string($event->class)."', '".$conn->real_escape_string($event->method)."')";
    638. 

  638. 									}
    639. 

  639. 								}
    640. 

  640. 							}
    641. 

  641. 						}
    642. 

  642. 

  643. 						//Add to modules table
    644. 

  644. 						if ($continue)
    645. 

  645. 						{
    646. 

  646. 							if (!$conn->query("DELETE FROM `modules` WHERE namespace='".$conn->real_escape_string($json->namespace)."';"))
    647. 

  647. 							{
    648. 

  648. 								//Oh crap we haz an error!
    649. 

  649. 								$continue = 0;
    650. 

  650. 								echo "<b style='color:red;'>".$lang['mod/module_uninstall_error'].$conn->error."</b>";
    651. 

  651. 								foreach ($undo_queries as $query) {
    652. 

  652. 									$conn->query($query);
    653. 

  653. 								}
    654. 

  654. 								break;
    655. 

  655. 							} else {
    656. 

  656. 								$undo_queries[] = "INSERT INTO `modules` (`namespace`, `name`, `description`, `author`, `version`) VALUES ('".$conn->real_escape_string($json->namespace)."', '".$conn->real_escape_string($json->name)."', '".$conn->real_escape_string($json->description)."', '".$conn->real_escape_string($json->author)."', '".$conn->real_escape_string($json->version)."');";
    657. 

  657. 							}
    658. 

  658. 						}
    659. 

  659. 

  660. 

  661. 						//Execute install.php (create extra tables etc.)
    662. 

  662. 						if ($continue)
    663. 

  663. 						{
    664. 

  664. 							include($dir."/install.php");
    665. 

  665. 							$installer = new $json->install_class($conn, $mitsuba);
    666. 

  666. 							$installer->uninstall();
    667. 

  667. 							echo "<b style='color: green;'>".$lang['mod/module_uninstalled']."</b>";
    668. 

  668. 						}
    669. 

  669. 					} else {
    670. 

  670. 						echo "<b style='color: red;'>".$lang['mod/module_invalid_json']."</b>";
    671. 

  671. 					}
    672. 

  672. 				} else {
    673. 

  673. 					echo "<b style='color: red;'>".$lang['mod/module_no_file']."</b>";
    674. 

  674. 				}
    675. 

  675. 			}
    676. 

  676. 		}
    677. 

  677. 		
    678. 

  678. 		if ((!empty($_GET['del'])) && ($_GET['del'] == 1) && (!empty($_GET['n'])))
    679. 

  679. 		{
    680. 

  680. 			$mitsuba->admin->reqPermission("modules.delete");
    681. 

  681. 			$result = $conn->query("SELECT * FROM modules WHERE namespace='".$conn->real_escape_string($_GET['n'])."';");
    682. 

  682. 			if ($result->num_rows == 1)
    683. 

  683. 			{
    684. 

  684. 				echo "<b style='color: red;'>".$lang['mod/module_installed_delete']."</b>";
    685. 

  685. 			} else {
    686. 

  686. 				$dir = "./modules/".$_GET['n'];
    687. 

  687. 				$mitsuba->common->delTree("./".$dir);
    688. 

  688. 				echo "<b style='color: green;'>".$lang['mod/module_deleted']."</b>";
    689. 

  689. 			}
    690. 

  690. 		}
    691. 

  691. 		?>
    692. 

  692. <b><?php echo $lang['mod/rebuild_notice']; ?></b><br />
    693. 

  693. <?php $mitsuba->admin->ui->startSection($lang['mod/manage_modules']); ?>
    694. 

  694. 

  695. <table>
    696. 

  696. <thead>
    697. 

  697. <tr>
    698. 

  698. <td><?php echo $lang['mod/name']; ?></td>
    699. 

  699. <td><?php echo $lang['mod/description']; ?></td>
    700. 

  700. <td><?php echo $lang['mod/author']; ?></td>
    701. 

  701. <td><?php echo $lang['mod/version']; ?></td>
    702. 

  702. <td><?php echo $lang['mod/actions']; ?></td>
    703. 

  703. </tr>
    704. 

  704. </thead>
    705. 

  705. <tbody>
    706. 

  706. <?php
    707. 

  707. $installed = array();
    708. 

  708. $result = $conn->query("SELECT * FROM modules ORDER BY name ASC");
    709. 

  709. while ($row = $result->fetch_assoc())
    710. 

