function deleteDir($dir) {
$dir = (substr($dir,0,-1)!='/')?$dir.'/':$dir;
if (OS == 'unix') {
} else {
if (file_exists($dir)) {
if ($handle = @opendir($dir)) {
while (false !== ($file = readdir($handle))) {
if ($file != '.' && $file != '..') {
if (is_dir($dir.$file)) {
deleteDir($dir.$file.'/');
@rmdir($dir.$file);
}
if (is_file($dir.$file)) {
deleteFile($dir.$file);
}
}
}
closedir($handle);
}
rmdir($dir);
}
}
}
public function beforeDelete()
{
if ($this->video_file) {
$pathVideo = Yii::getPathOfAlias($this->path) . DIRECTORY_SEPARATOR . $this->apartment_id . DIRECTORY_SEPARATOR;
deleteFile($pathVideo, $this->video_file);
}
return parent::beforeDelete();
}
function deleteFilesByLuaId($id)
{
global $dbConnect;
$dbresult = $dbConnect->getFilesByLua($id);
while ($row = mysql_fetch_assoc($dbresult)) {
deleteFile($row['Id']);
}
rmdir("files/" . $id);
}
public function delete()
{
$returnVal = false;
if ($this->intTableKeyValue != "") {
$info = $this->arrObjInfo;
if (parent::delete()) {
deleteFile(BASE_DIRECTORY . $info['icon']);
$returnVal = true;
}
}
return $returnVal;
}
public function delete()
{
$returnVal = false;
if ($this->intTableKeyValue != "") {
$info = $this->arrObjInfo;
$returnVal = parent::delete();
if ($info['headertype'] == "image" && $info['headercode'] != "") {
deleteFile(BASE_DIRECTORY . $info['headercode']);
}
}
return $returnVal;
}
public function imagedel()
{
global $CONFIG;
$path = 'gallery/images';
foreach ($_POST['ids'] as $id) {
$getfile = $this->gallery->get_image_id($id);
$delImage[] = $getfile['content'];
}
foreach ($delImage as $image) {
deleteFile($image, $path);
}
$albumid = $_POST['album'];
$data = $this->gallery->image_del($_POST['ids']);
echo "<script>alert('Photo successfully deleted');window.location.href='" . $CONFIG['admin']['base_url'] . "gallery/album/?album=" . $albumid . "'</script>";
}
/**
* Display a list of Templates data.
*
* @return void
*/
public function index($offset = 0)
{
// Deleting anything?
if (isset($_POST['delete'])) {
$this->auth->restrict($this->permissionDelete);
$checked = $this->input->post('checked');
if (is_array($checked) && count($checked)) {
// If any of the deletions fail, set the result to false, so
// failure message is set if any of the attempts fail, not just
// the last attempt
$result = true;
foreach ($checked as $pid) {
/*******Physically delete the template from its location******/
$template_to_be_deleted = $this->templates_model->find_by('id', $pid);
$file_to_delete = $template_to_be_deleted->filename;
$deletepath = $this->config->item('smartembed_template_location') . $file_to_delete;
$is_file_delete = false;
$is_file_delete = deleteFile($deletepath);
/********************************************/
$deleted = $this->templates_model->delete($pid);
if ($deleted == false || $is_file_delete == false) {
$result = false;
}
}
if ($result) {
Template::set_message(count($checked) . ' ' . lang('templates_delete_success'), 'success');
} else {
Template::set_message(lang('templates_delete_failure') . $this->templates_model->error, 'error');
}
}
}
$pagerUriSegment = 5;
$pagerBaseUrl = site_url(SITE_AREA . '/embeds/templates/index') . '/';
$limit = $this->settings_lib->item('site.list_limit') ?: 15;
$this->load->library('pagination');
$pager['base_url'] = $pagerBaseUrl;
$pager['total_rows'] = $this->templates_model->count_all();
$pager['per_page'] = $limit;
$pager['uri_segment'] = $pagerUriSegment;
$this->pagination->initialize($pager);
$this->templates_model->limit($limit, $offset);
$records = $this->templates_model->find_all();
Template::set('records', $records);
Template::set('toolbar_title', lang('templates_manage'));
Template::render();
}
/**
*
* @ WHMCS FULL DECODED & NULLED
*
* @ Version : 5.2.15
* @ Author : MTIMER
* @ Release on : 2013-12-24
* @ Website : http://www.mtimer.cn
*
**/
function project_management_recursive_rmdir($dir)
{
if (is_dir($dir)) {
$folder_path_real = realpath($dir);
$objects = scandir($dir);
foreach ($objects as $object) {
if ($object != "." && $object != "..") {
if (filetype($dir . "/" . $object) == "dir") {
project_management_recursive_rmdir($dir . "/" . $object);
continue;
}
deleteFile($dir . "/", $object);
continue;
}
}
