Fixed csrf issue when deleting an invoice draft

Author: Till Brehm

server/lib/classes/aps_installer.inc.php

@@ -550,10 +550,21 @@ private function doInstallation($task, $sxe)
 			foreach($this->putenv as $var) {
 				putenv($var);
 			}
+			
+			$tmpi = "<?php\n\n";
+			foreach($this->putenv as $var) {
+				$tmpi .= "putenv('".$var."');\n";
+			}
+			$tmpi .= "chdir('".$this->local_installpath.'install_scripts/'."');\n";
+			$tmpi .= 'exec("php '.$this->local_installpath.'install_scripts/'.$cfgscript.' install");';
+			
+			$app->system->file_put_contents($this->local_installpath.'install_scripts/ispinstall.php', $tmpi);
+			exec('php '.$this->local_installpath.'install_scripts/ispinstall.php');
+			die();
 
 			$shell_retcode = true;
 			$shell_ret = array();
-			$app->system->exec_safe('php ? install 2>&1', $this->local_installpath.'install_scripts/'.$cfgscript);
+			//$app->system->exec_safe('sudo -u ? php ? install 2>&1', $this->file_owner_user, $this->local_installpath.'install_scripts/'.$cfgscript);
 			$shell_ret = $app->system->last_exec_out();
 			$shell_retcode = $app->system->last_exec_retcode();
 			$shell_ret = array_filter($shell_ret);