whoami7 - Manager
:
/
proc
/
thread-self
/
root
/
home
/
papecmvm
/
public_html
/
plugins
/
ckeditor
/
kcfinder
/
core
/
class
/
Upload File:
files >> //proc/thread-self/root/home/papecmvm/public_html/plugins/ckeditor/kcfinder/core/class/browser.php
<?php /** This file is part of KCFinder project * * @desc Browser actions class * @package KCFinder * @version 3.12 * @author Pavel Tzonkov <sunhater@sunhater.com> * @copyright 2010-2014 KCFinder Project * @license http://opensource.org/licenses/GPL-3.0 GPLv3 * @license http://opensource.org/licenses/LGPL-3.0 LGPLv3 * @link http://kcfinder.sunhater.com */ namespace kcfinder; class browser extends uploader { protected $action; protected $thumbsDir; protected $thumbsTypeDir; public function __construct() { parent::__construct(); // SECURITY CHECK INPUT DIRECTORY if (isset($_POST['dir'])) { $dir = $this->checkInputDir($_POST['dir'], true, false); if ($dir === false) unset($_POST['dir']); $_POST['dir'] = $dir; } if (isset($_GET['dir'])) { $dir = $this->checkInputDir($_GET['dir'], true, false); if ($dir === false) unset($_GET['dir']); $_GET['dir'] = $dir; } $thumbsDir = $this->config['uploadDir'] . "/" . $this->config['thumbsDir']; if (!$this->config['disabled'] && ( ( !is_dir($thumbsDir) && !@mkdir($thumbsDir, $this->config['dirPerms']) ) || !is_readable($thumbsDir) || !dir::isWritable($thumbsDir) || ( !is_dir("$thumbsDir/{$this->type}") && !@mkdir("$thumbsDir/{$this->type}", $this->config['dirPerms']) ) ) ) $this->errorMsg("Cannot access or create thumbnails folder."); $this->thumbsDir = $thumbsDir; $this->thumbsTypeDir = "$thumbsDir/{$this->type}"; // Remove temporary zip downloads if exists if (!$this->config['disabled']) { $files = dir::content($this->config['uploadDir'], array( 'types' => "file", 'pattern' => '/^.*\.zip$/i' )); if (is_array($files) && count($files)) { $time = time(); foreach ($files as $file) if (is_file($file) && ($time - filemtime($file) > 3600)) unlink($file); } } if (isset($_GET['theme']) && $this->checkFilename($_GET['theme']) && is_dir("themes/{$_GET['theme']}") ) $this->config['theme'] = $_GET['theme']; } public function action() { $act = isset($_GET['act']) ? $_GET['act'] : "browser"; if (!method_exists($this, "act_$act")) $act = "browser"; $this->action = $act; $method = "act_$act"; if ($this->config['disabled']) { $message = $this->label("You don't have permissions to browse server."); if (in_array($act, array("browser", "upload")) || (substr($act, 0, 8) == "download") ) $this->backMsg($message); else { header("Content-Type: text/plain; charset={$this->charset}"); die(json_encode(array('error' => $message))); } } if (!isset($this->session['dir'])) $this->session['dir'] = $this->type; else { $type = $this->getTypeFromPath($this->session['dir']); $dir = $this->config['uploadDir'] . "/" . $this->session['dir']; if (($type != $this->type) || !is_dir($dir) || !is_readable($dir)) $this->session['dir'] = $this->type; } $this->session['dir'] = path::normalize($this->session['dir']); // Render the browser if ($act == "browser") { header("X-UA-Compatible: chrome=1"); header("Content-Type: text/html; charset={$this->charset}"); // Ajax requests } elseif ( (substr($act, 0, 8) != "download") && !in_array($act, array("thumb", "upload")) ) header("Content-Type: text/plain; charset={$this->charset}"); $return = $this->$method(); echo ($return === true) ? '{}' : $return; } protected function act_browser() { if (isset($_GET['dir'])) { $dir = "{$this->typeDir}/{$_GET['dir']}"; if ($this->checkFilePath($dir) && is_dir($dir) && is_readable($dir)) $this->session['dir'] = path::normalize("{$this->type}/{$_GET['dir']}"); } return $this->output(); } protected function act_init() { $tree = $this->getDirInfo($this->typeDir); $tree['dirs'] = $this->getTree($this->session['dir']); if (!is_array($tree['dirs']) || !count($tree['dirs'])) unset($tree['dirs']); $files = $this->getFiles($this->session['dir']); $dirWritable = dir::isWritable("{$this->config['uploadDir']}/{$this->session['dir']}"); $data = array( 'tree' => &$tree, 'files' => &$files, 'dirWritable' => $dirWritable ); return json_encode($data); } protected function act_thumb() { if (!isset($_GET['file']) || !isset($_GET['dir']) || !