alazhar/joomla_test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
alazhar
2020-01-02 22:20:31 +07:00
commit 10eb3340ad
5753 changed files with 631345 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
administrator/components/com_media/controllers/file.json.php Normal file
View File

@ -0,0 +1,182 @@
<?php
/**
* @package Joomla.Administrator
* @subpackage com_media
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
jimport('joomla.filesystem.file');
jimport('joomla.filesystem.folder');
/**
* File Media Controller
*
* @package Joomla.Administrator
* @subpackage com_media
* @since 1.6
*/
class MediaControllerFile extends JControllerLegacy
{
/**
* Upload a file
*
* @return void
*
* @since 1.5
*/
function upload()
{
$params = JComponentHelper::getParams('com_media');
// Check for request forgeries
if (!JSession::checkToken('request'))
{
$response = array(
'status' => '0',
'error' => JText::_('JINVALID_TOKEN')
);
echo json_encode($response);
return;
}
// Get the user
$user = JFactory::getUser();
JLog::addLogger(array('text_file' => 'upload.error.php'), JLog::ALL, array('upload'));
// Get some data from the request
$file = $this->input->files->get('Filedata', '', 'array');
$folder = $this->input->get('folder', '', 'path');
if (
$_SERVER['CONTENT_LENGTH'] > ($params->get('upload_maxsize', 0) * 1024 * 1024) ||
$_SERVER['CONTENT_LENGTH'] > (int) (ini_get('upload_max_filesize')) * 1024 * 1024 ||
$_SERVER['CONTENT_LENGTH'] > (int) (ini_get('post_max_size')) * 1024 * 1024 ||
$_SERVER['CONTENT_LENGTH'] > (int) (ini_get('memory_limit')) * 1024 * 1024
)
{
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_WARNFILETOOLARGE')
);
echo json_encode($response);
return;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
// Make the filename safe
$file['name'] = JFile::makeSafe($file['name']);
if (isset($file['name']))
{
// The request is valid
$err = null;
$filepath = JPath::clean(COM_MEDIA_BASE . '/' . $folder . '/' . strtolower($file['name']));
if (!MediaHelper::canUpload($file, $err))
{
JLog::add('Invalid: ' . $filepath . ': ' . $err, JLog::INFO, 'upload');
$response = array(
'status' => '0',
'error' => JText::_($err)
);
echo json_encode($response);
return;
}
// Trigger the onContentBeforeSave event.
JPluginHelper::importPlugin('content');
$dispatcher = JEventDispatcher::getInstance();
$object_file = new JObject($file);
$object_file->filepath = $filepath;
$result = $dispatcher->trigger('onContentBeforeSave', array('com_media.file', &$object_file, true));
if (in_array(false, $result, true))
{
// There are some errors in the plugins
JLog::add('Errors before save: ' . $object_file->filepath . ' : ' . implode(', ', $object_file->getErrors()), JLog::INFO, 'upload');
$response = array(
'status' => '0',
'error' => JText::plural('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors))
);
echo json_encode($response);
return;
}
if (JFile::exists($object_file->filepath))
{
// File exists
JLog::add('File exists: ' . $object_file->filepath . ' by user_id ' . $user->id, JLog::INFO, 'upload');
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_FILE_EXISTS')
);
echo json_encode($response);
return;
}
elseif (!$user->authorise('core.create', 'com_media'))
{
// File does not exist and user is not authorised to create
JLog::add('Create not permitted: ' . $object_file->filepath . ' by user_id ' . $user->id, JLog::INFO, 'upload');
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_CREATE_NOT_PERMITTED')
);
echo json_encode($response);
return;
}
if (!JFile::upload($object_file->tmp_name, $object_file->filepath))
{
// Error in upload
JLog::add('Error on upload: ' . $object_file->filepath, JLog::INFO, 'upload');
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_UNABLE_TO_UPLOAD_FILE')
);
echo json_encode($response);
return;
}
else
{
// Trigger the onContentAfterSave event.
$dispatcher->trigger('onContentAfterSave', array('com_media.file', &$object_file, true));
JLog::add($folder, JLog::INFO, 'upload');
$response = array(
'status' => '1',
'error' => JText::sprintf('COM_MEDIA_UPLOAD_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE)))
);
echo json_encode($response);
return;
}
}
else
{
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_BAD_REQUEST')
);
echo json_encode($response);
return;
}
}
}

278
administrator/components/com_media/controllers/file.php Normal file
View File

