用PHP实现一个高效安全的ftp服务器(二)
- WBOY原创
- 2016-07-06 13:31:031253浏览
接前文。 1.实现用户类CUser。 用户的存储采用文本形式,将用户数组进行json编码。 用户文件格式: * array ( * 'user1' = array ( * 'pass'='', * 'group'='', * 'home'='/home/ftp/', // ftp主目录 * 'active'= true , * 'expired='2015-12-12' , * 'descr
接前文。
1.实现用户类CUser。
用户的存储采用文本形式,将用户数组进行json编码。
<span style="color: #000000;">用户文件格式: </span>* <span style="color: #0000ff;">array</span><span style="color: #000000;">( </span>* 'user1' => <span style="color: #0000ff;">array</span><span style="color: #000000;">( </span>* 'pass'=>'', * 'group'=>'', * 'home'=>'/home/ftp/', <span style="color: #008000;">//</span><span style="color: #008000;">ftp主目录</span> * 'active'=><span style="color: #0000ff;">true</span>, * 'expired=>'2015-12-12'<span style="color: #000000;">, * </span>'description'=>''<span style="color: #000000;">, * </span>'email' => ''<span style="color: #000000;">, * </span>'folder'<span style="color: #000000;">=>array( * //可以列出主目录下的文件和目录,但不能创建和删除,也不能进入主目录下的目录 * //前1-5位是文件权限,6-9是文件夹权限,10是否继承(inherit) * array(</span>'path'=>'/home/ftp/','access'=>'RWANDLCNDI'<span style="color: #000000;">), * //可以列出/home/ftp/a/下的文件和目录,可以创建和删除,可以进入/home/ftp/a/下的子目录,可以创建和删除。 * array(</span>'path'=>'/home/ftp/a/','access'=>'RWAND-----'<span style="color: #000000;">), * ), * </span>'ip'<span style="color: #000000;">=>array( * </span>'allow'<span style="color: #000000;">=>array(ip1,ip2,...),//支持*通配符: 192.168.0.* * </span>'deny'<span style="color: #000000;">=>array(ip1,ip2,...) * ) * ) * ) * * 组文件格式: * array( * </span>'group1'<span style="color: #000000;">=>array( * </span>'home'=>'/home/ftp/dept1/'<span style="color: #000000;">, * </span>'folder'<span style="color: #000000;">=>array( * * ), * </span>'ip'<span style="color: #000000;">=>array( * </span>'allow'<span style="color: #000000;">=>array(ip1,ip2,...), * </span>'deny'<span style="color: #000000;">=>array(ip1,ip2,...) * ) * ) * )</span>
文件夹和文件的权限说明:
* 文件权限 * R读 : 允许用户读取(即下载)文件。该权限不允许用户列出目录内容,执行该操作需要列表权限。 * W写: 允许用户写入(即上传)文件。该权限不允许用户修改现有的文件,执行该操作需要追加权限。 * A追加: 允许用户向现有文件中追加数据。该权限通常用于使用户能够对部分上传的文件进行续传。 * N重命名: 允许用户重命名现有的文件。 * D删除: 允许用户删除文件。 * * 目录权限 * L列表: 允许用户列出目录中包含的文件。 * C创建: 允许用户在目录中新建子目录。 * N重命名: 允许用户在目录中重命名现有子目录。 * D删除: 允许用户在目录中删除现有子目录。注意: 如果目录包含文件,用户要删除目录还需要具有删除文件权限。 * * 子目录权限 * I继承: 允许所有子目录继承其父目录具有的相同权限。继承权限适用于大多数情况,但是如果访问必须受限于子文件夹,例如实施强制访问控制(Mandatory Access Control)时,则取消继承并为文件夹逐一授予权限。 *
实现代码如下:
<span style="color: #0000ff;">class</span><span style="color: #000000;"> User{
</span><span style="color: #0000ff;">const</span> I = 1; <span style="color: #008000;">//</span><span style="color: #008000;"> inherit</span>
<span style="color: #0000ff;">const</span> FD = 2; <span style="color: #008000;">//</span><span style="color: #008000;"> folder delete</span>
<span style="color: #0000ff;">const</span> FN = 4; <span style="color: #008000;">//</span><span style="color: #008000;"> folder rename</span>
<span style="color: #0000ff;">const</span> FC = 8; <span style="color: #008000;">//</span><span style="color: #008000;"> folder create</span>
<span style="color: #0000ff;">const</span> FL = 16; <span style="color: #008000;">//</span><span style="color: #008000;"> folder list</span>
<span style="color: #0000ff;">const</span> D = 32; <span style="color: #008000;">//</span><span style="color: #008000;"> file delete</span>
<span style="color: #0000ff;">const</span> N = 64; <span style="color: #008000;">//</span><span style="color: #008000;"> file rename</span>
<span style="color: #0000ff;">const</span> A = 128; <span style="color: #008000;">//</span><span style="color: #008000;"> file append</span>
<span style="color: #0000ff;">const</span> W = 256; <span style="color: #008000;">//</span><span style="color: #008000;"> file write (upload)</span>
<span style="color: #0000ff;">const</span> R = 512; <span style="color: #008000;">//</span><span style="color: #008000;"> file read (download) </span>
<span style="color: #0000ff;">PRivate</span> <span style="color: #800080;">$hash_salt</span> = ''<span style="color: #000000;">;
</span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$user_file</span><span style="color: #000000;">;
</span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$group_file</span><span style="color: #000000;">;
</span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$users</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
</span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$groups</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
</span><span style="color: #0000ff;">private</span> <span style="color: #800080;">$file_hash</span> = ''<span style="color: #000000;">;
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> __construct(){
</span><span style="color: #800080;">$this</span>->user_file = BASE_PATH.'/conf/users'<span style="color: #000000;">;
</span><span style="color: #800080;">$this</span>->group_file = BASE_PATH.'/conf/groups'<span style="color: #000000;">;
</span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload();
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 返回权限表达式
* @param int $access
* @return string
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">static</span> <span style="color: #0000ff;">function</span> AC(<span style="color: #800080;">$access</span><span style="color: #000000;">){
</span><span style="color: #800080;">$str</span> = ''<span style="color: #000000;">;
</span><span style="color: #800080;">$char</span> = <span style="color: #0000ff;">array</span>('R','W','A','N','D','L','C','N','D','I'<span style="color: #000000;">);
</span><span style="color: #0000ff;">for</span>(<span style="color: #800080;">$i</span> = 0; <span style="color: #800080;">$i</span> $i++<span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$access</span> & <span style="color: #008080;">pow</span>(2,9-<span style="color: #800080;">$i</span>))<span style="color: #800080;">$str</span>.= <span style="color: #800080;">$char</span>[<span style="color: #800080;">$i</span>];<span style="color: #0000ff;">else</span> <span style="color: #800080;">$str</span>.= '-'<span style="color: #000000;">;
