filemanager.class.php
class for the filemanager.php connector
{
// You can insert your own code over here to check if the user is authorized.
// If you use a session variable, you've got to start the session first (session_start())
return true;
}
// @todo Work on plugins registration
// if (isset($config['plugin']) && !empty($config['plugin'])) {
// $pluginPath = 'plugins' . DIRECTORY_SEPARATOR . $config['plugin'] . DIRECTORY_SEPARATOR;
// require_once($pluginPath . 'filemanager.' . $config['plugin'] . '.config.php');
// require_once($pluginPath . 'filemanager.' . $config['plugin'] . '.class.php');
// $className = 'Filemanager'.strtoupper($config['plugin']);
// $fm = new $className($config);
// } else {
// $fm = new Filemanager($config);
// }
$fm = new Filemanager();
$response = '';
if (!auth()) {
$fm->error($fm->lang('AUTHORIZATION_REQUIRED'));
}
if (!isset($_GET)) {
$fm->error($fm->lang('INVALID_ACTION'));
} else {
if (isset($_GET['mode']) && $_GET['mode'] != '') {
switch ($_GET['mode']) {
default:
$fm->error($fm->lang('MODE_ERROR'));
break;
case 'getinfo':
if ($fm->getvar('path')) {
$response = $fm->getinfo();
/**
* @param string $path
* @throws FileDoNotExistsException
*/
public function __construct($path)
{
$filemanager = new Filemanager();
if (!$filemanager->fileExists($path)) {
throw new FileDoNotExistsException();
}
$this->path = $path;
}
public function __construct($config)
{
$return = parent::__construct($config);
require_once 'cloudfiles.php';
$auth = new CF_Authentication($this->config['rsc-username'], $this->config['rsc-apikey']);
$auth->authenticate();
$this->conn = new CF_Connection($auth);
if ($this->config['rsc-ssl_use_cabundle']) {
$this->conn->ssl_use_cabundle();
}
return $return;
}
public function _initialize($config)
{
if ( ! empty($config['overwrite']))
{
$this->overwrite = $config['overwrite'];
}
if ( ! empty($config['field_id']))
{
$this->field_id = $config['field_id'];
}
parent::_initialize($config);
}
public function __construct($get, $post, $files)
{
$this->rel_path = Filemanager::cleanPath($get['path']);
if ($this->rel_path != "/") {
$this->rel_path .= "/";
}
if (!empty($get['query'])) {
$this->query = $get['query'];
}
if (!empty($get['options'])) {
$this->foptions = $get['options'];
}
$this->root = $get['root'];
if ($this->isAbsPath($get['path'])) {
$this->path = Filemanager::cleanPath($get['path']);
} else {
$this->root .= '/';
$this->path = $this->root . Filemanager::cleanPath($get['path']);
}
// Search
if (!empty($post['search_string'])) {
$this->search_string = $post['search_string'];
}
if (!empty($post['search_file_type'])) {
$this->search_file_type = $post['search_file_type'];
}
// Create
if (!empty($get['type'])) {
$this->type = $get['type'];
}
// Modify\Create
if (!empty($get['new_name'])) {
$this->new_name = $get['new_name'];
}
foreach (array('content', 'mtime', 'patch') as $key) {
if (!empty($post[$key])) {
if (get_magic_quotes_gpc()) {
$this->{$key} = stripslashes($post[$key]);
} else {
$this->{$key} = $post[$key];
}
}
}
// Duplicate
if (!empty($get['destination'])) {
$get['destination'] = Filemanager::cleanPath($get['destination']);
if ($this->isAbsPath($get['path'])) {
$this->destination = $get['destination'];
} else {
$this->destination = $this->root . $get['destination'];
}
}
}
#NETCAT START
require_once 'filemanager.config.php';
#NETCAT END
require_once 'filemanager.class.php';
// @todo Work on plugins registration
// if (isset($config['plugin']) && !empty($config['plugin'])) {
// $pluginPath = 'plugins' . DIRECTORY_SEPARATOR . $config['plugin'] . DIRECTORY_SEPARATOR;
