| [ Indice ] |
Riferimento incrociato di Joomla! 1.5.14 - VM 1.1.4Servizio fornito da VMItalia |
[Vedi sommario] [Stampa] [Vedi testo]
1 <?php 2 /** 3 * @version $Id: path.php 10381 2008-06-01 03:35:53Z pasamio $ 4 * @package Joomla.Framework 5 * @subpackage FileSystem 6 * @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved. 7 * @license GNU/GPL, see LICENSE.php 8 * Joomla! is free software. This version may have been modified pursuant 9 * to the GNU General Public License, and as distributed it includes or 10 * is derivative of works licensed under the GNU General Public License or 11 * other free or open source software licenses. 12 * See COPYRIGHT.php for copyright notices and details. 13 */ 14 15 /** boolean True if a Windows based host */ 16 define('JPATH_ISWIN', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN')); 17 /** boolean True if a Mac based host */ 18 define('JPATH_ISMAC', (strtoupper(substr(PHP_OS, 0, 3)) === 'MAC')); 19 20 if (!defined('DS')) { 21 /** string Shortcut for the DIRECTORY_SEPARATOR define */ 22 define('DS', DIRECTORY_SEPARATOR); 23 } 24 25 if (!defined('JPATH_ROOT')) { 26 /** string The root directory of the file system in native format */ 27 define('JPATH_ROOT', JPath::clean(JPATH_SITE)); 28 } 29 30 /** 31 * A Path handling class 32 * 33 * @static 34 * @package Joomla.Framework 35 * @subpackage FileSystem 36 * @since 1.5 37 */ 38 class JPath 39 { 40 /** 41 * Checks if a path's permissions can be changed 42 * 43 * @param string $path Path to check 44 * @return boolean True if path can have mode changed 45 * @since 1.5 46 */ 47 function canChmod($path) 48 { 49 $perms = fileperms($path); 50 if ($perms !== false) 51 { 52 if (@ chmod($path, $perms ^ 0001)) 53 { 54 @chmod($path, $perms); 55 return true; 56 } 57 } 58 return false; 59 } 60 61 /** 62 * Chmods files and directories recursivly to given permissions 63 * 64 * @param string $path Root path to begin changing mode [without trailing slash] 65 * @param string $filemode Octal representation of the value to change file mode to [null = no change] 66 * @param string $foldermode Octal representation of the value to change folder mode to [null = no change] 67 * @return boolean True if successful [one fail means the whole operation failed] 68 * @since 1.5 69 */ 70 function setPermissions($path, $filemode = '0644', $foldermode = '0755') { 71 72 // Initialize return value 73 $ret = true; 74 75 if (is_dir($path)) 76 { 77 $dh = opendir($path); 78 while ($file = readdir($dh)) 79 { 80 if ($file != '.' && $file != '..') { 81 $fullpath = $path.'/'.$file; 82 if (is_dir($fullpath)) { 83 if (!JPath::setPermissions($fullpath, $filemode, $foldermode)) { 84 $ret = false; 85 } 86 } else { 87 if (isset ($filemode)) { 88 if (!@ chmod($fullpath, octdec($filemode))) { 89 $ret = false; 90 } 91 } 92 } // if 93 } // if 94 } // while 95 closedir($dh); 96 if (isset ($foldermode)) { 97 if (!@ chmod($path, octdec($foldermode))) { 98 $ret = false; 99 } 100 } 101 } 102 else 103 { 104 if (isset ($filemode)) { 105 $ret = @ chmod($path, octdec($filemode)); 106 } 107 } // if 108 return $ret; 109 } 110 111 /** 112 * Get the permissions of the file/folder at a give path 113 * 114 * @param string $path The path of a file/folder 115 * @return string Filesystem permissions 116 * @since 1.5 117 */ 118 function getPermissions($path) 119 { 120 $path = JPath::clean($path); 121 $mode = @ decoct(@ fileperms($path) & 0777); 122 123 if (strlen($mode) < 3) { 124 return '---------'; 125 } 126 $parsed_mode = ''; 127 for ($i = 0; $i < 3; $i ++) 128 { 129 // read 130 $parsed_mode .= ($mode { $i } & 04) ? "r" : "-"; 131 // write 132 $parsed_mode .= ($mode { $i } & 02) ? "w" : "-"; 133 // execute 134 $parsed_mode .