Index: branches/2.8.x/wb/admin/interface/version.php =================================================================== --- branches/2.8.x/wb/admin/interface/version.php (revision 2044) +++ branches/2.8.x/wb/admin/interface/version.php (revision 2045) @@ -51,5 +51,5 @@ // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled) if(!defined('VERSION')) define('VERSION', '2.8.4'); -if(!defined('REVISION')) define('REVISION', '2044'); +if(!defined('REVISION')) define('REVISION', '2045'); if(!defined('SP')) define('SP', ''); Index: branches/2.8.x/wb/framework/AccessFileHelper.php =================================================================== --- branches/2.8.x/wb/framework/AccessFileHelper.php (revision 2044) +++ branches/2.8.x/wb/framework/AccessFileHelper.php (revision 2045) @@ -22,8 +22,9 @@ * * @category Core * @package Core_Routing - * @copyright M.v.d.Decken - * @author M.v.d.Decken + * @subpackage Accessfiles + * @copyright Manuela v.d.Decken + * @author Manuela v.d.Decken * @license http://www.gnu.org/licenses/gpl.html GPL License * @version 0.0.1 * @revision $Revision: $ @@ -32,7 +33,7 @@ * @since File available since 01.08.2013 * @description this class provides some helper methodes to handle access files */ - +if (class_exists('AccesFile')) {;} class AccessFileHelper { /** @@ -70,16 +71,17 @@ */ static public function isAccessFile($sFileName) { + if (!is_readable($sFileName)) { throw new AccessFileInvalidFilePathException('invalid filename ['.$sFileName.']'); $bRetval = false; - if (($sFile = file_get_contents($sFileName)) !== false) - { + if (($sFile = file_get_contents($sFileName)) !== false) { $sPattern = '/^\s*?<\?php.*?\$i?page_?id\s*=\s*[0-9]+;.*?(?:require|include)' - . '(?:_once)?\s*\(\s*\'.*?index\.php\'\s?\);/siU'; + . '(?:_once)?\s*\(\s*\'.*?index\.php\'\s?\);/siU'; $bRetval = (bool) preg_match($sPattern, $sFile); unset($sFile); } return $bRetval; - } + } + } /** * Delete all contents of basedir, but not the basedir itself * @param string $sRootDir the content of which should be deleted @@ -92,43 +94,34 @@ $oReg = WbAdaptor::getInstance(); self::$aDelTreeLog = array(); $bResult = true; - if (!is_writeable($sRootDir)) - { + if (!is_writeable($sRootDir)) { self::$aDelTreeLog[] = 'insufficient rights or directory not empty in : '.str_replace($oReg->AppPath, '', $sRootDir); return false; } $oIterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($sRootDir), RecursiveIteratorIterator::CHILD_FIRST); - foreach ($oIterator as $oPath) - { + foreach ($oIterator as $oPath) { $sPath = rtrim(str_replace('\\', '/', $oPath->__toString()), '/'); - if ($oPath->isDir() && !preg_match('/\.$/s', $sPath)) - { + if ($oPath->isDir() && !preg_match('/\.$/s', $sPath)) { // proceed directories - if (!rmdir($sPath)) - { + if (!rmdir($sPath)) { $bResult = false; self::$aDelTreeLog[] = 'insufficient rights or directory not empty in : '.str_replace($oReg->AppPath, '', $sPath); - }else { + } else { self::$aDelTreeLog[] = 'Directory successful removed : '.str_replace($oReg->AppPath, '', $sPath); } - } elseif ($oPath->isFile()) - { + } elseif ($oPath->isFile()) { // proceed files - if (!unlink($sPath)) - { + if (!unlink($sPath)) { $bResult = false; self::$aDelTreeLog[] = 'insufficient rights or directory not empty in : '.str_replace($oReg->AppPath, '', $sPath); - }else { + } else { self::$aDelTreeLog[] = 'File successful deleted : '.str_replace($oReg->AppPath, '', $sPath); } } } - if (($iMode & self::DEL_ROOT_DELETE)) - { - if ($bResult) - { // if there was no error before - if (rmdir($sRootDir)) - { + if (($iMode & self::DEL_ROOT_DELETE)) { + if ($bResult) { // if there was no error before + if (rmdir($sRootDir)) { self::$aDelTreeLog[] = 'Directory successful removed : '.str_replace($oReg->AppPath, '', $sRootDir); return $bResult; } @@ -142,7 +135,7 @@ * @param bool $bClearLog TRUE clears the log after request, FALSE preserve the log * @return array */ - static function getDelTreeLog($bClearLog = self::LOG_CLEAR) + static public function getDelTreeLog($bClearLog = self::LOG_CLEAR) { $aRetval = self::$aDelTreeLog; if($bClearLog) { self::$aDelTreeLog = array(); } @@ -149,4 +142,65 @@ return $aRetval; } +/* *** following methods still are in developing right now! Do not use it! ************ */ + +/** + * isPathInsideApplication + * @param string $sRootPath full base path
+ * example1-a: '/www/htdocs/subdir/' + * example2-a: 'c://www/htdocs/subdir/' + * example3-a: 'http://user:pass@isteam.de:123/www/htdocs/subdir/' + * @param string $sFullPath full path to test
+ * example1-b: '/www/htdocs/subdir/targetdir/../testfile.php' + * example2-b: 'c://www/htdocs/subdir/targetdir/../testfile.php' + * example3-b: 'http://user:pass@isteam.de:123/www/htdocs/subdir/targetdir/../testfile.php' + * @return type + */ + static public function isRootPartOfPath($sRootPath, $sFullPath) + { + $sRootPath = self::getRealPath($sRootPath); + $sFullPath = self::getRealPath($sFullPath); + $sRetval = (preg_match('/^'.preg_quote($sRootPath, '/').'/', $sFullPath) ? $sFullPath : null ); + return $sRetval;; + } + + static public function getRealPath($sPath) + { + $iCount = 0; + $aResultPath = array(); + $sPath = str_replace(array('\\', '/./'), array('/', '/'), $sPath); + if(preg_match('/^\/?\.\//', $sPath)) { + $sPath = str_replace('\\', '/', getcwd()).'/'.preg_replace('/^\/?\.\//', '', $sPath); + } + + $sPattern = '/((?:^[a-z]?\:\/+)|(?:^.*?\:\/\/.*?\/)|(?:^\/+))[^\/].*$/is'; + // extract host/root - part from path save and then remove it from path + $sPrefix = preg_replace($sPattern, '\1', $sPath); + $sPath = preg_replace('/^'.preg_quote($sPrefix, '/').'/', '', $sPath); + // replace any tripple or more dots by doubble dots and split the path at '/' into an array. + // save number of replaced .. in $iCount and add somme buffer elements + $aTestPath = array_merge(($iCount ? array_fill(0, $iCount * 2, '###') : array()), + explode('/', preg_replace(array('/\.{2,}/s', '/./'), array('..', '/'), $sPath, -1, $iCount)) + ); + foreach ($aTestPath as $sPart) { + switch ($sPart) { + case '.': // skip part + continue; + break; + case '..': // step back + array_pop($aResultPath); + break; + default: // take part + $aResultPath[] = $sPart; + break; + } + } + while($aResultPath[0] == '###') { + array_shift($aResultPath); + } + $sResultPath = $sPrefix.implode('/', $aResultPath); + return $sResultPath; + } + + } // end of class AccessFileHelper Index: branches/2.8.x/wb/framework/AccessFile.php =================================================================== --- branches/2.8.x/wb/framework/AccessFile.php (revision 2044) +++ branches/2.8.x/wb/framework/AccessFile.php (revision 2045) @@ -22,23 +22,27 @@ * * @category Core * @package Core_Routing - * @copyright M.v.d.Decken - * @author M.v.d.Decken + * @subpackage Accessfiles + * @copyright Manuela v.d.Decken + * @author Manuela v.d.Decken * @license http://www.gnu.org/licenses/gpl.html GPL License * @version 0.0.1 * @revision $Revision: $ * @lastmodified $Date: $ * @since File available since 17.01.2013 - * @description Create a single standard accessfile with additional var-entries + * @description Single standard accessfile with additional var-entries */ class AccessFile { /** int first private property */ - protected $_oReg = null; - protected $_sFileName = ''; - protected $_aVars = array(); - protected $_aConsts = array(); - protected $_iErrorNo = 0; + protected $oReg = null; + protected $sAccessFilesRoot = ''; // basedir of the current AccessFile structure + protected $sFileName = ''; // filename and path from AccessFilesRoot (without extension) + protected $sFullFileName = ''; // full path and filename (without extension) + protected $sFileExtension = '.php'; // extension for all accessfiles (default: '.php') + protected $aVars = array(); // variables in accessfile + protected $aConsts = array(); // constants in accessfile + protected $iErrorNo = 0; const VAR_STRING = 'string'; const VAR_BOOL = 'bool'; @@ -51,17 +55,35 @@ /** * Constructor - * @param string full path and filename to the new access file - * @param integer Id of the page or 0 for dummy files + * @param string $sAccessFilesRoot full path to the base directory of accessfiles-tree + * @param string $sFileName subdirectory and filename of the new access file from AccessFilesRoot
