\n"; - foreach ($trustees as $path => $tr) { - print "
$path\n"; - foreach ($tr as $user=>$perm) { - print "$user == $perm (".display_trustee($perm).")
\n"; - } - } -} - -function init_trustee() { - -global $trustee_conf,$trustee_php,$trustee_a2n,$groups,$trustees; - -// do we need to re-create compiled trustees? -if (! file_exists($trustee_conf)) { - # $error="$trustee_conf doesn't exits"; - return 0; # don't use trustees -} elseif (file_exists($trustee_conf) && !is_readable($trustee_conf)) { - $error="$trustee_conf exits, but is not readable"; -} elseif (!is_writable(dirname($trustee_php))) { - $error="".dirname($trustee_php)." must be writable by web server user"; -} elseif (file_exists($trustee_php) && !is_writable($trustee_php)) { - $error="trustees cache file $trustee_php exists, but is not writable by web server"; -} elseif (1 || filemtime($trustee_conf) >= filemtime($trustee_php)) { - $fp_php=@fopen($trustee_php,"w"); - fputs($fp_php,"\n"; - } - } - $tr_arr[$path][$user] |= $perm; - } - } - } - - fclose($fp_conf); - - // save trustees - $tr_out='$trustees = array ('; - $sep1=""; - while (list ($path, $tr) = each ($tr_arr)) { - $tr_out.="$sep1\n\t'$path'=>array("; - $sep2=""; - while (list($user,$perm)=each($tr)) { - $tr_out.="$sep2\n\t\t'$user'=>$perm"; - $sep2=","; - } - $tr_out.="\n\t)"; - $sep1=","; - } - $tr_out.="\n);"; - - // save groups - $gr_out='$groups = array ('; - $sep=""; - while (list ($group, $members) = each ($groups_arr)) { - $gr_out.="$sep\n\t'"; - $gr_out.=substr($group,1,strlen($group)-1); - $gr_out.="'=>array('".join("','",explode(",",$members))."')"; - $sep=","; - } - $gr_out.="\n);\n"; - - fputs($fp_php,$gr_out); - fputs($fp_php,$tr_out); - fputs($fp_php,"?>\n"); - fclose($fp_php); -} - -if ($error) { - Error("Trustee error",$error); -} else { - include("$trustee_php"); -} - -return 1; - -}//init_trustee - -function in_group($user,$group) { - return in_array($groups[$group],$user); -} - -// helper function -function unroll_perm($u,$t,$user,$perm) { - // check user - if ($t & trmask_not && ($u==$user)) continue; - if (!($t & trmask_not) && ($u!=$user)) continue; - - if ($t & trmask_deny) { - if ($t & trmask_clear) { - $perm[deny] &= ~$t; - } else { - $perm[deny] |= $t; - } - } elseif ($t & trmask_clear) { - $perm[allow] &= ~$t; - } else { - $perm[allow] |= $t; - } - return $perm; -}// end of helper function - -function check_trustee($user,$path) { - global $trustees; - $perm[allow] = 0; - $perm[deny] = 0; - $path_arr=explode("/",$path); - $path = "/"; - while (count($path_arr)) { - if (substr($path,strlen($path)-1,1) != "/") $path.="/"; - $path.=array_shift($path_arr); - $tr = $trustees[$path]; - - if (isset($tr)) { - // first apply trustee for all - if (isset($tr['*'])) { - $perm = unroll_perm($user,$tr['*'],$user, $perm); - unset($tr['*']); - } - // then apply group policies - foreach ($tr as $u=>$t) { - if ($t & trmask_group && in_group($user,$u)) { - // resolv user - $t = $t & ~trmask_group; - $u = $user; - $perm = unroll_perm($u,$t,$user, $perm); - unset($tr[$u]); - } - } - // then apply use policy - if (isset($tr[$user])) { - $perm = unroll_perm($user,$tr[$user],$user, $perm); - unset($tr[$user]); - } - - } - - } -#print "
user: $user path: $path perm: "; -#print "d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).")
