#1022 - Отображение картинок в редакторе страниц

backend/web/filemanager/force_download.php

 <?php
-include 'config/config.php';
-if($_SESSION['RF']["verify"] != "RESPONSIVEfilemanager") die('forbiden');
+
+$config = include 'config/config.php';
+
+//TODO switch to array
+extract($config, EXTR_OVERWRITE);
+
 include 'include/utils.php';
+
+if ($_SESSION['RF']["verify"] != "RESPONSIVEfilemanager")
+{
+	response('forbiden', 403)->send();
+	exit;
+}
+
 include 'include/mime_type_lib.php';
 
-if(strpos($_POST['path'],'/')===0
-    || strpos($_POST['path'],'../')!==FALSE
-    || strpos($_POST['path'],'./')===0)
-    die('wrong path');
+if (
+	strpos($_POST['path'], '/') === 0
+	|| strpos($_POST['path'], '../') !== false
+	|| strpos($_POST['path'], './') === 0
+)
+{
+	response('wrong path', 400)->send();
+	exit;
+}
+
+
+if (strpos($_POST['name'], '/') !== false)
+{
+	response('wrong path', 400)->send();
+	exit;
+}
+
+$path = $current_path . $_POST['path'];
+$name = $_POST['name'];
 
-if(strpos($_POST['name'],'/')!==FALSE)
-    die('wrong path');
+$info = pathinfo($name);
 
-$path=$current_path.$_POST['path'];
-$name=$_POST['name'];
+if ( ! in_array(fix_strtolower($info['extension']), $ext))
+{
+	response('wrong extension', 400)->send();
+	exit;
+}
 
-$info=pathinfo($name);
-if(!in_array(fix_strtolower($info['extension']), $ext)){
-    die('wrong extension');
+if ( ! file_exists($path . $name))
+{
+	response('File not found', 404)->send();
+	exit;
 }
 
-$img_size = (string)(filesize($path.$name)); // Get the image size as string
+$img_size = (string) (filesize($path . $name)); // Get the image size as string
 
-$mime_type = get_file_mime_type( $path.$name ); // Get the correct MIME type depending on the file.
+$mime_type = get_file_mime_type($path . $name); // Get the correct MIME type depending on the file.
 
-header('Pragma: private');
-header('Cache-control: private, must-revalidate');
-header("Content-Type: " . $mime_type); // Set the correct MIME type
-header("Content-Length: " . $img_size );
-header('Content-Disposition: attachment; filename="'.($name).'"');
-readfile($path.$name);
+response(file_get_contents($path . $name), 200, array(
+	'Pragma'              => 'private',
+	'Cache-control'       => 'private, must-revalidate',
+	'Content-Type'        => $mime_type,
+	'Content-Length'      => $img_size,
+	'Content-Disposition' => 'attachment; filename="' . ($name) . '"'
+))->send();
 
-exit;
-?>
+exit;
\ No newline at end of file
\ No newline at end of file

backend/web/filemanager/include/mime_type_lib.php

 <?php
 
 /********************************
-	The following commented code can be uncommented if you wish
-	to quickly find information about your system's MIME setup.
-	
-	Simply remove the "REMOVE ME TO TEST" lines below to have
-	the code run when this file runs.
-	
-	In addition to these tests, you'll find some commented code
-	at the bottom of the file that can be used to test the
-	function.
-	
-	Run the code with this command:
-	php mime_type_lib.php
-********************************/
+ * The following commented code can be uncommented if you wish
+ * to quickly find information about your system's MIME setup.
+ *
+ * Simply remove the "REMOVE ME TO TEST" lines below to have
+ * the code run when this file runs.
+ *
+ * In addition to these tests, you'll find some commented code
+ * at the bottom of the file that can be used to test the
+ * function.
+ *
+ * Run the code with this command:
+ * php mime_type_lib.php
+ ********************************/
 
 
 /* REMOVE ME TO TEST
@@ -31,30 +31,41 @@ else
 REMOVE ME TO TEST */
 
 
+if ( ! function_exists('get_file_mime_type'))
+{
+	function get_file_mime_type($filename, $debug = false)
+	{
+		if (function_exists('finfo_open') && function_exists('finfo_file') && function_exists('finfo_close'))
+		{
+			$fileinfo = finfo_open(FILEINFO_MIME);
+			$mime_type = finfo_file($fileinfo, $filename);
+			finfo_close($fileinfo);
 
