1<cfsetting enablecfoutputonly="Yes"> 2<!--- 3 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 4 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 5 * 6 * == BEGIN LICENSE == 7 * 8 * Licensed under the terms of any of the following licenses at your 9 * choice: 10 * 11 * - GNU General Public License Version 2 or later (the "GPL") 12 * http://www.gnu.org/licenses/gpl.html 13 * 14 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 15 * http://www.gnu.org/licenses/lgpl.html 16 * 17 * - Mozilla Public License Version 1.1 or later (the "MPL") 18 * http://www.mozilla.org/MPL/MPL-1.1.html 19 * 20 * == END LICENSE == 21 * 22 * This file include the functions that handle the Command requests 23 * in the ColdFusion Connector (MX 6.0 and above). 24---> 25 26<cffunction name="FileUpload" returntype="void" output="true"> 27 <cfargument name="resourceType" type="string" required="yes" default=""> 28 <cfargument name="currentFolder" type="string" required="yes" default=""> 29 <cfargument name="sCommand" type="string" required="yes" default=""> 30 31 <cfset var sFileName = ""> 32 <cfset var sFilePart = ""> 33 <cfset var sFileExt = ""> 34 <cfset var sFileUrl = ""> 35 <cfset var sTempFilePath = ""> 36 <cfset var errorNumber = 0> 37 <cfset var customMsg = 0> 38 <cfset var counter = 0> 39 <cfset var destination = ""> 40 41 <cftry> 42 <cffile action="UPLOAD" filefield="NewFile" destination="#GetTempDirectory()#" nameconflict="makeunique" mode="0755" /> 43 <cfset sTempFilePath = CFFILE.ServerDirectory & REQUEST.fs & CFFILE.ServerFile> 44 45 <!--- Map the virtual path to the local server path. ---> 46 <cfset sServerDir = ServerMapFolder( ARGUMENTS.resourceType, ARGUMENTS.currentFolder, ARGUMENTS.sCommand) > 47 <!--- Get the uploaded file name. ---> 48 <cfset sFileName = SanitizeFileName( CFFILE.ClientFile ) > 49 <cfset sOriginalFileName = sFileName > 50 51 <cfif isDefined( "REQUEST.Config.SecureImageUploads" ) and REQUEST.Config.SecureImageUploads> 52 <cfif not IsImageValid( sTempFilePath, CFFILE.ClientFileExt )> 53 <cftry> 54 <cffile action="delete" file="#sTempFilePath#"> 55 <cfcatch type="any"> 56 </cfcatch> 57 </cftry> 58 <cfthrow errorcode="202" type="fckeditor"> 59 </cfif> 60 </cfif> 61 62 <cfif isDefined( "REQUEST.Config.HtmlExtensions" ) and not listFindNoCase( REQUEST.Config.HtmlExtensions, CFFILE.ClientFileExt )> 63 <cfif DetectHtml( sTempFilePath )> 64 <cftry> 65 <cffile action="delete" file="#sTempFilePath#"> 66 <cfcatch type="any"> 67 </cfcatch> 68 </cftry> 69 <cfthrow errorcode="202" type="fckeditor"> 70 </cfif> 71 </cfif> 72 73 <cfif not IsAllowedExt( CFFILE.ClientFileExt, ARGUMENTS.resourceType )> 74 <cftry> 75 <cffile action="delete" file="#sTempFilePath#"> 76 <cfcatch type="any"> 77 </cfcatch> 78 </cftry> 79 <cfthrow errorcode="202" type="fckeditor"> 80 </cfif> 81 82 <!--- When the original filename already exists, add numbers (0), (1), (2), ... at the end of the filename. ---> 83 <cfscript> 84 sFileExt = GetExtension( sFileName ) ; 85 sFilePart = RemoveExtension( sFileName ); 86 while( fileExists( sServerDir & sFileName ) ) 87 { 88 counter = counter + 1; 89 sFileName = sFilePart & '(#counter#).' & CFFILE.ClientFileExt; 90 errorNumber = 201; 91 } 92 </cfscript> 93 94 <cfset destination = sServerDir & sFileName> 95<!--- 96 <cfdump var="#sTempFilePath#"> 97 <cfoutput ><br /></cfoutput> 98 <cfdump var="#destination#"> 99 <cfabort> 100 ---> 101 <cflock name="#destination#" timeout="30" type="Exclusive"> 102 <cftry> 103 <cffile action="move" source="#sTempFilePath#" destination="#destination#" mode="755"> 104 <!--- omit CF 6.1 error during moving uploaded file, just copy that file instead of moving ---> 105 <cfcatch type="any"> 106 <cffile action="copy" source="#sTempFilePath#" destination="#destination#" mode="755"> 107 </cfcatch> 108 </cftry> 109 </cflock> 110 111 <cfset sFileUrl = CombinePaths( GetResourceTypePath( ARGUMENTS.resourceType, sCommand ) , ARGUMENTS.currentFolder ) > 112 <cfset sFileUrl = CombinePaths( sFileUrl , sFileName ) > 113 114 <cfcatch type="fckeditor"> 115 <cfset errorNumber = CFCATCH.ErrorCode> 116 </cfcatch> 117 118 <cfcatch type="any"> 119 <cfset errorNumber = "1"> 120 <cfset customMsg = CFCATCH.Message > 121 </cfcatch> 122 123 </cftry> 124 125 <cfset SendUploadResults( errorNumber, sFileUrl, sFileName, customMsg ) > 126</cffunction> 127 128<cffunction name="GetFolders" returntype="void" output="true"> 129 <cfargument name="resourceType" type="String" required="true"> 130 <cfargument name="currentFolder" type="String" required="true"> 131 132 <cfset var i = 1> 133 <cfset var folders = ""> 134 <!--- Map the virtual path to the local server path ---> 135 <cfset var sServerDir = ServerMapFolder( ARGUMENTS.resourceType, ARGUMENTS.currentFolder, "GetFolders" ) > 136 137 <!--- Sort directories first, name ascending ---> 138 <cfdirectory action="list" directory="#sServerDir#" name="qDir" sort="type,name"> 139 <cfscript> 140 while( i lte qDir.recordCount ) 141 { 142 if( compareNoCase( qDir.type[i], "FILE" ) and not listFind( ".,..", qDir.name[i] ) ) 143 { 144 folders = folders & '<Folder name="#HTMLEditFormat( qDir.name[i] )#" />' ; 145 } 146 i = i + 1; 147 } 148 </cfscript> 149 <cfoutput><Folders>#folders#</Folders></cfoutput> 150</cffunction> 151 152<cffunction name="GetFoldersAndfiles" returntype="void" output="true"> 153 <cfargument name="resourceType" type="String" required="true"> 154 <cfargument name="currentFolder" type="String" required="true"> 155 156 <cfset var i = 1> 157 <cfset var folders = ""> 158 <cfset var files = ""> 159 <!--- Map the virtual path to the local server path ---> 160 <cfset var sServerDir = ServerMapFolder( ARGUMENTS.resourceType, ARGUMENTS.currentFolder, "GetFolders" ) > 161 162 <!--- Sort directories first, name ascending ---> 163 <cfdirectory action="list" directory="#sServerDir#" name="qDir" sort="type,name"> 164 <cfscript> 165 while( i lte qDir.recordCount ) 166 { 167 if( not compareNoCase( qDir.type[i], "DIR" ) and not listFind( ".,..", qDir.name[i] ) ) 168 { 169 folders = folders & '<Folder name="#HTMLEditFormat(qDir.name[i])#" />' ; 170 } 171 else if( not compareNoCase( qDir.type[i], "FILE" ) ) 172 { 173 fileSizeKB = round(qDir.size[i] / 1024) ; 174 files = files & '<File name="#HTMLEditFormat(qDir.name[i])#" size="#IIf( fileSizeKB GT 0, DE( fileSizeKB ), 1)#" />' ; 175 } 176 i = i + 1 ; 177 } 178 </cfscript> 179 <cfoutput><Folders>#folders#</Folders></cfoutput> 180 <cfoutput><Files>#files#</Files></cfoutput> 181</cffunction> 182 183<cffunction name="CreateFolder" returntype="void" output="true"> 184 <cfargument name="resourceType" required="true" type="string"> 185 <cfargument name="currentFolder" required="true" type="string"> 186 187 <cfset var sNewFolderName = url.newFolderName > 188 <cfset var sServerDir = "" > 189 <cfset var errorNumber = 0> 190 <cfset var sErrorMsg = ""> 191 <cfset var currentFolderPath = ServerMapFolder( ARGUMENTS.resourceType, ARGUMENTS.currentFolder, 'CreateFolder' )> 192 193 <cfparam name="url.newFolderName" default=""> 194 195 <cfscript> 196 sNewFolderName = SanitizeFolderName( sNewFolderName ) ; 197 </cfscript> 198 199 <cfif not len( sNewFolderName ) or len( sNewFolderName ) gt 255> 200 <cfset errorNumber = 102> 201 <cfelseif directoryExists( currentFolderPath & sNewFolderName )> 202 <cfset errorNumber = 101> 203 <cfelseif find( "..", sNewFolderName )> 204 <cfset errorNumber = 103> 205 <cfelse> 206 <cfset errorNumber = 0> 207 208 <!--- Map the virtual path to the local server path of the current folder. ---> 209 <cfset sServerDir = currentFolderPath & sNewFolderName > 210 211 <cftry> 212 <cfdirectory action="create" directory="#currentFolderPath##sNewFolderName#" mode="755"> 213 <cfcatch type="any"> 214 <!--- 215 un-resolvable error numbers in ColdFusion: 216 * 102 : Invalid folder name. 217 * 103 : You have no permissions to create the folder. 218 ---> 219 <cfset errorNumber = 110> 220 </cfcatch> 221 </cftry> 222 </cfif> 223 224 <cfoutput><Error number="#errorNumber#" originalDescription="#HTMLEditFormat(sErrorMsg)#" /></cfoutput> 225</cffunction> 226