PluginProbe ʕ •ᴥ•ʔ
File Manager Pro – Filester / 2.1.1
File Manager Pro – Filester v2.1.1
2.1.1 trunk 1.6.1 1.7.6 1.8 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9 2.0 2.0.1 2.0.2 2.1.0
filester / includes / File_manager / FileManager.php
filester / includes / File_manager Last commit date
lib 1 month ago FileManager.php 1 month ago FileManagerHelper.php 1 month ago index.php 1 month ago
FileManager.php
703 lines
1 <?php
2 namespace NinjaFileManager\File_manager;
3
4 defined('ABSPATH') || exit;
5
6 /**
7 * Settings Page
8 */
9
10 class FileManager
11 {
12 protected static $instance = null;
13
14 /**
15 *
16 * @var object $options The object of the options class
17 *
18 * */
19 public $options;
20 public $fmCapability = '';
21 public $userRole = '';
22 private $hook_suffix = array();
23
24 public static function getInstance()
25 {
26 if (null == self::$instance) {
27 self::$instance = new self;
28 }
29
30 return self::$instance;
31 }
32
33 private function __construct()
34 {
35 //get user role
36 $user = wp_get_current_user();
37 $this->userRole = $user && $user->roles && isset($user->roles[0]) ? $user->roles[0] : '';
38
39 if ( empty($this->userRole) && isset($user->roles)) {
40 $role = '';
41 foreach( $user->roles as $key => $value) {
42 $role = $value;
43 }
44
45 $this->userRole = $role;
46 }
47
48 // Loading Options
49 // Options
50 $this->options = get_option('njt_fs_settings');
51 if(empty($this->options)) {
52 $this->options = array( // Setting up default values
53 'njt_fs_file_manager_settings' => array(
54 'root_folder_path' => ABSPATH,
55 'root_folder_url' => site_url(),
56 'enable_sensitive_protection' => '1'
57 ),
58 );
59 }
60 register_shutdown_function(array($this, 'saveOptions'));
61
62 add_action('init', array($this, 'isAlowUserAccess'));
63 if ($this->isAlowUserAccess()) {
64 add_action('admin_enqueue_scripts', array($this, 'enqueueAdminScripts'));
65 add_action('admin_menu', array($this, 'FileManager'));
66 add_action('wp_ajax_fs_connector', array($this, 'fsConnector'));
67 add_action('wp_ajax_selector_themes', array($this, 'selectorThemes'));
68 add_action('wp_ajax_get_role_restrictions', array($this, 'getArrRoleRestrictions'));
69 add_action('wp_ajax_njt_fs_save_setting', array($this, 'njt_fs_saveSetting'));
70 add_action('wp_ajax_njt_fs_save_setting_restrictions', array($this, 'njt_fs_saveSettingRestrictions'));
71
72 $optionReview = get_option('njt_fs_review');
73 if (time() >= (int)$optionReview && $optionReview !== '0'){
74 add_action('admin_notices', array($this, 'njt_fs_give_review'));
75 }
76
77 add_action('wp_ajax_njt_fs_save_review', array($this, 'njt_fs_save_review'));
78 }
79 }
80
81 public function njt_fs_give_review()
82 {
83 if (function_exists('get_current_screen')) {
84 if (get_current_screen()->id == 'file-manager_page_filester-settings' || get_current_screen()->id == 'toplevel_page_njt-fs-filemanager' || get_current_screen()->id == 'plugins') {
85 $this->enqueue_scripts();
86 ?>
87 <div class="notice notice-success is-dismissible" id="njt-fs-review">
88 <h3><?php _e('Give Filester a review', 'filester')?></h3>
89 <p>
