kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' of git.alternc.org:alternc

This commit is contained in:
root 2014-03-27 16:16:24 +01:00
parent 502dd726db 0f48d94c04
commit e243b63c7c
10 changed files with 493 additions and 443 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitattributes vendored
View File

@ -615,7 +615,6 @@ roundcube/class/m_roundcube.php -text
roundcube/roundcube-install -text
roundcube/roundcube_alternc_logo.png -text
roundcube/templates/apache2/roundcube.conf -text
roundcube/templates/logrotate.d/roundcube-core -text
roundcube/templates/roundcube/main.inc.php -text
roundcube/templates/roundcube/plugins/managesieve/config.inc.php -text
roundcube/templates/roundcube/plugins/password/config.inc.php -text

9
bureau/admin/hta_del.php
View File

@ -35,11 +35,12 @@ reset($_POST);
while (list($key,$val)=each($_POST)) {
if (substr($key,0,4)=="del_") {
// Effacement du dossier $val
$r=$hta->DelDir($val);
if (!$r) {
$error.=$err->errstr()."<br />";
// $r=$hta->DelDir($val);
$return = $hta->DelDir($val);
if (!$return) {
$error.= $err->errstr()."<br />";
} else {
$error.=sprintf(_("The protected folder %s has been successfully unprotected"),$val)."<br />";
$error.= sprintf(_("The protected folder %s has been successfully unprotected"),$val)."<br />";
}
}
}

