DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2389 Commits
3 Branches
110MB
Tree: 8daf95ac30
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8daf95ac30'
${ noResults }
DedeV6/src/admin/file_manage_control.php

171 lines
5.9KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 文件管理器操作

  4.  *

  5.  * @version        $id:file_manage_control.php 8:48 2010年7月13日 tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        GNU GPL v2 (https://www.dedebiz.com/license)

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require(dirname(__FILE__)."/config.php");

  12. CheckPurview('plus_文件管理器');

  13. require(DEDEINC."/libraries/oxwindow.class.php");

  14. require_once(DEDEADMIN.'/file_class.php');

  15. $activepath = str_replace("..", "", $activepath);

  16. $activepath = preg_replace("#^\/{1,}#", "/", $activepath);

  17. if ($activepath == "/") $activepath = '';

  18. if ($activepath == "") $inpath = $cfg_basedir;

  19. else $inpath = $cfg_basedir.$activepath;

  20. $files = json_decode(file_get_contents(DEDEDATA.'/admin/files.txt'));

  21. $currentFolder = basename(__DIR__);

  22. $realFiles = array();

  23. foreach ($files as $ff) {

  24.     $rfi = preg_replace("#^admin/#",$currentFolder.'/',$ff->filename);

  25.     $realFiles[] = $rfi;

  26. }

  27. function realdir($path) {

  28.     return dirname(realpath($path));

  29. }

  30. 

  31. //文件管理器交互与逻辑控制文件

  32. $fmm = new FileManagement();

  33. $fmm->Init();

  34. if ($fmdo == "rename") {

  35.     $f = str_replace("..", "", $oldfilename);

  36.     $f = $cfg_basedir.$activepath."/$oldfilename";

  37.     if (!file_exists(dirname(__FILE__).'/../license.txt')) {

  38.         ShowMsg("许可协议不存在,无法重名文件", "javascript:;");

  39.         exit();

  40.     }

  41.     $f = str_replace(realdir(dirname(__FILE__).'/../license.txt').'/', "", $f);

  42.     if (in_array($f,$realFiles)) {

  43.         ShowMsg("系统文件禁止重名", "javascript:;");

  44.         exit();

  45.     }

  46.     $oldfilename = str_replace("..","",$oldfilename);

  47.     $newfilename = str_replace("..","",$newfilename);

  48.     $fmm->RenameFile($oldfilename, $newfilename);

  49. }

  50. //新建目录

  51. else if ($fmdo == "newdir") {

  52.     CheckCSRF();

  53.     $fmm->NewDir($newpath);

  54. }

  55. //移动文件

  56. else if ($fmdo == "move") {

  57.     $f = str_replace("..", "", $filename);

  58.     $f = $cfg_basedir.$activepath."/$filename";

  59.     if (!file_exists(dirname(__FILE__).'/../license.txt')) {

  60.         ShowMsg("许可协议不存在,无法移动文件", "javascript:;");

  61.         exit();

  62.     }

  63.     $f = str_replace(realdir(dirname(__FILE__).'/../license.txt').'/', "", $f);

  64.     if (in_array($f,$realFiles)) {

  65.         ShowMsg("系统文件禁止移动", "javascript:;");

  66.         exit();

  67.     }

  68.     $fmm->MoveFile($filename, $newpath);

  69. }

  70. //删除文件

  71. else if ($fmdo == "del") {

  72.     $f = str_replace("..", "", $filename);

  73.     $f = $cfg_basedir.$activepath."/$filename";

  74.     if (!file_exists(dirname(__FILE__).'/../license.txt')) {

  75.         ShowMsg("许可协议不存在,无法删除", "javascript:;");

  76.         exit();

  77.     }

  78.     $f = str_replace(realdir(dirname(__FILE__).'/../license.txt').'/', "", $f);

  79.     if (in_array($f,$realFiles)) {

  80.         ShowMsg("系统文件禁止删除", "javascript:;");

  81.         exit();

