Example #1
0
 function sDownloadFileName()
 {
     $sFN = "";
     $sOrg = $this->sOriginalFilename();
     if ($sOrg) {
         $oOrg = new WYPath($sOrg);
         $sExt = $oOrg->sExtension();
         $sFN = $this->sDataFileName(false) . ($sExt !== "" ? ".{$sExt}" : ".dat");
     }
     return $sFN;
 }
Example #2
0
 function WYFileUpload($sN, $multiple = false)
 {
     global $goApp;
     parent::WYHTMLTag("input");
     $this->dAttributes["type"] = "file";
     if ($multiple) {
         $this->dAttributes["name"] = $sN . '[]';
         $this->dAttributes["multiple"] = "multiple";
     } else {
         $this->dAttributes["name"] = $sN;
     }
     $this->dFileInfos = od_nil;
     if (isset($_FILES[$sN])) {
         $this->dFileInfos = $_FILES[$sN];
         // how many files?
         if (is_array($this->dFileInfos["name"])) {
             $this->iNrOfFiles = count($this->dFileInfos["name"]);
         } else {
             $this->iNrOfFiles = 1;
             $tmpFI = array("name" => array($this->dFileInfos["name"]), "type" => array($this->dFileInfos["type"]), "tmp_name" => array($this->dFileInfos["tmp_name"]), "error" => array($this->dFileInfos["error"]), "size" => array($this->dFileInfos["size"]));
             $this->dFileInfos = $tmpFI;
             $tmpFI = NULL;
         }
         for ($i = 0; $i < $this->iNrOfFiles; $i++) {
             // security check
             $sOFN = isset($this->dFileInfos["name"][$i]) ? $this->dFileInfos["name"][$i] : "";
             $oOFN = new WYPath($sOFN);
             if (!$oOFN->bCheck(WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
                 $goApp->log("error on file upload: illegal file type/name <{$sOFN}>");
                 @unlink($this->dFileInfos["tmp_name"][$j]);
                 // delete evil uploaded file
             } else {
                 if ($this->bFileUploaded($i) && $this->bUploadOK($i)) {
                     $oTmpPath = new WYPath($this->dFileInfos["tmp_name"][$i]);
                     $oToPath = od_clone($goApp->oDataPath);
                     $oToPath->addComponent($oTmpPath->sBasename());
                     if (!$goApp->move_uploaded_file($oTmpPath, $oToPath)) {
                         $goApp->log("WYFileUpload: Could not move uploaded file " . $oTmpPath->sPath . " to " . $oToPath->sPath);
                     } else {
                         $this->dFileInfos["tmp_name"][$i] = $oToPath->sPath;
                     }
                 } else {
                     $goApp->log("error on file upload: " . $this->iErrorCode() . ": " . $this->sErrorMessage());
                 }
             }
         }
     }
 }
Example #3
0
 function WYURL($s)
 {
     global $goApp;
     $sQuery = "";
     $iPos = 0;
     $aQueryPairs = array();
     $sPair = "";
     $aKeyValue = array();
     $iMaxProtocolIdentLen = 5;
     // https
     $iPos = strpos($s, ":");
     if ($iPos !== false && $iPos <= $iMaxProtocolIdentLen) {
         $this->sProtocol = strtolower(substr($s, 0, $iPos));
         $s = substr($s, $iPos + 1);
     } else {
         $this->sProtocol = "http";
     }
     if (substr($s, 0, 2) == "//") {
         $iPos = strpos($s, "/", 2);
         if ($iPos !== false) {
             $this->sHost = substr($s, 2, $iPos - 2);
             $s = substr($s, $iPos);
             if (!$s) {
                 $s = "/";
             }
         } else {
             $this->sHost = substr($s, 2);
             $s = "/";
         }
     } else {
         $this->sHost = WYApplication::sHTTPHost();
     }
     $iPos = strpos($s, "#");
     if ($iPos !== false) {
         $this->sAnchor = substr($s, $iPos + 1);
         $s = substr($s, 0, $iPos);
     } else {
         $this->sAnchor = "";
     }
     $this->dQuery = array();
     $iPos = strpos($s, "?");
     if ($iPos !== false) {
         $sQuery = substr($s, $iPos + 1);
         $aQueryPairs = explode("&", $sQuery);
         foreach ($aQueryPairs as $sPair) {
             $aKeyValue = explode("=", $sPair);
             $this->dQuery[$aKeyValue[0]] = isset($aKeyValue[1]) ? urldecode($aKeyValue[1]) : "";
         }
         $s = substr($s, 0, $iPos);
     }
     parent::WYPath($s);
 }
Example #4
0
 function WYAudioElement($sN, $sL)
 {
     global $goApp;
     parent::WYAttachmentElement($sN);
     $this->sEditorPageName = "audio.php";
     $this->iEditorWidth = 650;
     $this->iEditorHeight = 250;
     $this->sEditButtonCSSClass = "WebYepAudioEditButton";
     $this->setVersion(WY_AUDIO_VERSION);
     $this->sLinkContent = $sL;
     if ($this->sOriginalFilename()) {
         $oP = new WYPath($this->sOriginalFilename());
         if (!$oP->bCheck(WYPATH_CHECK_JUSTAUDIO | WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
             $goApp->log("missuse of audio element, filename: " . $oP->sPath);
             exit(0);
         }
         unset($oP);
         $oP = new WYPath($this->sDownloadFileName());
         if (!$oP->bCheck(WYPATH_CHECK_JUSTAUDIO | WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
             $goApp->log("missuse of audio element, filename: " . $oP->sPath);
             exit(0);
         }
     }
 }
Example #5
0
<?php

// WebYep
// (C) Objective Development Software GmbH
// http://www.obdev.at
$webyep_bDocumentPage = false;
$webyep_sIncludePath = ".";
include_once "{$webyep_sIncludePath}/webyep.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/elements/WYAudioElement.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYPath.php";
$oFilename = new WYPath($_GET[WY_QK_AUDIO_FILENAME]);
if (!$oFilename->bCheck(WYPATH_CHECK_JUSTAUDIO | WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
    $goApp->log("missuse of mp3 player script, path: " . $oFilename->sPath);
    exit(0);
}
$oURL = od_clone($goApp->oDataURL);
$oURL->addComponent($oFilename->sPath);
?>
<html>
<head>
<title><?php 
echo WYTS("MP3PlayerWindowTitle");
?>
</title>
<style type="text/css">
body {
	background-color: black;
}
</style>
</head>
<body>
Example #6
0
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYHiddenField.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYFileUpload.php";
$oHFFunctioNumber = new WYHiddenField('CKEditorFuncNum');
$iFunctionNumber = (int) $oHFFunctioNumber->sValue();
$oFU = new WYFileUpload("upload");
$bOK = false;
$sResponse = "";
$sURL = "";
if (isset($_REQUEST['CKEditor'])) {
    if ($oFU->bUploadOK()) {
        $oOriginalName = od_clone($oFU->oOriginalFilename());
        if ($oOriginalName->bCheck(WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH | WYPATH_CHECK_JUSTIMAGE)) {
            $sFilename = $oOriginalName->sPath;
            $sExtension = $oOriginalName->sExtension();
            $sFilename = str_replace(".{$sExtension}", "", $sFilename);
            $sFilename = WYPath::sMakeFilename($sFilename);
            $oDestPath = od_clone($goApp->oDataPath);
            $sDestFilename = "rtimg-{$sFilename}.{$sExtension}";
            $oDestPath->addComponent($sDestFilename);
            $oFile = new WYFile($oFU->oFilePath());
            if (!$oFile->bCopyTo($oDestPath)) {
                $goApp->log("Could not copy uploaded image file");
                $sResponse = WYTS("FileUploadErrorUnknown", false);
            } else {
                $sResponse = "";
                $bOK = true;
                $oURL = od_clone($goApp->oDataURL);
                $oURL->addComponent($sDestFilename);
                $sURL = $oURL->sURL(false, false, true);
            }
        } else {
Example #7
0
// (C) Objective Development Software GmbH
// http://www.obdev.at
$webyep_bDocumentPage = false;
$webyep_sIncludePath = ".";
include_once "{$webyep_sIncludePath}/webyep.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/elements/WYAttachmentElement.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYFile.php";
$aMimeTypes['pdf'] = "application/pdf";
$aMimeTypes['htm'] = "text/html";
$aMimeTypes['html'] = "text/html";
$aMimeTypes['php'] = "application/binary";
$aMimeTypes['txt'] = "text/plain";
$aMimeTypes['gif'] = "image/gif";
$aMimeTypes['jpg'] = "image/jpeg";
$oFilename = new WYPath($_GET[WY_QK_DOWNLOAD_FILENAME]);
$oOrgFilename = new WYPath($_GET[WY_QK_ORIGINAL_FILENAME]);
$sClientIP = $goApp->sClientIP();
if (!$oFilename->bCheck(WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
    $goApp->log("missuse of download script from {$sClientIP}, path: " . $oFilename->sPath);
    exit(0);
}
if (!$oOrgFilename->bCheck(WYPATH_CHECK_NOSCRIPT | WYPATH_CHECK_NOPATH)) {
    $goApp->log("missuse of download script from {$sClientIP}, org file path: " . $oOrgFilename->sPath);
    exit(0);
}
$sOrgFilename = str_replace(" ", "_", $oOrgFilename->sPath);
$oPath = od_clone($goApp->oDataPath);
$oPath->addComponent($oFilename->sPath);
if (strpos($oPath->sPath, "webyep-system") === false) {
