/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.23 - (hide annotations)
Wed Sep 13 09:59:51 2000 UTC (22 years, 4 months ago) by dpavlin
Branch: MAIN
Changes since 1.22: +1 -1 lines
one day in seconds

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37 dpavlin 1.2 /*
38     2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39    
40     nuked exec calls (unsecure)
41     nuked writeable function (replaced by php is_writeable)
42     added support for https (tested with apache+mod_ssl)
43     added users file
44     date format user-selectable
45     cycle backup files in bak directory
46     support links as directoryes (for now)
47     support of file history logging
48     undelete capabilities (delete moves to .del directory)
49    
50     2000-07-26 DbP
51    
52     added more checking on entered filename (when creating file/dir)
53     added rename option
54    
55    
56     IMPORTANT INSTALLATION NOTE:
57     deny serving of .* (dot-something) files in web server!
58     Otherwise, uses can access your log files, users and/or
59     deleted files!
60    
61     .htusers is in form:
62     login:Real Name:md5(loginpassword)
63    
64    
65     TODO:
66     mixed file/directory output (add type to each entry,
67     real support for links)
68 dpavlin 1.9 retrieve old versions of files (overwritten)
69 dpavlin 1.13 show last lock date
70    
71 dpavlin 1.2 */
72    
73 dpavlin 1.1 //////////////////////////////////////////////////////////////////
74    
75     // TODO : Don't let the file be modified itself. Create a hash of
76     // it (kinda hard since it's self-referential ;-). Make better use
77     // of session management. Escapeshellcmd for all user input.
78    
79     //////////////////////////////////////////////////////////////////
80    
81     // GLOBAL PARAMETERS
82     // =================
83     // Make modifications here to suit siteman to your needs
84    
85     // error_reporting(4) ; // how verbose ?
86    
87     // username/password should not be system
88     // usernames/passwords !!
89    
90 dpavlin 1.2 // $gblPw = "hash_of_your_username_and_password" ;
91    
92     // $gblAuth = false ; // use builtin authentication
93     $gblAuth = true ; // use builtin authentication
94 dpavlin 1.1 $gblHash = "md5" ; // hash function to use
95    
96 dpavlin 1.2 $gblPw = "";
97    
98     if ($gblAuth) {
99 dpavlin 1.3 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
100     if (! file_exists($htusers_file)) {
101     $htusers=fopen($htusers_file,"a+");
102     fputs($htusers,"# Change owner of $htusers_file to root !!\n");
103     fputs($htusers,"demo:full name:md5_hash\n");
104     fclose($htusers);
105     }
106     $htusers=fopen($htusers_file,"r");
107 dpavlin 1.2 while($user = fgetcsv($htusers,255,":")) {
108     if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
109     $gblUserName=$user[1];
110     $gblPw=$user[2];
111 dpavlin 1.14 $gblEmail=$user[3];
112 dpavlin 1.2 continue ;
113     }
114     }
115     fclose($htusers);
116     }
117    
118     // $gblDateFmt="D, F d, Y";
119     // $gblTimeFmt="g:i:sA";
120    
121     $gblDateFmt="Y-m-d";
122     $gblTimeFmt="H:i:s";
123    
124 dpavlin 1.14 // Number of backup files to keep
125     $gblNumBackups=3;
126    
127     // show red star if newer than ... days
128     $gblModDays=1;
129 dpavlin 1.2
130 dpavlin 1.1 // choose GifIcon below unless you have the M$
131     // WingDings font installed on your system
132    
133     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
134    
135     // the directory below should be /icons/ or /icons/small/
136     // on Apache; a set of icons is included in the distribution
137    
138 dpavlin 1.3 $gblIconLocation = "/icons/" ;
139 dpavlin 1.1
140     // files you want to be able to edit in text mode
141     // and view with (primitive) syntax highlighting
142    
143     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
144     ".cfm",".php3",".php",".phtml",
145     ".shtml",".css" ) ;
146    
147     // files that will display as images on the detail page
148     // (useless if your browser doesn't support them)
149    
150     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
151     ".bmp",".xbm") ;
152    
153     //////////////////////////////////////////////////////////////////
154    
155     function StartHTML($title,$text="") {
156    
157     $title = "Site Manager " . $title ;
158     $host = $GLOBALS["HTTP_HOST"] ;
159     $self = $GLOBALS["PHP_SELF"] ;
160     ?>
161    
162     <HTML>
163     <HEAD>
164 dpavlin 1.4 <TITLE><?= $host . " " . $title ?></TITLE>
165 dpavlin 1.1 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
166     <META NAME="keywords" CONTENT="site manager, web site maintenance">
167     <META NAME="robots" CONTENT="noindex">
168     <META HTTP-EQUIV="expires" CONTENT="0">
169     <LINK REL="stylesheet" TYPE="text/css"
170 dpavlin 1.4 HREF="<?= $self ?>?STYLE=get">
171 dpavlin 1.1 </HEAD>
172     <BODY BGCOLOR="#FFFFFF">
173 dpavlin 1.4 <H3 ALIGN="RIGHT"><?= $host ?></H3>
174 dpavlin 1.1 <TABLE BORDER=0 WIDTH="100%"><TR>
175 dpavlin 1.4 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
176     <P><?= $text ?></P>
177 dpavlin 1.1
178     <?php
179     } // end function StartHTML
180    
181     //////////////////////////////////////////////////////////////////
182    
183     function EndHTML() {
184     ?>
185    
186     <HR>
187     <P CLASS=FTR>
188 dpavlin 1.2 <B><?= date($GLOBALS[gblDateFmt]) ?> -
189     <?= date($GLOBALS[gblTimeFmt]) ?> -
190     <?= $GLOBALS[gblUserName] ?>
191 dpavlin 1.6 <small> [<a href="<?= $GLOBALS["PHP_SELF"] ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
192 dpavlin 1.2 </B>
193     <BR>ANYPORTAL(php) Site Manager
194     <br><small>
195     &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
196     &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
197     &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
198     </small>
199 dpavlin 1.1 </P>
200 dpavlin 1.2 <BR>
201 dpavlin 1.9 <? //include(".debug.inc") ?>
202 dpavlin 1.2 <BR><BR></BODY></HTML>
203 dpavlin 1.1
204     <?php
205     } // end function EndHTML
206    
207     //////////////////////////////////////////////////////////////////
208    
209     function CSS() {
210     ?>
211    
212 dpavlin 1.2 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
213 dpavlin 1.1 .BLK { color:black; }
214     .RED { color:red; }
215     .TOP { color:red; font-size:70%; } /* table headings */
216     .INV { color:white; background-color:navy;
217     font-weight:bold; font-size:120%; } /* title */
218     .FTR { } /* footer */
219     .LST { background-color:#E0E0E0; } /* table cells */