$this->checkFilename($_GET['file']) ) $this->sendDefaultThumb(); $dir = $this->getDir(); $file = "{$this->thumbsTypeDir}/{$_GET['dir']}/${_GET['file']}"; // Create thumbnail if (!is_file($file) || !is_readable($file)) { $file = "$dir/{$_GET['file']}"; if (!is_file($file) || !is_readable($file)) $this->sendDefaultThumb($file); $image = image::factory($this->imageDriver, $file); if ($image->initError) $this->sendDefaultThumb($file); $img = new fastImage($file); $type = $img->getType(); $img->close(); if (in_array($type, array("gif", "jpeg", "png")) && ($image->width <= $this->config['thumbWidth']) && ($image->height <= $this->config['thumbHeight']) ) { $mime = "image/$type"; httpCache::file($file, $mime); } else $this->sendDefaultThumb($file); // Get type from already-existing thumbnail } else { $img = new fastImage($file); $type = $img->getType(); $img->close(); } httpCache::file($file, "image/$type"); } protected function act_expand() { return json_encode(array('dirs' => $this->getDirs($this->postDir()))); } protected function act_chDir() { $this->postDir(); // Just for existing check $this->session['dir'] = "{$this->type}/{$_POST['dir']}"; $dirWritable = dir::isWritable("{$this->config['uploadDir']}/{$this->session['dir']}"); return json_encode(array( 'files' => $this->getFiles($this->session['dir']), 'dirWritable' => $dirWritable )); } protected function act_newDir() { if (!$this->config['access']['dirs']['create'] || !isset($_POST['dir']) || !isset($_POST['newDir']) || !$this->checkFilename($_POST['newDir']) ) $this->errorMsg("Unknown error."); $dir = $this->postDir(); $newDir = $this->normalizeDirname(trim($_POST['newDir'])); if (!strlen($newDir)) $this->errorMsg("Please enter new folder name."); if (preg_match('/[\/\\\\]/s', $newDir)) $this->errorMsg("Unallowable characters in folder name."); if (substr($newDir, 0, 1) == ".") $this->errorMsg("Folder name shouldn't begins with '.'"); if (file_exists("$dir/$newDir")) $this->errorMsg("A file or folder with that name already exists."); if (!@mkdir("$dir/$newDir", $this->config['dirPerms'])) $this->errorMsg("Cannot create {dir} folder.", array('dir' => $this->htmlData($newDir))); return true; } protected function act_renameDir() { if (!$this->config['access']['dirs']['rename'] || !isset($_POST['dir']) || !strlen(rtrim(rtrim(trim($_POST['dir']), "/"), "\\")) || !isset($_POST['newName']) || !$this->checkFilename($_POST['newName']) ) $this->errorMsg("Unknown error."); $dir = $this->postDir(); $newName = $this->normalizeDirname(trim($_POST['newName'])); if (!strlen($newName)) $this->errorMsg("Please enter new folder name."); if (preg_match('/[\/\\\\]/s', $newName)) $this->errorMsg("Unallowable characters in folder name."); if (substr($newName, 0, 1) == ".") $this->errorMsg("Folder name shouldn't begins with '.'"); if (!@rename($dir, dirname($dir) . "/$newName")) $this->errorMsg("Cannot rename the folder."); $thumbDir = "$this->thumbsTypeDir/{$_POST['dir']}"; if (is_dir($thumbDir)) @rename($thumbDir, dirname($thumbDir) . "/$newName"); return json_encode(array('name' => $newName)); } protected function act_deleteDir() { if (!