/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.18 - (hide annotations)
Thu Sep 7 10:17:35 2000 UTC (23 years, 6 months ago) by dpavlin
Branch: MAIN
Changes since 1.17: +51 -0 lines
added changelog

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37 dpavlin 1.2 /*
38     2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39    
40     nuked exec calls (unsecure)
41     nuked writeable function (replaced by php is_writeable)
42     added support for https (tested with apache+mod_ssl)
43     added users file
44     date format user-selectable
45     cycle backup files in bak directory
46     support links as directoryes (for now)
47     support of file history logging
48     undelete capabilities (delete moves to .del directory)
49    
50     2000-07-26 DbP
51    
52     added more checking on entered filename (when creating file/dir)
53     added rename option
54    
55    
56     IMPORTANT INSTALLATION NOTE:
57     deny serving of .* (dot-something) files in web server!
58     Otherwise, uses can access your log files, users and/or
59     deleted files!
60    
61     .htusers is in form:
62     login:Real Name:md5(loginpassword)
63    
64    
65     TODO:
66     mixed file/directory output (add type to each entry,
67     real support for links)
68 dpavlin 1.9 retrieve old versions of files (overwritten)
69 dpavlin 1.13 show last lock date
70    
71 dpavlin 1.2 */
72    
73 dpavlin 1.1 //////////////////////////////////////////////////////////////////
74    
75     // TODO : Don't let the file be modified itself. Create a hash of
76     // it (kinda hard since it's self-referential ;-). Make better use
77     // of session management. Escapeshellcmd for all user input.
78    
79     //////////////////////////////////////////////////////////////////
80    
81     // GLOBAL PARAMETERS
82     // =================
83     // Make modifications here to suit siteman to your needs
84    
85     // error_reporting(4) ; // how verbose ?
86    
87     // username/password should not be system
88     // usernames/passwords !!
89    
90 dpavlin 1.2 // $gblPw = "hash_of_your_username_and_password" ;
91    
92     // $gblAuth = false ; // use builtin authentication
93     $gblAuth = true ; // use builtin authentication
94 dpavlin 1.1 $gblHash = "md5" ; // hash function to use
95    
96 dpavlin 1.2 $gblPw = "";
97    
98     if ($gblAuth) {
99 dpavlin 1.3 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
100     if (! file_exists($htusers_file)) {
101     $htusers=fopen($htusers_file,"a+");
102     fputs($htusers,"# Change owner of $htusers_file to root !!\n");
103     fputs($htusers,"demo:full name:md5_hash\n");
104     fclose($htusers);
105     }
106     $htusers=fopen($htusers_file,"r");
107 dpavlin 1.2 while($user = fgetcsv($htusers,255,":")) {
108     if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
109     $gblUserName=$user[1];
110     $gblPw=$user[2];
111 dpavlin 1.14 $gblEmail=$user[3];
112 dpavlin 1.2 continue ;
113     }
114     }
115     fclose($htusers);
116     }
117    
118     // $gblDateFmt="D, F d, Y";
119     // $gblTimeFmt="g:i:sA";
120    
121     $gblDateFmt="Y-m-d";
122     $gblTimeFmt="H:i:s";
123    
124 dpavlin 1.14 // Number of backup files to keep
125     $gblNumBackups=3;
126    
127     // show red star if newer than ... days
128     $gblModDays=1;
129 dpavlin 1.2
130 dpavlin 1.1 // choose GifIcon below unless you have the M$
131     // WingDings font installed on your system
132    
133     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
134    
135     // the directory below should be /icons/ or /icons/small/
136     // on Apache; a set of icons is included in the distribution
137    
138 dpavlin 1.3 $gblIconLocation = "/icons/" ;
139 dpavlin 1.1
140     // files you want to be able to edit in text mode
141     // and view with (primitive) syntax highlighting
142    
143     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
144     ".cfm",".php3",".php",".phtml",
145     ".shtml",".css" ) ;
146    
147     // files that will display as images on the detail page
148     // (useless if your browser doesn't support them)
149    
150     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
151     ".bmp",".xbm") ;
152    
153     //////////////////////////////////////////////////////////////////
154    
155     function StartHTML($title,$text="") {
156    
157     $title = "Site Manager " . $title ;
158     $host = $GLOBALS["HTTP_HOST"] ;
159     $self = $GLOBALS["PHP_SELF"] ;
160     ?>
161    
162     <HTML>
163     <HEAD>
164 dpavlin 1.4 <TITLE><?= $host . " " . $title ?></TITLE>
165 dpavlin 1.1 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
166     <META NAME="keywords" CONTENT="site manager, web site maintenance">
167     <META NAME="robots" CONTENT="noindex">
168     <META HTTP-EQUIV="expires" CONTENT="0">
169     <LINK REL="stylesheet" TYPE="text/css"
170 dpavlin 1.4 HREF="<?= $self ?>?STYLE=get">
171 dpavlin 1.1 </HEAD>
172     <BODY BGCOLOR="#FFFFFF">
173 dpavlin 1.4 <H3 ALIGN="RIGHT"><?= $host ?></H3>
174 dpavlin 1.1 <TABLE BORDER=0 WIDTH="100%"><TR>
175 dpavlin 1.4 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
176     <P><?= $text ?></P>
177 dpavlin 1.1
178     <?php
179     } // end function StartHTML
180    
181     //////////////////////////////////////////////////////////////////
182    
183     function EndHTML() {
184     ?>
185    
186     <HR>
187     <P CLASS=FTR>
188 dpavlin 1.2 <B><?= date($GLOBALS[gblDateFmt]) ?> -
189     <?= date($GLOBALS[gblTimeFmt]) ?> -
190     <?= $GLOBALS[gblUserName] ?>
191 dpavlin 1.6 <small> [<a href="<?= $GLOBALS["PHP_SELF"] ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
192 dpavlin 1.2 </B>
193     <BR>ANYPORTAL(php) Site Manager
194     <br><small>
195     &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
196     &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
197     &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
198     </small>
199 dpavlin 1.1 </P>
200 dpavlin 1.2 <BR>
201 dpavlin 1.9 <? //include(".debug.inc") ?>
202 dpavlin 1.2 <BR><BR></BODY></HTML>
203 dpavlin 1.1
204     <?php
205     } // end function EndHTML
206    
207     //////////////////////////////////////////////////////////////////
208    
209     function CSS() {
210     ?>
211    
212 dpavlin 1.2 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
213 dpavlin 1.1 .BLK { color:black; }
214     .RED { color:red; }
215     .TOP { color:red; font-size:70%; } /* table headings */
216     .INV { color:white; background-color:navy;
217     font-weight:bold; font-size:120%; } /* title */
218     .FTR { } /* footer */
219     .LST { background-color:#E0E0E0; } /* table cells */
220     .BAR { background-color:#E0E0E0; } /* action bar */
221     PRE { color:blue; font-family:Lucida Console,Courier New,
222     Courier,sans-serif; } /* source code */
223     EM { color:green; font-style:normal; } /* line numbers */
224     .REM { color:silver; }
225     .XML { color:navy; background-color:yellow; }
226     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
227     A:HOVER { color:red; }
228    
229     <?php
230     } // end function CSS
231    
232     //////////////////////////////////////////////////////////////////
233    
234     function DetailPage($fsRoot,$relDir,$fn) {
235    
236     global $gblEditable, $gblImages ;
237     $self = $GLOBALS["PHP_SELF"] ;
238    
239     $relPath = $relDir . "/" . $fn ;
240     $fsPath = $fsRoot . $relPath ;
241     $fsDir = $fsRoot . $relDir ;
242    
243     $exists = file_exists($fsPath) ;
244     $ext = strtolower(strrchr($relPath,".")) ;
245     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
246 dpavlin 1.2 $writable = is_writeable($fsPath) ;
247 dpavlin 1.6 $file_lock = CheckLock($fsPath);
248 dpavlin 1.1
249     if (!$editable && !$exists)
250     Error("Creation unsupported for type",$relPath) ;
251 dpavlin 1.2 if (!exists && !is_writeable($fsDir) )
252 dpavlin 1.1 Error("Creation denied",$relDir) ;
253    
254     $text = "Use this page to view, modify or " ;
255     $text .= "delete a single document on this " ;
256     $text .= "web site." ;
257     $title = "(Detail Page)" ;
258     StartHTML($title, $text) ;
259    
260     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
261     if ($exists) { // get file info
262 dpavlin 1.4 $fsize = filesize($fsPath) ;
263     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
264     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
265     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
266     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
267     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
268     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
269     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
270     echo " permissions: <B>" ;
271     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
272     echo "</PRE>" ;
273 dpavlin 1.2
274 dpavlin 1.1 }
275    
276 dpavlin 1.6 if ( $editable && ($writable || !$exists) && !$file_lock ) {
277 dpavlin 1.1 $fh = fopen($fsPath,"a+") ;
278     rewind($fh) ;
279     $fstr = fread($fh,filesize($fsPath)) ;
280     fclose($fh) ;
281     $fstr = htmlentities( $fstr ) ;
282     ?>
283    
284 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
285 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
286     <B>DOCUMENT CONTENTS</B>
287     </SPAN><BR>
288     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
289     echo($fstr) ; ?></TEXTAREA>
290 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
291     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
292 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
293 dpavlin 1.2 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
294 dpavlin 1.4 VALUE="<?= $relPath ; ?>">
295 dpavlin 1.2 <br>
296     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
297 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="SAVE">
298     </FORM>
299    
300     <?php
301 dpavlin 1.9 }
302 dpavlin 1.14 if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
303 dpavlin 1.6 $info = getimagesize($fsPath) ;
304 dpavlin 1.9 $tstr = "<IMG SRC=\"".urlpath($relPath)."\" BORDER=0 " ;
305 dpavlin 1.6 $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
306     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
307 dpavlin 1.9 // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
308     echo $tstr ;
309 dpavlin 1.1 }
310 dpavlin 1.6
311 dpavlin 1.1 ?>
312    
313 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
314     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
315     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
316 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
317    
318     <?php
319 dpavlin 1.6
320     if ($file_lock) {
321     ?>
322     <hr>
323     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
324     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
325     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
326     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
327     <?
328     } // file_lock
329    
330 dpavlin 1.2 if (substr($fn,0,4) == ".del") {
331     $action="UNDELETE";
332     $desc="undelete previously deleted file";
333     } else {
334     $action="DELETE";
335     $desc="delete";
336     }
337    
338 dpavlin 1.1 if ($exists && $writable) {
339     ?>
340    
341 dpavlin 1.4 <HR>
342     <a name="undelete">
343     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
344     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
345 dpavlin 1.2 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
346     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
347    
348 dpavlin 1.4 <HR>
349     <a name="rename">
350     <SPAN TITLE="Check OK and click [RENAME] to rename.">
351     <B>OK TO RENAME "<?= $fn ; ?>" TO
352 dpavlin 1.2 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
353     ? </B></SPAN>
354 dpavlin 1.1 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
355 dpavlin 1.2 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
356 dpavlin 1.1
357 dpavlin 1.5 <?php
358     } // exists && writable
359     ?>
360 dpavlin 1.4 <HR>
361     <a name="note">
362     <B>NOTE FOR "<?= $fn ; ?>":
363     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
364     </B></SPAN>
365     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
366    
367 dpavlin 1.5 </FORM>
368    
369 dpavlin 1.1 <?php
370 dpavlin 1.5
371 dpavlin 1.10 $name=basename("$fsDir/$fn");
372     $logname=dirname("$fsDir/$fn")."/.log/$name";
373     $bakdir=dirname("$fsDir/$fn")."/.bak";
374 dpavlin 1.2 if (file_exists($logname)) {
375     $log=fopen($logname,"r");
376     $cl1=" class=lst"; $cl2="";
377 dpavlin 1.10 $logarr = array();
378 dpavlin 1.2 while($line = fgetcsv($log,255,"\t")) {
379     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
380 dpavlin 1.10 array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
381 dpavlin 1.2 }
382     fclose($log);
383 dpavlin 1.10 print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
384     $bakcount = 0; // start from 0, skip fist backup (it's current)
385     while ($e = array_shift($logarr)) {
386     if (strstr($e[4],"upload")) {
387     if (file_exists("$bakdir/$bakcount/$name")) {
388     $e[4]="<a href=\"".dirname($relPath)."/.bak/$bakcount/$name\">$e[4]</a>";
389     }
390     $bakcount++;
391     }
392     print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
393     }
394 dpavlin 1.2 print "</table>";
395     }
396    
397 dpavlin 1.1 EndHTML() ;
398    
399     } // end function DetailPage
400    
401     //////////////////////////////////////////////////////////////////
402    
403     function DisplayCode($fsRoot,$relDir,$fn) {
404    
405     $path = $fsRoot . $relDir . "/" . $fn ;
406    
407     if (!file_exists($path)) Error("File not found",$path) ;
408    
409     StartHTML("(".$relDir."/".$fn.")","");
410    
411     $tstr = join("",file($path)) ;
412     $tstr = htmlentities($tstr) ;
413    
414     // Tabs
415     $tstr = str_replace(chr(9)," ",$tstr) ;
416    
417     // ASP tags & XML/PHP tags
418     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
419     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
420     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
421     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
422    
423     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
424     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
425     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
426     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
427    
428     // C style comment
429     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
430     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
431    
432     // HTML comments
433     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
434     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
435    
436     echo "<PRE>" ;
437    
438     $tstr = split("\n",$tstr) ;
439     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
440     // add line numbers
441     echo "<BR><EM>" ;
442     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
443     $line = $tstr[$i] ;
444     // C++ style comments
445     $pos = strpos($line,"//") ;
446     // exceptions: two slashes aren't a script comment
447     if (strstr($line,"//") &&
448     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
449     ! (substr($line,$pos,8) == "//--&gt;") &&
450     ! (substr($line,$pos,9) == "// --&gt;")) {
451     $beg = substr($line,0,strpos($line,"//")) ;
452     $end = strstr($line,"//") ;
453     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
454     }
455     // shell & asp style comments
456     $first = substr(ltrim($line),0,1) ;
457     if ($first == "#" || $first == "'") {
458     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
459     }
460     print($line) ;
461     } // next i
462    
463     echo "</PRE>" ;
464    
465     EndHTML() ;
466    
467     } // end function DisplayCode
468    
469     //////////////////////////////////////////////////////////////////
470    
471     function MockIcon($txt) {
472     $tstr = "<SPAN CLASS=MCK>" ;
473    
474     switch (strtolower($txt)) {
475     case ".bmp" :
476     case ".gif" :
477     case ".jpg" :
478     case ".jpeg":
479     case ".tif" :
480     case ".tiff":
481     $d = 176 ;
482     break ;
483     case ".doc" :
484     $d = 50 ;
485     break ;
486     case ".exe" :
487     case ".bat" :
488     $d = 255 ;
489     break ;
490     case ".bas" :
491     case ".c" :
492     case ".cc" :
493     case ".src" :
494     $d = 255 ;
495     break ;
496     case "file" :
497     $d = 51 ;
498     break ;
499     case "fldr" :
500     $d = 48 ;
501     break ;
502     case ".htm" :
503     case ".html":
504     case ".asa" :
505     case ".asp" :
506     case ".cfm" :
507     case ".php3":
508     case ".php" :
509     case ".phtml" :
510     case ".shtml" :
511     $d = 182 ;
512     break ;
513     case ".pdf" :
514     $d = 38 ;
515     break;
516     case ".txt" :
517     case ".ini" :
518     $d = 52 ;
519     break ;
520     case ".xls" :
521     $d = 252 ;
522     break ;
523     case ".zip" :
524     case ".arc" :
525     case ".sit" :
526     case ".tar" :
527     case ".gz" :
528     case ".tgz" :
529     case ".Z" :
530     $d = 59 ;
531     break ;
532     case "view" :
533     $d = 52 ;
534     break ;
535     case "up" :
536     $d = 199 ;
537     break ;
538     case "blank" :
539     return "&nbsp;&nbsp;</SPAN>" ;
540     break ;
541     default :
542     $d = 51 ;
543     }
544    
545     return $tstr . chr($d) . "</SPAN>" ;
546     } // end function MockIcon
547    
548     //////////////////////////////////////////////////////////////////
