PEEL Shopping
Open source ecommerce : PEEL Shopping
commands.php
Go to the documentation of this file.
1 <?php
2 /*
3  * FCKeditor - The text editor for Internet - http://www.fckeditor.net
4  * Copyright (C) 2003-2010 Frederico Caldeira Knabben
5  *
6  * == BEGIN LICENSE ==
7  *
8  * Licensed under the terms of any of the following licenses at your
9  * choice:
10  *
11  * - GNU General Public License Version 2 or later (the "GPL")
12  * http://www.gnu.org/licenses/gpl.html
13  *
14  * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
15  * http://www.gnu.org/licenses/lgpl.html
16  *
17  * - Mozilla Public License Version 1.1 or later (the "MPL")
18  * http://www.mozilla.org/MPL/MPL-1.1.html
19  *
20  * == END LICENSE ==
21  *
22  * This is the File Manager Connector for PHP.
23  */
24 
25 function GetFolders( $resourceType, $currentFolder )
26 {
27  // Map the virtual path to the local server path.
28  $sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFolders' ) ;
29 
30  // Array that will hold the folders names.
31  $aFolders = array() ;
32 
33  $oCurrentFolder = @opendir( $sServerDir ) ;
34 
35  if ($oCurrentFolder !== false)
36  {
37  while ( $sFile = readdir( $oCurrentFolder ) )
38  {
39  if ( $sFile != '.' && $sFile != '..' && is_dir( $sServerDir . $sFile ) )
40  $aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
41  }
42  closedir( $oCurrentFolder ) ;
43  }
44 
45  // Open the "Folders" node.
46  echo "<Folders>" ;
47 
48  natcasesort( $aFolders ) ;
49  foreach ( $aFolders as $sFolder )
50  echo $sFolder ;
51 
52  // Close the "Folders" node.
53  echo "</Folders>" ;
54 }
55 
56 function GetFoldersAndFiles( $resourceType, $currentFolder )
57 {
58  // Map the virtual path to the local server path.
59  $sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFoldersAndFiles' ) ;
60 
61  // Arrays that will hold the folders and files names.
62  $aFolders = array() ;
63  $aFiles = array() ;
64 
65  $oCurrentFolder = @opendir( $sServerDir ) ;
66 
67  if ($oCurrentFolder !== false)
68  {
69  while ( $sFile = readdir( $oCurrentFolder ) )
70  {
71  if ( $sFile != '.' && $sFile != '..' )
72  {
73  if ( is_dir( $sServerDir . $sFile ) )
74  $aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
75  else
76  {
77  $iFileSize = @filesize( $sServerDir . $sFile ) ;
78  if ( !$iFileSize ) {
79  $iFileSize = 0 ;
80  }
81  if ( $iFileSize > 0 )
82  {
83  $iFileSize = round( $iFileSize / 1024 ) ;
84  if ( $iFileSize < 1 )
85  $iFileSize = 1 ;
86  }
87 
88  $aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" />' ;
89  }
90  }
91  }
92  closedir( $oCurrentFolder ) ;
93  }
94 
95  // Send the folders
96  natcasesort( $aFolders ) ;
97  echo '<Folders>' ;
98 
99  foreach ( $aFolders as $sFolder )
100  echo $sFolder ;
101 
102  echo '</Folders>' ;
103 
104  // Send the files
105  natcasesort( $aFiles ) ;
106  echo '<Files>' ;
107 
108  foreach ( $aFiles as $sFiles )
109  echo $sFiles ;
110 
111  echo '</Files>' ;
112 }
113 
114 function CreateFolder( $resourceType, $currentFolder )
115 {
116  if (!isset($_GET)) {
117  global $_GET;
118  }
119  $sErrorNumber = '0' ;
120  $sErrorMsg = '' ;
121 
122  if ( isset( $_GET['NewFolderName'] ) )
123  {
124  $sNewFolderName = $_GET['NewFolderName'] ;
125  $sNewFolderName = SanitizeFolderName( $sNewFolderName ) ;
126 
127  if ( strpos( $sNewFolderName, '..' ) !== FALSE )
128  $sErrorNumber = '102' ; // Invalid folder name.
129  else
130  {
131  // Map the virtual path to the local server path of the current folder.
132  $sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'CreateFolder' ) ;
133 
134  if ( is_writable( $sServerDir ) )
135  {
136  $sServerDir .= $sNewFolderName ;
137 
138  $sErrorMsg = CreateServerFolder( $sServerDir ) ;
139 
140  switch ( $sErrorMsg )
141  {
142  case '' :
143  $sErrorNumber = '0' ;
144  break ;
145  case 'Invalid argument' :
146  case 'No such file or directory' :
147  $sErrorNumber = '102' ; // Path too long.
148  break ;
149  default :
150  $sErrorNumber = '110' ;
151  break ;
152  }
153  }
154  else
155  $sErrorNumber = '103' ;
156  }
157  }
158  else
159  $sErrorNumber = '102' ;
160 
161  // Create the "Error" node.
162  echo '<Error number="' . $sErrorNumber . '" />' ;
163 }
164 
165 function FileUpload( $resourceType, $currentFolder, $sCommand )
166 {
167  if (!isset($_FILES)) {
168  global $_FILES;
169  }
170  $sErrorNumber = '0' ;
171  $sFileName = '' ;
172 
173  if ( isset( $_FILES['NewFile'] ) && !is_null( $_FILES['NewFile']['tmp_name'] ) )
174  {
175  global $Config ;
176 
177  $oFile = $_FILES['NewFile'] ;
178 
179  // Map the virtual path to the local server path.