@ -0,0 +1,278 @@
<?php
/**
* @package Joomla.Administrator
* @subpackage com_media
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
jimport('joomla.filesystem.file');
jimport('joomla.filesystem.folder');
/**
* Media File Controller
*
* @package Joomla.Administrator
* @subpackage com_media
* @since 1.5
*/
class MediaControllerFile extends JControllerLegacy
{
/**
* The folder we are uploading into
*
* @var string
*/
protected $folder = '';
/**
* Upload one or more files
*
* @return boolean
*
* @since 1.5
*/
public function upload()
{
// Check for request forgeries
JSession::checkToken('request') or jexit(JText::_('JINVALID_TOKEN'));
$params = JComponentHelper::getParams('com_media');
// Get some data from the request
$files = $this->input->files->get('Filedata', '', 'array');
$return = $this->input->post->get('return-url', null, 'base64');
$this->folder = $this->input->get('folder', '', 'path');
// Set the redirect
if ($return)
{
$this->setRedirect(base64_decode($return) . '&folder=' . $this->folder);
}
// Authorize the user
if (!$this->authoriseUser('create'))
{
return false;
}
if (
$_SERVER['CONTENT_LENGTH'] > ($params->get('upload_maxsize', 0) * 1024 * 1024) ||
$_SERVER['CONTENT_LENGTH'] > (int) (ini_get('upload_max_filesize')) * 1024 * 1024 ||
$_SERVER['CONTENT_LENGTH'] > (int) (ini_get('post_max_size')) * 1024 * 1024 ||
(($_SERVER['CONTENT_LENGTH'] > (int) (ini_get('memory_limit')) * 1024 * 1024) && ((int) (ini_get('memory_limit')) != -1))
)
{
JError::raiseWarning(100, JText::_('COM_MEDIA_ERROR_WARNFILETOOLARGE'));
return false;
}
// Perform basic checks on file info before attempting anything
foreach ($files as &$file)
{
$file['name'] = JFile::makeSafe($file['name']);
$file['filepath'] = JPath::clean(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $this->folder, $file['name'])));
if ($file['error'] == 1)
{
JError::raiseWarning(100, JText::_('COM_MEDIA_ERROR_WARNFILETOOLARGE'));
return false;
}
if ($file['size'] > ($params->get('upload_maxsize', 0) * 1024 * 1024))
{
JError::raiseNotice(100, JText::_('COM_MEDIA_ERROR_WARNFILETOOLARGE'));
return false;
}
if (JFile::exists($file['filepath']))
{
// A file with this name already exists
JError::raiseWarning(100, JText::_('COM_MEDIA_ERROR_FILE_EXISTS'));
return false;
}
if (!isset($file['name']))
{
// No filename (after the name was cleaned by JFile::makeSafe)
$this->setRedirect('index.php', JText::_('COM_MEDIA_INVALID_REQUEST'), 'error');
return false;
}
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
JPluginHelper::importPlugin('content');
$dispatcher = JEventDispatcher::getInstance();
foreach ($files as &$file)
{
// The request is valid
$err = null;
if (!MediaHelper::canUpload($file, $err))
{
// The file can't be upload
JError::raiseNotice(100, JText::_($err));
return false;
}
// Trigger the onContentBeforeSave event.
$object_file = new JObject($file);
$result = $dispatcher->trigger('onContentBeforeSave', array('com_media.file', &$object_file, true));
if (in_array(false, $result, true))
{
// There are some errors in the plugins
JError::raiseWarning(100, JText::plural('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
return false;
}
if (!JFile::upload($object_file->tmp_name, $object_file->filepath))
{
// Error in upload
JError::raiseWarning(100, JText::_('COM_MEDIA_ERROR_UNABLE_TO_UPLOAD_FILE'));
return false;
}
else
{
// Trigger the onContentAfterSave event.
$dispatcher->trigger('onContentAfterSave', array('com_media.file', &$object_file, true));
$this->setMessage(JText::sprintf('COM_MEDIA_UPLOAD_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
