/**
* Handle request and build XML
*/
protected function buildXml()
{
parent::buildXml();
$extractDir = !empty($_POST['extractDir']) ? ltrim($_POST['extractDir'], '/') : '';
$extractDir = CKFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($extractDir);
if (preg_match(CKFINDER_REGEX_INVALID_PATH, $extractDir)) {
$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$extractPath = CKFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $extractDir . '/');
$extractClientPath = CKFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getClientPath(), $extractDir);
// acl for upload dir
$_aclConfig = $this->_config->getAccessControlConfig();
$aclMask = $_aclConfig->getComputedMask($this->_currentFolder->getResourceTypeName(), $extractDir);
if (!(($aclMask & CKFINDER_CONNECTOR_ACL_FOLDER_CREATE) == CKFINDER_CONNECTOR_ACL_FOLDER_CREATE)) {
$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
if (empty($_POST['force']) && file_exists($extractPath) && is_dir($extractPath) && !CKFinder_Connector_Utils_FileSystem::isEmptyDir($extractPath)) {
$dirExists = new CKFinder_Connector_Utils_XmlNode("FolderExists");
$oErrorNode = new CKFinder_Connector_Utils_XmlNode("Folder");
$oErrorNode->addAttribute("name", $extractDir);
$dirExists->addChild($oErrorNode);
$this->_connectorNode->addChild($dirExists);
return;
} elseif (!empty($_POST['force']) && $_POST['force'] == 'overwrite') {
if (!(($aclMask & CKFINDER_CONNECTOR_ACL_FILE_UPLOAD | CKFINDER_CONNECTOR_ACL_FILE_DELETE) == CKFINDER_CONNECTOR_ACL_FILE_UPLOAD | CKFINDER_CONNECTOR_ACL_FILE_DELETE)) {
$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
if ($extractDir && file_exists($extractPath) && is_dir($extractPath)) {
if (!(($aclMask & CKFINDER_CONNECTOR_ACL_FOLDER_CREATE | CKFINDER_CONNECTOR_ACL_FOLDER_DELETE) == CKFINDER_CONNECTOR_ACL_FOLDER_CREATE | CKFINDER_CONNECTOR_ACL_FOLDER_DELETE)) {
$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
if (!CKFinder_Connector_Utils_FileSystem::unlink($extractPath)) {
$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
}
} else {
if (!empty($_POST['force']) && $_POST['force'] !== 'merge') {
$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
}
for ($i = 0; $i < $this->zip->numFiles; $i++) {
$fileName = $this->zip->getNameIndex($i);
$filePathInfo = pathinfo($fileName);
$sFileName = $this->checkOneFile($filePathInfo, $fileName);
// security test failed, add to skipped
if ($sFileName) {
$this->extractTo($extractPath, $extractClientPath, $filePathInfo, $sFileName, $fileName);
}
}
$this->zip->close();
$this->_connectorNode->addChild($this->unzippedNodes);
if ($this->errorCode != CKFINDER_CONNECTOR_ERROR_NONE) {
$this->_connectorNode->addChild($this->skippedFilesNode);
$this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_ZIP_FAILED);
}
}
