| [ Index ] |
PHP Cross Reference of vtigercrm-6.1.0 |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** This file is part of KCFinder project 4 * 5 * @desc Browser actions class 6 * @package KCFinder 7 * @version 2.21 8 * @author Pavel Tzonkov <[email protected]> 9 * @copyright 2010 KCFinder Project 10 * @license http://www.opensource.org/licenses/gpl-2.0.php GPLv2 11 * @license http://www.opensource.org/licenses/lgpl-2.1.php LGPLv2 12 * @link http://kcfinder.sunhater.com 13 */ 14 15 class browser extends uploader { 16 protected $action; 17 protected $thumbsDir; 18 protected $thumbsTypeDir; 19 20 public function __construct() { 21 parent::__construct(); 22 23 if (isset($this->post['dir'])) { 24 $dir = $this->checkInputDir($this->post['dir'], true, false); 25 if ($dir === false) unset($this->post['dir']); 26 $this->post['dir'] = $dir; 27 } 28 29 if (isset($this->get['dir'])) { 30 $dir = $this->checkInputDir($this->get['dir'], true, false); 31 if ($dir === false) unset($this->get['dir']); 32 $this->get['dir'] = $dir; 33 } 34 35 $thumbsDir = $this->config['uploadDir'] . "/" . $this->config['thumbsDir']; 36 if (( 37 !is_dir($thumbsDir) && 38 !@mkdir($thumbsDir, $this->config['dirPerms']) 39 ) || 40 41 !is_readable($thumbsDir) || 42 !dir::isWritable($thumbsDir) || 43 ( 44 !is_dir("$thumbsDir/{$this->type}") && 45 !@mkdir("$thumbsDir/{$this->type}", $this->config['dirPerms']) 46 ) 47 ) 48 $this->errorMsg("Cannot access or create thumbnails folder."); 49 50 $this->thumbsDir = $thumbsDir; 51 $this->thumbsTypeDir = "$thumbsDir/{$this->type}"; 52 53 // Remove temporary zip downloads if exists 54 $files = dir::content($this->config['uploadDir'], array( 55 'types' => "file", 56 'pattern' => '/^.*\.zip$/i' 57 )); 58 59 if (is_array($files) && count($files)) { 60 $time = time(); 61 foreach ($files as $file) 62 if (is_file($file) && ($time - filemtime($file) > 3600)) 63 unlink($file); 64 } 65 } 66 67 public function action() { 68 $act = isset($this->get['act']) ? $this->get['act'] : "browser"; 69 if (!method_exists($this, "act_$act")) 70 $act = "browser"; 71 $this->action = $act; 72 $method = "act_$act"; 73 74 if ($this->config['disabled']) { 75 $message = $this->label("You don't have permissions to browse server."); 76 if (in_array($act, array("browser", "upload")) || 77 (substr($act, 0, 8) == "download") 78 ) 79 $this->backMsg($message); 80 else { 81 header("Content-Type: text/xml; charset={$this->charset}"); 82 die($this->output(array('message' => $message), "error")); 83 } 84 } 85 86 if (!isset($this->session['dir'])) 87 $this->session['dir'] = $this->type; 88 else { 89 $type = $this->getTypeFromPath($this->session['dir']); 90 $dir = $this->config['uploadDir'] . "/" . $this->session['dir']; 91 if (($type != $this->type) || !is_dir($dir) || !is_readable($dir)) 92 $this->session['dir'] = $this->type; 93 } 94 $this->session['dir'] = path::normalize($this->session['dir']); 95 96 if ($act == "browser") { 97 header("X-UA-Compatible: chrome=1"); 98 header("Content-Type: text/html; charset={$this->charset}"); 99 } else if ( 100 (substr($act, 0, 8) != "download") && 101 !in_array($act, array("thumb", "upload")) 102 ) 103 header("Content-Type: text/xml; charset={$this->charset}"); 104 elseif ($act != "thumb") 105 header("Content-Type: text/html; charset={$this->charset}"); 106 107 $return = $this->$method(); 