This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /* |
||
3 | * You may not change or alter any portion of this comment or credits |
||
4 | * of supporting developers from this source code or any supporting source code |
||
5 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||
6 | * |
||
7 | * This program is distributed in the hope that it will be useful, |
||
8 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
9 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||
10 | */ |
||
11 | |||
12 | /** |
||
13 | * @copyright {@link http://xoops.org/ XOOPS Project} |
||
14 | * @license {@link http://www.fsf.org/copyleft/gpl.html GNU public license} |
||
15 | * @package |
||
16 | * @since |
||
17 | * @author XOOPS Development Team, |
||
18 | * @author Antiques Promotion (http://www.antiquespromotion.ca) |
||
19 | * @param $xoopsModule |
||
20 | * @return bool |
||
21 | */ |
||
22 | |||
23 | /** |
||
24 | * |
||
25 | * Prepares system prior to attempting to install module |
||
26 | * @param XoopsModule $module {@link XoopsModule} |
||
27 | * |
||
28 | * @return bool true if ready to install, false if not |
||
29 | */ |
||
30 | function xoops_module_pre_install_apcal(XoopsModule $module) |
||
31 | { |
||
32 | $moduleDirName = basename(dirname(__DIR__)); |
||
33 | $classUtility = ucfirst($moduleDirName) . 'Utility'; |
||
34 | if (!class_exists($classUtility)) { |
||
35 | xoops_load('utility', $moduleDirName); |
||
36 | } |
||
37 | //check for minimum XOOPS version |
||
38 | if (!$classUtility::checkVerXoops($module)) { |
||
39 | return false; |
||
40 | } |
||
41 | |||
42 | // check for minimum PHP version |
||
43 | if (!$classUtility::checkVerPhp($module)) { |
||
44 | return false; |
||
45 | } |
||
46 | |||
47 | $mod_tables = $module->getInfo('tables'); |
||
48 | foreach ($mod_tables as $table) { |
||
49 | $GLOBALS['xoopsDB']->queryF('DROP TABLE IF EXISTS ' . $GLOBALS['xoopsDB']->prefix($table) . ';'); |
||
50 | } |
||
51 | |||
52 | return true; |
||
53 | } |
||
54 | function xoops_module_install_apcal(XoopsModule $xoopsModule) |
||
55 | { |
||
56 | require_once __DIR__ . '/../../../mainfile.php'; |
||
57 | require_once __DIR__ . '/../include/config.php'; |
||
58 | |||
59 | if (!isset($moduleDirName)) { |
||
0 ignored issues
–
show
|
|||
60 | $moduleDirName = basename(dirname(__DIR__)); |
||
61 | } |
||
62 | |||
63 | if (false !== ($moduleHelper = Xmf\Module\Helper::getHelper($moduleDirName))) { |
||
64 | } else { |
||
65 | $moduleHelper = Xmf\Module\Helper::getHelper('system'); |
||
66 | } |
||
67 | |||
68 | // Load language files |
||
69 | $moduleHelper->loadLanguage('admin'); |
||
70 | $moduleHelper->loadLanguage('modinfo'); |
||
71 | |||
72 | $configurator = new ModuleConfigurator(); |
||
73 | $classUtility = ucfirst($moduleDirName) . 'Utility'; |
||
74 | if (!class_exists($classUtility)) { |
||
75 | xoops_load('utility', $moduleDirName); |
||
76 | } |
||
77 | //------------------------------------ |
||
78 | $ret = true; |
||
79 | $errors = transferTable('event'); |
||
80 | if ($errors !== '') { |
||
81 | $ret = false; |
||
82 | } |
||
83 | //echo $errors ? 'Error inserting these ids in event:<br>'.$errors : 'Insertion succesful!<br>'; |
||
84 | $errors = transferTable('cat'); |
||
85 | if ($errors !== '') { |
||
86 | $ret = false; |
||
87 | } |
||
88 | //echo $errors ? 'Error inserting these ids in cat:<br>'.$errors : 'Insertion succesful!<br>'; |
||
89 | $errors = transferTable('plugins'); |
||
90 | if ($errors !== '') { |
||
91 | $ret = false; |
||
92 | } |
||
93 | //echo $errors ? 'Error inserting these ids in plugins:<br>'.$errors : 'Insertion succesful!<br>'; |
||
94 | setDefaultPerm(); |
||
95 | makeShortEventAftertransfer(); |
||
96 | makeShortCatAftertransfer(); |
||
97 | |||
98 | $GLOBALS['xoopsDB']->queryF("UPDATE {$GLOBALS['xoopsDB']->prefix('apcal_event')} SET start_date=NULL,end_date=NULL"); |
||
99 | $GLOBALS['xoopsDB']->queryF("UPDATE {$GLOBALS['xoopsDB']->prefix('apcal_event')} t, (SELECT id, shortsummary FROM {$GLOBALS['xoopsDB']->prefix('apcal_event')} x WHERE x.rrule_pid>0 GROUP BY x.shortsummary ORDER BY start) AS e SET t.rrule_pid=e.id WHERE t.shortsummary=e.shortsummary;"); |
||
100 | |||
101 | // if (!is_dir(XOOPS_UPLOAD_PATH . '/apcal/')) { |
||
102 | // mkdir(XOOPS_UPLOAD_PATH . '/apcal/', 0755); |
||
103 | // } |
||
104 | // if (!is_dir(XOOPS_UPLOAD_PATH . '/apcal/thumbs/')) { |
||
105 | // mkdir(XOOPS_UPLOAD_PATH . '/apcal/thumbs/', 0755); |
||
106 | // } |
||
107 | |||
108 | // --- CREATE FOLDERS --------------- |
||
109 | View Code Duplication | if (count($configurator->uploadFolders) > 0) { |
|
110 | // foreach (array_keys($GLOBALS['uploadFolders']) as $i) { |
||
111 | foreach (array_keys($configurator->uploadFolders) as $i) { |
||
112 | $classUtility::createFolder($configurator->uploadFolders[$i]); |
||
113 | } |
||
114 | } |
||
115 | |||
116 | // --- COPY blank.png FILES --------------- |
||
117 | View Code Duplication | if (count($configurator->blankFiles) > 0) { |
|
118 | $file = __DIR__ . '/../assets/images/blank.png'; |
||
119 | foreach (array_keys($configurator->blankFiles) as $i) { |
||
120 | $dest = $configurator->blankFiles[$i] . '/blank.png'; |
||
121 | $classUtility::copyFile($file, $dest); |
||
122 | } |
||
123 | } |
||
124 | //delete .html entries from the tpl table |
||
125 | $sql = 'DELETE FROM ' . $GLOBALS['xoopsDB']->prefix('tplfile') . " WHERE `tpl_module` = '" . $xoopsModule->getVar('dirname', 'n') . "' AND `tpl_file` LIKE '%.html%'"; |
||
126 | $GLOBALS['xoopsDB']->queryF($sql); |
||
127 | |||
128 | return $ret; |
||
129 | } |
||
130 | |||
131 | View Code Duplication | function makeShortEventAftertransfer() |
|
132 | { |
||
133 | $result = $GLOBALS['xoopsDB']->queryF("SELECT id, summary FROM {$GLOBALS['xoopsDB']->prefix('apcal_event')}"); |
||
134 | while ($row = $GLOBALS['xoopsDB']->fetchArray($result)) { |
||
