Ejemplo n.º 1
0
 public function checkFile($file, array $config)
 {
     $driver = isset($config['imageDriversPriority']) ? image::getDriver(explode(" ", $config['imageDriversPriority'])) : "gd";
     $img = image::factory($driver, $file);
     if ($img->initError) {
         return "Unknown image format/encoding.";
     }
     return true;
 }
Ejemplo n.º 2
0
 public function __construct()
 {
     // SET CMS INTEGRATION PROPERTY
     if (isset($_GET['cms']) && $this->checkFilename($_GET['cms']) && is_file("integration/{$_GET['cms']}.php")) {
         $this->cms = $_GET['cms'];
     }
     // LINKING UPLOADED FILE
     if (count($_FILES)) {
         $this->file =& $_FILES[key($_FILES)];
     }
     // LOAD DEFAULT CONFIGURATION
     require "conf/config.php";
     // SETTING UP SESSION
     if (!session_id()) {
         if (isset($_CONFIG['_sessionLifetime'])) {
             ini_set('session.gc_maxlifetime', $_CONFIG['_sessionLifetime'] * 60);
         }
         if (isset($_CONFIG['_sessionDir'])) {
             ini_set('session.save_path', $_CONFIG['_sessionDir']);
         }
         if (isset($_CONFIG['_sessionDomain'])) {
             ini_set('session.cookie_domain', $_CONFIG['_sessionDomain']);
         }
         session_start();
     }
     // LOAD SESSION CONFIGURATION IF EXISTS
     $this->config = $_CONFIG;
     $sessVar = "_sessionVar";
     if (isset($_CONFIG[$sessVar])) {
         $sessVar = $_CONFIG[$sessVar];
         if (!isset($_SESSION[$sessVar])) {
             $_SESSION[$sessVar] = array();
         }
         $sessVar =& $_SESSION[$sessVar];
         if (!is_array($sessVar)) {
             $sessVar = array();
         }
         foreach ($sessVar as $key => $val) {
             if (substr($key, 0, 1) != "_" && isset($_CONFIG[$key])) {
                 $this->config[$key] = $val;
             }
         }
         if (!isset($sessVar['self'])) {
             $sessVar['self'] = array();
         }
         $this->session =& $sessVar['self'];
     } else {
         $this->session =& $_SESSION;
     }
     // SECURING THE SESSION
     $stamp = array('ip' => $_SERVER['REMOTE_ADDR'], 'agent' => md5($_SERVER['HTTP_USER_AGENT']));
     if (!isset($this->session['stamp'])) {
         $this->session['stamp'] = $stamp;
     } elseif (!is_array($this->session['stamp']) || $this->session['stamp'] !== $stamp) {
         if ($this->session['stamp']['ip'] === $stamp['ip']) {
             session_destroy();
         }
         die;
     }
     // IMAGE DRIVER INIT
     if (isset($this->config['imageDriversPriority'])) {
         $this->config['imageDriversPriority'] = text::clearWhitespaces($this->config['imageDriversPriority']);
         $driver = image::getDriver(explode(' ', $this->config['imageDriversPriority']));
         if ($driver !== false) {
             $this->imageDriver = $driver;
         }
     }
     if ((!isset($driver) || $driver === false) && image::getDriver(array($this->imageDriver)) === false) {
         die("Cannot find any of the supported PHP image extensions!");
     }
     // WATERMARK INIT
     if (isset($this->config['watermark']) && is_string($this->config['watermark'])) {
         $this->config['watermark'] = array('file' => $this->config['watermark']);
     }
     // GET TYPE DIRECTORY
     $this->types =& $this->config['types'];
     $firstType = array_keys($this->types);
     $firstType = $firstType[0];
     $this->type = isset($_GET['type']) && isset($this->types[$_GET['type']]) ? $_GET['type'] : $firstType;
     // LOAD TYPE DIRECTORY SPECIFIC CONFIGURATION IF EXISTS
     if (is_array($this->types[$this->type])) {
         foreach ($this->types[$this->type] as $key => $val) {
             if (in_array($key, $this->typeSettings)) {
                 $this->config[$key] = $val;
             }
         }
         $this->types[$this->type] = isset($this->types[$this->type]['type']) ? $this->types[$this->type]['type'] : "";
     }
     // COOKIES INIT
     $ip = '(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)';
     $ip = '/^' . implode('\\.', array($ip, $ip, $ip, $ip)) . '$/';
     if (preg_match($ip, $_SERVER['HTTP_HOST']) || preg_match('/^[^\\.]+$/', $_SERVER['HTTP_HOST'])) {
         $this->config['cookieDomain'] = "";
     } elseif (!strlen($this->config['cookieDomain'])) {
         $this->config['cookieDomain'] = $_SERVER['HTTP_HOST'];
     }
     if (!strlen($this->config['cookiePath'])) {
         $this->config['cookiePath'] = "/";
     }
     // UPLOAD FOLDER INIT
     // FULL URL
     if (preg_match('/^([a-z]+)\\:\\/\\/([^\\/^\\:]+)(\\:(\\d+))?\\/(.+)\\/?$/', $this->config['uploadURL'], $patt)) {
         list($unused, $protocol, $domain, $unused, $port, $path) = $patt;
         $path = path::normalize($path);
         $this->config['uploadURL'] = "{$protocol}://{$domain}" . (strlen($port) ? ":{$port}" : "") . "/{$path}";
         $this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::url2fullPath("/{$path}");
         $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
         $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
         // SITE ROOT
     } elseif ($this->config['uploadURL'] == "/") {
         $this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::normalize($_SERVER['DOCUMENT_ROOT']);
         $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
         $this->typeURL = "/{$this->type}";
         // ABSOLUTE & RELATIVE
     } else {
         $this->config['uploadURL'] = substr($this->config['uploadURL'], 0, 1) === "/" ? path::normalize($this->config['uploadURL']) : path::rel2abs_url($this->config['uploadURL']);
         $this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::url2fullPath($this->config['uploadURL']);
         $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
         $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
     }
     // HOST APPLICATIONS INIT
     if (isset($_GET['CKEditorFuncNum'])) {
         $this->opener['name'] = "ckeditor";
         $this->opener['CKEditor'] = array('funcNum' => $_GET['CKEditorFuncNum']);
     } elseif (isset($_GET['opener'])) {
         $this->opener['name'] = $_GET['opener'];
         if ($_GET['opener'] == "tinymce") {
             if (!isset($this->config['_tinyMCEPath']) || !strlen($this->config['_tinyMCEPath'])) {
                 $this->opener['name'] = false;
             }
         } elseif ($_GET['opener'] == "tinymce4") {
             if (!isset($_GET['field'])) {
                 $this->opener['name'] = false;
             } else {
                 $this->opener['TinyMCE'] = array('field' => $_GET['field']);
             }
         }
     } else {
         $this->opener['name'] = false;
     }
     // LOCALIZATION
     foreach ($this->langInputNames as $key) {
         if (isset($_GET[$key]) && preg_match('/^[a-z][a-z\\._\\-]*$/i', $_GET[$key]) && file_exists("lang/" . strtolower($_GET[$key]) . ".php")) {
             $this->lang = $_GET[$key];
             break;
         }
     }
     $this->localize($this->lang);
     // IF BROWSER IS ENABLED
     if (!$this->config['disabled']) {
         // TRY TO CREATE UPLOAD DIRECTORY IF NOT EXISTS
         if (!$this->config['disabled'] && !is_dir($this->config['uploadDir'])) {
             @mkdir($this->config['uploadDir'], $this->config['dirPerms']);
         }
         // CHECK & MAKE DEFAULT .htaccess
         if (isset($this->config['_check4htaccess']) && $this->config['_check4htaccess']) {
             $htaccess = "{$this->config['uploadDir']}/.htaccess";
             $original = $this->get_htaccess();
             if (!file_exists($htaccess)) {
                 if (!@file_put_contents($htaccess, $original)) {
                     $this->backMsg("Cannot write to upload folder. {$this->config['uploadDir']}");
                 }
             } else {
                 if (false === ($data = @file_get_contents($htaccess))) {
                     $this->backMsg("Cannot read .htaccess");
                 }
                 if ($data != $original && !@file_put_contents($htaccess, $original)) {
                     $this->backMsg("Incorrect .htaccess file. Cannot rewrite it!");
                 }
             }
         }
         // CHECK & CREATE UPLOAD FOLDER
