public function action($parent)
{
$c = $parent->config;
$name = $parent->name;
$path = $parent->path;
$path_thumb = $parent->path_thumb;
$util = new Utility();
if ($c['rename_files']) {
$name = $util->fix_filename($name, $c['transliteration'], $c['convert_spaces'], $c['replace_with']);
if (!empty($name)) {
if (!$util->rename_file($path, $name, $c['transliteration'])) {
$this->r = array('The file is already exists', 403);
return;
}
$util->rename_file($path_thumb, $name, $c['transliteration']);
if ($fixed_image_creation) {
$info = pathinfo($path);
foreach ($c['fixed_path_from_filemanager'] as $k => $paths) {
if ($paths != "" && $paths[strlen($paths) - 1] != "/") {
$paths .= "/";
}
$base_dir = $paths . substr_replace($info['dirname'] . "/", '', 0, strlen($current_path));
if (file_exists($c['base_dir'] . $c['fixed_image_creation_name_to_prepend'][$k] . $info['filename'] . $c['fixed_image_creation_to_append'][$k] . "." . $info['extension'])) {
$util->rename_file($c['base_dir'] . $c['fixed_image_creation_name_to_prepend'][$k] . $info['filename'] . $c['fixed_image_creation_to_append'][$k] . "." . $info['extension'], $c['fixed_image_creation_name_to_prepend'][$k] . $name . $c['fixed_image_creation_to_append'][$k], $c['transliteration']);
}
}
}
$this->r = array('success', 200);
return;
} else {
$this->r = array('The name is empty', 400);
return;
}
}
}
public function action($parent)
{
$path_thumb = $parent->path_thumb;
$path = $parent->path;
$c = $parent->config;
$util = new Utility();
if ($c['delete_folders']) {
if (is_dir($path_thumb)) {
$util->deleteDir($path_thumb);
}
if (is_dir($path)) {
$util->deleteDir($path);
if ($c['fixed_image_creation']) {
foreach ($c['fixed_path_from_filemanager'] as $k => $paths) {
if ($paths != "" && $paths[strlen($paths) - 1] != "/") {
$paths .= "/";
}
$base_dir = $paths . substr_replace($path, '', 0, strlen($current_path));
if (is_dir($base_dir)) {
$util->deleteDir($base_dir);
}
}
}
}
$this->r = array('Folder deleted.', 200);
return;
}
$this->r = array('You are not permitted to delete folders.', 400);
}
public function action($parent)
{
$c = $parent->config;
$util = new Utility();
if (strpos($_POST['path'], '/') === 0 || strpos($_POST['path'], '../') !== false || strpos($_POST['path'], './') === 0) {
$this->r = array('wrong path', 400);
return;
}
$path = $c['current_path'] . $_POST['path'];
$info = pathinfo($path);
$base_folder = $c['current_path'] . $util->fix_dirname($_POST['path']) . "/";
switch ($info['extension']) {
case "zip":
$zip = new \ZipArchive();
if ($zip->open($path) === true) {
//make all the folders
for ($i = 0; $i < $zip->numFiles; $i++) {
$OnlyFileName = $zip->getNameIndex($i);
$FullFileName = $zip->statIndex($i);
if (substr($FullFileName['name'], -1, 1) == "/") {
$util->create_folder($base_folder . $FullFileName['name']);
}
}
//unzip into the folders
for ($i = 0; $i < $zip->numFiles; $i++) {
$OnlyFileName = $zip->getNameIndex($i);
$FullFileName = $zip->statIndex($i);
if (!(substr($FullFileName['name'], -1, 1) == "/")) {
$fileinfo = pathinfo($OnlyFileName);
if (in_array(strtolower($fileinfo['extension']), $ext)) {
copy('zip://' . $path . '#' . $OnlyFileName, $base_folder . $FullFileName['name']);
}
}
}
$zip->close();
} else {
$this->r = array('Could not extract. File might be corrupt.', 500);
return;
}
break;
case "gz":
$p = new \PharData($path);
$p->decompress();
// creates files.tar
break;
case "tar":
// unarchive from the tar
$phar = new \PharData($path);
$phar->decompressFiles();
$files = array();
$util->check_files_extensions_on_phar($phar, $files, '', $ext);
$phar->extractTo($current_path . fix_dirname($_POST['path']) . "/", $files, true);
break;
default:
$this->r = array('This extension is not supported. Valid: zip, gz, tar.', 400);
return;
break;
}
}
public function action($parent)
{
$config = $parent->config;
$path = $parent->path;
$path_thumb = $parent->path_thumb;
$name = $parent->name;
$util = new Utility();
if ($create_text_files === FALSE) {
$this->r = array('You are not allowed to edit this file.', 403);
return;
}
if (!isset($config['editable_text_file_exts']) || !is_array($config['editable_text_file_exts'])) {
$config['editable_text_file_exts'] = array();
}
// check if user supplied extension
if (strpos($name, '.') === FALSE) {
$this->r = array('You have to add a file extension. ' . sprintf('Valid extensions: %s', implode(', ', $config['editable_text_file_exts'])), 400);
