本文整理汇总了PHP中HasScriptExtension函数的典型用法代码示例。如果您正苦于以下问题:PHP HasScriptExtension函数的具体用法?PHP HasScriptExtension怎么用?PHP HasScriptExtension使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了HasScriptExtension函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: CheckRights
function CheckRights($method, $strong, &$path)
{
$result = true;
if (!parent::CheckRights($method)) {
$result = false;
$GLOBALS["APPLICATION"]->ThrowException(GetMessage('WD_ACCESS_DENIED'), 'ACCESS_DENIED');
} elseif ($path != '') {
$io = CBXVirtualIo::GetInstance();
$path = $io->CombinePath($this->_udecode($path));
$strFileName = GetFileName($path);
$extention = "." . strtolower(GetFileExtension($strFileName));
if (in_array($method, array("COPY", "MOVE", "PUT"))) {
if (!$GLOBALS["USER"]->IsAdmin() && HasScriptExtension($strFileName)) {
$result = false;
$GLOBALS['APPLICATION']->ThrowException(GetMessage("WD_FILE_ERROR13"), "FORBIDDEN_EXTENTION");
} elseif (IsFileUnsafe($strFileName) || $strFileName == "index.php") {
$result = false;
$GLOBALS['APPLICATION']->ThrowException(GetMessage("WD_FILE_ERROR14"), "FORBIDDEN_NAME");
} elseif (!$io->ValidatePathString($io->CombinePath("/", $path)) || !$io->ValidateFilenameString($strFileName)) {
$result = false;
$GLOBALS['APPLICATION']->ThrowException(GetMessage("WD_FILE_ERROR14"), "FORBIDDEN_NAME");
} elseif (in_array($extention, $this->arFileForbiddenExtentions["WRITE"])) {
$result = false;
$GLOBALS['APPLICATION']->ThrowException(GetMessage("WD_FILE_ERROR13"), "FORBIDDEN_EXTENTION");
}
} elseif (in_array($extention, $this->arFileForbiddenExtentions["READ"])) {
$result = false;
$GLOBALS["APPLICATION"]->ThrowException(GetMessage('WD_ACCESS_DENIED'), 'ACCESS_DENIED');
}
}
return $result;
}示例2: GetFileContent
public static function GetFileContent($did, $fname, $wf_path = "", $site = false)
{
$err_mess = CAllWorkflow::err_mess() . "<br>Function: GetFileContent<br>Line: ";
global $DB, $APPLICATION, $USER;
$did = intval($did);
// check if executable
if ($USER->IsAdmin() || CBXVirtualIoFileSystem::ValidatePathString($fname) && !HasScriptExtension($fname)) {
if ($did > 0) {
// check if it is associated wtih document
$z = CWorkflow::GetFileByID($did, $fname);
// found one
if ($zr = $z->Fetch()) {
// get it's contents
$path = CWorkflow::GetTempDir() . $zr["TEMP_FILENAME"];
if (file_exists($path)) {
return $APPLICATION->GetFileContent($path);
}
} else {
// lookup in database
$strSql = "SELECT FILENAME, SITE_ID FROM b_workflow_document WHERE ID='{$did}'";
$y = $DB->Query($strSql, false, $err_mess . __LINE__);
// found
if ($yr = $y->Fetch()) {
// get it's directory
$path = GetDirPath($yr["FILENAME"]);
// absolute path
$pathto = Rel2Abs($path, $fname);
$DOC_ROOT = CSite::GetSiteDocRoot($yr["SITE_ID"]);
$path = $DOC_ROOT . $pathto;
// give it another try
$u = CWorkflow::GetFileByID($did, $pathto);
// found
if ($ur = $u->Fetch()) {
// get it's contents
$path = CWorkflow::GetTempDir() . $ur["TEMP_FILENAME"];
if (file_exists($path)) {
return $APPLICATION->GetFileContent($path);
}
} elseif (file_exists($path)) {
// get it's contents
if ($USER->CanDoFileOperation('fm_view_file', array($yr["SITE_ID"], $pathto))) {
return $APPLICATION->GetFileContent($path);
}
}
}
}
}
$DOC_ROOT = CSite::GetSiteDocRoot($site);
// new one
if (strlen($wf_path) > 0) {
$pathto = Rel2Abs($wf_path, $fname);
$path = $DOC_ROOT . $pathto;
if (file_exists($path)) {
// get it's contents
if ($USER->CanDoFileOperation('fm_view_file', array($site, $pathto))) {
$src = $APPLICATION->GetFileContent($path);
return $src;
}
}
}
// still failed to find
// get path
$path = $DOC_ROOT . $fname;
if (file_exists($path)) {
// get it's contents
if ($USER->CanDoFileOperation('fm_view_file', array($site, $fname))) {
return $APPLICATION->GetFileContent($path);
}
}
} else {
return GetMessage("FLOW_ACCESS_DENIED_PHP_VIEW");
