PluginProbe ʕ •ᴥ•ʔ
File Manager Pro – Filester / 2.0.2
File Manager Pro – Filester v2.0.2
2.1.1 trunk 1.6.1 1.7.6 1.8 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9 2.0 2.0.1 2.0.2 2.1.0
filester / includes / File_manager / FileManager.php
filester / includes / File_manager Last commit date
lib 6 months ago FileManager.php 6 months ago FileManagerHelper.php 6 months ago index.php 6 months ago
FileManager.php
697 lines
1 <?php
2 namespace NinjaFileManager\File_manager;
3
4 defined('ABSPATH') || exit;
5
6 /**
7 * Settings Page
8 */
9
10 class FileManager
11 {
12 protected static $instance = null;
13
14 /**
15 *
16 * @var object $options The object of the options class
17 *
18 * */
19 public $options;
20 public $fmCapability = '';
21 public $userRole = '';
22 private $hook_suffix = array();
23
24 public static function getInstance()
25 {
26 if (null == self::$instance) {
27 self::$instance = new self;
28 }
29
30 return self::$instance;
31 }
32
33 private function __construct()
34 {
35 //get user role
36 $user = wp_get_current_user();
37 $this->userRole = $user && $user->roles && isset($user->roles[0]) ? $user->roles[0] : '';
38
39 if ( empty($this->userRole) && isset($user->roles)) {
40 $role = '';
41 foreach( $user->roles as $key => $value) {
42 $role = $value;
43 }
44
45 $this->userRole = $role;
46 }
47
48 // Loading Options
49 // Options
50 $this->options = get_option('njt_fs_settings');
51 if(empty($this->options)) {
52 $this->options = array( // Setting up default values
53 'njt_fs_file_manager_settings' => array(
54 'root_folder_path' => ABSPATH,
55 'root_folder_url' => site_url(),
56 'enable_sensitive_protection' => '1'
57 ),
58 );
59 }
60 register_shutdown_function(array($this, 'saveOptions'));
61
62 add_action('init', array($this, 'isAlowUserAccess'));
63 if ($this->isAlowUserAccess()) {
64 add_action('admin_enqueue_scripts', array($this, 'enqueueAdminScripts'));
65 add_action('admin_menu', array($this, 'FileManager'));
66 add_action('wp_ajax_fs_connector', array($this, 'fsConnector'));
67 add_action('wp_ajax_selector_themes', array($this, 'selectorThemes'));
68 add_action('wp_ajax_get_role_restrictions', array($this, 'getArrRoleRestrictions'));
69 add_action('wp_ajax_njt_fs_save_setting', array($this, 'njt_fs_saveSetting'));
70 add_action('wp_ajax_njt_fs_save_setting_restrictions', array($this, 'njt_fs_saveSettingRestrictions'));
71
72 $optionReview = get_option('njt_fs_review');
73 if (time() >= (int)$optionReview && $optionReview !== '0'){
74 add_action('admin_notices', array($this, 'njt_fs_give_review'));
75 }
76
77 add_action('wp_ajax_njt_fs_save_review', array($this, 'njt_fs_save_review'));
78 }
79 }
80
81 public function njt_fs_give_review()
82 {
83 if (function_exists('get_current_screen')) {
84 if (get_current_screen()->id == 'file-manager_page_filester-settings' || get_current_screen()->id == 'toplevel_page_njt-fs-filemanager' || get_current_screen()->id == 'plugins') {
85 $this->enqueue_scripts();
86 ?>
87 <div class="notice notice-success is-dismissible" id="njt-fs-review">
88 <h3><?php _e('Give Filester a review', 'filester')?></h3>
89 <p>
90 <?php _e('Thank you for choosing Filester. We hope you love it. Could you take a couple of seconds posting a nice review to share your happy experience?', 'filester')?>
91 </p>
92 <p>
93 <?php _e('We will be forever grateful. Thank you in advance ;)', 'filester')?>
94 </p>
95 <p>
96 <a href="javascript:;" data="rateNow" class="button button-primary" style="margin-right: 5px"><?php _e('Rate now', 'filester')?></a>
97 <a href="javascript:;" data="later" class="button" style="margin-right: 5px"><?php _e('Later', 'filester')?></a>
98 <a href="javascript:;" data="alreadyDid" class="button"><?php _e('Already did', 'filester')?></a>
99 </p>
100 </div>
101 <?php
102 }
103 }
104 }
105
106 public function njt_fs_save_review()
107 {
108 if ( isset( $_POST ) ) {
109 $nonce = isset( $_POST['nonce'] ) ? sanitize_text_field( $_POST['nonce'] ) : null;
110 $field = isset( $_POST['field'] ) ? sanitize_text_field( $_POST['field'] ) : null;
111
112 if ( ! wp_verify_nonce( $nonce, 'njt-fs-review' ) ) {
113 wp_send_json_error( array( 'status' => 'Wrong nonce validate!' ) );
114 exit();
115 }
116
117 if ($field == 'later'){
118 update_option('njt_fs_review', time() + 3*60*60*24); //After 3 days show
119 } else if ($field == 'alreadyDid'){
120 update_option('njt_fs_review', 0);
121 }
122 wp_send_json_success();
123 }
124 wp_send_json_error( array( 'message' => 'Update fail!' ) );
125 }
126
127 public function enqueue_scripts(){
128 wp_enqueue_script('njt-fs-review', NJT_FS_BN_PLUGIN_URL . 'assets/js/review.js', array('jquery'), NJT_FS_BN_VERSION, false);
129 wp_localize_script('njt-fs-review', 'wpDataFs', array(
130 'admin_ajax' => admin_url('admin-ajax.php'),
131 'nonce' => wp_create_nonce("njt-fs-review"),
132 ));
133 }
134
135 public function isAlowUserAccess()
136 {
137 if($this->userRole) {
138 $allowed_roles = !empty($this->options['njt_fs_file_manager_settings']['list_user_alow_access']) ? $this->options['njt_fs_file_manager_settings']['list_user_alow_access'] : array();
139 if( in_array($this->userRole,$allowed_roles)) {
140 if (is_multisite() && $this->userRole == 'administrator') {
141 $this->fmCapability = 'activate_plugins';
142 }
143 $this->fmCapability = $this->userRole;
144 return true;
145 }
146 }
147 if (is_multisite() && is_super_admin()) {
148 $this->fmCapability = 'create_sites';
149 return true;
150 }
151
152 if (!is_multisite() && is_super_admin()) {
153 $this->fmCapability = 'administrator';
154 return true;
155 }
156 $this->fmCapability = 'read';
157 return false;
158 }
159
160 public function FileManager()
161 {
162 if( class_exists( 'NestedPages' ) ) {
163 $this->fmCapability = 'read';
164 }
165 $icon = 'data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48IURPQ1RZUEUgc3ZnIFBVQkxJQyAiLS8vVzNDLy9EVEQgU1ZHIDEuMS8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9HcmFwaGljcy9TVkcvMS4xL0RURC9zdmcxMS5kdGQiPjxzdmcgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgdmVyc2lvbj0iMS4xIiB3aWR0aD0iMjQiIGhlaWdodD0iMjQiIHZpZXdCb3g9IjAgMCAyNCAyNCI+PHBhdGggZD0iTTEwLDRINEMyLjg5LDQgMiw0Ljg5IDIsNlYxOEEyLDIgMCAwLDAgNCwyMEgyMEEyLDIgMCAwLDAgMjIsMThWOEMyMiw2Ljg5IDIxLjEsNiAyMCw2SDEyTDEwLDRaIiBmaWxsPSIjYTdhYWFkIi8+PC9zdmc+';
