docs/api/source-admin.controller.common.filemanager.html
| 1: | <?php | | 2: | namespace Opencart\Admin\Controller\Common; | | 3: | /** | | 4: | * Class File Manager | | 5: | * | | 6: | * @package Opencart\Admin\Controller\Common | | 7: | */ | | 8: | class FileManager extends \Opencart\System\Engine\Controller { | | 9: | /** | | 10: | * Index | | 11: | * | | 12: | * @return void | | 13: | */ | | 14: | public function index(): void { | | 15: | $this->load->language('common/filemanager'); | | 16: | | | 17: | $data['error_upload_size'] = sprintf($this->language->get('error_upload_size'), $this->config->get('config_file_max_size')); | | 18: | | | 19: | $data['config_file_max_size'] = ((int)$this->config->get('config_file_max_size') * 1024 * 1024); | | 20: | | | 21: | // Return the target ID for the file manager to set the value | | 22: | if (isset($this->request->get['target'])) { | | 23: | $data['target'] = $this->request->get['target']; | | 24: | } else { | | 25: | $data['target'] = ''; | | 26: | } | | 27: | | | 28: | // Return the thumbnail for the file manager to show a thumbnail | | 29: | if (isset($this->request->get['thumb'])) { | | 30: | $data['thumb'] = $this->request->get['thumb']; | | 31: | } else { | | 32: | $data['thumb'] = ''; | | 33: | } | | 34: | | | 35: | if (isset($this->request->get['ckeditor'])) { | | 36: | $data['ckeditor'] = $this->request->get['ckeditor']; | | 37: | } else { | | 38: | $data['ckeditor'] = ''; | | 39: | } | | 40: | | | 41: | $data['user_token'] = $this->session->data['user_token']; | | 42: | | | 43: | $this->response->setOutput($this->load->view('common/filemanager', $data)); | | 44: | } | | 45: | | | 46: | /** | | 47: | * List | | 48: | * | | 49: | * @return void | | 50: | */ | | 51: | public function list(): void { | | 52: | $this->load->language('common/filemanager'); | | 53: | | | 54: | $base = DIR_IMAGE . 'catalog/'; | | 55: | | | 56: | // Make sure we have the correct directory | | 57: | if (isset($this->request->get['directory'])) { | | 58: | $directory = $base . html_entity_decode($this->request->get['directory'], ENT_QUOTES, 'UTF-8') . '/'; | | 59: | } else { | | 60: | $directory = $base; | | 61: | } | | 62: | | | 63: | if (isset($this->request->get['filter_name'])) { | | 64: | $filter_name = basename(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8')); | | 65: | } else { | | 66: | $filter_name = ''; | | 67: | } | | 68: | | | 69: | if (isset($this->request->get['page'])) { | | 70: | $page = (int)$this->request->get['page']; | | 71: | } else { | | 72: | $page = 1; | | 73: | } | | 74: | | | 75: | $allowed = [ | | 76: | '.ico', | | 77: | '.jpg', | | 78: | '.jpeg', | | 79: | '.png', | | 80: | '.gif', | | 81: | '.webp', | | 82: | '.JPG', | | 83: | '.JPEG', | | 84: | '.PNG', | | 85: | '.GIF' | | 86: | ]; | | 87: | | | 88: | $data['directories'] = []; | | 89: | $data['images'] = []; | | 90: | | | 91: | $this->load->model('tool/image'); | | 92: | | | 93: | // Get directories and files | | 94: | $paths = array_merge( | | 95: | glob($directory . $filter_name . '*', GLOB_ONLYDIR), | | 96: | glob($directory . $filter_name . '*{' . implode(',', $allowed) . '}', GLOB_BRACE) | | 97: | ); | | 98: | | | 99: | $total = count($paths); | | 100: | $limit = 16; | | 101: | $start = ($page - 1) * $limit; | | 102: | | | 103: | if ($paths) { | | 104: | $url = ''; | | 105: | | | 106: | if (isset($this->request->get['target'])) { | | 107: | $url .= '&target=' . $this->request->get['target']; | | 108: | } | | 109: | | | 110: | if (isset($this->request->get['thumb'])) { | | 111: | $url .