Browse Source

Validation de l'URL d'installation d'un plugin

Simounet 3 years ago
parent
commit
0aa6ec13f4
1 changed files with 54 additions and 48 deletions
  1. 54 48
      Plugin.class.php

+ 54 - 48
Plugin.class.php

@@ -123,63 +123,69 @@ class Plugin{
     }
 
     public static function install($url) {
-        $pluginBaseFolder = str_replace('/', '', self::FOLDER).'/';
-        $tempZipName = $pluginBaseFolder.md5(microtime());
         $logger = new Logger('settings');
-        $logger->appendLogs('Téléchargement du plugin...');
-        $context = stream_context_create(
-                array (
-                    'http' => array (
-                        'follow_location' => true,
-                        'user_agent' => $_SERVER['HTTP_USER_AGENT']
+        if(empty($url)){
+            $logger->appendLogs("Pas d'url renseignée.");
+        }elseif(filter_var($url, FILTER_VALIDATE_URL) === false){
+            $logger->appendLogs("L'url renseignée n'est pas valide.");
+        }else{
+            $logger->appendLogs('Téléchargement du plugin...');
+            $pluginBaseFolder = str_replace('/', '', self::FOLDER).'/';
+            $tempZipName = $pluginBaseFolder.md5(microtime());
+            $context = stream_context_create(
+                    array (
+                        'http' => array (
+                            'follow_location' => true,
+                            'user_agent' => $_SERVER['HTTP_USER_AGENT']
+                        )
                     )
-                )
-            );
-        file_put_contents($tempZipName,file_get_contents(urldecode($url)), false, $context);
-        if(file_exists($tempZipName)){
-            $logger->appendLogs('Plugin téléchargé <span class="label label-success">OK</span>');
-            $logger->appendLogs('Extraction du plugin...');
-            $zip = new ZipArchive;
-            $res = $zip->open($tempZipName);
-            if ($res === TRUE) {
-                $tempZipFolder = $tempZipName.'_';
-                $pluginFolder = $tempZipFolder;
-                $zip->extractTo($tempZipFolder);
-                $zip->close();
-                $logger->appendLogs('Plugin extrait <span class="readUnreadButton">OK</span>');
-                $fi = new FilesystemIterator($tempZipFolder, FilesystemIterator::SKIP_DOTS);
-                if(iterator_count($fi) === 1) {
-                    foreach($fi as $file){
-                        $filename = $file->getFilename();
-                        $pluginFolder = $pluginBaseFolder.$filename;
-                        rename($tempZipFolder.'/'.$filename, $pluginFolder);
-                        rmdir($tempZipFolder);
+                );
+            file_put_contents($tempZipName,file_get_contents(urldecode($url)), false, $context);
+            if(file_exists($tempZipName)){
+                $logger->appendLogs('Plugin téléchargé <span class="label label-success">OK</span>');
+                $logger->appendLogs('Extraction du plugin...');
+                $zip = new ZipArchive;
+                $res = $zip->open($tempZipName);
+                if ($res === TRUE) {
+                    $tempZipFolder = $tempZipName.'_';
+                    $pluginFolder = $tempZipFolder;
+                    $zip->extractTo($tempZipFolder);
+                    $zip->close();
+                    $logger->appendLogs('Plugin extrait <span class="readUnreadButton">OK</span>');
+                    $fi = new FilesystemIterator($tempZipFolder, FilesystemIterator::SKIP_DOTS);
+                    if(iterator_count($fi) === 1) {
+                        foreach($fi as $file){
+                            $filename = $file->getFilename();
+                            $pluginFolder = $pluginBaseFolder.$filename;
+                            rename($tempZipFolder.'/'.$filename, $pluginFolder);
+                            rmdir($tempZipFolder);
+                        }
                     }
-                }
-                $pluginName = glob($pluginFolder.'/*.plugin*.php');
-                if(count($pluginName)>0){
-                    $pluginName = str_replace(array($pluginFolder.'/','.enabled','.disabled','.plugin','.php'),'',$pluginName[0]);
-                    if(!file_exists($pluginBaseFolder.$pluginName)){
-                        $logger->appendLogs('Renommage...');
-                        if(rename($pluginFolder,$pluginBaseFolder.$pluginName)){
-                            $logger->appendLogs('Plugin installé, rechargez la page pour voir le plugin <span class="readUnreadButton">pensez à l\'activer</span>');
+                    $pluginName = glob($pluginFolder.'/*.plugin*.php');
+                    if(count($pluginName)>0){
+                        $pluginName = str_replace(array($pluginFolder.'/','.enabled','.disabled','.plugin','.php'),'',$pluginName[0]);
+                        if(!file_exists($pluginBaseFolder.$pluginName)){
+                            $logger->appendLogs('Renommage...');
+                            if(rename($pluginFolder,$pluginBaseFolder.$pluginName)){
+                                $logger->appendLogs('Plugin installé, rechargez la page pour voir le plugin <span class="readUnreadButton">pensez à l\'activer</span>');
+                            }else{
+                                Functions::rmFullDir($pluginFolder);
+                                $logger->appendLogs('Impossible de renommer le plugin <span class="readUnreadButton">Erreur</span>');
+                            }
                         }else{
-                            Functions::rmFullDir($pluginFolder);
-                            $logger->appendLogs('Impossible de renommer le plugin <span class="readUnreadButton">Erreur</span>');
+                            $logger->appendLogs('Plugin déjà installé <span class="readUnreadButton">OK</span>');
                         }
                     }else{
-                        $logger->appendLogs('Plugin déjà installé <span class="readUnreadButton">OK</span>');
+                        $logger->appendLogs('Plugin invalide, fichier principal manquant <span class="readUnreadButton">Erreur</span>');
                     }
-                }else{
-                    $logger->appendLogs('Plugin invalide, fichier principal manquant <span class="readUnreadButton">Erreur</span>');
-                }
 
-            } else {
-                $logger->appendLogs('Echec de l\'extraction <span class="readUnreadButton">Erreur</span>');
+                } else {
+                    $logger->appendLogs('Echec de l\'extraction <span class="readUnreadButton">Erreur</span>');
+                }
+                unlink($tempZipName);
+            }else{
+                $logger->appendLogs('Echec du téléchargement <span class="readUnreadButton">Erreur</span>');
             }
-            unlink($tempZipName);
-        }else{
-            $logger->appendLogs('Echec du téléchargement <span class="readUnreadButton">Erreur</span>');
         }
         if(Functions::isAjaxCall()){
             echo json_encode($logger->getLogs(), JSON_HEX_QUOT | JSON_HEX_TAG);