+ * (indirect addressing (./ | ../) is not allowed here!!) + * @param integer $iPageId (default: 0) Id of the page or 0 for dummy files + * @throws AccessFileInvalidFilePathException */ - public function __construct($sFileName, $iPageId = 0) + public function __construct($sAccessFilesRoot, $sFileName, $iPageId = 0) { - $this->_oReg = WbAdaptor::getInstance(); - $this->_sFileName = str_replace('\\', '/', $sFileName); - if (!preg_match('/^' . preg_quote($this->_oReg->AppPath, '/') . '/siU', $this->_sFileName)) { - throw new AccessFileInvalidFilePathException('tried to place file out of application path'); + $this->oReg = WbAdaptor::getInstance(); + $this->sFileExtension = $this->oReg->PageExtension; + // sanitize AccessFilesRoot + if (($sX = realpath($sAccessFilesRoot)) == false) { + throw new AccessFileInvalidFilePathException('invalid path for AccessFilesRoot given [ '.$sAccessFilesRoot.' ]'); } - $this->_aVars['iPageId'] = intval($iPageId); + $sAccessFilesRoot = rtrim(str_replace('\\', '/', $sX), '/').'/'; + // check location of AccessFilesRoot + if (!preg_match('/^' . preg_quote($this->oReg->AppPath, '/') . '/siU', $sAccessFilesRoot)) { + throw new AccessFileInvalidFilePathException('tried to place AccessFilesRoot out of application path [ '.$sAccessFilesRoot.' ]'); + } + $this->sAccessFilesRoot = $sAccessFilesRoot; + // sanitize Filename + $sFileName = preg_replace('/'.preg_quote($this->sFileExtension, '/').'$/', '', $sFileName); + $this->sFileName = ltrim(rtrim(trim(str_replace('\\', '/', $sFileName)), '/'), './'); + if (preg_match('/\.\.+\//', $this->sFileName)) { + throw new AccessFileInvalidFilePathException('relative path (./ or ../) is not allowed in Filename!! [ '.$this->sFileName.' ]'); + } + $this->sFullFileName = $this->sAccessFilesRoot . $this->sFileName; + $this->aVars['iPageId'] = intval($iPageId); + } /** * Set Id of current page @@ -80,8 +102,8 @@ */ public function addVar($sName, $mValue, $sType = self::VAR_STRING) { - $mValue = $this->_sanitizeValue($mValue, $sType); - $this->_aVars[$sName] = $mValue; + $mValue = $this->sanitizeValue($mValue, $sType); + $this->aVars[$sName] = $mValue; } /** @@ -89,14 +111,15 @@ * @param string name of the constant (upper case chars only) * @param mixed Value of the variable (Only scalar data (boolean, integer, float and string) are allowed) * @param string Type of the variable (use class constants to define) + * @throws AccessFileConstForbiddenException * @deprecated constants are not allowed from WB-version 2.9 and up */ public function addConst($sName, $mValue, $sType = self::VAR_STRING) { - if (version_compare($this->_oReg->AppVersion, '2.9', '<')) + if (version_compare($this->oReg->AppVersion, '2.9', '<')) { - $mValue = $this->_sanitizeValue($mValue, $sType); - $this->_aConsts[strtoupper($sName)] = $mValue; + $mValue = $this->sanitizeValue($mValue, $sType); + $this->aConsts[strtoupper($sName)] = $mValue; } else { throw new AccessFileConstForbiddenException('define constants is not allowed from WB-version 2.9 and up'); } @@ -104,74 +127,93 @@ /** * Write the accessfile - * @throws AccessFileException + * @throws AccessFileWriteableException */ public function write() { - // remove AppPath from File for use in error messages - $sTmp = str_replace($this->_oReg->AppPath, '', $this->_sFileName); - if (file_exists($this->_sFileName)) { - throw new AccessFileAlreadyExistsException('Accessfile already exists: * ' . $sTmp . ' *'); + // full path and filename + $sFileName = $this->sFullFileName.$this->sFileExtension; + // remove AppPath from File for use in error messages + $sDisplayFilename = str_replace($this->oReg->AppPath, '', $sFileName); + // do not allow writing if PageId is missing! + if (!