Added feature #15192: Add hook to postprocess filelist operations
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_extfilefunc.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2010 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * extending class to class t3lib_basicFileFunctions
29 *
30 * $Id$
31 * Revised for TYPO3 3.6 May/2004 by Kasper Skaarhoj
32 *
33 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
34 */
35 /**
36 * [CLASS/FUNCTION INDEX of SCRIPT]
37 *
38 *
39 *
40 * 105: class t3lib_extFileFunctions extends t3lib_basicFileFunctions
41 * 151: function start($fileCmds)
42 * 181: function init_actionPerms($setup)
43 * 213: function processData()
44 * 270: function printLogErrorMessages($redirect='')
45 * 328: function findRecycler($theFile)
46 * 357: function writeLog($action,$error,$details_nr,$details,$data)
47 *
48 * SECTION: File operation functions
49 * 384: function func_delete($cmds)
50 * 451: function func_copy($cmds)
51 * 542: function func_move($cmds)
52 * 637: function func_rename($cmds)
53 * 683: function func_newfolder($cmds)
54 * 713: function func_newfile($cmds)
55 * 750: function func_edit($cmds)
56 * 782: function func_upload($cmds)
57 * 821: function func_unzip($cmds)
58 *
59 * TOTAL FUNCTIONS: 15
60 * (This index is automatically created/updated by the extension "extdeveval")
61 *
62 */
63
64
65
66
67
68
69
70
71
72
73
74
75
76 /**
77 * Contains functions for performing file operations like copying, pasting, uploading, moving, deleting etc. through the TCE
78 * Extending class to class t3lib_basicFileFunctions.
79 *
80 * see basicFileFunctions
81 * see document "TYPO3 Core API" for syntax
82 *
83 * This class contains functions primarily used by tce_file.php (TYPO3 Core Engine for file manipulation)
84 * Functions include copying, moving, deleting, uploading and so on...
85 *
86 * Important internal variables:
87 *
88 * $filemounts (see basicFileFunctions)
89 * $f_ext (see basicFileFunctions)
90 * ... All fileoperations must be within the filemount-paths. Further the fileextension MUST validate true with the f_ext array
91 *
92 * The unzip-function allows unzip only if the destination path has it's f_ext[]['allow'] set to '*'!!
93 * You are allowed to copy/move folders within the same 'space' (web/ftp).
94 * You are allowed to copy/move folders between spaces (web/ftp) IF the destination has it's f_ext[]['allow'] set to '*'!
95 *
96 * Advice:
97 * You should always exclude php-files from the webspace. This will keep people from uploading, copy/moving and renaming files to become executable php scripts.
98 * You should never mount a ftp_space 'below' the webspace so that it reaches into the webspace. This is because if somebody unzips a zip-file in the ftp-space so that it reaches out into the webspace this will be a violation of the safety
99 * For example this is a bad idea: you have an ftp-space that is '/www/' and a web-space that is '/www/htdocs/'
100 *
101 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
102 * @package TYPO3
103 * @subpackage t3lib
104 */
105 class t3lib_extFileFunctions extends t3lib_basicFileFunctions {
106
107 // External static variables:
108 // Notice; some of these are overridden in the start() method with values from $GLOBALS['TYPO3_CONF_VARS']['BE']
109 var $maxCopyFileSize = 10000; // max copy size (kb) for files
110 var $maxMoveFileSize = 10000; // max move size (kb) for files
111 var $maxUploadFileSize = 10000; // max upload size (kb) for files. Remember that PHP has an inner limit often set to 2 MB
112 var $unzipPath = ''; // Path to unzip-program (with trailing '/')
113 var $dontCheckForUnique = 0; // If set, the uploaded files will overwrite existing files.
114
115 var $actionPerms = Array( // This array is self-explaning (look in the class below). It grants access to the functions. This could be set from outside in order to enabled functions to users. See also the function init_actionPerms() which takes input directly from the user-record
116 'deleteFile' => 0, // Deleting files physically
117 'deleteFolder' => 0, // Deleting foldes physically
118 'deleteFolderRecursively' => 0, // normally folders are deleted by the PHP-function rmdir(), but with this option a user deletes with 'rm -Rf ....' which is pretty wild!
119 'moveFile' => 0,
120 'moveFolder' => 0,
121 'copyFile' => 0,
122 'copyFolder' => 0,
123 'newFolder' => 0,
124 'newFile' => 0,
125 'editFile' => 0,
126 'unzipFile' => 0,
127 'uploadFile' => 0,
128 'renameFile' => 0,
129 'renameFolder' => 0
130 );
131
132 var $recyclerFN = '_recycler_'; // This is regarded to be the recycler folder
133 var $useRecycler = 1; // 0 = no, 1 = if available, 2 = always
134
135 // Internal, static:
136 var $PHPFileFunctions = 0; // If set, all fileoperations are done by the default PHP-functions. This is necessary under windows! On UNIX the system commands by exec() can be used unless safe_mode is enabled
137 var $dont_use_exec_commands = 0; // This is necessary under windows!
