Rumah >pembangunan bahagian belakang >tutorial php >用PHP实现一个高效率安全的ftp服务器(二)
用PHP实现一个高效安全的ftp服务器(二)
接前文。
用户的存储采用文本形式,将用户数组进行json编码。
<span style="color: #000000;">用户文件格式: </span>* <span style="color: #0000ff;">array</span><span style="color: #000000;">( </span>* 'user1' => <span style="color: #0000ff;">array</span><span style="color: #000000;">( </span>* 'pass'=>'', * 'group'=>'', * 'home'=>'/home/ftp/', <span style="color: #008000;">//</span><span style="color: #008000;">ftp主目录</span> * 'active'=><span style="color: #0000ff;">true</span>, * 'expired=>'2015-12-12'<span style="color: #000000;">, * </span>'description'=>''<span style="color: #000000;">, * </span>'email' => ''<span style="color: #000000;">, * </span>'folder'<span style="color: #000000;">=>array( * //可以列出主目录下的文件和目录,但不能创建和删除,也不能进入主目录下的目录 * //前1-5位是文件权限,6-9是文件夹权限,10是否继承(inherit) * array(</span>'path'=>'/home/ftp/','access'=>'RWANDLCNDI'<span style="color: #000000;">), * //可以列出/home/ftp/a/下的文件和目录,可以创建和删除,可以进入/home/ftp/a/下的子目录,可以创建和删除。 * array(</span>'path'=>'/home/ftp/a/','access'=>'RWAND-----'<span style="color: #000000;">), * ), * </span>'ip'<span style="color: #000000;">=>array( * </span>'allow'<span style="color: #000000;">=>array(ip1,ip2,...),//支持*通配符: 192.168.0.* * </span>'deny'<span style="color: #000000;">=>array(ip1,ip2,...) * ) * ) * ) * * 组文件格式: * array( * </span>'group1'<span style="color: #000000;">=>array( * </span>'home'=>'/home/ftp/dept1/'<span style="color: #000000;">, * </span>'folder'<span style="color: #000000;">=>array( * * ), * </span>'ip'<span style="color: #000000;">=>array( * </span>'allow'<span style="color: #000000;">=>array(ip1,ip2,...), * </span>'deny'<span style="color: #000000;">=>array(ip1,ip2,...) * ) * ) * )</span>
文件夹和文件的权限说明:
* 文件权限 * R读 : 允许用户读取(即下载)文件。该权限不允许用户列出目录内容,执行该操作需要列表权限。 * W写: 允许用户写入(即上传)文件。该权限不允许用户修改现有的文件,执行该操作需要追加权限。 * A追加: 允许用户向现有文件中追加数据。该权限通常用于使用户能够对部分上传的文件进行续传。 * N重命名: 允许用户重命名现有的文件。 * D删除: 允许用户删除文件。 * * 目录权限 * L列表: 允许用户列出目录中包含的文件。 * C创建: 允许用户在目录中新建子目录。 * N重命名: 允许用户在目录中重命名现有子目录。 * D删除: 允许用户在目录中删除现有子目录。注意: 如果目录包含文件,用户要删除目录还需要具有删除文件权限。 * * 子目录权限 * I继承: 允许所有子目录继承其父目录具有的相同权限。继承权限适用于大多数情况,但是如果访问必须受限于子文件夹,例如实施强制访问控制(Mandatory Access Control)时,则取消继承并为文件夹逐一授予权限。 *
实现代码如下:
<span style="color: #0000ff;">class</span><span style="color: #000000;"> User{ </span><span style="color: #0000ff;">const</span> I = 1; <span style="color: #008000;">//</span><span style="color: #008000;"> inherit</span> <span style="color: #0000ff;">const</span> FD = 2; <span style="color: #008000;">//</span><span style="color: #008000;"> folder delete</span> <span style="color: #0000ff;">const</span> FN = 4; <span style="color: #008000;">//</span><span style="color: #008000;"> folder rename</span> <span style="color: #0000ff;">const</span> FC = 8; <span style="color: #008000;">//</span><span style="color: #008000;"> folder create</span> <span style="color: #0000ff;">const</span> FL = 16; <span style="color: #008000;">//</span><span style="color: #008000;"> folder list</span> <span style="color: #0000ff;">const</span> D = 32; <span style="color: #008000;">//</span><span style="color: #008000;"> file delete</span> <span style="color: #0000ff;">const</span> N = 64; <span style="color: #008000;">//</span><span style="color: #008000;"> file rename</span> <span style="color: #0000ff;">const</span> A = 128; <span style="color: #008000;">//</span><span style="color: #008000;"> file append</span> <span style="color: #0000ff;">const</span> W = 256; <span style="color: #008000;">//</span><span style="color: #008000;"> file write (upload)</span> <span style="color: #0000ff;">const</span> R = 512; <span style="color: #008000;">//</span><span style="color: #008000;"> file read (download) </span> <span style="color: #0000ff;">private</span> <span style="color: #800080;">$hash_salt</span> = ''<span style="color: #000000;">; </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$user_file</span><span style="color: #000000;">; </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$group_file</span><span style="color: #000000;">; </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$users</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">(); </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$groups</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">(); </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$file_hash</span> = ''<span style="color: #000000;">; </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> __construct(){ </span><span style="color: #800080;">$this</span>->user_file = BASE_PATH.'/conf/users'<span style="color: #000000;">; </span><span style="color: #800080;">$this</span>->group_file = BASE_PATH.'/conf/groups'<span style="color: #000000;">; </span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload(); } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 返回权限表达式 * @param int $access * @return string </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">static</span> <span style="color: #0000ff;">function</span> AC(<span style="color: #800080;">$access</span><span style="color: #000000;">){ </span><span style="color: #800080;">$str</span> = ''<span style="color: #000000;">; </span><span style="color: #800080;">$char</span> = <span style="color: #0000ff;">array</span>('R','W','A','N','D','L','C','N','D','I'<span style="color: #000000;">); </span><span style="color: #0000ff;">for</span>(<span style="color: #800080;">$i</span> = 0; <span style="color: #800080;">$i</span> $i++<span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$access</span> & <span style="color: #008080;">pow</span>(2,9-<span style="color: #800080;">$i</span>))<span style="color: #800080;">$str</span>.= <span style="color: #800080;">$char</span>[<span style="color: #800080;">$i</span>];<span style="color: #0000ff;">else</span> <span style="color: #800080;">$str</span>.= '-'<span style="color: #000000;">; } </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$str</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 加载用户数据 </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> reload(){ </span><span style="color: #800080;">$user_file_hash</span> = <span style="color: #008080;">md5_file</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">user_file); </span><span style="color: #800080;">$group_file_hash</span> = <span style="color: #008080;">md5_file</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">group_file); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>->file_hash != <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user_file_hash</span>.<span style="color: #800080;">$group_file_hash</span><span style="color: #000000;">)){ </span><span style="color: #0000ff;">if</span>((<span style="color: #800080;">$user</span> = <span style="color: #008080;">file_get_contents</span>(<span style="color: #800080;">$this</span>->user_file)) !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){ </span><span style="color: #800080;">$this</span>->users = json_decode(<span style="color: #800080;">$user</span>,<span style="color: #0000ff;">true</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">users){ </span><span style="color: #008000;">//</span><span style="color: #008000;">folder排序</span> <span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">])){ </span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['folder'] = <span style="color: #800080;">$this</span>->sortFolder(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">]); } } } } </span><span style="color: #0000ff;">if</span>((<span style="color: #800080;">$group</span> = <span style="color: #008080;">file_get_contents</span>(<span style="color: #800080;">$this</span>->group_file)) !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){ </span><span style="color: #800080;">$this</span>->groups = json_decode(<span style="color: #800080;">$group</span>,<span style="color: #0000ff;">true</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">groups){ </span><span style="color: #008000;">//</span><span style="color: #008000;">folder排序</span> <span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups <span style="color: #0000ff;">as</span> <span style="color: #800080;">$group</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">])){ </span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'] = <span style="color: #800080;">$this</span>->sortFolder(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">]); } } } } </span><span style="color: #800080;">$this</span>->file_hash = <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user_file_hash</span>.<span style="color: #800080;">$group_file_hash</span><span style="color: #000000;">); } } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 对folder进行排序 * @return array </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">private</span> <span style="color: #0000ff;">function</span> sortFolder(<span style="color: #800080;">$folder</span><span style="color: #000000;">){ </span><span style="color: #008080;">uasort</span>(<span style="color: #800080;">$folder</span>, <span style="color: #0000ff;">function</span>(<span style="color: #800080;">$a</span>,<span style="color: #800080;">$b</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">return</span> <span style="color: #008080;">strnatcmp</span>(<span style="color: #800080;">$a</span>['path'], <span style="color: #800080;">$b</span>['path'<span style="color: #000000;">]); }); </span><span style="color: #800080;">$result</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">(); </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$folder</span> <span style="color: #0000ff;">as</span> <span style="color: #800080;">$v</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span>[] = <span style="color: #800080;">$v</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 保存用户数据 </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> save(){ </span><span style="color: #008080;">file_put_contents</span>(<span style="color: #800080;">$this</span>->user_file, json_encode(<span style="color: #800080;">$this</span>->users),<span style="color: #000000;">LOCK_EX); </span><span style="color: #008080;">file_put_contents</span>(<span style="color: #800080;">$this</span>->group_file, json_encode(<span style="color: #800080;">$this</span>->groups),<span style="color: #000000;">LOCK_EX); } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 添加用户 * @param string $user * @param string $pass * @param string $home * @param string $expired * @param boolean $active * @param string $group * @param string $description * @param string $email * @return boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> addUser(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>,<span style="color: #800080;">$home</span>,<span style="color: #800080;">$expired</span>,<span style="color: #800080;">$active</span>=<span style="color: #0000ff;">true</span>,<span style="color: #800080;">$group</span>='',<span style="color: #800080;">$description</span>='',<span style="color: #800080;">$email</span> = ''<span style="color: #000000;">){ </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]) || <span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">)){ </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>] = <span style="color: #0000ff;">array</span><span style="color: #000000;">( </span>'pass' => <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span>), 'home' => <span style="color: #800080;">$home</span>, 'expired' => <span style="color: #800080;">$expired</span>, 'active' => <span style="color: #800080;">$active</span>, 'group' => <span style="color: #800080;">$group</span>, 'description' => <span style="color: #800080;">$description</span>, 'email' => <span style="color: #800080;">$email</span>,<span style="color: #000000;"> ); </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 设置用户资料 * @param string $user * @param array $profile * @return boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> setUserProfile(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$profile</span><span style="color: #000000;">){ </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">is_array</span>(<span style="color: #800080;">$profile</span>) && <span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['pass'<span style="color: #000000;">])){ </span><span style="color: #800080;">$profile</span>['pass'] = <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$profile</span>['pass'<span style="color: #000000;">]); } </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['active'<span style="color: #000000;">])){ </span><span style="color: #0000ff;">if</span>(!