Opened 12 years ago

Closed 11 years ago

#306 closed New Feature (duplicate)

Patch (diff and zip) to implement subdirectory, regex, overwriting configurability in PHP connector

Reported by: Thomas Tallyce Owned by: Frederico Caldeira Knabben
Priority: Normal Milestone:
Component: Server : PHP Version: FCKeditor 2.4.1
Keywords: Cc:

Description

This is a continuation of http://sourceforge.net/tracker/index.php?func=detail&aid=1457770&group_id=75348&atid=543655


This is a patch to FCKeditor 2.4.1, specifically the PHP connector.

It implements the following:

  • Configurability of subdirectories (i.e. so File/ , Image/ etc. can be changed)
  • Regular expression validation of uploaded files (e.g. to disallow spaces and other characters in filenames, or whatever you want)
  • Configurability of what behaviour to adopt when a file of the same name is uploaded (at present the new file gets a new name, which means that links to (e.g.) a new report version have to be changed, which is not good).

Patch was developed with PHP error_reporting at 2047 so no warnings/errors generated.

The changes which involve new items in the configuration file make an isset() check first that the config file includes them, and continues without problems if not. This means that an older config file can safely be used by people who don't have time to check out the new options.

The patch implements the following. This is roughly the order of the code shown in the patch. I hope this should be easy to merge into the source tree.

Full details:

1. REGULAR EXPRESSION VALIDATION FOR UPLOADED FILES

People creating filenames with spaces and other disallowed characters is a particular problem here.

The patch adds $Config['Regexp'] to each resource type. Checking against the regexp, if the configured value is not empty, is done in the same line of code as the check for allowed/disallowed extensions.

2. CONFIGURATION OF 'SAME FILE NAME' BEHAVIOUR

FCKeditor 2.4.1 and previous have the behaviour that, if a user uploads a file where the name of the file already exists, the new file becomes file(1).extension or file(2).extension etc.

We have found this to be extremely problematic, because it means that when a new version of a report is put online, the old one is kept there (and stays in google), and all links pointing to the report have to be changed to the new one.

What this patch does is enable configurability of what should happen when a file is uploaded that has the same name. There are four choices, clearly documented in the config file:

  • renameold - (default behaviour) backs up the version on the server to the same name + timestamp appended to the filename (after the extension)
  • overwrite - overwrites the version on the server with the same name
  • newname - gives the uploaded file a new name (this was the (unconfigurable) behaviour in FCKeditor2.2)
  • false - shows an error so that the file uploading fails

The first seems to me to be the most sensible, so that it set as the default, though we could change that if you disagree. I think 'newname' (i.e. the current behaviour) really is should not be the default.

The patch works as follows:

A check using if ( is_file( $sFilePath ) ) { is done to see if a clash is going to occur. If so, $sFilenameClashBehaviour is created by checking the config file value if one is supplied.

switch ($sFilenameClashBehaviour) { then takes the appropriate action, as one of the four options above. You'll recognise that the code for 'newname' is more or less as before - I've just added the other options as switch case statements.

New error numbers 204, 205, 206 have been added which gives the user a clearer idea of what happened if the names clashed. These are thus defined in OnUploadCompleted() in frmupload.html

3. CONFIGURABILITY OF SUBDIRECTORIES

This is a real problem at present. FCKeditor 2.4.1 assumes that images will be in Image/, files in File/ etc. There are *lots* of sourceforge requests for this to be changeable. This was easy to add:

$Config['Subdirectory'] has been added for each media type.

$GLOBALS['Subdirectory'] = $Config['Subdirectory'] ; is then done to import the values.

I then added a function GetResourceTypeSubdirectory ( $resourceType ) which returns the subdirectory based on the supplied resource type setting (or the default, as before).

Then in the two places where there is something like return $GLOBALS["UserFilesPath"] . $resourceType . $folderPath ;

this just becomes return $GLOBALS["UserFilesPath"] . GetResourceTypeSubdirectory ( $resourceType ) . $folderPath ;

4. PATCH TO CORRECT A PROBLEM IN CreateServerFolder()

mkdir() may fail on certain platforms when a $folderPath has in rather than /

So I've created a simple patch to remove these mistaken double slashes.

5. CORRECTION OF TWO TYPOS

in config.php:

- SECURITY: You must explicitelly enable this "connector". (Set it to "true"). + SECURITY: You must explicitly enable this "connector". (Set it to "true").

- user files directory. Usefull if you are using a virtual directory, symbolic + user files directory. Useful if you are using a virtual directory, symbolic

6. ADDITION OF A FEW COMMENTS TO THE CONFIG FILE

I've added some notes to clarify the meaning of two settings:

-$Config['UserFilesPath'] = '/UserFiles/' ;
+$Config['UserFilesPath'] = '/UserFiles/' ; // Set to / if you want filebrowsing across the whole site directory

-$Config['UserFilesAbsolutePath'] = '' ;
+$Config['UserFilesAbsolutePath'] = '' ; // Set to $_SERVER['DOCUMENT_ROOT'] if you want filebrowsing across the whole site

Attachments (2)

phpconnector-diff-v241-v1-tallyce.txt (12.1 KB) - added by Thomas Tallyce 12 years ago.
Diff for FCKeditor2.4.1 to implement subdirectory,regexp,overwriting configuration
phpconnector-changedfiles-v241-v1-tallyce.zip (8.5 KB) - added by Thomas Tallyce 12 years ago.
Zip version of changed files for FCKeditor2.4.1 to implement subdirectory,regexp,overwriting configuration

Download all attachments as: .zip

Change History (10)

Changed 12 years ago by Thomas Tallyce

Diff for FCKeditor2.4.1 to implement subdirectory,regexp,overwriting configuration

Changed 12 years ago by Thomas Tallyce

Zip version of changed files for FCKeditor2.4.1 to implement subdirectory,regexp,overwriting configuration

comment:1 Changed 12 years ago by Thomas Tallyce

Patch is released under LGPL and entirely my own work. I hope it can be included in a future version.

comment:2 Changed 12 years ago by Alfonso Martínez de Lizarrondo

#412 has been marked as a duplicate.

comment:3 Changed 12 years ago by Michel

I am getting the error: header already loaded. What am I doing wrong?? I am using the last version!

In file basexml.php

function SetXmlHeaders() {

ob_end_clean() ;

Prevent the browser from caching the result. Date in the past

--> header('Expires: Mon, 26 Jul 1997 05:00:00 GMT') ;

always modified

--> header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT') ;

HTTP/1.1

--> header('Cache-Control: no-store, no-cache, must-revalidate') ; --> header('Cache-Control: post-check=0, pre-check=0', false) ;

HTTP/1.0

--> header('Pragma: no-cache') ;

Set the response format.

--> header( 'Content-Type:text/xml; charset=utf-8' ) ; }

Error revering to the lines with the --> in front!!

Tried for version 2.4.1 and 2.4.2

comment:4 Changed 12 years ago by Paul Moers

On https://sourceforge.net/tracker/index.php?func=detail&aid=1551296&group_id=75348&atid=543655 you say that this is the PHP version of 'Per User Directory' patch, but that functionality is not descibed above?

comment:5 Changed 12 years ago by Thomas Tallyce

@saul11

Apologies, I misunderstood - 'per user directory' stuff would be something you set in your calling script. I don't see how FCKeditor could generically handle that, though I might be wrong.

comment:6 Changed 11 years ago by Thomas Tallyce

Regexp validation (i.e. point 1 in the above list) moved to #1650 with new patch for FCKeditor 2.5 attached there.

comment:7 Changed 11 years ago by Thomas Tallyce

Filename clash control (i.e. point 2 in the above list) moved to #1651 with new patch for FCKeditor 2.5 attached there.

comment:8 Changed 11 years ago by Alfonso Martínez de Lizarrondo

Resolution: duplicate
Status: newclosed

the other issues are fixed, so closing this metabug

Note: See TracTickets for help on using tickets.
© 2003 – 2019 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy