userFilesPath = config.userFilesPath; lAllowedExtensions = config.allowedExtensions[url.type]; lDeniedExtensions = config.deniedExtensions[url.type]; if ( find("/",getBaseTemplatePath()) neq 0 ) { fs = "/"; } else { fs = "\"; } // Get the base physical path to the web root for this application. The code to determine the path automatically assumes that // the "FCKeditor" directory in the http request path is directly off the web root for the application and that it's not a // virtual directory or a symbolic link / junction. Use the serverPath config setting to force a physical path if necessary. if ( len(config.serverPath) ) { serverPath = config.serverPath; } else { serverPath = replaceNoCase(getBaseTemplatePath(),replace(cgi.script_name,"/",fs,"all"),""); } // map the user files path to a physical directory userFilesServerPath = serverPath & userFilesPath & url.type & replace(url.currentFolder,"/",fs,"all"); //make sure userFilesPath is formatted correctly userFilesServerPath = replace(userFilesServerPath, "/", "\", "ALL"); userFilesServerPath = replace(userFilesServerPath, "\\", "\", "ALL"); xmlContent = ""; // append to this string to build content "> "> "> errorNumber = 0; fileName = cffile.ClientFileName; fileExt = cffile.ServerFileExt; // munge filename for html download. Only a-z, 0-9, _, - and . are allowed if( reFind("[^A-Za-z0-9_\-\.]", fileName) ) { fileName = reReplace(fileName, "[^A-Za-z0-9\-\.]", "_", "ALL"); fileName = reReplace(fileName, "_{2,}", "_", "ALL"); fileName = reReplace(fileName, "([^_]+)_+$", "\1", "ALL"); fileName = reReplace(fileName, "$_([^_]+)$", "\1", "ALL"); } // When the original filename already exists, add numbers (0), (1), (2), ... at the end of the filename. if( compare( cffile.ServerFileName, fileName ) ) { counter = 0; tmpFileName = fileName; while( fileExists("#currentFolderPath##fileName#.#fileExt#") ) { counter = counter + 1; fileName = tmpFileName & '(#counter#)'; } } i=1; folders = ""; while( i lte qDir.recordCount ) { if( not compareNoCase( qDir.type[i], "FILE" )) break; if( not listFind(".,..", qDir.name[i]) ) folders = folders & ''; i=i+1; } xmlContent = xmlContent & '' & folders & ''; i=1; folders = ""; files = ""; while( i lte qDir.recordCount ) { if( not compareNoCase( qDir.type[i], "DIR" ) and not listFind(".,..", qDir.name[i]) ) { folders = folders & ''; } else if( not compareNoCase( qDir.type[i], "FILE" ) ) { fileSizeKB = round(qDir.size[i] / 1024); files = files & ''; } i=i+1; } xmlContent = xmlContent & '' & folders & ''; xmlContent = xmlContent & '' & files & ''; newFolderName = url.newFolderName; if( reFind("[^A-Za-z0-9_\-\.]", newFolderName) ) { // Munge folder name same way as we do the filename // This means folder names are always US-ASCII so we don't have to worry about CF5 and UTF-8 newFolderName = reReplace(newFolderName, "[^A-Za-z0-9\-\.]", "_", "all"); newFolderName = reReplace(newFolderName, "_{2,}", "_", "all"); newFolderName = reReplace(newFolderName, "([^_]+)_+$", "\1", "all"); newFolderName = reReplace(newFolderName, "$_([^_]+)$", "\1", "all"); } '> xmlHeader = ''; xmlHeader = xmlHeader & ''; xmlFooter = ''; #xmlHeader##xmlContent##xmlFooter# /* // make sure the user files path is correctly formatted userFilesPath = replace(userFilesPath, "\", "/", "ALL"); if ( right(userFilesPath,1) neq "/" ) { userFilesPath = userFilesPath & "/"; } // make sure the current folder is correctly formatted url.currentFolder = replace(url.currentFolder, "\", "/", "ALL"); url.currentFolder = replace(url.currentFolder, '//', '/', 'ALL'); if ( right(url.currentFolder,1) neq "/" ) { url.currentFolder = url.currentFolder & "/"; } if ( left(url.currentFolder,1) neq "/" ) { url.currentFolder = "/" & url.currentFolder; }*/