function run($dbi, $argstr, &$request, $basepage)
{
$this->allowed_extensions = explode("\n", "7z\navi\nbmp\nbz2\nc\ncfg\ndiff\ndoc\ndocx\nflv\ngif\nh\nics\nini\njpeg\njpg\nkmz\nmp3\nodg\nodp\nods\nodt\nogg\npatch\npdf\npng\nppt\npptx\nrar\nsvg\ntar\ntar.gz\ntxt\nxls\nxlsx\nxml\nxsd\nzip");
$this->disallowed_extensions = explode("\n", "ad[ep]\nasd\nba[st]\nchm\ncmd\ncom\ncgi\ncpl\ncrt\ndll\neml\nexe\nhlp\nhta\nin[fs]\nisp\njse?\nlnk\nmd[betw]\nms[cipt]\nnws\nocx\nops\npcd\np[ir]f\nphp\\d?\nphtml\npl\npy\nreg\nsc[frt]\nsh[bsm]?\nswf\nurl\nvb[esx]?\nvxd\nws[cfh]");
//removed "\{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}"
$args = $this->getArgs($argstr, $request);
extract($args);
$file_dir = getUploadFilePath();
$file_dir .= "/";
$form = HTML::form(array('action' => $request->getPostURL(), 'enctype' => 'multipart/form-data', 'method' => 'post'));
$contents = HTML::div(array('class' => 'wikiaction'));
$contents->pushContent(HTML::input(array('type' => 'hidden', 'name' => 'MAX_FILE_SIZE', 'value' => MAX_UPLOAD_SIZE)));
$contents->pushContent(HTML::input(array('name' => 'userfile', 'type' => 'file', 'size' => $size)));
if ($mode == 'edit') {
$contents->pushContent(HTML::input(array('name' => 'action', 'type' => 'hidden', 'value' => 'edit')));
$contents->pushContent(HTML::raw(" "));
$contents->pushContent(HTML::input(array('value' => _("Upload"), 'name' => 'edit[upload]', 'type' => 'submit')));
} else {
$contents->pushContent(HTML::raw(" "));
$contents->pushContent(HTML::input(array('value' => _("Upload"), 'type' => 'submit')));
}
$form->pushContent($contents);
$message = HTML();
if ($request->isPost() and $this->only_authenticated) {
// Make sure that the user is logged in.
$user = $request->getUser();
if (!$user->isAuthenticated()) {
if (defined('FUSIONFORGE') and FUSIONFORGE) {
$message->pushContent(HTML::div(array('class' => 'error'), HTML::p(_("You cannot upload files.")), HTML::ul(HTML::li(_("Check you are logged in.")), HTML::li(_("Check you are in the right project.")), HTML::li(_("Check you are a member of the current project.")))));
} else {
$message->pushContent(HTML::div(array('class' => 'error'), HTML::p(_("ACCESS DENIED: You must log in to upload files."))));
}
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
}
$userfile = $request->getUploadedFile('userfile');
if ($userfile) {
$userfile_name = $userfile->getName();
$userfile_name = trim(basename($userfile_name));
if (UPLOAD_USERDIR) {
$file_dir .= $request->_user->_userid;
if (!file_exists($file_dir)) {
mkdir($file_dir, 0775);
}
$file_dir .= "/";
$u_userfile = $request->_user->_userid . "/" . $userfile_name;
} else {
$u_userfile = $userfile_name;
}
$u_userfile = preg_replace("/ /", "%20", $u_userfile);
$userfile_tmpname = $userfile->getTmpName();
$err_header = HTML::div(array('class' => 'error'), HTML::p(fmt("ERROR uploading '%s'", $userfile_name)));
if (preg_match("/(\\." . join("|\\.", $this->disallowed_extensions) . ")(\\.|\$)/i", $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(fmt("Files with extension %s are not allowed.", join(", ", $this->disallowed_extensions))));
} elseif (!DISABLE_UPLOAD_ONLY_ALLOWED_EXTENSIONS and !preg_match("/(\\." . join("|\\.", $this->allowed_extensions) . ")\$/i", $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(fmt("Only files with the extension %s are allowed.", join(", ", $this->allowed_extensions))));
} elseif (preg_match("/[^._a-zA-Z0-9- ]/", strip_accents($userfile_name))) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(_("Invalid filename. File names may only contain alphanumeric characters and dot, underscore, space or dash.")));
} elseif (file_exists($file_dir . $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(fmt("There is already a file with name %s uploaded.", $u_userfile)));
} elseif ($userfile->getSize() > MAX_UPLOAD_SIZE) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(_("Sorry but this file is too big.")));
