/pigeoncms/Plugins/fckeditor/editor/filemanager/connectors/lasso/upload.lasso

http://pigeoncms.googlecode.com/ · Unknown · 178 lines · 154 code · 24 blank · 0 comment · 0 complexity · 2ff3f586959ed730e054b349c3ef78ea MD5 · raw file

  1. [//lasso
  2. /*
  3. * FCKeditor - The text editor for Internet - http://www.fckeditor.net
  4. * Copyright (C) 2003-2009 Frederico Caldeira Knabben
  5. *
  6. * == BEGIN LICENSE ==
  7. *
  8. * Licensed under the terms of any of the following licenses at your
  9. * choice:
  10. *
  11. * - GNU General Public License Version 2 or later (the "GPL")
  12. * http://www.gnu.org/licenses/gpl.html
  13. *
  14. * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
  15. * http://www.gnu.org/licenses/lgpl.html
  16. *
  17. * - Mozilla Public License Version 1.1 or later (the "MPL")
  18. * http://www.mozilla.org/MPL/MPL-1.1.html
  19. *
  20. * == END LICENSE ==
  21. *
  22. * This is the "File Uploader" for Lasso.
  23. */
  24. /*.....................................................................
  25. Include global configuration. See config.lasso for details.
  26. */
  27. include('config.lasso');
  28. /*.....................................................................
  29. Convert query string parameters to variables and initialize output.
  30. */
  31. var(
  32. 'Type' = (Encode_HTML: action_param('Type')),
  33. 'CurrentFolder' = "/",
  34. 'ServerPath' = action_param('ServerPath'),
  35. 'NewFile' = null,
  36. 'NewFileName' = string,
  37. 'OrigFilePath' = string,
  38. 'NewFilePath' = string,
  39. 'errorNumber' = 0,
  40. 'customMsg' = ''
  41. );
  42. $Type == '' ? $Type = 'File';
  43. /*.....................................................................
  44. Calculate the path to the current folder.
  45. */
  46. $ServerPath == '' ? $ServerPath = $config->find('UserFilesPath');
  47. var('currentFolderURL' = $ServerPath
  48. + $config->find('Subdirectories')->find(action_param('Type'))
  49. + $CurrentFolder
  50. );
  51. $currentFolderURL = string_replace($currentFolderURL, -find='//', -replace='/');
  52. /*.....................................................................
  53. Custom tag sets the HTML response.
  54. */
  55. define_tag(
  56. 'sendresults',
  57. -namespace='fck_',
  58. -priority='replace',
  59. -required='errorNumber',
  60. -type='integer',
  61. -optional='fileUrl',
  62. -type='string',
  63. -optional='fileName',
  64. -type='string',
  65. -optional='customMsg',
  66. -type='string',
  67. -description='Sets the HTML response for the FCKEditor Quick Upload feature.'
  68. );
  69. $__html_reply__ = '<script type="text/javascript">';
  70. // Minified version of the document.domain automatic fix script (#1919).
  71. // The original script can be found at _dev/domain_fix_template.js
  72. // Note: in Lasso replace \ with \\
  73. $__html_reply__ = $__html_reply__ + "(function(){var d=document.domain;while (true){try{var A=window.parent.document.domain;break;}catch(e) {};d=d.replace(/.*?(?:\\.|$)/,'');if (d.length==0) break;try{document.domain=d;}catch (e){break;}}})();";
  74. $__html_reply__ = $__html_reply__ + '\
  75. window.parent.OnUploadCompleted(' + #errorNumber + ',"'
  76. + string_replace((Encode_HTML: #fileUrl), -find='"', -replace='\\"') + '","'
  77. + string_replace((Encode_HTML: #fileUrl->split('/')->last), -find='"', -replace='\\"') + '","'
  78. + string_replace((Encode_HTML: #customMsg), -find='"', -replace='\\"') + '");
  79. </script>
  80. ';
  81. /define_tag;
  82. if($CurrentFolder->(Find: '..') || (String_FindRegExp: $CurrentFolder, -Find='(/\\.)|(//)|[\\\\:\\*\\?\\""\\<\\>\\|]|\\000|[\u007F]|[\u0001-\u001F]'));
  83. $errorNumber = 102;
  84. /if;
  85. if($config->find('Enabled'));
  86. /*.................................................................
  87. Process an uploaded file.
  88. */
  89. inline($connection);
  90. /*.............................................................
  91. Was a file actually uploaded?
  92. */
  93. if($errorNumber != '102');
  94. file_uploads->size ? $NewFile = file_uploads->get(1) | $errorNumber = 202;
  95. /if;
  96. if($errorNumber == 0);
  97. /*.........................................................
  98. Split the file's extension from the filename in order
  99. to follow the API's naming convention for duplicate
  100. files. (Test.txt, Test(1).txt, Test(2).txt, etc.)
  101. */
  102. $NewFileName = $NewFile->find('OrigName');
  103. $NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|\\000|[\u007F]|[\u0001-\u001F]', -replace='_');
  104. $NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\.(?![^.]*$)', -replace='_');
  105. $OrigFilePath = $currentFolderURL + $NewFileName;
  106. $NewFilePath = $OrigFilePath;
  107. local('fileExtension') = '.' + $NewFile->find('OrigExtension');
  108. local('shortFileName') = $NewFileName->removetrailing(#fileExtension)&;
  109. /*.........................................................
  110. Make sure the file extension is allowed.
  111. */
  112. local('allowedExt') = $config->find('AllowedExtensions')->find($Type);
  113. local('deniedExt') = $config->find('DeniedExtensions')->find($Type);
  114. if($allowedExt->Size > 0 && $allowedExt !>> $NewFile->find('OrigExtension'));
  115. $errorNumber = 202;
  116. else($deniedExt->Size > 0 && $deniedExt >> $NewFile->find('OrigExtension'));
  117. $errorNumber = 202;
  118. else;
  119. /*.....................................................
  120. Rename the target path until it is unique.
  121. */
  122. while(file_exists($NewFilePath));
  123. $NewFileName = #shortFileName + '(' + loop_count + ')' + #fileExtension;
  124. $NewFilePath = $currentFolderURL + $NewFileName;
  125. /while;
  126. /*.....................................................
  127. Copy the uploaded file to its final location.
  128. */
  129. file_copy($NewFile->find('path'), $NewFilePath);
  130. /*.....................................................
  131. Set the error code for the response.
  132. */
  133. select(file_currenterror( -errorcode));
  134. case(0);
  135. $OrigFilePath != $NewFilePath ? $errorNumber = 201;
  136. case;
  137. $errorNumber = 202;
  138. /select;
  139. /if;
  140. /if;
  141. if ($errorNumber != 0 && $errorNumber != 201);
  142. $NewFilePath = "";
  143. /if;
  144. /inline;
  145. else;
  146. $errorNumber = 1;
  147. $customMsg = 'This file uploader is disabled. Please check the "editor/filemanager/upload/lasso/config.lasso" file.';
  148. /if;
  149. fck_sendresults(
  150. -errorNumber=$errorNumber,
  151. -fileUrl=$NewFilePath,
  152. -customMsg=$customMsg
  153. );
  154. ]