1<?php 2/* 3 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 4 * Copyright (C) 2003-2009 Frederico Caldeira Knabben 5 * 6 * == BEGIN LICENSE == 7 * 8 * Licensed under the terms of any of the following licenses at your 9 * choice: 10 * 11 * - GNU General Public License Version 2 or later (the "GPL") 12 * http://www.gnu.org/licenses/gpl.html 13 * 14 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 15 * http://www.gnu.org/licenses/lgpl.html 16 * 17 * - Mozilla Public License Version 1.1 or later (the "MPL") 18 * http://www.mozilla.org/MPL/MPL-1.1.html 19 * 20 * == END LICENSE == 21 * 22 * This is the File Manager Connector for PHP. 23 */ 24 25 26 27 28require_once 'check_acl.php'; 29require_once 'input_utils.php'; 30global $dwfck_conf; 31global $_FolderClass; 32 33function GetDwfckNs() 34{ 35 echo $_SESSION['dwfck_ns']; 36} 37 38 39 function has_permission($folder, $resourceType, $isFolder=true) { 40 global $_FolderClass; 41 global $Dwfck_conf_values; 42 $folder = str_replace('//','/',$folder); 43 44 $sFolderPath = GetResourceTypeDirectory( $resourceType, 'GetFoldersAndFiles'); 45 46 $ns_tmp = str_replace('/',':',$folder); 47 $ns_tmp=trim($ns_tmp,':'); 48 49 if(preg_match('/%[a-zA-a0-9]/', $ns_tmp) && $Dwfck_conf_values['fnencode'] == 'safe') { 50 $test = dwiki_decodeFN($ns_tmp); 51 } 52 else { 53 54 $test = urldecode($ns_tmp); 55 } 56 57 if($isFolder) { 58 $test .= ':*' ; 59 } 60 else { 61 $test=preg_replace('/\.txt$/',"",$test); 62 } 63 64 $AUTH = auth_aclcheck($test, $_SESSION['dwfck_client'] , $_SESSION['dwfck_grps'], 1); 65 66 $_FolderClass = $AUTH; 67 if(!$isFolder) return($AUTH > 0); 68 return ($AUTH >1); 69 } 70 71 72function GetFolders( $resourceType, $currentFolder ) 73{ 74 75 global $_FolderClass; 76 global $Config; 77 $currentFolder=encode_dir($currentFolder); 78 79 $isInternalLink = input_strval('DWFCK_Browser', 'local') ; 80 // Map the virtual path to the local server path. 81 $sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFolders' ) ; 82 83 if($Config['osWindows']) { 84 $sServerDir = normalizeWIN($sServerDir); 85 } 86 87 // Array that will hold the folders names. 88 $aFolders = array() ; 89 90 $oCurrentFolder = @opendir( $sServerDir ) ; 91 92 if ($oCurrentFolder !== false) 93 { 94 while ( $sFile = readdir( $oCurrentFolder ) ) 95 { 96 if ( $sFile != '.' && $sFile != '..' && is_dir( $sServerDir . $sFile ) ) { 97 98 99 if(has_permission(dwiki_encodeFN($currentFolder) .'/' . $sFile, $resourceType) || has_open_access() ) { 100 if($isInternalLink && $_FolderClass < 255) { 101 $class = 'r'; 102 } 103 else $class = ($_FolderClass < 8) ? 'r' : 'u'; 104 can_delete($class); 105 if($_FolderClass) { 106 $aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . 107 '" class="'. $class .'" />' ; 108 } 109 110 } 111 } 112 } 113 114 115 closedir( $oCurrentFolder ) ; 116 } 117 118 // Open the "Folders" node. 119 echo "<Folders>" ; 120 121 natcasesort( $aFolders ) ; 122 123 foreach ( $aFolders as $sFolder ) 124 125 echo $sFolder ; 126 127 128 // Close the "Folders" node. 129 echo "</Folders>" ; 130 131} 132 133/** 134 seeks to determine whether user has rights to create folder 135 if the folder does not exist when file browser is opened 136 and the editor has not created it 137 This situation occurs when the file browser opened from the 138 root directory, where the file being written to is in a 139 new subdirectory that has been created for the file: 140 parent_dir:new_dir:new_file 141 Dokuwiki creates new_dir in data/pages but not in data/media. 