1 | [//lasso
|
---|
2 | /*
|
---|
3 | * FCKeditor - The text editor for Internet - http://www.fckeditor.net
|
---|
4 | * Copyright (C) 2003-2009 Frederico Caldeira Knabben
|
---|
5 | *
|
---|
6 | * == BEGIN LICENSE ==
|
---|
7 | *
|
---|
8 | * Licensed under the terms of any of the following licenses at your
|
---|
9 | * choice:
|
---|
10 | *
|
---|
11 | * - GNU General Public License Version 2 or later (the "GPL")
|
---|
12 | * http://www.gnu.org/licenses/gpl.html
|
---|
13 | *
|
---|
14 | * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
|
---|
15 | * http://www.gnu.org/licenses/lgpl.html
|
---|
16 | *
|
---|
17 | * - Mozilla Public License Version 1.1 or later (the "MPL")
|
---|
18 | * http://www.mozilla.org/MPL/MPL-1.1.html
|
---|
19 | *
|
---|
20 | * == END LICENSE ==
|
---|
21 | *
|
---|
22 | * This is the File Manager Connector for Lasso.
|
---|
23 | */
|
---|
24 |
|
---|
25 | /*.....................................................................
|
---|
26 | Include global configuration. See config.lasso for details.
|
---|
27 | */
|
---|
28 | include('config.lasso');
|
---|
29 |
|
---|
30 |
|
---|
31 | /*.....................................................................
|
---|
32 | Translate current date/time to GMT for custom header.
|
---|
33 | */
|
---|
34 | var('headerDate') = date_localtogmt(date)->format('%a, %d %b %Y %T GMT');
|
---|
35 |
|
---|
36 |
|
---|
37 | /*.....................................................................
|
---|
38 | Convert query string parameters to variables and initialize output.
|
---|
39 | */
|
---|
40 | var(
|
---|
41 | 'Command' = (Encode_HTML: action_param('Command')),
|
---|
42 | 'Type' = (Encode_HTML: action_param('Type')),
|
---|
43 | 'CurrentFolder' = action_param('CurrentFolder'),
|
---|
44 | 'ServerPath' = action_param('ServerPath'),
|
---|
45 | 'NewFolderName' = action_param('NewFolderName'),
|
---|
46 | 'NewFile' = null,
|
---|
47 | 'NewFileName' = string,
|
---|
48 | 'OrigFilePath' = string,
|
---|
49 | 'NewFilePath' = string,
|
---|
50 | 'commandData' = string,
|
---|
51 | 'folders' = '\t<Folders>\n',
|
---|
52 | 'files' = '\t<Files>\n',
|
---|
53 | 'errorNumber' = integer,
|
---|
54 | 'responseType' = 'xml',
|
---|
55 | 'uploadResult' = '0'
|
---|
56 | );
|
---|
57 |
|
---|
58 | /*.....................................................................
|
---|
59 | Custom tag sets the HTML response.
|
---|
60 | */
|
---|
61 |
|
---|
62 | define_tag(
|
---|
63 | 'htmlreply',
|
---|
64 | -namespace='fck_',
|
---|
65 | -priority='replace',
|
---|
66 | -required='uploadResult',
|
---|
67 | -optional='NewFilePath',
|
---|
68 | -type='string',
|
---|
69 | -description='Sets the HTML response for the FCKEditor File Upload feature.'
|
---|
70 | );
|
---|
71 | $__html_reply__ = '\
|
---|
72 | <script type="text/javascript">
|
---|
73 | (function(){var d=document.domain;while (true){try{var A=window.parent.document.domain;break;}catch(e) {};d=d.replace(/.*?(?:\\.|$)/,\'\');if (d.length==0) break;try{document.domain=d;}catch (e){break;}}})();
|
---|
74 | ';
|
---|
75 | if($uploadResult == '0' || $uploadResult == '201');
|
---|
76 | $__html_reply__ = $__html_reply__ + '\
|
---|
77 | window.parent.OnUploadCompleted(' + $uploadResult + ',"' + $NewFilePath + '","' + $NewFilePath->split('/')->last + '");
|
---|
78 | </script>
|
---|
79 | ';
|
---|
80 | else;
|
---|
81 | $__html_reply__ = $__html_reply__ + '\
|
---|
82 | window.parent.OnUploadCompleted(' + $uploadResult + ',"","");
|
---|
83 | </script>
|
---|
84 | ';
|
---|
85 | /if;
|
---|
86 | /define_tag;
|
---|
87 |
|
---|
88 |
|
---|
89 | /*.....................................................................
