/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.21 - (hide annotations)
Wed Sep 13 08:27:43 2000 UTC (22 years, 5 months ago) by dpavlin
Branch: MAIN
Changes since 1.20: +13 -3 lines
changelog works now, better working with slashes

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37 dpavlin 1.2 /*
38     2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39    
40     nuked exec calls (unsecure)
41     nuked writeable function (replaced by php is_writeable)
42     added support for https (tested with apache+mod_ssl)
43     added users file
44     date format user-selectable
45     cycle backup files in bak directory
46     support links as directoryes (for now)
47     support of file history logging
48     undelete capabilities (delete moves to .del directory)
49    
50     2000-07-26 DbP
51    
52     added more checking on entered filename (when creating file/dir)
53     added rename option
54    
55    
56     IMPORTANT INSTALLATION NOTE:
57     deny serving of .* (dot-something) files in web server!
58     Otherwise, uses can access your log files, users and/or
59     deleted files!
60    
61     .htusers is in form:
62     login:Real Name:md5(loginpassword)
63    
64    
65     TODO:
66     mixed file/directory output (add type to each entry,
67     real support for links)
68 dpavlin 1.9 retrieve old versions of files (overwritten)
69 dpavlin 1.13 show last lock date
70    
71 dpavlin 1.2 */
72    
73 dpavlin 1.1 //////////////////////////////////////////////////////////////////
74    
75     // TODO : Don't let the file be modified itself. Create a hash of
76     // it (kinda hard since it's self-referential ;-). Make better use
77     // of session management. Escapeshellcmd for all user input.
78    
79     //////////////////////////////////////////////////////////////////
80    
81     // GLOBAL PARAMETERS
82     // =================
83     // Make modifications here to suit siteman to your needs
84    
85     // error_reporting(4) ; // how verbose ?
86    
87     // username/password should not be system
88     // usernames/passwords !!
89    
90 dpavlin 1.2 // $gblPw = "hash_of_your_username_and_password" ;
91    
92     // $gblAuth = false ; // use builtin authentication
93     $gblAuth = true ; // use builtin authentication
94 dpavlin 1.1 $gblHash = "md5" ; // hash function to use
95    
96 dpavlin 1.2 $gblPw = "";
97    
98     if ($gblAuth) {
99 dpavlin 1.3 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
100     if (! file_exists($htusers_file)) {
101     $htusers=fopen($htusers_file,"a+");
102     fputs($htusers,"# Change owner of $htusers_file to root !!\n");
103     fputs($htusers,"demo:full name:md5_hash\n");
104     fclose($htusers);
105     }
106     $htusers=fopen($htusers_file,"r");
107 dpavlin 1.2 while($user = fgetcsv($htusers,255,":")) {
108     if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
109     $gblUserName=$user[1];
110     $gblPw=$user[2];
111 dpavlin 1.14 $gblEmail=$user[3];
112 dpavlin 1.2 continue ;
113     }
114     }
115     fclose($htusers);
116     }
117    
118     // $gblDateFmt="D, F d, Y";
119     // $gblTimeFmt="g:i:sA";
120    
121     $gblDateFmt="Y-m-d";
122     $gblTimeFmt="H:i:s";
123    
124 dpavlin 1.14 // Number of backup files to keep
125     $gblNumBackups=3;
126    
127     // show red star if newer than ... days
128     $gblModDays=1;
129 dpavlin 1.2
130 dpavlin 1.1 // choose GifIcon below unless you have the M$
131     // WingDings font installed on your system
132    
133     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
134    
135     // the directory below should be /icons/ or /icons/small/
136     // on Apache; a set of icons is included in the distribution
137    
138 dpavlin 1.3 $gblIconLocation = "/icons/" ;
139 dpavlin 1.1
140     // files you want to be able to edit in text mode
141     // and view with (primitive) syntax highlighting
142    
143     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
144     ".cfm",".php3",".php",".phtml",
145     ".shtml",".css" ) ;
146    
147     // files that will display as images on the detail page
148     // (useless if your browser doesn't support them)
149    
150     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
151     ".bmp",".xbm") ;
152    
153     //////////////////////////////////////////////////////////////////
154    
155     function StartHTML($title,$text="") {
156    
157     $title = "Site Manager " . $title ;
158     $host = $GLOBALS["HTTP_HOST"] ;
159     $self = $GLOBALS["PHP_SELF"] ;
160     ?>
161    
162     <HTML>
163     <HEAD>
164 dpavlin 1.4 <TITLE><?= $host . " " . $title ?></TITLE>
165 dpavlin 1.1 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
166     <META NAME="keywords" CONTENT="site manager, web site maintenance">
167     <META NAME="robots" CONTENT="noindex">
168     <META HTTP-EQUIV="expires" CONTENT="0">
169     <LINK REL="stylesheet" TYPE="text/css"
170 dpavlin 1.4 HREF="<?= $self ?>?STYLE=get">
171 dpavlin 1.1 </HEAD>
172     <BODY BGCOLOR="#FFFFFF">
173 dpavlin 1.4 <H3 ALIGN="RIGHT"><?= $host ?></H3>
174 dpavlin 1.1 <TABLE BORDER=0 WIDTH="100%"><TR>
175 dpavlin 1.4 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
176     <P><?= $text ?></P>
177 dpavlin 1.1
178     <?php
179     } // end function StartHTML
180    
181     //////////////////////////////////////////////////////////////////
182    
183     function EndHTML() {
184     ?>
185    
186     <HR>
187     <P CLASS=FTR>
188 dpavlin 1.2 <B><?= date($GLOBALS[gblDateFmt]) ?> -
189     <?= date($GLOBALS[gblTimeFmt]) ?> -
