/** * Getter the resource value; * @var string $resourceName the resource key; * @var array $dictionary dictionary name; * @var array $args array with optional parameters for sprintf functions. * @return string; * @access public */ function KT_getResource($resourceName = 'default', $dictionary = 'default', $args = array()) { if (!isset($GLOBALS['interakt']['resources'])) { $GLOBALS['interakt']['resources'] = array(); } $dictionaryFileName = KT_realpath(dirname(realpath(__FILE__)) . '/../../../resources/') . '%s.res.php'; $resourceValue = $resourceName; if (!isset($GLOBALS['interakt']['resources'][$dictionary])) { @(include sprintf($dictionaryFileName, $dictionary)); if (isset($res)) { $GLOBALS['interakt']['resources'][$dictionary] = $res; unset($res); } @(include sprintf($dictionaryFileName, $dictionary . "_pro")); if (isset($res)) { $GLOBALS['interakt']['resources'][$dictionary] = array_merge($GLOBALS['interakt']['resources'][$dictionary], $res); } } if (isset($GLOBALS['interakt']['resources'][$dictionary][$resourceName])) { $resourceValue = $GLOBALS['interakt']['resources'][$dictionary][$resourceName]; } else { /*if (trim($resourceName) != "" && trim($resourceName) != "%s") { die("<br />Resource '".$resourceName."' not defined in dictionary '".$dictionary."'.<br />"); }*/ if (substr($resourceValue, -2) == "_D") { $resourceValue = substr($resourceValue, 0, -2); } } if (count($args) > 0) { array_unshift($args, $resourceValue); $resourceValue = call_user_func_array('sprintf', $args); } return $resourceValue; }
/** * Checks if a file specified by the dynamic folder and dynamic file expressions exists * @param string $dynamicFolder the folder name (may be a tNG dynamic expression) * @param string $dynamicFileName the file name (may be a tNG dynamic expression) * @return boolean * true if the file exists, * false if the file does not exist */ function tNG_fileExists($dynamicFolder, $dynamicFileName) { $ret = false; $folder = KT_DynamicData($dynamicFolder, null); $fileName = KT_DynamicData($dynamicFileName, null); if ($fileName != "") { $folder = KT_realpath($folder); $relPath = KT_realpath($folder . $fileName, false); $ret = file_exists($relPath); } return $ret; }
/** * verify the upload folder is not out of the base folder; * @return boolean * @access public */ function checkSecurity() { // security $base = KT_realpath($this->baseFolder, true); $fullFolder = KT_realpath(str_replace('{' . $this->pk . '}', 1, $this->baseFolder . $this->folder)); if (substr($fullFolder, 0, strlen($base)) != $base) { return false; } if (strpos($fullFolder, '{') !== false) { return false; } return true; }
/** * Setter. Sets the attachmetns * Only for PRO version * @param string rename rule * @access public */ function setAttachmentRenameRule($renameRule) { if ($this->type == 'recordset' && $this->error == '') { if (!isset($GLOBALS[$this->rsName])) { $this->error = new tNG_error('EMAIL_ERROR_RECORDSET', array(), array($this->rsName)); return; } $recordset =& $GLOBALS[$this->rsName]; if (is_resource($recordset)) { $rs = new KT_Recordset($recordset); } else { $rs =& $recordset; } $rs->MoveFirst(); while (!$rs->EOF) { $GLOBALS["row_" . $this->rsName] = $rs->fields; $renameRule2 = KT_DynamicData($renameRule, null, null, false, array()); // security if (substr(KT_realpath($this->folder . $renameRule2, false), 0, strlen($this->folder)) != $this->folder) { $this->error = new tNG_error("EMAIL_ERROR_FOLDER", array(), array(KT_realpath($this->folder . $renameRule2, false), $this->folder)); break; } else { if (is_file($this->folder . $renameRule2)) { $this->attachments[] = $this->folder . $renameRule2; } } $rs->MoveNext(); } $rs->MoveFirst(); } else { if ($this->type == 'custom' && $this->error == '') { $renameRule = KT_DynamicData($renameRule, $this->getTng(), $this->escapeMethod, $this->getUseSavedData(), array()); // security if (substr(KT_realpath($this->folder . $renameRule, false), 0, strlen($this->folder)) != $this->folder) { $this->error = new tNG_error("EMAIL_ERROR_FOLDER", array(), array(KT_realpath($this->folder . $renameRule, false), $this->folder)); } else { if (is_file($this->folder . $renameRule)) { $this->attachments[] = $this->folder . $renameRule; } } } } $this->type = ''; $this->folder = ''; $this->rsName = ''; }
/** * Handle the uploaded file by moving it to a destination file. * The destination file = folder + fileName * @param string fileName the name for saving the uploaded file; * @param string $oldFileName the previous file name, or null on insert * @return string file name if succeded or null if not; * @access public */ function uploadFile($fileName, $oldFileName = "") { if ($this->hasError()) { return; } $this->checkUpload(); $this->checkFolder(); $this->checkSize(); $this->checkExtensions(); $this->checkFileName($fileName); if ($this->hasError()) { return; } if ($this->fileExists) { $folder = KT_realpath($this->folder); $fileName = KT_replaceSpecialChars($fileName, 'filter'); $destinationName = KT_realpath($folder . $fileName, false); if (file_exists($destinationName)) { if (strtolower($fileName) != strtolower($oldFileName)) { // if the destination file really exists if (!$this->autoRename) { $this->setError('UPLOAD_FILE_EXISTS', array(), array($fileName)); return; } else { $destinationName = $this->getTempName($destinationName); } } } if ($oldFileName != '') { @unlink($folder . DIRECTORY_SEPARATOR . $oldFileName); } if (!@move_uploaded_file($this->fileInfo['tmp_name'], $destinationName)) { unlink($this->fileInfo['tmp_name']); $this->setError('PHP_UPLOAD_MOVE_TMP_ERROR', array(), array()); return; } else { $arr = split("[\\/]", $destinationName); $this->destinationName = $destinationName; KT_setFilePermissions($this->destinationName); return array_pop($arr); } } }
/** * Main class method. Resize the image and apply the watermark; * @return string error string or url to thumbnail * @access public */ function Execute() { $ret = ""; $relpath = $this->relpath; $folder = KT_TransformToUrlPath($this->folder); $fileName = KT_DynamicData($this->renameRule, null); $fileName = KT_TransformToUrlPath($fileName, false); $fullFolder = KT_realpath($folder, true); $fullFileName = KT_realpath($fullFolder . $fileName, false); $path_info = KT_pathinfo($fullFileName); $thumbnailFolder = $path_info['dirname'] . '/thumbnails/'; if (substr($fullFileName, 0, strlen($fullFolder)) != $fullFolder) { if ($GLOBALS['tNG_debug_mode'] == 'DEVELOPMENT') { $baseFileName = dirname($fullFileName); $errorMsg = KT_getResource("FOLDER_DEL_SECURITY_ERROR_D", "tNG", array($baseFileName, $fullFolder)); $ret = $relpath . "includes/tng/styles/cannot_thumbnail.gif\" />" . $errorMsg . "<img style=\"display:none\" src=\"" . $relpath . "includes/tng/styles/cannot_thumbnail.gif"; } else { $ret = $relpath . "includes/tng/styles/cannot_thumbnail.gif"; } } else { if ($this->getFileName() !== false) { // make the resize $proportional = $this->keepProportion; $width = $this->width; $height = $this->height; if (!