/** * constructor * @path the path to a folder * @calculateSubdir force to get the subdirectories information */ function __construct($path = null, $calculateSubdir = true) { $this->calculateSubdir = $calculateSubdir; if (defined('CONFIG_SYS_FOLDER_SHOWN_ON_TOP')) { $this->forceFolderOnTop = CONFIG_SYS_FOLDER_SHOWN_ON_TOP; } if (!is_null($path)) { $this->currentFolderPath = $path; } elseif (isset($_GET[$this->folderPathIndex]) && file_exists(base64_decode($_GET[$this->folderPathIndex])) && !is_file(base64_decode($_GET[$this->folderPathIndex]))) { $this->currentFolderPath = api_htmlentities(Security::remove_XSS($_GET[$this->folderPathIndex])); } elseif (isset($_SESSION[$this->lastVisitedFolderPathIndex]) && file_exists($_SESSION[$this->lastVisitedFolderPathIndex]) && !is_file($_SESSION[$this->lastVisitedFolderPathIndex])) { $this->currentFolderPath = $_SESSION[$this->lastVisitedFolderPathIndex]; } else { $this->currentFolderPath = CONFIG_SYS_DEFAULT_PATH; } $this->currentFolderPath = isUnderRoot($this->getCurrentFolderPath()) ? backslashToSlash(addTrailingSlash($this->getCurrentFolderPath())) : $this->currentFolderPath; $this->currentFolderPath = base64_encode($this->currentFolderPath); if ($this->calculateSubdir) { // keep track of this folder path in session $_SESSION[$this->lastVisitedFolderPathIndex] = $this->currentFolderPath; } if (is_dir($this->getCurrentFolderPath())) { $file = new file($this->getCurrentFolderPath()); $folderInfo = $file->getFileInfo(); if (sizeof($folderInfo)) { //for Chamilo in a name folder, replace num user by user names if (preg_match('/sf_user_/', basename($this->getCurrentFolderPath()))) { $userinfo = api_get_user_info(substr(basename($this->getCurrentFolderPath()), 8)); $this->currentFolderInfo['name'] = $userinfo['complete_name']; } else { $this->currentFolderInfo['name'] = str_replace('_', ' ', basename($this->getCurrentFolderPath())); //for Chamilo. Prevent long directory name } if (preg_match('/shared_folder/', basename($this->getCurrentFolderPath()))) { $this->currentFolderInfo['name'] = get_lang('UserFolders'); } if (preg_match('/shared_folder_session_/', basename($this->getCurrentFolderPath()))) { $session = explode('_', basename($this->getCurrentFolderPath())); $session = strtolower($session[sizeof($session) - 1]); $this->currentFolderInfo['name'] = get_lang('UserFolders') . ' (' . api_get_session_name($session) . ')*'; } //end Chamilo $this->currentFolderInfo['subdir'] = 0; $this->currentFolderInfo['file'] = 0; $this->currentFolderInfo['ctime'] = $folderInfo['ctime']; $this->currentFolderInfo['mtime'] = $folderInfo['mtime']; $this->currentFolderInfo['is_readable'] = $folderInfo['is_readable']; $this->currentFolderInfo['is_writable'] = $folderInfo['is_writable']; $this->currentFolderInfo['path'] = $this->getCurrentFolderPath(); $this->currentFolderInfo['path_base64'] = base64_encode($this->getCurrentFolderPath()); $this->currentFolderInfo['friendly_path'] = transformFilePath($this->getCurrentFolderPath()); $this->currentFolderInfo['type'] = 'folder'; $this->currentFolderInfo['cssClass'] = 'folder'; //$this->currentFolderInfo['flag'] = $folderInfo['flag']; } } if ($calculateSubdir && !file_exists($this->getCurrentFolderPath())) { die(ERR_FOLDER_NOT_FOUND . $this->getCurrentFolderPath()); } }
/** * constructor * @path the path to a folder * @calculateSubdir force to get the subdirectories information */ function __construct($path = null, $calculateSubdir=true) { $this->calculateSubdir = $calculateSubdir; if(defined('CONFIG_SYS_FOLDER_SHOWN_ON_TOP')) { $this->forceFolderOnTop = CONFIG_SYS_FOLDER_SHOWN_ON_TOP; } if(!is_null($path)) { $this->currentFolderPath = $path; }elseif(isset($_GET[$this->folderPathIndex]) && file_exists($_GET[$this->folderPathIndex]) && !is_file($_GET[$this->folderPathIndex]) ) { $this->currentFolderPath = $_GET[$this->folderPathIndex]; } elseif(isset($_SESSION[$this->lastVisitedFolderPathIndex]) && file_exists($_SESSION[$this->lastVisitedFolderPathIndex]) && !is_file($_SESSION[$this->lastVisitedFolderPathIndex])) { $this->currentFolderPath = $_SESSION[$this->lastVisitedFolderPathIndex]; }else { $this->currentFolderPath = CONFIG_SYS_DEFAULT_PATH; } $this->currentFolderPath = (isUnderRoot($this->currentFolderPath)?backslashToSlash((addTrailingSlash($this->currentFolderPath))):CONFIG_SYS_DEFAULT_PATH); if($this->calculateSubdir) {// keep track of this folder path in session $_SESSION[$this->lastVisitedFolderPathIndex] = $this->currentFolderPath; } if(is_dir($this->currentFolderPath)) { $file = new file($this->currentFolderPath); $folderInfo = $file->getFileInfo(); if(sizeof($folderInfo)) { $this->currentFolderInfo['name']=basename($this->currentFolderPath); $this->currentFolderInfo['subdir']=0; $this->currentFolderInfo['file']=0; $this->currentFolderInfo['ctime']=$folderInfo['ctime']; $this->currentFolderInfo['mtime']=$folderInfo['mtime']; $this->currentFolderInfo['is_readable']=$folderInfo['is_readable']; $this->currentFolderInfo['is_writable']=$folderInfo['is_writable']; $this->currentFolderInfo['path'] = $this->currentFolderPath; $this->currentFolderInfo['friendly_path'] = transformFilePath($this->currentFolderPath); $this->currentFolderInfo['type'] = "folder"; $this->currentFolderInfo['cssClass']='folder'; //$this->currentFolderInfo['flag'] = $folderInfo['flag']; } } if($calculateSubdir && !file_exists($this->currentFolderPath)) { die(ERR_FOLDER_NOT_FOUND . $this->currentFolderPath); } }
if (!file_exists($_GET['delete'])) { $error = ERR_FILE_NOT_AVAILABLE; } elseif (!isUnderRoot($_GET['delete'])) { $error = ERR_FOLDER_PATH_NOT_ALLOWED; } else { include_once CLASS_FILE; $file = new file(); if (is_dir($_GET['delete']) && isValidPattern(CONFIG_SYS_INC_DIR_PATTERN, getBaseName($_GET['delete'])) && !isInvalidPattern(CONFIG_SYS_EXC_DIR_PATTERN, getBaseName($_GET['delete']))) { $file->delete(addTrailingSlash(backslashToSlash($_GET['delete']))); } elseif (is_file($_GET['delete']) && isValidPattern(CONFIG_SYS_INC_FILE_PATTERN, getBaseName($_GET['delete'])) && !isInvalidPattern(CONFIG_SYS_EXC_FILE_PATTERN, getBaseName($_GET['delete']))) { $file->delete($_GET['delete']); } } } else { if (!isset($_POST['selectedDoc']) || !is_array($_POST['selectedDoc']) || sizeof($_POST['selectedDoc']) < 1) { $error = ERR_NOT_FILE_SELECTED; } else { include_once CLASS_FILE; $file = new file(); foreach ($_POST['selectedDoc'] as $doc) { if (file_exists($doc) && isUnderRoot($doc)) { if (is_dir($doc) && isValidPattern(CONFIG_SYS_INC_DIR_PATTERN, $doc) && !isInvalidPattern(CONFIG_SYS_EXC_DIR_PATTERN, $doc)) { $file->delete(addTrailingSlash(backslashToSlash($doc))); } elseif (is_file($doc) && isValidPattern(CONFIG_SYS_INC_FILE_PATTERN, $doc) && !isInvalidPattern(CONFIG_SYS_EXC_FILE_PATTERN, $doc)) { $file->delete($doc); } } } } } echo "{error:'" . $error . "'}";
