2012-12-17 Miguel de Dios <miguel.dedios@artica.es>
* godmode/setup/file_manager.php, include/functions_filemanager.php: some fixes and added support for the metaconsole. * include/get_file.php: fixed lost check "is_user". * operation/netflow/nf_live_view.php: cleaned source code style. * include/functions_config.php: added check the flag of "is_admin" when try to change some config from setup. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7287 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
mdtrooper
parent
f7681e76c1
commit
fd549b9324
|
|
@ -1,3 +1,15 @@
|
|||
2012-12-17 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* godmode/setup/file_manager.php, include/functions_filemanager.php:
|
||||
some fixes and added support for the metaconsole.
|
||||
|
||||
* include/get_file.php: fixed lost check "is_user".
|
||||
|
||||
* operation/netflow/nf_live_view.php: cleaned source code style.
|
||||
|
||||
* include/functions_config.php: added check the flag of "is_admin"
|
||||
when try to change some config from setup.
|
||||
|
||||
2012-12-14 Sergio Martin <sergio.martin@artica.es>
|
||||
|
||||
* operation/events/events.php: Disable the events view
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ if (isset ($banned_directories[$directory]))
|
|||
// Current directory
|
||||
$available_directories[$directory] = $directory;
|
||||
|
||||
$real_directory = realpath ($config['homedir'].'/'.$directory);
|
||||
$real_directory = realpath ($config['homedir'] . '/' . $directory);
|
||||
|
||||
echo '<h4>' . __('Index of %s', $directory) . '</h4>';
|
||||
|
||||
|
|
|
|||
|
|
@ -316,6 +316,14 @@ function config_update_config () {
|
|||
function config_process_config () {
|
||||
global $config;
|
||||
|
||||
//Check if the user have the admin flag.
|
||||
$is_admin = (bool)db_get_value('is_admin',
|
||||
'tusuario', 'id_user', $_SESSION['id_usuario']);
|
||||
if (!$is_admin) {
|
||||
return false;
|
||||
exit;
|
||||
}
|
||||
|
||||
$configs = db_get_all_rows_in_table ('tconfig');
|
||||
|
||||
if (empty ($configs)) {
|
||||
|
|
|
|||
|
|
@ -164,7 +164,8 @@ if ($upload_file) {
|
|||
$nombre_archivo = $real_directory .'/'. $filename;
|
||||
}
|
||||
else {
|
||||
$nombre_archivo = $config['homedir'].'/'.$directory.'/'.$filename;
|
||||
$nombre_archivo = $config['homedir'] . '/' .
|
||||
$directory . '/' . $filename;
|
||||
}
|
||||
|
||||
if (! @copy ($_FILES['file']['tmp_name'], $nombre_archivo )) {
|
||||
|
|
@ -177,7 +178,7 @@ if ($upload_file) {
|
|||
// Delete temporal file
|
||||
unlink ($_FILES['file']['tmp_name']);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -202,7 +203,7 @@ if ($create_text_file) {
|
|||
$filename = io_safe_output(get_parameter('name_file'));
|
||||
|
||||
if ($filename != "") {
|
||||
|
||||
|
||||
$real_directory = (string) get_parameter('real_directory');
|
||||
$real_directory = io_safe_output($real_directory);
|
||||
$directory = (string) get_parameter ('directory');
|
||||
|
|
@ -216,11 +217,13 @@ if ($create_text_file) {
|
|||
}
|
||||
else {
|
||||
if ($directory == '') {
|
||||
$nombre_archivo = $real_directory .'/'. $filename;
|
||||
$nombre_archivo = $real_directory . '/' . $filename;
|
||||
}
|
||||
else {
|
||||
$nombre_archivo = $config['homedir'].'/'.$directory.'/'.$filename;
|
||||
$nombre_archivo = $config['homedir'] . '/' .
