This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||
2 | |||
3 | /** |
||
4 | * Module: WF-Links |
||
5 | * Version: v1.0.3 |
||
6 | * Release Date: 21 June 2005 |
||
7 | * Developer: John N |
||
8 | * Team: WF-Projects |
||
9 | * Licence: GNU |
||
10 | */ |
||
11 | require_once __DIR__ . '/header.php'; |
||
12 | |||
13 | define('IS_UPDATE_FILE', true); |
||
14 | |||
15 | global $xoopsDB, $xoopsConfig, $xoopsUser, $xoopsModule; |
||
16 | if (!is_object($xoopsUser) || !is_object($xoopsModule) || !$xoopsUser->isAdmin($xoopsModule->getVar('mid'))) { |
||
17 | exit('Access Denied'); |
||
18 | } |
||
19 | require XOOPS_ROOT_PATH . '/header.php'; |
||
20 | |||
21 | function install_header() |
||
22 | { |
||
23 | ?> |
||
24 | <!DOCTYPE HTML> |
||
25 | <html> |
||
26 | <head> |
||
27 | <title>WF-Links Upgrade</title> |
||
28 | <meta http-equiv="Content-Type" content="text/html; charset="> |
||
29 | </head> |
||
30 | <body> |
||
31 | <br><div style="text-align:center;"><img src="./assets/images/logo-en.gif" alt=""><h4>WF-Links Update</h4> |
||
32 | <?php |
||
33 | } |
||
34 | |||
35 | function install_footer() |
||
36 | { |
||
37 | ?> |
||
38 | <img src="assets/images/wfl_slogo.gif" alt="WF-Projects" border="0"></div> |
||
39 | </body> |
||
40 | </html> |
||
41 | <?php |
||
42 | } |
||
43 | |||
44 | // echo "Welcome to the WF-Links update script"; |
||
45 | foreach ($_POST as $k => $v) { |
||
46 | ${$k} = $v; |
||
47 | } |
||
48 | |||
49 | foreach ($_GET as $k => $v) { |
||
50 | ${$k} = $v; |
||
51 | } |
||
52 | |||
53 | if (!isset($action) || '' === $action) { |
||
54 | $action = 'message'; |
||
55 | } |
||
56 | |||
57 | if ('message' === $action) { |
||
58 | install_header(); |
||
59 | /** @var \XoopsModuleHandler $moduleHandler */ |
||
60 | $moduleHandler = xoops_getHandler('module'); |
||
61 | $mylinks = $moduleHandler->getByDirname('mylinks'); |
||
62 | if ($mylinks) { |
||
63 | $mylinks_version = round($mylinks->getVar('version') / 100, 2); |
||
64 | } |
||
65 | |||
66 | /** @var \XoopsModuleHandler $moduleHandler */ |
||
67 | $moduleHandler = xoops_getHandler('module'); |
||
68 | $weblinks = $moduleHandler->getByDirname('weblinks'); |
||
69 | if ($weblinks) { |
||
70 | $weblinks_version = round($weblinks->getVar('version') / 100, 2); |
||
71 | } |
||
72 | |||
73 | $act_wflinks = $moduleHandler->getByDirname('wflinks'); |
||
74 | if ($act_wflinks) { |
||
75 | $act_wflinks_version = $act_wflinks->getInfo('version'); |
||
76 | } |
||
77 | |||
78 | echo $act_wflinks_version; |
||
79 | |||
80 | /** |
||
81 | * Set version number |
||
82 | */ |
||
83 | |||
84 | if (1.0 == $act_wflinks_version && !$mylinks_version && !$weblinks_version) { |
||
85 | echo '<h4>Latest version of WF-Links installed. No Update Required</h4>'; |
||
86 | install_footer(); |
||
87 | require XOOPS_ROOT_PATH . '/footer.php'; |
||
88 | exit(); |
||
89 | } |
||
90 | |||
91 | $link_num = 0; |
||
92 | if (isset($mylinks_version)) { |
||
93 | $link_num = $mylinks_version; |
||
94 | } |
||
95 | |||
96 | if (isset($weblinks_version)) { |
||
