/**
* send response
* @access public
*
*/
public function sendResponse()
{
$xml =& QFinder_Connector_Core_Factory::getInstance("Core_Xml");
$this->_connectorNode =& $xml->getConnectorNode();
$this->checkConnector();
if ($this->mustCheckRequest()) {
$this->checkRequest();
}
$resourceTypeName = $this->_currentFolder->getResourceTypeName();
if (!empty($resourceTypeName)) {
$this->_connectorNode->addAttribute("resourceType", $this->_currentFolder->getResourceTypeName());
}
if ($this->mustAddCurrentFolderNode()) {
$_currentFolder = new Qfinder_Connector_Utils_XmlNode("CurrentFolder");
$this->_connectorNode->addChild($_currentFolder);
$_currentFolder->addAttribute("path", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($this->_currentFolder->getClientPath()));
$this->_errorHandler->setCatchAllErros(true);
$_url = $this->_currentFolder->getUrl();
$_currentFolder->addAttribute("url", is_null($_url) ? "" : QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($_url));
$this->_errorHandler->setCatchAllErros(false);
$_currentFolder->addAttribute("acl", $this->_currentFolder->getAclMask());
}
$this->buildXml();
$_oErrorNode =& $xml->getErrorNode();
$_oErrorNode->addAttribute("number", "0");
echo $this->_connectorNode->asXML();
exit;
}
/**
* Throw file upload error, return true if error has been thrown, false if error has been catched
*
* @param int $number
* @param string $text
* @access public
*/
public function throwError($number, $uploaded = false, $exit = true)
{
if ($this->_catchAllErrors || in_array($number, $this->_skipErrorsArray)) {
return false;
}
$oRegistry =& QFinder_Connector_Core_Factory::getInstance("Core_Registry");
$sFileName = $oRegistry->get("FileUpload_fileName");
$sFileUrl = $oRegistry->get("FileUpload_url");
$sEncodedFileName = QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($sFileName);
header('Content-Type: text/html; charset=utf-8');
$errorMessage = QFinder_Connector_Utils_Misc::getErrorMessage($number, $sEncodedFileName);
if (!$uploaded) {
$sFileName = "";
$sEncodedFileName = "";
}
if (!empty($_GET['response_type']) && $_GET['response_type'] == 'txt') {
echo $sFileName . "|" . $errorMessage;
} else {
echo "<script type=\"text/javascript\">";
if (!empty($_GET['QFinderFuncNum'])) {
if (!$uploaded) {
$sFileUrl = "";
$sFileName = "";
}
$funcNum = preg_replace("/[^0-9]/", "", $_GET['QFinderFuncNum']);
echo "window.parent.QFinder.tools.callFunction({$funcNum}, '" . str_replace("'", "\\'", $sFileUrl . $sFileName) . "', '" . str_replace("'", "\\'", $errorMessage) . "');";
} else {
echo "window.parent.OnUploadCompleted('" . str_replace("'", "\\'", $sEncodedFileName) . "', '" . str_replace("'", "\\'", $errorMessage) . "') ;";
}
echo "</script>";
}
if ($exit) {
exit;
}
}
/**
* handle request and build XML
* @access protected
*
*/
protected function buildXml()
{
if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_RENAME)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
if (!isset($_GET["fileName"])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
if (!isset($_GET["newFileName"])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
$fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["fileName"]);
$newFileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["newFileName"]);
$oRenamedFileNode = new Qfinder_Connector_Utils_XmlNode("RenamedFile");
$this->_connectorNode->addChild($oRenamedFileNode);
$oRenamedFileNode->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($fileName));
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!$resourceTypeInfo->checkExtension($newFileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_EXTENSION);
}
if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName) || $resourceTypeInfo->checkIsHiddenFile($fileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if (!QFinder_Connector_Utils_FileSystem::checkFileName($newFileName) || $resourceTypeInfo->checkIsHiddenFile($newFileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
if (!$resourceTypeInfo->checkExtension($fileName, false)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if ($_config->forceAscii()) {
$newFileName = QFinder_Connector_Utils_FileSystem::convertToAscii($newFileName);
}
$filePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $fileName);
$newFilePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $newFileName);
$bMoved = false;
if (!file_exists($filePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND);
}
if (!is_writable(dirname($newFilePath))) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
if (!is_writable($filePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
if (file_exists($newFilePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ALREADY_EXIST);
}
$bMoved = @rename($filePath, $newFilePath);
if (!$bMoved) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNKNOWN, "File " . QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($fileName) . "has not been renamed");
} else {
$oRenamedFileNode->addAttribute("newName", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($newFileName));
$thumbPath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getThumbsServerPath(), $fileName);
QFinder_Connector_Utils_FileSystem::unlink($thumbPath);
}
}
/**
* handle request and build XML
* @access protected
*
*/
protected function buildXml()
{
if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FOLDER_RENAME)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
if (!isset($_GET["NewFolderName"])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
$newFolderName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["NewFolderName"]);
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
if ($_config->forceAscii()) {
$newFolderName = QFinder_Connector_Utils_FileSystem::convertToAscii($newFolderName);
}
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!QFinder_Connector_Utils_FileSystem::checkFolderName($newFolderName) || $resourceTypeInfo->checkIsHiddenFolder($newFolderName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
// The root folder cannot be deleted.
