-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmodify_extensions.php
88 lines (74 loc) · 2.73 KB
/
modify_extensions.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
/**
* CMS module: Download Gallery 3
* Copyright and more information see file info.php
**/
require_once '../../config.php';
require_once realpath( dirname(__FILE__).'/info.php' );
require_once realpath( dirname(__FILE__).'/functions.php' );
// check if this file was invoked by the expected module file
$referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
$dlgmodname = str_replace(str_replace('\\','/',WB_PATH).'/modules/','',str_replace('\\','/',dirname(__FILE__)));
if (
$referer
&& (
strpos($referer, WB_URL . '/modules/'.$dlgmodname.'/modify_settings.php') === false
&& strpos($referer, WB_URL . '/modules/'.$dlgmodname.'/modify_extensions.php') === false
)
) {
die(header('Location: ../../index.php'));
}
// include the admin wrapper script
$update_when_modified = true;
require WB_PATH.'/modules/admin.php';
$admin = new admin('Pages', '', false, false);
if(LANGUAGE_LOADED) {
require WB_PATH.'/modules/'.$dlgmodname.'/languages/EN.php';
if (file_exists (WB_PATH.'/modules/'.$dlgmodname.'/languages/'.LANGUAGE.'.php')) {
require WB_PATH.'/modules/'.$dlgmodname.'/languages/'.LANGUAGE.'.php';
}
}
require_once WB_PATH.'/framework/functions.php';
// initialize template data
$dir = pathinfo(dirname(__FILE__),PATHINFO_BASENAME);
$data = array(
'FTAN' => (method_exists($admin,'getFTAN') ? $admin->getFTAN() : ''),
'heading' => "$module_name - ".$TEXT['PAGE']." $page_id",
'modify_link' => ADMIN_URL.'/pages/modify.php',
'self_link' => WB_URL.'/modules/'.$dir,
'mod_version' => $module_version,
'infotext' => NULL,
);
if (isset($_REQUEST['fileext_id'])) {
$fileext_id = (int) $_REQUEST['fileext_id'];
}
else {
$admin->print_error($TEXT['ERROR']);
}
if(isset($_POST['file_ext'])) {
$checkOK = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789$, ";
$checkStr = $_POST['file_ext'];
$allValid = true;
//Loop through string and see if illegal chars are used
for ($i = 0; $i < strlen($checkStr); $i++) {
$ch = substr($checkStr, $i, 1);
if (strpos($checkOK, $ch)===FALSE) {
$allValid = false;
$data['infotext'] = $DGTEXT['FILE_TYPE_EXT_ERROR'];
break;
}
}
if($allValid) {
//Remove the spaces
$checkStr = str_replace(" ","", $checkStr);
//Update the database
$database->query("UPDATE `".TABLE_PREFIX.$tablename."_file_ext` "
. " SET `extensions` = '$checkStr' "
. " WHERE `fileext_id` = '$fileext_id' AND `page_id` = '$page_id'");
$data['infotext'] = $DGTEXT['FILE_STORED'];
}
}
// load current file extensions data
$data['extdetails'] = dlg_getfileext($fileext_id,$section_id);
$data = (object) $data;
require dirname(__FILE__).'/templates/default/backend/modify_extensions.phtml';