  710. {
    711. 

  711. $installed[$row['namespace']] = 1;
    712. 

  712. echo "<tr>";
    713. 

  713. echo "<td class='text-center'>".htmlspecialchars($row['name'])."</td>";
    714. 

  714. echo "<td>".htmlspecialchars($row['description'])."</td>";
    715. 

  715. echo "<td class='text-center'>".htmlspecialchars($row['author'])."</td>";
    716. 

  716. echo "<td class='text-center'>".htmlspecialchars($row['version'])."</td>";
    717. 

  717. echo "<td class='text-center'><a href='?/modules&unins=1&n=".$row['namespace']."'>".$lang['mod/uninstall']."</a></td>";
    718. 

  718. echo "</tr>";
    719. 

  719. }
    720. 

  720. ?>
    721. 

  721. </tbody>
    722. 

  722. </table>
    723. 

  723. <?php $mitsuba->admin->ui->endSection(); ?>
    724. 

  724. <br /><br />
    725. 

  725. <?php $mitsuba->admin->ui->startSection($lang['mod/uninstalled_modules']); ?>
    726. 

  726. <table>
    727. 

  727. <thead>
    728. 

  728. <tr>
    729. 

  729. <td class='text-center'><?php echo $lang['mod/name']; ?></td>
    730. 

  730. <td><?php echo $lang['mod/description']; ?></td>
    731. 

  731. <td class='text-center'><?php echo $lang['mod/author']; ?></td>
    732. 

  732. <td class='text-center'><?php echo $lang['mod/version']; ?></td>
    733. 

  733. <td class='text-center'><?php echo $lang['mod/actions']; ?></td>
    734. 

  734. </tr>
    735. 

  735. </thead>
    736. 

  736. <tbody>
    737. 

  737. <?php
    738. 

  738. $dirs = array_filter(glob('./modules/*'), 'is_dir');
    739. 

  739. foreach ($dirs as $dir) {
    740. 

  740. 	if (file_exists($dir."/module.json"))
    741. 

  741. 	{
    742. 

  742. 		$json = json_decode(file_get_contents($dir."/module.json"));
    743. 

  743. 		if ((!is_null($json)) && (!empty($json->name)) && (!empty($json->namespace)) && (!empty($json->description)) && (!empty($json->author)) && (!empty($json->version)) && (!empty($json->install_class)) && (!empty($json->config_class)))
    744. 

  744. 		{
    745. 

  745. 			if (!empty($installed[$json->namespace]))
    746. 

  746. 			{
    747. 

  747. 				continue;
    748. 

  748. 			}
    749. 

  749. 			echo "<tr>";
    750. 

  750. 			echo "<td class='text-center'>".$json->name."</td>";
    751. 

  751. 			echo "<td>".$json->description."</td>";
    752. 

  752. 			echo "<td class='text-center'>".$json->author."</td>";
    753. 

  753. 			echo "<td class='text-center'>".$json->version."</td>";
    754. 

  754. 			echo "<td class='text-center'><a href='?/modules&ins=1&n=".$json->namespace."'>".$lang['mod/install']."</a> <a href='?/modules&del=1&n=".$json->namespace."'>".$lang['mod/delete']."</a></td>";
    755. 

  755. 			echo "</tr>";
    756. 

  756. 		}
    757. 

  757. 	}
    758. 

  758. }
    759. 

  759. ?>
    760. 

  760. </tbody>
    761. 

  761. </table>
    762. 

  762. <?php $mitsuba->admin->ui->endSection(); ?>
    763. 

  763. <br /><br />
    764. 

  764. <?php $mitsuba->admin->ui->startSection($lang['mod/upload_module']); ?>
    765. 

  765. 

  766. <form action="?/modules" method="POST" enctype="multipart/form-data">
    767. 

  767. <?php $mitsuba->admin->ui->getToken($path); ?>
    768. 

  768. <input type="hidden" name="MAX_FILE_SIZE" value="2097152">
    769. 

  769. <input type="hidden" name="mode" value="upload">
    770. 

  770. <?php echo $lang['mod/file']; ?>: <input id="postFile" name="upfile" type="file"><br />
    771. 

  771. <input type="submit" value="<?php echo $lang['mod/submit']; ?>" />
    772. 

  772. </form>
    773. 

  773. <?php $mitsuba->admin->ui->endSection(); ?>
    774.