lib
6 months ago
FileManager.php
6 months ago
FileManagerHelper.php
6 months ago
index.php
6 months ago
FileManager.php
697 lines
| 1 | <?php |
| 2 | namespace NinjaFileManager\File_manager; |
| 3 | |
| 4 | defined('ABSPATH') || exit; |
| 5 | |
| 6 | /** |
| 7 | * Settings Page |
| 8 | */ |
| 9 | |
| 10 | class FileManager |
| 11 | { |
| 12 | protected static $instance = null; |
| 13 | |
| 14 | /** |
| 15 | * |
| 16 | * @var object $options The object of the options class |
| 17 | * |
| 18 | * */ |
| 19 | public $options; |
| 20 | public $fmCapability = ''; |
| 21 | public $userRole = ''; |
| 22 | private $hook_suffix = array(); |
| 23 | |
| 24 | public static function getInstance() |
| 25 | { |
| 26 | if (null == self::$instance) { |
| 27 | self::$instance = new self; |
| 28 | } |
| 29 | |
| 30 | return self::$instance; |
| 31 | } |
| 32 | |
| 33 | private function __construct() |
| 34 | { |
| 35 | //get user role |
| 36 | $user = wp_get_current_user(); |
| 37 | $this->userRole = $user && $user->roles && isset($user->roles[0]) ? $user->roles[0] : ''; |
| 38 | |
| 39 | if ( empty($this->userRole) && isset($user->roles)) { |
| 40 | $role = ''; |
| 41 | foreach( $user->roles as $key => $value) { |
| 42 | $role = $value; |
| 43 | } |
| 44 | |
| 45 | $this->userRole = $role; |
| 46 | } |
| 47 | |
| 48 | // Loading Options |
| 49 | // Options |
| 50 | $this->options = get_option('njt_fs_settings'); |
| 51 | if(empty($this->options)) { |
| 52 | $this->options = array( // Setting up default values |
| 53 | 'njt_fs_file_manager_settings' => array( |
| 54 | 'root_folder_path' => ABSPATH, |
| 55 | 'root_folder_url' => site_url(), |
| 56 | 'enable_sensitive_protection' => '1' |
| 57 | ), |
| 58 | ); |
| 59 | } |
| 60 | register_shutdown_function(array($this, 'saveOptions')); |
| 61 | |
| 62 | add_action('init', array($this, 'isAlowUserAccess')); |
| 63 | if ($this->isAlowUserAccess()) { |
| 64 | add_action('admin_enqueue_scripts', array($this, 'enqueueAdminScripts')); |
| 65 | add_action('admin_menu', array($this, 'FileManager')); |
| 66 | add_action('wp_ajax_fs_connector', array($this, 'fsConnector')); |
| 67 | add_action('wp_ajax_selector_themes', array($this, 'selectorThemes')); |
| 68 | add_action('wp_ajax_get_role_restrictions', array($this, 'getArrRoleRestrictions')); |
| 69 | add_action('wp_ajax_njt_fs_save_setting', array($this, 'njt_fs_saveSetting')); |
| 70 | add_action('wp_ajax_njt_fs_save_setting_restrictions', array($this, 'njt_fs_saveSettingRestrictions')); |
| 71 | |
| 72 | $optionReview = get_option('njt_fs_review'); |
| 73 | if (time() >= (int)$optionReview && $optionReview !== '0'){ |
| 74 | add_action('admin_notices', array($this, 'njt_fs_give_review')); |
| 75 | } |
| 76 | |
| 77 | add_action('wp_ajax_njt_fs_save_review', array($this, 'njt_fs_save_review')); |
| 78 | } |
| 79 | } |
| 80 | |
| 81 | public function njt_fs_give_review() |
| 82 | { |
| 83 | if (function_exists('get_current_screen')) { |
| 84 | if (get_current_screen()->id == 'file-manager_page_filester-settings' || get_current_screen()->id == 'toplevel_page_njt-fs-filemanager' || get_current_screen()->id == 'plugins') { |
| 85 | $this->enqueue_scripts(); |
| 86 | ?> |
| 87 | <div class="notice notice-success is-dismissible" id="njt-fs-review"> |
| 88 | <h3><?php _e('Give Filester a review', 'filester')?></h3> |
| 89 | <p> |
| 90 | <?php _e('Thank you for choosing Filester. We hope you love it. Could you take a couple of seconds posting a nice review to share your happy experience?', 'filester')?> |
| 91 | </p> |
| 92 | <p> |
| 93 | <?php _e('We will be forever grateful. Thank you in advance ;)', 'filester')?> |
| 94 | </p> |
| 95 | <p> |
| 96 | <a href="javascript:;" data="rateNow" class="button button-primary" style="margin-right: 5px"><?php _e('Rate now', 'filester')?></a> |
| 97 | <a href="javascript:;" data="later" class="button" style="margin-right: 5px"><?php _e('Later', 'filester')?></a> |
| 98 | <a href="javascript:;" data="alreadyDid" class="button"><?php _e('Already did', 'filester')?></a> |
| 99 | </p> |
| 100 | </div> |
| 101 | <?php |
| 102 | } |
| 103 | } |
| 104 | } |
| 105 | |
| 106 | public function njt_fs_save_review() |
| 107 | { |
| 108 | if ( isset( $_POST ) ) { |
| 109 | $nonce = isset( $_POST['nonce'] ) ? sanitize_text_field( $_POST['nonce'] ) : null; |
| 110 | $field = isset( $_POST['field'] ) ? sanitize_text_field( $_POST['field'] ) : null; |
| 111 | |
| 112 | if ( ! wp_verify_nonce( $nonce, 'njt-fs-review' ) ) { |
| 113 | wp_send_json_error( array( 'status' => 'Wrong nonce validate!' ) ); |
| 114 | exit(); |
| 115 | } |
| 116 | |
| 117 | if ($field == 'later'){ |
| 118 | update_option('njt_fs_review', time() + 3*60*60*24); //After 3 days show |
| 119 | } else if ($field == 'alreadyDid'){ |
| 120 | update_option('njt_fs_review', 0); |
| 121 | } |
| 122 | wp_send_json_success(); |
| 123 | } |
| 124 | wp_send_json_error( array( 'message' => 'Update fail!' ) ); |
| 125 | } |
| 126 | |
| 127 | public function enqueue_scripts(){ |
| 128 | wp_enqueue_script('njt-fs-review', NJT_FS_BN_PLUGIN_URL . 'assets/js/review.js', array('jquery'), NJT_FS_BN_VERSION, false); |
| 129 | wp_localize_script('njt-fs-review', 'wpDataFs', array( |
| 130 | 'admin_ajax' => admin_url('admin-ajax.php'), |
| 131 | 'nonce' => wp_create_nonce("njt-fs-review"), |
| 132 | )); |
| 133 | } |
| 134 | |
| 135 | public function isAlowUserAccess() |
| 136 | { |
| 137 | if($this->userRole) { |
| 138 | $allowed_roles = !empty($this->options['njt_fs_file_manager_settings']['list_user_alow_access']) ? $this->options['njt_fs_file_manager_settings']['list_user_alow_access'] : array(); |
| 139 | if( in_array($this->userRole,$allowed_roles)) { |
| 140 | if (is_multisite() && $this->userRole == 'administrator') { |
| 141 | $this->fmCapability = 'activate_plugins'; |
| 142 | } |
| 143 | $this->fmCapability = $this->userRole; |
| 144 | return true; |
| 145 | } |
| 146 | } |
| 147 | if (is_multisite() && is_super_admin()) { |
| 148 | $this->fmCapability = 'create_sites'; |
| 149 | return true; |
| 150 | } |
| 151 | |
| 152 | if (!is_multisite() && is_super_admin()) { |
| 153 | $this->fmCapability = 'administrator'; |
| 154 | return true; |
| 155 | } |
| 156 | $this->fmCapability = 'read'; |
| 157 | return false; |
| 158 | } |
| 159 | |
| 160 | public function FileManager() |
| 161 | { |
| 162 | if( class_exists( 'NestedPages' ) ) { |
| 163 | $this->fmCapability = 'read'; |
| 164 | } |
| 165 | $icon = 'data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48IURPQ1RZUEUgc3ZnIFBVQkxJQyAiLS8vVzNDLy9EVEQgU1ZHIDEuMS8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9HcmFwaGljcy9TVkcvMS4xL0RURC9zdmcxMS5kdGQiPjxzdmcgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgdmVyc2lvbj0iMS4xIiB3aWR0aD0iMjQiIGhlaWdodD0iMjQiIHZpZXdCb3g9IjAgMCAyNCAyNCI+PHBhdGggZD0iTTEwLDRINEMyLjg5LDQgMiw0Ljg5IDIsNlYxOEEyLDIgMCAwLDAgNCwyMEgyMEEyLDIgMCAwLDAgMjIsMThWOEMyMiw2Ljg5IDIxLjEsNiAyMCw2SDEyTDEwLDRaIiBmaWxsPSIjYTdhYWFkIi8+PC9zdmc+'; |
| 166 | $display_suffix = add_menu_page( |
| 167 | __('Filester', 'textdomain'), |
| 168 | 'File Manager', |
| 169 | $this->fmCapability, |
| 170 | 'njt-fs-filemanager', |
| 171 | array($this, 'fsViewFileCallback'), |
| 172 | $icon, |
| 173 | 9 |
| 174 | ); |
| 175 | if (is_multisite()) { |
| 176 | $settings_suffix = add_submenu_page ( |
| 177 | 'njt-fs-filemanager', |
| 178 | 'Settings', |
| 179 | 'Settings', |
| 180 | 'create_sites', |
| 181 | 'filester-settings', |
| 182 | array($this, 'fsSettingsPage') ); |
| 183 | } |
| 184 | |
| 185 | if (!is_multisite()) { |
| 186 | $settings_suffix = add_submenu_page ( |
| 187 | 'njt-fs-filemanager', |
| 188 | 'Settings', |
| 189 | 'Settings', |
| 190 | 'manage_options', |
| 191 | 'filester-settings', |
| 192 | array($this, 'fsSettingsPage') ); |
| 193 | } |
| 194 | |
| 195 | $this->hook_suffix = array($display_suffix, $settings_suffix); |
| 196 | } |
| 197 | |
| 198 | public function fsViewFileCallback() |
| 199 | { |
| 200 | $viewPath = NJT_FS_BN_PLUGIN_PATH . 'views/pages/html-filemanager.php'; |
| 201 | include_once $viewPath; |
| 202 | } |
| 203 | |
| 204 | public function fsSettingsPage() |
| 205 | { |
| 206 | $viewPath = NJT_FS_BN_PLUGIN_PATH . 'views/pages/html-filemanager-settings.php'; |
