function compile() { WFToken::checkToken() or die('RESTRICTED ACCESS'); wfimport('admin.classes.packer'); $base = dirname(dirname(__FILE__)); $editor = JRequest::getWord('editor', 'codemirror'); $theme = JRequest::getWord('theme', 'textmate'); switch (JRequest::getWord('type', 'base')) { case 'base': $files = array(); $files[] = $base . DS . 'js' . DS . 'codemirror' . DS . 'base.js'; $type = 'javsacript'; break; case 'parser': $files = array(); $files[] = $base . DS . 'js' . DS . 'codemirror' . DS . 'parser.js'; // javascript $type = 'javsacript'; break; case 'css': $path = $base . DS . 'css' . DS . 'codemirror'; $files = array($path . DS . 'editor.css', $path . DS . 'theme' . DS . $theme . '.css'); $type = 'css'; break; } $packer = new WFPacker(array('type' => $type)); // set files $packer->setFiles($files); // pack! $packer->pack(true, $this->getParam('editor.compress_gzip', 0)); }
/** * Execute the theme item * @access public */ public function execute() { WFToken::checkToken() or die('RESTRICTED ACCESS'); $document = WFDocument::getInstance(array('title' => WFText::_('WF_' . strtoupper($this->get('dialog')) . '_TITLE'), 'version' => $this->getVersion(), 'name' => $this->get('dialog'))); $this->display(); // pack assets if required $document->pack(true, $this->getParam('editor.compress_gzip', 0)); // get view $view = $this->getView(); // set body output $document->setBody($view->loadTemplate()); $document->render(); }
/** * @access protected */ function __construct() { if (JRequest::getCmd('action') == 'thumbnail') { WFToken::checkToken() or die('RESTRICTED'); $file = JRequest::getVar('img'); // check file path WFUtility::checkPath($file); if ($file && preg_match('/\\.(jpg|jpeg|png|gif|tiff|bmp)$/i', $file)) { return $this->createCacheThumb(rawurldecode($file)); } } parent::__construct(); // get browser $browser = $this->getBrowser(); $request = WFRequest::getInstance(); if ($browser->getFilesystem()->get('local')) { $this->set('_edit', 1); } // Check GD if (!function_exists('gd_info')) { $this->set('_edit', 0); } if (JRequest::getCmd('dialog', 'plugin') == 'plugin') { // add browser events $browser->addEvent('onGetItems', array($this, 'onGetItems')); $browser->addEvent('onUpload', array($this, 'onUpload')); $browser->addEvent('onFilesDelete', array($this, 'onFilesDelete')); // Setup plugin XHR callback functions $request->setRequest(array($this, 'getDimensions')); $request->setRequest(array($this, 'getThumbnailDimensions')); $request->setRequest(array($this, 'getThumbnails')); if ($this->getParam('imgmanager_ext.thumbnail_editor', 1)) { $request->setRequest(array($this, 'createThumbnail')); $request->setRequest(array($this, 'deleteThumbnail')); } } else { $request->setRequest(array($this, 'saveEdit')); } }
public function getToken($id) { return '<input type="hidden" id="wf_' . $id . '_token" name="' . WFToken::getToken() . '" value="1" />'; }
/** * Upload a file. * @return array $error on failure or uploaded file name on success */ public function upload() { // Check for request forgeries WFToken::checkToken() or die; //JError::setErrorHandling(E_ALL, 'callback', array('WFError', 'raiseError')); // check for feature access if (!$this->checkFeature('upload')) { JError::raiseError(403, 'RESTRICTED ACCESS'); } $wf = WFEditor::getInstance(); jimport('joomla.filesystem.file'); // HTTP headers for no cache etc //header('Content-type: text/plain; charset=UTF-8'); header("Expires: Wed, 4 Apr 1984 13:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // get uploaded file $file = JRequest::getVar('file', '', 'files', 'array'); // get file name $name = JRequest::getVar('name', $file['name']); // target directory $dir = JRequest::getVar('upload-dir'); // deocode directory $dir = rawurldecode($dir); // check destination path WFUtility::checkPath($dir); // decode name $name = rawurldecode($name); // get extension $ext = WFUtility::getExtension($name); // strip extension $name = WFUtility::stripExtension($name); // make file name 'web safe' $name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8')); // empty name if ($name == '') { JError::raiseError(403, 'INVALID FILE NAME'); } // check for extension in file name or blank file name if (preg_match('#\\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|shtml|sh|cgi)#i', $name)) { JError::raiseError(403, 'INVALID FILE NAME'); } // create a filesystem result object $result = new WFFileSystemResult(); $filesystem = $this->getFileSystem(); $complete = false; $contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER'); // rebuild file name - name + extension $name = $name . '.' . $ext; // Only multipart uploading is supported for now if ($contentType && strpos($contentType, "multipart") !== false) { if (isset($file['tmp_name']) && is_uploaded_file($file['tmp_name'])) { // check for valid extension if (in_array(strtolower($ext), $this->getFileTypes('array')) === false) { $result->state = false; $result->message = WFText::_('WF_MANAGER_UPLOAD_INVALID_EXT_ERROR'); $complete = true; @unlink($file['tmp_name']); } else { if ($this->validateUploadedFile($file, $result) === false) { $complete = true; @unlink($file['tmp_name']); } else { $result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name); if (!$result->state) { $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $result->code = 103; } @unlink($file['tmp_name']); $complete = true; } } } } else { $result->state = false; $result->code = 103; $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $complete = true; } // upload finished if ($complete) { if ($result instanceof WFFileSystemResult) { if ($result->state === true) { $path = $result->path; $this->setResult($this->fireEvent('onUpload', array($result->path))); $this->setResult(basename($result->path), 'files'); } else { $this->setResult($result->message, 'error'); } } die(json_encode($this->getResult())); } }
/** * Text area with WYSIWYG * * @param type $element * * @return type */ static function tiny_mce($element) { // Load js and style sheet for frontend $base = JUri::root(); $jCfg = JFactory::getConfig(); $language = JFactory::getLanguage(); $text_direction = 'data-direction="ltr"'; if ($language->isRTL()) { $text_direction = 'data-direction="rtl"'; } $urlbase = 'data-url=' . $base; if (file_exists(JPATH_ROOT . "/media/editors/tinymce/langs/" . $language->getTag() . ".js")) { $langPrefix = $language->getTag(); } elseif (file_exists(JPATH_ROOT . "/media/editors/tinymce/langs/" . substr($language->getTag(), 0, strpos($language->getTag(), '-')) . ".js")) { $langPrefix = substr($language->getTag(), 0, strpos($language->getTag(), '-')); } else { $langPrefix = "en"; } $langPrefix = "data-lang=" . $langPrefix; $jceData = ""; if (file_exists(JPATH_ROOT . '/media/editors/tinymce/tinymce.min.js') && $jCfg->get('editor') != 'jce') { if ($jCfg->get('editor') != 'tinymce') { JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/tinymce.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/table/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/link/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/image/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/code/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/hr/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/charmap/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/autolink/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/lists/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/plugins/importcss/plugin.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/themes/modern/theme.min.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/skins/lightgray/content.inline.min.css', 'css'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/skins/lightgray/content.min.css', 'css'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/skins/lightgray/skin.min.css', 'css'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'media/editors/tinymce/skins/lightgray/skin.ie7.min.css', 'css'); } $editor = 'tinymce'; } elseif ($jCfg->get('editor') == 'jce') { include_once JPATH_ROOT . "/administrator/components/com_jce/includes/loader.php"; include_once JPATH_ROOT . "/administrator/components/com_jce/models/editor.php"; include_once JPATH_ROOT . "/components/com_jce/editor/libraries/classes/token.php"; // create token $token = WFToken::getToken(); $jceData .= " data-token=" . $token; // etag - version $editor = new WFModelEditor(); $setting = $editor->getEditorSettings(); $etag = $setting['etag']; $jceData .= " data-etag=" . $etag; // get current component $option = JFactory::getApplication()->input->get('option'); $component = WFExtensionHelper::getComponent(null, $option); // set default component id $component_id = 0; $component_id = isset($component->extension_id) ? $component->extension_id : ($component->id ? $component->id : 0); $jceData .= " data-component_id=" . $component_id; $editor = 'jce'; } else { JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'plugins/system/jsnframework/assets/3rd-party/jquery-jwysiwyg/jquery.wysiwyg.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'plugins/system/jsnframework/assets/3rd-party/jquery-jwysiwyg/jquery.wysiwyg.css', 'css'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'plugins/system/jsnframework/assets/3rd-party/jquery-jwysiwyg/jquery.wysiwyg-0.9.