90 <?php _e('Thank you for choosing Filester. We hope you love it. Could you take a couple of seconds posting a nice review to share your happy experience?', 'filester')?>
91 </p>
92 <p>
93 <?php _e('We will be forever grateful. Thank you in advance ;)', 'filester')?>
94 </p>
95 <p>
96 <a href="javascript:;" data="rateNow" class="button button-primary" style="margin-right: 5px"><?php _e('Rate now', 'filester')?></a>
97 <a href="javascript:;" data="later" class="button" style="margin-right: 5px"><?php _e('Later', 'filester')?></a>
98 <a href="javascript:;" data="alreadyDid" class="button"><?php _e('Already did', 'filester')?></a>
99 </p>
100 </div>
101 <?php
102 }
103 }
104 }
105
106 public function njt_fs_save_review()
107 {
108 if ( isset( $_POST ) ) {
109 $nonce = isset( $_POST['nonce'] ) ? sanitize_text_field( $_POST['nonce'] ) : null;
110 $field = isset( $_POST['field'] ) ? sanitize_text_field( $_POST['field'] ) : null;
111
112 if ( ! wp_verify_nonce( $nonce, 'njt-fs-review' ) ) {
113 wp_send_json_error( array( 'status' => 'Wrong nonce validate!' ) );
114 exit();
115 }
116
117 if ($field == 'later'){
118 update_option('njt_fs_review', time() + 3*60*60*24); //After 3 days show
119 } else if ($field == 'alreadyDid'){
120 update_option('njt_fs_review', 0);
121 }
122 wp_send_json_success();
123 }
124 wp_send_json_error( array( 'message' => 'Update fail!' ) );
125 }
126
127 public function enqueue_scripts(){
128 wp_enqueue_script('njt-fs-review', NJT_FS_BN_PLUGIN_URL . 'assets/js/review.js', array('jquery'), NJT_FS_BN_VERSION, false);
129 wp_localize_script('njt-fs-review', 'wpDataFs', array(
130 'admin_ajax' => admin_url('admin-ajax.php'),
131 'nonce' => wp_create_nonce("njt-fs-review"),
132 ));
133 }
134
135 public function isAlowUserAccess()
136 {
137 if($this->userRole) {
138 $allowed_roles = !empty($this->options['njt_fs_file_manager_settings']['list_user_alow_access']) ? $this->options['njt_fs_file_manager_settings']['list_user_alow_access'] : array();
139 if( in_array($this->userRole,$allowed_roles)) {
140 if (is_multisite() && $this->userRole == 'administrator') {
141 $this->fmCapability = 'activate_plugins';
142 }
143 $this->fmCapability = $this->userRole;
144 return true;
145 }
146 }
147 if (is_multisite() && is_super_admin()) {
148 $this->fmCapability = 'create_sites';
149 return true;
150 }
151
152 if (!is_multisite() && is_super_admin()) {
153 $this->fmCapability = 'administrator';
154 return true;
155 }
156 $this->fmCapability = 'read';
157 return false;
158 }
159
160 public function FileManager()
161 {
162 if( class_exists( 'NestedPages' ) ) {
163 $this->fmCapability = 'read';
164 }
165 $icon = 'data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48IURPQ1RZUEUgc3ZnIFBVQkxJQyAiLS8vVzNDLy9EVEQgU1ZHIDEuMS8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9HcmFwaGljcy9TVkcvMS4xL0RURC9zdmcxMS5kdGQiPjxzdmcgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgdmVyc2lvbj0iMS4xIiB3aWR0aD0iMjQiIGhlaWdodD0iMjQiIHZpZXdCb3g9IjAgMCAyNCAyNCI+PHBhdGggZD0iTTEwLDRINEMyLjg5LDQgMiw0Ljg5IDIsNlYxOEEyLDIgMCAwLDAgNCwyMEgyMEEyLDIgMCAwLDAgMjIsMThWOEMyMiw2Ljg5IDIxLjEsNiAyMCw2SDEyTDEwLDRaIiBmaWxsPSIjYTdhYWFkIi8+PC9zdmc+';
