/**
* Implementation of hook_page.
* Zip current file/folder
*/
function ft_zip_page($act)
{
global $ft;
if ($act == 'zip') {
$_REQUEST['file'] = trim(ft_stripslashes($_REQUEST['file']));
// nom de fichier/repertoire
$zip = new zipfile();
if ($ft["plugins"]["zip"]["filebuffer"]) {
$zip->setOutFile($ft["plugins"]["zip"]["filebuffer"]);
}
$substr_base = strlen(ft_get_dir()) + 1;
foreach (ft_zip_getfiles(ft_get_dir() . '/' . $_REQUEST['file']) as $file) {
$filename = substr($file, $substr_base);
$filesize = filesize($file);
if ($filesize > 0) {
$fp = fopen($file, 'r');
$content = fread($fp, $filesize);
fclose($fp);
} else {
$content = '';
}
$zip->addfile($content, $filename);
}
if ($ft["plugins"]["zip"]["filebuffer"]) {
$zip->finish();
$filesize = filesize($ft["plugins"]["zip"]["filebuffer"]);
} else {
$archive = $zip->file();
$filesize = strlen($archive);
}
header('Content-Type: application/x-zip');
header('Content-Disposition: inline; filename="' . $_REQUEST['file'] . '.zip"');
header('Content-Length: ' . $filesize);
if ($ft["plugins"]["zip"]["filebuffer"]) {
readfile($ft["plugins"]["zip"]["filebuffer"]);
unlink($ft["plugins"]["zip"]["filebuffer"]);
} else {
echo $archive;
}
exit;
}
}
/**
* Run all system actions based on the value of $_REQUEST['act'].
*/
function ft_do_action()
{
if (!empty($_REQUEST['act'])) {
// Only one callback action is allowed. So only the first hook that acts on an action is run.
ft_invoke_hook('action', $_REQUEST['act']);
# mkdir
if ($_REQUEST['act'] == "createdir" && CREATE === TRUE) {
$_POST['newdir'] = trim($_POST['newdir']);
if ($_POST['type'] == 'file') {
// Check file against blacklists
if (strlen($_POST['newdir']) > 0 && ft_check_filetype($_POST['newdir']) && ft_check_file($_POST['newdir'])) {
// Create file.
$newfile = ft_get_dir() . "/{$_POST['newdir']}";
if (file_exists($newfile)) {
// Redirect
ft_set_message(t("File could not be created. File already exists."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
} elseif (@touch($newfile)) {
// Redirect.
ft_set_message(t("File created."));
ft_redirect("dir=" . $_REQUEST['dir']);
} else {
// Redirect
ft_set_message(t("File could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
} else {
// Redirect
ft_set_message(t("File could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
} elseif ($_POST['type'] == 'url') {
// Create from URL.
$newname = trim(substr($_POST['newdir'], strrpos($_POST['newdir'], '/') + 1));
if (strlen($newname) > 0 && ft_check_filetype($newname) && ft_check_file($newname)) {
// Open file handlers.
$rh = fopen($_POST['newdir'], 'rb');
if ($rh === FALSE) {
ft_set_message(t("Could not open URL. Possible reason: URL wrappers not enabled."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
$wh = fopen(ft_get_dir() . '/' . $newname, 'wb');
if ($wh === FALSE) {
ft_set_message(t("File could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
// Download anf write file.
while (!feof($rh)) {
if (fwrite($wh, fread($rh, 1024)) === FALSE) {
ft_set_message(t("File could not be saved."), 'error');
}
}
fclose($rh);
fclose($wh);
ft_redirect("dir=" . $_REQUEST['dir']);
} else {
// Redirect
ft_set_message(t("File could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
} else {
// Create directory.
// Check input.
// if (strstr($_POST['newdir'], ".")) {
// Throw error (redirect).
