public function index()
{
//die();
header('Expires: Sun, 13 Sep 2009 00:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
//header('Content-Type: text/json; charset=utf-8');
define('DEV', false);
if (DEV) {
error_reporting(E_ALL);
ini_set('display_errors', 'on');
ini_set('display_startup_errors', 'on');
} else {
error_reporting(0);
ini_set('display_errors', 'off');
ini_set('display_startup_errors', 'off');
}
//if (!isset($_SESSION['admin'])) {exit;} // Do not forget to add your user authorization
define('DIR_SEP', '/');
mb_internal_encoding('utf-8');
date_default_timezone_set('Europe/Moscow');
$cfg['url'] = 'files/site/upload';
$cfg['root'] = $_SERVER['DOCUMENT_ROOT'] . DIR_SEP . $cfg['url'];
// http://www.yousite.com/upload/ absolute path
$cfg['quickdir'] = '';
//$cfg['quickdir'] = 'quick-folder'; // for CKEditor
$cfg['lang'] = 'ru';
$cfg['thumb']['width'] = 150;
$cfg['thumb']['height'] = 120;
$cfg['thumb']['quality'] = 80;
$cfg['thumb']['cut'] = true;
$cfg['thumb']['auto'] = true;
$cfg['thumb']['dir'] = '_thumb';
$cfg['thumb']['date'] = "j.m.Y, H:i";
$cfg['hide']['file'] = array('.htaccess');
$cfg['hide']['folder'] = array('.', '..', $cfg['thumb']['dir'], '.svn', '.cvs');
$cfg['chmod']['file'] = 0777;
$cfg['chmod']['folder'] = 0777;
$cfg['deny'] = array('file' => array('php', 'php3', 'php4', 'php5', 'phtml', 'asp', 'aspx', 'ascx', 'jsp', 'cfm', 'cfc', 'pl', 'bat', 'exe', 'dll', 'reg', 'cgi'), 'flash' => array(), 'image' => array(), 'media' => array(), 'folder' => array($cfg['url'] . DIR_SEP . 'file', $cfg['url'] . DIR_SEP . 'flash', $cfg['url'] . DIR_SEP . 'image', $cfg['url'] . DIR_SEP . 'media'));
$cfg['allow'] = array('file' => array('7z', 'aiff', 'asf', 'avi', 'bmp', 'csv', 'doc', 'fla', 'flv', 'gif', 'gz', 'gzip', 'jpeg', 'jpg', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'ods', 'odt', 'pdf', 'png', 'ppt', 'pxd', 'qt', 'ram', 'rar', 'rm', 'rmi', 'rmvb', 'rtf', 'sdc', 'sitd', 'swf', 'sxc', 'sxw', 'tar', 'tgz', 'tif', 'tiff', 'txt', 'vsd', 'wav', 'wma', 'wmv', 'xls', 'xml', 'zip'), 'flash' => array('swf', 'flv'), 'image' => array('jpg', 'jpeg', 'gif', 'png', 'bmp'), 'media' => array('aiff', 'asf', 'avi', 'bmp', 'fla', 'flv', 'gif', 'jpeg', 'jpg', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'png', 'qt', 'ram', 'rm', 'rmi', 'rmvb', 'swf', 'tif', 'tiff', 'wav', 'wma', 'wmv'));
$cfg['nameRegAllow'] = '/^[a-z0-9-_#~\\$%()\\[\\]&=]+/i';
// ------------------
$cfg['url'] = trim($cfg['url'], '/\\');
$cfg['root'] = rtrim($cfg['root'], '/\\') . DIR_SEP;
$dir = isset($_POST['dir']) ? urldecode($_POST['dir']) : '';
$dir = trim($dir, '/\\') . DIR_SEP;
$rpath = str_replace('\\', DIR_SEP, realpath($cfg['root'] . $dir) . DIR_SEP);
if (false === strpos($rpath, str_replace('\\', DIR_SEP, $dir))) {
$dir = '';
}
$mode = isset($_GET['mode']) ? $_GET['mode'] : 'getDirs';
$cfg['type'] = isset($_POST['type']) ? $_POST['type'] : (isset($_GET['type']) && 'QuickUpload' == $mode ? $_GET['type'] : 'file');
