mirror of
https://github.com/lrsjng/h5ai.git
synced 2025-05-25 12:34:47 -04:00
Remove server side file manipulation extensions.
This commit is contained in:
Lars Jung
parent
c9d938934b
commit
1e15c9fb9c
1 changed files with 0 additions and 77 deletions
|
|
@ -130,81 +130,4 @@ class Api {
|
||||||
json_fail(2, "packaging failed", $rc !== 0);
|
json_fail(2, "packaging failed", $rc !== 0);
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private function on_upload() {
|
|
||||||
|
|
||||||
$href = use_request_param("href");
|
|
||||||
|
|
||||||
json_fail(1, "wrong HTTP method", strtolower($_SERVER["REQUEST_METHOD"]) !== "post");
|
|
||||||
json_fail(2, "something went wrong", !array_key_exists("userfile", $_FILES));
|
|
||||||
|
|
||||||
$userfile = $_FILES["userfile"];
|
|
||||||
|
|
||||||
json_fail(3, "something went wrong [" . $userfile["error"] . "]", $userfile["error"] !== 0);
|
|
||||||
json_fail(4, "folders not supported", file_get_contents($userfile["tmp_name"]) === "null");
|
|
||||||
|
|
||||||
$upload_dir = $this->app->to_path($href);
|
|
||||||
|
|
||||||
json_fail(5, "upload dir no h5ai folder or ignored", !$this->app->is_managed_url($href) || $this->app->is_ignored($upload_dir));
|
|
||||||
|
|
||||||
$dest = $upload_dir . "/" . utf8_encode($userfile["name"]);
|
|
||||||
|
|
||||||
json_fail(6, "already exists", file_exists($dest));
|
|
||||||
json_fail(7, "can't move uploaded file", !move_uploaded_file($userfile["tmp_name"], $dest));
|
|
||||||
json_exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
private function on_delete() {
|
|
||||||
|
|
||||||
json_fail(1, "deletion disabled", !$this->options["delete"]["enabled"]);
|
|
||||||
|
|
||||||
$hrefs = use_request_param("hrefs");
|
|
||||||
|
|
||||||
$hrefs = explode("|:|", trim($hrefs));
|
|
||||||
$errors = array();
|
|
||||||
|
|
||||||
foreach ($hrefs as $href) {
|
|
||||||
|
|
||||||
$d = normalize_path(dirname($href), true);
|
|
||||||
$n = basename($href);
|
|
||||||
|
|
||||||
if ($this->app->is_managed_url($href) && !$this->app->is_ignored($n)) {
|
|
||||||
|
|
||||||
$path = $this->app->to_path($href);
|
|
||||||
|
|
||||||
if (!delete_path($path, true)) {
|
|
||||||
$errors[] = $href;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
json_fail(2, "deletion failed for some", count($errors) > 0);
|
|
||||||
json_exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
private function on_rename() {
|
|
||||||
|
|
||||||
json_fail(1, "renaming disabled", !$this->options["rename"]["enabled"]);
|
|
||||||
|
|
||||||
$href = use_request_param("href");
|
|
||||||
$name = use_request_param("name");
|
|
||||||
|
|
||||||
$d = normalize_path(dirname($href), true);
|
|
||||||
$n = basename($href);
|
|
||||||
|
|
||||||
if ($this->app->is_managed_url($d) && !$this->app->is_ignored($n)) {
|
|
||||||
|
|
||||||
$path = $this->app->to_path($href);
|
|
||||||
$folder = normalize_path(dirname($path));
|
|
||||||
|
|
||||||
if (!rename($path, $folder . "/" . $name)) {
|
|
||||||
json_fail(2, "renaming failed");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
json_exit();
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue