Hello,
on my test site (http://wiki.kalmbachnet.de/) I have put my new plugin:
UserFileManagement.
With this plugin every authorized user can upload / rename and delete files
and folders. Of course he/she can only change files, which are uploaded by
him/herself. But he/she can view all other files also.
The files are stored in the normal filesystem (in a special directory). It
should be safe for any attacks...
Unauthorized users can only view the files (at the moment I only check
isSignedIn, which allows also bogo-logins!!!)).
The admin can change all files/dirs.
The user can upload either file by file (10 at a time), or put all the files
in a zip-file and this zip file is unziped on the server to the actual
directory.
To get this work I have to extend some classes:
1. class Request_UploadedFile in Request.php:
Add the function move($dest)
2. class fileSet
Add support for retriving sub-directories:
- Add function getSubDirs()
- Add some stuff in function fileSet
This is just for discussion. I am not a phpWiki-developer, so it is not
checked in.
Greetings
Jochen
PS: changes to stdlib.php and Request.php
Index: Request.php
===================================================================
RCS file: /cvsroot/phpwiki/phpwiki/lib/Request.php,v
retrieving revision 1.24
diff -r1.24 Request.php
331a332,335
>
> function move($dest) {
> return move_uploaded_file($this->_info['tmp_name'], $dest);
> }
Index: stdlib.php
===================================================================
RCS file: /cvsroot/phpwiki/phpwiki/lib/stdlib.php,v
retrieving revision 1.132
diff -r1.132 stdlib.php
1009a1010,1013
> function getSubDirs() {
> return $this->_subDirList;
> }
>
1019a1024
> $this->_subDirList = array();
1037a1043,1046
> if(filetype($dir . $this->_pathsep . $filename) == 'dir') {
> array_push($this->_subDirList, "$filename");
> continue;
> }
|