$this->aVars['iPageId']) { + throw new AccessFileWriteableException('Missing PageId for file [' . $sDisplayFilename . ']'); } - - if (!$this->_aVars['iPageId']) { - // search for the parent pageID if current ID is 0 - $this->_aVars['iPageId'] = $this->searchParentPageId($this->_sFileName); + // build the content for the access file + $sContent = $this->buildFileContent($this->buildPathToIndexFile($sFileName)); + // create path if file does not already exists + if (!file_exists($sFileName)) { + $this->createPath($sFileName); } - $sIndexFile = $this->_buildPathToIndexFile($this->_sFileName); - $this->_createPath($this->_sFileName); - $sContent = $this->_buildFileContent($sIndexFile); - if (!file_put_contents($this->_sFileName, $sContent)) { - throw new AccessFileNotWriteableException('Unable to write file * ' . $sTmp . ' *'); + // create new file or overwrite existing one + if (!file_put_contents($sFileName, $sContent)) { + throw new AccessFileWriteableException('Unable to write file [' . $sDisplayFilename . ']'); } - if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') { // Only chmod if os is not windows - chmod($this->_sFileName, $this->_oReg->OctalFileMode); + // do chmod if os is not windows + if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') { + chmod($sFileName, $this->oReg->OctalFileMode); } } +/** + * searchParentPageId + * @param string $sAccessFilesRoot + * @param string $sFullFilePath + * @return int found page-id + * @description find first valid accessfile backwards in the parent line
+ * or the start page if no parent is found. + */ + protected function searchParentPageId($sAccessFilesRoot, $sFullFilePath) + { + + + return $iPageId; + } /** * Rename an existing Accessfile * @param string $sNewName the new filename without path and without extension * @return boolean - * @throws AccessFileInvalidFilenameException - * @throws AccessFileAlreadyExistsException * @throws AccessFileAccessFileRenameException */ public function rename($sNewName) { - // sanitize new filename - if (!preg_match('/[^\.\\ \/]*/si', $sNewName)) { - throw new AccessFileInvalidFilenameException('invalid filename [' . str_replace($this->_oReg->AppPath, '', $sNewName) . ']'); + // validate and sanitize new filename + $sPattern = '/(^'.preg_quote($this->sAccessFilesRoot, '/').'|^'.preg_quote($this->oReg->AppPath, '/') + . ')?([^\/]*?)(?:'.preg_quote($this->sFileExtension, '/').')?$/s'; + if (!preg_match($sPattern, $sNewName, $aMatches)) { + // sorry, but the given filename is not valid! + throw new AccessFileRenameException('invalid filename [' . str_replace($this->oReg->AppPath, '', $sNewName) . ']'); } - // prepare old/new file-/dirname - $sOldFilename = $this->_sFileName; - $sOldSubDirname = dirname($sOldFilename) . '/'; - $sPattern = '/^(' . preg_quote($sOldSubDirname, '/') . ')([^\/\.]+?)(\.[a-z0-9]+)$/siU'; - $sNewFilename = preg_replace($sPattern, '\1' . $sNewName . '\3', $sOldFilename); - $sNewSubDirname = dirname($sNewFilename) . '/'; - if (file_exists($sNewFilename) || file_exists($sNewSubDirname)) { - // if new filename or directory already exists - throw new AccessFileAlreadyExistsException('new file/dirname already exists [' . str_replace($this->_oReg->AppPath, '', $sNewName) . ']'); + $sOldFileName = $this->sFullFileName; + // $aMatches[sizeof($aMatches)-1] contains the new filename without extension only + $sNewFileName = preg_replace('/(^.*?)[^\/]*$/', '\1'.$aMatches[sizeof($aMatches)-1], $sOldFileName); + $sDisplayOldFileName = str_replace($this->oReg->AppPath, '', $sOldFileName); + $sDisplayNewFileName = str_replace($this->oReg->AppPath, '', $sNewFileName); + + if (file_exists($sNewFileName.$this->sFileExtension) || file_exists($sNewFileName.'/')) { + // if new filename or directory already exists + throw new AccessFileRenameException('new file or new dirname already exists ['.$sDisplayNewFileName.'{'.$this->sFileExtension.'}]'); } - if(!is_writeable($sOldFilename)) { - throw new AccessFileRenameException('unable to rename file or file not exists [' . str_replace($this->_oReg->AppPath, '', $sOldFilename) . ']'); + if (!is_writeable($sOldFileName.