= ($mode { $i } & 01) ? "x" : "-"; 135 } 136 return $parsed_mode; 137 } 138 139 /** 140 * Checks for snooping outside of the file system root 141 * 142 * @param string $path A file system path to check 143 * @return string A cleaned version of the path 144 * @since 1.5 145 */ 146 function check($path) 147 { 148 if (strpos($path, '..') !== false) { 149 JError::raiseError( 20, 'JPath::check Use of relative paths not permitted'); // don't translate 150 jexit(); 151 } 152 $path = JPath::clean($path); 153 if (strpos($path, JPath::clean(JPATH_ROOT)) !== 0) { 154 JError::raiseError( 20, 'JPath::check Snooping out of bounds @ '.$path); // don't translate 155 jexit(); 156 } 157 } 158 159 /** 160 * Function to strip additional / or \ in a path name 161 * 162 * @static 163 * @param string $path The path to clean 164 * @param string $ds Directory separator (optional) 165 * @return string The cleaned path 166 * @since 1.5 167 */ 168 function clean($path, $ds=DS) 169 { 170 $path = trim($path); 171 172 if (empty($path)) { 173 $path = JPATH_ROOT; 174 } else { 175 // Remove double slashes and backslahses and convert all slashes and backslashes to DS 176 $path = preg_replace('#[/\\\\]+#', $ds, $path); 177 } 178 179 return $path; 180 } 181 182 /** 183 * Method to determine if script owns the path 184 * 185 * @static 186 * @param string $path Path to check ownership 187 * @return boolean True if the php script owns the path passed 188 * @since 1.5 189 */ 190 function isOwner($path) 191 { 192 jimport('joomla.filesystem.file'); 193 jimport('joomla.user.helper'); 194 195 $tmp = md5(JUserHelper::genRandomPassword(16)); 196 $ssp = ini_get('session.save_path'); 197 $jtp = JPATH_SITE.DS.'tmp'; 198 199 // Try to find a writable directory 200 $dir = is_writable('/tmp') ? '/tmp' : false; 201 $dir = (!$dir && is_writable($ssp)) ? $ssp : false; 202 $dir = (!$dir && is_writable($jtp)) ? $jtp : false; 203 204 if ($dir) 205 { 206 $test = $dir.DS.$tmp; 207 208 // Create the test file 209 JFile::write($test, ''); 210 211 // Test ownership 212 $return = (fileowner($test) == fileowner($path)); 213 214 // Delete the test file 215 JFile::delete($test); 216 217 return $return; 218 } 219 220 return false; 221 } 222 223 /** 224 * Searches the directory paths for a given file. 225 * 226 * @access protected 227 * @param array|string $path An path or array of path to search in 228 * @param string $file The file name to look for. 229 * @return mixed The full path and file name for the target file, or boolean false if the file is not found in any of the paths. 230 * @since 1.5 231 */ 232 function find($paths, $file) 233 { 234 settype($paths, 'array'); //force to array 235 236 // start looping through the path set 237 foreach ($paths as $path) 238 { 239 // get the path to the file 240 $fullname = $path.DS.$file; 241 242 // is the path based on a stream? 243 if (strpos($path, '://') === false) 244 { 245 // not a stream, so do a realpath() to avoid directory 246 // traversal attempts on the local file system. 247 $path = realpath($path); // needed for substr() later 248 $fullname = realpath($fullname); 249 } 250 251 // the substr() check added to make sure that the realpath() 252 // results in a directory registered so that 253 // non-registered directores are not accessible via directory 254 // traversal attempts. 255 if (file_exists($fullname) && substr($fullname, 0, strlen($path)) == $path) { 256 return $fullname; 257 } 258 } 259 260 // could not find the file in the set of paths 261 return false; 262 } 263 }
titolo
Descrizione
Corpo
titolo
Descrizione
Corpo
titolo
Descrizione
Corpo
titolo
Corpo
| Generato il: Mon Oct 19 20:29:27 2009 | Generato con PHPXref 0.7 |