/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.4 - (show annotations)
Thu Aug 3 20:54:27 2000 UTC (23 years, 8 months ago) by dpavlin
Branch: MAIN
Changes since 1.3: +171 -103 lines
note support, cleanup, added MoveTo

1 <?php
2
3 /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4 /* All Rights Reserved. */
5 /* */
6 /* This software is freeware and is not in the public domain. */
7 /* You are hereby granted the right to freely distribute this */
8 /* software as long as this copyright notice remains in place. */
9 /* */
10 /* Comments or suggestions? email: andmore@alief.com */
11 /* */
12 /* This is the PHP port: AnyPortal(php)-0.1 */
13 /* ======================================== */
14 /* */
15 /* PHP version 2000 by Stefan@Wiesendanger.org */
16 /* No Rights Reserved. What for, anyhow ? */
17 /* */
18 /* Date Remarks */
19 /* --------- ----------------------------------------------- */
20 /* 25 MAY 99 original ASP version */
21 /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22 /* 10 APR 00 simplified PHP3 version */
23 /* 18 APR 00 most of PHP3 port working. Slight modifications */
24 /* 22 APR 00 modified syntax highlighting, no absolute paths */
25 /* revealed, PHP builtin authentication, global */
26 /* style sheet as callback, use apache default */
27 /* icons as an alternative to the wingdings font. */
28 /* 25 APR 00 catch some exceptions (not foolproof yet) */
29 /* 26 APR 00 catch some more exceptions, implicit copy */
30 /* function by saving somewhere else in the detail */
31 /* view, MD5 hashed password. */
32 /* 27 APR 00 Fixed authentication bug */
33 /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34 /* PHP3. Fixed bug which would send you to a non- */
35 /* existent address after file modifications. */
36
37 /*
38 2000-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
39
40 nuked exec calls (unsecure)
41 nuked writeable function (replaced by php is_writeable)
42 added support for https (tested with apache+mod_ssl)
43 added users file
44 date format user-selectable
45 cycle backup files in bak directory
46 support links as directoryes (for now)
47 support of file history logging
48 undelete capabilities (delete moves to .del directory)
49
50 2000-07-26 DbP
51
52 added more checking on entered filename (when creating file/dir)
53 added rename option
54
55
56 IMPORTANT INSTALLATION NOTE:
57 deny serving of .* (dot-something) files in web server!
58 Otherwise, uses can access your log files, users and/or
59 deleted files!
60
61 .htusers is in form:
62 login:Real Name:md5(loginpassword)
63
64
65 TODO:
66 mixed file/directory output (add type to each entry,
67 real support for links)
68 add more content-management (like cms.sourceforge.net):
69 check-out/check-in/reserve
70 comments to files
71 */
72
73 //////////////////////////////////////////////////////////////////
74
75 // TODO : Don't let the file be modified itself. Create a hash of
76 // it (kinda hard since it's self-referential ;-). Make better use
77 // of session management. Escapeshellcmd for all user input.
78
79 //////////////////////////////////////////////////////////////////
80
81 // GLOBAL PARAMETERS
82 // =================
83 // Make modifications here to suit siteman to your needs
84
85 // error_reporting(4) ; // how verbose ?
86
87 // username/password should not be system
88 // usernames/passwords !!
