/**
* An augmented scandir() which will ensure any Aliases are included in the relevant
* directory scans; this makes the Aliases behave very similarly to actual directories.
*/
public function scandir($dir, $filemask, $see_thumbnail_dir, $glob_flags_or, $glob_flags_and)
{
$dir = self::enforceTrailingSlash($dir);
// collect the real items first:
$coll = parent::scandir($dir, $filemask, $see_thumbnail_dir, $glob_flags_or, $glob_flags_and);
FM_vardumper($this, 'scandir4Alias', $coll);
if ($coll === false) {
return $coll;
}
$flags = GLOB_NODOTS | GLOB_NOHIDDEN | GLOB_NOSORT;
$flags &= $glob_flags_and;
$flags |= $glob_flags_or;
// make sure we keep the guarantee that the '..' entry, when present, is the very last one, intact:
$doubledot = array_pop($coll['dirs']);
if ($doubledot !== null && $doubledot !== '..') {
$coll['dirs'][] = $doubledot;
$doubledot = null;
}
// we must check against thumbnail path again, as it MAY be an alias, itself!
$tndir = null;
if (!$see_thumbnail_dir) {
$tn_uri = $this->options['thumbnailPath'];
$tnpath = $this->url_path2file_path($tn_uri);
//if (FileManagerUtility::startswith($dir, $tnpath))
// return false;
$tnparent = self::getParentDir($tnpath);
$just_below_thumbnail_dir = FileManagerUtility::startswith($dir, $tnparent);
if ($just_below_thumbnail_dir) {
$tndir = basename(substr($tn_uri, 0, -1));
}
}
// now see if we need to add any aliases as elements:
if (isset($this->scandir_alias_lu_arr) && !empty($this->scandir_alias_lu_arr[$dir])) {
$a_base = $this->scandir_alias_lu_arr[$dir];
$d = $coll['dirs'];
$f = $coll['files'];
foreach ($a_base[false] as $a_elem) {
if (!in_array($a_elem, $d, true) && $tndir !== $a_elem && (!($flags & GLOB_NOHIDDEN) || $a_elem[0] != '.')) {
//$coll['special_indir_mappings'][1][] = array_push($coll['dirs'], $a_elem) - 1;
$coll['dirs'][] = $a_elem;
}
}
foreach ($a_base[true] as $a_elem) {
if (!in_array($a_elem, $f, true) && (!($flags & GLOB_NOHIDDEN) || $a_elem[0] != '.')) {
//$coll['special_indir_mappings'][0][] = array_push($coll['files'], $a_elem) - 1;
$coll['files'][] = $a_elem;
}
}
}
// make sure we keep the guarantee that the '..' entry, when present, is the very last one, intact:
if ($doubledot !== null) {
$coll['dirs'][] = $doubledot;
}
return $coll;
}
</script>
</head>
<body>
<div id="content" class="content">
<div class="go_home">
<a href="index.php" title="Go to the Demo index page"><img src="home_16x16.png"> </a>
</div>
<h1>FileManager Backend Tests</h1>
<h2>Basic PHP tests</h2>
<pre>
<?php
var_dump(gd_info());
// log request data:
FM_vardumper(null, 'testFM' . (!empty($_GET['event']) ? '-' . $_GET['event'] : null));
if (01) {
$re_extra = '-_., []()~!@+';
$trim_extra = '-_,~@+#&';
echo "pagetitle(str, NULL, '{$re_extra}', '{$trim_extra}'): regex to filter file & dirnames before they are created:\n";
// ASCII range
for ($i = 0; $i < 8; $i++) {
$msg = '';
$str = '';
for ($j = 0; $j < 16; $j++) {
$c = $i * 16 + $j;
switch ($c) {
case 9:
$msg .= "(TAB)";
break;
case 13:
function FM_IsAuthorized($mgr, $action, &$info)
{
// Start session, if not already started
session_name('alt_session_name');
session_start_ex();
//$settings = $mgr->getSettings();
//$mimetdefs = $mgr->getMimeTypeDefinitions();
// log request data:
FM_vardumper($mgr, $action, $info);
// when the session, started in the demo entry pages, doesn't exist or is not valid, we do not allow ANYTHING any more:
if (empty($_SESSION)) {
session_write_close();
throw new FileManagerException('authorized: The session is non-existent.');
return false;
}
if (empty($_SESSION['FileManager']) || $_SESSION['FileManager'] !== 'DemoMagick') {
session_write_close();
throw new FileManagerException('authorized: The session is illegal, as it does not contain the mandatory magic value set up by the demo entry pages.');
return false;
}
/*
* authenticate / authorize:
* this sample is a bogus authorization, but you can perform simple to highly
* sophisticated authentications / authorizations here, e.g. even ones which also check permissions
* related to what is being uploaded right now (different permissions required for file mimetypes,
* e.g. images: any authorized user; while other file types which are more susceptible to carrying
* illicit payloads requiring at least 'power/trusted user' permissions, ...)