191
bureau/class/functions.php
View File

@ -44,7 +44,7 @@ function fl($str) { return str_replace("<","&lt;",str_replace("\"","&quot;",$str
* @param struing $type
* @return mixed
*/
function variable_get($name, $default = null, $createit_comment = null, $type=null) {
function variable_get($name, $default = null, $createit_comment = null, $type = null) {
global $variables;
return $variables->variable_get($name, $default, $createit_comment, $type);
}
@ -66,16 +66,16 @@ function variable_get($name, $default = null, $createit_comment = null, $type=nu
*/
function checkhostallow($domain,$dns) {
global $L_NS1,$L_NS2,$db,$dom;
$sizefound=0;
$found="";
$sizefound = 0;
$found = "";
$db->query("SELECT tld,mode FROM tld;");
while ($db->next_record()) {
list($key,$val)=$db->Record;
list($key,$val) = $db->Record;
if (substr($domain,-1-strlen($key))==".".$key) {
if ($sizefound<strlen($key)) {
$sizefound=strlen($key);
$found=$key;
$fmode=$val;
$sizefound = strlen($key);
$found = $key;
$fmode = $val;
}
}
}
@ -88,10 +88,10 @@ function checkhostallow($domain,$dns) {
return -2;
if ($fmode>2) // OK, in the case 3 4 5
return $found;
$n1=false; $n2=false;
for ($i=0;$i<count($dns);$i++) {
if (strtolower($dns[$i])==strtolower($L_NS1)) $n1=true;
if (strtolower($dns[$i])==strtolower($L_NS2)) $n2=true;
$n1 = false; $n2 = false;
for ($i = 0;$i<count($dns);$i++) {
if (strtolower($dns[$i])==strtolower($L_NS1)) $n1 = true;
if (strtolower($dns[$i])==strtolower($L_NS2)) $n2 = true;
}
if ($fmode==1 && $n1) // OK
return $found;
@ -109,16 +109,16 @@ function checkhostallow($domain,$dns) {
*/
function checkhostallow_nodns($domain) {
global $db;
$sizefound=0;
$found="";
$sizefound = 0;
$found = "";
$db->query("SELECT tld,mode FROM tld;");
while ($db->next_record()) {
list($key,$val)=$db->Record;
list($key,$val) = $db->Record;
if (substr($domain,-1-strlen($key))==".".$key) {
if ($sizefound<strlen($key)) {
$sizefound=strlen($key);
$found=$key;
$fmode=$val;
$sizefound = strlen($key);
$found = $key;
$fmode = $val;
}
}
}
@ -149,12 +149,12 @@ function get_remote_ip() {
function checkurl($url) {
// TODO : add a path/file check
if (substr($url,0,7)!="http://" && substr($url,0,8)!="https://" && substr($url,0,6)!="ftp://") return false;
if (substr($url,0,7)=="http://" ) $fq=substr($url,7);
if (substr($url,0,8)=="https://") $fq=substr($url,8);
if (substr($url,0,6)=="ftp://" ) $fq=substr($url,6);
$f=explode("/",$fq);
if (!is_array($f)) $f=array($f);
$t=checkfqdn($f[0]);
if (substr($url,0,7)=="http://" ) $fq = substr($url,7);
if (substr($url,0,8)=="https://") $fq = substr($url,8);
if (substr($url,0,6)=="ftp://" ) $fq = substr($url,6);
$f = explode("/",$fq);
if (!is_array($f)) $f = array($f);
$t = checkfqdn($f[0]);
if ($t) return false;
return true;
}
@ -235,8 +235,8 @@ function checkfqdn($fqdn) {
// 4. Le fqdn ne fait qu'un seul membre (il n'est donc pas fq...)
if (strlen($fqdn)>255)
return 1;
$members=explode(".", $fqdn);
if (count($members)>1) $ret=0; else $ret=4;
$members = explode(".", $fqdn);
if (count($members)>1) $ret = 0; else $ret = 4;
reset($members);
while (list ($key, $val) = each ($members)) {
if (strlen($val)>63)
@ -262,10 +262,10 @@ function checkfqdn($fqdn) {
*/
function checkuserpath($path) {
global $mem;
$user=$mem->user["login"];
$usar=substr($user,0,1);
$user = $mem->user["login"];
$usar = substr($user,0,1);
if (substr($path,0,1)!="/")
$path="/".$path;
$path = "/".$path;
$rpath = realpath(ALTERNC_HTML."/$usar/$user$path");
if (!$rpath) { // if file or directory does not exist
@ -310,7 +310,7 @@ function cbox($test, $echo = TRUE) {
if ($test) {
$return = " checked=\"checked\"";
} else {
$return='';
$return = '';
}
if( $echo ){
echo $return;
@ -331,7 +331,7 @@ function selected($bool, $echo = TRUE) {
if ($bool) {
$return = " selected=\"selected\"";
} else {
$return='';
$return = '';
}
if( $echo ){
echo $return;
@ -347,7 +347,7 @@ function selected($bool, $echo = TRUE) {
* @param integer $affiche
* @return string
*/
function ecif($test,$tr,$fa="",$affiche=1) {
function ecif($test,$tr,$fa = "",$affiche = 1) {
if ($test){
$retour = $tr;
}
@ -375,7 +375,7 @@ function __($str) {
* @param string $fa
* @return string
*/
function ife($test,$tr,$fa="") {
function ife($test,$tr,$fa = "") {
if ($test){
return $tr;
}
@ -388,33 +388,33 @@ function ife($test,$tr,$fa="") {
* @param integer $html
* @return string
*/
function format_size($size,$html=0) {
function format_size($size,$html = 0) {
// Retourne une taille formatt<74>e en Octets, Kilo-octets, M<>ga-octets ou Giga-Octets, avec 2 d<>cimales.
if ("-" == $size) {
return $size;
}
$size=(float)$size;
$size = (float)$size;
if ($size<1024) {
$r=$size;
$r = $size;
if ($size!=1) {
$r.=" "._("Bytes");
} else {
$r.=" "._("Byte");
}
} else {
$size=$size/1024;
$size = $size/1024;
if ($size<1024) {
$r=round($size,2)." "._("Kb");
$r = round($size,2)." "._("Kb");
} else {
$size=$size/1024;
$size = $size/1024;
if ($size<1024) {
$r=round($size,2)." "._("Mb");
$r = round($size,2)." "._("Mb");
} else {
$size=$size/1024;
$size = $size/1024;
if ($size<1024) {
$r=round($size,2)." "._("Gb");
$r = round($size,2)." "._("Gb");
} else {
$r=round($size/1024,2)." "._("Tb");
$r = round($size/1024,2)." "._("Tb");
}
}
}
@ -448,17 +448,17 @@ function linkhelp($hid) {
* @return string
*/
function format_date($format,$date) {
$d=substr($date,8,2);
$m=substr($date,5,2);
$y=substr($date,0,4);
$h=substr($date,11,2);
$i=substr($date,14,2);
$d = substr($date,8,2);
$m = substr($date,5,2);
$y = substr($date,0,4);
$h = substr($date,11,2);
$i = substr($date,14,2);
if ($h>12) {
$hh=$h-12;
$am="pm";
$hh = $h-12;
$am = "pm";
} else {
$hh=$h;
$am="am";
$hh = $h;
$am = "am";
}
return sprintf($format,$d,$m,$y,$h,$i,$hh,$am);
}
@ -482,13 +482,13 @@ function ssla($str) {
* @return string Retourne le mot de passe crypt<EFBFBD>
* @access private
*/
function _md5cr($pass,$salt="") {
function _md5cr($pass,$salt = "") {
if (!$salt) {
