Commit f5f7d264 authored by Benjamin Sonntag's avatar Benjamin Sonntag
Browse files

Merge branch 'master' of alternc.org:alternc

parents 6d12179a c63a814d
...@@ -143,7 +143,7 @@ class system_bind { ...@@ -143,7 +143,7 @@ class system_bind {
* *
* @global m_dom $dom * @global m_dom $dom
* @param string $domain * @param string $domain
* @return array * @return array Retourne un tableau
*/ */
function get_domain_summary($domain=false) { function get_domain_summary($domain=false) {
global $dom; global $dom;
......
...@@ -99,12 +99,12 @@ class m_bro { ...@@ -99,12 +99,12 @@ class m_bro {
* @param string $dir * @param string $dir
* @global m_mem $mem * @global m_mem $mem
* @param string $dir Dossier absolu que l'on souhaite vérifier * @param string $dir Dossier absolu que l'on souhaite vérifier
* @param integer $strip * @param boolean $strip
* @return false|string Retourne le nom du dossier vérifié, relatif au * @return false|string Retourne le nom du dossier vérifié, relatif au
* dossier de l'utilisateur courant, éventuellement corrigé. * dossier de l'utilisateur courant, éventuellement corrigé.
* ou FALSE si le dossier n'est pas dans le dossier de l'utilisateur. * ou FALSE si le dossier n'est pas dans le dossier de l'utilisateur.
*/ */
function convertabsolute($dir,$strip = 1) { function convertabsolute($dir,$strip = true) {
global $mem; global $mem;
$root = $this->get_user_root($mem->user["login"]); $root = $this->get_user_root($mem->user["login"]);
// Sauvegarde du chemin de base. // Sauvegarde du chemin de base.
...@@ -200,7 +200,7 @@ class m_bro { ...@@ -200,7 +200,7 @@ class m_bro {
function filelist($dir = "", $showdirsize = false) { function filelist($dir = "", $showdirsize = false) {
global $db,$cuid,$err; global $db,$cuid,$err;
$db->query("UPDATE browser SET lastdir = '$dir' WHERE uid = '$cuid';"); $db->query("UPDATE browser SET lastdir = '$dir' WHERE uid = '$cuid';");
$absolute = $this->convertabsolute($dir,0); $absolute = $this->convertabsolute($dir,false);
if (!$absolute || !file_exists($absolute)) { if (!$absolute || !file_exists($absolute)) {
$err->raise('bro',_("This directory do not exist")); $err->raise('bro',_("This directory do not exist"));
return false; return false;
...@@ -395,7 +395,7 @@ class m_bro { ...@@ -395,7 +395,7 @@ class m_bro {
function CreateDir($dir,$file) { function CreateDir($dir,$file) {
global $db,$cuid,$err; global $db,$cuid,$err;
$file = ssla($file); $file = ssla($file);
$absolute = $this->convertabsolute($dir."/".$file,0); $absolute = $this->convertabsolute($dir."/".$file,false);
#echo "$absolute"; #echo "$absolute";
if ($absolute && (!file_exists($absolute))) { if ($absolute && (!file_exists($absolute))) {
if (!mkdir($absolute,00777,true)) { if (!mkdir($absolute,00777,true)) {
...@@ -424,7 +424,7 @@ class m_bro { ...@@ -424,7 +424,7 @@ class m_bro {
function CreateFile($dir,$file) { function CreateFile($dir,$file) {
global $db,$err,$cuid; global $db,$err,$cuid;
$file = ssla($file); $file = ssla($file);
$absolute = $this->convertabsolute($dir."/".$file,0); $absolute = $this->convertabsolute($dir."/".$file,false);
if (!$absolute || file_exists($absolute)) { if (!$absolute || file_exists($absolute)) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
...@@ -452,7 +452,7 @@ class m_bro { ...@@ -452,7 +452,7 @@ class m_bro {
function DeleteFile($file_list,$R) { function DeleteFile($file_list,$R) {
global $err, $mem; global $err, $mem;
$root = realpath(getuserpath()); $root = realpath(getuserpath());
$absolute = $this->convertabsolute($R,0); $absolute = $this->convertabsolute($R,false);
if (!$absolute && strpos($root,$absolute) === 0 && strlen($absolute) > (strlen($root)+1) ) { if (!$absolute && strpos($root,$absolute) === 0 && strlen($absolute) > (strlen($root)+1) ) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
...@@ -478,7 +478,7 @@ class m_bro { ...@@ -478,7 +478,7 @@ class m_bro {
*/ */
function RenameFile($R,$old,$new) { function RenameFile($R,$old,$new) {
global $err; global $err;
$absolute = $this->convertabsolute($R,0); $absolute = $this->convertabsolute($R,false);
if (!$absolute) { if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
...@@ -512,7 +512,7 @@ class m_bro { ...@@ -512,7 +512,7 @@ class m_bro {
*/ */
function MoveFile($d,$old,$new) { function MoveFile($d,$old,$new) {
global $err; global $err;
$old = $this->convertabsolute($old,0); $old = $this->convertabsolute($old,false);
if (!$old) { if (!$old) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
...@@ -521,7 +521,7 @@ class m_bro { ...@@ -521,7 +521,7 @@ class m_bro {
if ($new[0] != '/') { if ($new[0] != '/') {
$new = $old . '/' . $new; $new = $old . '/' . $new;
} }
$new = $this->convertabsolute($new,0); $new = $this->convertabsolute($new,false);
if (!$new) { if (!$new) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
...@@ -552,7 +552,7 @@ class m_bro { ...@@ -552,7 +552,7 @@ class m_bro {
*/ */
function ChangePermissions($R,$d,$perm,$verbose = false) { function ChangePermissions($R,$d,$perm,$verbose = false) {
global $err; global $err;
$absolute = $this->convertabsolute($R,0); $absolute = $this->convertabsolute($R,false);
if (!$absolute) { if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
...@@ -595,7 +595,7 @@ class m_bro { ...@@ -595,7 +595,7 @@ class m_bro {
*/ */
function UploadFile($R) { function UploadFile($R) {
global $_FILES,$err,$cuid,$action; global $_FILES,$err,$cuid,$action;
$absolute = $this->convertabsolute($R,0); $absolute = $this->convertabsolute($R,false);
if (!$absolute) { if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
...@@ -651,11 +651,11 @@ class m_bro { ...@@ -651,11 +651,11 @@ class m_bro {
*/ */
function ExtractFile($file, $dest = null) { function ExtractFile($file, $dest = null) {
global $err,$cuid,$mem,$action; global $err,$cuid,$mem,$action;
$file = $this->convertabsolute($file,0); $file = $this->convertabsolute($file,false);
if (is_null($dest)) { if (is_null($dest)) {
$dest = dirname($file); $dest = dirname($file);
} else { } else {
$dest = $this->convertabsolute($dest,0); $dest = $this->convertabsolute($dest,false);
} }
if (!$file || !$dest) { if (!$file || !$dest) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
...@@ -700,12 +700,12 @@ class m_bro { ...@@ -700,12 +700,12 @@ class m_bro {
*/ */
function CopyFile($d,$old,$new) { function CopyFile($d,$old,$new) {
global $err; global $err;
$old = $this->convertabsolute($old,0); $old = $this->convertabsolute($old,false);
if (!$old) { if (!$old) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
} }
$new = $this->convertabsolute($new,0); $new = $this->convertabsolute($new,false);
if (!$new) { if (!$new) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
...@@ -761,7 +761,7 @@ class m_bro { ...@@ -761,7 +761,7 @@ class m_bro {
* @return string Le code HTML ainsi obtenu. * @return string Le code HTML ainsi obtenu.
*/ */
function PathList($path,$action, $justparent = false) { function PathList($path,$action, $justparent = false) {
$path = $this->convertabsolute($path,1); $path = $this->convertabsolute($path,true);
$a = explode("/",$path); $a = explode("/",$path);
if (!is_array($a)) $a = array($a); if (!is_array($a)) $a = array($a);
$c = ''; $c = '';
...@@ -793,7 +793,7 @@ class m_bro { ...@@ -793,7 +793,7 @@ class m_bro {
*/ */
function content($R,$file) { function content($R,$file) {
global $err; global $err;
$absolute = $this->convertabsolute($R,0); $absolute = $this->convertabsolute($R,false);
if (!strpos($file,"/")) { if (!strpos($file,"/")) {
$absolute .= "/".$file; $absolute .= "/".$file;
if (file_exists($absolute)) { if (file_exists($absolute)) {
...@@ -876,7 +876,7 @@ class m_bro { ...@@ -876,7 +876,7 @@ class m_bro {
function can_edit($dir,$name) { function can_edit($dir,$name) {
global $mem,$err; global $mem,$err;
$absolute = "$dir/$name"; $absolute = "$dir/$name";
$absolute = $this->convertabsolute($absolute,0); $absolute = $this->convertabsolute($absolute,false);
if (!$absolute) { if (!$absolute) {
$err->raise('bro',_("File not in authorized directory")); $err->raise('bro',_("File not in authorized directory"));
include('foot.php'); include('foot.php');
...@@ -964,7 +964,7 @@ class m_bro { ...@@ -964,7 +964,7 @@ class m_bro {
*/ */
function content_send($R,$file) { function content_send($R,$file) {
global $err; global $err;
$absolute = $this->convertabsolute($R,0); $absolute = $this->convertabsolute($R,false);
if (!strpos($file,"/")) { if (!strpos($file,"/")) {
$absolute .= "/".$file; $absolute .= "/".$file;
if (file_exists($absolute)) { if (file_exists($absolute)) {
...@@ -991,7 +991,7 @@ class m_bro { ...@@ -991,7 +991,7 @@ class m_bro {
*/ */
function save($file,$R,$texte) { function save($file,$R,$texte) {
global $err; global $err;
$absolute = $this->convertabsolute($R,0); $absolute = $this->convertabsolute($R,false);
if (!strpos($file,"/")) { if (!strpos($file,"/")) {
$absolute .= "/".$file; $absolute .= "/".$file;
if (file_exists($absolute)) { if (file_exists($absolute)) {
...@@ -1019,7 +1019,7 @@ class m_bro { ...@@ -1019,7 +1019,7 @@ class m_bro {
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".Z"); header("Content-Disposition: attachment; filename = ".$mem->user["login"].".Z");
header("Content-Type: application/x-Z"); header("Content-Type: application/x-Z");
header("Content-Transfer-Encoding: binary"); header("Content-Transfer-Encoding: binary");
$d = escapeshellarg(".".$this->convertabsolute($dir,1)); $d = escapeshellarg(".".$this->convertabsolute($dir,true));
set_time_limit(0); set_time_limit(0);
passthru("/bin/tar -cZ -C ".getuserpath()."/".$mem->user["login"]."/ $d"); passthru("/bin/tar -cZ -C ".getuserpath()."/".$mem->user["login"]."/ $d");
} }
...@@ -1037,7 +1037,7 @@ class m_bro { ...@@ -1037,7 +1037,7 @@ class m_bro {
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tgz"); header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tgz");
header("Content-Type: application/x-tgz"); header("Content-Type: application/x-tgz");
header("Content-Transfer-Encoding: binary"); header("Content-Transfer-Encoding: binary");
$d = escapeshellarg(".".$this->convertabsolute($dir,1)); $d = escapeshellarg(".".$this->convertabsolute($dir,true));
set_time_limit(0); set_time_limit(0);
passthru("/bin/tar -cz -C ".getuserpath()."/ $d"); passthru("/bin/tar -cz -C ".getuserpath()."/ $d");
} }
...@@ -1055,7 +1055,7 @@ class m_bro { ...@@ -1055,7 +1055,7 @@ class m_bro {
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tar.bz2"); header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tar.bz2");
header("Content-Type: application/x-bzip2"); header("Content-Type: application/x-bzip2");
header("Content-Transfer-Encoding: binary"); header("Content-Transfer-Encoding: binary");
$d = escapeshellarg(".".$this->convertabsolute($dir,1)); $d = escapeshellarg(".".$this->convertabsolute($dir,true));
set_time_limit(0); set_time_limit(0);
passthru("/bin/tar -cj -C ".getuserpath()."/ $d"); passthru("/bin/tar -cj -C ".getuserpath()."/ $d");
} }
......
...@@ -215,7 +215,7 @@ class m_hta { ...@@ -215,7 +215,7 @@ class m_hta {
* @param boolean $skip For testing purpose mainly, skips the full user path search * @param boolean $skip For testing purpose mainly, skips the full user path search
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred * @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
*/ */
function DelDir($dir,$skip = 0) { function DelDir($dir,$skip = false) {
global $mem,$bro,$err; global $mem,$bro,$err;
$err->log("hta","deldir",$dir); $err->log("hta","deldir",$dir);
$dir = $bro->convertabsolute($dir,$skip); $dir = $bro->convertabsolute($dir,$skip);
...@@ -256,7 +256,6 @@ class m_hta { ...@@ -256,7 +256,6 @@ class m_hta {
file_put_contents($htaccess_file, implode("\n",$fileLines)); file_put_contents($htaccess_file, implode("\n",$fileLines));
} }
$htpasswd_file = "$dir/.htpasswd"; $htpasswd_file = "$dir/.htpasswd";
$perms = substr(sprintf('%o', fileperms($dir)), -4);
if( ! is_writable($htpasswd_file)){ if( ! is_writable($htpasswd_file)){
$err->raise("hta",printf(_("I cannot read the file '%s'"),$htpasswd_file)); $err->raise("hta",printf(_("I cannot read the file '%s'"),$htpasswd_file));
} }
......
...@@ -17,7 +17,7 @@ abstract class AlterncTest extends PHPUnit_Extensions_Database_TestCase ...@@ -17,7 +17,7 @@ abstract class AlterncTest extends PHPUnit_Extensions_Database_TestCase
/** /**
* *
* @param string $file_name * @param string $fileList
* @return \PHPUnit_Extensions_Database_DataSet_YamlDataSet * @return \PHPUnit_Extensions_Database_DataSet_YamlDataSet
* @throws \Exception * @throws \Exception
*/ */
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment