$buffer = fread($fp, filesize(DIR_FS_BACKUP . $HTTP_GET_VARS['file'])); fclose($fp); header('Content-type: application/x-octet-stream'); header('Content-disposition: attachment; filename=' . $HTTP_GET_VARS['file']); echo $buffer; exit; } } else { $messageStack->add(ERROR_DOWNLOAD_LINK_NOT_ACCEPTABLE, 'error'); } break; case 'deleteconfirm': if (strstr($HTTP_GET_VARS['file'], '..')) { tep_redirect(tep_href_link(FILENAME_BACKUP)); } tep_remove(DIR_FS_BACKUP . '/' . $HTTP_GET_VARS['file']); if (!$tep_remove_error) { $messageStack->add_session(SUCCESS_BACKUP_DELETED, 'success'); tep_redirect(tep_href_link(FILENAME_BACKUP)); } break; } } // check if the backup directory exists $dir_ok = false; if (is_dir(DIR_FS_BACKUP)) { if (is_writeable(DIR_FS_BACKUP)) { $dir_ok = true; } else { $messageStack->add(ERROR_BACKUP_DIRECTORY_NOT_WRITEABLE, 'error'); }
function tep_remove($source) { global $messageStack, $tep_remove_error; if (isset($tep_remove_error)) { $tep_remove_error = false; } if (is_dir($source)) { $dir = dir($source); while ($file = $dir->read()) { if ($file != '.' && $file != '..') { if (tep_is_writable($source . '/' . $file)) { tep_remove($source . '/' . $file); } else { $messageStack->add(sprintf(ERROR_FILE_NOT_REMOVEABLE, $source . '/' . $file), 'error'); $tep_remove_error = true; } } } $dir->close(); if (tep_is_writable($source)) { rmdir($source); } else { $messageStack->add(sprintf(ERROR_DIRECTORY_NOT_REMOVEABLE, $source), 'error'); $tep_remove_error = true; } } else { if (tep_is_writable($source)) { unlink($source); } else { $messageStack->add(sprintf(ERROR_FILE_NOT_REMOVEABLE, $source), 'error'); $tep_remove_error = true; } } }
$buffer = fread($fp, filesize(DIR_FS_BACKUP . basename($HTTP_GET_VARS['file']))); fclose($fp); header('Content-type: application/x-octet-stream'); header('Content-disposition: attachment; filename=' . basename($HTTP_GET_VARS['file'])); echo $buffer; die; } } else { $messageStack->add(ERROR_DOWNLOAD_LINK_NOT_ACCEPTABLE, 'error'); } break; case 'deleteconfirm': if (strstr($HTTP_GET_VARS['file'], '..')) { tep_redirect(tep_href_link(FILENAME_BACKUP)); } tep_remove(DIR_FS_BACKUP . '/' . basename($HTTP_GET_VARS['file'])); if (!$tep_remove_error) { $messageStack->add_session(SUCCESS_BACKUP_DELETED, 'success'); tep_redirect(tep_href_link(FILENAME_BACKUP)); } break; } } // check if the backup directory exists $dir_ok = false; if (is_dir(DIR_FS_BACKUP)) { if (is_writeable(DIR_FS_BACKUP)) { $dir_ok = true; } else { $messageStack->add(ERROR_BACKUP_DIRECTORY_NOT_WRITEABLE, 'error'); }
$buffer = fread($fp, filesize(DIR_FS_BACKUP . $_GET['file'])); fclose($fp); header('Content-type: application/x-octet-stream'); header('Content-disposition: attachment; filename=' . $_GET['file']); echo $buffer; exit; } } else { $messageStack->add(ERROR_DOWNLOAD_LINK_NOT_ACCEPTABLE, 'error'); } break; case 'deleteconfirm': if (strstr($_GET['file'], '..')) { tep_redirect(tep_href_link(FILENAME_BACKUP)); } tep_remove(DIR_FS_BACKUP . '/' . $_GET['file']); if (!$tep_remove_error) { $messageStack->add_session(SUCCESS_BACKUP_DELETED, 'success'); tep_redirect(tep_href_link(FILENAME_BACKUP)); } break; } } // check if the backup directory exists $dir_ok = false; if (is_dir(DIR_FS_BACKUP)) { if (is_writeable(DIR_FS_BACKUP)) { $dir_ok = true; } else { $messageStack->add(ERROR_BACKUP_DIRECTORY_NOT_WRITEABLE, 'error'); }
} if (!ereg('^' . DIR_FS_DOCUMENT_ROOT, $current_path)) { $current_path = DIR_FS_DOCUMENT_ROOT; } $action = isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''; if (tep_not_null($action)) { switch ($action) { case 'reset': tep_session_unregister('current_path'); tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); break; case 'deleteconfirm': if (strstr($HTTP_GET_VARS['info'], '..')) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); } tep_remove($current_path . '/' . $HTTP_GET_VARS['info']); if (!$tep_remove_error) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); } break; case 'insert': if (mkdir($current_path . '/' . $HTTP_POST_VARS['folder_name'], 0777)) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode($HTTP_POST_VARS['folder_name']))); } break; case 'save': if ($fp = fopen($current_path . '/' . $HTTP_POST_VARS['filename'], 'w+')) { fputs($fp, stripslashes($HTTP_POST_VARS['file_contents'])); fclose($fp); tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode($HTTP_POST_VARS['filename']))); }
