/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.7 - (hide annotations)
Fri Aug 4 10:13:10 2000 UTC (23 years, 7 months ago) by dpavlin
Branch: MAIN
Changes since 1.6: +11 -4 lines
redir_to_url for support of strange characters in filename

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37 dpavlin 1.2 /*
38     2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39    
40     nuked exec calls (unsecure)
41     nuked writeable function (replaced by php is_writeable)
42     added support for https (tested with apache+mod_ssl)
43     added users file
44     date format user-selectable
45     cycle backup files in bak directory
46     support links as directoryes (for now)
47     support of file history logging
48     undelete capabilities (delete moves to .del directory)
49    
50     2000-07-26 DbP
51    
52     added more checking on entered filename (when creating file/dir)
53     added rename option
54    
55    
56     IMPORTANT INSTALLATION NOTE:
57     deny serving of .* (dot-something) files in web server!
58     Otherwise, uses can access your log files, users and/or
59     deleted files!
60    
61     .htusers is in form:
62     login:Real Name:md5(loginpassword)
63    
64    
65     TODO:
66     mixed file/directory output (add type to each entry,
67     real support for links)
68     add more content-management (like cms.sourceforge.net):
69     check-out/check-in/reserve
70     comments to files
71     */
72    
73 dpavlin 1.1 //////////////////////////////////////////////////////////////////
74    
75     // TODO : Don't let the file be modified itself. Create a hash of
76     // it (kinda hard since it's self-referential ;-). Make better use
77     // of session management. Escapeshellcmd for all user input.
78    
79     //////////////////////////////////////////////////////////////////
80    
81     // GLOBAL PARAMETERS
82     // =================
83     // Make modifications here to suit siteman to your needs
84    
85     // error_reporting(4) ; // how verbose ?
86    
87     // username/password should not be system
88     // usernames/passwords !!
89    
90 dpavlin 1.2 // $gblPw = "hash_of_your_username_and_password" ;
91    
92     // $gblAuth = false ; // use builtin authentication
93     $gblAuth = true ; // use builtin authentication
94 dpavlin 1.1 $gblHash = "md5" ; // hash function to use
95    
96 dpavlin 1.2 $gblPw = "";
97    
98     if ($gblAuth) {
99 dpavlin 1.3 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
100     if (! file_exists($htusers_file)) {
101     $htusers=fopen($htusers_file,"a+");
102     fputs($htusers,"# Change owner of $htusers_file to root !!\n");
103     fputs($htusers,"demo:full name:md5_hash\n");
104     fclose($htusers);
105     }
106     $htusers=fopen($htusers_file,"r");
107 dpavlin 1.2 while($user = fgetcsv($htusers,255,":")) {
108     if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
109     $gblUserName=$user[1];
110     $gblPw=$user[2];
111     continue ;
112     }
113     }
114     fclose($htusers);
115     }
116    
117     // $gblDateFmt="D, F d, Y";
118     // $gblTimeFmt="g:i:sA";
119    
120     $gblDateFmt="Y-m-d";
121     $gblTimeFmt="H:i:s";
122    
123     // Number of backup files to keep
124     $gblNumBackups=5;
125    
126 dpavlin 1.1 // choose GifIcon below unless you have the M$
127     // WingDings font installed on your system
128    
129     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
130    
131     // the directory below should be /icons/ or /icons/small/
132     // on Apache; a set of icons is included in the distribution
133    
134 dpavlin 1.3 $gblIconLocation = "/icons/" ;
135 dpavlin 1.1
136     // files you want to be able to edit in text mode
137     // and view with (primitive) syntax highlighting
138    
139     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
140     ".cfm",".php3",".php",".phtml",
141     ".shtml",".css" ) ;
142    
143     // files that will display as images on the detail page
144     // (useless if your browser doesn't support them)
145    
146     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
147     ".bmp",".xbm") ;
148    
149     //////////////////////////////////////////////////////////////////
150    
151     function StartHTML($title,$text="") {
152    
153     $title = "Site Manager " . $title ;
154     $host = $GLOBALS["HTTP_HOST"] ;
155     $self = $GLOBALS["PHP_SELF"] ;
156     ?>
157    
158     <HTML>
159     <HEAD>
160 dpavlin 1.4 <TITLE><?= $host . " " . $title ?></TITLE>
161 dpavlin 1.1 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
162     <META NAME="keywords" CONTENT="site manager, web site maintenance">
163     <META NAME="robots" CONTENT="noindex">
164     <META HTTP-EQUIV="expires" CONTENT="0">
165     <LINK REL="stylesheet" TYPE="text/css"
166 dpavlin 1.4 HREF="<?= $self ?>?STYLE=get">
167 dpavlin 1.1 </HEAD>
168     <BODY BGCOLOR="#FFFFFF">
169 dpavlin 1.4 <H3 ALIGN="RIGHT"><?= $host ?></H3>
170 dpavlin 1.1 <TABLE BORDER=0 WIDTH="100%"><TR>
171 dpavlin 1.4 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
172     <P><?= $text ?></P>
173 dpavlin 1.1
174     <?php
175     } // end function StartHTML
176    
177     //////////////////////////////////////////////////////////////////
178    
179     function EndHTML() {
180     ?>
181    
182     <HR>
183     <P CLASS=FTR>
184 dpavlin 1.2 <B><?= date($GLOBALS[gblDateFmt]) ?> -
185     <?= date($GLOBALS[gblTimeFmt]) ?> -
