PageRenderTime 55ms CodeModel.GetById 21ms RepoModel.GetById 1ms app.codeStats 0ms

/components/com_jce/editor/extensions/browser/file.php

https://bitbucket.org/organicdevelopment/joomla-2.5
PHP | 1348 lines | 781 code | 251 blank | 316 comment | 126 complexity | 357b305fe4c80b6f622b7042fd8e1470 MD5 | raw file
Possible License(s): LGPL-3.0, GPL-2.0, MIT, BSD-3-Clause, LGPL-2.1 
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * @package   	JCE
    5. 

  5.  * @copyright 	Copyright (c) 2009-2012 Ryan Demmer. All rights reserved.
    6. 

  6.  * @license   	GNU/GPL 2 or later - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
    7. 

  7.  * JCE is free software. This version may have been modified pursuant
    8. 

  8.  * to the GNU General Public License, and as distributed it includes or
    9. 

  9.  * is derivative of works licensed under the GNU General Public License or
    10. 

  10.  * other free or open source software licenses.
    11. 

  11.  */
    12. 

  12. defined('_JEXEC') or die('RESTRICTED');
    13. 

  13. 

  14. wfimport('editor.libraries.classes.extensions.browser');
    15. 

  15. wfimport('editor.libraries.classes.extensions.filesystem');
    16. 

  16. 

  17. class WFFileBrowser extends WFBrowserExtension {
    18. 

  18.     /*
    19. 

  19.      *  @var array
    20. 

  20.      */
    21. 

  21. 

  22.     private $_buttons = array();
    23. 

  23.     /*
    24. 

  24.      *  @var array
    25. 

  25.      */
    26. 

  26.     private $_actions = array();
    27. 

  27.     /*
    28. 

  28.      *  @var array
    29. 

  29.      */
    30. 

  30.     private $_events = array();
    31. 

  31.     /*
    32. 

  32.      *  @var array
    33. 

  33.      */
    34. 

  34.     private $_result = array('error' => array(), 'files' => array(), 'folders' => array());
    35. 

  35. 

  36.     /**
    37. 

  37.      * @access  protected
    38. 

  38.      */
    39. 

  39.     public function __construct($config = array()) {
    40. 

  40. 

  41.         $default = array(
    42. 

  42.             'dir' => '',
    43. 

  43.             'filesystem' => 'joomla',
    44. 

  44.             'filetypes' => 'images=jpg,jpeg,png,gif',
    45. 

  45.             'upload' => array(
    46. 

  46.                 'runtimes' => 'html5,flash,silverlight',
    47. 

  47.                 'chunk_size' => null,
    48. 

  48.                 'max_size' => 1024,
    49. 

  49.                 'validate_mimetype' => 1,
    50. 

  50.                 'add_random' => 0
    51. 

  51.             ),
    52. 

  52.             'folder_tree' => 1,
    53. 

  53.             'list_limit' => 'all',
    54. 

  54.             'features' => array(
    55. 

  55.                 'upload' => 1,
    56. 

  56.                 'folder' => array(
    57. 

  57.                     'create' => 1,
    58. 

  58.                     'delete' => 1,
    59. 

  59.                     'rename' => 1,
    60. 

  60.                     'move' => 1
    61. 

  61.                 ),
    62. 

  62.                 'file' => array(
    63. 

  63.                     'rename' => 1,
    64. 

  64.                     'delete' => 1,
    65. 

  65.                     'move' => 1
    66. 

  66.                 )
    67. 

  67.             ),
    68. 

  68.             'websafe_mode' => 'utf-8'
    69. 

  69.         );
    70. 

  70. 

  71.         $config = array_merge($default, $config);
    72. 

  72. 

  73.         // Call parent
    74. 

  74.         parent::__construct($config);
    75. 

  75. 

  76.         // Setup XHR callback funtions
    77. 

  77.         $this->setRequest(array($this, 'getItems'));
    78. 

  78.         $this->setRequest(array($this, 'getFileDetails'));
    79. 

  79.         $this->setRequest(array($this, 'getFolderDetails'));
    80. 

  80.         $this->setRequest(array($this, 'getTree'));
    81. 

  81.         $this->setRequest(array($this, 'getTreeItem'));
    82. 

  82. 

  83.         // Get actions
    84. 

  84.         $this->getStdActions();
    85. 

  85.         // Get buttons
    86. 

  86.         $this->getStdButtons();
    87. 

  87.     }
    88. 

  88. 

  89.     /**
    90. 

  90.      * Display the browser
    91. 

  91.      * @access public
    92. 

  92.      */
    93. 

  93.     public function display() {
    94. 

  94.         parent::display();
    95. 

  95. 

  96.         // Get the Document instance
    97. 

  97.         $document = WFDocument::getInstance();
    98. 

  98. 

  99.         $document->addScript(array(
    100. 

  100.             'tree',
    101. 

  101.             'upload'
    102. 

  102.                 ), 'libraries');
    103. 

  103. 

  104.         $document->addScript(array(
    105. 

  105.             'plupload.full',
    106. 

  106.                 ), 'jce.libraries.plupload');
    107. 

  107. 

  108.         $document->addScript(array(
    109. 

  109.             'file',
    110. 

  110.             'sort',
    111. 

  111.             'filter',
    112. 

  112.             'manager'
    113. 

  113.                 ), 'extensions.browser.js');
    114. 

  114. 

  115.         //$document->addStyleSheet(array('files', 'tree', 'upload'), 'libraries');
    116. 

  116.         $document->addStyleSheet(array('manager'), 'extensions.browser.css');
    117. 

  117.         // custom stylesheet
    118. 

  118.         //$document->addStyleSheet(array('custom'), 'libraries.css');
    119. 

  119.         // file browser options
    120. 

  120.         $document->addScriptDeclaration('WFFileBrowser.settings=' . json_encode($this->getSettings()) . ';');
    121. 

  121.     }
    122. 

  122. 

  123.     /**
    124. 

  124.      * Render the browser view
    125. 

  125.      * @access public
    126. 

  126.      */
    127. 

  127.     public function render() {
    128. 

  128.         $session = JFactory::getSession();
    129. 

  129.         // create file view
    130. 

  130.         $view = $this->getView('file');
    131. 

  131.         // assign session data
    132. 

  132.         $view->assignRef('session', $session);
    133. 

  133.         // assign form action
    134. 

  134.         $view->assign('action', $this->getFormAction());
    135. 

  135.         // return view output
    136. 

  136.         $view->display();
    137. 

  137.     }
    138. 

  138. 

  139.     /**
    140. 

  140.      * Set a WFRequest item
    141. 

  141.      * @access 	public
    142. 

  142.      * @param 	array $request
    143. 

  143.      */
    144. 

  144.     public function setRequest($request) {
    145. 

  145.         $xhr = WFRequest::getInstance();
    146. 

  146.         $xhr->setRequest($request);
    147. 

  147.     }
    148. 

  148. 

  149.     /**
    150. 

  150.      * Upload form action url
    151. 

  151.      *
    152. 

  152.      * @access	public
    153. 

  153.      * @param	string 	The target action file eg: upload.php
    154. 

  154.      * @return	Joomla! component url
    155. 

  155.      * @since	1.5
    156. 

  156.      */
    157. 

  157.     protected function getFormAction() {
    158. 

  158.         $wf = WFEditorPlugin::getInstance();
    159. 

  159. 

  160.         $component_id = JRequest::getInt('component_id');
    161. 

  161. 

  162.         $query = '';
    163. 

  163. 

  164.         $args = array(
    165. 

  165.             'plugin' => $wf->getName()
    166. 

  166.         );
    167. 

  167. 

  168.         if ($component_id) {
    169. 

  169.             $args['component_id'] = $component_id;
    170. 

  170.         }
    171. 

  171. 

  172.         foreach ($args as $k => $v) {
    173. 

  173.             $query .= '&' . $k . '=' . $v;
    174. 

  174.         }
    175. 

  175. 

  176.         return JURI::base(true) . '/index.php?option=com_jce&view=editor&layout=plugin' . $query;
    177. 

  177.     }
    178. 

  178. 