|
---|
90 | Calculate the path to the current folder.
|
---|
91 | */
|
---|
92 | $ServerPath == '' ? $ServerPath = $config->find('UserFilesPath');
|
---|
93 |
|
---|
94 | var('currentFolderURL' = $ServerPath
|
---|
95 | + $config->find('Subdirectories')->find(action_param('Type'))
|
---|
96 | + $CurrentFolder
|
---|
97 | );
|
---|
98 |
|
---|
99 | $currentFolderURL = string_replace($currentFolderURL, -find='//', -replace='/');
|
---|
100 |
|
---|
101 | if (!$config->find('Subdirectories')->find(action_param('Type')));
|
---|
102 | if($Command == 'FileUpload');
|
---|
103 | $responseType = 'html';
|
---|
104 | $uploadResult = '1';
|
---|
105 | fck_htmlreply(
|
---|
106 | -uploadResult=$uploadResult
|
---|
107 | );
|
---|
108 | else;
|
---|
109 | $errorNumber = 1;
|
---|
110 | $commandData += '<Error number="' + $errorNumber + '" text="Invalid type specified" />\n';
|
---|
111 | /if;
|
---|
112 | else if($CurrentFolder->(Find: '..') || (String_FindRegExp: $CurrentFolder, -Find='(/\\.)|(//)|[\\\\:\\*\\?\\""\\<\\>\\|]|\\000|[\u007F]|[\u0001-\u001F]'));
|
---|
113 | if($Command == 'FileUpload');
|
---|
114 | $responseType = 'html';
|
---|
115 | $uploadResult = '102';
|
---|
116 | fck_htmlreply(
|
---|
117 | -uploadResult=$uploadResult
|
---|
118 | );
|
---|
119 | else;
|
---|
120 | $errorNumber = 102;
|
---|
121 | $commandData += '<Error number="' + $errorNumber + '" />\n';
|
---|
122 | /if;
|
---|
123 | else;
|
---|
124 |
|
---|
125 | /*.....................................................................
|
---|
126 | Build the appropriate response per the 'Command' parameter. Wrap the
|
---|
127 | entire process in an inline for file tag permissions.
|
---|
128 | */
|
---|
129 | if($config->find('Enabled'));
|
---|
130 | inline($connection);
|
---|
131 | select($Command);
|
---|
132 | /*.............................................................
|
---|
133 | List all subdirectories in the 'Current Folder' directory.
|
---|
134 | */
|
---|
135 | case('GetFolders');
|
---|
136 | $commandData += '\t<Folders>\n';
|
---|
137 |
|
---|
138 | iterate(file_listdirectory($currentFolderURL), local('this'));
|
---|
139 | #this->endswith('/') ? $commandData += '\t\t<Folder name="' + #this->removetrailing('/')& + '" />\n';
|
---|
140 | /iterate;
|
---|
141 |
|
---|
142 | $commandData += '\t</Folders>\n';
|
---|
143 |
|
---|
144 |
|
---|
145 | /*.............................................................
|
---|
146 | List both files and folders in the 'Current Folder' directory.
|
---|
147 | Include the file sizes in kilobytes.
|
---|
148 | */
|
---|
149 | case('GetFoldersAndFiles');
|
---|
150 | iterate(file_listdirectory($currentFolderURL), local('this'));
|
---|
151 | if(#this->endswith('/'));
|
---|
152 | $folders += '\t\t<Folder name="' + #this->removetrailing('/')& + '" />\n';
|
---|
153 | else;
|
---|
154 | local('size') = file_getsize($currentFolderURL + #this);
|
---|
155 | if($size>0);
|
---|
156 | $size = $size/1024;
|
---|
157 | if ($size==0);
|
---|
158 | $size = 1;
|
---|
159 | /if;
|
---|
160 | /if;
|
---|
161 | $files += '\t\t<File name="' + #this + '" size="' + #size + '" />\n';
|
---|
162 | /if;
|
---|
163 | /iterate;
|
---|
164 |
|
---|
165 | $folders += '\t</Folders>\n';
|
---|
166 | $files += '\t</Files>\n';
|
---|
167 |
|
---|
168 | $commandData += $folders + $files;
|
---|
169 |
|
---|
170 |
|
---|
171 | /*.............................................................