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'plugins/system/jsnframework/assets/3rd-party/jquery-jwysiwyg/jquery.wysiwyg-0.9.css', 'css'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'plugins/system/jsnframework/assets/3rd-party/jquery-jwysiwyg/controls/wysiwyg.colorpicker.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'plugins/system/jsnframework/assets/3rd-party/jquery-jwysiwyg/controls/wysiwyg.table.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'plugins/system/jsnframework/assets/3rd-party/jquery-jwysiwyg/controls/wysiwyg.cssWrap.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'plugins/system/jsnframework/assets/3rd-party/jquery-jwysiwyg/controls/wysiwyg.image.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag($base . 'administrator/components/com_pagebuilder/assets/js/jquery-jwysiwyg/controls/wysiwyg.link.js', 'js'); JSNPagebuilderHelpersFunctions::print_asset_tag(JSNPB_ASSETS_URL . 'css/jwysiwyg.css', 'css'); } $element = self::get_extra_info($element); $label = self::get_label($element); $type = !empty($element["input-type"]) ? $element["input-type"] : "text"; $role = isset($element['role']) ? "role_{$element['role']}" : ''; $role2 = isset($element['role_2']) ? 'data-role="title"' : ''; $output = "<textarea type='{$type}' class='{$element['class']} jsn_tiny_mce {$role} {$editor}' id='{$element['id']}' name='{$element['id']}' {$role2} {$text_direction} {$urlbase} {$langPrefix} {$jceData} DATA_INFO>{$element['std']}</textarea>"; return self::final_element($element, $output, $label); }
/** * Process an ajax call and return result * * @access public * @return string */ public function process($array = false) { // Check for request forgeries WFToken::checkToken() or die('Access to this resource is restricted'); $filter = JFilterInput::getInstance(); $json = JRequest::getVar('json', '', 'POST', 'STRING', 2); $action = JRequest::getWord('action'); // set error handling for requests JError::setErrorHandling(E_ALL, 'callback', array('WFRequest', 'raiseError')); if ($action || $json) { // set request flag define('JCE_REQUEST', 1); $output = array("result" => null, "text" => null, "error" => null); if ($json) { // remove slashes $json = stripslashes($json); // convert to JSON object $json = json_decode($json); // invalid JSON if (is_null($json)) { throw new InvalidArgumentException('Invalid JSON'); } // no function call if (isset($json->fn) === false) { throw new InvalidArgumentException('Invalid Function Call'); } // get function call $fn = $json->fn; // get arguments $args = isset($json->args) ? $json->args : array(); } else { $fn = $action; $args = array(); } // clean function $fn = $filter->clean($fn, 'cmd'); // check query $this->checkQuery($args); // call function if (array_key_exists($fn, $this->request)) { $method = $this->request[$fn]; // set default function call $call = null; if (!isset($method->ref)) { $call = $method->fn; if (!function_exists($call)) { throw new InvalidArgumentException('Invalid Function - "' . $call . '"'); } } else { if (!method_exists($method->ref, $method->fn)) { throw new InvalidArgumentException('Invalid Method "' . $method->ref . '::' . $method->fn . '"'); } $call = array($method->ref, $method->fn); } if (!$call) { throw new InvalidArgumentException('Invalid Function Call'); } if (!is_array($args)) { $result = call_user_func($call, $args); } else { $result = call_user_func_array($call, $args); } } else { if ($fn) { throw new InvalidArgumentException('Unregistered Function - "' . addslashes($fn) . '"'); } else { throw new InvalidArgumentException('Invalid Function Call'); } } $output = array("result" => $result); ob_start(); // set output headers header('Content-Type: text/json;charset=UTF-8'); header('Content-Encoding: UTF-8'); header("Expires: Mon, 4 April 1984 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); echo json_encode($output); exit(ob_get_clean()); } }
public function execute() { WFToken::checkToken() or die('Access to this resource is restricted'); // JSON request or upload action if ($this->isRequest()) { $request = WFRequest::getInstance(); $request->process(); } else { $wf = WFEditor::getInstance(); $version = $this->getVersion(); $name = $this->getName(); // process javascript languages if (JRequest::getWord('task') == 'loadlanguages') { wfimport('admin.classes.language'); $parser = new WFLanguageParser(array( 'plugins' => array($name), 'sections' => array('dlg', $name . '_dlg', 'colorpicker'), 'mode' => 'plugin' )); $data = $parser->load(); $parser->output($data); } // load core language WFLanguage::load('com_jce', JPATH_ADMINISTRATOR); // Load Plugin language WFLanguage::load('com_jce_' . trim($this->getName())); // set default plugin version $plugin_version = $this->getPluginVersion(); // add plugin version if ($plugin_version && $plugin_version != $version) { $version .