108 echo ($return === true) 109 ? "<root></root>" 110 : $return; 111 } 112 113 protected function act_browser() { 114 if (isset($this->get['dir']) && 115 is_dir("{$this->typeDir}/{$this->get['dir']}") && 116 is_readable("{$this->typeDir}/{$this->get['dir']}") 117 ) 118 $this->session['dir'] = path::normalize("{$this->type}/{$this->get['dir']}"); 119 120 return $this->output(); 121 } 122 123 protected function act_init() { 124 $tree = $this->getDirInfo($this->typeDir); 125 $tree['dirs'] = $this->getTree($this->session['dir']); 126 if (!is_array($tree['dirs']) || !count($tree['dirs'])) 127 unset($tree['dirs']); 128 $tree = $this->xmlTree($tree); 129 $files = $this->getFiles($this->session['dir']); 130 $dirWritable = dir::isWritable("{$this->config['uploadDir']}/{$this->session['dir']}"); 131 $data = array( 132 'tree' => &$tree, 133 'files' => &$files, 134 'dirWritable' => $dirWritable 135 ); 136 return $this->output($data); 137 } 138 139 protected function act_thumb() { 140 if (!isset($this->get['file'])) 141 $this->sendDefaultThumb(); 142 $file = $this->get['file']; 143 if (basename($file) != $file) 144 $this->sendDefaultThumb(); 145 $file = "{$this->thumbsDir}/{$this->session['dir']}/$file"; 146 if (!is_file($file) || !is_readable($file)) { 147 $file = "{$this->config['uploadDir']}/{$this->session['dir']}/" . basename($file); 148 if (!is_file($file) || !is_readable($file)) 149 $this->sendDefaultThumb($file); 150 $image = new gd($file); 151 if ($image->init_error) 152 $this->sendDefaultThumb($file); 153 $browsable = array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_JPEG2000, IMAGETYPE_PNG); 154 if (in_array($image->type, $browsable) && 155 ($image->get_width() <= $this->config['thumbWidth']) && 156 ($image->get_height() <= $this->config['thumbHeight']) 157 ) { 158 $type = 159 ($image->type == IMAGETYPE_GIF) ? "gif" : ( 160 ($image->type == IMAGETYPE_PNG) ? "png" : "jpeg"); 161 $type = "image/$type"; 162 httpCache::file($file, $type); 163 } else 164 $this->sendDefaultThumb($file); 165 } 166 httpCache::file($file, "image/jpeg"); 167 } 168 169 protected function act_expand() { 170 return $this->output(array('dirs' => $this->getDirs($this->postDir()))); 171 } 172 173 protected function act_chDir() { 174 $this->postDir(); // Just for existing check 175 $this->session['dir'] = $this->type . "/" . $this->post['dir']; 176 $dirWritable = dir::isWritable("{$this->config['uploadDir']}/{$this->session['dir']}"); 177 return $this->output(array( 178 'files' => $this->getFiles($this->session['dir']), 179 'dirWritable' => $dirWritable 180 )); 181 } 182 183 protected function act_newDir() { 184 if ($this->config['readonly'] || 185 !isset($this->post['dir']) || 186 !isset($this->post['newDir']) 187 ) 188 $this->errorMsg("Unknown error."); 189 190 $dir = $this->postDir(); 191 $newDir = trim($this->post['newDir']); 192 if (!strlen($newDir)) 193 $this->errorMsg("Please enter new folder name."); 194 if (preg_match('/[\/\\\\]/s', $newDir)) 195 $this->errorMsg("Unallowable characters in folder name."); 196 if (substr($newDir, 0, 1) == ".") 197 $this->errorMsg("Folder name shouldn't begins with '.'"); 198 if (file_exists("$dir/$newDir")) 199 $this->errorMsg("A file or folder with that name already exists."); 200 if (!