/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.8 - (hide annotations)
Fri Aug 4 10:20:22 2000 UTC (22 years, 6 months ago) by dpavlin
Branch: MAIN
Changes since 1.7: +13 -5 lines
ugly bug in redir_to_url && support for fail-save rename

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37 dpavlin 1.2 /*
38     2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39    
40     nuked exec calls (unsecure)
41     nuked writeable function (replaced by php is_writeable)
42     added support for https (tested with apache+mod_ssl)
43     added users file
44     date format user-selectable
45     cycle backup files in bak directory
46     support links as directoryes (for now)
47     support of file history logging
48     undelete capabilities (delete moves to .del directory)
49    
50     2000-07-26 DbP
51    
52     added more checking on entered filename (when creating file/dir)
53     added rename option
54    
55    
56     IMPORTANT INSTALLATION NOTE:
57     deny serving of .* (dot-something) files in web server!
58     Otherwise, uses can access your log files, users and/or
59     deleted files!
60    
61     .htusers is in form:
62     login:Real Name:md5(loginpassword)
63    
64    
65     TODO:
66     mixed file/directory output (add type to each entry,
67     real support for links)
68     add more content-management (like cms.sourceforge.net):
69     check-out/check-in/reserve
70     comments to files
71     */
72    
73 dpavlin 1.1 //////////////////////////////////////////////////////////////////
74    
75     // TODO : Don't let the file be modified itself. Create a hash of
76     // it (kinda hard since it's self-referential ;-). Make better use
77     // of session management. Escapeshellcmd for all user input.
78    
79     //////////////////////////////////////////////////////////////////
80    
81     // GLOBAL PARAMETERS
82     // =================
83     // Make modifications here to suit siteman to your needs
84    
85     // error_reporting(4) ; // how verbose ?
86    
87     // username/password should not be system
88     // usernames/passwords !!
89    
90 dpavlin 1.2 // $gblPw = "hash_of_your_username_and_password" ;
91    
92     // $gblAuth = false ; // use builtin authentication
93     $gblAuth = true ; // use builtin authentication
94 dpavlin 1.1 $gblHash = "md5" ; // hash function to use
95    
96 dpavlin 1.2 $gblPw = "";
97    
98     if ($gblAuth) {
99 dpavlin 1.3 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
100     if (! file_exists($htusers_file)) {
101     $htusers=fopen($htusers_file,"a+");
102     fputs($htusers,"# Change owner of $htusers_file to root !!\n");
103     fputs($htusers,"demo:full name:md5_hash\n");
104     fclose($htusers);
105     }
106     $htusers=fopen($htusers_file,"r");
107 dpavlin 1.2 while($user = fgetcsv($htusers,255,":")) {
108     if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
109     $gblUserName=$user[1];
110     $gblPw=$user[2];
111     continue ;
112     }
113     }
114     fclose($htusers);
115     }
116    
117     // $gblDateFmt="D, F d, Y";
118     // $gblTimeFmt="g:i:sA";
119    
120     $gblDateFmt="Y-m-d";
121     $gblTimeFmt="H:i:s";
122    
123     // Number of backup files to keep
124     $gblNumBackups=5;
125    
126 dpavlin 1.1 // choose GifIcon below unless you have the M$
127     // WingDings font installed on your system
128    
129     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
130    
131     // the directory below should be /icons/ or /icons/small/
132     // on Apache; a set of icons is included in the distribution
133    
134 dpavlin 1.3 $gblIconLocation = "/icons/" ;
135 dpavlin 1.1
136     // files you want to be able to edit in text mode
137     // and view with (primitive) syntax highlighting
138    
139     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
140     ".cfm",".php3",".php",".phtml",
141     ".shtml",".css" ) ;
142    
143     // files that will display as images on the detail page
144     // (useless if your browser doesn't support them)
145    
146     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
147     ".bmp",".xbm") ;
148    
149     //////////////////////////////////////////////////////////////////
150    
151     function StartHTML($title,$text="") {
152    
153     $title = "Site Manager " . $title ;
154     $host = $GLOBALS["HTTP_HOST"] ;
155     $self = $GLOBALS["PHP_SELF"] ;
156     ?>
157    
158     <HTML>
159     <HEAD>
160 dpavlin 1.4 <TITLE><?= $host . " " . $title ?></TITLE>
161 dpavlin 1.1 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
162     <META NAME="keywords" CONTENT="site manager, web site maintenance">
163     <META NAME="robots" CONTENT="noindex">
164     <META HTTP-EQUIV="expires" CONTENT="0">
165     <LINK REL="stylesheet" TYPE="text/css"
166 dpavlin 1.4 HREF="<?= $self ?>?STYLE=get">
167 dpavlin 1.1 </HEAD>
168     <BODY BGCOLOR="#FFFFFF">
169 dpavlin 1.4 <H3 ALIGN="RIGHT"><?= $host ?></H3>
170 dpavlin 1.1 <TABLE BORDER=0 WIDTH="100%"><TR>
171 dpavlin 1.4 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
172     <P><?= $text ?></P>
173 dpavlin 1.1
174     <?php
175     } // end function StartHTML
176    
177     //////////////////////////////////////////////////////////////////
178    
179     function EndHTML() {
180     ?>
181    
182     <HR>
183     <P CLASS=FTR>
184 dpavlin 1.2 <B><?= date($GLOBALS[gblDateFmt]) ?> -
185     <?= date($GLOBALS[gblTimeFmt]) ?> -
