/** * handle request and build XML * @access protected * */ protected function buildXml() { if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_RENAME)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED); } if (!isset($_GET["fileName"])) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME); } if (!isset($_GET["newFileName"])) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME); } $_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config"); $fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["fileName"]); $newFileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["newFileName"]); $oRenamedFileNode = new Qfinder_Connector_Utils_XmlNode("RenamedFile"); $this->_connectorNode->addChild($oRenamedFileNode); $oRenamedFileNode->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($fileName)); $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); if (!$resourceTypeInfo->checkExtension($newFileName)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_EXTENSION); } if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName) || $resourceTypeInfo->checkIsHiddenFile($fileName)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } if (!QFinder_Connector_Utils_FileSystem::checkFileName($newFileName) || $resourceTypeInfo->checkIsHiddenFile($newFileName)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME); } if (!$resourceTypeInfo->checkExtension($fileName, false)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } if ($_config->forceAscii()) { $newFileName = QFinder_Connector_Utils_FileSystem::convertToAscii($newFileName); } $filePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $fileName); $newFilePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $newFileName); $bMoved = false; if (!file_exists($filePath)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND); } if (!is_writable(dirname($newFilePath))) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED); } if (!is_writable($filePath)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED); } if (file_exists($newFilePath)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ALREADY_EXIST); } $bMoved = @rename($filePath, $newFilePath); if (!$bMoved) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNKNOWN, "File " . QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($fileName) . "has not been renamed"); } else { $oRenamedFileNode->addAttribute("newName", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($newFileName)); $thumbPath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getThumbsServerPath(), $fileName); QFinder_Connector_Utils_FileSystem::unlink($thumbPath); } }
/** * Throw file upload error, return true if error has been thrown, false if error has been catched * * @param int $number * @param string $text * @access public */ public function throwError($number, $uploaded = false, $exit = true) { if ($this->_catchAllErrors || in_array($number, $this->_skipErrorsArray)) { return false; } $oRegistry =& QFinder_Connector_Core_Factory::getInstance("Core_Registry"); $sFileName = $oRegistry->get("FileUpload_fileName"); $sFileUrl = $oRegistry->get("FileUpload_url"); $sEncodedFileName = QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($sFileName); header('Content-Type: text/html; charset=utf-8'); $errorMessage = QFinder_Connector_Utils_Misc::getErrorMessage($number, $sEncodedFileName); if (!$uploaded) { $sFileName = ""; $sEncodedFileName = ""; } if (!empty($_GET['response_type']) && $_GET['response_type'] == 'txt') { echo $sFileName . "|" . $errorMessage; } else { echo "<script type=\"text/javascript\">"; if (!empty($_GET['QFinderFuncNum'])) { if (!$uploaded) { $sFileUrl = ""; $sFileName = ""; } $funcNum = preg_replace("/[^0-9]/", "", $_GET['QFinderFuncNum']); echo "window.parent.QFinder.tools.callFunction({$funcNum}, '" . str_replace("'", "\\'", $sFileUrl . $sFileName) . "', '" . str_replace("'", "\\'", $errorMessage) . "');"; } else { echo "window.parent.OnUploadCompleted('" . str_replace("'", "\\'", $sEncodedFileName) . "', '" . str_replace("'", "\\'", $errorMessage) . "') ;"; } echo "</script>"; } if ($exit) { exit; } }
