Example #1
0
 function move()
 {
     global $destination, $dir;
     if (!MRights::can("move")) {
         $this->popupError("move");
         return;
     }
     $this->view->add2Content('<div style="display:none;">' . md5(uniqid()) . '</div>');
     $selectedFiles = isset($_REQUEST["selectedFiles"]) ? $_REQUEST["selectedFiles"] : array();
     $singleFolder = MRequest::filter(urldecode(MRequest::clean("singlefolder")), MREQUEST_CLEANPATH);
     if ($singleFolder) {
         $selectedFiles = array($singleFolder);
     }
     $error = null;
     $folderMove = array();
     $newURLS = array();
     $newHrefs = array();
     foreach ($selectedFiles as $selectedFile) {
         $baseSelectedFile = $selectedFile;
         $selectedFile = _START_FOLDER . urldecode($selectedFile);
         $selectedFile = MValidate::path($selectedFile);
         $isDir = MFile::isDir($selectedFile);
         if (!$isDir || $selectedFile != $destination) {
             $e = MFile::move($selectedFile, $destination);
             if ($e) {
                 $error .= $e . "<br>" . $destination;
             } else {
                 if ($isDir) {
                     array_push($folderMove, urlencode($baseSelectedFile));
                     $pi = pathinfo($selectedFile);
                     $newName = str_replace("\\", "/", $destination . DS . $pi['basename']);
                     array_push($newURLS, MURL::safePath($newName));
                     array_push($newHrefs, MURL::_("xhrfiles", MURL::safePath($newName)));
                 }
             }
         } else {
             $error .= sprintf(MText::_("errormovingfolder"), $baseSelectedFile) . "<br/>";
         }
     }
     if ($error) {
         $this->view->add2Content('<script noCache="1">newDarkenPopup(\'error\',mText.error,\'' . $error . '\',500,250);</script>');
     }
     $movedJS = null;
     if (sizeof($folderMove)) {
         $movedJS = '<script noCache="1" data.unique="' . md5(uniqid()) . '">' . "\n" . 'var movedFolders = {destination : "' . MURL::safePath($destination) . '", folders: ["' . implode('","', $folderMove) . '"], urls: ["' . implode('","', $newURLS) . '"], hrefs: ["' . implode('","', $newHrefs) . '"]};' . "\n" . 'treeSortMovedFolders(movedFolders);' . "\n" . '</script>';
     }
     // 		$this->view->addPreToContent($selectedFiles);
     // 		$this->view->addPreToContent($folderMove);
     $this->view->add2Content(fmGetFiles() . $movedJS);
 }
Example #2
0
$file = MRequest::clean('file');
$file = urldecode(myStripSlashes($file));
$file = MRequest::filter($file, MREQUEST_CLEANPATH);
$GLOBALS['file'] = $file;
//Destination
$destination = urldecode(MRequest::clean('destination'));
$destination = MRequest::filter($destination, MREQUEST_CLEANPATH);
$destination = _START_FOLDER . myStripSlashes($destination);
$GLOBALS['destination'] = $destination;
//New
$new = MRequest::clean('new');
$new = MRequest::filter($new, MREQUEST_CLEANPATH);
$GLOBALS['new'] = $new;
//Dir
$dir = _START_FOLDER . myStripSlashes(urldecode(strip_tags(MRequest::raw('dir'))));
$dir = MRequest::filter($dir, MREQUEST_CLEANPATH);
$GLOBALS['dir'] = $dir;
// Image View State
$imageViewState = MRequest::int("imageviewstate", -1);
if ($imageViewState == -1) {
    if (isset($_COOKIE["mtoggleimageview"])) {
        $imageViewState = (int) $_COOKIE["mtoggleimageview"];
    } else {
        $imageViewState = 0;
        setcookie("mtoggleimageview", $imageViewState, _FM_COOKIE_EXPIRE);
    }
} else {
    setcookie("mtoggleimageview", $imageViewState, _FM_COOKIE_EXPIRE);
}
define('_M_IMAGE_VIEW_STATE', $imageViewState);
//Security processing
Example #3
0
 * @version		1.0
 * @link		http://www.mad4media.de
 * Creation date 2013/02
 */

//CUSTOMPLACEHOLDER
//CUSTOMPLACEHOLDER2

defined('_JEXEC') or die;


if(isset($_REQUEST["selectedFiles"])){
	if(is_array($_REQUEST["selectedFiles"])){

		foreach($_REQUEST["selectedFiles"] as & $item){
			$item = trim( MRequest::filter( urldecode($item), MREQUEST_CLEANPATH));
		}

	}else{
		$_REQUEST["selectedFiles"] = array();
	}
}


$checkPaths = array("dir","destination");

foreach($checkPaths as $variable){
	$evalPath = _START_FOLDER . stripslashes(MRequest::clean($variable,null));
	if(!MFile::isSubDir($evalPath,$GLOBALS['folderAccess']) && $evalPath !=null){
		die("No Access!");
	}
Example #4
0
 public function xhr()
 {
     if (!MRights::can("upload")) {
         return $this->view->authError("upload");
     }
     global $dir;
     $size = MRequest::int("size", null);
     if ($size === null) {
         return;
     }
     // 		print_r($_SERVER); die();
     $fn = isset($_SERVER['HTTP_X_FILENAME']) ? MRequest::filter($_SERVER['HTTP_X_FILENAME'], MREQUEST_STRING) : false;
     if (!$fn) {
         return null;
     }
     $fileName = $dir . DS . $fn;
     file_put_contents($fileName, file_get_contents('php://input'));
     // Delete on abbort
     if (MFile::getSize($fileName) != $size) {
         MFile::remove($fileName);
     }
     $this->view->add2Content("ok");
 }