--- docman.php 2000/12/21 08:25:06 1.26
+++ docman.php 2001/03/11 15:36:51 1.35
@@ -51,7 +51,7 @@
deleted files!
.htusers is in form:
- login:Real Name:md5(loginpassword)
+ login:Real Name:[md5(loginpassword)|auth_*]:email@host.dom
TODO:
@@ -75,41 +75,20 @@
// error_reporting(4) ; // how verbose ?
+ // from where to include auth_*.php modules?
+ $gblIncDir = "/home/httpd/docman";
+
// username/password should not be system
// usernames/passwords !!
-// $gblPw = "hash_of_your_username_and_password" ;
-
-// $gblAuth = false ; // use builtin authentication
- $gblAuth = true ; // use builtin authentication
- $gblHash = "md5" ; // hash function to use
-
$gblPw = "";
- if ($gblAuth) {
- $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
- if (! file_exists($htusers_file)) {
- $htusers=fopen($htusers_file,"a+");
- fputs($htusers,"# Change owner of $htusers_file to root !!\n");
- fputs($htusers,"demo:full name:md5_hash\n");
- fclose($htusers);
- }
- $htusers=fopen($htusers_file,"r");
- while($user = fgetcsv($htusers,255,":")) {
- if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
- $gblUserName=$user[1];
- $gblPw=$user[2];
- $gblEmail=$user[3];
- continue ;
- }
- }
- fclose($htusers);
- }
-
+ // date format
// $gblDateFmt="D, F d, Y";
-// $gblTimeFmt="g:i:sA";
-
$gblDateFmt="Y-m-d";
+
+ // time format
+// $gblTimeFmt="g:i:sA";
$gblTimeFmt="H:i:s";
// Number of backup files to keep
@@ -121,12 +100,12 @@
// choose GifIcon below unless you have the M$
// WingDings font installed on your system
- $gblIcon = "GifIcon" ; // MockIcon or GifIcon
+ $gblIcon="GifIcon"; // MockIcon or GifIcon
// the directory below should be /icons/ or /icons/small/
// on Apache; a set of icons is included in the distribution
- $gblIconLocation = "/icons/" ;
+ $gblIconLocation="/icons/";
// files you want to be able to edit in text mode
// and view with (primitive) syntax highlighting
@@ -145,7 +124,7 @@
function StartHTML($title,$text="") {
- $title = "Site Manager " . $title ;
+ $title = "Document Manager " . $title ;
$host = $GLOBALS["HTTP_HOST"] ;
$self = $GLOBALS["PHP_SELF"] ;
?>
@@ -224,7 +203,7 @@
function DetailPage($fsRoot,$relDir,$fn) {
- global $gblEditable, $gblImages ;
+ global $gblEditable, $gblImages, $webRoot ;
$self = $GLOBALS["PHP_SELF"] ;
$relPath = $relDir . "/" . $fn ;
@@ -243,7 +222,11 @@
Error("Creation denied",$relDir) ;
$text = "Use this page to view, modify or " ;
- $text .= "delete a single document on this " ;
+ if (is_dir($fsPath)) {
+ $text .="delete a directory on this " ;
+ } else {
+ $text .= "delete a single document on this " ;
+ };
$text .= "web site." ;
$title = "(Detail Page)" ;
StartHTML($title, $text) ;
@@ -253,18 +236,21 @@
$fsize = filesize($fsPath) ;
$fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
$faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
- echo "
file size: " . $fsize . " Bytes
" ;
+ $userinfo = posix_getpwuid(fileowner($fsPath));
+ $grpinfo = posix_getgrgid(filegroup($fsPath));
+ echo "";
+ if (!is_dir($fsPath)) echo "file size: " . $fsize . " Bytes
" ;
echo "last modified: " . $fmodified . "
" ;
echo "last accessed: " . $faccessed . "
" ;
- echo " owner: " . fileowner($fsPath) . "
" ;
- echo " group: " . filegroup($fsPath) . "
" ;
+ echo " owner: " . $userinfo["name"] . "
" ;
+ echo " group: " . $grpinfo["name"] . "
" ;
echo " permissions: " ;
echo printf( "%o", fileperms($fsPath) ) . "" ;
echo "
" ;
}
- if ( $editable && ($writable || !$exists) && !$file_lock ) {
+ if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) {
$fh = fopen($fsPath,"a+") ;
rewind($fh) ;
$fstr = fread($fh,filesize($fsPath)) ;
@@ -292,7 +278,7 @@
}
if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
$info = getimagesize($fsPath) ;
- $tstr = "" ;
// echo htmlentities($tstr) . "
" . $tstr ;
@@ -364,19 +350,24 @@
$bakdir=dirname("$fsDir/$fn")."/.bak";
if (file_exists($logname)) {
$log=fopen($logname,"r");
- $cl1=" class=lst"; $cl2="";
+ $cl1=" class=LST"; $cl2="";
$logarr = array();
while($line = fgetcsv($log,255,"\t")) {
$cl=$cl1; $cl1=$cl2; $cl2=$cl;
array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
}
fclose($log);
- print "
CHANGES TO THIS FILE
\n";
+ if (is_dir("$fsDir/$fn")) {
+ $whatis="DIRECTORY";
+ } else {
+ $whatis="FILE";
+ }
+ print "
CHANGES TO THIS $whatis
\n";
$bakcount = 0; // start from 0, skip fist backup (it's current)
while ($e = array_shift($logarr)) {
if (strstr($e[4],"upload")) {
if (file_exists("$bakdir/$bakcount/$name")) {
- $e[4]="$e[4]";
+ $e[4]="$e[4]";
}
$bakcount++;
}
@@ -637,15 +628,11 @@
function Navigate($fsRoot,$relDir) {
- global $gblEditable, $gblIcon, $gblModDays ;
+ global $gblEditable, $gblIcon, $gblModDays, $webRoot ;
$self = $GLOBALS["PHP_SELF"] ;
- if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
- $webRoot = "https://" . $GLOBALS["HTTP_HOST"] ;
- } else {
- $webRoot = "http://" . $GLOBALS["HTTP_HOST"] ;
- }
- $fsDir = $fsRoot . $relDir . "/" ; // current directory
+
+ $fsDir = $fsRoot . $relDir . "/" ; // current directory
if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
@@ -710,18 +697,23 @@
sort($dirList) ;
?>
- | DIRECTORY NAME |
+ | DIRECTORY NAME | DIRECTORY NOTE |
" . $dir . "/" ;
+ $note_html="".$gblIcon("note")."".ReadNote($fsDir.$dir);
?>
-= $gblIcon("fldr") ?> |
-= $tstr ?> |
+
+
+= $gblIcon("fldr") ?> |
+= $tstr ?> |
+= $note_html ?> |
" ;
- echo "Copy the value below and paste it " ;
- echo "into the
value for \$gblPw in the source of " ;
- echo "this file
" . $gblHash($user.$pw) ;
- echo "
Hash function: " . $gblHash ;
- echo "
" ;
- EndHTML() ;
- exit ;
-
-} // end function CreateHash
-
-//////////////////////////////////////////////////////////////////
-
function NoEntry() {
$user = $GLOBALS["PHP_AUTH_USER"] ;
@@ -952,20 +921,7 @@
$title = "(401 Unauthorized)" ;
$text = "No trespassing !" ;
StartHTML($title,$text) ;
-?>
-
-
- $to\n";
+ if (file_exists($from) && is_writeable(dirname($to))) {
+ rename($from,$to);
+ }
+ }
+
+ function try_dir($todir) {
+ if (! file_exists($todir)) {
+ mkdir($todir,0700);
+ }
+ }
+
+ $to="$fromdir/$tofile";
+ $todir=dirname($to);
+ $tofile=basename($to);
+
+ print "$fromdir / $fromfile -> $todir / $tofile\n\n";
+
+ try_rename("$fromdir/$fromfile","$todir/$tofile");
+ try_dir("$todir/.log");
+ try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
+ try_dir("$todir/.note");
+ try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
+ try_dir("$todir/.lock");
+ try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
+ try_dir("$todir/.bak");
+ for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
+ try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
}
}
+
//////////////////////////////////////////////////////////////////
// recursivly delete directory
@@ -1148,7 +1132,7 @@
}
}
fclose($log);
- $cl1=" class=lst"; $cl2="";
+ $cl1=" class=LST"; $cl2="";
print "
\n";
while ($e = array_shift($logarr)) {
$cl=$cl1; $cl1=$cl2; $cl2=$cl;
@@ -1179,13 +1163,42 @@
// forks before authentication: style sheet and hash
// creation if password not yet set.
if ($STYLE == "get") { CSS() ; exit ; }
- if ($HASH != "") {
- CreateHash($USER, $PW) ;
- exit ;
+
+ $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
+ if (! file_exists($htusers_file)) {
+ if (is_writeable(dirname($SCRIPT_FILENAME))) {
+ $htusers=fopen($htusers_file,"a+");
+ fputs($htusers,"# Change owner of $htusers_file to root !!\n");
+ fputs($htusers,"demo:full name:[md5_hash|auth_*]:e-mail\n");
+ fclose($htusers);
+ Error("Proto user file created!","Please edit $htusers_file and set it correct permissions (not writable by web server as it is now!). You can add users using adduser.pl script!");
+ exit;
+ } else {
+ Error("Can't create proto user file!","Please make directory ".dirname($htusers_file)." writable or create .htusers file by hand using adduser.pl script!");
+ exit;
+ }
+ }
+ $htusers=fopen($htusers_file,"r");
+ while($user = fgetcsv($htusers,255,":")) {
+ if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
+ $gblUserName=$user[1];
+ $gblPw=$user[2];
+ if (substr($gblPw,0,5) == "auth_" && file_exists("$gblIncDir/$gblPw.php")) {
+ require("$gblIncDir/$gblPw.php");
+ if ($gblPw($user)) {
+ $gblPw=md5($PHP_AUTH_USER.$PHP_AUTH_PW);
+ } else {
+ $gblPw="error".md5($PHP_AUTH_USER.$PHP_AUTH_PW);
+ }
+ }
+ $gblEmail=$user[3];
+ continue ;
+ }
}
+ fclose($htusers);
- // authentication if $gblAuth == true
- if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
+ // authentication failure
+ if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
isset($relogin) && $gblPw == $relogin ) {
header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ;
header("HTTP/1.0 401 Unauthorized") ;
@@ -1224,6 +1237,13 @@
$fsDir = $gblFsRoot . $relDir ; // current directory
if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
+ if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
+ $webRoot = "https://";
+ } else {
+ $webRoot = "http://";
+ }
+ $webRoot .= $GLOBALS["HTTP_HOST"] . $relScriptDir;
+
$FN=stripSlashes($FN);
switch ($POSTACTION) {
@@ -1301,7 +1321,7 @@
// this functionality is doubled in DetailView().
// better keep it here altogether
// chmod perms to $gblFilePerms
- if ( file_exists($path) && !is_writable($path) )
+ if ( file_exists($path) && !is_writeable($path) )
Error("File not writable", $relPath) ;
$fh = fopen($path, "w+") ;
if ($fh) {
@@ -1373,14 +1393,7 @@
if ( $CONFIRM != "on" ) break ;
Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
- safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
- safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
- safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
- safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
- for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
- safe_rename("$fsDir/.bak/$i/$FN","$fsDir/.bak/$i/$NEWNAME");
- }
-
+ safe_rename($fsDir,$FN,$NEWNAME);
break ;
case "NOTE" :
@@ -1426,7 +1439,7 @@
case "E" :
$F=stripSlashes($F);
// detail of $relDir/$F
- if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
+ if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
exit ;
case "C" :
$F=stripSlashes($F);
@@ -1437,7 +1450,7 @@
// checkout
Lock("$gblFsRoot/$relDir/$F");
header("Content-Disposition: attachment; filename=$F" );
- Header("Location: ".urlpath("$relDir/$F"));
+ Header("Location: $webRoot".urlpath("$relDir/$F"));
exit;
case "Ci" :
$F=stripSlashes($F);
@@ -1454,7 +1467,7 @@
// view
LogIt("$gblFsRoot/$relDir/$F","viewed");
header("Content-Disposition: attachment; filename=$F" );
- Header("Location: ".urlpath("$relDir/$F"));
+ Header("Location: $webRoot".urlpath("$relDir/$F"));
exit;
case "Ch" :
StartHTML("(File changes)","All changes chronologicaly...");