/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.20 - (hide annotations)
Wed Sep 13 08:08:22 2000 UTC (22 years, 5 months ago) by dpavlin
Branch: MAIN
Changes since 1.19: +2 -2 lines
fix changelog display

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37 dpavlin 1.2 /*
38     2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39    
40     nuked exec calls (unsecure)
41     nuked writeable function (replaced by php is_writeable)
42     added support for https (tested with apache+mod_ssl)
43     added users file
44     date format user-selectable
45     cycle backup files in bak directory
46     support links as directoryes (for now)
47     support of file history logging
48     undelete capabilities (delete moves to .del directory)
49    
50     2000-07-26 DbP
51    
52     added more checking on entered filename (when creating file/dir)
53     added rename option
54    
55    
56     IMPORTANT INSTALLATION NOTE:
57     deny serving of .* (dot-something) files in web server!
58     Otherwise, uses can access your log files, users and/or
59     deleted files!
60    
61     .htusers is in form:
62     login:Real Name:md5(loginpassword)
63    
64    
65     TODO:
66     mixed file/directory output (add type to each entry,
67     real support for links)
68 dpavlin 1.9 retrieve old versions of files (overwritten)
69 dpavlin 1.13 show last lock date
70    
71 dpavlin 1.2 */
72    
73 dpavlin 1.1 //////////////////////////////////////////////////////////////////
74    
75     // TODO : Don't let the file be modified itself. Create a hash of
76     // it (kinda hard since it's self-referential ;-). Make better use
77     // of session management. Escapeshellcmd for all user input.
78    
79     //////////////////////////////////////////////////////////////////
80    
81     // GLOBAL PARAMETERS
82     // =================
83     // Make modifications here to suit siteman to your needs
84    
85     // error_reporting(4) ; // how verbose ?
86    
87     // username/password should not be system
88     // usernames/passwords !!
89    
90 dpavlin 1.2 // $gblPw = "hash_of_your_username_and_password" ;
91    
92     // $gblAuth = false ; // use builtin authentication
93     $gblAuth = true ; // use builtin authentication
94 dpavlin 1.1 $gblHash = "md5" ; // hash function to use
95    
96 dpavlin 1.2 $gblPw = "";
97    
98     if ($gblAuth) {
99 dpavlin 1.3 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
100     if (! file_exists($htusers_file)) {
101     $htusers=fopen($htusers_file,"a+");
102     fputs($htusers,"# Change owner of $htusers_file to root !!\n");
103     fputs($htusers,"demo:full name:md5_hash\n");
104     fclose($htusers);
105     }
106     $htusers=fopen($htusers_file,"r");
107 dpavlin 1.2 while($user = fgetcsv($htusers,255,":")) {
108     if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
109     $gblUserName=$user[1];
110     $gblPw=$user[2];
111 dpavlin 1.14 $gblEmail=$user[3];
112 dpavlin 1.2 continue ;
113     }
114     }
115     fclose($htusers);
116     }
117    
118     // $gblDateFmt="D, F d, Y";
119     // $gblTimeFmt="g:i:sA";
120    
121     $gblDateFmt="Y-m-d";
122     $gblTimeFmt="H:i:s";
123    
124 dpavlin 1.14 // Number of backup files to keep
125     $gblNumBackups=3;
126    
127     // show red star if newer than ... days
128     $gblModDays=1;
129 dpavlin 1.2
130 dpavlin 1.1 // choose GifIcon below unless you have the M$
131     // WingDings font installed on your system
132    
133     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
134    
135     // the directory below should be /icons/ or /icons/small/
136     // on Apache; a set of icons is included in the distribution
137    
138 dpavlin 1.3 $gblIconLocation = "/icons/" ;
139 dpavlin 1.1
140     // files you want to be able to edit in text mode
141     // and view with (primitive) syntax highlighting
142    
143     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
144     ".cfm",".php3",".php",".phtml",
145     ".shtml",".css" ) ;
146    
147     // files that will display as images on the detail page
148     // (useless if your browser doesn't support them)
149    
150     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
151     ".bmp",".xbm") ;
152    
153     //////////////////////////////////////////////////////////////////
154    
155     function StartHTML($title,$text="") {
156    
157     $title = "Site Manager " . $title ;
158     $host = $GLOBALS["HTTP_HOST"] ;
159     $self = $GLOBALS["PHP_SELF"] ;
160     ?>
161    
162     <HTML>
163     <HEAD>
164 dpavlin 1.4 <TITLE><?= $host . " " . $title ?></TITLE>
165 dpavlin 1.1 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
166     <META NAME="keywords" CONTENT="site manager, web site maintenance">
167     <META NAME="robots" CONTENT="noindex">
168     <META HTTP-EQUIV="expires" CONTENT="0">
169     <LINK REL="stylesheet" TYPE="text/css"
170 dpavlin 1.4 HREF="<?= $self ?>?STYLE=get">
171 dpavlin 1.1 </HEAD>
172     <BODY BGCOLOR="#FFFFFF">
173 dpavlin 1.4 <H3 ALIGN="RIGHT"><?= $host ?></H3>
174 dpavlin 1.1 <TABLE BORDER=0 WIDTH="100%"><TR>
175 dpavlin 1.4 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
176     <P><?= $text ?></P>
177 dpavlin 1.1
178     <?php
179     } // end function StartHTML
180    
181     //////////////////////////////////////////////////////////////////
182    
183     function EndHTML() {
184     ?>
185    
186     <HR>
187     <P CLASS=FTR>
188 dpavlin 1.2 <B><?= date($GLOBALS[gblDateFmt]) ?> -
189     <?= date($GLOBALS[gblTimeFmt]) ?> -
190     <?= $GLOBALS[gblUserName] ?>
191 dpavlin 1.6 <small> [<a href="<?= $GLOBALS["PHP_SELF"] ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
192 dpavlin 1.2 </B>
193     <BR>ANYPORTAL(php) Site Manager
194     <br><small>
195     &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
196     &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
197     &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
198     </small>
199 dpavlin 1.1 </P>
200 dpavlin 1.2 <BR>
201 dpavlin 1.9 <? //include(".debug.inc") ?>
202 dpavlin 1.2 <BR><BR></BODY></HTML>
203 dpavlin 1.1
204     <?php
205     } // end function EndHTML
206    
207     //////////////////////////////////////////////////////////////////
208    
209     function CSS() {
210     ?>
211    
212 dpavlin 1.2 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
213 dpavlin 1.1 .BLK { color:black; }
214     .RED { color:red; }
215     .TOP { color:red; font-size:70%; } /* table headings */
216     .INV { color:white; background-color:navy;
217     font-weight:bold; font-size:120%; } /* title */
218     .FTR { } /* footer */
219     .LST { background-color:#E0E0E0; } /* table cells */
220     .BAR { background-color:#E0E0E0; } /* action bar */
221     PRE { color:blue; font-family:Lucida Console,Courier New,
222     Courier,sans-serif; } /* source code */
223     EM { color:green; font-style:normal; } /* line numbers */
224     .REM { color:silver; }
225     .XML { color:navy; background-color:yellow; }
226     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
227     A:HOVER { color:red; }
228    
229     <?php
230     } // end function CSS
231    
232     //////////////////////////////////////////////////////////////////
233    
234     function DetailPage($fsRoot,$relDir,$fn) {
235    
236     global $gblEditable, $gblImages ;
237     $self = $GLOBALS["PHP_SELF"] ;
238    
239     $relPath = $relDir . "/" . $fn ;
240     $fsPath = $fsRoot . $relPath ;
241     $fsDir = $fsRoot . $relDir ;
242    
243     $exists = file_exists($fsPath) ;
244     $ext = strtolower(strrchr($relPath,".")) ;
245     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
246 dpavlin 1.2 $writable = is_writeable($fsPath) ;
247 dpavlin 1.6 $file_lock = CheckLock($fsPath);
248 dpavlin 1.1
249     if (!$editable && !$exists)
250     Error("Creation unsupported for type",$relPath) ;
251 dpavlin 1.2 if (!exists && !is_writeable($fsDir) )
252 dpavlin 1.1 Error("Creation denied",$relDir) ;
253    
254     $text = "Use this page to view, modify or " ;
255     $text .= "delete a single document on this " ;
256     $text .= "web site." ;
257     $title = "(Detail Page)" ;
258     StartHTML($title, $text) ;
259    
260     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
261     if ($exists) { // get file info
262 dpavlin 1.4 $fsize = filesize($fsPath) ;
263     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
264     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
265     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
266     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
267     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
268     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
269     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
270     echo " permissions: <B>" ;
271     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
272     echo "</PRE>" ;
273 dpavlin 1.2
274 dpavlin 1.1 }
275    
276 dpavlin 1.6 if ( $editable && ($writable || !$exists) && !$file_lock ) {
277 dpavlin 1.1 $fh = fopen($fsPath,"a+") ;
278     rewind($fh) ;
279     $fstr = fread($fh,filesize($fsPath)) ;
280     fclose($fh) ;
281     $fstr = htmlentities( $fstr ) ;
282     ?>
283    
284 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
285 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
286     <B>DOCUMENT CONTENTS</B>
287     </SPAN><BR>
288     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
289     echo($fstr) ; ?></TEXTAREA>
290 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
291     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
292 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
293 dpavlin 1.2 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
294 dpavlin 1.4 VALUE="<?= $relPath ; ?>">
295 dpavlin 1.2 <br>
296     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
297 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="SAVE">
298     </FORM>
299    
300     <?php
301 dpavlin 1.9 }
302 dpavlin 1.14 if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
303 dpavlin 1.6 $info = getimagesize($fsPath) ;
304 dpavlin 1.9 $tstr = "<IMG SRC=\"".urlpath($relPath)."\" BORDER=0 " ;
305 dpavlin 1.6 $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
306     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
307 dpavlin 1.9 // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
308     echo $tstr ;
309 dpavlin 1.1 }
310 dpavlin 1.6
311 dpavlin 1.1 ?>
312    
313 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
314     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
315     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
316 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
317    
318     <?php
319 dpavlin 1.6
320     if ($file_lock) {
321     ?>
322     <hr>
323     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
324     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
325     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
326     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
327     <?