= '&thumb=' . $this->request->get['thumb']; | | 112: | } | | 113: | | | 114: | if (isset($this->request->get['ckeditor'])) { | | 115: | $url .= '&ckeditor=' . $this->request->get['ckeditor']; | | 116: | } | | 117: | | | 118: | // Split the array based on current page number and max number of items per page of 10 | | 119: | foreach (array_slice($paths, $start, $limit) as $path) { | | 120: | $path = str_replace('\', '/', realpath($path)); | | 121: | | | 122: | if (substr($path, 0, strlen($base)) == $base) { | | 123: | $name = basename($path); | | 124: | | | 125: | if (is_dir($path)) { | | 126: | $data['directories'][] = [ | | 127: | 'name' => $name, | | 128: | 'path' => oc_substr($path, oc_strlen($base)) . '/', | | 129: | 'href' => $this->url->link('common/filemanager.list', 'user_token=' . $this->session->data['user_token'] . '&directory=' . urlencode(oc_substr($path, oc_strlen($base))) . $url) | | 130: | ]; | | 131: | } | | 132: | | | 133: | if (is_file($path) && in_array(substr($path, strrpos($path, '.')), $allowed)) { | | 134: | $data['images'][] = [ | | 135: | 'name' => $name, | | 136: | 'path' => oc_substr($path, oc_strlen($base)), | | 137: | 'href' => HTTP_CATALOG . 'image/catalog/' . oc_substr($path, oc_strlen($base)), | | 138: | 'thumb' => $this->model_tool_image->resize(oc_substr($path, oc_strlen(DIR_IMAGE)), $this->config->get('config_image_default_width'), $this->config->get('config_image_default_height')) | | 139: | ]; | | 140: | } | | 141: | } | | 142: | } | | 143: | } | | 144: | | | 145: | if (isset($this->request->get['directory'])) { | | 146: | $data['directory'] = urldecode($this->request->get['directory']); | | 147: | } else { | | 148: | $data['directory'] = ''; | | 149: | } | | 150: | | | 151: | if (isset($this->request->get['filter_name'])) { | | 152: | $data['filter_name'] = $this->request->get['filter_name']; | | 153: | } else { | | 154: | $data['filter_name'] = ''; | | 155: | } | | 156: | | | 157: | // Parent | | 158: | $url = ''; | | 159: | | | 160: | if (isset($this->request->get['directory'])) { | | 161: | $pos = strrpos($this->request->get['directory'], '/'); | | 162: | | | 163: | if ($pos) { | | 164: | $url .= '&directory=' . urlencode(substr($this->request->get['directory'], 0, $pos)); | | 165: | } | | 166: | } | | 167: | | | 168: | if (isset($this->request->get['target'])) { | | 169: | $url .= '&target=' . $this->request->get['target']; | | 170: | } | | 171: | | | 172: | if (isset($this->request->get['thumb'])) { | | 173: | $url .= '&thumb=' . $this->request->get['thumb']; | | 174: | } | | 175: | | | 176: | if (isset($this->request->get['ckeditor'])) { | | 177: | $url .= '&ckeditor=' . $this->request->get['ckeditor']; | | 178: | } | | 179: | | | 180: | $data['parent'] = $this->url->link('common/filemanager.list', 'user_token=' . $this->session->data['user_token'] . $url); | | 181: | | | 182: | // Refresh | | 183: | $url = ''; | | 184: | | | 185: | if (isset($this->request->get['directory'])) { | | 186: | $url .= '&directory=' . urlencode(html_entity_decode($this->request->get['directory'], ENT_QUOTES, 'UTF-8')); | | 187: | } | | 188: | | | 189: | if (isset($this->request->get['filter_name'])) { | | 190: | $url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8')); | | 191: | } | | 192: | | | 193: | if (isset($this->request->get['target'])) { | | 194: | $url .= '&target=' . $this->request->get['target']; | | 195: | } | | 196: | | | 197: | if (isset($this->request->get['thumb'])) { | | 198: | $url .= '&thumb=' . $this->request->get['thumb']; | | 199: | } | | 200: | | | 201: | if (isset($this->request->get['ckeditor'])) { | | 202: | $url .= '&ckeditor=' . $this->request->get['ckeditor']; | | 203: | } | | 204: | | | 205: | if (isset($this->request->get['page'])) { | | 206: | $url .= '&page=' . $this->request->get['page']; | | 207: | } | | 208: | | | 209: | $data['refresh'] = $this->url->link('common/filemanager.list', 'user_token=' . $this->session->data['user_token'] . $url); | | 210: | | | 211: | $url = ''; | | 212: | | | 213: | if (isset($this->request->get['directory'])) { | | 214: | $url .= '&directory=' . urlencode(html_entity_decode($this->request->get['directory'], ENT_QUOTES, 'UTF-8')); | | 215: | } | | 216: | | | 217: | if (isset($this->request->get['filter_name'])) { | | 218: | $url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8')); | | 219: | } | | 220: | | | 221: | if (isset($this->request->get['target'])) { | | 222: | $url .= '&target=' . $this->request->get['target']; | | 223: | } | | 224: | | | 225: | if (isset($this->request->get['thumb'])) { | | 226: | $url .= '&thumb=' . $this->request->get['thumb']; | | 227: | } | | 228: | | | 229: | if (isset($this->request->get['ckeditor'])) { | | 230: | $url .= '&ckeditor=' . $this->request->get['ckeditor']; | | 231: | } | | 232: | | | 233: | // Get total number of files and directories | | 234: | $data['pagination'] = $this->load->controller('common/pagination', [ | | 235: | 'total' => $total, | | 236: | 'page' => $page, | | 237: | 'limit' => $limit, | | 238: | 'url' => $this->url->link('common/filemanager.list', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}') | | 239: | ]); | | 240: | | | 241: | $this->response->setOutput($this->load->view('common/filemanager_list', $data)); | | 242: | } | | 243: | | | 244: | /** | | 245: | * Upload | | 246: | * | | 247: | * @return void | | 248: | */ | | 249: | public function upload(): void { | | 250: | $this->load->language('common/filemanager'); | | 251: | | | 252: | $json = []; | | 253: | | | 254: | $base = DIR_IMAGE . 'catalog/'; | | 255: | | | 256: | // Check user has permission | | 257: | if (!$this->user->hasPermission('modify', 'common/filemanager')) { | | 258: | $json['error'] = $this->language->get('error_permission'); | | 259: | } | | 260: | | | 261: | // Make sure we have the correct directory | | 262: | if (isset($this->request->get['directory'])) { | | 263: | $directory = $base . html_entity_decode($this->request->get['directory'], ENT_QUOTES, 'UTF-8') . '/'; | | 264: | } else { | | 265: | $directory = $base; | | 266: | } | | 267: | | | 268: | // Check it's a directory | | 269: | if (!is_dir($directory) || substr(str_replace('\', '/', realpath($directory)) . '/', 0, strlen($base)) != $base) { | | 270: | $json['error'] = $this->language->get('error_directory'); | | 271: | } | | 272: | | | 273: | if (!$json) { | | 274: | // Check if multiple files are uploaded or just one | | 275: | $files = []; | | 276: | | | 277: | if (!empty($this->request->files['file']['name']) && is_array($this->request->files['file']['name'])) { | | 278: | foreach (array_keys($this->request->files['file']['name']) as $key) { | | 279: | $files[] = [ | | 280: | 'name' => $this->request->files['file']['name'][$key], | | 281: | 'type' => $this->request->files['file']['type'][$key], | | 282: | 'tmp_name' => $this->request->files['file']['tmp_name'][$key], | | 283: | 'error' => $this->request->files['file']['error'][$key], | | 284: | 'size' => $this->request->files['file']['size'][$key] | | 285: | ]; | | 286: | } | | 287: | } | | 288: | | | 289: | foreach ($files as $file) { | | 290: | if (is_file($file['tmp_name'])) { | | 291: | // Sanitize the filename | | 292: | $filename = preg_replace('/[/\?