用PHP實現一個高效安全的ftp服務器(二)

接前文。javascript

 

 1.實現用戶類CUser。

  用戶的存儲採用文本形式,將用戶數組進行json編碼。  php

用戶文件格式:
 * array(
 *         'user1' => array(
 *             'pass'=>'',
 *             'group'=>'',
 *             'home'=>'/home/ftp/', //ftp主目錄
 *             'active'=>true,
 *             'expired=>'2015-12-12',
 *             'description'=>'',
 *             'email' => '',
 *             'folder'=>array(
 *                     //能夠列出主目錄下的文件和目錄,但不能建立和刪除,也不能進入主目錄下的目錄
 *                     //前1-5位是文件權限,6-9是文件夾權限,10是否繼承(inherit)
 *                     array('path'=>'/home/ftp/','access'=>'RWANDLCNDI'),
 *                     //能夠列出/home/ftp/a/下的文件和目錄,能夠建立和刪除,能夠進入/home/ftp/a/下的子目錄,能夠建立和刪除。
 *                     array('path'=>'/home/ftp/a/','access'=>'RWAND-----'),
 *             ),
 *             'ip'=>array(
 *                 'allow'=>array(ip1,ip2,...),//支持*通配符: 192.168.0.*
 *                 'deny'=>array(ip1,ip2,...)
 *             )
 *         ) 
 * )
 * 
 * 組文件格式:
 * array(
 *         'group1'=>array(
 *             'home'=>'/home/ftp/dept1/',
 *             'folder'=>array(
 * 
 *             ),
 *             'ip'=>array(
 *                 'allow'=>array(ip1,ip2,...),
 *                 'deny'=>array(ip1,ip2,...)
 *            )
 *         )
 * )

 

  文件夾和文件的權限說明:css

     

 * 文件權限 
 * R讀 : 容許用戶讀取(即下載)文件。該權限不容許用戶列出目錄內容,執行該操做須要列表權限。 
 * W寫: 容許用戶寫入(即上傳)文件。該權限不容許用戶修改現有的文件,執行該操做須要追加權限。
 * A追加: 容許用戶向現有文件中追加數據。該權限一般用於使用戶可以對部分上傳的文件進行續傳。 
 * N重命名: 容許用戶重命名現有的文件。
 * D刪除: 容許用戶刪除文件。 
 * 
 * 目錄權限 
 * L列表: 容許用戶列出目錄中包含的文件。
 * C建立: 容許用戶在目錄中新建子目錄。 
 * N重命名: 容許用戶在目錄中重命名現有子目錄。
 * D刪除: 容許用戶在目錄中刪除現有子目錄。注意: 若是目錄包含文件,用戶要刪除目錄還須要具備刪除文件權限。
 * 
 * 子目錄權限
 * I繼承: 容許全部子目錄繼承其父目錄具備的相同權限。繼承權限適用於大多數狀況,可是若是訪問必須受限於子文件夾,例如實施強制訪問控制(Mandatory Access Control)時,則取消繼承併爲文件夾逐一授予權限。
 * 

  實現代碼以下:  html

  

class User{
    
    const I = 1;    // inherit
    
    const FD = 2;    // folder delete
    
    const FN = 4;    // folder rename
    
    const FC = 8;    // folder create
    
    const FL = 16;    // folder list
    
    const D = 32;    // file delete
    
    const N = 64;    // file rename
    
    const A = 128;    // file append
    
    const W = 256;    // file write (upload)
    
    const R = 512;    // file read (download)    
    
    private $hash_salt = '';
    
    private $user_file;
    
    private $group_file;
    
    private $users = array();
    
    private $groups = array();
    
    private $file_hash = ''; 
    
    public function __construct(){
        $this->user_file = BASE_PATH.'/conf/users';
        $this->group_file = BASE_PATH.'/conf/groups';
        $this->reload();
    }
    
    /**
     * 返回權限表達式
     * @param int $access
     * @return string
     */
    public static function AC($access){
        $str = '';
        $char = array('R','W','A','N','D','L','C','N','D','I');
        for($i = 0; $i < 10; $i++){
            if($access & pow(2,9-$i))$str.= $char[$i];else $str.= '-';
        }
        return $str;
    }
    
    /**
     * 加載用戶數據
     */
    public function reload(){
        $user_file_hash = md5_file($this->user_file);
        $group_file_hash = md5_file($this->group_file);        
        if($this->file_hash != md5($user_file_hash.$group_file_hash)){
            if(($user = file_get_contents($this->user_file)) !== false){
                $this->users = json_decode($user,true);
                if($this->users){
                    //folder排序
                    foreach ($this->users as $user=>$profile){
                        if(isset($profile['folder'])){
                            $this->users[$user]['folder'] = $this->sortFolder($profile['folder']);
                        }
                    }
                }
            }
            if(($group = file_get_contents($this->group_file)) !== false){
                $this->groups = json_decode($group,true);
                if($this->groups){
                    //folder排序
                    foreach ($this->groups as $group=>$profile){                            
                        if(isset($profile['folder'])){                        
                            $this->groups[$group]['folder'] = $this->sortFolder($profile['folder']);
                        }
                    }
                }
            }
            $this->file_hash = md5($user_file_hash.$group_file_hash);            
        }
    }
    
    /**
     * 對folder進行排序
     * @return array
     */
    private function sortFolder($folder){
        uasort($folder, function($a,$b){
            return strnatcmp($a['path'], $b['path']);
        });    
        $result = array();
        foreach ($folder as $v){
            $result[] = $v;
        }    
        return $result;
    }
    
    /**
     * 保存用戶數據
     */
    public function save(){
        file_put_contents($this->user_file, json_encode($this->users),LOCK_EX);
        file_put_contents($this->group_file, json_encode($this->groups),LOCK_EX);
    }
    
    /**
     * 添加用戶
     * @param string $user
     * @param string $pass
     * @param string $home
     * @param string $expired
     * @param boolean $active
     * @param string $group
     * @param string $description
     * @param string $email
     * @return boolean
     */
    public function addUser($user,$pass,$home,$expired,$active=true,$group='',$description='',$email = ''){
        $user = strtolower($user);
        if(isset($this->users[$user]) || empty($user)){
            return false;
        }        
        $this->users[$user] = array(
                'pass' => md5($user.$this->hash_salt.$pass),
                'home' => $home,
                'expired' => $expired,
                'active' => $active,
                'group' => $group,
                'description' => $description,
                'email' => $email,
        );
        return true;
    }
    
    /**
     * 設置用戶資料
     * @param string $user
     * @param array $profile
     * @return boolean
     */
    public function setUserProfile($user,$profile){
        $user = strtolower($user);
        if(is_array($profile) && isset($this->users[$user])){
            if(isset($profile['pass'])){
                $profile['pass'] = md5($user.$this->hash_salt.$profile['pass']);
            }
            if(isset($profile['active'])){
                if(!is_bool($profile['active'])){
                    $profile['active'] = $profile['active'] == 'true' ? true : false;
                }
            }            
            $this->users[$user] = array_merge($this->users[$user],$profile);
            return true;
        }
        return false;
    }
    
    /**
     * 獲取用戶資料
     * @param string $user
     * @return multitype:|boolean
     */
    public function getUserProfile($user){
        $user = strtolower($user);
        if(isset($this->users[$user])){
            return $this->users[$user];
        }
        return false;
    }
    /**
     * 刪除用戶
     * @param string $user
     * @return boolean
     */
    public function delUser($user){
        $user = strtolower($user);
        if(isset($this->users[$user])){
            unset($this->users[$user]);
            return true;
        }
        return false;
    }
    
    /**
     * 獲取用戶列表
     * @return array
     */
    public function getUserList(){
        $list = array();
        if($this->users){
            foreach ($this->users as $user=>$profile){
                $list[] = $user;
            }
        }
        sort($list);
        return $list;
    }
    
    /**
     * 添加組
     * @param string $group
     * @param string $home
     * @return boolean
     */
    public function addGroup($group,$home){
        $group = strtolower($group);
        if(isset($this->groups[$group])){
            return false;
        }
        $this->groups[$group] = array(
                'home' => $home
        );
        return true;
    }
    
    /**
     * 設置組資料
     * @param string $group
     * @param array $profile
     * @return boolean
     */
    public function setGroupProfile($group,$profile){
        $group = strtolower($group);
        if(is_array($profile) && isset($this->groups[$group])){
            $this->groups[$group] = array_merge($this->groups[$group],$profile);
            return true;
        }
        return false;
    }
    
    /**
     * 獲取組資料
     * @param string $group
     * @return multitype:|boolean
     */
    public function getGroupProfile($group){
        $group = strtolower($group);
        if(isset($this->groups[$group])){
            return $this->groups[$group];
        }
        return false;
    }
    
    /**
     * 刪除組
     * @param string $group
     * @return boolean
     */
    public function delGroup($group){
        $group = strtolower($group);
        if(isset($this->groups[$group])){
            unset($this->groups[$group]);
            foreach ($this->users as $user => $profile){
                if($profile['group'] == $group)
                    $this->users[$user]['group'] = '';
            }
            return true;
        }
        return false;
    }
    
    /**
     * 獲取組列表
     * @return array
     */
    public function getGroupList(){
        $list = array();
        if($this->groups){
            foreach ($this->groups as $group=>$profile){
                $list[] = $group;
            }
        }
        sort($list);
        return $list;
    }
    
    /**
     * 獲取組用戶列表
     * @param string $group
     * @return array
     */
    public function getUserListOfGroup($group){
        $list = array();
        if(isset($this->groups[$group]) && $this->users){
            foreach ($this->users as $user=>$profile){
                if(isset($profile['group']) && $profile['group'] == $group){
                    $list[] = $user;
                }
            }
        }
        sort($list);
        return $list;
    }
    
    /**
     * 用戶驗證
     * @param string $user
     * @param string $pass
     * @param string $ip
     * @return boolean
     */
    public function checkUser($user,$pass,$ip = ''){
        $this->reload();
        $user = strtolower($user);
        if(isset($this->users[$user])){
            if($this->users[$user]['active'] && time() <= strtotime($this->users[$user]['expired'])
                 && $this->users[$user]['pass'] == md5($user.$this->hash_salt.$pass)){
                if(empty($ip)){
                    return true;
                }else{
                    //ip驗證
                    return $this->checkIP($user, $ip);
                }
            }else{
                return false;
            }        
        }
        return false;
    }
    
    /**
     * basic auth 
     * @param string $base64    
     */
    public function checkUserBasicAuth($base64){
        $base64 = trim(str_replace('Basic ', '', $base64));
        $str = base64_decode($base64);
        if($str !== false){
            list($user,$pass) = explode(':', $str,2);
            $this->reload();
            $user = strtolower($user);
            if(isset($this->users[$user])){
                $group = $this->users[$user]['group'];
                if($group == 'admin' && $this->users[$user]['active'] && time() <= strtotime($this->users[$user]['expired'])
                && $this->users[$user]['pass'] == md5($user.$this->hash_salt.$pass)){                
                    return true;
                }else{
                    return false;
                }
            }
        }
        return false;
    }
    