|
---|
172 | Create a directory 'NewFolderName' within the 'Current Folder.'
|
---|
173 | */
|
---|
174 | case('CreateFolder');
|
---|
175 | $NewFolderName = (String_ReplaceRegExp: $NewFolderName, -find='\\.|\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|\\000|[\u007F]|[\u0001-\u001F]', -replace='_');
|
---|
176 | var('newFolder' = $currentFolderURL + $NewFolderName + '/');
|
---|
177 | file_create($newFolder);
|
---|
178 |
|
---|
179 |
|
---|
180 | /*.........................................................
|
---|
181 | Map Lasso's file error codes to FCKEditor's error codes.
|
---|
182 | */
|
---|
183 | select(file_currenterror( -errorcode));
|
---|
184 | case(0);
|
---|
185 | $errorNumber = 0;
|
---|
186 | case( -9983);
|
---|
187 | $errorNumber = 101;
|
---|
188 | case( -9976);
|
---|
189 | $errorNumber = 102;
|
---|
190 | case( -9977);
|
---|
191 | $errorNumber = 102;
|
---|
192 | case( -9961);
|
---|
193 | $errorNumber = 103;
|
---|
194 | case;
|
---|
195 | $errorNumber = 110;
|
---|
196 | /select;
|
---|
197 |
|
---|
198 | $commandData += '<Error number="' + $errorNumber + '" />\n';
|
---|
199 |
|
---|
200 |
|
---|
201 | /*.............................................................
|
---|
202 | Process an uploaded file.
|
---|
203 | */
|
---|
204 | case('FileUpload');
|
---|
205 | /*.........................................................
|
---|
206 | This is the only command that returns an HTML response.
|
---|
207 | */
|
---|
208 | $responseType = 'html';
|
---|
209 |
|
---|
210 |
|
---|
211 | /*.........................................................
|
---|
212 | Was a file actually uploaded?
|
---|
213 | */
|
---|
214 | if(file_uploads->size);
|
---|
215 | $NewFile = file_uploads->get(1);
|
---|
216 | else;
|
---|
217 | $uploadResult = '202';
|
---|
218 | /if;
|
---|
219 |
|
---|
220 | if($uploadResult == '0');
|
---|
221 | /*.....................................................
|
---|
222 | Split the file's extension from the filename in order
|
---|
223 | to follow the API's naming convention for duplicate
|
---|
224 | files. (Test.txt, Test(1).txt, Test(2).txt, etc.)
|
---|
225 | */
|
---|
226 | $NewFileName = $NewFile->find('OrigName');
|
---|
227 | $NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|\\000|[\u007F]|[\u0001-\u001F]', -replace='_');
|
---|
228 | $NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\.(?![^.]*$)', -replace='_');
|
---|
229 | $OrigFilePath = $currentFolderURL + $NewFileName;
|
---|
230 | $NewFilePath = $OrigFilePath;
|
---|
231 | local('fileExtension') = '.' + $NewFile->find('OrigExtension');
|
---|
232 | #fileExtension = (String_ReplaceRegExp: #fileExtension, -find='\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|\\000|[\u007F]|[\u0001-\u001F]', -replace='_');
|
---|
233 | local('shortFileName') = $NewFileName->removetrailing(#fileExtension)&;
|
---|
234 |
|
---|
235 |
|
---|
236 | /*.....................................................
|
---|
237 | Make sure the file extension is allowed.
|
---|
238 | */
|
---|
239 | local('allowedExt') = $config->find('AllowedExtensions')->find($Type);
|
---|
240 | local('deniedExt') = $config->find('DeniedExtensions')->find($Type);
|
---|
241 | if($allowedExt->Size > 0 && $allowedExt !>> $NewFile->find('OrigExtension'));
|
---|
242 | $uploadResult = '202';
|
---|
243 | else($deniedExt->Size > 0 && $deniedExt >> $NewFile->find('OrigExtension'));
|
---|
244 | $uploadResult = '202';
|
---|
245 | else;
|
---|
246 | /*.................................................