%*:|"<>]/', '', basename(html_entity_decode($file['name'], ENT_QUOTES, 'UTF-8'))); | | 293: | | | 294: | // Validate the filename length | | 295: | if ((oc_strlen($filename) < 4) || (oc_strlen($filename) > 255)) { | | 296: | $json['error'] = $this->language->get('error_filename'); | | 297: | } | | 298: | | | 299: | // Allowed file extension types | | 300: | $allowed = [ | | 301: | 'ico', | | 302: | 'jpg', | | 303: | 'jpeg', | | 304: | 'png', | | 305: | 'gif', | | 306: | 'webp', | | 307: | 'JPG', | | 308: | 'JPEG', | | 309: | 'PNG', | | 310: | 'GIF' | | 311: | ]; | | 312: | | | 313: | if (!in_array(substr($filename, strrpos($filename, '.') + 1), $allowed)) { | | 314: | $json['error'] = $this->language->get('error_file_type'); | | 315: | } | | 316: | | | 317: | // Allowed file mime types | | 318: | $allowed = [ | | 319: | 'image/x-icon', | | 320: | 'image/jpeg', | | 321: | 'image/pjpeg', | | 322: | 'image/png', | | 323: | 'image/x-png', | | 324: | 'image/gif', | | 325: | 'image/webp' | | 326: | ]; | | 327: | | | 328: | if (!in_array($file['type'], $allowed)) { | | 329: | $json['error'] = $this->language->get('error_file_type'); | | 330: | } | | 331: | | | 332: | // Return any upload error | | 333: | if ($file['error'] != UPLOAD_ERR_OK) { | | 334: | $json['error'] = $this->language->get('error_upload_' . $file['error']); | | 335: | } | | 336: | } else { | | 337: | $json['error'] = $this->language->get('error_upload'); | | 338: | } | | 339: | | | 340: | if (!$json) { | | 341: | move_uploaded_file($file['tmp_name'], $directory . $filename); | | 342: | } | | 343: | } | | 344: | } | | 345: | | | 346: | if (!$json) { | | 347: | $json['success'] = $this->language->get('text_uploaded'); | | 348: | } | | 349: | | | 350: | $this->response->addHeader('Content-Type: application/json'); | | 351: | $this->response->setOutput(json_encode($json)); | | 352: | } | | 353: | | | 354: | /** | | 355: | * Folder | | 356: | * | | 357: | * @return void | | 358: | */ | | 359: | public function folder(): void { | | 360: | $this->load->language('common/filemanager'); | | 361: | | | 362: | $json = []; | | 363: | | | 364: | $base = DIR_IMAGE . 'catalog/'; | | 365: | | | 366: | // Check user has permission | | 367: | if (!$this->user->hasPermission('modify', 'common/filemanager')) { | | 368: | $json['error'] = $this->language->get('error_permission'); | | 369: | } | | 370: | | | 371: | // Make sure we have the correct directory | | 372: | if (isset($this->request->get['directory'])) { | | 373: | $directory = $base . html_entity_decode($this->request->get['directory'], ENT_QUOTES, 'UTF-8') . '/'; | | 374: | } else { | | 375: | $directory = $base; | | 376: | } | | 377: | | | 378: | // Check its a directory | | 379: | if (!is_dir($directory) || substr(str_replace('\', '/', realpath($directory)) . '/', 0, strlen($base)) != $base) { | | 380: | $json['error'] = $this->language->get('error_directory'); | | 381: | } | | 382: | | | 383: | if ($this->request->server['REQUEST_METHOD'] == 'POST') { | | 384: | // Sanitize the folder name | | 385: | $folder = preg_replace('/[/\?