D3Public/tinymce-editor
8
0
Bifurcation 0
Code Demandes d'ajout Paquets Projets Publications Activité

refactor fileman

Parcourir la source
Cette révision appartient à :
O3-Shop 2023-04-10 22:25:46 +02:00
Parent 192a9aa52d
révision 24c4264d87
18 fichiers modifiés avec 873 ajouts et 730 suppressions
Voir les Statistiques Télécharger le Fichier Patch Télécharger le Fichier des Différences Développer tous les fichiers Réduire tous les fichiers

49
Application/fileman/php/copydir.php
Voir le fichier

@ -26,32 +26,35 @@ include 'functions.inc.php';
verifyAction('COPYDIR');
checkAccess('COPYDIR');
$path = RoxyFile::FixPath(trim(empty($_POST['d'])?'':$_POST['d']));
$newPath = RoxyFile::FixPath(trim(empty($_POST['n'])?'':$_POST['n']));
$path = RoxyFile::FixPath(trim(empty($_POST['d']) ? '' : $_POST['d']));
$newPath = RoxyFile::FixPath(trim(empty($_POST['n']) ? '' : $_POST['n']));
verifyPath($path);
verifyPath($newPath);
function copyDir($path, $newPath){
$items = listDirectory($path);
if(!is_dir($newPath))
mkdir ($newPath, octdec(DIRPERMISSIONS));
foreach ($items as $item){
if($item == '.' || $item == '..')
continue;
$oldPath = RoxyFile::FixPath($path.'/'.$item);
$tmpNewPath = RoxyFile::FixPath($newPath.'/'.$item);
if(is_file($oldPath))
copy($oldPath, $tmpNewPath);
elseif(is_dir($oldPath)){
copyDir($oldPath, $tmpNewPath);
function copyDir(string $path, string $newPath): void
{
$items = listDirectory($path);
if (!is_dir($newPath)) {
mkdir($newPath, (int) octdec(DIRPERMISSIONS));
}
foreach ($items as $item) {
if ($item == '.' || $item == '..') {
continue;
}
$oldPath = RoxyFile::FixPath($path . '/' . $item);
$tmpNewPath = RoxyFile::FixPath($newPath . '/' . $item);
if (is_file($oldPath)) {
copy($oldPath, $tmpNewPath);
} elseif (is_dir($oldPath)) {
copyDir($oldPath, $tmpNewPath);
}
}
}
}
if(is_dir(fixPath($path))){
copyDir(fixPath($path.'/'), fixPath($newPath.'/'.basename($path)));
echo getSuccessRes();
}
else
echo getErrorRes(t('E_CopyDirInvalidPath'));
?>
if (is_dir(fixPath($path))) {
copyDir(fixPath($path . '/'), fixPath($newPath . '/' . basename($path)));
echo getSuccessRes();
} else {
echo getErrorRes(t('E_CopyDirInvalidPath'));
}

29
Application/fileman/php/copyfile.php
Voir le fichier

@ -26,21 +26,22 @@ include 'functions.inc.php';
verifyAction('COPYFILE');
checkAccess('COPYFILE');
$path = RoxyFile::FixPath(trim(empty($_POST['f'])?'':$_POST['f']));
$newPath = RoxyFile::FixPath(trim(empty($_POST['n'])?'':$_POST['n']));
if(!$newPath)
$newPath = getFilesPath();
$path = RoxyFile::FixPath(trim(empty($_POST['f']) ? '' : $_POST['f']));
$newPath = RoxyFile::FixPath(trim(empty($_POST['n']) ? '' : $_POST['n']));
if (!$newPath) {
$newPath = getFilesPath();
}
verifyPath($path);
verifyPath($newPath);
if(is_file(fixPath($path))){
$newPath = $newPath.'/'.RoxyFile::MakeUniqueFilename(fixPath($newPath), basename($path));
if(copy(fixPath($path), fixPath($newPath)))
echo getSuccessRes();
else
echo getErrorRes(t('E_CopyFile'));
}
else
echo getErrorRes(t('E_CopyFileInvalisPath'));
?>
if (is_file(fixPath($path))) {
$newPath = $newPath . '/' . RoxyFile::MakeUniqueFilename(fixPath($newPath), basename($path));
if (copy(fixPath($path), fixPath($newPath))) {
echo getSuccessRes();
} else {
echo getErrorRes(t('E_CopyFile'));
}
} else {
echo getErrorRes(t('E_CopyFileInvalisPath'));
}

