/[docman2]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.15 - (hide annotations)
Sun Jul 28 13:08:21 2002 UTC (21 years, 8 months ago) by dpavlin
Branch: MAIN
Changes since 1.14: +6 -7 lines 
fixed relogin, more strict including for A=I
1 dpavlin 1.1 <?php
2    
3     /*
4     * Document Manager ][
5     *
6     * Dobrica Pavlinusic <dpavlin@rot13.org>
7     *
8     * License: GPL2
9     *
10     * Document Manager 1.x was based on
11     * Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com
12     * PHP version Copyright 2000 by Stefan@Wiesendanger.org
13     *
14     * For more info, please see web pages at
15     * http://www.rot13.org/~dpavlin/docman.html
16     *
17     */
18    
19    
20     //////////////////////////////////////////////////////////////////
21     // CONFIGURATION OPTIONS
22    
23     // error_reporting(4) ; // how verbose ?
24    
25     // from where to include auth_*.php modules?
26     $gblIncDir = "/data/docman2";
27    
28 dpavlin 1.5 // force download on view (so it won't open in associated application)
29     $gblForceDownload = 0;
30 dpavlin 1.1
31     // date format
32     $gblDateFmt="Y-m-d";
33     // $gblDateFmt="D, F d, Y";
34    
35     // time format
36     $gblTimeFmt="H:i:s";
37     // $gblTimeFmt="g:i:sA";
38    
39     // Number of backup files to keep
40     $gblNumBackups=3;
41    
42     // show red star if newer than ... days
43     $gblModDays=1;
44    
45     // choose GifIcon below unless you have the M$
46     // WingDings font installed on your system
47    
48     $gblIcon="GifIcon"; // MockIcon or GifIcon
49    
50     // the directory below should be /icons/ or /icons/small/
51     // on Apache; a set of icons is included in the distribution
52    
53     $gblIconLocation="/icons/";
54    
55     // files you want to be able to edit in text mode
56     // and view with (primitive) syntax highlighting
57    
58     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
59     ".cfm",".php3",".php",".phtml",
60     ".shtml",".css" ) ;
61    
62     // files that will display as images on the detail page
63     // (useless if your browser doesn't support them)
64    
65     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
66     ".bmp",".xbm") ;
67    
68     // which files to hide (separated by ,)
69     $gblHide = "";
70    
71     // Where are users? (by default in .htusers file)
72     $gblUsers = "file";
73    
74     //////////////////////////////////////////////////////////////////
75    
76     $gblTitle = "Document Manager";
77     $gblVersion = "2.0-pre1";
78    
79     $secHash = "";
80    
81     // location of html files
82     $html = $gblIncDir."/html";
83    
84     LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]);
85    
86     // for security and configuration
87 dpavlin 1.4 $realm=$HTTP_SERVER_VARS[HTTP_HOST];
88 dpavlin 1.1
89     $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]);
90 dpavlin 1.3 if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set <tt>\$fsDocumentRoot</tt> in <tt>\$</tt>",1);
91 dpavlin 1.1
92     // globals for later
93 dpavlin 1.4 $gblLogin = $HTTP_SERVER_VARS[PHP_AUTH_USER];
94     $gblPasswd = $HTTP_SERVER_VARS[PHP_AUTH_PW];
95 dpavlin 1.1
96     //////////////////////////////////////////////////////////////////
97    
98     function LoadLanguage($lang) {
99    
100     global $gblIncDir,$html;
101    
102     if (file_exists($gblIncDir."/lang/$lang.php")) {
103     include($gblIncDir."/lang/$lang.php");
104     $html .= "-$lang";
105     } else {
106     include($gblIncDir."/lang/default.php");
107     }
108     }
109    
110     function StartHTML($title,$text="") {
111    
112 dpavlin 1.4 global $html,$fsDocumentRoot,$HTTP_SERVER_VARS;
113 dpavlin 1.1
114     $title = $gblTitle." ".$title ;
115 dpavlin 1.4 $host = $HTTP_SERVER_VARS["HTTP_HOST"] ;
116     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
117 dpavlin 1.1
118     if (file_exists("$fsDocumentRoot/docman.css")) {
119     $css=dirname($self)."/docman.css";
120     } else {
121 dpavlin 1.11 $css=$self."?STYLE=get";
122 dpavlin 1.1 }
123    
124     include("$html/head.html");
125     }
126    
127     //////////////////////////////////////////////////////////////////
128    
129     function EndHTML() {
130    
131     global $gblDateFmt, $gblTimeFmt, $gblUserName, $PHP_SELF,
132     $secHash, $gblVersion, $html,
133     $gblLogin,$gblPasswd;
134    
135     $url = $PHP_SELF."?relogin=";
136     if (isset($secHash) && $secHash != "") {
137     $url .= $secHash;
138     } else {
139     $url .= md5($gblLogin.$gblPasswd);
140     }
141     if (isset($gblLogin) && $gblLogin != "" && ($gblPasswd == "" || !isset($gblPasswd))) {
142     $url_title="login";
143     $url .= "&force_login=1";
144     } else {
145     $url_title="relogin";
146     }
147     include("$html/footer.html");
148 dpavlin 1.13
149     global $debug;
150     if ($debug) print $debug;
151 dpavlin 1.1 } // end function EndHTML
152    
153     //////////////////////////////////////////////////////////////////
154    
155     function DetailPage($fsRoot,$relDir,$fn) {
156    
157 dpavlin 1.4 global $gblEditable, $gblImages, $webRoot, $html, $HTTP_SERVER_VARS ;
158     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
159 dpavlin 1.1
160     $relPath = $relDir . "/" . $fn ;
161     $fsPath = $fsRoot . $relPath ;
162     $fsDir = $fsRoot . $relDir ;
163    
164     $exists = file_exists($fsPath) ;
165     $ext = strtolower(strrchr($relPath,".")) ;
166 dpavlin 1.13 $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) &&
167     check_perm($relPath,trperm_w);
168     $writable = is_writeable($fsPath) && check_perm($relPath,trperm_w) ;
169     $writable_dir = is_writeable($fsDir) && check_perm($relDir,trperm_w) ;
170 dpavlin 1.1 $file_lock = CheckLock($fsPath);
171    
172     if (!$editable && !$exists)
173 dpavlin 1.13 Error("Creation denied","Can't create <tt>$relPath</tt>") ;
174     if (!$exists && !$writable_dir )
175     Error("Creation denied","Can't write in directory <tt>$relDir</tt> while creating <tt>$relPath</tt>for which user has permissions.",1);
176 dpavlin 1.1
177     $text = _("Use this page to view, modify or ") ;
178     if (is_dir($fsPath)) {
179     $text .=_("delete a directory on this ") ;
180     } else {
181     $text .= _("delete a single document on this ") ;
182     };
183     $text .= _("web site.") ;
184     $title = "("._("Detail Page").")" ;
185     StartHTML($title, $text) ;
186    
187     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
188     if ($exists) { // get file info
189     $fsize = filesize($fsPath) ;
190     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
191     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
192     $fuid=fileowner($fsPath);
193     $fgid=filegroup($fsPath);
194     $userinfo = posix_getpwuid($fuid);
195     $grpinfo = posix_getgrgid($fgid);
196    
197     include("$html/DetailPage-file.html");
198     }
199    
200     if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) {
201     $fh = fopen($fsPath,"a+") ;
202     rewind($fh) ;
203     $fstr = fread($fh,filesize($fsPath)) ;
204     fclose($fh) ;
205     $fstr = htmlentities( $fstr ) ;
206     ?>
207    
208 dpavlin 1.13 <FORM ACTION="<?= $self ?>" METHOD="POST">
209 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
210     <B>DOCUMENT CONTENTS</B>
211     </SPAN><BR>
212     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
213     echo($fstr) ; ?></TEXTAREA>
214     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
215     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
216     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
217     <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
218     VALUE="<?= $relPath ; ?>">
219     <br>
220     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
221     <INPUT TYPE="SUBMIT" VALUE="SAVE">
222     </FORM>
223    
224     <?php
225     }
226     if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
227     $info = getimagesize($fsPath) ;
228     $tstr = "<IMG SRC=\"$webRoot".urlpath($relPath)."\" BORDER=0 " ;
229     $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
230     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
231     // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
232     echo $tstr ;
233     }
234    
235     ?>
236    
237     <FORM ACTION="<?= $self ; ?>" METHOD="POST">
238     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
239     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
240     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
241    
242     <?php
243    
244     if ($file_lock) {
245     ?>
246     <hr>
247     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
248     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
249     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
250     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
251     <?
