function DoResponse()
{
    if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
        return;
    }
    // Get the main request informaiton.
    $sCommand = $_GET['Command'];
    $sResourceType = $_GET['Type'];
    $sCurrentFolder = $_GET['CurrentFolder'];
    // Check if it is an allowed type.
    if (!in_array($sResourceType, array('File', 'Image', 'Flash', 'Media'))) {
        return;
    }
    // Check the current folder syntax (must begin and start with a slash).
    if (!ereg('/$', $sCurrentFolder)) {
        $sCurrentFolder .= '/';
    }
    if (strpos($sCurrentFolder, '/') !== 0) {
        $sCurrentFolder = '/' . $sCurrentFolder;
    }
    // File Upload doesn't have to Return XML, so it must be intercepted before anything.
    if ($sCommand == 'FileUpload') {
        FileUpload($sResourceType, $sCurrentFolder);
        return;
    }
    // Prevent the browser from caching the result.
    // Date in the past
    header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
    // always modified
    header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
    // HTTP/1.1
    header('Cache-Control: no-store, no-cache, must-revalidate');
    header('Cache-Control: post-check=0, pre-check=0', false);
    // HTTP/1.0
    header('Pragma: no-cache');
    // Set the response format.
    header('Content-Type:text/xml; charset=utf-8');
    CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
    // Execute the required command.
    switch ($sCommand) {
        case 'GetFolders':
            GetFolders($sResourceType, $sCurrentFolder);
            break;
        case 'GetFoldersAndFiles':
            GetFoldersAndFiles($sResourceType, $sCurrentFolder);
            break;
        case 'CreateFolder':
            CreateFolder($sResourceType, $sCurrentFolder);
            break;
    }
    CreateXmlFooter();
    exit;
}
Example #2
0
function DoResponse()
{
    global $Config;
    if (!isset($_GET)) {
        global $_GET;
    }
    if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
        return;
    }
    // Get the main request informaiton.
    $sCommand = $_GET['Command'];
    $sResourceType = $_GET['Type'];
    $sCurrentFolder = GetCurrentFolder();
    // Check if it is an allowed command
    if (!IsAllowedCommand($sCommand)) {
        SendError(1, 'Команда "' . $sCommand . '" недоступна');
    }
    // Check if it is an allowed type.
    if (!IsAllowedType($sResourceType)) {
        SendError(1, 'Неверный тип');
    }
    // File Upload doesn't have to Return XML, so it must be intercepted before anything.
    if ($sCommand == 'FileUpload') {
        FileUpload($sResourceType, $sCurrentFolder, $sCommand);
        return;
    }
    CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
    // Execute the required command.
    switch ($sCommand) {
        case 'GetFolders':
            GetFolders($sResourceType, $sCurrentFolder);
            break;
        case 'GetFoldersAndFiles':
            GetFoldersAndFiles($sResourceType, $sCurrentFolder);
            break;
        case 'CreateFolder':
            CreateFolder($sResourceType, $sCurrentFolder);
            break;
        case 'FileDelete':
            if ($Config['Delete']) {
                FileDelete($sResourceType, $sCurrentFolder, $sCommand);
            }
            break;
        case 'FolderDelete':
            if ($Config['Delete']) {
                FolderDelete($sResourceType, $sCurrentFolder, $sCommand);
            }
            break;
    }
    CreateXmlFooter();
    exit;
}
Example #3
0
function DoResponse()
{
    if (!isset($_GET)) {
        global $_GET;
    }
    if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
        return;
    }
    // Get the main request informaiton.
    $sCommand = urlencode($_GET['Command']);
    $sResourceType = urlencode($_GET['Type']);
    $sCurrentFolder = GetCurrentFolder();
    // Check if it is an allowed command
    if (!IsAllowedCommand($sCommand)) {
        SendError(1, 'FileBrowserError_Command' . ';;' . $sCommand);
    }
    // Check if it is an allowed type.
    if (!IsAllowedType($sResourceType)) {
        SendError(1, 'FileBrowserError_Type' . ';;' . $sResourceType);
    }
    // File Upload doesn't have to Return XML, so it must be intercepted before anything.
    if ($sCommand == 'FileUpload') {
        FileUpload($sResourceType, $sCurrentFolder, $sCommand);
        return;
    }
    if ($sCommand == 'GetDwfckNs') {
        GetDwfckNs();
        return;
    }
    CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
    // Execute the required command.
    switch ($sCommand) {
        case 'GetFolders':
            GetFolders($sResourceType, $sCurrentFolder);
            break;
        case 'GetFoldersAndFiles':
            GetFoldersAndFiles($sResourceType, $sCurrentFolder);
            break;
        case 'CreateFolder':
            CreateFolder($sResourceType, $sCurrentFolder);
            break;
        case 'UnlinkFile':
            UnlinkFile($sResourceType, $sCurrentFolder, $sCommand, $_GET['file']);
            break;
    }
    CreateXmlFooter();
    exit;
}
Example #4
0
function DoResponse()
{
    if (!isset($_GET)) {
        global $_GET;
    }
    if ( !isset( $_GET['Command'] ) || !isset( $_GET['Type'] ) || !isset( $_GET['CurrentFolder'] ) )
        return ;

    // Get the main request informaiton.
    $sCommand        = $_GET['Command'] ;
    $sResourceType    = $_GET['Type'] ;
    $sCurrentFolder    = GetCurrentFolder() ;

    // Check if it is an allowed command
    if ( ! IsAllowedCommand( $sCommand ) )
        SendError( 1, 'The "' . $sCommand . '" command isn\'t allowed' ) ;

    // Check if it is an allowed type.
    if ( !IsAllowedType( $sResourceType ) )
        SendError( 1, 'Invalid type specified' ) ;

    // File Upload doesn't have to Return XML, so it must be intercepted before anything.
    if ( $sCommand == 'FileUpload' )
    {
        FileUpload( $sResourceType, $sCurrentFolder, $sCommand ) ;
        return ;
    }

    CreateXmlHeader( $sCommand, $sResourceType, $sCurrentFolder ) ;

    // Execute the required command.
    switch ( $sCommand )
    {
        case 'GetFolders' :
            GetFolders( $sResourceType, $sCurrentFolder ) ;
            break ;
        case 'GetFoldersAndFiles' :
            GetFoldersAndFiles( $sResourceType, $sCurrentFolder ) ;
            break ;
        case 'CreateFolder' :
            CreateFolder( $sResourceType, $sCurrentFolder ) ;
            break ;
    }

    CreateXmlFooter() ;

    exit ;
}
Example #5
0
function DoResponse()
{
    if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
        return;
    }
    // Get the main request informaiton.
    $sCommand = $_GET['Command'];
    $sResourceType = $_GET['Type'];
    $sCurrentFolder = $_GET['CurrentFolder'];
    // Check if it is an allowed type.
    if (!in_array($sResourceType, array('File', 'Image', 'Flash', 'Media'))) {
        return;
    }
    // Check the current folder syntax (must begin and start with a slash).
    if (!ereg('/$', $sCurrentFolder)) {
        $sCurrentFolder .= '/';
    }
    if (strpos($sCurrentFolder, '/') !== 0) {
        $sCurrentFolder = '/' . $sCurrentFolder;
    }
    // Check for invalid folder paths (..)
    if (strpos($sCurrentFolder, '..')) {
        SendError(102, "");
    }
    // File Upload doesn't have to Return XML, so it must be intercepted before anything.
    if ($sCommand == 'FileUpload') {
        FileUpload($sResourceType, $sCurrentFolder);
        return;
    }
    CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
    // Execute the required command.
    switch ($sCommand) {
        case 'GetFolders':
            GetFolders($sResourceType, $sCurrentFolder);
            break;
        case 'GetFoldersAndFiles':
            GetFoldersAndFiles($sResourceType, $sCurrentFolder);
            break;
        case 'CreateFolder':
            CreateFolder($sResourceType, $sCurrentFolder);
            break;
    }
    CreateXmlFooter();
    exit;
}
Example #6
0
function DoResponse()
{
    if (!isset($_GET)) {
        global $_GET;
    }
    if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
        return;
    }
    //require_once(GetRootPath() . '\\conlive_8_12\\site\\config\\project.php');
    //$con = new Project();
    $f = fopen("cok2.txt", "w");
    fprintf($f, $_SESSION['em']);
    // Get the main request informaiton.
    $sCommand = $_GET['Command'];
    $sResourceType = $_GET['Type'];
    $sCurrentFolder = GetCurrentFolder();
    // Check if it is an allowed command
    if (!IsAllowedCommand($sCommand)) {
        SendError(1, 'The "' . $sCommand . '" command isn\'t allowed');
    }
    // Check if it is an allowed type.
    if (!IsAllowedType($sResourceType)) {
        SendError(1, 'Invalid type specified');
    }
    // File Upload doesn't have to Return XML, so it must be intercepted before anything.
    if ($sCommand == 'FileUpload') {
        FileUpload($sResourceType, $sCurrentFolder, $sCommand);
        return;
    }
    CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
    // Execute the required command.
    switch ($sCommand) {
        case 'GetFolders':
            GetFolders($sResourceType, $sCurrentFolder);
            break;
        case 'GetFoldersAndFiles':
            GetFoldersAndFiles($sResourceType, $sCurrentFolder);
            break;
        case 'CreateFolder':
            CreateFolder($sResourceType, $sCurrentFolder);
            break;
    }
    CreateXmlFooter();
    exit;
}
Example #7
0
function DoResponse()
{
    if (!isset($_GET)) {
        global $_GET;
    }
    if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
        return;
    }
    $sCommand = $_GET['Command'];
    $sResourceType = $_GET['Type'];
    $sCurrentFolder = GetCurrentFolder();
    if (!IsAllowedCommand($sCommand)) {
        SendError(1, 'The "' . $sCommand . '" command isn\'t allowed');
    }
    if (!IsAllowedType($sResourceType)) {
        SendError(1, 'Invalid type specified');
    }
    if ($sCommand == 'FileUpload') {
        FileUpload($sResourceType, $sCurrentFolder, $sCommand);
        return;
    }
    CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
    switch ($sCommand) {
        case 'GetFolders':
            GetFolders($sResourceType, $sCurrentFolder);
            break;
        case 'GetFoldersAndFiles':
            GetFoldersAndFiles($sResourceType, $sCurrentFolder);
            break;
        case 'CreateFolder':
            CreateFolder($sResourceType, $sCurrentFolder);
            break;
    }
    CreateXmlFooter();
    exit;
}
 * == END LICENSE ==
 *
 * This is the "File Uploader" for PHP.
 */
require './config.php';
require './util.php';
require './io.php';
require './commands.php';
require './phpcompat.php';
function SendError($number, $text)
{
    SendUploadResults($number, '', '', $text);
}
// Check if this uploader has been enabled.
if (!$Config['Enabled']) {
    SendUploadResults('1', '', '', 'This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php" file');
}
$sCommand = 'QuickUpload';
// The file type (from the QueryString, by default 'File').
$sType = isset($_GET['Type']) ? $_GET['Type'] : 'File';
$sCurrentFolder = GetCurrentFolder();
// Is enabled the upload?
if (!IsAllowedCommand($sCommand)) {
    SendUploadResults('1', '', '', 'The ""' . $sCommand . '"" command isn\'t allowed');
}
// Check if it is an allowed type.
if (!IsAllowedType($sType)) {
    SendUploadResults(1, '', '', 'Invalid type specified');
}
FileUpload($sType, $sCurrentFolder, $sCommand);
 */
require './config.php';
require './util.php';
require './io.php';
require './commands.php';
require './phpcompat.php';
function SendError($number, $text)
{
    SendUploadResults($number, '', '', $text);
}
// Check if this uploader has been enabled.
if (!$Config['Enabled']) {
    SendUploadResults('1', '', '', 'This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php" file');
}
$sCommand = 'QuickUpload';
// The file type (from the QueryString, by default 'File').
$sType = isset($_GET['Type']) ? $_GET['Type'] : 'File';
$sCurrentFolder = "/";
// Is enabled the upload?
if (!IsAllowedCommand($sCommand)) {
    SendUploadResults('1', '', '', 'The ""' . $sCommand . '"" command isn\'t allowed');
}
// Check if it is an allowed type.
if (!IsAllowedType($sType)) {
    SendUploadResults(1, '', '', 'Invalid type specified');
}
// Get the CKEditor Callback
$CKEcallback = $_GET['CKEditorFuncNum'];
//pass it on to file upload function
FileUpload($sType, $sCurrentFolder, $sCommand, $CKEcallback);
Example #10
0
<?php

