Ejemplo n.º 1
0
     }
     $msg->addFeedback('DIRS_MOVED');
 }
 /// END of $_POST['listofdirs'] marked for delete
 if (isset($_POST['listoffiles'])) {
     $_files = explode(',', $_POST['listoffiles']);
     $count = count($_files);
     for ($i = 0; $i < $count; $i++) {
         $source = $_files[$i];
         if (course_realpath($current_path . $pathext . $source) == FALSE) {
             // error: File does not exist
             $msg->addError('FILE_NOT_EXIST');
             header('Location: index.php?pathext=' . $pathext . SEP . 'framed=' . $framed . SEP . 'popup=' . $popup . SEP . 'cp=' . $_POST['cp'] . SEP . 'cid=' . $_POST['cid'] . SEP . 'pid=' . $_POST['pid'] . SEP . 'a_type=' . $_POST['a_type']);
             exit;
         } else {
             if (course_realpath($current_path . $dest) == FALSE) {
                 // error: File does not exist
                 $msg->addError('UNKNOWN');
                 header('Location: index.php?pathext=' . $pathext . SEP . 'framed=' . $framed . SEP . 'popup=' . $popup . SEP . 'cp=' . $_POST['cp'] . SEP . 'cid=' . $_POST['cid'] . SEP . 'pid=' . $_POST['pid'] . SEP . 'a_type=' . $_POST['a_type']);
                 exit;
             } else {
                 if (strpos($source, '..') !== false) {
                     $msg->addError('UNKNOWN');
                     header('Location: index.php?pathext=' . $pathext . SEP . 'framed=' . $framed . SEP . 'popup=' . $popup . SEP . 'cp=' . $_POST['cp'] . SEP . 'cid=' . $_POST['cid'] . SEP . 'pid=' . $_POST['pid'] . SEP . 'a_type=' . $_POST['a_type']);
                     exit;
                 } else {
                     // The Home/ directory does not exists, its really /
                     if ($dest == _AT('home') . "/") {
                         $dest = "/";
                     }
                     @rename($current_path . $pathext . $source, $current_path . $dest . $source);
Ejemplo n.º 2
0
if (isset($_POST['savenewfile'])) {
    if (isset($_POST['filename']) && $_POST['filename'] != "") {
        $filename = preg_replace("{[^a-zA-Z0-9_]}", "_", trim($_POST['filename']));
        $pathext = $_POST['pathext'];
        $current_path = AT_CONTENT_DIR . $_SESSION['course_id'] . '/';
        /* only html or txt extensions allowed */
        if ($_POST['extension'] == 'html') {
            $extension = 'html';
            $head_html = "<html>\n<head>\n<title>" . $_POST['filename'] . "</title>\n<head>\n<body>";
            $foot_html = "\n</body>\n</html>";
        } else {
            $extension = 'txt';
        }
        if (!@file_exists($current_path . $pathext . $filename . '.' . $extension)) {
            $content = str_replace("\r\n", "\n", $head_html . $_POST['body_text'] . $foot_html);
            if (course_realpath($current_path . $pathext . $filename . '.' . $extension) == FALSE) {
                $msg->addError('FILE_NOT_SAVED');
                /* take user to home page to avoid unspecified error warning */
                header('Location: index.php?pathext=' . SEP . 'framed=' . $framed . SEP . 'popup=' . $popup);
                exit;
            }
            if (($f = fopen($current_path . $pathext . $filename . '.' . $extension, 'w')) && @fwrite($f, stripslashes($content)) !== false && @fclose($f)) {
                $msg->addFeedback(array('FILE_SAVED', $filename . '.' . $extension));
                header('Location: index.php?pathext=' . urlencode($_POST['pathext']) . SEP . 'popup=' . $_POST['popup']);
                exit;
            } else {
                $msg->addError('FILE_NOT_SAVED');
                header('Location: index.php?pathext=' . $pathext . SEP . 'framed=' . $framed . SEP . 'popup=' . $popup);
                exit;
            }
        } else {
Ejemplo n.º 3
0
if (isset($_POST['submit_no'])) {
    $msg->addFeedback('CANCELLED');
    header('Location: index.php?pathext=' . $_POST['pathext'] . SEP . 'framed=' . $_POST['framed'] . SEP . 'popup=' . $_POST['popup'] . SEP . 'cp=' . $_POST['cp'] . SEP . 'cid=' . $_POST['cid'] . SEP . 'pid=' . $_POST['pid'] . SEP . 'a_type=' . $_POST['a_type']);
    exit;
}
if (isset($_POST['submit_yes'])) {
    /* delete files and directories */
    /* delete the file  */
    $pathext = $_POST['pathext'];
    if (isset($_POST['listoffiles'])) {
        $checkbox = explode(',', $_POST['listoffiles']);
        $count = count($checkbox);
        $result = true;
        for ($i = 0; $i < $count; $i++) {
            $filename = $checkbox[$i];
            if (course_realpath($current_path . $pathext . $filename) == FALSE) {
                $msg->addError('FILE_NOT_DELETED');
                $result = false;
                break;
            } else {
                if (!@unlink($current_path . $pathext . $filename)) {
                    $msg->addError('FILE_NOT_DELETED');
                    $result = false;
                    break;
                }
            }
        }
        if ($result) {
            // delete according definition of primary resources and alternatives for adapted content
            $filename = '../' . $pathext . $filename;
            // 1. delete secondary resources types
Ejemplo n.º 4
0
    /* check if this file extension is allowed: */
    /* $IllegalExtentions is defined in ./include/config.inc.php */
    if (in_array($ext_new, $IllegalExtentions)) {
        $errors = array('FILE_ILLEGAL', $ext_new);
        $msg->addError($errors);
    } else {
        if ($current_path . $pathext . $_POST['new_name'] == $current_path . $pathext . $_POST['oldname']) {
            //do nothing
            $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
            header('Location: index.php?pathext=' . urlencode($_POST['pathext']) . SEP . 'framed=' . $_POST['framed'] . SEP . 'popup=' . $_POST['popup'] . SEP . 'cp=' . $_POST['cp'] . SEP . 'cid=' . $_POST['cid'] . SEP . 'pid=' . $_POST['pid'] . SEP . 'a_type=' . $_POST['a_type']);
            exit;
        } else {
            if (course_realpath($current_path . $pathext . $_POST['new_name']) == FALSE) {
                $msg->addError('CANNOT_RENAME');
            } else {
                if (course_realpath($current_path . $pathext . $_POST['oldname']) == FALSE) {
                    $msg->addError('CANNOT_RENAME');
                } else {
                    if (file_exists($current_path . $pathext . $_POST['new_name'])) {
                        $msg->addError('CANNOT_RENAME');
                    } else {
                        @rename($current_path . $pathext . $_POST['oldname'], $current_path . $pathext . $_POST['new_name']);
                        $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
                        header('Location: index.php?pathext=' . urlencode($_POST['pathext']) . SEP . 'framed=' . $_POST['framed'] . SEP . 'popup=' . $_POST['popup'] . SEP . 'cp=' . $_POST['cp'] . SEP . 'cid=' . $_POST['cid'] . SEP . 'pid=' . $_POST['pid'] . SEP . 'a_type=' . $_POST['a_type']);
                        exit;
                    }
                }
            }
        }
    }
}