Update elfinder 2.1.62
This commit is contained in:
parent
51ae8622bc
commit
e53762d4a5
|
@ -1,9 +1,9 @@
|
|||
/*!
|
||||
* elFinder - file manager for web
|
||||
* Version 2.1.61 (2.1-src Nightly: 1733024) (2022-03-15)
|
||||
* Version 2.1.62 (2023-06-14)
|
||||
* http://elfinder.org
|
||||
*
|
||||
* Copyright 2009-2022, Studio 42
|
||||
* Copyright 2009-2023, Studio 42
|
||||
* Licensed under a 3-clauses BSD license
|
||||
*/
|
||||
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -32,7 +32,7 @@ class elFinder
|
|||
*
|
||||
* @var integer
|
||||
*/
|
||||
protected static $ApiRevision = 59;
|
||||
protected static $ApiRevision = 62;
|
||||
|
||||
/**
|
||||
* Storages (root dirs)
|
||||
|
@ -766,6 +766,25 @@ class elFinder
|
|||
$this->utf8Encoder = $opts['utf8Encoder'];
|
||||
}
|
||||
|
||||
// for LocalFileSystem driver on Windows server
|
||||
if (DIRECTORY_SEPARATOR !== '/') {
|
||||
if (empty($opts['bind'])) {
|
||||
$opts['bind'] = array();
|
||||
}
|
||||
|
||||
$_key = 'upload.pre mkdir.pre mkfile.pre rename.pre archive.pre ls.pre';
|
||||
if (!isset($opts['bind'][$_key])) {
|
||||
$opts['bind'][$_key] = array();
|
||||
}
|
||||
array_push($opts['bind'][$_key], 'Plugin.WinRemoveTailDots.cmdPreprocess');
|
||||
|
||||
$_key = 'upload.presave paste.copyfrom';
|
||||
if (!isset($opts['bind'][$_key])) {
|
||||
$opts['bind'][$_key] = array();
|
||||
}
|
||||
array_push($opts['bind'][$_key], 'Plugin.WinRemoveTailDots.onUpLoadPreSave');
|
||||
}
|
||||
|
||||
// bind events listeners
|
||||
if (!empty($opts['bind']) && is_array($opts['bind'])) {
|
||||
$_req = $_SERVER["REQUEST_METHOD"] == 'POST' ? $_POST : $_GET;
|
||||
|
@ -773,7 +792,7 @@ class elFinder
|
|||
foreach ($opts['bind'] as $cmd => $handlers) {
|
||||
$doRegist = (strpos($cmd, '*') !== false);
|
||||
if (!$doRegist) {
|
||||
$doRegist = ($_reqCmd && in_array($_reqCmd, array_map('self::getCmdOfBind', explode(' ', $cmd))));
|
||||
$doRegist = ($_reqCmd && in_array($_reqCmd, array_map('elFinder::getCmdOfBind', explode(' ', $cmd))));
|
||||
}
|
||||
if ($doRegist) {
|
||||
// for backward compatibility
|
||||
|
@ -2063,7 +2082,7 @@ class elFinder
|
|||
}
|
||||
|
||||
if ($args['cpath'] && $args['reqid']) {
|
||||
setcookie('elfdl' . $args['reqid'], '1', 0, $args['cpath']);
|
||||
setcookie('elfdl' . $args['reqid'], '1', 0, urlencode($args['cpath']));
|
||||
}
|
||||
|
||||
$result = array(
|
||||
|
@ -2694,7 +2713,7 @@ class elFinder
|
|||
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
||||
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
|
||||
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
|
||||
curl_setopt($ch, CURLOPT_RESOLVE, [$info['host'] . ':' . $info['port'] . ':' . $info['ip']]);
|
||||
curl_setopt($ch, CURLOPT_RESOLVE, array($info['host'] . ':' . $info['port'] . ':' . $info['ip']));
|
||||
$result = curl_exec($ch);
|
||||
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
|
||||
if ($http_code == 301 || $http_code == 302) {
|
||||
|
@ -3319,7 +3338,14 @@ class elFinder
|
|||
fclose($fp);
|
||||
throw $e;
|
||||
}
|
||||
$_name = preg_replace('~^.*?([^/#?]+)(?:\?.*)?(?:#.*)?$~', '$1', rawurldecode($url));
|
||||
if (strpos($url, '%') !== false) {
|
||||
$url = rawurldecode($url);
|
||||
}
|
||||
if (is_callable('mb_convert_encoding') && is_callable('mb_detect_encoding')) {
|
||||
$url = mb_convert_encoding($url, 'UTF-8', mb_detect_encoding($url));
|
||||
}
|
||||
$url = iconv('UTF-8', 'UTF-8//IGNORE', $url);
|
||||
$_name = preg_replace('~^.*?([^/#?]+)(?:\?.*)?(?:#.*)?$~', '$1', $url);
|
||||
// Check `Content-Disposition` response header
|
||||
if (($headers = get_headers($url, true)) && !empty($headers['Content-Disposition'])) {
|
||||
