1
<cfsetting enablecfoutputonly="yes" showdebugoutput="no">
3
* FCKeditor - The text editor for Internet - http://www.fckeditor.net
4
* Copyright (C) 2003-2009 Frederico Caldeira Knabben
8
* Licensed under the terms of any of the following licenses at your
11
* - GNU General Public License Version 2 or later (the "GPL")
12
* http://www.gnu.org/licenses/gpl.html
14
* - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
15
* http://www.gnu.org/licenses/lgpl.html
17
* - Mozilla Public License Version 1.1 or later (the "MPL")
18
* http://www.mozilla.org/MPL/MPL-1.1.html
22
* File Browser connector for ColdFusion 5.
23
* (based on the original CF connector by Hendrik Kramer - hk@lwd.de)
26
* FCKeditor requires that the connector responds with UTF-8 encoded XML.
27
* As ColdFusion 5 does not fully support UTF-8 encoding, we force ASCII
28
* file and folder names in this connector to allow CF5 send a UTF-8
29
* encoded response - code points under 127 in UTF-8 are stored using a
30
* single byte, using the same encoding as ASCII, which is damn handy.
31
* This is all grand for the English speakers, like meself, but I dunno
32
* how others are gonna take to it. Well, the previous version of this
33
* connector already did this with file names and nobody seemed to mind,
34
* so fingers-crossed nobody will mind their folder names being munged too.
38
<cfparam name="url.command">
39
<cfparam name="url.type">
40
<cfparam name="url.currentFolder">
41
<!--- note: no serverPath url parameter - see config.cfm if you need to set the serverPath manually --->
43
<cfinclude template="config.cfm">
46
userFilesPath = config.userFilesPath;
48
if ( userFilesPath eq "" )
50
userFilesPath = "/userfiles/";
53
// make sure the user files path is correctly formatted
54
userFilesPath = replace(userFilesPath, "\", "/", "ALL");
55
userFilesPath = replace(userFilesPath, '//', '/', 'ALL');
56
if ( right(userFilesPath,1) NEQ "/" )
58
userFilesPath = userFilesPath & "/";
60
if ( left(userFilesPath,1) NEQ "/" )
62
userFilesPath = "/" & userFilesPath;
65
// make sure the current folder is correctly formatted
66
url.currentFolder = replace(url.currentFolder, "\", "/", "ALL");
67
url.currentFolder = replace(url.currentFolder, '//', '/', 'ALL');
68
if ( right(url.currentFolder,1) neq "/" )
70
url.currentFolder = url.currentFolder & "/";
72
if ( left(url.currentFolder,1) neq "/" )
74
url.currentFolder = "/" & url.currentFolder;
77
if ( find("/",getBaseTemplatePath()) neq 0 )
86
// Get the base physical path to the web root for this application. The code to determine the path automatically assumes that
87
// the "FCKeditor" directory in the http request path is directly off the web root for the application and that it's not a
88
// virtual directory or a symbolic link / junction. Use the serverPath config setting to force a physical path if necessary.
89
if ( len(config.serverPath) )
91
serverPath = config.serverPath;
93
if ( right(serverPath,1) neq fs )
95
serverPath = serverPath & fs;
100
serverPath = replaceNoCase(getBaseTemplatePath(),replace(cgi.script_name,"/",fs,"all"),"") & replace(userFilesPath,"/",fs,"all");
103
rootPath = left( serverPath, Len(serverPath) - Len(userFilesPath) ) ;
104
xmlContent = ""; // append to this string to build content
109
<cfif not config.enabled>
111
<cfset xmlContent = "<Error number=""1"" text=""This connector is disabled. Please check the 'editor/filemanager/connectors/cfm/config.cfm' file"" />">
113
<cfelseif find("..",url.currentFolder) or find("\",url.currentFolder) or REFind('(/\.)|(//)|[[:cntrl:]]|([\\:\*\?\"<>])', url.currentFolder)>
115
<cfset invalidName = true>
116
<cfset xmlContent = "<Error number=""102"" />">
118
<cfelseif isDefined("Config.ConfigAllowedCommands") and not ListFind(Config.ConfigAllowedCommands, url.command)>
120
<cfset invalidName = true>
121
<cfset xmlContent = '<Error number="1" text="The "' & HTMLEditFormat(url.command) & '" command isn''t allowed" />'>
123
<cfelseif isDefined("Config.ConfigAllowedTypes") and not ListFind(Config.ConfigAllowedTypes, url.type)>
125
<cfset invalidName = true>
126
<cfset xmlContent = '<Error number="1" text="Invalid type specified" />'>
130
<cfset resourceTypeUrl = "">
131
<cfif not len(xmlContent)>
132
<cfset resourceTypeUrl = rereplace( replace( Config.FileTypesPath[url.type], fs, "/", "all"), "/$", "") >
134
<cfif isDefined( "Config.FileTypesAbsolutePath" )
135
and structkeyexists( Config.FileTypesAbsolutePath, url.type )
136
and Len( Config.FileTypesAbsolutePath[url.type] )>
138
<cfset userFilesServerPath = Config.FileTypesAbsolutePath[url.type] & url.currentFolder>
141
<cfset userFilesServerPath = expandpath( resourceTypeUrl ) & url.currentFolder>
142
<!--- Catch: Parameter 1 of function ExpandPath must be a relative path --->