*/
$rv = false;
switch ($action) {
case 'upload':
/*
* Note that the TinyMCE demo currently has this sestting set to 'NO' to simulate an UNauthorized user, for the sake of the demo.
*/
$rv = $_SESSION['UploadAuth'] == 'yes';
break;
case 'download':
$rv = true;
break;
case 'create':
// create directory
// create directory
case 'destroy':
case 'move':
// move or copy!
// move or copy!
case 'view':
$rv = true;
break;
case 'detail':
/*
* For the demo, we deny generation of thumbnails for images in a certain size range: 500KB - 2MB, jpeg only.
*
* To showcase the nasty/cool (depending on your disposition) things you can do in this callback, we
* force the thumbnail to become a thumbnail of the 'nuke':
*/
$fsize = @filesize($info['file']);
/*
* When the thumbnail request is made, the demo will error on
* bison-head-with-horns (Ray Rauch, U.S. Fish and Wildlife Service).jpg
* fruits-vegetables-milk-and-yogurt (Peggy Greb, U.S. Department of Agriculture).jpg
* intentionally with the next bit of code; just to give you an idea what can be done in here.
*
* you can do a similar thing for any other request and have a good file fail or a bad file recover and succeed,
* simply by patching the $info[] items.
*/
if (SHOW_CUSTOM_CALLBACK_WORK && $info['mime'] == 'image/jpeg' && $fsize >= 180 * 1024 && $fsize <= 200 * 1024) {
// force the manager to fetch the 'nuke' icon:
$info['filename'] = 'is.default-error';
// and nuke the mimetype to make sure it does go for the icon, always:
$info['mime'] = 'icon/icon';
// and act as if we authorized the action. Meanwhile, we just nuked it.
}
$rv = true;
break;
default:
// unknown operation. Internal server error.
$rv = false;
break;
}
// make sure the session is closed (and unlocked) before the bulk of the work is performed: better parallelism server-side.
session_write_close();
return $rv;
}
function FM_IsAuthorized($mgr, $action, &$info)
{
//$settings = $mgr->getSettings();
//$mimetdefs = $mgr->getMimeTypeDefinitions();
// log request data:
FM_vardumper($mgr, $action, $info);
/*
* authenticate / authorize:
* this sample is a bogus authorization, but you can perform simple to highly
* sophisticated authentications / authorizations here, e.g. even ones which also check permissions
* related to what is being uploaded right now (different permissions required for file mimetypes,
* e.g. images: any authorized user; while other file types which are more susceptible to carrying
* illicit payloads requiring at least 'power/trusted user' permissions, ...)
*/
switch ($action) {
case 'upload':
/*
* $fileinfo = array(
* 'dir' => (string) directory where the uploaded file will be stored (filesystem absolute)
* 'name' => (string) the filename of the uploaded file (already cleaned and resequenced, without the file name extension
* 'extension' => (string) the file name extension (already cleaned as well, including 'safe' mode processing, i.e. any uploaded binary executable will have been assigned the extension '.txt' already)
* 'size' => (integer) number of bytes of the uploaded file
* 'maxsize' => (integer) the configured maximum number of bytes for any single upload
* 'mimes' => NULL or an array of mime types which are permitted to be uploaded. This is a reference to the array produced by $mgr->getAllowedMimeTypes().
* 'ext2mime_map' => an array of (key, value) pairs which can be used to map a file name extension (key) to a mime type (value). This is a reference to the array produced by $mgr->getAllowedMimeTypes().
* 'chmod' => (integer) UNIX access rights (default: 0666) for the directory-to-be-created (RW for user,group,world). Note that the eXecutable bits have already been stripped before the callback was invoked.