}
}示例3: _extractFile
private function _extractFile(&$arEntry, $path, $removePath, $removeAllPath, &$arParams)
{
if (($res = $this->_readFileHeader($header)) != 1) {
return $res;
}
//to be checked: file header should be coherent with $arEntry info
$arEntry["filename"] = CharsetConverter::ConvertCharset($arEntry["filename"], "cp866", $this->fileSystemEncoding);
$arEntry["stored_filename"] = CharsetConverter::ConvertCharset($arEntry["stored_filename"], "cp866", $this->fileSystemEncoding);
//protecting against ../ etc in file path
//only absolute path should be in the $arEntry
$arEntry['filename'] = _normalizePath($arEntry['filename']);
$arEntry['stored_filename'] = _normalizePath($arEntry['stored_filename']);
if ($removeAllPath == true) {
$arEntry['filename'] = basename($arEntry['filename']);
} else {
if ($removePath != "") {
if ($this->_containsPath($removePath, $arEntry['filename']) == 2) {
//change file status
$arEntry['status'] = "filtered";
return $res;
}
$removePath_size = strlen($removePath);
if (substr($arEntry['filename'], 0, $removePath_size) == $removePath) {
//remove path
$arEntry['filename'] = substr($arEntry['filename'], $removePath_size);
}
}
}
//making absolute path to the extracted file out of filename stored in the zip header and passed extracting path
if ($path != '') {
$arEntry['filename'] = $path . "/" . $arEntry['filename'];
}
//pre-extract callback
if (isset($arParams['callback_pre_extract']) && $arParams['callback_pre_extract'] != '') {
//generate local info
$arLocalHeader = array();
$this->_convertHeader2FileInfo($arEntry, $arLocalHeader);
//callback call
eval('$res = ' . $arParams['callback_pre_extract'] . '(\'callback_pre_extract\', $arLocalHeader);');
//change file status
if ($res == 0) {
$arEntry['status'] = "skipped";
$res = 1;
}
//update the info, only some fields can be modified
$arEntry['filename'] = $arLocalHeader['filename'];
}
//check if extraction should be done
if ($arEntry['status'] == 'ok') {
$logicalFilename = $this->io->GetLogicalName($arEntry['filename']);
if ((HasScriptExtension($arEntry['filename']) || IsFileUnsafe($arEntry['filename']) || !$this->io->ValidatePathString($logicalFilename) || !$this->io->ValidateFilenameString(GetFileName($logicalFilename))) && $this->checkBXPermissions == true) {
$arEntry['status'] = "no_permissions";
} else {
//if the file exists, change status
if (file_exists($arEntry['filename'])) {
if (is_dir($arEntry['filename'])) {
$arEntry['status'] = "already_a_directory";
} else {
if (!is_writeable($arEntry['filename'])) {
$arEntry['status'] = "write_protected";
} else {
if (filemtime($arEntry['filename']) > $arEntry['mtime'] && !$this->replaceExistentFiles) {
$arEntry['status'] = "newer_exist";
}
}
}
} else {
//check the directory availability and create it if necessary
if (($arEntry['external'] & 0x10) == 0x10 || substr($arEntry['filename'], -1) == '/') {
$checkDir = $arEntry['filename'];
} else {
if (!strstr($arEntry['filename'], "/")) {
$checkDir = "";
} else {
$checkDir = dirname($arEntry['filename']);
}
}
if (($res = $this->_checkDir($checkDir, ($arEntry['external'] & 0x10) == 0x10)) != 1) {
//change file status
$arEntry['status'] = "path_creation_fail";
//return $res;
$res = 1;
}
}
}
}
//check if extraction should be done
if ($arEntry['status'] == 'ok') {
//if not a folder - extract
if (!(($arEntry['external'] & 0x10) == 0x10)) {
//if zip file with 0 compression
if ($arEntry['compression'] == 0 && $arEntry['compressed_size'] == $arEntry['size']) {
if (($destFile = @fopen($arEntry['filename'], 'wb')) == 0) {
$arEntry['status'] = "write_error";
return $res;
}
//reading the fileby by self::ReadBlockSize octets blocks
$size = $arEntry['compressed_size'];
while ($size != 0) {
$length = $size < self::ReadBlockSize ? $size : self::ReadBlockSize;
//.........这里部分代码省略.........
