Ticket #2873: 2873.patch
| File 2873.patch, 225.8 KB (added by wwalc, 3 years ago) |
|---|
-
_source/core/config.js
147 147 * config.plugins = 'basicstyles,button,htmldataprocessor,toolbar,wysiwygarea'; 148 148 */ 149 149 150 plugins : 'basicstyles,button,elementspath, horizontalrule,htmldataprocessor,keystrokes,newpage,pagebreak,preview,removeformat,smiley,indent,link,list,sourcearea,table,specialchar,tab,toolbar,wysiwygarea',150 plugins : 'basicstyles,button,elementspath,filebrowser,horizontalrule,htmldataprocessor,keystrokes,newpage,pagebreak,preview,removeformat,smiley,indent,link,list,sourcearea,table,specialchar,tab,toolbar,wysiwygarea', 151 151 152 152 /** 153 153 * The theme to be used to build the UI. -
_source/core/loader.js
44 44 'core/dom/text' : [ 'core/dom/node', 'core/dom/domobject' ], 45 45 'core/dom/window' : [ 'core/dom/domobject' ], 46 46 'core/dtd' : [ 'core/tools' ], 47 'core/editor' : [ 'core/ command', 'core/config', 'core/editor_basic', 'core/focusmanager', 'core/lang', 'core/plugins', 'core/skins', 'core/themes', 'core/tools', 'core/ui' ],47 'core/editor' : [ 'core/ajax', 'core/command', 'core/config', 'core/editor_basic', 'core/focusmanager', 'core/lang', 'core/plugins', 'core/skins', 'core/themes', 'core/tools', 'core/ui' ], 48 48 'core/editor_basic' : [ 'core/event' ], 49 49 'core/env' : [], 50 50 'core/event' : [], -
_source/lang/en.js
365 365 vSpace : 'VSpace' 366 366 }, 367 367 368 filebrowser : 369 { 370 errors : 371 { 372 10 : 'Invalid command.', 373 11 : 'The resource type was not specified in the request.', 374 12 : 'The requested resource type is not valid.', 375 102 : 'Invalid file or folder name.', 376 103 : 'It was not possible to complete the request due to authorization restrictions.', 377 104 : 'It was not possible to complete the request due to file system permission restrictions.', 378 105 : 'Invalid file extension.', 379 109 : 'Invalid request.', 380 110 : 'Unknown error.', 381 115 : 'A file or folder with the same name already exists.', 382 116 : 'Folder not found. Please refresh and try again.', 383 117 : 'File not found. Please refresh the files list and try again.', 384 201 : 'A file with the same name is already available. The uploaded file has been renamed to "%1"', 385 202 : 'Invalid file', 386 203 : 'Invalid file. The file size is too big.', 387 204 : 'The uploaded file is corrupt.', 388 205 : 'No temporary folder is available for upload in the server.', 389 206 : 'Upload cancelled for security reasons. The file contains HTML like data.', 390 500 : 'The file browser is disabled for security reasons. Please contact your system administrator and check the CKFinder configuration file.', 391 501 : 'The thumbnails support is disabled.' 392 }, 393 errorUnknown : 'It was not possible to complete the request. (Error %1)', 394 fileNotSelected : 'Please select a file from your computer', 395 fileInvalidChar : 'The file name cannot contain any of the following characters: \n\\ / : * ? " < > |', 396 folderCreate : 'Create Folder', 397 folderCreateTip : 'Create folder in working directory', 398 folderEmpty : 'The folder name cannot be empty', 399 folderInvalidChar : 'The folder name cannot contain any of the following characters: \n\\ / : * ? " < > |', 400 folderNew : 'Please type the new folder name: ', 401 resourceType : 'Resource Type', 402 title : 'File Browser', 403 uploadProgressLbl : '(Upload in progress, please wait...)', 404 uploadTip : 'Upload a new file in this folder', 405 }, 406 368 407 smiley : 369 408 { 370 409 toolbar : 'Smiley', -
_source/plugins/dialog/plugin.js
709 709 }, 710 710 711 711 /** 712 * Gets the name of the dialog. 713 * @returns {String} The name of this dialog. 714 * @example 715 * var dialogName = dialogObj.getName(); 716 */ 717 getName : function() 718 { 719 return this._.name; 720 }, 721 722 /** 712 723 * Gets a dialog UI element object from a dialog page. 713 724 * @param {String} pageId id of dialog page. 714 725 * @param {String} elementId id of UI element. … … 1986 1997 */ 1987 1998 selectParentTab : function() 1988 1999 { 2000 tabId = this.getParentTab(); 2001 2002 this._.dialog.selectPage( tabId ); 2003 return this; 2004 }, 2005 2006 /** 2007 * Gets the name of the parent tab of this element. 2008 * @returns {String} The name of selected tab. 2009 * @example 2010 * focus : function() 2011 * { 2012 * this.getParentTab(); 2013 * // do something else. 2014 * } 2015 */ 2016 getParentTab : function() 2017 { 1989 2018 var element = this.getInputElement(), 1990 2019 cursor = element, 1991 2020 tabId; … … 1994 2023 1995 2024 tabId = cursor.getAttribute( 'name' ); 1996 2025 1997 this._.dialog.selectPage( tabId ); 1998 return this; 2026 return tabId; 1999 2027 }, 2000 2028 2001 2029 /** -
_source/plugins/dialogui/plugin.js
656 656 this.validate = elementDefinition.validate; 657 657 658 658 var myDefinition = CKEDITOR.tools.extend( {}, elementDefinition ); 659 var onClick = myDefinition.onClick; 659 660 myDefinition.className = ( myDefinition.className ? myDefinition.className + ' ' : '' ) + 'cke_dialog_ui_button'; 660 661 myDefinition.onClick = function( evt ) 661 662 { 662 663 var target = elementDefinition[ 'for' ]; // [ pageId, elementId ] 663 dialog.getContentElement( target[0], target[1] ).submit(); 664 this.disable(); 664 if ( !onClick || onClick.call( this, evt ) !== false ) 665 { 666 dialog.getContentElement( target[0], target[1] ).submit(); 667 this.disable(); 668 } 665 669 }; 666 670 667 671 dialog.on( 'load', function() … … 1158 1162 }, 1159 1163 1160 1164 /** 1165 * Sets the action to given value. 1166 * @param {String} value The new action. 1167 * @returns {CKEDITOR.ui.dialog.file} This object. 1168 * @example 1169 */ 1170 setAction : function( action ) 1171 { 1172 this.getInputElement().getParent().$.action = action; 1173 return this; 1174 }, 1175 1176 /** 1177 * Get the action assigned to the form. 1178 * @returns {String} The value of the action. 1179 * @example 1180 */ 1181 getAction : function( action ) 1182 { 1183 return this.getInputElement().getParent().$.action; 1184 }, 1185 1186 /** 1161 1187 * Redraws the file input and resets the file path in the file input. 1162 1188 * The redraw logic is necessary because non-IE browsers tend to clear 1163 1189 * the <iframe> containing the file input after closing the dialog. 1164 1190 * @example 1165 1191 */ 1166 reset : function( )1192 reset : function( action ) 1167 1193 { 1168 1194 var frameElement = CKEDITOR.document.getById( this._.frameId ), 1169 1195 frameDocument = frameElement.$.contentWindow.document, … … 1172 1198 frameDocument.open(); 1173 1199 frameDocument.write( [ '<html><head><title></title></head><body style="margin: 0; overflow: hidden; background: transparent;">', 1174 1200 '<form enctype="multipart/form-data" method="POST" action="', 1175 CKEDITOR.tools.htmlEncode( elementDefinition.action ),1201 CKEDITOR.tools.htmlEncode( action || elementDefinition.action ), 1176 1202 '">', 1177 1203 '<input type="file" name="', 1178 1204 CKEDITOR.tools.htmlEncode( elementDefinition.id || 'cke_upload' ), -
_source/plugins/filebrowser/_dev/test.html
1 <!-- 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 --> 7 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> 8 <html xmlns="http://www.w3.org/1999/xhtml"> 9 <head> 10 <title>CKEditor File Manager - Connector Tests</title> 11 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 12 <script type="text/javascript"> 13 14 function BuildBaseUrl( command ) 15 { 16 var sUrl = 17 document.getElementById('cmbConnector').value + 18 '?command=' + command ; 19 20 if ( command != 'Init' ) 21 { 22 sUrl += 23 '&type=' + document.getElementById('cmbType').value + 24 '¤tFolder=' + encodeURIComponent( document.getElementById('txtFolder').value ) ; 25 } 26 27 return sUrl ; 28 } 29 30 function SetFrameUrl( url ) 31 { 32 if ( document.all ) 33 eRunningFrame.document.location = url ; 34 else 35 document.getElementById('eRunningFrame').src = url ; 36 37 document.getElementById('eUrl').value = url ; 38 } 39 40 function CallUrlField() 41 { 42 SetFrameUrl( document.getElementById('eUrl').value ) ; 43 return false ; 44 } 45 46 function Init() 47 { 48 SetFrameUrl( BuildBaseUrl( 'Init' ) ) ; 49 return false ; 50 } 51 52 function GetFolders() 53 { 54 SetFrameUrl( BuildBaseUrl( 'GetFolders' ) ) ; 55 return false ; 56 } 57 58 function GetFoldersAndFiles() 59 { 60 SetFrameUrl( BuildBaseUrl( 'GetFoldersAndFiles' ) ) ; 61 return false ; 62 } 63 64 function OnUploadCompleted( errorNumber, fileUrl, fileName ) 65 { 66 // QuickUpload uses 3 parameters and the order is different than the FileUpload 67 if ( !fileName ) 68 fileName = fileUrl ; 69 70 switch ( errorNumber ) 71 { 72 case 0 : 73 alert( 'File uploaded with no errors' ) ; 74 break ; 75 case 201 : 76 alert( 'A file with the same name is already available. The uploaded file has been renamed to "' + fileName + '"' ) ; 77 break ; 78 case 202 : 79 alert( 'Invalid file' ) ; 80 break ; 81 case 500 : 82 alert( 'The connector is disabled' ) ; 83 break ; 84 default : 85 alert( 'Error on file upload. Error number: ' + errorNumber ) ; 86 break ; 87 } 88 } 89 90 this.frames.frmUpload = this ; 91 92 function SetCreateFolderAction() 93 { 94 var sUrl = BuildBaseUrl( 'CreateFolder' ) ; 95 document.getElementById('eUrl').value = sUrl ; 96 document.getElementById('frmCreateFolder').action = sUrl ; 97 } 98 99 function SetAction() 100 { 101 var sUrl = BuildBaseUrl( 'FileUpload' ) ; 102 document.getElementById('eUrl').value = sUrl ; 103 document.getElementById('frmUpload').action = sUrl ; 104 } 105 106 function SetQuickAction() 107 { 108 var sUrl = BuildBaseUrl( 'QuickUpload' ) ; 109 document.getElementById('eUrl').value = sUrl ; 110 document.getElementById('frmQuickUpload').action = sUrl ; 111 } 112 </script> 113 </head> 114 <body> 115 <table cellspacing="0" cellpadding="0" width="100%" border="0" style="height: 100%"> 116 <tr> 117 <td> 118 <table cellspacing="0" cellpadding="0" border="0"> 119 <tr> 120 <td> 121 Connector:<br /> 122 <select