| 207 | include_once $viewPath; |
| 208 | } |
| 209 | |
| 210 | public function enqueueAdminScripts($suffix) |
| 211 | { |
| 212 | if (in_array($suffix, $this->hook_suffix)) { |
| 213 | $selectorThemes = get_option('njt_fs_selector_themes'); |
| 214 | if (empty($selectorThemes[$this->userRole])) { |
| 215 | $selectorThemes[$this->userRole]['themesValue'] = 'Default'; |
| 216 | update_option('njt_fs_selector_themes', $selectorThemes); |
| 217 | } |
| 218 | |
| 219 | $selectedTheme = $selectorThemes[$this->userRole]['themesValue']; |
| 220 | |
| 221 | //elfinder css |
| 222 | wp_enqueue_style('elfinder.jq.css', plugins_url('/lib/jquery/jquery-ui.min.css', __FILE__)); |
| 223 | wp_enqueue_style('elfinder.full.css', plugins_url('/lib/css/elfinder.min.css', __FILE__)); |
| 224 | wp_enqueue_style('themes', plugins_url('/lib/css/theme.css', __FILE__)); |
| 225 | wp_enqueue_style('themes-selector', plugins_url('/lib/themes/' . $selectedTheme . '/css/theme.css', __FILE__)); |
| 226 | |
| 227 | //elfinder core |
| 228 | if(version_compare(get_bloginfo('version'),'5.6', '>=') ){ |
| 229 | wp_enqueue_script('jquery_min', plugins_url('/lib/jquery/jquery-ui.min.js', __FILE__)); |
| 230 | } else { |
| 231 | wp_enqueue_script('jquery_min', plugins_url('/lib/jquery/jquery-ui-old.min.js', __FILE__)); |
| 232 | } |
| 233 | |
| 234 | //elfinder js, toastr JS, css custom |
| 235 | wp_register_style('njt_fs_toastr_css',NJT_FS_BN_PLUGIN_URL . 'assets/js/toastr/toastr.min.css'); |
| 236 | wp_enqueue_style('njt_fs_toastr_css'); |
| 237 | wp_enqueue_script('njt_fs_toastr_js', NJT_FS_BN_PLUGIN_URL . 'assets/js/toastr/toastr.min.js', array('jquery'), NJT_FS_BN_VERSION); |
| 238 | |
| 239 | wp_register_style('file_manager_admin_css',NJT_FS_BN_PLUGIN_URL . 'assets/css/file_manager_admin.css'); |
| 240 | wp_enqueue_style('file_manager_admin_css'); |
| 241 | wp_enqueue_script('file_manager_admin', NJT_FS_BN_PLUGIN_URL . 'assets/js/file_manager_admin.js', array('jquery'), NJT_FS_BN_VERSION, true); |
| 242 | |
| 243 | //js load elFinder |
| 244 | wp_enqueue_script('njt_fs_elFinder', plugins_url('/lib/js/elfinder.min.js', __FILE__)); |
| 245 | |
| 246 | wp_enqueue_script('njt_fs_elfinder_editor', plugins_url('/lib/js/extras/editors.default.js', __FILE__)); |
| 247 | //js load fm_locale |
| 248 | if(isset($this->options['njt_fs_file_manager_settings']['fm_locale'])) { |
| 249 | $locale = $this->options['njt_fs_file_manager_settings']['fm_locale']; |
| 250 | if( !empty($locale) && $locale != 'en' && in_array($locale, njt_fs_locales(), true)) { |
| 251 | $locale = sanitize_file_name($locale); |
| 252 | wp_enqueue_script( 'njt_fs_fma_lang', plugins_url('lib/js/i18n/elfinder.'.$locale.'.js', __FILE__)); |
| 253 | } |
| 254 | } |
| 255 | |
| 256 | wp_localize_script('njt_fs_elFinder', 'wpData', array( |
| 257 | 'admin_ajax' => admin_url('admin-ajax.php'), |
| 258 | 'nonce' => wp_create_nonce("njt-fs-file-manager-admin"), |
| 259 | 'PLUGIN_URL' => NJT_FS_BN_PLUGIN_URL .'includes/File_manager/lib/', |
| 260 | 'PLUGIN_PATH' => NJT_FS_BN_PLUGIN_PATH.'includes/File_manager/lib/', |
| 261 | 'PLUGIN_DIR'=> NJT_FS_BN_PLUGIN_DIR, |
| 262 | 'ABSPATH'=> str_replace("\\", "/", ABSPATH), |
| 263 | 'is_multisite' => is_multisite(), |
| 264 | 'lang' => !empty( $this->options['njt_fs_file_manager_settings']['fm_locale']) ? sanitize_file_name($this->options['njt_fs_file_manager_settings']['fm_locale']) : '', |
| 265 | 'nonce_connector' => wp_create_nonce('file-manager-security-token'), |
| 266 | )); |
| 267 | } |
| 268 | } |
| 269 | |
| 270 | //File manager connector function |
| 271 | |
| 272 | public function fsConnector() |
| 273 | { |
| 274 | check_ajax_referer( 'file-manager-security-token', 'nonce' ); |
| 275 | $uploadMaxSize = isset($this->options['njt_fs_file_manager_settings']['upload_max_size']) && !empty($this->options['njt_fs_file_manager_settings']['upload_max_size']) ? $this->options['njt_fs_file_manager_settings']['upload_max_size'] : 0; |
| 276 | |
| 277 | // Get and validate root folder path |