138
139 // Internal, dynamic:
140 var $internalUploadMap = array(); // Will contain map between upload ID and the final filename
141
142 var $lastError = '';
143
144
145
146
147 /**
148 * Initialization of the class
149 *
150 * @param array The $file array with the commands to execute. See "TYPO3 Core API" document
151 * @return void
152 */
153 function start($fileCmds) {
154
155 // Configure settings from TYPO3_CONF_VARS:
156 if (TYPO3_OS=='WIN' || $GLOBALS['TYPO3_CONF_VARS']['BE']['disable_exec_function']) {
157 $this->PHPFileFunctions = 1;
158 $this->dont_use_exec_commands = 1;
159 } else {
160 $this->PHPFileFunctions = $GLOBALS['TYPO3_CONF_VARS']['BE']['usePHPFileFunctions'];
161 }
162
163 $this->unzipPath = $GLOBALS['TYPO3_CONF_VARS']['BE']['unzip_path'];
164
165 $maxFileSize = intval($GLOBALS['TYPO3_CONF_VARS']['BE']['maxFileSize']);
166 if ($maxFileSize > 0) {
167 $this->maxCopyFileSize = $maxFileSize;
168 $this->maxMoveFileSize = $maxFileSize;
169 }
170 $this->maxUploadFileSize = t3lib_div::getMaxUploadFileSize();
171
172 // Initializing file processing commands:
173 $this->fileCmdMap = $fileCmds;
174 }
175
176 /**
177 * Sets up permission to perform file/directory operations.
178 * See below or the be_user-table for the significance of the various bits in $setup.
179 *
180 * @param integer File permission integer from BE_USER OR'ed with permissions of back-end groups this user is a member of
181 * @return void
182 */
183 function init_actionPerms($setup) {
184 if (($setup&1)==1) { // Files: Upload,Copy,Move,Delete,Rename
185 $this->actionPerms['uploadFile']=1;
186 $this->actionPerms['copyFile']=1;
187 $this->actionPerms['moveFile']=1;
188 $this->actionPerms['deleteFile']=1;
189 $this->actionPerms['renameFile']=1;
190 $this->actionPerms['editFile']=1;
191 $this->actionPerms['newFile']=1;
192 }
193 if (($setup&2)==2) { // Files: Unzip
194 $this->actionPerms['unzipFile']=1;
195 }
196 if (($setup&4)==4) { // Directory: Move,Delete,Rename,New
197 $this->actionPerms['moveFolder']=1;
198 $this->actionPerms['deleteFolder']=1;
199 $this->actionPerms['renameFolder']=1;
200 $this->actionPerms['newFolder']=1;
201 }
202 if (($setup&8)==8) { // Directory: Copy
203 $this->actionPerms['copyFolder']=1;
204 }
205 if (($setup&16)==16) { // Directory: Delete recursively (rm -Rf)
206 $this->actionPerms['deleteFolderRecursively']=1;
207 }
208 }
209
210 /**
211 * Processing the command array in $this->fileCmdMap
212 *
213 * @return mixed false, if the file functions were not initialized
214 * otherwise returns an array of all the results that are returned
215 * from each command, separated in each action.
216 */
217 function processData() {
218 $result = array();
219 if (!$this->isInit) {
220 return false;
221 }
222
223 if (is_array($this->fileCmdMap)) {
224
225 // Check if there were uploads expected, but no one made
226 if ($this->fileCmdMap['upload']) {
227 $uploads = $this->fileCmdMap['upload'];
228 foreach ($uploads as $upload) {
229 if (!$_FILES['upload_' . $upload['data']]['name']) {
230 unset($this->fileCmdMap['upload'][$upload['data']]);
231 }
232 }
233 if (count($this->fileCmdMap['upload']) == 0) {
234 $this->writelog(1,1,108,'No file was uploaded!','');
235 }
236 }
237
238 // Traverse each set of actions
239 foreach ($this->fileCmdMap as $action => $actionData) {
240
241 // Traverse all action data. More than one file might be affected at the same time.
242 if (is_array($actionData)) {
243 $result[$action] = array();
244 foreach ($actionData as $cmdArr) {
245
246 // Clear file stats
247 clearstatcache();
248
249 // Branch out based on command:
250 switch ($action) {
251 case 'delete':
252 $result[$action][] = $this->func_delete($cmdArr);
253 break;
254 case 'copy':
255 $result[$action][] = $this->func_copy($cmdArr);
256 break;
257 case 'move':
258 $result[$action][] = $this->func_move($cmdArr);
259 break;
260 case 'rename':
261 $result[$action][] = $this->func_rename($cmdArr);
262 break;
263 case 'newfolder':
264 $result[$action][] = $this->func_newfolder($cmdArr);
265 break;
266 case 'newfile':
267 $result[$action][] = $this->func_newfile($cmdArr);
268 break;
269 case 'editfile':
270 $result[$action][] = $this->func_edit($cmdArr);
271 break;
272 case 'upload':
273 $result[$action][] = $this->func_upload($cmdArr);
274 break;
275 case 'unzip':
276 $result[$action][] = $this->func_unzip($cmdArr);
277 break;
278 }
279
280 // Hook for post-processing the action
281 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_extfilefunc.php']['processData'])) {
282 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_extfilefunc.php']['processData'] as $classRef) {
283 $hookObject = t3lib_div::getUserObj($classRef);
284
285 if (!($hookObject instanceof t3lib_extFileFunctions_processDataHook)) {
