/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.1 - (show annotations)
Fri May 12 12:01:08 2000 UTC (22 years, 9 months ago) by dpavlin
Branch: MAIN
Branch point for: DbP
Initial revision

1 <?php
2
3 /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4 /* All Rights Reserved. */
5 /* */
6 /* This software is freeware and is not in the public domain. */
7 /* You are hereby granted the right to freely distribute this */
8 /* software as long as this copyright notice remains in place. */
9 /* */
10 /* Comments or suggestions? email: andmore@alief.com */
11 /* */
12 /* This is the PHP port: AnyPortal(php)-0.1 */
13 /* ======================================== */
14 /* */
15 /* PHP version 2000 by Stefan@Wiesendanger.org */
16 /* No Rights Reserved. What for, anyhow ? */
17 /* */
18 /* Date Remarks */
19 /* --------- ----------------------------------------------- */
20 /* 25 MAY 99 original ASP version */
21 /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22 /* 10 APR 00 simplified PHP3 version */
23 /* 18 APR 00 most of PHP3 port working. Slight modifications */
24 /* 22 APR 00 modified syntax highlighting, no absolute paths */
25 /* revealed, PHP builtin authentication, global */
26 /* style sheet as callback, use apache default */
27 /* icons as an alternative to the wingdings font. */
28 /* 25 APR 00 catch some exceptions (not foolproof yet) */
29 /* 26 APR 00 catch some more exceptions, implicit copy */
30 /* function by saving somewhere else in the detail */
31 /* view, MD5 hashed password. */
32 /* 27 APR 00 Fixed authentication bug */
33 /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34 /* PHP3. Fixed bug which would send you to a non- */
35 /* existent address after file modifications. */
36
37 //////////////////////////////////////////////////////////////////
38
39 // TODO : Don't let the file be modified itself. Create a hash of
40 // it (kinda hard since it's self-referential ;-). Make better use
41 // of session management. Escapeshellcmd for all user input.
42
43 //////////////////////////////////////////////////////////////////
44
45 // GLOBAL PARAMETERS
46 // =================
47 // Make modifications here to suit siteman to your needs
48
49 // error_reporting(4) ; // how verbose ?
50
51 // username/password should not be system
52 // usernames/passwords !!
53
54 // your (hashed) username/password here
55 $gblPw = "hash_of_your_username_and_password" ;
56
57 $gblAuth = false ; // use builtin authentication
58 $gblHash = "md5" ; // hash function to use
59
60 // choose GifIcon below unless you have the M$
61 // WingDings font installed on your system
62
63 $gblIcon = "GifIcon" ; // MockIcon or GifIcon
64
65 // the directory below should be /icons/ or /icons/small/
66 // on Apache; a set of icons is included in the distribution
67
68 $gblIconLocation = "icons/" ;
69
70 // files you want to be able to edit in text mode
71 // and view with (primitive) syntax highlighting
72
73 $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
74 ".cfm",".php3",".php",".phtml",
75 ".shtml",".css" ) ;
76
77 // files that will display as images on the detail page
78 // (useless if your browser doesn't support them)
79
80 $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
81 ".bmp",".xbm") ;
82
83 //////////////////////////////////////////////////////////////////
84
85 function StartHTML($title,$text="") {
86
87 $title = "Site Manager " . $title ;
88 $host = $GLOBALS["HTTP_HOST"] ;
89 $self = $GLOBALS["PHP_SELF"] ;