return;
}
// correct name
$old_name = $name;
$name = $util->fix_filename($name, $config['transliteration'], $config['convert_spaces'], $config['replace_with']);
if (empty($name)) {
$this->r = array('The name is empty', 400);
return;
}
// check extension
$parts = explode('.', $name);
if (!in_array(end($parts), $config['editable_text_file_exts'])) {
$this->r = array('File extension is not allowed. ' . sprintf('Valid extensions: %s', implode(', ', $config['editable_text_file_exts'])), 400);
return;
}
// correct paths
$path = str_replace($old_name, $name, $path);
$path_thumb = str_replace($old_name, $name, $path_thumb);
// file already exists
if (file_exists($path)) {
$this->r = array('The file is already exists', 403);
return;
}
$content = $_POST['new_content'];
if (@file_put_contents($path, $content) === FALSE) {
$this->r = array('There was an error while saving the file.', 500);
return;
} else {
if ($util->is_function_callable('chmod') !== FALSE) {
chmod($path, 0644);
}
$this->r = array('File successfully saved.', 200);
return;
}
}
public function action($parent)
{
$util = new Utility();
$config = $parent->config;
$path = $parent->path;
if ($config['create_folders']) {
$util->create_folder($util->fix_path($path, $config['transliteration'], $config['convert_spaces'], $config['replace_with']), $util->fix_path($parent->path_thumb, $config['transliteration'], $config['convert_spaces'], $config['replace_with']));
//check folder created
$this->r = array('folder created', 200);
return;
//if not return error!
} else {
$this->r = array('no permissions to create folder', 400);
return;
}
}
public function action($parent)
{
$s = new SessionHandler($parent->app);
$util = new Utility();
$c = $parent->config;
if ($_POST['sub_action'] != 'copy' && $_POST['sub_action'] != 'cut') {
$this->error('wrong sub-action');
return;
}
if (trim($_POST['path']) == '' || trim($_POST['path_thumb']) == '') {
$this->error('no path');
return;
}
$path = $c['current_path'] . $_POST['path'];
if (is_dir($path)) {
// can't copy/cut dirs
if ($c['copy_cut_dirs'] === false) {
$this->error(sprintf('You are not allowed to %s $s.', $_POST['sub_action'] == 'copy' ? 'copy' : 'cut', 'folders'));
return;
}
// size over limit
if ($c['copy_cut_max_size'] !== false && is_int($c['copy_cut_max_size'])) {
if ($copy_cut_max_size * 1024 * 1024 < $util->foldersize($path)) {
$this->error(sprintf('The selected files/folders are too big to %s. Limit: %d MB/operation', $_POST['sub_action'] == 'copy' ? 'copy' : 'cut', $c['copy_cut_max_size']));
return;
}
}
// file count over limit
if ($copy_cut_max_count !== false && is_int($copy_cut_max_count)) {
if ($copy_cut_max_count < filescount($path)) {
$this->error(sprintf('You selected too many files/folders to %s. Limit: %d files/operation', $_POST['sub_action'] == 'copy' ? 'copy' : 'cut', $c['copy_cut_max_count']));
return;
}
}
} else {
// can't copy/cut files
if ($c['copy_cut_files'] === false) {
$this->error(sprintf('You are not allowed to %s files.', $_POST['sub_action'] == 'copy' ? 'copy' : 'cut', 'files'));
exit;
}
}
$s->setClipboardPath($_POST['path']);
$s->setClipboardPathThumb($_POST['path_thumb']);
$s->setClipboardAction($_POST['sub_action']);
}
public function download(Application $app)
{
$r = new Response();
$util = new Utility();
$_path = $_POST['path'];
$c = $app['FileManager'];
$c['ext'] = array_merge($c['ext_img'], $c['ext_file'], $c['ext_misc'], $c['ext_video'], $c['ext_music']);
// include 'include/mime_type_lib.php';
if (strpos($_path, '/') === 0 || strpos($_path, '../') !== false || strpos($_path, './') === 0) {
return $r->create('wrong path', 400);
}
if (strpos($_POST['name'], '/') !== false) {
return $r->create('wrong path', 400);
}
$path = $c['current_path'] . $_path;
$name = $_POST['name'];
$info = pathinfo($name);
if (!in_array($util->fix_strtolower($info['extension']), $c['ext'])) {
return $r->create('wrong extension', 400);
}
if (!file_exists($path . $name)) {
return $r->create('File not found', 404);
}
return $app->sendFile($path . $name)->setContentDisposition(\Symfony\Component\HttpFoundation\ResponseHeaderBag::DISPOSITION_ATTACHMENT, $name);
//$img_size = (string) (filesize($path . $name)); // Get the image size as string
//
//$mime_type = get_file_mime_type($path . $name); // Get the correct MIME type depending on the file.
