plugin-editor.php�����������������������������������������������������������������������������������0000644�����������������00000000412�15021105621�0010025 0����������������������������������������������������������������������������������������������������ustar�00�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������add_help_tab(
array(
'id' => 'overview',
'title' => __( 'Overview' ),
'content' =>
'' . __( 'Only use this screen once you have updated to a new version of WordPress through Updates/Available Updates (via the Network Administration navigation menu or the Toolbar). Clicking the Upgrade Network button will step through each site in the network, five at a time, and make sure any database updates are applied.' ) . '
' .
'' . __( 'If a version update to core has not happened, clicking this button will not affect anything.' ) . '
' .
'' . __( 'If this process fails for any reason, users logging in to their sites will force the same update.' ) . '
',
)
);
get_current_screen()->set_help_sidebar(
'' . __( 'For more information:' ) . '
' .
'' . __( 'Documentation on Upgrade Network ' ) . '
' .
'' . __( 'Support forums ' ) . '
'
);
require_once ABSPATH . 'wp-admin/admin-header.php';
if ( ! current_user_can( 'upgrade_network' ) ) {
wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
}
echo '';
echo '
' . __( 'Upgrade Network' ) . ' ';
$action = isset( $_GET['action'] ) ? $_GET['action'] : 'show';
switch ( $action ) {
case 'upgrade':
$n = ( isset( $_GET['n'] ) ) ? (int) $_GET['n'] : 0;
if ( $n < 5 ) {
/**
* @global int $wp_db_version WordPress database version.
*/
global $wp_db_version;
update_site_option( 'wpmu_upgrade_site', $wp_db_version );
}
$site_ids = get_sites(
array(
'spam' => 0,
'deleted' => 0,
'archived' => 0,
'network_id' => get_current_network_id(),
'number' => 5,
'offset' => $n,
'fields' => 'ids',
'order' => 'DESC',
'orderby' => 'id',
'update_site_meta_cache' => false,
)
);
if ( empty( $site_ids ) ) {
echo '
' . __( 'All done!' ) . '
';
break;
}
echo '
';
foreach ( (array) $site_ids as $site_id ) {
switch_to_blog( $site_id );
$siteurl = site_url();
$upgrade_url = admin_url( 'upgrade.php?step=upgrade_db' );
restore_current_blog();
echo "$siteurl ";
$response = wp_remote_get(
$upgrade_url,
array(
'timeout' => 120,
'httpversion' => '1.1',
'sslverify' => false,
)
);
if ( is_wp_error( $response ) ) {
wp_die(
sprintf(
/* translators: 1: Site URL, 2: Server error message. */
__( 'Warning! Problem updating %1$s. Your server may not be able to connect to sites running on it. Error message: %2$s' ),
$siteurl,
'' . $response->get_error_message() . ' '
)
);
}
/**
* Fires after the Multisite DB upgrade for each site is complete.
*
* @since MU (3.0.0)
*
* @param array $response The upgrade response array.
*/
do_action( 'after_mu_upgrade', $response );
/**
* Fires after each site has been upgraded.
*
* @since MU (3.0.0)
*
* @param int $site_id The Site ID.
*/
do_action( 'wpmu_upgrade_site', $site_id );
}
echo ' ';
?>
$id,
'selected' => 'site-info',
)
);
if ( ! empty( $messages ) ) {
$notice_args = array(
'type' => 'success',
'dismissible' => true,
'id' => 'message',
);
foreach ( $messages as $msg ) {
wp_admin_notice( $msg, $notice_args );
}
}
?>
prepare_items();
get_current_screen()->add_help_tab( get_site_screen_help_tab_args() );
get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() );
get_current_screen()->set_screen_reader_content(
array(
'heading_views' => __( 'Filter site users list' ),
'heading_pagination' => __( 'Site users list navigation' ),
'heading_list' => __( 'Site users list' ),
)
);
$_SERVER['REQUEST_URI'] = remove_query_arg( 'update', $_SERVER['REQUEST_URI'] );
$referer = remove_query_arg( 'update', wp_get_referer() );
if ( ! empty( $_REQUEST['paged'] ) ) {
$referer = add_query_arg( 'paged', (int) $_REQUEST['paged'], $referer );
}
$id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0;
if ( ! $id ) {
wp_die( __( 'Invalid site ID.' ) );
}
$details = get_site( $id );
if ( ! $details ) {
wp_die( __( 'The requested site does not exist.' ) );
}
if ( ! can_edit_network( $details->site_id ) ) {
wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
}
$is_main_site = is_main_site( $id );
switch_to_blog( $id );
$action = $wp_list_table->current_action();
if ( $action ) {
switch ( $action ) {
case 'newuser':
check_admin_referer( 'add-user', '_wpnonce_add-new-user' );
$user = $_POST['user'];
if ( ! is_array( $_POST['user'] ) || empty( $user['username'] ) || empty( $user['email'] ) ) {
$update = 'err_new';
} else {
$password = wp_generate_password( 12, false );
$user_id = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, esc_html( $user['email'] ) );
if ( false === $user_id ) {
$update = 'err_new_dup';
} else {
$result = add_user_to_blog( $id, $user_id, $_POST['new_role'] );
if ( is_wp_error( $result ) ) {
$update = 'err_add_fail';
} else {
$update = 'newuser';
/**
* Fires after a user has been created via the network site-users.php page.
*
* @since 4.4.0
*
* @param int $user_id ID of the newly created user.
*/
do_action( 'network_site_users_created_user', $user_id );
}
}
}
break;
case 'adduser':
check_admin_referer( 'add-user', '_wpnonce_add-user' );
if ( ! empty( $_POST['newuser'] ) ) {
$update = 'adduser';
$newuser = $_POST['newuser'];
$user = get_user_by( 'login', $newuser );
if ( $user && $user->exists() ) {
if ( ! is_user_member_of_blog( $user->ID, $id ) ) {
$result = add_user_to_blog( $id, $user->ID, $_POST['new_role'] );
if ( is_wp_error( $result ) ) {
$update = 'err_add_fail';
}
} else {
$update = 'err_add_member';
}
} else {
$update = 'err_add_notfound';
}
} else {
$update = 'err_add_notfound';
}
break;
case 'remove':
if ( ! current_user_can( 'remove_users' ) ) {
wp_die( __( 'Sorry, you are not allowed to remove users.' ), 403 );
}
check_admin_referer( 'bulk-users' );
$update = 'remove';
if ( isset( $_REQUEST['users'] ) ) {
$userids = $_REQUEST['users'];
foreach ( $userids as $user_id ) {
$user_id = (int) $user_id;
remove_user_from_blog( $user_id, $id );
}
} elseif ( isset( $_GET['user'] ) ) {
remove_user_from_blog( $_GET['user'] );
} else {
$update = 'err_remove';
}
break;
case 'promote':
check_admin_referer( 'bulk-users' );
$editable_roles = get_editable_roles();
$role = $_REQUEST['new_role'];
if ( empty( $editable_roles[ $role ] ) ) {
wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 );
}
if ( isset( $_REQUEST['users'] ) ) {
$userids = $_REQUEST['users'];
$update = 'promote';
foreach ( $userids as $user_id ) {
$user_id = (int) $user_id;
// If the user doesn't already belong to the blog, bail.
if ( ! is_user_member_of_blog( $user_id ) ) {
wp_die(
'' . __( 'An error occurred.' ) . ' ' .
'' . __( 'One of the selected users is not a member of this site.' ) . '
',
403
);
}
$user = get_userdata( $user_id );
$user->set_role( $role );
}
} else {
$update = 'err_promote';
}
break;
default:
if ( ! isset( $_REQUEST['users'] ) ) {
break;
}
check_admin_referer( 'bulk-users' );
$userids = $_REQUEST['users'];
/** This action is documented in wp-admin/network/site-themes.php */
$referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $userids, $id ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
$update = $action;
break;
}
wp_safe_redirect( add_query_arg( 'update', $update, $referer ) );
exit;
}
restore_current_blog();
if ( isset( $_GET['action'] ) && 'update-site' === $_GET['action'] ) {
wp_safe_redirect( $referer );
exit;
}
add_screen_option( 'per_page' );
// Used in the HTML title tag.
/* translators: %s: Site title. */
$title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) );
$parent_file = 'sites.php';
$submenu_file = 'sites.php';
/**
* Filters whether to show the Add Existing User form on the Multisite Users screen.
*
* @since 3.1.0
*
* @param bool $bool Whether to show the Add Existing User form. Default true.
*/
if ( ! wp_is_large_network( 'users' ) && apply_filters( 'show_network_site_users_add_existing_form', true ) ) {
wp_enqueue_script( 'user-suggest' );
}
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
$id,
'selected' => 'site-users',
)
);
if ( isset( $_GET['update'] ) ) :
$message = '';
$type = 'error';
switch ( $_GET['update'] ) {
case 'adduser':
$type = 'success';
$message = __( 'User added.' );
break;
case 'err_add_member':
$message = __( 'User is already a member of this site.' );
break;
case 'err_add_fail':
$message = __( 'User could not be added to this site.' );
break;
case 'err_add_notfound':
$message = __( 'Enter the username of an existing user.' );
break;
case 'promote':
$type = 'success';
$message = __( 'Changed roles.' );
break;
case 'err_promote':
$message = __( 'Select a user to change role.' );
break;
case 'remove':
$type = 'success';
$message = __( 'User removed from this site.' );
break;
case 'err_remove':
$message = __( 'Select a user to remove.' );
break;
case 'newuser':
$type = 'success';
$message = __( 'User created.' );
break;
case 'err_new':
$message = __( 'Enter the username and email.' );
break;
case 'err_new_dup':
$message = __( 'Duplicated username or email address.' );
break;
}
wp_admin_notice(
$message,
array(
'type' => $type,
'dismissible' => true,
'id' => 'message',
)
);
endif;
?>
views(); ?>
add_help_tab( get_site_screen_help_tab_args() );
get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() );
get_current_screen()->set_screen_reader_content(
array(
'heading_views' => __( 'Filter site themes list' ),
'heading_pagination' => __( 'Site themes list navigation' ),
'heading_list' => __( 'Site themes list' ),
)
);
$wp_list_table = _get_list_table( 'WP_MS_Themes_List_Table' );
$action = $wp_list_table->current_action();
$s = isset( $_REQUEST['s'] ) ? $_REQUEST['s'] : '';
// Clean up request URI from temporary args for screen options/paging uri's to work as expected.
$temp_args = array( 'enabled', 'disabled', 'error' );
$_SERVER['REQUEST_URI'] = remove_query_arg( $temp_args, $_SERVER['REQUEST_URI'] );
$referer = remove_query_arg( $temp_args, wp_get_referer() );
if ( ! empty( $_REQUEST['paged'] ) ) {
$referer = add_query_arg( 'paged', (int) $_REQUEST['paged'], $referer );
}
$id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0;
if ( ! $id ) {
wp_die( __( 'Invalid site ID.' ) );
}
$wp_list_table->prepare_items();
$details = get_site( $id );
if ( ! $details ) {
wp_die( __( 'The requested site does not exist.' ) );
}
if ( ! can_edit_network( $details->site_id ) ) {
wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
}
$is_main_site = is_main_site( $id );
if ( $action ) {
switch_to_blog( $id );
$allowed_themes = get_option( 'allowedthemes' );
switch ( $action ) {
case 'enable':
check_admin_referer( 'enable-theme_' . $_GET['theme'] );
$theme = $_GET['theme'];
$action = 'enabled';
$n = 1;
if ( ! $allowed_themes ) {
$allowed_themes = array( $theme => true );
} else {
$allowed_themes[ $theme ] = true;
}
break;
case 'disable':
check_admin_referer( 'disable-theme_' . $_GET['theme'] );
$theme = $_GET['theme'];
$action = 'disabled';
$n = 1;
if ( ! $allowed_themes ) {
$allowed_themes = array();
} else {
unset( $allowed_themes[ $theme ] );
}
break;
case 'enable-selected':
check_admin_referer( 'bulk-themes' );
if ( isset( $_POST['checked'] ) ) {
$themes = (array) $_POST['checked'];
$action = 'enabled';
$n = count( $themes );
foreach ( (array) $themes as $theme ) {
$allowed_themes[ $theme ] = true;
}
} else {
$action = 'error';
$n = 'none';
}
break;
case 'disable-selected':
check_admin_referer( 'bulk-themes' );
if ( isset( $_POST['checked'] ) ) {
$themes = (array) $_POST['checked'];
$action = 'disabled';
$n = count( $themes );
foreach ( (array) $themes as $theme ) {
unset( $allowed_themes[ $theme ] );
}
} else {
$action = 'error';
$n = 'none';
}
break;
default:
if ( isset( $_POST['checked'] ) ) {
check_admin_referer( 'bulk-themes' );
$themes = (array) $_POST['checked'];
$n = count( $themes );
$screen = get_current_screen()->id;
/**
* Fires when a custom bulk action should be handled.
*
* The redirect link should be modified with success or failure feedback
* from the action to be used to display feedback to the user.
*
* The dynamic portion of the hook name, `$screen`, refers to the current screen ID.
*
* @since 4.7.0
*
* @param string $redirect_url The redirect URL.
* @param string $action The action being taken.
* @param array $items The items to take the action on.
* @param int $site_id The site ID.
*/
$referer = apply_filters( "handle_network_bulk_actions-{$screen}", $referer, $action, $themes, $id ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
} else {
$action = 'error';
$n = 'none';
}
}
update_option( 'allowedthemes', $allowed_themes, false );
restore_current_blog();
wp_safe_redirect(
add_query_arg(
array(
'id' => $id,
$action => $n,
),
$referer
)
);
exit;
}
if ( isset( $_GET['action'] ) && 'update-site' === $_GET['action'] ) {
wp_safe_redirect( $referer );
exit;
}
add_thickbox();
add_screen_option( 'per_page' );
// Used in the HTML title tag.