166 $display_suffix = add_menu_page(
167 __('Filester', 'textdomain'),
168 'File Manager',
169 $this->fmCapability,
170 'njt-fs-filemanager',
171 array($this, 'fsViewFileCallback'),
172 $icon,
173 9
174 );
175 if (is_multisite()) {
176 $settings_suffix = add_submenu_page (
177 'njt-fs-filemanager',
178 'Settings',
179 'Settings',
180 'create_sites',
181 'filester-settings',
182 array($this, 'fsSettingsPage') );
183 }
184
185 if (!is_multisite()) {
186 $settings_suffix = add_submenu_page (
187 'njt-fs-filemanager',
188 'Settings',
189 'Settings',
190 'manage_options',
191 'filester-settings',
192 array($this, 'fsSettingsPage') );
193 }
194
195 $this->hook_suffix = array($display_suffix, $settings_suffix);
196 }
197
198 public function fsViewFileCallback()
199 {
200 $viewPath = NJT_FS_BN_PLUGIN_PATH . 'views/pages/html-filemanager.php';
201 include_once $viewPath;
202 }
203
204 public function fsSettingsPage()
205 {
206 $viewPath = NJT_FS_BN_PLUGIN_PATH . 'views/pages/html-filemanager-settings.php';
207 include_once $viewPath;
208 }
209
210 public function enqueueAdminScripts($suffix)
211 {
212 if (in_array($suffix, $this->hook_suffix)) {
213 $selectorThemes = get_option('njt_fs_selector_themes');
214 if (empty($selectorThemes[$this->userRole])) {
215 $selectorThemes[$this->userRole]['themesValue'] = 'Default';
216 update_option('njt_fs_selector_themes', $selectorThemes);
217 }
218
219 $selectedTheme = $selectorThemes[$this->userRole]['themesValue'];
220
221 //elfinder css
222 wp_enqueue_style('elfinder.jq.css', plugins_url('/lib/jquery/jquery-ui.min.css', __FILE__));
223 wp_enqueue_style('elfinder.full.css', plugins_url('/lib/css/elfinder.min.css', __FILE__));
224 wp_enqueue_style('themes', plugins_url('/lib/css/theme.css', __FILE__));
225 wp_enqueue_style('themes-selector', plugins_url('/lib/themes/' . $selectedTheme . '/css/theme.css', __FILE__));
226
227 //elfinder core
228 if(version_compare(get_bloginfo('version'),'5.6', '>=') ){
229 wp_enqueue_script('jquery_min', plugins_url('/lib/jquery/jquery-ui.min.js', __FILE__));
230 } else {
231 wp_enqueue_script('jquery_min', plugins_url('/lib/jquery/jquery-ui-old.min.js', __FILE__));
232 }
233
234 //elfinder js, toastr JS, css custom
235 wp_register_style('njt_fs_toastr_css',NJT_FS_BN_PLUGIN_URL . 'assets/js/toastr/toastr.min.css');
236 wp_enqueue_style('njt_fs_toastr_css');
237 wp_enqueue_script('njt_fs_toastr_js', NJT_FS_BN_PLUGIN_URL . 'assets/js/toastr/toastr.min.js', array('jquery'), NJT_FS_BN_VERSION);
238
239 wp_register_style('file_manager_admin_css',NJT_FS_BN_PLUGIN_URL . 'assets/css/file_manager_admin.css');
240 wp_enqueue_style('file_manager_admin_css');
241 wp_enqueue_script('file_manager_admin', NJT_FS_BN_PLUGIN_URL . 'assets/js/file_manager_admin.js', array('jquery'), NJT_FS_BN_VERSION, true);
242
243 //js load elFinder
244 wp_enqueue_script('njt_fs_elFinder', plugins_url('/lib/js/elfinder.min.js', __FILE__));
245
246 wp_enqueue_script('njt_fs_elfinder_editor', plugins_url('/lib/js/extras/editors.default.js', __FILE__));
247 //js load fm_locale
