first commit

2023-02-27 12:57:51 +01:00
commit 35f3994c25
2442 changed files with 470540 additions and 0 deletions
--- a/admin/FCKeditor/editor/filemanager/upload/cfm/config.cfm
+++ b/admin/FCKeditor/editor/filemanager/upload/cfm/config.cfm
@ -0,0 +1,94 @@
+<!---
+ * FCKeditor - The text editor for Internet - http://www.fckeditor.net
+ * Copyright (C) 2003-2007 Frederico Caldeira Knabben
+ *
+ * == BEGIN LICENSE ==
+ *
+ * Licensed under the terms of any of the following licenses at your
+ * choice:
+ *
+ *  - GNU General Public License Version 2 or later (the "GPL")
+ *    http://www.gnu.org/licenses/gpl.html
+ *
+ *  - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+ *    http://www.gnu.org/licenses/lgpl.html
+ *
+ *  - Mozilla Public License Version 1.1 or later (the "MPL")
+ *    http://www.mozilla.org/MPL/MPL-1.1.html
+ *
+ * == END LICENSE ==
+ *
+ * Configuration file for the ColdFusion File Uploader.
+--->
+
+<cfscript>
+	config = StructNew();
+
+	// SECURITY: You must explicitelly enable this "uploader".
+	config.enabled = false;
+
+	// Path to uploaded files relative to the document root.
+	config.userFilesPath = "/userfiles/";
+
+	config.serverPath = ""; // use this to force the server path if FCKeditor is not running directly off the root of the application or the FCKeditor directory in the URL is a virtual directory or a symbolic link / junction
+
+	config.allowedExtensions = StructNew();
+	config.deniedExtensions = StructNew();
+
+	config.allowedExtensions["File"] = "";
+	config.deniedExtensions["File"] = "html,htm,php,php2,php3,php4,php5,phtml,pwml,inc,asp,aspx,ascx,jsp,cfm,cfc,pl,bat,exe,com,dll,vbs,js,reg,cgi,htaccess,asis,sh,shtml,shtm,phtm";
+
+	config.allowedExtensions["Image"] = "png,gif,jpg,jpeg,bmp";
+	config.deniedExtensions["Image"] = "";
+
+	config.allowedExtensions["Flash"] = "swf,fla";
+	config.deniedExtensions["Flash"] = "";
+</cfscript>
+
+<!--- code to maintain backwards compatibility with previous version of cfm connector --->
+<cfif isDefined("application.userFilesPath")>
+
+	<cflock scope="application" type="readonly" timeout="5">
+		<cfset config.userFilesPath = application.userFilesPath>
+	</cflock>
+
+<cfelseif isDefined("server.userFilesPath")>
+
+	<cflock scope="server" type="readonly" timeout="5">
+		<cfset config.userFilesPath = server.userFilesPath>
+	</cflock>
+
+</cfif>
+
+<!--- look for config struct in application and server scopes --->
+<cfif isDefined("application.FCKeditor") and isStruct(application.FCKeditor)>
+
+	<cflock scope="application" type="readonly" timeout="5">
+	<cfset variables.FCKeditor = duplicate(application.FCKeditor)>
+	</cflock>
+
+<cfelseif isDefined("server.FCKeditor") and isStruct(server.FCKeditor)>
+
+	<cflock scope="server" type="readonly" timeout="5">
+	<cfset variables.FCKeditor = duplicate(server.FCKeditor)>
+	</cflock>
+
+</cfif>
+
+<cfif isDefined("FCKeditor")>
+
+	<!--- copy key values from external to local config (i.e. override default config as required) --->
+	<cfscript>
+		function structCopyKeys(stFrom, stTo) {
+			for ( key in stFrom ) {
+				if ( isStruct(stFrom[key]) ) {
+					structCopyKeys(stFrom[key],stTo[key]);
+				} else {
+					stTo[key] = stFrom[key];
+				}
+			}
+		}
+		structCopyKeys(FCKeditor, config);
+	</cfscript>
+
+</cfif>
--- a/admin/FCKeditor/editor/filemanager/upload/cfm/upload.cfm
+++ b/admin/FCKeditor/editor/filemanager/upload/cfm/upload.cfm
@ -0,0 +1,172 @@
+<!---
+ * FCKeditor - The text editor for Internet - http://www.fckeditor.net
+ * Copyright (C) 2003-2007 Frederico Caldeira Knabben
+ *
+ * == BEGIN LICENSE ==
+ *
+ * Licensed under the terms of any of the following licenses at your
+ * choice:
+ *
+ *  - GNU General Public License Version 2 or later (the "GPL")
+ *    http://www.gnu.org/licenses/gpl.html
+ *
+ *  - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+ *    http://www.gnu.org/licenses/lgpl.html
+ *
+ *  - Mozilla Public License Version 1.1 or later (the "MPL")
+ *    http://www.mozilla.org/MPL/MPL-1.1.html
+ *
+ * == END LICENSE ==
+ *
+ * This is the "File Uploader" for ColdFusion.
+ * Based on connector.cfm by Mark Woods (mark@thickpaddy.com)
+--->
+
+<cfinclude template="config.cfm">
+
+<cfparam name="url.type" default="File">
+
+<cffunction name="SendResults">
+	<cfargument name="errorNumber" type="numeric" required="yes">
+	<cfargument name="fileUrl" type="string" required="no" default="">
+	<cfargument name="fileName" type="string" required="no" default="">
+	<cfargument name="customMsg" type="string" required="no" default="">
+
+	<cfoutput>
+		<script type="text/javascript">
+			window.parent.OnUploadCompleted(#errorNumber#, "#JSStringFormat(fileUrl)#", "#JSStringFormat(fileName)#", "#JSStringFormat(customMsg)#");
+		</script>
+	</cfoutput>
+
+	<cfabort><!--- Result sent, stop processing this page --->
+</cffunction>
+
+<cfif NOT config.enabled>
+	<cfset SendResults(1, '', '', 'This file uploader is disabled. Please check the "editor/filemanager/upload/cfm/config.cfm" file')>
+<cfelse>
+	<cfscript>
+
+		userFilesPath = config.userFilesPath;
+		lAllowedExtensions = config.allowedExtensions[url.type];
+		lDeniedExtensions = config.deniedExtensions[url.type];
+		customMsg = ''; // Can be overwritten. The last value will be sent with the result
+
+		// make sure the user files path is correctly formatted
+		userFilesPath = replace(userFilesPath, "\", "/", "ALL");
+		userFilesPath = replace(userFilesPath, '//', '/', 'ALL');
+		if ( right(userFilesPath,1) NEQ "/" ) {
+			userFilesPath = userFilesPath & "/";
+		}
+		if ( left(userFilesPath,1) NEQ "/" ) {
+			userFilesPath = "/" & userFilesPath;
+		}
+
+		if (find("/",getBaseTemplatePath())) {
+			fs = "/";
+		} else {
+			fs = "\";
+		}
+
+		// Get the base physical path to the web root for this application. The code to determine the path automatically assumes that
+		// the "FCKeditor" directory in the http request path is directly off the web root for the application and that it's not a
+		// virtual directory or a symbolic link / junction. Use the serverPath config setting to force a physical path if necessary.
+		if ( len(config.serverPath) ) {
+			serverPath = config.serverPath;
+		} else {
+			serverPath = replaceNoCase(getBaseTemplatePath(),replace(cgi.script_name,"/",fs,"all"),"");
+		}
+
+		// map the user files path to a physical directory
+		userFilesServerPath = serverPath & replace(userFilesPath,"/",fs,"all");
+	</cfscript>
+
+	<cfset fileName = "">
+	<cfset fileExt = "">
+
+	<cftry>
+
+		<!--- we need to know the physical path to the current folder for all commands --->
+		<cfset currentFolderPath = userFilesServerPath & url.type & fs>
+
+		<cfif not directoryExists(currentFolderPath)>
+			<cfdirectory action="create" directory="#currentFolderPath#"/>
+		</cfif>
+
+		<!--- TODO: upload to a temp directory and move file if extension is allowed --->
+
+		<!--- first upload the file with an unique filename --->
+		<cffile action="upload"
+			fileField="NewFile"
+			destination="#currentFolderPath#"
+			nameConflict="makeunique"
+			mode="644"
+			attributes="normal">
+
+		<cfif (Len(lAllowedExtensions) AND NOT listFindNoCase(lAllowedExtensions, cffile.ServerFileExt))
+			OR (Len(lDeniedExtensions) AND listFindNoCase(lDeniedExtensions, cffile.ServerFileExt))>
+
+			<!--- Extension of the uploaded file is not allowed --->
+			<cfset errorNumber = "202">
+			<cffile action="delete" file="#cffile.ServerDirectory##fs##cffile.ServerFile#">
+
+		<cfelse>
+
+			<cfscript>
+				errorNumber = 0;
+				fileName = cffile.ClientFileName;
+				fileExt = cffile.ServerFileExt;
+
+				// munge filename for html download. Only a-z, 0-9, _, - and . are allowed
+				if( reFind("[^A-Za-z0-9_\-\.]", fileName) ) {
+					fileName = reReplace(fileName, "[^A-Za-z0-9\-\.]", "_", "ALL");
+					fileName = reReplace(fileName, "_{2,}", "_", "ALL");
+					fileName = reReplace(fileName, "([^_]+)_+$", "\1", "ALL");
+					fileName = reReplace(fileName, "$_([^_]+)$", "\1", "ALL");
+				}
+
+				// When the original filename already exists, add numbers (0), (1), (2), ... at the end of the filename.
+				if( compare( cffile.ServerFileName, fileName ) ) {
+					counter = 0;
+					tmpFileName = fileName;
+					while( fileExists("#currentFolderPath##fileName#.#fileExt#") ) {
+						counter = counter + 1;
+						fileName = tmpFileName & '(#counter#)';
+					}
+				}
+			</cfscript>
+
+			<!--- Rename the uploaded file, if neccessary --->
+			<cfif compare(cffile.ServerFileName,fileName)>
+
+				<cfset errorNumber = "201">
+				<cffile
+					action="rename"
+					source="#currentFolderPath##cffile.ServerFileName#.#cffile.ServerFileExt#"
+					destination="#currentFolderPath##fileName#.#fileExt#"
+					mode="644"
+					attributes="normal">
+
+			</cfif>
+
+		</cfif>
+
+		<cfcatch type="Any">
+
+			<cfset errorNumber = "1">
+			<cfset customMsg = "An error occured: " & cfcatch.message & " - " & cfcatch.detail>
+
+		</cfcatch>
+
+	</cftry>
+
+	<cfif errorNumber EQ 0>
+		<!--- file was uploaded succesfully --->
+		<cfset SendResults(errorNumber, '#userFilesPath##url.type#/#fileName#.#fileExt#')>
+	<cfelseif errorNumber EQ 201>
+		<!--- file was changed (201), submit the new filename --->
+		<cfset SendResults(errorNumber, '#userFilesPath##url.type#/#fileName#.#fileExt#', replace( fileName & "." & fileExt, "'", "\'", "ALL"), customMsg)>
+	<cfelse>
+		<!--- An error occured(202). Submit only the error code and a message (if available). --->
+		<cfset SendResults(errorNumber, '', '', customMsg)>
+	</cfif>
+</cfif>