/**
* Redirects the browser to a page specified by the $url argument.
*
* <code>
* Request::redirect('test');
* </code>
*
* @param string $url The URL
* @param integer $status Status
* @param integer $delay Delay
*/
public static function redirect($url, $status = 302, $delay = null)
{
// Redefine vars
$url = (string) $url;
$status = (int) $status;
// Status codes
$messages = array();
$messages[301] = '301 Moved Permanently';
$messages[302] = '302 Found';
// Is Headers sent ?
if (headers_sent()) {
echo "<script>document.location.href='" . $url . "';</script>\n";
} else {
// Redirect headers
Request::setHeaders('HTTP/1.1 ' . $status . ' ' . Arr::get($messages, $status, 302));
// Delay execution
if ($delay !== null) {
sleep((int) $delay);
}
// Redirect
Request::setHeaders("Location: {$url}");
// Shutdown request
Request::shutdown();
}
}
/**
* _pageExpandAjax
*/
public static function _pageExpandAjax()
{
if (Request::post('page_slug')) {
if (Security::check(Request::post('token'))) {
$pages = new Table('pages');
$pages->updateWhere('[slug="' . Request::post('page_slug') . '"]', array('expand' => Request::post('page_expand')));
Request::shutdown();
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
}
/**
* Ajax: get Event by ID
*/
public static function _getAjaxData()
{
// Ajax Request: add event
if (Request::post('edit_event_id')) {
echo json_encode(EventsRepository::getById((int) Request::post('edit_event_id')));
Request::shutdown();
}
// Ajax Request: add category
if (Request::post('edit_category_id')) {
echo json_encode(CategoriesRepository::getById((int) Request::post('edit_category_id')));
Request::shutdown();
}
// Ajax Request: add location
if (Request::post('edit_location_id')) {
echo json_encode(LocationsRepository::getById((int) Request::post('edit_location_id')));
Request::shutdown();
}
}
<?php
/**
* Morfy Feed Plugin
*
* (c) Romanenko Sergey / Awilum <*****@*****.**>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
if (Url::getUriSegment(0) == 'rss') {
Morfy::factory()->addAction('before_render', function () {
$fenom = Fenom::factory(PLUGINS_PATH . '/feed/templates/', CACHE_PATH . '/fenom/', Morfy::$fenom);
$fenom->setOptions(array("strip" => false));
Response::status(200);
Request::setHeaders('Content-Type: text/xml; charset=utf-8');
$fenom->display('rss.tpl', array('page' => Morfy::factory()->getPage(Morfy::$plugins['feed']['page']), 'pages' => Morfy::factory()->getPages(Morfy::$plugins['feed']['page'], 'date', 'DESC', array('404'))));
Request::shutdown();
});
}
/**
* Main function
*/
public static function main()
{
// Array of forbidden types
$forbidden_types = array('html', 'htm', 'js', 'jsb', 'mhtml', 'mht', 'php', 'phtml', 'php3', 'php4', 'php5', 'phps', 'shtml', 'jhtml', 'pl', 'py', 'cgi', 'sh', 'ksh', 'bsh', 'c', 'htaccess', 'htpasswd', 'exe', 'scr', 'dll', 'msi', 'vbs', 'bat', 'com', 'pif', 'cmd', 'vxd', 'cpl', 'empty');
// Array of image types
$image_types = array('jpg', 'png', 'bmp', 'gif', 'tif');
// Get Site url
$site_url = Option::get('siteurl');
// Init vars
if (Request::get('path')) {
$path = Request::get('path');
} else {
$path = 'uploads/';
}
// Add slash if not exists
if (substr($path, -1, 1) != '/') {
$path .= '/';
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
// Upload corectly!
if ($path == 'uploads' || $path == 'uploads//') {
$path = 'uploads/';
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
// Only 'uploads' folder!