248 if(isset($this->options['njt_fs_file_manager_settings']['fm_locale'])) {
249 $locale = $this->options['njt_fs_file_manager_settings']['fm_locale'];
250 if( !empty($locale) && $locale != 'en' && in_array($locale, njt_fs_locales(), true)) {
251 $locale = sanitize_file_name($locale);
252 wp_enqueue_script( 'njt_fs_fma_lang', plugins_url('lib/js/i18n/elfinder.'.$locale.'.js', __FILE__));
253 }
254 }
255
256 wp_localize_script('njt_fs_elFinder', 'wpData', array(
257 'admin_ajax' => admin_url('admin-ajax.php'),
258 'nonce' => wp_create_nonce("njt-fs-file-manager-admin"),
259 'PLUGIN_URL' => NJT_FS_BN_PLUGIN_URL .'includes/File_manager/lib/',
260 'PLUGIN_PATH' => NJT_FS_BN_PLUGIN_PATH.'includes/File_manager/lib/',
261 'PLUGIN_DIR'=> NJT_FS_BN_PLUGIN_DIR,
262 'ABSPATH'=> str_replace("\\", "/", ABSPATH),
263 'is_multisite' => is_multisite(),
264 'lang' => !empty( $this->options['njt_fs_file_manager_settings']['fm_locale']) ? sanitize_file_name($this->options['njt_fs_file_manager_settings']['fm_locale']) : '',
265 'nonce_connector' => wp_create_nonce('file-manager-security-token'),
266 ));
267 }
268 }
269
270 //File manager connector function
271
272 public function fsConnector()
273 {
274 check_ajax_referer( 'file-manager-security-token', 'nonce' );
275 $uploadMaxSize = isset($this->options['njt_fs_file_manager_settings']['upload_max_size']) && !empty($this->options['njt_fs_file_manager_settings']['upload_max_size']) ? $this->options['njt_fs_file_manager_settings']['upload_max_size'] : 0;
276
277 // Get and validate root folder path
278 $root_folder_path = isset($this->options['njt_fs_file_manager_settings']['root_folder_path']) && !empty($this->options['njt_fs_file_manager_settings']['root_folder_path'])
279 ? $this->options['njt_fs_file_manager_settings']['root_folder_path']
280 : ABSPATH;
281
282 // Get and validate root folder URL
283 $root_folder_url = isset($this->options['njt_fs_file_manager_settings']['root_folder_url']) && !empty($this->options['njt_fs_file_manager_settings']['root_folder_url'])
284 ? $this->options['njt_fs_file_manager_settings']['root_folder_url']
285 : site_url();
286
287 // Validate path exists and is readable - auto-fix if invalid
288 $path_needs_update = false;
289 if (!empty($root_folder_path) && (!is_dir($root_folder_path) || !is_readable($root_folder_path))) {
290 // Path is invalid, fallback to ABSPATH
291 $root_folder_path = ABSPATH;
292 $path_needs_update = true;
293 }
294
295 // Validate URL - auto-update to current site_url() if path was invalid
296 // This ensures URL matches the new server/domain
297 if ($path_needs_update) {
298 $root_folder_url = site_url();
299 }
300
301 // Auto-update saved settings if path/URL was invalid
302 if ($path_needs_update) {
303 $this->options['njt_fs_file_manager_settings']['root_folder_path'] = $root_folder_path;
304 $this->options['njt_fs_file_manager_settings']['root_folder_url'] = $root_folder_url;
305 update_option('njt_fs_settings', $this->options);
306 }
307
308 $opts = array(
309 'bind' => array(
310 'put.pre' => array(new \FileManagerHelper, 'madeStripcslashesFile'), // Check endcode when save file.
