2
0

PackageGet.php 27 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765
  1. <?php
  2. /**
  3. * This file handles the package servers and packages download from Package Manager.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2014 Simple Machines and individual contributors
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.1 Alpha 1
  13. */
  14. if (!defined('SMF'))
  15. die('No direct access...');
  16. /**
  17. * Browse the list of package servers, add servers...
  18. */
  19. function PackageGet()
  20. {
  21. global $txt, $scripturl, $context, $boarddir, $sourcedir;
  22. isAllowedTo('admin_forum');
  23. require_once($sourcedir . '/Subs-Package.php');
  24. // Use the Packages template... no reason to separate.
  25. loadLanguage('Packages');
  26. loadTemplate('Packages', 'admin');
  27. $context['page_title'] = $txt['package'];
  28. // Here is a list of all the potentially valid actions.
  29. $subActions = array(
  30. 'servers' => 'PackageServers',
  31. 'add' => 'PackageServerAdd',
  32. 'browse' => 'PackageGBrowse',
  33. 'download' => 'PackageDownload',
  34. 'remove' => 'PackageServerRemove',
  35. 'upload' => 'PackageUpload',
  36. );
  37. // Now let's decide where we are taking this...
  38. if (isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]))
  39. $context['sub_action'] = $_REQUEST['sa'];
  40. // We need to support possible old javascript links...
  41. elseif (isset($_GET['pgdownload']))
  42. $context['sub_action'] = 'download';
  43. else
  44. $context['sub_action'] = 'servers';
  45. // We need to force the "Download" tab as selected.
  46. $context['menu_data_' . $context['admin_menu_id']]['current_subsection'] = 'packageget';
  47. // Now create the tabs for the template.
  48. $context[$context['admin_menu_name']]['tab_data'] = array(
  49. 'title' => $txt['package_manager'],
  50. //'help' => 'registrations',
  51. 'description' => $txt['package_manager_desc'],
  52. 'tabs' => array(
  53. 'browse' => array(
  54. ),
  55. 'packageget' => array(
  56. 'description' => $txt['download_packages_desc'],
  57. ),
  58. 'installed' => array(
  59. 'description' => $txt['installed_packages_desc'],
  60. ),
  61. 'perms' => array(
  62. 'description' => $txt['package_file_perms_desc'],
  63. ),
  64. 'options' => array(
  65. 'description' => $txt['package_install_options_ftp_why'],
  66. ),
  67. ),
  68. );
  69. $subActions[$context['sub_action']]();
  70. }
  71. /**
  72. * Load a list of package servers.
  73. */
  74. function PackageServers()
  75. {
  76. global $txt, $scripturl, $context, $boarddir, $sourcedir, $packagesdir, $modSettings, $smcFunc;
  77. // Ensure we use the correct template, and page title.
  78. $context['sub_template'] = 'servers';
  79. $context['page_title'] .= ' - ' . $txt['download_packages'];
  80. // Load the list of servers.
  81. $request = $smcFunc['db_query']('', '
  82. SELECT id_server, name, url
  83. FROM {db_prefix}package_servers',
  84. array(
  85. )
  86. );
  87. $context['servers'] = array();
  88. while ($row = $smcFunc['db_fetch_assoc']($request))
  89. {
  90. $context['servers'][] = array(
  91. 'name' => $row['name'],
  92. 'url' => $row['url'],
  93. 'id' => $row['id_server'],
  94. );
  95. }
  96. $smcFunc['db_free_result']($request);
  97. $context['package_download_broken'] = !is_writable($packagesdir);
  98. if ($context['package_download_broken'])
  99. {
  100. @chmod($packagesdir, 0777);
  101. }
  102. $context['package_download_broken'] = !is_writable($packagesdir);
  103. if ($context['package_download_broken'])
  104. {
  105. if (isset($_POST['ftp_username']))
  106. {
  107. require_once($sourcedir . '/Class-Package.php');
  108. $ftp = new ftp_connection($_POST['ftp_server'], $_POST['ftp_port'], $_POST['ftp_username'], $_POST['ftp_password']);
  109. if ($ftp->error === false)
  110. {
  111. // I know, I know... but a lot of people want to type /home/xyz/... which is wrong, but logical.
  112. if (!$ftp->chdir($_POST['ftp_path']))
  113. {
  114. $ftp_error = $ftp->error;
  115. $ftp->chdir(preg_replace('~^/home[2]?/[^/]+?~', '', $_POST['ftp_path']));
  116. }
  117. }
  118. }
  119. if (!isset($ftp) || $ftp->error !== false)
  120. {
  121. if (!isset($ftp))
  122. {
  123. require_once($sourcedir . '/Class-Package.php');
  124. $ftp = new ftp_connection(null);
  125. }
  126. elseif ($ftp->error !== false && !isset($ftp_error))
  127. $ftp_error = $ftp->last_message === null ? '' : $ftp->last_message;
  128. list ($username, $detect_path, $found_path) = $ftp->detect_path($packagesdir);
  129. if ($found_path || !isset($_POST['ftp_path']))
  130. $_POST['ftp_path'] = $detect_path;
  131. if (!isset($_POST['ftp_username']))
  132. $_POST['ftp_username'] = $username;
  133. $context['package_ftp'] = array(
  134. 'server' => isset($_POST['ftp_server']) ? $_POST['ftp_server'] : (isset($modSettings['package_server']) ? $modSettings['package_server'] : 'localhost'),
  135. 'port' => isset($_POST['ftp_port']) ? $_POST['ftp_port'] : (isset($modSettings['package_port']) ? $modSettings['package_port'] : '21'),
  136. 'username' => isset($_POST['ftp_username']) ? $_POST['ftp_username'] : (isset($modSettings['package_username']) ? $modSettings['package_username'] : ''),
  137. 'path' => $_POST['ftp_path'],
  138. 'error' => empty($ftp_error) ? null : $ftp_error,
  139. );
  140. }
  141. else
  142. {
  143. $context['package_download_broken'] = false;
  144. $ftp->chmod('.', 0777);
  145. $ftp->close();
  146. }
  147. }
  148. addInlineJavascript('
  149. $(\'.new_package_content\').hide();
  150. $(\'.download_new_package\').on(\'click\', function() {
  151. $(\'.new_package_content\').css(\'display\') == \'none\' ? $(\'.new_package_content\').show(\'slow\') : $(\'.new_package_content\').hide(\'slow\');
  152. });', true);
  153. }
  154. /**
  155. * Browse a server's list of packages.
  156. */
  157. function PackageGBrowse()
  158. {
  159. global $txt, $boardurl, $context, $scripturl, $boarddir, $sourcedir, $forum_version, $smcFunc;
  160. if (isset($_GET['server']))
  161. {
  162. if ($_GET['server'] == '')
  163. redirectexit('action=admin;area=packages;get');
  164. $server = (int) $_GET['server'];
  165. // Query the server list to find the current server.
  166. $request = $smcFunc['db_query']('', '
  167. SELECT name, url
  168. FROM {db_prefix}package_servers
  169. WHERE id_server = {int:current_server}
  170. LIMIT 1',
  171. array(
  172. 'current_server' => $server,
  173. )
  174. );
  175. list ($name, $url) = $smcFunc['db_fetch_row']($request);
  176. $smcFunc['db_free_result']($request);
  177. // If the server does not exist, dump out.
  178. if (empty($url))
  179. fatal_lang_error('couldnt_connect', false);
  180. // If there is a relative link, append to the stored server url.
  181. if (isset($_GET['relative']))
  182. $url = $url . (substr($url, -1) == '/' ? '' : '/') . $_GET['relative'];
  183. // Clear any "absolute" URL. Since "server" is present, "absolute" is garbage.
  184. unset($_GET['absolute']);
  185. }
  186. elseif (isset($_GET['absolute']) && $_GET['absolute'] != '')
  187. {
  188. // Initialize the requried variables.
  189. $server = '';
  190. $url = $_GET['absolute'];
  191. $name = '';
  192. $_GET['package'] = $url . '/packages.xml?language=' . $context['user']['language'];
  193. // Clear any "relative" URL. Since "server" is not present, "relative" is garbage.