}
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$str</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 加载用户数据
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> reload(){
</span><span style="color: #800080;">$user_file_hash</span> = <span style="color: #008080;">md5_file</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">user_file);
</span><span style="color: #800080;">$group_file_hash</span> = <span style="color: #008080;">md5_file</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">group_file);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>->file_hash != <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user_file_hash</span>.<span style="color: #800080;">$group_file_hash</span><span style="color: #000000;">)){
</span><span style="color: #0000ff;">if</span>((<span style="color: #800080;">$user</span> = <span style="color: #008080;">file_get_contents</span>(<span style="color: #800080;">$this</span>->user_file)) !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){
</span><span style="color: #800080;">$this</span>->users = json_decode(<span style="color: #800080;">$user</span>,<span style="color: #0000ff;">true</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">users){
</span><span style="color: #008000;">//</span><span style="color: #008000;">folder排序</span>
<span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">])){
</span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['folder'] = <span style="color: #800080;">$this</span>->sortFolder(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">]);
}
}
}
}
</span><span style="color: #0000ff;">if</span>((<span style="color: #800080;">$group</span> = <span style="color: #008080;">file_get_contents</span>(<span style="color: #800080;">$this</span>->group_file)) !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){
</span><span style="color: #800080;">$this</span>->groups = json_decode(<span style="color: #800080;">$group</span>,<span style="color: #0000ff;">true</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">groups){
</span><span style="color: #008000;">//</span><span style="color: #008000;">folder排序</span>
<span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups <span style="color: #0000ff;">as</span> <span style="color: #800080;">$group</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">])){
</span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'] = <span style="color: #800080;">$this</span>->sortFolder(<span style="color: #800080;">$profile</span>['folder'<span style="color: #000000;">]);
}
}
}
}
</span><span style="color: #800080;">$this</span>->file_hash = <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user_file_hash</span>.<span style="color: #800080;">$group_file_hash</span><span style="color: #000000;">);
}
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 对folder进行排序
* @return array
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">private</span> <span style="color: #0000ff;">function</span> sortFolder(<span style="color: #800080;">$folder</span><span style="color: #000000;">){
</span><span style="color: #008080;">uasort</span>(<span style="color: #800080;">$folder</span>, <span style="color: #0000ff;">function</span>(<span style="color: #800080;">$a</span>,<span style="color: #800080;">$b</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">return</span> <span style="color: #008080;">strnatcmp</span>(<span style="color: #800080;">$a</span>['path'], <span style="color: #800080;">$b</span>['path'<span style="color: #000000;">]);
});
</span><span style="color: #800080;">$result</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$folder</span> <span style="color: #0000ff;">as</span> <span style="color: #800080;">$v</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span>[] = <span style="color: #800080;">$v</span><span style="color: #000000;">;
}
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 保存用户数据
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> save(){
</span><span style="color: #008080;">file_put_contents</span>(<span style="color: #800080;">$this</span>->user_file, json_encode(<span style="color: #800080;">$this</span>->users),<span style="color: #000000;">LOCK_EX);
</span><span style="color: #008080;">file_put_contents</span>(<span style="color: #800080;">$this</span>->group_file, json_encode(<span style="color: #800080;">$this</span>->groups),<span style="color: #000000;">LOCK_EX);
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 添加用户
* @param string $user
* @param string $pass
* @param string $home
* @param string $expired
* @param boolean $active
* @param string $group
* @param string $description
* @param string $email
* @return boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> addUser(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>,<span style="color: #800080;">$home</span>,<span style="color: #800080;">$expired</span>,<span style="color: #800080;">$active</span>=<span style="color: #0000ff;">true</span>,<span style="color: #800080;">$group</span>='',<span style="color: #800080;">$description</span>='',<span style="color: #800080;">$email</span> = ''<span style="color: #000000;">){
</span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]) || <span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">)){
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>] = <span style="color: #0000ff;">array</span><span style="color: #000000;">(
</span>'pass' => <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span>),
'home' => <span style="color: #800080;">$home</span>,
