/[docman]/docman.php

This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!

Diff of /docman.php

Parent Directory | Revision Log | View Patch Patch

-revision 1.1.1.1 by dpavlin,
Fri May 12 12:01:08 2000 UTC
+revision 1.5 by dpavlin,
Thu Aug  3 22:02:03 2000 UTC
 Line 34
  /*             PHP3. Fixed bug which would send you to a non-   */
  /*             existent address after file modifications.       */
+ /*
+-07-25 Dobrica Pavlinusic <dpavlin@rot13.org>
+         nuked exec calls (unsecure)
+         nuked writeable function (replaced by php is_writeable)
+         added support for https (tested with apache+mod_ssl)
+         added users file
+         date format user-selectable
+         cycle backup files in bak directory
+         support links as directoryes (for now)
+         support of file history logging
+         undelete capabilities (delete moves to .del directory)
+-07-26 DbP
+         added more checking on entered filename (when creating file/dir)
+         added rename option
+ IMPORTANT INSTALLATION NOTE:
+         deny serving of .* (dot-something) files in web server!
+         Otherwise, uses can access your log files, users and/or
+         deleted files!
+         .htusers is in form:
+         login:Real Name:md5(loginpassword)
+ TODO:
+         mixed file/directory output (add type to each entry,
+                 real support for links)
+         add more content-management (like cms.sourceforge.net):
+                 check-out/check-in/reserve
+                 comments to files
+ */
  //////////////////////////////////////////////////////////////////
  // TODO : Don't let the file be modified itself. Create a hash of
-Line 51
+Line 87
          // username/password should not be system
          // usernames/passwords !!
-         // your (hashed) username/password here
+ //      $gblPw    = "hash_of_your_username_and_password" ;
-         $gblPw    = "hash_of_your_username_and_password" ;
+ //      $gblAuth  = false ;             // use builtin authentication
-         $gblAuth  = false ;             // use builtin authentication
+         $gblAuth  = true ;             // use builtin authentication
          $gblHash  = "md5" ;             // hash function to use
+         $gblPw    = "";
+         if ($gblAuth) {
+                 $htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
+                 if (! file_exists($htusers_file)) {
+                         $htusers=fopen($htusers_file,"a+");
+                         fputs($htusers,"# Change owner of $htusers_file to root !!\n");
+                         fputs($htusers,"demo:full name:md5_hash\n");
+                         fclose($htusers);
+                 }
+                 $htusers=fopen($htusers_file,"r");
+                 while($user = fgetcsv($htusers,255,":")) {
+                         if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
+                                 $gblUserName=$user[1];
+                                 $gblPw=$user[2];
+                                 continue ;
+                         }
+                 }
+                 fclose($htusers);
+         }
+ //      $gblDateFmt="D, F d, Y";
+ //      $gblTimeFmt="g:i:sA";
+         $gblDateFmt="Y-m-d";
+         $gblTimeFmt="H:i:s";
+ // Number of backup files to keep
+         $gblNumBackups=5;
          // choose GifIcon below unless you have the M$
          // WingDings font installed on your system
-Line 65
+Line 131
          // the directory below should be /icons/ or /icons/small/
          // on Apache; a set of icons is included in the distribution
-         $gblIconLocation = "icons/" ;
+         $gblIconLocation = "/icons/" ;
          // files you want to be able to edit in text mode
          // and view with (primitive) syntax highlighting
-Line 91 
 function StartHTML($title,$text="") {
+Line 157 
 function StartHTML($title,$text="") {
  <HTML>
  <HEAD>
-  <TITLE><?php echo $host . " " . $title ?></TITLE>
+  <TITLE><?= $host . " " . $title ?></TITLE>
   <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
   <META NAME="keywords" CONTENT="site manager, web site maintenance">
   <META NAME="robots" CONTENT="noindex">