$this->watermark) { $thumbnailName = $path_info['filename'] . '_' . $width . 'x' . $height . (isset($path_info['extension']) ? '.' . $path_info['extension'] : ''); } else { $hash = tNG_watermarkHash(KT_realpath($this->watermarkImage, false), $this->watermarkAlpha, $this->watermarkResize, $this->watermarkAlignment); $thumbnailName = $path_info['filename'] . '_' . $width . 'x' . $height . '_w_' . $hash . (isset($path_info['extension']) ? '.' . $path_info['extension'] : ''); } $thumbnailFullName = $thumbnailFolder . $thumbnailName; if (!file_exists(KT_realpath($thumbnailFullName, false))) { $imageObj = new KT_image(); $imageObj->setPreferedLib($GLOBALS['tNG_prefered_image_lib']); $imageObj->addCommand($GLOBALS['tNG_prefered_imagemagick_path']); $imageObj->thumbnail($fullFileName, $thumbnailFolder, $thumbnailName, (int) $width, (int) $height, $proportional); if ($imageObj->hasError()) { $errorArr = $imageObj->getError(); if ($GLOBALS['tNG_debug_mode'] == 'DEVELOPMENT') { $errMsg = $errorArr[1]; $ret = $relpath . "includes/tng/styles/cannot_thumbnail.gif\" />" . $errMsg . "<img style=\"display:none\" src=\"" . $relpath . "includes/tng/styles/cannot_thumbnail.gif"; } else { $ret = $relpath . "includes/tng/styles/cannot_thumbnail.gif"; } return $ret; } else { // apply watermark if ($this->watermark) { // delete other watermarks for same picture tNG_deleteThumbnails($thumbnailFolder, $path_info['filename'] . '_' . $width . 'x' . $height, $hash); $imageObj = new KT_image(); $imageObj->setPreferedLib($GLOBALS['tNG_prefered_image_lib']); $imageObj->addCommand($GLOBALS['tNG_prefered_imagemagick_path']); $imageObj->watermark($thumbnailFullName, $thumbnailFullName, KT_realpath($this->watermarkImage, false), $this->watermarkAlpha, $this->watermarkResize, $this->watermarkAlignment); if ($imageObj->hasError()) { @unlink($thumbnailFullName); $arrError = $imageObj->getError(); $errObj = new tNG_error('IMG_WATERMARK', array(), array($arrError[1])); if ($GLOBALS['tNG_debug_mode'] == 'DEVELOPMENT') { $errMsg = $arrError[1]; $ret = $relpath . "includes/tng/styles/cannot_thumbnail.gif\" />" . $errMsg . "<img style=\"display:none\" src=\"" . $relpath . "includes/tng/styles/cannot_thumbnail.gif"; } else { $ret = $relpath . "includes/tng/styles/cannot_thumbnail.gif"; } return $ret; } } } $thumbnailURL = $this->folder . KT_DynamicData($this->renameRule, null); $thumbnailURL = dirname($thumbnailURL) . "/thumbnails/" . $thumbnailName; $ret = KT_CanonizeRelPath($thumbnailURL); if (!$imageObj->hasError()) { //$ret .= '?' . md5(filectime($ret)); } } else { $thumbnailURL = $this->folder . KT_DynamicData($this->renameRule, null); $thumbnailURL = dirname($thumbnailURL) . "/thumbnails/" . $thumbnailName; $ret = KT_CanonizeRelPath($thumbnailURL); } } else { $ret = $relpath . "includes/tng/styles/img_not_found.gif"; } } return $ret; }
/** * Main class method. Return a fake recordset. * @var string * @access private */ function Execute() { $relFolder = KT_DynamicData($this->folder, '', '', false, array(), false); $relFolder = KT_TransformToUrlPath($relFolder, true); if (substr($relFolder, 0, 1) == '/') { $relFolder = substr($relFolder, 1); } $fullFolderPath = KT_realpath($this->baseFolder . $relFolder, true); if (substr($fullFolderPath, 0, strlen($this->baseFolder)) != $this->baseFolder) { if (isset($GLOBALS['tNG_debug_mode']) && $GLOBALS['tNG_debug_mode'] == "DEVELOPMENT") { die("Security error. The folder '" . $fullFolderPath . "' is out of base folder '" . $this->baseFolder . "'"); } else { die("Security error. Access to this folder is forbidden."); } } $this->path = $fullFolderPath; $noOfEntries = 0; $startCountEntries = $this->page * $this->recordsPerPage; $this->totalNo = 0; if (file_exists($this->path)) { //read folders $folder = new KT_folder(); $entries = $folder->readFolder($this->path, true); if ($folder->hasError()) { $err = $folder->getError(); if (isset($GLOBALS['tNG_debug_mode']) && $GLOBALS['tNG_debug_mode'] == "DEVELOPMENT") { $this->error = $err[1]; } else { $this->error = $err[0]; } } $this->filesArr = $entries['files']; $tmpFilesArr = array(); $tmpArr = array(); for ($i = 0; $i < count($this->filesArr); $i++) { $this->filesArr[$i]['fullname'] = $relFolder . $this->filesArr[$i]['name']; $path_info = KT_pathinfo($this->filesArr[$i]['name']); $this->filesArr[$i]['extension'] = $path_info['extension']; $filetime = filectime($this->path . $this->filesArr[$i]['name']); $this->filesArr[$i]['date'] = $filetime; if (in_array(strtolower($this->filesArr[$i]['extension']), $this->allowedExtensions) || in_array("*", $this->allowedExtensions)) { $tmpArr[] = $this->filesArr[$i][$this->orderField]; $tmpFilesArr[] = $this->filesArr[$i]; } } $this->filesArr = $tmpFilesArr; $this->Sort($tmpArr); $this->totalNo = count($this->filesArr); if ($this->recordsPerPage > 0) { $from = $this->page * $this->recordsPerPage; $this->filesArr = array_slice($this->filesArr, $from, $this->recordsPerPage); } for ($i = 0; $i < count($this->filesArr); $i++) { $this->filesArr[$i]['date'] = KT_convertDate(date("Y-m-d H:i:s", $this->filesArr[$i]['date']), "yyyy-mm-dd HH:ii:ss", $GLOBALS['KT_screen_date_format'] . ' ' . $GLOBALS['KT_screen_time_format_internal']); } // create fake recordset $this->filesArr = $this->formatData($this->filesArr); } $KT_FakeRecordset = new KT_FakeRecordset($this->conn); $ret = $KT_FakeRecordset->getFakeRecordset($this->filesArr); if ($ret === NULL) { if (isset($GLOBALS['tNG_debug_mode']) && $GLOBALS['tNG_debug_mode'] == "DEVELOPMENT") { die("Internal error: cannot create fake recordset. " . $KT_FakeRecordset->getError()); } else { die("Internal error: cannot create fake recordset."); } } return $ret; }
/** * Prepare the hash values and store it in the session; Return the calculated link. * @return string url for download the file * @access public */ function getDownloadLink() { $this->preparedFolder = $this->folder; //security $fullFolderPath = KT_realpath($this->preparedFolder, true); $fullFilePath = KT_DynamicData($this->renameRule, null); $fullFilePath = KT_realpath($this->preparedFolder . $fullFilePath, true); if (substr($fullFilePath, 0, strlen($fullFolderPath)) != $fullFolderPath) { $this->setError(new tNG_error("FOLDER_DEL_SECURITY_ERROR", array(), array($fullFolderPath, $fullFilePath))); return $this->relPath . 'includes/tng/pub/tNG_download4.php'; } $url = ''; if (!isset($_SESSION['tng_download'])) { $_SESSION['tng_download'] = array(); } if (!isset($_SESSION['tng_download'][$this->reference])) { $_SESSION['tng_download'][$this->reference] = array(); } // sets the common values; if (!