From e5ff5f53c86381e832d506d53038e97a3e4c22c5 Mon Sep 17 00:00:00 2001
From: Cameron <e107inc@gmail.com>
Date: Wed, 21 Apr 2021 16:48:04 -0700
Subject: [PATCH] Issue #550 - Expanded filetypes.xml display in admin
 preferences area to include Admin and Main admin perms. Additional defaults
 for admin and mainadmin added to filetypes.xml during installation.

---
 e107_admin/prefs.php                 | 56 ++++++++++++++++++++++---
 e107_handlers/file_class.php         | 25 +++++++----
 e107_tests/tests/unit/e_fileTest.php | 62 +++++++++++++++++++++++-----
 install.php                          |  4 +-
 4 files changed, 121 insertions(+), 26 deletions(-)

diff --git a/e107_admin/prefs.php b/e107_admin/prefs.php
index 8f85accf7..65d1dbead 100644
--- a/e107_admin/prefs.php
+++ b/e107_admin/prefs.php
@@ -1779,8 +1779,53 @@ $text .= "
 	<td>".r_userclass("upload_class", $pref['upload_class'],"off","nobody,public,guest,member,admin,classes")."
 	</td>
 	</tr>
-	<tr><td>".PRFLAN_240."</td>
-	<td>
+	<tr><td>".PRFLAN_240."<sup>**</sup></td>
+	<td>";
+
+	$fType = [e_UC_MEMBER => UC_LAN_3, e_UC_ADMIN => UC_LAN_5, e_UC_MAINADMIN => UC_LAN_6 ];
+	$tabs = [];
+
+	foreach($fType as $class => $label)
+	{
+		$tabs[$class] = array('caption' => $label, 'text' => filePermRender($class));
+	}
+
+	function filePermRender($class)
+	{
+		$fl = e107::getFile();
+		$text = "<table class='table table-striped table-bordered' style='margin:0'>
+		<tr><th>".LAN_TYPE."</th><th>".UPLLAN_33."</th></tr>";
+
+			$data = $fl->getAllowedFileTypes($class);
+
+			if(empty($data))
+			{
+				$data = $fl->getAllowedFileTypes(e_UC_MEMBER);
+			}
+
+			foreach($data as $k=>$v)
+			{
+				if(empty($k))
+				{
+					continue;
+				}
+
+				$text .= "<tr><td class='col-label'>".$k."</td>
+				<td>".$fl->file_size_encode($v)."</td>
+				</tr>";
+			}
+
+			$text .= "</table>";
+
+			return $text;
+
+	}
+
+
+
+	$text .= e107::getForm()->tabs($tabs);
+/*
+	$text .= "
 
 	<table class='table table-striped table-bordered'>
 	<tr><th>".LAN_TYPE."</th><th>".UPLLAN_33."</th>
@@ -1801,9 +1846,10 @@ $text .= "
 	
 
 	
-	$text .= "</table>
-	
-	<div>".PRFLAN_241." <b>".str_replace("../",'',e_SYSTEM).e_READ_FILETYPES."</b></div>
+	$text .= "</table>";
+	*/
+	$text .= "
+	<div style='padding:15px 0'>".PRFLAN_241." <b>".str_replace("../",'',e_SYSTEM).e_READ_FILETYPES."</b></div>
 	</td>
 	
 	
diff --git a/e107_handlers/file_class.php b/e107_handlers/file_class.php
index 173be2ec6..195ace931 100644
--- a/e107_handlers/file_class.php
+++ b/e107_handlers/file_class.php
@@ -1106,7 +1106,7 @@
 			{
 				ob_end_clean();
 			}
-			@ob_implicit_flush(true);
+			@ob_implicit_flush();
 
 
 			$filename = $file;
@@ -1198,7 +1198,7 @@
 						$mes .= "Path: " . $path . "\n";
 						$mes .= "Backtrace: ";
 						$mes .= print_r(debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS), true);
-						trigger_error($mes, E_USER_NOTICE);
+						trigger_error($mes);
 						exit();
 					}
 					else
@@ -1726,7 +1726,8 @@
 
 
 		/**
-		 *    Get an array of permitted filetypes according to a set hierarchy.
+		 * @deprecated Use getAllowedFileTypes()
+		 *  Get an array of permitted filetypes according to a set hierarchy.
 		 *    If a specific file name given, that's used. Otherwise the default hierarchy is used
 		 *
 		 * @param string|boolean $file_mask - comma-separated list of allowed file types
@@ -2436,23 +2437,23 @@
 		 *  Get array of file types (file extensions) which are permitted - reads an XML-formatted definition file.
 		 *    (Similar to @See{get_allowed_filetypes()}, but expects an XML file)
 		 *
-		 * @param string $file_mask - comma-separated list of allowed file types - only those specified in both $file_mask and $def_file are returned
+		 * @param string $class - e_UC_MEMBER etc if a specific class of file-types is required. Otherwise, it defaults to the perms of the current user.
 		 * @return array - where key is the file type (extension); value is max upload size
 		 */
-		public function getAllowedFileTypes($file_mask = '')
+		public function getAllowedFileTypes($class = null)
 		{
 
 			$ret = array();
 			$file_array = array();
 
