function create_thumbs() { $target_directory = dirname($this->path) . DIRECTORY_SEPARATOR . basename($this->path) . '_previews' . DIRECTORY_SEPARATOR; make_child_dir($target_directory); $duration = $this->duration() - 2; $bits = ceil($duration / 12); if ($bits == 0) { $bits = 1; } $rate = 1 / $bits; if ($rate < 0.1) { $rate = 0.1; } $i = 1; $cmd = array(); while ($i < $duration) { $i_str = str_pad($i, 5, '0', STR_PAD_LEFT); $cmd[] = $this->ffmpeg . " -ss {$i} -i \"{$this->path}\" -vframes 1 -an -f mjpeg \"{$i_str}.jpg\""; $i += $bits; } chdir($target_directory); if (DIRECTORY_SEPARATOR == '\\') { foreach ($cmd as $c) { exec($c); } } else { $cmd = join(' && ', $cmd); exec($cmd); } $files = directory_map($target_directory, true); if ($files) { return $files[max(0, floor(count($files) / 2) - 1)] . ':50:50'; } else { return null; } }
function index() { list($params, $id, $slug) = $this->parse_params(func_get_args()); // Create or update if ($this->method != 'get') { $c = new Content(); switch ($this->method) { case 'post': case 'put': if ($this->method == 'put') { // Update $c->get_by_id($id); if (!$c->exists()) { $this->error('404', "Content with ID: {$id} not found."); return; } $c->old_published_on = $c->published_on; $c->old_captured_on = $c->captured_on; $c->old_uploaded_on = $c->uploaded_on; if (isset($_POST['slug'])) { $c->current_slug = $c->slug; } } if (isset($_REQUEST['name'])) { if (isset($_REQUEST['upload_session_start'])) { $s = new Setting(); $s->where('name', 'last_upload')->get(); if ($s->exists() && $s->value != $_REQUEST['upload_session_start']) { $s->value = $_REQUEST['upload_session_start']; $s->save(); } } $file_name = $c->clean_filename($_REQUEST['name']); $chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0; $chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0; $tmp_dir = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'tmp'; $tmp_path = $tmp_dir . DIRECTORY_SEPARATOR . $file_name; make_child_dir($tmp_dir); if ($chunks == 0 || $chunk == $chunks - 1) { if (isset($_REQUEST['text'])) { $path = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'custom' . DIRECTORY_SEPARATOR; $internal_id = false; } else { if (isset($_REQUEST['plugin'])) { $info = pathinfo($_REQUEST['name']); $path = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $_REQUEST['plugin'] . DIRECTORY_SEPARATOR . 'storage' . DIRECTORY_SEPARATOR; $file_name = $_REQUEST['basename'] . '.' . $info['extension']; $internal_id = false; } else { list($internal_id, $path) = $c->generate_internal_id(); } } if ($path) { $path .= $file_name; if ($chunks == 0) { $tmp_path = $path; } } else { $this->error('500', 'Unable to create directory for upload.'); return; } } // Look for the content type header if (isset($_SERVER["HTTP_CONTENT_TYPE"])) { $contentType = $_SERVER["HTTP_CONTENT_TYPE"]; } else { if (isset($_SERVER["CONTENT_TYPE"])) { $contentType = $_SERVER["CONTENT_TYPE"]; } else { $contentType = ''; } } if (strpos($contentType, "multipart") !== false) { if (isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name'])) { $out = fopen($tmp_path, $chunk == 0 ? "wb" : "ab"); if ($out) { // Read binary input stream and append it to temp file $in = fopen($_FILES['file']['tmp_name'], "rb"); if ($in) { while ($buff = fread($in, 4096)) { fwrite($out, $buff); } } else { $this->error('500', 'Unable to read input stream.'); return; } fclose($out); unlink($_FILES['file']['tmp_name']); } else { $this->error('500', 'Unable to write to output file.'); return; } } else { $this->error('500', 'Unable to move uploaded file.'); return; } } else { $out = fopen($tmp_path, $chunk == 0 ? "wb" : "ab"); if ($out) { // Read binary input stream and append it to temp file $in = fopen("php://input", "rb"); if ($in) { while ($buff = fread($in, 4096)) { fwrite($out, $buff); } } else { $this->error('500', 'Unable to read uploaded file.'); return; } fclose($out); } else { $this->error('500', 'Unable to open output stream.'); return; } } if ($chunk < $chunks - 1) { // Don't continue until all chunks are uploaded exit; } else { if ($chunks > 0) { // Done, move to permanent location and save to DB rename($tmp_path, $path); } } if (!