} elseif (move_uploaded_file($userfile_tmpname, $file_dir . $userfile_name) or IsWindows() and rename($userfile_tmpname, $file_dir . $userfile_name)) {
$interwiki = new PageType_interwikimap();
$link = $interwiki->link("Upload:{$u_userfile}");
$message->pushContent(HTML::div(array('class' => 'feedback'), HTML::p(_("File successfully uploaded.")), HTML::p($link)));
// the upload was a success and we need to mark this event in the "upload log"
if ($logfile) {
$upload_log = $file_dir . basename($logfile);
$this->log($userfile, $upload_log, $message);
}
if ($autolink) {
require_once "lib/loadsave.php";
$pagehandle = $dbi->getPage($page);
if ($pagehandle->exists()) {
// don't replace default contents
$current = $pagehandle->getCurrentRevision();
$version = $current->getVersion();
$text = $current->getPackedContent();
$newtext = $text . "\n* Upload:{$u_userfile}";
// don't inline images
$meta = $current->_data;
$meta['summary'] = sprintf(_("uploaded %s"), $u_userfile);
$pagehandle->save($newtext, $version + 1, $meta);
}
}
} else {
$message->pushContent($err_header);
$message->pushContent(HTML::br(), _("Uploading failed."), HTML::br());
}
} else {
$message->pushContent(HTML::br(), _("No file selected. Please select one."), HTML::br());
}
//$result = HTML::div( array( 'class' => 'wikiaction' ) );
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
function get_webserver_details(&$remote_path, &$remote_root, &$local_webserver, &$php_ini, &$extensions_dir, &$remote_url, &$server_name, &$sapi_name, &$php_version)
{
$php_ini = (string) get_cfg_var("cfg_file_path");
$php_version = (string) phpversion();
$server_name = server('SERVER_NAME');
$client_addr = get_client_address();
$local_webserver = $client_addr == server('SERVER_ADDR') || $server_name == 'localhost';
$port = server('SERVER_PORT');
$sapi_name = php_sapi_name();
$extensions_dir = ini_get('extension_dir');
$remote_path = normalize_path(dirname(__FILE__) . DIRECTORY_SEPARATOR);
$url_path = '';
if (isset($_SERVER['DOCUMENT_ROOT'])) {
$remote_root = normalize_path($_SERVER['DOCUMENT_ROOT']);
if (!empty($remote_root)) {
$ch = $remote_root[strlen($remote_root) - 1];
if ($ch !== '/' && $ch !== "\\") {
$remote_root = $remote_root . DIRECTORY_SEPARATOR;
}
}
$url_path = @strstr($remote_path, $remote_root);
$outside_of_root = $url_path === false;
if (!$outside_of_root) {
$url_path = substr($remote_path, strlen($remote_root));
} else {
$url_path = server('REQUEST_URI');
$r = strrpos($url_path, '/');
if ($r === false) {
$r = strlen($url_path);
}
$url_path = substr($url_path, 1, $r - 1);
}
if (!empty($url_path)) {
$ch = $url_path[strlen($url_path) - 1];
if ($ch !== '/' && $ch !== "\\") {
$url_path = $url_path . '/';
}
}
} else {
$remote_root = '';
$outside_of_root = true;
}
if (IsWindows()) {
$extensions_dir = str_replace("/", "\\", $extensions_dir);
$remote_root = str_replace("/", "\\", $remote_root);
$remote_path = str_replace("/", "\\", $remote_path);
}
$url_path = str_replace("\\", "/", $url_path);
$is_ssl = strtolower(server('HTTPS')) == 'on' || server('SERVER_PORT') == 443;
if (!empty($server_name)) {
$remote_url = ($is_ssl ? "https://" : "http://") . $server_name;
if (!empty($port) && !(!$is_ssl && $port == "80") && !($is_ssl && $port == 443)) {
$remote_url .= ':' . $port;
}
if (!$outside_of_root || !empty($url_path)) {
$remote_url .= '/' . $url_path;
} else {
if (empty($url_path)) {
$remote_url .= '/';
}
}
} else {
$remote_url = '';
}
}
function restartApache()
{
if (IsWindows() == true) {
$last_line = exec("C:\\ZPanel\\bin\\apache\\bin\\httpd.exe -k restart -n \"Apache\"", $return);
TriggerLog(1, $b = "Usage Limiter - Apache restart returned : " . print_r($return) . " : " . $last_line);
} else {
$last_line = system("/etc/zpanel/bin/zsudo service " . GetSystemOption('lsn_apache') . " graceful");
TriggerLog(1, $b = "Usage Limiter - Apache graceful returned : " . $last_line);
}
}