$this->config['access']['dirs']['delete'] || !isset($_POST['dir']) || !strlen(rtrim(rtrim(trim($_POST['dir']), "/"), "\\")) ) $this->errorMsg("Unknown error."); $dir = $this->postDir(); if (!dir::isWritable($dir)) $this->errorMsg("Cannot delete the folder."); $result = !dir::prune($dir, false); if (is_array($result) && count($result)) $this->errorMsg("Failed to delete {count} files/folders.", array('count' => count($result))); $thumbDir = "$this->thumbsTypeDir/{$_POST['dir']}"; if (is_dir($thumbDir)) dir::prune($thumbDir); return true; } protected function act_upload() { header("Content-Type: text/plain; charset={$this->charset}"); if (!$this->config['access']['files']['upload'] || (!isset($_POST['dir']) && !isset($_GET['dir'])) ) $this->errorMsg("Unknown error."); $dir = isset($_GET['dir']) ? $this->getDir() : $this->postDir(); if (!dir::isWritable($dir)) $this->errorMsg("Cannot access or write to upload folder."); if (is_array($this->file['name'])) { $return = array(); foreach ($this->file['name'] as $i => $name) { $return[] = $this->moveUploadFile(array( 'name' => $name, 'tmp_name' => $this->file['tmp_name'][$i], 'error' => $this->file['error'][$i] ), $dir); } return implode("\n", $return); } else return $this->moveUploadFile($this->file, $dir); } protected function act_dragUrl() { if (!$this->config['access']['files']['upload'] || !isset($_GET['dir']) || !isset($_POST['url']) || !isset($_POST['type']) ) $this->errorMsg("Unknown error."); $dir = $this->getDir(); if (!dir::isWritable($dir)) $this->errorMsg("Cannot access or write to upload folder."); if (is_array($_POST['url'])) foreach ($_POST['url'] as $url) $this->downloadURL($url, $dir); else $this->downloadURL($_POST['url'], $dir); return true; } protected function act_download() { $dir = $this->postDir(); if (!isset($_POST['dir']) || !isset($_POST['file']) || !$this->checkFilename($_POST['file']) || (false === ($file = "$dir/{$_POST['file']}")) || !file_exists($file) || !is_readable($file) ) $this->errorMsg("Unknown error."); header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: private", false); header("Content-Type: application/octet-stream"); header('Content-Disposition: attachment; filename="' . str_replace('"', "_", $_POST['file']) . '"'); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($file)); readfile($file); die; } protected function act_rename() { $dir = $this->postDir(); if (!$this->config['access']['files']['rename'] || !isset($_POST['dir']) || !isset($_POST['file']) || !isset($_POST['newName']) || !$this->checkFilename($_POST['file']) || !$this->checkFilename($_POST['newName']) || (false === ($file = "$dir/{$_POST['file']}")) || !file_exists($file) || !is_readable($file) || !file::isWritable($file) ) $this->errorMsg("Unknown error."); if (isset($this->config['denyExtensionRename']) && $this->config['denyExtensionRename'] && (file::getExtension($_POST['file'], true) !== file::getExtension($_POST['newName'], true) ) ) $this->errorMsg("You cannot rename the extension of files!"); $newName = $this->normalizeFilename(trim($_POST['newName'])); if (!strlen($newName)) $this->errorMsg("Please enter new file name."); if (preg_match('/[\/\\\\]/s', $newName)) $this->errorMsg("Unallowable characters in file name."); if (substr($newName, 0, 1) == ".") $this->errorMsg("File name shouldn't begins with '.'"); $newName = "$dir/$newName"; if (file_exists($newName)) $this->errorMsg("A file or folder with that name already exists."); $ext = file::getExtension($newName); if (!$this->validateExtension($ext, $this->type)) $this->errorMsg("Denied file extension."); if (!@rename($file, $newName)) $this->errorMsg("Unknown error."); $thumbDir = "{$this->thumbsTypeDir}/{$_POST['dir']}"; $thumbFile = "$thumbDir/{$_POST['file']}"; if (file_exists($thumbFile)) @rename($thumbFile, "$thumbDir/" . basename($newName)); return true; } protected function act_delete() { $dir = $this->postDir(); if (!$this->config['access']['files']['delete'] || !isset($_POST['dir']) || !isset($_POST['file']) || !$this->checkFilename($_POST['file']) || (false === ($file = "$dir/{$_POST['file']}")) || !file_exists($file) || !is_readable($file) || !file::isWritable($file) || !