$chars="./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ($i=0;$i<12;$i++) {
$chars = "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ($i = 0;$i<12;$i++) {
$salt.=substr($chars,(mt_rand(0,strlen($chars))),1);
}
$salt="$1$".$salt;
$salt = "$1$".$salt;
}
return crypt($pass,$salt);
}
@ -536,7 +536,7 @@ function pretty_months($months) {
* @return string Code html pour le drop-down
* @access private
*/
function duration_list($name, $selected=0) {
function duration_list($name, $selected = 0) {
$res = "<select name=\"$name\" id=\"$name\" class=\"inl\">";
foreach(array(0, 1, 2, 3, 4, 6, 12, 24) as $dur) {
@ -568,10 +568,10 @@ function duration_list($name, $selected=0) {
* @param string $cur
* @param boolean $onedim
*/
function eoption($values,$cur,$onedim=false) {
function eoption($values,$cur,$onedim = false) {
if (is_array($values)) {
foreach ($values as $k=>$v) {
if ( $onedim ) $k=$v;
if ( $onedim ) $k = $v;
echo "<option value=\"$k\"";
if ($k==$cur) echo " selected=\"selected\"";
echo ">".$v."</option>";
@ -697,15 +697,15 @@ function list_properties_order($a, $b) {
* @param boolean $echo
* @return string
*/
function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
function pager($offset,$count,$total,$url,$before = "",$after = "",$echo = TRUE) {
$return = "";
$offset=intval($offset);
$count=intval($count);
$total=intval($total);
if ($offset<=0) $offset="0";
if ($count<=1) $count="1";
if ($total<=0) $total="0";
if ($total<$offset) $offset=max(0,$total-$count);
$offset = intval($offset);
$count = intval($count);
$total = intval($total);
if ($offset<=0) $offset = "0";
if ($count<=1) $count = "1";
if ($total<=0) $total = "0";
if ($total<$offset) $offset = max(0,$total-$count);
if ($total<=$count) { // When there is less element than 1 complete page, just don't do anything :-D
return true;
@ -722,17 +722,17 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
if ($total>(2*$count)) { // On n'affiche le pager central (0 1 2 ...) s'il y a au moins 2 pages.
$return .= " - ";
if (($total<($count*10)) && ($total>$count)) { // moins de 10 pages :
for($i=0;$i<$total/$count;$i++) {
$o=$i*$count;
for($i = 0;$i<$total/$count;$i++) {
$o = $i*$count;
if ($offset==$o) {
$return .= $i." ";
} else {
$return .= "<a href=\"".str_replace("%%offset%%",$o,$url)."\">$i</a> ";
$return .= "<a href = \"".str_replace("%%offset%%",$o,$url)."\">$i</a> ";
}
}
} else { // Plus de 10 pages, on affiche 0 1 2 , 2 avant et 2 apr<70>s la page courante, et les 3 dernieres
for($i=0;$i<=2;$i++) {
$o=$i*$count;
for($i = 0;$i<=2;$i++) {
$o = $i*$count;
if ($offset==$o) {
$return .= $i." ";
} else {
@ -741,11 +741,11 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
}
if ($offset>=$count && $offset<($total-2*$count)) { // On est entre les milieux ...
// On affiche 2 avant jusque 2 apr<70>s l'offset courant mais sans d<>border sur les indices affich<63>s autour
$start=max(3,intval($offset/$count)-2);
$end=min(intval($offset/$count)+3,intval($total/$count)-3);
$start = max(3,intval($offset/$count)-2);
$end = min(intval($offset/$count)+3,intval($total/$count)-3);
if ($start!=3) $return .= " ... ";
for($i=$start;$i<$end;$i++) {
$o=$i*$count;
for($i = $start;$i<$end;$i++) {
$o = $i*$count;
if ($offset==$o) {
$return .= $i." ";
} else {
@ -756,8 +756,8 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
} else {
$return .= " ... ";
}
for($i=intval($total/$count)-3;$i<$total/$count;$i++) {
$o=$i*$count;
for($i = intval($total/$count)-3;$i<$total/$count;$i++) {
$o = $i*$count;
if ($offset==$o) {
$return .= $i." ";
} else {
@ -769,7 +769,7 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
}
// Shall-we show the next page link ?
if ($offset+$count<$total) {
$o=$offset+$count;
$o = $offset+$count;
$return .= "<a href=\"".str_replace("%%offset%%",$o,$url)."\" alt=\"(Ctl/Alt-s)\" title=\"(Alt-s)\" accesskey=\"s\">"._("Next Page")."</a> ";
} else {
$return .= _("Next Page")." ";
@ -808,8 +808,8 @@ function create_pass($length = 8){
* @param string $fields_to_fill2
* @return int
*/
function display_div_generate_password($pass_size=DEFAULT_PASS_SIZE, $fields_to_fill1="", $fields_to_fill2="") {
$id=rand(1,1000);
function display_div_generate_password($pass_size = DEFAULT_PASS_SIZE, $fields_to_fill1 = "", $fields_to_fill2 = "") {
$id = rand(1,1000);
echo "<div id='z$id' style='display:none;'><a href=\"javascript:generate_password_html('$id',$pass_size,'$fields_to_fill1','$fields_to_fill2');\">";
__("Clic here to generate a password");
echo "</a></div>";
@ -825,9 +825,9 @@ function display_div_generate_password($pass_size=DEFAULT_PASS_SIZE, $fields_to_
* @param int $width
* @param int $height
*/
function display_browser($dir="", $caller="main.dir", $width=350, $height=450) {
function display_browser($dir = "", $caller = "main.dir", $width = 350, $height = 450) {
// Browser id
$bid="b".rand(1,1000);
$bid = "b".rand(1,1000);
echo "<script type=\"text/javascript\">
<!--
$(function() {
@ -863,27 +863,6 @@ function display_browser($dir="", $caller="main.dir", $width=350, $height=450) {
}
/**
* Insere un $wrap_string tous les $max caracteres dans $message
*
* @param string $message
* @param int $max
* @param string $wrap_string
* @return string
*/
function auto_wrap($message="",$max=10,$wrap_string="<wbr/>") {
$cpt = 0;
$mot = split(" ",$message);
while (isset($mot[$cpt]) && ($mot[$cpt] != "")){
if(@strlen($mot[$cpt]) > $max){
$nvmot = chunk_split ($mot[$cpt], $max, $wrap_string );
$message = str_replace($mot[$cpt], $nvmot, $message);
}
$cpt++;
}
return $message;
}
/**
* Converts HSV to RGB values
* -----------------------------------------------------
@ -959,9 +938,9 @@ function hexa($hex)
* @param int $p
* @return string
*/
function PercentToColor($p=0) {
if ($p>100) $p=100;
if ($p<0) $p=0;
function PercentToColor($p = 0) {
if ($p>100) $p = 100;
if ($p<0) $p = 0;
// Pour aller de vert a rouge en passant par jaune et orange
$h = 1+((100-$p)*130/100);