if (strpos(DIR_FS_CATALOG . 'images', $real_path) === false) { $current_path = 'images'; } $real_path = DIR_FS_CATALOG . $current_path; $action = isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''; if (tep_not_null($action)) { switch ($action) { case 'reset': tep_session_unregister('current_path'); tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); break; case 'deleteconfirm': if (strstr($HTTP_GET_VARS['info'], '..')) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); } tep_remove($real_path . '/' . $HTTP_GET_VARS['info']); if (!$tep_remove_error) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); } break; case 'insert': if (mkdir($real_path . '/' . $HTTP_POST_VARS['folder_name'], 0777)) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode($HTTP_POST_VARS['folder_name']))); } break; case 'save': if ($fp = fopen($real_path . '/' . $HTTP_POST_VARS['filename'], 'w+')) { fputs($fp, stripslashes($HTTP_POST_VARS['file_contents'])); fclose($fp); tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode($HTTP_POST_VARS['filename']))); }
} if (!ereg('^' . DIR_FS_DOCUMENT_ROOT, $current_path)) { $current_path = DIR_FS_DOCUMENT_ROOT; } $action = isset($_GET['action']) ? $_GET['action'] : ''; if (tep_not_null($action)) { switch ($action) { case 'reset': tep_session_unregister('current_path'); tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); break; case 'deleteconfirm': if (strstr($_GET['info'], '..')) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); } tep_remove($current_path . '/' . $_GET['info']); if (!$tep_remove_error) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); } break; case 'insert': if (mkdir($current_path . '/' . $_POST['folder_name'], 0777)) { tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode($_POST['folder_name']))); } break; case 'save': if ($fp = fopen($current_path . '/' . $_POST['filename'], 'w+')) { fputs($fp, stripslashes($_POST['file_contents'])); fclose($fp); tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode($_POST['filename']))); }
$buffer = fread($fp, filesize(DIR_FS_BACKUP . basename($_GET['file']))); fclose($fp); header('Content-type: application/x-octet-stream'); header('Content-disposition: attachment; filename=' . basename($_GET['file'])); echo $buffer; exit; } } else { $osC_MessageStack->add('header', ERROR_DOWNLOAD_LINK_NOT_ACCEPTABLE, 'error'); } } break; case 'deleteconfirm': if (isset($_GET['file'])) { if (file_exists(DIR_FS_BACKUP . basename($_GET['file']))) { tep_remove(DIR_FS_BACKUP . basename($_GET['file'])); if (!$tep_remove_error) { $osC_MessageStack->add_session('header', SUCCESS_BACKUP_DELETED, 'success'); tep_redirect(tep_href_link(FILENAME_BACKUP)); } } } break; } } // check if the backup directory exists $dir_ok = false; if (is_dir(DIR_FS_BACKUP)) { if (is_writeable(DIR_FS_BACKUP)) { $dir_ok = true; } else {
if (substr($current_path, 0, strlen(OSC_ADMIN_FILE_MANAGER_ROOT_PATH)) != OSC_ADMIN_FILE_MANAGER_ROOT_PATH || is_dir($current_path) === false) { $current_path = OSC_ADMIN_FILE_MANAGER_ROOT_PATH; $osC_Session->set('fm_directory', $current_path); } $action = isset($_GET['action']) ? $_GET['action'] : ''; if (!empty($action)) { switch ($action) { case 'reset': $osC_Session->remove('fm_directory'); tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); break; case 'deleteconfirm': if (isset($_GET['entry']) && !empty($_GET['entry'])) { $target = $current_path . '/' . basename($_GET['entry']); if (is_writeable($target)) { tep_remove($target); } else { if (is_file($target)) { $osC_MessageStack->add_session('header', sprintf(ERROR_FILE_NOT_WRITEABLE, $target), 'error'); } else { $osC_MessageStack->add_session('header', sprintf(ERROR_DIRECTORY_NOT_WRITEABLE, $target), 'error'); } } } tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); break; case 'new_directory': if (isset($_POST['directory_name']) && !empty($_POST['directory_name'])) { if (is_writeable($current_path)) { $new_directory = $current_path . '/' . basename($_POST['directory_name']); if (file_exists($new_directory) === false) {