$status = array(); $ret = null; /* The permission bit sets that we accept / handle. */ $permissionBitSets = getPermissionSets(); /* Gather a complete list of plugins in this installation. */ $plugins = getPluginList(); /* Process inputs and set some variables to default values */ $path = getRequestVariable('path'); if (empty($path)) { $path = getGalleryStoragePath(); } else { /* * $path is used in a chmod() call and we output the path in the HTML. * Just do some very basic sanitation. */ GalleryUtilities::sanitizeInputValues($path); } /* Some basic sanitation */ $path = str_replace('..', '', $path); if (!file_exists($path)) { /* TODO: add open_basedir check */ $status['error'][] = "Folder or file '{$path}' does not exist!"; } /* Permissions (format e.g. 755644, split after 3 characters to get 755 and 644)*/ $permissions = (string) getRequestVariable('permissions'); if (empty($permissions)) { $permissions = $DEFAULT_FOLDER_PERMISSIONS->getAsString() . $DEFAULT_FILE_PERMISSIONS->getAsString(); } if (strlen($permissions) != 6) { $status['error'][] = "Unknown permissions '{$permissions}'! Aborting action and resetting permissions."; }
if ($ret) { $templateData['errors'][] = $ret->getAsHtml(); } else { $platform =& $gallery->getPlatform(); $storage =& $gallery->getStorage(); $templateData['warnings'] = array(); if (isset($_REQUEST['importDatabase'])) { $importFile = $_REQUEST['importFile']; /* Sanitize the input */ GalleryUtilities::sanitizeInputValues($importFile); if (!$platform->file_exists($importFile)) { return GalleryCoreApi::error(ERROR_BAD_PARAMETER, null, null, 'The file "' . $importFile . '" does not exist.'); } $verifiedFile = $_REQUEST['verifiedFile']; /* Sanitize the input */ GalleryUtilities::sanitizeInputValues($verifiedFile); $doImportFlag = true; if ($verifiedFile != $importFile) { $templateData['verifiedFile'] = $importFile; $verifiedFile = $importFile; $doImportFlag = verifyVersions($templateData, $importFile); } if ($doImportFlag) { $template->renderHeader(true); $template->renderStatusMessage('Restoring Gallery Database', '', 0); /* Do the database import */ $importer = $storage->getDatabaseImporter(); list($ret, $errors) = $importer->importToDb($verifiedFile, 'importProgressCallback'); if ($ret) { $templateData['errors'][] = $ret->getAsHtml(); } else {