22
Application/fileman/php/createdir.php
Voir le fichier

@ -26,16 +26,16 @@ include 'functions.inc.php';
verifyAction('CREATEDIR');
checkAccess('CREATEDIR');
$path = RoxyFile::FixPath(trim(empty($_POST['d'])?'':$_POST['d']));
$name = RoxyFile::FixPath(trim(empty($_POST['n'])?'':$_POST['n']));
$path = RoxyFile::FixPath(trim(empty($_POST['d']) ? '' : $_POST['d']));
$name = RoxyFile::FixPath(trim(empty($_POST['n']) ? '' : $_POST['n']));
verifyPath($path);
if(is_dir(fixPath($path))){
if(mkdir(fixPath($path).'/'.$name, octdec(DIRPERMISSIONS)))
echo getSuccessRes();
else
echo getErrorRes(t('E_CreateDirFailed').' '.basename($path));
}
else
echo getErrorRes(t('E_CreateDirInvalidPath'));
?>
if (is_dir(fixPath($path))) {
if (mkdir(fixPath($path) . '/' . $name, (int) octdec(DIRPERMISSIONS))) {
echo getSuccessRes();
} else {
echo getErrorRes(t('E_CreateDirFailed') . ' ' . basename($path));
}
} else {
echo getErrorRes(t('E_CreateDirInvalidPath'));
}

28
Application/fileman/php/deletedir.php
Voir le fichier

@ -26,19 +26,19 @@ include 'functions.inc.php';
verifyAction('DELETEDIR');
checkAccess('DELETEDIR');
$path = RoxyFile::FixPath(trim(empty($_GET['d'])?'':$_GET['d']));
$path = RoxyFile::FixPath(trim(empty($_GET['d']) ? '' : $_GET['d']));
verifyPath($path);
if(is_dir(fixPath($path))){
if(fixPath($path.'/') == fixPath(getFilesPath().'/'))
echo getErrorRes(t('E_CannotDeleteRoot'));
elseif(count(glob(fixPath($path)."/*")))
echo getErrorRes(t('E_DeleteNonEmpty'));
elseif(rmdir(fixPath($path)))
echo getSuccessRes();
else
echo getErrorRes(t('E_CannotDeleteDir').' '.basename($path));
}
else
echo getErrorRes(t('E_DeleteDirInvalidPath').' '.$path);
?>
if (is_dir(fixPath($path))) {
if (fixPath($path . '/') == fixPath(getFilesPath() . '/')) {
echo getErrorRes(t('E_CannotDeleteRoot'));
} elseif (count((array) glob(fixPath($path) . "/*"))) {
echo getErrorRes(t('E_DeleteNonEmpty'));
} elseif (rmdir(fixPath($path))) {
echo getSuccessRes();
} else {
echo getErrorRes(t('E_CannotDeleteDir') . ' ' . basename($path));
}
} else {
echo getErrorRes(t('E_DeleteDirInvalidPath') . ' ' . $path);
}

18
Application/fileman/php/deletefile.php
Voir le fichier

@ -29,12 +29,12 @@ checkAccess('DELETEFILE');
$path = RoxyFile::FixPath(trim($_POST['f']));
verifyPath($path);
if(is_file(fixPath($path))){
if(unlink(fixPath($path)))
echo getSuccessRes();
else
echo getErrorRes(t('E_DeletеFile').' '.basename($path));
}
else
echo getErrorRes(t('E_DeleteFileInvalidPath'));
?>
if (is_file(fixPath($path))) {
if (unlink(fixPath($path))) {
echo getSuccessRes();
} else {
echo getErrorRes(t('E_DeletеFile') . ' ' . basename($path));
}
} else {
echo getErrorRes(t('E_DeleteFileInvalidPath'));
}