290
bureau/class/m_bro.php
View File

@ -46,34 +46,34 @@ class m_bro {
/** internal cache
*/
var $mime_desc=array();
var $mime_desc = array();
/** internal cache
*/
var $mime_icon=array();
var $mime_icon = array();
/** internal cache
*/
var $mime_type=array();
var $mime_type = array();
/** Internal cache for viewurl
*/
var $cacheurl=array();
var $cacheurl = array();
/** Font choice in the editor */
var $l_editor_font=array("Arial, Helvetica, Sans-serif","Times, Bookman, Serif","Courier New, Courier, Fixed");
var $l_editor_font = array("Arial, Helvetica, Sans-serif","Times, Bookman, Serif","Courier New, Courier, Fixed");
/** font size in the editor */
var $l_editor_size=array("18px","14px","12px","10px","8px","0.8em","0.9em","1em","1.1em","1.2em");
var $l_editor_size = array("18px","14px","12px","10px","8px","0.8em","0.9em","1em","1.1em","1.2em");
/**
* Constructor
**/
function m_bro() {
$this->l_mode=array( 0=>_("1 column, detailed"), 1=>_("2 columns, short"), 2=>_("3 columns, short") );
$this->l_tgz=array( 0=>_("tgz (Linux)"), 1=>_("tar.bz2 (Linux)"), 2=>_("zip (Windows/Dos)"), 3=>_("tar.Z (Unix)") );
$this->l_icons=array( 0=>_("No"), 1=>_("Yes") );
$this->l_createfile=array( 0=>_("Go back to the file manager"), 1=>_("Edit the newly created file") );
$this->l_mode = array( 0=>_("1 column, detailed"), 1=>_("2 columns, short"), 2=>_("3 columns, short") );
$this->l_tgz = array( 0=>_("tgz (Linux)"), 1=>_("tar.bz2 (Linux)"), 2=>_("zip (Windows/Dos)"), 3=>_("tar.Z (Unix)") );
$this->l_icons = array( 0=>_("No"), 1=>_("Yes") );
$this->l_createfile = array( 0=>_("Go back to the file manager"), 1=>_("Edit the newly created file") );
}
/**
@ -99,24 +99,24 @@ class m_bro {
* @param string $dir
* @global m_mem $mem
* @param string $dir Dossier absolu que l'on souhaite vérifier
* @param boolean $strip
* @return false|string Retourne le nom du dossier vrifi, relatif au
* dossier de l'utilisateur courant, ventuellement corrig.
* @param integer $strip
* @return false|string Retourne le nom du dossier vérifié, relatif au
* dossier de l'utilisateur courant, éventuellement corrigé.
* ou FALSE si le dossier n'est pas dans le dossier de l'utilisateur.
*/
function convertabsolute($dir,$strip=true) {
function convertabsolute($dir,$strip = 1) {
global $mem;
$root=$this->get_user_root($mem->user["login"]);
$root = $this->get_user_root($mem->user["login"]);
// Sauvegarde du chemin de base.
$root_alternc = $root ;
// Passage du root en chemin rel (diffrent avec un lien)
$root=realpath($root) ;
$root = realpath($root) ;
// separer le chemin entre le repertoire et le fichier
$file = basename($dir);
$dir = dirname($dir);
$dir=realpath($root."/".$dir);
$dir = realpath($root."/".$dir);
// verifier que le repertoire est dans le home de l'usager
if (substr($dir,0,strlen($root))!=$root) {
if (substr($dir,0,strlen($root)) != $root) {
return false;
}
@ -129,14 +129,14 @@ class m_bro {
}
if ($strip) {
$dir=substr($dir,strlen($root));
$dir = substr($dir,strlen($root));
} else {
// si on ne strip pas, il faut enlever le chemin rel
// et mettre la racine d'alternc pour viter les
// problmes de lien depuis /var /alternc !
$dir=$root_alternc . substr($dir,strlen($root));
$dir = $root_alternc . substr($dir,strlen($root));
}
if (substr($dir,-1)=="/") {
if (substr($dir,-1) == "/") {
return substr($dir,0,strlen($dir)-1);
} else
return $dir;
@ -185,10 +185,10 @@ class m_bro {
*
* Ce tableau contient tous les paramtres des fichiers du dossier courant
* sous la forme d'un tableau index de tableaux associatifs comme suit :
* $a["name"]=nom du fichier / dossier
* $a["size"]=Taille totale du fichier / dossier + sous-dossier
* $a["date"]=Date de dernire modification
* $a["type"]=Type du fichier (1 pour fichier, 0 pour dossier)
* $a["name"] = nom du fichier / dossier
* $a["size"] = Taille totale du fichier / dossier + sous-dossier
* $a["date"] = Date de dernire modification
* $a["type"] = Type du fichier (1 pour fichier, 0 pour dossier)
*
* @global m_mysql $db
* @global int $cuid
@ -197,19 +197,19 @@ class m_bro {
* @param boolean $showdirsize
* @return array Le tableau contenant les fichiers de $dir, et
*/
function filelist($dir="", $showdirsize = false) {
function filelist($dir = "", $showdirsize = false) {
global $db,$cuid,$err;
$db->query("UPDATE browser SET lastdir='$dir' WHERE uid='$cuid';");
$absolute=$this->convertabsolute($dir,false);
$db->query("UPDATE browser SET lastdir = '$dir' WHERE uid = '$cuid';");
$absolute = $this->convertabsolute($dir,0);
if (!$absolute || !file_exists($absolute)) {
$err->raise('bro',_("This directory do not exist"));
return false;
}
$c=array();
$c = array();
if ($dir = @opendir($absolute)) {
while (($file = readdir($dir)) !== false) {
if ($file!="." && $file!="..") {
$c[]=array("name"=>$file, "size"=>$this->fsize($absolute."/".$file, $showdirsize), "date"=>filemtime($absolute."/".$file), "type"=> (!is_dir($absolute."/".$file)) );
$c[] = array("name"=>$file, "size"=>$this->fsize($absolute."/".$file, $showdirsize), "date"=>filemtime($absolute."/".$file), "type"=> (!is_dir($absolute."/".$file)) );
}
}
closedir($dir);
@ -231,10 +231,10 @@ class m_bro {
*/
function GetPrefs() {
global $db,$cuid;
$db->query("SELECT * FROM browser WHERE uid='$cuid';");
if ($db->num_rows()==0) {
$db->query("SELECT * FROM browser WHERE uid = '$cuid';");
if ($db->num_rows() == 0) {
$db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size) VALUES (70, 21, 0, 0, 0, 0, 0, '$cuid','Arial, Helvetica, Sans-serif','12px');");
$db->query("SELECT * FROM browser WHERE uid='$cuid';");
$db->query("SELECT * FROM browser WHERE uid = '$cuid';");
}
$db->next_record();
return $db->Record;
@ -260,15 +260,19 @@ class m_bro {
*/
function SetPrefs($editsizex, $editsizey, $listmode, $showicons, $downfmt, $createfile, $showtype, $editor_font, $editor_size, $golastdir) {
global $db,$cuid;
$editsizex=intval($editsizex); $editsizey=intval($editsizey);
$listmode=intval($listmode); $showicons=intval($showicons);
$showtype=intval($showtype); $downfmt=intval($downfmt);
$createfile=intval($createfile); $golastdir=intval($golastdir);
$db->query("SELECT * FROM browser WHERE uid='".intval($cuid)."';");
if ($db->num_rows()==0) {
$editsizex = intval($editsizex);
$editsizey = intval($editsizey);
$listmode = intval($listmode);
$showicons = intval($showicons);
$showtype = intval($showtype);
$downfmt = intval($downfmt);
$createfile = intval($createfile);
$golastdir = intval($golastdir);
$db->query("SELECT * FROM browser WHERE uid = '".intval($cuid)."';");
if ($db->num_rows() == 0) {
$db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size, golastdir) VALUES (70, 21, 0, 0, 0, 0, 0, '".intval($cuid)."','Arial, Helvetica, Sans-serif','12px',1);");
}
$db->query("UPDATE browser SET editsizex='$editsizex', editsizey='$editsizey', listmode='$listmode', showicons='$showicons', downfmt='$downfmt', createfile='$createfile', showtype='$showtype', editor_font='$editor_font', editor_size='$editor_size', golastdir='$golastdir' WHERE uid='".intval($cuid)."';");
$db->query("UPDATE browser SET editsizex = '$editsizex', editsizey = '$editsizey', listmode = '$listmode', showicons = '$showicons', downfmt = '$downfmt', createfile = '$createfile', showtype = '$showtype', editor_font = '$editor_font', editor_size = '$editor_size', golastdir = '$golastdir' WHERE uid = '".intval($cuid)."';");
return true;
}
@ -286,11 +290,11 @@ class m_bro {
if (!strpos($file,".") && substr($file,0,1)!=".") {
return "file.png";
}
$t=explode(".",$file);
$t = explode(".",$file);
if (!is_array($t))
$ext=$t;
$ext = $t;
else
$ext=$t[count($t)-1];
$ext = $t[count($t)-1];
// Now seek the extension
if (!isset($bro_icon[$ext]) || ! $bro_icon[$ext]) {
return "file.png";
@ -314,11 +318,11 @@ class m_bro {
if (!strpos($file,".") && substr($file,0,1)!=".") {
return "File";
}
$t=explode(".",$file);
$t = explode(".",$file);
if (!is_array($t))
$ext=$t;
$ext = $t;
else
