--- docman.php 2000/12/21 08:46:18 1.27 +++ docman.php 2001/12/14 16:58:27 1.48 @@ -51,7 +51,7 @@ deleted files! .htusers is in form: - login:Real Name:md5(loginpassword) + login:Real Name:[md5(loginpassword)|auth_*]:email@host.dom TODO: @@ -75,41 +75,25 @@ // error_reporting(4) ; // how verbose ? - // username/password should not be system - // usernames/passwords !! + // from where to include auth_*.php modules? + $gblIncDir = "/home/httpd/docman"; -// $gblPw = "hash_of_your_username_and_password" ; + // do we want to force download? (default is 0 for backward + // compatibility, but it's defined as 1 in docman.conf for all + // future applications! + $gblForceDownload = 0; -// $gblAuth = false ; // use builtin authentication - $gblAuth = true ; // use builtin authentication - $gblHash = "md5" ; // hash function to use + // username/password should not be system + // usernames/passwords !! $gblPw = ""; - if ($gblAuth) { - $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers"; - if (! file_exists($htusers_file)) { - $htusers=fopen($htusers_file,"a+"); - fputs($htusers,"# Change owner of $htusers_file to root !!\n"); - fputs($htusers,"demo:full name:md5_hash\n"); - fclose($htusers); - } - $htusers=fopen($htusers_file,"r"); - while($user = fgetcsv($htusers,255,":")) { - if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) { - $gblUserName=$user[1]; - $gblPw=$user[2]; - $gblEmail=$user[3]; - continue ; - } - } - fclose($htusers); - } - + // date format // $gblDateFmt="D, F d, Y"; -// $gblTimeFmt="g:i:sA"; - $gblDateFmt="Y-m-d"; + + // time format +// $gblTimeFmt="g:i:sA"; $gblTimeFmt="H:i:s"; // Number of backup files to keep @@ -121,12 +105,12 @@ // choose GifIcon below unless you have the M$ // WingDings font installed on your system - $gblIcon = "GifIcon" ; // MockIcon or GifIcon + $gblIcon="GifIcon"; // MockIcon or GifIcon // the directory below should be /icons/ or /icons/small/ // on Apache; a set of icons is included in the distribution - $gblIconLocation = "/icons/" ; + $gblIconLocation="/icons/"; // files you want to be able to edit in text mode // and view with (primitive) syntax highlighting @@ -141,11 +125,19 @@ $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico", ".bmp",".xbm") ; + // which files to hide (separated by ,) + $gblHide = ""; + + // Where are users? (by default in .htusers file) + $gblUsers = "htusers_file"; + ////////////////////////////////////////////////////////////////// + $gblVersion = "1.8-dev"; + function StartHTML($title,$text="") { - $title = "Site Manager " . $title ; + $title = "Document Manager " . $title ; $host = $GLOBALS["HTTP_HOST"] ; $self = $GLOBALS["PHP_SELF"] ; ?> @@ -153,7 +145,7 @@
-= date($GLOBALS[gblDateFmt]) ?> -
-= date($GLOBALS[gblTimeFmt]) ?> -
-= $GLOBALS[gblUserName] ?>
- [?relogin== $GLOBALS[gblPw] ?>">logout]
+= date($gblDateFmt) ?> -
+= date($gblTimeFmt) ?> -
+= $gblUserName ?>
+ [logout]
-
ANYPORTAL(php) Site Manager
-
+
+Document Manager = $gblVersion ?>, based on ANYPORTAL(php) Site Manager
+
© 1999 by ANYPORTAL,
© 2000 by d@nger.org,
© 2000 by DbP
@@ -224,7 +220,7 @@
function DetailPage($fsRoot,$relDir,$fn) {
- global $gblEditable, $gblImages ;
+ global $gblEditable, $gblImages, $webRoot ;
$self = $GLOBALS["PHP_SELF"] ;
$relPath = $relDir . "/" . $fn ;
@@ -243,7 +239,11 @@
Error("Creation denied",$relDir) ;
$text = "Use this page to view, modify or " ;