$internal_id) { // Custom text uploads can stop here die(json_encode(array('filename' => $file_name))); } $from = array(); $from['filename'] = $file_name; $from['internal_id'] = $internal_id; $from['file_modified_on'] = time(); } else { if (isset($_POST['localfile'])) { $filename = basename($_REQUEST['localfile']); list($internal_id, $path) = $c->generate_internal_id(); if (!file_exists($_REQUEST['localfile'])) { $this->error('500', '"localfile" does not exist.'); return; } if ($path) { $path .= $filename; } else { $this->error('500', 'Unable to create directory for upload.'); return; } copy($_REQUEST['localfile'], $path); $from = array(); $from['filename'] = $filename; $from['internal_id'] = $internal_id; $from['file_modified_on'] = time(); } else { if (isset($_POST['from_url'])) { $filename = basename($_POST['from_url']); list($internal_id, $path) = $c->generate_internal_id(); if ($path) { $path .= $filename; } else { $this->error('500', 'Unable to create directory for upload.'); return; } if ($this->_download(urldecode($_POST['from_url']), $path, true) && file_exists($path)) { $from = array(); $from['filename'] = $filename; $from['internal_id'] = $internal_id; $from['file_modified_on'] = time(); } else { $this->error('500', 'Unable to import file from provided URL.'); return; } } else { if (is_null($id)) { $this->error('403', 'New content records must be accompanied by an upload.'); return; } } } } if (isset($from)) { $from = array_merge($_POST, $from); } else { $from = $_POST; } if (isset($_REQUEST['rotate']) && is_numeric($_REQUEST['rotate']) && $c->exists()) { $r = $_REQUEST['rotate']; if (abs($r) != 90) { $this->error('403', 'Rotation can only be done in multiples of 90.'); return; } if (empty($c->storage_url)) { $path = $c->path_to_original(); $info = pathinfo($path); $midsize_path = preg_replace('/\\.' . $info['extension'] . '$/', '.1600.' . $info['extension'], $path); if (file_exists($midsize_path)) { $midsize = $midsize_path; } } else { $path = tempnam(sys_get_temp_dir(), 'original'); file_put_contents($path, file_get_contents($c->storage_url)); if (!empty($c->storage_url_midsize)) { $midsize = tempnam(sys_get_temp_dir(), 'midsize'); file_put_contents($midsize, file_get_contents($c->storage_url_midsize)); } } $s = new Setting(); $s->where('name', 'image_processing_library')->get(); include_once FCPATH . 'app' . DIRECTORY_SEPARATOR . 'koken' . DIRECTORY_SEPARATOR . 'DarkroomUtils.php'; $d = DarkroomUtils::init($s->value); $d->rotate($path, $r); if (isset($midsize)) { $d->rotate($midsize, $r); } if (!empty($c->storage_url)) { $key = $c->path . '/' . $c->filename; Shutter::store_original($path, $c->path . '/' . $c->filename); unlink($path); if (isset($midsize)) { $info = pathinfo($key); $key = preg_replace('/\\.' . $info['extension'] . '$/', '.1600.' . $info['extension'], $key); Shutter::store_original($midsize, $key); unlink($midsize); } } $c->clear_cache(); $from['width'] = $c->height; $from['height'] = $c->width; $from['aspect_ratio'] = $from['width'] / $from['height']; $from['file_modified_on'] = time(); } if (isset($_REQUEST['reset_internal_id']) && $_REQUEST['reset_internal_id'] && $c->exists()) { list($from['internal_id'], ) = $c->generate_internal_id(true); } $hook = 'content.' . ($id ? 'update' : 'create'); if (isset($from['filename']) && $id) { $c->clear_cache(); $hook .= '_with_upload'; $c->_before(); } $from = Shutter::filter("api.{$hook}", array_merge($from, array('id' => $id, 'file' => isset($path) ? $path : $c->path_to_original()))); unset($from['file']); try { $c->from_array($from, array(), true); } catch (Exception $e) { $this->error('400', $e->getMessage()); return; } if (isset($_POST['tags'])) { $c->_format_tags($_POST['tags']); } else { if ($this->method === 'put' && isset($_POST['visibility'])) { $c->_update_tag_counts(); } } $c->_readify(); $content = $c->to_array(array('auth' => true)); if ($hook === 'content.create' || $hook === 'content.update_with_upload') { if (ENVIRONMENT === 'production') { $this->load->library('mcurl'); if ($this->mcurl->is_enabled()) { $options = array(CURLOPT_HTTPHEADER => array('Connection: Close', 'Keep-Alive: 0')); $this->mcurl->add_call('normal', 'get', $content['presets']['medium_large']['url'], array(), $options); $this->mcurl->add_call('cropped', 'get', $content['presets']['medium_large']['cropped']['url'], array(), $options); $this->mcurl->execute(); } } $external_storage_url = Shutter::store_original($c->path_to_original(), str_replace('/storage/originals/', '', $content['original']['relative_url'])); if ($external_storage_url) { unlink($c->path_to_original()); $o = new Content(); $o->where('id', $content['id'])->update(array('storage_url' => $external_storage_url)); $content['storage_url'] = $external_storage_url; } } Shutter::hook($hook, $content); // Important to prevent failures from Lr plugin header('Connection: close'); $this->redirect("/content/{$c->id}" . (isset($params['context']) ? '/context:' . $params['context'] : '')); break; case 'delete': if (is_null($id)) { $this->error('403', 'Required parameter "id" not present.'); return; } else { $t = new Tag(); if (is_numeric($id)) { $content = $c->get_by_id($id); if ($c->exists()) { $trash = new Trash(); $this->db->query("DELETE from {$trash->table} WHERE id = 'content-{$c->id}'"); $c->do_delete(); } else { $this->error('404', "Content with ID: {$id} not found."); return; } } else { $is_trash = $id === 'trash'; if ($id === 'trash') { $id = array(); $trash = new Trash(); $trash->like('id', 'content-')->select_func('REPLACE', '@id', 'content-', '', 'actual_id')->get_iterated(); foreach ($trash as $item) { $id[] = (int) $item->actual_id; } } else { $id = explode(',', $id); } /* Multiple delete /content/n1/n2/n3 */ // Keep track of tags to -- $tags = array(); $c->where_in('id', $id); $contents = $c->get_iterated(); $trash = new Trash(); foreach ($contents as $c) { if ($c->exists()) { $tags = array_merge($tags, $c->tags); $this->db->query("DELETE from {$trash->table} WHERE id = 'content-{$c->id}'"); $c->do_delete(); } } } } exit; break; } } $c = new Content(); if ($slug || isset($id) && strpos($id, ',') === false) { $options = array('context' => false, 'neighbors' => false); $options = array_merge($options, $params); $original_context = $options['context']; if ($options['context'] && !in_array($options['context'], array('stream', 'favorites', 'features')) && strpos($options['context'], 'tag-') !== 0 && strpos($options['context'], 'category-') !== 0) { if (is_numeric($options['context'])) { $context_field = 'id'; } else { $context_field = 'slug'; $options['context'] = str_replace('slug-', '', $options['context']); } $a = new Album(); $a->group_start()->where($context_field, $options['context'])->or_where('internal_id', $options['context'])->group_end()->get(); $c->include_join_fields()->where_related_album('id', $a->id); } $with_token = false; if (is_numeric($id)) { $content = $c->where('deleted', 0)->get_by_id($id); } else { if ($slug) { $content = $c->where('deleted', 0)->group_start()->where('internal_id', $slug)->or_where('slug', $slug)->or_like('old_slug', ',' . $slug . ',', 'both')->group_end()->get(); } else { $content = $c->where('deleted', 0)->where('internal_id', $id)->get(); } if ($content->exists() && $content->internal_id === (is_null($id) ? $slug : $id)) { $with_token = true; } } if ($content->exists()) { if ($c->visibility == 1 && !$this->auth && !$with_token || !$this->auth && !is_numeric($id) && $c->visibility == 2) { $this->error('403', 'Private content.'); return; } $options['auth'] = $this->auth; if ($options['neighbors']) { // Make sure $neighbors is at least 2 $options['neighbors'] = max($options['neighbors'], 2); // Make sure neighbors is even if ($options['neighbors'] & 1 != 0) { $options['neighbors']++; } $options['neighbors'] = $options['neighbors'] / 2; $single_neighbors = false; } else { $options['neighbors'] = 1; $single_neighbors = true; } if ($options['context'] && !in_array($original_context, array('stream', 'favorites', 'features')) && strpos($original_context, 'tag-') !== 0 && strpos($original_context, 'category-') !== 0) { $options['in_album'] = $a; } $final = $content->to_array($options); if ($options['context']) { // TODO: Performance check $next = new Content(); $prev = new Content(); $in_a = new Album(); $next->where('deleted', 0); $prev->where('deleted', 0); $options['context'] = urldecode($options['context']); if (!in_array($original_context, array('stream', 'favorites', 'features')) && strpos($original_context, 'tag-') !== 0 && strpos($original_context, 'category-') !== 0) { if (!isset($options['context_order'])) { list($options['context_order'], $options['context_order_direction']) = explode(' ', $a->sort); } $final['context']['album'] = $a->to_array(array('auth' => $this->auth || $options['context'] === $a->internal_id)); $in_a->where("{$context_field} !=", $options['context']); $next->where_related_album('id', $a->id); $prev->where_related_album('id', $a->id); if ($options['context_order'] === 'manual') { $next->order_by_join_field('album', 'order', 'ASC')->group_start()->where_join_field('album', 'order >', $content->join_order)->or_group_start()->where_join_field('album', 'order', $content->join_order)->where_join_field('album', 'id >', $content->join_id)->group_end()->group_end(); $prev->order_by_join_field('album', 'order', 'DESC')->group_start()->where_join_field('album', 'order <', $content->join_order)->or_group_start()->where_join_field('album', 'order', $content->join_order)->where_join_field('album', 'id <', $content->join_id)->group_end()->group_end(); } else { $next_operator = strtolower($options['context_order_direction']) === 'desc' ? '<' : '>'; $prev_operator = $next_operator === '<' ? '>' : '<'; $next->group_start()->where($options['context_order'] . " {$next_operator}", $content->{$options['context_order']})->or_group_start()->where($options['context_order'], $content->{$options['context_order']})->where("id {$next_operator}", $content->id)->group_end()->group_end(); $prev->group_start()->where($options['context_order'] . " {$prev_operator}", $content->{$options['context_order']})->or_group_start()->where($options['context_order'], $content->{$options['context_order']})->where("id {$prev_operator}", $content->id)->group_end()->group_end(); } if (!$this->auth) { $next->where('visibility <', $final['context']['album']['visibility'] < 1 ? 1 : 2); $prev->where('visibility <', $final['context']['album']['visibility'] < 1 ? 1 : 2); } $in_album = $a; $final['context']['type'] = 'album'; $final['context']['title'] = $a->title; $final['context']['__koken_url'] = $final['context']['album']['__koken_url']; $final['context']['url'] = $final['context']['album']['url']; } else { if (!isset($options['context_order'])) { $options['context_order'] = 'captured_on'; $options['context_order_direction'] = 'DESC'; } else { if ($options['context_order'] === 'manual' && $original_context === 'favorites') { $options['context_order'] = 'favorite_order'; $options['context_order_direction'] = 'ASC'; } else { if ($options['context_order'] === 'manual' && $original_context === 'features') { $options['context_order'] = 'featured_order'; $options['context_order_direction'] = 'ASC'; } } } $next_operator = strtolower($options['context_order_direction']) === 'desc' ? '<' : '>'; $prev_operator = $next_operator === '<' ? '>' : '<'; $next->group_start()->where($options['context_order'] . " {$next_operator}", $content->{$options['context_order']})->or_group_start()->where($options['context_order'], $content->{$options['context_order']})->where("id {$next_operator}", $content->id)->group_end()->group_end(); $prev->group_start()->where($options['context_order'] . " {$prev_operator}", $content->{$options['context_order']})->or_group_start()->where($options['context_order'], $content->{$options['context_order']})->where("id {$prev_operator}", $content->id)->group_end()->group_end(); if (strpos($original_context, 'tag-') === 0) { $tag = str_replace('tag-', '', urldecode($original_context)); $t = new Tag(); $t->where('name', $tag)->get(); if ($t->exists()) { $next->where_related_tag('id', $t->id); $prev->where_related_tag('id', $t->id); $final['context']['type'] = 'tag'; $final['context']['title'] = $tag; $final['context']['slug'] = $tag; $t->model = 'tag_contents'; $t->slug = $t->name; $url = $t->url(); if ($url) { list($final['context']['__koken_url'], $final['context']['url']) = $url; } } } else { if (strpos($original_context, 'category-') === 0) { $category = str_replace('category-', '', $original_context); $cat = new Category(); $cat->where('slug', $category)->get(); if ($cat->exists()) { $next->where_related_category('id', $cat->id); $prev->where_related_category('id', $cat->id); $final['context']['type'] = 