protected function authAndDie($rule = null)
{
$rule = trim($rule);
if (!$rule || !MRights::can($rule)) {
$errorText = $rule !== null ? MText::_("rights_noauth_" . $rule) : MText::_("noauth");
$goBackUrl = MURL::_();
ob_start();
include _FM_HOME_FOLDER . DS . "templates" . DS . "noaccess.php";
$dieOut = ob_get_clean();
ob_get_clean();
die($dieOut);
}
}
public static function rightsMaskFields($data = null, $rootFolderId = null){
$rightsObject = MRights::getInstance($rootFolderId);
$rights = $rightsObject->getRightsFor($rootFolderId, $data->id);
$calculated = $rightsObject->getCalculatedFor($rootFolderId,$data->id);
$names = array("use","read","write");
$c = new MContainer();
$c->add('<div id="container_'.$data->id.'" style="padding: 10px;">');
$c->add('<table class="mRightsTable" id="table_'.$data->id.'" >');
$c->add('<tbody>');
$c->add('<tr id="tr_heading_'.$data->id.'" class="mNoSelect">');
$c->add('<td class="heading">'. MText::_("action").'</td>');
$c->add('<td class="heading">'. MText::_("selectnewsetting").'</td>');
$c->add('<td class="heading">'. MText::_("calculatedsetting").'</td>');
$c->add('</tr>');
foreach($names as $name){
$info = MText::_("rights_".$name."_desc");
$infoIcon = ($info != "rights_".$name."_desc" ) ? '<img src="'. _FM_HOME_FOLDER.'/images/info.png" align="right" info="'.$info.'" />' : '';
$isUse = ($name == "use") ? " is_use" : " no_use";
$hideMe = ($name == "use") ? '' : '<div class="hideme hideme_'.$data->id.'"></div></div>';
$c->add('<tr id="tr_'.$name.'_'.$data->id.'">');
$c->add('<td id="td_name_'.$name.'_'.$data->id.'" class="mNoSelect">'. MText::_("rights_".$name).$infoIcon.'</td>');
$select = MForms::select("right[".$data->id."][".$name."]",array(
array("val"=> -1, "text"=>MText::_("inherited")),
array("val"=> 0, "text"=>MText::_("denied")),
array("val"=> 1, "text"=>MText::_("allowed"))
),$rights->get($name),1,null,' id="'.$name.'_'.$data->id.'" autocomplete="off"
class="mRightSelect'.$isUse.' '.$isUse. '_' . $data->id .'" namespace="'.$name.'" group_id="'.$data->id.'" parent_id="'.$data->parent_id.'" calc_value="'.(int) $calculated->get($name).'"');
$c->add('<td id="td_action_'.$name.'_'.$data->id.'"> <div style="position: relative;">'. $select . $hideMe . '</div></td>');
$c->add('<td id="td_calc_'.$name.'_'.$data->id.'" class="mNoSelect"> <div style="position: relative">'. ( ($calculated->get($name)) ?
'<span class="allowed'.$isUse.'_calc '.$isUse. '_calc_' . $data->id .'" id="calc_'.$name.'_'.$data->id.'" action_id="'.$name.'_'.$data->id.'">' . MText::_("allowed") . '</span>' :
'<span class="notallowed'.$isUse.'_calc '.$isUse. '_calc_' . $data->id .'" id="calc_'.$name.'_'.$data->id.'" action_id="'.$name.'_'.$data->id.'">' . MText::_("notallowed") .'</span>').
