dinislage/PrestaShop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

// Added a sandbox in order to check files before doing anything with them

Browse Source
This commit is contained in:
Damien Metzger
2012-12-26 15:52:21 +01:00
parent 8d1a66c0c1
commit e4c38f73f5
2 changed files with 86 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cache/sandbox/index.php
Vendored
+35
View File
@@ -0,0 +1,35 @@
<?php
/*
* 2007-2012 PrestaShop
*
* NOTICE OF LICENSE
*
* This source file is subject to the Open Software License (OSL 3.0)
* that is bundled with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://opensource.org/licenses/osl-3.0.php
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@prestashop.com so we can send you a copy immediately.
*
* DISCLAIMER
*
* Do not edit or add to this file if you wish to upgrade PrestaShop to newer
* versions in the future. If you wish to customize PrestaShop for your
* needs please refer to http://www.prestashop.com for more information.
*
* @author PrestaShop SA <contact@prestashop.com>
* @copyright 2007-2012 PrestaShop SA
* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
* International Registered Trademark & Property of PrestaShop SA
*/
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header("Location: ../");
exit;
controllers/admin/AdminTranslationsController.php
+51
View File
@@ -593,6 +593,35 @@ class AdminTranslationsControllerCore extends AdminController
}
}
}
public static function checkTranslationFile($content)
{
$lines = array_map('trim', explode("\n", $content));
$global = false;
foreach ($lines as $line)
{
if (in_array($line, array('<?php', '?>', '')))
continue;
if (!$global && preg_match('/^global\s+\$([a-z0-9-_]+)\s*;$/i', $line, $matches))
{
$global = $matches[1];
continue;
}
if ($global != false && preg_match('/^\$'.preg_quote($global, '/').'\s*=\s*array\(\s*\)\s*;$/i', $line))
continue;
if (!$global && preg_match('/^\$([a-z0-9-_]+)\s*=\s*array\(\s*\)\s*;$/i', $line, $matches))
{
$global = $matches[1];
continue;
}
if (preg_match('/^\$'.preg_quote($global, '/').'\[\''._PS_TRANS_PATTERN_.'\'\]\s*=\s*\''._PS_TRANS_PATTERN_.'\'\s*;$/i', $line))
continue;
if (preg_match('/^return\s+\$'.preg_quote($global, '/').'\s*;$/i', $line, $matches))
continue;
return false;
}
return true;
}
public function submitImportLang()
{
@@ -607,6 +636,28 @@ class AdminTranslationsControllerCore extends AdminController
{
$themes_selected = Tools::getValue('theme', array(self::DEFAULT_THEME_NAME));
$files_list = $gz->listContent();
$uniqid = uniqid();
$sandbox = _PS_CACHE_DIR_.'sandbox'.DIRECTORY_SEPARATOR.$uniqid.DIRECTORY_SEPARATOR;
if ($gz->extract($sandbox, false))
{
foreach ($files_list as $file2check)
{
if (preg_match('@^[0-9a-z-_/\\\\]+\.php$@i', $file2check['filename']))
{
if (!AdminTranslationsController::checkTranslationFile(file_get_contents($sandbox.$file2check['filename'])))
$this->errors[] = sprintf(Tools::displayError('Validation failed for: %s'), $file2check['filename']);
}
elseif (!preg_match('@^[0-9a-z-_/\\\\]+\.(html|tpl|txt)$@i', $file2check['filename']))
$this->errors[] = sprintf(Tools::displayError('Unidentified file found: %s'), $file2check['filename']);
}
}
Tools::deleteDirectory($sandbox, true);
if (count($this->errors))
return false;
if ($gz->extract(_PS_TRANSLATIONS_DIR_.'../', false))
{
AdminTranslationsController::checkAndAddMailsFiles($iso_code, $files_list);