-			if($file_mask)
+	/*		if($file_mask)
 			{
 				$file_array = explode(',', $file_mask);
 				foreach($file_array as $k => $f)
 				{
 					$file_array[$k] = trim($f);
 				}
-			}
+			}*/
 
 			if(!is_readable(e_SYSTEM . "filetypes.xml"))
 			{
@@ -2473,7 +2474,13 @@
 			foreach($temp_vars['class'] as $v1)
 			{
 				$v = $v1['@attributes'];
-				if(check_class($v['name']))
+
+				if(!is_numeric($v['name']))
+				{
+					$v['name'] = e107::getUserClass()->getClassFromKey($v['name'], $v['name']); // convert 'admin' etc to numeric equivalent.
+				}
+
+				if(($class === null && check_class($v['name'])) || (int) $class === (int) $v['name'])
 				{
 					$current_perms[$v['name']] = array('type' => $v['type'], 'maxupload' => $v['maxupload']);
 					$a_filetypes = explode(',', $v['type']);
@@ -2481,7 +2488,7 @@
 					{
 						$ftype = strtolower(trim(str_replace('.', '', $ftype))); // File extension
 
-						if(!$file_mask || in_array($ftype, $file_array)) // We can load this extension
+					//	if(!$file_mask || in_array($ftype, $file_array)) // We can load this extension
 						{
 							if(isset($ret[$ftype]))
 							{
diff --git a/e107_tests/tests/unit/e_fileTest.php b/e107_tests/tests/unit/e_fileTest.php
index ffe092779..e7570ee86 100644
--- a/e107_tests/tests/unit/e_fileTest.php
+++ b/e107_tests/tests/unit/e_fileTest.php
@@ -39,6 +39,8 @@ class e_fileTest extends \Codeception\Test\Unit
 		$content = '<?xml version="1.0" encoding="utf-8"?>
 						<e107Filetypes>
 							<class name="253" type="zip,gz,jpg,jpeg,png,gif,xml,pdf" maxupload="2M" />
+							<class name="admin" type="zip,gz,jpg,jpeg,png,gif,xml,pdf" maxupload="4M" />
+							<class name="main" type="zip,gz,jpg,jpeg,png,gif,webp,xml,pdf,mov" maxupload="5M" />
 						</e107Filetypes>';
 
 		file_put_contents($this->filetypesFile, $content);
@@ -71,20 +73,58 @@ class e_fileTest extends \Codeception\Test\Unit
 
 	public function testGetAllowedFileTypes()
 	{
-		$actual = $this->fl->getAllowedFileTypes();
 
-		$expected = array (
-			'zip' => 2097152, // 2M in bytes
-			'gz' => 2097152,
-			'jpg' => 2097152,
-			'jpeg' => 2097152,
-			'png' => 2097152,
-			'gif' => 2097152,
-			'xml' => 2097152,
-			'pdf' => 2097152,
+
+		$tests = array(
+			e_UC_MEMBER => array (
+				'zip' => 2097152, // 2M in bytes
+				'gz' => 2097152,
+				'jpg' => 2097152,
+				'jpeg' => 2097152,
+				'png' => 2097152,
+				'gif' => 2097152,
+				'xml' => 2097152,
+				'pdf' => 2097152,
+			),
+			e_UC_ADMIN => array (
+				  'zip' => 4194304,
+				  'gz' => 4194304,
+				  'jpg' => 4194304,
+				  'jpeg' => 4194304,
+				  'png' => 4194304,
+				  'gif' => 4194304,
+				  'xml' => 4194304,
+				  'pdf' => 4194304,
+				),
+			e_UC_MAINADMIN => array (
+				  'zip' => 5242880,
+				  'gz' => 5242880,
+				  'jpg' => 5242880,
+				  'jpeg' => 5242880,
+				  'png' => 5242880,
+				  'gif' => 5242880,
+				  'webp' => 5242880,
+				  'xml' => 5242880,
+				  'pdf' => 5242880,
+				  'mov' => 5242880,
+				),
 		);
 
-		$this->assertEquals($expected,$actual);
+		foreach($tests as $class => $expected)
+		{
+			$actual = $this->fl->getAllowedFileTypes($class);
+
+			if(empty($expected))
+			{
+				var_export($actual);
+				continue;
+			}
+
+
+			$this->assertSame($expected,$actual);
+		}
+
+
 
 	}
 
diff --git a/install.php b/install.php
index c47776e73..28839d6fb 100644
--- a/install.php
+++ b/install.php
@@ -1648,7 +1648,9 @@ if($this->pdo == true)
 	{
 		$data = '<?xml version="1.0" encoding="utf-8"?>
 <e107Filetypes>
-	<class name="253" type="zip,gz,jpg,jpeg,png,gif,webp,xml,pdf" maxupload="2M" />
+	<class name="member" type="zip,gz,jpg,jpeg,png,gif,webp,xml,pdf" maxupload="2M" />
+	<class name="admin" type="zip,gz,jpg,jpeg,png,gif,webp,xml,pdf" maxupload="10M" />
+	<class name="main" type="zip,gz,rar,jpg,jpeg,png,gif,webp,xml,pdf,mov,mp4,mp3,doc,docx,xls,xlsm,mp3,mp4,wav,ogg,webm,mid,midi,torrent,txt,dmg,msi" maxupload="50M" />
 </e107Filetypes>';
 
 		return file_put_contents($this->e107->e107_dirs['SYSTEM_DIRECTORY']."filetypes.xml",$data);