pluginenable.php 5.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158
  1. <?php
  2. // This file is part of GNU social - https://www.gnu.org/software/social
  3. //
  4. // GNU social is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // GNU social is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  16. defined('STATUSNET') || die();
  17. /**
  18. * Plugin enable action.
  19. *
  20. * (Re)-enables a plugin from the default plugins list.
  21. *
  22. * Takes parameters:
  23. *
  24. * - plugin: plugin name
  25. * - token: session token to prevent CSRF attacks
  26. * - ajax: bool; whether to return Ajax or full-browser results
  27. *
  28. * Only works if the current user is logged in.
  29. *
  30. * @category Action
  31. * @package StatusNet
  32. * @author Brion Vibber <brion@status.net>
  33. * @copyright 2010 StatusNet, Inc.
  34. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
  35. * @link http://status.net/
  36. */
  37. class PluginenableAction extends Action
  38. {
  39. var $user;
  40. var $plugin;
  41. /**
  42. * Check pre-requisites and instantiate attributes
  43. *
  44. * @param array $args array of arguments (URL, GET, POST)
  45. *
  46. * @return bool success flag
  47. * @throws ClientException
  48. */
  49. function prepare(array $args = [])
  50. {
  51. parent::prepare($args);
  52. // @fixme these are pretty common, should a parent class factor these out?
  53. // Only allow POST requests
  54. if ($_SERVER['REQUEST_METHOD'] != 'POST') {
  55. // TRANS: Client error displayed when trying to use another method than POST.
  56. // TRANS: Do not translate POST.
  57. $this->clientError(_m('This action only accepts POST requests.'));
  58. }
  59. // CSRF protection
  60. $token = $this->trimmed('token');
  61. if (!$token || $token != common_session_token()) {
  62. // TRANS: Client error displayed when the session token does not match or is not given.
  63. $this->clientError(_m('There was a problem with your session token.'.
  64. ' Try again, please.'));
  65. }
  66. // Only for logged-in users
  67. $this->user = common_current_user();
  68. if (empty($this->user)) {
  69. // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
  70. $this->clientError(_m('Not logged in.'));
  71. }
  72. if (!AdminPanelAction::canAdmin('plugins')) {
  73. // TRANS: Client error displayed when trying to enable or disable a plugin without access rights.
  74. $this->clientError(_m('You cannot administer plugins.'));
  75. }
  76. $this->plugin = $this->arg('plugin');
  77. if (!array_key_exists($this->plugin, array_flip(PluginList::grabAllPluginNames()))) {
  78. // TRANS: Client error displayed when trying to enable or disable a non-existing plugin.
  79. $this->clientError(_m('No such plugin.'));
  80. }
  81. return true;
  82. }
  83. /**
  84. * Handle request
  85. *
  86. * Enables the plugin and returns results.
  87. *
  88. * @return void
  89. * @throws ClientException
  90. */
  91. function handle()
  92. {
  93. if (!PluginList::isPluginLoaded($this->plugin)) {
  94. $config_file = INSTALLDIR . DIRECTORY_SEPARATOR . 'config.php';
  95. $handle = fopen($config_file, 'a');
  96. if (!$handle) {
  97. $this->clientError(_m('No permissions for writing to config.php'));
  98. }
  99. $data = PHP_EOL.'addPlugin(\''.$this->plugin.'\'); // Added by sysadmin\'s Plugin UI.';
  100. fwrite($handle, $data);
  101. fclose($handle);
  102. }
  103. $key = 'disable-' . $this->plugin;
  104. Config::save('plugins', $key, $this->overrideValue());
  105. // @fixme this is a pretty common pattern and should be refactored down
  106. if ($this->boolean('ajax')) {
  107. $this->startHTML('text/xml;charset=utf-8');
  108. $this->elementStart('head');
  109. $this->element('title', null, $this->successShortTitle());
  110. $this->elementEnd('head');
  111. $this->elementStart('body');
  112. $form = $this->successNextForm();
  113. $form->show();
  114. $this->elementEnd('body');
  115. $this->endHTML();
  116. } else {
  117. $url = common_local_url('pluginsadminpanel');
  118. common_redirect($url, 303);
  119. }
  120. }
  121. /**
  122. * Value to save into $config['plugins']['disable-<name>']
  123. */
  124. protected function overrideValue()
  125. {
  126. return 0;
  127. }
  128. protected function successShortTitle()
  129. {
  130. // TRANS: Page title for AJAX form return when enabling a plugin.
  131. return _m('plugin', 'Enabled');
  132. }
  133. protected function successNextForm()
  134. {
  135. return new PluginDisableForm($this, $this->plugin);
  136. }
  137. }