/[docman2]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.2 - (hide annotations)
Thu Jul 25 21:16:08 2002 UTC (21 years, 8 months ago) by dpavlin
Branch: MAIN
Changes since 1.1: +38 -38 lines
fixed directory navigation (sorting broke it), removed ChangeLog function
and replace it with parametar to LogIt (which is also permission for
notify), better logging of actions (directory creation was missing,
creation of file wrote wrong ChangeLog)

1 dpavlin 1.1 <?php
2    
3     /*
4     * Document Manager ][
5     *
6     * Dobrica Pavlinusic <dpavlin@rot13.org>
7     *
8     * License: GPL2
9     *
10     * Document Manager 1.x was based on
11     * Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com
12     * PHP version Copyright 2000 by Stefan@Wiesendanger.org
13     *
14     * For more info, please see web pages at
15     * http://www.rot13.org/~dpavlin/docman.html
16     *
17     */
18    
19    
20     //////////////////////////////////////////////////////////////////
21     // CONFIGURATION OPTIONS
22    
23     // error_reporting(4) ; // how verbose ?
24    
25     // from where to include auth_*.php modules?
26     $gblIncDir = "/data/docman2";
27    
28     // force download (so it won't open in associated application)
29     $gblForceDownload = 1;
30    
31     // date format
32     $gblDateFmt="Y-m-d";
33     // $gblDateFmt="D, F d, Y";
34    
35     // time format
36     $gblTimeFmt="H:i:s";
37     // $gblTimeFmt="g:i:sA";
38    
39     // Number of backup files to keep
40     $gblNumBackups=3;
41    
42     // show red star if newer than ... days
43     $gblModDays=1;
44    
45     // choose GifIcon below unless you have the M$
46     // WingDings font installed on your system
47    
48     $gblIcon="GifIcon"; // MockIcon or GifIcon
49    
50     // the directory below should be /icons/ or /icons/small/
51     // on Apache; a set of icons is included in the distribution
52    
53     $gblIconLocation="/icons/";
54    
55     // files you want to be able to edit in text mode
56     // and view with (primitive) syntax highlighting
57    
58     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
59     ".cfm",".php3",".php",".phtml",
60     ".shtml",".css" ) ;
61    
62     // files that will display as images on the detail page
63     // (useless if your browser doesn't support them)
64    
65     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
66     ".bmp",".xbm") ;
67    
68     // which files to hide (separated by ,)
69     $gblHide = "";
70    
71     // Where are users? (by default in .htusers file)
72     $gblUsers = "file";
73    
74     //////////////////////////////////////////////////////////////////
75    
76     $gblTitle = "Document Manager";
77     $gblVersion = "2.0-pre1";
78    
79     $secHash = "";
80    
81     // location of html files
82     $html = $gblIncDir."/html";
83    
84     LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]);
85    
86     // for security and configuration
87     $realm="$HTTP_HOST"; // FIX
88    
89     $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]);
90     if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set <tt>\$fsDocumentRoot</tt> in <tt>\$</tt>");
91    
92     // globals for later
93     $gblLogin = $PHP_AUTH_USER;
94     $gblPasswd = $PHP_AUTH_PW;
95    
96     //////////////////////////////////////////////////////////////////
97    
98     function LoadLanguage($lang) {
99    
100     global $gblIncDir,$html;
101    
102     if (file_exists($gblIncDir."/lang/$lang.php")) {
103     include($gblIncDir."/lang/$lang.php");
104     $html .= "-$lang";
105     } else {
106     include($gblIncDir."/lang/default.php");
107     }
108     }
109    
110     function StartHTML($title,$text="") {
111    
112     global $html,$fsDocumentRoot;
113    
114     $title = $gblTitle." ".$title ;
115     $host = $GLOBALS["HTTP_HOST"] ;
116     $self = $GLOBALS["PHP_SELF"] ;
117    
118     if (file_exists("$fsDocumentRoot/docman.css")) {
119     $css=dirname($self)."/docman.css";
120     } else {
121     $css=$self."?STYLE=get&css=$css";
122     }
123    
124     include("$html/head.html");
125     }
126    
127     //////////////////////////////////////////////////////////////////
128    
129     function EndHTML() {
130    
131     global $gblDateFmt, $gblTimeFmt, $gblUserName, $PHP_SELF,
132     $secHash, $gblVersion, $html,
133     $gblLogin,$gblPasswd;
134    
135     $url = $PHP_SELF."?relogin=";
136     if (isset($secHash) && $secHash != "") {
137     $url .= $secHash;
138     } else {
139     $url .= md5($gblLogin.$gblPasswd);
140     }
141     if (isset($gblLogin) && $gblLogin != "" && ($gblPasswd == "" || !isset($gblPasswd))) {
142     $url_title="login";
143     $url .= "&force_login=1";
144     } else {
145     $url_title="relogin";
146     }
147     include("$html/footer.html");
148     //phpinfo();
149     } // end function EndHTML
150    
151     //////////////////////////////////////////////////////////////////
152    
153     function DetailPage($fsRoot,$relDir,$fn) {
154    
155     global $gblEditable, $gblImages, $webRoot, $html ;
156     $self = $GLOBALS["PHP_SELF"] ;
157    
158     $relPath = $relDir . "/" . $fn ;
159     $fsPath = $fsRoot . $relPath ;
160     $fsDir = $fsRoot . $relDir ;
161    
162     $exists = file_exists($fsPath) ;
163     $ext = strtolower(strrchr($relPath,".")) ;
164     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
165     $writable = is_writeable($fsPath) ;
166     $file_lock = CheckLock($fsPath);
167    
168     if (!$editable && !$exists)
169     Error(_("Creation unsupported for type"),$relPath) ;
170     if (!exists && !is_writeable($fsDir) )
171     Error(_("Creation denied"),$relDir) ;
172    
173     $text = _("Use this page to view, modify or ") ;
174     if (is_dir($fsPath)) {
175     $text .=_("delete a directory on this ") ;
176     } else {
177     $text .= _("delete a single document on this ") ;
178     };
179     $text .= _("web site.") ;
180     $title = "("._("Detail Page").")" ;
181     StartHTML($title, $text) ;
182    
183     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
184     if ($exists) { // get file info
185     $fsize = filesize($fsPath) ;
186     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
187     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
188     $fuid=fileowner($fsPath);
189     $fgid=filegroup($fsPath);
190     $userinfo = posix_getpwuid($fuid);
191     $grpinfo = posix_getgrgid($fgid);
192    
193     include("$html/DetailPage-file.html");
194     }
195    
196     if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) {
197     $fh = fopen($fsPath,"a+") ;
198     rewind($fh) ;
199     $fstr = fread($fh,filesize($fsPath)) ;
200     fclose($fh) ;
201     $fstr = htmlentities( $fstr ) ;
202     ?>
203    
204     <FORM ACTION="<?= $self ; ?>" METHOD="POST">
205     <SPAN TITLE="Click [SAVE] to store updated contents.">
206     <B>DOCUMENT CONTENTS</B>
207     </SPAN><BR>
208     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
209     echo($fstr) ; ?></TEXTAREA>
210     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
211     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
212     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
213     <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
214     VALUE="<?= $relPath ; ?>">
215     <br>
216     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
217     <INPUT TYPE="SUBMIT" VALUE="SAVE">
218     </FORM>
219    
220     <?php
221     }
222     if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
223     $info = getimagesize($fsPath) ;
224     $tstr = "<IMG SRC=\"$webRoot".urlpath($relPath)."\" BORDER=0 " ;
225     $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
226     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
227     // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
228     echo $tstr ;
229     }
230    
231     ?>
232    
233     <FORM ACTION="<?= $self ; ?>" METHOD="POST">
234     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
235     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
236     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
237    
238     <?php
239    
240     if ($file_lock) {
241     ?>
242     <hr>
243     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
244     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
245     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
246     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
247     <?
