/** * Download a backup file * * @param string $file Filename (without the path) * @return void * @note Filename should have been sanitized and checked before calling this. * */ function DBADMIN_download($file) { global $_CONF; require_once $_CONF['path_system'] . 'classes/downloader.class.php'; $dl = new downloader(); $dl->setLogFile($_CONF['path'] . 'logs/error.log'); $dl->setLogging(true); $dl->setDebug(true); $dl->setPath($_CONF['backup_path']); $dl->setAllowedExtensions(array('sql' => 'application/x-gzip-compressed', 'gz' => 'application/x-gzip-compressed')); $dl->downloadFile($file); }
} if (DB_count($_TABLES['nxfile_filesubmissions'], 'id', $fid) > 0) { include_once $_CONF['path_system'] . 'classes/downloader.class.php'; $query = DB_query("SELECT cid,ftype,fname,tempname FROM {$_TABLES['nxfile_filesubmissions']} WHERE id={$fid}"); list($cid, $ftype, $fname, $tname) = DB_fetchARRAY($query); $directory = $_FMCONF['storage_path'] . $cid . '/submissions/'; $logfile = $_CONF['path'] . 'logs/error.log'; if ($ftype == "file") { $pos = strrpos($tname, '.') + 1; $ext = strtolower(substr($tname, $pos)); $download = new downloader(); $download->_setAvailableExtensions($_FMCONF['downloadfiletypes']); $download->setAllowedExtensions($_FMCONF['downloadfiletypes']); $download->setLogFile($logfile); $download->setLogging(true); $download->setPath($directory); $download->downloadFile($tname); DB_query("UPDATE {$_TABLES['nxfile_filedetail']} SET hits = hits +1 WHERE fid='{$fid}' "); if ($download->areErrors()) { echo $LANG_FMERR['download1']; echo $download->printWarnings(); echo $download->printErrors(); return false; } } else { $url = $fname; if ($fd = fopen($url, "rb")) { $pos = strrpos($url, "/") + 1; $fname = substr($url, $pos); if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { $fname = preg_replace('/\\./', '%2e', $fname, substr_count($fname, '.') - 1);
$downloader->setLogging(true); $downloader->setAllowedExtensions(array('gif' => 'image/gif', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'png' => 'image/x-png')); COM_setArgNames(array('mode', 'image')); $mode = COM_applyFilter(COM_getArgument('mode')); $image = COM_applyFilter(COM_getArgument('image')); if (strstr($image, '..')) { // Can you believe this, some jackass tried to relative pathing to access // files they shouldn't have access to? COM_accessLog('Someone tried to illegally access files using getimage.php'); exit; } // Set the path properly switch ($mode) { case 'show': case 'articles': $downloader->setPath($_CONF['path_images'] . 'articles/'); break; case 'topics': $downloader->setPath($_CONF['path_images'] . 'topics/'); break; case 'userphotos': $downloader->setPath($_CONF['path_images'] . 'userphotos/'); break; default: // Hrm, got a bad path, just die exit; } // Let's see if we don't have a legit file. If not bail $pathToImage = $downloader->getPath() . $image; if (is_file($pathToImage)) { // support conditional GET, if possible
$dwnld = new downloader(); $logfile = $_PP_CONF['logfile']; if (!file_exists($logfile)) { $fp = fopen($logfile, "w+"); if (!$fp) { COM_errorLog("Failed to create {$logfile}", 1); } else { fwrite($fp, "**** Created Logfile ***\n"); } } if (file_exists($logfile)) { $dwnld->setLogFile($logfile); $dwnld->setLogging(true); } else { $dwnld->setLogginf(false); } $dwnld->setAllowedExtensions($_PP_CONF['allowedextensions']); $dwnld->setPath($_PP_CONF['download_path']); $dwnld->downloadFile($A['file']); // Check for errors if ($dwnld->areErrors()) { $errs = $dwnld->printErrors(false); COM_errorLog("PAYPAL-DWNLD: {$_USER['username']} tried to download " . "the file with id {$id} but for some reason could not", 1); COM_errorLog("PAYPAL-DWNLD: {$errs}", 1); echo COM_refresh($_CONF['site_url']); } $dwnld->_logItem('Download Success', "{$_USER['username']} successfully downloaded " . "the file with id {$id}."); } else { COM_errorLog("PAYPAL-DWNLD: {$_USER['username']}/{$_USER['uid']} " . "tried to download the file with id {$id} " . "but this is not a downloadable file", 1); echo COM_refresh($_CONF['site_url'] . '/index.php?msg=07&plugin=paypal'); }
function nexdoc_createArchiveFromFolder($rootfolder) { global $_CONF, $_TABLES, $_FMCONF, $_USER; $archiveDirectory = "{$_FMCONF['storage_path']}tmp/"; $zipfilename = ppRandomFilename(6) . '.zip'; if (file_exists("{$archiveDirectory}{$zipfilename}")) { @unlink("{$archiveDirectory}{$zipfilename}"); //COM_errorLog("Creating archive {$archiveDirectory}{$zipfilename} - removing existing file"); } else { //COM_errorLog("Creating archive {$archiveDirectory}{$zipfilename}"); } if (!fm_getPermission($rootfolder, 'view')) { COM_errorLog("User: {$_USER['uid']} does not have view access to the root folder: {$rootfolder}"); return ''; } $zip = new ZipArchive(); $zipOpenResult = $zip->open("{$archiveDirectory}{$zipfilename}", ZIPARCHIVE::CREATE); if ($zipOpenResult === TRUE) { /* If user is inside a workspace or directory then we need to process * list of files from parent folder down and add any needed folders to archive * $fileitems will contain just file id's - checking a folder will just add files to hidden form field */ $filesAdded = array(); $sql = "SELECT a.cid,a.fid,a.fname,b.pid,b.name as folder FROM {$_TABLES['nxfile_files']} a "; $sql .= "LEFT JOIN {$_TABLES['nxfile_categories']} b on b.cid=a.cid "; $sql .= "WHERE a.cid={$rootfolder}"; $query = DB_query($sql); $pfolders = array(); // Array of parent folders that I will need to create folders for in archive $files = array(); while ($A = DB_fetchArray($query)) { // Add any files now to the archive that are in the Root Folder $sourcefile = $_FMCONF['storage_path'] . "{$rootfolder}/{$A['fname']}"; if (file_exists($sourcefile)) { //COM_errorLog("$i: Adding file ({$A['fid']}): $sourcefile "); $zip->addFile($sourcefile, $A['fname']); } } if (DB_count($_TABLES['nxfile_categories'], 'pid', $cid)) { nexdoc_archiveAddParentFromFolder($zip, $rootfolder); } $zip->close(); //COM_errorLog("Completed {$archiveDirectory}{$zipfilename}, filesize: " . filesize("{$archiveDirectory}{$zipfilename}")); include_once $_CONF['path_system'] . 'classes/downloader.class.php'; $download = new downloader(); $download->setLogging(false); $download->_setAvailableExtensions(array('zip' => 'application/x-zip-compresseed')); $download->setAllowedExtensions(array('zip' => 'application/x-zip-compresseed')); $download->setPath($archiveDirectory); $download->downloadFile($zipfilename); if ($download->areErrors()) { $err = $download->printWarnings(); $err .= "\n" . $download->printErrors(); COM_errorLog("nexFile: Download error for user: {$_USER['uid']} - file: {$archiveDirectory}{$zipfilename}, Err => {$err}"); } } else { COM_errorLog("Failed to create {$archiveDirectory}{$zipfilename}, Err => {$zipOpenResult}"); } }