286 throw new UnexpectedValueException('$hookObject must implement interface t3lib_extFileFunctions_processDataHook', 1279719168);
287 }
288
289 $hookObject->processData_postProcessAction($action, $cmdArr, $result[$action], $this);
290 }
291 }
292 }
293 }
294 }
295 }
296 return $result;
297 }
298
299 /**
300 * Adds log error messages from the operations of this script instance to the FlashMessageQueue
301 *
302 * @param string Redirect URL (for creating link in message)
303 * @return void
304 */
305 function printLogErrorMessages($redirect = '') {
306 $this->getErrorMessages();
307 }
308
309
310 /**
311 * Adds log error messages from the previous file operations of this script instance
312 * to the FlashMessageQueue
313 *
314 * @return void
315 */
316 function getErrorMessages() {
317 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
318 '*',
319 'sys_log',
320 'type = 2 AND userid = ' . intval($GLOBALS['BE_USER']->user['uid'])
321 . ' AND tstamp=' . intval($GLOBALS['EXEC_TIME'])
322 . ' AND error != 0'
323 );
324 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
325 $logData = unserialize($row['log_data']);
326 $msg = $row['error'] . ': ' . sprintf($row['details'], $logData[0], $logData[1], $logData[2], $logData[3], $logData[4]);
327 $flashMessage = t3lib_div::makeInstance(
328 't3lib_FlashMessage',
329 $msg,
330 '',
331 t3lib_FlashMessage::ERROR,
332 TRUE
333 );
334 t3lib_FlashMessageQueue::addMessage($flashMessage);
335 }
336 $GLOBALS['TYPO3_DB']->sql_free_result($res);
337 }
338
339
340
341 /**
342 * Goes back in the path and checks in each directory if a folder named $this->recyclerFN (usually '_recycler_') is present.
343 * If a folder in the tree happens to be a _recycler_-folder (which means that we're deleting something inside a _recycler_-folder) this is ignored
344 *
345 * @param string Takes a valid Path ($theFile)
346 * @return string Returns the path (without trailing slash) of the closest recycle-folder if found. Else false.
347 */
348 function findRecycler($theFile) {
349 if ($this->isPathValid($theFile)) {
350 $theFile = $this->cleanDirectoryName($theFile);
351 $fI = t3lib_div::split_fileref($theFile);
352 $c = 0;
353 while($this->checkPathAgainstMounts($fI['path']) && $c<20) {
354 $rDir = $fI['path'].$this->recyclerFN;
355 if (@is_dir($rDir) && $this->recyclerFN!=$fI['file']) {
356 return $rDir;
357 }
358 $theFile = $fI['path'];
359 $theFile = $this->cleanDirectoryName($theFile);
360 $fI = t3lib_div::split_fileref($theFile);
361 $c++;
362 }
363 }
364 }
365
366 /**
367 * Logging file operations
368 *
369 * @param integer The action number. See the functions in the class for a hint. Eg. edit is '9', upload is '1' ...
370 * @param integer The severity: 0 = message, 1 = error, 2 = System Error, 3 = security notice (admin)
371 * @param integer This number is unique for every combination of $type and $action. This is the error-message number, which can later be used to translate error messages.
372 * @param string This is the default, raw error message in english
373 * @param array Array with special information that may go into $details by "%s" marks / sprintf() when the log is shown
374 * @return void
375 * @see class.t3lib_userauthgroup.php
376 */
377 function writeLog($action,$error,$details_nr,$details,$data) {
378 $type = 2; // Type value for tce_file.php
379 if (is_object($GLOBALS['BE_USER'])) {
380 $GLOBALS['BE_USER']->writelog($type,$action,$error,$details_nr,$details,$data);
381 }
382 $this->lastError = vsprintf($details, $data);
383 }
384
385
386
387
388
389
390
391
392
393 /*************************************
394 *
395 * File operation functions
396 *
397 **************************************/
398
399 /**
400 * Deleting files and folders (action=4)
401 *
402 * @param array $cmds['data'] is the file/folder to delete
403 * @return boolean Returns true upon success
404 */
405 function func_delete($cmds) {
406 if (!$this->isInit) return FALSE;
407
408 // Checking path:
409 $theFile = $cmds['data'];
410 if (!$this->isPathValid($theFile)) {
411 $this->writelog(4,2,101,'Target "%s" had invalid path (".." and "//" is not allowed in path).',Array($theFile));
412 return FALSE;
413 }
414
415 // Recycler moving or not?
416 if ($this->useRecycler && $recyclerPath=$this->findRecycler($theFile)) {
417 // If a recycler is found, the deleted items is moved to the recycler and not just deleted.
418 $newCmds=Array();
419 $newCmds['data']=$theFile;
420 $newCmds['target']=$recyclerPath;
421 $newCmds['altName']=1;
422 $this->func_move($newCmds);
423 $this->writelog(4,0,4,'Item "%s" moved to recycler at "%s"',Array($theFile,$recyclerPath));
424 return TRUE;
425 } elseif ($this->useRecycler != 2) { // if $this->useRecycler==2 then we cannot delete for real!!
426 if (@is_file($theFile)) { // If we are deleting a file...
427 if ($this->actionPerms['deleteFile']) {
428 if ($this->checkPathAgainstMounts($theFile)) {
429 if (@unlink($theFile)) {
430 $this->writelog(4,0,1,'File "%s" deleted',Array($theFile));
431 return TRUE;
432 } else $this->writelog(4,1,110,'Could not delete file "%s". Write-permission problem?', Array($theFile));
433 } else $this->writelog(4,1,111,'Target was not within your mountpoints! T="%s"',Array($theFile));
434 } else $this->writelog(4,1,112,'You are not allowed to delete files','');
435 // FINISHED deleting file
436
437 } elseif (@is_dir($theFile)) { // if we're deleting a folder
438 if ($this->actionPerms['deleteFolder']) {
439 $theFile = $this->is_directory($theFile);
440 if ($theFile) {
441 if ($this->checkPathAgainstMounts($theFile)) { // I choose not to append '/' to $theFile here as this will prevent us from deleting mounts!! (which makes sense to me...)
442 if ($this->actionPerms['deleteFolderRecursively']) {
443 if (t3lib_div::rmdir($theFile,true)) {
444 $this->writelog(4,0,2,'Directory "%s" deleted recursively!',Array($theFile));
445 return TRUE;
446 } else $this->writelog(4,2,119,'Directory "%s" WAS NOT deleted recursively! Write-permission problem?',Array($theFile));
447 } else {
448 if (@rmdir($theFile)) {
449 $this->writelog(4,0,3,'Directory "%s" deleted',Array($theFile));
450 return TRUE;
451 } else $this->writelog(4,1,120,'Could not delete directory! Write-permission problem? Is directory "%s" empty? (You are not allowed to delete directories recursively).',Array($theFile));
452 }
453 } else $this->writelog(4,1,121,'Target was not within your mountpoints! T="%s"',Array($theFile));
454 } else $this->writelog(4,2,122,'Target seemed not to be a directory! (Shouldn\'t happen here!)','');
455 } else $this->writelog(4,1,123,'You are not allowed to delete directories','');
456 // FINISHED copying directory
457
458 } else $this->writelog(4,2,130,'The item was not a file or directory! "%s"',Array($theFile));
459 } else $this->writelog(4,1,131,'No recycler found!','');
460 }
461
462 /**
463 * Copying files and folders (action=2)
464 *
465 * @param array $cmds['data'] is the file/folder to copy. $cmds['target'] is the path where to copy to. $cmds['altName'] (boolean): If set, another filename is found in case the target already exists
466 * @return string Returns the new filename upon success
467 */
468 function func_copy($cmds) {
469 if (!$this->isInit) return FALSE;
470
471 // Initialize and check basic conditions:
472 $theFile = $cmds['data'];
473 $theDest = $this->is_directory($cmds['target']); // Clean up destination directory
474 $altName = $cmds['altName'];
475 if (!$theDest) {
476 $this->writelog(2,2,100,'Destination "%s" was not a directory',Array($cmds['target']));
477 return FALSE;
478 }
479 if (!$this->isPathValid($theFile) || !$this->isPathValid($theDest)) {
480 $this->writelog(2,2,101,'Target or destination had invalid path (".." and "//" is not allowed in path). T="%s", D="%s"',Array($theFile,$theDest));
481 return FALSE;
482 }
483
484 // Processing of file or directory.
485 if (@is_file($theFile)) { // If we are copying a file...
486 if ($this->actionPerms['copyFile']) {
487 if (filesize($theFile) < ($this->maxCopyFileSize*1024)) {
488 $fI = t3lib_div::split_fileref($theFile);
489 if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
490 $theDestFile = $this->getUniqueName($fI['file'], $theDest);
491 $fI = t3lib_div::split_fileref($theDestFile);
492 } else {
493 $theDestFile = $theDest.'/'.$fI['file'];
494 }
495 if ($theDestFile && !file_exists($theDestFile)) {
496 if ($this->checkIfAllowed($fI['fileext'], $theDest, $fI['file'])) {
497 if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
498 if ($this->PHPFileFunctions) {
499 copy ($theFile,$theDestFile);
500 } else {
501 $cmd = 'cp "'.$theFile.'" "'.$theDestFile.'"';
502 exec($cmd);
503 }
504 t3lib_div::fixPermissions($theDestFile);
505 clearstatcache();
506 if (@is_file($theDestFile)) {
507 $this->writelog(2,0,1,'File "%s" copied to "%s"',Array($theFile,$theDestFile));
508 return $theDestFile;
509 } else $this->writelog(2,2,109,'File "%s" WAS NOT copied to "%s"! Write-permission problem?',Array($theFile,$theDestFile));
510 } else $this->writelog(2,1,110,'Target or destination was not within your mountpoints! T="%s", D="%s"',Array($theFile,$theDestFile));
511 } else $this->writelog(2,1,111,'Extension of file name "%s" is not allowed in "%s"!',Array($fI['file'],$theDest.'/'));
512 } else $this->writelog(2,1,112,'File "%s" already exists!',Array($theDestFile));
513 } else $this->writelog(2,1,113,'File "%s" exceeds the size-limit of %s bytes',Array($theFile,$this->maxCopyFileSize*1024));
514 } else $this->writelog(2,1,114,'You are not allowed to copy files','');
515 // FINISHED copying file
516
517 } elseif (@is_dir($theFile) && !$this->dont_use_exec_commands) { // if we're copying a folder
518 if ($this->actionPerms['copyFolder']) {
519 $theFile = $this->is_directory($theFile);
520 if ($theFile) {
521 $fI = t3lib_div::split_fileref($theFile);
522 if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
523 $theDestFile = $this->getUniqueName($fI['file'], $theDest);
524 $fI = t3lib_div::split_fileref($theDestFile);
525 } else {
526 $theDestFile = $theDest.'/'.$fI['file'];
527 }
528 if ($theDestFile && !file_exists($theDestFile)) {
529 if (!t3lib_div::isFirstPartOfStr($theDestFile.'/',$theFile.'/')) { // Check if the one folder is inside the other or on the same level... to target/dest is the same?