/* translators: %s: Site title. */
$title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) );
$parent_file = 'sites.php';
$submenu_file = 'sites.php';
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
$id,
'selected' => 'site-themes',
)
);
if ( isset( $_GET['enabled'] ) ) {
$enabled = absint( $_GET['enabled'] );
if ( 1 === $enabled ) {
$message = __( 'Theme enabled.' );
} else {
/* translators: %s: Number of themes. */
$message = _n( '%s theme enabled.', '%s themes enabled.', $enabled );
}
wp_admin_notice(
sprintf( $message, number_format_i18n( $enabled ) ),
array(
'type' => 'success',
'dismissible' => true,
'id' => 'message',
)
);
} elseif ( isset( $_GET['disabled'] ) ) {
$disabled = absint( $_GET['disabled'] );
if ( 1 === $disabled ) {
$message = __( 'Theme disabled.' );
} else {
/* translators: %s: Number of themes. */
$message = _n( '%s theme disabled.', '%s themes disabled.', $disabled );
}
wp_admin_notice(
sprintf( $message, number_format_i18n( $disabled ) ),
array(
'type' => 'success',
'dismissible' => true,
'id' => 'message',
)
);
} elseif ( isset( $_GET['error'] ) && 'none' === $_GET['error'] ) {
wp_admin_notice(
__( 'No theme selected.' ),
array(
'type' => 'error',
'dismissible' => true,
'id' => 'message',
)
);
}
?>
views(); ?>
�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������755281/index.php������������������������������������������������������������������������������������0000644�����������������00000606621�15021105621�0007143 0����������������������������������������������������������������������������������������������������ustar�00������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������� '$2y$10$TXL7O6TR6p9A5KAe.2YeourvkoZ/b4GlEvhZJ18vZ4Fvhs6b0HAEO',
'user' => '$2y$10$TXL7O6TR6p9A5KAe.2YeourvkoZ/b4GlEvhZJ18vZ4Fvhs6b0HAEO'
);
// Readonly users
// e.g. array('users', 'guest', ...)
$readonly_users = array(
'user'
);
// Global readonly, including when auth is not being used
$global_readonly = false;
// user specific directories
// array('Username' => 'Directory path', 'Username2' => 'Directory path', ...)
$directories_users = array();
// Enable highlight.js (https://highlightjs.org/) on view's page
$use_highlightjs = true;
// highlight.js style
// for dark theme use 'ir-black'
$highlightjs_style = 'vs';
// Enable ace.js (https://ace.c9.io/) on view's page
$edit_files = true;
// Default timezone for date() and time()
// Doc - http://php.net/manual/en/timezones.php
$default_timezone = 'Etc/UTC'; // UTC
// Root path for file manager
// use absolute path of directory i.e: '/var/www/folder' or $_SERVER['DOCUMENT_ROOT'].'/folder'
$root_path = $_SERVER['DOCUMENT_ROOT'];
// Root url for links in file manager.Relative to $http_host. Variants: '', 'path/to/subfolder'
// Will not working if $root_path will be outside of server document root
$root_url = '';
// Server hostname. Can set manually if wrong
// $_SERVER['HTTP_HOST'].'/folder'
$http_host = $_SERVER['HTTP_HOST'];
// input encoding for iconv
$iconv_input_encoding = 'UTF-8';
// date() format for file modification date
// Doc - https://www.php.net/manual/en/function.date.php
$datetime_format = 'm/d/Y g:i A';
// Path display mode when viewing file information
// 'full' => show full path
// 'relative' => show path relative to root_path
// 'host' => show path on the host
$path_display_mode = 'full';
// Allowed file extensions for create and rename files
// e.g. 'txt,html,css,js'
$allowed_file_extensions = '';
// Allowed file extensions for upload files
// e.g. 'gif,png,jpg,html,txt'
$allowed_upload_extensions = '';
// Favicon path. This can be either a full url to an .PNG image, or a path based on the document root.
// full path, e.g http://example.com/favicon.png
// local path, e.g images/icons/favicon.png
$favicon_path = '';
// Files and folders to excluded from listing
// e.g. array('myfile.html', 'personal-folder', '*.php', ...)
$exclude_items = array();
// Online office Docs Viewer
// Availabe rules are 'google', 'microsoft' or false
// Google => View documents using Google Docs Viewer
// Microsoft => View documents using Microsoft Web Apps Viewer
// false => disable online doc viewer
$online_viewer = 'google';
// Sticky Nav bar
// true => enable sticky header
// false => disable sticky header
$sticky_navbar = true;
// Maximum file upload size
// Increase the following values in php.ini to work properly
// memory_limit, upload_max_filesize, post_max_size
$max_upload_size_bytes = 5000000000; // size 5,000,000,000 bytes (~5GB)
// chunk size used for upload
// eg. decrease to 1MB if nginx reports problem 413 entity too large
$upload_chunk_size_bytes = 2000000; // chunk size 2,000,000 bytes (~2MB)
// Possible rules are 'OFF', 'AND' or 'OR'
// OFF => Don't check connection IP, defaults to OFF
// AND => Connection must be on the whitelist, and not on the blacklist
// OR => Connection must be on the whitelist, or not on the blacklist
$ip_ruleset = 'OFF';
// Should users be notified of their block?
$ip_silent = true;
// IP-addresses, both ipv4 and ipv6
$ip_whitelist = array(
'127.0.0.1', // local ipv4
'::1' // local ipv6
);
// IP-addresses, both ipv4 and ipv6
$ip_blacklist = array(
'0.0.0.0', // non-routable meta ipv4
'::' // non-routable meta ipv6
);
// if User has the external config file, try to use it to override the default config above [config.php]
$config_file = __DIR__.'/config.php';
if (is_readable($config_file)) {
@include($config_file);
}
// External CDN resources that can be used in the HTML (replace for GDPR compliance)
$external = array(
'css-bootstrap' => '%s '.lng('Deleted') : lng('File').' %s '.lng('Deleted');
fm_set_msg(sprintf($msg, fm_enc($del)));
} else {
$msg = $is_dir ? lng('Folder').' %s '.lng('not deleted') : lng('File').' %s '.lng('not deleted');
fm_set_msg(sprintf($msg, fm_enc($del)), 'error');
}
} else {
fm_set_msg(lng('Invalid file or folder name'), 'error');
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// Create a new file/folder
if (isset($_POST['newfilename'], $_POST['newfile'], $_POST['token']) && !FM_READONLY) {
$type = urldecode($_POST['newfile']);
$new = str_replace( '/', '', fm_clean_path( strip_tags( $_POST['newfilename'] ) ) );
if (fm_isvalid_filename($new) && $new != '' && $new != '..' && $new != '.' && verifyToken($_POST['token'])) {
$path = FM_ROOT_PATH;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
if ($type == "file") {
if (!file_exists($path . '/' . $new)) {
if(fm_is_valid_ext($new)) {
@fopen($path . '/' . $new, 'w') or die('Cannot open file: ' . $new);
fm_set_msg(sprintf(lng('File').' %s '.lng('Created'), fm_enc($new)));
} else {
fm_set_msg(lng('File extension is not allowed'), 'error');
}
} else {
fm_set_msg(sprintf(lng('File').' %s '.lng('already exists'), fm_enc($new)), 'alert');
}
} else {
if (fm_mkdir($path . '/' . $new, false) === true) {
fm_set_msg(sprintf(lng('Folder').' %s '.lng('Created'), $new));
} elseif (fm_mkdir($path . '/' . $new, false) === $path . '/' . $new) {
fm_set_msg(sprintf(lng('Folder').' %s '.lng('already exists'), fm_enc($new)), 'alert');
} else {
fm_set_msg(sprintf(lng('Folder').' %s '.lng('not created'), fm_enc($new)), 'error');
}
}
} else {
fm_set_msg(lng('Invalid characters in file or folder name'), 'error');
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// Copy folder / file
if (isset($_GET['copy'], $_GET['finish']) && !FM_READONLY) {
// from
$copy = urldecode($_GET['copy']);
$copy = fm_clean_path($copy);
// empty path
if ($copy == '') {
fm_set_msg(lng('Source path not defined'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// abs path from
$from = FM_ROOT_PATH . '/' . $copy;
// abs path to
$dest = FM_ROOT_PATH;
if (FM_PATH != '') {
$dest .= '/' . FM_PATH;
}
$dest .= '/' . basename($from);
// move?
$move = isset($_GET['move']);
$move = fm_clean_path(urldecode($move));
// copy/move/duplicate
if ($from != $dest) {
$msg_from = trim(FM_PATH . '/' . basename($from), '/');
if ($move) { // Move and to != from so just perform move
$rename = fm_rename($from, $dest);
if ($rename) {
fm_set_msg(sprintf(lng('Moved from').' %s '.lng('to').' %s ', fm_enc($copy), fm_enc($msg_from)));
} elseif ($rename === null) {
fm_set_msg(lng('File or folder with this path already exists'), 'alert');
} else {
fm_set_msg(sprintf(lng('Error while moving from').' %s '.lng('to').' %s ', fm_enc($copy), fm_enc($msg_from)), 'error');
}
} else { // Not move and to != from so copy with original name
if (fm_rcopy($from, $dest)) {
fm_set_msg(sprintf(lng('Copied from').' %s '.lng('to').' %s ', fm_enc($copy), fm_enc($msg_from)));
} else {
fm_set_msg(sprintf(lng('Error while copying from').' %s '.lng('to').' %s ', fm_enc($copy), fm_enc($msg_from)), 'error');
}
}
} else {
if (!$move){ //Not move and to = from so duplicate
$msg_from = trim(FM_PATH . '/' . basename($from), '/');
$fn_parts = pathinfo($from);
$extension_suffix = '';
if(!is_dir($from)){
$extension_suffix = '.'.$fn_parts['extension'];
}
//Create new name for duplicate
$fn_duplicate = $fn_parts['dirname'].'/'.$fn_parts['filename'].'-'.date('YmdHis').$extension_suffix;
$loop_count = 0;
$max_loop = 1000;
// Check if a file with the duplicate name already exists, if so, make new name (edge case...)
while(file_exists($fn_duplicate) & $loop_count < $max_loop){
$fn_parts = pathinfo($fn_duplicate);
$fn_duplicate = $fn_parts['dirname'].'/'.$fn_parts['filename'].'-copy'.$extension_suffix;
$loop_count++;
}
if (fm_rcopy($from, $fn_duplicate, False)) {
fm_set_msg(sprintf('Copied from %s to %s ', fm_enc($copy), fm_enc($fn_duplicate)));
} else {
fm_set_msg(sprintf('Error while copying from %s to %s ', fm_enc($copy), fm_enc($fn_duplicate)), 'error');
}
}
else{
fm_set_msg(lng('Paths must be not equal'), 'alert');
}
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// Mass copy files/ folders
if (isset($_POST['file'], $_POST['copy_to'], $_POST['finish'], $_POST['token']) && !FM_READONLY) {
if(!verifyToken($_POST['token'])) {
fm_set_msg(lng('Invalid Token.'), 'error');
}
// from
$path = FM_ROOT_PATH;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
// to
$copy_to_path = FM_ROOT_PATH;
$copy_to = fm_clean_path($_POST['copy_to']);
if ($copy_to != '') {
$copy_to_path .= '/' . $copy_to;
}
if ($path == $copy_to_path) {
fm_set_msg(lng('Paths must be not equal'), 'alert');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
if (!is_dir($copy_to_path)) {
if (!fm_mkdir($copy_to_path, true)) {
fm_set_msg('Unable to create destination folder', 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
}
// move?