90 ?>
91
92 <HTML>
93 <HEAD>
94 <TITLE><?php echo $host . " " . $title ?></TITLE>
95 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
96 <META NAME="keywords" CONTENT="site manager, web site maintenance">
97 <META NAME="robots" CONTENT="noindex">
98 <META HTTP-EQUIV="expires" CONTENT="0">
99 <LINK REL="stylesheet" TYPE="text/css"
100 HREF="<?php echo $self ?>?STYLE=get">
101 </HEAD>
102 <BODY BGCOLOR="#FFFFFF">
103 <H3 ALIGN="RIGHT"><?php echo $host ?></H3>
104 <TABLE BORDER=0 WIDTH="100%"><TR>
105 <TD CLASS=INV><?php echo $title ?></TD></TR></TABLE>
106 <P><?php echo $text ?></P>
107
108 <?php
109 } // end function StartHTML
110
111 //////////////////////////////////////////////////////////////////
112
113 function EndHTML() {
114 ?>
115
116 <HR>
117 <P CLASS=FTR>
118 <B><?php echo date("D, F d, Y") ?> -
119 <?php echo date("g:i:sA") ?></B><BR>ANYPORTAL(php) Site Manager
120 - &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>
121 - &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>
122 </P>
123 <BR><BR><BR></BODY></HTML>
124
125 <?php
126 } // end function EndHTML
127
128 //////////////////////////////////////////////////////////////////
129
130 function CSS() {
131 ?>
132
133 BODY,TD,P,H1,H2,H3 { font-family:Helvetica,Arial,sans-serif; }
134 .BLK { color:black; }
135 .RED { color:red; }
136 .TOP { color:red; font-size:70%; } /* table headings */
137 .INV { color:white; background-color:navy;
138 font-weight:bold; font-size:120%; } /* title */
139 .FTR { } /* footer */
140 .LST { background-color:#E0E0E0; } /* table cells */
141 .BAR { background-color:#E0E0E0; } /* action bar */
142 PRE { color:blue; font-family:Lucida Console,Courier New,
143 Courier,sans-serif; } /* source code */
144 EM { color:green; font-style:normal; } /* line numbers */
145 .REM { color:silver; }
146 .XML { color:navy; background-color:yellow; }
147 .MCK { color:red; font-family:WingDings; } /* Mock Icons */
148 A:HOVER { color:red; }
149
150 <?php
151 } // end function CSS
152
153 //////////////////////////////////////////////////////////////////
154
155 function DetailPage($fsRoot,$relDir,$fn) {
156
157 global $gblEditable, $gblImages ;
158 $self = $GLOBALS["PHP_SELF"] ;
159
160 $relPath = $relDir . "/" . $fn ;
161 $fsPath = $fsRoot . $relPath ;
162 $fsDir = $fsRoot . $relDir ;
163
164 $exists = file_exists($fsPath) ;
165 $ext = strtolower(strrchr($relPath,".")) ;
166 $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
167 $writable = Writeable($fsPath) ;
168
169 if (!$editable && !$exists)
170 Error("Creation unsupported for type",$relPath) ;
171 if (!exists && !Writeable($fsDir) )
172 Error("Creation denied",$relDir) ;
173
174 $text = "Use this page to view, modify or " ;
175 $text .= "delete a single document on this " ;
176 $text .= "web site." ;
177 $title = "(Detail Page)" ;
178 StartHTML($title, $text) ;
179
180 echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
181 if ($exists) { // get file info
182 $fsize = filesize($fsPath) ;
183 $fmodified = date("d/M/y G:i:s", filemtime($fsPath)) ;
184 $faccessed = date("d/M/y G:i:s", fileatime($fsPath)) ;
185 echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
186 echo "last modified: <B>" . $fmodified . "</B><BR>" ;
187 echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
188 echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
189 echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
190 echo " permissions: <B>" ;
191 echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
192 echo "</PRE>" ;
193 }
194
195 if ( $editable && ($writable || !$exists) ) {
196 $fh = fopen($fsPath,"a+") ;
197 rewind($fh) ;
198 $fstr = fread($fh,filesize($fsPath)) ;
199 fclose($fh) ;
200 $fstr = htmlentities( $fstr ) ;
201 ?>
202
203 <FORM ACTION="<?php echo $self ; ?>" METHOD="POST">
204 <SPAN TITLE="Click [SAVE] to store updated contents.">
205 <B>DOCUMENT CONTENTS</B>
206 </SPAN><BR>
207 <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
208 echo($fstr) ; ?></TEXTAREA>
209 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ; ?>">
210 <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?php echo $fn ; ?>">
211 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
212 <INPUT TYPE="TEXT" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
213 VALUE="<?php echo $relPath ; ?>">
214 <INPUT TYPE="RESET" VALUE="RESET">
215 <INPUT TYPE="SUBMIT" VALUE="SAVE">
216 </FORM>
217
218 <?php
219 }
220 else if ( strstr( join(" ",$gblImages), $ext ) ) {
221 $info = getimagesize($fsPath) ;
222 $tstr = "<IMG SRC=\"". $relPath . "\" BORDER=0 " ;
223 $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
224 $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
225 echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
226 }
227 ?>
228
229 <FORM ACTION="<?php echo $self ; ?>" METHOD="POST">
230 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ; ?>">
231 <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?php echo $fn ; ?>">
232 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
233
234 <?php
235 if ($exists && $writable) {
236 ?>
237
238 <HR><SPAN TITLE="Check OK and click [DELETE] to delete.">
239 <B>OK TO DELETE "<?php echo $fn ; ?>"? </B></SPAN>
240 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
241 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
242
243 <?php
244 }
245 echo "</FORM>" ;
246 EndHTML() ;
247
248 } // end function DetailPage
249
250 //////////////////////////////////////////////////////////////////
251
252 function DisplayCode($fsRoot,$relDir,$fn) {
253
254 $path = $fsRoot . $relDir . "/" . $fn ;
255
256 if (!file_exists($path)) Error("File not found",$path) ;
257
258 StartHTML("(".$relDir."/".$fn.")","");
259
260 $tstr = join("",file($path)) ;
261 $tstr = htmlentities($tstr) ;
262
263 // Tabs
264 $tstr = str_replace(chr(9)," ",$tstr) ;
265
266 // ASP tags & XML/PHP tags
267 $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
268 $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
269 $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
270 $tstr = str_replace("%&gt;",$aspend,$tstr) ;
271
272 $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
273 $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
274 $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
275 $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
276
277 // C style comment
278 $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
279 $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
280
281 // HTML comments
282 $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
283 $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
284
285 echo "<PRE>" ;
286
287 $tstr = split("\n",$tstr) ;
288 for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
289 // add line numbers
290 echo "<BR><EM>" ;
291 echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
292 $line = $tstr[$i] ;
293 // C++ style comments
294 $pos = strpos($line,"//") ;
295 // exceptions: two slashes aren't a script comment