if ($this->_currentFolder->getClientPath() == "/") {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$oldFolderPath = $this->_currentFolder->getServerPath();
$bMoved = false;
if (!is_dir($oldFolderPath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
//let's calculate new folder name
$newFolderPath = dirname($oldFolderPath) . '/' . $newFolderName . '/';
if (file_exists(rtrim($newFolderPath, '/'))) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ALREADY_EXIST);
}
$bMoved = @rename($oldFolderPath, $newFolderPath);
if (!$bMoved) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
} else {
$newThumbsServerPath = dirname($this->_currentFolder->getThumbsServerPath()) . '/' . $newFolderName . '/';
if (!@rename($this->_currentFolder->getThumbsServerPath(), $newThumbsServerPath)) {
QFinder_Connector_Utils_FileSystem::unlink($this->_currentFolder->getThumbsServerPath());
}
}
$newFolderPath = preg_replace(",[^/]+/?\$,", $newFolderName, $this->_currentFolder->getClientPath()) . '/';
$newFolderUrl = $resourceTypeInfo->getUrl() . ltrim($newFolderPath, '/');
$oRenameNode = new Qfinder_Connector_Utils_XmlNode("RenamedFolder");
$this->_connectorNode->addChild($oRenameNode);
$oRenameNode->addAttribute("newName", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($newFolderName));
$oRenameNode->addAttribute("newPath", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($newFolderPath));
$oRenameNode->addAttribute("newUrl", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($newFolderUrl));
}
/**
* handle request and build XML
* @access protected
*
*/
protected function buildXml()
{
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FOLDER_VIEW)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
// Map the virtual path to the local server path.
$_sServerDir = $this->_currentFolder->getServerPath();
if (!is_dir($_sServerDir)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND);
}
// Create the "Folders" node.
$oFoldersNode = new Qfinder_Connector_Utils_XmlNode("Folders");
$this->_connectorNode->addChild($oFoldersNode);
$files = array();
if ($dh = @opendir($_sServerDir)) {
while (($file = readdir($dh)) !== false) {
if ($file != "." && $file != ".." && is_dir($_sServerDir . $file)) {
$files[] = $file;
}
}
closedir($dh);
} else {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (sizeof($files) > 0) {
natcasesort($files);
$i = 0;
foreach ($files as $file) {
$oAcl = $_config->getAccessControlConfig();
$folderPath = $this->_currentFolder->getClientPath() . $file . "/";
$aclMask = $oAcl->getComputedMask($this->_currentFolder->getResourceTypeName(), $folderPath);
if (($aclMask & QFINDER_CONNECTOR_ACL_FOLDER_VIEW) != QFINDER_CONNECTOR_ACL_FOLDER_VIEW) {
continue;
}
if ($resourceTypeInfo->checkIsHiddenFolder($file)) {
continue;
}
// Create the "Folder" node.
