PageRenderTime 23ms CodeModel.GetById 17ms app.highlight 2ms RepoModel.GetById 1ms app.codeStats 1ms

/pigeoncms/Plugins/fckeditor/editor/filemanager/connectors/cfm/cf5_connector.cfm

http://pigeoncms.googlecode.com/
ColdFusion | 330 lines | 243 code | 43 blank | 44 comment | 10 complexity | c866a33871193abced9804e57f09790d MD5 | raw file
  1<cfsetting enablecfoutputonly="yes" showdebugoutput="no">
  2<!---
  3 * FCKeditor - The text editor for Internet - http://www.fckeditor.net
  4 * Copyright (C) 2003-2009 Frederico Caldeira Knabben
  5 *
  6 * == BEGIN LICENSE ==
  7 *
  8 * Licensed under the terms of any of the following licenses at your
  9 * choice:
 10 *
 11 *  - GNU General Public License Version 2 or later (the "GPL")
 12 *    http://www.gnu.org/licenses/gpl.html
 13 *
 14 *  - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
 15 *    http://www.gnu.org/licenses/lgpl.html
 16 *
 17 *  - Mozilla Public License Version 1.1 or later (the "MPL")
 18 *    http://www.mozilla.org/MPL/MPL-1.1.html
 19 *
 20 * == END LICENSE ==
 21 *
 22 * File Browser connector for ColdFusion 5.
 23 * (based on the original CF connector by Hendrik Kramer - hk@lwd.de)
 24 *
 25 * Note:
 26 * FCKeditor requires that the connector responds with UTF-8 encoded XML.
 27 * As ColdFusion 5 does not fully support UTF-8 encoding, we force ASCII
 28 * file and folder names in this connector to allow CF5 send a UTF-8
 29 * encoded response - code points under 127 in UTF-8 are stored using a
 30 * single byte, using the same encoding as ASCII, which is damn handy.
 31 * This is all grand for the English speakers, like meself, but I dunno
 32 * how others are gonna take to it. Well, the previous version of this
 33 * connector already did this with file names and nobody seemed to mind,
 34 * so fingers-crossed nobody will mind their folder names being munged too.
 35 *
 36--->
 37
 38<cfparam name="url.command">
 39<cfparam name="url.type">
 40<cfparam name="url.currentFolder">
 41<!--- note: no serverPath url parameter - see config.cfm if you need to set the serverPath manually --->
 42
 43<cfinclude template="config.cfm">
 44
 45<cfscript>
 46	userFilesPath = config.userFilesPath;
 47
 48	if ( userFilesPath eq "" )
 49	{
 50		userFilesPath = "/userfiles/";
 51	}
 52
 53	// make sure the user files path is correctly formatted
 54	userFilesPath = replace(userFilesPath, "\", "/", "ALL");
 55	userFilesPath = replace(userFilesPath, '//', '/', 'ALL');
 56	if ( right(userFilesPath,1) NEQ "/" )
 57	{
 58		userFilesPath = userFilesPath & "/";
 59	}
 60	if ( left(userFilesPath,1) NEQ "/" )
 61	{
 62		userFilesPath = "/" & userFilesPath;
 63	}
 64
 65	// make sure the current folder is correctly formatted
 66	url.currentFolder = replace(url.currentFolder, "\", "/", "ALL");
 67	url.currentFolder = replace(url.currentFolder, '//', '/', 'ALL');
 68	if ( right(url.currentFolder,1) neq "/" )
 69	{
 70		url.currentFolder = url.currentFolder & "/";
 71	}
 72	if ( left(url.currentFolder,1) neq "/" )
 73	{
 74		url.currentFolder = "/" & url.currentFolder;
 75	}
 76
 77	if ( find("/",getBaseTemplatePath()) neq 0 )
 78	{
 79		fs = "/";
 80	}
 81	else
 82	{
 83		fs = "\";
 84	}
 85
 86	// Get the base physical path to the web root for this application. The code to determine the path automatically assumes that
 87	// the "FCKeditor" directory in the http request path is directly off the web root for the application and that it's not a
 88	// virtual directory or a symbolic link / junction. Use the serverPath config setting to force a physical path if necessary.
 89	if ( len(config.serverPath) )
 90	{
 91		serverPath = config.serverPath;
 92
 93		if ( right(serverPath,1) neq fs )
 94		{
 95			serverPath = serverPath & fs;
 96		}
 97	}
 98	else
 99	{
100		serverPath = replaceNoCase(getBaseTemplatePath(),replace(cgi.script_name,"/",fs,"all"),"") & replace(userFilesPath,"/",fs,"all");
101	}
102
103	rootPath = left( serverPath, Len(serverPath) - Len(userFilesPath) ) ;
104	xmlContent = ""; // append to this string to build content
105	invalidName = false;
106</cfscript>
107
108
109<cfif not config.enabled>
110
111	<cfset xmlContent = "<Error number=""1"" text=""This connector is disabled. Please check the 'editor/filemanager/connectors/cfm/config.cfm' file"" />">
112
113<cfelseif find("..",url.currentFolder) or find("\",url.currentFolder) or REFind('(/\.)|(//)|[[:cntrl:]]|([\\:\*\?\"<>])', url.currentFolder)>
114
115	<cfset invalidName = true>
116	<cfset xmlContent = "<Error number=""102"" />">
117
118<cfelseif isDefined("Config.ConfigAllowedCommands") and not ListFind(Config.ConfigAllowedCommands, url.command)>
119
120	<cfset invalidName = true>
121	<cfset xmlContent = '<Error number="1" text="The &quot;' & HTMLEditFormat(url.command) & '&quot; command isn''t allowed" />'>
122
123<cfelseif isDefined("Config.ConfigAllowedTypes") and not ListFind(Config.ConfigAllowedTypes, url.type)>
124
125	<cfset invalidName = true>
126	<cfset xmlContent = '<Error number="1" text="Invalid type specified" />'>
127
128</cfif>
129
130<cfset resourceTypeUrl = "">
131<cfif not len(xmlContent)>
132<cfset resourceTypeUrl = rereplace( replace( Config.FileTypesPath[url.type], fs, "/", "all"), "/$", "") >
133
134<cfif isDefined( "Config.FileTypesAbsolutePath" )
135		and structkeyexists( Config.FileTypesAbsolutePath, url.type )
136		and Len( Config.FileTypesAbsolutePath[url.type] )>
137
138			<cfset userFilesServerPath = Config.FileTypesAbsolutePath[url.type] & url.currentFolder>
139<cfelse>
140	<cftry>
141	<cfset userFilesServerPath = expandpath( resourceTypeUrl ) & url.currentFolder>
142	<!--- Catch: Parameter 1 of function ExpandPath must be a relative path --->
143	<cfcatch type="any">
144		<cfset userFilesServerPath = rootPath & Config.FileTypesPath[url.type] & url.currentFolder>
145	</cfcatch>
146	</cftry>
147</cfif>
148
149<cfset userFilesServerPath = replace( userFilesServerPath, "/", fs, "all" ) >
150<!--- get rid of double directory separators --->
151<cfset userFilesServerPath = replace( userFilesServerPath, fs & fs, fs, "all") >
152
153<cfset resourceTypeDirectory = left( userFilesServerPath, Len(userFilesServerPath) - Len(url.currentFolder) )>
154</cfif>
155
156<cfif not len(xmlContent) and not directoryexists(resourceTypeDirectory)>
157	<!--- create directories in physical path if they don't already exist --->
158	<cfset currentPath = "">
159	<cftry>
160		<cfloop list="#resourceTypeDirectory#" index="name" delimiters="#fs#">
161			<cfif currentPath eq "" and fs eq "\">
162				<!--- Without checking this, we would have in Windows \C:\ --->
163				<cfif not directoryExists(name)>
164					<cfdirectory action="create" directory="#name#" mode="755">
165				</cfif>
166			<cfelse>
167				<cfif not directoryExists(currentPath & fs & name)>
168					<cfdirectory action="create" directory="#currentPath##fs##name#" mode="755">
169				</cfif>
170			</cfif>
171
172			<cfif fs eq "\" and currentPath eq "">
173				<cfset currentPath = name>
174			<cfelse>
175				<cfset currentPath = currentPath & fs & name>
176			</cfif>
177		</cfloop>
178
179	<cfcatch type="any">
180
181		<!--- this should only occur as a result of a permissions problem --->
182		<cfset xmlContent = "<Error number=""103"" />">
183
184	</cfcatch>
185
186	</cftry>
187</cfif>
188
189<cfif not len(xmlContent)>
190
191	<!--- no errors thus far - run command --->
192
193	<!--- we need to know the physical path to the current folder for all commands --->
194	<cfset currentFolderPath = userFilesServerPath>
195
196	<cfswitch expression="#url.command#">
197
198		<cfcase value="FileUpload">
199			<cfset config_included = true >
200			<cfinclude template="cf5_upload.cfm">
201			<cfabort>
202		</cfcase>
203
204