190     <?= $GLOBALS[gblUserName] ?>
191 dpavlin 1.6 <small> [<a href="<?= $GLOBALS["PHP_SELF"] ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
192 dpavlin 1.2 </B>
193     <BR>ANYPORTAL(php) Site Manager
194     <br><small>
195     &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
196     &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
197     &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
198     </small>
199 dpavlin 1.1 </P>
200 dpavlin 1.2 <BR>
201 dpavlin 1.9 <? //include(".debug.inc") ?>
202 dpavlin 1.2 <BR><BR></BODY></HTML>
203 dpavlin 1.1
204     <?php
205     } // end function EndHTML
206    
207     //////////////////////////////////////////////////////////////////
208    
209     function CSS() {
210     ?>
211    
212 dpavlin 1.2 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
213 dpavlin 1.1 .BLK { color:black; }
214     .RED { color:red; }
215     .TOP { color:red; font-size:70%; } /* table headings */
216     .INV { color:white; background-color:navy;
217     font-weight:bold; font-size:120%; } /* title */
218     .FTR { } /* footer */
219     .LST { background-color:#E0E0E0; } /* table cells */
220     .BAR { background-color:#E0E0E0; } /* action bar */
221     PRE { color:blue; font-family:Lucida Console,Courier New,
222     Courier,sans-serif; } /* source code */
223     EM { color:green; font-style:normal; } /* line numbers */
224     .REM { color:silver; }
225     .XML { color:navy; background-color:yellow; }
226     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
227     A:HOVER { color:red; }
228    
229     <?php
230     } // end function CSS
231    
232     //////////////////////////////////////////////////////////////////
233    
234     function DetailPage($fsRoot,$relDir,$fn) {
235    
236     global $gblEditable, $gblImages ;
237     $self = $GLOBALS["PHP_SELF"] ;
238    
239     $relPath = $relDir . "/" . $fn ;
240     $fsPath = $fsRoot . $relPath ;
241     $fsDir = $fsRoot . $relDir ;
242    
243     $exists = file_exists($fsPath) ;
244     $ext = strtolower(strrchr($relPath,".")) ;
245     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
246 dpavlin 1.2 $writable = is_writeable($fsPath) ;
247 dpavlin 1.6 $file_lock = CheckLock($fsPath);
248 dpavlin 1.1
249     if (!$editable && !$exists)
250     Error("Creation unsupported for type",$relPath) ;
251 dpavlin 1.2 if (!exists && !is_writeable($fsDir) )
252 dpavlin 1.1 Error("Creation denied",$relDir) ;
253    
254     $text = "Use this page to view, modify or " ;
255     $text .= "delete a single document on this " ;
256     $text .= "web site." ;
257     $title = "(Detail Page)" ;
258     StartHTML($title, $text) ;
259    
260     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
261     if ($exists) { // get file info
262 dpavlin 1.4 $fsize = filesize($fsPath) ;
263     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
264     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
265     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
266     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
267     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
268     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
269     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
270     echo " permissions: <B>" ;
271     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
272     echo "</PRE>" ;
273 dpavlin 1.2
274 dpavlin 1.1 }
275    
276 dpavlin 1.6 if ( $editable && ($writable || !$exists) && !$file_lock ) {
277 dpavlin 1.1 $fh = fopen($fsPath,"a+") ;
278     rewind($fh) ;
279     $fstr = fread($fh,filesize($fsPath)) ;
280     fclose($fh) ;
281     $fstr = htmlentities( $fstr ) ;
282     ?>
283    
284 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
285 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
286     <B>DOCUMENT CONTENTS</B>
287     </SPAN><BR>
288     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
289     echo($fstr) ; ?></TEXTAREA>
290 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
291     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
292 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
293 dpavlin 1.2 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
294 dpavlin 1.4 VALUE="<?= $relPath ; ?>">
295 dpavlin 1.2 <br>
296     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
297 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="SAVE">
298     </FORM>
299    
300     <?php
301 dpavlin 1.9 }
302 dpavlin 1.14 if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
303 dpavlin 1.6 $info = getimagesize($fsPath) ;
304 dpavlin 1.9 $tstr = "<IMG SRC=\"".urlpath($relPath)."\" BORDER=0 " ;
305 dpavlin 1.6 $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
306     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
307 dpavlin 1.9 // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
308     echo $tstr ;
309 dpavlin 1.1 }
310 dpavlin 1.6
311 dpavlin 1.1 ?>
312    
313 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
314     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
315     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
316 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
317    
318     <?php
319 dpavlin 1.6
320     if ($file_lock) {
321     ?>
322     <hr>
323     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
324     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
325     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
326     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
327     <?