248     } // file_lock
249    
250     if (substr($fn,0,4) == ".del") {
251     $action="UNDELETE";
252     $desc="undelete previously deleted file";
253     } else {
254     $action="DELETE";
255     $desc="delete";
256     }
257    
258     if ($exists && $writable) {
259     ?>
260    
261     <HR>
262     <a name="undelete">
263     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
264     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
265     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
266     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
267    
268     <HR>
269     <a name="rename">
270     <SPAN TITLE="Check OK and click [RENAME] to rename.">
271     <B>OK TO RENAME "<?= $fn ; ?>" TO
272     <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
273     ? </B></SPAN>
274     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
275     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
276    
277     <?php
278     } // exists && writable
279     ?>
280     <HR>
281     <a name="note">
282     <B>NOTE FOR "<?= $fn ; ?>":
283     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
284     </B></SPAN>
285     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
286    
287     </FORM>
288    
289     <?php
290    
291     $name=basename("$fsDir/$fn");
292     $logname=dirname("$fsDir/$fn")."/.log/$name";
293     $bakdir=dirname("$fsDir/$fn")."/.bak";
294     if (file_exists($logname)) {
295     $log=fopen($logname,"r");
296     $cl1=" class=LST"; $cl2="";
297     $logarr = array();
298     while($line = fgetcsv($log,512,"\t")) {
299     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
300     array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
301     }
302     fclose($log);
303     if (is_dir("$fsDir/$fn")) {
304     $whatis="DIRECTORY";
305     } else {
306     $whatis="FILE";
307     }
308     print "<hr><br><b>CHANGES TO THIS $whatis</b><br><table border=0 width=100%>\n";
309     $bakcount = 0; // start from 0, skip fist backup (it's current)
310     while ($e = array_shift($logarr)) {
311     if (strstr($e[4],"upload")) {
312     if (file_exists("$bakdir/$bakcount/$name")) {
313     $e[4]="<a href=\"$webRoot".urlpath(dirname($relPath)."/.bak/$bakcount/$name")."\">$e[4]</a>";
314     }
315     $bakcount++;
316     }
317     print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
318     }
319     print "</table>";
320     }
321    
322     EndHTML() ;
323    
324     } // end function DetailPage
325    
326     //////////////////////////////////////////////////////////////////
327    
328     function DisplayCode($fsRoot,$relDir,$fn) {
329    
330     $path = $fsRoot . $relDir . "/" . $fn ;
331    
332     if (!file_exists($path)) Error("File not found",$path) ;
333    
334     StartHTML("(".$relDir."/".$fn.")","");
335    
336     $tstr = join("",file($path)) ;
337     $tstr = htmlentities($tstr) ;
338    
339     // Tabs
340     $tstr = str_replace(chr(9)," ",$tstr) ;
341    
342     // ASP tags & XML/PHP tags
343     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
344     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
345     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
346     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
347    
348     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
349     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
350     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
351     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
352    
353     // C style comment
354     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
355     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
356    
357     // HTML comments
358     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
359     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
360    
361     echo "<PRE>" ;
362    
363     $tstr = split("\n",$tstr) ;
364     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
365     // add line numbers
366     echo "<BR><EM>" ;
367     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
368     $line = $tstr[$i] ;
369     // C++ style comments
370     $pos = strpos($line,"//") ;
371     // exceptions: two slashes aren't a script comment
372     if (strstr($line,"//") &&
373     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
374     ! (substr($line,$pos,8) == "//--&gt;") &&
375     ! (substr($line,$pos,9) == "// --&gt;")) {
376     $beg = substr($line,0,strpos($line,"//")) ;
377     $end = strstr($line,"//") ;
378     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
379     }
380     // shell & asp style comments
381     $first = substr(ltrim($line),0,1) ;
382     if ($first == "#" || $first == "'") {
383     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
384     }
385     print($line) ;
386     } // next i
387    
388     echo "</PRE>" ;
389    
390     EndHTML() ;
391    
392     } // end function DisplayCode
393    
394     //////////////////////////////////////////////////////////////////
395    
396     function MockIcon($txt) {
397     $tstr = "<SPAN CLASS=MCK>" ;
398    
399     switch (strtolower($txt)) {
400     case ".bmp" :
401     case ".gif" :
402     case ".jpg" :
403     case ".jpeg":
404     case ".tif" :
405     case ".tiff":
406     $d = 176 ;
407     break ;
408     case ".doc" :
409     $d = 50 ;
410     break ;
411     case ".exe" :
412     case ".bat" :
413     $d = 255 ;
414     break ;
415     case ".bas" :
416     case ".c" :
417     case ".cc" :
418     case ".src" :
419     $d = 255 ;
420     break ;
421     case "file" :
422     $d = 51 ;
423     break ;
424     case "fldr" :
425     $d = 48 ;
426     break ;
427     case ".htm" :
428     case ".html":
429     case ".asa" :
430     case ".asp" :
431     case ".cfm" :
432     case ".php3":
433     case ".php" :
434     case ".phtml" :
435     case ".shtml" :
436     $d = 182 ;
437     break ;
438     case ".pdf" :
439     $d = 38 ;
440     break;
441     case ".txt" :
442     case ".ini" :
443     $d = 52 ;
444     break ;
445     case ".xls" :
446     $d = 252 ;
447     break ;
448     case ".zip" :
449     case ".arc" :
450     case ".sit" :
451     case ".tar" :
452     case ".gz" :
453     case ".tgz" :
454     case ".Z" :
455     $d = 59 ;
456     break ;
457     case "view" :
458     $d = 52 ;
459     break ;
460     case "up" :
461     $d = 199 ;
462     break ;
463     case "blank" :
464     return "&nbsp;&nbsp;</SPAN>" ;
465     break ;
466     default :
467     $d = 51 ;
468     }
469    
470     return $tstr . chr($d) . "</SPAN>" ;
471     } // end function MockIcon
472    
473     //////////////////////////////////////////////////////////////////
474    
475     function GifIcon($txt) {
476     global $gblIconLocation ;
477    
478     switch (strtolower($txt)) {
479     case ".bmp" :
480     case ".gif" :
481     case ".jpg" :
482     case ".jpeg":
483     case ".tif" :
484     case ".tiff":
485     $d = "image2.gif" ;
486     break ;
487     case ".doc" :
488     $d = "layout.gif" ;
489     break ;
490     case ".exe" :
491     case ".bat" :
492     $d = "screw2.gif" ;
493     break ;
494     case ".bas" :
495     case ".c" :
496     case ".cc" :
497     case ".src" :
498     $d = "c.gif" ;
499     break ;
500     case "file" :
501     $d = "generic.gif" ;
502     break ;
503     case "fldr" :
504     $d = "dir.gif" ;
505     break ;
506     case ".phps" :
507     $d = "phps.gif" ;
508     break ;
509     case ".php3" :
510     $d = "php3.gif" ;
511     break ;
512     case ".htm" :
513     case ".html":
514     case ".asa" :
515     case ".asp" :
516     case ".cfm" :
517     case ".php3":
518     case ".php" :
519     case ".phtml" :
520     case ".shtml" :
521     $d = "world1.gif" ;
522     break ;
523     case ".pdf" :