'expired' => <span style="color: #800080;">$expired</span>,
'active' => <span style="color: #800080;">$active</span>,
'group' => <span style="color: #800080;">$group</span>,
'description' => <span style="color: #800080;">$description</span>,
'email' => <span style="color: #800080;">$email</span>,<span style="color: #000000;">
);
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 设置用户资料
* @param string $user
* @param array $profile
* @return boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> setUserProfile(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$profile</span><span style="color: #000000;">){
</span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">is_array</span>(<span style="color: #800080;">$profile</span>) && <span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['pass'<span style="color: #000000;">])){
</span><span style="color: #800080;">$profile</span>['pass'] = <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$profile</span>['pass'<span style="color: #000000;">]);
}
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['active'<span style="color: #000000;">])){
</span><span style="color: #0000ff;">if</span>(!<span style="color: #008080;">is_bool</span>(<span style="color: #800080;">$profile</span>['active'<span style="color: #000000;">])){
</span><span style="color: #800080;">$profile</span>['active'] = <span style="color: #800080;">$profile</span>['active'] == 'true' ? <span style="color: #0000ff;">true</span> : <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
}
</span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>] = <span style="color: #008080;">array_merge</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>],<span style="color: #800080;">$profile</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 获取用户资料
* @param string $user
* @return multitype:|boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getUserProfile(<span style="color: #800080;">$user</span><span style="color: #000000;">){
</span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">];
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 删除用户
* @param string $user
* @return boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> delUser(<span style="color: #800080;">$user</span><span style="color: #000000;">){
</span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
</span><span style="color: #0000ff;">unset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">]);
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 获取用户列表
* @return array
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> getUserList(){
</span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">users){
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
</span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$user</span><span style="color: #000000;">;
}
}
</span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 添加组
* @param string $group
* @param string $home
* @return boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> addGroup(<span style="color: #800080;">$group</span>,<span style="color: #800080;">$home</span><span style="color: #000000;">){
</span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>] = <span style="color: #0000ff;">array</span><span style="color: #000000;">(
</span>'home' => <span style="color: #800080;">$home</span><span style="color: #000000;">
);
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 设置组资料
* @param string $group
* @param array $profile
* @return boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> setGroupProfile(<span style="color: #800080;">$group</span>,<span style="color: #800080;">$profile</span><span style="color: #000000;">){
</span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">is_array</span>(<span style="color: #800080;">$profile</span>) && <span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){
</span><span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>] = <span style="color: #008080;">array_merge</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>],<span style="color: #800080;">$profile</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 获取组资料
* @param string $group
* @return multitype:|boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getGroupProfile(<span style="color: #800080;">$group</span><span style="color: #000000;">){
</span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">];
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 删除组
* @param string $group
* @return boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> delGroup(<span style="color: #800080;">$group</span><span style="color: #000000;">){
</span><span style="color: #800080;">$group</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">])){
</span><span style="color: #0000ff;">unset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span><span style="color: #000000;">]);
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span> => <span style="color: #800080;">$profile</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$profile</span>['group'] == <span style="color: #800080;">$group</span><span style="color: #000000;">)
</span><span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'] = ''<span style="color: #000000;">;
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 获取组列表
* @return array
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span><span style="color: #000000;"> getGroupList(){
</span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>-><span style="color: #000000;">groups){
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups <span style="color: #0000ff;">as</span> <span style="color: #800080;">$group</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
</span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$group</span><span style="color: #000000;">;
}
}
</span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 获取组用户列表
