[wolfcms] r340 committed - Removed hardcoded directory seperators where necessary. - issue 235 - ...

1 view
Skip to first unread message

wol...@googlecode.com

unread,
Nov 26, 2010, 1:38:49 PM11/26/10
to wolfcms...@googlegroups.com
Revision: 340
Author: martij...@gmail.com
Date: Fri Nov 26 10:37:02 2010
Log: Removed hardcoded directory seperators where necessary. - issue 235 -
thanks reekenx
http://code.google.com/p/wolfcms/source/detail?r=340

Modified:
/trunk/docs/changelog.txt
/trunk/index.php
/trunk/security.php
/trunk/wolf/app/cron.php
/trunk/wolf/app/main.php
/trunk/wolf/app/models/Plugin.php
/trunk/wolf/helpers/Upload.php
/trunk/wolf/plugins/file_manager/FileManagerController.php
/trunk/wolf/plugins/file_manager/index.php

=======================================
--- /trunk/docs/changelog.txt Fri Nov 26 10:22:13 2010
+++ /trunk/docs/changelog.txt Fri Nov 26 10:37:02 2010
@@ -9,6 +9,7 @@

0.7.0 - released 2010-??-??

++ Removed hardcoded directory seperators where necessary. - issue 235 -
thanks reekenx
+ Added Lithuanian translation for Comment plugin - issue 263 - thanks
reekenx
+ Added unix socket option to installer - issue 204
+ Added Validate helper.
=======================================
--- /trunk/index.php Mon Nov 22 08:01:59 2010
+++ /trunk/index.php Fri Nov 26 10:37:02 2010
@@ -16,13 +16,14 @@

define('CMS_VERSION', '0.7.0 RC1');
define('CMS_ROOT', dirname(__FILE__));
-define('CORE_ROOT', CMS_ROOT.'/wolf');
-define('PLUGINS_ROOT', CORE_ROOT.'/plugins');
-define('APP_PATH', CORE_ROOT.'/app');
-
-require_once(CORE_ROOT.'/utils.php');
-
-$config_file = CMS_ROOT.'/config.php';
+define('DS', DIRECTORY_SEPARATOR);
+define('CORE_ROOT', CMS_ROOT.DS.'wolf');
+define('PLUGINS_ROOT', CORE_ROOT.DS.'plugins');
+define('APP_PATH', CORE_ROOT.DS.'app');
+
+require_once(CORE_ROOT.DS.'utils.php');
+
+$config_file = CMS_ROOT.DS.'config.php';
require_once($config_file);

// if you have installed wolf and see this line, you can comment it or
delete it :)
@@ -64,7 +65,7 @@
}

define('PLUGINS_URI', URI_PUBLIC.'wolf/plugins/');
-if (!defined('THEMES_ROOT')) { define('THEMES_ROOT',
CMS_ROOT.'/public/themes/'); }
+if (!defined('THEMES_ROOT')) { define('THEMES_ROOT',
CMS_ROOT.DS.'public'.DS.'themes'.DS); }
if (!defined('THEMES_URI')) { define('THEMES_URI',
URI_PUBLIC.'public/themes/'); }


@@ -114,7 +115,7 @@
define('DEFAULT_CONTROLLER', 'page');
define('DEFAULT_ACTION', 'index');

-require CORE_ROOT.'/Framework.php';
+require CORE_ROOT.DS.'Framework.php';

try {
$__CMS_CONN__ = new PDO(DB_DSN, DB_USER, DB_PASS);
@@ -183,4 +184,4 @@
Dispatcher::addRoute($admin_routes);

// run everything!
-require APP_PATH.'/main.php';
+require APP_PATH.DS.'main.php';
=======================================
--- /trunk/security.php Tue Nov 23 06:42:45 2010
+++ /trunk/security.php Fri Nov 26 10:37:02 2010
@@ -15,10 +15,11 @@

define('SECURITY_CHECK', true);

-define('CORE_ROOT', dirname(__FILE__).'/wolf');
+define('DS', DIRECTORY_SEPARATOR);
+define('CORE_ROOT', dirname(__FILE__).DS.'wolf');
define('CFG_FILE', 'config.php');

-require(CORE_ROOT.'/utils.php');
+require(CORE_ROOT.DS.'utils.php');
require(CFG_FILE);

if (!defined('DEBUG')) { echo 'Please install Wolf CMS first, thank you.';
exit(); }
@@ -193,7 +194,7 @@
$warnings['config file writable, debug on'] = 'The configuration
file should never be writable in production systems. We advise you to
remove write permissions on config.php';
}

