aboutsummaryrefslogtreecommitdiffstats
path: root/config/filemgr/rbfminc
diff options
context:
space:
mode:
authorChris Buechler <cmb@pfsense.org>2015-08-15 23:58:09 -0500
committerChris Buechler <cmb@pfsense.org>2015-08-15 23:58:09 -0500
commit0d8788110a27ab87ef4e6a4c0cc6ea148ff8b3ca (patch)
tree366be1ad6f20823ab4bc7b2b663e30d411eea20b /config/filemgr/rbfminc
parent368de2c92306ad2e19890c0d30d15cc968022232 (diff)
parentcad6ed23f5dfb5145beaf4f224121c731fb1097c (diff)
downloadpfsense-packages-0d8788110a27ab87ef4e6a4c0cc6ea148ff8b3ca.tar.gz
pfsense-packages-0d8788110a27ab87ef4e6a4c0cc6ea148ff8b3ca.tar.bz2
pfsense-packages-0d8788110a27ab87ef4e6a4c0cc6ea148ff8b3ca.zip
Merge pull request #995 from doktornotor/patch-9
Diffstat (limited to 'config/filemgr/rbfminc')
-rw-r--r--config/filemgr/rbfminc/config.php123
-rw-r--r--config/filemgr/rbfminc/config.tmp95
-rw-r--r--config/filemgr/rbfminc/download.php69
-rw-r--r--config/filemgr/rbfminc/download.tmp49
-rw-r--r--config/filemgr/rbfminc/functions.php221
-rw-r--r--config/filemgr/rbfminc/functions.tmp189
-rw-r--r--config/filemgr/rbfminc/rename.php68
-rw-r--r--config/filemgr/rbfminc/rename.tmp41
-rw-r--r--config/filemgr/rbfminc/session.php58
-rw-r--r--config/filemgr/rbfminc/session.tmp32
10 files changed, 539 insertions, 406 deletions
diff --git a/config/filemgr/rbfminc/config.php b/config/filemgr/rbfminc/config.php
new file mode 100644
index 00000000..776abf58
--- /dev/null
+++ b/config/filemgr/rbfminc/config.php
@@ -0,0 +1,123 @@
+<?php
+/*
+ config.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Tom Schaefer <tom@tomschaefer.org>
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+// Initial folder
+$initial_folder = "/";
+// 0 = you can browse all files on the server;
+// 1= you can browse only the $initial_folder and below
+$only_below = 0;
+
+// Login info {Please change the initial username and password}
+$username = 'admin';
+$password = 'admin';
+
+/* ==================================== */
+/* BEGIN Protect against GLOBALS tricks */
+if (isset($_POST['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($_GET['GLOBALS']) || isset($_COOKIE['GLOBALS'])) {
+ die("Hacking attempt");
+}
+
+if (isset($_SESSION) && !is_array($_SESSION)) {
+ die("Hacking attempt");
+}
+
+if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') {
+ $not_unset = array('_GET', '_POST', '_COOKIE', 'HTTP_SERVER_VARS', '_SESSION', 'HTTP_ENV_VARS', '_FILES');
+
+ if (!isset($_SESSION) || !is_array($_SESSION)) {
+ $_SESSION = array();
+ }
+ $input = array_merge($_GET, $_POST, $_COOKIE, $HTTP_SERVER_VARS, $_SESSION, $HTTP_ENV_VARS, $_FILES);
+
+ unset($input['input']);
+ unset($input['not_unset']);
+
+ while (list($var,) = @each($input)) {
+ if (in_array($var, $not_unset)) {
+ die('Hacking attempt!');
+ }
+ unset($$var);
+ }
+
+ unset($input);
+}
+
+if (!get_magic_quotes_gpc()) {
+ if (is_array($_GET)) {
+ while (list($k, $v) = each($_GET)) {
+ if (is_array($_GET[$k])) {
+ while (list($k2, $v2) = each($_GET[$k])) {
+ $_GET[$k][$k2] = addslashes($v2);
+ }
+ @reset($_GET[$k]);
+ } else {
+ $_GET[$k] = addslashes($v);
+ }
+ }
+ @reset($_GET);
+ }
+
