首页 >php教程 >php手册 >用PHP实现一个高效安全的ftp服务器(二)

用PHP实现一个高效安全的ftp服务器(二)

WBOY
WBOY原创
2016-07-06 13:31:031269浏览

接前文。 1.实现用户类CUser。 用户的存储采用文本形式,将用户数组进行json编码。 用户文件格式: * array ( * 'user1' = array ( * 'pass'='', * 'group'='', * 'home'='/home/ftp/', // ftp主目录 * 'active'= true , * 'expired='2015-12-12' , * 'descr

接前文。

 

 1.实现用户类CUser。

  用户的存储采用文本形式,将用户数组进行json编码。  

<span style="color: #000000;">用户文件格式:
 </span>* <span style="color: #0000ff;">array</span><span style="color: #000000;">(
 </span>*         'user1' => <span style="color: #0000ff;">array</span><span style="color: #000000;">(
 </span>*             'pass'=>'',
 *             'group'=>'',
 *             'home'=>'/home/ftp/', <span style="color: #008000;">//</span><span style="color: #008000;">ftp主目录</span>
 *             'active'=><span style="color: #0000ff;">true</span>,
 *             'expired=>'2015-12-12'<span style="color: #000000;">,
 *             </span>'description'=>''<span style="color: #000000;">,
 *             </span>'email' => ''<span style="color: #000000;">,
 *             </span>'folder'<span style="color: #000000;">=>array(
 *                     //可以列出主目录下的文件和目录,但不能创建和删除,也不能进入主目录下的目录
 *                     //前1-5位是文件权限,6-9是文件夹权限,10是否继承(inherit)
 *                     array(</span>'path'=>'/home/ftp/','access'=>'RWANDLCNDI'<span style="color: #000000;">),
 *                     //可以列出/home/ftp/a/下的文件和目录,可以创建和删除,可以进入/home/ftp/a/下的子目录,可以创建和删除。
 *                     array(</span>'path'=>'/home/ftp/a/','access'=>'RWAND-----'<span style="color: #000000;">),
 *             ),
 *             </span>'ip'<span style="color: #000000;">=>array(
 *                 </span>'allow'<span style="color: #000000;">=>array(ip1,ip2,...),//支持*通配符: 192.168.0.*
 *                 </span>'deny'<span style="color: #000000;">=>array(ip1,ip2,...)
 *             )
 *         ) 
 * )
 * 
 * 组文件格式:
 * array(
 *         </span>'group1'<span style="color: #000000;">=>array(
 *             </span>'home'=>'/home/ftp/dept1/'<span style="color: #000000;">,
 *             </span>'folder'<span style="color: #000000;">=>array(
 * 
 *             ),
 *             </span>'ip'<span style="color: #000000;">=>array(
 *                 </span>'allow'<span style="color: #000000;">=>array(ip1,ip2,...),
 *                 </span>'deny'<span style="color: #000000;">=>array(ip1,ip2,...)
 *            )
 *         )
 * )</span>

 

  文件夹和文件的权限说明:

     

 * 文件权限 
 * R读 : 允许用户读取(即下载)文件。该权限不允许用户列出目录内容,执行该操作需要列表权限。 
 * W写: 允许用户写入(即上传)文件。该权限不允许用户修改现有的文件,执行该操作需要追加权限。
 * A追加: 允许用户向现有文件中追加数据。该权限通常用于使用户能够对部分上传的文件进行续传。 
 * N重命名: 允许用户重命名现有的文件。
 * D删除: 允许用户删除文件。 
 * 
 * 目录权限 
 * L列表: 允许用户列出目录中包含的文件。
 * C创建: 允许用户在目录中新建子目录。 
 * N重命名: 允许用户在目录中重命名现有子目录。
 * D删除: 允许用户在目录中删除现有子目录。注意: 如果目录包含文件,用户要删除目录还需要具有删除文件权限。
 * 
 * 子目录权限
 * I继承: 允许所有子目录继承其父目录具有的相同权限。继承权限适用于大多数情况,但是如果访问必须受限于子文件夹,例如实施强制访问控制(Mandatory Access Control)时,则取消继承并为文件夹逐一授予权限。
 * 

