From 06339e0c8ac8fdbbf5d2784df8019704da9bd6eb Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 13 Jan 2015 12:28:33 -0500
Subject: [PATCH] - fixed javascript call in json file
---
interface/web/admin/software_update_list.php | 31 ++++---------------------------
1 files changed, 4 insertions(+), 27 deletions(-)
diff --git a/interface/web/admin/software_update_list.php b/interface/web/admin/software_update_list.php
index 9a1df8a..321c42b 100644
--- a/interface/web/admin/software_update_list.php
+++ b/interface/web/admin/software_update_list.php
@@ -33,6 +33,7 @@
//* Check permissions for module
$app->auth->check_module_permissions('admin');
+$app->auth->check_security_permissions('admin_allow_software_packages');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
@@ -161,11 +162,11 @@
foreach($installed_packages as $ip) {
// Get version number of the latest installed version
- $sql = "SELECT v1, v2, v3, v4 FROM software_update, software_update_inst WHERE software_update.software_update_id = software_update_inst.software_update_id AND server_id = ".$server_id." ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC LIMIT 0,1";
+ $sql = "SELECT v1, v2, v3, v4 FROM software_update, software_update_inst WHERE software_update.software_update_id = software_update_inst.software_update_id AND server_id = ".$app->functions->intval($server_id)." ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC LIMIT 0,1";
$lu = $app->db->queryOneRecord($sql);
// Get all installable updates
- $sql = "SELECT * FROM software_update WHERE v1 >= $lu[v1] AND v2 >= $lu[v2] AND v3 >= $lu[v3] AND v4 >= $lu[v4] AND package_name = '$ip[package_name]' ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC";
+ $sql = "SELECT * FROM software_update WHERE v1 >= ".$app->functions->intval($lu['v1'])." AND v2 >= ".$app->functions->intval($lu['v2'])." AND v3 >= ".$app->functions->intval($lu['v3'])." AND v4 >= ".$app->functions->intval($lu['v4'])." AND package_name = '".$app->db->quote($ip['package_name'])."' ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC";
$updates = $app->db->queryAllRecords($sql);
//die($sql);
@@ -175,37 +176,13 @@
foreach($updates as $key => $u) {
$version = $u['v1'].'.'.$u['v2'].'.'.$u['v3'].'.'.$u['v4'];
- $installed_txt = "<a href=\"#\" onclick=\"loadContent('admin/software_update_list.php?action=install&package=".$u["package_name"]."&id=".$u["software_update_id"]."&server_id=".$server_id."');\">Install Update</a><br />";
+ $installed_txt = "<a href=\"#\" data-load-content=\"admin/software_update_list.php?action=install&package=".$u["package_name"]."&id=".$u["software_update_id"]."&server_id=".$server_id."\">Install Update</a><br />";
$records_out[] = array('version' => $version, 'update_title' => $u["update_title"], 'installed' => $installed_txt);
}
}
}
}
-
-/*
-$updates = $app->db->queryAllRecords('SELECT software_update.update_title, software_update.software_update_id, software_update.package_name, v1, v2, v3, v4, software_update_inst.status
- FROM software_update LEFT JOIN software_update_inst ON ( software_update.software_update_id = software_update_inst.software_update_id )
- WHERE server_id = '.$server_id.'
- GROUP BY software_update.package_name
- ORDER BY software_update.package_name ASC, v1 DESC , v2 DESC , v3 DESC , v4 DESC');
-
-if(is_array($updates)) {
- foreach($updates as $key => $u) {
- $installed_txt = '';
-
- $version = $u['v1'].'.'.$u['v2'].'.'.$u['v3'].'.'.$u['v4'];
- $updates[$key]['version'] = $version;
- if($u['status'] == 'installed' || $u['status'] == 'installing' || $u['status'] == 'deleting') {
- $installed_txt .= "Installed version $version<br />";
- } else {
- $installed_txt .= "<a href=\"#\" onclick=\"loadContent('admin/software_update_list.php?action=install&package=".$u["package_name"]."&id=".$u["software_update_id"]."&server_id=".$server_id."');\">Install now</a><br />";
- }
- $updates[$key]['installed'] = $installed_txt;
-
- }
-}
-*/
--
Gitblit v1.9.1