//
//response(file_get_contents($path . $name), 200, array(
// 'Pragma' => 'private',
// 'Cache-control' => 'private, must-revalidate',
// 'Content-Type' => $mime_type,
// 'Content-Length' => $img_size,
// 'Content-Disposition' => 'attachment; filename="' . ($name) . '"'
//))->send();
//
//exit;
}
public function action($parent)
{
$c = $parent->config;
$util = new Utility();
$info = pathinfo($_POST['name']);
if (strpos($_POST['path'], '/') === 0 || strpos($_POST['path'], '../') !== false || strpos($_POST['path'], './') === 0 || strpos($_POST['url'], 'http://s3.amazonaws.com/feather') !== 0 || $_POST['name'] != $util->fix_filename($_POST['name'], $c['transliteration'], $c['convert_spaces'], $c['replace_with']) || !in_array(strtolower($info['extension']), array('jpg', 'jpeg', 'png'))) {
$this->r = array('wrong data', 400);
return;
}
$image_data = file_get_contents($_POST['url']);
if ($image_data === false) {
$this->r = array('Could not save image', 400);
return;
}
//18/04/2015 add versioning for edits
$version = $this->versioning($_POST['name'], $c['current_path'], $_POST['path']);
$fp = fopen($c['current_path'] . $_POST['path'] . $version, "w");
fwrite($fp, $image_data);
fclose($fp);
$util->create_img($c['current_path'] . $_POST['path'] . $version, $c['thumbs_base_path'] . $_POST['path'] . $version, 122, 91);
// TODO something with this function cause its blowing my mind
$util->new_thumbnails_creation($c['current_path'] . $_POST['path'], $c['current_path'] . $_POST['path'] . $version, $version, $c['current_path'], $relative_image_creation, $relative_path_from_current_pos, $relative_image_creation_name_to_prepend, $relative_image_creation_name_to_append, $relative_image_creation_width, $relative_image_creation_height, $relative_image_creation_option, $fixed_image_creation, $fixed_path_from_filemanager, $fixed_image_creation_name_to_prepend, $fixed_image_creation_to_append, $fixed_image_creation_width, $fixed_image_creation_height, $fixed_image_creation_option);
}
public function action($parent)
{
$c = $parent->config;
$name = $parent->name;
$path = $parent->path;
$path_thumb = $parent->path_thumb;
$util = new Utility();
if ($c['rename_folders']) {
$name = $util->fix_filename($name, $c['transliteration'], $c['convert_spaces'], $c['replace_with']);
$name = str_replace('.', '', $name);
var_dump($name);
if (!empty($name)) {
if (!$util->rename_folder($path, $name, $c['transliteration'], $c['convert_spaces'])) {
$this->r = array('The folder already exists', 403);
return;
}
$util->rename_folder($path_thumb, $name, $c['transliteration'], $c['convert_spaces']);
if ($c['fixed_image_creation']) {
foreach ($fixed_path_from_filemanager as $k => $paths) {
if ($paths != "" && $paths[strlen($paths) - 1] != "/") {
$paths .= "/";
}
$base_dir = $paths . substr_replace($path, '', 0, strlen($current_path));
$util->rename_folder($c['base_dir'], $name, $c['transliteration'], $c['convert_spaces']);
}
}