   <META HTTP-EQUIV="expires" CONTENT="0">
   <LINK REL="stylesheet" TYPE="text/css"
-         HREF="<?php echo $self ?>?STYLE=get">
+         HREF="<?= $self ?>?STYLE=get">
  </HEAD>
  <BODY BGCOLOR="#FFFFFF">
-  <H3 ALIGN="RIGHT"><?php echo $host ?></H3>
+  <H3 ALIGN="RIGHT"><?= $host ?></H3>
  <TABLE BORDER=0 WIDTH="100%"><TR>
-  <TD CLASS=INV><?php echo $title ?></TD></TR></TABLE>
+  <TD CLASS=INV><?= $title ?></TD></TR></TABLE>
-  <P><?php echo $text ?></P>
+  <P><?= $text ?></P>
  <?php
  } // end function StartHTML
-Line 115 
 function EndHTML() {
+Line 181 
 function EndHTML() {
  <HR>
  <P CLASS=FTR>
- <B><?php echo date("D, F d, Y") ?> -
+ <B><?= date($GLOBALS[gblDateFmt]) ?> -
- <?php echo date("g:i:sA") ?></B><BR>ANYPORTAL(php) Site Manager
+ <?= date($GLOBALS[gblTimeFmt]) ?> -
- - &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>
+ <?= $GLOBALS[gblUserName] ?>
- - &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>
+ <small> [<a href="<?= $PHP_SELF ?>?relogin=<?= $GLOBALS[gblPw] ?>">logout</a>]</small>
+ </B>
+ <BR>ANYPORTAL(php) Site Manager
+ <br><small>
+ &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
+ &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
+ &copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
+ </small>
  </P>
- <BR><BR><BR></BODY></HTML>
+ <BR>
+ <? include(".debug.inc") ?>
+ <BR><BR></BODY></HTML>
  <?php
  } // end function EndHTML
-Line 130 
 function EndHTML() {
+Line 205 
 function EndHTML() {
  function CSS() {
  ?>
- BODY,TD,P,H1,H2,H3 { font-family:Helvetica,Arial,sans-serif; }
+ BODY,TD,P,H1,H2,H3 { font-family:Verdana,Helvetica,Arial,sans-serif; }
  .BLK { color:black; }
  .RED { color:red; }
  .TOP { color:red; font-size:70%; } /* table headings */
-Line 164 
 function DetailPage($fsRoot,$relDir,$fn)
+Line 239 
 function DetailPage($fsRoot,$relDir,$fn)
          $exists   = file_exists($fsPath) ;
          $ext      = strtolower(strrchr($relPath,".")) ;
          $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
-         $writable = Writeable($fsPath) ;
+         $writable = is_writeable($fsPath) ;
          if (!$editable && !$exists)
                  Error("Creation unsupported for type",$relPath) ;
-         if (!exists && !Writeable($fsDir) )
+         if (!exists && !is_writeable($fsDir) )
                  Error("Creation denied",$relDir) ;
          $text  = "Use this page to view, modify or " ;
-Line 179 
 function DetailPage($fsRoot,$relDir,$fn)
+Line 254 
 function DetailPage($fsRoot,$relDir,$fn)
          echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
          if ($exists) {  // get file info
-           $fsize = filesize($fsPath) ;
+                 $fsize = filesize($fsPath) ;
-           $fmodified = date("d/M/y G:i:s", filemtime($fsPath)) ;
+                 $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
-           $faccessed = date("d/M/y G:i:s", fileatime($fsPath)) ;
+                 $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
-           echo "<PRE>    file size: " . $fsize . " Bytes<BR>" ;
+                 echo "<PRE>    file size: " . $fsize . " Bytes<BR>" ;
-           echo "last modified: <B>" . $fmodified . "</B><BR>" ;
+                 echo "last modified: <B>" . $fmodified . "</B><BR>" ;
-           echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
+                 echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
-           echo "        owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
+                 echo "        owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
-           echo "        group: <B>" . filegroup($fsPath) . "</B><BR>" ;
+                 echo "        group: <B>" . filegroup($fsPath) . "</B><BR>" ;
-           echo "  permissions: <B>" ;
+                 echo "  permissions: <B>" ;
-           echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
+                 echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
-           echo "</PRE>" ;
+                 echo "</PRE>" ;
          }
          if ( $editable && ($writable || !$exists) ) {
-Line 200 
 function DetailPage($fsRoot,$relDir,$fn)
+Line 276 
 function DetailPage($fsRoot,$relDir,$fn)
                  $fstr = htmlentities( $fstr ) ;
  ?>
- <FORM ACTION="<?php echo $self ; ?>" METHOD="POST">
+ <FORM ACTION="<?= $self ; ?>" METHOD="POST">
  <SPAN TITLE="Click [SAVE] to store updated contents.">
          <B>DOCUMENT CONTENTS</B>
  </SPAN><BR>
  <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
  echo($fstr) ; ?></TEXTAREA>
- <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ; ?>">
+ <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
- <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?php echo $fn ; ?>">
+ <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
  <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
- <INPUT TYPE="TEXT" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
+ <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
-         VALUE="<?php echo $relPath ; ?>">
+         VALUE="<?= $relPath ; ?>">
- <INPUT TYPE="RESET" VALUE="RESET">
+ <br>
+ <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
  <INPUT TYPE="SUBMIT" VALUE="SAVE">
  </FORM>
-Line 226 
 echo($fstr) ; ?></TEXTAREA>
+Line 303 
 echo($fstr) ; ?></TEXTAREA>
          }
  ?>
- <FORM ACTION="<?php echo $self ; ?>" METHOD="POST">
+ <FORM ACTION="<?= $self ; ?>" METHOD="POST">
- <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ; ?>">
+ <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
- <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?php echo $fn ; ?>">
+ <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
  <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
  <?php
+         if (substr($fn,0,4) == ".del") {
+                 $action="UNDELETE";
+                 $desc="undelete previously deleted file";
+         } else {
+                 $action="DELETE";
+                 $desc="delete";
+         }
          if ($exists && $writable) {
  ?>
- <HR><SPAN TITLE="Check OK and click [DELETE] to delete.">
+ <HR>
- <B>OK TO DELETE "<?php echo $fn ; ?>"? </B></SPAN>
+ <a name="undelete">
+ <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
+ <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
  <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
- <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
+ <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
+ <HR>
+ <a name="rename">
+ <SPAN TITLE="Check OK and click [RENAME] to rename.">
+ <B>OK TO RENAME "<?= $fn ; ?>" TO
+ <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
+ ? </B></SPAN>
+ <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
+ <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
  <?php
+         }       // exists && writable
+ ?>
+ <HR>
+ <a name="note">
+ <B>NOTE FOR "<?= $fn ; ?>":
+ <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
+ </B></SPAN>
+ <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
+ </FORM>
+ <?php
+         $logname=dirname("$fsDir/$fn")."/.log/".basename("$fsDir/$fn");
+         if (file_exists($logname)) {
+                 print "<hr><br><b>CHANGES TO THIS FILE</b><br><table border=0 width=100%>\n";
+                 $log=fopen($logname,"r");
+                 $cl1=" class=lst"; $cl2="";
+                 while($line = fgetcsv($log,255,"\t")) {
+                         $cl=$cl1; $cl1=$cl2; $cl2=$cl;
+                         print "<tr><td$cl>$line[0]</td><td$cl>$line[1]</td><td$cl>$line[2]</td><td$cl>$line[3]</td></tr>\n";
+                 }
+                 fclose($log);
+                 print "</table>";
          }
-         echo "</FORM>" ;
          EndHTML() ;
  } // end function DetailPage
-Line 472 
 function GifIcon($txt) {
+Line 593 
 function GifIcon($txt) {
          case "blank" :
                  $d = "blank.gif" ;
                  break ;
+         case "checkout":
+                 $d = "down.gif";
+                 break;
+         case "checkin":
+                 $d = "up.gif";
+                 break;
+         case "note":
+                 $d = "quill.gif";
+                 break;
          default :
                  $d = "generic.gif" ;
          }
-Line 486 
 function Navigate($fsRoot,$relDir) {
+Line 616 
 function Navigate($fsRoot,$relDir) {
          global $gblEditable, $gblIcon ;