  194. unset($_GET['relative']);
  195. $token = checkConfirm('get_absolute_url');
  196. if ($token !== true)
  197. {
  198. $context['sub_template'] = 'package_confirm';
  199. $context['page_title'] = $txt['package_servers'];
  200. $context['confirm_message'] = sprintf($txt['package_confirm_view_package_content'], $smcFunc['htmlspecialchars']($_GET['absolute']));
  201. $context['proceed_href'] = $scripturl . '?action=admin;area=packages;get;sa=browse;absolute=' . urlencode($_GET['absolute']) . ';confirm=' . $token;
  202. return;
  203. }
  204. }
  205. // Minimum required parameter did not exist so dump out.
  206. else
  207. fatal_lang_error('couldnt_connect', false);
  208. // Attempt to connect. If unsuccessful... try the URL.
  209. if (!isset($_GET['package']) || file_exists($_GET['package']))
  210. $_GET['package'] = $url . '/packages.xml?language=' . $context['user']['language'];
  211. // Check to be sure the packages.xml file actually exists where it is should be... or dump out.
  212. if ((isset($_GET['absolute']) || isset($_GET['relative'])) && !url_exists($_GET['package']))
  213. fatal_lang_error('packageget_unable', false, array($url . '/index.php'));
  214. // Might take some time.
  215. @set_time_limit(600);
  216. // Read packages.xml and parse into xmlArray. (the true tells it to trim things ;).)
  217. require_once($sourcedir . '/Class-Package.php');
  218. $listing = new xmlArray(fetch_web_data($_GET['package']), true);
  219. // Errm.... empty file? Try the URL....
  220. if (!$listing->exists('package-list'))
  221. fatal_lang_error('packageget_unable', false, array($url . '/index.php'));
  222. // List out the packages...
  223. $context['package_list'] = array();
  224. $listing = $listing->path('package-list[0]');
  225. // Use the package list's name if it exists.
  226. if ($listing->exists('list-title'))
  227. $name = $listing->fetch('list-title');
  228. // Pick the correct template.
  229. $context['sub_template'] = 'package_list';
  230. $context['page_title'] = $txt['package_servers'] . ($name != '' ? ' - ' . $name : '');
  231. $context['package_server'] = $server;
  232. // By default we use an unordered list, unless there are no lists with more than one package.
  233. $context['list_type'] = 'ul';
  234. $instmods = loadInstalledPackages();
  235. $installed_mods = array();
  236. // Look through the list of installed mods...
  237. foreach ($instmods as $installed_mod)
  238. $installed_mods[$installed_mod['package_id']] = $installed_mod['version'];
  239. // Get default author and email if they exist.
  240. if ($listing->exists('default-author'))
  241. {
  242. $default_author = $smcFunc['htmlspecialchars']($listing->fetch('default-author'));
  243. if ($listing->exists('default-author/@email'))
  244. $default_email = $smcFunc['htmlspecialchars']($listing->fetch('default-author/@email'));
  245. }
  246. // Get default web site if it exists.
  247. if ($listing->exists('default-website'))
  248. {
  249. $default_website = $smcFunc['htmlspecialchars']($listing->fetch('default-website'));
  250. if ($listing->exists('default-website/@title'))
  251. $default_title = $smcFunc['htmlspecialchars']($listing->fetch('default-website/@title'));
  252. }
  253. $the_version = strtr($forum_version, array('SMF ' => ''));
  254. if (!empty($_SESSION['version_emulate']))
  255. $the_version = $_SESSION['version_emulate'];
  256. $packageNum = 0;
  257. $packageSection = 0;
  258. $sections = $listing->set('section');
  259. foreach ($sections as $i => $section)
  260. {
  261. $context['package_list'][$packageSection] = array(
  262. 'title' => '',
  263. 'text' => '',
  264. 'items' => array(),
  265. );
  266. $packages = $section->set('title|heading|text|remote|rule|modification|language|avatar-pack|theme|smiley-set');
  267. foreach ($packages as $thisPackage)
  268. {
  269. $package = array(
  270. 'type' => $thisPackage->name(),
  271. );
  272. if (in_array($package['type'], array('title', 'text')))
  273. $context['package_list'][$packageSection][$package['type']] = $smcFunc['htmlspecialchars']($thisPackage->fetch('.'));
  274. // It's a Title, Heading, Rule or Text.
  275. elseif (in_array($package['type'], array('heading', 'rule')))
  276. $package['name'] = $smcFunc['htmlspecialchars']($thisPackage->fetch('.'));
  277. // It's a Remote link.
  278. elseif ($package['type'] == 'remote')
  279. {
  280. $remote_type = $thisPackage->exists('@type') ? $thisPackage->fetch('@type') : 'relative';
  281. if ($remote_type == 'relative' && substr($thisPackage->fetch('@href'), 0, 7) != 'http://' && substr($thisPackage->fetch('@href'), 0, 8) != 'https://')
  282. {
  283. if (isset($_GET['absolute']))
  284. $current_url = $_GET['absolute'] . '/';
  285. elseif (isset($_GET['relative']))
  286. $current_url = $_GET['relative'] . '/';
  287. else
  288. $current_url = '';
  289. $current_url .= $thisPackage->fetch('@href');
  290. if (isset($_GET['absolute']))
  291. $package['href'] = $scripturl . '?action=admin;area=packages;get;sa=browse;absolute=' . $current_url;
  292. else
  293. $package['href'] = $scripturl . '?action=admin;area=packages;get;sa=browse;server=' . $context['package_server'] . ';relative=' . $current_url;
  294. }
  295. else
  296. {
  297. $current_url = $thisPackage->fetch('@href');
  298. $package['href'] = $scripturl . '?action=admin;area=packages;get;sa=browse;absolute=' . $current_url;
  299. }
  300. $package['name'] = $smcFunc['htmlspecialchars']($thisPackage->fetch('.'));
  301. $package['link'] = '<a href="' . $package['href'] . '">' . $package['name'] . '</a>';
  302. }
  303. // It's a package...
  304. else
  305. {
  306. if (isset($_GET['absolute']))
  307. $current_url = $_GET['absolute'] . '/';
  308. elseif (isset($_GET['relative']))
  309. $current_url = $_GET['relative'] . '/';
  310. else
  311. $current_url = '';
  312. $server_att = $server != '' ? ';server=' . $server : '';
  313. $package += $thisPackage->to_array();
  314. if (isset($package['website']))
  315. unset($package['website']);
  316. $package['author'] = array();
  317. if ($package['description'] == '')
  318. $package['description'] = $txt['package_no_description'];
  319. else
  320. $package['description'] = parse_bbc(preg_replace('~\[[/]?html\]~i', '', $smcFunc['htmlspecialchars']($package['description'])));
  321. $package['is_installed'] = isset($installed_mods[$package['id']]);
  322. $package['is_current'] = $package['is_installed'] && ($installed_mods[$package['id']] == $package['version']);
  323. $package['is_newer'] = $package['is_installed'] && ($installed_mods[$package['id']] > $package['version']);
  324. // This package is either not installed, or installed but old. Is it supported on this version of SMF?
  325. if (!$package['is_installed'] || (!$package['is_current'] && !$package['is_newer']))
  326. {
  327. if ($thisPackage->exists('version/@for'))
  328. $package['can_install'] = matchPackageVersion($the_version, $thisPackage->fetch('version/@for'));
  329. }
  330. // Okay, it's already installed AND up to date.