$oFolderNode[$i] = new Qfinder_Connector_Utils_XmlNode("Folder");
$oFoldersNode->addChild($oFolderNode[$i]);
$oFolderNode[$i]->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($file));
$oFolderNode[$i]->addAttribute("hasChildren", QFinder_Connector_Utils_FileSystem::hasChildren($folderPath, $resourceTypeInfo) ? "true" : "false");
$oFolderNode[$i]->addAttribute("acl", $aclMask);
$i++;
}
}
}
/**
* handle request and build XML
* @access protected
*/
function buildXml()
{
if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$this->checkConnector();
$this->checkRequest();
// Saving empty file is equal to deleting a file, that's why FILE_DELETE permissions are required
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_DELETE)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
if (!isset($_POST["fileName"])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
if (!isset($_POST["content"])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_POST["fileName"]);
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!$resourceTypeInfo->checkExtension($fileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_EXTENSION);
}
if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName) || $resourceTypeInfo->checkIsHiddenFile($fileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$filePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $fileName);
if (!file_exists($filePath) || !is_file($filePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND);
}
if (!is_writable(dirname($filePath))) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
$fp = @fopen($filePath, 'wb');
if ($fp === false || !flock($fp, LOCK_EX)) {
$result = false;
} else {
$result = fwrite($fp, $_POST["content"]);
flock($fp, LOCK_UN);
fclose($fp);
}
if ($result === false) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
}
/**
* send response (file)
* @access public
*
*/
public function sendResponse()
{
if (!function_exists('ob_list_handlers') || ob_list_handlers()) {
@ob_end_clean();
}
header("Content-Encoding: none");
$this->checkConnector();
$this->checkRequest();
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
$fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["FileName"]);
$_resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if (!$_resourceTypeInfo->checkExtension($fileName, false)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$filePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $fileName);
if ($_resourceTypeInfo->checkIsHiddenFile($fileName) || !file_exists($filePath) || !is_file($filePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND);
}
$fileName = QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($fileName);
header("Cache-Control: cache, must-revalidate");
header("Pragma: public");
header("Expires: 0");
if (!empty($_GET['format']) && $_GET['format'] == 'text') {
header("Content-Type: text/plain; charset=utf-8");
} else {
$user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "";
$encodedName = str_replace("\"", "\\\"", $fileName);
if (strpos($user_agent, "MSIE") !== false) {
$encodedName = str_replace(array("+", "%2E"), array(" ", "."), urlencode($encodedName));
}
header("Content-type: application/octet-stream; name=\"" . $fileName . "\"");
header("Content-Disposition: attachment; filename=\"" . $encodedName . "\"");
}
header("Content-Length: " . filesize($filePath));
QFinder_Connector_Utils_FileSystem::sendFile($filePath);
exit;
}
/**
* handle request and build XML
* @access protected
*
*/
protected function buildXml()
{
if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FOLDER_CREATE)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
$_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig();
$sNewFolderName = isset($_GET["NewFolderName"]) ? $_GET["NewFolderName"] : "";
$sNewFolderName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($sNewFolderName);
if ($_config->forceAscii()) {
$sNewFolderName = QFinder_Connector_Utils_FileSystem::convertToAscii($sNewFolderName);
}
if (!QFinder_Connector_Utils_FileSystem::checkFolderName($sNewFolderName) || $_resourceTypeConfig->checkIsHiddenFolder($sNewFolderName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
$sServerDir = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $sNewFolderName);
if (!is_writeable($this->_currentFolder->getServerPath())) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
$bCreated = false;
if (file_exists($sServerDir)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ALREADY_EXIST);
}
if ($perms = $_config->getChmodFolders()) {
$oldUmask = umask(0);
$bCreated = @mkdir($sServerDir, $perms);
umask($oldUmask);
} else {
$bCreated = @mkdir($sServerDir);
}
if (!$bCreated) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
} else {
$oNewFolderNode = new Qfinder_Connector_Utils_XmlNode("NewFolder");
$this->_connectorNode->addChild($oNewFolderNode);
$oNewFolderNode->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($sNewFolderName));
}
}
/**
* handle request and build XML
* @access protected
*
*/
protected function buildXml()
{
if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FOLDER_DELETE)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
// The root folder cannot be deleted.
if ($this->_currentFolder->getClientPath() == "/") {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$folderServerPath = $this->_currentFolder->getServerPath();
if (!file_exists($folderServerPath) || !is_dir($folderServerPath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND);
}
if (!QFinder_Connector_Utils_FileSystem::unlink($folderServerPath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
QFinder_Connector_Utils_FileSystem::unlink($this->_currentFolder->getThumbsServerPath());
}
/**
* Throw file upload error, return true if error has been thrown, false if error has been catched
*
* @param int $number
* @param string $text
* @access public
*/
public function throwError($number, $uploaded = false, $exit = true)
{
if ($this->_catchAllErrors || in_array($number, $this->_skipErrorsArray)) {
return false;
}
$oRegistry =& QFinder_Connector_Core_Factory::getInstance("Core_Registry");
$sFileName = $oRegistry->get("FileUpload_fileName");
$sFileUrl = $oRegistry->get("FileUpload_url");
$sEncodedFileName = QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($sFileName);
header('Content-Type: text/html; charset=utf-8');
/**
* echo <script> is not called before QFinder_Connector_Utils_Misc::getErrorMessage
* because PHP has problems with including files that contain BOM character.
* Having BOM character after <script> tag causes a javascript error.