$ext=$t[count($t)-1];
$ext = $t[count($t)-1];
// Now seek the extension
if (empty($bro_type[$ext])) {
return "File";
@ -390,15 +394,15 @@ class m_bro {
*/
function CreateDir($dir,$file) {
global $db,$cuid,$err;
$file=ssla($file);
$absolute=$this->convertabsolute($dir."/".$file,false);
$file = ssla($file);
$absolute = $this->convertabsolute($dir."/".$file,0);
#echo "$absolute";
if ($absolute && (!file_exists($absolute))) {
if (!mkdir($absolute,00777,true)) {
$err->raise("bro",_("Cannot create the requested directory. Please check the permissions"));
return false;
}
$db->query("UPDATE browser SET crff=1 WHERE uid='$cuid';");
$db->query("UPDATE browser SET crff = 1 WHERE uid = '$cuid';");
return true;
} else {
$err->raise("bro",_("File or folder name is incorrect"));
@ -419,8 +423,8 @@ class m_bro {
*/
function CreateFile($dir,$file) {
global $db,$err,$cuid;
$file=ssla($file);
$absolute=$this->convertabsolute($dir."/".$file,false);
$file = ssla($file);
$absolute = $this->convertabsolute($dir."/".$file,0);
if (!$absolute || file_exists($absolute)) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
@ -431,7 +435,7 @@ class m_bro {
return false;
}
}
$db->query("UPDATE browser SET crff=0 WHERE uid='$cuid';");
$db->query("UPDATE browser SET crff = 0 WHERE uid = '$cuid';");
return true;
}
@ -447,14 +451,14 @@ class m_bro {
*/
function DeleteFile($file_list,$R) {
global $err, $mem;
$root=realpath(getuserpath());
$absolute=$this->convertabsolute($R,false);
$root = realpath(getuserpath());
$absolute = $this->convertabsolute($R,0);
if (!$absolute && strpos($root,$absolute) === 0 && strlen($absolute) > (strlen($root)+1) ) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
}
for ($i=0;$i<count($file_list);$i++) {
$file_list[$i]=ssla($file_list[$i]);
for ($i = 0;$i<count($file_list);$i++) {
$file_list[$i] = ssla($file_list[$i]);
if (!strpos($file_list[$i],"/") && file_exists($absolute."/".$file_list[$i])) { // Character / forbidden in a FILE name
$this->_delete($absolute."/".$file_list[$i]);
}
@ -474,20 +478,20 @@ class m_bro {
*/
function RenameFile($R,$old,$new) {
global $err;
$absolute=$this->convertabsolute($R,false);
$absolute = $this->convertabsolute($R,0);
if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
}
$alea=".".time().rand(1000,9999);
for ($i=0;$i<count($old);$i++) {
$old[$i]=ssla($old[$i]); // strip slashes if needed
$new[$i]=ssla($new[$i]);
$alea = ".".time().rand(1000,9999);
for ($i = 0;$i<count($old);$i++) {
$old[$i] = ssla($old[$i]); // strip slashes if needed
$new[$i] = ssla($new[$i]);
if (!strpos($old[$i],"/") && !strpos($new[$i],"/")) { // caractre / interdit dans old ET dans new...
@rename($absolute."/".$old[$i],$absolute."/".$old[$i].$alea);
}
}
for ($i=0;$i<count($old);$i++) {
for ($i = 0;$i<count($old);$i++) {
if (!strpos($old[$i],"/") && !strpos($new[$i],"/")) { // caractre / interdit dans old ET dans new...
@rename($absolute."/".$old[$i].$alea,$absolute."/".$new[$i]);
}
@ -508,7 +512,7 @@ class m_bro {
*/
function MoveFile($d,$old,$new) {
global $err;
$old=$this->convertabsolute($old,false);
$old = $this->convertabsolute($old,0);
if (!$old) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
@ -517,18 +521,18 @@ class m_bro {
if ($new[0] != '/') {
$new = $old . '/' . $new;
}
$new = $this->convertabsolute($new,false);
$new = $this->convertabsolute($new,0);
if (!$new) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
}
if ($old==$new) {
if ($old == $new) {
$err->raise("bro",_("You cannot move or copy a file to the same folder"));
return false;
}
for ($i=0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed
for ($i = 0;$i<count($d);$i++) {
$d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/") && file_exists($old."/".$d[$i]) && !file_exists($new."/".$d[$i])) {
if (!rename($old."/".$d[$i],$new."/".$d[$i]))
$err->raise("bro", "error renaming $old/$d[$i] -> $new/$d[$i]");
@ -546,15 +550,15 @@ class m_bro {
* @param boolean $verbose Shall we 'echo' what we did ?
* @return boolean TRUE Si les fichiers ont t renomms, FALSE si une erreur s'est produite.
*/
function ChangePermissions($R,$d,$perm,$verbose=false) {
function ChangePermissions($R,$d,$perm,$verbose = false) {
global $err;
$absolute=$this->convertabsolute($R,false);
$absolute = $this->convertabsolute($R,0);
if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
}
for ($i=0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed
for ($i = 0;$i<count($d);$i++) {
$d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/")) { // caractre / interdit dans le nom du fichier
$m = fileperms($absolute."/". $d[$i]);
@ -591,7 +595,7 @@ class m_bro {
*/
function UploadFile($R) {
global $_FILES,$err,$cuid,$action;
$absolute=$this->convertabsolute($R,false);
$absolute = $this->convertabsolute($R,0);
if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
@ -613,7 +617,7 @@ class m_bro {
$err->log("bro","uploadfile","Problem when uploading a file");
switch ( $_FILES['userfile']['error'] ) {
case UPLOAD_ERR_INI_SIZE:
$erstr=_("The uploaded file exceeds the max file size allowed");
$erstr = _("The uploaded file exceeds the max file size allowed");
break;
case UPLOAD_ERR_FORM_SIZE:
case UPLOAD_ERR_PARTIAL:
@ -622,7 +626,7 @@ class m_bro {
case UPLOAD_ERR_CANT_WRITE:
case UPLOAD_ERR_EXTENSION:
default:
$erstr=_("Undefined error ").$_FILES['userfile']['error'];
$erstr = _("Undefined error ").$_FILES['userfile']['error'];
break;
}
$err->raise("bro",_("Error during the upload of the file: ").$erstr);
@ -645,13 +649,13 @@ class m_bro {
* same directory as the archive by default
* @return integer|null != 0 on error
*/
function ExtractFile($file, $dest=null) {
function ExtractFile($file, $dest = null) {
global $err,$cuid,$mem,$action;
$file = $this->convertabsolute($file,false);
$file = $this->convertabsolute($file,0);
if (is_null($dest)) {
$dest = dirname($file);
} else {
$dest = $this->convertabsolute($dest,false);
$dest = $this->convertabsolute($dest,0);
}
if (!$file || !$dest) {
$err->raise("bro",_("File or folder name is incorrect"));
@ -660,7 +664,7 @@ class m_bro {
$file = escapeshellarg($file);
$dest_to_fix = $dest;
$dest = escapeshellarg($dest);
#$dest_to_fix=str_replace(getuserpath(),'',$dest);
#$dest_to_fix = str_replace(getuserpath(),'',$dest);
// TODO new version of tar supports `tar xf ...` so there is no
// need to specify the compression format
@ -696,22 +700,22 @@ class m_bro {
*/
function CopyFile($d,$old,$new) {
global $err;
$old=$this->convertabsolute($old,false);
$old = $this->convertabsolute($old,0);
if (!$old) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
}
$new=$this->convertabsolute($new,false);
$new = $this->convertabsolute($new,0);
if (!$new) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
}
if ($old==$new) {
if ($old == $new) {
$err->raise("bro",_("You cannot move or copy a file to the same folder"));
return false;
}
for ($i=0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed
for ($i = 0;$i<count($d);$i++) {
$d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/") && file_exists($old."/".$d[$i]) && !file_exists($new."/".$d[$i])) {
$this->CopyOneFile($old."/".$d[$i],$new);
}
@ -749,26 +753,26 @@ class m_bro {
* Affiche le chemin et les liens de la racine au dossier $path
* Affiche autant de liens HTML (anchor) que le chemin $path contient de
* niveaux de dossier. Chaque lien est associ la page web $action
* laquelle on ajoute le paramtre R=+Le nom du dossier courant.
* laquelle on ajoute le paramtre R = +Le nom du dossier courant.
*
* @param string $path Dossier vers lequel on trace le chemin
* @param string $action Page web de destination des liens
* @param boolean $justparent
* @return string Le code HTML ainsi obtenu.
*/
function PathList($path,$action, $justparent=false) {
$path=$this->convertabsolute($path,true);
$a=explode("/",$path);
if (!is_array($a)) $a=array($a);
$c='';
$R='';
function PathList($path,$action, $justparent = false) {
