Dream Background File Editor and delete file exceptions

In the process of using the Dream management site, there is a website File Manager exception, the situation is as follows:

1. Delete files in the confirmation file deletion of the dialog box appears on the next two lines of JavaScript code, the content of the code is the contents of the Blank.js file (the file in the Administrator directory in the JS directory), and these two lines of code is aggravated with a red background (now think of it should be a browser alert, Regardless of the code itself).

2. When some files are deleted, the system prompts for warning and suppresses deletion.

3. When editing the file, the contents of the two input of the working directory and the file name are empty and should normally be automatically populated with the current directory and the name of the file currently being modified. As a result, the file cannot be saved after editing is complete, i.e. the file cannot be modified.

Based on the link path to edit and delete files, I found the first PHP file executed by the File Manager---file_mange_view.php, this file in the Background Administrator folder (default/admin), open this file, You can see that this file controls the dialog pages that are displayed during the background file management process, including the following: renaming, creating new directories, moving files, deleting files, editing files, visualizing edits, creating new files and uploading files, and using If/else to determine the value of the $FMDO variable to determine what to do, $ The FMDO variable is passed in through a URL, which is stored in the $_get variable.

First of all, for the first question, look at the deletion of the file part of the case, the deletion of the code interception is as follows:

file_mange_view.php
//deleting filesElseIf$fmdo = = "Del"){$wintitle = "&nbsp; file Management";$wecome _info = "&nbsp; file management:: Delete file [<a href= ' file_manage_main.php?activepath=$activepath ' > File Explorer </a>]</a>;$win =NewOxwindow ();$win->init ("file_manage_control.php", "Js/blank.js", "POST");$win->addhidden ("Fmdo",$fmdo);$win->addhidden ("Activepath",$activepath);$win->addhidden ("filename",$filename);if (@Is_dir ($cfg _basedir.$activepath. " / $filename ")) { $wmsg = "Are you sure you want to delete the directory:  $filename? ";} else { $wmsg = " Are you sure you want to delete the file:  $filename? ";}  $win->addtitle ("Delete file confirmation"  $win->addmsgitem ( $wmsg, "50" );  $winform =  $win->getwindow ("OK" );  $win->display ();      

First look at this line: $win = new Oxwindow (), where a class Oxwindow is initialized, and the Init () method of this class is called, and this class is introduced with require_once at the beginning of this file:

Require_once (Dedeinc. " /oxwindow.class.php ");

Dedeinc variable is the root directory under the/include folder, so also open this file view, first found that it introduced another file:

Require_once (Dedeinc. " /dedetag.class.php ");

First, regardless of this dedetag.class.php, use it to find it, first see what this oxwindow is doing, according to File_mange_ The process of code execution in view.php, the first instantiation of Oxwindow, which is called its construction method, but this thing does not construct a method, so continue to see, call the Init method, the following intercept the code of this method:

 /** Initialize to page with form * * @param string $formaction form Action action * @param string $checkScript detect verify JS * @param string $formmethod form type * @param string $formname form name * @return void*/function Init ($formaction = "",$checkScript = "Js/blank.js",$formmethod = "POST",$formname = "MyForm") {$this->mywin. = "<script language= ' JavaScript ' >\r\n";If$checkScript! = "" &&File_exists ($checkScript)) {$FP =fopen$checkScript, "R");$this->mywin. =Fread$FP,FileSize$checkScriptfclose ( $fp else { $this->mywin. =" <!--function Checksubmit () \r\n{return true;}--";}  $this->mywin. = "</script>\r\n"  $this->formname =  $formname  $this->mywin. = "<form name= '  $formname ' method= '  $formmethod ' onsubmit= ' return Checksubmit (); ' action= '  $formaction ' >\r\n "     

This method is called  $win->init ("file_manage_control.php", "Js/blank.js", "POST"), so the parameters passed are also obvious, is two filenames and a post string, what does this method do, as it says in its comments, is to $this->mywin
This variable is made into a very long string, which is part of an HTML page, starting with the JavaScript code read from Js/blank.js, and if the file is empty or nonexistent, write a name Checksubmit () function and always returns TRUE, actually open
This blank.js file found the contents of the file is also this forever return the true function, so this code is actually very boring. Next is the beginning of a form, which is the first half of the form label, set name,method,action equivalent with the passed parameters. And then back to the call to the INIT function
The place then looks down to understand, originally called this oxwindow class is to delete/edit files and so on when the initialization of a prompt page, this page is initialized to a page with a form, that is, the first question in this article, the question page, so the next
A few lines of code are using the Oxwindow class to add content to the page, and finally the display () method is called to show the page. So to solve the problem, we have to look at how this page is displayed, here is the display () method:

 /** * Show Page * * @access public * @param string $modfile Model template * @return string*/function Display ($modfile = "") {Global$cfg _templets_dir,$wecome _info,$cfg _basedir;IfEmpty$wecome _info)) {$wecome _info = "Dedecms OX General dialog box:"; }$CTP =NewDedetagparse ();If$modfile = = ") {$CTP->loadtemplate ($cfg _basedir.$cfg _templets_dir. '/plus/win_templet.htm '); }Else{$CTP->loadtemplate ($modfile); }$emnum =$ctpCount;For$i = 0;$i <= $emnum;  $i ++if (isset ( $GLOBALS [ $CTP->ctags[  $i]->gettagname ()])) {  $CTP->assign ( $i, $ Globals[ $CTP->ctags[ $i]-> gettagname ()]); }}  $CTP->display ();  $CTP->clear ();} //end Class        

See this method at a glance and instantiate another class called Dedetagparse, and then call its LoadTemplate () method, you can guess, this class is called the template to display the previous initialized page content. The LoadTemplate () method is called the template, and the last
The display () method is displayed, so the exception of question 1 may have two causes: the first is the template of the call out of the problem, the other is the process of processing the template is a problem, but the process of processing the template is done by instantiating classes, the probability of a class file problem is relatively small, so
First check this template, pass this parameter is the path and file name of this template, that is, the template directory under the root directory/templets/plus/win_ templet.htm file, open a close examination to find the problem, in the template to reference the dream background variable when the single quote
and double quotation marks with a very confusing, there is a single quotation mark, there are single quotes, so after parsing the template after the display of a lot of errors, so the quotation mark correction back into the background is displayed normal.
Problem 11 solve, the same is the first from the template to solve the problem 3, but did not find any exception, helpless on the page that appeared to use Firebug View source code, found in the head tag inside the META tag is actually written charset=<?php Echo $cfg _ Charset_lang;? >
Why does the PHP code be output by the browser, without parsing it, and then find another site in the background of the same template page to replace it, and then everything is normal. This is resolved in question 1 and issue 3.
Problem 2 is depressed, access to the FTP discovery file permissions are set to 644, in addition to root, other users do not have  write permissions, so in the background can not delete. 

Dream Background File Editor and delete file exceptions