/** * Method to set client login credentials * * @param string $client Client name, currently only 'ftp' is supported * @param string $user Username * @param string $pass Password * * @return boolean True if the given login credentials have been set and are valid * * @since 11.1 */ public static function setCredentials($client, $user, $pass) { $return = false; $client = strtolower($client); // Test if the given credentials are valid switch ($client) { case 'ftp': $config = JFactory::getConfig(); $options = array('enabled' => $config->get('ftp_enable'), 'host' => $config->get('ftp_host'), 'port' => $config->get('ftp_port')); if ($options['enabled']) { $ftp = JClientFtp::getInstance($options['host'], $options['port']); // Test the connection and try to log in if ($ftp->isConnected()) { if ($ftp->login($user, $pass)) { $return = true; } $ftp->quit(); } } break; default: break; } if ($return) { // Save valid credentials to the session $session = JFactory::getSession(); $session->set($client . '.user', $user, 'JClientHelper'); $session->set($client . '.pass', $pass, 'JClientHelper'); // Force re-creation of the data saved within JClientHelper::getCredentials() self::getCredentials($client, true); } return $return; }
/** * Returns the global FTP connector object, only creating it * if it doesn't already exist. * * You may optionally specify a username and password in the parameters. If you do so, * you may not login() again with different credentials using the same object. * If you do not use this option, you must quit() the current connection when you * are done, to free it for use by others. * * @param string $host Host to connect to * @param string $port Port to connect to * @param array $options Array with any of these options: * type=>[FTP_AUTOASCII|FTP_ASCII|FTP_BINARY], timeout=>(int) * @param string $user Username to use for a connection * @param string $pass Password to use for a connection * * @return JFTP The FTP Client object. * * @since 11.1 */ public static function getClient($host = '127.0.0.1', $port = '21', $options = null, $user = null, $pass = null) { //-- Avoid all this mess by declaring JFtp::getInstance() as "static" !! $options = array(); $x = new JClientFtp($options); return $x->getInstance($host, $port, $options, $user, $pass); }
/** * Execute the controller. * * @return void * * @since 3.1 */ public function execute() { // Get the application /* @var InstallationApplicationWeb $app */ $app = $this->getApplication(); // Check for request forgeries. JSession::checkToken() or $app->sendJsonResponse(new Exception(JText::_('JINVALID_TOKEN'), 403)); $path = JPATH_INSTALLATION; // Check whether the folder still exists if (!file_exists($path)) { $app->sendJsonResponse(new Exception(JText::sprintf('INSTL_COMPLETE_ERROR_FOLDER_ALREADY_REMOVED'), 500)); } // Check whether we need to use FTP $useFTP = false; if (file_exists($path) && !is_writable($path)) { $useFTP = true; } // Check for safe mode if (ini_get('safe_mode')) { $useFTP = true; } // Enable/Disable override if (!isset($options->ftpEnable) || $options->ftpEnable != 1) { $useFTP = false; } if ($useFTP == true) { // Connect the FTP client $ftp = JClientFtp::getInstance($options->ftp_host, $options->ftp_port); $ftp->login($options->ftp_user, $options->ftp_pass); // Translate path for the FTP account $file = JPath::clean(str_replace(JPATH_CONFIGURATION, $options->ftp_root, $path), '/'); $return = $ftp->delete($file); // Delete the extra XML file while we're at it if ($return) { $file = JPath::clean($options->ftp_root . '/joomla.xml'); if (file_exists($file)) { $return = $ftp->delete($file); } } // Rename the robots.txt.dist file to robots.txt if ($return) { $robotsFile = JPath::clean($options->ftp_root . '/robots.txt'); $distFile = JPath::clean($options->ftp_root . '/robots.txt.dist'); if (!file_exists($robotsFile) && file_exists($distFile)) { $return = $ftp->rename($distFile, $robotsFile); } } $ftp->quit(); } else { /* * Try to delete the folder. * We use output buffering so that any error message echoed JFolder::delete * doesn't land in our JSON output. */ ob_start(); $return = JFolder::delete($path) && (!file_exists(JPATH_ROOT . '/joomla.xml') || JFile::delete(JPATH_ROOT . '/joomla.xml')); // Rename the robots.txt.dist file if robots.txt doesn't exist if ($return && !file_exists(JPATH_ROOT . '/robots.txt') && file_exists(JPATH_ROOT . '/robots.txt.dist')) { $return = JFile::move(JPATH_ROOT . '/robots.txt.dist', JPATH_ROOT . '/robots.txt'); } ob_end_clean(); } // If an error was encountered return an error. if (!$return) { $app->sendJsonResponse(new Exception(JText::_('INSTL_COMPLETE_ERROR_FOLDER_DELETE'), 500)); } // Create a response body. $r = new stdClass(); $r->text = JText::_('INSTL_COMPLETE_FOLDER_REMOVED'); /* * Send the response * This is a hack since by now, the rest of the folder is deleted and we can't make a new request */ $this->sendJsonResponse($r); }
/** * Moves an uploaded file to a destination folder * * @param string $src The name of the php (temporary) uploaded file * @param string $dest The path (including filename) to move the uploaded file to * @param boolean $use_streams True to use streams * * @return boolean True on success * * @since 11.1 */ public static function upload($src, $dest, $use_streams = false) { // Ensure that the path is valid and clean $dest = JPath::clean($dest); // Create the destination directory if it does not exist $baseDir = dirname($dest); if (!file_exists($baseDir)) { jimport('joomla.filesystem.folder'); JFolder::create($baseDir); } if ($use_streams) { $stream = JFactory::getStream(); if (!$stream->upload($src, $dest)) { JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_UPLOAD', $stream->getError()), JLog::WARNING, 'jerror'); return false; } return true; } else { $FTPOptions = JClientHelper::getCredentials('ftp'); $ret = false; if ($FTPOptions['enabled'] == 1) { // Connect the FTP client $ftp = JClientFtp::getInstance($FTPOptions['host'], $FTPOptions['port'], array(), $FTPOptions['user'], $FTPOptions['pass']); // Translate path for the FTP account $dest = JPath::clean(str_replace(JPATH_ROOT, $FTPOptions['root'], $dest), '/'); // Copy the file to the destination directory if (is_uploaded_file($src) && $ftp->store($src, $dest)) { unlink($src); $ret = true; } else { JLog::add(JText::_('JLIB_FILESYSTEM_ERROR_WARNFS_ERR02'), JLog::WARNING, 'jerror'); } } else { if (is_writeable($baseDir) && move_uploaded_file($src, $dest)) { // Short circuit to prevent file permission errors if (JPath::setPermissions($dest)) { $ret = true; } else { JLog::add(JText::_('JLIB_FILESYSTEM_ERROR_WARNFS_ERR01'), JLog::WARNING, 'jerror'); } } else { JLog::add(JText::_('JLIB_FILESYSTEM_ERROR_WARNFS_ERR02'), JLog::WARNING, 'jerror'); } } return $ret; } }
/** * Method to create the configuration file * * @param array $options The session options * * @return boolean True on success * * @since 3.1 */ public function _createConfiguration($options) { // Create a new registry to build the configuration options. $registry = new Registry(); // Site settings. $registry->set('offline', $options->site_offline); $registry->set('offline_message', JText::_('INSTL_STD_OFFLINE_MSG')); $registry->set('display_offline_message', 1); $registry->set('offline_image', ''); $registry->set('sitename', $options->site_name); $registry->set('editor', 'tinymce'); $registry->set('captcha', '0'); $registry->set('list_limit', 20); $registry->set('access', 1); // Debug