/** * send response * @access public * */ public function sendResponse() { $xml =& QFinder_Connector_Core_Factory::getInstance("Core_Xml"); $this->_connectorNode =& $xml->getConnectorNode(); $this->checkConnector(); if ($this->mustCheckRequest()) { $this->checkRequest(); } $resourceTypeName = $this->_currentFolder->getResourceTypeName(); if (!empty($resourceTypeName)) { $this->_connectorNode->addAttribute("resourceType", $this->_currentFolder->getResourceTypeName()); } if ($this->mustAddCurrentFolderNode()) { $_currentFolder = new Qfinder_Connector_Utils_XmlNode("CurrentFolder"); $this->_connectorNode->addChild($_currentFolder); $_currentFolder->addAttribute("path", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($this->_currentFolder->getClientPath())); $this->_errorHandler->setCatchAllErros(true); $_url = $this->_currentFolder->getUrl(); $_currentFolder->addAttribute("url", is_null($_url) ? "" : QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($_url)); $this->_errorHandler->setCatchAllErros(false); $_currentFolder->addAttribute("acl", $this->_currentFolder->getAclMask()); } $this->buildXml(); $_oErrorNode =& $xml->getErrorNode(); $_oErrorNode->addAttribute("number", "0"); echo $this->_connectorNode->asXML(); exit; }
/** * handle request and build XML * @access protected * */ protected function buildXml() { if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FOLDER_RENAME)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED); } if (!isset($_GET["NewFolderName"])) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME); } $newFolderName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["NewFolderName"]); $_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config"); if ($_config->forceAscii()) { $newFolderName = QFinder_Connector_Utils_FileSystem::convertToAscii($newFolderName); } $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); if (!QFinder_Connector_Utils_FileSystem::checkFolderName($newFolderName) || $resourceTypeInfo->checkIsHiddenFolder($newFolderName)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME); } // The root folder cannot be deleted. if ($this->_currentFolder->getClientPath() == "/") { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } $oldFolderPath = $this->_currentFolder->getServerPath(); $bMoved = false; if (!is_dir($oldFolderPath)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } //let's calculate new folder name $newFolderPath = dirname($oldFolderPath) . '/' . $newFolderName . '/'; if (file_exists(rtrim($newFolderPath, '/'))) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ALREADY_EXIST); } $bMoved = @rename($oldFolderPath, $newFolderPath); if (!$bMoved) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED); } else { $newThumbsServerPath = dirname($this->_currentFolder->getThumbsServerPath()) . '/' . $newFolderName . '/'; if (!@rename($this->_currentFolder->getThumbsServerPath(), $newThumbsServerPath)) { QFinder_Connector_Utils_FileSystem::unlink($this->_currentFolder->getThumbsServerPath()); } } $newFolderPath = preg_replace(",[^/]+/?\$,", $newFolderName, $this->_currentFolder->getClientPath()) . '/'; $newFolderUrl = $resourceTypeInfo->getUrl() . ltrim($newFolderPath, '/'); $oRenameNode = new Qfinder_Connector_Utils_XmlNode("RenamedFolder"); $this->_connectorNode->addChild($oRenameNode); $oRenameNode->addAttribute("newName", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($newFolderName)); $oRenameNode->addAttribute("newPath", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($newFolderPath)); $oRenameNode->addAttribute("newUrl", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($newFolderUrl)); }
/** * handle request and build XML * @access protected * */ protected function buildXml() { $_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config"); if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FOLDER_VIEW)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED); } // Map the virtual path to the local server path. $_sServerDir = $this->_currentFolder->getServerPath(); if (!is_dir($_sServerDir)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND); } // Create the "Folders" node. $oFoldersNode = new Qfinder_Connector_Utils_XmlNode("Folders"); $this->_connectorNode->addChild($oFoldersNode); $files = array(); if ($dh = @opendir($_sServerDir)) { while (($file = readdir($dh)) !== false) { if ($file != "." && $file != ".." && is_dir($_sServerDir . $file)) { $files[] = $file; } } closedir($dh); } else { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED); } $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); if (sizeof($files) > 0) { natcasesort($files); $i = 0; foreach ($files as $file) { $oAcl = $_config->getAccessControlConfig(); $folderPath = $this->_currentFolder->getClientPath() . $file . "/"; $aclMask = $oAcl->getComputedMask($this->_currentFolder->getResourceTypeName(), $folderPath); if (($aclMask & QFINDER_CONNECTOR_ACL_FOLDER_VIEW) != QFINDER_CONNECTOR_ACL_FOLDER_VIEW) { continue; } if ($resourceTypeInfo->checkIsHiddenFolder($file)) { continue; } // Create the "Folder" node. $oFolderNode[$i] = new Qfinder_Connector_Utils_XmlNode("Folder"); $oFoldersNode->addChild($oFolderNode[$i]); $oFolderNode[$i]->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($file)); $oFolderNode[$i]->addAttribute("hasChildren", QFinder_Connector_Utils_FileSystem::hasChildren($folderPath, $resourceTypeInfo) ? "true" : "false"); $oFolderNode[$i]->addAttribute("acl", $aclMask); $i++; } } }
