/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.6 - (hide annotations)
Fri Aug 4 10:07:04 2000 UTC (23 years, 7 months ago) by dpavlin
Branch: MAIN
Changes since 1.5: +193 -43 lines
fix relogin (if siteman is in some path)
don't show file content for edit if file is locked
enable forceing of unlock
view file via siteman (so that views are recorderd in log)
support for filename/pathname with spaces
check-out/check-in support (locks)
little help on bottom of screen
support for update of file (needed for check-in)
fixed creation of new file
added missing .note handling to rename

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37 dpavlin 1.2 /*
38     2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39    
40     nuked exec calls (unsecure)
41     nuked writeable function (replaced by php is_writeable)
42     added support for https (tested with apache+mod_ssl)
43     added users file
44     date format user-selectable
45     cycle backup files in bak directory
46     support links as directoryes (for now)
47     support of file history logging
48     undelete capabilities (delete moves to .del directory)
49    
50     2000-07-26 DbP
51    
52     added more checking on entered filename (when creating file/dir)
53     added rename option
54    
55    
56     IMPORTANT INSTALLATION NOTE:
57     deny serving of .* (dot-something) files in web server!
58     Otherwise, uses can access your log files, users and/or
59     deleted files!
60    
61     .htusers is in form:
62     login:Real Name:md5(loginpassword)
63    
64    
65     TODO:
66     mixed file/directory output (add type to each entry,
67     real support for links)
68     add more content-management (like cms.sourceforge.net):
69     check-out/check-in/reserve
70     comments to files
71     */
72    
73 dpavlin 1.1 //////////////////////////////////////////////////////////////////
74    
75     // TODO : Don't let the file be modified itself. Create a hash of
76     // it (kinda hard since it's self-referential ;-). Make better use
77     // of session management. Escapeshellcmd for all user input.
78    
79     //////////////////////////////////////////////////////////////////
80    
81     // GLOBAL PARAMETERS
82     // =================
83     // Make modifications here to suit siteman to your needs
84    
85     // error_reporting(4) ; // how verbose ?
86    
87     // username/password should not be system
88     // usernames/passwords !!
89    
90 dpavlin 1.2 // $gblPw = "hash_of_your_username_and_password" ;
91    
92     // $gblAuth = false ; // use builtin authentication
93     $gblAuth = true ; // use builtin authentication
94 dpavlin 1.1 $gblHash = "md5" ; // hash function to use
95    
96 dpavlin 1.2 $gblPw = "";
97    
98     if ($gblAuth) {
99 dpavlin 1.3 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
100     if (! file_exists($htusers_file)) {
101     $htusers=fopen($htusers_file,"a+");
102     fputs($htusers,"# Change owner of $htusers_file to root !!\n");
103     fputs($htusers,"demo:full name:md5_hash\n");
104     fclose($htusers);
105     }
106     $htusers=fopen($htusers_file,"r");
107 dpavlin 1.2 while($user = fgetcsv($htusers,255,":")) {
108     if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
109     $gblUserName=$user[1];
110     $gblPw=$user[2];
111     continue ;
112     }
113     }
114     fclose($htusers);
115     }
116    
117     // $gblDateFmt="D, F d, Y";
118     // $gblTimeFmt="g:i:sA";
119    
120     $gblDateFmt="Y-m-d";
121     $gblTimeFmt="H:i:s";
122    
123     // Number of backup files to keep
124     $gblNumBackups=5;
125    
126 dpavlin 1.1 // choose GifIcon below unless you have the M$
127     // WingDings font installed on your system
128    
129     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
130    
131     // the directory below should be /icons/ or /icons/small/
132     // on Apache; a set of icons is included in the distribution
133    
134 dpavlin 1.3 $gblIconLocation = "/icons/" ;
135 dpavlin 1.1
136     // files you want to be able to edit in text mode
137     // and view with (primitive) syntax highlighting
138    
139     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
140     ".cfm",".php3",".php",".phtml",
141     ".shtml",".css" ) ;
142    
143     // files that will display as images on the detail page
144     // (useless if your browser doesn't support them)
145    
146     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
147     ".bmp",".xbm") ;
148    
149     //////////////////////////////////////////////////////////////////
150    
151     function StartHTML($title,$text="") {
152    
153     $title = "Site Manager " . $title ;
154     $host = $GLOBALS["HTTP_HOST"] ;
155     $self = $GLOBALS["PHP_SELF"] ;
156     ?>
157    
158     <HTML>
159     <HEAD>
160 dpavlin 1.4 <TITLE><?= $host . " " . $title ?></TITLE>
161 dpavlin 1.1 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
162     <META NAME="keywords" CONTENT="site manager, web site maintenance">
163     <META NAME="robots" CONTENT="noindex">
164     <META HTTP-EQUIV="expires" CONTENT="0">
165     <LINK REL="stylesheet" TYPE="text/css"
166 dpavlin 1.4 HREF="<?= $self ?>?STYLE=get">
167 dpavlin 1.1 </HEAD>
168     <BODY BGCOLOR="#FFFFFF">
169 dpavlin 1.4 <H3 ALIGN="RIGHT"><?= $host ?></H3>
170 dpavlin 1.1 <TABLE BORDER=0 WIDTH="100%"><TR>
171 dpavlin 1.4 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
172     <P><?= $text ?></P>
173 dpavlin 1.1
174     <?php
175     } // end function StartHTML
176    
177     //////////////////////////////////////////////////////////////////
178    