  82.     }

  83.     $fmm->DeleteFile($filename);

  84. }

  85. //文件修改

  86. else if ($fmdo == "edit") {

  87.     CheckCSRF();

  88.     $filename = str_replace("..", "", $filename);

  89.     if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)$#i', trim($filename))) {

  90.         ShowMsg("文件扩展名已被系统禁止", "javascript:;");

  91.         exit();

  92.     }

  93.     $file = "$cfg_basedir$activepath/$filename";

  94.     $str = stripslashes($str);

  95.     $fp = fopen($file, "w");

  96.     fputs($fp, $str);

  97.     fclose($fp);

  98.     if (empty($backurl)) {

  99.         ShowMsg("成功保存一个文件", "file_manage_main.php?activepath=$activepath");

  100.     } else {

  101.         ShowMsg("成功保存一个文件", $backurl);

  102.     }

  103.     exit();

  104. }

  105. //文件上传

  106. else if ($fmdo == "upload") {

  107.     $j = 0;

  108.     for ($i = 1; $i <= 50; $i++) {

  109.         $upfile = "upfile".$i;

  110.         $upfile_name = "upfile".$i."_name";

  111.         if (!isset(${$upfile}) || !isset(${$upfile_name})) {

  112.             continue;

  113.         }

  114.         $upfile = ${$upfile};

  115.         $upfile_name = ${$upfile_name};

  116.         if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)$#i', trim($upfile_name))) {

  117.             ShowMsg("文件扩展名已被系统禁止", "javascript:;");

  118.             exit();

  119.         }

  120.         if (is_uploaded_file($upfile)) {

  121.             //检查文件类型

  122.             $mime = get_mime_type($upfile);

  123.             if (preg_match("#^unknow#", $mime)) {

  124.                 ShowMsg("系统不支持fileinfo组件,建议php.ini中开启", -1);

  125.                 exit;

  126.             }

  127.             if (!preg_match("#^(image|video|audio|application)#i", $mime)) {

  128.                 ShowMsg("仅支持媒体文件及应用程序上传", -1);

  129.                 exit;

  130.             }

  131.             if (!file_exists($cfg_basedir.$activepath."/".$upfile_name)) {

  132.                 move_uploaded_file($upfile, $cfg_basedir.$activepath."/".$upfile_name);

  133.             }

  134.             @unlink($upfile);

  135.             $j++;

  136.         }

  137.     }

  138.     ShowMsg("成功上传".$j."个文件到".$activepath."", "file_manage_main.php?activepath=$activepath");

  139.     exit();

  140. }

  141. //空间检查

  142. else if ($fmdo == "space") {

  143.     if ($activepath == "") {

  144.         $ecpath = "所有目录";

  145.     } else {

  146.         $ecpath = $activepath;

  147.     }

  148.     $wintitle = "指定空间检查大小";

  149.     $wecome_info = "文件管理器 - <a href='file_manage_main.php?activepath=$activepath'>$ecpath</a>空间检查大小";

  150.     $activepath = $cfg_basedir.$activepath;

  151.     $space = new SpaceUse;

  152.     $space->checksize($activepath);

  153.     $total = $space->totalsize;

  154.     $totalkb = $space->setkb($total);

  155.     $totalmb = $space->setmb($total);

  156.     $win = new OxWindow();

  157.     $win->Init("", "/static/web/js/admin.blank.js", "POST");

  158.     $win->AddMsgItem("<tr>

  159.         <td>

  160.             <span>$totalkb</span>KB<br>

  161.             <span>$totalmb</span>M<br>

  162.             <span>$total</span>字节

  163.         </td>

  164.     </tr>

  165.     <tr>

  166.         <td align='center'><button type='button' class='btn btn-success btn-sm' onclick=\"location='file_manage_main.php';\">文件管理器</button></td>

  167.     </tr>");

  168.     $winform = $win->GetWindow("");

  169.     $win->Display();

  170. }

  171. ?>