Project

General

Profile

Bug #22410 » 14050_cleaning_t3lib_extfilefunc.patch

Administrator Admin, 2010-11-24 10:56

View differences:

t3lib/class.t3lib_extfilefunc.php (revision )
<?php
/***************************************************************
* Copyright notice
*
* (c) 1999-2010 Kasper Sk?rh?j (kasperYYYY@typo3.com)
* All rights reserved
*
* This script is part of the TYPO3 project. The TYPO3 project is
* free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* The GNU General Public License can be found at
* http://www.gnu.org/copyleft/gpl.html.
* A copy is found in the textfile GPL.txt and important notices to the license
* from the author is found in LICENSE.txt distributed with these scripts.
*
*
* This script is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/
* Copyright notice
*
* (c) 1999-2010 Kasper Sk?rh?j (kasperYYYY@typo3.com)
* All rights reserved
*
* This script is part of the TYPO3 project. The TYPO3 project is
* free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* The GNU General Public License can be found at
* http://www.gnu.org/copyleft/gpl.html.
* A copy is found in the textfile GPL.txt and important notices to the license
* from the author is found in LICENSE.txt distributed with these scripts.
*
*
* This script is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/
/**
* extending class to class t3lib_basicFileFunctions
*
......
*
*
* 105: class t3lib_extFileFunctions extends t3lib_basicFileFunctions
* 151: function start($fileCmds)
* 151: function start($fileCmds)
* 181: function init_actionPerms($setup)
* 181: function init_actionPerms($setup)
* 213: function processData()
* 213: function processData()
* 270: function printLogErrorMessages($redirect='')
* 270: function printLogErrorMessages($redirect='')
* 328: function findRecycler($theFile)
* 328: function findRecycler($theFile)
* 357: function writeLog($action,$error,$details_nr,$details,$data)
* 357: function writeLog($action,$error,$details_nr,$details,$data)
*
* SECTION: File operation functions
* SECTION: File operation functions
* 384: function func_delete($cmds)
* 384: function func_delete($cmds)
* 451: function func_copy($cmds)
* 451: function func_copy($cmds)
* 542: function func_move($cmds)
* 542: function func_move($cmds)
* 637: function func_rename($cmds)
* 637: function func_rename($cmds)
* 683: function func_newfolder($cmds)
* 683: function func_newfolder($cmds)
* 713: function func_newfile($cmds)
* 713: function func_newfile($cmds)
* 750: function func_edit($cmds)
* 750: function func_edit($cmds)
* 782: function func_upload($cmds)
* 782: function func_upload($cmds)
* 821: function func_unzip($cmds)
* 821: function func_unzip($cmds)
*
* TOTAL FUNCTIONS: 15
* (This index is automatically created/updated by the extension "extdeveval")
......
*/
/**
* Contains functions for performing file operations like copying, pasting, uploading, moving, deleting etc. through the TCE
* Extending class to class t3lib_basicFileFunctions.
......
* Important internal variables:
*
* $filemounts (see basicFileFunctions)
* $f_ext (see basicFileFunctions)
* $f_ext (see basicFileFunctions)
* ... All fileoperations must be within the filemount-paths. Further the fileextension MUST validate true with the f_ext array
* ... All fileoperations must be within the filemount-paths. Further the fileextension MUST validate true with the f_ext array
*
* The unzip-function allows unzip only if the destination path has it's f_ext[]['allow'] set to '*'!!
* You are allowed to copy/move folders within the same 'space' (web/ftp).
......
* @package TYPO3
* @subpackage t3lib
*/
class t3lib_extFileFunctions extends t3lib_basicFileFunctions {
class t3lib_extFileFunctions extends t3lib_basicFileFunctions {
// External static variables:
// Notice; some of these are overridden in the start() method with values from $GLOBALS['TYPO3_CONF_VARS']['BE']
var $maxCopyFileSize = 10000; // max copy size (kb) for files
var $maxCopyFileSize = 10000; // max copy size (kb) for files
var $maxMoveFileSize = 10000; // max move size (kb) for files
var $maxMoveFileSize = 10000; // max move size (kb) for files
var $maxUploadFileSize = 10000; // max upload size (kb) for files. Remember that PHP has an inner limit often set to 2 MB
var $maxUploadFileSize = 10000; // max upload size (kb) for files. Remember that PHP has an inner limit often set to 2 MB
var $unzipPath = ''; // Path to unzip-program (with trailing '/')
var $unzipPath = ''; // Path to unzip-program (with trailing '/')
var $dontCheckForUnique = 0; // If set, the uploaded files will overwrite existing files.
var $dontCheckForUnique = 0; // If set, the uploaded files will overwrite existing files.
var $actionPerms = Array( // This array is self-explaning (look in the class below). It grants access to the functions. This could be set from outside in order to enabled functions to users. See also the function init_actionPerms() which takes input directly from the user-record
var $actionPerms = Array( // This array is self-explaning (look in the class below). It grants access to the functions. This could be set from outside in order to enabled functions to users. See also the function init_actionPerms() which takes input directly from the user-record
'deleteFile' => 0, // Deleting files physically
'deleteFile' => 0, // Deleting files physically
'deleteFolder' => 0, // Deleting foldes physically
'deleteFolder' => 0, // Deleting foldes physically
'deleteFolderRecursively' => 0, // normally folders are deleted by the PHP-function rmdir(), but with this option a user deletes with 'rm -Rf ....' which is pretty wild!
'deleteFolderRecursively' => 0, // normally folders are deleted by the PHP-function rmdir(), but with this option a user deletes with 'rm -Rf ....' which is pretty wild!
'moveFile' => 0,
'moveFolder' => 0,
'copyFile' => 0,
......
'renameFolder' => 0
);
var $recyclerFN = '_recycler_'; // This is regarded to be the recycler folder
var $recyclerFN = '_recycler_'; // This is regarded to be the recycler folder
var $useRecycler = 1; // 0 = no, 1 = if available, 2 = always
var $useRecycler = 1; // 0 = no, 1 = if available, 2 = always
// Internal, static:
var $PHPFileFunctions = 0; // If set, all fileoperations are done by the default PHP-functions. This is necessary under windows! On UNIX the system commands by exec() can be used unless safe_mode is enabled
var $PHPFileFunctions = 0; // If set, all fileoperations are done by the default PHP-functions. This is necessary under windows! On UNIX the system commands by exec() can be used unless safe_mode is enabled
var $dont_use_exec_commands = 0; // This is necessary under windows!
var $dont_use_exec_commands = 0; // This is necessary under windows!
// Internal, dynamic:
var $internalUploadMap = array(); // Will contain map between upload ID and the final filename
var $internalUploadMap = array(); // Will contain map between upload ID and the final filename
var $lastError = '';
/**
* Initialization of the class
*
* @param array The $file array with the commands to execute. See "TYPO3 Core API" document
* @return void
*/
function start($fileCmds) {
function start($fileCmds) {
// Configure settings from TYPO3_CONF_VARS:
if (TYPO3_OS=='WIN' || $GLOBALS['TYPO3_CONF_VARS']['BE']['disable_exec_function']) {
if (TYPO3_OS == 'WIN' || $GLOBALS['TYPO3_CONF_VARS']['BE']['disable_exec_function']) {
$this->PHPFileFunctions = 1;
$this->dont_use_exec_commands = 1;
} else {
......
