Project

General

Profile

Download (7.81 KB)

Bug #21230 » 12182.patch

Administrator Admin, 2011-01-25 13:54

View differences:

typo3conf/ext/em/classes/index.php (revision )
if (!is_uploaded_file($_FILES['upload_ext_file']['tmp_name'])) {
t3lib_div::sysLog('Possible file upload attack: ' . $_FILES['upload_ext_file']['tmp_name'], 'Extension Manager', 3);
return $GLOBALS['LANG']->getLL('ext_import_file_not_uploaded');
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_file_not_uploaded'),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
$uploadedTempFile = t3lib_div::upload_to_tempfile($_FILES['upload_ext_file']['tmp_name']);
......
$fileContent = t3lib_div::getUrl($uploadedTempFile);
if (!$fileContent) {
return $GLOBALS['LANG']->getLL('ext_import_file_empty');
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_file_empty'),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
// Decode file data:
......
} // ... else go on, install...
} // ... else go on, install...
} else {
return $GLOBALS['LANG']->getLL('ext_import_no_key');
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_no_key'),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
} else {
return sprintf($GLOBALS['LANG']->getLL('ext_import_wrong_file_format'), $fetchData);
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_wrong_file_format'), $fetchData),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
} else {
return $GLOBALS['LANG']->getLL('ext_import_no_file');
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_no_file'),
'',
t3lib_FlashMessage::ERROR
);
return $flashMessage->render();
}
} else {
$this->xmlHandler->searchExtensionsXMLExact($extKey, '', '', true, true);
typo3conf/ext/em/classes/install/class.tx_em_install.php (revision )
foreach ($writeFiles as $theFile => $fileData) {
t3lib_div::writeFile($extDirPath . $theFile, $fileData['content']);
if (!@is_file($extDirPath . $theFile)) {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_file_not_created'),
$extDirPath . $theFile),
'',
t3lib_FlashMessage::ERROR
);
$content .= $flashMessage->render();
} else {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_file_not_created'), $extDirPath . $theFile),
'',
t3lib_FlashMessage::ERROR
);
$content .= $flashMessage->render();
} else {
$content .= sprintf($GLOBALS['LANG']->getLL('ext_import_file_not_created'),
$extDirPath . $theFile) . '<br />';
$content .= sprintf($GLOBALS['LANG']->getLL('ext_import_file_not_created'),
$extDirPath . $theFile) . '<br />';
}
}
} elseif (md5(t3lib_div::getUrl($extDirPath . $theFile)) != $fileData['content_md5']) {
$content .= sprintf($GLOBALS['LANG']->getLL('ext_import_file_corrupted'),
$extDirPath . $theFile) . '<br />';
......
}
}
} else {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$res,
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
} else {
$content = $res;
}
$content = $res;
}
}
} else {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_ext_path_different'), $extDirPath),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
} else {
$content = sprintf($GLOBALS['LANG']->getLL('ext_import_ext_path_different'), $extDirPath);
}
$content = sprintf($GLOBALS['LANG']->getLL('ext_import_ext_path_different'), $extDirPath);
}
}
} else {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$res,
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
} else {
$content = $res;
}
}
$content = $res;
}
}
}
} else {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_ext_only_here'),
$this->typePaths[$EM_CONF['lockType']], $EM_CONF['lockType']),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
} else {
$content = sprintf($GLOBALS['LANG']->getLL('ext_import_ext_only_here'),
tx_em_Tools::typePath($EM_CONF['lockType']), $EM_CONF['lockType']);
}
$content = sprintf($GLOBALS['LANG']->getLL('ext_import_ext_only_here'),
tx_em_Tools::typePath($EM_CONF['lockType']), $EM_CONF['lockType']);
}
}
} else {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$GLOBALS['LANG']->getLL('ext_import_no_ext_key_files'),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
} else {
$content = $GLOBALS['LANG']->getLL('ext_import_no_ext_key_files');
}
$content = $GLOBALS['LANG']->getLL('ext_import_no_ext_key_files');
}
}
} else {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_data_transfer'), $fetchData),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
} else {
$content = sprintf($GLOBALS['LANG']->getLL('ext_import_data_transfer'), $fetchData);
}
$content = sprintf($GLOBALS['LANG']->getLL('ext_import_data_transfer'), $fetchData);
}
}
} else {
if (!$this->silentMode) {
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
sprintf($GLOBALS['LANG']->getLL('ext_import_no_install_here'), $this->typePaths[$loc]),
'',
t3lib_FlashMessage::ERROR
);
$content = $flashMessage->render();
} else {
$content = sprintf($GLOBALS['LANG']->getLL('ext_import_no_install_here'), tx_em_Tools::typePath($loc));
}
$content = sprintf($GLOBALS['LANG']->getLL('ext_import_no_install_here'), tx_em_Tools::typePath($loc));
}
}
return $content;
}
(2-2/2)