  实现代码如下:  

  

<span style="color: #0000ff;">class</span><span style="color: #000000;"> User{
    
    </span><span style="color: #0000ff;">const</span> I = 1;    <span style="color: #008000;">//</span><span style="color: #008000;"> inherit</span>
    
    <span style="color: #0000ff;">const</span> FD = 2;    <span style="color: #008000;">//</span><span style="color: #008000;"> folder delete</span>
    
    <span style="color: #0000ff;">const</span> FN = 4;    <span style="color: #008000;">//</span><span style="color: #008000;"> folder rename</span>
    
    <span style="color: #0000ff;">const</span> FC = 8;    <span style="color: #008000;">//</span><span style="color: #008000;"> folder create</span>
    
    <span style="color: #0000ff;">const</span> FL = 16;    <span style="color: #008000;">//</span><span style="color: #008000;"> folder list</span>
    
    <span style="color: #0000ff;">const</span> D = 32;    <span style="color: #008000;">//</span><span style="color: #008000;"> file delete</span>
    
    <span style="color: #0000ff;">const</span> N = 64;    <span style="color: #008000;">//</span><span style="color: #008000;"> file rename</span>
    
    <span style="color: #0000ff;">const</span> A = 128;    <span style="color: #008000;">//</span><span style="color: #008000;"> file append</span>
    
    <span style="color: #0000ff;">const</span> W = 256;    <span style="color: #008000;">//</span><span style="color: #008000;"> file write (upload)</span>
    
    <span style="color: #0000ff;">const</span> R = 512;    <span style="color: #008000;">//</span><span style="color: #008000;"> file read (download)    </span>
    
    <span style="color: #0000ff;">PRivate</span> <span style="color: #800080;">$hash_salt</span> = ''<span style="color: #000000;">;
    
    </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$user_file</span><span style="color: #000000;">;
    
    </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$group_file</span><span style="color: #000000;">;
    
    </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$users</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
    
    </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$groups</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
    
    </span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$file_hash</span> = ''<span style="color: #000000;">; 
    