$this->isSetted) { $_SESSION['tng_download'][$this->reference]['properties'] = array(); $_SESSION['tng_download'][$this->reference]['properties']['time'] = time(); $_SESSION['tng_download'][$this->reference]['properties']['table'] = $this->table; if (isset($this->pk['field']) && isset($this->pk['type'])) { $_SESSION['tng_download'][$this->reference]['properties']['pk_c'] = array('field' => $this->pk['field'], 'type' => $this->pk['type']); } else { $_SESSION['tng_download'][$this->reference]['properties']['pk_c'] = array(); } $_SESSION['tng_download'][$this->reference]['properties']['counterField'] = $this->counterField; $_SESSION['tng_download'][$this->reference]['properties']['tableMtm'] = $this->tableMtm; if (isset($this->pkMtm['field']) && isset($this->pkMtm['type'])) { $_SESSION['tng_download'][$this->reference]['properties']['pkMtm_c'] = array('field' => $this->pkMtm['field'], 'type' => $this->pkMtm['type']); } else { $_SESSION['tng_download'][$this->reference]['properties']['pkMtm_c'] = array(); } if (isset($this->fkMtm['field']) && isset($this->fkMtm['type'])) { $_SESSION['tng_download'][$this->reference]['properties']['fkMtm_c'] = array('field' => $this->fkMtm['field'], 'type' => $this->fkMtm['type']); } else { $_SESSION['tng_download'][$this->reference]['properties']['fkMtm_c'] = array(); } $_SESSION['tng_download'][$this->reference]['properties']['counterFieldMtm'] = $this->counterFieldMtm; $_SESSION['tng_download'][$this->reference]['properties']['maxCounterFieldMtm'] = $this->maxCounterFieldMtm; $_SESSION['tng_download'][$this->reference]['properties']['maxCounterValueMtm'] = $this->maxCounterValueMtm; $_SESSION['tng_download'][$this->reference]['properties']['conn'] = $this->connName; $_SESSION['tng_download'][$this->reference]['properties']['relPath'] = $this->relPath; $_SESSION['tng_download'][$this->reference]['properties']['backUri'] = KT_getFullUri(); $_SESSION['tng_download'][$this->reference]['files'] = array(); $this->isSetted = true; } // set the class members in hash session to use in the download page; $hash = md5(uniqid("", true)); $_SESSION['tng_download'][$this->reference]['files'][$hash] = array(); $_SESSION['tng_download'][$this->reference]['files'][$hash]['folder'] = $this->preparedFolder; $_SESSION['tng_download'][$this->reference]['files'][$hash]['fileName'] = KT_DynamicData($this->renameRule, null); if (isset($this->pk['reference']) && $this->pk['reference'] != '') { $_SESSION['tng_download'][$this->reference]['files'][$hash]['pk'] = KT_DynamicData($this->pk['reference'], null); } if (isset($this->pkMtm['reference']) && $this->pkMtm['reference'] != '') { $_SESSION['tng_download'][$this->reference]['files'][$hash]['pkMtm'] = KT_DynamicData($this->pkMtm['reference'], null); } if (isset($this->fkMtm['field']) && $this->fkMtm['field'] != '' && isset($_SESSION['kt_login_id'])) { $_SESSION['tng_download'][$this->reference]['files'][$hash]['fkMtm'] = $_SESSION['kt_login_id']; } $url = $this->relPath . 'includes/tng/pub/tNG_download4.php'; $arr = array(); foreach ($_GET as $key => $val) { if (!preg_match("/^KT_download/is", $key)) { $arr[] = $key . '=' . $val; } } $url .= '?' . implode('&', $arr); $url = KT_addReplaceParam($url, $this->reference, $hash); return $url; }
/** * the main method, execute the code of the class; * Upload the file, set the file name in transaction; * return mix null or error object * @access public */ function Execute() { if ($this->tNG->getTransactionType() == "_import") { $this->tNG->uploadObj =& $this; } $ret = null; if ($this->dbFieldName != '') { $oldFileName = $this->tNG->getSavedValue($this->dbFieldName); $saveFileName = $this->tNG->getColumnValue($this->dbFieldName); if ($this->tNG->getColumnType($this->dbFieldName) != 'FILE_TYPE') { $errObj = new tNG_error('FILE_UPLOAD_WRONG_COLTYPE', array(), array($this->dbFieldName)); $errObj->addFieldError($this->dbFieldName, 