public function checkFile($file, array $config)
{
$driver = isset($config['imageDriversPriority']) ? image::getDriver(explode(" ", $config['imageDriversPriority'])) : "gd";
$img = image::factory($driver, $file);
if ($img->initError) {
return "Unknown image format/encoding.";
}
return true;
}
public function __construct()
{
// SET CMS INTEGRATION PROPERTY
if (isset($_GET['cms']) && $this->checkFilename($_GET['cms']) && is_file("integration/{$_GET['cms']}.php")) {
$this->cms = $_GET['cms'];
}
// LINKING UPLOADED FILE
if (count($_FILES)) {
$this->file =& $_FILES[key($_FILES)];
}
// LOAD DEFAULT CONFIGURATION
require "conf/config.php";
// SETTING UP SESSION
if (!session_id()) {
if (isset($_CONFIG['_sessionLifetime'])) {
ini_set('session.gc_maxlifetime', $_CONFIG['_sessionLifetime'] * 60);
}
if (isset($_CONFIG['_sessionDir'])) {
ini_set('session.save_path', $_CONFIG['_sessionDir']);
}
if (isset($_CONFIG['_sessionDomain'])) {
ini_set('session.cookie_domain', $_CONFIG['_sessionDomain']);
}
session_start();
}
// LOAD SESSION CONFIGURATION IF EXISTS
$this->config = $_CONFIG;
$sessVar = "_sessionVar";
if (isset($_CONFIG[$sessVar])) {
$sessVar = $_CONFIG[$sessVar];
if (!isset($_SESSION[$sessVar])) {
$_SESSION[$sessVar] = array();
}
$sessVar =& $_SESSION[$sessVar];
if (!is_array($sessVar)) {
$sessVar = array();
}
foreach ($sessVar as $key => $val) {
if (substr($key, 0, 1) != "_" && isset($_CONFIG[$key])) {
$this->config[$key] = $val;
}
}
if (!isset($sessVar['self'])) {
$sessVar['self'] = array();
}
$this->session =& $sessVar['self'];
} else {
$this->session =& $_SESSION;
}
// SECURING THE SESSION
$stamp = array('ip' => $_SERVER['REMOTE_ADDR'], 'agent' => md5($_SERVER['HTTP_USER_AGENT']));
if (!isset($this->session['stamp'])) {
$this->session['stamp'] = $stamp;
} elseif (!is_array($this->session['stamp']) || $this->session['stamp'] !== $stamp) {
if ($this->session['stamp']['ip'] === $stamp['ip']) {
session_destroy();
}
die;
}
// IMAGE DRIVER INIT
if (isset($this->config['imageDriversPriority'])) {
$this->config['imageDriversPriority'] = text::clearWhitespaces($this->config['imageDriversPriority']);
$driver = image::getDriver(explode(' ', $this->config['imageDriversPriority']));
if ($driver !== false) {
$this->imageDriver = $driver;
}
}
if ((!isset($driver) || $driver === false) && image::getDriver(array($this->imageDriver)) === false) {
die("Cannot find any of the supported PHP image extensions!");
}
// WATERMARK INIT
if (isset($this->config['watermark']) && is_string($this->config['watermark'])) {
$this->config['watermark'] = array('file' => $this->config['watermark']);
}
// GET TYPE DIRECTORY
$this->types =& $this->config['types'];
$firstType = array_keys($this->types);
$firstType = $firstType[0];
$this->type = isset($_GET['type']) && isset($this->types[$_GET['type']]) ? $_GET['type'] : $firstType;
// LOAD TYPE DIRECTORY SPECIFIC CONFIGURATION IF EXISTS
if (is_array($this->types[$this->type])) {
foreach ($this->types[$this->type] as $key => $val) {
if (in_array($key, $this->typeSettings)) {
$this->config[$key] = $val;
}
}
$this->types[$this->type] = isset($this->types[$this->type]['type']) ? $this->types[$this->type]['type'] : "";
}
// COOKIES INIT
$ip = '(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)';