    </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> __construct(){
        </span><span style="color: #800080;">$this</span>->user_file = BASE_PATH.'/conf/users'<span style="color: #000000;">;
        </span><span style="color: #800080;">$this</span>->group_file = BASE_PATH.'/conf/groups'<span style="color: #000000;">;
        </span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload();
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 返回权限表达式
     * @param int $access
     * @return string
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">static</span> <span style="color: #0000ff;">function</span> AC(<span style="color: #800080;">$access</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$str</span> = ''<span style="color: #000000;">;
        </span><span style="color: #800080;">$char</span> = <span style="color: #0000ff;">array</span>('R','W','A','N','D','L','C','N','D','I'<span style="color: #000000;">);
        </span><span style="color: #0000ff;">for</span>(<span style="color: #800080;">$i</span> = 0; <span style="color: #800080;">$i</span> $i++<span style="color: #000000;">){
            </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$access</span> & <span style="color: #008080;">pow</span>(2,9-<span style="color: #800080;">$i</span>))<span style="color: #800080;">$str</span>.= <span style="color: #800080;">$char</span>[<span style="color: #800080;">$i</span>];<span style="color: #0000ff;">else</span> <span style="color: #800080;">$str</span>.= '-'<span style="color: #000000;">;
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$str</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 加载用户数据
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> reload(){
        </span><span style="color: #800080;">$user_file_hash</span> = <span style="color: #008080;">md5_file</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">user_file);
        </span><span style="color: #800080;">$group_file_hash</span> = <span style="color: #008080;">md5_file</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">group_file);        
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>->file_hash != <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user_file_hash</span>.<span style="color: #800080;">$group_file_hash</span><span style="color: #000000;">)){
            </span><span style="color: #0000ff;">if</span>((<span style="color: #800080;">$user</span> = <span style="color: #008080;">file_get_contents</span>(<span style="color: #800080;">$this</span>->user_file)) !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){
                </span><span style="color: #800080;">$this</span>->users = json_decode(<span style="color: #800080;">$user</span>,<span style="color: #0000ff;">true</span><span style="color: #000000;">);
                </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">users){
                    </span><span style="color: #008000;">//</span><span style="color: #008000;">folder排序</span>
                    <span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
                        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">])){
                            </span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['folder'] = <span style="color: #800080;">$this</span>->sortFolder(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">]);
                        }
                    }
                }
            }
            </span><span style="color: #0000ff;">if</span>((<span style="color: #800080;">$group</span> = <span style="color: #008080;">file_get_contents</span>(<span style="color: #800080;">$this</span>->group_file)) !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){
                </span><span style="color: #800080;">$this</span>->groups = json_decode(<span style="color: #800080;">$group</span>,<span style="color: #0000ff;">true</span><span style="color: #000000;">);
                </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">groups){
                    </span><span style="color: #008000;">//</span><span style="color: #008000;">folder排序</span>
                    <span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups <span style="color: #0000ff;">as</span> <span style="color: #800080;">$group</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){                            
                        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">])){                        
                            </span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'] = <span style="color: #800080;">$this</span>->sortFolder(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">]);
                        }
                    }
                }
            }
            </span><span style="color: #800080;">$this</span>->file_hash = <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user_file_hash</span>.<span style="color: #800080;">$group_file_hash</span><span style="color: #000000;">);            
        }
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 对folder进行排序
     * @return array
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">private</span> <span style="color: #0000ff;">function</span> sortFolder(<span style="color: #800080;">$folder</span><span style="color: #000000;">){
        </span><span style="color: #008080;">uasort</span>(<span style="color: #800080;">$folder</span>, <span style="color: #0000ff;">function</span>(<span style="color: #800080;">$a</span>,<span style="color: #800080;">$b</span><span style="color: #000000;">){
            </span><span style="color: #0000ff;">return</span> <span style="color: #008080;">strnatcmp</span>(<span style="color: #800080;">$a</span>['path'], <span style="color: #800080;">$b</span>['path'<span style="color: #000000;">]);
        });    
        </span><span style="color: #800080;">$result</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
        </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$folder</span> <span style="color: #0000ff;">as</span> <span style="color: #800080;">$v</span><span style="color: #000000;">){
            </span><span style="color: #800080;">$result</span>[] = <span style="color: #800080;">$v</span><span style="color: #000000;">;
        }    
        </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 保存用户数据
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> save(){
        </span><span style="color: #008080;">file_put_contents</span>(<span style="color: #800080;">$this</span>->user_file, json_encode(<span style="color: #800080;">$this</span>->users),<span style="color: #000000;">LOCK_EX);
        </span><span style="color: #008080;">file_put_contents</span>(<span style="color: #800080;">$this</span>->group_file, json_encode(<span style="color: #800080;">$this</span>->groups),<span style="color: #000000;">LOCK_EX);
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 添加用户
     * @param string $user
     * @param string $pass
     * @param string $home
     * @param string $expired
     * @param boolean $active
     * @param string $group
     * @param string $description
     * @param string $email
     * @return boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> addUser(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>,<span style="color: #800080;">$home</span>,<span style="color: #800080;">$expired</span>,<span style="color: #800080;">$active</span>=<span style="color: #0000ff;">true</span>,<span style="color: #800080;">$group</span>='',<span style="color: #800080;">$description</span>='',<span style="color: #800080;">$email</span> = ''<span style="color: #000000;">){
        </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]) || <span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">)){
            </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
        }        
        </span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>] = <span style="color: #0000ff;">array</span><span style="color: #000000;">(
                </span>'pass' => <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span>),
                'home' => <span style="color: #800080;">$home</span>,
                'expired' => <span style="color: #800080;">$expired</span>,
                'active' => <span style="color: #800080;">$active</span>,
                'group' => <span style="color: #800080;">$group</span>,
                'description' => <span style="color: #800080;">$description</span>,
                'email' => <span style="color: #800080;">$email</span>,<span style="color: #000000;">
        );
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 设置用户资料
     * @param string $user
     * @param array $profile
     * @return boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> setUserProfile(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$profile</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">is_array</span>(<span style="color: #800080;">$profile</span>) && <span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
            </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['pass'<span style="color: #000000;">])){
                </span><span style="color: #800080;">$profile</span>['pass'] = <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$profile</span>['pass'<span style="color: #000000;">]);
            }
            </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['active'<span style="color: #000000;">])){
                </span><span style="color: #0000ff;">if</span>(!<span style="color: #008080;">is_bool</span>(<span style="color: #800080;">$profile</span>['active'<span style="color: #000000;">])){
                    </span><span style="color: #800080;">$profile</span>['active'] = <span style="color: #800080;">$profile</span>['active'] == 'true' ? <span style="color: #0000ff;">true</span> : <span style="color: #0000ff;">false</span><span style="color: #000000;">;
                }
            }            
            </span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>] = <span style="color: #008080;">array_merge</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>],<span style="color: #800080;">$profile</span><span style="color: #000000;">);
            </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 获取用户资料
     * @param string $user
     * @return multitype:|boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getUserProfile(<span style="color: #800080;">$user</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">];
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
    }
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 删除用户
     * @param string $user
