Ejemplo n.º 1
0
 function WYFileUpload($sN, $multiple = false)
 {
     global $goApp;
     parent::WYHTMLTag("input");
     $this->dAttributes["type"] = "file";
     if ($multiple) {
         $this->dAttributes["name"] = $sN . '[]';
         $this->dAttributes["multiple"] = "multiple";
     } else {
         $this->dAttributes["name"] = $sN;
     }
     $this->dFileInfos = od_nil;
     if (isset($_FILES[$sN])) {
         $this->dFileInfos = $_FILES[$sN];
         // how many files?
         if (is_array($this->dFileInfos["name"])) {
             $this->iNrOfFiles = count($this->dFileInfos["name"]);
         } else {
             $this->iNrOfFiles = 1;
             $tmpFI = array("name" => array($this->dFileInfos["name"]), "type" => array($this->dFileInfos["type"]), "tmp_name" => array($this->dFileInfos["tmp_name"]), "error" => array($this->dFileInfos["error"]), "size" => array($this->dFileInfos["size"]));
             $this->dFileInfos = $tmpFI;
             $tmpFI = NULL;
         }
         for ($i = 0; $i < $this->iNrOfFiles; $i++) {
             // security check
             $sOFN = isset($this->dFileInfos["name"][$i]) ? $this->dFileInfos["name"][$i] : "";
             $oOFN = new WYPath($sOFN);
             if (!$oOFN->bCheck(WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
                 $goApp->log("error on file upload: illegal file type/name <{$sOFN}>");
                 @unlink($this->dFileInfos["tmp_name"][$j]);
                 // delete evil uploaded file
             } else {
                 if ($this->bFileUploaded($i) && $this->bUploadOK($i)) {
                     $oTmpPath = new WYPath($this->dFileInfos["tmp_name"][$i]);
                     $oToPath = od_clone($goApp->oDataPath);
                     $oToPath->addComponent($oTmpPath->sBasename());
                     if (!$goApp->move_uploaded_file($oTmpPath, $oToPath)) {
                         $goApp->log("WYFileUpload: Could not move uploaded file " . $oTmpPath->sPath . " to " . $oToPath->sPath);
                     } else {
                         $this->dFileInfos["tmp_name"][$i] = $oToPath->sPath;
                     }
                 } else {
                     $goApp->log("error on file upload: " . $this->iErrorCode() . ": " . $this->sErrorMessage());
                 }
             }
         }
     }
 }
Ejemplo n.º 2
0
 function WYAudioElement($sN, $sL)
 {
     global $goApp;
     parent::WYAttachmentElement($sN);
     $this->sEditorPageName = "audio.php";
     $this->iEditorWidth = 650;
     $this->iEditorHeight = 250;
     $this->sEditButtonCSSClass = "WebYepAudioEditButton";
     $this->setVersion(WY_AUDIO_VERSION);
     $this->sLinkContent = $sL;
     if ($this->sOriginalFilename()) {
         $oP = new WYPath($this->sOriginalFilename());
         if (!$oP->bCheck(WYPATH_CHECK_JUSTAUDIO | WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
             $goApp->log("missuse of audio element, filename: " . $oP->sPath);
             exit(0);
         }
         unset($oP);
         $oP = new WYPath($this->sDownloadFileName());
         if (!$oP->bCheck(WYPATH_CHECK_JUSTAUDIO | WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
             $goApp->log("missuse of audio element, filename: " . $oP->sPath);
             exit(0);
         }
     }
 }
Ejemplo n.º 3
0
<?php

// WebYep
// (C) Objective Development Software GmbH
// http://www.obdev.at
$webyep_bDocumentPage = false;
$webyep_sIncludePath = ".";
include_once "{$webyep_sIncludePath}/webyep.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/elements/WYAudioElement.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYPath.php";
$oFilename = new WYPath($_GET[WY_QK_AUDIO_FILENAME]);
if (!$oFilename->bCheck(WYPATH_CHECK_JUSTAUDIO | WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
    $goApp->log("missuse of mp3 player script, path: " . $oFilename->sPath);
    exit(0);
}
$oURL = od_clone($goApp->oDataURL);
$oURL->addComponent($oFilename->sPath);
?>
<html>
<head>
<title><?php 
echo WYTS("MP3PlayerWindowTitle");
?>
</title>
<style type="text/css">
body {
	background-color: black;
}
</style>
</head>
<body>
Ejemplo n.º 4
0
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYFile.php";
$aMimeTypes['pdf'] = "application/pdf";
$aMimeTypes['htm'] = "text/html";
$aMimeTypes['html'] = "text/html";
$aMimeTypes['php'] = "application/binary";
$aMimeTypes['txt'] = "text/plain";