311 ),
312 'debug' => false,
313 'roots' => array(
314 array(
315 'driver' => 'LocalFileSystem',
316 'path' => $root_folder_path,
317 'URL' => $root_folder_url,
318 'tmpPath' => NJT_FS_BN_PLUGIN_PATH . 'includes/File_manager/lib/files/.tmp/',
319 'trashHash' => '', // default is empty, when not enable trash
320 'uploadMaxSize' => $uploadMaxSize .'M',
321 'winHashFix' => DIRECTORY_SEPARATOR !== '/',
322 'uploadOrder' => array('deny', 'allow'),
323 'uploadDeny' => array('htaccess'),
324 //'acceptedName' => 'validName',
325 'attributes' => array() // default is empty
326 ),
327 ),
328 );
329
330
331
332 //Enable Trash
333 if(isset($this->options['njt_fs_file_manager_settings']['enable_trash']) && ($this->options['njt_fs_file_manager_settings']['enable_trash'] == '1')) {
334 $trash = array(
335 'id' => '1',
336 'driver' => 'Trash',
337 'path' => NJT_FS_BN_PLUGIN_PATH.'includes/File_manager/lib/files/.trash/',
338 'tmbURL' => site_url() . '/includes/File_manager/lib/files/.trash/.tmb',
339 'winHashFix' => DIRECTORY_SEPARATOR !== '/',
340 'uploadDeny' => array('htaccess'),
341 'uploadAllow' => array('all'),
342 'uploadOrder' => array('deny', 'allow'),
343 // 'acceptedName' => 'validName',
344 'attributes' => array(
345 array(
346 'pattern' => '/.tmb/',
347 'read' => false,
348 'write' => false,
349 'hidden' => true,
350 'locked' => false
351 ),
352 array(
353 'pattern' => '/.gitkeep/',
354 'read' => false,
355 'write' => false,
356 'hidden' => true,
357 'locked' => false
358 )
359 )
360 );
361 $opts['roots'][0]['trashHash'] = 't1_Lw';
362 $opts['roots'][1] = $trash;
363 }
364
365 //Start --setting User Role Restrictions
366 $user = wp_get_current_user();
367 $userRoles = $user && $user->roles && $user->roles[0] ? $user->roles[0] : '';
368
369 //Disable Operations
370 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['list_user_restrictions_alow_access'])){
371 $opts['roots'][0]['disabled'] = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['list_user_restrictions_alow_access'];
372 }
373 //Creat root path for user
374 $private_path_valid = false;
375 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_folder_access'])){
376 $private_path = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_folder_access'] .'/';
377 // Validate private folder path exists and is readable
378 if (is_dir($private_path) && is_readable($private_path)) {
379 $opts['roots'][0]['path'] = $private_path;
380 $private_path_valid = true;
381 }
382 // If invalid, keep using default root path (already validated above)
383 }
384
385 //Creat url root path for user
386 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_url_folder_access']) && $private_path_valid){
387 $private_url = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_url_folder_access'] .'/';
388 $opts['roots'][0]['URL'] = $private_url;
389 }
390
391 //Folder or File Paths That You want to Hide
392 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['hide_paths'])){
393 foreach ($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['hide_paths'] as $key => $value){
394 $arrItemHidePath = array(
395 'pattern' => '~/'.$value.'~',
396 'read' => false,
397 'write' => false,
398 'hidden' => true,
399 'locked' => false
400 );
401 array_push($opts['roots'][0]['attributes'], $arrItemHidePath);
402 };
403 }
404
405 //File extensions which you want to Lock
406 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['lock_files'])){
407 foreach ($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['lock_files'] as $key => $value){
408 $arrItemLockFile = array(
409 'pattern' => '/'.$value.'/',
410 'read' => false,
411 'write' => false,
412 'hidden' => false,
413 'locked' => true
414 );
415 array_push($opts['roots'][0]['attributes'], $arrItemLockFile);
416 };
417 }
418
419 //Enter file extensions which can be uploaded
420 $flag = false;
421
422
423 if (is_multisite()) {
424 if( !current_user_can('create_sites') && empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) {
425 $opts['roots'][0]['uploadDeny'] = array('all');
426 $opts['roots'][0]['uploadAllow'] = array('');