87
Application/fileman/php/dirtree.php
Voir le fichier

@ -26,47 +26,60 @@ include 'functions.inc.php';
verifyAction('DIRLIST');
checkAccess('DIRLIST');
function getFilesNumber($path, $type){
$files = 0;
$dirs = 0;
$tmp = listDirectory($path);
foreach ($tmp as $ff){
if($ff == '.' || $ff == '..')
continue;
elseif(is_file($path.'/'.$ff) && ($type == '' || ($type == 'image' && RoxyFile::IsImage($ff)) || ($type == 'flash' && RoxyFile::IsFlash($ff))))
$files++;
elseif(is_dir($path.'/'.$ff))
$dirs++;
}
/**
* @param string $path
* @param string $type
* @return int[]
*/
function getFilesNumber(string $path, string $type): array
{
$files = 0;
$dirs = 0;
$tmp = listDirectory($path);
foreach ($tmp as $ff) {
if ($ff == '.' || $ff == '..') {
continue;
} elseif (
is_file($path . '/' . $ff) &&
($type == '' || ($type == 'image' && RoxyFile::IsImage($ff)) || ($type == 'flash' && RoxyFile::IsFlash($ff)))
) {
$files++;
} elseif (is_dir($path . '/' . $ff)) {
$dirs++;
}
}
return array('files'=>$files, 'dirs'=>$dirs);
}
function GetDirs($path, $type){
$ret = $sort = array();
$files = listDirectory(fixPath($path), 0);
foreach ($files as $f){
$fullPath = $path.'/'.$f;
if(!is_dir(fixPath($fullPath)) || $f == '.' || $f == '..')
continue;
$tmp = getFilesNumber(fixPath($fullPath), $type);
$ret[$fullPath] = array('path'=>$fullPath,'files'=>$tmp['files'],'dirs'=>$tmp['dirs']);
$sort[$fullPath] = $f;
}
natcasesort($sort);
foreach ($sort as $k => $v) {
$tmp = $ret[$k];
echo ',{"p":"'.mb_ereg_replace('"', '\\"', $tmp['path']).'","f":"'.$tmp['files'].'","d":"'.$tmp['dirs'].'"}';
GetDirs($tmp['path'], $type);
}
return array('files' => $files, 'dirs' => $dirs);
}
$type = (empty($_GET['type'])?'':strtolower($_GET['type']));
if($type != 'image' && $type != 'flash')
$type = '';
function GetDirs(string $path, string $type): void
{
$ret = $sort = array();
$files = listDirectory(fixPath($path));
foreach ($files as $f) {
$fullPath = $path . '/' . $f;
if (!is_dir(fixPath($fullPath)) || $f == '.' || $f == '..') {
continue;
}
$tmp = getFilesNumber(fixPath($fullPath), $type);
$ret[$fullPath] = array('path' => $fullPath, 'files' => $tmp['files'], 'dirs' => $tmp['dirs']);
$sort[$fullPath] = $f;
}
natcasesort($sort);
foreach ($sort as $k => $v) {
$tmp = $ret[$k];
echo ',{"p":"' . mb_ereg_replace('"', '\\"', $tmp['path']) . '","f":"' . $tmp['files'] . '","d":"' . $tmp['dirs'] . '"}';
GetDirs($tmp['path'], $type);
}
}
$type = (empty($_GET['type']) ? '' : strtolower($_GET['type']));
if ($type != 'image' && $type != 'flash') {
$type = '';
}
echo "[\n";
$tmp = getFilesNumber(fixPath(getFilesPath()), $type);
echo '{"p":"'. mb_ereg_replace('"', '\\"', getFilesPath()).'","f":"'.$tmp['files'].'","d":"'.$tmp['dirs'].'"}';
echo '{"p":"' . mb_ereg_replace('"', '\\"', getFilesPath()) . '","f":"' . $tmp['files'] . '","d":"' . $tmp['dirs'] . '"}';
GetDirs(getFilesPath(), $type);
echo "\n]";
?>
echo "\n]";