    /**
     * 用戶登陸ip驗證
     * @param string $user
     * @param string $ip
     * 
     * 用戶的ip權限繼承組的IP權限。
     * 匹配規則:
     * 1.進行組容許列表匹配;
     * 2.如同經過,進行組拒絕列表匹配;
     * 3.進行用戶容許匹配
     * 4.若是經過,進行用戶拒絕匹配
     * 
     */
    public function checkIP($user,$ip){
        $pass = false;
        //先進行組驗證        
        $group = $this->users[$user]['group'];
        //組容許匹配
        if(isset($this->groups[$group]['ip']['allow'])){
            foreach ($this->groups[$group]['ip']['allow'] as $addr){
                $pattern = '/'.str_replace('*','\d+',str_replace('.', '\.', $addr)).'/';
                if(preg_match($pattern, $ip) && !empty($addr)){
                    $pass = true;
                    break;
                }
            }
        }
        //若是容許經過,進行拒絕匹配
        if($pass){
            if(isset($this->groups[$group]['ip']['deny'])){
                foreach ($this->groups[$group]['ip']['deny'] as $addr){
                    $pattern = '/'.str_replace('*','\d+',str_replace('.', '\.', $addr)).'/';
                    if(preg_match($pattern, $ip) && !empty($addr)){
                        $pass = false;
                        break;
                    }
                }
            }
        }
        
        if(isset($this->users[$user]['ip']['allow'])){            
            foreach ($this->users[$user]['ip']['allow'] as $addr){
                $pattern = '/'.str_replace('*','\d+',str_replace('.', '\.', $addr)).'/';
                if(preg_match($pattern, $ip) && !empty($addr)){
                    $pass = true;
                    break;
                }
            }
        }
        if($pass){
            if(isset($this->users[$user]['ip']['deny'])){
                foreach ($this->users[$user]['ip']['deny'] as $addr){
                    $pattern = '/'.str_replace('*','\d+',str_replace('.', '\.', $addr)).'/';
                    if(preg_match($pattern, $ip) && !empty($addr)){
                        $pass = false;
                        break;
                    }
                }
            }
        }
        echo date('Y-m-d H:i:s')." [debug]\tIP ACCESS:".' '.($pass?'true':'false')."\n";
        return $pass;
    }
    
    /**
     * 獲取用戶主目錄
     * @param string $user
     * @return string
     */
    public function getHomeDir($user){
        $user = strtolower($user);
        $group = $this->users[$user]['group'];
        $dir = '';
        if($group){
            if(isset($this->groups[$group]['home']))$dir = $this->groups[$group]['home'];
        }
        $dir = !empty($this->users[$user]['home'])?$this->users[$user]['home']:$dir;
        return $dir;
    }
    
    //文件權限判斷
    public function isReadable($user,$path){        
        $result = $this->getPathAccess($user, $path);
        if($result['isExactMatch']){
            return $result['access'][0] == 'R';
        }else{
            return $result['access'][0] == 'R' && $result['access'][9] == 'I';
        }
    }    
    
    public function isWritable($user,$path){        
        $result = $this->getPathAccess($user, $path);        
        if($result['isExactMatch']){
            return $result['access'][1] == 'W';
        }else{
            return $result['access'][1] == 'W' && $result['access'][9] == 'I';
        }
    }
    
    public function isAppendable($user,$path){
        $result = $this->getPathAccess($user, $path);
        if($result['isExactMatch']){
            return $result['access'][2] == 'A';
        }else{
            return $result['access'][2] == 'A' && $result['access'][9] == 'I';
        }
    }    
    
    public function isRenamable($user,$path){
        $result = $this->getPathAccess($user, $path);
        if($result['isExactMatch']){
            return $result['access'][3] == 'N';
        }else{
            return $result['access'][3] == 'N' && $result['access'][9] == 'I';
        }
    }
    public function isDeletable($user,$path){        
        $result = $this->getPathAccess($user, $path);
        if($result['isExactMatch']){
            return $result['access'][4] == 'D';
        }else{
            return $result['access'][4] == 'D' && $result['access'][9] == 'I';
        }
    }
    
    //目錄權限判斷
    public function isFolderListable($user,$path){
        $result = $this->getPathAccess($user, $path);
        if($result['isExactMatch']){
            return $result['access'][5] == 'L';
        }else{
            return $result['access'][5] == 'L' && $result['access'][9] == 'I';
        }
    }
    
    public function isFolderCreatable($user,$path){
        $result = $this->getPathAccess($user, $path);
        if($result['isExactMatch']){
            return  $result['access'][6] == 'C';
        }else{
            return  $result['access'][6] == 'C' && $result['access'][9] == 'I';
        }
    }
    
    public function isFolderRenamable($user,$path){
        $result = $this->getPathAccess($user, $path);
        if($result['isExactMatch']){
            return $result['access'][7] == 'N';
        }else{
            return $result['access'][7] == 'N' && $result['access'][9] == 'I';
        }
    }
    
    public function isFolderDeletable($user,$path){
        $result = $this->getPathAccess($user, $path);
        if($result['isExactMatch']){
            return $result['access'][8] == 'D';
        }else{
            return $result['access'][8] == 'D' && $result['access'][9] == 'I';
        }
    }
    
    /**
     * 獲取目錄權限
     * @param string $user
     * @param string $path
     * @return array
     * 進行最長路徑匹配
     * 
     * 返回:
     * array(
     * 'access'=>目前權限    
     *    ,'isExactMatch'=>是否精確匹配
     *    
     * );
     * 
     * 若是精確匹配,則忽略inherit.
     * 不然應判斷是否繼承父目錄的權限,
     * 權限位表:
     * +---+---+---+---+---+---+---+---+---+---+
     * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |
     * +---+---+---+---+---+---+---+---+---+---+
     * | R | W | A | N | D | L | C | N | D | I |
     * +---+---+---+---+---+---+---+---+---+---+
     * |       FILE        |     FOLDER        |
     * +-------------------+-------------------+
     */
    
    public function getPathAccess($user,$path){
        $this->reload();
        $user = strtolower($user);
        $group = $this->users[$user]['group'];        
        //去除文件名稱
        $path = str_replace(substr(strrchr($path, '/'),1),'',$path);
        $access = self::AC(0);        
        $isExactMatch = false;
        if($group){
            if(isset($this->groups[$group]['folder'])){                
                foreach ($this->groups[$group]['folder'] as $f){
                    //中文處理
                    $t_path = iconv('UTF-8','GB18030',$f['path']);                    
                    if(strpos($path, $t_path) === 0){
                        $access = $f['access'];                        
                        $isExactMatch = ($path == $t_path?true:false);
                    }                        
                }
            }
        }
        if(isset($this->users[$user]['folder'])){
            foreach ($this->users[$user]['folder'] as $f){
                //中文處理
                $t_path = iconv('UTF-8','GB18030',$f['path']);
                if(strpos($path, $t_path) === 0){
                    $access = $f['access'];                    
                    $isExactMatch = ($path == $t_path?true:false);
                }
            }
        }
        echo date('Y-m-d H:i:s')." [debug]\tACCESS:$access ".' '.($isExactMatch?'1':'0')." $path\n";
        return array('access'=>$access,'isExactMatch'=>$isExactMatch);
    }    
    
    /**
     * 添加在線用戶
     * @param ShareMemory $shm
     * @param swoole_server $serv
     * @param unknown $user
     * @param unknown $fd
     * @param unknown $ip
     * @return Ambigous <multitype:, boolean, mixed, multitype:unknown number multitype:Ambigous <unknown, number>  >
     */
    public function addOnline(ShareMemory $shm ,$serv,$user,$fd,$ip){
        $shm_data = $shm->read();
        if($shm_data !== false){
            $shm_data['online'][$user.'-'.$fd] = array('ip'=>$ip,'time'=>time());
            $shm_data['last_login'][] = array('user' => $user,'ip'=>$ip,'time'=>time());
            //清除舊數據
            if(count($shm_data['last_login'])>30)array_shift($shm_data['last_login']);
            $list = array();
            foreach ($shm_data['online'] as $k =>$v){
                $arr = explode('-', $k);
                if($serv->connection_info($arr[1]) !== false){
                    $list[$k] = $v;
                }
            }
            $shm_data['online'] = $list;
            $shm->write($shm_data);
        }
        return $shm_data;
    }
    
    /**
     * 添加登錄失敗記錄
     * @param ShareMemory $shm
     * @param unknown $user
     * @param unknown $ip
     * @return Ambigous <number, multitype:, boolean, mixed>
     */
    public function addAttempt(ShareMemory $shm ,$user,$ip){
        $shm_data = $shm->read();
        if($shm_data !== false){
            if(isset($shm_data['login_attempt'][$ip.'||'.$user]['count'])){
                $shm_data['login_attempt'][$ip.'||'.$user]['count'] += 1;
            }else{
                $shm_data['login_attempt'][$ip.'||'.$user]['count'] = 1;
            }
            $shm_data['login_attempt'][$ip.'||'.$user]['time'] = time();
            //清除舊數據
            if(count($shm_data['login_attempt'])>30)array_shift($shm_data['login_attempt']);
            $shm->write($shm_data);
        }
        return $shm_data;
    }
    
    /**
     * 密碼錯誤上限
     * @param unknown $shm
     * @param unknown $user
     * @param unknown $ip
     * @return boolean
     */
    public function isAttemptLimit(ShareMemory $shm,$user,$ip){
        $shm_data = $shm->read();
        if($shm_data !== false){
            if(isset($shm_data['login_attempt'][$ip.'||'.$user]['count'])){
                if($shm_data['login_attempt'][$ip.'||'.$user]['count'] > 10 &&
                time() - $shm_data['login_attempt'][$ip.'||'.$user]['time'] < 600){                    
                    return true;
                }
            }
        }
        return false;
    }
    
    /**
     * 生成隨機密鑰
     * @param int $len
     * @return Ambigous <NULL, string>
     */
    public static function genPassword($len){
        $str = null;
        $strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz@!#$%*+-";
        $max = strlen($strPol)-1;
    
        for($i=0;$i<$len;$i++){
            $str.=$strPol[rand(0,$max)];//rand($min,$max)生成介於min和max兩個數之間的一個隨機整數
        }
        return $str;
    }    
    
    
}
View Code

 

2.共享內存操做類

  這個相對簡單,使用php的shmop擴展便可。java

  

class ShareMemory{
    
    private $mode = 0644;
    
    private $shm_key;
    
    private $shm_size;
    
    /**
     * 構造函數     
     */
    public function __construct(){
        $key = 'F';
        $size = 1024*1024;
        $this->shm_key = ftok(__FILE__,$key);
        $this->shm_size = $size + 1;
    }
    
    /**
     * 讀取內存數組
     * @return array|boolean
     */
    public function read(){
        if(($shm_id = shmop_open($this->shm_key,'c',$this->mode,$this->shm_size)) !== false){
            $str = shmop_read($shm_id,1,$this->shm_size-1);
            shmop_close($shm_id);
            if(($i = strpos($str,"\0")) !== false)$str = substr($str,0,$i);
            if($str){
                return json_decode($str,true);
            }else{
                return array();
            }
        }
        return false;
    }
    
    /**
     * 寫入數組到內存
     * @param array $arr
     * @return int|boolean
     */
    public function write($arr){
        if(!is_array($arr))return false;
        $str = json_encode($arr)."\0";
        if(strlen($str) > $this->shm_size) return false;
        if(($shm_id = shmop_open($this->shm_key,'c',$this->mode,$this->shm_size)) !== false){            
            $count = shmop_write($shm_id,$str,1);
            shmop_close($shm_id);
            return $count;
        }
        return false;
    }
    
    /**
     * 刪除內存塊,下次使用時將從新開闢內存塊
     * @return boolean
     */
    public function delete(){
        if(($shm_id = shmop_open($this->shm_key,'c',$this->mode,$this->shm_size)) !== false){
            $result = shmop_delete($shm_id);
            shmop_close($shm_id);
            return $result;
        }
        return false;
    }
}
View Code

 

3.內置的web服務器類

  這個主要是嵌入在ftp的http服務器類,功能不是很完善,進行ftp的管理仍是可行的。不過須要注意的是,這個實現與apache等其餘http服務器運行的方式可能有所不一樣。代碼是駐留內存的。web

  

class CWebServer{
    
    protected $buffer_header = array();
    protected $buffer_maxlen = 65535; //最大POST尺寸

    const DATE_FORMAT_HTTP = 'D, d-M-Y H:i:s T';

    const HTTP_EOF = "\r\n\r\n";
    const HTTP_HEAD_MAXLEN = 8192; //http頭最大長度不得超過2k
    const HTTP_POST_MAXLEN = 1048576;//1m

    const ST_FINISH = 1; //完成,進入處理流程
    const ST_WAIT   = 2; //等待數據
    const ST_ERROR  = 3; //錯誤,丟棄此包
    
    private $requsts = array();
    
    private $config = array();
    
    public function log($msg,$level = 'debug'){
        echo date('Y-m-d H:i:s').' ['.$level."]\t" .$msg."\n";
    }
    
    public function __construct($config = array()){
        $this->config = array(
                'wwwroot' => __DIR__.'/wwwroot/',
                'index' => 'index.php',
                'path_deny' => array('/protected/'),                
        );          
    }
    
    public function onReceive($serv,$fd,$data){        
        $ret = $this->checkData($fd, $data);
        switch ($ret){
            case self::ST_ERROR:
                $serv->close($fd);
                $this->cleanBuffer($fd);
                $this->log('Recevie error.');
                break;
            case self::ST_WAIT: 
                $this->log('Recevie wait.');
                return;
            default:
                break;
        }
        //開始完整的請求
        $request = $this->requsts[$fd];
        $info = $serv->connection_info($fd);         
        $request = $this->parseRequest($request);
        $request['remote_ip'] = $info['remote_ip'];
        $response = $this->onRequest($request);
        $output = $this->parseResponse($request,$response);
        $serv->send($fd,$output);
        if(isset($request['head']['Connection']) && strtolower($request['head']['Connection']) == 'close'){
            $serv->close($fd);
        }
        unset($this->requsts[$fd]);
        $_REQUEST = $_SESSION = $_COOKIE = $_FILES = $_POST = $_SERVER = $_GET = array();
    }
    
    /**
     * 處理請求
     * @param array $request
     * @return array $response
     * 
     * $request=array(
     *     'time'=>
     *     'head'=>array(
     *             'method'=>
     *             'path'=>
     *             'protocol'=>
     *             'uri'=>
     *             //other http header
     *             '..'=>value
     *         )
     *  'body'=>
     *  'get'=>(if appropriate)
     *  'post'=>(if appropriate)
     *  'cookie'=>(if appropriate)
     * 
     * 
     * )
     */
    public function onRequest($request){        
        if($request['head']['path'][strlen($request['head']['path']) - 1] == '/'){
            $request['head']['path'] .= $this->config['index'];
        }
        $response = $this->process($request);
        return $response;
    } 
    
    
    /**
     * 清除數據
     * @param unknown $fd
     */
    public function cleanBuffer($fd){
        unset($this->requsts[$fd]);
        unset($this->buffer_header[$fd]);
    }
    
    /**
     * 檢查數據
     * @param unknown $fd
     * @param unknown $data
     * @return string
     */
    public function checkData($fd,$data){
        if(isset($this->buffer_header[$fd])){
            $data = $this->buffer_header[$fd].$data;
        }
        $request = $this->checkHeader($fd, $data);
        //請求頭錯誤
        if($request === false){
            $this->buffer_header[$fd] = $data;
            if(strlen($data) > self::HTTP_HEAD_MAXLEN){
                return self::ST_ERROR;
            }else{
                return self::ST_WAIT;
            }
        }
        //post請求檢查
        if($request['head']['method'] == 'POST'){
            return $this->checkPost($request);
        }else{
            return self::ST_FINISH;
        }    
    }
    
    /**
     * 檢查請求頭
     * @param unknown $fd
     * @param unknown $data
     * @return boolean|array
     */
    public function checkHeader($fd, $data){
        //新的請求
        if(!isset($this->requsts[$fd])){
            //http頭結束符
            $ret = strpos($data,self::HTTP_EOF);
            if($ret === false){
                return false;
            }else{
                $this->buffer_header[$fd] = '';
                $request = array();
                list($header,$request['body']) = explode(self::HTTP_EOF, $data,2);                
                $request['head'] = $this->parseHeader($header);                            
                $this->requsts[$fd] = $request;
                if($request['head'] == false){
                    return false;
                }
            }
        }else{
            //post 數據合併
            $request = $this->requsts[$fd];
            $request['body'] .= $data;
        }
        return $request;
    }
    
    /**
     * 解析請求頭
     * @param string $header
     * @return array
     * array(
     *     'method'=>,
     *     'uri'=>
     *     'protocol'=>
     *     'name'=>value,...
     *     
     *     
     * 
     * }
     */
    public function parseHeader($header){
        $request = array();
        $headlines = explode("\r\n", $header);
        list($request['method'],$request['uri'],$request['protocol']) = explode(' ', $headlines[0],3);                
        foreach ($headlines as $k=>$line){
            $line = trim($line);            
            if($k && !empty($line) && strpos($line,':') !== false){
                list($name,$value) = explode(':', $line,2);
                $request[trim($name)] = trim($value);
            }
        }        
        return $request;
    }
    
    /**
     * 檢查post數據是否完整
     * @param unknown $request
     * @return string
     */
    public function checkPost($request){
        if(isset($request['head']['Content-Length'])){
            if(intval($request['head']['Content-Length']) > self::HTTP_POST_MAXLEN){
                return self::ST_ERROR;
            }
            if(intval($request['head']['Content-Length']) > strlen($request['body'])){
                return self::ST_WAIT;
            }else{
                return self::ST_FINISH;
            }
        }
        return self::ST_ERROR;
    }
    
    /**
     * 解析請求
     * @param unknown $request
     * @return Ambigous <unknown, mixed, multitype:string >
     */
    public function parseRequest($request){
        $request['time'] = time();
        $url_info = parse_url($request['head']['uri']);
        $request['head']['path'] = $url_info['path'];
        if(isset($url_info['fragment']))$request['head']['fragment'] = $url_info['fragment'];
        if(isset($url_info['query'])){
            parse_str($url_info['query'],$request['get']);
        }
        //parse post body
        if($request['head']['method'] == 'POST'){
            //目前只處理表單提交            
            if (isset($request['head']['Content-Type']) && substr($request['head']['Content-Type'], 0, 33) == 'application/x-www-form-urlencoded'
                || isset($request['head']['X-Request-With']) && $request['head']['X-Request-With'] == 'XMLHttpRequest'){
                parse_str($request['body'],$request['post']);
            }
        }
        //parse cookies
        if(!empty($request['head']['Cookie'])){
            $params = array();
            $blocks = explode(";", $request['head']['Cookie']);
            foreach ($blocks as $b){
                $_r = explode("=", $b, 2);
                if(count($_r)==2){
                    list ($key, $value) = $_r;
                    $params[trim($key)] = trim($value, "\r\n \t\"");
                }else{
                    $params[$_r[0]] = '';
                }
            }
            $request['cookie'] = $params;
        }
        return $request;
    }
    
    
    public function parseResponse($request,$response){
        
        
        if(!isset($response['head']['Date'])){
            $response['head']['Date'] = gmdate("D, d M Y H:i:s T");
        }
        if(!isset($response['head']['Content-Type'])){
            $response['head']['Content-Type'] = 'text/html;charset=utf-8';
        }
        if(!isset($response['head']['Content-Length'])){
            $response['head']['Content-Length'] = strlen($response['body']);
        }
        if(!isset($response['head']['Connection'])){
            if(isset($request['head']['Connection']) && strtolower($request['head']['Connection']) == 'keep-alive'){
                $response['head']['Connection'] = 'keep-alive';
            }else{
                $response['head']['Connection'] = 'close';
            }            
        }
        
        $response['head']['Server'] = CFtpServer::$software.'/'.CFtpServer::VERSION;        
        
        $out = '';
        if(isset($response['head']['Status'])){
            $out .= 'HTTP/1.1 '.$response['head']['Status']."\r\n";
            unset($response['head']['Status']);
        }else{
            $out .= "HTTP/1.1 200 OK\r\n";
        }
        //headers
        foreach($response['head'] as $k=>$v){
            $out .= $k.': '.$v."\r\n";
        }
        //cookies
        if($_COOKIE){            
            $arr = array();
            foreach ($_COOKIE as $k => $v){
                $arr[] = $k.'='.$v;            
            }
            $out .= 'Set-Cookie: '.implode(';', $arr)."\r\n";
        }
        //End
        $out .= "\r\n";
        $out .= $response['body'];
        return $out;
    }
    /**
     * 處理請求
     * @param unknown $request
     * @return array
     */
    public function process($request){
        $path = $request['head']['path'];
        $isDeny = false;
        foreach ($this->config['path_deny'] as $p){
            if(strpos($path, $p) === 0){
                $isDeny = true;
                break;
            }
        }
        if($isDeny){
            return $this->httpError(403, '服務器拒絕訪問:路徑錯誤');            
        }
        if(!in_array($request['head']['method'],array('GET','POST'))){
            return $this->httpError(500, '服務器拒絕訪問:錯誤的請求方法');
        }
        $file_ext = strtolower(trim(substr(strrchr($path, '.'), 1)));
        $path = realpath(rtrim($this->config['wwwroot'],'/'). '/' . ltrim($path,'/'));
        $this->log('WEB:['.$request['head']['method'].'] '.$request['head']['uri'] .' '.json_encode(isset($request['post'])?$request['post']:array()));
        $response = array();
        if($file_ext == 'php'){
            if(is_file($path)){
                //設置全局變量                
                if(isset($request['get']))$_GET = $request['get'];
                if(isset($request['post']))$_POST = $request['post'];
                if(isset($request['cookie']))$_COOKIE = $request['cookie'];
                $_REQUEST = array_merge($_GET,$_POST, $_COOKIE);                
                foreach ($request['head'] as $key => $value){
                    $_key = 'HTTP_'.strtoupper(str_replace('-', '_', $key));
                    $_SERVER[$_key] = $value;
                }
                $_SERVER['REMOTE_ADDR'] = $request['remote_ip'];
                $_SERVER['REQUEST_URI'] = $request['head']['uri'];    
                //進行http auth
                if(isset($_GET['c']) && strtolower($_GET['c']) != 'site'){
                    if(isset($request['head']['Authorization'])){
                        $user = new User();
                        if($user->checkUserBasicAuth($request['head']['Authorization'])){
                            $response['head']['Status'] = self::$HTTP_HEADERS[200];
                            goto process;
                        }
                    }
                    $response['head']['Status'] = self::$HTTP_HEADERS[401];
                    $response['head']['WWW-Authenticate'] = 'Basic realm="Real-Data-FTP"';    
                    $_GET['c'] = 'Site';
                    $_GET['a'] = 'Unauthorized';                     
                }
                process:            
                ob_start();                        
                try{
                    include  $path;                    
                    $response['body'] = ob_get_contents();
                    $response['head']['Content-Type'] = APP::$content_type;                    
                }catch (Exception $e){
                    $response = $this->httpError(500, $e->getMessage());
                }
                ob_end_clean();
            }else{
                $response = $this->httpError(404, '頁面不存在');
            }
        }else{
            //處理靜態文件
            if(is_file($path)){
                $response['head']['Content-Type'] = isset(self::$MIME_TYPES[$file_ext]) ? self::$MIME_TYPES[$file_ext]:"application/octet-stream";
                //使用緩存
                if(!isset($request['head']['If-Modified-Since'])){
                    $fstat = stat($path);
                    $expire = 2592000;//30 days
                    $response['head']['Status'] = self::$HTTP_HEADERS[200];
                    $response['head']['Cache-Control'] = "max-age={$expire}";
                    $response['head']['Pragma'] = "max-age={$expire}";
                    $response['head']['Last-Modified'] = date(self::DATE_FORMAT_HTTP, $fstat['mtime']);
                    $response['head']['Expires'] = "max-age={$expire}";
                    $response['body'] = file_get_contents($path);
                }else{
                    $response['head']['Status'] = self::$HTTP_HEADERS[304];
                    $response['body'] = '';
                }                
            }else{
                $response = $this->httpError(404, '頁面不存在');
            }        
        }
        return $response;
    }
    
    public function httpError($code, $content){
        $response = array();
        $version = CFtpServer::$software.'/'.CFtpServer::VERSION;        
        $response['head']['Content-Type'] = 'text/html;charset=utf-8';
        $response['head']['Status'] = self::$HTTP_HEADERS[$code];
        $response['body'] = <<<html
<!DOCTYPE html>
<html lang="zh-CN">
  <head>
    <meta charset="utf-8">  
    <title>FTP後臺管理 </title>
  </head>
  <body>
    <p>{$content}</p>
    <div style="text-align:center">
    <hr>
        {$version} Copyright &copy; 2015 by <a target='_new' href='http://www.realdatamed.com'>Real Data</a> All Rights Reserved.
    </div>
  </body>
</html>
html;
        return $response;
    }
    
    
    static $HTTP_HEADERS = array(
            100 => "100 Continue",
            101 => "101 Switching Protocols",
            200 => "200 OK",
            201 => "201 Created",
            204 => "204 No Content",
            206 => "206 Partial Content",
            300 => "300 Multiple Choices",
            301 => "301 Moved Permanently",
            302 => "302 Found",
            303 => "303 See Other",
            304 => "304 Not Modified",
            307 => "307 Temporary Redirect",
            400 => "400 Bad Request",
            401 => "401 Unauthorized",
            403 => "403 Forbidden",
            404 => "404 Not Found",
            405 => "405 Method Not Allowed",
            406 => "406 Not Acceptable",
            408 => "408 Request Timeout",
            410 => "410 Gone",
            413 => "413 Request Entity Too Large",
            414 => "414 Request URI Too Long",
            415 => "415 Unsupported Media Type",
            416 => "416 Requested Range Not Satisfiable",
            417 => "417 Expectation Failed",
            500 => "500 Internal Server Error",
            501 => "501 Method Not Implemented",
            503 => "503 Service Unavailable",
            506 => "506 Variant Also Negotiates",
    );
    
    static $MIME_TYPES = array(            
        'jpg' => 'image/jpeg',
        'bmp' => 'image/bmp',
        'ico' => 'image/x-icon',
        'gif' => 'image/gif',
        'png' => 'image/png' ,
        'bin' => 'application/octet-stream',
        'js' => 'application/javascript',
        'css' => 'text/css' ,
        'html' => 'text/html' ,
        'xml' => 'text/xml',
        'tar' => 'application/x-tar' ,
        'ppt' => 'application/vnd.ms-powerpoint',
        'pdf' => 'application/pdf' ,
        'svg' => ' image/svg+xml',
        'woff' => 'application/x-font-woff',
        'woff2' => 'application/x-font-woff',                
    );    
}
View Code

4.FTP主類

  有了前面類,就能夠在ftp進行引用了。使用ssl時,請注意進行防火牆passive 端口範圍的nat配置。apache

  

defined('DEBUG_ON') or define('DEBUG_ON', false);

//主目錄
defined('BASE_PATH') or define('BASE_PATH', __DIR__);

require_once BASE_PATH.'/inc/User.php';
require_once BASE_PATH.'/inc/ShareMemory.php';
require_once BASE_PATH.'/web/CWebServer.php';
require_once BASE_PATH.'/inc/CSmtp.php';

class CFtpServer{
    //軟件版本
    const VERSION = '2.0';    
    
    const EOF = "\r\n";    
    
    public static $software "FTP-Server";
    
    private static $server_mode = SWOOLE_PROCESS;    
    
    private static $pid_file;
    
    private static $log_file;    
    
    //待寫入文件的日誌隊列(緩衝區)
    private $queue = array();
    
    private $pasv_port_range = array(55000,60000);
    
    public $host = '0.0.0.0';
    
    public $port = 21;
    
    
    
    public $setting = array();
    
    //最大鏈接數
    public $max_connection = 50;    
    
    //web管理端口
    public $manager_port = 8080;
    
    //tls
    public $ftps_port = 990;
    

    /**
     * @var swoole_server
     */
    protected $server;
    
    protected $connection = array();
    
    protected $session = array();
    
    protected $user;//用戶類,複製驗證與權限
    
    //共享內存類
    protected $shm;//ShareMemory
    
    /**
     * 
     * @var embedded http server
     */
    protected $webserver;
    
    
    
    /*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      + 靜態方法
      +++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
    
    public static function setPidFile($pid_file){
        self::$pid_file = $pid_file;
    }
    
    /**
     * 服務啓動控制方法
     */
    public static function start($startFunc){
        if(empty(self::$pid_file)){
            exit("Require pid file.\n");            
        }
        if(!extension_loaded('posix')){            
            exit("Require extension `posix`.\n");            
        }
        if(!extension_loaded('swoole')){            
            exit("Require extension `swoole`.\n");            
        }
        if(!extension_loaded('shmop')){
            exit("Require extension `shmop`.\n");
        }
        if(!extension_loaded('openssl')){
            exit("Require extension `openssl`.\n");
        }
        
        
        $pid_file = self::$pid_file;
        $server_pid = 0;
        if(is_file($pid_file)){
            $server_pid = file_get_contents($pid_file);
        }
        global $argv;
        if(empty($argv[1])){
            goto usage;
        }elseif($argv[1] == 'reload'){
            if (empty($server_pid)){
                exit("FtpServer is not running\n");
            }
            posix_kill($server_pid, SIGUSR1);
            exit;
        }elseif ($argv[1] == 'stop'){
            if (empty($server_pid)){
                exit("FtpServer is not running\n");
            }
            posix_kill($server_pid, SIGTERM);
            exit;
        }elseif ($argv[1] == 'start'){
            //已存在ServerPID,而且進程存在
            if (!empty($server_pid) and posix_kill($server_pid,(int) 0)){
                exit("FtpServer is already running.\n");
            }
            //啓動服務器
            $startFunc();            
        }else{
            usage:
            exit("Usage: php {$argv[0]} start|stop|reload\n");
        }
        
    }
    
    /*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      + 方法
      +++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
    
    public function __construct($host,$port){
        $this->user = new User();
        $this->shm = new ShareMemory();
        $this->shm->write(array());
        $flag = SWOOLE_SOCK_TCP;
        $this->server = new swoole_server($host,$port,self::$server_mode,$flag);
        $this->host = $host;
        $this->port = $port;
        $this->setting = array(
                'backlog' => 128,                
                'dispatch_mode' => 2,
            );        
    }
    
    public function daemonize(){
        $this->setting['daemonize'] = 1;    
    }
    
    public function getConnectionInfo($fd){
        return $this->server->connection_info($fd);        
    }
    
    /**
     * 啓動服務進程
     * @param array $setting
     * @throws Exception
     */    
    public function run($setting = array()){
        $this->setting = array_merge($this->setting,$setting);        
        //不使用swoole的默認日誌
        if(isset($this->setting['log_file'])){
            self::$log_file = $this->setting['log_file'];
            unset($this->setting['log_file']);
        }    
        if(isset($this->setting['max_connection'])){
            $this->max_connection = $this->setting['max_connection'];
            unset($this->setting['max_connection']);
        }
        if(isset($this->setting['manager_port'])){
            $this->manager_port = $this->setting['manager_port'];
            unset($this->setting['manager_port']);
        }
        if(isset($this->setting['ftps_port'])){
            $this->ftps_port = $this->setting['ftps_port'];
            unset($this->setting['ftps_port']);
        }
        if(isset($this->setting['passive_port_range'])){
            $this->pasv_port_range = $this->setting['passive_port_range'];
            unset($this->setting['passive_port_range']);
        }        
        
        $this->server->set($this->setting);
        $version = explode('.', SWOOLE_VERSION);
        if($version[0] == 1 && $version[1] < 7 && $version[2] <20){
            throw new Exception('Swoole version require 1.7.20 +.');
        }
        //事件綁定
        $this->server->on('start',array($this,'onMasterStart'));
        $this->server->on('shutdown',array($this,'onMasterStop'));
        $this->server->on('ManagerStart',array($this,'onManagerStart'));
        $this->server->on('ManagerStop',array($this,'onManagerStop'));
        $this->server->on('WorkerStart',array($this,'onWorkerStart'));
        $this->server->on('WorkerStop',array($this,'onWorkerStop'));
        $this->server->on('WorkerError',array($this,'onWorkerError'));
        $this->server->on('Connect',array($this,'onConnect'));
        $this->server->on('Receive',array($this,'onReceive'));
        $this->server->on('Close',array($this,'onClose'));
        //管理端口
        $this->server->addlistener($this->host,$this->manager_port,SWOOLE_SOCK_TCP);
        //tls
        $this->server->addlistener($this->host,$this->ftps_port,SWOOLE_SOCK_TCP | SWOOLE_SSL);
        
        $this->server->start();
    }
    
    public function log($msg,$level = 'debug',$flush = false){        
        if(DEBUG_ON){
            $log = date('Y-m-d H:i:s').' ['.$level."]\t" .$msg."\n";
            if(!empty(self::$log_file)){
                $debug_file = dirname(self::$log_file).'/debug.log';                
                file_put_contents($debug_file, $log,FILE_APPEND);
                if(filesize($debug_file) > 10485760){//10M
                    unlink($debug_file);
                }
            }
            echo $log;            
        }
        if($level != 'debug'){
            //日誌記錄                        
            $this->queue[] = date('Y-m-d H:i:s')."\t[".$level."]\t".$msg;    
        }    
        if(count($this->queue)>10 && !empty(self::$log_file) || $flush){
            if (filesize(self::$log_file) > 209715200){ //200M            
                rename(self::$log_file,self::$log_file.'.'.date('His'));
            }
            $logs = '';
            foreach ($this->queue as $q){
                $logs .= $q."\n";
            }
            file_put_contents(self::$log_file, $logs,FILE_APPEND);
            $this->queue = array();
        }        
    }
    
    public function shutdown(){
        return $this->server->shutdown();
    }
    
    public function close($fd){
        return $this->server->close($fd);
    }
    
    public function send($fd,$data){
        $data = strtr($data,array("\n" => "", "\0" => "", "\r" => ""));
        $this->log("[-->]\t" . $data);
        return $this->server->send($fd,$data.self::EOF);
    }
        
