Update SECURITY.md

* Add JSON Parse Error Handling in Upload Script

* Update tinyfilemanager.php

* Update tinyfilemanager.php

.gitattributes

@@ -0,0 +1,2 @@
+*.php text eol=lf
+*.json text eol=lf

.github/workflows/PublishDocker.yml

@@ -13,7 +13,7 @@ jobs:
     steps:
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: |
             ${{ secrets.DOCKERHUB_USERNAME }}/tinyfilemanager
@@ -21,6 +21,8 @@ jobs:
             type=ref,event=branch
             type=ref,event=pr
             type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
       - name: Set up Docker Buildx
@@ -35,4 +37,5 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           push: true
-          tags: ${{ steps.meta.outputs.tags }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

Dockerfile

@@ -12,7 +12,7 @@ FROM php:7.4-cli-alpine
 # if run in China
 # RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
 
-RUN apk add \
+RUN apk add --no-cache \
     libzip-dev \
     oniguruma-dev
 

README.md

@@ -9,6 +9,8 @@
 
 > TinyFileManager is web based PHP file manager and it is a simple, fast and small size in single-file PHP file that can be dropped into any folder on your server, multi-language ready web application for storing, uploading, editing and managing files and folders online via web browser. The Application runs on PHP 5.5+, It allows the creation of multiple users and each user can have its own directory and a build-in support for managing text files with cloud9 IDE and it supports syntax highlighting for over 150+ languages and over 35+ themes.
 
+**Caution!** _Avoid utilizing this script as a standard file manager in public spaces. It is imperative to remove this script from the server after completing any tasks._
+
 ## Demo
 
 [Demo](https://tinyfilemanager.github.io/demo/)

SECURITY.md

@@ -4,7 +4,7 @@
 
 The team takes security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
 
-To report a security issue, email ccpprogrammers[at]gmail.com and include the word "SECURITY" in the subject line.
+To report a security issue, email ccpprogrammers[at]gmail[dot]com and include the word "SECURITY" in the subject line.
 
 The team will send a response indicating the next steps in handling your report. After the initial reply to your report you will be kept informed of the progress towards a fix and full announcement.
 

tinyfilemanager.php

@@ -4,8 +4,7 @@ $CONFIG = '{"lang":"en","error_reporting":false,"show_hidden":false,"hide_Cols":
 
 /**
  * H3K | Tiny File Manager V2.5.3
- * @author Prasath Mani | CCP Programmers
+ * @author CCP Programmers
- * @email ccpprogrammers@gmail.com
  * @github https://github.com/prasathmani/tinyfilemanager
  * @link https://tinyfilemanager.github.io
  */
@@ -77,6 +76,12 @@ $iconv_input_encoding = 'UTF-8';
 // Doc - https://www.php.net/manual/en/function.date.php
 $datetime_format = 'm/d/Y g:i A';
 
+// Path display mode when viewing file information
+// 'full' => show full path
+// 'relative' => show path relative to root_path
+// 'host' => show path on the host
+$path_display_mode = 'full';
+
 // Allowed file extensions for create and rename files
 // e.g. 'txt,html,css,js'
 $allowed_file_extensions = '';
@@ -95,7 +100,7 @@ $favicon_path = '';
 $exclude_items = array();
 
 // Online office Docs Viewer
-// Availabe rules are 'google', 'microsoft' or false
+// Available rules are 'google', 'microsoft' or false
 // Google => View documents using Google Docs Viewer
 // Microsoft => View documents using Microsoft Web Apps Viewer
 // false => disable online doc viewer
@@ -136,6 +141,13 @@ $ip_blacklist = array(
     '::'            // non-routable meta ipv6
 );
 
+// if User has the external config file, try to use it to override the default config above [config.php]
+// sample config - https://tinyfilemanager.github.io/config-sample.txt
+$config_file = __DIR__.'/config.php';
+if (is_readable($config_file)) {
+    @include($config_file);
+}
+
 // External CDN resources that can be used in the HTML (replace for GDPR compliance)
 $external = array(
     'css-bootstrap' => '<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-Zenh87qX5JnK2Jl0vWa8Ck2rdkQ2Bzep5IDxbcnCeuOxjzrPF/et3URy9Bv1WTRi" crossorigin="anonymous">',
@@ -152,13 +164,6 @@ $external = array(
     'pre-cloudflare' => '<link rel="preconnect" href="https://cdnjs.cloudflare.com" crossorigin/><link rel="dns-prefetch" href="https://cdnjs.cloudflare.com"/>'
 );
 
-// if User has the external config file, try to use it to override the default config above [config.php]
-// sample config - https://tinyfilemanager.github.io/config-sample.txt
-$config_file = __DIR__.'/config.php';
-if (is_readable($config_file)) {
-    @include($config_file);
-}
-
 // --- EDIT BELOW CAREFULLY OR DO NOT EDIT AT ALL ---
 
