$loggedUser = AuthService::getLoggedUser(); if ($action == "upload" && ($loggedUser == null || !$loggedUser->canWrite(ConfService::getCurrentRootDirIndex() . "")) && isset($_FILES['Filedata'])) { header('HTTP/1.0 ' . '410 Not authorized'); die('Error 410 Not authorized!'); } } // THIS FIRST DRIVERS DO NOT NEED ID CHECK $ajxpDriver = AJXP_PluginsService::findPlugin("gui", "ajax"); $ajxpDriver->init(ConfService::getRepository()); $authDriver = ConfService::getAuthDriverImpl(); // DRIVERS BELOW NEED IDENTIFICATION CHECK if (!AuthService::usersEnabled() || ALLOW_GUEST_BROWSING || AuthService::getLoggedUser() != null) { $confDriver = ConfService::getConfStorageImpl(); $Driver = ConfService::loadRepositoryDriver(); } ConfService::initActivePlugins(); require_once INSTALL_PATH . "/server/classes/class.AJXP_Controller.php"; $xmlResult = AJXP_Controller::findActionAndApply($action, array_merge($_GET, $_POST), $_FILES); if ($xmlResult !== false && $xmlResult != "") { AJXP_XMLWriter::header(); print $xmlResult; AJXP_XMLWriter::close(); exit(1); } if (isset($requireAuth)) { AJXP_XMLWriter::header(); AJXP_XMLWriter::requireAuth(); AJXP_XMLWriter::close(); exit(1); } session_write_close();
/** * @static * @param Array $data * @return void */ static function loadPubliclet($data) { // create driver from $data $className = $data["DRIVER"] . "AccessDriver"; $hash = md5(serialize($data)); if ($data["EXPIRE_TIME"] && time() > $data["EXPIRE_TIME"] || $data["DOWNLOAD_LIMIT"] && $data["DOWNLOAD_LIMIT"] > 0 && $data["DOWNLOAD_LIMIT"] <= PublicletCounter::getCount($hash)) { // Remove the publiclet, it's done if (strstr(realpath($_SERVER["SCRIPT_FILENAME"]), realpath(ConfService::getCoreConf("PUBLIC_DOWNLOAD_FOLDER"))) !== FALSE) { PublicletCounter::delete($hash); unlink($_SERVER["SCRIPT_FILENAME"]); } echo "Link is expired, sorry."; exit; } // Load language messages $language = "en"; if (isset($_GET["lang"])) { $language = $_GET["lang"]; } $messages = array(); if (is_file(dirname(__FILE__) . "/res/i18n/" . $language . ".php")) { include dirname(__FILE__) . "/res/i18n/" . $language . ".php"; $messages = $mess; } else { include dirname(__FILE__) . "/res/i18n/en.php"; } $AJXP_LINK_HAS_PASSWORD = false; $AJXP_LINK_BASENAME = SystemTextEncoding::toUTF8(basename($data["FILE_PATH"])); // Check password if (strlen($data["PASSWORD"])) { if (!isset($_POST['password']) || $_POST['password'] != $data["PASSWORD"]) { $AJXP_LINK_HAS_PASSWORD = true; $AJXP_LINK_WRONG_PASSWORD = isset($_POST['password']) && $_POST['password'] != $data["PASSWORD"]; include AJXP_INSTALL_PATH . "/plugins/action.share/res/public_links.php"; return; } } else { if (!isset($_GET["dl"])) { include AJXP_INSTALL_PATH . "/plugins/action.share/res/public_links.php"; return; } } $filePath = AJXP_INSTALL_PATH . "/plugins/access." . $data["DRIVER"] . "/class." . $className . ".php"; if (!is_file($filePath)) { die("Warning, cannot find driver for conf storage! ({$className}, {$filePath})"); } require_once $filePath; $driver = new $className($data["PLUGIN_ID"], $data["BASE_DIR"]); $driver->loadManifest(); $hash = md5(serialize($data)); PublicletCounter::increment($hash); AuthService::logUser($data["OWNER_ID"], "", true); if ($driver->hasMixin("credentials_consumer") && isset($data["SAFE_USER"]) && isset($data["SAFE_PASS"])) { // FORCE SESSION MODE AJXP_Safe::getInstance()->forceSessionCredentialsUsage(); AJXP_Safe::storeCredentials($data["SAFE_USER"], $data["SAFE_PASS"]); } $repoObject = $data["REPOSITORY"]; ConfService::switchRootDir($repoObject->getId()); ConfService::loadRepositoryDriver(); ConfService::initActivePlugins(); try { $params = array("file" => SystemTextEncoding::toUTF8($data["FILE_PATH"])); if (isset($data["PLUGINS_DATA"])) { $params["PLUGINS_DATA"] = $data["PLUGINS_DATA"]; } AJXP_Controller::findActionAndApply($data["ACTION"], $params, null); } catch (Exception $e) { die($e->getMessage()); } }