Project

General

Profile

Bug #18680 ยป bug_8216.diff

Administrator Admin, 2009-07-28 17:06

View differences:

typo3/mod/tools/em/class.em_index.php (Arbeitskopie)
continue;
}
// determine local md5 from zip
if(is_file(PATH_site.'typo3temp/'.$extKey.'-l10n-'.$lang.'.zip')) {
if (!is_file(PATH_site.'typo3temp/'.$extKey.'-l10n-'.$lang.'.zip')) {
$localmd5 = 'zzz';
} elseif (!is_dir(PATH_typo3conf . 'l10n/'.$lang.'/'.$extKey.'/')) {
$localmd5 = 'yyy';
} else {
$localmd5 = md5_file(PATH_site.'typo3temp/'.$extKey.'-l10n-'.$lang.'.zip');
} else {
$localmd5 = 'zzz';
}
// local!=remote or not installed -> needs update
if($localmd5 != $translationStatusArr[$lang]['md5']) {
$ret = $this->updateTranslation($extKey, $lang, $mirrorURL);
......
* @return boolean True on success, false in failure
*/
function unzip($file, $path) {
if(strlen($GLOBALS['TYPO3_CONF_VARS']['BE']['unzip_path'])) {
$unzip_path = $GLOBALS['TYPO3_CONF_VARS']['BE']['unzip_path'];
if ($unzip_path && !is_file($unzip_path)) {
$message = '$GLOBALS[TYPO3_CONF_VARS][BE][unzip_path] is set but does not point to a file.';
t3lib_div::sysLog($message, 'Extension Manager', t3lib_div::SYSLOG_SEVERITY_ERROR);
unset($unzip_path);
}
if (strlen($unzip_path)) {
chdir($path);
$cmd = $GLOBALS['TYPO3_CONF_VARS']['BE']['unzip_path'].' -o '.escapeshellarg($file);
exec($cmd, $list, $ret);
......
// Read uploaded file:
if (!$uploadedTempFile) {
if (!is_uploaded_file($_FILES['upload_ext_file']['tmp_name'])) {
t3lib_div::sysLog('Possible file upload attack: '.$_FILES['upload_ext_file']['tmp_name'], 'Extension Manager', 3);
t3lib_div::sysLog('Possible file upload attack: '.$_FILES['upload_ext_file']['tmp_name'], 'Extension Manager', t3lib_div::SYSLOG_SEVERITY_ERROR);
return 'File was not uploaded?!?';
}
    (1-1/1)