| 278 | $root_folder_path = isset($this->options['njt_fs_file_manager_settings']['root_folder_path']) && !empty($this->options['njt_fs_file_manager_settings']['root_folder_path']) |
| 279 | ? $this->options['njt_fs_file_manager_settings']['root_folder_path'] |
| 280 | : ABSPATH; |
| 281 | |
| 282 | // Get and validate root folder URL |
| 283 | $root_folder_url = isset($this->options['njt_fs_file_manager_settings']['root_folder_url']) && !empty($this->options['njt_fs_file_manager_settings']['root_folder_url']) |
| 284 | ? $this->options['njt_fs_file_manager_settings']['root_folder_url'] |
| 285 | : site_url(); |
| 286 | |
| 287 | // Validate path exists and is readable - auto-fix if invalid |
| 288 | $path_needs_update = false; |
| 289 | if (!empty($root_folder_path) && (!is_dir($root_folder_path) || !is_readable($root_folder_path))) { |
| 290 | // Path is invalid, fallback to ABSPATH |
| 291 | $root_folder_path = ABSPATH; |
| 292 | $path_needs_update = true; |
| 293 | } |
| 294 | |
| 295 | // Validate URL - auto-update to current site_url() if path was invalid |
| 296 | // This ensures URL matches the new server/domain |
| 297 | if ($path_needs_update) { |
| 298 | $root_folder_url = site_url(); |
| 299 | } |
| 300 | |
| 301 | // Auto-update saved settings if path/URL was invalid |
| 302 | if ($path_needs_update) { |
| 303 | $this->options['njt_fs_file_manager_settings']['root_folder_path'] = $root_folder_path; |
| 304 | $this->options['njt_fs_file_manager_settings']['root_folder_url'] = $root_folder_url; |
| 305 | update_option('njt_fs_settings', $this->options); |
| 306 | } |
| 307 | |
| 308 | $opts = array( |
| 309 | 'bind' => array( |
| 310 | 'put.pre' => array(new \FileManagerHelper, 'madeStripcslashesFile'), // Check endcode when save file. |
| 311 | ), |
| 312 | 'debug' => false, |
| 313 | 'roots' => array( |
| 314 | array( |
| 315 | 'driver' => 'LocalFileSystem', |
| 316 | 'path' => $root_folder_path, |
| 317 | 'URL' => $root_folder_url, |
| 318 | 'tmpPath' => NJT_FS_BN_PLUGIN_PATH . 'includes/File_manager/lib/files/.tmp/', |
| 319 | 'trashHash' => '', // default is empty, when not enable trash |
| 320 | 'uploadMaxSize' => $uploadMaxSize .'M', |
| 321 | 'winHashFix' => DIRECTORY_SEPARATOR !== '/', |
| 322 | 'uploadOrder' => array('deny', 'allow'), |
| 323 | 'uploadDeny' => array('htaccess'), |
| 324 | //'acceptedName' => 'validName', |
| 325 | 'attributes' => array() // default is empty |
| 326 | ), |
| 327 | ), |
| 328 | ); |
| 329 | |
| 330 | |
| 331 | |
| 332 | //Enable Trash |
| 333 | if(isset($this->options['njt_fs_file_manager_settings']['enable_trash']) && ($this->options['njt_fs_file_manager_settings']['enable_trash'] == '1')) { |
| 334 | $trash = array( |
| 335 | 'id' => '1', |
| 336 | 'driver' => 'Trash', |
| 337 | 'path' => NJT_FS_BN_PLUGIN_PATH.'includes/File_manager/lib/files/.trash/', |
| 338 | 'tmbURL' => site_url() . '/includes/File_manager/lib/files/.trash/.tmb', |
| 339 | 'winHashFix' => DIRECTORY_SEPARATOR !== '/', |
| 340 | 'uploadDeny' => array('htaccess'), |
| 341 | 'uploadAllow' => array('all'), |
| 342 | 'uploadOrder' => array('deny', 'allow'), |
| 343 | // 'acceptedName' => 'validName', |
| 344 | 'attributes' => array( |
| 345 | array( |
| 346 | 'pattern' => '/.tmb/', |
| 347 | 'read' => false, |
| 348 | 'write' => false, |
| 349 | 'hidden' => true, |
| 350 | 'locked' => false |
| 351 | ), |
| 352 | array( |
| 353 | 'pattern' => '/.gitkeep/', |
| 354 | 'read' => false, |
| 355 | 'write' => false, |
| 356 | 'hidden' => true, |
| 357 | 'locked' => false |
| 358 | ) |
| 359 | ) |
| 360 | ); |
| 361 | $opts['roots'][0]['trashHash'] = 't1_Lw'; |
| 362 | $opts['roots'][1] = $trash; |
| 363 | } |
| 364 | |
| 365 | //Start --setting User Role Restrictions |
| 366 | $user = wp_get_current_user(); |
| 367 | $userRoles = $user && $user->roles && $user->roles[0] ? $user->roles[0] : ''; |
| 368 | |
| 369 | //Disable Operations |
| 370 | if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['list_user_restrictions_alow_access'])){ |
| 371 | $opts['roots'][0]['disabled'] = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['list_user_restrictions_alow_access']; |
| 372 | } |