186     <?= $GLOBALS[gblUserName] ?>
187 dpavlin 1.6 <small> [<a href="<?= $GLOBALS["PHP_SELF"] ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
188 dpavlin 1.2 </B>
189     <BR>ANYPORTAL(php) Site Manager
190     <br><small>
191     &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
192     &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
193     &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
194     </small>
195 dpavlin 1.1 </P>
196 dpavlin 1.2 <BR>
197 dpavlin 1.4 <? include(".debug.inc") ?>
198 dpavlin 1.2 <BR><BR></BODY></HTML>
199 dpavlin 1.1
200     <?php
201     } // end function EndHTML
202    
203     //////////////////////////////////////////////////////////////////
204    
205     function CSS() {
206     ?>
207    
208 dpavlin 1.2 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
209 dpavlin 1.1 .BLK { color:black; }
210     .RED { color:red; }
211     .TOP { color:red; font-size:70%; } /* table headings */
212     .INV { color:white; background-color:navy;
213     font-weight:bold; font-size:120%; } /* title */
214     .FTR { } /* footer */
215     .LST { background-color:#E0E0E0; } /* table cells */
216     .BAR { background-color:#E0E0E0; } /* action bar */
217     PRE { color:blue; font-family:Lucida Console,Courier New,
218     Courier,sans-serif; } /* source code */
219     EM { color:green; font-style:normal; } /* line numbers */
220     .REM { color:silver; }
221     .XML { color:navy; background-color:yellow; }
222     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
223     A:HOVER { color:red; }
224    
225     <?php
226     } // end function CSS
227    
228     //////////////////////////////////////////////////////////////////
229    
230     function DetailPage($fsRoot,$relDir,$fn) {
231    
232     global $gblEditable, $gblImages ;
233     $self = $GLOBALS["PHP_SELF"] ;
234    
235     $relPath = $relDir . "/" . $fn ;
236     $fsPath = $fsRoot . $relPath ;
237     $fsDir = $fsRoot . $relDir ;
238    
239     $exists = file_exists($fsPath) ;
240     $ext = strtolower(strrchr($relPath,".")) ;
241     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
242 dpavlin 1.2 $writable = is_writeable($fsPath) ;
243 dpavlin 1.6 $file_lock = CheckLock($fsPath);
244 dpavlin 1.1
245     if (!$editable && !$exists)
246     Error("Creation unsupported for type",$relPath) ;
247 dpavlin 1.2 if (!exists && !is_writeable($fsDir) )
248 dpavlin 1.1 Error("Creation denied",$relDir) ;
249    
250     $text = "Use this page to view, modify or " ;
251     $text .= "delete a single document on this " ;
252     $text .= "web site." ;
253     $title = "(Detail Page)" ;
254     StartHTML($title, $text) ;
255    
256     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
257     if ($exists) { // get file info
258 dpavlin 1.4 $fsize = filesize($fsPath) ;
259     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
260     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
261     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
262     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
263     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
264     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
265     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
266     echo " permissions: <B>" ;
267     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
268     echo "</PRE>" ;
269 dpavlin 1.2
270 dpavlin 1.1 }
271    
272 dpavlin 1.6 if ( $editable && ($writable || !$exists) && !$file_lock ) {
273 dpavlin 1.1 $fh = fopen($fsPath,"a+") ;
274     rewind($fh) ;
275     $fstr = fread($fh,filesize($fsPath)) ;
276     fclose($fh) ;
277     $fstr = htmlentities( $fstr ) ;
278     ?>
279    
280 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
281 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
282     <B>DOCUMENT CONTENTS</B>
283     </SPAN><BR>
284     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
285     echo($fstr) ; ?></TEXTAREA>
286 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
287     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
288 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
289 dpavlin 1.2 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
290 dpavlin 1.4 VALUE="<?= $relPath ; ?>">
291 dpavlin 1.2 <br>
292     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
293 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="SAVE">
294     </FORM>
295    
296     <?php
297 dpavlin 1.6 } else if ( strstr( join(" ",$gblImages), $ext ) ) {
298     $info = getimagesize($fsPath) ;
299     $tstr = "<IMG SRC=\"". $relPath . "\" BORDER=0 " ;
300     $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
301     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
302     echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
303 dpavlin 1.1 }
304 dpavlin 1.6
305 dpavlin 1.1 ?>
306    
307 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
308     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
309     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
310 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
311    
312     <?php
313 dpavlin 1.6
314     if ($file_lock) {
315     ?>
316     <hr>
317     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
318     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
319     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
320     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
321     <?
