Context Navigation

← Previous Changeset
Next Changeset →

Changeset 684

Timestamp:

2007-08-19 21:47:45 (17 months ago)

Author:

wwalc

Message:

added images checking in php connector

Location:

FCKeditor/trunk/editor/filemanager/connectors/php

Files:

: 1 added
: 2 modified

commands.php (modified) (3 diffs)
config.php (modified) (1 diff)
sanitizer.php (added)

Legend:

: Unmodified
: Added
: Removed

FCKeditor/trunk/editor/filemanager/connectors/php/commands.php

r677	r684
1	1	<?php
2	2	/*
3		* FCKeditor - The text editor for Internet - http://www.fckeditor.net
4		* Copyright (C) 2003-2007 Frederico Caldeira Knabben
5		*
6		* == BEGIN LICENSE ==
7		*
8		* Licensed under the terms of any of the following licenses at your
9		* choice:
10		*
11		* - GNU General Public License Version 2 or later (the "GPL")
12		* http://www.gnu.org/licenses/gpl.html
13		*
14		* - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
15		* http://www.gnu.org/licenses/lgpl.html
16		*
17		* - Mozilla Public License Version 1.1 or later (the "MPL")
18		* http://www.mozilla.org/MPL/MPL-1.1.html
19		*
20		* == END LICENSE ==
21		*
22		* This is the File Manager Connector for PHP.
23		*/
	3	* FCKeditor - The text editor for Internet - http://www.fckeditor.net
	4	* Copyright (C) 2003-2007 Frederico Caldeira Knabben
	5	*
	6	* == BEGIN LICENSE ==
	7	*
	8	* Licensed under the terms of any of the following licenses at your
	9	* choice:
	10	*
	11	* - GNU General Public License Version 2 or later (the "GPL")
	12	* http://www.gnu.org/licenses/gpl.html
	13	*
	14	* - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
	15	* http://www.gnu.org/licenses/lgpl.html
	16	*
	17	* - Mozilla Public License Version 1.1 or later (the "MPL")
	18	* http://www.mozilla.org/MPL/MPL-1.1.html
	19	*
	20	* == END LICENSE ==
	21	*
	22	* This is the File Manager Connector for PHP.
	23	*/
24	24
25	25	function GetFolders( $resourceType, $currentFolder )
26	26	{
27		// Map the virtual path to the local server path.
28		$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFolders' ) ;
29
30		// Array that will hold the folders names.
31		$aFolders = array() ;
32
33		$oCurrentFolder = opendir( $sServerDir ) ;
34
35		while ( $sFile = readdir( $oCurrentFolder ) )
36		{
37		if ( $sFile != '.' && $sFile != '..' && is_dir( $sServerDir . $sFile ) )
38		$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
39		}
40
41		closedir( $oCurrentFolder ) ;
42
43		// Open the "Folders" node.
44		echo "<Folders>" ;
45
46		natcasesort( $aFolders ) ;
47		foreach ( $aFolders as $sFolder )
48		echo $sFolder ;
49
50		// Close the "Folders" node.
51		echo "</Folders>" ;
	27	// Map the virtual path to the local server path.
	28	$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFolders' ) ;
	29
	30	// Array that will hold the folders names.
	31	$aFolders = array() ;
	32
	33	$oCurrentFolder = opendir( $sServerDir ) ;
	34
	35	while ( $sFile = readdir( $oCurrentFolder ) )
	36	{
	37	if ( $sFile != '.' && $sFile != '..' && is_dir( $sServerDir . $sFile ) )
	38	$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
	39	}
	40
	41	closedir( $oCurrentFolder ) ;
	42
	43	// Open the "Folders" node.
	44	echo "<Folders>" ;
	45
	46	natcasesort( $aFolders ) ;
	47	foreach ( $aFolders as $sFolder )