|
---|
247 | Rename the target path until it is unique.
|
---|
248 | */
|
---|
249 | while(file_exists($NewFilePath));
|
---|
250 | $NewFilePath = $currentFolderURL + #shortFileName + '(' + loop_count + ')' + #fileExtension;
|
---|
251 | /while;
|
---|
252 |
|
---|
253 |
|
---|
254 | /*.................................................
|
---|
255 | Copy the uploaded file to its final location.
|
---|
256 | */
|
---|
257 | file_copy($NewFile->find('path'), $NewFilePath);
|
---|
258 |
|
---|
259 |
|
---|
260 | /*.................................................
|
---|
261 | Set the error code for the response. Note whether
|
---|
262 | the file had to be renamed.
|
---|
263 | */
|
---|
264 | select(file_currenterror( -errorcode));
|
---|
265 | case(0);
|
---|
266 | $OrigFilePath != $NewFilePath ? $uploadResult = 201;
|
---|
267 | case;
|
---|
268 | $uploadResult = file_currenterror( -errorcode);
|
---|
269 | /select;
|
---|
270 | /if;
|
---|
271 | /if;
|
---|
272 | fck_htmlreply(
|
---|
273 | -uploadResult=$uploadResult,
|
---|
274 | -NewFilePath=$NewFilePath
|
---|
275 | );
|
---|
276 | case;
|
---|
277 | $errorNumber = 1;
|
---|
278 | $commandData += '<Error number="' + $errorNumber + '" text="Command isn\'t allowed" />\n';
|
---|
279 | /select;
|
---|
280 | /inline;
|
---|
281 | else;
|
---|
282 | $errorNumber = 1;
|
---|
283 | $commandData += '<Error number="' + $errorNumber + '" text="This file uploader is disabled. Please check the editor/filemanager/upload/lasso/config.lasso file." />\n';
|
---|
284 | /if;
|
---|
285 | /if;
|
---|
286 |
|
---|
287 | /*.....................................................................
|
---|
288 | Send a custom header for xml responses.
|
---|
289 | */
|
---|
290 | if($responseType == 'xml');
|
---|
291 | header;
|
---|
292 | ]
|
---|
293 | HTTP/1.0 200 OK
|
---|
294 | Date: [$headerDate]
|
---|
295 | Server: Lasso Professional [lasso_version( -lassoversion)]
|
---|
296 | Expires: Mon, 26 Jul 1997 05:00:00 GMT
|
---|
297 | Last-Modified: [$headerDate]
|
---|
298 | Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
|
---|
299 | Pragma: no-cache
|
---|
300 | Keep-Alive: timeout=15, max=98
|
---|
301 | Connection: Keep-Alive
|
---|
302 | Content-Type: text/xml; charset=utf-8
|
---|
303 | [//lasso
|
---|
304 | /header;
|
---|
305 |
|
---|
306 | /*
|
---|
307 | Set the content type encoding for Lasso.
|
---|
308 | */
|
---|
309 | content_type('text/xml; charset=utf-8');
|
---|
310 |
|
---|
311 | /*
|
---|
312 | Wrap the response as XML and output.
|
---|
313 | */
|
---|
314 | $__html_reply__ = '\
|
---|
315 | <?xml version="1.0" encoding="utf-8" ?>';
|
---|
316 |
|
---|
317 | if($errorNumber != '102');
|
---|
318 | $__html_reply__ += '<Connector command="' + (Encode_HTML: $Command) + '" resourceType="' + (Encode_HTML: $Type) + '">';
|
---|
319 | else;
|
---|
320 | $__html_reply__ += '<Connector>';
|
---|
321 | /if;
|
---|
322 |
|
---|
323 | if($errorNumber != '102');
|
---|
324 | $__html_reply__ += '<CurrentFolder path="' + (Encode_HTML: $CurrentFolder) + '" url="' + (Encode_HTML: $currentFolderURL) + '" />';
|
---|
325 | /if;
|
---|
326 |
|
---|
327 | $__html_reply__ += $commandData + '
|
---|
328 | </Connector>';
|
---|
329 | /if;
|
---|
330 | ]
|
---|