Merge branch 'master' into 12400
This commit is contained in:
commit
4b34c1664d
@ -7,8 +7,9 @@
|
|||||||
- Stockage des données JSON, forçage au format objet.
|
- Stockage des données JSON, forçage au format objet.
|
||||||
|
|
||||||
## Version 12.3.10
|
## Version 12.3.10
|
||||||
|
- Edition d'un utilisateur, affiche correctement la langue de l'interface dans l'édition d'un utilisateur.
|
||||||
- Mise à jour du fichier dialog.php de Responsive File Manager
|
- Mise à jour du fichier dialog.php de Responsive File Manager
|
||||||
- Vulnérabilité dans ajax_call.php CVE-2020-10567
|
- Vulnérabilité dans ajax_call.php CVE-2020-10567, désactivation de TUI Editor et de la fonction save_image.
|
||||||
|
|
||||||
## Version 12.3.09
|
## Version 12.3.09
|
||||||
### Corrections
|
### Corrections
|
||||||
|
216
core/vendor/filemanager/ajax_calls.php
vendored
216
core/vendor/filemanager/ajax_calls.php
vendored
@ -5,7 +5,7 @@ $config = include 'config/config.php';
|
|||||||
require_once 'include/utils.php';
|
require_once 'include/utils.php';
|
||||||
|
|
||||||
if ($_SESSION['RF']["verify"] != "RESPONSIVEfilemanager") {
|
if ($_SESSION['RF']["verify"] != "RESPONSIVEfilemanager") {
|
||||||
response(trans('forbidden') . AddErrorLocation())->send();
|
response(trans('forbidden').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
$languages = include 'lang/languages.php';
|
$languages = include 'lang/languages.php';
|
||||||
@ -14,24 +14,24 @@ if (isset($_SESSION['RF']['language']) && file_exists('lang/' . basename($_SESSI
|
|||||||
if (array_key_exists($_SESSION['RF']['language'], $languages)) {
|
if (array_key_exists($_SESSION['RF']['language'], $languages)) {
|
||||||
include 'lang/' . basename($_SESSION['RF']['language']) . '.php';
|
include 'lang/' . basename($_SESSION['RF']['language']) . '.php';
|
||||||
} else {
|
} else {
|
||||||
response(trans('Lang_Not_Found') . AddErrorLocation())->send();
|
response(trans('Lang_Not_Found').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
response(trans('Lang_Not_Found') . AddErrorLocation())->send();
|
response(trans('Lang_Not_Found').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
//check $_GET['file']
|
//check $_GET['file']
|
||||||
if (isset($_GET['file']) && !checkRelativePath($_GET['file'])) {
|
if (isset($_GET['file']) && !checkRelativePath($_GET['file'])) {
|
||||||
response(trans('wrong path') . AddErrorLocation())->send();
|
response(trans('wrong path').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
//check $_POST['file']
|
//check $_POST['file']
|
||||||
if (isset($_POST['path']) && !checkRelativePath($_POST['path'])) {
|
if(isset($_POST['path']) && !checkRelativePath($_POST['path'])) {
|
||||||
response(trans('wrong path') . AddErrorLocation())->send();
|
response(trans('wrong path').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -43,7 +43,7 @@ if (isset($_GET['action'])) {
|
|||||||
case 'new_file_form':
|
case 'new_file_form':
|
||||||
echo trans('Filename') . ': <input type="text" id="create_text_file_name" style="height:30px"> <select id="create_text_file_extension" style="margin:0;width:100px;">';
|
echo trans('Filename') . ': <input type="text" id="create_text_file_name" style="height:30px"> <select id="create_text_file_extension" style="margin:0;width:100px;">';
|
||||||
foreach ($config['editable_text_file_exts'] as $ext) {
|
foreach ($config['editable_text_file_exts'] as $ext) {
|
||||||
echo '<option value=".' . $ext . '">.' . $ext . '</option>';
|
echo '<option value=".'.$ext.'">.'.$ext.'</option>';
|
||||||
}
|
}
|
||||||
echo '</select><br><hr><textarea id="textfile_create_area" style="width:100%;height:150px;"></textarea>';
|
echo '</select><br><hr><textarea id="textfile_create_area" style="width:100%;height:150px;"></textarea>';
|
||||||
break;
|
break;
|
||||||
@ -52,7 +52,7 @@ if (isset($_GET['action'])) {
|
|||||||
if (isset($_GET['type'])) {