reset($objects);
rmdir($dir);
}
}
/**
* Delete category
* @param $sCategory - category identificator
* @return $bResult: true - success / false - failure
*/
function deleteCategory($sCategory)
{
$bResult = false;
if (!isEmptyCategory($sCategory)) {
$res = getResult("SELECT `ID` FROM `" . MODULE_DB_PREFIX . "Categories` WHERE `Parent`='" . $sCategory . "'");
for ($i = 0; $i < mysql_num_rows($res); $i++) {
$aCat = mysql_fetch_assoc($res);
$bResult = deleteCategory($aCat['ID']);
}
$res = getResult("SELECT `ID` FROM `" . MODULE_DB_PREFIX . "Files` WHERE `CategoryId`='" . $sCategory . "'");
for ($i = 0; $i < mysql_num_rows($res); $i++) {
$aFile = mysql_fetch_assoc($res);
$bResult = deleteFile($aFile['ID']);
}
} else {
$bResult = true;
}
getResult("DELETE FROM `" . MODULE_DB_PREFIX . "Categories` WHERE `ID`='" . $sCategory . "'");
return $bResult;
}
public function delete()
{
$returnVal = false;
if ($this->intTableKeyValue != "") {
$info = $this->arrObjInfo;
$countErrors = 0;
$result = $this->MySQL->query("DELETE FROM " . $this->strTableName . " WHERE " . $this->strTableKey . " = '" . $this->intTableKeyValue . "'");
if ($this->MySQL->error) {
$countErrors++;
}
$result = $this->MySQL->query("DELETE FROM " . $this->MySQL->get_tablePrefix() . "medals_members WHERE " . $this->strTableKey . " = '" . $this->intTableKeyValue . "'");
if ($this->MySQL->error) {
$countErrors++;
}
$this->resortOrder();
if ($countErrors == 0) {
$returnVal = true;
deleteFile(BASE_DIRECTORY . $info['imageurl']);
}
}
return $returnVal;
}
public function delete()
{
if ($this->intTableKeyValue != "") {
switch ($this->arrObjInfo['itemtype']) {
case "link":
$this->objLink->select($this->arrObjInfo['itemtype_id']);
$this->objLink->delete();
break;
case "image":
$this->objImage->select($this->arrObjInfo['itemtype_id']);
$info = $this->objImage->get_info();
deleteFile(BASE_DIRECTORY . $info['imageurl']);
$this->objImage->delete();
break;
case "shoutbox":
$this->objShoutbox->select($this->arrObjInfo['itemtype_id']);
$this->objShoutbox->delete();
break;
case "custompage":
$this->objCustomPage->select($this->arrObjInfo['itemtype_id']);
$this->objCustomPage->delete();
break;
case "customform":
$this->objCustomPage->select($this->arrObjInfo['itemtype_id']);
$this->objCustomPage->delete();
break;
case "customcode":
$this->objCustomBlock->select($this->arrObjInfo['itemtype_id']);
$this->objCustomBlock->delete();
break;
case "customformat":
$this->objCustomBlock->select($this->arrObjInfo['itemtype_id']);
$this->objCustomBlock->delete();
break;
}
return parent::delete();
}
}
function deleteFile($path)
{
global $text;
if (is_dir($path)) {
$handle = opendir($path);
while ($list = readdir($handle)) {
if ($list == '.' || $list == '..') {
//do nothing
} else {
$list = $path . '/' . $list;
}
switch ($list) {
case $list == '.' || $list == '..':
//echo $list.' this is special directory ';
continue;
case is_file($list):
if (unlink($list)) {
$text = $text . 'DEL ' . $list . '<br/>';
} else {
$text = $text . 'DEL SUCCESS';
}
break;
case is_dir($list):
//$text=$text. '��Ŀ¼ '.$list.'<br/>';
deleteFile($list);
break;
default:
//$text=$text.'default action '.$list.'';
continue;
}
}
} else {
$text = $text . $path . ' sorry the path is not directory';
}
return $text;
}
deleteFile("templates/Includes/Preview.ss");
deleteFile("templates/Includes/PreviewAssets.ss");
deleteFile("javascript/preview.js");
deleteFile("scss/preview.scss");
deleteFile("css/preview.css");
//deleting the preview directory
$directory = "_preview";
$delRT = deleteDirectory($directory);
if ($delRT == 1) {
//nothing
} else {
echo $delRT;
exit;
}
//deleting this file
deleteFile("_deletepreviewfiles.php");
echo "success";
exit;
} else {
echo "You need to append ?delete=1 to delete the preview files";
exit;
}
function deleteFile($file)
{
if (!is_writeable($file)) {
return "The file \"{$file}\" can't be deleted. Please check your permissions and try again.";
}
$msg = "";
if (file_exists($file)) {
unlink($file);
$msg = "deleted file {$file}";
if ($query = $database->query($sql)) {
$result = $query->fetchRow();
$bildfilename = $result['file_name'];
$parent_id = $result['parent_id'];
//echo '<h2>'.$parent_id.'</h2>' ;
$query2 = $database->query('SELECT * FROM ' . TABLE_PREFIX . 'mod_foldergallery_categories WHERE id=' . $parent_id . ' LIMIT 1;');
$categorie = $query2->fetchRow();
if ($categorie['parent_id'] != -1) {
$parent = $categorie['parent'] . '/' . $categorie['categorie'];
} else {
$parent = '';
}
$folder = $root_dir . $parent;
$pathToFolder = $path . $folder . '/';
$pathToFile = $path . $folder . '/' . $bildfilename;
$pathToThumb = $path . $folder . $thumbdir . '/' . $bildfilename;
if (!deleteFile($pathToFile) || !deleteFile($pathToThumb)) {
$admin->print_error($MOD_FOLDERGALLERY['ERROR_MESSAGE'], WB_URL . '/modules/foldergallery/admin/modify_cat.php?page_id=' . $page_id . '§ion_id=' . $section_id . '&cat_id=' . $cat_id);
}
$sql = 'DELETE FROM ' . TABLE_PREFIX . 'mod_foldergallery_files WHERE id=' . $_GET['id'];
$database->query($sql);
$admin->print_success($TEXT['SUCCESS'], WB_URL . '/modules/foldergallery/admin/modify_cat.php?page_id=' . $page_id . '§ion_id=' . $section_id . '&cat_id=' . $cat_id);
} else {
$admin->print_error($MOD_FOLDERGALLERY['ERROR_MESSAGE'], WB_URL . '/modules/foldergallery/admin/modify_cat.php?page_id=' . $page_id . '§ion_id=' . $section_id . '&cat_id=' . $cat_id);
}
} else {
$admin->print_error($MOD_FOLDERGALLERY['ERROR_MESSAGE'], WB_URL . '/modules/foldergallery/admin/modify_cat.php?page_id=' . $page_id . '§ion_id=' . $section_id . '&cat_id=' . $cat_id);
}
// reset the mySQL encoding
mysql_set_charset($oldMysqlEncoding, $database->db_handle);
$admin->print_footer();
function imageFrame($filename = false, $framefile = false)
{
global $IMAGE, $CONFIG;
if (array_key_exists('mobile', $CONFIG)) {
include APP . LIBS . 'class_image_upload/class.upload.php';
} else {
include LIBS . 'class_image_upload/class.upload.php';
}
deleteFile($filename, 'imageFramed');
// pr($IMAGE[0]['pathfile'].$filename);
$handle = new Upload($IMAGE[0]['pathfile'] . $filename);
// pr($handle);
if ($handle->uploaded) {
$handle->image_resize = true;
$handle->image_x = 180;
$handle->image_y = 181;
$handle->image_ratio_crop = false;
$handle->jpeg_quality = 100;
$handle->image_watermark = $IMAGE[0]['pathframe'] . $framefile;
$handle->Process($IMAGE[0]['imageframed']);
if ($handle->processed) {
$filename = $handle->file_dst_name;
} else {
echo 'Error: ' . $handle->error . '';
}
$handle->Clean();
return true;
} else {
echo 'Error: ' . $handle->error . '';
}
return false;
}
return;
}
if ($args->authToken) {
// Your authentication may go here....
}
$rootDir = str_replace("\\", "/", realPath($docRoot . "/" . $args->basePath));
$fullPath = str_replace("\\", "/", realPath($rootDir . "/" . $args->path));
if ($rootDir && $fullPath) {
// Make sure the caller isn't backtracking by specifying paths like '../../../'
if (strncmp($rootDir, $docRoot, strlen($docRoot)) || strncmp($fullPath, $rootDir, strlen($rootDir))) {
cgiResponse(HTTP_V_FORBIDDEN, "Forbidden", "We're not going there...");
return;
}
switch ($method) {
case "DELETE":
$files = deleteFile($fullPath, $rootDir, $args, $status);
if ($files) {
// Compile the final result
$result = new stdClass();
$result->total = count($files);
$result->status = $status;
$result->items = $files;
header("Content-Type: text/json");
print json_encode($result);
} else {
cgiResponse($status, "Not Found", null);
}
break;
case "GET":
$files = getFile($fullPath, $rootDir, $args, $status);
$total = count($files);
function deleteTicket($ticketid, $replyid = "")
{
global $attachments_dir;
$where = array("tid" => $ticketid);
if ($replyid) {
$where = array("id" => $replyid);
}
$result = select_query("tblticketreplies", "", $where);
while ($data = mysql_fetch_array($result)) {
$attachment = $data['attachment'];
if ($attachment) {
$attachment = explode("|", $attachment);
foreach ($attachment as $file) {
deleteFile($attachments_dir, $file);
}
}
}
if (!$replyid) {
$result = select_query("tbltickets", "", array("id" => $ticketid));
$data = mysql_fetch_array($result);
$attachment = $data['attachment'];
if ($attachment) {
$attachment = explode("|", $attachment);
foreach ($attachment as $file) {
deleteFile($attachments_dir, $file);
}
}
delete_query("tblticketreplies", array("tid" => $ticketid));
delete_query("tbltickets", array("id" => $ticketid));