define('FCK_IS_UPLOAD_CONNECTOR', 1);
// for XOOPS
require '../../../../../../mainfile.php';
require_once dirname(__FILE__) . '/functions.php';
@(include dirname(__FILE__) . '/config_and_auth.inc.php');
if (!defined('FCK_UPLOAD_PATH')) {
    require dirname(__FILE__) . '/config_and_auth.inc.dist.php';
}
FileUpload('/');
$sCurrentFolder = preg_replace('?[^0-9a-zA-Z_/-]?', '', @$_GET['CurrentFolder']);
$sType = @$_GET['Type'];
if (!in_array($sType, array('File', 'Image', 'Flash', 'Media'))) {
    $sType = 'Image';
}
// Check the current folder syntax (must begin and start with a slash).
if (substr($sCurrentFolder, -1) !== '/') {
    $sCurrentFolder .= '/';
}
if (substr($sCurrentFolder, 0, 1) !== '/') {
    $sCurrentFolder = '/' . $sCurrentFolder;
}
// Execute the required command.
switch ($sCommand) {
    case 'FileUpload':
        FileUpload($sCurrentFolder);
        break;
    case 'DeleteFile':
        CreateXmlHeader('DeleteFile', $sCurrentFolder);
        DeleteFile($sCurrentFolder, $sType);
        CreateXmlFooter();
        break;
    case 'GetFoldersAndFiles':
        CreateXmlHeader('GetFoldersAndFiles', $sCurrentFolder);
        GetFoldersAndFiles($sCurrentFolder, $sType);
        CreateXmlFooter();
        break;
    case 'CreateFolder':
        CreateXmlHeader('CreateFolder', $sCurrentFolder);
        CreateFolder($sCurrentFolder, $sType);
        CreateXmlFooter();