# filemin-lib.pl
BEGIN { push(@INC, ".."); };
use WebminCore;
&init_config();
use POSIX;
use Encode qw(decode encode);
use File::Basename;
eval "use File::MimeInfo";
sub get_acls_status {
return has_command('getfacl');
}
sub get_list_acls_command {
return has_command('getfacl') . " -p ";
}
sub get_attr_status {
return has_command('lsattr');
}
sub get_attr_command {
return 'lsattr -d ';
}
sub get_selinux_status {
return is_selinux_enabled();
}
sub get_selinux_command_type {
my $out = backquote_command("ls --help 2>&1 ) {
print (eval "qq($row)");
}
} else {
print "$text{'error_load_template'} '$template_name' $!";
}
}
sub print_errors {
my (@errors) = @_;
&ui_print_header(undef, $module_info{'name'}, "");
print "$text{'errors_occured'}
";
print "";
foreach $error(@errors) {
print("- $error
");
}
print "
";
print "";
&ui_print_footer("index.cgi?path=".&urlize($path), $text{'previous_page'});
}
sub print_interface {
# Some vars for "upload" functionality
local $upid = time().$$;
$bookmarks = get_bookmarks();
@allowed_for_edit = split(/\s+/, $access{'allowed_for_edit'});
# Some experimental MIME types are now recognized
push(@allowed_for_edit, map { (my $__ = $_) =~ s/-x-/-/;
$__ ne $_ ? $__ : () } @allowed_for_edit);
%allowed_for_edit = map { $_ => 1} @allowed_for_edit;
my %tinfo = &get_theme_info($current_theme);
# User and group lists for acls
if (&has_command('setfacl')) {
our $acl_user_select = &ui_user_textbox("user", $realuser);
our $acl_group_select = &ui_user_textbox("group", $realuser);
our $acl_manual = &ui_details(
{ title => $text{'acls_manual'},
content => &ui_textbox("manual", undef, 40,
undef, undef, "placeholder='-m u:root:rw-,g:stream:r-x -R'"),
html => 1 } );
}
# Interface for Bootstrap powered themes
if ($tinfo{'bootstrap'}) {
# Set icons variables
$edit_icon = "";
$rename_icon = "";
$extract_icon = "";
$goto_icon = "";
# Add static files
print "";
print "";
print "";
print "";
# Set "root" icon
if($base eq '/') {
$root_icon = "";
} else {
$root_icon = "~";
}
# Breadcrumbs
print "- $root_icon
";
my @breadcr = split('/', $path);
my $cp = '';
for(my $i = 1; $i <= scalar(@breadcr)-1; $i++) {
chomp($breadcr[$i]);
$cp = $cp.'/'.$breadcr[$i];
print "- ".
&html_escape($breadcr[$i])."
";
}
print "
";
$page = 1;
$pagelimit = 4294967295; # The number of maximum files in a directory for EXT4. 9000+ is way to little
# And toolbar
print_template("unauthenticated/templates/menu.html");
print_template("unauthenticated/templates/dialogs.html");
}
# Interface for legacy themes
else {
# Set icons variables
$edit_icon = "
";
$rename_icon = "
";
$extract_icon = "
";
$goto_icon = "
";
$head.= "";
$head.= "";
$head.= "";
$head.= "";
$head.= "";
$head.= "";
$head.= "";
print $head;
# Set "root" icon
if($base eq '/') {
$root_icon = "![](\"images/icons/quick/drive-harddisk.png\")
";
} else {
$root_icon = "~";
}
# Legacy breadcrumbs
print "$root_icon / ";
my @breadcr = split('/', $path);
my $cp = '';
for(my $i = 1; $i <= scalar(@breadcr)-1; $i++) {
chomp($breadcr[$i]);
$cp = $cp.'/'.$breadcr[$i];
print "
".
