Source for file filemanager.class.php
Documentation is available at filemanager.class.php
* class for the filemanager.php connector * @author Riaan Los <mail (at) riaanlos (dot) nl> * @author Simon Georget <simon (at) linea21 (dot) com> * @package linea21.externals * @subpackage Filemanager protected $get = array(); protected $post = array(); protected $item = array(); protected $logfile = '/tmp/filemanager.log'; // override config options if needed if ($this->config['options']['logger'] == true ) { if(isset ($this->config['options']['logfile'])) { // if fileRoot is set manually, $this->doc_root takes fileRoot value // for security check in isValidPath() method // else it takes $_SERVER['DOCUMENT_ROOT'] default value if ($this->config['options']['fileRoot'] !== false ) { if($this->config['options']['serverRoot'] === true) { $this->doc_root = $_SERVER['DOCUMENT_ROOT']; $this->doc_root = $_SERVER['DOCUMENT_ROOT']; $this->__log(__METHOD__ . ' $this->doc_root value ' . $this->doc_root); $this->availableLanguages(); $this->loadLanguageFile(); // $extraconfig should be formatted as json config array. public function setup($extraconfig) { // allow Filemanager to be used with dynamic folders if($this->config['options']['serverRoot'] === true) { $this->doc_root = $_SERVER['DOCUMENT_ROOT']. '/'. $path; public function error($string,$textarea= false) { $this->__log( __METHOD__ . ' - error message : ' . $string); echo '<textarea>' . json_encode($array) . '</textarea>'; public function lang($string) { return 'Language string error on ' . $string; public function getvar($var) { if(!isset ($_GET[$var]) || $_GET[$var]== '') { $this->get[$var] = $this->sanitize($_GET[$var]); if(!isset ($_POST[$var]) || $_POST[$var]== '') { $this->post[$var] = $_POST[$var]; 'Path'=> $this->get['path'], 'Filename'=> $this->item['filename'], 'File Type'=> $this->item['filetype'], 'Preview'=> $this->item['preview'], 'Properties'=> $this->item['properties'], $current_path = $this->getFullPath(); if(!$this->isValidPath($current_path)) { if(!$handle = opendir($current_path)) { while (false !== ($file = readdir($handle))) { if($file != "." && $file != "..") { // Sort files by modified time, latest to earliest // Use SORT_ASC in place of SORT_DESC for earliest to latest // array_map( 'filemtime', $filesDir ), foreach($filesDir as $file) { if(is_dir($current_path . $file)) { $array[$this->get['path'] . $file . '/'] = array( 'Path'=> $this->get['path'] . $file . '/', 'Preview'=> $this->config['icons']['path'] . $this->config['icons']['directory'], } else if (!in_array($file, $this->config['exclude']['unallowed_files']) && !preg_match( $this->config['exclude']['unallowed_files_REGEXP'], $file)) { $this->get_file_info($this->get['path'] . $file); if(!isset ($this->params['type']) || (isset ($this->params['type']) && strtolower($this->params['type'])== 'images' && in_array(strtolower($this->item['filetype']),$this->config['images']['imagesExt']))) { $array[$this->get['path'] . $file] = array( 'Path'=> $this->get['path'] . $file, 'Filename'=> $this->item['filename'], 'File Type'=> $this->item['filetype'], 'Preview'=> $this->item['preview'], 'Properties'=> $this->item['properties'], $filename = $tmp[(sizeof($tmp)- 1)]; $new_file = $this->getFullPath($path . '/' . $this->get['new']). $suffix; $old_file = $this->getFullPath($this->get['old']) . $suffix; if(!$this->isValidPath($old_file)) { $this->__log(__METHOD__ . ' - renaming '. $old_file. ' to ' . $new_file); if($suffix== '/' && is_dir($new_file)) { if($suffix== '' && is_file($new_file)) { if(!rename($old_file,$new_file)) { 'Old Path'=> $this->get['old'], 'New Path'=> $path . '/' . $this->get['new']. $suffix, 'New Name'=> $this->get['new'] $current_path = $this->getFullPath(); if(!