| 373 | //Creat root path for user |
| 374 | $private_path_valid = false; |
| 375 | if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_folder_access'])){ |
| 376 | $private_path = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_folder_access'] .'/'; |
| 377 | // Validate private folder path exists and is readable |
| 378 | if (is_dir($private_path) && is_readable($private_path)) { |
| 379 | $opts['roots'][0]['path'] = $private_path; |
| 380 | $private_path_valid = true; |
| 381 | } |
| 382 | // If invalid, keep using default root path (already validated above) |
| 383 | } |
| 384 | |
| 385 | //Creat url root path for user |
| 386 | if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_url_folder_access']) && $private_path_valid){ |
| 387 | $private_url = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_url_folder_access'] .'/'; |
| 388 | $opts['roots'][0]['URL'] = $private_url; |
| 389 | } |
| 390 | |
| 391 | //Folder or File Paths That You want to Hide |
| 392 | if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['hide_paths'])){ |
| 393 | foreach ($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['hide_paths'] as $key => $value){ |
| 394 | $arrItemHidePath = array( |
| 395 | 'pattern' => '~/'.$value.'~', |
| 396 | 'read' => false, |
| 397 | 'write' => false, |
| 398 | 'hidden' => true, |
| 399 | 'locked' => false |
| 400 | ); |
| 401 | array_push($opts['roots'][0]['attributes'], $arrItemHidePath); |
| 402 | }; |
| 403 | } |
| 404 | |
| 405 | //File extensions which you want to Lock |
| 406 | if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['lock_files'])){ |
| 407 | foreach ($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['lock_files'] as $key => $value){ |
| 408 | $arrItemLockFile = array( |
| 409 | 'pattern' => '/'.$value.'/', |
| 410 | 'read' => false, |
| 411 | 'write' => false, |
| 412 | 'hidden' => false, |
| 413 | 'locked' => true |
| 414 | ); |
| 415 | array_push($opts['roots'][0]['attributes'], $arrItemLockFile); |
| 416 | }; |
| 417 | } |
| 418 | |
| 419 | //Enter file extensions which can be uploaded |
| 420 | $flag = false; |
| 421 | |
| 422 | |
| 423 | if (is_multisite()) { |
| 424 | if( !current_user_can('create_sites') && empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) { |
| 425 | $opts['roots'][0]['uploadDeny'] = array('all'); |
| 426 | $opts['roots'][0]['uploadAllow'] = array(''); |
| 427 | } else if ( !current_user_can('create_sites') && !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) { |
| 428 | $opts['roots'][0]['uploadDeny'] = array('all'); |
| 429 | $opts['roots'][0]['uploadAllow'] = array(); |
| 430 | $arrCanUploadMime = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime']; |
| 431 | $mimeTypes = new \FileManagerHelper(); |
| 432 | $arrMimeTypes = $mimeTypes->getArrMimeTypes(); |
| 433 | foreach ($arrMimeTypes as $key => $value){ |
| 434 | if(in_array($key,$arrCanUploadMime)) { |
| 435 | $explodeValue = explode(',',$value); |
| 436 | foreach($explodeValue as $item) { |
| 437 | array_push($opts['roots'][0]['uploadAllow'], $item ); |
| 438 | } |
| 439 | } |
| 440 | |
| 441 | }; |
| 442 | foreach ($arrCanUploadMime as $value){ |
| 443 | if(strpos($value,"x-conference") !== false |
| 444 | || strpos($value,"video") !== false |
| 445 | || strpos($value,"text") !== false |
| 446 | || strpos($value,"model") !== false |
| 447 | || strpos($value,"message") !== false |
| 448 | || strpos($value,"image") !== false |
| 449 | || strpos($value,"font") !== false |
| 450 | || strpos($value,"chemical") !== false |
| 451 | || strpos($value,"audio") !== false |
| 452 | || strpos($value,"application") !== false |
| 453 | ) { |
| 454 | array_push($opts['roots'][0]['uploadAllow'], $value ); |
| 455 | } |
| 456 | } |
| 457 | |
| 458 | } else { |
| 459 | $opts['roots'][0]['uploadDeny'] = array(); |
| 460 | $opts['roots'][0]['uploadAllow'] = array('all'); |
| 461 | } |
| 462 | } |
| 463 | |
| 464 | if (!is_multisite()) { |
| 465 | if($this->userRole !== 'administrator' && empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) { |
| 466 | $opts['roots'][0]['uploadDeny'] = array('all'); |
| 467 | $opts['roots'][0]['uploadAllow'] = array(''); |
| 468 | } else if ( $this->userRole !== 'administrator' && !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) { |
| 469 | $opts['roots'][0]['uploadDeny'] = array('all'); |
| 470 | $opts['roots'][0]['uploadAllow'] = array(); |
| 471 | $arrCanUploadMime = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime']; |
| 472 | $mimeTypes = new \FileManagerHelper(); |
| 473 | $arrMimeTypes = $mimeTypes->getArrMimeTypes(); |
| 474 | foreach ($arrMimeTypes as $key => $value){ |
| 475 | if(in_array($key,$arrCanUploadMime)) { |
| 476 | $explodeValue = explode(',',$value); |
| 477 | foreach($explodeValue as $item) { |
| 478 | $listFileCanNotUpload = $mimeTypes->listFileCanNotUpload(); |
| 479 | if(!in_array($item, $listFileCanNotUpload)) { |
| 480 | array_push($opts['roots'][0]['uploadAllow'], $item ); |
| 481 | } |
| 482 | } |
| 483 | } |
| 484 | |
| 485 | }; |
| 486 | foreach ($arrCanUploadMime as $value){ |
| 487 | if(strpos($value,"x-conference") !== false |
| 488 | || strpos($value,"video") !== false |
| 489 | || strpos($value,"text") !== false |
| 490 | || strpos($value,"model") !== false |
| 491 | || strpos($value,"message") !== false |
| 492 | || strpos($value,"image") !== false |
| 493 | || strpos($value,"font") !== false |
| 494 | || strpos($value,"chemical") !== false |
| 495 | || strpos($value,"audio") !== false |
| 496 | || strpos($value,"application") !== false |
| 497 | ) { |
| 498 | array_push($opts['roots'][0]['uploadAllow'], $value ); |
| 499 | } |
| 500 | } |
| 501 | |
| 502 | } else { |
| 503 | $opts['roots'][0]['uploadDeny'] = array(); |
| 504 | $opts['roots'][0]['uploadAllow'] = array('all'); |
| 505 | } |
| 506 | } |
| 507 | |
| 508 | // Sensitive files protection |
| 509 | if(isset($this->options['njt_fs_file_manager_settings']['enable_sensitive_protection']) && ($this->options['njt_fs_file_manager_settings']['enable_sensitive_protection'] == '1')) { |
| 510 | $sensitive_files = apply_filters('njt_fs_sensitive_files', array( |
| 511 | '.htaccess', |
| 512 | 'wp-config.php', |
| 513 | '.env', |
| 514 | 'wp-config-sample.php', |
| 515 | 'readme.html', |
| 516 | 'license.txt', |
| 517 | 'xmlrpc.php' |
| 518 | )); |
| 519 | |
| 520 | foreach ($sensitive_files as $file) { |
| 521 | $attributes = array( |
| 522 | 'pattern' => '/' . preg_quote($file, '/') . '/', |
| 523 | 'read' => $this->canAccessSensitiveFiles(), |
| 524 | 'write' => $this->canEditSensitiveFiles(), |
| 525 | 'hidden' => !$this->canAccessSensitiveFiles(), |
| 526 | 'locked' => !$this->canEditSensitiveFiles() |
| 527 | ); |
| 528 | array_push($opts['roots'][0]['attributes'], $attributes); |
| 529 | } |
| 530 | } |
| 531 | |
| 532 | // .htaccess |
| 533 | if(isset($this->options['njt_fs_file_manager_settings']['enable_htaccess']) && ($this->options['njt_fs_file_manager_settings']['enable_htaccess'] == '1')) { |
| 534 | $attributes = array( |
| 535 | 'pattern' => '/.htaccess/', |
| 536 | 'read' => true, |
| 537 | 'write' => false, |
| 538 | 'hidden' => true, |
| 539 | 'locked' => true |
| 540 | ); |
| 541 | array_push($opts['roots'][0]['attributes'], $attributes); |
| 542 | } |
| 543 | |
| 544 | //End --setting User Role Restrictions |
| 545 | |
| 546 | $connector = new \elFinderConnector(new \elFinder($opts)); |
| 547 | $connector->run(); |
| 548 | wp_die(); |
| 549 | } |
| 550 | |
| 551 | public function selectorThemes() |
| 552 | { |
| 553 | if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die(); |
| 554 | check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true); |
| 555 | |
| 556 | $themesValue = sanitize_text_field ($_POST['themesValue']); |
| 557 | $selectorThemes = get_option('njt_fs_selector_themes'); |
| 558 | if (empty($selectorThemes[$this->userRole])) { |
| 559 | $selectorThemes[$this->userRole]['themesValue'] = 'Default'; |
| 560 | update_option('njt_fs_selector_themes', $selectorThemes); |
| 561 | } |
| 562 | |
| 563 | if ($selectorThemes[$this->userRole]['themesValue'] != $themesValue) { |
| 564 | $selectorThemes[$this->userRole]['themesValue'] = $themesValue; |
