/** * @param null $src * @param array $params * @return expController * */ function __construct($src = null, $params = array()) { // setup some basic information about this class $this->classinfo = new ReflectionClass($this); $this->classname = $this->classinfo->getName(); $this->baseclassname = substr($this->classinfo->getName(), 0, -10); $this->filepath = __realpath($this->classinfo->getFileName()); // figure out which "module" we belong to and setup view path information $controllerpath = explode('/', $this->filepath); $this->module_name = $controllerpath[count($controllerpath) - 2]; // set up the path to this module view files array_pop($controllerpath); $controllerpath[count($controllerpath) - 1] = 'views'; array_push($controllerpath, $this->baseclassname); $this->relative_viewpath = implode('/', array_slice($controllerpath, -3, 3)); $this->viewpath = BASE . 'framework/modules/' . $this->relative_viewpath; //grab the path to the module's assets array_pop($controllerpath); $controllerpath[count($controllerpath) - 1] = 'assets'; $this->asset_path = PATH_RELATIVE . 'framework/' . implode('/', array_slice($controllerpath, -3, 3)) . "/"; // figure out which model we're using and setup some info about it if (empty($this->basemodel_name)) { $this->basemodel_name = get_model_for_controller($this->classname); } $modelname = $this->basemodel_name; if (class_exists($modelname)) { $this->{$modelname} = new $modelname(null, false, false); $this->model_table = $this->{$modelname}->tablename; } else { $this->basemodel_name = 'expRecord'; $this->{$modelname} = new expRecord(null, false, false); $this->model_table = null; } // set the location data $this->loc = expCore::makeLocation($this->baseclassname, $src, null); // get this controllers config data if there is any $config = new expConfig($this->loc); $this->config = $config->config; $this->params = $params; }
/** * Return size and mimetype information about an image file, * given its path/filename. This is a wrapper around the * built-in PHP 'getimagesize' function, to make all implementations * work identically. * * @static * @access public * * @uses function getimagesize() Built-in PHP function * * @PHPUnit Not Defined|Implement|Completed * * @param bool|string $_path Full path to file to pull info from * * @return array $_sizeinfo An array of Image File info * @return array $error message Error message@throws void * */ public static function getImageInfo($_path = false) { $_path = __realpath($_path); if (!file_exists($_path)) { return self::IMAGE_ERR_FILENOTFOUND; } if (!is_readable($_path)) { return self::IMAGE_ERR_PERMISSIONDENIED; } if ($_sizeinfo = @getimagesize($_path)) { $_sizeinfo['is_image'] = true; if (!isset($_sizeinfo['mime'])) { // In case this implementation of getimagesize doesn't discover // the mime type $_types = array('jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'gif' => 'image/gif', 'png' => 'image/png'); $_fileData = pathinfo($_path); $_sizeinfo['mime'] = $_types[$_fileData['extension']]; } } else { $_sizeinfo['is_image'] = false; } $_sizeinfo['fileSize'] = self::fileSize($_path); return $_sizeinfo; }
require_once "../security.php"; ?> <html> <head> <title><?php echo isset($KT_Messages["Upload File"]) ? $KT_Messages["Upload File"] : "Upload File"; ?> </title> <link href="../styles/main.css" rel="stylesheet" type="text/css"> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <?php if ($secTest && $sessionTest) { if ($HTTP_GET_VARS['currentPath'] != "") { $the_path = __realpath($KT_PATH_VAR . "/" . urldecode($HTTP_GET_VARS['currentPath']), 1); } else { $the_path = __realpath($KT_PATH_VAR, 1); } // array containing permitted mime types $allowed_types = array("application/x-shockwave-flash", "application/octet-stream", "application/vnd.ms-powerpoint", "application/vnd.ms-excel", "application/vnd.sun.xml.calc", "application/vnd.sun.xml.writer", "application/vnd.sun.xml.impress", "application/vnd.sun.xml.draw", "application/exe", "application/cab", "application/x-exe", "application/dos-exe", "application/pdf", "application/postscript", "application/x-pdf", "application/msword", "application/mspowerpoint", "application/msexcell", "application/rtf", "application/z", "application/x-z", "application/arj", "application/x-arj", "application/zip", "application/lzh", "application/lha", "application/x-lzh", "application/x-lha", "application/x-compress", "application/x-compressed", "application/x-lzh-archive", "application/x-zip-compressed", "application/x-gzip-compressed", "application/x-gzip", "application/x-lha", "application/x-rar", "application/x-tar", "application/stuffit", "application/x-stuffit", "application/x-sit", "application/tif", "application/x-tif", "application/tiff", "application/x-tiff", "application/tga", "application/x-tga", "application/x-targa", "application/wpg", "application/x-wpg", "application/photoshop", "application/psd", "application/ico", "application/x-ico", "application/x-msmetafile", "application/wmf", "application/x-wmf", "application/asx", "application/x-mplayer2", "zz-application/zz-winassoc-jif", "text/plain", "image/svg", "image/svg-xml", "image/svg+xml", "image/wmf", "image/x-wmf", "image/x-win-metafile", "image/ico", "image/x-icon", "image/photoshop", "image/x-photoshop", "image/psd", "image/wpg", "image/x-wpg", "image/x-wordperfect-graphics", "image/tga", "image/x-tga", "image/targa", "image/x-targa", "image/tif", "image/x-tif", "image/tiff", "image/x-tiff", "image/x-png", "image/png", "image/gif", "image/x-xbitmap", "image/gi_", "image/bmp", "image/pjpeg", "image/jpeg", "video/quicktime", "audio/basic", "audio/x-basic", "audio/asf", "audio/au", "audio/x-au", "audio/x-pn-au", "audio/aiff", "audio/x-aiff", "sound/aiff", "audio/rmf", "audio/x-rmf", "audio/x-pn-aiff", "audio/x-gsm", "audio/mid", "audio/m", "audio/midi", "audio/x-midi", "audio/vnd.qcelp", "audio/x-pn-realaudio", "audio/x-aifc", "audio/mpeg", "audio/mp3", "audio/x-wav", "audio/x-ms-wma", "audio/x-mpegurl", "audio/mpeg-url", "audio/vnd.rn-realaudio", "audio/x-pn-realaudio", "audio/x-realaudio", "audio/x-pm-realaudio-plugin", "video/quicktime", "video/x-quicktime", "video/x-ms-wmv", "video/x-ms-asf", "video/mpeg", "video/x-msvideo", "video/x-ms-wmv", "video/msvideo", "video/avi", "video/x-ms-asf-plugin", "video/x-ms-asf"); //allowed file extensions to be uploaded $allowed_ext = array("bmp", "gif", "jpeg", "jpg", "jpe", "png", "tif", "jif", "pcx", "fpx", "pcd", "pct", "tga", "wpg", "dib", "eps", "cut", "msp", "psd", "ico", "wmf", "svg", "pdf", "doc", "ppt", "pps", "xls", "rtf", "txt", "asc", "sxc", "sxw", "sxd", "sxi", "mp2", "mp3", "wav", "aiff", "aifc", "aif", "au", "mpa", "m1v", "wma", "wmv", "mid", "rmi", "au", "snd", "mpg", "mpeg", "avi", "asf", "m3u", "mp2v", "mpe", "mov", "ra", "mov", "qt", "rm", "swf", "tar", "gz", "zip", "rar", "arj", "arc", "lzh", "lha", "tgz", "z", "bz2", "msi", "sit", "cab", "exe", "dxf"); function validate_upload($the_file, $allowed_types, $allowed_ext) { global $HTTP_GET_VARS, $allowed_types, $allowed_ext; $the_file_ext = explode(".", $the_file['name']); $the_file_ext = $the_file_ext[count($the_file_ext) - 1]; $iserror = ""; if (isset($the_file['error'])) { if ($the_file['error'] == 0) { if (!in_array($the_file['type'], $allowed_types) || !in_array(strtolower($the_file_ext), $allowed_ext)) { $iserror = "You cannot upload this file type:<br><" . $the_file_ext . ': ' . $the_file['type'] . "><br><a href=\"fileupload.php?currentPath=" . urlencode($HTTP_GET_VARS['currentPath']) . "&counter=" . $HTTP_GET_VARS['counter'] . "&submode=" . $HTTP_GET_VARS['submode'] . "\">Press here</a> to go back";
# # Exponent is distributed in the hope that it # will be useful, but WITHOUT ANY WARRANTY; # without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR # PURPOSE. See the GNU General Public License # for more details. # # You should have received a copy of the GNU # General Public License along with Exponent; if # not, write to: # # Free Software Foundation, Inc., # 59 Temple Place, # Suite 330, # Boston, MA 02111-1307 USA # # $Id: content_selector.php,v 1.7 2005/02/19 00:40:17 filetreefrog Exp $ ################################################## define('SCRIPT_EXP_RELATIVE', ''); define('SCRIPT_FILENAME', 'content_selector.php'); // Initialize the Pathos Framework include_once 'pathos.php'; /* exdoc * Define Content Selector constant as 1, since we are not selecting orphaned content. * @node General */ define('CONTENT_SELECTOR', 1); // Include the Selector script, which does all of the real work. include_once dirname(__realpath(__FILE__)) . '/selector.php';
{ return is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value); } $_POST = stripslashes_deep($_POST); $_GET = stripslashes_deep($_GET); $_COOKIE = stripslashes_deep($_COOKIE); } // pathos.php (the file that includes this file the most) will define this for its own purposes // but for other scripts that want to bootstrap minimally, we will need it, so only define it // if it isn't already defined. if (!function_exists('__realpath')) { function __realpath($path) { $path = str_replace('\\', '/', realpath($path)); if ($path[1] == ':') { // We can't just check for C:/, because windows users may have the IIS webroot on X: or F:, etc. $path = substr($path, 2); } return $path; } } // Process user-defined constants in overrides.php // THIS CANNOT USE __realpath like the others, since this file could be // symlinked through the multi-site manager include_once 'overrides.php'; // Auto-detect whatever variables the user hasn't overridden in overrides.php include_once dirname(__realpath(__FILE__)) . '/pathos_variables.php'; // Process PHP-wrapper settings (ini_sets and setting detectors) include_once dirname(__realpath(__FILE__)) . '/pathos_setup.php'; // Initialize the Compatibility Layer include BASE . 'compat.php';
define('PATHOS', EXPONENT); } if (!defined('PATH_RELATIVE')) { if (isset($_SERVER['DOCUMENT_ROOT'])) { /* * PATH_RELATIVE Constant * * The PATH_RELATIVE constant is the web path to the Exponent directory, * from the web root. It is related to the BASE constant, but different. */ define('PATH_RELATIVE', str_replace(__realpath($_SERVER['DOCUMENT_ROOT']), '', BASE)); } else { // FIXME: PATH_RELATIVE definition will break in certain parts when the server does not offer the Document_root. // FIXME: Notable, it breaks in the installer. // This triggers on IIS, which has no DOCUMENT_ROOT. define('PATH_RELATIVE', __realpath(dirname($_SERVER['SCRIPT_NAME']) . '/')); } } if (!defined('HOSTNAME')) { if (isset($_SERVER['HTTP_HOST'])) { define('HOSTNAME', $_SERVER['HTTP_HOST']); } else { if (isset($_SERVER['SERVER_NAME'])) { define('HOSTNAME', $_SERVER['SERVER_NAME']); } } } if (!defined('URL_BASE')) { /* * URL_BASE Constant *
include_once dirname(realpath(__FILE__)) . '/pathos.php'; pathos_lang_loadDictionary('standard', 'dbrecover'); exit(TR_DBRECOVER_RECOVERYDISABLED); // If we made it here, the user has enabled the Database Recovery Script manually. // Save the old user data, in case current user is actually logged in. $oldu = $user; // Temproarily elevate the current user to admin status, to // allow them to install tables. $user->is_admin = 1; $user->is_acting_admin = 1; // The $loc variable would normally be created by the Pathos framework // when running the action we are about to include. Here, we synthetically // create the location, so that the action doesn't freak out. $loc = pathos_core_makeLocation('administrationmodule'); // Simulate running the Install Tables action. include_once dirname(__realpath(__FILE__)) . '/modules/administrationmodule/actions/installtables.php'; // In case something is screwed up in the database, we need to // create some records. // Create the default administrative account (username:admin, password:admin) // if there are no users in the user table. if ($db->tableIsEmpty('user')) { echo TR_DBRECOVER_CREATEDEFAULTADMIN . '<br />'; $user = null; $user->username = '******'; $user->password = md5('admin'); $user->is_admin = 1; // This wont work for other users subsystems $db->insertObject($user, 'user'); } // If no modules have been activated, we will not be able to activate any modules // through the Administration Control Panel, usually because we won't
# $Id: pathos.php,v 1.18 2005/04/26 04:44:07 filetreefrog Exp $ ################################################## function __realpath($path) { $path = str_replace('\\', '/', realpath($path)); if ($path[1] == ':') { // We can't just check for C:/, because windows users may have the IIS webroot on X: or F:, etc. $path = substr($path, 2); } return $path; } // Bootstrap, which will clean the _POST, _GET and _REQUEST arrays, and include // necessary setup files (pathos_setup.php, pathos_variables.php) as well as initialize // the compatibility layer. // This was moved into its own file from this file so that 'lighter' scripts could bootstrap. require_once dirname(__realpath(__FILE__)) . '/pathos_bootstrap.php'; // Load the site configuration (without initializing the config subsystem) require_once BASE . 'subsystems/config/load.php'; // After config config setup: // Put session stuff first. $user = null; // Initialize the Sessions Subsystem require_once BASE . 'subsystems/sessions.php'; // Initializes the session. This will populate the $user variable pathos_sessions_initialize(); if (!isset($_SERVER['QUERY_STRING'])) { $_SERVER['QUERY_STRING'] = ''; } // Create a REQUEST_URI for people who don't have one. // FIXME: Move this code (and other similar platform stuff) into a platform compat layer. // FIXME:
<head> <?php require_once 'security.php'; ?