@ob_start(); displayArray($_POST); writeInfo(@ob_get_clean()); echo "{"; $error = ""; $info = ""; /* $_POST['new_folder'] = substr(md5(time()), 1, 5); $_POST['currentFolderPath'] = "../../uploaded/";*/ if (CONFIG_SYS_VIEW_ONLY || !CONFIG_OPTIONS_NEWFOLDER) { $error = SYS_DISABLED; } elseif (empty($_POST['new_folder'])) { $error = ERR_FOLDER_NAME_EMPTY; } elseif (!preg_match("/^[a-zA-Z0-9_\\- ]+\$/", $_POST['new_folder'])) { $error = ERR_FOLDER_FORMAT; } else { if (empty($_POST['currentFolderPath']) || !isUnderRoot($_POST['currentFolderPath'])) { $error = ERR_FOLDER_PATH_NOT_ALLOWED; } elseif (file_exists(addTrailingSlash($_POST['currentFolderPath']) . $_POST['new_folder'])) { $error = ERR_FOLDER_EXISTS; } else { include_once CLASS_FILE; $file = new file(); if ($file->mkdir(addTrailingSlash($_POST['currentFolderPath']) . $_POST['new_folder'], 0775)) { include_once CLASS_MANAGER; $manager = new manager(addTrailingSlash($_POST['currentFolderPath']) . $_POST['new_folder'], false); $pathInfo = $manager->getFolderInfo(addTrailingSlash($_POST['currentFolderPath']) . $_POST['new_folder']); foreach ($pathInfo as $k => $v) { switch ($k) { case "ctime": case "mtime": case "atime":
function getCurrentFolderPath() { $folderPathIndex = 'path'; $lastVisitedFolderPathIndex = 'ajax_last_visited_folder'; if(isset($_GET[$folderPathIndex]) && file_exists($_GET[$folderPathIndex]) && !is_file($_GET[$folderPathIndex]) ) { $currentFolderPath = $_GET[$folderPathIndex]; } elseif(isset($_SESSION[$lastVisitedFolderPathIndex]) && file_exists($_SESSION[$lastVisitedFolderPathIndex]) && !is_file($_SESSION[$lastVisitedFolderPathIndex])) { $currentFolderPath = $_SESSION[$lastVisitedFolderPathIndex]; }else { $currentFolderPath = CONFIG_SYS_DEFAULT_PATH; } $currentFolderPath = (isUnderRoot($currentFolderPath)?backslashToSlash((addTrailingSlash($currentFolderPath))):CONFIG_SYS_DEFAULT_PATH); //keep track of this folder path in session $_SESSION[$lastVisitedFolderPathIndex] = $currentFolderPath; if(!file_exists($currentFolderPath)) { die(ERR_FOLDER_NOT_FOUND . $currentFolderPath); } }
* */ require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . "inc" . DIRECTORY_SEPARATOR . "config.php"; require_once CLASS_HISTORY; $history = new History($_POST['file_path'], $session); $lastestSessionImageInfo = $history->getLastestRestorable(); echo "{"; $error = ""; $info = ""; if (CONFIG_SYS_VIEW_ONLY) { $error = SYS_DISABLED; } elseif (empty($_POST['file_path'])) { $error = IMG_SAVE_EMPTY_PATH; } elseif (!file_exists($_POST['file_path'])) { $error = IMG_SAVE_NOT_EXISTS; } elseif (!isUnderRoot($_POST['file_path'])) { $error = IMG_SAVE_PATH_DISALLOWED; } else { if (!sizeof($lastestSessionImageInfo)) { $error = IMG_UNDO_NO_HISTORY_AVAIALBE; } else { //get the original image which is the lastest session image if any when the system is in demo $sessionImage = $session->getSessionDir() . $lastestSessionImageInfo['name']; $originalSessionImageInfo = $history->getOriginalImage(); if (CONFIG_SYS_DEMO_ENABLE && sizeof($originalSessionImageInfo)) { $originalImage = $session->getSessionDir() . $originalSessionImageInfo['info']['name']; } else { $originalImage = $_POST['file_path']; } include_once CLASS_IMAGE; $image = new Image();