* @param integer File permission integer from BE_USER OR'ed with permissions of back-end groups this user is a member of
* @return void
*/
function init_actionPerms($setup) {
function init_actionPerms($setup) {
if (($setup&1)==1) { // Files: Upload,Copy,Move,Delete,Rename
if (($setup & 1) == 1) { // Files: Upload,Copy,Move,Delete,Rename
$this->actionPerms['uploadFile']=1;
$this->actionPerms['uploadFile'] = 1;
$this->actionPerms['copyFile']=1;
$this->actionPerms['copyFile'] = 1;
$this->actionPerms['moveFile']=1;
$this->actionPerms['moveFile'] = 1;
$this->actionPerms['deleteFile']=1;
$this->actionPerms['deleteFile'] = 1;
$this->actionPerms['renameFile']=1;
$this->actionPerms['renameFile'] = 1;
$this->actionPerms['editFile']=1;
$this->actionPerms['editFile'] = 1;
$this->actionPerms['newFile']=1;
$this->actionPerms['newFile'] = 1;
}
if (($setup&2)==2) { // Files: Unzip
if (($setup & 2) == 2) { // Files: Unzip
$this->actionPerms['unzipFile']=1;
$this->actionPerms['unzipFile'] = 1;
}
if (($setup&4)==4) { // Directory: Move,Delete,Rename,New
if (($setup & 4) == 4) { // Directory: Move,Delete,Rename,New
$this->actionPerms['moveFolder']=1;
$this->actionPerms['moveFolder'] = 1;
$this->actionPerms['deleteFolder']=1;
$this->actionPerms['deleteFolder'] = 1;
$this->actionPerms['renameFolder']=1;
$this->actionPerms['renameFolder'] = 1;
$this->actionPerms['newFolder']=1;
$this->actionPerms['newFolder'] = 1;
}
if (($setup&8)==8) { // Directory: Copy
if (($setup & 8) == 8) { // Directory: Copy
$this->actionPerms['copyFolder']=1;
$this->actionPerms['copyFolder'] = 1;
}
if (($setup&16)==16) { // Directory: Delete recursively (rm -Rf)
if (($setup & 16) == 16) { // Directory: Delete recursively (rm -Rf)
$this->actionPerms['deleteFolderRecursively']=1;
$this->actionPerms['deleteFolderRecursively'] = 1;
}
}
......
function processData() {
$result = array();
if (!$this->isInit) {
return false;
return FALSE;
}
if (is_array($this->fileCmdMap)) {
......
}
}
if (count($this->fileCmdMap['upload']) == 0) {
$this->writelog(1,1,108,'No file was uploaded!','');
$this->writelog(1, 1, 108, 'No file was uploaded!', '');
}
}
......
switch ($action) {
case 'delete':
$result[$action][] = $this->func_delete($cmdArr);
break;
break;
case 'copy':
$result[$action][] = $this->func_copy($cmdArr);
break;
break;
case 'move':
$result[$action][] = $this->func_move($cmdArr);
break;
break;
case 'rename':
$result[$action][] = $this->func_rename($cmdArr);
break;
break;
case 'newfolder':
$result[$action][] = $this->func_newfolder($cmdArr);
break;
break;
case 'newfile':
$result[$action][] = $this->func_newfile($cmdArr);
break;
break;
case 'editfile':
$result[$action][] = $this->func_edit($cmdArr);
break;
break;
case 'upload':
$result[$action][] = $this->func_upload($cmdArr);
break;
break;
case 'unzip':
$result[$action][] = $this->func_unzip($cmdArr);
break;
break;
}
// Hook for post-processing the action
if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_extfilefunc.php']['processData'])) {
foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_extfilefunc.php']['processData'] as $classRef) {
$hookObject = t3lib_div::getUserObj($classRef);
if (!($hookObject instanceof t3lib_extFileFunctions_processDataHook)) {
throw new UnexpectedValueException('$hookObject must implement interface t3lib_extFileFunctions_processDataHook', 1279719168);
}
$hookObject->processData_postProcessAction($action, $cmdArr, $result[$action], $this);
}
}
......
*/
function getErrorMessages() {
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
'*',
'sys_log',
'*',
'sys_log',
'type = 2 AND userid = ' . intval($GLOBALS['BE_USER']->user['uid'])
. ' AND tstamp=' . intval($GLOBALS['EXEC_TIME'])
. ' AND error != 0'
. ' AND tstamp=' . intval($GLOBALS['EXEC_TIME'])
. ' AND error != 0'
);
while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$logData = unserialize($row['log_data']);
$msg = $row['error'] . ': ' . sprintf($row['details'], $logData[0], $logData[1], $logData[2], $logData[3], $logData[4]);
$flashMessage = t3lib_div::makeInstance(
't3lib_FlashMessage',
$msg,
'',
t3lib_FlashMessage::ERROR,
TRUE
't3lib_FlashMessage',
$msg,
'',
t3lib_FlashMessage::ERROR,
TRUE
);
t3lib_FlashMessageQueue::addMessage($flashMessage);
}
......
}
/**
* Goes back in the path and checks in each directory if a folder named $this->recyclerFN (usually '_recycler_') is present.
* If a folder in the tree happens to be a _recycler_-folder (which means that we're deleting something inside a _recycler_-folder) this is ignored
......
* @param string Takes a valid Path ($theFile)
* @return string Returns the path (without trailing slash) of the closest recycle-folder if found. Else false.
*/
function findRecycler($theFile) {
function findRecycler($theFile) {
if ($this->isPathValid($theFile)) {
if ($this->isPathValid($theFile)) {
$theFile = $this->cleanDirectoryName($theFile);
$fI = t3lib_div::split_fileref($theFile);
$c = 0;
while($this->checkPathAgainstMounts($fI['path']) && $c<20) {
while ($this->checkPathAgainstMounts($fI['path']) && $c < 20) {
$rDir = $fI['path'].$this->recyclerFN;
$rDir = $fI['path'] . $this->recyclerFN;
if (@is_dir($rDir) && $this->recyclerFN!=$fI['file']) {
if (@is_dir($rDir) && $this->recyclerFN != $fI['file']) {
return $rDir;
}
$theFile = $fI['path'];
......
* @return void
* @see class.t3lib_userauthgroup.php
*/
function writeLog($action,$error,$details_nr,$details,$data) {
function writeLog($action, $error, $details_nr, $details, $data) {
$type = 2; // Type value for tce_file.php
$type = 2; // Type value for tce_file.php
if (is_object($GLOBALS['BE_USER'])) {
if (is_object($GLOBALS['BE_USER'])) {
$GLOBALS['BE_USER']->writelog($type,$action,$error,$details_nr,$details,$data);
$GLOBALS['BE_USER']->writelog($type, $action, $error, $details_nr, $details, $data);
}
$this->lastError = vsprintf($details, $data);
}
/*************************************
*
* File operation functions
......
* @param array $cmds['data'] is the file/folder to delete
* @return boolean Returns true upon success
*/
function func_delete($cmds) {
function func_delete($cmds) {
if (!$this->isInit) return FALSE;
if (!$this->isInit) {
return FALSE;
}
// Checking path:
$theFile = $cmds['data'];
if (!$this->isPathValid($theFile)) {
if (!$this->isPathValid($theFile)) {
$this->writelog(4,2,101,'Target "%s" had invalid path (".." and "//" is not allowed in path).',Array($theFile));
$this->writelog(4, 2, 101, 'Target "%s" had invalid path (".." and "//" is not allowed in path).', Array($theFile));
return FALSE;
}
// Recycler moving or not?
if ($this->useRecycler && $recyclerPath=$this->findRecycler($theFile)) {
if ($this->useRecycler && $recyclerPath = $this->findRecycler($theFile)) {
// If a recycler is found, the deleted items is moved to the recycler and not just deleted.
$newCmds=Array();
$newCmds = Array();
$newCmds['data']=$theFile;
$newCmds['data'] = $theFile;
$newCmds['target']=$recyclerPath;
$newCmds['target'] = $recyclerPath;
$newCmds['altName']=1;
$newCmds['altName'] = 1;
$this->func_move($newCmds);
$this->writelog(4,0,4,'Item "%s" moved to recycler at "%s"',Array($theFile,$recyclerPath));
$this->writelog(4, 0, 4, 'Item "%s" moved to recycler at "%s"', Array($theFile, $recyclerPath));
return TRUE;
} elseif ($this->useRecycler != 2) { // if $this->useRecycler==2 then we cannot delete for real!!
} elseif ($this->useRecycler != 2) { // if $this->useRecycler==2 then we cannot delete for real!!
if (@is_file($theFile)) { // If we are deleting a file...
if (@is_file($theFile)) { // If we are deleting a file...
if ($this->actionPerms['deleteFile']) {
if ($this->actionPerms['deleteFile']) {
if ($this->checkPathAgainstMounts($theFile)) {
if ($this->checkPathAgainstMounts($theFile)) {
if (@unlink($theFile)) {
if (@unlink($theFile)) {
$this->writelog(4,0,1,'File "%s" deleted',Array($theFile));
$this->writelog(4, 0, 1, 'File "%s" deleted', Array($theFile));
return TRUE;
} else $this->writelog(4,1,110,'Could not delete file "%s". Write-permission problem?', Array($theFile));
} else $this->writelog(4,1,111,'Target was not within your mountpoints! T="%s"',Array($theFile));
} else $this->writelog(4,1,112,'You are not allowed to delete files','');
} else {
$this->writelog(4, 1, 110, 'Could not delete file "%s". Write-permission problem?', Array($theFile));
}
} else {
$this->writelog(4, 1, 111, 'Target was not within your mountpoints! T="%s"', Array($theFile));
}
} else {
$this->writelog(4, 1, 112, 'You are not allowed to delete files', '');
}
// FINISHED deleting file
} elseif (@is_dir($theFile)) { // if we're deleting a folder
} elseif (@is_dir($theFile)) { // if we're deleting a folder
if ($this->actionPerms['deleteFolder']) {
if ($this->actionPerms['deleteFolder']) {
$theFile = $this->is_directory($theFile);
if ($theFile) {
if ($theFile) {
if ($this->checkPathAgainstMounts($theFile)) { // I choose not to append '/' to $theFile here as this will prevent us from deleting mounts!! (which makes sense to me...)
if ($this->checkPathAgainstMounts($theFile)) { // I choose not to append '/' to $theFile here as this will prevent us from deleting mounts!! (which makes sense to me...)
if ($this->actionPerms['deleteFolderRecursively']) {
if (t3lib_div::rmdir($theFile,true)) {
if (t3lib_div::rmdir($theFile, TRUE)) {
$this->writelog(4,0,2,'Directory "%s" deleted recursively!',Array($theFile));
$this->writelog(4, 0, 2, 'Directory "%s" deleted recursively!', Array($theFile));
return TRUE;
} else $this->writelog(4,2,119,'Directory "%s" WAS NOT deleted recursively! Write-permission problem?',Array($theFile));
} else {
} else {
$this->writelog(4, 2, 119, 'Directory "%s" WAS NOT deleted recursively! Write-permission problem?', Array($theFile));
}
} else {
if (@rmdir($theFile)) {
if (@rmdir($theFile)) {
$this->writelog(4,0,3,'Directory "%s" deleted',Array($theFile));
$this->writelog(4, 0, 3, 'Directory "%s" deleted', Array($theFile));
return TRUE;
} else $this->writelog(4,1,120,'Could not delete directory! Write-permission problem? Is directory "%s" empty? (You are not allowed to delete directories recursively).',Array($theFile));
} else {
$this->writelog(4, 1, 120, 'Could not delete directory! Write-permission problem? Is directory "%s" empty? (You are not allowed to delete directories recursively).', Array($theFile));
}
}
} else $this->writelog(4,1,121,'Target was not within your mountpoints! T="%s"',Array($theFile));
} else $this->writelog(4,2,122,'Target seemed not to be a directory! (Shouldn\'t happen here!)','');
} else $this->writelog(4,1,123,'You are not allowed to delete directories','');
}
} else {
$this->writelog(4, 1, 121, 'Target was not within your mountpoints! T="%s"', Array($theFile));
}
} else {
$this->writelog(4, 2, 122, 'Target seemed not to be a directory! (Shouldn\'t happen here!)', '');
}
} else {
$this->writelog(4, 1, 123, 'You are not allowed to delete directories', '');
}
// FINISHED copying directory
} else $this->writelog(4,2,130,'The item was not a file or directory! "%s"',Array($theFile));
} else $this->writelog(4,1,131,'No recycler found!','');
} else {
$this->writelog(4, 2, 130, 'The item was not a file or directory! "%s"', Array($theFile));
}
}
} else {
$this->writelog(4, 1, 131, 'No recycler found!', '');
}
}
/**
* Copying files and folders (action=2)
......
* @param array $cmds['data'] is the file/folder to copy. $cmds['target'] is the path where to copy to. $cmds['altName'] (boolean): If set, another filename is found in case the target already exists
* @return string Returns the new filename upon success
*/
function func_copy($cmds) {
function func_copy($cmds) {
if (!$this->isInit) return FALSE;
if (!$this->isInit) {
return FALSE;
}
// Initialize and check basic conditions:
$theFile = $cmds['data'];
$theDest = $this->is_directory($cmds['target']); // Clean up destination directory
$theDest = $this->is_directory($cmds['target']); // Clean up destination directory
$altName = $cmds['altName'];
if (!$theDest) {
if (!$theDest) {
$this->writelog(2,2,100,'Destination "%s" was not a directory',Array($cmds['target']));
$this->writelog(2, 2, 100, 'Destination "%s" was not a directory', Array($cmds['target']));
return FALSE;
}
if (!$this->isPathValid($theFile) || !$this->isPathValid($theDest)) {
if (!$this->isPathValid($theFile) || !$this->isPathValid($theDest)) {
$this->writelog(2,2,101,'Target or destination had invalid path (".." and "//" is not allowed in path). T="%s", D="%s"',Array($theFile,$theDest));
$this->writelog(2, 2, 101, 'Target or destination had invalid path (".." and "//" is not allowed in path). T="%s", D="%s"', Array($theFile, $theDest));
return FALSE;
}
// Processing of file or directory.
if (@is_file($theFile)) { // If we are copying a file...
if (@is_file($theFile)) { // If we are copying a file...