  331. else
  332. $package['can_install'] = false;
  333. $already_exists = getPackageInfo(basename($package['filename']));
  334. $package['download_conflict'] = is_array($already_exists) && $already_exists['id'] == $package['id'] && $already_exists['version'] != $package['version'];
  335. $package['href'] = $url . '/' . $package['filename'];
  336. $package['name'] = $smcFunc['htmlspecialchars']($package['name']);
  337. $package['link'] = '<a href="' . $package['href'] . '">' . $package['name'] . '</a>';
  338. $package['download']['href'] = $scripturl . '?action=admin;area=packages;get;sa=download' . $server_att . ';package=' . $current_url . $package['filename'] . ($package['download_conflict'] ? ';conflict' : '') . ';' . $context['session_var'] . '=' . $context['session_id'];
  339. $package['download']['link'] = '<a href="' . $package['download']['href'] . '">' . $package['name'] . '</a>';
  340. if ($thisPackage->exists('author') || isset($default_author))
  341. {
  342. if ($thisPackage->exists('author/@email'))
  343. $package['author']['email'] = $thisPackage->fetch('author/@email');
  344. elseif (isset($default_email))
  345. $package['author']['email'] = $default_email;
  346. if ($thisPackage->exists('author') && $thisPackage->fetch('author') != '')
  347. $package['author']['name'] = $smcFunc['htmlspecialchars']($thisPackage->fetch('author'));
  348. else
  349. $package['author']['name'] = $default_author;
  350. if (!empty($package['author']['email']))
  351. {
  352. // Only put the "mailto:" if it looks like a valid email address. Some may wish to put a link to an SMF IM Form or other web mail form.
  353. $package['author']['href'] = preg_match('~^[\w\.\-]+@[\w][\w\-\.]+[\w]$~', $package['author']['email']) != 0 ? 'mailto:' . $package['author']['email'] : $package['author']['email'];
  354. $package['author']['link'] = '<a href="' . $package['author']['href'] . '">' . $package['author']['name'] . '</a>';
  355. }
  356. }
  357. if ($thisPackage->exists('website') || isset($default_website))
  358. {
  359. if ($thisPackage->exists('website') && $thisPackage->exists('website/@title'))
  360. $package['author']['website']['name'] = $smcFunc['htmlspecialchars']($thisPackage->fetch('website/@title'));
  361. elseif (isset($default_title))
  362. $package['author']['website']['name'] = $default_title;
  363. elseif ($thisPackage->exists('website'))
  364. $package['author']['website']['name'] = $smcFunc['htmlspecialchars']($thisPackage->fetch('website'));
  365. else
  366. $package['author']['website']['name'] = $default_website;
  367. if ($thisPackage->exists('website') && $thisPackage->fetch('website') != '')
  368. $authorhompage = $thisPackage->fetch('website');
  369. else
  370. $authorhompage = $default_website;
  371. if (stripos($authorhompage, 'a href') === false)
  372. {
  373. $package['author']['website']['href'] = $authorhompage;
  374. $package['author']['website']['link'] = '<a href="' . $authorhompage . '">' . $package['author']['website']['name'] . '</a>';
  375. }
  376. else
  377. {
  378. if (preg_match('/a href="(.+?)"/', $authorhompage, $match) == 1)
  379. $package['author']['website']['href'] = $match[1];
  380. else
  381. $package['author']['website']['href'] = '';
  382. $package['author']['website']['link'] = $authorhompage;
  383. }
  384. }
  385. else
  386. {
  387. $package['author']['website']['href'] = '';
  388. $package['author']['website']['link'] = '';
  389. }
  390. }
  391. $package['is_remote'] = $package['type'] == 'remote';
  392. $package['is_title'] = $package['type'] == 'title';
  393. $package['is_heading'] = $package['type'] == 'heading';
  394. $package['is_text'] = $package['type'] == 'text';
  395. $package['is_line'] = $package['type'] == 'rule';
  396. $packageNum = in_array($package['type'], array('title', 'heading', 'text', 'remote', 'rule')) ? 0 : $packageNum + 1;
  397. $package['count'] = $packageNum;
  398. if (!in_array($package['type'], array('title', 'text')))
  399. $context['package_list'][$packageSection]['items'][] = $package;
  400. if ($package['count'] > 1)
  401. $context['list_type'] = 'ol';
  402. }
  403. $packageSection++;
  404. }
  405. // Lets make sure we get a nice new spiffy clean $package to work with. Otherwise we get PAIN!
