PageRenderTime 418ms CodeModel.GetById 32ms RepoModel.GetById 1ms app.codeStats 0ms

/manager/actions/files.dynamic.php

https://github.com/good-web-master/modx.evo.custom
PHP | 612 lines | 518 code | 63 blank | 31 comment | 88 complexity | 0290e794d953e7091923faf7a76d39d9 MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-1.0, GPL-2.0, MIT, BSD-3-Clause 
    

  1. <?php

    2. 

  2. if(IN_MANAGER_MODE!="true") die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the MODx Content Manager instead of accessing this file directly.");

    3. 

  3. if(!$modx->hasPermission('file_manager')) {

    4. 

  4.     $e->setError(3);

    5. 

  5.     $e->dumpError();

    6. 

  6. }

    7. 

  7. 

    8. 

  8. if ($manager_theme)

    9. 

  9.         $manager_theme .= '/';

    10. 

  10. else    $manager_theme  = '';

    11. 

  11. 

    12. 

  12. // settings

    13. 

  13. $excludes = array('.', '..', 'cgi-bin', 'manager', '.svn');

    14. 

  14. $editablefiles = array('.txt', '.php', '.shtml', '.html', '.htm', '.xml', '.js', '.css', '.pageCache', $friendly_url_suffix);

    15. 

  15. $inlineviewablefiles = array('.txt', '.php', '.html', '.htm', '.xml', '.js', '.css', '.pageCache', $friendly_url_suffix);

    16. 

  16. $viewablefiles = array('.jpg', '.gif', '.png', '.ico');

    17. 

  17. // Mod added by Raymond

    18. 

  18. $enablefileunzip = true;

    19. 

  19. $enablefiledownload = true;

    20. 

  20. $new_file_permissions = octdec($new_file_permissions);

    21. 

  21. $newfolderaccessmode = $new_folder_permissions ? octdec($new_folder_permissions) : 0777;

    22. 

  22. // End Mod -  by Raymond

    23. 

  23. // make arrays from the file upload settings

    24. 

  24. $upload_files = explode(',',$upload_files);

    25. 

  25. $upload_images = explode(',',$upload_images);

    26. 

  26. $upload_media = explode(',',$upload_media);

    27. 

  27. $upload_flash = explode(',',$upload_flash);

    28. 

  28. // now merge them

    29. 

  29. $uploadablefiles = array_merge($upload_files,$upload_images,$upload_media,$upload_flash);

    30. 

  30. $count = count($uploadablefiles);

    31. 

  31. for($i=0; $i<$count; $i++) {

    32. 

  32.     $uploadablefiles[$i] = ".".$uploadablefiles[$i]; // add a dot :)

    33. 

  33. }

    34. 

  34. // end settings

    35. 

  35. 

    36. 

  36. function ufilesize($size) {

    37. 

  37.     $a = array('B', 'KB', 'MB', 'GB', 'TB', 'PB');

    38. 

  38.     $pos = 0;

    39. 

  39.     while ($size >= 1024) {

    40. 

  40.            $size /= 1024;

    41. 

  41.            $pos++;

    42. 

  42.     }

    43. 

  43.     return round($size,2)." ".$a[$pos];

    44. 

  44. }

    45. 

  45. 

    46. 

  46. function removeLastPath($string) {

    47. 

  47.    $pos = false;

    48. 

  48.    $search = "/";

    49. 

  49.    if (is_int(strpos($string, $search))) {

    50. 

  50.        $endPos = strlen($string);

    51. 

  51.        while ($endPos > 0) {

    52. 

  52.            $endPos = $endPos - 1;

    53. 

  53.            $pos = strpos($string, $search, $endPos);

    54. 

  54.            if (is_int($pos)) {

    55. 

  55.                break;

    56. 

  56.            }

    57. 

  57.        }

    58. 

  58.    }

    59. 

  59.    if (is_int($pos)) {

    60. 

  60.        $len = strlen($search);

    61. 

  61.        return substr($string, 0, $pos);

    62. 

  62.    }

    63. 

  63.     return $string;

    64. 

  64. }

    65. 

  65. 

    66. 

  66. function getExtension($string) {

    67. 

  67.    $pos = false;

    68. 

  68.    $search = ".";

    69. 

  69.    if (is_int(strpos($string, $search))) {

    70. 

  70.        $endPos = strlen($string);

    71. 

  71.        while ($endPos > 0) {

    72. 

  72.            $endPos = $endPos - 1;

    73. 

  73.            $pos = strpos($string, $search, $endPos);

    74. 

  74.            if (is_int($pos)) {

    75. 

  75.                break;

    76. 

  76.            }

    77. 

  77.        }

    78. 

  78.    }

    79. 

  79.    if (is_int($pos)) {

    80. 

  80.        $len = strlen($search);

    81. 

  81.        return substr($string, $pos);

    82. 

  82.    }

    83. 

  83.     return $string;

    84. 

  84. }

    85. 

  85. 

    86. 

  86. function fsize($file) {

    87. 

  87.        $a = array('B', 'KB', 'MB', 'GB', 'TB', 'PB');

    88. 

  88.        $pos = 0;

    89. 

  89.        $size = filesize($file);

    90. 

  90.        while ($size >= 1024) {

    91. 

  91.                $size /= 1024;

    92. 

  92.                $pos++;

    93. 

  93.        }

    94. 

  94.        return round($size,2)." ".$a[$pos];

    95. 

  95. }

    96. 

  96. 

    97. 

  97. function mkdirs($strPath, $mode){ // recursive mkdir function

    98. 

  98.     if (is_dir($strPath)) return true;

    99. 

  99.     $pStrPath = dirname($strPath);

    100. 

  100.     if (!mkdirs($pStrPath, $mode)) return false;

    101. 

  101.     return @mkdir($strPath);

    102. 

  102. }

    103. 

  103. 

    104. 

  104. function logFileChange($type, $filename) {

    105. 

  105.     //global $_lang;

    106. 

  106. 

    107. 

  107.     include_once('log.class.inc.php');

    108. 

  108.     $log = new logHandler();

    109. 

  109. 

    110. 

  110.     switch ($type) {

    111. 

  111.     case 'upload':		$string = 'Uploaded File'; break;

    112. 

  112.     case 'delete':		$string = 'Deleted File'; break;

    113. 

  113.     case 'modify':		$string = 'Modified File'; break;

    114. 

  114.     default:		$string = 'Viewing File'; break;

    115. 

  115.     }

    116. 

  116. 

    117. 

  117.     $string = sprintf($string, $filename);

    118. 

  118.     $log->initAndWriteLog($string, '', '', '', $type, $filename);

    119. 

  119. 

    120. 

  120.     // HACK: change the global action to prevent double logging

    121. 

  121.     // @see manager/index.php @ 915

    122. 

  122.     global $action; $action = 1;

    123. 

  123. }

    124. 

  124. 

    125. 

  125. // get the current work directory

    126. 

  126. if(isset($_REQUEST['path']) && !empty($_REQUEST['path'])) {

    127. 

  127.         $_REQUEST['path'] = str_replace('..','',$_REQUEST['path']);

    128. 

  128.     $startpath = is_dir($_REQUEST['path']) ? $_REQUEST['path'] : removeLastPath($_REQUEST['path']) ;

    129. 

  129. } else {

    130. 

  130.     $startpath = $filemanager_path;

    131. 

  131. }

    132. 

  132. 

    133. 

  133. $len = strlen($filemanager_path);

    134. 

  134. 

    135. 

  135. // Raymond: get web start path for showing pictures

    136. 

  136. $rf = realpath($filemanager_path);

    137. 

  137. $rw = realpath('../');

    138. 

  138. $webstart_path = str_replace('\\','/',str_replace($rw,'',$rf));

    139. 

  139. if(substr($webstart_path,0,1)=='/') $webstart_path = '..'.$webstart_path;

    140. 

  140. else $webstart_path = '../'.$webstart_path;

    141. 

  141. 

    142. 

  142. ?>

    143. 

  143. 

    144. 

  144. <h1><?php echo $_lang['files_files']?></h1>

    145. 

  145. 

    146. 

  146. <div class="sectionBody">

    147. 

  147. <script type="text/javascript" src="media/script/multifile.js"></script>

    148. 

  148. <script type="text/javascript">

    149. 

  149. var current_path = '<?php echo $startpath;?>';

    150. 

  150. 

    151. 

  151. function viewfile(url) {

    152. 

  152.     document.getElementById('imageviewer').style.border="1px solid #000080";

    153. 

  153.     document.getElementById('imageviewer').src=url;

    154. 

  154. }

    155. 

  155. 

    156. 

  156. function setColor(o,state){

    157. 

  157.     if (!o) return;

    158. 

  158.     if(state && o.style) o.style.backgroundColor='#eeeeee';

    159. 

  159.     else if (o.style) o.style.backgroundColor='transparent';

    160. 

  160. }

    161. 

  161. 

    162. 

  162. function confirmDelete() {

    163. 

  163.     return confirm("<?php echo $_lang['confirm_delete_file'] ?>");

    164. 

  164. }

    165. 

  165. 

    166. 

  166. function confirmDeleteFolder() {

    167. 

  167.     return confirm("<?php echo str_replace('file','folder',$_lang['confirm_delete_file']) ?>");

    168. 

  168. }

    169. 

  169. 

    170. 

  170. function confirmUnzip() {

    171. 

  171.     return confirm("<?php echo $_lang['confirm_unzip_file'] ?>");

    172. 

  172. }

    173. 

  173. 

    174. 

  174. function getFolderName(a){

    175. 

  175.     var f;

    176. 

  176.     f=window.prompt('Enter New Folder Name:','')

    177. 

  177.     if (f) a.href+=escape(f);

    178. 

  178.     return (f) ? true:false;

    179. 

  179. }

    180. 

  180. 

    181. 

  181. function deleteFolder (folder) {

    182. 

  182.     if (confirmDeleteFolder())

    183. 

  183.         window.location.href="index.php?a=31&mode=deletefolder&path="+current_path+"&folderpath="+current_path+'/'+folder;

    184. 

  184.     return false;

    185. 

