From 1e15c9fb9c73a7be33780c1263a2654604b10931 Mon Sep 17 00:00:00 2001
From: Lars Jung <lrsjng@gmail.com>
Date: Sun, 8 Jun 2014 22:33:51 +0200
Subject: [PATCH] Remove server side file manipulation extensions.

---
 src/_h5ai/server/php/inc/class-api.php | 77 --------------------------
 1 file changed, 77 deletions(-)

diff --git a/src/_h5ai/server/php/inc/class-api.php b/src/_h5ai/server/php/inc/class-api.php
index 2313851f..3e6a41e2 100644
--- a/src/_h5ai/server/php/inc/class-api.php
+++ b/src/_h5ai/server/php/inc/class-api.php
@@ -130,81 +130,4 @@ class Api {
 		json_fail(2, "packaging failed", $rc !== 0);
 		exit;
 	}
-
-
-	private function on_upload() {
-
-		$href = use_request_param("href");
-
-		json_fail(1, "wrong HTTP method", strtolower($_SERVER["REQUEST_METHOD"]) !== "post");
-		json_fail(2, "something went wrong", !array_key_exists("userfile", $_FILES));
-
-		$userfile = $_FILES["userfile"];
-
-		json_fail(3, "something went wrong [" . $userfile["error"] . "]", $userfile["error"] !== 0);
-		json_fail(4, "folders not supported", file_get_contents($userfile["tmp_name"]) === "null");
-
-		$upload_dir = $this->app->to_path($href);
-
-		json_fail(5, "upload dir no h5ai folder or ignored", !$this->app->is_managed_url($href) || $this->app->is_ignored($upload_dir));
-
-		$dest = $upload_dir . "/" . utf8_encode($userfile["name"]);
-
-		json_fail(6, "already exists", file_exists($dest));
-		json_fail(7, "can't move uploaded file", !move_uploaded_file($userfile["tmp_name"], $dest));
-		json_exit();
-	}
-
-
-	private function on_delete() {
-
-		json_fail(1, "deletion disabled", !$this->options["delete"]["enabled"]);
-
-		$hrefs = use_request_param("hrefs");
-
-		$hrefs = explode("|:|", trim($hrefs));
-		$errors = array();
-
-		foreach ($hrefs as $href) {
-
-			$d = normalize_path(dirname($href), true);
-			$n = basename($href);
-
-			if ($this->app->is_managed_url($href) && !$this->app->is_ignored($n)) {
-
-				$path = $this->app->to_path($href);
-
-				if (!delete_path($path, true)) {
-					$errors[] = $href;
-				}
-			}
-		}
-
-		json_fail(2, "deletion failed for some", count($errors) > 0);
-		json_exit();
-	}
-
-
-	private function on_rename() {
-
-		json_fail(1, "renaming disabled", !$this->options["rename"]["enabled"]);
-
-		$href = use_request_param("href");
-		$name = use_request_param("name");
-
-		$d = normalize_path(dirname($href), true);
-		$n = basename($href);
-
-		if ($this->app->is_managed_url($d) && !$this->app->is_ignored($n)) {
-
-			$path = $this->app->to_path($href);
-			$folder = normalize_path(dirname($path));
-
-			if (!rename($path, $folder . "/" . $name)) {
-				json_fail(2, "renaming failed");
-			}
-		}
-
-		json_exit();
-	}
 }