示例4: BaseCheckFields
function BaseCheckFields($val)
{
$arErrors = array();
if (!is_array($val)) {
$val = array();
}
// Check uploaded file
if ($val["B_NEW_FILE"] != "N" && isset($val["FILE"])) {
if ($val["FILE"]["error"] == 1 || $val["FILE"]["error"] == 2) {
$arErrors[] = GetMessage("IBLOCK_PROP_VIDEO_SIZE_ERROR", array('#FILE_NAME#' => $pathto)) . "\n";
}
if (strlen($val["FILE"]["tmp_name"]) > 0) {
$name = $val["FILE"]["name"];
$name = preg_replace("/[^a-zA-Z0-9_:\\.]/is", "_", $name);
$ext = GetFileExtension($name);
if (strlen($ext) == 0 || HasScriptExtension($name) || substr($name, 0, 1) == ".") {
$arErrors[] = GetMessage("IBLOCK_PROP_VIDEO_INCORRECT_EXT", array("#EXT#" => strtoupper($ext)));
} elseif (!is_uploaded_file($val["FILE"]["tmp_name"])) {
$arErrors[] = GetMessage("IBLOCK_PROP_VIDEO_UPLOAD_ERROR");
} else {
$quota = new CDiskQuota();
if (!$quota->checkDiskQuota(array("FILE_SIZE" => $val["FILE"]["size"]))) {
$arErrors[] = GetMessage("IBLOCK_PROP_VIDEO_QUOTE_ERROR") . "\n";
}
}
}
}
return $arErrors;
}示例5: CheckFields
//.........这里部分代码省略.........
break;
}
}
$bError = $bCount <= 0;
}
}
if ($arProperty["IS_REQUIRED"] == "Y" && $arProperty['PROPERTY_TYPE'] != 'F') {
$len = 0;
foreach ($property_values as $key2 => $property_value) {
if (array_key_exists("GetLength", $arUserType)) {
$len += call_user_func_array($arUserType["GetLength"], array($arProperty, array("VALUE" => $property_value)));
} else {
$len += strlen($property_value);
}
if ($len > 0) {
break;
}
}
$bError = $len <= 0;
}
if ($bError) {
$this->LAST_ERROR .= GetMessage("IBLOCK_BAD_PROPERTY", array("#PROPERTY#" => $arProperty["NAME"])) . "<br>";
}
// check file properties for correctness
if ($arProperty['PROPERTY_TYPE'] == 'F') {
$bImageOnly = False;
$arImageExtentions = explode(",", strtoupper(CFile::GetImageExtensions()));
if (strlen($arProperty["FILE_TYPE"])) {
$bImageOnly = True;
$arAvailTypes = explode(",", strtoupper($arProperty["FILE_TYPE"]));
foreach ($arAvailTypes as $avail_type) {
if (!in_array(trim($avail_type), $arImageExtentions)) {
$bImageOnly = False;
break;
}
}
}
foreach ($property_values as $key2 => $property_value) {
if (!is_array($property_value) && intval($property_value) > 0 && intval($arFields["WF_PARENT_ELEMENT_ID"]) > 0) {
if (CIBlockElement::DeleteFile($property_value, $ID, "PROPERTY", intval($arFields["WF_PARENT_ELEMENT_ID"]), $arFields["IBLOCK_ID"], true) <= 0) {
$this->LAST_ERROR .= GetMessage("IBLOCK_ERR_FILE_PROPERTY") . "<br>";
}
} elseif (is_array($property_value)) {
if (is_object($property_value["bucket"])) {
//This is trusted image from xml import
$error = "";
} else {
if ($bImageOnly) {
$error = CFile::CheckImageFile($property_value);
} else {
$error = CFile::CheckFile($property_value, 0, false, $arProperty["FILE_TYPE"]);
}
}
//For user without edit php permissions
//we allow only pictures upload
if (!is_object($USER) || !$USER->IsAdmin()) {
if (HasScriptExtension($property_value["name"])) {
$error = GetMessage("FILE_BAD_TYPE") . " (" . $property_value["name"] . ").";
}
}
if (strlen($error) > 0) {
$this->LAST_ERROR .= $error . "<br>";
}
}
}
}
}
}
$APPLICATION->ResetException();
if ($ID === false) {
$db_events = GetModuleEvents("iblock", "OnBeforeIBlockElementAdd", true);
} else {
$arFields["ID"] = $ID;
$db_events = GetModuleEvents("iblock", "OnBeforeIBlockElementUpdate", true);
}
foreach ($db_events as $arEvent) {
$bEventRes = ExecuteModuleEventEx($arEvent, array(&$arFields));
if ($bEventRes === false) {
if ($err = $APPLICATION->GetException()) {
$this->LAST_ERROR .= $err->GetString() . "<br>";