| 565 | update_option('njt_fs_selector_themes', $selectorThemes); |
| 566 | } |
| 567 | $selected_themes = get_option('njt_fs_selector_themes'); |
| 568 | $linkThemes = plugins_url('/lib/themes/' . $selected_themes[$this->userRole]['themesValue'] . '/css/theme.css', __FILE__); |
| 569 | wp_send_json_success($linkThemes); |
| 570 | wp_die(); |
| 571 | } |
| 572 | |
| 573 | public function saveOptions() |
| 574 | { |
| 575 | //if(isset($_POST['njt-settings-form-submit'])) { |
| 576 | update_option('njt_fs_settings', $this->options); |
| 577 | // if($u) { |
| 578 | // $this->f('?page=njt-fs-filemanager-settings&status=1'); |
| 579 | // } else { |
| 580 | // $this->f('?page=njt-fs-filemanager-settings&status=2'); |
| 581 | // } |
| 582 | // } |
| 583 | } |
| 584 | |
| 585 | public function f($u) { |
| 586 | echo '<script>'; |
| 587 | echo 'window.location.href="'.$u.'"'; |
| 588 | echo '</script>'; |
| 589 | } |
| 590 | |
| 591 | public function getArrRoleRestrictions() |
| 592 | { |
| 593 | if(!wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die(); |
| 594 | check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true); |
| 595 | $valueUserRole = filter_var($_POST['valueUserRole']) ? sanitize_text_field ($_POST['valueUserRole']) : ''; |
| 596 | $arrRestrictions = !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions']) ? $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'] : array(); |
| 597 | $dataArrRoleRestrictions = array ( |
| 598 | 'disable_operations' => implode(",", !empty($arrRestrictions[$valueUserRole]['list_user_restrictions_alow_access']) ? $arrRestrictions[$valueUserRole]['list_user_restrictions_alow_access'] : array()), |
| 599 | 'private_folder_access' => !empty($arrRestrictions[$valueUserRole]['private_folder_access']) ? str_replace("\\\\", "/", trim($arrRestrictions[$valueUserRole]['private_folder_access'])) : '', |
| 600 | 'private_url_folder_access' => !empty($arrRestrictions[$valueUserRole]['private_url_folder_access']) ? str_replace("\\\\", "/", trim($arrRestrictions[$valueUserRole]['private_url_folder_access'])) : '', |
| 601 | 'hide_paths' => implode(',', !empty($arrRestrictions[$valueUserRole]['hide_paths']) ? $arrRestrictions[$valueUserRole]['hide_paths'] : array()), |
| 602 | 'lock_files' => implode(',', !empty($arrRestrictions[$valueUserRole]['lock_files']) ? $arrRestrictions[$valueUserRole]['lock_files'] : array()), |
| 603 | 'can_upload_mime' => implode(',', !empty($arrRestrictions[$valueUserRole]['can_upload_mime']) ? $arrRestrictions[$valueUserRole]['can_upload_mime'] : array()) |
| 604 | ); |
| 605 | wp_send_json_success($dataArrRoleRestrictions); |
| 606 | wp_die(); |
| 607 | } |
| 608 | |
| 609 | public function njt_fs_saveSetting() |
| 610 | { |
| 611 | if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die(); |
| 612 | check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true); |
| 613 | |
| 614 | if (!current_user_can('manage_options')) { |
| 615 | wp_die(); |
| 616 | } |
| 617 | |
| 618 | $root_folder_path = !empty($_POST['root_folder_path']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['root_folder_path']))) : ''; |
| 619 | $root_folder_url = !empty($_POST['root_folder_url']) ? str_replace("\\\\", "/", trim(sanitize_url($_POST['root_folder_url']))) : site_url(); |
| 620 | $list_user_alow_access = !empty($_POST['list_user_alow_access']) ? explode(',', sanitize_text_field($_POST['list_user_alow_access'])) : array(); |
| 621 | $upload_max_size = !empty($_POST['upload_max_size']) ? sanitize_text_field(trim($_POST['upload_max_size'])) : 0; |
| 622 | $fm_locale = !empty($_POST['fm_locale']) ? sanitize_text_field($_POST['fm_locale']) : 'en'; |
| 623 | $enable_htaccess = isset($_POST['enable_htaccess']) && $_POST['enable_htaccess'] == 'true' ? 1 : 0; |
| 624 | $enable_trash = isset($_POST['enable_trash']) && $_POST['enable_trash'] == 'true' ? 1 : 0; |
| 625 | $enable_sensitive_protection = isset($_POST['enable_sensitive_protection']) && $_POST['enable_sensitive_protection'] == 'true' ? 1 : 0; |
| 626 | //save options |
| 627 | $this->options['njt_fs_file_manager_settings']['root_folder_path'] = $root_folder_path; |
