/var/www/hkosl.com/kwokfai/libraries/elFinder-2.1.32/php/plugins/Sanitizer/plugin.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
/**
 * elFinder Plugin Sanitizer
 *
 * Sanitizer of file-name and file-path etc.
 *
 * ex. binding, configure on connector options
 *    $opts = array(
 *        'bind' => array(
 *            'upload.pre mkdir.pre mkfile.pre rename.pre archive.pre ls.pre' => array(
 *                'Plugin.Sanitizer.cmdPreprocess'
 *            ),
 *            'ls' => array(
 *                'Plugin.Sanitizer.cmdPostprocess'
 *            ),
 *            'upload.presave' => array(
 *                'Plugin.Sanitizer.onUpLoadPreSave'
 *            )
 *        ),
 *        // global configure (optional)
 *        'plugin' => array(
 *            'Sanitizer' => array(
 *                'enable' => true,
 *                'targets'  => array('\\','/',':','*','?','"','<','>','|'), // target chars
 *                'replace'  => '_'    // replace to this
 *            )
 *        ),
 *        // each volume configure (optional)
 *        'roots' => array(
 *            array(
 *                'driver' => 'LocalFileSystem',
 *                'path'   => '/path/to/files/',
 *                'URL'    => 'http://localhost/to/files/'
 *                'plugin' => array(
 *                    'Sanitizer' => array(
 *                        'enable' => true,
 *                        'targets'  => array('\\','/',':','*','?','"','<','>','|'), // target chars
 *                        'replace'  => '_'    // replace to this
 *                    )
 *                )
 *            )
 *        )
 *    );
 *
 * @package elfinder
 * @author Naoki Sawada
 * @license New BSD
 */
class elFinderPluginSanitizer extends elFinderPlugin
{
    private 
$replaced = array();
    private 
$keyMap = array(
        
'ls' => 'intersect',
        
'upload' => 'renames'
    
);

    public function 
__construct($opts) {
        
$defaults = array(
            
'enable'   => true,  // For control by volume driver
            
'targets'  => array('\\','/',':','*','?','"','<','>','|'), // target chars
            
'replace'  => '_',   // replace to this
            
'pathAllows' => array('/'// Characters allowed in path name of characters in `targets` array
        
);
    
        
$this->opts array_merge($defaults$opts);
    }
    
    public function 
cmdPreprocess($cmd, &$args$elfinder$volume) {
        
$opts $this->getCurrentOpts($volume);
        if (! 
$opts['enable']) {
            return 
false;
        }
        
$this->replaced[$cmd] = array();
        
$key = (isset($this->keyMap[$cmd]))? $this->keyMap[$cmd] : 'name';
        
        if (isset(
$args[$key])) {
            if (
is_array($args[$key])) {
                foreach(
$args[$key] as $i => $name) {
                    
$this->replaced[$cmd][$name] = $args[$key][$i] = $this->sanitizeFileName($name$opts);
                }
            } else {
                
$name $args[$key];
                
$this->replaced[$cmd][$name] = $args[$key] = $this->sanitizeFileName($name$opts);
            }
        }
        return 
true;
    }
    
    public function 
cmdPostprocess($cmd, &$result$args$elfinder) {
        if (
$cmd === 'ls') {
            if (! empty(
$result['list']) && ! empty($this->replaced['ls'])) {
                foreach(
$result['list'] as $hash => $name) {
                    if (
$keys array_keys($this->replaced['ls'], $name)) {
                        if (
count($keys) === 1) {
                            
$result['list'][$hash] = $keys[0];
                        } else {
                            
$result['list'][$hash] = $keys;
                        }
                    }
                }
            }
        }
    }
    
    
// NOTE: $thash is directory hash so it unneed to process at here
    
public function onUpLoadPreSave(&$thash, &$name$src$elfinder$volume) {
        
$opts $this->getCurrentOpts($volume);
        if (! 
$opts['enable']) {
            return 
false;
        }
    
        
$name $this->sanitizeFileName($name$opts);
        return 
true;
    }
    
    protected function 
sanitizeFileName($filename$opts$allows = array()) {
        
$targets $allowsarray_diff($opts['targets'], $allows) : $opts['targets'];
        return 
str_replace($targets$opts['replace'], $filename);
      }
}