--- docman.php	2001/04/06 08:46:42	1.40
+++ docman.php	2001/06/21 08:56:35	1.45
@@ -120,6 +120,12 @@
 	$gblImages   = array( ".jpg",".jpeg",".gif",".png",".ico",
 	                      ".bmp",".xbm") ;
 
+	// which files to hide (separated by ,)
+	$gblHide = "";
+
+	// Where are users? (by default in .htusers file)
+	$gblUsers = "htusers_file";
+
 //////////////////////////////////////////////////////////////////
 
 function StartHTML($title,$text="") {
@@ -630,7 +636,7 @@
 
 function Navigate($fsRoot,$relDir) {
 
-	global $gblEditable, $gblIcon, $gblModDays, $webRoot ;
+	global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide ;
 
 	$self     = $GLOBALS["PHP_SELF"] ;
 
@@ -638,11 +644,13 @@
 
 	if (!is_dir($fsDir)) Error("Dir not found",$relDir) ; 
 
+	$hide_items=",$gblHide,";
+
 	// read directory contents
 	if ( !($dir = @opendir($fsDir)) ) 
 		Error("Read Access denied",$relDir) ;
 	while ($item = readdir($dir)) {
-		if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
+		if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
 		if ( is_dir($fsDir . $item) ) {
 			$dirList[] = $item ;
 		} else if ( is_file($fsDir . $item) ) {
@@ -661,7 +669,7 @@
 	// scan deleted files
 	if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
 		while ($item = readdir($dir)) {
-			if ( substr($item,0,1) == "." ) continue ;
+			if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
 			$fileList[] = ".del/$item" ;		
 		}
 		closedir($dir) ; 
@@ -694,12 +702,20 @@
 <?php
 	}
 
+function plural($name,$count) {
+	$out="$count $name";
+	if ($count > 1) {
+		$out.="s";
+	}
+	return $out;
+}
+
 	// output subdirs
 	if (sizeof($dirList) > 0) {
 		sort($dirList) ; 
 ?>
 
-<TR><TD></TD><TD COLSPAN=2 CLASS=TOP>DIRECTORY NAME</TD><TD COLSPAN=3 CLASS=TOP>DIRECTORY NOTE</TR>
+<TR><TD></TD><TD COLSPAN=2 CLASS=TOP>DIRECTORY NAME (<?= plural("dir",sizeof($dirList)) ?>)</TD><TD COLSPAN=3 CLASS=TOP>DIRECTORY NOTE</TR>
 
 <?php
 		while (list($key,$dir) = each($dirList)) {
@@ -724,7 +740,7 @@
 
 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
 </B></TD></TR>
-<TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
+<TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME (<?= plural("file",sizeof($fileList)) ?>)</TD>
 <TD><?= $gblIcon("blank").$gblIcon("blank") ?></TD>
 <TD CLASS=TOP>NOTE</TD>
 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
@@ -977,7 +993,7 @@
 		$msg=fgets($note,4096);
 		fclose($note);
 	}
-	return StripSlashes($msg);
+	return HtmlSpecialChars(StripSlashes($msg));
 
 }
 
@@ -1167,38 +1183,20 @@
 	// creation if password not yet set.
 	if ($STYLE == "get") { CSS() ; exit ; }
 
-	$htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
-	if (! file_exists($htusers_file)) {
-		if (is_writeable(dirname($SCRIPT_FILENAME))) {
-			$htusers=fopen($htusers_file,"a+");
-			fputs($htusers,"# Change owner of $htusers_file to root !!\n");
-			fputs($htusers,"demo:full name:[md5_hash|auth_*]:e-mail\n");
-			fclose($htusers);
-			Error("Proto user file created!","Please edit <tt>$htusers_file</tt> and set it correct permissions (<B>not writable by web server as it is now!</b>). You can add users using <tt>adduser.pl</tt> script!");
-			exit;
-		} else {
-			Error("Can't create proto user file!","Please make directory <tt>".dirname($htusers_file)."</tt> writable or create <tt>.htusers</tt> file by hand using <tt>adduser.pl</tt> script!");
-			exit;
-		}
+	$fsScriptDir  = dirname($SCRIPT_FILENAME) ; 	
+	// i.e. /home/httpd/html/docman
+
+	// read user-defined configuration
+	if (file_exists("$fsScriptDir/.docman.conf")) {
+		include("$fsScriptDir/.docman.conf");
 	}
-	$htusers=fopen($htusers_file,"r");
-	while($user = fgetcsv($htusers,255,":")) {
-		if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
-			$gblUserName=$user[1];
-			$gblPw=$user[2];
-			if (substr($gblPw,0,5) == "auth_" && file_exists("$gblIncDir/$gblPw.php")) {
-				require("$gblIncDir/$gblPw.php");
-				if ($gblPw($user)) {
-					$gblPw=md5($PHP_AUTH_USER.$PHP_AUTH_PW);
-				} else {
-					$gblPw="error".md5($PHP_AUTH_USER.$PHP_AUTH_PW);
-				}
-			}
-			$gblEmail=$user[3];
-			continue ;
-		}
+
+	// where do we get users from?
+	if (file_exists("$gblIncDir/$gblUsers.php")) {
+		include("$gblIncDir/$gblUsers.php");
+	} else {
+		Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/$gblUsers.php</tt> ! Please fix <tt>$fsScriptDir/.docman.conf</tt>");
 	}
-	fclose($htusers);
 
 	// authentication failure
 	if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
@@ -1230,9 +1228,6 @@
 	$relScriptDir = dirname($SCRIPT_NAME) ;  	
 	// i.e. /docman
 
-	$fsScriptDir  = dirname($SCRIPT_FILENAME) ; 	
-	// i.e. /home/httpd/html/docman
-
 	// start on server root
 //	$gblFsRoot = substr($fsScriptDir,0, strlen($fsScriptDir)-strlen($relScriptDir)) ;
 	// or on script root
@@ -1251,9 +1246,6 @@
 
 	$FN=stripSlashes($FN);
 
-	if (file_exists("$fsScriptDir/.docman.conf")) {
-		include("$fsScriptDir/.docman.conf");
-	}
 
 	switch ($POSTACTION) {
 	case "UPLOAD" :