549    
550     function GifIcon($txt) {
551     global $gblIconLocation ;
552    
553     switch (strtolower($txt)) {
554     case ".bmp" :
555     case ".gif" :
556     case ".jpg" :
557     case ".jpeg":
558     case ".tif" :
559     case ".tiff":
560     $d = "image2.gif" ;
561     break ;
562     case ".doc" :
563     $d = "layout.gif" ;
564     break ;
565     case ".exe" :
566     case ".bat" :
567     $d = "screw2.gif" ;
568     break ;
569     case ".bas" :
570     case ".c" :
571     case ".cc" :
572     case ".src" :
573     $d = "c.gif" ;
574     break ;
575     case "file" :
576     $d = "generic.gif" ;
577     break ;
578     case "fldr" :
579     $d = "dir.gif" ;
580     break ;
581     case ".phps" :
582     $d = "phps.gif" ;
583     break ;
584     case ".php3" :
585     $d = "php3.gif" ;
586     break ;
587     case ".htm" :
588     case ".html":
589     case ".asa" :
590     case ".asp" :
591     case ".cfm" :
592     case ".php3":
593     case ".php" :
594     case ".phtml" :
595     case ".shtml" :
596     $d = "world1.gif" ;
597     break ;
598     case ".pdf" :
599     $d = "pdf.gif" ;
600     break;
601     case ".txt" :
602     case ".ini" :
603     $d = "text.gif" ;
604     break ;
605     case ".xls" :
606     $d = "box2.gif" ;
607     break ;
608     case ".zip" :
609     case ".arc" :
610     case ".sit" :
611     case ".tar" :
612     case ".gz" :
613     case ".tgz" :
614     case ".Z" :
615     $d = "compressed.gif" ;
616     break ;
617     case "view" :
618     $d = "index.gif" ;
619     break ;
620     case "up" :
621     $d = "back.gif" ;
622     break ;
623     case "blank" :
624     $d = "blank.gif" ;
625     break ;
626 dpavlin 1.4 case "checkout":
627 dpavlin 1.6 $d = "box2.gif";
628 dpavlin 1.4 break;
629     case "checkin":
630 dpavlin 1.6 $d = "hand.up.gif";
631     break;
632     case "locked":
633     $d = "screw2.gif";
634 dpavlin 1.4 break;
635     case "note":
636     $d = "quill.gif";
637     break;
638 dpavlin 1.1 default :
639     $d = "generic.gif" ;
640     }
641    
642     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
643     } // end function GifIcon
644    
645     //////////////////////////////////////////////////////////////////
646    
647     function Navigate($fsRoot,$relDir) {
648    
649 dpavlin 1.15 global $gblEditable, $gblIcon, $gblModDays ;
650 dpavlin 1.1
651     $self = $GLOBALS["PHP_SELF"] ;
652 dpavlin 1.2 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
653     $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
654     } else {
655     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
656     }
657 dpavlin 1.1 $fsDir = $fsRoot . $relDir . "/" ; // current directory
658    
659     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
660    
661     // read directory contents
662     if ( !($dir = @opendir($fsDir)) )
663     Error("Read Access denied",$relDir) ;
664     while ($item = readdir($dir)) {
665 dpavlin 1.2 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
666 dpavlin 1.1 if ( is_dir($fsDir . $item) ) {
667     $dirList[] = $item ;
668 dpavlin 1.2 } else if ( is_file($fsDir . $item) ) {
669 dpavlin 1.1 $fileList[] = $item ;
670 dpavlin 1.2 } else if ( is_link($fsDir . $item) ) {
671     $dirList[] = $item ;
672     } else {
673 dpavlin 1.1 // unknown file type
674     // $text = "Could not determine file type of " ;
675     // Error("File Error", $text.$relDir."/".$item) ;
676     // exit ;
677     }
678     }
679     closedir($dir) ;
680 dpavlin 1.2
681     // scan deleted files
682     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
683     while ($item = readdir($dir)) {
684     if ( substr($item,0,1) == "." ) continue ;
685     $fileList[] = ".del/$item" ;
686     }
687     closedir($dir) ;
688     }
689    
690 dpavlin 1.1 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
691    
692     // start navigation page
693 dpavlin 1.2 $text = "Use this page to add, delete";
694     if (! isset($show_deleted)) {
695 dpavlin 1.6 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
696 dpavlin 1.2 }
697     $text .= " or revise files on this web site." ;
698 dpavlin 1.18 $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
699 dpavlin 1.1 StartHTML("(Navigate)",$text) ;
700    
701     echo "<TABLE BORDER=0 CELLPADDING=2
702     CELLSPACING=3 WIDTH=\"100%\">" ;
703    
704     // updir bar
705     if ($fsDir != $fsRoot) {
706     $parent = dirname($relDir) ;
707     if ($parent == "") $parent = "/" ;
708     ?>
709    
710 dpavlin 1.4 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
711     <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
712     <B><?= $parent ?></B></A></TD></TR>
713 dpavlin 1.1
714     <?php
715     }
716    
717     // output subdirs
718     if (sizeof($dirList) > 0) {
719     sort($dirList) ;
720     ?>
721    
722 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
723 dpavlin 1.1
724     <?php
725     while (list($key,$dir) = each($dirList)) {
726    
727     $tstr = "<A HREF=\"" . $self . "?D=" ;
728     $tstr .= urlencode($relDir."/".$dir) ;
729     $tstr .= "\">" . $dir . "/</A>" ;
730     ?>
731    
732 dpavlin 1.4 <TR><TD><?= $gblIcon("fldr") ?></TD>
733     <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
734 dpavlin 1.1
735     <?php
736     } // iterate over dirs
737     } // end if no dirs
738     ?>
739    
740 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
741 dpavlin 1.1 </B></TD></TR>
742     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
743 dpavlin 1.6 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
744 dpavlin 1.4 <TD CLASS=TOP>NOTE</TD>
745 dpavlin 1.1 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
746    
747     <?php
748     if (sizeof($fileList) > 0) {
749     sort($fileList) ;
750     while (list($key,$file) = each($fileList)) {
751 dpavlin 1.4 $path = $fsDir."/".$file ;
752     $mod = filemtime($path) ;
753     $sz = filesize($path) ;
754    
755     if ($sz >= 10240) {
756     $sz = (int)(($sz+1023)/1024) . " k" ;
757     } else {
758     $sz .= " " ;
759     } // end size
760 dpavlin 1.1
761 dpavlin 1.4 $a = $b = "" ;
762    
763     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
764    
765 dpavlin 1.14 if ( ($mod + $gblModDays*86400) > time() ) {
766 dpavlin 1.4 $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
767 dpavlin 1.14 $a .= " than $gblModDays days\"> * </SPAN>" ;
768 dpavlin 1.4 }
769    
770 dpavlin 1.6 $file_lock=CheckLock($path);
771    
772     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
773     $file_url_html.="&D=".urlencode($relDir);
774     $file_url_html.="\" TITLE=\"View file\">" ;
775 dpavlin 1.2
776     if (substr($file,0,5) != ".del/") {
777 dpavlin 1.6 $file_url_html .= $file . "</A>" . $a ;