13
Application/fileman/php/download.php
Voir le fichier

@ -29,10 +29,9 @@ checkAccess('DOWNLOAD');
$path = RoxyFile::FixPath(trim($_GET['f']));
verifyPath($path);
if(is_file(fixPath($path))){
$file = urldecode(basename($path));
header('Content-Disposition: attachment; filename="'.$file.'"');
header('Content-Type: application/force-download');
readfile(fixPath($path));
}
?>
if (is_file(fixPath($path))) {
$file = urldecode(basename($path));
header('Content-Disposition: attachment; filename="' . $file . '"');
header('Content-Type: application/force-download');
readfile(fixPath($path));
}

43
Application/fileman/php/downloaddir.php
Voir le fichier

@ -22,7 +22,7 @@
*/
include '../system.inc.php';
include 'functions.inc.php';
@ini_set('memory_limit', -1);
@ini_set('memory_limit', '-1');
verifyAction('DOWNLOADDIR');
checkAccess('DOWNLOADDIR');
@ -30,26 +30,25 @@ $path = RoxyFile::FixPath(trim($_GET['d']));
verifyPath($path);
$path = fixPath($path);
if(!class_exists('ZipArchive')){
echo '<script>alert("Cannot create zip archive - ZipArchive class is missing. Check your PHP version and configuration");</script>';
}
else{
try{
$filename = basename($path);
$zipFile = $filename.'.zip';
$zipPath = BASE_PATH.'/tmp/'.$zipFile;
RoxyFile::ZipDir($path, $zipPath);
if (!class_exists('ZipArchive')) {
echo '<script>alert("Cannot create zip archive - ZipArchive class is missing. Check your PHP version and configuration");</script>';
} else {
try {
$filename = basename($path);
$zipFile = $filename . '.zip';
$zipPath = BASE_PATH . '/tmp/' . $zipFile;
RoxyFile::ZipDir($path, $zipPath);
header('Content-Disposition: attachment; filename="'.$zipFile.'"');
header('Content-Type: application/force-download');
readfile($zipPath);
function deleteTmp($zipPath){
@unlink($zipPath);
header('Content-Disposition: attachment; filename="' . $zipFile . '"');
header('Content-Type: application/force-download');
readfile($zipPath);
function deleteTmp(string $zipPath): void
{
@unlink($zipPath);
}
register_shutdown_function('deleteTmp', $zipPath);
} catch (Exception $ex) {
echo '<script>alert("' . addslashes(t('E_CreateArchive')) . '");</script>';
}
register_shutdown_function('deleteTmp', $zipPath);
}
catch(Exception $ex){
echo '<script>alert("'. addslashes(t('E_CreateArchive')).'");</script>';
}
}
?>
}