427 } else if ( !current_user_can('create_sites') && !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) {
428 $opts['roots'][0]['uploadDeny'] = array('all');
429 $opts['roots'][0]['uploadAllow'] = array();
430 $arrCanUploadMime = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'];
431 $mimeTypes = new \FileManagerHelper();
432 $arrMimeTypes = $mimeTypes->getArrMimeTypes();
433 foreach ($arrMimeTypes as $key => $value){
434 if(in_array($key,$arrCanUploadMime)) {
435 $explodeValue = explode(',',$value);
436 foreach($explodeValue as $item) {
437 array_push($opts['roots'][0]['uploadAllow'], $item );
438 }
439 }
440
441 };
442 foreach ($arrCanUploadMime as $value){
443 if(strpos($value,"x-conference") !== false
444 || strpos($value,"video") !== false
445 || strpos($value,"text") !== false
446 || strpos($value,"model") !== false
447 || strpos($value,"message") !== false
448 || strpos($value,"image") !== false
449 || strpos($value,"font") !== false
450 || strpos($value,"chemical") !== false
451 || strpos($value,"audio") !== false
452 || strpos($value,"application") !== false
453 ) {
454 array_push($opts['roots'][0]['uploadAllow'], $value );
455 }
456 }
457
458 } else {
459 $opts['roots'][0]['uploadDeny'] = array();
460 $opts['roots'][0]['uploadAllow'] = array('all');
461 }
462 }
463
464 if (!is_multisite()) {
465 if($this->userRole !== 'administrator' && empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) {
466 $opts['roots'][0]['uploadDeny'] = array('all');
467 $opts['roots'][0]['uploadAllow'] = array('');
468 } else if ( $this->userRole !== 'administrator' && !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) {
469 $opts['roots'][0]['uploadDeny'] = array('all');
470 $opts['roots'][0]['uploadAllow'] = array();
471 $arrCanUploadMime = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'];
472 $mimeTypes = new \FileManagerHelper();
473 $arrMimeTypes = $mimeTypes->getArrMimeTypes();
474 foreach ($arrMimeTypes as $key => $value){
475 if(in_array($key,$arrCanUploadMime)) {
476 $explodeValue = explode(',',$value);
477 foreach($explodeValue as $item) {
478 $listFileCanNotUpload = $mimeTypes->listFileCanNotUpload();
479 if(!in_array($item, $listFileCanNotUpload)) {
480 array_push($opts['roots'][0]['uploadAllow'], $item );
481 }
482 }
483 }
484
485 };
486 foreach ($arrCanUploadMime as $value){
487 if(strpos($value,"x-conference") !== false
488 || strpos($value,"video") !== false
489 || strpos($value,"text") !== false
490 || strpos($value,"model") !== false
491 || strpos($value,"message") !== false
492 || strpos($value,"image") !== false
493 || strpos($value,"font") !== false
494 || strpos($value,"chemical") !== false
495 || strpos($value,"audio") !== false
496 || strpos($value,"application") !== false
497 ) {
498 array_push($opts['roots'][0]['uploadAllow'], $value );
499 }
500 }
501
502 } else {
503 $opts['roots'][0]['uploadDeny'] = array();
504 $opts['roots'][0]['uploadAllow'] = array('all');
505 }
506 }
507
508 // Sensitive files protection
509 if(isset($this->options['njt_fs_file_manager_settings']['enable_sensitive_protection']) && ($this->options['njt_fs_file_manager_settings']['enable_sensitive_protection'] == '1')) {
510 $sensitive_files = apply_filters('njt_fs_sensitive_files', array(
511 '.htaccess',
512 'wp-config.php',
513 '.env',
514 'wp-config-sample.php',
515 'readme.html',
516 'license.txt',
517 'xmlrpc.php'
518 ));
519
520 foreach ($sensitive_files as $file) {
521 $attributes = array(
522 'pattern' => '/' . preg_quote($file, '/') . '/',
523 'read' => $this->canAccessSensitiveFiles(),
524 'write' => $this->canEditSensitiveFiles(),
525 'hidden' => !$this->canAccessSensitiveFiles(),
526 'locked' => !$this->canEditSensitiveFiles()
527 );
528 array_push($opts['roots'][0]['attributes'], $attributes);
529 }
530 }
531
532 // .htaccess
533 if(isset($this->options['njt_fs_file_manager_settings']['enable_htaccess']) && ($this->options['njt_fs_file_manager_settings']['enable_htaccess'] == '1')) {
534 $attributes = array(
535 'pattern' => '/.htaccess/',
536 'read' => true,
537 'write' => false,
538 'hidden' => true,
539 'locked' => true
540 );
541 array_push($opts['roots'][0]['attributes'], $attributes);
