public function execute()
{
$path = rtrim(waRequest::get('path'), ' /');
$path = wa()->getDataPath($path, true, null, false);
$file = waRequest::get('file');
$path .= '/' . $file;
if (file_exists($path) && is_file($path) && !in_array(waFiles::extension($path, array('php', 'phtml')))) {
waFiles::readFile($path, $file);
} else {
throw new waException("File not found", 404);
}
}
public function execute()
{
$p = $path = rtrim(waRequest::post('path'), ' /');
if ($file = waRequest::post('file')) {
$path .= '/' . $file;
}
$path = wa()->getDataPath($path, true, null, false);
$name = trim(waRequest::post('name'));
$name = preg_replace('!\\.\\.[/\\\\]!', '', $name);
if ($file) {
$name_ext = waFiles::extension($name);
if ($name_ext != waFiles::extension($file) || !$name_ext) {
if (strpos(strtolower($name), '.php') !== false) {
if ($name_ext != 'php') {
$name_ext = 'php';
}
}
if (in_array($name_ext, array('php', 'phtml'))) {
$this->errors = sprintf(_w("Files with extension .%s are not allowed to security considerations."), $name_ext);
return;
}
}
}
if (file_exists($path) && strlen($name)) {
if (!is_writable(dirname($path))) {
$this->errors = sprintf(_w("Folder or file could not bet renamed due to the insufficient file write permissions for the %s folder."), $p);
} elseif (@rename($path, dirname($path) . '/' . $name)) {
if ($file) {
$this->response = $name;
} else {
$this->response = array('name' => $name, 'hash' => '#/files' . substr(dirname($path) . '/' . $name . '/', strlen(wa()->getDataPath('', true, null, false))));
}
} else {
$this->errors = _w("File (folder) can not be renamed");
}
} else {
if (!strlen($name)) {
$this->errors = _w("Enter the new name");
} else {
$this->errors = _w("Selected folder (file) does not exist anymore");
}
}
}
public function saveAction()
{
$app_id = $this->getAppId();
$theme_id = waRequest::get('theme_id');
$file = waRequest::get('file');
$errors = null;
$path = wa()->getDataPath('themes', true, $app_id, false);
$this->checkAccess($path);
// copy original theme
$theme = new waTheme($theme_id, $app_id);
if ($theme['type'] == waTheme::ORIGINAL) {
$theme->copy();
}
// create file
if (!$file) {
// parent
if (waRequest::post('type')) {
$file = waRequest::post('parent');
$theme->addFile($file, '', array('parent' => 1));
} else {
$file = waRequest::post('file');
if ($this->checkFile($file, $errors)) {
$theme->addFile($file, waRequest::post('description'));
}
}
if (!$errors) {
if (!$theme->save()) {
$errors = _ws('Insufficient file access permissions to save theme settings');
} else {
$this->logAction('template_add', $file);
}
}
} else {
if (waRequest::post('file') && $file != waRequest::post('file')) {
if (!$this->checkFile(waRequest::post('file'), $errors)) {
$this->displayJson(array(), $errors);
return;
}
$theme->removeFile($file);
$file = waRequest::post('file');
if (!$theme->addFile($file, waRequest::post('description'))->save()) {
$errors = _ws('Insufficient file access permissions to save theme settings');
} else {
$this->logAction('template_edit', $file);
}
} else {
$f = $theme->getFile($file);
if (!empty($theme['parent_theme_id']) && $f['parent']) {
$theme = new waTheme($theme['parent_theme_id']);
if ($theme['type'] == waTheme::ORIGINAL) {
$theme->copy();
}
}
if (!$theme->changeFile($file, waRequest::post('description'))) {
$errors = _ws('Insufficient file access permissions to save theme settings');
} else {
$this->logAction('template_edit', $file);
}
}
@touch($theme->getPath() . '/' . waTheme::PATH);
}
$response = array();
if ($file && !$errors) {
// update mtime of theme.xml
@touch($path);
$response['id'] = $file;
switch ($ext = waFiles::extension($file)) {
case 'css':
case 'js':
$response['type'] = $ext;
break;
default:
$response['type'] = '';
}
$response['theme'] = $theme_id;
// if not parent
if (!waRequest::post('type')) {
$content = waRequest::post('content');
$file_path = $theme->getPath() . '/' . $file;
if (!file_exists($file_path) || is_writable($file_path)) {
if ($content || file_exists($file_path)) {
$r = @file_put_contents($file_path, $content);
if ($r !== false) {
$r = true;
if (in_array($ext, array('css', 'js'))) {
$theme['edition'] = true;
$theme->save();
}
}
} else {
$r = @touch($file_path);
}
} else {
$r = false;
}
if (!$r) {
$errors = _ws('Insufficient access permissions to save the file') . ' ' . $file_path;
}
} else {
$response['inherit'] = 1;
}
}
$this->displayJson($response, $errors);
}
public function importPhoto($id, $album)
{
$this->log('Import photo: ' . $id);
$row = $this->query("SELECT * FROM PIXLIST WHERE PL_ID = " . (int) $id);
$data = array('name' => preg_replace('/\\.[^\\.]+$/', '', $row['PL_FILENAME']), 'description' => $row['PL_DESC'], 'upload_datetime' => $row['PL_UPLOADDATETIME'], 'width' => $row['PL_WIDTH'], 'height' => $row['PL_HEIGHT'], 'size' => $row['PL_FILESIZE'], 'ext' => waFiles::extension($row['PL_DISKFILENAME']), 'contact_id' => $this->getContactId($row['C_ID']), 'status' => $album['status'] ? 1 : 0);
if ($data['status'] <= 0) {
$data['hash'] = md5(uniqid(time(), true));
} else {
$data['hash'] = '';
}
// insert photo
$data['id'] = $this->getPhotoModel()->insert($data);
// set url
$this->getPhotoModel()->updateById($data['id'], array('url' => 'DSC_' . $data['id']));
// copy file
$new_path = photosPhoto::getPhotoPath($data);
$this->moveFile($row, $new_path);
// fix width and height for old photos
if (!$data['width'] && !$data['height'] && file_exists($new_path)) {
$image = waImage::factory($new_path);
$this->getPhotoModel()->updateById($data['id'], array('width' => $image->width, 'height' => $image->height));
}
if ($exif_data = photosExif::getInfo($new_path)) {
$this->getExifModel()->save($data['id'], $exif_data);
}
// set rights
$sql = "INSERT IGNORE INTO photos_photo_rights SET group_id = 0, photo_id = " . (int) $data['id'];
$this->dest->exec($sql);
if (!$album['status']) {
$sql = "INSERT IGNORE INTO photos_photo_rights\n SET group_id = -" . (int) $data['contact_id'] . ", photo_id = " . (int) $data['id'];
$this->dest->exec($sql);
}
// add photo to album
$sql = "INSERT IGNORE INTO photos_album_photos\n SET album_id = " . $album['id'] . ", photo_id = " . (int) $data['id'] . ", sort = " . (int) $row['PL_SORT'];
$this->dest->exec($sql);
// save old id => new id (for widgets)
$this->old_photos[$id] = $data['id'];
return $data['id'];
}
