| author | Dan |
| Thu, 12 Jul 2007 01:04:01 -0400 | |
| changeset 2 | a8a21e1c7afa |
| parent 0 | f9ffdbd96607 |
| permissions | -rw-r--r-- |
| 0 | 1 |
<?php |
2 |
/*********************************************************************** |
|
3 |
||
4 |
Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org) |
|
5 |
||
6 |
This file is part of PunBB. |
|
7 |
||
8 |
PunBB is free software; you can redistribute it and/or modify it |
|
9 |
under the terms of the GNU General Public License as published |
|
10 |
by the Free Software Foundation; either version 2 of the License, |
|
11 |
or (at your option) any later version. |
|
12 |
||
13 |
PunBB is distributed in the hope that it will be useful, but |
|
14 |
WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
GNU General Public License for more details. |
|
17 |
||
18 |
You should have received a copy of the GNU General Public License |
|
19 |
along with this program; if not, write to the Free Software |
|
20 |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, |
|
21 |
MA 02111-1307 USA |
|
22 |
||
23 |
************************************************************************/ |
|
24 |
||
25 |
||
26 |
// Tell header.php to use the admin template |
|
27 |
define('PUN_ADMIN_CONSOLE', 1);
|
|
28 |
||
|
2
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
29 |
//define('PUN_ROOT', './');
|
|
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
30 |
//require PUN_ROOT.'include/common.php'; |
|
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
31 |
|
|
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
32 |
global $pun_db, $pun_user, $pun_config, $lang_common; |
|
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
33 |
|
| 0 | 34 |
require PUN_ROOT.'include/common_admin.php'; |
35 |
||
36 |
||
|
2
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
37 |
if ($pun_user['g_id'] < PUN_MOD) |
| 0 | 38 |
message($lang_common['No permission']); |
39 |
||
40 |
||
41 |
// The plugin to load should be supplied via GET |
|
42 |
$plugin = isset($_GET['plugin']) ? $_GET['plugin'] : ''; |
|
43 |
if (!@preg_match('/^AM?P_(\w*?)\.php$/i', $plugin))
|
|
44 |
message($lang_common['Bad request']); |
|
45 |
||
46 |
// AP_ == Admins only, AMP_ == admins and moderators |
|
47 |
$prefix = substr($plugin, 0, strpos($plugin, '_')); |
|
48 |
if ($pun_user['g_id'] == PUN_MOD && $prefix == 'AP') |
|
49 |
message($lang_common['No permission']); |
|
50 |
||
51 |
// Make sure the file actually exists |
|
52 |
if (!file_exists(PUN_ROOT.'plugins/'.$plugin)) |
|
53 |
message('There is no plugin called \''.$plugin.'\' in the plugin directory.');
|
|
54 |
||
55 |
// Construct REQUEST_URI if it isn't set |
|
56 |
if (!isset($_SERVER['REQUEST_URI'])) |
|
57 |
$_SERVER['REQUEST_URI'] = (isset($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : '').'?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : ''); |
|
58 |
||
59 |
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / '.$plugin; |
|
60 |
require PUN_ROOT.'header.php'; |
|
61 |
||
62 |
// Attempt to load the plugin. We don't use @ here to supress error messages, |
|
63 |
// because if we did and a parse error occurred in the plugin, we would only |
|
64 |
// get the "blank page of death". |
|
65 |
include PUN_ROOT.'plugins/'.$plugin; |
|
66 |
if (!defined('PUN_PLUGIN_LOADED'))
|
|
67 |
message('Loading of the plugin \''.$plugin.'\' failed.');
|
|
68 |
||
69 |
// Output the clearer div |
|
70 |
?> |
|
71 |
<div class="clearer"></div> |
|
72 |
</div> |
|
73 |
<?php |
|
74 |
||
75 |
require PUN_ROOT.'footer.php'; |