Call fs_is_directorycomponent() and fs_is_hidden_file() instead of checking manually. Also: Path traversal in Media Manager fixed.
This commit is contained in:
azett
parent
28b7066d82
commit
c662bc3590
@ -286,7 +286,7 @@ function fs_copy($source, $dest) {
|
||||
* @return boolean <code>true</code> if the file is a directory component; otherwise <code>false</code>
|
||||
*/
|
||||
function fs_is_directorycomponent($filename) {
|
||||
return strlen($filename) > 0 && ($filename === '.' || $filename === '..');
|
||||
return $filename === '.' || $filename === '..';
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -120,7 +120,7 @@ function theme_list() {
|
||||
$dh = opendir($dir);
|
||||
$i = 0;
|
||||
while (false !== ($filename = readdir($dh))) {
|
||||
if (($filename != '.') && ($filename != '..')) {
|
||||
if (!fs_is_directorycomponent($filename)) {
|
||||
$files [$i++] = $filename;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Smarty plugin
|
||||
*
|
||||
* @package Smarty
|
||||
* @subpackage plugins
|
||||
*/
|
||||
@ -16,9 +18,7 @@
|
||||
*/
|
||||
|
||||
// $auto_base, $auto_source = null, $auto_id = null, $exp_time = null
|
||||
|
||||
function smarty_core_rm_auto($params, &$smarty)
|
||||
{
|
||||
function smarty_core_rm_auto($params, &$smarty) {
|
||||
if (!@is_dir($params ['auto_base']))
|
||||
return false;
|
||||
|
||||
@ -54,7 +54,7 @@ function smarty_core_rm_auto($params, &$smarty)
|
||||
$_handle = opendir($params ['auto_base']);
|
||||
$_res = true;
|
||||
while (false !== ($_filename = readdir($_handle))) {
|
||||
if($_filename == '.' || $_filename == '..') {
|
||||
if (fs_is_directorycomponent($_filename)) {
|
||||
continue;
|
||||
} elseif (substr($params ['auto_base'] . DIRECTORY_SEPARATOR . $_filename, 0, strlen($_tname)) == $_tname) {
|
||||
$_res &= (bool) $smarty->_unlink($params ['auto_base'] . DIRECTORY_SEPARATOR . $_filename, $params ['exp_time']);
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Smarty plugin
|
||||
*
|
||||
* @package Smarty
|
||||
* @subpackage plugins
|
||||
*/
|
||||
@ -16,16 +18,18 @@
|
||||
*/
|
||||
|
||||
// $dirname, $level = 1, $exp_time = null
|
||||
|
||||
function smarty_core_rmdir($params, &$smarty)
|
||||
{
|
||||
if(!isset($params['level'])) { $params['level'] = 1; }
|
||||
if(!isset($params['exp_time'])) { $params['exp_time'] = null; }
|
||||
function smarty_core_rmdir($params, &$smarty) {
|
||||
if (!isset($params ['level'])) {
|
||||
$params ['level'] = 1;
|
||||
}
|
||||
if (!isset($params ['exp_time'])) {
|
||||
$params ['exp_time'] = null;
|
||||
}
|
||||
|
||||
if ($_handle = @opendir($params ['dirname'])) {
|
||||
|
||||
while (false !== ($_entry = readdir($_handle))) {
|
||||
if ($_entry != '.' && $_entry != '..') {
|
||||
if (!fs_is_directorycomponent($_entry)) {
|
||||
if (@is_dir($params ['dirname'] . DIRECTORY_SEPARATOR . $_entry)) {
|
||||
$_params = array(
|
||||
'dirname' => $params ['dirname'] . DIRECTORY_SEPARATOR . $_entry,
|
||||
@ -33,8 +37,7 @@ function smarty_core_rmdir($params, &$smarty)
|
||||
'exp_time' => $params ['exp_time']
|
||||
);
|
||||
smarty_core_rmdir($_params, $smarty);
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
$smarty->_unlink($params ['dirname'] . DIRECTORY_SEPARATOR . $_entry, $params ['exp_time']);
|
||||
}
|
||||
}
|
||||
@ -46,7 +49,6 @@ function smarty_core_rmdir($params, &$smarty)
|
||||
return @rmdir($params ['dirname']);
|
||||
}
|
||||
return (bool) $_handle;
|
||||
|
||||
}
|
||||
|
||||
/* vim: set expandtab: */
|
||||
|
||||
@ -1,10 +1,11 @@
|
||||
<?php
|
||||
|
||||
|
||||
|
||||
class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
|
||||
var $finfo;
|
||||
|
||||
var $conf;
|
||||
|
||||
var $langres = 'plugin:mediamanager';
|
||||
|
||||
function cmpfiles($a, $b) {
|
||||
@ -15,9 +16,14 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
return $c;
|
||||
}
|
||||
|
||||
|
||||
function formatBytes($bytes, $precision = 2) {
|
||||
$units = array('B', 'KB', 'MB', 'GB', 'TB');
|
||||
$units = array(
|
||||
'B',
|
||||
'KB',
|
||||
'MB',
|
||||
'GB',
|
||||
'TB'
|
||||
);
|
||||
|
||||
$bytes = max($bytes, 0);
|
||||
$pow = floor(($bytes ? log($bytes) : 0) / log(1024));
|
||||
@ -28,8 +34,6 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
return round($bytes, $precision) . ' ' . $units [$pow];
|
||||
}
|
||||
|
||||
|
||||
|
||||
function getFileInfo($filepath) {
|
||||
global $fp_config;
|
||||
|
||||
@ -45,7 +49,6 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
$info ['usecount'] = null;
|
||||
}
|
||||
|
||||
|
||||
return $info;
|
||||
}
|
||||
|
||||
@ -54,14 +57,16 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
}
|
||||
|
||||
function deleteFolder($folder, $mmbaseurl) {
|
||||
if (!file_exists($folder)) return false;
|
||||
if (!file_exists($folder))
|
||||
return false;
|
||||
$dir = opendir($folder);
|
||||
while (false !== ($file = readdir($dir))) {
|
||||
if (!in_array($file, array(".",".."))) {
|
||||
if (!fs_is_directorycomponent($file)) {
|
||||
if (is_dir($folder . "/" . $file)) {
|
||||
$this->deleteFolder($folder . "/" . $file, $mmbaseurl);
|
||||
} else {
|
||||
if (!unlink($folder."/".$file)) return false;
|
||||
if (!unlink($folder . "/" . $file))
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -73,18 +78,32 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
if (isset($_GET ['deletefile'])) {
|
||||
list ($type, $name) = explode("-", $_GET ['deletefile'], 2);
|
||||
switch ($type) {
|
||||
case 'attachs': $type=ABS_PATH.ATTACHS_DIR; break;
|
||||
case 'images': $type=ABS_PATH.IMAGES_DIR.$folder; break;
|
||||
case 'attachs':
|
||||
$type = ABS_PATH . ATTACHS_DIR;
|
||||
break;
|
||||
case 'images':
|
||||
$type = ABS_PATH . IMAGES_DIR . $folder;
|
||||
break;
|
||||
case 'gallery':
|
||||
if (!$this->deleteFolder(ABS_PATH . IMAGES_DIR . $name, $mmbaseurl))
|
||||
@utils_redirect($mmbaseurl . '&status=-1');
|
||||
@utils_redirect($mmbaseurl . '&status=1');
|
||||
return true;
|
||||
break;
|
||||
default: { @utils_redirect($mmbaseurl.'&status=-1'); return true; }
|
||||
default:
|
||||
{
|
||||
@utils_redirect($mmbaseurl . '&status=-1');
|
||||
return true;
|
||||
}
|
||||
}
|
||||
if (!file_exists($type . $name)) {
|
||||
@utils_redirect($mmbaseurl . '&status=-1');
|
||||
return true;
|
||||
}
|
||||
if (!unlink($type . $name)) {
|
||||
@utils_redirect($mmbaseurl . '&status=-1');
|
||||
return true;
|
||||
}
|
||||
if (!file_exists($type.$name)) { @utils_redirect($mmbaseurl.'&status=-1'); return true; }
|
||||
if (!unlink($type.$name)) { @utils_redirect($mmbaseurl.'&status=-1'); return true; }
|
||||
@utils_redirect($mmbaseurl . '&status=1');
|
||||
return true;
|
||||
}
|
||||
@ -94,25 +113,20 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
|
||||
function main() {
|
||||
$mmbaseurl = "admin.php?p=uploader&action=mediamanager";
|
||||
$folder = ""; $gallery="";
|
||||
if (isset($_GET['gallery'])){
|
||||
$folder = "";
|
||||
$gallery = "";
|
||||
if (isset($_GET ['gallery']) && !fs_is_directorycomponent($_GET ['gallery'])) {
|
||||
$mmbaseurl .= "&gallery=" . $_GET ['gallery'];
|
||||
$gallery = str_replace("/", "", $_GET ['gallery']);
|
||||
$folder = $gallery . "/";
|
||||
}
|
||||
|
||||
|
||||
$weburl = plugin_geturl('mediamanager');
|
||||
$this->conf = plugin_getoptions('mediamanager');
|
||||
if ($this->doItemActions($folder, $mmbaseurl)) return;
|
||||
|
||||
|
||||
|
||||
|
||||
if ($this->doItemActions($folder, $mmbaseurl))
|
||||
return;
|
||||
|
||||
$files = array();
|
||||
$galleries = array();
|
||||
@ -125,11 +139,13 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
$dir = opendir(ABS_PATH . IMAGES_DIR);
|
||||
while (false !== ($file = readdir($dir))) {
|
||||
$fullpath = ABS_PATH . IMAGES_DIR . $file;
|
||||
if (!in_array($file, array(".","..",".thumbs")) && is_dir($fullpath)) {
|
||||
if (!fs_is_directorycomponent($file) && !fs_is_hidden_file($file) && is_dir($fullpath)) {
|
||||
