$sig = url_get_contents($repo.'/Release.sig');
$data = file_get_contents($loclist);
$cert = file_get_contents(PUBKEY_PATH.'/FA.pem');
+ if (!function_exists('openssl_verify')) {
+ display_error(_("OpenSSL have to be available on your server to use extension repository system."));
+ return null;
+ }
if (openssl_verify($data, $sig, $cert) <= 0) {
if ($refresh) {
if (!@unlink($loclist))
global $src_version;
$compat_levels = 2; // current policy is keeping compatibility on major version level.
- $app = explode('.', strspn($src_version, "0123456789."));
- $pkg = explode('.', strspn($ext_v, "0123456789."));
+ $app = explode('.', substr($src_version, 0, strspn($src_version, "0123456789.")));
+ $pkg = explode('.', substr($ext_v, 0, strspn($ext_v, "0123456789.")));
for ($i=0; $i < min($compat_levels, count($app)); $i++)
if ($pkg[$i] < $app[$i])