1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
#!/usr/bin/env perl
#####
# FCKeditor - The text editor for Internet - http://www.fckeditor.net
# Copyright (C) 2003-2010 Frederico Caldeira Knabben
#
# == BEGIN LICENSE ==
#
# Licensed under the terms of any of the following licenses at your
# choice:
#
# - GNU General Public License Version 2 or later (the "GPL")
# http://www.gnu.org/licenses/gpl.html
#
# - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
# http://www.gnu.org/licenses/lgpl.html
#
# - Mozilla Public License Version 1.1 or later (the "MPL")
# http://www.mozilla.org/MPL/MPL-1.1.html
#
# == END LICENSE ==
#
# This is the File Manager Connector for Perl.
#####
##
# ATTENTION: To enable this connector, look for the "SECURITY" comment in config.pl.
##
## START: Hack for Windows (Not important to understand the editor code... Perl specific).
if(Windows_check()) {
chdir(GetScriptPath($0));
}
sub Windows_check
{
# IIS,PWS(NT/95)
$www_server_os = $^O;
# Win98 & NT(SP4)
if($www_server_os eq "") { $www_server_os= $ENV{'OS'}; }
# AnHTTPd/Omni/IIS
if($ENV{'SERVER_SOFTWARE'} =~ /AnWeb|Omni|IIS\//i) { $www_server_os= 'win'; }
# Win Apache
if($ENV{'WINDIR'} ne "") { $www_server_os= 'win'; }
if($www_server_os=~ /win/i) { return(1); }
return(0);
}
sub GetScriptPath {
local($path) = @_;
if($path =~ /[\:\/\\]/) { $path =~ s/(.*?)[\/\\][^\/\\]+$/$1/; } else { $path = '.'; }
$path;
}
## END: Hack for IIS
require 'util.pl';
require 'io.pl';
require 'basexml.pl';
require 'commands.pl';
require 'upload_fck.pl';
require 'config.pl';
&read_input();
&DoResponse();
sub DoResponse
{
if($FORM{'Command'} eq "" || $FORM{'Type'} eq "" || $FORM{'CurrentFolder'} eq "") {
return ;
}
# Get the main request informaiton.
$sCommand = &specialchar_cnv($FORM{'Command'});
$sResourceType = &specialchar_cnv($FORM{'Type'});
$sCurrentFolder = $FORM{'CurrentFolder'};
if ( !($sCommand =~ /^(FileUpload|GetFolders|GetFoldersAndFiles|CreateFolder)$/) ) {
SendError( 1, "Command not allowed" ) ;
}
if ( !($sResourceType =~ /^(File|Image|Flash|Media)$/) ) {
SendError( 1, "Invalid type specified" ) ;
}
# Check the current folder syntax (must begin and start with a slash).
if(!($sCurrentFolder =~ /\/$/)) {
$sCurrentFolder .= '/';
}
if(!($sCurrentFolder =~ /^\//)) {
$sCurrentFolder = '/' . $sCurrentFolder;
}
# Check for invalid folder paths (..)
if ( $sCurrentFolder =~ /(?:\.\.|\\)/ ) {
SendError( 102, "" ) ;
}
if ( $sCurrentFolder =~ /(\/\.)|[[:cntrl:]]|(\/\/)|(\\\\)|([\:\*\?\"\<\>\|])/ ) {
SendError( 102, "" ) ;
}
# File Upload doesn't have to Return XML, so it must be intercepted before anything.
if($sCommand eq 'FileUpload') {
FileUpload($sResourceType,$sCurrentFolder);
return ;
}
print << "_HTML_HEAD_";
Content-Type:text/xml; charset=utf-8
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
_HTML_HEAD_
&CreateXmlHeader($sCommand,$sResourceType,$sCurrentFolder);
# Execute the required command.
if($sCommand eq 'GetFolders') {
&GetFolders($sResourceType,$sCurrentFolder);
} elsif($sCommand eq 'GetFoldersAndFiles') {
&GetFoldersAndFiles($sResourceType,$sCurrentFolder);
} elsif($sCommand eq 'CreateFolder') {
&CreateFolder($sResourceType,$sCurrentFolder);
}
&CreateXmlFooter();
exit ;
}
|