@mkdir("$dir/$newDir", $this->config['dirPerms'])) 201 $this->errorMsg("Cannot create {dir} folder.", array('dir' => $newDir)); 202 return true; 203 } 204 205 protected function act_renameDir() { 206 if ($this->config['readonly'] || 207 !isset($this->post['dir']) || 208 !isset($this->post['newName']) 209 ) 210 $this->errorMsg("Unknown error."); 211 212 $dir = $this->postDir(); 213 $newName = trim($this->post['newName']); 214 if (!strlen($newName)) 215 $this->errorMsg("Please enter new folder name."); 216 if (preg_match('/[\/\\\\]/s', $newName)) 217 $this->errorMsg("Unallowable characters in folder name."); 218 if (substr($newName, 0, 1) == ".") 219 $this->errorMsg("Folder name shouldn't begins with '.'"); 220 if (!@rename($dir, dirname($dir) . "/$newName")) 221 $this->errorMsg("Cannot rename the folder."); 222 $thumbDir = "$this->thumbsTypeDir/{$this->post['dir']}"; 223 if (is_dir($thumbDir)) 224 @rename($thumbDir, dirname($thumbDir) . "/$newName"); 225 return $this->output(array('name' => $newName)); 226 } 227 228 protected function act_deleteDir() { 229 if ($this->config['readonly'] || 230 !isset($this->post['dir']) || 231 !strlen(trim($this->post['dir'])) 232 ) 233 $this->errorMsg("Unknown error."); 234 235 $dir = $this->postDir(); 236 237 if (!dir::isWritable($dir)) 238 $this->errorMsg("Cannot delete the folder."); 239 $result = !dir::prune($dir, false); 240 if (is_array($result) && count($result)) 241 $this->errorMsg("Failed to delete {count} files/folders.", 242 array('count' => count($result))); 243 $thumbDir = "$this->thumbsTypeDir/{$this->post['dir']}"; 244 if (is_dir($thumbDir)) dir::prune($thumbDir); 245 return $this->output(); 246 } 247 248 protected function act_upload() { 249 if ($this->config['readonly'] || !isset($this->post['dir'])) 250 $this->errorMsg("Unknown error."); 251 252 $dir = $this->postDir(); 253 254 if (!dir::isWritable($dir)) 255 $this->errorMsg("Cannot access or write to upload folder."); 256 257 $message = $this->checkUploadedFile(); 258 259 if ($message !== true) { 260 if (isset($this->file['tmp_name'])) 261 @unlink($this->file['tmp_name']); 262 $this->errorMsg($message); 263 } 264 265 $target = "$dir/" . file::getInexistantFilename($this->file['name'], $dir); 266 267 if (!@move_uploaded_file($this->file['tmp_name'], $target) && 268 !@rename($this->file['tmp_name'], $target) && 269 !@copy($this->file['tmp_name'], $target) 270 ) { 271 @unlink($this->file['tmp_name']); 272 $this->errorMsg("Cannot move uploaded file to target folder."); 273 } elseif (function_exists('chmod')) 274 chmod($target, $this->config['filePerms']); 275 276 $this->makeThumb($target); 277 return "/" . basename($target); 278 } 279 280 protected function act_download() { 281 $dir = $this->postDir(); 282 if (!isset($this->post['dir']) || 283 !isset($this->post['file']) || 284 (false === ($file = "$dir/{$this->post['file']}")) || 285 !file_exists($file) || !is_readable($file) 286 ) 287 $this->errorMsg("Unknown error."); 288 289 if(!