98 lines
3.1 KiB
PHP
98 lines
3.1 KiB
PHP
<?php
|
|
|
|
namespace BitApps\FM\Providers;
|
|
|
|
use BitApps\FM\Exception\PreCommandException;
|
|
use BitApps\FM\Plugin;
|
|
use BitApps\WPKit\Utils\Capabilities;
|
|
|
|
\defined('ABSPATH') or exit();
|
|
class FileEditValidator
|
|
{
|
|
public function validate($cmd, &$args, $elfinder, $volume)
|
|
{
|
|
try {
|
|
$this->checkPermission();
|
|
} catch (PreCommandException $th) {
|
|
return $th->getError();
|
|
}
|
|
|
|
$args['content'] = stripcslashes($args['content']); // Default wordpress slashing removed.
|
|
|
|
// Checking syntax for PHP file.
|
|
if (strpos($args['content'], '<?php') !== false) {
|
|
try {
|
|
$this->checkSyntax($args['content'], wp_basename($volume->getPath($args['target'])));
|
|
} catch (PreCommandException $th) {
|
|
return $th->getError();
|
|
}
|
|
}
|
|
}
|
|
|
|
public function checkSyntax($content, $fileName)
|
|
{
|
|
$error = '';
|
|
|
|
if (
|
|
(!\function_exists('exec') && Capabilities::check('install_plugins'))
|
|
|| (\defined('BFM_DISABLE_SYNTAX_CHECK') && BFM_DISABLE_SYNTAX_CHECK)
|
|
) {
|
|
return;
|
|
} else if (!\function_exists('exec')) {
|
|
$error = __('exec() is required for php syntax check');
|
|
} else {
|
|
$fp = tmpfile();
|
|
$metaData = stream_get_meta_data($fp);
|
|
$tempFilePath = $metaData['uri'];
|
|
fwrite($fp, $content);
|
|
exec('php -l ' . escapeshellarg($tempFilePath), $output, $return);
|
|
fclose($fp);
|
|
|
|
$errorMessages = [];
|
|
|
|
foreach ($output as $result) {
|
|
if (
|
|
strpos($result, 'No syntax errors detected') !== false
|
|
|| $result == ''
|
|
) {
|
|
continue;
|
|
}
|
|
|
|
if (strpos($result, 'Errors parsing') !== false) {
|
|
$error = wp_sprintf(
|
|
// translators: 1: Temporary file path
|
|
__('Errors parsing the file [ %s ] as php script', 'file-manager'),
|
|
$fileName
|
|
);
|
|
} else {
|
|
$errorMessages[] = $result;
|
|
}
|
|
}
|
|
|
|
if ($return !== 0 && !empty($errorMessages)) {
|
|
$error = !\is_string($errorMessages[0]) ? json_encode($errorMessages[0]) : $errorMessages[0];
|
|
}
|
|
}
|
|
|
|
if (!empty($error)) {
|
|
throw new PreCommandException(esc_html($error));
|
|
}
|
|
}
|
|
|
|
private function checkPermission()
|
|
{
|
|
$error = '';
|
|
if (\defined('DISALLOW_FILE_EDIT') && DISALLOW_FILE_EDIT) {
|
|
$error = __('File edit is disabled. To allow edit, please set DISALLOW_FILE_EDIT to false in wp-config file', 'file-manager');
|
|
}
|
|
|
|
if (empty($error) && !Plugin::instance()->permissions()->currentUserCanRun('edit')) {
|
|
$error = __('Not Authorized to edit file', 'file-manager');
|
|
}
|
|
|
|
if (!empty($error)) {
|
|
throw new PreCommandException(esc_html($error));
|
|
}
|
|
}
|
|
}
|