166 $display_suffix = add_menu_page(
167 __('Filester', 'textdomain'),
168 'File Manager',
169 $this->fmCapability,
170 'njt-fs-filemanager',
171 array($this, 'fsViewFileCallback'),
172 $icon,
173 9
174 );
175 if (is_multisite()) {
176 $settings_suffix = add_submenu_page (
177 'njt-fs-filemanager',
178 'Settings',
179 'Settings',
180 'create_sites',
181 'filester-settings',
182 array($this, 'fsSettingsPage') );
183 }
184
185 if (!is_multisite()) {
186 $settings_suffix = add_submenu_page (
187 'njt-fs-filemanager',
188 'Settings',
189 'Settings',
190 'manage_options',
191 'filester-settings',
192 array($this, 'fsSettingsPage') );
193 }
194
195 $this->hook_suffix = array($display_suffix, $settings_suffix);
196 }
197
198 public function fsViewFileCallback()
199 {
200 $viewPath = NJT_FS_BN_PLUGIN_PATH . 'views/pages/html-filemanager.php';
201 include_once $viewPath;
202 }
203
204 public function fsSettingsPage()
205 {
206 $viewPath = NJT_FS_BN_PLUGIN_PATH . 'views/pages/html-filemanager-settings.php';
207 include_once $viewPath;
208 }
209
210 public function enqueueAdminScripts($suffix)
211 {
212 if (in_array($suffix, $this->hook_suffix)) {
213 $selectorThemes = get_option('njt_fs_selector_themes', array());
214 if (!is_array($selectorThemes)) {
215 $selectorThemes = array();
216 }
217 if (empty($selectorThemes[$this->userRole])) {
218 $selectorThemes[$this->userRole] = array('themesValue' => 'Default');
219 update_option('njt_fs_selector_themes', $selectorThemes);
220 }
221
222 $selectedTheme = $selectorThemes[$this->userRole]['themesValue'];
223
224 //elfinder css
225 wp_enqueue_style('elfinder.jq.css', plugins_url('/lib/jquery/jquery-ui.min.css', __FILE__));
226 wp_enqueue_style('elfinder.full.css', plugins_url('/lib/css/elfinder.min.css', __FILE__));
227 wp_enqueue_style('themes', plugins_url('/lib/css/theme.css', __FILE__));
228 wp_enqueue_style('themes-selector', plugins_url('/lib/themes/' . $selectedTheme . '/css/theme.css', __FILE__));
229
230 //elfinder core
231 if(version_compare(get_bloginfo('version'),'5.6', '>=') ){
232 wp_enqueue_script('jquery_min', plugins_url('/lib/jquery/jquery-ui.min.js', __FILE__));
233 } else {
234 wp_enqueue_script('jquery_min', plugins_url('/lib/jquery/jquery-ui-old.min.js', __FILE__));
235 }
236
237 //elfinder js, toastr JS, css custom
238 wp_register_style('njt_fs_toastr_css',NJT_FS_BN_PLUGIN_URL . 'assets/js/toastr/toastr.min.css');
239 wp_enqueue_style('njt_fs_toastr_css');
240 wp_enqueue_script('njt_fs_toastr_js', NJT_FS_BN_PLUGIN_URL . 'assets/js/toastr/toastr.min.js', array('jquery'), NJT_FS_BN_VERSION);
241
242 wp_register_style('file_manager_admin_css',NJT_FS_BN_PLUGIN_URL . 'assets/css/file_manager_admin.css');
243 wp_enqueue_style('file_manager_admin_css');
244 wp_enqueue_script('file_manager_admin', NJT_FS_BN_PLUGIN_URL . 'assets/js/file_manager_admin.js', array('jquery'), NJT_FS_BN_VERSION, true);
245
246 //js load elFinder
247 wp_enqueue_script('njt_fs_elFinder', plugins_url('/lib/js/elfinder.min.js', __FILE__));
248
249 wp_enqueue_script('njt_fs_elfinder_editor', plugins_url('/lib/js/extras/editors.default.js', __FILE__));
250 //js load fm_locale