530 if ($this->checkIfFullAccess($theDest) || $this->is_webPath($theDestFile)==$this->is_webPath($theFile)) { // no copy of folders between spaces
531 if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
532 // No way to do this under windows!
533 $cmd = 'cp -R "'.$theFile.'" "'.$theDestFile.'"';
534 exec($cmd);
535 clearstatcache();
536 if (@is_dir($theDestFile)) {
537 $this->writelog(2,0,2,'Directory "%s" copied to "%s"',Array($theFile,$theDestFile));
538 return $theDestFile;
539 } else $this->writelog(2,2,119,'Directory "%s" WAS NOT copied to "%s"! Write-permission problem?',Array($theFile,$theDestFile));
540 } else $this->writelog(2,1,120,'Target or destination was not within your mountpoints! T="%s", D="%s"',Array($theFile,$theDestFile));
541 } else $this->writelog(2,1,121,'You don\'t have full access to the destination directory "%s"!',Array($theDest.'/'));
542 } else $this->writelog(2,1,122,'Destination cannot be inside the target! D="%s", T="%s"',Array($theDestFile.'/',$theFile.'/'));
543 } else $this->writelog(2,1,123,'Target "%s" already exists!',Array($theDestFile));
544 } else $this->writelog(2,2,124,'Target seemed not to be a directory! (Shouldn\'t happen here!)','');
545 } else $this->writelog(2,1,125,'You are not allowed to copy directories','');
546 // FINISHED copying directory
547
548 } else {
549 $this->writelog(2,2,130,'The item "%s" was not a file or directory!',Array($theFile));
550 }
551 }
552
553 /**
554 * Moving files and folders (action=3)
555 *
556 * @param array $cmds['data'] is the file/folder to move. $cmds['target'] is the path where to move to. $cmds['altName'] (boolean): If set, another filename is found in case the target already exists
557 * @return string Returns the new filename upon success
558 */
559 function func_move($cmds) {
560 if (!$this->isInit) return FALSE;
561
562 // Initialize and check basic conditions:
563 $theFile = $cmds['data'];
564 $theDest = $this->is_directory($cmds['target']); // Clean up destination directory
565 $altName = $cmds['altName'];
566 if (!$theDest) {
567 $this->writelog(3,2,100,'Destination "%s" was not a directory',Array($cmds['target']));
568 return FALSE;
569 }
570 if (!$this->isPathValid($theFile) || !$this->isPathValid($theDest)) {
571 $this->writelog(3,2,101,'Target or destination had invalid path (".." and "//" is not allowed in path). T="%s", D="%s"',Array($theFile,$theDest));
572 return FALSE;
573 }
574
575 // Processing of file or directory:
576 if (@is_file($theFile)) { // If we are moving a file...
577 if ($this->actionPerms['moveFile']) {
578 if (filesize($theFile) < ($this->maxMoveFileSize*1024)) {
579 $fI = t3lib_div::split_fileref($theFile);
580 if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
581 $theDestFile = $this->getUniqueName($fI['file'], $theDest);
582 $fI = t3lib_div::split_fileref($theDestFile);
583 } else {
584 $theDestFile = $theDest.'/'.$fI['file'];
585 }
586 if ($theDestFile && !file_exists($theDestFile)) {
587 if ($this->checkIfAllowed($fI['fileext'], $theDest, $fI['file'])) {
588 if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
589 if ($this->PHPFileFunctions) {
590 @rename($theFile, $theDestFile);
591 } else {
592 $cmd = 'mv "'.$theFile.'" "'.$theDestFile.'"';
593 exec($cmd);
594 }
595 clearstatcache();
596 if (@is_file($theDestFile)) {
597 $this->writelog(3,0,1,'File "%s" moved to "%s"',Array($theFile,$theDestFile));
598 return $theDestFile;
599 } else $this->writelog(3,2,109,'File "%s" WAS NOT moved to "%s"! Write-permission problem?',Array($theFile,$theDestFile));
600 } else $this->writelog(3,1,110,'Target or destination was not within your mountpoints! T="%s", D="%s"',Array($theFile,$theDestFile));
601 } else $this->writelog(3,1,111,'Extension of file name "%s" is not allowed in "%s"!',Array($fI['file'],$theDest.'/'));
602 } else $this->writelog(3,1,112,'File "%s" already exists!',Array($theDestFile));
603 } else $this->writelog(3,1,113,'File "%s" exceeds the size-limit of %s bytes',Array($theFile,$this->maxMoveFileSize*1024));
604 } else $this->writelog(3,1,114,'You are not allowed to move files','');
605 // FINISHED moving file
606
607 } elseif (@is_dir($theFile)) { // if we're moving a folder
608 if ($this->actionPerms['moveFolder']) {
609 $theFile = $this->is_directory($theFile);
610 if ($theFile) {
611 $fI = t3lib_div::split_fileref($theFile);
612 if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
613 $theDestFile = $this->getUniqueName($fI['file'], $theDest);
614 $fI = t3lib_div::split_fileref($theDestFile);
615 } else {
616 $theDestFile = $theDest.'/'.$fI['file'];
617 }
618 if ($theDestFile && !file_exists($theDestFile)) {
619 if (!t3lib_div::isFirstPartOfStr($theDestFile.'/',$theFile.'/')) { // Check if the one folder is inside the other or on the same level... to target/dest is the same?
620 if ($this->checkIfFullAccess($theDest) || $this->is_webPath($theDestFile)==$this->is_webPath($theFile)) { // // no moving of folders between spaces
621 if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
622 if ($this->PHPFileFunctions) {
623 @rename($theFile, $theDestFile);
624 } else {
625 $cmd = 'mv "'.$theFile.'" "'.$theDestFile.'"';
626 $errArr = array();
627 $retVar = 0;
628 exec($cmd,$errArr,$retVar);
629 }
630 clearstatcache();
631 if (@is_dir($theDestFile)) {
632 $this->writelog(3,0,2,'Directory "%s" moved to "%s"',Array($theFile,$theDestFile));
633 return $theDestFile;
634 } else $this->writelog(3,2,119,'Directory "%s" WAS NOT moved to "%s"! Write-permission problem?',Array($theFile,$theDestFile));
635 } else $this->writelog(3,1,120,'Target or destination was not within your mountpoints! T="%s", D="%s"',Array($theFile,$theDestFile));
636 } else $this->writelog(3,1,121,'You don\'t have full access to the destination directory "%s"!',Array($theDest.'/'));
637 } else $this->writelog(3,1,122,'Destination cannot be inside the target! D="%s", T="%s"',Array($theDestFile.'/',$theFile.'/'));
638 } else $this->writelog(3,1,123,'Target "%s" already exists!',Array($theDestFile));
639 } else $this->writelog(3,2,124,'Target seemed not to be a directory! (Shouldn\'t happen here!)','');
640 } else $this->writelog(3,1,125,'You are not allowed to move directories','');
641 // FINISHED moving directory
642
643 } else {
644 $this->writelog(3,2,130,'The item "%s" was not a file or directory!',Array($theFile));
645 }
646 }
647
648 /**
649 * Renaming files or foldes (action=5)
650 *
651 * @param array $cmds['data'] is the new name. $cmds['target'] is the target (file or dir).
652 * @return string Returns the new filename upon success
653 */
654 function func_rename($cmds) {
655 if (!$this->isInit) return FALSE;
656
657 $theNewName = $this->cleanFileName($cmds['data']);
658 if ($theNewName) {
659 if ($this->checkFileNameLen($theNewName)) {
660 $theTarget = $cmds['target'];
661 $type = filetype($theTarget);
662 if ($type=='file' || $type=='dir') { // $type MUST BE file or dir
663 $fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
664 if ($fileInfo['file']!=$theNewName) { // The name should be different from the current. And the filetype must be allowed
665 $theRenameName = $fileInfo['path'].$theNewName;
666 if ($this->checkPathAgainstMounts($fileInfo['path'])) {
667 if (!file_exists($theRenameName)) {
668 if ($type=='file') {
669 if ($this->actionPerms['renameFile']) {
670 $fI = t3lib_div::split_fileref($theRenameName);
671 if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
672 if (@rename($theTarget, $theRenameName)) {
673 $this->writelog(5,0,1,'File renamed from "%s" to "%s"',Array($fileInfo['file'],$theNewName));
674 return $theRenameName;
675 } else $this->writelog(5,1,100,'File "%s" was not renamed! Write-permission problem in "%s"?',Array($theTarget,$fileInfo['path']));
676 } else $this->writelog(5,1,101,'Extension of file name "%s" was not allowed!',Array($fI['file']));
677 } else $this->writelog(5,1,102,'You are not allowed to rename files!','');
678 } elseif ($type=='dir') {
679 if ($this->actionPerms['renameFolder']) {
680 if (@rename($theTarget, $theRenameName)) {
681 $this->writelog(5,0,2,'Directory renamed from "%s" to "%s"',Array($fileInfo['file'],$theNewName));
682 return $theRenameName;
683 } else $this->writelog(5,1,110,'Directory "%s" was not renamed! Write-permission problem in "%s"?',Array($theTarget,$fileInfo['path']));
684 } else $this->writelog(5,1,111,'You are not allowed to rename directories!','');
685 }
686 } else $this->writelog(5,1,120,'Destination "%s" existed already!',Array($theRenameName));
687 } else $this->writelog(5,1,121,'Destination path "%s" was not within your mountpoints!',Array($fileInfo['path']));
688 } else $this->writelog(5,1,122,'Old and new name is the same (%s)',Array($theNewName));
689 } else $this->writelog(5,2,123,'Target "%s" was neither a directory nor a file!',Array($theTarget));
690 } else $this->writelog(5,1,124,'New name "%s" was too long (max %s characters)',Array($theNewName,$this->maxInputNameLen));
691 }
692 }
693
694 /**
695 * This creates a new folder. (action=6)
696 *
697 * @param array $cmds['data'] is the foldername. $cmds['target'] is the path where to create it.
