first commit

modules/revsliderprestashop/include/filemanager/ajax_calls.php

@@ -0,0 +1,721 @@
+<?php
+//if (!defined('_PS_VERSION_')) {  exit; }
+$config = include 'config/config.php';
+//TODO switch to array
+extract($config, EXTR_OVERWRITE);
+
+require_once 'include/utils.php';
+
+//if ($_SESSION['SDSRF']["verify"] != "RESPONSIVEfilemanager")
+//{
+//	response(trans('forbiden').AddErrorLocation())->send();
+//	exit;
+//}
+
+$languages = include 'lang/languages.php';
+
+//if (isset($_SESSION['SDSRF']['language']) && file_exists('lang/' . basename($_SESSION['SDSRF']['language']) . '.php'))
+//{
+//	if(array_key_exists($_SESSION['SDSRF']['language'],$languages)){
+//		include 'lang/' . basename($_SESSION['SDSRF']['language']) . '.php';
+//	}else{
+//		response(trans('Lang_Not_Found').AddErrorLocation())->send();
+//		exit;
+//	}
+//} else {
+//	response(trans('Lang_Not_Found').AddErrorLocation())->send();
+//	exit;
+//}
+
+$ftp = ftp_con($config);
+
+if(isset($_GET['action']))
+{
+	switch($_GET['action'])
+	{
+		case 'new_file_form':
+			echo trans('Filename') . ': <input type="text" id="create_text_file_name" style="height:30px"> <select id="create_text_file_extension" style="margin:0;width:100px;">';
+			foreach($config['editable_text_file_exts'] as $ext){
+				echo '<option value=".'.$ext.'">.'.$ext.'</option>';
+			}
+			echo '</select><br><hr><textarea id="textfile_create_area" style="width:100%;height:150px;"></textarea>';
+		break;
+		case 'view':
+			if(isset($_GET['type']))
+			{
+				$_SESSION['SDSRF']["view_type"] = $_GET['type'];
+			}
+			else
+			{
+				response(trans('view type number missing').AddErrorLocation())->send();
+				exit;
+			}
+			break;
+		case 'filter':
+			if (isset($_GET['type']))
+			{
+				if (isset($remember_text_filter) && $remember_text_filter)
+				{
+					$_SESSION['SDSRF']["filter"] = $_GET['type'];
+				}
+			}
+			else {
+				response(trans('view type number missing').AddErrorLocation())->send();
+				exit;
+			}
+			break;
+		case 'sort':
+			if (isset($_GET['sort_by']))
+			{
+				$_SESSION['SDSRF']["sort_by"] = $_GET['sort_by'];
+			}
+
+			if (isset($_GET['descending']))
+			{
+				$_SESSION['SDSRF']["descending"] = $_GET['descending'];
+			}
+			break;
+		case 'image_size': // not used
+			$pos = strpos($_POST['path'], $upload_dir);
+			if ($pos !== false)
+			{
+				$info = getimagesize(substr_replace($_POST['path'], $current_path, $pos, strlen($upload_dir)));
+				response($info)->send();
+				exit;
+			}
+			break;
+		case 'save_img':
+			$info = pathinfo($_POST['name']);
+
+			if (
+				strpos($_POST['path'], '/') === 0
+				|| strpos($_POST['path'], '../') !== false
+				|| strpos($_POST['path'], '..\\') !== false
+				|| strpos($_POST['path'], './') === 0
+				|| (strpos($_POST['url'], 'http://s3.amazonaws.com/feather') !== 0 && strpos($_POST['url'], 'https://s3.amazonaws.com/feather') !== 0)
+				|| $_POST['name'] != fix_filename($_POST['name'], $config)
+				|| ! in_array(strtolower($info['extension']), array( 'jpg', 'jpeg', 'png' ))
+			)
+			{
+				response(trans('wrong data').AddErrorLocation())->send();
+				exit;
+			}
+			$image_data = get_file_by_url($_POST['url']);
+			if ($image_data === false)
+			{
+				response(trans('Aviary_No_Save').AddErrorLocation())->send();
+				exit;
+			}
+
+			if (!checkresultingsize(strlen($image_data))) {
+				response(sprintf(trans('max_size_reached'),$MaxSizeTotal).AddErrorLocation())->send();
+				exit;
+			}
+			if($ftp){
+
+				$temp = tempnam('/tmp','RF');
+				unlink($temp);
+				$temp .=".".substr(strrchr($_POST['url'],'.'),1);
+				file_put_contents($temp,$image_data);
+
+				$ftp->put($ftp_base_folder.$upload_dir . $_POST['path'] . $_POST['name'], $temp, FTP_BINARY);
+
+				create_img($temp,$temp,122,91);
+				$ftp->put($ftp_base_folder.$ftp_thumbs_dir. $_POST['path'] . $_POST['name'], $temp, FTP_BINARY);
+
+				unlink($temp);
+			}else{
+
+				file_put_contents($current_path . $_POST['path'] . $_POST['name'],$image_data);
+				create_img($current_path . $_POST['path'] . $_POST['name'], $thumbs_base_path.$_POST['path'].$_POST['name'], 122, 91);
+				// TODO something with this function cause its blowing my mind
+				new_thumbnails_creation(
+					$current_path.$_POST['path'],
+					$current_path.$_POST['path'].$_POST['name'],
+					$_POST['name'],
+					$current_path,
+					$relative_image_creation,
+					$relative_path_from_current_pos,
+					$relative_image_creation_name_to_prepend,
+					$relative_image_creation_name_to_append,
+					$relative_image_creation_width,
+					$relative_image_creation_height,
+					$relative_image_creation_option,
+					$fixed_image_creation,
+					$fixed_path_from_filemanager,
+					$fixed_image_creation_name_to_prepend,
+					$fixed_image_creation_to_append,
+					$fixed_image_creation_width,
+					$fixed_image_creation_height,
+					$fixed_image_creation_option
+				);
+			}
+			break;
+		case 'extract':
+			if (	strpos($_POST['path'], '/') === 0 
+				|| strpos($_POST['path'], '../') !== false 
+				|| strpos($_POST['path'], '..\\') !== false 
+				|| strpos($_POST['path'], './') === 0)
+			{
+				response(trans('wrong path'.AddErrorLocation()))->send();
+				exit;
+			}
+
+			if($ftp){
+				$path = $ftp_base_url.$upload_dir . $_POST['path'];
+				$base_folder = $ftp_base_url.$upload_dir . fix_dirname($_POST['path']) . "/";
+			}else{
+				$path = $current_path . $_POST['path'];
+				$base_folder = $current_path . fix_dirname($_POST['path']) . "/";
+			}
+
+			$info = pathinfo($path);
+
+			if($ftp){
+				$tempDir = tempdir();
+				$temp = tempnam($tempDir,'RF');
+				unlink($temp);
+				$temp .=".".$info['extension'];
+				$handle = fopen($temp, "w");
+				fwrite($handle, file_get_contents($path));
+				fclose($handle);
+				$path = $temp;
+				$base_folder = $tempDir."/";
+			}
+
+			$info = pathinfo($path);
+
+			switch ($info['extension'])
+			{
+				case "zip":
+					$zip = new ZipArchive;
+					if ($zip->open($path) === true)
+					{
+						//get total size
+						$sizeTotalFinal = 0;
+						for ($i = 0; $i < $zip->numFiles; $i++)
+						{
+							$aStat = $zip->statIndex($i);
+							$sizeTotalFinal += $aStat['size'];
+						}
+						if (!checkresultingsize($sizeTotalFinal)) {
+							response(sprintf(trans('max_size_reached'),$MaxSizeTotal).AddErrorLocation())->send();
+							exit;
+						}
+
+						//make all the folders
+						for ($i = 0; $i < $zip->numFiles; $i++)
+						{
+							$OnlyFileName = $zip->getNameIndex($i);
+							$FullFileName = $zip->statIndex($i);
+							if (substr($FullFileName['name'], -1, 1) == "/")
+							{
+								create_folder($base_folder . $FullFileName['name']);
+							}
+						}
+						//unzip into the folders
+						for ($i = 0; $i < $zip->numFiles; $i++)
+						{
+							$OnlyFileName = $zip->getNameIndex($i);
+							$FullFileName = $zip->statIndex($i);
+
+							if ( ! (substr($FullFileName['name'], -1, 1) == "/"))
+							{
+								$fileinfo = pathinfo($OnlyFileName);
+								if (in_array(strtolower($fileinfo['extension']), $ext))
+								{
+									copy('zip://' . $path . '#' . $OnlyFileName, $base_folder . $FullFileName['name']);
+								}
+							}
+						}
+						$zip->close();
+					} else {
+						response(trans('Zip_No_Extract').AddErrorLocation())->send();
+						exit;
+					}
+
+					break;
+
+				case "gz":
+					// No resulting size pre-control available
+					$p = new PharData($path);
+					$p->decompress(); // creates files.tar
+
+					break;
+
+				case "tar":
+					// No resulting size pre-control available
+					// unarchive from the tar
+					$phar = new PharData($path);
+					$phar->decompressFiles();
+					$files = array();
+					check_files_extensions_on_phar($phar, $files, '', $ext);