778 dpavlin 1.2 } else {
779 dpavlin 1.6 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
780 dpavlin 1.4 }
781    
782 dpavlin 1.6 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
783 dpavlin 1.4
784     $ext = strtolower(strrchr($file,".")) ;
785 dpavlin 1.6
786     if ($file_lock) {
787     if ($file_lock == $GLOBALS[gblUserName]) {
788     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
789     $b.="&D=".urlencode($relDir);
790     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
791     $file_url_html=$b;
792     $b.=$gblIcon("checkin")."</A>" ;
793     $b.= $gblIcon("blank");
794     $file_url_html.="$file</a> $a";
795     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
796     } else {
797     $b = $gblIcon("locked");
798     $b.= $gblIcon("blank");
799     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
800     $file_url_html = "$file $a";
801     }
802 dpavlin 1.4 } else {
803 dpavlin 1.6 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
804     $b.="&D=".urlencode($relDir);
805     $b.="\" TITLE=\"Checkout file for edit\">" ;
806     $b.=$gblIcon("checkout")."</A>" ;
807    
808     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
809     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
810     $b.="&D=".urlencode($relDir);
811     $b.="\" TITLE=\"List contents\">" ;
812     $b.=$gblIcon("view")."</A>" ;
813     } else {
814     $b.= $gblIcon("blank");
815     }
816 dpavlin 1.2 }
817 dpavlin 1.1
818    
819     ?>
820    
821     <TR><TD>
822 dpavlin 1.4 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
823     <?= $gblIcon($ext) ?></A></TD>
824 dpavlin 1.6 <TD CLASS=LST><?= $file_url_html ?></TD>
825 dpavlin 1.4 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
826 dpavlin 1.6 <TD CLASS=LST ALIGN=left><?= $note_html ?></TD>
827 dpavlin 1.4 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
828     <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
829 dpavlin 1.1
830     <?php
831     } // iterate over files
832     } // end if no files
833    
834     if ($emptyDir) {
835     ?>
836    
837 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
838     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
839     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
840 dpavlin 1.1 OK TO DELETE THIS EMPTY FOLDER?
841     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
842     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
843     </TD></TR>
844     </FORM>
845    
846     <?php
847     } // end if emptyDir
848     ?>
849    
850 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
851 dpavlin 1.1
852 dpavlin 1.6 <TR><TD></TD><TD COLSPAN=5>
853 dpavlin 1.13 <?
854     if (file_exists(".info.inc")) {
855     include(".info.inc");
856     }
857     ?>
858 dpavlin 1.6 </TD></TR>
859    
860     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
861    
862 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
863     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
864 dpavlin 1.1 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
865     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
866     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
867     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
868 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
869 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
870 dpavlin 1.9 <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
871 dpavlin 1.1 </NOBR>
872     </TD></TR>
873     </FORM>
874     </TABLE>
875    
876     <?php
877     EndHTML() ;
878     } // end function Navigate
879    
880     //////////////////////////////////////////////////////////////////
881    
882 dpavlin 1.6 function UploadPage($fsRoot, $relDir, $filename) {
883 dpavlin 1.1
884     $self = $GLOBALS["PHP_SELF"] ;
885     if ($relDir == "") $relDir = "/" ;
886     ?>
887    
888     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
889     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
890 dpavlin 1.4 ACTION="<?= $self ?>">
891     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
892 dpavlin 1.6 <? if (isset($filename)) { ?>
893     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
894     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
895     <? } ?>
896 dpavlin 1.1 <P>PATHNAME OF LOCAL FILE<BR>
897 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
898 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
899     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
900     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
901     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
902     you must upgrade to an RFC1867-compliant browser.</P>
903 dpavlin 1.4 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
904 dpavlin 1.1 </FORM>
905     </TD></TR>
906     <TR><TD></TD><TD>
907 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
908     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
909 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
910     </FORM>
911     </TD></TR></TABLE></P>
912    
913     <?php
914     } // end function UploadPage
915    
916     //////////////////////////////////////////////////////////////////
917    
918     function Error($title,$text="") {
919     StartHTML("(".$title.")",$text) ;
920     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
921     EndHTML() ;
922     exit ;
923     } // end function Error
924    
925     //////////////////////////////////////////////////////////////////
926    
927     function CreateHash($user, $pw) {
928    
929     global $gblHash ; // hash function to use
930    
931     if ($user == "" || $pw == "") {
932     $text = "either no password or no username supplied" ;
933     Error("Create Hash",$text) ;
934     }
935     $title = "(Create Hash)" ;
936     StartHTML($title) ;
937     echo "<P ALIGN=center>" ;
938     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
939     echo "into the<BR>value for \$gblPw in the source of " ;
940     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
941     echo "</B><BR><BR>Hash function: " . $gblHash ;
942     echo "</BLOCKQUOTE></P>" ;
943     EndHTML() ;
944     exit ;
945    
946     } // end function CreateHash
947    
948     //////////////////////////////////////////////////////////////////
949    
950     function NoEntry() {
951    
952     $user = $GLOBALS["PHP_AUTH_USER"] ;
953     $pw = $GLOBALS["PHP_AUTH_PW"] ;
954     $self = $GLOBALS["PHP_SELF"] ;
955    
956     $title = "(401 Unauthorized)" ;
957     $text = "No trespassing !" ;
958     StartHTML($title,$text) ;
959     ?>
960    
961 dpavlin 1.4 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
962     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
963     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
964 dpavlin 1.1
965     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
966     Click below to <B>generate a password hash</B><BR>from
967     the username-password pair you just<BR>entered. Then include the hash in
968     the source<BR>of this file.<BR><BR>
969     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
970     </BLOCKQUOTE></FORM>
971    
972     <?php
973     EndHTML() ;
974     exit ;
975     }
976    
977     //////////////////////////////////////////////////////////////////
978    
979 dpavlin 1.2 function Logit($target,$msg) {
980    
981     $dir=dirname($target);
982     if (! file_exists($dir."/.log")) {
983     mkdir($dir."/.log",0700);
984     }
985     $file=basename($target);
986    
987     $log=fopen("$dir/.log/$file","a+");
988     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
989     "\t$GLOBALS[gblUserName]\t$msg\n");
990     fclose($log);
991    
992     }
993    
994    
995 dpavlin 1.4 //////////////////////////////////////////////////////////////////
996    
997     function WriteNote($target,$msg) {
998    
999     $dir=dirname($target);
1000     if (! file_exists($dir."/.note")) {
1001     mkdir($dir."/.note",0700);
1002     }
1003     $file=basename($target);
1004    
1005     $note=fopen("$dir/.note/$file","w");
1006     fputs($note,"$msg\n");
1007     fclose($note);
1008    
1009     Logit($target,"added note $msg");
1010    
1011     }
1012    
1013     function ReadNote($target) {
1014    
1015     $dir=dirname($target);
1016     $file=basename($target);
1017     $msg="";
1018     if (file_exists($dir."/.note/$file")) {
1019     $note=fopen("$dir/.note/$file","r");
1020     $msg=fgets($note,4096);
1021     fclose($note);
1022     }
1023 dpavlin 1.6 return StripSlashes($msg);
1024 dpavlin 1.4
1025     }
1026    
1027     //////////////////////////////////////////////////////////////////
1028    
1029     function MoveTo($source,$folder) {
1030    
1031     $file=basename($source);
1032     if (! file_exists($folder)) {
1033     mkdir($folder,0700);
1034     }
1035     if (file_exists($source)) {
1036     rename($source,"$folder/$file");
1037     }
1038     }
1039 dpavlin 1.2
1040     //////////////////////////////////////////////////////////////////
1041    
1042 dpavlin 1.6 function Lock($target) {
1043    
1044     $dir=dirname($target);
1045     if (! file_exists($dir."/.lock")) {
1046     mkdir($dir."/.lock",0700);
1047     }
1048     $file=basename($target);
1049    
1050     if (file_exists("$dir/.lock/$file")) {
1051     Logit($target,"attempt to locked allready locked file!");
1052     } else {
1053     $lock=fopen("$dir/.lock/$file","w");
1054     fputs($lock,"$GLOBALS[gblUserName]\n");
1055     fclose($lock);
1056    
1057     Logit($target,"file locked");
1058     }
1059    
1060     }
1061    
1062     function CheckLock($target) {
1063    
1064     $dir=dirname($target);
1065     $file=basename($target);
1066     $msg=0;
1067     if (file_exists($dir."/.lock/$file")) {
1068     $lock=fopen("$dir/.lock/$file","r");
1069     $msg=fgets($lock,4096);
1070     fclose($lock);
1071     }
1072     return chop($msg);
1073    
1074     }
1075    
1076     function Unlock($target) {
1077    
1078     $dir=dirname($target);
1079     $file=basename($target);
1080     if (file_exists($dir."/.lock/$file")) {
1081     unlink("$dir/.lock/$file");
1082     Logit($target,"file unlocked");
1083     } else {
1084     Logit($target,"attempt to unlocked non-locked file!");
1085     }
1086    
1087     }
1088    
1089     //////////////////////////////////////////////////////////////////
1090    
1091 dpavlin 1.9 function urlpath($url) {
1092 dpavlin 1.8 $url=urlencode(StripSlashes("$url"));
1093 dpavlin 1.7 $url=str_replace("%2F","/",$url);
1094     $url=str_replace("+","%20",$url);
1095 dpavlin 1.9 return($url);
1096 dpavlin 1.7 }
1097    
1098     //////////////////////////////////////////////////////////////////
1099    
1100 dpavlin 1.8 function safe_rename($from,$to) {
1101     if (file_exists($from) && is_writable(dirname($to))) {
1102     rename($from,$to);
1103     }
1104     }
1105    
1106     //////////////////////////////////////////////////////////////////
1107    
1108 dpavlin 1.16 // recursivly delete directory
1109    
1110     function rrmdir($dir) {
1111     $handle=opendir($dir);
1112     while ($file = readdir($handle)) {
1113     if ($file != "." && $file != "..") {
1114     if (is_dir("$dir/$file"))
1115     rrmdir("$dir/$file");
1116     else
1117     if (! @unlink("$dir/$file")) return(0);
1118     }
1119     }
1120     closedir($handle);
1121     return @rmdir($dir);
1122     }
1123    
1124     //////////////////////////////////////////////////////////////////
1125    
1126 dpavlin 1.18 function ChangeLog($target,$msg) {
1127    
1128     global $gblFsRoot;
1129     $log=fopen("$gblFsRoot/.changelog","a+");
1130     if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
1131     $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
1132     fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
1133     fclose($log);
1134    
1135     }
1136    
1137     function DisplayChangeLog($day) {
1138    
1139     global $gblFsRoot;
1140     $log=fopen("$gblFsRoot/.changelog","r");
1141     $logarr = array();
1142     while($line = fgetcsv($log,255,"\t")) {
1143     if ($day!=1 || $day==1 && $line[0]-time() < 24*60) {
1144     array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1145     }
1146     }
1147     fclose($log);
1148     $cl1=" class=lst"; $cl2="";
1149     print "<table border=0 width=100%>\n";
1150     while ($e = array_shift($logarr)) {
1151     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1152     $date = date("$GLOBALS[gblDateFmt]", $e[0]);
1153     $time = date("$GLOBALS[gblTimeFmt]", $e[0]);
1154     $dir = dirname($e[1]);
1155     $file = basename($e[1]);
1156     print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$GLOBALS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1157     }
1158     print "</table>";
1159     }
1160    
1161     //////////////////////////////////////////////////////////////////
1162    
1163 dpavlin 1.1 // MAIN PROGRAM
1164     // ============
1165     // query parameters: capital letters
1166     // local functions : begin with capital letters
1167     // global constants: begin with gbl
1168    
1169 dpavlin 1.2 $gblFilePerms = 0640 ; // default for new files
1170     $gblDirPerms = 0750 ; // default for new dirs
1171 dpavlin 1.1
1172     // phpinfo() ;
1173     // exit ;
1174    
1175     // forks before authentication: style sheet and hash
1176     // creation if password not yet set.