%*&:|"<>]/', '', basename(html_entity_decode($this->request->post['folder'], ENT_QUOTES, 'UTF-8'))); | | 386: | | | 387: | // Validate the filename length | | 388: | if ((oc_strlen($folder) < 3) || (oc_strlen($folder) > 128)) { | | 389: | $json['error'] = $this->language->get('error_folder'); | | 390: | } | | 391: | | | 392: | // Check if directory already exists or not | | 393: | if (is_dir($directory . $folder)) { | | 394: | $json['error'] = $this->language->get('error_exists'); | | 395: | } | | 396: | } | | 397: | | | 398: | if (!$json) { | | 399: | mkdir($directory . $folder, 0777); | | 400: | | | 401: | chmod($directory . $folder, 0777); | | 402: | | | 403: | @touch($directory . $folder . '/' . 'index.html'); | | 404: | | | 405: | $json['success'] = $this->language->get('text_directory'); | | 406: | } | | 407: | | | 408: | $this->response->addHeader('Content-Type: application/json'); | | 409: | $this->response->setOutput(json_encode($json)); | | 410: | } | | 411: | | | 412: | /** | | 413: | * Delete | | 414: | * | | 415: | * @return void | | 416: | */ | | 417: | public function delete(): void { | | 418: | $this->load->language('common/filemanager'); | | 419: | | | 420: | $json = []; | | 421: | | | 422: | $base = DIR_IMAGE . 'catalog/'; | | 423: | | | 424: | // Check user has permission | | 425: | if (!$this->user->hasPermission('modify', 'common/filemanager')) { | | 426: | $json['error'] = $this->language->get('error_permission'); | | 427: | } | | 428: | | | 429: | if (isset($this->request->post['path'])) { | | 430: | $paths = $this->request->post['path']; | | 431: | } else { | | 432: | $paths = []; | | 433: | } | | 434: | | | 435: | // Loop through each path to run validations | | 436: | foreach ($paths as $path) { | | 437: | // Convert any html encoded characters. | | 438: | $path = html_entity_decode($path, ENT_QUOTES, 'UTF-8'); | | 439: | | | 440: | // Check path exists | | 441: | if (($path == $base) || (substr(str_replace('\', '/', realpath($base . $path)) . '/', 0, strlen($base)) != $base)) { | | 442: | $json['error'] = $this->language->get('error_delete'); | | 443: | | | 444: | break; | | 445: | } | | 446: | } | | 447: | | | 448: | if (!$json) { | | 449: | // Loop through each path | | 450: | foreach ($paths as $path) { | | 451: | $path = rtrim($base . html_entity_decode($path, ENT_QUOTES, 'UTF-8'), '/'); | | 452: | | | 453: | $files = []; | | 454: | | | 455: | // Make path into an array | | 456: | $directory = [$path]; | | 457: | | | 458: | // While the path array is still populated keep looping through | | 459: | while (count($directory) != 0) { | | 460: | $next = array_shift($directory); | | 461: | | | 462: | if (is_dir($next)) { | | 463: | foreach (glob(trim($next, '/') . '/{*,.[!.]*,..?*}', GLOB_BRACE) as $file) { | | 464: | // If directory add to path array | | 465: | $directory[] = $file; | | 466: | } | | 467: | } | | 468: | | | 469: | // Add the file to the files to be deleted array | | 470: | $files[] = $next; | | 471: | } | | 472: | | | 473: | // Reverse sort the file array | | 474: | rsort($files); | | 475: | | | 476: | foreach ($files as $file) { | | 477: | // If file just delete | | 478: | if (is_file($file)) { | | 479: | unlink($file); | | 480: | } | | 481: | | | 482: | // If directory use the remove directory function | | 483: | if (is_dir($file)) { | | 484: | rmdir($file); | | 485: | } | | 486: | } | | 487: | } | | 488: | | | 489: | $json['success'] = $this->language->get('text_delete'); | | 490: | } | | 491: | | | 492: | $this->response->addHeader('Content-Type: application/json'); | | 493: | $this->response->setOutput(json_encode($json)); | | 494: | } | | 495: | } | | 496: | |
OpenCart API API documentation generated by ApiGen dev-master