+ if (is_array($_POST)) {
+ while (list($k, $v) = each($_POST)) {
+ if (is_array($_POST[$k])) {
+ while (list($k2, $v2) = each($_POST[$k])) {
+ $_POST[$k][$k2] = addslashes($v2);
+ }
+ @reset($_POST[$k]);
+ } else {
+ $_POST[$k] = addslashes($v);
+ }
+ }
+ @reset($_POST);
+ }
+
+ if (is_array($_COOKIE)) {
+ while (list($k, $v) = each($_COOKIE)) {
+ if (is_array($_COOKIE[$k])) {
+ while (list($k2, $v2) = each($_COOKIE[$k])) {
+ $_COOKIE[$k][$k2] = addslashes($v2);
+ }
+ @reset($_COOKIE[$k]);
+ } else {
+ $_COOKIE[$k] = addslashes($v);
+ }
+ }
+ @reset($_COOKIE);
+ }
+}
+/* END Protect against GLOBALS tricks */
+/* ==================================== */
+
+/*
+if ($username == 'admin' and $password == 'admin') {
+ $security_issues = "<div align=\"center\" style=\"color: red;\"><strong>Security issue</strong>: Please change your username or password</div>";
+}
+*/
+$security_issues = "<br />";
+?>
diff --git a/config/filemgr/rbfminc/config.tmp b/config/filemgr/rbfminc/config.tmp
deleted file mode 100644
index 405514f8..00000000
--- a/config/filemgr/rbfminc/config.tmp
+++ /dev/null
@@ -1,95 +0,0 @@
-<?php
-
-
-$initial_folder = "/"; //initial folder
-$only_below = 0; // 0=you can brows all server; 1=you can brows only the $initial_folder and below
-
-//Login info {Please change the initial username and password}
-$username = 'admin';
-$password = 'admin';
-
-
-
-/***********************************/
-// Protect against GLOBALS tricks
-if (isset($_POST['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($_GET['GLOBALS']) || isset($_COOKIE['GLOBALS'])){
- die("Hacking attempt");
-}
-
-if (isset($_SESSION) && !is_array($_SESSION)){
- die("Hacking attempt");
-}
-
-if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on'){
- $not_unset = array('_GET', '_POST', '_COOKIE', 'HTTP_SERVER_VARS', '_SESSION', 'HTTP_ENV_VARS', '_FILES');
-
- if (!isset($_SESSION) || !is_array($_SESSION)){
- $_SESSION = array();
- }
- $input = array_merge($_GET, $_POST, $_COOKIE, $HTTP_SERVER_VARS, $_SESSION, $HTTP_ENV_VARS, $_FILES);
-
- unset($input['input']);
- unset($input['not_unset']);
-
- while (list($var,) = @each($input)){
- if (in_array($var, $not_unset)){
- die('Hacking attempt!');
- }
- unset($$var);
- }
-
- unset($input);
-}
-
-if( !get_magic_quotes_gpc() ){
- if( is_array($_GET) ){
- while( list($k, $v) = each($_GET) ){
- if( is_array($_GET[$k]) )
- {
- while( list($k2, $v2) = each($_GET[$k]) ){
- $_GET[$k][$k2] = addslashes($v2);
- }
- @reset($_GET[$k]);
- }else{
- $_GET[$k] = addslashes($v);
- }
- }
- @reset($_GET);
- }
-
- if( is_array($_POST) ){
- while( list($k, $v) = each($_POST) ){
- if( is_array($_POST[$k]) )
- {
- while( list($k2, $v2) = each($_POST[$k]) ){
- $_POST[$k][$k2] = addslashes($v2);
- }
- @reset($_POST[$k]);
- }else{
- $_POST[$k] = addslashes($v);
- }
- }
- @reset($_POST);
- }
-
- if( is_array($_COOKIE) ){
- while( list($k, $v) = each($_COOKIE) ){
- if( is_array($_COOKIE[$k]) ){
- while( list($k2, $v2) = each($_COOKIE[$k]) ){
- $_COOKIE[$k][$k2] = addslashes($v2);
- }
- @reset($_COOKIE[$k]);
- }else{
- $_COOKIE[$k] = addslashes($v);
- }
- }
- @reset($_COOKIE);
- }
-}
-//END Protect against GLOBALS tricks
-/***********************************/
-//if($username == 'admin' and $password == 'admin'){
- //$security_issues = "<div align=\"center\" style=\"color: red;\"><b>Security issue</b>: Please change your username or password</div>";
-//}
-$security_issues = "<br />";
-?>
diff --git a/config/filemgr/rbfminc/download.php b/config/filemgr/rbfminc/download.php
new file mode 100644
index 00000000..88ff1788
--- /dev/null
+++ b/config/filemgr/rbfminc/download.php
@@ -0,0 +1,69 @@
+<?php
+/*
+ download.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Tom Schaefer <tom@tomschaefer.org>
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+include_once("auth.inc");
+include("functions.php");
+
+// Set the cache policy
+ob_end_clean();
+header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+
+// Gets the parameters
+$_GET['file_name'] = urldecode($_GET['file_name']);
+$_GET['p'] = urldecode($_GET['p']);
+
+// Check Authentication
+$candownload = false;
+$candownload = session_auth();
+if ($candownload) {
+ if (($_GET['file_name']) && ($_GET['p'])) {
+ $filepath = $_GET['p'].$_GET['file_name'];
+ if (file_exists($filepath)) {
+ $type = wp_check_filetype($_GET['file_name']);
+ header('Content-type: ' . $type[$_GET['file_name']]);
+ header('Content-Disposition: attachment; filename="'.$_GET['file_name'].'"');
+ header('Content-Length: ' . filesize($filepath));
+ header('Last-Modified: '.gmdate('D, d M Y H:i:s', filemtime($filepath)).' GMT', true, 200);
+ flush();
+ readfile($filepath);
+ exit;
+ } else {
+ echo "File not found";
+ }
+ } else {
+ echo "File Unknown";
+ }
+} else {
+ echo "Session Expired";
+}
+
+?>
diff --git a/config/filemgr/rbfminc/download.tmp b/config/filemgr/rbfminc/download.tmp
deleted file mode 100644
index badc6d19..00000000
--- a/config/filemgr/rbfminc/download.tmp
+++ /dev/null
@@ -1,49 +0,0 @@
-<?php
-include_once("auth.inc");
-include "functions.php";
-//Set the cache policy
-ob_end_clean();
-header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
-header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
-header("Cache-Control: post-check=0, pre-check=0", false);
-header("Pragma: no-cache");
-//Gets the parameters
-$_GET['file_name'] = urldecode($_GET['file_name']);
-$_GET['p'] = urldecode($_GET['p']);
-//Check Authentication
-$candownload = false;
-if (function_exists("session_auth"))
- {//pfSense 2.X
- $candownload = session_auth();}
-else
- {//pfSense 1.2.3
- $candownload = htpasswd_backed_basic_auth();}
-if ($candownload)
-{
- if($_GET['file_name'] and $_GET['p']){
- $filepath = $_GET['p'].$_GET['file_name'];
- if(file_exists($filepath)){
- $type = wp_check_filetype($_GET['file_name']);
- header('Content-type: ' . $type[$_GET['file_name']]);
- header('Content-Disposition: attachment; filename="'.$_GET['file_name'].'"');
- header('Content-Length: ' . filesize($filepath));
- header('Last-Modified: '.gmdate('D, d M Y H:i:s', filemtime($filepath)).' GMT', true, 200);
- flush();
- readfile($filepath);
- exit;
- }
- else
- {
- echo("File not found");
- }
- }
- else
- {
- echo("File Unknown");
- }
-}
-else
-{
- echo("Session Expired");
-}
-?> \ No newline at end of file
diff --git a/config/filemgr/rbfminc/functions.php b/config/filemgr/rbfminc/functions.php
new file mode 100644
index 00000000..bab912a7
--- /dev/null
+++ b/config/filemgr/rbfminc/functions.php
@@ -0,0 +1,221 @@
+<?php
+/*
+ functions.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Tom Schaefer <tom@tomschaefer.org>
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+function RecursiveFolderDelete($folderPath) {
+ if (is_dir($folderPath )) {
+ foreach (scandir($folderPath) as $value) {
+ if ($value != "." && $value != "..") {
+ $value = $folderPath . "/" . $value;
+ if (is_dir($value)) {
+ RecursiveFolderDelete($value);
+ } elseif (is_file($value)) {
+ @unlink($value);
+ }
+ }
+ }
+ if (!@rmdir($folderPath)) {
+ return FALSE;
+ } else {
+ return TRUE;
+ }
+ } else {
+ return FALSE;
+ }
+}
+
+
+function GetFilePerms($file) {
+ $perms = fileperms($file);
+
+ if (($perms & 0xC000) == 0xC000) {
+ // Socket
+ $info = 's';
+ } elseif (($perms & 0xA000) == 0xA000) {
+ // Symbolic Link
+ $info = 'l';
+ } elseif (($perms & 0x8000) == 0x8000) {
+ // Regular
+ $info = '-';
+ } elseif (($perms & 0x6000) == 0x6000) {
+ // Block special
+ $info = 'b';
+ } elseif (($perms & 0x4000) == 0x4000) {
+ // Directory
+ $info = 'd';
+ } elseif (($perms & 0x2000) == 0x2000) {
+ // Character special
+ $info = 'c';
+ } elseif (($perms & 0x1000) == 0x1000) {
+ // FIFO pipe
+ $info = 'p';
+ } else {
+ // Unknown
+ $info = '?';
+ }
+
+ // Owner
+ $info .= " " . (($perms & 0x0100) ? 'r' : '-');
+ $info .= (($perms & 0x0080) ? 'w' : '-');
+ $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
+ // Group
+ $info .= " " . (($perms & 0x0020) ? 'r' : '-');
+ $info .= (($perms & 0x0010) ? 'w' : '-');
+ $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
+ // World
+ $info .= " ".(($perms & 0x0004) ? 'r' : '-');
+ $info .= (($perms & 0x0002) ? 'w' : '-');
+ $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
+
+ $info = "[" . substr(sprintf('%o', fileperms($file)), -4) . "] " . $info;
+ return $info;
+}
+
+
+function merge_filters($tag) {
+ global $wp_filter, $merged_filters;
+
+ if (isset($wp_filter['all']) && is_array($wp_filter['all'])) {
+ $wp_filter[$tag] = array_merge($wp_filter['all'], (array) $wp_filter[$tag]);
+ }
+
+ if (isset($wp_filter[$tag])) {
+ reset($wp_filter[$tag]);
+ uksort($wp_filter[$tag], "strnatcasecmp");
+ }
+ $merged_filters[$tag] = true;
+}
+
+
+function apply_filters($tag, $string) {
+ global $wp_filter, $merged_filters;
+
+ if (!isset($merged_filters[$tag])) {
+ merge_filters($tag);
+ }
+
+ if (!isset($wp_filter[$tag])) {
+ return $string;
+ }
+
+ reset($wp_filter[$tag]);
+
+ $args = func_get_args();
+
+ do {
+ foreach ((array)current($wp_filter[$tag]) as $the_) {
+ if (!is_null($the_['function'])) {
+ $args[1] = $string;
+ $string = call_user_func_array($the_['function'], array_slice($args, 1, (int) $the_['accepted_args']));
+ }
+ }
+
+ } while (next($wp_filter[$tag]) !== false);
+
+ return $string;
+}
+
+
+function wp_check_filetype($filename, $mimes = null) {
+ // Accepted MIME types are set here as PCRE unless provided.