89
90 // $gblPw = "hash_of_your_username_and_password" ;
91
92 // $gblAuth = false ; // use builtin authentication
93 $gblAuth = true ; // use builtin authentication
94 $gblHash = "md5" ; // hash function to use
95
96 $gblPw = "";
97
98 if ($gblAuth) {
99 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
100 if (! file_exists($htusers_file)) {
101 $htusers=fopen($htusers_file,"a+");
102 fputs($htusers,"# Change owner of $htusers_file to root !!\n");
103 fputs($htusers,"demo:full name:md5_hash\n");
104 fclose($htusers);
105 }
106 $htusers=fopen($htusers_file,"r");
107 while($user = fgetcsv($htusers,255,":")) {
108 if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
109 $gblUserName=$user[1];
110 $gblPw=$user[2];
111 continue ;
112 }
113 }
114 fclose($htusers);
115 }
116
117 // $gblDateFmt="D, F d, Y";
118 // $gblTimeFmt="g:i:sA";
119
120 $gblDateFmt="Y-m-d";
121 $gblTimeFmt="H:i:s";
122
123 // Number of backup files to keep
124 $gblNumBackups=5;
125
126 // choose GifIcon below unless you have the M$
127 // WingDings font installed on your system
128
129 $gblIcon = "GifIcon" ; // MockIcon or GifIcon
130
131 // the directory below should be /icons/ or /icons/small/
132 // on Apache; a set of icons is included in the distribution
133
134 $gblIconLocation = "/icons/" ;
135
136 // files you want to be able to edit in text mode
137 // and view with (primitive) syntax highlighting
138
139 $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
140 ".cfm",".php3",".php",".phtml",
141 ".shtml",".css" ) ;
142
143 // files that will display as images on the detail page
144 // (useless if your browser doesn't support them)
145
146 $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
147 ".bmp",".xbm") ;
148
149 //////////////////////////////////////////////////////////////////
150
151 function StartHTML($title,$text="") {
152
153 $title = "Site Manager " . $title ;
154 $host = $GLOBALS["HTTP_HOST"] ;
155 $self = $GLOBALS["PHP_SELF"] ;
156 ?>
157
158 <HTML>
159 <HEAD>
160 <TITLE><?= $host . " " . $title ?></TITLE>
161 <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
162 <META NAME="keywords" CONTENT="site manager, web site maintenance">
163 <META NAME="robots" CONTENT="noindex">
164 <META HTTP-EQUIV="expires" CONTENT="0">
165 <LINK REL="stylesheet" TYPE="text/css"
166 HREF="<?= $self ?>?STYLE=get">
167 </HEAD>
168 <BODY BGCOLOR="#FFFFFF">
169 <H3 ALIGN="RIGHT"><?= $host ?></H3>
170 <TABLE BORDER=0 WIDTH="100%"><TR>
171 <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
172 <P><?= $text ?></P>
173
174 <?php
175 } // end function StartHTML
176
177 //////////////////////////////////////////////////////////////////
178
179 function EndHTML() {
180 ?>
181
182 <HR>
183 <P CLASS=FTR>
184 <B><?= date($GLOBALS[gblDateFmt]) ?> -
185 <?= date($GLOBALS[gblTimeFmt]) ?> -
186 <?= $GLOBALS[gblUserName] ?>
187 <small> [<a href="<?= $PHP_SELF ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
188 </B>
189 <BR>ANYPORTAL(php) Site Manager
190 <br><small>
191 &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
192 &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
193 &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
194 </small>
195 </P>
196 <BR>
197 <? include(".debug.inc") ?>
198 <BR><BR></BODY></HTML>
199
200 <?php
201 } // end function EndHTML
202
203 //////////////////////////////////////////////////////////////////
204
205 function CSS() {
206 ?>
207
208 BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
209 .BLK { color:black; }
210 .RED { color:red; }
211 .TOP { color:red; font-size:70%; } /* table headings */
212 .INV { color:white; background-color:navy;
213 font-weight:bold; font-size:120%; } /* title */
214 .FTR { } /* footer */
215 .LST { background-color:#E0E0E0; } /* table cells */
216 .BAR { background-color:#E0E0E0; } /* action bar */
217 PRE { color:blue; font-family:Lucida Console,Courier New,
218 Courier,sans-serif; } /* source code */
219 EM { color:green; font-style:normal; } /* line numbers */
220 .REM { color:silver; }
221 .XML { color:navy; background-color:yellow; }
222 .MCK { color:red; font-family:WingDings; } /* Mock Icons */
223 A:HOVER { color:red; }
224
225 <?php
226 } // end function CSS
227
228 //////////////////////////////////////////////////////////////////
229
230 function DetailPage($fsRoot,$relDir,$fn) {
231
232 global $gblEditable, $gblImages ;
233 $self = $GLOBALS["PHP_SELF"] ;
234
235 $relPath = $relDir . "/" . $fn ;
236 $fsPath = $fsRoot . $relPath ;
237 $fsDir = $fsRoot . $relDir ;
238
239 $exists = file_exists($fsPath) ;
240 $ext = strtolower(strrchr($relPath,".")) ;