if (preg_match('/filename\*=(?:([a-zA-Z0-9_-]+?)\'\')"?([a-z0-9_.~%-]+)"?/i', $headers['Content-Disposition'], $m)) {
|
||||
|
@ -4240,7 +4266,14 @@ var go = function() {
|
|||
return $proc;
|
||||
}
|
||||
|
||||
$errfile = str_replace($base, '', $errfile);
|
||||
// Do not report real path
|
||||
if (strpos($errfile, $base) === 0) {
|
||||
$errfile = str_replace($base, '', $errfile);
|
||||
} else if ($pos = strrpos($errfile, '/vendor/')) {
|
||||
$errfile = substr($errfile, $pos + 1);
|
||||
} else {
|
||||
$errfile = basename($errfile);
|
||||
}
|
||||
|
||||
switch ($errno) {
|
||||
case E_WARNING:
|
||||
|
|
|
@ -1280,7 +1280,7 @@ abstract class elFinderVolumeDriver
|
|||
|
||||
// find available mimetype detect method
|
||||
$regexp = '/text\/x\-(php|c\+\+)/';
|
||||
$auto_types = [];
|
||||
$auto_types = array();
|
||||
|
||||
if (class_exists('finfo', false)) {
|
||||
$tmpFileInfo = explode(';', finfo_file(finfo_open(FILEINFO_MIME), __FILE__));
|
||||
|
@ -6794,14 +6794,22 @@ abstract class elFinderVolumeDriver
|
|||
$base = rtrim($base, $separator);
|
||||
}
|
||||
|
||||
// 'Here'
|
||||
if ($path === '' || $path === '.' . $separator) return $base;
|
||||
|
||||
$sepquoted = preg_quote($separator, '#');
|
||||
|
||||
// normalize `//` to `/`
|
||||
$path = preg_replace('#' . $sepquoted . '+#', $separator, $path); // '#/+#'
|
||||
|
||||
// remove `./`
|
||||
$path = preg_replace('#(?<=^|' . $sepquoted . ')\.' . $sepquoted . '#', '', $path); // '#(?<=^|/)\./#'
|
||||
|
||||
// 'Here'
|
||||
if ($path === '') return $base;
|
||||
|
||||
// join $base to $path if $path start `../`
|
||||
if (substr($path, 0, 3) === '..' . $separator) {
|
||||
$path = $base . $separator . $path;
|
||||
}
|
||||
|
||||
// normalize `/../`
|
||||
$normreg = '#(' . $sepquoted . ')[^' . $sepquoted . ']+' . $sepquoted . '\.\.' . $sepquoted . '#'; // '#(/)[^\/]+/\.\./#'
|
||||
while (preg_match($normreg, $path)) {
|
||||
|
@ -6811,6 +6819,9 @@ abstract class elFinderVolumeDriver
|
|||
$path = rtrim($path, $separator);
|
||||
}
|
||||
|
||||
// discard the surplus `../`
|
||||
$path = str_replace('..' . $separator, '', $path);
|
||||
|
||||
// Absolute path
|
||||
if ($path[0] === $separator || strpos($path, $systemroot) === 0) {
|
||||
return $path;
|
||||
|
|
|
@ -81,6 +81,13 @@ class elFinderVolumeLocalFileSystem extends elFinderVolumeDriver
|
|||
$this->options['keepTimestamp'] = array('copy', 'move'); // keep timestamp at inner filesystem allowed 'copy', 'move' and 'upload'
|
||||
$this->options['substituteImg'] = true; // support substitute image with dim command
|
||||
$this->options['statCorrector'] = null; // callable to correct stat data `function(&$stat, $path, $statOwner, $volumeDriveInstance){}`
|
||||
if (DIRECTORY_SEPARATOR === '/') {
|
||||
// Linux
|
||||
$this->options['acceptedName'] = '/^[^\.\/\x00][^\/\x00]*$/';
|
||||
} else {
|
||||
// Windows
|
||||
$this->options['acceptedName'] = '/^[^\.\/\x00\\\:*?"<>|][^\/\x00\\\:*?"<>|]*$/';
|
||||
}
|
||||
}
|
||||
|
||||
/*********************************************************************/
|
||||
|
@ -258,6 +265,14 @@ class elFinderVolumeLocalFileSystem extends elFinderVolumeDriver
|
|||
}
|
||||
|
||||
$this->statOwner = (!empty($this->options['statOwner']));
|
||||
|
||||
// enable WinRemoveTailDots plugin on Windows server
|
||||
if (DIRECTORY_SEPARATOR !== '/') {
|
||||
if (!isset($this->options['plugin'])) {
|
||||
$this->options['plugin'] = array();
|
||||
}
|
||||
$this->options['plugin']['WinRemoveTailDots'] = array('enable' => true);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -358,9 +373,13 @@ class elFinderVolumeLocalFileSystem extends elFinderVolumeDriver
|
|||
