2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
< ? php
2009-08-24 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_menu.php, include/functions_html.php,
include/functions_events.php, include/functions_messages.php,
include/functions_modules.php, include/functions_exportserver.php,
include/functions_reporting.php, include/functions_filemanager.php,
include/pchart_graph.php, include/pandora_graph.php, include/auth/dev.php,
include/auth/ldap.php, include/auth/mysql.php, include/config.inc.php,
include/functions_networkmap.php, include/functions_servers.php,
include/FusionCharts/FusionCharts_Gen.php,
include/FusionCharts/FusionCharts.php,
include/functions_network_profiles.php, include/gettext.php,
include/functions_network_components.php, include/functions_visual_map.php,
include/fgraph2.php, include/Image/image_functions.php,
include/functions_config.php, include/help/en/help_plugin_parameters.php,
include/help/en/help_snmpcommunity.php, include/help/en/help_wmiquery.php,
include/help/en/help_postprocess.php,
include/help/en/help_prediction_source_module.php,
include/help/en/help_date_format.php, include/help/en/help_recontask.php,
include/help/en/help_alert-matches.php, include/help/en/help_tcp_send.php,
include/help/en/help_wmifield.php, include/help/en/help_duplicateconfig.php,
include/help/en/help_agent_status.php,
include/help/en/help_manage_alerts.php, include/help/en/help_wmikey.php,
include/help/en/help_alert_type.php,
include/help/en/help_network_component.php,
include/help/en/help_time_stamp-comparation.php,
include/help/en/help_eventview.php, include/help/en/help_timesource.php,
include/help/en/help_alert_validation.php,
include/help/en/help_map_builder.php,
include/help/en/help_alert_recovery.php,
include/help/en/help_module_type.php,
include/help/en/help_planned_downtime.php,
include/help/en/help_serverlag.php, include/help/en/help_alerts.php,
include/help/en/help_snmpwalk.php,
include/help/en/help_module_definition.php,
include/help/en/help_plugin_definition.php,
include/help/en/help_wminamespace.php, include/help/en/help_snmpoid.php
include/help/en/help_manageconfig.php,
include/help/es/help_alert_validation.php,
include/help/es/help_plugin_parameters.php,
include/help/es/help_snmpcommunity.php, include/help/es/help_wmiquery.php,
include/help/es/help_map_builder.php, include/help/es/help_postprocess.php,
include/help/es/help_date_format.php,
include/help/es/help_alert_recovery.php,
include/help/es/help_prediction_source_module.php,
include/help/es/help_module_type.php,
include/help/es/help_planned_downtime.php,
include/help/es/help_alert-matches.php, include/help/es/help_recontask.php,
include/help/es/help_alerts.php, include/help/es/help_serverlag.php,
include/help/es/help_snmpwalk.php,
include/help/es/help_module_definition.php,
include/help/es/help_tcp_send.php, include/help/es/help_duplicateconfig.php,
include/help/es/help_wmifield.php, include/help/es/help_manage_alerts.php,
include/help/es/help_wmikey.php, include/help/es/help_plugin_definition.php,
include/help/es/help_alert_type.php, include/help/es/help_snmpoid.php,
include/help/es/help_wminamespace.php,
include/help/es/help_network_component.php,
include/help/es/help_time_stamp-comparation.php,
include/help/es/help_manageconfig.php, include/help/es/help_timesource.php,
include/config_process.php, include/functions_ui.php, include/htmlawed.php,
include/functions_custom_graphs.php, include/fgraph.php,
include/functions_incidents.php, include/functions.php,
include/functions_agents.php, include/functions_db.php,
include/functions_themes.php, include/streams.php,
include/functions_fsgraph.php, include/functions_alerts.php,
include/functions_reports.php, include/functions_extensions.php,
include/functions_ui_renders.php: change comments blocks for delete the
warnings to construct phpDoc Files, give a struct and order in the
phpDoc files.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1881 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-08-25 19:39:28 +02:00
/**
2021-05-27 16:19:51 +02:00
* Images File Manager functions .
*
* @ category Functions
* @ package Pandora FMS
* @ subpackage Community
* @ version 1.0 . 0
* @ license See below
*
* ______ ___ _______ _______ ________
* | __ \ .-----.--.--.--| |.-----.----.-----. | ___ | | | __ |
* | __ /| _ | | _ || _ | _ | _ | | ___ | | __ |
* | ___ | | ___ . _ | __ | __ | _____ || _____ | __ | | ___ . _ | | ___ | | __ | _ | __ | _______ |
*
* ============================================================================
* Copyright ( c ) 2005 - 2021 Artica Soluciones Tecnologicas
* Please see http :// pandorafms . org for full contribution list
* This program is free software ; you can redistribute it and / or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation for version 2.
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
* ============================================================================
2009-08-24 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_menu.php, include/functions_html.php,
include/functions_events.php, include/functions_messages.php,
include/functions_modules.php, include/functions_exportserver.php,
include/functions_reporting.php, include/functions_filemanager.php,
include/pchart_graph.php, include/pandora_graph.php, include/auth/dev.php,
include/auth/ldap.php, include/auth/mysql.php, include/config.inc.php,
include/functions_networkmap.php, include/functions_servers.php,
include/FusionCharts/FusionCharts_Gen.php,
include/FusionCharts/FusionCharts.php,
include/functions_network_profiles.php, include/gettext.php,
include/functions_network_components.php, include/functions_visual_map.php,
include/fgraph2.php, include/Image/image_functions.php,
include/functions_config.php, include/help/en/help_plugin_parameters.php,
include/help/en/help_snmpcommunity.php, include/help/en/help_wmiquery.php,
include/help/en/help_postprocess.php,
include/help/en/help_prediction_source_module.php,
include/help/en/help_date_format.php, include/help/en/help_recontask.php,
include/help/en/help_alert-matches.php, include/help/en/help_tcp_send.php,
include/help/en/help_wmifield.php, include/help/en/help_duplicateconfig.php,
include/help/en/help_agent_status.php,
include/help/en/help_manage_alerts.php, include/help/en/help_wmikey.php,
include/help/en/help_alert_type.php,
include/help/en/help_network_component.php,
include/help/en/help_time_stamp-comparation.php,
include/help/en/help_eventview.php, include/help/en/help_timesource.php,
include/help/en/help_alert_validation.php,
include/help/en/help_map_builder.php,
include/help/en/help_alert_recovery.php,
include/help/en/help_module_type.php,
include/help/en/help_planned_downtime.php,
include/help/en/help_serverlag.php, include/help/en/help_alerts.php,
include/help/en/help_snmpwalk.php,
include/help/en/help_module_definition.php,
include/help/en/help_plugin_definition.php,
include/help/en/help_wminamespace.php, include/help/en/help_snmpoid.php
include/help/en/help_manageconfig.php,
include/help/es/help_alert_validation.php,
include/help/es/help_plugin_parameters.php,
include/help/es/help_snmpcommunity.php, include/help/es/help_wmiquery.php,
include/help/es/help_map_builder.php, include/help/es/help_postprocess.php,
include/help/es/help_date_format.php,
include/help/es/help_alert_recovery.php,
include/help/es/help_prediction_source_module.php,
include/help/es/help_module_type.php,
include/help/es/help_planned_downtime.php,
include/help/es/help_alert-matches.php, include/help/es/help_recontask.php,
include/help/es/help_alerts.php, include/help/es/help_serverlag.php,
include/help/es/help_snmpwalk.php,
include/help/es/help_module_definition.php,
include/help/es/help_tcp_send.php, include/help/es/help_duplicateconfig.php,
include/help/es/help_wmifield.php, include/help/es/help_manage_alerts.php,
include/help/es/help_wmikey.php, include/help/es/help_plugin_definition.php,
include/help/es/help_alert_type.php, include/help/es/help_snmpoid.php,
include/help/es/help_wminamespace.php,
include/help/es/help_network_component.php,
include/help/es/help_time_stamp-comparation.php,
include/help/es/help_manageconfig.php, include/help/es/help_timesource.php,
include/config_process.php, include/functions_ui.php, include/htmlawed.php,
include/functions_custom_graphs.php, include/fgraph.php,
include/functions_incidents.php, include/functions.php,
include/functions_agents.php, include/functions_db.php,
include/functions_themes.php, include/streams.php,
include/functions_fsgraph.php, include/functions_alerts.php,
include/functions_reports.php, include/functions_extensions.php,
include/functions_ui_renders.php: change comments blocks for delete the
warnings to construct phpDoc Files, give a struct and order in the
phpDoc files.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1881 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-08-25 19:39:28 +02:00
*/
2021-05-27 16:19:51 +02:00
// Get global data.