    // goApp's log won't work when data path was modified! -> echo
    echo "missuse of download script from {$sClientIP}, mangled data path: " . $oPath->sPath;
Example #8
0
 function sDataFileName($bCreate)
 {
     global $goApp;
     $sFilename = "";
     $sPrefix = "";
     $iPageID = 0;
     $i = 0;
     $sFilename = $this->sFieldNameForFile();
     if (!$this->bGlobal) {
         $iPageID = $goApp->oDocument->iPageID($bCreate);
         if ($iPageID) {
             if ($this->bUseDocumentInstance()) {
                 $iDocInstance = $goApp->oDocument->iDocumentInstance();
             } else {
                 $iDocInstance = 0;
             }
             if ($this->bUseLoopID()) {
                 $iLoopID = $goApp->oDocument->iLoopID();
             } else {
                 $iLoopID = 0;
             }
             $sPrefix = WYElement::sDataFileNamePrefix($iPageID, $iDocInstance, $iLoopID);
             $sFilename = $sPrefix . "-" . $sFilename;
         } else {
             $sFilename = "";
         }
     }
     if ($sFilename) {
         $oP = new WYPath($sFilename);
         if (!$oP->bCheck(WYPATH_CHECK_NOPATH)) {
             $sFilename = "";
         }
     }
     return $sFilename;
 }
Example #9
0
$oHFLanguageCode = new WYHiddenField('langCode');
$sLangCode = $oHFLanguageCode->sValue();
$oHFAction = new WYHiddenField(ACTION);
$sAction = $oHFAction->sValue();
//	$sResponse = WYTS("RichTextSaved");
//   $oCKBaseURL = od_clone($goApp->oProgramURL);
//   $oCKBaseURL->addComponent("opt");
//   $oCKBaseURL->addComponent("ckeditor");
//	$oCKJSURL = od_clone($oCKBaseURL);
//	$oCKJSURL->addComponent("ckeditor.js");
$goApp->outputWarningPanels();
// give App a chance to say something
if ($sAction == ACTION_DELETE) {
    $oHFFilename = new WYHiddenField(FILENAME);
    $oFullPath = od_clone($goApp->oDataPath);
    $oFilename = new WYPath($oHFFilename->sValue());
    if ($oFilename->bCheck(WYPATH_CHECK_JUSTIMAGE | WYPATH_CHECK_NOPATH)) {
        $oFullPath->addComponent($oFilename->sPath);
        $oFile = new WYFile($oFullPath);
        $oFile->bDelete();
    }
}
$aEntries = array();
$r = opendir($goApp->oDataPath->sPath);
while (($sEntry = readdir($r)) !== false) {
    if ($sEntry[0] == ".") {
        continue;
    }
    if (substr($sEntry, 0, 5) != "rtimg") {
        continue;
    }
Example #10
0
 /**
  * Liefert den Dateinamen des Vorschaubildes zum Dateinamen eines Bildes
  *
  * @access 		private
  *	@param		string		der Dateiname des Bildes
  *	@return		string		der Dateiname des Vorschaubildes
  */
 function _sThumbnailName($sFilename)
 {
     global $goApp;
     $oP = $oF = od_nil;
     $sOrgExt = "";
     $sTN = "";
     $oP = new WYPath($sFilename);
     $sOrgExt = $oP->sExtension();
     $oP = od_clone($goApp->oDataPath);
     $iPos = strrpos($sFilename, ".");
     $sTN = substr($sFilename, 0, $iPos) . "-tn.jpg";
     $oP->addComponent($sTN);
     $oF = new WYFile($oP);
     if (!$oF->bExists()) {
         $oP->removeDemoSlotID();
         // try again without demo slot ID
         unset($oF);
         $oF = new WYFile($oP);
         if (!$oF->bExists()) {
             $oP->setExtension($sOrgExt);
             $sTN = $oP->sBasename();
         }
     }
     return $sTN;
 }
Example #11
0
// WebYep
// (C) Objective Development Software GmbH
// http://www.obdev.at
$webyep_bDocumentPage = false;
$webyep_sIncludePath = ".";
include_once "{$webyep_sIncludePath}/webyep.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYImage.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/lib/WYPath.php";
include_once @webyep_sConfigValue("webyep_sIncludePath") . "/elements/WYImageElement.php";
$oImage = $oURL = od_nil;
$sFilename = "";
if (isset($_GET[WY_QK_IMAGE_DETAIL])) {
    $sFilename = $_GET[WY_QK_IMAGE_DETAIL];
    $sAltText = $_GET[WY_QK_IMAGE_ALTTEXT];
    $bDemoContent = $_GET[WY_QK_IMAGE_DEMOCONTENT];
    $oP = new WYPath($sFilename);
    if (!$oP->bCheck(WYPATH_CHECK_NOPATH | WYPATH_CHECK_JUSTIMAGE)) {
        $goApp->log("illegal filename in image-detail: <{$sFilename}>");
        exit(-1);
    }
    $oURL = od_clone($goApp->oDataURL);
    if ($bDemoContent) {
        $oURL->removeDemoSlotID();
    }
    $oURL->addComponent($sFilename);
    $oImage = new WYImage($oURL);
    if ($sAltText) {
        $oImage->setAttribute("alt", $sAltText);
    }
    $iW = $oImage->iWidth();
    $iH = $oImage->iHeight();