322     } // file_lock
323    
324 dpavlin 1.2 if (substr($fn,0,4) == ".del") {
325     $action="UNDELETE";
326     $desc="undelete previously deleted file";
327     } else {
328     $action="DELETE";
329     $desc="delete";
330     }
331    
332 dpavlin 1.1 if ($exists && $writable) {
333     ?>
334    
335 dpavlin 1.4 <HR>
336     <a name="undelete">
337     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
338     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
339 dpavlin 1.2 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
340     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
341    
342 dpavlin 1.4 <HR>
343     <a name="rename">
344     <SPAN TITLE="Check OK and click [RENAME] to rename.">
345     <B>OK TO RENAME "<?= $fn ; ?>" TO
346 dpavlin 1.2 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
347     ? </B></SPAN>
348 dpavlin 1.1 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
349 dpavlin 1.2 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
350 dpavlin 1.1
351 dpavlin 1.5 <?php
352     } // exists && writable
353     ?>
354 dpavlin 1.4 <HR>
355     <a name="note">
356     <B>NOTE FOR "<?= $fn ; ?>":
357     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
358     </B></SPAN>
359     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
360    
361 dpavlin 1.5 </FORM>
362    
363 dpavlin 1.1 <?php
364 dpavlin 1.5
365 dpavlin 1.2
366     $logname=dirname("$fsDir/$fn")."/.log/".basename("$fsDir/$fn");
367     if (file_exists($logname)) {
368     print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
369     $log=fopen($logname,"r");
370     $cl1=" class=lst"; $cl2="";
371     while($line = fgetcsv($log,255,"\t")) {
372     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
373     print "<tr><td$cl>$line[0]</td><td$cl>$line[1]</td><td$cl>$line[2]</td><td$cl>$line[3]</td></tr>\n";
374     }
375     fclose($log);
376     print "</table>";
377     }
378    
379 dpavlin 1.1 EndHTML() ;
380    
381     } // end function DetailPage
382    
383     //////////////////////////////////////////////////////////////////
384    
385     function DisplayCode($fsRoot,$relDir,$fn) {
386    
387     $path = $fsRoot . $relDir . "/" . $fn ;
388    
389     if (!file_exists($path)) Error("File not found",$path) ;
390    
391     StartHTML("(".$relDir."/".$fn.")","");
392    
393     $tstr = join("",file($path)) ;
394     $tstr = htmlentities($tstr) ;
395    
396     // Tabs
397     $tstr = str_replace(chr(9)," ",$tstr) ;
398    
399     // ASP tags & XML/PHP tags
400     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
401     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
402     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
403     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
404    
405     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
406     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
407     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
408     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
409    
410     // C style comment
411     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
412     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
413    
414     // HTML comments
415     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
416     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
417    
418     echo "<PRE>" ;
419    
420     $tstr = split("\n",$tstr) ;
421     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
422     // add line numbers
423     echo "<BR><EM>" ;
424     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
425     $line = $tstr[$i] ;
426     // C++ style comments
427     $pos = strpos($line,"//") ;
428     // exceptions: two slashes aren't a script comment
429     if (strstr($line,"//") &&
430     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
431     ! (substr($line,$pos,8) == "//--&gt;") &&
432     ! (substr($line,$pos,9) == "// --&gt;")) {
433     $beg = substr($line,0,strpos($line,"//")) ;
434     $end = strstr($line,"//") ;
435     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
436     }
437     // shell & asp style comments
438     $first = substr(ltrim($line),0,1) ;
439     if ($first == "#" || $first == "'") {
440     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
441     }
442     print($line) ;
443     } // next i
444    
445     echo "</PRE>" ;
446    
447     EndHTML() ;
448    
449     } // end function DisplayCode
450    
451     //////////////////////////////////////////////////////////////////
452    
453     function MockIcon($txt) {
454     $tstr = "<SPAN CLASS=MCK>" ;
455    
456     switch (strtolower($txt)) {
457     case ".bmp" :
458     case ".gif" :
459     case ".jpg" :
460     case ".jpeg":
461     case ".tif" :
462     case ".tiff":
463     $d = 176 ;
464     break ;
465     case ".doc" :
466     $d = 50 ;
467     break ;
468     case ".exe" :
469     case ".bat" :
470     $d = 255 ;
471     break ;
472     case ".bas" :
473     case ".c" :
474     case ".cc" :
475     case ".src" :
476     $d = 255 ;
477     break ;
478     case "file" :
479     $d = 51 ;
480     break ;
481     case "fldr" :
482     $d = 48 ;
483     break ;
484     case ".htm" :
485     case ".html":
486     case ".asa" :
487     case ".asp" :
488     case ".cfm" :
489     case ".php3":
490     case ".php" :
491     case ".phtml" :
492     case ".shtml" :
493     $d = 182 ;
494     break ;
495     case ".pdf" :
496     $d = 38 ;
497     break;
498     case ".txt" :
499     case ".ini" :
500     $d = 52 ;
501     break ;
502     case ".xls" :
503     $d = 252 ;
504     break ;
505     case ".zip" :
506     case ".arc" :
507     case ".sit" :
508     case ".tar" :
509     case ".gz" :
510     case ".tgz" :
511     case ".Z" :
512     $d = 59 ;
513     break ;
514     case "view" :
515     $d = 52 ;
516     break ;
517     case "up" :
518     $d = 199 ;
519     break ;
520     case "blank" :
521     return "&nbsp;&nbsp;</SPAN>" ;
522     break ;
523     default :
524     $d = 51 ;
525     }
526    
527     return $tstr . chr($d) . "</SPAN>" ;
528     } // end function MockIcon
529    
530     //////////////////////////////////////////////////////////////////
531    
532     function GifIcon($txt) {
533     global $gblIconLocation ;
534    
535     switch (strtolower($txt)) {
536     case ".bmp" :
537     case ".gif" :
538     case ".jpg" :
539     case ".jpeg":
540     case ".tif" :
541     case ".tiff":
542     $d = "image2.gif" ;
543     break ;
544     case ".doc" :
545     $d = "layout.gif" ;
546     break ;
547     case ".exe" :
548     case ".bat" :
549     $d = "screw2.gif" ;
550     break ;
551     case ".bas" :
552     case ".c" :
553     case ".cc" :
554     case ".src" :
555     $d = "c.gif" ;
556     break ;
557     case "file" :
558     $d = "generic.gif" ;
559     break ;
560     case "fldr" :
561     $d = "dir.gif" ;
562     break ;
563     case ".phps" :
564     $d = "phps.gif" ;
565     break ;
566     case ".php3" :
567     $d = "php3.gif" ;
568     break ;
569     case ".htm" :
570     case ".html":
571     case ".asa" :
572     case ".asp" :
573     case ".cfm" :
574     case ".php3":
575     case ".php" :
576     case ".phtml" :
577     case ".shtml" :
578     $d = "world1.gif" ;
579     break ;
580     case ".pdf" :
581     $d = "pdf.gif" ;
582     break;
583     case ".txt" :
584     case ".ini" :
585     $d = "text.gif" ;
586     break ;
587     case ".xls" :
588     $d = "box2.gif" ;
589     break ;
590     case ".zip" :
591     case ".arc" :
592     case ".sit" :
593     case ".tar" :
594     case ".gz" :
595     case ".tgz" :
596     case ".Z" :
597     $d = "compressed.gif" ;
598     break ;
599     case "view" :
600     $d = "index.gif" ;
601     break ;
602     case "up" :
603     $d = "back.gif" ;
604     break ;
605     case "blank" :
606     $d = "blank.gif" ;
607     break ;
608 dpavlin 1.4 case "checkout":
609 dpavlin 1.6 $d = "box2.gif";
610 dpavlin 1.4 break;
611     case "checkin":
612 dpavlin 1.6 $d = "hand.up.gif";
613     break;
614     case "locked":
615     $d = "screw2.gif";
616 dpavlin 1.4 break;
617     case "note":
618     $d = "quill.gif";
619     break;
620 dpavlin 1.1 default :
621     $d = "generic.gif" ;
622     }
623    
624     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
625     } // end function GifIcon
626    
627     //////////////////////////////////////////////////////////////////
628    
629     function Navigate($fsRoot,$relDir) {
630    
631     global $gblEditable, $gblIcon ;
632    
633     $self = $GLOBALS["PHP_SELF"] ;
634 dpavlin 1.2 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
635     $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
636     } else {
637     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
638     }
639 dpavlin 1.1 $fsDir = $fsRoot . $relDir . "/" ; // current directory
640    
641     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
642    
643     // read directory contents
644     if ( !($dir = @opendir($fsDir)) )
645     Error("Read Access denied",$relDir) ;
646     while ($item = readdir($dir)) {
647 dpavlin 1.2 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
648 dpavlin 1.1 if ( is_dir($fsDir . $item) ) {
649     $dirList[] = $item ;
650 dpavlin 1.2 } else if ( is_file($fsDir . $item) ) {
651 dpavlin 1.1 $fileList[] = $item ;
652 dpavlin 1.2 } else if ( is_link($fsDir . $item) ) {
653     $dirList[] = $item ;
654     } else {
655 dpavlin 1.1 // unknown file type
656     // $text = "Could not determine file type of " ;
657     // Error("File Error", $text.$relDir."/".$item) ;
658     // exit ;
659     }
660     }
661     closedir($dir) ;
662 dpavlin 1.2
663     // scan deleted files
664     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
665     while ($item = readdir($dir)) {
666     if ( substr($item,0,1) == "." ) continue ;
667     $fileList[] = ".del/$item" ;
668     }
669     closedir($dir) ;
670     }
671    
672 dpavlin 1.1 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
673    
674     // start navigation page
675 dpavlin 1.2 $text = "Use this page to add, delete";
676     if (! isset($show_deleted)) {
677 dpavlin 1.6 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
678 dpavlin 1.2 }
679     $text .= " or revise files on this web site." ;
680 dpavlin 1.1 StartHTML("(Navigate)",$text) ;
681    
682     echo "<TABLE BORDER=0 CELLPADDING=2
683     CELLSPACING=3 WIDTH=\"100%\">" ;
684    
685     // updir bar
686     if ($fsDir != $fsRoot) {
687     $parent = dirname($relDir) ;
688     if ($parent == "") $parent = "/" ;
689     ?>
690    
691 dpavlin 1.4 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
692     <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
693     <B><?= $parent ?></B></A></TD></TR>
694 dpavlin 1.1
695     <?php
696     }
697    
698     // output subdirs
699     if (sizeof($dirList) > 0) {
700     sort($dirList) ;
701     ?>
702    
703 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
704 dpavlin 1.1
705     <?php
706     while (list($key,$dir) = each($dirList)) {
707    
708     $tstr = "<A HREF=\"" . $self . "?D=" ;
709     $tstr .= urlencode($relDir."/".$dir) ;
710     $tstr .= "\">" . $dir . "/</A>" ;
711     ?>
712    
713 dpavlin 1.4 <TR><TD><?= $gblIcon("fldr") ?></TD>
714     <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
715 dpavlin 1.1
716     <?php
717     } // iterate over dirs
718     } // end if no dirs
719     ?>
720    
721 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
722 dpavlin 1.1 </B></TD></TR>
723     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
724 dpavlin 1.6 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
725 dpavlin 1.4 <TD CLASS=TOP>NOTE</TD>
726 dpavlin 1.1 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
727    
728     <?php
729     if (sizeof($fileList) > 0) {
730     sort($fileList) ;
731     while (list($key,$file) = each($fileList)) {
732 dpavlin 1.4 $path = $fsDir."/".$file ;
733     $mod = filemtime($path) ;
734     $sz = filesize($path) ;
735    
736     if ($sz >= 10240) {
737     $sz = (int)(($sz+1023)/1024) . " k" ;
738     } else {
739     $sz .= " " ;
740     } // end size
741 dpavlin 1.1
742 dpavlin 1.4 $a = $b = "" ;
743    
744     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
745    
746     if ( ($mod + 30*86400) > time() ) {
747     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
748     $a .= " than 30 days\"> * </SPAN>" ;
749     }
750    
751 dpavlin 1.6 $file_lock=CheckLock($path);
752    
753     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
754     $file_url_html.="&D=".urlencode($relDir);
755     $file_url_html.="\" TITLE=\"View file\">" ;
756 dpavlin 1.2
757     if (substr($file,0,5) != ".del/") {
758 dpavlin 1.6 $file_url_html .= $file . "</A>" . $a ;
759 dpavlin 1.2 } else {
760 dpavlin 1.6 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
761 dpavlin 1.4 }
762    
763 dpavlin 1.6 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
764 dpavlin 1.4
765     $ext = strtolower(strrchr($file,".")) ;
766 dpavlin 1.6
767     if ($file_lock) {
768     if ($file_lock == $GLOBALS[gblUserName]) {
769     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
770     $b.="&D=".urlencode($relDir);
771     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
772     $file_url_html=$b;
773     $b.=$gblIcon("checkin")."</A>" ;
774     $b.= $gblIcon("blank");
775     $file_url_html.="$file</a> $a";
776     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
777     } else {
778     $b = $gblIcon("locked");
779     $b.= $gblIcon("blank");
780     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
781     $file_url_html = "$file $a";
782     }
783 dpavlin 1.4 } else {
784 dpavlin 1.6 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
785     $b.="&D=".urlencode($relDir);
786     $b.="\" TITLE=\"Checkout file for edit\">" ;
787     $b.=$gblIcon("checkout")."</A>" ;
788    
789     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
790     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
791     $b.="&D=".urlencode($relDir);
792     $b.="\" TITLE=\"List contents\">" ;
793     $b.=$gblIcon("view")."</A>" ;
794     } else {
795     $b.= $gblIcon("blank");
796     }
797 dpavlin 1.2 }
798 dpavlin 1.1
799    
800     ?>
801    
802     <TR><TD>
803 dpavlin 1.4 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
804     <?= $gblIcon($ext) ?></A></TD>
805 dpavlin 1.6 <TD CLASS=LST><?= $file_url_html ?></TD>
806 dpavlin 1.4 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
807 dpavlin 1.6 <TD CLASS=LST ALIGN=left><?= $note_html ?></TD>
808 dpavlin 1.4 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
809     <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
810 dpavlin 1.1
811     <?php
812     } // iterate over files
813     } // end if no files
814    
815     if ($emptyDir) {
816     ?>
817    
818 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
819     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
820     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
821 dpavlin 1.1 OK TO DELETE THIS EMPTY FOLDER?
822     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
823     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
824     </TD></TR>
825     </FORM>
826    
827     <?php
828     } // end if emptyDir
829     ?>
830    
831 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
832 dpavlin 1.1
833 dpavlin 1.6 <TR><TD></TD><TD COLSPAN=5>
834     To just view file without editing, select it's filename (<b>don't edit files which are opened this way!</b>)<br>
835     To <b>edit</b> file select <?= $gblIcon("checkout") ?> to check-out
836     and edit it locally. After editing is over, select filename or <?= $gblIcon("checkin") ?> to check-in (update copy of file on server).<br>
837     <by>If you select icon left from filename, you will get detailed information
838     about file, as well as delete, rename and annotation options.
839     </TD></TR>
840    
841     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
842    
843 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
844     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
845 dpavlin 1.1 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
846     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
847     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
848     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
849 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
850 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
851 dpavlin 1.4 <NOBR>OR <A HREF="<?= $self
852     ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
853 dpavlin 1.1 </NOBR>
854     </TD></TR>
855     </FORM>
856     </TABLE>
857    
858     <?php
859     EndHTML() ;
860     } // end function Navigate
861    
862     //////////////////////////////////////////////////////////////////
863    
864 dpavlin 1.6 function UploadPage($fsRoot, $relDir, $filename) {
865 dpavlin 1.1
866     $self = $GLOBALS["PHP_SELF"] ;
867     if ($relDir == "") $relDir = "/" ;
868     ?>
869    
870     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
871     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
872 dpavlin 1.4 ACTION="<?= $self ?>">
873     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
874 dpavlin 1.6 <? if (isset($filename)) { ?>
875     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
876     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
877     <? } ?>
878 dpavlin 1.1 <P>PATHNAME OF LOCAL FILE<BR>
879 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
880 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
881     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
882     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
883     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
884     you must upgrade to an RFC1867-compliant browser.</P>
885 dpavlin 1.4 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
886 dpavlin 1.1 </FORM>
887     </TD></TR>
888     <TR><TD></TD><TD>
889 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
890     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
891 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
892     </FORM>
893     </TD></TR></TABLE></P>
894    
895     <?php
896     } // end function UploadPage
897    
898     //////////////////////////////////////////////////////////////////
899    
900     function Error($title,$text="") {
901     StartHTML("(".$title.")",$text) ;