524     $d = "pdf.gif" ;
525     break;
526     case ".txt" :
527     case ".ini" :
528     $d = "text.gif" ;
529     break ;
530     case ".xls" :
531     $d = "box2.gif" ;
532     break ;
533     case ".zip" :
534     case ".arc" :
535     case ".sit" :
536     case ".tar" :
537     case ".gz" :
538     case ".tgz" :
539     case ".Z" :
540     $d = "compressed.gif" ;
541     break ;
542     case "view" :
543     $d = "index.gif" ;
544     break ;
545     case "up" :
546     $d = "back.gif" ;
547     break ;
548     case "blank" :
549     $d = "blank.gif" ;
550     break ;
551     case "checkout":
552     $d = "box2.gif";
553     break;
554     case "checkin":
555     $d = "hand.up.gif";
556     break;
557     case "locked":
558     $d = "screw2.gif";
559     break;
560     case "note":
561     $d = "quill.gif";
562     break;
563     default :
564     $d = "generic.gif" ;
565     }
566    
567     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
568     } // end function GifIcon
569    
570     //////////////////////////////////////////////////////////////////
571    
572     function Navigate($fsRoot,$relDir) {
573    
574     global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide,
575     $HTTP_GET_VARS, $html;
576    
577     $self = $GLOBALS["PHP_SELF"] ;
578    
579     if ($relDir == "") $relDir = "/";
580    
581     $fsDir = $fsRoot.$relDir."/"; // current directory
582    
583     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
584    
585     $hide_items=",$gblHide,";
586    
587     #display_all_trustee();
588     print "-- $fsDir --";
589    
590     // read directory contents
591     if ( !($dir = @opendir($fsDir)) )
592     Error("Read Access denied",$relDir) ;
593     while ($item = readdir($dir)) {
594     print "$item, ";
595     if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
596     if ((is_dir($fsDir.$item) || is_link ($fsDir.$item)) && check_perm($relDir.$item,trperm_b)) {
597     $dirList[$item] = $item ;
598     $dirNote[$item] = ReadNote($fsDir.$item);
599     } else if ( is_file($fsDir.$item) && check_perm($relDir.$item,trperm_r) ) {
600     $fileList[$item] = $item ;
601     $fileDate[$item] = filemtime($fsDir.$item) ;
602     $fileSize[$item] = filesize($fsDir.$item) ;
603     $fileNote[$item] = ReadNote($fsDir.$item);
604     } else {
605     // unknown file type
606     // $text = "Could not determine file type of " ;
607     // Error("File Error", $text.$relDir."/".$item) ;
608     // exit ;
609     }
610     }
611     closedir($dir) ;
612    
613     // scan deleted files
614     if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
615     while ($item = readdir($dir)) {
616     if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") || !check_perm($relDir.$item,trperm_w) ) continue ;
617     $fileList[$item] = ".del/$item" ;
618     $fileDate[$item] = filemtime($fsDir.".del/$path") ;
619     $fileSize[$item] = filesize($fsDir.".del/$path") ;
620     $fileNote[$item] = ReadNote($fsDir.".del/$item");
621     }
622     closedir($dir) ;
623     }
624    
625     $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
626    
627     // start navigation page
628     $text = "Use this page to add, delete";
629     if (! isset($show_deleted)) {
630     $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
631     }
632     $text .= " or revise files on this web site." ;
633     $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
634     StartHTML("(Navigate)",$text) ;
635    
636     echo "<TABLE BORDER=0 CELLPADDING=2
637     CELLSPACING=3 WIDTH=\"100%\">" ;
638    
639     // updir bar
640     if (chopsl($fsDir) != chopsl($fsRoot)) {
641     $parent = dirname($relDir) ;
642     if ($parent == "") $parent = "/" ;
643    
644     include("$html/Navigate-parent.html");
645     }
646    
647     function plural($name,$count) {
648     $out="$count $name";
649     if ($count > 1) {
650     $out.="s";
651     }
652     return $out;
653     }
654    
655     $dsort = $HTTP_GET_VARS[dsort];
656     if (! isset($dsort)) $dsort = "name"; // default directory sort
657    
658     $dsort_arr = array(
659     "name" => array ("rname", "note"),
660     "rname" => array ("name", "note"),
661     "note" => array ("name", "rnote"),
662     "rnote" => array ("name", "note")
663     );
664    
665     $fsort = $HTTP_GET_VARS[fsort];
666     if (! isset($fsort)) $fsort = "name"; // default directory sort
667    
668     $fsort_arr = array(
669     "name" => array ("rname", "note", "date", "size"),
670     "rname" => array ("name", "note", "date", "size"),
671     "note" => array ("name", "rnote", "date", "size"),
672     "rnote" => array ("name", "note", "date", "size"),
673     "date" => array ("name", "note", "rdate", "size"),
674     "rdate" => array ("name", "note", "date", "size"),
675     "size" => array ("name", "note", "date", "rsize"),
676     "rsize" => array ("name", "note", "date", "size")
677     );
678    
679     $D="D=".urlencode($relDir);
680    
681     function self_args($arr = array()) {
682     $arg = implode("&",$arr);
683     if ($arg) {
684     return $self."?".$arg;
685     } else {
686     return $self;
687     }
688     }
689     // output subdirs
690     if (sizeof($dirList) > 0) {
691     switch ($dsort) {
692     case "note":
693     $items = $dirNote;
694     asort($items);
695     break;
696     case "rnote":
697     $items = $dirNote;
698     arsort($items);
699     break;
700     case "rname":
701     $items = $dirList;
702     krsort($items);
703     break;
704     default:
705     $items = $dirList;
706     ksort($items);
707     break;
708     }
709     $durl = self_args(array($D,"dsort=".$dsort_arr[$dsort][0]));
710     $nurl = self_args(array($D,"dsort=".$dsort_arr[$dsort][1]));
711    
712     include("$html/Navigate-dirHeader.html");
713    
714     while (list($key,$dir) = each($items)) {
715    
716     $dir = $dirList[$key];
717    
718 dpavlin 1.2 $info_url=self_args(array("A"=>"A=E", "F"=>"F=".urlencode($dir), "D"=>$D));
719     $dir_url=$self."?D=".urlencode($relDir."/".$dir);
720 dpavlin 1.1 include("$html/Navigate-dirEntry.html");
721    
722     } // iterate over dirs
723     } // end if no dirs
724    
725     $durl = self_args(array($D,"fsort=".$fsort_arr[$fsort][0]));
726     $nurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][1]));
727     $uurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][2]));
728     $surl = self_args(array($D,"fsort=".$fsort_arr[$fsort][3]));
729    
730     include("$html/Navigate-fileHeader.html");
731    
732     if (sizeof($fileList) > 0) {
733     switch ($fsort) {
734     case "note":
735     $items = $fileNote;
736     asort($items);
737     break;
738     case "rnote":
739     $items = $fileNote;
740     arsort($items);
741     break;
742     case "date":
743     $items = $fileDate;
744     asort($items);
745     break;
746     case "rdate":
747     $items = $fileDate;
748     arsort($items);
749     break;
750     case "size":
751     $items = $fileSize;
752     asort($items);
753     break;
754     case "rsize":
755     $items = $fileSize;
756     arsort($items);
757     break;
758     case "rname":
759     $items = $fileList;
760     krsort($items);
761     break;
762     default:
763     $items = $fileList;
764     ksort($items);
765     break;
766     }
767    
768     while (list($key,$file) = each($items)) {
769     $file = $fileList[$key];
770     $path = $fsDir."/".$file ;
771     $mod = $fileDate[$key];
772     $sz = $fileSize[$key];
773    
774     if ($sz >= 10240) {
775     $sz = (int)(($sz+1023)/1024) . " k" ;
776     } else {
777     $sz .= " " ;
778     } // end size
779    
780     $a = $b = "" ;
781    
782     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
783    
784     if ( ($mod + $gblModDays*86400) > time() ) {