function run($dbi, $argstr, &$request, $basepage)
{
$disablemsg = HTML();
$disablemsg->pushContent(HTML::h2("Upload is temporarily disabled."), HTML::br());
return $disablemsg;
$this->disallowed_extensions = explode("\n", "ad[ep]\nasd\nba[st]\nchm\ncmd\ncom\ncgi\ncpl\ncrt\ndll\neml\nexe\nhlp\nhta\nin[fs]\nisp\njse?\nlnk\nmd[betw]\nms[cipt]\nnws\nocx\nops\npcd\np[ir]f\nphp\npl\npy\nreg\nsc[frt]\nsh[bsm]?\nswf\nurl\nvb[esx]?\nvxd\nws[cfh]");
//removed "\{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}"
$args = $this->getArgs($argstr, $request);
extract($args);
$file_dir = getUploadFilePath();
//$url_prefix = SERVER_NAME . DATA_PATH;
$form = HTML::form(array('action' => $request->getPostURL(), 'enctype' => 'multipart/form-data', 'method' => 'post'));
$contents = HTML::div(array('class' => 'wikiaction'));
$contents->pushContent(HTML::input(array('type' => 'hidden', 'name' => 'MAX_FILE_SIZE', 'value' => MAX_UPLOAD_SIZE)));
$contents->pushContent(HTML::input(array('name' => 'userfile', 'type' => 'file', 'size' => '50')));
$contents->pushContent(HTML::raw(" "));
$contents->pushContent(HTML::input(array('value' => _("Upload"), 'type' => 'submit')));
$form->pushContent($contents);
$message = HTML();
if ($request->isPost() and $this->only_authenticated) {
// Make sure that the user is logged in.
$user = $request->getUser();
if (!$user->isAuthenticated()) {
$message->pushContent(HTML::h2(_("ACCESS DENIED: You must log in to upload files.")), HTML::br(), HTML::br());
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
}
$userfile = $request->getUploadedFile('userfile');
if ($userfile) {
$userfile_name = $userfile->getName();
$userfile_name = trim(basename($userfile_name));
$userfile_tmpname = $userfile->getTmpName();
$err_header = HTML::h2(fmt("ERROR uploading '%s': ", $userfile_name));
if (preg_match("/(\\." . join("|\\.", $this->disallowed_extensions) . ")\$/", $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(fmt("Files with extension %s are not allowed.", join(", ", $this->disallowed_extensions)), HTML::br(), HTML::br());
} elseif (preg_match("/[^._a-zA-Z0-9-]/", $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(_("File names may only contain alphanumeric characters and dot, underscore or dash."), HTML::br(), HTML::br());
} elseif (file_exists($file_dir . $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(fmt("There is already a file with name %s uploaded.", $userfile_name), HTML::br(), HTML::br());
} elseif ($userfile->getSize() > MAX_UPLOAD_SIZE) {
$message->pushContent($err_header);
$message->pushContent(_("Sorry but this file is too big."), HTML::br(), HTML::br());
} elseif (move_uploaded_file($userfile_tmpname, $file_dir . $userfile_name) or IsWindows() and rename($userfile_tmpname, $file_dir . $userfile_name)) {
$interwiki = new PageType_interwikimap();
$link = $interwiki->link("Upload:{$userfile_name}");
$message->pushContent(HTML::h2(_("File successfully uploaded.")));
$message->pushContent(HTML::ul(HTML::li($link)));
// the upload was a success and we need to mark this event in the "upload log"
if ($logfile) {
$upload_log = $file_dir . basename($logfile);
$this->log($userfile, $upload_log, $message);
}
if ($autolink) {
require_once "lib/loadsave.php";
$pagehandle = $dbi->getPage($page);
if ($pagehandle->exists()) {
// don't replace default contents
$current = $pagehandle->getCurrentRevision();
$version = $current->getVersion();
$text = $current->getPackedContent();
$newtext = $text . "\n* [Upload:{$userfile_name}]";
$meta = $current->_data;
$meta['summary'] = sprintf(_("uploaded %s"), $userfile_name);
$pagehandle->save($newtext, $version + 1, $meta);
}
}
} else {
$message->pushContent($err_header);
$message->pushContent(HTML::br(), _("Uploading failed."), HTML::br());
}
} else {
$message->pushContent(HTML::br(), HTML::br());
}
//$result = HTML::div( array( 'class' => 'wikiaction' ) );
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