 // max upload file size
@@ -222,7 +227,7 @@ if (defined('FM_EMBED')) {
         mb_regex_encoding('UTF-8');
     }
 
-    session_cache_limiter('');
+    session_cache_limiter('nocache'); // Prevent logout issue after page was cached
     session_name(FM_SESSION_ID );
     function session_error_handling_function($code, $msg, $file, $line) {
         // Permission denied for default session, try to create a new one
@@ -237,9 +242,13 @@ if (defined('FM_EMBED')) {
     restore_error_handler();
 }
 
-//Genrating CSRF Token
+//Generating CSRF Token
 if (empty($_SESSION['token'])) {
-    $_SESSION['token'] = bin2hex(random_bytes(32));
+    if (function_exists('random_bytes')) {
+        $_SESSION['token'] = bin2hex(random_bytes(32));
+    } else {
+    	$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32));
+    }
 }
 
 if (empty($auth_users)) {
@@ -322,11 +331,11 @@ if ($use_auth) {
             if (isset($auth_users[$_POST['fm_usr']]) && isset($_POST['fm_pwd']) && password_verify($_POST['fm_pwd'], $auth_users[$_POST['fm_usr']]) && verifyToken($_POST['token'])) {
                 $_SESSION[FM_SESSION_ID]['logged'] = $_POST['fm_usr'];
                 fm_set_msg(lng('You are logged in'));
-                fm_redirect(FM_ROOT_URL);
+                fm_redirect(FM_SELF_URL);
             } else {
                 unset($_SESSION[FM_SESSION_ID]['logged']);
                 fm_set_msg(lng('Login failed. Invalid username or password'), 'error');
-                fm_redirect(FM_ROOT_URL);
+                fm_redirect(FM_SELF_URL);
             }
         } else {
             fm_set_msg(lng('password_hash not supported, Upgrade PHP version'), 'error');;
@@ -598,7 +607,7 @@ if ((isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_
         $use_curl = false;
         $temp_file = tempnam(sys_get_temp_dir(), "upload-");
         $fileinfo = new stdClass();
-        $fileinfo->name = trim(basename($url), ".\x00..\x20");
+        $fileinfo->name = trim(urldecode(basename($url)), ".\x00..\x20");
 
         $allowed = (FM_UPLOAD_EXTENSION) ? explode(',', FM_UPLOAD_EXTENSION) : false;
         $ext = strtolower(pathinfo($fileinfo->name, PATHINFO_EXTENSION));
@@ -770,7 +779,7 @@ if (isset($_GET['copy'], $_GET['finish']) && !FM_READONLY) {
                $loop_count++;
             }
             if (fm_rcopy($from, $fn_duplicate, False)) {
-                fm_set_msg(sprintf('Copyied from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($fn_duplicate)));
+                fm_set_msg(sprintf('Copied from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($fn_duplicate)));
             } else {
                 fm_set_msg(sprintf('Error while copying from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($fn_duplicate)), 'error');
             }
@@ -914,7 +923,6 @@ if (!empty($_FILES) && !FM_READONLY) {
         echo json_encode($response); exit();
     }
 
-    $override_file_name = false;
     $chunkIndex = $_POST['dzchunkindex'];
     $chunkTotal = $_POST['dztotalchunkcount'];
     $fullPathInput = fm_clean_path($_REQUEST['fullpath']);
@@ -949,14 +957,9 @@ if (!empty($_FILES) && !FM_READONLY) {
 
     $targetPath = $path . $ds;
     if ( is_writable($targetPath) ) {
-        $fullPath = $path . '/' . basename($fullPathInput);
+        $fullPath = $path . '/' . $fullPathInput;
         $folder = substr($fullPath, 0, strrpos($fullPath, "/"));
 
-        if(file_exists ($fullPath) && !$override_file_name && !$chunks) {
-            $ext_1 = $ext ? '.'.$ext : '';
-            $fullPath = $path . '/' . basename($fullPathInput, $ext_1) .'_'. date('ymdHis'). $ext_1;
-        }
-
         if (!is_dir($folder)) {
             $old = umask(0);
             mkdir($folder, 0777, true);
@@ -969,7 +972,20 @@ if (!empty($_FILES) && !FM_READONLY) {
                 if ($out) {
                     $in = @fopen($tmp_name, "rb");
                     if ($in) {
-                        while ($buff = fread($in, 4096)) { fwrite($out, $buff); }
+                        if (PHP_VERSION_ID < 80009) {
+                            // workaround https://bugs.php.net/bug.php?id=81145
+                            do {
+                                for (;;) {
+                                    $buff = fread($in, 4096);
+                                    if ($buff === false || $buff === '') {
+                                        break;
+                                    }
+                                    fwrite($out, $buff);
+                                }
+                            } while (!feof($in));
+                        } else {
+                            stream_copy_to_stream($in, $out);
+                        }
                         $response = array (
                             'status'    => 'success',
                             'info' => "file upload successful"
@@ -997,7 +1013,13 @@ if (!empty($_FILES) && !FM_READONLY) {
                 }
 
                 if ($chunkIndex == $chunkTotal - 1) {
-                    rename("{$fullPath}.part", $fullPath);
+                    if (file_exists ($fullPath)) {
+                        $ext_1 = $ext ? '.'.$ext : '';
+                        $fullPathTarget = $path . '/' . basename($fullPathInput, $ext_1) .'_'. date('ymdHis'). $ext_1;
+                    } else {
+                        $fullPathTarget = $fullPath;
+                    }
+                    rename("{$fullPath}.part", $fullPathTarget);
                 }
 
             } else if (move_uploaded_file($tmp_name, $fullPath)) {
@@ -1375,10 +1397,14 @@ if (isset($_GET['upload']) && !FM_READONLY) {
                         toast('Error: Server Timeout');
                     });
                 }).on("success", function (res) {
-                    let _response = JSON.parse(res.xhr.response);
+                    try {
+                        let _response = JSON.parse(res.xhr.response);
 
-                    if(_response.status == "error") {
+                        if(_response.status == "error") {
-                        toast(_response.info);
+                            toast(_response.info);
+                        }
+                    } catch (e) {
+                        toast("Error: Invalid JSON response");
                     }
                 }).on("error", function(file, response) {
                     toast(response);
@@ -1624,7 +1650,7 @@ if (isset($_GET['view'])) {
     $file = $_GET['view'];
     $file = fm_clean_path($file, false);
     $file = str_replace('/', '', $file);
-    if ($file == '' || !is_file($path . '/' . $file) || in_array($file, $GLOBALS['exclude_items'])) {
+    if ($file == '' || !is_file($path . '/' . $file) || !fm_is_exclude_items($file)) {
         fm_set_msg(lng('File not found'), 'error');
         $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
     }
@@ -1679,7 +1705,8 @@ if (isset($_GET['view'])) {
         <div class="col-12">
             <p class="break-word"><b><?php echo lng($view_title) ?> "<?php echo fm_enc(fm_convert_win($file)) ?>"</b></p>
             <p class="break-word">
-                <strong>Full path:</strong> <?php echo fm_enc(fm_convert_win($file_path)) ?><br>
+                <?php $display_path = fm_get_display_path($file_path); ?>
+                <strong><?php echo $display_path['label']; ?>:</strong> <?php echo $display_path['path']; ?><br>
                 <strong>File size:</strong> <?php echo ($filesize_raw <= 1000) ? "$filesize_raw bytes" : $filesize; ?><br>
                 <strong>MIME-type:</strong> <?php echo $mime_type ?><br>
                 <?php
@@ -1705,7 +1732,7 @@ if (isset($_GET['view'])) {
                 // Image info
                 if ($is_image) {
                     $image_size = getimagesize($file_path);
-                    echo lng('Image sizes').': ' . (isset($image_size[0]) ? $image_size[0] : '0') . ' x ' . (isset($image_size[1]) ? $image_size[1] : '0') . '<br>';
+                    echo '<strong>'.lng('Image size').':</strong> ' . (isset($image_size[0]) ? $image_size[0] : '0') . ' x ' . (isset($image_size[1]) ? $image_size[1] : '0') . '<br>';
                 }
                 // Text info
                 if ($is_text) {
@@ -1778,7 +1805,7 @@ if (isset($_GET['view'])) {
             } elseif ($is_image) {
                 // Image content
                 if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg', 'webp', 'avif'))) {
-                    echo '<p><img src="' . fm_enc($file_url) . '" alt="image" class="preview-img-container" class="preview-img"></p>';
+                    echo '<p><input type="checkbox" id="preview-img-zoomCheck"><label for="preview-img-zoomCheck"><img src="' . fm_enc($file_url) . '" alt="image" class="preview-img"></label></p>';
                 }
             } elseif ($is_audio) {
                 // Audio content
@@ -1822,7 +1849,7 @@ if (isset($_GET['edit']) && !FM_READONLY) {
     $file = $_GET['edit'];
     $file = fm_clean_path($file, false);
     $file = str_replace('/', '', $file);
-    if ($file == '' || !is_file($path . '/' . $file) || in_array($file, $GLOBALS['exclude_items'])) {
+    if ($file == '' || !is_file($path . '/' . $file) || !fm_is_exclude_items($file)) {
         fm_set_msg(lng('File not found'), 'error');
         $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
     }
@@ -1938,7 +1965,8 @@ if (isset($_GET['chmod']) && !FM_READONLY && !FM_IS_WIN) {
             </h6>
             <div class="card-body">
                 <p class="card-text">
-                    Full path: <?php echo $file_path ?><br>
+                    <?php $display_path = fm_get_display_path($file_path); ?>
+                    <?php echo $display_path['label']; ?>: <?php echo $display_path['path']; ?><br>
                 </p>
                 <form action="" method="post">
                     <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
@@ -2051,6 +2079,12 @@ $tableTheme = (FM_THEME == "dark") ? "text-white bg-dark table-dark" : "bg-white
                 if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
                     $owner = posix_getpwuid(fileowner($path . '/' . $f));
                     $group = posix_getgrgid(filegroup($path . '/' . $f));
+                    if ($owner === false) {
+                        $owner = array('name' => '?');
+                    }
+                    if ($group === false) {
+                        $group = array('name' => '?');
+                    }
                 } else {
                     $owner = array('name' => '?');
                     $group = array('name' => '?');
@@ -2104,6 +2138,12 @@ $tableTheme = (FM_THEME == "dark") ? "text-white bg-dark table-dark" : "bg-white
                 if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
                     $owner = posix_getpwuid(fileowner($path . '/' . $f));
                     $group = posix_getgrgid(filegroup($path . '/' . $f));
+                    if ($owner === false) {
+                        $owner = array('name' => '?');
+                    }
+                    if ($group === false) {
+                        $group = array('name' => '?');
+                    }
                 } else {
                     $owner = array('name' => '?');
                     $group = array('name' => '?');
@@ -2212,7 +2252,6 @@ fm_show_footer();
 /**
  * It prints the css/js files into html
  * @param key The key of the external file to print.
- * @return The value of the key in the  array.
  */
 function print_external($key) {
     global $external;
@@ -2227,7 +2266,7 @@ function print_external($key) {
 }
 
 /**
- * Verify CSRF TOKEN and remove after cerify
+ * Verify CSRF TOKEN and remove after certified
  * @param string $token
  * @return bool
  */
@@ -2497,6 +2536,30 @@ function fm_get_parent_path($path)
     return false;
 }
 
+function fm_get_display_path($file_path)
+{
+    global $path_display_mode, $root_path, $root_url;
+    switch ($path_display_mode) {
+        case 'relative':
+            return array(
+                'label' => 'Path',
+                'path' => fm_enc(fm_convert_win(str_replace($root_path, '', $file_path)))
+            );
+        case 'host':
+            $relative_path = str_replace($root_path, '', $file_path);
+            return array(
+                'label' => 'Host Path',
+                'path' => fm_enc(fm_convert_win('/' . $root_url . '/' . ltrim(str_replace('\\', '/', $relative_path), '/')))
+            );
+        case 'full':
+        default:
+            return array(
+                'label' => 'Full Path',
+                'path' => fm_enc(fm_convert_win($file_path))
+            );
+    }
+}
+
 /**
  * Check file is in exclude list
  * @param string $file
@@ -2791,6 +2854,7 @@ function fm_get_file_icon_class($path)
         case 'map':
         case 'lock':
         case 'dtd':
+        case 'ps1':
             $img = 'fa fa-file-code-o';
             break;
         case 'txt':
@@ -2817,12 +2881,18 @@ function fm_get_file_icon_class($path)
             $img = 'fa fa-css3';
             break;
         case 'bz2':
+        case 'tbz2':
+        case 'tbz':
         case 'zip':
         case 'rar':
         case 'gz':
+        case 'tgz':
         case 'tar':
         case '7z':
         case 'xz':
+        case 'txz':
+        case 'zst':
+        case 'tzst':
             $img = 'fa fa-file-archive-o';
             break;
         case 'php':
@@ -2977,7 +3047,7 @@ function fm_get_text_exts()
         'eml', 'msg', 'csv', 'bat', 'twig', 'tpl', 'md', 'gitignore', 'less', 'sass', 'scss', 'c', 'cpp', 'cs', 'py', 'go', 'zsh', 'swift',
         'map', 'lock', 'dtd', 'svg', 'asp', 'aspx', 'asx', 'asmx', 'ashx', 'jsp', 'jspx', 'cgi', 'dockerfile', 'ruby', 'yml', 'yaml', 'toml',
         'vhost', 'scpt', 'applescript', 'csx', 'cshtml', 'c++', 'coffee', 'cfm', 'rb', 'graphql', 'mustache', 'jinja', 'http', 'handlebars',
-        'java', 'es', 'es6', 'markdown', 'wiki', 'tmp', 'top', 'bot', 'dat', 'bak', 'htpasswd', 'pl'
+        'java', 'es', 'es6', 'markdown', 'wiki', 'tmp', 'top', 'bot', 'dat', 'bak', 'htpasswd', 'pl', 'ps1'
     );
 }
 
@@ -3507,7 +3577,7 @@ function fm_show_nav_path($path)
                 <ul class="navbar-nav justify-content-end <?php echo fm_get_theme();  ?>">
                     <li class="nav-item mr-2">
                         <div class="input-group input-group-sm mr-1" style="margin-top:4px;">
-                            <input type="text" class="form-control" placeholder="<?php echo lng('Filter') ?>" aria-label="<?php echo lng('Search') ?>" aria-describedby="search-addon2" id="search-addon">
+                            <input type="text" class="form-control" placeholder="<?php echo lng('Search') ?>" aria-label="<?php echo lng('Search') ?>" aria-describedby="search-addon2" id="search-addon">
                             <div class="input-group-append">
                                 <span class="input-group-text brl-0 brr-0" id="search-addon2"><i class="fa fa-search"></i></span>
                             </div>
@@ -3705,7 +3775,9 @@ $isStickyNavBar = $sticky_navbar ? 'navbar-fixed' : 'navbar-normal';
         .message.ok { border-color:green;color:green  }
         .message.error { border-color:red;color:red  }
         .message.alert { border-color:orange;color:orange  }
-        .preview-img { max-width:100%;max-height:80vh;background:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAAKklEQVR42mL5//8/Azbw+PFjrOJMDCSCUQ3EABZc4S0rKzsaSvTTABBgAMyfCMsY4B9iAAAAAElFTkSuQmCC) }
+        .preview-img { max-width:100%;max-height:80vh;background:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAAKklEQVR42mL5//8/Azbw+PFjrOJMDCSCUQ3EABZc4S0rKzsaSvTTABBgAMyfCMsY4B9iAAAAAElFTkSuQmCC);cursor:zoom-in }
+        input#preview-img-zoomCheck[type=checkbox] { display:none }
+        input#preview-img-zoomCheck[type=checkbox]:checked ~ label > img { max-width:none;max-height:none;cursor:zoom-out }
         .inline-actions > a > i { font-size:1em;margin-left:5px;background:#3785c1;color:#fff;padding:3px 4px;border-radius:3px; }
         .preview-video { position:relative;max-width:100%;height:0;padding-bottom:62.5%;margin-bottom:10px  }
         .preview-video video { position:absolute;width:100%;height:100%;left:0;top:0;background:#000  }
@@ -4118,7 +4190,7 @@ $isStickyNavBar = $sticky_navbar ? 'navbar-fixed' : 'navbar-normal';
             if(_data && _data.fontSize) { $fontSizeEl.html(optionNode("", _data.fontSize)); }
             $modeEl.val( editor.getSession().$modeId );
             $themeEl.val( editor.getTheme() );
-            $fontSizeEl.val(12).change(); //set default font size in drop down
+            $(function() { $fontSizeEl.val(12).change(); }); //set default font size in drop down
         }
 
         $(function(){
@@ -4225,6 +4297,8 @@ function lng($txt) {
     $tr['en']['Invalid characters in file or folder name']      = 'Invalid characters in file or folder name';
     $tr['en']['Operations with archives are not available']     = 'Operations with archives are not available';
     $tr['en']['File or folder with this path already exists']   = 'File or folder with this path already exists';
+    $tr['en']['Are you sure want to rename?']                   = 'Are you sure want to rename?';
+    $tr['en']['Are you sure want to']                           = 'Are you sure want to';
 
     $i18n = fm_get_translations($tr);
     $tr = $i18n ? $i18n : $tr;