logActivity("Deleted Ticket - Ticket ID: " . $ticketid);
return null;
}
delete_query("tblticketreplies", array("id" => $replyid));
addTicketLog($ticketid, "Deleted Ticket Reply (ID: " . $replyid . ")");
logActivity("Deleted Ticket Reply - ID: " . $replyid);
}
*/
$checkSession = true;
require_once '../includes/library.php';
$meeting = $_REQUEST['meeting'];
$action = $_REQUEST['action'];
$id = $_REQUEST['id'];
if ($action == 'delete') {
$id = str_replace("**", ",", $id);
$tmpquery1 = "DELETE FROM " . $tableCollab["meetings_attachment"] . " WHERE id IN({$id}) OR vc_parent IN({$id})";
$tmpquery = "WHERE mat.id IN({$id}) OR mat.vc_parent IN({$id}) ORDER BY mat.name";
$listFiles = new request();
$listFiles->openMeetingsAttachment($tmpquery);
$comptListFiles = count($listFiles->mat_id);
for ($i = 0; $i < $comptListFiles; $i++) {
if (file_exists("../files/" . $project . "/meetings/" . $meeting . "/" . $listFiles->mat_name[$i])) {
deleteFile("files/" . $project . "/meetings/" . $meeting . "/" . $listFiles->mat_name[$i]);
}
}
connectSql("{$tmpquery1}");
if ($sendto == "filedetails") {
header('Location: ../meetings/viewfile.php?id=' . $listFiles->mat_vc_parent[0] . '&msg=deleteFile');
exit;
} else {
header("Location: ../meetings/viewmeeting.php?id={$meeting}&msg=deleteFile");
exit;
}
}
$tmpquery = "WHERE pro.id = '{$project}'";
$projectDetail = new request();
$projectDetail->openProjects($tmpquery);
$tmpquery = "WHERE mee.id = '{$meeting}'";
function purgeFiles()
{
global $schedulePars;
$videoHours = $schedulePars[SCHEDULE_PURGEVIDEOHOURS];
$imageHours = $schedulePars[SCHEDULE_PURGEIMAGEHOURS];
$lapseHours = $schedulePars[SCHEDULE_PURGELAPSEHOURS];
$purgeCount = 0;
if ($videoHours > 0 || $imageHours > 0 || $lapseHours > 0) {
$files = scandir(BASE_DIR . '/' . MEDIA_PATH);
$currentHours = time() / 3600;
foreach ($files as $file) {
if ($file != '.' && $file != '..' && isThumbnail($file)) {
$fType = getFileType($file);
$purgeHours = 0;
switch ($fType) {
case 'i':
$purgeHours = $imageHours;
break;
case 't':
$purgeHours = $lapseHours;
break;
case 'v':
$purgeHours = $videoHours;
break;
}
if ($purgeHours > 0) {
$fModHours = filemtime(BASE_DIR . '/' . MEDIA_PATH . "/{$file}") / 3600;
if ($fModHours > 0 && $currentHours - $fModHours > $purgeHours) {
deleteFile($file);
$purgeCount++;
}
}
}
}
}
if ($schedulePars[SCHEDULE_PURGESPACEMODE] > 0) {
$totalSize = disk_total_space(BASE_DIR . '/' . MEDIA_PATH) / 1024;
//KB
$level = str_replace(array('%', 'G', 'B', 'g', 'b'), '', $schedulePars[SCHEDULE_PURGESPACELEVEL]);
switch ($schedulePars[SCHEDULE_PURGESPACEMODE]) {
case 1:
case 2:
$level = min(max($schedulePars[SCHEDULE_PURGESPACELEVEL], 3), 97) * $totalSize / 100;
break;
case 3:
case 4:
$level = $level * 1048576.0;
break;
}
switch ($schedulePars[SCHEDULE_PURGESPACEMODE]) {
case 1:
//Free Space
//Free Space
case 3:
$currentAvailable = disk_free_space(BASE_DIR . '/' . MEDIA_PATH) / 1024;
//KB
//writeLog(" free space purge total $totalSize current: $currentAvailable target: $level");
if ($currentAvailable < $level) {
$pFiles = getSortedFiles(false);
//files in latest to earliest order
while ($currentAvailable < $level && count($pFiles) > 0) {
$currentAvailable += deleteFile(array_pop($pFiles));
$purgeCount++;
}
}
//writeLog("Finished. Current now: $currentAvailable");
break;
case 2:
// Max usage
// Max usage
case 4:
$pFiles = getSortedFiles(false);
//files in latest to earliest order
//writeLog(" Max space purge max: $level");
foreach ($pFiles as $pFile) {
$del = $level <= 0;
$level -= deleteFile($pFile, $del);
if ($del) {
$purgeCount++;
}
}
break;
}
}
if ($purgeCount > 0) {
writeLog("Purged {$purgeCount} Files");
}
}
$module = vtlib_purify($_REQUEST['target_module']);
$sql = "INSERT INTO vtiger_wordtemplates ";
$sql .= "(templateid,module,date_entered,parent_type,data,description,filename,filesize,filetype) values (?,?,?,?,?,?,?,?,?)";
$params = array($genQueryId, $module, $adb->formatDate($date_entered, true), $parent_type, $adb->getEmptyBlob(false), $strDescription, $filename, $filesize, $filetype);
$result = $adb->pquery($sql, $params);
$result = $adb->updateBlob('vtiger_wordtemplates', 'data', " filename='" . $adb->sql_escape_string($filename) . "'", $data);
deleteFile($uploaddir, $filename);
header("Location: index.php?action=listwordtemplates&module=Settings&parenttab=Settings");
} elseif ($savefile == "false") {
$module = vtlib_purify($_REQUEST['target_module']);
header("Location: index.php?action=upload&module=Settings&parenttab=Settings&flag=" . $error_flag . "&description=" . $strDescription . "&tempModule=" . $module);
} else {
include 'modules/Vtiger/header.php';
$errormessage = "<font color='red'><B>Error Message<ul>\n\t\t\t\t<li><font color='red'>Invalid file OR</font>\n\t\t\t\t<li><font color='red'>File has no data</font>\n\t\t\t\t</ul></B></font> <br>";
echo $errormessage;
deleteFile($uploaddir, $filename);
include "upload.php";
}
}
} else {
$module = vtlib_purify($_REQUEST['target_module']);
header("Location: index.php?action=upload&module=Settings&parenttab=Settings&flag=2&description=" . $strDescription . "&tempModule=" . $module);
}
} else {
$errorCode = $_FILES['binFile']['error'];
if ($errorCode == 4) {
include 'modules/Vtiger/header.php';
include "upload.php";
// $errormessage = "<B><font color='red'>Kindly give a valid file for upload!</font></B> <br>" ;
echo "<script>alert('" . $mod_strings['SPECIFY_FILE_TO_MERGE'] . "')</script>";
} else {
public function delete($print_response = true)
{
$file_names = $this->get_file_names_params();
if (empty($file_names)) {
$file_names = array($this->get_file_name_param());
}
$response = array();
foreach ($file_names as $file_name) {
$file_path = $this->get_upload_path($file_name);
$success = is_file($file_path) && $file_name[0] !== '.' && unlink($file_path);
if ($success) {
deleteFile($_SESSION['course'], $file_path, $_SESSION['teacher']);
foreach ($this->options['image_versions'] as $version => $options) {
if (!empty($version)) {
$file = $this->get_upload_path($file_name, $version);
if (is_file($file)) {
unlink($file);
}
}
}
}
$response[$file_name] = $success;
}
return $this->generate_response($response, $print_response);
}
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once 'WebDFS/Client.php';
require_once 'WebDFS/Helper.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
handleUpload();
} else {
if (isset($_GET['delete'])) {
deleteFile($_GET['delete']);
} else {
if (isset($_GET['get'])) {
getFile($_GET['get']);
} else {
showForm();
}
}
}
function showForm()
{
echo '
<html>
<body>
<form action="/upload.php" enctype="multipart/form-data" method="post">
<p>
print "<script language=javascript>alert('错误:" . str_replace("'", "\\'", $db->ErrorMsg()) . "');window.history.back(-1);</script>";
} else {
page_css("任务执行记录");
$return = FormPageAction("action", "init_default");
print_infor("新增任务执行记录成功", 'trip', "location='?{$return}'", "?{$return}", 0);
}
exit;
}
if ($_GET['action'] == "delete_array") {
$selectid = $_GET['selectid'];
$selectid = explode(",", $selectid);
$db->StartTrans();
require_once "../Framework/uploadFile.php";
for ($i = 0; $i < sizeof($selectid); $i++) {
if ($selectid[$i] != "") {
deleteFile("workplanmain_detail", "id", $selectid[$i], "fujian");
$mainrowid = returntablefield("workplanmain_detail", "id", $selectid[$i], "mainrowid");
$sql = "delete from workplanmain_detail where id=" . $selectid[$i];
$db->Execute($sql);
updateWorkplanmain($mainrowid);
}
}
//是否事务出现错误
if ($db->HasFailedTrans()) {
print "<script language=javascript>alert('错误:" . str_replace("'", "\\'", $db->ErrorMsg()) . "');window.history.back(-1);</script>";
} else {
page_css("任务执行记录");
$return = FormPageAction("action", "init_default");
print_infor("任务执行记录已删除", 'trip', "location='?{$return}'", "?{$return}", 0);
}
$db->CompleteTrans();
//search URL pattern: controller.php?operation=search&keyword=???&caseInsensitive=???
} else {
if ('search' == $operation) {
search($_POST['keyword'], $_POST['caseInsensitive']);
//Sort URL pattern: controller.php?operation=sort&column=???&asc=???
} else {
if ('sort' == $operation) {
_sort($_POST['column'], $_POST['asc']);
//Filtrate URL pattern: controller.php?operation=filter&suffix=???&displayInvisible=???
} else {
if ('filter' == $operation) {
filter($_POST['suffix'], $_POST['displayInvisible']);
//Delete URL pattern: controller.php?operation=delete&fileName=???
} else {
if ('delete' == $operation) {
deleteFile($_POST['fileName'], getCurrentPath());
//Rename URL pattern: controller.php?operation=rename&originalFileName=???&newFileName=???
} else {
if ('rename' == $operation) {
renameFile($_POST['originalFileName'], $_POST['newFileName'], getCurrentPath());
//New Folder URL pattern: controller.php?operation=newFolder$folderName=???
} else {
if ('newFolder' == $operation) {
newFolder($_POST['folderName'], getCurrentPath());
//Change Readonly Password URL patterm: controller.php?operation=changePassword&oldPassword=???&newPassword=???
} else {
if ('changePassword' == $operation) {
changePassword($_POST['oldPassword'], $_POST['newPassword']);
}
}
}
die('No Joomla CMS found here! Please check you have put the file into Joomla webroot folder.');
}
/*
* not scanning JS files in the early versions
* as it gives many false positives (eg. "eval")
*/
//$fileExt = 'php|js|txt|html|htaccess' ;
$fileExt = 'php|php3|php4|php5|phps|txt|html|htaccess|gif|js';
// file extensions
$ignoreDirs = '.|..|.DS_Store|.svn|.git';
// dirnames to ignore
$directory = '.';
// a directory to scan; default: current dir
/* * * * * * * * * * * * * * SETTINGS END * * * * * * * * * * * * * */
if (isset($_GET['action']) && $_GET['action'] == 'autodestruct') {
deleteFile();
}
// counter reset
$count = 0;
$total_results = 0;
/* * * * * Patterns Start * * * * */
$jamssStrings = 'r0nin|m0rtix|upl0ad|r57shell|c99shell|shellbot|phpshell|void\\.ru|phpremoteview|directmail|bash_history|multiviews|cwings|vandal|bitchx|eggdrop|guardservices|psybnc|dalnet|undernet|vulnscan|spymeta|raslan58|Webshell|str_rot13|FilesMan|FilesTools|Web Shell|ifrm|bckdrprm|hackmeplz|wrgggthhd|WSOsetcookie|Hmei7|Inbox Mass Mailer|HackTeam|Hackeado';
// this patterns will be used if GET parameter ?deepscan=1 is set while calling jamss.php file
$jamssDeepSearchStrings = 'eval|base64_decode|base64_encode|gzdecode|gzdeflate|gzuncompress|gzcompress|readgzfile|zlib_decode|zlib_encode|gzfile|gzget|gzpassthru|iframe|strrev';
// the patterns to search for
$jamssPatterns = array(array('preg_replace\\s*\\(\\s*[\\"\']\\s*(\\W)(?-s).*\\1[imsxADSUXJu\\s]*e[imsxADSUXJu\\s]*[\\"\'].*\\)', 'PHP: preg_replace Eval', '1', 'We detected preg_replace function that evaluates (executes) mathed code. This means if PHP code is passed it will be executed.', 'Part example code from http://sucuri.net/malware/backdoor-phppreg_replaceeval'), array('c999sh_surl', 'Backdoor: PHP:C99:045', '2', 'Detected the "C99? backdoor that allows attackers to manage (and reinfect) your site remotely. It is often used as part of a compromise to maintain access to the hacked sites.', 'http://sucuri.net/malware/backdoor-phpc99045'), array('preg_match\\s*\\(\\s*\\"\\s*/\\s*bot\\s*/\\s*\\"', 'Backdoor: PHP:R57:01', '3', 'Detected the "R57? backdoor that allows attackers to access, modify and reinfect your site. It is often hidden in the filesystem and hard to find without access to the server or logs.', 'http://sucuri.net/malware/backdoor-phpr5701'), array('eval[\\s/\\*\\#]*\\(stripslashes[\\s/\\*\\#]*\\([\\s/\\*\\#]*\\$_(REQUEST|POST|GET)\\s*\\[\\s*\\\\s*[\'\\"]\\s*asc\\s*\\\\s*[\'\\"]', 'Backdoor: PHP:GENERIC:07', '5', 'Detected a generic backdoor that allows attackers to upload files, delete files, access, modify and/or reinfect your site. It is often hidden in the filesystem and hard to find without access to the server or logs. It also includes uploadify scripts and similars that offer upload options without security. ', 'http://sucuri.net/malware/backdoor-phpgeneric07'), array('preg_replace\\s*\\(\\s*[\\"\'\\”]\\s*/\\s*\\.