\n"; - return $perm; -} - -// handy functions - -function check_perm($path,$trperm) { - global $gblLogin,$HAVE_TRUSTEE; -print "
check_perm: $path test perm ".display_trustee($perm)."
\n"; - $return = ! $HAVE_TRUSTEE; - if ($HAVE_TRUSTEE) { - $perm = check_trustee($gblLogin,$path); -print " d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).") perm: $trperm"; - if ($perm[deny] & $trperm) $return=0; - elseif ($perm[allow] & $trperm) $return=1; - } -print " return: $return
\n"; - return($return); -} - - -////////////////////////////////////////////////////////////////// -// MAIN PROGRAM - - $gblFilePerms = 0640 ; // default for new files - $gblDirPerms = 0750 ; // default for new dirs - - if (isset($STYLE) && $STYLE == "get") { - include("$html/docman.css"); - exit; - } - - // location of master docman configuration file - $docman_conf = "/etc/docman.conf"; - if (! file_exists($docman_conf)) { - $error = "Can't find master configuration file $docman_conf. See docman2/doc/upgrade.html#docman_conf for more informations"; - - error_log("docman: $error"); - Error("docman not installed completly",$error); - } - include($docman_conf); - - if (! isset($fsRealmDir)) { - $fsRealmDir = "$gblIncDir/realm"; - } - $realm_config = "$fsRealmDir/$realm.conf"; - - // read user-defined configuration - if (file_exists($realm_config)) { - include($realm_config); - } else { - Error("Configuration error","Can't find configuration file at $realm_config !"); - } - - if (! isset($gblRepositoryDir)) Error("Configuration error","\$gblRepositoryDir is not setuped in realm configuration file $realm_config"); - - // where do we get users from? - if (file_exists("$gblIncDir/htusers/$gblUsers.php")) { - include("$gblIncDir/htusers/$gblUsers.php"); - } else { - Error("Configuration error","Can't find user handling module at $gblIncDir/htusers/$gblUsers.php ! Please fix $realm_config"); - } - - // if no password, or empty password logout - if ( - isset($gblLogin) && ( - !isset($relogin) || ( - isset($relogin) && $relogin != md5($gblLogin.$gblPasswd) - ) - ) && ( - $gblPasswd == "" || !isset($gblPasswd) - ) && !isset($force_login) && $gblLogin != "anonymous" - ) { - StartHTML("Logout completed","Your login credentials has been erased") ; - EndHTML() ; - exit ; - } - - // trustee (ACL) file configuration - $trustee_conf="$gblIncDir/realm/$realm.trustee"; - // compiled version of trustee file - $trustee_php="$gblRepositoryDir/.trustee.php"; - // get ACL informations - $HAVE_TRUSTEE = init_trustee(); - - if (strtolower($gblLogin) == "anonymous" || !isset($gblPasswd)) { - $perm = check_trustee($gblLogin,$path); - // browsing must be explicitly allowed for root directory - // of repository for anonymous user to work! - if ($perm[allow] & trperm_b) { - $secHash = md5($gblLogin.$gblPasswd); - $gblUserName = "Anonymous user"; - } - } - - // authentication failure - if ( md5($gblLogin.$gblPasswd) != $secHash || - isset($relogin) && $secHash == $relogin) { - header("WWW-authenticate: basic realm=\"$realm\"") ; - header("HTTP/1.0 401 Unauthorized") ; - Error("401 Unauthorized","No trespassing !"); - exit ; - } - - // get current directory relative to $gblFsRoot - $relDir = $DIR ; // from POST - if ($relDir == "") { // not defined in POST ? - $relDir = urldecode($D) ; // then use GET - } - - $relDir=stripSlashes($relDir); - - if ($relDir == "/") $relDir = "" ; - // default : website root = "" - - if (strstr($relDir,"..")) Error("No updirs allowed"); - - // full paths contain "fs" or "Fs". Paths realitve to root of - // website contain "rel" or "Rel". The script won't let you - // edit anything above directory equal to http://server.com - // i.e. below $gblFsRoot. - - $relScriptDir = dirname($SCRIPT_NAME) ; - // i.e. /docman - - // start on server root - $gblFsRoot = $gblRepositoryDir; - // i.e. /home/httpd/html - - $fsDir = $gblFsRoot . $relDir ; // current directory - if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ; - - if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") { - $webRoot = "https://"; - } else { - $webRoot = "http://"; - } - $webRoot .