mirror of
https://github.com/misterunknown/ifm.git
synced 2025-08-11 10:34:00 +02:00
fixed bug which occured with relative ; closes #48
This commit is contained in:
Marco Dickert
@@ -2025,7 +2025,7 @@ function IFM( params ) {
|
|||||||
case "remoteUpload": $this->remoteUpload( $_REQUEST ); break;
|
case "remoteUpload": $this->remoteUpload( $_REQUEST ); break;
|
||||||
case "multidelete": $this->deleteMultipleFiles( $_REQUEST ); break;
|
case "multidelete": $this->deleteMultipleFiles( $_REQUEST ); break;
|
||||||
case "getFolderTree":
|
case "getFolderTree":
|
||||||
echo json_encode( array_merge( array( 0 => array( "text" => "/ [root]", "nodes" => array(), "dataAttributes" => array( "path" => realpath( $this->config['root_dir'] ) ) ) ), $this->getFolderTreeRecursive( $this->config['root_dir'] ) ) );
|
echo json_encode( array_merge( array( 0 => array( "text" => "/ [root]", "nodes" => array(), "dataAttributes" => array( "path" => $this->getRootDir() ) ) ), $this->getFolderTreeRecursive( $this->getRootDir() ) ) );
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
echo json_encode( array( "status" => "ERROR", "message" => "No valid api action given" ) );
|
echo json_encode( array( "status" => "ERROR", "message" => "No valid api action given" ) );
|
||||||
@@ -2126,7 +2126,7 @@ function IFM( params ) {
|
|||||||
private function getConfig() {
|
private function getConfig() {
|
||||||
$ret = $this->config;
|
$ret = $this->config;
|
||||||
$ret['inline'] = ( $this->mode == "inline" ) ? true : false;
|
$ret['inline'] = ( $this->mode == "inline" ) ? true : false;
|
||||||
$ret['isDocroot'] = ( realpath( $this->config['root_dir'] ) == dirname( __FILE__ ) ) ? "true" : "false";
|
$ret['isDocroot'] = ( $this->getRootDir() == dirname( __FILE__ ) ) ? "true" : "false";
|
||||||
echo json_encode( $ret );
|
echo json_encode( $ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2625,12 +2625,27 @@ function IFM( params ) {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function isAbsolutePath( $path ) {
|
||||||
|
if( $path === null || $path === '' )
|
||||||
|
return false;
|
||||||
|
return $path[0] === DIRECTORY_SEPARATOR || preg_match('~\A[A-Z]:(?![^/\\\\])~i',$path) > 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
private function getRootDir() {
|
||||||
|
if( $this->config['root_dir'] == "" )
|
||||||
|
return realpath( dirname( __FILE__ ) );
|
||||||
|
elseif( $this->isAbsolutePath( $this->config['root_dir'] ) )
|
||||||
|
return realpath( $this->config['root_dir'] );
|
||||||
|
else
|
||||||
|
return realpath( $this->pathCombine( dirname( __FILE__ ), $this->config['root_dir'] ) );
|
||||||
|
}
|
||||||
|
|
||||||
private function getValidDir( $dir ) {
|
private function getValidDir( $dir ) {
|
||||||
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) )
|
||||||
return "";
|
return "";
|
||||||
} else {
|
else {
|
||||||
$rpDir = realpath( $dir );
|
$rpDir = realpath( $dir );
|
||||||
$rpConfig = realpath( $this->config['root_dir'] );
|
$rpConfig = $this->getRootDir();
|
||||||
if( $rpConfig == "/" )
|
if( $rpConfig == "/" )
|
||||||
return $rpDir;
|
return $rpDir;
|
||||||
elseif( $rpDir == $rpConfig )
|
elseif( $rpDir == $rpConfig )
|
||||||
@@ -2643,6 +2658,7 @@ function IFM( params ) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private function isPathValid( $dir ) {
|
private function isPathValid( $dir ) {
|
||||||
/**
|
/**
|
||||||
* This function is also used to check non-existent paths, but the PHP realpath function returns false for
|
* This function is also used to check non-existent paths, but the PHP realpath function returns false for