  406. unset($package);
  407. foreach ($context['package_list'] as $ps_id => $packageSection)
  408. {
  409. foreach ($packageSection['items'] as $i => $package)
  410. {
  411. if ($package['count'] == 0 || isset($package['can_install']))
  412. continue;
  413. $context['package_list'][$ps_id]['items'][$i]['can_install'] = false;
  414. $packageInfo = getPackageInfo($url . '/' . $package['filename']);
  415. if (is_array($packageInfo) && $packageInfo['xml']->exists('install'))
  416. {
  417. $installs = $packageInfo['xml']->set('install');
  418. foreach ($installs as $install)
  419. if (!$install->exists('@for') || matchPackageVersion($the_version, $install->fetch('@for')))
  420. {
  421. // Okay, this one is good to go.
  422. $context['package_list'][$ps_id]['items'][$i]['can_install'] = true;
  423. break;
  424. }
  425. }
  426. }
  427. }
  428. }
  429. /**
  430. * Download a package.
  431. */
  432. function PackageDownload()
  433. {
  434. global $txt, $scripturl, $boarddir, $context, $sourcedir, $packagesdir, $smcFunc;
  435. // Use the downloaded sub template.
  436. $context['sub_template'] = 'downloaded';
  437. // Security is good...
  438. checkSession('get');
  439. // To download something, we need a valid server or url.
  440. if (empty($_GET['server']) && (!empty($_GET['get']) && !empty($_REQUEST['package'])))
  441. fatal_lang_error('package_get_error_is_zero', false);
  442. if (isset($_GET['server']))
  443. {
  444. $server = (int) $_GET['server'];
  445. // Query the server table to find the requested server.
  446. $request = $smcFunc['db_query']('', '
  447. SELECT name, url
  448. FROM {db_prefix}package_servers
  449. WHERE id_server = {int:current_server}
  450. LIMIT 1',
  451. array(
  452. 'current_server' => $server,
  453. )
  454. );
  455. list ($name, $url) = $smcFunc['db_fetch_row']($request);
  456. $smcFunc['db_free_result']($request);
  457. // If server does not exist then dump out.
  458. if (empty($url))
  459. fatal_lang_error('couldnt_connect', false);
  460. $url = $url . '/';
  461. }
  462. else
  463. {
  464. // Initialize the requried variables.
  465. $server = '';
  466. $url = '';
  467. }
  468. if (isset($_REQUEST['byurl']) && !empty($_POST['filename']))
  469. $package_name = basename($_REQUEST['filename']);
  470. else
  471. $package_name = basename($_REQUEST['package']);
  472. if (isset($_REQUEST['conflict']) || (isset($_REQUEST['auto']) && file_exists($packagesdir . '/' . $package_name)))
  473. {
  474. // Find the extension, change abc.tar.gz to abc_1.tar.gz...
  475. if (strrpos(substr($package_name, 0, -3), '.') !== false)
  476. {
  477. $ext = substr($package_name, strrpos(substr($package_name, 0, -3), '.'));
  478. $package_name = substr($package_name, 0, strrpos(substr($package_name, 0, -3), '.')) . '_';
  479. }
  480. else
  481. $ext = '';
  482. // Find the first available.
  483. $i = 1;
  484. while (file_exists($packagesdir . '/' . $package_name . $i . $ext))
  485. $i++;
  486. $package_name = $package_name . $i . $ext;
  487. }
  488. // First make sure it's a package.
  489. $packageInfo = getPackageInfo($url . $_REQUEST['package']);
  490. if (!is_array($packageInfo))
  491. fatal_lang_error($packageInfo);
  492. // Use FTP if necessary.
  493. create_chmod_control(array($packagesdir . '/' . $package_name), array('destination_url' => $scripturl . '?action=admin;area=packages;get;sa=download' . (isset($_GET['server']) ? ';server=' . $_GET['server'] : '') . (isset($_REQUEST['auto']) ? ';auto' : '') . ';package=' . $_REQUEST['package'] . (isset($_REQUEST['conflict']) ? ';conflict' : '') . ';' . $context['session_var'] . '=' . $context['session_id'], 'crash_on_error' => true));
  494. package_put_contents($packagesdir . '/' . $package_name, fetch_web_data($url . $_REQUEST['package']));
  495. // Done! Did we get this package automatically?
