kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' of git.alternc.org:alternc

This commit is contained in:
root 2014-03-27 16:16:24 +01:00
parent 502dd726db 0f48d94c04
commit e243b63c7c
10 changed files with 493 additions and 443 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitattributes vendored
View File

@ -615,7 +615,6 @@ roundcube/class/m_roundcube.php -text
roundcube/roundcube-install -text roundcube/roundcube-install -text
roundcube/roundcube_alternc_logo.png -text roundcube/roundcube_alternc_logo.png -text
roundcube/templates/apache2/roundcube.conf -text roundcube/templates/apache2/roundcube.conf -text
roundcube/templates/logrotate.d/roundcube-core -text
roundcube/templates/roundcube/main.inc.php -text roundcube/templates/roundcube/main.inc.php -text
roundcube/templates/roundcube/plugins/managesieve/config.inc.php -text roundcube/templates/roundcube/plugins/managesieve/config.inc.php -text
roundcube/templates/roundcube/plugins/password/config.inc.php -text roundcube/templates/roundcube/plugins/password/config.inc.php -text

9
bureau/admin/hta_del.php
View File

@ -35,11 +35,12 @@ reset($_POST);
while (list($key,$val)=each($_POST)) { while (list($key,$val)=each($_POST)) {
if (substr($key,0,4)=="del_") { if (substr($key,0,4)=="del_") {
// Effacement du dossier $val // Effacement du dossier $val
$r=$hta->DelDir($val); // $r=$hta->DelDir($val);
if (!$r) { $return = $hta->DelDir($val);
$error.=$err->errstr()."<br />"; if (!$return) {
$error.= $err->errstr()."<br />";
} else { } else {
$error.=sprintf(_("The protected folder %s has been successfully unprotected"),$val)."<br />"; $error.= sprintf(_("The protected folder %s has been successfully unprotected"),$val)."<br />";
} }
} }
} }