$this->filePathAccessible($file)) { 290 $this->errorMsg("Invalid file location access."); 291 } 292 293 header("Pragma: public"); 294 header("Expires: 0"); 295 header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); 296 header("Cache-Control: private", false); 297 header("Content-Type: application/octet-stream"); 298 header('Content-Disposition: attachment; filename="' . str_replace('"', "_", $this->post['file']) . '"'); 299 header("Content-Transfer-Encoding:Â binary"); 300 header("Content-Length: " . filesize($file)); 301 readfile($file); 302 die; 303 } 304 305 protected function act_rename() { 306 $dir = $this->postDir(); 307 if ($this->config['readonly'] || 308 !isset($this->post['dir']) || 309 !isset($this->post['file']) || 310 !isset($this->post['newName']) || 311 (false === ($file = "$dir/{$this->post['file']}")) || 312 !file_exists($file) || !is_readable($file) || !file::isWritable($file) 313 ) 314 $this->errorMsg("Unknown error."); 315 316 if(!$this->filePathAccessible($file)) { 317 $this->errorMsg("Invalid file location access."); 318 } 319 320 $newName = trim($this->post['newName']); 321 if (!strlen($newName)) 322 $this->errorMsg("Please enter new file name."); 323 if (preg_match('/[\/\\\\]/s', $newName)) 324 $this->errorMsg("Unallowable characters in file name."); 325 if (substr($newName, 0, 1) == ".") 326 $this->errorMsg("File name shouldn't begins with '.'"); 327 $newName = "$dir/$newName"; 328 if (file_exists($newName)) 329 $this->errorMsg("A file or folder with that name already exists."); 330 $ext = file::getExtension($newName); 331 if (!$this->validateExtension($ext, $this->type)) 332 $this->errorMsg("Denied file extension."); 333 if (!@rename($file, $newName)) 334 $this->errorMsg("Unknown error."); 335 336 $thumbDir = "{$this->thumbsTypeDir}/{$this->post['dir']}"; 337 $thumbFile = "$thumbDir/{$this->post['file']}"; 338 339 if (file_exists($thumbFile)) 340 @rename($thumbFile, "$thumbDir/" . basename($newName)); 341 return true; 342 } 343 344 protected function act_delete() { 345 $dir = $this->postDir(); 346 347 $file = "$dir/{$this->post['file']}"; 348 if(!$this->filePathAccessible($file)) { 349 $this->errorMsg("Invalid file location access."); 350 } 351 352 if ($this->config['readonly'] || 353 !isset($this->post['dir']) || 354 !isset($this->post['file']) || 355 (false === ($file = "$dir/{$this->post['file']}")) || 356 !file_exists($file) || !is_readable($file) || !file::isWritable($file) || 357 !@unlink($file) 358 ) 359 $this->errorMsg("Unknown error."); 360 361 $thumb = "{$this->thumbsTypeDir}/{$this->post['dir']}/{$this->post['file']}"; 362 if (file_exists($thumb)) @unlink($thumb); 363 return true; 364 } 365 366 protected function act_cp_cbd() { 367 $dir = $this->postDir(); 368 if ($this->config['readonly'] || 369 !isset($this->post['dir']) || 370 !is_dir($dir) || !is_readable($dir) || !dir::isWritable($dir) || 371 !isset($this->post['files']) || !is_array($this->post['files']) || 372 !count($this->post['files']) 373 ) 374 $this->errorMsg("Unknown error."); 375 376 $error = array(); 377 foreach($this->post['files'] as $file) { 378 $file = path::normalize($file); 379 if (substr($file, 0, 1) == ".") continue; 380 $type = explode("/", $file); 381 $type = $type[0]; 382 if ($type != $this->type) continue; 383 $path = "{$this->config['uploadDir']}/$file"; 384 $base = basename($file); 385 $replace = array('file' => $base); 386 $ext = file::getExtension($base); 387 if (!file_exists($path)) 388 $error[] = $this->label("The file '{file}' does not exist.", $replace); 389 elseif (substr($base, 0, 1) == ".") 390 $error[] = "$base: " . $this->label("File name shouldn't begins with '.'"); 391 elseif (!