}
return true;
}
/**
* Check that the user is authorized to perform this action
*
* @param string $action - the action to be peformed (create or delete)
*
* @return boolean
*
* @since 1.6
*/
protected function authoriseUser($action)
{
if (!JFactory::getUser()->authorise('core.' . strtolower($action), 'com_media'))
{
// User is not authorised
JError::raiseWarning(403, JText::_('JLIB_APPLICATION_ERROR_' . strtoupper($action) . '_NOT_PERMITTED'));
return false;
}
return true;
}
/**
* Deletes paths from the current path
*
* @return boolean
*
* @since 1.5
*/
public function delete()
{
JSession::checkToken('request') or jexit(JText::_('JINVALID_TOKEN'));
// Get some data from the request
$tmpl = $this->input->get('tmpl');
$paths = $this->input->get('rm', array(), 'array');
$folder = $this->input->get('folder', '', 'path');
$redirect = 'index.php?option=com_media&folder=' . $folder;
if ($tmpl == 'component')
{
// We are inside the iframe
$redirect .= '&view=mediaList&tmpl=component';
}
$this->setRedirect($redirect);
// Nothing to delete
if (empty($paths))
{
return true;
}
// Authorize the user
if (!$this->authoriseUser('delete'))
{
return false;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
JPluginHelper::importPlugin('content');
$dispatcher = JEventDispatcher::getInstance();
$ret = true;
foreach ($paths as $path)
{
if ($path !== JFile::makeSafe($path))
{
// filename is not safe
$filename = htmlspecialchars($path, ENT_COMPAT, 'UTF-8');
JError::raiseWarning(100, JText::sprintf('COM_MEDIA_ERROR_UNABLE_TO_DELETE_FILE_WARNFILENAME', substr($filename, strlen(COM_MEDIA_BASE))));
continue;
}
$fullPath = JPath::clean(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $folder, $path)));
$object_file = new JObject(array('filepath' => $fullPath));
if (is_file($object_file->filepath))
{
// Trigger the onContentBeforeDelete event.
$result = $dispatcher->trigger('onContentBeforeDelete', array('com_media.file', &$object_file));
if (in_array(false, $result, true))
{
// There are some errors in the plugins
JError::raiseWarning(100, JText::plural('COM_MEDIA_ERROR_BEFORE_DELETE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
continue;
}
$ret &= JFile::delete($object_file->filepath);
// Trigger the onContentAfterDelete event.
$dispatcher->trigger('onContentAfterDelete', array('com_media.file', &$object_file));
$this->setMessage(JText::sprintf('COM_MEDIA_DELETE_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
elseif (is_dir($object_file->filepath))
{
$contents = JFolder::files($object_file->filepath, '.', true, false, array('.svn', 'CVS', '.DS_Store', '__MACOSX', 'index.html'));
if (empty($contents))
{
// Trigger the onContentBeforeDelete event.
$result = $dispatcher->trigger('onContentBeforeDelete', array('com_media.folder', &$object_file));
if (in_array(false, $result, true))
{
// There are some errors in the plugins
JError::raiseWarning(100, JText::plural('COM_MEDIA_ERROR_BEFORE_DELETE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
continue;
}
$ret &= JFolder::delete($object_file->filepath);
// Trigger the onContentAfterDelete event.
$dispatcher->trigger('onContentAfterDelete', array('com_media.folder', &$object_file));
$this->setMessage(JText::sprintf('COM_MEDIA_DELETE_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
else
{
// This makes no sense...
JError::raiseWarning(100, JText::sprintf('COM_MEDIA_ERROR_UNABLE_TO_DELETE_FOLDER_NOT_EMPTY', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
}
}
return $ret;
}
}

