Project

General

Profile

Revision 89ef31e5

Added by Sören Eberhardt-Biermann 7 months ago

  • ID 89ef31e51281c614e47f74910e817c16b647a146
  • Parent a9f20108

- fixing various smaller bugs, for PHP 5.3 and for PHP 7.0 (Issue #3)
- fixed SQL queries for WebDAV not being run on installation in Joomla
- re-added update URL in Joomla! manifest XML file

View differences:

CHANGELOG.txt
2 2
Changelog for eXtplorer
3 3
Version $Id: CHANGELOG.txt 249 2016-12-11 16:11:03Z soeren $
4 4
****************************
5
--- version 2.1.11 ---
6
- PHP 5.3 compatibility fixes
5 7

  
6 8
--- version 2.1.10 ---
7 9
- fixed vulnerability discovered by ADLab of Venustech (command injection, but requires admin access)
config/mimes.php
8 8
	array(".asm", ".rc", ".hh", ".hxx", ".odl", ".idl", ".rc2", ".dlg", ".less"
9 9
	,".php", ".php3", ".php4", ".php5", ".phtml", ".inc", ".sql", ".csv"
10 10
	,".vb", ".vbs", ".bas", ".frm", ".cls", ".ctl", ".rb", ".htm", ".html", ".shtml", ".dhtml", ".xml"
11
	,".js", ".css", ".cgi", ".cpp", ".c", ".cc", ".cxx", ".hpp", ".h", ".lua"
11
	,".js", ".css", ".scss", ".cgi", ".cpp", ".c", ".cc", ".cxx", ".hpp", ".h", ".lua"
12 12
	,".pas", ".p", ".pl", ".java", ".py", ".sh", ".bat", ".tcl", ".tk"
13 13
	,".txt", ".ini", ".conf", ".properties", ".htaccess", ".htpasswd");
14 14

  
......
58 58
	"xml"	=> array(extGetParam( $GLOBALS["mimes"], 'xml', 'XML' ),   "extension/xml.png",   ".xml"),
59 59
	"js"	=> array(extGetParam( $GLOBALS["mimes"], 'js', 'JS' ),    "extension/js.png",    ".js"),
60 60
	"css"	=> array(extGetParam( $GLOBALS["mimes"], 'css', 'CSS' ),   "extension/css.png",   ".css"),
61
	"scss"	=> array(extGetParam( $GLOBALS["mimes"], 'css', 'CSS' ),   "extension/css.png",   ".scss"),
61 62
	
62 63
	// images
63 64
	"gif"	=> array(extGetParam( $GLOBALS["mimes"], 'gif', 'GIF' ),   "extension/gif.png",   ".gif"),
extplorer.j15.xml
4 4
<!-- Joomla! 1.5 Installer XML File
5 5
$Id: extplorer.j15.xml 249 2016-12-11 16:11:03Z soeren $ -->
6 6
    <name>eXtplorer</name>
7
    <creationDate>22.06.2017</creationDate>
7
    <creationDate>12.12.2017</creationDate>
8 8
    <author>soeren, QuiX Project</author>
9 9
    <copyright>Soeren Eberhardt-Biermann, QuiX Project</copyright>
10 10
    <license>GNU/GPL, alternative: MPL</license>
11 11
    <authorEmail>info|at|extplorer.net</authorEmail>
12 12
    <authorUrl>http://extplorer.net/</authorUrl>
13
    <version>2.1.10</version>
13
    <version>2.1.11</version>
14 14
    <description><![CDATA[
15 15
	<div align="left"><img src="components/com_extplorer/images/eXtplorer_logo.png" alt="eXtplorer Logo" /></div>
16 16
	<h2>Successfully installed eXtplorer&nbsp;</h2>
......
36 36
    <install>
37 37
    	<queries>
38 38
			<query>CREATE TABLE IF NOT EXISTS `#__extwebdav_locks` (
39
						  token varchar(255) NOT NULL default '',
40
						  path varchar(200) NOT NULL default '',
41
						  expires int(11) NOT NULL default '0',
42
						  owner varchar(200) default NULL,
43
						  recursive int(11) default '0',
44
						  writelock int(11) default '0',
45
						  exclusivelock int(11) NOT NULL default 0,
46
						  PRIMARY KEY  (token),
47
						  UNIQUE KEY token (token),
48
						  KEY path (path),
49
						  KEY expires (expires)
50
						) ENGINE=MyISAM;
39
				`token` varchar(255) NOT NULL default '',
40
				`path` varchar(200) NOT NULL default '',
41
				`expires` int(11) NOT NULL default '0',
42
				`owner` varchar(200) default NULL,
43
				`recursive` int(11) default '0',
44
				`writelock` int(11) default '0',
45
				`exclusivelock` int(11) NOT NULL default 0,
46
				PRIMARY KEY  (`token`),
47
				UNIQUE KEY token (`token`),
48
				KEY `path` (`path`),
49
				KEY `expires` (`expires`)
50
				) ENGINE=MyISAM
51 51
			</query>
52 52
			<query>CREATE TABLE IF NOT EXISTS `#__extwebdav_properties` (
53
						  path varchar(255) NOT NULL default '',
54
						  name varchar(120) NOT NULL default '',
55
						  ns varchar(120) NOT NULL default 'DAV:',
56
						  value text,
57
						  PRIMARY KEY ( `ns` ( 100 ) , `path` ( 100 ) , `name` ( 50 ) ),
58
						  KEY path (path)
59
						) ENGINE=MyISAM;
53
				`path` varchar(255) NOT NULL default '',
54
				`name` varchar(120) NOT NULL default '',
55
				`ns` varchar(120) NOT NULL default 'DAV:',
56
				`value` text,
57
				PRIMARY KEY ( `ns` ( 100 ) , `path` ( 100 ) , `name` ( 50 ) ),
58
				KEY `path` (`path`)
59
				) ENGINE=MyISAM
60 60
			</query>
61 61