179     function EndHTML() {
180     ?>
181    
182     <HR>
183     <P CLASS=FTR>
184 dpavlin 1.2 <B><?= date($GLOBALS[gblDateFmt]) ?> -
185     <?= date($GLOBALS[gblTimeFmt]) ?> -
186     <?= $GLOBALS[gblUserName] ?>
187 dpavlin 1.6 <small> [<a href="<?= $GLOBALS["PHP_SELF"] ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
188 dpavlin 1.2 </B>
189     <BR>ANYPORTAL(php) Site Manager
190     <br><small>
191     &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
192     &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
193     &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
194     </small>
195 dpavlin 1.1 </P>
196 dpavlin 1.2 <BR>
197 dpavlin 1.4 <? include(".debug.inc") ?>
198 dpavlin 1.2 <BR><BR></BODY></HTML>
199 dpavlin 1.1
200     <?php
201     } // end function EndHTML
202    
203     //////////////////////////////////////////////////////////////////
204    
205     function CSS() {
206     ?>
207    
208 dpavlin 1.2 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
209 dpavlin 1.1 .BLK { color:black; }
210     .RED { color:red; }
211     .TOP { color:red; font-size:70%; } /* table headings */
212     .INV { color:white; background-color:navy;
213     font-weight:bold; font-size:120%; } /* title */
214     .FTR { } /* footer */
215     .LST { background-color:#E0E0E0; } /* table cells */
216     .BAR { background-color:#E0E0E0; } /* action bar */
217     PRE { color:blue; font-family:Lucida Console,Courier New,
218     Courier,sans-serif; } /* source code */
219     EM { color:green; font-style:normal; } /* line numbers */
220     .REM { color:silver; }
221     .XML { color:navy; background-color:yellow; }
222     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
223     A:HOVER { color:red; }
224    
225     <?php
226     } // end function CSS
227    
228     //////////////////////////////////////////////////////////////////
229    
230     function DetailPage($fsRoot,$relDir,$fn) {
231    
232     global $gblEditable, $gblImages ;
233     $self = $GLOBALS["PHP_SELF"] ;
234    
235     $relPath = $relDir . "/" . $fn ;
236     $fsPath = $fsRoot . $relPath ;
237     $fsDir = $fsRoot . $relDir ;
238    
239     $exists = file_exists($fsPath) ;
240     $ext = strtolower(strrchr($relPath,".")) ;
241     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
242 dpavlin 1.2 $writable = is_writeable($fsPath) ;
243 dpavlin 1.6 $file_lock = CheckLock($fsPath);
244 dpavlin 1.1
245     if (!$editable && !$exists)
246     Error("Creation unsupported for type",$relPath) ;
247 dpavlin 1.2 if (!exists && !is_writeable($fsDir) )
248 dpavlin 1.1 Error("Creation denied",$relDir) ;
249    
250     $text = "Use this page to view, modify or " ;
251     $text .= "delete a single document on this " ;
252     $text .= "web site." ;
253     $title = "(Detail Page)" ;
254     StartHTML($title, $text) ;
255    
256     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
257     if ($exists) { // get file info
258 dpavlin 1.4 $fsize = filesize($fsPath) ;
259     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
260     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
261     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
262     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
263     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
264     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
265     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
266     echo " permissions: <B>" ;
267     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
268     echo "</PRE>" ;
269 dpavlin 1.2
270 dpavlin 1.1 }
271    
272 dpavlin 1.6 if ( $editable && ($writable || !$exists) && !$file_lock ) {
273 dpavlin 1.1 $fh = fopen($fsPath,"a+") ;
274     rewind($fh) ;
275     $fstr = fread($fh,filesize($fsPath)) ;
276     fclose($fh) ;
277     $fstr = htmlentities( $fstr ) ;
278     ?>
279    
280 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
281 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
282     <B>DOCUMENT CONTENTS</B>
283     </SPAN><BR>
284     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
285     echo($fstr) ; ?></TEXTAREA>
286 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
287     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
288 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
289 dpavlin 1.2 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
290 dpavlin 1.4 VALUE="<?= $relPath ; ?>">
291 dpavlin 1.2 <br>
292     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
293 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="SAVE">
294     </FORM>
295    
296     <?php
297 dpavlin 1.6 } else if ( strstr( join(" ",$gblImages), $ext ) ) {
298     $info = getimagesize($fsPath) ;
299     $tstr = "<IMG SRC=\"". $relPath . "\" BORDER=0 " ;
300     $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
301     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
302     echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
303 dpavlin 1.1 }
304 dpavlin 1.6
305 dpavlin 1.1 ?>
306    
307 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
308     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
309     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
310 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
311    
312     <?php
313 dpavlin 1.6
314     if ($file_lock) {
315     ?>
316     <hr>
317     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
318     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
319     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
320     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
321     <?