$info = $this->getFileInfo($fullpath);
|
||||
$info ['type'] = "gallery";
|
||||
$galleries [$fullpath] = $info;
|
||||
if (is_null($info['usecount'])) { $galleries_needupdate[]=$fullpath;}
|
||||
if (is_null($info ['usecount'])) {
|
||||
$galleries_needupdate [] = $fullpath;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -138,13 +154,15 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
if ($folder == "" && file_exists(ABS_PATH . ATTACHS_DIR)) {
|
||||
$dir = opendir(ABS_PATH . ATTACHS_DIR);
|
||||
while (false !== ($file = readdir($dir))) {
|
||||
if (!in_array($file, array(".",".."))) {
|
||||
if (!fs_is_directorycomponent($file) && !fs_is_hidden_file($file)) {
|
||||
$fullpath = ABS_PATH . ATTACHS_DIR . $file;
|
||||
$info = $this->getFileInfo($fullpath);
|
||||
$info ['type'] = "attachs";
|
||||
$info ['url'] = BLOG_ROOT . ATTACHS_DIR . $file;
|
||||
$files [$fullpath] = $info;
|
||||
if (is_null($info['usecount'])) { $files_needupdate[]=$fullpath;}
|
||||
if (is_null($info ['usecount'])) {
|
||||
$files_needupdate [] = $fullpath;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -153,34 +171,44 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
$dir = opendir(ABS_PATH . IMAGES_DIR . $folder);
|
||||
while (false !== ($file = readdir($dir))) {
|
||||
$fullpath = ABS_PATH . IMAGES_DIR . $folder . $file;
|
||||
if (!in_array($file, array(".","..",".thumbs")) && !is_dir($fullpath)) {
|
||||
if (!fs_is_directorycomponent($file) && !fs_is_hidden_file($file) && !is_dir($fullpath)) {
|
||||
$info = $this->getFileInfo($fullpath);
|
||||
$info ['type'] = "images";
|
||||
$info ['url'] = BLOG_ROOT . IMAGES_DIR . $folder . $file;
|
||||
$files [$fullpath] = $info;
|
||||
# NO count for images in galleries
|
||||
if ($folder=="" && is_null($info['usecount'])) { $files_needupdate[]=$fullpath; }
|
||||
if ($folder == "" && is_null($info ['usecount'])) {
|
||||
$files_needupdate [] = $fullpath;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
mediamanager_updateUseCountArr($files, $files_needupdate);
|
||||
mediamanager_updateUseCountArr($galleries, $galleries_needupdate);
|
||||
|
||||
usort($files, Array("admin_uploader_mediamanager","cmpfiles"));
|
||||
usort($files, Array(
|
||||
"admin_uploader_mediamanager",
|
||||
"cmpfiles"
|
||||
));
|
||||
$totalfilescount = (string) count($files);
|
||||
# paginator
|
||||
$pages = ceil((count($files) + count($galleries)) / ITEMSPERPAGE);
|
||||
if ($pages==0) $pages=1;
|
||||
if ($pages == 0)
|
||||
$pages = 1;
|
||||
if (isset($_GET ['page'])) {
|
||||
$page = (int) $_GET ['page'];
|
||||
} else {
|
||||
$page = 1;
|
||||
}
|
||||
if ($page<1) $page=1;
|
||||
if ($page>$pages) $page=$pages;
|
||||
if ($page < 1)
|
||||
$page = 1;
|
||||
if ($page > $pages)
|
||||
$page = $pages;
|
||||
$pagelist = array();
|
||||
for($k=1; $k<=$pages; $k++ ) $pagelist[]=$k;
|
||||
$paginator = array( "total"=>$pages,
|
||||
for($k = 1; $k <= $pages; $k++)
|
||||
$pagelist [] = $k;
|
||||
$paginator = array(
|
||||
"total" => $pages,
|
||||
"current" => $page,
|
||||
"limit" => ITEMSPERPAGE,
|
||||
"pages" => $pagelist
|
||||
@ -220,7 +248,6 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
return 2;
|
||||
}
|
||||
|
||||
|
||||
$folder = "";
|
||||
if (isset($_GET ['gallery'])) {
|
||||
$mmbaseurl .= "&gallery=" . $_GET ['gallery'];
|
||||
@ -228,7 +255,8 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
}
|
||||
|
||||
list ($action, $arg) = explode("-", $_POST ['action'], 2);
|
||||
if (!isset($_POST['file'])) return 2;
|
||||
if (!isset($_POST ['file']))
|
||||
return 2;
|
||||
foreach ($_POST ['file'] as $file => $v) {
|
||||
list ($type, $name) = explode("-", $file, 2);
|
||||
if ($action == 'atg' && $type == 'images') {
|
||||
@ -242,6 +270,3 @@ class admin_uploader_mediamanager extends AdminPanelAction {
|
||||
}
|
||||
|
||||
admin_addpanelaction('uploader', 'mediamanager', true);
|
||||
|
||||
|
||||
?>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user