plugindelete.php 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114
  1. <?php
  2. // This file is part of GNU social - https://www.gnu.org/software/social
  3. //
  4. // GNU social is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // GNU social is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  16. defined('STATUSNET') || die();
  17. require_once INSTALLDIR . '/lib/util/deletetree.php';
  18. /**
  19. * Form for deleting a plugin
  20. *
  21. * @category Action
  22. * @package GNUsocial
  23. * @author Diogo Cordeiro <diogo@fc.up.pt>
  24. * @copyright 2019 Free Software Foundation, Inc http://www.fsf.org
  25. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  26. */
  27. class PlugindeleteAction extends Action
  28. {
  29. var $user;
  30. var $plugin;
  31. /**
  32. * Check pre-requisites and instantiate attributes
  33. *
  34. * @param array $args array of arguments (URL, GET, POST)
  35. *
  36. * @return bool success flag
  37. * @throws ClientException
  38. */
  39. function prepare(array $args = [])
  40. {
  41. parent::prepare($args);
  42. // @fixme these are pretty common, should a parent class factor these out?
  43. // Only allow POST requests
  44. if ($_SERVER['REQUEST_METHOD'] != 'POST') {
  45. // TRANS: Client error displayed when trying to use another method than POST.
  46. // TRANS: Do not translate POST.
  47. $this->clientError(_m('This action only accepts POST requests.'));
  48. }
  49. // CSRF protection
  50. $token = $this->trimmed('token');
  51. if (!$token || $token != common_session_token()) {
  52. // TRANS: Client error displayed when the session token does not match or is not given.
  53. $this->clientError(_m('There was a problem with your session token.'.
  54. ' Try again, please.'));
  55. }
  56. // Only for logged-in users
  57. $this->user = common_current_user();
  58. if (empty($this->user)) {
  59. // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
  60. $this->clientError(_m('Not logged in.'));
  61. }
  62. if (!AdminPanelAction::canAdmin('plugins')) {
  63. // TRANS: Client error displayed when trying to enable or disable a plugin without access rights.
  64. $this->clientError(_m('You cannot administer plugins.'));
  65. }
  66. $this->plugin = $this->arg('plugin');
  67. if (!array_key_exists($this->plugin, array_flip(PluginList::grabAllPluginNames()))) {
  68. // TRANS: Client error displayed when trying to enable or disable a non-existing plugin.
  69. $this->clientError(_m('No such plugin.'));
  70. }
  71. return true;
  72. }
  73. /**
  74. * Handle request
  75. *
  76. * Does the subscription and returns results.
  77. *
  78. * @return void
  79. * @throws ClientException
  80. */
  81. function handle()
  82. {
  83. if (PluginList::isPluginLoaded($this->plugin)) {
  84. $this->clientError(_m('You can\'t delete a plugin without first removing its loader from your config.php.'));
  85. }
  86. if (!is_writable(INSTALLDIR . '/local/plugins/'.$this->plugin)) {
  87. $this->clientError(_m('We can only delete third party plugins.'));
  88. }
  89. deleteTree(INSTALLDIR . '/local/plugins/'.$this->plugin);
  90. deleteTree(PUBLICDIR . '/local/plugins/'.$this->plugin);
  91. $url = common_local_url('pluginsadminpanel');
  92. common_redirect($url, 303);
  93. }
  94. }