252     } // file_lock
253    
254     if (substr($fn,0,4) == ".del") {
255     $action="UNDELETE";
256     $desc="undelete previously deleted file";
257     } else {
258     $action="DELETE";
259     $desc="delete";
260     }
261    
262     if ($exists && $writable) {
263     ?>
264    
265     <HR>
266     <a name="undelete">
267     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
268     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
269     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
270     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
271    
272     <HR>
273     <a name="rename">
274     <SPAN TITLE="Check OK and click [RENAME] to rename.">
275     <B>OK TO RENAME "<?= $fn ; ?>" TO
276     <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
277     ? </B></SPAN>
278     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
279     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
280    
281     <?php
282     } // exists && writable
283     ?>
284     <HR>
285     <a name="note">
286     <B>NOTE FOR "<?= $fn ; ?>":
287     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
288     </B></SPAN>
289     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
290    
291     </FORM>
292    
293     <?php
294    
295     $name=basename("$fsDir/$fn");
296     $logname=dirname("$fsDir/$fn")."/.log/$name";
297     $bakdir=dirname("$fsDir/$fn")."/.bak";
298     if (file_exists($logname)) {
299     $log=fopen($logname,"r");
300     $cl1=" class=LST"; $cl2="";
301     $logarr = array();
302     while($line = fgetcsv($log,512,"\t")) {
303     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
304     array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
305     }
306     fclose($log);
307     if (is_dir("$fsDir/$fn")) {
308     $whatis="DIRECTORY";
309     } else {
310     $whatis="FILE";
311     }
312     print "<hr><br><b>CHANGES TO THIS $whatis</b><br><table border=0 width=100%>\n";
313     $bakcount = 0; // start from 0, skip fist backup (it's current)
314     while ($e = array_shift($logarr)) {
315     if (strstr($e[4],"upload")) {
316     if (file_exists("$bakdir/$bakcount/$name")) {
317     $e[4]="<a href=\"$webRoot".urlpath(dirname($relPath)."/.bak/$bakcount/$name")."\">$e[4]</a>";
318     }
319     $bakcount++;
320     }
321     print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
322     }
323     print "</table>";
324     }
325    
326     EndHTML() ;
327    
328     } // end function DetailPage
329    
330     //////////////////////////////////////////////////////////////////
331    
332     function DisplayCode($fsRoot,$relDir,$fn) {
333    
334     $path = $fsRoot . $relDir . "/" . $fn ;
335    
336     if (!file_exists($path)) Error("File not found",$path) ;
337    
338     StartHTML("(".$relDir."/".$fn.")","");
339    
340     $tstr = join("",file($path)) ;
341     $tstr = htmlentities($tstr) ;
342    
343     // Tabs
344     $tstr = str_replace(chr(9)," ",$tstr) ;
345    
346     // ASP tags & XML/PHP tags
347     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
348     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
349     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
350     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
351    
352     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
353     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
354     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
355     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
356    
357     // C style comment
358     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
359     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
360    
361     // HTML comments
362     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
363     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
364    
365     echo "<PRE>" ;
366    
367     $tstr = split("\n",$tstr) ;
368     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
369     // add line numbers
370     echo "<BR><EM>" ;
371     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
372     $line = $tstr[$i] ;
373     // C++ style comments
374     $pos = strpos($line,"//") ;
375     // exceptions: two slashes aren't a script comment
376     if (strstr($line,"//") &&
377     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
378     ! (substr($line,$pos,8) == "//--&gt;") &&
379     ! (substr($line,$pos,9) == "// --&gt;")) {
380     $beg = substr($line,0,strpos($line,"//")) ;
381     $end = strstr($line,"//") ;
382     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
383     }
384     // shell & asp style comments
385     $first = substr(ltrim($line),0,1) ;
386     if ($first == "#" || $first == "'") {
387     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
388     }
389     print($line) ;
390     } // next i
391    
392     echo "</PRE>" ;
393    
394     EndHTML() ;
395    
396     } // end function DisplayCode
397    
398     //////////////////////////////////////////////////////////////////
399    
400     function MockIcon($txt) {
401     $tstr = "<SPAN CLASS=MCK>" ;
402    
403     switch (strtolower($txt)) {
404     case ".bmp" :
405     case ".gif" :
406     case ".jpg" :
407     case ".jpeg":
408     case ".tif" :
409     case ".tiff":
410     $d = 176 ;
411     break ;
412     case ".doc" :
413     $d = 50 ;
414     break ;
415     case ".exe" :
416     case ".bat" :
417     $d = 255 ;
418     break ;
419     case ".bas" :
420     case ".c" :
421     case ".cc" :
422     case ".src" :
423     $d = 255 ;
424     break ;
425     case "file" :
426     $d = 51 ;
427     break ;
428     case "fldr" :
429     $d = 48 ;
430     break ;
431     case ".htm" :
432     case ".html":
433     case ".asa" :
434     case ".asp" :
435     case ".cfm" :
436     case ".php3":
437     case ".php" :
438     case ".phtml" :
439     case ".shtml" :
440     $d = 182 ;
441     break ;
442     case ".pdf" :
443     $d = 38 ;
444     break;
445     case ".txt" :
446     case ".ini" :
447     $d = 52 ;
448     break ;
449     case ".xls" :
450     $d = 252 ;
451     break ;
452     case ".zip" :
453     case ".arc" :
454     case ".sit" :
455     case ".tar" :
456     case ".gz" :
457     case ".tgz" :
458     case ".Z" :
459     $d = 59 ;
460     break ;
461     case "view" :
462     $d = 52 ;
463     break ;
464     case "up" :
465     $d = 199 ;
466     break ;
467     case "blank" :
468     return "&nbsp;&nbsp;</SPAN>" ;
469     break ;
470     default :
471     $d = 51 ;
472     }
473    
474     return $tstr . chr($d) . "</SPAN>" ;
475     } // end function MockIcon
476    
477     //////////////////////////////////////////////////////////////////
478    
479     function GifIcon($txt) {
480     global $gblIconLocation ;
481    
482     switch (strtolower($txt)) {
483     case ".bmp" :
484     case ".gif" :
485     case ".jpg" :
486     case ".jpeg":
487     case ".tif" :
488     case ".tiff":
489     $d = "image2.gif" ;
490     break ;
491     case ".doc" :
492     $d = "layout.gif" ;
493     break ;
494     case ".exe" :
495     case ".bat" :
496     $d = "screw2.gif" ;
497     break ;
498     case ".bas" :
499     case ".c" :
500     case ".cc" :
501     case ".src" :
502     $d = "c.gif" ;
503     break ;
504     case "file" :
505     $d = "generic.gif" ;
506     break ;
507     case "fldr" :
508     $d = "dir.gif" ;
509     break ;
510     case ".phps" :
511     $d = "phps.gif" ;
512     break ;
513     case ".php3" :
514     $d = "php3.gif" ;
515     break ;
516     case ".htm" :
517     case ".html":
518     case ".asa" :
519     case ".asp" :
520     case ".cfm" :
521     case ".php3":
522     case ".php" :
523     case ".phtml" :
524     case ".shtml" :
525     $d = "world1.gif" ;
526     break ;
527     case ".pdf" :
528     $d = "pdf.gif" ;
529     break;
530     case ".txt" :
531     case ".ini" :
532     $d = "text.gif" ;
533     break ;
534     case ".xls" :
535     $d = "box2.gif" ;
536     break ;
537     case ".zip" :
538     case ".arc" :
539     case ".sit" :
540     case ".tar" :
541     case ".gz" :
542     case ".tgz" :
543     case ".Z" :
544     $d = "compressed.gif" ;
545     break ;
546     case "view" :
547     $d = "index.gif" ;
548     break ;
549     case "up" :
550     $d = "back.gif" ;
551     break ;
552     case "blank" :
553     $d = "blank.gif" ;
554     break ;
555     case "checkout":
556     $d = "box2.gif";
557     break;
558     case "checkin":
559     $d = "hand.up.gif";
560     break;
561     case "locked":
562     $d = "screw2.gif";
563     break;
564     case "note":
565     $d = "quill.gif";
566     break;
567     default :
568     $d = "generic.gif" ;
569     }
570    
571     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
572     } // end function GifIcon
573    
574     //////////////////////////////////////////////////////////////////
575    
576     function Navigate($fsRoot,$relDir) {
577    
578     global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide,
579 dpavlin 1.10 $gblIgnoreUnknownFileType, $gblRepositoryDir,
580 dpavlin 1.12 $fsRealmDir, $realm, $realm_sep,
581 dpavlin 1.4 $HTTP_GET_VARS, $html, $realm_config;
582 dpavlin 1.13
583 dpavlin 1.4 $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
584 dpavlin 1.1
585     if ($relDir == "") $relDir = "/";
586    
587     $fsDir = $fsRoot.$relDir."/"; // current directory
588    
589 dpavlin 1.13 if (!is_dir($fsDir)) Error("Dir not found",$relDir,1) ;
590 dpavlin 1.1
591     $hide_items=",$gblHide,";
592    
593     // read directory contents
594     if ( !($dir = @opendir($fsDir)) )
595 dpavlin 1.4 Error("Read Access denied",$relDir,1) ;
596 dpavlin 1.1 while ($item = readdir($dir)) {
597     if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
598 dpavlin 1.4 if (is_dir($fsDir.$item) || is_link ($fsDir.$item)) {
599     if (check_perm($relDir.$item,trperm_b)) {
600     $dirList[$item] = $item ;
601     $dirNote[$item] = ReadNote($fsDir.$item);
602     }
603     } else if (is_file($fsDir.$item)) {
604     if (check_perm($relDir.$item,trperm_r)) {
605     $fileList[$item] = $item ;
606     $fileDate[$item] = filemtime($fsDir.$item) ;
607     $fileSize[$item] = filesize($fsDir.$item) ;
608     $fileNote[$item] = ReadNote($fsDir.$item);
609     }
610 dpavlin 1.1 } else {
611 dpavlin 1.4 if (! $gblIgnoreUnknownFileType) Error("File Type Error", "Item <tt>".$fsDir.$item."</tt> is not file, directory or link. If you want to ignore errors like this, set <tt>\$gblIgnoreUnknownFileType = 1</tt> in <tt>$realm_config</tt>.",1);
612 dpavlin 1.1 }
613     }
614     closedir($dir) ;
615    
616     // scan deleted files
617 dpavlin 1.4 if ( $HTTP_GET_VARS["show_deleted"] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
618 dpavlin 1.1 while ($item = readdir($dir)) {
619     if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") || !check_perm($relDir.$item,trperm_w) ) continue ;
620     $fileList[$item] = ".del/$item" ;
621     $fileDate[$item] = filemtime($fsDir.".del/$path") ;
622     $fileSize[$item] = filesize($fsDir.".del/$path") ;
623     $fileNote[$item] = ReadNote($fsDir.".del/$item");
624     }
625     closedir($dir) ;
626     }
627    
628     $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
629    
630     // start navigation page
631     $text = "Use this page to add, delete";
632 dpavlin 1.4 if (! isset($HTTP_GET_VARS[show_deleted])) {
633 dpavlin 1.1 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
634     }
635     $text .= " or revise files on this web site." ;
636     $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
637     StartHTML("(Navigate)",$text) ;
638    
639     echo "<TABLE BORDER=0 CELLPADDING=2
640     CELLSPACING=3 WIDTH=\"100%\">" ;
641    
642 dpavlin 1.13 // updir (parent) bar
643 dpavlin 1.1 if (chopsl($fsDir) != chopsl($fsRoot)) {
644     $parent = dirname($relDir) ;
645     if ($parent == "") $parent = "/" ;
646    
647     include("$html/Navigate-parent.html");
648     }
649    
650     function plural($name,$count) {
651     $out="$count $name";
652     if ($count > 1) {
653     $out.="s";
654     }
655     return $out;
656     }
657    
658     $dsort = $HTTP_GET_VARS[dsort];
659     if (! isset($dsort)) $dsort = "name"; // default directory sort
660    
661     $dsort_arr = array(
662     "name" => array ("rname", "note"),
663     "rname" => array ("name", "note"),
664     "note" => array ("name", "rnote"),
665     "rnote" => array ("name", "note")
666     );
667    
668     $fsort = $HTTP_GET_VARS[fsort];
669     if (! isset($fsort)) $fsort = "name"; // default directory sort
670    
671     $fsort_arr = array(
672     "name" => array ("rname", "note", "date", "size"),
673     "rname" => array ("name", "note", "date", "size"),
674     "note" => array ("name", "rnote", "date", "size"),
675     "rnote" => array ("name", "note", "date", "size"),
676     "date" => array ("name", "note", "rdate", "size"),
677     "rdate" => array ("name", "note", "date", "size"),
678     "size" => array ("name", "note", "date", "rsize"),
679     "rsize" => array ("name", "note", "date", "size")
680     );
681    
682     $D="D=".urlencode($relDir);
683    
684     function self_args($arr = array()) {
685     $arg = implode("&",$arr);
686     if ($arg) {
687     return $self."?".$arg;
688     } else {
689     return $self;
690     }
691     }
692     // output subdirs
693     if (sizeof($dirList) > 0) {
694     switch ($dsort) {
695     case "note":
696     $items = $dirNote;
697     asort($items);
698     break;
699     case "rnote":
700     $items = $dirNote;
701     arsort($items);
702     break;
703     case "rname":
704     $items = $dirList;
705     krsort($items);
706     break;
707     default:
708     $items = $dirList;
709     ksort($items);
710     break;
711     }
712     $durl = self_args(array($D,"dsort=".$dsort_arr[$dsort][0]));
713     $nurl = self_args(array($D,"dsort=".$dsort_arr[$dsort][1]));
714    
715     include("$html/Navigate-dirHeader.html");
716    
717     while (list($key,$dir) = each($items)) {
718    
719     $dir = $dirList[$key];
720    
721 dpavlin 1.2 $info_url=self_args(array("A"=>"A=E", "F"=>"F=".urlencode($dir), "D"=>$D));
722 dpavlin 1.13 $dir_url=$self."?D=".urlencode(chopsl($relDir)."/".$dir);
723 dpavlin 1.1 include("$html/Navigate-dirEntry.html");
724    
725     } // iterate over dirs
726     } // end if no dirs
727    
728     $durl = self_args(array($D,"fsort=".$fsort_arr[$fsort][0]));
729     $nurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][1]));
730     $uurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][2]));
731     $surl = self_args(array($D,"fsort=".$fsort_arr[$fsort][3]));
732    
733     include("$html/Navigate-fileHeader.html");
734    
735     if (sizeof($fileList) > 0) {
736     switch ($fsort) {
737     case "note":
738     $items = $fileNote;
739     asort($items);
740     break;
741     case "rnote":
742     $items = $fileNote;
743     arsort($items);
744     break;
745     case "date":
746     $items = $fileDate;
747     asort($items);
748     break;
749     case "rdate":
750     $items = $fileDate;
751     arsort($items);
752     break;
753     case "size":
754     $items = $fileSize;
755     asort($items);
756     break;
757     case "rsize":
758     $items = $fileSize;
759     arsort($items);
760     break;
761     case "rname":
762     $items = $fileList;
763     krsort($items);
764     break;
765     default:
766     $items = $fileList;
767     ksort($items);
768     break;
769     }
770    
771     while (list($key,$file) = each($items)) {
772     $file = $fileList[$key];
773     $path = $fsDir."/".$file ;
774     $mod = $fileDate[$key];
775     $sz = $fileSize[$key];
776    
777     if ($sz >= 10240) {
778     $sz = (int)(($sz+1023)/1024) . " k" ;
779     } else {
780     $sz .= " " ;
781     } // end size
782    
783     $a = $b = "" ;
784    
785     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
786    
787     if ( ($mod + $gblModDays*86400) > time() ) {
788     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
789     $a .= " than $gblModDays days\"> * </SPAN>" ;
790     }
791    
792     $file_lock=CheckLock($path);
793    
794 dpavlin 1.4 $file_url_html="<A HREF=\"$self?A=V&D=".urlencode($relDir)."&F=".urlencode($file);
795 dpavlin 1.1 $file_url_html.="\" TITLE=\"View file\">" ;
796    
797     if (substr($file,0,5) != ".del/") {
798     $file_url_html .= $file . "</A>" . $a ;
799     } else {
800     $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
801     }
802    
803     $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
804    
805     $ext = strtolower(strrchr($file,".")) ;
806    
807     if ($file_lock) {
808     if ($file_lock == $GLOBALS[gblUserName]) {
809 dpavlin 1.4 $b.="<A HREF=\"$self?A=Ci&D=".urlencode($relDir)."&F=".urlencode($file);
810 dpavlin 1.1 $b.="\" TITLE=\"Checkin (update) file on server\">" ;
811     $file_url_html=$b;
812     $b.=$gblIcon("checkin")."</A>" ;
813     $b.= $gblIcon("blank");
814     $file_url_html.="$file</a> $a";
815     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
816     } else {
817     $b = $gblIcon("locked");
818     $b.= $gblIcon("blank");
819     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
820     $file_url_html = "$file $a";
821     }
822     } else {
823 dpavlin 1.4 $b.="<A HREF=\"$self?A=Co&D=".urlencode($relDir)."&F=".urlencode($file);
824 dpavlin 1.1 $b.="\" TITLE=\"Checkout file for edit\">" ;
825 dpavlin 1.4 $b.=$gblIcon("checkout")."</A>";
826 dpavlin 1.1
827     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
828 dpavlin 1.4 $b.="<A HREF=\"$self?A=C&D=".urlencode($relDir)."&F=".urlencode($file);
829 dpavlin 1.1 $b.="\" TITLE=\"List contents\">" ;
830     $b.=$gblIcon("view")."</A>" ;
831     } else {
832     $b.= $gblIcon("blank");
833     }
834     }
835    
836     $mod = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod);
837    
838     include("$html/Navigate-fileEntry.html");
839    
840     } // iterate over files
841     } else { // end if no files
842     ?>
843     <TR><TD></TD><TD COLSPAN=5 CLASS=LST>
844     No files in this directory
845     </TD></TR>
846     <?