|
if (isset($_GET['type'])) {
|
||||||
$_SESSION['RF']["view_type"] = $_GET['type'];
|
$_SESSION['RF']["view_type"] = $_GET['type'];
|
||||||
} else {
|
} else {
|
||||||
response(trans('view type number missing') . AddErrorLocation())->send();
|
response(trans('view type number missing').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
@ -63,7 +63,7 @@ if (isset($_GET['action'])) {
|
|||||||
$_SESSION['RF']["filter"] = $_GET['type'];
|
$_SESSION['RF']["filter"] = $_GET['type'];
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
response(trans('view type number missing') . AddErrorLocation())->send();
|
response(trans('view type number missing').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
@ -73,13 +73,16 @@ if (isset($_GET['action'])) {
|
|||||||
$_SESSION['RF']["sort_by"] = $_GET['sort_by'];
|
$_SESSION['RF']["sort_by"] = $_GET['sort_by'];
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_GET['descending'])) {
|
if (isset($_GET['descending']))
|
||||||
|
{
|
||||||
$_SESSION['RF']["descending"] = $_GET['descending'];
|
$_SESSION['RF']["descending"] = $_GET['descending'];
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'save_img':
|
case 'save_img':
|
||||||
|
break;
|
||||||
$info = pathinfo($_POST['name']);
|
$info = pathinfo($_POST['name']);
|
||||||
$image_data = $_POST['url'];
|
$image_data = $_POST['url'];
|
||||||
|
|
||||||
if (preg_match('/^data:image\/(\w+);base64,/', $image_data, $type)) {
|
if (preg_match('/^data:image\/(\w+);base64,/', $image_data, $type)) {
|
||||||
$image_data = substr($image_data, strpos($image_data, ',') + 1);
|
$image_data = substr($image_data, strpos($image_data, ',') + 1);
|
||||||
$type = strtolower($type[1]); // jpg, png, gif
|
$type = strtolower($type[1]); // jpg, png, gif
|
||||||
@ -87,43 +90,42 @@ if (isset($_GET['action'])) {
|
|||||||
$image_data = base64_decode($image_data);
|
$image_data = base64_decode($image_data);
|
||||||
|
|
||||||
if ($image_data === false) {
|
if ($image_data === false) {
|
||||||
response(trans('TUI_Decode_Failed') . AddErrorLocation())->send();
|
response(trans('TUI_Decode_Failed').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
response(trans('') . AddErrorLocation())->send();
|
response(trans('').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($image_data === false) {
|
if ($image_data === false) {
|
||||||
response(trans('') . AddErrorLocation())->send();
|
response(trans('').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!checkresultingsize(strlen($image_data))) {
|
if (!checkresultingsize(strlen($image_data))) {
|
||||||
response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']) . AddErrorLocation())->send();
|
response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']).AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($ftp) {
|
if ($ftp) {
|
||||||
$temp_file = tmpfile();
|
$temp = tempnam('/tmp', 'RF');
|
||||||
$temp_meta = stream_get_meta_data($temp_file);
|
unlink($temp);
|
||||||
$temp_path = $temp_meta['uri'];
|
$temp .=".".substr(strrchr($_POST['url'], '.'), 1);
|
||||||
fwrite($temp_file, $image_data);
|
file_put_contents($temp, $image_data);
|
||||||
|
|
||||||
$ftp->put($config['ftp_base_folder'] . $config['upload_dir'] . $_POST['path'] . $_POST['name'], $temp_path, FTP_BINARY);
|
$ftp->put($config['ftp_base_folder'].$config['upload_dir'] . $_POST['path'] . $_POST['name'], $temp, FTP_BINARY);
|
||||||
|
|
||||||
create_img($temp_path, $temp_path, 122, 91);
|
create_img($temp, $temp, 122, 91);
|
||||||
$ftp->put($config['ftp_base_folder'] . $config['ftp_thumbs_dir'] . $_POST['path'] . $_POST['name'], $temp_path, FTP_BINARY);
|
$ftp->put($config['ftp_base_folder'].$config['ftp_thumbs_dir']. $_POST['path'] . $_POST['name'], $temp, FTP_BINARY);
|
||||||
|
|
||||||
fclose($temp_file);
|
unlink($temp);
|
||||||
} else {
|
} else {
|
||||||
file_put_contents($config['current_path'] . $_POST['path'] . $_POST['name'], $image_data);