$this->isValidPath($current_path)) { $this->unlinkRecursive($current_path); 'Path'=> $this->get['path'] $this->__log(__METHOD__ . ' - deleting folder '. $current_path); 'Path'=> $this->get['path'] $this->__log(__METHOD__ . ' - deleting file '. $current_path); if(!isset ($_FILES['newfile']) || !is_uploaded_file($_FILES['newfile']['tmp_name'])) { // we determine max upload size if not set if($this->config['upload']['fileSizeLimit'] == 'auto') { if($_FILES['newfile']['size'] > ($this->config['upload']['fileSizeLimit'] * 1024 * 1024)) { if($this->config['upload']['imagesOnly'] || (isset ($this->params['type']) && strtolower($this->params['type'])== 'images')) { if(!($size = @getimagesize($_FILES['newfile']['tmp_name']))){ if(!in_array($size[2], array(1, 2, 3, 7, 8))) { $_FILES['newfile']['name'] = $this->cleanString($_FILES['newfile']['name'],array('.','-')); $current_path = $this->getFullPath($this->post['currentpath']); if(!$this->isValidPath($current_path)) { if(!$this->config['upload']['overwrite']) { $_FILES['newfile']['name'] = $this->checkFilename($current_path,$_FILES['newfile']['name']); move_uploaded_file($_FILES['newfile']['tmp_name'], $current_path . $_FILES['newfile']['name']); chmod($current_path . $_FILES['newfile']['name'], 0644); 'Path'=> $this->post['currentpath'], 'Name'=> $_FILES['newfile']['name'], $this->__log(__METHOD__ . ' - adding file '. $_FILES['newfile']['name']. ' into '. $current_path); echo '<textarea>' . json_encode($response) . '</textarea>'; $current_path = $this->getFullPath(); if(!$this->isValidPath($current_path)) { if(is_dir($current_path . $this->get['name'])) { if(!mkdir($current_path . $newdir,0755)) { 'Parent'=> $this->get['path'], 'Name'=> $this->get['name'], $this->__log(__METHOD__ . ' - adding folder '. $current_path . $newdir); $current_path = $this->getFullPath(); if(!$this->isValidPath($current_path)) { header("Content-type: application/force-download"); header('Content-Disposition: inline; filename="' . basename($current_path) . '"'); header("Content-Transfer-Encoding: Binary"); header("Content-length: ". $current_path); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($current_path) . '"'); $this->__log(__METHOD__ . ' - downloading '. $current_path); $current_path = $this->getFullPath(); header("Content-type: image/" . $ext = pathinfo($current_path, PATHINFO_EXTENSION)); header("Content-Transfer-Encoding: Binary"); header('Content-Disposition: inline; filename="' . basename($current_path) . '"'); $this->__log(__METHOD__ . ' - previewing '. $current_path); $max_upload = (int) ini_get('upload_max_filesize'); $max_post = (int) ini_get('post_max_size'); $memory_limit = (int) ini_get('memory_limit'); $upload_mb = min($max_upload, $max_post, $memory_limit); $this->__log(__METHOD__ . ' - max upload file size is '. $upload_mb. 'Mb'); private function setParams() { $tmp = (isset ($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/'); if(isset ($tmp[1]) && $tmp[1]!= '') { $params_tmp = explode('&',$tmp[1]); foreach($params_tmp as $value) { if(isset ($tmp[0]) && $tmp[0]!= '' && isset ($tmp[1]) && $tmp[1]!= '') { $params[$tmp[0]] = $tmp[1]; private function get_file_info($path= '',$return= array()) { // DO NOT rawurlencode() since $current_path it // is used for displaying name file $current_path = $this->get['path']; $this->item['filemtime'] = filemtime($this->getFullPath($current_path)); $this->item['filectime'] = filectime($this->getFullPath($current_path)); $this->item['preview'] = $this->config['icons']['path'] . $this->config['icons']['default']; $this->item['preview'] = $this->config['icons']['path'] . $this->config['icons']['directory']; $this->item['preview'] = 'connectors/php/filemanager.php?mode=preview&path='. rawurlencode($current_path); //if(isset($get['getsize']) && $get['getsize']=='true') { $this->item['properties']['Size'] = filesize($this->getFullPath($current_path)); if ($this->item['properties']['Size']) { list ($width, $height, $type, $attr) = getimagesize($this->getFullPath($current_path)); $this->item['properties']['Size'] = 0; list ($width, $height) = array(0, 0); $this->item['properties']['Height'] = $height; $this->item['properties']['Width'] = $width; $this->item['properties']['Size'] = filesize($this->getFullPath($current_path)); $this->item['properties']['Size'] = filesize($this->getFullPath($current_path)); if (!