+ $mimes = is_array($mimes) ? $mimes : apply_filters('upload_mimes', array(
+ 'jpg|jpeg|jpe' => 'image/jpeg',
+ 'gif' => 'image/gif',
+ 'png' => 'image/png',
+ 'bmp' => 'image/bmp',
+ 'tif|tiff' => 'image/tiff',
+ 'ico' => 'image/x-icon',
+ 'asf|asx|wax|wmv|wmx' => 'video/asf',
+ 'avi' => 'video/avi',
+ 'mov|qt' => 'video/quicktime',
+ 'mpeg|mpg|mpe' => 'video/mpeg',
+ 'txt|c|cc|h' => 'text/plain',
+ 'rtx' => 'text/richtext',
+ 'css' => 'text/css',
+ 'htm|html' => 'text/html',
+ 'php|php3|' => 'application/php',
+ 'mp3|mp4' => 'audio/mpeg',
+ 'ra|ram' => 'audio/x-realaudio',
+ 'wav' => 'audio/wav',
+ 'ogg' => 'audio/ogg',
+ 'mid|midi' => 'audio/midi',
+ 'wma' => 'audio/wma',
+ 'rtf' => 'application/rtf',
+ 'js' => 'application/javascript',
+ 'pdf' => 'application/pdf',
+ 'doc' => 'application/msword',
+ 'pot|pps|ppt' => 'application/vnd.ms-powerpoint',
+ 'wri' => 'application/vnd.ms-write',
+ 'xla|xls|xlt|xlw' => 'application/vnd.ms-excel',
+ 'mdb' => 'application/vnd.ms-access',
+ 'mpp' => 'application/vnd.ms-project',
+ 'swf' => 'application/x-shockwave-flash',
+ 'class' => 'application/java',
+ 'tar' => 'application/x-tar',
+ 'zip' => 'application/zip',
+ 'gz|gzip' => 'application/x-gzip',
+ 'exe' => 'application/x-msdownload',
+ // openoffice formats
+ 'odt' => 'application/vnd.oasis.opendocument.text',
+ 'odp' => 'application/vnd.oasis.opendocument.presentation',
+ 'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
+ 'odg' => 'application/vnd.oasis.opendocument.graphics',
+ 'odc' => 'application/vnd.oasis.opendocument.chart',
+ 'odb' => 'application/vnd.oasis.opendocument.database',
+ 'odf' => 'application/vnd.oasis.opendocument.formula',
+
+ ));
+
+ $type = false;
+ $ext = false;
+
+ foreach ($mimes as $ext_preg => $mime_match) {
+ $ext_preg = '!\.(' . $ext_preg . ')$!i';
+ if (preg_match($ext_preg, $filename, $ext_matches)) {
+ $type = $mime_match;
+ $ext = $ext_matches[1];
+ break;
+ }
+ }
+
+ return compact('ext', 'type');
+}
+
+
+
+function roundsize($size) {
+ $i=0;
+ $iec = array("B", "Kb", "Mb", "Gb", "Tb");
+ while (($size/1024)>1) {
+ $size=$size/1024;
+ $i++;
+ }
+ return(round($size, 1) . " " . $iec[$i]);
+}
+
+?>
diff --git a/config/filemgr/rbfminc/functions.tmp b/config/filemgr/rbfminc/functions.tmp
deleted file mode 100644
index f06ee69c..00000000
--- a/config/filemgr/rbfminc/functions.tmp
+++ /dev/null
@@ -1,189 +0,0 @@
-<?php
-function RecursiveFolderDelete ( $folderPath )
-{
- if ( is_dir ( $folderPath ) )
- {
- foreach ( scandir ( $folderPath ) as $value )
- {
- if ( $value != "." && $value != ".." )
- {
- $value = $folderPath . "/" . $value;