*/ require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . "inc" . DIRECTORY_SEPARATOR . "config.php"); echo "{"; $error = ""; $info = ""; include_once(CLASS_UPLOAD); $upload = new Upload(); $upload->setInvalidFileExt(explode(",", CONFIG_UPLOAD_INVALID_EXTS)); if(CONFIG_SYS_VIEW_ONLY || !CONFIG_OPTIONS_UPLOAD) { $error = SYS_DISABLED; } elseif(empty($_GET['folder']) || !isUnderRoot($_GET['folder'])) { $error = ERR_FOLDER_PATH_NOT_ALLOWED; }else if(!$upload->isFileUploaded('file')) { $error = ERR_FILE_NOT_UPLOADED; }else if(!$upload->moveUploadedFile($_GET['folder'])) { $error = ERR_FILE_MOVE_FAILED; } elseif(!$upload->isPermittedFileExt(explode(",", CONFIG_UPLOAD_VALID_EXTS))) { $error = ERR_FILE_TYPE_NOT_ALLOWED; }elseif(defined('CONFIG_UPLOAD_MAXSIZE') && CONFIG_UPLOAD_MAXSIZE && $upload->isSizeTooBig(CONFIG_UPLOAD_MAXSIZE)) { $error = sprintf(ERROR_FILE_TOO_BID, transformFileSize(CONFIG_UPLOAD_MAXSIZE));
/* For licensing terms, see /license.txt */ /** * Ajax image editor platform * @author Logan Cai (cailongqun [at] yahoo [dot] com [dot] cn) * @link www.phpletter.com * @since 22/May/2007 * */ require_once '../../../../../../inc/global.inc.php'; require_once api_get_path(LIBRARY_PATH) . 'fckeditor/editor/plugins/ajaxfilemanager/inc/config.php'; if (CONFIG_SYS_VIEW_ONLY || !CONFIG_OPTIONS_EDITABLE) { die(SYS_DISABLED); } //$session->gc(); //disabled for Chamilo $_GET['path'] = empty($_GET['path']) ? CONFIG_SYS_ROOT_PATH . "ajax_image_editor_demo.jpg" : $_GET['path']; if (!empty($_GET['path']) && file_exists($_GET['path']) && is_file($_GET['path']) && isUnderRoot($_GET['path'])) { $path = $_GET['path']; } else { die(TXT_FILE_NOT_FOUND); } if (file_exists(DIR_AJAX_EDIT_AREA . "reg_syntax" . DIRECTORY_SEPARATOR . getFileExt($path) . ".js")) { $syntax = getFileExt($path); } else { switch (getFileExt($path)) { case 'htm': $syntax = 'html'; break; default: $syntax = 'basic'; } }
/** * get the parent path of the specified path * * @param string $path * @return string */ function getParentFolderPath($path) { $realPath = addTrailingSlash(backslashToSlash(getRealPath($path))); $parentRealPath = addTrailingSlash(backslashToSlash(dirname($realPath))); $differentPath = addTrailingSlash(substr($realPath, strlen($parentRealPath))); $parentPath = substr($path, 0, strlen(addTrailingSlash(backslashToSlash($path))) - strlen($differentPath)); /* echo $realPath . "<br>"; echo $parentRealPath . "<br>"; echo $differentPath . "<br>"; echo $parentPath . "<br>";*/ if(isUnderRoot($parentPath)) { return $parentPath; }else { return CONFIG_SYS_DEFAULT_PATH; } }