191
bureau/class/functions.php
View File

@ -44,7 +44,7 @@ function fl($str) { return str_replace("<","&lt;",str_replace("\"","&quot;",$str
* @param struing $type * @param struing $type
* @return mixed * @return mixed
*/ */
function variable_get($name, $default = null, $createit_comment = null, $type=null) { function variable_get($name, $default = null, $createit_comment = null, $type = null) {
global $variables; global $variables;
return $variables->variable_get($name, $default, $createit_comment, $type); return $variables->variable_get($name, $default, $createit_comment, $type);
} }
@ -66,16 +66,16 @@ function variable_get($name, $default = null, $createit_comment = null, $type=nu
*/ */
function checkhostallow($domain,$dns) { function checkhostallow($domain,$dns) {
global $L_NS1,$L_NS2,$db,$dom; global $L_NS1,$L_NS2,$db,$dom;
$sizefound=0; $sizefound = 0;
$found=""; $found = "";
$db->query("SELECT tld,mode FROM tld;"); $db->query("SELECT tld,mode FROM tld;");
while ($db->next_record()) { while ($db->next_record()) {
list($key,$val)=$db->Record; list($key,$val) = $db->Record;
if (substr($domain,-1-strlen($key))==".".$key) { if (substr($domain,-1-strlen($key))==".".$key) {
if ($sizefound<strlen($key)) { if ($sizefound<strlen($key)) {
$sizefound=strlen($key); $sizefound = strlen($key);
$found=$key; $found = $key;
$fmode=$val; $fmode = $val;
} }
} }
} }
@ -88,10 +88,10 @@ function checkhostallow($domain,$dns) {
return -2; return -2;
if ($fmode>2) // OK, in the case 3 4 5 if ($fmode>2) // OK, in the case 3 4 5
return $found; return $found;
$n1=false; $n2=false; $n1 = false; $n2 = false;
for ($i=0;$i<count($dns);$i++) { for ($i = 0;$i<count($dns);$i++) {
if (strtolower($dns[$i])==strtolower($L_NS1)) $n1=true; if (strtolower($dns[$i])==strtolower($L_NS1)) $n1 = true;
if (strtolower($dns[$i])==strtolower($L_NS2)) $n2=true; if (strtolower($dns[$i])==strtolower($L_NS2)) $n2 = true;
} }
if ($fmode==1 && $n1) // OK if ($fmode==1 && $n1) // OK
return $found; return $found;
@ -109,16 +109,16 @@ function checkhostallow($domain,$dns) {
*/ */
function checkhostallow_nodns($domain) { function checkhostallow_nodns($domain) {
global $db; global $db;
$sizefound=0; $sizefound = 0;
$found=""; $found = "";
$db->query("SELECT tld,mode FROM tld;"); $db->query("SELECT tld,mode FROM tld;");
while ($db->next_record()) { while ($db->next_record()) {
list($key,$val)=$db->Record; list($key,$val) = $db->Record;
if (substr($domain,-1-strlen($key))==".".$key) { if (substr($domain,-1-strlen($key))==".".$key) {
if ($sizefound<strlen($key)) { if ($sizefound<strlen($key)) {
$sizefound=strlen($key); $sizefound = strlen($key);
$found=$key; $found = $key;
$fmode=$val; $fmode = $val;
} }
} }
} }
@ -149,12 +149,12 @@ function get_remote_ip() {
function checkurl($url) { function checkurl($url) {
// TODO : add a path/file check // TODO : add a path/file check
if (substr($url,0,7)!="http://" && substr($url,0,8)!="https://" && substr($url,0,6)!="ftp://") return false; if (substr($url,0,7)!="http://" && substr($url,0,8)!="https://" && substr($url,0,6)!="ftp://") return false;
if (substr($url,0,7)=="http://" ) $fq=substr($url,7); if (substr($url,0,7)=="http://" ) $fq = substr($url,7);
if (substr($url,0,8)=="https://") $fq=substr($url,8); if (substr($url,0,8)=="https://") $fq = substr($url,8);
if (substr($url,0,6)=="ftp://" ) $fq=substr($url,6); if (substr($url,0,6)=="ftp://" ) $fq = substr($url,6);
$f=explode("/",$fq); $f = explode("/",$fq);
if (!is_array($f)) $f=array($f); if (!is_array($f)) $f = array($f);
$t=checkfqdn($f[0]); $t = checkfqdn($f[0]);
if ($t) return false; if ($t) return false;
return true; return true;
} }
@ -235,8 +235,8 @@ function checkfqdn($fqdn) {
// 4. Le fqdn ne fait qu'un seul membre (il n'est donc pas fq...) // 4. Le fqdn ne fait qu'un seul membre (il n'est donc pas fq...)
if (strlen($fqdn)>255) if (strlen($fqdn)>255)
return 1; return 1;
$members=explode(".", $fqdn); $members = explode(".", $fqdn);
if (count($members)>1) $ret=0; else $ret=4; if (count($members)>1) $ret = 0; else $ret = 4;
reset($members); reset($members);
while (list ($key, $val) = each ($members)) { while (list ($key, $val) = each ($members)) {
if (strlen($val)>63) if (strlen($val)>63)
@ -262,10 +262,10 @@ function checkfqdn($fqdn) {
*/ */
function checkuserpath($path) { function checkuserpath($path) {
global $mem; global $mem;
$user=$mem->user["login"]; $user = $mem->user["login"];
$usar=substr($user,0,1); $usar = substr($user,0,1);
if (substr($path,0,1)!="/") if (substr($path,0,1)!="/")
$path="/".$path; $path = "/".$path;
$rpath = realpath(ALTERNC_HTML."/$usar/$user$path"); $rpath = realpath(ALTERNC_HTML."/$usar/$user$path");
if (!$rpath) { // if file or directory does not exist if (!$rpath) { // if file or directory does not exist
@ -310,7 +310,7 @@ function cbox($test, $echo = TRUE) {
if ($test) { if ($test) {
$return = " checked=\"checked\""; $return = " checked=\"checked\"";
} else { } else {
$return=''; $return = '';
} }
if( $echo ){ if( $echo ){
echo $return; echo $return;
@ -331,7 +331,7 @@ function selected($bool, $echo = TRUE) {
if ($bool) { if ($bool) {
$return = " selected=\"selected\""; $return = " selected=\"selected\"";
} else { } else {
$return=''; $return = '';
} }
if( $echo ){ if( $echo ){
echo $return; echo $return;
@ -347,7 +347,7 @@ function selected($bool, $echo = TRUE) {
* @param integer $affiche * @param integer $affiche
* @return string * @return string
*/ */
function ecif($test,$tr,$fa="",$affiche=1) { function ecif($test,$tr,$fa = "",$affiche = 1) {
if ($test){ if ($test){
$retour = $tr; $retour = $tr;
} }
@ -375,7 +375,7 @@ function __($str) {
* @param string $fa * @param string $fa
* @return string * @return string
*/ */
function ife($test,$tr,$fa="") { function ife($test,$tr,$fa = "") {
if ($test){ if ($test){
return $tr; return $tr;
} }
@ -388,33 +388,33 @@ function ife($test,$tr,$fa="") {
* @param integer $html * @param integer $html
* @return string * @return string
*/ */
function format_size($size,$html=0) { function format_size($size,$html = 0) {
// Retourne une taille formatt<74>e en Octets, Kilo-octets, M<>ga-octets ou Giga-Octets, avec 2 d<>cimales. // Retourne une taille formatt<74>e en Octets, Kilo-octets, M<>ga-octets ou Giga-Octets, avec 2 d<>cimales.
if ("-" == $size) { if ("-" == $size) {
return $size; return $size;
} }
$size=(float)$size; $size = (float)$size;
if ($size<1024) { if ($size<1024) {
$r=$size; $r = $size;
if ($size!=1) { if ($size!=1) {
$r.=" "._("Bytes"); $r.=" "._("Bytes");
} else { } else {
$r.=" "._("Byte"); $r.=" "._("Byte");
} }
} else { } else {
$size=$size/1024; $size = $size/1024;
if ($size<1024) { if ($size<1024) {
$r=round($size,2)." "._("Kb"); $r = round($size,2)." "._("Kb");
} else { } else {
$size=$size/1024; $size = $size/1024;
if ($size<1024) { if ($size<1024) {
$r=round($size,2)." "._("Mb"); $r = round($size,2)." "._("Mb");
} else { } else {
$size=$size/1024; $size = $size/1024;
if ($size<1024) { if ($size<1024) {
$r=round($size,2)." "._("Gb"); $r = round($size,2)." "._("Gb");
} else { } else {
$r=round($size/1024,2)." "._("Tb"); $r = round($size/1024,2)." "._("Tb");
} }
} }
} }
@ -448,17 +448,17 @@ function linkhelp($hid) {
* @return string * @return string
*/ */
function format_date($format,$date) { function format_date($format,$date) {
$d=substr($date,8,2); $d = substr($date,8,2);
$m=substr($date,5,2); $m = substr($date,5,2);
$y=substr($date,0,4); $y = substr($date,0,4);
$h=substr($date,11,2); $h = substr($date,11,2);
$i=substr($date,14,2); $i = substr($date,14,2);
if ($h>12) { if ($h>12) {
$hh=$h-12; $hh = $h-12;
$am="pm"; $am = "pm";
} else { } else {
$hh=$h; $hh = $h;
$am="am"; $am = "am";
} }
return sprintf($format,$d,$m,$y,$h,$i,$hh,$am); return sprintf($format,$d,$m,$y,$h,$i,$hh,$am);
} }
@ -482,13 +482,13 @@ function ssla($str) {
* @return string Retourne le mot de passe crypt<EFBFBD> * @return string Retourne le mot de passe crypt<EFBFBD>
* @access private * @access private
*/ */
function _md5cr($pass,$salt="") { function _md5cr($pass,$salt = "") {
if (!$salt) { if (!$salt) {