135 | $shortsummary = makeShort($row['summary']); |
||
136 | $GLOBALS['xoopsDB']->queryF("UPDATE {$GLOBALS['xoopsDB']->prefix('apcal_event')} SET shortsummary='{$shortsummary}' WHERE id={$row['id']}"); |
||
137 | } |
||
138 | } |
||
139 | |||
140 | View Code Duplication | function makeShortCatAftertransfer() |
|
141 | { |
||
142 | |||
143 | $result = $GLOBALS['xoopsDB']->queryF("SELECT cid, cat_title FROM {$GLOBALS['xoopsDB']->prefix('apcal_cat')}"); |
||
144 | while ($row = $GLOBALS['xoopsDB']->fetchArray($result)) { |
||
145 | $cat_shorttitle = makeShort($row['cat_title']); |
||
146 | $GLOBALS['xoopsDB']->queryF("UPDATE {$GLOBALS['xoopsDB']->prefix('apcal_cat')} SET cat_shorttitle='{$cat_shorttitle}' WHERE cid={$row['cid']}"); |
||
147 | } |
||
148 | } |
||
149 | |||
150 | /** |
||
151 | * @param $tablename |
||
152 | * @return string |
||
153 | */ |
||
154 | function transferTable($tablename) |
||
155 | { |
||
156 | $errors = ''; |
||
157 | $result = $GLOBALS['xoopsDB']->queryF("SELECT * FROM {$GLOBALS['xoopsDB']->prefix('pical_'.$tablename)}"); |
||
158 | while ($row = $GLOBALS['xoopsDB']->fetchArray($result)) { |
||
159 | $fields = ''; |
||
160 | $values = ''; |
||
161 | $isFirst = true; |
||
162 | foreach ($row as $field => $value) { |
||
163 | if ($field !== 'id' && $field !== 'start_date' && $field !== 'end_date') { |
||
164 | $fields .= ($isFirst ? '' : ', ') . $field; |
||
165 | $values .= ($isFirst ? '' : ', ') . $GLOBALS['xoopsDB']->quote($value); |
||
166 | $isFirst = false; |
||
167 | } |
||
168 | } |
||
169 | |||
170 | View Code Duplication | if (!$GLOBALS['xoopsDB']->queryF("INSERT INTO {$GLOBALS['xoopsDB']->prefix('apcal_'.$tablename)}($fields) VALUES ({$values})")) { |
|
171 | $errors .= ' ' . $row['id'] . ' => ' . $GLOBALS['xoopsDB']->error() . '<br>'; |
||
172 | } |
||
173 | } |
||
174 | |||
175 | return $errors; |
||
176 | } |
||
177 | |||
178 | function setDefaultPerm() |
||
179 | { |
||
180 | $moduleHnd = xoops_getHandler('module'); |
||
181 | $module = $moduleHnd->getByDirname('APCal'); |
||
182 | $modid = $module->getVar('mid'); |
||
183 | $gpermHandler = xoops_getHandler('groupperm'); |
||
184 | //$item_ids = array(1, 2, 4, 8, 32); |
||
185 | |||
186 | $pical_cat = $gpermHandler->getObjects(new Criteria('gperm_name', 'pical_cat')); |
||
187 | $pical_global = $gpermHandler->getObjects(new Criteria('gperm_name', 'pical_global')); |
||
188 | |||
189 | View Code Duplication | foreach ($pical_cat as $cat_perm) { |
|
190 | $gperm = $gpermHandler->create(); |
||
191 | $gperm->setVar('gperm_groupid', $cat_perm->getVar('gperm_groupid')); |
||
192 | $gperm->setVar('gperm_name', 'apcal_cat'); |
||
193 | $gperm->setVar('gperm_modid', $modid); |
||
194 | $gperm->setVar('gperm_itemid', $cat_perm->getVar('gperm_itemid')); |
||
195 | $gpermHandler->insert($gperm); |
||
196 | unset($gperm); |
||
197 | } |
||
198 | |||
199 | View Code Duplication | foreach ($pical_global as $global_perm) { |
|
200 | $gperm = $gpermHandler->create(); |
||
201 | $gperm->setVar('gperm_groupid', $global_perm->getVar('gperm_groupid')); |
||
202 | $gperm->setVar('gperm_name', 'apcal_global'); |
||
203 | $gperm->setVar('gperm_modid', $modid); |
||
204 | $gperm->setVar('gperm_itemid', $global_perm->getVar('gperm_itemid')); |
||
205 | $gpermHandler->insert($gperm); |
||
206 | unset($gperm); |
||
207 | } |
||
208 | |||
209 | /*foreach ($item_ids as $item_id) { |
||
210 | $gperm = $gpermHandler->create(); |
||
211 | $gperm->setVar('gperm_groupid', 1); |
||
212 | $gperm->setVar('gperm_name', 'apcal_global'); |
||
213 | $gperm->setVar('gperm_modid', $modid); |
||
214 | $gperm->setVar('gperm_itemid', $item_id); |
||
215 | $gpermHandler->insert($gperm); |
||
216 | unset($gperm); |
||
217 | }*/ |
||
218 | } |
||
219 | |||
220 | /** |
||
221 | * @param $str |
||
222 | * @return mixed |
||
223 | */ |
||
224 | View Code Duplication | function makeShort($str) |
|
225 | { |
||
226 | $replacements = array( |
||
227 | 'Š' => 'S', |
||
228 | 'š' => 's', |
||
229 | 'Ž' => 'Z', |
||
230 | 'ž' => 'z', |
||
231 | 'À' => 'A', |
||
232 | 'Á' => 'A', |
||
233 | 'Â' => 'A', |
||
234 | 'Ã' => 'A', |
||
235 | 'Ä' => 'A', |
||
236 | 'Å' => 'A', |
||
237 | 'Æ' => 'A', |
||
238 | 'Ç' => 'C', |
||
239 | 'È' => 'E', |
||
240 | 'É' => 'E', |
||
241 | 'Ê' => 'E', |
||
242 | 'Ë' => 'E', |
||
243 | 'Ì' => 'I', |
||
244 | 'Í' => 'I', |
||
245 | 'Î' => 'I', |
||
246 | 'Ï' => 'I', |
||
247 | 'Ñ' => 'N', |
||
248 | 'Ò' => 'O', |
||
249 | 'Ó' => 'O', |
||
250 | 'Ô' => 'O', |
||
251 | 'Õ' => 'O', |
||
252 | 'Ö' => 'O', |
||
253 | 'Ø' => 'O', |
||
254 | 'Ù' => 'U', |
||
255 | 'Ú' => 'U', |
||
256 | 'Û' => 'U', |
||
257 | 'Ü' => 'U', |
||
258 | 'Ý' => 'Y', |
||
259 | 'Þ' => 'B', |
||
260 | 'ß' => 'ss', |
||
261 | 'à' => 'a', |
||
262 | 'á' => 'a', |
||
263 | 'â' => 'a', |
||
264 | 'ã' => 'a', |
||
265 | 'ä' => 'a', |
||
266 | 'å' => 'a', |
||
267 | 'æ' => 'a', |
||
268 | 'ç' => 'c', |
||
269 | 'è' => 'e', |
||
270 | 'é' => 'e', |
||
271 | 'ê' => 'e', |
||
272 | 'ë' => 'e', |
||
273 | 'ì' => 'i', |
||
274 | 'í' => 'i', |
||
275 | 'î' => 'i', |
||
276 | 'ï' => 'i', |
||
277 | 'ð' => 'o', |
||
278 | 'ñ' => 'n', |
||
279 | 'ò' => 'o', |
||
280 | 'ó' => 'o', |
||
281 | 'ô' => 'o', |
||
282 | 'õ' => 'o', |
||
283 | 'ö' => 'o', |
||
284 | 'ø' => 'o', |
||
285 | 'ù' => 'u', |
||
286 | 'ú' => 'u', |
||
287 | 'û' => 'u', |
||
288 | 'ý' => 'y', |
||
289 | 'ý' => 'y', |
||
290 | 'þ' => 'b', |
||
291 | 'ÿ' => 'y' |
||
292 | ); |
||
293 | |||
294 | $str = strip_tags($str); |
||
295 | $str = strtr($str, $replacements); |
||
296 | |||
297 | return str_replace(array(' ', '-', '/', "\\", "'", '"', "\r", "\n", '&', '?', '!', '%', ',', '.'), '', $str); |
||
298 | } |
||
299 |
This check marks calls to
isset(...)
orempty(...)
that are found before the variable itself is defined. These will always have the same result.This is likely the result of code being shifted around. Consider removing these calls.