$this->validateExtension($ext, $type)) 392 $error[] = "$base: " . $this->label("Denied file extension."); 393 elseif (file_exists("$dir/$base")) 394 $error[] = "$base: " . $this->label("A file or folder with that name already exists."); 395 elseif (!is_readable($path) || !is_file($path)) 396 $error[] = $this->label("Cannot read '{file}'.", $replace); 397 elseif (!@copy($path, "$dir/$base")) 398 $error[] = $this->label("Cannot copy '{file}'.", $replace); 399 else { 400 if (function_exists("chmod")) 401 @chmod("$dir/$base", $this->config['filePerms']); 402 $fromThumb = "{$this->thumbsDir}/$file"; 403 if (is_file($fromThumb) && is_readable($fromThumb)) { 404 $toThumb = "{$this->thumbsTypeDir}/{$this->post['dir']}"; 405 if (!is_dir($toThumb)) 406 @mkdir($toThumb, $this->config['dirPerms'], true); 407 $toThumb .= "/$base"; 408 @copy($fromThumb, $toThumb); 409 } 410 } 411 } 412 if (count($error)) 413 return $this->output(array('message' => $error), "error"); 414 return true; 415 } 416 417 protected function act_mv_cbd() { 418 $dir = $this->postDir(); 419 if ($this->config['readonly'] || 420 !isset($this->post['dir']) || 421 !is_dir($dir) || !is_readable($dir) || !dir::isWritable($dir) || 422 !isset($this->post['files']) || !is_array($this->post['files']) || 423 !count($this->post['files']) 424 ) 425 $this->errorMsg("Unknown error."); 426 427 $error = array(); 428 foreach($this->post['files'] as $file) { 429 $file = path::normalize($file); 430 if (substr($file, 0, 1) == ".") continue; 431 $type = explode("/", $file); 432 $type = $type[0]; 433 if ($type != $this->type) continue; 434 $path = "{$this->config['uploadDir']}/$file"; 435 $base = basename($file); 436 $replace = array('file' => $base); 437 $ext = file::getExtension($base); 438 if (!file_exists($path)) 439 $error[] = $this->label("The file '{file}' does not exist.", $replace); 440 elseif (substr($base, 0, 1) == ".") 441 $error[] = "$base: " . $this->label("File name shouldn't begins with '.'"); 442 elseif (!$this->validateExtension($ext, $type)) 443 $error[] = "$base: " . $this->label("Denied file extension."); 444 elseif (file_exists("$dir/$base")) 445 $error[] = "$base: " . $this->label("A file or folder with that name already exists."); 446 elseif (!is_readable($path) || !is_file($path)) 447 $error[] = $this->label("Cannot read '{file}'.", $replace); 448 elseif (!file::isWritable($path) || !@rename($path, "$dir/$base")) 449 $error[] = $this->label("Cannot move '{file}'.", $replace); 450 else { 451 if (function_exists("chmod")) 452 @chmod("$dir/$base", $this->config['filePerms']); 453 $fromThumb = "{$this->thumbsDir}/$file"; 454 if (is_file($fromThumb) && is_readable($fromThumb)) { 455 $toThumb = "{$this->thumbsTypeDir}/{$this->post['dir']}"; 456 if (!is_dir($toThumb)) 457 @mkdir($toThumb, $this->config['dirPerms'], true); 458 $toThumb .= "/$base"; 459 @rename($fromThumb, $toThumb); 460 } 461 } 462 } 463 if (count($error)) 464 return $this->output(array('message' => $error), "error"); 465 return true; 466 } 467 468 protected function act_rm_cbd() { 469 if ($this->config['readonly'] || 470 !isset($this->post['files']) || 471 !is_array($this->post['files']) || 472 !count($this->post['files']) 473 ) 474 $this->errorMsg("Unknown error."); 475 476 $error = array(); 477 foreach($this->post['files'] as $file) { 478 $file = path::normalize($file); 479 if (substr($file, 0, 1) == ".") continue; 480 $type = explode("/", $file); 481 $type = $type[0]; 482 if ($type != $this->type) continue; 483 $path = "{$this->config['uploadDir']}/$file"; 484 $base = basename($file); 485 $replace = array('file' => $base); 486 if (!is_file($path)) 487 $error[] = $this->label("The file '{file}' does not exist.", $replace); 488 elseif (!