translation.json

@@ -8,79 +8,79 @@
       "translation": {
         "AppName": "Tiny File Manager",
         "AppTitle": "Titlu aplicație",
-        "Login": "Logare",
+        "Login": "Autentificare",
         "Username": "Nume utilizator",
-        "Password": "Parola",
+        "Password": "Parolă",
-        "Logout": "Delogare",
+        "Logout": "Ieșire",
         "Move": "Mută",
         "Copy": "Copiază",
         "Save": "Salvează",
-        "SelectAll": "Selectează Tot",
+        "SelectAll": "Selectează tot",
-        "UnSelectAll": "Deselectează Tot",
+        "UnSelectAll": "Deselectează tot",
         "File": "Fișier",
         "Back": "Înapoi",
-        "Size": "Mărime",
+        "Size": "Dimensiune",
         "Perms": "Permisiuni",
         "Modified": "Modificat",
-        "Owner": "Titular",
+        "Owner": "Proprietar",
         "Search": "Caută",
         "NewItem": "Nou",
         "Folder": "Dosar",
         "Delete": "Șterge",
         "Rename": "Redenumește",
-        "CopyTo": "Copiază În",
+        "CopyTo": "Copiază în",
-        "DirectLink": "Link Direct",
+        "DirectLink": "Legătură directă",
-        "UploadingFiles": "Încarcă Fișiere",
+        "UploadingFiles": "Se încarcă fișiere",
-        "ChangePermissions": "Schimbă Permisiuni",
+        "ChangePermissions": "Schimbă permisiunile",
-        "Copying": "Copiază",
+        "Copying": "Se copiază",
-        "CreateNewItem": "Creează Obiect Nou",
+        "CreateNewItem": "Creează element nou",
-        "Name": "Nume",
+        "Name": "Denumire",
-        "AdvancedEditor": "Editor Avansat",
+        "AdvancedEditor": "Redactor avansat",
-        "RememberMe": "Ține-mă Minte",
+        "RememberMe": "Ține-mă minte",
         "Actions": "Acțiuni",
         "Upload": "Încarcă",
         "Cancel": "Anulează",
-        "InvertSelection": "Selectare Inversă",
+        "InvertSelection": "Inversează selecția",
-        "DestinationFolder": "Dosar Destinație",
+        "DestinationFolder": "Dosar destinație",
-        "ItemType": "Tip Obiect",
+        "ItemType": "Tip element",
-        "ItemName": "Nume obiect",
+        "ItemName": "Denumire element",
-        "CreateNow": "Creează Acum",
+        "CreateNow": "Creează acum",
         "Download": "Descarcă",
         "Open": "Deschide",
         "UnZip": "Decomprimă",
-        "UnZipToFolder": "Decomprimă în Dosar",
+        "UnZipToFolder": "Decomprimă în dosar",
-        "Edit": "Editează",
+        "Edit": "Modifică",
-        "NormalEditor": "Editor Standard",
+        "NormalEditor": "Redactor standard",
-        "BackUp": "Copie de Siguranță",
+        "BackUp": "Copie de rezervă",
-        "SourceFolder": "Dosar Sursă",
+        "SourceFolder": "Dosar sursă",
         "Files": "Fișiere",
         "Change": "Schimbă",
-        "Settings": "Setari",
+        "Settings": "Configurări",
         "Language": "Limba",
-        "MemoryUsed": "Memorie Utilizată",
+        "MemoryUsed": "Memorie utilizată",
-        "PartitionSize": "Dimensiune Partiție",
+        "PartitionSize": "Dimensiune partiție",
-        "ErrorReporting": "Raportare de Erori",
+        "ErrorReporting": "Raportare erori",
-        "ShowHiddenFiles": "Arată Fișiere Ascunse",
+        "ShowHiddenFiles": "Arată fișiere ascunse",
-        "Full size": "Dimensiune Totală",
+        "Full size": "Dimensiune totală",
         "Help": "Ajutor",
         "Free of": "Liber din",
         "Preview": "Previzualizează",
         "Help Documents": "Documentație",
-        "Report Issue": "Raportează o Problemă",
+        "Report Issue": "Raportează defect",
         "Generate": "Generează",
-        "FullSize": "Mărime Maximă",
+        "FullSize": "Dimensiune completă",
         "FreeOf": "Liber din",
-        "CalculateFolderSize": "Calculează spațiul acupat de dosar",
+        "CalculateFolderSize": "Calculează dimensiunea dosarului",
-        "ProcessID": "Id instanță",
+        "ProcessID": "Id. proces",
         "Created": "Creat",
-        "HideColumns": "Ascunde Coloanele",
+        "HideColumns": "Ascunde coloanele",
         "Folder is empty": "Dosarul este gol",
         "Check Latest Version": "Verifică ultima versiune",
         "Generate new password hash": "Generează hash nou parolă",
-        "You are logged in": "Sunteti logat/ă",
+        "You are logged in": "Sunteți autentificat",