$cfg['sort'] = isset($_POST['sort']) ? $_POST['sort'] : 'name';
$cfg['type'] = strtolower($cfg['type']);
$reply = array('dirs' => array(), 'files' => array());
// ------------------
require_once BASE . '/files/site/all/AjexFileManager/ajax/php/lib.php';
echo "echo";
die;
switch ($mode) {
case 'cfg':
$rootDir = listDirs('');
$children = array();
for ($i = -1, $iCount = count($rootDir); ++$i < $iCount;) {
$children[] = (object) $rootDir[$i];
}
$reply['config'] = array('lang' => $cfg['lang'], 'type' => $cfg['type'], 'url' => '/' . $cfg['url'] . '/', 'thumb' => $cfg['thumb']['dir'], 'thumbWidth' => $cfg['thumb']['width'], 'thumbHeight' => $cfg['thumb']['height'], 'maxUpload' => ini_get('upload_max_filesize'), 'allow' => implode('|', $cfg['allow'][$cfg['type']]), 'children' => $children);
break;
case 'renameFile':
$file = trim(urldecode($_POST['oldname']), '/\\.');
$name = urldecode($_POST['newname']);
if ($file != $name && preg_match($cfg['nameRegAllow'], $name) && file_exists($cfg['root']) . $dir . $file) {
if (file_exists($_thumb = $cfg['root'] . $cfg['thumb']['dir'] . DIR_SEP . $dir . DIR_SEP . $file)) {
unlink($_thumb);
}
if (file_exists($cfg['root'] . $dir . $name)) {
$name = getFreeFileName($name, $cfg['root'] . $dir);
}
if (false !== strpos($name, '.')) {
$ext = substr($name, strrpos($name, '.') + 1);
if (in_array($ext, $cfg['allow']['image'])) {
rename($cfg['root'] . $dir . $file, $cfg['root'] . $dir . $name);
}
}
}
$reply['files'] = listFiles($dir);
break;
case 'createFolder':
$path = trim(urldecode($_POST['oldname']), '/\\.');
$name = urldecode($_POST['newname']);
$reply['isSuccess'] = false;
if (preg_match($cfg['nameRegAllow'], $name)) {
if (!file_exists($cfg['root'] . $path . DIR_SEP . $name)) {
$reply['isSuccess'] = mkdir($cfg['root'] . $path . DIR_SEP . $name, $cfg['chmod']['folder']);
} else {
$reply['isSuccess'] = 'exist';
}
}
break;
case 'renameFolder':
$folder = urldecode($_POST['oldname']);
$name = urldecode($_POST['newname']);
$folder = trim($folder, '/\\.');
$reply['isSuccess'] = false;
if (!empty($folder) && $cfg['url'] != $folder && $folder != $name && !in_array($cfg['url'] . DIR_SEP . $folder, $cfg['deny']['folder']) && preg_match($cfg['nameRegAllow'], $name) && is_dir($cfg['root']) . $folder) {
$reply['isSuccess'] = rename($cfg['root'] . $folder, $cfg['root'] . substr($folder, 0, strrpos($folder, '/')) . DIR_SEP . $name);
}
break;
case 'deleteFolder':
$reply['isDelete'] = false;
$folder = trim($dir, '/\\');
if (!empty($folder) && $cfg['url'] != $folder && !in_array($cfg['url'] . DIR_SEP . $folder, $cfg['deny']['folder'])) {
deleteDir($cfg['root'] . $cfg['thumb']['dir'] . DIR_SEP . $folder);
$reply['isDelete'] = deleteDir($cfg['root'] . $folder);
}
break;
case 'uploads':
$reply['downloaded'] = array();
$width = isset($_POST['resizeWidth']) ? intval($_POST['resizeWidth']) : 0;
$height = isset($_POST['resizeHeight']) ? intval($_POST['resizeHeight']) : 0;
$key = 'uploadFiles';
if (!empty($dir) && '/' != $dir && !empty($_FILES[$key])) {