205		<cfcase value="GetFolders">
206
207			<!--- Sort directories first, name ascending --->
208			<cfdirectory
209				action="list"
210				directory="#currentFolderPath#"
211				name="qDir"
212				sort="type,name">
213
214			<cfscript>
215				i=1;
216				folders = "";
217				while( i lte qDir.recordCount ) {
218					if( not compareNoCase( qDir.type[i], "FILE" ))
219						break;
220					if( not listFind(".,..", qDir.name[i]) )
221						folders = folders & '<Folder name="#HTMLEditFormat( qDir.name[i] )#" />';
222					i=i+1;
223				}
224
225				xmlContent = xmlContent & '<Folders>' & folders & '</Folders>';
226			</cfscript>
227
228		</cfcase>
229
230
231		<cfcase value="GetFoldersAndFiles">
232
233			<!--- Sort directories first, name ascending --->
234			<cfdirectory
235				action="list"
236				directory="#currentFolderPath#"
237				name="qDir"
238				sort="type,name">
239
240			<cfscript>
241				i=1;
242				folders = "";
243				files = "";
244				while( i lte qDir.recordCount ) {
245					if( not compareNoCase( qDir.type[i], "DIR" ) and not listFind(".,..", qDir.name[i]) ) {
246						folders = folders & '<Folder name="#HTMLEditFormat(qDir.name[i])#" />';
247					} else if( not compareNoCase( qDir.type[i], "FILE" ) ) {
248						fileSizeKB = round(qDir.size[i] / 1024);
249						files = files & '<File name="#HTMLEditFormat(qDir.name[i])#" size="#IIf( fileSizeKB GT 0, DE( fileSizeKB ), 1)#" />';
250					}
251					i=i+1;
252				}
253
254				xmlContent = xmlContent & '<Folders>' & folders & '</Folders>';
255				xmlContent = xmlContent & '<Files>' & files & '</Files>';
256			</cfscript>
257
258		</cfcase>
259
260
261		<cfcase value="CreateFolder">
262
263			<cfparam name="url.newFolderName" default="">
264
265			<cfscript>
266				newFolderName = url.newFolderName;
267				if( reFind("[^A-Za-z0-9_\-\.]", newFolderName) ) {
268					// Munge folder name same way as we do the filename
269					// This means folder names are always US-ASCII so we don't have to worry about CF5 and UTF-8
270					newFolderName = reReplace(newFolderName, "[^A-Za-z0-9\-\.]", "_", "all");
271					newFolderName = reReplace(newFolderName, "_{2,}", "_", "all");
272					newFolderName = reReplace(newFolderName, "([^_]+)_+$", "\1", "all");
273					newFolderName = reReplace(newFolderName, "$_([^_]+)$", "\1", "all");
274					newFolderName = reReplace(newFolderName, '\.+', "_", "all" );
275				}
276			</cfscript>
277
278			<cfif not len(newFolderName) or len(newFolderName) gt 255>
279				<cfset errorNumber = 102>
280			<cfelseif directoryExists(currentFolderPath & newFolderName)>
281				<cfset errorNumber = 101>
282			<cfelseif reFind("^\.\.",newFolderName)>
283				<cfset errorNumber = 102>
284			<cfelse>
285				<cfset errorNumber = 0>
286
287				<cftry>
288					<cfdirectory
289						action="create"
290						directory="#currentFolderPath##newFolderName#"
291						mode="755">
292					<cfcatch>
293						<!---
294						un-resolvable error numbers in ColdFusion:
295						* 102 : Invalid folder name.
296						* 103 : You have no permissions to create the folder.
297						--->
298						<cfset errorNumber = 110>
299					</cfcatch>
300				</cftry>
301			</cfif>
302
303			<cfset xmlContent = xmlContent & '<Error number="#errorNumber#" />'>
304
305		</cfcase>
306
307		<cfdefaultcase>
308			<cfthrow type="fckeditor.connector" message="Illegal command: #url.command#">
309		</cfdefaultcase>
310
311	</cfswitch>
312</cfif>
313
314<cfscript>
315	xmlHeader = '<?xml version="1.0" encoding="utf-8" ?>';
316	if (invalidName) {
317		xmlHeader = xmlHeader & '<Connector>';
318	}
319	else {
320		xmlHeader = xmlHeader & '<Connector command="#url.command#" resourceType="#url.type#">';
321		xmlHeader = xmlHeader & '<CurrentFolder path="#url.currentFolder#" url="#resourceTypeUrl##url.currentFolder#" />';
322	}
323	xmlFooter = '</Connector>';
324</cfscript>
325
326<cfheader name="Expires" value="#GetHttpTimeString(Now())#">
327<cfheader name="Pragma" value="no-cache">
328<cfheader name="Cache-Control" value="no-cache, no-store, must-revalidate">
329<cfcontent reset="true" type="text/xml; charset=UTF-8">
330<cfoutput>#xmlHeader##xmlContent##xmlFooter#</cfoutput>