847     }
848    
849     if ($emptyDir && $relDir != "") {
850     ?>
851    
852     <FORM METHOD="POST" ACTION="<?= $self ?>">
853     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
854     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
855     OK TO DELETE THIS EMPTY FOLDER?
856     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
857     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
858     </TD></TR>
859     </FORM>
860    
861     <?php
862     } // end if emptyDir
863     ?>
864    
865     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
866    
867     <?
868 dpavlin 1.10
869 dpavlin 1.12 if (file_exists("$fsRealmDir/$realm".$realm_sep."info.inc")) {
870     print "<TR><TD></TD><TD COLSPAN=5>";
871     include("$fsRealmDir/$realm".$realm_sep."info.inc");
872     print "</TD></TR><TR><TD></TD><TD COLSPAN=5><HR></TD></TR>";
873     } elseif (file_exists("$gblRepositoryDir/.info.inc")) {
874 dpavlin 1.1 print "<TR><TD></TD><TD COLSPAN=5>";
875 dpavlin 1.10 include("$gblRepositoryDir/.info.inc");
876     print "</TD></TR><TR><TD></TD><TD COLSPAN=5><HR></TD></TR>";
877 dpavlin 1.1 }
878 dpavlin 1.10
879 dpavlin 1.12
880 dpavlin 1.1 ?>
881    
882     <FORM METHOD="POST" ACTION="<?= $self ?>">
883     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
884     <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
885     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
886     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
887     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
888     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
889     <INPUT TYPE="SUBMIT" VALUE="CREATE" NAME="CREATE">
890     </NOBR>
891     <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE</NOBR>
892     </TD></TR>
893     </FORM>
894     </TABLE>
895    
896     <?php
897     EndHTML() ;
898     } // end function Navigate
899    
900     //////////////////////////////////////////////////////////////////
901    
902     function UploadPage($fsRoot, $relDir, $filename="") {
903    
904 dpavlin 1.4 global $html, $HTTP_SERVER_VARS;
905    
906     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
907 dpavlin 1.1 if ($relDir == "") $relDir = "/" ;
908    
909 dpavlin 1.4 include("$html/UploadPage.html");
910 dpavlin 1.1
911     } // end function UploadPage
912    
913     //////////////////////////////////////////////////////////////////
914    
915 dpavlin 1.3 // Error with sysadmin flag are reported to error_log or hidden from
916     // users
917    
918 dpavlin 1.12 function Error($title,$text="",$sysadmin=0,$no_404=0) {
919 dpavlin 1.3 global $gblSeparateAdminMessages,
920     $gblMailAdminMessages,$realm,
921     $HTTP_SERVER_VARS;
922 dpavlin 1.12 if (! headers_sent() && ! $no_404) header("HTTP/1.0 404 Not Found");
923 dpavlin 1.3 if ($sysadmin) {
924     if ($gblSeparateAdminMessages) {
925     $user="Your administrator ";
926     if ($gblMailAdminMessages) {
927     mail($HTTP_SERVER_VARS["SERVER_ADMIN"], "docman $realm error message: $title", strip_tags($text));
928     $user.="<tt>".$HTTP_SERVER_VARS["SERVER_ADMIN"]."</tt> ";
929     }
930     $user.="has been notified about error" ;
931     StartHTML("($title)",$user);
932     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
933     EndHTML();
934     error_log("docman $realm: ".strip_tags($text));
935     } else {
936     StartHTML("ADMIN: ".$title,$text) ;
937     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
938     EndHTML();
939     }
940     } else {
941     StartHTML("(".$title.")",$text) ;
942     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
943     EndHTML() ;
944     }
945 dpavlin 1.1 exit ;
946     } // end function Error
947    
948 dpavlin 1.2 function LogIt($target,$msg, $changelog=0) {
949 dpavlin 1.1
950     $dir=dirname($target);
951     if (! file_exists($dir."/.log")) {
952 dpavlin 1.3 if (! @mkdir($dir."/.log",0700)) Error("docman installation problem","can't create log directory <tt>$dir/.log</tt>",1);
953 dpavlin 1.1 }
954     $file=basename($target);
955    
956     $log=fopen("$dir/.log/$file","a+");
957     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
958     "\t$GLOBALS[gblUserName]\t$msg\n");
959     fclose($log);
960    
961 dpavlin 1.2 if (! $changelog) return;
962    
963     global $gblFsRoot;
964     $log=fopen("$gblFsRoot/.changelog","a+");
965     if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
966     $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
967     $msg=str_replace("\t"," ",$msg);
968     fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
969     fclose($log);
970    
971     // FIX: implement e-mail notification based on $changelog
972     // permission
973 dpavlin 1.1 }
974    
975    
976     //////////////////////////////////////////////////////////////////
977    
978     function WriteNote($target,$msg) {
979    
980     $target=stripSlashes($target);
981     $dir=dirname($target);
982     if (! file_exists($dir."/.note")) {
983     mkdir($dir."/.note",0700);
984     }
985     $file=basename($target);
986    
987     $note=fopen("$dir/.note/$file","w");
988     fputs($note,"$msg\n");
989     fclose($note);
990    
991 dpavlin 1.2 LogIt($target,"added note $msg");
992 dpavlin 1.1
993     }
994    
995     function ReadNote($target) {
996    
997     $target=stripSlashes($target);
998     $dir=dirname($target);
999     $file=basename($target);
1000     $msg="";
1001     if (file_exists($dir."/.note/$file")) {
1002     $note=fopen("$dir/.note/$file","r");
1003     $msg=fgets($note,4096);
1004     fclose($note);
1005     }
1006     return HtmlSpecialChars(StripSlashes($msg));
1007    
1008     }
1009    
1010     //////////////////////////////////////////////////////////////////
1011    
1012     function MoveTo($source,$folder) {
1013    
1014     $source=stripSlashes($source);
1015     $file=basename($source);
1016     if (! file_exists($folder)) {
1017     mkdir($folder,0700);
1018     }
1019     if (file_exists($source)) {
1020     rename($source,"$folder/$file");
1021     }
1022     }
1023    
1024     //////////////////////////////////////////////////////////////////
1025    
1026     function Lock($target) {
1027    
1028     $target=stripSlashes($target);
1029     $dir=dirname($target);
1030     if (! file_exists($dir."/.lock")) {
1031     mkdir($dir."/.lock",0700);
1032     }
1033     $file=basename($target);
1034    
1035     if (file_exists("$dir/.lock/$file")) {
1036 dpavlin 1.2 LogIt($target,"attempt to locked allready locked file!");
1037 dpavlin 1.1 } else {
1038     $lock=fopen("$dir/.lock/$file","w");
1039     fputs($lock,"$GLOBALS[gblUserName]\n");
1040     fclose($lock);
1041    
1042 dpavlin 1.2 LogIt($target,"file locked");
1043 dpavlin 1.1 }
1044    
1045     }
1046    
1047     function CheckLock($target) {
1048    
1049     $target=stripSlashes($target);
1050     $dir=dirname($target);
1051     $file=basename($target);
1052     $msg=0;
1053     if (file_exists($dir."/.lock/$file")) {
1054     $lock=fopen("$dir/.lock/$file","r");
1055     $msg=fgets($lock,4096);
1056     fclose($lock);
1057     }
1058     return chop($msg);
1059    
1060     }
1061    
1062     function Unlock($target) {
1063    
1064     $target=stripSlashes($target);
1065     $dir=dirname($target);
1066     $file=basename($target);