} else {
$APPLICATION->ThrowException("Unknown error");
$this->LAST_ERROR .= "Unknown error.<br>";
}
break;
}
}
/****************************** QUOTA ******************************/
if ($bCheckDiskQuota && empty($this->LAST_ERROR) && COption::GetOptionInt("main", "disk_space") > 0) {
$quota = new CDiskQuota();
if (!$quota->checkDiskQuota($arFields)) {
$this->LAST_ERROR = $quota->LAST_ERROR;
}
}
/****************************** QUOTA ******************************/
if (!empty($this->LAST_ERROR)) {
return false;
}
return true;
}示例6: UploadFile
function UploadFile($Params)
{
$buffer = 'parent.oWaitWindow.Hide();';
$F = $Params['file'];
$io = CBXVirtualIo::GetInstance();
if (isset($F["tmp_name"]) && strlen($F["tmp_name"]) > 0 && strlen($F["name"]) > 0 || is_uploaded_file($F["tmp_name"])) {
global $APPLICATION, $USER;
$strWarning = '';
$filename = $Params['filename'];
$path = $Params['path'];
$site = $Params['site'];
$upload_and_open = $Params['upload_and_open'];
$rootPath = CSite::GetSiteDocRoot($site);
if ($filename == '') {
$filename = $F["name"];
}
$pathto = Rel2Abs($path, $filename);
if (strlen($filename) > 0 && ($mess = self::CheckFileName($filename)) !== true) {
$strWarning = $mess;
}
if ($strWarning == '') {
$fn = $io->ExtractNameFromPath($pathto);
if ($APPLICATION->GetFileAccessPermission(array($site, $pathto)) > "R" && ($USER->IsAdmin() || !HasScriptExtension($fn) && substr($fn, 0, 1) != "." && $io->ValidateFilenameString($fn))) {
if (!$io->FileExists($rootPath . $pathto) || $_REQUEST["rewrite"] == "Y") {
//************************** Quota **************************//
$bQuota = true;
if (COption::GetOptionInt("main", "disk_space") > 0) {
$bQuota = false;
$quota = new CDiskQuota();
if ($quota->checkDiskQuota(array("FILE_SIZE" => filesize($F["tmp_name"])))) {
$bQuota = true;
}
}
//************************** Quota **************************//
if ($bQuota) {
$io->Copy($F["tmp_name"], $rootPath . $pathto);
$flTmp = $io->GetFile($rootPath . $pathto);
$flTmp->MarkWritable();
if (COption::GetOptionInt("main", "disk_space") > 0) {
CDiskQuota::updateDiskQuota("file", $flTmp->GetFileSize(), "copy");
}
$buffer = 'setTimeout(function(){parent.oBXDialogControls.Uploader.OnAfterUpload("' . $filename . '", ' . ($upload_and_open == "Y" ? 'true' : 'false') . ');}, 50);';
} else {
$strWarning = $quota->LAST_ERROR;
}
} else {
$strWarning = GetMessage("FD_LOAD_EXIST_ALERT");
}
} else {
$strWarning = GetMessage("FD_LOAD_DENY_ALERT");
}
}
} else {
$strWarning = GetMessage("FD_LOAD_ERROR_ALERT");
}
if ($strWarning != '') {
$buffer = 'alert("' . addslashes(htmlspecialcharsex($strWarning)) . '");';
}
return '<script>' . $buffer . '</script>';
}示例7: CopyEx
function CopyEx($path_from, $path_to, $bDeleteAfterCopy = false, $bOverride = false)
{
global $APPLICATION, $USER;
CMain::InitPathVars($site_from, $path_from);
$DOC_ROOT_FROM = CSite::GetSiteDocRoot($site_from);
CMain::InitPathVars($site_to, $path_to);
$DOC_ROOT_TO = CSite::GetSiteDocRoot($site_to);
$strWarning = '';
//check: if we copy to the same directory
if (strpos($DOC_ROOT_TO . $path_to . "/", $DOC_ROOT_FROM . $path_from . "/") === 0) {
return GetMessage("FILEMAN_LIB_BAD_FOLDER") . ": \"" . $path_from . "\".\n";
}
$io = CBXVirtualIo::GetInstance();
if ($io->DirectoryExists($DOC_ROOT_FROM . $path_from)) {
// Minimal access - read/listing for copying files
if (!$USER->CanDoFileOperation('fm_view_listing', array($site_from, $path_from))) {
return GetMessage("FILEMAN_FILEMAN_FOLDER_READ_DENY") . " \"" . $path_from . "\".\n";
}
