/** * handle request and build XML * @access protected * */ function buildXml() { $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); $_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig(); $sNewFolderName = isset($_POST["newFolderName"]) ? $_POST["newFolderName"] : ""; $sNewFolderName = CKEditor_Connector_Utils_FileSystem::convertToFilesystemEncoding($sNewFolderName); if (!CKEditor_Connector_Utils_FileSystem::checkFileName($sNewFolderName)) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_NAME); } $sServerDir = CKEditor_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $sNewFolderName); if (!is_writeable($this->_currentFolder->getServerPath())) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); } $bCreated = false; if (file_exists($sServerDir)) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ALREADY_EXIST); } if ($perms = $_config->getChmodFolders()) { $oldUmask = umask(0); $bCreated = @mkdir($sServerDir, $perms); umask($oldUmask); } else { $bCreated = @mkdir($sServerDir); } if (!$bCreated) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); } else { $oNewFolderNode = new CKEditor_Connector_Utils_XmlNode("NewFolder"); $this->_connectorNode->addChild($oNewFolderNode); $oNewFolderNode->addAttribute("name", CKEditor_Connector_Utils_FileSystem::convertToConnectorEncoding($sNewFolderName)); } }
function __construct() { if (isset($_GET["type"])) { $this->_resourceTypeName = (string) $_GET["type"]; } if (isset($_GET["currentFolder"])) { $this->_clientPath = CKEditor_Connector_Utils_FileSystem::convertToFilesystemEncoding((string) $_GET["currentFolder"]); } if (!strlen($this->_clientPath)) { $this->_clientPath = "/"; } else { if (substr($this->_clientPath, -1, 1) != "/") { $this->_clientPath .= "/"; } if (substr($this->_clientPath, 0, 1) != "/") { $this->_clientPath = "/" . $this->_clientPath; } } }
/** * send response (save uploaded file) * @access public * */ function sendResponse() { $iErrorNumber = CKEDITOR_CONNECTOR_ERROR_NONE; $oRegistry =& CKEditor_Connector_Core_Factory::getInstance("Core_Registry"); $oRegistry->set("FileUpload_fileName", "unknown file"); $uploadedFile = array_shift($_FILES); if (!isset($uploadedFile['name'])) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_INVALID); } $sFileName = CKEditor_Connector_Utils_FileSystem::convertToFilesystemEncoding(basename($uploadedFile['name'])); $oRegistry->set("FileUpload_fileName", $sFileName); $this->checkConnector(); $this->checkRequest(); if (!CKEditor_Connector_Utils_FileSystem::checkFileName($sFileName)) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_NAME); } $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); $_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig(); $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); if (!$resourceTypeInfo->checkExtension($sFileName)) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_EXTENSION); } $sFileNameOrginal = $sFileName; $oRegistry->set("FileUpload_fileName", $sFileName); $htmlExtensions = $_config->getHtmlExtensions(); $sExtension = CKEditor_Connector_Utils_FileSystem::getExtension($sFileNameOrginal); if ($htmlExtensions && !CKEditor_Connector_Utils_Misc::inArrayCaseInsensitive($sExtension, $htmlExtensions) && ($detectHtml = CKEditor_Connector_Utils_FileSystem::detectHtml($uploadedFile['tmp_name'])) === true) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE); } $sExtension = CKEditor_Connector_Utils_FileSystem::getExtension($sFileNameOrginal); $secureImageUploads = $_config->getSecureImageUploads(); if ($secureImageUploads && ($isImageValid = CKEditor_Connector_Utils_FileSystem::isImageValid($uploadedFile['tmp_name'], $sExtension)) === false) { $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_CORRUPT); } switch ($uploadedFile['error']) { case UPLOAD_ERR_OK: break; case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_TOO_BIG); break; case UPLOAD_ERR_PARTIAL: case UPLOAD_ERR_NO_FILE: $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_CORRUPT); break; case UPLOAD_ERR_NO_TMP_DIR: $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_NO_TMP_DIR); break; case UPLOAD_ERR_CANT_WRITE: $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); break; case UPLOAD_ERR_EXTENSION: $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); break; } $sServerDir = $this->_currentFolder->getServerPath(); $iCounter = 0; while (true) { $sFilePath = CKEditor_Connector_Utils_FileSystem::combinePaths($sServerDir, $sFileName); if (file_exists($sFilePath)) { $iCounter++; $sFileName = CKEditor_Connector_Utils_FileSystem::getFileNameWithoutExtension($sFileNameOrginal) . "(" . $iCounter . ")" . "." . CKEditor_Connector_Utils_FileSystem::getExtension($sFileNameOrginal); $oRegistry->set("FileUpload_fileName", $sFileName); $iErrorNumber = CKEDITOR_CONNECTOR_ERROR_UPLOADED_FILE_RENAMED; } else { if (false === move_uploaded_file($uploadedFile['tmp_name'], $sFilePath)) { $iErrorNumber = CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED; } else { if (isset($detectHtml) && $detectHtml === -1 && CKEditor_Connector_Utils_FileSystem::detectHtml($sFilePath) === true) { @unlink($sFilePath); $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE); } else { if (isset($isImageValid) && $isImageValid === -1 && CKEditor_Connector_Utils_FileSystem::isImageValid($sFilePath, $sExtension) === false) { @unlink($sFilePath); $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_CORRUPT); } } } if (is_file($sFilePath) && ($perms = $_config->getChmodFiles())) { $oldumask = umask(0); chmod($sFilePath, $perms); umask($oldumask); } break; } } $this->_errorHandler->throwError($iErrorNumber, $sFileName, false); }