322     } // file_lock
323    
324 dpavlin 1.2 if (substr($fn,0,4) == ".del") {
325     $action="UNDELETE";
326     $desc="undelete previously deleted file";
327     } else {
328     $action="DELETE";
329     $desc="delete";
330     }
331    
332 dpavlin 1.1 if ($exists && $writable) {
333     ?>
334    
335 dpavlin 1.4 <HR>
336     <a name="undelete">
337     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
338     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
339 dpavlin 1.2 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
340     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
341    
342 dpavlin 1.4 <HR>
343     <a name="rename">
344     <SPAN TITLE="Check OK and click [RENAME] to rename.">
345     <B>OK TO RENAME "<?= $fn ; ?>" TO
346 dpavlin 1.2 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
347     ? </B></SPAN>
348 dpavlin 1.1 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
349 dpavlin 1.2 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
350 dpavlin 1.1
351 dpavlin 1.5 <?php
352     } // exists && writable
353     ?>
354 dpavlin 1.4 <HR>
355     <a name="note">
356     <B>NOTE FOR "<?= $fn ; ?>":
357     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
358     </B></SPAN>
359     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
360    
361 dpavlin 1.5 </FORM>
362    
363 dpavlin 1.1 <?php
364 dpavlin 1.5
365 dpavlin 1.2
366     $logname=dirname("$fsDir/$fn")."/.log/".basename("$fsDir/$fn");
367     if (file_exists($logname)) {
368     print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
369     $log=fopen($logname,"r");
370     $cl1=" class=lst"; $cl2="";
371     while($line = fgetcsv($log,255,"\t")) {
372     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
373     print "<tr><td$cl>$line[0]</td><td$cl>$line[1]</td><td$cl>$line[2]</td><td$cl>$line[3]</td></tr>\n";
374     }
375     fclose($log);
376     print "</table>";
377     }
378    
379 dpavlin 1.1 EndHTML() ;
380    
381     } // end function DetailPage
382    
383     //////////////////////////////////////////////////////////////////
384    
385     function DisplayCode($fsRoot,$relDir,$fn) {
386    
387     $path = $fsRoot . $relDir . "/" . $fn ;
388    
389     if (!file_exists($path)) Error("File not found",$path) ;
390    
391     StartHTML("(".$relDir."/".$fn.")","");
392    
393     $tstr = join("",file($path)) ;
394     $tstr = htmlentities($tstr) ;
395    
396     // Tabs
397     $tstr = str_replace(chr(9)," ",$tstr) ;
398    
399     // ASP tags & XML/PHP tags
400     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
401     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
402     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
403     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
404    
405     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
406     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
407     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
408     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
409    
410     // C style comment
411     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
412     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
413    
414     // HTML comments
415     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
416     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
417    
418     echo "<PRE>" ;
419    
420     $tstr = split("\n",$tstr) ;
421     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
422     // add line numbers
423     echo "<BR><EM>" ;
424     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
425     $line = $tstr[$i] ;
426     // C++ style comments
427     $pos = strpos($line,"//") ;
428     // exceptions: two slashes aren't a script comment
429     if (strstr($line,"//") &&
430     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
431     ! (substr($line,$pos,8) == "//--&gt;") &&
432     ! (substr($line,$pos,9) == "// --&gt;")) {
433     $beg = substr($line,0,strpos($line,"//")) ;
434     $end = strstr($line,"//") ;
435     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
436     }
437     // shell & asp style comments
438     $first = substr(ltrim($line),0,1) ;
439     if ($first == "#" || $first == "'") {
440     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
441     }
442     print($line) ;
443     } // next i
444    
445     echo "</PRE>" ;
446    
447     EndHTML() ;
448    
449     } // end function DisplayCode
450    
451     //////////////////////////////////////////////////////////////////
452    
453     function MockIcon($txt) {
454     $tstr = "<SPAN CLASS=MCK>" ;
455    
456     switch (strtolower($txt)) {
457     case ".bmp" :
458     case ".gif" :
459     case ".jpg" :
460     case ".jpeg":
461     case ".tif" :
462     case ".tiff":
463     $d = 176 ;
464     break ;
465     case ".doc" :
466     $d = 50 ;
467     break ;
468     case ".exe" :
469     case ".bat" :
470     $d = 255 ;
471     break ;
472     case ".bas" :
473     case ".c" :
474     case ".cc" :
475     case ".src" :
476     $d = 255 ;
477     break ;
478     case "file" :
479     $d = 51 ;
480     break ;
481     case "fldr" :
482     $d = 48 ;
483     break ;
484     case ".htm" :
485     case ".html":
486     case ".asa" :
487     case ".asp" :
488     case ".cfm" :
489     case ".php3":
490     case ".php" :
491     case ".phtml" :
492     case ".shtml" :
493     $d = 182 ;
494     break ;
495     case ".pdf" :
496     $d = 38 ;
497     break;
498     case ".txt" :
499     case ".ini" :
500     $d = 52 ;
501     break ;
502     case ".xls" :
503     $d = 252 ;
504     break ;
505     case ".zip" :
506     case ".arc" :
507     case ".sit" :
508     case ".tar" :
509     case ".gz" :
510     case ".tgz" :
511     case ".Z" :
512     $d = 59 ;
513     break ;
514     case "view" :
515     $d = 52 ;
516     break ;
517     case "up" :
518     $d = 199 ;
519     break ;
520     case "blank" :
521     return "&nbsp;&nbsp;</SPAN>" ;
522     break ;
523     default :
524     $d = 51 ;
525     }
526    
527     return $tstr . chr($d) . "</SPAN>" ;
528     } // end function MockIcon
529    
530     //////////////////////////////////////////////////////////////////
531    
532     function GifIcon($txt) {
533     global $gblIconLocation ;
534    
535     switch (strtolower($txt)) {
536     case ".bmp" :
537     case ".gif" :
538     case ".jpg" :
539     case ".jpeg":
540     case ".tif" :
541     case ".tiff":
542     $d = "image2.gif" ;
543     break ;
544     case ".doc" :
545     $d = "layout.gif" ;
546     break ;
547     case ".exe" :
548     case ".bat" :
549     $d = "screw2.gif" ;
550     break ;
551     case ".bas" :
552     case ".c" :
553     case ".cc" :
554     case ".src" :
555     $d = "c.gif" ;
556     break ;
557     case "file" :
558     $d = "generic.gif" ;
559     break ;
560     case "fldr" :
561     $d = "dir.gif" ;
562     break ;
563     case ".phps" :
564     $d = "phps.gif" ;
565     break ;
566     case ".php3" :
567     $d = "php3.gif" ;
568     break ;
569     case ".htm" :
570     case ".html":
571     case ".asa" :
572     case ".asp" :
573     case ".cfm" :
574     case ".php3":
575     case ".php" :
576     case ".phtml" :
577     case ".shtml" :
578     $d = "world1.gif" ;
579     break ;
580     case ".pdf" :
581     $d = "pdf.gif" ;
582     break;
583     case ".txt" :
584     case ".ini" :
585     $d = "text.gif" ;
586     break ;
587     case ".xls" :
588     $d = "box2.gif" ;
589     break ;
590     case ".zip" :
591     case ".arc" :
592     case ".sit" :
593     case ".tar" :
594     case ".gz" :
595     case ".tgz" :
596     case ".Z" :
597     $d = "compressed.gif" ;
598     break ;
599     case "view" :
600     $d = "index.gif" ;
601     break ;
602     case "up" :
603     $d = "back.gif" ;
604     break ;
605     case "blank" :
606     $d = "blank.gif" ;
607     break ;
608 dpavlin 1.4 case "checkout":
609 dpavlin 1.6 $d = "box2.gif";
610 dpavlin 1.4 break;
611     case "checkin":
612 dpavlin 1.6 $d = "hand.up.gif";
613     break;
614     case "locked":
615     $d = "screw2.gif";
616 dpavlin 1.4 break;
617     case "note":
618     $d = "quill.gif";
619     break;
620 dpavlin 1.1 default :
621     $d = "generic.gif" ;
622     }
623    
624     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
625     } // end function GifIcon
626    
627     //////////////////////////////////////////////////////////////////
628    
629     function Navigate($fsRoot,$relDir) {
630    
631     global $gblEditable, $gblIcon ;
632    
633     $self = $GLOBALS["PHP_SELF"] ;
634 dpavlin 1.2 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
635     $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
636     } else {
637     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
638     }
639 dpavlin 1.1 $fsDir = $fsRoot . $relDir . "/" ; // current directory
640    
641     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
642    
643     // read directory contents
644     if ( !($dir = @opendir($fsDir)) )
645     Error("Read Access denied",$relDir) ;
646     while ($item = readdir($dir)) {
647 dpavlin 1.2 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
648 dpavlin 1.1 if ( is_dir($fsDir . $item) ) {
649     $dirList[] = $item ;
650 dpavlin 1.2 } else if ( is_file($fsDir . $item) ) {
651 dpavlin 1.1 $fileList[] = $item ;
652 dpavlin 1.2 } else if ( is_link($fsDir . $item) ) {
653     $dirList[] = $item ;
654     } else {
655 dpavlin 1.1 // unknown file type
656     // $text = "Could not determine file type of " ;
657     // Error("File Error", $text.$relDir."/".$item) ;
658     // exit ;
659     }
660     }
661     closedir($dir) ;
662 dpavlin 1.2
663     // scan deleted files
664     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
665     while ($item = readdir($dir)) {
666     if ( substr($item,0,1) == "." ) continue ;
667     $fileList[] = ".del/$item" ;
668     }
669     closedir($dir) ;
670     }
671    
672 dpavlin 1.1 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
673    
674     // start navigation page
675 dpavlin 1.2 $text = "Use this page to add, delete";
676     if (! isset($show_deleted)) {
677 dpavlin 1.6 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
678 dpavlin 1.2 }
679     $text .= " or revise files on this web site." ;
680 dpavlin 1.1 StartHTML("(Navigate)",$text) ;
681    
682     echo "<TABLE BORDER=0 CELLPADDING=2
683     CELLSPACING=3 WIDTH=\"100%\">" ;
684    
685     // updir bar
686     if ($fsDir != $fsRoot) {
687     $parent = dirname($relDir) ;
688     if ($parent == "") $parent = "/" ;
689     ?>
690    
691 dpavlin 1.4 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
692     <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
693     <B><?= $parent ?></B></A></TD></TR>
694 dpavlin 1.1
695     <?php
696     }
697    
698     // output subdirs
699     if (sizeof($dirList) > 0) {
700     sort($dirList) ;
701     ?>
702    
703 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
704 dpavlin 1.1
705     <?php
706     while (list($key,$dir) = each($dirList)) {
707    
708     $tstr = "<A HREF=\"" . $self . "?D=" ;
709     $tstr .= urlencode($relDir."/".$dir) ;
710     $tstr .= "\">" . $dir . "/</A>" ;
711     ?>
712    
713 dpavlin 1.4 <TR><TD><?= $gblIcon("fldr") ?></TD>
714     <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
715 dpavlin 1.1
716     <?php
717     } // iterate over dirs
718     } // end if no dirs
719     ?>
720    
721 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
722 dpavlin 1.1 </B></TD></TR>
723     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
724 dpavlin 1.6 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
725 dpavlin 1.4 <TD CLASS=TOP>NOTE</TD>
726 dpavlin 1.1 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
727    
728     <?php
729     if (sizeof($fileList) > 0) {
730     sort($fileList) ;
731     while (list($key,$file) = each($fileList)) {
732 dpavlin 1.4 $path = $fsDir."/".$file ;
733     $mod = filemtime($path) ;
734     $sz = filesize($path) ;
735    
736     if ($sz >= 10240) {
737     $sz = (int)(($sz+1023)/1024) . " k" ;
738     } else {
739     $sz .= " " ;
740     } // end size
741 dpavlin 1.1
742 dpavlin 1.4 $a = $b = "" ;
743    
744     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
745    
746     if ( ($mod + 30*86400) > time() ) {
747     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
748     $a .= " than 30 days\"> * </SPAN>" ;
749     }
750    
751 dpavlin 1.6 $file_lock=CheckLock($path);
752    
753     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
754     $file_url_html.="&D=".urlencode($relDir);
755     $file_url_html.="\" TITLE=\"View file\">" ;
756 dpavlin 1.2
757     if (substr($file,0,5) != ".del/") {
758 dpavlin 1.6 $file_url_html .= $file . "</A>" . $a ;
759 dpavlin 1.2 } else {
760 dpavlin 1.6 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
761 dpavlin 1.4 }
762    
763 dpavlin 1.6 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
764 dpavlin 1.4
765     $ext = strtolower(strrchr($file,".")) ;
766 dpavlin 1.6
767     if ($file_lock) {
768     if ($file_lock == $GLOBALS[gblUserName]) {
769     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
770     $b.="&D=".urlencode($relDir);
771     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
772     $file_url_html=$b;
773     $b.=$gblIcon("checkin")."</A>" ;
774     $b.= $gblIcon("blank");
775     $file_url_html.="$file</a> $a";
776     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
777     } else {
778     $b = $gblIcon("locked");
779     $b.= $gblIcon("blank");
780     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
781     $file_url_html = "$file $a";
782     }
783 dpavlin 1.4 } else {
784 dpavlin 1.6 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
785     $b.="&D=".urlencode($relDir);
786     $b.="\" TITLE=\"Checkout file for edit\">" ;
787     $b.=$gblIcon("checkout")."</A>" ;
788    
789     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
790     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
791     $b.="&D=".urlencode($relDir);
792     $b.="\" TITLE=\"List contents\">" ;
793     $b.=$gblIcon("view")."</A>" ;
794     } else {
795     $b.= $gblIcon("blank");
796     }
797 dpavlin 1.2 }
798 dpavlin 1.1
799    
800     ?>
801    
802     <TR><TD>
803 dpavlin 1.4 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
804     <?= $gblIcon($ext) ?></A></TD>
805 dpavlin 1.6 <TD CLASS=LST><?= $file_url_html ?></TD>
806 dpavlin 1.4 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
807 dpavlin 1.6 <TD CLASS=LST ALIGN=left><?= $note_html ?></TD>
808 dpavlin 1.4 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
809     <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
810 dpavlin 1.1
811     <?php
812     } // iterate over files
813     } // end if no files
814    
815     if ($emptyDir) {
816     ?>
817    
818 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
819     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
820     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
821 dpavlin 1.1 OK TO DELETE THIS EMPTY FOLDER?
822     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
823     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
824     </TD></TR>
825     </FORM>
826    
827     <?php
828     } // end if emptyDir
829     ?>
830    
831 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
832 dpavlin 1.1
833 dpavlin 1.6 <TR><TD></TD><TD COLSPAN=5>
834     To just view file without editing, select it's filename (<b>don't edit files which are opened this way!</b>)<br>
835     To <b>edit</b> file select <?= $gblIcon("checkout") ?> to check-out
836     and edit it locally. After editing is over, select filename or <?= $gblIcon("checkin") ?> to check-in (update copy of file on server).<br>
837     <by>If you select icon left from filename, you will get detailed information
838     about file, as well as delete, rename and annotation options.
839     </TD></TR>
840    
841     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
842    
843 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
844     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
845 dpavlin 1.1 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
846     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
847     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
848     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
849 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
850 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
851 dpavlin 1.4 <NOBR>OR <A HREF="<?= $self
852     ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
853 dpavlin 1.1 </NOBR>
854     </TD></TR>
855     </FORM>
856     </TABLE>
857    
858     <?php
859     EndHTML() ;
860     } // end function Navigate
861    
862     //////////////////////////////////////////////////////////////////
863    
864 dpavlin 1.6 function UploadPage($fsRoot, $relDir, $filename) {
865 dpavlin 1.1
866     $self = $GLOBALS["PHP_SELF"] ;
867     if ($relDir == "") $relDir = "/" ;
868     ?>
869    
870     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
871     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
872 dpavlin 1.4 ACTION="<?= $self ?>">
873     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
874 dpavlin 1.6 <? if (isset($filename)) { ?>
875     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
876     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
877     <? } ?>
878 dpavlin 1.1 <P>PATHNAME OF LOCAL FILE<BR>
879 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
880 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
881     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
882     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
883     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
884     you must upgrade to an RFC1867-compliant browser.</P>
885 dpavlin 1.4 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
886 dpavlin 1.1 </FORM>
887     </TD></TR>
888     <TR><TD></TD><TD>
889 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
890     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
891 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
892     </FORM>
893     </TD></TR></TABLE></P>
894    
895     <?php
896     } // end function UploadPage
897    
898     //////////////////////////////////////////////////////////////////
899    
900     function Error($title,$text="") {
901     StartHTML("(".$title.")",$text) ;
902     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
903     EndHTML() ;
904     exit ;
905     } // end function Error
906    
907     //////////////////////////////////////////////////////////////////
908    
909     function CreateHash($user, $pw) {
910    
911     global $gblHash ; // hash function to use
912    
913     if ($user == "" || $pw == "") {
914     $text = "either no password or no username supplied" ;
915     Error("Create Hash",$text) ;
916     }
917     $title = "(Create Hash)" ;
918     StartHTML($title) ;
919     echo "<P ALIGN=center>" ;
920     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
921     echo "into the<BR>value for \$gblPw in the source of " ;
922     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
923     echo "</B><BR><BR>Hash function: " . $gblHash ;
924     echo "</BLOCKQUOTE></P>" ;
925     EndHTML() ;
926     exit ;
927    
928     } // end function CreateHash
929    
930     //////////////////////////////////////////////////////////////////
931    
932     function NoEntry() {
933    
934     $user = $GLOBALS["PHP_AUTH_USER"] ;
935     $pw = $GLOBALS["PHP_AUTH_PW"] ;
936     $self = $GLOBALS["PHP_SELF"] ;
937    
938     $title = "(401 Unauthorized)" ;
939     $text = "No trespassing !" ;
940     StartHTML($title,$text) ;
941     ?>
942    
943 dpavlin 1.4 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
944     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
945     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
946 dpavlin 1.1
947     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
948     Click below to <B>generate a password hash</B><BR>from
949     the username-password pair you just<BR>entered. Then include the hash in
950     the source<BR>of this file.<BR><BR>
951     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
952     </BLOCKQUOTE></FORM>
953    
954     <?php
955     EndHTML() ;
956     exit ;
957     }
958    
959     //////////////////////////////////////////////////////////////////
960    
961 dpavlin 1.2 function Logit($target,$msg) {
962    
963     $dir=dirname($target);
964     if (! file_exists($dir."/.log")) {
965     mkdir($dir."/.log",0700);
966     }
967     $file=basename($target);
968    
969     $log=fopen("$dir/.log/$file","a+");
970     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
971     "\t$GLOBALS[gblUserName]\t$msg\n");
972     fclose($log);
973    
974     }
975    
976    
977 dpavlin 1.4 //////////////////////////////////////////////////////////////////
978    
979     function WriteNote($target,$msg) {
980    
981     $dir=dirname($target);
982     if (! file_exists($dir."/.note")) {
983     mkdir($dir."/.note",0700);
984     }
985     $file=basename($target);
986    
987     $note=fopen("$dir/.note/$file","w");
988     fputs($note,"$msg\n");
989     fclose($note);
990    
991     Logit($target,"added note $msg");
992    
993     }
994    
995     function ReadNote($target) {
996    
997     $dir=dirname($target);
998     $file=basename($target);
999     $msg="";
1000     if (file_exists($dir."/.note/$file")) {
1001     $note=fopen("$dir/.note/$file","r");
1002     $msg=fgets($note,4096);
1003     fclose($note);
1004     }
1005 dpavlin 1.6 return StripSlashes($msg);
1006 dpavlin 1.4
1007     }
1008    
1009     //////////////////////////////////////////////////////////////////
1010    
1011     function MoveTo($source,$folder) {
1012    
1013     $file=basename($source);
1014     if (! file_exists($folder)) {
1015     mkdir($folder,0700);
1016     }
1017     if (file_exists($source)) {
1018     rename($source,"$folder/$file");
1019     }
1020     }
1021 dpavlin 1.2
1022     //////////////////////////////////////////////////////////////////
1023    
1024 dpavlin 1.6 function Lock($target) {
1025    
1026     $dir=dirname($target);
1027     if (! file_exists($dir."/.lock")) {
1028     mkdir($dir."/.lock",0700);
1029     }
1030     $file=basename($target);
1031    
1032     if (file_exists("$dir/.lock/$file")) {
1033     Logit($target,"attempt to locked allready locked file!");
1034     } else {
1035     $lock=fopen("$dir/.lock/$file","w");
1036     fputs($lock,"$GLOBALS[gblUserName]\n");
1037     fclose($lock);
1038    
1039     Logit($target,"file locked");
1040     }
1041    
1042     }
1043    
1044     function CheckLock($target) {
1045    
1046     $dir=dirname($target);
1047     $file=basename($target);
1048     $msg=0;
1049     if (file_exists($dir."/.lock/$file")) {
1050     $lock=fopen("$dir/.lock/$file","r");
1051     $msg=fgets($lock,4096);
1052     fclose($lock);
1053     }
1054     return chop($msg);
1055    
1056     }
1057    
1058     function Unlock($target) {
1059    
1060     $dir=dirname($target);
1061     $file=basename($target);
1062     if (file_exists($dir."/.lock/$file")) {
1063     unlink("$dir/.lock/$file");
1064     Logit($target,"file unlocked");
1065     } else {
1066     Logit($target,"attempt to unlocked non-locked file!");
1067     }
1068    
1069     }
1070    
1071     //////////////////////////////////////////////////////////////////
1072    
1073 dpavlin 1.1 // MAIN PROGRAM
1074     // ============
1075     // query parameters: capital letters
1076     // local functions : begin with capital letters
1077     // global constants: begin with gbl
1078    
1079 dpavlin 1.2 $gblFilePerms = 0640 ; // default for new files
1080     $gblDirPerms = 0750 ; // default for new dirs
1081 dpavlin 1.1
1082     // phpinfo() ;
1083     // exit ;
1084    
1085     // forks before authentication: style sheet and hash
1086     // creation if password not yet set.
1087     if ($STYLE == "get") { CSS() ; exit ; }
1088     if ($HASH != "") {
1089     CreateHash($USER, $PW) ;
1090     exit ;
1091     }
1092    
1093     // authentication if $gblAuth == true
1094 dpavlin 1.2 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
1095     isset($relogin) && $gblPw == $relogin ) {
1096 dpavlin 1.1 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
1097     header("HTTP/1.0 401 Unauthorized") ;
1098     NoEntry() ;
1099     exit ;
1100     }
1101    
1102     // get current directory relative to $gblFsRoot
1103     $relDir = $DIR ; // from POST
1104     if ($relDir == "") { // not defined in POST ?
1105     $relDir = urldecode($D) ; // then use GET
1106     }
1107    
1108     if ($relDir == "/") $relDir = "" ;
1109     // default : website root = ""
1110    
1111     if (strstr($relDir,"..")) Error("No updirs allowed");
1112    
1113     // full paths contain "fs" or "Fs". Paths realitve to root of
1114     // website contain "rel" or "Rel". The script won't let you
1115     // edit anything above directory equal to http://server.com
1116     // i.e. below $gblFsRoot.
1117    
1118     $relScriptDir = dirname($SCRIPT_NAME) ;
1119     // i.e. /siteman
1120    
1121     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1122     // i.e. /home/httpd/html/siteman
1123    
1124     $gblFsRoot = substr($fsScriptDir,0,
1125     strlen($fsScriptDir)-strlen($relScriptDir)) ;
1126     // i.e. /home/httpd/html
1127    
1128     $fsDir = $gblFsRoot . $relDir ; // current directory
1129     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1130    
1131     switch ($POSTACTION) {
1132     case "UPLOAD" :
1133 dpavlin 1.2 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1134 dpavlin 1.1 if (strstr($FN_name,"/"))
1135     Error("Non-conforming filename") ;
1136     // TODO : should rather check for escapeshellcmds
1137     // but maybe RFC 18xx asserts safe filenames ....
1138     $source = $FN ;
1139 dpavlin 1.6 if (! isset($FILENAME)) { // from update file
1140     $target = "$fsDir/$FN_name" ;
1141     } else {
1142     $target = "$fsDir/$FILENAME";
1143     }
1144 dpavlin 1.2
1145     // backup old files first
1146     $dir=dirname($target);
1147     if (! file_exists($dir."/.bak")) {
1148     mkdir($dir."/.bak",0700);
1149     }
1150     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1151     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1152     }
1153     $file=basename($target);
1154     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1155 dpavlin 1.4 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1156 dpavlin 1.2 }
1157 dpavlin 1.6 MoveTo($target,$dir."/.bak/1/");
1158 dpavlin 1.2
1159     copy($source,$target) ;
1160     chmod($target,$gblFilePerms) ;
1161 dpavlin 1.1 clearstatcache() ;
1162 dpavlin 1.2 Logit($target,"uploaded");
1163 dpavlin 1.6 if (isset($FILENAME)) {
1164     Unlock($target);
1165     }
1166 dpavlin 1.1 break ;
1167    
1168     case "SAVE" :
1169     $path = $gblFsRoot . escapeshellcmd($RELPATH) ;
1170 dpavlin 1.2 $writable = is_writeable($path) ;
1171     $legaldir = is_writeable(dirname($path)) ;
1172 dpavlin 1.1 $exists = (file_exists($path)) ? 1 : 0 ;
1173     // check for legal extension here as well
1174     if (!($writable || (!$exists && $legaldir)))
1175     Error("Write denied",$RELPATH) ;
1176     $fh = fopen($path, "w") ;
1177     fwrite($fh,$FILEDATA) ;
1178     fclose($fh) ;
1179     clearstatcache() ;
1180 dpavlin 1.2 Logit($path,"saved changes");
1181 dpavlin 1.1 break ;
1182    
1183     case "CREATE" :
1184     // we know $fsDir exists
1185 dpavlin 1.2 if ($FN == "") break; // no filename!
1186     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1187 dpavlin 1.1 $path = $fsDir . "/" . $FN ; // file or dir to create
1188     $relPath = $relDir . "/" . $FN ;
1189     switch ( $T ) {
1190     case "D" : // create a directory
1191 dpavlin 1.6 if ( ! @mkdir($path,$gblDirPerms) )
1192     Error("Mkdir failed",$relPath) ; // eg. if it exists
1193     clearstatcache() ;
1194     break ;
1195 dpavlin 1.1 case "F" : // create a new file
1196     // this functionality is doubled in DetailView().