@unlink($file) ) $this->errorMsg("Unknown error."); $thumb = "{$this->thumbsTypeDir}/{$_POST['dir']}/{$_POST['file']}"; if (file_exists($thumb)) @unlink($thumb); return true; } protected function act_cp_cbd() { $dir = $this->postDir(); if (!$this->config['access']['files']['copy'] || !isset($_POST['dir']) || !is_dir($dir) || !is_readable($dir) || !dir::isWritable($dir) || !isset($_POST['files']) || !is_array($_POST['files']) || !count($_POST['files']) ) $this->errorMsg("Unknown error."); $error = array(); foreach($_POST['files'] as $file) { $file = path::normalize($file); if (substr($file, 0, 1) == ".") continue; $type = explode("/", $file); $type = $type[0]; if ($type != $this->type) continue; $path = "{$this->config['uploadDir']}/$file"; if (!$this->checkFilePath($path)) continue; $base = basename($file); $replace = array('file' => $this->htmlData($base)); $ext = file::getExtension($base); if (!file_exists($path)) $error[] = $this->label("The file '{file}' does not exist.", $replace); elseif (substr($base, 0, 1) == ".") $error[] = $this->htmlData($base) . ": " . $this->label("File name shouldn't begins with '.'"); elseif (!$this->validateExtension($ext, $type)) $error[] = $this->htmlData($base) . ": " . $this->label("Denied file extension."); elseif (file_exists("$dir/$base")) $error[] = $this->htmlData($base) . ": " . $this->label("A file or folder with that name already exists."); elseif (!is_readable($path) || !is_file($path)) $error[] = $this->label("Cannot read '{file}'.", $replace); elseif (!@copy($path, "$dir/$base")) $error[] = $this->label("Cannot copy '{file}'.", $replace); else { if (function_exists("chmod")) @chmod("$dir/$base", $this->config['filePerms']); $fromThumb = "{$this->thumbsDir}/$file"; if (is_file($fromThumb) && is_readable($fromThumb)) { $toThumb = "{$this->thumbsTypeDir}/{$_POST['dir']}"; if (!is_dir($toThumb)) @mkdir($toThumb, $this->config['dirPerms'], true); $toThumb .= "/$base"; @copy($fromThumb, $toThumb); } } } if (count($error)) return json_encode(array('error' => $error)); return true; } protected function act_mv_cbd() { $dir = $this->postDir(); if (!$this->config['access']['files']['move'] || !isset($_POST['dir']) || !is_dir($dir) || !is_readable($dir) || !dir::isWritable($dir) || !isset($_POST['files']) || !is_array($_POST['files']) || !count($_POST['files']) ) $this->errorMsg("Unknown error."); $error = array(); foreach($_POST['files'] as $file) { $file = path::normalize($file); if (substr($file, 0, 1) == ".") continue; $type = explode("/", $file); $type = $type[0]; if ($type != $this->type) continue; $path = "{$this->config['uploadDir']}/$file"; if (!$this->checkFilePath($path)) continue; $base = basename($file); $replace = array('file' => $this->htmlData($base)); $ext = file::getExtension($base); if (!file_exists($path)) $error[] = $this->label("The file '{file}' does not exist.", $replace); elseif (substr($base, 0, 1) == ".") $error[] = $this->htmlData($base) . ": " . $this->label("File name shouldn't begins with '.'"); elseif (!$this->validateExtension($ext, $type)) $error[] = $this->htmlData($base) . ": " . $this->label("Denied file extension."); elseif (file_exists("$dir/$base")) $error[] = $this->htmlData($base) . ": " . $this->label("A file or folder with that name already exists."); elseif (!is_readable($path) || !is_file($path)) $error[] = $this->label("Cannot read '{file}'.", $replace); elseif (!file::isWritable($path) || !@rename($path, "$dir/$base")) $error[] = $this->label("Cannot move '{file}'.", $replace); else { if (function_exists("chmod")) @chmod("$dir/$base", $this->config['filePerms']); $fromThumb = "{$this->thumbsDir}/$file"; if (is_file($fromThumb) && is_readable($fromThumb)) { $toThumb = "{$this->thumbsTypeDir}/{$_POST['dir']}"; if (!is_dir($toThumb)) @mkdir($toThumb, $this->config['dirPerms'], true); $toThumb .