Dragonfly CMS logo Server sponsored and hosted by
DedicatedNOW
CVS logo  
.:: Home :: Dev. Resources :: Forums ::.
Dragonfly CMS CVS Repository
 Location: / cvs / html / includes / classes / cpg_file.php
This is a web interface to the Dragonfly CMS CVS tree. You can browse the file hierarchy by picking directories. If you pick a file, you will see the revision history for that file.
Selecting a revision number will show that revision of the file. There are links at each revision to display diffs, annotate and download.
Note: Info about CVS and our commits can be found at our CVS Info Forum
File name: html/includes/classes/cpg_file.php
Revision : 10.1 (2 years 4 months 2 weeks 5 days 11 hours 45 minutes 57 seconds ago) by nanocaiordo
Changed : +8 -8 lines
Comment: Updated for E_STRICTs.


# Author Rev Line
1 djmaze 9.1 <?php
2 djmaze 9.1 /*********************************************
3 djmaze 9.27 CPG Dragonfly™ CMS
4 djmaze 9.1 ********************************************
5 nanocaio 9.39 Copyright © 2004 - 2007 by CPG-Nuke Dev Team
6 djmaze 9.32 http://dragonflycms.org
7 djmaze 9.1  
8 djmaze 9.1 Dragonfly is released under the terms and conditions
9 djmaze 9.1 of the GNU GPL version 2 or any later version
10 djmaze 9.1  
11 trevor 9.28 $Source: /cvs/html/includes/classes/cpg_file.php,v $
12 nanocaio 10.1 $Revision: 10.0 $
13 djmaze 10.0 $Author: djmaze $
14 nanocaio 10.1 $Date: 2010/11/05 01:03:15 $
15 djmaze 9.1 **********************************************/
16 djmaze 9.1  
17 djmaze 9.1 class CPG_File {
18 djmaze 9.1  
19 nanocaio 9.40 public function check_safe_mode($file) {
20 djmaze 9.27 if (ini_get('safe_mode')) {
21 djmaze 9.27 if (ini_get('safe_mode_include_dir')) {
22 djmaze 9.27 //SEE IF SAFE MODE IS SETUP CORRECTLY
23 djmaze 9.27 if (strpos(ini_get('safe_mode_include_dir'), dirname($file['tmp_name']))) {
24 djmaze 9.27 trigger_error('Safe mode is not setup properly, "'.dirname($file['tmp_name']).'" must be inside a path of the php config safe_mode_include_dir "'.ini_get('safe_mode_include_dir').'".');
25 nanocaio 9.37 //return false;
26 djmaze 9.27 }
27 djmaze 9.27 }
28 djmaze 9.27 }
29 nanocaio 9.37 //return true;
30 djmaze 9.1 /*
31 djmaze 9.27 global $cpgdebugger;
32 djmaze 9.27 if (isset($cpgdebugger->report[__FILE__])) {
33 djmaze 9.27 $last = count($cpgdebugger->report[$file])-1;
34 nanocaio 9.40 return false !== stripos($cpgdebugger->report[$file][$last], 'SAFE MODE Restriction');
35 djmaze 9.27 }
36 djmaze 9.27 return false;
37 djmaze 9.1 */
38 djmaze 9.27 }
39 djmaze 9.1  
40 nanocaio 10.1 public static function move_upload($file, $newfile) {
41 djmaze 9.27 if (!is_uploaded_file($file['tmp_name'])) {
42 djmaze 9.27 switch($file['error']) {
43 djmaze 9.27 case 1: //uploaded file exceeds the upload_max_filesize directive in php.ini
44 djmaze 9.27 trigger_error('The file you are trying to upload is too big.', E_USER_ERROR);
45 djmaze 9.27 case 2: //uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the html form
46 djmaze 9.27 trigger_error('The file you are trying to upload is too big.', E_USER_ERROR);
47 djmaze 9.27 case 3: //uploaded file was only partially uploaded
