Mirrors/Codiad
2
0
Fork 0
mirror of https://github.com/Codiad/Codiad.git synced 2026-02-20 02:31:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixed formatting and .travis.yml

Browse Source
This commit is contained in:
NewFuture
2016-10-07 15:09:11 +08:00
parent a4b8020cff
commit 40a9dc37e2
24 changed files with 1548 additions and 1367 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
.editorconfig Normal file
View File

@@ -0,0 +1,27 @@
# EditorConfig is awesome: http://EditorConfig.org
# top-most EditorConfig file
root = true
# Unix-style newlines with a newline ending every file
[*]
charset = utf-8
end_of_line = lf
insert_final_newline = true
# Matches multiple files with brace expansion notation
# Set default charset
[*.{js,php}]
charset = utf-8
indent_style = space
indent_size = 4
# 4 space indentation
[*.min.js]
indent_style = space
indent_size = 0
# Matches the exact files either package.json or .travis.yml
[{composer.json,.travis.yml,build.xml}]
indent_style = space
indent_size = 2

22
.travis.yml
View File

@@ -5,13 +5,23 @@ php:
- 5.4
- 5.5
- 5.6
- 7.0
env:
- RUN=vendor/bin/phing
global:
# Naming conventions and Namespace are not compatible current and LineLength
- CS_EXCLUDE: "PSR1.Classes.ClassDeclaration,PSR1.Methods.CamelCapsMethodName,Squiz.Classes.ValidClassName,Generic.NamingConventions.UpperCaseConstantName,Generic.Files.LineLength,PSR1.Files.SideEffects"
- CS_INGNORE: "dialog.php"
script: ${RUN}
before_script:
- composer selfupdate
- composer --version
#install dependence
install:
- composer install --prefer-dist --verbose
# check formatting and Syntax
script:
- ./vendor/bin/phpcs components
--standard=PSR2
--exclude="$CS_EXCLUDE"
--ignore="$CS_INGNORE"
--colors
--extensions=php

116
components/active/class.active.php
View File

@@ -8,7 +8,8 @@
require_once('../../common.php');
class Active extends Common {
class Active extends Common
{
//////////////////////////////////////////////////////////////////
// PROPERTIES
@@ -29,7 +30,8 @@ class Active extends Common {
// Construct
//////////////////////////////////////////////////////////////////
public function __construct(){
public function __construct()
{
$this->actives = getJSON('active.php');
}
@@ -37,48 +39,50 @@ class Active extends Common {
// List User's Active Files
//////////////////////////////////////////////////////////////////
public function ListActive(){
public function ListActive()
{
$active_list = array();
$tainted = FALSE;
$tainted = false;
$root = WORKSPACE;
if($this->actives){
foreach($this->actives as $active=>$data){
if(is_array($data) && isset($data['username']) && $data['username']==$this->username){
if($this->isAbsPath($data['path'])) {
$root = "";
} else {
$root = $root.'/';
if ($this->actives) {
foreach ($this->actives as $active => $data) {
if (is_array($data) && isset($data['username']) && $data['username']==$this->username) {
if ($this->isAbsPath($data['path'])) {
$root = "";
} else {
$root = $root.'/';
}
if (file_exists($root.$data['path'])) {
$focused = isset($data['focused']) ? $data['focused'] : false;
$active_list[] = array('path'=>$data['path'], 'focused'=>$focused);
} else {
unset($this->actives[$active]);
$tainted = true;
}
}
if (file_exists($root.$data['path'])) {
$focused = isset($data['focused']) ? $data['focused'] : false;
$active_list[] = array('path'=>$data['path'], 'focused'=>$focused);
} else {
unset($this->actives[$active]);
$tainted = TRUE;
}
}
}
}
if ($tainted){
saveJSON('active.php',$this->actives);
if ($tainted) {
saveJSON('active.php', $this->actives);
}
echo formatJSEND("success",$active_list);
echo formatJSEND("success", $active_list);
}
//////////////////////////////////////////////////////////////////
// Check File
//////////////////////////////////////////////////////////////////
public function Check(){
public function Check()
{
$cur_users = array();
foreach($this->actives as $active=>$data){
if(is_array($data) && isset($data['username']) && $data['username']!=$this->username && $data['path']==$this->path){
foreach ($this->actives as $active => $data) {
if (is_array($data) && isset($data['username']) && $data['username']!=$this->username && $data['path']==$this->path) {
$cur_users[] = $data['username'];
}
}
if(count($cur_users)!=0){
echo formatJSEND("error","Warning: File ".substr($this->path,strrpos($this->path,"/")+1)." Currently Opened By: " . implode(", ",$cur_users));
}else{
if (count($cur_users)!=0) {
echo formatJSEND("error", "Warning: File ".substr($this->path, strrpos($this->path, "/")+1)." Currently Opened By: " . implode(", ", $cur_users));
} else {
echo formatJSEND("success");
}
}
@@ -87,16 +91,17 @@ class Active extends Common {
// Add File
//////////////////////////////////////////////////////////////////
public function Add(){
public function Add()
{
$process_add = true;
foreach($this->actives as $active=>$data){
if(is_array($data) && isset($data['username']) && $data['username']==$this->username && $data['path']==$this->path){
foreach ($this->actives as $active => $data) {
if (is_array($data) && isset($data['username']) && $data['username']==$this->username && $data['path']==$this->path) {
$process_add = false;
}
}
if($process_add){
if ($process_add) {
$this->actives[] = array("username"=>$this->username,"path"=>$this->path);
saveJSON('active.php',$this->actives);
saveJSON('active.php', $this->actives);
echo formatJSEND("success");
}
}
@@ -105,14 +110,15 @@ class Active extends Common {
// Rename File
//////////////////////////////////////////////////////////////////
public function Rename(){
public function Rename()
{
$revised_actives = array();
foreach($this->actives as $active=>$data){
if(is_array($data) && isset($data['username'])){
$revised_actives[] = array("username"=>$data['username'],"path"=>str_replace($this->path,$this->new_path,$data['path']));
}
foreach ($this->actives as $active => $data) {
if (is_array($data) && isset($data['username'])) {
$revised_actives[] = array("username"=>$data['username'],"path"=>str_replace($this->path, $this->new_path, $data['path']));
}
}
saveJSON('active.php',$revised_actives);
saveJSON('active.php', $revised_actives);
echo formatJSEND("success");
}
@@ -120,13 +126,14 @@ class Active extends Common {
// Remove File
//////////////////////////////////////////////////////////////////
public function Remove(){
foreach($this->actives as $active=>$data){
if(is_array($data) && isset($data['username']) && $this->username==$data['username'] && $this->path==$data['path']){
public function Remove()
{
foreach ($this->actives as $active => $data) {
if (is_array($data) && isset($data['username']) && $this->username==$data['username'] && $this->path==$data['path']) {
unset($this->actives[$active]);
}
}
saveJSON('active.php',$this->actives);
saveJSON('active.php', $this->actives);
echo formatJSEND("success");
}
@@ -134,32 +141,33 @@ class Active extends Common {
// Remove All Files
//////////////////////////////////////////////////////////////////
public function RemoveAll(){
foreach($this->actives as $active=>$data){
if(is_array($data) && isset($data['username']) && $this->username==$data['username']){
public function RemoveAll()
{
foreach ($this->actives as $active => $data) {
if (is_array($data) && isset($data['username']) && $this->username==$data['username']) {
unset($this->actives[$active]);
}
}
saveJSON('active.php',$this->actives);
saveJSON('active.php', $this->actives);
echo formatJSEND("success");
}
//////////////////////////////////////////////////////////////////
// Mark File As Focused
// Mark File As Focused
// All other files will be marked as non-focused.
//////////////////////////////////////////////////////////////////
public function MarkFileAsFocused(){
foreach($this->actives as $active=>$data){
if(is_array($data) && isset($data['username']) && $this->username==$data['username']){
public function MarkFileAsFocused()
{
foreach ($this->actives as $active => $data) {
if (is_array($data) && isset($data['username']) && $this->username==$data['username']) {
$this->actives[$active]['focused']=false;
if($this->path==$data['path']){
if ($this->path==$data['path']) {
$this->actives[$active]['focused']=true;
}
}
}
saveJSON('active.php',$this->actives);
saveJSON('active.php', $this->actives);
echo formatJSEND("success");
}
}

70
components/active/controller.php
View File

@@ -21,69 +21,67 @@
// Get user's active files
//////////////////////////////////////////////////////////////////
if($_GET['action']=='list'){
$Active->username = $_SESSION['user'];
$Active->ListActive();
}
if ($_GET['action']=='list') {
$Active->username = $_SESSION['user'];
$Active->ListActive();
}
//////////////////////////////////////////////////////////////////
// Add active record
//////////////////////////////////////////////////////////////////
if($_GET['action']=='add'){
$Active->username = $_SESSION['user'];
$Active->path = $_GET['path'];
$Active->Add();
}
if ($_GET['action']=='add') {
$Active->username = $_SESSION['user'];
$Active->path = $_GET['path'];
$Active->Add();
}
//////////////////////////////////////////////////////////////////
// Rename
//////////////////////////////////////////////////////////////////
if($_GET['action']=='rename'){
$Active->username = $_SESSION['user'];
$Active->path = $_GET['old_path'];
$Active->new_path = $_GET['new_path'];
$Active->Rename();
}
if ($_GET['action']=='rename') {
$Active->username = $_SESSION['user'];
$Active->path = $_GET['old_path'];
$Active->new_path = $_GET['new_path'];
$Active->Rename();
}
//////////////////////////////////////////////////////////////////
// Check if file is active
//////////////////////////////////////////////////////////////////
if($_GET['action']=='check'){
$Active->username = $_SESSION['user'];
$Active->path = $_GET['path'];
$Active->Check();
}
if ($_GET['action']=='check') {
$Active->username = $_SESSION['user'];
$Active->path = $_GET['path'];
$Active->Check();
}
//////////////////////////////////////////////////////////////////
// Remove active record
//////////////////////////////////////////////////////////////////
if($_GET['action']=='remove'){
$Active->username = $_SESSION['user'];
$Active->path = $_GET['path'];
$Active->Remove();
}
if ($_GET['action']=='remove') {
$Active->username = $_SESSION['user'];
$Active->path = $_GET['path'];
$Active->Remove();
}
//////////////////////////////////////////////////////////////////
// Remove all active record
//////////////////////////////////////////////////////////////////
if($_GET['action']=='removeall'){
$Active->username = $_SESSION['user'];
$Active->RemoveAll();
}
if ($_GET['action']=='removeall') {
$Active->username = $_SESSION['user'];
$Active->RemoveAll();
}
//////////////////////////////////////////////////////////////////
// Mark file as focused
//////////////////////////////////////////////////////////////////
if($_GET['action']=='focused'){
$Active->username = $_SESSION['user'];
$Active->path = $_GET['path'];
$Active->MarkFileAsFocused();
}
?>
if ($_GET['action']=='focused') {
$Active->username = $_SESSION['user'];
$Active->path = $_GET['path'];
$Active->MarkFileAsFocused();
}

633
components/fileext_textmode/class.fileextension_textmode.php
View File

@@ -10,337 +10,344 @@
require_once '../../common.php';
class fileextension_textmode{
class fileextension_textmode
{
//////////////////////////////////////////////////////////////////
//default associations
//////////////////////////////////////////////////////////////////
private $defaultExtensions = array(
'html' => 'html',
'htm' => 'html',
'tpl' => 'html',
'js' => 'javascript',
'css' => 'css',
'scss' => 'scss',
'sass' => 'scss',
'less' => 'less',
'php' => 'php',
'php4' => 'php',
'php5' => 'php',
'phtml' => 'php',
'json' => 'json',
'java' => 'java',
'xml' => 'xml',
'sql' => 'sql',
'md' => 'markdown',
'c' => 'c_cpp',
'cpp' => 'c_cpp',
'd' => 'd',
'h' => 'c_cpp',
'hpp' => 'c_cpp',
'py' => 'python',
'rb' => 'ruby',
'erb' => 'html_ruby',
'jade' => 'jade',
'coffee' => 'coffee',
'vm' => 'velocity');
//////////////////////////////////////////////////////////////////
//default associations
//////////////////////////////////////////////////////////////////
private $defaultExtensions = array(
'html' => 'html',
'htm' => 'html',
'tpl' => 'html',
'js' => 'javascript',
'css' => 'css',
'scss' => 'scss',
'sass' => 'scss',
'less' => 'less',
'php' => 'php',
'php4' => 'php',
'php5' => 'php',
'phtml' => 'php',
'json' => 'json',
'java' => 'java',
'xml' => 'xml',
'sql' => 'sql',
'md' => 'markdown',
'c' => 'c_cpp',
'cpp' => 'c_cpp',
'd' => 'd',
'h' => 'c_cpp',
'hpp' => 'c_cpp',
'py' => 'python',
'rb' => 'ruby',
'erb' => 'html_ruby',
'jade' => 'jade',
'coffee' => 'coffee',
'vm' => 'velocity');
//////////////////////////////////////////////////////////////////
//availiable text modes
//////////////////////////////////////////////////////////////////
private $availiableTextModes = array(
'abap',
'abc',
'actionscript',
'ada',
'apache_conf',
'applescript',
'asciidoc',
'assembly_x86',
'autohotkey',
'batchfile',
'c9search',
'c_cpp',
'cirru',
'clojure',
'cobol',
'coffee',
'coldfusion',
'csharp',
'css',
'curly',
'd',
'dart',
'diff',
'django',
'dockerfile',
'dot',
'eiffel',
'ejs',
'elixir',
'elm',
'erlang',
'forth',
'ftl',
'gcode',
'gherkin',
'gitignore',
'glsl',
'gobstones',
'golang',
'groovy',
'haml',
'handlebars',
'haskell',
'haxe',
'html',
'html_elixir',
'html_ruby',
'ini',
'io',
'jack',
'jade',
'java',
'javascript',
'json',
'jsoniq',
'jsp',
'jsx',
'julia',
'latex',
'lean',
'less',
'liquid',
'lisp',
'livescript',
'logiql',
'lsl',
'lua',
'luapage',
'lucene',
'makefile',
'markdown',
'mask',
'matlab',
'maze',
'mel',
'mips_assembler',
'mushcode',
'mysql',
'nix',
'nsis',
'objectivec',
'ocaml',
'pascal',
'perl',
'pgsql',
'php',
'plain_text',
'powershell',
'praat',
'prolog',
'protobuf',
'python',
'r',
'razor',
'rdoc',
'rhtml',
'rst',
'ruby',
'rust',
'sass',
'scad',
'scala',
'scheme',
'scss',
'sh',
'sjs',
'smarty',
'snippets',
'soy_template',
'space',
'sql',
'sqlserver',
'stylus',
'svg',
'swift',
'swig',
'tcl',
'tex',
'text',
'textile',
'toml',
'twig',
'typescript',
'vala',
'vbscript',
'velocity',
'verilog',
'vhdl',
'wollok',
'xml',
'xquery',
'yaml'
);
//////////////////////////////////////////////////////////////////
//availiable text modes
//////////////////////////////////////////////////////////////////
private $availiableTextModes = array(
'abap',
'abc',
'actionscript',
'ada',
'apache_conf',
'applescript',
'asciidoc',
'assembly_x86',
'autohotkey',
'batchfile',
'c9search',
'c_cpp',
'cirru',
'clojure',
'cobol',
'coffee',
'coldfusion',
'csharp',
'css',
'curly',
'd',
'dart',
'diff',
'django',
'dockerfile',
'dot',
'eiffel',
'ejs',
'elixir',
'elm',
'erlang',
'forth',
'ftl',
'gcode',
'gherkin',
'gitignore',
'glsl',
'gobstones',
'golang',
'groovy',
'haml',
'handlebars',
'haskell',
'haxe',
'html',
'html_elixir',
'html_ruby',
'ini',
'io',
'jack',
'jade',
'java',
'javascript',
'json',
'jsoniq',
'jsp',
'jsx',
'julia',
'latex',
'lean',
'less',
'liquid',
'lisp',
'livescript',
'logiql',
'lsl',
'lua',
'luapage',
'lucene',
'makefile',
'markdown',
'mask',
'matlab',
'maze',
'mel',
'mips_assembler',
'mushcode',
'mysql',
'nix',
'nsis',
'objectivec',
'ocaml',
'pascal',
'perl',
'pgsql',
'php',
'plain_text',
'powershell',
'praat',
'prolog',
'protobuf',
'python',
'r',
'razor',
'rdoc',
'rhtml',
'rst',
'ruby',
'rust',
'sass',
'scad',
'scala',
'scheme',
'scss',
'sh',
'sjs',
'smarty',
'snippets',
'soy_template',
'space',
'sql',
'sqlserver',
'stylus',
'svg',
'swift',
'swig',
'tcl',
'tex',
'text',
'textile',
'toml',
'twig',
'typescript',
'vala',
'vbscript',
'velocity',
'verilog',
'vhdl',
'wollok',
'xml',
'xquery',
'yaml'
);
const storeFilename = 'extensions.php';
//////////////////////////////////////////////////////////////////
//check the session if the user is allowed to do anything here
//////////////////////////////////////////////////////////////////
public function __construct(){
Common::checkSession();
}
const storeFilename = 'extensions.php';
//////////////////////////////////////////////////////////////////
//check the session if the user is allowed to do anything here
//////////////////////////////////////////////////////////////////
public function __construct()
{
Common::checkSession();
}
public function getAvailiableTextModes(){
return $this->availiableTextModes;
}
public function getAvailiableTextModes()
{
return $this->availiableTextModes;
}
public function getDefaultExtensions(){
return $this->defaultExtensions;
}
public function getDefaultExtensions()
{
return $this->defaultExtensions;
}
//////////////////////////////////////////////////////////////////
//checks if the sended extensions are valid to prevent any injections
//////////////////////////////////////////////////////////////////
public function validateExtension($extension){
return preg_match('#^[a-z0-9\_]+$#i', $extension);
}
//////////////////////////////////////////////////////////////////
//checks if the sended extensions are valid to prevent any injections
//////////////////////////////////////////////////////////////////
public function validateExtension($extension)
{
return preg_match('#^[a-z0-9\_]+$#i', $extension);
}
//////////////////////////////////////////////////////////////////
//checks if the sended extensions are valid to prevent any injections and usage of removed text modes
//////////////////////////////////////////////////////////////////
public function validTextMode($mode){
return in_array($mode, $this->availiableTextModes);
}
//////////////////////////////////////////////////////////////////
//checks if the sended extensions are valid to prevent any injections and usage of removed text modes
//////////////////////////////////////////////////////////////////
public function validTextMode($mode)
{
return in_array($mode, $this->availiableTextModes);
}
//////////////////////////////////////////////////////////////////
//process the form with the associations
//////////////////////////////////////////////////////////////////
private function processFileExtTextModeForm(){
if(!Common::checkAccess()){
return array('status' =>'error', 'msg' =>'You are not allowed to edit the file extensions.');
}
//Store Fileextensions and Textmodes in File:
if(!isset($_POST['extension']) || !is_array($_POST['extension'])
|| !isset($_POST['textMode']) || !is_array($_POST['textMode'])){
return json_encode(array('status' => 'error', 'msg' => 'incorrect data send'));
}
//////////////////////////////////////////////////////////////////
//process the form with the associations
//////////////////////////////////////////////////////////////////
private function processFileExtTextModeForm()
{
if (!Common::checkAccess()) {
return array('status' =>'error', 'msg' =>'You are not allowed to edit the file extensions.');
}
//Store Fileextensions and Textmodes in File:
if (!isset($_POST['extension']) || !is_array($_POST['extension'])
|| !isset($_POST['textMode']) || !is_array($_POST['textMode'])) {
return json_encode(array('status' => 'error', 'msg' => 'incorrect data send'));
}
$exMap = array();
$exMap = array();
$warning = '';
$warning = '';
//Iterate over the sended extensions
foreach ($_POST['extension'] as $key => $extension){
//ignore empty extensions, so that they are going to removed
if(trim($extension) == '' ){
continue;
}
//Iterate over the sended extensions
foreach ($_POST['extension'] as $key => $extension) {
//ignore empty extensions, so that they are going to removed
if (trim($extension) == '') {
continue;
}
//get the sended data and check it
if(!isset($_POST["textMode"][$key])){
return json_encode(array('status' => 'error', 'msg' => 'incorrect data send.'));
}
//get the sended data and check it
if (!isset($_POST["textMode"][$key])) {
return json_encode(array('status' => 'error', 'msg' => 'incorrect data send.'));
}
$extension = strtolower(trim($extension));
$textMode = strtolower(trim($_POST["textMode"][$key]));
if(!$this->validateExtension($extension)){
return json_encode(array('status' => 'error', 'msg' => 'incorrect extension:'.htmlentities($extension)));
}
$extension = strtolower(trim($extension));
$textMode = strtolower(trim($_POST["textMode"][$key]));
if (!$this->validateExtension($extension)) {
return json_encode(array('status' => 'error', 'msg' => 'incorrect extension:'.htmlentities($extension)));
}
if(!$this->validTextMode($textMode)){
return json_encode(array('status' => 'error', 'msg' => 'incorrect text mode:'.htmlentities($textMode)));
}
if (!$this->validTextMode($textMode)) {
return json_encode(array('status' => 'error', 'msg' => 'incorrect text mode:'.htmlentities($textMode)));
}
//data was correct and could be insert
if(isset($exMap[$extension])){
$warning = htmlentities($extension).' is already set.<br/>';
}else{
$exMap[$extension] = $textMode;
}
}
//data was correct and could be insert
if (isset($exMap[$extension])) {
$warning = htmlentities($extension).' is already set.<br/>';
} else {
$exMap[$extension] = $textMode;
}
}
//store the associations
Common::saveJSON(fileextension_textmode::storeFilename, $exMap);
if($warning != ''){
return json_encode(array('status' => 'warning', 'msg' => $warning, 'extensions' => $exMap ));
}else{
return json_encode(array('status' => 'success', 'msg' => 'File extensions are saved successfully.', 'extensions' => $exMap));
}
//store the associations
Common::saveJSON(fileextension_textmode::storeFilename, $exMap);
if ($warning != '') {
return json_encode(array('status' => 'warning', 'msg' => $warning, 'extensions' => $exMap ));
} else {
return json_encode(array('status' => 'success', 'msg' => 'File extensions are saved successfully.', 'extensions' => $exMap));
}
}
}
//////////////////////////////////////////////////////////////////
//process all the possible forms
//////////////////////////////////////////////////////////////////
public function processForms()
{
if (!isset($_GET['action'])) {
return json_encode(array('status' => 'error', 'msg' => 'incorrect data send.'));
}
//////////////////////////////////////////////////////////////////
//process all the possible forms
//////////////////////////////////////////////////////////////////
public function processForms(){
if(!isset($_GET['action'])){
return json_encode(array('status' => 'error', 'msg' => 'incorrect data send.'));
}
switch ($_GET['action']) {
case 'FileExtTextModeForm':
return $this->processFileExtTextModeForm();
break;
case 'GetFileExtTextModes':
return $this->prcessGetFileExtTextModes();
break;
default:
return json_encode(array('status' => 'error', 'msg' => 'Incorrect data send'));
break;
}
}
switch($_GET['action']){
case 'FileExtTextModeForm':
return $this->processFileExtTextModeForm();
break;
case 'GetFileExtTextModes':
return $this->prcessGetFileExtTextModes();
break;
default:
return json_encode(array('status' => 'error', 'msg' => 'Incorrect data send'));
break;
}
}
//////////////////////////////////////////////////////////////////
//Send the default extensions
//////////////////////////////////////////////////////////////////
private function prcessGetFileExtTextModes()
{
$ext = false;
//ignore warnings
$ext = @Common::getJSON(fileextension_textmode::storeFilename);
//////////////////////////////////////////////////////////////////
//Send the default extensions
//////////////////////////////////////////////////////////////////
private function prcessGetFileExtTextModes(){
$ext = false;
//ignore warnings
$ext = @Common::getJSON(fileextension_textmode::storeFilename);
if(!is_array($ext)){
//default extensions
$ext = $this->defaultExtensions;
}
//the availiable extensions, which aren't removed
$availEx = array();
foreach($ext as $ex => $mode){
if(in_array($mode, $this->availiableTextModes)){
$availEx[$ex] = $mode;
}
}
return json_encode(array('status' => 'success', 'extensions' => $availEx, 'textModes' => $this->availiableTextModes));
}
//////////////////////////////////////////////////////////////////
//return a select-field with all availiable text modes, the one in the parameter is selected
//////////////////////////////////////////////////////////////////
public function getTextModeSelect($extension){
$extension = trim(strtolower($extension));
$find = false;
$ret = '<select name="textMode[]" class="textMode">'."\n";
foreach($this->getAvailiableTextModes() as $textmode){
$ret .= ' <option';
if($textmode == $extension){
$ret .= ' selected="selected"';
$find = true;
}
$ret .='>'.$textmode.'</option>'."\n";
}
//unknown extension, print it in the end
if(!$find && $extension != ''){
$ret .= ' <option selected="selected">'.$textmode.'</option>'."\n";
}
$ret .= '</select>'."\n";
return $ret;
}
if (!is_array($ext)) {
//default extensions
$ext = $this->defaultExtensions;
}
//the availiable extensions, which aren't removed
$availEx = array();
foreach ($ext as $ex => $mode) {
if (in_array($mode, $this->availiableTextModes)) {
$availEx[$ex] = $mode;
}
}
return json_encode(array('status' => 'success', 'extensions' => $availEx, 'textModes' => $this->availiableTextModes));
}
//////////////////////////////////////////////////////////////////
//return a select-field with all availiable text modes, the one in the parameter is selected
//////////////////////////////////////////////////////////////////
public function getTextModeSelect($extension)
{
$extension = trim(strtolower($extension));
$find = false;
$ret = '<select name="textMode[]" class="textMode">'."\n";
foreach ($this->getAvailiableTextModes() as $textmode) {
$ret .= ' <option';
if ($textmode == $extension) {
$ret .= ' selected="selected"';
$find = true;
}
$ret .='>'.$textmode.'</option>'."\n";
}
//unknown extension, print it in the end
if (!$find && $extension != '') {
$ret .= ' <option selected="selected">'.$textmode.'</option>'."\n";
}
$ret .= '</select>'."\n";
return $ret;
}
}
?>

2
components/fileext_textmode/controller.php
View File

@@ -13,5 +13,3 @@ $fileExTM = new fileextension_textmode();
echo $fileExTM->processForms();
?>

88
components/filemanager/class.dirzip.php
View File

@@ -6,50 +6,50 @@
*/
class DirZip
{
/**
* Add files and sub-directories in a folder to zip file.
* @param string $folder
* @param ZipArchive $zipFile
* @param int $exclusiveLength Number of text to be exclusived from the file path.
*/
private static function folderToZip($folder, &$zipFile, $exclusiveLength) {
$handle = opendir($folder);
while ($f = readdir($handle)) {
if ($f != '.' && $f != '..') {
$filePath = "$folder/$f";
// Remove prefix from file path before add to zip.
$localPath = substr($filePath, $exclusiveLength);
if (is_file($filePath)) {
$zipFile->addFile($filePath, $localPath);
} elseif (is_dir($filePath)) {
// Add sub-directory.
$zipFile->addEmptyDir($localPath);
self::folderToZip($filePath, $zipFile, $exclusiveLength);
}
}
}
closedir($handle);
}
/**
* Add files and sub-directories in a folder to zip file.
* @param string $folder
* @param ZipArchive $zipFile
* @param int $exclusiveLength Number of text to be exclusived from the file path.
*/
private static function folderToZip($folder, &$zipFile, $exclusiveLength)
{
$handle = opendir($folder);
while ($f = readdir($handle)) {
if ($f != '.' && $f != '..') {
$filePath = "$folder/$f";
// Remove prefix from file path before add to zip.
$localPath = substr($filePath, $exclusiveLength);
if (is_file($filePath)) {
$zipFile->addFile($filePath, $localPath);
} elseif (is_dir($filePath)) {
// Add sub-directory.
$zipFile->addEmptyDir($localPath);
self::folderToZip($filePath, $zipFile, $exclusiveLength);
}
}
}
closedir($handle);
}
/**
* Zip a folder (include itself).
* Usage:
* DirZip::zipDir('/path/to/sourceDir', '/path/to/out.zip');
*
* @param string $sourcePath Path of directory to be zip.
* @param string $outZipPath Path of output zip file.
*/
public static function zipDir($sourcePath, $outZipPath)
{
$pathInfo = pathInfo($sourcePath);
$parentPath = $pathInfo['dirname'];
$dirName = $pathInfo['basename'];
/**
* Zip a folder (include itself).
* Usage:
* DirZip::zipDir('/path/to/sourceDir', '/path/to/out.zip');
*
* @param string $sourcePath Path of directory to be zip.
* @param string $outZipPath Path of output zip file.
*/
public static function zipDir($sourcePath, $outZipPath)
{
$pathInfo = pathInfo($sourcePath);
$parentPath = $pathInfo['dirname'];
$dirName = $pathInfo['basename'];
$z = new ZipArchive();
$z->open($outZipPath, ZIPARCHIVE::CREATE);
$z->addEmptyDir($dirName);
self::folderToZip($sourcePath, $z, strlen("$parentPath/"));
$z->close();
}
$z = new ZipArchive();
$z->open($outZipPath, ZIPARCHIVE::CREATE);
$z->addEmptyDir($dirName);
self::folderToZip($sourcePath, $z, strlen("$parentPath/"));
$z->close();
}
}
?>