          $self     = $GLOBALS["PHP_SELF"] ;
-         $webRoot  = "http://" . $GLOBALS["SERVER_NAME"] ;
+         if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
+                 $webRoot  = "https://" . $GLOBALS["SERVER_NAME"] ;
+         } else {
+                 $webRoot  = "http://" . $GLOBALS["SERVER_NAME"] ;
+         }
          $fsDir    = $fsRoot . $relDir . "/" ; // current directory
          if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
-Line 495 
 function Navigate($fsRoot,$relDir) {
+Line 629 
 function Navigate($fsRoot,$relDir) {
          if ( !($dir = @opendir($fsDir)) )
                  Error("Read Access denied",$relDir) ;
          while ($item = readdir($dir)) {
-                 if ( $item == ".." || $item == "." ) continue ;
+                 if ( $item == ".." || $item == "." || substr($item,0,1) == "." ) continue ;
                  if ( is_dir($fsDir . $item) ) {
                          $dirList[] = $item ;
-                 }
+                 } else if ( is_file($fsDir . $item) ) {
-                 else if ( is_file($fsDir . $item) ) {
                          $fileList[] = $item ;
-                 }
+                 } else if ( is_link($fsDir . $item) ) {
-                 else {
+                         $dirList[] = $item ;
+                 } else {
                    // unknown file type
                    // $text = "Could not determine file type of " ;
                    // Error("File Error", $text.$relDir."/".$item) ;
-Line 510 
 function Navigate($fsRoot,$relDir) {
+Line 644 
 function Navigate($fsRoot,$relDir) {
                  }
          }
          closedir($dir) ;
+         // scan deleted files
+         if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
+                 while ($item = readdir($dir)) {
+                         if ( substr($item,0,1) == "." ) continue ;
+                         $fileList[] = ".del/$item" ;
+                 }
+                 closedir($dir) ;
+         }
          $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
          // start navigation page
-         $text  = "Use this page to add, delete or " ;
+         $text  = "Use this page to add, delete";
-         $text .= "revise files on this web site." ;
+         if (! isset($show_deleted)) {
+                 $text .= ", <a href=".$GLOBALS[PHP_SELF]."?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
+         }
+         $text .= " or revise files on this web site." ;
          StartHTML("(Navigate)",$text) ;
          echo "<TABLE BORDER=0 CELLPADDING=2
-Line 527 
 function Navigate($fsRoot,$relDir) {
+Line 673 
 function Navigate($fsRoot,$relDir) {
                  if ($parent == "") $parent = "/" ;
  ?>
- <TR><TD><?php echo $gblIcon("up") ?></TD><TD COLSPAN=4 CLASS=LST>
+ <TR><TD><?= $gblIcon("up") ?></TD><TD COLSPAN=5 CLASS=LST>
- <A HREF="<?php echo $self ?>?D=<?php echo urlencode($parent) ?>">
+ <A HREF="<?= $self ?>?D=<?= urlencode($parent) ?>">
- <B><?php echo $parent ?></B></A></TD></TR>
+ <B><?= $parent ?></B></A></TD></TR>
  <?php
          }
-Line 539 
 function Navigate($fsRoot,$relDir) {
+Line 685 
 function Navigate($fsRoot,$relDir) {
                  sort($dirList) ;
  ?>
- <TR><TD></TD><TD COLSPAN=4 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
+ <TR><TD></TD><TD COLSPAN=5 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
  <?php
                  while (list($key,$dir) = each($dirList)) {
-Line 549 
 function Navigate($fsRoot,$relDir) {
+Line 695 
 function Navigate($fsRoot,$relDir) {
                          $tstr .= "\">" . $dir . "/</A>" ;
  ?>
- <TR><TD><?php echo $gblIcon("fldr") ?></TD>
+ <TR><TD><?= $gblIcon("fldr") ?></TD>
- <TD COLSPAN=4 CLASS=LST><?php echo $tstr ?></TD></TR>
+ <TD COLSPAN=5 CLASS=LST><?= $tstr ?></TD></TR>
  <?php
                  }  // iterate over dirs
          }  // end if no dirs
  ?>
- <TR><TD></TD><TD COLSPAN=4><HR><B><?php echo $webRoot . $relDir ?>
+ <TR><TD></TD><TD COLSPAN=5><HR><B><?= $webRoot . $relDir ?>
  </B></TD></TR>
  <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
- <TD><?php echo $gblIcon("blank") ?></TD>
+ <TD><?= $gblIcon("blank") ?></TD>
+ <TD CLASS=TOP>NOTE</TD>
  <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
  <?php
          if (sizeof($fileList) > 0) {
            sort($fileList) ;
            while (list($key,$file) = each($fileList)) {
-             $path = $fsDir."/".$file ;
+                 $path = $fsDir."/".$file ;
-             $mod  = filemtime($path) ;
+                 $mod  = filemtime($path) ;
-             $sz   = filesize($path) ;
+                 $sz   = filesize($path) ;
-             if ($sz >= 10240) {
+                 if ($sz >= 10240) {
-               $sz = (int)(($sz+1023)/1024) . " k" ;
+                         $sz = (int)(($sz+1023)/1024) . " k" ;
-             }
+                 } else {
-             else {
+                         $sz .= " " ;
-               $sz .= " " ;
+                 } // end size
-             } // end size
+                 $a = $b = "" ;
-             $a = $b = "" ;
+                 $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
-             if ( ($mod + 30*86400) > time() ) {
-               $a  = "<SPAN CLASS=RED TITLE=\"Newer" ;
+                 if ( ($mod + 30*86400) > time() ) {
-               $a .= " than 30 days\"> * </SPAN>" ;
+                         $a  = "<SPAN CLASS=RED TITLE=\"Newer" ;
-             }
+                         $a .= " than 30 days\"> * </SPAN>" ;
+                 }
-             $tstr = $webRoot . $relDir . "/" . $file ;
-             $tstr  = "<A HREF=\"" . $tstr . "\">" ;
+                 $tstr = $webRoot . $relDir . "/" . $file ;
-             $tstr .= $file . "</A>" . $a ;
+                 $tstr  = "<A HREF=\"" . $tstr . "\">" ;
-             $ext = strtolower(strrchr($file,".")) ;
+                 if (substr($file,0,5) != ".del/") {
-             if ( $ext=="" ||
+                         $tstr .= $file . "</A>" . $a ;
-                  strstr(join(" ",$gblEditable),$ext) )
+                 } else {
-             {
+                         $tstr .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
-               $b  = "<A HREF=\"" . $self . "?A=C&F=" ;
+                 }
-               $b .= urlencode($file) . "&D=" . urlencode($relDir) ;
-               $b .= "\" TITLE=\"List contents\">" ;
+ //              $b = $gblIcon("checkout");
-               $b .= $gblIcon("view") . "</A>" ;
+ //              $b .= $gblIcon("checkin");
-             }
+                 $ext = strtolower(strrchr($file,".")) ;
+                 if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
+                         $b .= "<A HREF=\"" . $self . "?A=C&F=" ;
+                         $b .= urlencode($file) . "&D=" . urlencode($relDir) ;
+                         $b .= "\" TITLE=\"List contents\">" ;
+                         $b .= $gblIcon("view") . "</A>" ;
+                 } else {
+                         $b .= $gblIcon("blank");
+                 }
  ?>
  <TR><TD>
- <A HREF="<?php echo $self ?>?A=E&F=<?php echo urlencode($file)
+ <A HREF="<?= $info_url ?>" TITLE="View/Edit">
- ?>&D=<?php echo urlencode($relDir) ?>" TITLE="View/Edit">
+ <?= $gblIcon($ext) ?></A></TD>
- <?php echo $gblIcon($ext) ?></A></TD>
+ <TD CLASS=LST><?= $tstr ?></TD>
- <TD CLASS=LST><?php echo $tstr ?></TD>
+ <TD CLASS=LST ALIGN=center><?= $b ?></TD>
- <TD CLASS=LST ALIGN=center><?php echo $b ?></TD>
+ <TD CLASS=LST ALIGN=left><a href="<?= $info_url ?>#note"><?= $gblIcon("note") ?></a><?= ReadNote($path) ?></TD>
- <TD CLASS=LST><?php echo date("d/M/y G:i:s",$mod) ?></TD>
+ <TD CLASS=LST><?= date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod) ?></TD>
- <TD CLASS=LST><?php echo $sz ?>Bytes</TD></TR>
+ <TD CLASS=LST><?= $sz ?>Bytes</TD></TR>
  <?php
            }  // iterate over files
-Line 617 
 function Navigate($fsRoot,$relDir) {
+Line 774 
 function Navigate($fsRoot,$relDir) {
          if ($emptyDir) {
  ?>
- <FORM METHOD="POST" ACTION="<?php echo $self ?>">
+ <FORM METHOD="POST" ACTION="<?= $self ?>">
-  <TR><TD></TD><TD COLSPAN=4 CLASS=BAR>
+  <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
-   <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
+   <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
    OK TO DELETE THIS EMPTY FOLDER?