// Constants.
2019-01-30 16:18:44 +01:00
define ( 'MIME_UNKNOWN' , 0 );
define ( 'MIME_DIR' , 1 );
define ( 'MIME_IMAGE' , 2 );
define ( 'MIME_ZIP' , 3 );
define ( 'MIME_TEXT' , 4 );
2021-05-27 16:19:51 +02:00
if ( function_exists ( 'mime_content_type' ) === false ) {
2019-01-30 16:18:44 +01:00
/**
* Gets the MIME type of a file .
*
* Help function in case mime_magic is not loaded on PHP .
*
2021-05-27 16:19:51 +02:00
* @ param string $filename Filename to get MIME type .
2019-01-30 16:18:44 +01:00
*
* @ return The MIME type of the file .
*/
2021-05-27 16:19:51 +02:00
function mime_content_type ( string $filename )
2019-01-30 16:18:44 +01:00
{
$mime_types = [
'txt' => 'text/plain' ,
'htm' => 'text/html' ,
'html' => 'text/html' ,
'php' => 'text/html' ,
'css' => 'text/css' ,
'js' => 'application/javascript' ,
'json' => 'application/json' ,
'xml' => 'application/xml' ,
'swf' => 'application/x-shockwave-flash' ,
'flv' => 'video/x-flv' ,
2021-05-27 16:19:51 +02:00
// Images.
2019-01-30 16:18:44 +01:00
'png' => 'image/png' ,
'jpe' => 'image/jpeg' ,
'jpeg' => 'image/jpeg' ,
'jpg' => 'image/jpeg' ,
'gif' => 'image/gif' ,
'bmp' => 'image/bmp' ,
'ico' => 'image/vnd.microsoft.icon' ,
'tiff' => 'image/tiff' ,
'tif' => 'image/tiff' ,
'svg' => 'image/svg+xml' ,
'svgz' => 'image/svg+xml' ,
2021-05-27 16:19:51 +02:00
// Archives.
2019-01-30 16:18:44 +01:00
'zip' => 'application/zip' ,
'rar' => 'application/x-rar-compressed' ,
'exe' => 'application/x-msdownload' ,
'msi' => 'application/x-msdownload' ,
'cab' => 'application/vnd.ms-cab-compressed' ,
'gz' => 'application/x-gzip' ,
'gz' => 'application/x-bzip2' ,
2021-05-27 16:19:51 +02:00
// Audio/Video.
2019-01-30 16:18:44 +01:00
'mp3' => 'audio/mpeg' ,
'qt' => 'video/quicktime' ,
'mov' => 'video/quicktime' ,
2021-05-27 16:19:51 +02:00
// Adobe.
2019-01-30 16:18:44 +01:00
'pdf' => 'application/pdf' ,
'psd' => 'image/vnd.adobe.photoshop' ,
'ai' => 'application/postscript' ,
'eps' => 'application/postscript' ,
'ps' => 'application/postscript' ,
2021-05-27 16:19:51 +02:00
// MS Office.
2019-01-30 16:18:44 +01:00
'doc' => 'application/msword' ,
'rtf' => 'application/rtf' ,
'xls' => 'application/vnd.ms-excel' ,
'ppt' => 'application/vnd.ms-powerpoint' ,
2021-05-27 16:19:51 +02:00
// Open Source Office files.
2019-01-30 16:18:44 +01:00
'odt' => 'application/vnd.oasis.opendocument.text' ,
'ods' => 'application/vnd.oasis.opendocument.spreadsheet' ,
];
$ext_fields = explode ( '.' , $filename );
$ext = array_pop ( $ext_fields );
$ext = strtolower ( $ext );
2021-05-27 16:19:51 +02:00
if ( array_key_exists ( $ext , $mime_types ) === true ) {
2019-01-30 16:18:44 +01:00
return $mime_types [ $ext ];
2021-05-27 16:19:51 +02:00
} else if ( function_exists ( 'finfo_open' ) === true ) {
2019-01-30 16:18:44 +01:00
$finfo = finfo_open ( FILEINFO_MIME );
$mimetype = finfo_file ( $finfo , $filename );
finfo_close ( $finfo );
return $mimetype ;
} else {
2019-12-31 11:24:54 +01:00
error_log ( 'Warning: Cannot find finfo_open function. Fileinfo extension is not enabled. Please add "extension=fileinfo.so" or "extension=fileinfo.dll" in your php.ini' );
return 'unknown' ;
2019-01-30 16:18:44 +01:00
}
}
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
}
2014-09-08 14:17:46 +02:00
global $config ;
2021-06-16 15:53:05 +02:00
require_once $config [ 'homedir' ] . '/vendor/autoload.php' ;
2014-09-08 14:17:46 +02:00
2021-05-27 16:19:51 +02:00
/**
* Upload file .
*
* @ param boolean $upload_file_or_zip Upload file or zip .
* @ param string $default_real_directory String with default directory .
2021-09-03 13:30:15 +02:00
* @ param string $destination_directory String with destination directory .
2021-05-27 16:19:51 +02:00
*
* @ return void
*/
2021-09-03 13:30:15 +02:00
function upload_file ( $upload_file_or_zip , $default_real_directory , $destination_directory )
2020-11-03 15:58:53 +01:00
{
2019-01-30 16:18:44 +01:00
global $config ;
$config [ 'filemanager' ] = [];
$config [ 'filemanager' ][ 'correct_upload_file' ] = 0 ;
2021-09-03 13:30:15 +02:00
$config [ 'filemanager' ][ 'message' ] = '' ;
2019-01-30 16:18:44 +01:00
check_login ();
if ( ! check_acl ( $config [ 'id_user' ], 0 , 'AW' )) {
2022-02-01 13:39:18 +01:00
db_pandora_audit (
AUDIT_LOG_ACL_VIOLATION ,
'Trying to access File manager'
);
2019-01-30 16:18:44 +01:00
include 'general/noaccess.php' ;
return ;
}
2021-05-27 16:19:51 +02:00
if ( $upload_file_or_zip === true ) {
$decompress = ( bool ) get_parameter ( 'decompress' , false );
if ( $decompress === false ) {
2020-11-03 15:58:53 +01:00
$upload_file = true ;
$upload_zip = false ;
2019-01-30 16:18:44 +01:00
} else {
2020-11-03 15:58:53 +01:00
$upload_file = false ;
$upload_zip = true ;
}
} else {
$upload_file = ( bool ) get_parameter ( 'upload_file' );
2021-05-27 16:19:51 +02:00
$upload_zip = ( bool ) get_parameter ( 'upload_zip' );
2020-11-03 15:58:53 +01:00
}
2021-05-27 16:19:51 +02:00
// Upload file.
if ( $upload_file === true ) {
if ( isset ( $_FILES [ 'file' ]) === true && empty ( $_FILES [ 'file' ][ 'name' ]) === false ) {
$filename = $_FILES [ 'file' ][ 'name' ];
2021-09-03 13:30:15 +02:00
$real_directory = filemanager_safe_directory ( $destination_directory );
2021-05-27 16:19:51 +02:00
$umask = io_safe_output (( string ) get_parameter ( 'umask' ));
2020-11-03 15:58:53 +01:00
if ( strpos ( $real_directory , $default_real_directory ) !== 0 ) {
2021-08-25 17:13:07 +02:00
// Perform security check to determine whether received upload
// directory is part of the default path for caller uploader and
// user is not trying to access an external path (avoid
// execution of PHP files in directories that are not explicitly
// controlled by corresponding .htaccess).