387
components/filemanager/class.filemanager.php
View File

@@ -9,7 +9,8 @@
require_once('../../lib/diff_match_patch.php');
require_once('../../common.php');
class Filemanager extends Common {
class Filemanager extends Common
{
//////////////////////////////////////////////////////////////////
// PROPERTIES
@@ -48,42 +49,55 @@ class Filemanager extends Common {
// Construct
//////////////////////////////////////////////////////////////////
public function __construct($get,$post,$files) {
$this->rel_path = Filemanager::cleanPath( $get['path'] );
public function __construct($get, $post, $files)
{
$this->rel_path = Filemanager::cleanPath($get['path']);
if($this->rel_path!="/"){ $this->rel_path .= "/"; }
if(!empty($get['query'])){ $this->query = $get['query']; }
if(!empty($get['options'])){ $this->foptions = $get['options']; }
if ($this->rel_path!="/") {
$this->rel_path .= "/";
}
if (!empty($get['query'])) {
$this->query = $get['query'];
}
if (!empty($get['options'])) {
$this->foptions = $get['options'];
}
$this->root = $get['root'];
if($this->isAbsPath($get['path'])) {
$this->path = Filemanager::cleanPath( $get['path'] );
if ($this->isAbsPath($get['path'])) {
$this->path = Filemanager::cleanPath($get['path']);
} else {
$this->root .= '/';
$this->path = $this->root . Filemanager::cleanPath( $get['path'] );
$this->path = $this->root . Filemanager::cleanPath($get['path']);
}
// Search
if(!empty($post['search_string'])){ $this->search_string = $post['search_string']; }
if(!empty($post['search_file_type'])){
$this->search_file_type = $post['search_file_type'];
if (!empty($post['search_string'])) {
$this->search_string = $post['search_string'];
}
if (!empty($post['search_file_type'])) {
$this->search_file_type = $post['search_file_type'];
}
// Create
if(!empty($get['type'])){ $this->type = $get['type']; }
if (!empty($get['type'])) {
$this->type = $get['type'];
}
// Modify\Create
if(!empty($get['new_name'])){ $this->new_name = $get['new_name']; }
if (!empty($get['new_name'])) {
$this->new_name = $get['new_name'];
}
foreach(array('content', 'mtime', 'patch') as $key){
if(!empty($post[$key])){
if(get_magic_quotes_gpc()){
foreach (array('content', 'mtime', 'patch') as $key) {
if (!empty($post[$key])) {
if (get_magic_quotes_gpc()) {
$this->$key = stripslashes($post[$key]);
}else{
} else {
$this->$key = $post[$key];
}
}
}
// Duplicate
if(!empty($get['destination'])){
$get['destination'] = Filemanager::cleanPath( $get['destination'] );
if($this->isAbsPath($get['path'])) {
if (!empty($get['destination'])) {
$get['destination'] = Filemanager::cleanPath($get['destination']);
if ($this->isAbsPath($get['path'])) {
$this->destination = $get['destination'];
} else {
$this->destination = $this->root . $get['destination'];
@@ -95,15 +109,21 @@ class Filemanager extends Common {
// INDEX (Returns list of files and directories)
//////////////////////////////////////////////////////////////////
public function index(){
public function index()
{
if(file_exists($this->path)){
if (file_exists($this->path)) {
$index = array();
if(is_dir($this->path) && $handle = opendir($this->path)){
if (is_dir($this->path) && $handle = opendir($this->path)) {
while (false !== ($object = readdir($handle))) {
if ($object != "." && $object != ".." && $object != $this->controller) {
if(is_dir($this->path.'/'.$object)){ $type = "directory"; $size=count(glob($this->path.'/'.$object.'/*')); }
else{ $type = "file"; $size=@filesize($this->path.'/'.$object); }
if (is_dir($this->path.'/'.$object)) {
$type = "directory";
$size=count(glob($this->path.'/'.$object.'/*'));
} else {
$type = "file";
$size=@filesize($this->path.'/'.$object);
}
$index[] = array(
"name"=>$this->rel_path . $object,
"type"=>$type,
@@ -114,29 +134,32 @@ class Filemanager extends Common {
$folders = array();
$files = array();
foreach($index as $item=>$data){
if($data['type']=='directory'){
foreach ($index as $item => $data) {
if ($data['type']=='directory') {
$folders[] = array("name"=>$data['name'],"type"=>$data['type'],"size"=>$data['size']);
}
if($data['type']=='file'){
if ($data['type']=='file') {
$files[] = array("name"=>$data['name'],"type"=>$data['type'],"size"=>$data['size']);
}
}
function sorter($a, $b, $key = 'name') { return strnatcmp($a[$key], $b[$key]); }
function sorter($a, $b, $key = 'name')
{
return strnatcmp($a[$key], $b[$key]);
}
usort($folders,"sorter");
usort($files,"sorter");
usort($folders, "sorter");
usort($files, "sorter");
$output = array_merge($folders,$files);
$output = array_merge($folders, $files);
$this->status = "success";
$this->data = '"index":' . json_encode($output);
}else{
} else {
$this->status = "error";
$this->message = "Not A Directory";
}
}else{
} else {
$this->status = "error";
$this->message = "Path Does Not Exist";
}
@@ -144,21 +167,28 @@ class Filemanager extends Common {
$this->respond();
}
public function find(){
if(!function_exists('shell_exec')){
public function find()
{
if (!function_exists('shell_exec')) {
$this->status = "error";
$this->message = "Shell_exec() Command Not Enabled.";
} else {
chdir($this->path);
$input = str_replace('"' , '', $this->query);
$input = str_replace('"', '', $this->query);
$vinput = preg_quote($input);
$cmd = 'find -L ';
if ($this->foptions && $this->foptions['strategy']) {
switch($this->f_options['strategy']){
case 'left_prefix': $cmd = "$cmd -iname \"$vinput*\""; break;
case 'substring': $cmd = "$cmd -iname \"*$vinput*\""; break;
case 'regexp': $cmd = "$cmd -regex \"$input\""; break;
}
switch ($this->f_options['strategy']) {
case 'left_prefix':
$cmd = "$cmd -iname \"$vinput*\"";
break;
case 'substring':
$cmd = "$cmd -iname \"*$vinput*\"";
break;
case 'regexp':
$cmd = "$cmd -regex \"$input\"";
break;
}
} else {
$cmd = 'find -L -iname "' . $input . '*"';
}
@@ -170,21 +200,21 @@ class Filemanager extends Common {
error_reporting(0);
foreach ($file_arr as $i => $fentry) {
$farr = explode(" ", $fentry);
$fname = trim($farr[0]);
if ($farr[1] == 'f') {
$ftype = 'file';
} else {
$ftype = 'directory';
}
if (strlen($fname) != 0){
$fname = $this->rel_path . substr($fname, 2);
$f = array('path' => $fname, 'type' => $ftype );
array_push( $output_arr, $f);
}
$farr = explode(" ", $fentry);
$fname = trim($farr[0]);
if ($farr[1] == 'f') {
$ftype = 'file';
} else {
$ftype = 'directory';
}
if (strlen($fname) != 0) {
$fname = $this->rel_path . substr($fname, 2);
$f = array('path' => $fname, 'type' => $ftype );
array_push($output_arr, $f);
}
}
if(count($output_arr)==0){
if (count($output_arr)==0) {
$this->status = "error";
$this->message = "No Results Returned";
} else {
@@ -193,41 +223,41 @@ class Filemanager extends Common {
}
}
$this->respond();
}
//////////////////////////////////////////////////////////////////
// SEARCH
//////////////////////////////////////////////////////////////////
public function search(){
if(!function_exists('shell_exec')){
public function search()
{
if (!function_exists('shell_exec')) {
$this->status = "error";
$this->message = "Shell_exec() Command Not Enabled.";
}else{
if($_GET['type'] == 1) {
} else {
if ($_GET['type'] == 1) {
$this->path = WORKSPACE;
}
$input = str_replace('"' , '', $this->search_string);
$input = str_replace('"', '', $this->search_string);
$input = preg_quote($input);
$output = shell_exec('find -L ' . $this->path . ' -iregex ".*' . $this->search_file_type . '" -type f | xargs grep -i -I -n -R -H "' . $input . '"');
$output_arr = explode("\n", $output);
$return = array();
foreach($output_arr as $line){
foreach ($output_arr as $line) {
$data = explode(":", $line);
$da = array();
if(count($data) > 2){
if (count($data) > 2) {
$da['line'] = $data[1];
$da['file'] = str_replace($this->path,'',$data[0]);
$da['file'] = str_replace($this->path, '', $data[0]);
$da['result'] = str_replace($this->root, '', $data[0]);
$da['string'] = str_replace($data[0] . ":" . $data[1] . ':' , '', $line);
$da['string'] = str_replace($data[0] . ":" . $data[1] . ':', '', $line);
$return[] = $da;
}
}
if(count($return)==0){
if (count($return)==0) {
$this->status = "error";
$this->message = "No Results Returned";
}else{
} else {
$this->status = "success";
$this->data = '"index":' . json_encode($return);
}
@@ -239,25 +269,26 @@ class Filemanager extends Common {
// OPEN (Returns the contents of a file)
//////////////////////////////////////////////////////////////////
public function open(){
if(is_file($this->path)){
public function open()
{
if (is_file($this->path)) {
$output = file_get_contents($this->path);
if(extension_loaded('mbstring')) {
if(!mb_check_encoding($output, 'UTF-8')) {
if(mb_check_encoding($output, 'ISO-8859-1')) {
$output = utf8_encode($output);
} else {
$output = mb_convert_encoding($content, 'UTF-8');
}
}
if (extension_loaded('mbstring')) {
if (!mb_check_encoding($output, 'UTF-8')) {
if (mb_check_encoding($output, 'ISO-8859-1')) {
$output = utf8_encode($output);
} else {
$output = mb_convert_encoding($content, 'UTF-8');
}
}
}
$this->status = "success";
$this->data = '"content":' . json_encode($output);
$mtime = filemtime($this->path);
$this->data .= ', "mtime":'.$mtime;
}else{
} else {
$this->status = "error";
$this->message = "Not A File :".$this->path;
}
@@ -269,12 +300,13 @@ class Filemanager extends Common {
// OPEN IN BROWSER (Return URL)
//////////////////////////////////////////////////////////////////
public function openinbrowser(){
public function openinbrowser()
{
$protocol = ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
$domainName = $_SERVER['HTTP_HOST'];
$url = $protocol.WSURL.'/'.$this->rel_path;
$this->status = "success";
$this->data = '"url":' . json_encode(rtrim($url,"/"));
$this->data = '"url":' . json_encode(rtrim($url, "/"));
$this->respond();
}
@@ -282,33 +314,36 @@ class Filemanager extends Common {
// CREATE (Creates a new file or directory)
//////////////////////////////////////////////////////////////////
public function create(){
public function create()
{
// Create file
if($this->type=="file"){
if(!file_exists($this->path)){
if($file = fopen($this->path, 'w')){
if ($this->type=="file") {
if (!file_exists($this->path)) {
if ($file = fopen($this->path, 'w')) {
// Write content
if($this->content){ fwrite($file, $this->content); }
if ($this->content) {
fwrite($file, $this->content);
}
$this->data = '"mtime":'.filemtime($this->path);
fclose($file);
$this->status = "success";
}else{
} else {
$this->status = "error";
$this->message = "Cannot Create File";
}
}else{
} else {
$this->status = "error";
$this->message = "File Already Exists";
}
}
// Create directory
if($this->type=="directory"){
if(!is_dir($this->path)){
if ($this->type=="directory") {
if (!is_dir($this->path)) {
mkdir($this->path);
$this->status = "success";
}else{
} else {
$this->status = "error";
$this->message = "Directory Already Exists";
}
@@ -321,37 +356,39 @@ class Filemanager extends Common {
// DELETE (Deletes a file or directory (+contents))
//////////////////////////////////////////////////////////////////
public function delete(){
public function delete()
{
function rrmdir($path, $follow) {
if(is_file($path)) {
unlink($path);
} else {
$files = array_diff(scandir($path), array('.','..'));
foreach ($files as $file) {
if(is_link("$path/$file")) {
if($follow) {
function rrmdir($path, $follow)
{
if (is_file($path)) {
unlink($path);
} else {
$files = array_diff(scandir($path), array('.','..'));
foreach ($files as $file) {
if (is_link("$path/$file")) {
if ($follow) {
rrmdir("$path/$file", $follow);
}
unlink("$path/$file");
} else if(is_dir("$path/$file")) {
} elseif (is_dir("$path/$file")) {
rrmdir("$path/$file", $follow);
} else {
unlink("$path/$file");
}
}
return rmdir($path);
}
}
unlink("$path/$file");
}
}
return rmdir($path);
}
}
if(file_exists($this->path)){
if(isset($_GET['follow'])) {
if (file_exists($this->path)) {
if (isset($_GET['follow'])) {
rrmdir($this->path, true);
} else {
rrmdir($this->path, false);
}
$this->status = "success";
}else{
} else {
$this->status = "error";
$this->message = "Path Does Not Exist ";
}
@@ -363,48 +400,49 @@ class Filemanager extends Common {
// MODIFY (Modifies a file name/contents or directory name)
//////////////////////////////////////////////////////////////////
public function modify(){
public function modify()
{
// Change name
if($this->new_name){
$explode = explode('/',$this->path);
if ($this->new_name) {
$explode = explode('/', $this->path);
array_pop($explode);
$new_path = implode("/",$explode) . "/" . $this->new_name;
if(!file_exists($new_path)){
if(rename($this->path,$new_path)){
$new_path = implode("/", $explode) . "/" . $this->new_name;
if (!file_exists($new_path)) {
if (rename($this->path, $new_path)) {
//unlink($this->path);
$this->status = "success";
}else{
} else {
$this->status = "error";
$this->message = "Could Not Rename";
}
}else{
} else {
$this->status = "error";
$this->message = "Path Already Exists";
}
} else {
// Change content
if($this->content || $this->patch){
if($this->content==' '){
if ($this->content || $this->patch) {
if ($this->content==' ') {
$this->content=''; // Blank out file
}
if ($this->patch && ! $this->mtime){
if ($this->patch && ! $this->mtime) {
$this->status = "error";
$this->message = "mtime parameter not found";
$this->respond();
return;
}
if(is_file($this->path)){
if (is_file($this->path)) {
$serverMTime = filemtime($this->path);
$fileContents = file_get_contents($this->path);
if ($this->patch && $this->mtime != $serverMTime){
if ($this->patch && $this->mtime != $serverMTime) {
$this->status = "error";
$this->message = "Client is out of sync";
//DEBUG : file_put_contents($this->path.".conflict", "SERVER MTIME :".$serverMTime.", CLIENT MTIME :".$this->mtime);
$this->respond();
return;
} else if (strlen(trim($this->patch)) == 0 && ! $this->content ){
} elseif (strlen(trim($this->patch)) == 0 && ! $this->content) {
// Do nothing if the patch is empty and there is no content
$this->status = "success";
$this->data = '"mtime":'.$serverMTime;
@@ -412,8 +450,8 @@ class Filemanager extends Common {
return;
}
if($file = fopen($this->path, 'w')){
if ($this->patch){
if ($file = fopen($this->path, 'w')) {
if ($this->patch) {
$dmp = new diff_match_patch();
$p = $dmp->patch_apply($dmp->patch_fromText($this->patch), $fileContents);
$this->content = $p[0];
@@ -421,7 +459,7 @@ class Filemanager extends Common {
//DEBUG : file_put_contents($this->path.".patch", $this->patch);
}
if (fwrite($file, $this->content) === false){
if (fwrite($file, $this->content) === false) {
$this->status = "error";
$this->message = "could not write to file";
} else {
@@ -434,19 +472,19 @@ class Filemanager extends Common {
}
fclose($file);
}else{
$this->status = "error";
$this->message = "Cannot Write to File";
} else {
$this->status = "error";
$this->message = "Cannot Write to File";
}
}else{
} else {
$this->status = "error";
$this->message = "Not A File";
}
} else {
$file = fopen($this->path, 'w');
fclose($file);
$this->data = '"mtime":'.filemtime($this->path);
$this->status = "success";
$file = fopen($this->path, 'w');
fclose($file);
$this->data = '"mtime":'.filemtime($this->path);
$this->status = "success";
}
}
@@ -457,39 +495,40 @@ class Filemanager extends Common {
// DUPLICATE (Creates a duplicate of the object - (cut/copy/paste)
//////////////////////////////////////////////////////////////////
public function duplicate(){
public function duplicate()
{
if(!file_exists($this->path)){
if (!file_exists($this->path)) {
$this->status = "error";
$this->message = "Invalid Source";
}
function recurse_copy($src,$dst) {
function recurse_copy($src, $dst)
{
$dir = opendir($src);
@mkdir($dst);
while(false !== ( $file = readdir($dir)) ) {
while (false !== ( $file = readdir($dir))) {
if (( $file != '.' ) && ( $file != '..' )) {
if ( is_dir($src . '/' . $file) ) {
recurse_copy($src . '/' . $file,$dst . '/' . $file);
}
else {
copy($src . '/' . $file,$dst . '/' . $file);
if (is_dir($src . '/' . $file)) {
recurse_copy($src . '/' . $file, $dst . '/' . $file);
} else {
copy($src . '/' . $file, $dst . '/' . $file);
}
}
}
closedir($dir);
}
if($this->status!="error"){
if(is_file($this->path)){
copy($this->path,$this->destination);
if ($this->status!="error") {
if (is_file($this->path)) {
copy($this->path, $this->destination);
$this->status = "success";
}else{
recurse_copy($this->path,$this->destination);
if(!$this->response){ $this->status = "success"; }
} else {
recurse_copy($this->path, $this->destination);
if (!$this->response) {
$this->status = "success";
}
}
}
$this->respond();
@@ -499,21 +538,21 @@ class Filemanager extends Common {
// UPLOAD (Handles uploads to the specified directory)
//////////////////////////////////////////////////////////////////
public function upload(){
public function upload()
{
// Check that the path is a directory
if(is_file($this->path)){
if (is_file($this->path)) {
$this->status = "error";
$this->message = "Path Not A Directory";
}else{
} else {
// Handle upload
$info = array();
while(list($key,$value) = each($_FILES['upload']['name'])){
if(!empty($value)){
while (list($key,$value) = each($_FILES['upload']['name'])) {
if (!empty($value)) {
$filename = $value;
$add = $this->path."/$filename";
if(@move_uploaded_file($_FILES['upload']['tmp_name'][$key], $add)){
if (@move_uploaded_file($_FILES['upload']['tmp_name'][$key], $add)) {
$info[] = array(
"name"=>$value,
"size"=>filesize($add),
@@ -535,50 +574,48 @@ class Filemanager extends Common {
// RESPOND (Outputs data in JSON [JSEND] format)
//////////////////////////////////////////////////////////////////
public function respond(){
public function respond()
{
// Success ///////////////////////////////////////////////
if($this->status=="success"){
if($this->data){
if ($this->status=="success") {
if ($this->data) {
$json = '{"status":"success","data":{'.$this->data.'}}';
}else{
} else {
$json = '{"status":"success","data":null}';
}
// Upload JSON ///////////////////////////////////////////
}elseif($this->upload_json!=''){
} elseif ($this->upload_json!='') {
$json = $this->upload_json;
// Error /////////////////////////////////////////////////
}else{
} else {
$json = '{"status":"error","message":"'.$this->message.'"}';
}
// Output ////////////////////////////////////////////////
echo($json);
}
//////////////////////////////////////////////////////////////////
// Clean a path
//////////////////////////////////////////////////////////////////
public static function cleanPath( $path ){
public static function cleanPath($path)
{
// replace backslash with slash
$path = str_replace('\\', '/', $path );
$path = str_replace('\\', '/', $path);
// prevent Poison Null Byte injections
$path = str_replace(chr(0), '', $path );
$path = str_replace(chr(0), '', $path);
// prevent go out of the workspace
while (strpos($path , '../') !== false)
$path = str_replace( '../', '', $path );
while (strpos($path, '../') !== false) {
$path = str_replace('../', '', $path);
}
return $path;
}
}
?>

77
components/filemanager/controller.php
View File

@@ -19,26 +19,29 @@
// Get Action
//////////////////////////////////////////////////////////////////
if(!empty($_GET['action'])){ $action = $_GET['action']; }
else{ exit('{"status":"error","data":{"error":"No Action Specified"}}'); }
if (!empty($_GET['action'])) {
$action = $_GET['action'];
} else {
exit('{"status":"error","data":{"error":"No Action Specified"}}');
}
//////////////////////////////////////////////////////////////////
// Ensure Project Has Been Loaded
//////////////////////////////////////////////////////////////////
if(!isset($_SESSION['project'])){
$_GET['action']='get_current';
$_GET['no_return']='true';
require_once('../project/controller.php');
}
if (!isset($_SESSION['project'])) {
$_GET['action']='get_current';
$_GET['no_return']='true';
require_once('../project/controller.php');
}
//////////////////////////////////////////////////////////////////
// Security Check
//////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////
if (!checkPath($_GET['path'])) {
die('{"status":"error","message":"Invalid Path"}');
}
if (!checkPath($_GET['path'])) {
die('{"status":"error","message":"Invalid Path"}');
}
//////////////////////////////////////////////////////////////////
// Define Root
@@ -50,22 +53,40 @@
// Handle Action
//////////////////////////////////////////////////////////////////
$Filemanager = new Filemanager($_GET,$_POST,$_FILES);
$Filemanager = new Filemanager($_GET, $_POST, $_FILES);
$Filemanager->project = @$_SESSION['project']['path'];
switch($action){
case 'index': $Filemanager->index(); break;
case 'search': $Filemanager->search(); break;
case 'find': $Filemanager->find(); break;
case 'open' : $Filemanager->open(); break;
case 'open_in_browser': $Filemanager->openinbrowser(); break;
case 'create': $Filemanager->create(); break;
case 'delete': $Filemanager->delete(); break;
case 'modify': $Filemanager->modify(); break;
case 'duplicate': $Filemanager->duplicate(); break;
case 'upload': $Filemanager->upload(); break;
default: exit('{"status":"fail","data":{"error":"Unknown Action"}}');
}
?>
switch ($action) {
case 'index':
$Filemanager->index();
break;
case 'search':
$Filemanager->search();
break;
case 'find':
$Filemanager->find();
break;
case 'open':
$Filemanager->open();
break;
case 'open_in_browser':
$Filemanager->openinbrowser();
break;
case 'create':
$Filemanager->create();
break;
case 'delete':
$Filemanager->delete();
break;
case 'modify':
$Filemanager->modify();
break;
case 'duplicate':
$Filemanager->duplicate();
break;
case 'upload':
$Filemanager->upload();
break;
default:
exit('{"status":"fail","data":{"error":"Unknown Action"}}');
}

91
components/filemanager/download.php
View File

@@ -18,53 +18,53 @@
// Check $_GET for invalid path
//////////////////////////////////////////////////////////////////
//TODO check if the User is allowed to access the project
if(!isset($_GET['path'])
|| preg_match('#^[\\\/]?$#i', trim($_GET['path'])) // download all Projects
|| preg_match('#[\:*?\"<>\|]#i', $_GET['path']) //illegal chars in filenames
|| substr_count($_GET['path'], './') > 0) { // change directory up to escape Workspace
exit('<script>parent.codiad.message.error("Wrong data send")</script>');
}
if (!isset($_GET['path'])
|| preg_match('#^[\\\/]?$#i', trim($_GET['path'])) // download all Projects
|| preg_match('#[\:*?\"<>\|]#i', $_GET['path']) //illegal chars in filenames
|| substr_count($_GET['path'], './') > 0) { // change directory up to escape Workspace
exit('<script>parent.codiad.message.error("Wrong data send")</script>');
}
//////////////////////////////////////////////////////////////////
// Run Download
//////////////////////////////////////////////////////////////////
if(isset($_GET['type']) && ($_GET['type']=='directory' || $_GET['type']=='root')){
// Create tarball
$filename = explode("/",$_GET['path']);
//$filename = array_pop($filename) . "-" . date('Y.m.d') . ".tar.gz";
$filename = array_pop($filename) . "-" . date('Y.m.d');
$targetPath = DATA . '/';
$dir = WORKSPACE . '/' . $_GET['path'];
if(!is_dir($dir)){
exit('<script>parent.codiad.message.error("Directory not found.")</script>');
}
//////////////////////////////////////////////////////////////////
// Check system() command and a non windows OS
//////////////////////////////////////////////////////////////////
if(isAvailable('system') && stripos(PHP_OS, 'win') === false){
# Execute the tar command and save file
$filename .= '.tar.gz';
system("tar -pczf ".escapeshellarg($targetPath.$filename)." -C ".escapeshellarg(WORKSPACE)." ".escapeshellarg($_GET['path']));
$download_file = $targetPath.$filename;
}elseif(extension_loaded('zip')){ //Check if zip-Extension is availiable
//build zipfile
require_once 'class.dirzip.php';
$filename .= '.zip';
$download_file = $targetPath.$filename;
DirZip::zipDir($dir, $targetPath .$filename);
}else{
exit('<script>parent.codiad.message.error("Could not pack the folder, zip-extension missing")</script>');
}
}else{
$filename = explode("/",$_GET['path']);
$filename = array_pop($filename);
$download_file = WORKSPACE . '/' . $_GET['path'];
if (isset($_GET['type']) && ($_GET['type']=='directory' || $_GET['type']=='root')) {
// Create tarball
$filename = explode("/", $_GET['path']);
//$filename = array_pop($filename) . "-" . date('Y.m.d') . ".tar.gz";
$filename = array_pop($filename) . "-" . date('Y.m.d');
$targetPath = DATA . '/';
$dir = WORKSPACE . '/' . $_GET['path'];
if (!is_dir($dir)) {
exit('<script>parent.codiad.message.error("Directory not found.")</script>');
}
//////////////////////////////////////////////////////////////////
// Check system() command and a non windows OS
//////////////////////////////////////////////////////////////////
if (isAvailable('system') && stripos(PHP_OS, 'win') === false) {
# Execute the tar command and save file
$filename .= '.tar.gz';
system("tar -pczf ".escapeshellarg($targetPath.$filename)." -C ".escapeshellarg(WORKSPACE)." ".escapeshellarg($_GET['path']));
$download_file = $targetPath.$filename;
} elseif (extension_loaded('zip')) { //Check if zip-Extension is availiable
//build zipfile
require_once 'class.dirzip.php';
$filename .= '.zip';
$download_file = $targetPath.$filename;
DirZip::zipDir($dir, $targetPath .$filename);
} else {
exit('<script>parent.codiad.message.error("Could not pack the folder, zip-extension missing")</script>');
}
} else {
$filename = explode("/", $_GET['path']);
$filename = array_pop($filename);
$download_file = WORKSPACE . '/' . $_GET['path'];
}
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($filename).'"');
@@ -73,11 +73,12 @@
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($download_file));
if (ob_get_contents())
ob_end_clean();
if (ob_get_contents()) {
ob_end_clean();
}
flush();
readfile($download_file);
// Remove temp tarball
if($_GET['type']=='directory' || $_GET['type']=='root'){ unlink($download_file); }
?>
if ($_GET['type']=='directory' || $_GET['type']=='root') {
unlink($download_file);
}

101
components/install/process.php
View File

@@ -24,47 +24,53 @@
// Functions
//////////////////////////////////////////////////////////////////////
function saveFile($file,$data){
$write = fopen($file, 'w') or die("can't open file");
fwrite($write, $data);
fclose($write);
function saveFile($file, $data)
{
$write = fopen($file, 'w') or die("can't open file");
fwrite($write, $data);
fclose($write);
}
function saveJSON($file, $data)
{
$data = "<?php/*|" . json_encode($data) . "|*/?>";
saveFile($file, $data);
}
function encryptPassword($p)
{
return sha1(md5($p));
}
function cleanUsername($username)
{
return preg_replace('#[^A-Za-z0-9'.preg_quote('-_@. ').']#', '', $username);
}
function isAbsPath($path)
{
return $path[0] === '/';
}
function cleanPath($path)
{
// prevent Poison Null Byte injections
$path = str_replace(chr(0), '', $path);
// prevent go out of the workspace
while (strpos($path, '../') !== false) {
$path = str_replace('../', '', $path);
}
function saveJSON($file,$data){
$data = "<?php/*|" . json_encode($data) . "|*/?>";
saveFile($file,$data);
}
function encryptPassword($p){
return sha1(md5($p));
}
function cleanUsername($username){
return preg_replace('#[^A-Za-z0-9'.preg_quote('-_@. ').']#','', $username);
}
function isAbsPath( $path ) {
return $path[0] === '/';
}
function cleanPath( $path ){
// prevent Poison Null Byte injections
$path = str_replace(chr(0), '', $path );
// prevent go out of the workspace
while (strpos($path , '../') !== false)
$path = str_replace( '../', '', $path );
return $path;
}
return $path;
}
//////////////////////////////////////////////////////////////////////
// Verify no overwrites
//////////////////////////////////////////////////////////////////////
if(!file_exists($users) && !file_exists($projects) && !file_exists($active)){
if (!file_exists($users) && !file_exists($projects) && !file_exists($active)) {
//////////////////////////////////////////////////////////////////
// Get POST responses
//////////////////////////////////////////////////////////////////
@@ -72,7 +78,7 @@ if(!file_exists($users) && !file_exists($projects) && !file_exists($active)){
$username = cleanUsername($_POST['username']);
$password = encryptPassword($_POST['password']);
$project_name = $_POST['project_name'];
if(isset($_POST['project_path'])) {
if (isset($_POST['project_path'])) {
$project_path = $_POST['project_path'];
} else {
$project_path = $project_name;
@@ -85,27 +91,27 @@ if(!file_exists($users) && !file_exists($projects) && !file_exists($active)){
$project_path = cleanPath($project_path);
if(!isAbsPath($project_path)) {
$project_path = str_replace(" ","_",preg_replace('/[^\w-\.]/', '', $project_path));
if (!isAbsPath($project_path)) {
$project_path = str_replace(" ", "_", preg_replace('/[^\w-\.]/', '', $project_path));
mkdir($workspace . "/" . $project_path);
} else {
$project_path = cleanPath($project_path);
if(substr($project_path, -1) == '/') {
$project_path = substr($project_path,0, strlen($project_path)-1);
if (substr($project_path, -1) == '/') {
$project_path = substr($project_path, 0, strlen($project_path)-1);
}
if(!file_exists($project_path)) {
if(!mkdir($project_path.'/', 0755, true)) {
if (!file_exists($project_path)) {
if (!mkdir($project_path.'/', 0755, true)) {
die("Unable to create Absolute Path");
}
} else {
if(!is_writable($project_path) || !is_readable($project_path)) {
if (!is_writable($project_path) || !is_readable($project_path)) {
die("No Read/Write Permission");
}
}
}
$project_data = array("name"=>$project_name,"path"=>$project_path);
saveJSON($projects,array($project_data));
saveJSON($projects, array($project_data));
//////////////////////////////////////////////////////////////////
// Create Users file
@@ -113,13 +119,13 @@ if(!file_exists($users) && !file_exists($projects) && !file_exists($active)){
$user_data = array("username"=>$username,"password"=>$password,"project"=>$project_path);
saveJSON($users,array($user_data));
saveJSON($users, array($user_data));
//////////////////////////////////////////////////////////////////
// Create Active file
//////////////////////////////////////////////////////////////////
saveJSON($active,array(''));
saveJSON($active, array(''));
//////////////////////////////////////////////////////////////////
// Create Config
@@ -182,10 +188,7 @@ define("WSURL", BASE_URL . "/workspace");
//define("COMMITURL", "https://api.github.com/repos/Codiad/Codiad/commits");
';
saveFile($config,$config_data);
saveFile($config, $config_data);
echo("success");
}
?>

151
components/install/view.php
View File

@@ -7,25 +7,25 @@
* [root]/license.txt for more. This information must remain intact.
*/
$path = rtrim(str_replace("index.php", "", $_SERVER['SCRIPT_FILENAME']),"/");
$path = rtrim(str_replace("index.php", "", $_SERVER['SCRIPT_FILENAME']), "/");
$workspace = is_writable( $path . "/workspace");
$workspace = is_writable($path . "/workspace");
$data = is_writable($path . "/data");
$plugins = is_writable($path . "/plugins");
$themes = is_writable($path . "/themes");
$workspace = is_writable( $path . "/workspace");
$workspace = is_writable($path . "/workspace");
$conf = $path . '/config.php';
$config = is_writable(file_exists($conf) ? $conf : $path);
if(ini_get('register_globals') == 1) {
if (ini_get('register_globals') == 1) {
$register = true;
} else {
$register = false;
}
if(ini_get('newrelic.enabled') == 1) {
if (ini_get('newrelic.enabled') == 1) {
$newrelic = true;
} else {
$newrelic = false;
@@ -43,51 +43,77 @@ $autocomplete = array(
);
if (!empty($query)) {
$params = explode('&', $query);
foreach ($params as $param) {
$param = explode('=', $param);
if (array_key_exists($param[0], $autocomplete)) {
$autocomplete[$param[0]] = urldecode($param[1]);
}
}
$params = explode('&', $query);
foreach ($params as $param) {
$param = explode('=', $param);
if (array_key_exists($param[0], $autocomplete)) {
$autocomplete[$param[0]] = urldecode($param[1]);
}
}
}
if(!$workspace || !$data || !$config || $register || $newrelic){
if (!$workspace || !$data || !$config || $register || $newrelic) {
?>
<h1><?php i18n("Installation Error"); ?></h1>
<p><?php i18n("Please make sure the following exist and are writeable:"); ?></p>
<div class="install_issues">
<p>[SYSTEM]/config.php - <?php if($config) { echo '<font style="color:green">PASSED</font>'; } else { echo '<font style="color:red">ERROR</font>'; } ?></p>
<p>[SYSTEM]/workspace - <?php if($workspace) { echo '<font style="color:green">PASSED</font>'; } else { echo '<font style="color:red">ERROR</font>'; } ?></p>
<p>[SYSTEM]/plugins - <?php if($plugins) { echo '<font style="color:green">PASSED</font>'; } else { echo '<font style="color:red">ERROR</font>'; } ?></p>
<p>[SYSTEM]/themes - <?php if($themes) { echo '<font style="color:green">PASSED</font>'; } else { echo '<font style="color:red">ERROR</font>'; } ?></p>
<p>[SYSTEM]/data - <?php if($data) { echo '<font style="color:green">PASSED</font>'; } else { echo '<font style="color:red">ERROR</font>'; } ?></p>
<p>[SYSTEM]/config.php - <?php if ($config) {
echo '<font style="color:green">PASSED</font>';
} else {
echo '<font style="color:red">ERROR</font>';
} ?></p>
<p>[SYSTEM]/workspace - <?php if ($workspace) {
echo '<font style="color:green">PASSED</font>';
} else {
echo '<font style="color:red">ERROR</font>';
} ?></p>
<p>[SYSTEM]/plugins - <?php if ($plugins) {
echo '<font style="color:green">PASSED</font>';
} else {
echo '<font style="color:red">ERROR</font>';
} ?></p>
<p>[SYSTEM]/themes - <?php if ($themes) {
echo '<font style="color:green">PASSED</font>';
} else {
echo '<font style="color:red">ERROR</font>';
} ?></p>
<p>[SYSTEM]/data - <?php if ($data) {
echo '<font style="color:green">PASSED</font>';
} else {
echo '<font style="color:red">ERROR</font>';
} ?></p>
</div>
<?php if($register || $newrelic) { ?>
<?php if ($register || $newrelic) { ?>
<p><?php i18n("Please make sure these environmental variables are set:"); ?></p>
<div class="install_issues">
<?php if($register) { echo '<p>register_globals: Off</p>'; }
if($newrelic) { echo '<p>newrelic.enabled: Off</p>'; } ?>
<?php if ($register) {
echo '<p>register_globals: Off</p>';
}
if ($newrelic) {
echo '<p>newrelic.enabled: Off</p>';
} ?>
</div>
<?php } ?>
<button onclick="window.location.reload();">Re-Test</button>
<?php
}else{
} else {
?>
<form id="install">
<h1><?php i18n("Initial Setup"); ?></h1>
<label><?php i18n("Dependencies"); ?></label>
<div id="dependencies">
<?php foreach(array("ZIP", "OpenSSL", "MBString") as $dep) {
if(extension_loaded(strtolower($dep))) { ?>
<div class="success"><span class="icon-check"></span> <?=$dep?></div>
<?php } else { ?>
<div class="error"><span class="icon-cancel"></span> <?=$dep?></div>
<?php }
} ?>
</div>
<label><?php i18n("Dependencies"); ?></label>
<div id="dependencies">
<?php foreach (array("ZIP", "OpenSSL", "MBString") as $dep) {
if (extension_loaded(strtolower($dep))) { ?>
<div class="success"><span class="icon-check"></span> <?=$dep?></div>
<?php
} else { ?>
<div class="error"><span class="icon-cancel"></span> <?=$dep?></div>
<?php
}
} ?>
</div>
<input type="hidden" name="path" value="<?php echo($path); ?>">
@@ -117,7 +143,7 @@ if(!$workspace || !$data || !$config || $register || $newrelic){
<label><?php i18n("Folder Name or Absolute Path"); ?></label>
<input type="text" name="project_path" value="<?php echo($autocomplete['project_path']); ?>">
<hr>
<?php
<?php
$location = array(
"Pacific/Midway" => "(GMT-11:00) Midway Island, Samoa",
"America/Adak" => "(GMT-10:00) Hawaii-Aleutian",
@@ -210,21 +236,20 @@ if(!$workspace || !$data || !$config || $register || $newrelic){
"Pacific/Tongatapu" => "(GMT+13:00) Nuku'alofa",
"Pacific/Kiritimati" => "(GMT+14:00) Kiritimati",
);
?>
?>
<label><?php i18n("Timezone"); ?></label>
<select name="timezone">
<?php
foreach ($location as $key => $city) {
if ($autocomplete['timezone'] == $key) {
$timezones .= '<option selected="selected" value="' . $key . '">' . $city . '</option>';
<?php
foreach ($location as $key => $city) {
if ($autocomplete['timezone'] == $key) {
$timezones .= '<option selected="selected" value="' . $key . '">' . $city . '</option>';
} else {
$timezones .= '<option value="' . $key . '">' . $city . '</option>';
}
}
else {
$timezones .= '<option value="' . $key . '">' . $city . '</option>';
}
}
echo($timezones);
?>
echo($timezones);
?>
</select>
<button><?php i18n("Install"); ?></button>
@@ -239,26 +264,26 @@ if(!$workspace || !$data || !$config || $register || $newrelic){
$(function(){
$('html, body').css('overflow', 'auto');
// Automatically select first timezone with the appropriate GMT offset
function getTimeZoneString() {
var num = new Date().getTimezoneOffset();
if (num === 0) {
return "GMT";
} else {
var hours = Math.floor(num / 60);
var minutes = Math.floor((num - (hours * 60)));
// Automatically select first timezone with the appropriate GMT offset
function getTimeZoneString() {
var num = new Date().getTimezoneOffset();
if (num === 0) {
return "GMT";
} else {
var hours = Math.floor(num / 60);
var minutes = Math.floor((num - (hours * 60)));
if (hours < 10) hours = "0" + Math.abs(hours);
if (minutes < 10) minutes = "0" + Math.abs(minutes);
return "GMT" + (num < 0 ? "+" : "-") + hours + ":" + minutes;
}
}
var timezone = getTimeZoneString();
$("[name=timezone] option").each(function() {
if($(this).text().indexOf(timezone) > -1) $("[name=timezone]").val($(this).val());
})
if (hours < 10) hours = "0" + Math.abs(hours);
if (minutes < 10) minutes = "0" + Math.abs(minutes);
return "GMT" + (num < 0 ? "+" : "-") + hours + ":" + minutes;
}
}
var timezone = getTimeZoneString();
$("[name=timezone] option").each(function() {
if($(this).text().indexOf(timezone) > -1) $("[name=timezone]").val($(this).val());
})
$('#install').on('submit',function(e){
e.preventDefault();

