public function execute()
 {
     $path = rtrim(waRequest::get('path'), ' /');
     $path = wa()->getDataPath($path, true, null, false);
     $file = waRequest::get('file');
     $path .= '/' . $file;
     if (file_exists($path) && is_file($path) && !in_array(waFiles::extension($path, array('php', 'phtml')))) {
         waFiles::readFile($path, $file);
     } else {
         throw new waException("File not found", 404);
     }
 }
 public function execute()
 {
     $p = $path = rtrim(waRequest::post('path'), ' /');
     if ($file = waRequest::post('file')) {
         $path .= '/' . $file;
     }
     $path = wa()->getDataPath($path, true, null, false);
     $name = trim(waRequest::post('name'));
     $name = preg_replace('!\\.\\.[/\\\\]!', '', $name);
     if ($file) {
         $name_ext = waFiles::extension($name);
         if ($name_ext != waFiles::extension($file) || !$name_ext) {
             if (strpos(strtolower($name), '.php') !== false) {
                 if ($name_ext != 'php') {
                     $name_ext = 'php';
                 }
             }
             if (in_array($name_ext, array('php', 'phtml'))) {
                 $this->errors = sprintf(_w("Files with extension .%s are not allowed to security considerations."), $name_ext);
                 return;
             }
         }
     }
     if (file_exists($path) && strlen($name)) {
         if (!is_writable(dirname($path))) {
             $this->errors = sprintf(_w("Folder or file could not bet renamed due to the insufficient file write permissions for the %s folder."), $p);
         } elseif (@rename($path, dirname($path) . '/' . $name)) {
             if ($file) {
                 $this->response = $name;
             } else {
                 $this->response = array('name' => $name, 'hash' => '#/files' . substr(dirname($path) . '/' . $name . '/', strlen(wa()->getDataPath('', true, null, false))));
             }
         } else {
             $this->errors = _w("File (folder) can not be renamed");
         }
     } else {
         if (!strlen($name)) {
             $this->errors = _w("Enter the new name");
         } else {
             $this->errors = _w("Selected folder (file) does not exist anymore");
         }
     }
 }
 public function saveAction()
 {
     $app_id = $this->getAppId();
     $theme_id = waRequest::get('theme_id');
     $file = waRequest::get('file');
     $errors = null;
     $path = wa()->getDataPath('themes', true, $app_id, false);
     $this->checkAccess($path);
     // copy original theme
     $theme = new waTheme($theme_id, $app_id);
     if ($theme['type'] == waTheme::ORIGINAL) {
         $theme->copy();
     }
     // create file
     if (!$file) {
         // parent
         if (waRequest::post('type')) {
             $file = waRequest::post('parent');
             $theme->addFile($file, '', array('parent' => 1));
         } else {
             $file = waRequest::post('file');
             if ($this->checkFile($file, $errors)) {
                 $theme->addFile($file, waRequest::post('description'));
             }
         }
         if (!$errors) {
             if (!$theme->save()) {
                 $errors = _ws('Insufficient file access permissions to save theme settings');
             } else {
                 $this->logAction('template_add', $file);
             }
         }
     } else {
         if (waRequest::post('file') && $file != waRequest::post('file')) {
             if (!$this->checkFile(waRequest::post('file'), $errors)) {
                 $this->displayJson(array(), $errors);
                 return;
             }
             $theme->removeFile($file);
             $file = waRequest::post('file');
             if (!$theme->addFile($file, waRequest::post('description'))->save()) {
                 $errors = _ws('Insufficient file access permissions to save theme settings');
             } else {
                 $this->logAction('template_edit', $file);
             }
         } else {
             $f = $theme->getFile($file);
             if (!empty($theme['parent_theme_id']) && $f['parent']) {
                 $theme = new waTheme($theme['parent_theme_id']);