* @param string $group
* @return array
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getUserListOfGroup(<span style="color: #800080;">$group</span><span style="color: #000000;">){
</span><span style="color: #800080;">$list</span> = <span style="color: #0000ff;">array</span><span style="color: #000000;">();
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]) && <span style="color: #800080;">$this</span>-><span style="color: #000000;">users){
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users <span style="color: #0000ff;">as</span> <span style="color: #800080;">$user</span>=><span style="color: #800080;">$profile</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$profile</span>['group']) && <span style="color: #800080;">$profile</span>['group'] == <span style="color: #800080;">$group</span><span style="color: #000000;">){
</span><span style="color: #800080;">$list</span>[] = <span style="color: #800080;">$user</span><span style="color: #000000;">;
}
}
}
</span><span style="color: #008080;">sort</span>(<span style="color: #800080;">$list</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$list</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 用户验证
* @param string $user
* @param string $pass
* @param string $ip
* @return boolean
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkUser(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>,<span style="color: #800080;">$ip</span> = ''<span style="color: #000000;">){
</span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload();
</span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['active'] && <span style="color: #008080;">time</span>() strtotime(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['expired'<span style="color: #000000;">])
</span>&& <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['pass'] == <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span><span style="color: #000000;">)){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$ip</span><span style="color: #000000;">)){
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #008000;">//</span><span style="color: #008000;">ip验证</span>
<span style="color: #0000ff;">return</span> <span style="color: #800080;">$this</span>->checkIP(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$ip</span><span style="color: #000000;">);
}
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* basic auth
* @param string $base64
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkUserBasicAuth(<span style="color: #800080;">$base64</span><span style="color: #000000;">){
</span><span style="color: #800080;">$base64</span> = <span style="color: #008080;">trim</span>(<span style="color: #008080;">str_replace</span>('Basic ', '', <span style="color: #800080;">$base64</span><span style="color: #000000;">));
</span><span style="color: #800080;">$str</span> = <span style="color: #008080;">base64_decode</span>(<span style="color: #800080;">$base64</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$str</span> !== <span style="color: #0000ff;">false</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">list</span>(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$pass</span>) = <span style="color: #008080;">explode</span>(':', <span style="color: #800080;">$str</span>,2<span style="color: #000000;">);
</span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload();
</span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span><span style="color: #000000;">])){
</span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">];
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span> == 'admin' && <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['active'] && <span style="color: #008080;">time</span>() strtotime(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['expired'<span style="color: #000000;">])
</span>&& <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['pass'] == <span style="color: #008080;">md5</span>(<span style="color: #800080;">$user</span>.<span style="color: #800080;">$this</span>->hash_salt.<span style="color: #800080;">$pass</span><span style="color: #000000;">)){
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
}
}
</span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 用户登录ip验证
* @param string $user
* @param string $ip
*
* 用户的ip权限继承组的IP权限。
* 匹配规则:
* 1.进行组允许列表匹配;
* 2.如同通过,进行组拒绝列表匹配;
* 3.进行用户允许匹配
* 4.如果通过,进行用户拒绝匹配
*
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> checkIP(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$ip</span><span style="color: #000000;">){
</span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">;
</span><span style="color: #008000;">//</span><span style="color: #008000;">先进行组验证 </span>
<span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">];
</span><span style="color: #008000;">//</span><span style="color: #008000;">组允许匹配</span>
<span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['allow'<span style="color: #000000;">])){
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['allow'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){
</span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">;
</span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){
</span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">true</span><span style="color: #000000;">;
</span><span style="color: #0000ff;">break</span><span style="color: #000000;">;
}
}
}
</span><span style="color: #008000;">//</span><span style="color: #008000;">如果允许通过,进行拒绝匹配</span>
<span style="color: #0000ff;">if</span>(<span style="color: #800080;">$pass</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['deny'<span style="color: #000000;">])){
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['ip']['deny'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){
</span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">;
