--- docman.php 2001/04/06 08:46:42 1.40 +++ docman.php 2001/10/29 16:20:28 1.46 @@ -78,6 +78,11 @@ // from where to include auth_*.php modules? $gblIncDir = "/home/httpd/docman"; + // do we want to force download? (default is 0 for backward + // compatibility, but it's defined as 1 in docman.conf for all + // future applications! + $gblForceDownload = 0; + // username/password should not be system // usernames/passwords !! @@ -120,8 +125,16 @@ $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico", ".bmp",".xbm") ; + // which files to hide (separated by ,) + $gblHide = ""; + + // Where are users? (by default in .htusers file) + $gblUsers = "htusers_file"; + ////////////////////////////////////////////////////////////////// + $gblVersion = "1.8-dev"; + function StartHTML($title,$text="") { $title = "Document Manager " . $title ; @@ -132,7 +145,7 @@ <?= $host . " " . $title ?> - + @@ -151,17 +164,21 @@ ////////////////////////////////////////////////////////////////// function EndHTML() { + +global $gblDateFmt, $gblTimeFmt, $gblUserName, $PHP_SELF, $gblPw, $gblVersion; + ?>

- - - - - - [?relogin=">logout] + - + - + + [logout] -
ANYPORTAL(php) Site Manager -
+
+Document Manager , based on ANYPORTAL(php) Site Manager +
© 1999 by ANYPORTAL, © 2000 by d@nger.org, © 2000 by DbP @@ -630,7 +647,7 @@ function Navigate($fsRoot,$relDir) { - global $gblEditable, $gblIcon, $gblModDays, $webRoot ; + global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide ; $self = $GLOBALS["PHP_SELF"] ; @@ -638,11 +655,13 @@ if (!is_dir($fsDir)) Error("Dir not found",$relDir) ; + $hide_items=",$gblHide,"; + // read directory contents if ( !($dir = @opendir($fsDir)) ) Error("Read Access denied",$relDir) ; while ($item = readdir($dir)) { - if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ; + if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ; if ( is_dir($fsDir . $item) ) { $dirList[] = $item ; } else if ( is_file($fsDir . $item) ) { @@ -661,7 +680,7 @@ // scan deleted files if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) { while ($item = readdir($dir)) { - if ( substr($item,0,1) == "." ) continue ; + if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ; $fileList[] = ".del/$item" ; } closedir($dir) ; @@ -694,12 +713,20 @@ 1) { + $out.="s"; + } + return $out; +} + // output subdirs if (sizeof($dirList) > 0) { sort($dirList) ; ?> -DIRECTORY NAMEDIRECTORY NOTE +DIRECTORY NAME ()DIRECTORY NOTE

-DOCUMENT NAME +DOCUMENT NAME () NOTE LAST UPDATEFILE SIZE @@ -977,7 +1004,7 @@ $msg=fgets($note,4096); fclose($note); } - return StripSlashes($msg); + return HtmlSpecialChars(StripSlashes($msg)); } @@ -1151,6 +1178,27 @@ ////////////////////////////////////////////////////////////////// +function Download($path) { + global $HTTP_USER_AGENT; + $file=basename($path); + $size = filesize($path); + //header("Content-Type: application/octet-stream"); + header("Content-Type: application/force-download"); + header("Content-Length: $size"); + // IE5.5 just downloads index.php if we don't do this + if(preg_match("/MSIE 5.5/", $HTTP_USER_AGENT)) { + header("Content-Disposition: filename=$file"); + } else { + header("Content-Disposition: attachment; filename=$file"); + } + header("Content-Transfer-Encoding: binary"); + $fh = fopen($path, "r"); + fpassthru($fh); +} + + +////////////////////////////////////////////////////////////////// + // MAIN PROGRAM // ============ // query parameters: capital letters @@ -1167,38 +1215,20 @@ // creation if password not yet set. if ($STYLE == "get") { CSS() ; exit ; } - $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers"; - if (! file_exists($htusers_file)) { - if (is_writeable(dirname($SCRIPT_FILENAME))) { - $htusers=fopen($htusers_file,"a+"); - fputs($htusers,"# Change owner of $htusers_file to root !!\n"); - fputs($htusers,"demo:full name:[md5_hash|auth_*]:e-mail\n"); - fclose($htusers); - Error("Proto user file created!","Please edit $htusers_file and set it correct permissions (not writable by web server as it is now!). You can add users using adduser.pl script!"); - exit; - } else { - Error("Can't create proto user file!","Please make directory ".dirname($htusers_file)." writable or create .htusers file by hand using adduser.pl script!"); - exit; - } + $fsScriptDir = dirname($SCRIPT_FILENAME) ; + // i.e. /home/httpd/html/docman + + // read user-defined configuration + if (file_exists("$fsScriptDir/.docman.conf")) { + include("$fsScriptDir/.docman.conf"); } - $htusers=fopen($htusers_file,"r"); - while($user = fgetcsv($htusers,255,":")) { - if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) { - $gblUserName=$user[1]; - $gblPw=$user[2]; - if (substr($gblPw,0,5) == "auth_" && file_exists("$gblIncDir/$gblPw.php")) { - require("$gblIncDir/$gblPw.php"); - if ($gblPw($user)) { - $gblPw=md5($PHP_AUTH_USER.$PHP_AUTH_PW); - } else { - $gblPw="error".md5($PHP_AUTH_USER.$PHP_AUTH_PW); - } - } - $gblEmail=$user[3]; - continue ; - } + + // where do we get users from? + if (file_exists("$gblIncDir/$gblUsers.php")) { + include("$gblIncDir/$gblUsers.php"); + } else { + Error("Configuration error","Can't find user handling module at $gblIncDir/$gblUsers.php ! Please fix $fsScriptDir/.docman.conf"); } - fclose($htusers); // authentication failure if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw || @@ -1230,9 +1260,6 @@ $relScriptDir = dirname($SCRIPT_NAME) ; // i.e. /docman - $fsScriptDir = dirname($SCRIPT_FILENAME) ; - // i.e. /home/httpd/html/docman - // start on server root // $gblFsRoot = substr($fsScriptDir,0, strlen($fsScriptDir)-strlen($relScriptDir)) ; // or on script root @@ -1251,9 +1278,6 @@ $FN=stripSlashes($FN); - if (file_exists("$fsScriptDir/.docman.conf")) { - include("$fsScriptDir/.docman.conf"); - } switch ($POSTACTION) { case "UPLOAD" : @@ -1458,8 +1482,7 @@ case "Co" : // checkout Lock("$gblFsRoot/$relDir/$F"); - header("Content-Disposition: attachment; filename=$F" ); - Header("Location: $webRoot".urlpath("$relDir/$F")); + Download("$gblFsRoot/$relDir/$F"); exit; case "Ci" : $F=stripSlashes($F); @@ -1475,8 +1498,12 @@ case "V" : // view LogIt("$gblFsRoot/$relDir/$F","viewed"); - header("Content-Disposition: attachment; filename=$F" ); - Header("Location: $webRoot".urlpath("$relDir/$F")); + if ($gblForceDownload) { + Download("$gblFsRoot/$relDir/$F"); + } else { + header("Content-Disposition: attachment; filename=$F" ); + Header("Location: $webRoot".urlpath("$relDir/$F")); + } exit; case "Ch" : StartHTML("(File changes)","All changes chronologicaly...");