// realpath() returns FALSE if the file does not exist
|
||||
if ($path === false || strpos($path, $this->root) !== 0) {
|
||||
if (DIRECTORY_SEPARATOR !== '/') {
|
||||
$dir = str_replace('/', DIRECTORY_SEPARATOR, $dir);
|
||||
$name = str_replace('/', DIRECTORY_SEPARATOR, $name);
|
||||
}
|
||||
// Directory traversal measures
|
||||
if (strpos($dir, '..' . DIRECTORY_SEPARATOR) !== false || substr($dir, -2) == '..') {
|
||||
$dir = $this->root;
|
||||
}
|
||||
if (strpos($name, '..' . DIRECTORY_SEPARATOR) !== false) {
|
||||
$name = basename($name);
|
||||
}
|
||||
|
@ -470,6 +489,7 @@ class elFinderVolumeLocalFileSystem extends elFinderVolumeDriver
|
|||
if ($path === DIRECTORY_SEPARATOR) {
|
||||
return $this->root;
|
||||
} else {
|
||||
$path = $this->_normpath($path);
|
||||
if (strpos($path, $this->systemRoot) === 0) {
|
||||
return $path;
|
||||
} else if (DIRECTORY_SEPARATOR !== '/' && preg_match('/^[a-zA-Z]:' . preg_quote(DIRECTORY_SEPARATOR, '/') . '/', $path)) {
|
||||
|
@ -952,7 +972,7 @@ class elFinderVolumeLocalFileSystem extends elFinderVolumeDriver
|
|||
**/
|
||||
protected function _symlink($source, $targetDir, $name)
|
||||
{
|
||||
return symlink($source, $this->_joinPath($targetDir, $name));
|
||||
return $this->localFileSystemSymlink($source, $this->_joinPath($targetDir, $name));
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -1450,12 +1470,14 @@ class elFinderVolumeLocalFileSystem extends elFinderVolumeDriver
|
|||
protected function localFileSystemSymlink($target, $link)
|
||||
{
|
||||
$res = false;
|
||||
$errlev = error_reporting();
|
||||
error_reporting($errlev ^ E_WARNING);
|
||||
if ($res = symlink(realpath($target), $link)) {
|
||||
$res = is_readable($link);
|
||||
if (function_exists('symlink') and is_callable('symlink')) {
|
||||
$errlev = error_reporting();
|
||||
error_reporting($errlev ^ E_WARNING);
|
||||
if ($res = symlink(realpath($target), $link)) {
|
||||
$res = is_readable($link);
|
||||
}
|
||||
error_reporting($errlev);
|
||||
}
|
||||
error_reporting($errlev);
|
||||
return $res;
|
||||
}
|
||||
} // END class
|
||||
|
|
|
@ -184,6 +184,14 @@ class elFinderVolumeOneDrive extends elFinderVolumeDriver
|
|||
throw new \Exception('json_decode() failed');
|
||||
}
|
||||
|
||||
if (!empty($decoded->error)) {
|
||||
$error = $decoded->error;
|
||||
if (!empty($decoded->error_description)) {
|
||||
$error .= ': ' . $decoded->error_description;
|
||||
}
|
||||
throw new \Exception($error);
|
||||
}
|
||||
|
||||
$res = (object)array(
|
||||
'expires' => time() + $decoded->expires_in - 30,
|
||||
'initialToken' => '',
|
||||
|
|
|
@ -200,14 +200,6 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
protected function ftpRawList($path)
|
||||
{
|
||||
return $this->connect->rawlist($path ?: '.') ?: [];
|
||||
/*
|
||||
$raw = $this->connect->rawlist($path ?: '.') ?: [];
|
||||
$raw = array_map(function($key, $value) {
|
||||
$value['name'] = $key;
|
||||
return $value;
|
||||
}, array_keys($raw), $raw);
|
||||
return $raw;
|
||||
*/
|
||||
}
|
||||
|
||||
/*********************************************************************/
|
||||
|
@ -229,16 +221,15 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
/**
|
||||
* Parse line from rawlist() output and return file stat (array)
|
||||
*
|
||||
* @param string $raw line from rawlist() output
|
||||
* @param array $info from rawlist() output
|
||||
* @param $base
|
||||
* @param bool $nameOnly
|
||||
*
|
||||
* @return array
|
||||
* @author Dmitry Levashov
|
||||
*/
|
||||
protected function parseRaw($raw, $base, $nameOnly = false)
|
||||
protected function parseRaw($info, $base, $nameOnly = false)
|
||||
{
|
||||
$info = $raw;
|
||||
$stat = array();
|
||||
|
||||