if ($bDeleteAfterCopy && !$USER->CanDoFileOperation('fm_delete_folder', array($site_from, $path_from))) {
return GetMessage("FILEMAN_FILEMAN_FOLDER_DEL_DENY") . " \"" . $path_from . "\".\n";
}
//Check: folder exist or not
$strWarTmp = CFileMan::CreateDir(array($site_to, $path_to));
if (strlen($strWarTmp) > 0) {
return $strWarTmp;
}
$APPLICATION->CopyFileAccessPermission(array($site_from, $path_from), array($site_to, $path_to));
} else {
// If we can write this file
if (!$USER->CanDoFileOperation('fm_create_new_file', array($site_to, $path_to))) {
return GetMessage("FILEMAN_FILEMAN_FILE_WRITE_DENY") . " \"" . $path_to . "\".\n";
}
// If we can't read source-file
if (!$USER->CanDoFileOperation('fm_view_file', array($site_from, $path_from))) {
return GetMessage("FILEMAN_FILEMAN_FILE_READ_DENY") . " \"" . $path_from . "\".\n";
}
// Copying php or system file without PHP or LPA access
if (!($USER->CanDoOperation('edit_php') || $USER->CanDoFileOperation('fm_lpa', $arPath) || !(HasScriptExtension($Elem["NAME"]) || substr($Elem["NAME"], 0, 1) == "."))) {
return GetMessage("FILEMAN_FILEMAN_FILE_READ_DENY") . " \"" . $path_from . "\".\n";
}
// If we can't move source-file
if ($bDeleteAfterCopy && !$USER->CanDoFileOperation('fm_delete_file', array($site_from, $path_from))) {
return GetMessage("FILEMAN_FILEMAN_FILE_DEL_DENY") . " \"" . $path_from . "\".\n";
}
//Check if folder already exist and trying to create if not
$p = strrpos($path_to, "/");
$path_to_dir = substr($path_to, 0, $p);
$strWarTmp = CFileMan::CreateDir(array($site_to, $path_to_dir));
if (strlen($strWarTmp) > 0) {
return $strWarTmp;
}
if ($io->FileExists($DOC_ROOT_TO . $path_to) || $io->DirectoryExists($DOC_ROOT_TO . $path_to)) {
if ($bOverride) {
$strWarn = CFileMan::DeleteEx(array($site_to, $path_to));
if ($strWarn != "") {
return $strWarn;
}
} else {
return GetMessage("FILEMAN_FILEMAN_FILE_WITH_NAME") . " \"" . $path_to . "\" " . GetMessage("FILEMAN_FILEMAN_ALREADY_EXISTS") . "!\n";
}
}
$APPLICATION->CopyFileAccessPermission(array($site_from, $path_from), array($site_to, $path_to));
//************************** Quota **************************//
if (COption::GetOptionInt("main", "disk_space") > 0) {
$f = $io->GetFile($DOC_ROOT_FROM . $path_from);
$size = $f->GetFileSize();
$quota = new CDiskQuota();
if (!$quota->checkDiskQuota(array("FILE_SIZE" => $size))) {
return $quota->LAST_ERROR;
}
}
//************************** Quota **************************//
// Copy file
if (DEBUG_FILE_MAN) {
echo "copy(" . $DOC_ROOT_FROM . $path_from . "," . $DOC_ROOT_TO . $path_to . ");<br>";
}
if (!$io->Copy($DOC_ROOT_FROM . $path_from, $DOC_ROOT_TO . $path_to)) {
$strWarning .= GetMessage('FILEMAN_COPY_ERROR', array('#PATH_FROM#' => htmlspecialcharsex($path_from), '#PATH_TO#' => htmlspecialcharsex($path_to)));
}
//************************** Quota **************************//
if (COption::GetOptionInt("main", "disk_space") > 0) {
$quota->updateDiskQuota("file", $size, "copy");
}
//************************** Quota **************************//
if (CModule::IncludeModule("search")) {
$site = CSite::GetSiteByFullPath($DOC_ROOT_TO . $path_to);
CSearch::ReIndexFile(array($site_to, $path_to), $site);
}
if ($bDeleteAfterCopy && strlen($strWarning) <= 0) {
// If was command "delete after copy"?
$strWarning .= CFileMan::DeleteFile(array($site_from, $path_from));
}
return $strWarning;
}
// Recursive
$d = $io->GetDirectory($DOC_ROOT_FROM . $path_from);
$arChildren = $d->GetChildren();
foreach ($arChildren as $child) {
$fn = $child->GetName();
if ($child->IsDirectory()) {
//.........这里部分代码省略.........