     * @return boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> delUser(<span style="color: #800080;">$user</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
            </span><span style="color: #0000ff;">unset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">]);
            </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 获取用户列表
     * @return array
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> getUserList(){
        </span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">users){
            </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
                </span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$user</span><span style="color: #000000;">;
            }
        }
        </span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 添加组
     * @param string $group
     * @param string $home
     * @return boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> addGroup(<span style="color: #800080;">$group</span>,<span style="color: #800080;">$home</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){
            </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
        }
        </span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>] = <span style="color: #0000ff;">array</span><span style="color: #000000;">(
                </span>'home' => <span style="color: #800080;">$home</span><span style="color: #000000;">
        );
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 设置组资料
     * @param string $group
     * @param array $profile
     * @return boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> setGroupProfile(<span style="color: #800080;">$group</span>,<span style="color: #800080;">$profile</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">is_array</span>(<span style="color: #800080;">$profile</span>) && <span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){
            </span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>] = <span style="color: #008080;">array_merge</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>],<span style="color: #800080;">$profile</span><span style="color: #000000;">);
            </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 获取组资料
     * @param string $group
     * @return multitype:|boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getGroupProfile(<span style="color: #800080;">$group</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">];
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 删除组
     * @param string $group
     * @return boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> delGroup(<span style="color: #800080;">$group</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){
            </span><span style="color: #0000ff;">unset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">]);
            </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span> => <span style="color: #800080;">$profile</span><span style="color: #000000;">){
                </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$profile</span>['group'] == <span style="color: #800080;">$group</span><span style="color: #000000;">)
                    </span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'] = ''<span style="color: #000000;">;
            }
            </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 获取组列表
     * @return array
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> getGroupList(){
        </span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">groups){
            </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups <span style="color: #0000ff;">as</span> <span style="color: #800080;">$group</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
                </span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$group</span><span style="color: #000000;">;
            }
        }
        </span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 获取组用户列表
     * @param string $group
     * @return array
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getUserListOfGroup(<span style="color: #800080;">$group</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]) && <span style="color: #800080;">$this</span>-><span style="color: #000000;">users){
            </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
                </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['group']) && <span style="color: #800080;">$profile</span>['group'] == <span style="color: #800080;">$group</span><span style="color: #000000;">){
                    </span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$user</span><span style="color: #000000;">;
                }
            }
        }
        </span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 用户验证
     * @param string $user
     * @param string $pass
     * @param string $ip
     * @return boolean
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkUser(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>,<span style="color: #800080;">$ip</span> = ''<span style="color: #000000;">){
        </span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload();
        </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
            </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['active'] && <span style="color: #008080;">time</span>() strtotime(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['expired'<span style="color: #000000;">])
                 </span>&& <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['pass'] == <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span><span style="color: #000000;">)){
                </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$ip</span><span style="color: #000000;">)){
                    </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
                }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
                    </span><span style="color: #008000;">//</span><span style="color: #008000;">ip验证</span>
                    <span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->checkIP(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$ip</span><span style="color: #000000;">);
                }
            }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
                </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
            }        
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * basic auth 
     * @param string $base64    
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkUserBasicAuth(<span style="color: #800080;">$base64</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$base64</span> = <span style="color: #008080;">trim</span>(<span style="color: #008080;">str_replace</span>('Basic ', '', <span style="color: #800080;">$base64</span><span style="color: #000000;">));
        </span><span style="color: #800080;">$str</span> = <span style="color: #008080;">base64_decode</span>(<span style="color: #800080;">$base64</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$str</span> !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){
            </span><span style="color: #0000ff;">list</span>(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>) = <span style="color: #008080;">explode</span>(':', <span style="color: #800080;">$str</span>,2<span style="color: #000000;">);
            </span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload();
            </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
            </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
                </span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">];
                </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span> == 'admin' && <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['active'] && <span style="color: #008080;">time</span>() strtotime(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['expired'<span style="color: #000000;">])
                </span>&& <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['pass'] == <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span><span style="color: #000000;">)){                
                    </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
                }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
                    </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
                }
            }
        }
        </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 用户登录ip验证
     * @param string $user
     * @param string $ip
     * 
     * 用户的ip权限继承组的IP权限。
     * 匹配规则:
     * 1.进行组允许列表匹配;
     * 2.如同通过,进行组拒绝列表匹配;
     * 3.进行用户允许匹配
     * 4.如果通过,进行用户拒绝匹配
     * 
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkIP(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$ip</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">;
        </span><span style="color: #008000;">//</span><span style="color: #008000;">先进行组验证        </span>
        <span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">];
        </span><span style="color: #008000;">//</span><span style="color: #008000;">组允许匹配</span>
        <span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['allow'<span style="color: #000000;">])){
            </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['allow'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){
                </span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">;
                </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){
                    </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">true</span><span style="color: #000000;">;
                    </span><span style="color: #0000ff;">break</span><span style="color: #000000;">;
                }
            }
        }
        </span><span style="color: #008000;">//</span><span style="color: #008000;">如果允许通过,进行拒绝匹配</span>
        <span style="color: #0000ff;">if</span>(<span style="color: #800080;">$pass</span><span style="color: #000000;">){
            </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['deny'<span style="color: #000000;">])){
                </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['deny'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){
                    </span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">;
                    </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){
                        </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">;
                        </span><span style="color: #0000ff;">break</span><span style="color: #000000;">;
                    }
                }
            }
        }
        