328     } // file_lock
329    
330 dpavlin 1.2 if (substr($fn,0,4) == ".del") {
331     $action="UNDELETE";
332     $desc="undelete previously deleted file";
333     } else {
334     $action="DELETE";
335     $desc="delete";
336     }
337    
338 dpavlin 1.1 if ($exists && $writable) {
339     ?>
340    
341 dpavlin 1.4 <HR>
342     <a name="undelete">
343     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
344     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
345 dpavlin 1.2 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
346     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
347    
348 dpavlin 1.4 <HR>
349     <a name="rename">
350     <SPAN TITLE="Check OK and click [RENAME] to rename.">
351     <B>OK TO RENAME "<?= $fn ; ?>" TO
352 dpavlin 1.2 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
353     ? </B></SPAN>
354 dpavlin 1.1 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
355 dpavlin 1.2 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
356 dpavlin 1.1
357 dpavlin 1.5 <?php
358     } // exists && writable
359     ?>
360 dpavlin 1.4 <HR>
361     <a name="note">
362     <B>NOTE FOR "<?= $fn ; ?>":
363     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
364     </B></SPAN>
365     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
366    
367 dpavlin 1.5 </FORM>
368    
369 dpavlin 1.1 <?php
370 dpavlin 1.5
371 dpavlin 1.10 $name=basename("$fsDir/$fn");
372     $logname=dirname("$fsDir/$fn")."/.log/$name";
373     $bakdir=dirname("$fsDir/$fn")."/.bak";
374 dpavlin 1.2 if (file_exists($logname)) {
375     $log=fopen($logname,"r");
376     $cl1=" class=lst"; $cl2="";
377 dpavlin 1.10 $logarr = array();
378 dpavlin 1.2 while($line = fgetcsv($log,255,"\t")) {
379     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
380 dpavlin 1.10 array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
381 dpavlin 1.2 }
382     fclose($log);
383 dpavlin 1.10 print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
384     $bakcount = 0; // start from 0, skip fist backup (it's current)
385     while ($e = array_shift($logarr)) {
386     if (strstr($e[4],"upload")) {
387     if (file_exists("$bakdir/$bakcount/$name")) {
388     $e[4]="<a href=\"".dirname($relPath)."/.bak/$bakcount/$name\">$e[4]</a>";
389     }
390     $bakcount++;
391     }
392     print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
393     }
394 dpavlin 1.2 print "</table>";
395     }
396    
397 dpavlin 1.1 EndHTML() ;
398    
399     } // end function DetailPage
400    
401     //////////////////////////////////////////////////////////////////
402    
403     function DisplayCode($fsRoot,$relDir,$fn) {
404    
405     $path = $fsRoot . $relDir . "/" . $fn ;
406    
407     if (!file_exists($path)) Error("File not found",$path) ;
408    
409     StartHTML("(".$relDir."/".$fn.")","");
410    
411     $tstr = join("",file($path)) ;
412     $tstr = htmlentities($tstr) ;
413    
414     // Tabs
415     $tstr = str_replace(chr(9)," ",$tstr) ;
416    
417     // ASP tags & XML/PHP tags
418     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
419     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
420     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
421     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
422    
423     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
424     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
425     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
426     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
427    
428     // C style comment
429     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
430     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
431    
432     // HTML comments
433     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
434     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
435    
436     echo "<PRE>" ;
437    
438     $tstr = split("\n",$tstr) ;
439     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
440     // add line numbers
441     echo "<BR><EM>" ;
442     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
443     $line = $tstr[$i] ;
444     // C++ style comments
445     $pos = strpos($line,"//") ;
446     // exceptions: two slashes aren't a script comment
447     if (strstr($line,"//") &&
448     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
449     ! (substr($line,$pos,8) == "//--&gt;") &&
450     ! (substr($line,$pos,9) == "// --&gt;")) {
451     $beg = substr($line,0,strpos($line,"//")) ;
452     $end = strstr($line,"//") ;
453     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
454     }
455     // shell & asp style comments
456     $first = substr(ltrim($line),0,1) ;
457     if ($first == "#" || $first == "'") {
458     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
459     }
460     print($line) ;
461     } // next i
462    
463     echo "</PRE>" ;
464    
465     EndHTML() ;
466    
467     } // end function DisplayCode
468    
469     //////////////////////////////////////////////////////////////////
470    
471     function MockIcon($txt) {
472     $tstr = "<SPAN CLASS=MCK>" ;
473    
474     switch (strtolower($txt)) {
475     case ".bmp" :
476     case ".gif" :
477     case ".jpg" :
478     case ".jpeg":
479     case ".tif" :
480     case ".tiff":
481     $d = 176 ;
482     break ;
483     case ".doc" :
484     $d = 50 ;
485     break ;
486     case ".exe" :
487     case ".bat" :
488     $d = 255 ;
489     break ;
490     case ".bas" :
491     case ".c" :
492     case ".cc" :
493     case ".src" :
494     $d = 255 ;
495     break ;
496     case "file" :
497     $d = 51 ;
498     break ;
499     case "fldr" :
500     $d = 48 ;
501     break ;
502     case ".htm" :
503     case ".html":
504     case ".asa" :
505     case ".asp" :
506     case ".cfm" :
507     case ".php3":
508     case ".php" :
509     case ".phtml" :
510     case ".shtml" :
511     $d = 182 ;
512     break ;
513     case ".pdf" :
514     $d = 38 ;
515     break;
516     case ".txt" :
517     case ".ini" :
518     $d = 52 ;
519     break ;
520     case ".xls" :
521     $d = 252 ;
522     break ;
523     case ".zip" :
524     case ".arc" :
525     case ".sit" :
526     case ".tar" :
527     case ".gz" :
528     case ".tgz" :
529     case ".Z" :
530     $d = 59 ;
531     break ;
532     case "view" :
533     $d = 52 ;
534     break ;
535     case "up" :
536     $d = 199 ;
537     break ;
538     case "blank" :
539     return "&nbsp;&nbsp;</SPAN>" ;
540     break ;
541     default :
542     $d = 51 ;
543     }
544    
545     return $tstr . chr($d) . "</SPAN>" ;
546     } // end function MockIcon
547    
548     //////////////////////////////////////////////////////////////////
549    
550     function GifIcon($txt) {