<span style="color: #008080;">is_bool</span>(<span style="color: #800080;">$profile</span>['active'<span style="color: #000000;">])){ </span><span style="color: #800080;">$profile</span>['active'] = <span style="color: #800080;">$profile</span>['active'] == 'true' ? <span style="color: #0000ff;">true</span> : <span style="color: #0000ff;">false</span><span style="color: #000000;">; } } </span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>] = <span style="color: #008080;">array_merge</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>],<span style="color: #800080;">$profile</span><span style="color: #000000;">); </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 获取用户资料 * @param string $user * @return multitype:|boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getUserProfile(<span style="color: #800080;">$user</span><span style="color: #000000;">){ </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">]; } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 删除用户 * @param string $user * @return boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> delUser(<span style="color: #800080;">$user</span><span style="color: #000000;">){ </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){ </span><span style="color: #0000ff;">unset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">]); </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 获取用户列表 * @return array </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> getUserList(){ </span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">(); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">users){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){ </span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$user</span><span style="color: #000000;">; } } </span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">); </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 添加组 * @param string $group * @param string $home * @return boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> addGroup(<span style="color: #800080;">$group</span>,<span style="color: #800080;">$home</span><span style="color: #000000;">){ </span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){ </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>] = <span style="color: #0000ff;">array</span><span style="color: #000000;">( </span>'home' => <span style="color: #800080;">$home</span><span style="color: #000000;"> ); </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 设置组资料 * @param string $group * @param array $profile * @return boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> setGroupProfile(<span style="color: #800080;">$group</span>,<span style="color: #800080;">$profile</span><span style="color: #000000;">){ </span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">is_array</span>(<span style="color: #800080;">$profile</span>) && <span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){ </span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>] = <span style="color: #008080;">array_merge</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>],<span style="color: #800080;">$profile</span><span style="color: #000000;">); </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 获取组资料 * @param string $group * @return multitype:|boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getGroupProfile(<span style="color: #800080;">$group</span><span style="color: #000000;">){ </span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">]; } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 删除组 * @param string $group * @return boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> delGroup(<span style="color: #800080;">$group</span><span style="color: #000000;">){ </span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){ </span><span style="color: #0000ff;">unset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">]); </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span> => <span style="color: #800080;">$profile</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$profile</span>['group'] == <span style="color: #800080;">$group</span><span style="color: #000000;">) </span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'] = ''<span style="color: #000000;">; } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 获取组列表 * @return array </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> getGroupList(){ </span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">(); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">groups){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups <span style="color: #0000ff;">as</span> <span style="color: #800080;">$group</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){ </span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$group</span><span style="color: #000000;">; } } </span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">); </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 获取组用户列表 * @param string $group * @return array </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getUserListOfGroup(<span style="color: #800080;">$group</span><span style="color: #000000;">){ </span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">(); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]) && <span style="color: #800080;">$this</span>-><span style="color: #000000;">users){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['group']) && <span style="color: #800080;">$profile</span>['group'] == <span style="color: #800080;">$group</span><span style="color: #000000;">){ </span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$user</span><span style="color: #000000;">; } } } </span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">); </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 用户验证 * @param string $user * @param string $pass * @param string $ip * @return boolean </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkUser(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>,<span style="color: #800080;">$ip</span> = ''<span style="color: #000000;">){ </span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload(); </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){ </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['active'] && <span style="color: #008080;">time</span>() strtotime(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['expired'<span style="color: #000000;">]) </span>&& <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['pass'] == <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span><span style="color: #000000;">)){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$ip</span><span style="color: #000000;">)){ </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #008000;">//</span><span style="color: #008000;">ip验证</span> <span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->checkIP(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$ip</span><span style="color: #000000;">); } }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * basic auth * @param string $base64 </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkUserBasicAuth(<span style="color: #800080;">$base64</span><span style="color: #000000;">){ </span><span style="color: #800080;">$base64</span> = <span style="color: #008080;">trim</span>(<span style="color: #008080;">str_replace</span>('Basic ', '', <span style="color: #800080;">$base64</span><span style="color: #000000;">)); </span><span style="color: #800080;">$str</span> = <span style="color: #008080;">base64_decode</span>(<span style="color: #800080;">$base64</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$str</span> !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">list</span>(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>) = <span style="color: #008080;">explode</span>(':', <span style="color: #800080;">$str</span>,2<span style="color: #000000;">); </span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload(); </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){ </span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">]; </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span> == 'admin' && <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['active'] && <span style="color: #008080;">time</span>() strtotime(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['expired'<span style="color: #000000;">]) </span>&& <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['pass'] == <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span><span style="color: #000000;">)){ </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } } } </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 用户登录ip验证 * @param string $user * @param string $ip * * 用户的ip权限继承组的IP权限。 * 匹配规则: * 1.进行组允许列表匹配; * 2.如同通过,进行组拒绝列表匹配; * 3.进行用户允许匹配 * 4.如果通过,进行用户拒绝匹配 * </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkIP(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$ip</span><span style="color: #000000;">){ </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">; </span><span style="color: #008000;">//</span><span style="color: #008000;">先进行组验证 </span> <span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">]; </span><span style="color: #008000;">//</span><span style="color: #008000;">组允许匹配</span> <span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['allow'<span style="color: #000000;">])){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['allow'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){ </span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">; </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){ </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">true</span><span style="color: #000000;">; </span><span style="color: #0000ff;">break</span><span style="color: #000000;">; } } } </span><span style="color: #008000;">//</span><span style="color: #008000;">如果允许通过,进行拒绝匹配</span> <span style="color: #0000ff;">if</span>(<span style="color: #800080;">$pass</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['deny'<span style="color: #000000;">])){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['deny'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){ </span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">; </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){ </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">; </span><span style="color: #0000ff;">break</span><span style="color: #000000;">; } } } } </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['allow'<span style="color: #000000;">])){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['allow'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){ </span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">; </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){ </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">true</span><span style="color: #000000;">; </span><span style="color: #0000ff;">break</span><span style="color: #000000;">; } } } </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$pass</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['deny'<span style="color: #000000;">])){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['deny'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){ </span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">; </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){ </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">; </span><span style="color: #0000ff;">break</span><span style="color: #000000;">; } } } } </span><span style="color: #0000ff;">echo</span> <span style="color: #008080;">date</span>('Y-m-d H:i:s')." [debug]\tIP ACCESS:".' '.(<span style="color: #800080;">$pass</span>?'true':'false')."