/** * List browse on the server, so we can insert them in the file input. * * @param $path * @param Silex\Application $app * @param Request $request * @return mixed */ public function browse($path, Silex\Application $app, Request $request) { $files = array(); $folders = array(); // $key is linked to the fieldname of the original field, so we can // Set the selected value in the proper field $key = $app['request']->get('key'); $basefolder = $app['resources']->getPath('files'); $path = stripTrailingSlash(str_replace("..", "", $path)); if ($path == 'files') { $path = ''; } $currentfolder = realpath($basefolder . $path); $ignored = array(".", "..", ".DS_Store", ".gitignore", ".htaccess"); // Get the pathsegments, so we can show the path.. $pathsegments = array(); $cumulative = ""; if (!empty($path)) { foreach (explode("/", $path) as $segment) { $cumulative .= $segment . "/"; $pathsegments[$cumulative] = $segment; } } if (file_exists($currentfolder)) { $d = dir($currentfolder); while (false !== ($entry = $d->read())) { if (in_array($entry, $ignored)) { continue; } $fullfilename = $currentfolder . "/" . $entry; if (is_file($fullfilename)) { $relativepath = str_replace("files/", "", $path . "/" . $entry); $files[$entry] = array('path' => $path, 'filename' => $entry, 'newpath' => $path . "/" . $entry, 'relativepath' => $relativepath, 'writable' => is_writable($fullfilename), 'readable' => is_readable($fullfilename), 'type' => strtolower(getExtension($entry)), 'filesize' => formatFilesize(filesize($fullfilename)), 'modified' => date("Y/m/d H:i:s", filemtime($fullfilename)), 'permissions' => \util::full_permissions($fullfilename)); if (in_array(strtolower(getExtension($entry)), array('gif', 'jpg', 'png', 'jpeg'))) { $size = getimagesize($fullfilename); $files[$entry]['imagesize'] = sprintf("%s × %s", $size[0], $size[1]); } } if (is_dir($fullfilename)) { $folders[$entry] = array('path' => $path, 'foldername' => $entry, 'newpath' => $path . "/" . $entry, 'writable' => is_writable($fullfilename), 'modified' => date("Y/m/d H:i:s", filemtime($fullfilename))); } } $d->close(); } else { $app['session']->getFlashBag()->set('error', __("Folder '%s' could not be found, or is not readable.", array('%s' => $path))); } $app['twig']->addGlobal('title', __("Files in %s", array('%s' => $path))); // Make sure the files and folders are sorted properly. ksort($files); ksort($folders); return $app['render']->render('files_async.twig', array('path' => $path, 'files' => $files, 'folders' => $folders, 'pathsegments' => $pathsegments, 'key' => $key)); }
public function files($path, Silex\Application $app, Request $request) { $files = array(); $folders = array(); $basefolder = BOLT_WEB_DIR . "/"; $path = stripTrailingSlash(str_replace("..", "", $path)); $currentfolder = realpath($basefolder . $path); if (!$app['filepermissions']->authorized($currentfolder)) { $error = __("Display the file or directory '%s' is forbidden.", array('%s' => $path)); $app->abort(403, $error); } if (is_writable($currentfolder)) { // Define the "Upload here" form. $form = $app['form.factory']->createBuilder('form')->add('FileUpload', 'file', array('label' => __("Upload a file to this folder:")))->getForm(); // Handle the upload. if ($request->isMethod('POST')) { $form->bind($request); if ($form->isValid()) { $files = $request->files->get($form->getName()); // Check if we even have an uploaded file. if (isset($files['FileUpload'])) { // clean up and validate filename $originalFilename = $files['FileUpload']->getClientOriginalName(); $filename = preg_replace('/[^a-zA-Z0-9_\\.]/', '_', basename($originalFilename)); if ($app['filepermissions']->allowedUpload($filename)) { $files['FileUpload']->move($currentfolder, $filename); $app['session']->getFlashBag()->set('info', __("File '%file%' was uploaded successfully.", array('%file%' => $filename))); // Add the file to our stack.. $app['stack']->add($path . "/" . $filename); } else { $extensionList = array(); foreach ($app['filepermissions']->getAllowedUploadExtensions() as $extension) { $extensionList[] = '<code>.' . htmlspecialchars($extension, ENT_QUOTES) . '</code>'; } $extensionList = implode(' ', $extensionList); $app['session']->getFlashBag()->set('error', __("File '%file%' could not be uploaded (wrong/disallowed file type). Make sure the file extension is one of the following: ", array('%file%' => $filename)) . $extensionList); } } } else { $app['session']->getFlashBag()->set('error', __("File '%file%' could not be uploaded.", array('%file%' => $filename))); } return redirect('files', array('path' => $path)); } $formview = $form->createView(); } else { // Folder not writable, don't show an upload. $formview = false; } $ignored = array(".", "..", ".DS_Store", ".gitignore", ".htaccess"); // Get the pathsegments, so we can show the path.. $pathsegments = array(); $cumulative = ""; if (!empty($path)) { foreach (explode("/", $path) as $segment) { $cumulative .= $segment . "/"; $pathsegments[$cumulative] = $segment; } } if (file_exists($currentfolder)) { $d = dir($currentfolder); while (false !== ($entry = $d->read())) { if (in_array($entry, $ignored)) { continue; } $fullfilename = $currentfolder . "/" . $entry; if (!$app['filepermissions']->authorized(realpath($fullfilename))) { continue; } if (is_file($fullfilename)) { $files[$entry] = array('path' => $path, 'filename' => $entry, 'newpath' => $path . "/" . $entry, 'writable' => is_writable($fullfilename), 'readable' => is_readable($fullfilename), 'type' => getExtension($entry), 'filesize' => formatFilesize(filesize($fullfilename)), 'modified' => date("Y/m/d H:i:s", filemtime($fullfilename)), 'permissions' => \util::full_permissions($fullfilename)); if (in_array(getExtension($entry), array('gif', 'jpg', 'png', 'jpeg'))) { $size = getimagesize($fullfilename); $files[$entry]['imagesize'] = sprintf("%s × %s", $size[0], $size[1]); } } if (is_dir($fullfilename)) { $folders[$entry] = array('path' => $path, 'foldername' => $entry, 'newpath' => $path . "/" . $entry, 'writable' => is_writable($fullfilename), 'modified' => date("Y/m/d H:i:s", filemtime($fullfilename))); } } $d->close(); } else { $app['session']->getFlashBag()->set('error', __("Folder '%s' could not be found, or is not readable.", array('%s' => $path))); } $app['twig']->addGlobal('title', __("Files in %s", array('%s' => $path))); // Make sure the files and folders are sorted properly. ksort($files); ksort($folders); // Select the correct template to render this. If we've got 'CKEditor' in the title, it's a dialog // from CKeditor to insert a file.. if (!$request->query->has('CKEditor')) { $twig = 'files.twig'; } else { $twig = 'files_ck.twig'; } return $app['render']->render($twig, array('path' => $path, 'files' => $files, 'folders' => $folders, 'pathsegments' => $pathsegments, 'form' => $formview)); }
public function files($path, Silex\Application $app, Request $request) { $files = array(); $folders = array(); $basefolder = __DIR__ . "/../../../../"; $path = stripTrailingSlash(str_replace("..", "", $path)); $currentfolder = realpath($basefolder . $path); if (is_writable($currentfolder)) { // Define the "Upload here" form. $form = $app['form.factory']->createBuilder('form')->add('FileUpload', 'file', array('label' => __("Upload a file to this folder:")))->getForm(); // Handle the upload. if ($request->isMethod('POST')) { $form->bind($request); if ($form->isValid()) { $files = $request->files->get($form->getName()); /* Make sure that Upload Directory is properly configured and writable */ $filename = $files['FileUpload']->getClientOriginalName(); $files['FileUpload']->move($currentfolder, $filename); echo "path: {$path}"; $app['session']->getFlashBag()->set('info', __("File '%file%' was uploaded successfully.", array('%file%' => $filename))); // Add the file to our stack.. $app['stack']->add($path . "/" . $filename); } else { $app['session']->getFlashBag()->set('error', __("File '%file%' could not be uploaded.", array('%file%' => $filename))); } return redirect('files', array('path' => $path)); } $formview = $form->createView(); } else { // Folder not writable, don't show an upload. $formview = false; } $ignored = array(".", "..", ".DS_Store", ".gitignore", ".htaccess"); // Get the pathsegments, so we can show the path.. $pathsegments = array(); $cumulative = ""; if (!empty($path)) { foreach (explode("/", $path) as $segment) { $cumulative .= $segment . "/"; $pathsegments[$cumulative] = $segment; } } if (file_exists($currentfolder)) { $d = dir($currentfolder); while (false !== ($entry = $d->read())) { if (in_array($entry, $ignored)) { continue; } $fullfilename = $currentfolder . "/" . $entry; if (is_file($fullfilename)) { $files[$entry] = array('path' => $path, 'filename' => $entry, 'newpath' => $path . "/" . $entry, 'writable' => is_writable($fullfilename), 'readable' => is_readable($fullfilename), 'type' => getExtension($entry), 'filesize' => formatFilesize(filesize($fullfilename)), 'modified' => date("Y/m/d H:i:s", filemtime($fullfilename)), 'permissions' => \util::full_permissions($fullfilename)); if (in_array(getExtension($entry), array('gif', 'jpg', 'png', 'jpeg'))) { $size = getimagesize($fullfilename); $files[$entry]['imagesize'] = sprintf("%s × %s", $size[0], $size[1]); } } if (is_dir($fullfilename)) { $folders[$entry] = array('path' => $path, 'foldername' => $entry, 'newpath' => $path . "/" . $entry, 'writable' => is_writable($fullfilename), 'modified' => date("Y/m/d H:i:s", filemtime($fullfilename))); } } $d->close(); } else { $app['session']->getFlashBag()->set('error', __("Folder '%s' could not be found, or is not readable.", array('%s' => $path))); } $app['twig']->addGlobal('title', __("Files in %s", array('%s' => $path))); // Make sure the files and folders are sorted properly. ksort($files); ksort($folders); // Select the correct template to render this. If we've got 'CKEditor' in the title, it's a dialog // from CKeditor to insert a file.. if (!$request->query->has('CKEditor')) { $twig = 'files.twig'; } else { $twig = 'files_ck.twig'; } return $app['render']->render($twig, array('path' => $path, 'files' => $files, 'folders' => $folders, 'pathsegments' => $pathsegments, 'form' => $formview)); }
function files($path, Silex\Application $app, Request $request) { $files = array(); $folders = array(); $basefolder = __DIR__ . "/../../../../"; $path = stripTrailingSlash(str_replace("..", "", $path)); $currentfolder = realpath($basefolder . $path); $ignored = array(".", "..", ".DS_Store", ".gitignore", ".htaccess"); // Get the pathsegments, so we can show the path.. $pathsegments = array(); $cumulative = ""; if (!empty($path)) { foreach (explode("/", $path) as $segment) { $cumulative .= $segment . "/"; $pathsegments[$cumulative] = $segment; } } if (file_exists($currentfolder)) { $d = dir($currentfolder); while (false !