    <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
    <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
-Line 630 
 function Navigate($fsRoot,$relDir) {
+Line 787 
 function Navigate($fsRoot,$relDir) {
          } // end if emptyDir
  ?>
- <TR><TD></TD><TD COLSPAN=4><HR></TD></TR>
+ <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
- <FORM METHOD="POST" ACTION="<?php echo $self ?>">
+ <FORM METHOD="POST" ACTION="<?= $self ?>">
- <TR><TD></TD><TD COLSPAN=4 CLASS=BAR>CREATE NEW
+ <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
   <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
   <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
   <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
   <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
-  <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
+  <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
   <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
-  <NOBR>OR <A HREF="<?php echo $self
+  <NOBR>OR <A HREF="<?= $self
-         ?>?A=U&D=<?php echo urlencode($relDir) ?>">UPLOAD</A> A FILE
+         ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE
   </NOBR>
  </TD></TR>
  </FORM>
-Line 661 
 function UploadPage($fsRoot, $relDir) {
+Line 818 
 function UploadPage($fsRoot, $relDir) {
  <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
  <FORM ENCTYPE="multipart/form-data" METHOD="POST"
-  ACTION="<?php echo $self ?>">
+  ACTION="<?= $self ?>">
- DESTINATION DIRECTORY:<B><?php echo " " . $relDir ?></B>
+ DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
  <P>PATHNAME OF LOCAL FILE<BR>
- <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
+ <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
  <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
  <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
  <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
  <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
  you must upgrade to an RFC1867-compliant browser.</P>
- <P>Your browser:<BR><?php echo $GLOBALS["HTTP_USER_AGENT"] ?></P>
+ <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
  </FORM>
  </TD></TR>
  <TR><TD></TD><TD>
- <FORM METHOD="POST" ACTION="<?php echo $self ?>">
+ <FORM METHOD="POST" ACTION="<?= $self ?>">
- <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>"><BR>
+ <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
  <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
  </FORM>
  </TD></TR></TABLE></P>
-Line 694 
 function Error($title,$text="") {
+Line 851 
 function Error($title,$text="") {
  //////////////////////////////////////////////////////////////////
- function Writeable($path) {
-         // fix by -mat- filid brandy, brandy@ecrc.de, 07/JUL/99
-         clearstatcache ;
-         $perms = @fileperms($path) ;
-         $owner = @fileowner($path) ;
-         exec("id",$id) ;
-         eregi( "^uid=([0-9]*)",$id[0], $regs) ;
-         $apacheuid = $regs[1] ;
-         $perms = 0777 & $perms ;
-         if ( $apacheuid != $owner ) {
-                 return (06 == (06 & $perms)) ?  1 : 0 ;
-         }
-         else {
-                 return (0600 == (0600 & $perms)) ? 1 : 0 ;
-         }
- } // end function Writable
- //////////////////////////////////////////////////////////////////
  function CreateHash($user, $pw) {
          global $gblHash ;  // hash function to use
-Line 749 
 function NoEntry() {
+Line 885 
 function NoEntry() {
          StartHTML($title,$text) ;
  ?>
- <FORM ACTION="<?php echo $self ?>?HASH=create" METHOD="POST">
+ <FORM ACTION="<?= $self ?>?HASH=create" METHOD="POST">
- <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?php echo $user ?>">
+ <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?= $user ?>">
- <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?php echo $pw ?>">
+ <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?= $pw ?>">
  <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
  Click below to <B>generate a password hash</B><BR>from
-Line 767 
 the source<BR>of this file.<BR><BR>
+Line 903 
 the source<BR>of this file.<BR><BR>
  //////////////////////////////////////////////////////////////////
+ function Logit($target,$msg) {
+         $dir=dirname($target);
+         if (! file_exists($dir."/.log")) {
+                 mkdir($dir."/.log",0700);
+         }
+         $file=basename($target);
+         $log=fopen("$dir/.log/$file","a+");
+         fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
+                 "\t$GLOBALS[gblUserName]\t$msg\n");
+         fclose($log);
+ }
+ //////////////////////////////////////////////////////////////////
+ function WriteNote($target,$msg) {
+         $dir=dirname($target);
+         if (! file_exists($dir."/.note")) {
+                 mkdir($dir."/.note",0700);
+         }
+         $file=basename($target);