296 if (strstr($line,"//") &&
297 ! ($pos>0 && substr($line,$pos-1,1)==":") &&
298 ! (substr($line,$pos,8) == "//--&gt;") &&
299 ! (substr($line,$pos,9) == "// --&gt;")) {
300 $beg = substr($line,0,strpos($line,"//")) ;
301 $end = strstr($line,"//") ;
302 $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
303 }
304 // shell & asp style comments
305 $first = substr(ltrim($line),0,1) ;
306 if ($first == "#" || $first == "'") {
307 $line = "<SPAN CLASS=REM>".$line."</SPAN>";
308 }
309 print($line) ;
310 } // next i
311
312 echo "</PRE>" ;
313
314 EndHTML() ;
315
316 } // end function DisplayCode
317
318 //////////////////////////////////////////////////////////////////
319
320 function MockIcon($txt) {
321 $tstr = "<SPAN CLASS=MCK>" ;
322
323 switch (strtolower($txt)) {
324 case ".bmp" :
325 case ".gif" :
326 case ".jpg" :
327 case ".jpeg":
328 case ".tif" :
329 case ".tiff":
330 $d = 176 ;
331 break ;
332 case ".doc" :
333 $d = 50 ;
334 break ;
335 case ".exe" :
336 case ".bat" :
337 $d = 255 ;
338 break ;
339 case ".bas" :
340 case ".c" :
341 case ".cc" :
342 case ".src" :
343 $d = 255 ;
344 break ;
345 case "file" :
346 $d = 51 ;
347 break ;
348 case "fldr" :
349 $d = 48 ;
350 break ;
351 case ".htm" :
352 case ".html":
353 case ".asa" :
354 case ".asp" :
355 case ".cfm" :
356 case ".php3":
357 case ".php" :
358 case ".phtml" :
359 case ".shtml" :
360 $d = 182 ;
361 break ;
362 case ".pdf" :
363 $d = 38 ;
364 break;
365 case ".txt" :
366 case ".ini" :
367 $d = 52 ;
368 break ;
369 case ".xls" :
370 $d = 252 ;
371 break ;
372 case ".zip" :
373 case ".arc" :
374 case ".sit" :
375 case ".tar" :
376 case ".gz" :
377 case ".tgz" :
378 case ".Z" :
379 $d = 59 ;
380 break ;
381 case "view" :
382 $d = 52 ;
383 break ;
384 case "up" :
385 $d = 199 ;
386 break ;
387 case "blank" :
388 return "&nbsp;&nbsp;</SPAN>" ;
389 break ;
390 default :
391 $d = 51 ;
392 }
393
394 return $tstr . chr($d) . "</SPAN>" ;
395 } // end function MockIcon
396
397 //////////////////////////////////////////////////////////////////
398
399 function GifIcon($txt) {
400 global $gblIconLocation ;
401
402 switch (strtolower($txt)) {
403 case ".bmp" :
404 case ".gif" :
405 case ".jpg" :
406 case ".jpeg":
407 case ".tif" :
408 case ".tiff":
409 $d = "image2.gif" ;
410 break ;
411 case ".doc" :
412 $d = "layout.gif" ;
413 break ;
414 case ".exe" :
415 case ".bat" :
416 $d = "screw2.gif" ;
417 break ;
418 case ".bas" :
419 case ".c" :
420 case ".cc" :
421 case ".src" :
422 $d = "c.gif" ;
423 break ;
424 case "file" :
425 $d = "generic.gif" ;
426 break ;
427 case "fldr" :
428 $d = "dir.gif" ;
429 break ;
430 case ".phps" :
431 $d = "phps.gif" ;
432 break ;
433 case ".php3" :
434 $d = "php3.gif" ;
435 break ;
436 case ".htm" :
437 case ".html":
438 case ".asa" :
439 case ".asp" :
440 case ".cfm" :
441 case ".php3":
442 case ".php" :
443 case ".phtml" :
444 case ".shtml" :
445 $d = "world1.gif" ;
446 break ;
447 case ".pdf" :
448 $d = "pdf.gif" ;
449 break;
450 case ".txt" :
451 case ".ini" :
452 $d = "text.gif" ;
453 break ;
454 case ".xls" :
455 $d = "box2.gif" ;
456 break ;
457 case ".zip" :
458 case ".arc" :
459 case ".sit" :
460 case ".tar" :
461 case ".gz" :
462 case ".tgz" :
463 case ".Z" :
464 $d = "compressed.gif" ;
465 break ;
466 case "view" :
467 $d = "index.gif" ;
468 break ;
469 case "up" :
470 $d = "back.gif" ;
471 break ;
472 case "blank" :
473 $d = "blank.gif" ;
474 break ;
475 default :
476 $d = "generic.gif" ;
477 }
478
