function _write($path, $name, $contents) { if ($path == '.') { $path = ''; } elseif (!empty($path) && strpos($path, '/') !== 0) { $path = '/' . $path; } if (!@is_dir($this->path . $path)) { loader_import('saf.File.Directory'); $res = Dir::build($this->path . $path, 0774); if (!$res) { $this->error = 'Cannot create directory: ' . $this->path . $path; return false; } } if (is_object($contents)) { // UploadedFile object $res = $contents->move($this->path . $path, $name); if (!$res) { $this->error = 'Cannot move file: ' . $this->path . $path . '/' . $name; return false; } @chmod($this->path . $path . '/' . $name, 0774); return true; } else { $file = @fopen($this->path . $path . '/' . $name, 'wb'); if ($file) { @flock($file, LOCK_EX); @fwrite($file, $contents); @flock($file, LOCK_UN); @fclose($file); @chmod($this->path . $path . '/' . $name, 0774); return true; } else { $this->error = 'Cannot open file: ' . $this->path . $path . '/' . $name; return false; } } }
<?php global $cgi; loader_import('saf.Misc.RPC'); if (!$cgi->items || !$cgi->path) { echo rpc_response(false); exit; } $items = preg_split('/, ?/', $cgi->items); loader_import('saf.File.Directory'); foreach ($items as $item) { if (!Dir::build($cgi->path . '/' . $item, 0774)) { echo rpc_response(false); exit; } } echo rpc_response(true); exit;
/** * Updates the specified module from the specified distribution. * The order of operations is as follows: 1) Downloads _files list, * _files.md5 checksum, _update script, and _update.md5 checksum, * and compares them for validity. 2) Backs up the existing module * to _backup/MODULENAME/VERSION/MODULENAME. 3) Parses _files list and * creates any new directories, then downloads each file from the _files * list and verifies it before saving it to disk. Files that have a * special <skipIfUpdate>Yes</skipIfUpdate> tag are skipped. * 4) Runs the _update script by eval()ing it. If at any time the * installation fails, it sets an error message, calls restoreBackup(), * and returns false immediately. * * @access private * @param string $name * @param string $distro * @return boolean * */ function _update($name, $distro) { $_files = $this->getFile($this->distros[$distro]->downloadSite . '/source/' . $name . '/_files'); if (!$_files) { $this->error = 'File list not found!'; return false; } $checksum = $this->getChecksum($this->distros[$distro]->checksumSite . '/checksums/' . $name . '/_files.md5'); if (!$checksum) { $this->error = 'Checksum file not found!'; return false; } if ($checksum != md5($_files)) { $this->error = 'List file and checksum do not match!'; return false; } /* $_update = $this->getFile ($this->distros[$distro]->downloadSite . '/source/' . $name . '/_update'); if (! $_update) { $this->error = 'Install script not found!'; return false; } $checksum = $this->getChecksum ($this->distros[$distro]->checksumSite . '/checksums/' . $name . '/_update.md5'); if (! $checksum) { $this->error = 'Checksum file not found!'; return false; } if ($checksum != md5 ($_update)) { $this->error = 'Update script and checksum do not match!'; return false; } */ // backup the existing module to _backup/modulename/version global $loader; $loader->inc('saf.App.Module'); $loader->inc('saf.XML.Sloppy'); $loader->inc('saf.File.Directory'); $module = new Module($name); if (!is_dir('mod/_backup/' . $name)) { // up to /mod/_backup/MODULENAME chdir('mod/_backup'); mkdir($name, 0775); chdir($name); } else { // up to /mod/_backup/MODULENAME chdir('mod/_backup/' . $name); } if (!is_dir($module->version)) { mkdir($module->version, 0775); } chdir('../..'); // down to /mod if (eregi('^Win', PHP_OS)) { $msg = @exec('xcopy/S/E ' . $name . ' ' . preg_replace('/\\//', '\\', '_backup/' . $name . '/' . $module->version), $arr, $res); if (!