251 if(isset($this->options['njt_fs_file_manager_settings']['fm_locale'])) {
252 $locale = $this->options['njt_fs_file_manager_settings']['fm_locale'];
253 if( !empty($locale) && $locale != 'en' && in_array($locale, njt_fs_locales(), true)) {
254 $locale = sanitize_file_name($locale);
255 wp_enqueue_script( 'njt_fs_fma_lang', plugins_url('lib/js/i18n/elfinder.'.$locale.'.js', __FILE__));
256 }
257 }
258
259 wp_localize_script('njt_fs_elFinder', 'wpData', array(
260 'admin_ajax' => admin_url('admin-ajax.php'),
261 'nonce' => wp_create_nonce("njt-fs-file-manager-admin"),
262 'PLUGIN_URL' => NJT_FS_BN_PLUGIN_URL .'includes/File_manager/lib/',
263 'PLUGIN_PATH' => NJT_FS_BN_PLUGIN_PATH.'includes/File_manager/lib/',
264 'PLUGIN_DIR'=> NJT_FS_BN_PLUGIN_DIR,
265 'ABSPATH'=> str_replace("\\", "/", ABSPATH),
266 'is_multisite' => is_multisite(),
267 'lang' => !empty( $this->options['njt_fs_file_manager_settings']['fm_locale']) ? sanitize_file_name($this->options['njt_fs_file_manager_settings']['fm_locale']) : '',
268 'nonce_connector' => wp_create_nonce('file-manager-security-token'),
269 ));
270 }
271 }
272
273 //File manager connector function
274
275 public function fsConnector()
276 {
277 check_ajax_referer( 'file-manager-security-token', 'nonce' );
278 $uploadMaxSize = isset($this->options['njt_fs_file_manager_settings']['upload_max_size']) && !empty($this->options['njt_fs_file_manager_settings']['upload_max_size']) ? $this->options['njt_fs_file_manager_settings']['upload_max_size'] : 0;
279
280 // Get and validate root folder path
281 $root_folder_path = isset($this->options['njt_fs_file_manager_settings']['root_folder_path']) && !empty($this->options['njt_fs_file_manager_settings']['root_folder_path'])
282 ? $this->options['njt_fs_file_manager_settings']['root_folder_path']
283 : ABSPATH;
284
285 // Get and validate root folder URL
286 $root_folder_url = isset($this->options['njt_fs_file_manager_settings']['root_folder_url']) && !empty($this->options['njt_fs_file_manager_settings']['root_folder_url'])
287 ? $this->options['njt_fs_file_manager_settings']['root_folder_url']
288 : site_url();
289
290 // Validate path exists and is readable - auto-fix if invalid
291 $path_needs_update = false;
292 if (!empty($root_folder_path) && (!is_dir($root_folder_path) || !is_readable($root_folder_path))) {
293 // Path is invalid, fallback to ABSPATH
294 $root_folder_path = ABSPATH;
295 $path_needs_update = true;
296 }
297
298 // Validate URL - auto-update to current site_url() if path was invalid
299 // This ensures URL matches the new server/domain
300 if ($path_needs_update) {
301 $root_folder_url = site_url();
302 }
303
304 // Auto-update saved settings if path/URL was invalid
305 if ($path_needs_update) {
306 $this->options['njt_fs_file_manager_settings']['root_folder_path'] = $root_folder_path;
307 $this->options['njt_fs_file_manager_settings']['root_folder_url'] = $root_folder_url;
308 update_option('njt_fs_settings', $this->options);
309 }
310
311 $opts = array(
312 'bind' => array(
313 'put.pre' => array(new \FileManagerHelper, 'madeStripcslashesFile'), // Check endcode when save file.