id="cmbConnector" name="cmbConnector"> 123 <option value="../core/connector/asp/connector.asp">ASP</option> 124 <option value="../core/connector/aspx/connector.aspx">ASP.NET</option> 125 <option value="../core/connector/cfm/connector.cfm">CFM</option> 126 <option value="../core/connector/php/connector.php" selected="selected">PHP</option> 127 </select> 128 </td> 129 <td> 130 </td> 131 <td> 132 Current Folder<br /> 133 <input id="txtFolder" type="text" value="/" name="txtFolder" /></td> 134 <td> 135 </td> 136 <td> 137 Resource Type<br /> 138 <select id="cmbType" name="cmbType"> 139 <option value="Files" selected="selected">File</option> 140 <option value="Images">Image</option> 141 <option value="Flash">Flash</option> 142 <option value="Invalid">Invalid Type (for testing)</option> 143 </select> 144 </td> 145 </tr> 146 </table> 147 <br /> 148 <table cellspacing="0" cellpadding="0" border="0"> 149 <tr> 150 <td valign="top"> 151 <a href="#" onclick="Init();">Init</a> 152 </td> 153 <td> </td> 154 <td valign="top"> 155 <a href="#" onclick="GetFolders();">Get Folders</a> 156 </td> 157 <td> </td> 158 <td valign="top"> 159 <a href="#" onclick="GetFoldersAndFiles();">Get Folders And Files</a> 160 </td> 161 <td> </td> 162 <td valign="top"> 163 <form id="frmCreateFolder" action="" target="eRunningFrame" method="post" enctype="multipart/form-data"> 164 Create Folder 165 <input id="txtFolderName" type="text" name="newFolderName" /> 166 <input type="submit" value="Create" onclick="SetCreateFolderAction();" /> 167 </form> 168 </td> 169 <td> </td> 170 <td valign="top"> 171 <form id="frmUpload" action="" target="eRunningFrame" method="post" enctype="multipart/form-data"> 172 Upload 173 <input id="txtFileUpload" type="file" name="NewFile" /> 174 <input type="submit" value="Upload" onclick="SetAction();" /> 175 </form> 176 177 <form id="frmQuickUpload" action="" target="eRunningFrame" method="post" enctype="multipart/form-data"> 178 Quick 179 <input id="txtQuickUpload" type="file" name="NewFile" /> 180 <input type="submit" value="Upload" onclick="SetQuickAction();" /> 181 </form> 182 </td> 183 </tr> 184 </table> 185 <table width="100%"> 186 <tr> 187 <td style="white-space: nowrap"> 188 URL: </td> 189 <td style="width: 100%"> 190 <input id="eUrl" style="width: 100%" /></td> 191 <td> 192 <input id="xBtnUrl" type="button" value="Call URL" onclick="CallUrlField();" /></td> 193 </tr> 194 </table> 195 </td> 196 </tr> 197 <tr> 198 <td valign="top" style="height: 100%"> 199 <iframe id="eRunningFrame" name="eRunningFrame" width="100%" height="100%" src="javascript:''"></iframe> 200 </td> 201 </tr> 202 </table> 203 </body> 204 </html> -
_source/plugins/filebrowser/config.php
1 <?php 2 /* 3 Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * This function must check the user session to be sure that he/she is 9 * authorized to upload and access files in the File Browser. 10 * 11 * @return boolean 12 */ 13 function CheckAuthentication() 14 { 15 // WARNING : DO NOT simply return "true". By doing so, you are allowing 16 // "anyone" to upload and list the files in your server. You must implement 17 // some kind of session validation here. Even something very simple as... 18 // 19 // return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized']; 20 // 21 // ... where $_SESSION['IsAuthorized'] is set to "true" as soon as the 22 // user logs in your system. 23 24 // %REMOVE_START% 25 // Attention: In the development version (SVN) the PHP connector is enabled by default. 26 return true; 27 // %REMOVE_END% 28 return false; 29 } 30 31 // To make it easy to configure CKEditor file manager, the $baseUrl and $baseDir can be used. 32 // Those are helper variables used later in this config file. 33 34 // $baseUrl : the base path used to build the final URL for the resources handled 35 // in CKEditor. If empty, the default value (/userfiles/) is used. 36 // 37 // Examples: 38 // $baseUrl = 'http://example.com/userfiles/'; 39 // $baseUrl = '/userfiles/'; 40 // 41 // ATTENTION: The trailing slash is required. 42 $baseUrl = '/userfiles/'; 43 44 // $baseDir : the path to the local directory (in the server) which points to the 45 // above $baseUrl URL. This is the path used by CKEditor to handle the files in 46 // the server. Full write permissions must be granted to this directory. 47 // 48 // Examples: 49 // You may point it to a directory directly: 50 // 51 // $baseDir = '/home/login/public_html/userfiles/'; 52 // $baseDir = 'C:/SiteDir/userfiles/'; 53 // 54 // Or you may let CKEditor discover the path, based on $baseUrl: 55 // 56 // $baseDir = resolveUrl($baseUrl); 57 // 58 // ATTENTION: The trailing slash is required. 59 $baseDir = resolveUrl($baseUrl); 60 $baseDir = 'D:/xampp/htdocs/userfiles/'; //%REMOVE_LINE% 61 62 // ResourceType : defines the "resource types" handled in CKEditor. A resource 63 // type is nothing more than a way to group files under different paths, each one 64 // having different configuration settings. 65 $config['ResourceType'][] = Array( 66 'name' => 'Files', // Single quotes not allowed 67 'url' => $baseUrl . 'files', 68 'directory' => $baseDir . 'files', 69 'allowedExtensions' => '7z,aiff,asf,avi,bmp,csv,doc,fla,flv,gif,gz,gzip,jpeg,jpg,mid,mov,mp3,mp4,mpc,mpeg,mpg,ods,odt,pdf,png,ppt,pxd,qt,ram,rar,rm,rmi,rmvb,rtf,sdc,sitd,swf,sxc,sxw,tar,tgz,tif,tiff,txt,vsd,wav,wma,wmv,xls,zip', 70 'deniedExtensions' => '' 71 ); 72 73 $config['ResourceType'][] = Array( 74 'name' => 'Images', 75 'url' => $baseUrl . 'images', 76 'directory' => $baseDir . 'images', 77 'allowedExtensions' => 'bmp,gif,jpeg,jpg,png', 78 'deniedExtensions' => '' 79 ); 80 81 $config['ResourceType'][] = Array( 82 'name' => 'Flash', 83 'url' => $baseUrl . 'flash', 84 'directory' => $baseDir . 'flash', 85 'allowedExtensions' => 'swf,flv', 86 'deniedExtensions' => '' 87 ); 88 89 // Due to security issues with Apache modules, it is recommended to leave the 90 // following setting enabled. 91 $config['ForceSingleExtension'] = true ; 92 93 // Perform additional checks for image files. 94 // If set to true, validate image size (using getimagesize). 95 $config['SecureImageUploads'] = true; 96 97 // For security, HTML is allowed in the first Kb of data for files having the 98 // following extensions only. 99 $config['HtmlExtensions'] = array("html", "htm", "xml", "xsd", "txt", "js") ; 100 101 // After file is uploaded, sometimes it is required to change its permissions 102 // so that it was possible to access it at the later time. 103 // If possible, it is recommended to set more restrictive permissions, like 0755. 104 // Set to 0 to disable this feature. 105 // Note: not needed on Windows-based servers. 106 $config['ChmodFiles'] = 0777 ; 107 108 // See comments above. 109 // Used when creating folders that does not exist. 110 $config['ChmodFolders'] = 0755 ; 111 112 // If you have iconv enabled (visit http://php.net/iconv for more information), 113 // you can use this directive to specify the encoding of file names in your 114 // operating system. Acceptable values can be found at: 115 // http://www.gnu.org/software/libiconv/ 116 // 117 // Examples: 118 // $config['FilesystemEncoding'] = 'CP1250'; 119 // $config['FilesystemEncoding'] = 'ISO-8859-2'; 120 $config['FilesystemEncoding'] = 'UTF-8'; 121 $config['FilesystemEncoding'] = 'CP1250'; //%REMOVE_LINE% 122 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/connector.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * define required constants 9 */ 10 require_once "./constants.php"; 11 12 /** 13 * we need this class in each call 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/CommandHandler/CommandHandlerBase.php"; 16 /** 17 * singleton factory 18 */ 19 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/Core/Factory.php"; 20 /** 21 * utils class 22 */ 23 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/Utils/Misc.php"; 24 25 /** 26 * Simple function required by config.php - discover the server side path 27 * to the directory relative to the "$baseUrl" attribute 28 * 29 * @package CKEditor 30 * @subpackage Connector 31 * @param string $baseUrl 32 * @return string 33 */ 34 function resolveUrl($baseUrl) { 35 $fileSystem =& CKEditor_Connector_Core_Factory::getInstance("Utils_FileSystem"); 36 return $fileSystem->getDocumentRootPath() . $baseUrl; 37 } 38 39 $utilsSecurity =& CKEditor_Connector_Core_Factory::getInstance("Utils_Security"); 40 $utilsSecurity->getRidOfMagicQuotes(); 41 42 /** 43 * $config must be initialised 44 */ 45 $config = array(); 46 /** 47 * read config file 48 */ 49 require_once CKEDITOR_CONNECTOR_CONFIG_FILE_PATH; 50 51 CKEditor_Connector_Core_Factory::initFactory(); 52 $connector =& CKEditor_Connector_Core_Factory::getInstance("Core_Connector"); 53 54 if (isset($_GET['command'])) { 55 $connector->executeCommand($_GET['command']); 56 } 57 else { 58 $connector->handleInvalidCommand(); 59 } -
_source/plugins/filebrowser/core/connector/php/constants.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * No errors 9 */ 10 define('CKEDITOR_CONNECTOR_ERROR_NONE',0); 11 define('CKEDITOR_CONNECTOR_ERROR_CUSTOM_ERROR',1); 12 define('CKEDITOR_CONNECTOR_ERROR_INVALID_COMMAND',10); 13 define('CKEDITOR_CONNECTOR_ERROR_TYPE_NOT_SPECIFIED',11); 14 define('CKEDITOR_CONNECTOR_ERROR_INVALID_TYPE',12); 15 define('CKEDITOR_CONNECTOR_ERROR_INVALID_NAME',102); 16 define('CKEDITOR_CONNECTOR_ERROR_UNAUTHORIZED',103); 17 define('CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED',104); 18 define('CKEDITOR_CONNECTOR_ERROR_INVALID_EXTENSION',105); 19 define('CKEDITOR_CONNECTOR_ERROR_INVALID_REQUEST',109); 20 define('CKEDITOR_CONNECTOR_ERROR_UNKNOWN',110); 21 define('CKEDITOR_CONNECTOR_ERROR_ALREADY_EXIST',115); 22 define('CKEDITOR_CONNECTOR_ERROR_FOLDER_NOT_FOUND',116); 23 define('CKEDITOR_CONNECTOR_ERROR_FILE_NOT_FOUND',117); 24 define('CKEDITOR_CONNECTOR_ERROR_UPLOADED_FILE_RENAMED',201); 25 define('CKEDITOR_CONNECTOR_ERROR_UPLOADED_INVALID',202); 26 define('CKEDITOR_CONNECTOR_ERROR_UPLOADED_TOO_BIG',203); 27 define('CKEDITOR_CONNECTOR_ERROR_UPLOADED_CORRUPT',204); 28 define('CKEDITOR_CONNECTOR_ERROR_UPLOADED_NO_TMP_DIR',205); 29 define('CKEDITOR_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE',206); 30 define('CKEDITOR_CONNECTOR_ERROR_CONNECTOR_DISABLED',500); 31 32 define('CKEDITOR_CONNECTOR_DEFAULT_USER_FILES_PATH', "/userfiles/"); 33 define('CKEDITOR_CONNECTOR_CONFIG_FILE_PATH', "./../../../config.php"); 34 35 if (version_compare(phpversion(), '6', '>=')) { 36 define('CKEDITOR_CONNECTOR_PHP_MODE', 6); 37 } 38 else if (version_compare(phpversion(), '5', '>=')) { 39 define('CKEDITOR_CONNECTOR_PHP_MODE', 5); 40 } 41 else { 42 define('CKEDITOR_CONNECTOR_PHP_MODE', 4); 43 } 44 45 if (CKEDITOR_CONNECTOR_PHP_MODE == 4) { 46 define('CKEDITOR_CONNECTOR_LIB_DIR', "./php4"); 47 } else { 48 define('CKEDITOR_CONNECTOR_LIB_DIR', "./php5"); 49 } 50 51 define('CKEDITOR_REGEX_IMAGES_EXT', '/\.(jpg|gif|png|bmp|jpeg)$/i'); -
