The 2 x if conditions added a security measure to avoid path traversals,
should languageBase or languageUser ever be set to something malicious
such as (eg ../../../../../../../etc/passwd)
However, it meant that the ICEcoder dir and the doc root dir paths had
to both start the same, and so be in the same location really. It was
previously a benefit to have them possibly contain different paths, but
this security point restricts this.
We can remove these 2 if conditions however and simply wrap the 2 array
values with basename(), so we take only the trailing file name and so
avoid path traversal issues.
Location shouldn't contain the dirname of the file or a loggedOut param
(with no CSRF!) - all unnecessary and causes problems
Also add a die() after the header location to go no further.
Causes file locking issues if allowed to be called from anywhere
Because we only call from index.php now, also need dirname(___FILE___)
to complete paths
configCreateDate set if 0 now on every load, not just save
14 full days setup (1296000 - 1 sec), so doesn't start by showing 13
days (and 23 hrs, 59 secs)
If configCreateDate == 0, $tRemaining is the $tPeriod
If there has been a change of language, set a bool flag for a reload
later
Save languageUser to file also on settings update
realpath checking on language file name also, dies if fails
Remote menu option is now Source
Don't hard code or pass through the adjustCursor value
shiftSim param added so we can simulate a shift key just as we do with
ctrlSim
boxSelect function added so we can draw a box on drag in the file
manager and select files. Math.abs used to always return a positive
number
Only input focus if we're not showing the trial screen, indicated by
lack of $_GET param
Only if trialBarRemaining is there should we adjust the bar length, now
also done 0.5 after load
On mouse down, up and drag, we now also call boxSelect function with
appropriate param
If we haven't just dragged a box select area, we can selectFileFolder on
click. If we have, set to false afterwards to reset
fmDragBox div added with no select properties and also added to body
If we have multiple selections, deselect to the primary selection only.
If we only have a single selection, then we comment/uncomment.
(Avoids having multiple selections, pressing Esc to clear to a single
and also unwantedly commenting/uncommenting).
REQUEST used as param may be over GET or POST (under XHR setup now) and
html_entity_decode it
fileURLPart is now fileURL and POST'd in XHR send, not part of URL to
get
file value now can be received from POST or GET (REQUEST), as we will be
passing in POST via XHR in future
html_entity_decode the value so we can have special chars
With this enabled (the default), saving a file will copy the main pane
value to the diff pane. This means you can see what changes you are
making prior to a save and also can undo changes in diff pane to see
save points and how they differ to the main pane.
newFileName needs docRoot also in path
statusArray is now statusObj
Recoding of diff handling code to work with new XHR setup and
improvements at same time re reducing use of textareas
We should indeed only output if index.php and top.iceRoot is updated
after a settings change in settings-update.php (top.docRoot only changes
if you manually change the file, in which case a reload is needed and
this is picked up again from scratch).
Will eventually replace file-control.php. Carries out same file checks
etc, plus defines error info, form looparound system gone in place of
2nd XHR call on save as/new file save. All JS moved into a doNext string
to be run on success (no errors).
The only output here is the JSON response once we have carried out our
processes.
Note: Diff loading/MDT mismatch system not done yet.
First step towards replacing the old HTTP & form posting looparound
method, with a much more efficient XHR and JSON response system. For
now, only save uses this, load, delete, perms etc use old system until
save is stablised and fully tested.
Starts XHR call and when we have a response, if there's an error, show
that, otherwise, do the items listed in the doNext value.
Avoids having something output to the browser in places where we don't
want it, such as the new file-control-xhr.php file. Temporary
console.log for now as reminder to finish checking this out.
Checks all ICEcoder files are writeable and therefore moveable, before
proceeding with the update.
If it files any that aren't, it will display a message, list them and
die with a link back to ICEcoder.
Also ignoring .git dir