220     .BAR { background-color:#E0E0E0; } /* action bar */
221     PRE { color:blue; font-family:Lucida Console,Courier New,
222     Courier,sans-serif; } /* source code */
223     EM { color:green; font-style:normal; } /* line numbers */
224     .REM { color:silver; }
225     .XML { color:navy; background-color:yellow; }
226     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
227     A:HOVER { color:red; }
228    
229     <?php
230     } // end function CSS
231    
232     //////////////////////////////////////////////////////////////////
233    
234     function DetailPage($fsRoot,$relDir,$fn) {
235    
236     global $gblEditable, $gblImages ;
237     $self = $GLOBALS["PHP_SELF"] ;
238    
239     $relPath = $relDir . "/" . $fn ;
240     $fsPath = $fsRoot . $relPath ;
241     $fsDir = $fsRoot . $relDir ;
242    
243     $exists = file_exists($fsPath) ;
244     $ext = strtolower(strrchr($relPath,".")) ;
245     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
246 dpavlin 1.2 $writable = is_writeable($fsPath) ;
247 dpavlin 1.6 $file_lock = CheckLock($fsPath);
248 dpavlin 1.1
249     if (!$editable && !$exists)
250     Error("Creation unsupported for type",$relPath) ;
251 dpavlin 1.2 if (!exists && !is_writeable($fsDir) )
252 dpavlin 1.1 Error("Creation denied",$relDir) ;
253    
254     $text = "Use this page to view, modify or " ;
255     $text .= "delete a single document on this " ;
256     $text .= "web site." ;
257     $title = "(Detail Page)" ;
258     StartHTML($title, $text) ;
259    
260     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
261     if ($exists) { // get file info
262 dpavlin 1.4 $fsize = filesize($fsPath) ;
263     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
264     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
265     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
266     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
267     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
268     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
269     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
270     echo " permissions: <B>" ;
271     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
272     echo "</PRE>" ;
273 dpavlin 1.2
274 dpavlin 1.1 }
275    
276 dpavlin 1.6 if ( $editable && ($writable || !$exists) && !$file_lock ) {
277 dpavlin 1.1 $fh = fopen($fsPath,"a+") ;
278     rewind($fh) ;
279     $fstr = fread($fh,filesize($fsPath)) ;
280     fclose($fh) ;
281     $fstr = htmlentities( $fstr ) ;
282     ?>
283    
284 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
285 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
286     <B>DOCUMENT CONTENTS</B>
287     </SPAN><BR>
288     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
289     echo($fstr) ; ?></TEXTAREA>
290 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
291     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
292 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
293 dpavlin 1.2 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
294 dpavlin 1.4 VALUE="<?= $relPath ; ?>">
295 dpavlin 1.2 <br>
296     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
297 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="SAVE">
298     </FORM>
299    
300     <?php
301 dpavlin 1.9 }
302 dpavlin 1.14 if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
303 dpavlin 1.6 $info = getimagesize($fsPath) ;
304 dpavlin 1.9 $tstr = "<IMG SRC=\"".urlpath($relPath)."\" BORDER=0 " ;
305 dpavlin 1.6 $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
306     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
307 dpavlin 1.9 // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
308     echo $tstr ;
309 dpavlin 1.1 }
310 dpavlin 1.6
311 dpavlin 1.1 ?>
312    
313 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
314     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
315     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
316 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
317    
318     <?php
319 dpavlin 1.6
320     if ($file_lock) {
321     ?>
322     <hr>
323     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
324     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
325     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
326     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
327     <?
328     } // file_lock
329    
330 dpavlin 1.2 if (substr($fn,0,4) == ".del") {
331     $action="UNDELETE";
332     $desc="undelete previously deleted file";
333     } else {
334     $action="DELETE";
335     $desc="delete";
336     }
337    
338 dpavlin 1.1 if ($exists && $writable) {
339     ?>
340    
341 dpavlin 1.4 <HR>
342     <a name="undelete">
343     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
344     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
345 dpavlin 1.2 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
346     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
347    
348 dpavlin 1.4 <HR>
349     <a name="rename">
350     <SPAN TITLE="Check OK and click [RENAME] to rename.">
351     <B>OK TO RENAME "<?= $fn ; ?>" TO
352 dpavlin 1.2 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
353     ? </B></SPAN>
354 dpavlin 1.1 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
355 dpavlin 1.2 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
356 dpavlin 1.1
357 dpavlin 1.5 <?php
358     } // exists && writable
359     ?>
360 dpavlin 1.4 <HR>
361     <a name="note">
362     <B>NOTE FOR "<?= $fn ; ?>":
363     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
364     </B></SPAN>
365     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
366    
367 dpavlin 1.5 </FORM>
368    
369 dpavlin 1.1 <?php
370 dpavlin 1.22
371 dpavlin 1.10 $name=basename("$fsDir/$fn");
372     $logname=dirname("$fsDir/$fn")."/.log/$name";
373     $bakdir=dirname("$fsDir/$fn")."/.bak";
374 dpavlin 1.2 if (file_exists($logname)) {
375     $log=fopen($logname,"r");
376     $cl1=" class=lst"; $cl2="";
377 dpavlin 1.10 $logarr = array();
378 dpavlin 1.2 while($line = fgetcsv($log,255,"\t")) {
379     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
380 dpavlin 1.10 array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
381 dpavlin 1.2 }
382     fclose($log);
383 dpavlin 1.10 print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
384     $bakcount = 0; // start from 0, skip fist backup (it's current)
385     while ($e = array_shift($logarr)) {
386     if (strstr($e[4],"upload")) {
387     if (file_exists("$bakdir/$bakcount/$name")) {
388     $e[4]="<a href=\"".dirname($relPath)."/.bak/$bakcount/$name\">$e[4]</a>";
389     }
390     $bakcount++;
391     }
392     print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
393     }
394 dpavlin 1.2 print "</table>";
395     }
396    
397 dpavlin 1.1 EndHTML() ;
398    
399     } // end function DetailPage
400    
401     //////////////////////////////////////////////////////////////////
402    
403     function DisplayCode($fsRoot,$relDir,$fn) {
404    
405     $path = $fsRoot . $relDir . "/" . $fn ;
406    
407     if (!file_exists($path)) Error("File not found",$path) ;
408    
409     StartHTML("(".$relDir."/".$fn.")","");
410    
411     $tstr = join("",file($path)) ;
412     $tstr = htmlentities($tstr) ;
413    
414     // Tabs
415     $tstr = str_replace(chr(9)," ",$tstr) ;
416    
417     // ASP tags & XML/PHP tags
418     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
419     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
420     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
421     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
422    
423     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
424     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
425     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
426     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
427    
428     // C style comment
429     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
430     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
431    
432     // HTML comments
433     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
434     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
435    
436     echo "<PRE>" ;
437    
438     $tstr = split("\n",$tstr) ;
439     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
440     // add line numbers
441     echo "<BR><EM>" ;
442     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
443     $line = $tstr[$i] ;
444     // C++ style comments
445     $pos = strpos($line,"//") ;
446     // exceptions: two slashes aren't a script comment
447     if (strstr($line,"//") &&
448     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
449     ! (substr($line,$pos,8) == "//--&gt;") &&
450     ! (substr($line,$pos,9) == "// --&gt;")) {
451     $beg = substr($line,0,strpos($line,"//")) ;
452     $end = strstr($line,"//") ;
453     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
454     }
455     // shell & asp style comments
456     $first = substr(ltrim($line),0,1) ;
457     if ($first == "#" || $first == "'") {
458     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
459     }
460     print($line) ;
461     } // next i
462    
463     echo "</PRE>" ;
464    
465     EndHTML() ;
466    
467     } // end function DisplayCode
468    
469     //////////////////////////////////////////////////////////////////
470    
471     function MockIcon($txt) {
472     $tstr = "<SPAN CLASS=MCK>" ;
473    
474     switch (strtolower($txt)) {
475     case ".bmp" :
476     case ".gif" :
477     case ".jpg" :
478     case ".jpeg":
479     case ".tif" :
480     case ".tiff":
481     $d = 176 ;
482     break ;
483     case ".doc" :
484     $d = 50 ;
485     break ;
486     case ".exe" :
487     case ".bat" :
488     $d = 255 ;
489     break ;
490     case ".bas" :
491     case ".c" :
492     case ".cc" :
493     case ".src" :
494     $d = 255 ;
495     break ;
496     case "file" :
497     $d = 51 ;
498     break ;
499     case "fldr" :
500     $d = 48 ;
501     break ;
502     case ".htm" :
503     case ".html":
504     case ".asa" :
505     case ".asp" :
506     case ".cfm" :
507     case ".php3":
508     case ".php" :
509     case ".phtml" :
510     case ".shtml" :
511     $d = 182 ;
512     break ;
513     case ".pdf" :
514     $d = 38 ;
515     break;
516     case ".txt" :
517     case ".ini" :
518     $d = 52 ;
519     break ;
520     case ".xls" :
521     $d = 252 ;
522     break ;
523     case ".zip" :
524     case ".arc" :
525     case ".sit" :
526     case ".tar" :
527     case ".gz" :
528     case ".tgz" :
529     case ".Z" :
530     $d = 59 ;
531     break ;
532     case "view" :
533     $d = 52 ;
534     break ;
535     case "up" :
536     $d = 199 ;
537     break ;
538     case "blank" :
539     return "&nbsp;&nbsp;</SPAN>" ;
540     break ;
541     default :
542     $d = 51 ;
543     }
544    
545     return $tstr . chr($d) . "</SPAN>" ;
546     } // end function MockIcon
547    
548     //////////////////////////////////////////////////////////////////
549    
550     function GifIcon($txt) {
551     global $gblIconLocation ;
552    
553     switch (strtolower($txt)) {
554     case ".bmp" :
555     case ".gif" :
556     case ".jpg" :
557     case ".jpeg":
558     case ".tif" :
559     case ".tiff":
560     $d = "image2.gif" ;
561     break ;
562     case ".doc" :
563     $d = "layout.gif" ;
564     break ;
565     case ".exe" :
566     case ".bat" :
567     $d = "screw2.gif" ;
568     break ;
569     case ".bas" :
570     case ".c" :
571     case ".cc" :
572     case ".src" :
573     $d = "c.gif" ;
574     break ;
575     case "file" :
576     $d = "generic.gif" ;
577     break ;
578     case "fldr" :
579     $d = "dir.gif" ;
580     break ;
581     case ".phps" :
582     $d = "phps.gif" ;
583     break ;
584     case ".php3" :
585     $d = "php3.gif" ;
586     break ;
587     case ".htm" :
588     case ".html":
589     case ".asa" :
590     case ".asp" :
591     case ".cfm" :
592     case ".php3":
593     case ".php" :
594     case ".phtml" :
595     case ".shtml" :
596     $d = "world1.gif" ;
597     break ;
598     case ".pdf" :
599     $d = "pdf.gif" ;
600     break;
601     case ".txt" :
602     case ".ini" :
603     $d = "text.gif" ;
604     break ;
605     case ".xls" :
606     $d = "box2.gif" ;
607     break ;
608     case ".zip" :
609     case ".arc" :
610     case ".sit" :
611     case ".tar" :
612     case ".gz" :
613     case ".tgz" :
614     case ".Z" :
615     $d = "compressed.gif" ;
616     break ;
617     case "view" :
618     $d = "index.gif" ;
619     break ;
620     case "up" :
621     $d = "back.gif" ;
622     break ;
623     case "blank" :
624     $d = "blank.gif" ;
625     break ;
626 dpavlin 1.4 case "checkout":
627 dpavlin 1.6 $d = "box2.gif";
628 dpavlin 1.4 break;
629     case "checkin":
630 dpavlin 1.6 $d = "hand.up.gif";
631     break;
632     case "locked":
633     $d = "screw2.gif";
634 dpavlin 1.4 break;
635     case "note":
636     $d = "quill.gif";
637     break;
638 dpavlin 1.1 default :
639     $d = "generic.gif" ;
640     }
641    
642     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
643     } // end function GifIcon
644    
645     //////////////////////////////////////////////////////////////////
646    
647     function Navigate($fsRoot,$relDir) {
648    
649 dpavlin 1.15 global $gblEditable, $gblIcon, $gblModDays ;
650 dpavlin 1.1