1197     // better keep it here altogether
1198     // chmod perms to $gblFilePerms
1199 dpavlin 1.6 if ( file_exists($path) && !is_writable($path) )
1200     Error("File not writable", $relPath) ;
1201     $fh = fopen($path, "w+") ;
1202     if ($fh) {
1203     fputs($fh,"\n");
1204     fclose($fh) ;
1205     LogIt($path,"file created");
1206     } else {
1207     Error("Creation of file $relPath failed -- $path");
1208     }
1209     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1210     header("Location: " . $tstr) ;
1211     exit ;
1212 dpavlin 1.1 }
1213     break ;
1214    
1215     case "DELETE" :
1216     if ( $CONFIRM != "on" ) break ;
1217    
1218     $tstr = "Attempt to delete non-existing object or " ;
1219     $tstr .= "insufficient privileges: " ;
1220    
1221     if ( $FN != "") { // delete file
1222 dpavlin 1.2 $path = $fsDir . "/" . $FN ;
1223    
1224     $dir=dirname($path);
1225     $file=basename($path);
1226     if (! file_exists("$dir/.del")) {
1227     mkdir("$dir/.del",0700);
1228     }
1229    
1230     // if ( ! @unlink($path) ) {
1231     if ( ! rename($path,"$dir/.del/$file") ) {
1232     Error("File delete failed", $tstr . $path) ;
1233     Logit($path,"file delete failed");
1234     exit ;
1235     } else {
1236     Logit($path,"file deleted");
1237 dpavlin 1.4 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1238     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1239 dpavlin 1.6 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1240 dpavlin 1.2 }
1241 dpavlin 1.1 }
1242     else { // delete directory
1243     if ( ! @rmdir($fsDir) ) {
1244     Error("Rmdir failed", $tstr . $fsDir) ;
1245     }
1246     else {
1247     $relDir = dirname($relDir) ; // move up
1248     }
1249     }
1250     break ;
1251    
1252 dpavlin 1.2 case "UNDELETE" :
1253     if ( $CONFIRM != "on" ) break ;
1254    
1255     if (substr($FN,0,4) != ".del") break ;
1256     $file=substr($FN,4,strlen($FN)-4);
1257    
1258     Logit("$fsDir/.del/$file","undeleted");
1259 dpavlin 1.4 MoveTo("$fsDir/.del/$file","$fsDir/");
1260     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1261     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1262 dpavlin 1.6 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1263 dpavlin 1.2
1264     break ;
1265    
1266     case "RENAME" :
1267     if ( $CONFIRM != "on" ) break ;
1268    
1269     Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1270     rename("$fsDir/$FN","$fsDir/$NEWNAME");
1271     rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1272 dpavlin 1.6 rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
1273     rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
1274 dpavlin 1.2
1275 dpavlin 1.4 break ;
1276    
1277     case "NOTE" :
1278     WriteNote("$fsDir/$FN","$NOTE");
1279 dpavlin 1.2 break ;
1280    
1281 dpavlin 1.6 case "UNLOCK" :
1282     if ( $CONFIRM != "on" ) break ;
1283     Unlock("$fsDir/$FN");
1284     break ;
1285    
1286 dpavlin 1.1 default :
1287     // user hit "CANCEL" or undefined action
1288     }
1289    
1290     // common to all POSTs : redirect to directory view ($relDir)
1291     if ( $POSTACTION != "" ) {
1292     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1293     header("Location: " . $tstr) ;
1294     exit ;
1295     }
1296    
1297     // check for mode.. navigate, code display, upload, or detail?
1298     // $A=U : upload to path given in $D
1299     // $A=E : display detail of file $D/$F and edit
1300     // $A=C : display code in file $D/$F
1301 dpavlin 1.6 // $A=Co : checkout file $D/$F
1302     // $A=Ci : checkin file $D/$F
1303     // $A=V : view file (do nothing except log)
1304 dpavlin 1.1 // default : display directory $D
1305    
1306     switch ($A) {
1307     case "U" :
1308     // upload to $relDir
1309 dpavlin 1.2 if (!is_writeable($gblFsRoot . $relDir))
1310 dpavlin 1.1 Error("Write access denied",$relDir) ;
1311     $text = "Use this page to upload a single " ;
1312     $text .= "file to <B>$SERVER_NAME</B>." ;
1313     StartHTML("(Upload Page)", $text) ;
1314     UploadPage($gblFsRoot, $relDir) ;
1315     EndHTML() ;
1316     exit ;
1317     case "E" :
1318     // detail of $relDir/$F
1319 dpavlin 1.2 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1320 dpavlin 1.1 exit ;
1321     case "C" :
1322     // listing of $relDir/$F
1323     DisplayCode($gblFsRoot, $relDir, $F) ;
1324     exit ;
1325 dpavlin 1.6 case "Co" :
1326     // checkout
1327     Lock("$gblFsRoot/$relDir/$F");
1328     $url="$relDir/$F"; $url=str_replace(" ","%20",$url);
1329     Header("Location: $url");
1330     exit;
1331     case "Ci" :
1332     // upload && update to $relDir
1333     if (!is_writeable($gblFsRoot . $relDir))
1334     Error("Write access denied",$relDir) ;
1335     $text = "Use this page to update a single " ;
1336     $text .= "file to <B>$SERVER_NAME</B>." ;
1337     StartHTML("(Update file Page)", $text) ;
1338     UploadPage($gblFsRoot, $relDir, $F) ;
1339     EndHTML() ;
1340     exit ;
1341     case "V" :
1342     // view
1343     Log("viewed");
1344     $url="$relDir/$F"; $url=str_replace(" ","%20",$url);
1345     Header("Location: $url");
1346     exit;
1347 dpavlin 1.1 }
1348    
1349     // default: display directory $relDir
1350     Navigate($gblFsRoot,$relDir) ;
1351     exit ;
1352    
1353     Error("Whooah!","By cartesian logic, this never happens") ;
1354     ?>

  ViewVC Help
Powered by ViewVC 1.1.26