*/
echo "<script type=\"text/javascript\">";
if (!empty($_GET['CKEditor'])) {
$errorMessage = QFinder_Connector_Utils_Misc::getErrorMessage($number, $sEncodedFileName);
if (!$uploaded) {
$sFileUrl = "";
$sFileName = "";
$sEncodedFileName = "";
}
$funcNum = preg_replace("/[^0-9]/", "", $_GET['CKEditorFuncNum']);
echo "window.parent.CKEDITOR.tools.callFunction({$funcNum}, '" . str_replace("'", "\\'", $sFileUrl . QFinder_Connector_Utils_Misc::encodeURIComponent($sEncodedFileName)) . "', '" . str_replace("'", "\\'", $errorMessage) . "');";
} else {
if (!$uploaded) {
echo "window.parent.OnUploadCompleted(" . $number . ", '', '', '') ;";
} else {
echo "window.parent.OnUploadCompleted(" . $number . ", '" . str_replace("'", "\\'", $sFileUrl . QFinder_Connector_Utils_Misc::encodeURIComponent($sEncodedFileName)) . "', '" . str_replace("'", "\\'", $sEncodedFileName) . "', '') ;";
}
}
echo "</script>";
if ($exit) {
exit;
}
}
/**
* handle request and build XML
* @access protected
*
*/
protected function buildXml()
{
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
// Map the virtual path to the local server path.
$_sServerDir = $this->_currentFolder->getServerPath();
// Create the "Files" node.
$oFilesNode = new Qfinder_Connector_Utils_XmlNode("Files");
$this->_connectorNode->addChild($oFilesNode);
if (!is_dir($_sServerDir)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND);
}
$files = array();
$thumbFiles = array();
if ($dh = @opendir($_sServerDir)) {
while (($file = readdir($dh)) !== false) {
if ($file != "." && $file != ".." && !is_dir($_sServerDir . $file)) {
$files[] = $file;
}
}
closedir($dh);
} else {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (sizeof($files) > 0) {
$_thumbnailsConfig = $_config->getThumbnailsConfig();
$_thumbServerPath = '';
$_showThumbs = !empty($_GET['showThumbs']) && $_GET['showThumbs'] == 1;
if ($_thumbnailsConfig->getIsEnabled() && ($_thumbnailsConfig->getDirectAccess() || $_showThumbs)) {
$_thumbServerPath = $this->_currentFolder->getThumbsServerPath();
}
natcasesort($files);
$i = 0;
foreach ($files as $file) {
$filemtime = @filemtime($_sServerDir . $file);
//otherwise file doesn't exist or we can't get it's filename properly
if ($filemtime !== false) {
$filename = QFinder_Connector_Utils_Misc::mbBasename($file);
if (!$resourceTypeInfo->checkExtension($filename, false)) {
continue;
}
if ($resourceTypeInfo->checkIsHiddenFile($filename)) {
continue;
}
$oFileNode[$i] = new Qfinder_Connector_Utils_XmlNode("File");
$oFilesNode->addChild($oFileNode[$i]);
$oFileNode[$i]->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding(QFinder_Connector_Utils_Misc::mbBasename($file)));
$oFileNode[$i]->addAttribute("date", @date("YmdHi", $filemtime));
if (!empty($_thumbServerPath) && preg_match(QFINDER_REGEX_IMAGES_EXT, $filename)) {
if (file_exists($_thumbServerPath . $filename)) {
$oFileNode[$i]->addAttribute("thumb", $filename);
} elseif ($_showThumbs) {
$oFileNode[$i]->addAttribute("thumb", "?" . $filename);
}
}
$size = filesize($_sServerDir . $file);
if ($size && $size < 1024) {
$size = 1;
} else {
$size = (int) round($size / 1024);
}
$oFileNode[$i]->addAttribute("size", $size);
$i++;
}
}
}
}
/**
* handle request and build XML
* @access protected
*
*/
function buildXml()
{
$this->checkConnector();
$this->checkRequest();
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!isset($_GET["fileName"])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
$fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["fileName"]);
if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName) || $resourceTypeInfo->checkIsHiddenFile($fileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if (!$resourceTypeInfo->checkExtension($fileName, false)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$filePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $fileName);
if (!file_exists($filePath) || !is_file($filePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND);
}
list($width, $height) = getimagesize($filePath);
$oNode = new Qfinder_Connector_Utils_XmlNode("ImageInfo");
$oNode->addAttribute("width", $width);
$oNode->addAttribute("height", $height);
$this->_connectorNode->addChild($oNode);
}
/**
* Get server path to thumbnails directory
*
* @access public
* @return string
*/
public function getThumbsServerPath()
{
if (is_null($this->_thumbsServerPath)) {
$this->_resourceTypeConfig = $this->getResourceTypeConfig();
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
$_thumbnailsConfig = $_config->getThumbnailsConfig();
// Get the resource type directory.
$this->_thumbsServerPath = QFinder_Connector_Utils_FileSystem::combinePaths($_thumbnailsConfig->getDirectory(), $this->_resourceTypeConfig->getName());
// Return the resource type directory combined with the required path.