= "/$base"; @rename($fromThumb, $toThumb); } } } if (count($error)) return json_encode(array('error' => $error)); return true; } protected function act_rm_cbd() { if (!$this->config['access']['files']['delete'] || !isset($_POST['files']) || !is_array($_POST['files']) || !count($_POST['files']) ) $this->errorMsg("Unknown error."); $error = array(); foreach($_POST['files'] as $file) { $file = path::normalize($file); if (substr($file, 0, 1) == ".") continue; $type = explode("/", $file); $type = $type[0]; if ($type != $this->type) continue; $path = "{$this->config['uploadDir']}/$file"; if (!$this->checkFilePath($path)) continue; $base = basename($file); $replace = array('file' => $this->htmlData($base)); if (!is_file($path)) $error[] = $this->label("The file '{file}' does not exist.", $replace); elseif (!@unlink($path)) $error[] = $this->label("Cannot delete '{file}'.", $replace); else { $thumb = "{$this->thumbsDir}/$file"; if (is_file($thumb)) @unlink($thumb); } } if (count($error)) return json_encode(array('error' => $error)); return true; } protected function act_downloadDir() { $dir = $this->postDir(); if (!isset($_POST['dir']) || $this->config['denyZipDownload']) $this->errorMsg("Unknown error."); $filename = basename($dir) . ".zip"; do { $file = md5(time() . session_id()); $file = "{$this->config['uploadDir']}/$file.zip"; } while (file_exists($file)); new zipFolder($file, $dir); header("Content-Type: application/x-zip"); header('Content-Disposition: attachment; filename="' . str_replace('"', "_", $filename) . '"'); header("Content-Length: " . filesize($file)); readfile($file); unlink($file); die; } protected function act_downloadSelected() { $dir = $this->postDir(); if (!isset($_POST['dir']) || !isset($_POST['files']) || !is_array($_POST['files']) || $this->config['denyZipDownload'] ) $this->errorMsg("Unknown error."); $zipFiles = array(); foreach ($_POST['files'] as $file) { $file = path::normalize($file); if ((substr($file, 0, 1) == ".") || (strpos($file, '/') !== false)) continue; $file = "$dir/$file"; if (!is_file($file) || !is_readable($file) || !$this->checkFilePath($file)) continue; $zipFiles[] = $file; } do { $file = md5(time() . session_id()); $file = "{$this->config['uploadDir']}/$file.zip"; } while (file_exists($file)); $zip = new \ZipArchive(); $res = $zip->open($file, \ZipArchive::CREATE); if ($res === TRUE) { foreach ($zipFiles as $cfile) $zip->addFile($cfile, basename($cfile)); $zip->close(); } header("Content-Type: application/x-zip"); header('Content-Disposition: attachment; filename="selected_files_' . basename($file) . '"'); header("Content-Length: " . filesize($file)); readfile($file); unlink($file); die; } protected function act_downloadClipboard() { if (!isset($_POST['files']) || !is_array($_POST['files']) || $this->config['denyZipDownload'] ) $this->errorMsg("Unknown error."); $zipFiles = array(); foreach ($_POST['files'] as $file) { $file = path::normalize($file); if ((substr($file, 0, 1) == ".")) continue; $type = explode("/", $file); $type = $type[0]; if ($type != $this->type) continue; $file = $this->config['uploadDir'] . "/$file"; if (!is_file($file) || !is_readable($file) || !$this->checkFilePath($file)) continue; $zipFiles[] = $file; } do { $file = md5(time() . session_id()); $file = "{$this->config['uploadDir']}/$file.zip"; } while (file_exists($file)); $zip = new \ZipArchive(); $res = $zip->open($file, \ZipArchive::CREATE); if ($res === TRUE) { foreach ($zipFiles as $cfile) $zip->addFile($cfile, basename($cfile)); $zip->close(); } header("Content-Type: application/x-zip"); header('Content-Disposition: attachment; filename="clipboard_' . basename($file) . '"'); header("Content-Length: " . filesize($file)); readfile($file); unlink($file); die; } protected function act_check4Update() { if ($this->config['denyUpdateCheck']) return json_encode(array('version' => false)); // Caching HTTP request for 6 hours if (isset($this->session['checkVersion']) && isset($this->session['checkVersionTime']) && ((time() - $this->session['checkVersionTime']) < 21600) ) return json_encode(array('version' => $this->session['checkVersion'])); $ver = phpGet::get("http://kcfinder.sunhater.com/checkVersion.php"); if (isset($ver) && preg_match('/^\d+\.