|
||||||
@@ -2656,7 +2672,7 @@ function IFM( params ) {
|
|||||||
$tmp_d = dirname( $tmp_d );
|
$tmp_d = dirname( $tmp_d );
|
||||||
}
|
}
|
||||||
$rpDir = $this->pathCombine( realpath( $tmp_d ), implode( "/", array_reverse( $tmp_missing_parts ) ) );
|
$rpDir = $this->pathCombine( realpath( $tmp_d ), implode( "/", array_reverse( $tmp_missing_parts ) ) );
|
||||||
$rpConfig = ( $this->config['root_dir'] == "" ) ? realpath( dirname( __FILE__ ) ) : realpath( $this->config['root_dir'] );
|
$rpConfig = $this->getRootDir();
|
||||||
if( ! is_string( $rpDir ) || ! is_string( $rpConfig ) ) // can happen if open_basedir is in effect
|
if( ! is_string( $rpDir ) || ! is_string( $rpConfig ) ) // can happen if open_basedir is in effect
|
||||||
return false;
|
return false;
|
||||||
elseif( $rpDir == $rpConfig )
|
elseif( $rpDir == $rpConfig )
|
||||||
@@ -2773,7 +2789,7 @@ function IFM( params ) {
|
|||||||
elseif( trim( $a ) == "" )
|
elseif( trim( $a ) == "" )
|
||||||
return ltrim( $b, '/' );
|
return ltrim( $b, '/' );
|
||||||
else
|
else
|
||||||
return rtrim( $a, '/' ) . '/' . ltrim( $b, '/' );
|
return rtrim( $a, '/' ) . '/' . trim( $b, '/' );
|
||||||
}
|
}
|
||||||
|
|
||||||
// check if filename is allowed
|
// check if filename is allowed
|
||||||
|
|||||||
30
ifm.php
30
ifm.php
@@ -2025,7 +2025,7 @@ function IFM( params ) {
|
|||||||
case "remoteUpload": $this->remoteUpload( $_REQUEST ); break;
|
case "remoteUpload": $this->remoteUpload( $_REQUEST ); break;
|
||||||
case "multidelete": $this->deleteMultipleFiles( $_REQUEST ); break;
|
case "multidelete": $this->deleteMultipleFiles( $_REQUEST ); break;
|
||||||
case "getFolderTree":
|
case "getFolderTree":
|
||||||
echo json_encode( array_merge( array( 0 => array( "text" => "/ [root]", "nodes" => array(), "dataAttributes" => array( "path" => realpath( $this->config['root_dir'] ) ) ) ), $this->getFolderTreeRecursive( $this->config['root_dir'] ) ) );
|
echo json_encode( array_merge( array( 0 => array( "text" => "/ [root]", "nodes" => array(), "dataAttributes" => array( "path" => $this->getRootDir() ) ) ), $this->getFolderTreeRecursive( $this->getRootDir() ) ) );
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
echo json_encode( array( "status" => "ERROR", "message" => "No valid api action given" ) );
|
echo json_encode( array( "status" => "ERROR", "message" => "No valid api action given" ) );
|
||||||
@@ -2126,7 +2126,7 @@ function IFM( params ) {
|
|||||||
private function getConfig() {
|
private function getConfig() {
|
||||||
$ret = $this->config;
|
$ret = $this->config;
|
||||||
$ret['inline'] = ( $this->mode == "inline" ) ? true : false;
|
$ret['inline'] = ( $this->mode == "inline" ) ? true : false;
|
||||||
$ret['isDocroot'] = ( realpath( $this->config['root_dir'] ) == dirname( __FILE__ ) ) ? "true" : "false";
|
$ret['isDocroot'] = ( $this->getRootDir() == dirname( __FILE__ ) ) ? "true" : "false";
|
||||||
echo json_encode( $ret );
|
echo json_encode( $ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2625,12 +2625,27 @@ function IFM( params ) {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function isAbsolutePath( $path ) {
|
||||||
|
if( $path === null || $path === '' )
|
||||||
|
return false;
|
||||||
|
return $path[0] === DIRECTORY_SEPARATOR || preg_match('~\A[A-Z]:(?![^/\\\\])~i',$path) > 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
private function getRootDir() {
|
||||||
|
if( $this->config['root_dir'] == "" )
|
||||||
|
return realpath( dirname( __FILE__ ) );
|
||||||
|
elseif( $this->isAbsolutePath( $this->config['root_dir'] ) )
|
||||||
|
return realpath( $this->config['root_dir'] );
|
||||||
|
else
|
||||||
|
return realpath( $this->pathCombine( dirname( __FILE__ ), $this->config['root_dir'] ) );
|
||||||
|
}
|
||||||
|
|
||||||
private function getValidDir( $dir ) {
|
private function getValidDir( $dir ) {
|
||||||
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) )
|
||||||
return "";
|
return "";
|
||||||
} else {
|
else {
|
||||||
$rpDir = realpath( $dir );
|
$rpDir = realpath( $dir );
|
||||||
$rpConfig = realpath( $this->config['root_dir'] );
|
$rpConfig = $this->getRootDir();
|
||||||
if( $rpConfig == "/" )
|
if( $rpConfig == "/" )
|
||||||
return $rpDir;
|
return $rpDir;
|
||||||
elseif( $rpDir == $rpConfig )
|
elseif( $rpDir == $rpConfig )
|
||||||
@@ -2643,6 +2658,7 @@ function IFM( params ) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private function isPathValid( $dir ) {
|
private function isPathValid( $dir ) {
|
||||||
/**
|
/**
|
||||||
* This function is also used to check non-existent paths, but the PHP realpath function returns false for
|
* This function is also used to check non-existent paths, but the PHP realpath function returns false for
|
||||||
@@ -2656,7 +2672,7 @@ function IFM( params ) {
|
|||||||
$tmp_d = dirname( $tmp_d );
|
$tmp_d = dirname( $tmp_d );
|
||||||
}
|
}
|
||||||
$rpDir = $this->pathCombine( realpath( $tmp_d ), implode( "/", array_reverse( $tmp_missing_parts ) ) );
|
$rpDir = $this->pathCombine( realpath( $tmp_d ), implode( "/", array_reverse( $tmp_missing_parts ) ) );
|
||||||
$rpConfig = ( $this->config['root_dir'] == "" ) ? realpath( dirname( __FILE__ ) ) : realpath( $this->config['root_dir'] );
|
$rpConfig = $this->getRootDir();
|
||||||
if( ! is_string( $rpDir ) || ! is_string( $rpConfig ) ) // can happen if open_basedir is in effect
|
if( ! is_string( $rpDir ) || ! is_string( $rpConfig ) ) // can happen if open_basedir is in effect
|
||||||
return false;
|
return false;
|
||||||
elseif( $rpDir == $rpConfig )
|
elseif( $rpDir == $rpConfig )
|
||||||
@@ -2773,7 +2789,7 @@ function IFM( params ) {
|
|||||||
elseif( trim( $a ) == "" )
|
elseif( trim( $a ) == "" )
|
||||||
return ltrim( $b, '/' );
|
return ltrim( $b, '/' );
|
||||||
else
|
else
|
||||||
return rtrim( $a, '/' ) . '/' . ltrim( $b, '/' );
|
return rtrim( $a, '/' ) . '/' . trim( $b, '/' );
|
||||||
}
|
}
|
||||||
|
|
||||||
// check if filename is allowed
|
// check if filename is allowed
|
||||||
|
|||||||
30
src/main.php
30
src/main.php
@@ -200,7 +200,7 @@ f00bar;
|
|||||||
case "remoteUpload": $this->remoteUpload( $_REQUEST ); break;
|
case "remoteUpload": $this->remoteUpload( $_REQUEST ); break;
|
||||||
case "multidelete": $this->deleteMultipleFiles( $_REQUEST ); break;
|
case "multidelete": $this->deleteMultipleFiles( $_REQUEST ); break;
|
||||||
case "getFolderTree":
|
case "getFolderTree":
|
||||||
echo json_encode( array_merge( array( 0 => array( "text" => "/ [root]", "nodes" => array(), "dataAttributes" => array( "path" => realpath( $this->config['root_dir'] ) ) ) ), $this->getFolderTreeRecursive( $this->config['root_dir'] ) ) );
|
echo json_encode( array_merge( array( 0 => array( "text" => "/ [root]", "nodes" => array(), "dataAttributes" => array( "path" => $this->getRootDir() ) ) ), $this->getFolderTreeRecursive( $this->getRootDir() ) ) );
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
echo json_encode( array( "status" => "ERROR", "message" => "No valid api action given" ) );
|
echo json_encode( array( "status" => "ERROR", "message" => "No valid api action given" ) );
