under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. */ require "../../Group-Office.php"; //load file management class $GO_SECURITY->authenticate(); $GO_MODULES->authenticate('filesystem'); require $GO_CONFIG->class_path . 'filetypes.class.inc'; require_once $GO_CONFIG->class_path . 'filesystem.class.inc'; require_once 'group_folders.inc'; $fs = new filesystem(); $filetypes = new filetypes(); $path = smartstrip($_REQUEST['path']); $group_folders = get_group_folders($GO_SECURITY->user_id, 0); if (is_group_folder($group_folders, $path) || $fs->has_read_permission($GO_SECURITY->user_id, $path) || $fs->has_write_permission($GO_SECURITY->user_id, $path)) { $filename = basename($path); $extension = get_extension($filename); $type = $filetypes->get_type($extension); $browser = detect_browser(); header('Content-Type: ' . $type['mime']); header('Content-Length: ' . filesize($path)); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); if ($browser['name'] == 'MSIE') { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . $filename . '"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); } else { header('Content-Type: ' . $type['mime']); header('Pragma: no-cache');
$fs_settings = $fs->get_settings($GO_SECURITY->user_id); //define task to peform $task = isset($_REQUEST['task']) ? $_REQUEST['task'] : ''; $_SESSION['cut_files'] = isset($_SESSION['cut_files']) ? $_SESSION['cut_files'] : array(); $_SESSION['cut_folders'] = isset($_SESSION['cut_folders']) ? $_SESSION['cut_folders'] : array(); $_SESSION['copy_folders'] = isset($_SESSION['copy_folders']) ? $_SESSION['copy_folders'] : array(); $_SESSION['copy_files'] = isset($_SESSION['copy_files']) ? $_SESSION['copy_files'] : array(); //vars used to remember files that are to be overwritten or not $overwrite_destination_path = isset($_POST['overwrite_destination_path']) ? smartstrip($_POST['overwrite_destination_path']) : ''; $overwrite_source_path = isset($_POST['overwrite_source_path']) ? smartstrip($_POST['overwrite_source_path']) : ''; $overwrite_all = isset($_POST['overwrite_all']) && $_POST['overwrite_all'] == 'true' ? 'true' : 'false'; $overwrite = isset($_POST['overwrite']) ? $_POST['overwrite'] : $overwrite_all; require_once 'group_folders.inc'; $group_folders = get_group_folders($GO_SECURITY->user_id, 0); $read_permission = $write_permission = true; if (!is_group_folder($group_folders, $path)) { //check read permissions and remember last browsed path $read_permission = $fs->has_read_permission($GO_SECURITY->user_id, $path); $write_permission = $fs->has_write_permission($GO_SECURITY->user_id, $path); } if (!$read_permission && !$write_permission) { $_SESSION['GO_FILESYSTEM_PATH'] = $home_path; $task = 'access_denied'; } else { if ($GO_CONFIG->window_mode != 'projects') { $_SESSION['GO_FILESYSTEM_PATH'] = $path; } } //cut paste or copy before output has started switch ($task) { case 'upload':