651     $self = $GLOBALS["PHP_SELF"] ;
652 dpavlin 1.2 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
653     $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
654     } else {
655     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
656     }
657 dpavlin 1.1 $fsDir = $fsRoot . $relDir . "/" ; // current directory
658    
659     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
660    
661     // read directory contents
662     if ( !($dir = @opendir($fsDir)) )
663     Error("Read Access denied",$relDir) ;
664     while ($item = readdir($dir)) {
665 dpavlin 1.2 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
666 dpavlin 1.1 if ( is_dir($fsDir . $item) ) {
667     $dirList[] = $item ;
668 dpavlin 1.2 } else if ( is_file($fsDir . $item) ) {
669 dpavlin 1.1 $fileList[] = $item ;
670 dpavlin 1.2 } else if ( is_link($fsDir . $item) ) {
671     $dirList[] = $item ;
672     } else {
673 dpavlin 1.1 // unknown file type
674     // $text = "Could not determine file type of " ;
675     // Error("File Error", $text.$relDir."/".$item) ;
676     // exit ;
677     }
678     }
679     closedir($dir) ;
680 dpavlin 1.2
681     // scan deleted files
682     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
683     while ($item = readdir($dir)) {
684     if ( substr($item,0,1) == "." ) continue ;
685     $fileList[] = ".del/$item" ;
686     }
687     closedir($dir) ;
688     }
689    
690 dpavlin 1.1 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
691    
692     // start navigation page
693 dpavlin 1.2 $text = "Use this page to add, delete";
694     if (! isset($show_deleted)) {
695 dpavlin 1.6 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
696 dpavlin 1.2 }
697     $text .= " or revise files on this web site." ;
698 dpavlin 1.18 $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
699 dpavlin 1.1 StartHTML("(Navigate)",$text) ;
700    
701     echo "<TABLE BORDER=0 CELLPADDING=2
702     CELLSPACING=3 WIDTH=\"100%\">" ;
703    
704     // updir bar
705     if ($fsDir != $fsRoot) {
706     $parent = dirname($relDir) ;
707     if ($parent == "") $parent = "/" ;
708     ?>
709    
710 dpavlin 1.4 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
711     <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
712     <B><?= $parent ?></B></A></TD></TR>
713 dpavlin 1.1
714     <?php
715     }
716    
717     // output subdirs
718     if (sizeof($dirList) > 0) {
719     sort($dirList) ;
720     ?>
721    
722 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
723 dpavlin 1.1
724     <?php
725     while (list($key,$dir) = each($dirList)) {
726    
727     $tstr = "<A HREF=\"" . $self . "?D=" ;
728     $tstr .= urlencode($relDir."/".$dir) ;
729     $tstr .= "\">" . $dir . "/</A>" ;
730     ?>
731    
732 dpavlin 1.4 <TR><TD><?= $gblIcon("fldr") ?></TD>
733     <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
734 dpavlin 1.1
735     <?php
736     } // iterate over dirs
737     } // end if no dirs
738     ?>
739    
740 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
741 dpavlin 1.1 </B></TD></TR>
742     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
743 dpavlin 1.6 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
744 dpavlin 1.4 <TD CLASS=TOP>NOTE</TD>
745 dpavlin 1.1 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
746    
747     <?php
748     if (sizeof($fileList) > 0) {
749     sort($fileList) ;
750     while (list($key,$file) = each($fileList)) {
751 dpavlin 1.4 $path = $fsDir."/".$file ;
752     $mod = filemtime($path) ;
753     $sz = filesize($path) ;
754    
755     if ($sz >= 10240) {
756     $sz = (int)(($sz+1023)/1024) . " k" ;
757     } else {
758     $sz .= " " ;
759     } // end size
760 dpavlin 1.1
761 dpavlin 1.4 $a = $b = "" ;
762    
763     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
764    
765 dpavlin 1.14 if ( ($mod + $gblModDays*86400) > time() ) {
766 dpavlin 1.4 $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
767 dpavlin 1.14 $a .= " than $gblModDays days\"> * </SPAN>" ;
768 dpavlin 1.4 }
769    
770 dpavlin 1.6 $file_lock=CheckLock($path);
771    
772     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
773     $file_url_html.="&D=".urlencode($relDir);
774     $file_url_html.="\" TITLE=\"View file\">" ;
775 dpavlin 1.2
776     if (substr($file,0,5) != ".del/") {
777 dpavlin 1.6 $file_url_html .= $file . "</A>" . $a ;
778 dpavlin 1.2 } else {
779 dpavlin 1.6 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
780 dpavlin 1.4 }
781    
782 dpavlin 1.6 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
783 dpavlin 1.4
784     $ext = strtolower(strrchr($file,".")) ;
785 dpavlin 1.6
786     if ($file_lock) {
787     if ($file_lock == $GLOBALS[gblUserName]) {
788     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
789     $b.="&D=".urlencode($relDir);
790     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
791     $file_url_html=$b;
792     $b.=$gblIcon("checkin")."</A>" ;
793     $b.= $gblIcon("blank");
794     $file_url_html.="$file</a> $a";
795     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
796     } else {
797     $b = $gblIcon("locked");
798     $b.= $gblIcon("blank");
799     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
800     $file_url_html = "$file $a";
801     }
802 dpavlin 1.4 } else {
803 dpavlin 1.6 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
804     $b.="&D=".urlencode($relDir);
805     $b.="\" TITLE=\"Checkout file for edit\">" ;
806     $b.=$gblIcon("checkout")."</A>" ;
807    
808     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
809     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
810     $b.="&D=".urlencode($relDir);
811     $b.="\" TITLE=\"List contents\">" ;
812     $b.=$gblIcon("view")."</A>" ;
813     } else {
814     $b.= $gblIcon("blank");
815     }
816 dpavlin 1.2 }
817 dpavlin 1.1
818    
819     ?>
820    
821     <TR><TD>
822 dpavlin 1.4 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
823     <?= $gblIcon($ext) ?></A></TD>
824 dpavlin 1.6 <TD CLASS=LST><?= $file_url_html ?></TD>
825 dpavlin 1.4 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
826 dpavlin 1.6 <TD CLASS=LST ALIGN=left><?= $note_html ?></TD>
827 dpavlin 1.4 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
828     <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
829 dpavlin 1.1
830     <?php
831     } // iterate over files
832     } // end if no files
833    
834     if ($emptyDir) {
835     ?>
836    
837 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
838     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
839     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
840 dpavlin 1.1 OK TO DELETE THIS EMPTY FOLDER?