2021-09-03 13:30:15 +02:00
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'Security error' ));
2019-01-30 16:18:44 +01:00
} else {
2021-05-27 16:19:51 +02:00
// Copy file to directory and change name.
2021-09-03 13:30:15 +02:00
$nombre_archivo = sprintf ( '%s/%s' , $real_directory , $filename );
2020-11-03 15:58:53 +01:00
2021-09-03 13:30:15 +02:00
try {
$result = copy ( $_FILES [ 'file' ][ 'tmp_name' ], $nombre_archivo );
} catch ( Exception $ex ) {
$result = false ;
}
if ( $result === true ) {
// If umask is provided, set.
2021-05-27 16:19:51 +02:00
if ( empty ( $umask ) === false ) {
2021-09-03 13:30:15 +02:00
try {
chmod ( $nombre_archivo , $umask );
} catch ( Exception $ex ) {
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'Issue setting umask: %s' , $ex -> getMessage ()));
}
2020-11-03 15:58:53 +01:00
}
2021-09-03 13:30:15 +02:00
// Upload performed properly.
$config [ 'filemanager' ][ 'message' ] .= ui_print_success_message ( __ ( 'Upload correct' ));
2020-11-03 15:58:53 +01:00
$config [ 'filemanager' ][ 'correct_upload_file' ] = 1 ;
2021-05-27 16:19:51 +02:00
// Delete temporal file.
2020-11-03 15:58:53 +01:00
unlink ( $_FILES [ 'file' ][ 'tmp_name' ]);
2021-09-03 13:30:15 +02:00
} else {
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'Upload error' ));
2020-11-03 15:58:53 +01:00
}
2019-01-30 16:18:44 +01:00
}
2020-11-03 15:58:53 +01:00
}
}
2019-01-30 16:18:44 +01:00
2021-05-27 16:19:51 +02:00
// Upload zip.
if ( $upload_zip === true ) {
2021-06-16 15:53:05 +02:00
if ( isset ( $_FILES [ 'file' ]) === true
&& empty ( $_FILES [ 'file' ][ 'name' ]) === false
) {
$filename = $_FILES [ 'file' ][ 'name' ];
$filepath = $_FILES [ 'file' ][ 'tmp_name' ];
2021-09-03 13:30:15 +02:00
$real_directory = filemanager_safe_directory ( $destination_directory );
2020-11-03 15:58:53 +01:00
if ( strpos ( $real_directory , $default_real_directory ) !== 0 ) {
2021-06-16 15:53:05 +02:00
// Perform security check to determine whether received upload
// directory is part of the default path for caller uploader
// and user is not trying to access an external path (avoid
// execution of PHP files in directories that are not explicitly
// controlled by corresponding .htaccess).
2020-11-03 15:58:53 +01:00
ui_print_error_message ( __ ( 'Security error' ));
2019-01-30 16:18:44 +01:00
} else {
2021-06-16 15:53:05 +02:00
if ( PandoraFMS\Tools\Files :: unzip ( $filepath , $real_directory ) === false ) {
2021-09-03 13:30:15 +02:00
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'It was impossible to uncompress your file' ));
2020-11-03 15:58:53 +01:00
} else {
unlink ( $_FILES [ 'file' ][ 'tmp_name' ]);
2021-09-03 13:30:15 +02:00
$config [ 'filemanager' ][ 'message' ] = ui_print_success_message ( __ ( 'Upload correct' ));
2020-11-03 15:58:53 +01:00
$config [ 'filemanager' ][ 'correct_upload_file' ] = 1 ;
}
2019-01-30 16:18:44 +01:00
}
}
}
2010-07-07 14:27:37 +02:00
}
2020-11-03 15:58:53 +01:00
2021-05-27 16:19:51 +02:00
if ( isset ( $_SERVER [ 'CONTENT_LENGTH' ]) === true ) {
// Control the max_post_size exceed.
if ( intval ( $_SERVER [ 'CONTENT_LENGTH' ]) > 0 && empty ( $_POST ) === true && empty ( $_FILES ) === true ) {
2019-01-30 16:18:44 +01:00
$config [ 'filemanager' ][ 'correct_upload_file' ] = 0 ;
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'File size seems to be too large. Please check your php.ini configuration or contact with the administrator' ), '' , true );
}
2013-08-02 14:38:38 +02:00
}
2020-11-03 15:58:53 +01:00
2021-09-03 13:30:15 +02:00
function create_text_file ( $default_real_directory , $destination_directory )
2020-11-03 15:58:53 +01:00
{
2019-01-30 16:18:44 +01:00
global $config ;
$config [ 'filemanager' ] = [];
$config [ 'filemanager' ][ 'correct_upload_file' ] = 0 ;
$config [ 'filemanager' ][ 'message' ] = null ;
check_login ();
if ( ! check_acl ( $config [ 'id_user' ], 0 , 'AW' )) {
2022-02-01 13:39:18 +01:00
db_pandora_audit (
AUDIT_LOG_ACL_VIOLATION ,
'Trying to access File manager'
);
2019-01-30 16:18:44 +01:00
include 'general/noaccess.php' ;
return ;
}
2021-09-02 13:38:55 +02:00
$filename = filemanager_safe_directory (( string ) get_parameter ( 'name_file' ));
2019-01-30 16:18:44 +01:00
2021-05-27 16:19:51 +02:00
if ( empty ( $filename ) === false ) {
2021-09-03 13:30:15 +02:00
$real_directory = filemanager_safe_directory ( $destination_directory );
2021-05-27 16:19:51 +02:00
$umask = ( string ) get_parameter ( 'umask' );
2019-01-30 16:18:44 +01:00
2020-11-03 15:58:53 +01:00
if ( strpos ( $real_directory , $default_real_directory ) !== 0 ) {
2021-08-25 17:13:07 +02:00
// Perform security check to determine whether received upload
// directory is part of the default path for caller uploader and
// user is not trying to access an external path (avoid execution
// of PHP files in directories that are not explicitly controlled by
// corresponding .htaccess).
2020-11-03 15:58:53 +01:00
ui_print_error_message ( __ ( 'Security error' ));
2019-01-30 16:18:44 +01:00
} else {
2021-08-26 11:15:02 +02:00
$nombre_archivo = $real_directory . '/' . $filename ;
2019-01-30 16:18:44 +01:00
2021-08-26 11:15:02 +02:00
try {
// Create the file.
$result = touch ( $nombre_archivo );
2019-01-30 16:18:44 +01:00
2021-08-26 11:15:02 +02:00
if ( $result === true ) {
if ( $umask !== '' ) {
chmod ( $nombre_archivo , $umask );
}
2020-11-03 15:58:53 +01:00
2021-08-26 11:15:02 +02:00
ui_print_success_message ( __ ( 'File created correctly' ));
$config [ 'filemanager' ][ 'correct_upload_file' ] = 1 ;
} else {
throw new Exception ( __ ( 'Error creating file' ));
}
} catch ( Exception $ex ) {
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( $ex -> getMessage ());
2019-01-30 16:18:44 +01:00
}
}
} else {
2021-08-26 11:15:02 +02:00
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'Error creating file with empty name' ));
2019-01-30 16:18:44 +01:00
}
2010-07-07 14:27:37 +02:00
}
2019-01-30 16:18:44 +01:00
2021-05-27 16:19:51 +02:00
// CREATE DIR.