\\s*\\*\\s*/\\s*e\\s*[\\"\'\\”]\\s*,\\s*[\\"\'\\”]\\s*\\x65\\x76\\x61\\x6c', 'Backdoor: PHP:Filesman:02', '7', 'We detected the “Filesman” backdoor that allows attackers to access, modify and reinfect your site. It is often hidden in the filesystem and hard to find without access to the server or logs.', 'http://sucuri.net/malware/backdoor-phpfilesman02'), array('(include|require)(_once)*\\s*[\\"\'][\\s/\\*\\#]*php://input[\\s/\\*\\#]*[\\"\']', 'PHP:\\input include', '8', 'Detected the method of reading input through PHP protocol handler in include/require statements.'), array('data:;base64', 'data:;base64 include', '9', 'Detected the method of executing base64 data in include.'), array('RewriteCond\\s*%\\{HTTP_REFERER\\}', '.HTAC RewriteCond-Referer', '10', 'Your .htaccess file has a conditional redirection based on "HTTP Referer". This means it redirects according to site/url from where your visitors came to your site. Such technique has been used for unwanted redirections after coming from Google or other search engines, so check this directive carefully.'), array('brute\\s*force', '"Brute Force" words', '11', 'We detected the "Brute Force" words mentioned in code. <u>Sometimes it\'s a "false positive"</u> because several developers like to mention it in they code, but it\'s worth double-checking if this file is untouche (eg. compare it with one in original extension package).'), array('GIF89a.*[\\r\\n]*.*<\\?php', 'PHP file desguised as GIF image', '15', 'We detected a PHP file that was most probably uploaded as an image via webform that loosely only checks file headers.'), array('\\$ip[\\s/\\*\\#]*=[\\s/\\*\\#]*getenv\\(["\']REMOTE_ADDR["\']\\);[\\s/\\*\\#]*[\\r\\n]\\$message', 'Probably malicious PHP script that "calls home"', '16', 'This pattern detects script variations used for informing attackers about found vulnerable website.'), array('(eval|gzuncompress|gzinflate|base64_decode|str_rot13|strrev)[\\s/\\*\\#]*\\([\\s/\\*\\#]*(eval|gzuncompress|gzinflate|base64_decode|str_rot13|strrev)', 'PHP: double GZINFLATE||GZUNCOMPRESS||B64||ROT13||EVAL||STRREV', '17', 'This pattern could be used in highly encoded, malicious code hidden under a loop of gzinflate/gzuncompress/base64_decode calls. In these cases the decoded hacker code goes through an eval call to execute it. This pattern is also often used for legitimate purposes, e.g. storing configuration information or serialised object data. Please inspect the file manually and compare it with the one in the original extension or Joomla package to verify that this is not a false positive.', 'Thanks to Dario Pintarić (dario.pintaric[et}orion-web.hr for this report!'), array('<\\s*iframe', 'IFRAME element', '18', 'Found IFRAME element in code, please check if it\'s a valid code.'), array('strrev[\\s/\\*\\#]*\\([\\s/\\*\\#]*[\'"]\\s*tressa\\s*[\'"]\\s*\\)', 'Reversed string "assert"', '19', 'Assert function name is being hidden behind strrev().'), array('is_writable[\\s/\\*\\#]*\\([\\s/\\*\\#]*getcwd', 'Is the current DIR Writable?', '20', 'Could be harmless, but used in some malware'));
/* * * * * Patterns End * * * * */
// check if DeepScan should be done
if (isset($_GET['deepscan'])) {
$patterns = array_merge($jamssPatterns, explode('|', $jamssStrings), explode('|', $jamssDeepSearchStrings));
} else {
public function insert_upload()
{
global $CONFIG;
if (isset($_POST)) {
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['action'] = 'insert';
if ($x['id'] != '') {
$x['action'] = 'update';
}
/*$exp = explode("_",$x['file_hidden']);
$encode_name_files = $exp[0];
$real_name_files = $exp[1];*/
//upload file
if (!empty($_FILES['file_image']['name'])) {
// echo "masuk files";
if ($_FILES['file_image']['name'] != '') {
if ($x['action'] == 'update') {
deleteFile($x['file_hidden']);
}
$image = uploadFile('file_image', null, 'image');
// pr($image);
// $x['post_image'] = $image['full_name']."_".$image['real_name'];
$x['post_image'] = $image['full_name'];
}
} else {
// echo "sini kan";
$x['post_image'] = $x['file_hidden'];
}
// pr($x);
$data = $this->mcourse->upload_insert($x);
}
} catch (Exception $e) {
}
if ($x['id'] == '') {
echo "<script>alert('Upload Ebook & Video Successfully Created');window.location.href='" . $CONFIG['admin']['base_url'] . "course/uploadfile'</script>";
} else {
echo "<script>alert('Upload Ebook & Video Successfully Update');window.location.href='" . $CONFIG['admin']['base_url'] . "course/uploadfile'</script>";
}
}
return $this->loadView('insert_upload');
}
/**
* @return void
* @param array $values Array of new values
* @desc Update image information, upload new image or delete old -- depends on parameters.