settings. $registry->set('debug', 0); $registry->set('debug_lang', 0); // Database settings. $registry->set('dbtype', $options->db_type); $registry->set('host', $options->db_host); $registry->set('user', $options->db_user); $registry->set('password', $options->db_pass); $registry->set('db', $options->db_name); $registry->set('dbprefix', $options->db_prefix); // Server settings. $registry->set('live_site', ''); $registry->set('secret', JUserHelper::genRandomPassword(16)); $registry->set('gzip', 0); $registry->set('error_reporting', 'default'); $registry->set('helpurl', $options->helpurl); $registry->set('ftp_host', isset($options->ftp_host) ? $options->ftp_host : ''); $registry->set('ftp_port', isset($options->ftp_host) ? $options->ftp_port : ''); $registry->set('ftp_user', isset($options->ftp_save) && $options->ftp_save && isset($options->ftp_user) ? $options->ftp_user : ''); $registry->set('ftp_pass', isset($options->ftp_save) && $options->ftp_save && isset($options->ftp_pass) ? $options->ftp_pass : ''); $registry->set('ftp_root', isset($options->ftp_save) && $options->ftp_save && isset($options->ftp_root) ? $options->ftp_root : ''); $registry->set('ftp_enable', isset($options->ftp_host) ? $options->ftp_enable : 0); // Locale settings. $registry->set('offset', 'UTC'); // Mail settings. $registry->set('mailonline', 1); $registry->set('mailer', 'mail'); $registry->set('mailfrom', $options->admin_email); $registry->set('fromname', $options->site_name); $registry->set('sendmail', '/usr/sbin/sendmail'); $registry->set('smtpauth', 0); $registry->set('smtpuser', ''); $registry->set('smtppass', ''); $registry->set('smtphost', 'localhost'); $registry->set('smtpsecure', 'none'); $registry->set('smtpport', '25'); // Cache settings. $registry->set('caching', 0); $registry->set('cache_handler', 'file'); $registry->set('cachetime', 15); $registry->set('cache_platformprefix', 0); // Meta settings. $registry->set('MetaDesc', $options->site_metadesc); $registry->set('MetaKeys', ''); $registry->set('MetaTitle', 1); $registry->set('MetaAuthor', 1); $registry->set('MetaVersion', 0); $registry->set('robots', ''); // SEO settings. $registry->set('sef', 1); $registry->set('sef_rewrite', 0); $registry->set('sef_suffix', 0); $registry->set('unicodeslugs', 0); // Feed settings. $registry->set('feed_limit', 10); $registry->set('feed_email', 'none'); $registry->set('log_path', JPATH_ADMINISTRATOR . '/logs'); $registry->set('tmp_path', JPATH_ROOT . '/tmp'); // Session setting. $registry->set('lifetime', 15); $registry->set('session_handler', 'database'); // Generate the configuration class string buffer. $buffer = $registry->toString('PHP', array('class' => 'JConfig', 'closingtag' => false)); // Build the configuration file path. $path = JPATH_CONFIGURATION . '/configuration.php'; // Determine if the configuration file path is writable. if (file_exists($path)) { $canWrite = is_writable($path); } else { $canWrite = is_writable(JPATH_CONFIGURATION . '/'); } /* * If the file exists but isn't writable OR if the file doesn't exist and the parent directory * is not writable we need to use FTP. */ $useFTP = false; if (file_exists($path) && !is_writable($path) || !file_exists($path) && !is_writable(dirname($path) . '/')) { $useFTP = true; } // Check for safe mode. if (ini_get('safe_mode')) { $useFTP = true; } // Enable/Disable override. if (!isset($options->ftpEnable) || $options->ftpEnable != 1) { $useFTP = false; } if ($useFTP == true) { // Connect the FTP client. $ftp = JClientFtp::getInstance($options->ftp_host, $options->ftp_port); $ftp->login($options->ftp_user, $options->ftp_pass); // Translate path for the FTP account. $file = JPath::clean(str_replace(JPATH_CONFIGURATION, $options->ftp_root, $path), '/'); // Use FTP write buffer to file. if (!$ftp->write($file, $buffer)) { // Set the config string to the session. $session = JFactory::getSession(); $session->set('setup.config', $buffer); } $ftp->quit(); } else { if ($canWrite) { file_put_contents($path, $buffer); $session = JFactory::getSession(); $session->set('setup.config', null); } else { // Set the config string to the session. $session = JFactory::getSession(); $session->set('setup.config', $buffer); } } return true; }