328     } // file_lock
329    
330 dpavlin 1.2 if (substr($fn,0,4) == ".del") {
331     $action="UNDELETE";
332     $desc="undelete previously deleted file";
333     } else {
334     $action="DELETE";
335     $desc="delete";
336     }
337    
338 dpavlin 1.1 if ($exists && $writable) {
339     ?>
340    
341 dpavlin 1.4 <HR>
342     <a name="undelete">
343     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
344     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
345 dpavlin 1.2 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
346     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
347    
348 dpavlin 1.4 <HR>
349     <a name="rename">
350     <SPAN TITLE="Check OK and click [RENAME] to rename.">
351     <B>OK TO RENAME "<?= $fn ; ?>" TO
352 dpavlin 1.2 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
353     ? </B></SPAN>
354 dpavlin 1.1 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
355 dpavlin 1.2 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
356 dpavlin 1.1
357 dpavlin 1.5 <?php
358     } // exists && writable
359     ?>
360 dpavlin 1.4 <HR>
361     <a name="note">
362     <B>NOTE FOR "<?= $fn ; ?>":
363     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
364     </B></SPAN>
365     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
366    
367 dpavlin 1.5 </FORM>
368    
369 dpavlin 1.1 <?php
370 dpavlin 1.5
371 dpavlin 1.10 $name=basename("$fsDir/$fn");
372     $logname=dirname("$fsDir/$fn")."/.log/$name";
373     $bakdir=dirname("$fsDir/$fn")."/.bak";
374 dpavlin 1.2 if (file_exists($logname)) {
375     $log=fopen($logname,"r");
376     $cl1=" class=lst"; $cl2="";
377 dpavlin 1.10 $logarr = array();
378 dpavlin 1.2 while($line = fgetcsv($log,255,"\t")) {
379     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
380 dpavlin 1.10 array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
381 dpavlin 1.2 }
382     fclose($log);
383 dpavlin 1.10 print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
384     $bakcount = 0; // start from 0, skip fist backup (it's current)
385     while ($e = array_shift($logarr)) {
386     if (strstr($e[4],"upload")) {
387     if (file_exists("$bakdir/$bakcount/$name")) {
388     $e[4]="<a href=\"".dirname($relPath)."/.bak/$bakcount/$name\">$e[4]</a>";
389     }
390     $bakcount++;
391     }
392     print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
393     }
394 dpavlin 1.2 print "</table>";
395     }
396    
397 dpavlin 1.1 EndHTML() ;
398    
399     } // end function DetailPage
400    
401     //////////////////////////////////////////////////////////////////
402    
403     function DisplayCode($fsRoot,$relDir,$fn) {
404    
405     $path = $fsRoot . $relDir . "/" . $fn ;
406    
407     if (!file_exists($path)) Error("File not found",$path) ;
408    
409     StartHTML("(".$relDir."/".$fn.")","");
410    
411     $tstr = join("",file($path)) ;
412     $tstr = htmlentities($tstr) ;
413    
414     // Tabs
415     $tstr = str_replace(chr(9)," ",$tstr) ;
416    
417     // ASP tags & XML/PHP tags
418     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
419     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
420     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
421     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
422    
423     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
424     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
425     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
426     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
427    
428     // C style comment
429     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
430     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
431    
432     // HTML comments
433     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
434     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
435    
436     echo "<PRE>" ;
437    
438     $tstr = split("\n",$tstr) ;
439     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
440     // add line numbers
441     echo "<BR><EM>" ;
442     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
443     $line = $tstr[$i] ;
444     // C++ style comments
445     $pos = strpos($line,"//") ;
446     // exceptions: two slashes aren't a script comment
447     if (strstr($line,"//") &&
448     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
449     ! (substr($line,$pos,8) == "//--&gt;") &&
450     ! (substr($line,$pos,9) == "// --&gt;")) {
451     $beg = substr($line,0,strpos($line,"//")) ;
452     $end = strstr($line,"//") ;
453     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
454     }
455     // shell & asp style comments
456     $first = substr(ltrim($line),0,1) ;
457     if ($first == "#" || $first == "'") {
458     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
459     }
460     print($line) ;
461     } // next i
462    
463     echo "</PRE>" ;
464    
465     EndHTML() ;
466    
467     } // end function DisplayCode
468    
469     //////////////////////////////////////////////////////////////////
470    
471     function MockIcon($txt) {
472     $tstr = "<SPAN CLASS=MCK>" ;
473    
474     switch (strtolower($txt)) {
475     case ".bmp" :
476     case ".gif" :
477     case ".jpg" :
478     case ".jpeg":
479     case ".tif" :
480     case ".tiff":
481     $d = 176 ;
482     break ;
483     case ".doc" :
484     $d = 50 ;
485     break ;
486     case ".exe" :
487     case ".bat" :
488     $d = 255 ;
489     break ;
490     case ".bas" :
491     case ".c" :
492     case ".cc" :
493     case ".src" :
494     $d = 255 ;
495     break ;
496     case "file" :
497     $d = 51 ;
498     break ;
499     case "fldr" :
500     $d = 48 ;
501     break ;
502     case ".htm" :
503     case ".html":
504     case ".asa" :
505     case ".asp" :
506     case ".cfm" :
507     case ".php3":
508     case ".php" :
509     case ".phtml" :
510     case ".shtml" :
511     $d = 182 ;
512     break ;
513     case ".pdf" :
514     $d = 38 ;
515     break;
516     case ".txt" :
517     case ".ini" :
518     $d = 52 ;
519     break ;
520     case ".xls" :
521     $d = 252 ;
522     break ;
523     case ".zip" :
524     case ".arc" :
525     case ".sit" :
526     case ".tar" :
527     case ".gz" :
528     case ".tgz" :
529     case ".Z" :
530     $d = 59 ;
531     break ;
532     case "view" :
533     $d = 52 ;
534     break ;
535     case "up" :
536     $d = 199 ;
537     break ;
538     case "blank" :
539     return "&nbsp;&nbsp;</SPAN>" ;
540     break ;
541     default :
542     $d = 51 ;
543     }
544    
545     return $tstr . chr($d) . "</SPAN>" ;
546     } // end function MockIcon
547    
548     //////////////////////////////////////////////////////////////////
549    
550     function GifIcon($txt) {
551     global $gblIconLocation ;
552    
553     switch (strtolower($txt)) {
554     case ".bmp" :
555     case ".gif" :
556     case ".jpg" :
557     case ".jpeg":
558     case ".tif" :
559     case ".tiff":
560     $d = "image2.gif" ;
561     break ;
562     case ".doc" :
563     $d = "layout.gif" ;
564     break ;
565     case ".exe" :
566     case ".bat" :
567     $d = "screw2.gif" ;
568     break ;
569     case ".bas" :
570     case ".c" :
571     case ".cc" :
572     case ".src" :
573     $d = "c.gif" ;
574     break ;
575     case "file" :
576     $d = "generic.gif" ;
577     break ;
578     case "fldr" :
579     $d = "dir.gif" ;
580     break ;
581     case ".phps" :
582     $d = "phps.gif" ;
583     break ;
584     case ".php3" :
585     $d = "php3.gif" ;
586     break ;
587     case ".htm" :
588     case ".html":
589     case ".asa" :
590     case ".asp" :
591     case ".cfm" :
592     case ".php3":
593     case ".php" :
594     case ".phtml" :
595     case ".shtml" :
596     $d = "world1.gif" ;
597     break ;
598     case ".pdf" :
599     $d = "pdf.gif" ;
600     break;
601     case ".txt" :
602     case ".ini" :
