-
Notifications
You must be signed in to change notification settings - Fork 0
/
upgrade.php
101 lines (95 loc) · 3.54 KB
/
upgrade.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?php
/**
* libExcelRead
*
* @author Ralf Hertsch <ralf.hertsch@phpmanufaktur.de>
* @link http://phpmanufaktur.de
* @copyright 2011 - 2012
* @license MIT License (MIT) http://www.opensource.org/licenses/MIT
*/
// include class.secure.php to protect this file and the whole CMS!
if (defined('WB_PATH')) {
if (defined('LEPTON_VERSION'))
include(WB_PATH.'/framework/class.secure.php');
}
else {
$oneback = "../";
$root = $oneback;
$level = 1;
while (($level < 10) && (!file_exists($root.'/framework/class.secure.php'))) {
$root .= $oneback;
$level += 1;
}
if (file_exists($root.'/framework/class.secure.php')) {
include($root.'/framework/class.secure.php');
}
else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
// end include class.secure.php
if (file_exists(WB_PATH . '/modules/droplets/functions.inc.php'))
require_once WB_PATH . '/modules/droplets/functions.inc.php';
if (!function_exists('wb_unpack_and_import')) {
function wb_unpack_and_import($temp_file, $temp_unzip) {
global $admin, $database;
// Include the PclZip class file
require_once (WB_PATH . '/include/pclzip/pclzip.lib.php');
$errors = array();
$count = 0;
$archive = new PclZip($temp_file);
$list = $archive->extract(PCLZIP_OPT_PATH, $temp_unzip);
// now, open all *.php files and search for the header;
// an exported droplet starts with "//:"
if (false !== ($dh = opendir($temp_unzip))) {
while (false !== ($file = readdir($dh))) {
if ($file != "." && $file != "..") {
if (preg_match('/^(.*)\.php$/i', $file, $name_match)) {
// Name of the Droplet = Filename
$name = $name_match[1];
// Slurp file contents
$lines = file($temp_unzip . '/' . $file);
// First line: Description
if (preg_match('#^//\:(.*)$#', $lines[0], $match)) {
$description = $match[1];
}
// Second line: Usage instructions
if (preg_match('#^//\:(.*)$#', $lines[1], $match)) {
$usage = addslashes($match[1]);
}
// Remaining: Droplet code
$code = implode('', array_slice($lines, 2));
// replace 'evil' chars in code
$tags = array('<?php', '?>', '<?');
$code = addslashes(str_replace($tags, '', $code));
// Already in the DB?
$stmt = 'INSERT';
$id = NULL;
$found = $database->get_one("SELECT * FROM " . TABLE_PREFIX .
"mod_droplets WHERE name='$name'");
if ($found && $found > 0) {
$stmt = 'REPLACE';
$id = $found;
}
// execute
$result = $database->query("$stmt INTO " . TABLE_PREFIX .
"mod_droplets VALUES('$id','$name','$code','$description','" .
time() . "','" . $admin->get_user_id() . "',1,0,0,0,'$usage')");
if (!$database->is_error()) {
$count++;
$imports[$name] = 1;
}
else {
$errors[$name] = $database->get_error();
}
}
}
}
closedir($dh);
}
return array('count' => $count, 'errors' => $errors, 'imported' => $imports);
} // end function wb_unpack_and_import()
}
global $admin;
if (!file_exists(WB_PATH.'/temp/unzip/')) @mkdir(WB_PATH.'/temp/unzip/');
wb_unpack_and_import(WB_PATH.'/modules/'.basename(dirname(__FILE__)).'/droplets/droplet_excel.zip', WB_PATH.'/temp/unzip/');