'text/plain', 'htm' => 'text/html', 'html' => 'text/html', 'php' => 'text/html', 'css' => 'text/css', 'js' => 'application/javascript', 'json' => 'application/json', 'xml' => 'application/xml', 'swf' => 'application/x-shockwave-flash', 'flv' => 'video/x-flv', // images 'png' => 'image/png', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'gif' => 'image/gif', 'bmp' => 'image/bmp', 'ico' => 'image/vnd.microsoft.icon', 'tiff' => 'image/tiff', 'tif' => 'image/tiff', 'svg' => 'image/svg+xml', 'svgz' => 'image/svg+xml', // archives 'zip' => 'application/zip', 'rar' => 'application/x-rar-compressed', 'exe' => 'application/x-msdownload', 'msi' => 'application/x-msdownload', 'cab' => 'application/vnd.ms-cab-compressed', 'gz' => 'application/x-gzip', 'gz' => 'application/x-bzip2', // audio/video 'mp3' => 'audio/mpeg', 'qt' => 'video/quicktime', 'mov' => 'video/quicktime', // adobe 'pdf' => 'application/pdf', 'psd' => 'image/vnd.adobe.photoshop', 'ai' => 'application/postscript', 'eps' => 'application/postscript', 'ps' => 'application/postscript', // ms office 'doc' => 'application/msword', 'rtf' => 'application/rtf', 'xls' => 'application/vnd.ms-excel', 'ppt' => 'application/vnd.ms-powerpoint', // open office 'odt' => 'application/vnd.oasis.opendocument.text', 'ods' => 'application/vnd.oasis.opendocument.spreadsheet' ); $ext = strtolower (array_pop (explode ('.', $filename))); if (array_key_exists ($ext, $mime_types)) { return $mime_types[$ext]; } elseif (function_exists ('finfo_open')) { $finfo = finfo_open (FILEINFO_MIME); $mimetype = finfo_file ($finfo, $filename); finfo_close ($finfo); return $mimetype; } else { return 'application/octet-stream'; } } } $upload_file_or_zip = (bool) get_parameter('upload_file_or_zip'); if ($upload_file_or_zip) { $zip_or_file = get_parameter('zip_or_file'); if ($zip_or_file == 'file') { $upload_file = true; $upload_zip = false; } else { $upload_file = false; $upload_zip = true; } } else { $upload_file = (bool) get_parameter ('upload_file'); $upload_zip = (bool) get_parameter ('upload_zip'); } // Upload file if ($upload_file) { // Load global vars global $config; $config['filemanager'] = array(); $config['filemanager']['correct_upload_file'] = 0; check_login (); if (! give_acl ($config['id_user'], 0, "PM")) { audit_db ($config['id_user'], $_SERVER['REMOTE_ADDR'], "ACL Violation", "Trying to access File manager"); require ("general/noaccess.php"); return; } if (isset ($_FILES['file']) && $_FILES['file']['name'] != "") { $filename = $_FILES['file']['name']; $filesize = $_FILES['file']['size']; $real_directory = (string) get_parameter('real_directory'); $directory = (string) get_parameter ('directory'); $hash = get_parameter('hash', ''); $testHash = md5($real_directory . $directory . $config['dbpass']); if ($hash != $testHash) { echo "
'; echo __('Please check that current directory has write rights for HTTP server'); echo '
'; } else { $table->data[1][0] = __('Upload') . print_help_tip (__("The zip upload in this dir, easy to upload multiple files."), true); $table->data[1][1] = print_input_file ('file', true, false); $table->data[1][2] = print_radio_button('zip_or_file', 'zip', __('Multiple files zipped'), false, true); $table->data[1][3] = print_radio_button('zip_or_file', 'file', __('One'), true, true); $table->data[1][4] = print_submit_button (__('Go'), 'go', false, 'class="sub next"', true); $table->data[1][4] .= print_input_hidden ('real_directory', $real_directory, true); $table->data[1][4] .= print_input_hidden ('directory', $relative_directory, true); $table->data[1][4] .= print_input_hidden('hash', md5($real_directory . $relative_directory . $config['dbpass']), true); $table->data[1][4] .= print_input_hidden ('upload_file_or_zip', 1, true); } echo ''; } /** * Print the box of fields for upload file. * * @param string $real_directory The string of dir as realpath. * @param string $relative_directory The string of dir as relative path. * @param string $url The url to set in the forms and some links in the explorer. */ function box_upload_file_explorer($real_directory, $relative_directory, $url = '') { global $config; $table->width = '50%'; $table->data = array (); if (! is_file_manager_writable_dir ($real_directory)) { echo "'; echo __('Please check that current directory has write rights for HTTP server'); echo '
'; } else { $table->data[1][0] = __('Upload file'); $table->data[1][1] = print_input_file ('file', true, false); $table->data[1][2] = print_submit_button (__('Go'), 'go', false, 'class="sub next"', true); $table->data[1][2] .= print_input_hidden ('real_directory', $real_directory, true); $table->data[1][2] .= print_input_hidden ('directory', $relative_directory, true); $table->data[1][2] .= print_input_hidden('hash', md5($real_directory . $relative_directory . $config['dbpass']), true); $table->data[1][2] .= print_input_hidden ('upload_file', 1, true); } echo ''; } /** * Print the box of fields for upload file zip. * * @param unknown_type $real_directory * @param unknown_type $relative_directory * @param string $url The url to set in the forms and some links in the explorer. */ function box_upload_zip_explorer($real_directory, $relative_directory, $url = '') { global $config; $table->width = '60%'; $table->data = array (); if (! is_file_manager_writable_dir ($real_directory)) { echo "'; echo __('Please check that current directory has write rights for HTTP server'); echo '
