public function action($parent) { $config = $parent->config; $path = $parent->path; $path_thumb = $parent->path_thumb; $name = $parent->name; $util = new Utility(); if ($create_text_files === FALSE) { $this->r = array('You are not allowed to edit this file.', 403); return; } if (!isset($config['editable_text_file_exts']) || !is_array($config['editable_text_file_exts'])) { $config['editable_text_file_exts'] = array(); } // check if user supplied extension if (strpos($name, '.') === FALSE) { $this->r = array('You have to add a file extension. ' . sprintf('Valid extensions: %s', implode(', ', $config['editable_text_file_exts'])), 400); return; } // correct name $old_name = $name; $name = $util->fix_filename($name, $config['transliteration'], $config['convert_spaces'], $config['replace_with']); if (empty($name)) { $this->r = array('The name is empty', 400); return; } // check extension $parts = explode('.', $name); if (!in_array(end($parts), $config['editable_text_file_exts'])) { $this->r = array('File extension is not allowed. ' . sprintf('Valid extensions: %s', implode(', ', $config['editable_text_file_exts'])), 400); return; } // correct paths $path = str_replace($old_name, $name, $path); $path_thumb = str_replace($old_name, $name, $path_thumb); // file already exists if (file_exists($path)) { $this->r = array('The file is already exists', 403); return; } $content = $_POST['new_content']; if (@file_put_contents($path, $content) === FALSE) { $this->r = array('There was an error while saving the file.', 500); return; } else { if ($util->is_function_callable('chmod') !== FALSE) { chmod($path, 0644); } $this->r = array('File successfully saved.', 200); return; } }
public function action($parent) { $util = new Utility(); $app = $parent->app; $session = new SessionHandler($app); $path = $parent->path; $path_thumb = $parent->path_thumb; $c = $parent->config; $action = $session->getClipboardAction(); $data = array("path" => $session->getClipboardPath(), "path_thumb" => $session->getClipboardPathThumb()); if (!isset($action, $data['path'], $data['path_thumb']) || $action == '' || $data['path'] == '' || $data['path_thumb'] == '') { $this->r = array('no clipboard data found.', 200); return; } $data['path'] = $c['current_path'] . $data['path']; $pinfo = pathinfo($data['path']); // user wants to paste to the same dir. nothing to do here... if ($pinfo['dirname'] == rtrim($path, '/')) { $this->r = array('', 200); return; } // user wants to paste folder to it's own sub folder.. baaaah. if (is_dir($data['path']) && strpos($path, $data['path']) !== FALSE) { $this->r = array('', 200); return; } // something terribly gone wrong if ($action != 'copy' && $action != 'cut') { $this->r = array('no action', 400); return; } // check for writability if ($util->is_really_writable($path) === FALSE || $util->is_really_writable($path_thumb) === FALSE) { $this->r = array('The directory you selected is not writable <br/>' . str_replace('../', '', $path) . '<br/>' . str_replace('../', '', $path_thumb), 403); return; } // check if server disables copy or rename if ($util->is_function_callable($action == 'copy' ? 'copy' : 'rename') === FALSE) { $response = sprintf('The %s function has been disabled by the server.', $action == 'copy' ? 'copy' : 'cut'); $this->r = array($response, 403); return; } if ($action == 'copy') { $util->rcopy($data['path'], $path); $util->rcopy($data['path_thumb'], $path_thumb); } elseif ($action == 'cut') { $util->rrename($data['path'], $path); $util->rrename($data['path_thumb'], $path_thumb); // cleanup if (is_dir($data['path']) === TRUE) { $util->rrename_after_cleaner($data['path']); $util->rrename_after_cleaner($data['path_thumb']); } } // cleanup $session->setClipboardAction(NULL); $session->setClipboardPath(NULL); $session->setClipboardPathThumb(NULL); $response = $action . ' successful'; $this->r = array($response, 200); }