= $GLOBALS["HTTP_HOST"] . $relScriptDir; - - $FN=stripSlashes($FN); - - switch ($POSTACTION) { - case "UPLOAD" : - if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; - if (strstr($FN_name,"/")) - Error("Non-conforming filename") ; - // TODO : should rather check for escapeshellcmds - // but maybe RFC 18xx asserts safe filenames .... - $source = $FN ; - if (! file_exists($source)) { - Error("You must select file with browse to upload it!"); - } - if (! isset($FILENAME)) { // from update file - $target = "$fsDir/$FN_name" ; - } else { - $target = "$fsDir/$FILENAME"; - } - - // backup old files first - $dir=dirname($target); - if (! file_exists($dir."/.bak")) { - mkdir($dir."/.bak",0700); - } - if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) { - mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700); - } - $file=basename($target); - for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) { - MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/"); - } - MoveTo($target,$dir."/.bak/1/"); - - copy($source,$target) ; - chmod($target,$gblFilePerms) ; - clearstatcache() ; - Logit($target,"uploaded"); - if (isset($FILENAME)) { - Unlock($target); - } - ChangeLog($target,"updated"); - break ; - - case "SAVE" : - $path = $gblFsRoot . $RELPATH ; - $path=stripSlashes($path); - $writable = is_writeable($path) ; - $legaldir = is_writeable(dirname($path)) ; - $exists = (file_exists($path)) ? 1 : 0 ; -// check for legal extension here as well - if (!($writable || (!$exists && $legaldir))) - Error("Write denied",$RELPATH) ; - $fh = fopen($path, "w") ; - $FILEDATA=stripSlashes($FILEDATA); - fwrite($fh,$FILEDATA) ; - fclose($fh) ; - clearstatcache() ; - Logit($path,"saved changes"); - ChangeLog($path,"saved changes"); - break ; - - case "CREATE" : - // we know $fsDir exists - if ($FN == "") break; // no filename! - if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; - $path = $fsDir . "/" . $FN ; // file or dir to create - $relPath = $relDir . "/" . $FN ; - switch ( $T ) { - case "D" : // create a directory - if ( ! @mkdir($path,$gblDirPerms) ) - Error("Mkdir failed",$relPath) ; // eg. if it exists - clearstatcache() ; - break ; - case "F" : // create a new file -// this functionality is doubled in DetailView(). -// better keep it here altogether -// chmod perms to $gblFilePerms - if ( file_exists($path) && !is_writeable($path) ) - Error("File not writable", $relPath) ; - $fh = fopen($path, "w+") ; - if ($fh) { - fputs($fh,"\n"); - fclose($fh) ; - LogIt($path,"file created"); - } else { - Error("Creation of file $relPath failed -- $path"); - } - $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ; - header("Location: " . $tstr) ; - ChangeLog($target,"created"); - exit ; - } - break ; - - case "DELETE" : - if ( $CONFIRM != "on" ) break ; - - $tstr = "Attempt to delete non-existing object or " ; - $tstr .