From 5b02c47f3ca8c6439cf293041fbf5773fb3f3031 Mon Sep 17 00:00:00 2001 From: Prasath Mani Date: Wed, 14 Nov 2018 17:07:16 +0530 Subject: [PATCH] - Login Page redesign - Error report suggestion #77 - Rename allowed based on FM_EXTENSION config - Tar file support added (create, open and extract tar) - Upload UI resdesign - Table header UI Redesign - Login user name and avatar added - Broken URL highlight.js #78 and #79 --- tinyfilemanager.php | 686 ++++++++++++++++++++++++++++---------------- 1 file changed, 445 insertions(+), 241 deletions(-) diff --git a/tinyfilemanager.php b/tinyfilemanager.php index e36c722..af4498f 100644 --- a/tinyfilemanager.php +++ b/tinyfilemanager.php @@ -59,8 +59,8 @@ $iconv_input_encoding = 'UTF-8'; // date() format for file modification date $datetime_format = 'd.m.y H:i'; -// allowed upload file extensions -$upload_extensions = ''; // 'gif,png,jpg' +// allowed file extensions for upload and rename +$allowed_extensions = ''; // 'gif,png,jpg' // Array of files and folders excluded from listing $GLOBALS['exclude_items'] = array(); @@ -68,8 +68,8 @@ $GLOBALS['exclude_items'] = array(); // Google Docs Viewer $GLOBALS['online_viewer'] = true; -// Turn off all error reporting -error_reporting(0); +// Turn on/off PHP error reporting +$report_errors = true; // false = Turns off Errors, true = Turns on Errors // include user config php file if (defined('FM_CONFIG') && is_file(FM_CONFIG)) { @@ -78,6 +78,14 @@ if (defined('FM_CONFIG') && is_file(FM_CONFIG)) { //--- EDIT BELOW CAREFULLY OR DO NOT EDIT AT ALL +if ($report_errors == true) { + @ini_set('error_reporting', E_ALL); + @ini_set('display_errors', 1); +} else { + @ini_set('error_reporting', E_ALL); + @ini_set('display_errors', 0); +} + // if fm included if (defined('FM_EMBED')) { $use_auth = false; @@ -146,23 +154,55 @@ if ($use_auth) { fm_show_header_login(); fm_show_message(); ?> -
- + + create($zipname, $files); + if($ext == 'zip') { + $zipper = new FM_Zipper(); + $res = $zipper->create($zipname, $files); + } elseif ($ext == 'tar') { + $tar = new FM_Zipper_Tar(); + $res = $tar->create($zipname, $files); + } if ($res) { fm_set_msg(sprintf('Archive %s created', fm_enc($zipname))); @@ -567,20 +610,28 @@ if (isset($_GET['unzip']) && !FM_READONLY) { $unzip = $_GET['unzip']; $unzip = fm_clean_path($unzip); $unzip = str_replace('/', '', $unzip); + $isValid = false; $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } - if (!class_exists('ZipArchive')) { + if ($unzip != '' && is_file($path . '/' . $unzip)) { + $zip_path = $path . '/' . $unzip; + $ext = pathinfo($zip_path, PATHINFO_EXTENSION); + $isValid = true; + } else { + fm_set_msg('File not found', 'error'); + } + + + if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) { fm_set_msg('Operations with archives are not available', 'error'); fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH)); } - if ($unzip != '' && is_file($path . '/' . $unzip)) { - $zip_path = $path . '/' . $unzip; - + if ($isValid) { //to folder $tofolder = ''; if (isset($_GET['tofolder'])) { @@ -590,8 +641,13 @@ if (isset($_GET['unzip']) && !FM_READONLY) { } } - $zipper = new FM_Zipper(); - $res = $zipper->unzip($zip_path, $path); + if($ext == "zip") { + $zipper = new FM_Zipper(); + $res = $zipper->unzip($zip_path, $path); + } elseif ($ext == "tar") { + $gzipper = new PharData($zip_path); + $res = $gzipper->extractTo($path); + } if ($res) { fm_set_msg('Archive unpacked'); @@ -724,16 +780,25 @@ if (isset($_GET['upload']) && !FM_READONLY) { }
-

Uploading files

-

Destination folder:

-
+

+ -
-

""

-

- Full path:
- File - size: = 1000): ?> () -
- MIME-type:
- +

+

""

+

+ Full path:
+ File + size: = 1000): ?> () +
+ MIME-type:
+ + Files in archive:
+ Total size:
+ Size in archive:
+ Compression: %
+ '; + } + // Text info + if ($is_text) { + $is_utf8 = fm_is_utf8($content); + if (function_exists('iconv')) { + if (!$is_utf8) { + $content = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $content); + } + } + echo 'Charset: ' . ($is_utf8 ? 'utf-8' : '8 bit') . '
'; } ?> - Files in archive:
- Total size:
- Size in archive:
- Compression: %
+

+

+ Download   + Open +   '; - } - // Text info - if ($is_text) { - $is_utf8 = fm_is_utf8($content); - if (function_exists('iconv')) { - if (!$is_utf8) { - $content = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $content); - } + // ZIP actions + if (!FM_READONLY && ($is_zip || $is_gzip) && $filenames !== false) { + $zip_name = pathinfo($file_path, PATHINFO_FILENAME); + ?> + UnZip   + + UnZip to folder   + '; + if ($is_text && !FM_READONLY) { + ?> + Edit   + Advanced Edit   + + Back +

+ '; + } elseif ($is_zip) { + // ZIP content + if ($filenames !== false) { + echo ''; + foreach ($filenames as $fn) { + if ($fn['folder']) { + echo '' . fm_enc($fn['name']) . '
'; + } else { + echo $fn['name'] . ' (' . fm_get_filesize($fn['filesize']) . ')
'; + } + } + echo '
'; + } else { + echo '

Error while fetching archive info

'; + } + } elseif ($is_image) { + // Image content + if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico'))) { + echo '

'; + } + } elseif ($is_audio) { + // Audio content + echo '

'; + } elseif ($is_video) { + // Video content + echo '
'; + } elseif ($is_text) { + if (FM_USE_HIGHLIGHTJS) { + // highlight + $hljs_classes = array( + 'shtml' => 'xml', + 'htaccess' => 'apache', + 'phtml' => 'php', + 'lock' => 'json', + 'svg' => 'xml', + ); + $hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext; + if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) { + $hljs_class = 'nohighlight'; + } + $content = '
' . fm_enc($content) . '
'; + } elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) { + // php highlight + $content = highlight_string($content, true); + } else { + $content = '
' . fm_enc($content) . '
'; + } + echo $content; } ?> -

-

- Download   - Open -   - - UnZip   - - UnZip to folder   - - Edit   - Advanced Edit   - - Back -

- '; - } elseif ($is_zip) { - // ZIP content - if ($filenames !== false) { - echo ''; - foreach ($filenames as $fn) { - if ($fn['folder']) { - echo '' . fm_enc($fn['name']) . '
'; - } else { - echo $fn['name'] . ' (' . fm_get_filesize($fn['filesize']) . ')
'; - } - } - echo '
'; - } else { - echo '

Error while fetching archive info

'; - } - } elseif ($is_image) { - // Image content - if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico'))) { - echo '

'; - } - } elseif ($is_audio) { - // Audio content - echo '

'; - } elseif ($is_video) { - // Video content - echo '
'; - } elseif ($is_text) { - if (FM_USE_HIGHLIGHTJS) { - // highlight - $hljs_classes = array( - 'shtml' => 'xml', - 'htaccess' => 'apache', - 'phtml' => 'php', - 'lock' => 'json', - 'svg' => 'xml', - ); - $hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext; - if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) { - $hljs_class = 'nohighlight'; - } - $content = '
' . fm_enc($content) . '
'; - } elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) { - // php highlight - $content = highlight_string($content, true); - } else { - $content = '
' . fm_enc($content) . '
'; - } - echo $content; - } - ?> +
- +
@@ -1334,8 +1402,10 @@ $all_files_size = 0;
  • Invert selection
  • Delete
  • -
  • +
  • Zip
  • +
  • + Tar
  • Copy
  • @@ -1421,6 +1491,13 @@ function fm_rchmod($path, $filemode, $dirmode) */ function fm_rename($old, $new) { + $allowed = (FM_EXTENSION) ? explode(',', FM_EXTENSION) : false; + + $ext = pathinfo($new, PATHINFO_EXTENSION); + $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; + + if(!$isFileAllowed) return false; + return (!file_exists($new) && file_exists($old)) ? rename($old, $new) : null; } @@ -1592,9 +1669,8 @@ function fm_get_filesize($size) * @param string $path * @return array|bool */ -function fm_get_zif_info($path) -{ - if (function_exists('zip_open')) { +function fm_get_zif_info($path, $ext) { + if ($ext == 'zip' && function_exists('zip_open')) { $arch = zip_open($path); if ($arch) { $filenames = array(); @@ -1612,6 +1688,23 @@ function fm_get_zif_info($path) zip_close($arch); return $filenames; } + } elseif($ext == 'tar' && class_exists('PharData')) { + $archive = new PharData($path); + $filenames = array(); + foreach(new RecursiveIteratorIterator($archive) as $file) { + $parent_info = $file->getPathInfo(); + $zip_name = str_replace("phar://".$path, '', $file->getPathName()); + $zip_name = substr($zip_name, ($pos = strpos($zip_name, '/')) !== false ? $pos + 1 : 0); + $zip_folder = $parent_info->getFileName(); + $zip_info = new SplFileInfo($file); + $filenames[] = array( + 'name' => $zip_name, + 'filesize' => $zip_info->getSize(), + 'compressed_size' => $file->getCompressedSize(), + 'folder' => $zip_folder + ); + } + return $filenames; } return false; } @@ -1626,45 +1719,6 @@ function fm_enc($text) return htmlspecialchars($text, ENT_QUOTES, 'UTF-8'); } -/** - * This function scans the files folder recursively, and builds a large array - * @param string $dir - * @return json - */ -function scan($dir) -{ - $files = array(); - $_dir = $dir; - $dir = FM_ROOT_PATH . '/' . $dir; - // Is there actually such a folder/file? - if (file_exists($dir)) { - foreach (scandir($dir) as $f) { - if (!$f || $f[0] == '.') { - continue; // Ignore hidden files - } - - if (is_dir($dir . '/' . $f)) { - // The path is a folder - $files[] = array( - "name" => $f, - "type" => "folder", - "path" => $_dir . '/' . $f, - "items" => scan($dir . '/' . $f), // Recursively get the contents of the folder - ); - } else { - // It is a file - $files[] = array( - "name" => $f, - "type" => "file", - "path" => $_dir, - "size" => filesize($dir . '/' . $f) // Gets the size of this file - ); - } - } - } - return $files; -} - /** * Save message in session * @param string $msg @@ -2061,6 +2115,105 @@ class FM_Zipper } } +/** + * Class to work with Tar files (using PharData) + */ +class FM_Zipper_Tar +{ + private $tar; + + public function __construct() + { + $this->tar = null; + } + + /** + * Create archive with name $filename and files $files (RELATIVE PATHS!) + * @param string $filename + * @param array|string $files + * @return bool + */ + public function create($filename, $files) + { + $this->tar = new PharData($filename); + if (is_array($files)) { + foreach ($files as $f) { + if (!$this->addFileOrDir($f)) { + return false; + } + } + return true; + } else { + if ($this->addFileOrDir($files)) { + return true; + } + return false; + } + } + + /** + * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS) + * @param string $filename + * @param string $path + * @return bool + */ + public function unzip($filename, $path) + { + $res = $this->tar->open($filename); + if ($res !== true) { + return false; + } + if ($this->tar->extractTo($path)) { + return true; + } + return false; + } + + /** + * Add file/folder to archive + * @param string $filename + * @return bool + */ + private function addFileOrDir($filename) + { + if (is_file($filename)) { + return $this->tar->addFile($filename); + } elseif (is_dir($filename)) { + return $this->addDir($filename); + } + return false; + } + + /** + * Add folder recursively + * @param string $path + * @return bool + */ + private function addDir($path) + { + $objects = scandir($path); + if (is_array($objects)) { + foreach ($objects as $file) { + if ($file != '.' && $file != '..') { + if (is_dir($path . '/' . $file)) { + if (!$this->addDir($path . '/' . $file)) { + return false; + } + } elseif (is_file($path . '/' . $file)) { + try { + $this->tar->addFile($path . '/' . $file); + } catch (Exception $e) { + return false; + } + } + } + } + return true; + } + return false; + } +} + //--- templates functions /** @@ -2072,7 +2225,7 @@ function fm_show_nav_path($path) global $lang; ?>