                 if ($theme['type'] == waTheme::ORIGINAL) {
                     $theme->copy();
                 }
             }
             if (!$theme->changeFile($file, waRequest::post('description'))) {
                 $errors = _ws('Insufficient file access permissions to save theme settings');
             } else {
                 $this->logAction('template_edit', $file);
             }
         }
         @touch($theme->getPath() . '/' . waTheme::PATH);
     }
     $response = array();
     if ($file && !$errors) {
         // update mtime of theme.xml
         @touch($path);
         $response['id'] = $file;
         switch ($ext = waFiles::extension($file)) {
             case 'css':
             case 'js':
                 $response['type'] = $ext;
                 break;
             default:
                 $response['type'] = '';
         }
         $response['theme'] = $theme_id;
         // if not parent
         if (!waRequest::post('type')) {
             $content = waRequest::post('content');
             $file_path = $theme->getPath() . '/' . $file;
             if (!file_exists($file_path) || is_writable($file_path)) {
                 if ($content || file_exists($file_path)) {
                     $r = @file_put_contents($file_path, $content);
                     if ($r !== false) {
                         $r = true;
                         if (in_array($ext, array('css', 'js'))) {
                             $theme['edition'] = true;
                             $theme->save();
                         }
                     }
                 } else {
                     $r = @touch($file_path);
                 }
             } else {
                 $r = false;
             }
             if (!$r) {
                 $errors = _ws('Insufficient access permissions to save the file') . ' ' . $file_path;
             }
         } else {
             $response['inherit'] = 1;
         }
     }
     $this->displayJson($response, $errors);
 }
 public function importPhoto($id, $album)
 {
     $this->log('Import photo: ' . $id);
     $row = $this->query("SELECT * FROM PIXLIST WHERE PL_ID = " . (int) $id);
     $data = array('name' => preg_replace('/\\.[^\\.]+$/', '', $row['PL_FILENAME']), 'description' => $row['PL_DESC'], 'upload_datetime' => $row['PL_UPLOADDATETIME'], 'width' => $row['PL_WIDTH'], 'height' => $row['PL_HEIGHT'], 'size' => $row['PL_FILESIZE'], 'ext' => waFiles::extension($row['PL_DISKFILENAME']), 'contact_id' => $this->getContactId($row['C_ID']), 'status' => $album['status'] ? 1 : 0);
     if ($data['status'] <= 0) {
         $data['hash'] = md5(uniqid(time(), true));
     } else {
         $data['hash'] = '';
     }
     // insert photo
     $data['id'] = $this->getPhotoModel()->insert($data);
     // set url
     $this->getPhotoModel()->updateById($data['id'], array('url' => 'DSC_' . $data['id']));
     // copy file
     $new_path = photosPhoto::getPhotoPath($data);
     $this->moveFile($row, $new_path);
     // fix width and height for old photos
     if (!$data['width'] && !$data['height'] && file_exists($new_path)) {
         $image = waImage::factory($new_path);
         $this->getPhotoModel()->updateById($data['id'], array('width' => $image->width, 'height' => $image->height));
     }
     if ($exif_data = photosExif::getInfo($new_path)) {
         $this->getExifModel()->save($data['id'], $exif_data);
     }
     // set rights
     $sql = "INSERT IGNORE INTO photos_photo_rights SET group_id = 0, photo_id = " . (int) $data['id'];
     $this->dest->exec($sql);
     if (!$album['status']) {
         $sql = "INSERT IGNORE INTO photos_photo_rights\n                    SET group_id = -" . (int) $data['contact_id'] . ", photo_id = " . (int) $data['id'];
         $this->dest->exec($sql);
     }
     // add photo to album
     $sql = "INSERT IGNORE INTO photos_album_photos\n                SET album_id = " . $album['id'] . ", photo_id = " . (int) $data['id'] . ", sort = " . (int) $row['PL_SORT'];
     $this->dest->exec($sql);
     // save old id => new id (for widgets)
     $this->old_photos[$id] = $data['id'];
     return $data['id'];
 }