示例8: basename
}
$strFileName = "";
if (strlen($strErrorMessage) <= 0) {
$arOldSmile = false;
if ($ID > 0) {
$arOldSmile = CSocNetSmile::GetByID($ID);
}
if (is_set($_FILES, "IMAGE1") && strlen($_FILES["IMAGE1"]["name"]) > 0) {
$res = CFile::CheckImageFile($_FILES["IMAGE1"], 0, 0, 0);
if (strlen($res) > 0) {
$strErrorMessage .= $res . "\n";
} else {
$io = CBXVirtualIo::GetInstance();
$strFileName = basename($_FILES["IMAGE1"]["name"]);
$strFileExt = strrchr($_FILES["IMAGE1"]["name"], ".");
if (!$io->ValidateFilenameString($strFileName) || HasScriptExtension($strFileName)) {
$strErrorMessage .= GetMessage("FSE_ERROR_EXT") . ". \n";
}
}
if (strlen($strErrorMessage) <= 0) {
$strDirName = $_SERVER["DOCUMENT_ROOT"] . "/bitrix/images/socialnetwork/";
if ($SMILE_TYPE == "I") {
$strDirName .= "icon";
} else {
$strDirName .= "smile";
}
$strDirName .= "/";
CheckDirPath($strDirName);
if (file_exists($strDirName . $strFileName) && (!$arOldSmile || $arOldSmile["SMILE_TYPE"] != $SMILE_TYPE || $arOldSmile["IMAGE"] != $strFileName)) {
$strErrorMessage .= GetMessage("ERROR_EXISTS_IMAGE") . ". \n";
} else {示例9: Rel2Abs
$APPLICATION->AuthForm(GetMessage("ACCESS_DENIED"));
}
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/fileman/include.php";
$site = CFileMan::__CheckSite($site);
$DOC_ROOT = CSite::GetSiteDocRoot($site);
$strWarning = "";
$path = Rel2Abs("/", $path);
$arParsedPath = CFileMan::ParsePath($path);
$arPath = array($site, $path);
if ($type == "flash") {
$ext = "swf,fla";
} elseif ($type == "image") {
$ext = "gif,jpg,jpeg,bmp,png";
}
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_popup_admin.php";
if (!$USER->CanDoFileOperation('fm_download_file', $arPath) || HasScriptExtension($path)) {
ShowError($arParsedPath["HTML"] . '<br><br><img src="/bitrix/images/fileman/deny.gif" width="28" height="28" border="0" align="left" alt="">' . GetMessage("ACCESS_DENIED"));
} else {
CFileMan::GetDirList(array($site, $path), $arDirs, $arFiles, array("EXTENSIONS" => $ext, "MIN_PERMISSION" => "R"), array("name" => "asc"));
?>
<script>
<!--
function DoEvent(str)
{
try
{
eval("parent."+this.name+"_"+str);
}
catch(e){}
}
示例10: preg_replace
$DIR_NAME = $_SESSION["BX_CML2_IMPORT"]["TEMP_DIR"];
else
$DIR_NAME = $_SERVER["DOCUMENT_ROOT"]."/".COption::GetOptionString("main", "upload_dir", "upload")."/1c_catalog/";
if (
isset($_GET["filename"])
&& (strlen($_GET["filename"]) > 0)
&& (strlen($DIR_NAME) > 0)
)
{
//This check for 1c server on linux
$filename = preg_replace("#^(/tmp/|upload/1c/webdata)#", "", $_GET["filename"]);
$filename = trim(str_replace("\\", "/", trim($filename)), "/");
$io = CBXVirtualIo::GetInstance();
$bBadFile = HasScriptExtension($filename)
|| IsFileUnsafe($filename)
|| !$io->ValidatePathString("/".$filename)
;
if (!$bBadFile)
{
$FILE_NAME = rel2abs($DIR_NAME, "/".$filename);
if ((strlen($FILE_NAME) > 1) && ($FILE_NAME === "/".$filename))
{
$ABS_FILE_NAME = $DIR_NAME.$FILE_NAME;
$WORK_DIR_NAME = substr($ABS_FILE_NAME, 0, strrpos($ABS_FILE_NAME, "/")+1);
}
}
}
示例11: substr
case "OTR":
$delimiter_r_char = substr($delimiter_other_r, 0, 1);
break;
case "TZP":
$delimiter_r_char = ";";
break;
}
if (strlen($delimiter_r_char) != 1) {
$strError .= GetMessage("IBLOCK_ADM_EXP_NO_DELIMITER") . "<br>";
}
if (strlen($strError) <= 0) {
$csvFile->SetDelimiter($delimiter_r_char);
}
if (strlen($_REQUEST["DATA_FILE_NAME"]) <= 0) {