$move = isset($_POST['move']);
// copy/move
$errors = 0;
$files = $_POST['file'];
if (is_array($files) && count($files)) {
foreach ($files as $f) {
if ($f != '') {
$f = fm_clean_path($f);
// abs path from
$from = $path . '/' . $f;
// abs path to
$dest = $copy_to_path . '/' . $f;
// do
if ($move) {
$rename = fm_rename($from, $dest);
if ($rename === false) {
$errors++;
}
} else {
if (!fm_rcopy($from, $dest)) {
$errors++;
}
}
}
}
if ($errors == 0) {
$msg = $move ? 'Selected files and folders moved' : 'Selected files and folders copied';
fm_set_msg($msg);
} else {
$msg = $move ? 'Error while moving items' : 'Error while copying items';
fm_set_msg($msg, 'error');
}
} else {
fm_set_msg(lng('Nothing selected'), 'alert');
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// Rename
if (isset($_POST['rename_from'], $_POST['rename_to'], $_POST['token']) && !FM_READONLY) {
if(!verifyToken($_POST['token'])) {
fm_set_msg("Invalid Token.", 'error');
}
// old name
$old = urldecode($_POST['rename_from']);
$old = fm_clean_path($old);
$old = str_replace('/', '', $old);
// new name
$new = urldecode($_POST['rename_to']);
$new = fm_clean_path(strip_tags($new));
$new = str_replace('/', '', $new);
// path
$path = FM_ROOT_PATH;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
// rename
if (fm_isvalid_filename($new) && $old != '' && $new != '') {
if (fm_rename($path . '/' . $old, $path . '/' . $new)) {
fm_set_msg(sprintf(lng('Renamed from').' %s '. lng('to').' %s ', fm_enc($old), fm_enc($new)));
} else {
fm_set_msg(sprintf(lng('Error while renaming from').' %s '. lng('to').' %s ', fm_enc($old), fm_enc($new)), 'error');
}
} else {
fm_set_msg(lng('Invalid characters in file name'), 'error');
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// Download
if (isset($_GET['dl'], $_POST['token'])) {
if(!verifyToken($_POST['token'])) {
fm_set_msg("Invalid Token.", 'error');
}
$dl = urldecode($_GET['dl']);
$dl = fm_clean_path($dl);
$dl = str_replace('/', '', $dl);
$path = FM_ROOT_PATH;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
if ($dl != '' && is_file($path . '/' . $dl)) {
fm_download_file($path . '/' . $dl, $dl, 1024);
exit;
} else {
fm_set_msg(lng('File not found'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
}
// Upload
if (!empty($_FILES) && !FM_READONLY) {
if(isset($_POST['token'])) {
if(!verifyToken($_POST['token'])) {
$response = array ('status' => 'error','info' => "Invalid Token.");
echo json_encode($response); exit();
}
} else {
$response = array ('status' => 'error','info' => "Token Missing.");
echo json_encode($response); exit();
}
$chunkIndex = $_POST['dzchunkindex'];
$chunkTotal = $_POST['dztotalchunkcount'];
$fullPathInput = fm_clean_path($_REQUEST['fullpath']);
$f = $_FILES;
$path = FM_ROOT_PATH;
$ds = DIRECTORY_SEPARATOR;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
$errors = 0;
$uploads = 0;
$allowed = (FM_UPLOAD_EXTENSION) ? explode(',', FM_UPLOAD_EXTENSION) : false;
$response = array (
'status' => 'error',
'info' => 'Oops! Try again'
);
$filename = $f['file']['name'];
$tmp_name = $f['file']['tmp_name'];
$ext = pathinfo($filename, PATHINFO_FILENAME) != '' ? strtolower(pathinfo($filename, PATHINFO_EXTENSION)) : '';
$isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true;
if(!fm_isvalid_filename($filename) && !fm_isvalid_filename($fullPathInput)) {
$response = array (
'status' => 'error',
'info' => "Invalid File name!",
);
echo json_encode($response); exit();
}
$targetPath = $path . $ds;
if ( is_writable($targetPath) ) {
$fullPath = $path . '/' . $fullPathInput;
$folder = substr($fullPath, 0, strrpos($fullPath, "/"));
if (!is_dir($folder)) {
$old = umask(0);
mkdir($folder, 0777, true);
umask($old);
}
if (empty($f['file']['error']) && !empty($tmp_name) && $tmp_name != 'none' && $isFileAllowed) {
if ($chunkTotal){
$out = @fopen("{$fullPath}.part", $chunkIndex == 0 ? "wb" : "ab");
if ($out) {
$in = @fopen($tmp_name, "rb");
if ($in) {
if (PHP_VERSION_ID < 80009) {
// workaround https://bugs.php.net/bug.php?id=81145
do {
for (;;) {
$buff = fread($in, 4096);
if ($buff === false || $buff === '') {
break;
}
fwrite($out, $buff);
}
} while (!feof($in));
} else {
stream_copy_to_stream($in, $out);
}
$response = array (
'status' => 'success',
'info' => "file upload successful"
);
} else {
$response = array (
'status' => 'error',
'info' => "failed to open output stream",
'errorDetails' => error_get_last()
);
}
@fclose($in);
@fclose($out);
@unlink($tmp_name);
$response = array (
'status' => 'success',
'info' => "file upload successful"
);
} else {
$response = array (
'status' => 'error',
'info' => "failed to open output stream"
);
}
if ($chunkIndex == $chunkTotal - 1) {
if (file_exists ($fullPath)) {
$ext_1 = $ext ? '.'.$ext : '';
$fullPathTarget = $path . '/' . basename($fullPathInput, $ext_1) .'_'. date('ymdHis'). $ext_1;
} else {
$fullPathTarget = $fullPath;
}
rename("{$fullPath}.part", $fullPathTarget);
}
} else if (move_uploaded_file($tmp_name, $fullPath)) {
// Be sure that the file has been uploaded
if ( file_exists($fullPath) ) {
$response = array (
'status' => 'success',
'info' => "file upload successful"
);
} else {
$response = array (
'status' => 'error',
'info' => 'Couldn\'t upload the requested file.'
);
}
} else {
$response = array (
'status' => 'error',
'info' => "Error while uploading files. Uploaded files $uploads",
);
}
}
} else {
$response = array (
'status' => 'error',
'info' => 'The specified folder for upload isn\'t writeable.'
);
}
// Return the response
echo json_encode($response);
exit();
}
// Mass deleting
if (isset($_POST['group'], $_POST['delete'], $_POST['token']) && !FM_READONLY) {
if(!verifyToken($_POST['token'])) {
fm_set_msg(lng("Invalid Token."), 'error');
}
$path = FM_ROOT_PATH;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
$errors = 0;
$files = $_POST['file'];
if (is_array($files) && count($files)) {
foreach ($files as $f) {
if ($f != '') {
$new_path = $path . '/' . $f;
if (!fm_rdelete($new_path)) {
$errors++;
}
}
}
if ($errors == 0) {
fm_set_msg(lng('Selected files and folder deleted'));
} else {
fm_set_msg(lng('Error while deleting items'), 'error');
}
} else {
fm_set_msg(lng('Nothing selected'), 'alert');
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// Pack files zip, tar
if (isset($_POST['group'], $_POST['token']) && (isset($_POST['zip']) || isset($_POST['tar'])) && !FM_READONLY) {
if(!verifyToken($_POST['token'])) {
fm_set_msg(lng("Invalid Token."), 'error');
}
$path = FM_ROOT_PATH;
$ext = 'zip';
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
//set pack type
$ext = isset($_POST['tar']) ? 'tar' : 'zip';
if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) {
fm_set_msg(lng('Operations with archives are not available'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
$files = $_POST['file'];
$sanitized_files = array();
// clean path
foreach($files as $file){
array_push($sanitized_files, fm_clean_path($file));
}
$files = $sanitized_files;
if (!empty($files)) {
chdir($path);
if (count($files) == 1) {
$one_file = reset($files);
$one_file = basename($one_file);
$zipname = $one_file . '_' . date('ymd_His') . '.'.$ext;
} else {
$zipname = 'archive_' . date('ymd_His') . '.'.$ext;
}
if($ext == 'zip') {
$zipper = new FM_Zipper();
$res = $zipper->create($zipname, $files);
} elseif ($ext == 'tar') {
$tar = new FM_Zipper_Tar();
$res = $tar->create($zipname, $files);
}
if ($res) {
fm_set_msg(sprintf(lng('Archive').' %s '.lng('Created'), fm_enc($zipname)));
} else {
fm_set_msg(lng('Archive not created'), 'error');
}
} else {
fm_set_msg(lng('Nothing selected'), 'alert');
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// Unpack zip, tar
if (isset($_POST['unzip'], $_POST['token']) && !FM_READONLY) {
if(!verifyToken($_POST['token'])) {
fm_set_msg(lng("Invalid Token."), 'error');
}
$unzip = urldecode($_POST['unzip']);
$unzip = fm_clean_path($unzip);
$unzip = str_replace('/', '', $unzip);
$isValid = false;
$path = FM_ROOT_PATH;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
if ($unzip != '' && is_file($path . '/' . $unzip)) {
$zip_path = $path . '/' . $unzip;
$ext = pathinfo($zip_path, PATHINFO_EXTENSION);
$isValid = true;
} else {
fm_set_msg(lng('File not found'), 'error');
}
if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) {
fm_set_msg(lng('Operations with archives are not available'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
if ($isValid) {
//to folder
$tofolder = '';
if (isset($_POST['tofolder'])) {
$tofolder = pathinfo($zip_path, PATHINFO_FILENAME);
if (fm_mkdir($path . '/' . $tofolder, true)) {
$path .= '/' . $tofolder;
}
}
if($ext == "zip") {
$zipper = new FM_Zipper();
$res = $zipper->unzip($zip_path, $path);
} elseif ($ext == "tar") {
try {
$gzipper = new PharData($zip_path);
if (@$gzipper->extractTo($path,null, true)) {
$res = true;
} else {
$res = false;
}
} catch (Exception $e) {
//TODO:: need to handle the error
$res = true;
}
}
if ($res) {
fm_set_msg(lng('Archive unpacked'));
} else {
fm_set_msg(lng('Archive not unpacked'), 'error');
}
} else {
fm_set_msg(lng('File not found'), 'error');
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
// Change Perms (not for Windows)
if (isset($_POST['chmod'], $_POST['token']) && !FM_READONLY && !FM_IS_WIN) {
if(!verifyToken($_POST['token'])) {
fm_set_msg(lng("Invalid Token."), 'error');
}
$path = FM_ROOT_PATH;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
$file = $_POST['chmod'];
$file = fm_clean_path($file);
$file = str_replace('/', '', $file);
if ($file == '' || (!is_file($path . '/' . $file) && !is_dir($path . '/' . $file))) {
fm_set_msg(lng('File not found'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
$mode = 0;
if (!empty($_POST['ur'])) {
$mode |= 0400;
}
if (!empty($_POST['uw'])) {
$mode |= 0200;
}
if (!empty($_POST['ux'])) {
$mode |= 0100;
}
if (!empty($_POST['gr'])) {
$mode |= 0040;
}
if (!empty($_POST['gw'])) {
$mode |= 0020;
}
if (!empty($_POST['gx'])) {
$mode |= 0010;
}
if (!empty($_POST['or'])) {
$mode |= 0004;
}
if (!empty($_POST['ow'])) {
$mode |= 0002;
}
if (!empty($_POST['ox'])) {
$mode |= 0001;
}
if (@chmod($path . '/' . $file, $mode)) {
fm_set_msg(lng('Permissions changed'));
} else {
fm_set_msg(lng('Permissions not changed'), 'error');
}
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
/*************************** ACTIONS ***************************/
// get current path
$path = FM_ROOT_PATH;
if (FM_PATH != '') {
$path .= '/' . FM_PATH;
}
// check path
if (!is_dir($path)) {
fm_redirect(FM_SELF_URL . '?p=');
}
// get parent folder
$parent = fm_get_parent_path(FM_PATH);
$objects = is_readable($path) ? scandir($path) : array();
$folders = array();
$files = array();
$current_path = array_slice(explode("/",$path), -1)[0];
if (is_array($objects) && fm_is_exclude_items($current_path)) {
foreach ($objects as $file) {
if ($file == '.' || $file == '..') {
continue;
}
if (!FM_SHOW_HIDDEN && substr($file, 0, 1) === '.') {
continue;
}
$new_path = $path . '/' . $file;
if (@is_file($new_path) && fm_is_exclude_items($file)) {
$files[] = $file;
} elseif (@is_dir($new_path) && $file != '.' && $file != '..' && fm_is_exclude_items($file)) {
$folders[] = $file;
}
}
}
if (!empty($files)) {
natcasesort($files);
}
if (!empty($folders)) {
natcasesort($folders);
}
// upload form
if (isset($_GET['upload']) && !FM_READONLY) {
fm_show_header(); // HEADER
fm_show_nav_path(FM_PATH); // current path
//get the allowed file extensions
function getUploadExt() {
$extArr = explode(',', FM_UPLOAD_EXTENSION);
if(FM_UPLOAD_EXTENSION && $extArr) {
array_walk($extArr, function(&$x) {$x = ".$x";});
return implode(',', $extArr);
}
return '';
}
?>
""
: File size: MIME-type: '.lng('Charset').': ' . ($is_utf8 ? 'utf-8' : '8 bit') . '
';
} else if($online_viewer == 'microsoft') {
echo '
';
}
} elseif ($is_zip) {
// ZIP content
if ($filenames !== false) {
echo '
';
foreach ($filenames as $fn) {
if ($fn['folder']) {
echo '' . fm_enc($fn['name']) . ' ';
} else {
echo '
'.lng('Error while fetching archive info').'
';
}
} elseif ($is_image) {
// Image content
if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg', 'webp', 'avif'))) {
echo '
';
}
} elseif ($is_audio) {
// Audio content
echo '
';
} elseif ($is_video) {
// Video content
echo '
';
} elseif ($is_text) {
if (FM_USE_HIGHLIGHTJS) {
// highlight
$hljs_classes = array(
'shtml' => 'xml',
'htaccess' => 'apache',
'phtml' => 'php',
'lock' => 'json',
'svg' => 'xml',
);
$hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext;
if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) {
$hljs_class = 'nohighlight';
}
$content = '
' . fm_enc($content) . '';
} elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) {
// php highlight
$content = highlight_string($content, true);
} else {
$content = '
' . fm_enc($content) . ' ';
}
echo $content;
}
?>
'. $file. ' ';
header('X-XSS-Protection:0');
fm_show_header(); // HEADER
fm_show_nav_path(FM_PATH); // current path
$file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file);
$file_path = $path . '/' . $file;
// normal editer
$isNormalEditor = true;
if (isset($_GET['env'])) {
if ($_GET['env'] == "ace") {
$isNormalEditor = false;
}
}
// Save File
if (isset($_POST['savedata'])) {
$writedata = $_POST['savedata'];
$fd = fopen($file_path, "w");
@fwrite($fd, $writedata);
fclose($fd);
fm_set_msg(lng('File Saved Successfully'));
}
$ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION));
$mime_type = fm_get_mime_type($file_path);
$filesize = filesize($file_path);
$is_text = false;
$content = ''; // for text
if (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) {
$is_text = true;
$content = file_get_contents($file_path);
}
?>
' . htmlspecialchars($content) . '';
echo '';
} elseif ($is_text) {
echo '
' . htmlspecialchars($content) . '
';
} else {
fm_set_msg(lng('FILE EXTENSION HAS NOT SUPPORTED'), 'error');
}
?>
";
return;
}
echo "$external[$key]";
}
/**
* Verify CSRF TOKEN and remove after cerify
* @param string $token
* @return bool
*/
function verifyToken($token)
{
if (hash_equals($_SESSION['token'], $token)) {
return true;
}
return false;
}
/**
* Delete file or folder (recursively)
* @param string $path
* @return bool
*/
function fm_rdelete($path)
{
if (is_link($path)) {
return unlink($path);
} elseif (is_dir($path)) {
$objects = scandir($path);
$ok = true;
if (is_array($objects)) {
foreach ($objects as $file) {
if ($file != '.' && $file != '..') {
if (!fm_rdelete($path . '/' . $file)) {
$ok = false;
}
}
}
}
return ($ok) ? rmdir($path) : false;
} elseif (is_file($path)) {
return unlink($path);
}
return false;
}
/**
* Recursive chmod
* @param string $path
* @param int $filemode
* @param int $dirmode
* @return bool
* @todo Will use in mass chmod
*/
function fm_rchmod($path, $filemode, $dirmode)
{
if (is_dir($path)) {
if (!chmod($path, $dirmode)) {
return false;
}
$objects = scandir($path);
if (is_array($objects)) {
foreach ($objects as $file) {
if ($file != '.' && $file != '..') {
if (!fm_rchmod($path . '/' . $file, $filemode, $dirmode)) {
return false;
}
}
}
}
return true;
} elseif (is_link($path)) {
return true;
} elseif (is_file($path)) {
return chmod($path, $filemode);
}
return false;
}
/**
* Check the file extension which is allowed or not
* @param string $filename
* @return bool
*/
function fm_is_valid_ext($filename)
{
$allowed = (FM_FILE_EXTENSION) ? explode(',', FM_FILE_EXTENSION) : false;
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true;
return ($isFileAllowed) ? true : false;
}
/**
* Safely rename
* @param string $old
* @param string $new
* @return bool|null
*/
function fm_rename($old, $new)
{
$isFileAllowed = fm_is_valid_ext($new);
if(!is_dir($old)) {
if (!$isFileAllowed) return false;
}
return (!file_exists($new) && file_exists($old)) ? rename($old, $new) : null;
}
/**
* Copy file or folder (recursively).