$this->sFileExtension)) { + // old file is not writable an can not be renamed + throw new AccessFileRenameException('file not exists or file is readonly ['.$sDisplayOldFileName.$this->sFileExtension.']'); } $bSubdirRenamed = false; // set default value - if(file_exists($sOldSubDirname)) - { // - if(is_writeable($sOldSubDirname)) - { - if(!( $bSubdirRenamed = rename($sOldSubDirname, $sNewSubDirname))) { - throw new AccessFileRenameException('unable to rename directory [' . str_replace($this->_oReg->AppPath, '', $sOldSubDirname) . ']'); + if (file_exists($sOldFileName.'/')) { // + if (is_writeable($sOldFileName.'/')) { + if (!( $bSubdirRenamed = rename($sOldFileName.'/', $sOldFileName.'/'))) { + throw new AccessFileRenameException('unable to rename directory ['.$sDisplayOldFileName.'/] to ['.$sDisplayNewFileName.'/]'); } } else { - throw new AccessFileRenameException('directory is not writeable [' . str_replace($this->_oReg->AppPath, '', $sOldSubDirname) . ']'); + throw new AccessFileRenameException('directory is not writeable ['.$sDisplayOldFileName.'/]'); } } // try to rename accessfile - if(!rename($sOldFilename, $sNewFilename)) { - if($bSubdirRenamed) { rename($sNewSubDirname, $sOldSubDirname); } - throw new AccessFileRenameException('unable to rename file [' . str_replace($this->_oReg->AppPath, '', $sOldFilename) . ']'); + if (!rename($sOldFileName.$this->sFileExtension, $sNewFileName.$this->sFileExtension)) { + if ($bSubdirRenamed) { rename($sNewFileName.'/', $sOldFileName.'/'); } + $sMsg = 'unable to rename file ['.$sDisplayOldFileName.$this->sFileExtension + . '] to ['.$sDisplayOldFileName.$this->sFileExtension.']'; + throw new AccessFileRenameException($sMsg); } return true; } @@ -180,25 +222,24 @@ * Delete the actual Accessfile * @return boolean true if successfull * @throws AccessFileIsNoAccessfileException - * @throws AccessFileNotWriteableException + * @throws AccessFileWriteableException */ public function delete($bForceDelete = true) { - $sFileName = $this->_sFileName; + $sFileName = $this->sFullFileName.$this->sFileExtension; + if (!AccessFileHelper::isAccessFile($sFileName)) { throw new AccessFileIsNoAccessfileException('requested file is NOT an accessfile'); } if (file_exists($sFileName) && is_writeable($sFileName)) { - $sPattern = '/^(.*?)(\.[a-z0-9]+)$/siU'; - $sDir = preg_replace($sPattern, '\1/', $sFileName); - if (is_writeable($sDir)) { - AccessFileHelper::delTree($sDir, AccessFileHelper::DEL_ROOT_DELETE); + if (is_writeable($this->sFullFileName)) { + AccessFileHelper::delTree($this->sFullFileName, AccessFileHelper::DEL_ROOT_DELETE); } unlink($sFileName); $sFileName = ''; } else { - throw new AccessFileNotWriteableException('requested file not exists or permissions missing'); + throw new AccessFileWriteableException('requested file not exists or permissions missing'); } } @@ -208,7 +249,7 @@ */ public function getFileName() { - return $this->_sFileName; + return $this->sFullFileName.$this->sFileExtension; } /** @@ -217,7 +258,7 @@ */ public function getPageId() { - return (isset($this->_aVars['iPageId']) ? $this->_aVars['iPageId'] : 0); + return (isset($this->aVars['iPageId']) ? $this->aVars['iPageId'] : 0); } /** * get number of the last occured error @@ -225,51 +266,46 @@ */ public function getError() { - return $this->_iErrorNo; + return $this->iErrorNo; } /** * set number of error * @param type $iErrNo */ - protected function _setError($iErrNo = self::ERR_NONE) + protected function setError($iErrNo = self::ERR_NONE) { - $this->_iErrorNo = $iErrNo; + $this->iErrorNo = $iErrNo; } /** * Create Path to Accessfile * @param string full path/name to new access file - * @throws AccessFileNotWriteableException + * @throws AccessFileWriteableException * @throws AccessFileInvalidStructureException */ - protected function _createPath($sFilename) + protected function createPath($sFilename) { - $sFilename = str_replace($this->_oReg->AppPath . $this->_oReg->PagesDir, '', $sFilename); - $sPagesDir = $this->_oReg->AppPath . $this->_oReg->PagesDir; - - if (($iSlashPosition = mb_strrpos($sFilename, '/')) !== false) - { + $sFilename = str_replace($this->sAccessFilesRoot, '', $sFilename); + $sPagesDir = $this->sAccessFilesRoot; + if (($iSlashPosition = mb_strrpos($sFilename, '/')) !== false) { // if subdirs exists, then procceed extended check $sExtension = preg_replace('/.*?(\.[a-z][a-z0-9]+)$/siU', '\1', $sFilename); $sParentDir = mb_substr($sFilename, 0, $iSlashPosition); - if (file_exists($sPagesDir . $sParentDir)) - { + if (file_exists($sPagesDir . $sParentDir)) { if (!is_writable($sPagesDir . $sParentDir)) { - throw new AccessFileNotWriteableException('No write permissions for ' . $sPagesDir . $sParentDir); + throw new AccessFileWriteableException('No write permissions for ' . $sPagesDir . $sParentDir); } - } else - { + } else { // if parentdir not exists - if (file_exists($sPagesDir . $sParentDir . $sExtension)) - { + if (file_exists($sPagesDir . $sParentDir . $sExtension)) { // but parentaccessfile exists, create parentdir and ok $iOldUmask = umask(0); - $bRetval = mkdir($sPagesDir . $sParentDir, $this->_oReg->OctalDirMode); + $bRetval = mkdir($sPagesDir . $sParentDir, $this->oReg->OctalDirMode); umask($iOldUmask); } else { - throw new AccessFileInvalidStructureException('invalid structure ' . $sFilename); + throw new AccessFileInvalidStructureException('invalid structure - missing file: ' . $sFilename); } if (!$bRetval) { - throw new AccessFileNotWriteableException('Unable to create ' . $sPagesDir . $sParentDir); + throw new AccessFileWriteableException('Unable to create ' . $sPagesDir . $sParentDir); } } } @@ -281,7 +317,7 @@ * @return string printable value * @throws InvalidArgumentException */ - protected function _sanitizeValue($mValue, $sType) + protected function sanitizeValue($mValue, $sType) { $mRetval = ''; switch ($sType) @@ -314,9 +350,9 @@ * Calculate backsteps in directory * @param string accessfile */ - protected function _buildPathToIndexFile($sFileName) + protected function buildPathToIndexFile($sFileName) { - $iBackSteps = substr_count(str_replace($this->_oReg->AppPath, '', $sFileName), '/'); + $iBackSteps = substr_count(str_replace($this->oReg->AppPath, '', $sFileName), '/'); return str_repeat('../', $iBackSteps) . 'index.php'; } @@ -325,14 +361,14 @@ * @param string $sIndexFile name and path to the wb/index.php file * @return string */ - protected function _buildFileContent($sIndexFile) + protected function buildFileContent($sIndexFile) { $sFileContent = '_oReg->AppName . ' Ver.' . $this->_oReg->AppVersion - . ($this->_oReg->AppServicePack != '' ? ' '.$this->_oReg->AppServicePack : '') - . ' Rev.' . $this->_oReg->AppRevision . "\n" + . '// *** ' . $this->oReg->AppName . ' Ver.' . $this->oReg->AppVersion + . ($this->oReg->AppServicePack != '' ? ' '.$this->oReg->AppServicePack : '') + . ' Rev.' . $this->oReg->AppRevision . "\n" . '// *** on ' . date('c') . "\n" . '//' . "\n" . '// *** Warning *************************************' . "\n" @@ -341,18 +377,17 @@ . '// *** then all manual changes will get lost!!' . "\n" . '// *************************************************' . "\n" . '//' . "\n"; - foreach ($this->_aVars as $sKey => $sVar) { + foreach ($this->aVars as $sKey => $sVar) { $sFileContent .= "\t" . '$' . $sKey . ' = ' . $sVar . ';' . "\n"; } - foreach ($this->_aConsts as $sKey => $sVar) { + foreach ($this->aConsts as $sKey => $sVar) { $sFileContent .= "\t" . 'define(\'' . $sKey . '\', ' . $sVar . '); // ** deprecated command **' . "\n"; } $sFileContent .="\t" . 'require(\'' . $sIndexFile . '\');' . "\n" - . "\t" . 'exit(0);' . "\n" + . "\t" . 