/** * Function getListOfFiles * @description "To generate File list given a folder" * @param dir Name of the directory : Relative path * @param isTopLevel This is to ensure that the $iconList doesnt get emptied when recursion occurs. * @usage Always call the function as getListOfFiles(<Directory>, true) */ function getListOfFiles($dir, $isTopLevel = false) { global $iconList; if (substr($dir, -1) != '/') { $dir .= "/"; } $rootUri = hostURL(); if ($isTopLevel) { $iconList = ""; } if (is_readable($dir)) { $handle = scandir($dir); foreach ($handle as $item) { if ($item != '.' && $item != '..' && $item[0] != ".") { if (is_dir($dir . $item)) { getListOfFiles($dir . $item); } else { if (is_readable($dir . $item)) { $type = explode("/", mime_content_type($dir . $item)); if ($type[0] == "image") { $iconList .= "<div class=\"dragme\" draggable=\"true\" ondragstart=\"dragStartHandler(event,this)\" onclick=\"selectIcon(event,this)\">"; $iconList .= "<img title='{$item}' alt='{$item}' src='{$rootUri}/{$dir}{$item}' width=32 height=32 /></div>\n"; } } } } } } return $iconList; }
/** * Function responsible to copy a template. * * @access public * @return void */ public function templatecopy() { $clang = $this->getController()->lang; if (returnGlobal('action') == "templatecopy" && returnGlobal('newname') && returnGlobal('copydir')) { // Copies all the files from one template directory to a new one // This is a security issue because it is allowing copying from get variables... Yii::app()->loadHelper('admin/template'); $newname = sanitize_paranoid_string(returnGlobal('newname')); $newdirname = Yii::app()->getConfig('usertemplaterootdir') . "/" . $newname; $copydirname = getTemplatePath(returnGlobal('copydir')); $mkdirresult = mkdir_p($newdirname); if ($mkdirresult == 1) { $copyfiles = getListOfFiles($copydirname); foreach ($copyfiles as $file) { $copyfile = $copydirname . "/" . $file; $newfile = $newdirname . "/" . $file; if (!copy($copyfile, $newfile)) { $this->getController()->error(sprintf($clang->gT("Failed to copy %s to new template directory.", "js"), $file)); } } $templatename = $newname; $this->index("startpage.pstpl", "welcome", $templatename); } elseif ($mkdirresult == 2) { $this->getController()->error(sprintf($clang->gT("Directory with the name `%s` already exists - choose another name", "js"), $newname)); } else { $this->getController()->error(sprintf($clang->gT("Unable to create directory `%s`.", "js"), $newname) . " " . $clang->gT("Please check the directory permissions.", "js")); } } }
exit; } fclose($handle); } else { echo "The file {$savefilename} is not writable"; } } } if ($action == "templatecopy" && isset($newname) && isset($copydir)) { //Copies all the files from one template directory to a new one //This is a security issue because it is allowing copying from get variables... $newdirname = $usertemplaterootdir . "/" . $newname; $copydirname = sGetTemplatePath($copydir); $mkdirresult = mkdir_p($newdirname); if ($mkdirresult == 1) { $copyfiles = getListOfFiles($copydirname); foreach ($copyfiles as $file) { $copyfile = $copydirname . "/" . $file; $newfile = $newdirname . "/" . $file; if (!copy($copyfile, $newfile)) { echo "<script type=\"text/javascript\">\n<!--\nalert(\"" . sprintf($clang->gT("Failed to copy %s to new template directory.", "js"), $file) . "\");\n//-->\n</script>"; } } $templates[$newname] = $newdirname; $templatename = $newname; } elseif ($mkdirresult == 2) { echo "<script type=\"text/javascript\">\n<!--\nalert(\"" . sprintf($clang->gT("Directory with the name `%s` already exists - choose another name", "js"), $newname) . "\");\n//-->\n</script>"; } else { echo "<script type=\"text/javascript\">\n<!--\nalert(\"" . sprintf($clang->gT("Unable to create directory `%s`.", "js"), $newname) . " " . $clang->gT("Please check the directory permissions.", "js") . "\");\n//-->\n</script>"; } }