  179.     public function getFileSystem() {
    180. 

  180.         static $filesystem;
    181. 

  181. 

  182.         if (!is_object($filesystem)) {
    183. 

  183.             $wf = WFEditorPlugin::getInstance();
    184. 

  184. 

  185.             $config = array(
    186. 

  186.                 'dir' => $this->get('dir'),
    187. 

  187.                 'upload_conflict' => $wf->getParam('editor.upload_conflict', 'overwrite')
    188. 

  188.             );
    189. 

  189. 

  190.             $filesystem = WFFileSystem::getInstance($this->get('filesystem'), $config);
    191. 

  191.         }
    192. 

  192. 

  193.         return $filesystem;
    194. 

  194.     }
    195. 

  195. 

  196.     private function getViewable() {
    197. 

  197.         return 'jpeg,jpg,gif,png,avi,wmv,wm,asf,asx,wmx,wvx,mov,qt,mpg,mp3,mp4,m4v,mpeg,ogg,ogv,webm,swf,flv,f4v,xml,dcr,rm,ra,ram,divx,html,htm,txt,rtf,pdf,doc,docx,xls,xlsx,ppt,pptx';
    198. 

  198.     }
    199. 

  199. 

  200.     /**
    201. 

  201.      * Return a list of allowed file extensions in selected format
    202. 

  202.      *
    203. 

  203.      * @access public
    204. 

  204.      * @return extension list
    205. 

  205.      */
    206. 

  206.     private function getFileTypes($format = 'map') {
    207. 

  207.         $list = $this->get('filetypes');
    208. 

  208. 

  209.         // Remove excluded file types (those that have a - prefix character) from the list
    210. 

  210.         $data = array();
    211. 

  211. 

  212.         foreach (explode(';', $list) as $group) {
    213. 

  213.             if (substr(trim($group), 0, 1) === '-') {
    214. 

  214.                 continue;
    215. 

  215.             }
    216. 

  216.             // remove excluded file types (those that have a - prefix character) from the list
    217. 

  217.             $data[] = preg_replace('#(,)?-([\w]+)#', '', $group);
    218. 

  218.         }
    219. 

  219. 

  220.         $list = implode(';', $data);
    221. 

  221. 

  222.         switch ($format) {
    223. 

  223.             case 'list':
    224. 

  224.                 return $this->listFileTypes($list);
    225. 

  225.                 break;
    226. 

  226.             case 'array':
    227. 

  227.                 return explode(',', $this->listFileTypes($list));
    228. 

  228.                 break;
    229. 

  229.             default:
    230. 

  230.             case 'map':
    231. 

  231.                 return $list;
    232. 

  232.                 break;
    233. 

  233.         }
    234. 

  234.     }
    235. 

  235. 

  236.     public function setFileTypes($list = 'images=jpg,jpeg,png,gif') {
    237. 

  237.         $this->set('filetypes', $list);
    238. 

  238.     }
    239. 

  239. 

  240.     /**
    241. 

  241.      * Converts the extensions map to a list
    242. 

  242.      * @param string $map The extensions map eg: images=jpg,jpeg,gif,png
    243. 

  243.      * @return string jpg,jpeg,gif,png
    244. 

  244.      */
    245. 

  245.     private function listFileTypes($map) {
    246. 

  246.         return preg_replace(array('/([\w]+)=([\w]+)/', '/;/'), array('$2', ','), $map);
    247. 

  247.     }
    248. 

  248. 

  249.     public function addFileTypes($types) {
    250. 

  250.         $list = explode(';', $this->get('filetypes'));
    251. 

  251. 

  252.         foreach ($types as $group => $extensions) {
    253. 

  253.             $list[] = $group . '=' . $extensions;
    254. 

  254.         }
    255. 

  255. 

  256.         $this->set('filetypes', implode(';', $list));
    257. 

  257.     }
    258. 

  258. 

  259.     /**
    260. 

  260.      * Maps upload file types to an upload dialog list, eg: 'images', 'jpeg,jpg,gif,png'
    261. 

  261.      * @return json encoded list
    262. 

  262.      */
    263. 

  263.     private function mapUploadFileTypes() {
    264. 

  264.         $map = array();
    265. 

  265. 

  266.         // Get the filetype map
    267. 

  267.         $list = $this->getFileTypes();
    268. 

  268. 

  269.         if ($list) {
    270. 

  270.             $items = explode(';', $list);
    271. 

  271.             $all = array();
    272. 

  272. 

  273.             // [images=jpeg,jpg,gif,png]
    274. 

  274.             foreach ($items as $item) {
    275. 

  275.                 // ['images', 'jpeg,jpg,gif,png']
    276. 

  276.                 $kv = explode('=', $item);
    277. 

  277.                 $extensions = implode(';', preg_replace('/(\w+)/i', '*.$1', explode(',', $kv[1])));
    278. 

  278.                 $map[WFText::_('WF_FILEGROUP_' . $kv[0], WFText::_($kv[0])) . ' (' . $extensions . ')'] = $kv[1];
    279. 

  279. 

  280.                 $all[] = $kv[1];
    281. 

  281.             }
    282. 

  282. 

  283.             if (count($items) > 1) {
    284. 

  284.                 // All file types
    285. 

  285.                 $map[WFText::_('WF_FILEGROUP_ALL') . ' (*.*)'] = implode(',', $all);
    286. 

  286.             }
    287. 

  287.         }
    288. 

  288. 

  289.         return $map;
    290. 

  290.     }
    291. 

  291. 

  292.     /**
    293. 

  293.      * Returns the result variable
    294. 

  294.      * @return var $_result
    295. 

  295.      */
    296. 

  296.     public function getResult() {
    297. 

  297.         return $this->_result;
    298. 

  298.     }
    299. 

  299. 

  300.     public function setResult($value, $key = null) {
    301. 

  301.         if ($key) {
    302. 

  302.             if (is_array($this->_result[$key])) {
    303. 

  303.                 $this->_result[$key][] = $value;
    304. 

  304.             } else {
    305. 

  305.                 $this->_result[$key] = $value;
    306. 

  306.             }
    307. 

  307.         } else {
    308. 

  308.             $this->_result = $value;
    309. 

  309.         }
    310. 

  310.     }
    311. 

  311. 

  312.     function checkFeature($action, $type = null) {
    313. 

  313.         $features = $this->get('features');
    314. 

  314. 

  315.         if ($type) {
    316. 

  316.             if (isset($features[$type])) {
    317. 

  317. 

  318.                 $type = $features[$type];
    319. 

  319. 

  320.                 if (isset($type[$action])) {
    321. 

  321.                     return (bool) $type[$action];
    322. 

  322.                 }
    323. 

  323.             }
    324. 

  324.         } else {
    325. 

  325.             if (isset($features[$action])) {
    326. 

  326.                 return (bool) $features[$action];
    327. 

  327.             }
    328. 

  328.         }
    329. 

  329. 

  330.         return false;
    331. 

  331.     }
    332. 

  332. 

  333.     public function getBaseDir() {
    334. 

  334.         $filesystem = $this->getFileSystem();
    335. 

  335.         return $filesystem->getBaseDir();
    336. 

  336.     }
    337. 

  337. 

  338.     /**
    339. 

  339.      * Get the list of files in a given folder
    340. 

  340.      * @param string $relative The relative path of the folder
    341. 

  341.      * @param string $filter A regex filter option
    342. 

  342.      * @return File list array
    343. 

  343.      */
    344. 

  344.     private function getFiles($relative, $filter = '.') {
    345. 

  345.         $filesystem = $this->getFileSystem();
    346. 

  346.         $list = $filesystem->getFiles($relative, $filter);
    347. 

  347. 

  348.         return $list;
    349. 

  349.     }
    350. 

  350. 

  351.     /**
    352. 

  352.      * Get the list of folder in a given folder
    353. 

  353.      * @param string $relative The relative path of the folder
    354. 

  354.      * @return Folder list array
    355. 

  355.      */
    356. 

  356.     private function getFolders($relative) {
    357. 

  357.         $filesystem = $this->getFileSystem();
    358. 

  358.         $list = $filesystem->getFolders($relative);
    359. 

  359. 

  360.         return $list;
    361. 

  361.     }
    362. 

  362. 

  363.     /**
    364. 

  364.      * Get file and folder lists
    365. 

  365.      * @return array Array of file and folder list objects
    366. 

  366.      * @param string $relative Relative or absolute path based either on source url or current directory
    367. 

  367.      * @param int $limit List limit
    368. 

  368.      * @param int $start list start point
    369. 

  369.      */
    370. 

  370.     public function getItems($path, $limit = 25, $start = 0) {
    371. 

  371.         $filesystem = $this->getFileSystem();
    372. 

  372. 

  373.         clearstatcache();
    374. 

  374. 

  375.         // decode path
    376. 

  376.         $path = rawurldecode($path);
    377. 

  377. 

  378.         WFUtility::checkPath($path);
    379. 

  379. 

  380.         // get source dir from path eg: images/stories/fruit.jpg = images/stories
    381. 

  381.         $dir = $filesystem->getSourceDir($path);
    382. 

  382. 

  383.         // get file list by filter
    384. 

  384.         $files = self::getFiles($dir, '\.(?i)(' . str_replace(',', '|', $this->getFileTypes('list')) . ')$');
    385. 

  385. 

  386.         // get folder list
    387. 

  387.         $folders = self::getFolders($dir);
    388. 

  388. 

  389.         $folderArray = array();
    390. 

  390.         $fileArray = array();
    391. 

  391. 

  392.         $items = array_merge($folders, $files);
    393. 

  393. 

  394.         if ($items) {
    395. 

  395.             if (is_numeric($limit)) {
    396. 

  396.                 $items = array_slice($items, $start, $limit);
    397. 

  397.             }
    398. 

  398. 

  399.             foreach ($items as $item) {
    400. 

  400.                 $item['classes'] = '';
    401. 

  401. 

  402.                 if ($item['type'] == 'folders') {
    403. 

  403.                     $folderArray[] = $item;
    404. 

  404.                 } else {
    405. 

  405.                     // check for selected item
    406. 

  406.                     $item['selected'] = $filesystem->isMatch($item['url'], $path);
    407. 

  407. 

  408.                     $fileArray[] = $item;
    409. 

  409.                 }
    410. 

  410.             }
    411. 

  411.         }
    412. 

  412. 

  413.         $result = array(
    414. 

  414.             'folders' => $folderArray,
    415. 

  415.             'files' => $fileArray,
    416. 

  416.             'total' => array(
    417. 

  417.                 'folders' => count($folders),
    418. 

  418.                 'files' => count($files)
    419. 

  419.             )
    420. 

  420.         );
    421. 

  421. 

  422.         // Fire Event passing result as reference
    423. 

  423.         $this->fireEvent('onGetItems', array(&$result));
    424. 

  424. 

  425.         return $result;
    426. 

  426.     }
    427. 

  427. 

  428.     /**
    429. 

  429.      * Get a tree node
    430. 

  430.      * @param string $dir The relative path of the folder to search
    431. 

  431.      * @return Tree node array
    432. 

  432.      */
    433. 

  433.     public function getTreeItem($path) {
    434. 

  434.         $filesystem = $this->getFileSystem();
    435. 

  435.         $path = rawurldecode($path);
    436. 

  436. 

  437.         WFUtility::checkPath($path);
    438. 

  438. 

  439.         // get source dir from path eg: images/stories/fruit.jpg = images/stories
    440. 

  440.         $dir = $filesystem->getSourceDir($path);
    441. 

  441. 

  442.         $folders = $this->getFolders($dir);
    443. 

  443.         $array = array();
    444. 

  444.         if (!empty($folders)) {
    445. 

  445.             foreach ($folders as $folder) {
    446. 

  446.                 $array[] = array(
    447. 

  447.                     'id' => $folder['id'],
    448. 

  448.                     'name' => $folder['name'],
    449. 

  449.                     'class' => 'folder'
    450. 

  450.                 );
    451. 

  451.             }
    452. 

  452.         }
    453. 

  453.         $result = array(
    454. 

  454.             'folders' => $array
    455. 

  455.         );
    456. 

  456.         return $result;
    457. 

  457.     }
    458. 

  458. 

  459.     /**
    460. 

  460.      * Escape a string
    461. 

  461.      *
    462. 

  462.      * @return string Escaped string
    463. 

  463.      * @param string $string
    464. 

  464.      */
    465. 

  465.     private function escape($string) {
    466. 

  466.         return preg_replace(array(
    467. 

  467.                     '/%2F/',
    468. 

  468.                     '/%3F/',
    469. 

  469.                     '/%40/',
    470. 

  470.                     '/%2A/',
    471. 

  471.                     '/%2B/'
    472. 

  472.                         ), array(
    473. 

  473.                     '/',
    474. 

  474.                     '?',
    475. 

  475.                     '@',
    476. 

  476.                     '*',
    477. 

  477.                     '+'
    478. 

  478.                         ), rawurlencode($string));
    479. 

  479.     }
    480. 

  480. 

  481.     /**
    482. 

  482.      * Build a tree list
    483. 

  483.      * @param string $dir The relative path of the folder to search
    484. 

  484.      * @return Tree html string
    485. 

  485.      */
    486. 

  486.     public function getTree($path) {
    487. 

  487.         $filesystem = $this->getFileSystem();
    488. 

  488. 

  489.         // decode path
    490. 

  490.         $path = rawurldecode($path);
    491. 

  491. 

  492.         WFUtility::checkPath($path);
    493. 

  493. 

  494.         // get source dir from path eg: images/stories/fruit.jpg = images/stories
    495. 

  495.         $dir = $filesystem->getSourceDir($path);
    496. 

  496. 

  497.         $result = $this->getTreeItems($dir);
    498. 

  498.         return $result;
    499. 

  499.     }
    500. 

  500. 

  501.     /**
    502. 

  502.      * Get Tree list items as html list
    503. 

  503.      *
    504. 

  504.      * @return Tree list html string
    505. 

  505.      * @param string $dir Current directory
    506. 

  506.      * @param boolean $root[optional] Is root directory
    507. 

  507.      * @param boolean $init[optional] Is tree initialisation
    508. 

  508.      */
    509. 

  509.     public function getTreeItems($dir, $root = true, $init = true) {
    510. 

  510.         $result = '';
    511. 

  511. 

  512.         static $treedir = null;
    513. 

  513. 

  514.         if ($init) {
    515. 

  515.             $treedir = $dir;
    516. 

  516.             if ($root) {
    517. 

  517.                 $result = '<ul><li id="/" class="open"><div class="tree-row"><div class="tree-image"></div><span class="root"><a href="javascript:;">' . WFText::_('WF_LABEL_ROOT') . '</a></span></div>';
    518. 

  518.                 $dir = '/';
    519. 

  519.             }
    520. 

  520.         }
    521. 

  521.         $folders = $this->getFolders($dir);
    522. 

  522. 

  523.         if ($folders) {
    524. 

  524.             $result .= '<ul class="tree-node">';
    525. 

  525.             foreach ($folders as $folder) {
    526. 

  526.                 $open = strpos($treedir, ltrim($folder['id'], '/')) === 0 ? ' open' : '';
    527. 

  527.                 $result .= '<li id="' . $this->escape($folder['id']) . '" class="' . $open . '"><div class="tree-row"><div class="tree-image"></div><span class="folder"><a href="javascript:;">' . $folder['name'] . '</a></span></div>';
    528. 

  528. 

  529.                 if ($open) {
    530. 

  530.                     if ($h = $this->getTreeItems($folder['id'], false, false)) {
    531. 

  531.                         $result .= $h;
    532. 

  532.                     }
    533. 

  533.                 }
    534. 

  534. 

  535.                 $result .= '</li>';
    536. 

  536.             }
    537. 

  537.             $result .= '</ul>';
    538. 

  538.         }
    539. 

  539.         if ($init && $root) {
    540. 

  540.             $result .= '</li></ul>';
    541. 

  541.         }
    542. 

  542.         $init = false;
    543. 

  543.         return $result;
    544. 

  544.     }
    545. 