$this->r = array('success', 200);
return;
} else {
$this->r = array('The name is empty', 400);
return;
}
} else {
$this->r = array('errror: not allowed to rename folders', 400);
return;
}
}
public function upload(Application $app, Request $req)
{
$config = $app['FileManager'];
$util = new Utility();
$current_path = $config['current_path'];
$thumbs_base_path = $config['thumbs_base_path'];
$config['ext'] = array_merge($config['ext_img'], $config['ext_file'], $config['ext_misc'], $config['ext_video'], $config['ext_music']);
$ext = $config['ext'];
$transliteration = $config['transliteration'];
$convert_spaces = $config['convert_spaces'];
$replace_with = $config['replace_with'];
$ext_img = $config['ext_img'];
if (isset($_POST['path'])) {
$storeFolder = $_POST['path'];
$storeFolderThumb = $_POST['path_thumb'];
} else {
$storeFolder = $current_path . $_POST["fldr"];
// correct for when IE is in Compatibility mode
$storeFolderThumb = $thumbs_base_path . $_POST["fldr"];
}
$path_pos = strpos($storeFolder, $current_path);
$thumb_pos = strpos($storeFolderThumb, $thumbs_base_path);
if ($path_pos !== 0 || $thumb_pos !== 0 || strpos($storeFolderThumb, '../', strlen($thumbs_base_path)) !== FALSE || strpos($storeFolderThumb, './', strlen($thumbs_base_path)) !== FALSE || strpos($storeFolder, '../', strlen($current_path)) !== FALSE || strpos($storeFolder, './', strlen($current_path)) !== FALSE) {
die('wrong path');
}
$path = $storeFolder;
$cycle = TRUE;
$max_cycles = 50;
$i = 0;
while ($cycle && $i < $max_cycles) {
$i++;
if ($path == $current_path) {
$cycle = FALSE;
}
if (file_exists($path . "config.php")) {
require_once $path . "config.php";
$cycle = FALSE;
}
$path = $util->fix_dirname($path) . '/';
}
if (!empty($_FILES)) {
$info = pathinfo($_FILES['file']['name']);
if (in_array($util->fix_strtolower($info['extension']), $ext)) {
$tempFile = $_FILES['file']['tmp_name'];
$targetPath = $storeFolder;
$targetPathThumb = $storeFolderThumb;
$_FILES['file']['name'] = $util->fix_filename($_FILES['file']['name'], $transliteration, $convert_spaces, $replace_with);
// Gen. new file name if exists
if (file_exists($targetPath . $_FILES['file']['name'])) {
$i = 1;
$info = pathinfo($_FILES['file']['name']);
// append number
while (file_exists($targetPath . $info['filename'] . "_" . $i . "." . $info['extension'])) {
$i++;
}
$_FILES['file']['name'] = $info['filename'] . "_" . $i . "." . $info['extension'];
}
$targetFile = $targetPath . $_FILES['file']['name'];
$targetFileThumb = $targetPathThumb . $_FILES['file']['name'];
// check if image (and supported)
if (in_array($util->fix_strtolower($info['extension']), $ext_img)) {
$is_img = TRUE;
} else {
$is_img = FALSE;
}
// upload
move_uploaded_file($tempFile, $targetFile);
chmod($targetFile, 0755);
if ($is_img) {
$memory_error = FALSE;
if (!$util->create_img($targetFile, $targetFileThumb, 122, 91)) {
$memory_error = FALSE;
} else {
// TODO something with this long function baaaah...