$path = $this->convertabsolute($path,1);
$a = explode("/",$path);
if (!is_array($a)) $a = array($a);
$c = '';
$R = '';
if ($justparent) {
return "<a href=\"$action?R=".urlencode($a[count($a)-2].'/')."\">&uarr;</a>";
return "<a href = \"$action?R = ".urlencode($a[count($a)-2].'/')."\">&uarr;</a>";
}
for($i=0;$i<count($a);$i++) {
for($i = 0;$i<count($a);$i++) {
if ($a[$i]) {
$R.=$a[$i]."/";
$c.="<a href=\"$action?R=".urlencode($R)."\">".$a[$i]."</a>&nbsp;/&nbsp;";
$R .= $a[$i]."/";
$c .= "<a href = \"$action?R = ".urlencode($R)."\">".$a[$i]."</a>&nbsp;/&nbsp;";
}
}
return $c;
@ -789,11 +793,11 @@ class m_bro {
*/
function content($R,$file) {
global $err;
$absolute=$this->convertabsolute($R,false);
$absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) {
$absolute.="/".$file;
$absolute .= "/".$file;
if (file_exists($absolute)) {
$std=str_replace("<","&lt;",str_replace("&","&amp;",file_get_contents($absolute)));
$std = str_replace("<","&lt;",str_replace("&","&amp;",file_get_contents($absolute)));
return $std;
} else {
$err->raise("bro",_("Cannot read the requested file. Please check the permissions"));
@ -825,32 +829,32 @@ class m_bro {
function viewurl($dir,$name) {
global $db,$cuid;
// Is it in cache ?
if (substr($dir,0,1)=="/") $dir=substr($dir,1);
if (substr($dir,-1)=="/") $dir=substr($dir,0,-1);
$dir=str_replace("%2F", "/", urlencode($dir));
$name=urlencode($name);
if (substr($dir,0,1) == "/") $dir = substr($dir,1);
if (substr($dir,-1) == "/") $dir = substr($dir,0,-1);
$dir = str_replace("%2F", "/", urlencode($dir));
$name = urlencode($name);
if (!@$this->cacheurl["d".$dir]) {
// On parcours $dir en remontant les /
$end=""; $beg=$dir; $tofind=true;
$end = ""; $beg = $dir; $tofind = true;
while ($tofind) {
$db->query("SELECT sub,domaine FROM sub_domaines WHERE compte='$cuid'
AND type=0 AND (valeur='/$beg/' or valeur='/$beg');");
$db->query("SELECT sub,domaine FROM sub_domaines WHERE compte = '$cuid'
AND type = 0 AND (valeur = '/$beg/' or valeur = '/$beg');");
$db->next_record();
if ($db->num_rows()) {
$tofind=false;
$this->cacheurl["d".$dir]="http://".$db->f("sub").ife($db->f("sub"),".").$db->f("domaine").$end;
$tofind = false;
$this->cacheurl["d".$dir] = "http://".$db->f("sub").ife($db->f("sub"),".").$db->f("domaine").$end;
}
if (!$beg && $tofind) {
$tofind=false;
$this->cacheurl["d".$dir]="-";
$tofind = false;
$this->cacheurl["d".$dir] = "-";
// We did not find it ;(
}
if (($tt=strrpos($beg,"/"))!==false) {
$end=substr($beg,$tt).$end; // = /topdir$end so $end starts AND ends with /
$beg=substr($beg,0,$tt);
if (($tt = strrpos($beg,"/"))!==false) {
$end = substr($beg,$tt).$end; // = /topdir$end so $end starts AND ends with /
$beg = substr($beg,0,$tt);
} else {
$end="/".$beg.$end;
$beg="/";
$end = "/".$beg.$end;
$beg = "/";
}
}
}
@ -871,8 +875,8 @@ class m_bro {
*/
function can_edit($dir,$name) {
global $mem,$err;
$absolute="$dir/$name";
$absolute=$this->convertabsolute($absolute,0);
$absolute = "$dir/$name";
$absolute = $this->convertabsolute($absolute,0);
if (!$absolute) {
$err->raise('bro',_("File not in authorized directory"));
include('foot.php');
@ -880,7 +884,7 @@ class m_bro {
}
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo,$absolute);
if ( substr($mime,0,5)=="text/" || $mime == "application/x-empty" || $mime == "inode/x-empty") {
if ( substr($mime,0,5) == "text/" || $mime == "application/x-empty" || $mime == "inode/x-empty") {
return true;
}
return false;
@ -929,7 +933,7 @@ class m_bro {
if ($parts = explode(".", $name)) {
$ext = array_pop($parts);
$ext2 = array_pop($parts) . '.'.$ext;
if ( $ext=='sql' or $ext2=='sql.gz') return true;
if ( $ext == 'sql' or $ext2 == 'sql.gz') return true;
}
return false;
}
@ -943,7 +947,7 @@ class m_bro {
function download_link($dir,$file){
global $err;
$err->log("bro","download_link");
header("Content-Disposition: attachment; filename=$file");
header("Content-Disposition: attachment; filename = $file");
header("Content-Type: application/force-download");
header("Content-Transfer-Encoding: binary");
$this->content_send($dir,$file);
@ -960,9 +964,9 @@ class m_bro {
*/
function content_send($R,$file) {
global $err;
$absolute=$this->convertabsolute($R,0);
$absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) {
$absolute.="/".$file;
$absolute .= "/".$file;
if (file_exists($absolute)) {
readfile($absolute);
}
@ -987,9 +991,9 @@ class m_bro {
*/
function save($file,$R,$texte) {
global $err;
$absolute=$this->convertabsolute($R,false);
$absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) {
$absolute.="/".$file;
$absolute .= "/".$file;
if (file_exists($absolute)) {
if (! file_put_contents($absolute, $texte ) ) {
$err->raise("bro",_("Cannot edit the requested file. Please check the permissions"));
@ -1010,12 +1014,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
*/
function DownloadZ($dir="") {
function DownloadZ($dir = "") {
global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".Z");
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".Z");
header("Content-Type: application/x-Z");
header("Content-Transfer-Encoding: binary");
$d=escapeshellarg(".".$this->convertabsolute($dir,true));
$d = escapeshellarg(".".$this->convertabsolute($dir,1));
set_time_limit(0);
passthru("/bin/tar -cZ -C ".getuserpath()."/".$mem->user["login"]."/ $d");
}
@ -1028,12 +1032,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
*/
function DownloadTGZ($dir="") {
function DownloadTGZ($dir = "") {
global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".tgz");
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tgz");
header("Content-Type: application/x-tgz");
header("Content-Transfer-Encoding: binary");
$d=escapeshellarg(".".$this->convertabsolute($dir,true));
$d = escapeshellarg(".".$this->convertabsolute($dir,1));
set_time_limit(0);
passthru("/bin/tar -cz -C ".getuserpath()."/ $d");
}
@ -1046,12 +1050,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
*/
function DownloadTBZ($dir="") {
function DownloadTBZ($dir = "") {
global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".tar.bz2");
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tar.bz2");
header("Content-Type: application/x-bzip2");
header("Content-Transfer-Encoding: binary");
$d=escapeshellarg(".".$this->convertabsolute($dir,true));
$d = escapeshellarg(".".$this->convertabsolute($dir,1));
set_time_limit(0);
passthru("/bin/tar -cj -C ".getuserpath()."/ $d");
}
@ -1065,12 +1069,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
*/
function DownloadZIP($dir="") {
function DownloadZIP($dir = "") {
global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".zip");
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".zip");
header("Content-Type: application/x-zip");
header("Content-Transfer-Encoding: binary");
$d=escapeshellarg($this->convertabsolute($dir,false));
$d = escapeshellarg($this->convertabsolute($dir,false));
set_time_limit(0);
passthru("/usr/bin/zip -r - $d");
}
@ -1127,18 +1131,18 @@ class m_bro {
function alternc_export_conf() {
global $db,$err;
$err->log("bro","export_conf");
$str="<table border=\"1\"><caption> Browser </caption>\n";
$str.=" <browser>\n";
$pref=$this->GetPrefs();
$str = "<table border = \"1\"><caption> Browser </caption>\n";
$str .= " <browser>\n";
$pref = $this->GetPrefs();
$i=1;
$i = 1;
foreach ($pref as $k=>$v) {
if (($i % 2)==0){
$str.=" <$k>$v</$k>\n";
if (($i % 2) == 0){
$str .= " <$k>$v</$k>\n";
}
$i++;
}
$str.=" </browser>\n";
$str .= " </browser>\n";
return $str;
}
@ -1155,12 +1159,12 @@ class m_bro {
function alternc_export_data($dir){
global $mem,$err;
$err->log("bro","export_data");
$dir.="html/";
$dir .= "html/";
if(!is_dir($dir)){
if(!mkdir($dir))
$err->raise("bro",_("Cannot create the requested directory. Please check the permissions"));
}
$timestamp=date("H:i:s");
$timestamp = date("H:i:s");
// relacher le lock global sinon ce download va geler alternc pour
// tout le monde