$chars="./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; $chars = "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ($i=0;$i<12;$i++) { for ($i = 0;$i<12;$i++) {
$salt.=substr($chars,(mt_rand(0,strlen($chars))),1); $salt.=substr($chars,(mt_rand(0,strlen($chars))),1);
} }
$salt="$1$".$salt; $salt = "$1$".$salt;
} }
return crypt($pass,$salt); return crypt($pass,$salt);
} }
@ -536,7 +536,7 @@ function pretty_months($months) {
* @return string Code html pour le drop-down * @return string Code html pour le drop-down
* @access private * @access private
*/ */
function duration_list($name, $selected=0) { function duration_list($name, $selected = 0) {
$res = "<select name=\"$name\" id=\"$name\" class=\"inl\">"; $res = "<select name=\"$name\" id=\"$name\" class=\"inl\">";
foreach(array(0, 1, 2, 3, 4, 6, 12, 24) as $dur) { foreach(array(0, 1, 2, 3, 4, 6, 12, 24) as $dur) {
@ -568,10 +568,10 @@ function duration_list($name, $selected=0) {
* @param string $cur * @param string $cur
* @param boolean $onedim * @param boolean $onedim
*/ */
function eoption($values,$cur,$onedim=false) { function eoption($values,$cur,$onedim = false) {
if (is_array($values)) { if (is_array($values)) {
foreach ($values as $k=>$v) { foreach ($values as $k=>$v) {
if ( $onedim ) $k=$v; if ( $onedim ) $k = $v;
echo "<option value=\"$k\""; echo "<option value=\"$k\"";
if ($k==$cur) echo " selected=\"selected\""; if ($k==$cur) echo " selected=\"selected\"";
echo ">".$v."</option>"; echo ">".$v."</option>";
@ -697,15 +697,15 @@ function list_properties_order($a, $b) {
* @param boolean $echo * @param boolean $echo
* @return string * @return string
*/ */
function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) { function pager($offset,$count,$total,$url,$before = "",$after = "",$echo = TRUE) {
$return = ""; $return = "";
$offset=intval($offset); $offset = intval($offset);
$count=intval($count); $count = intval($count);
$total=intval($total); $total = intval($total);
if ($offset<=0) $offset="0"; if ($offset<=0) $offset = "0";
if ($count<=1) $count="1"; if ($count<=1) $count = "1";
if ($total<=0) $total="0"; if ($total<=0) $total = "0";
if ($total<$offset) $offset=max(0,$total-$count); if ($total<$offset) $offset = max(0,$total-$count);
if ($total<=$count) { // When there is less element than 1 complete page, just don't do anything :-D if ($total<=$count) { // When there is less element than 1 complete page, just don't do anything :-D
return true; return true;
@ -722,17 +722,17 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
if ($total>(2*$count)) { // On n'affiche le pager central (0 1 2 ...) s'il y a au moins 2 pages. if ($total>(2*$count)) { // On n'affiche le pager central (0 1 2 ...) s'il y a au moins 2 pages.
$return .= " - "; $return .= " - ";
if (($total<($count*10)) && ($total>$count)) { // moins de 10 pages : if (($total<($count*10)) && ($total>$count)) { // moins de 10 pages :
for($i=0;$i<$total/$count;$i++) { for($i = 0;$i<$total/$count;$i++) {
$o=$i*$count; $o = $i*$count;
if ($offset==$o) { if ($offset==$o) {
$return .= $i." "; $return .= $i." ";
} else { } else {
$return .= "<a href=\"".str_replace("%%offset%%",$o,$url)."\">$i</a> "; $return .= "<a href = \"".str_replace("%%offset%%",$o,$url)."\">$i</a> ";
} }
} }
} else { // Plus de 10 pages, on affiche 0 1 2 , 2 avant et 2 apr<70>s la page courante, et les 3 dernieres } else { // Plus de 10 pages, on affiche 0 1 2 , 2 avant et 2 apr<70>s la page courante, et les 3 dernieres
for($i=0;$i<=2;$i++) { for($i = 0;$i<=2;$i++) {
$o=$i*$count; $o = $i*$count;
if ($offset==$o) { if ($offset==$o) {
$return .= $i." "; $return .= $i." ";
} else { } else {
@ -741,11 +741,11 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
} }
if ($offset>=$count && $offset<($total-2*$count)) { // On est entre les milieux ... if ($offset>=$count && $offset<($total-2*$count)) { // On est entre les milieux ...
// On affiche 2 avant jusque 2 apr<70>s l'offset courant mais sans d<>border sur les indices affich<63>s autour // On affiche 2 avant jusque 2 apr<70>s l'offset courant mais sans d<>border sur les indices affich<63>s autour
$start=max(3,intval($offset/$count)-2); $start = max(3,intval($offset/$count)-2);
$end=min(intval($offset/$count)+3,intval($total/$count)-3); $end = min(intval($offset/$count)+3,intval($total/$count)-3);
if ($start!=3) $return .= " ... "; if ($start!=3) $return .= " ... ";
for($i=$start;$i<$end;$i++) { for($i = $start;$i<$end;$i++) {
$o=$i*$count; $o = $i*$count;
if ($offset==$o) { if ($offset==$o) {
$return .= $i." "; $return .= $i." ";
} else { } else {
@ -756,8 +756,8 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
} else { } else {
$return .= " ... "; $return .= " ... ";
} }
for($i=intval($total/$count)-3;$i<$total/$count;$i++) { for($i = intval($total/$count)-3;$i<$total/$count;$i++) {
$o=$i*$count; $o = $i*$count;
if ($offset==$o) { if ($offset==$o) {
$return .= $i." "; $return .= $i." ";
} else { } else {
@ -769,7 +769,7 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
} }
// Shall-we show the next page link ? // Shall-we show the next page link ?
if ($offset+$count<$total) { if ($offset+$count<$total) {
$o=$offset+$count; $o = $offset+$count;
$return .= "<a href=\"".str_replace("%%offset%%",$o,$url)."\" alt=\"(Ctl/Alt-s)\" title=\"(Alt-s)\" accesskey=\"s\">"._("Next Page")."</a> "; $return .= "<a href=\"".str_replace("%%offset%%",$o,$url)."\" alt=\"(Ctl/Alt-s)\" title=\"(Alt-s)\" accesskey=\"s\">"._("Next Page")."</a> ";
} else { } else {
$return .= _("Next Page")." "; $return .= _("Next Page")." ";
@ -808,8 +808,8 @@ function create_pass($length = 8){
* @param string $fields_to_fill2 * @param string $fields_to_fill2
* @return int * @return int
*/ */
function display_div_generate_password($pass_size=DEFAULT_PASS_SIZE, $fields_to_fill1="", $fields_to_fill2="") { function display_div_generate_password($pass_size = DEFAULT_PASS_SIZE, $fields_to_fill1 = "", $fields_to_fill2 = "") {
$id=rand(1,1000); $id = rand(1,1000);
echo "<div id='z$id' style='display:none;'><a href=\"javascript:generate_password_html('$id',$pass_size,'$fields_to_fill1','$fields_to_fill2');\">"; echo "<div id='z$id' style='display:none;'><a href=\"javascript:generate_password_html('$id',$pass_size,'$fields_to_fill1','$fields_to_fill2');\">";
__("Clic here to generate a password"); __("Clic here to generate a password");
echo "</a></div>"; echo "</a></div>";
@ -825,9 +825,9 @@ function display_div_generate_password($pass_size=DEFAULT_PASS_SIZE, $fields_to_
* @param int $width * @param int $width
* @param int $height * @param int $height
*/ */
function display_browser($dir="", $caller="main.dir", $width=350, $height=450) { function display_browser($dir = "", $caller = "main.dir", $width = 350, $height = 450) {
// Browser id // Browser id
$bid="b".rand(1,1000); $bid = "b".rand(1,1000);
echo "<script type=\"text/javascript\"> echo "<script type=\"text/javascript\">
<!-- <!--
$(function() { $(function() {
@ -863,27 +863,6 @@ function display_browser($dir="", $caller="main.dir", $width=350, $height=450) {
} }
/**
* Insere un $wrap_string tous les $max caracteres dans $message
*
* @param string $message
* @param int $max
* @param string $wrap_string
* @return string
*/
function auto_wrap($message="",$max=10,$wrap_string="<wbr/>") {
$cpt = 0;
$mot = split(" ",$message);
while (isset($mot[$cpt]) && ($mot[$cpt] != "")){
if(@strlen($mot[$cpt]) > $max){
$nvmot = chunk_split ($mot[$cpt], $max, $wrap_string );
$message = str_replace($mot[$cpt], $nvmot, $message);
}
$cpt++;
}
return $message;
}
/** /**
* Converts HSV to RGB values * Converts HSV to RGB values
* ----------------------------------------------------- * -----------------------------------------------------
@ -959,9 +938,9 @@ function hexa($hex)
* @param int $p * @param int $p
* @return string * @return string
*/ */
function PercentToColor($p=0) { function PercentToColor($p = 0) {
if ($p>100) $p=100; if ($p>100) $p = 100;
if ($p<0) $p=0; if ($p<0) $p = 0;
// Pour aller de vert a rouge en passant par jaune et orange // Pour aller de vert a rouge en passant par jaune et orange
$h = 1+((100-$p)*130/100); $h = 1+((100-$p)*130/100);

290
bureau/class/m_bro.php
View File

@ -46,34 +46,34 @@ class m_bro {
/** internal cache /** internal cache
*/ */
var $mime_desc=array(); var $mime_desc = array();
/** internal cache /** internal cache
*/ */
var $mime_icon=array(); var $mime_icon = array();
/** internal cache /** internal cache
*/ */
var $mime_type=array(); var $mime_type = array();
/** Internal cache for viewurl /** Internal cache for viewurl
*/ */
var $cacheurl=array(); var $cacheurl = array();
/** Font choice in the editor */ /** Font choice in the editor */
var $l_editor_font=array("Arial, Helvetica, Sans-serif","Times, Bookman, Serif","Courier New, Courier, Fixed"); var $l_editor_font = array("Arial, Helvetica, Sans-serif","Times, Bookman, Serif","Courier New, Courier, Fixed");
/** font size in the editor */ /** font size in the editor */
var $l_editor_size=array("18px","14px","12px","10px","8px","0.8em","0.9em","1em","1.1em","1.2em"); var $l_editor_size = array("18px","14px","12px","10px","8px","0.8em","0.9em","1em","1.1em","1.2em");
/** /**
* Constructor * Constructor
**/ **/
function m_bro() { function m_bro() {
$this->l_mode=array( 0=>_("1 column, detailed"), 1=>_("2 columns, short"), 2=>_("3 columns, short") ); $this->l_mode = array( 0=>_("1 column, detailed"), 1=>_("2 columns, short"), 2=>_("3 columns, short") );
$this->l_tgz=array( 0=>_("tgz (Linux)"), 1=>_("tar.bz2 (Linux)"), 2=>_("zip (Windows/Dos)"), 3=>_("tar.Z (Unix)") ); $this->l_tgz = array( 0=>_("tgz (Linux)"), 1=>_("tar.bz2 (Linux)"), 2=>_("zip (Windows/Dos)"), 3=>_("tar.Z (Unix)") );
$this->l_icons=array( 0=>_("No"), 1=>_("Yes") ); $this->l_icons = array( 0=>_("No"), 1=>_("Yes") );
$this->l_createfile=array( 0=>_("Go back to the file manager"), 1=>_("Edit the newly created file") ); $this->l_createfile = array( 0=>_("Go back to the file manager"), 1=>_("Edit the newly created file") );
} }
/** /**
@ -99,24 +99,24 @@ class m_bro {
* @param string $dir * @param string $dir
* @global m_mem $mem * @global m_mem $mem
* @param string $dir Dossier absolu que l'on souhaite vérifier * @param string $dir Dossier absolu que l'on souhaite vérifier
* @param boolean $strip * @param integer $strip
* @return false|string Retourne le nom du dossier vrifi, relatif au * @return false|string Retourne le nom du dossier vérifié, relatif au
* dossier de l'utilisateur courant, ventuellement corrig. * dossier de l'utilisateur courant, éventuellement corrigé.
* ou FALSE si le dossier n'est pas dans le dossier de l'utilisateur. * ou FALSE si le dossier n'est pas dans le dossier de l'utilisateur.
*/ */
function convertabsolute($dir,$strip=true) { function convertabsolute($dir,$strip = 1) {
global $mem; global $mem;
$root=$this->get_user_root($mem->user["login"]); $root = $this->get_user_root($mem->user["login"]);
// Sauvegarde du chemin de base. // Sauvegarde du chemin de base.
$root_alternc = $root ; $root_alternc = $root ;
// Passage du root en chemin rel (diffrent avec un lien) // Passage du root en chemin rel (diffrent avec un lien)
$root=realpath($root) ; $root = realpath($root) ;
// separer le chemin entre le repertoire et le fichier // separer le chemin entre le repertoire et le fichier
$file = basename($dir); $file = basename($dir);
$dir = dirname($dir); $dir = dirname($dir);
$dir=realpath($root."/".$dir); $dir = realpath($root."/".$dir);
// verifier que le repertoire est dans le home de l'usager // verifier que le repertoire est dans le home de l'usager
if (substr($dir,0,strlen($root))!=$root) { if (substr($dir,0,strlen($root)) != $root) {
return false; return false;
} }
@ -129,14 +129,14 @@ class m_bro {
} }
if ($strip) { if ($strip) {
$dir=substr($dir,strlen($root)); $dir = substr($dir,strlen($root));
} else { } else {
// si on ne strip pas, il faut enlever le chemin rel // si on ne strip pas, il faut enlever le chemin rel
// et mettre la racine d'alternc pour viter les // et mettre la racine d'alternc pour viter les
// problmes de lien depuis /var /alternc ! // problmes de lien depuis /var /alternc !
$dir=$root_alternc . substr($dir,strlen($root)); $dir = $root_alternc . substr($dir,strlen($root));
} }
if (substr($dir,-1)=="/") { if (substr($dir,-1) == "/") {
return substr($dir,0,strlen($dir)-1); return substr($dir,0,strlen($dir)-1);
} else } else
return $dir; return $dir;
@ -185,10 +185,10 @@ class m_bro {
* *
* Ce tableau contient tous les paramtres des fichiers du dossier courant * Ce tableau contient tous les paramtres des fichiers du dossier courant
* sous la forme d'un tableau index de tableaux associatifs comme suit : * sous la forme d'un tableau index de tableaux associatifs comme suit :
* $a["name"]=nom du fichier / dossier * $a["name"] = nom du fichier / dossier
* $a["size"]=Taille totale du fichier / dossier + sous-dossier * $a["size"] = Taille totale du fichier / dossier + sous-dossier
* $a["date"]=Date de dernire modification * $a["date"] = Date de dernire modification
* $a["type"]=Type du fichier (1 pour fichier, 0 pour dossier) * $a["type"] = Type du fichier (1 pour fichier, 0 pour dossier)
* *
* @global m_mysql $db * @global m_mysql $db
* @global int $cuid * @global int $cuid
@ -197,19 +197,19 @@ class m_bro {
* @param boolean $showdirsize * @param boolean $showdirsize
* @return array Le tableau contenant les fichiers de $dir, et * @return array Le tableau contenant les fichiers de $dir, et
*/ */
function filelist($dir="", $showdirsize = false) { function filelist($dir = "", $showdirsize = false) {
global $db,$cuid,$err; global $db,$cuid,$err;
$db->query("UPDATE browser SET lastdir='$dir' WHERE uid='$cuid';"); $db->query("UPDATE browser SET lastdir = '$dir' WHERE uid = '$cuid';");
$absolute=$this->convertabsolute($dir,false); $absolute = $this->convertabsolute($dir,0);
if (!$absolute || !file_exists($absolute)) { if (!$absolute || !file_exists($absolute)) {
$err->raise('bro',_("This directory do not exist")); $err->raise('bro',_("This directory do not exist"));
return false; return false;
} }
$c=array(); $c = array();
if ($dir = @opendir($absolute)) { if ($dir = @opendir($absolute)) {
while (($file = readdir($dir)) !== false) { while (($file = readdir($dir)) !== false) {
if ($file!="." && $file!="..") { if ($file!="." && $file!="..") {
$c[]=array("name"=>$file, "size"=>$this->fsize($absolute."/".$file, $showdirsize), "date"=>filemtime($absolute."/".$file), "type"=> (!is_dir($absolute."/".$file)) ); $c[] = array("name"=>$file, "size"=>$this->fsize($absolute."/".$file, $showdirsize), "date"=>filemtime($absolute."/".$file), "type"=> (!is_dir($absolute."/".$file)) );
} }
} }
closedir($dir); closedir($dir);
@ -231,10 +231,10 @@ class m_bro {
*/ */
function GetPrefs() { function GetPrefs() {
global $db,$cuid; global $db,$cuid;
$db->query("SELECT * FROM browser WHERE uid='$cuid';"); $db->query("SELECT * FROM browser WHERE uid = '$cuid';");
if ($db->num_rows()==0) { if ($db->num_rows() == 0) {
$db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size) VALUES (70, 21, 0, 0, 0, 0, 0, '$cuid','Arial, Helvetica, Sans-serif','12px');"); $db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size) VALUES (70, 21, 0, 0, 0, 0, 0, '$cuid','Arial, Helvetica, Sans-serif','12px');");
$db->query("SELECT * FROM browser WHERE uid='$cuid';"); $db->query("SELECT * FROM browser WHERE uid = '$cuid';");
} }
$db->next_record(); $db->next_record();
return $db->Record; return $db->Record;
@ -260,15 +260,19 @@ class m_bro {
*/ */
function SetPrefs($editsizex, $editsizey, $listmode, $showicons, $downfmt, $createfile, $showtype, $editor_font, $editor_size, $golastdir) { function SetPrefs($editsizex, $editsizey, $listmode, $showicons, $downfmt, $createfile, $showtype, $editor_font, $editor_size, $golastdir) {
global $db,$cuid; global $db,$cuid;
$editsizex=intval($editsizex); $editsizey=intval($editsizey); $editsizex = intval($editsizex);
$listmode=intval($listmode); $showicons=intval($showicons); $editsizey = intval($editsizey);
$showtype=intval($showtype); $downfmt=intval($downfmt); $listmode = intval($listmode);
$createfile=intval($createfile); $golastdir=intval($golastdir); $showicons = intval($showicons);
$db->query("SELECT * FROM browser WHERE uid='".intval($cuid)."';"); $showtype = intval($showtype);
if ($db->num_rows()==0) { $downfmt = intval($downfmt);
$createfile = intval($createfile);
$golastdir = intval($golastdir);
$db->query("SELECT * FROM browser WHERE uid = '".intval($cuid)."';");
if ($db->num_rows() == 0) {
$db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size, golastdir) VALUES (70, 21, 0, 0, 0, 0, 0, '".intval($cuid)."','Arial, Helvetica, Sans-serif','12px',1);"); $db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size, golastdir) VALUES (70, 21, 0, 0, 0, 0, 0, '".intval($cuid)."','Arial, Helvetica, Sans-serif','12px',1);");
} }
$db->query("UPDATE browser SET editsizex='$editsizex', editsizey='$editsizey', listmode='$listmode', showicons='$showicons', downfmt='$downfmt', createfile='$createfile', showtype='$showtype', editor_font='$editor_font', editor_size='$editor_size', golastdir='$golastdir' WHERE uid='".intval($cuid)."';"); $db->query("UPDATE browser SET editsizex = '$editsizex', editsizey = '$editsizey', listmode = '$listmode', showicons = '$showicons', downfmt = '$downfmt', createfile = '$createfile', showtype = '$showtype', editor_font = '$editor_font', editor_size = '$editor_size', golastdir = '$golastdir' WHERE uid = '".intval($cuid)."';");
return true; return true;
} }
@ -286,11 +290,11 @@ class m_bro {
if (!strpos($file,".") && substr($file,0,1)!=".") { if (!strpos($file,".") && substr($file,0,1)!=".") {
return "file.png"; return "file.png";
} }
$t=explode(".",$file); $t = explode(".",$file);
if (!is_array($t)) if (!is_array($t))
$ext=$t; $ext = $t;
else else
$ext=$t[count($t)-1]; $ext = $t[count($t)-1];
// Now seek the extension // Now seek the extension
if (!isset($bro_icon[$ext]) || ! $bro_icon[$ext]) { if (!isset($bro_icon[$ext]) || ! $bro_icon[$ext]) {
return "file.png"; return "file.png";
@ -314,11 +318,11 @@ class m_bro {
if (!strpos($file,".") && substr($file,0,1)!=".") { if (!strpos($file,".") && substr($file,0,1)!=".") {
return "File"; return "File";
} }
$t=explode(".",$file); $t = explode(".",$file);
if (!is_array($t)) if (!is_array($t))
$ext=$t; $ext = $t;
else else
$ext=$t[count($t)-1]; $ext = $t[count($t)-1];
// Now seek the extension // Now seek the extension
if (empty($bro_type[$ext])) { if (empty($bro_type[$ext])) {
return "File"; return "File";
@ -390,15 +394,15 @@ class m_bro {
*/ */
function CreateDir($dir,$file) { function CreateDir($dir,$file) {
global $db,$cuid,$err; global $db,$cuid,$err;
$file=ssla($file); $file = ssla($file);
$absolute=$this->convertabsolute($dir."/".$file,false); $absolute = $this->convertabsolute($dir."/".$file,0);
#echo "$absolute"; #echo "$absolute";
if ($absolute && (!file_exists($absolute))) { if ($absolute && (!file_exists($absolute))) {
if (!mkdir($absolute,00777,true)) { if (!mkdir($absolute,00777,true)) {
$err->raise("bro",_("Cannot create the requested directory. Please check the permissions")); $err->raise("bro",_("Cannot create the requested directory. Please check the permissions"));
return false; return false;
} }
$db->query("UPDATE browser SET crff=1 WHERE uid='$cuid';"); $db->query("UPDATE browser SET crff = 1 WHERE uid = '$cuid';");
return true; return true;
} else { } else {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
@ -419,8 +423,8 @@ class m_bro {
*/ */
function CreateFile($dir,$file) { function CreateFile($dir,$file) {
global $db,$err,$cuid; global $db,$err,$cuid;
$file=ssla($file); $file = ssla($file);
$absolute=$this->convertabsolute($dir."/".$file,false); $absolute = $this->convertabsolute($dir."/".$file,0);
if (!$absolute || file_exists($absolute)) { if (!$absolute || file_exists($absolute)) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
@ -431,7 +435,7 @@ class m_bro {
return false; return false;
} }
} }
$db->query("UPDATE browser SET crff=0 WHERE uid='$cuid';"); $db->query("UPDATE browser SET crff = 0 WHERE uid = '$cuid';");
return true; return true;
} }
@ -447,14 +451,14 @@ class m_bro {
*/ */
function DeleteFile($file_list,$R) { function DeleteFile($file_list,$R) {
global $err, $mem; global $err, $mem;
$root=realpath(getuserpath()); $root = realpath(getuserpath());
$absolute=$this->convertabsolute($R,false); $absolute = $this->convertabsolute($R,0);
if (!$absolute && strpos($root,$absolute) === 0 && strlen($absolute) > (strlen($root)+1) ) { if (!$absolute && strpos($root,$absolute) === 0 && strlen($absolute) > (strlen($root)+1) ) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
} }
for ($i=0;$i<count($file_list);$i++) { for ($i = 0;$i<count($file_list);$i++) {
$file_list[$i]=ssla($file_list[$i]); $file_list[$i] = ssla($file_list[$i]);
if (!strpos($file_list[$i],"/") && file_exists($absolute."/".$file_list[$i])) { // Character / forbidden in a FILE name if (!strpos($file_list[$i],"/") && file_exists($absolute."/".$file_list[$i])) { // Character / forbidden in a FILE name
$this->_delete($absolute."/".$file_list[$i]); $this->_delete($absolute."/".$file_list[$i]);
} }
@ -474,20 +478,20 @@ class m_bro {
*/ */
function RenameFile($R,$old,$new) { function RenameFile($R,$old,$new) {
global $err; global $err;
$absolute=$this->convertabsolute($R,false); $absolute = $this->convertabsolute($R,0);
if (!$absolute) { if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
} }
$alea=".".time().rand(1000,9999); $alea = ".".time().rand(1000,9999);
for ($i=0;$i<count($old);$i++) { for ($i = 0;$i<count($old);$i++) {
$old[$i]=ssla($old[$i]); // strip slashes if needed $old[$i] = ssla($old[$i]); // strip slashes if needed
$new[$i]=ssla($new[$i]); $new[$i] = ssla($new[$i]);
if (!strpos($old[$i],"/") && !strpos($new[$i],"/")) { // caractre / interdit dans old ET dans new... if (!strpos($old[$i],"/") && !strpos($new[$i],"/")) { // caractre / interdit dans old ET dans new...
@rename($absolute."/".$old[$i],$absolute."/".$old[$i].$alea); @rename($absolute."/".$old[$i],$absolute."/".$old[$i].$alea);
} }
} }
for ($i=0;$i<count($old);$i++) { for ($i = 0;$i<count($old);$i++) {
if (!strpos($old[$i],"/") && !strpos($new[$i],"/")) { // caractre / interdit dans old ET dans new... if (!strpos($old[$i],"/") && !strpos($new[$i],"/")) { // caractre / interdit dans old ET dans new...
@rename($absolute."/".$old[$i].$alea,$absolute."/".$new[$i]); @rename($absolute."/".$old[$i].$alea,$absolute."/".$new[$i]);
} }
@ -508,7 +512,7 @@ class m_bro {
*/ */
function MoveFile($d,$old,$new) { function MoveFile($d,$old,$new) {
global $err; global $err;
$old=$this->convertabsolute($old,false); $old = $this->convertabsolute($old,0);
if (!$old) { if (!$old) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
@ -517,18 +521,18 @@ class m_bro {
if ($new[0] != '/') { if ($new[0] != '/') {
$new = $old . '/' . $new; $new = $old . '/' . $new;
} }
$new = $this->convertabsolute($new,false); $new = $this->convertabsolute($new,0);
if (!$new) { if (!$new) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
} }
if ($old==$new) { if ($old == $new) {
$err->raise("bro",_("You cannot move or copy a file to the same folder")); $err->raise("bro",_("You cannot move or copy a file to the same folder"));
return false; return false;
} }
for ($i=0;$i<count($d);$i++) { for ($i = 0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed $d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/") && file_exists($old."/".$d[$i]) && !file_exists($new."/".$d[$i])) { if (!strpos($d[$i],"/") && file_exists($old."/".$d[$i]) && !file_exists($new."/".$d[$i])) {
if (!rename($old."/".$d[$i],$new."/".$d[$i])) if (!rename($old."/".$d[$i],$new."/".$d[$i]))
$err->raise("bro", "error renaming $old/$d[$i] -> $new/$d[$i]"); $err->raise("bro", "error renaming $old/$d[$i] -> $new/$d[$i]");
@ -546,15 +550,15 @@ class m_bro {
* @param boolean $verbose Shall we 'echo' what we did ? * @param boolean $verbose Shall we 'echo' what we did ?
* @return boolean TRUE Si les fichiers ont t renomms, FALSE si une erreur s'est produite. * @return boolean TRUE Si les fichiers ont t renomms, FALSE si une erreur s'est produite.
*/ */
function ChangePermissions($R,$d,$perm,$verbose=false) { function ChangePermissions($R,$d,$perm,$verbose = false) {
global $err; global $err;
$absolute=$this->convertabsolute($R,false); $absolute = $this->convertabsolute($R,0);
if (!$absolute) { if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
} }
for ($i=0;$i<count($d);$i++) { for ($i = 0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed $d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/")) { // caractre / interdit dans le nom du fichier if (!strpos($d[$i],"/")) { // caractre / interdit dans le nom du fichier
$m = fileperms($absolute."/". $d[$i]); $m = fileperms($absolute."/". $d[$i]);
@ -591,7 +595,7 @@ class m_bro {
*/ */
function UploadFile($R) { function UploadFile($R) {
global $_FILES,$err,$cuid,$action; global $_FILES,$err,$cuid,$action;
$absolute=$this->convertabsolute($R,false); $absolute = $this->convertabsolute($R,0);
if (!$absolute) { if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
@ -613,7 +617,7 @@ class m_bro {
$err->log("bro","uploadfile","Problem when uploading a file"); $err->log("bro","uploadfile","Problem when uploading a file");
switch ( $_FILES['userfile']['error'] ) { switch ( $_FILES['userfile']['error'] ) {
case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_INI_SIZE:
$erstr=_("The uploaded file exceeds the max file size allowed"); $erstr = _("The uploaded file exceeds the max file size allowed");
break; break;
case UPLOAD_ERR_FORM_SIZE: case UPLOAD_ERR_FORM_SIZE:
case UPLOAD_ERR_PARTIAL: case UPLOAD_ERR_PARTIAL:
@ -622,7 +626,7 @@ class m_bro {
case UPLOAD_ERR_CANT_WRITE: case UPLOAD_ERR_CANT_WRITE:
case UPLOAD_ERR_EXTENSION: case UPLOAD_ERR_EXTENSION:
default: default:
$erstr=_("Undefined error ").$_FILES['userfile']['error']; $erstr = _("Undefined error ").$_FILES['userfile']['error'];
break; break;
} }
$err->raise("bro",_("Error during the upload of the file: ").$erstr); $err->raise("bro",_("Error during the upload of the file: ").$erstr);
@ -645,13 +649,13 @@ class m_bro {
* same directory as the archive by default * same directory as the archive by default
* @return integer|null != 0 on error * @return integer|null != 0 on error
*/ */
function ExtractFile($file, $dest=null) { function ExtractFile($file, $dest = null) {
global $err,$cuid,$mem,$action; global $err,$cuid,$mem,$action;
$file = $this->convertabsolute($file,false); $file = $this->convertabsolute($file,0);
if (is_null($dest)) { if (is_null($dest)) {
$dest = dirname($file); $dest = dirname($file);
} else { } else {
$dest = $this->convertabsolute($dest,false); $dest = $this->convertabsolute($dest,0);
} }
if (!$file || !$dest) { if (!$file || !$dest) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
@ -660,7 +664,7 @@ class m_bro {
$file = escapeshellarg($file); $file = escapeshellarg($file);
$dest_to_fix = $dest; $dest_to_fix = $dest;
$dest = escapeshellarg($dest); $dest = escapeshellarg($dest);
#$dest_to_fix=str_replace(getuserpath(),'',$dest); #$dest_to_fix = str_replace(getuserpath(),'',$dest);
// TODO new version of tar supports `tar xf ...` so there is no // TODO new version of tar supports `tar xf ...` so there is no
// need to specify the compression format // need to specify the compression format
@ -696,22 +700,22 @@ class m_bro {
*/ */
function CopyFile($d,$old,$new) { function CopyFile($d,$old,$new) {
global $err; global $err;
$old=$this->convertabsolute($old,false); $old = $this->convertabsolute($old,0);
if (!$old) { if (!$old) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
} }
$new=$this->convertabsolute($new,false); $new = $this->convertabsolute($new,0);
if (!$new) { if (!$new) {
$err->raise("bro",_("File or folder name is incorrect")); $err->raise("bro",_("File or folder name is incorrect"));
return false; return false;
} }
if ($old==$new) { if ($old == $new) {
$err->raise("bro",_("You cannot move or copy a file to the same folder")); $err->raise("bro",_("You cannot move or copy a file to the same folder"));
return false; return false;
} }
for ($i=0;$i<count($d);$i++) { for ($i = 0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed $d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/") && file_exists($old."/".$d[$i]) && !file_exists($new."/".$d[$i])) { if (!strpos($d[$i],"/") && file_exists($old."/".$d[$i]) && !file_exists($new."/".$d[$i])) {
$this->CopyOneFile($old."/".$d[$i],$new); $this->CopyOneFile($old."/".$d[$i],$new);
} }
@ -749,26 +753,26 @@ class m_bro {
* Affiche le chemin et les liens de la racine au dossier $path * Affiche le chemin et les liens de la racine au dossier $path
* Affiche autant de liens HTML (anchor) que le chemin $path contient de * Affiche autant de liens HTML (anchor) que le chemin $path contient de
* niveaux de dossier. Chaque lien est associ la page web $action * niveaux de dossier. Chaque lien est associ la page web $action
* laquelle on ajoute le paramtre R=+Le nom du dossier courant. * laquelle on ajoute le paramtre R = +Le nom du dossier courant.
* *
* @param string $path Dossier vers lequel on trace le chemin * @param string $path Dossier vers lequel on trace le chemin
* @param string $action Page web de destination des liens * @param string $action Page web de destination des liens
* @param boolean $justparent * @param boolean $justparent
* @return string Le code HTML ainsi obtenu. * @return string Le code HTML ainsi obtenu.
*/ */
function PathList($path,$action, $justparent=false) { function PathList($path,$action, $justparent = false) {
$path=$this->convertabsolute($path,true); $path = $this->convertabsolute($path,1);
$a=explode("/",$path); $a = explode("/",$path);
if (!is_array($a)) $a=array($a); if (!is_array($a)) $a = array($a);
$c=''; $c = '';
$R=''; $R = '';
if ($justparent) { if ($justparent) {