  
62 62
	</queries>
extplorer.j30.xml
3 3
<!-- Joomla! 3.0 Installer XML File 
4 4
$Id: extplorer.j30.xml 249 2016-12-11 16:11:03Z soeren $ -->
5 5
    <name>eXtplorer</name>
6
    <creationDate>22.06.2017</creationDate>
6
    <creationDate>12.12.2017</creationDate>
7 7
    <author>soeren, QuiX Project</author>
8 8
    <copyright>Soeren Eberhardt-Biermann, QuiX Project</copyright>
9 9
    <authorEmail>info|-at|-extplorer.net</authorEmail>
10 10
    <authorUrl>http://extplorer.net/</authorUrl>
11
    <version>2.1.10</version>
11
    <version>2.1.11</version>
12 12
    <description><![CDATA[
13 13
	<div align="left"><img src="components/com_extplorer/images/eXtplorer_logo.png" alt="eXtplorer Logo" /></div>
14 14
	<h2>Successfully installed eXtplorer&nbsp;</h2>
......
23 23
	  <strong>By default restricted to Superadministrators!</strong>
24 24
	]]></description>
25 25
	<scriptfile>install.extplorer.php</scriptfile>
26
 <updateservers>
27
    <server type="extension" priority="2" name="eXtplorer Updates">http://extplorer.net/extplorer_update.xml</server>
28
 </updateservers>
29 26
    <files><!-- Frontend Files! -->
30 27
        <filename>configuration.ext.php</filename>
31 28
        <filename>extplorer.php</filename>
32 29
        <filename>extplorer.init.php</filename>
33 30
        <filename>extplorer.list.php</filename>
34 31
    </files>
35
   <install>
36
    	<queries>
37
			<query>CREATE TABLE IF NOT EXISTS `#__extwebdav_locks` (
38
						  token varchar(255) NOT NULL default '',
39
						  path varchar(200) NOT NULL default '',
40
						  expires int(11) NOT NULL default '0',
41
						  owner varchar(200) default NULL,
42
						  recursive int(11) default '0',
43
						  writelock int(11) default '0',
44
						  exclusivelock int(11) NOT NULL default 0,
45
						  PRIMARY KEY  (token),
46
						  UNIQUE KEY token (token),
47
						  KEY path (path),
48
						  KEY expires (expires)
49
						) ENGINE=MyISAM
50
			</query>
51
			<query>CREATE TABLE IF NOT EXISTS `#__extwebdav_properties` (
52
						  path varchar(255) NOT NULL default '',
53
						  name varchar(120) NOT NULL default '',
54
						  ns varchar(120) NOT NULL default 'DAV:',
55
						  value text,
56
						  PRIMARY KEY ( `ns` ( 100 ) , `path` ( 100 ) , `name` ( 50 ) ),
57
						  KEY path (path)
58
						) ENGINE=MyISAM
59
			</query>
32
   	<install>
33
		<sql>
34
			<file driver="mysql" charset="utf8">sql/install.mysql.utf8.sql</file>
35
		</sql>
36
	</install>
60 37

