Permalink
Browse files

Enhances security while manipulating files and folders in file and fo…

…lder library, and in FileManager input.
  • Loading branch information...
JB Lebrun
JB Lebrun committed Aug 31, 2018
1 parent 786be6f commit ca71e6450482acefdf9395d5d00e75698af31c45
Showing with 121 additions and 45 deletions.
  1. +49 −2 engine/lib/tool/file.php.inc
  2. +52 −31 engine/lib/tool/folder.php.inc
  3. +20 −12 plugin/input/FileManager/FileManager.php.inc
@@ -4,9 +4,9 @@
* @details Engine / Tool Library
* @file engine/lib/tool/file.php.inc
* @author CaMykS Team <camyks.contact@gmail.com>
* @version 1.0.2
* @version 1.0.3
* @date Creation: Jun 2005
* @date Modification: Apr 2018
* @date Modification: Aug 2018
* @copyright 2005 - 2018 CaMykS Team
* @note This program is distributed as is - WITHOUT ANY WARRANTY;
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
@@ -26,6 +26,11 @@ define('FILE_ICON_EXTENSION', 'gif');
* @return boolean success
*/
function file_write($file_path, $content, $deleteCache=false) {
/* check path to file to be in website */
if (!file_isInPath($file_path))
return false;
/* write file */
if (@file_put_contents($file_path, $content, LOCK_EX) !== false) {
/* remove cache from OPCache */
if ($deleteCache and function_exists('opcache_invalidate')) opcache_invalidate($file_path);
@@ -92,6 +97,11 @@ function file_getHTAccessFileEnder() {
* @return string
*/
function file_getContent($file) {
/* check path to file to be in website */
if (!file_isInPath($file))
return '';
/* check file */
if (!file_exists($file)) {
return '';
}
@@ -109,6 +119,10 @@ function file_getContent($file) {
* @return void
*/
function file_download($file, $path) {
/* check path to file to be in website */
if (!file_isInPath($path))
return;
/* open file to be written */
$ff = fopen($path, "w");
@@ -128,6 +142,17 @@ function file_download($file, $path) {
fclose ($ff);
}
/*
* Delete file.
* @param string $file
* @return boolean sucesss
*/
function file_delete($file) {
if (file_isInPath($file))
return @unlink($file);
return false;
}
/**
* Return file type icon.
* @param string $mime
@@ -530,6 +555,10 @@ function file_isImage($file) {
* @return mixed
*/
function file_readfile($filename, $retbytes=true) {
/* check path to file to be in website */
if (!file_isInPath($filename))
return;
/* load file size */
$s = stat($filename);
$s = (int)($s['size']/1024/1024);
@@ -601,6 +630,11 @@ function file_writeConfFile($file_path, $desc, $datas) {
* @return array
*/
function file_search($pattern='*', $rootPath='./', $globFlags=0) {
/* check path to file to be in website */
if (!folder_isInPath($rootPath))
return;
/* do the search */
$paths = glob($rootPath.'*', GLOB_MARK|GLOB_ONLYDIR|GLOB_NOSORT);
$files = glob($rootPath.$pattern, $globFlags);
foreach ($paths as $path) {
@@ -647,6 +681,18 @@ function file_md5($file, $contextParams=array()) {
return false;
}
/**
* Check if folder is in path
* @param string $file
* @param string $path
* @return boolean result
*/
function file_isInPath($file='', $path='') {
if (file_exists($file))
return folder_isInPath($file, $path);
return folder_isInPath(dirname($file).'/', $path);
}
/* private mime gathering methods */
/**
@@ -874,6 +920,7 @@ function _file_getMimeFromExtension($file, $ext=null) {
return '';
}
/* deprecated methods */
/**
@@ -4,11 +4,11 @@
* @details Engine / Tool Library
* @file engine/lib/tool/folder.php.inc
* @author CaMykS Team <camyks.contact@gmail.com>
* @version 1.0.1
* @version 1.0.2
* @date Creation: Jul 2005
* @date Modification: Apr 2018
* @date Modification: Aug 2018
* @copyright 2005 - 2018 CaMykS Team
* @note This program is distributed as is - WITHOUT ANY WARRANTY;
* @note This program is distributed as is - WITHOUT ANY WARRANTY;
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*/
@@ -66,14 +66,14 @@ function folder_completePath($path, $rights=0771) {
return true;
}
/*
/*
* Delete folder object.
* @param string $folder
* @param boolean $recursive
* @return boolean
*/