if (!$util->new_thumbnails_creation($targetPath, $targetFile, $_FILES['file']['name'], $current_path, $relative_image_creation, $relative_path_from_current_pos, $relative_image_creation_name_to_prepend, $relative_image_creation_name_to_append, $relative_image_creation_width, $relative_image_creation_height, $relative_image_creation_option, $fixed_image_creation, $fixed_path_from_filemanager, $fixed_image_creation_name_to_prepend, $fixed_image_creation_to_append, $fixed_image_creation_width, $fixed_image_creation_height, $fixed_image_creation_option)) {
$memory_error = FALSE;
} else {
$imginfo = getimagesize($targetFile);
$srcWidth = $imginfo[0];
$srcHeight = $imginfo[1];
// resize images if set
if ($image_resizing) {
if ($image_resizing_width == 0) {
if ($image_resizing_height == 0) {
$image_resizing_width = $srcWidth;
$image_resizing_height = $srcHeight;
} else {
$image_resizing_width = $image_resizing_height * $srcWidth / $srcHeight;
}
} elseif ($image_resizing_height == 0) {
$image_resizing_height = $image_resizing_width * $srcHeight / $srcWidth;
}
// new dims and create
$srcWidth = $image_resizing_width;
$srcHeight = $image_resizing_height;
$util->create_img($targetFile, $targetFile, $image_resizing_width, $image_resizing_height, $image_resizing_mode);
}
//max resizing limit control
$resize = FALSE;
if ($image_max_width != 0 && $srcWidth > $image_max_width && $image_resizing_override === FALSE) {
$resize = TRUE;
$srcWidth = $image_max_width;
if ($image_max_height == 0) {
$srcHeight = $image_max_width * $srcHeight / $srcWidth;
}
}
if ($image_max_height != 0 && $srcHeight > $image_max_height && $image_resizing_override === FALSE) {
$resize = TRUE;
$srcHeight = $image_max_height;
if ($image_max_width == 0) {
$srcWidth = $image_max_height * $srcWidth / $srcHeight;
}
}
if ($resize) {
$util->create_img($targetFile, $targetFile, $srcWidth, $srcHeight, $image_max_mode);
}
}
}
// not enough memory
if ($memory_error) {
unlink($targetFile);
header('HTTP/1.1 406 Not enought Memory', TRUE, 406);
exit;
}
}
return $app->json($_FILES['file']['name'], 200);
} else {
header('HTTP/1.1 406 file not permitted', TRUE, 406);
exit;
}
} else {
header('HTTP/1.1 405 Bad Request', TRUE, 405);
exit;
}
// redirect
if (isset($_POST['submit'])) {
$query = http_build_query(array('type' => $_POST['type'], 'lang' => $_POST['lang'], 'popup' => $_POST['popup'], 'field_id' => $_POST['field_id'], 'fldr' => $_POST['fldr']));
header("location: dialog.php?" . $query);
}
}
public function action($parent)
{
$util = new Utility();
$app = $parent->app;
$session = new SessionHandler($app);
$path = $parent->path;
$path_thumb = $parent->path_thumb;
$c = $parent->config;
$action = $session->getClipboardAction();
$data = array("path" => $session->getClipboardPath(), "path_thumb" => $session->getClipboardPathThumb());
if (!isset($action, $data['path'], $data['path_thumb']) || $action == '' || $data['path'] == '' || $data['path_thumb'] == '') {
$this->r = array('no clipboard data found.', 200);
return;
}
$data['path'] = $c['current_path'] . $data['path'];
$pinfo = pathinfo($data['path']);
// user wants to paste to the same dir. nothing to do here...
if ($pinfo['dirname'] == rtrim($path, '/')) {
$this->r = array('', 200);
return;
}
// user wants to paste folder to it's own sub folder.. baaaah.
