--- docman.php	2001/01/30 16:48:36	1.31
+++ docman.php	2001/06/20 10:29:19	1.43
@@ -120,6 +120,9 @@
 	$gblImages   = array( ".jpg",".jpeg",".gif",".png",".ico",
 	                      ".bmp",".xbm") ;
 
+	// Where are users? (by default in .htusers file)
+	$gblUsers = "htusers_file";
+
 //////////////////////////////////////////////////////////////////
 
 function StartHTML($title,$text="") {
@@ -222,7 +225,11 @@
 		Error("Creation denied",$relDir) ;
 
 	$text  = "Use this page to view, modify or " ;
-	$text .= "delete a single document on this " ;
+	if (is_dir($fsPath)) {
+		$text .="delete a directory on this " ;
+	} else {
+		$text .= "delete a single document on this " ;
+	};
 	$text .= "web site." ;	
 	$title = "(Detail Page)" ;
 	StartHTML($title, $text) ;
@@ -232,18 +239,23 @@
 		$fsize = filesize($fsPath) ; 
 		$fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
 		$faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
-		echo "<PRE>    file size: " . $fsize . " Bytes<BR>" ;
+		$fuid=fileowner($fsPath);
+		$fgid=filegroup($fsPath);
+		$userinfo = posix_getpwuid($fuid);
+		$grpinfo = posix_getgrgid($fgid);
+		echo "<PRE>";
+		if (!is_dir($fsPath)) echo "    file size: " . $fsize . " Bytes<BR>" ;
 		echo "last modified: <B>" . $fmodified . "</B><BR>" ;
 		echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
-		echo "        owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
-		echo "        group: <B>" . filegroup($fsPath) . "</B><BR>" ;
+		echo "        owner: <B>" . $userinfo["name"] . " [$fuid]</B><BR>" ;
+		echo "        group: <B>" . $grpinfo["name"] . " [$fgid]</B><BR>" ;
 		echo "  permissions: <B>" ; 
 		echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
 		echo "</PRE>" ;
 
 	}
 
-	if ( $editable && ($writable || !$exists) && !$file_lock ) { 
+	if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) { 
 		$fh = fopen($fsPath,"a+") ;
 		rewind($fh) ;
 		$fstr = fread($fh,filesize($fsPath)) ;
@@ -350,7 +362,12 @@
 			array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
 		}
 		fclose($log);
-		print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
+		if (is_dir("$fsDir/$fn")) {
+			$whatis="DIRECTORY";
+		} else {
+			$whatis="FILE";
+		}
+		print "<hr><br><b>CHANGES TO THIS $whatis</b><br><table border=0 width=100%>\n";
 		$bakcount = 0;	// start from 0, skip fist backup (it's current)
 		while ($e = array_shift($logarr)) {
 			if (strstr($e[4],"upload")) {
@@ -680,23 +697,36 @@
 <?php
 	}
 
+function plural($name,$count) {
+	$out="$count $name";
+	if ($count > 1) {
+		$out.="s";
+	}
+	return $out;
+}
+
 	// output subdirs
 	if (sizeof($dirList) > 0) {
 		sort($dirList) ; 
 ?>
 
-<TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
+<TR><TD></TD><TD COLSPAN=2 CLASS=TOP>DIRECTORY NAME (<?= plural("dir",sizeof($dirList)) ?>)</TD><TD COLSPAN=3 CLASS=TOP>DIRECTORY NOTE</TR>
 
 <?php
 		while (list($key,$dir) = each($dirList)) {
 
+			$info_url=$self."?A=E&F=".urlencode($dir)."&D=".urlencode($relDir);
 			$tstr = "<A HREF=\"" . $self . "?D=" ; 
 			$tstr .= urlencode($relDir."/".$dir) ;
 			$tstr .= "\">" . $dir . "/</A>" ;
+			$note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($fsDir.$dir);
 ?>
 
-<TR><TD><?= $gblIcon("fldr") ?></TD>
-<TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
+<TR><TD>
+<A HREF="<?= $info_url ?>" TITLE="View/Edit">
+<?= $gblIcon("fldr") ?></A></TD>
+<TD COLSPAN=2 CLASS=LST><?= $tstr ?></TD>
+<TD COLSPAN=3 CLASS=LST><?= $note_html ?></TD></TR>
 
 <?php
 		}  // iterate over dirs
@@ -705,7 +735,7 @@
 
 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
 </B></TD></TR>
-<TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
+<TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME (<?= plural("file",sizeof($fileList)) ?>)</TD>
 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
 <TD CLASS=TOP>NOTE</TD>
 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
@@ -837,7 +867,8 @@
  <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
  <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
  <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
- <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR> 
+ <INPUT TYPE="SUBMIT" VALUE="CREATE" NAME="CREATE">
+ </NOBR> 
  <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
  </NOBR>
 </TD></TR>
@@ -957,7 +988,7 @@
 		$msg=fgets($note,4096);
 		fclose($note);
 	}
-	return StripSlashes($msg);
+	return HtmlSpecialChars(StripSlashes($msg));
 
 }
 
@@ -1038,12 +1069,40 @@
 
 //////////////////////////////////////////////////////////////////
 
-function safe_rename($from,$to) {
-	if (file_exists($from) && is_writable(dirname($to))) {
-		rename($from,$to);
+function safe_rename($fromdir,$fromfile,$tofile) {
+	function try_rename($from,$to) {
+#		print "$from -> $to\n";
+		if (file_exists($from) && is_writeable(dirname($to))) {
+			rename($from,$to);
+		}
+	}
+
+	function try_dir($todir) {
+		if (! file_exists($todir)) {
+			mkdir($todir,0700);
+	        }
+	}
+
+	$to="$fromdir/$tofile";
+	$todir=dirname($to);
+	$tofile=basename($to);
+
+#	print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n";
+
+	try_rename("$fromdir/$fromfile","$todir/$tofile");
+	try_dir("$todir/.log");
+	try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
+	try_dir("$todir/.note");
+	try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
+	try_dir("$todir/.lock");
+	try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
+	try_dir("$todir/.bak");
+	for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
+		try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
 	}
 }
 
+
 //////////////////////////////////////////////////////////////////
 
 // recursivly delete directory
@@ -1119,36 +1178,20 @@
 	// creation if password not yet set.
 	if ($STYLE == "get") { CSS() ; exit ; }
 
-	$htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
-	if (! file_exists($htusers_file)) {
-		if (is_writable($htuser_file)) {
-			$htusers=fopen($htusers_file,"a+");
-			fputs($htusers,"# Change owner of $htusers_file to root !!\n");
-			fputs($htusers,"demo:full name:[md5_hash|auth_*]:e-mail\n");
-			fclose($htusers);
-		} else {
-			Error("Can't create proto user file!","Please make directory <tt>".dirname($htusers_file)."</tt> writable or create <tt>.htusers</tt> file by hand using <tt>adduser.pl</tt> script!");
-			exit;
-		}
+	$fsScriptDir  = dirname($SCRIPT_FILENAME) ; 	
+	// i.e. /home/httpd/html/docman
+
+	// read user-defined configuration
+	if (file_exists("$fsScriptDir/.docman.conf")) {
+		include("$fsScriptDir/.docman.conf");
 	}
-	$htusers=fopen($htusers_file,"r");
-	while($user = fgetcsv($htusers,255,":")) {
-		if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
-			$gblUserName=$user[1];
-			$gblPw=$user[2];
-			if (substr($gblPw,0,5) == "auth_" && file_exists("$gblIncDir/$gblPw.php")) {
-				require("$gblIncDir/$gblPw.php");
-				if ($gblPw($user)) {
-					$gblPw=md5($PHP_AUTH_USER.$PHP_AUTH_PW);
-				} else {
-					$gblPw="error".md5($PHP_AUTH_USER.$PHP_AUTH_PW);
-				}
-			}
-			$gblEmail=$user[3];
-			continue ;
-		}
+
+	// where do we get users from?
+	if (file_exists("$gblIncDir/$gblUsers.php")) {
+		include("$gblIncDir/$gblUsers.php");
+	} else {
+		Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/$gblUsers.php</tt> ! Please fix <tt>$fsScriptDir/.docman.conf</tt>");
 	}
-	fclose($htusers);
 
 	// authentication failure
 	if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
@@ -1165,6 +1208,8 @@
 		$relDir = urldecode($D) ;  // then use GET
 	}	
 
+	$relDir=stripSlashes($relDir);
+
 	if ($relDir == "/") $relDir = "" ; 	
 	// default : website root = ""
 
@@ -1178,9 +1223,6 @@
 	$relScriptDir = dirname($SCRIPT_NAME) ;  	
 	// i.e. /docman
 
-	$fsScriptDir  = dirname($SCRIPT_FILENAME) ; 	
-	// i.e. /home/httpd/html/docman
-
 	// start on server root
 //	$gblFsRoot = substr($fsScriptDir,0, strlen($fsScriptDir)-strlen($relScriptDir)) ;
 	// or on script root
@@ -1199,6 +1241,7 @@
 
 	$FN=stripSlashes($FN);
 
+
 	switch ($POSTACTION) {
 	case "UPLOAD" :
 		if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
@@ -1274,7 +1317,7 @@
 // this functionality is doubled in DetailView().
 // better keep it here altogether
 // chmod perms to $gblFilePerms
-			if ( file_exists($path) && !is_writable($path) ) 
+			if ( file_exists($path) && !is_writeable($path) ) 
 				Error("File not writable", $relPath) ;
 			$fh = fopen($path, "w+") ;
 			if ($fh) {
@@ -1346,14 +1389,7 @@
 		if ( $CONFIRM != "on" ) break ;
 
 		Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
-		safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
-		safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
-		safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
-		safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
-		for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
-			safe_rename("$fsDir/.bak/$i/$FN","$fsDir/.bak/$i/$NEWNAME");
-		}
-
+		safe_rename($fsDir,$FN,$NEWNAME);
 		break ;
 
 	case "NOTE" :  
@@ -1399,7 +1435,7 @@
 	case "E" :
 		$F=stripSlashes($F);
 		// detail of $relDir/$F
-		if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
+		if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
 		exit ;
 	case "C" :
 		$F=stripSlashes($F);