        </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['allow'<span style="color: #000000;">])){            
            </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['allow'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){
                </span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">;
                </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){
                    </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">true</span><span style="color: #000000;">;
                    </span><span style="color: #0000ff;">break</span><span style="color: #000000;">;
                }
            }
        }
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$pass</span><span style="color: #000000;">){
            </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['deny'<span style="color: #000000;">])){
                </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['deny'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){
                    </span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">;
                    </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){
                        </span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">;
                        </span><span style="color: #0000ff;">break</span><span style="color: #000000;">;
                    }
                }
            }
        }
        </span><span style="color: #0000ff;">echo</span> <span style="color: #008080;">date</span>('Y-m-d H:i:s')." [debug]\tIP ACCESS:".' '.(<span style="color: #800080;">$pass</span>?'true':'false')."\n"<span style="color: #000000;">;
        </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$pass</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 获取用户主目录
     * @param string $user
     * @return string
     </span><span style="color: #008000;">*/</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getHomeDir(<span style="color: #800080;">$user</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
        </span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">];
        </span><span style="color: #800080;">$dir</span> = ''<span style="color: #000000;">;
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">){
            </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['home']))<span style="color: #800080;">$dir</span> = <span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['home'<span style="color: #000000;">];
        }
        </span><span style="color: #800080;">$dir</span> = !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['home'])?<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['home']:<span style="color: #800080;">$dir</span><span style="color: #000000;">;
        </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$dir</span><span style="color: #000000;">;
    }
    