- if ( is_dir ( $value ) )
- {
- RecursiveFolderDelete ( $value );
- }
- elseif ( is_file ( $value ) )
- {
- @unlink ( $value );
- }
- }
- }
- if(!@rmdir ( $folderPath )){
- return FALSE;
- }else{
- return TRUE;
- }
- }
- else
- {
- return FALSE;
- }
-}
-
-
-
-function GetFilePerms($file) {
- $perms = fileperms($file);
- if (($perms & 0xC000) == 0xC000) {$info = 's'; } // Socket
- elseif (($perms & 0xA000) == 0xA000) {$info = 'l'; } // Symbolic Link
- elseif (($perms & 0x8000) == 0x8000) {$info = '-'; } // Regular
- elseif (($perms & 0x6000) == 0x6000) {$info = 'b'; } // Block special
- elseif (($perms & 0x4000) == 0x4000) {$info = 'd'; } // Directory
- elseif (($perms & 0x2000) == 0x2000) {$info = 'c'; } // Character special
- elseif (($perms & 0x1000) == 0x1000) {$info = 'p'; } // FIFO pipe
- else {$info = '?';} // Unknown
- // Owner
- $info .= " ".(($perms & 0x0100) ? 'r' : '-');
- $info .= (($perms & 0x0080) ? 'w' : '-');
- $info .= (($perms & 0x0040) ?
- (($perms & 0x0800) ? 's' : 'x' ) :
- (($perms & 0x0800) ? 'S' : '-'));
- // Group
- $info .= " ".(($perms & 0x0020) ? 'r' : '-');
- $info .= (($perms & 0x0010) ? 'w' : '-');
- $info .= (($perms & 0x0008) ?
- (($perms & 0x0400) ? 's' : 'x' ) :
- (($perms & 0x0400) ? 'S' : '-'));
- // World
- $info .= " ".(($perms & 0x0004) ? 'r' : '-');
- $info .= (($perms & 0x0002) ? 'w' : '-');
- $info .= (($perms & 0x0001) ?
- (($perms & 0x0200) ? 't' : 'x' ) :
- (($perms & 0x0200) ? 'T' : '-'));
-
- $info = "[".substr(sprintf('%o', fileperms($file)), -4)."] ".$info;
-
- return $info;
-}
-
-
-
-function merge_filters($tag) {
- global $wp_filter, $merged_filters;
-
- if ( isset($wp_filter['all']) && is_array($wp_filter['all']) )
- $wp_filter[$tag] = array_merge($wp_filter['all'], (array) $wp_filter[$tag]);
-
- if ( isset($wp_filter[$tag]) ){
- reset($wp_filter[$tag]);
- uksort($wp_filter[$tag], "strnatcasecmp");
- }
- $merged_filters[ $tag ] = true;
-}
-
-
-
-function apply_filters($tag, $string) {
- global $wp_filter, $merged_filters;
-
- if ( !isset( $merged_filters[ $tag ] ) )
- merge_filters($tag);
-
- if ( !isset($wp_filter[$tag]) )
- return $string;
-
- reset( $wp_filter[ $tag ] );
-
- $args = func_get_args();
-
- do{
- foreach( (array) current($wp_filter[$tag]) as $the_ )
- if ( !is_null($the_['function']) ){
- $args[1] = $string;
- $string = call_user_func_array($the_['function'], array_slice($args, 1, (int) $the_['accepted_args']));
- }
-
- } while ( next($wp_filter[$tag]) !== false );
-
- return $string;
-}
-
-
-
-function wp_check_filetype($filename, $mimes = null) {
- // Accepted MIME types are set here as PCRE unless provided.
