EVOLUTION-NINJA

Edit File: plugins_ctrl.php

<?php

require_once(FCPATH . 'updates/pclzip.lib.php');

class plugins_ctrl extends Controller 
{
		function plugins_ctrl()
		{
		parent::Controller();
		$this->load->model('user_model','',TRUE);
		$this->load->helper(array('text','form','date','url','session','common','error','admin','db'));
		$this->load->library(array('user_entry','validation','form_validation','session'));
 $this->MAX_FILE_SIZE = 10000000;
 $this->upload_path = FCPATH . 'plugin_uploads/';
 $this->installed_path = FCPATH . 'plugin_uploads/installed/';
 $this->upload_path_name = '/plugin_uploads/';
		}
		function index()
		{
 $top_error = '';
 $msg = '';
 if (!is_writeable($this->upload_path)) {
 $top_error = 'Plugin Upload Directory is not writeable. chmod 777 '.$this->upload_path.' and try again.';
 } elseif (!is_writeable($this->installed_path)) {
 $top_error = 'Plugin Upload Directory is not writeable. chmod 777 '.$this->installed_path.' and try again.';
 } else {
 if (isset($_POST['upload'])) {
 $f = $_FILES['plugin_file'];
 if (in_array($f['type'], array('application/zip', 'application/download', 'application/x-zip', 'application/x-zip-compressed', 'application/x-compress', 'application/x-compressed', 'application/octet-stream', 'multipart/x-zip')) && $f['size'] <= $this->MAX_FILE_SIZE) {
 if (move_uploaded_file($f['tmp_name'], $this->upload_path . $f['name'])) {
 $msg = 'Successfully uploaded ' . $f['name'] . '.';
 } else {
 $msg = 'Error uploading file.';
 }
 } else {
 if ($f['error'] == UPLOAD_ERR_INI_SIZE) {
 $msg = 'The upload_max_filesize setting in your php.ini is set to '.ini_get('upload_max_filesize').'. Increase it to upload this file, or upload it yourself into ' . $this->upload_path_name . ' via FTP.' ;
 } else {
 $msg = 'Invalid file or file size.';
 }
 }
 } elseif (isset($_GET['action'])) {
 $action = $_GET['action'];
 if ($action == 'install') {
 $f = $this->upload_path . $this->_sanitize($_GET['file']);
 } elseif ($action == 'reinstall') {
 $f = $this->installed_path . $this->_sanitize($_GET['file']);
 }
 if (!empty($f) && file_exists($f)) {
 $msg = $this->_install($f);
 } else {
 redirect('plugins_ctrl');
 }
 }
 }
 $this->load->view('plugins', array(
 'upload_path_name'=>$this->upload_path_name, 
 'top_error'=>$top_error,
 'msg'=>$msg,
 'plugins'=>$this->_list_plugins(),
 ));
		}

function _sanitize($filename) {
                    return preg_replace('/[\/\\\\]/', '', $filename);

}

function _install($file) {
                    if (!file_exists($file)) {
                        return basename($file) . " doesn't exist.";
                    }

$zip = new PclZip($file);
 if ($zip) {
 $zipfiles = $zip->listContent();
 $permission_problems = false;
 for ($i = 0; $i < sizeof($zipfiles); $i++) {
 $fname = $zipfiles[$i]['filename'];
 $fullpath = FCPATH . $fname;
 if (file_exists($fullpath) && !is_writeable($fullpath)) {
 if (!$permission_problems) {
 $msg='<h3>Fix these permissions problems and <a href="?'.http_build_query($_GET).'">click here</a> to try again.</h3>';
 }
 $permission_problems = true;
 $msg .= "$fullpath is not writeable. chmod 777 $fullpath to fix this problem. ";
 } elseif (!file_exists($fullpath) && !is_writeable(dirname($fullpath))) {
 if (!$permission_problems) {
 $msg='<h3>Fix these permissions problems and <a href="?'.http_build_query($_GET).'">click here</a> to try again.</h3>';
 }
 $permission_problems = true;
 $msg .= "".dirname($fullpath)." is not writeable. chmod 777 ".dirname($fullpath)." to fix this problem. ";
 }
 }
 if ($permission_problems) {
 return $msg;
 } else {
 for ($i = 0; $i < sizeof($zipfiles); $i++) {
 $zip->extract(PCLZIP_OPT_PATH, FCPATH, PCLZIP_OPT_BY_INDEX, $i, PCLZIP_OPT_REPLACE_NEWER);
 }
 if ($file != $this->installed_path . basename($file)) {
 rename($file, $this->installed_path . basename($file));
 }
 }

}

return "Installed!";
                }