  545. 

  546.     /**
    547. 

  547.      * Get a folders properties
    548. 

  548.      *
    549. 

  549.      * @return array Array of properties
    550. 

  550.      * @param string $dir Folder relative path
    551. 

  551.      */
    552. 

  552.     public function getFolderDetails($dir) {
    553. 

  553.         WFUtility::checkPath($dir);
    554. 

  554. 

  555.         $filesystem = $this->getFileSystem();
    556. 

  556.         // get array with folder date and content count eg: array('date'=>'00-00-000', 'folders'=>1, 'files'=>2);
    557. 

  557.         return $filesystem->getFolderDetails($dir);
    558. 

  558.     }
    559. 

  559. 

  560.     /**
    561. 

  561.      * Get a files properties
    562. 

  562.      *
    563. 

  563.      * @return array Array of properties
    564. 

  564.      * @param string $file File relative path
    565. 

  565.      */
    566. 

  566.     function getFileDetails($file) {
    567. 

  567.         WFUtility::checkPath($file);
    568. 

  568. 

  569.         $filesystem = $this->getFileSystem();
    570. 

  570.         // get array with folder date and content count eg: array('date'=>'00-00-000', 'folders'=>1, 'files'=>2);
    571. 

  571.         return $filesystem->getFileDetails($file);
    572. 

  572.     }
    573. 

  573. 

  574.     /**
    575. 

  575.      * Create standard actions based on access
    576. 

  576.      */
    577. 

  577.     private function getStdActions() {
    578. 

  578.         $this->addAction('help', '', '', WFText::_('WF_BUTTON_HELP'));
    579. 

  579. 

  580.         if ($this->checkFeature('upload')) {
    581. 

  581.             $this->addAction('upload');
    582. 

  582.             $this->setRequest(array($this, 'upload'));
    583. 

  583.         }
    584. 

  584. 

  585.         if ($this->checkFeature('create', 'folder')) {
    586. 

  586.             $this->addAction('folder_new');
    587. 

  587.             $this->setRequest(array($this, 'folderNew'));
    588. 

  588.         }
    589. 

  589.     }
    590. 

  590. 

  591.     /**
    592. 

  592.      * Add an action to the list
    593. 

  593.      *
    594. 

  594.      * @param string $name Action name
    595. 

  595.      * @param array  $options Array of options
    596. 

  596.      */
    597. 

  597.     public function addAction($name, $options = array()) {
    598. 

  598.         /* TODO */
    599. 

  599.         // backwards compatability (remove in stable)
    600. 

  600.         $args = func_get_args();
    601. 

  601. 

  602.         if (count($args) == 4) {
    603. 

  603.             $options['icon'] = $args[1];
    604. 

  604.             $options['action'] = $args[2];
    605. 

  605.             $options['title'] = $args[3];
    606. 

  606.         }
    607. 

  607. 

  608.         $options = array_merge(array('name' => $name), $options);
    609. 

  609. 

  610.         // set some defaults
    611. 

  611.         if (!array_key_exists('icon', $options)) {
    612. 

  612.             $options['icon'] = '';
    613. 

  613.         }
    614. 

  614. 

  615.         if (!array_key_exists('action', $options)) {
    616. 

  616.             $options['action'] = '';
    617. 

  617.         }
    618. 

  618. 

  619.         if (!array_key_exists('title', $options)) {
    620. 

  620.             $options['title'] = WFText::_('WF_BUTTON_' . strtoupper($name));
    621. 

  621.         }
    622. 

  622. 

  623.         $this->_actions[$name] = $options;
    624. 

  624.     }
    625. 

  625. 

  626.     /**
    627. 

  627.      * Get all actions
    628. 

  628.      * @return object
    629. 

  629.      */
    630. 

  630.     private function getActions() {
    631. 

  631.         return array_reverse($this->_actions);
    632. 

  632.     }
    633. 

  633. 

  634.     /**
    635. 

  635.      * Remove an action from the list by name
    636. 

  636.      * @param string $name Action name to remove
    637. 

  637.      */
    638. 

  638.     public function removeAction($name) {
    639. 

  639.         if (array_key_exists($this->_actions[$name])) {
    640. 

  640.             unset($this->_actions[$name]);
    641. 

  641.         }
    642. 

  642.     }
    643. 

  643. 

  644.     /**
    645. 

  645.      * Create all standard buttons based on access
    646. 

  646.      */
    647. 

  647.     private function getStdButtons() {
    648. 

  648.         if ($this->checkFeature('delete', 'folder')) {
    649. 

  649.             $this->addButton('folder', 'delete', array('multiple' => true));
    650. 

  650. 

  651.             $this->setRequest(array($this, 'deleteItem'));
    652. 

  652.         }
    653. 

  653.         if ($this->checkFeature('rename', 'folder')) {
    654. 

  654.             $this->addButton('folder', 'rename');
    655. 

  655. 

  656.             $this->setRequest(array($this, 'renameItem'));
    657. 

  657.         }
    658. 

  658.         if ($this->checkFeature('move', 'folder')) {
    659. 

  659.             $this->addButton('folder', 'copy', array('multiple' => true));
    660. 

  660.             $this->addButton('folder', 'cut', array('multiple' => true));
    661. 

  661. 

  662.             $this->addButton('folder', 'paste', array('multiple' => true, 'trigger' => true));
    663. 

  663. 

  664.             $this->setRequest(array($this, 'copyItem'));
    665. 

  665.             $this->setRequest(array($this, 'moveItem'));
    666. 

  666.         }
    667. 

  667.         if ($this->checkFeature('rename', 'file')) {
    668. 

  668.             $this->addButton('file', 'rename');
    669. 

  669. 

  670.             $this->setRequest(array($this, 'renameItem'));
    671. 

  671.         }
    672. 

  672.         if ($this->checkFeature('delete', 'file')) {
    673. 

  673.             $this->addButton('file', 'delete', array('multiple' => true));
    674. 

  674. 

  675.             $this->setRequest(array($this, 'deleteItem'));
    676. 

  676.         }
    677. 

  677.         if ($this->checkFeature('move', 'file')) {
    678. 

  678.             $this->addButton('file', 'copy', array('multiple' => true));
    679. 

  679.             $this->addButton('file', 'cut', array('multiple' => true));
    680. 

  680. 

  681.             $this->addButton('file', 'paste', array('multiple' => true, 'trigger' => true));
    682. 

  682. 

  683.             $this->setRequest(array($this, 'copyItem'));
    684. 

  684.             $this->setRequest(array($this, 'moveItem'));
    685. 

  685.         }
    686. 

  686.         $this->addButton('file', 'view', array('restrict' => $this->getViewable()));
    687. 

  687.         $this->addButton('file', 'insert');
    688. 

  688.     }
    689. 

  689. 

  690.     /**
    691. 

  691.      * Add a button
    692. 

  692.      *
    693. 

  693.      * @param string $type[optional] Button type (file or folder)
    694. 

  694.      * @param string $name Button name
    695. 

  695.      * @param string $icon[optional] Button icon
    696. 

  696.      * @param string $action[optional] Button action / function
    697. 

  697.      * @param string $title Button title
    698. 

  698.      * @param boolean $multiple[optional] Supports multiple file selection
    699. 

  699.      * @param boolean $trigger[optional]
    700. 

  700.      */
    701. 

  701.     public function addButton($type = 'file', $name, $options = array()) {
    702. 

  702.         $options = array_merge(array('name' => $name), $options);
    703. 

  703. 

  704.         // set some defaults
    705. 

  705.         if (!array_key_exists('icon', $options)) {
    706. 

  706.             $options['icon'] = '';
    707. 

  707.         }
    708. 

  708. 

  709.         if (!array_key_exists('action', $options)) {
    710. 

  710.             $options['action'] = '';
    711. 

  711.         }
    712. 

  712. 

  713.         if (!array_key_exists('title', $options)) {
    714. 

  714.             $options['title'] = WFText::_('WF_BUTTON_' . strtoupper($name));
    715. 

  715.         }
    716. 

  716. 

  717.         if (!array_key_exists('multiple', $options)) {
    718. 

