=' )) { $access = $my->authorise('core.admin'); } else { $access = $my->usertype == 'Super Administrator'; } if (!$access) { $url = htmlspecialchars($_SERVER['PHP_SELF']); if (headers_sent()) { echo "\n"; } else { @ob_end_clean(); // clear output buffer header( 'HTTP/1.1 403 Forbidden' ); header( "Location: ". $url ); } } } /** Needed to keep the filelist in the XML installer file up-to-date $path = dirname(__FILE__); $filelist = extReadDirectory( $path, '.', true, true ); $contents =''; foreach($filelist as $file ) { if( is_dir( $file ) || strstr(dirname($file), "scripts" )) continue; $filepath = str_replace( $path.'/', '', $file ); $contents .= ''.$filepath."\n"; } file_put_contents( 'extplorer_filelist.txt', $contents ); */ //------------------------------------------------------------------------------ if( $action == "post" ) $action = extGetParam( $_REQUEST, "do_action" ); elseif( empty( $action )) $action = "list"; if( $action != 'show_error') { ext_Result::init(); } if( defined( '_LOGIN_REQUIRED')) return; // Empty the output buffer if this is a XMLHttpRequest if( ext_isXHR() ) { error_reporting(0); while( @ob_end_clean() ); } if( file_exists( _EXT_PATH . '/include/'. strtolower(basename( $action )) .'.php') ) { require_once( _EXT_PATH . '/include/'. strtolower(basename( $action )) .'.php'); } $classname = 'ext_'.$action; if( class_exists(strtolower($classname)) && is_callable(array($classname,'execaction'))) { $handler = new $classname(); $handler->execAction( $dir, $item ); } else { switch($action) { // Execute actions, which are not in class file //------------------------------------------------------------------------------ // COPY/MOVE FILE(S)/DIR(S) case "copy": case "move": require_once( _EXT_PATH ."/include/copy_move.php" ); ext_copy_move_items($dir); break; //------------------------------------------------------------------------------ // SEARCH FOR FILE(S)/DIR(S) case "search": require_once( _EXT_PATH ."/include/search.php" ); ext_search_items($dir); break; //------------------------------------------------------------------------------ // USER-ADMINISTRATION case "admin": require_once( _EXT_PATH . "/include/admin.php" ); ext_show_admin($dir); break; //------------------------------------------------------------------------------ // BOOKMARKS case 'modify_bookmark': $task = extGetParam( $_REQUEST, 'task' ); require_once( _EXT_PATH.'/include/bookmarks.php' ); ext_modify_bookmark( $task, $dir ); break; //------------------------------------------------------------------------------ case 'show_error': ext_Result::sendResult('', false, ''); break; case'get_about': require_once( _EXT_PATH . "/include/system_info.php" ); system_info(); break; //------------------------------------------------------------------------------ // DEFAULT: LIST FILES & DIRS case "getdircontents": require_once( _EXT_PATH . "/include/list.php" ); $requestedDir = stripslashes(str_replace( '_RRR_', '/', extGetParam( $_REQUEST, 'node' ))); if( empty($requestedDir) || $requestedDir == 'ext_root') { $requestedDir = $dir; } if (!down_home(get_abs_dir($requestedDir))) { ext_Result::sendResult('', false, $requestedDir.": ".$GLOBALS["error_msg"]["abovehome"]); $requestedDir = ''; } send_dircontents( $requestedDir, extGetParam($_REQUEST,'sendWhat','files') ); break; case 'get_dir_selects': echo get_dir_selects( $dir ); break; case 'chdir_event': require_once( _EXT_PATH.'/include/bookmarks.php' ); $response = Array( 'bookmarks' => ext_list_bookmarks($dir) ); $classname = class_exists('ext_Json') ? 'ext_Json' : 'Services_JSON'; $json = new $classname(); echo $json->encode( $response ); break; case 'get_image': require_once( _EXT_PATH . "/include/view.php" ); ext_View::sendImage( $dir, $item ); case 'ftp_authentication': case 'ssh2_authentication': case 'extplorer_authentication': $auth_info = explode('_', $action); $auth_classname = 'ext_'.$action; require_once(_EXT_PATH.'/include/authentication/'.$auth_info[0].'.php'); $auth_plugin = new $auth_classname(); $auth_plugin->onShowLoginForm(); break; default: require_once( _EXT_PATH . "/include/list.php" ); ext_List::execAction($dir); //------------------------------------------------------------------------------ } // end switch-statement } //------------------------------------------------------------------------------ // Disconnect from ftp server if( ext_isFTPMode() && is_object($GLOBALS['FTPCONNECTION']) ) { $GLOBALS['FTPCONNECTION']->disconnect(); } // Empty the output buffer if this is a XMLHttpRequest if( ext_isXHR() ) { ext_exit(); }