Changeset 2848 for trunk/filemanager/inc
- Timestamp:
- 05/25/10 10:41:40 (14 years ago)
- Location:
- trunk/filemanager/inc
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/filemanager/inc/class.uifilemanager.inc.php
r2608 r2848 601 601 $vars['css'].='<link rel="stylesheet" type="text/css" href="' . $GLOBALS[ 'phpgw' ] -> link( '/phpgwapi/js/dftree/dftree.css' ) . '">'; 602 602 $vars[preferences]='<input type="hidden" id="userPreferences" value=\''.serialize($_SESSION['phpgw_info']['user']['preferences']['filemanager']).'\'>'; 603 // Used for important operations that needs security604 for ($key = ""; strlen($key) < 150; $key .= chr(rand(48,95)));605 $_SESSION['phpgw_info']['filemanager']['user']['sec_key'] = $key;606 $vars['sec_key']='<input type="hidden" id="userKey" value=\''.$key.'\'>';607 603 608 604 $GLOBALS[ 'phpgw_info' ][ 'flags' ][ 'java_script' ] .= '<script>' … … 736 732 function removedir() 737 733 { 738 $toRemove = $this->path ^ $_SESSION['phpgw_info']['filemanager']['user']['sec_key']; 734 require_once('phpgwapi/inc/class.rsa.inc.php'); 735 $rsa = new rsa(); 736 $toRemove = $rsa->decode($this->path); 739 737 if ( $this->bo->vfs->rm(array( 'string' => $toRemove, 740 738 'relatives' => array (RELATIVE_NONE) … … 1000 998 1001 999 if ($mime_type == 'text/html'){ 1002 $vars[fck_edit] = '<script type="text/javascript" src="filemanager/tp/ckeditor/ckeditor .js"></script>1000 $vars[fck_edit] = '<script type="text/javascript" src="filemanager/tp/ckeditor/ckeditor_basic.js"></script> 1003 1001 <textarea cols="80" id="edit_file_content" name="edit_file_content" rows="10">'.$content.'</textarea> 1004 1002 <script type="text/javascript"> CKEDITOR.replace( \'edit_file_content\',{ -
trunk/filemanager/inc/class.vfs_functions.inc.php
r2362 r2848 274 274 $zipFilePath=ini_get("session.save_path")."/".$zipFileName; 275 275 $command = $zipFilePath.$command; 276 require_once('phpgwapi/inc/class.rsa.inc.php'); 277 $rsa = new rsa(); 276 278 277 279 if (strlen($this->pswd) > 0){ 278 $command = " -P ".(base64_decode($this->pswd) ^ $_SESSION['phpgw_info']['filemanager']['user']['sec_key'])." ".$command; 279 } 280 $command = " -P ".$rsa->decode(base64_decode($this->pswd))." ".$command; 281 } 282 session_start(); 283 $_SESSION['debug'][] = $_SESSION['phpgw_session']['publ_key']; 284 $_SESSION['debug'][] = $_SESSION['phpgw_session']['priv_key']; 285 $_SESSION['debug'][] = $_SESSION['phpgw_session']['modulus']; 286 287 $_SESSION['debug'][] = $this->pswd; 288 $_SESSION['debug'][] = base64_decode($this->pswd); 289 $_SESSION['debug'][] = $rsa->decode(base64_decode($this->pswd)); 290 $_SESSION['debug'][] = $command; 291 280 292 281 293 exec("cd ".$this->bo->vfs->basedir.$this->path.";".escapeshellcmd("nice -n19 zip -9 ".$command),$output,$return_var); … … 303 315 function unarchive(){ 304 316 $command = escapeshellarg($this->file); 317 require_once('phpgwapi/inc/class.rsa.inc.php'); 318 $rsa = new rsa(); 319 305 320 if (strlen($this->pswd) > 0){ 306 $command = " -P ". (base64_decode($this->pswd) ^ $_SESSION['phpgw_info']['filemanager']['user']['sec_key'])." ".$command;321 $command = " -P ".$rsa->decode(base64_decode($this->pswd))." ".$command; 307 322 } 308 323
Note: See TracChangeset
for help on using the changeset viewer.