241 $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
242 $writable = is_writeable($fsPath) ;
243
244 if (!$editable && !$exists)
245 Error("Creation unsupported for type",$relPath) ;
246 if (!exists && !is_writeable($fsDir) )
247 Error("Creation denied",$relDir) ;
248
249 $text = "Use this page to view, modify or " ;
250 $text .= "delete a single document on this " ;
251 $text .= "web site." ;
252 $title = "(Detail Page)" ;
253 StartHTML($title, $text) ;
254
255 echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
256 if ($exists) { // get file info
257 $fsize = filesize($fsPath) ;
258 $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
259 $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
260 echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
261 echo "last modified: <B>" . $fmodified . "</B><BR>" ;
262 echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
263 echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
264 echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
265 echo " permissions: <B>" ;
266 echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
267 echo "</PRE>" ;
268
269 }
270
271 if ( $editable && ($writable || !$exists) ) {
272 $fh = fopen($fsPath,"a+") ;
273 rewind($fh) ;
274 $fstr = fread($fh,filesize($fsPath)) ;
275 fclose($fh) ;
276 $fstr = htmlentities( $fstr ) ;
277 ?>
278
279 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
280 <SPAN TITLE="Click [SAVE] to store updated contents.">
281 <B>DOCUMENT CONTENTS</B>
282 </SPAN><BR>
283 <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
284 echo($fstr) ; ?></TEXTAREA>
285 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
286 <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
287 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
288 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
289 VALUE="<?= $relPath ; ?>">
290 <br>
291 <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
292 <INPUT TYPE="SUBMIT" VALUE="SAVE">
293 </FORM>
294
295 <?php
296 }
297 else if ( strstr( join(" ",$gblImages), $ext ) ) {
298 $info = getimagesize($fsPath) ;
299 $tstr = "<IMG SRC=\"". $relPath . "\" BORDER=0 " ;
300 $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
301 $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
302 echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
303 }
304 ?>
305
306 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
307 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
308 <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
309 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
310
311 <?php
312 if (substr($fn,0,4) == ".del") {
313 $action="UNDELETE";
314 $desc="undelete previously deleted file";
315 } else {
316 $action="DELETE";
317 $desc="delete";
318 }
319
320 if ($exists && $writable) {
321 ?>
322
323 <HR>
324 <a name="undelete">
325 <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
326 <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
327 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
328 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
329
330 <HR>
331 <a name="rename">
332 <SPAN TITLE="Check OK and click [RENAME] to rename.">
333 <B>OK TO RENAME "<?= $fn ; ?>" TO
334 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
335 ? </B></SPAN>
336 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
337 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
338
339 <HR>
340 <a name="note">
341 <B>NOTE FOR "<?= $fn ; ?>":
342 <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
343 </B></SPAN>
344 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
345
346 <?php
347 }
348 echo "</FORM>" ;
349
350 $logname=dirname("$fsDir/$fn")."/.log/".basename("$fsDir/$fn");
351 if (file_exists($logname)) {
352 print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
353 $log=fopen($logname,"r");
354 $cl1=" class=lst"; $cl2="";
355 while($line = fgetcsv($log,255,"\t")) {
356 $cl=$cl1; $cl1=$cl2; $cl2=$cl;
357 print "<tr><td$cl>$line[0]</td><td$cl>$line[1]</td><td$cl>$line[2]</td><td$cl>$line[3]</td></tr>\n";
358 }
359 fclose($log);
360 print "</table>";
361 }
362
363 EndHTML() ;
364
365 } // end function DetailPage
366
367 //////////////////////////////////////////////////////////////////
368
369 function DisplayCode($fsRoot,$relDir,$fn) {
370
371 $path = $fsRoot . $relDir . "/" . $fn ;
372
373 if (!file_exists($path)) Error("File not found",$path) ;
374
375 StartHTML("(".$relDir."/".$fn.")","");
376
377 $tstr = join("",file($path)) ;
378 $tstr = htmlentities($tstr) ;
379
380 // Tabs
381 $tstr = str_replace(chr(9)," ",$tstr) ;
382
383 // ASP tags & XML/PHP tags
384 $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
385 $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
386 $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
387 $tstr = str_replace("%&gt;",$aspend,$tstr) ;
388
389 $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
390 $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
391 $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
392 $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
393
394 // C style comment
395 $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
396 $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
397
398 // HTML comments
399 $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
400 $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
401
402 echo "<PRE>" ;
403
404 $tstr = split("\n",$tstr) ;
405 for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
406 // add line numbers
407 echo "<BR><EM>" ;
408 echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
409 $line = $tstr[$i] ;
410 // C++ style comments
411 $pos = strpos($line,"//") ;
412 // exceptions: two slashes aren't a script comment
413 if (strstr($line,"//") &&
414 ! ($pos>0 && substr($line,$pos-1,1)==":") &&
415 ! (substr($line,$pos,8) == "//--&gt;") &&
416 ! (substr($line,$pos,9) == "// --&gt;")) {
417 $beg = substr($line,0,strpos($line,"//")) ;
418 $end = strstr($line,"//") ;
419 $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
420 }
421 // shell & asp style comments
422 $first = substr(ltrim($line),0,1) ;
423 if ($first == "#" || $first == "'") {
424 $line = "<SPAN CLASS=REM>".$line."</SPAN>";
425 }
426 print($line) ;
427 } // next i
428
429 echo "</PRE>" ;
430
431 EndHTML() ;
432
433 } // end function DisplayCode
434
435 //////////////////////////////////////////////////////////////////
436
437 function MockIcon($txt) {
438 $tstr = "<SPAN CLASS=MCK>" ;
439
440 switch (strtolower($txt)) {
441 case ".bmp" :
442 case ".gif" :
443 case ".jpg" :
444 case ".jpeg":
445 case ".tif" :
446 case ".tiff":
447 $d = 176 ;
448 break ;
449 case ".doc" :
450 $d = 50 ;
451 break ;
452 case ".exe" :
453 case ".bat" :
454 $d = 255 ;
455 break ;
456 case ".bas" :
457 case ".c" :
458 case ".cc" :
459 case ".src" :
460 $d = 255 ;
461 break ;
462 case "file" :
463 $d = 51 ;
464 break ;
465 case "fldr" :
466 $d = 48 ;
467 break ;
468 case ".htm" :
469 case ".html":
470 case ".asa" :
471 case ".asp" :
472 case ".cfm" :
473 case ".php3":
474 case ".php" :
475 case ".phtml" :
476 case ".shtml" :
477 $d = 182 ;
478 break ;
479 case ".pdf" :
480 $d = 38 ;
481 break;
482 case ".txt" :
483 case ".ini" :
484 $d = 52 ;
485 break ;
486 case ".xls" :
487 $d = 252 ;
488 break ;
489 case ".zip" :
490 case ".arc" :
491 case ".sit" :
492 case ".tar" :
493 case ".gz" :
494 case ".tgz" :
495 case ".Z" :
496 $d = 59 ;
497 break ;
498 case "view" :
499 $d = 52 ;
500 break ;
501 case "up" :
502 $d = 199 ;
503 break ;
504 case "blank" :
505 return "&nbsp;&nbsp;</SPAN>" ;
506 break ;
507 default :
508 $d = 51 ;
509 }
510
511 return $tstr . chr($d) . "</SPAN>" ;
512 } // end function MockIcon
513
514 //////////////////////////////////////////////////////////////////
515
516 function GifIcon($txt) {
517 global $gblIconLocation ;
518
519 switch (strtolower($txt)) {
520 case ".bmp" :
521 case ".gif" :
522 case ".jpg" :
523 case ".jpeg":
524 case ".tif" :
525 case ".tiff":
526 $d = "image2.gif" ;
527 break ;
528 case ".doc" :
529 $d = "layout.gif" ;
530 break ;
531 case ".exe" :
532 case ".bat" :
533 $d = "screw2.gif" ;
534 break ;
535 case ".bas" :
536 case ".c" :
537 case ".cc" :
538 case ".src" :
539 $d = "c.gif" ;
540 break ;
541 case "file" :
542 $d = "generic.gif" ;
543 break ;
544 case "fldr" :
545 $d = "dir.gif" ;
546 break ;
547 case ".phps" :
548 $d = "phps.gif" ;
549 break ;
550 case ".php3" :
551 $d = "php3.gif" ;
552 break ;
553 case ".htm" :
554 case ".html":
555 case ".asa" :
556 case ".asp" :
557 case ".cfm" :
558 case ".php3":
559 case ".php" :
560 case ".phtml" :
561 case ".shtml" :
562 $d = "world1.gif" ;
563 break ;
564 case ".pdf" :
565 $d = "pdf.gif" ;
566 break;
567 case ".txt" :
568 case ".ini" :
569 $d = "text.gif" ;
570 break ;
571 case ".xls" :
572 $d = "box2.gif" ;
573 break ;
574 case ".zip" :
575 case ".arc" :
576 case ".sit" :
577 case ".tar" :
578 case ".gz" :
579 case ".tgz" :
580 case ".Z" :
581 $d = "compressed.gif" ;
582 break ;
583 case "view" :
584 $d = "index.gif" ;
585 break ;
586 case "up" :
587 $d = "back.gif" ;
588 break ;
589 case "blank" :
590 $d = "blank.gif" ;
591 break ;
592 case "checkout":
593 $d = "down.gif";
594 break;
595 case "checkin":
596 $d = "up.gif";
597 break;
598 case "note":
599 $d = "quill.gif";
600 break;
601 default :
602 $d = "generic.gif" ;
603 }
604
605 return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
606 } // end function GifIcon
607
608 //////////////////////////////////////////////////////////////////
609
610 function Navigate($fsRoot,$relDir) {
611
612 global $gblEditable, $gblIcon ;
613
614 $self = $GLOBALS["PHP_SELF"] ;
615 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
616 $webRoot = "https://" . $GLOBALS["SERVER_NAME"] ;
617 } else {
618 $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
619 }
620 $fsDir = $fsRoot . $relDir . "/" ; // current directory
621
622 if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
623
624 // read directory contents
625 if ( !($dir = @opendir($fsDir)) )
626 Error("Read Access denied",$relDir) ;
627 while ($item = readdir($dir)) {
628 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
629 if ( is_dir($fsDir . $item) ) {
630 $dirList[] = $item ;
631 } else if ( is_file($fsDir . $item) ) {
632 $fileList[] = $item ;
633 } else if ( is_link($fsDir . $item) ) {
634 $dirList[] = $item ;
635 } else {
636 // unknown file type
637 // $text = "Could not determine file type of " ;
638 // Error("File Error", $text.$relDir."/".$item) ;
639 // exit ;
640 }
641 }
642 closedir($dir) ;
643
644 // scan deleted files
645 if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
646 while ($item = readdir($dir)) {
647 if ( substr($item,0,1) == "." ) continue ;
648 $fileList[] = ".del/$item" ;
649 }
650 closedir($dir) ;
651 }
652
653 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
654
655 // start navigation page
656 $text = "Use this page to add, delete";
657 if (! isset($show_deleted)) {
658 $text .= ", <a href=".$GLOBALS[PHP_SELF]."?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
659 }
660 $text .= " or revise files on this web site." ;
661 StartHTML("(Navigate)",$text) ;
662
663 echo "<TABLE BORDER=0 CELLPADDING=2
664 CELLSPACING=3 WIDTH=\"100%\">" ;
665
666 // updir bar
667 if ($fsDir != $fsRoot) {
668 $parent = dirname($relDir) ;
669 if ($parent == "") $parent = "/" ;
670 ?>
671
672 <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
673 <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
674 <B><?= $parent ?></B></A></TD></TR>
675
676 <?php
677 }
678
679 // output subdirs
680 if (sizeof($dirList) > 0) {
681 sort($dirList) ;
682 ?>
683
684 <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
685
686 <?php
687 while (list($key,$dir) = each($dirList)) {
688
689 $tstr = "<A HREF=\"" . $self . "?D=" ;
690 $tstr .= urlencode($relDir."/".$dir) ;
691 $tstr .= "\">" . $dir . "/</A>" ;
692 ?>
693
694 <TR><TD><?= $gblIcon("fldr") ?></TD>
695 <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
696
697 <?php
698 } // iterate over dirs
699 } // end if no dirs
700 ?>
701
702 <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
703 </B></TD></TR>
704 <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
705 <TD><?= $gblIcon("blank") ?></TD>
706 <TD CLASS=TOP>NOTE</TD>
707 <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
708
709 <?php
710 if (sizeof($fileList) > 0) {
711 sort($fileList) ;
712 while (list($key,$file) = each($fileList)) {
713 $path = $fsDir."/".$file ;
714 $mod = filemtime($path) ;
715 $sz = filesize($path) ;
716
717 if ($sz >= 10240) {
718 $sz = (int)(($sz+1023)/1024) . " k" ;
719 } else {
720 $sz .= " " ;
721 } // end size
722
723 $a = $b = "" ;
724
725 $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
726
727 if ( ($mod + 30*86400) > time() ) {
728 $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
729 $a .= " than 30 days\"> * </SPAN>" ;
730 }
731
732 $tstr = $webRoot . $relDir . "/" . $file ;
733 $tstr = "<A HREF=\"" . $tstr . "\">" ;
734
735 if (substr($file,0,5) != ".del/") {
736 $tstr .= $file . "</A>" . $a ;
737 } else {
738 $tstr .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
739 }
740
741 // $b = $gblIcon("checkout");
742 // $b .= $gblIcon("checkin");
743
744 $ext = strtolower(strrchr($file,".")) ;
745 if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
746 $b .= "<A HREF=\"" . $self . "?A=C&F=" ;
747 $b .= urlencode($file) . "&D=" . urlencode($relDir) ;
748 $b .= "\" TITLE=\"List contents\">" ;
749 $b .= $gblIcon("view") . "</A>" ;
750 } else {
751 $b .= $gblIcon("blank");
752 }
753
754
755 ?>
756
757 <TR><TD>
758 <A HREF="<?= $info_url ?>" TITLE="View/Edit">
759 <?= $gblIcon($ext) ?></A></TD>
760 <TD CLASS=LST><?= $tstr ?></TD>
761 <TD CLASS=LST ALIGN=center><?= $b ?></TD>
762 <TD CLASS=LST ALIGN=left><a href="<?= $info_url ?>#note"><?= $gblIcon("note") ?></a><?= ReadNote($path) ?></TD>