'exit();' . "\n" . '// *************************************************' . "\n" . '// end of file' . "\n"; - return $sFileContent; } @@ -374,13 +409,10 @@ * @description Exceptionhandler for the Accessfiles and depending classes */ -class AccessFileException extends Exception { } +class AccessFileException extends AppException { } +class AccessFileInvalidStructureException extends AccessFileException { } +class AccessFileIsNoAccessfileException extends AccessFileException { } class AccessFileConstForbiddenException extends AccessFileException { } class AccessFileInvalidFilePathException extends AccessFileException { } -class AccessFileInvalidFilenameException extends AccessFileException { } -class AccessFileAlreadyExistsException extends AccessFileException { } -class AccessFileNotWriteableException extends AccessFileException { } -class AccessFileIsInvalidFilenameException extends AccessFileException { } -class AccessFileIsNoAccessfileException extends AccessFileException { } -class AccessFileInvalidStructureException extends AccessFileException { } class AccessFileRenameException extends AccessFileException { } +class AccessFileWriteableException extends AccessFileException { } Index: branches/2.8.x/wb/framework/functions.php =================================================================== --- branches/2.8.x/wb/framework/functions.php (revision 2044) +++ branches/2.8.x/wb/framework/functions.php (revision 2045) @@ -35,15 +35,15 @@ */ function DeleteAccessFilesTree($sDirToDelete, array &$aReport = null) { - $aReport = array(); - $sBaseDir = realpath($sDirToDelete); - if( $sBaseDir !== false) { + $aReport = array(); + $sBaseDir = realpath($sDirToDelete); + if( $sBaseDir !== false) { $sBaseDir = rtrim(str_replace('\\', '/', $sBaseDir), '/') . '/'; // scan start directory for access files foreach (glob($sBaseDir . '*.php', GLOB_MARK) as $sItem) { $sItem = str_replace('\\', '/', $sItem); try{ - $oAccFile = new AccessFile($sItem); + $oAccFile = new AccessFile($sBaseDir, basename($sItem)); $oAccFile->delete(); $aReport = array_merge($aReport, AccessFileHelper::getDelTreeLog()); }catch(AccessFileIsNoAccessfileException $e) { @@ -50,7 +50,7 @@ continue; } } - clearstatcache(); + clearstatcache(); return true; } return false; @@ -706,61 +706,62 @@ // Create a new directory and/or protected file in the given directory -function createFolderProtectFile($sAbsDir='',$make_dir=true) +function createFolderProtectFile($sAbsDir='', $make_dir=true) { - global $admin, $MESSAGE; - $retVal = array(); - $wb_path = rtrim(str_replace('\/\\', '/', WB_PATH), '/'); - $sAppPath = rtrim(str_replace('\/\\', '/', WB_PATH), '/').'/'; - if( ($sAbsDir=='') || ($sAbsDir == $sAppPath) ) { return $retVal;} - - if ( $make_dir==true ) { + $retVal = array(); + $oReg = WbAdaptor::getInstance(); + $oTrans = Translate::getInstance(); + $sAbsDir = rtrim(str_replace('\\', '/', trim($sAbsDir)), '/').'/'; + if(($sAbsDir=='/') || ($sAbsDir == $oReg->AppPath)) + { + return $retVal; + } + if($make_dir==true) + { // Check to see if the folder already exists if(is_readable($sAbsDir)) { - $retVal[] = basename($sAbsDir).'::'.$MESSAGE['MEDIA_DIR_EXISTS']; + $retVal[] = basename($sAbsDir).'::'.$oTrans->MESSAGE_MEDIA_DIR_EXISTS; } - if (!make_dir($sAbsDir) && !is_dir($sAbsDir) ) { - $retVal[] = basename($sAbsDir).'::'.$MESSAGE['MEDIA_DIR_NOT_MADE']; - } else { + if(!make_dir($sAbsDir) && !is_dir($sAbsDir)) + { + $retVal[] = basename($sAbsDir).'::'.$oTrans->MESSAGE_MEDIA_DIR_NOT_MADE; + }else + { change_mode($sAbsDir); } return $retVal; } - -//$retVal[] = $sAbsDir; -//return $retVal; - - if( is_writable($sAbsDir) ) + if(is_writable($sAbsDir)) { - // if(file_exists($sAbsDir.'/index.php')) { unlink($sAbsDir.'/index.php'); } - // Create default "index.php" file - $iBackSteps = substr_count(str_replace($sAppPath, '', $sAbsDir), '/'); - $sIndexFile = str_repeat('../', $iBackSteps).'index.php'; $sResponse = $_SERVER['SERVER_PROTOCOL'].' 301 Moved Permanently'; + // build file content $content = 'AppVersion."\n". '// *** Creation date: '.date('c')."\n". '// *** Do not modify this file manually'."\n". '// *** WB will rebuild this file from time to time!!'."\n". '// *************************************************'."\n". "\t".'header(\''.$sResponse.'\');'."\n". - "\t".'header(\'Location: '.WB_URL.'/index.php\');'."\n". + "\t".'header(\'Location: '.$oReg->AppUrl.'index.php\');'."