CFileMan::CheckFileName PHP Code-Beispiele

Beispiel #1

0

Datei anzeigen

Datei: fileman_utils.php Projekt: andy-profi/bxApiDocs

    public static function Request($action, $site)
    {
        global $USER;
        if (!$USER->CanDoOperation('fileman_view_file_structure')) {
            return;
        }
        $io = CBXVirtualIo::GetInstance();
        CUtil::JSPostUnescape();
        switch ($action) {
            case "count":
            case "search":
            case "replace":
                $oSearch = new CFilemanSearch();
                $oSearch->Init(array('lastPath' => isset($_POST['last_path']) ? $_POST['last_path'] : false, 'bCount' => $action == "count", 'bReplace' => $action == "replace", "fileName" => trim($_POST['file']), "phrase" => trim($_POST['phrase']), "replacePhrase" => trim($_POST['replace_phrase']), "dir" => CFilemanUtils::NormalizePath($_POST['dir']), "bSubdir" => $_POST['subdir'], "dateFrom" => $_POST['date_from'], "dateTo" => $_POST['date_to'], "sizeFrom" => intVal($_POST['size_from']), "sizeTo" => intVal($_POST['size_to']), "entire" => $_POST['entire'], "bCaseSens" => $_POST['case_sens'], "bDirsToo" => $_POST['dirs_too'], "ssess" => $_POST['ssess'], "bInResult" => $_POST['in_result'], "site" => CFileMan::__CheckSite($_GET['fu_site'])));
                CFileMan::SaveLastPath(CFilemanUtils::NormalizePath($_POST['dir']));
                break;
            case "clean_old":
                CFilemanSearch::CleanOldSearchResult();
                break;
            case "search_save_config":
                CFilemanSearch::SaveConfig(array("advMode" => (bool) $_POST['adv_mode'], "bSubdir" => (bool) $_POST['subdir'], "entire" => (bool) $_POST['entire'], "bCaseSens" => (bool) $_POST['case_sens'], "bDirsToo" => (bool) $_POST['dirs_too']));
                break;
            case "copy_save_config":
                CFilemanCopy::SaveConfig(array("advMode" => (bool) $_POST['adv_mode'], "caseOption" => $_POST['case_option']));
                break;
            case "copy":
            case "move":
                $oCopy = new CFilemanCopy();
                $oCopy->Init(array("bCopy" => $action == "copy", "caseOption" => $_POST['case_option'], "arFiles" => $_POST['files'], "copyTo" => $_POST['copy_to'], "createCopyTo" => $_POST['create_copy_to'] == "Y", "userCaseAnswer" => isset($_POST['uc_answer']) ? $_POST['uc_answer'] : false, "userCaseToAll" => isset($_POST['uc_to_all']) ? $_POST['uc_to_all'] : false, "userCaseLastPath" => isset($_POST['uc_last_path']) ? $_POST['uc_last_path'] : false, "bSearch" => $_POST['search'] == "Y", "ssess" => $_POST['ssess'], "siteTo" => CFileMan::__CheckSite($_GET['fu_site'])));
                CFileMan::SaveLastPath($_POST['copy_to']);
                break;
            case "get_last_pathes":
                ?>
				<script>window.bx_last_pathes = <?php 
                echo CUtil::PhpToJSObject(CFilemanUtils::GetLastPathes());
                ?>
;</script>
				<?php 
                break;
            case "pack":
                if (isset($_POST["startFile"])) {
                    $startFile = trim($_POST["startFile"]);
                }
                if (isset($_POST["quickPath"])) {
                    $quickPath = trim($_POST["quickPath"]);
                }
                if (isset($_POST["packTo"])) {
                    if (substr($_POST["packTo"], 0, 1) == "/") {
                        $pack_to = $_POST["packTo"];
                    } else {
                        $pack_to = "/" . $_POST["packTo"];
                    }
                }
                $siteTo = CFileMan::__CheckSite($_POST['siteTo']);
                $docRootTo = CSite::GetSiteDocRoot($siteTo) ? CSite::GetSiteDocRoot($siteTo) : '';
                $siteFrom = CFileMan::__CheckSite($site);
                $docRootFrom = CSite::GetSiteDocRoot($siteFrom);
                if (!$USER->IsAdmin()) {
                    $pack_to = RemoveScriptExtension($pack_to);
                }
                //check writing permissions
                if (!$USER->CanDoFileOperation('fm_create_new_file', array($siteTo, $pack_to))) {
                    ?>
					<script>
						window.BXFM_archivePermsError = true;
					</script>
					<?php 
                    return;
                }
                if (IsFileUnsafe($docRootTo . $pack_to) || CFileMan::CheckFileName(GetFileName($pack_to)) !== true) {
                    ?>
					<script>
						window.BXFM_archiveFNameError = true;
					</script>
					<?php 
                    return;
                }
                //ask if the file already exists
                if (file_exists($io->GetPhysicalName($docRootTo . $pack_to))) {
                    if (empty($startFile)) {
                        if ($_POST["bPackReplace"] != "replace") {
                            ?>
							<script>
								window.BXFM_archiveExists = {
									fileOld:
									{
										name: "<?php 
                            echo CUtil::JSEscape(basename($pack_to));
                            ?>
",
										path: "<?php 
                            echo CUtil::JSEscape($pack_to);
                            ?>
",