$strError .= GetMessage("IBLOCK_ADM_EXP_NO_FILE_NAME") . "<br>";
} elseif (preg_match('/[^a-zA-Z0-9\\s!#\\$%&\\(\\)\\[\\]\\{\\}+\\.;=@\\^_\\~\\/\\\\\\-]/i', $_REQUEST["DATA_FILE_NAME"]) || preg_match('/^[a-z]+:\\/\\//i', $_REQUEST["DATA_FILE_NAME"]) || HasScriptExtension($_REQUEST["DATA_FILE_NAME"])) {
$strError .= GetMessage("IBLOCK_ADM_EXP_FILE_NAME_ERROR") . "<br>";
} else {
$DATA_FILE_NAME = Rel2Abs("/", $_REQUEST["DATA_FILE_NAME"]);
if (strtolower(substr($DATA_FILE_NAME, strlen($DATA_FILE_NAME) - 4)) != ".csv") {
$DATA_FILE_NAME .= ".csv";
}
}
if (strlen($strError) <= 0) {
$fp = fopen($_SERVER["DOCUMENT_ROOT"] . $DATA_FILE_NAME, "w");
if (!is_resource($fp)) {
$strError .= GetMessage("IBLOCK_ADM_EXP_CANNOT_CREATE_FILE") . "<br>";
$DATA_FILE_NAME = "";
} else {
fclose($fp);
}示例12: HasAccess
/**
* Checks if current user has access to the file or folder according to Bitrix permissions
* @static
* @param string $strFilename full path to the file
* @param boolean $isFile true if we check file permissions, false if folder permissions should be checked
* @return boolean
*/
public static function HasAccess($strFilename, $isFile)
{
$result = false;
$path = removeDocRoot($strFilename);
global $USER;
if (!$isFile) {
if ($USER->CanDoFileOperation("fm_view_listing", array(SITE_ID, $path))) {
$result = true;
}
} else {
if ($USER->CanDoFileOperation('fm_view_file', array(SITE_ID, $path)) && ($USER->CanDoOperation('edit_php') || $USER->CanDoFileOperation('fm_lpa', array(SITE_ID, $path)) || !(HasScriptExtension($path) || substr(GetFileName($path), 0, 1) == "."))) {
$result = true;
}
}
return $result;
}示例13: GetMessage
if(strlen($newfilename)<=0)
{
$strWarning .= GetMessage("FILEMAN_RENAME_NEW_NAME")." \"".$file."\"!\n";
}
elseif (($mess = CFileMan::CheckFileName($newfilename)) !== true)
{
$strWarning = $mess;
}
else
{
$pathto = Rel2Abs($path, $newfilename);
if(!$USER->CanDoFileOperation('fm_create_new_file',Array($site, $pathto)))
$strWarning .= GetMessage("FILEMAN_RENAME_ACCESS_ERROR")."\n";
elseif(!$USER->CanDoOperation('edit_php') && (substr(CFileman::GetFileName($file), 0, 1) == "." || substr(CFileman::GetFileName($pathto), 0, 1)=="." || (!HasScriptExtension($file) && HasScriptExtension($pathto)))) // if not admin and renaming from non PHP to PHP
$strWarning .= GetMessage("FILEMAN_RENAME_TOPHPFILE_ERROR")."\n";
elseif(!$USER->CanDoOperation('edit_php') && HasScriptExtension($file) && !HasScriptExtension($pathto)) // if not admin and renaming from PHP to non PHP
$strWarning .= GetMessage("FILEMAN_RENAME_FROMPHPFILE_ERROR")."\n";
else
{
$pathparsedtmp = CFileMan::ParsePath(Array($site, $pathto), false, false, "", $logical == "Y");
$strWarningTmp = CFileMan::CreateDir($pathparsedtmp["PREV"]);
if(strlen($strWarningTmp)>0)
$strWarning .= $strWarningTmp;
else
{
if(!$io->FileExists($DOC_ROOT.$path."/".$file))
$strWarning .= GetMessage("FILEMAN_RENAME_FILE")." \"".$path."/".$file."\" ".GetMessage("FILEMAN_RENAME_NOT_FOUND")."!\n";
elseif(!$io->Rename($DOC_ROOT.$path."/".$file, $DOC_ROOT.$pathto))
$strWarning .= GetMessage("FILEMAN_RENAME_ERROR")." \"".$path."/".$file."\" ".GetMessage("FILEMAN_RENAME_IN")." \"".$pathto."\"!\n";
else示例14: Remove
/**
* Removes snippet
*
* @param array - list of params (template, path)
* @return bool - result
*/
public static function Remove($params = array())
{
global $APPLICATION;
$res = false;
$template = CFileMan::SecurePathVar($params['template']);
$path = CFileMan::SecurePathVar($params["path"]);
$contPath = $_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/templates/" . $template . "/snippets";
$snippetPath = $contPath . ($path == '' ? '' : '/' . $path);
$io = CBXVirtualIo::GetInstance();
if (!$io->ValidatePathString($snippetPath) || IsFileUnsafe($snippetPath) || HasScriptExtension($snippetPath)) {
return false;
}
//Delete snippet file
if ($io->FileExists($snippetPath)) {
$res = $io->Delete($snippetPath);
}
$SNIPPETS = array();
if ($io->FileExists($contPath . "/.content.php")) {
@(include $contPath . "/.content.php");
}
$contentSrc = '<?if(!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED!==true)die();?>' . chr(10);
$contentSrc .= '<?' . chr(10) . '$SNIPPETS = Array();' . chr(10);
foreach ($SNIPPETS as $k => $snip) {
if ($io->FileExists(CFileMan::SecurePathVar($contPath . '/' . $k))) {
$contentSrc .= '$SNIPPETS[\'' . CUtil::addslashes($k) . '\'] = Array(';
if (isset($snip['title']) && $snip['title'] !== '') {
$contentSrc .= '\'title\' => \'' . Cutil::addslashes($snip['title']) . '\'';
if (isset($snip['description']) && $snip['description'] !== '') {
$contentSrc .= ', ';
}
}
if (isset($snip['description']) && $snip['description'] !== '') {
$contentSrc .= '\'description\' => \'' . Cutil::addslashes($snip['description']) . '\'';
}
$contentSrc .= ');' . chr(10);
}
}
$contentSrc .= '?>';
$APPLICATION->SaveFileContent($contPath . "/.content.php", $contentSrc);
CSnippets::ClearCache();
return $res;
}示例15: OnChangeFileComponent
function OnChangeFileComponent($path, $site)
{
/** @global CMain $APPLICATION */
global $APPLICATION;
// kind of optimization
if (!HasScriptExtension($path)) {
return;
}
$docRoot = CSite::GetSiteDocRoot($site);
CUrlRewriter::Delete(array("SITE_ID" => $site, "PATH" => $path, "ID" => "NULL"));
if (class_exists("\\Bitrix\\Main\\Application", false)) {
\Bitrix\Main\Component\ParametersTable::deleteByFilter(array("SITE_ID" => $site, "REAL_PATH" => $path));
}
$fileSrc = $APPLICATION->GetFileContent($docRoot . $path);
$arComponents = PHPParser::ParseScript($fileSrc);
for ($i = 0, $cnt = count($arComponents); $i < $cnt; $i++) {
if (class_exists("\\Bitrix\\Main\\Application", false)) {
\Bitrix\Main\Component\ParametersTable::add(array('SITE_ID' => $site, 'COMPONENT_NAME' => $arComponents[$i]["DATA"]["COMPONENT_NAME"], 'TEMPLATE_NAME' => $arComponents[$i]["DATA"]["TEMPLATE_NAME"], 'REAL_PATH' => $path, 'SEF_MODE' => $arComponents[$i]["DATA"]["PARAMS"]["SEF_MODE"] == "Y" ? \Bitrix\Main\Component\ParametersTable::SEF_MODE : \Bitrix\Main\Component\ParametersTable::NOT_SEF_MODE, 'SEF_FOLDER' => $arComponents[$i]["DATA"]["PARAMS"]["SEF_MODE"] == "Y" ? $arComponents[$i]["DATA"]["PARAMS"]["SEF_FOLDER"] : null, 'START_CHAR' => $arComponents[$i]["START"], 'END_CHAR' => $arComponents[$i]["END"], 'PARAMETERS' => serialize($arComponents[$i]["DATA"]["PARAMS"])));
}
if (isset($arComponents[$i]["DATA"]["PARAMS"]) && is_array($arComponents[$i]["DATA"]["PARAMS"])) {
if (array_key_exists("SEF_MODE", $arComponents[$i]["DATA"]["PARAMS"]) && $arComponents[$i]["DATA"]["PARAMS"]["SEF_MODE"] == "Y") {
CUrlRewriter::Add(array("SITE_ID" => $site, "CONDITION" => "#^" . $arComponents[$i]["DATA"]["PARAMS"]["SEF_FOLDER"] . "#", "ID" => $arComponents[$i]["DATA"]["COMPONENT_NAME"], "PATH" => $path));
}
}
}
}