if ($this->actionPerms['copyFile']) {
if ($this->actionPerms['copyFile']) {
if (filesize($theFile) < ($this->maxCopyFileSize*1024)) {
if (filesize($theFile) < ($this->maxCopyFileSize * 1024)) {
$fI = t3lib_div::split_fileref($theFile);
if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
$theDestFile = $this->getUniqueName($fI['file'], $theDest);
$fI = t3lib_div::split_fileref($theDestFile);
} else {
$theDestFile = $theDest.'/'.$fI['file'];
$theDestFile = $theDest . '/' . $fI['file'];
}
if ($theDestFile && !file_exists($theDestFile)) {
if ($theDestFile && !file_exists($theDestFile)) {
if ($this->checkIfAllowed($fI['fileext'], $theDest, $fI['file'])) {
if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
if ($this->PHPFileFunctions) {
if ($this->PHPFileFunctions) {
copy ($theFile,$theDestFile);
copy($theFile, $theDestFile);
} else {
$cmd = 'cp "'.$theFile.'" "'.$theDestFile.'"';
$cmd = 'cp "' . $theFile . '" "' . $theDestFile . '"';
exec($cmd);
}
t3lib_div::fixPermissions($theDestFile);
clearstatcache();
if (@is_file($theDestFile)) {
if (@is_file($theDestFile)) {
$this->writelog(2,0,1,'File "%s" copied to "%s"',Array($theFile,$theDestFile));
$this->writelog(2, 0, 1, 'File "%s" copied to "%s"', Array($theFile, $theDestFile));
return $theDestFile;
} else $this->writelog(2,2,109,'File "%s" WAS NOT copied to "%s"! Write-permission problem?',Array($theFile,$theDestFile));
} else $this->writelog(2,1,110,'Target or destination was not within your mountpoints! T="%s", D="%s"',Array($theFile,$theDestFile));
} else $this->writelog(2,1,111,'Extension of file name "%s" is not allowed in "%s"!',Array($fI['file'],$theDest.'/'));
} else $this->writelog(2,1,112,'File "%s" already exists!',Array($theDestFile));
} else $this->writelog(2,1,113,'File "%s" exceeds the size-limit of %s bytes',Array($theFile,$this->maxCopyFileSize*1024));
} else $this->writelog(2,1,114,'You are not allowed to copy files','');
} else {
$this->writelog(2, 2, 109, 'File "%s" WAS NOT copied to "%s"! Write-permission problem?', Array($theFile, $theDestFile));
}
} else {
$this->writelog(2, 1, 110, 'Target or destination was not within your mountpoints! T="%s", D="%s"', Array($theFile, $theDestFile));
}
} else {
$this->writelog(2, 1, 111, 'Extension of file name "%s" is not allowed in "%s"!', Array($fI['file'], $theDest . '/'));
}
} else {
$this->writelog(2, 1, 112, 'File "%s" already exists!', Array($theDestFile));
}
} else {
$this->writelog(2, 1, 113, 'File "%s" exceeds the size-limit of %s bytes', Array($theFile, $this->maxCopyFileSize * 1024));
}
} else {
$this->writelog(2, 1, 114, 'You are not allowed to copy files', '');
}
// FINISHED copying file
} elseif (@is_dir($theFile) && !$this->dont_use_exec_commands) { // if we're copying a folder
} elseif (@is_dir($theFile) && !$this->dont_use_exec_commands) { // if we're copying a folder
if ($this->actionPerms['copyFolder']) {
if ($this->actionPerms['copyFolder']) {
$theFile = $this->is_directory($theFile);
if ($theFile) {
if ($theFile) {
$fI = t3lib_div::split_fileref($theFile);
if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
$theDestFile = $this->getUniqueName($fI['file'], $theDest);
$fI = t3lib_div::split_fileref($theDestFile);
} else {
$theDestFile = $theDest.'/'.$fI['file'];
$theDestFile = $theDest . '/' . $fI['file'];
}
if ($theDestFile && !file_exists($theDestFile)) {
if ($theDestFile && !file_exists($theDestFile)) {
if (!t3lib_div::isFirstPartOfStr($theDestFile.'/',$theFile.'/')) { // Check if the one folder is inside the other or on the same level... to target/dest is the same?
if (!t3lib_div::isFirstPartOfStr($theDestFile . '/', $theFile . '/')) { // Check if the one folder is inside the other or on the same level... to target/dest is the same?
if ($this->checkIfFullAccess($theDest) || $this->is_webPath($theDestFile)==$this->is_webPath($theFile)) { // no copy of folders between spaces
if ($this->checkIfFullAccess($theDest) || $this->is_webPath($theDestFile) == $this->is_webPath($theFile)) { // no copy of folders between spaces
if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
// No way to do this under windows!
// No way to do this under windows!
$cmd = 'cp -R "'.$theFile.'" "'.$theDestFile.'"';
$cmd = 'cp -R "' . $theFile . '" "' . $theDestFile . '"';
exec($cmd);
clearstatcache();
if (@is_dir($theDestFile)) {
if (@is_dir($theDestFile)) {
$this->writelog(2,0,2,'Directory "%s" copied to "%s"',Array($theFile,$theDestFile));
$this->writelog(2, 0, 2, 'Directory "%s" copied to "%s"', Array($theFile, $theDestFile));
return $theDestFile;
} else $this->writelog(2,2,119,'Directory "%s" WAS NOT copied to "%s"! Write-permission problem?',Array($theFile,$theDestFile));
} else $this->writelog(2,1,120,'Target or destination was not within your mountpoints! T="%s", D="%s"',Array($theFile,$theDestFile));
} else $this->writelog(2,1,121,'You don\'t have full access to the destination directory "%s"!',Array($theDest.'/'));
} else $this->writelog(2,1,122,'Destination cannot be inside the target! D="%s", T="%s"',Array($theDestFile.'/',$theFile.'/'));
} else $this->writelog(2,1,123,'Target "%s" already exists!',Array($theDestFile));
} else $this->writelog(2,2,124,'Target seemed not to be a directory! (Shouldn\'t happen here!)','');
} else $this->writelog(2,1,125,'You are not allowed to copy directories','');
} else {
$this->writelog(2, 2, 119, 'Directory "%s" WAS NOT copied to "%s"! Write-permission problem?', Array($theFile, $theDestFile));
}
} else {
$this->writelog(2, 1, 120, 'Target or destination was not within your mountpoints! T="%s", D="%s"', Array($theFile, $theDestFile));
}
} else {
$this->writelog(2, 1, 121, 'You don\'t have full access to the destination directory "%s"!', Array($theDest . '/'));
}
} else {
$this->writelog(2, 1, 122, 'Destination cannot be inside the target! D="%s", T="%s"', Array($theDestFile . '/', $theFile . '/'));
}
} else {
$this->writelog(2, 1, 123, 'Target "%s" already exists!', Array($theDestFile));
}
} else {
$this->writelog(2, 2, 124, 'Target seemed not to be a directory! (Shouldn\'t happen here!)', '');
}
} else {
$this->writelog(2, 1, 125, 'You are not allowed to copy directories', '');
}
// FINISHED copying directory
} else {
$this->writelog(2,2,130,'The item "%s" was not a file or directory!',Array($theFile));
$this->writelog(2, 2, 130, 'The item "%s" was not a file or directory!', Array($theFile));
}
}
......
* @param array $cmds['data'] is the file/folder to move. $cmds['target'] is the path where to move to. $cmds['altName'] (boolean): If set, another filename is found in case the target already exists
* @return string Returns the new filename upon success
*/
function func_move($cmds) {
function func_move($cmds) {
if (!$this->isInit) return FALSE;
if (!$this->isInit) {
return FALSE;
}
// Initialize and check basic conditions:
$theFile = $cmds['data'];
$theDest = $this->is_directory($cmds['target']); // Clean up destination directory
$theDest = $this->is_directory($cmds['target']); // Clean up destination directory
$altName = $cmds['altName'];
if (!$theDest) {
if (!$theDest) {
$this->writelog(3,2,100,'Destination "%s" was not a directory',Array($cmds['target']));
$this->writelog(3, 2, 100, 'Destination "%s" was not a directory', Array($cmds['target']));
return FALSE;
}
if (!$this->isPathValid($theFile) || !$this->isPathValid($theDest)) {
if (!$this->isPathValid($theFile) || !$this->isPathValid($theDest)) {
$this->writelog(3,2,101,'Target or destination had invalid path (".." and "//" is not allowed in path). T="%s", D="%s"',Array($theFile,$theDest));
$this->writelog(3, 2, 101, 'Target or destination had invalid path (".." and "//" is not allowed in path). T="%s", D="%s"', Array($theFile, $theDest));
return FALSE;
}
// Processing of file or directory:
if (@is_file($theFile)) { // If we are moving a file...