\n"<span style="color: #000000;">; </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$pass</span><span style="color: #000000;">; } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 获取用户主目录 * @param string $user * @return string </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getHomeDir(<span style="color: #800080;">$user</span><span style="color: #000000;">){ </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">); </span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">]; </span><span style="color: #800080;">$dir</span> = ''<span style="color: #000000;">; </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['home']))<span style="color: #800080;">$dir</span> = <span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['home'<span style="color: #000000;">]; } </span><span style="color: #800080;">$dir</span> = !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['home'])?<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['home']:<span style="color: #800080;">$dir</span><span style="color: #000000;">; </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$dir</span><span style="color: #000000;">; } </span><span style="color: #008000;">//</span><span style="color: #008000;">文件权限判断</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isReadable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][0] == 'R'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][0] == 'R' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isWritable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][1] == 'W'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][1] == 'W' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isAppendable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][2] == 'A'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][2] == 'A' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isRenamable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][3] == 'N'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][3] == 'N' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isDeletable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][4] == 'D'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][4] == 'D' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #008000;">//</span><span style="color: #008000;">目录权限判断</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderListable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][5] == 'L'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][5] == 'L' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderCreatable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][6] == 'C'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][6] == 'C' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderRenamable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][7] == 'N'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][7] == 'N' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderDeletable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][8] == 'D'<span style="color: #000000;">; }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][8] == 'D' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">; } } </span><span style="color: #008000;">/*</span><span style="color: #008000;">* * 获取目录权限 * @param string $user * @param string $path * @return array * 进行最长路径匹配 * * 返回: * array( * 'access'=>目前权限 * ,'isExactMatch'=>是否精确匹配 * * ); * * 如果精确匹配,则忽略inherit. * 否则应判断是否继承父目录的权限, * 权限位表: * +---+---+---+---+---+---+---+---+---+---+ * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | * +---+---+---+---+---+---+---+---+---+---+ * | R | W | A | N | D | L | C | N | D | I | * +---+---+---+---+---+---+---+---+---+---+ * | FILE | FOLDER | * +-------------------+-------------------+ </span><span style="color: #008000;">*/</span> <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getPathAccess(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){ </span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload(); </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">); </span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">]; </span><span style="color: #008000;">//</span><span style="color: #008000;">去除文件名称</span> <span style="color: #800080;">$path</span> = <span style="color: #008080;">str_replace</span>(<span style="color: #008080;">substr</span>(<span style="color: #008080;">strrchr</span>(<span style="color: #800080;">$path</span>, '/'),1),'',<span style="color: #800080;">$path</span><span style="color: #000000;">); </span><span style="color: #800080;">$access</span> = self::AC(0<span style="color: #000000;">); </span><span style="color: #800080;">$isExactMatch</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">; </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">){ </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'<span style="color: #000000;">])){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$f</span><span style="color: #000000;">){ </span><span style="color: #008000;">//</span><span style="color: #008000;">中文处理</span> <span style="color: #800080;">$t_path</span> = <span style="color: #008080;">iconv</span>('UTF-8','GB18030',<span style="color: #800080;">$f</span>['path'<span style="color: #000000;">]); </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">strpos</span>(<span style="color: #800080;">$path</span>, <span style="color: #800080;">$t_path</span>) === 0<span style="color: #000000;">){ </span><span style="color: #800080;">$access</span> = <span style="color: #800080;">$f</span>['access'<span style="color: #000000;">]; </span><span style="color: #800080;">$isExactMatch</span> = (<span style="color: #800080;">$path</span> == <span style="color: #800080;">$t_path</span>?<span style="color: #0000ff;">true</span>:<span style="color: #0000ff;">false</span><span style="color: #000000;">); } } } } </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['folder'<span style="color: #000000;">])){ </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['folder'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$f</span><span style="color: #000000;">){ </span><span style="color: #008000;">//</span><span style="color: #008000;">中文处理</span> <span style="color: #800080;">$t_path</span>