+         $note=fopen("$dir/.note/$file","w");
+         fputs($note,"$msg\n");
+         fclose($note);
+         Logit($target,"added note $msg");
+ }
+ function ReadNote($target) {
+         $dir=dirname($target);
+         $file=basename($target);
+         $msg="";
+         if (file_exists($dir."/.note/$file")) {
+                 $note=fopen("$dir/.note/$file","r");
+                 $msg=fgets($note,4096);
+                 fclose($note);
+         }
+         return $msg;
+ }
+ //////////////////////////////////////////////////////////////////
+ function MoveTo($source,$folder) {
+         $file=basename($source);
+         if (! file_exists($folder)) {
+                 mkdir($folder,0700);
+         }
+         if (file_exists($source)) {
+                 rename($source,"$folder/$file");
+         }
+ }
+ //////////////////////////////////////////////////////////////////
  // MAIN PROGRAM
  // ============
  // query parameters: capital letters
  // local functions : begin with capital letters
  // global constants: begin with gbl
-         $gblFilePerms = "644" ;         // default for new files
+         $gblFilePerms = 0640 ;         // default for new files
-         $gblDirPerms  = 0755 ;          // default for new dirs
+         $gblDirPerms  = 0750 ;          // default for new dirs
          // phpinfo() ;
          // exit ;
-Line 788 
 the source<BR>of this file.<BR><BR>
+Line 987 
 the source<BR>of this file.<BR><BR>
          }
          // authentication if $gblAuth == true
-         if ( $gblAuth &&
+         if ( $gblAuth && $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
-              $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ) {
+                 isset($relogin) && $gblPw == $relogin ) {
                  header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
                  header("HTTP/1.0 401 Unauthorized") ;
                  NoEntry() ;
-Line 827 
 the source<BR>of this file.<BR><BR>
+Line 1026 
 the source<BR>of this file.<BR><BR>
          switch ($POSTACTION) {
          case "UPLOAD" :
-                 if (!Writeable($fsDir)) Error("Write denied",$relDir) ;
+                 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
                  if (strstr($FN_name,"/"))
                          Error("Non-conforming filename") ;
                  // TODO : should rather check for escapeshellcmds
                  // but maybe RFC 18xx asserts safe filenames ....
                  $source = $FN ;
                  $target = $fsDir . "/" . $FN_name ;
-                 exec("cp $source $target") ;
-                 exec("chmod $gblFilePerms $target") ;
+                 // backup old files first
+                 $dir=dirname($target);
+                 if (! file_exists($dir."/.bak")) {
+                         mkdir($dir."/.bak",0700);
+                 }
+                 if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
+                         mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
+                 }
+                 $file=basename($target);
+                 for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
+                         MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
+                 }
+                 MoveTo($target,$dir."/.bak/1/".$file);
+                 copy($source,$target) ;
+                 chmod($target,$gblFilePerms) ;
                  clearstatcache() ;
+                 Logit($target,"uploaded");
                  break ;
          case "SAVE" :
                  $path = $gblFsRoot . escapeshellcmd($RELPATH) ;
-                 $writable = Writeable($path) ;
+                 $writable = is_writeable($path) ;
-                 $legaldir = Writeable(dirname($path)) ;
+                 $legaldir = is_writeable(dirname($path)) ;
                  $exists   = (file_exists($path)) ? 1 : 0 ;
  // check for legal extension here as well
                  if (!($writable || (!$exists && $legaldir)))
-Line 851 
 the source<BR>of this file.<BR><BR>
+Line 1066 
 the source<BR>of this file.<BR><BR>
                  fwrite($fh,$FILEDATA) ;
                  fclose($fh) ;
                  clearstatcache() ;
+                 Logit($path,"saved changes");
                  break ;
          case "CREATE" :
                  // we know $fsDir exists
-                 if (!Writeable($fsDir)) Error("Write denied",$relDir) ;
+                 if ($FN == "") break;           // no filename!
+                 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
                  $path = $fsDir . "/" . $FN ;  // file or dir to create
                  $relPath = $relDir . "/" . $FN ;
                  switch ( $T ) {
-Line 868 
 the source<BR>of this file.<BR><BR>
+Line 1085 
 the source<BR>of this file.<BR><BR>
  // this functionality is doubled in DetailView().