785     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
786     $a .= " than $gblModDays days\"> * </SPAN>" ;
787     }
788    
789     $file_lock=CheckLock($path);
790    
791     $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
792     $file_url_html.="&D=".urlencode($relDir);
793     $file_url_html.="\" TITLE=\"View file\">" ;
794    
795     if (substr($file,0,5) != ".del/") {
796     $file_url_html .= $file . "</A>" . $a ;
797     } else {
798     $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
799     }
800    
801     $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
802    
803     $ext = strtolower(strrchr($file,".")) ;
804    
805     if ($file_lock) {
806     if ($file_lock == $GLOBALS[gblUserName]) {
807     $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
808     $b.="&D=".urlencode($relDir);
809     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
810     $file_url_html=$b;
811     $b.=$gblIcon("checkin")."</A>" ;
812     $b.= $gblIcon("blank");
813     $file_url_html.="$file</a> $a";
814     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
815     } else {
816     $b = $gblIcon("locked");
817     $b.= $gblIcon("blank");
818     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
819     $file_url_html = "$file $a";
820     }
821     } else {
822     $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
823     $b.="&D=".urlencode($relDir);
824     $b.="\" TITLE=\"Checkout file for edit\">" ;
825     $b.=$gblIcon("checkout")."</A>" ;
826    
827     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
828     $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
829     $b.="&D=".urlencode($relDir);
830     $b.="\" TITLE=\"List contents\">" ;
831     $b.=$gblIcon("view")."</A>" ;
832     } else {
833     $b.= $gblIcon("blank");
834     }
835     }
836    
837     $mod = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod);
838    
839     include("$html/Navigate-fileEntry.html");
840    
841     } // iterate over files
842     } else { // end if no files
843     ?>
844     <TR><TD></TD><TD COLSPAN=5 CLASS=LST>
845     No files in this directory
846     </TD></TR>
847     <?
848     }
849    
850     if ($emptyDir && $relDir != "") {
851     ?>
852    
853     <FORM METHOD="POST" ACTION="<?= $self ?>">
854     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
855     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
856     OK TO DELETE THIS EMPTY FOLDER?
857     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
858     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
859     </TD></TR>
860     </FORM>
861    
862     <?php
863     } // end if emptyDir
864     ?>
865    
866     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
867    
868     <?
869     if (file_exists(".info.inc")) {
870     print "<TR><TD></TD><TD COLSPAN=5>";
871     include(".info.inc");
872     print "</TD></TR>
873     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>";
874     }
875     ?>
876    
877     <FORM METHOD="POST" ACTION="<?= $self ?>">
878     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
879     <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
880     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
881     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
882     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
883     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
884     <INPUT TYPE="SUBMIT" VALUE="CREATE" NAME="CREATE">
885     </NOBR>
886     <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE</NOBR>
887     </TD></TR>
888     </FORM>
889     </TABLE>
890    
891     <?php
892     EndHTML() ;
893     } // end function Navigate
894    
895     //////////////////////////////////////////////////////////////////
896    
897     function UploadPage($fsRoot, $relDir, $filename="") {
898    
899     $self = $GLOBALS["PHP_SELF"] ;
900     if ($relDir == "") $relDir = "/" ;
901     ?>
902    
903     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
904     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
905     ACTION="<?= $self ?>">
906     DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
907     <? if (isset($filename) && $filename!="") { ?>
908     <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
909     <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
910     <? } ?>
911     <P>PATHNAME OF LOCAL FILE<BR>
912     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
913     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
914     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
915     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
916     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
917     you must upgrade to an RFC1867-compliant browser.</P>
918     <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
919     </FORM>
920     </TD></TR>
921     <TR><TD></TD><TD>
922     <FORM METHOD="POST" ACTION="<?= $self ?>">
923     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
924     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
925     </FORM>
926     </TD></TR></TABLE></P>
927    
928     <?php
929     } // end function UploadPage
930    
931     //////////////////////////////////////////////////////////////////
932    
933     function Error($title,$text="") {
934     StartHTML("(".$title.")",$text) ;
935     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
936     EndHTML() ;
937     exit ;
938     } // end function Error
939    
940     //////////////////////////////////////////////////////////////////
941    
942 dpavlin 1.2 function LogIt($target,$msg, $changelog=0) {
943 dpavlin 1.1
944     $dir=dirname($target);
945     if (! file_exists($dir."/.log")) {
946     if (! @mkdir($dir."/.log",0700)) Error("docman installation problem","can't create log directory <tt>$dir/.log</tt>");
947     }
948     $file=basename($target);
949    
950     $log=fopen("$dir/.log/$file","a+");
951     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
952     "\t$GLOBALS[gblUserName]\t$msg\n");
953     fclose($log);
954    
955 dpavlin 1.2 if (! $changelog) return;
956    
957     global $gblFsRoot;
958     $log=fopen("$gblFsRoot/.changelog","a+");
959     if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
960     $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
961     $msg=str_replace("\t"," ",$msg);
962     fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
963     fclose($log);
964    
965     // FIX: implement e-mail notification based on $changelog
966     // permission
967 dpavlin 1.1 }
968    
969    
970     //////////////////////////////////////////////////////////////////
971    
972     function WriteNote($target,$msg) {
973    
974     $target=stripSlashes($target);
975     $dir=dirname($target);
976     if (! file_exists($dir."/.note")) {
977     mkdir($dir."/.note",0700);
978     }
979     $file=basename($target);
980    
981     $note=fopen("$dir/.note/$file","w");
982     fputs($note,"$msg\n");
983     fclose($note);
984    
985 dpavlin 1.2 LogIt($target,"added note $msg");
986 dpavlin 1.1
987     }
988    
989     function ReadNote($target) {
990    
991     $target=stripSlashes($target);
992     $dir=dirname($target);
993     $file=basename($target);
994     $msg="";
995     if (file_exists($dir."/.note/$file")) {
996     $note=fopen("$dir/.note/$file","r");
997     $msg=fgets($note,4096);
998     fclose($note);
999     }
1000     return HtmlSpecialChars(StripSlashes($msg));
1001    
1002     }
1003    
1004     //////////////////////////////////////////////////////////////////
1005    
1006     function MoveTo($source,$folder) {
1007    
1008     $source=stripSlashes($source);
1009     $file=basename($source);
1010     if (! file_exists($folder)) {
1011     mkdir($folder,0700);