479 return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
480 } // end function GifIcon
481
482 //////////////////////////////////////////////////////////////////
483
484 function Navigate($fsRoot,$relDir) {
485
486 global $gblEditable, $gblIcon ;
487
488 $self = $GLOBALS["PHP_SELF"] ;
489 $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
490 $fsDir = $fsRoot . $relDir . "/" ; // current directory
491
492 if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
493
494 // read directory contents
495 if ( !($dir = @opendir($fsDir)) )
496 Error("Read Access denied",$relDir) ;
497 while ($item = readdir($dir)) {
498 if ( $item == ".." || $item == "." ) continue ;
499 if ( is_dir($fsDir . $item) ) {
500 $dirList[] = $item ;
501 }
502 else if ( is_file($fsDir . $item) ) {
503 $fileList[] = $item ;
504 }
505 else {
506 // unknown file type
507 // $text = "Could not determine file type of " ;
508 // Error("File Error", $text.$relDir."/".$item) ;
509 // exit ;
510 }
511 }
512 closedir($dir) ;
513 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
514
515 // start navigation page
516 $text = "Use this page to add, delete or " ;
517 $text .= "revise files on this web site." ;
518
519 StartHTML("(Navigate)",$text) ;
520
521 echo "<TABLE BORDER=0 CELLPADDING=2
522 CELLSPACING=3 WIDTH=\"100%\">" ;
523
524 // updir bar
525 if ($fsDir != $fsRoot) {
526 $parent = dirname($relDir) ;
527 if ($parent == "") $parent = "/" ;
528 ?>
529
530 <TR><TD><?php echo $gblIcon("up") ?></TD><TD COLSPAN=4 CLASS=LST>
531 <A HREF="<?php echo $self ?>?D=<?php echo urlencode($parent) ?>">
532 <B><?php echo $parent ?></B></A></TD></TR>
533
534 <?php
535 }
536
537 // output subdirs
538 if (sizeof($dirList) > 0) {
539 sort($dirList) ;
540 ?>
541
542 <TR><TD></TD><TD COLSPAN=4 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
543
544 <?php
545 while (list($key,$dir) = each($dirList)) {
546
547 $tstr = "<A HREF=\"" . $self . "?D=" ;
548 $tstr .= urlencode($relDir."/".$dir) ;
549 $tstr .= "\">" . $dir . "/</A>" ;
550 ?>
551
552 <TR><TD><?php echo $gblIcon("fldr") ?></TD>
553 <TD COLSPAN=4 CLASS=LST><?php echo $tstr ?></TD></TR>
554
555 <?php
556 } // iterate over dirs
557 } // end if no dirs
558 ?>
559
560 <TR><TD></TD><TD COLSPAN=4><HR><B><?php echo $webRoot . $relDir ?>
561 </B></TD></TR>
562 <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
563 <TD><?php echo $gblIcon("blank") ?></TD>
564 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
565
566 <?php
567 if (sizeof($fileList) > 0) {
568 sort($fileList) ;
569 while (list($key,$file) = each($fileList)) {
570 $path = $fsDir."/".$file ;
571 $mod = filemtime($path) ;
572 $sz = filesize($path) ;
573
574 if ($sz >= 10240) {
575 $sz = (int)(($sz+1023)/1024) . " k" ;
576 }
577 else {
578 $sz .= " " ;
579 } // end size
580
581 $a = $b = "" ;
582
583 if ( ($mod + 30*86400) > time() ) {
584 $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
585 $a .= " than 30 days\"> * </SPAN>" ;
586 }
587
588 $tstr = $webRoot . $relDir . "/" . $file ;
589 $tstr = "<A HREF=\"" . $tstr . "\">" ;
590 $tstr .= $file . "</A>" . $a ;
591
592 $ext = strtolower(strrchr($file,".")) ;
593 if ( $ext=="" ||
594 strstr(join(" ",$gblEditable),$ext) )
595 {
596 $b = "<A HREF=\"" . $self . "?A=C&F=" ;
597 $b .= urlencode($file) . "&D=" . urlencode($relDir) ;
598 $b .= "\" TITLE=\"List contents\">" ;
599 $b .= $gblIcon("view") . "</A>" ;
600 }
601
602 ?>
603
604 <TR><TD>
605 <A HREF="<?php echo $self ?>?A=E&F=<?php echo urlencode($file)
606 ?>&D=<?php echo urlencode($relDir) ?>" TITLE="View/Edit">
607 <?php echo $gblIcon($ext) ?></A></TD>
608 <TD CLASS=LST><?php echo $tstr ?></TD>
609 <TD CLASS=LST ALIGN=center><?php echo $b ?></TD>
610 <TD CLASS=LST><?php echo date("d/M/y G:i:s",$mod) ?></TD>
611 <TD CLASS=LST><?php echo $sz ?>Bytes</TD></TR>
612
613 <?php
614 } // iterate over files
615 } // end if no files
616
617 if ($emptyDir) {
618 ?>
619
620 <FORM METHOD="POST" ACTION="<?php echo $self ?>">
621 <TR><TD></TD><TD COLSPAN=4 CLASS=BAR>
622 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
623 OK TO DELETE THIS EMPTY FOLDER?
624 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
625 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
626 </TD></TR>
627 </FORM>
628
629 <?php
630 } // end if emptyDir
631 ?>
632
633 <TR><TD></TD><TD COLSPAN=4><HR></TD></TR>
634
635 <FORM METHOD="POST" ACTION="<?php echo $self ?>">
636 <TR><TD></TD><TD COLSPAN=4 CLASS=BAR>CREATE NEW
637 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
638 <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
639 <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
640 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
641 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
642 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
643 <NOBR>OR <A HREF="<?php echo $self
644 ?>?A=U&D=<?php echo urlencode($relDir) ?>">UPLOAD</A> A FILE
645 </NOBR>
646 </TD></TR>
647 </FORM>
648 </TABLE>
649
650 <?php
651 EndHTML() ;
652 } // end function Navigate
653
654 //////////////////////////////////////////////////////////////////
655
656 function UploadPage($fsRoot, $relDir) {
657
658 $self = $GLOBALS["PHP_SELF"] ;
659 if ($relDir == "") $relDir = "/" ;
660 ?>
661
662 <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
663 <FORM ENCTYPE="multipart/form-data" METHOD="POST"
664 ACTION="<?php echo $self ?>">
665 DESTINATION DIRECTORY:<B><?php echo " " . $relDir ?></B>
666 <P>PATHNAME OF LOCAL FILE<BR>
667 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
668 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
669 <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
670 <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
671 <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
672 you must upgrade to an RFC1867-compliant browser.</P>
673 <P>Your browser:<BR><?php echo $GLOBALS["HTTP_USER_AGENT"] ?></P>
674 </FORM>
675 </TD></TR>
676 <TR><TD></TD><TD>
677 <FORM METHOD="POST" ACTION="<?php echo $self ?>">
678 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>"><BR>
679 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
680 </FORM>
681 </TD></TR></TABLE></P>
682
683 <?php
684 } // end function UploadPage
685
686 //////////////////////////////////////////////////////////////////
687
688 function Error($title,$text="") {
689 StartHTML("(".$title.")",$text) ;
690 echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
691 EndHTML() ;
692 exit ;
693 } // end function Error
694
695 //////////////////////////////////////////////////////////////////
696
697 function Writeable($path) {
698 // fix by -mat- filid brandy, brandy@ecrc.de, 07/JUL/99
699
700 clearstatcache ;
701 $perms = @fileperms($path) ;
702 $owner = @fileowner($path) ;
703 exec("id",$id) ;
704 eregi( "^uid=([0-9]*)",$id[0], $regs) ;
705 $apacheuid = $regs[1] ;
706 $perms = 0777 & $perms ;
707 if ( $apacheuid != $owner ) {
708 return (06 == (06 & $perms)) ? 1 : 0 ;
709 }
710 else {
711 return (0600 == (0600 & $perms)) ? 1 : 0 ;
712 }
713
714 } // end function Writable
715
716 //////////////////////////////////////////////////////////////////
717
718 function CreateHash($user, $pw) {