- $text .= "delete a single document on this " ;
+ if (is_dir($fsPath)) {
+ $text .="delete a directory on this " ;
+ } else {
+ $text .= "delete a single document on this " ;
+ };
$text .= "web site." ;
$title = "(Detail Page)" ;
StartHTML($title, $text) ;
@@ -253,18 +253,23 @@
$fsize = filesize($fsPath) ;
$fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
$faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
- echo " file size: " . $fsize . " Bytes
" ;
+ $fuid=fileowner($fsPath);
+ $fgid=filegroup($fsPath);
+ $userinfo = posix_getpwuid($fuid);
+ $grpinfo = posix_getgrgid($fgid);
+ echo "";
+ if (!is_dir($fsPath)) echo " file size: " . $fsize . " Bytes
" ;
}
- if ( $editable && ($writable || !$exists) && !$file_lock ) {
+ if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) {
$fh = fopen($fsPath,"a+") ;
rewind($fh) ;
$fstr = fread($fh,filesize($fsPath)) ;
@@ -292,7 +297,7 @@
}
if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
$info = getimagesize($fsPath) ;
- $tstr = "" ;
// echo htmlentities($tstr) . "
" ;
echo "last modified: " . $fmodified . "
" ;
echo "last accessed: " . $faccessed . "
" ;
- echo " owner: " . fileowner($fsPath) . "
" ;
- echo " group: " . filegroup($fsPath) . "
" ;
+ echo " owner: " . $userinfo["name"] . " [$fuid]
" ;
+ echo " group: " . $grpinfo["name"] . " [$fgid]
" ;
echo " permissions: " ;
echo printf( "%o", fileperms($fsPath) ) . "" ;
echo "
" . $tstr ;
@@ -366,17 +371,22 @@
$log=fopen($logname,"r");
$cl1=" class=LST"; $cl2="";
$logarr = array();
- while($line = fgetcsv($log,255,"\t")) {
+ while($line = fgetcsv($log,512,"\t")) {
$cl=$cl1; $cl1=$cl2; $cl2=$cl;
array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
}
fclose($log);
- print "
CHANGES TO THIS FILE\n";
+ if (is_dir("$fsDir/$fn")) {
+ $whatis="DIRECTORY";
+ } else {
+ $whatis="FILE";
+ }
+ print "
CHANGES TO THIS $whatis\n";
$bakcount = 0; // start from 0, skip fist backup (it's current)
while ($e = array_shift($logarr)) {
if (strstr($e[4],"upload")) {
if (file_exists("$bakdir/$bakcount/$name")) {
- $e[4]="$e[4]";
+ $e[4]="$e[4]";
}
$bakcount++;
}
@@ -637,23 +647,21 @@
function Navigate($fsRoot,$relDir) {
- global $gblEditable, $gblIcon, $gblModDays ;
+ global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide ;
$self = $GLOBALS["PHP_SELF"] ;
- if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
- $webRoot = "https://" . $GLOBALS["HTTP_HOST"] ;
- } else {
- $webRoot = "http://" . $GLOBALS["HTTP_HOST"] ;
- }
- $fsDir = $fsRoot . $relDir . "/" ; // current directory
+
+ $fsDir = $fsRoot . $relDir . "/" ; // current directory
if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
+ $hide_items=",$gblHide,";
+
// read directory contents
if ( !($dir = @opendir($fsDir)) )
Error("Read Access denied",$relDir) ;
while ($item = readdir($dir)) {
- if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
+ if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
if ( is_dir($fsDir . $item) ) {
$dirList[] = $item ;
} else if ( is_file($fsDir . $item) ) {
@@ -672,7 +680,7 @@
// scan deleted files
if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
while ($item = readdir($dir)) {
- if ( substr($item,0,1) == "." ) continue ;
+ if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
$fileList[] = ".del/$item" ;
}
closedir($dir) ;
@@ -705,23 +713,36 @@
1) {
+ $out.="s";
+ }
+ return $out;
+}
+
// output subdirs
if (sizeof($dirList) > 0) {
sort($dirList) ;
?>
-
+
DIRECTORY NAME
" . $dir . "/" ;
+ $note_html="".$gblIcon("note")."".ReadNote($fsDir.$dir);
?>
-DIRECTORY NAME (= plural("dir",sizeof($dirList)) ?>) DIRECTORY NOTE
+= $gblIcon("fldr") ?>
-= $tstr ?>
+
+= $gblIcon("fldr") ?>
+= $tstr ?>
+= $note_html ?>
-
= $webRoot . $relDir ?>
DOCUMENT NAME
+
@@ -828,7 +849,7 @@
}
- if ($emptyDir) {
+ if ($emptyDir && $relDir != "") {
?>
-
- $to\n";
+ if (file_exists($from) && is_writeable(dirname($to))) {
+ rename($from,$to);
+ }
+ }
+
+ function try_dir($todir) {
+ if (! file_exists($todir)) {
+ mkdir($todir,0700);
+ }
+ }
+
+ $to="$fromdir/$tofile";
+ $todir=dirname($to);
+ $tofile=basename($to);
+
+# print "DOCUMENT NAME (= plural("file",sizeof($fileList)) ?>)
= $gblIcon("blank").$gblIcon("blank") ?>
NOTE
LAST UPDATE FILE SIZE $fromdir / $fromfile -> $todir / $tofile\n\n";
+
+ try_rename("$fromdir/$fromfile","$todir/$tofile");
+ try_dir("$todir/.log");
+ try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
+ try_dir("$todir/.note");
+ try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
+ try_dir("$todir/.lock");
+ try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
+ try_dir("$todir/.bak");
+ for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
+ try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
}
}
+
//////////////////////////////////////////////////////////////////
// recursivly delete directory
@@ -1131,6 +1145,7 @@
$log=fopen("$gblFsRoot/.changelog","a+");
if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
$target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
+ $msg=str_replace("\t"," ",$msg);
fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
fclose($log);
@@ -1142,7 +1157,12 @@
if (!file_exists("$gblFsRoot/.changelog")) return;
$log=fopen("$gblFsRoot/.changelog","r");
$logarr = array();
- while($line = fgetcsv($log,255,"\t")) {
+ while($line = fgetcsv($log,512,"\t")) {
+ $line[0] .= sizeof($line);
+ while (sizeof($line) > 4) {
+ $tmp = array_pop($line);
+ $line.=" $tmp";
+ }
if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) {
array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
}
@@ -1164,6 +1184,27 @@
//////////////////////////////////////////////////////////////////
+function Download($path) {
+ global $HTTP_USER_AGENT;
+ $file=basename($path);
+ $size = filesize($path);
+ //header("Content-Type: application/octet-stream");
+ header("Content-Type: application/force-download");
+ header("Content-Length: $size");
+ // IE5.5 just downloads index.php if we don't do this
+ if(preg_match("/MSIE 5.5/", $HTTP_USER_AGENT)) {
+ header("Content-Disposition: filename=$file");
+ } else {
+ header("Content-Disposition: attachment; filename=$file");
+ }
+ header("Content-Transfer-Encoding: binary");
+ $fh = fopen($path, "r");
+ fpassthru($fh);
+}
+
+
+//////////////////////////////////////////////////////////////////
+
// MAIN PROGRAM
// ============
// query parameters: capital letters
@@ -1179,13 +1220,24 @@
// forks before authentication: style sheet and hash
// creation if password not yet set.
if ($STYLE == "get") { CSS() ; exit ; }
- if ($HASH != "") {
- CreateHash($USER, $PW) ;
- exit ;
+
+ $fsScriptDir = dirname($SCRIPT_FILENAME) ;
+ // i.e. /home/httpd/html/docman
+
+ // read user-defined configuration
+ if (file_exists("$fsScriptDir/.docman.conf")) {
+ include("$fsScriptDir/.docman.conf");
+ }
+
+ // where do we get users from?
+ if (file_exists("$gblIncDir/$gblUsers.php")) {
+ include("$gblIncDir/$gblUsers.php");
+ } else {
+ Error("Configuration error","Can't find user handling module at $gblIncDir/$gblUsers.php ! Please fix $fsScriptDir/.docman.conf");
}
- // authentication if $gblAuth == true
- if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
+ // authentication failure
+ if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
isset($relogin) && $gblPw == $relogin ) {
header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ;
header("HTTP/1.0 401 Unauthorized") ;
@@ -1199,6 +1251,8 @@
$relDir = urldecode($D) ; // then use GET
}
+ $relDir=stripSlashes($relDir);
+
if ($relDir == "/") $relDir = "" ;
// default : website root = ""
@@ -1212,9 +1266,6 @@
$relScriptDir = dirname($SCRIPT_NAME) ;
// i.e. /docman
- $fsScriptDir = dirname($SCRIPT_FILENAME) ;
- // i.e. /home/httpd/html/docman
-
// start on server root
// $gblFsRoot = substr($fsScriptDir,0, strlen($fsScriptDir)-strlen($relScriptDir)) ;
// or on script root
@@ -1224,8 +1275,16 @@
$fsDir = $gblFsRoot . $relDir ; // current directory
if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
+ if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
+ $webRoot = "https://";
+ } else {
+ $webRoot = "http://";
+ }
+ $webRoot .= $GLOBALS["HTTP_HOST"] . $relScriptDir;
+
$FN=stripSlashes($FN);
+
switch ($POSTACTION) {
case "UPLOAD" :
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
@@ -1301,7 +1360,7 @@
// this functionality is doubled in DetailView().
// better keep it here altogether
// chmod perms to $gblFilePerms
- if ( file_exists($path) && !is_writable($path) )
+ if ( file_exists($path) && !is_writeable($path) )
Error("File not writable", $relPath) ;
$fh = fopen($path, "w+") ;
if ($fh) {
@@ -1373,14 +1432,7 @@
if ( $CONFIRM != "on" ) break ;
Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
- safe_rename("$fsDir/$FN","$fsDir/$NEWNAME");
- safe_rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
- safe_rename("$fsDir/.note/$FN","$fsDir/.note/$NEWNAME");
- safe_rename("$fsDir/.lock/$FN","$fsDir/.lock/$NEWNAME");
- for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
- safe_rename("$fsDir/.bak/$i/$FN","$fsDir/.bak/$i/$NEWNAME");
- }
-
+ safe_rename($fsDir,$FN,$NEWNAME);
break ;
case "NOTE" :
@@ -1426,7 +1478,7 @@
case "E" :
$F=stripSlashes($F);
// detail of $relDir/$F
- if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
+ if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
exit ;
case "C" :
$F=stripSlashes($F);
@@ -1436,8 +1488,7 @@
case "Co" :
// checkout
Lock("$gblFsRoot/$relDir/$F");
- header("Content-Disposition: attachment; filename=$F" );
- Header("Location: ".urlpath("$relDir/$F"));
+ Download("$gblFsRoot/$relDir/$F");
exit;
case "Ci" :
$F=stripSlashes($F);
@@ -1453,8 +1504,12 @@
case "V" :
// view
LogIt("$gblFsRoot/$relDir/$F","viewed");
- header("Content-Disposition: attachment; filename=$F" );
- Header("Location: ".urlpath("$relDir/$F"));
+ if ($gblForceDownload) {
+ Download("$gblFsRoot/$relDir/$F");
+ } else {
+ header("Content-Disposition: attachment; filename=$F" );
+ Header("Location: $webRoot".urlpath("$relDir/$F"));
+ }
exit;
case "Ch" :
StartHTML("(File changes)","All changes chronologicaly...");