/** * Create restoration file. * * @param string $basename Optional base path to the file. * * @return boolean True if successful; false otherwise. * * @since 2.5.4 */ public function createRestorationFile($basename = null) { // Get a password $password = JUserHelper::genRandomPassword(32); $app = JFactory::getApplication(); $app->setUserState('com_joomlaupdate.password', $password); // Do we have to use FTP? $method = JFactory::getApplication()->getUserStateFromRequest('com_joomlaupdate.method', 'method', 'direct', 'cmd'); // Get the absolute path to site's root. $siteroot = JPATH_SITE; // If the package name is not specified, get it from the update info. if (empty($basename)) { $updateInfo = $this->getUpdateInformation(); $packageURL = $updateInfo['object']->downloadurl->_data; $basename = basename($packageURL); } // Get the package name. $config = JFactory::getConfig(); $tempdir = $config->get('tmp_path'); $file = $tempdir . '/' . $basename; $filesize = @filesize($file); $app->setUserState('com_joomlaupdate.password', $password); $app->setUserState('com_joomlaupdate.filesize', $filesize); $data = "<?php\ndefined('_AKEEBA_RESTORATION') or die('Restricted access');\n"; $data .= '$restoration_setup = array(' . "\n"; $data .= <<<ENDDATA \t'kickstart.security.password' => '{$password}', \t'kickstart.tuning.max_exec_time' => '5', \t'kickstart.tuning.run_time_bias' => '75', \t'kickstart.tuning.min_exec_time' => '0', \t'kickstart.procengine' => '{$method}', \t'kickstart.setup.sourcefile' => '{$file}', \t'kickstart.setup.destdir' => '{$siteroot}', \t'kickstart.setup.restoreperms' => '0', \t'kickstart.setup.filetype' => 'zip', \t'kickstart.setup.dryrun' => '0' ENDDATA; if ($method != 'direct') { /* * Fetch the FTP parameters from the request. Note: The password should be * allowed as raw mode, otherwise something like !@<sdf34>43H% would be * sanitised to !@43H% which is just plain wrong. */ $ftp_host = $app->input->get('ftp_host', ''); $ftp_port = $app->input->get('ftp_port', '21'); $ftp_user = $app->input->get('ftp_user', ''); $ftp_pass = addcslashes($app->input->get('ftp_pass', '', 'raw'), "'\\"); $ftp_root = $app->input->get('ftp_root', ''); // Is the tempdir really writable? $writable = @is_writeable($tempdir); if ($writable) { // Let's be REALLY sure. $fp = @fopen($tempdir . '/test.txt', 'w'); if ($fp === false) { $writable = false; } else { fclose($fp); unlink($tempdir . '/test.txt'); } } // If the tempdir is not writable, create a new writable subdirectory. if (!$writable) { $FTPOptions = JClientHelper::getCredentials('ftp'); $ftp = JClientFtp::getInstance($FTPOptions['host'], $FTPOptions['port'], array(), $FTPOptions['user'], $FTPOptions['pass']); $dest = JPath::clean(str_replace(JPATH_ROOT, $FTPOptions['root'], $tempdir . '/admintools'), '/'); if (!@mkdir($tempdir . '/admintools')) { $ftp->mkdir($dest); } if (!@chmod($tempdir . '/admintools', 511)) { $ftp->chmod($dest, 511); } $tempdir .= '/admintools'; } // Just in case the temp-directory was off-root, try using the default tmp directory. $writable = @is_writeable($tempdir); if (!$writable) { $tempdir = JPATH_ROOT . '/tmp'; // Does the JPATH_ROOT/tmp directory exist? if (!is_dir($tempdir)) { JFolder::create($tempdir, 511); $htaccessContents = "order deny,allow\ndeny from all\nallow from none\n"; JFile::write($tempdir . '/.htaccess', $htaccessContents); } // If it exists and it is unwritable, try creating a writable admintools subdirectory. if (!is_writable($tempdir)) { $FTPOptions = JClientHelper::getCredentials('ftp'); $ftp = JClientFtp::getInstance($FTPOptions['host'], $FTPOptions['port'], array(), $FTPOptions['user'], $FTPOptions['pass']); $dest = JPath::clean(str_replace(JPATH_ROOT, $FTPOptions['root'], $tempdir . '/admintools'), '/'); if (!@mkdir($tempdir . '/admintools')) { $ftp->mkdir($dest); } if (!@chmod($tempdir . '/admintools', 511)) { $ftp->chmod($dest, 511); } $tempdir .= '/admintools'; } } // If we still have no writable directory, we'll try /tmp and the system's temp-directory. $writable = @is_writeable($tempdir); if (!$writable) { if (@is_dir('/tmp') && @is_writable('/tmp')) { $tempdir = '/tmp'; } else { // Try to find the system temp path. $tmpfile = @tempnam("dummy", ""); $systemp = @dirname($tmpfile); @unlink($tmpfile); if (!empty($systemp)) { if (@is_dir($systemp) && @is_writable($systemp)) { $tempdir = $systemp; } } } } $data .= <<<ENDDATA \t, \t'kickstart.ftp.ssl' => '0', \t'kickstart.ftp.passive' => '1', \t'kickstart.ftp.host' => '{$ftp_host}', \t'kickstart.ftp.port' => '{$ftp_port}', \t'kickstart.ftp.user' => '{$ftp_user}', \t'kickstart.ftp.pass' => '{$ftp_pass}', \t'kickstart.ftp.dir' => '{$ftp_root}', \t'kickstart.ftp.tempdir' => '{$tempdir}' ENDDATA; } $data .= ');'; // Remove the old file, if it's there... $configpath = JPATH_COMPONENT_ADMINISTRATOR . '/restoration.php'; if (JFile::exists($configpath)) { JFile::delete($configpath); } // Write new file. First try with JFile. $result = JFile::write($configpath, $data); // In case JFile used FTP but direct access could help. if (!$result) { if (function_exists('file_put_contents')) { $result = @file_put_contents($configpath, $data); if ($result !== false) { $result = true; } } else { $fp = @fopen($configpath, 'wt'); if ($fp !== false) { $result = @fwrite($fp, $data); if ($result !== false) { $result = true; } @fclose($fp); } } } return $result; }
/** * Change the permissions of a file, optionally using FTP * * @param string $path Absolute path to file * @param int $mode Permissions, e.g. 0755 * * @return boolean True on success * * @since 2.5.4 */ private static function chmod($path, $mode) { if (is_string($mode)) { $mode = octdec($mode); if ($mode < 0600 || $mode > 0777) { $mode = 0755; } } $ftpOptions = JClientHelper::getCredentials('ftp'); // Check to make sure the path valid and clean $path = JPath::clean($path); if ($ftpOptions['enabled'] == 1) { // Connect the FTP client $ftp = JClientFtp::getInstance($ftpOptions['host'], $ftpOptions['port'], array(), $ftpOptions['user'], $ftpOptions['pass']); } if (@chmod($path, $mode)) { $ret = true; } elseif ($ftpOptions['enabled'] == 1) { // Translate path and delete $path = JPath::clean(str_replace(JPATH_ROOT, $ftpOptions['root'], $path), '/'); // FTP connector throws an error $ret = $ftp->chmod($path, $mode); } else { return false; } return $ret; }
/** * Verify the FTP settings as being functional and correct. * * @param array $options Configuration options. * * @return mixed FTP root for given FTP user, or boolean false if not found. * * @since 3.1 */ public function verifyFtpSettings($options) { // Get the options as a object for easier handling. $options = ArrayHelper::toObject($options); // Connect and login to the FTP server. @($ftp = JClientFtp::getInstance($options->get('ftp_host'), $options->get('ftp_port'))); // Check to make sure FTP is connected and authenticated. if (!$ftp->isConnected()) { JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NOCONNECT'), 'error'); return false; } if (!