314 ),
315 'debug' => false,
316 'roots' => array(
317 array(
318 'driver' => 'LocalFileSystem',
319 'path' => $root_folder_path,
320 'URL' => $root_folder_url,
321 'tmpPath' => NJT_FS_BN_PLUGIN_PATH . 'includes/File_manager/lib/files/.tmp/',
322 'trashHash' => '', // default is empty, when not enable trash
323 'uploadMaxSize' => $uploadMaxSize .'M',
324 'winHashFix' => DIRECTORY_SEPARATOR !== '/',
325 'uploadOrder' => array('deny', 'allow'),
326 'uploadDeny' => array('htaccess'),
327 //'acceptedName' => 'validName',
328 'attributes' => array() // default is empty
329 ),
330 ),
331 );
332
333
334
335 //Enable Trash
336 if(isset($this->options['njt_fs_file_manager_settings']['enable_trash']) && ($this->options['njt_fs_file_manager_settings']['enable_trash'] == '1')) {
337 $trash = array(
338 'id' => '1',
339 'driver' => 'Trash',
340 'path' => NJT_FS_BN_PLUGIN_PATH.'includes/File_manager/lib/files/.trash/',
341 'tmbURL' => site_url() . '/includes/File_manager/lib/files/.trash/.tmb',
342 'winHashFix' => DIRECTORY_SEPARATOR !== '/',
343 'uploadDeny' => array('htaccess'),
344 'uploadAllow' => array('all'),
345 'uploadOrder' => array('deny', 'allow'),
346 // 'acceptedName' => 'validName',
347 'attributes' => array(
348 array(
349 'pattern' => '/.tmb/',
350 'read' => false,
351 'write' => false,
352 'hidden' => true,
353 'locked' => false
354 ),
355 array(
356 'pattern' => '/.gitkeep/',
357 'read' => false,
358 'write' => false,
359 'hidden' => true,
360 'locked' => false
361 )
362 )
363 );
364 $opts['roots'][0]['trashHash'] = 't1_Lw';
365 $opts['roots'][1] = $trash;
366 }
367
368 //Start --setting User Role Restrictions
369 $user = wp_get_current_user();
370 $userRoles = $user && $user->roles && $user->roles[0] ? $user->roles[0] : '';
371
372 //Disable Operations
373 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['list_user_restrictions_alow_access'])){
374 $opts['roots'][0]['disabled'] = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['list_user_restrictions_alow_access'];
375 }
376 //Creat root path for user
377 $private_path_valid = false;
378 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_folder_access'])){
379 $private_path = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_folder_access'] .'/';
380 // Validate private folder path exists and is readable
381 if (is_dir($private_path) && is_readable($private_path)) {
382 $opts['roots'][0]['path'] = $private_path;
383 $private_path_valid = true;
384 }
385 // If invalid, keep using default root path (already validated above)
386 }
387
388 //Creat url root path for user
389 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_url_folder_access']) && $private_path_valid){
390 $private_url = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['private_url_folder_access'] .'/';
391 $opts['roots'][0]['URL'] = $private_url;
392 }
393
394 //Folder or File Paths That You want to Hide
395 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['hide_paths'])){
396 foreach ($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['hide_paths'] as $key => $value){
397 $arrItemHidePath = array(
398 'pattern' => '~/'.$value.'~',
399 'read' => false,
400 'write' => false,
401 'hidden' => true,
402 'locked' => false
403 );
404 array_push($opts['roots'][0]['attributes'], $arrItemHidePath);
405 };
406 }
407
408 //File extensions which you want to Lock
409 if(!empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['lock_files'])){
410 foreach ($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['lock_files'] as $key => $value){
411 $arrItemLockFile = array(
412 'pattern' => '/'.$value.'/',
413 'read' => false,
414 'write' => false,
415 'hidden' => false,
416 'locked' => true
417 );
418 array_push($opts['roots'][0]['attributes'], $arrItemLockFile);
419 };
420 }
421
422 //Enter file extensions which can be uploaded
423 $flag = false;
424
425
426 if (is_multisite()) {
427 if( !current_user_can('create_sites') && empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) {
428 $opts['roots'][0]['uploadDeny'] = array('all');
429 $opts['roots'][0]['uploadAllow'] = array('');
430 } else if ( !current_user_can('create_sites') && !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) {