|
file_put_contents($config['current_path'] . $_POST['path'] . $_POST['name'], $image_data);
|
||||||
create_img($config['current_path'] . $_POST['path'] . $_POST['name'], $config['thumbs_base_path'] . $_POST['path'] . $_POST['name'], 122, 91);
|
create_img($config['current_path'] . $_POST['path'] . $_POST['name'], $config['thumbs_base_path'].$_POST['path'].$_POST['name'], 122, 91);
|
||||||
// TODO something with this function cause its blowing my mind
|
// TODO something with this function cause its blowing my mind
|
||||||
new_thumbnails_creation(
|
new_thumbnails_creation(
|
||||||
$config['current_path'] . $_POST['path'],
|
$config['current_path'].$_POST['path'],
|
||||||
$config['current_path'] . $_POST['path'] . $_POST['name'],
|
$config['current_path'].$_POST['path'].$_POST['name'],
|
||||||
$_POST['name'],
|
$_POST['name'],
|
||||||
$config['current_path'],
|
$config['current_path'],
|
||||||
$config
|
$config
|
||||||
@ -133,11 +135,11 @@ if (isset($_GET['action'])) {
|
|||||||
|
|
||||||
case 'extract':
|
case 'extract':
|
||||||
if (!$config['extract_files']) {
|
if (!$config['extract_files']) {
|
||||||
response(trans('wrong action') . AddErrorLocation())->send();
|
response(trans('wrong action').AddErrorLocation())->send();
|
||||||
}
|
}
|
||||||
if ($ftp) {
|
if ($ftp) {
|
||||||
$path = $config['ftp_base_url'] . $config['upload_dir'] . $_POST['path'];
|
$path = $config['ftp_base_url'].$config['upload_dir'] . $_POST['path'];
|
||||||
$base_folder = $config['ftp_base_url'] . $config['upload_dir'] . fix_dirname($_POST['path']) . "/";
|
$base_folder = $config['ftp_base_url'].$config['upload_dir'] . fix_dirname($_POST['path']) . "/";
|
||||||
} else {
|
} else {
|
||||||
$path = $config['current_path'] . $_POST['path'];
|
$path = $config['current_path'] . $_POST['path'];
|
||||||
$base_folder = $config['current_path'] . fix_dirname($_POST['path']) . "/";
|
$base_folder = $config['current_path'] . fix_dirname($_POST['path']) . "/";
|
||||||
@ -170,7 +172,7 @@ if (isset($_GET['action'])) {
|
|||||||
$sizeTotalFinal += $aStat['size'];
|
$sizeTotalFinal += $aStat['size'];
|
||||||
}
|
}
|
||||||
if (!checkresultingsize($sizeTotalFinal)) {
|
if (!checkresultingsize($sizeTotalFinal)) {
|
||||||
response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']) . AddErrorLocation())->send();
|
response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']).AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -183,7 +185,7 @@ if (isset($_GET['action'])) {
|
|||||||
create_folder($base_folder . $FullFileName['name']);
|
create_folder($base_folder . $FullFileName['name']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(substr($FullFileName['name'], -1, 1) == "/")) {
|
if (! (substr($FullFileName['name'], -1, 1) == "/")) {
|
||||||
$fileinfo = pathinfo($FullFileName['name']);
|
$fileinfo = pathinfo($FullFileName['name']);
|
||||||
if (in_array(strtolower($fileinfo['extension']), $config['ext'])) {
|
if (in_array(strtolower($fileinfo['extension']), $config['ext'])) {
|
||||||
copy('zip://' . $path . '#' . $FullFileName['name'], $base_folder . $FullFileName['name']);
|
copy('zip://' . $path . '#' . $FullFileName['name'], $base_folder . $FullFileName['name']);
|
||||||
@ -193,7 +195,7 @@ if (isset($_GET['action'])) {
|
|||||||
}
|
}
|
||||||
$zip->close();
|
$zip->close();
|
||||||
} else {
|
} else {
|
||||||
response(trans('Zip_No_Extract') . AddErrorLocation())->send();
|
response(trans('Zip_No_Extract').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -216,28 +218,28 @@ if (isset($_GET['action'])) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
response(trans('Zip_Invalid') . AddErrorLocation())->send();
|
response(trans('Zip_Invalid').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($ftp) {
|
if ($ftp) {
|
||||||
unlink($path);
|
unlink($path);
|
||||||