/** * send response (file) * @access public * */ public function sendResponse() { if (!function_exists('ob_list_handlers') || ob_list_handlers()) { @ob_end_clean(); } header("Content-Encoding: none"); $this->checkConnector(); $this->checkRequest(); if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED); } $fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["FileName"]); $_resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } if (!$_resourceTypeInfo->checkExtension($fileName, false)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } $filePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $fileName); if ($_resourceTypeInfo->checkIsHiddenFile($fileName) || !file_exists($filePath) || !is_file($filePath)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND); } $fileName = QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($fileName); header("Cache-Control: cache, must-revalidate"); header("Pragma: public"); header("Expires: 0"); if (!empty($_GET['format']) && $_GET['format'] == 'text') { header("Content-Type: text/plain; charset=utf-8"); } else { $user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ""; $encodedName = str_replace("\"", "\\\"", $fileName); if (strpos($user_agent, "MSIE") !== false) { $encodedName = str_replace(array("+", "%2E"), array(" ", "."), urlencode($encodedName)); } header("Content-type: application/octet-stream; name=\"" . $fileName . "\""); header("Content-Disposition: attachment; filename=\"" . $encodedName . "\""); } header("Content-Length: " . filesize($filePath)); QFinder_Connector_Utils_FileSystem::sendFile($filePath); exit; }
/** * handle request and build XML * @access protected * */ protected function buildXml() { if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST); } $_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config"); if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FOLDER_CREATE)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED); } $_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig(); $sNewFolderName = isset($_GET["NewFolderName"]) ? $_GET["NewFolderName"] : ""; $sNewFolderName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($sNewFolderName); if ($_config->forceAscii()) { $sNewFolderName = QFinder_Connector_Utils_FileSystem::convertToAscii($sNewFolderName); } if (!QFinder_Connector_Utils_FileSystem::checkFolderName($sNewFolderName) || $_resourceTypeConfig->checkIsHiddenFolder($sNewFolderName)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME); } $sServerDir = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $sNewFolderName); if (!is_writeable($this->_currentFolder->getServerPath())) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED); } $bCreated = false; if (file_exists($sServerDir)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ALREADY_EXIST); } if ($perms = $_config->getChmodFolders()) { $oldUmask = umask(0); $bCreated = @mkdir($sServerDir, $perms); umask($oldUmask); } else { $bCreated = @mkdir($sServerDir); } if (!$bCreated) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED); } else { $oNewFolderNode = new Qfinder_Connector_Utils_XmlNode("NewFolder"); $this->_connectorNode->addChild($oNewFolderNode); $oNewFolderNode->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($sNewFolderName)); } }