763 <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
764 <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
765
766 <?php
767 } // iterate over files
768 } // end if no files
769
770 if ($emptyDir) {
771 ?>
772
773 <FORM METHOD="POST" ACTION="<?= $self ?>">
774 <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
775 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
776 OK TO DELETE THIS EMPTY FOLDER?
777 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
778 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
779 </TD></TR>
780 </FORM>
781
782 <?php
783 } // end if emptyDir
784 ?>
785
786 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
787
788 <FORM METHOD="POST" ACTION="<?= $self ?>">
789 <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
790 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
791 <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
792 <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
793 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
794 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
795 <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
796 <NOBR>OR <A HREF="<?= $self
797 ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
798 </NOBR>
799 </TD></TR>
800 </FORM>
801 </TABLE>
802
803 <?php
804 EndHTML() ;
805 } // end function Navigate
806
807 //////////////////////////////////////////////////////////////////
808
809 function UploadPage($fsRoot, $relDir) {
810
811 $self = $GLOBALS["PHP_SELF"] ;
812 if ($relDir == "") $relDir = "/" ;
813 ?>
814
815 <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
816 <FORM ENCTYPE="multipart/form-data" METHOD="POST"
817 ACTION="<?= $self ?>">
818 DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
819 <P>PATHNAME OF LOCAL FILE<BR>
820 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
821 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
822 <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
823 <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
824 <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
825 you must upgrade to an RFC1867-compliant browser.</P>
826 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
827 </FORM>
828 </TD></TR>
829 <TR><TD></TD><TD>
830 <FORM METHOD="POST" ACTION="<?= $self ?>">
831 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
832 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
833 </FORM>
834 </TD></TR></TABLE></P>
835
836 <?php
837 } // end function UploadPage
838
839 //////////////////////////////////////////////////////////////////
840
841 function Error($title,$text="") {
842 StartHTML("(".$title.")",$text) ;
843 echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
844 EndHTML() ;
845 exit ;
846 } // end function Error
847
848 //////////////////////////////////////////////////////////////////
849
850 function CreateHash($user, $pw) {
851
852 global $gblHash ; // hash function to use
853
854 if ($user == "" || $pw == "") {
855 $text = "either no password or no username supplied" ;
856 Error("Create Hash",$text) ;
857 }
858 $title = "(Create Hash)" ;
859 StartHTML($title) ;
860 echo "<P ALIGN=center>" ;
861 echo "<BLOCKQUOTE>Copy the value below and paste it " ;
862 echo "into the<BR>value for \$gblPw in the source of " ;
863 echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
864 echo "</B><BR><BR>Hash function: " . $gblHash ;
865 echo "</BLOCKQUOTE></P>" ;
866 EndHTML() ;
867 exit ;
868
869 } // end function CreateHash
870
871 //////////////////////////////////////////////////////////////////
872
873 function NoEntry() {
874
875 $user = $GLOBALS["PHP_AUTH_USER"] ;
876 $pw = $GLOBALS["PHP_AUTH_PW"] ;
877 $self = $GLOBALS["PHP_SELF"] ;
878
879 $title = "(401 Unauthorized)" ;
880 $text = "No trespassing !" ;
881 StartHTML($title,$text) ;
882 ?>
883
884 <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
885 <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
886 <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
887
888 <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
889 Click below to <B>generate a password hash</B><BR>from
890 the username-password pair you just<BR>entered. Then include the hash in
891 the source<BR>of this file.<BR><BR>
892 <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
893 </BLOCKQUOTE></FORM>
894
895 <?php
896 EndHTML() ;
897 exit ;
898 }
899
900 //////////////////////////////////////////////////////////////////
901
902 function Logit($target,$msg) {
903
904 $dir=dirname($target);
905 if (! file_exists($dir."/.log")) {
906 mkdir($dir."/.log",0700);
907 }
908 $file=basename($target);
909
910 $log=fopen("$dir/.log/$file","a+");
911 fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
912 "\t$GLOBALS[gblUserName]\t$msg\n");
913 fclose($log);
914
915 }
916
917
918 //////////////////////////////////////////////////////////////////
919
920 function WriteNote($target,$msg) {
921
922 $dir=dirname($target);
923 if (! file_exists($dir."/.note")) {
924 mkdir($dir."/.note",0700);
925 }
926 $file=basename($target);
927
928 $note=fopen("$dir/.note/$file","w");
929 fputs($note,"$msg\n");
930 fclose($note);
931
932 Logit($target,"added note $msg");
933
934 }
935
936 function ReadNote($target) {
937
938 $dir=dirname($target);
939 $file=basename($target);
940 $msg="";
941 if (file_exists($dir."/.note/$file")) {
942 $note=fopen("$dir/.note/$file","r");
943 $msg=fgets($note,4096);
944 fclose($note);
945 }
946 return $msg;
947
948 }
949
950 //////////////////////////////////////////////////////////////////
951
952 function MoveTo($source,$folder) {
953
954 $file=basename($source);
955 if (! file_exists($folder)) {
956 mkdir($folder,0700);
957 }
958 if (file_exists($source)) {
959 rename($source,"$folder/$file");
960 }
961 }
962
963 //////////////////////////////////////////////////////////////////
964
965 // MAIN PROGRAM
966 // ============
967 // query parameters: capital letters
968 // local functions : begin with capital letters
969 // global constants: begin with gbl
970
971 $gblFilePerms = 0640 ; // default for new files
972 $gblDirPerms = 0750 ; // default for new dirs
973
974 // phpinfo() ;
975 // exit ;
976
977 // forks before authentication: style sheet and hash
978 // creation if password not yet set.