186     <?= $GLOBALS[gblUserName] ?>
187 dpavlin 1.6 <small> [<a href="<?= $GLOBALS["PHP_SELF"] ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
188 dpavlin 1.2 </B>
189     <BR>ANYPORTAL(php) Site Manager
190     <br><small>
191     &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
192     &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
193     &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
194     </small>
195 dpavlin 1.1 </P>
196 dpavlin 1.2 <BR>
197 dpavlin 1.4 <? include(".debug.inc") ?>
198 dpavlin 1.2 <BR><BR></BODY></HTML>
199 dpavlin 1.1
200     <?php
201     } // end function EndHTML
202    
203     //////////////////////////////////////////////////////////////////
204    
205     function CSS() {
206     ?>
207    
208 dpavlin 1.2 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
209 dpavlin 1.1 .BLK { color:black; }
210     .RED { color:red; }
211     .TOP { color:red; font-size:70%; } /* table headings */
212     .INV { color:white; background-color:navy;
213     font-weight:bold; font-size:120%; } /* title */
214     .FTR { } /* footer */
215     .LST { background-color:#E0E0E0; } /* table cells */
216     .BAR { background-color:#E0E0E0; } /* action bar */
217     PRE { color:blue; font-family:Lucida Console,Courier New,
218     Courier,sans-serif; } /* source code */
219     EM { color:green; font-style:normal; } /* line numbers */
220     .REM { color:silver; }
221     .XML { color:navy; background-color:yellow; }
222     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
223     A:HOVER { color:red; }
224    
225     <?php
226     } // end function CSS
227    
228     //////////////////////////////////////////////////////////////////
229    
230     function DetailPage($fsRoot,$relDir,$fn) {
231    
232     global $gblEditable, $gblImages ;
233     $self = $GLOBALS["PHP_SELF"] ;
234    
235     $relPath = $relDir . "/" . $fn ;
236     $fsPath = $fsRoot . $relPath ;
237     $fsDir = $fsRoot . $relDir ;
238    
239     $exists = file_exists($fsPath) ;
240     $ext = strtolower(strrchr($relPath,".")) ;
241     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
242 dpavlin 1.2 $writable = is_writeable($fsPath) ;
243 dpavlin 1.6 $file_lock = CheckLock($fsPath);
244 dpavlin 1.1
245     if (!$editable && !$exists)
246     Error("Creation unsupported for type",$relPath) ;
247 dpavlin 1.2 if (!exists && !is_writeable($fsDir) )
248 dpavlin 1.1 Error("Creation denied",$relDir) ;
249    
250     $text = "Use this page to view, modify or " ;
251     $text .= "delete a single document on this " ;
252     $text .= "web site." ;
253     $title = "(Detail Page)" ;
254     StartHTML($title, $text) ;
255    
256     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
257     if ($exists) { // get file info
258 dpavlin 1.4 $fsize = filesize($fsPath) ;
259     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
260     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
261     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
262     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
263     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
264     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
265     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
266     echo " permissions: <B>" ;
267     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
268     echo "</PRE>" ;
269 dpavlin 1.2
270 dpavlin 1.1 }
271    
272 dpavlin 1.6 if ( $editable && ($writable || !$exists) && !$file_lock ) {
273 dpavlin 1.1 $fh = fopen($fsPath,"a+") ;
274     rewind($fh) ;
275     $fstr = fread($fh,filesize($fsPath)) ;
276     fclose($fh) ;
277     $fstr = htmlentities( $fstr ) ;
278     ?>
279    
280 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
281 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
282     <B>DOCUMENT CONTENTS</B>
283     </SPAN><BR>
284     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
285     echo($fstr) ; ?></TEXTAREA>
286 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
287     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
288 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
289 dpavlin 1.2 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
290 dpavlin 1.4 VALUE="<?= $relPath ; ?>">
291 dpavlin 1.2 <br>
292     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
293 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="SAVE">
294     </FORM>
295    
296     <?php
297 dpavlin 1.6 } else if ( strstr( join(" ",$gblImages), $ext ) ) {
298     $info = getimagesize($fsPath) ;
299     $tstr = "<IMG SRC=\"". $relPath . "\" BORDER=0 " ;
300     $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
301     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
302     echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
303 dpavlin 1.1 }
304 dpavlin 1.6
305 dpavlin 1.1 ?>
306    
307 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
308     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
309     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
310 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
311    
312     <?php
313 dpavlin 1.6
314     if ($file_lock) {
315     ?>
316     <hr>
317     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
318     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
319     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
320     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
321     <?
