首页 发现 帮助
登录
fusionpbx
/
fusionpbx-app-edit
镜像自地址 https://github.com/fusionpbx/fusionpbx-app-edit.git
2
0
派生 0
文件 工单管理 0 Wiki
目录树: c37da0acbf
分支列表 标签列表
fusionpbx-app-e...
/
file_save.php

file_save.php 5.4 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187 
  1. <?php
    2. 

  2. /*
    3. 

  3. 	FusionPBX
    4. 

  4. 	Version: MPL 1.1
    5. 

  5. 

  6. 	The contents of this file are subject to the Mozilla Public License Version
    7. 

  7. 	1.1 (the "License"); you may not use this file except in compliance with
    8. 

  8. 	the License. You may obtain a copy of the License at
    9. 

  9. 	http://www.mozilla.org/MPL/
    10. 

  10. 

  11. 	Software distributed under the License is distributed on an "AS IS" basis,
    12. 

  12. 	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    13. 

  13. 	for the specific language governing rights and limitations under the
    14. 

  14. 	License.
    15. 

  15. 

  16. 	The Original Code is FusionPBX
    17. 

  17. 

  18. 	The Initial Developer of the Original Code is
    19. 

  19. 	Mark J Crane <[email protected]>
    20. 

  20. 	Portions created by the Initial Developer are Copyright (C) 2008-2023
    21. 

  21. 	the Initial Developer. All Rights Reserved.
    22. 

  22. 

  23. 	Contributor(s):
    24. 

  24. 	Mark J Crane <[email protected]>
    25. 

  25. 	James Rose <[email protected]>
    26. 

  26. */
    27. 

  27. 

  28. //includes files
    29. 

  29. 	require_once dirname(__DIR__, 2) . "/resources/require.php";
    30. 

  30. 	require_once "resources/check_auth.php";
    31. 

  31. 

  32. //check permissions
    33. 

  33. 	if (permission_exists('edit_save')) {
    34. 

  34. 		//access granted
    35. 

  35. 	}
    36. 

  36. 	else {
    37. 

  37. 		echo "access denied";
    38. 

  38. 		exit;
    39. 

  39. 	}
    40. 

  40. 

  41. //add multi-lingual support
    42. 

  42. 	$language = new text;
    43. 

  43. 	$text = $language->get();
    44. 

  44. 

  45. //compare the tokens
    46. 

  46. 	$key_name = '/app/edit/'.$_POST['mode'];
    47. 

  47. 	$hash = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]);
    48. 

  48. 	if (!hash_equals($hash, $_POST['token'])) {
    49. 

  49. 		echo "access denied";
    50. 

  50. 		exit;
    51. 

  51. 	}
    52. 

  52. 

  53. //get the directory
    54. 

  54. 	if (!isset($_SESSION)) { session_start(); }
    55. 

  55. 	switch ($_SESSION["app"]["edit"]["dir"]) {
    56. 

  56. 		case 'scripts':
    57. 

  57. 			$edit_directory = $_SESSION['switch']['scripts']['dir'];
    58. 

  58. 			break;
    59. 

  59. 		case 'php':
    60. 

  60. 			$edit_directory = $_SERVER["DOCUMENT_ROOT"].'/'.PROJECT_PATH;
    61. 

  61. 			break;
    62. 

  62. 		case 'grammar':
    63. 

  63. 			$edit_directory = $_SESSION['switch']['grammar']['dir'];
    64. 

  64. 			break;
    65. 

  65. 		case 'provision':
    66. 

  66. 			switch (PHP_OS) {
    67. 

  67. 				case "Linux":
    68. 

  68. 					if (file_exists('/usr/share/fusionpbx/templates/provision')) {
    69. 

  69. 						$edit_directory = '/usr/share/fusionpbx/templates/provision';
    70. 

  70. 					}
    71. 

  71. 					elseif (file_exists('/etc/fusionpbx/resources/templates/provision')) {
    72. 

  72. 						$edit_directory = '/etc/fusionpbx/resources/templates/provision';
    73. 

  73. 					}
    74. 

  74. 					else {
    75. 

  75. 						$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision";
    76. 

  76. 					}
    77. 

  77. 					break;
    78. 

  78. 				case "FreeBSD":
    79. 

  79. 					if (file_exists('/usr/local/share/fusionpbx/templates/provision')) {
    80. 

  80. 						$edit_directory = '/usr/share/fusionpbx/templates/provision';
    81. 

  81. 					}
    82. 

  82. 					elseif (file_exists('/usr/local/etc/fusionpbx/resources/templates/provision')) {
    83. 

  83. 						$edit_directory = '/usr/local/etc/fusionpbx/resources/templates/provision';
    84. 

  84. 					}
    85. 

  85. 					else {
    86. 

  86. 						$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision";
    87. 

  87. 					}
    88. 

  88. 					break;
    89. 

  89. 				case "NetBSD":
    90. 

  90. 					if (file_exists('/usr/local/share/fusionpbx/templates/provision')) {
    91. 

  91. 						$edit_directory = '/usr/share/fusionpbx/templates/provision';
    92. 

  92. 					}
    93. 

  93. 					else {
    94. 

  94. 						$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision";
    95. 

  95. 					}
    96. 

  96. 					break;
    97. 

  97. 				case "OpenBSD":
    98. 

  98. 					if (file_exists('/usr/local/share/fusionpbx/templates/provision')) {
    99. 

  99. 						$edit_directory = '/usr/share/fusionpbx/templates/provision';
    100. 

  100. 					}
    101. 

  101. 					else {
    102. 

  102. 						$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision";
    103. 

  103. 					}
    104. 

  104. 					break;
    105. 

  105. 				default:
    106. 

  106. 					$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/";
    107. 

  107. 			}
    108. 

  108. 			break;
    109. 

  109. 		case 'xml':
    110. 

  110. 			$edit_directory = $_SESSION['switch']['conf']['dir'];
    111. 

  111. 			break;
    112. 

  112. 	}
    113. 

  113. 	if (!isset($edit_directory) && is_array($_SESSION['editor']['path'])) {
    114. 

  114. 		foreach ($_SESSION['editor']['path'] as $path) {
    115. 

  115. 			if ($_SESSION["app"]["edit"]["dir"] == $path) {
    116. 

  116. 				$edit_directory = $path;
    117. 

  117. 				break;
    118. 

  118. 			}
    119. 

  119. 		}
    120. 

  120. 	}
    121. 

  121. 

  122. //set the file variable
    123. 

  123. 	$file_path = $_POST["filepath"];
    124. 

  124. 

  125. //remove attempts to change the directory
    126. 

  126. 	$file_path = str_replace('..', '', $file_path);
    127. 

  127. 	$file_path = str_replace ("\\", "/", $file_path);
    128. 

  128. 

  129. //break the path into an array
    130. 

  130. 	$path_array = pathinfo($file_path);
    131. 

  131. 	$path_prefix = substr($path_array['dirname'], 0, strlen($edit_directory));
    132. 

  132. 

  133. //validate the path
    134. 

  134. 	if (realpath($path_prefix) == realpath($edit_directory)) {
    135. 

  135. 		if ($file_path != '') {
    136. 

  136. 			try {
    137. 

  137. 				//save file content
    138. 

  138. 					$file_path = realpath($file_path);
    139. 

  139. 					$file_path = str_replace ('//', '/', $file_path);
    140. 

  140. 					$file_path = str_replace ("\\", "/", $file_path);
    141. 

  141. 					if (file_exists($file_path)) {
    142. 

  142. 						//create a file handle
    143. 

  143. 						$handle = fopen($file_path, 'wb');
    144. 

  144. 						if (!$handle) {
    145. 

  145. 							throw new Exception('Write Failed - Check File Owner & Permissions');
    146. 

  146. 						}
    147. 

  147. 

  148. 						//build a array of the content
    149. 

  149. 						$lines = explode("\n", str_replace ("\r\n", "\n", $_POST["content"]));
    150. 

  150. 

  151. 						//go in reverse order to remove blank trailing lines at the end of the file
    152. 

  152. 						for ($i = count($lines) - 1; $i > 0; $i--) {
    153. 

  153. 							//find the last empty line
    154. 

  154. 							if (!empty($lines[$i])) {
    155. 

  155. 								//exit for loop
    156. 

  156. 								break;
    157. 

  157. 							}
    158. 

  158. 							//remember the last line index
    159. 

  159. 							$last_line = $i;
    160. 

  160. 						}
    161. 

  161. 

  162. 						$file_content = '';
    163. 

  163. 

  164. 						//remove trailing spaces on each line
    165. 

  165. 						for ($i = 0; $i < $last_line; $i++) {
    166. 

  166. 							$file_content .= rtrim($lines[$i]) . "\n";
    167. 

  167. 						}
    168. 

  168. 

  169. 						//save the file
    170. 

  170. 						fwrite($handle, $file_content);
    171. 

  171. 

  172. 						//close the file handle
    173. 

  173. 						fclose($handle);
    174. 

  174. 					}
    175. 

  175. 

  176. 				//set the reload_xml value to true
    177. 

  177. 					$_SESSION["reload_xml"] = true;
    178. 

  178. 

  179. 				//alert user of success
    180. 

  180. 					echo "Changes Saved";
    181. 

  181. 			}
    182. 

  182. 			catch(Exception $e) {
    183. 

  183. 				//alert error
    184. 

  184. 				echo $e->getMessage();
    185. 

  185. 			}
    186. 

  186. 		}
    187. 

  187. 	}
    188.