mirror/php-tinyfilemanager
1
0
Fork 0
mirror of https://github.com/prasathmani/tinyfilemanager.git synced 2025-10-09 06:16:22 +02:00
Code Issues Releases Wiki Activity

Bring offline branch up to speed with master (#1037)

Browse Source 
* publish additional docker tags (#975)

* Update Romanian translations (#981)

* Update tinyfilemanager.php

* Prevent logout issue after page was cached (#1004)

Logout may not work otherwise, browser reloads cached page from disk instead of sending GET request ?logout=1 to server.

* tell git to always commit .php in unix-newlines (#1017)

so hopefully we don't get a repeat of https://github.com/prasathmani/tinyfilemanager/pull/994#issuecomment-1502035505

* Check if posix_getpwuid/posix_getgrgid calls were successful (#1023)

* use stream_copy_to_stream (#1014)

* use stream_copy_to_stream

it's simpler, and should be faster.
For example, stream_copy_to_stream can use sendfile ( https://man7.org/linux/man-pages/man2/sendfile.2.html ) on operating systems supporting it, which is faster and use less RAM than fread()+fwrite() (because it avoids copying data to/from userland, doing the copy entirely in-kernel~)

* fix loop early return, and workaround bug

* use feof

ref https://github.com/prasathmani/tinyfilemanager/issues/1016#issuecomment-1502081506

* added bengali translation (#1018)

* Fix upload of existing files (#1026)

* Fix typo. (#1028)

* login (Redirecting to Main domain of website instead of tfm.php) fix (#1031)

When logged in it takes to the website's main URL. For example, if I have tfm in www.example.com/tfm/index.php (index.php is tfm) then after logging in it redirects to www.example.com and then have to press back on the browser then it takes to www.example.com/tfm/index.php

* Add configurable path display modes for better privacy and clarity (#1034)

* Resize preview image and implement zoom in/out (#1036)

* Resize preview image and implement zoom in/out

* Remove redundant class name

---------

Co-authored-by: ssams <6338356+ssams@users.noreply.github.com>
Co-authored-by: Sergiu Bivol <sergiu@cip.md>
Co-authored-by: Prasath Mani <prasathmani@users.noreply.github.com>
Co-authored-by: divinity76 <divinity76@gmail.com>
Co-authored-by: Micha Ober <github@ober-mail.de>
Co-authored-by: Joy Biswas <74253956+joybiswas007@users.noreply.github.com>
Co-authored-by: Micha Ober <git@ober-mail.de>
Co-authored-by: Caleb Mazalevskis <maikuolan@gmail.com>
Co-authored-by: xololunatic <97784387+xololunatic@users.noreply.github.com>
Co-authored-by: DannyDaemonic <DannyDaemonic@gmail.com>
This commit is contained in:
ner0
2023-05-07 07:24:33 +01:00
committed by GitHub
parent e179367cbc
commit 15fc685f96
4 changed files with 240 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
tinyfilemanager.php
View File

@@ -4,7 +4,7 @@ $CONFIG = '{"lang":"en","error_reporting":false,"show_hidden":false,"hide_Cols":
/**
* H3K | Tiny File Manager V2.5.3
* @author Prasath Mani | CCP Programmers
* @author CCP Programmers
* @email ccpprogrammers@gmail.com
* @github https://github.com/prasathmani/tinyfilemanager
* @link https://tinyfilemanager.github.io
@@ -77,6 +77,12 @@ $iconv_input_encoding = 'UTF-8';
// Doc - https://www.php.net/manual/en/function.date.php
$datetime_format = 'm/d/Y g:i A';
// Path display mode when viewing file information
// 'full' => show full path
// 'relative' => show path relative to root_path
// 'host' => show path on the host
$path_display_mode = 'full';
// Allowed file extensions for create and rename files
// e.g. 'txt,html,css,js'
$allowed_file_extensions = '';
@@ -220,7 +226,7 @@ if (defined('FM_EMBED')) {
mb_regex_encoding('UTF-8');
}
session_cache_limiter('');
session_cache_limiter('nocache'); // Prevent logout issue after page was cached
session_name(FM_SESSION_ID );
function session_error_handling_function($code, $msg, $file, $line) {
// Permission denied for default session, try to create a new one
@@ -235,7 +241,7 @@ if (defined('FM_EMBED')) {
restore_error_handler();
}
//Genrating CSRF Token
//Generating CSRF Token
if (empty($_SESSION['token'])) {
$_SESSION['token'] = bin2hex(random_bytes(32));
}
@@ -320,11 +326,11 @@ if ($use_auth) {
if (isset($auth_users[$_POST['fm_usr']]) && isset($_POST['fm_pwd']) && password_verify($_POST['fm_pwd'], $auth_users[$_POST['fm_usr']]) && verifyToken($_POST['token'])) {
$_SESSION[FM_SESSION_ID]['logged'] = $_POST['fm_usr'];
fm_set_msg(lng('You are logged in'));
fm_redirect(FM_ROOT_URL);
fm_redirect(FM_SELF_URL);
} else {
unset($_SESSION[FM_SESSION_ID]['logged']);
fm_set_msg(lng('Login failed. Invalid username or password'), 'error');
fm_redirect(FM_ROOT_URL);
fm_redirect(FM_SELF_URL);
}
} else {
fm_set_msg(lng('password_hash not supported, Upgrade PHP version'), 'error');;
@@ -912,7 +918,6 @@ if (!empty($_FILES) && !FM_READONLY) {
echo json_encode($response); exit();
}
$override_file_name = false;
$chunkIndex = $_POST['dzchunkindex'];
$chunkTotal = $_POST['dztotalchunkcount'];
$fullPathInput = fm_clean_path($_REQUEST['fullpath']);
@@ -950,11 +955,6 @@ if (!empty($_FILES) && !FM_READONLY) {
$fullPath = $path . '/' . basename($fullPathInput);
$folder = substr($fullPath, 0, strrpos($fullPath, "/"));
if(file_exists ($fullPath) && !$override_file_name && !$chunks) {
$ext_1 = $ext ? '.'.$ext : '';
$fullPath = $path . '/' . basename($fullPathInput, $ext_1) .'_'. date('ymdHis'). $ext_1;
}
if (!is_dir($folder)) {
$old = umask(0);
mkdir($folder, 0777, true);
@@ -967,7 +967,12 @@ if (!empty($_FILES) && !FM_READONLY) {
if ($out) {
$in = @fopen($tmp_name, "rb");
if ($in) {
while ($buff = fread($in, 4096)) { fwrite($out, $buff); }
if (PHP_VERSION_ID < 80009) {
// workaround https://bugs.php.net/bug.php?id=81145
while (!feof($in)) { fwrite($out, fread($in, 4096)); }
} else {
stream_copy_to_stream($in, $out);
}
$response = array (
'status' => 'success',
'info' => "file upload successful"
@@ -995,7 +1000,13 @@ if (!empty($_FILES) && !FM_READONLY) {
}
if ($chunkIndex == $chunkTotal - 1) {
rename("{$fullPath}.part", $fullPath);
if (file_exists ($fullPath)) {
$ext_1 = $ext ? '.'.$ext : '';
$fullPathTarget = $path . '/' . basename($fullPathInput, $ext_1) .'_'. date('ymdHis'). $ext_1;
} else {
$fullPathTarget = $fullPath;
}
rename("{$fullPath}.part", $fullPathTarget);
}
} else if (move_uploaded_file($tmp_name, $fullPath)) {
@@ -1677,7 +1688,8 @@ if (isset($_GET['view'])) {
<div class="col-12">
<p class="break-word"><b><?php echo lng($view_title) ?> "<?php echo fm_enc(fm_convert_win($file)) ?>"</b></p>
<p class="break-word">
<strong>Full path:</strong> <?php echo fm_enc(fm_convert_win($file_path)) ?><br>
<?php $display_path = fm_get_display_path($file_path); ?>
<strong><?php echo $display_path['label']; ?>:</strong> <?php echo $display_path['path']; ?><br>
<strong>File size:</strong> <?php echo ($filesize_raw <= 1000) ? "$filesize_raw bytes" : $filesize; ?><br>
<strong>MIME-type:</strong> <?php echo $mime_type ?><br>
<?php
@@ -1776,7 +1788,7 @@ if (isset($_GET['view'])) {
} elseif ($is_image) {
// Image content
if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg', 'webp', 'avif'))) {
echo '<p><img src="' . fm_enc($file_url) . '" alt="image" class="preview-img-container" class="preview-img"></p>';
echo '<p><input type="checkbox" id="preview-img-zoomCheck"><label for="preview-img-zoomCheck"><img src="' . fm_enc($file_url) . '" alt="image" class="preview-img"></label></p>';
}
} elseif ($is_audio) {
// Audio content
@@ -1936,7 +1948,8 @@ if (isset($_GET['chmod']) && !FM_READONLY && !FM_IS_WIN) {
</h6>
<div class="card-body">
<p class="card-text">
Full path: <?php echo $file_path ?><br>
<?php $display_path = fm_get_display_path($file_path); ?>
<?php echo $display_path['label']; ?>: <?php echo $display_path['path']; ?><br>
</p>
<form action="" method="post">
<input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
@@ -2049,6 +2062,12 @@ $tableTheme = (FM_THEME == "dark") ? "text-white bg-dark table-dark" : "bg-white
if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
$owner = posix_getpwuid(fileowner($path . '/' . $f));
$group = posix_getgrgid(filegroup($path . '/' . $f));
if ($owner === false) {
$owner = array('name' => '?');
}
if ($group === false) {
$group = array('name' => '?');
}
} else {
$owner = array('name' => '?');
$group = array('name' => '?');
@@ -2102,6 +2121,12 @@ $tableTheme = (FM_THEME == "dark") ? "text-white bg-dark table-dark" : "bg-white
if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
$owner = posix_getpwuid(fileowner($path . '/' . $f));
$group = posix_getgrgid(filegroup($path . '/' . $f));
if ($owner === false) {
$owner = array('name' => '?');
}
if ($group === false) {
$group = array('name' => '?');
}
} else {
$owner = array('name' => '?');
$group = array('name' => '?');
@@ -2495,6 +2520,30 @@ function fm_get_parent_path($path)
return false;
}
function fm_get_display_path($file_path)
{
global $path_display_mode, $root_path, $root_url;
switch ($path_display_mode) {
case 'relative':
return array(
'label' => 'Path',
'path' => fm_enc(fm_convert_win(str_replace($root_path, '', $file_path)))
);
case 'host':
$relative_path = str_replace($root_path, '', $file_path);
return array(
'label' => 'Host Path',
'path' => fm_enc(fm_convert_win('/' . $root_url . '/' . ltrim(str_replace('\\', '/', $relative_path), '/')))
);
case 'full':
default:
return array(
'label' => 'Full Path',
'path' => fm_enc(fm_convert_win($file_path))
);
}
}
/**
* Check file is in exclude list
* @param string $file
@@ -3703,7 +3752,9 @@ $isStickyNavBar = $sticky_navbar ? 'navbar-fixed' : 'navbar-normal';
.message.ok { border-color:green;color:green }
.message.error { border-color:red;color:red }
.message.alert { border-color:orange;color:orange }
.preview-img { max-width:100%;max-height:80vh;background:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAAKklEQVR42mL5//8/Azbw+PFjrOJMDCSCUQ3EABZc4S0rKzsaSvTTABBgAMyfCMsY4B9iAAAAAElFTkSuQmCC) }
.preview-img { max-width:100%;max-height:80vh;background:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAAKklEQVR42mL5//8/Azbw+PFjrOJMDCSCUQ3EABZc4S0rKzsaSvTTABBgAMyfCMsY4B9iAAAAAElFTkSuQmCC);cursor:zoom-in }
input#preview-img-zoomCheck[type=checkbox] { display:none }
input#preview-img-zoomCheck[type=checkbox]:checked ~ label > img { max-width:none;max-height:none;cursor:zoom-out }
.inline-actions > a > i { font-size:1em;margin-left:5px;background:#3785c1;color:#fff;padding:3px 4px;border-radius:3px; }
.preview-video { position:relative;max-width:100%;height:0;padding-bottom:62.5%;margin-bottom:10px }
.preview-video video { position:absolute;width:100%;height:100%;left:0;top:0;background:#000 }