48 djmaze 9.27 trigger_error('The file you are trying upload was only partially uploaded.', E_USER_ERROR);
49 djmaze 9.27 case 4: //no file was uploaded
50 djmaze 9.27 trigger_error('No file was uploaded.', E_USER_WARNING);
51 djmaze 9.43 case 6: //introduced in 4.3.10 and 5.0.3
52 nanocaio 9.35 trigger_error('Missing a temporary folder.', E_USER_ERROR);
53 nanocaio 9.35 case 7: //introduced in 5.1.0
54 nanocaio 9.35 trigger_error('Failed to write file to disk.', E_USER_ERROR);
55 djmaze 9.27 break;
56 djmaze 9.43 case 8: //introduced in 5.2.0
57 djmaze 9.43 trigger_error('File upload stopped by extension.', E_USER_ERROR);
58 nanocaio 9.35 case 0: //no error, the file was uploaded with success
59 djmaze 9.27 default: //a default error, just in case! :)
60 djmaze 9.27 trigger_error('There was a problem with your upload.', E_USER_ERROR);
61 djmaze 9.27 break;
62 djmaze 9.27 }
63 djmaze 9.27 return false;
64 djmaze 9.27 }
65 djmaze 9.27 if (!CPG_File::analyze_path(dirname($newfile))) { return false; }
66 djmaze 9.27 if (!move_uploaded_file($file['tmp_name'], $newfile)) {
67 djmaze 9.27 if (!copy($file['tmp_name'], $newfile)) {
68 djmaze 9.27 trigger_error('Couldn\'t move the uploaded file.', E_USER_WARNING);
69 djmaze 9.27 return false;
70 djmaze 9.27 }
71 djmaze 9.27 }
72 djmaze 9.27 chmod($newfile, (PHP_AS_NOBODY ? 0666 : 0644));
73 djmaze 9.27 return true;
74 djmaze 9.27 }
75 djmaze 9.27  
76 nanocaio 10.1 public static function write($filename, &$content, $mode='wb') {
77 djmaze 9.27 if (!CPG_File::analyze_path(dirname($filename))) { return false; }
78 djmaze 9.27 if (!$fp = fopen($filename, $mode)) {
79 djmaze 9.27 trigger_error("Cannot open file ($filename)", E_USER_WARNING);
80 djmaze 9.27 return false;
81 djmaze 9.27 }
82 djmaze 9.27 flock($fp, LOCK_EX);
83 djmaze 9.27 $bytes_written = fwrite($fp, $content);
84 djmaze 9.27 flock($fp, LOCK_UN);
85 djmaze 9.27 fclose($fp);
86 djmaze 9.27 if ($bytes_written === FALSE) {
87 djmaze 9.27 unlink($filename);
88 djmaze 9.27 trigger_error("Cannot write to file ($filename)", E_USER_WARNING);
89 djmaze 9.27 return false;
90 djmaze 9.27 }
91 djmaze 9.27 chmod($filename, (PHP_AS_NOBODY ? 0666 : 0644));
92 djmaze 9.27 return $bytes_written;
93 djmaze 9.27 }
94 djmaze 9.27  
95 nanocaio 10.1 public static function copy_special($oldfile, $newfile) {
96 djmaze 9.27 if (!CPG_File::analyze_path(dirname($newfile))) { return false; }
97 djmaze 9.27 if (!($of = fopen($oldfile, 'rb'))) {
98 djmaze 9.27 return false;
99 djmaze 9.27 }
100 djmaze 9.27 if (!($nf = fopen($newfile, 'wb'))) {
101 djmaze 9.27 fclose($of);
102 djmaze 9.27 return false;
103 djmaze 9.27 }
104 djmaze 9.27 while (!feof($of)) {
105 djmaze 9.27 if (fwrite($fp, fread($of, 2048)) === FALSE) {
106 djmaze 9.27 fclose($of);
107 djmaze 9.27 fclose($fp);
108 djmaze 9.27 return false;
109 djmaze 9.27 }
110 djmaze 9.27 }
111 djmaze 9.27 fclose($of);
112 djmaze 9.27 fclose($fp);
113 djmaze 9.27 chmod($newfile, (PHP_AS_NOBODY ? 0666 : 0644));
114 djmaze 9.27 return true;
115 djmaze 9.27 }
116 djmaze 9.27  
117 nanocaio 10.1 public static function secure_download(&$error, $filename, $realname='') {
118 djmaze 9.27 $chunksize = (2048); // how many bytes per chunk
119 djmaze 9.27 if (empty($realname)) { $realname = $filename; }
120 djmaze 9.36 if (strpos($filename,'://')) {
121 djmaze 9.27 // send remote file
122 djmaze 9.27 $rdf = parse_url($filename);
123 djmaze 9.27 if (!isset($rdf['host'])) return false;
124 djmaze 9.27 if (!isset($rdf['port'])) $rdf['port'] = 80;
125 djmaze 9.27 if (!isset($rdf['query'])) $rdf['query'] = '';
126 djmaze 9.27 $fp = fsockopen($rdf['host'], $rdf['port'], $errno, $errstr, 15);
127 djmaze 9.27 if ($fp === false) {
128 djmaze 9.27 $error = "$errno: $errstr";
129 djmaze 9.27 trigger_error($error, E_USER_WARNING);
130 djmaze 9.27 return false;
131 djmaze 9.27 }
132 djmaze 9.27 fputs($fp, 'GET ' . $rdf['path'] . $rdf['query'] . " HTTP/1.0\r\n");
133 nanocaio 9.41 fputs($fp, 'User-Agent: Dragonfly Passthru ('.URL::index('credits', true, true).")\r\n");
134 nanocaio 9.42 fputs($fp, 'Referer: ' . URL::uri() ."\r\n");
135 djmaze 9.27 fputs($fp, 'HOST: ' . $rdf['host'] . "\r\n\r\n");
136 djmaze 9.27 $data = rtrim(fgets($fp, 512));
137 nanocaio 9.40 if (false === strpos($data, ' 200 OK')) {
138 djmaze 9.27 $error = $data;
139 djmaze 9.27 trigger_error($data, E_USER_WARNING);
140 djmaze 9.27 return false;
141 djmaze 9.27 }
142 djmaze 9.27 while (ob_end_clean());
143 djmaze 9.27 // Read all headers
144 djmaze 9.27 while (!empty($data)) {
145 djmaze 9.27 $data = rtrim(fgets($fp, 300)); // read lines
146 djmaze 9.43 if (preg_match('#(Content-Length|Content-Type|Last-Modified): #i', $data)) {
147 djmaze 9.27 header($data);
148 djmaze 9.27 }
149 djmaze 9.27 }
150 djmaze 9.27 } else {
151 nanocaio 9.40 if (preg_match('#\.(\.|php$)#', $filename)) {
152 trevor 9.31 $error = "$filename isn't allowed to be downloaded";
153 djmaze 9.27 trigger_error($error, E_USER_WARNING);
154 djmaze 9.27 return false;
155 djmaze 9.27 }
156 djmaze 9.27 if (!($fp = fopen($filename, 'rb'))) {
157 trevor 9.31 $error = "$filename could not be opened";
158 djmaze 9.27 trigger_error($error, E_USER_WARNING);
159 djmaze 9.27 return false;
160 djmaze 9.27 }
161 djmaze 9.27 while (ob_end_clean());
162 djmaze 9.27 $mimetype = ($img = getimagesize($filename)) ? $img['mime'] : '';
163 djmaze 9.27 // send local file
164 djmaze 9.27 if (!strstr($mimetype, 'image')) {
165 djmaze 9.27 $ext = explode('.', $realname);
166 djmaze 9.27 $ext = strtolower(array_pop($ext));
167 djmaze 9.27 if ($ext == 'bz2') { $mimetype = 'application/bzip2'; }
168 djmaze 9.27 elseif ($ext == 'gz' || $ext == 'tgz') { $mimetype = 'application/x-gzip'; }
169 djmaze 9.27 elseif ($ext == 'gtar') { $mimetype = 'application/x-gtar'; }
170 djmaze 9.27 elseif ($ext == 'tar') { $mimetype = 'application/x-tar'; }
171 djmaze 9.27 elseif ($ext == 'zip') { $mimetype = 'application/zip'; }
172 djmaze 9.33 elseif ($ext == 'wma') { $mimetype = 'audio/x-ms-wma'; }
173 djmaze 9.33 elseif ($ext == 'wmv') { $mimetype = 'video/x-ms-wmv'; }
174 nanocaio 9.40 else { $mimetype = 'application/octet'.(preg_match('#(Opera|compatible; MSIE)#', $_SERVER['HTTP_USER_AGENT']) ? 'stream' : '-stream'); }
175 djmaze 9.27 }
176 djmaze 9.27 // header('Content-Type: "'.mime_content_type(basename($realname)).'"'); // PHP >= 4.3.0
177 djmaze 9.27 header('Content-Type: '.$mimetype.'; name="'.basename($realname).'"');