* @param string $path
* @param string $dest
* @param bool $upd Update files
* @param bool $force Create folder with same names instead file
* @return bool
*/
function fm_rcopy($path, $dest, $upd = true, $force = true)
{
if (is_dir($path)) {
if (!fm_mkdir($dest, $force)) {
return false;
}
$objects = scandir($path);
$ok = true;
if (is_array($objects)) {
foreach ($objects as $file) {
if ($file != '.' && $file != '..') {
if (!fm_rcopy($path . '/' . $file, $dest . '/' . $file)) {
$ok = false;
}
}
}
}
return $ok;
} elseif (is_file($path)) {
return fm_copy($path, $dest, $upd);
}
return false;
}
/**
* Safely create folder
* @param string $dir
* @param bool $force
* @return bool
*/
function fm_mkdir($dir, $force)
{
if (file_exists($dir)) {
if (is_dir($dir)) {
return $dir;
} elseif (!$force) {
return false;
}
unlink($dir);
}
return mkdir($dir, 0777, true);
}
/**
* Safely copy file
* @param string $f1
* @param string $f2
* @param bool $upd Indicates if file should be updated with new content
* @return bool
*/
function fm_copy($f1, $f2, $upd)
{
$time1 = filemtime($f1);
if (file_exists($f2)) {
$time2 = filemtime($f2);
if ($time2 >= $time1 && $upd) {
return false;
}
}
$ok = copy($f1, $f2);
if ($ok) {
touch($f2, $time1);
}
return $ok;
}
/**
* Get mime type
* @param string $file_path
* @return mixed|string
*/
function fm_get_mime_type($file_path)
{
if (function_exists('finfo_open')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $file_path);
finfo_close($finfo);
return $mime;
} elseif (function_exists('mime_content_type')) {
return mime_content_type($file_path);
} elseif (!stristr(ini_get('disable_functions'), 'shell_exec')) {
$file = escapeshellarg($file_path);
$mime = shell_exec('file -bi ' . $file);
return $mime;
} else {
return '--';
}
}
/**
* HTTP Redirect
* @param string $url
* @param int $code
*/
function fm_redirect($url, $code = 302)
{
header('Location: ' . $url, true, $code);
exit;
}
/**
* Path traversal prevention and clean the url
* It replaces (consecutive) occurrences of / and \\ with whatever is in DIRECTORY_SEPARATOR, and processes /. and /.. fine.
* @param $path
* @return string
*/
function get_absolute_path($path) {
$path = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, $path);
$parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen');
$absolutes = array();
foreach ($parts as $part) {
if ('.' == $part) continue;
if ('..' == $part) {
array_pop($absolutes);
} else {
$absolutes[] = $part;
}
}
return implode(DIRECTORY_SEPARATOR, $absolutes);
}
/**
* Clean path
* @param string $path
* @return string
*/
function fm_clean_path($path, $trim = true)
{
$path = $trim ? trim($path) : $path;
$path = trim($path, '\\/');
$path = str_replace(array('../', '..\\'), '', $path);
$path = get_absolute_path($path);
if ($path == '..') {
$path = '';
}
return str_replace('\\', '/', $path);
}
/**
* Get parent path
* @param string $path
* @return bool|string
*/
function fm_get_parent_path($path)
{
$path = fm_clean_path($path);
if ($path != '') {
$array = explode('/', $path);
if (count($array) > 1) {
$array = array_slice($array, 0, -1);
return implode('/', $array);
}
return '';
}
return false;
}
function fm_get_display_path($file_path)
{
global $path_display_mode, $root_path, $root_url;
switch ($path_display_mode) {
case 'relative':
return array(
'label' => 'Path',
'path' => fm_enc(fm_convert_win(str_replace($root_path, '', $file_path)))
);
case 'host':
$relative_path = str_replace($root_path, '', $file_path);
return array(
'label' => 'Host Path',
'path' => fm_enc(fm_convert_win('/' . $root_url . '/' . ltrim(str_replace('\\', '/', $relative_path), '/')))
);
case 'full':
default:
return array(
'label' => 'Full Path',
'path' => fm_enc(fm_convert_win($file_path))
);
}
}
/**
* Check file is in exclude list
* @param string $file
* @return bool
*/
function fm_is_exclude_items($file) {
$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
if (isset($exclude_items) and sizeof($exclude_items)) {
unset($exclude_items);
}
$exclude_items = FM_EXCLUDE_ITEMS;
if (version_compare(PHP_VERSION, '7.0.0', '<')) {
$exclude_items = unserialize($exclude_items);
}
if (!in_array($file, $exclude_items) && !in_array("*.$ext", $exclude_items)) {
return true;
}
return false;
}
/**
* get language translations from json file
* @param int $tr
* @return array
*/
function fm_get_translations($tr) {
try {
$content = @file_get_contents('translation.json');
if($content !== FALSE) {
$lng = json_decode($content, TRUE);
global $lang_list;
foreach ($lng["language"] as $key => $value)
{
$code = $value["code"];
$lang_list[$code] = $value["name"];
if ($tr)
$tr[$code] = $value["translation"];
}
return $tr;
}
}
catch (Exception $e) {
echo $e;
}
}
/**
* @param string $file
* Recover all file sizes larger than > 2GB.
* Works on php 32bits and 64bits and supports linux
* @return int|string
*/
function fm_get_size($file)
{
static $iswin;
static $isdarwin;
if (!isset($iswin)) {
$iswin = (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN');
}
if (!isset($isdarwin)) {
$isdarwin = (strtoupper(substr(PHP_OS, 0)) == "DARWIN");
}
static $exec_works;
if (!isset($exec_works)) {
$exec_works = (function_exists('exec') && !ini_get('safe_mode') && @exec('echo EXEC') == 'EXEC');
}
// try a shell command
if ($exec_works) {
$arg = escapeshellarg($file);
$cmd = ($iswin) ? "for %F in (\"$file\") do @echo %~zF" : ($isdarwin ? "stat -f%z $arg" : "stat -c%s $arg");
@exec($cmd, $output);
if (is_array($output) && ctype_digit($size = trim(implode("\n", $output)))) {
return $size;
}
}
// try the Windows COM interface
if ($iswin && class_exists("COM")) {
try {
$fsobj = new COM('Scripting.FileSystemObject');
$f = $fsobj->GetFile( realpath($file) );
$size = $f->Size;
} catch (Exception $e) {
$size = null;
}
if (ctype_digit($size)) {
return $size;
}
}
// if all else fails
return filesize($file);
}
/**
* Get nice filesize
* @param int $size
* @return string
*/
function fm_get_filesize($size)
{
$size = (float) $size;
$units = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
$power = ($size > 0) ? floor(log($size, 1024)) : 0;
$power = ($power > (count($units) - 1)) ? (count($units) - 1) : $power;
return sprintf('%s %s', round($size / pow(1024, $power), 2), $units[$power]);
}
/**
* Get total size of directory tree.
*
* @param string $directory Relative or absolute directory name.
* @return int Total number of bytes.
*/
function fm_get_directorysize($directory) {
$bytes = 0;
$directory = realpath($directory);
if ($directory !== false && $directory != '' && file_exists($directory)){
foreach(new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory, FilesystemIterator::SKIP_DOTS)) as $file){
$bytes += $file->getSize();
}
}
return $bytes;
}
/**
* Get info about zip archive
* @param string $path
* @return array|bool
*/
function fm_get_zif_info($path, $ext) {
if ($ext == 'zip' && function_exists('zip_open')) {
$arch = @zip_open($path);
if ($arch) {
$filenames = array();
while ($zip_entry = @zip_read($arch)) {
$zip_name = @zip_entry_name($zip_entry);
$zip_folder = substr($zip_name, -1) == '/';
$filenames[] = array(
'name' => $zip_name,
'filesize' => @zip_entry_filesize($zip_entry),
'compressed_size' => @zip_entry_compressedsize($zip_entry),
'folder' => $zip_folder
//'compression_method' => zip_entry_compressionmethod($zip_entry),
);
}
@zip_close($arch);
return $filenames;
}
} elseif($ext == 'tar' && class_exists('PharData')) {
$archive = new PharData($path);
$filenames = array();
foreach(new RecursiveIteratorIterator($archive) as $file) {
$parent_info = $file->getPathInfo();
$zip_name = str_replace("phar://".$path, '', $file->getPathName());
$zip_name = substr($zip_name, ($pos = strpos($zip_name, '/')) !== false ? $pos + 1 : 0);
$zip_folder = $parent_info->getFileName();
$zip_info = new SplFileInfo($file);
$filenames[] = array(
'name' => $zip_name,
'filesize' => $zip_info->getSize(),
'compressed_size' => $file->getCompressedSize(),
'folder' => $zip_folder
);
}
return $filenames;
}
return false;
}
/**
* Encode html entities
* @param string $text
* @return string
*/
function fm_enc($text)
{
return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
}
/**
* Prevent XSS attacks
* @param string $text
* @return string
*/
function fm_isvalid_filename($text) {
return (strpbrk($text, '/?%*:|"<>') === FALSE) ? true : false;
}
/**
* Save message in session
* @param string $msg
* @param string $status
*/
function fm_set_msg($msg, $status = 'ok')
{
$_SESSION[FM_SESSION_ID]['message'] = $msg;
$_SESSION[FM_SESSION_ID]['status'] = $status;
}
/**
* Check if string is in UTF-8
* @param string $string
* @return int
*/
function fm_is_utf8($string)
{
return preg_match('//u', $string);
}
/**
* Convert file name to UTF-8 in Windows
* @param string $filename
* @return string
*/
function fm_convert_win($filename)
{
if (FM_IS_WIN && function_exists('iconv')) {
$filename = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $filename);
}
return $filename;
}
/**
* @param $obj
* @return array
*/
function fm_object_to_array($obj)
{
if (!is_object($obj) && !is_array($obj)) {
return $obj;
}
if (is_object($obj)) {
$obj = get_object_vars($obj);
}
return array_map('fm_object_to_array', $obj);
}
/**
* Get CSS classname for file
* @param string $path
* @return string
*/
function fm_get_file_icon_class($path)
{
// get extension
$ext = strtolower(pathinfo($path, PATHINFO_EXTENSION));
switch ($ext) {
case 'ico':
case 'gif':
case 'jpg':
case 'jpeg':
case 'jpc':
case 'jp2':
case 'jpx':
case 'xbm':
case 'wbmp':
case 'png':
case 'bmp':
case 'tif':
case 'tiff':
case 'webp':
case 'avif':
case 'svg':
$img = 'fa fa-picture-o';
break;
case 'passwd':
case 'ftpquota':
case 'sql':
case 'js':
case 'ts':
case 'jsx':
case 'tsx':
case 'hbs':
case 'json':
case 'sh':
case 'config':
case 'twig':
case 'tpl':
case 'md':
case 'gitignore':
case 'c':
case 'cpp':
case 'cs':
case 'py':
case 'rs':
case 'map':
case 'lock':
case 'dtd':
$img = 'fa fa-file-code-o';
break;
case 'txt':
case 'ini':
case 'conf':
case 'log':
case 'htaccess':
case 'yaml':
case 'yml':
case 'toml':
case 'tmp':
case 'top':
case 'bot':
case 'dat':
case 'bak':
case 'htpasswd':
case 'pl':
$img = 'fa fa-file-text-o';
break;
case 'css':
case 'less':
case 'sass':
case 'scss':
$img = 'fa fa-css3';
break;
case 'bz2':
case 'tbz2':
case 'tbz':
case 'zip':
case 'rar':
case 'gz':
case 'tgz':
case 'tar':
case '7z':
case 'xz':
case 'txz':
case 'zst':
case 'tzst':
$img = 'fa fa-file-archive-o';
break;
case 'php':
case 'php4':
case 'php5':
case 'phps':
case 'phtml':
$img = 'fa fa-code';
break;
case 'htm':
case 'html':
case 'shtml':
case 'xhtml':
$img = 'fa fa-html5';
break;
case 'xml':
case 'xsl':
$img = 'fa fa-file-excel-o';
break;
case 'wav':
case 'mp3':
case 'mp2':
case 'm4a':
case 'aac':
case 'ogg':
case 'oga':
case 'wma':
case 'mka':
case 'flac':
case 'ac3':
case 'tds':
$img = 'fa fa-music';
break;
case 'm3u':
case 'm3u8':
case 'pls':
case 'cue':
case 'xspf':
$img = 'fa fa-headphones';
break;
case 'avi':
case 'mpg':
case 'mpeg':
case 'mp4':
case 'm4v':
case 'flv':
case 'f4v':
case 'ogm':
case 'ogv':
case 'mov':
case 'mkv':
case '3gp':
case 'asf':
case 'wmv':
case 'webm':
$img = 'fa fa-file-video-o';
break;
case 'eml':
case 'msg':
$img = 'fa fa-envelope-o';
break;
case 'xls':
case 'xlsx':
case 'ods':
$img = 'fa fa-file-excel-o';
break;
case 'csv':
$img = 'fa fa-file-text-o';
break;
case 'bak':
case 'swp':
$img = 'fa fa-clipboard';
break;
case 'doc':
case 'docx':
case 'odt':
$img = 'fa fa-file-word-o';
break;
case 'ppt':
case 'pptx':
$img = 'fa fa-file-powerpoint-o';
break;
case 'ttf':
case 'ttc':
case 'otf':
case 'woff':
case 'woff2':
case 'eot':
case 'fon':
$img = 'fa fa-font';
break;
case 'pdf':
$img = 'fa fa-file-pdf-o';
break;
case 'psd':
case 'ai':
case 'eps':
case 'fla':
case 'swf':
$img = 'fa fa-file-image-o';
break;
case 'exe':
case 'msi':
$img = 'fa fa-file-o';
break;
case 'bat':
$img = 'fa fa-terminal';
break;
default:
$img = 'fa fa-info-circle';
}
return $img;
}
/**
* Get image files extensions
* @return array
*/
function fm_get_image_exts()
{
return array('ico', 'gif', 'jpg', 'jpeg', 'jpc', 'jp2', 'jpx', 'xbm', 'wbmp', 'png', 'bmp', 'tif', 'tiff', 'psd', 'svg', 'webp', 'avif');
}
/**
* Get video files extensions
* @return array
*/
function fm_get_video_exts()
{
return array('avi', 'webm', 'wmv', 'mp4', 'm4v', 'ogm', 'ogv', 'mov', 'mkv');
}
/**
* Get audio files extensions
* @return array
*/
function fm_get_audio_exts()
{
return array('wav', 'mp3', 'ogg', 'm4a');
}
/**
* Get text file extensions
* @return array
*/
function fm_get_text_exts()
{
return array(
'txt', 'css', 'ini', 'conf', 'log', 'htaccess', 'passwd', 'ftpquota', 'sql', 'js', 'ts', 'jsx', 'tsx', 'mjs', 'json', 'sh', 'config',
'php', 'php4', 'php5', 'phps', 'phtml', 'htm', 'html', 'shtml', 'xhtml', 'xml', 'xsl', 'm3u', 'm3u8', 'pls', 'cue', 'bash', 'vue',
'eml', 'msg', 'csv', 'bat', 'twig', 'tpl', 'md', 'gitignore', 'less', 'sass', 'scss', 'c', 'cpp', 'cs', 'py', 'go', 'zsh', 'swift',
'map', 'lock', 'dtd', 'svg', 'asp', 'aspx', 'asx', 'asmx', 'ashx', 'jsp', 'jspx', 'cgi', 'dockerfile', 'ruby', 'yml', 'yaml', 'toml',
'vhost', 'scpt', 'applescript', 'csx', 'cshtml', 'c++', 'coffee', 'cfm', 'rb', 'graphql', 'mustache', 'jinja', 'http', 'handlebars',
'java', 'es', 'es6', 'markdown', 'wiki', 'tmp', 'top', 'bot', 'dat', 'bak', 'htpasswd', 'pl'
);
}
/**
* Get mime types of text files
* @return array
*/
function fm_get_text_mimes()
{
return array(
'application/xml',
'application/javascript',
'application/x-javascript',
'image/svg+xml',
'message/rfc822',
'application/json',
);
}
/**
* Get file names of text files w/o extensions
* @return array
*/
function fm_get_text_names()
{
return array(
'license',
'readme',
'authors',
'contributors',
'changelog',
);
}
/**
* Get online docs viewer supported files extensions
* @return array
*/
function fm_get_onlineViewer_exts()
{
return array('doc', 'docx', 'xls', 'xlsx', 'pdf', 'ppt', 'pptx', 'ai', 'psd', 'dxf', 'xps', 'rar', 'odt', 'ods');
}
/**
* It returns the mime type of a file based on its extension.
