Files Class

Files Class

The Files class provides essential utilities for filesystem management, including recursive directory deletion, security scanning of file contents, and remote URL verification.

---

Static Methods Reference

delTree()

Recursively deletes a directory and all of its contents (files and subdirectories).

public static function delTree(string $dir) : bool

• Warning: This action is IRREVERSIBLE. Always validate the path before calling.
• Returns: true on success, false on failure.

---

isClean()

Scans the first 9KB of a file for potentially malicious code patterns, PHP tags, or suspicious scripts. It supports both local and remote files.

public static function isClean(string $file) : bool

• Returns: true if no suspicious patterns are found.
• Security Check Highlights:
  • PHP Execution: Blocks eval, system, base64_decode, and exec.
  • Tags: Blocks <?php, <script>, and <iframe>.
  • Protocols: Blocks javascript:, vbscript:.
  • CSS Attacks: Blocks expression() and behaviour().

---

isRemote()

Detects if a given path is a remote URL.

public static function isRemote(string $path) : bool

---

remoteExist()

Verify if a remote URL returns an HTTP 200 status code using CURL.

public static function remoteExist(string $url) : bool

---

elfinderLib()

---

Usage in GeniXCMS

The Files::isClean() method is a critical part of the GeniXCMS security layer. It is used internally by the Image Class before performing image manipulations (thumbFly) to prevent "Polyglot" file attacks where PHP code is hidden inside image headers.

---

See Also

• Asset Class API — How elFinder assets are now handled.
• Upload Class API — Handling file uploads.
• Secure Thumbnails — Image manipulation security.