2019-01-30 16:18:44 +01:00
$create_dir = ( bool ) get_parameter ( 'create_dir' );
2021-05-27 16:19:51 +02:00
if ( $create_dir === true ) {
2019-01-30 16:18:44 +01:00
global $config ;
2021-08-23 15:35:47 +02:00
$sec2 = get_parameter ( 'sec2' );
if ( $sec2 === 'enterprise/godmode/agentes/collections' || $sec2 === 'advanced/collections' ) {
2021-08-25 17:13:07 +02:00
$homedir_filemanager = io_safe_output ( $config [ 'attachment_store' ]) . '/collection' ;
} else {
$homedir_filemanager = io_safe_output ( $config [ 'homedir' ]);
2021-08-23 15:35:47 +02:00
}
2021-06-07 17:58:36 +02:00
2019-01-30 16:18:44 +01:00
$config [ 'filemanager' ] = [];
$config [ 'filemanager' ][ 'correct_create_dir' ] = 0 ;
$config [ 'filemanager' ][ 'message' ] = null ;
2021-08-25 17:13:07 +02:00
$directory = filemanager_safe_directory (( string ) get_parameter ( 'directory' ));
2021-05-27 16:19:51 +02:00
$hash = ( string ) get_parameter ( 'hash' );
2021-06-08 14:21:33 +02:00
$testHash = md5 ( $directory . $config [ 'server_unique_identifier' ]);
2019-01-30 16:18:44 +01:00
2021-05-27 16:19:51 +02:00
if ( $hash !== $testHash ) {
2019-01-30 16:18:44 +01:00
ui_print_error_message ( __ ( 'Security error.' ));
} else {
2021-06-02 13:17:34 +02:00
$dirname = filemanager_safe_directory (( string ) get_parameter ( 'dirname' ));
2019-01-30 16:18:44 +01:00
2021-05-27 16:19:51 +02:00
if ( empty ( $dirname ) === false ) {
// Create directory.
2021-08-25 17:13:07 +02:00
try {
// If directory exists, add an slash at end.
if ( empty ( $directory ) === false ) {
$directory .= '/' ;
}
2019-01-30 16:18:44 +01:00
2021-08-25 17:13:07 +02:00
$result = mkdir ( $homedir_filemanager . '/' . $directory . $dirname );
2019-01-30 16:18:44 +01:00
2021-08-25 17:13:07 +02:00
if ( $result === true ) {
$config [ 'filemanager' ][ 'message' ] = ui_print_success_message ( __ ( 'Directory created' ), '' , true );
$config [ 'filemanager' ][ 'correct_create_dir' ] = 1 ;
} else {
throw new Exception ( __ ( 'Something gone wrong creating directory' ));
}
} catch ( Exception $ex ) {
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( $ex -> getMessage (), '' , true );
}
2019-01-30 16:18:44 +01:00
} else {
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'Error creating file with empty name' ), '' , true );
}
}
2010-07-07 14:27:37 +02:00
}
2021-05-27 16:19:51 +02:00
// DELETE FILE OR DIR.
2019-01-30 16:18:44 +01:00
$delete_file = ( bool ) get_parameter ( 'delete_file' );
2021-05-27 16:19:51 +02:00
if ( $delete_file === true ) {
2019-01-30 16:18:44 +01:00
global $config ;
$config [ 'filemanager' ] = [];
$config [ 'filemanager' ][ 'delete' ] = 0 ;
$config [ 'filemanager' ][ 'message' ] = null ;
$filename = ( string ) get_parameter ( 'filename' );
$filename = io_safe_output ( $filename );
2021-05-27 16:19:51 +02:00
$hash = get_parameter ( 'hash' , '' );
2021-06-08 14:21:33 +02:00
$testHash = md5 ( $filename . $config [ 'server_unique_identifier' ]);
2019-01-30 16:18:44 +01:00
2021-05-27 16:19:51 +02:00
if ( $hash !== $testHash ) {
2019-01-30 16:18:44 +01:00
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'Security error' ), '' , true );
} else {
$config [ 'filemanager' ][ 'message' ] = ui_print_success_message ( __ ( 'Deleted' ), '' , true );
2021-05-27 16:19:51 +02:00
if ( is_dir ( $filename ) === true ) {
if ( rmdir ( $filename ) === true ) {
2020-05-19 18:53:09 +02:00
$config [ 'filemanager' ][ 'delete' ] = 1 ;
} else {
$config [ 'filemanager' ][ 'delete' ] = 0 ;
}
2019-01-30 16:18:44 +01:00
} else {
2021-05-27 16:19:51 +02:00
if ( unlink ( $filename ) === true ) {
2020-05-19 18:53:09 +02:00
$config [ 'filemanager' ][ 'delete' ] = 1 ;
} else {
$config [ 'filemanager' ][ 'delete' ] = 0 ;
}
}
if ( $config [ 'filemanager' ][ 'delete' ] == 0 ) {
$config [ 'filemanager' ][ 'message' ] = ui_print_error_message ( __ ( 'Deleted' ), '' , true );
2019-01-30 16:18:44 +01:00
}
}
2010-07-07 14:27:37 +02:00
}
2019-01-30 16:18:44 +01:00
2010-07-07 14:27:37 +02:00
/**
* Recursive delete directory and empty or not directory .
2019-01-30 16:18:44 +01:00
*
2021-08-26 11:15:02 +02:00
* @ param string $dir The dir to deletete .
*
* @ return void
2010-07-07 14:27:37 +02:00
*/
2019-01-30 16:18:44 +01:00
function filemanager_delete_directory ( $dir )
{
// Windows compatibility
$dir = str_replace ( '\\' , '/' , $dir );
if ( $handle = opendir ( $dir )) {
while ( false !== ( $file = readdir ( $handle ))) {
if (( $file != '.' ) && ( $file != '..' )) {
if ( is_dir ( $dir . $file )) {
if ( ! rmdir ( $dir . $file )) {
filemanager_delete_directory ( $dir . $file . '/' );
}
} else {
unlink ( $dir . $file );
}
}
}
closedir ( $handle );
rmdir ( $dir );
}
2010-07-07 14:27:37 +02:00
}
2019-01-30 16:18:44 +01:00
2010-07-08 18:45:34 +02:00
/**
* Read a directory recursibly and return a array with the files with
* the absolute path and relative
2019-01-30 16:18:44 +01:00
*
2021-08-26 11:15:02 +02:00
* @ param string $dir Absoute dir to scan .
* @ param string $relative_path Relative path to scan , by default '' .
* @ param boolean $add_empty_dirs Add empty dirs .
2019-01-30 16:18:44 +01:00
*
2010-07-08 18:45:34 +02:00
* @ return array The files in the dirs , empty array for empty dir of files .
*/
2019-01-30 16:18:44 +01:00
function filemanager_read_recursive_dir ( $dir , $relative_path = '' , $add_empty_dirs = false )
{
$return = [];
2021-08-26 11:15:02 +02:00
// Windows compatibility.
2019-01-30 16:18:44 +01:00
$dir = str_replace ( '\\' , '/' , $dir );
$relative_path = str_replace ( '\\' , '/' , $relative_path );
if ( $handle = opendir ( $dir )) {
while ( false !== ( $entry = readdir ( $handle ))) {
2021-08-26 11:15:02 +02:00
if (( $entry !== '.' ) && ( $entry !== '..' )) {
if ( is_dir ( $dir . $entry ) === true ) {
2019-01-30 16:18:44 +01:00
$return [] = [
'relative' => $relative_path . $entry ,
'absolute' => $dir . $entry ,
'dir' => true ,
];
$return = array_merge (
$return ,
filemanager_read_recursive_dir (
$dir . $entry . '/' ,
$relative_path . $entry . '/' ,
'' ,
$add_empty_dirs
)
);
} else {
$return [] = [
'relative' => $relative_path . $entry ,
'absolute' => $dir . $entry ,
'dir' => false ,
];
}
}
}
closedir ( $handle );
}
return $return ;
2010-07-08 18:45:34 +02:00
}
2019-01-30 16:18:44 +01:00
2010-07-07 14:27:37 +02:00
/**
* The main function to show the directories and files .
2019-01-30 16:18:44 +01:00
*
2021-07-16 16:54:43 +02:00
* @ param string $real_directory The string of dir as realpath .
* @ param string $relative_directory The string of dir as relative path .
* @ param string $url The url to set in the forms and some links in the explorer .
* @ param string $father The directory father don ' t navigate bottom this .
* @ param boolean $editor The flag to set the edition of text files .
* @ param boolean $readOnly If true , only can read the files .
* @ param string $url_file The url to put in the files instead the default . By default empty string and use the url of filemanager .
* @ param boolean $download_button The flag to show download button , by default false .
* @ param string $umask The umask as hex values to set the new files or updload .
* @ param boolean $homedir_filemanager Homedir filemanager .
* @ param boolean $allowCreateText If true , 'Create Text' button will be shown .
2010-07-07 14:27:37 +02:00
*/
2019-01-30 16:18:44 +01:00
function filemanager_file_explorer (
$real_directory ,
$relative_directory ,
$url ,
$father = '' ,
$editor = false ,
$readOnly = false ,
$url_file = '' ,
$download_button = false ,
$umask = '' ,
2021-07-16 16:54:43 +02:00
$homedir_filemanager = false ,
$allowCreateText = true
2019-01-30 16:18:44 +01:00
) {
global $config ;
2021-07-16 16:54:43 +02:00
// Windows compatibility.
2019-01-30 16:18:44 +01:00
$real_directory = str_replace ( '\\' , '/' , $real_directory );
$relative_directory = str_replace ( '\\' , '/' , $relative_directory );
$father = str_replace ( '\\' , '/' , $father );
if ( $homedir_filemanager === false ) {
$homedir_filemanager = $config [ 'homedir' ];
}
2021-07-16 16:54:43 +02:00
$hack_metaconsole = ( is_metaconsole () === true ) ? '../../' : '' ;
2019-01-30 16:18:44 +01:00
?>
< script type = " text/javascript " >
function show_form_create_folder () {
2019-04-10 10:06:27 +02:00
actions_dialog ( 'create_folder' );
$ ( " #create_folder " ) . css ( " display " , " block " );
check_opened_dialog ( 'create_folder' );
}
2021-07-16 16:54:43 +02:00
< ? php if ( $allowCreateText === true ) : ?>
2019-04-10 10:06:27 +02:00
function show_create_text_file () {
actions_dialog ( 'create_text_file' );
$ ( " #create_text_file " ) . css ( " display " , " block " );
check_opened_dialog ( 'create_text_file' );
2019-01-30 16:18:44 +01:00
}
2021-07-16 16:54:43 +02:00
< ? php endif ?>
2019-01-30 16:18:44 +01:00
function show_upload_file () {
2019-04-10 10:06:27 +02:00
actions_dialog ( 'upload_file' );
$ ( " #upload_file " ) . css ( " display " , " block " );
check_opened_dialog ( 'upload_file' );
}
function check_opened_dialog ( check_opened ){
if ( check_opened !== 'create_folder' ){
if (( $ ( " #create_folder " ) . hasClass ( " ui-dialog-content " ) && $ ( '#create_folder' ) . dialog ( 'isOpen' ) === true )) {
$ ( '#create_folder' ) . dialog ( 'close' );
}
}
2021-07-16 16:54:43 +02:00
< ? php if ( $allowCreateText === true ) : ?>
2019-04-10 10:06:27 +02:00
if ( check_opened !== 'create_text_file' ){
if (( $ ( " #create_text_file " ) . hasClass ( " ui-dialog-content " ) && $ ( '#create_text_file' ) . dialog ( 'isOpen' ) === true )) {
$ ( '#create_text_file' ) . dialog ( 'close' );
}
}
2021-07-16 16:54:43 +02:00
< ? php endif ?>
2019-04-10 10:06:27 +02:00
if ( check_opened !== 'upload_file' ){
if (( $ ( " #upload_file " ) . hasClass ( " ui-dialog-content " ) && $ ( '#upload_file' ) . dialog ( 'isOpen' )) === true ) {
$ ( '#upload_file' ) . dialog ( 'close' );
}
}
2019-01-30 16:18:44 +01:00
}
2019-04-10 10:06:27 +02:00
function actions_dialog ( action ){
$ ( '.' + action ) . addClass ( 'file_table_modal_active' );
var title_action = '' ;
switch ( action ) {
case 'create_folder' :
title_action = " <?php echo __('Create a Directory'); ?> " ;
break ;
2021-07-16 16:54:43 +02:00
< ? php if ( $allowCreateText === true ) : ?>
2019-04-10 10:06:27 +02:00
case 'create_text_file' :
title_action = " <?php echo __('Create a Text'); ?> " ;
break ;
2021-07-16 16:54:43 +02:00
< ? php endif ?>
2019-04-10 10:06:27 +02:00
case 'upload_file' :
title_action = " <?php echo __('Upload Files'); ?> " ;
break ;
default :
break ;
}
$ ( '#' + action )
. dialog ({
title : title_action ,
resizable : true ,
draggable : true ,
modal : true ,
overlay : {
opacity : 0.5 ,
background : " black "
},
width : 500 ,
minWidth : 500 ,
minHeight : 210 ,
maxWidth : 800 ,
maxHeight : 300 ,
close : function () {
$ ( '.' + action ) . removeClass ( 'file_table_modal_active' );
}
}) . show ();
2019-01-30 16:18:44 +01:00
}
</ script >
< ? php
2021-07-16 16:54:43 +02:00
// List files.
