Done various changes.
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_extfilefunc.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2003 Kasper Skaarhoj (kasper@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * extending class to class t3lib_basicFileFunctions
29 *
30 * $Id$
31 *
32 * @author Kasper Skaarhoj <kasper@typo3.com>
33 */
34 /**
35 * [CLASS/FUNCTION INDEX of SCRIPT]
36 *
37 *
38 *
39 * 123: class t3lib_extFileFunctions extends t3lib_basicFileFunctions
40 * 157: function start($data)
41 * 183: function init_actionPerms($setup)
42 * 216: function mapData($inputArray)
43 * 225: function processData()
44 * 274: function printLogErrorMessages($redirect)
45 * 312: function findRecycler($theFile)
46 *
47 * SECTION: File operation functions
48 * 354: function func_upload($cmds)
49 * 395: function func_copy($cmds)
50 * 485: function func_move($cmds)
51 * 576: function func_delete($cmds)
52 * 642: function func_rename($cmds)
53 * 690: function func_newfolder($cmds)
54 * 723: function func_unzip($cmds)
55 * 758: function func_newfile($cmds)
56 * 796: function func_edit($cmds)
57 * 845: function writeLog($action,$error,$details_nr,$details,$data)
58 *
59 * TOTAL FUNCTIONS: 16
60 * (This index is automatically created/updated by the extension "extdeveval")
61 *
62 */
63
64
65
66
67
68
69
70
71
72
73
74
75
76 /**
77 * COMMENT:
78 *
79 * see basicFileFunctions
80 * see tce_file.php for SYNTAX!
81 *
82 * This class contains functions primarily used by tce_file.php (Typo Core Engine for filemanipulation)
83 * Functions include copying, moving, deleting, uploading and so on...
84 *
85 * Important internal variables:
86 *
87 * $filemounts (see basicFileFunctions)
88 * $f_ext (see basicFileFunctions)
89 * ... All fileoperations must be within the filemount-paths. Further the fileextension MUST validate true with the f_ext array
90 *
91 * $actionPerms : This array is self-explaning (look in the class below). It grants access to the functions. This could be set from outside in order to enabled functions to users. see also the function init_actionPerms() which takes input directly from the user-record
92 * $maxCopyFileSize = 10000; // max copy size for files
93 * $maxMoveFileSize = 10000; // max move size for files
94 * $maxUploadFileSize = 10000; // max upload size for files. Remember that PHP has an inner limit often set to 2 MB
95 *
96 * $recyclerFN='_recycler_' : This is regarded to be the recycler folder
97 *
98 * The unzip-function allows unzip only if the destination path has it's f_ext[]['allow'] set to '*'!!
99 * You are allowed to copy/move folders within the same 'space' (web/ftp).
100 * You are allowed to copy/move folders between spaces (web/ftp) IF the destination has it's f_ext[]['allow'] set to '*'!
101 *
102 *
103 * Advice:
104 * You should always exclude php-files from the webspace. This will keep people from uploading, copy/moving and renaming files to the php3/php-extension.
105 * You should never mount a ftp_space 'below' the webspace so that it reaches into the webspace. This is because if somebody unzips a zip-file in the ftp-space so that it reaches out into the webspace this will be a violation of the safety
106 * Eg. THIS IS A BAD IDEA: you have an ftp-space that is '/www/' and a web-space that is '/www/htdocs/'
107 *
108 *
109 *
110 * Dependencies:
111 * t3lib_div
112 * t3lib_basicfilefunctions
113 */
114
115 /**
116 * Contains functions for performing file operations like copying, pasting, uploading, moving, deleting etc. through the TCE
117 * Extending class to class t3lib_basicFileFunctions.
118 *
119 * @author Kasper Skaarhoj <kasper@typo3.com>
120 * @package TYPO3
121 * @subpackage t3lib
122 */
123 class t3lib_extFileFunctions extends t3lib_basicFileFunctions {
124 var $maxCopyFileSize = 10000; // kb
125 var $maxMoveFileSize = 10000; // kb
126 var $maxUploadFileSize = 10000; // kb
127 var $unzipPath = ''; // Path to unzip-program (with trailing '/')
128 var $dontCheckForUnique=0; // If set, the uploaded files will overwrite existing files.
129
130 var $actionPerms = Array(
131 'deleteFile' => 0, // Deleting files physically
132 'deleteFolder' => 0, // Deleting foldes physically
133 'deleteFolderRecursively' => 0, // normally folders are deleted by the PHP-function rmdir(), but with this option a user deletes with 'rm -Rf ....' which is pretty wild!
134 'moveFile' => 0,
135 'moveFolder' => 0,
136 'copyFile' => 0,
137 'copyFolder' => 0,
138 'newFolder' => 0,
139 'newFile' => 0,
140 'editFile' => 0,
141 'unzipFile' => 0,
142 'uploadFile' => 0,
143 'renameFile' => 0,
144 'renameFolder' => 0
145 );
146
147 var $recyclerFN = '_recycler_';
148 var $useRecycler = 1; // 0 = no, 1 = if available, 2 = always
149 var $PHPFileFunctions=0; // If set, all fileoperations are done by the default PHP-functions. This is necessary under windows! On UNIX the system commands by exec() can be used unless safe_mode is enabled
150 var $dont_use_exec_commands=0; // This is necessary under windows!
151
152
153 /**
154 * @param [type] $data: ...
155 * @return [type] ...
156 */
157 function start($data) {
158 if (TYPO3_OS=='WIN' || $GLOBALS['TYPO3_CONF_VARS']['BE']['disable_exec_function']) {
159 $this->PHPFileFunctions=1;
160 $this->dont_use_exec_commands=1;
161 } else {
162 $this->PHPFileFunctions = $GLOBALS['TYPO3_CONF_VARS']['BE']['usePHPFileFunctions'];
163 }
164 $this->data = $data;
165 $this->datamap = $this->mapData($this->data);
166 $this->unzipPath = $GLOBALS['TYPO3_CONF_VARS']['BE']['unzip_path'];
167
168 $maxFileSize=intval($GLOBALS['TYPO3_CONF_VARS']['BE']['maxFileSize']);
169 if ($maxFileSize>0) {
170 $this->maxCopyFileSize = $maxFileSize;
171 $this->maxMoveFileSize = $maxFileSize;
172 $this->maxUploadFileSize = $maxFileSize;
173 }
174 }
175
176 /**
177 * Sets up permission to perform file/directory operations.
178 * See below or the be_user-table for the significanse of the various bits in $setup ($BE_USER->user['fileoper_perms'])
179 *
180 * @param [type] $setup: ...
181 * @return [type] ...
182 */
183 function init_actionPerms($setup) {
184 if (($setup&1)==1) { // Files: Upload,Copy,Move,Delete,Rename
185 $this->actionPerms['uploadFile']=1;
186 $this->actionPerms['copyFile']=1;
187 $this->actionPerms['moveFile']=1;
188 $this->actionPerms['deleteFile']=1;
189 $this->actionPerms['renameFile']=1;
190 $this->actionPerms['editFile']=1;
191 $this->actionPerms['newFile']=1;
192 }
193 if (($setup&2)==2) { // Files: Unzip
194 $this->actionPerms['unzipFile']=1;
195 }
196 if (($setup&4)==4) { // Directory: Move,Delete,Rename,New
197 $this->actionPerms['moveFolder']=1;
198 $this->actionPerms['deleteFolder']=1;
199 $this->actionPerms['renameFolder']=1;
200 $this->actionPerms['newFolder']=1;
201 }
202 if (($setup&8)==8) { // Directory: Copy
203 $this->actionPerms['copyFolder']=1;
204 }
205 if (($setup&16)==16) { // Directory: Delete recursively (rm -Rf)
206 $this->actionPerms['deleteFolderRecursively']=1;
207 }
208 }
209
210 /**
211 * If PHP4 then we just set the incoming data to the arrays as PHP4 submits multidimensional arrays
212 *
213 * @param [type] $inputArray: ...
214 * @return [type] ...
215 */
216 function mapData($inputArray) {
217 if (is_array($inputArray)) {
218 return $inputArray;
219 }
220 }
221
222 /**
223 * @return [type] ...
224 */
225 function processData() {
226 if (!$this->isInit) return false;
227 if (is_array($this->datamap)) {
228 t3lib_div::stripSlashesOnArray($this->datamap);
229
230 reset($this->datamap);
231 while (list($action, $content) = each($this->datamap)) {
232 if (is_array($content)) {
233 while(list($id, $cmdArr) = each($content)) {
234 clearstatcache();
235 switch ($action) {
236 case 'delete':
237 $this->func_delete($cmdArr);
238 break;
239 case 'copy':
240 $this->func_copy($cmdArr);
241 break;
242 case 'move':
243 $this->func_move($cmdArr);
244 break;
245 case 'rename':
246 $this->func_rename($cmdArr);
247 break;
248 case 'newfolder':
249 $this->func_newfolder($cmdArr);
250 break;
251 case 'newfile':
252 $this->func_newfile($cmdArr);
253 break;
254 case 'editfile':
255 $this->func_edit($cmdArr);
256 break;
257 case 'upload':
258 $this->func_upload($cmdArr);
259 break;
260 case 'unzip':
261 $this->func_unzip($cmdArr);
262 break;
263 }
264 }
265 }
266 }
267 }
268 }
269
270 /**
271 * @param [type] $redirect: ...
272 * @return [type] ...
273 */
274 function printLogErrorMessages($redirect) {
275 if ($redirect) {
276 header('Location: '.t3lib_div::locationHeaderUrl($redirect));
277 exit;
278 }
279
280
281 t3lib_BEfunc::getSetUpdateSignal('updateFolderTree');
282
283 echo '
284 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
285 <html>
286 <head>
287 <title>File Status script</title>
288 </head>
289 <body bgcolor="#F7F3EF">
290
291 <script language="javascript" type="text/javascript">
292 if (top.busy) {
293 top.busy.loginRefreshed();
294 }
295 top.goToModule("file_list");
296 </script>
297 </body>
298 </html>
299 ';
300 exit;
301 }
302
303 /**
304 * Takes a valid Path ($theFile)
305 * Goes back in the path and checks in each directory if a folder named $this->recyclerFN (usually '_recycler_') is present.