function folder_delete($folder, $recursive=false) {
if (file_exists($folder) and is_dir ($folder)) {
if (file_exists($folder) and is_dir($folder) and folder_isInPath($folder)) {
if ($dir = opendir($folder)) {
$files = array();
while (($file = readdir ($dir)) !== false) {
@@ -93,7 +93,7 @@ function folder_delete($folder, $recursive=false) {
}
}
}
return rmdir($folder);
return rmdir($folder);
}
return false;
}
@@ -119,7 +119,7 @@ function folder_copy($source, $target) {
} else {
copy($sourceitem, $targetitem);
}
}
}
$folder->close();
return true;
} else {
@@ -191,7 +191,7 @@ function folder_listFiles($folder) {
if (!is_dir($folder)) {
return array();
}
/* start listing folders */
if ($dir = opendir($folder)) {
$files = array();
@@ -215,22 +215,22 @@ function folder_listFolders($folder) {
if (!is_dir($folder)) {
return array();
}
/* initialise result */
$folders = array();
/* load folder's elements */
$elements = scandir($folder);
/* sort them */
sort($elements);
/* keep all folders */
foreach ($elements as $element) {
if (($element != '.') and ($element != '..') and (is_dir($folder.'/'.$element)))
$folders[] = $element;
}
/* send result */
return $folders;
}
@@ -245,27 +245,27 @@ function folder_listMatchingFolders($folder, $matching_folders = array()) {
/* check for matching folders */
if (!is_array($matching_folders) or $matching_folders == array())
return array();
/* check for given folder */
if (!is_dir($folder)) {
return array();
}
/* initialise result */
$folders = array();
/* load folder's elements */
$elements = scandir($folder);
/* sort them */
sort($elements);
/* keep all folders */
foreach ($elements as $element) {
if (($element != '.') and ($element != '..') and (is_dir($folder.'/'.$element)) and (in_array($element, $matching_folders)))
$folders[] = $element;
}
/* send result */
return $folders;
}
@@ -306,15 +306,15 @@ function folder_createZipArchive($source='', $target='', $includeRootFolder=fal
/* check source is a folder */
if (!is_dir($source))
return false;
/* create folder path */
folder_completePath(dirname($target));
/* initialize archive object */
$zip = new ZipArchive();
if (!$zip->open($target, ZipArchive::CREATE))
return false;
/* get real path for our folder */
if ($includeRootFolder) {
$rootFolder = basename($source);
@@ -325,14 +325,14 @@ function folder_createZipArchive($source='', $target='', $includeRootFolder=fal
$rootFolder = '';
$rootPath = $source.'/';
}
/* get files and folders as flat structure */
$struct = folder_getFlatStructure($source);
/* add files and folders to the zip file */
foreach ($struct as $item) {
$itemPath = substr ($item['path'], strlen($rootPath));
if ($item['type'] == 'folder') {
/* add folder */
//$zip->addEmptyDir($itemPath);
@@ -342,7 +342,7 @@ function folder_createZipArchive($source='', $target='', $includeRootFolder=fal
$zip->addFromString($itemPath, $content);
}
}
/* Zip archive will be created only after closing object */
return $zip->close();
}
@@ -354,18 +354,18 @@ function folder_createZipArchive($source='', $target='', $includeRootFolder=fal
*/
function folder_getFlatStructure($source='') {
$struct = array();
if (!is_dir($source))
return $struct;
$folder = dir($source);
while (($item = $folder->read()) !== false) {
if ($item == '.' || $item == '..') {
continue;
}
$fitem = $source.'/'.$item;
if (is_dir($fitem)) {
$struct[] = array('type'=>'folder', 'path'=> $fitem);
$struct = array_merge($struct, folder_getFlatStructure($fitem));
@@ -375,4 +375,25 @@ function folder_getFlatStructure($source='') {
}
return $struct;
}
?>
/**
* Check if folder is in path
* @param string $folder
* @param string $path
* @return boolean result
*/
function folder_isInPath($folder='', $path='') {
global $camyks;
if (!is_dir($path) or $path == '')
$path = $camyks->site_path;
$path = realpath($path).'/';
if (!file_exists($folder))
return false;
$folder = realpath($folder);
return preg_match('#^'.$path.'#', $folder);
}
?>
Oops, something went wrong.

0 comments on commit ca71e64

Please sign in to comment.