551     global $gblIconLocation ;
552    
553     switch (strtolower($txt)) {
554     case ".bmp" :
555     case ".gif" :
556     case ".jpg" :
557     case ".jpeg":
558     case ".tif" :
559     case ".tiff":
560     $d = "image2.gif" ;
561     break ;
562     case ".doc" :
563     $d = "layout.gif" ;
564     break ;
565     case ".exe" :
566     case ".bat" :
567     $d = "screw2.gif" ;
568     break ;
569     case ".bas" :
570     case ".c" :
571     case ".cc" :
572     case ".src" :
573     $d = "c.gif" ;
574     break ;
575     case "file" :
576     $d = "generic.gif" ;
577     break ;
578     case "fldr" :
579     $d = "dir.gif" ;
580     break ;
581     case ".phps" :
582     $d = "phps.gif" ;
583     break ;
584     case ".php3" :
585     $d = "php3.gif" ;
586     break ;
587     case ".htm" :
588     case ".html":
589     case ".asa" :
590     case ".asp" :
591     case ".cfm" :
592     case ".php3":
593     case ".php" :
594     case ".phtml" :
595     case ".shtml" :
596     $d = "world1.gif" ;
597     break ;
598     case ".pdf" :
599     $d = "pdf.gif" ;
600     break;
601     case ".txt" :
602     case ".ini" :
603     $d = "text.gif" ;
604     break ;
605     case ".xls" :
606     $d = "box2.gif" ;
607     break ;
608     case ".zip" :
609     case ".arc" :
610     case ".sit" :
611     case ".tar" :
612     case ".gz" :
613     case ".tgz" :
614     case ".Z" :
615     $d = "compressed.gif" ;
616     break ;
617     case "view" :
618     $d = "index.gif" ;
619     break ;
620     case "up" :
621     $d = "back.gif" ;
622     break ;
623     case "blank" :
624     $d = "blank.gif" ;
625     break ;
626 dpavlin 1.4 case "checkout":
627 dpavlin 1.6 $d = "box2.gif";
628 dpavlin 1.4 break;
629     case "checkin":
630 dpavlin 1.6 $d = "hand.up.gif";
631     break;
632     case "locked":
633     $d = "screw2.gif";
634 dpavlin 1.4 break;
635     case "note":
636     $d = "quill.gif";
637     break;
638 dpavlin 1.1 default :
639     $d = "generic.gif" ;
640     }
641    
642     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
643     } // end function GifIcon
644    
645     //////////////////////////////////////////////////////////////////
646    
647     function Navigate($fsRoot,$relDir) {
648    
649 dpavlin 1.15 global $gblEditable, $gblIcon, $gblModDays ;
650 dpavlin 1.1
651     $self = $GLOBALS["PHP_SELF"] ;
652 dpavlin 1.2 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
653     $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
654     } else {
655     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
656     }
657 dpavlin 1.1 $fsDir = $fsRoot . $relDir . "/" ; // current directory
658    
659     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
660    
661     // read directory contents
662     if ( !($dir = @opendir($fsDir)) )
663     Error("Read Access denied",$relDir) ;
664     while ($item = readdir($dir)) {
665 dpavlin 1.2 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
666 dpavlin 1.1 if ( is_dir($fsDir . $item) ) {
667     $dirList[] = $item ;
668 dpavlin 1.2 } else if ( is_file($fsDir . $item) ) {
669 dpavlin 1.1 $fileList[] = $item ;
670 dpavlin 1.2 } else if ( is_link($fsDir . $item) ) {
671     $dirList[] = $item ;
672     } else {
673 dpavlin 1.1 // unknown file type
674     // $text = "Could not determine file type of " ;
675     // Error("File Error", $text.$relDir."/".$item) ;
676     // exit ;
677     }
678     }
679     closedir($dir) ;
680 dpavlin 1.2
681     // scan deleted files
682     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
683     while ($item = readdir($dir)) {
684     if ( substr($item,0,1) == "." ) continue ;
685     $fileList[] = ".del/$item" ;
686     }
687     closedir($dir) ;
688     }
689    
690 dpavlin 1.1 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
691    
692     // start navigation page
693 dpavlin 1.2 $text = "Use this page to add, delete";
694     if (! isset($show_deleted)) {
695 dpavlin 1.6 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
696 dpavlin 1.2 }
697     $text .= " or revise files on this web site." ;
698 dpavlin 1.18 $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
699 dpavlin 1.1 StartHTML("(Navigate)",$text) ;
700    
701     echo "<TABLE BORDER=0 CELLPADDING=2
702     CELLSPACING=3 WIDTH=\"100%\">" ;
703    
704     // updir bar
705     if ($fsDir != $fsRoot) {
706     $parent = dirname($relDir) ;
707     if ($parent == "") $parent = "/" ;
708     ?>
709    
710 dpavlin 1.4 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
711     <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
712     <B><?= $parent ?></B></A></TD></TR>
713 dpavlin 1.1
714     <?php
715     }
716    
717     // output subdirs
718     if (sizeof($dirList) > 0) {
719     sort($dirList) ;
720     ?>
721    
722 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
723 dpavlin 1.1
724     <?php
725     while (list($key,$dir) = each($dirList)) {
726    
727     $tstr = "<A HREF=\"" . $self . "?D=" ;
728     $tstr .= urlencode($relDir."/".$dir) ;
729     $tstr .= "\">" . $dir . "/</A>" ;
730     ?>
731    
732 dpavlin 1.4 <TR><TD><?= $gblIcon("fldr") ?></TD>
733     <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
734 dpavlin 1.1
735     <?php
736     } // iterate over dirs
737     } // end if no dirs
738     ?>
739    
740 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
741 dpavlin 1.1 </B></TD></TR>
742     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
743 dpavlin 1.6 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
744 dpavlin 1.4 <TD CLASS=TOP>NOTE</TD>
745 dpavlin 1.1 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
746    
747     <?php
748     if (sizeof($fileList) > 0) {
749     sort($fileList) ;
750     while (list($key,$file) = each($fileList)) {
751 dpavlin 1.4 $path = $fsDir."/".$file ;
752     $mod = filemtime($path) ;
753     $sz = filesize($path) ;
754    
755     if ($sz >= 10240) {
756     $sz = (int)(($sz+1023)/1024) . " k" ;
757     } else {
758     $sz .= " " ;
759     } // end size
760 dpavlin 1.1
761 dpavlin 1.4 $a = $b = "" ;
762    
763     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
764    
765 dpavlin 1.14 if ( ($mod + $gblModDays*86400) > time() ) {
766 dpavlin 1.4 $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
767 dpavlin 1.14 $a .= " than $gblModDays days\"> * </SPAN>" ;
768 dpavlin 1.4 }
769    
770 dpavlin 1.6 $file_lock=CheckLock($path);
771    
772     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
773     $file_url_html.="&D=".urlencode($relDir);
774     $file_url_html.="\" TITLE=\"View file\">" ;
775 dpavlin 1.2
776     if (substr($file,0,5) != ".del/") {
777 dpavlin 1.6 $file_url_html .= $file . "</A>" . $a ;
778 dpavlin 1.2 } else {