306 * Returns the path (without trailing slash) of the closest recycle-folder if found. Else false.
307 * If a folder in the tree happens to be a _recycler_-folder (which means that we're deleting something inside a _recycler_-folder) this is ignored
308 *
309 * @param [type] $theFile: ...
310 * @return [type] ...
311 */
312 function findRecycler($theFile) {
313 if ($this->isPathValid($theFile)) {
314 $theFile=$this->cleanDirectoryName($theFile);
315 $fI=t3lib_div::split_fileref($theFile);
316 $c=0;
317 while($this->checkPathAgainstMounts($fI['path']) && $c<20) {
318 $rDir = $fI['path'].$this->recyclerFN;
319 if (@is_dir($rDir) && $this->recyclerFN!=$fI['file']) {
320 return $rDir;
321 }
322 $theFile=$fI['path'];
323 $theFile=$this->cleanDirectoryName($theFile);
324 $fI=t3lib_div::split_fileref($theFile);
325 $c++;
326 }
327 }
328 }
329
330
331
332
333
334
335
336
337
338
339 /*************************************
340 *
341 * File operation functions
342 *
343 **************************************/
344
345 /**
346 * Upload of files (action=1)
347 * $cmds['data'] is the ID-number (points to the global var that holds the filename-ref ($GLOBALS['HTTP_POST_FILES']['upload_'.$id]['name'])
348 * $cmds['target'] is the target directory
349 * Returns the new filename upon success
350 *
351 * @param [type] $cmds: ...
352 * @return [type] ...
353 */
354 function func_upload($cmds) {
355 if (!$this->isInit) return false;
356 $id = $cmds['data'];
357 if ($GLOBALS['HTTP_POST_FILES']['upload_'.$id]['name']) {
358 $theFile = $GLOBALS['HTTP_POST_FILES']['upload_'.$id]['tmp_name']; // filename of the uploaded file
359 $theName = $this->cleanFileName(stripslashes($GLOBALS['HTTP_POST_FILES']['upload_'.$id]['name'])); // The original filename
360 if (@is_file($theFile) && $theName) { // Check the file
361 if ($this->actionPerms['uploadFile']) {
362 if (filesize($theFile)<($this->maxUploadFileSize*1024)) {
363 $fI = t3lib_div::split_fileref($theName);
364 $theTarget = $this->is_directory($cmds['target']); // Check the target dir
365 if ($theTarget && $this->checkPathAgainstMounts($theTarget.'/')) {
366 if ($this->checkIfAllowed($fI['fileext'], $theTarget, $fI['file'])) {
367 $theNewFile = $this->getUniqueName($theName, $theTarget, $this->dontCheckForUnique);
368 if ($theNewFile) {
369 t3lib_div::upload_copy_move($theFile,$theNewFile);
370
371 clearstatcache();
372 if (@is_file($theNewFile)) {
373 $this->writelog(1,0,1,"Uploading file '%s' to '%s'",Array($theName,$theNewFile, $id));
374 return $theNewFile;
375 } else $this->writelog(1,1,100,"Uploaded file could not be moved! Write-permission problem in '%s'?",Array($theTarget.'/'));
376 } else $this->writelog(1,1,101,"No unique filename available in '%s'!",Array($theTarget.'/'));
377 } else $this->writelog(1,1,102,"Fileextension '%s' is not allowed in '%s'!",Array($fI['fileext'],$theTarget.'/'));
378 } else $this->writelog(1,1,103,"Destination path '%s' was not within your mountpoints!",Array($theTarget.'/'));
379 } else $this->writelog(1,1,104,"The uploaded file exceeds the size-limit of %s bytes",Array($this->maxUploadFileSize*1024));
380 } else $this->writelog(1,1,105,"You are not allowed to upload files!",'');
381 } else $this->writelog(1,2,106,'The uploaded file did not exist!','');
382 }
383 }
384
385 /**
386 * Copying files and folders (action=2)
387 * $cmds['data'] is the the file/folder to copy
388 * $cmds['target'] is the path where to copy to
389 * $cmds['altName'] (boolean): If set, another filename is found in case the target already exists
390 * Returns the new filename upon success
391 *
392 * @param [type] $cmds: ...
393 * @return [type] ...
394 */
395 function func_copy($cmds) {
396 if (!$this->isInit) return false;
397 $theFile = $cmds['data'];
398 $theDest = $this->is_directory($cmds['target']); // Clean up destination directory
399 $altName = $cmds['altName'];
400 if (!$theDest) {
401 $this->writelog(2,2,100,"Destination '%s' was not a directory",Array($cmds['target']));
402 return false;
403 }
404 if (!$this->isPathValid($theFile) || !$this->isPathValid($theDest)) {
405 $this->writelog(2,2,101,"Target or destination had invalid path ('..' and '//' is not allowed in path). T='%s', D='%s'",Array($theFile,$theDest));
406 return false;
407 }
408 if (@is_file($theFile)) { // If we are copying a file...
409 if ($this->actionPerms['copyFile']) {
410 if (filesize($theFile) < ($this->maxCopyFileSize*1024)) {
411 $fI=t3lib_div::split_fileref($theFile);
412 if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
413 $theDestFile=$this->getUniqueName($fI['file'], $theDest);
414 $fI=t3lib_div::split_fileref($theDestFile);
415 } else {
416 $theDestFile=$theDest.'/'.$fI['file'];
417 }
418 if ($theDestFile && !@file_exists($theDestFile)) {
419 if ($this->checkIfAllowed($fI['fileext'], $theDest, $fI['file'])) {
420 if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
421 if ($this->PHPFileFunctions) {
422 copy ($theFile,$theDestFile);
423 } else {
424 $cmd = 'cp "'.$theFile.'" "'.$theDestFile.'"';
425 exec($cmd);
426 }
427 clearstatcache();
428 if (@is_file($theDestFile)) {
429 $this->writelog(2,0,1,"File '%s' copied to '%s'",Array($theFile,$theDestFile));
430 return $theDestFile;
431 } else $this->writelog(2,2,109,"File '%s' WAS NOT copied to '%s'! Write-permission problem?",Array($theFile,$theDestFile));
432 } else $this->writelog(2,1,110,"Target or destination was not within your mountpoints! T='%s', D='%s'",Array($theFile,$theDestFile));
433 } else $this->writelog(2,1,111,"Fileextension '%s' is not allowed in '%s'!",Array($fI['fileext'],$theDest.'/'));
434 } else $this->writelog(2,1,112,"File '%s' already exists!",Array($theDestFile));
435 } else $this->writelog(2,1,113,"File '%s' exceeds the size-limit of %s bytes",Array($theFile,$this->maxCopyFileSize*1024));
436 } else $this->writelog(2,1,114,"You are not allowed to copy files",'');
437 // FINISHED copying file
438
439 } elseif (@is_dir($theFile) && !$this->dont_use_exec_commands) { // if we're copying a folder
440 if ($this->actionPerms['copyFolder']) {
441 $theFile = $this->is_directory($theFile);
442 if ($theFile) {
443 $fI=t3lib_div::split_fileref($theFile);
444 if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
445 $theDestFile=$this->getUniqueName($fI['file'], $theDest);
446 $fI=t3lib_div::split_fileref($theDestFile);
447 } else {
448 $theDestFile=$theDest.'/'.$fI['file'];
449 }
450 if ($theDestFile && !@file_exists($theDestFile)) {
451 if (!t3lib_div::isFirstPartOfStr($theDestFile.'/',$theFile.'/')) { // Check if the one folder is inside the other or on the same level... to target/dest is the same?
452 if ($this->checkIfFullAccess($theDest) || $this->is_webPath($theDestFile)==$this->is_webPath($theFile)) { // no copy of folders between spaces
453 if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
454 // No way to do this under windows!
455 $cmd = 'cp -R "'.$theFile.'" "'.$theDestFile.'"';
456 exec($cmd);
457 clearstatcache();
458 if (@is_dir($theDestFile)) {
459 $this->writelog(2,0,2,"Directory '%s' copied to '%s'",Array($theFile,$theDestFile));
460 return $theDestFile;
461 } else $this->writelog(2,2,119,"Directory '%s' WAS NOT copied to '%s'! Write-permission problem?",Array($theFile,$theDestFile));
462 } else $this->writelog(2,1,120,"Target or destination was not within your mountpoints! T='%s', D='%s'",Array($theFile,$theDestFile));
463 } else $this->writelog(2,1,121,"You don't have full access to the destination directory '%s'!",Array($theDest.'/'));
464 } else $this->writelog(2,1,122,"Destination cannot be inside the target! D='%s', T='%s'",Array($theDestFile.'/',$theFile.'/'));
465 } else $this->writelog(2,1,123,"Target '%s' already exists!",Array($theDestFile));
466 } else $this->writelog(2,2,124,"Target seemed not to be a directory! (Shouldn't happen here!)",'');
467 } else $this->writelog(2,1,125,"You are not allowed to copy directories",'');
468 // FINISHED copying directory
469
470 } else {
471 $this->writelog(2,2,130,"The item '%s' was not a file or directory!",Array($theFile));
472 }
473 }
474
475 /**
476 * Moving files and folders (action=3)
477 * $cmds['data'] is the the file/folder to move
478 * $cmds['target'] is the path where to move to
479 * $cmds['altName'] (boolean): If set, another filename is found in case the target already exists
480 * Returns the new filename upon success
481 *
482 * @param [type] $cmds: ...
483 * @return [type] ...
484 */
485 function func_move($cmds) {
486 if (!$this->isInit) return false;
487 $theFile = $cmds['data'];
488 $theDest = $this->is_directory($cmds['target']); // Clean up destination directory
489 $altName = $cmds['altName'];
490 if (!$theDest) {
491 $this->writelog(3,2,100,"Destination '%s' was not a directory",Array($cmds['target']));
492 return false;
493 }
494 if (!$this->isPathValid($theFile) || !$this->isPathValid($theDest)) {
495 $this->writelog(3,2,101,"Target or destination had invalid path ('..' and '//' is not allowed in path). T='%s', D='%s'",Array($theFile,$theDest));
496 return false;
497 }
498 if (@is_file($theFile)) { // If we are moving a file...
499 if ($this->actionPerms['moveFile']) {
500 if (filesize($theFile) < ($this->maxMoveFileSize*1024)) {
501 $fI=t3lib_div::split_fileref($theFile);
502 if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
503 $theDestFile=$this->getUniqueName($fI['file'], $theDest);
504 $fI=t3lib_div::split_fileref($theDestFile);
505 } else {
506 $theDestFile=$theDest.'/'.$fI['file'];
507 }
508 if ($theDestFile && !@file_exists($theDestFile)) {
509 if ($this->checkIfAllowed($fI['fileext'], $theDest, $fI['file'])) {
510 if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
511 if ($this->PHPFileFunctions) {
512 rename($theFile, $theDestFile);
513 } else {
514 $cmd = 'mv "'.$theFile.'" "'.$theDestFile.'"';
515 exec($cmd);
516 }
517 clearstatcache();
518 if (@is_file($theDestFile)) {
519 $this->writelog(3,0,1,"File '%s' moved to '%s'",Array($theFile,$theDestFile));
520 return $theDestFile;
521 } else $this->writelog(3,2,109,"File '%s' WAS NOT moved to '%s'! Write-permission problem?",Array($theFile,$theDestFile));
522 } else $this->writelog(3,1,110,"Target or destination was not within your mountpoints! T='%s', D='%s'",Array($theFile,$theDestFile));
523 } else $this->writelog(3,1,111,"Fileextension '%s' is not allowed in '%s'!",Array($fI['fileext'],$theDest.'/'));
524 } else $this->writelog(3,1,112,"File '%s' already exists!",Array($theDestFile));
525 } else $this->writelog(3,1,113,"File '%s' exceeds the size-limit of %s bytes",Array($theFile,$this->maxMoveFileSize*1024));
526 } else $this->writelog(3,1,114,"You are not allowed to move files",'');
527 // FINISHED moving file
528
529 } elseif (@is_dir($theFile)) { // if we're moving a folder
530 if ($this->actionPerms['moveFolder']) {
531 $theFile = $this->is_directory($theFile);
532 if ($theFile) {
533 $fI=t3lib_div::split_fileref($theFile);
534 if ($altName) { // If altName is set, we're allowed to create a new filename if the file already existed
535 $theDestFile=$this->getUniqueName($fI['file'], $theDest);
536 $fI=t3lib_div::split_fileref($theDestFile);
537 } else {
538 $theDestFile=$theDest.'/'.$fI['file'];
539 }
540 if ($theDestFile && !@file_exists($theDestFile)) {
541 if (!t3lib_div::isFirstPartOfStr($theDestFile.'/',$theFile.'/')) { // Check if the one folder is inside the other or on the same level... to target/dest is the same?
542 if ($this->checkIfFullAccess($theDest) || $this->is_webPath($theDestFile)==$this->is_webPath($theFile)) { // // no moving of folders between spaces
543 if ($this->checkPathAgainstMounts($theDestFile) && $this->checkPathAgainstMounts($theFile)) {
544 if ($this->PHPFileFunctions) {
545 rename($theFile, $theDestFile);
546 } else {
547 $cmd = 'mv "'.$theFile.'" "'.$theDestFile.'"';
548 exec($cmd,$errArr,$retVar);
549 }
550 clearstatcache();
551 if (@is_dir($theDestFile)) {
552 $this->writelog(3,0,2,"Directory '%s' moved to '%s'",Array($theFile,$theDestFile));
553 return $theDestFile;
554 } else $this->writelog(3,2,119,"Directory '%s' WAS NOT moved to '%s'! Write-permission problem?",Array($theFile,$theDestFile));
555 } else $this->writelog(3,1,120,"Target or destination was not within your mountpoints! T='%s', D='%s'",Array($theFile,$theDestFile));
556 } else $this->writelog(3,1,121,"You don't have full access to the destination directory '%s'!",Array($theDest.'/'));
557 } else $this->writelog(3,1,122,"Destination cannot be inside the target! D='%s', T='%s'",Array($theDestFile.'/',$theFile.'/'));
558 } else $this->writelog(3,1,123,"Target '%s' already exists!",Array($theDestFile));
559 } else $this->writelog(3,2,124,"Target seemed not to be a directory! (Shouldn't happen here!)",'');
560 } else $this->writelog(3,1,125,"You are not allowed to move directories",'');
561 // FINISHED moving directory
562
563 } else {
564 $this->writelog(3,2,130,"The item '%s' was not a file or directory!",Array($theFile));
565 }
566 }
567
568 /**
569 * Deleting files and folders (action=4)
570 * $cmds['data'] is the the file/folder to delete
571 * Returns true upon success
572 *
573 * @param [type] $cmds: ...
574 * @return [type] ...
575 */
576 function func_delete($cmds) {
577 if (!$this->isInit) return false;
578 $theFile = $cmds['data'];
579 if (!$this->isPathValid($theFile)) {
580 $this->writelog(4,2,101,"Target '%s' had invalid path ('..' and '//' is not allowed in path).",Array($theFile));
581 return false;
582 }
583 if ($this->useRecycler && $recyclerPath=$this->findRecycler($theFile)) {
584 // If a recycler is found, the deleted items is moved to the recycler and not just deleted.
585 $newCmds=Array();
586 $newCmds['data']=$theFile;
587 $newCmds['target']=$recyclerPath;
588 $newCmds['altName']=1;
589 $this->func_move($newCmds);
590 $this->writelog(4,0,4,"Item '%s' moved to recycler at '%s'",Array($theFile,$recyclerPath));
591 return true;
592 } elseif ($this->useRecycler != 2) { // if $this->useRecycler==2 then we cannot delete for real!!
593 if (@is_file($theFile)) { // If we are deleting a file...
594 if ($this->actionPerms['deleteFile']) {
595 if ($this->checkPathAgainstMounts($theFile)) {
596 if (@unlink($theFile)) {
597 $this->writelog(4,0,1,"File '%s' deleted",Array($theFile));
598 return true;
599 } else $this->writelog(4,1,110,"Could not delete file '%s'. Write-permission problem?", Array($theFile));
600 } else $this->writelog(4,1,111,"Target was not within your mountpoints! T='%s'",Array($theFile));
601 } else $this->writelog(4,1,112,"You are not allowed to delete files",'');
602 // FINISHED deleting file
603
604 } elseif (@is_dir($theFile) && !$this->dont_use_exec_commands) { // if we're deleting a folder
605 if ($this->actionPerms['deleteFolder']) {
606 $theFile = $this->is_directory($theFile);
607 if ($theFile) {
608 if ($this->checkPathAgainstMounts($theFile)) { // I choose not to append '/' to $theFile here as this will prevent us from deleting mounts!! (which makes sense to me...)
609 if ($this->actionPerms['deleteFolderRecursively']) {
610 // No way to do this under windows
611 $cmd = 'rm -Rf "'.$theFile.'"';
612 exec($cmd); // This is a quite critical command...
613 clearstatcache();
614 if (!@file_exists($theFile)) {
615 $this->writelog(4,0,2,"Directory '%s' deleted recursively!",Array($theFile));
616 return true;
617 } else $this->writelog(4,2,119,"Directory '%s' WAS NOT deleted recursively! Write-permission problem?",Array($theFile));
618 } else {
619 if (@rmdir($theFile)) {
620 $this->writelog(4,0,3,"Directory '%s' deleted",Array($theFile));
621 return true;
622 } else $this->writelog(4,1,120,"Could not delete directory! Write-permission problem? Is directory '%s' empty?",Array($theFile));
623 }
624 } else $this->writelog(4,1,121,"Target was not within your mountpoints! T='%s'",Array($theFile));
625 } else $this->writelog(4,2,122,"Target seemed not to be a directory! (Shouldn't happen here!)",'');
626 } else $this->writelog(4,1,123,"You are not allowed to delete directories",'');
627 // FINISHED copying directory
628
629 } else $this->writelog(4,2,130,"The item was not a file or directory! '%s'",Array($theFile));
630 } else $this->writelog(4,1,131,"No recycler found!",'');
631 }
632
633 /**
634 * Renaming files or foldes (action=5)
635 * $cmds['data'] is the new name
636 * $cmds['target'] is the target (file or dir)
637 * Returns the new filename upon success
638 *
639 * @param [type] $cmds: ...
640 * @return [type] ...
641 */
642 function func_rename($cmds) {
643 if (!$this->isInit) return false;
644 $theNewName = $this->cleanFileName($cmds['data']);
645 if ($theNewName) {
646 if ($this->checkFileNameLen($theNewName)) {
647 $theTarget = $cmds['target'];
648 $type = filetype($theTarget);
649 if ($type=='file' || $type=='dir') { // $type MUST BE file or dir
650 $fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
651 if ($fileInfo['file']!=$theNewName) { // The name should be different from the current. And the filetype must be allowed
652 $theRenameName = $fileInfo['path'].$theNewName;
653 if ($this->checkPathAgainstMounts($fileInfo['path'])) {
654 if (!@file_exists($theRenameName)) {
655 if ($type=='file') {
656 if ($this->actionPerms['renameFile']) {
657 $fI = t3lib_div::split_fileref($theRenameName);
658 if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
659 if (@rename($theTarget, $theRenameName)) {
660 $this->writelog(5,0,1,"File renamed from '%s' to '%s'",Array($fileInfo['file'],$theNewName));
661 return $theRenameName;
662 } else $this->writelog(5,1,100,"File '%s' was not renamed! Write-permission problem in '%s'?",Array($theTarget,$fileInfo['path']));
663 } else $this->writelog(5,1,101,"Fileextension '%s' was not allowed!",Array($fI['fileext']));
664 } else $this->writelog(5,1,102,"You are not allowed to rename files!",'');
665 } elseif ($type=='dir') {
666 if ($this->actionPerms['renameFolder']) {
667 if (@rename($theTarget, $theRenameName)) {
668 $this->writelog(5,0,2,"Directory renamed from '%s' to '%s'",Array($fileInfo['file'],$theNewName));
669 return $theRenameName;
670 } else $this->writelog(5,1,110,"Directory '%s' was not renamed! Write-permission problem in '%s'?",Array($theTarget,$fileInfo['path']));
671 } else $this->writelog(5,1,111,"You are not allowed to rename directories!",'');
672 }
673 } else $this->writelog(5,1,120,"Destination '%s' existed already!",Array($theRenameName));
674 } else $this->writelog(5,1,121,"Destination path '%s' was not within your mountpoints!",Array($fileInfo['path']));
675 } else $this->writelog(5,1,122,"Old and new name is the same (%s)",Array($theNewName));
676 } else $this->writelog(5,2,123,"Target '%s' was neither a directory nor a file!",Array($theTarget));
677 } else $this->writelog(5,1,124,"New name '%s' was too long (max %s characters)",Array($theNewName,$this->maxInputNameLen));
678 }
679 }
680
681 /**
682 * This creates a new folder. (action=6)
683 * $cmds['data'] is the foldername
684 * $cmds['target'] is the path where to create it
685 * Returns the new foldername upon success
686 *
687 * @param [type] $cmds: ...
688 * @return [type] ...
689 */
690 function func_newfolder($cmds) {
691 if (!$this->isInit) return false;
692 $theFolder = $this->cleanFileName($cmds['data']);
693 if ($theFolder) {
694 if ($this->checkFileNameLen($theFolder)) {
695 $theTarget = $this->is_directory($cmds['target']); // Check the target dir
696 if ($theTarget) {
697 if ($this->actionPerms['newFolder']) {
698 $theNewFolder = $theTarget.'/'.$theFolder;
699 if ($this->checkPathAgainstMounts($theNewFolder)) {
700 if (!@file_exists($theNewFolder)) {
701 if (@mkdir($theNewFolder, octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']))){
702 @chmod($theNewFolder, octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'])); //added this line, because the mode at 'mkdir' has a strange behaviour sometimes
703 $this->writelog(6,0,1,"Directory '%s' created in '%s'",Array($theFolder,$theTarget.'/'));
704 return $theNewFolder;
705 } else $this->writelog(6,1,100,"Directory '%s' not created. Write-permission problem in '%s'?",Array($theFolder,$theTarget.'/'));
706 } else $this->writelog(6,1,101,"File or directory '%s' existed already!",Array($theNewFolder));
707 } else $this->writelog(6,1,102,"Destination path '%s' was not within your mountpoints!",Array($theTarget.'/'));
708 } else $this->writelog(6,1,103,"You are not allowed to create directories!",'');
709 } else $this->writelog(6,2,104,"Destination '%s' was not a directory",Array($cmds['target']));
710 } else $this->writelog(6,1,105,"New name '%s' was too long (max %s characters)",Array($theFolder,$this->maxInputNameLen));
711 }
712 }
713
714 /**
715 * Unzipping file (action=7)
716 * This is permitted only if the user has fullAccess or if the file resides
717 * $cmds['data'] is the zip-file
718 * $cmds['target'] is the target directory. If not set we'll default to the same directory as the file is in
719 * If target is not supplied the target will be the current directory
720 *
721 * @param [type] $cmds: ...
722 * @return [type] ...
723 */
724 function func_unzip($cmds) {
725 if (!$this->isInit || $this->dont_use_exec_commands) return false;
726 $theFile = $cmds['data'];
727 if (@is_file($theFile)) {
728 $fI=t3lib_div::split_fileref($theFile);
729 if (!isset($cmds['target'])) {
730 $cmds['target'] = $fI['path'];
731 }
732 $theDest = $this->is_directory($cmds['target']); // Clean up destination directory
733 if ($theDest) {
734 if ($this->actionPerms['unzipFile']) {
735 if ($fI['fileext']=='zip') {
736 if ($this->checkIfFullAccess($theDest)) {
737 if ($this->checkPathAgainstMounts($theFile) && $this->checkPathAgainstMounts($theDest.'/')) {
738 // No way to do this under windows.
739 $cmd = $this->unzipPath.'unzip -qq "'.$theFile.'" -d "'.$theDest.'"';
740 exec($cmd);
741 $this->writelog(7,0,1,"Unzipping file '%s' in '%s'",Array($theFile,$theDest));
742 } else $this->writelog(7,1,100,"File '%s' or destination '%s' was not within your mountpoints!",Array($theFile,$theDest));
743 } else $this->writelog(7,1,101,"You don't have full access to the destination directory '%s'!",Array($theDest));
744 } else $this->writelog(7,1,102,"Fileextension is not 'zip'",'');
745 } else $this->writelog(7,1,103,"You are not allowed to unzip files",'');
746 } else $this->writelog(7,2,104,"Destination '%s' was not a directory",Array($cmds['target']));
747 } else $this->writelog(7,2,105,"The file '%s' did not exist!",Array($theFile));
748 }
749
750 /**
751 * This creates a new file. (action=8)
752 * $cmds['data'] is the new filename
753 * $cmds['target'] is the path where to create it
754 * Returns the new filename upon success
755 *
756 * @param [type] $cmds: ...
757 * @return [type] ...