$hideMe . '</div></td>');
$c->add('</tr>');
}
$c->add('</tbody>');
$c->add('</table>');
if($data->isRoot){
$c->add('<div class="mSuperUsersAdviceDarken"></div><div class="mSuperUsersAdvice mNoSelect">'.MText::_("superusersrights").'</div>');
}
$c->add('</div>');
return $c->get();
}
function _default()
{
global $dir;
if (!MRights::can("open")) {
$path = _FM_HOME_DIR . DS . "images" . DS . "noauth.png";
$size = getimagesize($path);
readfile($path);
exit;
}
$size = getimagesize($dir);
$fp = fopen($dir, "rb");
if ($size && $fp) {
header("Content-type: {$size['mime']}");
fpassthru($fp);
exit;
} else {
// error
}
}
$mimeTypes = MFile::parseData(_FM_HOME_DIR . DS . "data" . DS . "suffix.ini", true, false);
$GLOBALS['mimeTypes'] = $mimeTypes;
//Task
$task = trim(MRequest::cmd('task'));
$GLOBALS['task'] = $task;
//View
$view = trim(MRequest::cmd('view', 'default'));
$GLOBALS['view'] = $view;
//Check if this is a first time call
if (!MFile::is(_FM_HOME_DIR . DS . "data" . DS . "diagnostic_log.php")) {
$view = 'diagnostics';
$GLOBALS['view'] = $view;
}
//Check root only views
$rootOnlyViews = array("rootsandrights", "config", "diagnostics");
if (in_array($view, $rootOnlyViews) && !MRights::userIsRoot() && !_FM_IS_DEMO) {
ob_start();
include "templates" . DS . "noaccess.php";
$dieOut = ob_get_clean();
ob_get_clean();
die($dieOut);
}
//File
$file = MRequest::clean('file');
$file = urldecode(myStripSlashes($file));
$file = MRequest::filter($file, MREQUEST_CLEANPATH);
$GLOBALS['file'] = $file;
//Destination
$destination = urldecode(MRequest::clean('destination'));
$destination = MRequest::filter($destination, MREQUEST_CLEANPATH);
$destination = _START_FOLDER . myStripSlashes($destination);
function newitem()
{
global $dir;
if (!MRights::can("new")) {
$this->view->authError("new");
return;
}
$name = MRequest::clean('newname', null);
$name = end(preg_split("/[\\/\\,]+/", $name));
$error = null;
if (!$dir) {
$error .= MText::_("nodir") . "<br>";
}
if (!$name) {
$error .= MText::_("noname") . "<br>";
}
if (!$error) {
$status = @mkdir($dir . DS . $name, 0755);
if ($status) {
$this->view->add2Content('ok');
} else {
$error .= MText::_("nocreatefolder");
$this->view->add2Content('_fmError' . $error);
}
} else {
$this->view->add2Content('_fmError' . $error);
}
}
protected function popupError($rule = null)
{
$errorText = '<div class="mPopupAuthError">' . ($rule ? MRights::getError($rule, 1) : MText::_("noauth")) . '</div>';
$this->view->add2Content('<script noCache="1">newDarkenPopup(\'error\',mText.error,\'' . $errorText . '\',500,150);</script>');
$this->view->add2Content(fmGetFiles());
}
protected function _noAuth($rule = null)
{
$this->view->content('
<table width="100%" height="100%" cellspacing="0" cellpadding="0" border="0"><tbody>
<tr>
<td align="center" valign="middle"><span class="noAuth">' . MRights::getError($rule, 1) . '</span></td>
</tr>
</tbody></table>
');
}
public static function getInstance($id = null)
{
static $instances;
if (!isset(self::$rights)) {
self::$rights = array();
self::$calcultedRights = array();
}
if (!isset($instances)) {
$instances = array();
}
if ($id !== null && isset($instances[$id])) {
return $instances[$id];
} else {
if ($id !== null) {
$instances[$id] = new MRights($id);
self::$folderCount++;
return $instances[$id];
}
}
return new MRights($id);
}
function _default()
{
//Output
$this->view->add2Content(MRights::toJSON());
}
protected function _rightsSave($id = null)
{
if ($id === null || $id < 0) {
MPeer::redirect(MURL::_("rootsandrights", null, "rights"));
}
$rights = MRights::getInstance($id);
$rights->fetchData();
if (!_FM_IS_DEMO) {
$rights->save();
}
$groupTab = MRequest::int("grouptab", null);
$gtab = $groupTab !== null ? '&grouptab=' . $groupTab : '';
$this->view->addPreToContent($_REQUEST);
MPeer::redirect(MURL::_("rootsandrights", null, "rights") . '&id=' . $id . $gtab . MSaved::url());
}
* @license Libraries can be under a different license in other environments
* @license Media files owned and created by Mad4Media such as
* @license Javascript / CSS / Shockwave or Images are licensed under GFML (GPL Friendly Media License). See GFML.txt.
