From 9626f23072b6aad34912a10674c2703603d645d2 Mon Sep 17 00:00:00 2001 From: jebsolutions Date: Thu, 24 Nov 2016 02:23:44 -0500 Subject: [PATCH] prevent cloning duplicate extensions (master #1821) (#2033) * prevent cloning duplicate extensions app/extensions/app_languages.php + add duplicate extension error prompt app/extensions/extension_copy.php + add check to see if duplicate extension exists app/extensions/resources/classes/extension.php + add function to check if extension exists * fix typo * Update app_languages.php * Update extension_copy.php * Update extension.php * Update extension_copy.php Use the global app_languages.php message-duplicate translation. * Update extension_copy.php * Update extension.php --- app/extensions/extension_copy.php | 46 +++++++++++++------ .../resources/classes/extension.php | 14 +++++- 2 files changed, 45 insertions(+), 15 deletions(-) diff --git a/app/extensions/extension_copy.php b/app/extensions/extension_copy.php index 1f9a8d3563..d717ba3fd3 100644 --- a/app/extensions/extension_copy.php +++ b/app/extensions/extension_copy.php @@ -17,23 +17,27 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2012 + Portions created by the Initial Developer are Copyright (C) 2008-2016 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ -include "root.php"; -require_once "resources/require.php"; -require_once "resources/check_auth.php"; -require_once "resources/paging.php"; -if (permission_exists('extension_add')) { - //access granted -} -else { - echo "access denied"; - exit; -} + +//includes + include "root.php"; + require_once "resources/require.php"; + require_once "resources/check_auth.php"; + require_once "resources/paging.php"; + +//check permissions + if (permission_exists('extension_add')) { + //access granted + } + else { + echo "access denied"; + exit; + } //add multi-lingual support $language = new text; @@ -47,7 +51,21 @@ else { $number_alias_new = check_str($_REQUEST["alias"]); } } - + +// skip the copy if the domain extension already exists + $ext = new extension; + $ext->db = $db; + if ($ext->exists($domain_uuid, $extension_new)) { + //begin the page content + require_once "resources/header.php"; + + echo "
".$text['message-duplicate']."
"; + echo " \n"; + echo "
"; + require_once "resources/footer.php"; + return; + } + //get the v_extensions data $sql = "select * from v_extensions "; $sql .= "where domain_uuid = '$domain_uuid' "; @@ -228,4 +246,4 @@ else { header("Location: extensions.php"); return; -?> \ No newline at end of file +?> diff --git a/app/extensions/resources/classes/extension.php b/app/extensions/resources/classes/extension.php index fd09e9bd0f..25f99b7224 100644 --- a/app/extensions/resources/classes/extension.php +++ b/app/extensions/resources/classes/extension.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Copyright (C) 2010 - 2014 + Copyright (C) 2010 - 2016 All Rights Reserved. Contributor(s): @@ -518,6 +518,18 @@ if (!class_exists('extension')) { $_SESSION["reload_xml"] = true; } } + + // returns true if the domain extension already exists + public function exists($domain_uuid, $extension) { + $sql = "select * from v_extensions where domain_uuid = '".$domain_uuid."' "; + $sql .= "and extension='".$extension."'"; + + $prep_statement = $this->db->prepare(check_sql($sql)); + $prep_statement->execute(); + $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); + + return count($result) != 0; + } } }