841     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
842     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
843     </TD></TR>
844     </FORM>
845    
846     <?php
847     } // end if emptyDir
848     ?>
849    
850 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
851 dpavlin 1.1
852 dpavlin 1.6 <TR><TD></TD><TD COLSPAN=5>
853 dpavlin 1.13 <?
854     if (file_exists(".info.inc")) {
855     include(".info.inc");
856     }
857     ?>
858 dpavlin 1.6 </TD></TR>
859    
860     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
861    
862 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
863     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
864 dpavlin 1.1 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
865     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
866     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
867     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
868 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
869 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
870 dpavlin 1.9 <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
871 dpavlin 1.1 </NOBR>
872     </TD></TR>
873     </FORM>
874     </TABLE>
875    
876     <?php
877     EndHTML() ;
878     } // end function Navigate
879    
880     //////////////////////////////////////////////////////////////////
881    
882 dpavlin 1.6 function UploadPage($fsRoot, $relDir, $filename) {
883 dpavlin 1.1
884     $self = $GLOBALS["PHP_SELF"] ;
885     if ($relDir == "") $relDir = "/" ;
886     ?>
887    
888     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
889     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
890 dpavlin 1.4 ACTION="<?= $self ?>">
891     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
892 dpavlin 1.6 <? if (isset($filename)) { ?>
893     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
894     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
895     <? } ?>
896 dpavlin 1.1 <P>PATHNAME OF LOCAL FILE<BR>
897 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
898 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
899     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
900     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
901     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
902     you must upgrade to an RFC1867-compliant browser.</P>
903 dpavlin 1.4 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
904 dpavlin 1.1 </FORM>
905     </TD></TR>
906     <TR><TD></TD><TD>
907 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
908     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
909 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
910     </FORM>
911     </TD></TR></TABLE></P>
912    
913     <?php
914     } // end function UploadPage
915    
916     //////////////////////////////////////////////////////////////////
917    
918     function Error($title,$text="") {
919     StartHTML("(".$title.")",$text) ;
920     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
921     EndHTML() ;
922     exit ;
923     } // end function Error
924    
925     //////////////////////////////////////////////////////////////////
926    
927     function CreateHash($user, $pw) {
928    
929     global $gblHash ; // hash function to use
930    
931     if ($user == "" || $pw == "") {
932     $text = "either no password or no username supplied" ;
933     Error("Create Hash",$text) ;
934     }
935     $title = "(Create Hash)" ;
936     StartHTML($title) ;
937     echo "<P ALIGN=center>" ;
938     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
939     echo "into the<BR>value for \$gblPw in the source of " ;
940     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
941     echo "</B><BR><BR>Hash function: " . $gblHash ;
942     echo "</BLOCKQUOTE></P>" ;
943     EndHTML() ;
944     exit ;
945    
946     } // end function CreateHash
947    
948     //////////////////////////////////////////////////////////////////
949    
950     function NoEntry() {
951    
952     $user = $GLOBALS["PHP_AUTH_USER"] ;
953     $pw = $GLOBALS["PHP_AUTH_PW"] ;
954     $self = $GLOBALS["PHP_SELF"] ;
955    
956     $title = "(401 Unauthorized)" ;
957     $text = "No trespassing !" ;
958     StartHTML($title,$text) ;
959     ?>
960    
961 dpavlin 1.4 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
962     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
963     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
964 dpavlin 1.1
965     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
966     Click below to <B>generate a password hash</B><BR>from
967     the username-password pair you just<BR>entered. Then include the hash in
968     the source<BR>of this file.<BR><BR>
969     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
970     </BLOCKQUOTE></FORM>
971    
972     <?php
973     EndHTML() ;
974     exit ;
975     }
976    
977     //////////////////////////////////////////////////////////////////
978    
979 dpavlin 1.21 function LogIt($target,$msg) {
980 dpavlin 1.2
981     $dir=dirname($target);
982     if (! file_exists($dir."/.log")) {
983     mkdir($dir."/.log",0700);
984     }
985     $file=basename($target);
986    
987     $log=fopen("$dir/.log/$file","a+");
988     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
989     "\t$GLOBALS[gblUserName]\t$msg\n");
990     fclose($log);
991    
992     }
993    
994    
995 dpavlin 1.4 //////////////////////////////////////////////////////////////////
996    
997     function WriteNote($target,$msg) {
998    
999 dpavlin 1.21 $target=stripSlashes($target);
1000 dpavlin 1.4 $dir=dirname($target);
1001     if (! file_exists($dir."/.note")) {
1002     mkdir($dir."/.note",0700);
1003     }
1004     $file=basename($target);
1005    
1006     $note=fopen("$dir/.note/$file","w");