142 Dokuwiki creates data/media/new_dir when the user opens 143 the media manager. Similarly, this directory has to be created when 144 FCKeditor's file browser is opened 145 146*/ 147function has_open_access() { 148 149 $open_access = false; 150 if(isset($_REQUEST['TopLevel'])) { 151 // list($top_level,$auth) = explode(';;',$_REQUEST['TopLevel']); 152 // if($auth == 255 && $top_level =='/') $open_access = true; 153 } 154 $isadmin = isset($_SESSION['dwfck_conf']['isadmin']) ? $_SESSION['dwfck_conf']['isadmin'] : false; 155 $acl = isset($_SESSION['dwfck_acl']) ? $_SESSION['dwfck_acl'] : 1; 156 $openbrowser = (isset($_SESSION['dwfck_openfb']) && $_SESSION['dwfck_openfb'] == 'y') ? true : false; 157 if($open_access || $isadmin || $acl == 255 || ($openbrowser && $acl >= 8)) { 158 return true; 159 } 160 161 return false; 162} 163 164 165 166function GetFoldersAndFiles( $resourceType, $currentFolder ) 167{ 168 if (!isset($_GET)) { 169 global $_GET; 170 } 171 global $Config; 172 173 $isInternalLink = input_strval('DWFCK_Browser', 'local') ; 174 global $_FolderClass; 175 global $Config; 176 $currentFolder=encode_dir($currentFolder); 177 178 $sess_id = session_id(); 179 if(!isset($sess_id) || $sess_id != $_COOKIE['FCK_NmSp_acl']) { 180 session_id($_COOKIE['FCK_NmSp_acl']); 181 session_start(); 182 } 183 $acl_del = isset($_SESSION['dwfck_del']) ? $_SESSION['dwfck_del'] : 0; 184 // Map the virtual path to the local server path. 185 $sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFoldersAndFiles' ) ; 186 if($Config['osWindows']) { 187 $sServerDir = normalizeWIN($sServerDir); 188 } 189 190 mkdir_rek($sServerDir); 191 // Arrays that will hold the folders and files names. 192 $aFolders = array() ; 193 $aFiles = array() ; 194 195 $sFile = '__AAAAAAAA__.AAA'; 196 $temp_folder = $currentFolder; 197 $temp_folder = dwiki_encodeFN(trim($temp_folder,'/')); 198 has_permission($temp_folder, $resourceType); 199 if($isInternalLink && $_FolderClass < 16) { 200 $sfclass = 'r'; 201 } 202 else { 203 if($acl_del) { 204 $sfclass = $_FolderClass >= 16 ? 'u' : 'r'; 205 } 206 else $sfclass = ($_FolderClass >= 8 || has_open_access()) ? 'u' : 'r'; 207 can_delete($sfclass); 208 } 209 if(!$_FolderClass) return; 210 $aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . 211 '" class="'. $sfclass .'" />' ; 212 213 $sErrorNumber=0; 214 215 216 $sFolderPath = GetResourceTypeDirectory( $resourceType, 'GetFoldersAndFiles'); 217 218 $absolute_path = $Config['UserFilesAbsolutePath']; 219 220 221 222 223 $oCurrentFolder = @opendir( $sServerDir ) ; 224 225 if ($oCurrentFolder !== false) 226 { 227 while ( $sFile = readdir( $oCurrentFolder ) ) 228 { 229 230 if ( $sFile != '.' && $sFile != '..' ) 231 { 232 if ( is_dir( $sServerDir . $sFile ) ) { 233 234 if(has_permission(dwiki_encodeFN($currentFolder) .$sFile, $resourceType) || has_open_access()) { 235 if($isInternalLink && $_FolderClass < 255) { 236 $class = 'r'; 237 } 238 else { 239 $class = ($_FolderClass < 8) ? 'r' : 'u'; 240 can_delete($class); 241 } 242 if($_FolderClass){ 243 $aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . 244 '" class="'. $class .'" />' ; 245 } 246 247 } 248 249 } 250 else 251 { 252 $iFileSize = @filesize( $sServerDir . $sFile ) ; 253 $cTime= filectime( $sServerDir . $sFile ); 254 if ( !$iFileSize ) { 255 $iFileSize = 0 ; 256 } 257 if ( $iFileSize > 0 ) 258 { 259 $iFileSize = round( $iFileSize / 1024 ) ; 260 if ( $iFileSize < 1 ) 261 $iFileSize = 1 ; 262 } 263 if($isInternalLink) { 264 if(!preg_match('/\.txt$/', $sFile)) continue; 265 if(has_permission(dwiki_encodeFN($currentFolder) .$sFile, $resourceType, false)) { 266 // $aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" />' ; 267 $aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" time="' . $cTime .'" />' ; 268 } 269 } 270 else { 271 if($resourceType == 'Image') { 272 list($width, $height, $type, $attr) = getimagesize($sServerDir . $sFile); 273 if(isset($width) && isset($height)) { 274 $iFileSize .= ";;$width;;$height"; 275 } 276 277 } 278 279 280 // $aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" />' ; 281 $aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" time="' . $cTime .'" />' ; 282 } 283 284 } 285 } 286 } 287 closedir( $oCurrentFolder ) ; 288 } 289 290 291 292 // Send the folders 293 natcasesort( $aFolders ) ; 294 echo '<Folders>' ; 295 296 foreach ( $aFolders as $sFolder ) { 297 298 echo $sFolder; 299 } 300 301 echo '</Folders>' ; 302 303 // Send the files 304 natcasesort( $aFiles ) ; 305 echo '<Files>' ; 306 307 foreach ( $aFiles as $sFiles ) 308 echo $sFiles ; 309 310 echo '</Files>' ; 311 312 313 314} 315 316function CreateFolder( $resourceType, $currentFolder ) 317{ 318 global $_FolderClass; 319 global $Config; 320 if (!isset($_GET)) { 321 global $_GET; 322 } 323 $sErrorNumber = '0' ; 324 $sErrorMsg = '' ; 325 if(!has_permission($currentFolder, $resourceType) || $_FolderClass < 8 ) { 326 if(!has_open_access()) { 327 $sErrorNumber = 103; 328 echo '<Error number="' . $sErrorNumber . '" />' ; 329 return; 330 } 331 } 332 333 $sNewFolderName = input_strval('NewFolderName'); 334 if(isset($sNewFolderName)) 335 { 336 $sess_id = session_id(); 337 if(!isset($sess_id) || $sess_id != $_COOKIE['FCK_NmSp_acl']) { 338 session_id($_COOKIE['FCK_NmSp_acl']); 339 session_start(); 340 } 341 342 global $Dwfck_conf_values; 343 global $dwfck_conf; 344 $dwfck_conf = $_SESSION['dwfck_conf']; 345 if(empty($dwfck_conf)) { 346 $dwfck_conf['deaccent'] = isset($Dwfck_conf_values['deaccent'])? $Dwfck_conf_values['deaccent'] : 1; 347 $dwfck_conf['useslash'] = isset($Dwfck_conf_values['useslash']) ? $Dwfck_conf_values['useslash'] : 0; 348 $dwfck_conf['sepchar'] = isset($Dwfck_conf_values['sepchar']) ? $Dwfck_conf_values['sepchar'] : '_'; 349 } 350 351 $sNewFolderName = input_strval('NewFolderName'); 352 $sNewFolderName = str_replace(' ', $dwfck_conf['sepchar'], $sNewFolderName); 353 $sNewFolderName=Dwfck_sanitize( $sNewFolderName ) ; 354 355 if ( strpos( $sNewFolderName, '..' ) !== FALSE ) 356 $sErrorNumber = '102' ; // Invalid folder name. 357 else 358 { 359 // Map the virtual path to the local server path of the current folder. 360 $sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'CreateFolder' ) ; 361 362 if($Dwfck_conf_values['fnencode'] == 'url' || ($Config['osWindows'] && !isset($Dwfck_conf_values['fnencode']))) { 363 $sServerDir=encode_dir($sServerDir); 364 } 365 if($Config['osWindows']) { 366 $sServerDir = normalizeWIN($sServerDir); 367 } 368 369 if ( is_writable( $sServerDir ) ) 370 { 371 $sServerDir .= $sNewFolderName ; 372 373 $sErrorMsg = CreateServerFolder( $sServerDir ) ; 374 375 switch ( $sErrorMsg ) 376 { 377 case '' : 378 $sErrorNumber = '0' ; 379 break ; 380 case 'Invalid argument' : 381 case 'No such file or directory' : 382 $sErrorNumber = '102' ; // Path too long. 383 break ; 384 default : 385 $sErrorNumber = '110' ; 386 break ; 387 } 388 } 389 else 390 $sErrorNumber = '103' ; 391 } 392 } 393 else 394 $sErrorNumber = '102' ; 395 396 // Create the "Error" node. 397 echo '<Error number="' . $sErrorNumber . '" />' ; 398} 399 400function Dwfck_sanitize($sFileName, $media=false) { 401 global $Dwfck_conf_values; 402 403 $sFileName = dwiki_decodeFN($sFileName); 404 $sFileName = cleanID($sFileName,false,$media); 405 return dwiki_encodeFN($sFileName); 406} 407 408 409function normalizeWIN($path) { 410 if(!$path) return ""; 411 global $winChars, $winSearch; 412 if(!isset($winSearch)) { 413 $winChars = array('/',':','(',')','{','}','{','}',' ', '\\', 414 ']','[', '$', '+', '@', '!', '#', '%', '*', '?'); 415 $winSearch = array_map('rawurlencode', $winChars); 416 } 417 418 $path = str_replace($winSearch,$winChars,$path); 419 $path = str_replace('/','\\',$path); 420 // $path = preg_replace('#\\\\{2,}#','\\',$path); 421 $path = str_replace('.\\','\\',$path); 422 423 return str_replace('+',' ', $path); 424 425 426} 427 428function UnlinkFile($resourceType, $currentFolder, $sCommand, $filename ) { 429global $Config; 430 global $Dwfck_conf_values; 431 $move = false; 432 433 //file_put_contents('debug.txt',"$currentFolder, $sCommand, $filename"); 434 435 $sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFoldersAndFiles' ) ; 436 $path = $sServerDir.$filename; 437 // file_put_contents('debug.txt2',$path); 438 $parts=pathinfo($path); 439 // file_put_contents('debug.txt3',print_r($parts,1)); 440 441 442 if(preg_match('/^(.*?)\/(.*?)$/',$filename,$matches)) { 443 $move = true; 444 $sMoveDir = $sServerDir; 445 $sMoveDir .= dwiki_encodeFN($matches[1]); 446 447 $sMoveDir = rtrim($sMoveDir, '/'); 448 $filename = $matches[2]; 449 mkdir_rek($sMoveDir); 450 451 452 if(preg_match('/secure$/', $sMoveDir)){ 453 if(!file_exists($sMoveDir . '/' . '.htaccess')) { 454 copy( 'htaccess' , $sMoveDir . '/' . '.htaccess') ; 455 } 456 } 457 $moveFile = $sMoveDir . '/' . dwiki_encodeFN($filename ); 458 459 } 460 else { 461 if($Dwfck_conf_values['fnencode'] == 'url' || ($Config['osWindows'] && !isset($Dwfck_conf_values['fnencode']))) { 462 $sServerDir=encode_dir($sServerDir); 463 } 464 } 465 466 $unlinkFile = $sServerDir . dwiki_encodeFN($filename ); 467 468 if($Config['osWindows']) { 469 $unlinkFile = normalizeWIN($unlinkFile); 470 } 471 472 if($move) { 473 if($Config['osWindows']) { 474 $moveFile = normalizeWIN($moveFile); 475 } 476 477 if(rename($unlinkFile, $moveFile)) { 478 return GetFoldersAndFiles( $resourceType, $currentFolder ); 479 } 480 else { 481 $sErrorNumber = '205'; 482 echo '<Error number="' . $sErrorNumber . '" />' ; 483 return; 484 } 485 } 486 return GetFoldersAndFiles( $resourceType, $currentFolder ); 487 if(file_exists($unlinkFile) && unlink($unlinkFile)) { 488 return GetFoldersAndFiles( $resourceType, $currentFolder ); 489 } 490 else { 491 $sErrorNumber = '204'; 492 echo '<Error number="' . $sErrorNumber . '" />' ; 493 } 494 495} 496 497function encode_dir($path) { 498 499 if(preg_match('/%25/',$path)) { 500 $path = urldecode($path); 501 while(preg_match('/%25/',$path)) { 502 $path = urldecode($path); 503 } 504 505 return $path; 506 507 } 508 509 if(preg_match('/%[A-F]\d/i',$path) || preg_match('/%\d[A-F]/i',$path)) { 510 return $path; 511 } 512 513 514 $dirs = explode('/',$path); 515 516 $new_path = ""; 517 foreach($dirs as $dir) { 518 $new_path .= dwiki_encodeFN($dir). '/'; 519 } 520 521 $new_path = rtrim($new_path,'/'); 522 $new_path .= '/'; 523 524 return $new_path; 525} 526 527function FileUpload( $resourceType, $currentFolder, $sCommand ) 528{ 529 global $dwfck_conf; 530 531 if (!isset($_FILES)) { 532 global $_FILES; 533 } 534 $f_args = array( 535 'name' => array('filter' => FILTER_SANITIZE_STRING|FILTER_SANITIZE_ENCODED, 536 'flags' => FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH), 537 'type' => "", 538 'tmp_name' => "", 539 'error' => "", 540 'size' => "" 541) ; 542 $keys = array_keys($_FILES); 543 $file_data = filter_var_array($_FILES[$keys[0]], $f_args); 544 // cmd_write_debug($_FILES); 545 // cmd_write_debug($file_data); 546 $sErrorNumber = '0' ; 547 $sFileName = '' ; 548 549 $sess_id = session_id(); 550 if(!isset($sess_id) || $sess_id != $_COOKIE['FCK_NmSp_acl']) { 551 session_id($_COOKIE['FCK_NmSp_acl']); 552 session_start(); 553 } 554 555 global $Dwfck_conf_values; 556 $dwfck_conf = $_SESSION['dwfck_conf']; 557 if(empty($dwfck_conf)) { 558 $dwfck_conf['deaccent'] = isset($Dwfck_conf_values['deaccent'])? $Dwfck_conf_values['deaccent'] : 1; 559 $dwfck_conf['useslash'] = isset($Dwfck_conf_values['useslash']) ? $Dwfck_conf_values['useslash'] : 0; 560 $dwfck_conf['sepchar'] = isset($Dwfck_conf_values['sepchar']) ? $Dwfck_conf_values['sepchar'] : '_'; 561 } 562 563 $auth = 0; 564 if(isset($_REQUEST['TopLevel'])) { 565 list($top_level,$auth) = explode(';;',$_REQUEST['TopLevel']); 566 } 567 568 569 570 $safe = false; 571 global $Dwfck_conf_values; 572 if($Dwfck_conf_values['fnencode'] == 'safe') { 573 if(preg_match('/%[a-z]+[0-9]/',$currentFolder) || preg_match('/%[0-9][a-z]/',$currentFolder)) { 574 $safe = true; 575 } 576 } 577 $ns_tmp = dwiki_decodeFN(trim($currentFolder, '/')); 578 579 $ns_tmp = str_replace('/', ':', $ns_tmp); 580 $test = $ns_tmp . ':*' ; 581 582 if(!$safe) { 583 $test = urldecode($test); 584 585 while(preg_match('/%25/',$test)){ 586 $test = urldecode($test); 587 } 588 $test = urldecode($test); 589 } 590 591 $isadmin = isset($_SESSION['dwfck_conf']['isadmin']) ? $_SESSION['dwfck_conf']['isadmin'] : false; 592 if(!$isadmin) { 593 $AUTH = auth_aclcheck($test, $_SESSION['dwfck_client'] , $_SESSION['dwfck_grps'],1); 594 595 if($AUTH < 8) { 596 $msg=""; 597 $sFileUrl = CombinePaths( GetResourceTypePath( $resourceType, $sCommand ) , $currentFolder ) ; 598 $sFileUrl = CombinePaths( $sFileUrl, $file_data['name']); 599 SendUploadResults( '203', $sFileUrl, $file_data['name'], $msg ) ; 600 return; 601 602 } 603 } 604 if(!$safe) { 605 $currentFolder = encode_dir($currentFolder); 606 } 607 if ( isset( $file_data ) && !is_null( $file_data['tmp_name'] ) ) 608 { 609 global $Config ; 610 611 $upload_err = $file_data['error']; 612 if($upload_err ) { 613 send_ckg_UploadError($upload_err,$sFileUrl, $file_data['name']); 614 exit; 615 } 616 $oFile = $file_data ; 617 618 619 // Map the virtual path to the local server path. 620 $sServerDir = ServerMapFolder( $resourceType, $currentFolder, $sCommand ) ; 621 622 // Get the uploaded file name. 623 $sFileName = dwiki_encodeFN($oFile['name']) ; 624 $sOriginalFileName = dwiki_encodeFN($sFileName); 625 626 // Get the extension. 627 $sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ; 628 $sExtension = strtolower( $sExtension ) ; 629 $image_file = false; 630 631 if(in_array($sExtension,$Config['AllowedExtensions']['Image'])) { 632 $image_file=true; 633 } 634 635 if ( isset( $Config['SecureImageUploads'] ) ) 636 { 637 if ( ( $isImageValid = IsImageValid( $oFile['tmp_name'], $sExtension ) ) === false ) 638 { 639 $sErrorNumber = '202' ; 640 } 641 } 642 643 if ( isset( $Config['HtmlExtensions'] ) ) 644 { 645 if ( !IsHtmlExtension( $sExtension, $Config['HtmlExtensions'] ) && 646 ( $detectHtml = DetectHtml( $oFile['tmp_name'] ) ) === true ) 647 { 648 $sErrorNumber = '202' ; 649 } 650 } 651 652 $sFileName = Dwfck_sanitize($sFileName, $image_file); 653 654 // Check if it is an allowed extension. 655 if ( !$sErrorNumber && IsAllowedExt( $sExtension, $resourceType ) ) 656 { 657 $iCounter = 0 ; 658 659 while ( true ) 660 { 661 662 //$sFileName = strtolower($sFileName); 663 664 if(!is_dir($sServerDir)) 665 { 666 if ( isset( $Config['ChmodOnFolderCreate'] ) && !$Config['ChmodOnFolderCreate'] ) 667 { 668 mkdir_rek($sServerDir,$permissions); 669 } 670 else 671 { 672 $permissions = 0777 ; 673 if ( isset( $Config['ChmodOnFolderCreate'] ) ) 674 { 675 $permissions = $Config['ChmodOnFolderCreate'] ; 676 } 677 // To create the folder with 0777 permissions, we need to set umask to zero. 678 $oldumask = umask(0) ; 679 mkdir_rek($sServerDir,$permissions); 680 umask( $oldumask ) ; 681 } 682 683 } 684 685 $sFilePath = $sServerDir . $sFileName ; 686 687 688 if ( is_file( $sFilePath ) ) 689 { 690 $iCounter++ ; 691 692 if($Dwfck_conf_values['fnencode'] == 'safe') { 693 $sFileName = RemoveExtension(dwiki_decodeFN($sOriginalFileName)) . '_' . $iCounter . ".$sExtension" ; 694 } 695 else $sFileName = RemoveExtension($sOriginalFileName) . '_' . $iCounter . ".