										site: "<?php 
                            echo CUtil::JSEscape($siteTo);
                            ?>
",
										size: "<?php 
                            echo CFile::FormatSize(filesize($io->GetPhysicalName($docRootTo . $pack_to)));
                            ?>
",
										date: "<?php 
                            echo date(CDatabase::DateFormatToPHP(CLang::GetDateFormat('FULL')), filemtime($io->GetPhysicalName($docRootTo . $pack_to)) + CTimeZone::GetOffset());
                            ?>
"
									}
								};
							</script>
							<?php 
                            return;
                        }
                    }
                }
                $packarc = CBXArchive::GetArchive($docRootTo . $pack_to, trim($_POST['arcType']));
                if ($packarc instanceof IBXArchive) {
                    //this set of options is common for every archive type
                    $packarc->SetOptions(array("COMPRESS" => true, "STEP_TIME" => COption::GetOptionString("fileman", "archive_step_time", 30), "ADD_PATH" => false, "REMOVE_PATH" => $docRootFrom . $quickPath, "CHECK_PERMISSIONS" => $USER->IsAdmin() ? false : true));
                    $arPackFiles = array();
                    foreach ($_POST["files"] as $path2file) {
                        $arPackFiles[] = $docRootFrom . $path2file['path'];
                    }
                    @set_time_limit(0);
                    $pRes = $packarc->Pack($arPackFiles, $startFile);
                    switch ($pRes) {
                        case IBXArchive::StatusContinue:
                            ?>
							<script>
							window.fmPackTimeout = true;
							window.fmPackLastFile = '<?php 
                            echo CUtil::JSEscape($packarc->GetStartFile());
                            ?>
';
							</script>
						<?php 
                            break;
                        case IBXArchive::StatusSuccess:
                            ?>
							<script>
							window.fmPackTimeout = false;
							window.fmPackLastFile = '';
							window.fmPackSuccess = true;
							</script>
						<?php 
                            break;
                        case IBXArchive::StatusError:
                            $arErrors = $packarc->GetErrors();
                            ?>
							<script>
							window.fmPackTimeout = false;
							window.fmPackSuccess = false;
							window.fmPackErrors = <?php 
                            echo CUtil::PhpToJSObject($arErrors);
                            ?>
;
							</script>
						<?php 
                            break;
                    }
                } else {
                    ?>
					<script>
					window.fmPackSuccess = false;
					window.fmPackErrors = <?php 
                    echo CUtil::PhpToJsObject(GetMessage("FM_UTIL_ARC_ERROR"));
                    ?>
;
					</script>
					<?php 
                }
                break;
            case "unpack":
                global $USER;
                if (isset($_POST["packTo"])) {
                    if (substr($_POST["packTo"], 0, 1) == "/") {
                        $pack_to = $_POST["packTo"];
                    } else {
                        $pack_to = "/" . $_POST["packTo"];
                    }
                }
                $siteFrom = CFileMan::__CheckSite($_GET['site']);
                $siteTo = CFileMan::__CheckSite($_POST['siteTo']);
                $docRootFrom = CSite::GetSiteDocRoot($siteFrom);
                $docRootTo = CSite::GetSiteDocRoot($siteTo);
                if (!($USER->CanDoFileOperation('fm_create_new_file', array($siteTo, $_POST["packTo"])) || $USER->CanDoFileOperation('fm_create_new_folder', array($siteTo, $_POST["packTo"])))) {
                    ?>
					<script>
						window.BXFM_archivePermsError = true;
					</script>
					<?php 
                    return;
                }
                $bReplaceFiles = $_POST["case_option"] == "replace" ? true : false;
                $arc = CBXArchive::GetArchive($docRootFrom . $_POST["files"][0]);
                if ($arc instanceof IBXArchive) {
                    global $USER;
                    $arc->SetOptions(array("REMOVE_PATH" => $docRootFrom, "UNPACK_REPLACE" => $bReplaceFiles, "CHECK_PERMISSIONS" => $USER->IsAdmin() ? false : true));
                    $uRes = $arc->Unpack($docRootTo . $pack_to);
                    if (!$uRes) {
                        $uErrors = $arc->GetErrors();
                        ?>
						<script>
						window.fmUnpackSuccess = false;
						window.fmUnpackErrors = <?php 
                        echo CUtil::PhpToJSObject($uErrors);
                        ?>
						</script>
					<?php 
                    } else {
                        ?>
						<script>
						window.fmUnpackSuccess = true;
						</script>
					<?php 
                    }
                } else {
                    ?>
					<script>
					window.fmUnpackSuccess = false;
					window.fmUnpackErrors = <?php 
                    echo CUtil::PhpToJsObject(GetMessage("FM_UTIL_ARC_ERROR"));
                    ?>
;
					</script>
					<?php 
                }
                break;
        }
    }

