JFIFxxC      C  " }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr# filemin-lib.pl BEGIN { push(@INC, ".."); }; use WebminCore; &init_config(); use POSIX; use Encode qw(decode encode); use File::Basename; eval "use File::MimeInfo"; sub get_acls_status { return has_command('getfacl'); } sub get_list_acls_command { return has_command('getfacl') . " -p "; } sub get_attr_status { return has_command('lsattr'); } sub get_attr_command { return 'lsattr -d '; } sub get_selinux_status { return is_selinux_enabled(); } sub get_selinux_command_type { my $out = backquote_command("ls --help 2>&1 ) { print (eval "qq($row)"); } } else { print "$text{'error_load_template'} '$template_name' $!"; } } sub print_errors { my (@errors) = @_; &ui_print_header(undef, $module_info{'name'}, ""); print "$text{'errors_occured'}
"; print ""; print ""; &ui_print_footer("index.cgi?path=".&urlize($path), $text{'previous_page'}); } sub print_interface { # Some vars for "upload" functionality local $upid = time().$$; $bookmarks = get_bookmarks(); @allowed_for_edit = split(/\s+/, $access{'allowed_for_edit'}); # Some experimental MIME types are now recognized push(@allowed_for_edit, map { (my $__ = $_) =~ s/-x-/-/; $__ ne $_ ? $__ : () } @allowed_for_edit); %allowed_for_edit = map { $_ => 1} @allowed_for_edit; my %tinfo = &get_theme_info($current_theme); # User and group lists for acls if (&has_command('setfacl')) { our $acl_user_select = &ui_user_textbox("user", $realuser); our $acl_group_select = &ui_user_textbox("group", $realuser); our $acl_manual = &ui_details( { title => $text{'acls_manual'}, content => &ui_textbox("manual", undef, 40, undef, undef, "placeholder='-m u:root:rw-,g:stream:r-x -R'"), html => 1 } ); } # Interface for Bootstrap powered themes if ($tinfo{'bootstrap'}) { # Set icons variables $edit_icon = ""; $rename_icon = ""; $extract_icon = ""; $goto_icon = ""; # Add static files print ""; print ""; print ""; print ""; # Set "root" icon if($base eq '/') { $root_icon = ""; } else { $root_icon = "~"; } # Breadcrumbs print "
  1. $root_icon
    2. "; my @breadcr = split('/', $path); my $cp = ''; for(my $i = 1; $i <= scalar(@breadcr)-1; $i++) { chomp($breadcr[$i]); $cp = $cp.'/'.$breadcr[$i]; print "
  2. ". &html_escape($breadcr[$i])."
    3. "; } print "
"; $page = 1; $pagelimit = 4294967295; # The number of maximum files in a directory for EXT4. 9000+ is way to little # And toolbar print_template("unauthenticated/templates/menu.html"); print_template("unauthenticated/templates/dialogs.html"); } # Interface for legacy themes else { # Set icons variables $edit_icon = "$text{"; $rename_icon = "$text{"; $extract_icon = "$text{"; $goto_icon = "$text{"; $head.= ""; $head.= ""; $head.= ""; $head.= ""; $head.= ""; $head.= ""; $head.= ""; print $head; # Set "root" icon if($base eq '/') { $root_icon = ""; } else { $root_icon = "~"; } # Legacy breadcrumbs print "
$root_icon / "; my @breadcr = split('/', $path); my $cp = ''; for(my $i = 1; $i <= scalar(@breadcr)-1; $i++) { chomp($breadcr[$i]); $cp = $cp.'/'.$breadcr[$i]; print "". &html_escape($breadcr[$i])." / "; } print "
"; # And pagination $page = $in{'page'}; $pagelimit = $userconfig{'per_page'}; $pages = ceil((scalar(@list))/$pagelimit); if (not defined $page or $page > $pages) { $page = 1; } print "Pages: "; for(my $i = 1;$i <= $pages;$i++) { if($page eq $i) { print "".&html_escape($i).""; } else { print "".&html_escape($i).""; } } print "
"; # And toolbar print_template("unauthenticated/templates/legacy_quicks.html"); print_template("unauthenticated/templates/legacy_dialogs.html"); } my $info_total; my $info_files = scalar @files; my $info_folders = scalar @folders; if ($info_files eq 1 && $info_folders eq 1) { $info_total = 'info_total1' } elsif ($info_files ne 1 && $info_folders eq 1) { $info_total = 'info_total2' } elsif ($info_files eq 1 && $info_folders ne 1) { $info_total = 'info_total3' } else { $info_total = 'info_total4' } print "
" . &text($info_total, scalar @files, scalar @folders) . "
"; # Render current directory entries print &ui_form_start("", "post", undef, "id='list_form'"); @ui_columns = ( '', '' ); push @ui_columns, ('' . $text{'name'} . ''); push @ui_columns, ('' . $text{'type'} . '') if($userconfig{'columns'} =~ /type/); push @ui_columns, ('' . $text{'actions'} . ''); push @ui_columns, ('' . $text{'size'} . '') if($userconfig{'columns'} =~ /size/); push @ui_columns, ('' . $text{'ownership'} . '') if($userconfig{'columns'} =~ /owner_user/); push @ui_columns, ('' . $text{'permissions'} . '') if($userconfig{'columns'} =~ /permissions/); push @ui_columns, ('' . $text{'acls'} . '') if(get_acls_status() && $userconfig{'columns'} =~ /acls/); push @ui_columns, ('' . $text{'attributes'} . '') if(get_attr_status() && $userconfig{'columns'} =~ /attributes/); push @ui_columns, ('' . $text{'selinux'} . '') if(get_selinux_status() && $userconfig{'columns'} =~ /selinux/); push @ui_columns, ('' . $text{'last_mod_time'} . '') if($userconfig{'columns'} =~ /last_mod_time/); print &ui_columns_start(\@ui_columns); #foreach $link (@list) { for(my $count = 1 + $pagelimit*($page-1);$count <= $pagelimit+$pagelimit*($page-1);$count++) { if ($count > scalar(@list)) { last; } my $class = $count & 1 ? "odd" : "even"; my $link = $list[$count - 1][0]; my $acls; my $attributes; my $selinux; $link =~ s/\Q$cwd\E\///; $link =~ s/^\///g; $vlink = html_escape($link); $vlink = quote_escape($vlink); my $hlink = html_escape($vlink); $vpath = quote_escape($vpath); my $type = $list[$count - 1][14]; $type =~ s/\//\-/g; my $img = "images/icons/mime/$type.png"; unless (-e $img) { $img = "images/icons/mime/unknown.png"; } $size = &nice_size($list[$count - 1][8]); $user = getpwuid($list[$count - 1][5]) ? getpwuid($list[$count - 1][5]) : $list[$count - 1][5]; $group = getgrgid($list[$count - 1][6]) ? getgrgid($list[$count - 1][6]) : $list[$count - 1][6]; $permissions = sprintf("%04o", $list[$count - 1][3] & 07777); if(get_selinux_status() && $userconfig{'columns'} =~ /selinux/) { $selinux = $list[$count - 1][17]; } if(get_attr_status() && $userconfig{'columns'} =~ /attributes/) { $attributes = $list[$count - 1][18]; } if(get_acls_status() && $userconfig{'columns'} =~ /acls/) { $acls = $list[$count - 1][19]; } $mod_time = POSIX::strftime('%Y/%m/%d - %T', localtime($list[$count - 1][10])); $actions = "$rename_icon"; if ( $list[ $count - 1 ][15] == 1 ) { $href = "index.cgi?path=" . &urlize("$path/$link"); } else { $href = "download.cgi?file=".&urlize($link)."&path=".&urlize($path); if($0 =~ /search.cgi/) { ($fname,$fpath,$fsuffix) = fileparse($list[$count - 1][0]); if($base ne '/') { $fpath =~ s/^\Q$base\E//g; } $actions = "$actions$goto_icon"; } if ( index($type, "text-") != -1 or exists($allowed_for_edit{$type}) ) { $actions = "$actions$edit_icon"; } if ((index($type, "application-zip") != -1 && has_command('unzip')) || ( ( index($type, "application-x-7z-compressed") != -1 || index($type, "x-raw-disk-image") != -1 || index($type, "x-cd-image") != -1 ) && has_command('7z')) || ((index($type, "application-x-rar") != -1 || index($type, "application-vnd.rar") != -1) && has_command('unrar')) || (index($type, "application-x-rpm") != -1 && has_command('rpm2cpio') && has_command('cpio')) || (index($type, "application-x-deb") != -1 && has_command('dpkg')) || ( (index($type, "x-compressed-tar") != -1 || index($type, "-x-tar") != -1 || (index($type, "-x-bzip") != -1 && has_command('bzip2')) || (index($type, "-gzip") != -1 && has_command('gzip')) || (index($type, "zstd") != -1 && has_command('zstd')) || (index($type, "-x-xz") != -1 && has_command('xz')) ) && has_command('tar'))) { $actions = "$actions $extract_icon "; } } @row_data = ( "", "$vlink" ); push @row_data, $type if($userconfig{'columns'} =~ /type/); push @row_data, $actions; push @row_data, $size if($userconfig{'columns'} =~ /size/); push @row_data, $user.':'.$group if($userconfig{'columns'} =~ /owner_user/); push @row_data, $permissions if($userconfig{'columns'} =~ /permissions/); push @row_data, $acls if(get_acls_status() && $userconfig{'columns'} =~ /acls/); push @row_data, $attributes if(get_attr_status() && $userconfig{'columns'} =~ /attributes/); push @row_data, $selinux if(get_selinux_status() && $userconfig{'columns'} =~ /selinux/); push @row_data, $mod_time if($userconfig{'columns'} =~ /last_mod_time/); print &ui_checked_columns_row(\@row_data, "", "name", $vlink); } print ui_columns_end(); print &ui_hidden("path", $path),"\n"; print &ui_form_end(); } sub get_bookmarks { $confdir = "$remote_user_info[7]/.filemin"; if(!-e "$confdir/.bookmarks") { return "
  • $text{'no_bookmarks'}
    • "; } my $bookmarks = &read_file_lines($confdir.'/.bookmarks', 1); $result = ''; foreach $bookmark(@$bookmarks) { $result .= "
  • " . &html_escape($bookmark) . "
    • "; } return $result; } # get_paste_buffer_file() # Returns the location of the file for temporary copy/paste state sub get_paste_buffer_file { if (&get_product_name() eq 'usermin') { return $user_module_config_directory."/.buffer"; } else { my $tmpdir = "$remote_user_info[7]/.filemin"; &make_dir($tmpdir, 0700) if (!-d $tmpdir); return $tmpdir."/.buffer"; } } # check_allowed_path(file) # Calls error if some path isn't allowed sub check_allowed_path { my ($file) = @_; $file = &simplify_path($file); my $error = 1; foreach my $allowed_path (@allowed_paths) { if (&is_under_directory($allowed_path, $file)) { $error = 0; } } $error && &error(&text('notallowed', '`' . &html_escape($file) . '`', '`' . &html_escape(join(" , ", @allowed_paths)) . '`.')); } sub clean_mimetype { my ($f) = @_; my $t = mimetype($f); eval { utf8::encode($t) if (utf8::is_utf8($t)) }; return $t; } sub test_allowed_paths { if (@allowed_paths == 1 && $allowed_paths[0] eq '/') { return 0; } return 1; } sub extract_files { my ($files_to_extract, $delete) = @_; my @errors; foreach my $fref (@{$files_to_extract}) { my $status = -1; my $cwd = $fref->{'path'}; my $name = $fref->{'file'}; my $extract_to = $cwd; if (!$in{'overwrite_existing'}) { my ($file_name) = $name =~ /(?|(.*)\.((?|tar|wbm|wbt)\..*)|(.*)\.([a-zA-Z]+\.(?|gpg|pgp))|(.*)\.(?=(.*))|(.*)())/; if (!-e "$cwd/$file_name") { $extract_to = "$cwd/$file_name"; } else { my $__ = 1; for (;;) { my $new_dir_name = "$file_name(" . $__++ . ")"; if (!-e "$cwd/$new_dir_name") { $extract_to = "$cwd/$new_dir_name"; last; } } } } mkdir("$extract_to"); my $archive_type = mimetype($cwd . '/' . $name); if ($archive_type =~ /x-tar/ || $archive_type =~ /-compressed-tar/) { my $tar_cmd = has_command('tar'); if (!$tar_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'tar')); } else { $status = system("$tar_cmd xpf " . quotemeta("$cwd/$name") . " -C " . quotemeta($extract_to)); } } elsif ($archive_type =~ /x-bzip/) { my $tar_cmd = has_command('tar'); if (!$tar_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'tar')); } else { $status = system("$tar_cmd xjfp " . quotemeta("$cwd/$name") . " -C " . quotemeta($extract_to)); } } elsif ($archive_type =~ /\/gzip/) { my $gz_cmd = has_command('gunzip') || has_command('gzip'); if (!$gz_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'gzip/gunzip')); } else { $status = system("$gz_cmd -d -f -k " . quotemeta("$cwd/$name")); } } elsif ($archive_type =~ /x-xz/) { my $xz_cmd = has_command('xz'); if (!$xz_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'xz')); } else { $status = system("$xz_cmd -d -f -k " . quotemeta("$cwd/$name")); } } elsif ($archive_type =~ /x-7z/ || $archive_type =~ /x-raw-disk-image/ || $archive_type =~ /x-cd-image/) { my $x7z_cmd = has_command('7z'); if (!$x7z_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", '7z')); } else { $status = system("$x7z_cmd x -aoa " . quotemeta("$cwd/$name") . " -o" . quotemeta($extract_to)); } } elsif ($archive_type =~ /\/zip/) { my $unzip_cmd = has_command('unzip'); if (!$unzip_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'unzip')); } else { my $unzip_out = `unzip --help`; my $uu = ($unzip_out =~ /-UU/ ? '-UU' : undef); $status = system("$unzip_cmd $uu -q -o " . quotemeta("$cwd/$name") . " -d " . quotemeta($extract_to)); } } elsif ($archive_type =~ /\/x-rar|\/vnd\.rar/) { my $unrar_cmd = has_command('unar') || has_command('unrar'); if (!$unrar_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'unrar/unar')); } else { if ($unrar_cmd =~ /unar$/) { $status = system("$unrar_cmd " . quotemeta("$cwd/$name") . " -o " . quotemeta($extract_to)); } else { $status = system("$unrar_cmd x -r -y -o+ " . quotemeta("$cwd/$name") . " " . quotemeta($extract_to)); } } } elsif ($archive_type =~ /\/x-rpm/) { my $rpm2cpio_cmd = has_command('rpm2cpio'); my $cpio_cmd = has_command('cpio'); if (!$rpm2cpio_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'rpm2cpio')); } elsif (!$cpio_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'cpio')); } else { $status = system("($rpm2cpio_cmd " . quotemeta("$cwd/$name") . " | (cd " . quotemeta($extract_to) . "; $cpio_cmd -idmv))"); } } elsif ($archive_type =~ /\/x-deb|debian\.binary-package/) { my $dpkg_cmd = has_command('dpkg'); if (!$dpkg_cmd) { push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'dpkg')); } else { $status = system("$dpkg_cmd -x " . quotemeta("$cwd/$name") . " " . quotemeta($extract_to)); } } # Set permissions for all extracted files my @perms = stat("$cwd/$name"); system("chown -R $perms[4]:$perms[5] " . quotemeta($extract_to)); # Delete empty extraction rmdir($extract_to); # Delete if no error if ($delete && $status == 0) { unlink_file("$cwd/$name"); } } return @errors; } 1;