  185. }

    186. 

  186. 

    187. 

  187. function deleteFile(file) {

    188. 

  188.     if (confirmDelete())

    189. 

  189.         window.location.href="index.php?a=31&mode=delete&path="+current_path+'/'+file;

    190. 

  190.     return false;

    191. 

  191. }

    192. 

  192. </script>

    193. 

  193. <?php

    194. 

  194. if(!empty($_FILES['userfile'])) {

    195. 

  195. 

    196. 

  196.     for ($i = 0; $i <= count($_FILES['userfile']['tmp_name']); $i++) {

    197. 

  197.         if(!empty($_FILES['userfile']['tmp_name'][$i])) {

    198. 

  198.             $userfiles[$i]['tmp_name'] = $_FILES['userfile']['tmp_name'][$i];

    199. 

  199.             $userfiles[$i]['error'] = $_FILES['userfile']['error'][$i];

    200. 

  200.             $name = $_FILES['userfile']['name'][$i];

    201. 

  201.             if($modx->config['clean_uploaded_filename']) {

    202. 

  202.                 $nameparts = explode('.', $name);

    203. 

  203.                 $nameparts = array_map(array($modx, 'stripAlias'), $nameparts);

    204. 

  204.                 $name = implode('.', $nameparts);

    205. 

  205.             }

    206. 

  206.             $userfiles[$i]['name'] = $name;

    207. 

  207.             $userfiles[$i]['type'] = $_FILES['userfile']['type'][$i];

    208. 

  208.         }

    209. 

  209.     }

    210. 

  210. 

    211. 

  211.     foreach((array)$userfiles as $userfile) {

    212. 

  212. 

    213. 

  213.         // this seems to be an upload action.

    214. 

  214.         printf("<p>".$_lang['files_uploading']."</p>", $userfile['name'], substr($startpath, $len, strlen($startpath)));

    215. 

  215.         echo $userfile['error']==0 ? "<p>".$_lang['files_file_type'].$userfile['type'].", ".fsize($userfile['tmp_name']).'</p>' : '';

    216. 

  216. 

    217. 

  217.         $userfilename = $userfile['tmp_name'];

    218. 

  218. 

    219. 

  219.         if (is_uploaded_file($userfilename)) {

    220. 

  220.             // file is uploaded file, process it!

    221. 

  221.             if(!in_array(getExtension($userfile['name']), $uploadablefiles)) {

    222. 

  222.                 echo '<p><span class="warning">'.$_lang['files_filetype_notok'].'</span></p>';

    223. 

  223.             } else {

    224. 

  224.                 if(@move_uploaded_file($userfile['tmp_name'], $_POST['path'].'/'.$userfile['name'])) {

    225. 

  225.                     // Ryan: Repair broken permissions issue with file manager

    226. 

  226.                     if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN')

    227. 

  227.                         @chmod($_POST['path']."/".$userfile['name'], $new_file_permissions);

    228. 

  228.                     // Ryan: End

    229. 

  229.                     echo '<p><span class="success">'.$_lang['files_upload_ok'].'</span></p>';

    230. 

  230. 

    231. 

  231.                     // invoke OnFileManagerUpload event

    232. 

  232.                     $modx->invokeEvent('OnFileManagerUpload',

    233. 

  233.                         array(

    234. 

  234.                             'filepath'	=> $_POST['path'],

    235. 

  235.                             'filename'	=> $userfile['name']

    236. 

  236.                     ));

    237. 

  237.                     // Log the change

    238. 

  238.                     logFileChange('upload', $_POST['path'].'/'.$userfile['name']);

    239. 

  239.                 } else {

    240. 

  240.                     echo '<p><span class="warning">'.$_lang['files_upload_copyfailed'].'</span> '.$_lang["files_upload_permissions_error"].'</p>';

    241. 

  241.                 }

    242. 

  242.             }

    243. 

  243.         } else {

    244. 

  244.             echo '<br /><span class="warning"><b>'.$_lang['files_upload_error'].':</b>';

    245. 

  245.             switch($userfile['error']){

    246. 

  246.                 case 0: //no error; possible file attack!

    247. 

  247.                     echo $_lang['files_upload_error0'];

    248. 

  248.                     break;

    249. 

  249.                 case 1: //uploaded file exceeds the upload_max_filesize directive in php.ini

    250. 

  250.                     echo $_lang['files_upload_error1'];

    251. 

  251.                     break;

    252. 

  252.                 case 2: //uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the html form

    253. 

  253.                     echo $_lang['files_upload_error2'];

    254. 

  254.                     break;

    255. 

  255.                 case 3: //uploaded file was only partially uploaded

    256. 

  256.                     echo $_lang['files_upload_error3'];

    257. 

  257.                     break;

    258. 

  258.                 case 4: //no file was uploaded

    259. 

  259.                     echo $_lang['files_upload_error4'];

    260. 

  260.                     break;

    261. 

  261.                 default: //a default error, just in case!  :)

    262. 

  262.                     echo $_lang['files_upload_error5'];

    263. 

  263.                     break;

    264. 

  264.             }

    265. 

  265.             echo '</span><br />';

    266. 