$ftp->putAll($base_folder, "/" . $config['ftp_base_folder'] . $config['upload_dir'] . fix_dirname($_POST['path']), FTP_BINARY);
|
$ftp->putAll($base_folder, "/".$config['ftp_base_folder'] . $config['upload_dir'] . fix_dirname($_POST['path']), FTP_BINARY);
|
||||||
deleteDir($base_folder);
|
deleteDir($base_folder);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
break;
|
break;
|
||||||
case 'media_preview':
|
case 'media_preview':
|
||||||
if (isset($_GET['file'])) {
|
if(isset($_GET['file'])){
|
||||||
$_GET['file'] = sanitize($_GET['file']);
|
$_GET['file'] = sanitize($_GET['file']);
|
||||||
}
|
}
|
||||||
if (isset($_GET['title'])) {
|
if(isset($_GET['title'])){
|
||||||
$_GET['title'] = sanitize($_GET['title']);
|
$_GET['title'] = sanitize($_GET['title']);
|
||||||
}
|
}
|
||||||
if ($ftp) {
|
if($ftp){
|
||||||
$preview_file = $config['ftp_base_url'] . $config['upload_dir'] . $_GET['file'];
|
$preview_file = $config['ftp_base_url'].$config['upload_dir'] . $_GET['file'];
|
||||||
} else {
|
}else{
|
||||||
$preview_file = $config['current_path'] . $_GET["file"];
|
$preview_file = $config['current_path'] . $_GET["file"];
|
||||||
}
|
}
|
||||||
$info = pathinfo($preview_file);
|
$info = pathinfo($preview_file);
|
||||||
@ -265,20 +267,16 @@ if (isset($_GET['action'])) {
|
|||||||
<li><a href="javascript:;" class="jp-stop" tabindex="1">stop</a></li>
|
<li><a href="javascript:;" class="jp-stop" tabindex="1">stop</a></li>
|
||||||
<li><a href="javascript:;" class="jp-mute" tabindex="1" title="mute">mute</a></li>
|
<li><a href="javascript:;" class="jp-mute" tabindex="1" title="mute">mute</a></li>
|
||||||
<li><a href="javascript:;" class="jp-unmute" tabindex="1" title="unmute">unmute</a></li>
|
<li><a href="javascript:;" class="jp-unmute" tabindex="1" title="unmute">unmute</a></li>
|
||||||
<li><a href="javascript:;" class="jp-volume-max" tabindex="1" title="max volume">max volume</a>
|
<li><a href="javascript:;" class="jp-volume-max" tabindex="1" title="max volume">max volume</a></li>
|
||||||
</li>
|
|
||||||
</ul>
|
</ul>
|
||||||
<div class="jp-volume-bar">
|
<div class="jp-volume-bar">
|
||||||
<div class="jp-volume-bar-value"></div>
|
<div class="jp-volume-bar-value"></div>
|
||||||
</div>
|
</div>
|
||||||
<ul class="jp-toggles">
|
<ul class="jp-toggles">
|
||||||
<li><a href="javascript:;" class="jp-full-screen" tabindex="1" title="full screen">full
|
<li><a href="javascript:;" class="jp-full-screen" tabindex="1" title="full screen">full screen</a></li>
|
||||||
screen</a></li>
|
<li><a href="javascript:;" class="jp-restore-screen" tabindex="1" title="restore screen">restore screen</a></li>
|
||||||
<li><a href="javascript:;" class="jp-restore-screen" tabindex="1" title="restore screen">restore
|
|
||||||
screen</a></li>
|
|
||||||
<li><a href="javascript:;" class="jp-repeat" tabindex="1" title="repeat">repeat</a></li>
|
<li><a href="javascript:;" class="jp-repeat" tabindex="1" title="repeat">repeat</a></li>
|
||||||
<li><a href="javascript:;" class="jp-repeat-off" tabindex="1" title="repeat off">repeat off</a>
|
<li><a href="javascript:;" class="jp-repeat-off" tabindex="1" title="repeat off">repeat off</a></li>
|
||||||
</li>
|
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
<div class="jp-title" style="display:none;">
|
<div class="jp-title" style="display:none;">
|
||||||
@ -290,12 +288,11 @@ if (isset($_GET['action'])) {
|
|||||||
</div>
|
</div>
|
||||||
<div class="jp-no-solution">
|
<div class="jp-no-solution">
|
||||||
<span>Update Required</span>
|
<span>Update Required</span>
|
||||||
To play the media you will need to either update your browser to a recent version or update your <a
|
To play the media you will need to either update your browser to a recent version or update your <a href="https://get.adobe.com/flashplayer/" target="_blank">Flash plugin</a>.
|
||||||
href="https://get.adobe.com/flashplayer/" target="_blank">Flash plugin</a>.