178 djmaze 9.27 header('Content-Length: '.filesize($filename));
179 djmaze 9.27 }
180 djmaze 9.27 header('Content-Encoding:');
181 djmaze 9.27 // header('Content-Disposition: inline; filename="'.basename($realname).'"');
182 djmaze 9.27 header('Content-Disposition: attachment; filename="'.basename($realname).'"');
183 djmaze 9.30 set_time_limit(0);
184 djmaze 9.30 while (!feof($fp)) { print fread($fp, $chunksize); }
185 djmaze 9.27 return fclose($fp);
186 djmaze 9.27 }
187 djmaze 9.27  
188 nanocaio 10.1 public static function analyze_path($path) {
189 djmaze 9.27 if (empty($path)) return false;
190 djmaze 9.27 if ($path[0] == '.') { $path = substr($path, 1); }
191 djmaze 9.27 if ($path[0] == '.') { $path = substr($path, 1); }
192 djmaze 9.27 if ($path[0] == '/') { $path = substr($path, 1); }
193 nanocaio 9.40 $parts = (false !== strpos($path, '/') ? explode('/', $path) : array($path));
194 djmaze 9.27 $npath = '';
195 djmaze 9.27 while ($dir = array_shift($parts)) {
196 djmaze 9.27 $npath .= "$dir/";
197 djmaze 9.27 if (!is_dir($npath)) {
198 djmaze 9.27 if (!mkdir($npath, (PHP_AS_NOBODY ? 0777 : 0755))) {
199 djmaze 9.27 trigger_error("Couldn't create $npath for $path", E_USER_WARNING);
200 djmaze 9.27 return false;
201 djmaze 9.27 }
202 djmaze 9.27 }
203 djmaze 9.27 }
204 djmaze 9.27 return true;
205 djmaze 9.27 }
206 djmaze 9.27  
207 nanocaio 10.1 public static function analyze_system() {
208 djmaze 9.27 $disabled = ini_get('disable_functions'); // string
209 nanocaio 9.40 $analized['set_time_limit'] = false === strpos($disabled, 'set_time_limit');
210 nanocaio 9.40 $analized['fsockopen'] = false === strpos($disabled, 'fsockopen');
211 nanocaio 9.40 $analized['fopen'] = false === strpos($disabled, 'fopen');
212 djmaze 9.27 $analized['url_fopen'] = ini_get('allow_url_fopen'); // 0 or 1
213 djmaze 9.27  
214 djmaze 9.27 $analized['upload']['active'] = ini_get('file_uploads'); // 0 or 1
215 djmaze 9.27 $analized['upload']['tmp_dir'] = ini_get('upload_tmp_dir'); // String, if empty it uses system default
216 djmaze 9.27 $analized['upload']['max'] = ini_get('upload_max_filesize'); // String, default = 2M
217 djmaze 9.27 $analized['safe_mode']['active'] = ini_get('safe_mode'); // 0 or 1, UID compare
218 djmaze 9.27 $analized['safe_mode']['gid'] = ini_get('safe_mode_gid'); // 0 or 1, GID compare i/o UID
219 djmaze 9.27 $analized['safe_mode']['include_dir'] = ini_get('safe_mode_include_dir'); // String
220 djmaze 9.27 $analized['safe_mode']['exec_dir'] = ini_get('safe_mode_exec_dir'); // String
221 djmaze 9.27 $analized['enable_dl'] = ini_get('enable_dl'); // 0 or 1, dl('php_mime_magic.dll');
222 djmaze 9.27 $analized['open_basedir'] = ini_get('open_basedir'); // NULL or String
223 djmaze 9.1 /*
224 djmaze 9.27 max_execution_time = 30 ; Maximum execution time of each script, in seconds
225 djmaze 9.27 max_input_time = 60 ; Maximum amount of time each script may spend parsing request data
226 djmaze 9.27 memory_limit = 8M ; Maximum amount of memory a script may consume (8MB)
227 djmaze 9.1 */
228 djmaze 9.27 return $analized;
229 djmaze 9.27 }
230 djmaze 9.1 }


Code Credits - Privacy Policy