779 dpavlin 1.6 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
780 dpavlin 1.4 }
781    
782 dpavlin 1.6 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
783 dpavlin 1.4
784     $ext = strtolower(strrchr($file,".")) ;
785 dpavlin 1.6
786     if ($file_lock) {
787     if ($file_lock == $GLOBALS[gblUserName]) {
788     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
789     $b.="&D=".urlencode($relDir);
790     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
791     $file_url_html=$b;
792     $b.=$gblIcon("checkin")."</A>" ;
793     $b.= $gblIcon("blank");
794     $file_url_html.="$file</a> $a";
795     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
796     } else {
797     $b = $gblIcon("locked");
798     $b.= $gblIcon("blank");
799     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
800     $file_url_html = "$file $a";
801     }
802 dpavlin 1.4 } else {
803 dpavlin 1.6 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
804     $b.="&D=".urlencode($relDir);
805     $b.="\" TITLE=\"Checkout file for edit\">" ;
806     $b.=$gblIcon("checkout")."</A>" ;
807    
808     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
809     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
810     $b.="&D=".urlencode($relDir);
811     $b.="\" TITLE=\"List contents\">" ;
812     $b.=$gblIcon("view")."</A>" ;
813     } else {
814     $b.= $gblIcon("blank");
815     }
816 dpavlin 1.2 }
817 dpavlin 1.1
818    
819     ?>
820    
821     <TR><TD>
822 dpavlin 1.4 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
823     <?= $gblIcon($ext) ?></A></TD>
824 dpavlin 1.6 <TD CLASS=LST><?= $file_url_html ?></TD>
825 dpavlin 1.4 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
826 dpavlin 1.6 <TD CLASS=LST ALIGN=left><?= $note_html ?></TD>
827 dpavlin 1.4 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
828     <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
829 dpavlin 1.1
830     <?php
831     } // iterate over files
832     } // end if no files
833    
834     if ($emptyDir) {
835     ?>
836    
837 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
838     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
839     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
840 dpavlin 1.1 OK TO DELETE THIS EMPTY FOLDER?
841     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
842     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
843     </TD></TR>
844     </FORM>
845    
846     <?php
847     } // end if emptyDir
848     ?>
849    
850 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
851 dpavlin 1.1
852 dpavlin 1.6 <TR><TD></TD><TD COLSPAN=5>
853 dpavlin 1.13 <?
854     if (file_exists(".info.inc")) {
855     include(".info.inc");
856     }
857     ?>
858 dpavlin 1.6 </TD></TR>
859    
860     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
861    
862 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
863     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
864 dpavlin 1.1 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
865     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
866     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
867     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
868 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
869 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
870 dpavlin 1.9 <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
871 dpavlin 1.1 </NOBR>
872     </TD></TR>
873     </FORM>
874     </TABLE>
875    
876     <?php
877     EndHTML() ;
878     } // end function Navigate
879    
880     //////////////////////////////////////////////////////////////////
881    
882 dpavlin 1.6 function UploadPage($fsRoot, $relDir, $filename) {
883 dpavlin 1.1
884     $self = $GLOBALS["PHP_SELF"] ;
885     if ($relDir == "") $relDir = "/" ;
886     ?>
887    
888     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
889     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
890 dpavlin 1.4 ACTION="<?= $self ?>">
891     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
892 dpavlin 1.6 <? if (isset($filename)) { ?>
893     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
894     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
895     <? } ?>
896 dpavlin 1.1 <P>PATHNAME OF LOCAL FILE<BR>
897 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
898 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
899     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
900     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
901     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
902     you must upgrade to an RFC1867-compliant browser.</P>
903 dpavlin 1.4 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
904 dpavlin 1.1 </FORM>
905     </TD></TR>
906     <TR><TD></TD><TD>
907 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
908     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
909 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
910     </FORM>
911     </TD></TR></TABLE></P>
912    
913     <?php
914     } // end function UploadPage
915    
916     //////////////////////////////////////////////////////////////////
917    
918     function Error($title,$text="") {
919     StartHTML("(".$title.")",$text) ;
920     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
921     EndHTML() ;
922     exit ;
923     } // end function Error
924    
925     //////////////////////////////////////////////////////////////////
926    
927     function CreateHash($user, $pw) {
928    
929     global $gblHash ; // hash function to use
930    
931     if ($user == "" || $pw == "") {
932     $text = "either no password or no username supplied" ;
933     Error("Create Hash",$text) ;
934     }
935     $title = "(Create Hash)" ;
936     StartHTML($title) ;
937     echo "<P ALIGN=center>" ;
938     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
939     echo "into the<BR>value for \$gblPw in the source of " ;
940     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
941     echo "</B><BR><BR>Hash function: " . $gblHash ;
942     echo "</BLOCKQUOTE></P>" ;
943     EndHTML() ;
944     exit ;
945    
946     } // end function CreateHash
947    
948     //////////////////////////////////////////////////////////////////
949    
950     function NoEntry() {
951    
952     $user = $GLOBALS["PHP_AUTH_USER"] ;
953     $pw = $GLOBALS["PHP_AUTH_PW"] ;
954     $self = $GLOBALS["PHP_SELF"] ;
955    
956     $title = "(401 Unauthorized)" ;
957     $text = "No trespassing !" ;
958     StartHTML($title,$text) ;
959     ?>
960    
961 dpavlin 1.4 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
962     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
963     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