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<?php if (in_array(strtolower($info['extension']), $config['ext_music'])): ?>
|
<?php if(in_array(strtolower($info['extension']), $config['ext_music'])): ?>
|
||||||
|
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
$(document).ready(function () {
|
$(document).ready(function () {
|
||||||
@ -353,12 +350,12 @@ if (isset($_GET['action'])) {
|
|||||||
break;
|
break;
|
||||||
case 'copy_cut':
|
case 'copy_cut':
|
||||||
if ($_POST['sub_action'] != 'copy' && $_POST['sub_action'] != 'cut') {
|
if ($_POST['sub_action'] != 'copy' && $_POST['sub_action'] != 'cut') {
|
||||||
response(trans('wrong sub-action') . AddErrorLocation())->send();
|
response(trans('wrong sub-action').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (trim($_POST['path']) == '') {
|
if (trim($_POST['path']) == '') {
|
||||||
response(trans('no path') . AddErrorLocation())->send();
|
response(trans('no path').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -368,7 +365,7 @@ if (isset($_GET['action'])) {
|
|||||||
if (is_dir($path)) {
|
if (is_dir($path)) {
|
||||||
// can't copy/cut dirs
|
// can't copy/cut dirs
|
||||||
if ($config['copy_cut_dirs'] === false) {
|
if ($config['copy_cut_dirs'] === false) {
|
||||||
response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Folders')) . AddErrorLocation())->send();
|
response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Folders')).AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -376,7 +373,7 @@ if (isset($_GET['action'])) {
|
|||||||
// size over limit
|
// size over limit
|
||||||
if ($config['copy_cut_max_size'] !== false && is_int($config['copy_cut_max_size'])) {
|
if ($config['copy_cut_max_size'] !== false && is_int($config['copy_cut_max_size'])) {
|
||||||
if (($config['copy_cut_max_size'] * 1024 * 1024) < $sizeFolderToCopy) {
|
if (($config['copy_cut_max_size'] * 1024 * 1024) < $sizeFolderToCopy) {
|
||||||
response(sprintf(trans('Copy_Cut_Size_Limit'), $msg_sub_action, $config['copy_cut_max_size']) . AddErrorLocation())->send();
|
response(sprintf(trans('Copy_Cut_Size_Limit'), $msg_sub_action, $config['copy_cut_max_size']).AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -384,19 +381,19 @@ if (isset($_GET['action'])) {
|
|||||||
// file count over limit
|
// file count over limit
|
||||||
if ($config['copy_cut_max_count'] !== false && is_int($config['copy_cut_max_count'])) {
|
if ($config['copy_cut_max_count'] !== false && is_int($config['copy_cut_max_count'])) {
|
||||||
if ($config['copy_cut_max_count'] < $fileNum) {
|
if ($config['copy_cut_max_count'] < $fileNum) {
|
||||||
response(sprintf(trans('Copy_Cut_Count_Limit'), $msg_sub_action, $config['copy_cut_max_count']) . AddErrorLocation())->send();
|
response(sprintf(trans('Copy_Cut_Count_Limit'), $msg_sub_action, $config['copy_cut_max_count']).AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!checkresultingsize($sizeFolderToCopy)) {
|
if (!checkresultingsize($sizeFolderToCopy)) {
|
||||||
response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']) . AddErrorLocation())->send();
|
response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']).AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// can't copy/cut files
|
// can't copy/cut files
|
||||||
if ($config['copy_cut_files'] === false) {
|
if ($config['copy_cut_files'] === false) {
|
||||||
response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Files')) . AddErrorLocation())->send();
|
response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Files')).AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -412,11 +409,10 @@ if (isset($_GET['action'])) {
|
|||||||
if ($ftp) {
|
if ($ftp) {
|
||||||
$path = $config['ftp_base_url'] . $config['upload_dir'] . $_POST['path'];
|
$path = $config['ftp_base_url'] . $config['upload_dir'] . $_POST['path'];
|
||||||
if (
|
if (
|
||||||
($_POST['folder'] == 1 && $config['chmod_dirs'] === false)
|
($_POST['folder']==1 && $config['chmod_dirs'] === false)
|
||||||
|| ($_POST['folder'] == 0 && $config['chmod_files'] === false)
|
|| ($_POST['folder']==0 && $config['chmod_files'] === false)
|
||||||
|| (is_function_callable("chmod") === false)
|
|| (is_function_callable("chmod") === false)) {
|
||||||
) {
|
response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403).AddErrorLocation())->send();
|
||||||
response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403) . AddErrorLocation())->send();
|
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
$info = $_POST['permissions'];
|
$info = $_POST['permissions'];
|
||||||
@ -425,9 +421,8 @@ if (isset($_GET['action'])) {
|
|||||||
if (
|
if (
|
||||||
(is_dir($path) && $config['chmod_dirs'] === false)
|