if (@is_file($theFile)) { // If we are moving a file...
if ($this->actionPerms['moveFile']) {
if ($this->actionPerms['moveFile']) {
if (filesize($theFile) < ($this->maxMoveFileSize*1024)) {
if (filesize($theFile) < ($this->maxMoveFileSize * 1024)) {
$fI = t3lib_div::split_fileref($theFile);
if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
$theDestFile = $this->getUniqueName($fI['file'], $theDest);
$fI = t3lib_div::split_fileref($theDestFile);
} else {
$theDestFile = $theDest.'/'.$fI['file'];
$theDestFile = $theDest . '/' . $fI['file'];
}
if ($theDestFile && !file_exists($theDestFile)) {
if ($theDestFile && !file_exists($theDestFile)) {
if ($this->checkIfAllowed($fI['fileext'], $theDest, $fI['file'])) {
if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
if ($this->PHPFileFunctions) {
if ($this->PHPFileFunctions) {
@rename($theFile, $theDestFile);
} else {
$cmd = 'mv "'.$theFile.'" "'.$theDestFile.'"';
$cmd = 'mv "' . $theFile . '" "' . $theDestFile . '"';
exec($cmd);
}
clearstatcache();
if (@is_file($theDestFile)) {
if (@is_file($theDestFile)) {
$this->writelog(3,0,1,'File "%s" moved to "%s"',Array($theFile,$theDestFile));
$this->writelog(3, 0, 1, 'File "%s" moved to "%s"', Array($theFile, $theDestFile));
return $theDestFile;
} else $this->writelog(3,2,109,'File "%s" WAS NOT moved to "%s"! Write-permission problem?',Array($theFile,$theDestFile));
} else $this->writelog(3,1,110,'Target or destination was not within your mountpoints! T="%s", D="%s"',Array($theFile,$theDestFile));
} else $this->writelog(3,1,111,'Extension of file name "%s" is not allowed in "%s"!',Array($fI['file'],$theDest.'/'));
} else $this->writelog(3,1,112,'File "%s" already exists!',Array($theDestFile));
} else $this->writelog(3,1,113,'File "%s" exceeds the size-limit of %s bytes',Array($theFile,$this->maxMoveFileSize*1024));
} else $this->writelog(3,1,114,'You are not allowed to move files','');
} else {
$this->writelog(3, 2, 109, 'File "%s" WAS NOT moved to "%s"! Write-permission problem?', Array($theFile, $theDestFile));
}
} else {
$this->writelog(3, 1, 110, 'Target or destination was not within your mountpoints! T="%s", D="%s"', Array($theFile, $theDestFile));
}
} else {
$this->writelog(3, 1, 111, 'Extension of file name "%s" is not allowed in "%s"!', Array($fI['file'], $theDest . '/'));
}
} else {
$this->writelog(3, 1, 112, 'File "%s" already exists!', Array($theDestFile));
}
} else {
$this->writelog(3, 1, 113, 'File "%s" exceeds the size-limit of %s bytes', Array($theFile, $this->maxMoveFileSize * 1024));
}
} else {
$this->writelog(3, 1, 114, 'You are not allowed to move files', '');
}
// FINISHED moving file
} elseif (@is_dir($theFile)) { // if we're moving a folder
} elseif (@is_dir($theFile)) { // if we're moving a folder
if ($this->actionPerms['moveFolder']) {
if ($this->actionPerms['moveFolder']) {
$theFile = $this->is_directory($theFile);
if ($theFile) {
if ($theFile) {
$fI = t3lib_div::split_fileref($theFile);
if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
$theDestFile = $this->getUniqueName($fI['file'], $theDest);
$fI = t3lib_div::split_fileref($theDestFile);
} else {
$theDestFile = $theDest.'/'.$fI['file'];
$theDestFile = $theDest . '/' . $fI['file'];
}
if ($theDestFile && !file_exists($theDestFile)) {
if ($theDestFile && !file_exists($theDestFile)) {
if (!t3lib_div::isFirstPartOfStr($theDestFile.'/',$theFile.'/')) { // Check if the one folder is inside the other or on the same level... to target/dest is the same?
if (!t3lib_div::isFirstPartOfStr($theDestFile . '/', $theFile . '/')) { // Check if the one folder is inside the other or on the same level... to target/dest is the same?
if ($this->checkIfFullAccess($theDest) || $this->is_webPath($theDestFile)==$this->is_webPath($theFile)) { // // no moving of folders between spaces
if ($this->checkIfFullAccess($theDest) || $this->is_webPath($theDestFile) == $this->is_webPath($theFile)) { // // no moving of folders between spaces
if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
if ($this->PHPFileFunctions) {
if ($this->PHPFileFunctions) {
@rename($theFile, $theDestFile);
} else {
$cmd = 'mv "'.$theFile.'" "'.$theDestFile.'"';
$cmd = 'mv "' . $theFile . '" "' . $theDestFile . '"';
$errArr = array();
$retVar = 0;
exec($cmd,$errArr,$retVar);
exec($cmd, $errArr, $retVar);
}
clearstatcache();
if (@is_dir($theDestFile)) {
if (@is_dir($theDestFile)) {
$this->writelog(3,0,2,'Directory "%s" moved to "%s"',Array($theFile,$theDestFile));
$this->writelog(3, 0, 2, 'Directory "%s" moved to "%s"', Array($theFile, $theDestFile));
return $theDestFile;
} else $this->writelog(3,2,119,'Directory "%s" WAS NOT moved to "%s"! Write-permission problem?',Array($theFile,$theDestFile));
} else $this->writelog(3,1,120,'Target or destination was not within your mountpoints! T="%s", D="%s"',Array($theFile,$theDestFile));
} else $this->writelog(3,1,121,'You don\'t have full access to the destination directory "%s"!',Array($theDest.'/'));
} else $this->writelog(3,1,122,'Destination cannot be inside the target! D="%s", T="%s"',Array($theDestFile.'/',$theFile.'/'));
} else $this->writelog(3,1,123,'Target "%s" already exists!',Array($theDestFile));
} else $this->writelog(3,2,124,'Target seemed not to be a directory! (Shouldn\'t happen here!)','');
} else $this->writelog(3,1,125,'You are not allowed to move directories','');
} else {
$this->writelog(3, 2, 119, 'Directory "%s" WAS NOT moved to "%s"! Write-permission problem?', Array($theFile, $theDestFile));
}
} else {
$this->writelog(3, 1, 120, 'Target or destination was not within your mountpoints! T="%s", D="%s"', Array($theFile, $theDestFile));
}
} else {
$this->writelog(3, 1, 121, 'You don\'t have full access to the destination directory "%s"!', Array($theDest . '/'));
}
} else {
$this->writelog(3, 1, 122, 'Destination cannot be inside the target! D="%s", T="%s"', Array($theDestFile . '/', $theFile . '/'));
}
} else {
$this->writelog(3, 1, 123, 'Target "%s" already exists!', Array($theDestFile));
}
} else {
$this->writelog(3, 2, 124, 'Target seemed not to be a directory! (Shouldn\'t happen here!)', '');
}
} else {
$this->writelog(3, 1, 125, 'You are not allowed to move directories', '');
}
// FINISHED moving directory
} else {
$this->writelog(3,2,130,'The item "%s" was not a file or directory!',Array($theFile));
$this->writelog(3, 2, 130, 'The item "%s" was not a file or directory!', Array($theFile));
}
}
......
* @param array $cmds['data'] is the new name. $cmds['target'] is the target (file or dir).
* @return string Returns the new filename upon success
*/
function func_rename($cmds) {
function func_rename($cmds) {
if (!$this->isInit) return FALSE;
if (!$this->isInit) {
return FALSE;
}
$theNewName = $this->cleanFileName($cmds['data']);
if ($theNewName) {
if ($theNewName) {
if ($this->checkFileNameLen($theNewName)) {
if ($this->checkFileNameLen($theNewName)) {
$theTarget = $cmds['target'];
$type = filetype($theTarget);
if ($type=='file' || $type=='dir') { // $type MUST BE file or dir
if ($type == 'file' || $type == 'dir') { // $type MUST BE file or dir
$fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
$fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
if ($fileInfo['file']!=$theNewName) { // The name should be different from the current. And the filetype must be allowed
if ($fileInfo['file'] != $theNewName) { // The name should be different from the current. And the filetype must be allowed
$theRenameName = $fileInfo['path'].$theNewName;
$theRenameName = $fileInfo['path'] . $theNewName;
if ($this->checkPathAgainstMounts($fileInfo['path'])) {
if ($this->checkPathAgainstMounts($fileInfo['path'])) {
if (!file_exists($theRenameName)) {
if (!file_exists($theRenameName)) {
if ($type=='file') {
if ($type == 'file') {
if ($this->actionPerms['renameFile']) {
if ($this->actionPerms['renameFile']) {
$fI = t3lib_div::split_fileref($theRenameName);
if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
if (@rename($theTarget, $theRenameName)) {
if (@rename($theTarget, $theRenameName)) {
$this->writelog(5,0,1,'File renamed from "%s" to "%s"',Array($fileInfo['file'],$theNewName));
$this->writelog(5, 0, 1, 'File renamed from "%s" to "%s"', Array($fileInfo['file'], $theNewName));
return $theRenameName;
} else $this->writelog(5,1,100,'File "%s" was not renamed! Write-permission problem in "%s"?',Array($theTarget,$fileInfo['path']));
} else $this->writelog(5,1,101,'Extension of file name "%s" was not allowed!',Array($fI['file']));
} else $this->writelog(5,1,102,'You are not allowed to rename files!','');
} else {
$this->writelog(5, 1, 100, 'File "%s" was not renamed! Write-permission problem in "%s"?', Array($theTarget, $fileInfo['path']));
}
} else {
$this->writelog(5, 1, 101, 'Extension of file name "%s" was not allowed!', Array($fI['file']));
}
} else {
$this->writelog(5, 1, 102, 'You are not allowed to rename files!', '');
}
} elseif ($type=='dir') {
} elseif ($type == 'dir') {
if ($this->actionPerms['renameFolder']) {
if ($this->actionPerms['renameFolder']) {
if (@rename($theTarget, $theRenameName)) {
if (@rename($theTarget, $theRenameName)) {
$this->writelog(5,0,2,'Directory renamed from "%s" to "%s"',Array($fileInfo['file'],$theNewName));
$this->writelog(5, 0, 2, 'Directory renamed from "%s" to "%s"', Array($fileInfo['file'], $theNewName));
return $theRenameName;
} else $this->writelog(5,1,110,'Directory "%s" was not renamed! Write-permission problem in "%s"?',Array($theTarget,$fileInfo['path']));
} else $this->writelog(5,1,111,'You are not allowed to rename directories!','');
} else {
$this->writelog(5, 1, 110, 'Directory "%s" was not renamed! Write-permission problem in "%s"?', Array($theTarget, $fileInfo['path']));
}
}
} else $this->writelog(5,1,120,'Destination "%s" existed already!',Array($theRenameName));
} else $this->writelog(5,1,121,'Destination path "%s" was not within your mountpoints!',Array($fileInfo['path']));
} else $this->writelog(5,1,122,'Old and new name is the same (%s)',Array($theNewName));
} else $this->writelog(5,2,123,'Target "%s" was neither a directory nor a file!',Array($theTarget));
} else $this->writelog(5,1,124,'New name "%s" was too long (max %s characters)',Array($theNewName,$this->maxInputNameLen));
} else {
$this->writelog(5, 1, 111, 'You are not allowed to rename directories!', '');
}
}
}
}
} else {
$this->writelog(5, 1, 120, 'Destination "%s" existed already!', Array($theRenameName));
}
} else {
$this->writelog(5, 1, 121, 'Destination path "%s" was not within your mountpoints!', Array($fileInfo['path']));
}
} else {
$this->writelog(5, 1, 122, 'Old and new name is the same (%s)', Array($theNewName));
}
} else {
$this->writelog(5, 2, 123, 'Target "%s" was neither a directory nor a file!', Array($theTarget));
}
} else {
$this->writelog(5, 1, 124, 'New name "%s" was too long (max %s characters)', Array($theNewName, $this->maxInputNameLen));
}
}
}
/**
* This creates a new folder. (action=6)
......
* @param array $cmds['data'] is the foldername. $cmds['target'] is the path where to create it.
* @return string Returns the new foldername upon success
*/
function func_newfolder($cmds) {
function func_newfolder($cmds) {
if (!$this->isInit) return FALSE;
if (!$this->isInit) {
return FALSE;
}
$theFolder = $this->cleanFileName($cmds['data']);
if (isset($theFolder) && trim($theFolder) != '') {
if ($this->checkFileNameLen($theFolder)) {
if ($this->checkFileNameLen($theFolder)) {
$theTarget = $this->is_directory($cmds['target']); // Check the target dir
$theTarget = $this->is_directory($cmds['target']); // Check the target dir
if ($theTarget) {
if ($theTarget) {
if ($this->actionPerms['newFolder']) {
if ($this->actionPerms['newFolder']) {
$theNewFolder = $theTarget.'/'.$theFolder;
$theNewFolder = $theTarget . '/' . $theFolder;
if ($this->checkPathAgainstMounts($theNewFolder)) {
if ($this->checkPathAgainstMounts($theNewFolder)) {
if (!file_exists($theNewFolder)) {
if (!file_exists($theNewFolder)) {
if (t3lib_div::mkdir($theNewFolder)){
if (t3lib_div::mkdir($theNewFolder)) {
$this->writelog(6,0,1,'Directory "%s" created in "%s"',Array($theFolder,$theTarget.'/'));
$this->writelog(6, 0, 1, 'Directory "%s" created in "%s"', Array($theFolder, $theTarget . '/'));
return $theNewFolder;
} else $this->writelog(6,1,100,'Directory "%s" not created. Write-permission problem in "%s"?',Array($theFolder,$theTarget.'/'));
} else $this->writelog(6,1,101,'File or directory "%s" existed already!',Array($theNewFolder));
} else $this->writelog(6,1,102,'Destination path "%s" was not within your mountpoints!',Array($theTarget.'/'));
} else $this->writelog(6,1,103,'You are not allowed to create directories!','');
} else $this->writelog(6,2,104,'Destination "%s" was not a directory',Array($cmds['target']));
} else $this->writelog(6,1,105,'New name "%s" was too long (max %s characters)',Array($theFolder,$this->maxInputNameLen));
} else {
$this->writelog(6, 1, 100, 'Directory "%s" not created. Write-permission problem in "%s"?', Array($theFolder, $theTarget . '/'));
}
}
} else {
$this->writelog(6, 1, 101, 'File or directory "%s" existed already!', Array($theNewFolder));
}
}
} else {
$this->writelog(6, 1, 102, 'Destination path "%s" was not within your mountpoints!', Array($theTarget . '/'));
}
} else {
$this->writelog(6, 1, 103, 'You are not allowed to create directories!', '');
}
} else {
$this->writelog(6, 2, 104, 'Destination "%s" was not a directory', Array($cmds['target']));
}
} else {
$this->writelog(6, 1, 105, 'New name "%s" was too long (max %s characters)', Array($theFolder, $this->maxInputNameLen));
}
}
}
/**
* This creates a new file. (action=8)
......