    
    /*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      + 事件回調
      +++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
    
    public function onMasterStart($serv){
        global $argv;
        swoole_set_process_name('php '.$argv[0].': master -host='.$this->host.' -port='.$this->port.'/'.$this->manager_port);
        if(!empty($this->setting['pid_file'])){
            file_put_contents(self::$pid_file, $serv->master_pid);
        }
        $this->log('Master started.');
    }
    
    public function onMasterStop($serv){
        if (!empty($this->setting['pid_file'])){
            unlink(self::$pid_file);
        }
        $this->shm->delete();
        $this->log('Master stop.');
    }
    
    public function onManagerStart($serv){
        global $argv;
        swoole_set_process_name('php '.$argv[0].': manager');
        $this->log('Manager started.');
    }
    
    public function onManagerStop($serv){
        $this->log('Manager stop.');
    }
    
    public function onWorkerStart($serv,$worker_id){
        global $argv;
        if($worker_id >= $serv->setting['worker_num']) {
            swoole_set_process_name("php {$argv[0]}: worker [task]");
        } else {
            swoole_set_process_name("php {$argv[0]}: worker [{$worker_id}]");
        }
        $this->log("Worker {$worker_id} started.");
    }
    
    public function onWorkerStop($serv,$worker_id){
        $this->log("Worker {$worker_id} stop.");
    }
    
    public function onWorkerError($serv,$worker_id,$worker_pid,$exit_code){
        $this->log("Worker {$worker_id} error:{$exit_code}.");
    }
    
    public function onConnect($serv,$fd,$from_id){
        $info = $this->getConnectionInfo($fd);
        if($info['server_port'] == $this->manager_port){
            //web請求
            $this->webserver = new CWebServer();
        }else{
            $this->send($fd, "220---------- Welcome to " . self::$software . " ----------");
            $this->send($fd, "220-Local time is now " . date("H:i"));
            $this->send($fd, "220 This is a private system - No anonymous login");
            if(count($this->server->connections) <= $this->max_connection){
                if($info['server_port'] == $this->port && isset($this->setting['force_ssl']) && $this->setting['force_ssl']){
                    //若是啓用強制ssl                    
                    $this->send($fd, "421 Require implicit FTP over tls, closing control connection.");
                    $this->close($fd);
                    return ;
                }
                $this->connection[$fd] = array();
                $this->session = array();
                $this->queue = array();                
            }else{                        
                $this->send($fd, "421 Too many connections, closing control connection.");
                $this->close($fd);
            }
        }
    }
    
    public function onReceive($serv,$fd,$from_id,$recv_data){
        $info = $this->getConnectionInfo($fd);
        
        if($info['server_port'] == $this->manager_port){
            //web請求
            $this->webserver->onReceive($this->server, $fd, $recv_data);
        }else{
            $read = trim($recv_data);
            $this->log("[<--]\t" . $read);
            $cmd = explode(" ", $read);        
            $func = 'cmd_'.strtoupper($cmd[0]);
            $data = trim(str_replace($cmd[0], '', $read));
            if (!method_exists($this, $func)){
                $this->send($fd, "500 Unknown Command");
                return;
            }
            if (empty($this->connection[$fd]['login'])){
                switch($cmd[0]){
                    case 'TYPE':
                    case 'USER':
                    case 'PASS':
                    case 'QUIT':
                    case 'AUTH':
                    case 'PBSZ':
                        break;
                    default:
                        $this->send($fd,"530 You aren't logged in");
                        return;
                }
            }
            $this->$func($fd,$data);
        }
    }    
    
    public function onClose($serv,$fd,$from_id){
        //在線用戶        
        $shm_data = $this->shm->read();
        if($shm_data !== false){
            if(isset($shm_data['online'])){
                $list = array();
                foreach($shm_data['online'] as $u => $info){                    
                    if(!preg_match('/\.*-'.$fd.'$/',$u,$m))
                        $list[$u] = $info;
                }
                $shm_data['online'] = $list;
                $this->shm->write($shm_data);                
            }            
        }
        
        $this->log('Socket '.$fd.' close. Flush the logs.','debug',true);
    }
    
    /*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      + 工具函數
      +++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/    
    
    /**
     * 獲取用戶名
     * @param  $fd
     */
    public function getUser($fd){
        return isset($this->connection[$fd]['user'])?$this->connection[$fd]['user']:'';
    }
    
    
    /**
     * 獲取文件全路徑
     * @param  $user
     * @param  $file
     * @return string|boolean
     */
    public function getFile($user, $file){
        $file = $this->fillDirName($user, $file);        
        if (is_file($file)){
            return realpath($file);
        }else{
            return false;
        }
    }
    
    
    /**
     * 遍歷目錄
     * @param $rdir
     * @param $showHidden
     * @param $format list/mlsd
     * @return string
     * 
     * list 使用local時間
     * mlsd 使用gmt時間
     */
    public function getFileList($user, $rdir, $showHidden = false, $format = 'list'){
        $filelist = '';
        if($format == 'mlsd'){
            $stats = stat($rdir);
            $filelist.= 'Type=cdir;Modify='.gmdate('YmdHis',$stats['mtime']).';UNIX.mode=d'.$this->mode2char($stats['mode']).'; '.$this->getUserDir($user)."\r\n";
        }
        if ($handle = opendir($rdir)){
            $isListable = $this->user->isFolderListable($user, $rdir);
            while (false !== ($file = readdir($handle))){
                if ($file == '.' or $file == '..'){
                    continue;
                }
                if ($file{0} == "." and !$showHidden){
                    continue;
                }
                //若是當前目錄$rdir不容許列出,則判斷當前目錄下的目錄是否配置爲能夠列出                
                if(!$isListable){    
                    $dir = $rdir . $file;
                    if(is_dir($dir)){
                        $dir = $this->joinPath($dir, '/');
                        if($this->user->isFolderListable($user, $dir)){                            
                            goto listFolder;
                        }
                    }
                    continue;
                }    
                listFolder:            
                $stats = stat($rdir . $file);
                if (is_dir($rdir . "/" . $file)) $mode = "d"; else $mode = "-";
                $mode .= $this->mode2char($stats['mode']);
                if($format == 'mlsd'){
                    if($mode[0] == 'd'){
                        $filelist.= 'Type=dir;Modify='.gmdate('YmdHis',$stats['mtime']).';UNIX.mode='.$mode.'; '.$file."\r\n";
                    }else{
                        $filelist.= 'Type=file;Size='.$stats['size'].';Modify='.gmdate('YmdHis',$stats['mtime']).';UNIX.mode='.$mode.'; '.$file."\r\n";
                    }
                }else{
                    $uidfill = "";
                    for ($i = strlen($stats['uid']); $i < 5; $i++) $uidfill .= " ";
                    $gidfill = "";
                    for ($i = strlen($stats['gid']); $i < 5; $i++) $gidfill .= " ";
                    $sizefill = "";
                    for ($i = strlen($stats['size']); $i < 11; $i++) $sizefill .= " ";
                    $nlinkfill = "";
                    for ($i = strlen($stats['nlink']); $i < 5; $i++) $nlinkfill .= " ";
                    $mtime = date("M d H:i", $stats['mtime']);
                    $filelist .= $mode . $nlinkfill . $stats['nlink'] . " " . $stats['uid'] . $uidfill . $stats['gid'] . $gidfill . $sizefill . $stats['size'] . " " . $mtime . " " . $file . "\r\n";
                }
            }
            closedir($handle);
        }
        return $filelist;
    }
    
    /**
     * 將文件的全新從數字轉換爲字符串
     * @param int $int
     */
    public function mode2char($int){
        $mode = '';
        $moded = sprintf("%o", ($int & 000777));
        $mode1 = substr($moded, 0, 1);
        $mode2 = substr($moded, 1, 1);
        $mode3 = substr($moded, 2, 1);
        switch ($mode1) {
            case "0":
                $mode .= "---";
                break;
            case "1":
                $mode .= "--x";
                break;
            case "2":
                $mode .= "-w-";
                break;
            case "3":
                $mode .= "-wx";
                break;
            case "4":
                $mode .= "r--";
                break;
            case "5":
                $mode .= "r-x";
                break;
            case "6":
                $mode .= "rw-";
                break;
            case "7":
                $mode .= "rwx";
                break;
        }
        switch ($mode2) {
            case "0":
                $mode .= "---";
                break;
            case "1":
                $mode .= "--x";
                break;
            case "2":
                $mode .= "-w-";
                break;
            case "3":
                $mode .= "-wx";
                break;
            case "4":
                $mode .= "r--";
                break;
            case "5":
                $mode .= "r-x";
                break;
            case "6":
                $mode .= "rw-";
                break;
            case "7":
                $mode .= "rwx";
                break;
        }
        switch ($mode3) {
            case "0":
                $mode .= "---";
                break;
            case "1":
                $mode .= "--x";
                break;
            case "2":
                $mode .= "-w-";
                break;
            case "3":
                $mode .= "-wx";
                break;
            case "4":
                $mode .= "r--";
                break;
            case "5":
                $mode .= "r-x";
                break;
            case "6":
                $mode .= "rw-";
                break;
            case "7":
                $mode .= "rwx";
                break;
        }
        return $mode;
    }
    
    /**
     * 設置用戶當前的路徑    
     * @param $user
     * @param $pwd
     */
    public function setUserDir($user, $cdir){
        $old_dir = $this->session[$user]['pwd'];
        if ($old_dir == $cdir){
            return $cdir;
        }    
        if($cdir[0] != '/')
            $cdir = $this->joinPath($old_dir,$cdir);        
        $this->session[$user]['pwd'] = $cdir;
        $abs_dir = realpath($this->getAbsDir($user));
        if (!$abs_dir){
            $this->session[$user]['pwd'] = $old_dir;
            return false;
        }
        $this->session[$user]['pwd'] = $this->joinPath('/',substr($abs_dir, strlen($this->session[$user]['home'])));
        $this->session[$user]['pwd'] = $this->joinPath($this->session[$user]['pwd'],'/');
        $this->log("CHDIR: $old_dir -> $cdir");
        return $this->session[$user]['pwd'];
    }
    
    /**
     * 獲取全路徑
     * @param $user
     * @param $file
     * @return string
     */
    public function fillDirName($user, $file){        
        if (substr($file, 0, 1) != "/"){
            $file = '/'.$file;
            $file = $this->joinPath($this->getUserDir( $user), $file);
        }                
        $file = $this->joinPath($this->session[$user]['home'],$file);
        return $file;
    }
    
    /**
     * 獲取用戶路徑
     * @param unknown $user
     */
    public function getUserDir($user){
        return $this->session[$user]['pwd'];
    }
    
    /**
     * 獲取用戶的當前文件系統絕對路徑,非chroot路徑
     * @param $user
     * @return string
     */
    public function getAbsDir($user){
        $rdir = $this->joinPath($this->session[$user]['home'],$this->session[$user]['pwd']);
        return $rdir;
    }
    
    /**
     * 路徑鏈接
     * @param string $path1
     * @param string $path2
     * @return string
     */
    public function joinPath($path1,$path2){        
        $path1 = rtrim($path1,'/');
        $path2 = trim($path2,'/');
        return $path1.'/'.$path2;
    }
    
