Project

General

Profile

Download (6.48 KB)

Bug #21230 » 12182.diff

Administrator Admin, 2009-10-10 22:00

View differences:

typo3/mod/tools/em/class.em_index.php (working copy)
if (!is_uploaded_file($_FILES['upload_ext_file']['tmp_name'])) {
t3lib_div::sysLog('Possible file upload attack: '.$_FILES['upload_ext_file']['tmp_name'], 'Extension Manager', 3);
return $GLOBALS['LANG']->getLL('ext_import_file_not_uploaded');
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_file_not_uploaded'),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
$uploadedTempFile = t3lib_div::upload_to_tempfile($_FILES['upload_ext_file']['tmp_name']);
}
$fileContent = t3lib_div::getUrl($uploadedTempFile);
if (!$fileContent) return $GLOBALS['LANG']->getLL('ext_import_file_empty');
if (!$fileContent) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_file_empty'),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
// Decode file data:
$fetchData = $this->terConnection->decodeExchangeData($fileContent);
......
return $flashMessage->render();
} // ... else go on, install...
} // ... else go on, install...
} else return $GLOBALS['LANG']->getLL('ext_import_no_key');
} else return sprintf($GLOBALS['LANG']->getLL('ext_import_wrong_file_format'), $fetchData);
} else return $GLOBALS['LANG']->getLL('ext_import_no_file');
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_no_key'),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_wrong_file_format'), $fetchData),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_no_file'),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
} else {
$this->xmlhandler->searchExtensionsXMLExact($extKey, '', '', true, true);
......
foreach($writeFiles as $theFile => $fileData) {
t3lib_div::writeFile($extDirPath.$theFile,$fileData['content']);
if (!@is_file($extDirPath.$theFile)) {
$content .= sprintf($GLOBALS['LANG']->getLL('ext_import_file_not_created'),
$extDirPath . $theFile) . '<br />';
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_file_not_created'),
$extDirPath . $theFile),
'',
t3lib_FlashMessage::ERROR
);
$content .= $flashMessage->render();
} elseif (md5(t3lib_div::getUrl($extDirPath.$theFile)) != $fileData['content_md5']) {
$content .= sprintf($GLOBALS['LANG']->getLL('ext_import_file_corrupted'),
$extDirPath . $theFile) . '<br />';
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_file_not_created'), $extDirPath . $theFile),
'',
t3lib_FlashMessage::ERROR
);
$content .= $flashMessage->render();
}
}
......
$GLOBALS['LANG']->getLL('ext_import_close_check') . '</a>';
}
}
} else $content = $res;
} else $content = sprintf($GLOBALS['LANG']->getLL('ext_import_ext_path_different'), $extDirPath);
} else $content = $res;
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$res,
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
}
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_ext_path_different'), $extDirPath),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
}
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$res,
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
}
}
} else $content = sprintf($GLOBALS['LANG']->getLL('ext_import_ext_only_here'),
$this->typePaths[$EM_CONF['lockType']], $EM_CONF['lockType']);
} else $content = $GLOBALS['LANG']->getLL('ext_import_no_ext_key_files');
} else $content = sprintf($GLOBALS['LANG']->getLL('ext_import_data_transfer'), $fetchData);
} else $content = sprintf($GLOBALS['LANG']->getLL('ext_import_no_install_here'), $this->typePaths[$loc]);
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_ext_only_here'),
$this->typePaths[$EM_CONF['lockType']], $EM_CONF['lockType']),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
}
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_no_ext_key_files'),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
}
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_data_transfer'), $fetchData),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
}
} else {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_no_install_here'), $this->typePaths[$loc]),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
}
$this->content .= $this->doc->section($GLOBALS['LANG']->getLL('ext_import_results'), $content, 0, 1);
(1-1/2)