if (is_dir($data['path']) && strpos($path, $data['path']) !== FALSE) {
$this->r = array('', 200);
return;
}
// something terribly gone wrong
if ($action != 'copy' && $action != 'cut') {
$this->r = array('no action', 400);
return;
}
// check for writability
if ($util->is_really_writable($path) === FALSE || $util->is_really_writable($path_thumb) === FALSE) {
$this->r = array('The directory you selected is not writable <br/>' . str_replace('../', '', $path) . '<br/>' . str_replace('../', '', $path_thumb), 403);
return;
}
// check if server disables copy or rename
if ($util->is_function_callable($action == 'copy' ? 'copy' : 'rename') === FALSE) {
$response = sprintf('The %s function has been disabled by the server.', $action == 'copy' ? 'copy' : 'cut');
$this->r = array($response, 403);
return;
}
if ($action == 'copy') {
$util->rcopy($data['path'], $path);
$util->rcopy($data['path_thumb'], $path_thumb);
} elseif ($action == 'cut') {
$util->rrename($data['path'], $path);
$util->rrename($data['path_thumb'], $path_thumb);
// cleanup
if (is_dir($data['path']) === TRUE) {
$util->rrename_after_cleaner($data['path']);
$util->rrename_after_cleaner($data['path_thumb']);
}
}
// cleanup
$session->setClipboardAction(NULL);
$session->setClipboardPath(NULL);
$session->setClipboardPathThumb(NULL);
$response = $action . ' successful';
$this->r = array($response, 200);
}
public function action($parent)
{
$util = new Utility();
$c = $parent->config;
$path = $c['current_path'] . $_POST['path'];
if (is_dir($path) && $c['chmod_dirs'] === false || is_file($path) && $c['chmod_files'] === false || is_function_callable("chmod") === false) {
$this->r = array(sprintf('Changing %s permissions are not allowed.', is_dir($path) ? 'folders' : 'files'), 403);
return;
} else {
$perm = decoct(fileperms($path) & 0777);
$perm_user = substr($perm, 0, 1);
$perm_group = substr($perm, 1, 1);
$perm_all = substr($perm, 2, 1);
$ret = '<div id="files_permission_start">
<form id="chmod_form">
<table class="file-perms-table">
<thead>
<tr>
<td></td>
<td>r </td>
<td>w </td>
<td>x </td>
</tr>
</thead>
<tbody>
<tr>
<td>User</td>
<td><input id="u_4" type="checkbox" data-value="4" data-group="user" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_user, 4) ? " checked" : "") . '></td>
<td><input id="u_2" type="checkbox" data-value="2" data-group="user" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_user, 2) ? " checked" : "") . '></td>
<td><input id="u_1" type="checkbox" data-value="1" data-group="user" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_user, 1) ? " checked" : "") . '></td>
</tr>
<tr>
<td>Group</td>
<td><input id="g_4" type="checkbox" data-value="4" data-group="group" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_group, 4) ? " checked" : "") . '></td>
<td><input id="g_2" type="checkbox" data-value="2" data-group="group" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_group, 2) ? " checked" : "") . '></td>
<td><input id="g_1" type="checkbox" data-value="1" data-group="group" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_group, 1) ? " checked" : "") . '></td>
</tr>
<tr>
<td>All</td>
<td><input id="a_4" type="checkbox" data-value="4" data-group="all" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_all, 4) ? " checked" : "") . '></td>
<td><input id="a_2" type="checkbox" data-value="2" data-group="all" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_all, 2) ? " checked" : "") . '></td>
<td><input id="a_1" type="checkbox" data-value="1" data-group="all" onChange="chmod_logic();"' . ($util->chmod_logic_helper($perm_all, 1) ? " checked" : "") . '></td>
</tr>
<tr>
<td></td>
<td colspan="3"><input type="text" name="chmod_value" id="chmod_value" value="' . $perm . '" data-def-value="' . $perm . '"></td>
</tr>
</tbody>
</table>';
if (is_dir($path)) {
$ret .= '<div>Apply recursively?
<ul>
<li><input value="none" name="apply_recursive" type="radio" checked> No </li>
<li><input value="files" name="apply_recursive" type="radio"> Files</li>
<li><input value="folders" name="apply_recursive" type="radio"> Folders </li>
<li><input value="both" name="apply_recursive" type="radio"> Files & Folders</li>
</ul>
</div>';
}
$ret .= '</form></div>';
$this->r = array($ret, 200);
}
}
public function action(Application $app, Request $req, $action)
{
$this->app = $app;
$this->request = $req;