  496. if (preg_match('~^http://[\w_\-]+\.simplemachines\.org/~', $_REQUEST['package']) == 1 && strpos($_REQUEST['package'], 'dlattach') === false && isset($_REQUEST['auto']))
  497. redirectexit('action=admin;area=packages;sa=install;package=' . $package_name);
  498. // You just downloaded a mod from SERVER_NAME_GOES_HERE.
  499. $context['package_server'] = $server;
  500. $context['package'] = getPackageInfo($package_name);
  501. if (!is_array($context['package']))
  502. fatal_lang_error('package_cant_download', false);
  503. if ($context['package']['type'] == 'modification')
  504. $context['package']['install']['link'] = '<a href="' . $scripturl . '?action=admin;area=packages;sa=install;package=' . $context['package']['filename'] . '">[ ' . $txt['install_mod'] . ' ]</a>';
  505. elseif ($context['package']['type'] == 'avatar')
  506. $context['package']['install']['link'] = '<a href="' . $scripturl . '?action=admin;area=packages;sa=install;package=' . $context['package']['filename'] . '">[ ' . $txt['use_avatars'] . ' ]</a>';
  507. elseif ($context['package']['type'] == 'language')
  508. $context['package']['install']['link'] = '<a href="' . $scripturl . '?action=admin;area=packages;sa=install;package=' . $context['package']['filename'] . '">[ ' . $txt['add_languages'] . ' ]</a>';
  509. else
  510. $context['package']['install']['link'] = '';
  511. $context['package']['list_files']['link'] = '<a href="' . $scripturl . '?action=admin;area=packages;sa=list;package=' . $context['package']['filename'] . '">[ ' . $txt['list_files'] . ' ]</a>';
  512. // Free a little bit of memory...
  513. unset($context['package']['xml']);
  514. $context['page_title'] = $txt['download_success'];
  515. }
  516. /**
  517. * Upload a new package to the directory.
  518. */
  519. function PackageUpload()
  520. {
  521. global $txt, $scripturl, $boarddir, $context, $sourcedir, $packagesdir;
  522. // Setup the correct template, even though I'll admit we ain't downloading ;)
  523. $context['sub_template'] = 'downloaded';
  524. // @todo Use FTP if the Packages directory is not writable.
  525. // Check the file was even sent!
  526. if (!isset($_FILES['package']['name']) || $_FILES['package']['name'] == '')
  527. fatal_lang_error('package_upload_error_nofile');
  528. elseif (!is_uploaded_file($_FILES['package']['tmp_name']) || (ini_get('open_basedir') == '' && !file_exists($_FILES['package']['tmp_name'])))
  529. fatal_lang_error('package_upload_error_failed');
  530. // Make sure it has a sane filename.
  531. $_FILES['package']['name'] = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $_FILES['package']['name']);
  532. if (strtolower(substr($_FILES['package']['name'], -4)) != '.zip' && strtolower(substr($_FILES['package']['name'], -4)) != '.tgz' && strtolower(substr($_FILES['package']['name'], -7)) != '.tar.gz')
  533. fatal_lang_error('package_upload_error_supports', false, array('zip, tgz, tar.gz'));
  534. // We only need the filename...
  535. $packageName = basename($_FILES['package']['name']);
  536. // Setup the destination and throw an error if the file is already there!
  537. $destination = $packagesdir . '/' . $packageName;
  538. // @todo Maybe just roll it like we do for downloads?
  539. if (file_exists($destination))
  540. fatal_lang_error('package_upload_error_exists');
  541. // Now move the file.
  542. move_uploaded_file($_FILES['package']['tmp_name'], $destination);
  543. @chmod($destination, 0777);
  544. // If we got this far that should mean it's available.
  545. $context['package'] = getPackageInfo($packageName);
  546. $context['package_server'] = '';
  547. // Not really a package, you lazy bum!
  548. if (!is_array($context['package']))
  549. {
  550. @unlink($destination);
  551. loadLanguage('Errors');
  552. $txt[$context['package']] = str_replace('{MANAGETHEMEURL}', $scripturl . '?action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id'] . '#theme_install', $txt[$context['package']]);
  553. fatal_lang_error('package_upload_error_broken', false, $txt[$context['package']]);
  554. }
  555. // Is it already uploaded, maybe?