-        "Login failed. Invalid username or password": "Autentificare eșuată. Credențialele nu sunt valide (utilizator/parolă)",
+        "Login failed. Invalid username or password": "Autentificare eșuată. Utilizator sau parolă incorecte",
-        "password_hash not supported, Upgrade PHP version": "Generare hash parolă nesuportată, actualizați interpretorul PHP de pe server",
+        "password_hash not supported, Upgrade PHP version": "Generare hash parolă nesuportată, actualizați versiunea de PHP",
-        "Theme": "Tema",
+        "Theme": "Tematică",
         "dark": "Întunecată",
         "light": "Luminoasă"
       }
@@ -1512,7 +1512,9 @@
         "Moved from": "Movido de",
         "Created": "Criado",
         "You are logged in": "Você está logado",
-        "Login failed. Invalid username or password": "Falha na autenticação. nome de usuário ou senha inválidos"
+        "Login failed. Invalid username or password": "Falha na autenticação. nome de usuário ou senha inválidos",
+        "Are you sure want to rename?": "Tem certeza de que deseja renomear?",
+        "Are you sure want to": "Tem certeza de que deseja"
       }
     },
     {
@@ -2532,14 +2534,14 @@
         "Operations with archives are not available": "Bewerkingen met archieven zijn niet beschikbaar",
         "File or folder with this path already exists": "Bestand of map met dit pad bestaat al",
         "Moved from": "Verplaatst van",
-        "a files": "bestanden",  
+        "a files": "bestanden",
         "Okay": "OK",
         "Enter here...": "Voer hier in...",
-        "Enter new file name": "Voer nieuwe bestandsnaam in:",  
+        "Enter new file name": "Voer nieuwe bestandsnaam in:",
         "Full path": "Volledig path",
         "File size": "Bestandsgrootte",
         "Image sizes": "Afbeeldingsgrootte",
-        "Charset": "Karakterset", 
+        "Charset": "Karakterset",
         "Image": "Afbeelding",
         "Audio": "Audio",
         "Video": "Video",
@@ -2547,16 +2549,18 @@
         "Files in archive": "Bestanden in archief",
         "Total size": "Totale grootte",
         "Compression": "Compressie",
-        "Size in archive": "Grootte in archief",  
+        "Size in archive": "Grootte in archief",
         "Invalid Token.": "Ongeldig token",
-        "Fullscreen": "Volledig scherm",      
+        "Fullscreen": "Volledig scherm",
         "Undo": "Ongedaan maken",
         "Redo": "Opnieuw doen",
-        "Theme": "Thema",  
+        "Theme": "Thema",
         "Select Theme": "Kies thema",
-        "Select Font Size": "Kies fontgrootte",  
+        "Select Font Size": "Kies fontgrootte",
-        "Are you sure want to rename?": "Weet u zeker dat u de naam wilt wijzigen?",  
+        "Are you sure want to rename?": "Weet u zeker dat u de naam wilt wijzigen?",
-        "Are you sure want to": "Verder gaan met"
+        "Are you sure want to": "Verder gaan met",
+        "dark": "donker",
+        "light": "licht"
       }
     },
     {
@@ -2682,6 +2686,130 @@
         "password_hash not supported, Upgrade PHP version": "password_hash er ikke understøttet, opgrader PHP-versionen",
         "to": "til"
       }
+    },
+    {
+      "name": "Bengali",
+      "code": "bn",
+      "translation": {
+        "Access denied. IP restriction applicable": "অ্যাক্সেস অস্বীকার করা হয়েছে৷ আইপি সীমাবদ্ধতা প্রযোজ্য",
+        "Actions": "একশন্স",
+        "Advanced Search": "উন্নত অনুসন্ধান",
+        "AdvancedEditor": "উন্নত এডিটর",
+        "AppTitle": "ফাইল ম্যানেজার",
+        "Archive not created": "আর্কাইভ তৈরি করা হয়নি",
+        "Archive not unpacked": "আর্কাইভ প্যাক করা হয়নি",
+        "Archive unpacked": "আর্কাইভ আনপ্যাক",
+        "Archive": "আর্কাইভ",
+        "Back": "পেছনে",
+        "BackUp": "ব্যাকআপ",
+        "CalculateFolderSize": "ফোল্ডার সাইজ গণনা করুন",
+        "Cancel": "বাতিল করুন",
+        "Change": "পরিবর্তন",
+        "ChangePermissions": "অনুমতি পরিবর্তন করুন",
+        "Check Latest Version": "সর্বশেষ সংস্করণ পরীক্ষা করুন",
+        "Copied from": "থেকে কপি করা হয়েছে",
+        "Copy": "কপি",
+        "CopyTo": "কপি করুন",
+        "Copying": "কপি করা হচ্ছে",
+        "Create archive?": "নতুন আর্কাইভ তৈরি করুন",
+        "CreateNewItem": "নতুন আইটেম তৈরি করুন",
+        "CreateNow": "এখন তৈরি করুন",
+        "Created": "তৈরি করা হয়েছে",