698 * @return string Returns the new foldername upon success
699 */
700 function func_newfolder($cmds) {
701 if (!$this->isInit) return FALSE;
702
703 $theFolder = $this->cleanFileName($cmds['data']);
704 if (isset($theFolder) && trim($theFolder) != '') {
705 if ($this->checkFileNameLen($theFolder)) {
706 $theTarget = $this->is_directory($cmds['target']); // Check the target dir
707 if ($theTarget) {
708 if ($this->actionPerms['newFolder']) {
709 $theNewFolder = $theTarget.'/'.$theFolder;
710 if ($this->checkPathAgainstMounts($theNewFolder)) {
711 if (!file_exists($theNewFolder)) {
712 if (t3lib_div::mkdir($theNewFolder)){
713 $this->writelog(6,0,1,'Directory "%s" created in "%s"',Array($theFolder,$theTarget.'/'));
714 return $theNewFolder;
715 } else $this->writelog(6,1,100,'Directory "%s" not created. Write-permission problem in "%s"?',Array($theFolder,$theTarget.'/'));
716 } else $this->writelog(6,1,101,'File or directory "%s" existed already!',Array($theNewFolder));
717 } else $this->writelog(6,1,102,'Destination path "%s" was not within your mountpoints!',Array($theTarget.'/'));
718 } else $this->writelog(6,1,103,'You are not allowed to create directories!','');
719 } else $this->writelog(6,2,104,'Destination "%s" was not a directory',Array($cmds['target']));
720 } else $this->writelog(6,1,105,'New name "%s" was too long (max %s characters)',Array($theFolder,$this->maxInputNameLen));
721 }
722 }
723
724 /**
725 * This creates a new file. (action=8)
726 *
727 * @param array $cmds['data'] is the new filename. $cmds['target'] is the path where to create it
728 * @return string Returns the new filename upon success
729 */
730 function func_newfile($cmds) {
731 $extList = $GLOBALS['TYPO3_CONF_VARS']['SYS']['textfile_ext'];
732 if (!$this->isInit) return FALSE;
733 $newName = $this->cleanFileName($cmds['data']);
734 if ($newName) {
735 if ($this->checkFileNameLen($newName)) {
736 $theTarget = $this->is_directory($cmds['target']); // Check the target dir
737 $fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
738 if ($theTarget) {
739 if ($this->actionPerms['newFile']) {
740 $theNewFile = $theTarget.'/'.$newName;
741 if ($this->checkPathAgainstMounts($theNewFile)) {
742 if (!file_exists($theNewFile)) {
743 $fI = t3lib_div::split_fileref($theNewFile);
744 if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
745 if (t3lib_div::inList($extList, $fI['fileext'])) {
746 if (t3lib_div::writeFile($theNewFile,'')) {
747 clearstatcache();
748 $this->writelog(8,0,1,'File created: "%s"',Array($fI['file']));
749 return $theNewFile;
750 } else $this->writelog(8,1,100,'File "%s" was not created! Write-permission problem in "%s"?',Array($fI['file'], $theTarget));
751 } else $this->writelog(8,1,107,'File extension "%s" is not a textfile format! (%s)',Array($fI['fileext'], $extList));
752 } else $this->writelog(8,1,106,'Extension of file name "%s" was not allowed!',Array($fI['file']));
753 } else $this->writelog(8,1,101,'File "%s" existed already!',Array($theNewFile));
754 } else $this->writelog(8,1,102,'Destination path "%s" was not within your mountpoints!',Array($theTarget.'/'));
755 } else $this->writelog(8,1,103,'You are not allowed to create files!','');
756 } else $this->writelog(8,2,104,'Destination "%s" was not a directory',Array($cmds['target']));
757 } else $this->writelog(8,1,105,'New name "%s" was too long (max %s characters)',Array($newName,$this->maxInputNameLen));
758 }
759 }
760
761 /**
762 * Editing textfiles or folders (action=9)
763 *
764 * @param array $cmds['data'] is the new content. $cmds['target'] is the target (file or dir)
765 * @return boolean Returns true on success
766 */
767 function func_edit($cmds) {
768 if (!$this->isInit) return FALSE;
769 $theTarget = $cmds['target'];
770 $content = $cmds['data'];
771 $extList = $GLOBALS['TYPO3_CONF_VARS']['SYS']['textfile_ext'];
772 $type = filetype($theTarget);
773 if ($type=='file') { // $type MUST BE file
774 $fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
775 $fI =$fileInfo;
776 if ($this->checkPathAgainstMounts($fileInfo['path'])) {
777 if ($this->actionPerms['editFile']) {
778 $fI = t3lib_div::split_fileref($theTarget);
779 if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
780 if (t3lib_div::inList($extList, $fileInfo['fileext'])) {
781 if (t3lib_div::writeFile($theTarget,$content)) {
782 clearstatcache();
783 $this->writelog(9,0,1,'File saved to "%s", bytes: %s, MD5: %s ',Array($fileInfo['file'],@filesize($theTarget),md5($content)));
784 return TRUE;
785 } else $this->writelog(9,1,100,'File "%s" was not saved! Write-permission problem in "%s"?',Array($theTarget,$fileInfo['path']));
786 } else $this->writelog(9,1,102,'File extension "%s" is not a textfile format! (%s)',Array($fI['fileext'], $extList));