322     } // file_lock
323    
324 dpavlin 1.2 if (substr($fn,0,4) == ".del") {
325     $action="UNDELETE";
326     $desc="undelete previously deleted file";
327     } else {
328     $action="DELETE";
329     $desc="delete";
330     }
331    
332 dpavlin 1.1 if ($exists && $writable) {
333     ?>
334    
335 dpavlin 1.4 <HR>
336     <a name="undelete">
337     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
338     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
339 dpavlin 1.2 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
340     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
341    
342 dpavlin 1.4 <HR>
343     <a name="rename">
344     <SPAN TITLE="Check OK and click [RENAME] to rename.">
345     <B>OK TO RENAME "<?= $fn ; ?>" TO
346 dpavlin 1.2 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
347     ? </B></SPAN>
348 dpavlin 1.1 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
349 dpavlin 1.2 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
350 dpavlin 1.1
351 dpavlin 1.5 <?php
352     } // exists && writable
353     ?>
354 dpavlin 1.4 <HR>
355     <a name="note">
356     <B>NOTE FOR "<?= $fn ; ?>":
357     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
358     </B></SPAN>
359     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
360    
361 dpavlin 1.5 </FORM>
362    
363 dpavlin 1.1 <?php
364 dpavlin 1.5
365 dpavlin 1.2
366     $logname=dirname("$fsDir/$fn")."/.log/".basename("$fsDir/$fn");
367     if (file_exists($logname)) {
368     print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
369     $log=fopen($logname,"r");
370     $cl1=" class=lst"; $cl2="";
371     while($line = fgetcsv($log,255,"\t")) {
372     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
373     print "<tr><td$cl>$line[0]</td><td$cl>$line[1]</td><td$cl>$line[2]</td><td$cl>$line[3]</td></tr>\n";
374     }
375     fclose($log);
376     print "</table>";
377     }
378    
379 dpavlin 1.1 EndHTML() ;
380    
381     } // end function DetailPage
382    
383     //////////////////////////////////////////////////////////////////
384    
385     function DisplayCode($fsRoot,$relDir,$fn) {
386    
387     $path = $fsRoot . $relDir . "/" . $fn ;
388    
389     if (!file_exists($path)) Error("File not found",$path) ;
390    
391     StartHTML("(".$relDir."/".$fn.")","");
392    
393     $tstr = join("",file($path)) ;
394     $tstr = htmlentities($tstr) ;
395    
396     // Tabs
397     $tstr = str_replace(chr(9)," ",$tstr) ;
398    
399     // ASP tags & XML/PHP tags
400     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
401     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
402     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
403     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
404    
405     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
406     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
407     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
408     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
409    
410     // C style comment
411     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
412     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
413    
414     // HTML comments
415     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
416     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
417    
418     echo "<PRE>" ;
419    
420     $tstr = split("\n",$tstr) ;
421     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
422     // add line numbers
423     echo "<BR><EM>" ;
424     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
425     $line = $tstr[$i] ;
426     // C++ style comments
427     $pos = strpos($line,"//") ;
428     // exceptions: two slashes aren't a script comment
429     if (strstr($line,"//") &&
430     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
431     ! (substr($line,$pos,8) == "//--&gt;") &&
432     ! (substr($line,$pos,9) == "// --&gt;")) {
433     $beg = substr($line,0,strpos($line,"//")) ;
434     $end = strstr($line,"//") ;
435     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
436     }
437     // shell & asp style comments
438     $first = substr(ltrim($line),0,1) ;
439     if ($first == "#" || $first == "'") {
440     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
441     }
442     print($line) ;
443     } // next i
444    
445     echo "</PRE>" ;
446    
447     EndHTML() ;
448    
449     } // end function DisplayCode
450    
451     //////////////////////////////////////////////////////////////////
452    
453     function MockIcon($txt) {
454     $tstr = "<SPAN CLASS=MCK>" ;
455    
456     switch (strtolower($txt)) {
457     case ".bmp" :
458     case ".gif" :
459     case ".jpg" :
460     case ".jpeg":
461     case ".tif" :
462     case ".tiff":
463     $d = 176 ;
464     break ;
465     case ".doc" :
466     $d = 50 ;
467     break ;
468     case ".exe" :
469     case ".bat" :
470     $d = 255 ;
471     break ;
472     case ".bas" :
473     case ".c" :
474     case ".cc" :
475     case ".src" :
476     $d = 255 ;
477     break ;
478     case "file" :
479     $d = 51 ;
480     break ;
481     case "fldr" :
482     $d = 48 ;
483     break ;
484     case ".htm" :
485     case ".html":
486     case ".asa" :
487     case ".asp" :
488     case ".cfm" :
489     case ".php3":
490     case ".php" :
491     case ".phtml" :
492     case ".shtml" :
493     $d = 182 ;
494     break ;
495     case ".pdf" :
496     $d = 38 ;
497     break;
498     case ".txt" :
499     case ".ini" :
500     $d = 52 ;
501     break ;
502     case ".xls" :
503     $d = 252 ;
504     break ;
505     case ".zip" :
506     case ".arc" :
507     case ".sit" :
508     case ".tar" :
509     case ".gz" :
510     case ".tgz" :
511     case ".Z" :
512     $d = 59 ;
513     break ;
514     case "view" :
515     $d = 52 ;
516     break ;
517     case "up" :
518     $d = 199 ;
519     break ;
520     case "blank" :
521     return "&nbsp;&nbsp;</SPAN>" ;
522     break ;
523     default :
524     $d = 51 ;
525     }
526    
527     return $tstr . chr($d) . "</SPAN>" ;