45
Application/fileman/php/fileslist.php
Voir le fichier

@ -26,34 +26,35 @@ include 'functions.inc.php';
verifyAction('FILESLIST');
checkAccess('FILESLIST');
$path = RoxyFile::FixPath(empty($_POST['d'])? getFilesPath(): $_POST['d']);
$type = (empty($_POST['type'])?'':strtolower($_POST['type']));
if($type != 'image' && $type != 'flash')
$type = '';
$path = RoxyFile::FixPath(empty($_POST['d']) ? getFilesPath() : $_POST['d']);
$type = (empty($_POST['type']) ? '' : strtolower($_POST['type']));
if ($type != 'image' && $type != 'flash') {
$type = '';
}
verifyPath($path);
$files = listDirectory(fixPath($path), 0);
$files = listDirectory(fixPath($path));
natcasesort($files);
$str = '';
echo '[';
foreach ($files as $f){
$fullPath = $path.'/'.$f;
if(!is_file(fixPath($fullPath)) || ($type == 'image' && !RoxyFile::IsImage($f)) || ($type == 'flash' && !RoxyFile::IsFlash($f)))
continue;
$size = filesize(fixPath($fullPath));
$time = filemtime(fixPath($fullPath));
$w = 0;
$h = 0;
if(RoxyFile::IsImage($f)){
$tmp = @getimagesize(fixPath($fullPath));
if($tmp){
$w = $tmp[0];
$h = $tmp[1];
foreach ($files as $f) {
$fullPath = $path . '/' . $f;
if (!is_file(fixPath($fullPath)) || ($type == 'image' && !RoxyFile::IsImage($f)) || ($type == 'flash' && !RoxyFile::IsFlash($f))) {
continue;
}
}
$str .= '{"p":"'.mb_ereg_replace('"', '\\"', $fullPath).'","s":"'.$size.'","t":"'.$time.'","w":"'.$w.'","h":"'.$h.'"},';
$size = filesize(fixPath($fullPath));
$time = filemtime(fixPath($fullPath));
$w = 0;
$h = 0;
if (RoxyFile::IsImage($f)) {
$tmp = @getimagesize(fixPath($fullPath));
if ($tmp) {
$w = $tmp[0];
$h = $tmp[1];
}
}
$str .= '{"p":"' . mb_ereg_replace('"', '\\"', $fullPath) . '","s":"' . $size . '","t":"' . $time . '","w":"' . $w . '","h":"' . $h . '"},';
}
$str = mb_substr($str, 0, -1);
echo $str;
echo ']';
?>
echo ']';

1014
Application/fileman/php/functions.inc.php
Voir le fichier

Fichier diff supprimé car celui-ci est trop grand Voir la Diff

30
Application/fileman/php/movedir.php
Voir le fichier

@ -26,21 +26,21 @@ include 'functions.inc.php';
verifyAction('MOVEDIR');
checkAccess('MOVEDIR');
$path = RoxyFile::FixPath(trim(empty($_GET['d'])?'':$_GET['d']));
$newPath = RoxyFile::FixPath(trim(empty($_GET['n'])?'':$_GET['n']));
$path = RoxyFile::FixPath(trim(empty($_GET['d']) ? '' : $_GET['d']));
$newPath = RoxyFile::FixPath(trim(empty($_GET['n']) ? '' : $_GET['n']));
verifyPath($path);
verifyPath($newPath);
if(is_dir(fixPath($path))){
if(mb_strpos($newPath, $path) === 0)
echo getErrorRes(t('E_CannotMoveDirToChild'));
elseif(file_exists(fixPath($newPath).'/'.basename($path)))
echo getErrorRes(t('E_DirAlreadyExists'));
elseif(rename(fixPath($path), fixPath($newPath).'/'.basename($path)))
echo getSuccessRes();
else
echo getErrorRes(t('E_MoveDir').' '.basename($path));
}
else
echo getErrorRes(t('E_MoveDirInvalisPath'));
?>
if (is_dir(fixPath($path))) {
if (mb_strpos($newPath, $path) === 0) {
echo getErrorRes(t('E_CannotMoveDirToChild'));
} elseif (file_exists(fixPath($newPath) . '/' . basename($path))) {
echo getErrorRes(t('E_DirAlreadyExists'));
} elseif (rename(fixPath($path), fixPath($newPath) . '/' . basename($path))) {
echo getSuccessRes();
} else {
echo getErrorRes(t('E_MoveDir') . ' ' . basename($path));
}
} else {
echo getErrorRes(t('E_MoveDirInvalisPath'));
}

37
Application/fileman/php/movefile.php
Voir le fichier

@ -26,25 +26,24 @@ include 'functions.inc.php';
verifyAction('MOVEFILE');
checkAccess('MOVEFILE');
$path = RoxyFile::FixPath(trim(empty($_POST['f'])?'':$_POST['f']));
$newPath = RoxyFile::FixPath(trim(empty($_POST['n'])?'':$_POST['n']));
if(!$newPath)
$newPath = getFilesPath();
$path = RoxyFile::FixPath(trim(empty($_POST['f']) ? '' : $_POST['f']));
$newPath = RoxyFile::FixPath(trim(empty($_POST['n']) ? '' : $_POST['n']));
if (!$newPath) {
$newPath = getFilesPath();
}
verifyPath($path);
verifyPath($newPath);
if(!RoxyFile::CanUploadFile(basename($newPath))) {
echo getErrorRes(t('E_FileExtensionForbidden'));
}
elseif(is_file(fixPath($path))){
if(file_exists(fixPath($newPath)))
echo getErrorRes(t('E_MoveFileAlreadyExists').' '.basename($newPath));
elseif(rename(fixPath($path), fixPath($newPath)))
echo getSuccessRes();
else
echo getErrorRes(t('E_MoveFile').' '.basename($path));
}
else {
echo getErrorRes(t('E_MoveFileInvalisPath'));
}
?>
if (!RoxyFile::CanUploadFile(basename($newPath))) {
echo getErrorRes(t('E_FileExtensionForbidden'));
} elseif (is_file(fixPath($path))) {
if (file_exists(fixPath($newPath))) {
echo getErrorRes(t('E_MoveFileAlreadyExists') . ' ' . basename($newPath));
} elseif (rename(fixPath($path), fixPath($newPath))) {
echo getSuccessRes();
} else {
echo getErrorRes(t('E_MoveFile') . ' ' . basename($path));
}
} else {
echo getErrorRes(t('E_MoveFileInvalisPath'));
}

26
Application/fileman/php/renamedir.php
Voir le fichier

@ -26,18 +26,18 @@ include 'functions.inc.php';
verifyAction('RENAMEDIR');
checkAccess('RENAMEDIR');
$path = RoxyFile::FixPath(trim(empty($_POST['d'])? '': $_POST['d']));
$name = RoxyFile::FixPath(trim(empty($_POST['n'])? '': $_POST['n']));
$path = RoxyFile::FixPath(trim(empty($_POST['d']) ? '' : $_POST['d']));
$name = RoxyFile::FixPath(trim(empty($_POST['n']) ? '' : $_POST['n']));
verifyPath($path);
if(is_dir(fixPath($path))){
if(fixPath($path.'/') == fixPath(getFilesPath().'/'))
echo getErrorRes(t('E_CannotRenameRoot'));
elseif(rename(fixPath($path), dirname(fixPath($path)).'/'.$name))
echo getSuccessRes();
else
echo getErrorRes(t('E_RenameDir').' '.basename($path));
}
else
echo getErrorRes(t('E_RenameDirInvalidPath'));
?>
if (is_dir(fixPath($path))) {
if (fixPath($path . '/') == fixPath(getFilesPath() . '/')) {
echo getErrorRes(t('E_CannotRenameRoot'));
} elseif (rename(fixPath($path), dirname(fixPath($path)) . '/' . $name)) {
echo getSuccessRes();
} else {
echo getErrorRes(t('E_RenameDir') . ' ' . basename($path));
}
} else {
echo getErrorRes(t('E_RenameDirInvalidPath'));
}

26
Application/fileman/php/renamefile.php
Voir le fichier

@ -26,18 +26,18 @@ include 'functions.inc.php';
verifyAction('RENAMEFILE');
checkAccess('RENAMEFILE');
$path = RoxyFile::FixPath(trim(empty($_POST['f'])?'':$_POST['f']));
$name = RoxyFile::FixPath(trim(empty($_POST['n'])?'':$_POST['n']));
$path = RoxyFile::FixPath(trim(empty($_POST['f']) ? '' : $_POST['f']));
$name = RoxyFile::FixPath(trim(empty($_POST['n']) ? '' : $_POST['n']));
verifyPath($path);
if(is_file(fixPath($path))){
if(!RoxyFile::CanUploadFile($name))
echo getErrorRes(t('E_FileExtensionForbidden').' ".'.RoxyFile::GetExtension($name).'"');
elseif(rename(fixPath($path), dirname(fixPath($path)).'/'.$name))
echo getSuccessRes();
else
echo getErrorRes(t('E_RenameFile').' '.basename($path));
}
else
echo getErrorRes(t('E_RenameFileInvalidPath'));
?>
if (is_file(fixPath($path))) {
if (!RoxyFile::CanUploadFile($name)) {
echo getErrorRes(t('E_FileExtensionForbidden') . ' ".' . RoxyFile::GetExtension($name) . '"');
} elseif (rename(fixPath($path), dirname(fixPath($path)) . '/' . $name)) {
echo getSuccessRes();
} else {
echo getErrorRes(t('E_RenameFile') . ' ' . basename($path));
}
} else {
echo getErrorRes(t('E_RenameFileInvalidPath'));
}

