$joomla_config = dirname(__FILE__) . "/" . $path_c . "../../../configuration.php";
if (file_exists($joomla_config)) {
include $joomla_config;
}
@ob_end_clean();
set_error_handler('on_error');
$goon = true;
if (isset($_SESSION["IS_ADMIN"])) {
$joomla_path = $path_1 . 'components/com_jfuploader/tfu/';
$path_fix = "../";
} else {
if (isset($_SESSION["IS_FRONTEND"])) {
$joomla_path = $path_2 . 'components/com_jfuploader/tfu/';
$path_fix = "../";
} else {
tfu_debug("Config call, illegal direct access or missing session settings - your browser has to be closed to get a new session. Please check your session_save_path if you get this error all the time or create the folder session_cache in the tfu folder to activate the session workaround.");
echo '
<style type="text/css">
body { font-family : Arial, Helvetica, sans-serif; font-size: 12px; background-color:#ffffff; }
td { vertical-align: top; font-size: 12px; }
.install { text-align:center; margin-left: auto; margin-right: auto; margin-top: 3em; margin-bottom: 3em; padding: 10px; border: 1px solid #cccccc; width: 450px; background: #F1F1F1; }
</style>';
echo '<div class="install">';
echo 'You server is configured properly to access the needed files of JFU.<br>Please go to the Joomla Administration of JFU to see your server limits.';
echo '</div>';
// maybe the session is lost - we try to do the workaround if the file was called by a parameter!
if (strlen($_SERVER['QUERY_STRING']) > 5) {
checkSessionTempDir();
}
die;
$goon = false;
function check_multiple_extensions($image, $remove_multiple_php_extension)
{
if ($remove_multiple_php_extension) {
$ext = getExtension($image);
if (substr($ext, 0, 2) != "php") {
$image2 = str_replace(".php", "", $image);
if ($image != $image2) {
tfu_debug("SECURITY WARNING: Please check the file " . $image2 . ". It was uploaded with an image extensions and also a nested php extension. On some server this is a security problem (multiple extensions) and therefore the .php part of the file name was removed!");
$image = $image2;
}
}
}
return $image;
}
$install_path = '';
// do not change!
include 'tfu_helper.php';
restore_temp_session();
// this restores a lost session if your server handles sessions wrong and increases the session time!
include 'tfu_config.php';
// check if all included files have the same version to avoid problems during update!
if ($tfu_config_version != '2.15' || $tfu_help_version != '2.15') {
tfu_debug('Not all files belong to this version. Please update all files.');
}
if (isset($_SESSION['TFU_LOGIN']) && isset($_SESSION['TFU_RN']) && isset($_GET['tfu_rn']) && $_SESSION['TFU_RN'] == parseInputParameter($_GET['tfu_rn'])) {
$dir = getCurrentDir();
// if you have more complex filenames you can use the index
$action = parseInputParameter($_GET['action']);
if ($enable_enhanced_debug) {
tfu_debug("Action:" . $action . "; Directory: " . $dir);
}
// The extra functionality for twg is on an exern class to make updating much easier
if (file_exists('twg_plugin.php')) {
include_once 'twg_plugin.php';
reset_twg_cache($action);
}
// end plugin
if (isset($_GET['index']) && $action != 'dir') {
// file functions!
if (isset($_GET['copyfolder']) && $_GET['copyfolder'] == "true" || isset($_GET['createfile'])) {
$file = "";
// not needed for this task
} else {
$file = getFileName($dir);
// returns an array if more than one is selected!
}
if ($remaining == 0) {
// cleanup
unset($_SESSION['TFU_PRE_UPLOAD_DATA']);
}
// end of e-mail section
if ($enable_upload_debug) {
tfu_debug('9. End upload');
}
store_temp_session();
if ($enable_upload_debug) {
tfu_debug('10. End store session');
}
} else {
if (isset($_GET['remaining']) && isset($_GET['firstStart'])) {
// seems like the session is lost! therefore we create a temp dir that enables TFU session handling
if ($enable_upload_debug) {
tfu_debug('2. Authenification NOT sucessfull');
}
checkSessionTempDir();
echo 'Not logged in!';
} else {
if ($enable_upload_debug) {
tfu_debug('2a. Authenification NOT sucessfull');
}
echo 'Not logged in!';
}
}
echo ' ';
// important - solves bug for Mac!
flush();
* Only be aware that you have to do something!
* ----------------------------
*/
/**
* Start parameters - don't remove the parameters part -
* The paramters are needed even if you implement your own
* authentification It makes sure that the flash is the client
*/
$user = parseInputParameter($_POST['twg_user']);
$pass = parseInputParameter($_POST['twg_pass']);
$rn = parseInputParameter($_POST['twg_rn']);
$rn = substr(session_id(), 0, 5) . $rn . session_id();
include $install_path . "tfu_config.php";
// check if all included files have the same version to avoid problems during update!
if ($tfu_config_version != '2.15' || $tfu_help_version != '2.15') {
tfu_debug('Not all files belong to this version. Please update all files.');
}
/**
* end parameters - now you can implement your own authentification and autorisation
*/
/**
* AUTHENTIFICATION
*
* This part is interesting if you want to use the login!
*/
/**
* TFU has a very simply user managment included -
* add users/folders/paths at .htusers.php.
* The password is encrypted - please use the password generator that is included.
* Read the "Important" part on top!
*/