function rename_check($event, $args, $finder) { $name = $args['name']; if (gp_restrict_uploads && !admin_uploaded::AllowedExtension($name)) { return false; } $args['name'] = $name; return $args; }
/** * Add an uploaded plugin * */ function UploadPlugin() { global $langmessage, $dataDir; includeFile('admin/admin_uploaded.php'); includeFile('thirdparty/pclzip-2-8-2/pclzip.lib.php'); if (empty($_FILES['plugin'])) { message($langmessage['OOPS'] . ' (No File)'); return; } $plugin_file = $_FILES['plugin']; if (strpos($plugin_file['name'], '.zip') === false) { message($langmessage['OOPS'] . ' (Not a zip file)'); return; } // Unzip uses a lot of memory, but not this much hopefully @ini_set('memory_limit', '256M'); $archive = new PclZip($plugin_file['tmp_name']); // get plugin name and check file types $plugin_name = false; $remove_path = ''; $list = $archive->listContent(); foreach ($list as $file) { //plugin name if (strpos($file['filename'], 'plugin.js') !== false) { $new_plugin_name = $this->FindPluginName($archive, $file); if (!$new_plugin_name) { continue; } //use the most relevant plugin name $new_path = dirname($file['filename']); if (!$plugin_name || strlen($new_path) < strlen($remove_path)) { $plugin_name = $new_plugin_name; $remove_path = $new_path; } } //don't check extensions on folder if (isset($file['folder']) && $file['folder']) { continue; } if (!admin_uploaded::AllowedExtension($file['filename'], false)) { message($langmessage['OOPS'] . ' (File type not allowed:' . htmlspecialchars($file['filename']) . ')'); return false; } } if (!$plugin_name) { message($langmessage['OOPS'] . ' (Unknown plugin name)'); return; } //make sure plugin name isn't already in build_config if ($this->build_config && isset($this->build_config['plugins']) && isset($this->build_config['plugins'][$plugin_name]) && $this->build_config['plugins'][$plugin_name] > 0) { msg($langmessage['addon_key_defined'], '<i>' . $plugin_name . '</i>'); return; } // check destination directory $destination = $dataDir . '/data/_ckeditor/' . $plugin_name; $temp_dir = false; if (file_exists($destination)) { $temp_dir = $destination . '_' . time(); if (!rename($destination, $temp_dir)) { message($langmessage['OOPS'] . ' (Couldn\'t remove old plugin)'); return; } } elseif (!gpFiles::CheckDir($destination)) { msg($destination); message($langmessage['OOPS'] . ' (Couldn\'t create plugin folder)'); return; } //extract // extract $return = $archive->extract(PCLZIP_OPT_PATH, $destination, PCLZIP_OPT_REMOVE_PATH, $remove_path); if (!is_array($return)) { if ($temp_dir) { rename($temp_dir, $destination); } message($langmessage['OOPS'] . ' (Extract Failed)'); return; } // save configuration if (!array_key_exists($plugin_name, $this->cke_config['plugins'])) { $this->cke_config['plugins'][$plugin_name] = array('installed' => time()); } $this->cke_config['plugins'][$plugin_name]['updated'] = time(); $this->SaveConfig(); message($langmessage['SAVED']); // remove temporary if ($temp_dir) { gpFiles::RmAll($temp_dir); } }
/** * Add an uploaded plugin * */ function UploadPlugin() { global $langmessage, $dataDir; includeFile('admin/admin_uploaded.php'); $archive = $this->UploadedArchive(); if (!$archive) { return false; } // get plugin name and check file types $list = $archive->ListFiles(); $plugin_name = ''; $remove_path = ''; foreach ($list as $file) { //don't check extensions on folder if ($file['size'] == 0) { continue; } //check extension if (!admin_uploaded::AllowedExtension($file['name'], false)) { msg($langmessage['OOPS'] . ' (File type not allowed:' . htmlspecialchars($file['name']) . ')'); return false; } //plugin name if (strpos($file['name'], 'plugin.js') !== false) { $new_plugin_name = $this->FindPluginName($archive, $file['name']); if (!$new_plugin_name) { continue; } //use the most relevant plugin name $new_path = dirname($file['name']); if (!$plugin_name || strlen($new_path) < strlen($remove_path)) { $plugin_name = $new_plugin_name; $remove_path = $new_path; } } } if (!$this->CanUpload($plugin_name)) { return; } //extract to temporary location $extract_temp = $dataDir . \gp\tool\FileSystem::TempFile('/data/_temp/' . $plugin_name); if (!$archive->extractTo($extract_temp)) { gpFiles::RmAll($extract_temp); msg($langmessage['OOPS'] . ' (Couldn\'t extract to temp location)'); return false; } //move to _ckeditor folder $destination = $dataDir . '/data/_ckeditor/' . $plugin_name; $rename_from = $extract_temp . '/' . ltrim($remove_path, '/'); if (!gpFiles::Replace($rename_from, $destination)) { msg($langmessage['OOPS'] . ' (Not replaced)'); return false; } // save configuration if (!array_key_exists($plugin_name, $this->cke_config['plugins'])) { $this->cke_config['plugins'][$plugin_name] = array('installed' => time()); } $this->cke_config['plugins'][$plugin_name]['updated'] = time(); $this->SaveConfig(); msg($langmessage['SAVED']); }
function UploadFile($key) { global $langmessage, $config; $fName = $_FILES['userfiles']['name'][$key]; switch ((int) $_FILES['userfiles']['error'][$key]) { case UPLOAD_ERR_OK: break; case UPLOAD_ERR_FORM_SIZE: case UPLOAD_ERR_INI_SIZE: $this->errorMessages[] = sprintf($langmessage['upload_error_size'], $this->ReadableMax()); return false; case UPLOAD_ERR_NO_FILE: case UPLOAD_ERR_PARTIAL: $this->errorMessages[] = sprintf($langmessage['UPLOAD_ERROR_PARTIAL'], $fName); return false; case UPLOAD_ERR_NO_TMP_DIR: $this->errorMessages[] = sprintf($langmessage['UPLOAD_ERROR'] . ' (1)', $fName); //trigger_error('Missing a temporary folder for file uploads.'); return false; case UPLOAD_ERR_CANT_WRITE: $this->errorMessages[] = sprintf($langmessage['UPLOAD_ERROR'] . ' (2)', $fName); //trigger_error('PHP couldn\'t write to the temporary directory: '.$fName); return false; case UPLOAD_ERR_EXTENSION: $this->errorMessages[] = sprintf($langmessage['UPLOAD_ERROR'] . ' (3)', $fName); //trigger_error('File upload stopped by extension: '.$fName); return false; } $upload_moved = false; $fName = $this->SanitizeName($fName); $from = $_FILES['userfiles']['tmp_name'][$key]; if (!admin_uploaded::AllowedExtension($fName)) { return false; } $fName = $this->WindowsName($fName); $to = $this->FixRepeatNames($fName); if ($upload_moved) { if (!rename($from, $to)) { $this->errorMessages[] = sprintf($langmessage['UPLOAD_ERROR'] . ' (Rename Failed from ' . $to . ')', $fName); return false; } } elseif (!move_uploaded_file($from, $to)) { $this->errorMessages[] = sprintf($langmessage['UPLOAD_ERROR'] . ' (Move Upload Failed)', $fName); return false; } @chmod($to, 0666); //for images $file_type = admin_uploaded::GetFileType($fName); if (isset($this->imgTypes[$file_type]) && function_exists('imagetypes')) { //check the image size thumbnail::CheckArea($to, $config['maximgarea']); self::CreateThumbnail($to); } return $fName; }