542 }
543
544 //End --setting User Role Restrictions
545
546 $connector = new \elFinderConnector(new \elFinder($opts));
547 $connector->run();
548 wp_die();
549 }
550
551 public function selectorThemes()
552 {
553 if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die();
554 check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true);
555
556 $themesValue = sanitize_text_field ($_POST['themesValue']);
557 $selectorThemes = get_option('njt_fs_selector_themes');
558 if (empty($selectorThemes[$this->userRole])) {
559 $selectorThemes[$this->userRole]['themesValue'] = 'Default';
560 update_option('njt_fs_selector_themes', $selectorThemes);
561 }
562
563 if ($selectorThemes[$this->userRole]['themesValue'] != $themesValue) {
564 $selectorThemes[$this->userRole]['themesValue'] = $themesValue;
565 update_option('njt_fs_selector_themes', $selectorThemes);
566 }
567 $selected_themes = get_option('njt_fs_selector_themes');
568 $linkThemes = plugins_url('/lib/themes/' . $selected_themes[$this->userRole]['themesValue'] . '/css/theme.css', __FILE__);
569 wp_send_json_success($linkThemes);
570 wp_die();
571 }
572
573 public function saveOptions()
574 {
575 //if(isset($_POST['njt-settings-form-submit'])) {
576 update_option('njt_fs_settings', $this->options);
577 // if($u) {
578 // $this->f('?page=njt-fs-filemanager-settings&status=1');
579 // } else {
580 // $this->f('?page=njt-fs-filemanager-settings&status=2');
581 // }
582 // }
583 }
584
585 public function f($u) {
586 echo '<script>';
587 echo 'window.location.href="'.$u.'"';
588 echo '</script>';
589 }
590
591 public function getArrRoleRestrictions()
592 {
593 if(!wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die();
594 check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true);
595 $valueUserRole = filter_var($_POST['valueUserRole']) ? sanitize_text_field ($_POST['valueUserRole']) : '';
596 $arrRestrictions = !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions']) ? $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'] : array();
597 $dataArrRoleRestrictions = array (
598 'disable_operations' => implode(",", !empty($arrRestrictions[$valueUserRole]['list_user_restrictions_alow_access']) ? $arrRestrictions[$valueUserRole]['list_user_restrictions_alow_access'] : array()),
599 'private_folder_access' => !empty($arrRestrictions[$valueUserRole]['private_folder_access']) ? str_replace("\\\\", "/", trim($arrRestrictions[$valueUserRole]['private_folder_access'])) : '',
600 'private_url_folder_access' => !empty($arrRestrictions[$valueUserRole]['private_url_folder_access']) ? str_replace("\\\\", "/", trim($arrRestrictions[$valueUserRole]['private_url_folder_access'])) : '',
601 'hide_paths' => implode(',', !empty($arrRestrictions[$valueUserRole]['hide_paths']) ? $arrRestrictions[$valueUserRole]['hide_paths'] : array()),
602 'lock_files' => implode(',', !empty($arrRestrictions[$valueUserRole]['lock_files']) ? $arrRestrictions[$valueUserRole]['lock_files'] : array()),
603 'can_upload_mime' => implode(',', !empty($arrRestrictions[$valueUserRole]['can_upload_mime']) ? $arrRestrictions[$valueUserRole]['can_upload_mime'] : array())
604 );
605 wp_send_json_success($dataArrRoleRestrictions);
606 wp_die();
607 }
608
609 public function njt_fs_saveSetting()
610 {
611 if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die();
612 check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true);
613
614 if (!current_user_can('manage_options')) {
615 wp_die();
616 }
617
618 $root_folder_path = !empty($_POST['root_folder_path']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['root_folder_path']))) : '';
619 $root_folder_url = !empty($_POST['root_folder_url']) ? str_replace("\\\\", "/", trim(sanitize_url($_POST['root_folder_url']))) : site_url();
620 $list_user_alow_access = !empty($_POST['list_user_alow_access']) ? explode(',', sanitize_text_field($_POST['list_user_alow_access'])) : array();
621 $upload_max_size = !empty($_POST['upload_max_size']) ? sanitize_text_field(trim($_POST['upload_max_size'])) : 0;
622 $fm_locale = !empty($_POST['fm_locale']) ? sanitize_text_field($_POST['fm_locale']) : 'en';