* @author Logan Cai (cailongqun [at] yahoo [dot] com [dot] cn) * @link www.phpletter.com * @since 22/May/2007 * */ require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . "inc" . DIRECTORY_SEPARATOR . "config.php"; $error = ''; $path = addTrailingSlash(backslashToSlash($_POST['folder'])) . $_POST['name']; if (CONFIG_SYS_VIEW_ONLY || !CONFIG_OPTIONS_EDITABLE) { $error = SYS_DISABLED; } elseif (isset($_POST['save_as_request'])) { if (!preg_match('/^[a-zA-Z0-9_\\-.]+$/', $_POST['name'])) { $error = TXT_SAVE_AS_ERR_NAME_INVALID; } elseif (array_search(strtolower(getFileExt($_POST['name'])), getValidTextEditorExts()) === false) { $error = TXT_DISALLOWED_EXT; } elseif (!isUnderRoot($_POST['folder'])) { $error = ERR_FOLDER_PATH_NOT_ALLOWED; } else { if (!empty($_POST['save_as_request'])) { //save as request if (file_exists($path)) { $error = TXT_FILE_EXIST; } else { if (($fp = @fopen($path, 'w+')) !== false) { if (@fwrite($fp, $_POST['text'])) { @fclose($fp); } else { $error = TXT_CONTENT_WRITE_FAILED; } } else { $error = TXT_CREATE_FAILED;
* @since 22/May/2007 * */ require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . "inc" . DIRECTORY_SEPARATOR . "config.php"; if (!osc_is_admin_user_logged_in()) { exit('Direct access is not allowed.'); } $error = ""; $info = ""; if (CONFIG_SYS_VIEW_ONLY || !CONFIG_OPTIONS_EDITABLE) { $error = SYS_DISABLED; } elseif (empty($_POST['path'])) { $error = IMG_SAVE_EMPTY_PATH; } elseif (!file_exists($_POST['path'])) { $error = IMG_SAVE_NOT_EXISTS; } elseif (!isUnderRoot($_POST['path'])) { $error = IMG_SAVE_PATH_DISALLOWED; } elseif (($sessionDir = $session->getSessionDir()) == '') { $error = SESSION_PERSONAL_DIR_NOT_FOUND; } else { require_once CLASS_HISTORY; $history = new History($_POST['path'], $session); if (!empty($_POST['mode'])) { //get the original image which is the lastest session image if any when the system is in demo $lastestSessionImageInfo = $history->getLastestRestorable(); if (sizeof($lastestSessionImageInfo) && CONFIG_SYS_DEMO_ENABLE) { $originalSessionImageInfo = $history->getOriginalImage(); if (sizeof($originalSessionImageInfo)) { $originalImage = $sessionDir . $originalSessionImageInfo['info']['name']; } }
require_once '../../../../../../inc/global.inc.php'; require_once api_get_path(LIBRARY_PATH) . 'fckeditor/editor/plugins/ajaxfilemanager/inc/config.php'; // @todo sleep?? sleep(3); echo "{"; $error = ""; $info = ""; $fullPath = ''; include_once CLASS_UPLOAD; $upload = new Upload(); $folder = base64_decode($_GET['folder']); //$folder = ($_GET['folder']); $upload->setInvalidFileExt(explode(",", CONFIG_UPLOAD_INVALID_EXTS)); if (CONFIG_SYS_VIEW_ONLY || !CONFIG_OPTIONS_UPLOAD) { $error = SYS_DISABLED; } elseif (empty($folder) || !isUnderRoot($folder)) { $error = ERR_FOLDER_PATH_NOT_ALLOWED; } else { if (!$upload->isFileUploaded('file')) { $error = ERR_FILE_NOT_UPLOADED; } else { if (!$upload->moveUploadedFile($folder)) { $error = ERR_FILE_MOVE_FAILED; } elseif (!$upload->isPermittedFileExt(explode(",", CONFIG_UPLOAD_VALID_EXTS))) { $error = ERR_FILE_TYPE_NOT_ALLOWED; } elseif (defined('CONFIG_UPLOAD_MAXSIZE') && CONFIG_UPLOAD_MAXSIZE && $upload->isSizeTooBig(CONFIG_UPLOAD_MAXSIZE)) { $error = sprintf(ERROR_FILE_TOO_BID, transformFileSize(CONFIG_UPLOAD_MAXSIZE)); } else { include_once CLASS_FILE; $path = $upload->getFilePath(); $obj = new file($path);