= "insufficient privileges: " ; - - if ( $FN != "") { // delete file - $path = $fsDir . "/" . $FN ; - - $dir=dirname($path); - $file=basename($path); - if (! file_exists("$dir/.del")) { - mkdir("$dir/.del",0700); - } - -// if ( ! @unlink($path) ) { - if ( ! rename($path,"$dir/.del/$file") ) { - Error("File delete failed", $tstr . $path) ; - Logit($path,"file delete failed"); - exit ; - } else { - Logit($path,"file deleted"); - MoveTo("$dir/.log/$file","$dir/.del/.log/"); - MoveTo("$dir/.note/$file","$dir/.del/.note/"); - MoveTo("$dir/.lock/$file","$dir/.del/.lock/"); - } - } - else { // delete directory - if ( ! @rrmdir($fsDir) ) { - Error("Rmdir failed", $tstr . $fsDir) ; - } - else { - $relDir = dirname($relDir) ; // move up - } - } - break ; - - case "UNDELETE" : - if ( $CONFIRM != "on" ) break ; - - if (substr($FN,0,4) != ".del") break ; - $file=substr($FN,4,strlen($FN)-4); - - Logit("$fsDir/.del/$file","undeleted"); - MoveTo("$fsDir/.del/$file","$fsDir/"); - MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/"); - MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/"); - MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/"); - - break ; - - case "RENAME" : - if ( $CONFIRM != "on" ) break ; - - Logit("$fsDir/$FN","renamed $FN to $NEWNAME"); - safe_rename($fsDir,$FN,$NEWNAME); - break ; - - case "NOTE" : - WriteNote("$fsDir/$FN","$NOTE"); - break ; - - case "UNLOCK" : - if ( $CONFIRM != "on" ) break ; - Unlock("$fsDir/$FN"); - break ; - - default : - // user hit "CANCEL" or undefined action - } - - // common to all POSTs : redirect to directory view ($relDir) - if ( $POSTACTION != "" ) { - $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ; - header("Location: " . $tstr) ; - exit ; - } - - // check for mode.. navigate, code display, upload, or detail? - // $A=U : upload to path given in $D - // $A=E : display detail of file $D/$F and edit - // $A=C : display code in file $D/$F - // $A=Co : checkout file $D/$F - // $A=Ci : checkin file $D/$F - // $A=V : view file (do nothing except log) - // $A=I : include file .$F.php from $gblFsRoot - // default : display directory $D - - switch ($A) { - case "U" : - // upload to $relDir - if (!is_writeable($gblFsRoot . $relDir)) - Error("Write access denied",$relDir) ; - $text = "Use this page to upload a single " ; - $text .= "file to $HTTP_HOST." ; - StartHTML("(Upload Page)", $text) ; - UploadPage($gblFsRoot, $relDir) ; - EndHTML() ; - exit ; - case "E" : - $F=stripSlashes($F); - // detail of $relDir/$F - if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ; - exit ; - case "C" : - $F=stripSlashes($F); - // listing of $relDir/$F - DisplayCode($gblFsRoot, $relDir, $F) ; - exit ; - case "Co" : - // checkout - Lock("$gblFsRoot/$relDir/$F"); - Download("$gblFsRoot/$relDir/$F"); - exit; - case "Ci" : - $F=stripSlashes($F); - // upload && update to $relDir - if (!is_writeable($gblFsRoot . $relDir)) - Error("Write access denied",$relDir) ; - $text = "Use this page to update a single " ; - $text .= "file to $HTTP_HOST." ; - StartHTML("(Update file Page)", $text) ; - UploadPage($gblFsRoot, $relDir, $F) ; - EndHTML() ; - exit ; - case "V" : - // view - LogIt("$gblFsRoot/$relDir/$F","viewed"); - if ($gblForceDownload) { - Download("$gblFsRoot/$relDir/$F"); - } else { - header("Content-Disposition: attachment; filename=$F" ); - Header("Location: $webRoot".urlpath("$relDir/$F")); - } - exit; - case "Ch" : - StartHTML("(File changes)","All changes chronologicaly..."); - DisplayChangeLog(0); // all - EndHTML() ; - exit; - case "Ch1" : - StartHTML("(File changes)","Changes to files in last day..."); - DisplayChangeLog(1); - EndHTML() ; - exit; - case "I" : - $F=stripSlashes($F); - $inc_file="${gblFsRoot}/.${F}.php"; - if (!isset($F) || $F == "" || !file_exists($inc_file)) Error("Fatal error $inc_file"); // can't find file to include - if (!is_readable($inc_file)) - Error("Read access to include file denied",".${F}.php"); - $text = "Your include file should define \$text variable which holds this text and \$title variable which is page title"; - $title = "You should define \$title variable with page title"; - include($inc_file); - StartHTML($title, $text) ; - print "
".GifIcon(up)." Back to front page.
