Changeset 1731 for trunk/admin/plugin.php
- Timestamp:
- Jan 18, 2007, 3:09:31 AM (18 years ago)
- File:
-
- 1 edited
-
trunk/admin/plugin.php (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/plugin.php
r1705 r1731 34 34 check_status(ACCESS_ADMINISTRATOR); 35 35 36 $section = explode('~', $_GET['section'] ); 37 if (count($section)!=2) 36 $sections = explode('/', $_GET['section'] ); 37 for ($i=0; $i<count($sections); $i++) 38 { 39 if (empty($sections[$i]) or $sections[$i]=='..') 40 { 41 unset($sections[$i]); 42 $i--; 43 } 44 } 45 46 if (count($sections)<2) 38 47 { 39 48 die('Invalid plugin URL'); 40 49 } 41 50 42 $plugin_id = $section [0];51 $plugin_id = $sections[0]; 43 52 $check_db_plugin = get_db_plugins('active', $plugin_id ); 44 53 if (empty($check_db_plugin)) … … 46 55 die('Invalid URL - plugin '.$plugin_id.' not active'); 47 56 } 48 $section[1]=str_replace('./', '', $section[1]); // no up in dir structure49 57 50 $filename = PHPWG_PLUGINS_PATH. $plugin_id.'/'.$section[1].'.php';58 $filename = PHPWG_PLUGINS_PATH.implode('/', $sections); 51 59 if (is_file($filename)) 52 60 { … … 55 63 else 56 64 { 57 die('Missing '.$filename);65 die('Missing file '.$filename); 58 66 } 59 67 ?>
Note: See TracChangeset
for help on using the changeset viewer.