$this->_thumbsServerPath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_thumbsServerPath, ltrim($this->_clientPath, '/'));
if (!is_dir($this->_thumbsServerPath)) {
if (!QFinder_Connector_Utils_FileSystem::createDirectoryRecursively($this->_thumbsServerPath)) {
/**
* @todo Qfinder_Connector_Utils_Xml::raiseError(); perhaps we should return error
*
*/
}
}
}
return $this->_thumbsServerPath;
}
/**
* Get the dditional Nginx X-Sendfile configuration (location => root)
*/
public function getXSendfileNginx()
{
$xsendfileNginx = array();
foreach ($this->_xsendfileNginx as $location => $root) {
$root = (string) $root;
$location = rtrim((string) $location, '/') . '/';
if (substr($root, -1, 1) != '/' && substr($root, -1, 1) != '\\') {
// root and location paths are concatenated
// @see http://wiki.nginx.org/XSendfile
$root = QFinder_Connector_Utils_FileSystem::combinePaths(rtrim($root, '/'), $location);
}
$xsendfileNginx[$location] = $root;
}
return $xsendfileNginx;
}
/**
* Check request
* @access protected
*
*/
protected function checkRequest()
{
if (preg_match(QFINDER_REGEX_INVALID_PATH, $this->_currentFolder->getClientPath())) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
$_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig();
if (is_null($_resourceTypeConfig)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_TYPE);
}
$_clientPath = $this->_currentFolder->getClientPath();
$_clientPathParts = explode("/", trim($_clientPath, "/"));
if ($_clientPathParts) {
foreach ($_clientPathParts as $_part) {
if ($_resourceTypeConfig->checkIsHiddenFolder($_part)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
}
}
if (!is_dir($this->_currentFolder->getServerPath())) {
if ($_clientPath == "/") {
if (!QFinder_Connector_Utils_FileSystem::createDirectoryRecursively($this->_currentFolder->getServerPath())) {
/**
* @todo handle error
*/
}
} else {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND);
}
}
}
/**
* send response (save uploaded file, resize if required)
* @access public
*
*/
public function sendResponse()
{
$iErrorNumber = QFINDER_CONNECTOR_ERROR_NONE;
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
$oRegistry =& QFinder_Connector_Core_Factory::getInstance("Core_Registry");
$oRegistry->set("FileUpload_fileName", "unknown file");
$uploadedFile = array_shift($_FILES);
if (!isset($uploadedFile['name'])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_INVALID);
}
$sUnsafeFileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding(QFinder_Connector_Utils_Misc::mbBasename($uploadedFile['name']));
$sFileName = QFinder_Connector_Utils_FileSystem::secureFileName($sUnsafeFileName);
if ($sFileName != $sUnsafeFileName) {
$iErrorNumber = QFINDER_CONNECTOR_ERROR_UPLOADED_INVALID_NAME_RENAMED;
}
$oRegistry->set("FileUpload_fileName", $sFileName);
$this->checkConnector();
$this->checkRequest();
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_UPLOAD)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
$_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig();
if (!QFinder_Connector_Utils_FileSystem::checkFileName($sFileName) || $_resourceTypeConfig->checkIsHiddenFile($sFileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!$resourceTypeInfo->checkExtension($sFileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_EXTENSION);
}
$oRegistry->set("FileUpload_fileName", $sFileName);
$oRegistry->set("FileUpload_url", $this->_currentFolder->getUrl());
$maxSize = $resourceTypeInfo->getMaxSize();
if (!$_config->checkSizeAfterScaling() && $maxSize && $uploadedFile['size'] > $maxSize) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG);
}
$htmlExtensions = $_config->getHtmlExtensions();
$sExtension = QFinder_Connector_Utils_FileSystem::getExtension($sFileName);
if ($htmlExtensions && !QFinder_Connector_Utils_Misc::inArrayCaseInsensitive($sExtension, $htmlExtensions) && ($detectHtml = QFinder_Connector_Utils_FileSystem::detectHtml($uploadedFile['tmp_name'])) === true) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE);
}
$secureImageUploads = $_config->getSecureImageUploads();
if ($secureImageUploads && ($isImageValid = QFinder_Connector_Utils_FileSystem::isImageValid($uploadedFile['tmp_name'], $sExtension)) === false) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT);
}
switch ($uploadedFile['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG);
break;
case UPLOAD_ERR_PARTIAL:
case UPLOAD_ERR_NO_FILE:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT);
break;
case UPLOAD_ERR_NO_TMP_DIR:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_NO_TMP_DIR);
break;
case UPLOAD_ERR_CANT_WRITE:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
break;