180  $sServerDir = ServerMapFolder( $resourceType, $currentFolder, $sCommand ) ;
181 
182  // Get the uploaded file name.
183  $sFileName = $oFile['name'] ;
184  $sFileName = SanitizeFileName( $sFileName ) ;
185 
186  $sOriginalFileName = $sFileName ;
187 
188  // Get the extension.
189  $sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ;
190  $sExtension = strtolower( $sExtension ) ;
191 
192  if ( isset( $Config['SecureImageUploads'] ) )
193  {
194  if ( ( $isImageValid = IsImageValid( $oFile['tmp_name'], $sExtension ) ) === false )
195  {
196  $sErrorNumber = '202' ;
197  }
198  }
199 
200  if ( isset( $Config['HtmlExtensions'] ) )
201  {
202  if ( !IsHtmlExtension( $sExtension, $Config['HtmlExtensions'] ) &&
203  ( $detectHtml = DetectHtml( $oFile['tmp_name'] ) ) === true )
204  {
205  $sErrorNumber = '202' ;
206  }
207  }
208 
209  // Check if it is an allowed extension.
210  if ( !$sErrorNumber && IsAllowedExt( $sExtension, $resourceType ) )
211  {
212  $iCounter = 0 ;
213 
214  while ( true )
215  {
216  $sFilePath = $sServerDir . $sFileName ;
217 
218  if ( is_file( $sFilePath ) )
219  {
220  $iCounter++ ;
221  $sFileName = RemoveExtension( $sOriginalFileName ) . '(' . $iCounter . ').' . $sExtension ;
222  $sErrorNumber = '201' ;
223  }
224  else
225  {
226  move_uploaded_file( $oFile['tmp_name'], $sFilePath ) ;
227 
228  if ( is_file( $sFilePath ) )
229  {
230  if ( isset( $Config['ChmodOnUpload'] ) && !$Config['ChmodOnUpload'] )
231  {
232  break ;
233  }
234 
235  $permissions = 0777;
236 
237  if ( isset( $Config['ChmodOnUpload'] ) && $Config['ChmodOnUpload'] )
238  {
239  $permissions = $Config['ChmodOnUpload'] ;
240  }
241 
242  $oldumask = umask(0) ;
243  @chmod( $sFilePath, $permissions ) ;
244  umask( $oldumask ) ;
245  }
246 
247  break ;
248  }
249  }
250 
251  if ( file_exists( $sFilePath ) )
252  {
253  //previous checks failed, try once again
254  if ( isset( $isImageValid ) && $isImageValid === -1 && IsImageValid( $sFilePath, $sExtension ) === false )
255  {
256  @unlink( $sFilePath ) ;
257  $sErrorNumber = '202' ;
258  }
259  else if ( isset( $detectHtml ) && $detectHtml === -1 && DetectHtml( $sFilePath ) === true )
260  {
261  @unlink( $sFilePath ) ;
262  $sErrorNumber = '202' ;
263  }
264  }
265  }
266  else
267  $sErrorNumber = '202' ;
268  }
269  else
270  $sErrorNumber = '202' ;
271 
272 
273  $sFileUrl = CombinePaths( GetResourceTypePath( $resourceType, $sCommand ) , $currentFolder ) ;
274  $sFileUrl = CombinePaths( $sFileUrl, $sFileName ) ;
275 
276  SendUploadResults( $sErrorNumber, $sFileUrl, $sFileName ) ;
277 
278  exit ;
279 }
280 ?>
ConvertToXmlAttribute
ConvertToXmlAttribute($value)
Definition: util.php:60
GetFolders
GetFolders($resourceType, $currentFolder)
Definition: commands.php:25
SanitizeFolderName
SanitizeFolderName($sNewFolderName)
Definition: io.php:255
GetFoldersAndFiles
GetFoldersAndFiles($resourceType, $currentFolder)
Definition: commands.php:56
GetResourceTypePath
GetResourceTypePath($resourceType, $sCommand)
Definition: io.php:28
IsAllowedExt
IsAllowedExt($sExtension, $resourceType)
Definition: io.php:191
$sCommand
$sCommand
Definition: upload.php:41
DetectHtml
DetectHtml($filePath)
Detect HTML in the first KB to prevent against potential security issue with IE/Safari/Opera file typ...
Definition: util.php:110
$Config
global $Config
Definition: config.php:25
SendUploadResults
SendUploadResults($errorNumber, $fileUrl= '', $fileName= '', $customMsg= '')
Definition: io.php:283
RemoveExtension
RemoveExtension($fileName)
Definition: io.php:64
CreateServerFolder
CreateServerFolder($folderPath, $lastFolder=null)
Definition: io.php:89
CreateFolder
CreateFolder($resourceType, $currentFolder)
Definition: commands.php:114
IsHtmlExtension
IsHtmlExtension($ext, $htmlExtensions)
Check whether given extension is in html etensions list.
Definition: util.php:88
IsImageValid
IsImageValid($filePath, $extension)
Check file content.
Definition: util.php:181
CombinePaths
CombinePaths($sBasePath, $sFolder)
Definition: io.php:24
SanitizeFileName
SanitizeFileName($sNewFileName)
Definition: io.php:266
FileUpload
FileUpload($resourceType, $currentFolder, $sCommand)
Definition: commands.php:165
ServerMapFolder
ServerMapFolder($resourceType, $folderPath, $sCommand)
Definition: io.php:69

This documentation for Open ecommerce PEEL Shopping and PEEL.fr has been generated by Doxygen on Thu Oct 15 2015 14:30:08 - Peel ecommerce is a product of Agence web Advisto SAS. All rights reserved.