= '-' . $plugin_version; } // create the document $document = WFDocument::getInstance(array( 'version' => $version, 'title' => WFText::_('WF_' . strtoupper($this->getName() . '_TITLE')), 'name' => $name, 'language' => WFLanguage::getTag(), 'direction' => WFLanguage::getDir(), 'compress_javascript' => $this->getParam('editor.compress_javascript', 0), 'compress_css' => $this->getParam('editor.compress_css', 0) )); // set standalone mode $document->set('standalone', JRequest::getInt('standalone', 0)); // create display $this->display(); // ini language $document->addScript(array('index.php?option=com_jce&view=editor&' . $document->getQueryString(array('task' => 'loadlanguages', 'lang' => WFLanguage::getCode()))), 'joomla'); // pack assets if required $document->pack(true, $this->getParam('editor.compress_gzip', 0)); // get the view $view = $this->getView(); // set body output $document->setBody($view->loadTemplate()); // render document $document->render(); } }
public function getBrowserLink($element = null, $filter = '') { wfimport('editor.libraries.classes.token'); $token = WFToken::getToken(); $url = 'index.php?option=com_jce&view=editor&layout=plugin&plugin=browser&standalone=1&' . $token . '=1'; if ($element) { $url .= '&element=' . $element; } if ($filter) { $url .= '&filter=' . $filter; } return $url; }
/** * Upload a file. * @return array $error on failure or uploaded file name on success */ function upload() { // Check for request forgeries WFToken::checkToken() or die; // check for feature access if (!$this->checkFeature('upload')) { JError::raiseError(403, 'RESTRICTED ACCESS'); } $wf = WFEditor::getInstance(); jimport('joomla.filesystem.file'); // HTTP headers for no cache etc //header('Content-type: text/plain; charset=UTF-8'); header("Expires: Wed, 4 Apr 1984 13:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // get uploaded file $file = JRequest::getVar('file', '', 'files', 'array'); // get file name $name = JRequest::getVar('name', $file['name']); $ext = WFUtility::getExtension($name); // check for extension in file name if (preg_match('#\\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|shtml|sh|cgi)#i', basename($name, '.' . $ext))) { JError::raiseError(403, 'INVALID FILE NAME'); } // get chunks $chunk = JRequest::getInt('chunk', 0); $chunks = JRequest::getInt('chunks', 1); // create a filesystem result object $result = new WFFileSystemResult(); $filesystem = $this->getFileSystem(); $complete = false; $contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER'); // Only multipart uploading is supported for now if ($contentType && strpos($contentType, "multipart") !== false) { if (isset($file['tmp_name']) && is_uploaded_file($file['tmp_name'])) { // validate file before continuing (first chunk only) if ($chunk == 0 && $wf->getParam('validate_mimetype', 0) && !preg_match('#(htm|html|txt)#', $ext)) { $this->validateUploadedFile($file); } // make file name 'web safe' $name = WFUtility::makeSafe($name); // get current dir $dir = JRequest::getVar('upload-dir', ''); // check destination path WFUtility::checkPath($dir); // Normal upload if ($chunks == 1) { $result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name); if (!$result->state) { $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $result->code = 103; } $complete = true; // Chunk uploading } else { $result = $filesystem->upload('multipart-chunking', trim($file['tmp_name']), $dir, $name, $chunks, $chunk); if (!$result->state) { $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $result->code = 103; } $complete = $chunk == $chunks - 1; } } } else { $result->state = false; $result->code = 103; $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $complete = true; } // upload finished if ($complete) { if (is_a($result, 'WFFileSystemResult')) { if ($result->state === true) { $this->setResult($this->fireEvent('onUpload', array($result->path))); $this->setResult(basename($result->path), 'files'); } } die(json_encode($this->getResult())); } }