$this->item['properties']['Size']) $this->item['properties']['Size'] = 0; $this->item['properties']['Date Modified'] = date($this->config['options']['dateFormat'], $this->item['filemtime']); //$return['properties']['Date Created'] = $this->config['options']['dateFormat'], $return['filectime']); // PHP cannot get create timestamp private function getFullPath($path = '') { $path = $this->get['path']; if($this->config['options']['fileRoot'] !== false) { // $this->__log(__METHOD_. " path : " . $full_path); private function isValidPath($path) { // @todo remove debug message // $this->__log('compare : ' .$this->getFullPath(). '($this->getFullPath()) and ' . $path . '(path)'); // $this->__log('strncmp() retruned value : ' .strncmp($path, $this->getFullPath(), strlen($this->getFullPath()))); return !strncmp($path, $this->getFullPath(), strlen($this->getFullPath())); private function unlinkRecursive($dir,$deleteRootToo= true) { while (false !== ($obj = readdir($dh))) { if($obj == '.' || $obj == '..') { if (!@unlink($dir . '/' . $obj)) { $this->unlinkRecursive($dir. '/'. $obj, true); private function cleanString($string, $allowed = array()) { foreach ($allowed as $value) { 'Š'=> 'S', 'š'=> 's', 'Đ'=> 'Dj', 'đ'=> 'dj', 'Ž'=> 'Z', 'ž'=> 'z', 'Č'=> 'C', 'č'=> 'c', 'Ć'=> 'C', 'ć'=> 'c', 'À'=> 'A', 'Á'=> 'A', 'Â'=> 'A', 'Ã'=> 'A', 'Ä'=> 'A', 'Å'=> 'A', 'Æ'=> 'A', 'Ç'=> 'C', 'È'=> 'E', 'É'=> 'E', 'Ê'=> 'E', 'Ë'=> 'E', 'Ì'=> 'I', 'Í'=> 'I', 'Î'=> 'I', 'Ï'=> 'I', 'Ñ'=> 'N', 'Ò'=> 'O', 'Ó'=> 'O', 'Ô'=> 'O', 'Õ'=> 'O', 'Ö'=> 'O', 'Ő'=> 'O', 'Ø'=> 'O', 'Ù'=> 'U', 'Ú'=> 'U', 'Û'=> 'U', 'Ü'=> 'U', 'Ű'=> 'U', 'Ý'=> 'Y', 'Þ'=> 'B', 'ß'=> 'Ss','à'=> 'a', 'á'=> 'a', 'â'=> 'a', 'ã'=> 'a', 'ä'=> 'a', 'å'=> 'a', 'æ'=> 'a', 'ç'=> 'c', 'è'=> 'e', 'é'=> 'e', 'ê'=> 'e', 'ë'=> 'e', 'ì'=> 'i', 'í'=> 'i', 'î'=> 'i', 'ï'=> 'i', 'ð'=> 'o', 'ñ'=> 'n', 'ò'=> 'o', 'ó'=> 'o', 'ô'=> 'o', 'õ'=> 'o', 'ö'=> 'o', 'ő'=> 'o', 'ø'=> 'o', 'ù'=> 'u', 'ú'=> 'u', 'ű'=> 'u', 'û'=> 'u', 'ý'=> 'y', 'ý'=> 'y', 'þ'=> 'b', 'ÿ'=> 'y', 'Ŕ'=> 'R', 'ŕ'=> 'r', ' '=> '_', "'"=> '_', '/'=> '' foreach ($string as $key => $clean) { $clean = strtr($clean, $mapping); if($this->config['options']['chars_only_latin'] == true) { $clean = preg_replace("/[^{$allow}_a-zA-Z0-9]/u", '', $clean); // $clean = preg_replace("/[^{$allow}_a-zA-Z0-9\x{0430}-\x{044F}\x{0410}-\x{042F}]/u", '', $clean); // allow only latin alphabet with cyrillic $cleaned[$key] = preg_replace('/[_]+/', '_', $clean); // remove double underscore $string = strtr($string, $mapping); if($this->config['options']['chars_only_latin'] == true) { $clean = preg_replace("/[^{$allow}_a-zA-Z0-9]/u", '', $string); // $clean = preg_replace("/[^{$allow}_a-zA-Z0-9\x{0430}-\x{044F}\x{0410}-\x{042F}]/u", '', $string); // allow only latin alphabet with cyrillic $cleaned = preg_replace('/[_]+/', '_', $string); // remove double underscore private function sanitize($var) { private function checkFilename($path,$filename,$i= '') { $tmp = explode(/*$this->config['upload']['suffix'] . */$i . '.',$filename); return $this->checkFilename($path,$filename,$i); private function loadLanguageFile() { // we load langCode var passed into URL if present and if exists // else, we use default configuration var $lang = $this->config['options']['culture']; if(isset ($this->params['langCode']) && in_array($this->params['langCode'], $this->languages)) $lang = $this->params['langCode']; private function availableLanguages() { if ($handle = opendir($this->root. '/scripts/languages/')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { private function __log($msg) { $str = "[" . date("d/m/Y h:i:s", mktime()) . "] " . $msg; $this->__log(__METHOD__ . ' - Log enabled (in '. $this->logfile. ' file)'); $this->__log(__METHOD__ . ' - Log disabled');
|