964 dpavlin 1.1
965     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
966     Click below to <B>generate a password hash</B><BR>from
967     the username-password pair you just<BR>entered. Then include the hash in
968     the source<BR>of this file.<BR><BR>
969     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
970     </BLOCKQUOTE></FORM>
971    
972     <?php
973     EndHTML() ;
974     exit ;
975     }
976    
977     //////////////////////////////////////////////////////////////////
978    
979 dpavlin 1.2 function Logit($target,$msg) {
980    
981     $dir=dirname($target);
982     if (! file_exists($dir."/.log")) {
983     mkdir($dir."/.log",0700);
984     }
985     $file=basename($target);
986    
987     $log=fopen("$dir/.log/$file","a+");
988     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
989     "\t$GLOBALS[gblUserName]\t$msg\n");
990     fclose($log);
991    
992     }
993    
994    
995 dpavlin 1.4 //////////////////////////////////////////////////////////////////
996    
997     function WriteNote($target,$msg) {
998    
999     $dir=dirname($target);
1000     if (! file_exists($dir."/.note")) {
1001     mkdir($dir."/.note",0700);
1002     }
1003     $file=basename($target);
1004    
1005     $note=fopen("$dir/.note/$file","w");
1006     fputs($note,"$msg\n");
1007     fclose($note);
1008    
1009     Logit($target,"added note $msg");
1010    
1011     }
1012    
1013     function ReadNote($target) {
1014    
1015     $dir=dirname($target);
1016     $file=basename($target);
1017     $msg="";
1018     if (file_exists($dir."/.note/$file")) {
1019     $note=fopen("$dir/.note/$file","r");
1020     $msg=fgets($note,4096);
1021     fclose($note);
1022     }
1023 dpavlin 1.6 return StripSlashes($msg);
1024 dpavlin 1.4
1025     }
1026    
1027     //////////////////////////////////////////////////////////////////
1028    
1029     function MoveTo($source,$folder) {
1030    
1031     $file=basename($source);
1032     if (! file_exists($folder)) {
1033     mkdir($folder,0700);
1034     }
1035     if (file_exists($source)) {
1036     rename($source,"$folder/$file");
1037     }
1038     }
1039 dpavlin 1.2
1040     //////////////////////////////////////////////////////////////////
1041    
1042 dpavlin 1.6 function Lock($target) {
1043    
1044     $dir=dirname($target);
1045     if (! file_exists($dir."/.lock")) {
1046     mkdir($dir."/.lock",0700);
1047     }
1048     $file=basename($target);
1049    
1050     if (file_exists("$dir/.lock/$file")) {
1051     Logit($target,"attempt to locked allready locked file!");
1052     } else {
1053     $lock=fopen("$dir/.lock/$file","w");
1054     fputs($lock,"$GLOBALS[gblUserName]\n");
1055     fclose($lock);
1056    
1057     Logit($target,"file locked");
1058     }
1059    
1060     }
1061    
1062     function CheckLock($target) {
1063    
1064     $dir=dirname($target);
1065     $file=basename($target);
1066     $msg=0;
1067     if (file_exists($dir."/.lock/$file")) {
1068     $lock=fopen("$dir/.lock/$file","r");
1069     $msg=fgets($lock,4096);
1070     fclose($lock);
1071     }
1072     return chop($msg);
1073    
1074     }
1075    
1076     function Unlock($target) {
1077    
1078     $dir=dirname($target);
1079     $file=basename($target);
1080     if (file_exists($dir."/.lock/$file")) {
1081     unlink("$dir/.lock/$file");
1082     Logit($target,"file unlocked");
1083     } else {
1084     Logit($target,"attempt to unlocked non-locked file!");
1085     }
1086    
1087     }
1088    
1089     //////////////////////////////////////////////////////////////////
1090    
1091 dpavlin 1.9 function urlpath($url) {
1092 dpavlin 1.8 $url=urlencode(StripSlashes("$url"));
1093 dpavlin 1.7 $url=str_replace("%2F","/",$url);
1094     $url=str_replace("+","%20",$url);
1095 dpavlin 1.9 return($url);
1096 dpavlin 1.7 }
1097    
1098     //////////////////////////////////////////////////////////////////
1099    
1100 dpavlin 1.8 function safe_rename($from,$to) {
1101     if (file_exists($from) && is_writable(dirname($to))) {
1102     rename($from,$to);
1103     }
1104     }
1105    
1106     //////////////////////////////////////////////////////////////////
1107    
1108 dpavlin 1.16 // recursivly delete directory
1109    
1110     function rrmdir($dir) {
1111     $handle=opendir($dir);
1112     while ($file = readdir($handle)) {
1113     if ($file != "." && $file != "..") {
1114     if (is_dir("$dir/$file"))
1115     rrmdir("$dir/$file");
1116     else
1117     if (! @unlink("$dir/$file")) return(0);
1118     }
1119     }
1120     closedir($handle);
1121     return @rmdir($dir);
1122     }
1123    
1124     //////////////////////////////////////////////////////////////////
1125    
1126 dpavlin 1.18 function ChangeLog($target,$msg) {
1127    
1128     global $gblFsRoot;
1129     $log=fopen("$gblFsRoot/.changelog","a+");
1130     if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
1131     $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
1132     fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
1133     fclose($log);
1134    
1135     }
1136    
1137     function DisplayChangeLog($day) {
1138    
1139     global $gblFsRoot;
1140 dpavlin 1.20 if (!file_exists("$gblFsRoot/.changelog")) return;
1141 dpavlin 1.18 $log=fopen("$gblFsRoot/.changelog","r");
1142     $logarr = array();
1143     while($line = fgetcsv($log,255,"\t")) {
1144 dpavlin 1.20 if ($day!=1 || $day==1 && ($line[0]-time() < 24*60)) {
1145 dpavlin 1.18 array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1146     }
1147     }
1148     fclose($log);
1149     $cl1=" class=lst"; $cl2="";
1150     print "<table border=0 width=100%>\n";
1151     while ($e = array_shift($logarr)) {
1152     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1153     $date = date("$GLOBALS[gblDateFmt]", $e[0]);
1154     $time = date("$GLOBALS[gblTimeFmt]", $e[0]);
1155     $dir = dirname($e[1]);
1156     $file = basename($e[1]);
1157     print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$GLOBALS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1158     }
1159     print "</table>";
1160     }
1161    
1162     //////////////////////////////////////////////////////////////////
1163    
1164 dpavlin 1.1 // MAIN PROGRAM
1165     // ============
1166     // query parameters: capital letters
1167     // local functions : begin with capital letters
1168     // global constants: begin with gbl
1169    
1170 dpavlin 1.2 $gblFilePerms = 0640 ; // default for new files
1171     $gblDirPerms = 0750 ; // default for new dirs
1172 dpavlin 1.1
1173     // phpinfo() ;
1174     // exit ;
1175    
1176     // forks before authentication: style sheet and hash
1177     // creation if password not yet set.
