FileManager.inc.php

<?php
 
define('FILE_MODE_MASK', 0666);
define('DIRECTORY_MODE_MASK', 0777);
 
define('DOCUMENT_TYPE_DEFAULT', 'default');
define('DOCUMENT_TYPE_EXCEL', 'excel');
define('DOCUMENT_TYPE_HTML', 'html');
define('DOCUMENT_TYPE_IMAGE', 'image');
define('DOCUMENT_TYPE_PDF', 'pdf');
define('DOCUMENT_TYPE_WORD', 'word');
define('DOCUMENT_TYPE_EPUB', 'epub');
define('DOCUMENT_TYPE_ZIP', 'zip');
 
class FileManager {
   function __construct() {
   }
 
   function uploadedFileExists($fileName) {
      if (isset($_FILES[$fileName]) && isset($_FILES[$fileName]['tmp_name'])
            && is_uploaded_file($_FILES[$fileName]['tmp_name'])) {
         return true;
      }
      return false;
   }
 
   function uploadError($fileName) {
      return (isset($_FILES[$fileName]) && $_FILES[$fileName]['error'] != UPLOAD_ERR_OK);
   }
 
   function getUploadErrorCode($fileName) {
      return $_FILES[$fileName]['error'];
   }
 
   function getFirstUploadedPostName() {
      return key($_FILES);
   }
 
   function getUploadedFilePath($fileName) {
      if (isset($_FILES[$fileName]['tmp_name']) && is_uploaded_file($_FILES[$fileName]['tmp_name'])) {
         return $_FILES[$fileName]['tmp_name'];
      }
      return false;
   }
 
   function getUploadedFileName($fileName) {
      if (isset($_FILES[$fileName]['name'])) {
         return $_FILES[$fileName]['name'];
      }
      return false;
   }
 
   function getUploadedFileType($fileName) {
      if (isset($_FILES[$fileName])) {
         // The result of "explode" can't be passed directly to "array_pop" in PHP 7.
         $exploded = explode('.',$_FILES[$fileName]['name']);
 
         $type = PKPString::mime_content_type(
            $_FILES[$fileName]['tmp_name'], // Location on server
            array_pop($exploded) // Extension on client machine
         );
 
         if (!empty($type)) return $type;
         return $_FILES[$fileName]['type'];
      }
      return false;
   }
 
   function uploadFile($fileName, $destFileName) {
      $destDir = dirname($destFileName);
      if (!$this->fileExists($destDir, 'dir')) {
         // Try to create the destination directory
         $this->mkdirtree($destDir);
      }
      if (!isset($_FILES[$fileName])) return false;
      if (move_uploaded_file($_FILES[$fileName]['tmp_name'], $destFileName))
         return $this->setMode($destFileName, FILE_MODE_MASK);
      return false;
   }
 
   function writeFile($dest, &$contents) {
      $success = true;
      $destDir = dirname($dest);
      if (!$this->fileExists($destDir, 'dir')) {
         // Try to create the destination directory
         $this->mkdirtree($destDir);
      }
      if (($f = fopen($dest, 'wb'))===false) $success = false;
      if ($success && fwrite($f, $contents)===false) $success = false;
      @fclose($f);
 
      if ($success)
         return $this->setMode($dest, FILE_MODE_MASK);
      return false;
   }
 
   function copyFile($source, $dest) {
      $destDir = dirname($dest);
      if (!$this->fileExists($destDir, 'dir')) {
         // Try to create the destination directory
         $this->mkdirtree($destDir);
      }
      if (copy($source, $dest))
         return $this->setMode($dest, FILE_MODE_MASK);
      return false;
   }
 
   function copyDir($source, $dest) {
      if (is_dir($source)) {
         $this->mkdir($dest);
         $destDir = dir($source);
 
         while (($entry = $destDir->read()) !== false) {
            if ($entry == '.' || $entry == '..') {
               continue;
            }
 
            $Entry = $source . DIRECTORY_SEPARATOR . $entry;
            if (is_dir($Entry) ) {
               $this->copyDir($Entry, $dest . DIRECTORY_SEPARATOR . $entry );
               continue;
            }
            $this->copyFile($Entry, $dest . DIRECTORY_SEPARATOR . $entry );
         }
 