603     $d = "text.gif" ;
604     break ;
605     case ".xls" :
606     $d = "box2.gif" ;
607     break ;
608     case ".zip" :
609     case ".arc" :
610     case ".sit" :
611     case ".tar" :
612     case ".gz" :
613     case ".tgz" :
614     case ".Z" :
615     $d = "compressed.gif" ;
616     break ;
617     case "view" :
618     $d = "index.gif" ;
619     break ;
620     case "up" :
621     $d = "back.gif" ;
622     break ;
623     case "blank" :
624     $d = "blank.gif" ;
625     break ;
626 dpavlin 1.4 case "checkout":
627 dpavlin 1.6 $d = "box2.gif";
628 dpavlin 1.4 break;
629     case "checkin":
630 dpavlin 1.6 $d = "hand.up.gif";
631     break;
632     case "locked":
633     $d = "screw2.gif";
634 dpavlin 1.4 break;
635     case "note":
636     $d = "quill.gif";
637     break;
638 dpavlin 1.1 default :
639     $d = "generic.gif" ;
640     }
641    
642     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
643     } // end function GifIcon
644    
645     //////////////////////////////////////////////////////////////////
646    
647     function Navigate($fsRoot,$relDir) {
648    
649 dpavlin 1.15 global $gblEditable, $gblIcon, $gblModDays ;
650 dpavlin 1.1
651     $self = $GLOBALS["PHP_SELF"] ;
652 dpavlin 1.2 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
653     $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
654     } else {
655     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
656     }
657 dpavlin 1.1 $fsDir = $fsRoot . $relDir . "/" ; // current directory
658    
659     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
660    
661     // read directory contents
662     if ( !($dir = @opendir($fsDir)) )
663     Error("Read Access denied",$relDir) ;
664     while ($item = readdir($dir)) {
665 dpavlin 1.2 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
666 dpavlin 1.1 if ( is_dir($fsDir . $item) ) {
667     $dirList[] = $item ;
668 dpavlin 1.2 } else if ( is_file($fsDir . $item) ) {
669 dpavlin 1.1 $fileList[] = $item ;
670 dpavlin 1.2 } else if ( is_link($fsDir . $item) ) {
671     $dirList[] = $item ;
672     } else {
673 dpavlin 1.1 // unknown file type
674     // $text = "Could not determine file type of " ;
675     // Error("File Error", $text.$relDir."/".$item) ;
676     // exit ;
677     }
678     }
679     closedir($dir) ;
680 dpavlin 1.2
681     // scan deleted files
682     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
683     while ($item = readdir($dir)) {
684     if ( substr($item,0,1) == "." ) continue ;
685     $fileList[] = ".del/$item" ;
686     }
687     closedir($dir) ;
688     }
689    
690 dpavlin 1.1 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
691    
692     // start navigation page
693 dpavlin 1.2 $text = "Use this page to add, delete";
694     if (! isset($show_deleted)) {
695 dpavlin 1.6 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
696 dpavlin 1.2 }
697     $text .= " or revise files on this web site." ;
698 dpavlin 1.18 $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
699 dpavlin 1.1 StartHTML("(Navigate)",$text) ;
700    
701     echo "<TABLE BORDER=0 CELLPADDING=2
702     CELLSPACING=3 WIDTH=\"100%\">" ;
703    
704     // updir bar
705     if ($fsDir != $fsRoot) {
706     $parent = dirname($relDir) ;
707     if ($parent == "") $parent = "/" ;
708     ?>
709    
710 dpavlin 1.4 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
711     <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
712     <B><?= $parent ?></B></A></TD></TR>
713 dpavlin 1.1
714     <?php
715     }
716    
717     // output subdirs
718     if (sizeof($dirList) > 0) {
719     sort($dirList) ;
720     ?>
721    
722 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
723 dpavlin 1.1
724     <?php
725     while (list($key,$dir) = each($dirList)) {
726    
727     $tstr = "<A HREF=\"" . $self . "?D=" ;
728     $tstr .= urlencode($relDir."/".$dir) ;
729     $tstr .= "\">" . $dir . "/</A>" ;
730     ?>
731    
732 dpavlin 1.4 <TR><TD><?= $gblIcon("fldr") ?></TD>
733     <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
734 dpavlin 1.1
735     <?php
736     } // iterate over dirs
737     } // end if no dirs
738     ?>
739    
740 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
741 dpavlin 1.1 </B></TD></TR>
742     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
743 dpavlin 1.6 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
744 dpavlin 1.4 <TD CLASS=TOP>NOTE</TD>
745 dpavlin 1.1 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
746    
747     <?php
748     if (sizeof($fileList) > 0) {
749     sort($fileList) ;
750     while (list($key,$file) = each($fileList)) {
751 dpavlin 1.4 $path = $fsDir."/".$file ;
752     $mod = filemtime($path) ;
753     $sz = filesize($path) ;
754    
755     if ($sz >= 10240) {
756     $sz = (int)(($sz+1023)/1024) . " k" ;
757     } else {
758     $sz .= " " ;
759     } // end size
760 dpavlin 1.1
761 dpavlin 1.4 $a = $b = "" ;
762    
763     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
764    
765 dpavlin 1.14 if ( ($mod + $gblModDays*86400) > time() ) {
766 dpavlin 1.4 $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
767 dpavlin 1.14 $a .= " than $gblModDays days\"> * </SPAN>" ;
768 dpavlin 1.4 }
769    
770 dpavlin 1.6 $file_lock=CheckLock($path);
771    
772     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
773     $file_url_html.="&D=".urlencode($relDir);
774     $file_url_html.="\" TITLE=\"View file\">" ;
775 dpavlin 1.2
776     if (substr($file,0,5) != ".del/") {
777 dpavlin 1.6 $file_url_html .= $file . "</A>" . $a ;
778 dpavlin 1.2 } else {
779 dpavlin 1.6 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
780 dpavlin 1.4 }
781    
782 dpavlin 1.6 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
783 dpavlin 1.4
784     $ext = strtolower(strrchr($file,".")) ;
785 dpavlin 1.6
786     if ($file_lock) {
787     if ($file_lock == $GLOBALS[gblUserName]) {
788     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
789     $b.="&D=".urlencode($relDir);
790     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
791     $file_url_html=$b;
792     $b.=$gblIcon("checkin")."</A>" ;
793     $b.= $gblIcon("blank");
794     $file_url_html.="$file</a> $a";
795     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
796     } else {
797     $b = $gblIcon("locked");
798     $b.= $gblIcon("blank");
799     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
800     $file_url_html = "$file $a";
801     }
802 dpavlin 1.4 } else {
803 dpavlin 1.6 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
804     $b.="&D=".urlencode($relDir);
805     $b.="\" TITLE=\"Checkout file for edit\">" ;
806     $b.=$gblIcon("checkout")."</A>" ;
807    
808     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
809     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
810     $b.="&D=".urlencode($relDir);
811     $b.="\" TITLE=\"List contents\">" ;
812     $b.=$gblIcon("view")."</A>" ;
813     } else {
814     $b.= $gblIcon("blank");
815     }
816 dpavlin 1.2 }
817 dpavlin 1.1
818    
819     ?>
820    
821     <TR><TD>
822 dpavlin 1.4 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
823     <?= $gblIcon($ext) ?></A></TD>
824 dpavlin 1.6 <TD CLASS=LST><?= $file_url_html ?></TD>
825 dpavlin 1.4 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
826 dpavlin 1.6 <TD CLASS=LST ALIGN=left><?= $note_html ?></TD>
827 dpavlin 1.4 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
828     <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
829 dpavlin 1.1
830     <?php
831     } // iterate over files
832     } // end if no files
833    
834     if ($emptyDir) {
835     ?>
836    
837 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
838     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
839     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
840 dpavlin 1.1 OK TO DELETE THIS EMPTY FOLDER?
