Mercurial > hg > isophonics-drupal-site
view core/lib/Drupal/Core/FileTransfer/FTPExtension.php @ 13:5fb285c0d0e3
Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've
been lucky to get away with this so far, as we don't support self-registration
which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5
was vulnerable to.
author | Chris Cannam |
---|---|
date | Mon, 23 Apr 2018 09:33:26 +0100 |
parents | 4c8ae668cc8c |
children |
line wrap: on
line source
<?php namespace Drupal\Core\FileTransfer; /** * Defines a file transfer class using the PHP FTP extension. */ class FTPExtension extends FTP implements ChmodInterface { /** * {@inheritdoc} */ public function connect() { $this->connection = ftp_connect($this->hostname, $this->port); if (!$this->connection) { throw new FileTransferException("Cannot connect to FTP Server, check settings"); } if (!ftp_login($this->connection, $this->username, $this->password)) { throw new FileTransferException("Cannot log in to FTP server. Check username and password"); } } /** * {@inheritdoc} */ protected function copyFileJailed($source, $destination) { if (!@ftp_put($this->connection, $destination, $source, FTP_BINARY)) { throw new FileTransferException("Cannot move @source to @destination", NULL, ["@source" => $source, "@destination" => $destination]); } } /** * {@inheritdoc} */ protected function createDirectoryJailed($directory) { if (!ftp_mkdir($this->connection, $directory)) { throw new FileTransferException("Cannot create directory @directory", NULL, ["@directory" => $directory]); } } /** * {@inheritdoc} */ protected function removeDirectoryJailed($directory) { $pwd = ftp_pwd($this->connection); if (!ftp_chdir($this->connection, $directory)) { throw new FileTransferException("Unable to change the current directory to @directory", NULL, ['@directory' => $directory]); } $list = @ftp_nlist($this->connection, '.'); if (!$list) { $list = []; } foreach ($list as $item) { if ($item == '.' || $item == '..') { continue; } if (@ftp_chdir($this->connection, $item)) { ftp_cdup($this->connection); $this->removeDirectory(ftp_pwd($this->connection) . '/' . $item); } else { $this->removeFile(ftp_pwd($this->connection) . '/' . $item); } } ftp_chdir($this->connection, $pwd); if (!ftp_rmdir($this->connection, $directory)) { throw new FileTransferException("Unable to remove the directory @directory", NULL, ['@directory' => $directory]); } } /** * {@inheritdoc} */ protected function removeFileJailed($destination) { if (!ftp_delete($this->connection, $destination)) { throw new FileTransferException("Unable to remove the file @file", NULL, ['@file' => $destination]); } } /** * {@inheritdoc} */ public function isDirectory($path) { $result = FALSE; $curr = ftp_pwd($this->connection); if (@ftp_chdir($this->connection, $path)) { $result = TRUE; } ftp_chdir($this->connection, $curr); return $result; } /** * {@inheritdoc} */ public function isFile($path) { return ftp_size($this->connection, $path) != -1; } /** * {@inheritdoc} */ public function chmodJailed($path, $mode, $recursive) { if (!ftp_chmod($this->connection, $mode, $path)) { throw new FileTransferException("Unable to set permissions on %file", NULL, ['%file' => $path]); } if ($this->isDirectory($path) && $recursive) { $filelist = @ftp_nlist($this->connection, $path); if (!$filelist) { // empty directory - returns false return; } foreach ($filelist as $file) { $this->chmodJailed($file, $mode, $recursive); } } } }