Beispiel #1
0
function json_root($path = null)
{
    $cryt = new SimpleCrypt();
    $mounted_path_decrypted = $cryt->decrypt(base64_decode($_GET["mounted-path"]));
    $source_path = $_GET["browse-tree"];
    $mountedpath = $_GET["mounted-path"];
    $path_requested = $_POST["dir"];
    $path_requested = str_replace('//', '/', $path_requested);
    $tpl = new templates();
    $settings = $tpl->_ENGINE_parse_body('{settings}');
    $directory = $tpl->_ENGINE_parse_body('{directory}');
    writelogs("Requested {$path_requested} ({$source_path} on {$mounted_path_decrypted}))", __FUNCTION__, __FILE__);
    $array = DirCaches($source_path, $mounted_path_decrypted);
    $page = CurrentPageName();
    if ($path_requested != $source_path) {
        writelogs("{$path_requested}<>{$source_path}", __FUNCTION__, __FILE__);
        if (substr($path_requested, strlen($path_requested) - 1, 1) == '/') {
            writelogs("strip slash of {$path_requested}", __FUNCTION__, __FILE__);
            $path_requested = substr($path_requested, 0, strlen($path_requested) - 1);
        }
        $path_requested = str_replace($source_path, '', $path_requested);
        if (substr($path_requested, 0, 1) == '/') {
            $path_requested = substr($path_requested, 1, strlen($path_requested));
        }
        writelogs("path_requested={$path_requested}", __FUNCTION__, __FILE__);
        writelogs("DirSubCaches({$source_path},{$path_requested},{$mounted_path_decrypted})", __FUNCTION__, __FILE__);
        $path = DirSubCaches($source_path, $path_requested, $mounted_path_decrypted);
    } else {
        if (is_array($array)) {
            while (list($num, $line) = each($array)) {
                $path_array = explode('/', $num);
                $path[$path_array[0]] = $path_array[0];
            }
            $newpath = "P:";
        }
    }
    if (!is_array($path)) {
        return null;
    }
    echo "<ul class=\"jqueryFileTree\" style=\"display: none;\">";
    echo "<li class=\"file ext_settings\"><a href=\"#\" rel=\"" . htmlentities($_POST['dir']) . "\">" . htmlentities("{$directory} " . basename($_POST['dir']) . " - {$settings}") . "</a></li>";
    while (list($num, $val) = each($path)) {
        if (trim($val) != null) {
            writelogs($val);
            echo "<li class=\"directory collapsed\"><a href=\"#\" rel=\"" . htmlentities($_POST['dir'] . '/' . $val) . "/\">" . htmlentities($val) . "</a></li>";
        }
    }
    if (!is_array($arr)) {
        return null;
    }
    $res = implode("\n", $arr);
    if (substr($res, strlen($res) - 1, 1) == ',') {
        $res = substr($res, 0, strlen($res) - 1);
    }
}
Beispiel #2
0
 public static function encodeCssId($id)
 {
     return SimpleCrypt::crypt($id);
 }
 /**
  * Encrypt the value before storing it in the database
  */
 public function GetSQLValues($value)
 {
     $oSimpleCrypt = new SimpleCrypt();
     $encryptedValue = $oSimpleCrypt->Encrypt(self::$sKey, $value);
     $aValues = array();
     $aValues[$this->Get("sql")] = $encryptedValue;
     return $aValues;
 }
Beispiel #4
0
function dowloadfile(){
	
if(!isset($_GET["xapian-file"])){return;}

	if(($_COOKIE["uid"]==null) OR ($_COOKIE["uid"]==-100)){
		$ldap=new clladp();
		$pass=$ldap->ldap_password;
	}else{	
		$ct=new user($_COOKIE["uid"]);
		$pass=$ct->password;
	}
	
	
	
	$cr=new SimpleCrypt($pass);
	$crypted=base64_decode($_GET["xapian-file"]);
	
	$path=$cr->decrypt(base64_decode($_GET["xapian-file"]));
	writelogs("Receive crypted file: $path ",__FUNCTION__,__FILE__,__LINE__);
	if(!is_file($path)){die();}
	if(strpos($path,'..')>0){die('HACK: ..');}
	$file=basename($path);
	$sock=new sockets();
	
	$content_type=base64_decode($sock->getFrameWork("cmd.php?mime-type=".base64_encode($path)));
	header('Content-type: '.$content_type);
	header('Content-Transfer-Encoding: binary');
	header("Content-Disposition: attachment; filename=\"$file\"");	
	header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
	header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date dans le passé	
	$fsize = filesize($path); 
	header("Content-Length: ".$fsize); 
	ob_clean();
	flush();
	readfile($path);	
	