841     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
842     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
843     </TD></TR>
844     </FORM>
845    
846     <?php
847     } // end if emptyDir
848     ?>
849    
850 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
851 dpavlin 1.1
852 dpavlin 1.6 <TR><TD></TD><TD COLSPAN=5>
853 dpavlin 1.13 <?
854     if (file_exists(".info.inc")) {
855     include(".info.inc");
856     }
857     ?>
858 dpavlin 1.6 </TD></TR>
859    
860     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
861    
862 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
863     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
864 dpavlin 1.1 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
865     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
866     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
867     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
868 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
869 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
870 dpavlin 1.9 <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
871 dpavlin 1.1 </NOBR>
872     </TD></TR>
873     </FORM>
874     </TABLE>
875    
876     <?php
877     EndHTML() ;
878     } // end function Navigate
879    
880     //////////////////////////////////////////////////////////////////
881    
882 dpavlin 1.6 function UploadPage($fsRoot, $relDir, $filename) {
883 dpavlin 1.1
884     $self = $GLOBALS["PHP_SELF"] ;
885     if ($relDir == "") $relDir = "/" ;
886     ?>
887    
888     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
889     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
890 dpavlin 1.4 ACTION="<?= $self ?>">
891     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
892 dpavlin 1.6 <? if (isset($filename)) { ?>
893     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
894     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
895     <? } ?>
896 dpavlin 1.1 <P>PATHNAME OF LOCAL FILE<BR>
897 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
898 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
899     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
900     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
901     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
902     you must upgrade to an RFC1867-compliant browser.</P>
903 dpavlin 1.4 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
904 dpavlin 1.1 </FORM>
905     </TD></TR>
906     <TR><TD></TD><TD>
907 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
908     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
909 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
910     </FORM>
911     </TD></TR></TABLE></P>
912    
913     <?php
914     } // end function UploadPage
915    
916     //////////////////////////////////////////////////////////////////
917    
918     function Error($title,$text="") {
919     StartHTML("(".$title.")",$text) ;
920     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
921     EndHTML() ;
922     exit ;
923     } // end function Error
924    
925     //////////////////////////////////////////////////////////////////
926    
927     function CreateHash($user, $pw) {
928    
929     global $gblHash ; // hash function to use
930    
931     if ($user == "" || $pw == "") {
932     $text = "either no password or no username supplied" ;
933     Error("Create Hash",$text) ;
934     }
935     $title = "(Create Hash)" ;
936     StartHTML($title) ;
937     echo "<P ALIGN=center>" ;
938     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
939     echo "into the<BR>value for \$gblPw in the source of " ;
940     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
941     echo "</B><BR><BR>Hash function: " . $gblHash ;
942     echo "</BLOCKQUOTE></P>" ;
943     EndHTML() ;
944     exit ;
945    
946     } // end function CreateHash
947    
948     //////////////////////////////////////////////////////////////////
949    
950     function NoEntry() {
951    
952     $user = $GLOBALS["PHP_AUTH_USER"] ;
953     $pw = $GLOBALS["PHP_AUTH_PW"] ;
954     $self = $GLOBALS["PHP_SELF"] ;
955    
956     $title = "(401 Unauthorized)" ;
957     $text = "No trespassing !" ;
958     StartHTML($title,$text) ;
959     ?>
960    
961 dpavlin 1.4 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
962     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
963     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
964 dpavlin 1.1
965     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
966     Click below to <B>generate a password hash</B><BR>from
967     the username-password pair you just<BR>entered. Then include the hash in
968     the source<BR>of this file.<BR><BR>
969     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
970     </BLOCKQUOTE></FORM>
971    
972     <?php
973     EndHTML() ;
974     exit ;
975     }
976    
977     //////////////////////////////////////////////////////////////////
978    
979 dpavlin 1.21 function LogIt($target,$msg) {
980 dpavlin 1.2
981 dpavlin 1.21 $target=stripSlashes($target);
982 dpavlin 1.2 $dir=dirname($target);
983     if (! file_exists($dir."/.log")) {
984     mkdir($dir."/.log",0700);
985     }
986     $file=basename($target);
987    
988     $log=fopen("$dir/.log/$file","a+");
989     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
990     "\t$GLOBALS[gblUserName]\t$msg\n");
991     fclose($log);
992    
993     }
994    
995    
996 dpavlin 1.4 //////////////////////////////////////////////////////////////////
997    
998     function WriteNote($target,$msg) {
999    
1000 dpavlin 1.21 $target=stripSlashes($target);
1001 dpavlin 1.4 $dir=dirname($target);
1002     if (! file_exists($dir."/.note")) {
1003     mkdir($dir."/.note",0700);
1004     }
1005     $file=basename($target);
1006    
1007     $note=fopen("$dir/.note/$file","w");