+					$phar->extractTo($base_folder, $files, true);
+
+					break;
+
+				default:
+					response(trans('Zip_Invalid').AddErrorLocation())->send();
+					exit;
+			}
+
+			if($ftp){
+				unlink($path);
+				$ftp->putAll($base_folder, "/".$ftp_base_folder . $upload_dir . fix_dirname($_POST['path']), FTP_BINARY);
+				deleteDir($base_folder);
+			}
+
+
+			break;
+		case 'media_preview':
+			if($ftp){
+				$preview_file = $ftp_base_url.$upload_dir . $_GET['file'];
+			}else{
+				$preview_file = $current_path . $_GET["file"];
+			}
+			$info = pathinfo($preview_file);
+			ob_start();
+			?>
+			<div id="jp_container_1" class="jp-video " style="margin:0 auto;">
+				<div class="jp-type-single">
+				<div id="jquery_jplayer_1" class="jp-jplayer"></div>
+				<div class="jp-gui">
+					<div class="jp-video-play">
+					<a href="javascript:;" class="jp-video-play-icon" tabindex="1">play</a>
+					</div>
+					<div class="jp-interface">
+					<div class="jp-progress">
+						<div class="jp-seek-bar">
+						<div class="jp-play-bar"></div>
+						</div>
+					</div>
+					<div class="jp-current-time"></div>
+					<div class="jp-duration"></div>
+					<div class="jp-controls-holder">
+						<ul class="jp-controls">
+						<li><a href="javascript:;" class="jp-play" tabindex="1">play</a></li>
+						<li><a href="javascript:;" class="jp-pause" tabindex="1">pause</a></li>
+						<li><a href="javascript:;" class="jp-stop" tabindex="1">stop</a></li>
+						<li><a href="javascript:;" class="jp-mute" tabindex="1" title="mute">mute</a></li>
+						<li><a href="javascript:;" class="jp-unmute" tabindex="1" title="unmute">unmute</a></li>
+						<li><a href="javascript:;" class="jp-volume-max" tabindex="1" title="max volume">max volume</a></li>
+						</ul>
+						<div class="jp-volume-bar">
+						<div class="jp-volume-bar-value"></div>
+						</div>
+						<ul class="jp-toggles">
+						<li><a href="javascript:;" class="jp-full-screen" tabindex="1" title="full screen">full screen</a></li>
+						<li><a href="javascript:;" class="jp-restore-screen" tabindex="1" title="restore screen">restore screen</a></li>
+						<li><a href="javascript:;" class="jp-repeat" tabindex="1" title="repeat">repeat</a></li>
+						<li><a href="javascript:;" class="jp-repeat-off" tabindex="1" title="repeat off">repeat off</a></li>
+						</ul>
+					</div>
+					<div class="jp-title" style="display:none;">
+						<ul>
+						<li></li>
+						</ul>
+					</div>
+					</div>
+				</div>
+				<div class="jp-no-solution">
+					<span>Update Required</span>
+					To play the media you will need to either update your browser to a recent version or update your <a href="https://get.adobe.com/flashplayer/" target="_blank">Flash plugin</a>.
+				</div>
+				</div>
+			</div>
+			<?php if(in_array(strtolower($info['extension']), $ext_music)): ?>
+
+				<script type="text/javascript">
+					$(document).ready(function(){
+
+					$("#jquery_jplayer_1").jPlayer({
+						ready: function () {
+						$(this).jPlayer("setMedia", {
+						title:"<?php $_GET['title']; ?>",
+							mp3: "<?php echo $preview_file; ?>",
+							m4a: "<?php echo $preview_file; ?>",
+						oga: "<?php echo $preview_file; ?>",
+							wav: "<?php echo $preview_file; ?>"
+						});
+						},
+						swfPath: "js",
+					solution:"html,flash",
+						supplied: "mp3, m4a, midi, mid, oga,webma, ogg, wav",
+					smoothPlayBar: true,
+					keyEnabled: false
+					});
+					});
+				</script>
+
+			<?php elseif(in_array(strtolower($info['extension']), $ext_video)):	?>
+
+				<script type="text/javascript">
+				$(document).ready(function(){
+
+				$("#jquery_jplayer_1").jPlayer({
+					ready: function () {
+					$(this).jPlayer("setMedia", {
+						title:"<?php $_GET['title']; ?>",
+						m4v: "<?php echo $preview_file; ?>",
+						ogv: "<?php echo $preview_file; ?>",
+						flv: "<?php echo $preview_file; ?>"
+					});
+					},
+					swfPath: "js",
+					solution:"html,flash",
+					supplied: "mp4, m4v, ogv, flv, webmv, webm",
+					smoothPlayBar: true,
+					keyEnabled: false
+				});
+
+				});
+			</script>
+
+			<?php endif;
+
+			$content = ob_get_clean();
+
+			response($content)->send();
+			exit;
+
+			break;
+		case 'copy_cut':
+			if ($_POST['sub_action'] != 'copy' && $_POST['sub_action'] != 'cut')
+			{
+				response(trans('wrong sub-action').AddErrorLocation())->send();
+				exit;
+			}
+
+			if (strpos($_POST['path'],'../') !== FALSE
+				|| strpos($_POST['path'],'./') !== FALSE 
+				|| strpos($_POST['path'],'..\\') !== FALSE
+				|| strpos($_POST['path'],'.\\') !== FALSE )
+			{
+				response(trans('wrong path'.AddErrorLocation()))->send();
+				exit;
+			}
+
+			if (trim($_POST['path']) == '')
+			{
+				response(trans('no path').AddErrorLocation())->send();
+				exit;
+			}
+
+			$msg_sub_action = ($_POST['sub_action'] == 'copy' ? trans('Copy') : trans('Cut'));
+			$path = $current_path . $_POST['path'];
+
+			if (is_dir($path))
+			{
+				// can't copy/cut dirs
+				if ($copy_cut_dirs === false)
+				{
+					response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Folders')).AddErrorLocation())->send();
+					exit;
+				}
+
+				list($sizeFolderToCopy,$fileNum,$foldersCount) = folder_info($path,false);
+				// size over limit
+				if ($copy_cut_max_size !== false && is_int($copy_cut_max_size)) {
+					if (($copy_cut_max_size * 1024 * 1024) < $sizeFolderToCopy) {
+						response(sprintf(trans('Copy_Cut_Size_Limit'), $msg_sub_action, $copy_cut_max_size).AddErrorLocation())->send();
+						exit;
+					}
+				}
+
+				// file count over limit
+				if ($copy_cut_max_count !== false && is_int($copy_cut_max_count))
+				{
+					if ($copy_cut_max_count < $fileNum)
+					{
+						response(sprintf(trans('Copy_Cut_Count_Limit'), $msg_sub_action, $copy_cut_max_count).AddErrorLocation())->send();
+						exit;
+					}
+				}
+
+				if (!checkresultingsize($sizeFolderToCopy)) {
+					response(sprintf(trans('max_size_reached'),$MaxSizeTotal).AddErrorLocation())->send();
+					exit;
+				}
+			} else {
+				// can't copy/cut files
+				if ($copy_cut_files === false)
+				{
+					response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Files')).AddErrorLocation())->send();
+					exit;
+				}
+			}
+
+			$_SESSION['SDSRF']['clipboard']['path'] = $_POST['path'];
+			$_SESSION['SDSRF']['clipboard_action'] = $_POST['sub_action'];
+			break;
+		case 'clear_clipboard':
+			$_SESSION['SDSRF']['clipboard'] = null;
+			$_SESSION['SDSRF']['clipboard_action'] = null;
+			break;
+		case 'chmod':
+			if($ftp){
+				$path = $ftp_base_url . $upload_dir . $_POST['path'];
+				if (
+					($_POST['folder']==1 && $chmod_dirs === false)
+					|| ($_POST['folder']==0 && $chmod_files === false)
+					|| (is_function_callable("chmod") === false) )
+				{
+					response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403).AddErrorLocation())->send();
+					exit;
+				}
+				$info = $_POST['permissions'];
+			}else{
+				$path = $current_path . $_POST['path'];
+				if (
+					(is_dir($path) && $chmod_dirs === false)
+					|| (is_file($path) && $chmod_files === false)
+					|| (is_function_callable("chmod") === false) )
+				{
+					response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403).AddErrorLocation())->send();
+					exit;
+				}
+
+				$perms = fileperms($path) & 0777;
+
+			    $info = '-';
+
+				// Owner
+				$info .= (($perms & 0x0100) ? 'r' : '-');
+				$info .= (($perms & 0x0080) ? 'w' : '-');
+				$info .= (($perms & 0x0040) ?
+				            (($perms & 0x0800) ? 's' : 'x' ) :
+				            (($perms & 0x0800) ? 'S' : '-'));
+
+				// Group
+				$info .= (($perms & 0x0020) ? 'r' : '-');
+				$info .= (($perms & 0x0010) ? 'w' : '-');
+				$info .= (($perms & 0x0008) ?
+				            (($perms & 0x0400) ? 's' : 'x' ) :
+				            (($perms & 0x0400) ? 'S' : '-'));
+
+				// World
+				$info .= (($perms & 0x0004) ? 'r' : '-');
+				$info .= (($perms & 0x0002) ? 'w' : '-');
+				$info .= (($perms & 0x0001) ?
+				            (($perms & 0x0200) ? 't' : 'x' ) :
+				            (($perms & 0x0200) ? 'T' : '-'));
+
+			}
+
+
+			$ret = '<div id="files_permission_start">
+			<form id="chmod_form">
+				<table class="table file-perms-table">
+					<thead>
+						<tr>
+							<td></td>
+							<td>r&nbsp;&nbsp;</td>
+							<td>w&nbsp;&nbsp;</td>
+							<td>x&nbsp;&nbsp;</td>
+						</tr>
+					</thead>
+					<tbody>
+						<tr>
+							<td>'.trans('User').'</td>
+							<td><input id="u_4" type="checkbox" data-value="4" data-group="user" '.(substr($info, 1,1)=='r' ? " checked" : "").'></td>
+							<td><input id="u_2" type="checkbox" data-value="2" data-group="user" '.(substr($info, 2,1)=='w' ? " checked" : "").'></td>
+							<td><input id="u_1" type="checkbox" data-value="1" data-group="user" '.(substr($info, 3,1)=='x' ? " checked" : "").'></td>
+						</tr>
+						<tr>
+							<td>'.trans('Group').'</td>
+							<td><input id="g_4" type="checkbox" data-value="4" data-group="group" '.(substr($info, 4,1)=='r' ? " checked" : "").'></td>
+							<td><input id="g_2" type="checkbox" data-value="2" data-group="group" '.(substr($info, 5,1)=='w' ? " checked" : "").'></td>
+							<td><input id="g_1" type="checkbox" data-value="1" data-group="group" '.(substr($info, 6,1)=='x' ? " checked" : "").'></td>
+						</tr>
+						<tr>
+							<td>'.trans('All').'</td>
+							<td><input id="a_4" type="checkbox" data-value="4" data-group="all" '.(substr($info, 7,1)=='r' ? " checked" : "").'></td>
+							<td><input id="a_2" type="checkbox" data-value="2" data-group="all" '.(substr($info, 8,1)=='w' ? " checked" : "").'></td>
+							<td><input id="a_1" type="checkbox" data-value="1" data-group="all" '.(substr($info, 9,1)=='x' ? " checked" : "").'></td>
+						</tr>
+						<tr>
+							<td></td>
+							<td colspan="3"><input type="text" class="input-block-level" name="chmod_value" id="chmod_value" value="" data-def-value=""></td>
+						</tr>
+					</tbody>
+				</table>';
+
+			if ((!$ftp && is_dir($path)) )
+			{
+				$ret .= '<div class="hero-unit" style="padding:10px;">'.trans('File_Permission_Recursive').'<br/><br/>
+						<ul class="unstyled">
+							<li><label class="radio"><input value="none" name="apply_recursive" type="radio" checked> '.trans('No').'</label></li>
+							<li><label class="radio"><input value="files" name="apply_recursive" type="radio"> '.trans('Files').'</label></li>
+							<li><label class="radio"><input value="folders" name="apply_recursive" type="radio"> '.trans('Folders').'</label></li>
+							<li><label class="radio"><input value="both" name="apply_recursive" type="radio"> '.trans('Files').' & '.trans('Folders').'</label></li>
+						</ul>
+						</div>';
+			}
+
+			$ret .= '</form></div>';
+
+			response($ret)->send();
+			exit;
+
+			break;
+		case 'get_lang':
+			if ( ! file_exists('lang/languages.php'))
+			{
+				response(trans('Lang_Not_Found').AddErrorLocation())->send();
+				exit;
+			}
+
+			$languages = include 'lang/languages.php';
+			if ( ! isset($languages) || ! is_array($languages))
+			{
+				response(trans('Lang_Not_Found').AddErrorLocation())->send();
+				exit;
+			}
+
+			$curr = $_SESSION['SDSRF']['language'];
+
+			$ret = '<select id="new_lang_select">';
+			foreach ($languages as $code => $name)
+			{
+				$ret .= '<option value="' . $code . '"' . ($code == $curr ? ' selected' : '') . '>' . $name . '</option>';
+			}
+			$ret .= '</select>';
+
+			response($ret)->send();
+			exit;
+
+			break;
+		case 'change_lang':
+			$choosen_lang = (!empty($_POST['choosen_lang']))? $_POST['choosen_lang']:"en_EN";
+
+			if(array_key_exists($choosen_lang,$languages)){
+				if ( ! file_exists('lang/' . $choosen_lang . '.php'))
+				{
+					response(trans('Lang_Not_Found').AddErrorLocation())->send();
+					exit;
+				}else{
+					$_SESSION['SDSRF']['language'] = $choosen_lang;
+				}
+			}
+
+			break;
+		case 'cad_preview':
+			if($ftp){
+				$selected_file = $ftp_base_url.$upload_dir . $_GET['file'];
+			}else{
+				$selected_file = $current_path . $_GET['file'];
+
+				if ( ! file_exists($selected_file))
+				{
+					response(trans('File_Not_Found').AddErrorLocation())->send();
+					exit;
+				}
+			}
+			if($ftp){
+				$url_file = $selected_file;
+			}else{
+				$url_file = $base_url . $upload_dir . str_replace($current_path, '', $_GET["file"]);
+			}
+
+			$cad_url = urlencode($url_file);
+			$cad_html = "<iframe src=\"//sharecad.org/cadframe/load?url=" . $url_file . "\" class=\"google-iframe\" scrolling=\"no\"></iframe>";
+			$ret = $cad_html;
+			response($ret)->send();
+			break;
+		case 'get_file': // preview or edit
+			$sub_action = $_GET['sub_action'];
+			$preview_mode = $_GET["preview_mode"];
+
+			if ($sub_action != 'preview' && $sub_action != 'edit')
+			{
+				response(trans('wrong action').AddErrorLocation())->send();
+				exit;
+			}
+
+			if($ftp){
+				$selected_file = ($sub_action == 'preview' ? $ftp_base_url.$upload_dir . $_GET['file'] : $ftp_base_url.$upload_dir . $_POST['path']);
+			}else{
+				$selected_file = ($sub_action == 'preview' ? $current_path . $_GET['file'] : $current_path . $_POST['path']);
+
+				if ( ! file_exists($selected_file))
+				{
+					response(trans('File_Not_Found').AddErrorLocation())->send();
+					exit;
+				}
+			}
+
+			$info = pathinfo($selected_file);
+
+			if ($preview_mode == 'text')
+			{
+				$is_allowed = ($sub_action == 'preview' ? $preview_text_files : $edit_text_files);
+				$allowed_file_exts = ($sub_action == 'preview' ? $previewable_text_file_exts : $editable_text_file_exts);
+			} elseif ($preview_mode == 'viewerjs') {
+				$is_allowed = $viewerjs_enabled;
+				$allowed_file_exts = $viewerjs_file_exts;
+			} elseif ($preview_mode == 'google') {
+				$is_allowed = $googledoc_enabled;
+				$allowed_file_exts = $googledoc_file_exts;
+			}
+
+			if ( ! isset($allowed_file_exts) || ! is_array($allowed_file_exts))
+			{
+				$allowed_file_exts = array();
+			}
+
+			if ( ! in_array($info['extension'], $allowed_file_exts)
+				|| ! isset($is_allowed)
+				|| $is_allowed === false
+				|| (!$ftp && ! is_readable($selected_file))
+			)
+			{
+				response(sprintf(trans('File_Open_Edit_Not_Allowed'), ($sub_action == 'preview' ? strtolower(trans('Open')) : strtolower(trans('Edit')))).AddErrorLocation())->send();
+				exit;
+			}
+			if ($sub_action == 'preview')
+			{
+				if ($preview_mode == 'text')
+				{
+					// get and sanities
+					$data = file_get_contents($selected_file);
+					$data = htmlspecialchars(htmlspecialchars_decode($data));
+					$ret = '';
+
+					if ( ! in_array($info['extension'],$previewable_text_file_exts_no_prettify))
+					{
+						$ret .= '<script src="https://rawgit.com/google/code-prettify/master/loader/run_prettify.js?autoload=true&skin=sunburst"></script>';
+						$ret .= '<?prettify lang='.$info['extension'].' linenums=true?><pre class="prettyprint"><code class="language-'.$info['extension'].'">'.$data.'</code></pre>';
+					} else {
+						$ret .= '<pre class="no-prettify">'.$data.'</pre>';
+					}
+
+				}
+				elseif ($preview_mode == 'google' || $preview_mode == 'viewerjs') {
+					if($ftp){
+						$url_file = $selected_file;
+					}else{
+						$url_file = $base_url . $upload_dir . str_replace($current_path, '', $_GET["file"]);
+					}
+
+					$googledoc_url = urlencode($url_file);
+					$googledoc_html = "<iframe src=\"https://docs.google.com/viewer?url=" . $url_file . "&embedded=true\" class=\"google-iframe\"></iframe>";
+					$ret = $googledoc_html;
+				}
+			} else {
+				$data = stripslashes(htmlspecialchars(file_get_contents($selected_file)));
+				$ret = '<textarea id="textfile_edit_area" style="width:100%;height:300px;">'.$data.'</textarea>';
+			}
+
+			response($ret)->send();
+			exit;
+
+			break;
+		default:
+			response(trans('no action passed').AddErrorLocation())->send();
+			exit;
+	}
+} else {
+	response(trans('no action passed').AddErrorLocation())->send();
+	exit;
+}
+?>

modules/revsliderprestashop/include/filemanager/config/config.php

@@ -0,0 +1,427 @@
+<?php 
+if (session_id() == '')
+    session_start();
+
+mb_internal_encoding('UTF-8');
+mb_http_output('UTF-8');
+mb_http_input('UTF-8');
+mb_language('uni');
+mb_regex_encoding('UTF-8');
+ob_start('mb_output_handler');
+date_default_timezone_set('Europe/Rome');
+
+/*
+  |--------------------------------------------------------------------------
+  | Optional security
+  |--------------------------------------------------------------------------
+  |
+  | if set to true only those will access RF whose url contains the access key(akey) like:
+  | <input type="button" href="../filemanager/dialog.php?field_id=imgField&lang=en_EN&akey=myPrivateKey" value="Files">
+  | in tinymce a new parameter added: filemanager_access_key:"myPrivateKey"
+  | example tinymce config:
+  |
+  | tiny init ...
+  | external_filemanager_path:"../filemanager/",
+  | filemanager_title:"Filemanager" ,
+  | filemanager_access_key:"myPrivateKey" ,
+  | ...
+  |
+ */
+
+define('USE_ACCESS_KEYS', false); // TRUE or FALSE
+
+/*
+  |--------------------------------------------------------------------------
+  | DON'T COPY THIS VARIABLES IN FOLDERS config.php FILES
+  |--------------------------------------------------------------------------
+ */
+
+define('DEBUG_ERROR_MESSAGE', true); // TRUE or FALSE
+
+/*
+  |--------------------------------------------------------------------------
+  | Path configuration
+  |--------------------------------------------------------------------------
+  | In this configuration the folder tree is
+  | root
+  |    |- source <- upload folder
+  |    |- thumbs <- thumbnail folder [must have write permission (755)]
+  |    |- filemanager
+  |    |- js
+  |    |   |- tinymce
+  |    |   |   |- plugins
+  |    |   |   |   |- responsivefilemanager
+  |    |   |   |   |   |- plugin.min.js
+ */
+
+$config = array(
+    /*
+      |--------------------------------------------------------------------------
+      | DON'T TOUCH (base url (only domain) of site).
+      |--------------------------------------------------------------------------
+      |
+      | without final / (DON'T TOUCH)
+      |
+     */
+    //'base_url' => ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] && !in_array(strtolower($_SERVER['HTTPS']), array('off', 'no'))) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'],
+    'base_url' => RS_PLUGIN_URL,
+    /*
+      |--------------------------------------------------------------------------
+      | path from base_url to base of upload folder
+      |--------------------------------------------------------------------------
+      |
+      | with start and final /
+      |
+     */
+
+//    custom by shahin
+    'upload_dir_view_url' => 'uploads/',
+    
+    
+    'upload_dir' => RS_PLUGIN_PATH . '/uploads/',
+    'upload_dir_view' => RS_PLUGIN_URL . 'uploads/',
+    'assets_dir' => RS_PLUGIN_URL . 'include/filemanager/',
+    'assets_dir_img' => RS_PLUGIN_URL . 'include/filemanager/img/',
+    'assets_dir_icon' => RS_PLUGIN_URL . 'include/filemanager/img/ico/',
+    'upload_php' =>  'index.php?controller=AdminRevolutionsliderFmanager&view=upload&token='.Tools::getAdminTokenLite('AdminRevolutionsliderFmanager'),
+    'dialog_php' => 'index.php?controller=AdminRevolutionsliderFmanager&view=dialog&token='.Tools::getAdminTokenLite('AdminRevolutionsliderFmanager'),
+    'dialog_php_reload' => 'index.php?controller=AdminRevolutionsliderFmanager&view=dialog&token='.Tools::getAdminTokenLite('AdminRevolutionsliderFmanager'),
+    'ajax_calls_php' =>'index.php?controller=AdminRevolutionsliderFmanager&view=ajax_calls&token='.Tools::getAdminTokenLite('AdminRevolutionsliderFmanager'),
+    'sds_ajax_calls_php' =>  'index.php?controller=AdminRevolutionsliderFmanager&view=ajax_calls&token='.Tools::getAdminTokenLite('AdminRevolutionsliderFmanager'),
+    'sds_force_download_php' => 'index.php?controller=AdminRevolutionsliderFmanager&view=download&token='.Tools::getAdminTokenLite('AdminRevolutionsliderFmanager'),
+    /*
+      |--------------------------------------------------------------------------
+      | relative path from filemanager folder to upload folder
+      |--------------------------------------------------------------------------
+      |
+      | with final /
+      |
+     */
+    'current_path' => RS_PLUGIN_PATH . '/uploads/',
+    'current_path_host' => RS_PLUGIN_URL . 'uploads/',
+    /*
+      |--------------------------------------------------------------------------
+      | relative path from filemanager folder to thumbs folder
+      |--------------------------------------------------------------------------
+      |
+      | with final /
+      | DO NOT put inside upload folder
+      |
+     */
+    'thumbs_base_path' => RS_PLUGIN_PATH . '/uploads/sds_rfm/thumbs/',
+    'thumbs_path_orginal' => RS_PLUGIN_URL . 'uploads/sds_rfm/thumbs/',
+    'source_path_orginal' => RS_PLUGIN_URL . 'uploads/',
+    /*
+      |--------------------------------------------------------------------------
+      | FTP configuration BETA VERSION
+      |--------------------------------------------------------------------------
+      |
+      | If you want enable ftp use write these parametres otherwise leave empty
+      | Remember to set base_url properly to point in the ftp server domain and
+      | upload dir will be ftp_base_folder + upload_dir so without final /
+      |
+     */
+    'ftp_host' => false,
+    'ftp_user' => "user",
+    'ftp_pass' => "pass",
+    'ftp_base_folder' => "base_folder",
+    'ftp_base_url' => "http://site to ftp root",
+    /* --------------------------------------------------------------------------
+      | path from ftp_base_folder to base of thumbs folder with start and final |
+      |-------------------------------------------------------------------------- */
+    'ftp_thumbs_dir' => RS_PLUGIN_PATH . '/uploads/sds_rfm/thumbs/',
+    'ftp_ssl' => false,
+    'ftp_port' => 21,
+    // 'ftp_host'         => "s108707.gridserver.com",
+    // 'ftp_user'         => "test@responsivefilemanager.com",
+    // 'ftp_pass'         => "Test.1234",
+    // 'ftp_base_folder'  => "/domains/responsivefilemanager.com/html",
+
+
+    /*
+      |--------------------------------------------------------------------------
+      | Access keys
+      |--------------------------------------------------------------------------
+      |
+      | add access keys eg: array('myPrivateKey', 'someoneElseKey');
+      | keys should only containt (a-z A-Z 0-9 \ . _ -) characters
+      | if you are integrating lets say to a cms for admins, i recommend making keys randomized something like this:
+      | $username = 'Admin';
+      | $salt = 'dsflFWR9u2xQa' (a hard coded string)
+      | $akey = md5($username.$salt);
+      | DO NOT use 'key' as access key!
+      | Keys are CASE SENSITIVE!
+      |
+     */
+    'access_keys' => array(),
+    //--------------------------------------------------------------------------------------------------------
+    // YOU CAN COPY AND CHANGE THESE VARIABLES INTO FOLDERS config.php FILES TO CUSTOMIZE EACH FOLDER OPTIONS
+    //--------------------------------------------------------------------------------------------------------
+
+    /*
+      |--------------------------------------------------------------------------
+      | Maximum size of all files in source folder
+      |--------------------------------------------------------------------------
+      |
+      | in Megabytes
+      |
+     */
+    'MaxSizeTotal' => false,
+    /*
+      |--------------------------------------------------------------------------
+      | Maximum upload size
+      |--------------------------------------------------------------------------
+      |
+      | in Megabytes
+      |
+     */
+    'MaxSizeUpload' => 8,
+    /*
+      |--------------------------------------------------------------------------
+      | File and Folder permission
+      |--------------------------------------------------------------------------
+      |
+     */
+    'fileFolderPermission' => 0755,
+    /*
+      |--------------------------------------------------------------------------
+      | default language file name
+      |--------------------------------------------------------------------------
+     */
+    'default_language' => "en_EN",
+    /*
+      |--------------------------------------------------------------------------
+      | Icon theme
+      |--------------------------------------------------------------------------
+      |
+      | Default available: ico and ico_dark
+      | Can be set to custom icon inside filemanager/img
+      |
+     */
+    'icon_theme' => "ico",
+    //Show or not total size in filemanager (is possible to greatly increase the calculations)
+    'show_total_size' => false,
+    //Show or not show folder size in list view feature in filemanager (is possible, if there is a large folder, to greatly increase the calculations)
+    'show_folder_size' => false,
+    //Show or not show sorting feature in filemanager
+    'show_sorting_bar' => true,
+    //Show or not show filters button in filemanager
+    'show_filter_buttons' => true,
+    //Show or not language selection feature in filemanager
+    'show_language_selection' => true,
+    //active or deactive the transliteration (mean convert all strange characters in A..Za..z0..9 characters)
+    'transliteration' => false,
+    //convert all spaces on files name and folders name with $replace_with variable
+    'convert_spaces' => false,
+    //convert all spaces on files name and folders name this value
+    'replace_with' => "_",
+    //convert to lowercase the files and folders name
+    'lower_case' => false,
+    //Add ?484899493349 (time value) to returned images to prevent cache
+    'add_time_to_img' => false,
+    // -1: There is no lazy loading at all, 0: Always lazy-load images, 0+: The minimum number of the files in a directory
+    // when lazy loading should be turned on.
+    'lazy_loading_file_number_threshold' => 0,
+    //*******************************************
+    //Images limit and resizing configuration
+    //*******************************************
+    // set maximum pixel width and/or maximum pixel height for all images
+    // If you set a maximum width or height, oversized images are converted to those limits. Images smaller than the limit(s) are unaffected
+    // if you don't need a limit set both to 0
+    'image_max_width' => 0,
+    'image_max_height' => 0,
+    'image_max_mode' => 'auto',
+    /*
+      #  $option:  0 / exact = defined size;
+      #            1 / portrait = keep aspect set height;
+      #            2 / landscape = keep aspect set width;
+      #            3 / auto = auto;
+      #            4 / crop= resize and crop;
+     */
+
+    //Automatic resizing //
+    // If you set $image_resizing to TRUE the script converts all uploaded images exactly to image_resizing_width x image_resizing_height dimension
+    // If you set width or height to 0 the script automatically calculates the other dimension
+    // Is possible that if you upload very big images the script not work to overcome this increase the php configuration of memory and time limit
+    'image_resizing' => false,
+    'image_resizing_width' => 0,
+    'image_resizing_height' => 0,
+    'image_resizing_mode' => 'auto', // same as $image_max_mode
+    'image_resizing_override' => false,
+    // If set to TRUE then you can specify bigger images than $image_max_width & height otherwise if image_resizing is
+    // bigger than $image_max_width or height then it will be converted to those values
+    //******************
+    //
+	// WATERMARK IMAGE
+    // 
+    //Watermark url or false
+    'image_watermark' => false,
+    # Could be a pre-determined position such as:
+    #           tl = top left,
+    #           t  = top (middle),
+    #           tr = top right,
+    #           l  = left,
+    #           m  = middle,
+    #           r  = right,
+    #           bl = bottom left,
+    #           b  = bottom (middle),
+    #           br = bottom right
+    #           Or, it could be a co-ordinate position such as: 50x100
+    'image_watermark_position' => 'br',
+    # padding: If using a pre-determined position you can
+    #         adjust the padding from the edges by passing an amount
+    #         in pixels. If using co-ordinates, this value is ignored.
+    'image_watermark_padding' => 0,
+    //******************
+    // Default layout setting
+    //
+	// 0 => boxes
+    // 1 => detailed list (1 column)
+    // 2 => columns list (multiple columns depending on the width of the page)
+    // YOU CAN ALSO PASS THIS PARAMETERS USING SESSION VAR => $_SESSION['RF']["VIEW"]=
+    //
+	//******************
+    'default_view' => 0,
+    //set if the filename is truncated when overflow first row
+    'ellipsis_title_after_first_row' => true,
+    //*************************
+    //Permissions configuration
+    //******************
+    'delete_files' => true,
+    'create_folders' => true,
+    'delete_folders' => true,
+    'upload_files' => true,
+    'rename_files' => true,
+    'rename_folders' => true,
+    'duplicate_files' => true,
+    'copy_cut_files' => true, // for copy/cut files
+    'copy_cut_dirs' => true, // for copy/cut directories
+    'chmod_files' => true, // change file permissions
+    'chmod_dirs' => true, // change folder permissions
+    'preview_text_files' => true, // eg.: txt, log etc.
+    'edit_text_files' => true, // eg.: txt, log etc.
+    'create_text_files' => true, // only create files with exts. defined in $editable_text_file_exts
+    // you can preview these type of files if $preview_text_files is true
+    'previewable_text_file_exts' => array("bsh", "c", "css", "cc", "cpp", "cs", "csh", "cyc", "cv", "htm", "html", "java", "js", "m", "mxml", "perl", "pl", "pm", "py", "rb", "sh", "xhtml", "xml", "xsl"),
+    'previewable_text_file_exts_no_prettify' => array('txt', 'log'),
+    // you can edit these type of files if $edit_text_files is true (only text based files)
+    // you can create these type of files if $create_text_files is true (only text based files)
+    // if you want you can add html,css etc.
+    // but for security reasons it's NOT RECOMMENDED!
+    'editable_text_file_exts' => array('txt', 'log', 'xml', 'html', 'css', 'htm', 'js'),
+    // Preview with Google Documents
+    'googledoc_enabled' => true,
+    'googledoc_file_exts' => array('doc', 'docx', 'xls', 'xlsx', 'ppt', 'pptx'),
+    // Preview with Viewer.js
+    'viewerjs_enabled' => true,
+    'viewerjs_file_exts' => array('pdf', 'odt', 'odp', 'ods'),
+    // defines size limit for paste in MB / operation
+    // set 'FALSE' for no limit
+    'copy_cut_max_size' => 100,
+    // defines file count limit for paste / operation
+    // set 'FALSE' for no limit
+    'copy_cut_max_count' => 200,
+    //IF any of these limits reached, operation won't start and generate warning
+    //**********************
+    //Allowed extensions (lowercase insert)
+    //**********************
+    'ext_img' => array('jpg', 'jpeg', 'png', 'gif', 'bmp', 'tiff', 'svg'), //Images
+    'ext_file' => array('doc', 'docx', 'rtf', 'pdf', 'xls', 'xlsx', 'txt', 'csv', 'html', 'xhtml', 'psd', 'sql', 'log', 'fla', 'xml', 'ade', 'adp', 'mdb', 'accdb', 'ppt', 'pptx', 'odt', 'ots', 'ott', 'odb', 'odg', 'otp', 'otg', 'odf', 'ods', 'odp', 'css', 'ai', 'kmz', 'dwg', 'dxf', 'hpgl', 'plt', 'spl', 'step', 'stp', 'iges', 'igs', 'sat', 'cgm'), //Files
+    'ext_video' => array('mov', 'mpeg', 'm4v', 'mp4', 'avi', 'mpg', 'wma', "flv", "webm"), //Video
+    'ext_music' => array('mp3', 'mpga', 'm4a', 'ac3', 'aiff', 'mid', 'ogg', 'wav'), //Audio
+    'ext_misc' => array('zip', 'rar', 'gz', 'tar', 'iso', 'dmg'), //Archives
+
+    /*     * ****************
+     * AVIARY config
+     * ***************** */
+    'aviary_active' => true,
+    'aviary_apiKey' => "2444282ef4344e3dacdedc7a78f8877d",
+    'aviary_language' => "en",
+    'aviary_theme' => "light",
+    'aviary_tools' => "all",
+    'aviary_maxSize' => "1400",
+    // Add or modify the Aviary options below as needed - they will be json encoded when added to the configuration so arrays can be utilized as needed
+    //The filter and sorter are managed through both javascript and php scripts because if you have a lot of
+    //file in a folder the javascript script can't sort all or filter all, so the filemanager switch to php script.
+    //The plugin automatic swich javascript to php when the current folder exceeds the below limit of files number
+    'file_number_limit_js' => 500,
+    //**********************
+    // Hidden files and folders
+    //**********************
+    // set the names of any folders you want hidden (eg "hidden_folder1", "hidden_folder2" ) Remember all folders with these names will be hidden (you can set any exceptions in config.php files on folders)
+    'hidden_folders' => array(),
+    // set the names of any files you want hidden. Remember these names will be hidden in all folders (eg "this_document.pdf", "that_image.jpg" )
+    'hidden_files' => array('config.php'),
+    /*     * *****************
+     * URL upload
+     * ***************** */
+    'url_upload' => true,
+    /*     * *****************
+     * JAVA upload
+     * ***************** */
+    'java_upload' => true,
+    'JAVAMaxSizeUpload' => 200, //Gb
+    //************************************
+    //Thumbnail for external use creation
+    //************************************
+    // New image resized creation with fixed path from filemanager folder after uploading (thumbnails in fixed mode)
+    // If you want create images resized out of upload folder for use with external script you can choose this method,
+    // You can create also more than one image at a time just simply add a value in the array
+    // Remember than the image creation respect the folder hierarchy so if you are inside source/test/test1/ the new image will create at
+    // path_from_filemanager/test/test1/
+    // PS if there isn't write permission in your destination folder you must set it
+    //
+	'fixed_image_creation' => false, //activate or not the creation of one or more image resized with fixed path from filemanager folder
+    'fixed_path_from_filemanager' => array('../test/', '../test1/'), //fixed path of the image folder from the current position on upload folder
+    'fixed_image_creation_name_to_prepend' => array('', 'test_'), //name to prepend on filename
+    'fixed_image_creation_to_append' => array('_test', ''), //name to appendon filename
+    'fixed_image_creation_width' => array(300, 400), //width of image (you can leave empty if you set height)
+    'fixed_image_creation_height' => array(200, ''), //height of image (you can leave empty if you set width)
+    /*
+      #             $option:     0 / exact = defined size;
+      #                          1 / portrait = keep aspect set height;
+      #                          2 / landscape = keep aspect set width;
+      #                          3 / auto = auto;
+      #                          4 / crop= resize and crop;
+     */
+    'fixed_image_creation_option' => array('crop', 'auto'), //set the type of the crop
+    // New image resized creation with relative path inside to upload folder after uploading (thumbnails in relative mode)
+    // With Responsive filemanager you can create automatically resized image inside the upload folder, also more than one at a time
+    // just simply add a value in the array
+    // The image creation path is always relative so if i'm inside source/test/test1 and I upload an image, the path start from here
+    //
+	'relative_image_creation' => false, //activate or not the creation of one or more image resized with relative path from upload folder
+    'relative_path_from_current_pos' => array('./', './'), //relative path of the image folder from the current position on upload folder
+    'relative_image_creation_name_to_prepend' => array('', ''), //name to prepend on filename
+    'relative_image_creation_name_to_append' => array('_thumb', '_thumb1'), //name to append on filename
+    'relative_image_creation_width' => array(300, 400), //width of image (you can leave empty if you set height)
+    'relative_image_creation_height' => array(200, ''), //height of image (you can leave empty if you set width)
+    /*
+      #             $option:     0 / exact = defined size;
+      #                          1 / portrait = keep aspect set height;
+      #                          2 / landscape = keep aspect set width;
+      #                          3 / auto = auto;
+      #                          4 / crop= resize and crop;
+     */
+    'relative_image_creation_option' => array('crop', 'crop'), //set the type of the crop
+    // Remember text filter after close filemanager for future session
+    'remember_text_filter' => false,
+);
+
+return array_merge(
+        $config, array(
+    'MaxSizeUpload' => ((int) (ini_get('post_max_size')) < $config['MaxSizeUpload']) ? (int) (ini_get('post_max_size')) : $config['MaxSizeUpload'],
+    'ext' => array_merge(
+            $config['ext_img'], $config['ext_file'], $config['ext_misc'], $config['ext_video'], $config['ext_music']
+    ),
+    // For a list of options see: https://developers.aviary.com/docs/web/setup-guide#constructor-config
+    'aviary_defaults_config' => array(
+        'apiKey' => $config['aviary_apiKey'],
+        'language' => $config['aviary_language'],
+        'theme' => $config['aviary_theme'],
+        'tools' => $config['aviary_tools'],
+        'maxSize' => $config['aviary_maxSize']
+    ),
+        )
+);
+?>

modules/revsliderprestashop/include/filemanager/execute.php

@@ -0,0 +1,487 @@
+<?php
+
+if (!defined('_PS_VERSION_')) {  exit; }
+$config = include 'config/config.php';
+//TODO switch to array
+extract($config, EXTR_OVERWRITE);
+
+include 'include/utils.php';
+
+//if ($_SESSION['SDSRF']["verify"] != "RESPONSIVEfilemanager") {
+//    response(trans('forbiden') . AddErrorLocation())->send();
+//    exit;
+//}
+
+if (strpos($_POST['path'], '/') === 0 || strpos($_POST['path'], '../') !== FALSE || strpos($_POST['path'], './') === 0 || strpos($_POST['path'], '..\\') !== FALSE || strpos($_POST['path'], '.\\') === 0) {
+    response(trans('wrong path' . AddErrorLocation()))->send();
+    exit;
+}
+
+//if (isset($_SESSION['SDSRF']['language']) && file_exists('lang/' . basename($_SESSION['SDSRF']['language']) . '.php')) {
+//    $languages = include 'lang/languages.php';
+//    if (array_key_exists($_SESSION['SDSRF']['language'], $languages)) {
+//        include 'lang/' . basename($_SESSION['SDSRF']['language']) . '.php';
+//    } else {
+//        response(trans('Lang_Not_Found') . AddErrorLocation())->send();
+//        exit;
+//    }
+//} else {
+//    response(trans('Lang_Not_Found') . AddErrorLocation())->send();
+//    exit;
+//}
+
+$ftp = ftp_con($config);
+
+$base = $current_path;
+$path = $base . $_POST['path'];
+$cycle = TRUE;
+$max_cycles = 50;
+$i = 0;
+while ($cycle && $i < $max_cycles) {
+    $i++;
+    if ($path == $base)
+        $cycle = FALSE;
+
+    if (file_exists($path . "config.php")) {
+        require_once $path . "config.php";
+        $cycle = FALSE;
+    }
+    $path = fix_dirname($path) . "/";
+}
+
+$path = $current_path . $_POST['path'];
+$path_thumb = $thumbs_base_path . $_POST['path'];
+
+if ($ftp) {
+    $path = $ftp_base_folder . $upload_dir . $_POST['path'];
+    $path_thumb = $ftp_base_folder . $ftp_thumbs_dir . $_POST['path'];
+}
+
+if (isset($_POST['name'])) {
+    $name = fix_filename($_POST['name'], $config);
+    if (strpos($name, '../') !== FALSE || strpos($name, '..\\') !== FALSE) {
+        response(trans('wrong name') . AddErrorLocation())->send();
+        exit;
+    }
+}
+
+$info = pathinfo($path);
+if (isset($info['extension']) && !(isset($_GET['action']) && $_GET['action'] == 'delete_folder') && !in_array(strtolower($info['extension']), $ext) && $_GET['action'] != 'create_file') {
+    response(trans('wrong extension') . AddErrorLocation())->send();
+    exit;
+}
+
+if (isset($_GET['action'])) {
+    switch ($_GET['action']) {
+        case 'delete_file':
+            if ($delete_files) {
+                if ($ftp) {
+                    try {
+                        $ftp->delete("/" . $path);
+                        @$ftp->delete("/" . $path_thumb);
+                    } catch (FtpClient\FtpException $e) {
+                        return;
+                    }
+                } else {
+
+                    unlink($path);
+                    if (file_exists($path_thumb)) {
+                        unlink($path_thumb);
+                    }
+                }
+
+                $info = pathinfo($path);
+                if (!$ftp && $relative_image_creation) {
+                    foreach ($relative_path_from_current_pos as $k => $path) {
+                        if ($path != "" && $path[strlen($path) - 1] != "/")
+                            $path .= "/";
+
+                        if (file_exists($info['dirname'] . "/" . $path . $relative_image_creation_name_to_prepend[$k] . $info['filename'] . $relative_image_creation_name_to_append[$k] . "." . $info['extension'])) {
+                            unlink($info['dirname'] . "/" . $path . $relative_image_creation_name_to_prepend[$k] . $info['filename'] . $relative_image_creation_name_to_append[$k] . "." . $info['extension']);
+                        }
+                    }
+                }
+
+                if (!$ftp && $fixed_image_creation) {
+                    foreach ($fixed_path_from_filemanager as $k => $path) {
+                        if ($path != "" && $path[strlen($path) - 1] != "/")
+                            $path .= "/";
+
+                        $base_dir = $path . substr_replace($info['dirname'] . "/", '', 0, strlen($current_path));
+                        if (file_exists($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'])) {
+                            unlink($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension']);
+                        }
+                    }
+                }
+            }
+            break;
+        case 'delete_folder':
+            if ($delete_folders) {
+
+                if ($ftp) {
