'text/plain', 'htm' => 'text/html', 'html' => 'text/html', 'php' => 'text/html', 'css' => 'text/css', 'js' => 'application/javascript', 'json' => 'application/json', 'xml' => 'application/xml', 'swf' => 'application/x-shockwave-flash', 'flv' => 'video/x-flv', // images 'png' => 'image/png', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'gif' => 'image/gif', 'bmp' => 'image/bmp', 'ico' => 'image/vnd.microsoft.icon', 'tiff' => 'image/tiff', 'tif' => 'image/tiff', 'svg' => 'image/svg+xml', 'svgz' => 'image/svg+xml', // archives 'zip' => 'application/zip', 'rar' => 'application/x-rar-compressed', 'exe' => 'application/x-msdownload', 'msi' => 'application/x-msdownload', 'cab' => 'application/vnd.ms-cab-compressed', 'gz' => 'application/x-gzip', 'gz' => 'application/x-bzip2', // audio/video 'mp3' => 'audio/mpeg', 'qt' => 'video/quicktime', 'mov' => 'video/quicktime', // adobe 'pdf' => 'application/pdf', 'psd' => 'image/vnd.adobe.photoshop', 'ai' => 'application/postscript', 'eps' => 'application/postscript', 'ps' => 'application/postscript', // ms office 'doc' => 'application/msword', 'rtf' => 'application/rtf', 'xls' => 'application/vnd.ms-excel', 'ppt' => 'application/vnd.ms-powerpoint', // open office 'odt' => 'application/vnd.oasis.opendocument.text', 'ods' => 'application/vnd.oasis.opendocument.spreadsheet' ); $ext = strtolower (array_pop (explode ('.', $filename))); if (array_key_exists ($ext, $mime_types)) { return $mime_types[$ext]; } elseif (function_exists ('finfo_open')) { $finfo = finfo_open (FILEINFO_MIME); $mimetype = finfo_file ($finfo, $filename); finfo_close ($finfo); return $mimetype; } else { $temp = exec ("file ".$filename); if (isset($temp) && $temp != '') return $temp; else return 'application/octet-stream'; } } } global $config; if (isset($config['homedir_filemanager'])) { $homedir_filemanager = $config['homedir_filemanager']; } else { $homedir_filemanager = $config['homedir']; } $upload_file_or_zip = (bool) get_parameter('upload_file_or_zip'); if ($upload_file_or_zip) { $decompress = get_parameter('decompress'); if (!$decompress) { $upload_file = true; $upload_zip = false; } else { $upload_file = false; $upload_zip = true; } } else { $upload_file = (bool) get_parameter ('upload_file'); $upload_zip = (bool) get_parameter ('upload_zip'); } // Upload file if ($upload_file) { // Load global vars global $config; $config['filemanager'] = array(); $config['filemanager']['correct_upload_file'] = 0; $config['filemanager']['message'] = null; check_login (); if (! check_acl ($config['id_user'], 0, "PM")) { db_pandora_audit("ACL Violation", "Trying to access File manager"); require ("general/noaccess.php"); return; } if (isset ($_FILES['file']) && $_FILES['file']['name'] != "") { $filename = $_FILES['file']['name']; $filesize = $_FILES['file']['size']; $filename = str_replace(' ', '_', $filename); $real_directory = io_safe_output((string) get_parameter('real_directory')); $directory = io_safe_output((string) get_parameter ('directory')); $umask = io_safe_output((string) get_parameter('umask', '')); $hash = get_parameter('hash', ''); $testHash = md5($real_directory . $directory . $config['dbpass']); if ($hash != $testHash) { $config['filemanager']['message'] = ui_print_error_message(__('Security error'), '', true); } else { // Copy file to directory and change name if ($directory == '') { $nombre_archivo = $real_directory .'/'. $filename; } else { $nombre_archivo = $homedir_filemanager . '/' . $directory . '/' . $filename; } if (! @copy ($_FILES['file']['tmp_name'], $nombre_archivo )) { $config['filemanager']['message'] = ui_print_error_message(__('Upload error'), '', true); } else { if ($umask !== '') { chmod($nombre_archivo, $umask); } $config['filemanager']['correct_upload_file'] = 1; $config['filemanager']['message'] = ui_print_success_message(__('Upload correct'), '', true); // Delete temporal file unlink ($_FILES['file']['tmp_name']); } } } } if (isset($_SERVER['CONTENT_LENGTH'])) { // Control the max_post_size exceed if (intval($_SERVER['CONTENT_LENGTH']) > 0 && empty($_POST) AND empty($_FILES)) { $config['filemanager']['correct_upload_file'] = 0; $config['filemanager']['message'] = ui_print_error_message(__('File size seems to be too large. Please check your php.ini configuration or contact with the administrator'), '', true); } } // Create text file $create_text_file = (bool) get_parameter ('create_text_file'); if ($create_text_file) { // Load global vars global $config; $config['filemanager'] = array(); $config['filemanager']['correct_upload_file'] = 0; $config['filemanager']['message'] = null; check_login (); if (! check_acl ($config['id_user'], 0, "PM")) { db_pandora_audit("ACL Violation", "Trying to access File manager"); require ("general/noaccess.php"); return; } $filename = io_safe_output(get_parameter('name_file')); if ($filename != "") { $real_directory = (string) get_parameter('real_directory'); $real_directory = io_safe_output($real_directory); $directory = (string) get_parameter ('directory'); $directory = io_safe_output($directory); $umask = (string)get_parameter('umask', ''); $hash = get_parameter('hash', ''); $testHash = md5($real_directory . $directory . $config['dbpass']); if ($hash != $testHash) { ui_print_error_message(__('Security error'), '', true); } else { if ($directory == '') { $nombre_archivo = $real_directory . '/' . $filename; } else { $nombre_archivo = $homedir_filemanager . '/' . $directory . '/' . $filename; } if (! @touch($nombre_archivo)) { $config['filemanager']['message'] = ui_print_error_message(__('Error creating file'), '', true); } else { if ($umask !== '') { chmod($nombre_archivo, $umask); } $config['filemanager']['message'] = ui_print_success_message(__('Upload correct'), '', true); $config['filemanager']['correct_upload_file'] = 1; } } } else { $config['filemanager']['message'] = ui_print_error_message(__('Error creating file with empty name'), '', true); } } // Upload zip if ($upload_zip) { // Load global vars global $config; $config['filemanager'] = array(); $config['filemanager']['correct_upload_file'] = 0; $config['filemanager']['message'] = null; check_login (); if (! check_acl ($config['id_user'], 0, "PM")) { db_pandora_audit("ACL Violation", "Trying to access File manager"); require ("general/noaccess.php"); return; } if (isset ($_FILES['file']) && $_FILES['file']['name'] != "") { $filename = $_FILES['file']['name']; $filesize = $_FILES['file']['size']; $real_directory = (string) get_parameter('real_directory'); $real_directory = io_safe_output($real_directory); $directory = (string) get_parameter ('directory'); $directory = io_safe_output($directory); $hash = get_parameter('hash', ''); $testHash = md5($real_directory . $directory . $config['dbpass']); if ($hash != $testHash) { $config['filemanager']['message'] = ui_print_error_message(__('Security error'), '', true); } else { // Copy file to directory and change name if ($directory == '') { $nombre_archivo = $real_directory .'/'. $filename; } else { $nombre_archivo = $homedir_filemanager . '/'.$directory.'/'.$filename; } if (! @copy ($_FILES['file']['tmp_name'], $nombre_archivo )) { $config['filemanager']['message'] = ui_print_error_message(__('Attach error'), '', true); } else { // Delete temporal file unlink ($_FILES['file']['tmp_name']); //Extract the zip file $zip = new ZipArchive; $pathname = $homedir_filemanager . '/'.$directory.'/'; if ($zip->open($nombre_archivo) === true) { $zip->extractTo($pathname); unlink($nombre_archivo); } $config['filemanager']['message'] = ui_print_success_message(__('Upload correct'), '', true); $config['filemanager']['correct_upload_file'] = 1; } } } } // CREATE DIR $create_dir = (bool) get_parameter ('create_dir'); if ($create_dir) { global $config; $config['filemanager'] = array(); $config['filemanager']['correct_create_dir'] = 0; $config['filemanager']['message'] = null; $directory = (string) get_parameter ('directory', "/"); $directory = io_safe_output($directory); $hash = get_parameter('hash', ''); $testHash = md5($directory . $config['dbpass']); if ($hash != $testHash) { ui_print_error_message(__('Security error.')); } else { $dirname = (string) get_parameter ('dirname'); $dirname = io_safe_output($dirname); if ($dirname != '') { @mkdir ($homedir_filemanager . '/' . $directory . '/' . $dirname); $config['filemanager']['message'] = ui_print_success_message(__('Directory created'), '', true); $config['filemanager']['correct_create_dir'] = 1; } else { $config['filemanager']['message'] = ui_print_error_message(__('Error creating file with empty name'), '', true); } } } //DELETE FILE OR DIR $delete_file = (bool) get_parameter ('delete_file'); if ($delete_file) { global $config; $config['filemanager'] = array(); $config['filemanager']['delete'] = 0; $config['filemanager']['message'] = null; $filename = (string) get_parameter ('filename'); $filename = io_safe_output($filename); $hash = get_parameter('hash', ''); $testHash = md5($filename . $config['dbpass']); if ($hash != $testHash) { $config['filemanager']['message'] = ui_print_error_message(__('Security error'), '', true); } else { $config['filemanager']['message'] = ui_print_success_message(__('Deleted'), '', true); if (is_dir ($filename)) { rmdir ($filename); $config['filemanager']['delete'] = 1; } else { unlink ($filename); $config['filemanager']['delete'] = 1; } } } /** * Recursive delete directory and empty or not directory. * * @param string $dir The dir to deletete */ function filemanager_delete_directory($dir) { // Windows compatibility $dir = str_replace("\\", "/", $dir); if ($handle = opendir($dir)) { while (false !== ($file = readdir($handle))) { if (($file != ".") && ($file != "..")) { if (is_dir($dir . $file)) { if (!rmdir($dir . $file)) { filemanager_delete_directory($dir . $file . '/'); } } else { unlink($dir . $file); } } } closedir($handle); rmdir($dir); } } /** * Read a directory recursibly and return a array with the files with * the absolute path and relative * * @param string $dir absoute dir to scan * @param string $relative_path Relative path to scan, by default '' * * @return array The files in the dirs, empty array for empty dir of files. */ function filemanager_read_recursive_dir($dir, $relative_path = '', $add_empty_dirs = false) { $return = array(); // Windows compatibility $dir = str_replace("\\", "/", $dir); $relative_path = str_replace("\\", "/", $relative_path); if ($handle = opendir($dir)) { while (false !== ($entry = readdir($handle))) { if (($entry != ".") && ($entry != "..")) { if (is_dir($dir . $entry)) { $return[] = array( 'relative' => $relative_path . $entry, 'absolute' => $dir . $entry, 'dir' => true); $return = array_merge($return, filemanager_read_recursive_dir( $dir . $entry . '/', $relative_path . $entry . '/', '', $add_empty_dirs)); } else { $return[] = array( 'relative' => $relative_path . $entry, 'absolute' => $dir . $entry, 'dir' => false); } } } closedir($handle); } return $return; } /** * The main function to show the directories and files. * * @param string $real_directory The string of dir as realpath. * @param string $relative_directory The string of dir as relative path. * @param string $url The url to set in the forms and some links in the explorer. * @param string $father The directory father don't navigate bottom this. * @param boolean $editor The flag to set the edition of text files. * @param string $url_file The url to put in the files instead the default. By default empty string and use the url of filemanager. * @param boolean $download_button The flag to show download button, by default false. * @param string $umask The umask as hex values to set the new files or updload. */ function filemanager_file_explorer($real_directory, $relative_directory, $url, $father = '', $editor = false, $readOnly = false, $url_file = '', $download_button = false, $umask = '', $homedir_filemanager = false) { global $config; // Windows compatibility $real_directory = str_replace("\\", "/", $real_directory); $relative_directory = str_replace("\\", "/", $relative_directory); $father = str_replace("\\", "/", $father); if ($homedir_filemanager === false) { $homedir_filemanager = $config['homedir']; unset($config['homedir_filemanager']); config_update_value('homedir_filemanager', $homedir_filemanager); } else { $config['homedir_filemanager'] = $homedir_filemanager; } $hack_metaconsole = ''; if (defined('METACONSOLE')) $hack_metaconsole = '../../'; ?