431 $opts['roots'][0]['uploadDeny'] = array('all');
432 $opts['roots'][0]['uploadAllow'] = array();
433 $arrCanUploadMime = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'];
434 $mimeTypes = new \FileManagerHelper();
435 $arrMimeTypes = $mimeTypes->getArrMimeTypes();
436 foreach ($arrMimeTypes as $key => $value){
437 if(in_array($key,$arrCanUploadMime)) {
438 $explodeValue = explode(',',$value);
439 foreach($explodeValue as $item) {
440 array_push($opts['roots'][0]['uploadAllow'], $item );
441 }
442 }
443
444 };
445 foreach ($arrCanUploadMime as $value){
446 if(strpos($value,"x-conference") !== false
447 || strpos($value,"video") !== false
448 || strpos($value,"text") !== false
449 || strpos($value,"model") !== false
450 || strpos($value,"message") !== false
451 || strpos($value,"image") !== false
452 || strpos($value,"font") !== false
453 || strpos($value,"chemical") !== false
454 || strpos($value,"audio") !== false
455 || strpos($value,"application") !== false
456 ) {
457 array_push($opts['roots'][0]['uploadAllow'], $value );
458 }
459 }
460
461 } else {
462 $opts['roots'][0]['uploadDeny'] = array();
463 $opts['roots'][0]['uploadAllow'] = array('all');
464 }
465 }
466
467 if (!is_multisite()) {
468 if($this->userRole !== 'administrator' && empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) {
469 $opts['roots'][0]['uploadDeny'] = array('all');
470 $opts['roots'][0]['uploadAllow'] = array('');
471 } else if ( $this->userRole !== 'administrator' && !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'])) {
472 $opts['roots'][0]['uploadDeny'] = array('all');
473 $opts['roots'][0]['uploadAllow'] = array();
474 $arrCanUploadMime = $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$this->userRole]['can_upload_mime'];
475 $mimeTypes = new \FileManagerHelper();
476 $arrMimeTypes = $mimeTypes->getArrMimeTypes();
477 foreach ($arrMimeTypes as $key => $value){
478 if(in_array($key,$arrCanUploadMime)) {
479 $explodeValue = explode(',',$value);
480 foreach($explodeValue as $item) {
481 $listFileCanNotUpload = $mimeTypes->listFileCanNotUpload();
482 if(!in_array($item, $listFileCanNotUpload)) {
483 array_push($opts['roots'][0]['uploadAllow'], $item );
484 }
485 }
486 }
487
488 };
489 foreach ($arrCanUploadMime as $value){
490 if(strpos($value,"x-conference") !== false
491 || strpos($value,"video") !== false
492 || strpos($value,"text") !== false
493 || strpos($value,"model") !== false
494 || strpos($value,"message") !== false
495 || strpos($value,"image") !== false
496 || strpos($value,"font") !== false
497 || strpos($value,"chemical") !== false
498 || strpos($value,"audio") !== false
499 || strpos($value,"application") !== false
500 ) {
501 array_push($opts['roots'][0]['uploadAllow'], $value );
502 }
503 }
504
505 } else {
506 $opts['roots'][0]['uploadDeny'] = array();
507 $opts['roots'][0]['uploadAllow'] = array('all');
508 }
509 }
510
511 // Sensitive files protection
512 if(isset($this->options['njt_fs_file_manager_settings']['enable_sensitive_protection']) && ($this->options['njt_fs_file_manager_settings']['enable_sensitive_protection'] == '1')) {
513 $sensitive_files = apply_filters('njt_fs_sensitive_files', array(
514 '.htaccess',
515 'wp-config.php',
516 '.env',
517 'wp-config-sample.php',
518 'readme.html',
519 'license.txt',
520 'xmlrpc.php'
521 ));
522
523 foreach ($sensitive_files as $file) {
524 $attributes = array(
525 'pattern' => '/' . preg_quote($file, '/') . '/',
526 'read' => $this->canAccessSensitiveFiles(),
527 'write' => $this->canEditSensitiveFiles(),
528 'hidden' => !$this->canAccessSensitiveFiles(),
529 'locked' => !$this->canEditSensitiveFiles()
530 );
531 array_push($opts['roots'][0]['attributes'], $attributes);
532 }
533 }
534
535 // .htaccess
536 if(isset($this->options['njt_fs_file_manager_settings']['enable_htaccess']) && ($this->options['njt_fs_file_manager_settings']['enable_htaccess'] == '1')) {
537 $attributes = array(
538 'pattern' => '/.htaccess/',
539 'read' => true,
540 'write' => false,
541 'hidden' => true,
542 'locked' => true
543 );
544 array_push($opts['roots'][0]['attributes'], $attributes);
545 }
546
547 //End --setting User Role Restrictions