  718.             $options['multiple'] = false;
    719. 

  719.         }
    720. 

  720. 

  721.         if (!array_key_exists('trigger', $options)) {
    722. 

  722.             $options['trigger'] = false;
    723. 

  723.         }
    724. 

  724. 

  725.         if (!array_key_exists('restrict', $options)) {
    726. 

  726.             $options['restrict'] = '';
    727. 

  727.         }
    728. 

  728. 

  729.         $this->_buttons[$type][$name] = $options;
    730. 

  730.     }
    731. 

  731. 

  732.     /**
    733. 

  733.      * Return an object list of all buttons
    734. 

  734.      * @return object
    735. 

  735.      */
    736. 

  736.     private function getButtons() {
    737. 

  737.         return $this->_buttons;
    738. 

  738.     }
    739. 

  739. 

  740.     /**
    741. 

  741.      * Remove a button
    742. 

  742.      * @param string $type Button type
    743. 

  743.      * @param string $name Button name
    744. 

  744.      */
    745. 

  745.     public function removeButton($type, $name) {
    746. 

  746.         if (array_key_exists($name, $this->_buttons[$type])) {
    747. 

  747.             unset($this->_buttons[$type][$name]);
    748. 

  748.         }
    749. 

  749.     }
    750. 

  750. 

  751.     /**
    752. 

  752.      * Change a buttons properties
    753. 

  753.      * @param string $type Button type
    754. 

  754.      * @param string $name Button name
    755. 

  755.      * @param string $keys Button keys
    756. 

  756.      */
    757. 

  757.     public function changeButton($type, $name, $keys) {
    758. 

  758.         foreach ($keys as $key => $value) {
    759. 

  759.             if (isset($this->_buttons[$type][$name][$key])) {
    760. 

  760.                 $this->_buttons[$type][$name][$key] = $value;
    761. 

  761.             }
    762. 

  762.         }
    763. 

  763.     }
    764. 

  764. 

  765.     /**
    766. 

  766.      * Add an event
    767. 

  767.      * @param string $name Event name
    768. 

  768.      * @param string $function Event function name
    769. 

  769.      */
    770. 

  770.     public function addEvent($name, $function) {
    771. 

  771.         $this->_events[$name] = $function;
    772. 

  772.     }
    773. 

  773. 

  774.     /**
    775. 

  775.      * Execute an event
    776. 

  776.      * @return Evenet result
    777. 

  777.      * @param object $name Event name
    778. 

  778.      * @param array $args[optional] Optional arguments
    779. 

  779.      */
    780. 

  780.     protected function fireEvent($name, $args = null) {
    781. 

  781.         if (array_key_exists($name, $this->_events)) {
    782. 

  782.             $event = $this->_events[$name];
    783. 

  783. 

  784.             if (is_array($event)) {
    785. 

  785.                 return call_user_func_array($event, $args);
    786. 

  786.             } else {
    787. 

  787.                 return call_user_func($event, $args);
    788. 

  788.             }
    789. 

  789.         }
    790. 

  790.         return $this->_result;
    791. 

  791.     }
    792. 

  792. 

  793.     /**
    794. 

  794.      * Get a file icon based on extension
    795. 

  795.      * @return string Path to file icon
    796. 

  796.      * @param string $ext File extension
    797. 

  797.      */
    798. 

  798.     public function getFileIcon($ext) {
    799. 

  799.         if (JFile::exists(WF_EDITOR_LIBRARIES . '/img/icons/' . $ext . '.gif')) {
    800. 

  800.             return $this->image('libraries.icons/' . $ext . '.gif');
    801. 

  801.         } elseif (JFile::exists($this->getPluginPath() . '/img/icons/' . $ext . '.gif')) {
    802. 

  802.             return $this->image('plugins.icons/' . $ext . '.gif');
    803. 

  803.         } else {
    804. 

  804.             return $this->image('libraries.icons/def.gif');
    805. 

  805.         }
    806. 

  806.     }
    807. 

  807. 

  808.     public function getFileSuffix() {
    809. 

  809.         $suffix = WFText::_('WF_MANAGER_FILE_SUFFIX');
    810. 

  810.         return str_replace('WF_MANAGER_FILE_SUFFIX', '_copy', $suffix);
    811. 

  811.     }
    812. 

  812. 

  813.     private function validateUploadedFile($file) {
    814. 

  814.         // Null byte check
    815. 

  815.         if (strstr($file['name'], "\u0000")) {
    816. 

  816.             @unlink($file['tmp_name']);
    817. 

  817. 

  818.             JError::raiseError(403, 'INVALID UPLOAD DATA');
    819. 

  819.         }
    820. 

  820. 

  821.         // check for invalid extension in file name
    822. 

  822.         if (preg_match('#\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|html|shtml|sh|cgi)\b#i', $file['name'])) {
    823. 

  823.             JError::raiseError(403, 'INVALID FILE NAME');
    824. 

  824.         }
    825. 

  825. 

  826.         // validate image
    827. 

  827.         if (preg_match('#\.(jpeg|jpg|jpe|png|gif|wbmp|bmp|tiff|tif)$#i', $file['name'])) {
    828. 

  828.             if (@getimagesize($file['tmp_name']) === false) {
    829. 

  829.                 @unlink($file['tmp_name']);
    830. 

  830. 

  831.                 JError::raiseError(403, 'INVALID IMAGE FILE');
    832. 

  832.             }
    833. 

  833.         }
    834. 

  834. 

  835.         $upload = $this->get('upload');
    836. 

  836. 

  837.         // validate mimetype
    838. 

  838.         if ($upload['validate_mimetype']) {
    839. 

  839.             wfimport('editor.libraries.classes.mime');
    840. 

  840. 

  841.             if (WFMimeType::check($file['name'], $file['tmp_name'], $file['type']) === false) {
    842. 

  842.                 @unlink($file['tmp_name']);
    843. 

  843. 

  844.                 JError::raiseError(403, 'INVALID MIME TYPE');
    845. 

  845.             }
    846. 

  846.         }
    847. 

  847. 

  848.         // xss check
    849. 

  849.         $xss_check = JFile::read($file['tmp_name'], false, 1024);
    850. 

  850. 

  851.         // check for hidden php tags
    852. 

  852.         if (strstr($xss_check, '<?php')) {
    853. 

  853.             @unlink($file['tmp_name']);
    854. 

  854. 

  855.             JError::raiseError(403, 'INVALID CODE IN FILE');
    856. 

  856.         }
    857. 

  857. 

  858.         // check for hidden short php tags
    859. 

  859.         if (preg_match('#\.(inc|phps|class|php|php(3|4)|txt|dat|tpl|tmpl)$#i', $file['name'])) {
    860. 

  860. 

  861.             if (strstr($xss_check, '<?')) {
    862. 

  862.                 @unlink($file['tmp_name']);
    863. 

  863. 

  864.                 JError::raiseError(403, 'INVALID CODE IN FILE');
    865. 

  865.             }
    866. 

  866.         }
    867. 

  867. 

  868.         // check for html tags (skip some files)
    869. 

  869.         if (!preg_match('#\.(txt|htm|html|xml|kml)$#i', $file['name'])) {
    870. 

  870. 

  871.             $tags = array('abbr', 'acronym', 'address', 'applet', 'area', 'audioscope', 'base', 'basefont', 'bdo', 'bgsound', 'big', 'blackface', 'blink', 'blockquote', 'body', 'bq', 'br', 'button', 'caption', 'center', 'cite', 'code', 'col', 'colgroup', 'comment', 'custom', 'dd', 'del', 'dfn', 'dir', 'div', 'dl', 'dt', 'em', 'embed', 'fieldset', 'fn', 'font', 'form', 'frame', 'frameset', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'head', 'hr', 'html', 'iframe', 'ilayer', 'img', 'input', 'ins', 'isindex', 'keygen', 'kbd', 'label', 'layer', 'legend', 'li', 'limittext', 'link', 'listing', 'map', 'marquee', 'menu', 'meta', 'multicol', 'nobr', 'noembed', 'noframes', 'noscript', 'nosmartquotes', 'object', 'ol', 'optgroup', 'option', 'param', 'plaintext', 'pre', 'rt', 'ruby', 's', 'samp', 'script', 'select', 'server', 'shadow', 'sidebar', 'small', 'spacer', 'span', 'strike', 'strong', 'style', 'sub', 'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead', 'title', 'tr', 'tt', 'ul', 'var', 'wbr', 'xml', 'xmp', '!DOCTYPE', '!--');
    872. 

  872. 

  873.             // check for tags
    874. 

  874.             if (preg_match('#<(' . implode('|', $tags) . ')(\s|>)#i', $xss_check)) {
    875. 

  875.             //if (preg_match('#<(\w+)(\s|>)#i', $xss_check)) {
    876. 

  876.                 @unlink($file['tmp_name']);  
    877. 

  877.                 
    878. 

  878.                 JError::raiseError(403, 'INVALID TAG IN FILE');
    879. 

  879.             }
    880. 

  880.         }
    881. 

  881.     }
    882. 

  882. 

  883.     /**
    884. 

  884.      * Upload a file.
    885. 

  885.      * @return array $error on failure or uploaded file name on success
    886. 

  886.      */
    887. 

  887.     public function upload() {
    888. 

  888.         // Check for request forgeries
    889. 

  889.         WFToken::checkToken() or die();
    890. 

  890. 

  891.         //JError::setErrorHandling(E_ALL, 'callback', array('WFError', 'raiseError'));
    892. 

  892.         // check for feature access	
    893. 

  893.         if (!$this->checkFeature('upload')) {
    894. 

  894.             JError::raiseError(403, 'RESTRICTED ACCESS');
    895. 

  895.         }
    896. 

  896. 

  897.         jimport('joomla.filesystem.file');
    898. 

  898. 

  899.         // get uploaded file
    900. 

  900.         $file = JRequest::getVar('file', '', 'files', 'array');
    901. 

  901. 

  902.         if (empty($file)) {
    903. 

  903.             JError::raiseError(403, 'INVALID UPLOAD DATA');
    904. 

  904.         }
    905. 

  905. 

  906.         // validate file data
    907. 

  907.         $this->validateUploadedFile($file);
    908. 

  908. 

  909.         $wf = WFEditor::getInstance();
    910. 

  910. 

  911.         // HTTP headers for no cache etc
    912. 

  912.         //header('Content-type: text/plain; charset=UTF-8');
    913. 

  913.         header("Expires: Wed, 4 Apr 1984 13:00:00 GMT");
    914. 

  914.         header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT");
    915. 

  915.         header("Cache-Control: no-store, no-cache, must-revalidate");
    916. 

  916.         header("Cache-Control: post-check=0, pre-check=0", false);
    917. 

  917.         header("Pragma: no-cache");
    918. 

  918. 

  919.         // get file name
    920. 

  920.         $name = JRequest::getVar('name', $file['name']);
    921. 

  921. 

  922.         // target directory
    923. 

  923.         $dir = JRequest::getVar('upload-dir');
    924. 

  924.         // deocode directory
    925. 

  925.         $dir = rawurldecode($dir);
    926. 

  926.         // check destination path
    927. 

  927.         WFUtility::checkPath($dir);
    928. 

  928.         // decode name
    929. 

  929.         $name = rawurldecode($name);
    930. 

  930.         // check file name
    931. 

  931.         WFUtility::checkPath($name);
    932. 

  932. 

  933.         // check for invalid extensions
    934. 

  934.         if (preg_match('#\.(php|phtml|pl|py|jsp|asp|shtml|sh|cgi)$#i', $name)) {
    935. 

  935.             JError::raiseError(403, 'INVALID FILE NAME');
    936. 

  936.         }
    937. 

  937. 

  938.         // get extension
    939. 

  939.         $ext = WFUtility::getExtension($name);
    940. 

  940. 

  941.         // check extension is allowed
    942. 

  942.         $allowed = $this->getFileTypes('array');
    943. 

  943. 

  944.         if (is_array($allowed) && !empty($allowed) && in_array(strtolower($ext), $allowed) === false) {
    945. 

  945.             JError::raiseError(403, WFText::_('WF_MANAGER_UPLOAD_INVALID_EXT_ERROR'));
    946. 

  946.             @unlink($file['tmp_name']);
    947. 

  947.         }
    948. 

  948. 

  949.         // strip extension
    950. 

  950.         $name = WFUtility::stripExtension($name);
    951. 

  951.         // make file name 'web safe'
    952. 

  952.         $name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8'));
    953. 

  953. 

  954.         // empty name
    955. 

  955.         if ($name == '') {
    956. 

  956.             JError::raiseError(403, 'INVALID FILE NAME');
    957. 

  957.         }
    958. 

  958. 

  959.         // check for extension in file name
    960. 

  960.         if (preg_match('#\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|html|shtml|sh|cgi)\b#i', $name)) {
    961. 

  961.             JError::raiseError(403, 'INVALID FILE NAME');
    962. 

  962.         }
    963. 

  963. 

  964.         $upload = $this->get('upload');
    965. 

  965. 

  966.         // add random string
    967. 

  967.         if ($upload['add_random']) {
    968. 

  968.             $name = $name . '_' . substr(md5(uniqid(rand(), 1)), 0, 5);
    969. 

  969.         }
    970. 

  970. 

  971.         // rebuild file name - name + extension
    972. 

  972.         $name = $name . '.' . $ext;
    973. 

  973. 

  974.         // create a filesystem result object
    975. 

  975.         $result = new WFFileSystemResult();
    976. 

  976. 

  977.         $filesystem = $this->getFileSystem();
    978. 

  978.         $complete = false;
    979. 

  979.         $contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER');
    980. 

  980. 

  981.         // Only multipart uploading is supported for now
    982. 

  982.         if ($contentType && strpos($contentType, "multipart") !== false) {
    983. 

  983.             if (isset($file['tmp_name']) && is_uploaded_file($file['tmp_name'])) {
    984. 

  984.                 $result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name);
    985. 

  985. 

  986.                 if (!$result->state) {
    987. 

  987.                     $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
    988. 

  988.                     $result->code = 103;
    989. 

  989.                 }
    990. 

  990. 

  991.                 @unlink($file['tmp_name']);
    992. 

  992. 

  993.                 $complete = true;
    994. 

  994.             }
    995. 

  995.         } else {
    996. 

  996.             $result->state = false;
    997. 

  997.             $result->code = 103;
    998. 

  998.             $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
    999. 

  999. 

  1000.             $complete = true;
    1001. 

  1001.         }
    1002. 

  1002.         // upload finished
    1003. 

  1003.         if ($complete) {
    1004. 

  1004. 

  1005.             if ($result instanceof WFFileSystemResult) {
    1006. 

  1006.                 if ($result->state === true) {
    1007. 

  1007. 

  1008.                     $path = $result->path;
    1009. 

  1009. 

  1010.                     $this->setResult($this->fireEvent('onUpload', array($result->path)));
    1011. 

  1011.                     $this->setResult(basename($result->path), 'files');
    1012. 

  1012.                 } else {
    1013. 

  1013.                     $this->setResult($result->message, 'error');
    1014. 

  1014.                 }
    1015. 

  1015.             }
    1016. 

  1016. 

  1017.             die(json_encode($this->getResult()));
    1018. 

  1018.         }
    1019. 

  1019.     }
    1020. 

  1020. 

  1021.     /**
    1022. 

  1022.      * Delete the relative file(s).
    1023. 

  1023.      * @param $files the relative path to the file name or comma seperated list of multiple paths.
    1024. 

  1024.      * @return string $error on failure.
    1025. 

  1025.      */
    1026. 

  1026.     public function deleteItem($items) {
    1027. 

  1027.         // check for feature access	
    1028. 

  1028.         if (!$this->checkFeature('delete', 'folder') && !$this->checkFeature('delete', 'file')) {
    1029. 

  1029.             JError::raiseError(403, 'RESTRICTED ACCESS');
    1030. 

  1030.         }
    1031. 

  1031. 

  1032.         $filesystem = $this->getFileSystem();
    1033. 

  1033.         $items = explode(",", rawurldecode($items));
    1034. 

  1034. 

  1035.         foreach ($items as $item) {
    1036. 

  1036.             // decode
    1037. 

  1037.             $item = rawurldecode($item);
    1038. 

  1038. 

  1039.             // check path	
    1040. 

  1040.             WFUtility::checkPath($item);
    1041. 

  1041. 

  1042.             $result = $filesystem->delete($item);
    1043. 

  1043. 

  1044.             if ($result instanceof WFFileSystemResult) {
    1045. 

  1045.                 if (!$result->state) {
    1046. 

  1046.                     if ($result->message) {
    1047. 

  1047.                         $this->setResult($result->message, 'error');
    1048. 

  1048.                     } else {
    1049. 

  1049.                         $this->setResult(JText::sprintf('WF_MANAGER_DELETE_' . strtoupper($result->type) . '_ERROR', basename($item)), 'error');
    1050. 

  1050.                     }
    1051. 

  1051.                 } else {
    1052. 

  1052.                     $this->setResult($this->fireEvent('on' . ucfirst($result->type) . 'Delete', array($item)));
    1053. 

  1053.                     $this->setResult($item, $result->type);
    1054. 

  1054.                 }
    1055. 

  1055.             }
    1056. 

  1056.         }
    1057. 

  1057. 

  1058.         return $this->getResult();
    1059. 

  1059.     }
    1060. 

  1060. 

  1061.     /**
    1062. 

  1062.      * Rename a file.
    1063. 

  1063.      * @param string $src The relative path of the source file
    1064. 

  1064.      * @param string $dest The name of the new file
    1065. 

  1065.      * @return string $error
    1066. 

  1066.      */
    1067. 

  1067.     public function renameItem() {
    1068. 

  1068.         // check for feature access	
    1069. 

  1069.         if (!$this->checkFeature('rename', 'folder') && !$this->checkFeature('rename', 'file')) {
    1070. 

  1070.             JError::raiseError(403, 'RESTRICTED ACCESS');
    1071. 

  1071.         }
    1072. 

  1072. 

  1073.         $args = func_get_args();
    1074. 

  1074. 

  1075.         $source = array_shift($args);
    1076. 

  1076.         $destination = array_shift($args);
    1077. 

  1077. 

  1078.         $source = rawurldecode($source);
    1079. 

  1079.         $destination = rawurldecode($destination);
    1080. 

  1080. 

  1081.         WFUtility::checkPath($source);
    1082. 

  1082.         WFUtility::checkPath($destination);
    1083. 

  1083. 

  1084.         // check for extension in destination name
    1085. 

  1085.         if (preg_match('#\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|html|shtml|sh|cgi)\b#i', $destination)) {
    1086. 

  1086.             JError::raiseError(403, 'INVALID FILE NAME');
    1087. 

  1087.         }
    1088. 

  1088. 

  1089.         $filesystem = $this->getFileSystem();
    1090. 

  1090.         $result = $filesystem->rename($source, WFUtility::makeSafe($destination, $this->get('websafe_mode')), $args);
    1091. 

  1091. 

  1092.         if ($result instanceof WFFileSystemResult) {
    1093. 

  1093.             if (!$result->state) {
    1094. 

  1094.                 $this->setResult(WFText::sprintf('WF_MANAGER_RENAME_' . strtoupper($result->type) . '_ERROR', basename($source)), 'error');
    1095. 

  1095.                 if ($result->message) {
    1096. 

  1096.                     $this->setResult($result->message, 'error');
    1097. 

  1097.                 }
    1098. 

  1098.             } else {
    1099. 

  1099.                 $this->setResult($this->fireEvent('on' . ucfirst($result->type) . 'Rename', array($destination)));
    1100. 

  1100.                 $this->setResult($destination, $result->type);
    1101. 

  1101.             }
    1102. 

  1102.         }
    1103. 

  1103. 

  1104.         return $this->getResult();
    1105. 

  1105.     }
    1106. 

  1106. 

  1107.     /**
    1108. 

  1108.      * Copy a file.
    1109. 

  1109.      * @param string $files The relative file or comma seperated list of files
    1110. 

  1110.      * @param string $dest The relative path of the destination dir
    1111. 

  1111.      * @return string $error on failure
    1112. 

  1112.      */
    1113. 

  1113.     public function copyItem($items, $destination) {
    1114. 

  1114.         // check for feature access	
    1115. 

  1115.         if (!$this->checkFeature('move', 'folder') && !$this->checkFeature('move', 'file')) {
    1116. 

  1116.             JError::raiseError(403, 'RESTRICTED ACCESS');
    1117. 

  1117.         }
    1118. 

  1118. 

  1119.         $filesystem = $this->getFileSystem();
    1120. 

  1120. 

  1121.         $items = explode(",", rawurldecode($items));
    1122. 

  1122. 

  1123.         // decode
    1124. 

  1124.         $destination = rawurldecode($destination);
    1125. 

  1125. 

  1126.         // check destination path
    1127. 

  1127.         WFUtility::checkPath($destination);
    1128. 

  1128. 

  1129.         foreach ($items as $item) {
    1130. 

  1130.             // decode
    1131. 

  1131.             $item = rawurldecode($item);
    1132. 

  1132. 

  1133.             // check source path
    1134. 

  1134.             WFUtility::checkPath($item);
    1135. 

  1135. 

  1136.             $result = $filesystem->copy($item, $destination);
    1137. 

  1137. 

  1138.             if ($result instanceof WFFileSystemResult) {
    1139. 

  1139.                 if (!$result->state) {
    1140. 

  1140.                     if ($result->message) {
    1141. 

  1141.                         $this->setResult($result->message, 'error');
    1142. 

  1142.                     } else {
    1143. 

  1143.                         $this->setResult(JText::sprintf('WF_MANAGER_COPY_' . strtoupper($result->type) . '_ERROR', basename($item)), 'error');
    1144. 

  1144.                     }
    1145. 

  1145.                 } else {
    1146. 

  1146.                     $this->setResult($this->fireEvent('on' . ucfirst($result->type) . 'Copy', array($item)));
    1147. 

  1147.                     $this->setResult($destination, $result->type);
    1148. 

  1148.                 }
    1149. 

  1149.             }
    1150. 

  1150.         }
    1151. 

  1151.         return $this->getResult();
    1152. 

  1152.     }
    1153. 

  1153. 

  1154.     /**
    1155. 

  1155.      * Copy a file.
    1156. 

  1156.      * @param string $files The relative file or comma seperated list of files
    1157. 

  1157.      * @param string $dest The relative path of the destination dir
    1158. 

  1158.      * @return string $error on failure
    1159. 

  1159.      */
    1160. 

  1160.     public function moveItem($items, $destination) {
    1161. 

  1161.         // check for feature access	
    1162. 

  1162.         if (!$this->checkFeature('move', 'folder') && !$this->checkFeature('move', 'file')) {
    1163. 

  1163.             JError::raiseError(403, 'RESTRICTED ACCESS');
    1164. 

  1164.         }
    1165. 

  1165. 

  1166.         $filesystem = $this->getFileSystem();
    1167. 

  1167. 

  1168.         $items = explode(",", rawurldecode($items));
    1169. 

  1169. 

  1170.         // decode
    1171. 

  1171.         $destination = rawurldecode($destination);
    1172. 

  1172. 

  1173.         // check destination path
    1174. 

  1174.         WFUtility::checkPath($destination);
    1175. 

  1175. 

  1176.         foreach ($items as $item) {
    1177. 

  1177.             // decode
    1178. 

  1178.             $item = rawurldecode($item);
    1179. 

  1179.             // check source path
    1180. 

  1180.             WFUtility::checkPath($item);
    1181. 

  1181. 

  1182.             $result = $filesystem->move($item, $destination);
    1183. 

  1183. 

  1184.             if ($result instanceof WFFileSystemResult) {
    1185. 

  1185.                 if (!$result->state) {
    1186. 

  1186.                     if ($result->message) {
    1187. 

  1187.                         $this->setResult($result->message, 'error');
    1188. 

  1188.                     } else {
    1189. 

  1189.                         $this->setResult(JText::sprintf('WF_MANAGER_MOVE_' . strtoupper($result->type) . '_ERROR', basename($item)), 'error');
    1190. 

  1190.                     }
    1191. 

  1191.                 } else {
    1192. 

  1192.                     $this->setResult($this->fireEvent('on' . ucfirst($result->type) . 'Move', array($item)));
    1193. 

  1193.                     $this->setResult($destination, $result->type);
    1194. 

  1194.                 }
    1195. 

  1195.             }
    1196. 

  1196.         }
    1197. 

  1197.         return $this->getResult();
    1198. 

  1198.     }
    1199. 

  1199. 

  1200.     /**
    1201. 

  1201.      * New folder
    1202. 

  1202.      * @param string $dir The base dir
    1203. 

  1203.      * @param string $new_dir The folder to be created
    1204. 

  1204.      * @return string $error on failure
    1205. 

  1205.      */
    1206. 

  1206.     public function folderNew() {
    1207. 

  1207.         if (!$this->checkFeature('create', 'folder')) {
    1208. 

  1208.             JError::raiseError(403, 'RESTRICTED ACCESS');
    1209. 

  1209.         }
    1210. 

  1210. 

  1211.         $args = func_get_args();
    1212. 

  1212. 

  1213.         $dir = array_shift($args);
    1214. 

  1214.         $new = array_shift($args);
    1215. 

  1215. 

  1216.         // decode
    1217. 

  1217.         $dir = rawurldecode($dir);
    1218. 

  1218.         $new = rawurldecode($new);
    1219. 

  1219. 

  1220.         $filesystem = $this->getFileSystem();
    1221. 

  1221. 

  1222.         $result = $filesystem->createFolder($dir, WFUtility::makeSafe($new, $this->get('websafe_mode')), $args);
    1223. 

  1223. 

  1224.         if ($result instanceof WFFileSystemResult) {
    1225. 

  1225.             if (!$result->state) {
    1226. 

  1226.                 if ($result->message) {
    1227. 

  1227.                     $this->setResult($result->message, 'error');
    1228. 

  1228.                 } else {
    1229. 

  1229.                     $this->setResult(JText::sprintf('WF_MANAGER_NEW_FOLDER_ERROR', basename($new)), 'error');
    1230. 

  1230.                 }
    1231. 

  1231.             } else {
    1232. 

  1232.                 $this->setResult($this->fireEvent('onFolderNew', array($new)));
    1233. 

  1233.             }
    1234. 

  1234.         }
    1235. 

  1235. 

  1236.         return $this->getResult();
    1237. 

  1237.     }
    1238. 

  1238. 

  1239.     private function getUploadValue() {
    1240. 

  1240.         $upload = trim(ini_get('upload_max_filesize'));
    1241. 

  1241.         $post = trim(ini_get('post_max_size'));
    1242. 

  1242. 

  1243.         $upload = WFUtility::convertSize($upload);
    1244. 

  1244.         $post = WFUtility::convertSize($post);
    1245. 

  1245. 

  1246.         if (intval($upload) <= intval($post)) {
    1247. 

  1247.             return $upload;
    1248. 

  1248.         }
    1249. 

  1249. 

  1250.         return $post;
    1251. 

  1251.     }
    1252. 

  1252. 

  1253.     private function getUploadDefaults() {
    1254. 

  1254.         $filesystem = $this->getFileSystem();
    1255. 

  1255.         $features = $filesystem->get('upload');
    1256. 

  1256.         $elements = isset($features['elements']) ? $features['elements'] : array();
    1257. 

  1257. 

  1258.         $upload_max = $this->getUploadValue();
    1259. 

  1259. 

  1260.         $upload = $this->get('upload');
    1261. 

  1261. 

  1262.         /* $chunk_size = '512KB'; //$upload_max ? $upload_max / 1024 . 'KB' : '1MB';
    1263. 

  1263.           $chunk_size = isset($upload['chunk_size']) ? $upload['chunk_size'] : $chunk_size;
    1264. 

    1265. 

  1265.           // chunking not yet supported in safe_mode, check base directory is writable and chunking supported by filesystem
    1266. 

  1266.           if (!$features['chunking']) {
    1267. 

  1267.           $chunk_size = 0;
    1268. 

  1268.           } */
    1269. 

  1269. 

  1270.         // get upload size
    1271. 

  1271.         $size = intval(preg_replace('/[^0-9]/', '', $upload['max_size'])) . 'kb';
    1272. 

  1272. 

  1273.         // must not exceed server maximum
    1274. 

  1274.         if ((int) $size * 1024 > (int) $upload_max) {
    1275. 

  1275.             $size = $upload_max / 1024 . 'kb';
    1276. 

  1276.         }
    1277. 

  1277. 

  1278.         $runtimes = array();
    1279. 

  1279. 

  1280.         if (is_string($upload['runtimes'])) {
    1281. 

  1281.             $runtimes = explode(',', $upload['runtimes']);
    1282. 

  1282.         } else {
    1283. 

  1283.             foreach ($upload['runtimes'] as $k => $v) {
    1284. 

  1284.                 $runtimes[] = $v;
    1285. 

  1285.             }
    1286. 

  1286.         }
    1287. 

  1287. 

  1288.         // add html4
    1289. 

  1289.         $runtimes[] = 'html4';
    1290. 

  1290. 

  1291.         // remove flash runtime if $chunk_size is 0 (no chunking)
    1292. 

  1292.         /* if (!$chunk_size) {
    1293. 

  1293.           unset($runtimes[array_search('flash', $runtimes)]);
    1294. 

  1294.           } */
    1295. 

  1295. 

  1296.         $defaults = array(
    1297. 

  1297.             'runtimes' => implode(',', $runtimes),
    1298. 

  1298.             'size' => $size,
    1299. 

  1299.             'filter' => $this->mapUploadFileTypes(true),
    1300. 

  1300.             'elements' => $elements
    1301. 

  1301.         );
    1302. 

  1302. 

  1303.         // only add chunk size if it has a value
    1304. 

  1304.         /* if ($chunk_size) {
    1305. 

  1305.           $defaults['chunk_size'] = $chunk_size;
    1306. 

  1306.           } */
    1307. 

  1307. 

  1308.         if (isset($features['dialog'])) {
    1309. 

  1309.             $defaults['dialog'] = $features['dialog'];
    1310. 

  1310.         }
    1311. 

  1311. 

  1312.         return $defaults;
    1313. 

  1313.     }
    1314. 

  1314. 

  1315.     public function getDimensions($file) {
    1316. 

  1316.         $filesystem = $this->getFileSystem();
    1317. 

  1317.         return $filesystem->getDimensions($file);
    1318. 

  1318.     }
    1319. 

  1319. 

  1320.     protected function getSettings($settings = array()) {
    1321. 

  1321.         $filesystem = $this->getFileSystem();
    1322. 

  1322. 

  1323.         $default = array(
    1324. 

  1324.             'dir' => $filesystem->getRootDir(),
    1325. 

  1325.             'actions' => $this->getActions(),
    1326. 

  1326.             'buttons' => $this->getButtons(),
    1327. 

  1327.             'upload' => $this->getUploadDefaults(),
    1328. 

  1328.             'tree' => $this->get('folder_tree'),
    1329. 

  1329.             'listlimit' => $this->get('list_limit'),
    1330. 

  1330.             'websafe_mode' => $this->get('websafe_mode')
    1331. 

  1331.         );
    1332. 

  1332. 

  1333.         $properties = array('base', 'delete', 'rename', 'folder_new', 'copy', 'move');
    1334. 

  1334. 

  1335.         foreach ($properties as $property) {
    1336. 

  1336.             if ($filesystem->get($property)) {
    1337. 

  1337.                 $default[$property] = $filesystem->get($property);
    1338. 

  1338.             }
    1339. 

  1339.         }
    1340. 

  1340. 

  1341.         $settings = array_merge_recursive($default, $settings);
    1342. 

  1342. 

  1343.         return $settings;
    1344. 

  1344.     }
    1345. 

  1345. 

  1346. }
    1347. 

  1347. 

  1348. ?>
    1349.