if ($info['filename'] == '.' || $info['filename'] == '..') {
|
||||
|
@ -247,14 +238,13 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
|
||||
$name = $info['filename'];
|
||||
|
||||
if (preg_match('|(.+)\-\>(.+)|', $name, $m)) {
|
||||
$name = trim($m[1]);
|
||||
if ($info['type'] === 3) {
|
||||
// check recursive processing
|
||||
if ($this->cacheDirTarget && $this->_joinPath($base, $name) !== $this->cacheDirTarget) {
|
||||
return array();
|
||||
}
|
||||
if (!$nameOnly) {
|
||||
$target = trim($m[2]);
|
||||
$target = $this->connect->readlink($name);
|
||||
if (substr($target, 0, 1) !== $this->separator) {
|
||||
$target = $this->getFullPath($target, $base);
|
||||
}
|
||||
|
@ -281,8 +271,19 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
$owner_computed = isset($stat['isowner']) ? $stat['isowner'] : $this->options['owner'];
|
||||
$perm = $this->parsePermissions($info['permissions'], $owner_computed);
|
||||
$stat['name'] = $name;
|
||||
$stat['mime'] = $info['type'] == NET_SFTP_TYPE_DIRECTORY ? 'directory' : $this->mimetype($stat['name'], true);
|
||||
$stat['size'] = $stat['mime'] == 'directory' ? 0 : $info['size'];
|
||||
if ($info['type'] === NET_SFTP_TYPE_DIRECTORY) {
|
||||
$stat['mime'] = 'directory';
|
||||
$stat['size'] = 0;
|
||||
|
||||
} elseif ($info['type'] === NET_SFTP_TYPE_SYMLINK) {
|
||||
$stat['mime'] = 'symlink';
|
||||
$stat['size'] = 0;
|
||||
|
||||
} else {
|
||||
$stat['mime'] = $this->mimetype($stat['name'], true);
|
||||
$stat['size'] = $info['size'];
|
||||
}
|
||||
|
||||
$stat['read'] = $perm['read'];
|
||||
$stat['write'] = $perm['write'];
|
||||
|
||||
|
@ -329,8 +330,8 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
|
||||
$list = array();
|
||||
$encPath = $this->convEncIn($path);
|
||||
foreach ($this->ftpRawList($encPath) as $raw) {
|
||||
if (($stat = $this->parseRaw($raw, $encPath))) {
|
||||
foreach ($this->ftpRawList($encPath) as $info) {
|
||||
if (($stat = $this->parseRaw($info, $encPath))) {
|
||||
$list[] = $stat;
|
||||
}
|
||||
}
|
||||
|
@ -347,6 +348,8 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
if (empty($stat['hidden'])) {
|
||||
if (!$hasDir && $stat['mime'] === 'directory') {
|
||||
$hasDir = true;
|
||||
} elseif (!$hasDir && $stat['mime'] === 'symlink') {
|
||||
$hasDir = true;
|
||||
}
|
||||
$this->dirsCache[$path][] = $p;
|
||||
}
|
||||
|
@ -447,11 +450,10 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
'dirs' => true,
|
||||
);
|
||||
$ts = 0;
|
||||
foreach ($this->ftpRawList($path) as $str) {
|
||||
$info = preg_split('/\s+/', $str, 9);
|
||||
if ($info[8] === '.') {
|
||||
$info[8] = 'root';
|
||||
if ($stat = $this->parseRaw(join(' ', $info), $path)) {
|
||||
foreach ($this->ftpRawList($path) as $info) {
|
||||
if ($info['filename'] === '.') {
|
||||
$info['filename'] = 'root';
|
||||
if ($stat = $this->parseRaw($info, $path)) {
|
||||
unset($stat['name']);
|
||||
$res = array_merge($res, $stat);
|
||||
if ($res['ts']) {
|
||||
|
@ -460,7 +462,7 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
}
|
||||
}
|
||||
}
|
||||
if ($check && ($stat = $this->parseRaw($str, $path))) {
|
||||
if ($check && ($stat = $this->parseRaw($info, $path))) {
|
||||
if (isset($stat['ts']) && !empty($stat['ts'])) {
|
||||
$ts = max($ts, $stat['ts']);
|
||||
}
|
||||
|
@ -520,6 +522,9 @@ class elFinderVolumeSFTPphpseclib extends elFinderVolumeFTP {
|
|||
if ($name && $name !== '.' && $name !== '..' && $info['type'] == NET_SFTP_TYPE_DIRECTORY) {
|
||||
return true;
|
||||
}
|
||||
if ($name && $name !== '.' && $name !== '..' && $info['type'] == NET_SFTP_TYPE_SYMLINK) {
|
||||
//return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
|
|
Loading…
Reference in New Issue