'; } else { $table->data[1][0] = __('Upload zip file: ') . print_help_tip (__("The zip upload in this dir, easy to upload multiple files."), true); $table->data[1][1] = print_input_file ('file', true, false); $table->data[1][2] = print_submit_button (__('Go'), 'go', false, 'class="sub next"', true); $table->data[1][2] .= print_input_hidden ('real_directory', $real_directory, true); $table->data[1][2] .= print_input_hidden ('directory', $relative_directory, true); $table->data[1][2] .= print_input_hidden('hash', md5($real_directory . $relative_directory . $config['dbpass']), true); $table->data[1][2] .= print_input_hidden ('upload_zip', 1, true); } echo ''; } /** * Print the box of fields for create the text file. * * @param unknown_type $real_directory * @param unknown_type $relative_directory * @param string $url The url to set in the forms and some links in the explorer. */ function box_create_text_explorer($real_directory, $relative_directory, $url = '') { global $config; $table->width = '60%'; $table->data = array (); if (! is_file_manager_writable_dir ($real_directory)) { echo "'; echo __('Please check that current directory has write rights for HTTP server'); echo '
'; } else { $table->data[1][0] = __('Create text file: '); $table->data[1][1] = print_input_text('name_file', '', '', 30, 50, true); $table->data[1][2] = print_submit_button (__('Create'), 'create', false, 'class="sub"', true); $table->data[1][2] .= print_input_hidden ('real_directory', $real_directory, true); $table->data[1][2] .= print_input_hidden ('directory', $relative_directory, true); $table->data[1][2] .= print_input_hidden('hash', md5($real_directory . $relative_directory . $config['dbpass']), true); $table->data[1][2] .= print_input_hidden ('create_text_file', 1, true); } echo ''; } /** * Get the available directories of the file manager. * * @return array An array with all the directories where the file manager can * operate. */ function get_file_manager_available_directories () { global $config; $dirs = array (); $dirs['images'] = "images"; $dirs['attachment'] = "attachment"; $dirs['languages'] = "include/languages"; foreach ($dirs as $dirname) { $dirpath = realpath ($config['homedir'].'/'.$dirname); $dir = opendir ($dirpath); while ($file = @readdir ($dir)) { /* Ignore hidden files */ if ($file[0] == '.') continue; $filepath = $dirpath.'/'.$file; if (is_dir ($filepath)) { $dirs[$dirname.'/'.$file] = $dirname.'/'.$file; } } } return $dirs; } /** * Check if a dirname is available for the file manager. * * @param string Dirname to check. * * @return array An array with all the directories where the file manager can * operate. */ function is_file_manager_available_directory ($dirname) { $dirs = get_file_manager_available_directories (); return isset ($dirs[$dirname]); } /** * Check if a directory is writable. * * @param string Directory path to check. * @param bool If set, it will try to make the directory writeable if it's not. * * @param bool Wheter the directory is writeable or not. */ function is_file_manager_writable_dir ($dirpath, $force = false) { if (is_file_manager_available_directory (basename ($dirpath))) return is_writable ($dirpath); if (is_file_manager_writable_dir (realpath ($dirpath.'/..'))) return true; else if (! $force) return is_writable ($dirpath); return (is_writable ($dirpath) || @chmod ($dirpath, 0755)); } /** * Check if a directory is writable. * * @param string Directory path to check. * @param bool If set, it will try to make the directory writeable if it's not. * * @param bool Wheter the directory is writeable or not. */ function get_file_manager_file_info ($filepath) { global $config; $realpath = realpath ($filepath); $info = array ('mime' => MIME_UNKNOWN, 'mime_extend' => mime_content_type ($filepath), 'link' => 0, 'is_dir' => false, 'name' => basename ($realpath), 'url' => str_replace('//', '/', $config['homeurl'].str_ireplace ($config['homedir'], '', $realpath)), 'realpath' => $realpath, 'size' => filesize ($realpath), 'last_modified' => filemtime ($realpath) ); $zip_mimes = array ('application/zip', 'application/x-rar-compressed', 'application/x-gzip', 'application/x-bzip2'); if (is_dir ($filepath)) { $info['mime'] = MIME_DIR; $info['is_dir'] = true; $info['size'] = 0; } else if (strpos ($info['mime_extend'], 'image') === 0) { $info['mime'] = MIME_IMAGE; } else if (in_array ($info['mime_extend'], $zip_mimes)) { $info['mime'] = MIME_ZIP; } else if (strpos ($info['mime_extend'], 'text') === 0) { $info['mime'] = MIME_TEXT; } return $info; } /** * Check if a directory is writable. * * @param string Directory path to check. * @param bool If set, it will try to make the directory writeable if it's not. * * @param bool Wheter the directory is writeable or not. */ function list_file_manager_dir ($dirpath) { $files = array (); $dirs = array (); $dir = opendir ($dirpath); while ($file = @readdir ($dir)) { /* Ignore hidden files */ if ($file[0] == '.') continue; $info = get_file_manager_file_info ($dirpath.'/'.$file); if ($info['is_dir']) { $dirs[$file] = $info; } else { $files[$file] = $info; } } ksort ($files); ksort ($dirs); closedir ($dir); return array_merge ($dirs, $files); } ?>