|
||||
$directory . '/' . $filename;
|
||||
}
|
||||
|
||||
if (! @touch($nombre_archivo)) {
|
||||
$config['filemanager']['message'] = ui_print_error_message(__('Error creating file'), '', true);
|
||||
}
|
||||
|
|
@ -314,8 +317,10 @@ if ($create_dir) {
|
|||
else {
|
||||
$dirname = (string) get_parameter ('dirname');
|
||||
$dirname = io_safe_output($dirname);
|
||||
|
||||
if ($dirname != '') {
|
||||
@mkdir ($directory.'/'.$dirname);
|
||||
@mkdir ($config['homedir'] . '/' .
|
||||
$directory . '/' . $dirname);
|
||||
$config['filemanager']['message'] = ui_print_success_message(__('Directory created'), '', true);
|
||||
|
||||
$config['filemanager']['correct_create_dir'] = 1;
|
||||
|
|
@ -345,6 +350,7 @@ if ($delete_file) {
|
|||
}
|
||||
else {
|
||||
$config['filemanager']['message'] = ui_print_success_message(__('Deleted'), '', true);
|
||||
|
||||
if (is_dir ($filename)) {
|
||||
rmdir ($filename);
|
||||
$config['filemanager']['delete'] = 1;
|
||||
|
|
@ -430,6 +436,10 @@ function filemanager_read_recursive_dir($dir, $relative_path = '') {
|
|||
function filemanager_file_explorer($real_directory, $relative_directory, $url, $father = '', $editor = false, $readOnly = false) {
|
||||
global $config;
|
||||
|
||||
$hack_metaconsole = '';
|
||||
if (defined('METACONSOLE'))
|
||||
$hack_metaconsole = '../../';
|
||||
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
function show_form_create_folder() {
|
||||
|
|
@ -479,9 +489,9 @@ function filemanager_file_explorer($real_directory, $relative_directory, $url, $
|
|||
$table->head = array ();
|
||||
$table->size = array ();
|
||||
|
||||
$table->align[1] = 'center';
|
||||
$table->align[1] = 'left';
|
||||
$table->align[2] = 'center';
|
||||
$table->align[3] = 'center';
|
||||
$table->align[3] = 'left';
|
||||
$table->align[4] = 'center';
|
||||
|
||||
$table->size[0] = '24px';
|
||||
|
|
@ -513,11 +523,6 @@ function filemanager_file_explorer($real_directory, $relative_directory, $url, $
|
|||
$table->rowstyle[1] = 'display: none;';
|
||||
$table->data[1][0] = '';
|
||||
$table->data[1][1] = '';
|
||||
// $table->data[1][1] -= '<div id="main_buttons">';
|
||||
// $table->data[1][1] .= html_print_button(__('Create folder'), 'folder', false, 'show_form_create_folder();', "class='sub'", true);
|
||||
// $table->data[1][1] .= html_print_button(__('Upload file/s'), 'up_files', false, 'show_upload_file();', "class='sub'", true);
|
||||
// $table->data[1][1] .= html_print_button(__('Create text file'), 'create_file', false, 'show_create_text_file();', "class='sub'", true);
|
||||
// $table->data[1][1] .= '</div>';
|
||||
|
||||
$table->data[1][1] .= '<div id="create_folder" style="display: none;">';
|
||||
$table->data[1][1] .= html_print_button(__('Close'), 'close', false, 'show_main_buttons_folder();', "class='sub' style='float: left;'", true);
|
||||
|
|
@ -564,6 +569,8 @@ function filemanager_file_explorer($real_directory, $relative_directory, $url, $
|
|||
}
|
||||
|
||||
foreach ($files as $fileinfo) {
|
||||
$relative_path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $fileinfo['realpath']);
|
||||
|
||||
$data = array ();
|
||||
|
||||
