Skip to content

Commit

Permalink
added settings to url_rewrite.php part 2
Browse files Browse the repository at this point in the history
  • Loading branch information
@josxha
josxha committed May 22, 2019
1 parent 42d0d29 commit f8c144d
Show file tree
Hide file tree
Showing 2 changed files with 75 additions and 51 deletions.
43 changes: 25 additions & 18 deletions restrict-file-access/admin/admin.php
View file
Expand Up @@ -115,6 +115,19 @@ public function documents_create_admin_page() {

<div class="tab-content">
<div id="files" class="tab-pane active">
<h2>Anleitung</h2>
<p class="josxhaText">
Auf die hochgeladenen Dateien kann verlinkt werden. Bilder können zudem auf Seiten und Beiträgen über die URL eingebunden werden. <br/>
Es können nur angemeldete Nutzer auf die Dateien zugreifen, ein direkter Zugriff ist ebenfalls nicht möglich.
</p>
<p class="josxhaText">
Der Aufbau des Links ist wie folgt:<br>
<?php echo $url ?>
</p>
<p class="josxhaText">
Erlaubte Dateiformate sind .png .jpg .jpeg .pdf .mp3 .mp4 .xlsx .docx .doc .xls .ppt .pptx .txt .csv .gif
</p>
<br>
<h2>Datei hochladen</h2>
<form action="" id="uploadFile" enctype="multipart/form-data" method="post">
<input type="file" name="file">
Expand Down Expand Up @@ -229,10 +242,11 @@ function josxhaRfaCopy(event, url) {
<td>
<label class="josxhaText">
<textarea
maxlength="10000"
placeholder="<?php echo JOSXHARFA_NOT_PERMITTED_DEFAULT_TEXT ?>"
name="onAccess[text]"
style="width: 90%; min-height: 50px"
><?php echo $settings['onAccess']['text']; ?></textarea>
><?php echo stripslashes($settings['onAccess']['text']); ?></textarea>
</label>
</td>
<td style="vertical-align: top">
Expand All @@ -241,7 +255,7 @@ function josxhaRfaCopy(event, url) {
style="width: 50%"
type="text"
name="onAccess[url]"
value="<?php echo $settings['onAccess']['url']; ?>"
value="<?php echo stripslashes($settings['onAccess']['url']); ?>"
placeholder="<?php echo JOSXHARFA_DEFAULT_URL ?>">
</label>
</td>
Expand Down Expand Up @@ -279,15 +293,21 @@ function josxhaRfaCopy(event, url) {
<label class="josxhaText">
<textarea
placeholder="<?php echo JOSXHARFA_FILE_NOT_FOUND_DEFAULT_TEXT ?>"
maxlength="10000"
name="notFound[text]"
style="width: 90%;
min-height: 50px"
><?php echo $settings['notFound']['text']; ?></textarea>
><?php echo stripslashes($settings['notFound']['text']); ?></textarea>
</label>
</td>
<td style="vertical-align: top">
<label class="josxhaText">
<input style="width: 50%" type="text" name="notFound[url]" value="<?php echo $settings['notFound']['url']; ?>" placeholder="<?php echo JOSXHARFA_DEFAULT_URL ?>">
<input
style="width: 50%"
type="text"
name="notFound[url]"
value="<?php echo stripslashes($settings['notFound']['url']); ?>"
placeholder="<?php echo JOSXHARFA_DEFAULT_URL ?>">
</label>
</td>
</tr>
Expand Down Expand Up @@ -316,24 +336,11 @@ function josxhaRfaCopy(event, url) {
</div>