1178     if ($STYLE == "get") { CSS() ; exit ; }
1179     if ($HASH != "") {
1180     CreateHash($USER, $PW) ;
1181     exit ;
1182     }
1183    
1184     // authentication if $gblAuth == true
1185 dpavlin 1.2 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
1186     isset($relogin) && $gblPw == $relogin ) {
1187 dpavlin 1.1 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
1188     header("HTTP/1.0 401 Unauthorized") ;
1189     NoEntry() ;
1190     exit ;
1191     }
1192    
1193     // get current directory relative to $gblFsRoot
1194     $relDir = $DIR ; // from POST
1195     if ($relDir == "") { // not defined in POST ?
1196     $relDir = urldecode($D) ; // then use GET
1197     }
1198    
1199     if ($relDir == "/") $relDir = "" ;
1200     // default : website root = ""
1201    
1202     if (strstr($relDir,"..")) Error("No updirs allowed");
1203    
1204     // full paths contain "fs" or "Fs". Paths realitve to root of
1205     // website contain "rel" or "Rel". The script won't let you
1206     // edit anything above directory equal to http://server.com
1207     // i.e. below $gblFsRoot.
1208    
1209     $relScriptDir = dirname($SCRIPT_NAME) ;
1210     // i.e. /siteman
1211    
1212     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1213     // i.e. /home/httpd/html/siteman
1214    
1215     $gblFsRoot = substr($fsScriptDir,0,
1216     strlen($fsScriptDir)-strlen($relScriptDir)) ;
1217     // i.e. /home/httpd/html
1218    
1219     $fsDir = $gblFsRoot . $relDir ; // current directory
1220     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1221    
1222     switch ($POSTACTION) {
1223     case "UPLOAD" :
1224 dpavlin 1.2 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1225 dpavlin 1.1 if (strstr($FN_name,"/"))
1226     Error("Non-conforming filename") ;
1227     // TODO : should rather check for escapeshellcmds
1228     // but maybe RFC 18xx asserts safe filenames ....
1229     $source = $FN ;
1230 dpavlin 1.6 if (! isset($FILENAME)) { // from update file
1231     $target = "$fsDir/$FN_name" ;
1232     } else {
1233     $target = "$fsDir/$FILENAME";
1234     }
1235 dpavlin 1.2
1236     // backup old files first
1237     $dir=dirname($target);
1238     if (! file_exists($dir."/.bak")) {
1239     mkdir($dir."/.bak",0700);
1240     }
1241     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1242     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1243     }
1244     $file=basename($target);
1245     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1246 dpavlin 1.4 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1247 dpavlin 1.2 }
1248 dpavlin 1.6 MoveTo($target,$dir."/.bak/1/");
1249 dpavlin 1.2
1250     copy($source,$target) ;
1251     chmod($target,$gblFilePerms) ;
1252 dpavlin 1.1 clearstatcache() ;
1253 dpavlin 1.2 Logit($target,"uploaded");
1254 dpavlin 1.6 if (isset($FILENAME)) {
1255     Unlock($target);
1256     }
1257 dpavlin 1.18 ChangeLog($target,"updated");
1258 dpavlin 1.1 break ;
1259    
1260     case "SAVE" :
1261 dpavlin 1.17 $path = $gblFsRoot . $RELPATH ;
1262 dpavlin 1.2 $writable = is_writeable($path) ;
1263     $legaldir = is_writeable(dirname($path)) ;
1264 dpavlin 1.1 $exists = (file_exists($path)) ? 1 : 0 ;
1265     // check for legal extension here as well
1266     if (!($writable || (!$exists && $legaldir)))
1267     Error("Write denied",$RELPATH) ;
1268     $fh = fopen($path, "w") ;
1269     fwrite($fh,$FILEDATA) ;
1270     fclose($fh) ;
1271     clearstatcache() ;
1272 dpavlin 1.2 Logit($path,"saved changes");
1273 dpavlin 1.18 ChangeLog($path,"saved changes");
1274 dpavlin 1.1 break ;
1275    
1276     case "CREATE" :
1277     // we know $fsDir exists
1278 dpavlin 1.2 if ($FN == "") break; // no filename!
1279     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1280 dpavlin 1.1 $path = $fsDir . "/" . $FN ; // file or dir to create
1281     $relPath = $relDir . "/" . $FN ;
1282     switch ( $T ) {
1283     case "D" : // create a directory
1284 dpavlin 1.6 if ( ! @mkdir($path,$gblDirPerms) )
1285     Error("Mkdir failed",$relPath) ; // eg. if it exists
1286     clearstatcache() ;
1287     break ;
1288 dpavlin 1.1 case "F" : // create a new file
1289     // this functionality is doubled in DetailView().
