function GetFoldersAndFiles($currentFolder, $type) { $trust_mode = $type != 'Image'; // Map the virtual path to the local server path. $sServerDir = $trust_mode ? FCK_TRUSTUPLOAD_PATH . $currentFolder : FCK_UPLOAD_PATH . $currentFolder; // Arrays that will hold the folders and files names. $aFolders = array(); $aFiles = array(); // check the directory exists if (!is_dir($sServerDir)) { echo '<Folders /><Files /><CustomError message="Create folder ' . htmlspecialchars($sServerDir, ENT_QUOTES) . ' first" />'; return; } $oCurrentFolder = opendir($sServerDir); while (($sFile = readdir($oCurrentFolder)) !== false) { if (substr($sFile, 0, 1) == '.') { continue; } if (is_dir($sServerDir . $sFile)) { // folder $aFolders[] = '<Folder name="' . ConvertToXmlAttribute($sFile) . '" />'; } else { // uid prefix check if (!empty($GLOBALS['fck_check_user_prefix'])) { if (!strstr($sFile, $GLOBALS['fck_user_prefix'])) { continue; } } // extension check if (!empty($GLOBALS['fck_resource_type_extensions'][$type])) { // file limitation by extension and resource type if ($trust_mode) { $extension = strtolower(substr(strrchr(DecodeFileName(substr($sFile, strlen($GLOBALS['fck_user_prefix']))), '.'), 1)); } else { $extension = strtolower(substr(strrchr($sFile, '.'), 1)); } if (!in_array($extension, $GLOBALS['fck_resource_type_extensions'][$type])) { continue; } } // filesize $iFileSize = filesize($sServerDir . $sFile); if ($iFileSize > 0) { $iFileSize = round($iFileSize / 1024); if ($iFileSize < 1) { $iFileSize = 1; } } // filemtime $iFileMtime = filemtime($sServerDir . $sFile); // can_delete $iCanDelete = intval(CheckCanDelete($sServerDir . $sFile)); if ($trust_mode) { // separate filename into 'display name' and 'url' $sFileDisplayName = DecodeFileName(substr($sFile, strlen($GLOBALS['fck_user_prefix']))); $sFileUrl = FCK_TRUSTUPLOAD_URL . $currentFolder . $sFile; $sXmlEntry = '<File name="' . $sFileDisplayName . '" url="' . $sFileUrl . '" size="' . $iFileSize . '" mtime="' . $iFileMtime . '" can_delete="' . $iCanDelete . '" />'; } else { $sXmlEntry = '<File name="' . ConvertToXmlAttribute($sFile) . '" size="' . $iFileSize . '" mtime="' . $iFileMtime . '" can_delete="' . $iCanDelete . '" />'; } $aFiles[$sXmlEntry] = $iFileMtime; } } // Send the folders sort($aFolders); echo '<Folders>'; foreach ($aFolders as $sFolder) { echo $sFolder; } echo '</Folders>'; // Send the files arsort($aFiles); echo '<Files>'; foreach (array_keys($aFiles) as $sFiles) { echo $sFiles; } echo '</Files>'; // Send ticket (easy ticket) echo '<Ticket value="' . md5(session_id()) . '" />'; }
<?php require dirname(__FILE__) . '/mimes.php'; // for XOOPS require '../../../../../../mainfile.php'; require_once dirname(__FILE__) . '/functions.php'; if (file_exists(dirname(__FILE__) . '/config_and_auth.inc.php')) { include dirname(__FILE__) . '/config_and_auth.inc.php'; } else { include dirname(__FILE__) . '/config_and_auth.inc.dist.php'; } // Get the main request informaiton. $file = preg_replace('?[^0-9a-zA-Z_/-]?', '', @$_GET['file']); $full_path = FCK_TRUSTUPLOAD_PATH_BASE . $file; $original_file_name = DecodeFileName(substr(strrchr(basename($file), '_'), 1)); $ext = strtolower(substr(strrchr($original_file_name, '.'), 1)); // language problem ... IE should be exterminated... $original_file_name4header = $original_file_name; $ua = @$_SERVER['HTTP_USER_AGENT']; if (substr($GLOBALS['xoopsConfig']['language'], 0, 2) == 'ja' && strstr($ua, 'MSIE') && !strstr($ua, 'Opera')) { $original_file_name4header = mb_convert_encoding($original_file_name, 'SJIS', 'UTF-8'); } // remove output bufferings while (ob_get_level()) { ob_end_clean(); } // can headers be sent? if (headers_sent()) { restore_error_handler(); die("Can't send headers. check language files etc."); }