Mercurial Mercurial > repos > enano-1.1 / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[Demo Security] Fixed plugin manager ignoring lockdown settings in demo mode
authorDan
Tue, 05 Aug 2008 11:13:05 -0400
changeset 675 872f0048dd81
parent 674 f514dc675f32
child 676 47413d71c2d9
[Demo Security] Fixed plugin manager ignoring lockdown settings in demo mode
includes/plugins.php file | annotate | diff | comparison | revisions
language/english/admin.json file | annotate | diff | comparison | revisions
plugins/admin/PluginManager.php file | annotate | diff | comparison | revisions 
--- a/includes/plugins.php	Tue Aug 05 11:12:01 2008 -0400
+++ b/includes/plugins.php	Tue Aug 05 11:13:05 2008 -0400
@@ -54,7 +54,7 @@
    * @var array
    */
   
-  var $system_plugins = Array('SpecialUserFuncs.php','SpecialUserPrefs.php','SpecialPageFuncs.php','SpecialAdmin.php','SpecialCSS.php','SpecialUpdownload.php','SpecialSearch.php','PrivateMessages.php','SpecialGroups.php', 'SpecialRecentChanges.php');
+  var $system_plugins = Array('SpecialUserFuncs.php','SpecialUserPrefs.php','SpecialPageFuncs.php','SpecialAdmin.php','SpecialCSS.php','SpecialUpdownload.php','SpecialSearch.php','PrivateMessages.php','SpecialGroups.php', 'SpecialRecentChanges.php', 'DemoMode.php');
   
   /**
    * Name kept for compatibility. Effectively a constructor. Calculates the list of plugins that should be loaded
@@ -510,6 +510,14 @@
     global $db, $session, $paths, $template, $plugins; // Common objects
     global $lang;
     
+    if ( defined('ENANO_DEMO_MODE') )
+    {
+      return array(
+          'mode' => 'error',
+          'error' => $lang->get('acppl_err_demo_mode')
+        );
+    }
+    
     if ( !$plugin_list )
       $plugin_list = $this->get_plugin_list();
     
@@ -617,6 +625,14 @@
     global $db, $session, $paths, $template, $plugins; // Common objects
     global $lang;
     
+    if ( defined('ENANO_DEMO_MODE') )
+    {
+      return array(
+          'mode' => 'error',
+          'error' => $lang->get('acppl_err_demo_mode')
+        );
+    }
+    
     if ( !$plugin_list )
       $plugin_list = $this->get_plugin_list();
     
--- a/language/english/admin.json	Tue Aug 05 11:12:01 2008 -0400
+++ b/language/english/admin.json	Tue Aug 05 11:13:05 2008 -0400
@@ -443,6 +443,7 @@
       err_upgrade_to_older: 'You are trying to upgrade to an older release of this plugin. This is unsupported and must be done manually.',
       err_upgrade_bad_query: 'There is a problem with one of the SQL queries the plugin is trying to make.',
       err_import_no_strings: 'This plugin doesn\'t have language support.',
+      err_demo_mode: 'You can\'t manipulate plugins in the Enano demo for security reasons.',
       
       msg_old_entries_title: 'Import old plugin installation data',
       msg_old_entries_body: 'There is still data from the old plugin structure in your database. You can import this to the new structure automatically using the button below.',
--- a/plugins/admin/PluginManager.php	Tue Aug 05 11:12:01 2008 -0400
+++ b/plugins/admin/PluginManager.php	Tue Aug 05 11:13:05 2008 -0400
@@ -195,6 +195,15 @@
               break;
             case 'disable':
             case 'enable':
+              // We're not in demo mode. Right?
+              if ( defined('ENANO_DEMO_MODE') )
+              {
+                $return = array(
+                    'mode' => 'error',
+                    'error' => $lang->get('acppl_err_demo_mode')
+                  );
+                break;
+              }
               $flags_col = ( $request['mode'] == 'disable' ) ?
                             "plugin_flags | "  . PLUGIN_DISABLED :
                             "plugin_flags & ~" . PLUGIN_DISABLED;
Enano CMS (1.1.x)