if ( is_dir ( $real_directory ) === false ) {
2019-01-30 16:18:44 +01:00
echo __ ( 'Directory %s doesn\'t exist!' , $relative_directory );
return ;
}
$files = filemanager_list_dir ( $real_directory );
2021-07-16 16:54:43 +02:00
if ( empty ( $files ) === false ) {
2021-03-02 13:21:13 +01:00
$table = new stdClass ();
$table -> width = '100%' ;
$table -> id = 'table_filemanager' ;
2019-01-30 16:18:44 +01:00
2021-08-26 11:15:02 +02:00
$table -> class = ( is_metaconsole () === true ) ? 'databox_tactical' : 'info_table' ;
$table -> title = '<span>' . __ ( 'Index of %s' , $relative_directory ) . '</span>' ;
2021-03-02 13:21:13 +01:00
$table -> colspan = [];
$table -> data = [];
$table -> head = [];
$table -> size = [];
$table -> align [ 1 ] = 'left' ;
$table -> align [ 2 ] = 'left' ;
$table -> align [ 3 ] = 'left' ;
$table -> align [ 4 ] = 'left' ;
$table -> size [ 0 ] = '24px' ;
$table -> head [ 0 ] = '' ;
$table -> head [ 1 ] = __ ( 'Name' );
$table -> head [ 2 ] = __ ( 'Last modification' );
$table -> head [ 3 ] = __ ( 'Size' );
$table -> head [ 4 ] = __ ( 'Actions' );
$prev_dir = explode ( '/' , $relative_directory );
2021-07-16 16:54:43 +02:00
$count_prev_dir = count ( $prev_dir );
2021-03-02 13:21:13 +01:00
$prev_dir_str = '' ;
2021-08-26 11:15:02 +02:00
$prev_dir_count = count ( $prev_dir );
for ( $i = 0 ; $i < ( $prev_dir_count - 1 ); $i ++ ) {
2021-03-02 13:21:13 +01:00
$prev_dir_str .= $prev_dir [ $i ];
2021-08-26 11:15:02 +02:00
if ( $i < ( $prev_dir_count - 2 )) {
2021-03-02 13:21:13 +01:00
$prev_dir_str .= '/' ;
}
}
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
if (( $prev_dir_str != '' ) && ( $father != $relative_directory )) {
2021-06-04 13:03:35 +02:00
$table -> data [ 0 ][ 0 ] = html_print_image ( 'images/go_previous.png' , true , [ 'class' => 'invert_filter' ]);
2021-06-08 14:21:33 +02:00
$table -> data [ 0 ][ 1 ] = '<a href="' . $url . '&directory=' . $prev_dir_str . '&hash2=' . md5 ( $prev_dir_str . $config [ 'server_unique_identifier' ]) . '">' ;
2021-03-02 13:21:13 +01:00
$table -> data [ 0 ][ 1 ] .= __ ( 'Parent directory' );
$table -> data [ 0 ][ 1 ] .= '</a>' ;
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
$table -> colspan [ 0 ][ 1 ] = 5 ;
}
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
foreach ( $files as $fileinfo ) {
$fileinfo [ 'realpath' ] = str_replace ( '\\' , '/' , $fileinfo [ 'realpath' ]);
$relative_path = str_replace ( $_SERVER [ 'DOCUMENT_ROOT' ], '' , $fileinfo [ 'realpath' ]);
$data = [];
switch ( $fileinfo [ 'mime' ]) {
case MIME_DIR :
2021-06-04 13:03:35 +02:00
$data [ 0 ] = html_print_image ( 'images/mimetypes/directory.png' , true , [ 'title' => __ ( 'Directory' ), 'class' => 'invert_filter' ]);
2021-03-02 13:21:13 +01:00
break ;
case MIME_IMAGE :
2021-06-04 13:03:35 +02:00
$data [ 0 ] = html_print_image ( 'images/mimetypes/image.png' , true , [ 'title' => __ ( 'Image' ), 'class' => 'invert_filter' ]);
2021-03-02 13:21:13 +01:00
break ;
case MIME_ZIP :
2021-06-04 13:03:35 +02:00
$data [ 0 ] = html_print_image ( 'images/mimetypes/zip.png' , true , [ 'title' => __ ( 'Compressed file' ), 'class' => 'invert_filter' ]);
2021-03-02 13:21:13 +01:00
break ;
case MIME_TEXT :
2021-06-04 13:03:35 +02:00
$data [ 0 ] = html_print_image ( 'images/mimetypes/text.png' , true , [ 'title' => __ ( 'Text file' ), 'class' => 'invert_filter' ]);
2021-03-02 13:21:13 +01:00
break ;
case MIME_UNKNOWN :
2021-08-26 11:15:02 +02:00
if (( int ) $fileinfo [ 'size' ] === 0 ) {
2021-03-02 13:21:13 +01:00
if (( strstr ( $fileinfo [ 'name' ], '.txt' ) !== false ) || ( strstr ( $fileinfo [ 'name' ], '.conf' ) !== false ) || ( strstr ( $fileinfo [ 'name' ], '.sql' ) !== false ) || ( strstr ( $fileinfo [ 'name' ], '.pl' ) !== false )) {
$fileinfo [ 'mime' ] = MIME_TEXT ;
2021-06-04 13:03:35 +02:00
$data [ 0 ] = html_print_image ( 'images/mimetypes/text.png' , true , [ 'title' => __ ( 'Text file' ), 'class' => 'invert_filter' ]);
2021-03-02 13:21:13 +01:00
} else {
2021-08-26 11:15:02 +02:00
// Unknown.
2021-03-02 13:21:13 +01:00
$data [ 0 ] = '' ;
}
2019-01-30 16:18:44 +01:00
} else {
2021-08-26 11:15:02 +02:00
// Pdf.
2019-01-30 16:18:44 +01:00
$data [ 0 ] = '' ;
}
2021-03-02 13:21:13 +01:00
break ;
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
default :
2021-06-04 13:03:35 +02:00
$data [ 0 ] = html_print_image ( 'images/mimetypes/unknown.png' , true , [ 'title' => __ ( 'Unknown' ), 'class' => 'invert_filter' ]);
2021-03-02 13:21:13 +01:00
break ;
}
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
if ( $fileinfo [ 'is_dir' ]) {
2021-06-08 14:21:33 +02:00
$data [ 1 ] = '<a href="' . $url . '&directory=' . $relative_directory . '/' . $fileinfo [ 'name' ] . '&hash2=' . md5 ( $relative_directory . '/' . $fileinfo [ 'name' ] . $config [ 'server_unique_identifier' ]) . '">' . $fileinfo [ 'name' ] . '</a>' ;
2021-07-16 16:54:43 +02:00
} else if ( empty ( $url_file ) === false ) {
2021-08-26 11:15:02 +02:00
// Set the custom url file.
2021-03-02 13:21:13 +01:00
$url_file_clean = str_replace ( '[FILE_FULLPATH]' , $fileinfo [ 'realpath' ], $url_file );
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
$data [ 1 ] = '<a href="' . $url_file_clean . '">' . $fileinfo [ 'name' ] . '</a>' ;
} else {
$filename = base64_encode ( $relative_directory . '/' . $fileinfo [ 'name' ]);
2021-06-08 14:21:33 +02:00
$hash = md5 ( $filename . $config [ 'server_unique_identifier' ]);
2021-03-02 13:21:13 +01:00
$data [ 1 ] = '<a href="' . $hack_metaconsole . 'include/get_file.php?file=' . urlencode ( $filename ) . '&hash=' . $hash . '">' . $fileinfo [ 'name' ] . '</a>' ;
}
2019-01-30 16:18:44 +01:00
2021-08-26 11:15:02 +02:00
// Notice that uploaded php files could be dangerous.
if ( pathinfo ( $fileinfo [ 'realpath' ], PATHINFO_EXTENSION ) === 'php'
&& ( is_readable ( $fileinfo [ 'realpath' ]) === true || is_executable ( $fileinfo [ 'realpath' ]) === true )
2021-03-02 13:21:13 +01:00
) {
$error_message = __ ( 'This file could be executed by any user' );
$error_message .= '. ' . __ ( 'Make sure it can\'t perform dangerous tasks' );
$data [ 1 ] = '<span class="error forced_title" data-title="' . $error_message . '" data-use_title_for_force_title="1">' . $data [ 1 ] . '</span>' ;
}
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
$data [ 2 ] = ui_print_timestamp (
$fileinfo [ 'last_modified' ],
true ,
[ 'prominent' => true ]
);
if ( $fileinfo [ 'is_dir' ]) {
$data [ 3 ] = '' ;
} else {
$data [ 3 ] = ui_format_filesize ( $fileinfo [ 'size' ]);
2019-01-30 16:18:44 +01:00
}
2021-03-02 13:21:13 +01:00
// Actions buttons
2021-07-16 16:54:43 +02:00
// Delete button.