| 628 | $this->options['njt_fs_file_manager_settings']['root_folder_url'] = $root_folder_url; |
| 629 | $this->options['njt_fs_file_manager_settings']['list_user_alow_access'] = $list_user_alow_access; |
| 630 | $this->options['njt_fs_file_manager_settings']['upload_max_size'] = $upload_max_size; |
| 631 | $this->options['njt_fs_file_manager_settings']['fm_locale'] = $fm_locale; |
| 632 | $this->options['njt_fs_file_manager_settings']['enable_htaccess'] = $enable_htaccess; |
| 633 | $this->options['njt_fs_file_manager_settings']['enable_trash'] = $enable_trash; |
| 634 | $this->options['njt_fs_file_manager_settings']['enable_sensitive_protection'] = $enable_sensitive_protection; |
| 635 | //update options |
| 636 | update_option('njt_fs_settings', $this->options); |
| 637 | wp_send_json_success(get_option('njt_fs_settings')); |
| 638 | wp_die(); |
| 639 | } |
| 640 | |
| 641 | public function njt_fs_saveSettingRestrictions() { |
| 642 | if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die(); |
| 643 | check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true); |
| 644 | |
| 645 | if (!current_user_can('manage_options')) { |
| 646 | wp_die(); |
| 647 | } |
| 648 | |
| 649 | if(! $_POST['njt_fs_list_user_restrictions']) wp_die(); |
| 650 | |
| 651 | $njt_fs_list_user_restrictions = sanitize_text_field($_POST['njt_fs_list_user_restrictions']); |
| 652 | $list_user_restrictions_alow_access = !empty($_POST['list_user_restrictions_alow_access']) ? explode(',', sanitize_text_field($_POST['list_user_restrictions_alow_access'])) : array(); |
| 653 | $private_folder_access = !empty($_POST['private_folder_access']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['private_folder_access']))) : ''; |
| 654 | $private_url_folder_access = !empty($_POST['private_url_folder_access']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['private_url_folder_access']))) : ''; |
| 655 | $hide_paths = !empty($_POST['hide_paths']) ? explode('|', preg_replace('/\s+/', '', sanitize_text_field($_POST['hide_paths']))) : array(); |
| 656 | $lock_files = !empty($_POST['lock_files']) ? explode('|', preg_replace('/\s+/', '', sanitize_text_field($_POST['lock_files']))) : array(); |
| 657 | |
| 658 | $can_upload_mime = !empty($_POST['can_upload_mime']) ? explode(',', preg_replace('/\s+/', '', sanitize_text_field($_POST['can_upload_mime']))) : array(); |
| 659 | |
| 660 | $can_upload_mime = array_filter($can_upload_mime, function($item) { |
| 661 | $helper = new \FileManagerHelper(); |
| 662 | $listFileCanNotUpload = $helper->listFileCanNotUpload(); |
| 663 | return !in_array($item, $listFileCanNotUpload); |
| 664 | }); |
| 665 | |
| 666 | //save options |
| 667 | $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['list_user_restrictions_alow_access'] = $list_user_restrictions_alow_access; |
| 668 | $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['private_folder_access'] = $private_folder_access; |
| 669 | $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['private_url_folder_access'] = $private_url_folder_access; |
| 670 | $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['hide_paths'] = $hide_paths; |
| 671 | $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['lock_files'] = $lock_files; |
| 672 | $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['can_upload_mime'] = $can_upload_mime; |
| 673 | //update options |
| 674 | update_option('njt_fs_settings', $this->options); |
| 675 | wp_send_json_success(get_option('njt_fs_settings')); |
| 676 | wp_die(); |
| 677 | } |
| 678 | |
| 679 | public function canAccessSensitiveFiles() { |
| 680 | // Filter hook for developers |
| 681 | if (apply_filters('njt_fs_allow_sensitive_access', false)) { |
| 682 | return true; |
| 683 | } |
| 684 | |
| 685 | return false; |
| 686 | } |
| 687 | |
| 688 | public function canEditSensitiveFiles() { |
| 689 | // Filter hook for developers |
| 690 | if (apply_filters('njt_fs_allow_sensitive_edit', false)) { |
| 691 | return true; |
| 692 | } |
| 693 | |
| 694 | return false; |
| 695 | } |
| 696 | |
| 697 | } |