/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.9 - (hide annotations)
Fri Aug 4 10:43:23 2000 UTC (23 years, 7 months ago) by dpavlin
Branch: MAIN
Changes since 1.8: +13 -14 lines
picture support again working (with locks), fixes

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37 dpavlin 1.2 /*
38     2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39    
40     nuked exec calls (unsecure)
41     nuked writeable function (replaced by php is_writeable)
42     added support for https (tested with apache+mod_ssl)
43     added users file
44     date format user-selectable
45     cycle backup files in bak directory
46     support links as directoryes (for now)
47     support of file history logging
48     undelete capabilities (delete moves to .del directory)
49    
50     2000-07-26 DbP
51    
52     added more checking on entered filename (when creating file/dir)
53     added rename option
54    
55    
56     IMPORTANT INSTALLATION NOTE:
57     deny serving of .* (dot-something) files in web server!
58     Otherwise, uses can access your log files, users and/or
59     deleted files!
60    
61     .htusers is in form:
62     login:Real Name:md5(loginpassword)
63    
64    
65     TODO:
66     mixed file/directory output (add type to each entry,
67     real support for links)
68 dpavlin 1.9 retrieve old versions of files (overwritten)
69 dpavlin 1.2 */
70    
71 dpavlin 1.1 //////////////////////////////////////////////////////////////////
72    
73     // TODO : Don't let the file be modified itself. Create a hash of
74     // it (kinda hard since it's self-referential ;-). Make better use
75     // of session management. Escapeshellcmd for all user input.
76    
77     //////////////////////////////////////////////////////////////////
78    
79     // GLOBAL PARAMETERS
80     // =================
81     // Make modifications here to suit siteman to your needs
82    
83     // error_reporting(4) ; // how verbose ?
84    
85     // username/password should not be system
86     // usernames/passwords !!
87    
88 dpavlin 1.2 // $gblPw = "hash_of_your_username_and_password" ;
89    
90     // $gblAuth = false ; // use builtin authentication
91     $gblAuth = true ; // use builtin authentication
92 dpavlin 1.1 $gblHash = "md5" ; // hash function to use
93    
94 dpavlin 1.2 $gblPw = "";
95    
96     if ($gblAuth) {
97 dpavlin 1.3 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
98     if (! file_exists($htusers_file)) {
99     $htusers=fopen($htusers_file,"a+");
100     fputs($htusers,"# Change owner of $htusers_file to root !!\n");
101     fputs($htusers,"demo:full name:md5_hash\n");
102     fclose($htusers);
103     }
104     $htusers=fopen($htusers_file,"r");
105 dpavlin 1.2 while($user = fgetcsv($htusers,255,":")) {
106     if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
107     $gblUserName=$user[1];
108     $gblPw=$user[2];
109     continue ;
110     }
111     }
112     fclose($htusers);
113     }
114    
115     // $gblDateFmt="D, F d, Y";
116     // $gblTimeFmt="g:i:sA";
117    
118     $gblDateFmt="Y-m-d";
119     $gblTimeFmt="H:i:s";
120    
121     // Number of backup files to keep
122     $gblNumBackups=5;
123    
124 dpavlin 1.1 // choose GifIcon below unless you have the M$
125     // WingDings font installed on your system
126    
127     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
128    
129     // the directory below should be /icons/ or /icons/small/
130     // on Apache; a set of icons is included in the distribution
131    
132 dpavlin 1.3 $gblIconLocation = "/icons/" ;
133 dpavlin 1.1
134     // files you want to be able to edit in text mode
135     // and view with (primitive) syntax highlighting
136    
137     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
138     ".cfm",".php3",".php",".phtml",
139     ".shtml",".css" ) ;
140    
141     // files that will display as images on the detail page
142     // (useless if your browser doesn't support them)
143    
144     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
145     ".bmp",".xbm") ;
146    
147     //////////////////////////////////////////////////////////////////
148    
149     function StartHTML($title,$text="") {
150    
151     $title = "Site Manager " . $title ;
152     $host = $GLOBALS["HTTP_HOST"] ;
153     $self = $GLOBALS["PHP_SELF"] ;
154     ?>
155    
156     <HTML>
157     <HEAD>
158 dpavlin 1.4 <TITLE><?= $host . " " . $title ?></TITLE>
159 dpavlin 1.1 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
160     <META NAME="keywords" CONTENT="site manager, web site maintenance">
161     <META NAME="robots" CONTENT="noindex">
162     <META HTTP-EQUIV="expires" CONTENT="0">
163     <LINK REL="stylesheet" TYPE="text/css"
164 dpavlin 1.4 HREF="<?= $self ?>?STYLE=get">
165 dpavlin 1.1 </HEAD>
166     <BODY BGCOLOR="#FFFFFF">
167 dpavlin 1.4 <H3 ALIGN="RIGHT"><?= $host ?></H3>
168 dpavlin 1.1 <TABLE BORDER=0 WIDTH="100%"><TR>
169 dpavlin 1.4 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
170     <P><?= $text ?></P>
171 dpavlin 1.1
172     <?php
173     } // end function StartHTML
174    
175     //////////////////////////////////////////////////////////////////
176    
177     function EndHTML() {
178     ?>
179    
180     <HR>
181     <P CLASS=FTR>
182 dpavlin 1.2 <B><?= date($GLOBALS[gblDateFmt]) ?> -
183     <?= date($GLOBALS[gblTimeFmt]) ?> -
184     <?= $GLOBALS[gblUserName] ?>