\n". '// *************************************************'."\n"; $filename = $sAbsDir.'/index.php'; - - // write content into file - if(is_writable($filename) || !file_exists($filename)) { - if(file_put_contents($filename, $content)) { - $retVal[] = change_mode($filename); - } else { - $retVal[] = $MESSAGE['GENERIC_BAD_PERMISSIONS'].' :: '.$filename; - } - } - } else { - $retVal[] = $MESSAGE['GENERIC_BAD_PERMISSIONS']; - } - return $retVal; + // write content into file + if(is_writable($filename) || !file_exists($filename)) + { + if(file_put_contents($filename, $content)) + { + $retVal[] = change_mode($filename); + }else + { + $retVal[] = $oTrans->MESSAGE_GENERIC_BAD_PERMISSIONS.' :: '.$filename; + } + } + }else + { + $retVal[] = $oTrans->MESSAGE_GENERIC_BAD_PERMISSIONS; + } + return $retVal; } function rebuildFolderProtectFile($dir='') @@ -1449,14 +1450,12 @@ if(!function_exists('rebuild_all_accessfiles')) { - function rebuild_all_accessfiles($bShowDetails=false ) + function rebuild_all_accessfiles($bShowDetails=false ) { $oDb = WbDatabase::getInstance(); $oReg = WbAdaptor::getInstance(); - $aRetval = array(); // try to remove access files and build new folder protect files $sTreeToDelete = $oReg->AppPath.$oReg->PagesDir; - if(($sTreeToDelete!='') && is_writeable($sTreeToDelete)==true) { $aDeleteLog = array(); @@ -1464,6 +1463,9 @@ // show details if debug is set if($bShowDetails) { $aRetval = $aDeleteLog; } } + // set logging informations + $aRetval = array_merge((isset($aRetval) ? $aRetval : array()), + createFolderProtectFile(rtrim( $oReg->AppPath.$oReg->PagesDir, '/') )); // Reformat/rebuild all existing access files $sql = 'SELECT `page_id`,`root_parent`,`parent`,`link`,`level`,`page_trail` ' . 'FROM `'.$oDb->TablePrefix.'pages` ' @@ -1472,7 +1474,6 @@ if (($oPage = $oDb->query($sql))) { $iFileCounter = 0; - // iterate over all existing page records while (($aPageRecord = $oPage->fetchRow(MYSQL_ASSOC))) { // --- begin reorg tree structure ------------------------------------------------ @@ -1480,7 +1481,6 @@ $sql = 'SELECT `level`+1 AS `level`, `page_trail` ' . 'FROM `'.$oDb->TablePrefix.'pages` ' . 'WHERE `page_id`='.$aPageRecord['parent']; - // search for parent record $oParent = $oDb->query($sql); if(($aParentRecord = $oParent->fetchRow(MYSQLI_ASSOC))) { @@ -1503,8 +1503,9 @@ . 'WHERE `page_id`='.$aPageRecord['page_id']; $oDb->query($sql); // --- end reorg tree structure -------------------------------------------------- - $sFilename = $oReg->AppPath.$oReg->PagesDir.ltrim($aPageRecord['link'],'/').$oReg->PageExtension; - $oAccessFile = new AccessFile($sFilename, $aPageRecord['page_id']); + $sPageTreeRoot = $oReg->AppPath.$oReg->PagesDir; + $sFilename = ($aPageRecord['link']).$oReg->PageExtension; + $oAccessFile = new AccessFile($sPageTreeRoot, $sFilename, $aPageRecord['page_id']); $oAccessFile->write(); unset($oAccessFile); $iFileCounter++; Index: branches/2.8.x/wb/modules/news/Reorg.php =================================================================== --- branches/2.8.x/wb/modules/news/Reorg.php (revision 2044) +++ branches/2.8.x/wb/modules/news/Reorg.php (revision 2045) @@ -127,17 +127,18 @@ while(($aPost = $oPosts->fetchRow(MYSQL_ASSOC))) { // sanitize link if there is an old value in database from former versions - $aPost['link'] = trim( str_replace('\\', '/', $aPost['link']), '/'); $aPost['link'] = preg_replace( '/^'.preg_quote($this->sAccessFilesSubdir, '/').'/', '', trim( str_replace('\\', '/', $aPost['link']), '/') ); + // compose name of accessfile $sAccFileName = $this->sAccessFilesRoot.$aPost['link'].$this->oReg->PageExtension; + try { // create new object - $oAccFile = new AccessFile($sAccFileName, $aPost['page_id']); + $oAccFile = new AccessFile($this->sAccessFilesRoot, $aPost['link'], $aPost['page_id']); $oAccFile->addVar('section_id', $aPost['section_id'], AccessFile::VAR_INT); $oAccFile->addVar('post_id', $aPost['post_id'], AccessFile::VAR_INT); $oAccFile->addVar('post_section', $aPost['section_id'], AccessFile::VAR_INT);