1012     }
1013     if (file_exists($source)) {
1014     rename($source,"$folder/$file");
1015     }
1016     }
1017    
1018     //////////////////////////////////////////////////////////////////
1019    
1020     function Lock($target) {
1021    
1022     $target=stripSlashes($target);
1023     $dir=dirname($target);
1024     if (! file_exists($dir."/.lock")) {
1025     mkdir($dir."/.lock",0700);
1026     }
1027     $file=basename($target);
1028    
1029     if (file_exists("$dir/.lock/$file")) {
1030 dpavlin 1.2 LogIt($target,"attempt to locked allready locked file!");
1031 dpavlin 1.1 } else {
1032     $lock=fopen("$dir/.lock/$file","w");
1033     fputs($lock,"$GLOBALS[gblUserName]\n");
1034     fclose($lock);
1035    
1036 dpavlin 1.2 LogIt($target,"file locked");
1037 dpavlin 1.1 }
1038    
1039     }
1040    
1041     function CheckLock($target) {
1042    
1043     $target=stripSlashes($target);
1044     $dir=dirname($target);
1045     $file=basename($target);
1046     $msg=0;
1047     if (file_exists($dir."/.lock/$file")) {
1048     $lock=fopen("$dir/.lock/$file","r");
1049     $msg=fgets($lock,4096);
1050     fclose($lock);
1051     }
1052     return chop($msg);
1053    
1054     }
1055    
1056     function Unlock($target) {
1057    
1058     $target=stripSlashes($target);
1059     $dir=dirname($target);
1060     $file=basename($target);
1061     if (file_exists($dir."/.lock/$file")) {
1062     unlink("$dir/.lock/$file");
1063 dpavlin 1.2 LogIt($target,"file unlocked");
1064 dpavlin 1.1 } else {
1065 dpavlin 1.2 LogIt($target,"attempt to unlocked non-locked file!");
1066 dpavlin 1.1 }
1067    
1068     }
1069    
1070     //////////////////////////////////////////////////////////////////
1071    
1072     function urlpath($url) {
1073     $url=urlencode(StripSlashes("$url"));
1074     $url=str_replace("%2F","/",$url);
1075     $url=str_replace("+","%20",$url);
1076     return($url);
1077     }
1078    
1079     //////////////////////////////////////////////////////////////////
1080    
1081     function safe_rename($fromdir,$fromfile,$tofile) {
1082     function try_rename($from,$to) {
1083     # print "$from -> $to\n";
1084     if (file_exists($from) && is_writeable(dirname($to))) {
1085     rename($from,$to);
1086     }
1087     }
1088    
1089     function try_dir($todir) {
1090     if (! file_exists($todir)) {
1091     mkdir($todir,0700);
1092     }
1093     }
1094    
1095     $to="$fromdir/$tofile";
1096     $todir=dirname($to);
1097     $tofile=basename($to);
1098    
1099     # print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n";
1100    
1101     try_rename("$fromdir/$fromfile","$todir/$tofile");
1102     try_dir("$todir/.log");
1103     try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
1104     try_dir("$todir/.note");
1105     try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
1106     try_dir("$todir/.lock");
1107     try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
1108     try_dir("$todir/.bak");
1109     for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
1110     try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
1111     }
1112     }
1113    
1114    
1115     //////////////////////////////////////////////////////////////////
1116    
1117     // recursivly delete directory
1118    
1119     function rrmdir($dir) {
1120     $handle=opendir($dir);
1121     while ($file = readdir($handle)) {
1122     if ($file != "." && $file != "..") {
1123     if (is_dir("$dir/$file"))
1124     rrmdir("$dir/$file");
1125     else
1126     if (! @unlink("$dir/$file")) return(0);
1127     }
1128     }
1129     closedir($handle);
1130     return @rmdir($dir);
1131     }
1132    
1133     //////////////////////////////////////////////////////////////////
1134    
1135     function DisplayChangeLog($day) {
1136    
1137     global $gblFsRoot;
1138     if (!file_exists("$gblFsRoot/.changelog")) return;
1139     $log=fopen("$gblFsRoot/.changelog","r");
1140     $logarr = array();
1141     while($line = fgetcsv($log,512,"\t")) {
1142     while (sizeof($line) > 4) {
1143     $tmp = array_pop($line);
1144     $line.=" $tmp";
1145     }
1146     if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) {
1147     array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1148     }
1149     }
1150     fclose($log);
1151     $cl1=" class=LST"; $cl2="";
1152     print "<table border=0 width=100%>\n";
1153     while ($e = array_shift($logarr)) {
1154     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1155     $date = date("$GLOBALS[gblDateFmt]", $e[0]);
1156     $time = date("$GLOBALS[gblTimeFmt]", $e[0]);
1157     $dir = dirname($e[1]);
1158     $file = basename($e[1]);
1159     print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$GLOBALS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1160     }
1161     print "</table>";
1162     print "<p>".GifIcon(up)." Back to <a href=$GLOBALS[PHP_SELF]>front page</a>.</p>";
1163     }
1164    
1165     //////////////////////////////////////////////////////////////////
1166    
1167     function Download($path) {
1168     global $HTTP_USER_AGENT;
1169     $file=basename($path);
1170     $size = filesize($path);
1171     //header("Content-Type: application/octet-stream");
1172     header("Content-Type: application/force-download");
1173     header("Content-Length: $size");
1174     // IE5.5 just downloads index.php if we don't do this
1175     if(preg_match("/MSIE 5.5/", $HTTP_USER_AGENT)) {
1176     header("Content-Disposition: filename=$file");
1177     } else {
1178     header("Content-Disposition: attachment; filename=$file");
1179     }
1180     header("Content-Transfer-Encoding: binary");
1181     $fh = fopen($path, "r");
1182     fpassthru($fh);
1183     }
1184    
1185    
1186     //////////////////////////////////////////////////////////////////
1187    
1188     function chopsl($path) {
1189     if (substr($path,strlen($path)-1,1) == "/") $path=substr($path,0,strlen($path)-1);
1190     $path=str_replace("//","/",$path);
1191     return $path;
1192     }
1193    
1194     //////////////////////////////////////////////////////////////////
1195     /*
1196     Document manager ACL implementation
1197    
1198     Written by Dobrica Pavlinusic <dpavlin@rot13.org>
1199    
1200     Based on ideas from Linux trustees code
1201     by Vyacheslav Zavadsky <zavadsky@braysystems.com>
1202     */
1203    
1204     define(trmask_not,1 << 0);
1205     define(trmask_clear,1 << 1);
1206     define(trmask_deny,1 << 2);
1207     define(trmask_one_level,1 << 3);
1208     define(trmask_group,1 << 4);
1209    
1210     define(trperm_r,1 << 5);
1211     define(trperm_w,1 << 6);
1212     define(trperm_b,1 << 7);
1213     define(trperm_n,1 << 8);
1214    
1215     $trustee_a2n = array(
1216     '!' => trmask_not,
1217     'C' => trmask_clear,
1218     'D' => trmask_deny,
1219     'O' => trmask_one_level,
1220     '+' => trmask_group,
1221     'R' => trperm_r,
1222     'W' => trperm_w,
1223     'B' => trperm_b,
1224     'N' => trperm_n,
1225     );
1226    
1227     // debugging function
1228     function display_trustee($t) {
1229     global $trustee_a2n;
1230     $out="";
1231     foreach ($trustee_a2n as $c=>$v) {
1232     if ($t & $v) $out.=$c;
1233     }
1234     return $out;
1235     }
1236     function display_all_trustee() {
1237     global $trustees;
1238     print "trustee dump:<br>\n";
1239     foreach ($trustees as $path => $tr) {
1240     print "<br><tt>$path</tt>\n";
1241     foreach ($tr as $user=>$perm) {
1242     print "$user == $perm (".display_trustee($perm).")<br>\n";
1243     }
1244     }
1245     }
1246    
1247     function init_trustee() {
1248    
1249     global $trustee_conf,$trustee_php,$trustee_a2n,$groups,$trustees;
1250    
1251     // do we need to re-create compiled trustees?
