1<% 2 ' FCKeditor - The text editor for Internet - http://www.fckeditor.net 3 ' Copyright (C) 2003-2010 Frederico Caldeira Knabben 4 ' 5 ' == BEGIN LICENSE == 6 ' 7 ' Licensed under the terms of any of the following licenses at your 8 ' choice: 9 ' 10 ' - GNU General Public License Version 2 or later (the "GPL") 11 ' http://www.gnu.org/licenses/gpl.html 12 ' 13 ' - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 14 ' http://www.gnu.org/licenses/lgpl.html 15 ' 16 ' - Mozilla Public License Version 1.1 or later (the "MPL") 17 ' http://www.mozilla.org/MPL/MPL-1.1.html 18 ' 19 ' == END LICENSE == 20 ' 21 ' This file include IO specific functions used by the ASP Connector. 22%> 23<% 24function CombinePaths( sBasePath, sFolder) 25 sFolder = replace(sFolder, "\", "/") 26 CombinePaths = RemoveFromEnd( sBasePath, "/" ) & "/" & RemoveFromStart( sFolder, "/" ) 27end function 28 29function CombineLocalPaths( sBasePath, sFolder) 30 sFolder = replace(sFolder, "/", "\") 31 ' The RemoveFrom* functions use RegExp, so we must escape the \ 32 CombineLocalPaths = RemoveFromEnd( sBasePath, "\\" ) & "\" & RemoveFromStart( sFolder, "\\" ) 33end function 34 35Function GetResourceTypePath( resourceType, sCommand ) 36 if ( sCommand = "QuickUpload") then 37 GetResourceTypePath = ConfigQuickUploadPath.Item( resourceType ) 38 else 39 GetResourceTypePath = ConfigFileTypesPath.Item( resourceType ) 40 end if 41end Function 42 43Function GetResourceTypeDirectory( resourceType, sCommand ) 44 if ( sCommand = "QuickUpload") then 45 46 if ( ConfigQuickUploadAbsolutePath.Item( resourceType ) <> "" ) then 47 GetResourceTypeDirectory = ConfigQuickUploadAbsolutePath.Item( resourceType ) 48 else 49 ' Map the "UserFiles" path to a local directory. 50 GetResourceTypeDirectory = Server.MapPath( ConfigQuickUploadPath.Item( resourceType ) ) 51 end if 52 else 53 if ( ConfigFileTypesAbsolutePath.Item( resourceType ) <> "" ) then 54 GetResourceTypeDirectory = ConfigFileTypesAbsolutePath.Item( resourceType ) 55 else 56 ' Map the "UserFiles" path to a local directory. 57 GetResourceTypeDirectory = Server.MapPath( ConfigFileTypesPath.Item( resourceType ) ) 58 end if 59 end if 60end Function 61 62Function GetUrlFromPath( resourceType, folderPath, sCommand ) 63 GetUrlFromPath = CombinePaths( GetResourceTypePath( resourceType, sCommand ), folderPath ) 64End Function 65 66Function RemoveExtension( fileName ) 67 RemoveExtension = Left( fileName, InStrRev( fileName, "." ) - 1 ) 68End Function 69 70Function ServerMapFolder( resourceType, folderPath, sCommand ) 71 Dim sResourceTypePath 72 ' Get the resource type directory. 73 sResourceTypePath = GetResourceTypeDirectory( resourceType, sCommand ) 74 75 ' Ensure that the directory exists. 76 CreateServerFolder sResourceTypePath 77 78 ' Return the resource type directory combined with the required path. 79 ServerMapFolder = CombineLocalPaths( sResourceTypePath, folderPath ) 80End Function 81 82Sub CreateServerFolder( folderPath ) 83 Dim oFSO 84 Set oFSO = Server.CreateObject( "Scripting.FileSystemObject" ) 85 86 Dim sParent 87 sParent = oFSO.GetParentFolderName( folderPath ) 88 89 ' If folderPath is a network path (\\server\folder\) then sParent is an empty string. 90 ' Get out. 91 if (sParent = "") then exit sub 92 93 ' Check if the parent exists, or create it. 94 If ( NOT oFSO.FolderExists( sParent ) ) Then CreateServerFolder( sParent ) 95 96 If ( oFSO.FolderExists( folderPath ) = False ) Then 97 On Error resume next 98 oFSO.CreateFolder( folderPath ) 99 100 if err.number<>0 then 101 dim sErrorNumber 102 Dim iErrNumber, sErrDescription 103 iErrNumber = err.number 104 sErrDescription = err.Description 105 106 On Error Goto 0 107 108 Select Case iErrNumber 109 Case 52 110 sErrorNumber = "102" ' Invalid Folder Name. 111 Case 70 112 sErrorNumber = "103" ' Security Error. 113 Case 76 114 sErrorNumber = "102" ' Path too long. 115 Case Else 116 sErrorNumber = "110" 117 End Select 118 119 SendError sErrorNumber, "CreateServerFolder(" & folderPath & ") : " & sErrDescription 120 end if 121 122 End If 123 124 Set oFSO = Nothing 125End Sub 126 127Function IsAllowedExt( extension, resourceType ) 128 Dim oRE 129 Set oRE = New RegExp 130 oRE.IgnoreCase = True 131 oRE.Global = True 132 133 Dim sAllowed, sDenied 134 sAllowed = ConfigAllowedExtensions.Item( resourceType ) 135 sDenied = ConfigDeniedExtensions.Item( resourceType ) 136 137 IsAllowedExt = True 138 139 If sDenied <> "" Then 140 oRE.Pattern = sDenied 141 IsAllowedExt = Not oRE.Test( extension ) 142 End If 143 144 If IsAllowedExt And sAllowed <> "" Then 145 oRE.Pattern = sAllowed 146 IsAllowedExt = oRE.Test( extension ) 147 End If 148 149 Set oRE = Nothing 150End Function 151 152Function IsAllowedType( resourceType ) 153 Dim oRE 154 Set oRE = New RegExp 155 oRE.IgnoreCase = False 156 oRE.Global = True 157 oRE.Pattern = "^(" & ConfigAllowedTypes & ")$" 158 159 IsAllowedType = oRE.Test( resourceType ) 160 161 Set oRE = Nothing 162End Function 163 164Function IsAllowedCommand( sCommand ) 165 Dim oRE 166 Set oRE = New RegExp 167 oRE.IgnoreCase = True 168 oRE.Global = True 169 oRE.Pattern = "^(" & ConfigAllowedCommands & ")$" 170 171 IsAllowedCommand = oRE.Test( sCommand ) 172 173 Set oRE = Nothing 174End Function 175 176function GetCurrentFolder() 177 dim sCurrentFolder 178 dim oRegex 179 180 sCurrentFolder = Request.QueryString("CurrentFolder") 181 If ( sCurrentFolder = "" ) Then sCurrentFolder = "/" 182 183 ' Check the current folder syntax (must begin and start with a slash). 184 If ( Right( sCurrentFolder, 1 ) <> "/" ) Then sCurrentFolder = sCurrentFolder & "/" 185 If ( Left( sCurrentFolder, 1 ) <> "/" ) Then sCurrentFolder = "/" & sCurrentFolder 186 187 ' Check for invalid folder paths (..) 188 If ( InStr( 1, sCurrentFolder, ".." ) <> 0 OR InStr( 1, sCurrentFolder, "\" ) <> 0) Then 189 SendError 102, "" 190 End If 191 192 Set oRegex = New RegExp 193 oRegex.Global = True 194 oRegex.Pattern = "(/\.)|(//)|([\\:\;\.\*\?\""\<\>\|]|[\u0000-\u001F]|\u007F)" 195 196 if (oRegex.Test(sCurrentFolder)) Then 197 SendError 102, "" 198 End If 199 200 GetCurrentFolder = sCurrentFolder 201end function 202 203' Do a cleanup of the folder name to avoid possible problems 204function SanitizeFolderName( sNewFolderName ) 205 Dim oRegex 206 Set oRegex = New RegExp 207 oRegex.Global = True 208 209' remove . \ / | : ? * " < > and control characters 210 oRegex.Pattern = "(\.|\\|\/|\||:|\?|\;|\*|""|\<|\>|[\u0000-\u001F]|\u007F)" 211 SanitizeFolderName = oRegex.Replace( sNewFolderName, "_" ) 212 213 Set oRegex = Nothing 214end function 215 216' Do a cleanup of the file name to avoid possible problems 217function SanitizeFileName( sNewFileName ) 218 Dim oRegex 219 Set oRegex = New RegExp 220 oRegex.Global = True 221 222 if ( ConfigForceSingleExtension = True ) then 223 oRegex.Pattern = "\.(?![^.]*$)" 224 sNewFileName = oRegex.Replace( sNewFileName, "_" ) 225 end if 226 227' remove \ / | : ? * " < > and control characters 228 oRegex.Pattern = "(\\|\/|\||:|\;|\?|\*|""|\<|\>|[\u0000-\u001F]|\u007F)" 229 SanitizeFileName = oRegex.Replace( sNewFileName, "_" ) 230 231 Set oRegex = Nothing 232end function 233 234' This is the function that sends the results of the uploading process. 235Sub SendUploadResults( errorNumber, fileUrl, fileName, customMsg ) 236 Response.Clear 237 Response.Write "<script type=""text/javascript"">" 238 ' Minified version of the document.domain automatic fix script (#1919). 239 ' The original script can be found at _dev/domain_fix_template.js 240 Response.Write "(function(){var d=document.domain;while (true){try{var A=window.parent.document.domain;break;}catch(e) {};d=d.replace(/.*?(?:\.|$)/,'');if (d.length==0) break;try{document.domain=d;}catch (e){break;}}})();" 241 242 Response.Write "window.parent.OnUploadCompleted(" & errorNumber & ",""" & Replace( fileUrl, """", "\""" ) & """,""" & Replace( fileName, """", "\""" ) & """,""" & Replace( customMsg , """", "\""" ) & """) ;" 243 Response.Write "</script>" 244 Response.End 245End Sub 246 247%> 248