</span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){
</span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">;
</span><span style="color: #0000ff;">break</span><span style="color: #000000;">;
}
}
}
}
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['allow'<span style="color: #000000;">])){
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['allow'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){
</span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">;
</span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){
</span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">true</span><span style="color: #000000;">;
</span><span style="color: #0000ff;">break</span><span style="color: #000000;">;
}
}
}
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$pass</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['deny'<span style="color: #000000;">])){
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['ip']['deny'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$addr</span><span style="color: #000000;">){
</span><span style="color: #800080;">$pattern</span> = '/'.<span style="color: #008080;">str_replace</span>('*','\d+',<span style="color: #008080;">str_replace</span>('.', '\.', <span style="color: #800080;">$addr</span>)).'/'<span style="color: #000000;">;
</span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">preg_match</span>(<span style="color: #800080;">$pattern</span>, <span style="color: #800080;">$ip</span>) && !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$addr</span><span style="color: #000000;">)){
</span><span style="color: #800080;">$pass</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">;
</span><span style="color: #0000ff;">break</span><span style="color: #000000;">;
}
}
}
}
</span><span style="color: #0000ff;">echo</span> <span style="color: #008080;">date</span>('Y-m-d H:i:s')." [debug]\tIP ACCESS:".' '.(<span style="color: #800080;">$pass</span>?'true':'false')."\n"<span style="color: #000000;">;
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$pass</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 获取用户主目录
* @param string $user
* @return string
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getHomeDir(<span style="color: #800080;">$user</span><span style="color: #000000;">){
</span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
</span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">];
</span><span style="color: #800080;">$dir</span> = ''<span style="color: #000000;">;
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['home']))<span style="color: #800080;">$dir</span> = <span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['home'<span style="color: #000000;">];
}
</span><span style="color: #800080;">$dir</span> = !<span style="color: #0000ff;">empty</span>(<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['home'])?<span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['home']:<span style="color: #800080;">$dir</span><span style="color: #000000;">;
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$dir</span><span style="color: #000000;">;
}
</span><span style="color: #008000;">//</span><span style="color: #008000;">文件权限判断</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isReadable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][0] == 'R'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][0] == 'R' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isWritable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][1] == 'W'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][1] == 'W' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isAppendable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][2] == 'A'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][2] == 'A' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isRenamable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][3] == 'N'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][3] == 'N' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isDeletable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][4] == 'D'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][4] == 'D' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #008000;">//</span><span style="color: #008000;">目录权限判断</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderListable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][5] == 'L'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][5] == 'L' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderCreatable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][6] == 'C'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][6] == 'C' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderRenamable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][7] == 'N'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][7] == 'N' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> isFolderDeletable(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$result</span> = <span style="color: #800080;">$this</span>->getPathAccess(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$result</span>['isExactMatch'<span style="color: #000000;">]){
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][8] == 'D'<span style="color: #000000;">;
}</span><span style="color: #0000ff;">else</span><span style="color: #000000;">{
</span><span style="color: #0000ff;">return</span> <span style="color: #800080;">$result</span>['access'][8] == 'D' && <span style="color: #800080;">$result</span>['access'][9] == 'I'<span style="color: #000000;">;
}
}
</span><span style="color: #008000;">/*</span><span style="color: #008000;">*
* 获取目录权限
* @param string $user
* @param string $path
* @return array
* 进行最长路径匹配
*
* 返回:
* array(
* 'access'=>目前权限
* ,'isExactMatch'=>是否精确匹配
*
* );
*
* 如果精确匹配,则忽略inherit.
