120 |
$gblImages = array( ".jpg",".jpeg",".gif",".png",".ico", |
$gblImages = array( ".jpg",".jpeg",".gif",".png",".ico", |
121 |
".bmp",".xbm") ; |
".bmp",".xbm") ; |
122 |
|
|
123 |
|
// Where are users? (by default in .htusers file) |
124 |
|
$gblUsers = "htusers_file"; |
125 |
|
|
126 |
////////////////////////////////////////////////////////////////// |
////////////////////////////////////////////////////////////////// |
127 |
|
|
128 |
function StartHTML($title,$text="") { |
function StartHTML($title,$text="") { |
988 |
$msg=fgets($note,4096); |
$msg=fgets($note,4096); |
989 |
fclose($note); |
fclose($note); |
990 |
} |
} |
991 |
return StripSlashes($msg); |
return HtmlSpecialChars(StripSlashes($msg)); |
992 |
|
|
993 |
} |
} |
994 |
|
|
1178 |
// creation if password not yet set. |
// creation if password not yet set. |
1179 |
if ($STYLE == "get") { CSS() ; exit ; } |
if ($STYLE == "get") { CSS() ; exit ; } |
1180 |
|
|
1181 |
$htusers_file=dirname($SCRIPT_FILENAME)."/.htusers"; |
$fsScriptDir = dirname($SCRIPT_FILENAME) ; |
1182 |
if (! file_exists($htusers_file)) { |
// i.e. /home/httpd/html/docman |
1183 |
if (is_writeable(dirname($SCRIPT_FILENAME))) { |
|
1184 |
$htusers=fopen($htusers_file,"a+"); |
// read user-defined configuration |
1185 |
fputs($htusers,"# Change owner of $htusers_file to root !!\n"); |
if (file_exists("$fsScriptDir/.docman.conf")) { |
1186 |
fputs($htusers,"demo:full name:[md5_hash|auth_*]:e-mail\n"); |
include("$fsScriptDir/.docman.conf"); |
|
fclose($htusers); |
|
|
Error("Proto user file created!","Please edit <tt>$htusers_file</tt> and set it correct permissions (<B>not writable by web server as it is now!</b>). You can add users using <tt>adduser.pl</tt> script!"); |
|
|
exit; |
|
|
} else { |
|
|
Error("Can't create proto user file!","Please make directory <tt>".dirname($htusers_file)."</tt> writable or create <tt>.htusers</tt> file by hand using <tt>adduser.pl</tt> script!"); |
|
|
exit; |
|
|
} |
|
1187 |
} |
} |
1188 |
$htusers=fopen($htusers_file,"r"); |
|
1189 |
while($user = fgetcsv($htusers,255,":")) { |
// where do we get users from? |
1190 |
if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) { |
if (file_exists("$gblIncDir/$gblUsers.php")) { |
1191 |
$gblUserName=$user[1]; |
include("$gblIncDir/$gblUsers.php"); |
1192 |
$gblPw=$user[2]; |
} else { |
1193 |
if (substr($gblPw,0,5) == "auth_" && file_exists("$gblIncDir/$gblPw.php")) { |
Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/$gblUsers.php</tt> ! Please fix <tt>$fsScriptDir/.docman.conf</tt>"); |
|
require("$gblIncDir/$gblPw.php"); |
|
|
if ($gblPw($user)) { |
|
|
$gblPw=md5($PHP_AUTH_USER.$PHP_AUTH_PW); |
|
|
} else { |
|
|
$gblPw="error".md5($PHP_AUTH_USER.$PHP_AUTH_PW); |
|
|
} |
|
|
} |
|
|
$gblEmail=$user[3]; |
|
|
continue ; |
|
|
} |
|
1194 |
} |
} |
|
fclose($htusers); |
|
1195 |
|
|
1196 |
// authentication failure |
// authentication failure |
1197 |
if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw || |
if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw || |
1223 |
$relScriptDir = dirname($SCRIPT_NAME) ; |
$relScriptDir = dirname($SCRIPT_NAME) ; |
1224 |
// i.e. /docman |
// i.e. /docman |
1225 |
|
|
|
$fsScriptDir = dirname($SCRIPT_FILENAME) ; |
|
|
// i.e. /home/httpd/html/docman |
|
|
|
|
1226 |
// start on server root |
// start on server root |
1227 |
// $gblFsRoot = substr($fsScriptDir,0, strlen($fsScriptDir)-strlen($relScriptDir)) ; |
// $gblFsRoot = substr($fsScriptDir,0, strlen($fsScriptDir)-strlen($relScriptDir)) ; |
1228 |
// or on script root |
// or on script root |
1241 |
|
|
1242 |
$FN=stripSlashes($FN); |
$FN=stripSlashes($FN); |
1243 |
|
|
|
if (file_exists("$fsScriptDir/.docman.conf")) { |
|
|
include("$fsScriptDir/.docman.conf"); |
|
|
} |
|
1244 |
|
|
1245 |
switch ($POSTACTION) { |
switch ($POSTACTION) { |
1246 |
case "UPLOAD" : |
case "UPLOAD" : |