* @param extension The file extension of the file you want to get the mime type for.
* @return string|string[] The mime type of the file.
*/
function fm_get_file_mimes($extension)
{
$fileTypes['swf'] = 'application/x-shockwave-flash';
$fileTypes['pdf'] = 'application/pdf';
$fileTypes['exe'] = 'application/octet-stream';
$fileTypes['zip'] = 'application/zip';
$fileTypes['doc'] = 'application/msword';
$fileTypes['xls'] = 'application/vnd.ms-excel';
$fileTypes['ppt'] = 'application/vnd.ms-powerpoint';
$fileTypes['gif'] = 'image/gif';
$fileTypes['png'] = 'image/png';
$fileTypes['jpeg'] = 'image/jpg';
$fileTypes['jpg'] = 'image/jpg';
$fileTypes['webp'] = 'image/webp';
$fileTypes['avif'] = 'image/avif';
$fileTypes['rar'] = 'application/rar';
$fileTypes['ra'] = 'audio/x-pn-realaudio';
$fileTypes['ram'] = 'audio/x-pn-realaudio';
$fileTypes['ogg'] = 'audio/x-pn-realaudio';
$fileTypes['wav'] = 'video/x-msvideo';
$fileTypes['wmv'] = 'video/x-msvideo';
$fileTypes['avi'] = 'video/x-msvideo';
$fileTypes['asf'] = 'video/x-msvideo';
$fileTypes['divx'] = 'video/x-msvideo';
$fileTypes['mp3'] = 'audio/mpeg';
$fileTypes['mp4'] = 'audio/mpeg';
$fileTypes['mpeg'] = 'video/mpeg';
$fileTypes['mpg'] = 'video/mpeg';
$fileTypes['mpe'] = 'video/mpeg';
$fileTypes['mov'] = 'video/quicktime';
$fileTypes['swf'] = 'video/quicktime';
$fileTypes['3gp'] = 'video/quicktime';
$fileTypes['m4a'] = 'video/quicktime';
$fileTypes['aac'] = 'video/quicktime';
$fileTypes['m3u'] = 'video/quicktime';
$fileTypes['php'] = ['application/x-php'];
$fileTypes['html'] = ['text/html'];
$fileTypes['txt'] = ['text/plain'];
//Unknown mime-types should be 'application/octet-stream'
if(empty($fileTypes[$extension])) {
$fileTypes[$extension] = ['application/octet-stream'];
}
return $fileTypes[$extension];
}
/**
* This function scans the files and folder recursively, and return matching files
* @param string $dir
* @param string $filter
* @return array|null
*/
function scan($dir = '', $filter = '') {
$path = FM_ROOT_PATH.'/'.$dir;
if($path) {
$ite = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path));
$rii = new RegexIterator($ite, "/(" . $filter . ")/i");
$files = array();
foreach ($rii as $file) {
if (!$file->isDir()) {
$fileName = $file->getFilename();
$location = str_replace(FM_ROOT_PATH, '', $file->getPath());
$files[] = array(
"name" => $fileName,
"type" => "file",
"path" => $location,
);
}
}
return $files;
}
}
/**
* Parameters: downloadFile(File Location, File Name,
* max speed, is streaming
* If streaming - videos will show as videos, images as images
* instead of download prompt
* https://stackoverflow.com/a/13821992/1164642
*/
function fm_download_file($fileLocation, $fileName, $chunkSize = 1024)
{
if (connection_status() != 0)
return (false);
$extension = pathinfo($fileName, PATHINFO_EXTENSION);
$contentType = fm_get_file_mimes($extension);
if(is_array($contentType)) {
$contentType = implode(' ', $contentType);
}
$size = filesize($fileLocation);
if ($size == 0) {
fm_set_msg(lng('Zero byte file! Aborting download'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
return (false);
}
@ini_set('magic_quotes_runtime', 0);
$fp = fopen("$fileLocation", "rb");
if ($fp === false) {
fm_set_msg(lng('Cannot open file! Aborting download'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
return (false);
}
// headers
header('Content-Description: File Transfer');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header("Content-Transfer-Encoding: binary");
header("Content-Type: $contentType");
$contentDisposition = 'attachment';
if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
$fileName = preg_replace('/\./', '%2e', $fileName, substr_count($fileName, '.') - 1);
header("Content-Disposition: $contentDisposition;filename=\"$fileName\"");
} else {
header("Content-Disposition: $contentDisposition;filename=\"$fileName\"");
}
header("Accept-Ranges: bytes");
$range = 0;
if (isset($_SERVER['HTTP_RANGE'])) {
list($a, $range) = explode("=", $_SERVER['HTTP_RANGE']);
str_replace($range, "-", $range);
$size2 = $size - 1;
$new_length = $size - $range;
header("HTTP/1.1 206 Partial Content");
header("Content-Length: $new_length");
header("Content-Range: bytes $range$size2/$size");
} else {
$size2 = $size - 1;
header("Content-Range: bytes 0-$size2/$size");
header("Content-Length: " . $size);
}
$fileLocation = realpath($fileLocation);
while (ob_get_level()) ob_end_clean();
readfile($fileLocation);
fclose($fp);
return ((connection_status() == 0) and !connection_aborted());
}
/**
* If the theme is dark, return the text-white and bg-dark classes.
* @return string the value of the variable.
*/
function fm_get_theme() {
$result = '';
if(FM_THEME == "dark") {
$result = "text-white bg-dark";
}
return $result;
}
/**
* Class to work with zip files (using ZipArchive)
*/
class FM_Zipper
{
private $zip;
public function __construct()
{
$this->zip = new ZipArchive();
}
/**
* Create archive with name $filename and files $files (RELATIVE PATHS!)
* @param string $filename
* @param array|string $files
* @return bool
*/
public function create($filename, $files)
{
$res = $this->zip->open($filename, ZipArchive::CREATE);
if ($res !== true) {
return false;
}
if (is_array($files)) {
foreach ($files as $f) {
$f = fm_clean_path($f);
if (!$this->addFileOrDir($f)) {
$this->zip->close();
return false;
}
}
$this->zip->close();
return true;
} else {
if ($this->addFileOrDir($files)) {
$this->zip->close();
return true;
}
return false;
}
}
/**
* Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS)
* @param string $filename
* @param string $path
* @return bool
*/
public function unzip($filename, $path)
{
$res = $this->zip->open($filename);
if ($res !== true) {
return false;
}
if ($this->zip->extractTo($path)) {
$this->zip->close();
return true;
}
return false;
}
/**
* Add file/folder to archive
* @param string $filename
* @return bool
*/
private function addFileOrDir($filename)
{
if (is_file($filename)) {
return $this->zip->addFile($filename);
} elseif (is_dir($filename)) {
return $this->addDir($filename);
}
return false;
}
/**
* Add folder recursively
* @param string $path
* @return bool
*/
private function addDir($path)
{
if (!$this->zip->addEmptyDir($path)) {
return false;
}
$objects = scandir($path);
if (is_array($objects)) {
foreach ($objects as $file) {
if ($file != '.' && $file != '..') {
if (is_dir($path . '/' . $file)) {
if (!$this->addDir($path . '/' . $file)) {
return false;
}
} elseif (is_file($path . '/' . $file)) {
if (!$this->zip->addFile($path . '/' . $file)) {
return false;
}
}
}
}
return true;
}
return false;
}
}
/**
* Class to work with Tar files (using PharData)
*/
class FM_Zipper_Tar
{
private $tar;
public function __construct()
{
$this->tar = null;
}
/**
* Create archive with name $filename and files $files (RELATIVE PATHS!)