return "<a href=\"$action?R=".urlencode($a[count($a)-2].'/')."\">&uarr;</a>"; return "<a href = \"$action?R = ".urlencode($a[count($a)-2].'/')."\">&uarr;</a>";
} }
for($i=0;$i<count($a);$i++) { for($i = 0;$i<count($a);$i++) {
if ($a[$i]) { if ($a[$i]) {
$R.=$a[$i]."/"; $R .= $a[$i]."/";
$c.="<a href=\"$action?R=".urlencode($R)."\">".$a[$i]."</a>&nbsp;/&nbsp;"; $c .= "<a href = \"$action?R = ".urlencode($R)."\">".$a[$i]."</a>&nbsp;/&nbsp;";
} }
} }
return $c; return $c;
@ -789,11 +793,11 @@ class m_bro {
*/ */
function content($R,$file) { function content($R,$file) {
global $err; global $err;
$absolute=$this->convertabsolute($R,false); $absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) { if (!strpos($file,"/")) {
$absolute.="/".$file; $absolute .= "/".$file;
if (file_exists($absolute)) { if (file_exists($absolute)) {
$std=str_replace("<","&lt;",str_replace("&","&amp;",file_get_contents($absolute))); $std = str_replace("<","&lt;",str_replace("&","&amp;",file_get_contents($absolute)));
return $std; return $std;
} else { } else {
$err->raise("bro",_("Cannot read the requested file. Please check the permissions")); $err->raise("bro",_("Cannot read the requested file. Please check the permissions"));
@ -825,32 +829,32 @@ class m_bro {
function viewurl($dir,$name) { function viewurl($dir,$name) {
global $db,$cuid; global $db,$cuid;
// Is it in cache ? // Is it in cache ?
if (substr($dir,0,1)=="/") $dir=substr($dir,1); if (substr($dir,0,1) == "/") $dir = substr($dir,1);
if (substr($dir,-1)=="/") $dir=substr($dir,0,-1); if (substr($dir,-1) == "/") $dir = substr($dir,0,-1);
$dir=str_replace("%2F", "/", urlencode($dir)); $dir = str_replace("%2F", "/", urlencode($dir));
$name=urlencode($name); $name = urlencode($name);
if (!@$this->cacheurl["d".$dir]) { if (!@$this->cacheurl["d".$dir]) {
// On parcours $dir en remontant les / // On parcours $dir en remontant les /
$end=""; $beg=$dir; $tofind=true; $end = ""; $beg = $dir; $tofind = true;
while ($tofind) { while ($tofind) {
$db->query("SELECT sub,domaine FROM sub_domaines WHERE compte='$cuid' $db->query("SELECT sub,domaine FROM sub_domaines WHERE compte = '$cuid'
AND type=0 AND (valeur='/$beg/' or valeur='/$beg');"); AND type = 0 AND (valeur = '/$beg/' or valeur = '/$beg');");
$db->next_record(); $db->next_record();
if ($db->num_rows()) { if ($db->num_rows()) {
$tofind=false; $tofind = false;
$this->cacheurl["d".$dir]="http://".$db->f("sub").ife($db->f("sub"),".").$db->f("domaine").$end; $this->cacheurl["d".$dir] = "http://".$db->f("sub").ife($db->f("sub"),".").$db->f("domaine").$end;
} }
if (!$beg && $tofind) { if (!$beg && $tofind) {
$tofind=false; $tofind = false;
$this->cacheurl["d".$dir]="-"; $this->cacheurl["d".$dir] = "-";
// We did not find it ;( // We did not find it ;(
} }
if (($tt=strrpos($beg,"/"))!==false) { if (($tt = strrpos($beg,"/"))!==false) {
$end=substr($beg,$tt).$end; // = /topdir$end so $end starts AND ends with / $end = substr($beg,$tt).$end; // = /topdir$end so $end starts AND ends with /
$beg=substr($beg,0,$tt); $beg = substr($beg,0,$tt);
} else { } else {
$end="/".$beg.$end; $end = "/".$beg.$end;
$beg="/"; $beg = "/";
} }
} }
} }
@ -871,8 +875,8 @@ class m_bro {
*/ */
function can_edit($dir,$name) { function can_edit($dir,$name) {
global $mem,$err; global $mem,$err;
$absolute="$dir/$name"; $absolute = "$dir/$name";
$absolute=$this->convertabsolute($absolute,0); $absolute = $this->convertabsolute($absolute,0);
if (!$absolute) { if (!$absolute) {
$err->raise('bro',_("File not in authorized directory")); $err->raise('bro',_("File not in authorized directory"));
include('foot.php'); include('foot.php');
@ -880,7 +884,7 @@ class m_bro {
} }
$finfo = finfo_open(FILEINFO_MIME_TYPE); $finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo,$absolute); $mime = finfo_file($finfo,$absolute);
if ( substr($mime,0,5)=="text/" || $mime == "application/x-empty" || $mime == "inode/x-empty") { if ( substr($mime,0,5) == "text/" || $mime == "application/x-empty" || $mime == "inode/x-empty") {
return true; return true;
} }
return false; return false;
@ -929,7 +933,7 @@ class m_bro {
if ($parts = explode(".", $name)) { if ($parts = explode(".", $name)) {
$ext = array_pop($parts); $ext = array_pop($parts);
$ext2 = array_pop($parts) . '.'.$ext; $ext2 = array_pop($parts) . '.'.$ext;
if ( $ext=='sql' or $ext2=='sql.gz') return true; if ( $ext == 'sql' or $ext2 == 'sql.gz') return true;
} }
return false; return false;
} }
@ -943,7 +947,7 @@ class m_bro {
function download_link($dir,$file){ function download_link($dir,$file){
global $err; global $err;
$err->log("bro","download_link"); $err->log("bro","download_link");
header("Content-Disposition: attachment; filename=$file"); header("Content-Disposition: attachment; filename = $file");
header("Content-Type: application/force-download"); header("Content-Type: application/force-download");
header("Content-Transfer-Encoding: binary"); header("Content-Transfer-Encoding: binary");
$this->content_send($dir,$file); $this->content_send($dir,$file);
@ -960,9 +964,9 @@ class m_bro {
*/ */
function content_send($R,$file) { function content_send($R,$file) {
global $err; global $err;
$absolute=$this->convertabsolute($R,0); $absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) { if (!strpos($file,"/")) {
$absolute.="/".$file; $absolute .= "/".$file;
if (file_exists($absolute)) { if (file_exists($absolute)) {
readfile($absolute); readfile($absolute);
} }
@ -987,9 +991,9 @@ class m_bro {
*/ */
function save($file,$R,$texte) { function save($file,$R,$texte) {
global $err; global $err;
$absolute=$this->convertabsolute($R,false); $absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) { if (!strpos($file,"/")) {
$absolute.="/".$file; $absolute .= "/".$file;
if (file_exists($absolute)) { if (file_exists($absolute)) {
if (! file_put_contents($absolute, $texte ) ) { if (! file_put_contents($absolute, $texte ) ) {
$err->raise("bro",_("Cannot edit the requested file. Please check the permissions")); $err->raise("bro",_("Cannot edit the requested file. Please check the permissions"));
@ -1010,12 +1014,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre. * @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs * @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
*/ */
function DownloadZ($dir="") { function DownloadZ($dir = "") {
global $mem; global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".Z"); header("Content-Disposition: attachment; filename = ".$mem->user["login"].".Z");
header("Content-Type: application/x-Z"); header("Content-Type: application/x-Z");
header("Content-Transfer-Encoding: binary"); header("Content-Transfer-Encoding: binary");
$d=escapeshellarg(".".$this->convertabsolute($dir,true)); $d = escapeshellarg(".".$this->convertabsolute($dir,1));
set_time_limit(0); set_time_limit(0);
passthru("/bin/tar -cZ -C ".getuserpath()."/".$mem->user["login"]."/ $d"); passthru("/bin/tar -cZ -C ".getuserpath()."/".$mem->user["login"]."/ $d");
} }
@ -1028,12 +1032,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre. * @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs * @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
*/ */
function DownloadTGZ($dir="") { function DownloadTGZ($dir = "") {
global $mem; global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".tgz"); header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tgz");
header("Content-Type: application/x-tgz"); header("Content-Type: application/x-tgz");
header("Content-Transfer-Encoding: binary"); header("Content-Transfer-Encoding: binary");
$d=escapeshellarg(".".$this->convertabsolute($dir,true)); $d = escapeshellarg(".".$this->convertabsolute($dir,1));
set_time_limit(0); set_time_limit(0);
passthru("/bin/tar -cz -C ".getuserpath()."/ $d"); passthru("/bin/tar -cz -C ".getuserpath()."/ $d");
} }
@ -1046,12 +1050,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre. * @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs * @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
*/ */
function DownloadTBZ($dir="") { function DownloadTBZ($dir = "") {
global $mem; global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".tar.bz2"); header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tar.bz2");
header("Content-Type: application/x-bzip2"); header("Content-Type: application/x-bzip2");
header("Content-Transfer-Encoding: binary"); header("Content-Transfer-Encoding: binary");
$d=escapeshellarg(".".$this->convertabsolute($dir,true)); $d = escapeshellarg(".".$this->convertabsolute($dir,1));
set_time_limit(0); set_time_limit(0);
passthru("/bin/tar -cj -C ".getuserpath()."/ $d"); passthru("/bin/tar -cj -C ".getuserpath()."/ $d");
} }
@ -1065,12 +1069,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre. * @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs * @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
*/ */
function DownloadZIP($dir="") { function DownloadZIP($dir = "") {
global $mem; global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".zip"); header("Content-Disposition: attachment; filename = ".$mem->user["login"].".zip");
header("Content-Type: application/x-zip"); header("Content-Type: application/x-zip");
header("Content-Transfer-Encoding: binary"); header("Content-Transfer-Encoding: binary");
$d=escapeshellarg($this->convertabsolute($dir,false)); $d = escapeshellarg($this->convertabsolute($dir,false));
set_time_limit(0); set_time_limit(0);
passthru("/usr/bin/zip -r - $d"); passthru("/usr/bin/zip -r - $d");
} }
@ -1127,18 +1131,18 @@ class m_bro {
function alternc_export_conf() { function alternc_export_conf() {
global $db,$err; global $db,$err;
$err->log("bro","export_conf"); $err->log("bro","export_conf");
$str="<table border=\"1\"><caption> Browser </caption>\n"; $str = "<table border = \"1\"><caption> Browser </caption>\n";
$str.=" <browser>\n"; $str .= " <browser>\n";
$pref=$this->GetPrefs(); $pref = $this->GetPrefs();
$i=1; $i = 1;
foreach ($pref as $k=>$v) { foreach ($pref as $k=>$v) {
if (($i % 2)==0){ if (($i % 2) == 0){
$str.=" <$k>$v</$k>\n"; $str .= " <$k>$v</$k>\n";
} }
$i++; $i++;
} }
$str.=" </browser>\n"; $str .= " </browser>\n";
return $str; return $str;
} }
@ -1155,12 +1159,12 @@ class m_bro {
function alternc_export_data($dir){ function alternc_export_data($dir){
global $mem,$err; global $mem,$err;
$err->log("bro","export_data"); $err->log("bro","export_data");
$dir.="html/"; $dir .= "html/";
if(!is_dir($dir)){ if(!is_dir($dir)){
if(!mkdir($dir)) if(!mkdir($dir))
$err->raise("bro",_("Cannot create the requested directory. Please check the permissions")); $err->raise("bro",_("Cannot create the requested directory. Please check the permissions"));
} }
$timestamp=date("H:i:s"); $timestamp = date("H:i:s");
// relacher le lock global sinon ce download va geler alternc pour // relacher le lock global sinon ce download va geler alternc pour
// tout le monde // tout le monde