* @param array $cmds['data'] is the new filename. $cmds['target'] is the path where to create it
* @return string Returns the new filename upon success
*/
function func_newfile($cmds) {
function func_newfile($cmds) {
$extList = $GLOBALS['TYPO3_CONF_VARS']['SYS']['textfile_ext'];
if (!$this->isInit) return FALSE;
if (!$this->isInit) {
return FALSE;
}
$newName = $this->cleanFileName($cmds['data']);
if ($newName) {
if ($newName) {
if ($this->checkFileNameLen($newName)) {
if ($this->checkFileNameLen($newName)) {
$theTarget = $this->is_directory($cmds['target']); // Check the target dir
$theTarget = $this->is_directory($cmds['target']); // Check the target dir
$fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
$fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
if ($theTarget) {
if ($theTarget) {
if ($this->actionPerms['newFile']) {
if ($this->actionPerms['newFile']) {
$theNewFile = $theTarget.'/'.$newName;
$theNewFile = $theTarget . '/' . $newName;
if ($this->checkPathAgainstMounts($theNewFile)) {
if ($this->checkPathAgainstMounts($theNewFile)) {
if (!file_exists($theNewFile)) {
if (!file_exists($theNewFile)) {
$fI = t3lib_div::split_fileref($theNewFile);
if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
if (t3lib_div::inList($extList, $fI['fileext'])) {
if (t3lib_div::inList($extList, $fI['fileext'])) {
if (t3lib_div::writeFile($theNewFile,'')) {
if (t3lib_div::writeFile($theNewFile, '')) {
clearstatcache();
$this->writelog(8,0,1,'File created: "%s"',Array($fI['file']));
$this->writelog(8, 0, 1, 'File created: "%s"', Array($fI['file']));
return $theNewFile;
} else $this->writelog(8,1,100,'File "%s" was not created! Write-permission problem in "%s"?',Array($fI['file'], $theTarget));
} else $this->writelog(8,1,107,'File extension "%s" is not a textfile format! (%s)',Array($fI['fileext'], $extList));
} else $this->writelog(8,1,106,'Extension of file name "%s" was not allowed!',Array($fI['file']));
} else $this->writelog(8,1,101,'File "%s" existed already!',Array($theNewFile));
} else $this->writelog(8,1,102,'Destination path "%s" was not within your mountpoints!',Array($theTarget.'/'));
} else $this->writelog(8,1,103,'You are not allowed to create files!','');
} else $this->writelog(8,2,104,'Destination "%s" was not a directory',Array($cmds['target']));
} else $this->writelog(8,1,105,'New name "%s" was too long (max %s characters)',Array($newName,$this->maxInputNameLen));
} else {
$this->writelog(8, 1, 100, 'File "%s" was not created! Write-permission problem in "%s"?', Array($fI['file'], $theTarget));
}
}
} else {
$this->writelog(8, 1, 107, 'File extension "%s" is not a textfile format! (%s)', Array($fI['fileext'], $extList));
}
}
} else {
$this->writelog(8, 1, 106, 'Extension of file name "%s" was not allowed!', Array($fI['file']));
}
} else {
$this->writelog(8, 1, 101, 'File "%s" existed already!', Array($theNewFile));
}
} else {
$this->writelog(8, 1, 102, 'Destination path "%s" was not within your mountpoints!', Array($theTarget . '/'));
}
} else {
$this->writelog(8, 1, 103, 'You are not allowed to create files!', '');
}
} else {
$this->writelog(8, 2, 104, 'Destination "%s" was not a directory', Array($cmds['target']));
}
} else {
$this->writelog(8, 1, 105, 'New name "%s" was too long (max %s characters)', Array($newName, $this->maxInputNameLen));
}
}
}
/**
* Editing textfiles or folders (action=9)
......
* @param array $cmds['data'] is the new content. $cmds['target'] is the target (file or dir)
* @return boolean Returns true on success
*/
function func_edit($cmds) {
function func_edit($cmds) {
if (!$this->isInit) return FALSE;
if (!$this->isInit) {
return FALSE;
}
$theTarget = $cmds['target'];
$content = $cmds['data'];
$extList = $GLOBALS['TYPO3_CONF_VARS']['SYS']['textfile_ext'];
$type = filetype($theTarget);
if ($type=='file') { // $type MUST BE file
if ($type == 'file') { // $type MUST BE file
$fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
$fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
$fI =$fileInfo;
$fI = $fileInfo;
if ($this->checkPathAgainstMounts($fileInfo['path'])) {
if ($this->checkPathAgainstMounts($fileInfo['path'])) {
if ($this->actionPerms['editFile']) {
if ($this->actionPerms['editFile']) {
$fI = t3lib_div::split_fileref($theTarget);
if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
if (t3lib_div::inList($extList, $fileInfo['fileext'])) {
if (t3lib_div::inList($extList, $fileInfo['fileext'])) {
if (t3lib_div::writeFile($theTarget,$content)) {
if (t3lib_div::writeFile($theTarget, $content)) {
clearstatcache();
$this->writelog(9,0,1,'File saved to "%s", bytes: %s, MD5: %s ',Array($fileInfo['file'],@filesize($theTarget),md5($content)));
$this->writelog(9, 0, 1, 'File saved to "%s", bytes: %s, MD5: %s ', Array($fileInfo['file'], @filesize($theTarget), md5($content)));
return TRUE;
} else $this->writelog(9,1,100,'File "%s" was not saved! Write-permission problem in "%s"?',Array($theTarget,$fileInfo['path']));
} else $this->writelog(9,1,102,'File extension "%s" is not a textfile format! (%s)',Array($fI['fileext'], $extList));
} else $this->writelog(9,1,103,'Extension of file name "%s" was not allowed!',Array($fI['file']));
} else $this->writelog(9,1,104,'You are not allowed to edit files!','');
} else $this->writelog(9,1,121,'Destination path "%s" was not within your mountpoints!',Array($fileInfo['path']));
} else $this->writelog(9,2,123,'Target "%s" was not a file!',Array($theTarget));
} else {
$this->writelog(9, 1, 100, 'File "%s" was not saved! Write-permission problem in "%s"?', Array($theTarget, $fileInfo['path']));
}
}
} else {
$this->writelog(9, 1, 102, 'File extension "%s" is not a textfile format! (%s)', Array($fI['fileext'], $extList));
}
} else {
$this->writelog(9, 1, 103, 'Extension of file name "%s" was not allowed!', Array($fI['file']));
}
} else {
$this->writelog(9, 1, 104, 'You are not allowed to edit files!', '');
}
} else {
$this->writelog(9, 1, 121, 'Destination path "%s" was not within your mountpoints!', Array($fileInfo['path']));
}
} else {
$this->writelog(9, 2, 123, 'Target "%s" was not a file!', Array($theTarget));
}
}
/**
* Upload of files (action=1)
......