$sExtension" ; 696 $sFileName = Dwfck_sanitize($sFileName, $image_file); 697 $sErrorNumber = '201' ; 698 } 699 else 700 { 701 move_uploaded_file( $oFile['tmp_name'], $sFilePath ) ; 702 703 if ( is_file( $sFilePath ) ) 704 { 705 if ( isset( $Config['ChmodOnUpload'] ) && !$Config['ChmodOnUpload'] ) 706 { 707 break ; 708 } 709 710 $permissions = 0777; 711 712 if ( isset( $Config['ChmodOnUpload'] ) && $Config['ChmodOnUpload'] ) 713 { 714 $permissions = $Config['ChmodOnUpload'] ; 715 } 716 717 $oldumask = umask(0) ; 718 chmod( $sFilePath, $permissions ) ; 719 umask( $oldumask ) ; 720 } 721 722 break ; 723 } 724 } 725 726 if ( file_exists( $sFilePath ) ) 727 { 728 //previous checks failed, try once again 729 if ( isset( $isImageValid ) && $isImageValid === -1 && IsImageValid( $sFilePath, $sExtension ) === false ) 730 { 731 @unlink( $sFilePath ) ; 732 $sErrorNumber = '202' ; 733 } 734 else if ( isset( $detectHtml ) && $detectHtml === -1 && DetectHtml( $sFilePath ) === true ) 735 { 736 @unlink( $sFilePath ) ; 737 $sErrorNumber = '202' ; 738 } 739 } 740 } 741 else 742 $sErrorNumber = '202' ; 743 } 744 else 745 $sErrorNumber = '202' ; 746 747 748 $sFileUrl = CombinePaths( GetResourceTypePath( $resourceType, $sCommand ) , $currentFolder ) ; 749 $sFileUrl = CombinePaths( $sFileUrl, $sFileName ) ; 750 751 SendUploadResults( $sErrorNumber, $sFileUrl, $sFileName ) ; 752 753 exit ; 754} 755 756function mkdir_rek($dir, $mode = 0777) 757{ 758 global $Config; 759 if($Config['osWindows']) $dir=normalizeWIN($dir); 760 if (!is_dir($dir)) { 761 mkdir_rek(dirname($dir), $mode); 762 mkdir($dir, $mode); 763 764 } 765} 766 767function send_ckg_UploadError($err,$sFileUrl, $file) { 768 switch($err) { 769 770 case UPLOAD_ERR_INI_SIZE: 771 $msg = "The uploaded file exceeds the upload_max_filesize directive in php.ini."; 772 break; 773 774 case UPLOAD_ERR_FORM_SIZE: 775 $msg = "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form."; 776 break; 777 778 case UPLOAD_ERR_PARTIAL: 779 $msg = "The uploaded file was only partially uploaded."; 780 break; 781 782 case UPLOAD_ERR_NO_FILE: 783 $msg = "No file was uploaded."; 784 break; 785 786 case 6: // UPLOAD_ERR_NO_TMP_DIR Introduced in PHP 4.3.10 and PHP 5.0.3. 787 $msg = "Missing a temporary folder."; 788 break; 789 790 case 7: //UPLOAD_ERR_CANT_WRITE Introduced in PHP 5.1.0. 791 $msg="Failed to write file to disk."; 792 break; 793 794 case 8: //UPLOAD_ERR_EXTENSION Introduced in PHP 5.2.0. 795 $msg="PHP does not provide a way to ascertain which extension caused the file upload to stop; examining the list of loaded extensions with phpinfo() may help."; 796 break; 797 798 default: 799 $msg = "Undetermined upload error"; 800 break; 801 } 802 $upload_error = 300 + $err; 803 SendUploadResults( $upload_error, $sFileUrl, $file, $msg ) ; 804 805} 806 807function can_delete(&$class) { 808 global $_FolderClass; 809 if($_FolderClass >=16) $class = 'd'; 810} 811 812function cmd_write_debug($what) { 813return; 814if(is_array($what)) { 815 $what = print_r($what,true); 816} 817$dwfckFHandle = fopen("fbrowser_dbg.txt", "a"); 818fwrite($dwfckFHandle, "$what\n"); 819fclose($dwfckFHandle); 820} 821?> 822