$ip = '/^' . implode('\\.', array($ip, $ip, $ip, $ip)) . '$/';
if (preg_match($ip, $_SERVER['HTTP_HOST']) || preg_match('/^[^\\.]+$/', $_SERVER['HTTP_HOST'])) {
$this->config['cookieDomain'] = "";
} elseif (!strlen($this->config['cookieDomain'])) {
$this->config['cookieDomain'] = $_SERVER['HTTP_HOST'];
}
if (!strlen($this->config['cookiePath'])) {
$this->config['cookiePath'] = "/";
}
// UPLOAD FOLDER INIT
// FULL URL
if (preg_match('/^([a-z]+)\\:\\/\\/([^\\/^\\:]+)(\\:(\\d+))?\\/(.+)\\/?$/', $this->config['uploadURL'], $patt)) {
list($unused, $protocol, $domain, $unused, $port, $path) = $patt;
$path = path::normalize($path);
$this->config['uploadURL'] = "{$protocol}://{$domain}" . (strlen($port) ? ":{$port}" : "") . "/{$path}";
$this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::url2fullPath("/{$path}");
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
// SITE ROOT
} elseif ($this->config['uploadURL'] == "/") {
$this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::normalize($_SERVER['DOCUMENT_ROOT']);
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "/{$this->type}";
// ABSOLUTE & RELATIVE
} else {
$this->config['uploadURL'] = substr($this->config['uploadURL'], 0, 1) === "/" ? path::normalize($this->config['uploadURL']) : path::rel2abs_url($this->config['uploadURL']);
$this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::url2fullPath($this->config['uploadURL']);
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
}
// HOST APPLICATIONS INIT
if (isset($_GET['CKEditorFuncNum'])) {
$this->opener['name'] = "ckeditor";
$this->opener['CKEditor'] = array('funcNum' => $_GET['CKEditorFuncNum']);
} elseif (isset($_GET['opener'])) {
$this->opener['name'] = $_GET['opener'];
if ($_GET['opener'] == "tinymce") {
if (!isset($this->config['_tinyMCEPath']) || !strlen($this->config['_tinyMCEPath'])) {
$this->opener['name'] = false;
}
} elseif ($_GET['opener'] == "tinymce4") {
if (!isset($_GET['field'])) {
$this->opener['name'] = false;
} else {
$this->opener['TinyMCE'] = array('field' => $_GET['field']);
}
}
} else {
$this->opener['name'] = false;
}
// LOCALIZATION
foreach ($this->langInputNames as $key) {
if (isset($_GET[$key]) && preg_match('/^[a-z][a-z\\._\\-]*$/i', $_GET[$key]) && file_exists("lang/" . strtolower($_GET[$key]) . ".php")) {
$this->lang = $_GET[$key];
break;
}
}
$this->localize($this->lang);
// IF BROWSER IS ENABLED
if (!$this->config['disabled']) {
// TRY TO CREATE UPLOAD DIRECTORY IF NOT EXISTS
if (!$this->config['disabled'] && !is_dir($this->config['uploadDir'])) {
@mkdir($this->config['uploadDir'], $this->config['dirPerms']);
}
// CHECK & MAKE DEFAULT .htaccess
if (isset($this->config['_check4htaccess']) && $this->config['_check4htaccess']) {
$htaccess = "{$this->config['uploadDir']}/.htaccess";
$original = $this->get_htaccess();
if (!file_exists($htaccess)) {
if (!@file_put_contents($htaccess, $original)) {
$this->backMsg("Cannot write to upload folder. {$this->config['uploadDir']}");
}
} else {
if (false === ($data = @file_get_contents($htaccess))) {
$this->backMsg("Cannot read .htaccess");
}
if ($data != $original && !@file_put_contents($htaccess, $original)) {
$this->backMsg("Incorrect .htaccess file. Cannot rewrite it!");
}
}
}
// CHECK & CREATE UPLOAD FOLDER
if (!is_dir($this->typeDir)) {