189
bureau/class/m_hta.php
View File

@ -40,7 +40,6 @@
class m_hta {
/*---------------------------------------------------------------------------*/
/**
* Constructor
*/
@ -50,11 +49,17 @@ class m_hta {
/**
* Password kind used in this class (hook for admin class)
*
* @return array
*/
function alternc_password_policy() {
return array("hta"=>"Protected folders passwords");
}
/**
*
* @return array
*/
function hook_menu() {
$obj = array(
'title' => _("Protected folders"),
@ -67,16 +72,21 @@ class m_hta {
}
/*---------------------------------------------------------------------------*/
/**
* Create a protected folder (.htaccess et .htpasswd)
* @param string $dir Folder to protect (relative to user root)
* @return boolean TRUE if the folder has been protected, or FALSE if an error occurred
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir
* @return boolean
*/
function CreateDir($dir) {
global $mem,$bro,$err;
$err->log("hta","createdir",$dir);
$absolute=$bro->convertabsolute($dir,0);
$absolute = $bro->convertabsolute($dir,0);
if (!$absolute) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
@ -95,7 +105,7 @@ class m_hta {
return false;
}
fseek($file,0);
$param="AuthUserFile \"$absolute/.htpasswd\"\nAuthName \""._("Restricted area")."\"\nAuthType Basic\nrequire valid-user\n";
$param = "AuthUserFile \"$absolute/.htpasswd\"\nAuthName \""._("Restricted area")."\"\nAuthType Basic\nrequire valid-user\n";
fwrite($file, $param);
fclose($file);
}
@ -110,43 +120,46 @@ class m_hta {
}
/*---------------------------------------------------------------------------*/
/**
* Returns the list of all user folder currently protected by a .htpasswd file
*
* @global m_err $err
* @global m_mem $mem
* @return array Array containing user folder list
*/
function ListDir(){
global$err,$mem;
$err->log("hta","listdir");
$sortie=array();
$absolute=ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
$sortie = array();
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
exec("find $absolute -name .htpasswd|sort",$sortie);
if(!count($sortie)){
$err->raise("hta",_("No protected folder"));
return false;
}
$pattern="/^".preg_quote(ALTERNC_HTML,"/")."\/.\/[^\/]*\/(.*)\/\.htpasswd/";
$pattern = "/^".preg_quote(ALTERNC_HTML,"/")."\/.\/[^\/]*\/(.*)\/\.htpasswd/";
$r=array();
for($i=0;$i<count($sortie);$i++){
$r = array();
for($i = 0;$i<count($sortie);$i++){
preg_match($pattern,$sortie[$i],$matches);
$tmpm=isset($matches[1])?'/'.$matches[1]:'';
$r[$i]=$tmpm."/";
$tmpm = isset($matches[1])?'/'.$matches[1]:'';
$r[$i] = $tmpm."/";
}
return $r;
}
/*---------------------------------------------------------------------------*/
/**
* Tells if a folder is protected.
*
* @global m_mem $mem
* @global m_err $err
* @param string $dir Folder to check
* @return boolean if the folder is protected, or FALSE if it is not
* @return boolean If the folder is protected, or FALSE if it is not
*/
function is_protected($dir){
global $mem,$err;
$err->log("hta","is_protected",$dir);
$absolute=ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
if (file_exists("$absolute/.htpasswd")){
return true;
} else {
@ -155,34 +168,36 @@ class m_hta {
}
/*---------------------------------------------------------------------------*/
/**
* Returns the list of login for a protected folder.
*
* @global m_mem $mem
* @global m_err $err
* @param string $dir The folder to lookup (relative to user root)
* @return array An array containing the list of logins from the .htpasswd file, or FALSE
*/
function get_hta_detail($dir) {
global $mem,$err;
$err->log("hta","get_hta_detail");
$absolute=ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
if (file_exists("$absolute/.htaccess")) {
/* if (!_reading_htaccess($absolute)) {
return false;
}
*/ }
$file = @fopen("$absolute/.htpasswd","r");
$i=0;
$res=array();
$i = 0;
$res = array();
if (!$file) {
return false;
}
// TODO: Tester la validit<EFBFBD> du .htpasswd
// TODO: Tester la validité du .htpasswd
while (!feof($file)) {
$s=fgets($file,1024);
$t=explode(":",$s);
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]!=$s) {
$res[$i]=$t[0];
$i=$i+1;
$res[$i] = $t[0];
$i = $i+1;
}
}
fclose($file);
@ -190,35 +205,79 @@ class m_hta {
}
/*---------------------------------------------------------------------------*/
/**
* Unprotect a folder
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir Folder to unprotect, relative to user root
* @param boolean $skip For testing purpose mainly, skips the full user path search
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
*/
function DelDir($dir) {
function DelDir($dir,$skip = 0) {
global $mem,$bro,$err;
$err->log("hta","deldir",$dir);
$dir=$bro->convertabsolute($dir,0);
$dir = $bro->convertabsolute($dir,$skip);
if (!$dir) {
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
return false;
}
if (!@unlink("$dir/.htaccess")) {
$err->raise("hta",printf(_("I cannot delete the file '%s/.htaccess'"),$dir));
return false;
$htaccess_file = "$dir/.htaccess";
if( !is_readable($htaccess_file)){
$err->raise("hta",printf(_("I cannot read the file '%s'"),$htaccess_file));
}
if (!@unlink("$dir/.htpasswd")) {
$fileLines = file($htaccess_file);
$patternList = array(
"AuthUserFile.*$",
"AuthName.*$",
"AuthType Basic.*$",
"require valid-user.*$"
);
$count_lines = 0;
foreach($fileLines as $key => $line){
foreach ($patternList as $pattern) {
if(preg_match("/".$pattern."/", $line)){
$count_lines++;
unset($fileLines[$key]);
}
}
}
// If no changes
if( ! $count_lines ){
$err->raise("hta",printf(_("Unexpected: No changes made to '%s'"),$htaccess_file));
}
// If file is empty, remove it
if( !count($fileLines)){
if( ! unlink( $htaccess_file)){
$err->raise("hta",printf(_("I could not delete the file '%s'"),$htaccess_file));
}
}else{
file_put_contents($htaccess_file, implode("\n",$fileLines));
}
$htpasswd_file = "$dir/.htpasswd";
$perms = substr(sprintf('%o', fileperms($dir)), -4);
if( ! is_writable($htpasswd_file)){
$err->raise("hta",printf(_("I cannot read the file '%s'"),$htpasswd_file));
}
else if ( ! unlink($htpasswd_file)) {
$err->raise("hta",printf(_("I cannot delete the file '%s/.htpasswd'"),$dir));
return false;
}
return true;
}
/*---------------------------------------------------------------------------*/
/**
* Add a user to a protected folder
*
* @global m_err $err
* @global m_bro $bro
* @global m_admin $admin
* @param string $user
* @param string $password
* @param string $dir
* @param string $password The password to add (cleartext)
* @param string $dir The folder we add it to (relative to user root).
* @return boolean TRUE if the user has been added, or FALSE if an error occurred
@ -234,7 +293,7 @@ class m_hta {
$err->raise('hta',_("Please enter a password"));
return false;
}
$absolute=$bro->convertabsolute($dir,0);
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
return false;
@ -255,8 +314,8 @@ class m_hta {
}
fseek($file,0);
while (!feof($file)) {
$s=fgets($file,1024);
$t=explode(":",$s);
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]==$user) {
$err->raise("hta",_("The user '%s' already exist for this folder"),$user);
return false;
@ -276,9 +335,13 @@ class m_hta {
}
/*---------------------------------------------------------------------------*/
/**
*/
/**
* Delete a user from a protected folder.
*
* @global m_bro $bro
* @global m_err $err
* @param array $lst An array with login to delete.
* @param string $dir The folder, relative to user root, where we want to delete users.
* @return boolean TRUE if users has been deleted, or FALSE if an error occurred.
@ -286,7 +349,7 @@ class m_hta {
function del_user($lst,$dir) {
global $bro,$err;
$err->log("hta","del_user",$lst."/".$dir);
$absolute=$bro->convertabsolute($dir,0);
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
@ -301,8 +364,8 @@ class m_hta {
reset($lst);
fseek($file,0);
while (!feof($file)) {
$s=fgets($file,1024);
$t=explode(":",$s);
$s = fgets($file,1024);
$t = explode(":",$s);
if (!in_array($t[0],$lst) && ($t[0]!="\n")) {
fseek($newf,0);
fwrite($newf, "$s");
@ -316,18 +379,27 @@ class m_hta {
}
/*---------------------------------------------------------------------------*/
/**
* Change the password of a user in a protected folder
* @param string $user The users whose password should be changed
* @param string $newpass The new password of this user
* @param string $dir The folder, relative to user root, in which we will change a password
* @return boolean TRUE if the password has been changed, or FALSE if an error occurred
*/
/**
* Change the password of a user in a protected folder
*
* @global m_bro $bro
* @global m_err $err
* @global m_admin $admin
* @param string $user
* @param string $newpass
* @param string $dir
* @return boolean
*/
function change_pass($user,$newpass,$dir) {
global $bro,$err,$admin;
$err->log("hta","change_pass",$user."/".$dir);
$absolute=$bro->convertabsolute($dir,0);
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
@ -348,8 +420,8 @@ class m_hta {
return false;
}
while (!feof($file)) {
$s=fgets($file,1024);
$t=explode(":",$s);
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]!=$user) {
fwrite($newf, "$s");
}
@ -363,38 +435,39 @@ class m_hta {
}
/*---------------------------------------------------------------------------*/
/**
* Check that a .htaccess file is valid (for authentication)
*
* @global m_err $err
* @param type $absolute
* @param string $absolute Folder we want to check (relative to user root)
* @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else
* @access private
*/
function _reading_htaccess($absolute) {
private function _reading_htaccess($absolute) {
global $err;
$err->log("hta","_reading_htaccess",$absolute);
$file = fopen("$absolute/.htaccess","r+");
$lignes=array(1,1,1);
$errr=0;
$lignes = array(1,1,1);
$errr = 0;
if (!$file) {
return false;
}
while (!feof($file) && !$errr) {
$s=fgets($file,1024);
$s = fgets($file,1024);
if (substr($s,0,12)!="RewriteCond " && substr($s,0,14)!="ErrorDocument " && substr($s,0,12)!="RewriteRule " && substr($s,0,14)!="RewriteEngine " && trim($s)!="") {
$errr=1;
$errr = 1;
}
if (strtolower(trim($s))==strtolower("authuserfile $absolute/.htpasswd")) {
$lignes[0]=0;
$errr=0;
$lignes[0] = 0;
$errr = 0;
} // authuserfile
if (strtolower(trim($s))=="require valid-user") {
$lignes[1]=0;
$errr=0;
$lignes[1] = 0;
$errr = 0;
} //require
if (strtolower(trim($s))=="authtype basic") {
$lignes[2]=0;
$errr=0;
$lignes[2] = 0;
$errr = 0;
} //authtype
} // Reading config file
fclose($file);