== ($entry = $d->read())) { if (in_array($entry, $ignored)) { continue; } $fullfilename = $currentfolder . "/" . $entry; if (is_file($fullfilename)) { $files[$entry] = array('path' => $path, 'filename' => $entry, 'newpath' => $path . "/" . $entry, 'writable' => is_writable($fullfilename), 'readable' => is_readable($fullfilename), 'type' => getExtension($entry), 'filesize' => formatFilesize(filesize($fullfilename)), 'modified' => date("Y/m/d H:i:s", filemtime($fullfilename)), 'permissions' => \util::full_permissions($fullfilename)); if (in_array(getExtension($entry), array('gif', 'jpg', 'png', 'jpeg'))) { $size = getimagesize($fullfilename); $files[$entry]['imagesize'] = sprintf("%s × %s", $size[0], $size[1]); } } if (is_dir($fullfilename)) { $folders[$entry] = array('path' => $path, 'foldername' => $entry, 'newpath' => $path . "/" . $entry, 'writable' => is_writable($fullfilename), 'modified' => date("Y/m/d H:i:s", filemtime($fullfilename))); } } $d->close(); } else { $app['session']->setFlash('error', "File '" . $file . "' could not be saved: not valid YAML."); } $app['twig']->addGlobal('title', "Files in " . $path); return $app['twig']->render('files.twig', array('path' => $path, 'files' => $files, 'folders' => $folders, 'pathsegments' => $pathsegments)); }
public function test_set_writable() { if (strncasecmp(PHP_OS, 'WIN', 3) === 0) { $this->markTestSkipped('This functionality is not working on Windows.'); } if (posix_geteuid() === 0) { $this->markTestSkipped('These tests don\'t work when run as root'); } $this->assertFalse(util::set_writable('/no/such/file')); // Create a file to test with $dirname = dirname(__FILE__); $file = $dirname . '/test7'; touch($file); chmod($file, 0644); // The file is owned by us so it should be writable $this->assertTrue(is_writable($file)); $this->assertEquals('-rw-r--r--', util::full_permissions($file)); // Toggle writable bit off for us util::set_writable($file, false); clearstatcache(); $this->assertFalse(is_writable($file)); $this->assertEquals('-r--r--r--', util::full_permissions($file)); // Toggle writable bit back on for us util::set_writable($file, true); clearstatcache(); $this->assertTrue(is_writable($file)); $this->assertEquals('-rw-r--r--', util::full_permissions($file)); unlink($file); }
/** * Return a list with the current stacked items. Add some relevant info to each item, * and also check if the item is present and readable. * * @param int $count * @param string $typefilter * @return array */ public function listitems($count = 100, $typefilter = "") { // Make sure typefilter is an array, if passed something like "image, document" if (!empty($typefilter)) { $typefilter = array_map("trim", explode(",", $typefilter)); } // Our basepath for all uploaded files. $filespath = $this->app['paths']['filespath']; $items = $this->items; $list = array(); foreach ($items as $item) { $extension = strtolower(getExtension($item)); if (in_array($extension, $this->imagetypes)) { $type = "image"; } elseif (in_array($extension, $this->documenttypes)) { $type = "document"; } else { $type = "other"; } // Skip this one, if it doesn't match the type. if (!empty($typefilter) && !in_array($type, $typefilter)) { continue; } // Skip it, if it isn't readable or doesn't exist. $fullpath = str_replace("files/files/", "files/", $filespath . "/" . $item); if (!is_readable($fullpath)) { continue; } $thisitem = array('basename' => basename($item), 'extension' => $extension, 'filepath' => str_replace("files/", "", $item), 'type' => $type, 'writable' => is_writable($fullpath), 'readable' => is_readable($fullpath), 'filesize' => formatFilesize(filesize($fullpath)), 'modified' => date("Y/m/d H:i:s", filemtime($fullpath)), 'permissions' => \util::full_permissions($fullpath)); $thisitem['info'] = sprintf("%s: <code>%s</code><br>%s: %s<br>%s: %s<br>%s: <code>%s</code>", __('Path'), $thisitem['filepath'], __('Filesize'), $thisitem['filesize'], __('Modified'), $thisitem['modified'], __('Permissions'), $thisitem['permissions']); if ($type == "image") { $size = getimagesize($fullpath); $thisitem['imagesize'] = sprintf("%s × %s", $size[0], $size[1]); $thisitem['info'] .= sprintf("<br>%s: %s × %s px", __("Size"), $size[0], $size[1]); } //add it to our list.. $list[] = $thisitem; } $list = array_slice($list, 0, $count); return $list; }