  266.         }

    267. 

  267.         echo '<hr/>';

    268. 

  268.     }

    269. 

  269. }

    270. 

  270. 

    271. 

  271. if($_POST['mode']=='save') {

    272. 

  272.     echo $_lang['editing_file'];

    273. 

  273.     $filename = $_POST['path'];

    274. 

  274.     $content = $_POST['content'];

    275. 

  275.     if (!$handle = fopen($filename, 'w')) {

    276. 

  276.          echo 'Cannot open file (',$filename,')';

    277. 

  277.          exit;

    278. 

  278.     }

    279. 

  279. 

    280. 

  280.     // Write $content to our opened file.

    281. 

  281.     if (fwrite($handle, $content) === FALSE) {

    282. 

  282.         echo '<span class="warning"><b>'.$_lang['file_not_saved'].'</b></span><br /><br />';

    283. 

  283.     } else {

    284. 

  284.         echo '<span class="success"><b>'.$_lang['file_saved'].'</b></span><br /><br />';

    285. 

  285.         $_REQUEST['mode'] = 'edit';

    286. 

  286.     }

    287. 

  287.     fclose($handle);

    288. 

  288. 

    289. 

  289.     // Log the change

    290. 

  290.     logFileChange('modify', $filename);

    291. 

  291. }

    292. 

  292. 

    293. 

  293. 

    294. 

  294. if($_REQUEST['mode']=='delete') {

    295. 

  295.     printf($_lang['deleting_file'], str_replace('\\', '/', $_REQUEST['path']));

    296. 

  296.     $file = $_REQUEST['path'];

    297. 

  297.     if (!@unlink($file)) {

    298. 

  298.        echo '<span class="warning"><b>'.$_lang['file_not_deleted'].'</b></span><br /><br />';

    299. 

  299.     } else {

    300. 

  300.        echo '<span class="success"><b>'.$_lang['file_deleted'].'</b></span><br /><br />';

    301. 

  301.     }

    302. 

  302. 

    303. 

  303.     // Log the change

    304. 

  304.     logFileChange('delete', $file);

    305. 

  305. }

    306. 

  306. 

    307. 

  307. 

    308. 

  308. echo $_lang['files_dir_listing']?><b><?php echo substr($startpath, $len, strlen($startpath))=='' ? '/' : substr($startpath, $len, strlen($startpath))?></b><br /><br />

    309. 

  309. <?php

    310. 

  310. // check to see user isn't trying to move below the document_root

    311. 

  311. if(substr(strtolower(str_replace('//','/',$startpath."/")), 0, $len)!=strtolower(str_replace('//','/',$filemanager_path.'/'))) {

    312. 

  312.     echo $_lang['files_access_denied']?>

    313. 

  313. </div>

    314. 

  314. 

    315. 

  315. <?php

    316. 

  316.     exit;

    317. 

  317. }

    318. 

  318. 

    319. 

  319. // Unzip .zip files - by Raymond

    320. 

  320. if ($enablefileunzip && $_REQUEST['mode']=='unzip' && is_writable($startpath)){

    321. 

  321.     // by patrick_allaert - php user notes

    322. 

  322.     function unzip($file, $path) {

    323. 

  323.         global $newfolderaccessmode;

    324. 

  324.         // added by Raymond

    325. 

  325.         $r = substr($path,strlen($path)-1,1);

    326. 

  326.         if ($r!='\\'||$r!='/') $path .='/';

    327. 

  327.         if (!extension_loaded('zip')) {

    328. 

  328.             return 0;

    329. 

  329.         }

    330. 

  330.         // end mod

    331. 

  331.         $zip = zip_open($file);

    332. 

  332.         if ($zip) {

    333. 

  333.             $old_umask = umask(0);

    334. 

  334.             while ($zip_entry = zip_read($zip)) {

    335. 

  335.                 if (zip_entry_filesize($zip_entry) > 0) {

    336. 

  336.                     // str_replace must be used under windows to convert "/" into "\"

    337. 

  337.                     $complete_path = $path.str_replace('/','\\',dirname(zip_entry_name($zip_entry)));

    338. 

  338.                     $complete_name = $path.str_replace ('/','\\',zip_entry_name($zip_entry));

    339. 

  339.                     if(!file_exists($complete_path)) {

    340. 

  340.                         $tmp = '';

    341. 

  341.                         foreach(explode('\\',$complete_path) AS $k) {

    342. 

  342.                             $tmp .= $k.'\\';

    343. 

  343.                             if(!file_exists($tmp)) {

    344. 

  344.                                 @mkdir($tmp, $newfolderaccessmode);

    345. 

  345.                             }

    346. 

  346.                         }

    347. 

  347.                     }

    348. 

  348.                     if (zip_entry_open($zip, $zip_entry, 'r')) {

    349. 

  349.                         $fd = fopen($complete_name, 'w');

    350. 

  350.                         fwrite($fd, zip_entry_read($zip_entry, zip_entry_filesize($zip_entry)));

    351. 

  351.                         fclose($fd);

    352. 

  352.                         zip_entry_close($zip_entry);

    353. 

  353.                     }

    354. 