1067     if (file_exists($dir."/.lock/$file")) {
1068     unlink("$dir/.lock/$file");
1069 dpavlin 1.2 LogIt($target,"file unlocked");
1070 dpavlin 1.1 } else {
1071 dpavlin 1.2 LogIt($target,"attempt to unlocked non-locked file!");
1072 dpavlin 1.1 }
1073    
1074     }
1075    
1076     //////////////////////////////////////////////////////////////////
1077    
1078     function urlpath($url) {
1079     $url=urlencode(StripSlashes("$url"));
1080     $url=str_replace("%2F","/",$url);
1081     $url=str_replace("+","%20",$url);
1082     return($url);
1083     }
1084    
1085     //////////////////////////////////////////////////////////////////
1086    
1087     function safe_rename($fromdir,$fromfile,$tofile) {
1088     function try_rename($from,$to) {
1089     # print "$from -> $to\n";
1090     if (file_exists($from) && is_writeable(dirname($to))) {
1091 dpavlin 1.8 return rename($from,$to);
1092     } else {
1093     return 0;
1094 dpavlin 1.1 }
1095     }
1096    
1097     function try_dir($todir) {
1098     if (! file_exists($todir)) {
1099 dpavlin 1.8 @mkdir($todir,0700);
1100 dpavlin 1.1 }
1101     }
1102    
1103     $to="$fromdir/$tofile";
1104     $todir=dirname($to);
1105     $tofile=basename($to);
1106    
1107     # print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n";
1108    
1109 dpavlin 1.8 if (! try_rename("$fromdir/$fromfile","$todir/$tofile")) Error("Rename error","Can't rename file <tt>$fromfile</tt> to <tt>$tofile</tt>",1);
1110 dpavlin 1.1 try_dir("$todir/.log");
1111     try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
1112     try_dir("$todir/.note");
1113     try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
1114     try_dir("$todir/.lock");
1115     try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
1116     try_dir("$todir/.bak");
1117     for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
1118     try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
1119     }
1120     }
1121    
1122    
1123     //////////////////////////////////////////////////////////////////
1124    
1125     // recursivly delete directory
1126    
1127     function rrmdir($dir) {
1128     $handle=opendir($dir);
1129     while ($file = readdir($handle)) {
1130     if ($file != "." && $file != "..") {
1131     if (is_dir("$dir/$file"))
1132     rrmdir("$dir/$file");
1133     else
1134     if (! @unlink("$dir/$file")) return(0);
1135     }
1136     }
1137     closedir($handle);
1138     return @rmdir($dir);
1139     }
1140    
1141     //////////////////////////////////////////////////////////////////
1142    
1143     function DisplayChangeLog($day) {
1144    
1145 dpavlin 1.4 global $gblFsRoot,$HTTP_SERVER_VARS;
1146    
1147 dpavlin 1.1 if (!file_exists("$gblFsRoot/.changelog")) return;
1148     $log=fopen("$gblFsRoot/.changelog","r");
1149     $logarr = array();
1150     while($line = fgetcsv($log,512,"\t")) {
1151     while (sizeof($line) > 4) {
1152     $tmp = array_pop($line);
1153     $line.=" $tmp";
1154     }
1155     if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) {
1156     array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1157     }
1158     }
1159     fclose($log);
1160     $cl1=" class=LST"; $cl2="";
1161     print "<table border=0 width=100%>\n";
1162     while ($e = array_shift($logarr)) {
1163     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1164     $date = date("$GLOBALS[gblDateFmt]", $e[0]);
1165     $time = date("$GLOBALS[gblTimeFmt]", $e[0]);
1166     $dir = dirname($e[1]);
1167     $file = basename($e[1]);
1168 dpavlin 1.4 print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$HTTP_SERVER_VARS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1169 dpavlin 1.1 }
1170     print "</table>";
1171 dpavlin 1.4 print "<p>".GifIcon(up)." Back to <a href=$HTTP_SERVER_VARS[PHP_SELF]>front page</a>.</p>";
1172 dpavlin 1.1 }
1173    
1174     //////////////////////////////////////////////////////////////////
1175    
1176 dpavlin 1.4 function Download($path,$force=0) {
1177     global $HTTP_SERVER_VARS,$mime_type;
1178    
1179     // default transfer-encoding
1180     $encoding = "binary";
1181    
1182     // known transfer encodings
1183     $encoding_ext = array(
1184     "gz" => "x-gzip",
1185     "Z" => "x-compress",
1186     );
1187    
1188     $file = basename($path);
1189 dpavlin 1.1 $size = filesize($path);
1190 dpavlin 1.4
1191     $ext_arr = explode(".",$file);
1192     $ext = array_pop($ext_arr);
1193     if ($encoding_ext[$ext]) {
1194     $encoding = $encoding_ext[$ext];
1195     $ext = array_pop($ext_arr);
1196     }
1197    
1198     if ($force || !isset($mime_type[$ext])) {
1199     header("Content-Type: application/force-download");
1200     } else {
1201     header("Content-Type: $mime_type[$ext]");
1202     }
1203    
1204 dpavlin 1.1 // IE5.5 just downloads index.php if we don't do this
1205 dpavlin 1.4 if(preg_match("/MSIE 5.5/", $HTTP_SERVER_VARS[HTTP_USER_AGENT])) {
1206 dpavlin 1.1 header("Content-Disposition: filename=$file");
1207     } else {
1208     header("Content-Disposition: attachment; filename=$file");
1209     }
1210 dpavlin 1.4
1211     header("Content-Transfer-Encoding: $encoding");
1212 dpavlin 1.1 $fh = fopen($path, "r");
1213     fpassthru($fh);
1214     }
1215    
1216    
1217     //////////////////////////////////////////////////////////////////
1218    
1219     function chopsl($path) {
1220 dpavlin 1.13 $path=str_replace("//","/",$path);
1221 dpavlin 1.1 if (substr($path,strlen($path)-1,1) == "/") $path=substr($path,0,strlen($path)-1);
1222     return $path;
1223     }
1224    
1225     //////////////////////////////////////////////////////////////////
1226     /*
1227     Document manager ACL implementation
1228    
1229     Written by Dobrica Pavlinusic <dpavlin@rot13.org>
1230    
1231     Based on ideas from Linux trustees code
1232     by Vyacheslav Zavadsky <zavadsky@braysystems.com>
1233     */
1234    
1235     define(trmask_not,1 << 0);
1236     define(trmask_clear,1 << 1);
1237     define(trmask_deny,1 << 2);
1238     define(trmask_one_level,1 << 3);
1239     define(trmask_group,1 << 4);
1240    
1241     define(trperm_r,1 << 5);
1242     define(trperm_w,1 << 6);
1243     define(trperm_b,1 << 7);
1244     define(trperm_n,1 << 8);
1245    
1246     $trustee_a2n = array(
1247     '!' => trmask_not,
1248     'C' => trmask_clear,
1249     'D' => trmask_deny,
1250     'O' => trmask_one_level,
1251     '+' => trmask_group,
1252     'R' => trperm_r,
1253     'W' => trperm_w,
1254     'B' => trperm_b,
1255     'N' => trperm_n,
1256     );
1257    
1258     // debugging function
1259     function display_trustee($t) {
1260     global $trustee_a2n;
1261     $out="";
1262     foreach ($trustee_a2n as $c=>$v) {
1263     if ($t & $v) $out.=$c;
1264     }
1265     return $out;
1266     }
1267     function display_all_trustee() {
1268     global $trustees;
1269     print "trustee dump:<br>\n";
1270     foreach ($trustees as $path => $tr) {
1271     print "<br><tt>$path</tt>\n";
1272     foreach ($tr as $user=>$perm) {
1273     print "$user == $perm (".display_trustee($perm).")<br>\n";
1274     }
1275     }
1276     }
1277    
1278     function init_trustee() {
1279    
1280     global $trustee_conf,$trustee_php,$trustee_a2n,$groups,$trustees;
1281    
1282     // do we need to re-create compiled trustees?