'category'; $final['context']['title'] = $cat->title; $final['context']['slug'] = $cat->slug; $cat->model = 'category_contents'; $url = $cat->url(); if ($url) { list($final['context']['__koken_url'], $final['context']['url']) = $url; } } } else { if ($original_context === 'favorites') { $url_data = $prev->get_data(); $urls = $prev->form_urls(); $next->where('favorite', 1); $prev->where('favorite', 1); $final['context']['type'] = 'favorite'; $final['context']['title'] = $url_data['favorite']['plural']; $final['context']['__koken_url'] = $urls['favorites']; if ($final['context']['__koken_url']) { $final['context']['url'] = $prev->get_base() . $final['context']['__koken_url'] . (defined('DRAFT_CONTEXT') && !is_numeric(DRAFT_CONTEXT) ? '&preview=' . DRAFT_CONTEXT : ''); } } else { if ($original_context === 'features') { $url_data = $prev->get_data(); $urls = $prev->form_urls(); $next->where('featured', 1); $prev->where('featured', 1); $final['context']['type'] = 'feature'; $final['context']['title'] = $url_data['feature']['plural']; $final['context']['__koken_url'] = isset($urls['features']) ? $urls['features'] : false; if ($final['context']['__koken_url']) { $final['context']['url'] = $prev->get_base() . $final['context']['__koken_url'] . (defined('DRAFT_CONTEXT') && !is_numeric(DRAFT_CONTEXT) ? '&preview=' . DRAFT_CONTEXT : ''); } } } } } if (!$this->auth) { $next->where('visibility', 0); $prev->where('visibility', 0); } $in_album = false; } $max = $next->get_clone()->count(); $min = $prev->get_clone()->count(); $final['context']['total'] = $max + $min + 1; $final['context']['position'] = $min + 1; $pre_limit = $next_limit = $options['neighbors']; if ($min < $pre_limit) { $next_limit += $pre_limit - $min; $pre_limit = $min; } if ($max < $next_limit) { $pre_limit = min($min, $pre_limit + ($next_limit - $max)); $next_limit = $max; } $final['context']['previous'] = array(); $final['context']['next'] = array(); if ($next_limit > 0) { if ($options['context_order'] !== 'manual') { $next->order_by($options['context_order'] . ' ' . $options['context_order_direction'] . ', id ' . $options['context_order_direction']); } $next->limit($next_limit)->get_iterated(); foreach ($next as $c) { $final['context']['next'][] = $c->to_array(array('auth' => $this->auth, 'in_album' => $in_album, 'context' => $original_context)); } } if ($pre_limit > 0) { if ($options['context_order'] !== 'manual') { $dir = strtolower($options['context_order_direction']) === 'desc' ? 'asc' : 'desc'; $prev->order_by($options['context_order'] . ' ' . $dir . ', id ' . $dir); } $prev->limit($pre_limit)->get_iterated(); foreach ($prev as $c) { $final['context']['previous'][] = $c->to_array(array('auth' => $this->auth, 'in_album' => $in_album, 'context' => $original_context)); } $final['context']['previous'] = array_reverse($final['context']['previous']); } } } else { $this->error('404', "Content with ID: {$id} not found."); return; } } else { if (isset($params['custom'])) { $final = $c->to_array_custom($params['custom']); } else { $c->where('deleted', 0); $params['auth'] = $this->auth; $final = $c->listing($params, $id); } } $this->set_response_data($final); }
function make_child_dir($path) { // No need to continue if the directory already exists if (is_dir($path)) { return true; } // Make sure parent exists $parent = dirname($path); if (!is_dir($parent)) { make_child_dir($parent); } $created = false; $old = umask(0); // Try to create new directory with parent directory's permissions $permissions = substr(sprintf('%o', fileperms($parent)), -4); if (is_dir($path) || mkdir($path, octdec($permissions), true)) { $created = true; } else { if ($permissions == '0755' && chmod($parent, 0777) && mkdir($path, 0777, true)) { $created = true; } } umask($old); return $created; }