         if (!is_dir($this->typeDir)) {
             if (!mkdir($this->typeDir, $this->config['dirPerms'])) {
                 $this->backMsg("Cannot create {dir} folder.", array('dir' => $this->type));
             }
         } elseif (!is_readable($this->typeDir)) {
             $this->backMsg("Cannot read upload folder.");
         }
     }
 }
Ejemplo n.º 3
0
 public function __construct()
 {
     // DISABLE MAGIC QUOTES
     if (function_exists('set_magic_quotes_runtime')) {
         @set_magic_quotes_runtime(false);
     }
     // INPUT INIT
     $input = new input();
     $this->get =& $input->get;
     $this->post =& $input->post;
     $this->cookie =& $input->cookie;
     // SET CMS INTEGRATION ATTRIBUTE
     if (isset($this->get['cms']) && in_array($this->get['cms'], array("drupal"))) {
         $this->cms = $this->get['cms'];
     }
     // LINKING UPLOADED FILE
     if (count($_FILES)) {
         $this->file =& $_FILES[key($_FILES)];
     }
     // LOAD DEFAULT CONFIGURATION
     require "config.php";
     // SETTING UP SESSION
     if (isset($_CONFIG['_sessionLifetime'])) {
         ini_set('session.gc_maxlifetime', $_CONFIG['_sessionLifetime'] * 60);
     }
     if (isset($_CONFIG['_sessionDir'])) {
         ini_set('session.save_path', $_CONFIG['_sessionDir']);
     }
     if (isset($_CONFIG['_sessionDomain'])) {
         ini_set('session.cookie_domain', $_CONFIG['_sessionDomain']);
     }
     switch ($this->cms) {
         case "drupal":
             break;
         default:
             session_start();
             break;
     }
     // RELOAD DEFAULT CONFIGURATION
     require "config.php";
     $this->config = $_CONFIG;
     // LOAD SESSION CONFIGURATION IF EXISTS
     if (isset($_CONFIG['_sessionVar']) && is_array($_CONFIG['_sessionVar'])) {
         foreach ($_CONFIG['_sessionVar'] as $key => $val) {
             if (substr($key, 0, 1) != "_" && isset($_CONFIG[$key])) {
                 $this->config[$key] = $val;
             }
         }
         if (!isset($this->config['_sessionVar']['self'])) {
             $this->config['_sessionVar']['self'] = array();
         }
         $this->session =& $this->config['_sessionVar']['self'];
     } else {
         $this->session =& $_SESSION;
     }
     // SET DYNAMIC UPLOAD URL
     if (!empty($_GET['uploadUrl'])) {
         $_CONFIG['uploadURL'] .= str_replace("..", "", str_replace("../", "", $_GET['uploadUrl']));
         $this->config['uploadURL'] = $_CONFIG['uploadURL'];
     } else {
         if (!empty($_SESSION['kcFinder_uploadUrl'])) {
             $_CONFIG['uploadURL'] .= str_replace("..", "", str_replace("../", "", $_SESSION['kcFinder_uploadUrl']));
             $this->config['uploadURL'] = $_CONFIG['uploadURL'];
         }
     }
     // IMAGE DRIVER INIT
     if (isset($this->config['imageDriversPriority'])) {
         $this->config['imageDriversPriority'] = text::clearWhitespaces($this->config['imageDriversPriority']);
         $driver = image::getDriver(explode(' ', $this->config['imageDriversPriority']));
         if ($driver !== false) {
             $this->imageDriver = $driver;
         }
     }
     if ((!isset($driver) || $driver === false) && image::getDriver(array($this->imageDriver)) === false) {
         die("Cannot find any of the supported PHP image extensions!");
     }
     // WATERMARK INIT
     if (isset($this->config['watermark']) && is_string($this->config['watermark'])) {
         $this->config['watermark'] = array('file' => $this->config['watermark']);
     }
     // GET TYPE DIRECTORY
     $this->types =& $this->config['types'];
     $firstType = array_keys($this->types);
     $firstType = $firstType[0];
     $this->type = isset($this->get['type']) && isset($this->types[$this->get['type']]) ? $this->get['type'] : $firstType;
     // LOAD TYPE DIRECTORY SPECIFIC CONFIGURATION IF EXISTS
     if (is_array($this->types[$this->type])) {
         foreach ($this->types[$this->type] as $key => $val) {
             if (in_array($key, $this->typeSettings)) {
                 $this->config[$key] = $val;
             }