7
Application/fileman/php/security.inc.php
Voir le fichier

@ -20,7 +20,8 @@
Contact: Lyubomir Arsov, liubo (at) web-lobby.com
*/
function checkAccess($action) {
function checkAccess(string $action): void
{
unset($action);
if($_COOKIE['filemanagerkey'] !== md5_file("../../../../../../config.inc.php")) die('nice try, noob.');
}
?>
}

17
Application/fileman/php/thumb.php
Voir le fichier

@ -29,18 +29,17 @@ header("Cache-Control: max-age=3600");
verifyAction('GENERATETHUMB');
checkAccess('GENERATETHUMB');
$path = RoxyFile::FixPath(urldecode(empty($_GET['f'])?'':$_GET['f']));
$path = RoxyFile::FixPath(urldecode(empty($_GET['f']) ? '' : $_GET['f']));
verifyPath($path);
@chmod(fixPath(dirname($path)), octdec(DIRPERMISSIONS));
@chmod(fixPath($path), octdec(FILEPERMISSIONS));
@chmod(fixPath(dirname($path)), (int) octdec(DIRPERMISSIONS));
@chmod(fixPath($path), (int) octdec(FILEPERMISSIONS));
$w = intval(empty($_GET['width'])?'100':$_GET['width']);
$h = intval(empty($_GET['height'])?'0':$_GET['height']);
$w = intval(empty($_GET['width']) ? '100' : $_GET['width']);
$h = intval(empty($_GET['height']) ? '0' : $_GET['height']);
header('Content-type: '.RoxyFile::GetMIMEType(basename($path)));
if($w && $h)
RoxyImage::CropCenter(fixPath($path), null, $w, $h);
else
RoxyImage::Resize(fixPath($path), null, $w, $h);
?>
RoxyImage::CropCenter(fixPath($path), null, $w, $h);
else
RoxyImage::Resize(fixPath($path), null, $w, $h);