\d+$/', $ver)) { $this->session['checkVersion'] = $ver; $this->session['checkVersionTime'] = time(); return json_encode(array('version' => $ver)); } else return json_encode(array('version' => false)); } protected function moveUploadFile($file, $dir) { $message = $this->checkUploadedFile($file); if ($message !== true) { if (isset($file['tmp_name'])) @unlink($file['tmp_name']); return "{$file['name']}: $message"; } $filename = $this->normalizeFilename($file['name']); $target = "$dir/" . file::getInexistantFilename($filename, $dir); if (!@move_uploaded_file($file['tmp_name'], $target) && !@rename($file['tmp_name'], $target) && !@copy($file['tmp_name'], $target) ) { @unlink($file['tmp_name']); return $this->htmlData($file['name']) . ": " . $this->label("Cannot move uploaded file to target folder."); } elseif (function_exists('chmod')) chmod($target, $this->config['filePerms']); $this->makeThumb($target); return "/" . basename($target); } protected function sendDefaultThumb($file=null) { if ($file !== null) { $ext = file::getExtension($file); $thumb = "themes/{$this->config['theme']}/img/files/big/$ext.png"; } if (!isset($thumb) || !file_exists($thumb)) $thumb = "themes/{$this->config['theme']}/img/files/big/..png"; header("Content-Type: image/png"); readfile($thumb); die; } protected function getFiles($dir) { $thumbDir = "{$this->config['uploadDir']}/{$this->config['thumbsDir']}/$dir"; $dir = "{$this->config['uploadDir']}/$dir"; $return = array(); $files = dir::content($dir, array('types' => "file")); if ($files === false) return $return; foreach ($files as $file) { $img = new fastImage($file); $type = $img->getType(); if ($type !== false) { $size = $img->getSize($file); if (is_array($size) && count($size)) { $thumb_file = "$thumbDir/" . basename($file); if (!is_file($thumb_file)) $this->makeThumb($file, false); $smallThumb = ($size[0] <= $this->config['thumbWidth']) && ($size[1] <= $this->config['thumbHeight']) && in_array($type, array("gif", "jpeg", "png")); } else $smallThumb = false; } else $smallThumb = false; $img->close(); $stat = stat($file); if ($stat === false) continue; $name = basename($file); $ext = file::getExtension($file); $bigIcon = file_exists("themes/{$this->config['theme']}/img/files/big/$ext.png"); $smallIcon = file_exists("themes/{$this->config['theme']}/img/files/small/$ext.png"); $thumb = file_exists("$thumbDir/$name"); $return[] = array( 'name' => stripcslashes($name), 'size' => $stat['size'], 'mtime' => $stat['mtime'], 'date' => @strftime($this->dateTimeSmall, $stat['mtime']), 'readable' => is_readable($file), 'writable' => file::isWritable($file), 'bigIcon' => $bigIcon, 'smallIcon' => $smallIcon, 'thumb' => $thumb, 'smallThumb' => $smallThumb ); } return $return; } protected function getTree($dir, $index=0) { $path = explode("/", $dir); $pdir = ""; for ($i = 0; ($i <= $index && $i < count($path)); $i++) $pdir .= "/{$path[$i]}"; if (strlen($pdir)) $pdir = substr($pdir, 1); $fdir = "{$this->config['uploadDir']}/$pdir"; $dirs = $this->getDirs($fdir); if (is_array($dirs) && count($dirs) && ($index <= count($path) - 1)) { foreach ($dirs as $i => $cdir) { if ($cdir['hasDirs'] && ( ($index == count($path) - 1) || ($cdir['name'] == $path[$index + 1]) ) ) { $dirs[$i]['dirs'] = $this->getTree($dir, $index + 1); if (!is_array($dirs[$i]['dirs']) || !count($dirs[$i]['dirs'])) { unset($dirs[$i]['dirs']); continue; } } } } else return false; return $dirs; } protected function postDir($existent=true) { $dir = $this->typeDir; if (isset($_POST['dir'])) $dir .