1283     if (! file_exists($trustee_conf)) {
1284     # $error="$trustee_conf doesn't exits";
1285     return 0; # don't use trustees
1286     } elseif (file_exists($trustee_conf) && !is_readable($trustee_conf)) {
1287     $error="<tt>$trustee_conf</tt> exits, but is not readable";
1288     } elseif (!is_writable(dirname($trustee_php))) {
1289     $error="<tt>".dirname($trustee_php)."</tt> must be writable by web server user";
1290     } elseif (file_exists($trustee_php) && !is_writable($trustee_php)) {
1291     $error="trustees cache file <tt>$trustee_php</tt> exists, but is not writable by web server";
1292     } elseif (1 || filemtime($trustee_conf) >= filemtime($trustee_php)) {
1293     $fp_php=@fopen($trustee_php,"w");
1294     fputs($fp_php,"<?php // don't edit by hand!\n");
1295    
1296     $fp_conf=fopen($trustee_conf,"r");
1297    
1298     $groups_arr = array();
1299     $perm_arr = array();
1300    
1301     $tr_arr = array();
1302    
1303     while (! feof($fp_conf)) {
1304     $l = trim(fgets($fp_conf,4096));
1305     if (substr($l,0,1) == "+") { // no comment
1306     $arr=explode(":",$l);
1307     $groups_arr[$arr[0]] = $arr[1] ;
1308     } elseif (substr($l,0,1) != "#") {
1309     $arr=explode(":",$l);
1310     $path=array_shift($arr);
1311     if ($path == "") continue;
1312     $sep2="";
1313     while ($user=array_shift($arr)) {
1314     $perm=0;
1315     if (substr($user,0,1) == "+") {
1316     $perm|=trmask_group;
1317     $user=substr($user,1,strlen($user)-1);
1318     }
1319     $perm_ascii=array_shift($arr);
1320     for ($i=0;$i<strlen($perm_ascii);$i++) {
1321     $ch=strtoupper($perm_ascii[$i]);
1322     if (isset($trustee_a2n[$ch])) {
1323     $perm|=$trustee_a2n[$ch];
1324     } else {
1325     $error.="trustee error in line '$l' [Unknown modifier '$ch']<br>\n";
1326     }
1327     }
1328     $tr_arr[$path][$user] |= $perm;
1329     }
1330     }
1331     }
1332    
1333     fclose($fp_conf);
1334    
1335     // save trustees
1336     $tr_out='$trustees = array (';
1337     $sep1="";
1338     while (list ($path, $tr) = each ($tr_arr)) {
1339     $tr_out.="$sep1\n\t'$path'=>array(";
1340     $sep2="";
1341     while (list($user,$perm)=each($tr)) {
1342     $tr_out.="$sep2\n\t\t'$user'=>$perm";
1343     $sep2=",";
1344     }
1345     $tr_out.="\n\t)";
1346     $sep1=",";
1347     }
1348     $tr_out.="\n);";
1349    
1350     // save groups
1351     $gr_out='$groups = array (';
1352     $sep="";
1353     while (list ($group, $members) = each ($groups_arr)) {
1354     $gr_out.="$sep\n\t'";
1355     $gr_out.=substr($group,1,strlen($group)-1);
1356     $gr_out.="'=>array('".join("','",explode(",",$members))."')";
1357     $sep=",";
1358     }
1359     $gr_out.="\n);\n";
1360    
1361     fputs($fp_php,$gr_out);
1362     fputs($fp_php,$tr_out);
1363     fputs($fp_php,"?>\n");
1364     fclose($fp_php);
1365     }
1366    
1367     if ($error) {
1368 dpavlin 1.3 Error("Trustee error",$error,1);
1369 dpavlin 1.1 } else {
1370     include("$trustee_php");
1371     }
1372    
1373     return 1;
1374    
1375     }//init_trustee
1376    
1377     function in_group($user,$group) {
1378     return in_array($groups[$group],$user);
1379     }
1380    
1381     // helper function
1382     function unroll_perm($u,$t,$user,$perm) {
1383     // check user
1384     if ($t & trmask_not && ($u==$user)) continue;
1385     if (!($t & trmask_not) && ($u!=$user)) continue;
1386    
1387     if ($t & trmask_deny) {
1388     if ($t & trmask_clear) {
1389     $perm[deny] &= ~$t;
1390     } else {
1391     $perm[deny] |= $t;
1392     }
1393     } elseif ($t & trmask_clear) {
1394     $perm[allow] &= ~$t;
1395     } else {
1396     $perm[allow] |= $t;
1397     }
1398     return $perm;
1399     }// end of helper function
1400    
1401     function check_trustee($user,$path) {
1402     global $trustees;
1403     $perm[allow] = 0;
1404     $perm[deny] = 0;
1405     $path_arr=explode("/",$path);
1406     $path = "/";
1407     while (count($path_arr)) {
1408     if (substr($path,strlen($path)-1,1) != "/") $path.="/";
1409     $path.=array_shift($path_arr);
1410     $tr = $trustees[$path];
1411    
1412     if (isset($tr)) {
1413     // first apply trustee for all
1414     if (isset($tr['*'])) {
1415     $perm = unroll_perm($user,$tr['*'],$user, $perm);
1416     unset($tr['*']);
1417     }
1418     // then apply group policies
1419     foreach ($tr as $u=>$t) {
1420     if ($t & trmask_group && in_group($user,$u)) {
1421     // resolv user
1422     $t = $t & ~trmask_group;
1423     $u = $user;
1424     $perm = unroll_perm($u,$t,$user, $perm);
1425     unset($tr[$u]);
1426     }
1427     }
1428     // then apply use policy
1429     if (isset($tr[$user])) {
1430     $perm = unroll_perm($user,$tr[$user],$user, $perm);
1431     unset($tr[$user]);
1432     }
1433    
1434     }
1435    
1436     }
1437     #print "<br>user: $user path: $path perm: ";
1438     #print "d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).")<Br>\n";
1439     return $perm;
1440     }
1441    
1442     // handy functions
1443    
1444     function check_perm($path,$trperm) {
1445     global $gblLogin,$HAVE_TRUSTEE;
1446 dpavlin 1.13
1447     global $debug;
1448     $debug.="<br>check_perm: <tt>$path</tt> test perm ".display_trustee($perm)."<br>\n";
1449 dpavlin 1.1 $return = ! $HAVE_TRUSTEE;
1450     if ($HAVE_TRUSTEE) {
1451     $perm = check_trustee($gblLogin,$path);
1452 dpavlin 1.13 $debug.=" d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).") perm: $trperm";
1453 dpavlin 1.1 if ($perm[deny] & $trperm) $return=0;
1454     elseif ($perm[allow] & $trperm) $return=1;
1455     }
1456 dpavlin 1.13 $debug.=" return: $return<br>\n";
1457 dpavlin 1.1 return($return);
1458     }
1459    
1460 dpavlin 1.4 //////////////////////////////////////////////////////////////////
1461    
1462     function readMime() {
1463     global $mime_type;
1464    
1465     if (! isset($gblMimeTypes)) {
1466     $gblMimeTypes = "/etc/mime.types";
1467     }
1468    
1469     $mime = @fopen($gblMimeTypes,"r");
1470    
1471     if (! $mime) Error("Can't read MIME types","<tt>$gblMimeTypes</tt> file not found. You can setup other <tt>mime.types</tt> file using <tt>\$gblMimeTypes</tt> in <tt>$realm_config</tt>");
1472    
1473     while($line = fgets($mime,80)) {
1474     if (substr($line,0,1) == "#") continue; // skip comment
1475     $arr = preg_split("/[\s\t]+/",$line);
1476     $type = array_shift($arr);
1477     while ($ext = array_shift($arr)) {
1478     $mime_type[$ext] = $type;
1479     }
1480     }
1481    
1482     fclose($mime);
1483     }
1484 dpavlin 1.1
1485     //////////////////////////////////////////////////////////////////
1486 dpavlin 1.13
1487     // check for invalid characters in filename and dirname (.. and /)
1488    
1489     function check_dirname($file) {
1490     if (strstr($file,"..")) Error("Security violation","No parent dir <tt>..</tt> allowed in directory name <tt>$file</tt>",1);
1491     }
1492    
1493     function check_filename($file) {
1494     if (strstr($file,"..")) Error("Security violation","No parent dir <tt>..</tt> allowed in file name <tt>$file</tt>",1);
1495     if (strstr($file,"/")) Error("Security violation","No slashes <tt>/</tt> allowed in file name <tt>$file</tt>",1);
1496     }
1497    
1498     //////////////////////////////////////////////////////////////////
1499 dpavlin 1.1 // MAIN PROGRAM
1500    
1501     $gblFilePerms = 0640 ; // default for new files
1502     $gblDirPerms = 0750 ; // default for new dirs
1503    
1504 dpavlin 1.11 $STYLE = $HTTP_GET_VARS[STYLE];
1505 dpavlin 1.1 if (isset($STYLE) && $STYLE == "get") {
1506     include("$html/docman.css");
1507     exit;
1508     }
1509    
1510     // location of master docman configuration file
1511     $docman_conf = "/etc/docman.conf";
1512     if (! file_exists($docman_conf)) {
1513     $error = "Can't find master configuration file $docman_conf. See docman2/doc/upgrade.html#docman_conf for more informations";
1514    
1515     error_log("docman: $error");
1516     Error("docman not installed completly",$error);
1517     }
1518     include($docman_conf);
1519    
1520     if (! isset($fsRealmDir)) {
1521     $fsRealmDir = "$gblIncDir/realm";
1522     }
1523 dpavlin 1.12
1524     // try to add dir to script name to realm var
1525     if (is_dir("$fsRealmDir/$realm/".dirname($HTTP_SERVER_VARS[SCRIPT_NAME]))) {
1526 dpavlin 1.14 $realm .= dirname($HTTP_SERVER_VARS[SCRIPT_NAME]);
1527 dpavlin 1.12 $realm_sep = "/";
1528     } else {
1529     $realm_sep = ".";
1530     }
1531    
1532     $realm_config = $fsRealmDir."/".$realm.$realm_sep."conf";
1533 dpavlin 1.1
1534     // read user-defined configuration
1535     if (file_exists($realm_config)) {
1536     include($realm_config);
1537     } else {
1538     Error("Configuration error","Can't find configuration file at <tt>$realm_config</tt> !");
1539     }
1540    
1541     if (! isset($gblRepositoryDir)) Error("Configuration error","<tt>\$gblRepositoryDir</tt> is not setuped in realm configuration file <tt>$realm_config</tt>");
1542    
1543     // where do we get users from?
1544     if (file_exists("$gblIncDir/htusers/$gblUsers.php")) {
1545     include("$gblIncDir/htusers/$gblUsers.php");
1546     } else {
1547     Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/htusers/$gblUsers.php</tt> ! Please fix <tt>$realm_config</tt>");
1548     }
1549    
1550     // if no password, or empty password logout
1551 dpavlin 1.15 $relogin = $HTTP_GET_VARS[relogin];
1552     $force_login = $HTTP_GET_VARS[force_login];
1553 dpavlin 1.1 if (
1554     isset($gblLogin) && (
1555     !isset($relogin) || (
1556     isset($relogin) && $relogin != md5($gblLogin.$gblPasswd)
1557     )
1558     ) && (
1559     $gblPasswd == "" || !isset($gblPasswd)
1560     ) && !isset($force_login) && $gblLogin != "anonymous"
1561     ) {
1562     StartHTML("Logout completed","Your login credentials has been erased") ;
1563     EndHTML() ;
1564     exit ;
1565     }
1566    
1567 dpavlin 1.3 if (!is_dir($gblRepositoryDir)) Error("Repository dir not found","Can't find repository directory <tt>$gblRepositoryDir</tt>. Please fix that in <tt>$realm_config</tt> variable <tt>\$gblRepositoryDir</tt>.",1);
1568    
1569 dpavlin 1.1 // trustee (ACL) file configuration
1570 dpavlin 1.12 $trustee_conf="$fsRealmDir/$realm".$realm_sep."trustee";
1571 dpavlin 1.1 // compiled version of trustee file
1572     $trustee_php="$gblRepositoryDir/.trustee.php";
1573     // get ACL informations
1574     $HAVE_TRUSTEE = init_trustee();
1575    
1576     if (strtolower($gblLogin) == "anonymous" || !isset($gblPasswd)) {
1577     $perm = check_trustee($gblLogin,$path);
1578     // browsing must be explicitly allowed for root directory
1579     // of repository for anonymous user to work!
1580     if ($perm[allow] & trperm_b) {
1581     $secHash = md5($gblLogin.$gblPasswd);
1582     $gblUserName = "Anonymous user";
1583     }
1584     }
1585    
1586     // authentication failure
1587     if ( md5($gblLogin.$gblPasswd) != $secHash ||
1588     isset($relogin) && $secHash == $relogin) {
1589     header("WWW-authenticate: basic realm=\"$realm\"") ;
1590     header("HTTP/1.0 401 Unauthorized") ;
1591 dpavlin 1.12 Error("401 Unauthorized","No trespassing !",0,1);
1592 dpavlin 1.1 }
1593    
1594 dpavlin 1.13
1595 dpavlin 1.4 // read mime.types
1596     readMime();
1597    
1598 dpavlin 1.13 if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST") {
1599     // take variables from server
1600     $FN=stripSlashes($HTTP_POST_VARS["FN"]);
1601     $DIR=stripSlashes($HTTP_POST_VARS["DIR"]);
1602     $RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]);
1603     $T=stripSlashes($HTTP_POST_VARS["T"]);
1604     $CONFIRM=stripSlashes($HTTP_POST_VARS["CONFIRM"]);
1605    
1606     check_filename($FN);
1607     check_dirname($DIR);
1608     check_dirname($RELPATH);
1609 dpavlin 1.1
1610 dpavlin 1.13 $relDir = $DIR;
1611     } else {
1612     // get
1613     $A=stripSlashes($HTTP_GET_VARS["A"]);
1614     $D=stripSlashes(urldecode($HTTP_GET_VARS["D"]));
1615     $F=stripSlashes($HTTP_GET_VARS["F"]);
1616 dpavlin 1.1
1617 dpavlin 1.13 check_filename($F);
1618     check_dirname($D);
1619 dpavlin 1.1
1620 dpavlin 1.13 $relDir = $D;
1621     }
1622 dpavlin 1.1
1623 dpavlin 1.13 if ($relDir == "/") $relDir = "" ;
1624 dpavlin 1.1
1625     $relScriptDir = dirname($SCRIPT_NAME) ;
1626     // i.e. /docman
1627    
1628     // start on server root
1629     $gblFsRoot = $gblRepositoryDir;
1630 dpavlin 1.13 // i.e. /home/httpd/repository
1631 dpavlin 1.1
1632     $fsDir = $gblFsRoot . $relDir ; // current directory
1633 dpavlin 1.13 if ( !is_dir($fsDir) ) Error("Dir not found",$relDir,1) ;
1634 dpavlin 1.1
1635 dpavlin 1.4 if (isset($HTTP_SERVER_VARS["HTTPS"]) && $HTTP_SERVER_VARS["HTTPS"] == "on") {
1636 dpavlin 1.1 $webRoot = "https://";
1637     } else {
1638     $webRoot = "http://";
1639     }
1640 dpavlin 1.4 $webRoot .= $HTTP_SERVER_VARS["HTTP_HOST"] . $relScriptDir;
1641 dpavlin 1.1
1642 dpavlin 1.4 switch ($HTTP_POST_VARS["POSTACTION"]) {
1643 dpavlin 1.1 case "UPLOAD" :
1644 dpavlin 1.4 $FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]);
1645 dpavlin 1.7 $FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]);
1646 dpavlin 1.1 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1647 dpavlin 1.7
1648 dpavlin 1.4 $source = $FN_name ;
1649 dpavlin 1.1 if (! file_exists($source)) {
1650     Error("You must select file with browse to upload it!");
1651     }
1652 dpavlin 1.7
1653 dpavlin 1.4 $FILENAME = $HTTP_POST_VARS["FILENAME"];
1654 dpavlin 1.13 check_filename($FILENAME);
1655    
1656 dpavlin 1.1 if (! isset($FILENAME)) { // from update file
1657 dpavlin 1.9 $target = "$fsDir/".basename($FN);
1658 dpavlin 1.1 } else {
1659     $target = "$fsDir/$FILENAME";
1660     }
1661    
1662     // backup old files first
1663     $dir=dirname($target);
1664     if (! file_exists($dir."/.bak")) {
1665     mkdir($dir."/.bak",0700);
1666     }
1667     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1668     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1669     }
1670     $file=basename($target);
1671     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1672     MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1673     }
1674     MoveTo($target,$dir."/.bak/1/");
1675    
1676     copy($source,$target) ;
1677     chmod($target,$gblFilePerms) ;
1678     clearstatcache() ;
1679     if (isset($FILENAME)) {
1680 dpavlin 1.2 LogIt($target,"check-in",trperm_r | trperm_w);
1681 dpavlin 1.1 Unlock($target);
1682 dpavlin 1.2 } else {
1683     LogIt($target,"uploaded",trperm_r | trperm_w);
1684 dpavlin 1.1 }
1685     break ;
1686    
1687     case "SAVE" :
1688     $path = $gblFsRoot . $RELPATH ;
1689     $path=stripSlashes($path);
1690     $writable = is_writeable($path) ;
1691     $legaldir = is_writeable(dirname($path)) ;
1692     $exists = (file_exists($path)) ? 1 : 0 ;
1693     // check for legal extension here as well
1694     if (!($writable || (!$exists && $legaldir)))
1695     Error("Write denied",$RELPATH) ;
1696     $fh = fopen($path, "w") ;
1697     $FILEDATA=stripSlashes($FILEDATA);
1698     fwrite($fh,$FILEDATA) ;
1699     fclose($fh) ;
1700     clearstatcache() ;
1701 dpavlin 1.2 LogIt($path,"saved changes",trperm_r);
1702 dpavlin 1.1 break ;
1703    
1704     case "CREATE" :
1705     // we know $fsDir exists
1706     if ($FN == "") break; // no filename!