- if (defined('DEBUG') && false === DEBUG &&
file_exists(CORE_ROOT.'/install/')) {
+ if (defined('DEBUG') && false === DEBUG &&
file_exists(CORE_ROOT.DS.'install'.DS)) {
$warnings['install, directory present'] = 'The installation
directory ("wolf/install/") is still present. You may want to remove it for
added security since this is probably a production system. (DEBUG was set
to FALSE)';
}

=======================================
--- /trunk/wolf/app/cron.php Mon Nov 22 11:30:25 2010
+++ /trunk/wolf/app/cron.php Fri Nov 26 10:37:02 2010
@@ -29,17 +29,18 @@

// Setup system
define('IN_CMS', true);
+define('DS', DIRECTORY_SEPARATOR);
define('CMS_ROOT', dirname(__FILE__).'/../..');
-define('CORE_ROOT', CMS_ROOT.'/wolf');
-define('PLUGINS_ROOT', CORE_ROOT.'/plugins');
-define('APP_PATH', CORE_ROOT.'/app');
-
-require_once(CORE_ROOT.'/utils.php');
-require_once(CMS_ROOT.'/config.php');
+define('CORE_ROOT', CMS_ROOT.DS.'wolf');
+define('PLUGINS_ROOT', CORE_ROOT.DS.'plugins');
+define('APP_PATH', CORE_ROOT.DS.'app');
+
+require_once(CORE_ROOT.DS.'utils.php');
+require_once(CMS_ROOT.DS.'config.php');

define('BASE_URL', URL_PUBLIC . (endsWith(URL_PUBLIC, '/') ? '': '/') .
(USE_MOD_REWRITE ? '': '?'));

-require CORE_ROOT.'/Framework.php';
+require CORE_ROOT.DS.'Framework.php';

// Database connection
-----------------------------------------------------

=======================================
--- /trunk/wolf/app/main.php Sun Oct 17 12:17:26 2010
+++ /trunk/wolf/app/main.php Fri Nov 26 10:37:02 2010
@@ -30,7 +30,7 @@
//require APP_PATH . '/models/Plugin.php';
//require APP_PATH . '/models/Page.php';

-if ( ! defined('HELPER_PATH')) define('HELPER_PATH', CORE_ROOT.'/helpers');
+if ( ! defined('HELPER_PATH')) define('HELPER_PATH',
CORE_ROOT.DS.'helpers');
if ( ! defined('URL_SUFFIX')) define('URL_SUFFIX', '');

ini_set('date.timezone', DEFAULT_TIMEZONE);
=======================================
--- /trunk/wolf/app/models/Plugin.php Thu Nov 18 15:55:32 2010
+++ /trunk/wolf/app/models/Plugin.php Fri Nov 26 10:37:02 2010
@@ -42,11 +42,11 @@
static function init() {
self::$plugins = unserialize(Setting::get('plugins'));
foreach (self::$plugins as $plugin_id => $tmp) {
- $file = PLUGINS_ROOT.'/'.$plugin_id.'/index.php';
+ $file = PLUGINS_ROOT.DS.$plugin_id.DS.'index.php';
if (file_exists($file))
include $file;

