From 623ee10a8163b65484d132bc03c73441222e6cc6 Mon Sep 17 00:00:00 2001 From: mattpass Date: Sat, 24 Jul 2021 16:05:43 +0100 Subject: [PATCH] Uploaded files data in array, string type cast octal for octdec --- classes/File.php | 25 +++++++++++++------------ lib/file-control.php | 4 ++-- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/classes/File.php b/classes/File.php index 84b4696..e9522a0 100644 --- a/classes/File.php +++ b/classes/File.php @@ -372,7 +372,7 @@ class File fclose($fh); if ($setPerms) { - chmod($file, octdec($ICEcoder['newFilePerms'])); + chmod($file, octdec((string) $ICEcoder['newFilePerms'])); } clearstatcache(); $filemtime = "Windows" !== $serverType ? filemtime($file) : "1000000"; @@ -479,12 +479,12 @@ class File if (is_dir($source)) { $fileOrFolder = "folder"; if (!is_dir($dest)) { - mkdir($dest, octdec($ICEcoder['newDirPerms'])); + mkdir($dest, octdec((string) $ICEcoder['newDirPerms'])); } else { for ($i = 2; $i < 1000000000; $i++) { if (!is_dir($dest . " (" . $i . ")")) { $dest = $dest." (" . $i . ")"; - mkdir($dest, octdec($ICEcoder['newDirPerms'])); + mkdir($dest, octdec((string) $ICEcoder['newDirPerms'])); $i = 1000000000; } } @@ -494,7 +494,7 @@ class File RecursiveIteratorIterator::SELF_FIRST) as $item ) { if ($item->isDir()) { - mkdir($dest . DIRECTORY_SEPARATOR . $iterator->getSubPathName(), octdec($ICEcoder['newDirPerms'])); + mkdir($dest . DIRECTORY_SEPARATOR . $iterator->getSubPathName(), octdec((string) $ICEcoder['newDirPerms'])); } else { copy($item->getPathName(), $dest . DIRECTORY_SEPARATOR . $iterator->getSubPathName()); } @@ -550,8 +550,8 @@ class File $uploadDir = $docRoot . $iceRoot . str_replace("..", "", str_replace("|", "/", $_POST['folder'] . "/")); foreach($uploads as $current) { - $uploadedFile = $uploadDir . $current->name; - $fileName = $current->name; + $uploadedFile = $uploadDir . $current['name']; + $fileName = $current['name']; // Get & set existing perms for existing files, or set to newFilePerms setting for new files if (file_exists($uploadedFile)) { $chmodInfo = substr(sprintf('%o', fileperms($uploadedFile)), -4); @@ -572,8 +572,8 @@ class File } private function uploadThisFile($current, $uploadFile, $setPerms){ - if (move_uploaded_file($current->tmp_name, $uploadFile)){ - chmod($uploadFile, octdec($setPerms)); + if (move_uploaded_file($current['tmp_name'], $uploadFile)){ + chmod($uploadFile, octdec((string) $setPerms)); return true; } } @@ -582,10 +582,11 @@ class File public function getUploadedDetails($fileArr) { $uploads = []; foreach($fileArr['name'] as $keyee => $info) { - $uploads[$keyee]->name = xssClean($fileArr['name'][$keyee], "html"); - $uploads[$keyee]->type = $fileArr['type'][$keyee]; - $uploads[$keyee]->tmp_name = $fileArr['tmp_name'][$keyee]; - $uploads[$keyee]->error = $fileArr['error'][$keyee]; + $uploads[$keyee] = []; + $uploads[$keyee]['name'] = xssClean($fileArr['name'][$keyee], "html"); + $uploads[$keyee]['type'] = $fileArr['type'][$keyee]; + $uploads[$keyee]['tmp_name'] = $fileArr['tmp_name'][$keyee]; + $uploads[$keyee]['error'] = $fileArr['error'][$keyee]; } return $uploads; } diff --git a/lib/file-control.php b/lib/file-control.php index ef24c4e..6b163d8 100644 --- a/lib/file-control.php +++ b/lib/file-control.php @@ -177,7 +177,7 @@ if (!$error && "save" === $_GET['action']) { if (!$error && "newFolder" === $_GET['action']) { if (!$demoMode && is_writable($docRoot . $fileLoc)) { - mkdir($file, octdec($ICEcoder['newDirPerms'])); + mkdir($file, octdec((string) $ICEcoder['newDirPerms'])); $fileClass->updateFileManager('add', $fileLoc, $fileName, '', '', '', 'folder'); $finalAction = "newFolder"; // Run any extra processes @@ -364,7 +364,7 @@ if (!$error && "getRemoteFile" === $_GET['action']) { if (!$error && "perms" === $_GET['action']) { if (!$demoMode && is_writable($file)) { - chmod($file, octdec(numClean($_GET['perms']))); + chmod($file, octdec((string) numClean($_GET['perms']))); $fileClass->updateFileManager('chmod', $fileLoc, $fileName, numClean($_GET['perms']), '', '', ''); $finalAction = "perms"; // Run any custom processes