".$plg->getIcon(32)."
@@ -384,6 +384,12 @@ function renderHelp()
function installPage()
{
+ if(empty($this->getQuery('e-token')))
+ {
+ e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
+ $this->redirectAction('list');
+ }
+
$id = $this->getQuery('path');
$text = e107::getPlugin()->install($id);
@@ -438,6 +444,11 @@ function lanPage()
function uninstallPage()
{
+ if(empty($this->getQuery('e-token')))
+ {
+ e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
+ $this->redirectAction('list');
+ }
$id = $this->getQuery('path');
@@ -483,6 +494,14 @@ function uninstallPage()
function repairPage()
{
+
+ if(empty($this->getQuery('e-token')))
+ {
+ e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
+ $this->redirectAction('list');
+ return null;
+ }
+
$id = $this->getQuery('path');
$this->repair($id);
@@ -499,7 +518,7 @@ private function repair($id)
}
e107::getSingleton('e107plugin')->refresh($id);
- e107::getLog()->add('PLUGMAN_04', $id, E_LOG_INFORMATIVE, '');
+ e107::getLog()->add('PLUGMAN_04', $id);
e107::getMessage()->addSuccess("Repair Complete (".$id.")"); // Repair Complete ([x])
@@ -526,6 +545,12 @@ function pullPage()
function upgradePage()
{
+ if(empty($this->getQuery('e-token')))
+ {
+ e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
+ $this->redirectAction('list');
+ }
+
$this->pluginUpgrade();
}
@@ -1009,13 +1034,13 @@ function options($val, $curVal)
if($var['plugin_install_required'] == true)
{
- if($var['plugin_installflag'])
+ if(!empty($var['plugin_installflag']))
{
- $text .= ($var['plugin_installflag'] ? "
" . ADMIN_UNINSTALLPLUGIN_ICON . "" : "
" . ADMIN_INSTALLPLUGIN_ICON . "");
+ $text .= "
" . ADMIN_UNINSTALLPLUGIN_ICON . "";
}
else
{
- $text .= "
" . ADMIN_INSTALLPLUGIN_ICON . "";
+ $text .= "
" . ADMIN_INSTALLPLUGIN_ICON . "";
}
}
@@ -1037,17 +1062,17 @@ function options($val, $curVal)
if($var['plugin_version'] != $var['plugin_version_file'] && $var['plugin_installflag'])
{
- $text .= "
" . ADMIN_UPGRADEPLUGIN_ICON . "";
+ $text .= "
" . ADMIN_UPGRADEPLUGIN_ICON . "";
}
if($var['plugin_installflag'])
{
- $text .= "
" . ADMIN_REPAIRPLUGIN_ICON . "";
+ $text .= "
" . ADMIN_REPAIRPLUGIN_ICON . "";
}
if($var['plugin_installflag'] && is_dir($_path . ".git"))
{
- $text .= "
" . ADMIN_GITSYNC_ICON . "";
+ $text .= "
" . ADMIN_GITSYNC_ICON . "";
}
@@ -1140,12 +1165,16 @@ function pluginCheck($force=false)
// Modal Download.
public function downloadPage()
{
+ if(empty($_GET['e-token']))
+ {
+ echo e107::getMessage()->addError("Invalid Token")->render('default', 'error');
+ return null;
+ }
$frm = e107::getForm();
$mes = e107::getMessage();
$tp = e107::getParser();
- // print_a($_GET);
$string = base64_decode($_GET['src']);
parse_str($string, $data);
@@ -1192,7 +1221,7 @@ public function downloadPage()
$upgradable = e107::getPlug()->getUpgradableList();
if(!empty($upgradable[$pluginFolder]))
{
- $mes->addSuccess("
".LAN_UPDATE."");
+ $mes->addSuccess("
".LAN_UPDATE."");
}
echo $mes->render('default', 'success');
@@ -2539,6 +2568,9 @@ function step1()
$ns = e107::getRender();
$mes = e107::getMessage();
$tp = e107::getParser();
+
+ $newDir = [];
+ $lanDir = [];
$plugFolders = $fl->get_dirs(e_PLUGIN);
foreach($plugFolders as $dir)
diff --git a/e107_admin/theme.php b/e107_admin/theme.php
index be11c07c8f..218c055363 100644
--- a/e107_admin/theme.php
+++ b/e107_admin/theme.php
@@ -660,6 +660,12 @@ public function InfoPage()
public function DownloadPage()
{
+ if(empty($_GET['e-token']))
+ {
+ return e107::getMessage()->addError('Invalid Token')->render('default', 'error');
+ }
+
+
$frm = e107::getForm();
$mes = e107::getMessage();
$string = base64_decode($_GET['src']);
@@ -1175,7 +1181,7 @@ private function onlineOptions($theme)
if(!empty($theme['price'])) // Premium Theme
{
$LAN_DOWNLOAD = LAN_PURCHASE."/".LAN_DOWNLOAD;
- $downloadUrl = e_SELF.'?mode=main&action=download&src='.base64_encode($d); // no iframe.
+ $downloadUrl = e_SELF.'?mode=main&action=download&e-token='.e_TOKEN.'&src='.base64_encode($d); // no iframe.
$mainTarget = '_blank';
$mainClass = '';
$modalCaption = ' '.LAN_PURCHASE.' '.$theme['name']." ".$theme['version'];
@@ -1183,7 +1189,7 @@ private function onlineOptions($theme)
else // Free Theme
{
$LAN_DOWNLOAD = LAN_DOWNLOAD;
- $downloadUrl = e_SELF.'?mode=main&iframe=1&action=download&src='.base64_encode($d);//$url.'&action=download';
+ $downloadUrl = e_SELF.'?mode=main&iframe=1&action=download&e-token='.e_TOKEN.'&src='.base64_encode($d);//$url.'&action=download';
$mainTarget = '_self';
$mainClass = 'e-modal';
$modalCaption = ' '.LAN_DOWNLOADING.' '.$theme['name']." ".$theme['version'];
diff --git a/e107_handlers/e_marketplace.php b/e107_handlers/e_marketplace.php
index 7871b481e9..c267d87cec 100644
--- a/e107_handlers/e_marketplace.php
+++ b/e107_handlers/e_marketplace.php
@@ -262,7 +262,7 @@ public function getDownloadModal($type='plugin',$data=array())
// if(deftrue('e_DEBUG_PLUGMANAGER'))
{
- $url = e_ADMIN.'plugin.php?mode=online&action=download&src='.base64_encode($d);
+ $url = e_ADMIN.'plugin.php?mode=online&action=download&e-token='.e_TOKEN.'&src='.base64_encode($d);
}
// else
{
@@ -282,7 +282,7 @@ public function getDownloadModal($type='plugin',$data=array())
);
$d = http_build_query($srcData,false,'&');
- $url = e_ADMIN.'theme.php?mode=main&action=download&src='.base64_encode($d);//$url.'&action=download';
+ $url = e_ADMIN.'theme.php?mode=main&action=download&e-token='.e_TOKEN.'&src='.base64_encode($d);//$url.'&action=download';
}