Permalink
Browse files

Updating plugin version check

Makes MyBB plugin version checking compatible with the new mods website
and adds a new feature: plugins marked as vulnerable will be highlighted
when checking for plugin updates
  • Loading branch information...
Kaeden
Kaeden committed Jan 24, 2014
1 parent d8e9c77 commit 0147b0873197a4c5dc1503a32584ac6842f634c7
Showing with 37 additions and 15 deletions.
  1. +35 −15 admin/modules/config/plugins.php
  2. +2 −0 inc/languages/english/admin/config_plugins.lang.php
@@ -213,10 +213,16 @@
}
$plugininfo = $infofunc();
$plugininfo['guid'] = trim($plugininfo['guid']);
$plugininfo['codename'] = trim($plugininfo['codename']);
if($plugininfo['guid'] != "")
if($plugininfo['codename'] != "")
{
$info[] = $plugininfo['guid'];
$info[] = $plugininfo['codename'];
$names[$plugininfo['codename']] = array('name' => $plugininfo['name'], 'version' => $plugininfo['version']);
}
elseif($plugininfo['guid'] != "")
{
$info[] = $plugininfo['guid'];
$names[$plugininfo['guid']] = array('name' => $plugininfo['name'], 'version' => $plugininfo['version']);
}
}
@@ -228,14 +234,9 @@
flash_message($lang->error_vcheck_no_supported_plugins, 'error');
admin_redirect("index.php?module=config-plugins");
}
$url = "http://mods.mybb.com/version_check.php?";
foreach($info as $guid)
{
$url .= "info[]=".urlencode($guid)."&";
}
$url = substr($url, 0, -1);
$url = "http://community.mybb.com/version_check.php?";
$url .= http_build_query(array("info" => $info))."&";
require_once MYBB_ROOT."inc/class_xml.php";
$contents = fetch_remote_file($url);
@@ -268,7 +269,6 @@
default:
$error_msg = "";
}
flash_message($lang->error_communication_problem.$error_msg, 'error');
admin_redirect("index.php?module=config-plugins");
}
@@ -294,12 +294,32 @@
foreach($tree['plugins']['plugin'] as $plugin)
{
if(version_compare($names[$plugin['attributes']['guid']]['version'], $plugin['version']['value'], "<"))
$compare_by = array_key_exists("codename", $plugin['attributes']) ? "codename" : "guid";
$is_vulnerable = array_key_exists("vulnerable", $plugin) ? true : false;
if(version_compare($names[$plugin['attributes'][$compare_by]]['version'], $plugin['version']['value'], "<"))
{
$table->construct_cell("<strong>{$names[$plugin['attributes']['guid']]['name']}</strong>");
$table->construct_cell("{$names[$plugin['attributes']['guid']]['version']}", array("class" => "align_center"));
if($is_vulnerable)
{
$table->construct_cell("<div class=\"error\" id=\"flash_message\">
{$lang->error_vcheck_vulnerable} {$names[$plugin['attributes'][$compare_by]]['name']}
</div>
<p> <b>{$lang->error_vcheck_vulnerable_notes}</b> <br /><br /> {$plugin['vulnerable']['value']}</p>");
}
else
{
$table->construct_cell("<strong>{$names[$plugin['attributes'][$compare_by]]['name']}</strong>");
}
$table->construct_cell("{$names[$plugin['attributes'][$compare_by]]['version']}", array("class" => "align_center"));
$table->construct_cell("<strong><span style=\"color: #C00\">{$plugin['version']['value']}</span></strong>", array("class" => "align_center"));
$table->construct_cell("<strong><a href=\"http://mods.mybb.com/view/{$plugin['download_url']['value']}\" target=\"_blank\">{$lang->download}</a></strong>", array("class" => "align_center"));
if($is_vulnerable)
{
$table->construct_cell("<a href=\"index.php?module=config-plugins\"><b>{$lang->deactivate}</b></a>", array("class" => "align_center", "width" => 150));
}
else
{
$table->construct_cell("<strong><a href=\"http://community.mybb.com/{$plugin['download_url']['value']}\" target=\"_blank\">{$lang->download}</a></strong>", array("class" => "align_center"));
}
$table->construct_row();
}
}
@@ -37,6 +37,8 @@
$l['error_vcheck_no_supported_plugins'] = "None of the plugins installed support version checking.";
$l['error_vcheck_communications_problem'] = "There was a problem communicating with the MyBB modifications version server. Please try again in a few minutes.";
$l['error_vcheck_vulnerable'] = "[Vulnerable plugin]:";
$l['error_vcheck_vulnerable_notes'] = "This submission has currently been marked as vulnerable by the MyBB Staff. We recommend complete removal of this modification. Please see the notes below: ";
$l['error_no_input'] = "Error code 1: No input specified.";
$l['error_no_pids'] = "Error code 2: No plugin ids specified.";
$l['error_communication_problem'] = "There was a problem communicating with the MyBB modifications server. Please try again in a few minutes.";

0 comments on commit 0147b08

Please sign in to comment.