392
components/market/class.market.php
View File

@@ -8,7 +8,8 @@
require_once('../../common.php');
class Market extends Common {
class Market extends Common
{
//////////////////////////////////////////////////////////////////
// PROPERTIES
@@ -30,10 +31,11 @@ class Market extends Common {
// Construct
//////////////////////////////////////////////////////////////////
public function __construct(){
public function __construct()
{
// initial setup
if(!file_exists(DATA.'/cache')) {
mkdir(DATA.'/cache');
if (!file_exists(DATA.'/cache')) {
mkdir(DATA.'/cache');
}
// get existing data
@@ -42,159 +44,159 @@ class Market extends Common {
$this->url = Common::getConstant('MARKETURL', $this->url);
// load market from server
if(!file_exists(DATA.'/cache/market.current')) {
$optout = "";
foreach($this->local as $key=>$value) {
foreach($value as $data) {
if(trim($data) != '') {
if(file_exists(BASE_PATH.'/'.$key.'/'.$data.'/'.rtrim($key, "s").'.json')) {
$tmp = json_decode(file_get_contents(BASE_PATH.'/'.$key.'/'.$data.'/'.rtrim($key, "s").'.json'),true);
if(substr($tmp[0]['url'],-4) == '.git') {
$tmp[0]['url'] = substr($tmp[0]['url'],0,-4);
}
$optout .= rtrim($key, "s").":".array_pop(explode('/', $tmp[0]['url'])).",";
if (!file_exists(DATA.'/cache/market.current')) {
$optout = "";
foreach ($this->local as $key => $value) {
foreach ($value as $data) {
if (trim($data) != '') {
if (file_exists(BASE_PATH.'/'.$key.'/'.$data.'/'.rtrim($key, "s").'.json')) {
$tmp = json_decode(file_get_contents(BASE_PATH.'/'.$key.'/'.$data.'/'.rtrim($key, "s").'.json'), true);
if (substr($tmp[0]['url'], -4) == '.git') {
$tmp[0]['url'] = substr($tmp[0]['url'], 0, -4);
}
$optout .= rtrim($key, "s").":".array_pop(explode('/', $tmp[0]['url'])).",";
}
}
}
}
}
}
file_put_contents(DATA.'/cache/market.current',file_get_contents($this->url.'/?o='.substr($optout,0,-1)));
copy(DATA.'/cache/market.current',DATA.'/cache/market.last');
file_put_contents(DATA.'/cache/market.current', file_get_contents($this->url.'/?o='.substr($optout, 0, -1)));
copy(DATA.'/cache/market.current', DATA.'/cache/market.last');
} else {
if (time()-filemtime(DATA.'/cache/market.current') > 24 * 3600) {
copy(DATA.'/cache/market.current',DATA.'/cache/market.last');
file_put_contents(DATA.'/cache/market.current',file_get_contents($this->url));
}
if (time()-filemtime(DATA.'/cache/market.current') > 24 * 3600) {
copy(DATA.'/cache/market.current', DATA.'/cache/market.last');
file_put_contents(DATA.'/cache/market.current', file_get_contents($this->url));
}
}
// get current and last market cache to establish array
$this->old = json_decode(file_get_contents(DATA.'/cache/market.last'),true);
$this->remote = json_decode(file_get_contents(DATA.'/cache/market.current'),true);
$this->old = json_decode(file_get_contents(DATA.'/cache/market.last'), true);
$this->remote = json_decode(file_get_contents(DATA.'/cache/market.current'), true);
// internet connection could not be established
if($this->remote == '') {
$this->remote = array();
if ($this->remote == '') {
$this->remote = array();
}
// check old cache for new ones
$this->tmp = array();
foreach($this->remote as $key=>$data) {
$found = false;
foreach($this->old as $key=>$old) {
if($old['name'] == $data['name']) {
$found = true;
break;
foreach ($this->remote as $key => $data) {
$found = false;
foreach ($this->old as $key => $old) {
if ($old['name'] == $data['name']) {
$found = true;
break;
}
}
if (!$found && !isset($data['folder'])) {
$data['new'] = '1';
}
}
if(!$found && !isset($data['folder'])) {
$data['new'] = '1';
}
// check if folder exists for that extension
if(substr($data['url'],-4) == '.git') {
$data['url'] = substr($data['url'],0,-4);
}
if(file_exists(BASE_PATH.'/'.$data['type'].substr($data['url'],strrpos($data['url'],'/'.rtrim($data['type'],'s').'.json')))) {
$data['folder'] = substr($data['url'],strrpos($data['url'],'/')+1);
} else {
if(file_exists(BASE_PATH.'/'.$data['type'].substr($data['url'],strrpos($data['url'],'/')).'-master/'.rtrim($data['type'],'s').'.json')) {
$data['folder'] = substr($data['url'],strrpos($data['url'],'/')+1).'-master';
if (substr($data['url'], -4) == '.git') {
$data['url'] = substr($data['url'], 0, -4);
}
if (file_exists(BASE_PATH.'/'.$data['type'].substr($data['url'], strrpos($data['url'], '/'.rtrim($data['type'], 's').'.json')))) {
$data['folder'] = substr($data['url'], strrpos($data['url'], '/')+1);
} else {
if (file_exists(BASE_PATH.'/'.$data['type'].substr($data['url'], strrpos($data['url'], '/')).'-master/'.rtrim($data['type'], 's').'.json')) {
$data['folder'] = substr($data['url'], strrpos($data['url'], '/')+1).'-master';
}
}
}
array_push($this->tmp, $data);
array_push($this->tmp, $data);
}
$this->remote = $this->tmp;
// Scan plugins directory for missing plugins
foreach (scandir(PLUGINS) as $fname){
if($fname == '.' || $fname == '..' ){
continue;
}
if(is_dir(PLUGINS.'/'.$fname)){
$found = false;
foreach($this->remote as $key=>$data) {
if(isset($data['folder']) && $data['folder'] == $fname) {
foreach (scandir(PLUGINS) as $fname) {
if ($fname == '.' || $fname == '..') {
continue;
}
if (is_dir(PLUGINS.'/'.$fname)) {
$found = false;
foreach ($this->remote as $key => $data) {
if (isset($data['folder']) && $data['folder'] == $fname) {
$found = true;
break;
}
}
if(!$found && file_exists(PLUGINS . "/" . $fname . "/plugin.json")) {
$data = file_get_contents(PLUGINS . "/" . $fname . "/plugin.json");
$data = json_decode($data,true);
$data[0]['name'] = $fname;
$data[0]['folder'] = $fname;
$data[0]['type'] = 'plugins';
$data[0]['image'] = '';
$data[0]['count'] = -1;
$data[0]['remote'] = 0;
if(!isset($data[0]['description'])) {
$data[0]['description'] = 'Manual Installation';
}
array_push($this->remote, $data[0]);
}
}
}
if (!$found && file_exists(PLUGINS . "/" . $fname . "/plugin.json")) {
$data = file_get_contents(PLUGINS . "/" . $fname . "/plugin.json");
$data = json_decode($data, true);
$data[0]['name'] = $fname;
$data[0]['folder'] = $fname;
$data[0]['type'] = 'plugins';
$data[0]['image'] = '';
$data[0]['count'] = -1;
$data[0]['remote'] = 0;
if (!isset($data[0]['description'])) {
$data[0]['description'] = 'Manual Installation';
}
array_push($this->remote, $data[0]);
}
}
}
// Scan theme directory for missing plugins
foreach (scandir(THEMES) as $fname){
if($fname == '.' || $fname == '..' || $fname == 'default'){
continue;
}
if(is_dir(THEMES.'/'.$fname)){
$found = false;
foreach($this->remote as $key=>$data) {
if(isset($data['folder']) && $data['folder'] == $fname) {
foreach (scandir(THEMES) as $fname) {
if ($fname == '.' || $fname == '..' || $fname == 'default') {
continue;
}
if (is_dir(THEMES.'/'.$fname)) {
$found = false;
foreach ($this->remote as $key => $data) {
if (isset($data['folder']) && $data['folder'] == $fname) {
$found = true;
break;
}
}
if(!$found && file_exists(THEMES . "/" . $fname . "/theme.json")) {
$data = file_get_contents(THEMES . "/" . $fname . "/theme.json");
$data = json_decode($data,true);
$data[0]['name'] = $fname;
$data[0]['folder'] = $fname;
$data[0]['type'] = 'themes';
$data[0]['image'] = '';
$data[0]['count'] = -1;
$data[0]['remote'] = 0;
if(!isset($data[0]['description'])) {
$data[0]['description'] = 'Manual Installation';
}
array_push($this->remote, $data[0]);
}
}
}
if (!$found && file_exists(THEMES . "/" . $fname . "/theme.json")) {
$data = file_get_contents(THEMES . "/" . $fname . "/theme.json");
$data = json_decode($data, true);
$data[0]['name'] = $fname;
$data[0]['folder'] = $fname;
$data[0]['type'] = 'themes';
$data[0]['image'] = '';
$data[0]['count'] = -1;
$data[0]['remote'] = 0;
if (!isset($data[0]['description'])) {
$data[0]['description'] = 'Manual Installation';
}
array_push($this->remote, $data[0]);
}
}
}
// Check for updates
$this->tmp = array();
foreach($this->remote as $key=>$data) {
if(substr($data['url'],-4) == '.git') {
$data['url'] = substr($data['url'],0,-4);
}
foreach ($this->remote as $key => $data) {
if (substr($data['url'], -4) == '.git') {
$data['url'] = substr($data['url'], 0, -4);
}
// extension exists locally, so load its metadata
if(isset($data['folder'])) {
$local = json_decode(file_get_contents(BASE_PATH.'/'.$data['type'].'/'.$data['folder'].'/'.rtrim($data['type'],'s').'.json'),true);
if (isset($data['folder'])) {
$local = json_decode(file_get_contents(BASE_PATH.'/'.$data['type'].'/'.$data['folder'].'/'.rtrim($data['type'], 's').'.json'), true);
$remoteurl = str_replace('github.com','raw.github.com',$data['url']).'/master/'.rtrim($data['type'],'s').'.json';
$remoteurl = str_replace('github.com', 'raw.github.com', $data['url']).'/master/'.rtrim($data['type'], 's').'.json';
if(!file_exists(DATA.'/cache/'.$data['folder'].'.current')) {
file_put_contents(DATA.'/cache/'.$data['folder'].'.current', file_get_contents($remoteurl));
} else {
if (time()-filemtime(DATA.'/cache/'.$data['folder'].'.current') > 24 * 3600) {
file_put_contents(DATA.'/cache/'.$data['folder'].'.current', file_get_contents($remoteurl));
if (!file_exists(DATA.'/cache/'.$data['folder'].'.current')) {
file_put_contents(DATA.'/cache/'.$data['folder'].'.current', file_get_contents($remoteurl));
} else {
if (time()-filemtime(DATA.'/cache/'.$data['folder'].'.current') > 24 * 3600) {
file_put_contents(DATA.'/cache/'.$data['folder'].'.current', file_get_contents($remoteurl));
}
}
}
$remote = json_decode(file_get_contents(DATA.'/cache/'.$data['folder'].'.current'),true);
$remote = json_decode(file_get_contents(DATA.'/cache/'.$data['folder'].'.current'), true);
$data['version'] = $local[0]['version'];
if($remote[0]['version'] != $local[0]['version']) {
$data['update'] = $remote[0]['version'];
}
$data['remote'] = 0;
} else {
$data['remote'] = 1;
}
array_push($this->tmp, $data);
$data['version'] = $local[0]['version'];
if ($remote[0]['version'] != $local[0]['version']) {
$data['update'] = $remote[0]['version'];
}
$data['remote'] = 0;
} else {
$data['remote'] = 1;
}
array_push($this->tmp, $data);
}
$this->remote = $this->tmp;
}
@@ -203,46 +205,47 @@ class Market extends Common {
// Install Plugin
//////////////////////////////////////////////////////////////////
public function Install($type, $name, $repo){
if(substr($repo,-4) == '.git') {
$repo = substr($repo,0,-4);
public function Install($type, $name, $repo)
{
if (substr($repo, -4) == '.git') {
$repo = substr($repo, 0, -4);
}
if($type == '') {
$file_headers = @get_headers(str_replace('github.com','raw.github.com',$repo.'/master/plugin.json'));
if($file_headers[0] != 'HTTP/1.1 404 Not Found') {
$type = 'plugins';
} else {
$file_headers = @get_headers(str_replace('github.com','raw.github.com',$repo.'/master/theme.json'));
if($file_headers[0] != 'HTTP/1.1 404 Not Found') {
$type = 'themes';
} else {
die(formatJSEND("error","Invalid Repository"));
}
}
if ($type == '') {
$file_headers = @get_headers(str_replace('github.com', 'raw.github.com', $repo.'/master/plugin.json'));
if ($file_headers[0] != 'HTTP/1.1 404 Not Found') {
$type = 'plugins';
} else {
$file_headers = @get_headers(str_replace('github.com', 'raw.github.com', $repo.'/master/theme.json'));
if ($file_headers[0] != 'HTTP/1.1 404 Not Found') {
$type = 'themes';
} else {
die(formatJSEND("error", "Invalid Repository"));
}
}
} else {
$reponame = explode('/', $repo);
$tmp = file_get_contents($this->url.'/?t='.rtrim($type, "s").'&i='.str_replace("-master","", $reponame[sizeof($repo)-1]));
$tmp = file_get_contents($this->url.'/?t='.rtrim($type, "s").'&i='.str_replace("-master", "", $reponame[sizeof($repo)-1]));
}
if(file_put_contents(BASE_PATH.'/'.$type.'/'.$name.'.zip', fopen($repo.'/archive/master.zip', 'r'))) {
if (file_put_contents(BASE_PATH.'/'.$type.'/'.$name.'.zip', fopen($repo.'/archive/master.zip', 'r'))) {
$zip = new ZipArchive;
$res = $zip->open(BASE_PATH.'/'.$type.'/'.$name.'.zip');
// open downloaded archive
if ($res === TRUE) {
if ($res === true) {
// extract archive
if($zip->extractTo(BASE_PATH.'/'.$type) === true) {
$zip->close();
} else {
die(formatJSEND("error","Unable to open ".$name.".zip"));
}
if ($zip->extractTo(BASE_PATH.'/'.$type) === true) {
$zip->close();
} else {
die(formatJSEND("error", "Unable to open ".$name.".zip"));
}
} else {
die(formatJSEND("error","ZIP Extension not found"));
die(formatJSEND("error", "ZIP Extension not found"));
}
unlink(BASE_PATH.'/'.$type.'/'.$name.'.zip');
// Response
echo formatJSEND("success",null);
echo formatJSEND("success", null);
} else {
die(formatJSEND("error","Unable to download ".$repo));
die(formatJSEND("error", "Unable to download ".$repo));
}
}
@@ -250,36 +253,41 @@ class Market extends Common {
// Remove Plugin
//////////////////////////////////////////////////////////////////
public function Remove($type, $name){
function rrmdir($path){
public function Remove($type, $name)
{
function rrmdir($path)
{
return is_file($path)?
@unlink($path):
@array_map('rrmdir',glob($path.'/*'))==@rmdir($path);
@array_map('rrmdir', glob($path.'/*'))==@rmdir($path);
}
rrmdir(BASE_PATH.'/'.$type.'/'.$name);
echo formatJSEND("success",null);
echo formatJSEND("success", null);
}
//////////////////////////////////////////////////////////////////
// Update Plugin
//////////////////////////////////////////////////////////////////
public function Update($type, $name){
function rrmdir($path){
public function Update($type, $name)
{
function rrmdir($path)
{
return is_file($path)?
@unlink($path):
@array_map('rrmdir',glob($path.'/*'))==@rmdir($path);
@array_map('rrmdir', glob($path.'/*'))==@rmdir($path);
}
function cpy($source, $dest, $ign){
if(is_dir($source)) {
function cpy($source, $dest, $ign)
{
if (is_dir($source)) {
$dir_handle=opendir($source);
while($file=readdir($dir_handle)){
if(!in_array($file, $ign)){
if(is_dir($source."/".$file)){
if(!file_exists($dest."/".$file)) {
mkdir($dest."/".$file);
while ($file=readdir($dir_handle)) {
if (!in_array($file, $ign)) {
if (is_dir($source."/".$file)) {
if (!file_exists($dest."/".$file)) {
mkdir($dest."/".$file);
}
cpy($source."/".$file, $dest."/".$file, $ign);
} else {
@@ -293,52 +301,52 @@ class Market extends Common {
}
}
if(file_exists(BASE_PATH.'/'.$type.'/'.$name.'/'.rtrim($type, "s").'.json')) {
$data = json_decode(file_get_contents(BASE_PATH.'/'.$type.'/'.$name.'/'.rtrim($type, "s").'.json'),true);
if(substr($data[0]['url'],-4) == '.git') {
$data[0]['url'] = substr($data[0]['url'],0,-4);
if (file_exists(BASE_PATH.'/'.$type.'/'.$name.'/'.rtrim($type, "s").'.json')) {
$data = json_decode(file_get_contents(BASE_PATH.'/'.$type.'/'.$name.'/'.rtrim($type, "s").'.json'), true);
if (substr($data[0]['url'], -4) == '.git') {
$data[0]['url'] = substr($data[0]['url'], 0, -4);
}
$data[0]['url'] .= '/archive/master.zip';
$ign = array(".","..");
if(isset($data[0]['exclude'])) {
foreach(explode(",",$data[0]['exclude']) as $exclude) {
array_push($ign, $exclude);
}
if (isset($data[0]['exclude'])) {
foreach (explode(",", $data[0]['exclude']) as $exclude) {
array_push($ign, $exclude);
}
}
if(file_exists(BASE_PATH.'/'.$type.'/_'.session_id()) || mkdir(BASE_PATH.'/'.$type.'/_'.session_id())) {
if(file_put_contents(BASE_PATH.'/'.$type.'/_'.session_id().'/'.$name.'.zip', fopen($data[0]['url'], 'r'))) {
$zip = new ZipArchive;
$res = $zip->open(BASE_PATH.'/'.$type.'/_'.session_id().'/'.$name.'.zip');
// open downloaded archive
if ($res === TRUE) {
// extract archive
if($zip->extractTo(BASE_PATH.'/'.$type.'/_'.session_id().'') === true) {
$zip->close();
$srcname = $name;
if(substr($srcname, -6) != "master") {
$srcname = $srcname.'-master';
}
cpy(BASE_PATH.'/'.$type.'/_'.session_id().'/'.$srcname, BASE_PATH.'/'.$type.'/'.$name, $ign);
if (file_exists(BASE_PATH.'/'.$type.'/_'.session_id()) || mkdir(BASE_PATH.'/'.$type.'/_'.session_id())) {
if (file_put_contents(BASE_PATH.'/'.$type.'/_'.session_id().'/'.$name.'.zip', fopen($data[0]['url'], 'r'))) {
$zip = new ZipArchive;
$res = $zip->open(BASE_PATH.'/'.$type.'/_'.session_id().'/'.$name.'.zip');
// open downloaded archive
if ($res === true) {
// extract archive
if ($zip->extractTo(BASE_PATH.'/'.$type.'/_'.session_id().'') === true) {
$zip->close();
$srcname = $name;
if (substr($srcname, -6) != "master") {
$srcname = $srcname.'-master';
}
cpy(BASE_PATH.'/'.$type.'/_'.session_id().'/'.$srcname, BASE_PATH.'/'.$type.'/'.$name, $ign);
} else {
die(formatJSEND("error", "Unable to open ".$name.".zip"));
}
} else {
die(formatJSEND("error","Unable to open ".$name.".zip"));
die(formatJSEND("error", "ZIP Extension not found"));
}
} else {
die(formatJSEND("error","ZIP Extension not found"));
}
rrmdir(BASE_PATH.'/'.$type.'/_'.session_id());
// Response
echo formatJSEND("success",null);
} else {
die(formatJSEND("error","Unable to download ".$repo));
}
rrmdir(BASE_PATH.'/'.$type.'/_'.session_id());
// Response
echo formatJSEND("success", null);
} else {
die(formatJSEND("error", "Unable to download ".$repo));
}
} else {
die(formatJSEND("error","Unable to create temp dir "));
die(formatJSEND("error", "Unable to create temp dir "));
}
} else {
echo formatJSEND("error","Unable to find ".$name);
echo formatJSEND("error", "Unable to find ".$name);
}
}
}