&html_escape($breadcr[$i])." / ";
}
print "
";
# And pagination
$page = $in{'page'};
$pagelimit = $userconfig{'per_page'};
$pages = ceil((scalar(@list))/$pagelimit);
if (not defined $page or $page > $pages) { $page = 1; }
print "Pages: ";
for(my $i = 1;$i <= $pages;$i++) {
if($page eq $i) {
print "
".&html_escape($i)."";
} else {
print "
".&html_escape($i)."";
}
}
print "
";
# And toolbar
print_template("unauthenticated/templates/legacy_quicks.html");
print_template("unauthenticated/templates/legacy_dialogs.html");
}
my $info_total;
my $info_files = scalar @files;
my $info_folders = scalar @folders;
if ($info_files eq 1 && $info_folders eq 1) {
$info_total = 'info_total1'
} elsif ($info_files ne 1 && $info_folders eq 1) {
$info_total = 'info_total2'
} elsif ($info_files eq 1 && $info_folders ne 1) {
$info_total = 'info_total3'
} else {
$info_total = 'info_total4'
}
print "" . &text($info_total, scalar @files, scalar @folders) . "
";
# Render current directory entries
print &ui_form_start("", "post", undef, "id='list_form'");
@ui_columns = (
'',
''
);
push @ui_columns, ('' . $text{'name'} . '');
push @ui_columns, ('' . $text{'type'} . '') if($userconfig{'columns'} =~ /type/);
push @ui_columns, ('' . $text{'actions'} . '');
push @ui_columns, ('' . $text{'size'} . '') if($userconfig{'columns'} =~ /size/);
push @ui_columns, ('' . $text{'ownership'} . '') if($userconfig{'columns'} =~ /owner_user/);
push @ui_columns, ('' . $text{'permissions'} . '') if($userconfig{'columns'} =~ /permissions/);
push @ui_columns, ('' . $text{'acls'} . '') if(get_acls_status() && $userconfig{'columns'} =~ /acls/);
push @ui_columns, ('' . $text{'attributes'} . '') if(get_attr_status() && $userconfig{'columns'} =~ /attributes/);
push @ui_columns, ('' . $text{'selinux'} . '') if(get_selinux_status() && $userconfig{'columns'} =~ /selinux/);
push @ui_columns, ('' . $text{'last_mod_time'} . '') if($userconfig{'columns'} =~ /last_mod_time/);
print &ui_columns_start(\@ui_columns);
#foreach $link (@list) {
for(my $count = 1 + $pagelimit*($page-1);$count <= $pagelimit+$pagelimit*($page-1);$count++) {
if ($count > scalar(@list)) { last; }
my $class = $count & 1 ? "odd" : "even";
my $link = $list[$count - 1][0];
my $acls;
my $attributes;
my $selinux;
$link =~ s/\Q$cwd\E\///;
$link =~ s/^\///g;
$vlink = html_escape($link);
$vlink = quote_escape($vlink);
my $hlink = html_escape($vlink);
$vpath = quote_escape($vpath);
my $type = $list[$count - 1][14];
$type =~ s/\//\-/g;
my $img = "images/icons/mime/$type.png";
unless (-e $img) { $img = "images/icons/mime/unknown.png"; }
$size = &nice_size($list[$count - 1][8]);
$user = getpwuid($list[$count - 1][5]) ? getpwuid($list[$count - 1][5]) : $list[$count - 1][5];
$group = getgrgid($list[$count - 1][6]) ? getgrgid($list[$count - 1][6]) : $list[$count - 1][6];
$permissions = sprintf("%04o", $list[$count - 1][3] & 07777);
if(get_selinux_status() && $userconfig{'columns'} =~ /selinux/) {
$selinux = $list[$count - 1][17];
}
if(get_attr_status() && $userconfig{'columns'} =~ /attributes/) {
$attributes = $list[$count - 1][18];
}
if(get_acls_status() && $userconfig{'columns'} =~ /acls/) {
$acls = $list[$count - 1][19];
}
$mod_time = POSIX::strftime('%Y/%m/%d - %T', localtime($list[$count - 1][10]));
$actions = "$rename_icon";
if ( $list[ $count - 1 ][15] == 1 ) {
$href = "index.cgi?path=" . &urlize("$path/$link");
} else {
$href = "download.cgi?file=".&urlize($link)."&path=".&urlize($path);
if($0 =~ /search.cgi/) {
($fname,$fpath,$fsuffix) = fileparse($list[$count - 1][0]);
if($base ne '/') {
$fpath =~ s/^\Q$base\E//g;
}
$actions = "$actions$goto_icon";
}
if (
index($type, "text-") != -1 or
exists($allowed_for_edit{$type})
) {
$actions = "$actions$edit_icon";
}
if ((index($type, "application-zip") != -1 && has_command('unzip')) ||
(
( index($type, "application-x-7z-compressed") != -1 ||
index($type, "x-raw-disk-image") != -1 ||
index($type, "x-cd-image") != -1
) && has_command('7z')) ||
((index($type, "application-x-rar") != -1 || index($type, "application-vnd.rar") != -1) && has_command('unrar')) ||
(index($type, "application-x-rpm") != -1 && has_command('rpm2cpio') && has_command('cpio')) ||
(index($type, "application-x-deb") != -1 && has_command('dpkg'))
||
(
(index($type, "x-compressed-tar") != -1 ||
index($type, "-x-tar") != -1 ||
(index($type, "-x-bzip") != -1 && has_command('bzip2')) ||
(index($type, "-gzip") != -1 && has_command('gzip')) ||
(index($type, "zstd") != -1 && has_command('zstd')) ||
(index($type, "-x-xz") != -1 && has_command('xz'))
) &&
has_command('tar')))
{
$actions =
"$actions $extract_icon ";
}
}
@row_data = (
"![](\"$img\")
",
"$vlink"
);
push @row_data, $type if($userconfig{'columns'} =~ /type/);
push @row_data, $actions;
push @row_data, $size if($userconfig{'columns'} =~ /size/);
push @row_data, $user.':'.$group if($userconfig{'columns'} =~ /owner_user/);
push @row_data, $permissions if($userconfig{'columns'} =~ /permissions/);
push @row_data, $acls if(get_acls_status() && $userconfig{'columns'} =~ /acls/);
push @row_data, $attributes if(get_attr_status() && $userconfig{'columns'} =~ /attributes/);
push @row_data, $selinux if(get_selinux_status() && $userconfig{'columns'} =~ /selinux/);
push @row_data, $mod_time if($userconfig{'columns'} =~ /last_mod_time/);
print &ui_checked_columns_row(\@row_data, "", "name", $vlink);
}
print ui_columns_end();
print &ui_hidden("path", $path),"\n";
print &ui_form_end();
}
sub get_bookmarks {
$confdir = "$remote_user_info[7]/.filemin";
if(!-e "$confdir/.bookmarks") {
return "$text{'no_bookmarks'}";
}
my $bookmarks = &read_file_lines($confdir.'/.bookmarks', 1);
$result = '';
foreach $bookmark(@$bookmarks) {
$result .=
"" . &html_escape($bookmark) . "";
}
return $result;
}
# get_paste_buffer_file()
# Returns the location of the file for temporary copy/paste state
sub get_paste_buffer_file
{
if (&get_product_name() eq 'usermin') {
return $user_module_config_directory."/.buffer";
}
else {
my $tmpdir = "$remote_user_info[7]/.filemin";
&make_dir($tmpdir, 0700) if (!-d $tmpdir);
return $tmpdir."/.buffer";
}
}
# check_allowed_path(file)
# Calls error if some path isn't allowed
sub check_allowed_path
{
my ($file) = @_;
$file = &simplify_path($file);
my $error = 1;
foreach my $allowed_path (@allowed_paths) {
if (&is_under_directory($allowed_path, $file)) {
$error = 0;
}
}
$error && &error(&text('notallowed', '`' . &html_escape($file) . '`',
'`' . &html_escape(join(" , ", @allowed_paths)) . '`.'));
}
sub clean_mimetype
{
my ($f) = @_;
my $t = mimetype($f);
eval { utf8::encode($t) if (utf8::is_utf8($t)) };
return $t;
}
sub test_allowed_paths
{
if (@allowed_paths == 1 && $allowed_paths[0] eq '/') {
return 0;
}
return 1;
}
sub extract_files
{
my ($files_to_extract, $delete) = @_;
my @errors;
foreach my $fref (@{$files_to_extract}) {
my $status = -1;
my $cwd = $fref->{'path'};
my $name = $fref->{'file'};
my $extract_to = $cwd;
if (!$in{'overwrite_existing'}) {
my ($file_name) = $name =~ /(?|(.*)\.((?|tar|wbm|wbt)\..*)|(.*)\.([a-zA-Z]+\.(?|gpg|pgp))|(.*)\.(?=(.*))|(.*)())/;
if (!-e "$cwd/$file_name") {
$extract_to = "$cwd/$file_name";
} else {
my $__ = 1;
for (;;) {
my $new_dir_name = "$file_name(" . $__++ . ")";
if (!-e "$cwd/$new_dir_name") {
$extract_to = "$cwd/$new_dir_name";
last;
}
}
}
}
mkdir("$extract_to");
my $archive_type = mimetype($cwd . '/' . $name);
if ($archive_type =~ /x-tar/ || $archive_type =~ /-compressed-tar/) {
my $tar_cmd = has_command('tar');
if (!$tar_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'tar'));
} else {
$status = system("$tar_cmd xpf " . quotemeta("$cwd/$name") . " -C " . quotemeta($extract_to));
}
} elsif ($archive_type =~ /x-bzip/) {
my $tar_cmd = has_command('tar');
if (!$tar_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'tar'));
} else {
$status = system("$tar_cmd xjfp " . quotemeta("$cwd/$name") . " -C " . quotemeta($extract_to));
}
} elsif ($archive_type =~ /\/gzip/) {
my $gz_cmd = has_command('gunzip') || has_command('gzip');
if (!$gz_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'gzip/gunzip'));
} else {
$status = system("$gz_cmd -d -f -k " . quotemeta("$cwd/$name"));
}
} elsif ($archive_type =~ /x-xz/) {
my $xz_cmd = has_command('xz');
if (!$xz_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'xz'));
} else {
$status = system("$xz_cmd -d -f -k " . quotemeta("$cwd/$name"));
}
} elsif ($archive_type =~ /x-7z/ ||
$archive_type =~ /x-raw-disk-image/ ||
$archive_type =~ /x-cd-image/) {
my $x7z_cmd = has_command('7z');
if (!$x7z_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", '7z'));
} else {
$status = system("$x7z_cmd x -aoa " . quotemeta("$cwd/$name") . " -o" . quotemeta($extract_to));
}
} elsif ($archive_type =~ /\/zip/) {
my $unzip_cmd = has_command('unzip');
if (!$unzip_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'unzip'));
} else {
my $unzip_out = `unzip --help`;
my $uu = ($unzip_out =~ /-UU/ ? '-UU' : undef);
$status = system("$unzip_cmd $uu -q -o " . quotemeta("$cwd/$name") . " -d " . quotemeta($extract_to));
}
} elsif ($archive_type =~ /\/x-rar|\/vnd\.rar/) {
my $unrar_cmd = has_command('unar') || has_command('unrar');
if (!$unrar_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'unrar/unar'));
} else {
if ($unrar_cmd =~ /unar$/) {
$status = system("$unrar_cmd " . quotemeta("$cwd/$name") . " -o " . quotemeta($extract_to));
} else {
$status = system("$unrar_cmd x -r -y -o+ " . quotemeta("$cwd/$name") . " " . quotemeta($extract_to));
}
}
} elsif ($archive_type =~ /\/x-rpm/) {
my $rpm2cpio_cmd = has_command('rpm2cpio');
my $cpio_cmd = has_command('cpio');
if (!$rpm2cpio_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'rpm2cpio'));
} elsif (!$cpio_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'cpio'));
} else {
$status = system("($rpm2cpio_cmd " . quotemeta("$cwd/$name") . " | (cd " . quotemeta($extract_to) . "; $cpio_cmd -idmv))");
}
} elsif ($archive_type =~ /\/x-deb|debian\.binary-package/) {
my $dpkg_cmd = has_command('dpkg');
if (!$dpkg_cmd) {
push(@errors, &text('extract_cmd_not_avail', "" . &html_escape($name) . "", 'dpkg'));
} else {
$status = system("$dpkg_cmd -x " . quotemeta("$cwd/$name") . " " . quotemeta($extract_to));
}
}
# Set permissions for all extracted files
my @perms = stat("$cwd/$name");
system("chown -R $perms[4]:$perms[5] " . quotemeta($extract_to));
# Delete empty extraction
rmdir($extract_to);
# Delete if no error
if ($delete && $status == 0) {
unlink_file("$cwd/$name");
}
}
return @errors;
}
1;