From b6d200489c31e36b71b82c76ceffc34c0e8e5e95 Mon Sep 17 00:00:00 2001
From: Andrey Kutejko <andy128k@gmail.com>
Date: Sun, 7 Apr 2019 10:55:41 +0200
Subject: [PATCH] remove global from admin filebrowser controller

---
 ipf/admin/controllers/file_browser.php | 95 ++++++++++++--------------
 ipf/controller/base.php                |  1 +
 2 files changed, 43 insertions(+), 53 deletions(-)

diff --git a/ipf/admin/controllers/file_browser.php b/ipf/admin/controllers/file_browser.php
index 332b4ed..c7b80a4 100644
--- a/ipf/admin/controllers/file_browser.php
+++ b/ipf/admin/controllers/file_browser.php
@@ -2,55 +2,9 @@
 
 class IPF_Admin_FileBrowser_Controller extends IPF_Admin_Base_Controller
 {
-    static function cmp($a, $b)
-    {
-        if ($a['name'] == $b['name'])
-            return 0;
-        return ($a['name'] < $b['name']) ? -1 : 1;
-    }
-
-    /** @var string */
-    protected $root;
-
-    /** @var string */
-    protected $dir;
-
-    /** @var string */
-    protected $relative;
-
-    protected function setRoot()
-    {
-        $this->root = realpath(IPF::getUploadPath()) . DIRECTORY_SEPARATOR;
-    }
-
-    protected function validatePath($path)
-    {
-        $path = realpath($path) . DIRECTORY_SEPARATOR;
-        if (!\PFF\Str::startsWith($path, $this->root))
-            throw new IPF_Admin_AccessDenied;
-        return $path;
-    }
-
-    protected function setCurrentDir()
-    {
-        $this->setRoot();
-        $this->dir = $this->validatePath(IPF::getUploadPath() . DIRECTORY_SEPARATOR . \PFF\Arr::get($this->request->REQUEST, 'dir', ''));
-        $this->relative = substr($this->dir, strlen($this->root));
-    }
-
-    protected function validateName($name)
-    {
-        $name = basename($name);
-        if (!$name || $name === '.' || $name === '..')
-            throw new IPF_Admin_AccessDenied;
-
-        return $name;
-    }
-
     protected function before($action)
     {
         $this->ensureUserIsStaff();
-        $this->setCurrentDir();
     }
 
     function index()
@@ -70,7 +24,9 @@ class IPF_Admin_FileBrowser_Controller extends IPF_Admin_Base_Controller
 
     function listDirectory()
     {
-        list($dirs, $files) = self::listDir($this->dir);
+        $dir = $this->validateDirectory($this->request->GET['dir']);
+
+        list($dirs, $files) = self::listDir($dir);
         return new IPF_HTTP_Response_Json([
             'dirs' => $dirs,
             'files' => $files,
@@ -79,43 +35,69 @@ class IPF_Admin_FileBrowser_Controller extends IPF_Admin_Base_Controller
 
     function rename()
     {
+        $dir = $this->validateDirectory($this->request->POST['dir']);
         $old_name = $this->validateName($this->request->POST['old_name']);
         $new_name = $this->validateName($this->request->POST['new_name']);
-        rename($this->dir . $old_name, $this->dir . $new_name);
+        rename($dir . $old_name, $dir . $new_name);
         return $this->noContent();
     }
 
     function move()
     {
-        $destination = $this->validatePath(IPF::getUploadPath() . DIRECTORY_SEPARATOR . \PFF\Arr::get($this->request->POST, 'destination', ''));
+        $dir = $this->validateDirectory($this->request->POST['dir']);
+        $destination = $this->validateDirectory($this->request->POST['destination']);
         $name = $this->validateName($this->request->POST['name']);
-        rename($this->dir . $name, $destination . $name);
+
+        rename($dir . $name, $destination . $name);
         return $this->noContent();
     }
 
     function mkdir()
     {
+        $dir = $this->validateDirectory($this->request->POST['dir']);
         $name = $this->validateName($this->request->POST['name']);
-        mkdir($this->dir . $name);
+        mkdir($dir . $name);
         return $this->noContent();
     }
 
     function delete()
     {
+        $dir = $this->validateDirectory($this->request->POST['dir']);
         $name = $this->validateName($this->request->POST['name']);
-        IPF_Utils::removeDirectories($this->dir . $name);
+        IPF_Utils::removeDirectories($dir . $name);
         return $this->noContent();
     }
 
     function upload()
     {
+        $dir = $this->validateDirectory($this->request->POST['dir']);
         foreach ($this->request->FILES['files'] as $file) {
-            $uploadfile = $this->dir . basename($file['name']);
+            $uploadfile = $dir . basename($file['name']);
             move_uploaded_file($file['tmp_name'], $uploadfile);
         }
         return $this->noContent();
     }
 
+    private function validateDirectory($path)
+    {
+        $settings = $this->container['settings'];
+        $uploadPath = $settings->get('document_root') . $settings->get('upload_url');
+        $root = realpath($uploadPath) . DIRECTORY_SEPARATOR;
+        $realpath = realpath($root . $path) . DIRECTORY_SEPARATOR;
+        if (!\PFF\Str::startsWith($realpath, $root))
+            throw new IPF_Admin_AccessDenied;
+        return $realpath;
+    }
+
+    private function validateName($name)
+    {
+        $name = basename($name);
+        if (!$name || $name === '.' || $name === '..')
+            throw new IPF_Admin_AccessDenied;
+
+        return $name;
+    }
+
     private static function withErrors($callable)
     {
         set_error_handler(function ($errno, $errstr, $errfile, $errline) {
@@ -167,6 +149,13 @@ class IPF_Admin_FileBrowser_Controller extends IPF_Admin_Base_Controller
         });
     }
 
+    static function cmp($a, $b)
+    {
+        if ($a['name'] == $b['name'])
+            return 0;
+        return ($a['name'] < $b['name']) ? -1 : 1;
+    }
+
     /**
      * @return IPF_HTTP_Response
      */
diff --git a/ipf/controller/base.php b/ipf/controller/base.php
index 3818b06..c1b7fcf 100644
--- a/ipf/controller/base.php
+++ b/ipf/controller/base.php
@@ -4,6 +4,7 @@ use Pimple\Container;
 
 class IPF_Controller
 {
+    /** @var IPF_HTTP_Request */
     protected $request;
     protected $params;
     /** @var Container */
-- 
2.49.0