_source/plugins/filebrowser/core/connector/php/php4/CommandHandler/CommandHandlerBase.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage CommandHandlers 10 */ 11 12 /** 13 * Base commands handler 14 * 15 * @package CKEditor 16 * @subpackage CommandHandlers 17 * @abstract 18 */ 19 class CKEditor_Connector_CommandHandler_CommandHandlerBase 20 { 21 /** 22 * CKEditor_Connector_Core_Connector object 23 * 24 * @access protected 25 * @var CKEditor_Connector_Core_Connector 26 */ 27 var $_connector; 28 /** 29 * CKEditor_Connector_Core_FolderHandler object 30 * 31 * @access protected 32 * @var CKEditor_Connector_Core_FolderHandler 33 */ 34 var $_currentFolder; 35 /** 36 * Error handler object 37 * 38 * @access protected 39 * @var CKEditor_Connector_ErrorHandler_Base|CKEditor_Connector_ErrorHandler_FileUpload|CKEditor_Connector_ErrorHandler_Http 40 */ 41 var $_errorHandler; 42 43 function CKEditor_Connector_CommandHandler_CommandHandlerBase() 44 { 45 $this->_currentFolder =& CKEditor_Connector_Core_Factory::getInstance("Core_FolderHandler"); 46 $this->_connector =& CKEditor_Connector_Core_Factory::getInstance("Core_Connector"); 47 $this->_errorHandler =& $this->_connector->getErrorHandler(); 48 } 49 50 /** 51 * Get Folder Handler 52 * 53 * @access public 54 * @return CKEditor_Connector_Core_FolderHandler 55 */ 56 function getFolderHandler() 57 { 58 if (is_null($this->_currentFolder)) { 59 $this->_currentFolder =& CKEditor_Connector_Core_Factory::getInstance("Core_FolderHandler"); 60 } 61 62 return $this->_currentFolder; 63 } 64 65 /** 66 * Check whether Connector is enabled 67 * @access protected 68 * 69 */ 70 function checkConnector() 71 { 72 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 73 if (!$_config->getIsEnabled()) { 74 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_CONNECTOR_DISABLED); 75 } 76 } 77 78 /** 79 * Check request 80 * @access protected 81 * 82 */ 83 function checkRequest() 84 { 85 if (preg_match(",(/\.)|[[:cntrl:]]|(//)|(\\\\)|([\:\*\?\"\<\>\|]),", $this->_currentFolder->getClientPath())) { 86 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_NAME); 87 } 88 89 $_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig(); 90 91 if (is_null($_resourceTypeConfig)) { 92 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_TYPE); 93 } 94 95 $_clientPath = $this->_currentFolder->getClientPath(); 96 97 if (!is_dir($this->_currentFolder->getServerPath())) { 98 if ($_clientPath == "/") { 99 if (!CKEditor_Connector_Utils_FileSystem::createDirectoryRecursively($this->_currentFolder->getServerPath())) { 100 /** 101 * @todo handle error 102 */ 103 } 104 } 105 else { 106 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_FOLDER_NOT_FOUND); 107 } 108 } 109 } 110 } 111 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/CommandHandler/CreateFolder.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage CommandHandlers 10 */ 11 12 /** 13 * Include base XML command handler 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/CommandHandler/XmlCommandHandlerBase.php"; 16 17 /** 18 * Handle CreateFolder command 19 * 20 * @package CKEditor 21 * @subpackage CommandHandlers 22 */ 23 class CKEditor_Connector_CommandHandler_CreateFolder extends CKEditor_Connector_CommandHandler_XmlCommandHandlerBase 24 { 25 /** 26 * Command name 27 * 28 * @access private 29 * @var string 30 */ 31 var $command = "CreateFolder"; 32 33 /** 34 * handle request and build XML 35 * @access protected 36 * 37 */ 38 function buildXml() 39 { 40 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 41 42 $_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig(); 43 $sNewFolderName = isset($_POST["newFolderName"]) ? $_POST["newFolderName"] : ""; 44 $sNewFolderName = CKEditor_Connector_Utils_FileSystem::convertToFilesystemEncoding($sNewFolderName); 45 46 if (!CKEditor_Connector_Utils_FileSystem::checkFileName($sNewFolderName)) { 47 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_NAME); 48 } 49 50 $sServerDir = CKEditor_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $sNewFolderName); 51 if (!is_writeable($this->_currentFolder->getServerPath())) { 52 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); 53 } 54 55 $bCreated = false; 56 57 if (file_exists($sServerDir)) { 58 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ALREADY_EXIST); 59 } 60 61 if ($perms = $_config->getChmodFolders()) { 62 $oldUmask = umask(0); 63 $bCreated = @mkdir($sServerDir, $perms); 64 umask($oldUmask); 65 } 66 else { 67 $bCreated = @mkdir($sServerDir); 68 } 69 70 if (!$bCreated) { 71 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); 72 } else { 73 $oNewFolderNode = new CKEditor_Connector_Utils_XmlNode("NewFolder"); 74 $this->_connectorNode->addChild($oNewFolderNode); 75 $oNewFolderNode->addAttribute("name", CKEditor_Connector_Utils_FileSystem::convertToConnectorEncoding($sNewFolderName)); 76 } 77 } 78 } 79 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/CommandHandler/FileUpload.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage CommandHandlers 10 */ 11 12 /** 13 * Handle FileUpload command 14 * 15 * @package CKEditor 16 * @subpackage CommandHandlers 17 */ 18 class CKEditor_Connector_CommandHandler_FileUpload extends CKEditor_Connector_CommandHandler_CommandHandlerBase 19 { 20 /** 21 * Command name 22 * 23 * @access protected 24 * @var string 25 */ 26 var $command = "FileUpload"; 27 28 /** 29 * send response (save uploaded file) 30 * @access public 31 * 32 */ 33 function sendResponse() 34 { 35 $iErrorNumber = CKEDITOR_CONNECTOR_ERROR_NONE; 36 37 $oRegistry =& CKEditor_Connector_Core_Factory::getInstance("Core_Registry"); 38 $oRegistry->set("FileUpload_fileName", "unknown file"); 39 40 $uploadedFile = array_shift($_FILES); 41 42 if (!isset($uploadedFile['name'])) { 43 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_INVALID); 44 } 45 46 $sFileName = CKEditor_Connector_Utils_FileSystem::convertToFilesystemEncoding(basename($uploadedFile['name'])); 47 $oRegistry->set("FileUpload_fileName", $sFileName); 48 49 $this->checkConnector(); 50 $this->checkRequest(); 51 52 if (!CKEditor_Connector_Utils_FileSystem::checkFileName($sFileName)) { 53 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_NAME); 54 } 55 56 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 57 $_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig(); 58 59 $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); 60 if (!$resourceTypeInfo->checkExtension($sFileName)) { 61 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_EXTENSION); 62 } 63 64 $sFileNameOrginal = $sFileName; 65 $oRegistry->set("FileUpload_fileName", $sFileName); 66 67 $htmlExtensions = $_config->getHtmlExtensions(); 68 $sExtension = CKEditor_Connector_Utils_FileSystem::getExtension($sFileNameOrginal); 69 70 if ($htmlExtensions 71 && !CKEditor_Connector_Utils_Misc::inArrayCaseInsensitive($sExtension, $htmlExtensions) 72 && ($detectHtml = CKEditor_Connector_Utils_FileSystem::detectHtml($uploadedFile['tmp_name'])) === true ) { 73 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE); 74 } 75 76 $sExtension = CKEditor_Connector_Utils_FileSystem::getExtension($sFileNameOrginal); 77 $secureImageUploads = $_config->getSecureImageUploads(); 78 if ($secureImageUploads 79 && ($isImageValid = CKEditor_Connector_Utils_FileSystem::isImageValid($uploadedFile['tmp_name'], $sExtension)) === false ) { 80 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_CORRUPT); 81 } 82 83 switch ($uploadedFile['error']) { 84 case UPLOAD_ERR_OK: 85 break; 86 87 case UPLOAD_ERR_INI_SIZE: 88 case UPLOAD_ERR_FORM_SIZE: 89 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_TOO_BIG); 90 break; 91 92 case UPLOAD_ERR_PARTIAL: 93 case UPLOAD_ERR_NO_FILE: 94 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_CORRUPT); 95 break; 96 97 case UPLOAD_ERR_NO_TMP_DIR: 98 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_NO_TMP_DIR); 99 break; 100 101 case UPLOAD_ERR_CANT_WRITE: 102 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); 103 break; 104 105 case UPLOAD_ERR_EXTENSION: 106 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); 107 break; 108 } 109 110 $sServerDir = $this->_currentFolder->getServerPath(); 111 $iCounter = 0; 112 113 while (true) 114 { 115 $sFilePath = CKEditor_Connector_Utils_FileSystem::combinePaths($sServerDir, $sFileName); 116 117 if (file_exists($sFilePath)) { 118 $iCounter++; 119 $sFileName = 120 CKEditor_Connector_Utils_FileSystem::getFileNameWithoutExtension($sFileNameOrginal) . 121 "(" . $iCounter . ")" . "." . 122 CKEditor_Connector_Utils_FileSystem::getExtension($sFileNameOrginal); 123 $oRegistry->set("FileUpload_fileName", $sFileName); 124 125 $iErrorNumber = CKEDITOR_CONNECTOR_ERROR_UPLOADED_FILE_RENAMED; 126 } else { 127 if (false === move_uploaded_file($uploadedFile['tmp_name'], $sFilePath)) { 128 $iErrorNumber = CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED; 129 } 130 else { 131 if (isset($detectHtml) && $detectHtml === -1 && CKEditor_Connector_Utils_FileSystem::detectHtml($sFilePath) === true) { 132 @unlink($sFilePath); 133 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE); 134 } 135 else if (isset($isImageValid) && $isImageValid === -1 && CKEditor_Connector_Utils_FileSystem::isImageValid($sFilePath, $sExtension) === false) { 136 @unlink($sFilePath); 137 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_UPLOADED_CORRUPT); 138 } 139 } 140 if (is_file($sFilePath) && ($perms = $_config->getChmodFiles())) { 141 $oldumask = umask(0); 142 chmod($sFilePath, $perms); 143 umask($oldumask); 144 } 145 break; 146 } 147 } 148 149 $this->_errorHandler->throwError($iErrorNumber, $sFileName, false); 150 } 151 } -
_source/plugins/filebrowser/core/connector/php/php4/CommandHandler/GetFolders.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage CommandHandlers 10 */ 11 12 /** 13 * Include base XML command handler 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/CommandHandler/XmlCommandHandlerBase.php"; 16 17 /** 18 * Handle GetFolders command 19 * 20 * @package CKEditor 21 * @subpackage CommandHandlers 22 */ 23 class CKEditor_Connector_CommandHandler_GetFolders extends CKEditor_Connector_CommandHandler_XmlCommandHandlerBase 24 { 25 /** 26 * Command name 27 * 28 * @access private 29 * @var string 30 */ 31 var $command = "GetFolders"; 32 33 /** 34 * handle request and build XML 35 * @access protected 36 * 37 */ 38 function buildXml() 39 { 40 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 41 42 // Map the virtual path to the local server path. 43 $_sServerDir = $this->_currentFolder->getServerPath(); 44 45 if (!is_dir($_sServerDir)) { 46 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_FOLDER_NOT_FOUND); 47 } 48 49 // Create the "Folders" node. 50 $oFoldersNode = new CKEditor_Connector_Utils_XmlNode("Folders"); 51 $this->_connectorNode->addChild($oFoldersNode); 52 53 $files = array(); 54 if ($dh = @opendir($_sServerDir)) { 55 while (($file = readdir($dh)) !== false) { 56 if ($file != "." && $file != ".." && is_dir($_sServerDir . $file)) { 57 $files[] = $file; 58 } 59 } 60 closedir($dh); 61 } else { 62 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); 63 } 64 65 $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); 66 67 if (sizeof($files)>0) { 68 natcasesort($files); 69 $i=0; 70 foreach ($files as $file) { 71 // Create the "Folder" node. 72 $oFolderNode[$i] = new CKEditor_Connector_Utils_XmlNode("Folder"); 73 $oFoldersNode->addChild($oFolderNode[$i]); 74 $oFolderNode[$i]->addAttribute("name", CKEditor_Connector_Utils_FileSystem::convertToConnectorEncoding($file)); 75 76 $i++; 77 } 78 } 79 } 80 } -
_source/plugins/filebrowser/core/connector/php/php4/CommandHandler/GetFoldersAndFiles.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage CommandHandlers 10 */ 11 12 /** 13 * Include base XML command handler 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/CommandHandler/XmlCommandHandlerBase.php"; 16 17 /** 18 * Handle GetFiles command 19 * 20 * @package CKEditor 21 * @subpackage CommandHandlers 22 */ 23 class CKEditor_Connector_CommandHandler_GetFoldersAndFiles extends CKEditor_Connector_CommandHandler_XmlCommandHandlerBase 24 { 25 /** 26 * Command name 27 * 28 * @access private 29 * @var string 30 */ 31 var $command = "GetFiles"; 32 33 /** 34 * handle request and build XML 35 * @access protected 36 * 37 */ 38 function buildXml() 39 { 40 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 41 42 // Map the virtual path to the local server path. 43 $_sServerDir = $this->_currentFolder->getServerPath(); 44 45 $files = array(); 46 $folders = array(); 47 if ($dh = @opendir($_sServerDir)) { 48 while (($file = readdir($dh)) !== false) { 49 if ($file == "." || $file == "..") { 50 continue; 51 } 52 else if (!is_dir($_sServerDir . $file)) { 53 $files[] = $file; 54 } 55 else { 56 $folders[] = $file; 57 } 58 } 59 closedir($dh); 60 } 61 else { 62 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED); 63 } 64 65 // Create the "Folders" node. 66 $oFoldersNode = new CKEditor_Connector_Utils_XmlNode("Folders"); 67 $this->_connectorNode->addChild($oFoldersNode); 68 69 70 $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig(); 71 72 if (sizeof($folders)>0) { 73 natcasesort($folders); 74 $i=0; 75 foreach ($folders as $file) { 76 // Create the "Folder" node. 77 $oFolderNode[$i] = new CKEditor_Connector_Utils_XmlNode("Folder"); 78 $oFoldersNode->addChild($oFolderNode[$i]); 79 $oFolderNode[$i]->addAttribute("name", CKEditor_Connector_Utils_FileSystem::convertToConnectorEncoding($file)); 80 81 $i++; 82 } 83 } 84 85 // Create the "Files" node. 86 $oFilesNode = new CKEditor_Connector_Utils_XmlNode("Files"); 87 $this->_connectorNode->addChild($oFilesNode); 88 89 if (!is_dir($_sServerDir)) { 90 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_FOLDER_NOT_FOUND); 91 } 92 93 if (sizeof($files)>0) { 94 natcasesort($files); 95 $i=0; 96 foreach ($files as $file) { 97 $filemtime = @filemtime($_sServerDir . $file); 98 99 //otherwise file doesn't exist or we can't get it's filename properly 100 if ($filemtime !== false) { 101 $filename = basename($file); 102 if (!$resourceTypeInfo->checkExtension($filename, false)) { 103 continue; 104 } 105 $oFileNode[$i] = new CKEditor_Connector_Utils_XmlNode("File"); 106 $oFilesNode->addChild($oFileNode[$i]); 107 $oFileNode[$i]->addAttribute("name", CKEditor_Connector_Utils_FileSystem::convertToConnectorEncoding(basename($file))); 108 $oFileNode[$i]->addAttribute("date", @date("YmdHi", $filemtime)); 109 $size = filesize($_sServerDir . $file); 110 if ($size && $size<1024) { 111 $size = 1; 112 } 113 else { 114 $size = (int)round($size / 1024); 115 } 116 $oFileNode[$i]->addAttribute("size", $size); 117 $i++; 118 } 119 } 120 } 121 } 122 } -
_source/plugins/filebrowser/core/connector/php/php4/CommandHandler/Init.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage CommandHandlers 10 */ 11 12 /** 13 * Include base XML command handler 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/CommandHandler/XmlCommandHandlerBase.php"; 16 17 /** 18 * Handle Init command 19 * 20 * @package CKEditor 21 * @subpackage CommandHandlers 22 */ 23 class CKEditor_Connector_CommandHandler_Init extends CKEditor_Connector_CommandHandler_XmlCommandHandlerBase 24 { 25 /** 26 * Command name 27 * 28 * @access private 29 * @var string 30 */ 31 var $command = "Init"; 32 33 function mustCheckRequest() 34 { 35 return false; 36 } 37 38 /** 39 * Must add CurrentFolder node? 40 * 41 * @return boolean 42 * @access protected 43 */ 44 function mustAddCurrentFolderNode() 45 { 46 return false; 47 } 48 49 /** 50 * handle request and build XML 51 * @access protected 52 * 53 */ 54 function buildXml() 55 { 56 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 57 58 // Create the "ConnectorInfo" node. 59 $_oConnInfo = new CKEditor_Connector_Utils_XmlNode("ConnectorInfo"); 60 $this->_connectorNode->addChild($_oConnInfo); 61 $_oConnInfo->addAttribute("enabled", $_config->getIsEnabled() ? "true" : "false"); 62 63 if (!$_config->getIsEnabled()) { 64 $this->_errorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_CONNECTOR_DISABLED); 65 } 66 67 // Create the "ResourceTypes" node. 68 $_oResourceTypes = new CKEditor_Connector_Utils_XmlNode("ResourceTypes"); 69 $this->_connectorNode->addChild($_oResourceTypes); 70 71 // Load the resource types in an array. 72 $_aTypes = $_config->getDefaultResourceTypes(); 73 74 if (!sizeof($_aTypes)) { 75 $_aTypes = $_config->getResourceTypeNames(); 76 } 77 78 $_aTypesSize = sizeof($_aTypes); 79 if ($_aTypesSize) { 80 for ($i = 0; $i < $_aTypesSize; $i++) 81 { 82 $_resourceTypeName = $_aTypes[$i]; 83 84 if (!isset($_GET['type']) || $_GET['type'] === $_resourceTypeName) { 85 $_oTypeInfo = $_config->getResourceTypeConfig($_resourceTypeName); 86 $_oResourceType[$i] = new CKEditor_Connector_Utils_XmlNode("ResourceType"); 87 $_oResourceTypes->addChild($_oResourceType[$i]); 88 89 $_oResourceType[$i]->addAttribute("name", $_resourceTypeName); 90 $_oResourceType[$i]->addAttribute("url", $_oTypeInfo->getUrl()); 91 $_oResourceType[$i]->addAttribute("allowedExtensions", implode(",", $_oTypeInfo->getAllowedExtensions())); 92 $_oResourceType[$i]->addAttribute("deniedExtensions", implode(",", $_oTypeInfo->getDeniedExtensions())); 93 } 94 } 95 } 96 } 97 } -
_source/plugins/filebrowser/core/connector/php/php4/CommandHandler/QuickUpload.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage CommandHandlers 10 */ 11 12 /** 13 * Include file upload command handler 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/CommandHandler/FileUpload.php"; 16 17 /** 18 * Handle QuickUpload command 19 * 20 * @package CKEditor 21 * @subpackage CommandHandlers 22 */ 23 class CKEditor_Connector_CommandHandler_QuickUpload extends CKEditor_Connector_CommandHandler_FileUpload 24 { 25 /** 26 * Command name 27 * 28 * @access protected 29 * @var string 30 */ 31 var $command = "QuickUpload"; 32 33 function sendResponse() 34 { 35 $oRegistry =& CKEditor_Connector_Core_Factory::getInstance("Core_Registry"); 36 $oRegistry->set("FileUpload_url", $this->_currentFolder->getUrl()); 37 38 return parent::sendResponse(); 39 } 40 } -