1177     if ($STYLE == "get") { CSS() ; exit ; }
1178     if ($HASH != "") {
1179     CreateHash($USER, $PW) ;
1180     exit ;
1181     }
1182    
1183     // authentication if $gblAuth == true
1184 dpavlin 1.2 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
1185     isset($relogin) && $gblPw == $relogin ) {
1186 dpavlin 1.1 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
1187     header("HTTP/1.0 401 Unauthorized") ;
1188     NoEntry() ;
1189     exit ;
1190     }
1191    
1192     // get current directory relative to $gblFsRoot
1193     $relDir = $DIR ; // from POST
1194     if ($relDir == "") { // not defined in POST ?
1195     $relDir = urldecode($D) ; // then use GET
1196     }
1197    
1198     if ($relDir == "/") $relDir = "" ;
1199     // default : website root = ""
1200    
1201     if (strstr($relDir,"..")) Error("No updirs allowed");
1202    
1203     // full paths contain "fs" or "Fs". Paths realitve to root of
1204     // website contain "rel" or "Rel". The script won't let you
1205     // edit anything above directory equal to http://server.com
1206     // i.e. below $gblFsRoot.
1207    
1208     $relScriptDir = dirname($SCRIPT_NAME) ;
1209     // i.e. /siteman
1210    
1211     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1212     // i.e. /home/httpd/html/siteman
1213    
1214     $gblFsRoot = substr($fsScriptDir,0,
1215     strlen($fsScriptDir)-strlen($relScriptDir)) ;
1216     // i.e. /home/httpd/html
1217    
1218     $fsDir = $gblFsRoot . $relDir ; // current directory
1219     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1220    
1221     switch ($POSTACTION) {
1222     case "UPLOAD" :
1223 dpavlin 1.2 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1224 dpavlin 1.1 if (strstr($FN_name,"/"))
1225     Error("Non-conforming filename") ;
1226     // TODO : should rather check for escapeshellcmds
1227     // but maybe RFC 18xx asserts safe filenames ....
1228     $source = $FN ;
1229 dpavlin 1.6 if (! isset($FILENAME)) { // from update file
1230     $target = "$fsDir/$FN_name" ;
1231     } else {
1232     $target = "$fsDir/$FILENAME";
1233     }
1234 dpavlin 1.2
1235     // backup old files first
1236     $dir=dirname($target);
1237     if (! file_exists($dir."/.bak")) {
1238     mkdir($dir."/.bak",0700);
1239     }
1240     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1241     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1242     }
1243     $file=basename($target);
1244     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1245 dpavlin 1.4 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1246 dpavlin 1.2 }
1247 dpavlin 1.6 MoveTo($target,$dir."/.bak/1/");
1248 dpavlin 1.2
1249     copy($source,$target) ;
1250     chmod($target,$gblFilePerms) ;
1251 dpavlin 1.1 clearstatcache() ;
1252 dpavlin 1.2 Logit($target,"uploaded");
1253 dpavlin 1.6 if (isset($FILENAME)) {
1254     Unlock($target);
1255     }
1256 dpavlin 1.18 ChangeLog($target,"updated");
1257 dpavlin 1.1 break ;
1258    
1259     case "SAVE" :
1260 dpavlin 1.17 $path = $gblFsRoot . $RELPATH ;
1261 dpavlin 1.2 $writable = is_writeable($path) ;
1262     $legaldir = is_writeable(dirname($path)) ;
1263 dpavlin 1.1 $exists = (file_exists($path)) ? 1 : 0 ;
1264     // check for legal extension here as well
1265     if (!($writable || (!$exists && $legaldir)))
1266     Error("Write denied",$RELPATH) ;
1267     $fh = fopen($path, "w") ;
1268     fwrite($fh,$FILEDATA) ;
1269     fclose($fh) ;
1270     clearstatcache() ;
1271 dpavlin 1.2 Logit($path,"saved changes");
1272 dpavlin 1.18 ChangeLog($path,"saved changes");
1273 dpavlin 1.1 break ;
1274    
1275     case "CREATE" :
1276     // we know $fsDir exists
1277 dpavlin 1.2 if ($FN == "") break; // no filename!
1278     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1279 dpavlin 1.1 $path = $fsDir . "/" . $FN ; // file or dir to create
1280     $relPath = $relDir . "/" . $FN ;
1281     switch ( $T ) {
1282     case "D" : // create a directory
1283 dpavlin 1.6 if ( ! @mkdir($path,$gblDirPerms) )
1284     Error("Mkdir failed",$relPath) ; // eg. if it exists
1285     clearstatcache() ;
1286     break ;
1287 dpavlin 1.1 case "F" : // create a new file
1288     // this functionality is doubled in DetailView().
