--- docman.php 2002/07/21 18:15:47 1.1 +++ docman.php 2002/07/29 12:17:03 1.28 @@ -20,13 +20,13 @@ ////////////////////////////////////////////////////////////////// // CONFIGURATION OPTIONS -// error_reporting(4) ; // how verbose ? + error_reporting(E_ALL) ; // how verbose ? // from where to include auth_*.php modules? $gblIncDir = "/data/docman2"; - // force download (so it won't open in associated application) - $gblForceDownload = 1; + // force download on view (so it won't open in associated application) + $gblForceDownload = 0; // date format $gblDateFmt="Y-m-d"; @@ -84,14 +84,14 @@ LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]); // for security and configuration - $realm="$HTTP_HOST"; // FIX + $realm=$HTTP_SERVER_VARS["HTTP_HOST"]; - $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]); - if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set \$fsDocumentRoot in \$"); + $fsDocumentRoot = dirname($HTTP_SERVER_VARS["SCRIPT_FILENAME"]); + if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set \$fsDocumentRoot in \$",1); // globals for later - $gblLogin = $PHP_AUTH_USER; - $gblPasswd = $PHP_AUTH_PW; + $gblLogin = HTTP_SERVER_VAR("PHP_AUTH_USER"); + $gblPasswd = HTTP_SERVER_VAR("PHP_AUTH_PW"); ////////////////////////////////////////////////////////////////// @@ -109,16 +109,15 @@ function StartHTML($title,$text="") { - global $html,$fsDocumentRoot; + global $html,$fsDocumentRoot,$gblTitle,$HTTP_SERVER_VARS; - $title = $gblTitle." ".$title ; - $host = $GLOBALS["HTTP_HOST"] ; - $self = $GLOBALS["PHP_SELF"] ; + $host = $HTTP_SERVER_VARS["HTTP_HOST"] ; + $self = $HTTP_SERVER_VARS["PHP_SELF"] ; if (file_exists("$fsDocumentRoot/docman.css")) { $css=dirname($self)."/docman.css"; } else { - $css=$self."?STYLE=get&css=$css"; + $css=$self."?STYLE=get"; } include("$html/head.html"); @@ -138,22 +137,29 @@ } else { $url .= md5($gblLogin.$gblPasswd); } - if (isset($gblLogin) && $gblLogin != "" && ($gblPasswd == "" || !isset($gblPasswd))) { + if ( ( (isset($gblLogin) && $gblLogin != "") || + (!isset($gblLogin) || $gblLogin == "") + ) && ($gblPasswd == "" || !isset($gblPasswd))) { $url_title="login"; $url .= "&force_login=1"; } else { $url_title="relogin"; } include("$html/footer.html"); - //phpinfo(); + + global $debug; + if ($debug) print $debug; } // end function EndHTML ////////////////////////////////////////////////////////////////// function DetailPage($fsRoot,$relDir,$fn) { - global $gblEditable, $gblImages, $webRoot, $html ; - $self = $GLOBALS["PHP_SELF"] ; + global $gblEditable, $gblImages, + $gblDateFmt, $gblTimeFmt, + $webRoot, $html, + $HTTP_SERVER_VARS ; + $self = $HTTP_SERVER_VARS["PHP_SELF"] ; $relPath = $relDir . "/" . $fn ; $fsPath = $fsRoot . $relPath ; @@ -161,14 +167,16 @@ $exists = file_exists($fsPath) ; $ext = strtolower(strrchr($relPath,".")) ; - $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ; - $writable = is_writeable($fsPath) ; + $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) && + check_perm($relPath,trperm_w); + $writable = is_writeable($fsPath) && check_perm($relPath,trperm_w) ; + $writable_dir = is_writeable($fsDir) && check_perm($relDir,trperm_w) ; $file_lock = CheckLock($fsPath); if (!$editable && !$exists) - Error(_("Creation unsupported for type"),$relPath) ; - if (!exists && !is_writeable($fsDir) ) - Error(_("Creation denied"),$relDir) ; + Error("Creation denied","Can't create $relPath") ; + if (!$exists && !$writable_dir ) + Error("Creation denied","Can't write in directory $relDir while creating $relPathfor which user has permissions.",1); $text = _("Use this page to view, modify or ") ; if (is_dir($fsPath)) { @@ -180,11 +188,12 @@ $title = "("._("Detail Page").")" ; StartHTML($title, $text) ; - echo "