diff --git a/system/libs/plugins.php b/system/libs/plugins.php index fb155629..6a287983 100644 --- a/system/libs/plugins.php +++ b/system/libs/plugins.php @@ -236,16 +236,32 @@ class Plugins { else { $success = true; foreach($plugin_info['uninstall'] as $file) { - $file = BASE . $file; - if(!deleteDirectory($file)) { + if(strpos($file, '/') === 0) { $success = false; + self::$error = "You cannot use absolute paths (starting with slash - '/'): " . $file; + break; + } + + $file = BASE . $file; + if(!is_sub_dir($file, BASE) || realpath(dirname($file)) != dirname($file)) { + $success = false; + self::$error = "You don't have rights to delete: " . $file; + break; } } - + + if($success) { + foreach($plugin_info['uninstall'] as $file) { + if(!deleteDirectory(BASE . $file)) { + self::$warnings[] = 'Cannot delete: ' . $$file; + } + } + } + if (isset($plugin_info['hooks'])) { foreach ($plugin_info['hooks'] as $_name => $info) { if (defined('HOOK_'. $info['type'])) { - $hook = constant('HOOK_'. $info['type']); + //$hook = constant('HOOK_'. $info['type']); $query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'hooks` WHERE `name` = ' . $db->quote($_name) . ';'); if ($query->rowCount() == 1) { // found something $query = $query->fetch(); @@ -263,9 +279,6 @@ class Plugins { return true; } - else { - self::$error = error_get_last(); - } } } } diff --git a/system/pages/admin/plugins.php b/system/pages/admin/plugins.php index 91ce37c0..759d1788 100644 --- a/system/pages/admin/plugins.php +++ b/system/pages/admin/plugins.php @@ -22,7 +22,7 @@ if(isset($_REQUEST['uninstall'])){ success('Successfully uninstalled plugin ' . $uninstall); } else { - error('Error while uninstalling plugin ' . $plugin_name . ': ' . Plugins::getError()); + error('Error while uninstalling plugin ' . $uninstall . ': ' . Plugins::getError()); } } else if(isset($_FILES["plugin"]["name"]))