2021-03-02 13:21:13 +01:00
$data [ 4 ] = '' ;
$data [ 4 ] .= '<span style="display: flex">' ;
$typefile = array_pop ( explode ( '.' , $fileinfo [ 'name' ]));
2021-08-26 11:15:02 +02:00
if ( is_writable ( $fileinfo [ 'realpath' ]) === true
&& ( is_dir ( $fileinfo [ 'realpath' ]) === false || count ( scandir ( $fileinfo [ 'realpath' ])) < 3 )
&& ( $readOnly === false )
2021-03-02 13:21:13 +01:00
) {
$data [ 4 ] .= '<form method="post" action="' . $url . '" style="">' ;
2021-03-17 14:41:36 +01:00
$data [ 4 ] .= '<input type="image" class="invert_filter" src="images/cross.png" onClick="if (!confirm(\' ' . __ ( 'Are you sure?' ) . '\')) return false;">' ;
2021-03-02 13:21:13 +01:00
$data [ 4 ] .= html_print_input_hidden ( 'filename' , $fileinfo [ 'realpath' ], true );
2021-06-08 14:21:33 +02:00
$data [ 4 ] .= html_print_input_hidden ( 'hash' , md5 ( $fileinfo [ 'realpath' ] . $config [ 'server_unique_identifier' ]), true );
2021-03-02 13:21:13 +01:00
$data [ 4 ] .= html_print_input_hidden ( 'delete_file' , 1 , true );
$relative_dir = str_replace ( $homedir_filemanager , '' , str_replace ( '\\' , '/' , dirname ( $fileinfo [ 'realpath' ])));
2021-07-16 16:54:43 +02:00
if ( $relative_dir [ 0 ] === '/' ) {
2021-03-02 13:21:13 +01:00
$relative_dir = substr ( $relative_dir , 1 );
}
2021-06-08 14:21:33 +02:00
$hash2 = md5 ( $relative_dir . $config [ 'server_unique_identifier' ]);
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
$data [ 4 ] .= html_print_input_hidden ( 'directory' , $relative_dir , true );
$data [ 4 ] .= html_print_input_hidden ( 'hash2' , $hash2 , true );
$data [ 4 ] .= '</form>' ;
2019-01-30 16:18:44 +01:00
2021-07-16 16:54:43 +02:00
if (( $editor ) && ( $readOnly === false )) {
2021-08-26 11:15:02 +02:00
if (( $typefile !== 'bin' ) && ( $typefile !== 'pdf' ) && ( $typefile !== 'png' ) && ( $typefile !== 'jpg' )
&& ( $typefile !== 'iso' ) && ( $typefile !== 'docx' ) && ( $typefile !== 'doc' ) && ( $fileinfo [ 'mime' ] != MIME_DIR )
2021-03-02 13:21:13 +01:00
) {
2021-06-08 14:21:33 +02:00
$hash = md5 ( $fileinfo [ 'realpath' ] . $config [ 'server_unique_identifier' ]);
2021-06-04 13:03:35 +02:00
$data [ 4 ] .= " <a style='vertical-align: top;' href=' $url &edit_file=1&hash= " . $hash . '&location_file=' . $fileinfo [ 'realpath' ] . " ' style='float: left;'> " . html_print_image ( 'images/edit.png' , true , [ 'style' => 'margin-top: 2px;' , 'title' => __ ( 'Edit file' ), 'class' => 'invert_filter' ]) . '</a>' ;
2021-03-02 13:21:13 +01:00
}
2019-01-30 16:18:44 +01:00
}
}
2021-03-02 13:21:13 +01:00
if (( ! $fileinfo [ 'is_dir' ]) && ( $download_button )) {
$filename = base64_encode ( $fileinfo [ 'name' ]);
2021-06-08 14:21:33 +02:00
$hash = md5 ( $filename . $config [ 'server_unique_identifier' ]);
2021-06-28 18:24:10 +02:00
$data [ 4 ] .= '<a href="' . $hack_metaconsole . 'include/get_file.php?file=' . urlencode ( $filename ) . '&hash=' . $hash . '" style="vertical-align: 25%;">' ;
2021-06-04 13:03:35 +02:00
$data [ 4 ] .= html_print_image ( 'images/file.png' , true , [ 'class' => 'invert_filter' ]);
2021-03-02 13:21:13 +01:00
$data [ 4 ] .= '</a>' ;
}
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
$data [ 4 ] .= '</span>' ;
2019-01-30 16:18:44 +01:00
2021-03-02 13:21:13 +01:00
array_push ( $table -> data , $data );
}
} else {
ui_print_info_message (
[
'no_close' => true ,
'message' => __ ( 'No files or directories to show.' ),
]
);
2019-01-30 16:18:44 +01:00
}
2021-07-16 16:54:43 +02:00
if ( $readOnly === false ) {
if ( is_writable ( $real_directory ) === true ) {
// The buttons to make actions.
2019-04-24 11:12:26 +02:00
$tabs_dialog = ' < ul id = " file_table_modal " >
< li class = " create_folder " >
< a href = " javascript: show_form_create_folder(); " > ' . html_print_image (
'images/create_directory.png' ,
true ,
2021-03-11 15:40:23 +01:00
[
'title' => __ ( 'Create directory' ),
'class' => 'invert_filter' ,
]
2019-04-24 11:12:26 +02:00
) . '<span>' . __ ( 'Create a Directory' ) . ' </ span >
</ a >
2021-07-16 16:54:43 +02:00
</ li > ' ;
if ( $allowCreateText === true ) {
$tabs_dialog .= '
< li class = " create_text_file " >
< a href = " javascript: show_create_text_file(); " > ' . html_print_image (
'images/create_file.png' ,
true ,
[
'title' => __ ( 'Create a Text' ),
'class' => 'invert_filter' ,
]
) . '<span>' . __ ( 'Create a Text' ) . ' </ span >
</ a >
</ li > ' ;
}
$tabs_dialog .= '
2019-04-24 11:12:26 +02:00
< li class = " upload_file " >
< a href = " javascript: show_upload_file(); " > ' . html_print_image (
'images/upload_file.png' ,
true ,
2021-03-11 15:40:23 +01:00
[
'title' => __ ( 'Upload Files' ),
'class' => 'invert_filter' ,
]
2019-04-24 11:12:26 +02:00
) . '<span>' . __ ( 'Upload Files' ) . ' </ span >
</ a >
2021-07-16 16:54:43 +02:00
</ li > ' ;
$tabs_dialog .= '</ul>' ;
2019-04-24 11:12:26 +02:00
2021-03-11 15:40:23 +01:00
echo '<div id="create_folder" class="invisible">' . $tabs_dialog . '
2021-06-08 14:21:33 +02:00
< form method = " post " action = " '. $url .' " > '.html_print_input_text(' dirname ', ' ', ' ', 30, 255, true).html_print_submit_button(__(' Create '), ' crt ', false, ' class = " sub next " ', true).html_print_input_hidden(' directory ', $relative_directory, true).html_print_input_hidden(' create_dir ', 1, true).html_print_input_hidden(' hash ', md5($relative_directory.$config[' server_unique_identifier ']), true).html_print_input_hidden(' hash2 ', md5($relative_directory.$config[' server_unique_identifier ']), true).' </ form ></ div > ' ;
2019-04-24 11:12:26 +02:00
2021-03-11 15:40:23 +01:00
echo '<div id="upload_file" class="invisible"> ' . $tabs_dialog . '
2021-06-08 14:21:33 +02:00
< form method = " post " action = " '. $url .' " enctype = " multipart/form-data " > '.ui_print_help_tip(__(' The zip upload in this dir , easy to upload multiple files . '), true).html_print_input_file(' file ', true, false).html_print_input_hidden(' umask ', $umask, true).html_print_checkbox(' decompress ', 1, false, true).__(' Decompress ').html_print_submit_button(__(' Go '), ' go ', false, ' class = " sub next " ', true).html_print_input_hidden(' real_directory ', $real_directory, true).html_print_input_hidden(' directory ', $relative_directory, true).html_print_input_hidden(' hash ', md5($real_directory.$relative_directory.$config[' server_unique_identifier ']), true).html_print_input_hidden(' hash2 ', md5($relative_directory.$config[' server_unique_identifier ']), true).html_print_input_hidden(' upload_file_or_zip ', 1, true).' </ form ></ div > ' ;
2019-04-24 11:12:26 +02:00
2021-07-16 16:54:43 +02:00
if ( $allowCreateText === true ) {
echo ' <div id="create_text_file" class="invisible">' . $tabs_dialog . '
< form method = " post " action = " '. $url .' " > '.html_print_input_text(' name_file ', ' ', ' ', 30, 50, true).html_print_submit_button(__(' Create '), ' create ', false, ' class = " sub next " ', true).html_print_input_hidden(' real_directory ', $real_directory, true).html_print_input_hidden(' directory ', $relative_directory, true).html_print_input_hidden(' hash ', md5($real_directory.$relative_directory.$config[' server_unique_identifier ']), true).html_print_input_hidden(' umask ', $umask, true).html_print_input_hidden(' create_text_file ', 1, true).' </ form ></ div > ' ;
}
2019-04-24 11:12:26 +02:00
echo " <div style='width: " . $table -> width . " ;' class='file_table_buttons'> " ;
2019-01-30 16:18:44 +01:00
2019-04-10 10:06:27 +02:00
echo " <a href='javascript: show_form_create_folder();'> " ;
2019-01-30 16:18:44 +01:00
echo html_print_image (
'images/create_directory.png' ,
true ,
2021-03-11 15:40:23 +01:00
[
'title' => __ ( 'Create directory' ),
'class' => 'invert_filter' ,
]
2019-01-30 16:18:44 +01:00
);
echo '</a>' ;
2021-07-16 16:54:43 +02:00
if ( $allowCreateText === true ) {
echo " <a href='javascript: show_create_text_file();'> " ;
echo html_print_image (
'images/create_file.png' ,
true ,
[
'title' => __ ( 'Create text' ),
'class' => 'invert_filter' ,
]
);
echo '</a>' ;
}
2019-01-30 16:18:44 +01:00
echo " <a href='javascript: show_upload_file();'> " ;
echo html_print_image (
'images/upload_file.png' ,
true ,
2021-03-11 15:40:23 +01:00
[
'title' => __ ( 'Upload file/s' ),
'class' => 'invert_filter' ,
]
2019-01-30 16:18:44 +01:00
);
echo '</a>' ;
echo '</div>' ;
} else {
2019-04-10 10:06:27 +02:00
echo " <div style='text-align: right; width: " . $table -> width . " ; color:#AC4444; margin-bottom:10px;'> " ;
2021-06-04 13:03:35 +02:00
echo " <image class='invert_filter' src='images/info.png' /> " . __ ( 'The directory is read-only' );
2019-01-30 16:18:44 +01:00
echo '</div>' ;
}
}
html_print_table ( $table );
2010-07-07 14:27:37 +02:00
}
2019-01-30 16:18:44 +01:00
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
/**
* Check if a directory is writable .
*
2021-08-26 11:15:02 +02:00
* @ param string $filepath Directory path to check .
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
*
2021-08-26 11:15:02 +02:00
* @ return boolean Wheter the directory is writeable or not .
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
*/
2021-08-26 11:15:02 +02:00
function filemanager_get_file_info ( string $filepath )
2019-01-30 16:18:44 +01:00
{
global $config ;
$realpath = realpath ( $filepath );
$filepath = str_replace ( '\\' , '/' , $filepath );
2021-08-26 11:15:02 +02:00
// Windows compatibility.
2019-01-30 16:18:44 +01:00
$info = [
'mime' => MIME_UNKNOWN ,
'mime_extend' => mime_content_type ( $filepath ),
'link' => 0 ,
'is_dir' => false ,
'name' => basename ( $realpath ),
'url' => str_replace ( '//' , '/' , $config [ 'homeurl' ] . str_ireplace ( $config [ 'homedir' ], '' , $realpath )),
'realpath' => $realpath ,
'size' => filesize ( $realpath ),
'last_modified' => filemtime ( $realpath ),
];
$zip_mimes = [
'application/zip' ,
'application/x-rar-compressed' ,
'application/x-gzip' ,
'application/x-bzip2' ,
];
if ( is_dir ( $filepath )) {
$info [ 'mime' ] = MIME_DIR ;
$info [ 'is_dir' ] = true ;
$info [ 'size' ] = 0 ;
} else if ( strpos ( $info [ 'mime_extend' ], 'image' ) !== false ) {
$info [ 'mime' ] = MIME_IMAGE ;
} else if ( in_array ( $info [ 'mime_extend' ], $zip_mimes )) {
$info [ 'mime' ] = MIME_ZIP ;
} else if ( strpos ( $info [ 'mime_extend' ], 'text' ) !== false ) {
$info [ 'mime' ] = MIME_TEXT ;
}
return $info ;
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
}
2019-01-30 16:18:44 +01:00
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
/**
* Check if a directory is writable .
*
2021-08-26 11:15:02 +02:00
* @ param string $dirpath Directory path to check .
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
*
2021-08-26 11:15:02 +02:00
* @ return array List with files .
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
*/
2019-01-30 16:18:44 +01:00
function filemanager_list_dir ( $dirpath )
{
$dirpath = str_replace ( '\\' , '/' , $dirpath );
// Windows compatibility
$files = [];
$dirs = [];
$dir = opendir ( $dirpath );
while ( $file = @ readdir ( $dir )) {
2021-08-26 11:15:02 +02:00
// Ignore hidden files.
if ( $file [ 0 ] === '.' ) {
2019-01-30 16:18:44 +01:00
continue ;
}
$info = filemanager_get_file_info ( $dirpath . '/' . $file );
if ( $info [ 'is_dir' ]) {
$dirs [ $file ] = $info ;
} else {
$files [ $file ] = $info ;
}
}
ksort ( $files );
ksort ( $dirs );
closedir ( $dir );
return array_merge ( $dirs , $files );
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
}
2021-06-02 13:17:34 +02:00
/**
* A miminal security check to avoid directory traversal .
*
* @ param string $directory String with the complete directory .
* @ param string $safedDirectory String with a safe name directory .
*
* @ return string Safe directory
*/
function filemanager_safe_directory (
string $directory ,
string $safedDirectory = ''
) {
// Safe output.
$directory = io_safe_output ( $directory );
$forbiddenAttempting = false ;
2021-09-03 13:30:15 +02:00
// Banned directories.
$bannedDirectory = [
'include' ,
'godmode' ,
'operation' ,
'reporting' ,
'general' ,
ENTERPRISE_DIR ,
];
2021-06-02 13:17:34 +02:00
2021-09-02 13:38:55 +02:00
if (( bool ) preg_match ( '/(\.){2}/' , $directory ) !== false ) {
$directory = preg_replace ( '/(\.){2}/' , '' , ( empty ( $safedDirectory ) === true ) ? $directory : $safedDirectory );
2021-06-02 13:17:34 +02:00
$forbiddenAttempting = true ;
}
2021-06-02 16:06:00 +02:00
if (( bool ) preg_match ( '/(/\/\)+/' , $directory ) !== false ) {
2021-06-02 13:17:34 +02:00
$directory = preg_replace ( '/(/\/\)+/' , '/' , ( empty ( $safedDirectory ) === true ) ? $directory : $safedDirectory );
$forbiddenAttempting = true ;
}
2021-09-03 13:30:15 +02:00
if ( in_array ( $directory , $bannedDirectory ) === true ) {
// Setted images for default (usually in file manager).
$directory = ( empty ( $safedDirectory ) === false ) ? $safedDirectory : 'images' ;
$forbiddenAttempting = true ;
}
2021-06-02 13:17:34 +02:00
if ( $forbiddenAttempting === true ) {
2022-01-20 10:55:23 +01:00
db_pandora_audit (
AUDIT_LOG_HACK_ATTEMPT ,
'Attempting to use a forbidden file or directory name'
);
2021-06-02 13:17:34 +02:00
}
return $directory ;
}