548
549 $connector = new \elFinderConnector(new \elFinder($opts));
550 $connector->run();
551 wp_die();
552 }
553
554 public function selectorThemes()
555 {
556 if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die();
557 check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true);
558
559 $themesValue = sanitize_text_field ($_POST['themesValue']);
560 $selectorThemes = get_option('njt_fs_selector_themes', array());
561 if (!is_array($selectorThemes)) {
562 $selectorThemes = array();
563 }
564 if (empty($selectorThemes[$this->userRole])) {
565 $selectorThemes[$this->userRole] = array('themesValue' => 'Default');
566 update_option('njt_fs_selector_themes', $selectorThemes);
567 }
568
569 if ($selectorThemes[$this->userRole]['themesValue'] != $themesValue) {
570 $selectorThemes[$this->userRole]['themesValue'] = $themesValue;
571 update_option('njt_fs_selector_themes', $selectorThemes);
572 }
573 $selected_themes = $selectorThemes;
574 $linkThemes = plugins_url('/lib/themes/' . $selected_themes[$this->userRole]['themesValue'] . '/css/theme.css', __FILE__);
575 wp_send_json_success($linkThemes);
576 wp_die();
577 }
578
579 public function saveOptions()
580 {
581 //if(isset($_POST['njt-settings-form-submit'])) {
582 update_option('njt_fs_settings', $this->options);
583 // if($u) {
584 // $this->f('?page=njt-fs-filemanager-settings&status=1');
585 // } else {
586 // $this->f('?page=njt-fs-filemanager-settings&status=2');
587 // }
588 // }
589 }
590
591 public function f($u) {
592 echo '<script>';
593 echo 'window.location.href="'.$u.'"';
594 echo '</script>';
595 }
596
597 public function getArrRoleRestrictions()
598 {
599 if(!wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die();
600 check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true);
601 $valueUserRole = filter_var($_POST['valueUserRole']) ? sanitize_text_field ($_POST['valueUserRole']) : '';
602 $arrRestrictions = !empty($this->options['njt_fs_file_manager_settings']['list_user_role_restrictions']) ? $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'] : array();
603 $dataArrRoleRestrictions = array (
604 'disable_operations' => implode(",", !empty($arrRestrictions[$valueUserRole]['list_user_restrictions_alow_access']) ? $arrRestrictions[$valueUserRole]['list_user_restrictions_alow_access'] : array()),
605 'private_folder_access' => !empty($arrRestrictions[$valueUserRole]['private_folder_access']) ? str_replace("\\\\", "/", trim($arrRestrictions[$valueUserRole]['private_folder_access'])) : '',
606 'private_url_folder_access' => !empty($arrRestrictions[$valueUserRole]['private_url_folder_access']) ? str_replace("\\\\", "/", trim($arrRestrictions[$valueUserRole]['private_url_folder_access'])) : '',
607 'hide_paths' => implode(',', !empty($arrRestrictions[$valueUserRole]['hide_paths']) ? $arrRestrictions[$valueUserRole]['hide_paths'] : array()),
608 'lock_files' => implode(',', !empty($arrRestrictions[$valueUserRole]['lock_files']) ? $arrRestrictions[$valueUserRole]['lock_files'] : array()),
609 'can_upload_mime' => implode(',', !empty($arrRestrictions[$valueUserRole]['can_upload_mime']) ? $arrRestrictions[$valueUserRole]['can_upload_mime'] : array())
610 );
611 wp_send_json_success($dataArrRoleRestrictions);
612 wp_die();
613 }
614
615 public function njt_fs_saveSetting()
616 {
617 if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die();
618 check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true);
619
620 if (!current_user_can('manage_options')) {
621 wp_die();
622 }
623
624 $root_folder_path = !empty($_POST['root_folder_path']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['root_folder_path']))) : '';
625 $root_folder_url = !empty($_POST['root_folder_url']) ? str_replace("\\\\", "/", trim(sanitize_url($_POST['root_folder_url']))) : site_url();
626 $list_user_alow_access = !empty($_POST['list_user_alow_access']) ? explode(',', sanitize_text_field($_POST['list_user_alow_access'])) : array();
627 $upload_max_size = !empty($_POST['upload_max_size']) ? sanitize_text_field(trim($_POST['upload_max_size'])) : 0;
628 $fm_locale = !empty($_POST['fm_locale']) ? sanitize_text_field($_POST['fm_locale']) : 'en';
