/**
* Run all system actions based on the value of $_REQUEST['act'].
*/
function ft_do_action()
{
if (!empty($_REQUEST['act'])) {
// Only one callback action is allowed. So only the first hook that acts on an action is run.
ft_invoke_hook('action', $_REQUEST['act']);
# mkdir
if ($_REQUEST['act'] == "createdir" && CREATE === TRUE) {
$_POST['newdir'] = trim($_POST['newdir']);
if ($_POST['type'] == 'file') {
// Check file against blacklists
if (strlen($_POST['newdir']) > 0 && ft_check_filetype($_POST['newdir']) && ft_check_file($_POST['newdir'])) {
// Create file.
$newfile = ft_get_dir() . "/{$_POST['newdir']}";
if (file_exists($newfile)) {
// Redirect
ft_set_message(t("File could not be created. File already exists."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
} elseif (@touch($newfile)) {
// Redirect.
ft_set_message(t("File created."));
ft_redirect("dir=" . $_REQUEST['dir']);
} else {
// Redirect
ft_set_message(t("File could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
} else {
// Redirect
ft_set_message(t("File could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
} elseif ($_POST['type'] == 'url') {
// Create from URL.
$newname = trim(substr($_POST['newdir'], strrpos($_POST['newdir'], '/') + 1));
if (strlen($newname) > 0 && ft_check_filetype($newname) && ft_check_file($newname)) {
// Open file handlers.
$rh = fopen($_POST['newdir'], 'rb');
if ($rh === FALSE) {
ft_set_message(t("Could not open URL. Possible reason: URL wrappers not enabled."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
$wh = fopen(ft_get_dir() . '/' . $newname, 'wb');
if ($wh === FALSE) {
ft_set_message(t("File could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
// Download anf write file.
while (!feof($rh)) {
if (fwrite($wh, fread($rh, 1024)) === FALSE) {
ft_set_message(t("File could not be saved."), 'error');
}
}
fclose($rh);
fclose($wh);
ft_redirect("dir=" . $_REQUEST['dir']);
} else {
// Redirect
ft_set_message(t("File could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
} else {
// Create directory.
// Check input.
// if (strstr($_POST['newdir'], ".")) {
// Throw error (redirect).
// ft_redirect("status=createddirfail&dir=".$_REQUEST['dir']);
// } else {
$_POST['newdir'] = ft_stripslashes($_POST['newdir']);
$newdir = ft_get_dir() . "/{$_POST['newdir']}";
$oldumask = umask(0);
if (strlen($_POST['newdir']) > 0 && @mkdir($newdir, DIRPERMISSION)) {
ft_set_message(t("Directory created."));
ft_redirect("dir=" . $_REQUEST['dir']);
} else {
// Redirect
ft_set_message(t("Directory could not be created."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
umask($oldumask);
// }
}
# Move
} elseif ($_REQUEST['act'] == "move" && ft_check_fileactions() === TRUE) {
// Check that both file and newvalue are set.
$file = trim(ft_stripslashes($_REQUEST['file']));
$dir = trim(ft_stripslashes($_REQUEST['newvalue']));
if (substr($dir, -1, 1) != "/") {
$dir .= "/";
}
// Check for level.
if (substr_count($dir, "../") <= substr_count(ft_get_dir(), "/") && ft_check_move($dir) === TRUE) {
$dir = ft_get_dir() . "/" . $dir;
if (!empty($file) && file_exists(ft_get_dir() . "/" . $file)) {
// Check that destination exists and is a directory.
if (is_dir($dir)) {
// Move file.
if (@rename(ft_get_dir() . "/" . $file, $dir . "/" . $file)) {
// Success.
ft_set_message(t("!old was moved to !new", array('!old' => $file, '!new' => $dir)));
ft_redirect("dir={$_REQUEST['dir']}");
} else {
// Error rename failed.
ft_set_message(t("!old could not be moved.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error dest. isn't a dir or doesn't exist.
ft_set_message(t("Could not move file. !old does not exist or is not a directory.", array('!old' => $dir)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error source file doesn't exist.
ft_set_message(t("!old could not be moved. It doesn't exist.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error level
ft_set_message(t("!old could not be moved outside the base directory.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# Delete
} elseif ($_REQUEST['act'] == "delete" && ft_check_fileactions() === TRUE) {
// Check that file is set.
$file = ft_stripslashes($_REQUEST['file']);
if (!empty($file) && ft_check_file($file)) {
if (is_dir(ft_get_dir() . "/" . $file)) {
if (DELETEFOLDERS == TRUE) {
ft_rmdir_recurse(ft_get_dir() . "/" . $file);
}
if (!@rmdir(ft_get_dir() . "/" . $file)) {
ft_set_message(t("!old could not be deleted.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
} else {
ft_set_message(t("!old deleted.", array('!old' => $file)));
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
if (!@unlink(ft_get_dir() . "/" . $file)) {
ft_set_message(t("!old could not be deleted.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
} else {
ft_set_message(t("!old deleted.", array('!old' => $file)));
ft_redirect("dir={$_REQUEST['dir']}");
}
}
} else {
ft_set_message(t("!old could not be deleted.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# Rename && Duplicate && Symlink
} elseif ($_REQUEST['act'] == "rename" || $_REQUEST['act'] == "duplicate" || $_REQUEST['act'] == "symlink" && ft_check_fileactions() === TRUE) {
// Check that both file and newvalue are set.