= "/" . $_POST['dir']; if (!$this->checkFilePath($dir)) $this->errorMsg("Unknown error."); if ($existent && (!is_dir($dir) || !is_readable($dir))) $this->errorMsg("Inexistant or inaccessible folder."); return $dir; } protected function getDir($existent=true) { $dir = $this->typeDir; if (isset($_GET['dir'])) $dir .= "/" . $_GET['dir']; if (!$this->checkFilePath($dir)) $this->errorMsg("Unknown error."); if ($existent && (!is_dir($dir) || !is_readable($dir))) $this->errorMsg("Inexistant or inaccessible folder."); return $dir; } protected function getDirs($dir) { $dirs = dir::content($dir, array('types' => "dir")); $return = array(); if (is_array($dirs)) { $writable = dir::isWritable($dir); foreach ($dirs as $cdir) { $info = $this->getDirInfo($cdir); if ($info === false) continue; $info['removable'] = $writable && $info['writable']; $return[] = $info; } } return $return; } protected function getDirInfo($dir, $removable=false) { if ((substr(basename($dir), 0, 1) == ".") || !is_dir($dir) || !is_readable($dir)) return false; $dirs = dir::content($dir, array('types' => "dir")); if (is_array($dirs)) { foreach ($dirs as $key => $cdir) if (substr(basename($cdir), 0, 1) == ".") unset($dirs[$key]); $hasDirs = count($dirs) ? true : false; } else $hasDirs = false; $writable = dir::isWritable($dir); $info = array( 'name' => stripslashes(basename($dir)), 'readable' => is_readable($dir), 'writable' => $writable, 'removable' => $removable && $writable && dir::isWritable(dirname($dir)), 'hasDirs' => $hasDirs ); if ($dir == "{$this->config['uploadDir']}/{$this->session['dir']}") $info['current'] = true; return $info; } protected function output($data=null, $template=null) { if (!is_array($data)) $data = array(); if ($template === null) $template = $this->action; if (file_exists("tpl/tpl_$template.php")) { ob_start(); $eval = "unset(\$data);unset(\$template);unset(\$eval);"; $_ = $data; foreach (array_keys($data) as $key) if (preg_match('/^[a-z\d_]+$/i', $key)) $eval .= "\$$key=\$_['$key'];"; $eval .= "unset(\$_);require \"tpl/tpl_$template.php\";"; eval($eval); return ob_get_clean(); } return ""; } protected function errorMsg($message, array $data=null) { if (in_array($this->action, array("thumb", "upload", "download", "downloadDir"))) die($this->label($message, $data)); if (($this->action === null) || ($this->action == "browser")) $this->backMsg($message, $data); else { $message = $this->label($message, $data); die(json_encode(array('error' => $message))); } } protected function htmlData($str) { return htmlentities($str, null, strtoupper($this->charset)); } protected function downloadURL($url, $dir) { if (!preg_match(phpGet::$urlExpr, $url, $match)) return; if ((isset($match[7]) && strlen($match[7]))) $furl = explode("&", $match[7]); $filename = isset($furl) ? basename($furl[0]) : "web_image.jpg"; $file = tempnam(sys_get_temp_dir(), $filename); if (phpGet::get($url, $file)) $this->moveUploadFile(array( 'name' => $filename, 'tmp_name' => $file, 'error' => UPLOAD_ERR_OK ), $dir); else @unlink($file); } protected function getLangs() { if (isset($this->session['langs'])) return $this->session['langs']; $files = dir::content("lang", array( 'pattern' => '/^[a-z]{2,3}(\-[a-z]{2})?\.php$/', 'types' => "file" )); $langs = array(); if (is_array($files)) foreach ($files as $file) { include $file; $id = substr(basename($file), 0, -4); $langs[$id] = isset($lang['_native']) ? $lang['_native'] : (isset($lang['_lang']) ? $lang['_lang'] : $id); } $this->session['langs'] = $langs; return $langs; } }
Copyright ©2021 || Defacer Indonesia