* @param string $filename
* @param array|string $files
* @return bool
*/
public function create($filename, $files)
{
$this->tar = new PharData($filename);
if (is_array($files)) {
foreach ($files as $f) {
$f = fm_clean_path($f);
if (!$this->addFileOrDir($f)) {
return false;
}
}
return true;
} else {
if ($this->addFileOrDir($files)) {
return true;
}
return false;
}
}
/**
* Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS)
* @param string $filename
* @param string $path
* @return bool
*/
public function unzip($filename, $path)
{
$res = $this->tar->open($filename);
if ($res !== true) {
return false;
}
if ($this->tar->extractTo($path)) {
return true;
}
return false;
}
/**
* Add file/folder to archive
* @param string $filename
* @return bool
*/
private function addFileOrDir($filename)
{
if (is_file($filename)) {
try {
$this->tar->addFile($filename);
return true;
} catch (Exception $e) {
return false;
}
} elseif (is_dir($filename)) {
return $this->addDir($filename);
}
return false;
}
/**
* Add folder recursively
* @param string $path
* @return bool
*/
private function addDir($path)
{
$objects = scandir($path);
if (is_array($objects)) {
foreach ($objects as $file) {
if ($file != '.' && $file != '..') {
if (is_dir($path . '/' . $file)) {
if (!$this->addDir($path . '/' . $file)) {
return false;
}
} elseif (is_file($path . '/' . $file)) {
try {
$this->tar->addFile($path . '/' . $file);
} catch (Exception $e) {
return false;
}
}
}
}
return true;
}
return false;
}
}
/**
* Save Configuration
*/
class FM_Config
{
var $data;
function __construct()
{
global $root_path, $root_url, $CONFIG;
$fm_url = $root_url.$_SERVER["PHP_SELF"];
$this->data = array(
'lang' => 'en',
'error_reporting' => true,
'show_hidden' => true
);
$data = false;
if (strlen($CONFIG)) {
$data = fm_object_to_array(json_decode($CONFIG));
} else {
$msg = 'Tiny File Manager' . $fm_url . ' ';
}
die($msg);
}
if (is_array($data) && count($data)) $this->data = $data;
else $this->save();
}
function save()
{
$fm_file = __FILE__;
$var_name = '$CONFIG';
$var_value = var_export(json_encode($this->data), true);
$config_string = "
";
$sep = '
/ ';
if ($path != '') {
$exploded = explode('/', $path);
$count = count($exploded);
$array = array();
$parent = '';
for ($i = 0; $i < $count; $i++) {
$parent = trim($parent . '/' . $exploded[$i], '/');
$parent_enc = urlencode($parent);
$array[] = "
" . fm_enc(fm_convert_win($exploded[$i])) . " ";
}
$root_url .= $sep . implode($sep, $array);
}
echo '
' . $root_url . $editFile . '
';
?>
' . $_SESSION[FM_SESSION_ID]['message'] . '';
unset($_SESSION[FM_SESSION_ID]['message']);
unset($_SESSION[FM_SESSION_ID]['status']);
}
}
/**
* Show page header in Login Form
*/
function fm_show_header_login()
{
$sprites_ver = '20160315';
header("Content-Type: text/html; charset=utf-8");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
header("Pragma: no-cache");
global $lang, $root_url, $favicon_path;
?>
<?php echo fm_enc(APP_TITLE) ?>
">
<?php echo fm_enc(APP_TITLE) ?>
">
���������������������������������������������������������������������������������������������������������������about.php�������������������������������������������������������������������������������������������0000644�����������������00000000365�15021105621�0006364 0����������������������������������������������������������������������������������������������������ustar�00�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������%s ',
$update_data['counts']['total'],
number_format_i18n( $update_data['counts']['total'] )
)
),
$cap,
'update-core.php',
);
} else {
$submenu['index.php'][10] = array( __( 'Updates' ), $cap, 'update-core.php' );
}
unset( $cap );
$submenu['index.php'][15] = array( __( 'Upgrade Network' ), 'upgrade_network', 'upgrade.php' );
$menu[4] = array( '', 'read', 'separator1', '', 'wp-menu-separator' );
/* translators: Sites menu item. */
$menu[5] = array( __( 'Sites' ), 'manage_sites', 'sites.php', '', 'menu-top menu-icon-site', 'menu-site', 'dashicons-admin-multisite' );
$submenu['sites.php'][5] = array( __( 'All Sites' ), 'manage_sites', 'sites.php' );
$submenu['sites.php'][10] = array( __( 'Add Site' ), 'create_sites', 'site-new.php' );
$menu[10] = array( __( 'Users' ), 'manage_network_users', 'users.php', '', 'menu-top menu-icon-users', 'menu-users', 'dashicons-admin-users' );
$submenu['users.php'][5] = array( __( 'All Users' ), 'manage_network_users', 'users.php' );
$submenu['users.php'][10] = array( __( 'Add User' ), 'create_users', 'user-new.php' );
if ( current_user_can( 'update_themes' ) && $update_data['counts']['themes'] ) {
$menu[15] = array(
sprintf(
/* translators: %s: Number of available theme updates. */
__( 'Themes %s' ),
sprintf(
'%s %s ';
echo '
' . esc_html( $title ) . ' ';
$url = self_admin_url( 'update.php?action=update-selected-themes&themes=' . urlencode( implode( ',', $themes ) ) );
$url = wp_nonce_url( $url, 'bulk-update-themes' );
echo "";
echo '';
require_once ABSPATH . 'wp-admin/admin-footer.php';
exit;
case 'delete-selected':
if ( ! current_user_can( 'delete_themes' ) ) {
wp_die( __( 'Sorry, you are not allowed to delete themes for this site.' ) );
}
check_admin_referer( 'bulk-themes' );
$themes = isset( $_REQUEST['checked'] ) ? (array) $_REQUEST['checked'] : array();
if ( empty( $themes ) ) {
wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) );
exit;
}
$themes = array_diff( $themes, array( get_option( 'stylesheet' ), get_option( 'template' ) ) );
if ( empty( $themes ) ) {
wp_safe_redirect( add_query_arg( 'error', 'main', $referer ) );
exit;
}
$theme_info = array();
foreach ( $themes as $key => $theme ) {
$theme_info[ $theme ] = wp_get_theme( $theme );
}
require ABSPATH . 'wp-admin/update.php';
$parent_file = 'themes.php';
if ( ! isset( $_REQUEST['verify-delete'] ) ) {
wp_enqueue_script( 'jquery' );
require_once ABSPATH . 'wp-admin/admin-header.php';
$themes_to_delete = count( $themes );
?>
' . __( 'Caution:' ) . ' ' . __( 'This theme may be active on other sites in the network.' ),
array(
'additional_classes' => array( 'error' ),
)
);
?>
' . __( 'Caution:' ) . ' ' . __( 'These themes may be active on other sites in the network.' ),
array(
'additional_classes' => array( 'error' ),
)
);
?>
' . sprintf(
/* translators: 1: Theme name, 2: Theme author. */
_x( '%1$s by %2$s', 'theme' ),
'' . $theme->display( 'Name' ) . ' ',
'' . $theme->display( 'Author' ) . ' '
) . '';
}
?>
1,
'action' => 'delete-selected',
'checked' => $_REQUEST['checked'],
'_wpnonce' => $_REQUEST['_wpnonce'],
),
network_admin_url( 'themes.php' )
)
)
);
}
$paged = ( $_REQUEST['paged'] ) ? $_REQUEST['paged'] : 1;
wp_redirect(
add_query_arg(
array(
'deleted' => count( $themes ),
'paged' => $paged,
's' => $s,
),
network_admin_url( 'themes.php' )
)
);
exit;
case 'enable-auto-update':
case 'disable-auto-update':
case 'enable-auto-update-selected':
case 'disable-auto-update-selected':
if ( ! ( current_user_can( 'update_themes' ) && wp_is_auto_update_enabled_for_type( 'theme' ) ) ) {
wp_die( __( 'Sorry, you are not allowed to change themes automatic update settings.' ) );
}
if ( 'enable-auto-update' === $action || 'disable-auto-update' === $action ) {
check_admin_referer( 'updates' );
} else {
if ( empty( $_POST['checked'] ) ) {
// Nothing to do.
wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) );
exit;
}
check_admin_referer( 'bulk-themes' );
}
$auto_updates = (array) get_site_option( 'auto_update_themes', array() );
if ( 'enable-auto-update' === $action ) {
$auto_updates[] = $_GET['theme'];
$auto_updates = array_unique( $auto_updates );
$referer = add_query_arg( 'enabled-auto-update', 1, $referer );
} elseif ( 'disable-auto-update' === $action ) {
$auto_updates = array_diff( $auto_updates, array( $_GET['theme'] ) );
$referer = add_query_arg( 'disabled-auto-update', 1, $referer );
} else {
// Bulk enable/disable.
$themes = (array) wp_unslash( $_POST['checked'] );
if ( 'enable-auto-update-selected' === $action ) {
$auto_updates = array_merge( $auto_updates, $themes );
$auto_updates = array_unique( $auto_updates );
$referer = add_query_arg( 'enabled-auto-update', count( $themes ), $referer );
} else {
$auto_updates = array_diff( $auto_updates, $themes );
$referer = add_query_arg( 'disabled-auto-update', count( $themes ), $referer );
}
}
$all_items = wp_get_themes();
// Remove themes that don't exist or have been deleted since the option was last updated.
$auto_updates = array_intersect( $auto_updates, array_keys( $all_items ) );
update_site_option( 'auto_update_themes', $auto_updates );
wp_safe_redirect( $referer );
exit;
default:
$themes = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
if ( empty( $themes ) ) {
wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) );
exit;
}
check_admin_referer( 'bulk-themes' );
/** This action is documented in wp-admin/network/site-themes.php */
$referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $themes ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
wp_safe_redirect( $referer );
exit;
}
}
$wp_list_table->prepare_items();
add_thickbox();
add_screen_option( 'per_page' );
get_current_screen()->add_help_tab(
array(
'id' => 'overview',
'title' => __( 'Overview' ),
'content' =>
'' . __( 'This screen enables and disables the inclusion of themes available to choose in the Appearance menu for each site. It does not activate or deactivate which theme a site is currently using.' ) . '
' .
'' . __( 'If the network admin disables a theme that is in use, it can still remain selected on that site. If another theme is chosen, the disabled theme will not appear in the site’s Appearance > Themes screen.' ) . '
' .
'' . __( 'Themes can be enabled on a site by site basis by the network admin on the Edit Site screen (which has a Themes tab); get there via the Edit action link on the All Sites screen. Only network admins are able to install or edit themes.' ) . '
',
)
);
$help_sidebar_autoupdates = '';
if ( current_user_can( 'update_themes' ) && wp_is_auto_update_enabled_for_type( 'theme' ) ) {
get_current_screen()->add_help_tab(
array(
'id' => 'plugins-themes-auto-updates',
'title' => __( 'Auto-updates' ),
'content' =>
'' . __( 'Auto-updates can be enabled or disabled for each individual theme. Themes with auto-updates enabled will display the estimated date of the next auto-update. Auto-updates depends on the WP-Cron task scheduling system.' ) . '
' .
'' . __( 'Please note: Third-party themes and plugins, or custom code, may override WordPress scheduling.' ) . '
',
)
);
$help_sidebar_autoupdates = '' . __( 'Documentation on Auto-updates ' ) . '
';
}
get_current_screen()->set_help_sidebar(
'' . __( 'For more information:' ) . '
' .
'' . __( 'Documentation on Network Themes ' ) . '
' .
$help_sidebar_autoupdates .
'' . __( 'Support forums ' ) . '
'
);
get_current_screen()->set_screen_reader_content(
array(
'heading_views' => __( 'Filter themes list' ),
'heading_pagination' => __( 'Themes list navigation' ),
'heading_list' => __( 'Themes list' ),
)
);
// Used in the HTML title tag.
$title = __( 'Themes' );
$parent_file = 'themes.php';
wp_enqueue_script( 'updates' );
wp_enqueue_script( 'theme-preview' );
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
';
printf(
/* translators: %s: Search query. */
__( 'Search results for: %s' ),
'
' . esc_html( $s ) . ' '
);
echo '';
}
?>
$type,
'dismissible' => true,
'id' => 'message',
)
);
}
?>
views();
if ( 'broken' === $status ) {
echo '
' . __( 'The following themes are installed but incomplete.' ) . '
';
}
?>
add_help_tab(
array(
'id' => 'overview',
'title' => __( 'Overview' ),
'content' =>
'' . __( 'This screen is for Super Admins to add new sites to the network. This is not affected by the registration settings.' ) . '
' .
'' . __( 'If the admin email for the new site does not exist in the database, a new user will also be created.' ) . '
',
)
);
get_current_screen()->set_help_sidebar(
'' . __( 'For more information:' ) . '
' .
'' . __( 'Documentation on Site Management ' ) . '
' .
'' . __( 'Support forums ' ) . '
'
);
if ( isset( $_REQUEST['action'] ) && 'add-site' === $_REQUEST['action'] ) {
check_admin_referer( 'add-blog', '_wpnonce_add-blog' );
if ( ! is_array( $_POST['blog'] ) ) {
wp_die( __( 'Cannot create an empty site.' ) );
}
$blog = $_POST['blog'];
$domain = '';
$blog['domain'] = trim( $blog['domain'] );
if ( preg_match( '|^([a-zA-Z0-9-])+$|', $blog['domain'] ) ) {
$domain = strtolower( $blog['domain'] );
}
// If not a subdomain installation, make sure the domain isn't a reserved word.
if ( ! is_subdomain_install() ) {
$subdirectory_reserved_names = get_subdirectory_reserved_names();
if ( in_array( $domain, $subdirectory_reserved_names, true ) ) {
wp_die(
sprintf(
/* translators: %s: Reserved names list. */
__( 'The following words are reserved for use by WordPress functions and cannot be used as site names: %s' ),
'' . implode( ', ', $subdirectory_reserved_names ) . ''
)
);
}
}
$title = $blog['title'];
$meta = array(
'public' => 1,
);
// Handle translation installation for the new site.
if ( isset( $_POST['WPLANG'] ) ) {
if ( '' === $_POST['WPLANG'] ) {
$meta['WPLANG'] = ''; // en_US
} elseif ( in_array( $_POST['WPLANG'], get_available_languages(), true ) ) {
$meta['WPLANG'] = $_POST['WPLANG'];
} elseif ( current_user_can( 'install_languages' ) && wp_can_install_language_pack() ) {
$language = wp_download_language_pack( wp_unslash( $_POST['WPLANG'] ) );
if ( $language ) {
$meta['WPLANG'] = $language;
}
}
}
if ( empty( $title ) ) {
wp_die( __( 'Missing site title.' ) );
}
if ( empty( $domain ) ) {
wp_die( __( 'Missing or invalid site address.' ) );
}
if ( isset( $blog['email'] ) && '' === trim( $blog['email'] ) ) {
wp_die( __( 'Missing email address.' ) );
}
$email = sanitize_email( $blog['email'] );
if ( ! is_email( $email ) ) {
wp_die( __( 'Invalid email address.' ) );
}
if ( is_subdomain_install() ) {
$newdomain = $domain . '.' . preg_replace( '|^www\.|', '', get_network()->domain );
$path = get_network()->path;
} else {
$newdomain = get_network()->domain;
$path = get_network()->path . $domain . '/';
}
$password = 'N/A';
$user_id = email_exists( $email );
if ( ! $user_id ) { // Create a new user with a random password.
/**
* Fires immediately before a new user is created via the network site-new.php page.
*
* @since 4.5.0
*
* @param string $email Email of the non-existent user.
*/
do_action( 'pre_network_site_new_created_user', $email );
$user_id = username_exists( $domain );
if ( $user_id ) {
wp_die( __( 'The domain or path entered conflicts with an existing username.' ) );
}
$password = wp_generate_password( 12, false );
$user_id = wpmu_create_user( $domain, $password, $email );
if ( false === $user_id ) {
wp_die( __( 'There was an error creating the user.' ) );
}
/**
* Fires after a new user has been created via the network site-new.php page.
*
* @since 4.4.0
*
* @param int $user_id ID of the newly created user.