if (!mkdir($this->typeDir, $this->config['dirPerms'])) {
$this->backMsg("Cannot create {dir} folder.", array('dir' => $this->type));
}
} elseif (!is_readable($this->typeDir)) {
$this->backMsg("Cannot read upload folder.");
}
}
}
public function __construct()
{
// DISABLE MAGIC QUOTES
if (function_exists('set_magic_quotes_runtime')) {
@set_magic_quotes_runtime(false);
}
// INPUT INIT
$input = new input();
$this->get =& $input->get;
$this->post =& $input->post;
$this->cookie =& $input->cookie;
// SET CMS INTEGRATION ATTRIBUTE
if (isset($this->get['cms']) && in_array($this->get['cms'], array("drupal"))) {
$this->cms = $this->get['cms'];
}
// LINKING UPLOADED FILE
if (count($_FILES)) {
$this->file =& $_FILES[key($_FILES)];
}
// LOAD DEFAULT CONFIGURATION
require "config.php";
// SETTING UP SESSION
if (isset($_CONFIG['_sessionLifetime'])) {
ini_set('session.gc_maxlifetime', $_CONFIG['_sessionLifetime'] * 60);
}
if (isset($_CONFIG['_sessionDir'])) {
ini_set('session.save_path', $_CONFIG['_sessionDir']);
}
if (isset($_CONFIG['_sessionDomain'])) {
ini_set('session.cookie_domain', $_CONFIG['_sessionDomain']);
}
switch ($this->cms) {
case "drupal":
break;
default:
session_start();
break;
}
// RELOAD DEFAULT CONFIGURATION
require "config.php";
$this->config = $_CONFIG;
// LOAD SESSION CONFIGURATION IF EXISTS
if (isset($_CONFIG['_sessionVar']) && is_array($_CONFIG['_sessionVar'])) {
foreach ($_CONFIG['_sessionVar'] as $key => $val) {
if (substr($key, 0, 1) != "_" && isset($_CONFIG[$key])) {
$this->config[$key] = $val;
}
}
if (!isset($this->config['_sessionVar']['self'])) {
$this->config['_sessionVar']['self'] = array();
}
$this->session =& $this->config['_sessionVar']['self'];
} else {
$this->session =& $_SESSION;
}
// SET DYNAMIC UPLOAD URL
if (!empty($_GET['uploadUrl'])) {
$_CONFIG['uploadURL'] .= str_replace("..", "", str_replace("../", "", $_GET['uploadUrl']));
$this->config['uploadURL'] = $_CONFIG['uploadURL'];
} else {
if (!empty($_SESSION['kcFinder_uploadUrl'])) {
$_CONFIG['uploadURL'] .= str_replace("..", "", str_replace("../", "", $_SESSION['kcFinder_uploadUrl']));
$this->config['uploadURL'] = $_CONFIG['uploadURL'];
}
}
// IMAGE DRIVER INIT
if (isset($this->config['imageDriversPriority'])) {
$this->config['imageDriversPriority'] = text::clearWhitespaces($this->config['imageDriversPriority']);
$driver = image::getDriver(explode(' ', $this->config['imageDriversPriority']));
if ($driver !== false) {
$this->imageDriver = $driver;
}
}
if ((!isset($driver) || $driver === false) && image::getDriver(array($this->imageDriver)) === false) {
die("Cannot find any of the supported PHP image extensions!");
}
// WATERMARK INIT
if (isset($this->config['watermark']) && is_string($this->config['watermark'])) {
$this->config['watermark'] = array('file' => $this->config['watermark']);
}
// GET TYPE DIRECTORY
$this->types =& $this->config['types'];
$firstType = array_keys($this->types);
$firstType = $firstType[0];
$this->type = isset($this->get['type']) && isset($this->types[$this->get['type']]) ? $this->get['type'] : $firstType;
// LOAD TYPE DIRECTORY SPECIFIC CONFIGURATION IF EXISTS
if (is_array($this->types[$this->type])) {
foreach ($this->types[$this->type] as $key => $val) {
if (in_array($key, $this->typeSettings)) {
$this->config[$key] = $val;
}
}