|
||||||
@@ -301,7 +301,7 @@ f00bar;
|
|||||||
private function getConfig() {
|
private function getConfig() {
|
||||||
$ret = $this->config;
|
$ret = $this->config;
|
||||||
$ret['inline'] = ( $this->mode == "inline" ) ? true : false;
|
$ret['inline'] = ( $this->mode == "inline" ) ? true : false;
|
||||||
$ret['isDocroot'] = ( realpath( $this->config['root_dir'] ) == dirname( __FILE__ ) ) ? "true" : "false";
|
$ret['isDocroot'] = ( $this->getRootDir() == dirname( __FILE__ ) ) ? "true" : "false";
|
||||||
echo json_encode( $ret );
|
echo json_encode( $ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -800,12 +800,27 @@ f00bar;
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function isAbsolutePath( $path ) {
|
||||||
|
if( $path === null || $path === '' )
|
||||||
|
return false;
|
||||||
|
return $path[0] === DIRECTORY_SEPARATOR || preg_match('~\A[A-Z]:(?![^/\\\\])~i',$path) > 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
private function getRootDir() {
|
||||||
|
if( $this->config['root_dir'] == "" )
|
||||||
|
return realpath( dirname( __FILE__ ) );
|
||||||
|
elseif( $this->isAbsolutePath( $this->config['root_dir'] ) )
|
||||||
|
return realpath( $this->config['root_dir'] );
|
||||||
|
else
|
||||||
|
return realpath( $this->pathCombine( dirname( __FILE__ ), $this->config['root_dir'] ) );
|
||||||
|
}
|
||||||
|
|
||||||
private function getValidDir( $dir ) {
|
private function getValidDir( $dir ) {
|
||||||
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) )
|
||||||
return "";
|
return "";
|
||||||
} else {
|
else {
|
||||||
$rpDir = realpath( $dir );
|
$rpDir = realpath( $dir );
|
||||||
$rpConfig = realpath( $this->config['root_dir'] );
|
$rpConfig = $this->getRootDir();
|
||||||
if( $rpConfig == "/" )
|
if( $rpConfig == "/" )
|
||||||
return $rpDir;
|
return $rpDir;
|
||||||
elseif( $rpDir == $rpConfig )
|
elseif( $rpDir == $rpConfig )
|
||||||
@@ -818,6 +833,7 @@ f00bar;
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private function isPathValid( $dir ) {
|
private function isPathValid( $dir ) {
|
||||||
/**
|
/**
|
||||||
* This function is also used to check non-existent paths, but the PHP realpath function returns false for
|
* This function is also used to check non-existent paths, but the PHP realpath function returns false for
|
||||||
@@ -831,7 +847,7 @@ f00bar;
|
|||||||
$tmp_d = dirname( $tmp_d );
|
$tmp_d = dirname( $tmp_d );
|
||||||
}
|
}
|
||||||
$rpDir = $this->pathCombine( realpath( $tmp_d ), implode( "/", array_reverse( $tmp_missing_parts ) ) );
|
$rpDir = $this->pathCombine( realpath( $tmp_d ), implode( "/", array_reverse( $tmp_missing_parts ) ) );
|
||||||
$rpConfig = ( $this->config['root_dir'] == "" ) ? realpath( dirname( __FILE__ ) ) : realpath( $this->config['root_dir'] );
|
$rpConfig = $this->getRootDir();
|
||||||
if( ! is_string( $rpDir ) || ! is_string( $rpConfig ) ) // can happen if open_basedir is in effect
|
if( ! is_string( $rpDir ) || ! is_string( $rpConfig ) ) // can happen if open_basedir is in effect
|
||||||
return false;
|
return false;
|
||||||
elseif( $rpDir == $rpConfig )
|
elseif( $rpDir == $rpConfig )
|
||||||
@@ -948,7 +964,7 @@ f00bar;
|
|||||||
elseif( trim( $a ) == "" )
|
elseif( trim( $a ) == "" )
|
||||||
return ltrim( $b, '/' );
|
return ltrim( $b, '/' );
|
||||||
else
|
else
|
||||||
return rtrim( $a, '/' ) . '/' . ltrim( $b, '/' );
|
return rtrim( $a, '/' ) . '/' . trim( $b, '/' );
|
||||||
}
|
}
|
||||||
|
|
||||||
// check if filename is allowed
|
// check if filename is allowed
|
||||||
|
|||||||
Reference in New Issue
Block a user