787 } else $this->writelog(9,1,103,'Extension of file name "%s" was not allowed!',Array($fI['file']));
788 } else $this->writelog(9,1,104,'You are not allowed to edit files!','');
789 } else $this->writelog(9,1,121,'Destination path "%s" was not within your mountpoints!',Array($fileInfo['path']));
790 } else $this->writelog(9,2,123,'Target "%s" was not a file!',Array($theTarget));
791 }
792
793 /**
794 * Upload of files (action=1)
795 *
796 * @param array $cmds['data'] is the ID-number (points to the global var that holds the filename-ref ($_FILES['upload_'.$id]['name']). $cmds['target'] is the target directory, $cmds['charset'] is the the character set of the file name (utf-8 is needed for JS-interaction)
797 * @return string Returns the new filename upon success
798 */
799 function func_upload($cmds) {
800 if (!$this->isInit) return FALSE;
801 $id = $cmds['data'];
802 if ($_FILES['upload_'.$id]['name']) {
803 $theFile = $_FILES['upload_'.$id]['tmp_name']; // filename of the uploaded file
804 $theFileSize = $_FILES['upload_'.$id]['size']; // filesize of the uploaded file
805 $theName = $this->cleanFileName(stripslashes($_FILES['upload_'.$id]['name']), (isset($cmds['charset']) ? $cmds['charset'] : '')); // The original filename
806 if (is_uploaded_file($theFile) && $theName) { // Check the file
807 if ($this->actionPerms['uploadFile']) {
808 if ($theFileSize<($this->maxUploadFileSize*1024)) {
809 $fI = t3lib_div::split_fileref($theName);
810 $theTarget = $this->is_directory($cmds['target']); // Check the target dir
811 if ($theTarget && $this->checkPathAgainstMounts($theTarget.'/')) {
812 if ($this->checkIfAllowed($fI['fileext'], $theTarget, $fI['file'])) {
813 $theNewFile = $this->getUniqueName($theName, $theTarget, $this->dontCheckForUnique);
814 if ($theNewFile) {
815 t3lib_div::upload_copy_move($theFile,$theNewFile);
816 clearstatcache();
817 if (@is_file($theNewFile)) {
818 $this->internalUploadMap[$id] = $theNewFile;
819 $this->writelog(1,0,1,'Uploading file "%s" to "%s"',Array($theName,$theNewFile, $id));
820 return $theNewFile;
821 } else $this->writelog(1,1,100,'Uploaded file could not be moved! Write-permission problem in "%s"?',Array($theTarget.'/'));
822 } else $this->writelog(1,1,101,'No unique filename available in "%s"!',Array($theTarget.'/'));
823 } else $this->writelog(1,1,102,'Extension of file name "%s" is not allowed in "%s"!',Array($fI['file'], $theTarget.'/'));
824 } else $this->writelog(1,1,103,'Destination path "%s" was not within your mountpoints!',Array($theTarget.'/'));
825 } else $this->writelog(1,1,104,'The uploaded file exceeds the size-limit of %s bytes',Array($this->maxUploadFileSize*1024));
826 } else $this->writelog(1,1,105,'You are not allowed to upload files!','');
827 } else $this->writelog(1,2,106,'The upload has failed, no uploaded file found!','');
828 } else $this->writelog(1,2,108,'No file was uploaded!','');
829 }
830
831 /**
832 * Unzipping file (action=7)
833 * This is permitted only if the user has fullAccess or if the file resides
834 *
835 * @param array $cmds['data'] is the zip-file. $cmds['target'] is the target directory. If not set we'll default to the same directory as the file is in.
836 * @return boolean Returns true on success
837 */
838 function func_unzip($cmds) {
839 if (!$this->isInit || $this->dont_use_exec_commands) return FALSE;
840
841 $theFile = $cmds['data'];
842 if (@is_file($theFile)) {
843 $fI = t3lib_div::split_fileref($theFile);
844 if (!isset($cmds['target'])) {
845 $cmds['target'] = $fI['path'];
846 }
847 $theDest = $this->is_directory($cmds['target']); // Clean up destination directory
848 if ($theDest) {
849 if ($this->actionPerms['unzipFile']) {
850 if ($fI['fileext']=='zip') {
851 if ($this->checkIfFullAccess($theDest)) {
852 if ($this->checkPathAgainstMounts($theFile) && $this->checkPathAgainstMounts($theDest.'/')) {
853 // No way to do this under windows.
854 $cmd = $this->unzipPath.'unzip -qq "'.$theFile.'" -d "'.$theDest.'"';
855 exec($cmd);
856 $this->writelog(7,0,1,'Unzipping file "%s" in "%s"',Array($theFile,$theDest));
857 return TRUE;
858 } else $this->writelog(7,1,100,'File "%s" or destination "%s" was not within your mountpoints!',Array($theFile,$theDest));
859 } else $this->writelog(7,1,101,'You don\'t have full access to the destination directory "%s"!',Array($theDest));
860 } else $this->writelog(7,1,102,'File extension is not "zip"','');
861 } else $this->writelog(7,1,103,'You are not allowed to unzip files','');
862 } else $this->writelog(7,2,104,'Destination "%s" was not a directory',Array($cmds['target']));
863 } else $this->writelog(7,2,105,'The file "%s" did not exist!',Array($theFile));
864 }
865 }
866
867 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_extfilefunc.php']) {
868 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_extfilefunc.php']);
869 }
870
871 ?>