902     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
903     EndHTML() ;
904     exit ;
905     } // end function Error
906    
907     //////////////////////////////////////////////////////////////////
908    
909     function CreateHash($user, $pw) {
910    
911     global $gblHash ; // hash function to use
912    
913     if ($user == "" || $pw == "") {
914     $text = "either no password or no username supplied" ;
915     Error("Create Hash",$text) ;
916     }
917     $title = "(Create Hash)" ;
918     StartHTML($title) ;
919     echo "<P ALIGN=center>" ;
920     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
921     echo "into the<BR>value for \$gblPw in the source of " ;
922     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
923     echo "</B><BR><BR>Hash function: " . $gblHash ;
924     echo "</BLOCKQUOTE></P>" ;
925     EndHTML() ;
926     exit ;
927    
928     } // end function CreateHash
929    
930     //////////////////////////////////////////////////////////////////
931    
932     function NoEntry() {
933    
934     $user = $GLOBALS["PHP_AUTH_USER"] ;
935     $pw = $GLOBALS["PHP_AUTH_PW"] ;
936     $self = $GLOBALS["PHP_SELF"] ;
937    
938     $title = "(401 Unauthorized)" ;
939     $text = "No trespassing !" ;
940     StartHTML($title,$text) ;
941     ?>
942    
943 dpavlin 1.4 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
944     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
945     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
946 dpavlin 1.1
947     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
948     Click below to <B>generate a password hash</B><BR>from
949     the username-password pair you just<BR>entered. Then include the hash in
950     the source<BR>of this file.<BR><BR>
951     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
952     </BLOCKQUOTE></FORM>
953    
954     <?php
955     EndHTML() ;
956     exit ;
957     }
958    
959     //////////////////////////////////////////////////////////////////
960    
961 dpavlin 1.2 function Logit($target,$msg) {
962    
963     $dir=dirname($target);
964     if (! file_exists($dir."/.log")) {
965     mkdir($dir."/.log",0700);
966     }
967     $file=basename($target);
968    
969     $log=fopen("$dir/.log/$file","a+");
970     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
971     "\t$GLOBALS[gblUserName]\t$msg\n");
972     fclose($log);
973    
974     }
975    
976    
977 dpavlin 1.4 //////////////////////////////////////////////////////////////////
978    
979     function WriteNote($target,$msg) {
980    
981     $dir=dirname($target);
982     if (! file_exists($dir."/.note")) {
983     mkdir($dir."/.note",0700);
984     }
985     $file=basename($target);
986    
987     $note=fopen("$dir/.note/$file","w");
988     fputs($note,"$msg\n");
989     fclose($note);
990    
991     Logit($target,"added note $msg");
992    
993     }
994    
995     function ReadNote($target) {
996    
997     $dir=dirname($target);
998     $file=basename($target);
999     $msg="";
1000     if (file_exists($dir."/.note/$file")) {
1001     $note=fopen("$dir/.note/$file","r");
1002     $msg=fgets($note,4096);
1003     fclose($note);
1004     }
1005 dpavlin 1.6 return StripSlashes($msg);
1006 dpavlin 1.4
1007     }
1008    
1009     //////////////////////////////////////////////////////////////////
1010    
1011     function MoveTo($source,$folder) {
1012    
1013     $file=basename($source);
1014     if (! file_exists($folder)) {
1015     mkdir($folder,0700);
1016     }
1017     if (file_exists($source)) {
1018     rename($source,"$folder/$file");
1019     }
1020     }
1021 dpavlin 1.2
1022     //////////////////////////////////////////////////////////////////
1023    
1024 dpavlin 1.6 function Lock($target) {
1025    
1026     $dir=dirname($target);
1027     if (! file_exists($dir."/.lock")) {
1028     mkdir($dir."/.lock",0700);
1029     }
1030     $file=basename($target);
1031    
1032     if (file_exists("$dir/.lock/$file")) {
1033     Logit($target,"attempt to locked allready locked file!");
1034     } else {
1035     $lock=fopen("$dir/.lock/$file","w");
1036     fputs($lock,"$GLOBALS[gblUserName]\n");
1037     fclose($lock);
1038    
1039     Logit($target,"file locked");
1040     }
1041    
1042     }
1043    
1044     function CheckLock($target) {
1045    
1046     $dir=dirname($target);
1047     $file=basename($target);
1048     $msg=0;
1049     if (file_exists($dir."/.lock/$file")) {
1050     $lock=fopen("$dir/.lock/$file","r");
1051     $msg=fgets($lock,4096);
1052     fclose($lock);
1053     }
1054     return chop($msg);
1055    
1056     }
1057    
1058     function Unlock($target) {
1059    
1060     $dir=dirname($target);
1061     $file=basename($target);
1062     if (file_exists($dir."/.lock/$file")) {
1063     unlink("$dir/.lock/$file");
1064     Logit($target,"file unlocked");
1065     } else {
1066     Logit($target,"attempt to unlocked non-locked file!");
1067     }
1068    
1069     }
1070    
1071     //////////////////////////////////////////////////////////////////
1072    
1073 dpavlin 1.7 function redir_to_url($url) {
1074 dpavlin 1.8 $url=urlencode(StripSlashes("$url"));
1075 dpavlin 1.7 $url=str_replace("%2F","/",$url);
1076     $url=str_replace("+","%20",$url);
1077     Header("Location: $url");
1078     }
1079    
1080     //////////////////////////////////////////////////////////////////
1081    
1082 dpavlin 1.8 function safe_rename($from,$to) {
1083     if (file_exists($from) && is_writable(dirname($to))) {
1084     rename($from,$to);
1085     }
1086     }
1087    
1088     //////////////////////////////////////////////////////////////////
1089    
1090 dpavlin 1.1 // MAIN PROGRAM
1091     // ============
1092     // query parameters: capital letters
1093     // local functions : begin with capital letters
1094     // global constants: begin with gbl
1095    
1096 dpavlin 1.2 $gblFilePerms = 0640 ; // default for new files
1097     $gblDirPerms = 0750 ; // default for new dirs
1098 dpavlin 1.1
1099     // phpinfo() ;
1100     // exit ;
1101    
1102     // forks before authentication: style sheet and hash
1103     // creation if password not yet set.