189
bureau/class/m_hta.php
View File

@ -40,7 +40,6 @@
class m_hta { class m_hta {
/*---------------------------------------------------------------------------*/
/** /**
* Constructor * Constructor
*/ */
@ -50,11 +49,17 @@ class m_hta {
/** /**
* Password kind used in this class (hook for admin class) * Password kind used in this class (hook for admin class)
*
* @return array
*/ */
function alternc_password_policy() { function alternc_password_policy() {
return array("hta"=>"Protected folders passwords"); return array("hta"=>"Protected folders passwords");
} }
/**
*
* @return array
*/
function hook_menu() { function hook_menu() {
$obj = array( $obj = array(
'title' => _("Protected folders"), 'title' => _("Protected folders"),
@ -67,16 +72,21 @@ class m_hta {
} }
/*---------------------------------------------------------------------------*/
/** /**
* Create a protected folder (.htaccess et .htpasswd) * Create a protected folder (.htaccess et .htpasswd)
* @param string $dir Folder to protect (relative to user root) * @param string $dir Folder to protect (relative to user root)
* @return boolean TRUE if the folder has been protected, or FALSE if an error occurred * @return boolean TRUE if the folder has been protected, or FALSE if an error occurred
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir
* @return boolean
*/ */
function CreateDir($dir) { function CreateDir($dir) {
global $mem,$bro,$err; global $mem,$bro,$err;
$err->log("hta","createdir",$dir); $err->log("hta","createdir",$dir);
$absolute=$bro->convertabsolute($dir,0); $absolute = $bro->convertabsolute($dir,0);
if (!$absolute) { if (!$absolute) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir)); $err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false; return false;
@ -95,7 +105,7 @@ class m_hta {
return false; return false;
} }
fseek($file,0); fseek($file,0);
$param="AuthUserFile \"$absolute/.htpasswd\"\nAuthName \""._("Restricted area")."\"\nAuthType Basic\nrequire valid-user\n"; $param = "AuthUserFile \"$absolute/.htpasswd\"\nAuthName \""._("Restricted area")."\"\nAuthType Basic\nrequire valid-user\n";
fwrite($file, $param); fwrite($file, $param);
fclose($file); fclose($file);
} }
@ -110,43 +120,46 @@ class m_hta {
} }
/*---------------------------------------------------------------------------*/
/** /**
* Returns the list of all user folder currently protected by a .htpasswd file * Returns the list of all user folder currently protected by a .htpasswd file
*
* @global m_err $err
* @global m_mem $mem
* @return array Array containing user folder list * @return array Array containing user folder list
*/ */
function ListDir(){ function ListDir(){
global$err,$mem; global$err,$mem;
$err->log("hta","listdir"); $err->log("hta","listdir");
$sortie=array(); $sortie = array();
$absolute=ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]; $absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
exec("find $absolute -name .htpasswd|sort",$sortie); exec("find $absolute -name .htpasswd|sort",$sortie);
if(!count($sortie)){ if(!count($sortie)){
$err->raise("hta",_("No protected folder")); $err->raise("hta",_("No protected folder"));
return false; return false;
} }
$pattern="/^".preg_quote(ALTERNC_HTML,"/")."\/.\/[^\/]*\/(.*)\/\.htpasswd/"; $pattern = "/^".preg_quote(ALTERNC_HTML,"/")."\/.\/[^\/]*\/(.*)\/\.htpasswd/";
$r=array(); $r = array();
for($i=0;$i<count($sortie);$i++){ for($i = 0;$i<count($sortie);$i++){
preg_match($pattern,$sortie[$i],$matches); preg_match($pattern,$sortie[$i],$matches);
$tmpm=isset($matches[1])?'/'.$matches[1]:''; $tmpm = isset($matches[1])?'/'.$matches[1]:'';
$r[$i]=$tmpm."/"; $r[$i] = $tmpm."/";
} }
return $r; return $r;
} }
/*---------------------------------------------------------------------------*/
/** /**
* Tells if a folder is protected. * Tells if a folder is protected.
*
* @global m_mem $mem
* @global m_err $err
* @param string $dir Folder to check * @param string $dir Folder to check
* @return boolean if the folder is protected, or FALSE if it is not * @return boolean If the folder is protected, or FALSE if it is not
*/ */
function is_protected($dir){ function is_protected($dir){
global $mem,$err; global $mem,$err;
$err->log("hta","is_protected",$dir); $err->log("hta","is_protected",$dir);
$absolute=ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir"; $absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
if (file_exists("$absolute/.htpasswd")){ if (file_exists("$absolute/.htpasswd")){
return true; return true;
} else { } else {
@ -155,34 +168,36 @@ class m_hta {
} }
/*---------------------------------------------------------------------------*/
/** /**
* Returns the list of login for a protected folder. * Returns the list of login for a protected folder.
*
* @global m_mem $mem
* @global m_err $err
* @param string $dir The folder to lookup (relative to user root) * @param string $dir The folder to lookup (relative to user root)
* @return array An array containing the list of logins from the .htpasswd file, or FALSE * @return array An array containing the list of logins from the .htpasswd file, or FALSE
*/ */
function get_hta_detail($dir) { function get_hta_detail($dir) {
global $mem,$err; global $mem,$err;
$err->log("hta","get_hta_detail"); $err->log("hta","get_hta_detail");
$absolute=ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir"; $absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
if (file_exists("$absolute/.htaccess")) { if (file_exists("$absolute/.htaccess")) {
/* if (!_reading_htaccess($absolute)) { /* if (!_reading_htaccess($absolute)) {
return false; return false;
} }
*/ } */ }
$file = @fopen("$absolute/.htpasswd","r"); $file = @fopen("$absolute/.htpasswd","r");
$i=0; $i = 0;
$res=array(); $res = array();
if (!$file) { if (!$file) {
return false; return false;
} }
// TODO: Tester la validit<EFBFBD> du .htpasswd // TODO: Tester la validité du .htpasswd
while (!feof($file)) { while (!feof($file)) {
$s=fgets($file,1024); $s = fgets($file,1024);
$t=explode(":",$s); $t = explode(":",$s);
if ($t[0]!=$s) { if ($t[0]!=$s) {
$res[$i]=$t[0]; $res[$i] = $t[0];
$i=$i+1; $i = $i+1;
} }
} }
fclose($file); fclose($file);
@ -190,35 +205,79 @@ class m_hta {
} }
/*---------------------------------------------------------------------------*/
/** /**
* Unprotect a folder * Unprotect a folder
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir Folder to unprotect, relative to user root * @param string $dir Folder to unprotect, relative to user root
* @param boolean $skip For testing purpose mainly, skips the full user path search
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred * @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
*/ */
function DelDir($dir) { function DelDir($dir,$skip = 0) {
global $mem,$bro,$err; global $mem,$bro,$err;
$err->log("hta","deldir",$dir); $err->log("hta","deldir",$dir);
$dir=$bro->convertabsolute($dir,0); $dir = $bro->convertabsolute($dir,$skip);
if (!$dir) { if (!$dir) {
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir)); $err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
return false; return false;
} }
if (!@unlink("$dir/.htaccess")) { $htaccess_file = "$dir/.htaccess";
$err->raise("hta",printf(_("I cannot delete the file '%s/.htaccess'"),$dir)); if( !is_readable($htaccess_file)){
return false; $err->raise("hta",printf(_("I cannot read the file '%s'"),$htaccess_file));
} }
if (!@unlink("$dir/.htpasswd")) { $fileLines = file($htaccess_file);
$patternList = array(
"AuthUserFile.*$",
"AuthName.*$",
"AuthType Basic.*$",
"require valid-user.*$"
);
$count_lines = 0;
foreach($fileLines as $key => $line){
foreach ($patternList as $pattern) {
if(preg_match("/".$pattern."/", $line)){
$count_lines++;
unset($fileLines[$key]);
}
}
}
// If no changes
if( ! $count_lines ){
$err->raise("hta",printf(_("Unexpected: No changes made to '%s'"),$htaccess_file));
}
// If file is empty, remove it
if( !count($fileLines)){
if( ! unlink( $htaccess_file)){
$err->raise("hta",printf(_("I could not delete the file '%s'"),$htaccess_file));
}
}else{
file_put_contents($htaccess_file, implode("\n",$fileLines));
}
$htpasswd_file = "$dir/.htpasswd";
$perms = substr(sprintf('%o', fileperms($dir)), -4);
if( ! is_writable($htpasswd_file)){
$err->raise("hta",printf(_("I cannot read the file '%s'"),$htpasswd_file));
}
else if ( ! unlink($htpasswd_file)) {
$err->raise("hta",printf(_("I cannot delete the file '%s/.htpasswd'"),$dir)); $err->raise("hta",printf(_("I cannot delete the file '%s/.htpasswd'"),$dir));
return false; return false;
} }
return true; return true;
} }
/*---------------------------------------------------------------------------*/
/** /**
* Add a user to a protected folder * Add a user to a protected folder
*
* @global m_err $err
* @global m_bro $bro
* @global m_admin $admin
* @param string $user
* @param string $password
* @param string $dir
* @param string $password The password to add (cleartext) * @param string $password The password to add (cleartext)
* @param string $dir The folder we add it to (relative to user root). * @param string $dir The folder we add it to (relative to user root).
* @return boolean TRUE if the user has been added, or FALSE if an error occurred * @return boolean TRUE if the user has been added, or FALSE if an error occurred
@ -234,7 +293,7 @@ class m_hta {
$err->raise('hta',_("Please enter a password")); $err->raise('hta',_("Please enter a password"));
return false; return false;
} }
$absolute=$bro->convertabsolute($dir,0); $absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) { if (!file_exists($absolute)) {
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir)); $err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
return false; return false;
@ -255,8 +314,8 @@ class m_hta {
} }
fseek($file,0); fseek($file,0);
while (!feof($file)) { while (!feof($file)) {
$s=fgets($file,1024); $s = fgets($file,1024);
$t=explode(":",$s); $t = explode(":",$s);
if ($t[0]==$user) { if ($t[0]==$user) {
$err->raise("hta",_("The user '%s' already exist for this folder"),$user); $err->raise("hta",_("The user '%s' already exist for this folder"),$user);
return false; return false;
@ -276,9 +335,13 @@ class m_hta {
} }
/*---------------------------------------------------------------------------*/ /**
*/
/** /**
* Delete a user from a protected folder. * Delete a user from a protected folder.
*
* @global m_bro $bro
* @global m_err $err
* @param array $lst An array with login to delete. * @param array $lst An array with login to delete.
* @param string $dir The folder, relative to user root, where we want to delete users. * @param string $dir The folder, relative to user root, where we want to delete users.
* @return boolean TRUE if users has been deleted, or FALSE if an error occurred. * @return boolean TRUE if users has been deleted, or FALSE if an error occurred.
@ -286,7 +349,7 @@ class m_hta {
function del_user($lst,$dir) { function del_user($lst,$dir) {
global $bro,$err; global $bro,$err;
$err->log("hta","del_user",$lst."/".$dir); $err->log("hta","del_user",$lst."/".$dir);
$absolute=$bro->convertabsolute($dir,0); $absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) { if (!file_exists($absolute)) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir)); $err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false; return false;
@ -301,8 +364,8 @@ class m_hta {
reset($lst); reset($lst);
fseek($file,0); fseek($file,0);
while (!feof($file)) { while (!feof($file)) {
$s=fgets($file,1024); $s = fgets($file,1024);
$t=explode(":",$s); $t = explode(":",$s);
if (!in_array($t[0],$lst) && ($t[0]!="\n")) { if (!in_array($t[0],$lst) && ($t[0]!="\n")) {
fseek($newf,0); fseek($newf,0);
fwrite($newf, "$s"); fwrite($newf, "$s");
@ -316,18 +379,27 @@ class m_hta {
} }
/*---------------------------------------------------------------------------*/
/** /**
* Change the password of a user in a protected folder
* @param string $user The users whose password should be changed * @param string $user The users whose password should be changed
* @param string $newpass The new password of this user * @param string $newpass The new password of this user
* @param string $dir The folder, relative to user root, in which we will change a password * @param string $dir The folder, relative to user root, in which we will change a password
* @return boolean TRUE if the password has been changed, or FALSE if an error occurred * @return boolean TRUE if the password has been changed, or FALSE if an error occurred
*/ */
/**
* Change the password of a user in a protected folder
*
* @global m_bro $bro
* @global m_err $err
* @global m_admin $admin
* @param string $user
* @param string $newpass
* @param string $dir
* @return boolean
*/
function change_pass($user,$newpass,$dir) { function change_pass($user,$newpass,$dir) {
global $bro,$err,$admin; global $bro,$err,$admin;
$err->log("hta","change_pass",$user."/".$dir); $err->log("hta","change_pass",$user."/".$dir);
$absolute=$bro->convertabsolute($dir,0); $absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) { if (!file_exists($absolute)) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir)); $err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false; return false;
@ -348,8 +420,8 @@ class m_hta {
return false; return false;
} }
while (!feof($file)) { while (!feof($file)) {
$s=fgets($file,1024); $s = fgets($file,1024);
$t=explode(":",$s); $t = explode(":",$s);
if ($t[0]!=$user) { if ($t[0]!=$user) {
fwrite($newf, "$s"); fwrite($newf, "$s");
} }
@ -363,38 +435,39 @@ class m_hta {
} }
/*---------------------------------------------------------------------------*/
/** /**
* Check that a .htaccess file is valid (for authentication) * Check that a .htaccess file is valid (for authentication)
*
* @global m_err $err
* @param type $absolute
* @param string $absolute Folder we want to check (relative to user root) * @param string $absolute Folder we want to check (relative to user root)
* @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else * @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else
* @access private
*/ */
function _reading_htaccess($absolute) { private function _reading_htaccess($absolute) {
global $err; global $err;
$err->log("hta","_reading_htaccess",$absolute); $err->log("hta","_reading_htaccess",$absolute);
$file = fopen("$absolute/.htaccess","r+"); $file = fopen("$absolute/.htaccess","r+");
$lignes=array(1,1,1); $lignes = array(1,1,1);
$errr=0; $errr = 0;
if (!$file) { if (!$file) {
return false; return false;
} }
while (!feof($file) && !$errr) { while (!feof($file) && !$errr) {
$s=fgets($file,1024); $s = fgets($file,1024);
if (substr($s,0,12)!="RewriteCond " && substr($s,0,14)!="ErrorDocument " && substr($s,0,12)!="RewriteRule " && substr($s,0,14)!="RewriteEngine " && trim($s)!="") { if (substr($s,0,12)!="RewriteCond " && substr($s,0,14)!="ErrorDocument " && substr($s,0,12)!="RewriteRule " && substr($s,0,14)!="RewriteEngine " && trim($s)!="") {
$errr=1; $errr = 1;
} }
if (strtolower(trim($s))==strtolower("authuserfile $absolute/.htpasswd")) { if (strtolower(trim($s))==strtolower("authuserfile $absolute/.htpasswd")) {
$lignes[0]=0; $lignes[0] = 0;
$errr=0; $errr = 0;
} // authuserfile } // authuserfile
if (strtolower(trim($s))=="require valid-user") { if (strtolower(trim($s))=="require valid-user") {
$lignes[1]=0; $lignes[1] = 0;
$errr=0; $errr = 0;
} //require } //require
if (strtolower(trim($s))=="authtype basic") { if (strtolower(trim($s))=="authtype basic") {
$lignes[2]=0; $lignes[2] = 0;
$errr=0; $errr = 0;
} //authtype } //authtype
} // Reading config file } // Reading config file
fclose($file); fclose($file);