* @license 3rd party scripts are under the license of the copyright holder. See source header or license text file which is included in the appropriate folders
* @version 1.0
* @link http://www.mad4media.de
* Creation date 2013/02
*/
//CUSTOMPLACEHOLDER
//CUSTOMPLACEHOLDER2
defined('_JEXEC') or die;
$imagePath = _FM_HOME_FOLDER . "/images/";
$imagesLangPath = $imagePath . "languages/en-GB/";
$isRoot = MRights::userIsRoot();
$advice = '<span style="color:red; font-weight: bold;">Only for Superadmins</span>';
?>
<!-- INFO STARTS HERE -->
<div style="margin: 10px;">
<table cellpadding="0" cellspacing="0" border="0" style="width:100%;" class="infoTable"><tbody>
<tr>
<td align="left" valign="top" colspan="2"><h1 style="padding-left:50px;">Thank you for choosing ProFiles.</h1><br/></td>
</tr>
<tr>
<td align="left" valign="top" style="width:300px;"><img src="<?php echo $imagePath;?>cover.png" /></td>
<td align="left" valign="top">
<ul style="font-size: 16px;">
<li>Version: <b><?php echo $isRoot ? MVersion::getFull() : $advice; ?></b></li>
<li>Author: <?php echo MVersion::getAuthor(); ?></li>
protected function _noAuth($rule = null)
{
$this->view->content('
<table width="100%" height="100%" cellspacing="0" cellpadding="0" border="0"><tbody>
<tr>
<td align="center" valign="middle">
<span style="font-family: Trebuchet MS, Tahoma, Arial, sans-serif;font-size: 18px; font-weight: bold;">
' . MRights::getError($rule, 1) . '
</span>
</td>
</tr>
</tbody></table>
');
}
public function getFolderAccess()
{
$obj = new stdClass();
$obj->count = 0;
$obj->names = array();
$obj->paths = array();
$o = $this->data->get("folders", array());
foreach ($o as $key => $mdo) {
if (MRights::can("use", (int) $key)) {
$obj->count++;
$path = $mdo->get("path", null);
$name = $mdo->get("name", null);
if (!$name) {
$name = basename($path);
}
$obj->names[$key] = $name;
$obj->paths[$key] = $path;
}
}
return $obj;
}
function authError($rule = null, $raw = false, $customContent = null)
{
if (!$rule) {
return;
}
$content = (!$raw ? '_fmError' : '') . ($customContent ? $customContent : MRights::getError($rule, 1));
$this->slots["content"] = $content;
}
function fmGetFiles(){
global $dir;
$maxThumbnailSize = (int) MConfig::instance()->get("max_tn_size", 51200);
$filesView = $GLOBALS['filesView'];
$c = new MContainer();
$classPostFix = ($filesView==2)? "XXL":null;
$mt = "margin-top: 0px;";
$files = MFile::filesInfo($dir);
$dirs = MFile::getDir($dir,false);
$canOpen= MRights::can("open");
if($files || $dirs){
$c->add('<form id="filesFormNode" method="post" action="'.MURL::_("xhrfiles").'">');
$c->add('<input type="hidden" name="task" value="move" id="selectFilesTask">');
$c->add('<input type="hidden" name="dir" value="'.MURL::safePath($dir).'" id="currentDir">');
$c->add('<input type="hidden" name="file" value="" id="selectedFile">');
$c->add('<input type="hidden" name="newname" value="" id="newFileName">');
$c->add('<input type="hidden" name="destination" value="" id="destinationFolder">');
$c->add('<input type="hidden" name="zipname" value="" id="zipName">');
$c->add('<input type="hidden" name="chmod" value="" id="changeMode">');
$c->add('<div class="mSelectable fullSpace" style="height:auto; '.$mt.'" namespace="files" selecttype="winlike" dragable="folders" ordering="1" dblc="filesDblc" dropfunc="filesDropp">');
$c->add('<div id="mSortWrap">');
$counter = 0;
foreach($dirs as $_dir){
$odd = ($counter&1 && $classPostFix!="XXL")? " odd": "";
$_dir->mode = modeStandard($_dir->mode);
$wp ="";
$wpList="";
if( ! $_dir->isWritable){
$wp = '<span class=\'writeProtected\'>'.MText::_("write_protected")."</span><br>";
$wpList = ' style="color:red;" ';
}
// processing image thumbnails
$image = "";
if($classPostFix=="XXL"){
// is XXL
$baseNameWrapInfo = wordwrap($_dir->baseName,20,'<br>',true);
if(strlen($_dir->baseName)>17){
$baseNameWrap = substr($_dir->baseName,0,14)."...";
}else{
$baseNameWrap = $_dir->baseName;
}
// Not an Image or not a browser supported image
$info = "<b style='color:#517ab9;'>".$baseNameWrapInfo."</b><br>".MText::_('type').": ".MText::_('folder')."<br>".MText::_('mode').": ".$_dir->mode.'<br>'.MText::_('owner').": ".$_dir->owner."<br>".$wp;
$image = '<div class="mImgWrapper"><center><img src="'._FM_HOME_FOLDER.'/images/bigicons/folder.png" info="'.$info.'" style="width:96px;height:96px;"/></center></div>';
$c->add('<div class="mSelect'.$classPostFix.$odd.
' mSelectFolder" droppable="folders" sid="'.$counter++.'" href="'.MURL::safePath($_dir->fileName).'" array="selectedFiles" type="" baseName="'.$_dir->baseName.'" chmod="'.$_dir->mode.'">'.$image.
'<span>'.$baseNameWrap.'</span>'.
'
<div class="mListingName mHide" data="'.urlencode(strtolower($_dir->baseName) ).'"></div>
<div class="mListingSize mHide" data="-1"></div>
<div class="mListingType mHide" data="'.urlencode(MText::_("folder")).'"></div>
<div class="mListingChanged mHide" data="'.urlencode($_dir->lastModifiedTimestamp).'"></div>
<div class="mListingRights mHide" data="'.urlencode($_dir->mode).'"></div>
<div class="mListingOwner mHide" data="'.urlencode($_dir->owner).'"></div>
'.
'</div>');
}else{
// is not XXL
$image = '<img src="'._FM_HOME_FOLDER.'/images/icons/folder.png" align="left"/>';
$c->add('<div class="mSelect'.$classPostFix.$odd.
' mSelectFolder" droppable="folders" sid="'.$counter++.'" href="'.MURL::safePath($_dir->fileName).'" array="selectedFiles" type="" baseName="'.$_dir->baseName.'" chmod="'.$_dir->mode.'">'
.'
<div class="mListingName" data="'.urlencode(strtolower($_dir->baseName) ).'">'.'<span>'.$image.$_dir->baseName.'</span></div>
<div class="mListingSize" data="-1"><span></span></div>
<div class="mListingType" data="'.urlencode(MText::_("folder")).'"><span>'.MText::_("folder").'</span></div>
<div class="mListingChanged" data="'.urlencode($_dir->lastModifiedTimestamp).'"><span>'.$_dir->lastModified.'</span></div>
<div class="mListingRights" data="'.urlencode($_dir->mode).'"><span'.$wpList.'>('.$_dir->mode.') '.$_dir->permmask.'</span></div>
<div class="mListingOwner" data="'.urlencode($_dir->owner).'"><span>'.$_dir->owner.'</span></div>
'.
'</div>');
}//EOF not XXL
// EOF processing image thumbnails
}//EOF DIR loop
// Files loop
if($files){
foreach($files as $file){
$odd = ($counter&1 && $classPostFix!="XXL")? " odd": "";
$file->mode = modeStandard($file->mode);
$audio ="";
if($file->extension == "mp3"){
$audio = 'audio="mp3" ';
}
$wp ="";
$wpList="";
$wpXXL ="";
if( ! $file->isWritable){
$wp = '<span class=\'writeProtected\'>'.MText::_("write_protected")."</span><br>";
$wpList = ' style="color:red;" ';
$wpXXL = '<img class="wp" src="'._FM_HOME_FOLDER.'/images/wp.png" />';
}
// processing image thumbnails
$image = "";
if($classPostFix=="XXL"){
// is XXL
$baseNameWrapInfo = wordwrap($file->baseName,20,'<br>',true);
if(strlen($file->baseName)>17){
$baseNameWrap = substr($file->baseName,0,14)."...";
}else{
$baseNameWrap = $file->baseName;
}
if($file->isImage){
$size = getimagesize($file->fileName);
$w = (int) $size[0];
$h = (int) $size[1];
if(!$canOpen){
$w = 96; $h = 76;
if(_M_IMAGE_VIEW_STATE){
$wp .= '<span class=\'noAuthPreview\'>'.MText::_("rights_noauth_preview")."</span><br>";
}
}
if(!_M_IMAGE_VIEW_STATE){
$info = "<b style='color:#517ab9;'>".$baseNameWrapInfo."</b><br>".MText::_('dim').": ".$w." x ".$h.'<br>'.MText::_('type').": ".$file->extension."<br>".MText::_('size').": ".$file->smartSize."<br>".MText::_('mode').": ".$file->mode.'<br>'.MText::_('owner').": ".$file->owner."<br>".$wp;
$image = '<div class="mImgWrapper"><center><img src="'._FM_HOME_FOLDER.'/images/bigicons/image.png" info="'.$info.'" style="width:96px;height:96px;"/></center>'.$wpXXL.'</div>';
}else{
if($file->size <= (int) $maxThumbnailSize ){
$fit = fitImage2Box(96,96,$w,$h);
$x = $fit["w"];
$y = $fit["h"];
$info = "<b style='color:#517ab9;'>".$baseNameWrapInfo."</b><br>".MText::_('dim').": ".$w." x ".$h.'<br>'.MText::_('type').": ".$file->extension."<br>".MText::_('size').": ".$file->smartSize."<br>".MText::_('mode').": ".$file->mode.'<br>'.MText::_('owner').": ".$file->owner."<br>".$wp;
$image = '<div class="mImgWrapper" align="center"><center><img align="center" src="'.MURL::_("xhrimage",MURL::safePath($file->fileName)).'" style="width:'.$x.'px; height:'.$y.'px;" info="'.$info.'" /><center>'.$wpXXL.'</div>';
}else{
// Image is too large
$info = "<b style='color:#517ab9;'>".$baseNameWrapInfo."</b><br>".MText::_('dim').": ".$w." x ".$h.'<br>'.MText::_('type').": ".$file->extension."<br>".MText::_('size').": ".$file->smartSize."<br>".MText::_('mode').": ".$file->mode.'<br>'.MText::_('owner').": ".$file->owner."<br>".$wp;
$image = '<div class="mImgWrapper"><center><img src="'._FM_HOME_FOLDER.'/images/bigicons/image.png" info="'.$info.'<span class=\'itb\'>'.MText::_("imagetoolarge").'</span>'.'" style="width:96px;height:96px;"/></center>'.$wpXXL.'</div>';
}
}
}else{
// Not an Image or not a browser supported image
$info = "<b style='color:#517ab9;'>".$baseNameWrapInfo."</b><br>".MText::_('type').": ".$file->extension."<br>".MText::_('size').": ".$file->smartSize."<br>".MText::_('mode').": ".$file->mode.'<br>'.MText::_('owner').": ".$file->owner."<br>".$wp;
$image = '<div class="mImgWrapper"><center><img src="'.MIcon::_($file->extension,1).'" info="'.$info.'" style="width:96px;height:96px;"/></center>'.$wpXXL.'</div>';
}
$c->add('<div class="mSelect'.$classPostFix.$odd.
'" sid="'.$counter++.'" href="'.MURL::safePath($file->fileName).'" array="selectedFiles" type="'.$file->extension.'" baseName="'.$file->baseName.'" chmod="'.$file->mode.'">'.$image.
'<span>'.$baseNameWrap.'</span>'.
'
<div class="mListingName mHide" data="'.urlencode(strtolower($file->baseName) ).'"></div>
<div class="mListingSize mHide" data="'.urlencode($file->size).'"></div>
<div class="mListingType mHide" data="'.urlencode($file->extension).'"></div>
<div class="mListingChanged mHide" data="'.urlencode($file->lastModifiedTimestamp).'"></div>
<div class="mListingRights mHide" data="'.urlencode($file->mode).'"></div>
<div class="mListingOwner mHide" data="'.urlencode($file->owner).'"></div>
'.
'</div>');
}else{
// is not XXL
$image = '<img src="'. MIcon::_($file->extension).'" align="left"/>';
$c->add('<div class="mSelect'.$classPostFix.$odd.
' mSelectFile" sid="'.$counter++.'" href="'.MURL::safePath($file->fileName).'" array="selectedFiles" type="'.$file->extension.'" baseName="'.$file->baseName.'" chmod="'.$file->mode.'">'
.'
<div class="mListingName" data="'.urlencode(strtolower($file->baseName) ).'">'.'<span'.$wpList.'>'.$image.$file->baseName.'</span></div>
<div class="mListingSize" data="'.urlencode($file->size).'"><span>'.$file->smartSize.'</span></div>
<div class="mListingType" data="'.urlencode($file->extension).'"><span>'.strtoupper($file->extension).'</span></div>
<div class="mListingChanged" data="'.urlencode($file->lastModifiedTimestamp).'"><span>'.$file->lastModified.'</span></div>
<div class="mListingRights" data="'.urlencode($file->mode).'"><span'.$wpList.'>('.$file->mode. ') ' . $file->permmask. '</span></div>
<div class="mListingOwner" data="'.urlencode($file->owner).'"><span>'.$file->owner.'</span></div>
'.
'</div>');
}//EOF not XXL
// EOF processing image thumbnails
}//EOF files loop
}//EOF is files
$c->add('</div">'); // EOF sortWrap
if($counter!=0){
$c->add("<span style='display:none;' id='selectStopNo' value='".($counter-1)."'></span>");
}
$c->add('</div></form>');
}else{
$c->add('<form id="filesFormNode" method="post" action="'.MURL::_("xhrfiles").'">');
$c->add('<input type="hidden" name="task" value="move" id="selectFilesTask">');
$c->add('<input type="hidden" name="dir" value="'.MURL::safePath($dir).'" id="currentDir">');
$c->add('<input type="hidden" name="file" value="" id="selectedFile">');
$c->add('<input type="hidden" name="newname" value="" id="newFileName">');
$c->add('<input type="hidden" name="destination" value="" id="destinationFolder">');
$c->add('<input type="hidden" name="zipname" value="" id="zipName">');
$c->add('<input type="hidden" name="chmod" value="" id="changeMode">');
$c->add('</form>');
}
$c->add('<div id="mCleanOrder" style="display:none;" unique="'.md5(uniqid()).'"></div>'. "\n");
$c->add('<div id="mFetchTitle" style="display:none;">'. str_replace(array("/","\\"), " - ", str_replace(_START_FOLDER, "", $dir) ).'</div>'. "\n");
$c->add('<div id="mGoUpUrl" style="display:none;">'. MURL::safePath($dir).'</div>'. "\n");
return $c->get();
}