if (strpos($path, 'uploads') === false) {
$path = 'uploads/';
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
// Set default path value if path is empty
if ($path == '') {
$path = 'uploads/';
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
$files_path = ROOT . DS . 'public' . DS . $path;
$current = explode('/', $path);
// Delete file
// -------------------------------------
if (Request::get('id') == 'filesmanager' && Request::get('delete_file')) {
if (Security::check(Request::get('token'))) {
File::delete($files_path . Request::get('delete_file'));
if (!is_file($files_path . Request::get('delete_file'))) {
Notification::set('success', __('File was deleted', 'filesmanager'));
} else {
Notification::set('error', __('File was not deleted', 'filesmanager'));
}
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Delete dir
// -------------------------------------
if (Request::get('id') == 'filesmanager' && Request::get('delete_dir')) {
if (Security::check(Request::get('token'))) {
Dir::delete($files_path . Request::get('delete_dir'));
if (!is_dir($files_path . Request::get('delete_dir'))) {
Notification::set('success', __('Directory was deleted', 'filesmanager'));
} else {
Notification::set('error', __('Directory was not deleted', 'filesmanager'));
}
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Rename file/dir
// -------------------------------------
if (Request::post('rename_type')) {
if (Security::check(Request::post('csrf'))) {
$rename_type = Request::post('rename_type');
$rename_from = Request::post('rename_from');
$rename_to = Request::post('rename_to');
if (empty($rename_to)) {
Notification::set('error', __('Can not be empty', 'filesmanager'));
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
$ext = $rename_type === 'file' ? '.' . File::ext($rename_from) : '';
$rename_to = $files_path . Security::safeName($rename_to, null, false) . $ext;
if (is_dir($rename_to)) {
Notification::set('error', __('Directory exists', 'filesmanager'));
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
if (is_file($rename_to)) {
Notification::set('error', __('File exists', 'filesmanager'));
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
$success = rename($files_path . $rename_from, $rename_to);
if ($success) {
Notification::set('success', __('Renamed successfully', 'filesmanager'));
} else {
Notification::set('error', __('Failure', 'filesmanager'));
}
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Upload file
// -------------------------------------
if (Request::post('upload_file')) {
if (Security::check(Request::post('csrf'))) {
$error = false;
if ($_FILES['file']) {
if (!in_array(File::ext($_FILES['file']['name']), $forbidden_types)) {
$filepath = $files_path . Security::safeName(basename($_FILES['file']['name'], File::ext($_FILES['file']['name'])), null, false) . '.' . File::ext($_FILES['file']['name']);
$uploaded = move_uploaded_file($_FILES['file']['tmp_name'], $filepath);
if ($uploaded !== false && is_file($filepath)) {
Notification::set('success', __('File was uploaded', 'filesmanager'));
} else {
$error = 'File was not uploaded';
}
} else {
$error = 'Forbidden file type';
}
} else {
$error = 'File was not uploaded';
}
if ($error) {
Notification::set('error', __($error, 'filesmanager'));
}
if (Request::post('dragndrop')) {
Request::shutdown();
} else {
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Create Directory
// -------------------------------------
if (Request::post('directory_name')) {
if (Security::check(Request::post('csrf'))) {
$abs_path = $files_path . Security::safeName(Request::post('directory_name'), null, false);
$error = false;
if (!is_dir($abs_path)) {
try {
mkdir($abs_path);
} catch (Exception $e) {
$error = true;
}
} else {
$error = true;
}
if ($error) {
Alert::error(__('Directory was not created', 'filesmanager'));
} else {
Alert::success(__('Directory was created', 'filesmanager'));
}
}
}
// Get information about current path
$_list = FilesmanagerAdmin::fdir($files_path);
$files_list = array();
// Get files
if (isset($_list['files'])) {
foreach ($_list['files'] as $files) {
$files_list[] = $files;
}
}
$dir_list = array();
// Get dirs
if (isset($_list['dirs'])) {
foreach ($_list['dirs'] as $dirs) {
if (strpos($dirs, '.') === false && strpos($dirs, '..') === false) {
$dir_list[] = $dirs;
}
}
}
// Display view
View::factory('box/filesmanager/views/backend/index')->assign('path', $path)->assign('current', $current)->assign('files_list', $files_list)->assign('dir_list', $dir_list)->assign('forbidden_types', $forbidden_types)->assign('image_types', $image_types)->assign('site_url', $site_url)->assign('upload_max_filesize', FilesmanagerAdmin::uploadSize())->assign('files_path', $files_path)->assign('fileuploader', array('uploadUrl' => $site_url . '/admin/index.php?id=filesmanager&path=' . $path, 'csrf' => Security::token(), 'errorMsg' => __('Upload server error', 'filesmanager')))->display();
}
/**
* _rss
*/
public static function _rss()
{
if (Uri::segment(0) == 'rss') {
include PLUGINS . DS . 'blog' . DS . 'rss.php';
Request::shutdown();
}
}
/**
* _readmeLoadAjax
*/
public static function _readmeLoadAjax()
{
if (Request::post('readme_plugin')) {
if (File::exists($file = PLUGINS . DS . Request::post('readme_plugin') . DS . 'README.md')) {
echo Text::toHtml(markdown(Html::toText(File::getContent($file))));
} else {
echo __('README.md not found', 'plugins');
}
Request::shutdown();
}
}