  354.                 }

    355. 

  355.             }

    356. 

  356.             umask($old_umask);

    357. 

  357.             zip_close($zip);

    358. 

  358.             return true;

    359. 

  359.         }

    360. 

  360.         zip_close($zip);

    361. 

  361.     }

    362. 

  362.     if(!$err=@unzip(realpath("$startpath/".$_REQUEST['file']),realpath($startpath))) {

    363. 

  363.         echo '<span class="warning"><b>'.$_lang['file_unzip_fail'].($err===0? 'Missing zip library (php_zip.dll / zip.so)':'').'</b></span><br /><br />';

    364. 

  364.     } else {

    365. 

  365.         echo '<span class="success"><b>'.$_lang['file_unzip'].'</b></span><br /><br />';

    366. 

  366.     }

    367. 

  367. }

    368. 

  368. // End Unzip - Raymond

    369. 

  369. 

    370. 

  370. 

    371. 

  371. // New Folder & Delete Folder option - Raymond

    372. 

  372. if (is_writable($startpath)){

    373. 

  373.     // Delete Folder

    374. 

  374.     if($_REQUEST['mode']=='deletefolder') {

    375. 

  375.         $folder = $_REQUEST['folderpath'];

    376. 

  376.         if(!@rmdir($folder)) {

    377. 

  377.             echo '<span class="warning"><b>'.$_lang['file_folder_not_deleted'].'</b></span><br /><br />';

    378. 

  378.         } else {

    379. 

  379.             echo '<span class="success"><b>'.$_lang['file_folder_deleted'].'</b></span><br /><br />';

    380. 

  380.         }

    381. 

  381.     }

    382. 

  382. 

    383. 

  383. 

    384. 

  384. // Create folder here

    385. 

  385. if($_REQUEST['mode']=='newfolder') {

    386. 

  386.     $old_umask = umask(0);

    387. 

  387.     $foldername = str_replace('..\\','',str_replace('../','',$_REQUEST['name']));

    388. 

  388.     if(!mkdirs($startpath."/$foldername",$newfolderaccessmode)) {

    389. 

  389.         echo '<span class="warning"><b>',$_lang['file_folder_not_created'],'</b></span><br /><br />';

    390. 

  390.     } else {

    391. 

  391.         if (!@chmod($startpath.'/'.$foldername,$newfolderaccessmode)) {

    392. 

  392.             echo '<span class="warning"><b>'.$_lang['file_folder_chmod_error'].'</b></span><br /><br />';

    393. 

  393.         } else {

    394. 

  394.             echo '<span class="success"><b>'.$_lang['file_folder_created'].'</b></span><br /><br />';

    395. 

  395.         }

    396. 

  396.     }

    397. 

  397.     umask($old_umask);

    398. 

  398. }

    399. 

  399.     echo '<img src="media/style/'.$manager_theme.'images/tree/folder.gif" border="0" align="absmiddle" alt="" /> <a href="index.php?a=31&mode=newfolder&path='.urlencode($startpath).'&name=" onclick="return getFolderName(this);"><b>'.$_lang['add_folder'].'</b></a><br />';

    400. 

  400. }

    401. 

  401. // End New Folder - Raymond

    402. 

  402. 

    403. 

  403. $uponelevel = removeLastPath($startpath);

    404. 

  404. 

    405. 

  405. // To Top Level with folder icon to the left

    406. 

  406. if($startpath==$filemanager_path || $startpath.'/' == $filemanager_path) {

    407. 

  407.     echo '<img src="media/style/',$manager_theme,'images/tree/deletedfolder.gif" border="0" align="absmiddle" alt="" /><span style="color:#bbb;cursor:default;"> <b>',$_lang['files_top_level'],'</b></span><br />';

    408. 

  408. } else {

    409. 

  409.     echo '<img src="media/style/',$manager_theme,'images/tree/folder.gif" border="0" align="absmiddle" alt="" /> <a href="index.php?a=31&mode=drill&path=',$filemanager_path,'"><b>',$_lang['files_top_level'],'</b></a><br />';

    410. 

  410. }

    411. 

  411. // Up One level with folder icon to the left

    412. 

  412. if($startpath == $filemanager_path || $startpath.'/' == $filemanager_path) {

    413. 

  413.     echo '<img src="media/style/',$manager_theme,'images/tree/deletedfolder.gif" border="0" align="absmiddle" alt="" /><span style="color:#bbb;cursor:default;"> <b>'.$_lang['files_up_level'].'</b></span><br />';

    414. 

  414. } else {

    415. 

  415.     echo '<a href="index.php?a=31&mode=drill&path=',urlencode($uponelevel),'"><img src="media/style/',$manager_theme,'images/tree/folder.gif" border="0" align="absmiddle" alt="" /> <b>',$_lang['files_up_level'],'</b></a><br />';

    416. 

  416. }

    417. 

  417. echo '<br />';

    418. 

  418. 

    419. 

  419. 

    420. 

  420. $filesize = 0;

    421. 

  421. $files = 0;

    422. 

  422. $folders = 0;

    423. 

  423. $dirs_array = array();

    424. 

  424. $files_array = array();

    425. 