1007     fputs($note,"$msg\n");
1008     fclose($note);
1009    
1010     Logit($target,"added note $msg");
1011    
1012     }
1013    
1014     function ReadNote($target) {
1015    
1016 dpavlin 1.21 $target=stripSlashes($target);
1017 dpavlin 1.4 $dir=dirname($target);
1018     $file=basename($target);
1019     $msg="";
1020     if (file_exists($dir."/.note/$file")) {
1021     $note=fopen("$dir/.note/$file","r");
1022     $msg=fgets($note,4096);
1023     fclose($note);
1024     }
1025 dpavlin 1.6 return StripSlashes($msg);
1026 dpavlin 1.4
1027     }
1028    
1029     //////////////////////////////////////////////////////////////////
1030    
1031     function MoveTo($source,$folder) {
1032    
1033 dpavlin 1.21 $source=stripSlashes($source);
1034 dpavlin 1.4 $file=basename($source);
1035     if (! file_exists($folder)) {
1036     mkdir($folder,0700);
1037     }
1038     if (file_exists($source)) {
1039     rename($source,"$folder/$file");
1040     }
1041     }
1042 dpavlin 1.2
1043     //////////////////////////////////////////////////////////////////
1044    
1045 dpavlin 1.6 function Lock($target) {
1046    
1047 dpavlin 1.21 $target=stripSlashes($target);
1048 dpavlin 1.6 $dir=dirname($target);
1049     if (! file_exists($dir."/.lock")) {
1050     mkdir($dir."/.lock",0700);
1051     }
1052     $file=basename($target);
1053    
1054     if (file_exists("$dir/.lock/$file")) {
1055     Logit($target,"attempt to locked allready locked file!");
1056     } else {
1057     $lock=fopen("$dir/.lock/$file","w");
1058     fputs($lock,"$GLOBALS[gblUserName]\n");
1059     fclose($lock);
1060    
1061     Logit($target,"file locked");
1062     }
1063    
1064     }
1065    
1066     function CheckLock($target) {
1067    
1068 dpavlin 1.21 $target=stripSlashes($target);
1069 dpavlin 1.6 $dir=dirname($target);
1070     $file=basename($target);
1071     $msg=0;
1072     if (file_exists($dir."/.lock/$file")) {
1073     $lock=fopen("$dir/.lock/$file","r");
1074     $msg=fgets($lock,4096);
1075     fclose($lock);
1076     }
1077     return chop($msg);
1078    
1079     }
1080    
1081     function Unlock($target) {
1082    
1083 dpavlin 1.21 $target=stripSlashes($target);
1084 dpavlin 1.6 $dir=dirname($target);
1085     $file=basename($target);
1086     if (file_exists($dir."/.lock/$file")) {
1087     unlink("$dir/.lock/$file");
1088     Logit($target,"file unlocked");
1089     } else {
1090     Logit($target,"attempt to unlocked non-locked file!");
1091     }
1092    
1093     }
1094    
1095     //////////////////////////////////////////////////////////////////
1096    
1097 dpavlin 1.9 function urlpath($url) {
1098 dpavlin 1.8 $url=urlencode(StripSlashes("$url"));
1099 dpavlin 1.7 $url=str_replace("%2F","/",$url);
1100     $url=str_replace("+","%20",$url);
1101 dpavlin 1.9 return($url);
1102 dpavlin 1.7 }
1103    
1104     //////////////////////////////////////////////////////////////////
1105    
1106 dpavlin 1.8 function safe_rename($from,$to) {
1107     if (file_exists($from) && is_writable(dirname($to))) {
1108     rename($from,$to);
1109     }
1110     }
1111    
1112     //////////////////////////////////////////////////////////////////
1113    
1114 dpavlin 1.16 // recursivly delete directory
1115    
1116     function rrmdir($dir) {
1117     $handle=opendir($dir);
1118     while ($file = readdir($handle)) {
1119     if ($file != "." && $file != "..") {
1120     if (is_dir("$dir/$file"))
1121     rrmdir("$dir/$file");
1122     else
1123     if (! @unlink("$dir/$file")) return(0);
1124     }
1125     }
1126     closedir($handle);
1127     return @rmdir($dir);
1128     }
1129    
1130     //////////////////////////////////////////////////////////////////
1131    
1132 dpavlin 1.18 function ChangeLog($target,$msg) {
1133    
1134     global $gblFsRoot;
1135     $log=fopen("$gblFsRoot/.changelog","a+");
1136     if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
1137     $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
1138     fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
1139     fclose($log);
1140    
1141     }
1142    
1143     function DisplayChangeLog($day) {
1144    
1145     global $gblFsRoot;
1146 dpavlin 1.20 if (!file_exists("$gblFsRoot/.changelog")) return;
1147 dpavlin 1.18 $log=fopen("$gblFsRoot/.changelog","r");
1148     $logarr = array();
1149     while($line = fgetcsv($log,255,"\t")) {
1150 dpavlin 1.23 if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) {
1151 dpavlin 1.18 array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1152     }
1153     }
1154     fclose($log);
1155     $cl1=" class=lst"; $cl2="";
1156     print "<table border=0 width=100%>\n";
1157     while ($e = array_shift($logarr)) {
1158     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1159     $date = date("$GLOBALS[gblDateFmt]", $e[0]);
1160     $time = date("$GLOBALS[gblTimeFmt]", $e[0]);
1161     $dir = dirname($e[1]);
1162     $file = basename($e[1]);
1163     print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$GLOBALS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1164     }
1165     print "</table>";
1166 dpavlin 1.21 print "<p>".GifIcon(up)." Back to <a href=$GLOBALS[PHP_SELF]>front page</a>.</p>";
1167 dpavlin 1.18 }
1168    
1169     //////////////////////////////////////////////////////////////////
1170    
1171 dpavlin 1.1 // MAIN PROGRAM
1172     // ============
1173     // query parameters: capital letters
1174     // local functions : begin with capital letters
1175     // global constants: begin with gbl
1176    
1177 dpavlin 1.2 $gblFilePerms = 0640 ; // default for new files
1178     $gblDirPerms = 0750 ; // default for new dirs
1179 dpavlin 1.1
1180     // phpinfo() ;
1181     // exit ;
1182    
1183     // forks before authentication: style sheet and hash
1184     // creation if password not yet set.
1185     if ($STYLE == "get") { CSS() ; exit ; }
1186     if ($HASH != "") {
1187     CreateHash($USER, $PW) ;
1188     exit ;
1189     }
1190    
1191     // authentication if $gblAuth == true
1192 dpavlin 1.2 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
1193     isset($relogin) && $gblPw == $relogin ) {
1194 dpavlin 1.1 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
1195     header("HTTP/1.0 401 Unauthorized") ;
1196     NoEntry() ;
1197     exit ;
1198     }
1199    
1200     // get current directory relative to $gblFsRoot
1201     $relDir = $DIR ; // from POST
1202     if ($relDir == "") { // not defined in POST ?
1203     $relDir = urldecode($D) ; // then use GET
1204     }
1205    
1206     if ($relDir == "/") $relDir = "" ;
1207     // default : website root = ""
1208    
1209     if (strstr($relDir,"..")) Error("No updirs allowed");
1210    
1211     // full paths contain "fs" or "Fs". Paths realitve to root of
1212     // website contain "rel" or "Rel". The script won't let you
1213     // edit anything above directory equal to http://server.com
1214     // i.e. below $gblFsRoot.
1215    
1216     $relScriptDir = dirname($SCRIPT_NAME) ;
1217     // i.e. /siteman
1218    
1219     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1220     // i.e. /home/httpd/html/siteman
1221    
1222     $gblFsRoot = substr($fsScriptDir,0,
1223     strlen($fsScriptDir)-strlen($relScriptDir)) ;
1224     // i.e. /home/httpd/html
1225    
1226     $fsDir = $gblFsRoot . $relDir ; // current directory
1227     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1228 dpavlin 1.22
1229     $FN=stripSlashes($FN);
1230    
1231 dpavlin 1.1 switch ($POSTACTION) {
1232     case "UPLOAD" :
1233 dpavlin 1.2 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1234 dpavlin 1.1 if (strstr($FN_name,"/"))
1235     Error("Non-conforming filename") ;
1236     // TODO : should rather check for escapeshellcmds
1237     // but maybe RFC 18xx asserts safe filenames ....
1238     $source = $FN ;
1239 dpavlin 1.6 if (! isset($FILENAME)) { // from update file
1240     $target = "$fsDir/$FN_name" ;
1241     } else {
1242     $target = "$fsDir/$FILENAME";
1243     }
1244 dpavlin 1.2
1245     // backup old files first
1246     $dir=dirname($target);
1247     if (! file_exists($dir."/.bak")) {
1248     mkdir($dir."/.bak",0700);
1249     }
1250     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1251     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1252     }
1253     $file=basename($target);
1254     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1255 dpavlin 1.4 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1256 dpavlin 1.2 }
1257 dpavlin 1.6 MoveTo($target,$dir."/.bak/1/");
1258 dpavlin 1.2
1259     copy($source,$target) ;
1260     chmod($target,$gblFilePerms) ;
1261 dpavlin 1.1 clearstatcache() ;
1262 dpavlin 1.2 Logit($target,"uploaded");
1263 dpavlin 1.6 if (isset($FILENAME)) {
1264     Unlock($target);
1265     }
1266 dpavlin 1.18 ChangeLog($target,"updated");
1267 dpavlin 1.1 break ;
1268    
1269     case "SAVE" :
1270 dpavlin 1.17 $path = $gblFsRoot . $RELPATH ;
1271 dpavlin 1.22 $path=stripSlashes($path);
1272 dpavlin 1.2 $writable = is_writeable($path) ;
1273     $legaldir = is_writeable(dirname($path)) ;
1274 dpavlin 1.1 $exists = (file_exists($path)) ? 1 : 0 ;
1275     // check for legal extension here as well
1276     if (!($writable || (!$exists && $legaldir)))
1277     Error("Write denied",$RELPATH) ;
1278     $fh = fopen($path, "w") ;
1279 dpavlin 1.22 $FILEDATA=stripSlashes($FILEDATA);
1280 dpavlin 1.1 fwrite($fh,$FILEDATA) ;
1281     fclose($fh) ;
1282     clearstatcache() ;
1283 dpavlin 1.2 Logit($path,"saved changes");
1284 dpavlin 1.18 ChangeLog($path,"saved changes");
1285 dpavlin 1.1 break ;
1286    
1287     case "CREATE" :
1288     // we know $fsDir exists
1289 dpavlin 1.2 if ($FN == "") break; // no filename!
1290     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1291 dpavlin 1.1 $path = $fsDir . "/" . $FN ; // file or dir to create
1292     $relPath = $relDir . "/" . $FN ;
1293     switch ( $T ) {
1294     case "D" : // create a directory
1295 dpavlin 1.6 if ( ! @mkdir($path,$gblDirPerms) )
1296     Error("Mkdir failed",$relPath) ; // eg. if it exists
1297     clearstatcache() ;
1298     break ;
1299 dpavlin 1.1 case "F" : // create a new file
1300     // this functionality is doubled in DetailView().
1301     // better keep it here altogether
1302     // chmod perms to $gblFilePerms
1303 dpavlin 1.6 if ( file_exists($path) && !is_writable($path) )
1304     Error("File not writable", $relPath) ;
1305     $fh = fopen($path, "w+") ;
1306     if ($fh) {
1307     fputs($fh,"\n");
1308     fclose($fh) ;
1309     LogIt($path,"file created");
1310     } else {
1311     Error("Creation of file $relPath failed -- $path");
1312     }
1313     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1314     header("Location: " . $tstr) ;
1315 dpavlin 1.18 ChangeLog($target,"created");
1316 dpavlin 1.6 exit ;
1317 dpavlin 1.1 }
1318     break ;
1319    
1320     case "DELETE" :
1321     if ( $CONFIRM != "on" ) break ;
1322    
1323     $tstr = "Attempt to delete non-existing object or " ;
1324     $tstr .= "insufficient privileges: " ;
1325    
1326     if ( $FN != "") { // delete file
1327 dpavlin 1.2 $path = $fsDir . "/" . $FN ;
1328    
1329     $dir=dirname($path);
1330     $file=basename($path);
1331     if (! file_exists("$dir/.del")) {
1332     mkdir("$dir/.del",0700);
1333     }
1334    
1335     // if ( ! @unlink($path) ) {
1336     if ( ! rename($path,"$dir/.del/$file") ) {
1337     Error("File delete failed", $tstr . $path) ;
1338     Logit($path,"file delete failed");
1339     exit ;
1340     } else {
1341     Logit($path,"file deleted");
1342 dpavlin 1.4 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1343     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1344 dpavlin 1.6 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1345 dpavlin 1.2 }
1346 dpavlin 1.1 }
1347     else { // delete directory
1348 dpavlin 1.16 if ( ! @rrmdir($fsDir) ) {
1349 dpavlin 1.1 Error("Rmdir failed", $tstr . $fsDir) ;
1350     }
1351     else {
1352     $relDir = dirname($relDir) ; // move up
1353     }
1354     }
1355     break ;
1356    
1357 dpavlin 1.2 case "UNDELETE" :
1358     if ( $CONFIRM != "on" ) break ;
1359    
1360     if (substr($FN,0,4) != ".del") break ;
1361     $file=substr($FN,4,strlen($FN)-4);
1362    
1363     Logit("$fsDir/.del/$file","undeleted");
1364 dpavlin 1.4 MoveTo("$fsDir/.del/$file","$fsDir/");
1365     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1366     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1367 dpavlin 1.6 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1368 dpavlin 1.2
1369     break ;
1370    
1371     case "RENAME" :
1372     if ( $CONFIRM != "on" ) break ;
1373    
1374     Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1375 dpavlin 1.8 safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
1376     safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1377     safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
1378     safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
1379 dpavlin 1.11 for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
1380     safe_rename("$fsDir/.bak/$i/$FN","$fsDir/.bak/$i/$NEWNAME");
1381     }
1382 dpavlin 1.2
1383 dpavlin 1.4 break ;
1384    
1385     case "NOTE" :
1386     WriteNote("$fsDir/$FN","$NOTE");
1387 dpavlin 1.2 break ;
1388    
1389 dpavlin 1.6 case "UNLOCK" :
1390     if ( $CONFIRM != "on" ) break ;
1391     Unlock("$fsDir/$FN");
1392     break ;
1393    
1394 dpavlin 1.1 default :
1395     // user hit "CANCEL" or undefined action
1396     }
1397    
1398     // common to all POSTs : redirect to directory view ($relDir)
1399     if ( $POSTACTION != "" ) {
1400     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1401     header("Location: " . $tstr) ;
1402     exit ;
1403     }
1404    
1405     // check for mode.. navigate, code display, upload, or detail?
1406     // $A=U : upload to path given in $D
1407     // $A=E : display detail of file $D/$F and edit
1408     // $A=C : display code in file $D/$F
1409 dpavlin 1.6 // $A=Co : checkout file $D/$F
1410     // $A=Ci : checkin file $D/$F
1411     // $A=V : view file (do nothing except log)
1412 dpavlin 1.1 // default : display directory $D
1413 dpavlin 1.21
1414 dpavlin 1.1 switch ($A) {
1415     case "U" :
1416     // upload to $relDir
1417 dpavlin 1.2 if (!is_writeable($gblFsRoot . $relDir))
1418 dpavlin 1.1 Error("Write access denied",$relDir) ;
1419     $text = "Use this page to upload a single " ;
1420     $text .= "file to <B>$SERVER_NAME</B>." ;
1421     StartHTML("(Upload Page)", $text) ;
1422     UploadPage($gblFsRoot, $relDir) ;
1423     EndHTML() ;
1424     exit ;
1425     case "E" :
1426 dpavlin 1.22 $F=stripSlashes($F);
1427 dpavlin 1.1 // detail of $relDir/$F
1428 dpavlin 1.2 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1429 dpavlin 1.1 exit ;
1430     case "C" :
1431 dpavlin 1.22 $F=stripSlashes($F);
1432 dpavlin 1.1 // listing of $relDir/$F
1433     DisplayCode($gblFsRoot, $relDir, $F) ;
1434     exit ;
1435 dpavlin 1.6 case "Co" :
1436     // checkout
1437     Lock("$gblFsRoot/$relDir/$F");
1438 dpavlin 1.12 header("Content-Disposition: attachment; filename=$F" );
1439 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1440 dpavlin 1.6 exit;
1441     case "Ci" :
1442 dpavlin 1.22 $F=stripSlashes($F);
1443 dpavlin 1.6 // upload && update to $relDir
1444     if (!is_writeable($gblFsRoot . $relDir))
1445     Error("Write access denied",$relDir) ;
1446     $text = "Use this page to update a single " ;
1447     $text .= "file to <B>$SERVER_NAME</B>." ;
1448     StartHTML("(Update file Page)", $text) ;
1449     UploadPage($gblFsRoot, $relDir, $F) ;
1450     EndHTML() ;
1451     exit ;
1452     case "V" :
1453     // view
1454 dpavlin 1.9 LogIt("$gblFsRoot/$relDir/$F","viewed");
1455 dpavlin 1.12 header("Content-Disposition: attachment; filename=$F" );
1456 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1457 dpavlin 1.18 exit;
1458     case "Ch" :
1459     StartHTML("(File changes)","All changes chronologicaly...");
1460     DisplayChangeLog(0); // all
1461     EndHTML() ;
1462     exit;
1463     case "Ch1" :
1464     StartHTML("(File changes)","Changes to files in last day...");
1465     DisplayChangeLog(1);
1466     EndHTML() ;
1467 dpavlin 1.6 exit;
1468 dpavlin 1.1 }
1469    
1470     // default: display directory $relDir
1471     Navigate($gblFsRoot,$relDir) ;
1472     exit ;
1473    
1474     Error("Whooah!","By cartesian logic, this never happens") ;
1475     ?>

  ViewVC Help
Powered by ViewVC 1.1.26