629 $enable_htaccess = isset($_POST['enable_htaccess']) && $_POST['enable_htaccess'] == 'true' ? 1 : 0;
630 $enable_trash = isset($_POST['enable_trash']) && $_POST['enable_trash'] == 'true' ? 1 : 0;
631 $enable_sensitive_protection = isset($_POST['enable_sensitive_protection']) && $_POST['enable_sensitive_protection'] == 'true' ? 1 : 0;
632 //save options
633 $this->options['njt_fs_file_manager_settings']['root_folder_path'] = $root_folder_path;
634 $this->options['njt_fs_file_manager_settings']['root_folder_url'] = $root_folder_url;
635 $this->options['njt_fs_file_manager_settings']['list_user_alow_access'] = $list_user_alow_access;
636 $this->options['njt_fs_file_manager_settings']['upload_max_size'] = $upload_max_size;
637 $this->options['njt_fs_file_manager_settings']['fm_locale'] = $fm_locale;
638 $this->options['njt_fs_file_manager_settings']['enable_htaccess'] = $enable_htaccess;
639 $this->options['njt_fs_file_manager_settings']['enable_trash'] = $enable_trash;
640 $this->options['njt_fs_file_manager_settings']['enable_sensitive_protection'] = $enable_sensitive_protection;
641 //update options
642 update_option('njt_fs_settings', $this->options);
643 wp_send_json_success(get_option('njt_fs_settings'));
644 wp_die();
645 }
646
647 public function njt_fs_saveSettingRestrictions() {
648 if( ! wp_verify_nonce( $_POST['nonce'] ,'njt-fs-file-manager-admin')) wp_die();
649 check_ajax_referer('njt-fs-file-manager-admin', 'nonce', true);
650
651 if (!current_user_can('manage_options')) {
652 wp_die();
653 }
654
655 if(! $_POST['njt_fs_list_user_restrictions']) wp_die();
656
657 $njt_fs_list_user_restrictions = sanitize_text_field($_POST['njt_fs_list_user_restrictions']);
658 $list_user_restrictions_alow_access = !empty($_POST['list_user_restrictions_alow_access']) ? explode(',', sanitize_text_field($_POST['list_user_restrictions_alow_access'])) : array();
659 $private_folder_access = !empty($_POST['private_folder_access']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['private_folder_access']))) : '';
660 $private_url_folder_access = !empty($_POST['private_url_folder_access']) ? str_replace("\\\\", "/", trim(sanitize_text_field($_POST['private_url_folder_access']))) : '';
661 $hide_paths = !empty($_POST['hide_paths']) ? explode('|', preg_replace('/\s+/', '', sanitize_text_field($_POST['hide_paths']))) : array();
662 $lock_files = !empty($_POST['lock_files']) ? explode('|', preg_replace('/\s+/', '', sanitize_text_field($_POST['lock_files']))) : array();
663
664 $can_upload_mime = !empty($_POST['can_upload_mime']) ? explode(',', preg_replace('/\s+/', '', sanitize_text_field($_POST['can_upload_mime']))) : array();
665
666 $can_upload_mime = array_filter($can_upload_mime, function($item) {
667 $helper = new \FileManagerHelper();
668 $listFileCanNotUpload = $helper->listFileCanNotUpload();
669 return !in_array($item, $listFileCanNotUpload);
670 });
671
672 //save options
673 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['list_user_restrictions_alow_access'] = $list_user_restrictions_alow_access;
674 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['private_folder_access'] = $private_folder_access;
675 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['private_url_folder_access'] = $private_url_folder_access;
676 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['hide_paths'] = $hide_paths;
677 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['lock_files'] = $lock_files;
678 $this->options['njt_fs_file_manager_settings']['list_user_role_restrictions'][$njt_fs_list_user_restrictions]['can_upload_mime'] = $can_upload_mime;
679 //update options
680 update_option('njt_fs_settings', $this->options);
681 wp_send_json_success(get_option('njt_fs_settings'));
682 wp_die();
683 }
684
685 public function canAccessSensitiveFiles() {
686 // Filter hook for developers
687 if (apply_filters('njt_fs_allow_sensitive_access', false)) {
688 return true;
689 }
690
691 return false;
692 }
693
694 public function canEditSensitiveFiles() {
695 // Filter hook for developers
696 if (apply_filters('njt_fs_allow_sensitive_edit', false)) {
697 return true;
698 }
699
700 return false;
701 }
702
703 }