  425. if(strlen(MODX_BASE_PATH) < strlen($filemanager_path)) $len--;

    426. 

  426. 

    427. 

  427. function ls($curpath) {

    428. 

  428.     global $_lang;

    429. 

  429.     global $excludes, $editablefiles, $inlineviewablefiles, $viewablefiles, $enablefileunzip, $enablefiledownload, $uploadablefiles, $folders, $files, $filesizes, $len, $dirs_array, $files_array, $webstart_path, $manager_theme, $modx;

    430. 

  430.     $dircounter = 0;

    431. 

  431.     $filecounter = 0;

    432. 

  432.     $curpath = str_replace('//','/',$curpath.'/');

    433. 

  433. 

    434. 

  434.     if (!is_dir($curpath)) {

    435. 

  435.         echo 'Invalid path "',$curpath,'"<br />';

    436. 

  436.         return;

    437. 

  437.     }

    438. 

  438.     $dir = dir($curpath);

    439. 

  439. 

    440. 

  440.     // first, get info

    441. 

  441.     while ($file = $dir->read()) {

    442. 

  442.         if(!in_array($file, $excludes)) {

    443. 

  443.             $newpath = $curpath.$file;

    444. 

  444.             if(is_dir($newpath)) {

    445. 

  445.                 $dirs_array[$dircounter]['dir'] = $newpath;

    446. 

  446.                 $dirs_array[$dircounter]['stats'] = lstat($newpath);

    447. 

  447.                 $dirs_array[$dircounter]['text'] = '<img src="media/style/'.$manager_theme.'images/tree/folder.gif" border="0" align="absmiddle" alt="" /> <a href="index.php?a=31&mode=drill&path='.urlencode($newpath).'"><b>'.$file.'</b></a>';

    448. 

  448.                 $dirs_array[$dircounter]['delete'] = is_writable($curpath) ? '<span style="width:20px"><a href="javascript: deleteFolder(\''.urlencode($file).'\');"><img src="media/style/'.$manager_theme.'images/icons/delete.gif" alt="'.$_lang['file_delete_folder'].'" title="'.$_lang['file_delete_folder'].'" /></a></span>' : '';

    449. 

  449. 

    450. 

  450.                 // increment the counter

    451. 

  451.                 $dircounter++;

    452. 

  452.             }  else {

    453. 

  453.                 $type=getExtension($newpath);

    454. 

  454.                 $files_array[$filecounter]['file'] = $newpath;

    455. 

  455.                 $files_array[$filecounter]['stats'] = lstat($newpath);

    456. 

  456.                 $files_array[$filecounter]['text'] = '<img src="media/style/'.$manager_theme.'images/tree/page-html.gif" border="0" align="absmiddle" alt="" />'.$file;

    457. 

  457.                 $files_array[$filecounter]['view'] = (in_array($type, $viewablefiles)) ?

    458. 

  458.                 '<span style="cursor:pointer; width:20px;" onclick="viewfile(\''.$webstart_path.substr($newpath, $len, strlen($newpath)).'\');"><img src="media/style/'.$manager_theme.'images/icons/context_view.gif" border="0" align="absmiddle" alt="'.$_lang['files_viewfile'].'" title="'.$_lang['files_viewfile'].'" /></span>' : (($enablefiledownload && in_array($type, $uploadablefiles))? '<a href="'.$webstart_path.implode('/', array_map('rawurlencode', explode('/', substr($newpath, $len, strlen($newpath))))).'" style="cursor:pointer; width:20px;"><img src="media/style/'.$manager_theme.'images/misc/ed_save.gif" border="0" align="absmiddle" alt="'.$_lang['file_download_file'].'" title="'.$_lang['file_download_file'].'" /></a>':'<span class="disabledImage"><img src="media/style/'.$manager_theme.'images/icons/context_view.gif" border="0" align="absmiddle" alt="'.$_lang['files_viewfile'].'" title="'.$_lang['files_viewfile'].'" /></span>');

    459. 

  459.                 $files_array[$filecounter]['view'] = (in_array($type, $inlineviewablefiles)) ? '<span style="width:20px;"><a href="index.php?a=31&mode=view&path='.urlencode($newpath).'"><img src="media/style/'.$manager_theme.'images/icons/context_view.gif" border="0" align="absmiddle" alt="'.$_lang['files_viewfile'].'" title="'.$_lang['files_viewfile'].'" /></a></span>' : $files_array[$filecounter]['view'] ;

    460. 

  460.                 $files_array[$filecounter]['unzip'] = ($enablefileunzip && $type=='.zip') ? '<span style="width:20px;"><a href="index.php?a=31&mode=unzip&path='.$curpath.'&file='.urlencode($file).'" onclick="return confirmUnzip();"><img src="media/style/'.$manager_theme.'images/icons/unzip.gif" border="0" align="absmiddle" alt="'.$_lang['file_download_unzip'].'" title="'.$_lang['file_download_unzip'].'" /></a></span>' : '' ;

    461. 

  461.                 $files_array[$filecounter]['edit'] = (in_array($type, $editablefiles) && is_writable($curpath) && is_writable($newpath)) ? '<span style="width:20px;"><a href="index.php?a=31&mode=edit&path='.urlencode($newpath).'#file_editfile"><img src="media/style/'.$manager_theme.'images/icons/save.png" border="0" align="absmiddle" alt="'.$_lang['files_editfile'].'" title="'.$_lang['files_editfile'].'" /></a></span>' : '<span class="disabledImage"><img src="media/style/'.$manager_theme.'images/icons/save.png" border="0" align="absmiddle" alt="'.$_lang['files_editfile'].'" title="'.$_lang['files_editfile'].'" /></span>';

    462. 

  462.                 $files_array[$filecounter]['delete'] = is_writable($curpath) && is_writable($newpath) ? '<span style="width:20px;"><a href="javascript:deleteFile(\''.urlencode($file).'\');"><img src="media/style/'.$manager_theme.'images/icons/delete.gif" border="0" align="absmiddle" alt="'.$_lang['file_delete_file'].'" title="'.$_lang['file_delete_file'].'" /></a></span>' : '<span class="disabledImage"><img src="media/style/'.$manager_theme.'images/icons/delete.gif" border="0" align="absmiddle" alt="'.$_lang['file_delete_file'].'" title="'.$_lang['file_delete_file'].'" /></span>';

    463. 

  463. 

    464. 

  464. 

    465. 

  465.                 // increment the counter

    466. 

  466.                 $filecounter++;

    467. 

  467.             }

    468. 

  468.         }

    469. 

  469.     }

    470. 

  470.     $dir->close();

    471. 

  471. 

    472. 

  472.     // dump array entries for directories

    473. 

  473.     $folders = count($dirs_array);

    474. 

  474.     sort($dirs_array); // sorting the array alphabetically (Thanks pxl8r!)

    475. 

  475.     for($i=0; $i<$folders; $i++) {

    476. 

  476.         $filesizes += $dirs_array[$i]['stats']['7'];

    477. 

  477.         echo '<tr style="cursor:default;" onmouseout="setColor(this,0)" onmouseover="setColor(this,1)">';

    478. 

  478.         echo '<td>',$dirs_array[$i]['text'],'</td>';

    479. 

  479.         echo '<td>',$modx->toDateFormat($dirs_array[$i]['stats']['9']),'</td>';

    480. 

  480.         echo '<td dir="ltr">',ufilesize($dirs_array[$i]['stats']['7']),'</td>';

    481. 

  481.         echo '<td>';

    482. 

  482.         echo $dirs_array[$i]['delete'];

    483. 

  483.         echo '</td>';

    484. 

  484.         echo '</tr>';

    485. 

  485.     }

    486. 

  486. 

    487. 

  487.     // dump array entries for files

    488. 

  488.     $files = count($files_array);

    489. 

  489.     sort($files_array); // sorting the array alphabetically (Thanks pxl8r!)

    490. 

  490.     for($i=0; $i<$files; $i++) {

    491. 

  491.         $filesizes += $files_array[$i]['stats']['7'];

    492. 

  492.         echo '<tr onmouseout="setColor(this,0)" onmouseover="setColor(this,1)">';

    493. 

  493.         echo '<td>',$files_array[$i]['text'],'</td>';

    494. 

  494.         echo '<td>',$modx->toDateFormat($files_array[$i]['stats']['9']),'</td>';

    495. 

  495.         echo '<td dir="ltr">',ufilesize($files_array[$i]['stats']['7']),'</td>';

    496. 

  496.         echo '<td>';

    497. 

  497.         echo $files_array[$i]['unzip'];

    498. 

  498.         echo $files_array[$i]['view'];

    499. 

  499.         echo $files_array[$i]['edit'];

    500. 

  500.         echo $files_array[$i]['delete'];

    501. 

  501.         echo '</td>';

    502. 

  502.         echo '</tr>';

    503. 

  503.     }

    504. 

  504. 

    505. 

  505. 

    506. 

  506.     return;

    507. 

  507. }

    508. 

  508. echo '<br /><br />';

    509. 

  509. ?>

    510. 

  510. <table>

    511. 

  511. <tr>

    512. 

  512. <td style="width:300px;"><b><?php echo $_lang['files_filename']?></b></td>

    513. 

  513. <td><b><?php echo $_lang['files_modified']?></b></td>

    514. 

  514. <td><b><?php echo $_lang['files_filesize']?></b></td>

    515. 

  515. <td><b><?php echo $_lang['files_fileoptions']?></b></td>

    516. 

  516. </tr>

    517. 

  517. <?php

    518. 

  518. ls($startpath);

    519. 

  519. echo "\n\n\n\n\n\n\n";

    520. 

  520. if($folders==0 && $files==0) {

    521. 

  521.     echo '<tr><td colspan="4"><img src="media/style/',$manager_theme,'images/tree/deletedfolder.gif" border="0" /><span style="color:#888;cursor:default;"> This directory is empty.</span></td></tr>';

    522. 

  522. }

    523. 

  523. ?></table><?php

    524. 

  524. 

    525. 

  525. echo $_lang['files_directories'],': <b>',$folders,'</b><br />';

    526. 

  526. echo $_lang['files_files'],': <b>',$files,'</b><br />';

    527. 

  527. echo $_lang['files_data'],': <b><span dir="ltr">',ufilesize($filesizes),'</span></b><br />';

    528. 

  528. echo $_lang['files_dirwritable'],' <b>',is_writable($startpath)==1 ? $_lang['yes'].'.' : $_lang['no'].'.'

    529. 

  529. ?></b><br />

    530. 

  530. <div align="center">

    531. 

  531. <img src="<?php echo $_style['tx']; ?>" id="imageviewer" />

    532. 

  532. </div>

    533. 

  533. <br /><hr />

    534. 

  534. <?php

    535. 

  535. if (((@ini_get("file_uploads") == true) || get_cfg_var("file_uploads") == 1) && is_writable($startpath)) {

    536. 

  536.     @ini_set("upload_max_filesize", $upload_maxsize); // modified by raymond

    537. 

  537. ?>

    538. 

  538. <form enctype="multipart/form-data" action="index.php?a=31" method="post">

    539. 

  539. <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo isset($upload_maxsize)? $upload_maxsize:1048576; ?>">

    540. 

  540. <input type="hidden" name="path" value="<?php echo $startpath?>">

    541. 

  541. 

    542. 

  542. <span style="width:300px;"><?php echo $_lang['files_uploadfile_msg']?></span>

    543. 

  543. <input id="file_elem" type="file" name="bogus"  style="height: 19px;">

    544. 

  544. 

    545. 

  545. <div id="files_list"></div>

    546. 

  546. <script type="text/javascript">

    547. 

  547.     var multi_selector = new MultiSelector( document.getElementById( 'files_list' ), 10 );

    548. 

  548.     multi_selector.addElement( document.getElementById( 'file_elem' ) );

    549. 

  549. </script>

    550. 

  550. 

    551. 

  551. <input type="submit" value="<?php echo $_lang['files_uploadfile']?>">

    552. 

  552. 

    553. 

  553. </form>

    554. 

  554. 

    555. 

  555. 

    556. 

  556. <?php

    557. 

  557. } else {

    558. 

  558.     echo "<p>".$_lang['files_upload_inhibited_msg']."</p>";

    559. 

  559. }

    560. 

  560. ?>

    561. 

  561. 

    562. 

  562. 

    563. 

  563. </div>

    564. 

  564. 

    565. 

  565. <?php

    566. 

  566. 

    567. 

  567. if($_REQUEST['mode']=="edit" || $_REQUEST['mode']=="view") {

    568. 

  568. ?>

    569. 

  569. 

    570. 

  570. <div class="sectionHeader" id="file_editfile"><?php echo $_REQUEST['mode']=="edit" ? $_lang['files_editfile'] : $_lang['files_viewfile']?></div>

    571. 

  571. 

    572. 

  572. <div class="sectionBody">

    573. 

  573. <?php

    574. 

  574. $filename=$_REQUEST['path'];

    575. 

  575. $handle = @fopen($filename, "r");

    576. 

  576. // Log the change

    577. 

  577. logFileChange('view', $filename);

    578. 

  578. if(!$handle) {

    579. 

  579.     echo 'Error opening file for reading.';

    580. 

  580.     exit;

    581. 

  581. } else {

    582. 

  582.     while (!feof($handle)) {

    583. 

  583.         $buffer .= fgets($handle, 4096);

    584. 

  584.     }

    585. 

  585.     fclose ($handle);

    586. 

  586. }

    587. 

  587. 

    588. 

  588. ?>

    589. 

  589. <form action="index.php" method="post" name="editFile">

    590. 

  590. <input type="hidden" name="a" value="31" />

    591. 

  591. <input type="hidden" name="mode" value="save" />

    592. 

  592. <input type="hidden" name="path" value="<?php echo $_REQUEST['path']?>" />

    593. 

  593. <table width="100%"  border="0" cellspacing="0" cellpadding="0">

    594. 

  594.   <tr>

    595. 

  595.     <td><textarea dir="ltr" style="width:100%; height:370px;" name="content"><?php echo htmlentities($buffer,ENT_COMPAT,$modx_manager_charset)?></textarea></td>

    596. 

  596.   </tr>

    597. 

  597. </table>

    598. 

  598. </form>

    599. 

  599. <?php

    600. 

  600. 

    601. 

  601. if($_REQUEST['mode']=="edit") {

    602. 

  602. ?>

    603. 

  603. <br />

    604. 

  604. <ul class="actionButtons">

    605. 

  605.     <li><a href="#" onclick="document.editFile.submit();"><img src="<?php echo $_style["icons_save"] ?>" /> <?php echo $_lang['save']?></a></li>

    606. 

  606.     <li><a href="index.php?a=31&path=<?php echo urlencode($_REQUEST['path'])?>"><img src="<?php echo $_style["icons_cancel"] ?>" /> <?php echo $_lang['cancel']?></a></li>

    607. 

  607. </ul>

    608. 

  608. <?php } ?>

    609. 

  609. </div>

    610. 

  610. <?php

    611. 

  611. }

    612. 

  612. ?>
    613.