$ftp->login($options->get('ftp_user'), $options->get('ftp_pass'))) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NOLOGIN'), 'error'); return false; } // Since the root path will be trimmed when it gets saved to configuration.php, // we want to test with the same value as well. $root = rtrim($options->get('ftp_root'), '/'); // Verify PWD function. if ($ftp->pwd() === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NOPWD'), 'error'); return false; } // Verify root path exists. if (!$ftp->chdir($root)) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NOROOT'), 'error'); return false; } // Verify NLST function. if (($rootList = $ftp->listNames()) === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NONLST'), 'error'); return false; } // Verify LIST function. if ($ftp->listDetails() === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NOLIST'), 'error'); return false; } // Verify SYST function. if ($ftp->syst() === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NOSYST'), 'error'); return false; } // Verify valid root path, part one. $checkList = array('robots.txt', 'index.php'); if (count(array_diff($checkList, $rootList))) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_INVALIDROOT'), 'error'); return false; } // Verify RETR function $buffer = null; if ($ftp->read($root . '/libraries/cms/version/version.php', $buffer) === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NORETR'), 'error'); return false; } // Verify valid root path, part two. $checkValue = file_get_contents(JPATH_ROOT . '/libraries/cms/version/version.php'); if ($buffer !== $checkValue) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_INVALIDROOT'), 'error'); return false; } // Verify STOR function. if ($ftp->create($root . '/ftp_testfile') === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NOSTOR'), 'error'); return false; } // Verify DELE function. if ($ftp->delete($root . '/ftp_testfile') === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NODELE'), 'error'); return false; } // Verify MKD function. if ($ftp->mkdir($root . '/ftp_testdir') === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NOMKD'), 'error'); return false; } // Verify RMD function. if ($ftp->delete($root . '/ftp_testdir') === false) { $ftp->quit(); JFactory::getApplication()->enqueueMessage(JText::_('INSTL_FTP_NORMD'), 'error'); return false; } $ftp->quit(); return true; }
/** * Moves a folder. * * @param string $src The path to the source folder. * @param string $dest The path to the destination folder. * @param string $path An optional base path to prefix to the file names. * @param boolean $use_streams Optionally use streams. * * @return mixed Error message on false or boolean true on success. * * @since 11.1 */ public static function move($src, $dest, $path = '', $use_streams = false) { $FTPOptions = JClientHelper::getCredentials('ftp'); if ($path) { $src = JPath::clean($path . '/' . $src); $dest = JPath::clean($path . '/' . $dest); } if (!self::exists($src)) { return JText::_('JLIB_FILESYSTEM_ERROR_FIND_SOURCE_FOLDER'); } if (self::exists($dest)) { return JText::_('JLIB_FILESYSTEM_ERROR_FOLDER_EXISTS'); } if ($use_streams) { $stream = JFactory::getStream(); if (!$stream->move($src, $dest)) { return JText::sprintf('JLIB_FILESYSTEM_ERROR_FOLDER_RENAME', $stream->getError()); } $ret = true; } else { if ($FTPOptions['enabled'] == 1) { // Connect the FTP client $ftp = JClientFtp::getInstance($FTPOptions['host'], $FTPOptions['port'], array(), $FTPOptions['user'], $FTPOptions['pass']); // Translate path for the FTP account $src = JPath::clean(str_replace(JPATH_ROOT, $FTPOptions['root'], $src), '/'); $dest = JPath::clean(str_replace(JPATH_ROOT, $FTPOptions['root'], $dest), '/'); // Use FTP rename to simulate move if (!$ftp->rename($src, $dest)) { return JText::_('Rename failed'); } $ret = true; } else { if (!@rename($src, $dest)) { return JText::_('Rename failed'); } $ret = true; } } return $ret; }
/** * Moves an uploaded file to a destination folder * * @param string $src The name of the php (temporary) uploaded file * @param string $dest The path (including filename) to move the uploaded file to * @param boolean $use_streams True to use streams * @param boolean $allow_unsafe Allow the upload of unsafe files * @param boolean $safeFileOptions Options to JFilterInput::isSafeFile * * @return boolean True on success * * @since 11.1 */ public static function upload($src, $dest, $use_streams = false, $allow_unsafe = false, $safeFileOptions = array()) { if (!$allow_unsafe) { $descriptor = array('tmp_name' => $src, 'name' => basename($dest), 'type' => '', 'error' => '', 'size' => ''); $isSafe = JFilterInput::isSafeFile($descriptor, $safeFileOptions); if (!$isSafe) { JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_WARNFS_ERR03', $dest), JLog::WARNING, 'jerror'); return false; } } // Ensure that the path is valid and clean $pathObject = new JFilesystemWrapperPath(); $dest = $pathObject->clean($dest); // Create the destination directory if it does not exist $baseDir = dirname($dest); if (!file_exists($baseDir)) { $folderObject = new JFilesystemWrapperFolder(); $folderObject->create($baseDir); } if ($use_streams) { $stream = JFactory::getStream(); if (!$stream->upload($src, $dest)) { JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_UPLOAD', $stream->getError()), JLog::WARNING, 'jerror'); return false; } return true; } else { $FTPOptions = JClientHelper::getCredentials('ftp'); $ret = false; if ($FTPOptions['enabled'] == 1) { // Connect the FTP client $ftp = JClientFtp::getInstance($FTPOptions['host'], $FTPOptions['port'], array(), $FTPOptions['user'], $FTPOptions['pass']); // Translate path for the FTP account $dest = $pathObject->clean(str_replace(JPATH_ROOT, $FTPOptions['root'], $dest), '/'); // Copy the file to the destination directory if (is_uploaded_file($src) && $ftp->store($src, $dest)) { unlink($src); $ret = true; } else { JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_WARNFS_ERR04', $src, $dest), JLog::WARNING, 'jerror'); } } else { if (is_writeable($baseDir) && move_uploaded_file($src, $dest)) { // Short circuit to prevent file permission errors if ($pathObject->setPermissions($dest)) { $ret = true; } else { JLog::add(JText::_('JLIB_FILESYSTEM_ERROR_WARNFS_ERR01'), JLog::WARNING, 'jerror'); } } else { JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_WARNFS_ERR04', $src, $dest), JLog::WARNING, 'jerror'); } } return $ret; } }
/** * @return void * * @since 3.0 */ public function removeFolder() { jimport('joomla.filesystem.folder'); // Check for a valid token. If invalid, send a 403 with the error message. JSession::checkToken('request') or $this->sendResponse(new Exception(JText::_('JINVALID_TOKEN'), 403)); // Get the posted config options. $vars = JRequest::getVar('jform', array()); $path = JPATH_INSTALLATION; //check whether the folder still exists if (!file_exists($path)) { $this->sendResponse(new Exception(JText::sprintf('INSTL_COMPLETE_ERROR_FOLDER_ALREADY_REMOVED'), 500)); } // check whether we need to use FTP $useFTP = false; if (file_exists($path) && !is_writable($path)) { $useFTP = true; } // Check for safe mode if (ini_get('safe_mode')) { $useFTP = true; } // Enable/Disable override if (!isset($options->ftpEnable) || $options->ftpEnable != 1) { $useFTP = false; } if ($useFTP == true) { // Connect the FTP client jimport('joomla.filesystem.path'); $ftp = JClientFtp::getInstance($options->ftp_host, $options->ftp_port); $ftp->login($options->ftp_user, $options->ftp_pass); // Translate path for the FTP account $file = JPath::clean(str_replace(JPATH_CONFIGURATION, $options->ftp_root, $path), '/'); $return = $ftp->delete($file); // Delete the extra XML file while we're at it if ($return) { $file = JPath::clean($options->ftp_root . '/joomla.xml'); if (file_exists($file)) { $return = $ftp->delete($file); } } $ftp->quit(); } else { // Try to delete the folder. // We use output buffering so that any error message echoed JFolder::delete // doesn't land in our JSON output. ob_start(); $return = JFolder::delete($path) && (!file_exists(JPATH_ROOT . '/joomla.xml') || JFile::delete(JPATH_ROOT . '/joomla.xml')); ob_end_clean(); } // If an error was encountered return an error. if (!$return) { $this->sendResponse(new Exception(JText::_('INSTL_COMPLETE_ERROR_FOLDER_DELETE'), 500)); } // Create a response body. $r = new JObject(); $r->text = JText::_('INSTL_COMPLETE_FOLDER_REMOVED'); // Send the response. $this->sendResponse($r); }
/** * @since 3.0 */ function _chmod($path, $mode) { $app = JFactory::getApplication(); $ret = false; $ftpFlag = true; $ftpRoot = $app->getCfg('ftp_root'); // Do NOT use ftp if it is not enabled if ($app->getCfg('ftp_enable') != 1) { $ftpFlag = false; } if ($ftpFlag == true) { // Connect the FTP client $ftp = JClientFtp::getInstance($app->getCfg('ftp_host'), $app->getCfg('ftp_port')); $ftp->login($app->getCfg('ftp_user'), $app->getCfg('ftp_pass')); // Translate the destination path for the FTP account $path = JPath::clean(str_replace(JPATH_SITE, $ftpRoot, $path), '/'); // Do the ftp chmod if (!$ftp->chmod($path, $mode)) { // FTP connector throws an error return false; } $ftp->quit(); $ret = true; } else { $ret = @chmod($path, $mode); } return $ret; }
private function getFTP($clientInput) { $signature = md5($clientInput); if (isset($this->FTP[$signature]) && $this->FTP[$signature] instanceof JClientFtp) { return $this->FTP[$signature]; } else { // make sure we have a string and it is not default or empty if (ComponentbuilderHelper::checkString($clientInput)) { // turn into vars parse_str($clientInput); // set options if (isset($options) && ComponentbuilderHelper::checkArray($options)) { foreach ($options as $option => $value) { if ('timeout' == $option) { $options[$option] = (int) $value; } if ('type' == $option) { $options[$option] = (string) $value; } } } else { $options = array(); } // get ftp object if (isset($host) && $host != 'HOSTNAME' && isset($port) && $port != 'PORT_INT' && isset($username) && $username != '*****@*****.**' && isset($password) && $password != 'password') { // load for reuse $this->FTP[$signature] = JClientFtp::getInstance($host, $port, $options, $username, $password); return $this->FTP[$signature]; } } } return false; }
function uddeIMmkdir($folder, $forcenoftp=false) { $options = array(); $ret = false; if (class_exists('JFactory')) { // Joomla 1.5? $config = JFactory::getConfig(); $options = array( 'enabled' => $config->get('ftp_enable'), 'host' => $config->get('ftp_host'), 'port' => $config->get('ftp_port'), 'user' => $config->get('ftp_user'), 'pass' => $config->get('ftp_pass'), 'root' => $config->get('ftp_root'), ); } if ($forcenoftp) $options['enabled'] = false; if ($options['enabled']) { jimport('joomla.client.ftp'); $configdatei = $options['root'].$folder; $ftp = JClientFtp::getInstance($options['host'], $options['port'], array(), $options['user'], $options['pass']); //if ($ftp->isConnected()) { // if ($ftp->login($options['user'], $options['pass'])) { $ret = $ftp->mkdir($configdatei); // } // $ftp->quit(); //} } else { $configdatei = uddeIMgetPath('absolute_path').$folder; $ret = @mkdir($configdatei); } return $ret; }