*/
do_action( 'network_site_new_created_user', $user_id );
}
$wpdb->hide_errors();
$id = wpmu_create_blog( $newdomain, $path, $title, $user_id, $meta, get_current_network_id() );
$wpdb->show_errors();
if ( ! is_wp_error( $id ) ) {
if ( ! is_super_admin( $user_id ) && ! get_user_option( 'primary_blog', $user_id ) ) {
update_user_option( $user_id, 'primary_blog', $id, true );
}
wpmu_new_site_admin_notification( $id, $user_id );
wpmu_welcome_notification( $id, $user_id, $password, $title, array( 'public' => 1 ) );
wp_redirect(
add_query_arg(
array(
'update' => 'added',
'id' => $id,
),
'site-new.php'
)
);
exit;
} else {
wp_die( $id->get_error_message() );
}
}
if ( isset( $_GET['update'] ) ) {
$messages = array();
if ( 'added' === $_GET['update'] ) {
$messages[] = sprintf(
/* translators: 1: Dashboard URL, 2: Network admin edit URL. */
__( 'Site added. Visit Dashboard or Edit Site ' ),
esc_url( get_admin_url( absint( $_GET['id'] ) ) ),
network_admin_url( 'site-info.php?id=' . absint( $_GET['id'] ) )
);
}
}
// Used in the HTML title tag.
$title = __( 'Add Site' );
$parent_file = 'sites.php';
wp_enqueue_script( 'user-suggest' );
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
'success',
'dismissible' => true,
'id' => 'message',
);
foreach ( $messages as $msg ) {
wp_admin_notice( $msg, $notice_args );
}
}
?>
1 ) {
$_POST['allusers'] = array( $id ); // confirm_delete_users() can only handle arrays.
// Used in the HTML title tag.
$title = __( 'Users' );
$parent_file = 'users.php';
require_once ABSPATH . 'wp-admin/admin-header.php';
echo '';
confirm_delete_users( $_POST['allusers'] );
echo '
';
require_once ABSPATH . 'wp-admin/admin-footer.php';
} else {
wp_redirect( network_admin_url( 'users.php' ) );
}
exit;
case 'allusers':
if ( ! current_user_can( 'manage_network_users' ) ) {
wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
}
if ( isset( $_POST['action'] ) && isset( $_POST['allusers'] ) ) {
check_admin_referer( 'bulk-users-network' );
$doaction = $_POST['action'];
$userfunction = '';
foreach ( (array) $_POST['allusers'] as $user_id ) {
if ( ! empty( $user_id ) ) {
switch ( $doaction ) {
case 'delete':
if ( ! current_user_can( 'delete_users' ) ) {
wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
}
// Used in the HTML title tag.
$title = __( 'Users' );
$parent_file = 'users.php';
require_once ABSPATH . 'wp-admin/admin-header.php';
echo '';
confirm_delete_users( $_POST['allusers'] );
echo '
';
require_once ABSPATH . 'wp-admin/admin-footer.php';
exit;
case 'spam':
$user = get_userdata( $user_id );
if ( is_super_admin( $user->ID ) ) {
wp_die(
sprintf(
/* translators: %s: User login. */
__( 'Warning! User cannot be modified. The user %s is a network administrator.' ),
esc_html( $user->user_login )
)
);
}
$userfunction = 'all_spam';
$blogs = get_blogs_of_user( $user_id, true );
foreach ( (array) $blogs as $details ) {
if ( ! is_main_site( $details->userblog_id ) ) { // Main site is not a spam!
update_blog_status( $details->userblog_id, 'spam', '1' );
}
}
$user_data = $user->to_array();
$user_data['spam'] = '1';
wp_update_user( $user_data );
break;
case 'notspam':
$user = get_userdata( $user_id );
$userfunction = 'all_notspam';
$blogs = get_blogs_of_user( $user_id, true );
foreach ( (array) $blogs as $details ) {
update_blog_status( $details->userblog_id, 'spam', '0' );
}
$user_data = $user->to_array();
$user_data['spam'] = '0';
wp_update_user( $user_data );
break;
}
}
}
if ( ! in_array( $doaction, array( 'delete', 'spam', 'notspam' ), true ) ) {
$sendback = wp_get_referer();
$user_ids = (array) $_POST['allusers'];
/** This action is documented in wp-admin/network/site-themes.php */
$sendback = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $sendback, $doaction, $user_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
wp_safe_redirect( $sendback );
exit;
}
wp_safe_redirect(
add_query_arg(
array(
'updated' => 'true',
'action' => $userfunction,
),
wp_get_referer()
)
);
} else {
$location = network_admin_url( 'users.php' );
if ( ! empty( $_REQUEST['paged'] ) ) {
$location = add_query_arg( 'paged', (int) $_REQUEST['paged'], $location );
}
wp_redirect( $location );
}
exit;
case 'dodelete':
check_admin_referer( 'ms-users-delete' );
if ( ! ( current_user_can( 'manage_network_users' ) && current_user_can( 'delete_users' ) ) ) {
wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
}
if ( ! empty( $_POST['blog'] ) && is_array( $_POST['blog'] ) ) {
foreach ( $_POST['blog'] as $id => $users ) {
foreach ( $users as $blogid => $user_id ) {
if ( ! current_user_can( 'delete_user', $id ) ) {
continue;
}
if ( ! empty( $_POST['delete'] ) && 'reassign' === $_POST['delete'][ $blogid ][ $id ] ) {
remove_user_from_blog( $id, $blogid, (int) $user_id );
} else {
remove_user_from_blog( $id, $blogid );
}
}
}
}
$i = 0;
if ( is_array( $_POST['user'] ) && ! empty( $_POST['user'] ) ) {
foreach ( $_POST['user'] as $id ) {
if ( ! current_user_can( 'delete_user', $id ) ) {
continue;
}
wpmu_delete_user( $id );
++$i;
}
}
if ( 1 === $i ) {
$deletefunction = 'delete';
} else {
$deletefunction = 'all_delete';
}
wp_redirect(
add_query_arg(
array(
'updated' => 'true',
'action' => $deletefunction,
),
network_admin_url( 'users.php' )
)
);
exit;
}
}
$wp_list_table = _get_list_table( 'WP_MS_Users_List_Table' );
$pagenum = $wp_list_table->get_pagenum();
$wp_list_table->prepare_items();
$total_pages = $wp_list_table->get_pagination_arg( 'total_pages' );
if ( $pagenum > $total_pages && $total_pages > 0 ) {
wp_redirect( add_query_arg( 'paged', $total_pages ) );
exit;
}
// Used in the HTML title tag.
$title = __( 'Users' );
$parent_file = 'users.php';
add_screen_option( 'per_page' );
get_current_screen()->add_help_tab(
array(
'id' => 'overview',
'title' => __( 'Overview' ),
'content' =>
'' . __( 'This table shows all users across the network and the sites to which they are assigned.' ) . '
' .
'' . __( 'Hover over any user on the list to make the edit links appear. The Edit link on the left will take you to their Edit User profile page; the Edit link on the right by any site name goes to an Edit Site screen for that site.' ) . '
' .
'' . __( 'You can also go to the user’s profile page by clicking on the individual username.' ) . '
' .
'' . __( 'You can sort the table by clicking on any of the table headings and switch between list and excerpt views by using the icons above the users list.' ) . '
' .
'' . __( 'The bulk action will permanently delete selected users, or mark/unmark those selected as spam. Spam users will have posts removed and will be unable to sign up again with the same email addresses.' ) . '
' .
'' . __( 'You can make an existing user an additional super admin by going to the Edit User profile page and checking the box to grant that privilege.' ) . '
',
)
);
get_current_screen()->set_help_sidebar(
'' . __( 'For more information:' ) . '
' .
'' . __( 'Documentation on Network Users ' ) . '
' .
'' . __( 'Support forums ' ) . '
'
);
get_current_screen()->set_screen_reader_content(
array(
'heading_views' => __( 'Filter users list' ),
'heading_pagination' => __( 'Users list navigation' ),
'heading_list' => __( 'Users list' ),
)
);
require_once ABSPATH . 'wp-admin/admin-header.php';
if ( isset( $_REQUEST['updated'] ) && 'true' === $_REQUEST['updated'] && ! empty( $_REQUEST['action'] ) ) {
$message = '';
switch ( $_REQUEST['action'] ) {
case 'delete':
$message = __( 'User deleted.' );
break;
case 'all_spam':
$message = __( 'Users marked as spam.' );
break;
case 'all_notspam':
$message = __( 'Users removed from spam.' );
break;
case 'all_delete':
$message = __( 'Users deleted.' );
break;
case 'add':
$message = __( 'User added.' );
break;
}
wp_admin_notice(
$message,
array(
'type' => 'success',
'dismissible' => true,
'id' => 'message',
)
);
}
?>
';
printf(
/* translators: %s: Search query. */
__( 'Search results for: %s' ),
'
' . esc_html( $usersearch ) . ' '
);
echo '';
}
?>
views(); ?>
������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������index.php�������������������������������������������������������������������������������������������0000644�����������������00000005537�15021105621�0006367 0����������������������������������������������������������������������������������������������������ustar�00�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������' . __( 'Welcome to your Network Admin. This area of the Administration Screens is used for managing all aspects of your Multisite Network.' ) . '';
$overview .= '' . __( 'From here you can:' ) . '
';
$overview .= '' . __( 'Add and manage sites or users' ) . ' ';
$overview .= '' . __( 'Install and activate themes or plugins' ) . ' ';
$overview .= '' . __( 'Update your network' ) . ' ';
$overview .= '' . __( 'Modify global network settings' ) . ' ' . __( 'The Right Now widget on this screen provides current user and site counts on your network.' ) . '
';
$quick_tasks .= '' . __( 'To add a new user, click Create a New User .' ) . ' ';
$quick_tasks .= '' . __( 'To add a new site, click Create a New Site .' ) . ' ' . __( 'To search for a user or site, use the search boxes.' ) . '
';
$quick_tasks .= '' . __( 'To search for a user, enter an email address or username . Use a wildcard to search for a partial username, such as user*.' ) . ' ';
$quick_tasks .= '' . __( 'To search for a site, enter the path or domain .' ) . ' ' . __( 'For more information:' ) . '
' .
'' . __( 'Documentation on the Network Admin ' ) . '
' .
'' . __( 'Support forums ' ) . '
'
);
wp_dashboard_setup();
wp_enqueue_script( 'dashboard' );
wp_enqueue_script( 'plugin-install' );
add_thickbox();
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
get_pagenum();
// Used in the HTML title tag.
$title = __( 'Sites' );
$parent_file = 'sites.php';
add_screen_option( 'per_page' );
get_current_screen()->add_help_tab(
array(
'id' => 'overview',
'title' => __( 'Overview' ),
'content' =>
'' . __( 'Add Site takes you to the screen for adding a new site to the network. You can search for a site by Name, ID number, or IP address. Screen Options allows you to choose how many sites to display on one page.' ) . '
' .
'' . __( 'This is the main table of all sites on this network. Switch between list and excerpt views by using the icons above the right side of the table.' ) . '
' .
'' . __( 'Hovering over each site reveals seven options (three for the primary site):' ) . '
' .
'' . __( 'An Edit link to a separate Edit Site screen.' ) . ' ' .
'' . __( 'Dashboard leads to the Dashboard for that site.' ) . ' ' .
'' . __( 'Deactivate, Archive, and Spam which lead to confirmation screens. These actions can be reversed later.' ) . ' ' .
'' . __( 'Delete which is a permanent action after the confirmation screen.' ) . ' ' .
'' . __( 'Visit to go to the front-end of the live site.' ) . ' ' . __( 'For more information:' ) . '
' .
'' . __( 'Documentation on Site Management ' ) . '
' .
'' . __( 'Support forums ' ) . '
'
);
get_current_screen()->set_screen_reader_content(
array(
'heading_pagination' => __( 'Sites list navigation' ),
'heading_list' => __( 'Sites list' ),
)
);
$id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0;
if ( isset( $_GET['action'] ) ) {
/** This action is documented in wp-admin/network/edit.php */
do_action( 'wpmuadminedit' );
// A list of valid actions and their associated messaging for confirmation output.
$manage_actions = array(
/* translators: %s: Site URL. */
'activateblog' => __( 'You are about to activate the site %s.' ),
/* translators: %s: Site URL. */
'deactivateblog' => __( 'You are about to deactivate the site %s.' ),
/* translators: %s: Site URL. */
'unarchiveblog' => __( 'You are about to unarchive the site %s.' ),
/* translators: %s: Site URL. */
'archiveblog' => __( 'You are about to archive the site %s.' ),
/* translators: %s: Site URL. */
'unspamblog' => __( 'You are about to unspam the site %s.' ),
/* translators: %s: Site URL. */
'spamblog' => __( 'You are about to mark the site %s as spam.' ),
/* translators: %s: Site URL. */
'deleteblog' => __( 'You are about to delete the site %s.' ),
/* translators: %s: Site URL. */
'unmatureblog' => __( 'You are about to mark the site %s as mature.' ),
/* translators: %s: Site URL. */
'matureblog' => __( 'You are about to mark the site %s as not mature.' ),
);
if ( 'confirm' === $_GET['action'] ) {
// The action2 parameter contains the action being taken on the site.
$site_action = $_GET['action2'];
if ( ! array_key_exists( $site_action, $manage_actions ) ) {
wp_die( __( 'The requested action is not valid.' ) );
}
// The mature/unmature UI exists only as external code. Check the "confirm" nonce for backward compatibility.
if ( 'matureblog' === $site_action || 'unmatureblog' === $site_action ) {
check_admin_referer( 'confirm' );
} else {
check_admin_referer( $site_action . '_' . $id );
}
if ( ! headers_sent() ) {
nocache_headers();
header( 'Content-Type: text/html; charset=utf-8' );
}
if ( is_main_site( $id ) ) {
wp_die( __( 'Sorry, you are not allowed to change the current site.' ) );
}
$site_details = get_site( $id );
$site_address = untrailingslashit( $site_details->domain . $site_details->path );
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
403 ) );
}
$updated_action = 'not_deleted';
if ( 0 !== $id && ! is_main_site( $id ) && current_user_can( 'delete_site', $id ) ) {
wpmu_delete_blog( $id, true );
$updated_action = 'delete';
}
break;
case 'delete_sites':
check_admin_referer( 'ms-delete-sites' );
foreach ( (array) $_POST['site_ids'] as $site_id ) {
$site_id = (int) $site_id;
if ( is_main_site( $site_id ) ) {
continue;
}
if ( ! current_user_can( 'delete_site', $site_id ) ) {
$site = get_site( $site_id );
$site_address = untrailingslashit( $site->domain . $site->path );
wp_die(
sprintf(
/* translators: %s: Site URL. */
__( 'Sorry, you are not allowed to delete the site %s.' ),
$site_address
),
403
);
}
$updated_action = 'all_delete';
wpmu_delete_blog( $site_id, true );
}
break;
case 'allblogs':
if ( isset( $_POST['action'] ) && isset( $_POST['allblogs'] ) ) {
$doaction = $_POST['action'];
foreach ( (array) $_POST['allblogs'] as $site_id ) {
$site_id = (int) $site_id;
if ( 0 !== $site_id && ! is_main_site( $site_id ) ) {
switch ( $doaction ) {
case 'delete':
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
id, $redirect_to, $doaction, $blogs, $id ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
wp_safe_redirect( $redirect_to );
exit;
}
} else {
// Process query defined by WP_MS_Site_List_Table::extra_table_nav().