210
administrator/components/com_media/controllers/folder.php Normal file
View File

@ -0,0 +1,210 @@
<?php
/**
* @package Joomla.Administrator
* @subpackage com_media
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
jimport('joomla.filesystem.file');
jimport('joomla.filesystem.folder');
/**
* Folder Media Controller
*
* @package Joomla.Administrator
* @subpackage com_media
* @since 1.5
*/
class MediaControllerFolder extends JControllerLegacy
{
/**
* Deletes paths from the current path
*
* @return boolean
*
* @since 1.5
*/
public function delete()
{
JSession::checkToken('request') or jexit(JText::_('JINVALID_TOKEN'));
$user = JFactory::getUser();
// Get some data from the request
$tmpl = $this->input->get('tmpl');
$paths = $this->input->get('rm', array(), 'array');
$folder = $this->input->get('folder', '', 'path');
$redirect = 'index.php?option=com_media&folder=' . $folder;
if ($tmpl == 'component')
{
// We are inside the iframe
$redirect .= '&view=mediaList&tmpl=component';
}
$this->setRedirect($redirect);
// Just return if there's nothing to do
if (empty($paths))
{
return true;
}
if (!$user->authorise('core.delete', 'com_media'))
{
// User is not authorised to delete
JError::raiseWarning(403, JText::_('JLIB_APPLICATION_ERROR_DELETE_NOT_PERMITTED'));
return false;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
$ret = true;
JPluginHelper::importPlugin('content');
$dispatcher = JEventDispatcher::getInstance();
if (count($paths))
{
foreach ($paths as $path)
{
if ($path !== JFile::makeSafe($path))
{
$dirname = htmlspecialchars($path, ENT_COMPAT, 'UTF-8');
JError::raiseWarning(100, JText::sprintf('COM_MEDIA_ERROR_UNABLE_TO_DELETE_FOLDER_WARNDIRNAME', substr($dirname, strlen(COM_MEDIA_BASE))));
continue;
}
$fullPath = JPath::clean(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $folder, $path)));
$object_file = new JObject(array('filepath' => $fullPath));
if (is_file($object_file->filepath))
{
// Trigger the onContentBeforeDelete event.
$result = $dispatcher->trigger('onContentBeforeDelete', array('com_media.file', &$object_file));
if (in_array(false, $result, true))
{
// There are some errors in the plugins
JError::raiseWarning(100, JText::plural('COM_MEDIA_ERROR_BEFORE_DELETE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
continue;
}
$ret &= JFile::delete($object_file->filepath);
// Trigger the onContentAfterDelete event.
$dispatcher->trigger('onContentAfterDelete', array('com_media.file', &$object_file));
$this->setMessage(JText::sprintf('COM_MEDIA_DELETE_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
elseif (is_dir($object_file->filepath))
{
$contents = JFolder::files($object_file->filepath, '.', true, false, array('.svn', 'CVS', '.DS_Store', '__MACOSX', 'index.html'));
if (empty($contents))
{
// Trigger the onContentBeforeDelete event.
$result = $dispatcher->trigger('onContentBeforeDelete', array('com_media.folder', &$object_file));
if (in_array(false, $result, true))
{
// There are some errors in the plugins
JError::raiseWarning(100, JText::plural('COM_MEDIA_ERROR_BEFORE_DELETE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
continue;
}
$ret &= !JFolder::delete($object_file->filepath);
// Trigger the onContentAfterDelete event.
$dispatcher->trigger('onContentAfterDelete', array('com_media.folder', &$object_file));
$this->setMessage(JText::sprintf('COM_MEDIA_DELETE_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
else
{
//This makes no sense...
JError::raiseWarning(100, JText::sprintf('COM_MEDIA_ERROR_UNABLE_TO_DELETE_FOLDER_NOT_EMPTY', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
}
}
}
return $ret;
}
/**
* Create a folder
*
* @return boolean
*
* @since 1.5
*/
public function create()
{
// Check for request forgeries
JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));
$user = JFactory::getUser();
$folder = $this->input->get('foldername', '');
$folderCheck = (string) $this->input->get('foldername', null, 'raw');
$parent = $this->input->get('folderbase', '', 'path');
$this->setRedirect('index.php?option=com_media&folder=' . $parent . '&tmpl=' . $this->input->get('tmpl', 'index'));
if (strlen($folder) > 0)
{
if (!$user->authorise('core.create', 'com_media'))
{
// User is not authorised to delete
JError::raiseWarning(403, JText::_('JLIB_APPLICATION_ERROR_CREATE_NOT_PERMITTED'));
return false;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
$this->input->set('folder', $parent);
if (($folderCheck !== null) && ($folder !== $folderCheck))
{
$this->setMessage(JText::_('COM_MEDIA_ERROR_UNABLE_TO_CREATE_FOLDER_WARNDIRNAME'));
return false;
}
$path = JPath::clean(COM_MEDIA_BASE . '/' . $parent . '/' . $folder);
if (!is_dir($path) && !is_file($path))
{
// Trigger the onContentBeforeSave event.
$object_file = new JObject(array('filepath' => $path));
JPluginHelper::importPlugin('content');
$dispatcher = JEventDispatcher::getInstance();
$result = $dispatcher->trigger('onContentBeforeSave', array('com_media.folder', &$object_file, true));
if (in_array(false, $result, true))
{
// There are some errors in the plugins
JError::raiseWarning(100, JText::plural('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
return false;
}
JFolder::create($object_file->filepath);
$data = "<html>\n<body bgcolor=\"#FFFFFF\">\n</body>\n</html>";
JFile::write($object_file->filepath . "/index.html", $data);
// Trigger the onContentAfterSave event.
$dispatcher->trigger('onContentAfterSave', array('com_media.folder', &$object_file, true));
$this->setMessage(JText::sprintf('COM_MEDIA_CREATE_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
$this->input->set('folder', ($parent) ? $parent.'/'.$folder : $folder);
}
return true;
}
}

1
administrator/components/com_media/controllers/index.html Normal file
View File

@ -0,0 +1 @@
<!DOCTYPE html><title></title>