528     } // end function MockIcon
529    
530     //////////////////////////////////////////////////////////////////
531    
532     function GifIcon($txt) {
533     global $gblIconLocation ;
534    
535     switch (strtolower($txt)) {
536     case ".bmp" :
537     case ".gif" :
538     case ".jpg" :
539     case ".jpeg":
540     case ".tif" :
541     case ".tiff":
542     $d = "image2.gif" ;
543     break ;
544     case ".doc" :
545     $d = "layout.gif" ;
546     break ;
547     case ".exe" :
548     case ".bat" :
549     $d = "screw2.gif" ;
550     break ;
551     case ".bas" :
552     case ".c" :
553     case ".cc" :
554     case ".src" :
555     $d = "c.gif" ;
556     break ;
557     case "file" :
558     $d = "generic.gif" ;
559     break ;
560     case "fldr" :
561     $d = "dir.gif" ;
562     break ;
563     case ".phps" :
564     $d = "phps.gif" ;
565     break ;
566     case ".php3" :
567     $d = "php3.gif" ;
568     break ;
569     case ".htm" :
570     case ".html":
571     case ".asa" :
572     case ".asp" :
573     case ".cfm" :
574     case ".php3":
575     case ".php" :
576     case ".phtml" :
577     case ".shtml" :
578     $d = "world1.gif" ;
579     break ;
580     case ".pdf" :
581     $d = "pdf.gif" ;
582     break;
583     case ".txt" :
584     case ".ini" :
585     $d = "text.gif" ;
586     break ;
587     case ".xls" :
588     $d = "box2.gif" ;
589     break ;
590     case ".zip" :
591     case ".arc" :
592     case ".sit" :
593     case ".tar" :
594     case ".gz" :
595     case ".tgz" :
596     case ".Z" :
597     $d = "compressed.gif" ;
598     break ;
599     case "view" :
600     $d = "index.gif" ;
601     break ;
602     case "up" :
603     $d = "back.gif" ;
604     break ;
605     case "blank" :
606     $d = "blank.gif" ;
607     break ;
608 dpavlin 1.4 case "checkout":
609 dpavlin 1.6 $d = "box2.gif";
610 dpavlin 1.4 break;
611     case "checkin":
612 dpavlin 1.6 $d = "hand.up.gif";
613     break;
614     case "locked":
615     $d = "screw2.gif";
616 dpavlin 1.4 break;
617     case "note":
618     $d = "quill.gif";
619     break;
620 dpavlin 1.1 default :
621     $d = "generic.gif" ;
622     }
623    
624     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
625     } // end function GifIcon
626    
627     //////////////////////////////////////////////////////////////////
628    
629     function Navigate($fsRoot,$relDir) {
630    
631     global $gblEditable, $gblIcon ;
632    
633     $self = $GLOBALS["PHP_SELF"] ;
634 dpavlin 1.2 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
635     $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
636     } else {
637     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
638     }
639 dpavlin 1.1 $fsDir = $fsRoot . $relDir . "/" ; // current directory
640    
641     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
642    
643     // read directory contents
644     if ( !($dir = @opendir($fsDir)) )
645     Error("Read Access denied",$relDir) ;
646     while ($item = readdir($dir)) {
647 dpavlin 1.2 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
648 dpavlin 1.1 if ( is_dir($fsDir . $item) ) {
649     $dirList[] = $item ;
650 dpavlin 1.2 } else if ( is_file($fsDir . $item) ) {
651 dpavlin 1.1 $fileList[] = $item ;
652 dpavlin 1.2 } else if ( is_link($fsDir . $item) ) {
653     $dirList[] = $item ;
654     } else {
655 dpavlin 1.1 // unknown file type
656     // $text = "Could not determine file type of " ;
657     // Error("File Error", $text.$relDir."/".$item) ;
658     // exit ;
659     }
660     }
661     closedir($dir) ;
662 dpavlin 1.2
663     // scan deleted files
664     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
665     while ($item = readdir($dir)) {
666     if ( substr($item,0,1) == "." ) continue ;
667     $fileList[] = ".del/$item" ;
668     }
669     closedir($dir) ;
670     }
671    
672 dpavlin 1.1 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
673    
674     // start navigation page
675 dpavlin 1.2 $text = "Use this page to add, delete";
676     if (! isset($show_deleted)) {
677 dpavlin 1.6 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
678 dpavlin 1.2 }
679     $text .= " or revise files on this web site." ;
680 dpavlin 1.1 StartHTML("(Navigate)",$text) ;
681    
682     echo "<TABLE BORDER=0 CELLPADDING=2
683     CELLSPACING=3 WIDTH=\"100%\">" ;
684    
685     // updir bar
686     if ($fsDir != $fsRoot) {
687     $parent = dirname($relDir) ;
688     if ($parent == "") $parent = "/" ;
689     ?>
690    
691 dpavlin 1.4 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
692     <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
693     <B><?= $parent ?></B></A></TD></TR>
694 dpavlin 1.1
695     <?php
696     }
697    
698     // output subdirs
699     if (sizeof($dirList) > 0) {
700     sort($dirList) ;
701     ?>
702    
703 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
704 dpavlin 1.1
705     <?php
706     while (list($key,$dir) = each($dirList)) {
707    
708     $tstr = "<A HREF=\"" . $self . "?D=" ;
709     $tstr .= urlencode($relDir."/".$dir) ;
710     $tstr .= "\">" . $dir . "/</A>" ;
711     ?>
712    
713 dpavlin 1.4 <TR><TD><?= $gblIcon("fldr") ?></TD>
714     <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
715 dpavlin 1.1
716     <?php
717     } // iterate over dirs
718     } // end if no dirs
719     ?>
720    
721 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
722 dpavlin 1.1 </B></TD></TR>
723     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
724 dpavlin 1.6 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
725 dpavlin 1.4 <TD CLASS=TOP>NOTE</TD>
726 dpavlin 1.1 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
727    
728     <?php
729     if (sizeof($fileList) > 0) {
730     sort($fileList) ;
731     while (list($key,$file) = each($fileList)) {
732 dpavlin 1.4 $path = $fsDir."/".$file ;
733     $mod = filemtime($path) ;
734     $sz = filesize($path) ;
735    
736     if ($sz >= 10240) {
737     $sz = (int)(($sz+1023)/1024) . " k" ;
738     } else {
739     $sz .= " " ;
740     } // end size
741 dpavlin 1.1
742 dpavlin 1.4 $a = $b = "" ;
