! -> Note
$ -> Affected files
+-------------------- 1.14 Stable Released ----------------------
+01-Oct-2007 Joe Hunt
+ ! Major change in the installation of modules to also accept an SQL-file for upload.
+ $ config.php
+ /admin/inst_module.php
+ /admin/db/maintenance_db.inc
+
+30-Sep-2007 Joe Hunt
+ # The following files were still vulnerable. Fixed
+ $ /access/login.php
+ /includes/lang/language.php
+
-------------------- 1.13 Stable Released ----------------------
14-Sep-2007 Joe Hunt
+ Added optional link for electronic payment on invoices (PayPal).
$line = trim($line);
$line = str_replace("0_", $connection["tbpref"], $line);
+ $line = str_replace("Y_", "0_", $line);
// the last line did not belong to a 'create' sql query
if (!$table)
{
include_once($path_to_root . "/includes/date_functions.inc");
include_once($path_to_root . "/admin/db/company_db.inc");
+include_once($path_to_root . "/admin/db/maintenance_db.inc");
include_once($path_to_root . "/modules/installed_modules.php");
include_once($path_to_root . "/includes/ui.inc");
function handle_submit()
{
- global $path_to_root, $installed_modules;
+ global $path_to_root, $installed_modules, $db_connections;
if (!check_data())
return false;
}
else
$installed_modules[$id]['filename'] = $_POST['filename'];
+ if (is_uploaded_file($_FILES['uploadfile2']['tmp_name']))
+ {
+ $file1 = $_FILES['uploadfile2']['tmp_name'];
+ $file2 = $directory . "/".$_FILES['uploadfile2']['name'];
+ if (file_exists($file2))
+ unlink($file2);
+ move_uploaded_file($file1, $file2);
+ $db_name = $_SESSION["wa_current_user"]->company;
+ db_import($file2, $db_connections[$db_name]);
+ }
if (!write_modules())
return false;
return true;
text_row_ex(_("Folder"), 'path', 20);
label_row(_("Module File"), "<input name='uploadfile' type='file'>");
+ label_row(_("SQL File"), "<input name='uploadfile2' type='file'>");
end_table(0);
display_note(_("Select your module PHP file from your local harddisk."), 0, 1);
projects / fa-stable.git / commitdiff