  556. elseif ($dir = @opendir($packagesdir))
  557. {
  558. while ($package = readdir($dir))
  559. {
  560. if ($package == '.' || $package == '..' || $package == 'temp' || $package == $packageName || (!(is_dir($packagesdir . '/' . $package) && file_exists($packagesdir . '/' . $package . '/package-info.xml')) && substr(strtolower($package), -7) != '.tar.gz' && substr(strtolower($package), -4) != '.tgz' && substr(strtolower($package), -4) != '.zip'))
  561. continue;
  562. $packageInfo = getPackageInfo($package);
  563. if (!is_array($packageInfo))
  564. continue;
  565. if ($packageInfo['id'] == $context['package']['id'] && $packageInfo['version'] == $context['package']['version'])
  566. {
  567. @unlink($destination);
  568. loadLanguage('Errors');
  569. fatal_lang_error('package_upload_error_exists');
  570. }
  571. }
  572. closedir($dir);
  573. }
  574. if ($context['package']['type'] == 'modification')
  575. $context['package']['install']['link'] = '<a href="' . $scripturl . '?action=admin;area=packages;sa=install;package=' . $context['package']['filename'] . '">[ ' . $txt['install_mod'] . ' ]</a>';
  576. elseif ($context['package']['type'] == 'avatar')
  577. $context['package']['install']['link'] = '<a href="' . $scripturl . '?action=admin;area=packages;sa=install;package=' . $context['package']['filename'] . '">[ ' . $txt['use_avatars'] . ' ]</a>';
  578. elseif ($context['package']['type'] == 'language')
  579. $context['package']['install']['link'] = '<a href="' . $scripturl . '?action=admin;area=packages;sa=install;package=' . $context['package']['filename'] . '">[ ' . $txt['add_languages'] . ' ]</a>';
  580. else
  581. $context['package']['install']['link'] = '';
  582. $context['package']['list_files']['link'] = '<a href="' . $scripturl . '?action=admin;area=packages;sa=list;package=' . $context['package']['filename'] . '">[ ' . $txt['list_files'] . ' ]</a>';
  583. unset($context['package']['xml']);
  584. $context['page_title'] = $txt['package_uploaded_success'];
  585. }
  586. /**
  587. * Add a package server to the list.
  588. */
  589. function PackageServerAdd()
  590. {
  591. global $smcFunc;
  592. // Validate the user.
  593. checkSession();
  594. // If they put a slash on the end, get rid of it.
  595. if (substr($_POST['serverurl'], -1) == '/')
  596. $_POST['serverurl'] = substr($_POST['serverurl'], 0, -1);
  597. // Are they both nice and clean?
  598. $servername = trim($smcFunc['htmlspecialchars']($_POST['servername']));
  599. $serverurl = trim($smcFunc['htmlspecialchars']($_POST['serverurl']));
  600. // Make sure the URL has the correct prefix.
  601. if (strpos($serverurl, 'http://') !== 0 && strpos($serverurl, 'https://') !== 0)
  602. $serverurl = 'http://' . $serverurl;
  603. $smcFunc['db_insert']('',
  604. '{db_prefix}package_servers',
  605. array(
  606. 'name' => 'string-255', 'url' => 'string-255',
  607. ),
  608. array(
  609. $servername, $serverurl,
  610. ),
  611. array('id_server')
  612. );
  613. redirectexit('action=admin;area=packages;get');
  614. }
  615. /**
  616. * Remove a server from the list.
  617. */
  618. function PackageServerRemove()
  619. {
  620. global $smcFunc;
  621. checkSession('get');
  622. $smcFunc['db_query']('', '
  623. DELETE FROM {db_prefix}package_servers
  624. WHERE id_server = {int:current_server}',
  625. array(
  626. 'current_server' => (int) $_GET['server'],
  627. )
  628. );
  629. redirectexit('action=admin;area=packages;get');
  630. }
  631. ?>