> <link href="styles/main.css" rel="stylesheet" type="text/css"> <?php if ($secTest && $sessionTest) { ?> <?php $path_var = urldecode($KT_PATH_VAR); $current_path = isset($HTTP_GET_VARS["currentPath"]) ? urldecode($HTTP_GET_VARS["currentPath"]) : ""; $current_file = isset($HTTP_GET_VARS["currentFile"]) ? urldecode($HTTP_GET_VARS["currentFile"]) : ""; $dir = $path_var . "/" . $current_path; if (is_dir($dir)) { $directory = opendir(__realpath($dir, 1)); } else { $directory = false; } $arra = explode("/", $current_path); $sz = sizeof($arra); $TDS = 5; ?> <script> var activFileObject = null; var activObject = null; var currentFilePath = '<?php echo $current_path; ?> '; function divDoubleClickFile(o) {
# ################################################## function __realpath($path) { $path = str_replace('\\', '/', realpath($path)); if ($path[1] == ':') { // We can't just check for C:/, because windows users may have the IIS webroot on X: or F:, etc. $path = substr($path, 2); } return $path; } // Bootstrap, which will clean the _POST, _GET and _REQUEST arrays, and include // necessary setup files (exponent_setup.php, exponent_variables.php) as well as initialize // the compatibility layer. // This was moved into its own file from this file so that 'lighter' scripts could bootstrap. include_once dirname(__realpath(__FILE__)) . '/exponent_bootstrap.php'; // After config config setup: // Put session stuff first. $user = null; // Initialize the Sessions Subsystem require_once BASE . 'subsystems/sessions.php'; // Initializes the session. This will populate the $user variable exponent_sessions_initialize(); if (!isset($_SERVER['QUERY_STRING'])) { $_SERVER['QUERY_STRING'] = ''; } // Create a REQUEST_URI for people who don't have one. // FIXME: Move this code (and other similar platform stuff) into a platform compat layer. // FIXME: $_SERVER['REQUEST_URI'] = SCRIPT_RELATIVE . SCRIPT_FILENAME . '?' . $_SERVER['QUERY_STRING']; if (isset($_REQUEST['section'])) {
{ return is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value); } $_POST = stripslashes_deep($_POST); $_GET = stripslashes_deep($_GET); $_COOKIE = stripslashes_deep($_COOKIE); } // exponent.php (the file that includes this file the most) will define this for its own purposes // but for other scripts that want to bootstrap minimally, we will need it, so only define it // if it isn't already defined. if (!function_exists('__realpath')) { function __realpath($path) { $path = str_replace('\\', '/', realpath($path)); if ($path[1] == ':') { // We can't just check for C:/, because windows users may have the IIS webroot on X: or F:, etc. $path = substr($path, 2); } return $path; } } // Process user-defined constants in overrides.php // THIS CANNOT USE __realpath like the others, since this file could be // symlinked through the multi-site manager include_once 'overrides.php'; // Auto-detect whatever variables the user hasn't overridden in overrides.php include_once dirname(__realpath(__FILE__)) . '/exponent_variables.php'; // Process PHP-wrapper settings (ini_sets and setting detectors) include_once dirname(__realpath(__FILE__)) . '/exponent_setup.php'; // Initialize the Compatibility Layer include BASE . 'compat.php';
* @return string */ function __realpath($path) { $path = str_replace('\\', '/', realpath($path)); if ($path[1] == ':') { // We can't just check for C:/, because windows users may have the IIS webroot on X: or F:, etc. $path = substr($path, 2); } return $path; } } // Process user-defined constants first in overrides.php (if it exists) include_once 'overrides.php'; // load constants for paths and other environment not overridden in overrides.php require_once dirname(__realpath(__FILE__)) . '/exponent_constants.php'; // load the code version require_once BASE . 'exponent_version.php'; /* * EXPONENT Constant * * The EXPONENT Constant signals to other parts of the system that they are operating within the confines * of the Exponent v2 Framework. (Module actions check this -- if it is not defined, they must abort). */ define('EXPONENT', EXPONENT_VERSION_MAJOR); // load the constants from the global config, theme config, and then default config settings require_once BASE . 'framework/core/subsystems/expSettings.php'; // we don't have our autoloader loaded yet expSettings::initialize(); // Process PHP-wrapper settings (ini_sets and settings, and autoloader) require_once BASE . 'exponent_php_setup.php';