979 if ($STYLE == "get") { CSS() ; exit ; }
980 if ($HASH != "") {
981 CreateHash($USER, $PW) ;
982 exit ;
983 }
984
985 // authentication if $gblAuth == true
986 if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
987 isset($relogin) && $gblPw == $relogin ) {
988 header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
989 header("HTTP/1.0 401 Unauthorized") ;
990 NoEntry() ;
991 exit ;
992 }
993
994 // get current directory relative to $gblFsRoot
995 $relDir = $DIR ; // from POST
996 if ($relDir == "") { // not defined in POST ?
997 $relDir = urldecode($D) ; // then use GET
998 }
999
1000 if ($relDir == "/") $relDir = "" ;
1001 // default : website root = ""
1002
1003 if (strstr($relDir,"..")) Error("No updirs allowed");
1004
1005 // full paths contain "fs" or "Fs". Paths realitve to root of
1006 // website contain "rel" or "Rel". The script won't let you
1007 // edit anything above directory equal to http://server.com
1008 // i.e. below $gblFsRoot.
1009
1010 $relScriptDir = dirname($SCRIPT_NAME) ;
1011 // i.e. /siteman
1012
1013 $fsScriptDir = dirname($SCRIPT_FILENAME) ;
1014 // i.e. /home/httpd/html/siteman
1015
1016 $gblFsRoot = substr($fsScriptDir,0,
1017 strlen($fsScriptDir)-strlen($relScriptDir)) ;
1018 // i.e. /home/httpd/html
1019
1020 $fsDir = $gblFsRoot . $relDir ; // current directory
1021 if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1022
1023 switch ($POSTACTION) {
1024 case "UPLOAD" :
1025 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1026 if (strstr($FN_name,"/"))
1027 Error("Non-conforming filename") ;
1028 // TODO : should rather check for escapeshellcmds
1029 // but maybe RFC 18xx asserts safe filenames ....
1030 $source = $FN ;
1031 $target = $fsDir . "/" . $FN_name ;
1032
1033 // backup old files first
1034 $dir=dirname($target);
1035 if (! file_exists($dir."/.bak")) {
1036 mkdir($dir."/.bak",0700);
1037 }
1038 if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1039 mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1040 }
1041 $file=basename($target);
1042 for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1043 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1044 }
1045 MoveTo($target,$dir."/.bak/1/".$file);
1046
1047 copy($source,$target) ;
1048 chmod($target,$gblFilePerms) ;
1049 clearstatcache() ;
1050 Logit($target,"uploaded");
1051 break ;
1052
1053 case "SAVE" :
1054 $path = $gblFsRoot . escapeshellcmd($RELPATH) ;
1055 $writable = is_writeable($path) ;
1056 $legaldir = is_writeable(dirname($path)) ;
1057 $exists = (file_exists($path)) ? 1 : 0 ;
1058 // check for legal extension here as well
1059 if (!($writable || (!$exists && $legaldir)))
1060 Error("Write denied",$RELPATH) ;
1061 $fh = fopen($path, "w") ;
1062 fwrite($fh,$FILEDATA) ;
1063 fclose($fh) ;
1064 clearstatcache() ;
1065 Logit($path,"saved changes");
1066 break ;
1067
1068 case "CREATE" :
1069 // we know $fsDir exists
1070 if ($FN == "") break; // no filename!
1071 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1072 $path = $fsDir . "/" . $FN ; // file or dir to create
1073 $relPath = $relDir . "/" . $FN ;
1074 switch ( $T ) {
1075 case "D" : // create a directory
1076 if ( ! @mkdir($path,$gblDirPerms) )
1077 Error("Mkdir failed",$relPath) ; // eg. if it exists
1078 clearstatcache() ;
1079 break ;
1080 case "F" : // create a new file
1081 // this functionality is doubled in DetailView().
1082 // better keep it here altogether
1083 // chmod perms to $gblFilePerms
1084 if ( file_exists($path) && !is_writable($path) )
1085 Error("File not writable", $relPath) ;
1086 $tstr = $PHP_SELF . "?A=E&D=" . $relDir . "&F=" . $FN ;
1087 header("Location: " . $tstr) ;
1088 exit ;
1089 }
1090 break ;
1091
1092 case "DELETE" :
1093 if ( $CONFIRM != "on" ) break ;
1094
1095 $tstr = "Attempt to delete non-existing object or " ;
1096 $tstr .= "insufficient privileges: " ;
1097
1098 if ( $FN != "") { // delete file
1099 $path = $fsDir . "/" . $FN ;
1100
1101 $dir=dirname($path);
1102 $file=basename($path);
1103 if (! file_exists("$dir/.del")) {
1104 mkdir("$dir/.del",0700);
1105 }
1106
1107 // if ( ! @unlink($path) ) {
1108 if ( ! rename($path,"$dir/.del/$file") ) {
1109 Error("File delete failed", $tstr . $path) ;
1110 Logit($path,"file delete failed");
1111 exit ;
1112 } else {
1113 Logit($path,"file deleted");
1114 if (! file_exists("$dir/.del/.log")) {
1115 mkdir("$dir/.del/.log",0700);
1116 }
1117 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1118 MoveTo("$dir/.note/$file","$dir/.del/.note/");
1119 }
1120 }
1121 else { // delete directory
1122 if ( ! @rmdir($fsDir) ) {
1123 Error("Rmdir failed", $tstr . $fsDir) ;
1124 }
1125 else {
1126 $relDir = dirname($relDir) ; // move up
1127 }
1128 }
1129 break ;
1130
1131 case "UNDELETE" :
1132 if ( $CONFIRM != "on" ) break ;
1133
1134 if (substr($FN,0,4) != ".del") break ;
1135 $file=substr($FN,4,strlen($FN)-4);
1136
1137 Logit("$fsDir/.del/$file","undeleted");
1138 MoveTo("$fsDir/.del/$file","$fsDir/");
1139 MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1140 MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1141
1142 break ;
1143
1144 case "RENAME" :
1145 if ( $CONFIRM != "on" ) break ;
1146
1147 Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
1148 rename("$fsDir/$FN","$fsDir/$NEWNAME");
1149 rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
1150
1151 break ;
1152
1153 case "NOTE" :
1154 WriteNote("$fsDir/$FN","$NOTE");
1155 break ;
1156
1157 default :
1158 // user hit "CANCEL" or undefined action
1159 }
1160
1161 // common to all POSTs : redirect to directory view ($relDir)
1162 if ( $POSTACTION != "" ) {
1163 $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1164 header("Location: " . $tstr) ;
1165 exit ;
1166 }
1167
1168 // check for mode.. navigate, code display, upload, or detail?
1169 // $A=U : upload to path given in $D
1170 // $A=E : display detail of file $D/$F and edit
1171 // $A=C : display code in file $D/$F
1172 // default : display directory $D
1173
1174 switch ($A) {
1175 case "U" :
1176 // upload to $relDir
1177 if (!is_writeable($gblFsRoot . $relDir))
1178 Error("Write access denied",$relDir) ;
1179 $text = "Use this page to upload a single " ;
1180 $text .= "file to <B>$SERVER_NAME</B>." ;
1181 StartHTML("(Upload Page)", $text) ;
1182 UploadPage($gblFsRoot, $relDir) ;
1183 EndHTML() ;
1184 exit ;
1185 case "E" :
1186 // detail of $relDir/$F
1187 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1188 exit ;
1189 case "C" :
1190 // listing of $relDir/$F
1191 DisplayCode($gblFsRoot, $relDir, $F) ;
1192 exit ;
1193 }
1194
1195 // default: display directory $relDir
1196 Navigate($gblFsRoot,$relDir) ;
1197 exit ;
1198
1199 Error("Whooah!","By cartesian logic, this never happens") ;
1200 ?>

  ViewVC Help
Powered by ViewVC 1.1.26