function ew_UploadPathEx($PhyPath, $DestPath)
{
global $EW_ROOT_RELATIVE_PATH;
if ($PhyPath) {
$Path = ew_PathCombine(ew_AppRoot(), str_replace("/", EW_PATH_DELIMITER, $DestPath), TRUE);
} else {
$Path = ew_PathCombine($EW_ROOT_RELATIVE_PATH, $DestPath, FALSE);
}
return ew_IncludeTrailingDelimiter($Path, $PhyPath);
}
function ew_UploadPathEx($PhyPath, $DestPath)
{
if ($PhyPath) {
$Path = ew_PathCombine(ew_AppRoot(), str_replace("/", EW_PATH_DELIMITER, $DestPath), TRUE);
} else {
$Path = ew_ScriptName();
$Path = substr($Path, 0, strrpos($Path, "/"));
$Path = ew_PathCombine($Path, EW_ROOT_RELATIVE_PATH, FALSE);
$Path = ew_PathCombine(ew_IncludeTrailingDelimiter($Path, FALSE), $DestPath, FALSE);
}
return ew_IncludeTrailingDelimiter($Path, $PhyPath);
}
include_once "ewmysql9.php";
include_once "phpfn9.php";
// Get resize parameters
$resize = @$_GET["resize"] != "";
$width = @$_GET["width"] != "" ? $_GET["width"] : 0;
$height = @$_GET["height"] != "" ? $_GET["height"] : 0;
if (@$_GET["width"] == "" && @$_GET["height"] == "") {
$width = EW_THUMBNAIL_DEFAULT_WIDTH;
$height = EW_THUMBNAIL_DEFAULT_HEIGHT;
}
$quality = @$_GET["quality"] != "" ? $_GET["quality"] : EW_THUMBNAIL_DEFAULT_QUALITY;
// Resize image from physical file
if (@$_GET["fn"] != "") {
$fn = ew_StripSlashes($_GET["fn"]);
$fn = str_replace("", "", $fn);
$fn = ew_PathCombine(ew_AppRoot(), $fn, TRUE);
// P7
if (file_exists($fn) || fopen($fn, "rb") !== FALSE) {
// Allow remote file
$pathinfo = pathinfo($fn);
$ext = strtolower($pathinfo['extension']);
if (in_array($ext, explode(',', EW_IMAGE_ALLOWED_FILE_EXT))) {
$size = getimagesize($fn);
if ($size) {
header("Content-type: {$size['mime']}");
}
echo ew_ResizeFileToBinary($fn, $width, $height, $quality);
}
}
exit;
} else {
function Page_Main()
{
global $conn;
$GLOBALS["Page"] =& $this;
//**$conn = ew_Connect();
// Get fn / table name parameters
$key = EW_RANDOM_KEY . session_id();
$fn = @$_GET["fn"] != "" ? ew_StripSlashes($_GET["fn"]) : "";
if ($fn != "" && EW_ENCRYPT_FILE_PATH) {
$fn = ew_Decrypt($fn, $key);
}
$table = @$_GET["t"] != "" ? ew_StripSlashes($_GET["t"]) : "";
if ($table != "" && EW_ENCRYPT_FILE_PATH) {
$table = ew_Decrypt($table, $key);
}
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
exit;
}
// No permission
// Global Page Loading event (in userfn*.php)
//**Page_Loading();
// Get resize parameters
$resize = @$_GET["resize"] != "";
$width = @$_GET["width"] != "" ? $_GET["width"] : 0;
$height = @$_GET["height"] != "" ? $_GET["height"] : 0;
if (@$_GET["width"] == "" && @$_GET["height"] == "") {
$width = EW_THUMBNAIL_DEFAULT_WIDTH;
$height = EW_THUMBNAIL_DEFAULT_HEIGHT;
}
// Resize image from physical file
if ($fn != "") {
$fn = str_replace("", "", $fn);
$info = pathinfo($fn);
$fn = ew_PathCombine(ew_AppRoot(), $info["dirname"], TRUE) . $info["basename"];
if (file_exists($fn) || @fopen($fn, "rb") !== FALSE) {
// Allow remote file
if (ob_get_length()) {
ob_end_clean();
}
$pathinfo = pathinfo($fn);
$ext = strtolower(@$pathinfo["extension"]);
$ct = ew_ContentType("", $fn);
if ($ct != "") {
header("Content-type: " . $ct);
}
if (in_array($ext, explode(",", EW_IMAGE_ALLOWED_FILE_EXT))) {
$size = @getimagesize($fn);
if ($size) {
header("Content-type: {$size['mime']}");
}
if ($width > 0 || $height > 0) {
echo ew_ResizeFileToBinary($fn, $width, $height);
} else {
echo file_get_contents($fn);
}
} elseif (in_array($ext, explode(",", EW_DOWNLOAD_ALLOWED_FILE_EXT))) {
echo file_get_contents($fn);
}
}
}
// Global Page Unloaded event (in userfn*.php)
//**Page_Unloaded();
// Close connection
//**ew_CloseConn();
}
function ew_GetUrl($url)
{
global $EW_RELATIVE_PATH;
if ($url != "" && strpos($url, "://") === FALSE && strpos($url, "\\") === FALSE && strpos($url, "javascript:") === FALSE) {
$path = "";
if (strrpos($url, "/") !== FALSE) {
$path = substr($url, 0, strrpos($url, "/"));
$url = substr($url, strrpos($url, "/") + 1);
}
$path = ew_PathCombine($EW_RELATIVE_PATH, $path, FALSE);
if ($path != "") {
$path = ew_IncludeTrailingDelimiter($path, FALSE);
}
return $path . $url;
} else {
return $url;
}
}
function ew_ServerMapPath($Path)
{
return ew_PathCombine(ew_AppRoot(), $Path, TRUE);
}
$path = ew_UploadPathEx(FALSE, $EW_RELATIVE_PATH);
// Application root
$path = ew_PathCombine($path, EW_UPLOAD_DEST_PATH, FALSE);
// Global upload folder
$path = ew_PathCombine($path, 'userfiles/', FALSE);
// User files folder under global upload folder
$Config['UserFilesPath'] = $path;
// Fill the following value it you prefer to specify the absolute path for the
// user files directory. Useful if you are using a virtual directory, symbolic
// link or alias. Examples: 'C:\\MySite\\userfiles\\' or '/root/mysite/userfiles/'.
// Attention: The above 'UserFilesPath' must point to the same directory.
$path = ew_PathCombine(realpath($EW_ROOT_RELATIVE_PATH), $EW_RELATIVE_PATH, TRUE);
// Application root
$path = ew_PathCombine($path, EW_UPLOAD_DEST_PATH, TRUE);
// Global upload folder
$path = ew_PathCombine($path, 'userfiles/', TRUE);
// User files folder under global upload folder
$Config['UserFilesAbsolutePath'] = $path;
// Due to security issues with Apache modules, it is recommended to leave the
// following setting enabled.
$Config['ForceSingleExtension'] = true;
// Perform additional checks for image files.
// If set to true, validate image size (using getimagesize).
$Config['SecureImageUploads'] = true;
// What the user can do with this connector.
$Config['ConfigAllowedCommands'] = array('QuickUpload', 'FileUpload', 'GetFolders', 'GetFoldersAndFiles', 'CreateFolder');
// Allowed Resource Types.
$Config['ConfigAllowedTypes'] = array('File', 'Image', 'Flash', 'Media');
// For security, HTML is allowed in the first Kb of data for files having the
// following extensions only.
$Config['HtmlExtensions'] = array("html", "htm", "xml", "xsd", "txt", "js");