// ft_redirect("status=createddirfail&dir=".$_REQUEST['dir']);
// } else {
$_POST['newdir'] = ft_stripslashes($_POST['newdir']);
$newdir = ft_get_dir() . "/{$_POST['newdir']}";
$oldumask = umask(0);
if (strlen($_POST['newdir']) > 0 && @mkdir($newdir, DIRPERMISSION)) {
ft_set_message(t("Directory created."));
ft_redirect("dir=" . $_REQUEST['dir']);
} else {
// Redirect
ft_set_message(t("Directory could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
umask($oldumask);
// }
}
# Move
} elseif ($_REQUEST['act'] == "move" && ft_check_fileactions() === TRUE) {
// Check that both file and newvalue are set.
$file = trim(ft_stripslashes($_REQUEST['file']));
$dir = trim(ft_stripslashes($_REQUEST['newvalue']));
if (substr($dir, -1, 1) != "/") {
$dir .= "/";
}
// Check for level.
if (substr_count($dir, "../") <= substr_count(ft_get_dir(), "/") && ft_check_move($dir) === TRUE) {
$dir = ft_get_dir() . "/" . $dir;
if (!empty($file) && file_exists(ft_get_dir() . "/" . $file)) {
// Check that destination exists and is a directory.
if (is_dir($dir)) {
// Move file.
if (@rename(ft_get_dir() . "/" . $file, $dir . "/" . $file)) {
// Success.
ft_set_message(t("!old was moved to !new", array('!old' => $file, '!new' => $dir)));
ft_redirect("dir={$_REQUEST['dir']}");
} else {
// Error rename failed.
ft_set_message(t("!old could not be moved.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error dest. isn't a dir or doesn't exist.
ft_set_message(t("Could not move file. !old does not exist or is not a directory.", array('!old' => $dir)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error source file doesn't exist.
ft_set_message(t("!old could not be moved. It doesn't exist.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error level
ft_set_message(t("!old could not be moved outside the base directory.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# Delete
} elseif ($_REQUEST['act'] == "delete" && ft_check_fileactions() === TRUE) {
// Check that file is set.
$file = ft_stripslashes($_REQUEST['file']);
if (!empty($file) && ft_check_file($file)) {
if (is_dir(ft_get_dir() . "/" . $file)) {
if (DELETEFOLDERS == TRUE) {
ft_rmdir_recurse(ft_get_dir() . "/" . $file);
}
if (!@rmdir(ft_get_dir() . "/" . $file)) {
ft_set_message(t("!old could not be deleted.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
} else {
ft_set_message(t("!old deleted.", array('!old' => $file)));
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
if (!@unlink(ft_get_dir() . "/" . $file)) {
ft_set_message(t("!old could not be deleted.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
} else {
ft_set_message(t("!old deleted.", array('!old' => $file)));
ft_redirect("dir={$_REQUEST['dir']}");
}
}
} else {
ft_set_message(t("!old could not be deleted.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# Rename && Duplicate && Symlink
} elseif ($_REQUEST['act'] == "rename" || $_REQUEST['act'] == "duplicate" || $_REQUEST['act'] == "symlink" && ft_check_fileactions() === TRUE) {
// Check that both file and newvalue are set.
$old = trim(ft_stripslashes($_REQUEST['file']));
$new = trim(ft_stripslashes($_REQUEST['newvalue']));
if ($_REQUEST['act'] == 'rename') {
$m['typefail'] = t("!old was not renamed to !new (type not allowed).", array('!old' => $old, '!new' => $new));
$m['writefail'] = t("!old could not be renamed (write failed).", array('!old' => $old));
$m['destfail'] = t("File could not be renamed to !new since it already exists.", array('!new' => $new));
$m['emptyfail'] = t("File could not be renamed since you didn't specify a new name.");
} elseif ($_REQUEST['act'] == 'duplicate') {
$m['typefail'] = t("!old was not duplicated to !new (type not allowed).", array('!old' => $old, '!new' => $new));
$m['writefail'] = t("!old could not be duplicated (write failed).", array('!old' => $old));
$m['destfail'] = t("File could not be duplicated to !new since it already exists.", array('!new' => $new));
$m['emptyfail'] = t("File could not be duplicated since you didn't specify a new name.");
} elseif ($_REQUEST['act'] == 'symlink') {
$m['typefail'] = t("Could not create symlink to !old (type not allowed).", array('!old' => $old, '!new' => $new));
$m['writefail'] = t("Could not create symlink to !old (write failed).", array('!old' => $old));
$m['destfail'] = t("Could not create symlink !new since it already exists.", array('!new' => $new));
$m['emptyfail'] = t("Symlink could not be created since you didn't specify a name.");
}
if (!empty($old) && !empty($new)) {
if (ft_check_filetype($new) && ft_check_file($new)) {
// Make sure destination file doesn't exist.