case UPLOAD_ERR_EXTENSION:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
break;
}
$sServerDir = $this->_currentFolder->getServerPath();
while (true) {
$sFilePath = QFinder_Connector_Utils_FileSystem::combinePaths($sServerDir, $sFileName);
if (file_exists($sFilePath)) {
$sFileName = QFinder_Connector_Utils_FileSystem::autoRename($sServerDir, $sFileName);
$oRegistry->set("FileUpload_fileName", $sFileName);
$iErrorNumber = QFINDER_CONNECTOR_ERROR_UPLOADED_FILE_RENAMED;
} else {
if (false === move_uploaded_file($uploadedFile['tmp_name'], $sFilePath)) {
$iErrorNumber = QFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
} else {
if (isset($detectHtml) && $detectHtml === -1 && QFinder_Connector_Utils_FileSystem::detectHtml($sFilePath) === true) {
@unlink($sFilePath);
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE);
} else {
if (isset($isImageValid) && $isImageValid === -1 && QFinder_Connector_Utils_FileSystem::isImageValid($sFilePath, $sExtension) === false) {
@unlink($sFilePath);
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT);
}
}
}
if (is_file($sFilePath) && ($perms = $_config->getChmodFiles())) {
$oldumask = umask(0);
chmod($sFilePath, $perms);
umask($oldumask);
}
break;
}
}
if (!$_config->checkSizeAfterScaling()) {
$this->_errorHandler->throwError($iErrorNumber, true, false);
}
//resize image if required
require_once QFINDER_CONNECTOR_LIB_DIR . "/CommandHandler/Thumbnail.php";
$_imagesConfig = $_config->getImagesConfig();
if ($_imagesConfig->getMaxWidth() > 0 && $_imagesConfig->getMaxHeight() > 0 && $_imagesConfig->getQuality() > 0) {
QFinder_Connector_CommandHandler_Thumbnail::createThumb($sFilePath, $sFilePath, $_imagesConfig->getMaxWidth(), $_imagesConfig->getMaxHeight(), $_imagesConfig->getQuality(), true);
}
if ($_config->checkSizeAfterScaling()) {
//check file size after scaling, attempt to delete if too big
clearstatcache();
if ($maxSize && filesize($sFilePath) > $maxSize) {
@unlink($sFilePath);
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG);
} else {
$this->_errorHandler->throwError($iErrorNumber, true, false);
}
}
QFinder_Connector_Core_Hooks::run('AfterFileUpload', array(&$this->_currentFolder, &$uploadedFile, &$sFilePath));
}
/**
* Send files using X-Sendfile server module
*
* @param string $filePath
*/
public static function sendWithXSendfile($filePath)
{
if (stripos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== FALSE) {
$fallback = true;
$config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
$XSendfileNginx = $config->getXSendfileNginx();
foreach ($XSendfileNginx as $location => $root) {
if (false !== stripos($filePath, $root)) {
$fallback = false;
$filePath = str_ireplace($root, $location, $filePath);
header("X-Accel-Redirect: " . $filePath);
// Nginx
break;
}
}
// fallback to standar method
if ($fallback) {
QFinder_Connector_Utils_FileSystem::readfileChunked($filePath);
}
} elseif (stripos($_SERVER['SERVER_SOFTWARE'], 'lighttpd/1.4') !== FALSE) {
header("X-LIGHTTPD-send-file: " . $filePath);
// Lighttpd v1.4
} else {
header("X-Sendfile: " . $filePath);
// Apache, Lighttpd v1.5, Cherokee
}
}
/**
* handle request and build XML
* @access protected
*
*/
protected function buildXml()
{
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
// Create the "ConnectorInfo" node.
$_oConnInfo = new Qfinder_Connector_Utils_XmlNode("ConnectorInfo");
$this->_connectorNode->addChild($_oConnInfo);
$_oConnInfo->addAttribute("enabled", $_config->getIsEnabled() ? "true" : "false");
if (!$_config->getIsEnabled()) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_CONNECTOR_DISABLED);
}
$_ln = '';
$_lc = $_config->getLicenseKey() . ' ';
$pos = strpos(QFINDER_CHARS, $_lc[0]) % 5;
if ($pos == 1 || $pos == 4) {
$_ln = $_config->getLicenseName();
}
$_oConnInfo->addAttribute("s", $_ln);
$_oConnInfo->addAttribute("c", trim($_lc[11] . $_lc[0] . $_lc[8] . $_lc[12] . $_lc[26] . $_lc[2] . $_lc[3] . $_lc[25] . $_lc[1]));
$_thumbnailsConfig = $_config->getThumbnailsConfig();
$_thumbnailsEnabled = $_thumbnailsConfig->getIsEnabled();
$_oConnInfo->addAttribute("thumbsEnabled", $_thumbnailsEnabled ? "true" : "false");
if ($_thumbnailsEnabled) {
$_oConnInfo->addAttribute("thumbsUrl", $_thumbnailsConfig->getUrl());
$_oConnInfo->addAttribute("thumbsDirectAccess", $_thumbnailsConfig->getDirectAccess() ? "true" : "false");
$_oConnInfo->addAttribute("thumbsWidth", $_thumbnailsConfig->getMaxWidth());
$_oConnInfo->addAttribute("thumbsHeight", $_thumbnailsConfig->getMaxHeight());
}
$_imagesConfig = $_config->getImagesConfig();
$_oConnInfo->addAttribute("imgWidth", $_imagesConfig->getMaxWidth());
$_oConnInfo->addAttribute("imgHeight", $_imagesConfig->getMaxHeight());
// Create the "ResourceTypes" node.