185 dpavlin 1.6 <small> [<a href="<?= $GLOBALS["PHP_SELF"] ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
186 dpavlin 1.2 </B>
187     <BR>ANYPORTAL(php) Site Manager
188     <br><small>
189     &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
190     &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
191     &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
192     </small>
193 dpavlin 1.1 </P>
194 dpavlin 1.2 <BR>
195 dpavlin 1.9 <? //include(".debug.inc") ?>
196 dpavlin 1.2 <BR><BR></BODY></HTML>
197 dpavlin 1.1
198     <?php
199     } // end function EndHTML
200    
201     //////////////////////////////////////////////////////////////////
202    
203     function CSS() {
204     ?>
205    
206 dpavlin 1.2 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
207 dpavlin 1.1 .BLK { color:black; }
208     .RED { color:red; }
209     .TOP { color:red; font-size:70%; } /* table headings */
210     .INV { color:white; background-color:navy;
211     font-weight:bold; font-size:120%; } /* title */
212     .FTR { } /* footer */
213     .LST { background-color:#E0E0E0; } /* table cells */
214     .BAR { background-color:#E0E0E0; } /* action bar */
215     PRE { color:blue; font-family:Lucida Console,Courier New,
216     Courier,sans-serif; } /* source code */
217     EM { color:green; font-style:normal; } /* line numbers */
218     .REM { color:silver; }
219     .XML { color:navy; background-color:yellow; }
220     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
221     A:HOVER { color:red; }
222    
223     <?php
224     } // end function CSS
225    
226     //////////////////////////////////////////////////////////////////
227    
228     function DetailPage($fsRoot,$relDir,$fn) {
229    
230     global $gblEditable, $gblImages ;
231     $self = $GLOBALS["PHP_SELF"] ;
232    
233     $relPath = $relDir . "/" . $fn ;
234     $fsPath = $fsRoot . $relPath ;
235     $fsDir = $fsRoot . $relDir ;
236    
237     $exists = file_exists($fsPath) ;
238     $ext = strtolower(strrchr($relPath,".")) ;
239     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
240 dpavlin 1.2 $writable = is_writeable($fsPath) ;
241 dpavlin 1.6 $file_lock = CheckLock($fsPath);
242 dpavlin 1.1
243     if (!$editable && !$exists)
244     Error("Creation unsupported for type",$relPath) ;
245 dpavlin 1.2 if (!exists && !is_writeable($fsDir) )
246 dpavlin 1.1 Error("Creation denied",$relDir) ;
247    
248     $text = "Use this page to view, modify or " ;
249     $text .= "delete a single document on this " ;
250     $text .= "web site." ;
251     $title = "(Detail Page)" ;
252     StartHTML($title, $text) ;
253    
254     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
255     if ($exists) { // get file info
256 dpavlin 1.4 $fsize = filesize($fsPath) ;
257     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
258     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
259     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
260     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
261     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
262     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
263     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
264     echo " permissions: <B>" ;
265     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
266     echo "</PRE>" ;
267 dpavlin 1.2
268 dpavlin 1.1 }
269    
270 dpavlin 1.6 if ( $editable && ($writable || !$exists) && !$file_lock ) {
271 dpavlin 1.1 $fh = fopen($fsPath,"a+") ;
272     rewind($fh) ;
273     $fstr = fread($fh,filesize($fsPath)) ;
274     fclose($fh) ;
275     $fstr = htmlentities( $fstr ) ;
276     ?>
277    
278 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
279 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
280     <B>DOCUMENT CONTENTS</B>
281     </SPAN><BR>
282     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
283     echo($fstr) ; ?></TEXTAREA>
284 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
285     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
286 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
287 dpavlin 1.2 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
288 dpavlin 1.4 VALUE="<?= $relPath ; ?>">
289 dpavlin 1.2 <br>
290     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
291 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="SAVE">
292     </FORM>
293    
294     <?php
295 dpavlin 1.9 }
296     if ( !$file_lock && strstr(join(" ",$gblImages),$ext) ) {
297 dpavlin 1.6 $info = getimagesize($fsPath) ;
298 dpavlin 1.9 $tstr = "<IMG SRC=\"".urlpath($relPath)."\" BORDER=0 " ;
299 dpavlin 1.6 $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
300     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
301 dpavlin 1.9 // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
302     echo $tstr ;
303 dpavlin 1.1 }
304 dpavlin 1.6
305 dpavlin 1.1 ?>
306    
307 dpavlin 1.4 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
308     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
309     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
310 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
311    
312     <?php
313 dpavlin 1.6
314     if ($file_lock) {
315     ?>
316     <hr>
317     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
318     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
319     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
320     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
321     <?
322     } // file_lock
323    
324 dpavlin 1.2 if (substr($fn,0,4) == ".del") {
325     $action="UNDELETE";
326     $desc="undelete previously deleted file";
327     } else {
328     $action="DELETE";
329     $desc="delete";
330     }
331    
332 dpavlin 1.1 if ($exists && $writable) {
333     ?>
334    
335 dpavlin 1.4 <HR>
336     <a name="undelete">
337     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
338     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
339 dpavlin 1.2 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
340     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
341    
342 dpavlin 1.4 <HR>
343     <a name="rename">
344     <SPAN TITLE="Check OK and click [RENAME] to rename.">
345     <B>OK TO RENAME "<?= $fn ; ?>" TO
346 dpavlin 1.2 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
347     ? </B></SPAN>
348 dpavlin 1.1 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
349 dpavlin 1.2 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
350 dpavlin 1.1
351 dpavlin 1.5 <?php
352     } // exists && writable
353     ?>
354 dpavlin 1.4 <HR>
355     <a name="note">
356     <B>NOTE FOR "<?= $fn ; ?>":
357     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
358     </B></SPAN>
359     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
360    
361 dpavlin 1.5 </FORM>
362    
363 dpavlin 1.1 <?php
364 dpavlin 1.5
365 dpavlin 1.2
366     $logname=dirname("$fsDir/$fn")."/.log/".basename("$fsDir/$fn");
367     if (file_exists($logname)) {
368     print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
369     $log=fopen($logname,"r");
370     $cl1=" class=lst"; $cl2="";
371     while($line = fgetcsv($log,255,"\t")) {
372     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
373     print "<tr><td$cl>$line[0]</td><td$cl>$line[1]</td><td$cl>$line[2]</td><td$cl>$line[3]</td></tr>\n";
374     }
375     fclose($log);
376     print "</table>";
377     }
378    
379 dpavlin 1.1 EndHTML() ;
380    
381     } // end function DetailPage
382    
383     //////////////////////////////////////////////////////////////////
384    
385     function DisplayCode($fsRoot,$relDir,$fn) {
386    
387     $path = $fsRoot . $relDir . "/" . $fn ;
388    
389     if (!file_exists($path)) Error("File not found",$path) ;
390    
391     StartHTML("(".$relDir."/".$fn.")","");
392    
393     $tstr = join("",file($path)) ;
394     $tstr = htmlentities($tstr) ;
395    
396     // Tabs
397     $tstr = str_replace(chr(9)," ",$tstr) ;
398    
399     // ASP tags & XML/PHP tags
400     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
401     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
402     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
403     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
404    
405     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
406     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
407     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
408     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
409    
410     // C style comment
411     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
412     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
413    
414     // HTML comments
415     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
416     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
417    
418     echo "<PRE>" ;
419    
420     $tstr = split("\n",$tstr) ;
421     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
422     // add line numbers
423     echo "<BR><EM>" ;
424     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
425     $line = $tstr[$i] ;
426     // C++ style comments
427     $pos = strpos($line,"//") ;
428     // exceptions: two slashes aren't a script comment
429     if (strstr($line,"//") &&
430     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
431     ! (substr($line,$pos,8) == "//--&gt;") &&
432     ! (substr($line,$pos,9) == "// --&gt;")) {
433     $beg = substr($line,0,strpos($line,"//")) ;
434     $end = strstr($line,"//") ;
435     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
436     }
437     // shell & asp style comments
438     $first = substr(ltrim($line),0,1) ;
439     if ($first == "#" || $first == "'") {
440     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
441     }
442     print($line) ;
443     } // next i
444    
445     echo "</PRE>" ;
446    
447     EndHTML() ;
448    
449     } // end function DisplayCode
450    
451     //////////////////////////////////////////////////////////////////
452    
453     function MockIcon($txt) {
454     $tstr = "<SPAN CLASS=MCK>" ;
455    
456     switch (strtolower($txt)) {
457     case ".bmp" :
458     case ".gif" :
459     case ".jpg" :
460     case ".jpeg":
461     case ".tif" :
462     case ".tiff":
463     $d = 176 ;
464     break ;
465     case ".doc" :
466     $d = 50 ;
467     break ;
468     case ".exe" :
469     case ".bat" :
470     $d = 255 ;
471     break ;
472     case ".bas" :
473     case ".c" :
474     case ".cc" :
475     case ".src" :
476     $d = 255 ;
477     break ;
478     case "file" :
479     $d = 51 ;
480     break ;
481     case "fldr" :
482     $d = 48 ;
483     break ;
484     case ".htm" :
485     case ".html":
486     case ".asa" :
487     case ".asp" :
488     case ".cfm" :
489     case ".php3":
490     case ".php" :
491     case ".phtml" :
492     case ".shtml" :
493     $d = 182 ;
494     break ;
495     case ".pdf" :
496     $d = 38 ;
497     break;
498     case ".txt" :
499     case ".ini" :
500     $d = 52 ;
501     break ;
502     case ".xls" :
503     $d = 252 ;
504     break ;
505     case ".zip" :
506     case ".arc" :
507     case ".sit" :
508     case ".tar" :
509     case ".gz" :
510     case ".tgz" :
511     case ".Z" :
512     $d = 59 ;
513     break ;
514     case "view" :
515     $d = 52 ;
516     break ;
517     case "up" :
518     $d = 199 ;
519     break ;
520     case "blank" :
521     return "&nbsp;&nbsp;</SPAN>" ;
522     break ;
523     default :
524     $d = 51 ;
525     }
526    
527     return $tstr . chr($d) . "</SPAN>" ;
528     } // end function MockIcon
529    
530     //////////////////////////////////////////////////////////////////