758 */
759 function func_newfile($cmds) {
760 $extList = $GLOBALS['TYPO3_CONF_VARS']['SYS']['textfile_ext'];
761 if (!$this->isInit) return false;
762 $newName = $this->cleanFileName($cmds['data']);
763 if ($newName) {
764 if ($this->checkFileNameLen($newName)) {
765 $theTarget = $this->is_directory($cmds['target']); // Check the target dir
766 $fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
767 if ($theTarget) {
768 if ($this->actionPerms['newFile']) {
769 $theNewFile = $theTarget.'/'.$newName;
770 if ($this->checkPathAgainstMounts($theNewFile)) {
771 if (!@file_exists($theNewFile)) {
772 $fI = t3lib_div::split_fileref($theNewFile);
773 if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
774 if (t3lib_div::inList($extList, $fI['fileext'])) {
775 if (t3lib_div::writeFile($theNewFile,'')) {
776 clearstatcache();
777 $this->writelog(8,0,1,"File created: '%s'",Array($fI['file']));
778 } else $this->writelog(8,1,100,"File '%s' was not created! Write-permission problem in '%s'?",Array($fI['file'], $theTarget));
779 } else $this->writelog(8,1,107,"Fileextension '%s' is not a textfile format! (%s)",Array($fI['fileext'], $extList));
780 } else $this->writelog(8,1,106,"Fileextension '%s' was not allowed!",Array($fI['fileext']));
781 } else $this->writelog(8,1,101,"File '%s' existed already!",Array($theNewFile));
782 } else $this->writelog(8,1,102,"Destination path '%s' was not within your mountpoints!",Array($theTarget.'/'));
783 } else $this->writelog(8,1,103,"You are not allowed to create files!",'');
784 } else $this->writelog(8,2,104,"Destination '%s' was not a directory",Array($cmds['target']));
785 } else $this->writelog(8,1,105,"New name '%s' was too long (max %s characters)",Array($newName,$this->maxInputNameLen));
786 }
787 }
788
789 /**
790 * Editing textfiles or foldes (action=9)
791 * $cmds['data'] is the new content
792 * $cmds['target'] is the target (file or dir)
793 *
794 * @param [type] $cmds: ...
795 * @return [type] ...
796 */
797 function func_edit($cmds) {
798 if (!$this->isInit) return false;
799 $theTarget = $cmds['target'];
800 $content = stripslashes($cmds['data']);
801 $extList = $GLOBALS['TYPO3_CONF_VARS']['SYS']['textfile_ext'];
802 $type = filetype($theTarget);
803 if ($type=='file') { // $type MUST BE file
804 $fileInfo = t3lib_div::split_fileref($theTarget); // Fetches info about path, name, extention of $theTarget
805 $fI =$fileInfo;
806 if ($this->checkPathAgainstMounts($fileInfo['path'])) {
807 if ($this->actionPerms['editFile']) {
808 $fI = t3lib_div::split_fileref($theTarget);
809 if ($this->checkIfAllowed($fI['fileext'], $fileInfo['path'], $fI['file'])) {
810 if (t3lib_div::inList($extList, $fileInfo['fileext'])) {
811 if (t3lib_div::writeFile($theTarget,$content)) {
812 clearstatcache();
813 $this->writelog(9,0,1,"File saved to '%s', bytes: %s, MD5: %s ",Array($fileInfo['file'],@filesize($theTarget),md5($content)));
814 } else $this->writelog(9,1,100,"File '%s' was not saved! Write-permission problem in '%s'?",Array($theTarget,$fileInfo['path']));
815 } else $this->writelog(9,1,102,"Fileextension '%s' is not a textfile format! (%s)",Array($fI['fileext'], $extList));
816 } else $this->writelog(9,1,103,"Fileextension '%s' was not allowed!",Array($fI['fileext']));
817 } else $this->writelog(9,1,104,'You are not allowed to edit files!','');
818 } else $this->writelog(9,1,121,"Destination path '%s' was not within your mountpoints!",Array($fileInfo['path']));
819 } else $this->writelog(9,2,123,"Target '%s' was not a file!",Array($theTarget));
820 }
821
822 /**
823 * Logging actions
824 *
825 * Log messages:
826 * [action]-[details_nr.]
827 *
828 * REMEMBER to UPDATE the real messages set in tools/log/localconf_log.php
829 *
830 * 9-1: File saved to '%s', bytes: %s, MD5: %s
831 *
832 * $action: The action number. See the functions in the class for a hint. Eg. edit is '9', upload is '1' ...
833 * $error: The severity: 0 = message, 1 = error, 2 = System Error, 3 = security notice (admin)
834 * $details_nr: This number is unique for every combination of $type and $action. This is the error-message number, which can later be used to translate error messages.
835 * $details: This is the default, raw error message in english
836 * $data: Array with special information that may go into $details by '%s' marks / sprintf() when the log is shown
837 *
838 * @param [type] $action: ...
839 * @param [type] $error: ...
840 * @param [type] $details_nr: ...
841 * @param [type] $details: ...
842 * @param [type] $data: ...
843 * @return [type] ...
844 * @see class.t3lib_userauthgroup.php
845 */
846 function writeLog($action,$error,$details_nr,$details,$data) {
847 $type=2; // Type value for tce_file.php
848 if (is_object($GLOBALS['BE_USER'])) {
849 $GLOBALS['BE_USER']->writelog($type,$action,$error,$details_nr,$details,$data);
850 }
851 }
852 }
853
854 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_extfilefunc.php']) {
855 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_extfilefunc.php']);
856 }
857 ?>