/sites/all/modules/ckeditor/ckfinder/core/connector/php/php5/CommandHandler/MoveFiles.php
PHP | 278 lines | 186 code | 31 blank | 61 comment | 54 complexity | 9fa50f905bb49c24e7b464cbd217e1fc MD5 | raw file
- <?php
- /*
- * CKFinder
- * ========
- * http://ckfinder.com
- * Copyright (C) 2007-2012, CKSource - Frederico Knabben. All rights reserved.
- *
- * The software, this file and its contents are subject to the CKFinder
- * License. Please read the license.txt file before using, installing, copying,
- * modifying or distribute this file or part of its contents. The contents of
- * this file is part of the Source Code of CKFinder.
- */
- if (!defined('IN_CKFINDER')) exit;
-
- /**
- * @package CKFinder
- * @subpackage CommandHandlers
- * @copyright CKSource - Frederico Knabben
- */
-
- /**
- * Include base XML command handler
- */
- require_once CKFINDER_CONNECTOR_LIB_DIR . "/CommandHandler/XmlCommandHandlerBase.php";
-
- /**
- * Handle MoveFiles command
- *
- * @package CKFinder
- * @subpackage CommandHandlers
- * @copyright CKSource - Frederico Knabben
- */
- class CKFinder_Connector_CommandHandler_MoveFiles extends CKFinder_Connector_CommandHandler_XmlCommandHandlerBase
- {
- /**
- * Command name
- *
- * @access private
- * @var string
- */
- private $command = "MoveFiles";
-
-
- /**
- * handle request and build XML
- * @access protected
- *
- */
- protected function buildXml()
- {
- if (empty($_POST['CKFinderCommand']) || $_POST['CKFinderCommand'] != 'true') {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
- }
-
- $clientPath = $this->_currentFolder->getClientPath();
- $sServerDir = $this->_currentFolder->getServerPath();
- $currentResourceTypeConfig = $this->_currentFolder->getResourceTypeConfig();
- $_config =& CKFinder_Connector_Core_Factory::getInstance("Core_Config");
- $_aclConfig = $_config->getAccessControlConfig();
- $_thumbnailsConfig = $_config->getThumbnailsConfig();
- $aclMasks = array();
- $_resourceTypeConfig = array();
-
- if (!$this->_currentFolder->checkAcl(CKFINDER_CONNECTOR_ACL_FILE_RENAME | CKFINDER_CONNECTOR_ACL_FILE_UPLOAD | CKFINDER_CONNECTOR_ACL_FILE_DELETE)) {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
- }
-
- // Create the "Errors" node.
- $oErrorsNode = new CKFinder_Connector_Utils_XmlNode("Errors");
- $errorCode = CKFINDER_CONNECTOR_ERROR_NONE;
- $moved = 0;
- $movedAll = 0;
- if (!empty($_POST['moved'])) {
- $movedAll = intval($_POST['moved']);
- }
- $checkedPaths = array();
-
- $oMoveFilesNode = new Ckfinder_Connector_Utils_XmlNode("MoveFiles");
-
- if (!empty($_POST['files']) && is_array($_POST['files'])) {
- foreach ($_POST['files'] as $index => $arr) {
- if (empty($arr['name'])) {
- continue;
- }
- if (!isset($arr['name'], $arr['type'], $arr['folder'])) {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
- }
-
- // file name
- $name = CKFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($arr['name']);
- // resource type
- $type = $arr['type'];
- // client path
- $path = CKFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($arr['folder']);
- // options
- $options = (!empty($arr['options'])) ? $arr['options'] : '';
-
- $destinationFilePath = $sServerDir.$name;
-
- // check #1 (path)
- if (!CKFinder_Connector_Utils_FileSystem::checkFileName($name) || preg_match(CKFINDER_REGEX_INVALID_PATH, $path)) {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
- }
-
- // get resource type config for current file
- if (!isset($_resourceTypeConfig[$type])) {
- $_resourceTypeConfig[$type] = $_config->getResourceTypeConfig($type);
- }
-
- // check #2 (resource type)
- if (is_null($_resourceTypeConfig[$type])) {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
- }
-
- // check #3 (extension)
- if (!$_resourceTypeConfig[$type]->checkExtension($name, false)) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_INVALID_EXTENSION;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
-
- // check #4 (extension) - when moving to another resource type, double check extension
- if ($currentResourceTypeConfig->getName() != $type) {
- if (!$currentResourceTypeConfig->checkExtension($name, false)) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_INVALID_EXTENSION;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
- }
-
- // check #5 (hidden folders)
- // cache results
- if (empty($checkedPaths[$path])) {
- $checkedPaths[$path] = true;
-
- if ($_resourceTypeConfig[$type]->checkIsHiddenPath($path)) {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
- }
- }
-
- $sourceFilePath = $_resourceTypeConfig[$type]->getDirectory().$path.$name;
-
- // check #6 (hidden file name)
- if ($currentResourceTypeConfig->checkIsHiddenFile($name)) {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
- }
-
- // check #7 (Access Control, need file view permission to source files)
- if (!isset($aclMasks[$type."@".$path])) {
- $aclMasks[$type."@".$path] = $_aclConfig->getComputedMask($type, $path);
- }
-
- $isAuthorized = (($aclMasks[$type."@".$path] & CKFINDER_CONNECTOR_ACL_FILE_VIEW) == CKFINDER_CONNECTOR_ACL_FILE_VIEW);
- if (!$isAuthorized) {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
- }
-
- // check #8 (invalid file name)
- if (!file_exists($sourceFilePath) || !is_file($sourceFilePath)) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
-
- // check #9 (max size)
- if ($currentResourceTypeConfig->getName() != $type) {
- $maxSize = $currentResourceTypeConfig->getMaxSize();
- $fileSize = filesize($sourceFilePath);
- if ($maxSize && $fileSize>$maxSize) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
- }
-
- $_thumbsServerPath = CKFinder_Connector_Utils_FileSystem::combinePaths($_thumbnailsConfig->getDirectory(), $_config->getResourceTypeConfig($type)->getName());
- $thumbPath = CKFinder_Connector_Utils_FileSystem::combinePaths($_thumbsServerPath, $path.$name);
-
- //$overwrite
- // finally, no errors so far, we may attempt to copy a file
- // protection against copying files to itself
- if ($sourceFilePath == $destinationFilePath) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_SOURCE_AND_TARGET_PATH_EQUAL;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
- // check if file exists if we don't force overwriting
- else if (file_exists($destinationFilePath)) {
- if (strpos($options, "overwrite") !== false) {
- if (!@unlink($destinationFilePath)) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
- else {
- if (!@rename($sourceFilePath, $destinationFilePath)) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
- else {
- CKFinder_Connector_Utils_FileSystem::unlink($thumbPath);
- $moved++;
- }
- }
- }
- else if (strpos($options, "autorename") !== false) {
- $iCounter = 1;
- while (true)
- {
- $fileName = CKFinder_Connector_Utils_FileSystem::getFileNameWithoutExtension($name) .
- "(" . $iCounter . ")" . "." .
- CKFinder_Connector_Utils_FileSystem::getExtension($name);
-
- $destinationFilePath = $sServerDir.$fileName;
- if (!file_exists($destinationFilePath)) {
- break;
- }
- else {
- $iCounter++;
- }
- }
- if (!@rename($sourceFilePath, $destinationFilePath)) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
- else {
- CKFinder_Connector_Utils_FileSystem::unlink($thumbPath);
- $moved++;
- }
- }
- else {
- $errorCode = CKFINDER_CONNECTOR_ERROR_ALREADY_EXIST;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
- }
- else {
- if (!@rename($sourceFilePath, $destinationFilePath)) {
- $errorCode = CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
- $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
- continue;
- }
- else {
- CKFinder_Connector_Utils_FileSystem::unlink($thumbPath);
- $moved++;
- }
- }
- }
- }
-
- $this->_connectorNode->addChild($oMoveFilesNode);
- if ($errorCode != CKFINDER_CONNECTOR_ERROR_NONE) {
- $this->_connectorNode->addChild($oErrorsNode);
- }
- $oMoveFilesNode->addAttribute("moved", $moved);
- $oMoveFilesNode->addAttribute("movedTotal", $movedAll + $moved);
-
- /**
- * Note: actually we could have more than one error.
- * This is just a flag for CKFinder interface telling it to check all errors.
- */
- if ($errorCode != CKFINDER_CONNECTOR_ERROR_NONE) {
- $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_MOVE_FAILED);
- }
- }
-
- private function appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path)
- {
- $oErrorNode = new CKFinder_Connector_Utils_XmlNode("Error");
- $oErrorNode->addAttribute("code", $errorCode);
- $oErrorNode->addAttribute("name", CKFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($name));
- $oErrorNode->addAttribute("type", $type);
- $oErrorNode->addAttribute("folder", $path);
- $oErrorsNode->addChild($oErrorNode);
- }
- }