for ($i = -1, $iCount = count($_FILES[$key]['name']); ++$i < $iCount;) {
$ext = substr($_FILES[$key]['name'][$i], strrpos($_FILES[$key]['name'][$i], '.') + 1);
if (!in_array($ext, $cfg['deny'][$cfg['type']]) && in_array($ext, $cfg['allow'][$cfg['type']])) {
$freeName = getFreeFileName($_FILES[$key]['name'][$i], $cfg['root'] . $dir);
if (in_array($ext, $cfg['allow']['image'])) {
if ($width || $height) {
create_thumbnail($_FILES[$key]['tmp_name'][$i], $cfg['root'] . $dir . $freeName, $width, $height, 100, false, true);
chmod($cfg['root'] . $dir . $freeName, $cfg['chmod']['file']);
} else {
if (move_uploaded_file($_FILES[$key]['tmp_name'][$i], $cfg['root'] . $dir . $freeName)) {
chmod($cfg['root'] . $dir . $freeName, $cfg['chmod']['file']);
if ($cfg['thumb']['auto']) {
create_thumbnail($cfg['root'] . $dir . $freeName, $cfg['root'] . $cfg['thumb']['dir'] . DIR_SEP . $dir . DIR_SEP . $freeName);
chmod($cfg['root'] . $cfg['thumb']['dir'] . DIR_SEP . $dir . DIR_SEP . $freeName, $cfg['chmod']['file']);
}
$reply['downloaded'][] = array(true, $freeName);
} else {
$reply['downloaded'][] = array(false, $freeName);
}
}
} else {
if (move_uploaded_file($_FILES[$key]['tmp_name'][$i], $cfg['root'] . $dir . $freeName)) {
chmod($cfg['root'] . $dir . $freeName, $cfg['chmod']['file']);
$reply['downloaded'][] = array(true, $freeName);
} else {
$reply['downloaded'][] = array(false, $freeName);
}
}
} else {
$reply['downloaded'][] = array(false, $_FILES[$key]['name'][$i]);
}
}
}
break;
case 'QuickUpload':
switch ($cfg['type']) {
case 'file':
case 'flash':
case 'image':
case 'media':
$dir = $cfg['type'];
break;
default:
exit;
// exit for not supported type
break;
}
if (!is_dir($toDir = $cfg['root'] . $dir . DIR_SEP . $cfg['quickdir'])) {
mkdirs($toDir, $cfg['chmod']['folder']);
}
if (0 == $_FILES['upload']['error']) {
$fileName = getFreeFileName($_FILES['upload']['name'], $toDir);
$ext = substr($fileName, strrpos($fileName, '.') + 1);
$ext = strtolower($ext);
if (!in_array($ext, $cfg['deny'][$cfg['type']]) && in_array($ext, $cfg['allow'][$cfg['type']]) && move_uploaded_file($_FILES['upload']['tmp_name'], $toDir . DIR_SEP . $fileName)) {
$funcNum = isset($_GET['CKEditorFuncNum']) ? intval($_GET['CKEditorFuncNum']) : 2;
$result = "<script type=\"text/javascript\">window.parent.CKEDITOR.tools.callFunction(" . $funcNum . ", '/" . $cfg['url'] . '/' . $dir . '/' . (empty($cfg['quickdir']) ? '' : trim($cfg['quickdir'], '/\\') . '/') . $fileName . "', '');</script>";
}
}
exit($result);
break;
case 'deleteFiles':
$files = urldecode($_POST['files']);
$files = explode('::', $files);
for ($i = -1, $iCount = count($files); ++$i < $iCount;) {
unlink($cfg['root'] . $dir . $files[$i]);
file_exists($_thumb = $cfg['root'] . $cfg['thumb']['dir'] . DIR_SEP . $dir . DIR_SEP . $files[$i]) ? unlink($_thumb) : null;
}
$reply['files'] = listFiles($dir);
break;
case 'getFiles':
$reply['files'] = listFiles($dir);
break;
case 'getDirs':
$reply['dirs'] = listDirs($dir);
break;
default:
exit;
break;
}
if (isset($_GET['noJson'])) {
echo '<pre>';
print_r($reply);
echo '</pre>';
exit;
}
exit(json_encode($reply));
}
case 'file':
case 'flash':
case 'image':
case 'media':
$dir = $cfg['type'];
break;
default:
exit;
// exit for not supported type
break;
}
if (!is_dir($toDir = $cfg['root'] . $dir . DIR_SEP . $cfg['quickdir'])) {
mkdirs($toDir, $cfg['chmod']['folder']);
}
if (0 == $_FILES['upload']['error']) {
$fileName = getFreeFileName($_FILES['upload']['name'], $toDir);
if (move_uploaded_file($_FILES['upload']['tmp_name'], $toDir . DIR_SEP . $fileName)) {
$result = "<script type=\"text/javascript\">window.parent.CKEDITOR.tools.callFunction(2, '/" . $cfg['url'] . '/' . $dir . '/' . (empty($cfg['quickdir']) ? '' : trim($cfg['quickdir'], '/\\') . '/') . $fileName . "', '');</script>";
}
}
exit($result);
break;
case 'deleteFiles':
$files = urldecode($_POST['files']);
$files = explode('::', $files);
for ($i = -1, $iCount = count($files); ++$i < $iCount;) {
unlink($cfg['root'] . $dir . $files[$i]);
file_exists($_thumb = $cfg['root'] . $cfg['thumb']['dir'] . DIR_SEP . $dir . DIR_SEP . $files[$i]) ? unlink($_thumb) : null;
}
$reply['files'] = listFiles($dir);
break;
$name = urldecode($_POST['newname']);
$folder = trim($folder, '/\\.');
$reply['isSuccess'] = false;
if ($folder != $name && !in_array($cfg['url'] . DIR_SEP . $folder, $cfg['deny']['folder']) && preg_match($cfg['nameRegAllow'], $name) && is_dir($cfg['root']) . $folder) {
$reply['isSuccess'] = rename($cfg['root'] . $folder, $cfg['root'] . substr($folder, 0, strrpos($folder, '/')) . DIR_SEP . $name);
}
break;
case 'uploads':
$width = isset($_POST['resizeWidth']) ? intval($_POST['resizeWidth']) : 0;
$height = isset($_POST['resizeHeight']) ? intval($_POST['resizeHeight']) : 0;
$key = 'uploadFiles';
if (!empty($_FILES[$key])) {
for ($i = -1, $iCount = count($_FILES[$key]['name']); ++$i < $iCount;) {
$ext = substr($_FILES[$key]['name'][$i], strrpos($_FILES[$key]['name'][$i], '.') + 1);
if (!in_array($ext, $cfg['deny'][$cfg['type']]) && in_array($ext, $cfg['allow'][$cfg['type']])) {
$freeName = getFreeFileName($_FILES[$key]['name'][$i], $cfg['root'] . $dir);
if (in_array($ext, $cfg['allow']['image'])) {
if ($width || $height) {
create_thumbnail($_FILES[$key]['tmp_name'][$i], $cfg['root'] . $dir . $freeName, $width, $height, 100, false, true);
chmod($cfg['root'] . $dir . $freeName, $cfg['chmod']['file']);
} else {
move_uploaded_file($_FILES[$key]['tmp_name'][$i], $cfg['root'] . $dir . $freeName);
chmod($cfg['root'] . $dir . $freeName, $cfg['chmod']['file']);
if ($cfg['thumb']['auto']) {
create_thumbnail($cfg['root'] . $dir . $freeName, $cfg['root'] . $cfg['thumb']['dir'] . DIR_SEP . $dir . DIR_SEP . $freeName);
chmod($cfg['root'] . $cfg['thumb']['dir'] . DIR_SEP . $dir . DIR_SEP . $freeName, $cfg['chmod']['file']);
}
}
} else {
move_uploaded_file($_FILES[$key]['tmp_name'][$i], $cfg['root'] . $dir . $freeName);
chmod($cfg['root'] . $dir . $freeName, $cfg['chmod']['file']);