function index() { if (!$this->auth) { $this->error('403', 'Forbidden'); return; } $image_processing = new Setting(); $image_processing->where('name', 'image_processing_library')->get(); include FCPATH . 'app' . DIRECTORY_SEPARATOR . 'koken' . DIRECTORY_SEPARATOR . 'DarkroomUtils.php'; $libs = DarkroomUtils::libraries(); if ($image_processing->exists()) { if (!isset($libs[$image_processing->value])) { $top = array_shift(array_keys($libs)); $lib = $libs[$top]; $image_processing->value = $lib['key']; $image_processing->save(); } } else { if (!defined('MAGICK_PATH_FINAL') || (MAGICK_PATH_FINAL === 'convert' || !isset($libs[MAGICK_PATH_FINAL]))) { $top = array_shift(array_keys($libs)); $lib = $libs[$top]; } else { $lib = $libs[MAGICK_PATH_FINAL]; } $image_processing->name = 'image_processing_library'; $image_processing->value = $lib['key']; $image_processing->save(); } $last_check = new Setting(); $last_check->where('name', 'last_migration'); $last_check_count = $last_check->count(); if ($last_check_count > 1) { $last_check->where('name', 'last_migration')->order_by('value ASC')->limit($last_check_count - 1)->get(); $last_check->delete_all(); } $s = new Setting(); $settings = $s->get_iterated(); $data = array('image_processing_libraries' => array_values($libs)); $bools = array('has_toured', 'site_hidpi', 'retain_image_metadata', 'image_use_defaults', 'use_default_labels_links', 'uploading_publish_on_captured_date'); foreach ($settings as $setting) { // Don't allow dupes to screw things up if (isset($data[$setting->name])) { continue; } $value = $setting->value; if (in_array($setting->name, $bools)) { $value = $value == 'true'; } if ($setting->name === 'last_upload') { $value = $value === 'false' ? false : (int) $value; } $data[$setting->name] = $value; } if (!isset($data['uploading_publish_on_captured_date'])) { $data['uploading_publish_on_captured_date'] = false; } if (!isset($data['uploading_default_album_visibility'])) { $data['uploading_default_album_visibility'] = 'public'; } if (!isset($data['email_handler'])) { $data['email_handler'] = 'DDI_Email'; } $data['email_handlers'] = Shutter::get_email_handlers(); $disable_cache_file = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'cache' . DIRECTORY_SEPARATOR . 'no-site-cache'; $data['enable_site_cache'] = !file_exists($disable_cache_file); if ($this->method != 'get') { if ($this->auth_role !== 'god') { $this->error('403', 'Forbidden'); return; } if (isset($_POST['signin_bg'])) { $c = new Content(); $c->get_by_id($_POST['signin_bg']); if ($c->exists()) { $_c = $c->to_array(); $large = array_pop($_c['presets']); // TODO: Error checking for permissions reject $f = $large['url']; $to = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'wallpaper' . DIRECTORY_SEPARATOR . 'signin.jpg'; if (extension_loaded('curl')) { $cp = curl_init($f); $fp = fopen($to, "w+"); if (!$fp) { curl_close($cp); } else { curl_setopt($cp, CURLOPT_FILE, $fp); curl_exec($cp); curl_close($cp); fclose($fp); } } elseif (ini_get('allow_url_fopen')) { copy($f, $to); } } } else { if (isset($_POST['enable_site_cache'])) { if ($_POST['enable_site_cache'] === 'true') { @unlink($disable_cache_file); } else { touch($disable_cache_file); delete_files(dirname($disable_cache_file) . DIRECTORY_SEPARATOR . 'site', true, 1); } unset($_POST['enable_site_cache']); } // TODO: Make sure new path is not inside real_base // TODO: Ensure that real_base is not deleted under any circumstances if (isset($_POST['site_url']) && $_POST['site_url'] !== $data['site_url']) { $_POST['site_url'] = strtolower(rtrim($_POST['site_url'], '/')); if (empty($_POST['site_url'])) { $_POST['site_url'] = '/'; } if (isset($_SERVER['PHP_SELF']) && isset($_SERVER['SCRIPT_FILENAME'])) { $php_self = str_replace('/', DIRECTORY_SEPARATOR, $_SERVER['PHP_SELF']); $doc_root = preg_replace('~' . $php_self . '$~i', '', $_SERVER['SCRIPT_FILENAME']); } else { $doc_root = $_SERVER['DOCUMENT_ROOT']; } $doc_root = realpath($doc_root); $target = $doc_root . str_replace('/', DIRECTORY_SEPARATOR, $_POST['site_url']); $php_include_base = rtrim(preg_replace('~^' . $doc_root . '~', '', FCPATH), DIRECTORY_SEPARATOR); $real_base = $doc_root; if (empty($php_include_base)) { $real_base .= DIRECTORY_SEPARATOR; } else { $real_base .= $php_include_base; } @($target_dir = dir($target)); $real_base_dir = dir($real_base); function compare_paths($one, $two) { return rtrim($one, DIRECTORY_SEPARATOR) === rtrim($two, DIRECTORY_SEPARATOR); } if ($target_dir && compare_paths($target_dir->path, $real_base_dir->path)) { $_POST['site_url'] = 'default'; $htaccess = create_htaccess(); $root_htaccess = FCPATH . '.htaccess'; $current = file_get_contents($root_htaccess); preg_match('/#MARK#.