'FILE_UPLOAD_WRONG_COLTYPE_D', array($this->dbFieldName)); return $errObj; } } else { $oldFileName = KT_DynamicData($this->renameRule, $this->tNG, '', true); if (isset($this->tNG->multipleIdx)) { $saveFileName = @$_FILES[$this->formFieldName . "_" . $this->tNG->multipleIdx]['name']; } else { $saveFileName = @$_FILES[$this->formFieldName]['name']; } } $this->dynamicFolder = KT_DynamicData($this->folder, $this->tNG, '', false); $arrArgs = array(); $autoRename = false; switch ($this->rename) { case 'auto': $autoRename = true; break; case 'none': break; case 'custom': $path_info = KT_pathinfo($saveFileName); $arrArgs = array('KT_name' => $path_info['filename'], 'KT_ext' => $path_info['extension']); $saveFileName = KT_DynamicData($this->renameRule, $this->tNG, '', false, $arrArgs); break; default: die('INTERNAL ERROR: Unknown upload rename method.'); } if (tNG_isFileInsideBaseFolder($this->folder, $saveFileName) === false) { $baseFileName = dirname(KT_realPath($this->dynamicFolder . $saveFileName, false)); return new tNG_error("FOLDER_DEL_SECURITY_ERROR", array(), array($baseFileName, tNG_getBaseFolder($this->folder))); } // Upload File $fileUpload = new KT_fileUpload(); if (isset($this->tNG->multipleIdx)) { $fileUpload->setFileInfo($this->formFieldName . "_" . $this->tNG->multipleIdx); } else { $fileUpload->setFileInfo($this->formFieldName); } $fileUpload->setFolder($this->dynamicFolder); $fileUpload->setRequired(false); $fileUpload->setAllowedExtensions($this->allowedExtensions); $fileUpload->setAutoRename($autoRename); $fileUpload->setMaxSize($this->maxSize); $this->uploadedFileName = $fileUpload->uploadFile($saveFileName, $oldFileName); $updateDB = basename($this->uploadedFileName); if ($fileUpload->hasError()) { $arrError = $fileUpload->getError(); $errObj = new tNG_error('FILE_UPLOAD_ERROR', array($arrError[0]), array($arrError[1])); if ($this->dbFieldName != '') { $errObj->addFieldError($this->dbFieldName, '%s', array($arrError[0])); } $ret = $errObj; } else { $this->dynamicFolder = KT_realpath($this->dynamicFolder); if ($this->uploadedFileName == "") { //Check if for update we need to rename file if ($this->rename == "custom") { $path_info = KT_pathinfo($oldFileName); $arrArgs['KT_ext'] = $path_info['extension']; } $tmpFileName = KT_DynamicData($this->renameRule, $this->tNG, '', false, $arrArgs); if ($tmpFileName != "" && $oldFileName != "" && $tmpFileName != $oldFileName) { if (file_exists($this->dynamicFolder . $oldFileName)) { if (@rename($this->dynamicFolder . $oldFileName, $this->dynamicFolder . $tmpFileName) === true) { $this->uploadedFileName = $tmpFileName; $updateDB = basename($this->uploadedFileName); } else { $ret = new tNG_error('FILE_UPLOAD_RENAME', array(), array($this->dynamicFolder . $oldFileName, $this->dynamicFolder . $tmpFileName)); } } } } if ($ret === null) { if ($this->tNG->getTransactionType() == "_insert" || $this->tNG->getTransactionType() == "_multipleInsert") { $this->tNG->registerTrigger('ERROR', 'Trigger_Default_RollBack', 1, $this); } $this->deleteThumbnails($this->dynamicFolder . 'thumbnails' . DIRECTORY_SEPARATOR, $oldFileName); if ($this->uploadedFileName != '') { $this->deleteThumbnails($this->dynamicFolder . 'thumbnails' . DIRECTORY_SEPARATOR, $this->uploadedFileName); } if ($this->dbFieldName != '' && $this->uploadedFileName != "") { $ret = $this->tNG->afterUpdateField($this->dbFieldName, $updateDB); } } if ($ret === null && $this->dbFieldName != "") { $this->tNG->setRawColumnValue($this->dbFieldName, $updateDB); } } $this->errObj = $ret; return $ret; }
