These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
0 ignored issues
–
show
|
|||
2 | /** |
||
3 | * @package Arastta eCommerce |
||
4 | * @copyright 2015-2017 Arastta Association. All rights reserved. |
||
5 | * @copyright See CREDITS.txt for credits and other copyright notices. |
||
6 | * @license GNU GPL version 3; see LICENSE.txt |
||
7 | * @link https://arastta.org |
||
8 | */ |
||
9 | |||
10 | defined('AREXE') or die; |
||
11 | |||
12 | /** |
||
13 | * Default elFinder connector |
||
14 | * |
||
15 | * @author Dmitry (dio) Levashov |
||
16 | **/ |
||
17 | class elFinderConnector { |
||
18 | /** |
||
19 | * elFinder instance |
||
20 | * |
||
21 | * @var elFinder |
||
22 | **/ |
||
23 | protected $elFinder; |
||
24 | |||
25 | /** |
||
26 | * Options |
||
27 | * |
||
28 | * @var aray |
||
29 | **/ |
||
30 | protected $options = array(); |
||
31 | |||
32 | /** |
||
33 | * undocumented class variable |
||
34 | * |
||
35 | * @var string |
||
36 | **/ |
||
37 | protected $header = 'Content-Type: application/json'; |
||
38 | |||
39 | |||
40 | /** |
||
41 | * Constructor |
||
42 | * |
||
43 | * @return void |
||
44 | * @author Dmitry (dio) Levashov |
||
45 | **/ |
||
46 | public function __construct($elFinder, $debug=false) { |
||
47 | |||
48 | $this->elFinder = $elFinder; |
||
49 | if ($debug) { |
||
50 | $this->header = 'Content-Type: text/html; charset=utf-8'; |
||
51 | } |
||
52 | } |
||
53 | |||
54 | /** |
||
55 | * Execute elFinder command and output result |
||
56 | * |
||
57 | * @return void |
||
58 | * @author Dmitry (dio) Levashov |
||
59 | **/ |
||
60 | public function run() { |
||
61 | $isPost = $_SERVER["REQUEST_METHOD"] == 'POST'; |
||
62 | $src = $_SERVER["REQUEST_METHOD"] == 'POST' ? $_POST : $_GET; |
||
63 | $cmd = isset($src['cmd']) ? $src['cmd'] : ''; |
||
64 | $args = array(); |
||
65 | |||
66 | if (!function_exists('json_encode')) { |
||
67 | $error = $this->elFinder->error(elFinder::ERROR_CONF, elFinder::ERROR_CONF_NO_JSON); |
||
68 | $this->output(array('error' => '{"error":["'.implode('","', $error).'"]}', 'raw' => true)); |
||
69 | } |
||
70 | |||
71 | if (!$this->elFinder->loaded()) { |
||
72 | $this->output(array('error' => $this->elFinder->error(elFinder::ERROR_CONF, elFinder::ERROR_CONF_NO_VOL), 'debug' => $this->elFinder->mountErrors)); |
||
73 | } |
||
74 | |||
75 | // telepat_mode: on |
||
76 | if (!$cmd && $isPost) { |
||
77 | $this->output(array('error' => $this->elFinder->error(elFinder::ERROR_UPLOAD, elFinder::ERROR_UPLOAD_TOTAL_SIZE), 'header' => 'Content-Type: text/html')); |
||
78 | } |
||
79 | // telepat_mode: off |
||
80 | |||
81 | if (!$this->elFinder->commandExists($cmd)) { |
||
82 | $this->output(array('error' => $this->elFinder->error(elFinder::ERROR_UNKNOWN_CMD))); |
||
83 | } |
||
84 | |||
85 | // collect required arguments to exec command |
||
86 | foreach ($this->elFinder->commandArgsList($cmd) as $name => $req) { |
||
87 | $arg = $name == 'FILES' |
||
88 | ? $_FILES |
||
89 | : (isset($src[$name]) ? $src[$name] : ''); |
||
90 | |||
91 | if (!is_array($arg)) { |
||
92 | $arg = trim($arg); |
||
93 | } |
||
94 | if ($req && (!isset($arg) || $arg === '')) { |
||
95 | $this->output(array('error' => $this->elFinder->error(elFinder::ERROR_INV_PARAMS, $cmd))); |
||
96 | } |
||
97 | $args[$name] = $arg; |
||
98 | } |
||
99 | |||
100 | $args['debug'] = isset($src['debug']) ? !!$src['debug'] : false; |
||
101 | |||
102 | $this->output($this->elFinder->exec($cmd, $this->input_filter($args))); |
||
103 | } |
||
104 | |||
105 | /** |
||
106 | * Output json |
||
107 | * |
||
108 | * @param array data to output |
||
109 | * @return void |
||
110 | * @author Dmitry (dio) Levashov |
||
111 | **/ |
||
112 | protected function output(array $data) { |
||
113 | $header = isset($data['header']) ? $data['header'] : $this->header; |
||
114 | unset($data['header']); |
||
115 | if ($header) { |
||
116 | if (is_array($header)) { |
||
117 | foreach ($header as $h) { |
||
118 | header($h); |
||
119 | } |
||
120 | } else { |
||
121 | header($header); |
||
122 | } |
||
123 | } |
||
124 | |||
125 | if (isset($data['pointer'])) { |
||
126 | rewind($data['pointer']); |
||
127 | fpassthru($data['pointer']); |
||
128 | if (!empty($data['volume'])) { |
||
129 | $data['volume']->close($data['pointer'], $data['info']['hash']); |
||
130 | } |
||
131 | exit(); |
||
132 | } else { |
||
133 | if (!empty($data['raw']) && !empty($data['error'])) { |
||
134 | exit($data['error']); |
||
135 | } else { |
||
136 | exit(json_encode($data)); |
||
137 | } |
||
138 | } |
||
139 | |||
140 | } |
||
141 | |||
142 | /** |
||
143 | * Remove null & stripslashes applies on "magic_quotes_gpc" |
||
144 | * |
||
145 | * @param mixed $args |
||
146 | * @return mixed |
||
147 | * @author Naoki Sawada |
||
148 | */ |
||
149 | private function input_filter($args) { |
||
150 | static $magic_quotes_gpc = NULL; |
||
151 | |||
152 | if ($magic_quotes_gpc === NULL) |
||
153 | $magic_quotes_gpc = (version_compare(PHP_VERSION, '5.4', '<') && get_magic_quotes_gpc()); |
||
154 | |||
155 | if (is_array($args)) { |
||
156 | return array_map(array(& $this, 'input_filter'), $args); |
||
157 | } |
||
158 | $res = str_replace("\0", '', $args); |
||
159 | $magic_quotes_gpc && ($res = stripslashes($res)); |
||
160 | return $res; |
||
161 | } |
||
162 | }// END class |
||
163 |
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.