<div id="help" class="tab-pane">
<h2>Anleitung</h2>
<p class="josxhaText">
Auf die hochgeladenen Dateien kann verlinkt werden. Bilder können zudem auf Seiten und Beiträgen über die URL eingebunden werden. <br/>
Es können nur angemeldete Nutzer auf die Dateien zugreifen, ein direkter Zugriff ist ebenfalls nicht möglich.
</p>
<p class="josxhaText">
Der Aufbau des Links ist wie folgt:<br>
<?php echo $url ?>
</p>
<p class="josxhaText">
Erlaubte Dateiformate sind .png .jpg .jpeg .pdf .mp3 .mp4 .xlsx .docx .doc .xls .ppt .pptx .txt .csv .gif
</p>
<br>
<h2>Support</h2>
<p class="josxhaText">Du brauchst Hilfe oder hast einen Fehler entdeckt? Dieses Plugin hat ein Forum unter <a target="_blank" href="https://wordpress.org/support/plugin/restrict-file-access/">https://wordpress.org/support/plugin/restrict-file-access/</a></p>
<br>
<h2>Erweitern</h2>
<p class="josxhaText">Du möchtest das Plugin erweitern oder Bugs beheben? Der Source Code wird auf GitHub verwaltet: <a href="https://github.com/josxha/WordPress-Plugin-File-Secures">https://github.com/josxha/WordPress-Plugin-File-Secure</a></p>
<p class="josxhaText">Du möchtest das Plugin erweitern oder Bugs beheben? Der Source Code wird auf GitHub verwaltet: <a target="_blank" href="https://github.com/josxha/WordPress-Plugin-File-Secure">https://github.com/josxha/WordPress-Plugin-File-Secure</a></p>
</div>
</div>
</div>
Expand Down
83 changes: 50 additions & 33 deletions restrict-file-access/url_rewrite/url_rewrite.php
View file
Expand Up @@ -7,11 +7,11 @@
*/

class JosxhaRfaFileSecure {
private $settings;
private $settings;

public function __construct() {
$this->settings = get_option(JOSXHARFA_PLUGIN_NAME);
}
public function __construct() {
$this->settings = stripslashes_deep(get_option(JOSXHARFA_PLUGIN_NAME));
}

function activate() {
global $wp_rewrite;
Expand Down Expand Up @@ -50,37 +50,53 @@ function pushoutput( $message ) {
$this->output( $message );
}

function accessNotPermitted() {
$preferences = $this->settings['onAccess'];
if ($preferences['action'] === "redirect") {
header("Location: " . $preferences['url']);
die();
}
if ($preferences['text'] === "")
die(JOSXHARFA_NOT_PERMITTED_DEFAULT_TEXT);
else
die($preferences['text']);
}

function fileNotFound() {
$preferences = $this->settings['notFound'];
if ($preferences['action'] === "redirect") {
header("Location: " . $preferences['url']);
die();
}
if ($preferences['text'] === "")
die(JOSXHARFA_FILE_NOT_FOUND_DEFAULT_TEXT);
else
die($preferences['text']);
}

function output( $filename ) {
// test if user is allowed to view file
if (!is_user_logged_in()) { //TODO überprüfe user role
$user = get_currentuserinfo();
var_dump($user);
$preferences = $this->settings['onAccess'];
if ($preferences['action'] === "redirect") {
header("Location: " . $preferences['url']);
die();
}
if ($preferences['text'] === "")
die(JOSXHARFA_NOT_PERMITTED_DEFAULT_TEXT);
else
die($preferences['text']);
}
// test if user is allowed to view file
if (!is_user_logged_in())
$this->accessNotPermitted();

$rolesOfUser = get_currentuserinfo()->roles; // array of all user roles of the active user
$allowedUserRoles = $this->settings["userRole"]; // dictionary with all relevant available user roles
$success = false;
foreach ( $rolesOfUser as $role ) {
if (in_array($role, $allowedUserRoles) && $allowedUserRoles[$role] === true) {
$success = true;
break;
}
}
if (!$success)
$this->accessNotPermitted();

// show file
$file_path = josxharfa_upload_dir() . "/" . $filename;
if ( ! file_exists( $file_path ) ) {
$preferences = $this->settings['notFound'];
if ($preferences['action'] === "redirect") {
header("Location: " . $preferences['url']);
die();
}
if ($preferences['text'] === "")
die(JOSXHARFA_FILE_NOT_FOUND_DEFAULT_TEXT);
else
die($preferences['text']);
}
header( 'Content-Length: ' . filesize( $file_path ) );

if ( ! file_exists( $file_path ) ) {
$this->fileNotFound();
}

if ( function_exists( 'mime_content_type' ) ) {
$mime = mime_content_type( $file_path );
}
Expand Down Expand Up @@ -122,13 +138,14 @@ function output( $filename ) {
break;
}
}

header( "Content-type: $mime" );
header( 'Content-Length: ' . filesize( $file_path ) );
header( "Content-Disposition:" . $this->get_content_disposition( $mime ) . ";filename=" . $filename );

readfile( $file_path );
}

function get_content_disposition( $mime ) {
$inline = [ 'image/png', 'image/jpeg', 'image/gif', 'audio/mpeg', 'video/mp4', 'application/pdf', 'text/plain' ];

Expand Down

0 comments on commit f8c144d

Please sign in to comment.