/** * Main class methode * @return mixt null or error object in case of error; * @access public */ function Execute() { if ($this->validReplacement === false) { $ret = new tNG_error("FOLDER_DEL_SECURITY_ERROR", array(), array($this->fullFolder, $this->baseFolder)); return $ret; } $this->fullFolder = KT_realpath($this->baseFolder . $this->folder); // security if (substr($this->fullFolder, 0, strlen($this->baseFolder)) != $this->baseFolder) { $ret = new tNG_error("FOLDER_DEL_SECURITY_ERROR", array(), array($this->fullFolder, $this->baseFolder)); return $ret; } $ret = null; if (!file_exists($this->fullFolder)) { return $ret; } $folder = new KT_Folder(); // delete thumbnails; $folder->deleteFolderNR($this->fullFolder); if ($folder->hasError()) { $arr = $folder->getError(); $ret = new tNG_error("FOLDER_DEL_ERROR", array($arr[0]), array($arr[1])); return $ret; } return $ret; }
/** * copy a folder * @param string $folder the path to the folder * @param string $parentFolder the parent of the copied folder * @return nothing * @access public */ function copyFolder($folder, $parentFolder) { $folder = $this->preparePath($folder); $folder = KT_realpath($folder); $parentFolder = $this->preparePath($parentFolder); $parentFolder = KT_realpath($parentFolder); if (!$this->checkRights($folder, 'read')) { $this->setError('PHP_FOLDER_COPY_RIGHTS', array(), array($folder)); return; } if (!$this->checkRights($parentFolder, 'write')) { $this->setError('PHP_FOLDER_COPY_RIGHTS', array(), array($parentFolder)); return; } $destFolder = $parentFolder . basename($folder); $this->createFolder($destFolder); if ($this->hasError()) { $err = $this->getError(); $this->setError('PHP_FOLDER_COPY', array(), array($destFolder, $err[1])); return; } $destFolder = KT_realpath($destFolder); $d = dir($folder); while (false !== ($entry = $d->read())) { if ($entry == '.' || $entry == '..') { continue; } if (is_dir($folder . $entry)) { $this->copyFolder($folder . $entry, $destFolder); } else { @copy($folder . $entry, $destFolder . $entry); KT_setFilePermissions($destFolder . $entry); } } $d->close(); }
/** * contruct the SQL and execute it. it is using as value for the field the primarey key value from the transaction; * return mix null or error object; * @access public */ function Execute() { $pk_value = $this->tNG->getPrimaryKeyValue(); $pk_type = $this->tNG->getColumnType($this->tNG->getPrimaryKey()); $pk_value = KT_escapeForSql($pk_value, $pk_type); if (count($this->fileRenameRule) > 0 || count($this->folderRenameRule) > 0) { $sql = 'SELECT * FROM ' . $this->table . ' WHERE ' . KT_escapeFieldName($this->field) . " = " . $pk_value; $rs = $this->tNG->connection->Execute($sql); if ($rs === false) { return new tNG_error('DEL_DR_SQL_ERROR', array(), array($this->tNG->connection->ErrorMsg(), $sql)); } if ($rs->RecordCount() == 0) { return null; } } // prepare to delete files if (count($this->fileRenameRule) > 0) { $fullFileName = array(); $fullFileNameFolder = array(); for ($i = 0; $i < count($this->fileRenameRule); $i++) { while (!