743    
744     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
745    
746     if ( ($mod + 30*86400) > time() ) {
747     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
748     $a .= " than 30 days\"> * </SPAN>" ;
749     }
750    
751 dpavlin 1.6 $file_lock=CheckLock($path);
752    
753     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
754     $file_url_html.="&D=".urlencode($relDir);
755     $file_url_html.="\" TITLE=\"View file\">" ;
756 dpavlin 1.2
757     if (substr($file,0,5) != ".del/") {
758 dpavlin 1.6 $file_url_html .= $file . "</A>" . $a ;
759 dpavlin 1.2 } else {
760 dpavlin 1.6 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
761 dpavlin 1.4 }
762    
763 dpavlin 1.6 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
764 dpavlin 1.4
765     $ext = strtolower(strrchr($file,".")) ;
766 dpavlin 1.6
767     if ($file_lock) {
768     if ($file_lock == $GLOBALS[gblUserName]) {
769     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
770     $b.="&D=".urlencode($relDir);
771     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
772     $file_url_html=$b;
773     $b.=$gblIcon("checkin")."</A>" ;
774     $b.= $gblIcon("blank");
775     $file_url_html.="$file</a> $a";
776     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
777     } else {
778     $b = $gblIcon("locked");
779     $b.= $gblIcon("blank");
780     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
781     $file_url_html = "$file $a";
782     }
783 dpavlin 1.4 } else {
784 dpavlin 1.6 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
785     $b.="&D=".urlencode($relDir);
786     $b.="\" TITLE=\"Checkout file for edit\">" ;
787     $b.=$gblIcon("checkout")."</A>" ;
788    
789     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
790     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
791     $b.="&D=".urlencode($relDir);
792     $b.="\" TITLE=\"List contents\">" ;
793     $b.=$gblIcon("view")."</A>" ;
794     } else {
795     $b.= $gblIcon("blank");
796     }
797 dpavlin 1.2 }
798 dpavlin 1.1
799    
800     ?>
801    
802     <TR><TD>
803 dpavlin 1.4 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
804     <?= $gblIcon($ext) ?></A></TD>
805 dpavlin 1.6 <TD CLASS=LST><?= $file_url_html ?></TD>
806 dpavlin 1.4 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
807 dpavlin 1.6 <TD CLASS=LST ALIGN=left><?= $note_html ?></TD>
808 dpavlin 1.4 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
809     <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
810 dpavlin 1.1
811     <?php
812     } // iterate over files
813     } // end if no files
814    
815     if ($emptyDir) {
816     ?>
817    
818 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
819     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
820     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
821 dpavlin 1.1 OK TO DELETE THIS EMPTY FOLDER?
822     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
823     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
824     </TD></TR>
825     </FORM>
826    
827     <?php
828     } // end if emptyDir
829     ?>
830    
831 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
832 dpavlin 1.1
833 dpavlin 1.6 <TR><TD></TD><TD COLSPAN=5>
834     To just view file without editing, select it's filename (<b>don't edit files which are opened this way!</b>)<br>
835     To <b>edit</b> file select <?= $gblIcon("checkout") ?> to check-out
836     and edit it locally. After editing is over, select filename or <?= $gblIcon("checkin") ?> to check-in (update copy of file on server).<br>
837     <by>If you select icon left from filename, you will get detailed information
838     about file, as well as delete, rename and annotation options.
839     </TD></TR>
840    
841     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
842    
843 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
844     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
845 dpavlin 1.1 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
846     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
847     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
848     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
849 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
850 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
851 dpavlin 1.4 <NOBR>OR <A HREF="<?= $self
852     ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
853 dpavlin 1.1 </NOBR>
854     </TD></TR>
855     </FORM>
856     </TABLE>
857    
858     <?php
859     EndHTML() ;
860     } // end function Navigate
861    
862     //////////////////////////////////////////////////////////////////
863    
864 dpavlin 1.6 function UploadPage($fsRoot, $relDir, $filename) {
865 dpavlin 1.1
866     $self = $GLOBALS["PHP_SELF"] ;
867     if ($relDir == "") $relDir = "/" ;
868     ?>
869    
870     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
871     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
872 dpavlin 1.4 ACTION="<?= $self ?>">
873     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
874 dpavlin 1.6 <? if (isset($filename)) { ?>
875     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
876     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
877     <? } ?>
878 dpavlin 1.1 <P>PATHNAME OF LOCAL FILE<BR>
879 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
880 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
881     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
882     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
883     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
884     you must upgrade to an RFC1867-compliant browser.</P>
885 dpavlin 1.4 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
886 dpavlin 1.1 </FORM>
887     </TD></TR>
888     <TR><TD></TD><TD>
889 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
890     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
891 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
892     </FORM>
893     </TD></TR></TABLE></P>
894    
895     <?php
896     } // end function UploadPage
897    
898     //////////////////////////////////////////////////////////////////
899    
900     function Error($title,$text="") {
901     StartHTML("(".$title.")",$text) ;
902     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
903     EndHTML() ;
904     exit ;
905     } // end function Error
906    
907     //////////////////////////////////////////////////////////////////
908    
909     function CreateHash($user, $pw) {
910    
911     global $gblHash ; // hash function to use
912    
913     if ($user == "" || $pw == "") {
914     $text = "either no password or no username supplied" ;
915     Error("Create Hash",$text) ;
916     }
917     $title = "(Create Hash)" ;
918     StartHTML($title) ;
919     echo "<P ALIGN=center>" ;
920     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
921     echo "into the<BR>value for \$gblPw in the source of " ;
922     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
923     echo "</B><BR><BR>Hash function: " . $gblHash ;
924     echo "</BLOCKQUOTE></P>" ;
925     EndHTML() ;
926     exit ;
927    
928     } // end function CreateHash
929    
930     //////////////////////////////////////////////////////////////////
931    
932     function NoEntry() {
933    
934     $user = $GLOBALS["PHP_AUTH_USER"] ;
935     $pw = $GLOBALS["PHP_AUTH_PW"] ;
936     $self = $GLOBALS["PHP_SELF"] ;
937    
938     $title = "(401 Unauthorized)" ;
939     $text = "No trespassing !" ;
940     StartHTML($title,$text) ;
941     ?>
942    
943 dpavlin 1.4 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
944     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
945     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
946 dpavlin 1.1
947     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
948     Click below to <B>generate a password hash</B><BR>from
949     the username-password pair you just<BR>entered. Then include the hash in
950     the source<BR>of this file.<BR><BR>
951     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
952     </BLOCKQUOTE></FORM>
953    
954     <?php
955     EndHTML() ;
956     exit ;
957     }
958    
959     //////////////////////////////////////////////////////////////////
960    
961 dpavlin 1.2 function Logit($target,$msg) {
962    
963     $dir=dirname($target);
964     if (! file_exists($dir."/.log")) {
965     mkdir($dir."/.log",0700);
966     }
967     $file=basename($target);
968    
969     $log=fopen("$dir/.log/$file","a+");
970     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
971     "\t$GLOBALS[gblUserName]\t$msg\n");
972     fclose($log);
973    
974     }
975    
976    
977 dpavlin 1.4 //////////////////////////////////////////////////////////////////
978    
979     function WriteNote($target,$msg) {
980    
981     $dir=dirname($target);
982     if (! file_exists($dir."/.note")) {
983     mkdir($dir."/.note",0700);
984     }
985     $file=basename($target);
986    
987     $note=fopen("$dir/.note/$file","w");
988     fputs($note,"$msg\n");
989     fclose($note);
990    
991     Logit($target,"added note $msg");
992    
993     }
994    
995     function ReadNote($target) {
996    
997     $dir=dirname($target);
998     $file=basename($target);
999     $msg="";
1000     if (file_exists($dir."/.note/$file")) {
1001     $note=fopen("$dir/.note/$file","r");
1002     $msg=fgets($note,4096);
1003     fclose($note);
1004     }
1005 dpavlin 1.6 return StripSlashes($msg);
1006 dpavlin 1.4
1007     }
1008    
1009     //////////////////////////////////////////////////////////////////
1010    
1011     function MoveTo($source,$folder) {
1012    
1013     $file=basename($source);
1014     if (! file_exists($folder)) {
1015     mkdir($folder,0700);
1016     }
1017     if (file_exists($source)) {
1018     rename($source,"$folder/$file");
1019     }
1020     }
1021 dpavlin 1.2
1022     //////////////////////////////////////////////////////////////////
1023    
1024 dpavlin 1.6 function Lock($target) {
1025    
1026     $dir=dirname($target);
1027     if (! file_exists($dir."/.lock")) {
1028     mkdir($dir."/.lock",0700);
1029     }
1030     $file=basename($target);
1031    
1032     if (file_exists("$dir/.lock/$file")) {
1033     Logit($target,"attempt to locked allready locked file!");
1034     } else {
1035     $lock=fopen("$dir/.lock/$file","w");
1036     fputs($lock,"$GLOBALS[gblUserName]\n");
1037     fclose($lock);
1038    
1039     Logit($target,"file locked");
1040     }
1041    
1042     }
1043    
1044     function CheckLock($target) {
1045    
1046     $dir=dirname($target);
1047     $file=basename($target);
1048     $msg=0;
1049     if (file_exists($dir."/.lock/$file")) {
1050     $lock=fopen("$dir/.lock/$file","r");
1051     $msg=fgets($lock,4096);
1052     fclose($lock);
1053     }
1054     return chop($msg);
1055    
1056     }
1057    
1058     function Unlock($target) {
1059    
1060     $dir=dirname($target);
1061     $file=basename($target);
1062     if (file_exists($dir."/.lock/$file")) {
1063     unlink("$dir/.lock/$file");
1064     Logit($target,"file unlocked");
1065     } else {
1066     Logit($target,"attempt to unlocked non-locked file!");
1067     }
1068    
1069     }
1070    
1071     //////////////////////////////////////////////////////////////////
1072    
1073 dpavlin 1.7 function redir_to_url($url) {
1074     $url=urlencode(StripSlashes("$relDir/$F"));
1075     $url=str_replace("%2F","/",$url);
1076     $url=str_replace("+","%20",$url);
1077     Header("Location: $url");
1078     }
1079    
1080     //////////////////////////////////////////////////////////////////
1081    
1082 dpavlin 1.1 // MAIN PROGRAM
1083     // ============
1084     // query parameters: capital letters
1085     // local functions : begin with capital letters
1086     // global constants: begin with gbl
1087    
1088 dpavlin 1.2 $gblFilePerms = 0640 ; // default for new files
1089     $gblDirPerms = 0750 ; // default for new dirs
1090 dpavlin 1.1
1091     // phpinfo() ;
1092     // exit ;
1093    
1094     // forks before authentication: style sheet and hash
1095     // creation if password not yet set.
1096     if ($STYLE == "get") { CSS() ; exit ; }
1097     if ($HASH != "") {
1098     CreateHash($USER, $PW) ;
1099     exit ;
1100     }
1101    
1102     // authentication if $gblAuth == true
1103 dpavlin 1.2 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
1104     isset($relogin) && $gblPw == $relogin ) {
1105 dpavlin 1.1 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
1106     header("HTTP/1.0 401 Unauthorized") ;
1107     NoEntry() ;
1108     exit ;
1109     }
1110    
1111     // get current directory relative to $gblFsRoot
1112     $relDir = $DIR ; // from POST
1113     if ($relDir == "") { // not defined in POST ?
1114     $relDir = urldecode($D) ; // then use GET
1115     }
1116    
1117     if ($relDir == "/") $relDir = "" ;
1118     // default : website root = ""
1119    
1120     if (strstr($relDir,"..")) Error("No updirs allowed");
1121    
1122     // full paths contain "fs" or "Fs". Paths realitve to root of
1123     // website contain "rel" or "Rel". The script won't let you
1124     // edit anything above directory equal to http://server.com
1125     // i.e. below $gblFsRoot.
1126    
1127     $relScriptDir = dirname($SCRIPT_NAME) ;
1128     // i.e. /siteman
1129    
1130     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1131     // i.e. /home/httpd/html/siteman
1132    
1133     $gblFsRoot = substr($fsScriptDir,0,
1134     strlen($fsScriptDir)-strlen($relScriptDir)) ;
1135     // i.e. /home/httpd/html
1136    
1137     $fsDir = $gblFsRoot . $relDir ; // current directory
1138     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1139    
1140     switch ($POSTACTION) {
1141     case "UPLOAD" :
1142 dpavlin 1.2 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1143 dpavlin 1.1 if (strstr($FN_name,"/"))
1144     Error("Non-conforming filename") ;
1145     // TODO : should rather check for escapeshellcmds
1146     // but maybe RFC 18xx asserts safe filenames ....
1147     $source = $FN ;
1148 dpavlin 1.6 if (! isset($FILENAME)) { // from update file
1149     $target = "$fsDir/$FN_name" ;
1150     } else {
1151     $target = "$fsDir/$FILENAME";
1152     }
1153 dpavlin 1.2
1154     // backup old files first
1155     $dir=dirname($target);
1156     if (! file_exists($dir."/.bak")) {
1157     mkdir($dir."/.bak",0700);
1158     }
1159     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1160     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1161     }
1162     $file=basename($target);
1163     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1164 dpavlin 1.4 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1165 dpavlin 1.2 }
1166 dpavlin 1.6 MoveTo($target,$dir."/.bak/1/");
1167 dpavlin 1.2
1168     copy($source,$target) ;
1169     chmod($target,$gblFilePerms) ;
1170 dpavlin 1.1 clearstatcache() ;
1171 dpavlin 1.2 Logit($target,"uploaded");
1172 dpavlin 1.6 if (isset($FILENAME)) {
1173     Unlock($target);
1174     }
1175 dpavlin 1.1 break ;
1176    
1177     case "SAVE" :
1178     $path = $gblFsRoot . escapeshellcmd($RELPATH) ;
1179 dpavlin 1.2 $writable = is_writeable($path) ;
1180     $legaldir = is_writeable(dirname($path)) ;
1181 dpavlin 1.1 $exists = (file_exists($path)) ? 1 : 0 ;
1182     // check for legal extension here as well
1183     if (!($writable || (!$exists && $legaldir)))
1184     Error("Write denied",$RELPATH) ;
1185     $fh = fopen($path, "w") ;
1186     fwrite($fh,$FILEDATA) ;
1187     fclose($fh) ;
1188     clearstatcache() ;
1189 dpavlin 1.2 Logit($path,"saved changes");
1190 dpavlin 1.1 break ;
1191    
1192     case "CREATE" :
1193     // we know $fsDir exists
1194 dpavlin 1.2 if ($FN == "") break; // no filename!
1195     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1196 dpavlin 1.1 $path = $fsDir . "/" . $FN ; // file or dir to create
1197     $relPath = $relDir . "/" . $FN ;
1198     switch ( $T ) {
1199     case "D" : // create a directory
1200 dpavlin 1.6 if ( ! @mkdir($path,$gblDirPerms) )
1201     Error("Mkdir failed",$relPath) ; // eg. if it exists
1202     clearstatcache() ;
1203     break ;
1204 dpavlin 1.1 case "F" : // create a new file
1205     // this functionality is doubled in DetailView().