+                    deleteDir($path, $ftp, $config);
+                    deleteDir($path_thumb, $ftp, $config);
+                } else {
+                    if (is_dir($path_thumb)) {
+                        deleteDir($path_thumb);
+                    }
+
+                    if (is_dir($path)) {
+                        deleteDir($path);
+                        if ($fixed_image_creation) {
+                            foreach ($fixed_path_from_filemanager as $k => $paths) {
+                                if ($paths != "" && $paths[strlen($paths) - 1] != "/")
+                                    $paths .= "/";
+
+                                $base_dir = $paths . substr_replace($path, '', 0, strlen($current_path));
+                                if (is_dir($base_dir))
+                                    deleteDir($base_dir);
+                            }
+                        }
+                    }
+                }
+            }
+            break;
+        case 'create_folder':
+            if ($create_folders) {
+
+                $name = fix_filename($_POST['name'], $config);
+                $path .= $name;
+                $path_thumb .= $name;
+                create_folder(fix_path($path, $config), fix_path($path_thumb, $config), $ftp, $config);
+            }
+            break;
+        case 'rename_folder':
+            if ($rename_folders) {
+                $name = fix_filename($name, $config);
+                $name = str_replace('.', '', $name);
+
+                if (!empty($name)) {
+                    if (!rename_folder($path, $name, $ftp, $config)) {
+                        response(trans('Rename_existing_folder') . AddErrorLocation())->send();
+                        exit;
+                    }
+                    rename_folder($path_thumb, $name, $ftp, $config);
+                    if (!$ftp && $fixed_image_creation) {
+                        foreach ($fixed_path_from_filemanager as $k => $paths) {
+                            if ($paths != "" && $paths[strlen($paths) - 1] != "/")
+                                $paths .= "/";
+
+                            $base_dir = $paths . substr_replace($path, '', 0, strlen($current_path));
+                            rename_folder($base_dir, $name, $ftp, $config);
+                        }
+                    }
+                } else {
+                    response(trans('Empty_name') . AddErrorLocation())->send();
+                    exit;
+                }
+            }
+            break;
+        case 'create_file':
+            if ($create_text_files === FALSE) {
+                response(sprintf(trans('File_Open_Edit_Not_Allowed'), strtolower(trans('Edit'))) . AddErrorLocation())->send();
+                exit;
+            }
+
+            if (!isset($editable_text_file_exts) || !is_array($editable_text_file_exts)) {
+                $editable_text_file_exts = array();
+            }
+
+            // check if user supplied extension
+            if (strpos($name, '.') === FALSE) {
+                response(trans('No_Extension') . ' ' . sprintf(trans('Valid_Extensions'), implode(', ', $editable_text_file_exts)) . AddErrorLocation())->send();
+                exit;
+            }
+
+            // correct name
+            $old_name = $name;
+            $name = fix_filename($name, $config);
+            if (empty($name)) {
+                response(trans('Empty_name') . AddErrorLocation())->send();
+                exit;
+            }
+
+            // check extension
+            $parts = explode('.', $name);
+            if (!in_array(end($parts), $editable_text_file_exts)) {
+                response(trans('Error_extension') . ' ' . sprintf(trans('Valid_Extensions'), implode(', ', $editable_text_file_exts)), 400)->send();
+                exit;
+            }
+
+            $content = $_POST['new_content'];
+
+            if ($ftp) {
+                $tmp = time() . $name;
+                file_put_contents($tmp, $content);
+                $ftp->put("/" . $path . $name, $tmp, FTP_BINARY);
+                unlink($tmp);
+                response(trans('File_Save_OK'))->send();
+            } else {
+                if (!checkresultingsize(strlen($content))) {
+                    response(sprintf(trans('max_size_reached'), $MaxSizeTotal) . AddErrorLocation())->send();
+                    exit;
+                }
+                // file already exists
+                if (file_exists($path . $name)) {
+                    response(trans('Rename_existing_file') . AddErrorLocation())->send();
+                    exit;
+                }
+
+                if (@file_put_contents($path . $name, $content) === FALSE) {
+                    response(trans('File_Save_Error') . AddErrorLocation())->send();
+                    exit;
+                } else {
+                    if (is_function_callable('chmod') !== FALSE) {
+                        chmod($path . $name, 0644);
+                    }
+                    response(trans('File_Save_OK'))->send();
+                    exit;
+                }
+            }
+
+            break;
+        case 'rename_file':
+            if ($rename_files) {
+                $name = fix_filename($name, $config);
+                if (!empty($name)) {
+                    if (!rename_file($path, $name, $ftp, $config)) {
+                        response(trans('Rename_existing_file') . AddErrorLocation())->send();
+                        exit;
+                    }
+
+                    rename_file($path_thumb, $name, $ftp, $config);
+
+                    if ($fixed_image_creation) {
+                        $info = pathinfo($path);
+
+                        foreach ($fixed_path_from_filemanager as $k => $paths) {
+                            if ($paths != "" && $paths[strlen($paths) - 1] != "/")
+                                $paths .= "/";
+
+                            $base_dir = $paths . substr_replace($info['dirname'] . "/", '', 0, strlen($current_path));
+                            if (file_exists($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'])) {
+                                rename_file($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'], $fixed_image_creation_name_to_prepend[$k] . $name . $fixed_image_creation_to_append[$k], $ftp, $config);
+                            }
+                        }
+                    }
+                } else {
+                    response(trans('Empty_name') . AddErrorLocation())->send();
+                    exit;
+                }
+            }
+            break;
+        case 'duplicate_file':
+            if ($duplicate_files) {
+                $name = fix_filename($name, $config);
+                if (!empty($name)) {
+                    if (!$ftp && !checkresultingsize(filesize($path))) {
+                        response(sprintf(trans('max_size_reached'), $MaxSizeTotal) . AddErrorLocation())->send();
+                        exit;
+                    }
+                    if (!duplicate_file($path, $name, $ftp, $config)) {
+                        response(trans('Rename_existing_file') . AddErrorLocation())->send();
+                        exit;
+                    }
+
+                    duplicate_file($path_thumb, $name, $ftp, $config);
+
+                    if (!$ftp && $fixed_image_creation) {
+                        $info = pathinfo($path);
+                        foreach ($fixed_path_from_filemanager as $k => $paths) {
+                            if ($paths != "" && $paths[strlen($paths) - 1] != "/")
+                                $paths .= "/";
+
+                            $base_dir = $paths . substr_replace($info['dirname'] . "/", '', 0, strlen($current_path));
+
+                            if (file_exists($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'])) {
+                                duplicate_file($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'], $fixed_image_creation_name_to_prepend[$k] . $name . $fixed_image_creation_to_append[$k]);
+                            }
+                        }
+                    }
+                } else {
+                    response(trans('Empty_name') . AddErrorLocation())->send();
+                    exit;
+                }
+            }
+            break;
+
+        case 'paste_clipboard':
+            if (!isset($_SESSION['SDSRF']['clipboard_action'], $_SESSION['SDSRF']['clipboard']['path']) || $_SESSION['SDSRF']['clipboard_action'] == '' || $_SESSION['SDSRF']['clipboard']['path'] == '') {
+                response()->send();
+                exit;
+            }
+
+            $action = $_SESSION['SDSRF']['clipboard_action'];
+            $data = $_SESSION['SDSRF']['clipboard'];
+
+            if ($ftp) {
+                if ($_POST['path'] != "") {
+                    $path .= DIRECTORY_SEPARATOR;
+                    $path_thumb .= DIRECTORY_SEPARATOR;
+                }
+                $path_thumb .= basename($data['path']);
+                $path .= basename($data['path']);
+                $data['path_thumb'] = DIRECTORY_SEPARATOR . $config['ftp_base_folder'] . $config['ftp_thumbs_dir'] . $data['path'];
+                $data['path'] = DIRECTORY_SEPARATOR . $config['ftp_base_folder'] . $config['upload_dir'] . $data['path'];
+            } else {
+                $data['path_thumb'] = $thumbs_base_path . $data['path'];
+                $data['path'] = $current_path . $data['path'];
+            }
+
+            $pinfo = pathinfo($data['path']);
+
+            // user wants to paste to the same dir. nothing to do here...
+            if ($pinfo['dirname'] == rtrim($path, DIRECTORY_SEPARATOR)) {
+                response()->send();
+                exit;
+            }
+
+            // user wants to paste folder to it's own sub folder.. baaaah.