  
61
	</queries>
62
    </install>
63 38
    <uninstall>
64
    	<queries>
65
				<query>DROP TABLE IF EXISTS `#__extwebdav_locks`</query>
66
				<query>DROP TABLE IF EXISTS `#__extwebdav_properties`</query>
67
			</queries>    	
39
		<sql>
40
			<file driver="mysql" charset="utf8">sql/uninstall.mysql.utf8.sql</file>
41
		</sql>
68 42
    </uninstall>
43

  
44
	<updateservers>
45
		<server type="extension" priority="2" name="eXtplorer Updates">http://extplorer.net/extplorer_update.xml</server>
46
	</updateservers>
69 47
    
70 48
    <administration>
71 49
        <menu>eXtplorer</menu>
......
462 440
				<filename>libraries/inputfilter.php</filename>
463 441
				<filename>libraries/lib_zip.php</filename>
464 442
				<filename>libraries/standalone.php</filename>
443
				<filename>sql/install.mysql.utf8.sql</filename>
444
				<filename>sql/uninstall.mysql.utf8.sql</filename>
465 445
				<filename>style/index.html</filename>
466 446
				<filename>style/opacity.js</filename>
467 447
				<filename>style/style.css</filename>
extplorer.xml
3 3
<!-- Joomla! 1.0 Installer XML File 
4 4
$Id: extplorer.xml 249 2016-12-11 16:11:03Z soeren $ -->
5 5
    <name>eXtplorer</name>
6
    <creationDate>22.06.2017</creationDate>
6
    <creationDate>12.12.2017</creationDate>
7 7
    <author>soeren, QuiX Project</author>
8 8
    <copyright>Soeren Eberhardt-Biermann, QuiX Project</copyright>
9 9
    <authorEmail>info|-at|-extplorer.net</authorEmail>
10 10
    <authorUrl>http://extplorer.net/</authorUrl>
11
    <version>2.1.10</version>
11
    <version>2.1.11</version>
12 12
    <description><![CDATA[
13 13
	<div align="left"><img src="components/com_extplorer/images/eXtplorer_logo.png" alt="eXtplorer Logo" /></div>
14 14
	<h2>Successfully installed eXtplorer&nbsp;</h2>
......
31 31
   <install>
32 32
    	<queries>
33 33
			<query>CREATE TABLE IF NOT EXISTS `#__extwebdav_locks` (
34
						  token varchar(255) NOT NULL default '',
35
						  path varchar(200) NOT NULL default '',
36
						  expires int(11) NOT NULL default '0',
37
						  owner varchar(200) default NULL,
38
						  recursive int(11) default '0',
39
						  writelock int(11) default '0',
40
						  exclusivelock int(11) NOT NULL default 0,
41
						  PRIMARY KEY  (token),
42
						  UNIQUE KEY token (token),
43
						  KEY path (path),
44
						  KEY expires (expires)
45
						) TYPE=MyISAM
34
				`token` varchar(255) NOT NULL default '',
35
				`path` varchar(200) NOT NULL default '',
36
				`expires` int(11) NOT NULL default '0',
37
				`owner` varchar(200) default NULL,
38
				`recursive` int(11) default '0',
39
				`writelock` int(11) default '0',
40
				`exclusivelock` int(11) NOT NULL default 0,
41
						  PRIMARY KEY  (`token`),
42
						  UNIQUE KEY token (`token`),
43
						  KEY `path` (`path`),
44
						  KEY `expires` (`expires`)
45
						) ENGINE=MyISAM
46 46
			</query>
47 47
			<query>CREATE TABLE IF NOT EXISTS `#__extwebdav_properties` (
48
						  path varchar(255) NOT NULL default '',
49
						  name varchar(120) NOT NULL default '',
50
						  ns varchar(120) NOT NULL default 'DAV:',
51
						  value text,
48
				`path` varchar(255) NOT NULL default '',
49
				`name` varchar(120) NOT NULL default '',
50
				`ns` varchar(120) NOT NULL default 'DAV:',
51
				`value` text,
52 52
						  PRIMARY KEY ( `ns` ( 100 ) , `path` ( 100 ) , `name` ( 50 ) ),
53
						  KEY path (path)
54
						) TYPE=MyISAM
53
						  KEY `path` (`path`)
54
						) ENGINE=MyISAM
55 55
			</query>
56 56

  
57 57
	</queries>
include/list.php
296 296
		$items['items'][$i]['perms'] = $perms. ' (' . parse_file_perms($perms) . ')';
297 297

  
298 298
		if (extension_loaded("posix")) {
299
			if ($file_info["uid"]) {
299
			if (isset($file_info["uid"])) {
300 300
				$user_info = posix_getpwuid($file_info["uid"]);
301 301
				//$group_info = posix_getgrgid($file_info["gid"]);
302 302
				$items['items'][$i]['owner'] = $user_info["name"]. " (".$file_info["uid"].")";
include/search.php
228 228
	$array = array();
229 229
	for($i=0;$i<$cnt;++$i) {
230 230
		$dir = $list[$i][0];	$item = $list[$i][1];
231
		$s_dir=str_replace($GLOBALS['home_dir'], '', $dir );	
231
		$s_dir=str_ireplace($GLOBALS['home_dir'], '', $dir );
232 232
		if(strlen($s_dir)>65) $s_dir=substr($s_dir,0,62)."...";
233
		$s_item=$item;	if(strlen($s_item)>45) $s_item=substr($s_item,0,42)."...";
233
		$s_item=str_ireplace($GLOBALS['home_dir'], '', $item );	if(strlen($s_item)>45) $s_item=substr($s_item,0,42)."...";
234 234
		$link = "";	$target = "";
235 235
		
236 236
		
......
246 246
		}
247 247
		$array[$i]['last_mtime'] = ext_isFTPMode() ? $GLOBALS['ext_File']->filemtime($GLOBALS['home_dir'].'/'.$dir.'/'.$item) : filemtime($dir.'/'.$item);
248 248
		$array[$i]['file_id'] = md5($s_dir.$s_item);
249
		$array[$i]['dir'] = str_replace($GLOBALS['home_dir'], '', $dir );
249
		$array[$i]['dir'] = str_ireplace($GLOBALS['home_dir'], '', $dir );
250 250
		$array[$i]['s_dir'] = empty($s_dir) ? '' : $s_dir;
251 251
		$array[$i]['file'] = $s_item;
252 252
		$array[$i]['link'] = $link;
libraries/PasswordHash.php
30 30
	var $portable_hashes;
31 31
	var $random_state;
32 32

  
33
	function PasswordHash($iteration_count_log2, $portable_hashes)
33
	function __construct($iteration_count_log2, $portable_hashes)
34 34
	{
35 35
		$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
36 36

  
libraries/standalone.php
61 61
	* @param string The url option
62 62
	* @param string The path of the ext directory
63 63
	*/
64
	function extMainFrame() {
64
	function __construct() {
65 65
		session_name( 'eXtplorer' );
66 66
		if( !@is_writable(ini_get('session.save_path')) && ini_get('session.save_handler') == 'files') {
67 67
			ini_set('session.save_path', realpath( dirname( __FILE__ ).'/../ftp_tmp') );
sql/install.mysql.utf8.sql
1
CREATE TABLE IF NOT EXISTS `#__extwebdav_locks` (
2
				`token` varchar(255) NOT NULL default '',
3
				`path` varchar(200) NOT NULL default '',
4
				`expires` int(11) NOT NULL default '0',
5
				`owner` varchar(200) default NULL,
6
				`recursive` int(11) default '0',
7
				`writelock` int(11) default '0',
8
				`exclusivelock` int(11) NOT NULL default 0,
9
						  PRIMARY KEY  (`token`),
10
						  UNIQUE KEY token (`token`),
11
						  KEY `path` (`path`),
12
						  KEY `expires` (`expires`)
13
						) ENGINE=MyISAM;
14
CREATE TABLE IF NOT EXISTS `#__extwebdav_properties` (
15
				`path` varchar(255) NOT NULL default '',
16
				`name` varchar(120) NOT NULL default '',
17
				`ns` varchar(120) NOT NULL default 'DAV:',
18
				`value` text,
19
						  PRIMARY KEY ( `ns` ( 100 ) , `path` ( 100 ) , `name` ( 50 ) ),
20
						  KEY `path` (`path`)
21
						) ENGINE=MyISAM;
sql/uninstall.mysql.utf8.sql
1
DROP TABLE IF EXISTS `#__extwebdav_locks`;
2
DROP TABLE IF EXISTS `#__extwebdav_properties`;

Also available in: Unified diff