531    
532     function GifIcon($txt) {
533     global $gblIconLocation ;
534    
535     switch (strtolower($txt)) {
536     case ".bmp" :
537     case ".gif" :
538     case ".jpg" :
539     case ".jpeg":
540     case ".tif" :
541     case ".tiff":
542     $d = "image2.gif" ;
543     break ;
544     case ".doc" :
545     $d = "layout.gif" ;
546     break ;
547     case ".exe" :
548     case ".bat" :
549     $d = "screw2.gif" ;
550     break ;
551     case ".bas" :
552     case ".c" :
553     case ".cc" :
554     case ".src" :
555     $d = "c.gif" ;
556     break ;
557     case "file" :
558     $d = "generic.gif" ;
559     break ;
560     case "fldr" :
561     $d = "dir.gif" ;
562     break ;
563     case ".phps" :
564     $d = "phps.gif" ;
565     break ;
566     case ".php3" :
567     $d = "php3.gif" ;
568     break ;
569     case ".htm" :
570     case ".html":
571     case ".asa" :
572     case ".asp" :
573     case ".cfm" :
574     case ".php3":
575     case ".php" :
576     case ".phtml" :
577     case ".shtml" :
578     $d = "world1.gif" ;
579     break ;
580     case ".pdf" :
581     $d = "pdf.gif" ;
582     break;
583     case ".txt" :
584     case ".ini" :
585     $d = "text.gif" ;
586     break ;
587     case ".xls" :
588     $d = "box2.gif" ;
589     break ;
590     case ".zip" :
591     case ".arc" :
592     case ".sit" :
593     case ".tar" :
594     case ".gz" :
595     case ".tgz" :
596     case ".Z" :
597     $d = "compressed.gif" ;
598     break ;
599     case "view" :
600     $d = "index.gif" ;
601     break ;
602     case "up" :
603     $d = "back.gif" ;
604     break ;
605     case "blank" :
606     $d = "blank.gif" ;
607     break ;
608 dpavlin 1.4 case "checkout":
609 dpavlin 1.6 $d = "box2.gif";
610 dpavlin 1.4 break;
611     case "checkin":
612 dpavlin 1.6 $d = "hand.up.gif";
613     break;
614     case "locked":
615     $d = "screw2.gif";
616 dpavlin 1.4 break;
617     case "note":
618     $d = "quill.gif";
619     break;
620 dpavlin 1.1 default :
621     $d = "generic.gif" ;
622     }
623    
624     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
625     } // end function GifIcon
626    
627     //////////////////////////////////////////////////////////////////
628    
629     function Navigate($fsRoot,$relDir) {
630    
631     global $gblEditable, $gblIcon ;
632    
633     $self = $GLOBALS["PHP_SELF"] ;
634 dpavlin 1.2 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
635     $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
636     } else {
637     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
638     }
639 dpavlin 1.1 $fsDir = $fsRoot . $relDir . "/" ; // current directory
640    
641     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
642    
643     // read directory contents
644     if ( !($dir = @opendir($fsDir)) )
645     Error("Read Access denied",$relDir) ;
646     while ($item = readdir($dir)) {
647 dpavlin 1.2 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
648 dpavlin 1.1 if ( is_dir($fsDir . $item) ) {
649     $dirList[] = $item ;
650 dpavlin 1.2 } else if ( is_file($fsDir . $item) ) {
651 dpavlin 1.1 $fileList[] = $item ;
652 dpavlin 1.2 } else if ( is_link($fsDir . $item) ) {
653     $dirList[] = $item ;
654     } else {
655 dpavlin 1.1 // unknown file type
656     // $text = "Could not determine file type of " ;
657     // Error("File Error", $text.$relDir."/".$item) ;
658     // exit ;
659     }
660     }
661     closedir($dir) ;
662 dpavlin 1.2
663     // scan deleted files
664     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
665     while ($item = readdir($dir)) {
666     if ( substr($item,0,1) == "." ) continue ;
667     $fileList[] = ".del/$item" ;
668     }
669     closedir($dir) ;
670     }
671    
672 dpavlin 1.1 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
673    
674     // start navigation page
675 dpavlin 1.2 $text = "Use this page to add, delete";
676     if (! isset($show_deleted)) {
677 dpavlin 1.6 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
678 dpavlin 1.2 }
679     $text .= " or revise files on this web site." ;
680 dpavlin 1.1 StartHTML("(Navigate)",$text) ;
681    
682     echo "<TABLE BORDER=0 CELLPADDING=2
683     CELLSPACING=3 WIDTH=\"100%\">" ;
684    
685     // updir bar
686     if ($fsDir != $fsRoot) {
687     $parent = dirname($relDir) ;
688     if ($parent == "") $parent = "/" ;
689     ?>
690    
691 dpavlin 1.4 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
692     <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
693     <B><?= $parent ?></B></A></TD></TR>
694 dpavlin 1.1
695     <?php
696     }
697    
698     // output subdirs
699     if (sizeof($dirList) > 0) {
700     sort($dirList) ;
701     ?>
702    
703 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
704 dpavlin 1.1
705     <?php
706     while (list($key,$dir) = each($dirList)) {
707    
708     $tstr = "<A HREF=\"" . $self . "?D=" ;
709     $tstr .= urlencode($relDir."/".$dir) ;
710     $tstr .= "\">" . $dir . "/</A>" ;
711     ?>
712    
713 dpavlin 1.4 <TR><TD><?= $gblIcon("fldr") ?></TD>
714     <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
715 dpavlin 1.1
716     <?php
717     } // iterate over dirs
718     } // end if no dirs
719     ?>
720    
721 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
722 dpavlin 1.1 </B></TD></TR>
723     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
724 dpavlin 1.6 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
725 dpavlin 1.4 <TD CLASS=TOP>NOTE</TD>
726 dpavlin 1.1 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
727    
728     <?php
729     if (sizeof($fileList) > 0) {
730     sort($fileList) ;
731     while (list($key,$file) = each($fileList)) {
732 dpavlin 1.4 $path = $fsDir."/".$file ;
733     $mod = filemtime($path) ;
734     $sz = filesize($path) ;
735    
736     if ($sz >= 10240) {
737     $sz = (int)(($sz+1023)/1024) . " k" ;
738     } else {
739     $sz .= " " ;
740     } // end size
741 dpavlin 1.1
742 dpavlin 1.4 $a = $b = "" ;
743    
744     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
745    
746     if ( ($mod + 30*86400) > time() ) {
747     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
748     $a .= " than 30 days\"> * </SPAN>" ;
749     }
750    
751 dpavlin 1.6 $file_lock=CheckLock($path);
752    
753     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
754     $file_url_html.="&D=".urlencode($relDir);
755     $file_url_html.="\" TITLE=\"View file\">" ;
756 dpavlin 1.2
757     if (substr($file,0,5) != ".del/") {
758 dpavlin 1.6 $file_url_html .= $file . "</A>" . $a ;
759 dpavlin 1.2 } else {
760 dpavlin 1.6 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
761 dpavlin 1.4 }
762    
763 dpavlin 1.6 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
764 dpavlin 1.4
765     $ext = strtolower(strrchr($file,".")) ;
766 dpavlin 1.6
767     if ($file_lock) {
768     if ($file_lock == $GLOBALS[gblUserName]) {
769     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
770     $b.="&D=".urlencode($relDir);
771     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
772     $file_url_html=$b;
773     $b.=$gblIcon("checkin")."</A>" ;
774     $b.= $gblIcon("blank");
775     $file_url_html.="$file</a> $a";
776     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
777     } else {
778     $b = $gblIcon("locked");
779     $b.= $gblIcon("blank");
780     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
781     $file_url_html = "$file $a";
782     }
783 dpavlin 1.4 } else {
784 dpavlin 1.6 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
785     $b.="&D=".urlencode($relDir);
786     $b.="\" TITLE=\"Checkout file for edit\">" ;
787     $b.=$gblIcon("checkout")."</A>" ;
788    
789     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
790     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
791     $b.="&D=".urlencode($relDir);
792     $b.="\" TITLE=\"List contents\">" ;
793     $b.=$gblIcon("view")."</A>" ;
794     } else {
795     $b.= $gblIcon("blank");
796     }
797 dpavlin 1.2 }
798 dpavlin 1.1
799    
800     ?>
801    
802     <TR><TD>
803 dpavlin 1.4 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
804     <?= $gblIcon($ext) ?></A></TD>
805 dpavlin 1.6 <TD CLASS=LST><?= $file_url_html ?></TD>
806 dpavlin 1.4 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
807 dpavlin 1.6 <TD CLASS=LST ALIGN=left><?= $note_html ?></TD>
808 dpavlin 1.4 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
809     <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
810 dpavlin 1.1
811     <?php
812     } // iterate over files
813     } // end if no files
814    
815     if ($emptyDir) {
816     ?>
817    
818 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
819     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
820     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
821 dpavlin 1.1 OK TO DELETE THIS EMPTY FOLDER?
822     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
823     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
824     </TD></TR>
825     </FORM>
826    
827     <?php
828     } // end if emptyDir
829     ?>
830    
831 dpavlin 1.4 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
832 dpavlin 1.1
833 dpavlin 1.6 <TR><TD></TD><TD COLSPAN=5>
834     To just view file without editing, select it's filename (<b>don't edit files which are opened this way!</b>)<br>
835     To <b>edit</b> file select <?= $gblIcon("checkout") ?> to check-out
836     and edit it locally. After editing is over, select filename or <?= $gblIcon("checkin") ?> to check-in (update copy of file on server).<br>
837     <by>If you select icon left from filename, you will get detailed information
838     about file, as well as delete, rename and annotation options.
839     </TD></TR>
840    
841     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
842    
843 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
844     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
845 dpavlin 1.1 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
846     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
847     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
848     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
849 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
850 dpavlin 1.1 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
851 dpavlin 1.9 <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
852 dpavlin 1.1 </NOBR>
853     </TD></TR>
854     </FORM>
855     </TABLE>
856    
857     <?php
858     EndHTML() ;
859     } // end function Navigate
860    
861     //////////////////////////////////////////////////////////////////
862    
863 dpavlin 1.6 function UploadPage($fsRoot, $relDir, $filename) {
864 dpavlin 1.1
865     $self = $GLOBALS["PHP_SELF"] ;
866     if ($relDir == "") $relDir = "/" ;
867     ?>
868    
869     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
870     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
871 dpavlin 1.4 ACTION="<?= $self ?>">
872     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
873 dpavlin 1.6 <? if (isset($filename)) { ?>
874     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
875     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
876     <? } ?>
877 dpavlin 1.1 <P>PATHNAME OF LOCAL FILE<BR>
878 dpavlin 1.4 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
879 dpavlin 1.1 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
880     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
881     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
882     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
883     you must upgrade to an RFC1867-compliant browser.</P>
884 dpavlin 1.4 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
885 dpavlin 1.1 </FORM>
886     </TD></TR>
887     <TR><TD></TD><TD>
888 dpavlin 1.4 <FORM METHOD="POST" ACTION="<?= $self ?>">
889     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
890 dpavlin 1.1 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
891     </FORM>
892     </TD></TR></TABLE></P>
893    
894     <?php
895     } // end function UploadPage
896    
897     //////////////////////////////////////////////////////////////////
898    
899     function Error($title,$text="") {
900     StartHTML("(".$title.")",$text) ;
901     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
902     EndHTML() ;
903     exit ;
904     } // end function Error
905    
906     //////////////////////////////////////////////////////////////////
907    
908     function CreateHash($user, $pw) {
909    
910     global $gblHash ; // hash function to use
911    
912     if ($user == "" || $pw == "") {
913     $text = "either no password or no username supplied" ;
914     Error("Create Hash",$text) ;
915     }
916     $title = "(Create Hash)" ;
917     StartHTML($title) ;
918     echo "<P ALIGN=center>" ;
919     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
920     echo "into the<BR>value for \$gblPw in the source of " ;
921     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
922     echo "</B><BR><BR>Hash function: " . $gblHash ;
923     echo "</BLOCKQUOTE></P>" ;
924     EndHTML() ;
925     exit ;
926    
927     } // end function CreateHash
928    
929     //////////////////////////////////////////////////////////////////
930    
931     function NoEntry() {
932    
933     $user = $GLOBALS["PHP_AUTH_USER"] ;
934     $pw = $GLOBALS["PHP_AUTH_PW"] ;
935     $self = $GLOBALS["PHP_SELF"] ;
936    
937     $title = "(401 Unauthorized)" ;
938     $text = "No trespassing !" ;
939     StartHTML($title,$text) ;
940     ?>
941    
942 dpavlin 1.4 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
943     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
944     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
945 dpavlin 1.1
946     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
947     Click below to <B>generate a password hash</B><BR>from
948     the username-password pair you just<BR>entered. Then include the hash in
949     the source<BR>of this file.<BR><BR>
950     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
951     </BLOCKQUOTE></FORM>
952    
953     <?php
954     EndHTML() ;
955     exit ;
956     }
957    
958     //////////////////////////////////////////////////////////////////
959    
960 dpavlin 1.2 function Logit($target,$msg) {
961    
962     $dir=dirname($target);
963     if (! file_exists($dir."/.log")) {
964     mkdir($dir."/.log",0700);
965     }
966     $file=basename($target);
967    
968     $log=fopen("$dir/.log/$file","a+");
969     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
970     "\t$GLOBALS[gblUserName]\t$msg\n");
971     fclose($log);
972    
973     }
974    
975    
976 dpavlin 1.4 //////////////////////////////////////////////////////////////////
977    
978     function WriteNote($target,$msg) {
979    
980     $dir=dirname($target);
981     if (! file_exists($dir."/.note")) {
982     mkdir($dir."/.note",0700);
983     }
984     $file=basename($target);
985    
986     $note=fopen("$dir/.note/$file","w");
987     fputs($note,"$msg\n");
988     fclose($note);
989    
990     Logit($target,"added note $msg");
991    
992     }
993    
994     function ReadNote($target) {
995    
996     $dir=dirname($target);
997     $file=basename($target);
998     $msg="";
999     if (file_exists($dir."/.note/$file")) {
1000     $note=fopen("$dir/.note/$file","r");
1001     $msg=fgets($note,4096);
1002     fclose($note);
1003     }
1004 dpavlin 1.6 return StripSlashes($msg);
1005 dpavlin 1.4
1006     }
1007    
1008     //////////////////////////////////////////////////////////////////
1009    
1010     function MoveTo($source,$folder) {
1011    
1012     $file=basename($source);
1013     if (! file_exists($folder)) {
1014     mkdir($folder,0700);
1015     }
1016     if (file_exists($source)) {
1017     rename($source,"$folder/$file");
1018     }
1019     }
1020 dpavlin 1.2
1021     //////////////////////////////////////////////////////////////////
1022    
1023 dpavlin 1.6 function Lock($target) {
1024    
1025     $dir=dirname($target);
1026     if (! file_exists($dir."/.lock")) {
1027     mkdir($dir."/.lock",0700);
1028     }
1029     $file=basename($target);
1030    
1031     if (file_exists("$dir/.lock/$file")) {
1032     Logit($target,"attempt to locked allready locked file!");
1033     } else {
1034     $lock=fopen("$dir/.lock/$file","w");
1035     fputs($lock,"$GLOBALS[gblUserName]\n");
1036     fclose($lock);
1037    
1038     Logit($target,"file locked");
1039     }
1040    
1041     }
1042    
1043     function CheckLock($target) {
1044    
1045     $dir=dirname($target);
1046     $file=basename($target);
1047     $msg=0;
1048     if (file_exists($dir."/.lock/$file")) {
1049     $lock=fopen("$dir/.lock/$file","r");
1050     $msg=fgets($lock,4096);
1051     fclose($lock);
1052     }
1053     return chop($msg);
1054    
1055     }
1056    
1057     function Unlock($target) {
1058    
1059     $dir=dirname($target);
1060     $file=basename($target);
1061     if (file_exists($dir."/.lock/$file")) {
1062     unlink("$dir/.lock/$file");
1063     Logit($target,"file unlocked");
1064     } else {
1065     Logit($target,"attempt to unlocked non-locked file!");
1066     }
1067    
1068     }
1069    
1070     //////////////////////////////////////////////////////////////////
1071    
1072 dpavlin 1.9 function urlpath($url) {
1073 dpavlin 1.8 $url=urlencode(StripSlashes("$url"));
1074 dpavlin 1.7 $url=str_replace("%2F","/",$url);
1075     $url=str_replace("+","%20",$url);
1076 dpavlin 1.9 return($url);
1077 dpavlin 1.7 }
1078    
1079     //////////////////////////////////////////////////////////////////
1080    
1081 dpavlin 1.8 function safe_rename($from,$to) {
1082     if (file_exists($from) && is_writable(dirname($to))) {
1083     rename($from,$to);
1084     }
1085     }
1086    
1087     //////////////////////////////////////////////////////////////////
1088    
1089 dpavlin 1.1 // MAIN PROGRAM
1090     // ============
1091     // query parameters: capital letters
1092     // local functions : begin with capital letters
1093     // global constants: begin with gbl
1094    
1095 dpavlin 1.2 $gblFilePerms = 0640 ; // default for new files
1096     $gblDirPerms = 0750 ; // default for new dirs
1097 dpavlin 1.1
1098     // phpinfo() ;
1099     // exit ;
1100    
1101     // forks before authentication: style sheet and hash
1102     // creation if password not yet set.
1103     if ($STYLE == "get") { CSS() ; exit ; }
1104     if ($HASH != "") {
1105     CreateHash($USER, $PW) ;
1106     exit ;
1107     }
1108    
1109     // authentication if $gblAuth == true
1110 dpavlin 1.2 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
1111     isset($relogin) && $gblPw == $relogin ) {
1112 dpavlin 1.1 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
1113     header("HTTP/1.0 401 Unauthorized") ;
1114     NoEntry() ;
1115     exit ;
1116     }
1117    
1118     // get current directory relative to $gblFsRoot
1119     $relDir = $DIR ; // from POST
1120     if ($relDir == "") { // not defined in POST ?
1121     $relDir = urldecode($D) ; // then use GET
1122     }
1123    
1124     if ($relDir == "/") $relDir = "" ;
1125     // default : website root = ""
1126    
1127     if (strstr($relDir,"..")) Error("No updirs allowed");
1128    
1129     // full paths contain "fs" or "Fs". Paths realitve to root of
1130     // website contain "rel" or "Rel". The script won't let you
1131     // edit anything above directory equal to http://server.com
1132     // i.e. below $gblFsRoot.
1133    
1134     $relScriptDir = dirname($SCRIPT_NAME) ;
1135     // i.e. /siteman
1136    
1137     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1138     // i.e. /home/httpd/html/siteman
1139    
1140     $gblFsRoot = substr($fsScriptDir,0,
1141     strlen($fsScriptDir)-strlen($relScriptDir)) ;
1142     // i.e. /home/httpd/html
1143    
1144     $fsDir = $gblFsRoot . $relDir ; // current directory
1145     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1146    
1147     switch ($POSTACTION) {
1148     case "UPLOAD" :
1149 dpavlin 1.2 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1150 dpavlin 1.1 if (strstr($FN_name,"/"))
1151     Error("Non-conforming filename") ;
1152     // TODO : should rather check for escapeshellcmds
1153     // but maybe RFC 18xx asserts safe filenames ....
1154     $source = $FN ;
1155 dpavlin 1.6 if (! isset($FILENAME)) { // from update file
1156     $target = "$fsDir/$FN_name" ;
1157     } else {
1158     $target = "$fsDir/$FILENAME";
1159     }
1160 dpavlin 1.2
1161     // backup old files first
1162     $dir=dirname($target);
1163     if (! file_exists($dir."/.bak")) {
1164     mkdir($dir."/.bak",0700);
1165     }
1166     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1167     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1168     }
1169     $file=basename($target);
1170     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1171 dpavlin 1.4 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1172 dpavlin 1.2 }
1173 dpavlin 1.6 MoveTo($target,$dir."/.bak/1/");
1174 dpavlin 1.2
1175     copy($source,$target) ;
1176     chmod($target,$gblFilePerms) ;
1177 dpavlin 1.1 clearstatcache() ;
1178 dpavlin 1.2 Logit($target,"uploaded");
1179 dpavlin 1.6 if (isset($FILENAME)) {
1180     Unlock($target);
1181     }
1182 dpavlin 1.1 break ;
1183    
1184     case "SAVE" :
1185     $path = $gblFsRoot . escapeshellcmd($RELPATH) ;
1186 dpavlin 1.2 $writable = is_writeable($path) ;
1187     $legaldir = is_writeable(dirname($path)) ;
1188 dpavlin 1.1 $exists = (file_exists($path)) ? 1 : 0 ;
1189     // check for legal extension here as well
1190     if (!($writable || (!$exists && $legaldir)))
1191     Error("Write denied",$RELPATH) ;
1192     $fh = fopen($path, "w") ;
1193     fwrite($fh,$FILEDATA) ;
1194     fclose($fh) ;
1195     clearstatcache() ;
1196 dpavlin 1.2 Logit($path,"saved changes");
1197 dpavlin 1.1 break ;
1198    
1199     case "CREATE" :
1200     // we know $fsDir exists
1201 dpavlin 1.2 if ($FN == "") break; // no filename!
1202     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1203 dpavlin 1.1 $path = $fsDir . "/" . $FN ; // file or dir to create
1204     $relPath = $relDir . "/" . $FN ;
1205     switch ( $T ) {
1206     case "D" : // create a directory
1207 dpavlin 1.6 if ( ! @mkdir($path,$gblDirPerms) )
1208     Error("Mkdir failed",$relPath) ; // eg. if it exists
1209     clearstatcache() ;
1210     break ;
1211 dpavlin 1.1 case "F" : // create a new file
1212     // this functionality is doubled in DetailView().
1213     // better keep it here altogether
1214     // chmod perms to $gblFilePerms
1215 dpavlin 1.6 if ( file_exists($path) && !is_writable($path) )
1216     Error("File not writable", $relPath) ;
1217     $fh = fopen($path, "w+") ;
1218     if ($fh) {
1219     fputs($fh,"\n");
1220     fclose($fh) ;
1221     LogIt($path,"file created");
1222     } else {
1223     Error("Creation of file $relPath failed -- $path");
1224     }
1225     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1226     header("Location: " . $tstr) ;
1227     exit ;
1228 dpavlin 1.1 }
1229     break ;
1230    
1231     case "DELETE" :
1232     if ( $CONFIRM != "on" ) break ;
1233    
1234     $tstr = "Attempt to delete non-existing object or " ;
1235     $tstr .= "insufficient privileges: " ;
1236    
1237     if ( $FN != "") { // delete file
1238 dpavlin 1.2 $path = $fsDir . "/" . $FN ;
1239    
1240     $dir=dirname($path);
1241     $file=basename($path);
1242     if (! file_exists("$dir/.del")) {
1243     mkdir("$dir/.del",0700);
1244     }
1245    
1246     // if ( ! @unlink($path) ) {
1247     if ( ! rename($path,"$dir/.del/$file") ) {
1248     Error("File delete failed", $tstr . $path) ;
1249     Logit($path,"file delete failed");
1250     exit ;
1251     } else {
1252     Logit($path,"file deleted");
1253 dpavlin 1.4 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1254     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1255 dpavlin 1.6 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1256 dpavlin 1.2 }
1257 dpavlin 1.1 }
1258     else { // delete directory
1259     if ( ! @rmdir($fsDir) ) {
1260     Error("Rmdir failed", $tstr . $fsDir) ;
1261     }
1262     else {
1263     $relDir = dirname($relDir) ; // move up
1264     }
1265     }
1266     break ;
1267    
1268 dpavlin 1.2 case "UNDELETE" :
1269     if ( $CONFIRM != "on" ) break ;
1270    
1271     if (substr($FN,0,4) != ".del") break ;
1272     $file=substr($FN,4,strlen($FN)-4);
1273    
1274     Logit("$fsDir/.del/$file","undeleted");
1275 dpavlin 1.4 MoveTo("$fsDir/.del/$file","$fsDir/");
1276     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1277     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1278 dpavlin 1.6 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1279 dpavlin 1.2
1280     break ;
1281    
1282     case "RENAME" :
1283     if ( $CONFIRM != "on" ) break ;
1284    
1285     Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1286 dpavlin 1.8 safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
1287     safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1288     safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
1289     safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
1290 dpavlin 1.2
1291 dpavlin 1.4 break ;
1292    
1293     case "NOTE" :
1294     WriteNote("$fsDir/$FN","$NOTE");
1295 dpavlin 1.2 break ;
1296    
1297 dpavlin 1.6 case "UNLOCK" :
1298     if ( $CONFIRM != "on" ) break ;
1299     Unlock("$fsDir/$FN");
1300     break ;
1301    
1302 dpavlin 1.1 default :
1303     // user hit "CANCEL" or undefined action
1304     }
1305    
1306     // common to all POSTs : redirect to directory view ($relDir)
1307     if ( $POSTACTION != "" ) {
1308     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1309     header("Location: " . $tstr) ;
1310     exit ;
1311     }
1312    
1313     // check for mode.. navigate, code display, upload, or detail?
1314     // $A=U : upload to path given in $D
1315     // $A=E : display detail of file $D/$F and edit
1316     // $A=C : display code in file $D/$F
1317 dpavlin 1.6 // $A=Co : checkout file $D/$F
1318     // $A=Ci : checkin file $D/$F
1319     // $A=V : view file (do nothing except log)
1320 dpavlin 1.1 // default : display directory $D
1321    
1322     switch ($A) {
1323     case "U" :
1324     // upload to $relDir
1325 dpavlin 1.2 if (!is_writeable($gblFsRoot . $relDir))
1326 dpavlin 1.1 Error("Write access denied",$relDir) ;
1327     $text = "Use this page to upload a single " ;
1328     $text .= "file to <B>$SERVER_NAME</B>." ;
1329     StartHTML("(Upload Page)", $text) ;
1330     UploadPage($gblFsRoot, $relDir) ;
1331     EndHTML() ;
1332     exit ;
1333     case "E" :
1334     // detail of $relDir/$F
1335 dpavlin 1.2 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1336 dpavlin 1.1 exit ;
1337     case "C" :
1338     // listing of $relDir/$F
1339     DisplayCode($gblFsRoot, $relDir, $F) ;
1340     exit ;
1341 dpavlin 1.6 case "Co" :
1342     // checkout
1343     Lock("$gblFsRoot/$relDir/$F");
1344 dpavlin 1.9 Header("Location: ".urlpath("$relDir/$F"));
1345 dpavlin 1.6 exit;
1346     case "Ci" :
1347     // upload && update to $relDir
1348     if (!is_writeable($gblFsRoot . $relDir))
1349     Error("Write access denied",$relDir) ;
1350     $text = "Use this page to update a single " ;
1351     $text .= "file to <B>$SERVER_NAME</B>." ;
1352     StartHTML("(Update file Page)", $text) ;
1353     UploadPage($gblFsRoot, $relDir, $F) ;
1354     EndHTML() ;
1355     exit ;
1356     case "V" :
1357     // view
1358 dpavlin 1.9 LogIt("$gblFsRoot/$relDir/$F","viewed");
1359     Header("Location: ".urlpath("$relDir/$F"));
1360 dpavlin 1.6 exit;
1361 dpavlin 1.1 }
1362    
1363     // default: display directory $relDir
1364     Navigate($gblFsRoot,$relDir) ;
1365     exit ;
1366    
1367     Error("Whooah!","By cartesian logic, this never happens") ;
1368     ?>

  ViewVC Help
Powered by ViewVC 1.1.26