97 | $link_num = $weblinks_version; |
||
98 | } |
||
99 | |||
100 | if (isset($wflinks_version) && 1.0 != $act_wflinks_version) { |
||
101 | $link_num = $wflinks_version; |
||
102 | } |
||
103 | |||
104 | echo '<div><b>Welcome to the WF-Links Update script</b></div><br>'; |
||
105 | echo '<div>This script will upgrade My-links or weblinks.</div><br><br>'; |
||
106 | |||
107 | if (0 != $link_num) { |
||
0 ignored issues
–
show
introduced
by
![]() |
|||
108 | echo "<div><span style='color:#ff0000;font-weight:bold;'>WARNING: If upgrading from My links or weblinks. The My links Module or weblinks Module will **NOT** function after the upgrade and should be unistalled. </span></div><br>"; |
||
109 | echo '<div><b>Before upgrading WF-Links, make sure that you have:</b></div><br>'; |
||
110 | echo "<div><span style='color:#ff0000; '>1. <b>Important:</b> First, create a back-up from your database before proceeding further. </span></div>"; |
||
111 | echo '<div>2. Upload all the contents of the WF-Links package to your server.</div><br>'; |
||
112 | echo '<div>3. After the upgrade you must update WF-Links in System Admin -> Modules.</div><br>'; |
||
113 | |||
114 | echo '<div><b>Press the button below to '; |
||
115 | switch ($link_num) { |
||
116 | case '1.0.1': |
||
117 | case '1.10': |
||
118 | case '1.1': |
||
119 | echo "update My links $link_num</b></div>"; |
||
120 | break; |
||
121 | case '0.93': |
||
122 | echo "update weblinks $link_num</b></div>"; |
||
123 | break; |
||
124 | } |
||
125 | |||
126 | echo "<form action='" . $_SERVER['SCRIPT_NAME'] . "' method='post'>"; |
||
127 | echo $GLOBALS['xoopsSecurity']->getTokenHTML(); |
||
128 | echo "<input type='submit' value='Start Upgrade'> |
||
129 | <input type='hidden' value='upgrade' name='action'> |
||
130 | <input type='hidden' name='link_num' value=$link_num> |
||
131 | </form>"; |
||
132 | } else { |
||
133 | echo '<h4>No module installed to update</h4>'; |
||
134 | } |
||
135 | |||
136 | install_footer(); |
||
137 | require XOOPS_ROOT_PATH . '/footer.php'; |
||
138 | exit(); |
||
139 | } |
||
140 | // THIS IS THE UPDATE DATABASE FROM HERE!!!!!!!!! DO NOT TOUCH THIS!!!!!!!! |
||
141 | if ('upgrade' === $action) { |
||
142 | install_header(); |
||
143 | |||
144 | $num = $_POST['link_num']; |
||
145 | switch ($num) { |
||
146 | case '1.0.1': |
||
147 | case '1.10': |
||
148 | case '1.1': |
||
149 | echo "Updating Mylinks $num"; |
||
150 | require_once __DIR__ . '/update/mylinks_update.php'; |
||
151 | break; |
||
152 | case '0.93': |
||
153 | echo "Updating weblinks $num"; |
||
154 | require_once __DIR__ . '/update/weblinks_update.php'; |
||
155 | break; |
||
156 | case '0': |
||
157 | default: |
||
158 | echo "Version: $num not supported yet. Please contact the developers of this module"; |
||
159 | break; |
||
160 | } |
||
161 | echo 'To complete the upgrade, You must update WF-Links in Xoops System Admin -> Modules'; |
||
162 | echo 'Please enjoy using WF-Links, the WF-Project Team'; |
||
163 | require XOOPS_ROOT_PATH . '/footer.php'; |
||
164 | } |
||
165 |