(is_dir($path) && $config['chmod_dirs'] === false)
|
||||||
|| (is_file($path) && $config['chmod_files'] === false)
|
|| (is_file($path) && $config['chmod_files'] === false)
|
||||||
|| (is_function_callable("chmod") === false)
|
|| (is_function_callable("chmod") === false)) {
|
||||||
) {
|
response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403).AddErrorLocation())->send();
|
||||||
response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403) . AddErrorLocation())->send();
|
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -471,22 +466,22 @@ if (isset($_GET['action'])) {
|
|||||||
</thead>
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr>
|
<tr>
|
||||||
<td>' . trans('User') . '</td>
|
<td>'.trans('User').'</td>
|
||||||
<td><input id="u_4" type="checkbox" data-value="4" data-group="user" ' . (substr($info, 1, 1) == 'r' ? " checked" : "") . '></td>
|
<td><input id="u_4" type="checkbox" data-value="4" data-group="user" '.(substr($info, 1, 1)=='r' ? " checked" : "").'></td>
|
||||||
<td><input id="u_2" type="checkbox" data-value="2" data-group="user" ' . (substr($info, 2, 1) == 'w' ? " checked" : "") . '></td>
|
<td><input id="u_2" type="checkbox" data-value="2" data-group="user" '.(substr($info, 2, 1)=='w' ? " checked" : "").'></td>
|
||||||
<td><input id="u_1" type="checkbox" data-value="1" data-group="user" ' . (substr($info, 3, 1) == 'x' ? " checked" : "") . '></td>
|
<td><input id="u_1" type="checkbox" data-value="1" data-group="user" '.(substr($info, 3, 1)=='x' ? " checked" : "").'></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>' . trans('Group') . '</td>
|
<td>'.trans('Group').'</td>
|
||||||
<td><input id="g_4" type="checkbox" data-value="4" data-group="group" ' . (substr($info, 4, 1) == 'r' ? " checked" : "") . '></td>
|
<td><input id="g_4" type="checkbox" data-value="4" data-group="group" '.(substr($info, 4, 1)=='r' ? " checked" : "").'></td>
|
||||||
<td><input id="g_2" type="checkbox" data-value="2" data-group="group" ' . (substr($info, 5, 1) == 'w' ? " checked" : "") . '></td>
|
<td><input id="g_2" type="checkbox" data-value="2" data-group="group" '.(substr($info, 5, 1)=='w' ? " checked" : "").'></td>
|
||||||
<td><input id="g_1" type="checkbox" data-value="1" data-group="group" ' . (substr($info, 6, 1) == 'x' ? " checked" : "") . '></td>
|
<td><input id="g_1" type="checkbox" data-value="1" data-group="group" '.(substr($info, 6, 1)=='x' ? " checked" : "").'></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>' . trans('All') . '</td>
|
<td>'.trans('All').'</td>
|
||||||
<td><input id="a_4" type="checkbox" data-value="4" data-group="all" ' . (substr($info, 7, 1) == 'r' ? " checked" : "") . '></td>
|
<td><input id="a_4" type="checkbox" data-value="4" data-group="all" '.(substr($info, 7, 1)=='r' ? " checked" : "").'></td>
|
||||||
<td><input id="a_2" type="checkbox" data-value="2" data-group="all" ' . (substr($info, 8, 1) == 'w' ? " checked" : "") . '></td>
|
<td><input id="a_2" type="checkbox" data-value="2" data-group="all" '.(substr($info, 8, 1)=='w' ? " checked" : "").'></td>
|
||||||
<td><input id="a_1" type="checkbox" data-value="1" data-group="all" ' . (substr($info, 9, 1) == 'x' ? " checked" : "") . '></td>
|
<td><input id="a_1" type="checkbox" data-value="1" data-group="all" '.(substr($info, 9, 1)=='x' ? " checked" : "").'></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td></td>
|
<td></td>
|
||||||
@ -496,12 +491,12 @@ if (isset($_GET['action'])) {
|
|||||||
</table>';
|
</table>';
|
||||||
|
|
||||||
if ((!$ftp && is_dir($path))) {
|
if ((!$ftp && is_dir($path))) {
|
||||||
$ret .= '<div class="hero-unit" style="padding:10px;">' . trans('File_Permission_Recursive') . '<br/><br/>
|
$ret .= '<div class="hero-unit" style="padding:10px;">'.trans('File_Permission_Recursive').'<br/><br/>
|
||||||
<ul class="unstyled">
|
<ul class="unstyled">
|
||||||
<li><label class="radio"><input value="none" name="apply_recursive" type="radio" checked> ' . trans('No') . '</label></li>
|
<li><label class="radio"><input value="none" name="apply_recursive" type="radio" checked> '.trans('No').'</label></li>
|
||||||
<li><label class="radio"><input value="files" name="apply_recursive" type="radio"> ' . trans('Files') . '</label></li>
|
<li><label class="radio"><input value="files" name="apply_recursive" type="radio"> '.trans('Files').'</label></li>
|
||||||
<li><label class="radio"><input value="folders" name="apply_recursive" type="radio"> ' . trans('Folders') . '</label></li>
|
<li><label class="radio"><input value="folders" name="apply_recursive" type="radio"> '.trans('Folders').'</label></li>
|
||||||
<li><label class="radio"><input value="both" name="apply_recursive" type="radio"> ' . trans('Files') . ' & ' . trans('Folders') . '</label></li>
|
<li><label class="radio"><input value="both" name="apply_recursive" type="radio"> '.trans('Files').' & '.trans('Folders').'</label></li>
|
||||||
</ul>
|
</ul>
|
||||||
</div>';
|
</div>';
|
||||||
}
|
}
|
||||||
@ -513,14 +508,14 @@ if (isset($_GET['action'])) {
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
case 'get_lang':
|
case 'get_lang':
|
||||||
if (!file_exists('lang/languages.php')) {
|
if (! file_exists('lang/languages.php')) {
|
||||||
response(trans('Lang_Not_Found') . AddErrorLocation())->send();
|
response(trans('Lang_Not_Found').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
$languages = include 'lang/languages.php';
|
$languages = include 'lang/languages.php';
|
||||||
if (!isset($languages) || !is_array($languages)) {
|
if (! isset($languages) || ! is_array($languages)) {
|
||||||
response(trans('Lang_Not_Found') . AddErrorLocation())->send();
|
response(trans('Lang_Not_Found').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -537,11 +532,11 @@ if (isset($_GET['action'])) {
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
case 'change_lang':
|
case 'change_lang':
|
||||||
$choosen_lang = (!empty($_POST['choosen_lang'])) ? $_POST['choosen_lang'] : "en_EN";
|
$choosen_lang = (!empty($_POST['choosen_lang']))? $_POST['choosen_lang']:"en_EN";
|
||||||
|
|
||||||
if (array_key_exists($choosen_lang, $languages)) {
|
if (array_key_exists($choosen_lang, $languages)) {
|
||||||
if (!file_exists('lang/' . $choosen_lang . '.php')) {
|
if (! file_exists('lang/' . $choosen_lang . '.php')) {
|
||||||
response(trans('Lang_Not_Found') . AddErrorLocation())->send();
|
response(trans('Lang_Not_Found').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
} else {
|
} else {
|
||||||
$_SESSION['RF']['language'] = $choosen_lang;
|
$_SESSION['RF']['language'] = $choosen_lang;
|
||||||
@ -551,12 +546,12 @@ if (isset($_GET['action'])) {
|
|||||||
break;
|
break;
|
||||||
case 'cad_preview':
|
case 'cad_preview':
|
||||||
if ($ftp) {
|
if ($ftp) {
|
||||||
$selected_file = $config['ftp_base_url'] . $config['upload_dir'] . $_GET['file'];
|
$selected_file = $config['ftp_base_url'].$config['upload_dir'] . $_GET['file'];
|
||||||
} else {
|
} else {
|
||||||
$selected_file = $config['current_path'] . $_GET['file'];
|
$selected_file = $config['current_path'] . $_GET['file'];
|
||||||
|
|
||||||
if (!file_exists($selected_file)) {
|
if (! file_exists($selected_file)) {
|
||||||
response(trans('File_Not_Found') . AddErrorLocation())->send();
|
response(trans('File_Not_Found').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -576,17 +571,17 @@ if (isset($_GET['action'])) {
|
|||||||
$preview_mode = $_GET["preview_mode"];
|
$preview_mode = $_GET["preview_mode"];
|
||||||
|
|
||||||
if ($sub_action != 'preview' && $sub_action != 'edit') {
|
if ($sub_action != 'preview' && $sub_action != 'edit') {
|
||||||
response(trans('wrong action') . AddErrorLocation())->send();
|
response(trans('wrong action').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($ftp) {
|
if ($ftp) {
|
||||||
$selected_file = ($sub_action == 'preview' ? $config['ftp_base_url'] . $config['upload_dir'] . $_GET['file'] : $config['ftp_base_url'] . $config['upload_dir'] . $_POST['path']);
|
$selected_file = ($sub_action == 'preview' ? $config['ftp_base_url'].$config['upload_dir'] . $_GET['file'] : $config['ftp_base_url'].$config['upload_dir'] . $_POST['path']);
|
||||||
} else {
|
} else {
|
||||||
$selected_file = ($sub_action == 'preview' ? $config['current_path'] . $_GET['file'] : $config['current_path'] . $_POST['path']);
|
$selected_file = ($sub_action == 'preview' ? $config['current_path'] . $_GET['file'] : $config['current_path'] . $_POST['path']);
|
||||||
|
|
||||||
if (!file_exists($selected_file)) {
|
if (! file_exists($selected_file)) {
|
||||||
response(trans('File_Not_Found') . AddErrorLocation())->send();
|
response(trans('File_Not_Found').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -601,20 +596,19 @@ if (isset($_GET['action'])) {
|
|||||||
$allowed_file_exts = $config['googledoc_file_exts'];
|
$allowed_file_exts = $config['googledoc_file_exts'];
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($allowed_file_exts) || !is_array($allowed_file_exts)) {
|
if (! isset($allowed_file_exts) || ! is_array($allowed_file_exts)) {
|
||||||
$allowed_file_exts = array();
|
$allowed_file_exts = array();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($info['extension'])) {
|
if (!isset($info['extension'])) {
|
||||||
$info['extension'] = '';
|
$info['extension']='';
|
||||||
}
|
}
|
||||||
if (
|
if (! in_array($info['extension'], $allowed_file_exts)
|
||||||
!in_array($info['extension'], $allowed_file_exts)
|
|| ! isset($is_allowed)
|
||||||
|| !isset($is_allowed)
|
|
||||||
|| $is_allowed === false
|
|| $is_allowed === false
|
||||||
|| (!$ftp && !is_readable($selected_file))
|
|| (!$ftp && ! is_readable($selected_file))
|
||||||
) {
|
) {
|
||||||
response(sprintf(trans('File_Open_Edit_Not_Allowed'), ($sub_action == 'preview' ? strtolower(trans('Open')) : strtolower(trans('Edit')))) . AddErrorLocation())->send();
|
response(sprintf(trans('File_Open_Edit_Not_Allowed'), ($sub_action == 'preview' ? strtolower(trans('Open')) : strtolower(trans('Edit')))).AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
if ($sub_action == 'preview') {
|
if ($sub_action == 'preview') {
|
||||||
@ -625,7 +619,7 @@ if (isset($_GET['action'])) {
|
|||||||
$ret = '';
|
$ret = '';
|
||||||
|
|
||||||
$ret .= '<script src="https://rawgit.com/google/code-prettify/master/loader/run_prettify.js?autoload=true&skin=sunburst"></script>';
|
$ret .= '<script src="https://rawgit.com/google/code-prettify/master/loader/run_prettify.js?autoload=true&skin=sunburst"></script>';
|
||||||
$ret .= '<?prettify lang=' . $info['extension'] . ' linenums=true?><pre class="prettyprint"><code class="language-' . $info['extension'] . '">' . $data . '</code></pre>';
|
$ret .= '<?prettify lang='.$info['extension'].' linenums=true?><pre class="prettyprint"><code class="language-'.$info['extension'].'">'.$data.'</code></pre>';
|
||||||
} elseif ($preview_mode == 'google') {
|
} elseif ($preview_mode == 'google') {
|
||||||
if ($ftp) {
|
if ($ftp) {
|
||||||
$url_file = $selected_file;
|
$url_file = $selected_file;
|
||||||
@ -636,12 +630,12 @@ if (isset($_GET['action'])) {
|
|||||||
$googledoc_url = urlencode($url_file);
|
$googledoc_url = urlencode($url_file);
|
||||||
$ret = "<iframe src=\"https://docs.google.com/viewer?url=" . $url_file . "&embedded=true\" class=\"google-iframe\"></iframe>";
|
$ret = "<iframe src=\"https://docs.google.com/viewer?url=" . $url_file . "&embedded=true\" class=\"google-iframe\"></iframe>";
|
||||||
}
|
}
|
||||||
} else {
|
}else{
|
||||||
$data = stripslashes(htmlspecialchars(file_get_contents($selected_file)));
|
$data = stripslashes(htmlspecialchars(file_get_contents($selected_file)));
|
||||||
if (in_array($info['extension'], array('html', 'html'))) {
|
if(in_array($info['extension'],array('html','html'))){
|
||||||
$ret = '<script src="https://cdn.ckeditor.com/ckeditor5/12.1.0/classic/ckeditor.js"></script><textarea id="textfile_edit_area" style="width:100%;height:300px;">' . $data . '</textarea><script>setTimeout(function(){ ClassicEditor.create( document.querySelector( "#textfile_edit_area" )).catch( function(error){ console.error( error ); } ); }, 500);</script>';
|
$ret = '<script src="https://cdn.ckeditor.com/ckeditor5/12.1.0/classic/ckeditor.js"></script><textarea id="textfile_edit_area" style="width:100%;height:300px;">'.$data.'</textarea><script>setTimeout(function(){ ClassicEditor.create( document.querySelector( "#textfile_edit_area" )).catch( function(error){ console.error( error ); } ); }, 500);</script>';
|
||||||
} else {
|
}else{
|
||||||
$ret = '<textarea id="textfile_edit_area" style="width:100%;height:300px;">' . $data . '</textarea>';
|
$ret = '<textarea id="textfile_edit_area" style="width:100%;height:300px;">'.$data.'</textarea>';
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -651,10 +645,10 @@ if (isset($_GET['action'])) {
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
response(trans('no action passed') . AddErrorLocation())->send();
|
response(trans('no action passed').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
response(trans('no action passed') . AddErrorLocation())->send();
|
response(trans('no action passed').AddErrorLocation())->send();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
2
core/vendor/filemanager/config/config.php
vendored
2
core/vendor/filemanager/config/config.php
vendored
@ -447,7 +447,7 @@ $config = array(
|
|||||||
* TUI Image Editor config
|
* TUI Image Editor config
|
||||||
*******************/
|
*******************/
|
||||||
// Add or modify the options below as needed - they will be json encoded when added to the configuration so arrays can be utilized as needed
|
// Add or modify the options below as needed - they will be json encoded when added to the configuration so arrays can be utilized as needed
|
||||||
'tui_active' => true,
|
'tui_active' => false,
|
||||||
'tui_position' => 'bottom',
|
'tui_position' => 'bottom',
|
||||||
// 'common.bi.image' => "../assets/images/logo.png",
|
// 'common.bi.image' => "../assets/images/logo.png",
|
||||||
// 'common.bisize.width' => '70px',
|
// 'common.bisize.width' => '70px',
|
||||||
|
Loading…
Reference in New Issue
Block a user