* @param array $cmds['data'] is the ID-number (points to the global var that holds the filename-ref ($_FILES['upload_'.$id]['name']). $cmds['target'] is the target directory, $cmds['charset'] is the the character set of the file name (utf-8 is needed for JS-interaction)
* @return string Returns the new filename upon success
*/
function func_upload($cmds) {
function func_upload($cmds) {
if (!$this->isInit) return FALSE;
if (!$this->isInit) {
return FALSE;
}
$id = $cmds['data'];
if ($_FILES['upload_'.$id]['name']) {
if ($_FILES['upload_' . $id]['name']) {
$theFile = $_FILES['upload_'.$id]['tmp_name']; // filename of the uploaded file
$theFile = $_FILES['upload_' . $id]['tmp_name']; // filename of the uploaded file
$theFileSize = $_FILES['upload_'.$id]['size']; // filesize of the uploaded file
$theFileSize = $_FILES['upload_' . $id]['size']; // filesize of the uploaded file
$theName = $this->cleanFileName(stripslashes($_FILES['upload_'.$id]['name']), (isset($cmds['charset']) ? $cmds['charset'] : '')); // The original filename
$theName = $this->cleanFileName(stripslashes($_FILES['upload_' . $id]['name']), (isset($cmds['charset']) ? $cmds['charset'] : '')); // The original filename
if (is_uploaded_file($theFile) && $theName) { // Check the file
if (is_uploaded_file($theFile) && $theName) { // Check the file
if ($this->actionPerms['uploadFile']) {
if ($this->actionPerms['uploadFile']) {
if ($theFileSize<($this->maxUploadFileSize*1024)) {
if ($theFileSize < ($this->maxUploadFileSize * 1024)) {
$fI = t3lib_div::split_fileref($theName);
$theTarget = $this->is_directory($cmds['target']); // Check the target dir
$theTarget = $this->is_directory($cmds['target']); // Check the target dir
if ($theTarget && $this->checkPathAgainstMounts($theTarget.'/')) {
if ($theTarget && $this->checkPathAgainstMounts($theTarget . '/')) {
if ($this->checkIfAllowed($fI['fileext'], $theTarget, $fI['file'])) {
$theNewFile = $this->getUniqueName($theName, $theTarget, $this->dontCheckForUnique);
if ($theNewFile) {
if ($theNewFile) {
t3lib_div::upload_copy_move($theFile,$theNewFile);
t3lib_div::upload_copy_move($theFile, $theNewFile);
clearstatcache();
if (@is_file($theNewFile)) {
if (@is_file($theNewFile)) {
$this->internalUploadMap[$id] = $theNewFile;
$this->writelog(1,0,1,'Uploading file "%s" to "%s"',Array($theName,$theNewFile, $id));
$this->writelog(1, 0, 1, 'Uploading file "%s" to "%s"', Array($theName, $theNewFile, $id));
return $theNewFile;
} else $this->writelog(1,1,100,'Uploaded file could not be moved! Write-permission problem in "%s"?',Array($theTarget.'/'));
} else $this->writelog(1,1,101,'No unique filename available in "%s"!',Array($theTarget.'/'));
} else $this->writelog(1,1,102,'Extension of file name "%s" is not allowed in "%s"!',Array($fI['file'], $theTarget.'/'));
} else $this->writelog(1,1,103,'Destination path "%s" was not within your mountpoints!',Array($theTarget.'/'));
} else $this->writelog(1,1,104,'The uploaded file exceeds the size-limit of %s bytes',Array($this->maxUploadFileSize*1024));
} else $this->writelog(1,1,105,'You are not allowed to upload files!','');
} else $this->writelog(1,2,106,'The upload has failed, no uploaded file found!','');
} else $this->writelog(1,2,108,'No file was uploaded!','');
} else {
$this->writelog(1, 1, 100, 'Uploaded file could not be moved! Write-permission problem in "%s"?', Array($theTarget . '/'));
}
}
} else {
$this->writelog(1, 1, 101, 'No unique filename available in "%s"!', Array($theTarget . '/'));
}
} else {
$this->writelog(1, 1, 102, 'Extension of file name "%s" is not allowed in "%s"!', Array($fI['file'], $theTarget . '/'));
}
} else {
$this->writelog(1, 1, 103, 'Destination path "%s" was not within your mountpoints!', Array($theTarget . '/'));
}
} else {
$this->writelog(1, 1, 104, 'The uploaded file exceeds the size-limit of %s bytes', Array($this->maxUploadFileSize * 1024));
}
} else {
$this->writelog(1, 1, 105, 'You are not allowed to upload files!', '');
}
} else {
$this->writelog(1, 2, 106, 'The upload has failed, no uploaded file found!', '');
}
} else {
$this->writelog(1, 2, 108, 'No file was uploaded!', '');
}
}
/**
* Unzipping file (action=7)
......
* @param array $cmds['data'] is the zip-file. $cmds['target'] is the target directory. If not set we'll default to the same directory as the file is in.
* @return boolean Returns true on success
*/
function func_unzip($cmds) {
function func_unzip($cmds) {
if (!$this->isInit || $this->dont_use_exec_commands) return FALSE;
if (!$this->isInit || $this->dont_use_exec_commands) {
return FALSE;
}
$theFile = $cmds['data'];
if (@is_file($theFile)) {
if (@is_file($theFile)) {
$fI = t3lib_div::split_fileref($theFile);
if (!isset($cmds['target'])) {
if (!isset($cmds['target'])) {
$cmds['target'] = $fI['path'];
}
$theDest = $this->is_directory($cmds['target']); // Clean up destination directory
$theDest = $this->is_directory($cmds['target']); // Clean up destination directory
if ($theDest) {
if ($theDest) {
if ($this->actionPerms['unzipFile']) {
if ($this->actionPerms['unzipFile']) {
if ($fI['fileext']=='zip') {
if ($fI['fileext'] == 'zip') {
if ($this->checkIfFullAccess($theDest)) {
if ($this->checkPathAgainstMounts($theFile) && $this->checkPathAgainstMounts($theDest.'/')) {
if ($this->checkPathAgainstMounts($theFile) && $this->checkPathAgainstMounts($theDest . '/')) {
// No way to do this under windows.
// No way to do this under windows.
$cmd = $this->unzipPath.'unzip -qq "'.$theFile.'" -d "'.$theDest.'"';
$cmd = $this->unzipPath . 'unzip -qq "' . $theFile . '" -d "' . $theDest . '"';
exec($cmd);
$this->writelog(7,0,1,'Unzipping file "%s" in "%s"',Array($theFile,$theDest));
$this->writelog(7, 0, 1, 'Unzipping file "%s" in "%s"', Array($theFile, $theDest));
return TRUE;
} else $this->writelog(7,1,100,'File "%s" or destination "%s" was not within your mountpoints!',Array($theFile,$theDest));
} else $this->writelog(7,1,101,'You don\'t have full access to the destination directory "%s"!',Array($theDest));
} else $this->writelog(7,1,102,'File extension is not "zip"','');
} else $this->writelog(7,1,103,'You are not allowed to unzip files','');
} else $this->writelog(7,2,104,'Destination "%s" was not a directory',Array($cmds['target']));
} else $this->writelog(7,2,105,'The file "%s" did not exist!',Array($theFile));
} else {
$this->writelog(7, 1, 100, 'File "%s" or destination "%s" was not within your mountpoints!', Array($theFile, $theDest));
}
}
} else {
$this->writelog(7, 1, 101, 'You don\'t have full access to the destination directory "%s"!', Array($theDest));
}
}
} else {
$this->writelog(7, 1, 102, 'File extension is not "zip"', '');
}
} else {
$this->writelog(7, 1, 103, 'You are not allowed to unzip files', '');
}
} else {
$this->writelog(7, 2, 104, 'Destination "%s" was not a directory', Array($cmds['target']));
}
} else {
$this->writelog(7, 2, 105, 'The file "%s" did not exist!', Array($theFile));
}
}
}
if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_extfilefunc.php']) {
if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_extfilefunc.php']) {
include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_extfilefunc.php']);
}
(21-21/93)