1289     // better keep it here altogether
1290     // chmod perms to $gblFilePerms
1291 dpavlin 1.6 if ( file_exists($path) && !is_writable($path) )
1292     Error("File not writable", $relPath) ;
1293     $fh = fopen($path, "w+") ;
1294     if ($fh) {
1295     fputs($fh,"\n");
1296     fclose($fh) ;
1297     LogIt($path,"file created");
1298     } else {
1299     Error("Creation of file $relPath failed -- $path");
1300     }
1301     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1302     header("Location: " . $tstr) ;
1303 dpavlin 1.18 ChangeLog($target,"created");
1304 dpavlin 1.6 exit ;
1305 dpavlin 1.1 }
1306     break ;
1307    
1308     case "DELETE" :
1309     if ( $CONFIRM != "on" ) break ;
1310    
1311     $tstr = "Attempt to delete non-existing object or " ;
1312     $tstr .= "insufficient privileges: " ;
1313    
1314     if ( $FN != "") { // delete file
1315 dpavlin 1.2 $path = $fsDir . "/" . $FN ;
1316    
1317     $dir=dirname($path);
1318     $file=basename($path);
1319     if (! file_exists("$dir/.del")) {
1320     mkdir("$dir/.del",0700);
1321     }
1322    
1323     // if ( ! @unlink($path) ) {
1324     if ( ! rename($path,"$dir/.del/$file") ) {
1325     Error("File delete failed", $tstr . $path) ;
1326     Logit($path,"file delete failed");
1327     exit ;
1328     } else {
1329     Logit($path,"file deleted");
1330 dpavlin 1.4 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1331     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1332 dpavlin 1.6 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1333 dpavlin 1.2 }
1334 dpavlin 1.1 }
1335     else { // delete directory
1336 dpavlin 1.16 if ( ! @rrmdir($fsDir) ) {
1337 dpavlin 1.1 Error("Rmdir failed", $tstr . $fsDir) ;
1338     }
1339     else {
1340     $relDir = dirname($relDir) ; // move up
1341     }
1342     }
1343     break ;
1344    
1345 dpavlin 1.2 case "UNDELETE" :
1346     if ( $CONFIRM != "on" ) break ;
1347    
1348     if (substr($FN,0,4) != ".del") break ;
1349     $file=substr($FN,4,strlen($FN)-4);
1350    
1351     Logit("$fsDir/.del/$file","undeleted");
1352 dpavlin 1.4 MoveTo("$fsDir/.del/$file","$fsDir/");
1353     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1354     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1355 dpavlin 1.6 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1356 dpavlin 1.2
1357     break ;
1358    
1359     case "RENAME" :
1360     if ( $CONFIRM != "on" ) break ;
1361    
1362     Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1363 dpavlin 1.8 safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
1364     safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1365     safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
1366     safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
1367 dpavlin 1.11 for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
1368     safe_rename("$fsDir/.bak/$i/$FN","$fsDir/.bak/$i/$NEWNAME");
1369     }
1370 dpavlin 1.2
1371 dpavlin 1.4 break ;
1372    
1373     case "NOTE" :
1374     WriteNote("$fsDir/$FN","$NOTE");
1375 dpavlin 1.2 break ;
1376    
1377 dpavlin 1.6 case "UNLOCK" :
1378     if ( $CONFIRM != "on" ) break ;
1379     Unlock("$fsDir/$FN");
1380     break ;
1381    
1382 dpavlin 1.1 default :
1383     // user hit "CANCEL" or undefined action
1384     }
1385    
1386     // common to all POSTs : redirect to directory view ($relDir)
1387     if ( $POSTACTION != "" ) {
1388     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1389     header("Location: " . $tstr) ;
1390     exit ;
1391     }
1392    
1393     // check for mode.. navigate, code display, upload, or detail?
1394     // $A=U : upload to path given in $D
1395     // $A=E : display detail of file $D/$F and edit
1396     // $A=C : display code in file $D/$F
1397 dpavlin 1.6 // $A=Co : checkout file $D/$F
1398     // $A=Ci : checkin file $D/$F
1399     // $A=V : view file (do nothing except log)
1400 dpavlin 1.1 // default : display directory $D
1401    
1402     switch ($A) {
1403     case "U" :
1404     // upload to $relDir
1405 dpavlin 1.2 if (!is_writeable($gblFsRoot . $relDir))
1406 dpavlin 1.1 Error("Write access denied",$relDir) ;
1407     $text = "Use this page to upload a single " ;
1408     $text .= "file to <B>$SERVER_NAME</B>." ;
1409     StartHTML("(Upload Page)", $text) ;
1410     UploadPage($gblFsRoot, $relDir) ;
1411     EndHTML() ;
1412     exit ;
1413     case "E" :
1414     // detail of $relDir/$F
1415 dpavlin 1.2 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1416 dpavlin 1.1 exit ;
1417     case "C" :
1418     // listing of $relDir/$F
1419     DisplayCode($gblFsRoot, $relDir, $F) ;
1420     exit ;
1421 dpavlin 1.6 case "Co" :
1422     // checkout
1423     Lock("$gblFsRoot/$relDir/$F");
1424 dpavlin 1.12 header("Content-Disposition: attachment; filename=$F" );
1425 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1426 dpavlin 1.6 exit;
1427     case "Ci" :
1428     // upload && update to $relDir
1429     if (!is_writeable($gblFsRoot . $relDir))
1430     Error("Write access denied",$relDir) ;
1431     $text = "Use this page to update a single " ;
1432     $text .= "file to <B>$SERVER_NAME</B>." ;
1433     StartHTML("(Update file Page)", $text) ;
1434     UploadPage($gblFsRoot, $relDir, $F) ;
1435     EndHTML() ;
1436     exit ;
1437     case "V" :
1438     // view
1439 dpavlin 1.9 LogIt("$gblFsRoot/$relDir/$F","viewed");
1440 dpavlin 1.12 header("Content-Disposition: attachment; filename=$F" );
1441 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1442 dpavlin 1.18 exit;
1443     case "Ch" :
1444     StartHTML("(File changes)","All changes chronologicaly...");
1445     DisplayChangeLog(0); // all
1446     EndHTML() ;
1447     exit;
1448     case "Ch1" :
1449     StartHTML("(File changes)","Changes to files in last day...");
1450     DisplayChangeLog(1);
1451     EndHTML() ;
1452 dpavlin 1.6 exit;
1453 dpavlin 1.1 }
1454    
1455     // default: display directory $relDir
1456     Navigate($gblFsRoot,$relDir) ;
1457     exit ;
1458    
1459     Error("Whooah!","By cartesian logic, this never happens") ;
1460     ?>

  ViewVC Help
Powered by ViewVC 1.1.26