Beispiel #2

0

Datei anzeigen

Datei: file_edit_src.php Projekt: ASDAFF/open_bx

	$APPLICATION->AuthForm(GetMessage("ACCESS_DENIED"));

CUtil::JSPostUnescape();

$obJSPopup = new CJSPopup();

require_once($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/fileman/include.php");

IncludeModuleLangFile(__FILE__);

$strWarning = "";

$io = CBXVirtualIo::GetInstance();

$bVarsFromForm = false;
if (strlen($filename) > 0 && ($mess = CFileMan::CheckFileName($filename)) !== true)
{
	$filename2 = $filename;
	$filename = '';
	$strWarning = $mess;
	$bVarsFromForm = true;
}

if (CAutoSave::Allowed())
	$AUTOSAVE = new CAutoSave();

$path = $io->CombinePath("/", urldecode($path));
$site = CFileMan::__CheckSite($site);
if(!$site)
	$site = CSite::GetSiteByFullPath($_SERVER["DOCUMENT_ROOT"].$path);

Beispiel #3

0

Datei anzeigen

Datei: fileman.php Projekt: Satariall/izurit

 function CreateDir($path)
 {
     CMain::InitPathVars($site, $path);
     $DOC_ROOT = CSite::GetSiteDocRoot($site);
     if (DEBUG_FILE_MAN) {
         echo "CreateDir({$path});<br>";
     }
     global $APPLICATION, $USER;
     $badDirs = array();
     $io = CBXVirtualIo::GetInstance();
     $path = $io->CombinePath($path);
     $p = strrpos($path, "/");
     while ($p !== false) {
         $dir = $io->GetDirectory($DOC_ROOT . $path);
         if ($dir->IsExists()) {
             $dir->MarkWritable();
             break;
         }
         $badDirs[] = substr($path, $p + 1);
         $path = substr($path, 0, $p);
         $p = strrpos($path, "/");
     }
     for ($i = count($badDirs) - 1; $i >= 0; $i--) {
         $path = $path . "/" . $badDirs[$i];
         if (!$USER->CanDoFileOperation('fm_create_new_folder', array($site, $path))) {
             return GetMessage("FILEMAN_FILEMAN_CREATE_FOLDER_DENY") . " \"" . $path . "\".\n";
         }
         if (($mess = CFileMan::CheckFileName($badDirs[$i])) !== true) {
             return $mess;
         }
         if (!$io->CreateDirectory($DOC_ROOT . $path)) {
             return GetMessage("FILEMAN_CREATE_FOLDER_ERROR", array('#PATH#' => htmlspecialcharsex($path)));
         }
     }
 }