- $mimes = is_array($mimes) ? $mimes : apply_filters('upload_mimes', array (
- 'jpg|jpeg|jpe' => 'image/jpeg',
- 'gif' => 'image/gif',
- 'png' => 'image/png',
- 'bmp' => 'image/bmp',
- 'tif|tiff' => 'image/tiff',
- 'ico' => 'image/x-icon',
- 'asf|asx|wax|wmv|wmx' => 'video/asf',
- 'avi' => 'video/avi',
- 'mov|qt' => 'video/quicktime',
- 'mpeg|mpg|mpe' => 'video/mpeg',
- 'txt|c|cc|h' => 'text/plain',
- 'rtx' => 'text/richtext',
- 'css' => 'text/css',
- 'htm|html' => 'text/html',
- 'php|php3|' => 'application/php',
- 'mp3|mp4' => 'audio/mpeg',
- 'ra|ram' => 'audio/x-realaudio',
- 'wav' => 'audio/wav',
- 'ogg' => 'audio/ogg',
- 'mid|midi' => 'audio/midi',
- 'wma' => 'audio/wma',
- 'rtf' => 'application/rtf',
- 'js' => 'application/javascript',
- 'pdf' => 'application/pdf',
- 'doc' => 'application/msword',
- 'pot|pps|ppt' => 'application/vnd.ms-powerpoint',
- 'wri' => 'application/vnd.ms-write',
- 'xla|xls|xlt|xlw' => 'application/vnd.ms-excel',
- 'mdb' => 'application/vnd.ms-access',
- 'mpp' => 'application/vnd.ms-project',
- 'swf' => 'application/x-shockwave-flash',
- 'class' => 'application/java',
- 'tar' => 'application/x-tar',
- 'zip' => 'application/zip',
- 'gz|gzip' => 'application/x-gzip',
- 'exe' => 'application/x-msdownload',
- // openoffice formats
- 'odt' => 'application/vnd.oasis.opendocument.text',
- 'odp' => 'application/vnd.oasis.opendocument.presentation',
- 'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
- 'odg' => 'application/vnd.oasis.opendocument.graphics',
- 'odc' => 'application/vnd.oasis.opendocument.chart',
- 'odb' => 'application/vnd.oasis.opendocument.database',
- 'odf' => 'application/vnd.oasis.opendocument.formula',
-
- ));
-
- $type = false;
- $ext = false;
-
- foreach ($mimes as $ext_preg => $mime_match) {
- $ext_preg = '!\.(' . $ext_preg . ')$!i';
- if ( preg_match($ext_preg, $filename, $ext_matches) ) {
- $type = $mime_match;
- $ext = $ext_matches[1];
- break;
- }
- }
-
- return compact('ext', 'type');
-}
-
-
-
-function roundsize($size){
- $i=0;
- $iec = array("B", "Kb", "Mb", "Gb", "Tb");
- while (($size/1024)>1) {
- $size=$size/1024;
- $i++;}
- return(round($size,1)." ".$iec[$i]);
-}
-
-?> \ No newline at end of file
diff --git a/config/filemgr/rbfminc/rename.php b/config/filemgr/rbfminc/rename.php
new file mode 100644
index 00000000..27553f18
--- /dev/null
+++ b/config/filemgr/rbfminc/rename.php
@@ -0,0 +1,68 @@
+<?php
+/*
+ rename.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Tom Schaefer <tom@tomschaefer.org>
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+include("config.php");
+include("session.php");
+
+if ($user_login == 'ok') {
+ include("functions.php");
+?>
+
+<html>
+<head>
+<title>Rename</title>
+</head>
+<body>
+<script type="text/javascript">
+//<![CDATA[
+<?php
+if ($_POST['o'] != $_POST['n']) {
+ if (@rename($_POST['cf'].$_POST['o'], $_POST['cf'].$_POST['n'])) {
+ if ($_POST['t'] == 'd') {
+ echo "alert('Directory successfuly renamed from \"{$_POST['o']}\" to \"{$_POST['n']}\"');";
+ } else {
+ echo "alert('File successfuly renamed from \"{$_POST['o']}\" to \"{$_POST['n']}\"');";
+ }
+ } else {
+ echo <<<EOD
+ alert('Rename error');
+ window.parent.location.href = window.parent.location.href;
+EOD;