public function execute() { WFToken::checkToken() or die('RESTRICTED ACCESS'); // JSON request or upload action if ($this->isRequest()) { $request = WFRequest::getInstance(); $request->process(); } else { $this->loadLanguage('com_jce', JPATH_ADMINISTRATOR); // Load Plugin language $this->loadPluginLanguage(); $version = $this->getVersion(); $name = $this->getName(); $xml = JApplicationHelper::parseXMLInstallFile(WF_EDITOR_PLUGINS . DS . $name . DS . $name . '.xml'); if (isset($xml['version'])) { $version = $xml['version']; } // create the document $document = WFDocument::getInstance(array('version' => $version, 'title' => WFText::_('WF_' . strtoupper($this->getName() . '_TITLE')), 'name' => $name, 'language' => $this->getLanguageTag(), 'direction' => $this->getLanguageDir(), 'compress_javascript' => $this->getParam('editor.compress_javascript', 0), 'compress_css' => $this->getParam('editor.compress_css', 0))); // set standalone mode $document->set('standalone', JRequest::getInt('standalone', 0)); // create display $this->display(); $document = WFDocument::getInstance(); // set standalone mode (for File Browser etc) if ($document->get('standalone') == 1) { // remove some scripts $document->removeScript('tiny_mce_popup', 'tiny_mce'); $document->removeScript('tiny_mce_utils', 'libraries'); } // pack assets if required $document->pack(true, $this->getParam('editor.compress_gzip', 0)); // get the view $view = $this->getView(); // set body output $document->setBody($view->loadTemplate()); // render document $document->render(); } }
/** * Process an ajax call and return result * * @access public * @return string */ public function process($array = false) { // Check for request forgeries WFToken::checkToken() or die('RESTRICTED ACCESS'); $json = JRequest::getVar('json', '', 'POST', 'STRING', 2); $action = JRequest::getWord('action'); // set error handling for requests JError::setErrorHandling(E_ALL, 'callback', array('WFRequest', 'raiseError')); if ($action || $json) { // set request flag define('JCE_REQUEST', 1); $output = array("result" => null, "text" => null, "error" => null); if ($json) { $json = json_decode($json); $fn = isset($json->fn) ? $json->fn : JError::raiseError(500, 'Invalid Function Call'); $args = isset($json->args) ? $json->args : array(); } else { $fn = $action; $args = array(); } // check query $this->checkQuery($args); // call function if (array_key_exists($fn, $this->request)) { $method = $this->request[$fn]; // set default function call $call = null; if (!isset($method->ref)) { $call = $method->fn; if (!function_exists($call)) { JError::raiseError(500, 'Invalid Function - "' . $call . '"'); } } else { if (!method_exists($method->ref, $method->fn)) { JError::raiseError(500, 'Invalid Method "' . $method->ref . '::' . $method->fn . '"'); } $call = array($method->ref, $method->fn); } if (!$call) { JError::raiseError(500, 'Invalid Function Call'); } if (!is_array($args)) { $result = call_user_func($call, $args); } else { $result = call_user_func_array($call, $args); } } else { if ($fn) { JError::raiseError(500, 'Unregistered Function - "' . addslashes($fn) . '"'); } else { JError::raiseError(500, 'Invalid Function Call'); } } $output = array("result" => $result); // set output headers header('Content-Type: text/json;charset=UTF-8'); header('Content-Encoding: UTF-8'); header("Expires: Mon, 4 April 1984 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); exit(json_encode($output)); } }
public function getBrowserLink($element = null, $filter = '') { require_once JPATH_SITE . DS . 'components' . DS . 'com_jce' . DS . 'editor' . DS . 'libraries' . DS . 'classes' . DS . 'token.php'; $token = WFToken::getToken(); $url = 'index.php?option=com_jce&view=editor&layout=plugin&plugin=browser&standalone=1&' . $token . '=1'; if ($element) { $url .= '&element=' . $element; } if ($filter) { $url .= '&filter=' . $filter; } return $url; }
/** * Upload a file. * @return array $error on failure or uploaded file name on success */ public function upload() { // Check for request forgeries WFToken::checkToken() or die; // check for feature access if (!$this->checkFeature('upload')) { JError::raiseError(403, 'Access to this resource is restricted'); } $filesystem = $this->getFileSystem(); jimport('joomla.filesystem.file'); header('Content-Type: text/json;charset=UTF-8'); header("Expires: Wed, 4 Apr 1984 13:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // get uploaded file $file = JRequest::getVar('file', '', 'files', 'array'); // validate file data $this->validateUploadedFile($file); // get file name $name = JRequest::getVar('name', $file['name']); // decode name $name = rawurldecode($name); // check name if (WFUtility::validateFileName($name) === false) { throw new InvalidArgumentException('Upload Failed: The file name contains an invalid extension.'); } // check file name WFUtility::checkPath($name); // get extension from file name $ext = WFUtility::getExtension($file['name']); // trim extension $ext = trim($ext); // check extension exists if (empty($ext) || $ext === $file['name']) { throw new InvalidArgumentException('Upload Failed: The file name does not contain a valid extension.'); } // strip extension $name = WFUtility::stripExtension($name); // make file name 'web safe' $name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8'), $this->get('websafe_spaces'), $this->get('websafe_textcase')); // check