         }
         $this->types[$this->type] = isset($this->types[$this->type]['type']) ? $this->types[$this->type]['type'] : "";
     }
     // COOKIES INIT
     $ip = '(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)';
     $ip = '/^' . implode('\\.', array($ip, $ip, $ip, $ip)) . '$/';
     if (preg_match($ip, $_SERVER['HTTP_HOST']) || preg_match('/^[^\\.]+$/', $_SERVER['HTTP_HOST'])) {
         $this->config['cookieDomain'] = "";
     } elseif (!strlen($this->config['cookieDomain'])) {
         $this->config['cookieDomain'] = $_SERVER['HTTP_HOST'];
     }
     if (!strlen($this->config['cookiePath'])) {
         $this->config['cookiePath'] = "/";
     }
     // UPLOAD FOLDER INIT
     // FULL URL
     if (preg_match('/^([a-z]+)\\:\\/\\/([^\\/^\\:]+)(\\:(\\d+))?\\/(.+)\\/?$/', $this->config['uploadURL'], $patt)) {
         list($unused, $protocol, $domain, $unused, $port, $path) = $patt;
         $path = path::normalize($path);
         $this->config['uploadURL'] = "{$protocol}://{$domain}" . (strlen($port) ? ":{$port}" : "") . "/{$path}";
         $this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::url2fullPath("/{$path}");
         $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
         $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
         // SITE ROOT
     } elseif ($this->config['uploadURL'] == "/") {
         $this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::normalize($_SERVER['DOCUMENT_ROOT']);
         $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
         $this->typeURL = "/{$this->type}";
         // ABSOLUTE & RELATIVE
     } else {
         $this->config['uploadURL'] = substr($this->config['uploadURL'], 0, 1) === "/" ? path::normalize($this->config['uploadURL']) : path::rel2abs_url($this->config['uploadURL']);
         $this->config['uploadDir'] = strlen($this->config['uploadDir']) ? path::normalize($this->config['uploadDir']) : path::url2fullPath($this->config['uploadURL']);
         $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
         $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
     }
     if (!is_dir($this->config['uploadDir'])) {
         @mkdir($this->config['uploadDir'], $this->config['dirPerms']);
     }
     // HOST APPLICATIONS INIT
     if (isset($this->get['CKEditorFuncNum'])) {
         $this->opener['CKEditor']['funcNum'] = $this->get['CKEditorFuncNum'];
     }
     if (isset($this->get['opener']) && strtolower($this->get['opener']) == "tinymce" && isset($this->config['_tinyMCEPath']) && strlen($this->config['_tinyMCEPath'])) {
         $this->opener['TinyMCE'] = true;
     }
     // LOCALIZATION
     foreach ($this->langInputNames as $key) {
         if (isset($this->get[$key]) && preg_match('/^[a-z][a-z\\._\\-]*$/i', $this->get[$key]) && file_exists("lang/" . strtolower($this->get[$key]) . ".php")) {
             $this->lang = $this->get[$key];
             break;
         }
     }
     $this->localize($this->lang);
     // CHECK & MAKE DEFAULT .htaccess
     if (isset($this->config['_check4htaccess']) && $this->config['_check4htaccess']) {
         $htaccess = "{$this->config['uploadDir']}/.htaccess";
         if (!file_exists($htaccess)) {
             if (!@file_put_contents($htaccess, $this->get_htaccess())) {
                 $this->backMsg("Cannot write to upload folder. {$this->config['uploadDir']}");
             }
         } else {
             if (false === ($data = @file_get_contents($htaccess))) {
                 $this->backMsg("Cannot read .htaccess");
             }
             if ($data != $this->get_htaccess() && !@file_put_contents($htaccess, $data)) {
                 $this->backMsg("Incorrect .htaccess file. Cannot rewrite it!");
             }
         }
     }
     // CHECK & CREATE UPLOAD FOLDER
     if (!is_dir($this->typeDir)) {
         if (!mkdir($this->typeDir, $this->config['dirPerms'])) {
             $this->backMsg("Cannot create {dir} folder.", array('dir' => $this->type));
         }
     } elseif (!is_readable($this->typeDir)) {
         $this->backMsg("Cannot read upload folder.");
     }
 }