  // better keep it here altogether
  // chmod perms to $gblFilePerms
-                   if ( file_exists($path) && !Writable($path) )
+                   if ( file_exists($path) && !is_writable($path) )
                      Error("File not writable", $relPath) ;
                    $tstr = $PHP_SELF . "?A=E&D=" . $relDir . "&F=" . $FN ;
                    header("Location: " . $tstr) ;
-Line 883 
 the source<BR>of this file.<BR><BR>
+Line 1100 
 the source<BR>of this file.<BR><BR>
                  $tstr .= "insufficient privileges: " ;
                  if ( $FN != "") {  // delete file
-                   $path =  $fsDir . "/" . $FN ;
+                         $path =  $fsDir . "/" . $FN ;
-                   if ( ! @unlink($path) ) {
-                     Error("File delete failed", $tstr . $path) ;
+                         $dir=dirname($path);
-                     exit ;
+                         $file=basename($path);
-                   }
+                         if (! file_exists("$dir/.del")) {
+                                 mkdir("$dir/.del",0700);
+                         }
+ //                      if ( ! @unlink($path) ) {
+                         if ( ! rename($path,"$dir/.del/$file") ) {
+                                 Error("File delete failed", $tstr . $path) ;
+                                 Logit($path,"file delete failed");
+                                 exit ;
+                         } else {
+                                 Logit($path,"file deleted");
+                                 if (! file_exists("$dir/.del/.log")) {
+                                         mkdir("$dir/.del/.log",0700);
+                                 }
+                                 MoveTo("$dir/.log/$file","$dir/.del/.log/");
+                                 MoveTo("$dir/.note/$file","$dir/.del/.note/");
+                         }
                  }
                  else {  // delete directory
                    if ( ! @rmdir($fsDir) ) {
-Line 899 
 the source<BR>of this file.<BR><BR>
+Line 1132 
 the source<BR>of this file.<BR><BR>
                  }
                  break ;
+         case "UNDELETE" :
+                 if ( $CONFIRM != "on" ) break ;
+                 if (substr($FN,0,4) != ".del") break ;
+                 $file=substr($FN,4,strlen($FN)-4);
+                 Logit("$fsDir/.del/$file","undeleted");
+                 MoveTo("$fsDir/.del/$file","$fsDir/");
+                 MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
+                 MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
+                 break ;
+         case "RENAME" :
+                 if ( $CONFIRM != "on" ) break ;
+                 Logit("$fsDir/$FN","renamed $FN to $NEWNAME");
+                 rename("$fsDir/$FN","$fsDir/$NEWNAME");
+                 rename("$fsDir/.log/$FN","$fsDir/.log/$NEWNAME");
+                 break ;
+         case "NOTE" :
+                 WriteNote("$fsDir/$FN","$NOTE");
+                 break ;
          default :
                  // user hit "CANCEL" or undefined action
          }
-Line 919 
 the source<BR>of this file.<BR><BR>
+Line 1178 
 the source<BR>of this file.<BR><BR>
          switch ($A) {
          case "U" :
                  // upload to $relDir
-                 if (!Writeable($gblFsRoot . $relDir))
+                 if (!is_writeable($gblFsRoot . $relDir))
                          Error("Write access denied",$relDir) ;
                  $text  = "Use this page to upload a single " ;
                  $text .= "file to <B>$SERVER_NAME</B>." ;
-Line 929 
 the source<BR>of this file.<BR><BR>
+Line 1188 
 the source<BR>of this file.<BR><BR>
                  exit ;
          case "E" :
                  // detail of $relDir/$F
-                 DetailPage($gblFsRoot, $relDir, $F) ;
+                 if (is_file("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
                  exit ;
          case "C" :
                  // listing of $relDir/$F

 Legend:



Removed from v.1.1.1.1
 


changed lines


 
Added in v.1.5
 Legend:



Removed from v.1.1.1.1
 


changed lines


 
Added in v.1.5
-Removed from v.1.1.1.1
+Added in v.1.5

	ViewVC Help
Powered by ViewVC 1.1.26