*/
function update($values) {
GLOBAL $data;
$this->init($data,$values['id']);
if ($this->isNew()) {
// insert image
foreach ($this->image['images'] as $key=>$params) {
$is_saved = $this->saveUploadedFile($key);
if ($is_saved && $key==0) {
$this->createThumbnail($key);
}
if (!$is_saved && $key!=0) {
$this->createThumbnail($key);
}
}
} else {
//update images
if ($values['is_delete']) { //delete all images
if ($values['apply_to_thumbnails']) {
foreach ($this->image['images'] as $key=>$image) {
unlink($this->path.$values['id'].'_'.$key);
}
}
deleteFile($this->path.$values[id].'_t');
}
//save uploaded file
$is_saved = $this->saveUploadedFile(0);
if ($is_saved) { //main image uploaded
$this->createThumbnail(0); //make original thumbnail
if ($values['apply_to_thumbnails']) { //apply changes to thumbnails
foreach ($this->image['images'] as $key=>$params) {
if ($key!=0) $this->createThumbnail($key);
}
}
}
}
return false;
}
if (isset($_POST['action'])) {
//global commands
switch ($_POST['action']) {
case 'deleteAll':
maintainFolders(MEDIA_PATH, true, true);
break;
case 'selectAll':
$dSelect = "checked";
break;
case 'selectNone':
$dSelect = "";
break;
case 'deleteSel':
if (!empty($_POST['check_list'])) {
foreach ($_POST['check_list'] as $check) {
deleteFile($check);
}
}
maintainFolders(MEDIA_PATH, false, false);
break;
case 'updateSizeOrder':
if (!empty($_POST['previewSize'])) {
$previewSize = $_POST['previewSize'];
if ($previewSize < 100 || $previewSize > 1920) {
$previewSize = 640;
}
setcookie("previewSize", $previewSize, time() + 86400 * 365, "/");
}
if (!empty($_POST['thumbSize'])) {
$thumbSize = $_POST['thumbSize'];
if ($thumbSize < 32 || $thumbSize > 320) {
}
if ($action == "delete") {
$id = str_replace("**", ",", $id);
$tmpquery1 = "DELETE FROM " . $tableCollab["files"] . " WHERE id IN({$id}) OR vc_parent IN({$id})";
$tmpquery = "WHERE fil.id IN({$id}) OR fil.vc_parent IN({$id}) ORDER BY fil.name";
$listFiles = new request();
$listFiles->openFiles($tmpquery);
$comptListFiles = count($listFiles->fil_id);
for ($i = 0; $i < $comptListFiles; $i++) {
if ($task != "0") {
if (file_exists("../files/" . $project . "/" . $task . "/" . $listFiles->fil_name[$i])) {
deleteFile("files/" . $project . "/" . $task . "/" . $listFiles->fil_name[$i]);
}
} else {
if (file_exists("../files/" . $project . "/" . $listFiles->fil_name[$i])) {
deleteFile("files/" . $project . "/" . $listFiles->fil_name[$i]);
}
}
}
connectSql("{$tmpquery1}");
if ($sendto == "filedetails") {
headerFunction("../linkedcontent/viewfile.php?id=" . $listFiles->fil_vc_parent[0] . "&msg=deleteFile&" . session_name() . "=" . session_id());
} else {
if ($task != "0") {
headerFunction("../tasks/viewtask.php?id={$task}&msg=deleteFile&" . session_name() . "=" . session_id());
exit;
} else {
headerFunction("../projects/viewproject.php?id={$project}&msg=deleteFile&" . session_name() . "=" . session_id());
exit;
}
}
break;
case "update-breadcrumb":
displayBreadcrumbs($_POST["path"]);
break;
case "new-folder":
newFolder($_POST["path"]);
break;
case "delete-folder":
if (delTree("../" . $_POST["path"])) {
echo "success";
} else {
echo "500: Internal Server Error";
}
break;
case "delete-file":
deleteFile($_POST["path"]);
break;
case "edit-folder":
renameFileFolder("../" . $_POST["path"], $_POST["name"]);
break;
default:
DrawFileManager("files");
}
function DrawFileManager($path)
{
global $page;
include "modules/php/file-manager-modals.php";
//Avviso per gli utenti di versioni vecchie di IE
echo "<!--[if lte IE 9]>\n <div class='alert alert-danger' role='alert'>\n <i class='fa fa-exclamation-circle'></i> <b>Attenzione!</b>: Il browser Internet Explorer fino alla versione 10\n non supporta il caricamento dei file tramite AJAX. Si prega di utilizzare una versione aggiornata di\n <a href='http://windows.microsoft.com/it-it/internet-explorer/download-ie' target='_blank'>Internet Explorer</a>\n (10 o successiva) o un altro browser come <a href='https://www.mozilla.org/it/firefox/new/' target='_blank'>Mozilla Firefox</a>\n o <a href='http://www.google.it/intl/it/chrome/browser/' target='_blank'>Google Chrome</a>\n </div>\n <![endif]-->";
echo "<div class='btn-toolbar' role='toolbar'>";
echo "<div class='btn-group'>\n <button type='button' class='btn btn-success dropdown-toggle' data-toggle='dropdown'><span class='fa fa-plus'></span> Nuovo</button>\n <ul class='dropdown-menu' role='menu'>\n <li><a href='#' id='new-folder-command'><i class='fa fa-folder fa-fw'></i> Cartella</a></li>\n <li class='divider'></li>\n <li><a href='#' id='upload-file-command'><i class='fa fa-cloud-upload fa-fw'></i> Carica file</a></li>\n </ul>\n </div>";