+ }
+}
+
+?>
+//]]>
+</script>
+</body>
+</html>
+
+<?php
+}
+?>
diff --git a/config/filemgr/rbfminc/rename.tmp b/config/filemgr/rbfminc/rename.tmp
deleted file mode 100644
index 266e38d4..00000000
--- a/config/filemgr/rbfminc/rename.tmp
+++ /dev/null
@@ -1,41 +0,0 @@
-<?php
-include "config.php";
-include "session.php";
-
-if($user_login == 'ok'){
-
- include "functions.php";
-
-?>
-<html>
-<head>
-<title>Rename</title>
-</head>
-<body>
-<script type="text/javascript">
-//<![CDATA[
-<?php
-//print_r($_POST);
-if($_POST['o'] != $_POST['n']){
- if(@rename($_POST['cf'].$_POST['o'], $_POST['cf'].$_POST['n'])){
- if($_POST['t'] == 'd'){
- echo "alert('Directory successfuly renamed from \"{$_POST['o']}\" to \"{$_POST['n']}\"');";
- }else{
- echo "alert('File successfuly renamed from \"{$_POST['o']}\" to \"{$_POST['n']}\"');";
- }
- }else{
- echo "
- alert('Rename error');
- window.parent.location.href = window.parent.location.href;
- ";
- }
-}
-
-?>
-//]]>
-</script>
-</body>
-</html>
-<?php
-}
-?> \ No newline at end of file
diff --git a/config/filemgr/rbfminc/session.php b/config/filemgr/rbfminc/session.php
new file mode 100644
index 00000000..b616643f
--- /dev/null
+++ b/config/filemgr/rbfminc/session.php
@@ -0,0 +1,58 @@
+<?php
+/*
+ session.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Tom Schaefer <tom@tomschaefer.org>
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+session_name("file_manager_session");
+
+// Create session
+session_start();
+if (($_POST['login'] == 'login') && ($_POST['username']) && ($_POST['password'])) {
+ $_SESSION = array();
+ $_SESSION['username'] = $_POST['username'];
+ $_SESSION['password'] = $_POST['password'];
+}
+
+if ($_GET['logout'] == "logout") {
+ setcookie('url_field', '', time()-3600);
+ setcookie('current_folder', '', time()-3600);
+ $_SESSION = array();
+ session_destroy();
+ session_unset();
+ header("Location: file_manager.php");
+}
+
+
+if (($_SESSION['username']) && ($_SESSION['password'])) {
+ if (($_SESSION['username'] == $username) && ($_SESSION['password'] == $password)) {
+ $user_login = 'ok';
+ } else {
+ $error_message = "Incorrect username or password!";
+ }
+}
+
+?>
diff --git a/config/filemgr/rbfminc/session.tmp b/config/filemgr/rbfminc/session.tmp
deleted file mode 100644
index 7cfc133d..00000000
--- a/config/filemgr/rbfminc/session.tmp
+++ /dev/null
@@ -1,32 +0,0 @@
-<?php
-session_name("file_manager_session");
-
-session_start();
-
-/*************************************************************************************************/
-//create session
-if($_POST['login'] == 'login' and $_POST['username'] and $_POST['password']){
- $_SESSION = array();
- $_SESSION['username']=$_POST['username'];
- $_SESSION['password']=$_POST['password'];
-}
-
-if($_GET['logout'] == "logout"){
- setcookie('url_field', '', time()-3600);
- setcookie('current_folder', '', time()-3600);
- $_SESSION = array();
- session_destroy();
- session_unset();
- header("Location: file_manager.php");
-}
-
-
-if($_SESSION['username'] and $_SESSION['password']){
- if($_SESSION['username'] == $username and $_SESSION['password'] == $password){
- $user_login = 'ok';
- }else{
- $error_message = "Incorect username or password!";
- }
-}
-
-?>