144
<cfset userFilesServerPath = rootPath & Config.FileTypesPath[url.type] & url.currentFolder>
149
<cfset userFilesServerPath = replace( userFilesServerPath, "/", fs, "all" ) >
150
<!--- get rid of double directory separators --->
151
<cfset userFilesServerPath = replace( userFilesServerPath, fs & fs, fs, "all") >
153
<cfset resourceTypeDirectory = left( userFilesServerPath, Len(userFilesServerPath) - Len(url.currentFolder) )>
156
<cfif not len(xmlContent) and not directoryexists(resourceTypeDirectory)>
157
<!--- create directories in physical path if they don't already exist --->
158
<cfset currentPath = "">
160
<cfloop list="#resourceTypeDirectory#" index="name" delimiters="#fs#">
161
<cfif currentPath eq "" and fs eq "\">
162
<!--- Without checking this, we would have in Windows \C:\ --->
163
<cfif not directoryExists(name)>
164
<cfdirectory action="create" directory="#name#" mode="755">
167
<cfif not directoryExists(currentPath & fs & name)>
168
<cfdirectory action="create" directory="#currentPath##fs##name#" mode="755">
172
<cfif fs eq "\" and currentPath eq "">
173
<cfset currentPath = name>
175
<cfset currentPath = currentPath & fs & name>
181
<!--- this should only occur as a result of a permissions problem --->
182
<cfset xmlContent = "<Error number=""103"" />">
189
<cfif not len(xmlContent)>
191
<!--- no errors thus far - run command --->
193
<!--- we need to know the physical path to the current folder for all commands --->
194
<cfset currentFolderPath = userFilesServerPath>
196
<cfswitch expression="#url.command#">
198
<cfcase value="FileUpload">
199
<cfset config_included = true >
200
<cfinclude template="cf5_upload.cfm">
205
<cfcase value="GetFolders">
207
<!--- Sort directories first, name ascending --->
210
directory="#currentFolderPath#"
217
while( i lte qDir.recordCount ) {
218
if( not compareNoCase( qDir.type[i], "FILE" ))
220
if( not listFind(".,..", qDir.name[i]) )
221
folders = folders & '<Folder name="#HTMLEditFormat( qDir.name[i] )#" />';
225
xmlContent = xmlContent & '<Folders>' & folders & '</Folders>';
231
<cfcase value="GetFoldersAndFiles">
233
<!--- Sort directories first, name ascending --->
236
directory="#currentFolderPath#"
244
while( i lte qDir.recordCount ) {
245
if( not compareNoCase( qDir.type[i], "DIR" ) and not listFind(".,..", qDir.name[i]) ) {
246
folders = folders & '<Folder name="#HTMLEditFormat(qDir.name[i])#" />';
247
} else if( not compareNoCase( qDir.type[i], "FILE" ) ) {
248
fileSizeKB = round(qDir.size[i] / 1024);
249
files = files & '<File name="#HTMLEditFormat(qDir.name[i])#" size="#IIf( fileSizeKB GT 0, DE( fileSizeKB ), 1)#" />';
254
xmlContent = xmlContent & '<Folders>' & folders & '</Folders>';
255
xmlContent = xmlContent & '<Files>' & files & '</Files>';
261
<cfcase value="CreateFolder">
263
<cfparam name="url.newFolderName" default="">
266
newFolderName = url.newFolderName;
267
if( reFind("[^A-Za-z0-9_\-\.]", newFolderName) ) {
268
// Munge folder name same way as we do the filename
269
// This means folder names are always US-ASCII so we don't have to worry about CF5 and UTF-8
270
newFolderName = reReplace(newFolderName, "[^A-Za-z0-9\-\.]", "_", "all");
271
newFolderName = reReplace(newFolderName, "_{2,}", "_", "all");
272
newFolderName = reReplace(newFolderName, "([^_]+)_+$", "\1", "all");
273
newFolderName = reReplace(newFolderName, "$_([^_]+)$", "\1", "all");
274
newFolderName = reReplace(newFolderName, '\.+', "_", "all" );
278
<cfif not len(newFolderName) or len(newFolderName) gt 255>
279
<cfset errorNumber = 102>
280
<cfelseif directoryExists(currentFolderPath & newFolderName)>
281
<cfset errorNumber = 101>
282
<cfelseif reFind("^\.\.",newFolderName)>
283
<cfset errorNumber = 102>
285
<cfset errorNumber = 0>
290
directory="#currentFolderPath##newFolderName#"
294
un-resolvable error numbers in ColdFusion:
295
* 102 : Invalid folder name.
296
* 103 : You have no permissions to create the folder.
298
<cfset errorNumber = 110>
303
<cfset xmlContent = xmlContent & '<Error number="#errorNumber#" />'>
308
<cfthrow type="fckeditor.connector" message="Illegal command: #url.command#">
315
xmlHeader = '<?xml version="1.0" encoding="utf-8" ?>';
317
xmlHeader = xmlHeader & '<Connector>';
320
xmlHeader = xmlHeader & '<Connector command="#url.command#" resourceType="#url.type#">';
321
xmlHeader = xmlHeader & '<CurrentFolder path="#url.currentFolder#" url="#resourceTypeUrl##url.currentFolder#" />';
323
xmlFooter = '</Connector>';
326
<cfheader name="Expires" value="#GetHttpTimeString(Now())#">
327
<cfheader name="Pragma" value="no-cache">
328
<cfheader name="Cache-Control" value="no-cache, no-store, must-revalidate">
329
<cfcontent reset="true" type="text/xml; charset=UTF-8">
330
<cfoutput>#xmlHeader##xmlContent##xmlFooter#</cfoutput>