includes/plugins.php
changeset 1221 d8c6b8d49604
parent 1216 4125e19d3b27
child 1227 bdac73ed481e
equal deleted inserted replaced
1220:fbfd6c852c89 1221:d8c6b8d49604
   632         $db->sql_query($query);
   632         $db->sql_query($query);
   633       }
   633       }
   634       else
   634       else
   635       {
   635       {
   636         if ( !$db->sql_query($query) )
   636         if ( !$db->sql_query($query) )
   637           $db->die_json();
   637         {
       
   638           $return = array(
       
   639               'mode' => 'error',
       
   640               'error' => "[SQL] " . $db->sql_error()
       
   641             );
       
   642           break 2;
       
   643         }
   638       }
   644       }
   639     }
   645     }
   640     
   646     
   641     // log action
   647     // log action
   642     $time        = time();
   648     $time        = time();
   643     $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
   649     $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
   644     $username_db = $db->escape($session->username);
   650     $username_db = $db->escape($session->username);
   645     $file_db     = $db->escape($filename);
   651     $file_db     = $db->escape($filename);
   646     $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n"
   652     $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, author_uid, page_text) VALUES\n"
   647                       . "  ('security', 'plugin_install', $time, '$ip_db', '$username_db', '$file_db');");
   653                       . "  ('security', 'plugin_install', $time, '$ip_db', '$username_db', $session->user_id, '$file_db');");
   648     if ( !$q )
   654     if ( !$q )
   649       $db->_die();
   655       $db->_die();
   650     
   656     
   651     // register plugin
   657     // register plugin
   652     $version_db = $db->escape($dataset['version']);
   658     $version_db = $db->escape($dataset['version']);
   788         $db->sql_query($query);
   794         $db->sql_query($query);
   789       }
   795       }
   790       else
   796       else
   791       {
   797       {
   792         if ( !$db->sql_query($query) )
   798         if ( !$db->sql_query($query) )
   793           $db->die_json();
   799         {
       
   800           $return = array(
       
   801               'mode' => 'error',
       
   802               'error' => "[SQL] " . $db->sql_error()
       
   803             );
       
   804           break 2;
       
   805         }
   794       }
   806       }
   795     }
   807     }
   796     
   808     
   797     // log action
   809     // log action
   798     $time        = time();
   810     $time        = time();
   799     $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
   811     $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
   800     $username_db = $db->escape($session->username);
   812     $username_db = $db->escape($session->username);
   801     $file_db     = $db->escape($filename);
   813     $file_db     = $db->escape($filename);
   802     $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n"
   814     $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, author_uid, page_text) VALUES\n"
   803                       . "  ('security', 'plugin_uninstall', $time, '$ip_db', '$username_db', '$file_db');");
   815                       . "  ('security', 'plugin_uninstall', $time, '$ip_db', '$username_db', $session->user_id, '$file_db');");
   804     if ( !$q )
   816     if ( !$q )
   805       $db->_die();
   817       $db->_die();
   806     
   818     
   807     // deregister plugin
   819     // deregister plugin
   808     $q = $db->sql_query('DELETE FROM ' . table_prefix . "plugins WHERE plugin_id = {$dataset['plugin id']};");
   820     $q = $db->sql_query('DELETE FROM ' . table_prefix . "plugins WHERE plugin_id = {$dataset['plugin id']};");
  1014         $db->sql_query($query);
  1026         $db->sql_query($query);
  1015       }
  1027       }
  1016       else
  1028       else
  1017       {
  1029       {
  1018         if ( !$db->sql_query($query) )
  1030         if ( !$db->sql_query($query) )
  1019           $db->die_json();
  1031         {
       
  1032           $return = array(
       
  1033               'mode' => 'error',
       
  1034               'error' => "[SQL] " . $db->sql_error()
       
  1035             );
       
  1036           break 2;
       
  1037         }
  1020       }
  1038       }
  1021     }
  1039     }
  1022     
  1040     
  1023     // log action
  1041     // log action
  1024     $time        = time();
  1042     $time        = time();
  1025     $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
  1043     $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
  1026     $username_db = $db->escape($session->username);
  1044     $username_db = $db->escape($session->username);
  1027     $file_db     = $db->escape($filename);
  1045     $file_db     = $db->escape($filename);
  1028     $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n"
  1046     $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, author_uid, page_text) VALUES\n"
  1029                       . "  ('security', 'plugin_upgrade', $time, '$ip_db', '$username_db', '$file_db');");
  1047                       . "  ('security', 'plugin_upgrade', $time, '$ip_db', '$username_db', $session->user_id, '$file_db');");
  1030     if ( !$q )
  1048     if ( !$q )
  1031       $db->_die();
  1049       $db->_die();
  1032     
  1050     
  1033     // update version number
  1051     // update version number
  1034     $version = $db->escape($dataset['version']);
  1052     $version = $db->escape($dataset['version']);