-if( ! function_exists( 'get_file_mime_type' ) ) {
-	function get_file_mime_type( $filename, $debug = false ) {
-		if ( function_exists( 'finfo_open' ) && function_exists( 'finfo_file' ) && function_exists( 'finfo_close' ) ) {
-			$fileinfo = finfo_open( FILEINFO_MIME );
-			$mime_type = finfo_file( $fileinfo, $filename );
-			finfo_close( $fileinfo );
-			
-			if ( ! empty( $mime_type ) ) {
-				if ( true === $debug )
+			if ( ! empty($mime_type))
+			{
+				if (true === $debug)
+				{
 					return array( 'mime_type' => $mime_type, 'method' => 'fileinfo' );
+				}
+
 				return $mime_type;
 			}
 		}
-		if ( function_exists( 'mime_content_type' ) ) {
-			$mime_type = mime_content_type( $filename );
-			
-			if ( ! empty( $mime_type ) ) {
-				if ( true === $debug )
+		if (function_exists('mime_content_type'))
+		{
+			$mime_type = mime_content_type($filename);
+
+			if ( ! empty($mime_type))
+			{
+				if (true === $debug)
+				{
 					return array( 'mime_type' => $mime_type, 'method' => 'mime_content_type' );
+				}
+
 				return $mime_type;
 			}
 		}
-		
+
 		$mime_types = array(
 			'ai'      => 'application/postscript',
 			'aif'     => 'audio/x-aiff',
@@ -245,41 +256,45 @@ if( ! function_exists( 'get_file_mime_type' ) ) {
 			'xyz'     => 'chemical/x-xyz',
 			'zip'     => 'application/zip'
 		);
-		
-		$tmp_array=explode( '.', $filename );
-		$ext = strtolower( array_pop( $tmp_array ) );
-		
-		if ( ! empty( $mime_types[$ext] ) ) {
-			if ( true === $debug )
-				return array( 'mime_type' => $mime_types[$ext], 'method' => 'from_array' );
-			return $mime_types[$ext];
+
+		$tmp_array = explode('.', $filename);
+		$ext = strtolower(array_pop($tmp_array));
+
+		if ( ! empty($mime_types[ $ext ]))
+		{
+			if (true === $debug)
+			{
+				return array( 'mime_type' => $mime_types[ $ext ], 'method' => 'from_array' );
+			}
+
+			return $mime_types[ $ext ];
 		}
-		
-		if ( true === $debug )
+
+		if (true === $debug)
+		{
 			return array( 'mime_type' => 'application/octet-stream', 'method' => 'last_resort' );
+		}
+
 		return 'application/octet-stream';
 	}
 }
 
 
-
 /********************
-	The following code can be used to test the function.
-	First put a plain text file named "test.txt" and a
-	JPEG image file named "image.jpg" in the same folder
-	as this file.
-	
-	Simply remove the "REMOVE ME TO TEST" lines below to have
-	the code run when this file runs.
-	
-	Run the code with this command:
-	php mime_type_lib.php
-********************/
+ * The following code can be used to test the function.
+ * First put a plain text file named "test.txt" and a
+ * JPEG image file named "image.jpg" in the same folder
+ * as this file.
+ *
+ * Simply remove the "REMOVE ME TO TEST" lines below to have
+ * the code run when this file runs.
+ *
+ * Run the code with this command:
+ * php mime_type_lib.php
+ ********************/
 
 
 /* REMOVE ME TO TEST
 echo get_file_mime_type( 'test.txt' ) . "\n";
 echo print_r( get_file_mime_type( 'image.jpg', true ), true ) . "\n";
 REMOVE ME TO TEST */
-
-?>

backend/web/filemanager/js/ViewerJS/ODFViewerPlugin.css

+/**
+ * Copyright (C) 2013-2014 KO GmbH <copyright@kogmbh.com>
+ *
+ * @licstart
+ * This file is part of WebODF.
+ *
+ * WebODF is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Affero General Public License (GNU AGPL)
+ * as published by the Free Software Foundation, either version 3 of
+ * the License, or (at your option) any later version.
+ *
+ * WebODF is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with WebODF.  If not, see <http://www.gnu.org/licenses/>.
+ * @licend
+ *
+ * @source: http://www.webodf.org/
+ * @source: https://github.com/kogmbh/WebODF/
+ */
+
+@namespace cursor url(urn:webodf:names:cursor);
+
+.caret {
+    opacity: 0 !important;
+}

backend/web/filemanager/js/ViewerJS/PDFViewerPlugin.css

+.page {
+    margin: 7px auto 7px auto;
+    position: relative;
+    overflow: hidden;
+    background-clip: content-box;
+    background-color: white;
+    
+    box-shadow:         0px 0px 7px rgba(0, 0, 0, 0.75);
+    -webkit-box-shadow: 0px 0px 7px rgba(0, 0, 0, 0.75);
+    -moz-box-shadow:    0px 0px 7px rgba(0, 0, 0, 0.75);
+    -ms-box-shadow:    0px 0px 7px rgba(0, 0, 0, 0.75);
+    -o-box-shadow:    0px 0px 7px rgba(0, 0, 0, 0.75);
+}
+
+.textLayer {
+  position: absolute;
+  left: 0;
+  top: 0;
+  right: 0;
+  bottom: 0;
+  color: #000;
+  font-family: sans-serif;
+  overflow: hidden;
+}
+
+.textLayer > div {
+  color: transparent;
+  position: absolute;
+  line-height: 1;
+  white-space: pre;
+  cursor: text;
+}
+
+::selection { background:rgba(0,0,255,0.3); }
+::-moz-selection { background:rgba(0,0,255,0.3); }
+

backend/web/filemanager/js/ViewerJS/example.local.css

+/* This is just a sample file with CSS rules. You should write your own @font-face declarations
+ * to add support for your desired fonts.
+ */
+
+@font-face {
+  font-family: 'Novecentowide Book';
+  src: url("/ViewerJS/fonts/Novecentowide-Bold-webfont.eot");
+  src: url("/ViewerJS/fonts/Novecentowide-Bold-webfont.eot?#iefix") format("embedded-opentype"),
+  url("/ViewerJS/fonts/Novecentowide-Bold-webfont.woff") format("woff"),
+  url("/fonts/Novecentowide-Bold-webfont.ttf") format("truetype"),
+  url("/fonts/Novecentowide-Bold-webfont.svg#NovecentowideBookBold") format("svg");
+  font-weight: normal;
+  font-style: normal;
+}
+
+@font-face {
+    font-family: 'exotica';
+    src: url('/ViewerJS/fonts/Exotica-webfont.eot');
+    src: url('/ViewerJS/fonts/Exotica-webfont.eot?#iefix') format('embedded-opentype'),
+         url('/ViewerJS/fonts/Exotica-webfont.woff') format('woff'),
+         url('/ViewerJS/fonts/Exotica-webfont.ttf') format('truetype'),
+         url('/ViewerJS/fonts/Exotica-webfont.svg#exoticamedium') format('svg');
+    font-weight: normal;
+    font-style: normal;
+
+}
+

backend/web/filemanager/js/ViewerJS/pdfjsversion.js

+var /**@const{!string}*/pdfjs_version = "v1.1.114";

backend/web/filemanager/js/ViewerJS/viewer.js

+function Viewer(c,r){function P(){var a,f,b,d,h;c&&(b=c.getPluginName(),d=c.getPluginVersion(),h=c.getPluginURL());a=document.createElement("div");a.id="aboutDialogCentererTable";f=document.createElement("div");f.id="aboutDialogCentererCell";s=document.createElement("div");s.id="aboutDialog";s.innerHTML='<h1>ViewerJS</h1><p>Open Source document viewer for webpages, built with HTML and JavaScript.</p><p>Learn more and get your own copy on the <a href="http://viewerjs.org/" target="_blank">ViewerJS website</a>.</p>'+
+(c?'<p>Using the <a href = "'+h+'" target="_blank">'+b+'</a> (<span id = "pluginVersion">'+d+"</span>) plugin to show you this document.</p>":"")+'<p>Supported by <a href="http://nlnet.nl" target="_blank"><br><img src="images/nlnet.png" width="160" height="60" alt="NLnet Foundation"></a></p><p>Made by <a href="http://kogmbh.com" target="_blank"><br><img src="images/kogmbh.png" width="172" height="40" alt="KO GmbH"></a></p><button id = "aboutDialogCloseButton" class = "toolbarButton textButton">Close</button>';
+w.appendChild(a);a.appendChild(f);f.appendChild(s);a=document.createElement("button");a.id="about";a.className="toolbarButton textButton about";a.title="About";a.innerHTML="ViewerJS";Q.appendChild(a);a.addEventListener("click",function(){w.style.display="block"});document.getElementById("aboutDialogCloseButton").addEventListener("click",function(){w.style.display="none"})}function D(a){var f=R.options,b,c=!1,d;for(d=0;d<f.length;d+=1)b=f[d],b.value!==a?b.selected=!1:c=b.selected=!0;return c}function E(a,
+f,c){a!==b.getZoomLevel()&&(b.setZoomLevel(a),c=document.createEvent("UIEvents"),c.initUIEvent("scalechange",!1,!1,window,0),c.scale=a,c.resetAutoSettings=f,window.dispatchEvent(c))}function F(){var a;if(c.onScroll)c.onScroll();c.getPageInView&&(a=c.getPageInView())&&(m=a,document.getElementById("pageNumber").value=a)}function G(a){window.clearTimeout(H);H=window.setTimeout(function(){F()},a)}function e(a,b,g){var e,h;if(e="custom"===a?parseFloat(document.getElementById("customScaleOption").textContent)/
+100:parseFloat(a))E(e,!0,g);else{e=d.clientWidth-t;h=d.clientHeight-t;switch(a){case "page-actual":E(1,b,g);break;case "page-width":c.fitToWidth(e);break;case "page-height":c.fitToHeight(h);break;case "page-fit":c.fitToPage(e,h);break;case "auto":c.isSlideshow()?c.fitToPage(e+t,h+t):c.fitSmart(e)}D(a)}G(300)}function S(a){var b;return-1!==["auto","page-actual","page-width"].indexOf(a)?a:(b=parseFloat(a))&&I<=b&&b<=J?a:T}function u(){n=!n;k&&!n&&b.togglePresentationMode()}function x(){v&&(y.className=
+"viewer-touched",window.clearTimeout(K),K=window.setTimeout(function(){y.className=""},5E3))}function z(){l.classList.add("viewer-touched");p.classList.add("viewer-touched");window.clearTimeout(L);L=window.setTimeout(function(){A()},5E3)}function A(){l.classList.remove("viewer-touched");p.classList.remove("viewer-touched")}function B(){l.classList.contains("viewer-touched")?A():z()}function M(a){blanked.style.display="block";blanked.style.backgroundColor=a;A()}var b=this,t=40,I=0.25,J=4,T="auto",
+k=!1,n=!1,N=!1,v=!1,C,g=document.getElementById("viewer"),d=document.getElementById("canvasContainer"),y=document.getElementById("overlayNavigator"),l=document.getElementById("titlebar"),p=document.getElementById("toolbarContainer"),O=document.getElementById("toolbarLeft"),U=document.getElementById("toolbarMiddleContainer"),R=document.getElementById("scaleSelect"),w=document.getElementById("dialogOverlay"),Q=document.getElementById("toolbarRight"),s,q=[],m,H,K,L;this.initialize=function(){var a;a=
+S(r.zoom);C=r.documentUrl;document.title=r.title;var f=document.getElementById("documentName");f.innerHTML="";f.appendChild(f.ownerDocument.createTextNode(r.title));c.onLoad=function(){document.getElementById("pluginVersion").innerHTML=c.getPluginVersion();(v=c.isSlideshow())?(d.classList.add("slideshow"),O.style.visibility="visible"):(U.style.visibility="visible",c.getPageInView&&(O.style.visibility="visible"));N=!0;q=c.getPages();document.getElementById("numPages").innerHTML="of "+q.length;b.showPage(1);
+e(a);d.onscroll=F;G()};c.initialize(d,C)};this.showPage=function(a){0>=a?a=1:a>q.length&&(a=q.length);c.showPage(a);m=a;document.getElementById("pageNumber").value=m};this.showNextPage=function(){b.showPage(m+1)};this.showPreviousPage=function(){b.showPage(m-1)};this.download=function(){var a=C.split("#")[0];window.open(a+"#viewer.action=download","_parent")};this.toggleFullScreen=function(){n?document.exitFullscreen?document.exitFullscreen():document.cancelFullScreen?document.cancelFullScreen():