_source/plugins/filebrowser/core/connector/php/php4/CommandHandler/XmlCommandHandlerBase.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage CommandHandlers 10 */ 11 12 /** 13 * Include base command handler 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/CommandHandler/CommandHandlerBase.php"; 16 /** 17 * Include xml utils 18 */ 19 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/Core/Xml.php"; 20 21 /** 22 * Base XML commands handler 23 * 24 * @package CKEditor 25 * @subpackage CommandHandlers 26 * @abstract 27 */ 28 abstract class CKEditor_Connector_CommandHandler_XmlCommandHandlerBase extends CKEditor_Connector_CommandHandler_CommandHandlerBase 29 { 30 /** 31 * Connector node - CKEditor_Connector_Utils_XmlNode object 32 * 33 * @var CKEditor_Connector_Utils_XmlNode 34 * @access protected 35 */ 36 var $_connectorNode; 37 38 /** 39 * send response 40 * @access public 41 * 42 */ 43 function sendResponse() 44 { 45 $xml =& CKEditor_Connector_Core_Factory::getInstance("Core_Xml"); 46 $this->_connectorNode =& $xml->getConnectorNode(); 47 48 $this->checkConnector(); 49 if ($this->mustCheckRequest()) { 50 $this->checkRequest(); 51 } 52 53 $resourceTypeName = $this->_currentFolder->getResourceTypeName(); 54 if (!empty($resourceTypeName)) { 55 $this->_connectorNode->addAttribute("resourceType", $this->_currentFolder->getResourceTypeName()); 56 } 57 58 if ($this->mustAddCurrentFolderNode()) { 59 $_currentFolder = new CKEditor_Connector_Utils_XmlNode("CurrentFolder"); 60 $this->_connectorNode->addChild($_currentFolder); 61 $_currentFolder->addAttribute("path", CKEditor_Connector_Utils_FileSystem::convertToConnectorEncoding($this->_currentFolder->getClientPath())); 62 63 $this->_errorHandler->setCatchAllErros(true); 64 $_url = $this->_currentFolder->getUrl(); 65 $_currentFolder->addAttribute("url", is_null($_url) ? "" : CKEditor_Connector_Utils_FileSystem::convertToConnectorEncoding($_url)); 66 $this->_errorHandler->setCatchAllErros(false); 67 } 68 69 $this->buildXml(); 70 71 $_oErrorNode =& $xml->getErrorNode(); 72 $_oErrorNode->addAttribute("number", "0"); 73 74 echo $this->_connectorNode->asXML(); 75 exit; 76 } 77 78 /** 79 * Must check request? 80 * 81 * @return boolean 82 * @access protected 83 */ 84 function mustCheckRequest() 85 { 86 return true; 87 } 88 89 /** 90 * Must add CurrentFolder node? 91 * 92 * @return boolean 93 * @access protected 94 */ 95 function mustAddCurrentFolderNode() 96 { 97 return true; 98 } 99 100 /** 101 * @access protected 102 * @abstract 103 * @return void 104 */ 105 abstract function buildXml(); 106 } -
_source/plugins/filebrowser/core/connector/php/php4/Core/Config.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage Config 10 */ 11 12 /** 13 * Include resource type config class 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/Core/ResourceTypeConfig.php"; 16 17 /** 18 * Main config parser 19 * 20 * 21 * @package CKEditor 22 * @subpackage Config 23 24 * @global string $GLOBALS['config'] 25 */ 26 class CKEditor_Connector_Core_Config 27 { 28 /** 29 * Is CKEditor enabled 30 * 31 * @var boolean 32 * @access private 33 */ 34 var $_isEnabled = false; 35 /** 36 * ResourceType config cache 37 * 38 * @var array 39 * @access private 40 */ 41 var $_resourceTypeConfigCache = array(); 42 /** 43 * Array with default resource types names 44 * 45 * @access private 46 * @var array 47 */ 48 var $_defaultResourceTypes = array(); 49 /** 50 * Filesystem encoding 51 * 52 * @var string 53 * @access private 54 */ 55 var $_filesystemEncoding; 56 /** 57 * Check double extension 58 * 59 * @var boolean 60 * @access private 61 */ 62 var $_checkDoubleExtension = true; 63 /** 64 * If set to true, validate image size 65 * 66 * @var boolean 67 * @access private 68 */ 69 var $_secureImageUploads = true; 70 /** 71 * For security, HTML is allowed in the first Kb of data for files having the following extensions only 72 * 73 * @var array 74 * @access private 75 */ 76 var $_htmlExtensions = array('html', 'htm', 'xml', 'xsd', 'txt', 'js'); 77 /** 78 * Chmod files after upload to the following permission 79 * 80 * @var integer 81 * @access private 82 */ 83 var $_chmodFiles = 0777; 84 /** 85 * Chmod directories after creation 86 * 87 * @var integer 88 * @access private 89 */ 90 var $_chmodFolders = 0755; 91 92 function CKEditor_Connector_Core_Config() 93 { 94 $this->loadValues(); 95 } 96 97 /** 98 * Get file system encoding, returns null if encoding is not set 99 * 100 * @access public 101 * @return string 102 */ 103 function getFilesystemEncoding() 104 { 105 return $this->_filesystemEncoding; 106 } 107 108 /** 109 * Get "secureImageUploads" value 110 * 111 * @access public 112 * @return boolean 113 */ 114 function getSecureImageUploads() 115 { 116 return $this->_secureImageUploads; 117 } 118 119 /** 120 * Get "htmlExtensions" value 121 * 122 * @access public 123 * @return array 124 */ 125 function getHtmlExtensions() 126 { 127 return $this->_htmlExtensions; 128 } 129 130 /** 131 * Get "Check double extension" value 132 * 133 * @access public 134 * @return boolean 135 */ 136 function getCheckDoubleExtension() 137 { 138 return $this->_checkDoubleExtension; 139 } 140 141 /** 142 * Get default resource types 143 * 144 * @access public 145 * @return array() 146 */ 147 function getDefaultResourceTypes() 148 { 149 return $this->_defaultResourceTypes; 150 } 151 152 /** 153 * Is CKEditor enabled 154 * 155 * @access public 156 * @return boolean 157 */ 158 function getIsEnabled() 159 { 160 return $this->_isEnabled; 161 } 162 163 /** 164 * Get chmod settings for uploaded files 165 * 166 * @access public 167 * @return integer 168 */ 169 function getChmodFiles() 170 { 171 return $this->_chmodFiles; 172 } 173 174 /** 175 * Get chmod settings for created directories 176 * 177 * @access public 178 * @return integer 179 */ 180 function getChmodFolders() 181 { 182 return $this->_chmodFolders; 183 } 184 185 /** 186 * Get resourceTypeName config 187 * 188 * @param string $resourceTypeName 189 * @return CKEditor_Connector_Core_ResourceTypeConfig|null 190 * @access public 191 */ 192 function &getResourceTypeConfig($resourceTypeName) 193 { 194 $_null = null; 195 196 if (isset($this->_resourceTypeConfigCache[$resourceTypeName])) { 197 return $this->_resourceTypeConfigCache[$resourceTypeName]; 198 } 199 200 if (!isset($GLOBALS['config']['ResourceType']) || !is_array($GLOBALS['config']['ResourceType'])) { 201 return $_null; 202 } 203 204 reset($GLOBALS['config']['ResourceType']); 205 while (list($_key,$_resourceTypeNode) = each($GLOBALS['config']['ResourceType'])) { 206 if ($_resourceTypeNode['name'] === $resourceTypeName) { 207 $this->_resourceTypeConfigCache[$resourceTypeName] = new CKEditor_Connector_Core_ResourceTypeConfig($_resourceTypeNode); 208 209 return $this->_resourceTypeConfigCache[$resourceTypeName]; 210 } 211 } 212 213 return $_null; 214 } 215 216 /** 217 * Load values from config 218 * 219 * @access private 220 */ 221 function loadValues() 222 { 223 if (function_exists('CheckAuthentication')) { 224 $this->_isEnabled = CheckAuthentication(); 225 } 226 if (isset($GLOBALS['config']['FilesystemEncoding'])) { 227 $this->_filesystemEncoding = (string)$GLOBALS['config']['FilesystemEncoding']; 228 } 229 if (isset($GLOBALS['config']['CheckDoubleExtension'])) { 230 $this->_checkDoubleExtension = CKEditor_Connector_Utils_Misc::booleanValue($GLOBALS['config']['CheckDoubleExtension']); 231 } 232 if (isset($GLOBALS['config']['SecureImageUploads'])) { 233 $this->_secureImageUploads = CKEditor_Connector_Utils_Misc::booleanValue($GLOBALS['config']['SecureImageUploads']); 234 } 235 if (isset($GLOBALS['config']['HtmlExtensions'])) { 236 $this->_htmlExtensions = (array)$GLOBALS['config']['HtmlExtensions']; 237 } 238 if (isset($GLOBALS['config']['ChmodFiles'])) { 239 $this->_chmodFiles = $GLOBALS['config']['ChmodFiles']; 240 } 241 if (isset($GLOBALS['config']['ChmodFolders'])) { 242 $this->_chmodFolders = $GLOBALS['config']['ChmodFolders']; 243 } 244 if (isset($GLOBALS['config']['DefaultResourceTypes'])) { 245 $_defaultResourceTypes = (string)$GLOBALS['config']['DefaultResourceTypes']; 246 if (strlen($_defaultResourceTypes)) { 247 $this->_defaultResourceTypes = explode(",", $_defaultResourceTypes); 248 } 249 } 250 } 251 252 /** 253 * Get all resource type names defined in config 254 * 255 * @return array 256 * @access public 257 */ 258 function getResourceTypeNames() 259 { 260 if (!isset($GLOBALS['config']['ResourceType']) || !is_array($GLOBALS['config']['ResourceType'])) { 261 return array(); 262 } 263 264 $_names = array(); 265 foreach ($GLOBALS['config']['ResourceType'] as $key => $_resourceType) { 266 if (isset($_resourceType['name'])) { 267 $_names[] = (string)$_resourceType['name']; 268 } 269 } 270 271 return $_names; 272 } 273 } 274 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/Core/Connector.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage Core 10 */ 11 12 /** 13 * Executes all commands 14 * 15 * @package CKEditor 16 * @subpackage Core 17 */ 18 class CKEditor_Connector_Core_Connector 19 { 20 /** 21 * Registry 22 * 23 * @var CKEditor_Connector_Core_Registry 24 * @access private 25 */ 26 var $_registry; 27 28 function CKEditor_Connector_Core_Connector() 29 { 30 $this->_registry =& CKEditor_Connector_Core_Factory::getInstance("Core_Registry"); 31 $this->_registry->set("errorHandler", "ErrorHandler_Base"); 32 } 33 34 /** 35 * Generic handler for invalid commands 36 * @access public 37 * 38 */ 39 function handleInvalidCommand() 40 { 41 $oErrorHandler =& $this->getErrorHandler(); 42 $oErrorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_COMMAND); 43 } 44 45 /** 46 * Execute command 47 * 48 * @param string $command 49 * @access public 50 */ 51 function executeCommand($command) 52 { 53 switch ($command) 54 { 55 case 'FileUpload': 56 $this->_registry->set("errorHandler", "ErrorHandler_FileUpload"); 57 $obj =& CKEditor_Connector_Core_Factory::getInstance("CommandHandler_".$command); 58 $obj->sendResponse(); 59 break; 60 61 case 'QuickUpload': 62 $this->_registry->set("errorHandler", "ErrorHandler_QuickUpload"); 63 $obj =& CKEditor_Connector_Core_Factory::getInstance("CommandHandler_".$command); 64 $obj->sendResponse(); 65 break; 66 67 case 'CreateFolder': 68 case 'GetFolders': 69 case 'GetFoldersAndFiles': 70 case 'Init': 71 $obj =& CKEditor_Connector_Core_Factory::getInstance("CommandHandler_".$command); 72 $obj->sendResponse(); 73 break; 74 75 default: 76 $this->handleInvalidCommand(); 77 break; 78 } 79 } 80 81 /** 82 * Get error handler 83 * 84 * @access public 85 * @return CKEditor_Connector_ErrorHandler_Base|CKEditor_Connector_ErrorHandler_FileUpload|CKEditor_Connector_ErrorHandler_Http 86 */ 87 function &getErrorHandler() 88 { 89 $_errorHandler = $this->_registry->get("errorHandler"); 90 $oErrorHandler =& CKEditor_Connector_Core_Factory::getInstance($_errorHandler); 91 return $oErrorHandler; 92 } 93 } 94 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/Core/Factory.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage Core 10 */ 11 12 /** 13 * Sigleton factory creating objects 14 * 15 * @package CKEditor 16 * @subpackage Core 17 */ 18 class CKEditor_Connector_Core_Factory 19 { 20 static $instances = array(); 21 22 /** 23 * Initiate factory 24 * @static 25 */ 26 function initFactory() 27 { 28 } 29 30 /** 31 * Get instance of specified class 32 * Short and Long class names are possible 33 * <code> 34 * $obj1 =& CKEditor_Connector_Core_Factory::getInstance("CKEditor_Connector_Core_Xml"); 35 * $obj2 =& CKEditor_Connector_Core_Factory::getInstance("Core_Xml"); 36 * </code> 37 * 38 * @param string $className class name 39 * @static 40 * @access public 41 * @return object 42 */ 43 function &getInstance($className) 44 { 45 $namespace = "CKEditor_Connector_"; 46 47 $baseName = str_replace($namespace,"",$className); 48 49 $className = $namespace.$baseName; 50 51 if (!isset(CKEditor_Connector_Core_Factory::$instances[$className])) { 52 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/" . str_replace("_","/",$baseName).".php"; 53 CKEditor_Connector_Core_Factory::$instances[$className] = new $className; 54 } 55 56 return CKEditor_Connector_Core_Factory::$instances[$className]; 57 } 58 } 59 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/Core/FolderHandler.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage Core 10 */ 11 12 /** 13 * Include file system utils class 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/Utils/FileSystem.php"; 16 17 /** 18 * @package CKEditor 19 * @subpackage Core 20 */ 21 class CKEditor_Connector_Core_FolderHandler 22 { 23 /** 24 * CKEditor_Connector_Core_ResourceTypeConfig object 25 * 26 * @var CKEditor_Connector_Core_ResourceTypeConfig 27 * @access private 28 */ 29 var $_resourceTypeConfig; 30 /** 31 * ResourceType name 32 * 33 * @var string 34 * @access private 35 */ 36 var $_resourceTypeName = ""; 37 /** 38 * Client path 39 * 40 * @var string 41 * @access private 42 */ 43 var $_clientPath = "/"; 44 /** 45 * Url 46 * 47 * @var string 48 * @access private 49 */ 50 var $_url; 51 /** 52 * Server path 53 * 54 * @var string 55 * @access private 56 */ 57 var $_serverPath; 58 /** 59 * Folder info 60 * 61 * @var mixed 62 * @access private 63 */ 64 var $_folderInfo; 65 66 function CKEditor_Connector_Core_FolderHandler() 67 { 68 if (isset($_GET["type"])) { 69 $this->_resourceTypeName = (string)$_GET["type"]; 70 } 71 72 if (isset($_GET["currentFolder"])) { 73 $this->_clientPath = CKEditor_Connector_Utils_FileSystem::convertToFilesystemEncoding((string)$_GET["currentFolder"]); 74 } 75 76 if (!strlen($this->_clientPath)) { 77 $this->_clientPath = "/"; 78 } 79 else { 80 if (substr($this->_clientPath, -1, 1) != "/") { 81 $this->_clientPath .= "/"; 82 } 83 if (substr($this->_clientPath, 0, 1) != "/") { 84 $this->_clientPath = "/" . $this->_clientPath; 85 } 86 } 87 } 88 89 /** 90 * Get resource type config 91 * 92 * @return CKEditor_Connector_Core_ResourceTypeConfig 93 * @access public 94 */ 95 function &getResourceTypeConfig() 96 { 97 if (!isset($this->_resourceTypeConfig)) { 98 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 99 $this->_resourceTypeConfig = $_config->getResourceTypeConfig($this->_resourceTypeName); 100 } 101 102 if (is_null($this->_resourceTypeConfig)) { 103 $connector =& CKEditor_Connector_Core_Factory::getInstance("Core_Connector"); 104 $oErrorHandler =& $connector->getErrorHandler(); 105 $oErrorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_TYPE); 106 } 107 108 return $this->_resourceTypeConfig; 109 } 110 111 /** 112 * Get resource type name 113 * 114 * @return string 115 * @access public 116 */ 117 function getResourceTypeName() 118 { 119 return $this->_resourceTypeName; 120 } 121 122 /** 123 * Get Client path 124 * 125 * @return string 126 * @access public 127 */ 128 function getClientPath() 129 { 130 return $this->_clientPath; 131 } 132 133 /** 134 * Get Url 135 * 136 * @return string 137 * @access public 138 */ 139 function getUrl() 140 { 141 if (is_null($this->_url)) { 142 $this->_resourceTypeConfig = $this->getResourceTypeConfig(); 143 if (is_null($this->_resourceTypeConfig)) { 144 $connector =& CKEditor_Connector_Core_Factory::getInstance("Core_Connector"); 145 $oErrorHandler =& $connector->getErrorHandler(); 146 $oErrorHandler->throwError(CKEDITOR_CONNECTOR_ERROR_INVALID_TYPE); 147 $this->_url = ""; 148 } 149 else { 150 $this->_url = $this->_resourceTypeConfig->getUrl() . ltrim($this->getClientPath(), "/"); 151 } 152 } 153 154 return $this->_url; 155 } 156 157 /** 158 * Get server path 159 * 160 * @return string 161 * @access public 162 */ 163 function getServerPath() 164 { 165 if (is_null($this->_serverPath)) { 166 $this->_resourceTypeConfig = $this->getResourceTypeConfig(); 167 $this->_serverPath = CKEditor_Connector_Utils_FileSystem::combinePaths($this->_resourceTypeConfig->getDirectory(), ltrim($this->_clientPath, "/")); 168 } 169 170 return $this->_serverPath; 171 } 172 } 173 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/Core/Registry.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage Core 10 */ 11 12 /** 13 * Registry for storing global variables values (not references) 14 * 15 * @package CKEditor 16 * @subpackage Core 17 */ 18 class CKEditor_Connector_Core_Registry 19 { 20 /** 21 * Arrat that stores all values 22 * 23 * @var array 24 * @access private 25 */ 26 var $_store = array(); 27 28 /** 29 * Chacke if value has been set 30 * 31 * @param string $key 32 * @return boolean 33 * @access private 34 */ 35 function isValid($key) 36 { 37 return array_key_exists($key, $this->_store); 38 } 39 40 /** 41 * Set value 42 * 43 * @param string $key 44 * @param mixed $obj 45 * @access public 46 */ 47 function set($key, $obj) 48 { 49 $this->_store[$key] = $obj; 50 } 51 52 /** 53 * Get value 54 * 55 * @param string $key 56 * @return mixed 57 * @access public 58 */ 59 function get($key) 60 { 61 if ($this->isValid($key)) { 62 return $this->_store[$key]; 63 } 64 } 65 } 66 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/Core/ResourceTypeConfig.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage Config 10 */ 11 12 /** 13 * This class keeps resource types configuration 14 * 15 * @package CKEditor 16 * @subpackage Config 17 */ 18 class CKEditor_Connector_Core_ResourceTypeConfig 19 { 20 /** 21 * Resource name 22 * 23 * @var string 24 * @access private 25 */ 26 var $_name = ""; 27 /** 28 * Resource url 29 * 30 * @var string 31 * @access private 32 */ 33 var $_url = ""; 34 /** 35 * Directory path on a server 36 * 37 * @var string 38 * @access private 39 */ 40 var $_directory = ""; 41 /** 42 * Array with allowed extensions 43 * 44 * @var array[]string 45 * @access private 46 */ 47 var $_allowedExtensions = array(); 48 /** 49 * Array with denied extensions 50 * 51 * @var array[]string 52 * @access private 53 */ 54 var $_deniedExtensions = array(); 55 /** 56 * used for CKEditor_Connector_Core_Config object caching 57 * 58 * @var CKEditor_Connector_Core_Config 59 * @access private 60 */ 61 var $_config; 62 63 /** 64 * Get ResourceType configuration 65 * 66 * @param string $resourceTypeNode 67 * @return array 68 * 69 */ 70 function CKEditor_Connector_Core_ResourceTypeConfig($resourceTypeNode) 71 { 72 if (isset($resourceTypeNode["name"])) { 73 $this->_name = $resourceTypeNode["name"]; 74 } 75 76 if (isset($resourceTypeNode["url"])) { 77 $this->_url = $resourceTypeNode["url"]; 78 } 79 80 if (!strlen($this->_url)) { 81 $this->_url = "/"; 82 } 83 else if (substr($this->_url,-1,1) != "/") { 84 $this->_url .= "/"; 85 } 86 87 if (isset($resourceTypeNode["directory"])) { 88 $this->_directory = $resourceTypeNode["directory"]; 89 } 90 91 if (!strlen($this->_directory)) { 92 $this->_directory = resolveUrl($this->_url); 93 } 94 95 if (isset($resourceTypeNode["allowedExtensions"])) { 96 if (is_array($resourceTypeNode["allowedExtensions"])) { 97 foreach ($resourceTypeNode["allowedExtensions"] as $extension) { 98 $this->_allowedExtensions[] = strtolower(trim((string)$e)); 99 } 100 } 101 else { 102 $resourceTypeNode["allowedExtensions"] = trim((string)$resourceTypeNode["allowedExtensions"]); 103 if (strlen($resourceTypeNode["allowedExtensions"])) { 104 $extensions = explode(",", $resourceTypeNode["allowedExtensions"]); 105 foreach ($extensions as $e) { 106 $this->_allowedExtensions[] = strtolower(trim($e)); 107 } 108 } 109 } 110 } 111 112 if (isset($resourceTypeNode["deniedExtensions"])) { 113 if (is_array($resourceTypeNode["deniedExtensions"])) { 114 115 foreach ($resourceTypeNode["deniedExtensions"] as $extension) { 116 $this->_deniedExtensions[] = strtolower(trim((string)$e)); 117 } 118 } 119 else { 120 $resourceTypeNode["deniedExtensions"] = trim((string)$resourceTypeNode["deniedExtensions"]); 121 if (strlen($resourceTypeNode["deniedExtensions"])) { 122 $extensions = explode(",", $resourceTypeNode["deniedExtensions"]); 123 foreach ($extensions as $e) { 124 $this->_deniedExtensions[] = strtolower(trim($e)); 125 } 126 } 127 } 128 } 129 } 130 131 /** 132 * Get name 133 * 134 * @access public 135 * @return string 136 */ 137 function getName() 138 { 139 return $this->_name; 140 } 141 142 /** 143 * Get url 144 * 145 * @access public 146 * @return string 147 */ 148 function getUrl() 149 { 150 return $this->_url; 151 } 152 153 /** 154 * Get directory 155 * 156 * @access public 157 * @return string 158 */ 159 function getDirectory() 160 { 161 return $this->_directory; 162 } 163 164 /** 165 * Get allowed extensions 166 * 167 * @access public 168 * @return array[]string 169 */ 170 function getAllowedExtensions() 171 { 172 return $this->_allowedExtensions; 173 } 174 175 /** 176 * Get denied extensions 177 * 178 * @access public 179 * @return array[]string 180 */ 181 function getDeniedExtensions() 182 { 183 return $this->_deniedExtensions; 184 } 185 186 /** 187 * Check extension, return true if file name is valid. 