1252     if (! file_exists($trustee_conf)) {
1253     # $error="$trustee_conf doesn't exits";
1254     return 0; # don't use trustees
1255     } elseif (file_exists($trustee_conf) && !is_readable($trustee_conf)) {
1256     $error="<tt>$trustee_conf</tt> exits, but is not readable";
1257     } elseif (!is_writable(dirname($trustee_php))) {
1258     $error="<tt>".dirname($trustee_php)."</tt> must be writable by web server user";
1259     } elseif (file_exists($trustee_php) && !is_writable($trustee_php)) {
1260     $error="trustees cache file <tt>$trustee_php</tt> exists, but is not writable by web server";
1261     } elseif (1 || filemtime($trustee_conf) >= filemtime($trustee_php)) {
1262     $fp_php=@fopen($trustee_php,"w");
1263     fputs($fp_php,"<?php // don't edit by hand!\n");
1264    
1265     $fp_conf=fopen($trustee_conf,"r");
1266    
1267     $groups_arr = array();
1268     $perm_arr = array();
1269    
1270     $error=0;
1271    
1272     $tr_arr = array();
1273    
1274     while (! feof($fp_conf)) {
1275     $l = trim(fgets($fp_conf,4096));
1276     if (substr($l,0,1) == "+") { // no comment
1277     $arr=explode(":",$l);
1278     $groups_arr[$arr[0]] = $arr[1] ;
1279     } elseif (substr($l,0,1) != "#") {
1280     $arr=explode(":",$l);
1281     $path=array_shift($arr);
1282     if ($path == "") continue;
1283     $sep2="";
1284     while ($user=array_shift($arr)) {
1285     $perm=0;
1286     if (substr($user,0,1) == "+") {
1287     $perm|=trmask_group;
1288     $user=substr($user,1,strlen($user)-1);
1289     }
1290     $perm_ascii=array_shift($arr);
1291     for ($i=0;$i<strlen($perm_ascii);$i++) {
1292     $ch=strtoupper($perm_ascii[$i]);
1293     if (isset($trustee_a2n[$ch])) {
1294     $perm|=$trustee_a2n[$ch];
1295     } else {
1296     $error.="trustee error in line '$l' [Unknown modifier '$ch']<br>\n";
1297     }
1298     }
1299     $tr_arr[$path][$user] |= $perm;
1300     }
1301     }
1302     }
1303    
1304     fclose($fp_conf);
1305    
1306     // save trustees
1307     $tr_out='$trustees = array (';
1308     $sep1="";
1309     while (list ($path, $tr) = each ($tr_arr)) {
1310     $tr_out.="$sep1\n\t'$path'=>array(";
1311     $sep2="";
1312     while (list($user,$perm)=each($tr)) {
1313     $tr_out.="$sep2\n\t\t'$user'=>$perm";
1314     $sep2=",";
1315     }
1316     $tr_out.="\n\t)";
1317     $sep1=",";
1318     }
1319     $tr_out.="\n);";
1320    
1321     // save groups
1322     $gr_out='$groups = array (';
1323     $sep="";
1324     while (list ($group, $members) = each ($groups_arr)) {
1325     $gr_out.="$sep\n\t'";
1326     $gr_out.=substr($group,1,strlen($group)-1);
1327     $gr_out.="'=>array('".join("','",explode(",",$members))."')";
1328     $sep=",";
1329     }
1330     $gr_out.="\n);\n";
1331    
1332     fputs($fp_php,$gr_out);
1333     fputs($fp_php,$tr_out);
1334     fputs($fp_php,"?>\n");
1335     fclose($fp_php);
1336     }
1337    
1338     if ($error) {
1339     Error("Trustee error",$error);
1340     } else {
1341     include("$trustee_php");
1342     }
1343    
1344     return 1;
1345    
1346     }//init_trustee
1347    
1348     function in_group($user,$group) {
1349     return in_array($groups[$group],$user);
1350     }
1351    
1352     // helper function
1353     function unroll_perm($u,$t,$user,$perm) {
1354     // check user
1355     if ($t & trmask_not && ($u==$user)) continue;
1356     if (!($t & trmask_not) && ($u!=$user)) continue;
1357    
1358     if ($t & trmask_deny) {
1359     if ($t & trmask_clear) {
1360     $perm[deny] &= ~$t;
1361     } else {
1362     $perm[deny] |= $t;
1363     }
1364     } elseif ($t & trmask_clear) {
1365     $perm[allow] &= ~$t;
1366     } else {
1367     $perm[allow] |= $t;
1368     }
1369     return $perm;
1370     }// end of helper function
1371    
1372     function check_trustee($user,$path) {
1373     global $trustees;
1374     $perm[allow] = 0;
1375     $perm[deny] = 0;
1376     $path_arr=explode("/",$path);
1377     $path = "/";
1378     while (count($path_arr)) {
1379     if (substr($path,strlen($path)-1,1) != "/") $path.="/";
1380     $path.=array_shift($path_arr);
1381     $tr = $trustees[$path];
1382    
1383     if (isset($tr)) {
1384     // first apply trustee for all
1385     if (isset($tr['*'])) {
1386     $perm = unroll_perm($user,$tr['*'],$user, $perm);
1387     unset($tr['*']);
1388     }
1389     // then apply group policies
1390     foreach ($tr as $u=>$t) {
1391     if ($t & trmask_group && in_group($user,$u)) {
1392     // resolv user
1393     $t = $t & ~trmask_group;
1394     $u = $user;
1395     $perm = unroll_perm($u,$t,$user, $perm);
1396     unset($tr[$u]);
1397     }
1398     }
1399     // then apply use policy
1400     if (isset($tr[$user])) {
1401     $perm = unroll_perm($user,$tr[$user],$user, $perm);
1402     unset($tr[$user]);
1403     }
1404    
1405     }
1406    
1407     }
1408     #print "<br>user: $user path: $path perm: ";
1409     #print "d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).")<Br>\n";
1410     return $perm;
1411     }
1412    
1413     // handy functions
1414    
1415     function check_perm($path,$trperm) {
1416     global $gblLogin,$HAVE_TRUSTEE;
1417     print "<br>check_perm: <tt>$path</tt> test perm ".display_trustee($perm)."<br>\n";
1418     $return = ! $HAVE_TRUSTEE;
1419     if ($HAVE_TRUSTEE) {
1420     $perm = check_trustee($gblLogin,$path);
1421     print " d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).") perm: $trperm";
1422     if ($perm[deny] & $trperm) $return=0;
1423     elseif ($perm[allow] & $trperm) $return=1;
1424     }
1425     print " return: $return<br>\n";
1426     return($return);
1427     }
1428    
1429    
1430     //////////////////////////////////////////////////////////////////
1431     // MAIN PROGRAM
1432    
1433     $gblFilePerms = 0640 ; // default for new files
1434     $gblDirPerms = 0750 ; // default for new dirs
1435    
1436     if (isset($STYLE) && $STYLE == "get") {
1437     include("$html/docman.css");
1438     exit;
1439     }
1440    
1441     // location of master docman configuration file
1442     $docman_conf = "/etc/docman.conf";
1443     if (! file_exists($docman_conf)) {
1444     $error = "Can't find master configuration file $docman_conf. See docman2/doc/upgrade.html#docman_conf for more informations";
1445    
1446     error_log("docman: $error");
1447     Error("docman not installed completly",$error);
1448     }
1449     include($docman_conf);
1450    
1451     if (! isset($fsRealmDir)) {
1452     $fsRealmDir = "$gblIncDir/realm";
1453     }
1454     $realm_config = "$fsRealmDir/$realm.conf";
1455    
1456     // read user-defined configuration
1457     if (file_exists($realm_config)) {
1458     include($realm_config);
1459     } else {
1460     Error("Configuration error","Can't find configuration file at <tt>$realm_config</tt> !");
1461     }
1462    
1463     if (! isset($gblRepositoryDir)) Error("Configuration error","<tt>\$gblRepositoryDir</tt> is not setuped in realm configuration file <tt>$realm_config</tt>");
1464    
1465     // where do we get users from?
1466     if (file_exists("$gblIncDir/htusers/$gblUsers.php")) {
1467     include("$gblIncDir/htusers/$gblUsers.php");
1468     } else {
1469     Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/htusers/$gblUsers.php</tt> ! Please fix <tt>$realm_config</tt>");
1470     }
1471    
1472     // if no password, or empty password logout
1473     if (
1474     isset($gblLogin) && (
1475     !isset($relogin) || (
1476     isset($relogin) && $relogin != md5($gblLogin.$gblPasswd)
1477     )
1478     ) && (
1479     $gblPasswd == "" || !isset($gblPasswd)
1480     ) && !isset($force_login) && $gblLogin != "anonymous"
1481     ) {
1482     StartHTML("Logout completed","Your login credentials has been erased") ;
1483     EndHTML() ;
1484     exit ;
1485     }
1486    
1487     // trustee (ACL) file configuration
1488     $trustee_conf="$gblIncDir/realm/$realm.trustee";
1489     // compiled version of trustee file
1490     $trustee_php="$gblRepositoryDir/.trustee.php";
1491     // get ACL informations
1492     $HAVE_TRUSTEE = init_trustee();
1493    
1494     if (strtolower($gblLogin) == "anonymous" || !isset($gblPasswd)) {
1495     $perm = check_trustee($gblLogin,$path);
1496     // browsing must be explicitly allowed for root directory
1497     // of repository for anonymous user to work!
1498     if ($perm[allow] & trperm_b) {
1499     $secHash = md5($gblLogin.$gblPasswd);
1500     $gblUserName = "Anonymous user";
1501     }
1502     }
1503    
1504     // authentication failure
1505     if ( md5($gblLogin.$gblPasswd) != $secHash ||
1506     isset($relogin) && $secHash == $relogin) {
1507     header("WWW-authenticate: basic realm=\"$realm\"") ;
1508     header("HTTP/1.0 401 Unauthorized") ;
1509     Error("401 Unauthorized","No trespassing !");
1510     exit ;
1511     }
1512    
1513     // get current directory relative to $gblFsRoot
1514     $relDir = $DIR ; // from POST
1515     if ($relDir == "") { // not defined in POST ?
1516     $relDir = urldecode($D) ; // then use GET
1517     }
1518    
1519     $relDir=stripSlashes($relDir);
1520    
1521     if ($relDir == "/") $relDir = "" ;
1522     // default : website root = ""
1523    
1524     if (strstr($relDir,"..")) Error("No updirs allowed");
1525    
1526     // full paths contain "fs" or "Fs". Paths realitve to root of
1527     // website contain "rel" or "Rel". The script won't let you
1528     // edit anything above directory equal to http://server.com
1529     // i.e. below $gblFsRoot.
1530    
1531     $relScriptDir = dirname($SCRIPT_NAME) ;
1532     // i.e. /docman
1533    
1534     // start on server root
1535     $gblFsRoot = $gblRepositoryDir;
1536     // i.e. /home/httpd/html
1537    
1538     $fsDir = $gblFsRoot . $relDir ; // current directory
1539     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1540    
1541     if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
1542     $webRoot = "https://";
1543     } else {
1544     $webRoot = "http://";
1545     }
1546     $webRoot .= $GLOBALS["HTTP_HOST"] . $relScriptDir;
1547    
1548     $FN=stripSlashes($FN);
1549    
1550     switch ($POSTACTION) {
1551     case "UPLOAD" :
1552     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1553     if (strstr($FN_name,"/"))
1554     Error("Non-conforming filename") ;
1555     // TODO : should rather check for escapeshellcmds
1556     // but maybe RFC 18xx asserts safe filenames ....
1557     $source = $FN ;
1558     if (! file_exists($source)) {
1559     Error("You must select file with browse to upload it!");
1560     }
1561     if (! isset($FILENAME)) { // from update file
1562     $target = "$fsDir/$FN_name" ;
1563     } else {
1564     $target = "$fsDir/$FILENAME";
1565     }
1566    
1567     // backup old files first
1568     $dir=dirname($target);
1569     if (! file_exists($dir."/.bak")) {
1570     mkdir($dir."/.bak",0700);
1571     }
1572     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1573     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1574     }
1575     $file=basename($target);
1576     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1577     MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1578     }
1579     MoveTo($target,$dir."/.bak/1/");
1580    
1581     copy($source,$target) ;
1582     chmod($target,$gblFilePerms) ;
1583     clearstatcache() ;
1584     if (isset($FILENAME)) {
1585 dpavlin 1.2 LogIt($target,"check-in",trperm_r | trperm_w);
1586 dpavlin 1.1 Unlock($target);
1587 dpavlin 1.2 } else {
1588     LogIt($target,"uploaded",trperm_r | trperm_w);
1589 dpavlin 1.1 }
1590     break ;
1591    
1592     case "SAVE" :
1593     $path = $gblFsRoot . $RELPATH ;
1594     $path=stripSlashes($path);
1595     $writable = is_writeable($path) ;
1596     $legaldir = is_writeable(dirname($path)) ;
1597     $exists = (file_exists($path)) ? 1 : 0 ;
1598     // check for legal extension here as well
1599     if (!($writable || (!$exists && $legaldir)))
1600     Error("Write denied",$RELPATH) ;
1601     $fh = fopen($path, "w") ;
1602     $FILEDATA=stripSlashes($FILEDATA);
1603     fwrite($fh,$FILEDATA) ;
1604     fclose($fh) ;
1605     clearstatcache() ;
1606 dpavlin 1.2 LogIt($path,"saved changes",trperm_r);
1607 dpavlin 1.1 break ;
1608    
1609     case "CREATE" :
1610     // we know $fsDir exists
1611     if ($FN == "") break; // no filename!
1612     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1613     $path = $fsDir . "/" . $FN ; // file or dir to create
1614     $relPath = $relDir . "/" . $FN ;
1615     switch ( $T ) {
1616     case "D" : // create a directory
1617     if ( ! @mkdir($path,$gblDirPerms) )
1618     Error("Mkdir failed",$relPath) ; // eg. if it exists
1619 dpavlin 1.2 else
1620     LogIt($path."/","dir created",trperm_w);
1621 dpavlin 1.1 clearstatcache() ;
1622     break ;
1623     case "F" : // create a new file
1624     // this functionality is doubled in DetailView().