+document.mozCancelFullScreen?document.mozCancelFullScreen():document.webkitExitFullscreen?document.webkitExitFullscreen():document.webkitCancelFullScreen?document.webkitCancelFullScreen():document.msExitFullscreen&&document.msExitFullscreen():g.requestFullscreen?g.requestFullscreen():g.mozRequestFullScreen?g.mozRequestFullScreen():g.webkitRequestFullscreen?g.webkitRequestFullscreen():g.webkitRequestFullScreen?g.webkitRequestFullScreen(Element.ALLOW_KEYBOARD_INPUT):g.msRequestFullscreen&&g.msRequestFullscreen()};
+this.togglePresentationMode=function(){var a=document.getElementById("overlayCloseButton");k?("block"===blanked.style.display&&(blanked.style.display="none",B()),l.style.display=p.style.display="block",a.style.display="none",d.classList.remove("presentationMode"),d.onmouseup=function(){},d.oncontextmenu=function(){},d.onmousedown=function(){},e("auto"),v=c.isSlideshow()):(l.style.display=p.style.display="none",a.style.display="block",d.classList.add("presentationMode"),v=!0,d.onmousedown=function(a){a.preventDefault()},
+d.oncontextmenu=function(a){a.preventDefault()},d.onmouseup=function(a){a.preventDefault();1===a.which?b.showNextPage():b.showPreviousPage()},e("page-fit"));k=!k};this.getZoomLevel=function(){return c.getZoomLevel()};this.setZoomLevel=function(a){c.setZoomLevel(a)};this.zoomOut=function(){var a=(b.getZoomLevel()/1.1).toFixed(2),a=Math.max(I,a);e(a,!0)};this.zoomIn=function(){var a=(1.1*b.getZoomLevel()).toFixed(2),a=Math.min(J,a);e(a,!0)};(function(){P();c&&(b.initialize(),document.exitFullscreen||
+document.cancelFullScreen||document.mozCancelFullScreen||document.webkitExitFullscreen||document.webkitCancelFullScreen||document.msExitFullscreen||(document.getElementById("fullscreen").style.visibility="hidden",document.getElementById("presentation").style.visibility="hidden"),document.getElementById("overlayCloseButton").addEventListener("click",b.toggleFullScreen),document.getElementById("fullscreen").addEventListener("click",b.toggleFullScreen),document.getElementById("presentation").addEventListener("click",
+function(){n||b.toggleFullScreen();b.togglePresentationMode()}),document.addEventListener("fullscreenchange",u),document.addEventListener("webkitfullscreenchange",u),document.addEventListener("mozfullscreenchange",u),document.addEventListener("MSFullscreenChange",u),document.getElementById("download").addEventListener("click",function(){b.download()}),document.getElementById("zoomOut").addEventListener("click",function(){b.zoomOut()}),document.getElementById("zoomIn").addEventListener("click",function(){b.zoomIn()}),
+document.getElementById("previous").addEventListener("click",function(){b.showPreviousPage()}),document.getElementById("next").addEventListener("click",function(){b.showNextPage()}),document.getElementById("previousPage").addEventListener("click",function(){b.showPreviousPage()}),document.getElementById("nextPage").addEventListener("click",function(){b.showNextPage()}),document.getElementById("pageNumber").addEventListener("change",function(){b.showPage(this.value)}),document.getElementById("scaleSelect").addEventListener("change",
+function(){e(this.value)}),d.addEventListener("click",x),y.addEventListener("click",x),d.addEventListener("click",B),l.addEventListener("click",z),p.addEventListener("click",z),window.addEventListener("scalechange",function(a){var b=document.getElementById("customScaleOption"),c=D(String(a.scale));b.selected=!1;c||(b.textContent=Math.round(1E4*a.scale)/100+"%",b.selected=!0)},!0),window.addEventListener("resize",function(a){N&&(document.getElementById("pageWidthOption").selected||document.getElementById("pageAutoOption").selected)&&
+e(document.getElementById("scaleSelect").value);x()}),window.addEventListener("keydown",function(a){var c=a.keyCode;a=a.shiftKey;if("block"===blanked.style.display)switch(c){case 16:case 17:case 18:case 91:case 93:case 224:case 225:break;default:blanked.style.display="none",B()}else switch(c){case 8:case 33:case 37:case 38:case 80:b.showPreviousPage();break;case 13:case 34:case 39:case 40:case 78:b.showNextPage();break;case 32:a?b.showPreviousPage():b.showNextPage();break;case 66:case 190:k&&M("#000");
+break;case 87:case 188:k&&M("#FFF");break;case 36:b.showPage(0);break;case 35:b.showPage(q.length)}}))})()};