// require_once($pluginPath . 'filemanager.' . $config['plugin'] . '.config.php');
// require_once($pluginPath . 'filemanager.' . $config['plugin'] . '.class.php');
// $className = 'Filemanager'.strtoupper($config['plugin']);
// $fm = new $className($config);
// } else {
// $fm = new Filemanager($config);
// }
#NETCAT START
$fm = new Filemanager();
$fm->setFileRoot($SUB_FOLDER . $config['rel_path']);
#NETCAT END
$response = '';
if (!auth()) {
$fm->error($fm->lang('AUTHORIZATION_REQUIRED'));
}
if (!isset($_GET)) {
$fm->error($fm->lang('INVALID_ACTION'));
} else {
if (isset($_GET['mode']) && $_GET['mode'] != '') {
switch ($_GET['mode']) {
default:
$fm->error($fm->lang('MODE_ERROR'));
break;
case 'getinfo':
if (!$app['auth']->check()) {
$laravelAuth = false;
} else {
// Check if user has all access
if ($app['auth']->user()->accessMediasAll()) {
$laravelAuth = true;
} elseif (method_exists($app['auth']->user(), 'accessMediasFolder')) {
// Check if user has access to one folder
if ($app['auth']->user()->accessMediasFolder()) {
// Folder name with user id
$folderPath .= 'user' . $app['auth']->id();
$laravelAuth = true;
} else {
$laravelAuth = false;
}
} else {
$laravelAuth = false;
}
}
/**
* Check if user is authorized
*
*
* @return boolean true if access granted, false if no access
*/
function auth()
{
return $GLOBALS['laravelAuth'];
}
$fm = new Filemanager();
$fm->setFileRoot($folderPath, true);
global $authenticated;
// You can insert your own code over here to check if the user is authorized.
// If you use a session variable, you've got to start the session first (session_start())
return $authenticated;
}
// @todo Work on plugins registration
// if (isset($config['plugin']) && !empty($config['plugin'])) {
// $pluginPath = 'plugins' . DIRECTORY_SEPARATOR . $config['plugin'] . DIRECTORY_SEPARATOR;
// require_once($pluginPath . 'filemanager.' . $config['plugin'] . '.config.php');
// require_once($pluginPath . 'filemanager.' . $config['plugin'] . '.class.php');
// $className = 'Filemanager'.strtoupper($config['plugin']);
// $fm = new $className($config);
// } else {
// $fm = new Filemanager($config);
// }
$fm = new Filemanager();
if ($authenticated) {
$userDir = $session->get('mautic.imagepath', false);
$baseDir = $session->get('mautic.basepath', false);
$docRoot = $session->get('mautic.docroot', false);
if (substr($userDir, -1) !== '/') {
$userDir .= '/';
}
if ($baseDir && $baseDir != '/') {
if (substr($baseDir, 0, 1) == '/') {
$baseDir = substr($baseDir, 1);
}
if (substr($baseDir, -1) == '/') {
$baseDir = substr($baseDir, 0, -1);
}
if (substr($userDir, 0, 1) == '/') {
if ($app['auth']->user()->accessMediasAll()) {
$laravelAuth = true;
} elseif (method_exists($app['auth']->user(), 'accessMediasFolder')) {
// Check if user has access to one folder
if ($app['auth']->user()->accessMediasFolder()) {
// Folder name with user id
$folderPath .= 'user' . $app['auth']->id();
// Create folder if doesn't exist
if (!is_dir($folderPath)) {
mkdir($folderPath);
}
$laravelAuth = true;
} else {
$laravelAuth = false;
}
} else {
$laravelAuth = false;
}
}
/**
* Check if user is authorized.
*
*
* @return bool true if access granted, false if no access
*/
function auth()
{
return $GLOBALS['laravelAuth'];
}
$fm = new Filemanager();
$fm->setFileRoot($folderPath);
} else {
$doc_root = $_SERVER['DOCUMENT_ROOT'];
}
include $doc_root . '/vars.inc.php';
$type = str_replace('.', '', substr($_REQUEST['img'], -4));
$info = parse_url($_REQUEST['img']);
parse_str($info['query']);
$img_src = str_replace('//', '/', $doc_root . $HTTP_FILES_PATH . "userfiles" . $path);
//$img_src = $doc_root.
// start netcat & fm
require_once './inc/filemanager.inc.php';
#NETCAT START
require_once 'filemanager.config.php';
#NETCAT END
require_once 'filemanager.class.php';
$fm = new Filemanager();
if (!auth()) {
$fm->error($fm->lang('AUTHORIZATION_REQUIRED'));
return false;
}
$x = $_REQUEST['x'];
$y = $_REQUEST['y'];
$w = $_REQUEST['w'];
$h = $_REQUEST['h'];
$cropped_img = img_helper::crop($img_src, $x, $y, $w, $h);
if (img_helper::save($cropped_img, $img_src, $type) !== false) {
// make new thumbnail
$fm->setFileRoot($SUB_FOLDER . $config['rel_path']);
$fm->get_thumbnail($img_src, true);
return true;
}
require_once '../project/controller.php';
}
//////////////////////////////////////////////////////////////////
// Security Check
//////////////////////////////////////////////////////////////////
if (!checkPath($_GET['path'])) {
die('{"status":"error","message":"Invalid Path"}');
}
//////////////////////////////////////////////////////////////////
// Define Root
//////////////////////////////////////////////////////////////////
$_GET['root'] = WORKSPACE;
//////////////////////////////////////////////////////////////////
// Handle Action
//////////////////////////////////////////////////////////////////
$Filemanager = new Filemanager($_GET, $_POST, $_FILES);
$Filemanager->project = @$_SESSION['project']['path'];
switch ($action) {
case 'index':
$Filemanager->index();
break;
case 'search':
$Filemanager->search();
break;
case 'find':
$Filemanager->find();
break;
case 'open':
$Filemanager->open();
break;
case 'open_in_browser':
{
// You can insert your own code over here to check if the user is authorized.
// If you use a session variable, you've got to start the session first (session_start())
return !empty($_SESSION['_sf2_attributes']['mautic.user']);
}
// @todo Work on plugins registration
// if (isset($config['plugin']) && !empty($config['plugin'])) {
// $pluginPath = 'plugins' . DIRECTORY_SEPARATOR . $config['plugin'] . DIRECTORY_SEPARATOR;
// require_once($pluginPath . 'filemanager.' . $config['plugin'] . '.config.php');
// require_once($pluginPath . 'filemanager.' . $config['plugin'] . '.class.php');
// $className = 'Filemanager'.strtoupper($config['plugin']);
// $fm = new $className($config);
// } else {
// $fm = new Filemanager($config);
// }
$fm = new Filemanager();
if (isset($_SESSION['_sf2_attributes'])) {
$userDir = $_SESSION['_sf2_attributes']['mautic.imagepath'];
$baseDir = $_SESSION['_sf2_attributes']['mautic.basepath'];
if (substr($userDir, -1) !== '/') {
$userDir .= '/';
}
if ($baseDir && $baseDir != '/') {
if (substr($baseDir, 0, 1) == '/') {
$baseDir = substr($baseDir, 1);
}
if (substr($baseDir, -1) == '/') {
$baseDir = substr($baseDir, 0, -1);
}
if (substr($userDir, 0, 1) == '/') {
$userDir = substr($userDir, 1);
/**
* Prepare to handle FileManager API requests
*
* Construct an AmazonS3 Service instance then configure configure paths, etc.
*
* @param type $config plugin specific configuration
*
* @todo throw error if keys are not set
*/
public function __construct($config)
{
parent::__construct($config);
// Configure instance
$this->configure($this->config);
}
/**
*
* Move Uploaded File
*
* It enclose functions to check if file is from a POST or GET and
* have a few more saftey measures.
*
* ALL FILES WILL BE UPLOADED TO RAW Location
*
* @param String $tempLocation Location of Uploaded file
* @param String $name for File
*/
public static function upload($tempLocation, $name)
{
// If no Location is specified return false
if (!$tempLocation || !$name) {
return false;
}
// If to Directory is writable
if (!is_writable(RAWMEDIAPATH)) {
return false;
}
//If AWS config exist try to move to S3
if (Config::get('s3/key') && Config::get('s3/secret')) {
$temp = sys_get_temp_dir() . '/';
move_uploaded_file($tempLocation, $temp . $name);
if (Filemanager::MoveToS3($temp . $name, 'rawfile/' . $name, 1)) {
unlink($temp . $name);
return true;
}
}
// Move File
if (move_uploaded_file($tempLocation, RAWMEDIAPATH . $name)) {
return true;
}
}