/** * Throw file upload error, return true if error has been thrown, false if error has been catched * * @param int $number * @param string $text * @access public */ public function throwError($number, $uploaded = false, $exit = true) { if ($this->_catchAllErrors || in_array($number, $this->_skipErrorsArray)) { return false; } $oRegistry =& QFinder_Connector_Core_Factory::getInstance("Core_Registry"); $sFileName = $oRegistry->get("FileUpload_fileName"); $sFileUrl = $oRegistry->get("FileUpload_url"); $sEncodedFileName = QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($sFileName); header('Content-Type: text/html; charset=utf-8'); /** * echo <script> is not called before QFinder_Connector_Utils_Misc::getErrorMessage * because PHP has problems with including files that contain BOM character. * Having BOM character after <script> tag causes a javascript error. */ echo "<script type=\"text/javascript\">"; if (!empty($_GET['CKEditor'])) { $errorMessage = QFinder_Connector_Utils_Misc::getErrorMessage($number, $sEncodedFileName); if (!$uploaded) { $sFileUrl = ""; $sFileName = ""; $sEncodedFileName = ""; } $funcNum = preg_replace("/[^0-9]/", "", $_GET['CKEditorFuncNum']); echo "window.parent.CKEDITOR.tools.callFunction({$funcNum}, '" . str_replace("'", "\\'", $sFileUrl . QFinder_Connector_Utils_Misc::encodeURIComponent($sEncodedFileName)) . "', '" . str_replace("'", "\\'", $errorMessage) . "');"; } else { if (!$uploaded) { echo "window.parent.OnUploadCompleted(" . $number . ", '', '', '') ;"; } else { echo "window.parent.OnUploadCompleted(" . $number . ", '" . str_replace("'", "\\'", $sFileUrl . QFinder_Connector_Utils_Misc::encodeURIComponent($sEncodedFileName)) . "', '" . str_replace("'", "\\'", $sEncodedFileName) . "', '') ;"; } } echo "</script>"; if ($exit) { exit; } }
private function appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path) { $oErrorNode = new QFinder_Connector_Utils_XmlNode("Error"); $oErrorNode->addAttribute("code", $errorCode); $oErrorNode->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($name)); $oErrorNode->addAttribute("type", $type); $oErrorNode->addAttribute("folder", $path); $oErrorsNode->addChild($oErrorNode); }
/** * handle request and build XML * @access protected * */ protected function buildXml() { $_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config"); if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED); } // Map the virtual path to the local server path. $_sServerDir = $this->_currentFolder->getServerPath(); // Create the "Files" node. $oFilesNode = new Qfinder_Connector_Utils_XmlNode("Files"); $this->_connectorNode->addChild($oFilesNode); if (!is_dir($_sServerDir)) { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND); } $files = array(); $thumbFiles = array(); if ($dh = @opendir($_sServerDir)) { while (($file = readdir($dh)) !== false) { if ($file != "." && $file != ".." && !is_dir($_sServerDir . $file)) { $files[] = $file; } } closedir($dh); } else { $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED); } $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); if (sizeof($files) > 0) { $_thumbnailsConfig = $_config->getThumbnailsConfig(); $_thumbServerPath = ''; $_showThumbs = !empty($_GET['showThumbs']) && $_GET['showThumbs'] == 1; if ($_thumbnailsConfig->getIsEnabled() && ($_thumbnailsConfig->getDirectAccess() || $_showThumbs)) { $_thumbServerPath = $this->_currentFolder->getThumbsServerPath(); } natcasesort($files); $i = 0; foreach ($files as $file) { $filemtime = @filemtime($_sServerDir . $file); //otherwise file doesn't exist or we can't get it's filename properly if ($filemtime !== false) { $filename = QFinder_Connector_Utils_Misc::mbBasename($file); if (!$resourceTypeInfo->checkExtension($filename, false)) { continue; } if ($resourceTypeInfo->checkIsHiddenFile($filename)) { continue; } $oFileNode[$i] = new Qfinder_Connector_Utils_XmlNode("File"); $oFilesNode->addChild($oFileNode[$i]); $oFileNode[$i]->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding(QFinder_Connector_Utils_Misc::mbBasename($file))); $oFileNode[$i]->addAttribute("date", @date("YmdHi", $filemtime)); if (!empty($_thumbServerPath) && preg_match(QFINDER_REGEX_IMAGES_EXT, $filename)) { if (file_exists($_thumbServerPath . $filename)) { $oFileNode[$i]->addAttribute("thumb", $filename); } elseif ($_showThumbs) { $oFileNode[$i]->addAttribute("thumb", "?" . $filename); } } $size = filesize($_sServerDir . $file); if ($size && $size < 1024) { $size = 1; } else { $size = (int) round($size / 1024); } $oFileNode[$i]->addAttribute("size", $size); $i++; } } } }
/** * Add unzipped node to the list * @param obj $oUnzippedNodes * @param string $name * @param string $action */ protected function appendUnzippedNode($oUnzippedNodes, $name, $action = 'ok') { $oUnzippedNode = new QFinder_Connector_Utils_XmlNode("File"); $oUnzippedNode->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($name)); $oUnzippedNode->addAttribute("action", $action); $oUnzippedNodes->addChild($oUnzippedNode); }