$old = trim(ft_stripslashes($_REQUEST['file']));
$new = trim(ft_stripslashes($_REQUEST['newvalue']));
if ($_REQUEST['act'] == 'rename') {
$m['typefail'] = t("!old was not renamed to !new (type not allowed).", array('!old' => $old, '!new' => $new));
$m['writefail'] = t("!old could not be renamed (write failed).", array('!old' => $old));
$m['destfail'] = t("File could not be renamed to !new since it already exists.", array('!new' => $new));
$m['emptyfail'] = t("File could not be renamed since you didn't specify a new name.");
} elseif ($_REQUEST['act'] == 'duplicate') {
$m['typefail'] = t("!old was not duplicated to !new (type not allowed).", array('!old' => $old, '!new' => $new));
$m['writefail'] = t("!old could not be duplicated (write failed).", array('!old' => $old));
$m['destfail'] = t("File could not be duplicated to !new since it already exists.", array('!new' => $new));
$m['emptyfail'] = t("File could not be duplicated since you didn't specify a new name.");
} elseif ($_REQUEST['act'] == 'symlink') {
$m['typefail'] = t("Could not create symlink to !old (type not allowed).", array('!old' => $old, '!new' => $new));
$m['writefail'] = t("Could not create symlink to !old (write failed).", array('!old' => $old));
$m['destfail'] = t("Could not create symlink !new since it already exists.", array('!new' => $new));
$m['emptyfail'] = t("Symlink could not be created since you didn't specify a name.");
}
if (!empty($old) && !empty($new)) {
if (ft_check_filetype($new) && ft_check_file($new)) {
// Make sure destination file doesn't exist.
if (!file_exists(ft_get_dir() . "/" . $new)) {
// Check that file exists.
if (is_writeable(ft_get_dir() . "/" . $old)) {
if ($_REQUEST['act'] == "rename") {
if (@rename(ft_get_dir() . "/" . $old, ft_get_dir() . "/" . $new)) {
// Success.
ft_set_message(t("!old was renamed to !new", array('!old' => $old, '!new' => $new)));
ft_redirect("dir={$_REQUEST['dir']}");
} else {
// Error rename failed.
ft_set_message(t("!old could not be renamed.", array('!old' => $old)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} elseif ($_REQUEST['act'] == 'symlink') {
if (ADVANCEDACTIONS == TRUE) {
if (@symlink(realpath(ft_get_dir() . "/" . $old), ft_get_dir() . "/" . $new)) {
@chmod(ft_get_dir() . "/{$new}", PERMISSION);
// Success.
ft_set_message(t("Created symlink !new", array('!old' => $old, '!new' => $new)));
ft_redirect("dir={$_REQUEST['dir']}");
} else {
// Error symlink failed.
ft_set_message(t("Symlink to !old could not be created.", array('!old' => $old)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
}
} else {
if (@copy(ft_get_dir() . "/" . $old, ft_get_dir() . "/" . $new)) {
// Success.
ft_set_message(t("!old was duplicated to !new", array('!old' => $old, '!new' => $new)));
ft_redirect("dir={$_REQUEST['dir']}");
} else {
// Error rename failed.
ft_set_message(t("!old could not be duplicated.", array('!old' => $old)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
}
} else {
// Error old file isn't writeable.
ft_set_message($m['writefail'], 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error destination exists.
ft_set_message($m['destfail'], 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error file type not allowed.
ft_set_message($m['typefail'], 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
// Error. File name not set.
ft_set_message($m['emptyfail'], 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# upload
} elseif ($_REQUEST['act'] == "upload" && ft_check_upload() === TRUE && (LIMIT <= 0 || LIMIT > ROOTDIRSIZE)) {
// If we are to upload a file we will do so.
$msglist = 0;
foreach ($_FILES as $k => $c) {
if (!empty($c['name'])) {
$c['name'] = ft_stripslashes($c['name']);
if ($c['error'] == 0) {
// Upload was successfull
if (ft_validate_filename($c['name']) && ft_check_filetype($c['name']) && ft_check_file($c['name'])) {
if (file_exists(ft_get_dir() . "/{$c['name']}")) {
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("File already exists"), 'error');
} else {
if (@move_uploaded_file($c['tmp_name'], ft_get_dir() . "/{$c['name']}")) {
@chmod(ft_get_dir() . "/{$c['name']}", PERMISSION);
// Success!