$aMimeTypes['gif'] = "image/gif";
$aMimeTypes['jpg'] = "image/jpeg";
$oFilename = new WYPath($_GET[WY_QK_DOWNLOAD_FILENAME]);
$oOrgFilename = new WYPath($_GET[WY_QK_ORIGINAL_FILENAME]);
$sClientIP = $goApp->sClientIP();
if (!$oFilename->bCheck(WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
    $goApp->log("missuse of download script from {$sClientIP}, path: " . $oFilename->sPath);
    exit(0);
}
if (!$oOrgFilename->bCheck(WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
    $goApp->log("missuse of download script from {$sClientIP}, org file path: " . $oOrgFilename->sPath);
    exit(0);
}
$sOrgFilename = str_replace(" ", "_", $oOrgFilename->sPath);
$oPath = od_clone($goApp->oDataPath);
$oPath->addComponent($oFilename->sPath);
if (strpos($oPath->sPath, "webyep-system") === false) {
    // goApp's log won't work when data path was modified! -> echo
    echo "missuse of download script from {$sClientIP}, mangled data path: " . $oPath->sPath;
    exit(0);
}
$sExtenstion = $oPath->sExtension();
$oF = new WYFile($oPath);
if (!$oF->bExists()) {
    $oPath->removeDemoSlotID();
Ejemplo n.º 5
0
 function sDataFileName($bCreate)
 {
     global $goApp;
     $sFilename = "";
     $sPrefix = "";
     $iPageID = 0;
     $i = 0;
     $sFilename = $this->sFieldNameForFile();
     if (!$this->bGlobal) {
         $iPageID = $goApp->oDocument->iPageID($bCreate);
         if ($iPageID) {
             if ($this->bUseDocumentInstance()) {
                 $iDocInstance = $goApp->oDocument->iDocumentInstance();
             } else {
                 $iDocInstance = 0;
             }
             if ($this->bUseLoopID()) {
                 $iLoopID = $goApp->oDocument->iLoopID();
             } else {
                 $iLoopID = 0;
             }
             $sPrefix = WYElement::sDataFileNamePrefix($iPageID, $iDocInstance, $iLoopID);
             $sFilename = $sPrefix . "-" . $sFilename;
         } else {
             $sFilename = "";
         }
     }
     if ($sFilename) {
         $oP = new WYPath($sFilename);
         if (!$oP->bCheck(WYPATH_CHECK_NOPATH)) {
             $sFilename = "";
         }
     }
     return $sFilename;
 }
Ejemplo n.º 6
0
$sLangCode = $oHFLanguageCode->sValue();
$oHFAction = new WYHiddenField(ACTION);
$sAction = $oHFAction->sValue();
//	$sResponse = WYTS("RichTextSaved");
//   $oCKBaseURL = od_clone($goApp->oProgramURL);
//   $oCKBaseURL->addComponent("opt");
//   $oCKBaseURL->addComponent("ckeditor");
//	$oCKJSURL = od_clone($oCKBaseURL);
//	$oCKJSURL->addComponent("ckeditor.js");
$goApp->outputWarningPanels();
// give App a chance to say something
if ($sAction == ACTION_DELETE) {
    $oHFFilename = new WYHiddenField(FILENAME);
    $oFullPath = od_clone($goApp->oDataPath);
    $oFilename = new WYPath($oHFFilename->sValue());
    if ($oFilename->bCheck(WYPATH_CHECK_JUSTIMAGE | WYPATH_CHECK_NOPATH)) {
        $oFullPath->addComponent($oFilename->sPath);
        $oFile = new WYFile($oFullPath);
        $oFile->bDelete();
    }
}
$aEntries = array();
$r = opendir($goApp->oDataPath->sPath);
while (($sEntry = readdir($r)) !== false) {
    if ($sEntry[0] == ".") {
        continue;
    }
    if (substr($sEntry, 0, 5) != "rtimg") {
        continue;
    }
    unset($dEntry);
Ejemplo n.º 7
0
// (C) Objective Development Software GmbH
// http://www.obdev.at
$webyep_bDocumentPage = false;
$webyep_sIncludePath = ".";
include_once "{$webyep_sIncludePath}/webyep.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYImage.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYPath.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/elements/WYImageElement.php";
$oImage = $oURL = od_nil;
$sFilename = "";
if (isset($_GET[WY_QK_IMAGE_DETAIL])) {
    $sFilename = $_GET[WY_QK_IMAGE_DETAIL];
    $sAltText = $_GET[WY_QK_IMAGE_ALTTEXT];
    $bDemoContent = $_GET[WY_QK_IMAGE_DEMOCONTENT];
    $oP = new WYPath($sFilename);
    if (!$oP->bCheck(WYPATH_CHECK_NOPATH | WYPATH_CHECK_JUSTIMAGE)) {
        $goApp->log("illegal filename in image-detail: <{$sFilename}>");
        exit(-1);
    }
    $oURL = od_clone($goApp->oDataURL);
    if ($bDemoContent) {
        $oURL->removeDemoSlotID();
    }
    $oURL->addComponent($sFilename);
    $oImage = new WYImage($oURL);
    if ($sAltText) {
        $oImage->setAttribute("alt", $sAltText);
    }
    $iW = $oImage->iWidth();
    $iH = $oImage->iHeight();
    if (!$sAltText) {