$res) { $this->error = 'Backup failed! ' . join(', ', $arr); return false; } } else { $msg = @system('cp -R ' . $name . ' _backup/' . $name . '/' . $module->version, $res); if ($res === false) { $this->error = 'Backup failed! ' . $res; return false; } } // parse _files and create any missing directories $sloppy = new SloppyDOM(); $doc = $sloppy->parse($_files); if (!$doc) { $this->error = $sloppy->error; $this->restoreBackup($name, $module->version); return false; } foreach ($doc->query('/filelist/directories/name') as $dir) { Dir::build($dir->content, 0775); } chdir('..'); // down to / // download and check each file for validity foreach ($doc->query('/filelist/files/file') as $file) { $file = $file->makeObj(); // skip any file that contains a <skipIfUpdate>Yes</skipIfUpdate> tag if ($file->skipIfUpdate) { continue; } if ($file->type == 'binary') { $contents = $this->getFile($file->link, true); } else { $contents = $this->getFile($file->link); } if ($file->md5sum != md5($contents)) { $this->error = 'File ' . $file->name . ' and checksum did not match!'; $this->restoreBackup($name, $module->version); return false; } $fp = fopen('mod/' . $file->directory . '/' . $file->name, 'w'); if (!$fp) { $this->error = 'Could not create file ' . $file->name . '!'; $this->restoreBackup($name, $module->version); return false; } fwrite($fp, $contents); fclose($fp); } // run the _update script //eval ('?//>' . $_update); return true; }
function addFolder($items, $path) { if (!$items) { return false; } $items = preg_split('/, ?/', trim($items)); if (!empty($path)) { $p = 'inc/data/' . $path . '/'; } else { $p = 'inc/data/'; } loader_import('saf.File.Directory'); foreach ($items as $item) { $item = strtolower($item); $item = preg_replace('/[^a-z0-9\\._-]+/', '_', $item); if (!Dir::build($p . $item, 0774)) { return false; } } return $this->setCurrent($path, false); }
<?php global $cgi; $cgi->appname = 'GLOBAL'; $info = array('app_name' => 'Global'); $lang_path = 'inc/lang'; page_title(intl_get('Translations') . ' - ' . intl_get('Languages')); if (!@is_dir($lang_path)) { loader_import('saf.File.Directory'); $res = Dir::build($lang_path, 0777); if (!$res) { echo '<p>' . intl_get('Failed to create directory') . ': lang</p>'; echo '<p><a href="javascript: history.go (-1)">' . intl_get('Back') . '</a></p>'; return; } } global $intl; $data = array('appname' => $cgi->appname, 'langs' => $intl->getLanguages($lang_path . '/languages.php')); if (!is_array($data['langs'])) { $data['langs'] = array(); } function filter_translation_default($v) { if ($v) { return intl_get('Yes'); } return intl_get('No'); } echo template_simple('languages.spt', $data);
/** * COPY method handler * * @param array general parameter passing array * @return bool true on success */ function COPY($options, $del = false) { // TODO Property updates still broken (Litmus should detect this?) $options['path'] = rtrim($this->_path(), '/'); $options['dest'] = rtrim($this->_fix_name($options['dest']), '/'); // $options['path'] is '/path/file1.ext' // $options['dest'] is '/path/file2.ext' // these do not include /webfiles-app nor /inc/data // strip dot-files if (strpos($options['dest'], '/.') !== false) { $this->_debug(__LINE__, 403, 'Can\'t upload dot-files: ' . $options['dest']); return '403 Forbidden'; } if ($del && $this->checkLock($options['path'], true)) { $this->_debug(__LINE__, 423, 'Locked: ' . $options['path']); return '423 Locked'; } if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet $this->_debug(__LINE__, 415, 'Unsupported media type?'); return "415 Unsupported media type"; } // no copying to different WebDAV Servers yet // dest_url is set if the url is not within the same webdav repository if (isset($options["dest_url"])) { $this->_debug(__LINE__, 502, 'Can\'t copy from one repos to another: ' . $options['dest_url']); return "502 bad gateway"; } // $source is inc/data/path/file1.ext $source = strtolower($this->base . $options["path"]); if (!file_exists($source)) { $this->_debug(__LINE__, 404, 'Not found: ' . $source); return "404 Not found"; } // $dest is inc/data/path/file2.ext $dest = strtolower($this->base . $options["dest"]); $new = !file_exists($dest); $existing_col = false; // this part is still fuzzy... if (!$new) { if ($del && is_dir($dest)) { if (!$options["overwrite"]) { $this->_debug(__LINE__, 412, 'Conditions failed since dir already exists: ' . $dest . ' (new=false, del=true, is_dir=true, overwrite=false)'); return "412 precondition failed"; } //$dest .= basename ($source); //if (file_exists ($dest)) { // $options["dest"] .= basename ($source); //} else { // $new = true; // $existing_col = true; //} } } // delete destination first if we're overwriting if (!$new) { if ($options["overwrite"]) { if (@file_exists($dest)) { $stat = $this->DELETE(array("dest" => $options["dest"])); if ($stat[0] != "2" && substr($stat, 0, 3) != "404") { $this->_debug(__LINE__, substr($stat, 0, 3), 'Failed on delete: ' . $options['dest']); return $stat; } } } elseif (@file_exists($dest) && !$options['overwrite']) { $this->_debug(__LINE__, 412, 'Conditions failed since file already exists: ' . $dest . ' (new=false, file_exists=true, overwrite=false)'); return "412 precondition failed"; } } //if (is_dir ($source) && ($options["depth"] != "infinity")) { // RFC 2518 Section 9.2, last paragraph //return "400 Bad request"; //} if ($del) { loader_import('saf.File.Directory'); if (is_dir($source)) { $files = array_merge(array($source), Dir::find('*', $source, 1)); //$files = array_reverse ($files); if (!is_array($files) || count($files) == 0) { $this->_debug(__LINE__, 500, 'No files from source: ' . $source); return '500 Internal server error'; } // todo: handle recursive moves!!! foreach ($files as $file) { if ($file == $source) { if (!mkdir($dest, 0777)) { $this->_debug(__LINE__, 409, 'Mkdir failed: ' . $dest); return '409 Conflict'; } } elseif (is_dir($file)) { $destfile = str_replace($source, $dest, $file); $res = Dir::build($destfile, 0777); if (!$res) { $this->_debug(__LINE__, 409, 'Mkdir recursive failed: ' . $destfile); return '409 Conflict'; } } elseif (!@is_dir($file)) { $info = $this->rex->getCurrent(preg_replace('|^inc/data/|', '', $file)); if (!session_allowed($info, 'rw')) { $this->_debug(__LINE__, 403, 'Permissions failed: ' . $this->rex->error . ' (' . $info->name . ')'); return '403 Forbidden'; } $destfile = str_replace($source, $dest, $file); $method = $this->rex->determineAction(preg_replace('|^inc/data/|', '', $file)); $res = $this->rex->{$method}(preg_replace('|^inc/data/|', '', $file), array('name' => preg_replace('|^inc/data/|', '', $destfile))); if (!$res) { $this->_debug(__LINE__, 500, 'Unknown rex error: ' . $this->rex->error . ' (' . $destfile . ')'); return '500 Internal server error'; } } } // erase the source once everything's been moved over successfully if (@file_exists($source)) { $this->DELETE(array('dest' => $options['path'])); } } else { $info = $this->rex->getCurrent(trim($options['path'], '/')); if (!session_allowed($info, 'rw')) { $this->_debug(__LINE__, 403, 'Permissions failed: ' . $info->name); return '403 Forbidden'; } $method = $this->rex->determineAction(trim($options['path'], '/')); $res = $this->rex->{$method}(trim($options['path'], '/'), array('name' => trim($options['dest'], '/'))); if (!$res) { $this->_debug(__LINE__, 500, 'Unknown rex error: ' . $this->rex->error . ' (' . $options['dest'] . ')'); return '500 Internal server error'; } } } else { loader_import('saf.File.Directory'); if (is_dir($source)) { //$files = System::find ($source); $files = array_merge(array($source), Dir::find('*', $source, 1)); $files = array_reverse($files); } else { $files = array($source); } $single = count($files) == 1 ? true : false; if (!is_array($files) || count($files) == 0) { $this->_debug(__LINE__, 500, 'No files from source: ' . $source); return "500 Internal server error"; } foreach ($files as $file) { if (is_dir($file)) { $file = $this->_slashify($file); } $destfile = str_replace($source, $dest, $file); if (is_dir($file)) { if (!is_dir($destfile)) { $res = Dir::build($destfile, 0777); if (!