+        "Delete selected files and folders?": "নির্বাচিত ফাইল এবং ফোল্ডার মুছবেন?",
+        "Delete": "মুছে ফেলা",
+        "Deleted": "মুছে ফেলা হয়েছে",
+        "DestinationFolder": "গন্তব্য ফোল্ডার",
+        "DirectLink": "সরাসরি লিঙ্ক",
+        "Download": "ডাউনলোড",
+        "Edit": "এডিট",
+        "Error while copying from": "থেকে কপি করার সময় ত্রুটি",
+        "Error while deleting items": "থেকে মুছে ফেলার সময় ত্রুটি",
+        "Error while fetching archive info": "আর্কাইভ তথ্য আনার সময় ত্রুটি",
+        "Error while moving from": "থেকে সরানোর সময় ত্রুটি",
+        "Error while renaming from": "থেকে নাম পরিবর্তন করার সময় ত্রুটি",
+        "ErrorReporting": "এরর রিপোর্টিং",
+        "Execute": "এক্সিকিউট",
+        "FILE EXTENSION HAS NOT SUPPORTED": "ফাইল এক্সটেনশন সমর্থিত নয়",
+        "File Saved Successfully": "ফাইল সফলভাবে সংরক্ষিত হয়েছে৷",
+        "File extension is not allowed": "ফাইল এক্সটেনশন অনুমোদিত নয়",
+        "File not found": "ফাইল পাওয়া যায়নি",
+        "File or folder with this path already exists": "এই পথ সহ ফাইল বা ফোল্ডার ইতিমধ্যেই বিদ্যমান",
+        "File": "ফাইল",
+        "Files": "ফাইলস",
+        "Folder is empty": "ফোল্ডার খালি",
+        "Folder": "ফোল্ডার",
+        "FreeOf": "মুক্ত",
+        "FullSize": "ফুল সাইজ",
+        "Generate new password hash": "নতুন পাসওয়ার্ড হ্যাশ তৈরি করুন",
+        "Generate": "উৎপন্ন",
+        "Group": "গ্রুপ",
+        "Help Documents": "হেল্প ডকুমেন্টস",
+        "Help": "সাহায্য",
+        "HideColumns": "কলাম লুকান",
+        "Invalid characters in file name": "ফাইলের নামে অবৈধ অক্ষর",
+        "Invalid characters in file or folder name": "ফাইল বা ফোল্ডার নামের অবৈধ অক্ষর",
+        "Invalid file or folder name": "অবৈধ ফাইল বা ফোল্ডারের নাম",
+        "InvertSelection": "উল্টে নির্বাচন করুন",
+        "ItemName": "আইটেম নাম",
+        "ItemType": "আইটেম ধরন",
+        "Language": "ভাষা",
+        "Login failed. Invalid username or password": "লগইন ব্যর্থ. অবৈধ ব্যবহারকারীর নাম বা পাসওয়ার্ড",
+        "Login": "লগইন",
+        "Logout": "লগআউট",
+        "Modified": "পরিবর্তিত",
+        "Move": "সরান",
+        "Moved from": "থেকে সরানো",
+        "Name": "নাম",
+        "NewItem": "নতুন আইটেম",
+        "NormalEditor": "সাধারণ এডিটর",
+        "Nothing selected": "কিছুই নির্বাচিত নয়",
+        "Open": "খোলা",
+        "Operations with archives are not available": "আর্কাইভ সহ অপারেশন পাওয়া যায়নি",
+        "Other": "অন্যান্য",
+        "Owner": "মালিক",
+        "PartitionSize": "পার্টিশনের মাপ",
+        "Password": "পাসওয়ার্ড",
+        "Paths must be not equal": "পথ সমান হতে হবে না",
+        "Permissions changed": "অনুমতি পরিবর্তন",
+        "Permissions not changed": "অনুমতি পরিবর্তন করা হয়নি",
+        "Perms": "পারমস",
+        "Preview": "পূর্বরূপ",
+        "Read": "পড়ুন",
+        "Rename": "নাম পরিবর্তন করা হয়েছে",
+        "Renamed from": "থেকে নাম পরিবর্তন করা হয়েছে",
+        "Report Issue": "ইস্যুস রিপোর্ট করুন",
+        "Root path": "রুট পথ",
+        "Save": "সংরক্ষণ",
+        "Search file in folder and subfolders...": "ফোল্ডার এবং সাবফোল্ডারে ফাইল অনুসন্ধান করুন...",
+        "Search": "অনুসন্ধান করুন",
+        "Select folder": "ফোল্ডার নির্বাচন করুন",
+        "SelectAll": "সব নির্বাচন করুন",
+        "Selected files and folder deleted": "নির্বাচিত ফাইল এবং ফোল্ডার মুছে ফেলা হয়েছে",
+        "Settings": "সেটিংস",
+        "ShowHiddenFiles": "গোপন ফাইলগুলো দেখুন",
+        "Size": "সাইজ",
+        "Source path not defined": "সোর্স পথ সংজ্ঞায়িত করা হয়নি",
+        "SourceFolder": "সোর্স ফোল্ডার",
+        "Tar": "টার",
+        "Theme": "থিম",
+        "UnSelectAll": "সরিয়ে ফেলুন সব",
+        "UnZip": "আনজিপ করুন",
+        "UnZipToFolder": "ফোল্ডারে আনজিপ",
+        "Upload": "আপলোড",
+        "UploadingFiles": "ফাইল আপলোড করা হচ্ছে",
+        "Username": "ব্যবহারকারীর নাম",
+        "Write": "লিখুন",
+        "You are logged in": "আপনি লগ ইন করছেন",
+        "Zip": "জিপ",
+        "already exists": "আগে থেকেই আছে",
+        "dark": "ডার্ক",
+        "light": "লাইট",
+        "not created": "তৈরি করা হয়নি",
+        "not deleted": "মুছে ফেলা হয়নি",
+        "not found!": "পাওয়া যায় নি!",
+        "password_hash not supported, Upgrade PHP version": "পাসওয়ার্ড_হ্যাশ সমর্থিত নয়, পিএইচপি ভার্সন আপগ্রেড করুন",
+        "to": "to"
+      }
     }
   ]
 }