    </span><span style="color: #008000;">//</span><span style="color: #008000;">文件权限判断</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isReadable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){        
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][0] == 'R'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][0] == 'R' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }    
    
    </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isWritable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){        
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);        
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][1] == 'W'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][1] == 'W' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }
    
    </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isAppendable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][2] == 'A'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][2] == 'A' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }    
    
    </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isRenamable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][3] == 'N'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][3] == 'N' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }
    </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isDeletable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){        
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][4] == 'D'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][4] == 'D' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }
    
    </span><span style="color: #008000;">//</span><span style="color: #008000;">目录权限判断</span>
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderListable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][5] == 'L'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][5] == 'L' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }
    
    </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderCreatable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span>  <span style="color: #800080;">$result</span>['access'][6] == 'C'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span>  <span style="color: #800080;">$result</span>['access'][6] == 'C' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }
    
    </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderRenamable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][7] == 'N'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][7] == 'N' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }
    
    </span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderDeletable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][8] == 'D'<span style="color: #000000;">;
        }</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
            </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][8] == 'D' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
        }
    }
    
    </span><span style="color: #008000;">/*</span><span style="color: #008000;">*
     * 获取目录权限
     * @param string $user
     * @param string $path
     * @return array
     * 进行最长路径匹配
     * 
     * 返回:
     * array(
     * 'access'=>目前权限    
     *    ,'isExactMatch'=>是否精确匹配
     *    
     * );
     * 
     * 如果精确匹配,则忽略inherit.
     * 否则应判断是否继承父目录的权限,
     * 权限位表:
     * +---+---+---+---+---+---+---+---+---+---+
     * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |
     * +---+---+---+---+---+---+---+---+---+---+
     * | R | W | A | N | D | L | C | N | D | I |
     * +---+---+---+---+---+---+---+---+---+---+
     * |       FILE        |     FOLDER        |
     * +-------------------+-------------------+
     </span><span style="color: #008000;">*/</span>
    
    <span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getPathAccess(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
        </span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload();
        </span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
        </span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">];        
        </span><span style="color: #008000;">//</span><span style="color: #008000;">去除文件名称</span>
        <span style="color: #800080;">$path</span> = <span style="color: #008080;">str_replace</span>(<span style="color: #008080;">substr</span>(<span style="color: #008080;">strrchr</span>(<span style="color: #800080;">$path</span>, '/'),1),'',<span style="color: #800080;">$path</span><span style="color: #000000;">);
        </span><span style="color: #800080;">$access</span> = self::AC(0<span style="color: #000000;">);        
        </span><span style="color: #800080;">$isExactMatch</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">;
        </span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">){
            </span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'<span style="color: #000000;">])){                
                </span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$f</span><span style="color: #000000;">){
                    </span><span style="color: #008000;">//</span><span style="color: #008000;">中文处理</span>
                    <span style="color: #800080;">$t_path</span> = <span style="color: #008080;">iconv</span>('UTF-8','GB18030',<span style="color: #800080;">$f</span>['path'<span style="color: #000000;">]);                    
                    </span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">strpos</span>(<span style="color: #800080;">$path</span>, <span style="color: #800080;">$t_path</span>) === 0<span style="color: #000000;">){
                        </span><span style="color: #800080;">$access</span> = <span style="color: #800080;">$f</span>['access'<span style="color: #000000;">];                        
                        </span><span style="color: #800080;">$isExactMatch</span> = (<span style="color: #800080;">$path</span> == <span style="color: #800080;">$t_path</span>?<span style="color: #0000ff;">true</span>:<span style="color: #0000ff;">false</span><span style="color: #000000;">);
                    }                        
   </span>
声明:
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系admin@php.cn