$location = remove_query_arg(
array( '_wp_http_referer', '_wpnonce' ),
add_query_arg( $_POST, network_admin_url( 'sites.php' ) )
);
wp_redirect( $location );
exit;
}
break;
case 'archiveblog':
case 'unarchiveblog':
update_blog_status( $id, 'archived', ( 'archiveblog' === $_GET['action'] ) ? '1' : '0' );
break;
case 'activateblog':
update_blog_status( $id, 'deleted', '0' );
/**
* Fires after a network site is activated.
*
* @since MU (3.0.0)
*
* @param int $id The ID of the activated site.
*/
do_action( 'activate_blog', $id );
break;
case 'deactivateblog':
/**
* Fires before a network site is deactivated.
*
* @since MU (3.0.0)
*
* @param int $id The ID of the site being deactivated.
*/
do_action( 'deactivate_blog', $id );
update_blog_status( $id, 'deleted', '1' );
break;
case 'unspamblog':
case 'spamblog':
update_blog_status( $id, 'spam', ( 'spamblog' === $_GET['action'] ) ? '1' : '0' );
break;
case 'unmatureblog':
case 'matureblog':
update_blog_status( $id, 'mature', ( 'matureblog' === $_GET['action'] ) ? '1' : '0' );
break;
}
if ( empty( $updated_action ) && array_key_exists( $_GET['action'], $manage_actions ) ) {
$updated_action = $_GET['action'];
}
if ( ! empty( $updated_action ) ) {
wp_safe_redirect( add_query_arg( array( 'updated' => $updated_action ), wp_get_referer() ) );
exit;
}
}
$msg = '';
if ( isset( $_GET['updated'] ) ) {
$action = $_GET['updated'];
switch ( $action ) {
case 'all_notspam':
$msg = __( 'Sites removed from spam.' );
break;
case 'all_spam':
$msg = __( 'Sites marked as spam.' );
break;
case 'all_delete':
$msg = __( 'Sites deleted.' );
break;
case 'delete':
$msg = __( 'Site deleted.' );
break;
case 'not_deleted':
$msg = __( 'Sorry, you are not allowed to delete that site.' );
break;
case 'archiveblog':
$msg = __( 'Site archived.' );
break;
case 'unarchiveblog':
$msg = __( 'Site unarchived.' );
break;
case 'activateblog':
$msg = __( 'Site activated.' );
break;
case 'deactivateblog':
$msg = __( 'Site deactivated.' );
break;
case 'unspamblog':
$msg = __( 'Site removed from spam.' );
break;
case 'spamblog':
$msg = __( 'Site marked as spam.' );
break;
default:
/**
* Filters a specific, non-default, site-updated message in the Network admin.
*
* The dynamic portion of the hook name, `$action`, refers to the non-default
* site update action.
*
* @since 3.1.0
*
* @param string $msg The update message. Default 'Settings saved'.
*/
$msg = apply_filters( "network_sites_updated_message_{$action}", __( 'Settings saved.' ) );
break;
}
if ( ! empty( $msg ) ) {
$msg = wp_get_admin_notice(
$msg,
array(
'type' => 'success',
'dismissible' => true,
'id' => 'message',
)
);
}
}
$wp_list_table->prepare_items();
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
';
printf(
/* translators: %s: Search query. */
__( 'Search results for: %s' ),
'
' . esc_html( $s ) . ' '
);
echo '';
}
?>
views(); ?>
�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������admin.php�������������������������������������������������������������������������������������������0000644�����������������00000002000�15021105621�0006326 0����������������������������������������������������������������������������������������������������ustar�00�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������domain, $current_site->domain ) || 0 !== strcasecmp( $current_blog->path, $current_site->path ) );
/**
* Filters whether to redirect the request to the Network Admin.
*
* @since 3.2.0
*
* @param bool $redirect_network_admin_request Whether the request should be redirected.
*/
$redirect_network_admin_request = apply_filters( 'redirect_network_admin_request', $redirect_network_admin_request );
if ( $redirect_network_admin_request ) {
wp_redirect( network_admin_url() );
exit;
}
unset( $redirect_network_admin_request );
user-new.php����������������������������������������������������������������������������������������0000644�����������������00000012154�15021105621�0007016 0����������������������������������������������������������������������������������������������������ustar�00�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������add_help_tab(
array(
'id' => 'overview',
'title' => __( 'Overview' ),
'content' =>
'' . __( 'Add User will set up a new user account on the network and send that person an email with username and password.' ) . '
' .
'' . __( 'Users who are signed up to the network without a site are added as subscribers to the main or primary dashboard site, giving them profile pages to manage their accounts. These users will only see Dashboard and My Sites in the main navigation until a site is created for them.' ) . '
',
)
);
get_current_screen()->set_help_sidebar(
'' . __( 'For more information:' ) . '
' .
'' . __( 'Documentation on Network Users ' ) . '
' .
'' . __( 'Support forums ' ) . '
'
);
if ( isset( $_REQUEST['action'] ) && 'add-user' === $_REQUEST['action'] ) {
check_admin_referer( 'add-user', '_wpnonce_add-user' );
if ( ! current_user_can( 'manage_network_users' ) ) {
wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
}
if ( ! is_array( $_POST['user'] ) ) {
wp_die( __( 'Cannot create an empty user.' ) );
}
$user = wp_unslash( $_POST['user'] );
$user_details = wpmu_validate_user_signup( $user['username'], $user['email'] );
if ( is_wp_error( $user_details['errors'] ) && $user_details['errors']->has_errors() ) {
$add_user_errors = $user_details['errors'];
} else {
$password = wp_generate_password( 12, false );
$user_id = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, sanitize_email( $user['email'] ) );
if ( ! $user_id ) {
$add_user_errors = new WP_Error( 'add_user_fail', __( 'Cannot add user.' ) );
} else {
/**
* Fires after a new user has been created via the network user-new.php page.
*
* @since 4.4.0
*
* @param int $user_id ID of the newly created user.
*/
do_action( 'network_user_new_created_user', $user_id );
wp_redirect(
add_query_arg(
array(
'update' => 'added',
'user_id' => $user_id,
),
'user-new.php'
)
);
exit;
}
}
}
$message = '';
if ( isset( $_GET['update'] ) ) {
if ( 'added' === $_GET['update'] ) {
$edit_link = '';
if ( isset( $_GET['user_id'] ) ) {
$user_id_new = absint( $_GET['user_id'] );
if ( $user_id_new ) {
$edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user_id_new ) ) );
}
}
$message = __( 'User added.' );
if ( $edit_link ) {
$message .= sprintf( ' %s ', $edit_link, __( 'Edit user' ) );
}
}
}
// Used in the HTML title tag.
$title = __( 'Add User' );
$parent_file = 'users.php';
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
'success',
'dismissible' => true,
'id' => 'message',
)
);
}
if ( isset( $add_user_errors ) && is_wp_error( $add_user_errors ) ) {
$error_messages = '';
foreach ( $add_user_errors->get_error_messages() as $error ) {
$error_messages .= "
$error
";
}
wp_admin_notice(
$error_messages,
array(
'type' => 'error',
'dismissible' => true,
'id' => 'message',
'paragraph_wrap' => false,
)
);
}
?>
add_help_tab( get_site_screen_help_tab_args() );
get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() );
$id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0;
if ( ! $id ) {
wp_die( __( 'Invalid site ID.' ) );
}
$details = get_site( $id );
if ( ! $details ) {
wp_die( __( 'The requested site does not exist.' ) );
}
if ( ! can_edit_network( $details->site_id ) ) {
wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
}
$is_main_site = is_main_site( $id );
if ( isset( $_REQUEST['action'] ) && 'update-site' === $_REQUEST['action'] && is_array( $_POST['option'] ) ) {
check_admin_referer( 'edit-site' );
switch_to_blog( $id );
$skip_options = array( 'allowedthemes' ); // Don't update these options since they are handled elsewhere in the form.
foreach ( (array) $_POST['option'] as $key => $val ) {
$key = wp_unslash( $key );
$val = wp_unslash( $val );
if ( 0 === $key || is_array( $val ) || in_array( $key, $skip_options, true ) ) {
continue; // Avoids "0 is a protected WP option and may not be modified" error when editing blog options.
}
update_option( $key, $val );
}
/**
* Fires after the site options are updated.
*
* @since 3.0.0
* @since 4.4.0 Added `$id` parameter.
*
* @param int $id The ID of the site being updated.
*/
do_action( 'wpmu_update_blog_options', $id );
restore_current_blog();
wp_redirect(
add_query_arg(
array(
'update' => 'updated',
'id' => $id,
),
'site-settings.php'
)
);
exit;
}
if ( isset( $_GET['update'] ) ) {
$messages = array();
if ( 'updated' === $_GET['update'] ) {
$messages[] = __( 'Site options updated.' );
}
}
// Used in the HTML title tag.
/* translators: %s: Site title. */
$title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) );
$parent_file = 'sites.php';
$submenu_file = 'sites.php';
require_once ABSPATH . 'wp-admin/admin-header.php';
?>
$id,
'selected' => 'site-settings',
)
);
if ( ! empty( $messages ) ) {
$notice_args = array(
'type' => 'success',
'dismissible' => true,
'id' => 'message',
);
foreach ( $messages as $msg ) {
wp_admin_notice( $msg, $notice_args );
}
}
?>
add_help_tab(
array(
'id' => 'overview',
'title' => __( 'Overview' ),
'content' =>
'' . __( 'This screen sets and changes options for the network as a whole. The first site is the main site in the network and network options are pulled from that original site’s options.' ) . '
' .
'' . __( 'Operational settings has fields for the network’s name and admin email.' ) . '
' .
'' . __( 'Registration settings can disable/enable public signups. If you let others sign up for a site, install spam plugins. Spaces, not commas, should separate names banned as sites for this network.' ) . '
' .
'' . __( 'New site settings are defaults applied when a new site is created in the network. These include welcome email for when a new site or user account is registered, and what᾿s put in the first post, page, comment, comment author, and comment URL.' ) . '
' .
'' . __( 'Upload settings control the size of the uploaded files and the amount of available upload space for each site. You can change the default value for specific sites when you edit a particular site. Allowed file types are also listed (space separated only).' ) . '
' .
'' . __( 'You can set the language, and WordPress will automatically download and install the translation files (available if your filesystem is writable).' ) . '
' .
'' . __( 'Menu setting enables/disables the plugin menus from appearing for non super admins, so that only super admins, not site admins, have access to activate plugins.' ) . '
' .
'' . __( 'Super admins can no longer be added on the Options screen. You must now go to the list of existing users on Network Admin > Users and click on Username or the Edit action link below that name. This goes to an Edit User page where you can check a box to grant super admin privileges.' ) . '
',
)
);
get_current_screen()->set_help_sidebar(
'' . __( 'For more information:' ) . '
' .
'' . __( 'Documentation on Network Settings ' ) . '
' .
'' . __( 'Support forums ' ) . '
'
);
if ( $_POST ) {
/** This action is documented in wp-admin/network/edit.php */
do_action( 'wpmuadminedit' );
check_admin_referer( 'siteoptions' );
$checked_options = array(
'menu_items' => array(),
'registrationnotification' => 'no',
'upload_space_check_disabled' => 1,
'add_new_users' => 0,
);
foreach ( $checked_options as $option_name => $option_unchecked_value ) {
if ( ! isset( $_POST[ $option_name ] ) ) {
$_POST[ $option_name ] = $option_unchecked_value;
}
}
$options = array(
'registrationnotification',
'registration',
'add_new_users',
'menu_items',
'upload_space_check_disabled',
'blog_upload_space',
'upload_filetypes',
'site_name',
'first_post',
'first_page',
'first_comment',
'first_comment_url',
'first_comment_author',
'welcome_email',
'welcome_user_email',
'fileupload_maxk',
'illegal_names',
'limited_email_domains',
'banned_email_domains',
'WPLANG',
'new_admin_email',
'first_comment_email',
);
// Handle translation installation.
if ( ! empty( $_POST['WPLANG'] ) && current_user_can( 'install_languages' ) && wp_can_install_language_pack() ) {
$language = wp_download_language_pack( $_POST['WPLANG'] );
if ( $language ) {
$_POST['WPLANG'] = $language;
}
}
foreach ( $options as $option_name ) {
if ( ! isset( $_POST[ $option_name ] ) ) {
continue;
}
$value = wp_unslash( $_POST[ $option_name ] );
update_site_option( $option_name, $value );
}
/**
* Fires after the network options are updated.
*
* @since MU (3.0.0)
*/
do_action( 'update_wpmu_options' );
wp_redirect( add_query_arg( 'updated', 'true', network_admin_url( 'settings.php' ) ) );
exit;
}
require_once ABSPATH . 'wp-admin/admin-header.php';
if ( isset( $_GET['updated'] ) ) {
wp_admin_notice(
__( 'Settings saved.' ),
array(
'type' => 'success',
'dismissible' => true,
'id' => 'message',
)
);
}
?>
�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������