> width = '98%'; $table->id = 'table_filemanager'; $table->class = 'databox alternate'; $table->colspan = array (); $table->data = array (); $table->head = array (); $table->size = array (); $table->align[1] = 'left'; $table->align[2] = 'left'; $table->align[3] = 'left'; $table->align[4] = 'left'; $table->size[0] = '24px'; $table->head[0] = ''; $table->head[1] = __('Name'); $table->head[2] = __('Last modification'); $table->head[3] = __('Size'); $table->head[4] = __('Actions'); $prev_dir = explode ("/", $relative_directory); $prev_dir_str = ""; for ($i = 0; $i < (count ($prev_dir) - 1); $i++) { $prev_dir_str .= $prev_dir[$i]; if ($i < (count ($prev_dir) - 2)) $prev_dir_str .= "/"; } if (($prev_dir_str != '') && ($father != $relative_directory)) { $table->data[0][0] = html_print_image ('images/go_previous.png', true); $table->data[0][1] = ''; $table->data[0][1] .= __('Parent directory'); $table->data[0][1] .=''; $table->colspan[0][1] = 5; } if (is_writable ($real_directory)) { $table->rowstyle[1] = 'display: none;'; $table->data[1][0] = ''; $table->data[1][1] = ''; $table->data[1][1] .= '
'; $table->data[1][1] .= ' '; $table->data[1][1] .= ' '; $table->colspan[1][1] =5; } foreach ($files as $fileinfo) { $fileinfo['realpath'] = str_replace("\\", "/", $fileinfo['realpath']); $relative_path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $fileinfo['realpath']); $data = array (); switch ($fileinfo['mime']) { case MIME_DIR: $data[0] = html_print_image ('images/mimetypes/directory.png', true, array('title' => __('Directory'))); break; case MIME_IMAGE: $data[0] = html_print_image ('images/mimetypes/image.png', true, array('title' => __('Image'))); break; case MIME_ZIP: $data[0] = html_print_image ('images/mimetypes/zip.png', true, array('title' => __('Compressed file'))); break; case MIME_TEXT: $data[0] = html_print_image ('images/mimetypes/text.png', true, array('title' => __('Text file'))); break; case MIME_UNKNOWN: if ($fileinfo['size'] == 0) { if (strstr($fileinfo['name'], '.txt') !== false) { $fileinfo['mime'] = MIME_TEXT; $data[0] = html_print_image ('images/mimetypes/text.png', true, array('title' => __('Text file'))); } } break; default: $data[0] = html_print_image ('images/mimetypes/unknown.png', true, array('title' => __('Unknown'))); break; } if ($fileinfo['is_dir']) { $data[1] = ''.$fileinfo['name'].''; } else if (!empty($url_file)) { //Set the custom url file $url_file_clean = str_replace('[FILE_FULLPATH]', $fileinfo['realpath'], $url_file); $data[1] = '' . $fileinfo['name'] . ''; } else { $hash = md5($relative_path . $config['dbpass']); $data[1] = ''.$fileinfo['name'].''; } $data[2] = ui_print_timestamp ($fileinfo['last_modified'], true, array ('prominent' => true)); if ($fileinfo['is_dir']) { $data[3] = ''; } else { $data[3] = ui_format_filesize($fileinfo['size']); } //Actions buttons //Delete button $data[4] = ''; $data[4] .= ''; if (is_writable ($fileinfo['realpath']) && (! is_dir ($fileinfo['realpath']) || count (scandir ($fileinfo['realpath'])) < 3)) { $data[4] .= ''; if (($editor) && (!$readOnly)) { if ($fileinfo['mime'] == MIME_TEXT) { $data[4] .= "" . html_print_image('images/edit.png', true, array("style" => 'margin-top: 2px;', 'title' => __('Edit file'))) . ""; } } } if ((!$fileinfo['is_dir']) && ($download_button)) { $hash = md5($fileinfo['url'] . $config['dbpass']); $data[4] .= ''; $data[4] .= html_print_image('images/file.png', true); $data[4] .= ''; } $data[4] .= ''; array_push ($table->data, $data); } if (!$readOnly) { if (is_writable ($real_directory)) { //The buttons to make actions echo "