$allowed_action = array("CreateFolder", "RenameFolder", "DeleteFolder", "CreateFile", "RenameFile", "DeleteFile", "DuplicateFile", "PasteClipboard", "Chmod", "SaveTextFile");
if (!in_array($action, $allowed_action)) {
//action is not allowed
return $app->json('Action Denied', 400);
}
$config = $app['FileManager'];
$config['ext'] = array_merge($config['ext_img'], $config['ext_file'], $config['ext_misc'], $config['ext_video'], $config['ext_music']);
$util = new Utility();
$thumb_pos = strpos($_POST['path_thumb'], $config['thumbs_base_path']);
if ($thumb_pos != 0) {
return $app->json('Wrong path', 400);
}
if (strpos($_POST['path_thumb'], '../', strlen($config['thumbs_base_path']) + $thumb_pos) !== FALSE) {
return $app->json('Wrong path 1', 400);
}
if (strpos($_POST['path'], '/') === 0) {
return $app->json('Wrong path 2', 400);
}
if (strpos($_POST['path'], '../') !== FALSE) {
return $app->json('Wrong path 3', 400);
}
if (strpos($_POST['path'], './') === 0) {
return $app->json('Wrong path 4', 400);
}
// if (isset($_SESSION['RF']['language_file']) && file_exists($_SESSION['RF']['language_file']))
// {
// //TODO Very bad practice
// require_once $_SESSION['RF']['language_file'];
// }
// else
// {
// response('Language file is missing!', 500)->send();
// exit;
// }
$base = $config['current_path'];
$path = $base . $_POST['path'];
$cycle = TRUE;
$max_cycles = 50;
$i = 0;
while ($cycle && $i < $max_cycles) {
$i++;
if ($path == $base) {
$cycle = FALSE;
}
if (file_exists($path . "config.php")) {
require_once $path . "config.php";
$cycle = FALSE;
}
$path = $util->fix_dirname($path) . "/";
$cycle = FALSE;
}
$path = $base . $_POST['path'];
$this->path = $path;
$path_thumb = $_POST['path_thumb'];
$this->path_thumb = $path_thumb;
if (isset($_POST['name'])) {
$name = $util->fix_filename($_POST['name'], $config['transliteration'], $config['convert_spaces'], $config['replace_with']);
if (strpos($name, '../') !== FALSE) {
return $app->json('Wrong name', 400);
}
$this->name = $name;
}
$info = pathinfo($path);
if (isset($info['extension']) && !(isset($action) && $action == 'DeleteFolder') && !in_array(strtolower($info['extension']), $config['ext']) && $action != 'CreateFile') {
return $app->json('Wrong extension', 400);
}
// Perform Action
$action = "Rabies\\FileManager\\Action\\" . $action;
$perform = new $action();
$this->config = $config;
$perform->action($this);
return $app->json($perform->r[0], $perform->r[1]);
}
public function two($app, $files, $twigArr, $config, $subdir, $filter, $transliteration, $thumbs_path, $get_params, Utility $util, $rfm_subfolder)
{
$files_prevent_duplicate = array();
$html = "";
foreach ($files as $nu => $file_array) {
$file = $file_array['file'];
if ($file == '.' || $file == '..' || is_dir($config['current_path'] . $rfm_subfolder . $subdir . $file) || in_array($file, $config['hidden_files']) || !in_array($util->fix_strtolower($file_array['extension']), $config['ext']) || $filter != '' && $n_files > $file_number_limit_js && stripos($file, $filter) === false) {
continue;
}
$file_path = $config['current_path'] . $rfm_subfolder . $subdir . $file;
//check if file have illegal caracter
$filename = substr($file, 0, '-' . (strlen($file_array['extension']) + 1));
if ($file != $util->fix_filename($file, $transliteration)) {
$file1 = $util->fix_filename($file, $transliteration);
$file_path1 = $this->current_path . $rfm_subfolder . $subdir . $file1;
if (file_exists($file_path1)) {
$i = 1;
$info = pathinfo($file1);
while (file_exists($this->current_path . $rfm_subfolder . $subdir . $info['filename'] . ".[" . $i . "]." . $info['extension'])) {
$i++;
}
$file1 = $info['filename'] . ".[" . $i . "]." . $info['extension'];
$file_path1 = $this->current_path . $rfm_subfolder . $subdir . $file1;
}
$filename = substr($file1, 0, '-' . (strlen($file_array['extension']) + 1));
rename_file($file_path, $util->fix_filename($filename, $transliteration), $transliteration);
$file = $file1;
$file_array['extension'] = $util->fix_filename($file_array['extension'], $transliteration);
$file_path = $file_path1;
}
$is_img = false;
$is_video = false;
$is_audio = false;
$show_original = false;
$show_original_mini = false;
$mini_src = "";
$src_thumb = "";
$extension_lower = $util->fix_strtolower($file_array['extension']);
if ($extension_lower === 'svg') {
//dont try mking thumb for svg file!