    /**
     * IP判斷
     * @param string $ip
     * @return boolean
     */
    public function isIPAddress($ip){
        if (!is_numeric($ip[0]) || $ip[0] < 1 || $ip[0] > 254) {
            return false;
        } elseif (!is_numeric($ip[1]) || $ip[1] < 0 || $ip[1] > 254) {
            return false;
        } elseif (!is_numeric($ip[2]) || $ip[2] < 0 || $ip[2] > 254) {
            return false;
        } elseif (!is_numeric($ip[3]) || $ip[3] < 1 || $ip[3] > 254) {
            return false;
        } elseif (!is_numeric($ip[4]) || $ip[4] < 1 || $ip[4] > 500) {
            return false;
        } elseif (!is_numeric($ip[5]) || $ip[5] < 1 || $ip[5] > 500) {
            return false;
        } else {
            return true;
        }
    }
    
    /**
     * 獲取pasv端口
     * @return number
     */
    public function getPasvPort(){
        $min = is_int($this->pasv_port_range[0])?$this->pasv_port_range[0]:55000;
        $max = is_int($this->pasv_port_range[1])?$this->pasv_port_range[1]:60000;
        $max = $max <= 65535 ? $max : 65535;
        $loop = 0;
        $port = 0;
        while($loop < 10){
            $port = mt_rand($min, $max);
            if($this->isAvailablePasvPort($port)){                
                break;
            }
            $loop++;
        }        
        return $port;
    }
    
    public function pushPasvPort($port){
        $shm_data = $this->shm->read();
        if($shm_data !== false){
            if(isset($shm_data['pasv_port'])){
                array_push($shm_data['pasv_port'], $port);
            }else{
                $shm_data['pasv_port'] = array($port);
            }
            $this->shm->write($shm_data);
            $this->log('Push pasv port: '.implode(',', $shm_data['pasv_port']));
            return true;
        }
        return false;
    }
    
    public function popPasvPort($port){
        $shm_data = $this->shm->read();
        if($shm_data !== false){
            if(isset($shm_data['pasv_port'])){
                $tmp = array();
                foreach ($shm_data['pasv_port'] as $p){
                    if($p != $port){
                        $tmp[] = $p;
                    }
                }
                $shm_data['pasv_port'] = $tmp;
            }
            $this->shm->write($shm_data);
            $this->log('Pop pasv port: '.implode(',', $shm_data['pasv_port']));
            return true;
        }
        return false;
    }
    
    public function isAvailablePasvPort($port){
        $shm_data = $this->shm->read();
        if($shm_data !== false){
            if(isset($shm_data['pasv_port'])){
                return !in_array($port, $shm_data['pasv_port']);
            }
            return true;
        }
        return false;
    }
    
    /**
     * 獲取當前數據連接tcp個數
     */
    public function getDataConnections(){
        $shm_data = $this->shm->read();
        if($shm_data !== false){
            if(isset($shm_data['pasv_port'])){
                return count($shm_data['pasv_port']);
            }            
        }
        return 0;
    }    
    
    /**
     * 關閉數據傳輸socket
     * @param $user
     * @return bool
     */
    public function closeUserSock($user){
        $peer = stream_socket_get_name($this->session[$user]['sock'], false);
        list($ip,$port) = explode(':', $peer);
        //釋放端口占用
        $this->popPasvPort($port);
        fclose($this->session[$user]['sock']);
        $this->session[$user]['sock'] = 0;
        return true;
    }
    
    /**
     * @param $user
     * @return resource
     */
    public function getUserSock($user){
        //被動模式
        if ($this->session[$user]['pasv'] == true){
            if (empty($this->session[$user]['sock'])){
                $addr = stream_socket_get_name($this->session[$user]['serv_sock'], false);
                list($ip, $port) = explode(':', $addr);
                $sock = stream_socket_accept($this->session[$user]['serv_sock'], 5);
                if ($sock){
                    $peer = stream_socket_get_name($sock, true);
                    $this->log("Accept: success client is $peer.");
                    $this->session[$user]['sock'] = $sock;
                    //關閉server socket
                    fclose($this->session[$user]['serv_sock']);
                }else{
                    $this->log("Accept: failed.");
                    //釋放端口
                    $this->popPasvPort($port);
                    return false;
                }
            }
        }
        return $this->session[$user]['sock'];
    }
    
    
    
    /*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      + FTP Command
      +++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
    
    //==================
    //RFC959
    //==================
    /**
     * 登陸用戶名
     * @param $fd
     * @param $data
     */
    public function cmd_USER($fd, $data){
        if (preg_match("/^([a-z0-9.@]+)$/", $data)){
            $user = strtolower($data);
            $this->connection[$fd]['user'] = $user;            
            $this->send($fd, "331 User $user OK. Password required");
        }else{
            $this->send($fd, "530 Login authentication failed");
        }
    }
    
    /**
     * 登陸密碼
     * @param $fd
     * @param $data
     */
    public function cmd_PASS($fd, $data){
        $user = $this->connection[$fd]['user'];
        $pass = $data;
        $info = $this->getConnectionInfo($fd);
        $ip = $info['remote_ip'];
        //判斷登錄失敗次數
        if($this->user->isAttemptLimit($this->shm, $user, $ip)){
            $this->send($fd, "530 Login authentication failed: Too many login attempts. Blocked in 10 minutes.");
            return;
        }    
        if ($this->user->checkUser($user, $pass, $ip)){
            $dir = "/";
            $this->session[$user]['pwd'] = $dir;
            //ftp根目錄            
            $this->session[$user]['home'] = $this->user->getHomeDir($user);
            if(empty($this->session[$user]['home']) || !is_dir($this->session[$user]['home'])){
                $this->send($fd, "530 Login authentication failed: `home` path error.");
            }else{
                $this->connection[$fd]['login'] = true;
                //在線用戶
                $shm_data = $this->user->addOnline($this->shm, $this->server, $user, $fd, $ip);
                $this->log('SHM: '.json_encode($shm_data) );
                
                $this->send($fd, "230 OK. Current restricted directory is " . $dir);                
                $this->log('User '.$user .' has login successfully! IP: '.$ip,'warn');
            }
        }else{
            $this->user->addAttempt($this->shm, $user, $ip);
            $this->log('User '.$user .' login fail! IP: '.$ip,'warn');
            $this->send($fd, "530 Login authentication failed: check your pass or ip allow rules.");
        }
    }
    
    /**
     * 更改當前目錄
     * @param $fd
     * @param $data
     */
    public function cmd_CWD($fd, $data){
        $user = $this->getUser($fd);
        if (($dir = $this->setUserDir($user, $data)) != false){
            $this->send($fd, "250 OK. Current directory is " . $dir);
        }else{
            $this->send($fd, "550 Can't change directory to " . $data . ": No such file or directory");
        }
    }
    
    /**
     * 返回上級目錄
     * @param  $fd
     * @param  $data
     */
    public function cmd_CDUP($fd, $data){
        $data = '..';
        $this->cmd_CWD($fd, $data);
    }
    
    
    /**
     * 退出服務器
     * @param $fd
     * @param $data
     */
    public function cmd_QUIT($fd, $data){
        $this->send($fd,"221 Goodbye.");
        unset($this->connection[$fd]);
    }
        
    /**
     * 獲取當前目錄
     * @param $fd
     * @param $data
     */
    public function cmd_PWD($fd, $data){
        $user = $this->getUser($fd);
        $this->send($fd, "257 \"" . $this->getUserDir($user) . "\" is your current location");
    }
    
    /**
     * 下載文件
     * @param $fd
     * @param $data
     */
    public function cmd_RETR($fd, $data){
        $user = $this->getUser($fd);
        $ftpsock = $this->getUserSock($user);
        if (!$ftpsock){
            $this->send($fd, "425 Connection Error");
            return;
        }
        if (($file = $this->getFile($user, $data)) != false){
            if($this->user->isReadable($user, $file)){
                $this->send($fd, "150 Connecting to client");
                if ($fp = fopen($file, "rb")){
                    //斷點續傳
                    if(isset($this->session[$user]['rest_offset'])){
                        if(!fseek($fp, $this->session[$user]['rest_offset'])){
                            $this->log("RETR at offset ".ftell($fp));
                        }else{
                            $this->log("RETR at offset ".ftell($fp).' fail.');
                        }
                        unset($this->session[$user]['rest_offset']);
                    }                    
                    while (!feof($fp)){                        
                        $cont = fread($fp, 8192);                        
                        if (!fwrite($ftpsock, $cont)) break;                        
                    }
                    if (fclose($fp) and $this->closeUserSock($user)){
                        $this->send($fd, "226 File successfully transferred");
                        $this->log($user."\tGET:".$file,'info');
                    }else{
                        $this->send($fd, "550 Error during file-transfer");
                    }
                }else{
                    $this->send($fd, "550 Can't open " . $data . ": Permission denied");
                }
            }else{
                $this->send($fd, "550 You're unauthorized: Permission denied");
            }
        }else{
            $this->send($fd, "550 Can't open " . $data . ": No such file or directory");
        }
    }
    
    /**
     * 上傳文件
     * @param $fd
     * @param $data
     */
    public function cmd_STOR($fd, $data){
        $user = $this->getUser($fd);
        $ftpsock = $this->getUserSock($user);
        if (!$ftpsock){
            $this->send($fd, "425 Connection Error");
            return;
        }
        $file = $this->fillDirName($user, $data);
        $isExist = false;
        if(file_exists($file))$isExist = true;
        if((!$isExist && $this->user->isWritable($user, $file)) ||
            ($isExist && $this->user->isAppendable($user, $file))){
            if($isExist){
                $fp = fopen($file, "rb+");
                $this->log("OPEN for STOR.");
            }else{
                $fp = fopen($file, 'wb');
                $this->log("CREATE for STOR.");
            }
            if (!$fp){
                $this->send($fd, "553 Can't open that file: Permission denied");
            }else{
                //斷點續傳,須要Append權限
                if(isset($this->session[$user]['rest_offset'])){
                    if(!fseek($fp, $this->session[$user]['rest_offset'])){
                        $this->log("STOR at offset ".ftell($fp));
                    }else{
                        $this->log("STOR at offset ".ftell($fp).' fail.');
                    }
                    unset($this->session[$user]['rest_offset']);
                }
                $this->send($fd, "150 Connecting to client");
                while (!feof($ftpsock)){
                    $cont = fread($ftpsock, 8192);
                    if (!$cont) break;
                    if (!fwrite($fp, $cont)) break;
                }
                touch($file);//設定文件的訪問和修改時間
                if (fclose($fp) and $this->closeUserSock($user)){
                    $this->send($fd, "226 File successfully transferred");
                    $this->log($user."\tPUT: $file",'info');
                }else{
                    $this->send($fd, "550 Error during file-transfer");
                }
            }
        }else{
            $this->send($fd, "550 You're unauthorized: Permission denied");
            $this->closeUserSock($user);
        }
    }
    
    /**
     * 文件追加
     * @param $fd
     * @param $data
     */
    public function cmd_APPE($fd,$data){
        $user = $this->getUser($fd);
        $ftpsock = $this->getUserSock($user);
        if (!$ftpsock){
            $this->send($fd, "425 Connection Error");
            return;
        }
        $file = $this->fillDirName($user, $data);
        $isExist = false;
        if(file_exists($file))$isExist = true;
        if((!$isExist && $this->user->isWritable($user, $file)) ||
        ($isExist && $this->user->isAppendable($user, $file))){
            $fp = fopen($file, "rb+");
            if (!$fp){
                $this->send($fd, "553 Can't open that file: Permission denied");
            }else{
                //斷點續傳,須要Append權限
                if(isset($this->session[$user]['rest_offset'])){
                    if(!fseek($fp, $this->session[$user]['rest_offset'])){
                        $this->log("APPE at offset ".ftell($fp));
                    }else{
                        $this->log("APPE at offset ".ftell($fp).' fail.');
                    }
                    unset($this->session[$user]['rest_offset']);
                }
                $this->send($fd, "150 Connecting to client");
                while (!feof($ftpsock)){
                    $cont = fread($ftpsock, 8192);
                    if (!$cont) break;
                    if (!fwrite($fp, $cont)) break;
                }
                touch($file);//設定文件的訪問和修改時間
                if (fclose($fp) and $this->closeUserSock($user)){
                    $this->send($fd, "226 File successfully transferred");
                    $this->log($user."\tAPPE: $file",'info');
                }else{
                    $this->send($fd, "550 Error during file-transfer");
                }
            }
        }else{
            $this->send($fd, "550 You're unauthorized: Permission denied");
            $this->closeUserSock($user);
        }
    }
    
    /**
     * 文件重命名,源文件
     * @param $fd
     * @param $data
     */
    public function cmd_RNFR($fd, $data){
        $user = $this->getUser($fd);
        $file = $this->fillDirName($user, $data);
        if (file_exists($file) || is_dir($file)){
            $this->session[$user]['rename'] = $file;
            $this->send($fd, "350 RNFR accepted - file exists, ready for destination");            
        }else{
            $this->send($fd, "550 Sorry, but that '$data' doesn't exist");
        }
    }
    /**
     * 文件重命名,目標文件
     * @param $fd
     * @param $data
     */
    public function cmd_RNTO($fd, $data){
        $user = $this->getUser($fd);
        $old_file = $this->session[$user]['rename'];
        $new_file = $this->fillDirName($user, $data);
        $isDir = false;
        if(is_dir($old_file)){
            $isDir = true;
            $old_file = $this->joinPath($old_file, '/');
        }
        if((!$isDir && $this->user->isRenamable($user, $old_file)) || 
            ($isDir && $this->user->isFolderRenamable($user, $old_file))){
            if (empty($old_file) or !is_dir(dirname($new_file))){
                $this->send($fd, "451 Rename/move failure: No such file or directory");
            }elseif (rename($old_file, $new_file)){
                $this->send($fd, "250 File successfully renamed or moved");
                $this->log($user."\tRENAME: $old_file to $new_file",'warn');
            }else{
                $this->send($fd, "451 Rename/move failure: Operation not permitted");
            }
        }else{
            $this->send($fd, "550 You're unauthorized: Permission denied");
        }
        unset($this->session[$user]['rename']);
    }
    
    /**
     * 刪除文件
     * @param $fd
     * @param $data
     */
    public function cmd_DELE($fd, $data){
        $user = $this->getUser($fd);
        $file = $this->fillDirName($user, $data);
        if($this->user->isDeletable($user, $file)){
            if (!file_exists($file)){
                $this->send($fd, "550 Could not delete " . $data . ": No such file or directory");
            }
            elseif (unlink($file)){
                $this->send($fd, "250 Deleted " . $data);
                $this->log($user."\tDEL: $file",'warn');
            }else{
                $this->send($fd, "550 Could not delete " . $data . ": Permission denied");
            }
        }else{
            $this->send($fd, "550 You're unauthorized: Permission denied");
        }
    }
    
    /**
     * 建立目錄
     * @param $fd
     * @param $data
     */
    public function cmd_MKD($fd, $data){
        $user = $this->getUser($fd);
        $path = '';
        if($data[0] == '/'){
            $path  = $this->joinPath($this->session[$user]['home'],$data);
        }else{
            $path = $this->joinPath($this->getAbsDir($user),$data);
        }
        $path = $this->joinPath($path, '/');        
        if($this->user->isFolderCreatable($user, $path)){
            if (!is_dir(dirname($path))){
                $this->send($fd, "550 Can't create directory: No such file or directory");
            }elseif(file_exists($path)){
                $this->send($fd, "550 Can't create directory: File exists");
            }else{
                if (mkdir($path)){
                    $this->send($fd, "257 \"" . $data . "\" : The directory was successfully created");
                    $this->log($user."\tMKDIR: $path",'info');
                }else{
                    $this->send($fd, "550 Can't create directory: Permission denied");
                }
            }
        }else{
            $this->send($fd, "550 You're unauthorized: Permission denied");
        }
    }
    
    /**
     * 刪除目錄
     * @param $fd
     * @param $data
     */
    public function cmd_RMD($fd, $data){
        $user = $this->getUser($fd);
        $dir = '';
        if($data[0] == '/'){
            $dir = $this->joinPath($this->session[$user]['home'], $data);
        }else{
            $dir = $this->fillDirName($user, $data);
        }
        $dir = $this->joinPath($dir, '/');
        if($this->user->isFolderDeletable($user, $dir)){
            if (is_dir(dirname($dir)) and is_dir($dir)){
                if (count(glob($dir . "/*"))){
                    $this->send($fd, "550 Can't remove directory: Directory not empty");
                }elseif (rmdir($dir)){
                    $this->send($fd, "250 The directory was successfully removed");
                    $this->log($user."\tRMDIR: $dir",'warn');
                }else{
                    $this->send($fd, "550 Can't remove directory: Operation not permitted");
                }
            }elseif (is_dir(dirname($dir)) and file_exists($dir)){
                $this->send($fd, "550 Can't remove directory: Not a directory");
            }else{
                $this->send($fd, "550 Can't create directory: No such file or directory");
            }
        }else{
            $this->send($fd, "550 You're unauthorized: Permission denied");
        }
    }
    
    
    
    /**
     * 獲得服務器類型
     * @param $fd
     * @param $data
     */
    public function cmd_SYST($fd, $data){
        $this->send($fd, "215 UNIX Type: L8");
    }
    
    
    
    
    
    /**
     * 權限控制
     * @param $fd
     * @param $data
     */
    public function cmd_SITE($fd, $data){
        if (substr($data, 0, 6) == "CHMOD "){
            $user = $this->getUser($fd);
            $chmod = explode(" ", $data, 3);
            $file = $this->fillDirName($user, $chmod[2]);
            if($this->user->isWritable($user, $file)){
                if (chmod($file, octdec($chmod[1]))){
                    $this->send($fd, "200 Permissions changed on {$chmod[2]}");
                    $this->log($user."\tCHMOD: $file to {$chmod[1]}",'info');
                }else{
                    $this->send($fd, "550 Could not change perms on " . $chmod[2] . ": Permission denied");
                }
            }else{
                $this->send($fd, "550 You're unauthorized: Permission denied");
            }
        }else{
            $this->send($fd, "500 Unknown Command");
        }
    }    
    
    
    
    
    /**
     * 更改傳輸類型
     * @param $fd
     * @param $data
     */
    public function cmd_TYPE($fd, $data){
        switch ($data){
            case "A":
                $type = "ASCII";
                break;
            case "I":
                $type = "8-bit binary";
                break;
        }
        $this->send($fd, "200 TYPE is now " . $type);
    }
    
    /**
     * 遍歷目錄
     * @param $fd
     * @param $data
     */
    public function cmd_LIST($fd, $data){
        $user = $this->getUser($fd);
        $ftpsock = $this->getUserSock($user);
        if (!$ftpsock){
            $this->send($fd, "425 Connection Error");
            return;
        }        
        $path = $this->joinPath($this->getAbsDir($user),'/');
        $this->send($fd, "150 Opening ASCII mode data connection for file list");
        $filelist = $this->getFileList($user, $path, true);
        fwrite($ftpsock, $filelist);            
        $this->send($fd, "226 Transfer complete.");        
        $this->closeUserSock($user);
    }
    
    /**
     * 創建數據傳輸通
     * @param $fd
     * @param $data
     */
// 不使用主動模式    
//     public function cmd_PORT($fd, $data){
//         $user = $this->getUser($fd);
//         $port = explode(",", $data);
//         if (count($port) != 6){
//             $this->send($fd, "501 Syntax error in IP address");
//         }else{
//             if (!$this->isIPAddress($port)){
//                 $this->send($fd, "501 Syntax error in IP address");
//                 return;
//             }
//             $ip = $port[0] . "." . $port[1] . "." . $port[2] . "." . $port[3];
//             $port = hexdec(dechex($port[4]) . dechex($port[5]));
//             if ($port < 1024){
//                 $this->send($fd, "501 Sorry, but I won't connect to ports < 1024");
//             }elseif ($port > 65000){
//                 $this->send($fd, "501 Sorry, but I won't connect to ports > 65000");
//             }else{            
//                 $ftpsock = fsockopen($ip, $port);                                
//                 if ($ftpsock){
//                     $this->session[$user]['sock'] = $ftpsock;
//                     $this->session[$user]['pasv'] = false;                                            
//                     $this->send($fd, "200 PORT command successful");                        
//                 }else{
//                     $this->send($fd, "501 Connection failed");
//                 }
//             }
//         }
//     }
    
    
    
    /**
     * 被動模式    
     * @param unknown $fd
     * @param unknown $data
     */
    public function cmd_PASV($fd, $data){
        $user = $this->getUser($fd);
        $ssl = false;
        $pasv_port = $this->getPasvPort();
        if($this->connection[$fd]['ssl'] === true){
            $ssl = true;
            $context = stream_context_create();            
            // local_cert must be in PEM format
            stream_context_set_option($context, 'ssl', 'local_cert', $this->setting['ssl_cert_file']);
            // Path to local private key file 
            stream_context_set_option($context, 'ssl', 'local_pk', $this->setting['ssl_key_file']);
            
            stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
            stream_context_set_option($context, 'ssl', 'verify_peer', false);
            stream_context_set_option($context, 'ssl', 'verify_peer_name', false);    
            stream_context_set_option($context, 'ssl', 'passphrase', '');
            
            // Create the server socket
            $sock = stream_socket_server('ssl://0.0.0.0:'.$pasv_port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $context);
        }else{
            $sock = stream_socket_server('tcp://0.0.0.0:'.$pasv_port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN);
        }
        if ($sock){
            $addr = stream_socket_get_name($sock, false);
            list($ip, $port) = explode(':', $addr);
            $ipArr = swoole_get_local_ip();
            foreach($ipArr as $nic => $addr){
                $ip = $addr;
            }
            $this->log("ServerSock: $ip:$port");
            $ip = str_replace('.', ',', $ip);
            $this->send($fd, "227 Entering Passive Mode ({$ip},".(intval($port) >> 8 & 0xff).",".(intval($port) & 0xff)."). ".$port." ".($ssl?'ssl':''));
            $this->session[$user]['serv_sock'] = $sock;
            $this->session[$user]['pasv'] = true;
            $this->pushPasvPort($port);
        }else{
            fclose($sock);
            $this->send($fd, "500 failed to create data socket: ".$errstr);
        }
    }
    
    
    
    public function cmd_NOOP($fd,$data){
        $this->send($fd, "200 OK");
    }
    
    //==================
    //RFC2228
    //==================
    
    public function cmd_PBSZ($fd,$data){
        $this->send($fd, '200 Command okay.');
    }
    
    public function cmd_PROT($fd,$data){
        if(trim($data) == 'P'){
            $this->connection[$fd]['ssl'] = true;
            $this->send($fd, '200 Set Private level on data connection.');
        }elseif(trim($data) == 'C'){
            $this->connection[$fd]['ssl'] = false;
            $this->send($fd, '200 Set Clear level on data connection.');
        }else{
            $this->send($fd, '504 Command not implemented for that parameter.');
        }
        