$rs->EOF) { $arr = array(); foreach ($rs->fields as $col => $value) { $arr[$col] = $value; } $folder = $this->fileFolder[$i]; $fileName = KT_DynamicData($this->fileRenameRule[$i], $this->tNG, '', false, $arr); // security if (substr(KT_realpath($folder . $fileName), 0, strlen($folder)) != $folder) { $baseFileName = dirname(KT_realpath($folder . $fileName, false)); $ret = new tNG_error("FOLDER_DEL_SECURITY_ERROR", array(), array($baseFileName, $folder)); return $ret; } $fullFileName[] = $fileName; $fullFileNameFolder[] = $folder; $rs->MoveNext(); } $rs->MoveFirst(); } } // prepare to delete related folders if (count($this->folderRenameRule) > 0) { $relatedFolder = array(); for ($i = 0; $i < count($this->folderRenameRule); $i++) { while (!$rs->EOF) { $arr = array(); foreach ($rs->fields as $col => $value) { $arr[$col] = $value; } $folder = $this->folder[$i]; $f = KT_DynamicData($this->folderRenameRule[$i], $this->tNG, '', false, $arr); // security if (substr(KT_realpath($folder . $f), 0, strlen($folder)) != $folder) { $baseFileName = dirname(KT_realpath($folder . $f, false)); $ret = new tNG_error("FOLDER_DEL_SECURITY_ERROR", array(), array($baseFileName, $folder)); return $ret; } $relatedFolder[] = $folder . $f; $rs->MoveNext(); } $rs->MoveFirst(); } } // delete reocords $sql = "DELETE FROM " . $this->table . " WHERE " . KT_escapeFieldName($this->field) . " = " . $pk_value; $ret = $this->tNG->connection->Execute($sql); if ($ret === false) { return new tNG_error('DEL_DR_SQL_ERROR', array(), array($this->tNG->connection->ErrorMsg(), $sql)); } // delete files if (count($this->fileRenameRule) > 0) { for ($i = 0; $i < count($fullFileName); $i++) { if (file_exists($fullFileNameFolder[$i] . $fullFileName[$i])) { $delRet = @unlink($fullFileNameFolder[$i] . $fullFileName[$i]); $path_info = KT_pathinfo($fullFileNameFolder[$i] . $fullFileName[$i]); $this->deleteThumbnails($path_info['dirname'] . '/thumbnails/', $path_info['basename']); } } } // delete related folder if (count($this->folderRenameRule) > 0) { for ($i = 0; $i < count($relatedFolder); $i++) { $folder = new KT_Folder(); // delete thumbnails $folder->deleteFolderNR($relatedFolder[$i]); } } return null; }
/** * Getter. * @return string error string or object string * @access public */ function getSwfPath() { $ret = ''; $folder = $this->folder; $fileName = KT_DynamicData($this->renameRule, null); // security $base = KT_realpath($folder, true); if (substr(KT_realpath($base . $fileName), 0, strlen($base)) != $base) { return $ret; } $path_info = KT_pathinfo($folder . $fileName); $ret = $path_info['dirname'] . '/' . $path_info['filename']; return $ret; }
/** * the main method, execute the code of the class * return mix null or error object * @access public */ function Execute() { $ret = NULL; $baseFolder = KT_realpath($this->baseFolder); if ($this->rename == false && $this->dbFieldName != '') { $fileName = $this->tNG->getSavedValue($this->dbFieldName); } else { $fileName = KT_DynamicData($this->renameRule, $this->tNG, '', true); } $folder = KT_DynamicData($this->folder, $this->tNG, '', true); // security if (substr(KT_realpath($baseFolder . $folder . $fileName), 0, strlen($baseFolder)) != $baseFolder) { $ret = new tNG_error("FOLDER_DEL_SECURITY_ERROR", array(), array(dirname(KT_realpath($baseFolder . $folder . $fileName, false)), $baseFolder)); return $ret; } if ($fileName != "") { $fullFileName = $baseFolder . $folder . $fileName; if (file_exists($fullFileName)) { $delRet = @unlink($fullFileName); if ($delRet !== true) { $ret = new tNG_error('FILE_DEL_ERROR', array(), array($fullFileName)); $ret->setFieldError($this->fieldName, 'FILE_DEL_ERROR_D', array($fullFileName)); } else { $path_info = KT_pathinfo($fullFileName); $this->deleteThumbnails($path_info['dirname'] . '/thumbnails/', $path_info['basename']); } } } return $ret; }