- $file =
PLUGINS_ROOT.'/'.$plugin_id.'/i18n/'.I18n::getLocale().'-message.php';
+ $file =
PLUGINS_ROOT.DS.$plugin_id.DS.'i18n'.DS.I18n::getLocale().'-message.php';
if (file_exists($file)) {
$array = include $file;
I18n::add($array);
=======================================
--- /trunk/wolf/helpers/Upload.php Sun Mar 21 12:34:19 2010
+++ /trunk/wolf/helpers/Upload.php Fri Nov 26 10:37:02 2010
@@ -722,7 +722,7 @@
*/
function mimesTypes($mime) {
if (count($this->mimes) == 0) {
- if (@include(APP_PATH . 'config/mimes.php')) {
+ if (@include(APP_PATH . 'config' . DS . 'mimes.php')) {
$this->mimes = $mimes;
unset($mimes);
}
=======================================
--- /trunk/wolf/plugins/file_manager/FileManagerController.php Sun Oct 17
12:17:26 2010
+++ /trunk/wolf/plugins/file_manager/FileManagerController.php Fri Nov 26
10:37:02 2010
@@ -46,7 +46,7 @@
class FileManagerController extends PluginController {
var $path;
var $fullpath;
-
+
public static function _checkPermission() {
AuthUser::load();
if ( ! AuthUser::isLoggedIn()) {
@@ -57,27 +57,27 @@
redirect(get_url());
}
}
-
+
public function __construct() {
self::_checkPermission();
-
+
$this->setLayout('backend');
$this->assignToLayout('sidebar', new
View('../../plugins/file_manager/views/sidebar'));
}
-
+
public function index() {
$this->browse();
}
-
+
public function browse() {
$params = func_get_args();
-
+
$this->path = join('/', $params);
// make sure there's a / at the end
if (substr($this->path, -1, 1) != '/') $this->path .= '/';
-
+
//security
-
+
// we dont allow back link
if (strpos($this->path, '..') !== false)
{
@@ -95,24 +95,24 @@
}
}
$this->path = str_replace('..', '', $this->path);
-
+
// clean up nicely
$this->path = str_replace('//', '', $this->path);
-
+
// we dont allow leading slashes
$this->path = preg_replace('/^\//', '', $this->path);
-
+
$this->fullpath = FILES_DIR.'/'.$this->path;
-
+
// clean up nicely
$this->fullpath = preg_replace('/\/\//', '/', $this->fullpath);
-
+
$this->display('file_manager/views/index', array(
'dir' => $this->path,
'files' => $this->_getListFiles()
));
} // browse
-
+
public function view() {
$params = func_get_args();
$content = '';
@@ -150,20 +150,20 @@
{
$content = file_get_contents($file);
}
-
+
$this->display('file_manager/views/view', array(
'is_image' => $this->_isImage($file),
'filename' => $filename,
'content' => $content
));
}
-
+
public function save() {
$data = $_POST['file'];
-
+
// security (remove all ..)
$data['name'] = str_replace('..', '', $data['name']);
- $file = FILES_DIR.'/'.$data['name'];
+ $file = FILES_DIR.DS.$data['name'];
if (file_exists($file))
{
if (file_put_contents($file, $data['content']))
@@ -186,7 +186,7 @@
Flash::set('error', __('Directory is not writable! File
has not been saved!'));
}
}
-
+
// save and quit or save and continue editing ?
if (isset($_POST['commit']))
{
@@ -196,16 +196,16 @@
{
redirect(get_url('plugin/file_manager/view/'.$data['name']));
}
-
- }
-
+
+ }
+
public function create_file() {
$data = $_POST['file'];
-
+
$path = str_replace('..', '', $data['path']);
$filename = str_replace('..', '', $data['name']);
- $file = FILES_DIR."/{$path}/{$filename}";
-
+ $file = FILES_DIR.DS.$path.DS.$filename;
+
if (file_put_contents($file, '') !== false)
{
chmod($file, 0644);
@@ -216,14 +216,14 @@
}
redirect(get_url('plugin/file_manager/browse/'.$path));
}
-
+
public function create_directory() {
$data = $_POST['directory'];
-
+
$path = str_replace('..', '', $data['path']);
$dirname = str_replace('..', '', $data['name']);
$dir = FILES_DIR."/{$path}/{$dirname}";
-
+
if (mkdir($dir))
{
chmod($dir, 0755);
@@ -234,16 +234,16 @@
}
redirect(get_url('plugin/file_manager/browse/'.$path));
}
-
+
public function delete() {
$paths = func_get_args();
-
+
$file = urldecode(join('/', $paths));
-
+
$file = FILES_DIR.'/'.str_replace('..', '', $file);
$filename = array_pop($paths);
$paths = join('/', $paths);
-
+
if (is_file($file))
{
if ( ! unlink($file))
@@ -254,10 +254,10 @@
if ( ! rrmdir($file))
Flash::set('error', __('Permission denied!'));
}
-
+
redirect(get_url('plugin/file_manager/browse/'.$paths));
}
-
+
// @todo clean filenames
// $clean_file_name = preg_replace('/ /', '_',
$_FILES['upload_file']['name'] );
// $clean_file_name = preg_replace('/[^A-Za-z0-9_.]/', '',
$clean_file_name );
@@ -266,22 +266,22 @@
$data = $_POST['upload'];
$path = str_replace('..', '', $data['path']);
$overwrite = isset($data['overwrite']) ? true: false;
-
+
if (isset($_FILES))
{
$file = upload_file($_FILES['upload_file']['name'],
FILES_DIR.'/'.$path.'/', $_FILES['upload_file']['tmp_name'], $overwrite);
-
+
if ($file === false)
Flash::set('error', __('File has not been uploaded!'));
}
redirect(get_url('plugin/file_manager/browse/'.$path));
}
-
+
public function chmod() {
$data = $_POST['file'];
$data['name'] = str_replace('..', '', $data['name']);
$file = FILES_DIR.'/'.$data['name'];
-
+
if (file_exists($file))
{
if ( ! chmod($file, octdec($data['mode'])))
@@ -291,20 +291,20 @@
{
Flash::set('error', __('File or directory not found!'));
}
-
+
$path = substr($data['name'], 0, strrpos($data['name'], '/'));
redirect(get_url('plugin/file_manager/browse/'.$path));
}
-
+
public function rename() {
$data = $_POST['file'];
-
+
$data['current_name'] = str_replace('..', '',
$data['current_name']);
$data['new_name'] = str_replace('..', '', $data['new_name']);
-
+
$path = substr($data['current_name'], 0,
strrpos($data['current_name'], '/'));
$file = FILES_DIR.'/'.$data['current_name'];
-
+
if (file_exists($file))
{
if ( ! rename($file,
FILES_DIR.'/'.$path.'/'.$data['new_name']))
@@ -314,24 +314,24 @@
{
Flash::set('error', __('File or directory not found!'.$file));
}
-
+
redirect(get_url('plugin/file_manager/browse/'.$path));
}
-
+
//
// Privates
//
-
+
public function _getPath()
{
$path = join('/', get_params());
return str_replace('..', '', $path);
}
-
+
public function _getListFiles()
{
$files = array();
-
+
if (is_dir($this->fullpath) && $handle = opendir($this->fullpath))
{
$i = 0;
@@ -341,10 +341,10 @@
// do not display . and the root ..
if ($file == '.' || $file == '..')
continue;
-
+
$object = new stdClass;
$file_stat = stat($this->fullpath.$file);
-
+
// make the link depending on if it's a file or a dir
if (is_dir($this->fullpath.$file))
{
@@ -359,7 +359,7 @@
$object->is_file = true;
$object->link = '<a
href="'.get_url('plugin/file_manager/view/'.$this->path.$file).'">'.$file.'</a>';
}
-
+
$object->name = $file;
// humain size
$object->size = convert_size($file_stat['size']);
@@ -367,14 +367,14 @@
list($object->perms, $object->chmod) =
$this->_getPermissions($this->fullpath.$file);
// date modification
$object->mtime = date('D, j M, Y', $file_stat['mtime']);
-
+
$files[$object->name] = $object;
-
+
$i++;
} // while
closedir($handle);
}
-
+
uksort($files, 'strnatcmp');
return $files;
} // _getListFiles
@@ -439,7 +439,7 @@
return false;
else if ( ! preg_match('/^(.*).(jpe?g|gif|png)$/i', $file))
return false;
-
+
return true;
}

@@ -459,7 +459,7 @@
unlink($full_dest);
continue;
}
-
+
$file_ext = (strpos($origin, '.') ===
false ? '': '.'.substr(strrchr($origin, '.'), 1));
$file_name = substr($origin, 0, strlen($origin) -
strlen($file_ext)).'_'.$i.$file_ext;
$full_dest = $dest.$file_name;
@@ -471,7 +471,7 @@
chmod($full_dest, 0644);
return $file_name;
}
-
+
return false;
} // upload_file

@@ -484,7 +484,7 @@
// Append slash if necessary
if (substr($dirname,-1)!='/')
$dirname.='/';
-
+
$handle = opendir($dirname);
while (false !== ($file = readdir($handle)))
{
=======================================
--- /trunk/wolf/plugins/file_manager/index.php Mon Nov 22 09:39:41 2010
+++ /trunk/wolf/plugins/file_manager/index.php Fri Nov 26 10:37:02 2010
@@ -33,7 +33,7 @@
/**
* Root location where files get uploaded to as an absolute path.
*/
-define('FILES_DIR', CMS_ROOT.'/public');
+define('FILES_DIR', CMS_ROOT.DS.'public');

/**
* Root location where files get uploaded to as a URL.

Reply all
Reply to author
Forward
0 new messages