    }
    
    //==================
    //RFC2389
    //==================
    public function cmd_FEAT($fd,$data){
        $this->send($fd, '211-Features supported');
        $this->send($fd, 'MDTM');
        $this->send($fd, 'SIZE');
        $this->send($fd, 'SITE CHMOD');
        $this->send($fd, 'REST STREAM');
        $this->send($fd, 'MLSD Type*;Size*;Modify*;UNIX.mode*;');
        $this->send($fd, 'PBSZ');
        $this->send($fd, 'PROT');
        $this->send($fd, '211 End');
    }
    //關閉utf8對中文文件名有影響
    public function cmd_OPTS($fd,$data){
        $this->send($fd, '502 Command not implemented.');
    }
    
    
    //==================
    //RFC3659
    //==================
    /**
     * 獲取文件修改時間
     * @param unknown $fd
     * @param unknown $data
     */
    public function cmd_MDTM($fd,$data){
        $user = $this->getUser($fd);
        if (($file = $this->getFile($user, $data)) != false){
            $this->send($fd, '213 '.date('YmdHis.u',filemtime($file)));
        }else{
            $this->send($fd, '550 No file named "'.$data.'"');
        }
    }
    
    /**
     * 獲取文件大小
     * @param $fd
     * @param $data
     */
    public function cmd_SIZE($fd,$data){
        $user = $this->getUser($fd);
        if (($file = $this->getFile($user, $data)) != false){
            $this->send($fd, '213 '.filesize($file));
        }else{
            $this->send($fd, '550 No file named "'.$data.'"');
        }
    }
    
    /**
     * 獲取文件列表
     * @param unknown $fd
     * @param unknown $data
     */
    public function cmd_MLSD($fd,$data){
        $user = $this->getUser($fd);
        $ftpsock = $this->getUserSock($user);
        if (!$ftpsock){
            $this->send($fd, "425 Connection Error");
            return;
        }
        $path = $this->joinPath($this->getAbsDir($user),'/');
        $this->send($fd, "150 Opening ASCII mode data connection for file list");
        $filelist = $this->getFileList($user, $path, true,'mlsd');
        fwrite($ftpsock, $filelist);
        $this->send($fd, "226 Transfer complete.");
        $this->closeUserSock($user);
    }
    
    /**
     * 設置文件offset
     * @param unknown $fd
     * @param unknown $data
     */
    public function cmd_REST($fd,$data){
        $user = $this->getUser($fd);
        $data= preg_replace('/[^0-9]/', '', $data);
        if($data != ''){
            $this->session[$user]['rest_offset'] = $data;
            $this->send($fd, '350 Restarting at '.$data.'. Send STOR or RETR');
        }else{
            $this->send($fd, '500 Syntax error, offset unrecognized.');
        }
    }
    
    /**
     * 獲取文件hash值
     * @param unknown $fd
     * @param unknown $data
     */
    public function cmd_HASH($fd,$data){
        $user = $this->getUser($fd);
        $ftpsock = $this->getUserSock($user);
        if (($file = $this->getFile($user, $data)) != false){
            if(is_file($file)){
                $algo = 'sha512';
                $this->send($fd, "200 ".hash_file($algo, $file));
            }else{
                $this->send($fd, "550 Can't open " . $data . ": No such file。");
            }            
        }else{
            $this->send($fd, "550 Can't open " . $data . ": No such file。");
        }
    }
    
    /**
     * 控制檯命令
     * @param unknown $fd
     * @param unknown $data
     */
    public function cmd_CONSOLE($fd,$data){
        $group = $this->user->getUserProfile($this->getUser($fd));
        $group = $group['group'];
        if($group != 'admin'){
            $this->send($fd, "550 You're unauthorized: Permission denied");
            return;
        }        
        $data = explode('||', $data);
        $cmd = strtoupper($data[0]);
        switch ($cmd){            
            case 'USER-ONLINE':
                $shm_data = $this->shm->read();            
                $list = array();
                if($shm_data !== false){
                    if(isset($shm_data['online'])){
                        $list = $shm_data['online'];
                    }                
                }
                $this->send($fd, '200 '.json_encode($list));
                break;        
                
                //Format: user-add||{"user":"","pass":"","home":"","expired":"","active":boolean,"group":"","description":"","email":""}
            case 'USER-ADD':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $user = isset($json['user'])?$json['user']:'';
                    $pass = isset($json['pass'])?$json['pass']:'';
                    $home = isset($json['home'])?$json['home']:'';
                    $expired = isset($json['expired'])?$json['expired']:'1999-01-01';
                    $active = isset($json['active'])?$json['active']:false;
                    $group = isset($json['group'])?$json['group']:'';
                    $description = isset($json['description'])?$json['description']:'';
                    $email = isset($json['email'])?$json['email']:'';
                    if($this->user->addUser($user,$pass,$home,$expired,$active,$group,$description,$email)){
                        $this->user->save();
                        $this->user->reload();
                        $this->send($fd, '200 User "'.$user.'" added.');
                    }else{
                        $this->send($fd, '550 Add fail!');
                    }
                }else{
                    $this->send($fd, '500 Syntax error: USER-ADD||{"user":"","pass":"","home":"","expired":"","active":boolean,"group":"","description":""}');
                }
                break;
                
                //Format: user-set-profile||{"user":"","profile":[]}
            case 'USER-SET-PROFILE':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $user = isset($json['user'])?$json['user']:'';
                    $profile = isset($json['profile'])?$json['profile']:array();                    
                    if($this->user->setUserProfile($user, $profile)){
                        $this->user->save();
                        $this->user->reload();
                        $this->send($fd, '200 User "'.$user.'" profile changed.');
                    }else{
                        $this->send($fd, '550 Set profile fail!');
                    }
                }else{
                    $this->send($fd, '500 Syntax error: USER-SET-PROFILE||{"user":"","profile":[]}');
                }                
                break;    
                //Format: user-get-profile||{"user":""}
            case 'USER-GET-PROFILE':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $user = isset($json['user'])?$json['user']:'';
                    $this->user->reload();
                    if($profile = $this->user->getUserProfile($user)){                        
                        $this->send($fd, '200 '.json_encode($profile));
                    }else{
                        $this->send($fd, '550 Get profile fail!');
                    }
                }else{
                    $this->send($fd, '500 Syntax error: USER-GET-PROFILE||{"user":""}');
                }                
                break;
                //Format: user-delete||{"user":""}
            case 'USER-DELETE':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $user = isset($json['user'])?$json['user']:'';
                    if($this->user->delUser($user)){
                        $this->user->save();
                        $this->user->reload();
                        $this->send($fd, '200 User '.$user.' deleted.');
                    }else{
                        $this->send($fd, '550 Delete user fail!');
                    }
                }else{
                    $this->send($fd, '500 Syntax error: USER-DELETE||{"user":""}');
                }
                break;
            case 'USER-LIST':
                $this->user->reload();
                $list = $this->user->getUserList();
                $this->send($fd, '200 '.json_encode($list));
                break;
                
                //Format: group-add||{"group":"","home":""}
            case 'GROUP-ADD':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $group = isset($json['group'])?$json['group']:'';                    
                    $home = isset($json['home'])?$json['home']:'';                    
                    if($this->user->addGroup($group, $home)){
                        $this->user->save();
                        $this->user->reload();
                        $this->send($fd, '200 Group "'.$group.'" added.');
                    }else{
                        $this->send($fd, '550 Add group fail!');
                    }
                }else{
                    $this->send($fd, '500 Syntax error: GROUP-ADD||{"group":"","home":""}');
                }
                break;
                
            //Format: group-set-profile||{"group":"","profile":[]}
            case 'GROUP-SET-PROFILE':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $group = isset($json['group'])?$json['group']:'';
                    $profile = isset($json['profile'])?$json['profile']:array();
                    if($this->user->setGroupProfile($group, $profile)){
                        $this->user->save();
                        $this->user->reload();
                        $this->send($fd, '200 Group "'.$group.'" profile changed.');
                    }else{
                        $this->send($fd, '550 Set profile fail!');
                    }
                }else{
                    $this->send($fd, '500 Syntax error: GROUP-SET-PROFILE||{"group":"","profile":[]}');
                }
                break;
                
                //Format: group-get-profile||{"group":""}
            case 'GROUP-GET-PROFILE':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $group = isset($json['group'])?$json['group']:'';
                    $this->user->reload();
                    if($profile = $this->user->getGroupProfile($group)){
                        $this->send($fd, '200 '.json_encode($profile));
                    }else{
                        $this->send($fd, '550 Get profile fail!');
                    }
                }else{
                    $this->send($fd, '500 Syntax error: GROUP-GET-PROFILE||{"group":""}');
                }
                break;
            //Format: group-delete||{"group":""}
            case 'GROUP-DELETE':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $group = isset($json['group'])?$json['group']:'';
                    if($this->user->delGroup($group)){
                        $this->user->save();
                        $this->user->reload();
                        $this->send($fd, '200 Group '.$group.' deleted.');
                    }else{
                        $this->send($fd, '550 Delete group fail!');
                    }
                }else{
                    $this->send($fd, '500 Syntax error: GROUP-DELETE||{"group":""}');
                }
                break;
                
            case 'GROUP-LIST':
                $this->user->reload();
                $list = $this->user->getGroupList();
                $this->send($fd, '200 '.json_encode($list));
                break;
                //獲取組用戶列表
                //Format: group-user-list||{"group":""}
            case 'GROUP-USER-LIST':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $group = isset($json['group'])?$json['group']:'';
                    $this->user->reload();
                    $this->send($fd, '200 '.json_encode($this->user->getUserListOfGroup($group)));
                }else{
                    $this->send($fd, '500 Syntax error: GROUP-USER-LIST||{"group":""}');
                }
                break;
                // 獲取磁盤空間
                //Format: disk-total||{"path":""}
            case 'DISK-TOTAL':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $path = isset($json['path'])?$json['path']:'';
                    $size = 0;
                    if($path){
                        $size = disk_total_space($path);
                    }
                    $this->send($fd, '200 '.$size);
                }else{
                    $this->send($fd, '500 Syntax error: DISK-TOTAL||{"path":""}');
                }
                break;
                // 獲取磁盤空間
                //Format: disk-total||{"path":""}
            case 'DISK-FREE':
                if(isset($data[1])){
                    $json = json_decode(trim($data[1]),true);
                    $path = isset($json['path'])?$json['path']:'';
                    $size = 0;
                    if($path){
                        $size = disk_free_space($path);
                    }
                    $this->send($fd, '200 '.$size);
                }else{
                    $this->send($fd, '500 Syntax error: DISK-FREE||{"path":""}');
                }
                break;
            case 'HELP':
                $list = 'USER-ONLINE USER-ADD USER-SET-PROFILE USER-GET-PROFILE USER-DELETE USER-LIST GROUP-ADD GROUP-SET-PROFILE GROUP-GET-PROFILE GROUP-DELETE GROUP-LIST GROUP-USER-LIST DISK-TOTAL DISK-FREE';
                $this->send($fd, '200 '.$list);
                break;
            default:
                $this->send($fd, '500 Syntax error.');
        }
    }    
    
}
View Code

 

 

總結:

至此,咱們就能夠實現一個完整的ftp服務器了。這個服務器的功能能夠進行徹底個性化定製。若是您有好的建議,也能夠留言給我,謝謝。json

相關文章
相關標籤/搜索