@unlink($path)) 489 $error[] = $this->label("Cannot delete '{file}'.", $replace); 490 else { 491 $thumb = "{$this->thumbsDir}/$file"; 492 if (is_file($thumb)) @unlink($thumb); 493 } 494 } 495 if (count($error)) 496 return $this->output(array('message' => $error), "error"); 497 return true; 498 } 499 500 protected function act_downloadDir() { 501 $dir = $this->postDir(); 502 if (!isset($this->post['dir']) || $this->config['denyZipDownload']) 503 $this->errorMsg("Unknown error."); 504 $filename = basename($dir) . ".zip"; 505 do { 506 $file = md5(time() . session_id()); 507 $file = "{$this->config['uploadDir']}/$file.zip"; 508 } while (file_exists($file)); 509 new zipFolder($file, $dir); 510 header("Content-Type: application/x-zip"); 511 header('Content-Disposition: attachment; filename="' . str_replace('"', "_", $filename) . '"'); 512 header("Content-Length: " . filesize($file)); 513 readfile($file); 514 unlink($file); 515 die; 516 } 517 518 protected function act_downloadSelected() { 519 $dir = $this->postDir(); 520 if (!isset($this->post['dir']) || 521 !isset($this->post['files']) || 522 !is_array($this->post['files']) || 523 $this->config['denyZipDownload'] 524 ) 525 $this->errorMsg("Unknown error."); 526 527 $zipFiles = array(); 528 foreach ($this->post['files'] as $file) { 529 $file = path::normalize($file); 530 if ((substr($file, 0, 1) == ".") || (strpos($file, '/') !== false)) 531 continue; 532 $file = "$dir/$file"; 533 if (!is_file($file) || !is_readable($file)) 534 continue; 535 $zipFiles[] = $file; 536 } 537 538 do { 539 $file = md5(time() . session_id()); 540 $file = "{$this->config['uploadDir']}/$file.zip"; 541 } while (file_exists($file)); 542 543 $zip = new ZipArchive(); 544 $res = $zip->open($file, ZipArchive::CREATE); 545 if ($res === TRUE) { 546 foreach ($zipFiles as $cfile) 547 $zip->addFile($cfile, basename($cfile)); 548 $zip->close(); 549 } 550 header("Content-Type: application/x-zip"); 551 header('Content-Disposition: attachment; filename="selected_files_' . basename($file) . '"'); 552 header("Content-Length: " . filesize($file)); 553 readfile($file); 554 unlink($file); 555 die; 556 } 557 558 protected function act_downloadClipboard() { 559 if (!isset($this->post['files']) || 560 !is_array($this->post['files']) || 561 $this->config['denyZipDownload'] 562 ) 563 $this->errorMsg("Unknown error."); 564 565 $zipFiles = array(); 566 foreach ($this->post['files'] as $file) { 567 $file = path::normalize($file); 568 if ((substr($file, 0, 1) == ".")) 569 continue; 570 $type = explode("/", $file); 571 $type = $type[0]; 572 if ($type != $this->type) 573 continue; 574 $file = $this->config['uploadDir'] . "/$file"; 575 if (!is_file($file) || !is_readable($file)) 576 continue; 577 $zipFiles[] = $file; 578 } 579 580 do { 581 $file = md5(time() . session_id()); 582 $file = "{$this->config['uploadDir']}/$file.zip"; 583 } while (file_exists($file)); 584 585 $zip = new ZipArchive(); 586 $res = $zip->open($file, ZipArchive::CREATE); 587 if ($res === TRUE) { 588 foreach ($zipFiles as $cfile) 589 $zip->addFile($cfile, basename($cfile)); 590 $zip->close(); 591 } 592 header("Content-Type: application/x-zip"); 593 header('Content-Disposition: attachment; filename="clipboard_' . basename($file) . '"'); 594 header("Content-Length: " . filesize($file)); 595 readfile($file); 596 unlink($file); 597 die; 598 } 599 600 protected function sendDefaultThumb($file=null) { 601 if ($file !