*/s', $htaccess, $match); $htaccess = preg_replace('/#MARK#.*/s', str_replace('$', '\\$', $match[0]), $current); file_put_contents($root_htaccess, $htaccess); } else { if ($target_dir) { $reserved = array('admin', 'app', 'storage'); foreach ($reserved as $dir) { $_dir = dir(rtrim($real_base_dir->path, '/') . "/{$dir}"); if (compare_paths($target_dir->path, $_dir->path)) { $this->error('400', "This directory is reserved for Koken core files. Please choose another location."); return; } } } if (!make_child_dir($target)) { $this->error('500', "Koken was not able to create the Site URL directory. Make sure the path provided is writable by the web server and try again."); return; } $php_include_rel = str_replace(DIRECTORY_SEPARATOR, '/', $php_include_base); $php_include_base = str_replace('\\', '\\\\', $php_include_base); $doc_root_php = str_replace('\\', '\\\\', $doc_root); $php = <<<OUT <?php \t\$rewrite = false; \t\$real_base_folder = '{$php_include_rel}'; \trequire '{$doc_root_php}{$php_include_base}' . DIRECTORY_SEPARATOR . 'app' . DIRECTORY_SEPARATOR . 'site' . DIRECTORY_SEPARATOR . 'site.php'; OUT; $htaccess = create_htaccess($_POST['site_url']); if ($this->check_for_rewrite()) { $file = $target . DIRECTORY_SEPARATOR . '.htaccess'; $file_data = $htaccess; $put_mode = FILE_APPEND; if ($_POST['site_url'] !== 'default' && "{$doc_root}" . DIRECTORY_SEPARATOR !== FCPATH) { $root_htaccess = FCPATH . '.htaccess'; if (file_exists($root_htaccess)) { $current = file_get_contents($root_htaccess); $redirect = create_htaccess($_POST['site_url'], true); preg_match('/#MARK#.*/s', $redirect, $match); $redirect = preg_replace('/#MARK#.*/s', str_replace('$', '\\$', $match[0]), $current); file_put_contents($root_htaccess, $redirect); } } } else { $file = $target . DIRECTORY_SEPARATOR . 'index.php'; $file_data = $php; $put_mode = 0; } if (file_exists($file)) { rename($file, "{$file}.bkup"); } if (!file_put_contents($file, $file_data, $put_mode)) { $this->error('500', "Koken was not able to create the necessary files in the Site URL directory. Make sure that path has sufficient permissions so that Koken may write the files."); return; } } if ($data['site_url'] !== 'default') { $old = $doc_root . str_replace('/', DIRECTORY_SEPARATOR, $data['site_url']); $old_dir = dir($old); if (!compare_paths($old_dir->path, $real_base_dir->path)) { if ($this->check_for_rewrite()) { $old_file = $old . DIRECTORY_SEPARATOR . '.htaccess'; } else { $old_file = $old . DIRECTORY_SEPARATOR . 'index.php'; } unlink($old_file); $backup = $old_file . '.bkup'; if (file_exists($backup)) { rename($backup, $old_file); } // This will only remove the dir if it is empty @rmdir($old); } } } global $raw_input_data; if (isset($raw_input_data['url_data'])) { $url_data = json_decode($raw_input_data['url_data'], true); $u = new Url(); $u->order_by('id DESC')->get(); $existing_data = unserialize($u->data); $transformed = array(); foreach ($url_data as $key => $udata) { $transformed[] = array('type' => $key, 'data' => $udata); } if ($existing_data !== $transformed) { $n = new Url(); $n->data = serialize($transformed); $n->save(); } unset($_POST['url_data']); } $save = array(); foreach ($_POST as $key => $val) { if (isset($data[$key]) && $data[$key] !== $val) { if ($key === 'retain_image_metadata' || $key !== 'image_processing_library' && strpos($key, 'image_') === 0) { delete_files(FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'cache' . DIRECTORY_SEPARATOR . 'images', true, 1); } $save[$key] = $val; } } foreach ($save as $k => $v) { $s = new Setting(); $s->where('name', $k)->get(); if ($s->exists()) { $s->value = $v; $s->save(); } else { if (in_array($k, array('uploading_default_album_visibility', 'uploading_publish_on_captured_date', 'email_handler'))) { $n = new Setting(); $n->name = $k; $n->value = $v; $n->save(); } } } if (isset($save['email_handler']) || isset($save['email_delivery_address'])) { $this->_compile_plugins(); } } $this->redirect('/settings'); } if (!isset($data['site_timezone']) || empty($data['site_timezone']) || $data['site_timezone'] === 'Etc/UTC') { $data['site_timezone'] = 'UTC'; } else { if ($data['site_timezone'] === 'Etc/GMT+12') { $data['site_timezone'] = 'Pacific/Auckland'; } } $data['image_processing_library_label'] = $libs[$data['image_processing_library']]['label']; $migrate_path = FCPATH . 