File "file.php"
Full Path: /home/asmplong/www/ancien-site-2019/poc/administrator/components/com_media/controllers/file.php
File size: 5.39 KB
MIME-type: text/x-php
Charset: utf-8
<?php
/**
* @version $Id: file.php 11713 2009-03-27 09:18:26Z willebil $
* @package Joomla
* @subpackage Content
* @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant to the
* GNU General Public License, and as distributed it includes or is derivative
* of works licensed under the GNU General Public License or other free or open
* source software licenses. See COPYRIGHT.php for copyright notices and
* details.
*/
// Check to ensure this file is included in Joomla!
defined('_JEXEC') or die( 'Restricted access' );
jimport('joomla.filesystem.file');
jimport('joomla.filesystem.folder');
/**
* Weblinks Weblink Controller
*
* @package Joomla
* @subpackage Weblinks
* @since 1.5
*/
class MediaControllerFile extends MediaController
{
/**
* Upload a file
*
* @since 1.5
*/
function upload()
{
global $mainframe;
// Check for request forgeries
JRequest::checkToken( 'request' ) or jexit( 'Invalid Token' );
$file = JRequest::getVar( 'Filedata', '', 'files', 'array' );
$folder = JRequest::getVar( 'folder', '', '', 'path' );
$format = JRequest::getVar( 'format', 'html', '', 'cmd');
$return = JRequest::getVar( 'return-url', null, 'post', 'base64' );
$err = null;
// Set FTP credentials, if given
jimport('joomla.client.helper');
JClientHelper::setCredentialsFromRequest('ftp');
// Make the filename safe
jimport('joomla.filesystem.file');
$file['name'] = JFile::makeSafe($file['name']);
if (isset($file['name'])) {
$filepath = JPath::clean(COM_MEDIA_BASE.DS.$folder.DS.strtolower($file['name']));
if (!MediaHelper::canUpload( $file, $err )) {
if ($format == 'json') {
jimport('joomla.error.log');
$log = &JLog::getInstance('upload.error.php');
$log->addEntry(array('comment' => 'Invalid: '.$filepath.': '.$err));
header('HTTP/1.0 415 Unsupported Media Type');
jexit('Error. Unsupported Media Type!');
} else {
JError::raiseNotice(100, JText::_($err));
// REDIRECT
if ($return) {
$mainframe->redirect(base64_decode($return).'&folder='.$folder);
}
return;
}
}
if (JFile::exists($filepath)) {
if ($format == 'json') {
jimport('joomla.error.log');
$log = &JLog::getInstance('upload.error.php');
$log->addEntry(array('comment' => 'File already exists: '.$filepath));
header('HTTP/1.0 409 Conflict');
jexit('Error. File already exists');
} else {
JError::raiseNotice(100, JText::_('Error. File already exists'));
// REDIRECT
if ($return) {
$mainframe->redirect(base64_decode($return).'&folder='.$folder);
}
return;
}
}
if (!JFile::upload($file['tmp_name'], $filepath)) {
if ($format == 'json') {
jimport('joomla.error.log');
$log = &JLog::getInstance('upload.error.php');
$log->addEntry(array('comment' => 'Cannot upload: '.$filepath));
header('HTTP/1.0 400 Bad Request');
jexit('Error. Unable to upload file');
} else {
JError::raiseWarning(100, JText::_('Error. Unable to upload file'));
// REDIRECT
if ($return) {
$mainframe->redirect(base64_decode($return).'&folder='.$folder);
}
return;
}
} else {
if ($format == 'json') {
jimport('joomla.error.log');
$log = &JLog::getInstance();
$log->addEntry(array('comment' => $folder));
jexit('Upload complete');
} else {
$mainframe->enqueueMessage(JText::_('Upload complete'));
// REDIRECT
if ($return) {
$mainframe->redirect(base64_decode($return).'&folder='.$folder);
}
return;
}
}
} else {
$mainframe->redirect('index.php', 'Invalid Request', 'error');
}
}
/**
* Deletes paths from the current path
*
* @param string $listFolder The image directory to delete a file from
* @since 1.5
*/
function delete()
{
global $mainframe;
JRequest::checkToken( 'request' ) or jexit( 'Invalid Token' );
// Set FTP credentials, if given
jimport('joomla.client.helper');
JClientHelper::setCredentialsFromRequest('ftp');
// Get some data from the request
$tmpl = JRequest::getCmd( 'tmpl' );
$paths = JRequest::getVar( 'rm', array(), '', 'array' );
$folder = JRequest::getVar( 'folder', '', '', 'path');
// Initialize variables
$msg = array();
$ret = true;
if (count($paths)) {
foreach ($paths as $path)
{
if ($path !== JFile::makeSafe($path)) {
JError::raiseWarning(100, JText::_('Unable to delete:').htmlspecialchars($path, ENT_COMPAT, 'UTF-8').' '.JText::_('WARNFILENAME'));
continue;
}
$fullPath = JPath::clean(COM_MEDIA_BASE.DS.$folder.DS.$path);
if (is_file($fullPath)) {
$ret |= !JFile::delete($fullPath);
} else if (is_dir($fullPath)) {
$files = JFolder::files($fullPath, '.', true);
$canDelete = true;
foreach ($files as $file) {
if ($file != 'index.html') {
$canDelete = false;
}
}
if ($canDelete) {
$ret |= !JFolder::delete($fullPath);
} else {
JError::raiseWarning(100, JText::_('Unable to delete:').$fullPath.' '.JText::_('Not Empty!'));
}
}
}
}
if ($tmpl == 'component') {
// We are inside the iframe
$mainframe->redirect('index.php?option=com_media&view=mediaList&folder='.$folder.'&tmpl=component');
} else {
$mainframe->redirect('index.php?option=com_media&folder='.$folder);
}
}
}