== null) { 602 $ext = file::getExtension($file); 603 $thumb = "themes/{$this->config['theme']}/img/files/big/$ext.png"; 604 } 605 if (!isset($thumb) || !file_exists($thumb)) 606 $thumb = "themes/{$this->config['theme']}/img/files/big/..png"; 607 header("Content-Type: image/png"); 608 readfile($thumb); 609 die; 610 } 611 612 protected function getFiles($dir) { 613 $thumbDir = "{$this->config['uploadDir']}/{$this->config['thumbsDir']}/$dir"; 614 $dir = "{$this->config['uploadDir']}/$dir"; 615 $return = array(); 616 $files = dir::content($dir, array('types' => "file")); 617 if ($files === false) 618 return $return; 619 620 foreach ($files as $file) { 621 $this->makeThumb($file, false); 622 $image = new gd($file); 623 $image = !$image->init_error && 624 ($image->get_width() <= $this->config['thumbWidth']) && 625 ($image->get_height() <= $this->config['thumbHeight']); 626 $stat = stat($file); 627 if ($stat === false) continue; 628 $name = basename($file); 629 $ext = file::getExtension($file); 630 $bigIcon = file_exists("themes/{$this->config['theme']}/img/files/big/$ext.png"); 631 $smallIcon = file_exists("themes/{$this->config['theme']}/img/files/small/$ext.png"); 632 $thumb = file_exists("$thumbDir/$name"); 633 $return[] = array( 634 'name' => stripcslashes($name), 635 'size' => $stat['size'], 636 'mtime' => $stat['mtime'], 637 'date' => @strftime($this->dateTimeSmall, $stat['mtime']), 638 'readable' => is_readable($file), 639 'writable' => file::isWritable($file), 640 'bigIcon' => $bigIcon, 641 'smallIcon' => $smallIcon, 642 'thumb' => $thumb, 643 'smallThumb' => $image 644 ); 645 } 646 return $return; 647 } 648 649 protected function xmlTree(array $tree) { 650 $xml = '<dir readable="' . ($tree['readable'] ? "yes" : "no") . '" writable="' . ($tree['writable'] ? "yes" : "no") . '" removable="' . ($tree['removable'] ? "yes" : "no") . '" hasDirs="' . ($tree['hasDirs'] ? "yes" : "no") . '"' . (isset($tree['current']) ? ' current="yes"' : '') . '><name>' . text::xmlData($tree['name']) . '</name>'; 651 if (isset($tree['dirs']) && is_array($tree['dirs']) && count($tree['dirs'])) { 652 $xml .= "<dirs>"; 653 foreach ($tree['dirs'] as $dir) 654 $xml .= $this->xmlTree($dir); 655 $xml .= "</dirs>"; 656 } 657 $xml .= '</dir>'; 658 return $xml; 659 } 660 661 protected function getTree($dir, $index=0) { 662 $path = explode("/", $dir); 663 664 $pdir = ""; 665 for ($i = 0; ($i <= $index && $i < count($path)); $i++) 666 $pdir .= "/{$path[$i]}"; 667 if (strlen($pdir)) 668 $pdir = substr($pdir, 1); 669 670 $fdir = "{$this->config['uploadDir']}/$pdir"; 671 672 $dirs = $this->getDirs($fdir); 673 674 if (is_array($dirs) && count($dirs) && ($index <= count($path) - 1)) { 675 676 foreach ($dirs as $i => $cdir) { 677 if ($cdir['hasDirs'] && 678 ( 679 ($index == count($path) - 1) || 680 ($cdir['name'] == $path[$index + 1]) 681 ) 682 ) { 683 $dirs[$i]['dirs'] = $this->getTree($dir, $index + 1); 684 if (!is_array($dirs[$i]['dirs']) || !count($dirs[$i]['dirs'])) { 685 unset($dirs[$i]['dirs']); 686 continue; 687 } 688 } 689 } 690 } else 691 return false; 692 693 return $dirs; 694 } 695 696 protected function postDir($existent=true) { 697 $dir = $this->typeDir; 698 if (isset($this->post['dir'])) 699 $dir .