	48	echo $sFolder ;
	49
	50	// Close the "Folders" node.
	51	echo "</Folders>" ;
52	52	}
53	53
54	54	function GetFoldersAndFiles( $resourceType, $currentFolder )
55	55	{
56		// Map the virtual path to the local server path.
57		$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFoldersAndFiles' ) ;
58
59		// Arrays that will hold the folders and files names.
60		$aFolders = array() ;
61		$aFiles = array() ;
62
63		$oCurrentFolder = opendir( $sServerDir ) ;
64
65		while ( $sFile = readdir( $oCurrentFolder ) )
66		{
67		if ( $sFile != '.' && $sFile != '..' )
68		{
69		if ( is_dir( $sServerDir . $sFile ) )
70		$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
71		else
72		{
73		$iFileSize = filesize( $sServerDir . $sFile ) ;
74		if ( $iFileSize > 0 )
75		{
76		$iFileSize = round( $iFileSize / 1024 ) ;
77		if ( $iFileSize < 1 ) $iFileSize = 1 ;
78		}
79
80		$aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" />' ;
81		}
82		}
83		}
84
85		// Send the folders
86		natcasesort( $aFolders ) ;
87		echo '<Folders>' ;
88
89		foreach ( $aFolders as $sFolder )
90		echo $sFolder ;
91
92		echo '</Folders>' ;
93
94		// Send the files
95		natcasesort( $aFiles ) ;
96		echo '<Files>' ;
97
98		foreach ( $aFiles as $sFiles )
99		echo $sFiles ;
100
101		echo '</Files>' ;
	56	// Map the virtual path to the local server path.
	57	$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFoldersAndFiles' ) ;
	58
	59	// Arrays that will hold the folders and files names.
	60	$aFolders = array() ;
	61	$aFiles = array() ;
	62
	63	$oCurrentFolder = opendir( $sServerDir ) ;
	64
	65	while ( $sFile = readdir( $oCurrentFolder ) )
	66	{
	67	if ( $sFile != '.' && $sFile != '..' )
	68	{
	69	if ( is_dir( $sServerDir . $sFile ) )
	70	$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
	71	else
	72	{
	73	$iFileSize = filesize( $sServerDir . $sFile ) ;
	74	if ( $iFileSize > 0 )
	75	{
	76	$iFileSize = round( $iFileSize / 1024 ) ;
	77	if ( $iFileSize < 1 ) $iFileSize = 1 ;
	78	}
	79
	80	$aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" />' ;
	81	}
	82	}
	83	}
	84
	85	// Send the folders
	86	natcasesort( $aFolders ) ;
	87	echo '<Folders>' ;
	88
	89	foreach ( $aFolders as $sFolder )
	90	echo $sFolder ;
	91
	92	echo '</Folders>' ;
	93
	94	// Send the files
	95	natcasesort( $aFiles ) ;
	96	echo '<Files>' ;
	97
	98	foreach ( $aFiles as $sFiles )
	99	echo $sFiles ;
	100
	101	echo '</Files>' ;
102	102	}
103	103
…	…
107	107	global $_GET;
108	108	}
109		$sErrorNumber = '0' ;
110		$sErrorMsg = '' ;
111
112		if ( isset( $_GET['NewFolderName'] ) )
113		{
114		$sNewFolderName = $_GET['NewFolderName'] ;
115		$sNewFolderName = SanitizeFolderName( $sNewFolderName ) ;
116
117		if ( strpos( $sNewFolderName, '..' ) !== FALSE )
118		$sErrorNumber = '102' ; // Invalid folder name.
119		else
120		{
121		// Map the virtual path to the local server path of the current folder.
122		$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'CreateFolder' ) ;
123
124		if ( is_writable( $sServerDir ) )
125		{
126		$sServerDir .= $sNewFolderName ;
127
128		$sErrorMsg = CreateServerFolder( $sServerDir ) ;
129
130		switch ( $sErrorMsg )
131		{
132		case '' :
133		$sErrorNumber = '0' ;
134		break ;
135		case 'Invalid argument' :
136		case 'No such file or directory' :
137		$sErrorNumber = '102' ; // Path too long.
138		break ;
139		default :
140		$sErrorNumber = '110' ;
141		break ;
142		}
143		}
144		else
145		$sErrorNumber = '103' ;
146		}
147		}
148		else
149		$sErrorNumber = '102' ;
150
151		// Create the "Error" node.
152		echo '<Error number="' . $sErrorNumber . '" originalDescription="' . ConvertToXmlAttribute( $sErrorMsg ) . '" />' ;
	109	$sErrorNumber = '0' ;
	110	$sErrorMsg = '' ;
	111
	112	if ( isset( $_GET['NewFolderName'] ) )
	113	{
	114	$sNewFolderName = $_GET['NewFolderName'] ;
	115	$sNewFolderName = SanitizeFolderName( $sNewFolderName ) ;
	116
	117	if ( strpos( $sNewFolderName, '..' ) !== FALSE )
	118	$sErrorNumber = '102' ; // Invalid folder name.
	119	else
	120	{
	121	// Map the virtual path to the local server path of the current folder.
	122	$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'CreateFolder' ) ;
	123
	124	if ( is_writable( $sServerDir ) )
	125	{
	126	$sServerDir .= $sNewFolderName ;
	127
	128	$sErrorMsg = CreateServerFolder( $sServerDir ) ;
	129
	130	switch ( $sErrorMsg )
	131	{
	132	case '' :
	133	$sErrorNumber = '0' ;
	134	break ;
	135	case 'Invalid argument' :
	136	case 'No such file or directory' :
	137	$sErrorNumber = '102' ; // Path too long.
	138	break ;
	139	default :
	140	$sErrorNumber = '110' ;
	141	break ;
	142	}
	143	}
	144	else
	145	$sErrorNumber = '103' ;
	146	}
	147	}
	148	else
	149	$sErrorNumber = '102' ;
	150
	151	// Create the "Error" node.
	152	echo '<Error number="' . $sErrorNumber . '" originalDescription="' . ConvertToXmlAttribute( $sErrorMsg ) . '" />' ;
153	153	}
154	154
…	…
158	158	global $_FILES;
159	159	}
160		$sErrorNumber = '0' ;
161		$sFileName = '' ;
162
163		if ( isset( $_FILES['NewFile'] ) && !is_null( $_FILES['NewFile']['tmp_name'] ) )
164		{
165		global $Config ;
166
167		$oFile = $_FILES['NewFile'] ;
168
169		// Map the virtual path to the local server path.
170		$sServerDir = ServerMapFolder( $resourceType, $currentFolder, $sCommand ) ;
171
172		// Get the uploaded file name.
173		$sFileName = $oFile['name'] ;
174		$sFileName = SanitizeFileName( $sFileName ) ;
175
176		$sOriginalFileName = $sFileName ;
177
178		// Get the extension.
179		$sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ;
180		$sExtension = strtolower( $sExtension ) ;
181
182		// Check if it is an allowed extension.
183		if ( IsAllowedExt( $sExtension, $resourceType ) )
184		{
185		$iCounter = 0 ;
186
187		while ( true )
188		{
189		$sFilePath = $sServerDir . $sFileName ;
190
191		if ( is_file( $sFilePath ) )
192		{
193		$iCounter++ ;
194		$sFileName = RemoveExtension( $sOriginalFileName ) . '(' . $iCounter . ').' . $sExtension ;
195		$sErrorNumber = '201' ;
196		}
197		else
198		{
199		move_uploaded_file( $oFile['tmp_name'], $sFilePath ) ;
200
201		if ( is_file( $sFilePath ) )
202		{
203		$oldumask = umask(0) ;
204		chmod( $sFilePath, 0777 ) ;
205		umask( $oldumask ) ;
206		}
207
208		break ;
209		}
210		}
211		}
212		else
213		$sErrorNumber = '202' ;
214		}
215		else
216		$sErrorNumber = '202' ;
217
218
219		$sFileUrl = CombinePaths( GetResourceTypePath( $resourceType, $sCommand ) , $sFileName ) ;
220
221		SendUploadResults( $sErrorNumber, $sFileUrl, $sFileName ) ;
222
223		exit ;
	160	$sErrorNumber = '0' ;
	161	$sFileName = '' ;
	162