} else {
if (in_array($extension_lower, $config['ext_img'])) {
$src = $this->base_url . $this->cur_dir . rawurlencode($file);
$mini_src = $src_thumb = $thumbs_path . $subdir . $file;
//add in thumbs folder if not exist
if (!file_exists($src_thumb)) {
try {
if (!$util->create_img($file_path, $src_thumb, 122, 91)) {
$src_thumb = $mini_src = "";
} else {
$util->new_thumbnails_creation($this->current_path . $rfm_subfolder . $subdir, $file_path, $file, $this->current_path, '', '', '', '', '', '', '', $fixed_image_creation, $fixed_path_from_filemanager, $fixed_image_creation_name_to_prepend, $fixed_image_creation_to_append, $fixed_image_creation_width, $fixed_image_creation_height, $fixed_image_creation_option);
}
} catch (Exception $e) {
$src_thumb = $mini_src = "";
}
}
}
$is_img = true;
//check if is smaller than thumb
list($img_width, $img_height, $img_type, $attr) = @getimagesize($file_path);
if ($img_width < 122 && $img_height < 91) {
$src_thumb = $this->cur_dir . $file;
//var_dump($src_thumb);
$show_original = true;
}
if ($img_width < 45 && $img_height < 38) {
$mini_src = $this->cur_dir . $rfm_subfolder . $subdir . $file;
//var_dump($mini_src);
//$mini_src=$this->current_path.$rfm_subfolder.$subdir.$file."sr";
$show_original_mini = true;
}
$twigArr['img_width'] = $img_width;
$twigArr['img_height'] = $img_height;
$twigArr['src'] = $src;
}
$is_icon_thumb = false;
$is_icon_thumb_mini = false;
$no_thumb = false;
if ($src_thumb == "") {
$no_thumb = true;
if (file_exists('img/' . $config['icon_theme'] . '/' . $extension_lower . ".jpg")) {
$src_thumb = 'img/' . $config['icon_theme'] . '/' . $extension_lower . ".jpg";
} else {
$src_thumb = "img/" . $config['icon_theme'] . "/default.jpg";
}
$is_icon_thumb = true;
}
if ($mini_src == "") {
$is_icon_thumb_mini = false;
}
$class_ext = 0;
if (in_array($extension_lower, $config['ext_video'])) {
$class_ext = 4;
$is_video = true;
} elseif (in_array($extension_lower, $config['ext_img'])) {
$class_ext = 2;
} elseif (in_array($extension_lower, $config['ext_music'])) {
$class_ext = 5;
$is_audio = true;
} elseif (in_array($extension_lower, $config['ext_misc'])) {
$class_ext = 3;
} else {
$class_ext = 1;
}
$twigArr['class_ext'] = $class_ext;
$twigArr['is_img'] = $is_img;
$twigArr['is_audio'] = $is_audio;
$twigArr['is_video'] = $is_video;
$twigArr['is_icon_thumb'] = $is_icon_thumb;
$twigArr['show_original'] = $show_original;
$twigArr['src_thumb'] = $src_thumb;
$twigArr['extension_lower'] = $extension_lower;
$twigArr['mini_src'] = $mini_src;
$twigArr['show_original_mini'] = $show_original_mini;
$twigArr['is_icon_thumb_mini'] = $is_icon_thumb_mini;
$twigArr['filename'] = $filename;
$twigArr['nu'] = $nu;
$file_prevent_rename = false;
$file_prevent_delete = false;
if (isset($filePermissions[$file])) {
if (isset($filePermissions[$file]['prevent_duplicate']) && $filePermissions[$file]['prevent_duplicate']) {
$files_prevent_duplicate[] = $file;
}
$file_prevent_rename = isset($filePermissions[$file]['prevent_rename']) && $filePermissions[$file]['prevent_rename'];
$file_prevent_delete = isset($filePermissions[$file]['prevent_delete']) && $filePermissions[$file]['prevent_delete'];
}
$twigArr['files_prevent_duplicate'][] = $file;
$this->files_prevent_duplicate = $twigArr['files_prevent_duplicate'];
$twigArr['file_prevent_delete'] = $file_prevent_delete;
$twigArr['file_prevent_rename'] = $file_prevent_rename;
$twigArr['file_array'] = $file_array;
$twigArr['file'] = $file;
//var_dump($twigArr['subdir']);
$twigArr['file_array']['makeSize'] = $util->makeSize($file_array['size']);
if (!($_GET['type'] == 1 && !$is_img) && !($_GET['type'] == 3 && !$is_video && ($_GET['type'] == 3 && !$is_audio)) && $class_ext > 0) {
$template = 'FileManager/two/two.html.twig';
$html = $html . $app['twig']->render($template, $twigArr);
//template!
}
}
return $html;
}