Beispiel #4

0

Datei anzeigen

Datei: fileman_rename.php Projekt: spas-viktor/books

    }
}
//проверим права на доступ в этот файл
if (!$USER->CanDoFileOperation('fm_rename_file', $arPath)) {
    $strWarning .= GetMessage("ACCESS_DENIED");
} else {
    if (!$io->FileExists($abs_path) && !$io->DirectoryExists($abs_path)) {
        $strWarning .= GetMessage("FILEMAN_FILEORFOLDER_NOT_FOUND");
    } else {
        if ($REQUEST_METHOD == "POST" && strlen($save) > 0 && check_bitrix_sessid()) {
            $pathTmp = $path;
            foreach ($arFiles as $ind => $file) {
                $newfilename = $filename[$ind];
                if (strlen($newfilename) <= 0) {
                    $strWarning .= GetMessage("FILEMAN_RENAME_NEW_NAME") . " \"" . $file . "\"!\n";
                } elseif (($mess = CFileMan::CheckFileName($newfilename)) !== true) {
                    $strWarning = $mess;
                } else {
                    $pathto = Rel2Abs($path, $newfilename);
                    if (!$USER->CanDoFileOperation('fm_create_new_file', array($site, $pathto))) {
                        $strWarning .= GetMessage("FILEMAN_RENAME_ACCESS_ERROR") . "\n";
                    } elseif (!$USER->CanDoOperation('edit_php') && (substr(CFileman::GetFileName($file), 0, 1) == "." || substr(CFileman::GetFileName($pathto), 0, 1) == "." || !HasScriptExtension($file) && HasScriptExtension($pathto))) {
                        // if not admin and renaming from non PHP to PHP
                        $strWarning .= GetMessage("FILEMAN_RENAME_TOPHPFILE_ERROR") . "\n";
                    } elseif (!$USER->CanDoOperation('edit_php') && HasScriptExtension($file) && !HasScriptExtension($pathto)) {
                        // if not admin and renaming from PHP to non PHP
                        $strWarning .= GetMessage("FILEMAN_RENAME_FROMPHPFILE_ERROR") . "\n";
                    } else {
                        $pathparsedtmp = CFileMan::ParsePath(array($site, $pathto), false, false, "", $logical == "Y");
                        $strWarningTmp = CFileMan::CreateDir($pathparsedtmp["PREV"]);
                        if (strlen($strWarningTmp) > 0) {

Beispiel #5

0

Datei anzeigen

Datei: fileman_admin.php Projekt: DarneoStudio/bitrix

                    CFilemanSearch::DelFromSearchResult($searchSess, $pathEx);
                }
                if (strlen($strWarning_tmp) > 0) {
                    $lAdmin->AddGroupError($strWarning_tmp, $ID);
                }
                break;
            case "copy":
            case "move":
                if (!($USER->CanDoFileOperation('fm_create_new_file', $arPath_i) || $USER->CanDoFileOperation('fm_create_new_folder', $arPath_i)) || !($USER->CanDoFileOperation('fm_delete_file', $arPath_i) || $USER->CanDoFileOperation('fm_delete_folder', $arPath_i)) && $_REQUEST['action'] == 'move') {
                    break;
                }
                if (!CSite::IsDistinctDocRoots() || CFileMan::__CheckSite($copy_to_site) === false) {
                    $copy_to_site = $site;
                }
                $name_i = $bSearch ? CFileman::GetFileName($ID) : $ID;
                if (($mess = CFileMan::CheckFileName(str_replace('/', '', $copy_to))) !== true) {
                    $lAdmin->AddGroupError($mess, $ID);
                } else {
                    $strWarning_tmp = CFileMan::CopyEx(array($site, CFileMan::NormalizePath($pathEx)), array($copy_to_site, CFileMan::NormalizePath($copy_to . "/" . $name_i)), $_REQUEST['action'] == "move" ? true : false);
                }
                if ($bSearch && $_REQUEST['action'] == "move") {
                    CFilemanSearch::DelFromSearchResult($searchSess, $pathEx);
                }
                if (strlen($strWarning_tmp) > 0) {
                    $lAdmin->AddGroupError($strWarning_tmp, $ID);
                }
                break;
        }
    }
}
InitSorting();