	163	if ( isset( $_FILES['NewFile'] ) && !is_null( $_FILES['NewFile']['tmp_name'] ) )
	164	{
	165	global $Config ;
	166
	167	$oFile = $_FILES['NewFile'] ;
	168
	169	// Map the virtual path to the local server path.
	170	$sServerDir = ServerMapFolder( $resourceType, $currentFolder, $sCommand ) ;
	171
	172	// Get the uploaded file name.
	173	$sFileName = $oFile['name'] ;
	174	$sFileName = SanitizeFileName( $sFileName ) ;
	175
	176	$sOriginalFileName = $sFileName ;
	177
	178	// Get the extension.
	179	$sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ;
	180	$sExtension = strtolower( $sExtension ) ;
	181
	182	if (isset($Config['SecureImageUploads']))
	183	{
	184	$imageCheckExtensions = array(
	185	'gif', 'jpeg', 'jpg', 'png', 'swf', 'psd',
	186	'bmp', 'tiff', 'tif', 'jpc', 'jp2',
	187	'jpx', 'jb2', 'swc', 'iff', 'wbmp',
	188	'xbm', 'djvu');
	189
	190	if (in_array($sExtension, $imageCheckExtensions)) {
	191	if ($Config['SecureImageUploads']>0) {
	192	if (@getimagesize($oFile['tmp_name']) === false) {
	193	$sErrorNumber = '202' ;
	194	}
	195	}
	196	if (!$sErrorNumber && $Config['SecureImageUploads']>1) {
	197	require_once './sanitizer.php' ;
	198	$sanitizer = new Sanitizer();
	199	if ($sanitizer->detectScript($oFile['tmp_name'])) {
	200	$sErrorNumber = '202' ;
	201	}
	202	}
	203	}
	204	}
	205
	206	// Check if it is an allowed extension.
	207	if ( !$sErrorNumber && IsAllowedExt( $sExtension, $resourceType ) )
	208	{
	209	$iCounter = 0 ;
	210
	211	while ( true )
	212	{
	213	$sFilePath = $sServerDir . $sFileName ;
	214
	215	if ( is_file( $sFilePath ) )
	216	{
	217	$iCounter++ ;
	218	$sFileName = RemoveExtension( $sOriginalFileName ) . '(' . $iCounter . ').' . $sExtension ;
	219	$sErrorNumber = '201' ;
	220	}
	221	else
	222	{
	223	move_uploaded_file( $oFile['tmp_name'], $sFilePath ) ;
	224
	225	if ( is_file( $sFilePath ) )
	226	{
	227	$oldumask = umask(0) ;
	228	chmod( $sFilePath, 0777 ) ;
	229	umask( $oldumask ) ;
	230	}
	231
	232	break ;
	233	}
	234	}
	235	}
	236	else
	237	$sErrorNumber = '202' ;
	238	}
	239	else
	240	$sErrorNumber = '202' ;
	241
	242
	243	$sFileUrl = CombinePaths( GetResourceTypePath( $resourceType, $sCommand ) , $sFileName ) ;
	244
	245	SendUploadResults( $sErrorNumber, $sFileUrl, $sFileName ) ;
	246
	247	exit ;
224	248	}
225	249	?>

FCKeditor/trunk/editor/filemanager/connectors/php/config.php

r413	r684
47	47	// following setting enabled.
48	48	$Config['ForceSingleExtension'] = true ;
	49
	50	// Perform additional checks for image files - check whether uploaded images are valid image files
	51	// 0 = turn off
	52	// 1 = validate image files using getimagesize, should be enough to reject files that are not images at all
	53	// 2 = most secure option, validate images also against MIME Type Detection bug that
	54	// can lead to Cross Site Scripting attacks (when image contains HTML tags in the first 1KB, some browsers may render it as a HTML file).
	55	// Attention: it may produce false positives in some situations
	56	$Config['SecureImageUploads'] = 2;
49	57
50	58	// What the user can do with this connector

Context Navigation

Changeset 684

Legend:

FCKeditor/trunk/editor/filemanager/connectors/php/commands.php

FCKeditor/trunk/editor/filemanager/connectors/php/config.php

Download in other formats: