--- docman.php 2000/09/06 11:00:14 1.14 +++ docman.php 2000/12/21 07:30:04 1.25 @@ -35,22 +35,14 @@ /* existent address after file modifications. */ /* - 2000-07-25 Dobrica Pavlinusic - nuked exec calls (unsecure) - nuked writeable function (replaced by php is_writeable) - added support for https (tested with apache+mod_ssl) - added users file - date format user-selectable - cycle backup files in bak directory - support links as directoryes (for now) - support of file history logging - undelete capabilities (delete moves to .del directory) + This project is now called Directory Manager. - 2000-07-26 DbP + For more info, please see web pages at + http://www.rot13.org/~dpavlin/docman.html - added more checking on entered filename (when creating file/dir) - added rename option + It's relased under GPL by + Dobrica Pavlinusic IMPORTANT INSTALLATION NOTE: @@ -65,9 +57,8 @@ TODO: mixed file/directory output (add type to each entry, real support for links) - retrieve old versions of files (overwritten) - show last lock date - + access controll + */ ////////////////////////////////////////////////////////////////// @@ -80,7 +71,7 @@ // GLOBAL PARAMETERS // ================= -// Make modifications here to suit siteman to your needs +// Make modifications here to suit docman to your needs // error_reporting(4) ; // how verbose ? @@ -367,7 +358,7 @@ undelete"; } $text .= " or revise files on this web site." ; + $text .= "
Examine list of files changed in last day or all changes."; StartHTML("(Navigate)",$text) ; echo " + + @@ -848,15 +846,14 @@ - + "; } ?> - - -
+ No files in this directory +
"; include(".info.inc"); + print "
CREATE NEW @@ -975,7 +972,7 @@ ////////////////////////////////////////////////////////////////// -function Logit($target,$msg) { +function LogIt($target,$msg) { $dir=dirname($target); if (! file_exists($dir."/.log")) { @@ -995,6 +992,7 @@ function WriteNote($target,$msg) { + $target=stripSlashes($target); $dir=dirname($target); if (! file_exists($dir."/.note")) { mkdir($dir."/.note",0700); @@ -1011,6 +1009,7 @@ function ReadNote($target) { + $target=stripSlashes($target); $dir=dirname($target); $file=basename($target); $msg=""; @@ -1027,6 +1026,7 @@ function MoveTo($source,$folder) { + $source=stripSlashes($source); $file=basename($source); if (! file_exists($folder)) { mkdir($folder,0700); @@ -1040,6 +1040,7 @@ function Lock($target) { + $target=stripSlashes($target); $dir=dirname($target); if (! file_exists($dir."/.lock")) { mkdir($dir."/.lock",0700); @@ -1060,6 +1061,7 @@ function CheckLock($target) { + $target=stripSlashes($target); $dir=dirname($target); $file=basename($target); $msg=0; @@ -1074,6 +1076,7 @@ function Unlock($target) { + $target=stripSlashes($target); $dir=dirname($target); $file=basename($target); if (file_exists($dir."/.lock/$file")) { @@ -1104,6 +1107,63 @@ ////////////////////////////////////////////////////////////////// +// recursivly delete directory + +function rrmdir($dir) { + $handle=opendir($dir); + while ($file = readdir($handle)) { + if ($file != "." && $file != "..") { + if (is_dir("$dir/$file")) + rrmdir("$dir/$file"); + else + if (! @unlink("$dir/$file")) return(0); + } + } + closedir($handle); + return @rmdir($dir); +} + +////////////////////////////////////////////////////////////////// + +function ChangeLog($target,$msg) { + + global $gblFsRoot; + $log=fopen("$gblFsRoot/.changelog","a+"); + if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot) + $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot)); + fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n"); + fclose($log); + +} + +function DisplayChangeLog($day) { + + global $gblFsRoot; + if (!file_exists("$gblFsRoot/.changelog")) return; + $log=fopen("$gblFsRoot/.changelog","r"); + $logarr = array(); + while($line = fgetcsv($log,255,"\t")) { + if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) { + array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3])); + } + } + fclose($log); + $cl1=" class=lst"; $cl2=""; + print "\n"; + while ($e = array_shift($logarr)) { + $cl=$cl1; $cl1=$cl2; $cl2=$cl; + $date = date("$GLOBALS[gblDateFmt]", $e[0]); + $time = date("$GLOBALS[gblTimeFmt]", $e[0]); + $dir = dirname($e[1]); + $file = basename($e[1]); + print "$date$time$dir/$file$e[2]$e[3]\n"; + } + print "
"; + print "

".GifIcon(up)." Back to front page.

"; +} + +////////////////////////////////////////////////////////////////// + // MAIN PROGRAM // ============ // query parameters: capital letters @@ -1127,7 +1187,7 @@ // authentication if $gblAuth == true if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw || isset($relogin) && $gblPw == $relogin ) { - header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ; + header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ; header("HTTP/1.0 401 Unauthorized") ; NoEntry() ; exit ; @@ -1150,18 +1210,22 @@ // i.e. below $gblFsRoot. $relScriptDir = dirname($SCRIPT_NAME) ; - // i.e. /siteman + // i.e. /docman $fsScriptDir = dirname($SCRIPT_FILENAME) ; - // i.e. /home/httpd/html/siteman + // i.e. /home/httpd/html/docman - $gblFsRoot = substr($fsScriptDir,0, - strlen($fsScriptDir)-strlen($relScriptDir)) ; + // start on server root +// $gblFsRoot = substr($fsScriptDir,0, strlen($fsScriptDir)-strlen($relScriptDir)) ; + // or on script root + $gblFsRoot = $fsScriptDir; // i.e. /home/httpd/html $fsDir = $gblFsRoot . $relDir ; // current directory if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ; - + + $FN=stripSlashes($FN); + switch ($POSTACTION) { case "UPLOAD" : if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; @@ -1197,10 +1261,12 @@ if (isset($FILENAME)) { Unlock($target); } + ChangeLog($target,"updated"); break ; case "SAVE" : - $path = $gblFsRoot . escapeshellcmd($RELPATH) ; + $path = $gblFsRoot . $RELPATH ; + $path=stripSlashes($path); $writable = is_writeable($path) ; $legaldir = is_writeable(dirname($path)) ; $exists = (file_exists($path)) ? 1 : 0 ; @@ -1208,10 +1274,12 @@ if (!($writable || (!$exists && $legaldir))) Error("Write denied",$RELPATH) ; $fh = fopen($path, "w") ; + $FILEDATA=stripSlashes($FILEDATA); fwrite($fh,$FILEDATA) ; fclose($fh) ; clearstatcache() ; Logit($path,"saved changes"); + ChangeLog($path,"saved changes"); break ; case "CREATE" : @@ -1242,6 +1310,7 @@ } $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ; header("Location: " . $tstr) ; + ChangeLog($target,"created"); exit ; } break ; @@ -1274,7 +1343,7 @@ } } else { // delete directory - if ( ! @rmdir($fsDir) ) { + if ( ! @rrmdir($fsDir) ) { Error("Rmdir failed", $tstr . $fsDir) ; } else { @@ -1339,23 +1408,25 @@ // $A=Ci : checkin file $D/$F // $A=V : view file (do nothing except log) // default : display directory $D - + switch ($A) { case "U" : // upload to $relDir if (!is_writeable($gblFsRoot . $relDir)) Error("Write access denied",$relDir) ; $text = "Use this page to upload a single " ; - $text .= "file to $SERVER_NAME." ; + $text .= "file to $HTTP_HOST." ; StartHTML("(Upload Page)", $text) ; UploadPage($gblFsRoot, $relDir) ; EndHTML() ; exit ; case "E" : + $F=stripSlashes($F); // detail of $relDir/$F if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ; exit ; case "C" : + $F=stripSlashes($F); // listing of $relDir/$F DisplayCode($gblFsRoot, $relDir, $F) ; exit ; @@ -1366,11 +1437,12 @@ Header("Location: ".urlpath("$relDir/$F")); exit; case "Ci" : + $F=stripSlashes($F); // upload && update to $relDir if (!is_writeable($gblFsRoot . $relDir)) Error("Write access denied",$relDir) ; $text = "Use this page to update a single " ; - $text .= "file to $SERVER_NAME." ; + $text .= "file to $HTTP_HOST." ; StartHTML("(Update file Page)", $text) ; UploadPage($gblFsRoot, $relDir, $F) ; EndHTML() ; @@ -1381,6 +1453,16 @@ header("Content-Disposition: attachment; filename=$F" ); Header("Location: ".urlpath("$relDir/$F")); exit; + case "Ch" : + StartHTML("(File changes)","All changes chronologicaly..."); + DisplayChangeLog(0); // all + EndHTML() ; + exit; + case "Ch1" : + StartHTML("(File changes)","Changes to files in last day..."); + DisplayChangeLog(1); + EndHTML() ; + exit; } // default: display directory $relDir