if (!file_exists(ft_get_dir() . "/" . $new)) {
// Check that file exists.
if (is_writeable(ft_get_dir() . "/" . $old)) {
if ($_REQUEST['act'] == "rename") {
if (@rename(ft_get_dir() . "/" . $old, ft_get_dir() . "/" . $new)) {
// Success.
ft_set_message(t("!old was renamed to !new", array('!old' => $old, '!new' => $new)));
ft_redirect("dir={$_REQUEST['dir']}");
} else {
// Error rename failed.
ft_set_message(t("!old could not be renamed.", array('!old' => $old)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} elseif ($_REQUEST['act'] == 'symlink') {
if (ADVANCEDACTIONS == TRUE) {
if (@symlink(realpath(ft_get_dir() . "/" . $old), ft_get_dir() . "/" . $new)) {
@chmod(ft_get_dir() . "/{$new}", PERMISSION);
// Success.
ft_set_message(t("Created symlink !new", array('!old' => $old, '!new' => $new)));
ft_redirect("dir={$_REQUEST['dir']}");
} else {
// Error symlink failed.
ft_set_message(t("Symlink to !old could not be created.", array('!old' => $old)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
}
} else {
if (@copy(ft_get_dir() . "/" . $old, ft_get_dir() . "/" . $new)) {
// Success.
ft_set_message(t("!old was duplicated to !new", array('!old' => $old, '!new' => $new)));
ft_redirect("dir={$_REQUEST['dir']}");
} else {
// Error rename failed.
ft_set_message(t("!old could not be duplicated.", array('!old' => $old)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
}
} else {
// Error old file isn't writeable.
ft_set_message($m['writefail'], 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error destination exists.
ft_set_message($m['destfail'], 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error file type not allowed.
ft_set_message($m['typefail'], 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error. File name not set.
ft_set_message($m['emptyfail'], 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# upload
} elseif ($_REQUEST['act'] == "upload" && ft_check_upload() === TRUE && (LIMIT <= 0 || LIMIT > ROOTDIRSIZE)) {
// If we are to upload a file we will do so.
$msglist = 0;
foreach ($_FILES as $k => $c) {
if (!empty($c['name'])) {
$c['name'] = ft_stripslashes($c['name']);
if ($c['error'] == 0) {
// Upload was successfull
if (ft_validate_filename($c['name']) && ft_check_filetype($c['name']) && ft_check_file($c['name'])) {
if (file_exists(ft_get_dir() . "/{$c['name']}")) {
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("File already exists"), 'error');
} else {
if (@move_uploaded_file($c['tmp_name'], ft_get_dir() . "/{$c['name']}")) {
@chmod(ft_get_dir() . "/{$c['name']}", PERMISSION);
// Success!
$msglist++;
ft_set_message(t('!file was uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))));
ft_invoke_hook('upload', ft_get_dir(), $c['name']);
} else {
// File couldn't be moved. Throw error.
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("File couldn't be moved"), 'error');
}
}
} else {
// File type is not allowed. Throw error.