1290     // better keep it here altogether
1291     // chmod perms to $gblFilePerms
1292 dpavlin 1.6 if ( file_exists($path) && !is_writable($path) )
1293     Error("File not writable", $relPath) ;
1294     $fh = fopen($path, "w+") ;
1295     if ($fh) {
1296     fputs($fh,"\n");
1297     fclose($fh) ;
1298     LogIt($path,"file created");
1299     } else {
1300     Error("Creation of file $relPath failed -- $path");
1301     }
1302     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1303     header("Location: " . $tstr) ;
1304 dpavlin 1.18 ChangeLog($target,"created");
1305 dpavlin 1.6 exit ;
1306 dpavlin 1.1 }
1307     break ;
1308    
1309     case "DELETE" :
1310     if ( $CONFIRM != "on" ) break ;
1311    
1312     $tstr = "Attempt to delete non-existing object or " ;
1313     $tstr .= "insufficient privileges: " ;
1314    
1315     if ( $FN != "") { // delete file
1316 dpavlin 1.2 $path = $fsDir . "/" . $FN ;
1317    
1318     $dir=dirname($path);
1319     $file=basename($path);
1320     if (! file_exists("$dir/.del")) {
1321     mkdir("$dir/.del",0700);
1322     }
1323    
1324     // if ( ! @unlink($path) ) {
1325     if ( ! rename($path,"$dir/.del/$file") ) {
1326     Error("File delete failed", $tstr . $path) ;
1327     Logit($path,"file delete failed");
1328     exit ;
1329     } else {
1330     Logit($path,"file deleted");
1331 dpavlin 1.4 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1332     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1333 dpavlin 1.6 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1334 dpavlin 1.2 }
1335 dpavlin 1.1 }
1336     else { // delete directory
1337 dpavlin 1.16 if ( ! @rrmdir($fsDir) ) {
1338 dpavlin 1.1 Error("Rmdir failed", $tstr . $fsDir) ;
1339     }
1340     else {
1341     $relDir = dirname($relDir) ; // move up
1342     }
1343     }
1344     break ;
1345    
1346 dpavlin 1.2 case "UNDELETE" :
1347     if ( $CONFIRM != "on" ) break ;
1348    
1349     if (substr($FN,0,4) != ".del") break ;
1350     $file=substr($FN,4,strlen($FN)-4);
1351    
1352     Logit("$fsDir/.del/$file","undeleted");
1353 dpavlin 1.4 MoveTo("$fsDir/.del/$file","$fsDir/");
1354     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1355     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1356 dpavlin 1.6 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1357 dpavlin 1.2
1358     break ;
1359    
1360     case "RENAME" :
1361     if ( $CONFIRM != "on" ) break ;
1362    
1363     Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1364 dpavlin 1.8 safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
1365     safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1366     safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
1367     safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
1368 dpavlin 1.11 for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
1369     safe_rename("$fsDir/.bak/$i/$FN","$fsDir/.bak/$i/$NEWNAME");
1370     }
1371 dpavlin 1.2
1372 dpavlin 1.4 break ;
1373    
1374     case "NOTE" :
1375     WriteNote("$fsDir/$FN","$NOTE");
1376 dpavlin 1.2 break ;
1377    
1378 dpavlin 1.6 case "UNLOCK" :
1379     if ( $CONFIRM != "on" ) break ;
1380     Unlock("$fsDir/$FN");
1381     break ;
1382    
1383 dpavlin 1.1 default :
1384     // user hit "CANCEL" or undefined action
1385     }
1386    
1387     // common to all POSTs : redirect to directory view ($relDir)
1388     if ( $POSTACTION != "" ) {
1389     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1390     header("Location: " . $tstr) ;
1391     exit ;
1392     }
1393    
1394     // check for mode.. navigate, code display, upload, or detail?
1395     // $A=U : upload to path given in $D
1396     // $A=E : display detail of file $D/$F and edit
1397     // $A=C : display code in file $D/$F
1398 dpavlin 1.6 // $A=Co : checkout file $D/$F
1399     // $A=Ci : checkin file $D/$F
1400     // $A=V : view file (do nothing except log)
1401 dpavlin 1.1 // default : display directory $D
1402    
1403     switch ($A) {
1404     case "U" :
1405     // upload to $relDir
1406 dpavlin 1.2 if (!is_writeable($gblFsRoot . $relDir))
1407 dpavlin 1.1 Error("Write access denied",$relDir) ;
1408     $text = "Use this page to upload a single " ;
1409     $text .= "file to <B>$SERVER_NAME</B>." ;
1410     StartHTML("(Upload Page)", $text) ;
1411     UploadPage($gblFsRoot, $relDir) ;
1412     EndHTML() ;
1413     exit ;
1414     case "E" :
1415     // detail of $relDir/$F
1416 dpavlin 1.2 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1417 dpavlin 1.1 exit ;
1418     case "C" :
1419     // listing of $relDir/$F
1420     DisplayCode($gblFsRoot, $relDir, $F) ;
1421     exit ;
1422 dpavlin 1.6 case "Co" :
1423     // checkout
1424     Lock("$gblFsRoot/$relDir/$F");
1425 dpavlin 1.12 header("Content-Disposition: attachment; filename=$F" );
1426 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1427 dpavlin 1.6 exit;
1428     case "Ci" :
1429     // upload && update to $relDir
1430     if (!is_writeable($gblFsRoot . $relDir))
1431     Error("Write access denied",$relDir) ;
1432     $text = "Use this page to update a single " ;
1433     $text .= "file to <B>$SERVER_NAME</B>." ;
1434     StartHTML("(Update file Page)", $text) ;
1435     UploadPage($gblFsRoot, $relDir, $F) ;
1436     EndHTML() ;
1437     exit ;
1438     case "V" :
1439     // view
1440 dpavlin 1.9 LogIt("$gblFsRoot/$relDir/$F","viewed");
1441 dpavlin 1.12 header("Content-Disposition: attachment; filename=$F" );
1442 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1443 dpavlin 1.18 exit;
1444     case "Ch" :
1445     StartHTML("(File changes)","All changes chronologicaly...");
1446     DisplayChangeLog(0); // all
1447     EndHTML() ;
1448     exit;
1449     case "Ch1" :
1450     StartHTML("(File changes)","Changes to files in last day...");
1451     DisplayChangeLog(1);
1452     EndHTML() ;
1453 dpavlin 1.6 exit;
1454 dpavlin 1.1 }
1455    
1456     // default: display directory $relDir
1457     Navigate($gblFsRoot,$relDir) ;
1458     exit ;
1459    
1460     Error("Whooah!","By cartesian logic, this never happens") ;
1461     ?>

  ViewVC Help
Powered by ViewVC 1.1.26