1008     fputs($note,"$msg\n");
1009     fclose($note);
1010    
1011     Logit($target,"added note $msg");
1012    
1013     }
1014    
1015     function ReadNote($target) {
1016    
1017 dpavlin 1.21 $target=stripSlashes($target);
1018 dpavlin 1.4 $dir=dirname($target);
1019     $file=basename($target);
1020     $msg="";
1021     if (file_exists($dir."/.note/$file")) {
1022     $note=fopen("$dir/.note/$file","r");
1023     $msg=fgets($note,4096);
1024     fclose($note);
1025     }
1026 dpavlin 1.6 return StripSlashes($msg);
1027 dpavlin 1.4
1028     }
1029    
1030     //////////////////////////////////////////////////////////////////
1031    
1032     function MoveTo($source,$folder) {
1033    
1034 dpavlin 1.21 $source=stripSlashes($source);
1035 dpavlin 1.4 $file=basename($source);
1036     if (! file_exists($folder)) {
1037     mkdir($folder,0700);
1038     }
1039     if (file_exists($source)) {
1040     rename($source,"$folder/$file");
1041     }
1042     }
1043 dpavlin 1.2
1044     //////////////////////////////////////////////////////////////////
1045    
1046 dpavlin 1.6 function Lock($target) {
1047    
1048 dpavlin 1.21 $target=stripSlashes($target);
1049 dpavlin 1.6 $dir=dirname($target);
1050     if (! file_exists($dir."/.lock")) {
1051     mkdir($dir."/.lock",0700);
1052     }
1053     $file=basename($target);
1054    
1055     if (file_exists("$dir/.lock/$file")) {
1056     Logit($target,"attempt to locked allready locked file!");
1057     } else {
1058     $lock=fopen("$dir/.lock/$file","w");
1059     fputs($lock,"$GLOBALS[gblUserName]\n");
1060     fclose($lock);
1061    
1062     Logit($target,"file locked");
1063     }
1064    
1065     }
1066    
1067     function CheckLock($target) {
1068    
1069 dpavlin 1.21 $target=stripSlashes($target);
1070 dpavlin 1.6 $dir=dirname($target);
1071     $file=basename($target);
1072     $msg=0;
1073     if (file_exists($dir."/.lock/$file")) {
1074     $lock=fopen("$dir/.lock/$file","r");
1075     $msg=fgets($lock,4096);
1076     fclose($lock);
1077     }
1078     return chop($msg);
1079    
1080     }
1081    
1082     function Unlock($target) {
1083    
1084 dpavlin 1.21 $target=stripSlashes($target);
1085 dpavlin 1.6 $dir=dirname($target);
1086     $file=basename($target);
1087     if (file_exists($dir."/.lock/$file")) {
1088     unlink("$dir/.lock/$file");
1089     Logit($target,"file unlocked");
1090     } else {
1091     Logit($target,"attempt to unlocked non-locked file!");
1092     }
1093    
1094     }
1095    
1096     //////////////////////////////////////////////////////////////////
1097    
1098 dpavlin 1.9 function urlpath($url) {
1099 dpavlin 1.8 $url=urlencode(StripSlashes("$url"));
1100 dpavlin 1.7 $url=str_replace("%2F","/",$url);
1101     $url=str_replace("+","%20",$url);
1102 dpavlin 1.9 return($url);
1103 dpavlin 1.7 }
1104    
1105     //////////////////////////////////////////////////////////////////
1106    
1107 dpavlin 1.8 function safe_rename($from,$to) {
1108     if (file_exists($from) && is_writable(dirname($to))) {
1109     rename($from,$to);
1110     }
1111     }
1112    
1113     //////////////////////////////////////////////////////////////////
1114    
1115 dpavlin 1.16 // recursivly delete directory
1116    
1117     function rrmdir($dir) {
1118     $handle=opendir($dir);
1119     while ($file = readdir($handle)) {
1120     if ($file != "." && $file != "..") {
1121     if (is_dir("$dir/$file"))
1122     rrmdir("$dir/$file");
1123     else
1124     if (! @unlink("$dir/$file")) return(0);
1125     }
1126     }
1127     closedir($handle);
1128     return @rmdir($dir);
1129     }
1130    
1131     //////////////////////////////////////////////////////////////////
1132    
1133 dpavlin 1.18 function ChangeLog($target,$msg) {
1134    
1135     global $gblFsRoot;
1136     $log=fopen("$gblFsRoot/.changelog","a+");
1137     if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
1138     $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
1139     fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
1140     fclose($log);
1141    
1142     }
1143    
1144     function DisplayChangeLog($day) {
1145    
1146     global $gblFsRoot;
1147 dpavlin 1.20 if (!file_exists("$gblFsRoot/.changelog")) return;
1148 dpavlin 1.18 $log=fopen("$gblFsRoot/.changelog","r");
1149     $logarr = array();
1150     while($line = fgetcsv($log,255,"\t")) {
1151 dpavlin 1.21 if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60))) {
1152 dpavlin 1.18 array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1153     }
1154     }
1155     fclose($log);
1156     $cl1=" class=lst"; $cl2="";
1157     print "<table border=0 width=100%>\n";
1158     while ($e = array_shift($logarr)) {
1159     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1160     $date = date("$GLOBALS[gblDateFmt]", $e[0]);
1161     $time = date("$GLOBALS[gblTimeFmt]", $e[0]);
1162     $dir = dirname($e[1]);
1163     $file = basename($e[1]);
1164     print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$GLOBALS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1165     }
1166     print "</table>";
1167 dpavlin 1.21 print "<p>".GifIcon(up)." Back to <a href=$GLOBALS[PHP_SELF]>front page</a>.</p>";
1168 dpavlin 1.18 }
1169    
1170     //////////////////////////////////////////////////////////////////
1171    
1172 dpavlin 1.1 // MAIN PROGRAM
1173     // ============
1174     // query parameters: capital letters
1175     // local functions : begin with capital letters
1176     // global constants: begin with gbl
1177    
1178 dpavlin 1.2 $gblFilePerms = 0640 ; // default for new files
1179     $gblDirPerms = 0750 ; // default for new dirs
1180 dpavlin 1.1
1181     // phpinfo() ;
1182     // exit ;
1183    
1184     // forks before authentication: style sheet and hash
1185     // creation if password not yet set.
1186     if ($STYLE == "get") { CSS() ; exit ; }
1187     if ($HASH != "") {
1188     CreateHash($USER, $PW) ;
1189     exit ;
1190     }
1191    
1192     // authentication if $gblAuth == true
1193 dpavlin 1.2 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
1194     isset($relogin) && $gblPw == $relogin ) {
1195 dpavlin 1.1 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
1196     header("HTTP/1.0 401 Unauthorized") ;
1197     NoEntry() ;
1198     exit ;
1199     }
1200    
1201     // get current directory relative to $gblFsRoot
1202     $relDir = $DIR ; // from POST
1203     if ($relDir == "") { // not defined in POST ?
1204     $relDir = urldecode($D) ; // then use GET
1205     }
1206    
1207     if ($relDir == "/") $relDir = "" ;
1208     // default : website root = ""
1209    
1210     if (strstr($relDir,"..")) Error("No updirs allowed");
1211    
1212     // full paths contain "fs" or "Fs". Paths realitve to root of
1213     // website contain "rel" or "Rel". The script won't let you
1214     // edit anything above directory equal to http://server.com
1215     // i.e. below $gblFsRoot.
1216    
1217     $relScriptDir = dirname($SCRIPT_NAME) ;
1218     // i.e. /siteman
1219    
1220     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1221     // i.e. /home/httpd/html/siteman
1222    
1223     $gblFsRoot = substr($fsScriptDir,0,
1224     strlen($fsScriptDir)-strlen($relScriptDir)) ;
1225     // i.e. /home/httpd/html
1226    
1227     $fsDir = $gblFsRoot . $relDir ; // current directory
1228     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1229    
1230     switch ($POSTACTION) {
1231     case "UPLOAD" :
1232 dpavlin 1.2 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1233 dpavlin 1.1 if (strstr($FN_name,"/"))
1234     Error("Non-conforming filename") ;
1235     // TODO : should rather check for escapeshellcmds
1236     // but maybe RFC 18xx asserts safe filenames ....
1237     $source = $FN ;
1238 dpavlin 1.6 if (! isset($FILENAME)) { // from update file
1239     $target = "$fsDir/$FN_name" ;
1240     } else {
1241     $target = "$fsDir/$FILENAME";
1242     }
1243 dpavlin 1.2
1244     // backup old files first
1245     $dir=dirname($target);
1246     if (! file_exists($dir."/.bak")) {
1247     mkdir($dir."/.bak",0700);
1248     }
1249     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1250     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1251     }
1252     $file=basename($target);
1253     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1254 dpavlin 1.4 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1255 dpavlin 1.2 }
1256 dpavlin 1.6 MoveTo($target,$dir."/.bak/1/");
1257 dpavlin 1.2
1258     copy($source,$target) ;
1259     chmod($target,$gblFilePerms) ;
1260 dpavlin 1.1 clearstatcache() ;
1261 dpavlin 1.2 Logit($target,"uploaded");
1262 dpavlin 1.6 if (isset($FILENAME)) {
1263     Unlock($target);
1264     }
1265 dpavlin 1.18 ChangeLog($target,"updated");
1266 dpavlin 1.1 break ;
1267    
1268     case "SAVE" :
1269 dpavlin 1.17 $path = $gblFsRoot . $RELPATH ;
1270 dpavlin 1.2 $writable = is_writeable($path) ;
1271     $legaldir = is_writeable(dirname($path)) ;
1272 dpavlin 1.1 $exists = (file_exists($path)) ? 1 : 0 ;
1273     // check for legal extension here as well
1274     if (!($writable || (!$exists && $legaldir)))
1275     Error("Write denied",$RELPATH) ;
1276     $fh = fopen($path, "w") ;
1277     fwrite($fh,$FILEDATA) ;
1278     fclose($fh) ;
1279     clearstatcache() ;
1280 dpavlin 1.2 Logit($path,"saved changes");
1281 dpavlin 1.18 ChangeLog($path,"saved changes");
1282 dpavlin 1.1 break ;
1283    
1284     case "CREATE" :
1285     // we know $fsDir exists
1286 dpavlin 1.2 if ($FN == "") break; // no filename!
1287     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1288 dpavlin 1.1 $path = $fsDir . "/" . $FN ; // file or dir to create
1289     $relPath = $relDir . "/" . $FN ;
1290     switch ( $T ) {
1291     case "D" : // create a directory
1292 dpavlin 1.6 if ( ! @mkdir($path,$gblDirPerms) )
1293     Error("Mkdir failed",$relPath) ; // eg. if it exists
1294     clearstatcache() ;
1295     break ;
1296 dpavlin 1.1 case "F" : // create a new file
1297     // this functionality is doubled in DetailView().
1298     // better keep it here altogether
1299     // chmod perms to $gblFilePerms
1300 dpavlin 1.6 if ( file_exists($path) && !is_writable($path) )
1301     Error("File not writable", $relPath) ;
1302     $fh = fopen($path, "w+") ;
1303     if ($fh) {
1304     fputs($fh,"\n");
1305     fclose($fh) ;
1306     LogIt($path,"file created");
1307     } else {
1308     Error("Creation of file $relPath failed -- $path");
1309     }
1310     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1311     header("Location: " . $tstr) ;
1312 dpavlin 1.18 ChangeLog($target,"created");
1313 dpavlin 1.6 exit ;
1314 dpavlin 1.1 }
1315     break ;
1316    
1317     case "DELETE" :
1318     if ( $CONFIRM != "on" ) break ;
1319    
1320     $tstr = "Attempt to delete non-existing object or " ;
1321     $tstr .= "insufficient privileges: " ;
1322    
1323     if ( $FN != "") { // delete file
1324 dpavlin 1.2 $path = $fsDir . "/" . $FN ;
1325    
1326     $dir=dirname($path);
1327     $file=basename($path);
1328     if (! file_exists("$dir/.del")) {
1329     mkdir("$dir/.del",0700);
1330     }
1331    
1332     // if ( ! @unlink($path) ) {
1333     if ( ! rename($path,"$dir/.del/$file") ) {
1334     Error("File delete failed", $tstr . $path) ;
1335     Logit($path,"file delete failed");
1336     exit ;
1337     } else {
1338     Logit($path,"file deleted");
1339 dpavlin 1.4 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1340     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1341 dpavlin 1.6 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1342 dpavlin 1.2 }
1343 dpavlin 1.1 }
1344     else { // delete directory
1345 dpavlin 1.16 if ( ! @rrmdir($fsDir) ) {
1346 dpavlin 1.1 Error("Rmdir failed", $tstr . $fsDir) ;
1347     }
1348     else {
1349     $relDir = dirname($relDir) ; // move up
1350     }
1351     }
1352     break ;
1353    
1354 dpavlin 1.2 case "UNDELETE" :
1355     if ( $CONFIRM != "on" ) break ;
1356    
1357     if (substr($FN,0,4) != ".del") break ;
1358     $file=substr($FN,4,strlen($FN)-4);
1359    
1360     Logit("$fsDir/.del/$file","undeleted");
1361 dpavlin 1.4 MoveTo("$fsDir/.del/$file","$fsDir/");
1362     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1363     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1364 dpavlin 1.6 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1365 dpavlin 1.2
1366     break ;
1367    
1368     case "RENAME" :
1369     if ( $CONFIRM != "on" ) break ;
1370    
1371     Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1372 dpavlin 1.8 safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
1373     safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1374     safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
1375     safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
1376 dpavlin 1.11 for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
1377     safe_rename("$fsDir/.bak/$i/$FN","$fsDir/.bak/$i/$NEWNAME");
1378     }
1379 dpavlin 1.2
1380 dpavlin 1.4 break ;
1381    
1382     case "NOTE" :
1383     WriteNote("$fsDir/$FN","$NOTE");
1384 dpavlin 1.2 break ;
1385    
1386 dpavlin 1.6 case "UNLOCK" :
1387     if ( $CONFIRM != "on" ) break ;
1388     Unlock("$fsDir/$FN");
1389     break ;
1390    
1391 dpavlin 1.1 default :
1392     // user hit "CANCEL" or undefined action
1393     }
1394    
1395     // common to all POSTs : redirect to directory view ($relDir)
1396     if ( $POSTACTION != "" ) {
1397     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1398     header("Location: " . $tstr) ;
1399     exit ;
1400     }
1401    
1402     // check for mode.. navigate, code display, upload, or detail?
1403     // $A=U : upload to path given in $D
1404     // $A=E : display detail of file $D/$F and edit
1405     // $A=C : display code in file $D/$F
1406 dpavlin 1.6 // $A=Co : checkout file $D/$F
1407     // $A=Ci : checkin file $D/$F
1408     // $A=V : view file (do nothing except log)
1409 dpavlin 1.1 // default : display directory $D
1410 dpavlin 1.21
1411     $F=stripSlashes($F);
1412    
1413 dpavlin 1.1 switch ($A) {
1414     case "U" :
1415     // upload to $relDir
1416 dpavlin 1.2 if (!is_writeable($gblFsRoot . $relDir))
1417 dpavlin 1.1 Error("Write access denied",$relDir) ;
1418     $text = "Use this page to upload a single " ;
1419     $text .= "file to <B>$SERVER_NAME</B>." ;
1420     StartHTML("(Upload Page)", $text) ;
1421     UploadPage($gblFsRoot, $relDir) ;
1422     EndHTML() ;
1423     exit ;
1424     case "E" :
1425     // detail of $relDir/$F
1426 dpavlin 1.2 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1427 dpavlin 1.1 exit ;
1428     case "C" :
1429     // listing of $relDir/$F
1430     DisplayCode($gblFsRoot, $relDir, $F) ;
1431     exit ;
1432 dpavlin 1.6 case "Co" :
1433     // checkout
1434     Lock("$gblFsRoot/$relDir/$F");
1435 dpavlin 1.12 header("Content-Disposition: attachment; filename=$F" );
1436 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1437 dpavlin 1.6 exit;
1438     case "Ci" :
1439     // upload && update to $relDir
1440     if (!is_writeable($gblFsRoot . $relDir))
1441     Error("Write access denied",$relDir) ;
1442     $text = "Use this page to update a single " ;
1443     $text .= "file to <B>$SERVER_NAME</B>." ;
1444     StartHTML("(Update file Page)", $text) ;
1445     UploadPage($gblFsRoot, $relDir, $F) ;
1446     EndHTML() ;
1447     exit ;
1448     case "V" :
1449     // view
1450 dpavlin 1.9 LogIt("$gblFsRoot/$relDir/$F","viewed");
1451 dpavlin 1.12 header("Content-Disposition: attachment; filename=$F" );
1452 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1453 dpavlin 1.18 exit;
1454     case "Ch" :
1455     StartHTML("(File changes)","All changes chronologicaly...");
1456     DisplayChangeLog(0); // all
1457     EndHTML() ;
1458     exit;
1459     case "Ch1" :
1460     StartHTML("(File changes)","Changes to files in last day...");
1461     DisplayChangeLog(1);
1462     EndHTML() ;
1463 dpavlin 1.6 exit;
1464 dpavlin 1.1 }
1465    
1466     // default: display directory $relDir
1467     Navigate($gblFsRoot,$relDir) ;
1468     exit ;
1469    
1470     Error("Whooah!","By cartesian logic, this never happens") ;
1471     ?>

  ViewVC Help
Powered by ViewVC 1.1.26