Beispiel #6

0

Datei anzeigen

Datei: fileman_newfolder.php Projekt: Satariall/izurit

    $arMenuTypes[] = array($key, $title);
    if ($key == $menutype) {
        $bMenuTypeExists = true;
    }
}
//check folder access
if (!$USER->CanDoFileOperation('fm_create_new_folder', $arPath)) {
    $strWarning = '<img src="/bitrix/images/fileman/deny.gif" width="28" height="28" border="0" align="left" alt="">' . GetMessage("ACCESS_DENIED");
} else {
    if (!$io->DirectoryExists($abs_path)) {
        $strWarning = GetMessage("FILEMAN_FOLDER_NOT_FOUND");
    } else {
        if ($REQUEST_METHOD == "POST" && strlen($save) > 0 && check_bitrix_sessid()) {
            if (strlen($foldername) <= 0) {
                $strWarning = GetMessage("FILEMAN_NEWFOLDER_ENTER_NAME");
            } elseif (($mess = CFileMan::CheckFileName($foldername)) !== true) {
                $strWarning = $mess;
            } else {
                $pathto = $io->CombinePath("/", $path, $foldername);
                if ($io->FileExists($DOC_ROOT . $pathto) || $io->DirectoryExists($DOC_ROOT . $pathto)) {
                    $strWarning = GetMessage("FILEMAN_NEWFOLDER_EXISTS");
                } else {
                    $strWarning = CFileMan::CreateDir(array($site, $pathto));
                    if (strlen($strWarning) <= 0) {
                        if ($USER->CanDoFileOperation('fm_add_to_menu', $arPath) && $USER->CanDoOperation('fileman_add_element_to_menu') && $mkmenu == "Y" && $bMenuTypeExists) {
                            $arParsedPathTmp = CFileMan::ParsePath(array($site, $pathto), true, false, "", $logical == "Y");
                            $menu_path = $arParsedPathTmp["PREV"] . "/." . $menutype . ".menu.php";
                            if ($USER->CanDoFileOperation('fm_view_file', array($site, $menu_path))) {
                                $res = CFileMan::GetMenuArray($DOC_ROOT . $menu_path);
                                $aMenuLinksTmp = $res["aMenuLinks"];
                                $sMenuTemplateTmp = $res["sMenuTemplate"];

Beispiel #7

0

Datei anzeigen

Datei: fileman_file_upload.php Projekt: Satariall/izurit

 for ($i = 1; $i <= $nums; $i++) {
     $arFile = $HTTP_POST_FILES["file_" . $i];
     if (strlen($arFile["name"]) <= 0 || $arFile["tmp_name"] == "none") {
         continue;
     }
     $arFile["name"] = CFileman::GetFileName($arFile["name"]);
     $filename = ${"filename_" . $i};
     if (strlen($filename) <= 0) {
         $filename = $arFile["name"];
     }
     $pathto = Rel2Abs($path, $filename);
     if (!$USER->CanDoFileOperation('fm_upload_file', array($site, $pathto))) {
         $strWarning .= GetMessage("FILEMAN_FILEUPLOAD_ACCESS_DENIED") . " \"" . $pathto . "\"\n";
     } elseif ($arFile["error"] == 1 || $arFile["error"] == 2) {
         $strWarning .= GetMessage("FILEMAN_FILEUPLOAD_SIZE_ERROR", array('#FILE_NAME#' => $pathto)) . "\n";
     } elseif (($mess = CFileMan::CheckFileName(str_replace('/', '', $pathto))) !== true) {
         $strWarning .= $mess . ".\n";
     } else {
         if ($io->FileExists($DOC_ROOT . $pathto)) {
             $strWarning .= GetMessage("FILEMAN_FILEUPLOAD_FILE_EXISTS1") . " \"" . $pathto . "\" " . GetMessage("FILEMAN_FILEUPLOAD_FILE_EXISTS2") . ".\n";
         } elseif (!$USER->IsAdmin() && (HasScriptExtension($pathto) || substr(CFileman::GetFileName($pathto), 0, 1) == ".")) {
             $strWarning .= GetMessage("FILEMAN_FILEUPLOAD_PHPERROR") . " \"" . $pathto . "\".\n";
         } else {
             $bQuota = true;
             if (COption::GetOptionInt("main", "disk_space") > 0) {
                 $f = $io->GetFile($arFile["tmp_name"]);
                 $bQuota = false;
                 $size = $f->GetFileSize();
                 $quota = new CDiskQuota();
                 if ($quota->checkDiskQuota(array("FILE_SIZE" => $size))) {
                     $bQuota = true;

PHP CFileMan::CheckFileName Beispiele