2
phpunit/bootstrap.php
View File

@ -156,4 +156,4 @@ $mem = new \m_mem();
$err = new \m_err();
$authip = new \m_authip();
$hooks = new \m_hooks();
$bro = new \m_bro();

35
phpunit/tests/bureau/class/m_htaTest.php
View File

@ -9,6 +9,9 @@ class m_htaTest extends PHPUnit_Framework_TestCase
*/
protected $object;
const PATH_HTACCESS = "/tmp/.htaccess";
const PATH_HTPASSWD = "/tmp/.htpasswd";
/**
* Sets up the fixture, for example, opens a network connection.
* This method is called before a test is executed.
@ -16,6 +19,10 @@ class m_htaTest extends PHPUnit_Framework_TestCase
protected function setUp()
{
parent::setUp();
touch(self::PATH_HTACCESS);
touch(self::PATH_HTPASSWD);
$file_content = "AuthUserFile \"/tmp/.htpasswd\"\nAuthName \"Restricted area\"\nAuthType Basic\nrequire valid-user\n";
file_put_contents(self::PATH_HTACCESS,$file_content);
$this->object = new m_hta;
}
@ -26,6 +33,12 @@ class m_htaTest extends PHPUnit_Framework_TestCase
protected function tearDown()
{
parent::tearDown();
if(file_exists(self::PATH_HTACCESS)){
unlink (self::PATH_HTACCESS);
}
if(file_exists(self::PATH_HTPASSWD)){
unlink (self::PATH_HTPASSWD);
}
}
/**
@ -114,14 +127,26 @@ class m_htaTest extends PHPUnit_Framework_TestCase
/**
* @covers m_hta::DelDir
* @todo Implement testDelDir().
*/
public function testDelDir()
{
// Remove the following lines when you implement this test.
$this->markTestIncomplete(
'This test has not been implemented yet.'
);
$result = $this->object->DelDir("/tmp",TRUE);
$this->assertTrue($result);
$this->assertFileNotExists(self::PATH_HTACCESS);
$this->assertFileNotExists(self::PATH_HTPASSWD);
}
/**
* @covers m_hta::DelDir
*/
public function testDelDirNotEmpty()
{
file_put_contents(self::PATH_HTACCESS, "\nphpunit", FILE_APPEND);
$result = $this->object->DelDir("/tmp",TRUE);
$this->assertTrue($result);
$this->assertFileExists(self::PATH_HTACCESS);
$this->assertFileNotExists(self::PATH_HTPASSWD);
$this->assertTrue("phpunit" == trim(file_get_contents(self::PATH_HTACCESS)));
}
/**

18
roundcube/roundcube-install
View File

@ -28,7 +28,7 @@ then
# cp -f /etc/alternc/templates/roundcube/avelsieve-config.php /etc/alternc/templates/roundcube/apache.conf /etc/roundcube/
# cp -f /etc/alternc/templates/javascript-common/javascript-common.conf /etc/javascript-common/
LOGIN="2000_roundcube"
LOGIN="0000_roundcube"
PASSWORD="`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..10)'`"
DESKEY="`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..24)'`"
@ -40,7 +40,6 @@ then
# Configuration template location
TEMPLATE_DIR="/etc/alternc/templates"
CONFIG_FILES="etc/roundcube/main.inc.php etc/roundcube/plugins/password/config.inc.php etc/roundcube/plugins/managesieve/config.inc.php"
LOGROTATE_FILES="etc/logrotate.d/roundcube-core"
cat > $SED_SCRIPT <<EOF
s\\%%ALTERNC_LOC%%\\$ALTERNC_LOC\\;
@ -62,14 +61,6 @@ EOF
echo " Done"
for file in $LOGROTATE_FILES; do
TEMPLATE="$TEMPLATE_DIR/${file##etc/}"
echo -n " $file"
if [ -f "$TEMPLATE" ]; then
cat $TEMPLATE > /$file
fi
done
echo " Done"
. /usr/lib/alternc/functions.sh
@ -99,10 +90,3 @@ EOF
fi
#This is necessary because upgrading roundcube from 7.1 to 7.2 changes this setting
if [ "$1" = "end" ]; then
chown alternc-roundcube:root /etc/roundcube/main.inc.php
fi

28
roundcube/templates/apache2/roundcube.conf
View File

@ -1,46 +1,46 @@
<VirtualHost *:80>
ServerName %%fqdn%%
AssignUserId alternc-roundcube nogroup
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
AssignUserId www-data www-data
SetEnv LOGIN "0000-roundcube"
DocumentRoot /var/lib/roundcube
# Access to tinymce files
<Directory "/usr/share/tinymce/www/">
# Access to tinymce files
<Directory "/usr/share/tinymce/www/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
</Directory>
</Directory>
<Directory /var/lib/roundcube/>
<Directory /var/lib/roundcube/>
Options +FollowSymLinks
# This is needed to parse /var/lib/roundcube/.htaccess. See its
# content before setting AllowOverride to None.
AllowOverride All
order allow,deny
allow from all
</Directory>
</Directory>
# Protecting basic directories:
<Directory /var/lib/roundcube/config>
# Protecting basic directories:
<Directory /var/lib/roundcube/config>
Options -FollowSymLinks
AllowOverride None
</Directory>
</Directory>
<Directory /var/lib/roundcube/temp>
<Directory /var/lib/roundcube/temp>
Options -FollowSymLinks
AllowOverride None
Order allow,deny
Deny from all
</Directory>
</Directory>
<Directory /var/lib/roundcube/logs>
<Directory /var/lib/roundcube/logs>
Options -FollowSymLinks
AllowOverride None
Order allow,deny
Deny from all
</Directory>
</Directory>
Alias /javascript /usr/share/javascript/

15
roundcube/templates/logrotate.d/roundcube-core
View File

@ -1,15 +0,0 @@
######
# Configuration file of Roundcube's logrotate for AlternC
#
# /!\ WARNING /!\ Do not edit this file, edit the one in
# /etc/alternc/templates/logrotate.d/ and launch alternc.install again.
######
/var/log/roundcube/password /var/log/roundcube/errors /var/log/roundcube/sendmail /var/log/roundcube/userlogins {
create 0640 alternc-roundcube root
compress
missingok
notifempty
rotate 52
weekly
}