+            if (is_dir($data['path']) && strpos($path, $data['path']) !== FALSE) {
+                response()->send();
+                exit;
+            }
+
+            // something terribly gone wrong
+            if ($action != 'copy' && $action != 'cut') {
+                response(trans('wrong action') . AddErrorLocation())->send();
+                exit;
+            }
+            if ($ftp) {
+                if ($action == 'copy') {
+                    $tmp = time() . basename($data['path']);
+                    $ftp->get($tmp, $data['path'], FTP_BINARY);
+                    $ftp->put(DIRECTORY_SEPARATOR . $path, $tmp, FTP_BINARY);
+                    unlink($tmp);
+
+                    if (url_exists($data['path_thumb'])) {
+                        $tmp = time() . basename($data['path_thumb']);
+                        @$ftp->get($tmp, $data['path_thumb'], FTP_BINARY);
+                        @$ftp->put(DIRECTORY_SEPARATOR . $path_thumb, $tmp, FTP_BINARY);
+                        unlink($tmp);
+                    }
+                } elseif ($action == 'cut') {
+                    $ftp->rename($data['path'], DIRECTORY_SEPARATOR . $path);
+                    if (url_exists($data['path_thumb'])) {
+                        @$ftp->rename($data['path_thumb'], DIRECTORY_SEPARATOR . $path_thumb);
+                    }
+                }
+            } else {
+                // check for writability
+                if (is_really_writable($path) === FALSE || is_really_writable($path_thumb) === FALSE) {
+                    response(trans('Dir_No_Write') . '<br/>' . str_replace('../', '', $path) . '<br/>' . str_replace('../', '', $path_thumb) . AddErrorLocation())->send();
+                    exit;
+                }
+
+                // check if server disables copy or rename
+                if (is_function_callable(($action == 'copy' ? 'copy' : 'rename')) === FALSE) {
+                    response(sprintf(trans('Function_Disabled'), ($action == 'copy' ? (trans('Copy')) : (trans('Cut')))) . AddErrorLocation())->send();
+                    exit;
+                }
+                if ($action == 'copy') {
+                    list($sizeFolderToCopy, $fileNum, $foldersCount) = folder_info($path, false);
+                    if (!checkresultingsize($sizeFolderToCopy)) {
+                        response(sprintf(trans('max_size_reached'), $MaxSizeTotal) . AddErrorLocation())->send();
+                        exit;
+                    }
+                    rcopy($data['path'], $path);
+                    rcopy($data['path_thumb'], $path_thumb);
+                } elseif ($action == 'cut') {
+                    rrename($data['path'], $path);
+                    rrename($data['path_thumb'], $path_thumb);
+                    // cleanup
+                    if (is_dir($data['path']) === TRUE) {   
+                        rrename_after_cleaner($data['path']);
+                        rrename_after_cleaner($data['path_thumb']);
+                    }
+                }
+            }
+
+            // cleanup
+            $_SESSION['SDSRF']['clipboard']['path'] = NULL;
+            $_SESSION['SDSRF']['clipboard_action'] = NULL;
+            break;
+        case 'chmod':
+            $mode = $_POST['new_mode'];
+            $rec_option = $_POST['is_recursive'];
+            $valid_options = array('none', 'files', 'folders', 'both');
+            $chmod_perm = ($_POST['folder'] ? $chmod_dirs : $chmod_files);
+
+            // check perm
+            if ($chmod_perm === FALSE) {
+                response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? (trans('Folders')) : (trans('Files')))) . AddErrorLocation())->send();
+                exit;
+            }
+            // check mode
+            if (!preg_match("/^[0-7]{3}$/", $mode)) {
+                response(trans('File_Permission_Wrong_Mode') . AddErrorLocation())->send();
+                exit;
+            }
+            // check recursive option
+            if (!in_array($rec_option, $valid_options)) {
+                response(trans("wrong option") . AddErrorLocation())->send();
+                exit;
+            }
+            // check if server disabled chmod
+            if (!$ftp && is_function_callable('chmod') === FALSE) {
+                response(sprintf(trans('Function_Disabled'), 'chmod') . AddErrorLocation())->send();
+                exit;
+            }
+
+            $mode = "0" . $mode;
+            $mode = octdec($mode);
+            if ($ftp) {
+                $ftp->chmod($mode, "/" . $path);
+            } else {
+                rchmod($path, $mode, $rec_option);
+            }
+
+            break;
+        case 'save_text_file':
+            $content = $_POST['new_content'];
+            // $content = htmlspecialchars($content); not needed
+            // $content = stripslashes($content);
+
+            if ($ftp) {
+                $tmp = time();
+                file_put_contents($tmp, $content);
+                try {
+                    $ftp->put("/" . $path, $tmp, FTP_BINARY);
+                } catch (FtpClient\FtpException $e) {
+                    echo $e->getMessage();
+                }
+                unlink($tmp);
+                response(trans('File_Save_OK'))->send();
+            } else {
+                // no file
+                if (!file_exists($path)) {
+                    response(trans('File_Not_Found') . AddErrorLocation())->send();
+                    exit;
+                }
+
+                // not writable or edit not allowed
+                if (!is_writable($path) || $edit_text_files === FALSE) {
+                    response(sprintf(trans('File_Open_Edit_Not_Allowed'), strtolower(trans('Edit'))) . AddErrorLocation())->send();
+                    exit;
+                }
+
+                if (!checkresultingsize(strlen($content))) {
+                    response(sprintf(trans('max_size_reached'), $MaxSizeTotal) . AddErrorLocation())->send();
+                    exit;
+                }
+                if (@file_put_contents($path, $content) === FALSE) {
+                    response(trans('File_Save_Error') . AddErrorLocation())->send();
+                    exit;
+                } else {
+                    response(trans('File_Save_OK'))->send();
+                    exit;
+                }
+            }
+
+            break;
+        default:
+            response(trans('wrong action') . AddErrorLocation())->send();
+            exit;
+    }
+}
+?>

modules/revsliderprestashop/include/filemanager/force_download.php

@@ -0,0 +1,135 @@
+<?php
+if (!defined('_PS_VERSION_')) {  exit; }
+$config = include 'config/config.php';
+
+
+//TODO switch to array
+extract($config, EXTR_OVERWRITE);
+
+include 'include/utils.php';
+
+$ftp = ftp_con($config);
+
+//if ($_SESSION['SDSRF']["verify"] != "RESPONSIVEfilemanager")
+//{
+//	response(trans('forbiden').AddErrorLocation(), 403)->send();
+//	exit;
+//}
+
+include 'include/mime_type_lib.php';
+
+if (
+        strpos($_POST['path'], '/') === 0 || strpos($_POST['path'], '../') !== false || strpos($_POST['path'], './') === 0 || strpos($_POST['path'], '..\\') !== false || strpos($_POST['path'], '.\\') === 0
+) {
+    response(trans('wrong path' . AddErrorLocation()), 400)->send();
+    exit;
+}
+
+
+if (strpos($_POST['name'], '/') !== false) {
+    response(trans('wrong path' . AddErrorLocation()), 400)->send();
+    exit;
+}
+if ($ftp) {
+    $path = $ftp_base_url . $upload_dir . $_POST['path'];
+} else {
+    $path = $current_path . $_POST['path'];
+}
+
+$name = $_POST['name'];
+
+$info = pathinfo($name);
+
+if (!in_array(fix_strtolower($info['extension']), $ext)) {
+    response(trans('wrong extension' . AddErrorLocation()), 400)->send();
+    exit;
+}
+
+
+
+$file_name = $info['basename'];
+$file_ext = $info['extension'];
+$file_path = $path . $name;
+
+// make sure the file exists
+if ($ftp) {
+    $file_url = 'http://www.myremoteserver.com/file.exe';
+    header('Content-Type: application/octet-stream');
+    header("Content-Transfer-Encoding: Binary");
+    header("Content-disposition: attachment; filename=\"" . $file_name . "\"");
+    readfile($file_path);
+} elseif (is_file($file_path) && is_readable($file_path)) {
+    if (!file_exists($path . $name)) {
+        response(trans('File_Not_Found' . AddErrorLocation()), 404)->send();
+        exit;
+    }
+
+    $size = filesize($file_path);
+    $file_name = rawurldecode($file_name);
+    if (function_exists('mime_content_type')) {
+        $mime_type = mime_content_type($file_path);
+    } elseif (function_exists('finfo_open')) {
+        $finfo = finfo_open(FILEINFO_MIME_TYPE);
+        $mime_type = finfo_file($finfo, $file_path);
+    } else {
+        include 'include/mime_type_lib.php';
+        $mime_type = get_file_mime_type($file_path);
+    }
+
+    @ob_end_clean();
+    if (ini_get('zlib.output_compression')) {
+        ini_set('zlib.output_compression', 'Off');
+    }
+    header('Content-Type: ' . $mime_type);
+    header('Content-Disposition: attachment; filename="' . $file_name . '"');
+    header("Content-Transfer-Encoding: binary");
+    header('Accept-Ranges: bytes');
+
+    if (isset($_SERVER['HTTP_RANGE'])) {
+        list($a, $range) = explode("=", $_SERVER['HTTP_RANGE'], 2);
+        list($range) = explode(",", $range, 2);
+        list($range, $range_end) = explode("-", $range);
+        $range = intval($range);
+        if (!$range_end) {
+            $range_end = $size - 1;
+        } else {
+            $range_end = intval($range_end);
+        }
+
+        $new_length = $range_end - $range + 1;
+        header("HTTP/1.1 206 Partial Content");
+        header("Content-Length: $new_length");
+        header("Content-Range: bytes $range-$range_end/$size");
+    } else {
+        $new_length = $size;
+        header("Content-Length: " . $size);
+    }
+
+    $chunksize = 1 * (1024 * 1024);
+    $bytes_send = 0;
+    if ($file = fopen($file_path, 'r')) {
+        if (isset($_SERVER['HTTP_RANGE']))
+            fseek($file, $range);
+
+        while (!feof($file) &&
+        (!connection_aborted()) &&
+        ($bytes_send < $new_length)
+        ) {
+            $buffer = fread($file, $chunksize);
+            echo($buffer);
+            flush();
+            $bytes_send += strlen($buffer);
+        }
+        fclose($file);
+    } else {
+        die('Error - can not open file.');
+    }
+
+    die();
+} else {
+    // file does not exist
+    header("HTTP/1.0 404 Not Found");
+    exit;
+}
+
+exit;