aboutsummaryrefslogtreecommitdiffstats
path: root/admin/plugins.php
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2007-01-11 23:15:26 +0000
committerrvelices <rv-github@modusoptimus.com>2007-01-11 23:15:26 +0000
commita512c69225403aa0d6b926f757ffe23a3ff97b1f (patch)
tree77c5aea7a8ec482960363bf35c2d0fb411903185 /admin/plugins.php
parentd0c2de854f17846d4bf937fc7ed95a5a6a4a85c1 (diff)
plugins improvements: allow plugins to fail the installation/activation
comments.php improvements: - no more double sql escaping on author & keyword (once in common.inc.php and once in comments.php) - now can search comment content on all special char ( ', ", <, >, & ) - author & keyword are correctly redisplayed in browser when they are MySql escaped git-svn-id: http://piwigo.org/svn/trunk@1716 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/plugins.php')
-rw-r--r--admin/plugins.php82
1 files changed, 43 insertions, 39 deletions
diff --git a/admin/plugins.php b/admin/plugins.php
index d58e25a64..72695c3fa 100644
--- a/admin/plugins.php
+++ b/admin/plugins.php
@@ -1,11 +1,10 @@
<?php
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -36,21 +35,12 @@ check_status(ACCESS_ADMINISTRATOR);
$my_base_url = PHPWG_ROOT_PATH.'admin.php?page=plugins';
-
// +-----------------------------------------------------------------------+
// | perform requested actions |
// +-----------------------------------------------------------------------+
if ( isset($_REQUEST['action']) and isset($_REQUEST['plugin']) )
{
- if (function_exists('mysql_real_escape_string'))
- {
- $plugin_id = mysql_real_escape_string($_REQUEST['plugin']);
- }
- else
- {
- $plugin_id = mysql_escape_string($_REQUEST['plugin']);
- }
-
+ $plugin_id = $_REQUEST['plugin'];
$crt_db_plugin = get_db_plugins('', $plugin_id);
if (!empty($crt_db_plugin))
{
@@ -61,6 +51,7 @@ if ( isset($_REQUEST['action']) and isset($_REQUEST['plugin']) )
unset($crt_db_plugin);
}
+ $errors = array();
$file_to_include = PHPWG_PLUGINS_PATH.$plugin_id.'/maintain.inc.php';
switch ( $_REQUEST['action'] )
@@ -68,50 +59,58 @@ if ( isset($_REQUEST['action']) and isset($_REQUEST['plugin']) )
case 'install':
if ( !empty($crt_db_plugin))
{
- die ('CANNOT install - ALREADY INSTALLED');
+ array_push($errors, 'CANNOT install - ALREADY INSTALLED');
+ break;
}
$fs_plugins = get_fs_plugins();
if ( !isset( $fs_plugins[$plugin_id] ) )
{
- die ('CANNOT install - NO SUCH PLUGIN');
+ array_push($errors, 'CANNOT install - NO SUCH PLUGIN');
+ break;
}
- $query = '
+ if ( file_exists($file_to_include) )
+ {
+ include_once($file_to_include);
+ if ( function_exists('plugin_install') )
+ {
+ plugin_install($plugin_id, $fs_plugins[$plugin_id]['version'], $errors);
+ }
+ }
+ if (empty($errors))
+ {
+ $query = '
INSERT INTO '.PLUGINS_TABLE.' (id,version) VALUES ("'
.$plugin_id.'","'.$fs_plugins[$plugin_id]['version'].'"
)';
- pwg_query($query);
-
- // MAYBE TODO HERE = what if we die or we fail ???
- @include_once($file_to_include);
- if ( function_exists('plugin_install') )
- {
- plugin_install($plugin_id);
+ pwg_query($query);
}
break;
-
case 'activate':
if ( !isset($crt_db_plugin) )
{
- die ('CANNOT '. $_REQUEST['action'] .' - NOT INSTALLED');
+ array_push($errors, 'CANNOT '. $_REQUEST['action'] .' - NOT INSTALLED');
}
if ($crt_db_plugin['state']!='inactive')
{
- die('invalid current state '.$crt_db_plugin['state']);
+ array_push($errors, 'invalid current state '.$crt_db_plugin['state']);
}
- $query = '
-UPDATE '.PLUGINS_TABLE.' SET state="active" WHERE id="'.$plugin_id.'"';
- pwg_query($query);
-
- // MAYBE TODO HERE = what if we die or we fail ???
- @include_once($file_to_include);
- if ( function_exists('plugin_activate') )
+ if ( file_exists($file_to_include) )
{
- plugin_activate($plugin_id);
+ include_once($file_to_include);
+ if ( function_exists('plugin_activate') )
+ {
+ plugin_activate($plugin_id, $crt_db_plugin['version'], $errors);
+ }
+ }
+ if (empty($errors))
+ {
+ $query = '
+UPDATE '.PLUGINS_TABLE.' SET state="active" WHERE id="'.$plugin_id.'"';
+ pwg_query($query);
}
break;
-
case 'deactivate':
if ( !isset($crt_db_plugin) )
{
@@ -125,7 +124,6 @@ UPDATE '.PLUGINS_TABLE.' SET state="active" WHERE id="'.$plugin_id.'"';
UPDATE '.PLUGINS_TABLE.' SET state="inactive" WHERE id="'.$plugin_id.'"';
pwg_query($query);
- // MAYBE TODO HERE = what if we die or we fail ???
@include_once($file_to_include);
if ( function_exists('plugin_deactivate') )
{
@@ -142,7 +140,6 @@ UPDATE '.PLUGINS_TABLE.' SET state="inactive" WHERE id="'.$plugin_id.'"';
DELETE FROM '.PLUGINS_TABLE.' WHERE id="'.$plugin_id.'"';
pwg_query($query);
- // MAYBE TODO HERE = what if we die or we fail ???
@include_once($file_to_include);
if ( function_exists('plugin_uninstall') )
{
@@ -150,8 +147,15 @@ DELETE FROM '.PLUGINS_TABLE.' WHERE id="'.$plugin_id.'"';
}
break;
}
- // do the redirection so that we allow the plugins to load/unload
- redirect($my_base_url);
+ if (empty($errors))
+ {
+ // do the redirection so that we allow the plugins to load/unload
+ redirect($my_base_url);
+ }
+ else
+ {
+ $page['errors'] = array_merge($page['errors'], $errors);
+ }
}