1707     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1708     $path = $fsDir . "/" . $FN ; // file or dir to create
1709     $relPath = $relDir . "/" . $FN ;
1710     switch ( $T ) {
1711     case "D" : // create a directory
1712     if ( ! @mkdir($path,$gblDirPerms) )
1713     Error("Mkdir failed",$relPath) ; // eg. if it exists
1714 dpavlin 1.2 else
1715     LogIt($path."/","dir created",trperm_w);
1716 dpavlin 1.1 clearstatcache() ;
1717     break ;
1718     case "F" : // create a new file
1719     // this functionality is doubled in DetailView().
1720     // better keep it here altogether
1721     // chmod perms to $gblFilePerms
1722     if ( file_exists($path) && !is_writeable($path) )
1723     Error("File not writable", $relPath) ;
1724     $fh = fopen($path, "w+") ;
1725     if ($fh) {
1726     fputs($fh,"\n");
1727     fclose($fh) ;
1728 dpavlin 1.2 LogIt($path,"file created",trperm_r | trperm_w);
1729 dpavlin 1.1 } else {
1730     Error("Creation of file $relPath failed -- $path");
1731     }
1732     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1733     header("Location: " . $tstr) ;
1734     exit ;
1735     }
1736     break ;
1737    
1738     case "DELETE" :
1739     if ( $CONFIRM != "on" ) break ;
1740    
1741     $tstr = "Attempt to delete non-existing object or " ;
1742     $tstr .= "insufficient privileges: " ;
1743    
1744     if ( $FN != "") { // delete file
1745     $path = $fsDir . "/" . $FN ;
1746    
1747     $dir=dirname($path);
1748     $file=basename($path);
1749     if (! file_exists("$dir/.del")) {
1750     mkdir("$dir/.del",0700);
1751     }
1752    
1753     // if ( ! @unlink($path) ) {
1754     if ( ! rename($path,"$dir/.del/$file") ) {
1755 dpavlin 1.4 LogIt($path,"file delete failed");
1756 dpavlin 1.1 Error("File delete failed", $tstr . $path) ;
1757     } else {
1758 dpavlin 1.2 LogIt($path,"file deleted",trperm_w);
1759 dpavlin 1.1 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1760     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1761     MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1762     }
1763 dpavlin 1.2 } else { // delete directory
1764     if ( ! @rrmdir($fsDir) ) {
1765     Error("Rmdir failed", $tstr . $fsDir) ;
1766     } else {
1767     LogIt($path,"dir deleted",trperm_w);
1768     $relDir = dirname($relDir) ; // move up
1769     }
1770 dpavlin 1.1 }
1771     break ;
1772    
1773     case "UNDELETE" :
1774     if ( $CONFIRM != "on" ) break ;
1775    
1776     if (substr($FN,0,4) != ".del") break ;
1777     $file=substr($FN,4,strlen($FN)-4);
1778    
1779 dpavlin 1.2 LogIt("$fsDir/.del/$file","undeleted",trperm_w);
1780 dpavlin 1.1 MoveTo("$fsDir/.del/$file","$fsDir/");
1781     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1782     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1783     MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1784    
1785     break ;
1786    
1787     case "RENAME" :
1788     if ( $CONFIRM != "on" ) break ;
1789    
1790 dpavlin 1.8 $NEWNAME=stripSlashes($HTTP_POST_VARS["NEWNAME"]);
1791 dpavlin 1.2 LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r);
1792 dpavlin 1.1 safe_rename($fsDir,$FN,$NEWNAME);
1793     break ;
1794    
1795     case "NOTE" :
1796 dpavlin 1.8 $NOTE=stripSlashes($HTTP_POST_VARS["NOTE"]);
1797 dpavlin 1.1 WriteNote("$fsDir/$FN","$NOTE");
1798     break ;
1799    
1800     case "UNLOCK" :
1801     if ( $CONFIRM != "on" ) break ;
1802     Unlock("$fsDir/$FN");
1803     break ;
1804    
1805     default :
1806     // user hit "CANCEL" or undefined action
1807     }
1808    
1809     // common to all POSTs : redirect to directory view ($relDir)
1810     if ( $POSTACTION != "" ) {
1811     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1812     header("Location: " . $tstr) ;
1813     exit ;
1814     }
1815    
1816     // check for mode.. navigate, code display, upload, or detail?
1817     // $A=U : upload to path given in $D
1818     // $A=E : display detail of file $D/$F and edit
1819     // $A=C : display code in file $D/$F
1820     // $A=Co : checkout file $D/$F
1821     // $A=Ci : checkin file $D/$F
1822     // $A=V : view file (do nothing except log)
1823 dpavlin 1.14 // $A=I : include file .$F.php from [$gblIncDir|realm]/include_php
1824 dpavlin 1.1 // default : display directory $D
1825    
1826     switch ($A) {
1827     case "U" :
1828     // upload to $relDir
1829     if (!is_writeable($gblFsRoot . $relDir))
1830     Error("Write access denied",$relDir) ;
1831     $text = "Use this page to upload a single " ;
1832 dpavlin 1.4 $text .= "file to <B>$realm</B>." ;
1833 dpavlin 1.1 StartHTML("(Upload Page)", $text) ;
1834     UploadPage($gblFsRoot, $relDir) ;
1835     EndHTML() ;
1836     exit ;
1837     case "E" :
1838     // detail of $relDir/$F
1839     if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1840     exit ;
1841     case "C" :
1842     $F=stripSlashes($F);
1843     // listing of $relDir/$F
1844     DisplayCode($gblFsRoot, $relDir, $F) ;
1845     exit ;
1846     case "Co" :
1847     // checkout
1848     Lock("$gblFsRoot/$relDir/$F");
1849 dpavlin 1.5 Download("$gblFsRoot/$relDir/$F",1);
1850 dpavlin 1.1 exit;
1851     case "Ci" :
1852     $F=stripSlashes($F);
1853     // upload && update to $relDir
1854     if (!is_writeable($gblFsRoot . $relDir))
1855     Error("Write access denied",$relDir) ;
1856     $text = "Use this page to update a single " ;
1857 dpavlin 1.4 $text .= "file to <B>$realm</B>." ;
1858 dpavlin 1.1 StartHTML("(Update file Page)", $text) ;
1859     UploadPage($gblFsRoot, $relDir, $F) ;
1860     EndHTML() ;
1861     exit ;
1862     case "V" :
1863     // view
1864     LogIt("$gblFsRoot/$relDir/$F","viewed");
1865 dpavlin 1.5 Download("$gblFsRoot/$relDir/$F",$gblForceDownload);
1866 dpavlin 1.1 exit;
1867     case "Ch" :
1868     StartHTML("(File changes)","All changes chronologicaly...");
1869     DisplayChangeLog(0); // all
1870     EndHTML() ;
1871     exit;
1872     case "Ch1" :
1873     StartHTML("(File changes)","Changes to files in last day...");
1874     DisplayChangeLog(1);
1875     EndHTML() ;
1876     exit;
1877     case "I" :
1878 dpavlin 1.14 if (! isset($F) || $F == "")
1879     Error("Can't find file to include","Your request didn't specify file to include which should be in variable <tt>F</tt> like <tt>$HTTP_SERVER_VARS[REQUEST_URI]<b>&F=include_php_file</b></tt>",1);
1880 dpavlin 1.15 $inc_file="$fsRealmDir/$realm".$realm_sep.$F.".php";
1881     if (! file_exists($inc_file)) {
1882     Error("Can't find file to include","Can't find include file <tt>$F.php</tt> in <tt>$fsRealmDir/$realm/</tt>. Meybe you should copy <tt>$gblIncDir/include_php/$F.php</tt> to <tt>$inc_file<tt> ?",1);
1883 dpavlin 1.14 }
1884 dpavlin 1.1 if (!is_readable($inc_file))
1885 dpavlin 1.15 Error("Read access to include file denied","Can't read PHP include file <tt>$inc_file</tt>. Fix permissions on it.",1);
1886 dpavlin 1.1 $text = "Your include file should define \$text variable which holds this text and \$title variable which is page title";
1887     $title = "You should define \$title variable with page title";
1888     include($inc_file);
1889     StartHTML($title, $text) ;
1890 dpavlin 1.4 print "<p>".GifIcon(up)." Back to <a href=$HTTP_SERVER_VARS[PHP_SELF]>front page</a>.</p>";
1891 dpavlin 1.1 EndHTML() ;
1892     exit ;
1893     }
1894    
1895     // default: display directory $relDir
1896     Navigate($gblFsRoot,$relDir) ;
1897     exit ;
1898    
1899 dpavlin 1.3 Error("Whooah!","By cartesian logic, this never happens",1) ;
1900 dpavlin 1.1 ?>
  ViewVC Help
Powered by ViewVC 1.1.26