719
720 global $gblHash ; // hash function to use
721
722 if ($user == "" || $pw == "") {
723 $text = "either no password or no username supplied" ;
724 Error("Create Hash",$text) ;
725 }
726 $title = "(Create Hash)" ;
727 StartHTML($title) ;
728 echo "<P ALIGN=center>" ;
729 echo "<BLOCKQUOTE>Copy the value below and paste it " ;
730 echo "into the<BR>value for \$gblPw in the source of " ;
731 echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
732 echo "</B><BR><BR>Hash function: " . $gblHash ;
733 echo "</BLOCKQUOTE></P>" ;
734 EndHTML() ;
735 exit ;
736
737 } // end function CreateHash
738
739 //////////////////////////////////////////////////////////////////
740
741 function NoEntry() {
742
743 $user = $GLOBALS["PHP_AUTH_USER"] ;
744 $pw = $GLOBALS["PHP_AUTH_PW"] ;
745 $self = $GLOBALS["PHP_SELF"] ;
746
747 $title = "(401 Unauthorized)" ;
748 $text = "No trespassing !" ;
749 StartHTML($title,$text) ;
750 ?>
751
752 <FORM ACTION="<?php echo $self ?>?HASH=create" METHOD="POST">
753 <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?php echo $user ?>">
754 <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?php echo $pw ?>">
755
756 <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
757 Click below to <B>generate a password hash</B><BR>from
758 the username-password pair you just<BR>entered. Then include the hash in
759 the source<BR>of this file.<BR><BR>
760 <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
761 </BLOCKQUOTE></FORM>
762
763 <?php
764 EndHTML() ;
765 exit ;
766 }
767
768 //////////////////////////////////////////////////////////////////
769
770 // MAIN PROGRAM
771 // ============
772 // query parameters: capital letters
773 // local functions : begin with capital letters
774 // global constants: begin with gbl
775
776 $gblFilePerms = "644" ; // default for new files
777 $gblDirPerms = 0755 ; // default for new dirs
778
779 // phpinfo() ;
780 // exit ;
781
782 // forks before authentication: style sheet and hash
783 // creation if password not yet set.
784 if ($STYLE == "get") { CSS() ; exit ; }
785 if ($HASH != "") {
786 CreateHash($USER, $PW) ;
787 exit ;
788 }
789
790 // authentication if $gblAuth == true
791 if ( $gblAuth &&
792 $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ) {
793 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
794 header("HTTP/1.0 401 Unauthorized") ;
795 NoEntry() ;
796 exit ;
797 }
798
799 // get current directory relative to $gblFsRoot
800 $relDir = $DIR ; // from POST
801 if ($relDir == "") { // not defined in POST ?
802 $relDir = urldecode($D) ; // then use GET
803 }
804
805 if ($relDir == "/") $relDir = "" ;
806 // default : website root = ""
807
808 if (strstr($relDir,"..")) Error("No updirs allowed");
809
810 // full paths contain "fs" or "Fs". Paths realitve to root of
811 // website contain "rel" or "Rel". The script won't let you
812 // edit anything above directory equal to http://server.com
813 // i.e. below $gblFsRoot.
814
815 $relScriptDir = dirname($SCRIPT_NAME) ;
816 // i.e. /siteman
817
818 $fsScriptDir = dirname($SCRIPT_FILENAME) ;
819 // i.e. /home/httpd/html/siteman
820
821 $gblFsRoot = substr($fsScriptDir,0,
822 strlen($fsScriptDir)-strlen($relScriptDir)) ;
823 // i.e. /home/httpd/html
824
825 $fsDir = $gblFsRoot . $relDir ; // current directory
826 if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
827
828 switch ($POSTACTION) {
829 case "UPLOAD" :
830 if (!Writeable($fsDir)) Error("Write denied",$relDir) ;
831 if (strstr($FN_name,"/"))
832 Error("Non-conforming filename") ;
833 // TODO : should rather check for escapeshellcmds
834 // but maybe RFC 18xx asserts safe filenames ....
