--- docman.php 2000/07/26 11:46:19 1.2
+++ docman.php 2001/01/30 16:48:36 1.31
@@ -35,22 +35,14 @@
/* existent address after file modifications. */
/*
- 2000-07-25 Dobrica Pavlinusic = $text ?>= $host ?>
-
+
- = $title ?>
+
ANYPORTAL(php) Site Manager
@@ -187,7 +168,7 @@
file size: " . $fsize . " Bytes" ; + $fsize = filesize($fsPath) ; + $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ; + $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ; + echo "
" ; - echo "last modified: " . $fmodified . "
" ; - echo "last accessed: " . $faccessed . "
" ; - echo " owner: " . fileowner($fsPath) . "
" ; - echo " group: " . filegroup($fsPath) . "
" ; - echo " permissions: " ; - echo printf( "%o", fileperms($fsPath) ) . "" ; - echo "
file size: " . $fsize . " Bytes" ; } - if ( $editable && ($writable || !$exists) ) { + if ( $editable && ($writable || !$exists) && !$file_lock ) { $fh = fopen($fsPath,"a+") ; rewind($fh) ; $fstr = fread($fh,filesize($fsPath)) ; @@ -269,17 +251,17 @@ $fstr = htmlentities( $fstr ) ; ?> - - $logname=dirname("$fsDir/$fn")."/.log/".basename("$fsDir/$fn"); +
" ; + echo "last modified: " . $fmodified . "
" ; + echo "last accessed: " . $faccessed . "
" ; + echo " owner: " . fileowner($fsPath) . "
" ; + echo " group: " . filegroup($fsPath) . "
" ; + echo " permissions: " ; + echo printf( "%o", fileperms($fsPath) ) . "" ; + echo "
$line[0] | $line[1] | $line[2] | $line[3] |
$e[1] | $e[2] | $e[3] | $e[4] |
- - | |||||||||||||||||||||||||||
= $gblIcon("up") ?> | + += $parent ?> | ||||||||||||||||||||||||||
DIRECTORY NAME | |||||||||||||||||||||||||||
DIRECTORY NAME | |||||||||||||||||||||||||||
- | |||||||||||||||||||||||||||
= $gblIcon("fldr") ?> | += $tstr ?> | ||||||||||||||||||||||||||
+ = $webRoot . $relDir ?> DOCUMENT NAME |
-
+ | = $gblIcon("blank").$gblIcon("blank") ?> |
+NOTE |
LAST UPDATE | FILE SIZE |
-
- |
-
- |
- |
- | Bytes | |
+= $file_url_html ?> | += $b ?> | += $note_html ?> | += date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?> | += $sz ?>Bytes | |||||||||||
+ No files in this directory + |
".GifIcon(up)." Back to front page.
"; +} ////////////////////////////////////////////////////////////////// @@ -900,15 +1118,42 @@ // forks before authentication: style sheet and hash // creation if password not yet set. if ($STYLE == "get") { CSS() ; exit ; } - if ($HASH != "") { - CreateHash($USER, $PW) ; - exit ; + + $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers"; + if (! file_exists($htusers_file)) { + if (is_writable($htuser_file)) { + $htusers=fopen($htusers_file,"a+"); + fputs($htusers,"# Change owner of $htusers_file to root !!\n"); + fputs($htusers,"demo:full name:[md5_hash|auth_*]:e-mail\n"); + fclose($htusers); + } else { + Error("Can't create proto user file!","Please make directory ".dirname($htusers_file)." writable or create .htusers file by hand using adduser.pl script!"); + exit; + } + } + $htusers=fopen($htusers_file,"r"); + while($user = fgetcsv($htusers,255,":")) { + if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) { + $gblUserName=$user[1]; + $gblPw=$user[2]; + if (substr($gblPw,0,5) == "auth_" && file_exists("$gblIncDir/$gblPw.php")) { + require("$gblIncDir/$gblPw.php"); + if ($gblPw($user)) { + $gblPw=md5($PHP_AUTH_USER.$PHP_AUTH_PW); + } else { + $gblPw="error".md5($PHP_AUTH_USER.$PHP_AUTH_PW); + } + } + $gblEmail=$user[3]; + continue ; + } } + fclose($htusers); - // authentication if $gblAuth == true - if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw || + // authentication failure + if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw || isset($relogin) && $gblPw == $relogin ) { - header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ; + header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ; header("HTTP/1.0 401 Unauthorized") ; NoEntry() ; exit ; @@ -931,18 +1176,29 @@ // i.e. below $gblFsRoot. $relScriptDir = dirname($SCRIPT_NAME) ; - // i.e. /siteman + // i.e. /docman $fsScriptDir = dirname($SCRIPT_FILENAME) ; - // i.e. /home/httpd/html/siteman + // i.e. /home/httpd/html/docman - $gblFsRoot = substr($fsScriptDir,0, - strlen($fsScriptDir)-strlen($relScriptDir)) ; + // start on server root +// $gblFsRoot = substr($fsScriptDir,0, strlen($fsScriptDir)-strlen($relScriptDir)) ; + // or on script root + $gblFsRoot = $fsScriptDir; // i.e. /home/httpd/html $fsDir = $gblFsRoot . $relDir ; // current directory if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ; - + + if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") { + $webRoot = "https://"; + } else { + $webRoot = "http://"; + } + $webRoot .= $GLOBALS["HTTP_HOST"] . $relScriptDir; + + $FN=stripSlashes($FN); + switch ($POSTACTION) { case "UPLOAD" : if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; @@ -951,7 +1207,14 @@ // TODO : should rather check for escapeshellcmds // but maybe RFC 18xx asserts safe filenames .... $source = $FN ; - $target = $fsDir . "/" . $FN_name ; + if (! file_exists($source)) { + Error("You must select file with browse to upload it!"); + } + if (! isset($FILENAME)) { // from update file + $target = "$fsDir/$FN_name" ; + } else { + $target = "$fsDir/$FILENAME"; + } // backup old files first $dir=dirname($target); @@ -963,26 +1226,23 @@ } $file=basename($target); for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) { - if (! file_exists($dir."/.bak/".$i)) { - mkdir($dir."/.bak/".$i,0700); - } - if (file_exists($dir."/.bak/".$i."/".$file)) { - rename($dir."/.bak/".$i."/".$file, - $dir."/.bak/".($i+1)."/".$file); - } - } - if (file_exists($target)) { - rename($target,$dir."/.bak/1/".$file); + MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/"); } + MoveTo($target,$dir."/.bak/1/"); copy($source,$target) ; chmod($target,$gblFilePerms) ; clearstatcache() ; Logit($target,"uploaded"); + if (isset($FILENAME)) { + Unlock($target); + } + ChangeLog($target,"updated"); break ; case "SAVE" : - $path = $gblFsRoot . escapeshellcmd($RELPATH) ; + $path = $gblFsRoot . $RELPATH ; + $path=stripSlashes($path); $writable = is_writeable($path) ; $legaldir = is_writeable(dirname($path)) ; $exists = (file_exists($path)) ? 1 : 0 ; @@ -990,10 +1250,12 @@ if (!($writable || (!$exists && $legaldir))) Error("Write denied",$RELPATH) ; $fh = fopen($path, "w") ; + $FILEDATA=stripSlashes($FILEDATA); fwrite($fh,$FILEDATA) ; fclose($fh) ; clearstatcache() ; Logit($path,"saved changes"); + ChangeLog($path,"saved changes"); break ; case "CREATE" : @@ -1004,19 +1266,28 @@ $relPath = $relDir . "/" . $FN ; switch ( $T ) { case "D" : // create a directory - if ( ! @mkdir($path,$gblDirPerms) ) - Error("Mkdir failed",$relPath) ; // eg. if it exists - clearstatcache() ; - break ; + if ( ! @mkdir($path,$gblDirPerms) ) + Error("Mkdir failed",$relPath) ; // eg. if it exists + clearstatcache() ; + break ; case "F" : // create a new file // this functionality is doubled in DetailView(). // better keep it here altogether // chmod perms to $gblFilePerms - if ( file_exists($path) && !is_writable($path) ) - Error("File not writable", $relPath) ; - $tstr = $PHP_SELF . "?A=E&D=" . $relDir . "&F=" . $FN ; - header("Location: " . $tstr) ; - exit ; + if ( file_exists($path) && !is_writable($path) ) + Error("File not writable", $relPath) ; + $fh = fopen($path, "w+") ; + if ($fh) { + fputs($fh,"\n"); + fclose($fh) ; + LogIt($path,"file created"); + } else { + Error("Creation of file $relPath failed -- $path"); + } + $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ; + header("Location: " . $tstr) ; + ChangeLog($target,"created"); + exit ; } break ; @@ -1042,14 +1313,13 @@ exit ; } else { Logit($path,"file deleted"); - if (! file_exists("$dir/.del/.log")) { - mkdir("$dir/.del/.log",0700); - } - rename("$dir/.log/$file","$dir/.del/.log/$file"); + MoveTo("$dir/.log/$file","$dir/.del/.log/"); + MoveTo("$dir/.note/$file","$dir/.del/.note/"); + MoveTo("$dir/.lock/$file","$dir/.del/.lock/"); } } else { // delete directory - if ( ! @rmdir($fsDir) ) { + if ( ! @rrmdir($fsDir) ) { Error("Rmdir failed", $tstr . $fsDir) ; } else { @@ -1065,8 +1335,10 @@ $file=substr($FN,4,strlen($FN)-4); Logit("$fsDir/.del/$file","undeleted"); - rename("$fsDir/.del/$file","$fsDir/$file"); - rename("$fsDir/.del/.log/$file","$fsDir/.log/$file"); + MoveTo("$fsDir/.del/$file","$fsDir/"); + MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/"); + MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/"); + MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/"); break ; @@ -1074,9 +1346,23 @@ if ( $CONFIRM != "on" ) break ; Logit("$fsDir/$FN","renamed $FN to $NEWNAME"); - rename("$fsDir/$FN","$fsDir/$NEWNAME"); - rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME"); + safe_rename("$fsDir/$FN","$fsDir/$NEWNAME"); + safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME"); + safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME"); + safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME"); + for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) { + safe_rename("$fsDir/.bak/$i/$FN","$fsDir/.bak/$i/$NEWNAME"); + } + + break ; + + case "NOTE" : + WriteNote("$fsDir/$FN","$NOTE"); + break ; + case "UNLOCK" : + if ( $CONFIRM != "on" ) break ; + Unlock("$fsDir/$FN"); break ; default : @@ -1094,27 +1380,65 @@ // $A=U : upload to path given in $D // $A=E : display detail of file $D/$F and edit // $A=C : display code in file $D/$F + // $A=Co : checkout file $D/$F + // $A=Ci : checkin file $D/$F + // $A=V : view file (do nothing except log) // default : display directory $D - + switch ($A) { case "U" : // upload to $relDir if (!is_writeable($gblFsRoot . $relDir)) Error("Write access denied",$relDir) ; $text = "Use this page to upload a single " ; - $text .= "file to $SERVER_NAME." ; + $text .= "file to $HTTP_HOST." ; StartHTML("(Upload Page)", $text) ; UploadPage($gblFsRoot, $relDir) ; EndHTML() ; exit ; case "E" : + $F=stripSlashes($F); // detail of $relDir/$F if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ; exit ; case "C" : + $F=stripSlashes($F); // listing of $relDir/$F DisplayCode($gblFsRoot, $relDir, $F) ; exit ; + case "Co" : + // checkout + Lock("$gblFsRoot/$relDir/$F"); + header("Content-Disposition: attachment; filename=$F" ); + Header("Location: $webRoot".urlpath("$relDir/$F")); + exit; + case "Ci" : + $F=stripSlashes($F); + // upload && update to $relDir + if (!is_writeable($gblFsRoot . $relDir)) + Error("Write access denied",$relDir) ; + $text = "Use this page to update a single " ; + $text .= "file to $HTTP_HOST." ; + StartHTML("(Update file Page)", $text) ; + UploadPage($gblFsRoot, $relDir, $F) ; + EndHTML() ; + exit ; + case "V" : + // view + LogIt("$gblFsRoot/$relDir/$F","viewed"); + header("Content-Disposition: attachment; filename=$F" ); + Header("Location: $webRoot".urlpath("$relDir/$F")); + exit; + case "Ch" : + StartHTML("(File changes)","All changes chronologicaly..."); + DisplayChangeLog(0); // all + EndHTML() ; + exit; + case "Ch1" : + StartHTML("(File changes)","Changes to files in last day..."); + DisplayChangeLog(1); + EndHTML() ; + exit; } // default: display directory $relDir