function download_item($dir, $item, $unlink = false) { // download file global $action, $mosConfig_cache_path; // Security Fix: $item = basename($item); while (@ob_end_clean()) { } ob_start(); if (jx_isFTPMode()) { $abs_item = $dir . '/' . $item; } else { $abs_item = get_abs_item($dir, $item); if (!strstr($abs_item, realpath($GLOBALS['home_dir']))) { $abs_item = realpath($GLOBALS['home_dir']) . $abs_item; } } if (($GLOBALS["permissions"] & 01) != 01) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (!$GLOBALS['jx_File']->file_exists($abs_item)) { show_error($item . ": " . $GLOBALS["error_msg"]["fileexist"]); } if (!get_show_item($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["accessfile"]); } if (jx_isFTPMode()) { $abs_item = jx_ftp_make_local_copy($abs_item); $unlink = true; } $browser = id_browser(); header('Content-Type: ' . ($browser == 'IE' || $browser == 'OPERA' ? 'application/octetstream' : 'application/octet-stream')); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . filesize(realpath($abs_item))); //header("Content-Encoding: none"); if ($browser == 'IE') { header('Content-Disposition: attachment; filename="' . $item . '"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); } else { header('Content-Disposition: attachment; filename="' . $item . '"'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); } @set_time_limit(0); @readFileChunked($abs_item); if ($unlink == true) { unlink($abs_item); } ob_end_flush(); jx_exit(); }
$task = mosGetParam($_REQUEST, 'task'); require _QUIXPLORER_PATH . '/include/fun_bookmarks.php'; modify_bookmark($task, $dir); break; //------------------------------------------------------------------------------ //------------------------------------------------------------------------------ case 'show_error': show_error(''); break; //------------------------------------------------------------------------------ // DEFAULT: LIST FILES & DIRS //------------------------------------------------------------------------------ // DEFAULT: LIST FILES & DIRS case "list": default: require _QUIXPLORER_PATH . "/include/fun_list.php"; list_dir($dir); //------------------------------------------------------------------------------ } // end switch-statement //------------------------------------------------------------------------------ show_footer(); // Disconnect from ftp server if (jx_isFTPMode()) { $GLOBALS['FTPCONNECTION']->disconnect(); } // Empty the output buffer if this is a XMLHttpRequest if (jx_isXHR()) { jx_exit(); } //------------------------------------------------------------------------------
/** * Adds a new bookmark to the bookmark ini file * * @param string $dir */ function modify_bookmark($task, $dir) { global $my; $alias = substr(mosGetParam($_REQUEST, 'alias'), 0, 150); $bookmarks = read_bookmarks(); $bookmarkfile = _QUIXPLORER_PATH . '/config/bookmarks_' . $GLOBALS['file_mode'] . '_' . $my->id . '.php'; header("Status: 200 OK"); switch ($task) { case 'add': if (in_array($dir, $bookmarks)) { echo jx_alertBox($GLOBALS['messages']['already_bookmarked']); exit; } $alias = preg_replace('~[^\\w-.\\/\\\\]~', '', $alias); // Make the alias ini-safe by removing all non-word characters $bookmarks[$alias] = $dir; //we deal with the flippped array here $msg = jx_alertBox($GLOBALS['messages']['bookmark_was_added']); break; case 'remove': if (!in_array($dir, $bookmarks)) { echo jx_alertBox($GLOBALS['messages']['not_a_bookmark']); exit; } $bookmarks = array_flip($bookmarks); unset($bookmarks[$dir]); $bookmarks = array_flip($bookmarks); $msg = jx_alertBox($GLOBALS['messages']['bookmark_was_removed']); } $inifile = "; <?php if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access' ); ?>\n"; $inifile .= $GLOBALS['messages']['homelink'] . "=\n"; foreach ($bookmarks as $alias => $directory) { //changed by pokemon if (empty($directory) || empty($alias)) { continue; } $inifile .= "{$alias}={$directory}\n"; } if (!is_writable($bookmarkfile)) { echo jx_alertBox(sprintf($GLOBALS['messages']['bookmarkfile_not_writable'], $task, $bookmarkfile)); exit; } file_put_contents($bookmarkfile, $inifile); echo $msg; echo list_bookmarks($dir); jx_exit(); }