623 $enable_htaccess = isset($_POST['enable_htaccess']) && $_POST['enable_htaccess'] == 'true' ? 1 : 0;
624 $enable_trash = isset($_POST['enable_trash']) && $_POST['enable_trash'] == 'true' ? 1 : 0;
625 $enable_sensitive_protection = isset($_POST['enable_sensitive_protection']) && $_POST['enable_sensitive_protection'] == 'true' ? 1 : 0;
626 //save options
627 $this->options['njt_fs_file_manager_settings']['root_folder_path'] = $root_folder_path;
628 $this->options['njt_fs_file_manager_settings']['root_folder_url'] = $root_folder_url;
629 $this->options['njt_fs_file_manager_settings']['list_user_alow_access'] = $list_user_alow_access;
630 $this->options['njt_fs_file_manager_settings']['upload_max_size'] = $upload_max_size;
631 $this->options['njt_fs_file_manager_settings']['fm_locale'] = $fm_locale;
632 $this->options['njt_fs_file_manager_settings']['enable_htaccess'] = $enable_htaccess;
633 $this->options['njt_fs_file_manager_settings']['enable_trash'] = $enable_trash;
634 $this->options['njt_fs_file_manager_settings']['enable_sensitive_protection'] = $enable_sensitive_protection;
635 //update options
636 update_option('njt_fs_settings', $this->options);
637 wp_send_json_success(get_option('njt_fs_settings'));
638 wp_die();
639 }
640
641 public function njt_fs_saveSettingRestrictions() {
642 if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die();
643 check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true);
644
645 if (!current_user_can('manage_options')) {
646 wp_die();
647 }
648
649 if(! $_POST['njt_fs_list_user_restrictions']) wp_die();
650
651 $njt_fs_list_user_restrictions = sanitize_text_field($_POST['njt_fs_list_user_restrictions']);
652 $list_user_restrictions_alow_access = !empty($_POST['list_user_restrictions_alow_access']) ? explode(',', sanitize_text_field($_POST['list_user_restrictions_alow_access'])) : array();
653 $private_folder_access = !empty($_POST['private_folder_access']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['private_folder_access']))) : '';
654 $private_url_folder_access = !empty($_POST['private_url_folder_access']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['private_url_folder_access']))) : '';
655 $hide_paths = !empty($_POST['hide_paths']) ? explode('|', preg_replace('/\s+/', '', sanitize_text_field($_POST['hide_paths']))) : array();
656 $lock_files = !empty($_POST['lock_files']) ? explode('|', preg_replace('/\s+/', '', sanitize_text_field($_POST['lock_files']))) : array();
657
658 $can_upload_mime = !empty($_POST['can_upload_mime']) ? explode(',', preg_replace('/\s+/', '', sanitize_text_field($_POST['can_upload_mime']))) : array();
659
660 $can_upload_mime = array_filter($can_upload_mime, function($item) {
661 $helper = new \FileManagerHelper();
662 $listFileCanNotUpload = $helper->listFileCanNotUpload();
663 return !in_array($item, $listFileCanNotUpload);
664 });
665
666 //save options
667 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['list_user_restrictions_alow_access'] = $list_user_restrictions_alow_access;
668 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['private_folder_access'] = $private_folder_access;
669 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['private_url_folder_access'] = $private_url_folder_access;
670 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['hide_paths'] = $hide_paths;
671 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['lock_files'] = $lock_files;
672 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['can_upload_mime'] = $can_upload_mime;
673 //update options
674 update_option('njt_fs_settings', $this->options);
675 wp_send_json_success(get_option('njt_fs_settings'));
676 wp_die();
677 }
678
679 public function canAccessSensitiveFiles() {
680 // Filter hook for developers
681 if (apply_filters('njt_fs_allow_sensitive_access', false)) {
682 return true;
683 }
684
685 return false;
686 }
687
688 public function canEditSensitiveFiles() {
689 // Filter hook for developers
690 if (apply_filters('njt_fs_allow_sensitive_edit', false)) {
691 return true;
692 }
693
694 return false;
695 }
696
697 }