1625     // better keep it here altogether
1626     // chmod perms to $gblFilePerms
1627     if ( file_exists($path) && !is_writeable($path) )
1628     Error("File not writable", $relPath) ;
1629     $fh = fopen($path, "w+") ;
1630     if ($fh) {
1631     fputs($fh,"\n");
1632     fclose($fh) ;
1633 dpavlin 1.2 LogIt($path,"file created",trperm_r | trperm_w);
1634 dpavlin 1.1 } else {
1635     Error("Creation of file $relPath failed -- $path");
1636     }
1637     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1638     header("Location: " . $tstr) ;
1639     exit ;
1640     }
1641     break ;
1642    
1643     case "DELETE" :
1644     if ( $CONFIRM != "on" ) break ;
1645    
1646     $tstr = "Attempt to delete non-existing object or " ;
1647     $tstr .= "insufficient privileges: " ;
1648    
1649     if ( $FN != "") { // delete file
1650     $path = $fsDir . "/" . $FN ;
1651    
1652     $dir=dirname($path);
1653     $file=basename($path);
1654     if (! file_exists("$dir/.del")) {
1655     mkdir("$dir/.del",0700);
1656     }
1657    
1658     // if ( ! @unlink($path) ) {
1659     if ( ! rename($path,"$dir/.del/$file") ) {
1660     Error("File delete failed", $tstr . $path) ;
1661 dpavlin 1.2 LogIt($path,"file delete failed");
1662 dpavlin 1.1 exit ;
1663     } else {
1664 dpavlin 1.2 LogIt($path,"file deleted",trperm_w);
1665 dpavlin 1.1 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1666     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1667     MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1668     }
1669 dpavlin 1.2 } else { // delete directory
1670     if ( ! @rrmdir($fsDir) ) {
1671     Error("Rmdir failed", $tstr . $fsDir) ;
1672     } else {
1673     LogIt($path,"dir deleted",trperm_w);
1674     $relDir = dirname($relDir) ; // move up
1675     }
1676 dpavlin 1.1 }
1677     break ;
1678    
1679     case "UNDELETE" :
1680     if ( $CONFIRM != "on" ) break ;
1681    
1682     if (substr($FN,0,4) != ".del") break ;
1683     $file=substr($FN,4,strlen($FN)-4);
1684    
1685 dpavlin 1.2 LogIt("$fsDir/.del/$file","undeleted",trperm_w);
1686 dpavlin 1.1 MoveTo("$fsDir/.del/$file","$fsDir/");
1687     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1688     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1689     MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1690    
1691     break ;
1692    
1693     case "RENAME" :
1694     if ( $CONFIRM != "on" ) break ;
1695    
1696 dpavlin 1.2 LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r);
1697 dpavlin 1.1 safe_rename($fsDir,$FN,$NEWNAME);
1698     break ;
1699    
1700     case "NOTE" :
1701     WriteNote("$fsDir/$FN","$NOTE");
1702     break ;
1703    
1704     case "UNLOCK" :
1705     if ( $CONFIRM != "on" ) break ;
1706     Unlock("$fsDir/$FN");
1707     break ;
1708    
1709     default :
1710     // user hit "CANCEL" or undefined action
1711     }
1712    
1713     // common to all POSTs : redirect to directory view ($relDir)
1714     if ( $POSTACTION != "" ) {
1715     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1716     header("Location: " . $tstr) ;
1717     exit ;
1718     }
1719    
1720     // check for mode.. navigate, code display, upload, or detail?
1721     // $A=U : upload to path given in $D
1722     // $A=E : display detail of file $D/$F and edit
1723     // $A=C : display code in file $D/$F
1724     // $A=Co : checkout file $D/$F
1725     // $A=Ci : checkin file $D/$F
1726     // $A=V : view file (do nothing except log)
1727     // $A=I : include file .$F.php from $gblFsRoot
1728     // default : display directory $D
1729    
1730     switch ($A) {
1731     case "U" :
1732     // upload to $relDir
1733     if (!is_writeable($gblFsRoot . $relDir))
1734     Error("Write access denied",$relDir) ;
1735     $text = "Use this page to upload a single " ;
1736     $text .= "file to <B>$HTTP_HOST</B>." ;
1737     StartHTML("(Upload Page)", $text) ;
1738     UploadPage($gblFsRoot, $relDir) ;
1739     EndHTML() ;
1740     exit ;
1741     case "E" :
1742     $F=stripSlashes($F);
1743     // detail of $relDir/$F
1744     if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1745     exit ;
1746     case "C" :
1747     $F=stripSlashes($F);
1748     // listing of $relDir/$F
1749     DisplayCode($gblFsRoot, $relDir, $F) ;
1750     exit ;
1751     case "Co" :
1752     // checkout
1753     Lock("$gblFsRoot/$relDir/$F");
1754     Download("$gblFsRoot/$relDir/$F");
1755     exit;
1756     case "Ci" :
1757     $F=stripSlashes($F);
1758     // upload && update to $relDir
1759     if (!is_writeable($gblFsRoot . $relDir))
1760     Error("Write access denied",$relDir) ;
1761     $text = "Use this page to update a single " ;
1762     $text .= "file to <B>$HTTP_HOST</B>." ;
1763     StartHTML("(Update file Page)", $text) ;
1764     UploadPage($gblFsRoot, $relDir, $F) ;
1765     EndHTML() ;
1766     exit ;
1767     case "V" :
1768     // view
1769     LogIt("$gblFsRoot/$relDir/$F","viewed");
1770     if ($gblForceDownload) {
1771     Download("$gblFsRoot/$relDir/$F");
1772     } else {
1773     header("Content-Disposition: attachment; filename=$F" );
1774     Header("Location: $webRoot".urlpath("$relDir/$F"));
1775     }
1776     exit;
1777     case "Ch" :
1778     StartHTML("(File changes)","All changes chronologicaly...");
1779     DisplayChangeLog(0); // all
1780     EndHTML() ;
1781     exit;
1782     case "Ch1" :
1783     StartHTML("(File changes)","Changes to files in last day...");
1784     DisplayChangeLog(1);
1785     EndHTML() ;
1786     exit;
1787     case "I" :
1788     $F=stripSlashes($F);
1789     $inc_file="${gblFsRoot}/.${F}.php";
1790     if (!isset($F) || $F == "" || !file_exists($inc_file)) Error("Fatal error $inc_file"); // can't find file to include
1791     if (!is_readable($inc_file))
1792     Error("Read access to include file denied",".${F}.php");
1793     $text = "Your include file should define \$text variable which holds this text and \$title variable which is page title";
1794     $title = "You should define \$title variable with page title";
1795     include($inc_file);
1796     StartHTML($title, $text) ;
1797     print "<p>".GifIcon(up)." Back to <a href=$GLOBALS[PHP_SELF]>front page</a>.</p>";
1798     EndHTML() ;
1799     exit ;
1800     }
1801    
1802     // default: display directory $relDir
1803     Navigate($gblFsRoot,$relDir) ;
1804     exit ;
1805    
1806     Error("Whooah!","By cartesian logic, this never happens") ;
1807     ?>

  ViewVC Help
Powered by ViewVC 1.1.26