* 否则应判断是否继承父目录的权限,
* 权限位表:
* +---+---+---+---+---+---+---+---+---+---+
* | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |
* +---+---+---+---+---+---+---+---+---+---+
* | R | W | A | N | D | L | C | N | D | I |
* +---+---+---+---+---+---+---+---+---+---+
* | FILE | FOLDER |
* +-------------------+-------------------+
</span><span style="color: #008000;">*/</span>
<span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> getPathAccess(<span style="color: #800080;">$user</span>,<span style="color: #800080;">$path</span><span style="color: #000000;">){
</span><span style="color: #800080;">$this</span>-><span style="color: #000000;">reload();
</span><span style="color: #800080;">$user</span> = <span style="color: #008080;">strtolower</span>(<span style="color: #800080;">$user</span><span style="color: #000000;">);
</span><span style="color: #800080;">$group</span> = <span style="color: #800080;">$this</span>->users[<span style="color: #800080;">$user</span>]['group'<span style="color: #000000;">];
</span><span style="color: #008000;">//</span><span style="color: #008000;">去除文件名称</span>
<span style="color: #800080;">$path</span> = <span style="color: #008080;">str_replace</span>(<span style="color: #008080;">substr</span>(<span style="color: #008080;">strrchr</span>(<span style="color: #800080;">$path</span>, '/'),1),'',<span style="color: #800080;">$path</span><span style="color: #000000;">);
</span><span style="color: #800080;">$access</span> = self::AC(0<span style="color: #000000;">);
</span><span style="color: #800080;">$isExactMatch</span> = <span style="color: #0000ff;">false</span><span style="color: #000000;">;
</span><span style="color: #0000ff;">if</span>(<span style="color: #800080;">$group</span><span style="color: #000000;">){
</span><span style="color: #0000ff;">if</span>(<span style="color: #0000ff;">isset</span>(<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'<span style="color: #000000;">])){
</span><span style="color: #0000ff;">foreach</span> (<span style="color: #800080;">$this</span>->groups[<span style="color: #800080;">$group</span>]['folder'] <span style="color: #0000ff;">as</span> <span style="color: #800080;">$f</span><span style="color: #000000;">){
</span><span style="color: #008000;">//</span><span style="color: #008000;">中文处理</span>
<span style="color: #800080;">$t_path</span> = <span style="color: #008080;">iconv</span>('UTF-8','GB18030',<span style="color: #800080;">$f</span>['path'<span style="color: #000000;">]);
</span><span style="color: #0000ff;">if</span>(<span style="color: #008080;">strpos</span>(<span style="color: #800080;">$path</span>, <span style="color: #800080;">$t_path</span>) === 0<span style="color: #000000;">){
</span><span style="color: #800080;">$access</span> = <span style="color: #800080;">$f</span>['access'<span style="color: #000000;">];
</span><span style="color: #800080;">$isExactMatch</span> = (<span style="color: #800080;">$path</span> == <span style="color: #800080;">$t_path</span>?<span style="color: #0000ff;">true</span>:<span style="color: #0000ff;">false</span><span style="color: #000000;">);
}
</span>声明:
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系admin@php.cn