$this->types[$this->type] = isset($this->types[$this->type]['type']) ? $this->types[$this->type]['type'] : "";
}
// COOKIES INIT
$ip = '(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)';
$ip = '/^' . implode('\\.', array($ip, $ip, $ip, $ip)) . '$/';
if (preg_match($ip, $_SERVER['HTTP_HOST']) || preg_match('/^[^\\.]+$/', $_SERVER['HTTP_HOST'])) {
$this->config['cookieDomain'] = "";
} elseif (!strlen($this->config['cookieDomain'])) {
$this->config['cookieDomain'] = $_SERVER['HTTP_HOST'];
}
if (!strlen($this->config['cookiePath'])) {
$this->config['cookiePath'] = "/";
}
// UPLOAD FOLDER INIT
// FULL URL
if (preg_match('/^([a-z]+)\\:\\/\\/([^\\/^\\:]+)(\\:(\\d+))?\\/(.+)\\/?$/', $this->config['uploadURL'], $patt)) {
list($unused, $protocol, $domain, $unused, $port, $path) = $patt;
$path = path::normalize($path);
$this->config['uploadURL'] = "{$protocol}://{$domain}" . (strlen($port) ? ":{$port}" : "") . "/{$path}";
$this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::url2fullPath("/{$path}");
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
// SITE ROOT
} elseif ($this->config['uploadURL'] == "/") {
$this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::normalize($_SERVER['DOCUMENT_ROOT']);
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "/{$this->type}";
// ABSOLUTE & RELATIVE
} else {
$this->config['uploadURL'] = substr($this->config['uploadURL'], 0, 1) === "/" ? path::normalize($this->config['uploadURL']) : path::rel2abs_url($this->config['uploadURL']);
$this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::url2fullPath($this->config['uploadURL']);
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
}
if (!is_dir($this->config['uploadDir'])) {
@mkdir($this->config['uploadDir'], $this->config['dirPerms']);
}
// HOST APPLICATIONS INIT
if (isset($this->get['CKEditorFuncNum'])) {
$this->opener['CKEditor']['funcNum'] = $this->get['CKEditorFuncNum'];
}
if (isset($this->get['opener']) && strtolower($this->get['opener']) == "tinymce" && isset($this->config['_tinyMCEPath']) && strlen($this->config['_tinyMCEPath'])) {
$this->opener['TinyMCE'] = true;
}
// LOCALIZATION
foreach ($this->langInputNames as $key) {
if (isset($this->get[$key]) && preg_match('/^[a-z][a-z\\._\\-]*$/i', $this->get[$key]) && file_exists("lang/" . strtolower($this->get[$key]) . ".php")) {
$this->lang = $this->get[$key];
break;
}
}
$this->localize($this->lang);
// CHECK & MAKE DEFAULT .htaccess
if (isset($this->config['_check4htaccess']) && $this->config['_check4htaccess']) {
$htaccess = "{$this->config['uploadDir']}/.htaccess";
if (!file_exists($htaccess)) {
if (!@file_put_contents($htaccess, $this->get_htaccess())) {
$this->backMsg("Cannot write to upload folder. {$this->config['uploadDir']}");
}
} else {
if (false === ($data = @file_get_contents($htaccess))) {
$this->backMsg("Cannot read .htaccess");
}
if ($data != $this->get_htaccess() && !@file_put_contents($htaccess, $data)) {
$this->backMsg("Incorrect .htaccess file. Cannot rewrite it!");
}
}
}
// CHECK & CREATE UPLOAD FOLDER
if (!is_dir($this->typeDir)) {
if (!mkdir($this->typeDir, $this->config['dirPerms'])) {
$this->backMsg("Cannot create {dir} folder.", array('dir' => $this->type));
}
} elseif (!is_readable($this->typeDir)) {
$this->backMsg("Cannot read upload folder.");
}
}