= "/" . $this->post['dir']; 700 if ($existent && (!is_dir($dir) || !is_readable($dir))) 701 $this->errorMsg("Inexistant or inaccessible folder."); 702 return $dir; 703 } 704 705 protected function getDir($existent=true) { 706 $dir = $this->typeDir; 707 if (isset($this->get['dir'])) 708 $dir .= "/" . $this->get['dir']; 709 if ($existent && (!is_dir($dir) || !is_readable($dir))) 710 $this->errorMsg("Inexistant or inaccessible folder."); 711 return $dir; 712 } 713 714 protected function getDirs($dir) { 715 $dirs = dir::content($dir, array('types' => "dir")); 716 $return = array(); 717 if (is_array($dirs)) { 718 $writable = dir::isWritable($dir); 719 foreach ($dirs as $cdir) { 720 $info = $this->getDirInfo($cdir); 721 if ($info === false) continue; 722 $info['removable'] = $writable && $info['writable']; 723 $return[] = $info; 724 } 725 } 726 return $return; 727 } 728 729 protected function getDirInfo($dir, $removable=false) { 730 if ((substr(basename($dir), 0, 1) == ".") || !is_dir($dir) || !is_readable($dir)) 731 return false; 732 $dirs = dir::content($dir, array('types' => "dir")); 733 if (is_array($dirs)) { 734 foreach ($dirs as $key => $cdir) 735 if (substr(basename($cdir), 0, 1) == ".") 736 unset($dirs[$key]); 737 $hasDirs = count($dirs) ? true : false; 738 } else 739 $hasDirs = false; 740 741 $writable = dir::isWritable($dir); 742 $info = array( 743 'name' => stripslashes(basename($dir)), 744 'readable' => is_readable($dir), 745 'writable' => $writable, 746 'removable' => $removable && $writable && dir::isWritable(dirname($dir)), 747 'hasDirs' => $hasDirs 748 ); 749 750 if ($dir == "{$this->config['uploadDir']}/{$this->session['dir']}") 751 $info['current'] = true; 752 753 return $info; 754 } 755 756 protected function output($data=null, $template=null) { 757 if (!is_array($data)) $data = array(); 758 if ($template === null) 759 $template = $this->action; 760 761 if (file_exists("tpl/tpl_$template.php")) { 762 ob_start(); 763 $eval = "unset(\$data);unset(\$template);unset(\$eval);"; 764 $_ = $data; 765 foreach (array_keys($data) as $key) 766 if (preg_match('/^[a-z\d_]+$/i', $key)) 767 $eval .= "\$$key=\$_['$key'];"; 768 $eval .= "unset(\$_);require \"tpl/tpl_$template.php\";"; 769 eval($eval); 770 return ob_get_clean(); 771 } 772 773 return ""; 774 } 775 776 protected function errorMsg($message, array $data=null) { 777 if (in_array($this->action, array("thumb", "upload", "download", "downloadDir"))) 778 die($this->label($message, $data)); 779 if (($this->action === null) || ($this->action == "browser")) 780 $this->backMsg($message, $data); 781 else { 782 $message = $this->label($message, $data); 783 die($this->output(array('message' => $message), 'error')); 784 } 785 } 786 787 protected function filePathAccessible($file) { 788 // Ensure the file operation is constrained to the uploadDir configured. 789 $uploadDirPath = realpath($this->config['uploadDir']); 790 $filePath = realpath($file); 791 if (strpos($filePath, $uploadDirPath) !== 0) { 792 return false; 793 } 794 return true; 795 } 796 } 797 798 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Nov 28 20:08:37 2014 | Cross-referenced by PHPXref 0.7.1 |