28
components/market/controller.php
View File

@@ -22,30 +22,28 @@
// Install
//////////////////////////////////////////////////////////////////
if($_GET['action']=='install'){
if(checkAccess()) {
$market->Install($_GET['type'], $_GET['name'], $_GET['repo']);
}
if ($_GET['action']=='install') {
if (checkAccess()) {
$market->Install($_GET['type'], $_GET['name'], $_GET['repo']);
}
}
//////////////////////////////////////////////////////////////////
// Remove
// Remove
//////////////////////////////////////////////////////////////////
if($_GET['action']=='remove'){
if(checkAccess()) {
$market->Remove($_GET['type'], $_GET['name']);
}
if ($_GET['action']=='remove') {
if (checkAccess()) {
$market->Remove($_GET['type'], $_GET['name']);
}
}
//////////////////////////////////////////////////////////////////
// Update
//////////////////////////////////////////////////////////////////
if($_GET['action']=='update'){
if(checkAccess()) {
$market->Update($_GET['type'], $_GET['name']);
}
if ($_GET['action']=='update') {
if (checkAccess()) {
$market->Update($_GET['type'], $_GET['name']);
}
?>
}

168
components/project/class.project.php
View File

@@ -8,7 +8,8 @@
require_once('../../common.php');
class Project extends Common {
class Project extends Common
{
//////////////////////////////////////////////////////////////////
// PROPERTIES
@@ -33,9 +34,10 @@ class Project extends Common {
// Construct
//////////////////////////////////////////////////////////////////
public function __construct(){
public function __construct()
{
$this->projects = getJSON('projects.php');
if(file_exists(BASE_PATH . "/data/" . $_SESSION['user'] . '_acl.php')){
if (file_exists(BASE_PATH . "/data/" . $_SESSION['user'] . '_acl.php')) {
$this->assigned = getJSON($_SESSION['user'] . '_acl.php');
}
}
@@ -44,26 +46,27 @@ class Project extends Common {
// Get First (Default, none selected)
//////////////////////////////////////////////////////////////////
public function GetFirst(){
public function GetFirst()
{
$projects_assigned = false;
if($this->assigned){
foreach($this->projects as $project=>$data){
if(in_array($data['path'],$this->assigned)){
if ($this->assigned) {
foreach ($this->projects as $project => $data) {
if (in_array($data['path'], $this->assigned)) {
$this->name = $data['name'];
$this->path = $data['path'];
break;
}
}
}else{
} else {
$this->name = $this->projects[0]['name'];
$this->path = $this->projects[0]['path'];
}
// Set Sessions
$_SESSION['project'] = $this->path;
if(!$this->no_return){
echo formatJSEND("success",array("name"=>$this->name,"path"=>$this->path));
if (!$this->no_return) {
echo formatJSEND("success", array("name"=>$this->name,"path"=>$this->path));
}
}
@@ -71,9 +74,10 @@ class Project extends Common {
// Get Name From Path
//////////////////////////////////////////////////////////////////
public function GetName(){
foreach($this->projects as $project=>$data){
if($data['path']==$this->path){
public function GetName()
{
foreach ($this->projects as $project => $data) {
if ($data['path']==$this->path) {
$this->name = $data['name'];
}
}
@@ -84,19 +88,20 @@ class Project extends Common {
// Open Project
//////////////////////////////////////////////////////////////////
public function Open(){
public function Open()
{
$pass = false;
foreach($this->projects as $project=>$data){
if($data['path']==$this->path){
foreach ($this->projects as $project => $data) {
if ($data['path']==$this->path) {
$pass = true;
$this->name = $data['name'];
$_SESSION['project'] = $data['path'];
}
}
if($pass){
echo formatJSEND("success",array("name"=>$this->name,"path"=>$this->path));
}else{
echo formatJSEND("error","Error Opening Project");
if ($pass) {
echo formatJSEND("success", array("name"=>$this->name,"path"=>$this->path));
} else {
echo formatJSEND("error", "Error Opening Project");
}
}
@@ -104,47 +109,48 @@ class Project extends Common {
// Create
//////////////////////////////////////////////////////////////////
public function Create(){
if($this->name != '' && $this->path != '') {
public function Create()
{
if ($this->name != '' && $this->path != '') {
$this->path = $this->cleanPath();
$this->name = htmlspecialchars($this->name);
if(!$this->isAbsPath($this->path)) {
if (!$this->isAbsPath($this->path)) {
$this->path = $this->SanitizePath();
}
if($this->path != '') {
if ($this->path != '') {
$pass = $this->checkDuplicate();
if($pass){
if(!$this->isAbsPath($this->path)) {
if ($pass) {
if (!$this->isAbsPath($this->path)) {
mkdir(WORKSPACE . '/' . $this->path);
} else {
if(defined('WHITEPATHS')) {
if (defined('WHITEPATHS')) {
$allowed = false;
foreach (explode(",",WHITEPATHS) as $whitepath) {
if(strpos($this->path, $whitepath) === 0) {
foreach (explode(",", WHITEPATHS) as $whitepath) {
if (strpos($this->path, $whitepath) === 0) {
$allowed = true;
}
}
if(!$allowed) {
die(formatJSEND("error","Absolute Path Only Allowed for ".WHITEPATHS));
if (!$allowed) {
die(formatJSEND("error", "Absolute Path Only Allowed for ".WHITEPATHS));
}
}
if(!file_exists($this->path)) {
if(!mkdir($this->path.'/', 0755, true)) {
die(formatJSEND("error","Unable to create Absolute Path"));
if (!file_exists($this->path)) {
if (!mkdir($this->path.'/', 0755, true)) {
die(formatJSEND("error", "Unable to create Absolute Path"));
}
} else {
if(!is_writable($this->path) || !is_readable($this->path)) {
die(formatJSEND("error","No Read/Write Permission"));
if (!is_writable($this->path) || !is_readable($this->path)) {
die(formatJSEND("error", "No Read/Write Permission"));
}
}
}
$this->projects[] = array("name"=>$this->name,"path"=>$this->path);
saveJSON('projects.php',$this->projects);
saveJSON('projects.php', $this->projects);
// Pull from Git Repo?
if($this->gitrepo && filter_var($this->gitrepo, FILTER_VALIDATE_URL) !== false){
if ($this->gitrepo && filter_var($this->gitrepo, FILTER_VALIDATE_URL) !== false) {
$this->git_branch = $this->SanitizeGitBranch();
if(!$this->isAbsPath($this->path)) {
if (!$this->isAbsPath($this->path)) {
$this->command_exec = "cd " . escapeshellarg(WORKSPACE . '/' . $this->path) . " && git init && git remote add origin " . escapeshellarg($this->gitrepo) . " && git pull origin " . escapeshellarg($this->gitbranch);
} else {
$this->command_exec = "cd " . escapeshellarg($this->path) . " && git init && git remote add origin " . escapeshellarg($this->gitrepo) . " && git pull origin " . escapeshellarg($this->gitbranch);
@@ -152,15 +158,15 @@ class Project extends Common {
$this->ExecuteCMD();
}
echo formatJSEND("success",array("name"=>$this->name,"path"=>$this->path));
}else{
echo formatJSEND("error","A Project With the Same Name or Path Exists");
echo formatJSEND("success", array("name"=>$this->name,"path"=>$this->path));
} else {
echo formatJSEND("error", "A Project With the Same Name or Path Exists");
}
} else {
echo formatJSEND("error","Project Name/Folder not allowed");
echo formatJSEND("error", "Project Name/Folder not allowed");
}
} else {
echo formatJSEND("error","Project Name/Folder is empty");
echo formatJSEND("error", "Project Name/Folder is empty");
}
}
@@ -168,44 +174,47 @@ class Project extends Common {
// Sanitize GitBranch
//////////////////////////////////////////////////////////////////
public function SanitizeGitBranch(){
$sanitized = str_replace(array("..",chr(40), chr(177),"~","^",":","?","*","[","@{","\\"),array(""),$this->git_branch);
public function SanitizeGitBranch()
{
$sanitized = str_replace(array("..",chr(40), chr(177),"~","^",":","?","*","[","@{","\\"), array(""), $this->git_branch);
return $sanitized;
}
}
//////////////////////////////////////////////////////////////////
// Rename
//////////////////////////////////////////////////////////////////
public function Rename(){
public function Rename()
{
$revised_array = array();
foreach($this->projects as $project=>$data){
if($data['path']!=$this->path){
foreach ($this->projects as $project => $data) {
if ($data['path']!=$this->path) {
$revised_array[] = array("name"=>$data['name'],"path"=>$data['path']);
}
}
$revised_array[] = $this->projects[] = array("name"=>$_GET['project_name'],"path"=>$this->path);
// Save array back to JSON
saveJSON('projects.php',$revised_array);
saveJSON('projects.php', $revised_array);
// Response
echo formatJSEND("success",null);
echo formatJSEND("success", null);
}
//////////////////////////////////////////////////////////////////
// Delete Project
//////////////////////////////////////////////////////////////////
public function Delete(){
public function Delete()
{
$revised_array = array();
foreach($this->projects as $project=>$data){
if($data['path']!=$this->path){
foreach ($this->projects as $project => $data) {
if ($data['path']!=$this->path) {
$revised_array[] = array("name"=>$data['name'],"path"=>$data['path']);
}
}
// Save array back to JSON
saveJSON('projects.php',$revised_array);
saveJSON('projects.php', $revised_array);
// Response
echo formatJSEND("success",null);
echo formatJSEND("success", null);
}
@@ -213,10 +222,11 @@ class Project extends Common {
// Check Duplicate
//////////////////////////////////////////////////////////////////
public function CheckDuplicate(){
public function CheckDuplicate()
{
$pass = true;
foreach($this->projects as $project=>$data){
if($data['name']==$this->name || $data['path']==$this->path){
foreach ($this->projects as $project => $data) {
if ($data['name']==$this->name || $data['path']==$this->path) {
$pass = false;
}
}
@@ -227,8 +237,9 @@ class Project extends Common {
// Sanitize Path
//////////////////////////////////////////////////////////////////
public function SanitizePath(){
$sanitized = str_replace(" ","_",$this->path);
public function SanitizePath()
{
$sanitized = str_replace(" ", "_", $this->path);
return preg_replace('/[^\w-]/', '', $sanitized);
}
@@ -236,14 +247,16 @@ class Project extends Common {
// Clean Path
//////////////////////////////////////////////////////////////////
function cleanPath(){
public function cleanPath()
{
// prevent Poison Null Byte injections
$path = str_replace(chr(0), '', $this->path );
$path = str_replace(chr(0), '', $this->path);
// prevent go out of the workspace
while (strpos($path , '../') !== false)
$path = str_replace( '../', '', $path );
while (strpos($path, '../') !== false) {
$path = str_replace('../', '', $path);
}
return $path;
}
@@ -252,26 +265,23 @@ class Project extends Common {
// Execute Command
//////////////////////////////////////////////////////////////////
public function ExecuteCMD(){
if(function_exists('system')){
public function ExecuteCMD()
{
if (function_exists('system')) {
ob_start();
system($this->command_exec);
ob_end_clean();
}
//passthru
else if(function_exists('passthru')){
} //passthru
elseif (function_exists('passthru')) {
ob_start();
passthru($this->command_exec);
ob_end_clean();
}
//exec
else if(function_exists('exec')){
exec($this->command_exec , $this->output);
}
//shell_exec
else if(function_exists('shell_exec')){
} //exec
elseif (function_exists('exec')) {
exec($this->command_exec, $this->output);
} //shell_exec
elseif (function_exists('shell_exec')) {
shell_exec($this->command_exec);
}
}
}