/** * Zip & TarGzip Functions */ function archive_items($dir) { global $mosConfig_absolute_path; if (($GLOBALS["permissions"] & 01) != 01) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (!$GLOBALS["zip"] && !$GLOBALS["tgz"]) { show_error($GLOBALS["error_msg"]["miscnofunc"]); } $allowed_types = array('zip', 'tgz', 'tbz', 'tar'); $actionURL = str_replace("index2.php", "index3.php", make_link("arch", $dir, NULL)); // If we have something to archive, let's do it now if (isset($GLOBALS['__POST']["name"])) { $saveToDir = $GLOBALS['__POST']['saveToDir']; if (!file_exists(get_abs_dir($saveToDir))) { echo jx_scriptTag('', '$(\'loadingindicator\').style.display=\'none\';'); echo jx_alertBox('The Save-To Directory you have specified does not exist.'); die('The Save-To Directory you have specified does not exist.'); } if (!is_writable(get_abs_dir($saveToDir))) { echo jx_scriptTag('', '$(\'loadingindicator\').style.display=\'none\';'); echo jx_alertBox('Please specify a writable directory to save the archive to.'); die('Please specify a writable directory to save the archive to.'); } require_once _QUIXPLORER_PATH . '/libraries/Archive.php'; if (!in_array(strtolower($GLOBALS['__POST']["type"]), $allowed_types)) { echo 'Unknown Archive Format: ' . htmlspecialchars($GLOBALS['__POST']["type"]); jx_exit(); } while (@ob_end_clean()) { } header('Status: 200 OK'); echo '<?xml version="1.0" ?>' . "\n"; $files_per_step = 2500; $cnt = count($GLOBALS['__POST']["selitems"]); $abs_dir = get_abs_dir($dir); $name = basename(stripslashes($GLOBALS['__POST']["name"])); if ($name == "") { show_error($GLOBALS["error_msg"]["miscnoname"]); } $download = mosGetParam($_REQUEST, 'download', "n"); $startfrom = mosGetParam($_REQUEST, 'startfrom', 0); $archive_name = get_abs_item($saveToDir, $name); $fileinfo = pathinfo($archive_name); if (empty($fileinfo['extension'])) { $archive_name .= "." . $GLOBALS['__POST']["type"]; $fileinfo['extension'] = $GLOBALS['__POST']["type"]; } foreach ($allowed_types as $ext) { if ($GLOBALS['__POST']["type"] == $ext && @$fileinfo['extension'] != $ext) { $archive_name .= "." . $ext; } } for ($i = 0; $i < $cnt; $i++) { $selitem = stripslashes($GLOBALS['__POST']["selitems"][$i]); if (is_dir($abs_dir . "/" . $selitem)) { $items = mosReadDirectory($abs_dir . "/" . $selitem, '.', true, true); foreach ($items as $item) { if (is_dir($item) || !is_readable($item) || $item == $archive_name) { continue; } $v_list[] = $item; } } else { $v_list[] = $abs_dir . "/" . $selitem; } } $cnt_filelist = count($v_list); $remove_path = $GLOBALS["home_dir"]; if ($dir) { $remove_path .= $dir . $GLOBALS['separator']; } for ($i = $startfrom; $i < $cnt_filelist && $i < $startfrom + $files_per_step; $i++) { $filelist[] = File_Archive::read($v_list[$i], str_replace($remove_path, '', $v_list[$i])); } //echo '<strong>Starting from: '.$startfrom.'</strong><br />'; //echo '<strong>Files to process: '.$cnt_filelist.'</strong><br />'; //print_r( $filelist );exit; // Do some setup stuff ini_set('memory_limit', '128M'); @set_time_limit(0); error_reporting(E_ERROR | E_PARSE); $result = File_Archive::extract($filelist, $archive_name); if (PEAR::isError($result)) { echo $name . ": Failed saving Archive File. Error: " . $result->getMessage(); jx_exit(); } if ($cnt_filelist > $startfrom + $files_per_step) { echo "\n <script type=\"text/javascript\">document.archform.startfrom.value = '" . ($startfrom + $files_per_step) . "';</script>\n"; echo '<script type="text/javascript"> doArchiving( \'' . $actionURL . '\' );</script>'; printf($GLOBALS['messages']['processed_x_files'], $startfrom + $files_per_step, $cnt_filelist); } else { if ($GLOBALS['__POST']["type"] == 'tgz' || $GLOBALS['__POST']["type"] == 'tbz') { chmod($archive_name, 0644); } if ($download == "y") { echo '<script type="text/javascript">document.location=\'' . make_link('download', dirname($archive_name), basename($archive_name)) . '\';</script>'; } else { echo '<script type="text/javascript">document.location=\'' . str_replace("index3.php", "index2.php", make_link("list", $dir, NULL)) . '&mosmsg=The%20Archive%20File%20has%20been%20created\';</script>'; } } jx_exit(); } ?> <script type="text/javascript" src="components/com_joomlaxplorer/scripts/functions.js"></script> <script type="text/javascript"> function doArchiving( url ) { showLoadingIndicator( $('loadingindicator'), true ); $('loadingindicator').style.display = ''; var controller = new Ajax( url, { postBody: $('adminform'), evalScripts: true, update: 'statustext' } ); controller.request(); return false; }</script> <?php show_header($GLOBALS["messages"]["actarchive"]); ?> <br/> <form name="archform" method="post" action="<?php echo $actionURL; ?> " onsubmit="return doArchiving(this.action);" id="adminform"> <input type="hidden" name="no_html" value="1" /> <input type="hidden" name="startfrom" value="0" /> <?php $cnt = count($GLOBALS['__POST']["selitems"]); for ($i = 0; $i < $cnt; ++$i) { echo '<input type="hidden" name="selitems[]" value="' . stripslashes($GLOBALS['__POST']["selitems"][$i]) . '">'; } ?> <table class="adminform" style="width:600px;"> <tr><td colspan="2" style="text-align:center;display:none;" id="loadingindicator"><strong><?php echo $GLOBALS['messages']['creating_archive']; ?> </strong></td></tr> <tr><td colspan="2" style="font-weight:bold;text-align:center" id="statustext"> </td></tr> <tr><td><?php echo $GLOBALS['messages']['archive_name']; ?> :</td> <td align="left"> <input type="text" name="name" size="25" value="<?php echo $dir != '' ? basename($dir) : $GLOBALS['__POST']["selitems"][0]; ?> " /> </td> </tr> <tr><td><?php echo $GLOBALS["messages"]["typeheader"]; ?> :</td> <td align="left"> <select name="type"> <?php if (extension_loaded("zlib")) { echo '<option value="zip">Zip (' . $GLOBALS["messages"]['normal_compression'] . ')</option>' . "\n"; echo '<option value="tgz">Tar/Gz (' . $GLOBALS["messages"]['good_compression'] . ')</option>' . "\n"; } if (extension_loaded("bz2")) { echo '<option value="tbz">Tar/Bzip2 (' . $GLOBALS["messages"]['best_compression'] . ')</option>' . "\n"; } echo '<option value="" disabled="disabled"> - - - - - - -</option>' . "\n"; echo '<option value="tar">Tar (' . $GLOBALS["messages"]['no_compression'] . ')</option>' . "\n"; ?> </select> </td> </tr> <tr><td><?php echo $GLOBALS['messages']['archive_saveToDir']; ?> :</td> <td align="left"> <input type="text" name="saveToDir" size="50" value="<?php echo $dir; ?> " /> </td> </tr> <tr><td><?php echo $GLOBALS["messages"]["downlink"]; ?> ?:</td> <td align="left"> <input type="checkbox" checked="checked" name="download" value="y" /> </td> </tr> <tr> <td colspan="2" style="text-align:center;"> <input type="submit" value="<?php echo $GLOBALS["messages"]["btncreate"]; ?> "> <input type="button" value="<?php echo $GLOBALS["messages"]["btncancel"]; ?> " onclick="javascript:location='<?php echo make_link("list", $dir, NULL); ?> ';"> </td> </tr> <tr><td colspan="2"> </td></tr> </table> </form> <br/> <script type="text/javascript">if(document.archform) document.archform.name.focus();</script> <?php }