$msglist++;
ft_set_message(t('!file was uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))));
ft_invoke_hook('upload', ft_get_dir(), $c['name']);
} else {
// File couldn't be moved. Throw error.
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("File couldn't be moved"), 'error');
}
}
} else {
// File type is not allowed. Throw error.
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("File type not allowed"), 'error');
}
} else {
// An error occurred.
switch ($_FILES["localfile"]["error"]) {
case 1:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("The file was too large"), 'error');
break;
case 2:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("The file was larger than MAXSIZE setting."), 'error');
break;
case 3:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("Partial upload. Try again"), 'error');
break;
case 4:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("No file was uploaded. Please try again"), 'error');
break;
default:
$msglist++;
ft_set_message(t('!file was not uploaded.', array('!file' => ft_get_nice_filename($c['name'], 20))) . ' ' . t("Unknown error"), 'error');
break;
}
}
}
}
if ($msglist > 0) {
ft_redirect("dir=" . $_REQUEST['dir']);
} else {
ft_set_message(t("Upload failed."), 'error');
ft_redirect("dir=" . $_REQUEST['dir']);
}
# Unzip
} elseif ($_REQUEST['act'] == "unzip" && ft_check_fileactions() === TRUE) {
// Check that file is set.
$file = ft_stripslashes($_REQUEST['file']);
if (!empty($file) && ft_check_file($file) && ft_check_filetype($file) && strtolower(ft_get_ext($file)) == 'zip' && is_file(ft_get_dir() . "/" . $file)) {
$escapeddir = escapeshellarg(ft_get_dir() . "/");
$escapedfile = escapeshellarg(ft_get_dir() . "/" . $file);
if (!@exec("unzip -n " . $escapedfile . " -d " . $escapeddir)) {
ft_set_message(t("!old could not be unzipped.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
} else {
ft_set_message(t("!old unzipped.", array('!old' => $file)));
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
ft_set_message(t("!old could not be unzipped.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# chmod
} elseif ($_REQUEST['act'] == "chmod" && ft_check_fileactions() === TRUE && ADVANCEDACTIONS == TRUE) {
// Check that file is set.
$file = ft_stripslashes($_REQUEST['file']);
if (!empty($file) && ft_check_file($file) && ft_check_filetype($file)) {
// Check that chosen permission i valid
if (is_numeric($_REQUEST['newvalue'])) {
$chmod = $_REQUEST['newvalue'];
if (substr($chmod, 0, 1) == '0') {
$chmod = substr($chmod, 0, 4);
} else {
$chmod = '0' . substr($chmod, 0, 3);
}
// Chmod
if (@chmod(ft_get_dir() . "/" . $file, intval($chmod, 8))) {
ft_set_message(t("Permissions changed for !old.", array('!old' => $file)));
ft_redirect("dir={$_REQUEST['dir']}");
clearstatcache();
} else {
ft_set_message(t("Could not change permissions for !old.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
ft_set_message(t("Could not change permissions for !old.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
} else {
ft_set_message(t("Could not change permissions for !old.", array('!old' => $file)), 'error');
ft_redirect("dir={$_REQUEST['dir']}");
}
# logout
} elseif ($_REQUEST['act'] == "logout") {
ft_invoke_hook('logout', $_SESSION['ft_user_' . MUTEX]);
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
session_destroy();
// Delete persistent cookie
setcookie('ft_user_' . MUTEX, '', time() - 3600);
ft_redirect();
}
}
}
/**
* Private function. Searches for file names and directories recursively.
*
* @param $dir
* Directory to search.
* @param $q
* Search query.
* @return An array of files. Each item is an array:
* array(
* 'name' => '', // File name.
* 'shortname' => '', // File name.
* 'type' => '', // 'file' or 'dir'.
* 'dir' => '', // Directory where file is located.
* )
*/
function _ft_search_find_files($dir, $q)
{
$output = array();
if (ft_check_dir($dir) && ($dirlink = @opendir($dir))) {
while (($file = readdir($dirlink)) !== false) {
if ($file != "." && $file != ".." && (ft_check_file($file) && ft_check_filetype($file) || is_dir($dir . "/" . $file) && ft_check_dir($file))) {
$path = $dir . '/' . $file;
// Check if filename/directory name is a match.
if (stristr($file, $q)) {
$new['name'] = $file;
$new['shortname'] = ft_get_nice_filename($file, 20);
$new['dir'] = substr($dir, strlen(ft_get_root()));
if (is_dir($path)) {
if (ft_check_dir($path)) {
$new['type'] = "dir";
$output[] = $new;
}
} else {
$new['type'] = "file";
$output[] = $new;
}
}
// Check subdirs for matches.
if (is_dir($path)) {
$dirres = _ft_search_find_files($path, $q);
if (is_array($dirres) && count($dirres) > 0) {
$output = array_merge($dirres, $output);
unset($dirres);
}
}
}
}
sort($output);
closedir($dirlink);
return $output;
} else {
return FALSE;
}
}