104
components/project/controller.php
View File

@@ -23,87 +23,91 @@
//////////////////////////////////////////////////////////////////
$no_return = false;
if(isset($_GET['no_return'])){ $no_return = true; }
if (isset($_GET['no_return'])) {
$no_return = true;
}
if($_GET['action']=='get_current'){
if(!isset($_SESSION['project'])){
// Load default/first project
if($no_return){ $Project->no_return = true; }
$Project->GetFirst();
}else{
// Load current
$Project->path = $_SESSION['project'];
$project_name = $Project->GetName();
if(!$no_return){ echo formatJSEND("success",array("name"=>$project_name,"path"=>$_SESSION['project'])); }
if ($_GET['action']=='get_current') {
if (!isset($_SESSION['project'])) {
// Load default/first project
if ($no_return) {
$Project->no_return = true;
}
$Project->GetFirst();
} else {
// Load current
$Project->path = $_SESSION['project'];
$project_name = $Project->GetName();
if (!$no_return) {
echo formatJSEND("success", array("name"=>$project_name,"path"=>$_SESSION['project']));
}
}
}
//////////////////////////////////////////////////////////////////
// Open Project
//////////////////////////////////////////////////////////////////
if($_GET['action']=='open'){
if (!checkPath($_GET['path'])) {
die(formatJSEND("error","No Access"));
}
$Project->path = $_GET['path'];
$Project->Open();
if ($_GET['action']=='open') {
if (!checkPath($_GET['path'])) {
die(formatJSEND("error", "No Access"));
}
$Project->path = $_GET['path'];
$Project->Open();
}
//////////////////////////////////////////////////////////////////
// Create Project
//////////////////////////////////////////////////////////////////
if($_GET['action']=='create'){
if(checkAccess()) {
$Project->name = $_GET['project_name'];
if($_GET['project_path'] != '') {
$Project->path = $_GET['project_path'];
} else {
$Project->path = $_GET['project_name'];
}
// Git Clone?
if(!empty($_GET['git_repo'])){
$Project->gitrepo = $_GET['git_repo'];
$Project->gitbranch = $_GET['git_branch'];
}
$Project->Create();
if ($_GET['action']=='create') {
if (checkAccess()) {
$Project->name = $_GET['project_name'];
if ($_GET['project_path'] != '') {
$Project->path = $_GET['project_path'];
} else {
$Project->path = $_GET['project_name'];
}
// Git Clone?
if (!empty($_GET['git_repo'])) {
$Project->gitrepo = $_GET['git_repo'];
$Project->gitbranch = $_GET['git_branch'];
}
$Project->Create();
}
}
//////////////////////////////////////////////////////////////////
// Rename Project
//////////////////////////////////////////////////////////////////
if($_GET['action']=='rename'){
if (!checkPath($_GET['project_path'])) {
die(formatJSEND("error","No Access"));
}
$Project->path = $_GET['project_path'];
$Project->Rename();
if ($_GET['action']=='rename') {
if (!checkPath($_GET['project_path'])) {
die(formatJSEND("error", "No Access"));
}
$Project->path = $_GET['project_path'];
$Project->Rename();
}
//////////////////////////////////////////////////////////////////
// Delete Project
//////////////////////////////////////////////////////////////////
if($_GET['action']=='delete'){
if(checkAccess()) {
$Project->path = $_GET['project_path'];
$Project->Delete();
}
if ($_GET['action']=='delete') {
if (checkAccess()) {
$Project->path = $_GET['project_path'];
$Project->Delete();
}
}
//////////////////////////////////////////////////////////////////
// Return Current
//////////////////////////////////////////////////////////////////
if($_GET['action']=='current'){
if(isset($_SESSION['project'])){
echo formatJSEND("success",$_SESSION['project']);
}else{
echo formatJSEND("error","No Project Returned");
}
if ($_GET['action']=='current') {
if (isset($_SESSION['project'])) {
echo formatJSEND("success", $_SESSION['project']);
} else {
echo formatJSEND("error", "No Project Returned");
}
?>
}

14
components/settings/class.settings.php
View File

@@ -6,7 +6,8 @@
* [root]/license.txt for more. This information must remain intact.
*/
class Settings {
class Settings
{
//////////////////////////////////////////////////////////////////
// PROPERTIES
@@ -25,13 +26,16 @@ class Settings {
// Construct
//////////////////////////////////////////////////////////////////
public function __construct(){}
public function __construct()
{
}
//////////////////////////////////////////////////////////////////
// Save User Settings
//////////////////////////////////////////////////////////////////
public function Save(){
public function Save()
{
if (!file_exists(DATA . "/settings.php")) {
saveJSON('settings.php', array($this->username => array('codiad.username' => $this->username)));
}
@@ -47,12 +51,12 @@ class Settings {
// Load User Settings
//////////////////////////////////////////////////////////////////
public function Load(){
public function Load()
{
if (!file_exists(DATA . "/settings.php")) {
saveJSON('settings.php', array($this->username => array('codiad.username' => $this->username)));
}
$settings = getJSON('settings.php');
echo formatJSEND("success", $settings[$this->username]);
}
}

32
components/settings/controller.php
View File

@@ -9,9 +9,9 @@
require_once('../../common.php');
require_once('class.settings.php');
if(!isset($_GET['action'])){
die(formatJSEND("error","Missing parameter"));
}
if (!isset($_GET['action'])) {
die(formatJSEND("error", "Missing parameter"));
}
//////////////////////////////////////////////////////////////////
// Verify Session or Key
@@ -25,23 +25,21 @@
// Save User Settings
//////////////////////////////////////////////////////////////////
if($_GET['action']=='save'){
if(!isset($_POST['settings'])){
die(formatJSEND("error","Missing settings"));
}
$Settings->username = $_SESSION['user'];
$Settings->settings = json_decode($_POST['settings'], true);
$Settings->Save();
if ($_GET['action']=='save') {
if (!isset($_POST['settings'])) {
die(formatJSEND("error", "Missing settings"));
}
$Settings->username = $_SESSION['user'];
$Settings->settings = json_decode($_POST['settings'], true);
$Settings->Save();
}
//////////////////////////////////////////////////////////////////
// Load User Settings
//////////////////////////////////////////////////////////////////
if($_GET['action']=='load'){
$Settings->username = $_SESSION['user'];
$Settings->Load();
}
?>
if ($_GET['action']=='load') {
$Settings->username = $_SESSION['user'];
$Settings->Load();
}

12
components/settings/settings.editor.php
View File

@@ -11,9 +11,9 @@
<td>
<select class="setting" data-setting="codiad.editor.theme">
<option value="ambiance">Ambiance</option>
<option value="ambiance">Ambiance</option>
<option value="chaos">Chaos</option>
<option value="chrome">Chrome</option>
<option value="chrome">Chrome</option>
<option value="clouds">Clouds</option>
<option value="clouds_midnight">Clouds - Midnight</option>
<option value="cobalt">Cobalt</option>
@@ -23,10 +23,10 @@
<option value="eclipse">Eclipse</option>
<option value="github">GitHub</option>
<option value="idle_fingers">Idle Fingers</option>
<option value="iplastic">IPlastic</option>
<option value="iplastic">IPlastic</option>
<option value="katzenmilch">Katzenmilch</option>
<option value="kuroir">Kuroir</option>
<option value="kr_theme">krTheme</option>
<option value="kr_theme">krTheme</option>
<option value="merbivore">Merbivore</option>
<option value="merbivore_soft">Merbivore Soft</option>
<option value="mono_industrial">Mono Industrial</option>
@@ -34,7 +34,7 @@
<option value="pastel_on_dark">Pastel On Dark</option>
<option value="solarized_dark">Solarized Dark</option>
<option value="solarized_light">Solarized Light</option>
<option value="sqlserver">SQL Server</option>
<option value="sqlserver">SQL Server</option>
<option value="terminal">Terminal</option>
<option value="textmate">Textmate</option>
<option value="tomorrow">Tomorrow</option>
@@ -44,7 +44,7 @@
<option value="tomorrow_night_eighties">Tomorrow Night Eighties</option>
<option value="twilight" selected>Twilight</option>
<option value="vibrant_ink">Vibrant Ink</option>
<option value="xcode">XCode</option>
<option value="xcode">XCode</option>
</select>
</td>

2
components/settings/settings.system.php
View File

@@ -1,4 +1,4 @@
<?php
<?php
require_once('../../common.php');
?>
<label><span class="icon-doc-text big-icon"></span><?php i18n("System Settings"); ?></label>

91
components/update/class.update.php
View File

@@ -6,7 +6,8 @@
* [root]/license.txt for more. This information must remain intact.
*/
class Update {
class Update
{
//////////////////////////////////////////////////////////////////
// PROPERTIES
@@ -26,8 +27,9 @@ class Update {
// Construct
//////////////////////////////////////////////////////////////////
public function __construct(){
ini_set("user_agent" , "Codiad");
public function __construct()
{
ini_set("user_agent", "Codiad");
$this->remote = "http://update.codiad.com/?v={VER}&o={OS}&p={PHP}&w={WEB}&a={ACT}";
$this->commits = "https://api.github.com/repos/Codiad/Codiad/commits";
$this->archive = "https://github.com/Codiad/Codiad/archive/master.zip";
@@ -37,42 +39,43 @@ class Update {
// Set Initial Version
//////////////////////////////////////////////////////////////////
public function Init() {
public function Init()
{
$version = array();
if(!file_exists(DATA ."/version.php")) {
if(file_exists(BASE_PATH."/.git/HEAD")) {
if (!file_exists(DATA ."/version.php")) {
if (file_exists(BASE_PATH."/.git/HEAD")) {
$remote = $this->getRemoteVersion("install_git");
$local = $this->getLocalVersion();
$version[] = array("version"=>$local[0]['version'],"time"=>time(),"optout"=>"true","name"=>"");
saveJSON('version.php',$version);
saveJSON('version.php', $version);
} else {
$remote = $this->getRemoteVersion("install_man");
$version[] = array("version"=>$remote[0]["commit"]["sha"],"time"=>time(),"optout"=>"true","name"=>"");
saveJSON('version.php',$version);
saveJSON('version.php', $version);
}
} else {
$local = $this->getLocalVersion();
if(file_exists(BASE_PATH."/.git/HEAD")) {
if (file_exists(BASE_PATH."/.git/HEAD")) {
$current = getJSON('version.php');
if($local[0]['version'] != $current[0]['version']) {
if ($local[0]['version'] != $current[0]['version']) {
$remote = $this->getRemoteVersion("update_git", $local[0]['version']);
$version[] = array("version"=>$local[0]['version'],"time"=>time(),"optout"=>"true","name"=>"");
saveJSON('version.php',$version);
saveJSON('version.php', $version);
}
} else {
if($local[0]['version'] == '' && $local[0]['name'] == $_SESSION['user']) {
$remote = $this->getRemoteVersion("update_man", $local[0]['version']);
$version[] = array("version"=>$remote[0]["commit"]["sha"],"time"=>time(),"optout"=>"true","name"=>$_SESSION['user']);
saveJSON('version.php',$version);
}
if ($local[0]['version'] == '' && $local[0]['name'] == $_SESSION['user']) {
$remote = $this->getRemoteVersion("update_man", $local[0]['version']);
$version[] = array("version"=>$remote[0]["commit"]["sha"],"time"=>time(),"optout"=>"true","name"=>$_SESSION['user']);
saveJSON('version.php', $version);
}
}
$local = $this->getLocalVersion();
if(!isset($local[0]['optout'])) {
if (!isset($local[0]['optout'])) {
$remote = $this->getRemoteVersion("optout", $local[0]['version']);
$this->OptOut();
}
}
}
}
@@ -80,26 +83,29 @@ class Update {
// Clear Version
//////////////////////////////////////////////////////////////////
public function Clear() {
public function Clear()
{
$version[] = array("version"=>"","time"=>time(),"optout"=>"true","name"=>$_SESSION['user']);
saveJSON('version.php',$version);
saveJSON('version.php', $version);
}
//////////////////////////////////////////////////////////////////
// Clear Version
//////////////////////////////////////////////////////////////////
public function OptOut() {
public function OptOut()
{
$current = getJSON('version.php');
$version[] = array("version"=>$current[0]['version'],"time"=>$current[0]['time'],"optout"=>"true","name"=>$current[0]['name']);
saveJSON('version.php',$version);
saveJSON('version.php', $version);
}
//////////////////////////////////////////////////////////////////
// Check Version
//////////////////////////////////////////////////////////////////
public function Check() {
public function Check()
{
$local = $this->getLocalVersion();
$remote = $this->getRemoteVersion("check", $local[0]['version']);
@@ -107,12 +113,12 @@ class Update {
$archive = Common::getConstant('ARCHIVEURL', $this->archive);
$latest = '';
foreach($remote as $tag) {
if($latest == '') {
foreach ($remote as $tag) {
if ($latest == '') {
$latest = $tag["name"];
$archive = $tag["zipball_url"];
}
if($local[0]['version'] == $tag["commit"]["sha"]) {
if ($local[0]['version'] == $tag["commit"]["sha"]) {
$local[0]['version'] = $tag["name"];
$nightly = false;
break;
@@ -124,41 +130,42 @@ class Update {
$message = '';
$merge = '';
$commits = json_decode(file_get_contents(Common::getConstant('COMMITURL', $this->commits)),true);
foreach($commits as $commit) {
if($local[0]['version'] != $commit["sha"]) {
if(strpos($commit["commit"]["message"],"Merge") === false) {
$message .= '- '.str_replace($search,$replace,$commit["commit"]["message"]).'<br/>';
$commits = json_decode(file_get_contents(Common::getConstant('COMMITURL', $this->commits)), true);
foreach ($commits as $commit) {
if ($local[0]['version'] != $commit["sha"]) {
if (strpos($commit["commit"]["message"], "Merge") === false) {
$message .= '- '.str_replace($search, $replace, $commit["commit"]["message"]).'<br/>';
} else {
$merge .= '- '.str_replace($search,$replace,$commit["commit"]["message"]).'<br/>';
$merge .= '- '.str_replace($search, $replace, $commit["commit"]["message"]).'<br/>';
}
} else {
break;
}
}
if($message == '') {
if ($message == '') {
$message = $merge;
}
return "[".formatJSEND("success",array("currentversion"=>$local[0]['version'],"remoteversion"=>$latest,"message"=>$message,"archive"=>$archive,"nightly"=>$nightly,"name"=>$local[0]['name']))."]";
return "[".formatJSEND("success", array("currentversion"=>$local[0]['version'],"remoteversion"=>$latest,"message"=>$message,"archive"=>$archive,"nightly"=>$nightly,"name"=>$local[0]['name']))."]";
}
//////////////////////////////////////////////////////////////////
// Get Local Version
//////////////////////////////////////////////////////////////////
public function getLocalVersion() {
if(file_exists(BASE_PATH."/.git/HEAD")) {
public function getLocalVersion()
{
if (file_exists(BASE_PATH."/.git/HEAD")) {
$tmp = file_get_contents(BASE_PATH."/.git/HEAD");
if (strpos($tmp,"ref:") === false) {
if (strpos($tmp, "ref:") === false) {
$data[0]['version'] = trim($tmp);
} else {
$data[0]['version'] = trim(file_get_contents(BASE_PATH."/.git/".trim(str_replace('ref: ', '', $tmp))));
}
$data[0]['name'] = "";
if(file_exists(DATA ."/version.php")) {
$data[0]['optout'] = "true";
if (file_exists(DATA ."/version.php")) {
$data[0]['optout'] = "true";
}
} else {
$data = getJSON('version.php');
@@ -170,7 +177,8 @@ class Update {
// Get Remote Version
//////////////////////////////////////////////////////////////////
public function getRemoteVersion($action, $localversion = "") {
public function getRemoteVersion($action, $localversion = "")
{
$remoteurl = Common::getConstant('UPDATEURL', $this->remote);
$remoteurl = str_replace("{OS}", PHP_OS, $remoteurl);
$remoteurl = str_replace("{PHP}", phpversion(), $remoteurl);
@@ -178,7 +186,6 @@ class Update {
$remoteurl = str_replace("{WEB}", urlencode($_SERVER['SERVER_SOFTWARE']), $remoteurl);
$remoteurl = str_replace("{ACT}", $action, $remoteurl);
return json_decode(file_get_contents($remoteurl),true);
return json_decode(file_get_contents($remoteurl), true);
}
}

24
components/update/controller.php
View File

@@ -22,28 +22,26 @@
// Set Initial Version
//////////////////////////////////////////////////////////////////
if($_GET['action']=='init'){
$update->Init();
}
if ($_GET['action']=='init') {
$update->Init();
}
//////////////////////////////////////////////////////////////////
// Clear Version
//////////////////////////////////////////////////////////////////
if($_GET['action']=='clear'){
if(checkAccess()) {
$update->Clear();
}
if ($_GET['action']=='clear') {
if (checkAccess()) {
$update->Clear();
}
}
//////////////////////////////////////////////////////////////////
// OptOut
//////////////////////////////////////////////////////////////////
if($_GET['action']=='optout'){
if(checkAccess()) {
$update->OptOut();
}
if ($_GET['action']=='optout') {
if (checkAccess()) {
$update->OptOut();
}
?>
}

118
components/user/class.user.php
View File

@@ -6,7 +6,8 @@
* [root]/license.txt for more. This information must remain intact.
*/
class User {
class User
{
//////////////////////////////////////////////////////////////////
// PROPERTIES
@@ -31,7 +32,8 @@ class User {
// Construct
//////////////////////////////////////////////////////////////////
public function __construct(){
public function __construct()
{
$this->users = getJSON('users.php');
$this->actives = getJSON('active.php');
}
@@ -40,38 +42,45 @@ class User {
// Authenticate
//////////////////////////////////////////////////////////////////
public function Authenticate(){
public function Authenticate()
{
$pass = false;
$this->EncryptPassword();
$users = getJSON('users.php');
foreach($users as $user){
if($user['username']==$this->username && $user['password']==$this->password){
foreach ($users as $user) {
if ($user['username']==$this->username && $user['password']==$this->password) {
$pass = true;
$_SESSION['user'] = $this->username;
$_SESSION['lang'] = $this->lang;
$_SESSION['theme'] = $this->theme;
if($user['project']!=''){ $_SESSION['project'] = $user['project']; }
if ($user['project']!='') {
$_SESSION['project'] = $user['project'];
}
}
}
if($pass){ echo formatJSEND("success",array("username"=>$this->username)); }
else{ echo formatJSEND("error","Incorrect Username or Password"); }
if ($pass) {
echo formatJSEND("success", array("username"=>$this->username));
} else {
echo formatJSEND("error", "Incorrect Username or Password");
}
}
//////////////////////////////////////////////////////////////////
// Create Account
//////////////////////////////////////////////////////////////////
public function Create(){
public function Create()
{
$this->EncryptPassword();
$pass = $this->checkDuplicate();
if($pass){
if ($pass) {
$this->users[] = array("username"=>$this->username,"password"=>$this->password,"project"=>"");
saveJSON('users.php',$this->users);
echo formatJSEND("success",array("username"=>$this->username));
}else{
echo formatJSEND("error","The Username is Already Taken");
saveJSON('users.php', $this->users);
echo formatJSEND("success", array("username"=>$this->username));
} else {
echo formatJSEND("error", "The Username is Already Taken");
}
}
@@ -79,100 +88,105 @@ class User {
// Delete Account
//////////////////////////////////////////////////////////////////
public function Delete(){
public function Delete()
{
// Remove User
$revised_array = array();
foreach($this->users as $user=>$data){
if($data['username']!=$this->username){
foreach ($this->users as $user => $data) {
if ($data['username']!=$this->username) {
$revised_array[] = array("username"=>$data['username'],"password"=>$data['password'],"project"=>$data['project']);
}
}
// Save array back to JSON
saveJSON('users.php',$revised_array);
saveJSON('users.php', $revised_array);
// Remove any active files
foreach($this->actives as $active=>$data){
if($this->username==$data['username']){
foreach ($this->actives as $active => $data) {
if ($this->username==$data['username']) {
unset($this->actives[$active]);
}
}
saveJSON('active.php',$this->actives);
saveJSON('active.php', $this->actives);
// Remove access control list (if exists)
if(file_exists(BASE_PATH . "/data/" . $this->username . '_acl.php')){
if (file_exists(BASE_PATH . "/data/" . $this->username . '_acl.php')) {
unlink(BASE_PATH . "/data/" . $this->username . '_acl.php');
}
// Response
echo formatJSEND("success",null);
echo formatJSEND("success", null);
}
//////////////////////////////////////////////////////////////////
// Change Password
//////////////////////////////////////////////////////////////////
public function Password(){
public function Password()
{
$this->EncryptPassword();
$revised_array = array();
foreach($this->users as $user=>$data){
if($data['username']==$this->username){
foreach ($this->users as $user => $data) {
if ($data['username']==$this->username) {
$revised_array[] = array("username"=>$data['username'],"password"=>$this->password,"project"=>$data['project']);
}else{
} else {
$revised_array[] = array("username"=>$data['username'],"password"=>$data['password'],"project"=>$data['project']);
}
}
// Save array back to JSON
saveJSON('users.php',$revised_array);
saveJSON('users.php', $revised_array);
// Response
echo formatJSEND("success",null);
echo formatJSEND("success", null);
}
//////////////////////////////////////////////////////////////////
// Set Project Access
//////////////////////////////////////////////////////////////////
public function Project_Access(){
public function Project_Access()
{
// Access set to all projects
if($this->projects==0){
if(file_exists(BASE_PATH . "/data/" . $this->username . '_acl.php')){
if ($this->projects==0) {
if (file_exists(BASE_PATH . "/data/" . $this->username . '_acl.php')) {
unlink(BASE_PATH . "/data/" . $this->username . '_acl.php');
}
// Access set to restricted list
}else{
} else {
// Save array back to JSON
saveJSON($this->username . '_acl.php',$this->projects);
saveJSON($this->username . '_acl.php', $this->projects);
}
// Response
echo formatJSEND("success",null);
echo formatJSEND("success", null);
}
//////////////////////////////////////////////////////////////////
// Set Current Project
//////////////////////////////////////////////////////////////////
public function Project(){
public function Project()
{
$revised_array = array();
foreach($this->users as $user=>$data){
if($this->username==$data['username']){
foreach ($this->users as $user => $data) {
if ($this->username==$data['username']) {
$revised_array[] = array("username"=>$data['username'],"password"=>$data['password'],"project"=>$this->project);
}else{
} else {
$revised_array[] = array("username"=>$data['username'],"password"=>$data['password'],"project"=>$data['project']);
}
}
// Save array back to JSON
saveJSON('users.php',$revised_array);
saveJSON('users.php', $revised_array);
// Response
echo formatJSEND("success",null);
echo formatJSEND("success", null);
}
//////////////////////////////////////////////////////////////////
// Check Duplicate
//////////////////////////////////////////////////////////////////
public function CheckDuplicate(){
public function CheckDuplicate()
{
$pass = true;
foreach($this->users as $user=>$data){
if($data['username']==$this->username){
foreach ($this->users as $user => $data) {
if ($data['username']==$this->username) {
$pass = false;
}
}
@@ -183,10 +197,11 @@ class User {
// Verify Account Exists
//////////////////////////////////////////////////////////////////
public function Verify(){
public function Verify()
{
$pass = 'false';
foreach($this->users as $user=>$data){
if($this->username==$data['username']){
foreach ($this->users as $user => $data) {
if ($this->username==$data['username']) {
$pass = 'true';
}
}
@@ -197,7 +212,8 @@ class User {
// Encrypt Password
//////////////////////////////////////////////////////////////////
private function EncryptPassword(){
private function EncryptPassword()
{
$this->password = sha1(md5($this->password));
}
@@ -205,8 +221,8 @@ class User {
// Clean username
//////////////////////////////////////////////////////////////////
public static function CleanUsername( $username ){
return preg_replace('#[^A-Za-z0-9'.preg_quote('-_@. ').']#','', $username);
public static function CleanUsername($username)
{
return preg_replace('#[^A-Za-z0-9'.preg_quote('-_@. ').']#', '', $username);
}
}

165
components/user/controller.php
View File

@@ -9,15 +9,17 @@
require_once('../../common.php');
require_once('class.user.php');
if(!isset($_GET['action'])){
die(formatJSEND("error","Missing parameter"));
}
if (!isset($_GET['action'])) {
die(formatJSEND("error", "Missing parameter"));
}
//////////////////////////////////////////////////////////////////
// Verify Session or Key
//////////////////////////////////////////////////////////////////
if($_GET['action']!='authenticate'){ checkSession(); }
if ($_GET['action']!='authenticate') {
checkSession();
}
$User = new User();
@@ -25,124 +27,125 @@
// Authenticate
//////////////////////////////////////////////////////////////////
if($_GET['action']=='authenticate'){
if(!isset($_POST['username']) || !isset($_POST['password'])){
die(formatJSEND("error","Missing username or password"));
}
$User->username = $_POST['username'];
$User->password = $_POST['password'];
// check if the asked languages exist and is registered in languages/code.php
require_once '../../languages/code.php';
if ( isset( $languages[ $_POST['language'] ] ) )
$User->lang = $_POST['language'];
else
$User->lang = 'en';
// theme
$User->theme = $_POST['theme'];
$User->Authenticate();
if ($_GET['action']=='authenticate') {
if (!isset($_POST['username']) || !isset($_POST['password'])) {
die(formatJSEND("error", "Missing username or password"));
}
$User->username = $_POST['username'];
$User->password = $_POST['password'];
// check if the asked languages exist and is registered in languages/code.php
require_once '../../languages/code.php';
if (isset($languages[ $_POST['language'] ])) {
$User->lang = $_POST['language'];
} else {
$User->lang = 'en';
}
// theme
$User->theme = $_POST['theme'];
$User->Authenticate();
}
//////////////////////////////////////////////////////////////////
// Logout
//////////////////////////////////////////////////////////////////
if($_GET['action']=='logout'){
session_unset(); session_destroy(); session_start();
}
if ($_GET['action']=='logout') {
session_unset();
session_destroy();
session_start();
}
//////////////////////////////////////////////////////////////////
// Create User
//////////////////////////////////////////////////////////////////
if($_GET['action']=='create'){
if(checkAccess()) {
if(!isset($_POST['username']) || !isset($_POST['password'])){
die(formatJSEND("error","Missing username or password"));
}
$User->username = User::CleanUsername( $_POST['username'] );
$User->password = $_POST['password'];
$User->Create();
if ($_GET['action']=='create') {
if (checkAccess()) {
if (!isset($_POST['username']) || !isset($_POST['password'])) {
die(formatJSEND("error", "Missing username or password"));
}
$User->username = User::CleanUsername($_POST['username']);
$User->password = $_POST['password'];
$User->Create();
}
}
//////////////////////////////////////////////////////////////////
// Delete User
//////////////////////////////////////////////////////////////////
if($_GET['action']=='delete'){
if(checkAccess()) {
if(!isset($_GET['username'])){
die(formatJSEND("error","Missing username"));
}
$User->username = $_GET['username'];
$User->Delete();
if ($_GET['action']=='delete') {
if (checkAccess()) {
if (!isset($_GET['username'])) {
die(formatJSEND("error", "Missing username"));
}
$User->username = $_GET['username'];
$User->Delete();
}
}
//////////////////////////////////////////////////////////////////
// Set Project Access
//////////////////////////////////////////////////////////////////
if($_GET['action']=='project_access'){
if(checkAccess()) {
if(!isset($_GET['username'])){
die(formatJSEND("error","Missing username"));
}
$User->username = $_GET['username'];
//No project selected
if(isset($_POST['projects'])){
$User->projects = $_POST['projects'];
}else{
$User->projects = array();
}
$User->Project_Access();
if ($_GET['action']=='project_access') {
if (checkAccess()) {
if (!isset($_GET['username'])) {
die(formatJSEND("error", "Missing username"));
}
$User->username = $_GET['username'];
//No project selected
if (isset($_POST['projects'])) {
$User->projects = $_POST['projects'];
} else {
$User->projects = array();
}
$User->Project_Access();
}
}
//////////////////////////////////////////////////////////////////
// Change Password
//////////////////////////////////////////////////////////////////
if($_GET['action']=='password'){
if(!isset($_POST['username']) || !isset($_POST['password'])){
die(formatJSEND("error","Missing username or password"));
}
if(checkAccess() || $_POST['username'] == $_SESSION['user']) {
$User->username = $_POST['username'];
$User->password = $_POST['password'];
$User->Password();
}
if ($_GET['action']=='password') {
if (!isset($_POST['username']) || !isset($_POST['password'])) {
die(formatJSEND("error", "Missing username or password"));
}
if (checkAccess() || $_POST['username'] == $_SESSION['user']) {
$User->username = $_POST['username'];
$User->password = $_POST['password'];
$User->Password();
}
}
//////////////////////////////////////////////////////////////////
// Change Project
//////////////////////////////////////////////////////////////////
if($_GET['action']=='project'){
if(!isset($_GET['project'])){
die(formatJSEND("error","Missing project"));
}
$User->username = $_SESSION['user'];
$User->project = $_GET['project'];
$User->Project();
if ($_GET['action']=='project') {
if (!isset($_GET['project'])) {
die(formatJSEND("error", "Missing project"));
}
$User->username = $_SESSION['user'];
$User->project = $_GET['project'];
$User->Project();
}
//////////////////////////////////////////////////////////////////
// Verify User Account
//////////////////////////////////////////////////////////////////
if($_GET['action']=='verify'){
$User->username = $_SESSION['user'];
$User->Verify();
}
?>
if ($_GET['action']=='verify') {
$User->username = $_SESSION['user'];
$User->Verify();
}