$_oResourceTypes = new Qfinder_Connector_Utils_XmlNode("ResourceTypes");
$this->_connectorNode->addChild($_oResourceTypes);
// Create the "PluginsInfo" node.
$_oPluginsInfo = new Qfinder_Connector_Utils_XmlNode("PluginsInfo");
$this->_connectorNode->addChild($_oPluginsInfo);
// Load the resource types in an array.
$_aTypes = $_config->getDefaultResourceTypes();
if (!sizeof($_aTypes)) {
$_aTypes = $_config->getResourceTypeNames();
}
$_aTypesSize = sizeof($_aTypes);
if ($_aTypesSize) {
$phpMaxSize = 0;
$max_upload = QFinder_Connector_Utils_Misc::returnBytes(ini_get('upload_max_filesize'));
if ($max_upload) {
$phpMaxSize = $max_upload;
}
$max_post = QFinder_Connector_Utils_Misc::returnBytes(ini_get('post_max_size'));
if ($max_post) {
$phpMaxSize = $phpMaxSize ? min($phpMaxSize, $max_post) : $max_post;
}
//ini_get('memory_limit') only works if compiled with "--enable-memory-limit"
$memory_limit = QFinder_Connector_Utils_Misc::returnBytes(@ini_get('memory_limit'));
if ($memory_limit && $memory_limit != -1) {
$phpMaxSize = $phpMaxSize ? min($phpMaxSize, $memory_limit) : $memory_limit;
}
$_oConnInfo->addAttribute("uploadMaxSize", $phpMaxSize);
$_oConnInfo->addAttribute("uploadCheckImages", $_config->checkSizeAfterScaling() ? "false" : "true");
for ($i = 0; $i < $_aTypesSize; $i++) {
$_resourceTypeName = $_aTypes[$i];
$_acl = $_config->getAccessControlConfig();
$_aclMask = $_acl->getComputedMask($_resourceTypeName, "/");
if (($_aclMask & QFINDER_CONNECTOR_ACL_FOLDER_VIEW) != QFINDER_CONNECTOR_ACL_FOLDER_VIEW) {
continue;
}
if (!isset($_GET['type']) || $_GET['type'] === $_resourceTypeName) {
//print $_resourceTypeName;
$_oTypeInfo = $_config->getResourceTypeConfig($_resourceTypeName);
//print_r($_oTypeInfo);
$_oResourceType[$i] = new Qfinder_Connector_Utils_XmlNode("ResourceType");
$_oResourceTypes->addChild($_oResourceType[$i]);
$_oResourceType[$i]->addAttribute("name", $_resourceTypeName);
$_oResourceType[$i]->addAttribute("url", $_oTypeInfo->getUrl());
$_oResourceType[$i]->addAttribute("allowedExtensions", implode(",", $_oTypeInfo->getAllowedExtensions()));
$_oResourceType[$i]->addAttribute("deniedExtensions", implode(",", $_oTypeInfo->getDeniedExtensions()));
$_oResourceType[$i]->addAttribute("hash", $_oTypeInfo->getHash());
$_oResourceType[$i]->addAttribute("hasChildren", QFinder_Connector_Utils_FileSystem::hasChildren('/', $_oTypeInfo) ? "true" : "false");
$_oResourceType[$i]->addAttribute("acl", $_aclMask);
$maxSize = $_oTypeInfo->getMaxSize();
if ($phpMaxSize) {
$maxSize = $maxSize ? min($maxSize, $phpMaxSize) : $phpMaxSize;
}
$_oResourceType[$i]->addAttribute("maxSize", $maxSize);
}
}
}
$config = $GLOBALS['config'];
if (!empty($config['Plugins']) && is_array($config['Plugins'])) {
$_oConnInfo->addAttribute("plugins", implode(",", $config['Plugins']));
}
QFinder_Connector_Core_Hooks::run('InitCommand', array(&$this->_connectorNode));
}
/**
* handle request and send response
* @access public
*
*/
public function sendResponse()
{
// Get rid of BOM markers
if (ob_get_level()) {
while (@ob_end_clean() && ob_get_level()) {
}
}
header("Content-Encoding: none");
$this->checkConnector();
$this->checkRequest();
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
$_thumbnails = $_config->getThumbnailsConfig();
if (!$_thumbnails->getIsEnabled()) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_THUMBNAILS_DISABLED);
}
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
if (!isset($_GET["FileName"])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["FileName"]);
$_resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$sourceFilePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $fileName);
if ($_resourceTypeInfo->checkIsHiddenFile($fileName) || !file_exists($sourceFilePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND);
}
$thumbFilePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getThumbsServerPath(), $fileName);
// If the thumbnail file doesn't exists, create it now.
if (!file_exists($thumbFilePath)) {
if (!$this->createThumb($sourceFilePath, $thumbFilePath, $_thumbnails->getMaxWidth(), $_thumbnails->getMaxHeight(), $_thumbnails->getQuality(), true, $_thumbnails->getBmpSupported())) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
}
$size = filesize($thumbFilePath);
$sourceImageAttr = getimagesize($thumbFilePath);
$mime = $sourceImageAttr["mime"];
$rtime = isset($_SERVER["HTTP_IF_MODIFIED_SINCE"]) ? @strtotime($_SERVER["HTTP_IF_MODIFIED_SINCE"]) : 0;
$mtime = filemtime($thumbFilePath);
$etag = dechex($mtime) . "-" . dechex($size);
$is304 = false;
if (isset($_SERVER["HTTP_IF_NONE_MATCH"]) && $_SERVER["HTTP_IF_NONE_MATCH"] === $etag) {
$is304 = true;
} else {
if ($rtime == $mtime) {
$is304 = true;
}
}
if ($is304) {
header("HTTP/1.0 304 Not Modified");
exit;
}
//header("Cache-Control: cache, must-revalidate");
//header("Pragma: public");
//header("Expires: 0");
header('Cache-control: public');
header('Etag: ' . $etag);
header("Content-type: " . $mime . "; name=\"" . QFinder_Connector_Utils_Misc::mbBasename($thumbFilePath) . "\"");
header("Last-Modified: " . gmdate('D, d M Y H:i:s', $mtime) . " GMT");
//header("Content-type: application/octet-stream; name=\"{$file}\"");
//header("Content-Disposition: attachment; filename=\"{$file}\"");
header("Content-Length: " . $size);
readfile($thumbFilePath);
exit;
}
private function appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path)
{
$oErrorNode = new QFinder_Connector_Utils_XmlNode("Error");
$oErrorNode->addAttribute("code", $errorCode);
$oErrorNode->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($name));
$oErrorNode->addAttribute("type", $type);
$oErrorNode->addAttribute("folder", $path);
$oErrorsNode->addChild($oErrorNode);
}
/**
* Sends generated zip file to the user
*/
protected function sendZipFile()
{
if (!function_exists('ob_list_handlers') || ob_list_handlers()) {
@ob_end_clean();
}
header("Content-Encoding: none");
$this->checkConnector();
$this->checkRequest();
// empty wystarczy
if (empty($_GET['FileName'])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND);
}
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
$hash = $resourceTypeInfo->getHash();
if ($hash !== $_GET['hash'] || $hash !== substr($_GET['FileName'], 16, 16)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
$fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding(trim($_GET['FileName']));
if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
if (strtolower(pathinfo($fileName, PATHINFO_EXTENSION)) !== 'zip') {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_EXTENSION);
}
$dest_dir = QFinder_Connector_Utils_FileSystem::getTmpDir();
$filePath = QFinder_Connector_Utils_FileSystem::combinePaths($dest_dir, $fileName);
if (!file_exists($filePath) || !is_file($filePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND);
}
if (!is_readable($filePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
$zipFileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding(trim($_GET['ZipName']));
if (!QFinder_Connector_Utils_FileSystem::checkFileName($zipFileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$fileFilename = pathinfo($zipFileName, PATHINFO_BASENAME);
header("Content-Encoding: none");
header("Cache-Control: cache, must-revalidate");
header("Pragma: public");
header("Expires: 0");
$user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "";
$encodedName = str_replace("\"", "\\\"", $fileFilename);
if (strpos($user_agent, "MSIE") !== false) {
$encodedName = str_replace(array("+", "%2E"), array(" ", "."), urlencode($encodedName));
}
header("Content-type: application/octet-stream; name=\"" . $fileFilename . "\"");
header("Content-Disposition: attachment; filename=\"" . $encodedName . "\"");
header("Content-Length: " . filesize($filePath));
QFinder_Connector_Utils_FileSystem::sendFile($filePath);
exit;
}