switch ($fileinfo['mime']) {
|
||||
|
|
@ -588,8 +595,8 @@ function filemanager_file_explorer($real_directory, $relative_directory, $url, $
|
|||
$data[1] = '<a href="' . $url . '&directory='.$relative_directory.'/'.$fileinfo['name'].'&hash2=' . md5($relative_directory.'/'.$fileinfo['name'].$config['dbpass']) . '">'.$fileinfo['name'].'</a>';
|
||||
}
|
||||
else {
|
||||
$hash = md5($fileinfo['url'] . $config['dbpass']);
|
||||
$data[1] = '<a href="include/get_file.php?file='.base64_encode($fileinfo['url']).'&hash=' . $hash . '">'.$fileinfo['name'].'</a>';
|
||||
$hash = md5($relative_path . $config['dbpass']);
|
||||
$data[1] = '<a href="' . $hack_metaconsole . 'include/get_file.php?file='.base64_encode($relative_path).'&hash=' . $hash . '">'.$fileinfo['name'].'</a>';
|
||||
}
|
||||
$data[2] = ui_print_timestamp ($fileinfo['last_modified'], true,
|
||||
array ('prominent' => true));
|
||||
|
|
|
|||
|
|
@ -21,6 +21,10 @@ session_start();
|
|||
require_once ("config.php");
|
||||
global $config;
|
||||
|
||||
$auth_method = db_get_value('value', 'tconfig', 'token', 'auth');
|
||||
|
||||
include("auth/" . $auth_method . ".php");
|
||||
|
||||
session_write_close ();
|
||||
|
||||
check_login ();
|
||||
|
|
@ -28,7 +32,9 @@ check_login ();
|
|||
$styleError = "background:url(\"../images/err.png\") no-repeat scroll 0 0 transparent; padding:4px 1px 6px 30px; color:#CC0000;";
|
||||
|
||||
$file = get_parameter('file', null);
|
||||
|
||||
$file = base64_decode($file);
|
||||
|
||||
$chunks = explode('/', $file);
|
||||
$nameFile = end($chunks);
|
||||
|
||||
|
|
@ -37,13 +43,17 @@ $hash = get_parameter('hash', null);
|
|||
$testHash = md5($file . $config['dbpass']);
|
||||
|
||||
if ($hash != $testHash) {
|
||||
echo "<h3 style='" . $styleError . "'>".__('Security error. Please contact the administrator.')."</h3>";
|
||||
echo "<h3 style='" . $styleError . "'>" .
|
||||
__('Security error. Please contact the administrator.') .
|
||||
"</h3>";
|
||||
}
|
||||
else if (!empty($file) && !empty($hash)) {
|
||||
$file = $_SERVER['DOCUMENT_ROOT'] . $file;
|
||||
|
||||
if (!file_exists($file)){
|
||||
echo "<h3 style='" . $styleError . "'>".__("File is missing in disk storage. Please contact the administrator.")."</h3>";
|
||||
|
||||
if (!file_exists($file)) {
|
||||
echo "<h3 style='" . $styleError . "'>" .
|
||||
__("File is missing in disk storage. Please contact the administrator.") .
|
||||
"</h3>";
|
||||
}
|
||||
else {
|
||||
header('Content-type: aplication/octet-stream;');
|
||||
|
|
|
|||
|
|
@ -193,7 +193,8 @@ echo '<form method="post" action="' . $config['homeurl'] . 'index.php?sec=netf&s
|
|||
$table->data = array ();
|
||||
|
||||
$table->data[0][0] = ui_print_error_message ('Define a name for the filter and click on Save as new filter again', '', true);
|
||||
$table->colspan[0][0] = 4;
|
||||
$table->colspan[0][0] = 4;
|
||||
|
||||
$table->data[1][0] = '<span id="filter_name_color"><b>'.__('Name').'</b></span>';
|
||||
$table->data[1][1] = html_print_input_text ('name', $filter['id_name'], false, 20, 80, true);
|
||||
$own_info = get_user_info ($config['id_user']);
|
||||
|
|
|
|||
Loading…
Reference in New Issue