$res) { $this->_debug(__LINE__, 409, 'Mkdir recursive failed: ' . $destfile); return '409 Conflict'; } } } else { if ($single && !@is_dir(dirname($destfile))) { $this->_debug(__LINE__, 409, 'Not a directory: ' . $destfile); return '409 Conflict'; } if (!$options['overwrite'] && @file_exists($destfile)) { $this->_debug(__LINE__, 409, 'File exists, overwrite not set: ' . $destfile); return '409 Conflict'; } $info = (array) $this->rex->getCurrent(preg_replace('|^inc/data/|', '', $file)); if (!session_allowed($info, 'r')) { $this->_debug(__LINE__, 403, 'Permissions failed: ' . $info['name']); return '403 Forbidden'; } $info['name'] = preg_replace('|^inc/data/|', '', $destfile); unset($info['filesize']); unset($info['last_modified']); unset($info['date_created']); $info['sitellite_status'] = 'draft'; $info['sitellite_access'] = 'private'; $res = $this->rex->create($info, 'Copied via WebDAV.'); if (!$res) { $this->_debug(__LINE__, 409, 'Unknown rex error: ' . $this->rex->error . ' (' . $infp['name'] . ')'); return "409 Conflict"; } } } } return $new && !$existing_col ? "201 Created" : "204 No Content"; }
<?php global $cgi; if (empty($cgi->appname) || strstr($cgi->appname, '..') || !@is_dir('inc/app/' . $cgi->appname)) { header('Location: ' . site_prefix() . '/index/appdoc-app'); exit; } if (empty($cgi->lang)) { $cgi->lang = 'en'; } $info = ini_parse(getcwd() . '/inc/app/' . $cgi->appname . '/conf/config.ini.php', false); page_title(intl_get('Help Files') . ': ' . $info['app_name']); if (!@is_dir('inc/app/' . $cgi->appname . '/docs/' . $cgi->lang)) { loader_import('saf.File.Directory'); $res = Dir::build('inc/app/' . $cgi->appname . '/docs/' . $cgi->lang, 0777); if (!$res) { echo '<p>' . intl_get('Failed to create directory') . ': docs/' . $cgi->lang . '</p>'; echo '<p><a href="javascript: history.go (-1)">' . intl_get('Back') . '</a></p>'; return; } } loader_import('help.Help'); $data = array('appname' => $cgi->appname, 'lang' => $cgi->lang, 'files' => array(), 'langs' => help_get_langs($cgi->appname)); $files = help_get_pages($cgi->appname, $cgi->lang); if (!is_array($files)) { $files = array(); } foreach ($files as $file) { $id = help_get_id($file); $body = @join('', @file($file)); $word_count = count(preg_split('/\\W+/s', strip_tags($body), -1, PREG_SPLIT_NO_EMPTY));
} else { $info = $rex->getCurrent(ltrim($path . '/' . $file, '/')); unset($info->name); unset($info->body); if (!session_allowed($info, 'rw')) { continue; } $file_list[] = (object) array('type' => mime($file), 'name' => $path . '/' . $file, 'size' => $info->filesize, 'created' => $info->date_created, 'modified' => $info->last_modified, 'keywords' => $info->keywords, 'description' => $info->description, 'access' => $info->sitellite_access, 'status' => $info->sitellite_status, 'team' => $info->sitellite_team, 'owner' => $info->sitellite_owner, 'lock' => webfiles_lock($path . '/' . $file)); } } $obj->files = array_merge($folder_list, $file_list); webfiles_response($obj); break; case 'mkdir': $path = webfiles_request(); $res = Dir::build($prefix . $path, 0777); if (!$res) { webfiles_error(500, 'Internal server error'); } webfiles_response((object) array('type' => 'httpd/unix-directory', 'name' => $path, 'created' => date('Y-m-d H:i:s'), 'modified' => date('Y-m-d H:i:s'))); break; case 'move': list($path, $move_to) = webfiles_request(); $path = trim(str_replace('//', '/', $path), '/'); $move_to = trim(str_replace('//', '/', $move_to), '/'); if (!file_exists($prefix . '/' . $path)) { webfiles_error(404, 'Not found'); } $lock = webfiles_lock($path); if ($lock && $lock->owner != session_username()) { webfiles_error(409, 'Conflict');