protected function runUntrustedAction($action) { switch ($action) { case 'backup': include_once 'HTTP/Download.php'; include_once 'Archive/Tar.php'; if (!$this->data_engine->dump(TIP::buildDataPath('dump'))) { TIP::notifyError('backup'); return false; } $tar_file = TIP::buildCachePath($this->id . '-' . TIP::formatDate('date_sql') . '.tar.gz'); $tar_object = new Archive_Tar($tar_file, 'gz'); $result = $tar_object->createModify(TIP::buildDataPath(), '', TIP::buildPath()); unset($tar_object); if ($result !== true) { return false; } HTTP_Download::staticSend(array('file' => $tar_file, 'contenttype' => 'application/x-gzip', 'contentdisposition' => HTTP_DOWNLOAD_ATTACHMENT)); exit; } return null; }
/** * Perform a view action * * Runs the file identified by the 'view_template' property for the * specified row. The rendered result is appended to the page. * * @param mixed $id The identifier of the row to view * @return bool true on success or false on errors */ protected function actionView($id) { // The query is not strictly necessary but it is still performed // to avoid read actions on arbitrary files if (is_null($row =& $this->fromRow($id, false)) || !$this->_onView($row)) { return false; } // Check for html file existence $file = TIP::buildDataPath($this->id, $id); if (!is_readable($file)) { $this->endView(); return false; } $content =& TIP_Application::getGlobal('content'); $this->keys['id'] = $id; $this->keys[$this->title_field] = str_replace('.html', '', $id); $this->keys['content'] = file_get_contents($file); $this->keys[$this->creation_field] = TIP::formatDate('datetime_sql', filectime($file)); $this->keys[$this->edited_field] = TIP::formatDate('datetime_sql', filemtime($file)); if (empty($this->view_template)) { // On empty template, output the whole html file content // and set a viable "title" metatag $content .= $this->keys['content']; $title =& TIP_Application::getGlobal('title'); $title = $this->keys[$this->title_field] . ' (' . $title . ')'; } else { // Use a custom template $content .= $this->tagRun($this->view_template); } // Discard the generated content to decrease memory consumption unset($this->keys); $this->endView(); return true; }
/** * Configure an attachment based element * * This code can be shared by every HTML_QuickForm_attachment based element. * * @param HTML_QuickForm_element &$element The element to configure * @param string $args The widget args * @return HTML_QuickForm_element The configured element */ private function &_configAttachment(&$element, $args) { // Common base path and uri $element->setBasePath(TIP::buildDataPath((string) $this->master)); $element->setBaseUrl(TIP::buildDataUri((string) $this->master)); // Unload the element data, if needed $unload_id = 'unload_' . $element->getName(); if ($this->action == TIP_FORM_ACTION_DELETE && TIP::getGet('process', 'int') == 1 || array_key_exists($unload_id, $_POST)) { $element->setState(QF_ATTACHMENT_TO_UNLOAD); } else { // Add the unload element $unload_label = $this->getLocale('label.' . $unload_id); $unload_element = $this->_form->createElement('checkbox', $unload_id, $unload_label, $unload_label, array('tabindex' => $this->_tabindex)); $element->setUnloadElement($unload_element); } return $element; }
private function &_getRows(&$data, $fields) { $path = $data->getProperty('path'); if (!array_key_exists($path, $this->_rows)) { if (strncmp($path, 'http://', 7) == 0) { $uri = $path; if (function_exists('curl_init')) { // CURL extension available: this should be the // first attempt because the dumb 'open_basedir' // directive can f**k up file_get_contents() $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $uri); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $xml_data = curl_exec($curl); curl_close($curl); } else { if (in_array('http', stream_get_wrappers())) { // http wrapper present $xml_data = file_get_contents($uri); } else { // No viable way to use the http protocol $xml_data = false; } } } else { $uri = TIP::buildDataPath($data->getProperty('path')); $xml_data = file_get_contents($uri); } $xml_tree = false; if (is_string($xml_data)) { // Work-around to let SimpleXML be happy with the f*****g // default namespace $xml_data = str_replace(' xmlns=', ' fakens=', $xml_data); $xml_tree = @simplexml_load_string($xml_data); } if ($xml_tree) { // Takes only the first element matching "base_xpath" $xml = reset($xml_tree->xpath($this->base_xpath)); $this->_data =& $data; if (empty($fields)) { $this->_fields = array_keys($this->fields_xpath); } else { $this->_fields = $fields; } $nodes = $xml->xpath($this->row_xpath); $rows = $this->_nodesToRows($nodes); unset($nodes, $this->_fields, $this->_data); } else { $rows = array(); TIP::error("failed to load XML file ({$uri})"); } $this->_rows[$path] = $rows; } return $this->_rows[$path]; }