}
Beispiel #5
0
function download_file()
{
    $ldap = new clladp();
    $cr = new SimpleCrypt($ldap->ldap_password);
    $path = $cr->decrypt(base64_decode($_GET["download-file"]));
    $file = basename($path);
    $sock = new sockets();
    $datas = base64_decode($sock->getFrameWork("cmd.php?file-content=" . base64_encode($path)));
    $content_type = base64_decode($sock->getFrameWork("cmd.php?mime-type=" . base64_encode($path)));
    header('Content-Type: ' . $content_type);
    header("Content-Disposition: inline; filename=\"{$file}\"");
    echo $datas;
}
 /**
  * Computes the hashed version of a password using a unique salt
  * for this password. A unique salt is generated if needed
  * @return string
  */
 protected function ComputeHash($sClearTextPwd)
 {
     if ($this->m_sSalt == null) {
         $this->m_sSalt = SimpleCrypt::GetNewSalt();
     }
     return hash('sha256', $this->m_sSalt . $sClearTextPwd);
 }
<?php

include_once 'ressources/class.sockets.inc';
include_once 'ressources/logs.inc';
include_once 'ressources/class.crypt.php';
include_once 'ressources/class.user.inc';
if (isset($_GET["path"])) {
    $sock = new sockets();
    if (strpos($_GET["path"], '..') > 0) {
        die('HACK: ..');
    }
    $path = "{$_GET["org"]}/{$_GET["path"]}";
    $sock->download_attach($path, $_GET["file"]);
}
if (isset($_GET["xapian-file"])) {
    if ($_SESSION["uid"] == null) {
        die;
    }
    $ct = new user($_SESSION["uid"]);
    $crypt = new SimpleCrypt($ct->password);
    $sock = new sockets();
    $sock->download_srvfile($crypt->decrypt($_GET["xapian-file"]));
}
Beispiel #8
0
    $fsize = filesize($path);
    header("Content-Length: " . $fsize);
    ob_clean();
    flush();
    readfile($path);
    //$sock->download_attach($path,$_GET["file"]);
}
if (isset($_GET["xapian-file"])) {
    if ($_SESSION["uid"] == null or $_SESSION["uid"] == -100) {
        $ldap = new clladp();
        $pass = $ldap->ldap_password;
    } else {
        $ct = new user($_SESSION["uid"]);
        $pass = $ct->password;
    }
    $cr = new SimpleCrypt($pass);
    $crypted = base64_decode($_GET["xapian-file"]);
    $path = $cr->decrypt(base64_decode($_GET["xapian-file"]));
    writelogs("Receive crypted file: {$path} ", __FUNCTION__, __FILE__, __LINE__);
    if (!is_file($path)) {
        die;
    }
    if (strpos($path, '..') > 0) {
        die('HACK: ..');
    }
    $file = basename($path);
    $sock = new sockets();
    $content_type = base64_decode($sock->getFrameWork("cmd.php?mime-type=" . base64_encode($path)));
    header('Content-type: ' . $content_type);
    header('Content-Transfer-Encoding: binary');
    header("Content-Disposition: attachment; filename=\"{$file}\"");
Beispiel #9
0
function FormatResponse($ligne, $users, $pass)
{
    $f = new filesClass();
    $crypt = new SimpleCrypt($pass);
    $uri = "<a href=\"download.attach.php?xapian-file=" . $crypt->encrypt($ligne["PATH"]) . "\">";
    $text_deco = "text-decoration:underline";
    if (!$users->AllowXapianDownload) {
        $text_deco = null;
    }
    $ligne["PATH"] = str_replace("'", '`', $ligne["PATH"]);
    $title = substr($ligne["DATA"], 0, 60);
    $title = "{$uri}<span style='color:#0000CC;{$text_deco};font-size:medium'>{$ligne["PERCENT"]}%&nbsp;{$title}</span></a>";
    $body = $ligne["DATA"];
    $body = wordwrap($body, 100, "<br />\n");
    $img = "img/file_ico/unknown.gif";
    $file = basename($ligne["PATH"]);
    $ext = $f->Get_extension(strtolower($file));
    if (is_file("img/file_ico/{$ext}.gif")) {
        $img = "img/file_ico/{$ext}.gif";
    }
    $html = "\n\t\n\t<table style='width:99%;margin-top:6px'>\n\t<tr>\n\t\t<td>\n\t\t<table style='width:100%'>\n\t\t<tr>\n\t\t\t<td valign='top' width=1%><img src='{$img}'></td>\n\t\t\t<td valign='top' width=1%>" . imgtootltip("folderopen.gif", "{path}:{$ligne["PATH"]}<br>{size}:{$ligne["SIZE"]}<br>{date}:{$ligne["TIME"]}") . "</td>\n\t\t\t<td valing='top'>{$title}</td>\n\t\t</tr>\n\t\t</table>\n\t</tr>\n\t<tr>\n\t<td><span style='font-size:small;color:#676767;'>&laquo&nbsp;<strong>{$file}</strong>&nbsp;&raquo;&nbsp;-&nbsp;{$ligne["TIME"]}</span></td>\n\t</tr>\n\t<tr>\n\t<td style='font-size:11px;'>{$body}</td>\n\t</tr>\n\t<tr>\n\t<td style='font-size:small;color:green;' align='left'>{$ligne["TYPE"]} ({$ligne["SIZE"]})</td>\n\t</tr>\t\n\t</table>\n\t";
    return $html;
}
Beispiel #10
0
function download_file(){
	$ldap=new clladp();
	$cr=new SimpleCrypt($ldap->ldap_password);
	$path=$cr->decrypt(base64_decode($_GET["download-file"]));
	$file=basename($path);
	$sock=new sockets();
	
	$content_type=base64_decode($sock->getFrameWork("cmd.php?mime-type=".urlencode(base64_encode($path))));
	header('Content-type: '.$content_type);
	
	header('Content-Transfer-Encoding: binary');
	header("Content-Disposition: attachment; filename=\"$file\"");	
	header("Pragma: public");
	header("Cache-Control: must-revalidate, post-check=0, pre-check=0");	
	header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date dans le passé	
	$fsize = filesize($path); 
	header("Content-Length: ".$fsize); 
	ob_clean();
	flush();
	readfile($path);	
		
	
}