* );
*
* Note that this request originates from a Macromedia Flash client: hence you'll need to use the
* $_GET['session'] value to manually set the PHP session_id() before you start your your session
* again. (Of course, this assumes you've set up the client side FileManager JS object to pass the
* session_id() in this 'session' request parameter.
*
* In examples provided with mootools_filemanager itself, the value is set to 'MySessionId'.
*/
if (!empty($_GET['session'])) {
return true;
}
return false;
case 'download':
/*
* $fileinfo = array(
* 'file' => (string) full path of the file (filesystem absolute)
* );
*/
return true;
case 'create':
// create directory
/*
* $fileinfo = array(
* 'dir' => (string) parent directory: directory where the directory-to-be-created will exist (filesystem absolute)
* 'file' => (string) full path of the directory-to-be-created itself (filesystem absolute)
* 'chmod' => (integer) UNIX access rights (default: 0777) for the directory-to-be-created (RWX for user,group,world)
* );
*/
return true;
case 'destroy':
/*
* $fileinfo = array(
* 'dir' => (string) directory where the file / directory-to-be-deleted exists (filesystem absolute)
* 'file' => (string) the filename (with extension) of the file / directory to be deleted
* );
*/
return true;
case 'move':
// move or copy!
/*
* $fileinfo = array(
* 'dir' => (string) directory where the file / directory-to-be-moved/copied exists (filesystem absolute)
* 'file' => (string) the filename (with extension) of the file / directory to be moved/copied
* 'newdir' => NULL or (string) target directory: full path of directory where the file/directory will be moved/copied to. (filesystem absolute)
* 'newname' => NULL or (string) target path: full path of file/directory. This is the file location the file/.directory should be renamed/moved to. (filesystem absolute)
* 'rename' => (boolean) TRUE when a file/directory RENAME operation is requested (name change, staying within the same parent directory). FALSE otherwise.
* 'is_dir' => (boolean) TRUE when the subject is a directory itself, FALSE when it is a regular file.
* 'function' => (string) PHP call which will perform the operation. ('rename' or 'copy')
* );
*
* on RENAME these path elements will be set: 'dir', 'file' 'newname'; 'rename' = TRUE, 'function' = 'rename'
* on MOVE these path elements will be set: 'dir', 'file', 'newdir', 'newname'; 'rename' = TRUE, 'function' = 'rename'
* on COPY these path elements will be set: 'dir', 'file' 'newdir', 'newname'; 'rename' = TRUE, 'function' = 'copy'
*/
return true;
default:
// unknown operation. Internal server error.
return false;
}
}
define('DEVELOPMENT', 0);
// set to 01 / 1 / nonzero value to enable logging of each incoming event request.
require 'FM-common.php';
// this one loads the appropriate FileManager AND the support functions used in this demo
/*
* when you want to pass absolute paths into FileManager, be reminded that ALL paths
* (except for the [mimeTypesPath] one!) are paths in URI space, i.e. the 'root'
* is assumed to be DocumentRoot.
*
* Below is a quick example how a physical filesystem path /could/ be transformed
* to a URI path -- assumed you don't get buggered by having Aliases apply to this
* particular path, in which case you are between a rock and a hard place: then you
* MUST specify URI paths instead, this 'trick' being defective.
*/
$fm_basedir = str_replace(strtr($_SERVER['DOCUMENT_ROOT'], '\\', '/'), '', dirname(strtr(__FILE__, '\\', '/'))) . '/';
/*
* Go to FM-common.php to edit the Alias array there to mirror your local situation.
*
* See also the 'SITE_USES_ALIASES' define and the mkNewFileManager() function in there.
*
* mkNewFileManager() is just a wrapper used to keep the demo code lean...
*/
$browser = mkNewFileManager(array('directory' => 'Files/', 'upload' => true, 'destroy' => true, 'create' => true, 'move' => true, 'download' => true, 'allowExtChange' => true));
$event_cmd = !empty($_GET['event']) ? $_GET['event'] : null;
// log request data:
FM_vardumper($browser, 'init' . $event_cmd);
// and process the request:
$browser->fireEvent($event_cmd);
// Do *NOT* add a <?php ?-> close tag here! Any whitespace after that makes PHP output both a Content-Type: test/html header AND the whitespace as content.
// This BREAKS any operation (such as mootools-filemanager::event=thumbnail) which outputs BINARY DATA (in that particular case, PHP spits out an image)
// The safest way to prevent ANY PHP file from producing undesirable [whitespace] output is to never add that ?-> close tag.
