antadis/toutpratique
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
toutpratique/adm/filemanager/execute.php

208 lines
8.6 KiB
PHP
Raw Permalink Normal View History

prestashop v1
2015-07-06 16:58:50 +02:00
<?php
include('config/config.php');
update prestashop
2015-09-22 18:22:11 +02:00
if ($_SESSION['verify'] != 'RESPONSIVEfilemanager') {
die('forbiden');
}
prestashop v1
2015-07-06 16:58:50 +02:00
include('include/utils.php');
$_POST['path_thumb'] = $thumbs_base_path.$_POST['path_thumb'];
update prestashop
2015-09-22 18:22:11 +02:00
if (!isset($_POST['path_thumb']) && trim($_POST['path_thumb']) == '') {
die('wrong path');
}
prestashop v1
2015-07-06 16:58:50 +02:00
$thumb_pos = strpos($_POST['path_thumb'], $thumbs_base_path);
if ($thumb_pos === false
update prestashop
2015-09-22 18:22:11 +02:00
|| preg_match('/\.{1,2}[\/|\\\]/', $_POST['path_thumb']) !== 0
|| preg_match('/\.{1,2}[\/|\\\]/', $_POST['path']) !== 0
) {
die('wrong path');
}
prestashop v1
2015-07-06 16:58:50 +02:00
$language_file = 'lang/en.php';
update prestashop
2015-09-22 18:22:11 +02:00
if (isset($_GET['lang']) && $_GET['lang'] != 'undefined' && $_GET['lang'] != '') {
$path_parts = pathinfo($_GET['lang']);
if (is_readable('lang/'.$path_parts['basename'].'.php')) {
$language_file = 'lang/'.$path_parts['basename'].'.php';
}
prestashop v1
2015-07-06 16:58:50 +02:00
}
require_once $language_file;
$base = $current_path;
update prestashop
2015-09-22 18:22:11 +02:00
if (isset($_POST['path'])) {
$path = $current_path.str_replace("\0", "", $_POST['path']);
} else {
$path = $current_path;
}
prestashop v1
2015-07-06 16:58:50 +02:00
$cycle = true;
$max_cycles = 50;
$i = 0;
update prestashop
2015-09-22 18:22:11 +02:00
while ($cycle && $i < $max_cycles) {
$i++;
if ($path == $base) {
$cycle = false;
}
if (file_exists($path.'config.php')) {
require_once($path.'config.php');
$cycle = false;
}
$path = fix_dirname($path).'/';
$cycle = false;
prestashop v1
2015-07-06 16:58:50 +02:00
}
$path = $current_path.str_replace("\0", "", $_POST['path']);
$path_thumb = $_POST['path_thumb'];
update prestashop
2015-09-22 18:22:11 +02:00
if (isset($_POST['name'])) {
$name = $_POST['name'];
if (preg_match('/\.{1,2}[\/|\\\]/', $name) !== 0) {
die('wrong name');
}
prestashop v1
2015-07-06 16:58:50 +02:00
}
$info = pathinfo($path);
update prestashop
2015-09-22 18:22:11 +02:00
if (isset($info['extension']) && !(isset($_GET['action']) && $_GET['action'] == 'delete_folder') && !in_array(strtolower($info['extension']), $ext)) {
die('wrong extension');
prestashop v1
2015-07-06 16:58:50 +02:00
}
update prestashop
2015-09-22 18:22:11 +02:00
if (isset($_GET['action'])) {
switch ($_GET['action']) {
case 'delete_file':
if ($delete_files) {
unlink($path);
if (file_exists($path_thumb)) {
unlink($path_thumb);
}
$info = pathinfo($path);
if ($relative_image_creation) {
foreach ($relative_path_from_current_pos as $k => $path) {
if ($path != '' && $path[strlen($path) - 1] != '/') {
$path .= '/';
}
if (file_exists($info['dirname'].'/'.$path.$relative_image_creation_name_to_prepend[$k].$info['filename'].$relative_image_creation_name_to_append[$k].'.'.$info['extension'])) {
unlink($info['dirname'].'/'.$path.$relative_image_creation_name_to_prepend[$k].$info['filename'].$relative_image_creation_name_to_append[$k].'.'.$info['extension']);
}
}
}
if ($fixed_image_creation) {
foreach ($fixed_path_from_filemanager as $k => $path) {
if ($path != '' && $path[strlen($path) - 1] != '/') {
$path .= '/';
}
$base_dir = $path.substr_replace($info['dirname'].'/', '', 0, strlen($current_path));
if (file_exists($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].'.'.$info['extension'])) {
unlink($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].'.'.$info['extension']);
}
}
}
}
break;
case 'delete_folder':
if ($delete_folders) {
if (is_dir($path_thumb)) {
deleteDir($path_thumb);
}
if (is_dir($path)) {
deleteDir($path);
if ($fixed_image_creation) {
foreach ($fixed_path_from_filemanager as $k => $paths) {
if ($paths != '' && $paths[strlen($paths) - 1] != '/') {
$paths .= '/';
}
$base_dir = $paths.substr_replace($path, '', 0, strlen($current_path));
if (is_dir($base_dir)) {
deleteDir($base_dir);
}
}
}
}
}
break;
case 'create_folder':
if ($create_folders) {
create_folder(fix_path($path, $transliteration), fix_path($path_thumb, $transliteration));
}
break;
case 'rename_folder':
if ($rename_folders) {
$name = fix_filename($name, $transliteration);
$name = str_replace('.', '', $name);
if (!empty($name)) {
if (!rename_folder($path, $name, $transliteration)) {
die(lang_Rename_existing_folder);
}
rename_folder($path_thumb, $name, $transliteration);
if ($fixed_image_creation) {
foreach ($fixed_path_from_filemanager as $k => $paths) {
if ($paths != '' && $paths[strlen($paths) - 1] != '/') {
$paths .= '/';
}
$base_dir = $paths.substr_replace($path, '', 0, strlen($current_path));
rename_folder($base_dir, $name, $transliteration);
}
}
} else {
die(lang_Empty_name);
}
}
break;
case 'rename_file':
if ($rename_files) {
$name = fix_filename($name, $transliteration);
if (!empty($name)) {
if (!rename_file($path, $name, $transliteration)) {
die(lang_Rename_existing_file);
}
rename_file($path_thumb, $name, $transliteration);
if ($fixed_image_creation) {
$info = pathinfo($path);
foreach ($fixed_path_from_filemanager as $k => $paths) {
if ($paths != '' && $paths[strlen($paths) - 1] != '/') {
$paths .= '/';
}
$base_dir = $paths.substr_replace($info['dirname'].'/', '', 0, strlen($current_path));
if (file_exists($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].'.'.$info['extension'])) {
rename_file($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].'.'.$info['extension'], $fixed_image_creation_name_to_prepend[$k].$name.$fixed_image_creation_to_append[$k], $transliteration);
}
}
}
} else {
die(lang_Empty_name);
}
}
break;
case 'duplicate_file':
if ($duplicate_files) {
$name = fix_filename($name, $transliteration);
if (!empty($name)) {
if (!duplicate_file($path, $name)) {
die(lang_Rename_existing_file);
}
duplicate_file($path_thumb, $name);
if ($fixed_image_creation) {
$info = pathinfo($path);
foreach ($fixed_path_from_filemanager as $k => $paths) {
if ($paths != '' && $paths[strlen($paths) - 1] != '/') {
$paths .= '/';
}
$base_dir = $paths.substr_replace($info['dirname'].'/', '', 0, strlen($current_path));
if (file_exists($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].'.'.$info['extension'])) {
duplicate_file($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].'.'.$info['extension'], $fixed_image_creation_name_to_prepend[$k].$name.$fixed_image_creation_to_append[$k]);
}
}
}
} else {
die(lang_Empty_name);
}
}
break;
default:
die('wrong action');
break;
}
}
Reference in New Issue Copy Permalink