         $destDir->close();
      } else {
         $this->copyFile($source, $dest);
      }
 
      if ($this->fileExists($dest, 'dir')) {
         return true;
      } else return false;
   }
 
 
   function readFileFromPath($filePath, $output = false) {
      if (is_readable($filePath)) {
         $f = fopen($filePath, 'rb');
         if (!$f) return false;
         $data = '';
         while (!feof($f)) {
            $data .= fread($f, 4096);
            if ($output) {
               echo $data;
               $data = '';
            }
         }
         fclose($f);
 
         if ($output) return true;
         return $data;
      }
      return false;
   }
 
   function downloadByPath($filePath, $mediaType = null, $inline = false, $fileName = null) {
      $result = null;
      if (HookRegistry::call('FileManager::downloadFile', array(&$filePath, &$mediaType, &$inline, &$result, &$fileName))) return $result;
      if (is_readable($filePath)) {
         if ($mediaType === null) {
            // If the media type wasn't specified, try to detect.
            $mediaType = PKPString::mime_content_type($filePath);
            if (empty($mediaType)) $mediaType = 'application/octet-stream';
         }
         if ($fileName === null) {
            // If the filename wasn't specified, use the server-side.
            $fileName = basename($filePath);
         }
 
         // Stream the file to the end user.
         header("Content-Type: $mediaType");
         header('Content-Length: ' . filesize($filePath));
         header('Accept-Ranges: none');
         header('Content-Disposition: ' . ($inline ? 'inline' : 'attachment') . "; filename=\"$fileName\"");
         header('Cache-Control: private'); // Workarounds for IE weirdness
         header('Pragma: public');
         $this->readFileFromPath($filePath, true);
         $returner = true;
      } else {
         $returner = false;
      }
      HookRegistry::call('FileManager::downloadFileFinished', array(&$returner));
      return $returner;
   }
 
   function deleteByPath($filePath) {
      if ($this->fileExists($filePath)) {
         $result = null;
         if (HookRegistry::call('FileManager::deleteFile', array($filePath, &$result))) return $result;
         return unlink($filePath);
      }
      return false;
   }
 
   function mkdir($dirPath, $perms = null) {
      if ($perms !== null) {
         return mkdir($dirPath, $perms);
      } else {
         if (mkdir($dirPath))
            return $this->setMode($dirPath, DIRECTORY_MODE_MASK);
         return false;
      }
   }
 
   function rmdir($dirPath) {
      return rmdir($dirPath);
   }
 
   function rmtree($file) {
      if (file_exists($file)) {
         if (is_dir($file)) {
            $handle = opendir($file);
            while (($filename = readdir($handle)) !== false) {
               if ($filename != '.' && $filename != '..') {
                  if (!$this->rmtree($file . '/' . $filename)) return false;
               }
            }
            closedir($handle);
            if (!rmdir($file)) return false;
 
         } else {
            if (!unlink($file)) return false;
         }
      }
      return true;
   }
 
   function mkdirtree($dirPath, $perms = null) {
      if (!file_exists($dirPath)) {
         //Avoid infinite recursion when file_exists reports false for root directory
         if ($dirPath == dirname($dirPath)) {
            fatalError('There are no readable files in this directory tree. Are safe mode or open_basedir active?');
            return false;
         } else if ($this->mkdirtree(dirname($dirPath), $perms)) {
            return $this->mkdir($dirPath, $perms);
         } else {
            return false;
         }
      }
      return true;
   }
 
   function fileExists($filePath, $type = 'file') {
      switch ($type) {
         case 'file':
            return file_exists($filePath);
         case 'dir':
            return file_exists($filePath) && is_dir($filePath);
         default:
            return false;
      }
   }
 
   function getDocumentType($type) {
      if ($this->getImageExtension($type))
         return DOCUMENT_TYPE_IMAGE;
 
      switch ($type) {
         case 'application/pdf':
         case 'application/x-pdf':
         case 'text/pdf':
         case 'text/x-pdf':
            return DOCUMENT_TYPE_PDF;
         case 'application/msword':
         case 'application/word':
            return DOCUMENT_TYPE_WORD;
         case 'application/excel':
            return DOCUMENT_TYPE_EXCEL;
         case 'text/html':
            return DOCUMENT_TYPE_HTML;
         case 'application/zip':
         case 'application/x-zip':
         case 'application/x-zip-compressed':
         case 'application/x-compress':
         case 'application/x-compressed':
         case 'multipart/x-zip':
            return DOCUMENT_TYPE_ZIP;
         case 'application/epub':
         case 'application/epub+zip':
            return DOCUMENT_TYPE_EPUB;
         default:
            return DOCUMENT_TYPE_DEFAULT;
      }
   }
 
   function getDocumentExtension($type) {
      switch ($type) {
         case 'application/pdf':
            return '.pdf';
         case 'application/word':
            return '.doc';
         case 'text/css':
            return '.css';
         case 'text/html':
            return '.html';
         case 'application/epub+zip':
            return '.epub';
         default:
            return false;
      }
   }
 
   function getImageExtension($type) {
      switch ($type) {
         case 'image/gif':
            return '.gif';
         case 'image/jpeg':
         case 'image/pjpeg':
            return '.jpg';
         case 'image/png':
         case 'image/x-png':
            return '.png';
         case 'image/vnd.microsoft.icon':
         case 'image/x-icon':
         case 'image/x-ico':
         case 'image/ico':
            return '.ico';
         case 'image/svg+xml':
         case 'image/svg':
            return '.svg';
         case 'application/x-shockwave-flash':
            return '.swf';
         case 'video/x-flv':
         case 'application/x-flash-video':
         case 'flv-application/octet-stream':
            return '.flv';
         case 'audio/mpeg':
            return '.mp3';
         case 'audio/x-aiff':
            return '.aiff';
         case 'audio/x-wav':
            return '.wav';
         case 'video/mpeg':
            return '.mpg';
         case 'video/quicktime':
            return '.mov';
         case 'video/mp4':
            return '.mp4';
         case 'text/javascript':
            return '.js';
         default:
            return false;
      }
   }
 
   function getExtension($fileName) {
      $extension = '';
      $fileParts = explode('.', $fileName);
      if (is_array($fileParts)) {
         $extension = $fileParts[count($fileParts) - 1];
      }
      return $extension;
   }
 
   function truncateFileName($fileName, $length = 127) {
      if (PKPString::strlen($fileName) <= $length) return $fileName;
      $ext = $this->getExtension($fileName);
      $truncated = PKPString::substr($fileName, 0, $length - 1 - PKPString::strlen($ext)) . '.' . $ext;
      return PKPString::substr($truncated, 0, $length);
   }
 
   function getNiceFileSize($size) {
      $niceFileSizeUnits = array('B', 'KB', 'MB', 'GB');
      for($i = 0; $i < 4 && $size > 1024; $i++) {
         $size >>= 10;
      }
      return $size . $niceFileSizeUnits[$i];
   }
 
   function setMode($path, $mask) {
      $umask = Config::getVar('files', 'umask');
      if (!$umask)
         return true;
      return chmod($path, $mask & ~$umask);
   }
 
   function parseFileExtension($fileName) {
      $fileParts = explode('.', $fileName);
      if (is_array($fileParts)) {
         $fileExtension = $fileParts[count($fileParts) - 1];
      }
 
      // FIXME Check for evil
      if (!isset($fileExtension) || stristr($fileExtension, 'php') || strlen($fileExtension) > 6 || !preg_match('/^\w+$/', $fileExtension)) {
         $fileExtension = 'txt';
      }
 
      // consider .tar.gz extension
      if (strtolower(substr($fileName, -7)) == '.tar.gz') {
         $fileExtension = substr($fileName, -6);
      }
 
      return $fileExtension;
   }
 
   function decompressFile($filePath) {
      return $this->_executeGzip($filePath, true);
   }
 
   function compressFile($filePath) {
      return $this->_executeGzip($filePath, false);
   }
 
 
   //
   // Private helper methods.
   //
   private function _executeGzip($filePath, $decompress = false) {
      PKPLocale::requireComponents(LOCALE_COMPONENT_PKP_ADMIN);
      $gzipPath = Config::getVar('cli', 'gzip');
      if (!is_executable($gzipPath)) {
         throw new Exception(__('admin.error.executingUtil', array('utilPath' => $gzipPath, 'utilVar' => 'gzip')));
      }
      $gzipCmd = escapeshellarg($gzipPath);
      if ($decompress) $gzipCmd .= ' -d';
      // Make sure any output message will mention the file path.
      $output = array($filePath);
      $returnValue = 0;
      $gzipCmd .= ' ' . escapeshellarg($filePath);
      if (!Core::isWindows()) {
         // Get the output, redirecting stderr to stdout.
         $gzipCmd .= ' 2>&1';
      }
      exec($gzipCmd, $output, $returnValue);
      if ($returnValue > 0) {
         throw new Exception(__('admin.error.utilExecutionProblem', array('utilPath' => $gzipPath, 'output' => implode(PHP_EOL, $output))));
      }
      if ($decompress) {
         return substr($filePath, 0, -3);
      } else {
         return $filePath . '.gz';
      }
   }
}