93
Application/fileman/php/upload.php
Voir le fichier

@ -26,58 +26,57 @@ include 'functions.inc.php';
verifyAction('UPLOAD');
checkAccess('UPLOAD');
$isAjax = (isset($_POST['method']) && $_POST['method'] == 'ajax');
$path = RoxyFile::FixPath(trim(empty($_POST['d'])?getFilesPath():$_POST['d']));
$path = RoxyFile::FixPath(trim(empty($_POST['d']) ? getFilesPath() : $_POST['d']));
verifyPath($path);
$res = '';
if(is_dir(fixPath($path))){
if(!empty($_FILES['files']) && is_array($_FILES['files']['tmp_name'])){
$errors = $errorsExt = array();
foreach($_FILES['files']['tmp_name'] as $k=>$v){
$filename = $_FILES['files']['name'][$k];
$filename = RoxyFile::MakeUniqueFilename(fixPath($path), $filename);
$filePath = fixPath($path).'/'.$filename;
$isUploaded = true;
if(!RoxyFile::CanUploadFile($filename)){
$errorsExt[] = $filename;
$isUploaded = false;
}
elseif(!move_uploaded_file($v, $filePath)){
$errors[] = $filename;
$isUploaded = false;
}
if(is_file($filePath)){
@chmod ($filePath, octdec(FILEPERMISSIONS));
}
if($isUploaded && RoxyFile::IsImage($filename) && (intval(MAX_IMAGE_WIDTH) > 0 || intval(MAX_IMAGE_HEIGHT) > 0)){
RoxyImage::Resize($filePath, $filePath, intval(MAX_IMAGE_WIDTH), intval(MAX_IMAGE_HEIGHT));
}
}
if($errors && $errorsExt)
$res = getSuccessRes(t('E_UploadNotAll').' '.t('E_FileExtensionForbidden'));
elseif($errorsExt)
$res = getSuccessRes(t('E_FileExtensionForbidden'));
elseif($errors)
$res = getSuccessRes(t('E_UploadNotAll'));
else
$res = getSuccessRes();
}
else
$res = getErrorRes(t('E_UploadNoFiles'));
}
else
$res = getErrorRes(t('E_UploadInvalidPath'));
$errors = $errorsExt = array();
if($isAjax){
if($errors || $errorsExt)
$res = getErrorRes(t('E_UploadNotAll'));
echo $res;
if (is_dir(fixPath($path))) {
if (!empty($_FILES['files']) && is_array($_FILES['files']['tmp_name'])) {
foreach ($_FILES['files']['tmp_name'] as $k => $v) {
$filename = $_FILES['files']['name'][$k];
$filename = RoxyFile::MakeUniqueFilename(fixPath($path), $filename);
$filePath = fixPath($path) . '/' . $filename;
$isUploaded = true;
if (!RoxyFile::CanUploadFile($filename)) {
$errorsExt[] = $filename;
$isUploaded = false;
} elseif (!move_uploaded_file($v, $filePath)) {
$errors[] = $filename;
$isUploaded = false;
}
if (is_file($filePath)) {
@chmod($filePath, (int) octdec(FILEPERMISSIONS));
}
if ($isUploaded && RoxyFile::IsImage($filename) && (intval(MAX_IMAGE_WIDTH) > 0 || intval(MAX_IMAGE_HEIGHT) > 0)) {
RoxyImage::Resize($filePath, $filePath, intval(MAX_IMAGE_WIDTH), intval(MAX_IMAGE_HEIGHT));
}
}
if ($errors && $errorsExt) {
$res = getSuccessRes(t('E_UploadNotAll') . ' ' . t('E_FileExtensionForbidden'));
} elseif ($errorsExt) {
$res = getSuccessRes(t('E_FileExtensionForbidden'));
} elseif ($errors) {
$res = getSuccessRes(t('E_UploadNotAll'));
} else {
$res = getSuccessRes();
}
} else {
$res = getErrorRes(t('E_UploadNoFiles'));
}
} else {
$res = getErrorRes(t('E_UploadInvalidPath'));
}
else{
echo '
if ($isAjax) {
if ($errors || $errorsExt) {
$res = getErrorRes(t('E_UploadNotAll'));
}
echo $res;
} else {
echo '
<script>
parent.fileUploaded('.$res.');
parent.fileUploaded(' . $res . ')
</script>';
}
?>

19
phpstan.neon
Voir le fichier

@ -4,7 +4,20 @@ parameters:
- ../../o3-shop/shop-ce/source/oxfunctions.php
paths:
- Application
excludePaths:
- Application/fileman
level: 9
phpVersion: 70400
phpVersion: 70400
ignoreErrors:
- '#Constant FILES_ROOT not found.#'
- '#Constant SESSION_PATH_KEY not found.#'
- '#Constant FORBIDDEN_UPLOADS not found.#'
- '#Constant ALLOWED_UPLOADS not found.#'
- '#Constant BASE_PATH not found.#'
- '#Constant DIRPERMISSIONS not found.#'
- '#Constant FILEPERMISSIONS not found.#'
- '#Constant MAX_IMAGE_HEIGHT not found.#'
- '#Constant MAX_IMAGE_WIDTH not found.#'
- '#Method RoxyImage\:\:OutputImage\(\) has no return type specified.#'
- '#Method RoxyImage\:\:OutputImage\(\) has parameter \$img with no type specified.#'
- '#Method RoxyImage\:\:SetAlpha\(\) has no return type specified.#'
- '#Method RoxyImage\:\:SetAlpha\(\) has parameter \$img with no type specified.#'
- '#Method RoxyImage\:\:GetImage\(\) has no return type specified.#'