835 $source = $FN ;
836 $target = $fsDir . "/" . $FN_name ;
837 exec("cp $source $target") ;
838 exec("chmod $gblFilePerms $target") ;
839 clearstatcache() ;
840 break ;
841
842 case "SAVE" :
843 $path = $gblFsRoot . escapeshellcmd($RELPATH) ;
844 $writable = Writeable($path) ;
845 $legaldir = Writeable(dirname($path)) ;
846 $exists = (file_exists($path)) ? 1 : 0 ;
847 // check for legal extension here as well
848 if (!($writable || (!$exists && $legaldir)))
849 Error("Write denied",$RELPATH) ;
850 $fh = fopen($path, "w") ;
851 fwrite($fh,$FILEDATA) ;
852 fclose($fh) ;
853 clearstatcache() ;
854 break ;
855
856 case "CREATE" :
857 // we know $fsDir exists
858 if (!Writeable($fsDir)) Error("Write denied",$relDir) ;
859 $path = $fsDir . "/" . $FN ; // file or dir to create
860 $relPath = $relDir . "/" . $FN ;
861 switch ( $T ) {
862 case "D" : // create a directory
863 if ( ! @mkdir($path,$gblDirPerms) )
864 Error("Mkdir failed",$relPath) ; // eg. if it exists
865 clearstatcache() ;
866 break ;
867 case "F" : // create a new file
868 // this functionality is doubled in DetailView().
869 // better keep it here altogether
870 // chmod perms to $gblFilePerms
871 if ( file_exists($path) && !Writable($path) )
872 Error("File not writable", $relPath) ;
873 $tstr = $PHP_SELF . "?A=E&D=" . $relDir . "&F=" . $FN ;
874 header("Location: " . $tstr) ;
875 exit ;
876 }
877 break ;
878
879 case "DELETE" :
880 if ( $CONFIRM != "on" ) break ;
881
882 $tstr = "Attempt to delete non-existing object or " ;
883 $tstr .= "insufficient privileges: " ;
884
885 if ( $FN != "") { // delete file
886 $path = $fsDir . "/" . $FN ;
887 if ( ! @unlink($path) ) {
888 Error("File delete failed", $tstr . $path) ;
889 exit ;
890 }
891 }
892 else { // delete directory
893 if ( ! @rmdir($fsDir) ) {
894 Error("Rmdir failed", $tstr . $fsDir) ;
895 }
896 else {
897 $relDir = dirname($relDir) ; // move up
898 }
899 }
900 break ;
901
902 default :
903 // user hit "CANCEL" or undefined action
904 }
905
906 // common to all POSTs : redirect to directory view ($relDir)
907 if ( $POSTACTION != "" ) {
908 $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
909 header("Location: " . $tstr) ;
910 exit ;
911 }
912
913 // check for mode.. navigate, code display, upload, or detail?
914 // $A=U : upload to path given in $D
915 // $A=E : display detail of file $D/$F and edit
916 // $A=C : display code in file $D/$F
917 // default : display directory $D
918
919 switch ($A) {
920 case "U" :
921 // upload to $relDir
922 if (!Writeable($gblFsRoot . $relDir))
923 Error("Write access denied",$relDir) ;
924 $text = "Use this page to upload a single " ;
925 $text .= "file to <B>$SERVER_NAME</B>." ;
926 StartHTML("(Upload Page)", $text) ;
927 UploadPage($gblFsRoot, $relDir) ;
928 EndHTML() ;
929 exit ;
930 case "E" :
931 // detail of $relDir/$F
932 DetailPage($gblFsRoot, $relDir, $F) ;
933 exit ;
934 case "C" :
935 // listing of $relDir/$F
936 DisplayCode($gblFsRoot, $relDir, $F) ;
937 exit ;
938 }
939
940 // default: display directory $relDir
941 Navigate($gblFsRoot,$relDir) ;
942 exit ;
943
944 Error("Whooah!","By cartesian logic, this never happens") ;
945 ?>

  ViewVC Help
Powered by ViewVC 1.1.26