2
phpunit/bootstrap.php
View File

@ -156,4 +156,4 @@ $mem = new \m_mem();
$err = new \m_err(); $err = new \m_err();
$authip = new \m_authip(); $authip = new \m_authip();
$hooks = new \m_hooks(); $hooks = new \m_hooks();
$bro = new \m_bro();

35
phpunit/tests/bureau/class/m_htaTest.php
View File

@ -9,6 +9,9 @@ class m_htaTest extends PHPUnit_Framework_TestCase
*/ */
protected $object; protected $object;
const PATH_HTACCESS = "/tmp/.htaccess";
const PATH_HTPASSWD = "/tmp/.htpasswd";
/** /**
* Sets up the fixture, for example, opens a network connection. * Sets up the fixture, for example, opens a network connection.
* This method is called before a test is executed. * This method is called before a test is executed.
@ -16,6 +19,10 @@ class m_htaTest extends PHPUnit_Framework_TestCase
protected function setUp() protected function setUp()
{ {
parent::setUp(); parent::setUp();
touch(self::PATH_HTACCESS);
touch(self::PATH_HTPASSWD);
$file_content = "AuthUserFile \"/tmp/.htpasswd\"\nAuthName \"Restricted area\"\nAuthType Basic\nrequire valid-user\n";
file_put_contents(self::PATH_HTACCESS,$file_content);
$this->object = new m_hta; $this->object = new m_hta;
} }
@ -26,6 +33,12 @@ class m_htaTest extends PHPUnit_Framework_TestCase
protected function tearDown() protected function tearDown()
{ {
parent::tearDown(); parent::tearDown();
if(file_exists(self::PATH_HTACCESS)){
unlink (self::PATH_HTACCESS);
}
if(file_exists(self::PATH_HTPASSWD)){
unlink (self::PATH_HTPASSWD);
}
} }
/** /**
@ -114,14 +127,26 @@ class m_htaTest extends PHPUnit_Framework_TestCase
/** /**
* @covers m_hta::DelDir * @covers m_hta::DelDir
* @todo Implement testDelDir().
*/ */
public function testDelDir() public function testDelDir()
{ {
// Remove the following lines when you implement this test. $result = $this->object->DelDir("/tmp",TRUE);
$this->markTestIncomplete( $this->assertTrue($result);
'This test has not been implemented yet.' $this->assertFileNotExists(self::PATH_HTACCESS);
); $this->assertFileNotExists(self::PATH_HTPASSWD);
}
/**
* @covers m_hta::DelDir
*/
public function testDelDirNotEmpty()
{
file_put_contents(self::PATH_HTACCESS, "\nphpunit", FILE_APPEND);
$result = $this->object->DelDir("/tmp",TRUE);
$this->assertTrue($result);
$this->assertFileExists(self::PATH_HTACCESS);
$this->assertFileNotExists(self::PATH_HTPASSWD);
$this->assertTrue("phpunit" == trim(file_get_contents(self::PATH_HTACCESS)));
} }
/** /**

18
roundcube/roundcube-install
View File

@ -28,7 +28,7 @@ then
# cp -f /etc/alternc/templates/roundcube/avelsieve-config.php /etc/alternc/templates/roundcube/apache.conf /etc/roundcube/ # cp -f /etc/alternc/templates/roundcube/avelsieve-config.php /etc/alternc/templates/roundcube/apache.conf /etc/roundcube/
# cp -f /etc/alternc/templates/javascript-common/javascript-common.conf /etc/javascript-common/ # cp -f /etc/alternc/templates/javascript-common/javascript-common.conf /etc/javascript-common/
LOGIN="2000_roundcube" LOGIN="0000_roundcube"
PASSWORD="`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..10)'`" PASSWORD="`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..10)'`"
DESKEY="`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..24)'`" DESKEY="`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..24)'`"
@ -40,7 +40,6 @@ then
# Configuration template location # Configuration template location
TEMPLATE_DIR="/etc/alternc/templates" TEMPLATE_DIR="/etc/alternc/templates"
CONFIG_FILES="etc/roundcube/main.inc.php etc/roundcube/plugins/password/config.inc.php etc/roundcube/plugins/managesieve/config.inc.php" CONFIG_FILES="etc/roundcube/main.inc.php etc/roundcube/plugins/password/config.inc.php etc/roundcube/plugins/managesieve/config.inc.php"
LOGROTATE_FILES="etc/logrotate.d/roundcube-core"
cat > $SED_SCRIPT <<EOF cat > $SED_SCRIPT <<EOF
s\\%%ALTERNC_LOC%%\\$ALTERNC_LOC\\; s\\%%ALTERNC_LOC%%\\$ALTERNC_LOC\\;
@ -62,14 +61,6 @@ EOF
echo " Done" echo " Done"
for file in $LOGROTATE_FILES; do
TEMPLATE="$TEMPLATE_DIR/${file##etc/}"
echo -n " $file"
if [ -f "$TEMPLATE" ]; then
cat $TEMPLATE > /$file
fi
done
echo " Done" echo " Done"
. /usr/lib/alternc/functions.sh . /usr/lib/alternc/functions.sh
@ -99,10 +90,3 @@ EOF
fi fi
#This is necessary because upgrading roundcube from 7.1 to 7.2 changes this setting
if [ "$1" = "end" ]; then
chown alternc-roundcube:root /etc/roundcube/main.inc.php
fi

28
roundcube/templates/apache2/roundcube.conf
View File

@ -1,46 +1,46 @@
<VirtualHost *:80> <VirtualHost *:80>
ServerName %%fqdn%% ServerName %%fqdn%%
AssignUserId alternc-roundcube nogroup AssignUserId www-data www-data
SetEnv LOGIN "%%UID%%-%%LOGIN%%" SetEnv LOGIN "0000-roundcube"
DocumentRoot /var/lib/roundcube DocumentRoot /var/lib/roundcube
# Access to tinymce files # Access to tinymce files
<Directory "/usr/share/tinymce/www/"> <Directory "/usr/share/tinymce/www/">
Options Indexes MultiViews FollowSymLinks Options Indexes MultiViews FollowSymLinks
AllowOverride None AllowOverride None
Order allow,deny Order allow,deny
allow from all allow from all
</Directory> </Directory>
<Directory /var/lib/roundcube/> <Directory /var/lib/roundcube/>
Options +FollowSymLinks Options +FollowSymLinks
# This is needed to parse /var/lib/roundcube/.htaccess. See its # This is needed to parse /var/lib/roundcube/.htaccess. See its
# content before setting AllowOverride to None. # content before setting AllowOverride to None.
AllowOverride All AllowOverride All
order allow,deny order allow,deny
allow from all allow from all
</Directory> </Directory>
# Protecting basic directories: # Protecting basic directories:
<Directory /var/lib/roundcube/config> <Directory /var/lib/roundcube/config>
Options -FollowSymLinks Options -FollowSymLinks
AllowOverride None AllowOverride None
</Directory> </Directory>
<Directory /var/lib/roundcube/temp> <Directory /var/lib/roundcube/temp>
Options -FollowSymLinks Options -FollowSymLinks
AllowOverride None AllowOverride None
Order allow,deny Order allow,deny
Deny from all Deny from all
</Directory> </Directory>
<Directory /var/lib/roundcube/logs> <Directory /var/lib/roundcube/logs>
Options -FollowSymLinks Options -FollowSymLinks
AllowOverride None AllowOverride None
Order allow,deny Order allow,deny
Deny from all Deny from all
</Directory> </Directory>
Alias /javascript /usr/share/javascript/ Alias /javascript /usr/share/javascript/

15
roundcube/templates/logrotate.d/roundcube-core
View File

@ -1,15 +0,0 @@
######
# Configuration file of Roundcube's logrotate for AlternC
#
# /!\ WARNING /!\ Do not edit this file, edit the one in
# /etc/alternc/templates/logrotate.d/ and launch alternc.install again.
######
/var/log/roundcube/password /var/log/roundcube/errors /var/log/roundcube/sendmail /var/log/roundcube/userlogins {
create 0640 alternc-roundcube root
compress
missingok
notifempty
rotate 52
weekly
}