1206     // better keep it here altogether
1207     // chmod perms to $gblFilePerms
1208 dpavlin 1.6 if ( file_exists($path) && !is_writable($path) )
1209     Error("File not writable", $relPath) ;
1210     $fh = fopen($path, "w+") ;
1211     if ($fh) {
1212     fputs($fh,"\n");
1213     fclose($fh) ;
1214     LogIt($path,"file created");
1215     } else {
1216     Error("Creation of file $relPath failed -- $path");
1217     }
1218     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1219     header("Location: " . $tstr) ;
1220     exit ;
1221 dpavlin 1.1 }
1222     break ;
1223    
1224     case "DELETE" :
1225     if ( $CONFIRM != "on" ) break ;
1226    
1227     $tstr = "Attempt to delete non-existing object or " ;
1228     $tstr .= "insufficient privileges: " ;
1229    
1230     if ( $FN != "") { // delete file
1231 dpavlin 1.2 $path = $fsDir . "/" . $FN ;
1232    
1233     $dir=dirname($path);
1234     $file=basename($path);
1235     if (! file_exists("$dir/.del")) {
1236     mkdir("$dir/.del",0700);
1237     }
1238    
1239     // if ( ! @unlink($path) ) {
1240     if ( ! rename($path,"$dir/.del/$file") ) {
1241     Error("File delete failed", $tstr . $path) ;
1242     Logit($path,"file delete failed");
1243     exit ;
1244     } else {
1245     Logit($path,"file deleted");
1246 dpavlin 1.4 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1247     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1248 dpavlin 1.6 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1249 dpavlin 1.2 }
1250 dpavlin 1.1 }
1251     else { // delete directory
1252     if ( ! @rmdir($fsDir) ) {
1253     Error("Rmdir failed", $tstr . $fsDir) ;
1254     }
1255     else {
1256     $relDir = dirname($relDir) ; // move up
1257     }
1258     }
1259     break ;
1260    
1261 dpavlin 1.2 case "UNDELETE" :
1262     if ( $CONFIRM != "on" ) break ;
1263    
1264     if (substr($FN,0,4) != ".del") break ;
1265     $file=substr($FN,4,strlen($FN)-4);
1266    
1267     Logit("$fsDir/.del/$file","undeleted");
1268 dpavlin 1.4 MoveTo("$fsDir/.del/$file","$fsDir/");
1269     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1270     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1271 dpavlin 1.6 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1272 dpavlin 1.2
1273     break ;
1274    
1275     case "RENAME" :
1276     if ( $CONFIRM != "on" ) break ;
1277    
1278     Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1279     rename("$fsDir/$FN","$fsDir/$NEWNAME");
1280     rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1281 dpavlin 1.6 rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
1282     rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
1283 dpavlin 1.2
1284 dpavlin 1.4 break ;
1285    
1286     case "NOTE" :
1287     WriteNote("$fsDir/$FN","$NOTE");
1288 dpavlin 1.2 break ;
1289    
1290 dpavlin 1.6 case "UNLOCK" :
1291     if ( $CONFIRM != "on" ) break ;
1292     Unlock("$fsDir/$FN");
1293     break ;
1294    
1295 dpavlin 1.1 default :
1296     // user hit "CANCEL" or undefined action
1297     }
1298    
1299     // common to all POSTs : redirect to directory view ($relDir)
1300     if ( $POSTACTION != "" ) {
1301     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1302     header("Location: " . $tstr) ;
1303     exit ;
1304     }
1305    
1306     // check for mode.. navigate, code display, upload, or detail?
1307     // $A=U : upload to path given in $D
1308     // $A=E : display detail of file $D/$F and edit
1309     // $A=C : display code in file $D/$F
1310 dpavlin 1.6 // $A=Co : checkout file $D/$F
1311     // $A=Ci : checkin file $D/$F
1312     // $A=V : view file (do nothing except log)
1313 dpavlin 1.1 // default : display directory $D
1314    
1315     switch ($A) {
1316     case "U" :
1317     // upload to $relDir
1318 dpavlin 1.2 if (!is_writeable($gblFsRoot . $relDir))
1319 dpavlin 1.1 Error("Write access denied",$relDir) ;
1320     $text = "Use this page to upload a single " ;
1321     $text .= "file to <B>$SERVER_NAME</B>." ;
1322     StartHTML("(Upload Page)", $text) ;
1323     UploadPage($gblFsRoot, $relDir) ;
1324     EndHTML() ;
1325     exit ;
1326     case "E" :
1327     // detail of $relDir/$F
1328 dpavlin 1.2 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1329 dpavlin 1.1 exit ;
1330     case "C" :
1331     // listing of $relDir/$F
1332     DisplayCode($gblFsRoot, $relDir, $F) ;
1333     exit ;
1334 dpavlin 1.6 case "Co" :
1335     // checkout
1336     Lock("$gblFsRoot/$relDir/$F");
1337 dpavlin 1.7 redir_to_url("$relDir/$F");
1338 dpavlin 1.6 exit;
1339     case "Ci" :
1340     // upload && update to $relDir
1341     if (!is_writeable($gblFsRoot . $relDir))
1342     Error("Write access denied",$relDir) ;
1343     $text = "Use this page to update a single " ;
1344     $text .= "file to <B>$SERVER_NAME</B>." ;
1345     StartHTML("(Update file Page)", $text) ;
1346     UploadPage($gblFsRoot, $relDir, $F) ;
1347     EndHTML() ;
1348     exit ;
1349     case "V" :
1350     // view
1351     Log("viewed");
1352 dpavlin 1.7 redir_to_url("$relDir/$F");
1353 dpavlin 1.6 exit;
1354 dpavlin 1.1 }
1355    
1356     // default: display directory $relDir
1357     Navigate($gblFsRoot,$relDir) ;
1358     exit ;
1359    
1360     Error("Whooah!","By cartesian logic, this never happens") ;
1361     ?>

  ViewVC Help
Powered by ViewVC 1.1.26