'app' . DIRECTORY_SEPARATOR . 'application' . DIRECTORY_SEPARATOR . 'models' . DIRECTORY_SEPARATOR . 'migrations' . DIRECTORY_SEPARATOR; $migrations = scandir($migrate_path); $data['migrations'] = array(); if (!isset($data['last_migration'])) { $migration_setting = new Setting(); $migration_setting->name = 'last_migration'; $migration_setting->value = '26'; $migration_setting->save(); $data['last_migration'] = '26'; } if (!isset($data['has_toured']) || ENVIRONMENT === 'development') { $data['has_toured'] = true; } foreach ($migrations as $migration) { $migration = str_replace('.php', '', $migration); $migration_int = (int) $migration; if ($migration_int > $data['last_migration']) { $data['migrations'][] = $migration; } } unset($data['last_migration']); $data = Shutter::filter('api.settings', array($data)); $this->set_response_data($data); }
function index() { if ($this->method !== 'post') { $this->error('403', 'Forbidden'); return; } copy(FCPATH . 'app/koken/recover.php', FCPATH . 'recover.php'); function rollback($back) { foreach ($back as $b) { $f = FCPATH . $b; $dest = str_replace('.off', '', $f); if (is_dir($dest)) { delete_files($dest, true, 1); } else { if (file_exists($dest)) { unlink($dest); } } @rename($f, $dest); } } function fail($msg = 'Koken does not have the necessary permissions to perform the update automatically. Try setting the permissions on the entire Koken folder to 777, then try again.') { @unlink(FCPATH . 'recover.php'); delete_files(FCPATH . 'storage/tmp', true); die(json_encode(array('error' => $msg))); } $get_core = $this->input->post('url'); if ($get_core) { if (ENVIRONMENT === 'development') { $manifest = FCPATH . 'manifest.php'; require $manifest; if (count($compatCheckFailures)) { die(json_encode(array('requirements' => $compatCheckFailures))); } //hack sleep(2); // fail(); unlink(FCPATH . 'recover.php'); die(json_encode(array('migrations' => array('0001.php', '0001.php', '0001.php')))); } $old_mask = umask(0); $core = FCPATH . 'storage/tmp/core.zip'; make_child_dir(dirname($core)); if ($this->_download($get_core, $core)) { $this->load->library('unzip'); $this->unzip->extract($core); @unlink($core); $manifest = FCPATH . 'storage/tmp/manifest.php'; require $manifest; if (count($compatCheckFailures)) { delete_files(FCPATH . 'storage/tmp', true); unlink(FCPATH . 'recover.php'); die(json_encode(array('requirements' => $compatCheckFailures))); } $migrations_before = scandir($this->migrate_path); $moved = array(); // updateFileList comes from manifest.php foreach ($updateFileList as $path) { $fullPath = FCPATH . 'storage/tmp/' . $path; $dest = FCPATH . $path; $off = $dest . '.off'; if (!file_exists($fullPath)) { rollback($moved); umask($old_mask); fail(); } if (file_exists($dest)) { if (file_exists($off)) { delete_files($off, true, 1); } if (rename($dest, $off)) { $moved[] = $path; } else { rollback($moved); umask($old_mask); fail(); } } if (!rename($fullPath, $dest)) { rollback($moved); umask($old_mask); fail(); } } foreach ($moved as $m) { $path = FCPATH . $m . '.off'; if (is_dir($path)) { delete_files($path, true, 1); } else { if (file_exists($path)) { unlink($path); } } } unlink(FCPATH . 'recover.php'); @unlink(FCPATH . 'manifest.php'); // Remove temporary update files delete_files(FCPATH . 'storage/tmp', true); if (is_really_callable('opcache_reset')) { opcache_reset(); } die(json_encode(array('migrations' => array_values(array_diff(scandir($this->migrate_path), $migrations_before))))); } else { umask($old_mask); @unlink($core); fail(); } } }
function generate_internal_id($reset = false) { $base = FCPATH . DIRECTORY_SEPARATOR . 'storage' . DIRECTORY_SEPARATOR . 'originals' . DIRECTORY_SEPARATOR; if ($this->exists()) { if ($reset) { $internal_id = substr($this->internal_id, 0, 4) . substr(koken_rand(), 4); } else { $internal_id = $this->internal_id; } $path = $base . $this->path; } else { $internal_id = koken_rand(); $hash = substr($internal_id, 0, 2) . DIRECTORY_SEPARATOR . substr($internal_id, 2, 2); $path = $base . $hash; if (!make_child_dir($path)) { $path = false; } } return array($internal_id, $path . DIRECTORY_SEPARATOR); }