1104     if ($STYLE == "get") { CSS() ; exit ; }
1105     if ($HASH != "") {
1106     CreateHash($USER, $PW) ;
1107     exit ;
1108     }
1109    
1110     // authentication if $gblAuth == true
1111 dpavlin 1.2 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
1112     isset($relogin) && $gblPw == $relogin ) {
1113 dpavlin 1.1 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
1114     header("HTTP/1.0 401 Unauthorized") ;
1115     NoEntry() ;
1116     exit ;
1117     }
1118    
1119     // get current directory relative to $gblFsRoot
1120     $relDir = $DIR ; // from POST
1121     if ($relDir == "") { // not defined in POST ?
1122     $relDir = urldecode($D) ; // then use GET
1123     }
1124    
1125     if ($relDir == "/") $relDir = "" ;
1126     // default : website root = ""
1127    
1128     if (strstr($relDir,"..")) Error("No updirs allowed");
1129    
1130     // full paths contain "fs" or "Fs". Paths realitve to root of
1131     // website contain "rel" or "Rel". The script won't let you
1132     // edit anything above directory equal to http://server.com
1133     // i.e. below $gblFsRoot.
1134    
1135     $relScriptDir = dirname($SCRIPT_NAME) ;
1136     // i.e. /siteman
1137    
1138     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1139     // i.e. /home/httpd/html/siteman
1140    
1141     $gblFsRoot = substr($fsScriptDir,0,
1142     strlen($fsScriptDir)-strlen($relScriptDir)) ;
1143     // i.e. /home/httpd/html
1144    
1145     $fsDir = $gblFsRoot . $relDir ; // current directory
1146     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1147    
1148     switch ($POSTACTION) {
1149     case "UPLOAD" :
1150 dpavlin 1.2 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1151 dpavlin 1.1 if (strstr($FN_name,"/"))
1152     Error("Non-conforming filename") ;
1153     // TODO : should rather check for escapeshellcmds
1154     // but maybe RFC 18xx asserts safe filenames ....
1155     $source = $FN ;
1156 dpavlin 1.6 if (! isset($FILENAME)) { // from update file
1157     $target = "$fsDir/$FN_name" ;
1158     } else {
1159     $target = "$fsDir/$FILENAME";
1160     }
1161 dpavlin 1.2
1162     // backup old files first
1163     $dir=dirname($target);
1164     if (! file_exists($dir."/.bak")) {
1165     mkdir($dir."/.bak",0700);
1166     }
1167     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1168     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1169     }
1170     $file=basename($target);
1171     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1172 dpavlin 1.4 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1173 dpavlin 1.2 }
1174 dpavlin 1.6 MoveTo($target,$dir."/.bak/1/");
1175 dpavlin 1.2
1176     copy($source,$target) ;
1177     chmod($target,$gblFilePerms) ;
1178 dpavlin 1.1 clearstatcache() ;
1179 dpavlin 1.2 Logit($target,"uploaded");
1180 dpavlin 1.6 if (isset($FILENAME)) {
1181     Unlock($target);
1182     }
1183 dpavlin 1.1 break ;
1184    
1185     case "SAVE" :
1186     $path = $gblFsRoot . escapeshellcmd($RELPATH) ;
1187 dpavlin 1.2 $writable = is_writeable($path) ;
1188     $legaldir = is_writeable(dirname($path)) ;
1189 dpavlin 1.1 $exists = (file_exists($path)) ? 1 : 0 ;
1190     // check for legal extension here as well
1191     if (!($writable || (!$exists && $legaldir)))
1192     Error("Write denied",$RELPATH) ;
1193     $fh = fopen($path, "w") ;
1194     fwrite($fh,$FILEDATA) ;
1195     fclose($fh) ;
1196     clearstatcache() ;
1197 dpavlin 1.2 Logit($path,"saved changes");
1198 dpavlin 1.1 break ;
1199    
1200     case "CREATE" :
1201     // we know $fsDir exists
1202 dpavlin 1.2 if ($FN == "") break; // no filename!
1203     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1204 dpavlin 1.1 $path = $fsDir . "/" . $FN ; // file or dir to create
1205     $relPath = $relDir . "/" . $FN ;
1206     switch ( $T ) {
1207     case "D" : // create a directory
1208 dpavlin 1.6 if ( ! @mkdir($path,$gblDirPerms) )
1209     Error("Mkdir failed",$relPath) ; // eg. if it exists
1210     clearstatcache() ;
1211     break ;
1212 dpavlin 1.1 case "F" : // create a new file
1213     // this functionality is doubled in DetailView().
1214     // better keep it here altogether
1215     // chmod perms to $gblFilePerms
1216 dpavlin 1.6 if ( file_exists($path) && !is_writable($path) )
1217     Error("File not writable", $relPath) ;
1218     $fh = fopen($path, "w+") ;
1219     if ($fh) {
1220     fputs($fh,"\n");
1221     fclose($fh) ;
1222     LogIt($path,"file created");
1223     } else {
1224     Error("Creation of file $relPath failed -- $path");
1225     }
1226     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1227     header("Location: " . $tstr) ;
1228     exit ;
1229 dpavlin 1.1 }
1230     break ;
1231    
1232     case "DELETE" :
1233     if ( $CONFIRM != "on" ) break ;
1234    
1235     $tstr = "Attempt to delete non-existing object or " ;
1236     $tstr .= "insufficient privileges: " ;
1237    
1238     if ( $FN != "") { // delete file
1239 dpavlin 1.2 $path = $fsDir . "/" . $FN ;
1240    
1241     $dir=dirname($path);
1242     $file=basename($path);
1243     if (! file_exists("$dir/.del")) {
1244     mkdir("$dir/.del",0700);
1245     }
1246    
1247     // if ( ! @unlink($path) ) {
1248     if ( ! rename($path,"$dir/.del/$file") ) {
1249     Error("File delete failed", $tstr . $path) ;
1250     Logit($path,"file delete failed");
1251     exit ;
1252     } else {
1253     Logit($path,"file deleted");
1254 dpavlin 1.4 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1255     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1256 dpavlin 1.6 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1257 dpavlin 1.2 }
1258 dpavlin 1.1 }
1259     else { // delete directory
1260     if ( ! @rmdir($fsDir) ) {
1261     Error("Rmdir failed", $tstr . $fsDir) ;
1262     }
1263     else {
1264     $relDir = dirname($relDir) ; // move up
1265     }
1266     }
1267     break ;
1268    
1269 dpavlin 1.2 case "UNDELETE" :
1270     if ( $CONFIRM != "on" ) break ;
1271    
1272     if (substr($FN,0,4) != ".del") break ;
1273     $file=substr($FN,4,strlen($FN)-4);
1274    
1275     Logit("$fsDir/.del/$file","undeleted");
1276 dpavlin 1.4 MoveTo("$fsDir/.del/$file","$fsDir/");
1277     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1278     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1279 dpavlin 1.6 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1280 dpavlin 1.2
1281     break ;
1282    
1283     case "RENAME" :
1284     if ( $CONFIRM != "on" ) break ;
1285    
1286     Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1287 dpavlin 1.8 safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
1288     safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1289     safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
1290     safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
1291 dpavlin 1.2
1292 dpavlin 1.4 break ;
1293    
1294     case "NOTE" :
1295     WriteNote("$fsDir/$FN","$NOTE");
1296 dpavlin 1.2 break ;
1297    
1298 dpavlin 1.6 case "UNLOCK" :
1299     if ( $CONFIRM != "on" ) break ;
1300     Unlock("$fsDir/$FN");
1301     break ;
1302    
1303 dpavlin 1.1 default :
1304     // user hit "CANCEL" or undefined action
1305     }
1306    
1307     // common to all POSTs : redirect to directory view ($relDir)
1308     if ( $POSTACTION != "" ) {
1309     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1310     header("Location: " . $tstr) ;
1311     exit ;
1312     }
1313    
1314     // check for mode.. navigate, code display, upload, or detail?
1315     // $A=U : upload to path given in $D
1316     // $A=E : display detail of file $D/$F and edit
1317     // $A=C : display code in file $D/$F
1318 dpavlin 1.6 // $A=Co : checkout file $D/$F
1319     // $A=Ci : checkin file $D/$F
1320     // $A=V : view file (do nothing except log)
1321 dpavlin 1.1 // default : display directory $D
1322    
1323     switch ($A) {
1324     case "U" :
1325     // upload to $relDir
1326 dpavlin 1.2 if (!is_writeable($gblFsRoot . $relDir))
1327 dpavlin 1.1 Error("Write access denied",$relDir) ;
1328     $text = "Use this page to upload a single " ;
1329     $text .= "file to <B>$SERVER_NAME</B>." ;
1330     StartHTML("(Upload Page)", $text) ;
1331     UploadPage($gblFsRoot, $relDir) ;
1332     EndHTML() ;
1333     exit ;
1334     case "E" :
1335     // detail of $relDir/$F
1336 dpavlin 1.2 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1337 dpavlin 1.1 exit ;
1338     case "C" :
1339     // listing of $relDir/$F
1340     DisplayCode($gblFsRoot, $relDir, $F) ;
1341     exit ;
1342 dpavlin 1.6 case "Co" :
1343     // checkout
1344     Lock("$gblFsRoot/$relDir/$F");
1345 dpavlin 1.7 redir_to_url("$relDir/$F");
1346 dpavlin 1.6 exit;
1347     case "Ci" :
1348     // upload && update to $relDir
1349     if (!is_writeable($gblFsRoot . $relDir))
1350     Error("Write access denied",$relDir) ;
1351     $text = "Use this page to update a single " ;
1352     $text .= "file to <B>$SERVER_NAME</B>." ;
1353     StartHTML("(Update file Page)", $text) ;
1354     UploadPage($gblFsRoot, $relDir, $F) ;
1355     EndHTML() ;
1356     exit ;
1357     case "V" :
1358     // view
1359     Log("viewed");
1360 dpavlin 1.7 redir_to_url("$relDir/$F");
1361 dpavlin 1.6 exit;
1362 dpavlin 1.1 }
1363    
1364     // default: display directory $relDir
1365     Navigate($gblFsRoot,$relDir) ;
1366     exit ;
1367    
1368     Error("Whooah!","By cartesian logic, this never happens") ;
1369     ?>

  ViewVC Help
Powered by ViewVC 1.1.26