name if (WFUtility::validateFileName($name) === false) { throw new InvalidArgumentException('Upload Failed: The file name contains an invalid extension.'); } // target directory $dir = JRequest::getVar('upload-dir'); // deocode directory $dir = rawurldecode($dir); // check destination path WFUtility::checkPath($dir); $upload = $this->get('upload'); // Check file number limits if (!empty($upload['total_files'])) { if ($filesystem->countFiles($dir, true) > $upload['total_files']) { throw new InvalidArgumentException(WFText::_('WF_MANAGER_FILE_LIMIT_ERROR')); } } // Check total file size limit if (!empty($upload['total_size'])) { $size = $filesystem->getTotalSize($dir); if ($size / 1024 / 1024 > $upload['total_size']) { throw new InvalidArgumentException(WFText::_('WF_MANAGER_FILE_SIZE_LIMIT_ERROR')); } } // add random string if ($upload['add_random']) { $name = $name . '_' . substr(md5(uniqid(rand(), 1)), 0, 5); } // rebuild file name - name + extension $name = $name . '.' . $ext; // create a filesystem result object $result = new WFFileSystemResult(); $complete = false; $contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER'); // relative path $relative = WFUtility::makePath($dir, $name); // Only multipart uploading is supported for now if ($contentType && strpos($contentType, "multipart") !== false) { $result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name); if (!$result->state) { if (empty($result->message)) { $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); } $result->code = 103; } @unlink($file['tmp_name']); $complete = true; } else { $result->state = false; $result->code = 103; $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $complete = true; } // upload finished if ($complete) { if ($result instanceof WFFileSystemResult) { if ($result->state === true) { $this->setResult($this->fireEvent('onUpload', array($result->path, $relative))); $this->setResult(basename($result->path), 'files'); } else { $this->setResult($result->message, 'error'); } } die(json_encode($this->getResult())); } }
public static function getBrowserLink($element = null, $filter = '') { // load base classes require_once JPATH_ADMINISTRATOR . '/components/com_jce/includes/base.php'; // set $url as empty string $url = ''; wfimport('editor.libraries.classes.editor'); wfimport('editor.libraries.classes.token'); $wf = WFEditor::getInstance(); // check the current user is in a profile if ($wf->getProfile('browser')) { $token = WFToken::getToken(); $url = 'index.php?option=com_jce&view=editor&layout=plugin&plugin=browser&standalone=1&' . $token . '=1'; if ($element) { $url .= '&element=' . $element; } if ($filter) { $url .= '&filter=' . $filter; } } return $url; }
public function saveEdit($file, $name, $options = array(), $quality = 100) { // Check for request forgeries WFToken::checkToken() or die('Access to this resource is restricted'); // check for image editor access if ($this->checkAccess('image_editor', 1) === false) { JError::raiseError(403, 'Access to this resource is restricted'); } $browser = $this->getBrowser(); $filesystem = $browser->getFileSystem(); // check file self::validateImagePath($file); // clean temp $this->cleanEditorTmp($file, false); // check new name self::validateImagePath($name); $upload = JRequest::getVar('file', '', 'files', 'array'); // create a filesystem result object $result = new WFFileSystemResult(); if (isset($upload) && isset($upload['tmp_name']) && is_uploaded_file($upload['tmp_name'])) { $tmp = $upload['tmp_name']; self::validateImageFile($tmp); $exif = null; // get exif data from orignal file if (preg_match('#\\.jp(eg|g)$#i', basename($file)) && basename($file) == basename($name)) { // load exif classes require_once dirname(__FILE__) . '/pel/PelJpeg.php'; $src = WFUtility::makePath($filesystem->getBaseDir(), $file); $jpeg = new PelJpeg($src); $exif = $jpeg->getExif(); } $result = $filesystem->upload('multipart', trim($tmp), dirname($file), basename($name)); if ($result->state === true && $exif) { $pel = new PelDataWindow($result->path); if (PelJpeg::isValid($pel)) { $jpeg = new PelJpeg(); $jpeg->load($pel); $jpeg->setExif($exif); //$jpeg->saveFile($result->path); // write to file JFile::write($result->path, $jpeg->getBytes()); } } @unlink($tmp); } else { // set upload as false - JSON request $upload = false; $file = WFUtility::makePath($filesystem->getBaseDir(), $file); $dest = dirname($file) . '/' . basename($name); // get extension $ext = WFUtility::getExtension($dest); // load image class require_once dirname(__FILE__) . '/image/image.php'; // create image $image = new WFImage($file, $this->getParam('prefer_imagick', true)); foreach ($options as $filter) { if (isset($filter->task)) { $args = isset($filter->args) ? (array) $filter->args : array(); switch ($filter->task) { case 'resize': $w = $args[0]; $h = $args[1]; $image->resize($w, $h); break; case 'crop': $w = $args[0]; $h = $args[1]; $x = $args[2]; $y = $args[3]; $image->crop($w, $h, $x, $y); break; case 'rotate': $image->rotate(array_shift($args)); break; case 'flip': $image->flip(array_shift($args)); break; default: $image->filter($filter->task, $args); break; } } } // get image data $data = $image->toString($ext); // write to file if ($data) { $result->state = (bool) @JFile::write($dest, $data); } // set path $result->path = $dest; } if ($result->state === true) { // check if its a valid image if (@getimagesize($result->path) === false) { JFile::delete($result->path); throw new InvalidArgumentException('Invalid image file'); } else { $result->path = str_replace(WFUtility::cleanPath(JPATH_SITE), '', $result->path); $browser->setResult(WFUtility::cleanPath($result->path, '/'), 'files'); } } else { $browser->setResult($result->message || WFText::_('WF_IMGMANAGER_EXT_EDIT_SAVE_ERROR'), 'error'); } // set header and exit if ($upload) { header("Expires: Wed, 4 Apr 1984 13:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); die(json_encode($browser->getResult())); } // return to WFRequest return $browser->getResult(); }
/** * pack function for plugins */ public function pack($minify = true, $gzip = false) { if (JRequest::getCmd('task') == 'pack') { // check token WFToken::checkToken('GET') or die('RESTRICTED'); wfimport('admin.classes.packer'); $component = WFExtensionHelper::getComponent(); $params = new WFParameter($component->params); $type = JRequest::getWord('type', 'javascript'); // javascript $packer = new WFPacker(array('type' => $type)); $files = array(); switch ($type) { case 'javascript': foreach ($this->getScripts() as $script => $type) { $script .= preg_match('/\\.js$/', $script) ? '' : '.js'; $files[] = $this->urlToPath($script); } break; case 'css': foreach ($this->getStyleSheets() as $style => $type) { $style .= preg_match('/\\.css$/', $style) ? '' : '.css'; $files[] = $this->urlToPath($style); } break; } $packer->setFiles($files); $packer->pack($minify, $gzip); } }
echo WFText::_('WF_LABEL_DETAILS'); ?> </div> <div id="browser-details"> <div id="browser-details-text"></div> <div id="browser-details-comment"></div> </div> <div class="spacer"></div> <div id="browser-buttons"></div> <div id="browser-details-nav"> <span class="details-nav-left" role="button"></span> <span class="details-nav-text"></span> <span class="details-nav-right" role="button"></span> </div> </div> </div> </fieldset> </div> <!--input type="hidden" name="<?php echo $this->session->getName(); ?> " value="<?php echo $this->session->getId(); ?> " /--> <input type="hidden" name="<?php echo WFToken::getToken(); ?> " value="1" /> </form>
/** * Upload a file. * @return array $error on failure or uploaded file name on success */ public function upload() { // Check for request forgeries WFToken::checkToken() or die; //JError::setErrorHandling(E_ALL, 'callback', array('WFError', 'raiseError')); // check for feature access if (!$this->checkFeature('upload')) { JError::raiseError(403, 'Access to this resource is restricted'); } jimport('joomla.filesystem.file'); // get uploaded file $file = JRequest::getVar('file', '', 'files', 'array'); // validate file data $this->validateUploadedFile($file); $wf = WFEditor::getInstance(); // HTTP headers for no cache etc //header('Content-type: text/plain; charset=UTF-8'); header('Content-Type: text/json;charset=UTF-8'); header("Expires: Wed, 4 Apr 1984 13:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // get file name $name = JRequest::getVar('name', $file['name']); // target directory $dir = JRequest::getVar('upload-dir'); // deocode directory $dir = rawurldecode($dir); // check destination path WFUtility::checkPath($dir); // decode name $name = rawurldecode($name); // check file name WFUtility::checkPath($name); // check for invalid extensions if (preg_match('#\\.(php|phtml|pl|py|jsp|asp|shtml|sh|cgi)$#i', $name)) { throw new InvalidArgumentException('INVALID FILE NAME'); } // get extension $ext = WFUtility::getExtension($name); // strip extension $name = WFUtility::stripExtension($name); // make file name 'web safe' $name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8'), $this->get('websafe_spaces'), $this->get('websafe_textcase')); // empty name if ($name == '') { throw new InvalidArgumentException('INVALID FILE NAME'); } // check for extension in file name if (preg_match('#\\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|html|shtml|sh|cgi)\\b#i', $name)) { throw new InvalidArgumentException('INVALID FILE NAME'); } $upload = $this->get('upload'); // add random string if ($upload['add_random']) { $name = $name . '_' . substr(md5(uniqid(rand(), 1)), 0, 5); } // rebuild file name - name + extension $name = $name . '.' . $ext; // create a filesystem result object $result = new WFFileSystemResult(); $filesystem = $this->getFileSystem(); $complete = false; $contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER'); // Only multipart uploading is supported for now if ($contentType && strpos($contentType, "multipart") !== false) { $result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name); if (!$result->state) { $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $result->code = 103; } @unlink($file['tmp_name']); $complete = true; } else { $result->state = false; $result->code = 103; $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $complete = true; } // upload finished if ($complete) { if ($result instanceof WFFileSystemResult) { if ($result->state === true) { $path = $result->path; // get root dir eg: JPATH_SITE $root = substr($filesystem->getBaseDir(), 0, -strlen($filesystem->getRootDir())); // get relative path $relative = substr($path, strlen($root)); // clean $relative = WFUtility::cleanPath($relative, '/'); $this->setResult($this->fireEvent('onUpload', array($result->path, $relative))); $this->setResult(basename($result->path), 'files'); } else { $this->setResult($result->message, 'error'); } } die(json_encode($this->getResult())); } }
/** * pack function for plugins */ public function pack($minify = true, $gzip = false) { if (JRequest::getCmd('task') == 'pack') { // check token WFToken::checkToken('GET') or die('RESTRICTED'); wfimport('admin.classes.packer'); wfimport('admin.classes.language'); $component = WFExtensionHelper::getComponent(); $params = new WFParameter($component->params); $type = JRequest::getWord('type', 'javascript'); // create packer $packer = new WFPacker(array('type' => $type)); $files = array(); switch ($type) { case 'javascript': $data = ''; foreach ($this->getScripts() as $src => $type) { if (strpos($src, '://') === false && strpos($src, 'index.php') === false) { $src .= preg_match('/\\.js$/', $src) ? '' : '.js'; $files[] = $this->urlToPath($src); } } // parse ini language files $parser = new WFLanguageParser(array('plugins' => array($this->getName()), 'sections' => array('dlg', $this->getName() . '_dlg'), 'mode' => 'plugin')); $data .= $parser->load(); // add script declarations /*foreach ($this->getScriptDeclarations() as $script) { $data .= $script; }*/ $packer->setContentEnd($data); break; case 'css': foreach ($this->getStyleSheets() as $style => $type) { if (strpos($style, '://') === false && strpos($style, 'index.php') === false) { $style .= preg_match('/\\.css$/', $style) ? '' : '.css'; $files[] = $this->urlToPath($style); } } break; } $packer->setFiles($files); $packer->pack($minify, $gzip); } }
public function execute() { WFToken::checkToken() or die('RESTRICTED ACCESS'); // JSON request or upload action if ($this->isRequest()) { $request = WFRequest::getInstance(); $request->process(); } else { $version = $this->getVersion(); $name = $this->getName(); // process javascript languages if (JRequest::getWord('task') == 'loadlanguages') { wfimport('admin.classes.language'); $parser = new WFLanguageParser(array('plugins' => array($name), 'sections' => array('dlg', $name . '_dlg'), 'mode' => 'plugin')); $data = $parser->load(); $parser->output($data); } $this->loadLanguage('com_jce', JPATH_ADMINISTRATOR); // Load Plugin language $this->loadPluginLanguage(); $xml = WFXMLHelper::parseInstallManifest(WF_EDITOR_PLUGIN . '/' . $name . '.xml'); if (isset($xml['version'])) { $version = $xml['version']; } // create the document $document = WFDocument::getInstance(array('version' => $version, 'title' => WFText::_('WF_' . strtoupper($this->getName() . '_TITLE')), 'name' => $name, 'language' => $this->getLanguageTag(), 'direction' => $this->getLanguageDir(), 'compress_javascript' => $this->getParam('editor.compress_javascript', 0), 'compress_css' => $this->getParam('editor.compress_css', 0))); // set standalone mode $document->set('standalone', JRequest::getInt('standalone', 0)); // create display $this->display(); if (WF_INI_LANG) { // ini language $document->addScript(array('index.php?option=com_jce&view=editor&' . $document->getQueryString(array('task' => 'loadlanguages'))), 'joomla'); } // pack assets if required $document->pack(true, $this->getParam('editor.compress_gzip', 0)); // get the view $view = $this->getView(); // set body output $document->setBody($view->loadTemplate()); // render document $document->render(); } }