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("File type not allowed"), 'error');
}
} else {
// An error occurred.
switch ($_FILES["localfile"]["error"]) {
case 1:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("The file was too large"), 'error');
break;
case 2:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("The file was larger than MAXSIZE setting."), 'error');
break;
case 3:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("Partial upload. Try again"), 'error');
break;
case 4:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("No file was uploaded. Please try again"), 'error');
break;
default:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("Unknown error"), 'error');
break;
}
}
}
}
if ($msglist > 0) {
ft_redirect("dir=" . $_REQUEST['dir']);
} else {
ft_set_message(t("Upload failed."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
# Unzip
} elseif ($_REQUEST['act'] == "unzip" && ft_check_fileactions() === TRUE) {
// Check that file is set.
$file = ft_stripslashes($_REQUEST['file']);
if (!empty($file) && ft_check_file($file) && ft_check_filetype($file) && strtolower(ft_get_ext($file)) == 'zip' && is_file(ft_get_dir() . "/" . $file)) {
$escapeddir = escapeshellarg(ft_get_dir() . "/");
$escapedfile = escapeshellarg(ft_get_dir() . "/" . $file);
if (!@exec("unzip -n " . $escapedfile . " -d " . $escapeddir)) {
ft_set_message(t("!old could not be unzipped.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
} else {
ft_set_message(t("!old unzipped.", array('!old' => $file)));
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
ft_set_message(t("!old could not be unzipped.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# chmod
} elseif ($_REQUEST['act'] == "chmod" && ft_check_fileactions() === TRUE && ADVANCEDACTIONS == TRUE) {
// Check that file is set.
$file = ft_stripslashes($_REQUEST['file']);
if (!empty($file) && ft_check_file($file) && ft_check_filetype($file)) {
// Check that chosen permission i valid
if (is_numeric($_REQUEST['newvalue'])) {
$chmod = $_REQUEST['newvalue'];
if (substr($chmod, 0, 1) == '0') {
$chmod = substr($chmod, 0, 4);
} else {
$chmod = '0' . substr($chmod, 0, 3);
}
// Chmod
if (@chmod(ft_get_dir() . "/" . $file, intval($chmod, 8))) {
ft_set_message(t("Permissions changed for !old.", array('!old' => $file)));
ft_redirect("dir={$_REQUEST['dir']}");
clearstatcache();
} else {
ft_set_message(t("Could not change permissions for !old.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
ft_set_message(t("Could not change permissions for !old.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
ft_set_message(t("Could not change permissions for !old.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# logout
} elseif ($_REQUEST['act'] == "logout") {
ft_invoke_hook('logout', $_SESSION['ft_user_' . MUTEX]);
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
session_destroy();
// Delete persistent cookie
setcookie('ft_user_' . MUTEX, '', time() - 3600);
ft_redirect();
}
}
}
/**
* Implementation of hook_ajax.
*/
function ft_edit_ajax($act)
{
if ($act == 'saveedit') {
// Do save file.
$file = trim(ft_stripslashes($_POST["file"]));
// Check if file type can be edited.
if (ft_check_dir(ft_get_dir()) && ft_check_edit($file) && ft_check_fileactions() === TRUE && ft_check_filetype($file) && ft_check_filetype($file)) {
$filecontent = ft_stripslashes($_POST["filecontent"]);
if ($_POST["convertspaces"] != "") {
$filecontent = str_replace(" ", "\t", $filecontent);
}
if (is_writeable(ft_get_dir() . "/{$file}")) {
$fp = @fopen(ft_get_dir() . "/{$file}", "wb");
if ($fp) {
fputs($fp, $filecontent);
fclose($fp);
// edit
echo '<p class="ok">' . t("!old was saved.", array('!old' => $file)) . '</p>';
} else {
// editfilefail
echo '<p class="error">' . t("!old could not be edited.", array('!old' => $file)) . '</p>';
}
} else {
// editfilefail
echo '<p class="error">' . t("!old could not be edited.", array('!old' => $file)) . '</p>';
}
} else {
// edittypefail
echo '<p class="error">' . t("Could not edit file. This file type is not editable.") . '</p>';
}
} elseif ($act == 'edit_get_lock') {
ft_edit_lock_set($_POST['file'], $_POST['dir'], $_SESSION['ft_user_' . MUTEX]);
echo 'File locked.';
}
}