188 * Return false if extension is on denied list. 189 * If allowed extensions are defined, return false if extension isn't on allowed list. 190 * 191 * @access public 192 * @param string $extension extension 193 * @param boolean $renameIfRequired whether try to rename file or not 194 * @return boolean 195 */ 196 function checkExtension(&$fileName, $renameIfRequired = true) 197 { 198 if (strpos($fileName, '.') === false) { 199 return true; 200 } 201 202 if (is_null($this->_config)) { 203 $this->_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 204 } 205 206 $toCheck = array(); 207 208 if ($this->_config->getCheckDoubleExtension()) { 209 $pieces = explode('.', $fileName); 210 211 // First, check the last extension (ex. in file.php.jpg, the "jpg"). 212 if ( !$this->checkSingleExtension( $pieces[sizeof($pieces)-1] ) ) { 213 return false; 214 } 215 216 if ($renameIfRequired) { 217 // Check the other extensions, rebuilding the file name. If an extension is 218 // not allowed, replace the dot with an underscore. 219 $fileName = $pieces[0] ; 220 for ($i=1; $i<sizeof($pieces)-1; $i++) { 221 $fileName .= $this->checkSingleExtension( $pieces[$i] ) ? '.' : '_' ; 222 $fileName .= $pieces[$i]; 223 } 224 225 // Add the last extension to the final name. 226 $fileName .= '.' . $pieces[sizeof($pieces)-1] ; 227 } 228 } 229 else { 230 // Check only the last extension (ex. in file.php.jpg, only "jpg"). 231 return $this->checkSingleExtension( substr($fileName, strrpos($fileName,'.')+1) ); 232 } 233 234 return true; 235 } 236 237 function checkSingleExtension($extension) 238 { 239 $extension = strtolower(ltrim($extension,'.')); 240 241 if (sizeof($this->_deniedExtensions)) { 242 if (in_array($extension, $this->_deniedExtensions)) { 243 return false; 244 } 245 } 246 247 if (sizeof($this->_allowedExtensions)) { 248 return in_array($extension, $this->_allowedExtensions); 249 } 250 251 return true; 252 } 253 } -
_source/plugins/filebrowser/core/connector/php/php4/Core/Xml.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage Core 10 */ 11 12 /** 13 * Include basic Xml library 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/Utils/XmlNode.php"; 16 17 /** 18 * XML document 19 * 20 * @package CKEditor 21 * @subpackage Core 22 */ 23 class CKEditor_Connector_Core_Xml 24 { 25 /** 26 * Connector node (root) 27 * 28 * @var CKEditor_Connector_Utils_XmlNode 29 * @access private 30 */ 31 var $_connectorNode; 32 /** 33 * Error node 34 * 35 * @var CKEditor_Connector_Utils_XmlNode 36 * @access private 37 */ 38 var $_errorNode; 39 40 function CKEditor_Connector_Core_Xml() 41 { 42 $this->sendXmlHeaders(); 43 echo $this->getXMLDeclaration(); 44 $this->_connectorNode = new CKEditor_Connector_Utils_XmlNode("Connector"); 45 $this->_errorNode = new CKEditor_Connector_Utils_XmlNode("Error"); 46 $this->_connectorNode->addChild($this->_errorNode); 47 } 48 49 /** 50 * Return connector node 51 * 52 * @return CKEditor_Connector_Utils_XmlNode 53 * @access public 54 */ 55 function &getConnectorNode() 56 { 57 return $this->_connectorNode; 58 } 59 60 /** 61 * Return error node 62 * 63 * @return CKEditor_Connector_Utils_XmlNode 64 * @access public 65 */ 66 function &getErrorNode() 67 { 68 return $this->_errorNode; 69 } 70 71 /** 72 * Send XML headers to the browser (and force browser not to use cache) 73 * @access private 74 */ 75 function sendXmlHeaders() 76 { 77 // Prevent the browser from caching the result. 78 // Date in the past 79 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT') ; 80 // always modified 81 header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT') ; 82 // HTTP/1.1 83 header('Cache-Control: no-store, no-cache, must-revalidate') ; 84 header('Cache-Control: post-check=0, pre-check=0', false) ; 85 // HTTP/1.0 86 header('Pragma: no-cache') ; 87 88 // Set the response format. 89 header( 'Content-Type:text/xml; charset=utf-8' ) ; 90 } 91 92 /** 93 * Return XML declaration 94 * 95 * @access private 96 * @return string 97 */ 98 function getXMLDeclaration() 99 { 100 return '<?xml version="1.0" encoding="utf-8"?>'; 101 } 102 103 /** 104 * Send error message to the browser. If error number is set to 1, $text (custom error message) will be displayed 105 * Don't call this function directly 106 * 107 * @access public 108 * @param int $number error number 109 * @param string $text Custom error message (optional) 110 */ 111 function raiseError( $number, $text = false) 112 { 113 $this->_errorNode->addAttribute("number", intval($number)); 114 if (false!=$text) { 115 $this->_errorNode->addAttribute("text", $text); 116 } 117 118 echo $this->_connectorNode->asXML(); 119 } 120 } 121 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/ErrorHandler/Base.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage ErrorHandler 10 */ 11 12 /** 13 * Basic error handler 14 * 15 * @package CKEditor 16 * @subpackage ErrorHandler 17 */ 18 class CKEditor_Connector_ErrorHandler_Base 19 { 20 /** 21 * Try/catch emulation, if set to true, error handler will not throw any error 22 * 23 * @var boolean 24 * @access protected 25 */ 26 var $_catchAllErrors = false; 27 /** 28 * Array with error numbers that should be ignored 29 * 30 * @var array[]int 31 * @access protected 32 */ 33 var $_skipErrorsArray = array(); 34 35 /** 36 * Set whether all errors should be ignored 37 * 38 * @param boolean $newValue 39 * @access public 40 */ 41 function setCatchAllErros($newValue) 42 { 43 $this->_catchAllErrors = $newValue ? true : false; 44 } 45 46 /** 47 * Set which errors should be ignored 48 * 49 * @param array $newArray 50 */ 51 function setSkipErrorsArray($newArray) 52 { 53 if (is_array($newArray)) { 54 $this->_skipErrorsArray = $newArray; 55 } 56 } 57 58 /** 59 * Throw connector error, return true if error has been thrown, false if error has been catched 60 * 61 * @param int $number 62 * @param string $text 63 * @access public 64 */ 65 function throwError($number, $text = false) 66 { 67 if ($this->_catchAllErrors || in_array($number, $this->_skipErrorsArray)) { 68 return false; 69 } 70 71 $_xml =& CKEditor_Connector_Core_Factory::getInstance("Core_Xml"); 72 $_xml->raiseError($number,$text); 73 74 exit; 75 } 76 } 77 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/ErrorHandler/FileUpload.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage ErrorHandler 10 */ 11 12 /** 13 * Include base error handling class 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/ErrorHandler/Base.php"; 16 17 /** 18 * File upload error handler 19 * 20 * @package CKEditor 21 * @subpackage ErrorHandler 22 */ 23 class CKEditor_Connector_ErrorHandler_FileUpload extends CKEditor_Connector_ErrorHandler_Base 24 { 25 /** 26 * Throw file upload error, return true if error has been thrown, false if error has been catched 27 * 28 * @param int $number 29 * @param string $text 30 * @access public 31 */ 32 function throwError($number, $text = false, $exit = true) 33 { 34 if ($this->_catchAllErrors || in_array($number, $this->_skipErrorsArray)) { 35 return false; 36 } 37 38 $oRegistry =& CKEditor_Connector_Core_Factory::getInstance("Core_Registry"); 39 $sFileName = $oRegistry->get("FileUpload_fileName"); 40 41 echo "<script type=\"text/javascript\">"; 42 if (empty($text)) { 43 echo "window.parent.OnUploadCompleted(" . $number . ") ;"; 44 } 45 else { 46 echo "window.parent.OnUploadCompleted(" . $number . ",'" . str_replace("'", "\\'", $sFileName) . "') ;"; 47 } 48 echo "</script>"; 49 50 if ($exit) { 51 exit; 52 } 53 } 54 } 55 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/ErrorHandler/Http.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage ErrorHandler 10 */ 11 12 /** 13 * Include base error handling class 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/ErrorHandler/Base.php"; 16 17 /** 18 * HTTP error handler 19 * 20 * @package CKEditor 21 * @subpackage ErrorHandler 22 */ 23 class CKEditor_Connector_ErrorHandler_Http extends CKEditor_Connector_ErrorHandler_Base 24 { 25 /** 26 * Throw file upload error, return true if error has been thrown, false if error has been catched 27 * 28 * @param int $number 29 * @param string $text 30 * @access public 31 */ 32 function throwError($number, $text = false, $exit = true) 33 { 34 if ($this->_catchAllErrors || in_array($number, $this->_skipErrorsArray)) { 35 return false; 36 } 37 38 switch ($number) 39 { 40 case CKEDITOR_CONNECTOR_ERROR_INVALID_REQUEST: 41 case CKEDITOR_CONNECTOR_ERROR_INVALID_NAME: 42 case CKEDITOR_CONNECTOR_ERROR_UNAUTHORIZED: 43 header("HTTP/1.0 403 Forbidden"); 44 header("X-CKEditor-Error: ". $number); 45 break; 46 47 case CKEDITOR_CONNECTOR_ERROR_ACCESS_DENIED: 48 header("HTTP/1.0 500 Internal Server Error"); 49 header("X-CKEditor-Error: ".$number); 50 break; 51 52 default: 53 header("HTTP/1.0 404 Not Found"); 54 header("X-CKEditor-Error: ". $number); 55 break; 56 } 57 58 if ($exit) { 59 exit; 60 } 61 } 62 } 63 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/ErrorHandler/QuickUpload.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage ErrorHandler 10 */ 11 12 /** 13 * Include base error handling class 14 */ 15 require_once CKEDITOR_CONNECTOR_LIB_DIR . "/ErrorHandler/Base.php"; 16 17 /** 18 * File upload error handler 19 * 20 * @package CKEditor 21 * @subpackage ErrorHandler 22 */ 23 class CKEditor_Connector_ErrorHandler_QuickUpload extends CKEditor_Connector_ErrorHandler_Base 24 { 25 /** 26 * Throw file upload error, return true if error has been thrown, false if error has been catched 27 * 28 * @param int $number 29 * @param string $text 30 * @access public 31 */ 32 function throwError($number, $text = false, $exit = true) 33 { 34 if ($this->_catchAllErrors || in_array($number, $this->_skipErrorsArray)) { 35 return false; 36 } 37 38 $oRegistry =& CKEditor_Connector_Core_Factory::getInstance("Core_Registry"); 39 $sFileName = $oRegistry->get("FileUpload_fileName"); 40 $sFileUrl = $oRegistry->get("FileUpload_url"); 41 42 echo "<script type=\"text/javascript\">"; 43 if (empty($text)) { 44 echo "window.parent.OnUploadCompleted(" . $number . ", '', '', '') ;"; 45 } 46 else { 47 echo "window.parent.OnUploadCompleted(" . $number . ", '" .str_replace("'", "\\'", $sFileUrl . $sFileName). "', '" . str_replace("'", "\\'", $sFileName) . "', '') ;"; 48 } 49 echo "</script>"; 50 51 if ($exit) { 52 exit; 53 } 54 } 55 } 56 No newline at end of file -
_source/plugins/filebrowser/core/connector/php/php4/Utils/FileSystem.php
1 <?php 2 /* 3 * Copyright (c) 2003-2009, CKSource - Frederico Knabben. All rights reserved. 4 * For licensing, see LICENSE.html or http://ckeditor.com/license 5 */ 6 7 /** 8 * @package CKEditor 9 * @subpackage Utils 10 */ 11 12 /** 13 * @package CKEditor 14 * @subpackage Utils 15 */ 16 class CKEditor_Connector_Utils_FileSystem 17 { 18 19 /** 20 * This function behaves similar to System.IO.Path.Combine in C#, the only diffrenece is that it also accepts null values and treat them as empty string 21 * 22 * @static 23 * @access public 24 * @param string $path1 first path 25 * @param string $path2 scecond path 26 * @return string 27 */ 28 function combinePaths($path1, $path2) 29 { 30 if (is_null($path1)) { 31 $path1 = ""; 32 } 33 if (is_null($path2)) { 34 $path2 = ""; 35 } 36 if (!strlen($path2)) { 37 if (strlen($path1)) { 38 $_lastCharP1 = substr($path1, -1, 1); 39 if ($_lastCharP1 != "/" && $_lastCharP1 != "\\") { 40 $path1 .= DIRECTORY_SEPARATOR; 41 } 42 } 43 } 44 else { 45 $_firstCharP2 = substr($path2, 0, 1); 46 if (strlen($path1)) { 47 if (strpos($path2, $path1)===0) { 48 return $path2; 49 } 50 $_lastCharP1 = substr($path1, -1, 1); 51 if ($_lastCharP1 != "/" && $_lastCharP1 != "\\" && $_firstCharP2 != "/" && $_firstCharP2 != "\\") { 52 $path1 .= DIRECTORY_SEPARATOR; 53 } 54 } 55 else { 56 return $path2; 57 } 58 } 59 return $path1 . $path2; 60 } 61 62 /** 63 * Check whether $fileName is a valid file name, return true on success 64 * 65 * @static 66 * @access public 67 * @param string $fileName 68 * @return boolean 69 */ 70 function checkFileName($fileName) 71 { 72 if (is_null($fileName) || !strlen($fileName) || substr($fileName,-1,1)=="." || false!==strpos($fileName, "..")) { 73 return false; 74 } 75 76 if (preg_match(",[[:cntrl:]]|[/\\:\*\?\"\<\>\|],", $fileName)) { 77 return false; 78 } 79 80 return true; 81 } 82 83 /** 84 * Unlink file/folder 85 * 86 * @static 87 * @access public 88 * @param string $path 89 * @return boolean 90 */ 91 function unlink($path) 92 { 93 /* make sure the path exists */ 94 if (!file_exists($path)) { 95 return false; 96 } 97 98 /* If it is a file or link, just delete it */ 99 if (is_file($path) || is_link($path)) { 100 return @unlink($path); 101 } 102 103 /* Scan the dir and recursively unlink */ 104 $files = scandir($path); 105 if ($files) { 106 foreach($files as $filename) 107 { 108 if ($filename == '.' || $filename == '..') { 109 continue; 110 } 111 $file = str_replace('//','/',$path.'/'.$filename); 112 CKEditor_Connector_Utils_FileSystem::unlink($file); 113 } 114 } 115 116 /* Remove the parent dir */ 117 if (!@rmdir($path)) { 118 return false; 119 } 120 121 return true; 122 } 123 124 /** 125 * Return file name without extension (without dot & last part after dot) 126 * 127 * @static 128 * @access public 129 * @param string $fileName 130 * @return string 131 */ 132 function getFileNameWithoutExtension($fileName) 133 { 134 $dotPos = strrpos( $fileName, '.' ); 135 if (false === $dotPos) { 136 return $fileName; 137 } 138 139 return substr($fileName, 0, $dotPos); 140 } 141 142 /** 143 * Get file extension (only last part - e.g. extension of file.foo.bar.jpg = jpg) 144 * 145 * @static 146 * @access public 147 * @param string $fileName 148 * @return string 149 */ 150 function getExtension( $fileName ) 151 { 152 $dotPos = strrpos( $fileName, '.' ); 153 if (false === $dotPos) { 154 return ""; 155 } 156 157 return substr( $fileName, strrpos( $fileName, '.' ) +1 ) ; 158 } 159 160 /** 161 * Convert file name from UTF-8 to system encoding 162 * 163 * @static 164 * @access public 165 * @param string $fileName 166 * @return string 167 */ 168 function convertToFilesystemEncoding($fileName) 169 { 170 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 171 $encoding = $_config->getFilesystemEncoding(); 172 if (is_null($encoding) || strcasecmp($encoding, "UTF-8") == 0 || strcasecmp($encoding, "UTF8") == 0) { 173 return $fileName; 174 } 175 176 if (!function_exists("iconv")) { 177 if (strcasecmp($encoding, "ISO-8859-1") == 0 || strcasecmp($encoding, "ISO8859-1") == 0 || strcasecmp($encoding, "Latin1") == 0) { 178 return str_replace("\0", "_", utf8_decode($fileName)); 179 } else if (function_exists('mb_convert_encoding')) { 180 /** 181 * @todo check whether charset is supported - mb_list_encodings 182 */ 183 $encoded = @mb_convert_encoding($fileName, $encoding, 'UTF-8'); 184 if (@mb_strlen($fileName, "UTF-8") != @mb_strlen($encoded, $encoding)) { 185 return str_replace("\0", "_", preg_replace("/[^[:ascii:]]/u","_",$fileName)); 186 } 187 else { 188 return str_replace("\0", "_", $encoded); 189 } 190 } else { 191 return str_replace("\0", "_", preg_replace("/[^[:ascii:]]/u","_",$fileName)); 192 } 193 } 194 195 $converted = @iconv("UTF-8", $encoding . "//IGNORE//TRANSLIT", $fileName); 196 if ($converted === false) { 197 return str_replace("\0", "_", preg_replace("/[^[:ascii:]]/u","_",$fileName)); 198 } 199 200 return $converted; 201 } 202 203 /** 204 * Convert file name from system encoding into UTF-8 205 * 206 * @static 207 * @access public 208 * @param string $fileName 209 * @return string 210 */ 211 function convertToConnectorEncoding($fileName) 212 { 213 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 214 $encoding = $_config->getFilesystemEncoding(); 215 if (is_null($encoding) || strcasecmp($encoding, "UTF-8") == 0 || strcasecmp($encoding, "UTF8") == 0) { 216 return $fileName; 217 } 218 219 if (!function_exists("iconv")) { 220 if (strcasecmp($encoding, "ISO-8859-1") == 0 || strcasecmp($encoding, "ISO8859-1") == 0 || strcasecmp($encoding, "Latin1") == 0) { 221 return utf8_encode($fileName); 222 } else { 223 return $fileName; 224 } 225 } 226 227 $converted = @iconv($encoding, "UTF-8", $fileName); 228 229 if ($converted === false) { 230 return $fileName; 231 } 232 233 return $converted; 234 } 235 236 /** 237 * Find document root 238 * 239 * @return string 240 * @access public 241 */ 242 function getDocumentRootPath() 243 { 244 /** 245 * The absolute pathname of the currently executing script. 246 * If a script is executed with the CLI, as a relative path, such as file.php or ../file.php, 247 * $_SERVER['SCRIPT_FILENAME'] will contain the relative path specified by the user. 248 */ 249 if (isset($_SERVER['SCRIPT_FILENAME'])) { 250 $sRealPath = dirname($_SERVER['SCRIPT_FILENAME']); 251 } 252 else { 253 /** 254 * realpath — Returns canonicalized absolute pathname 255 */ 256 $sRealPath = realpath( './' ) ; 257 } 258 259 /** 260 * The filename of the currently executing script, relative to the document root. 261 * For instance, $_SERVER['PHP_SELF'] in a script at the address http://example.com/test.php/foo.bar 262 * would be /test.php/foo.bar. 263 */ 264 $sSelfPath = dirname($_SERVER['PHP_SELF']); 265 266 return substr($sRealPath, 0, strlen($sRealPath) - strlen($sSelfPath)); 267 } 268 269 /** 270 * Create directory recursively 271 * 272 * @access public 273 * @static 274 * @param string $dir 275 * @return boolean 276 */ 277 function createDirectoryRecursively($dir) 278 { 279 if (DIRECTORY_SEPARATOR === "\\") { 280 $dir = str_replace("/", "\\", $dir); 281 } 282 else if (DIRECTORY_SEPARATOR === "/") { 283 $dir = str_replace("\\", "/", $dir); 284 } 285 286 $_config =& CKEditor_Connector_Core_Factory::getInstance("Core_Config"); 287 if ($perms = $_config->getChmodFolders()) { 288 $oldUmask = umask(0); 289 $bCreated = @mkdir($dir, $perms, true); 290 umask($oldUmask); 291 } 292 else { 293 $bCreated = @mkdir($dir, 0777, true); 294 } 295 296 return $bCreated; 297 } 298 299 /** 300 * Detect HTML in the first KB to prevent against potential security issue with 301 * IE/Safari/Opera file type auto detection bug. 302 * Returns true if file contain insecure HTML code at the beginning. 303 * 304 * @static 305 * @access public 306 * @param string $filePath absolute path to file 307 * @return boolean 308 */ 309 function detectHtml($filePath) 310 { 311 $fp = @fopen($filePath, 'rb'); 312 if ( $fp === false || !flock( $fp, LOCK_SH ) ) { 313 return -1 ; 314 } 315 $chunk = fread($fp, 1024); 316 flock( $fp, LOCK_UN ) ; 317 fclose($fp); 318 319 $chunk = strtolower($chunk); 320 321 if (!$chunk) { 322 return false; 323 } 324 325 $chunk = trim($chunk); 326 327 if (preg_match("/<!DOCTYPE\W*X?HTML/sim", $chunk)) { 328 return true; 329 } 330 331 $tags = array('<body', '<head', '<html', '<img', '<pre', '<script', '<table', '<title'); 332 333 foreach( $tags as $tag ) { 334 if (false !== strpos($chunk, $tag)) { 335 return true ; 336 } 337 } 338 339 //type = javascript 340 if (preg_match('!type\s*=\s*[\'"]?\s*(?:\w*/)?(?:ecma|java)!sim', $chunk)) { 341 return true ; 342 } 343 344 //href = javascript 345 //src = javascript 346 //data = javascript 347 if (preg_match('!(?:href|src|data)\s*=\s*[\'"]?\s*(?:ecma|java)script:!sim',$chunk)) { 348 return true ; 349 } 350 351 //url(javascript 352 if (preg_match('!url\s*\(\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk)) { 353 return true ; 354 } 355 356 return false ; 357 } 358 359 /** 360 * Check file content. 361 * Currently this function validates only image files. 362 * Returns false if file is invalid. 363 * 364 * @static 365 * @access public 366 * @param string $filePath absolute path to file 367 * @param string $extension file extension 368 * @param integer $detectionLevel 0 = none, 1 = use getimagesize for images, 2 = use DetectHtml for images 369 * @return boolean 370 */ 371 function isImageValid($filePath, $extension) 372 { 373 if (!@is_readable($filePath)) { 374 return -1; 375 } 376 377 $imageCheckExtensions = array('gif', 'jpeg', 'jpg', 'png', 'psd', 'bmp', 'tiff'); 378 379 // version_compare is available since PHP4 >= 4.0.7 380 if ( function_exists( 'version_compare' ) ) { 381 $sCurrentVersion = phpversion(); 382 if ( version_compare( $sCurrentVersion, "4.2.0" ) >= 0 ) { 383 $imageCheckExtensions[] = "tiff"; 384 $imageCheckExtensions[] = "tif"; 385 } 386 if ( version_compare( $sCurrentVersion, "4.3.0" ) >= 0 ) { 387 $imageCheckExtensions[] = "swc"; 388