"; - EndHTML() ; - exit ; - } - - // default: display directory $relDir - Navigate($gblFsRoot,$relDir) ; - exit ; - - Error("Whooah!","By cartesian logic, this never happens") ; -?> + + * + * License: GPL2 + * + * Document Manager 1.x was based on + * Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com + * PHP version Copyright 2000 by Stefan@Wiesendanger.org + * + * For more info, please see web pages at + * http://www.rot13.org/~dpavlin/docman.html + * + */ + + +////////////////////////////////////////////////////////////////// +// CONFIGURATION OPTIONS + + error_reporting(E_ALL) ; // how verbose ? + + // from where to include auth_*.php modules? + // this is defined in global configuration file /etc/docman.conf + //$gblIncDir = "/data/docman2"; + + // force download on view (so it won't open in associated application) + $gblForceDownload = 0; + + // date format + $gblDateFmt="Y-m-d"; +// $gblDateFmt="D, F d, Y"; + + // time format + $gblTimeFmt="H:i:s"; +// $gblTimeFmt="g:i:sA"; + + // Number of backup files to keep + $gblNumBackups=3; + + // show red star if newer than ... days + $gblModDays=1; + + // choose GifIcon below unless you have the M$ + // WingDings font installed on your system + + $gblIcon="GifIcon"; // MockIcon or GifIcon + + // the directory below should be /icons/ or /icons/small/ + // on Apache; a set of icons is included in the distribution + + $gblIconLocation="/icons/"; + + // files you want to be able to edit in text mode + // and view with (primitive) syntax highlighting + + $gblEditable = array( ".txt",".asa",".asp",".htm",".html", + ".cfm",".php3",".php",".phtml", + ".shtml",".css" ) ; + + // files that will display as images on the detail page + // (useless if your browser doesn't support them) + + $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico", + ".bmp",".xbm") ; + + // which files to hide (separated by ,) + $gblHide = ""; + + // Where are users? (by default in .htusers file) + $gblUsers = "file"; + +////////////////////////////////////////////////////////////////// + + $gblTitle = "Document Manager"; + $gblVersion = "2.0-pre4"; + + $secHash = ""; + + // load language + if (isset($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"])) { + LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]); + } + + // does gettext locale function exits? + if (! function_exists("_")) { + function _($str) { return $str; } + } + + // for security and configuration + $realm=$HTTP_SERVER_VARS["HTTP_HOST"]; + + $fsDocumentRoot = dirname($HTTP_SERVER_VARS["SCRIPT_FILENAME"]); + if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set \$fsDocumentRoot in \$",1); + + // globals for later + $gblLogin = HTTP_SERVER_VAR("PHP_AUTH_USER"); + $gblPasswd = HTTP_SERVER_VAR("PHP_AUTH_PW"); + +////////////////////////////////////////////////////////////////// + +function LoadLanguage($lang) { + + global $gblIncDir,$html; + + if (file_exists($gblIncDir."/lang/$lang.php")) { + include($gblIncDir."/lang/$lang.php"); + $html .= "-$lang"; + } else { + include($gblIncDir."/lang/default.php"); + } +} + +function StartHTML($title,$text="") { + + global $html,$fsDocumentRoot,$gblTitle,$HTTP_SERVER_VARS; + + $host = $HTTP_SERVER_VARS["HTTP_HOST"] ; + $self = $HTTP_SERVER_VARS["PHP_SELF"] ; + + if (file_exists("$fsDocumentRoot/docman.css")) { + $css = ""; + $d = dirname($self); + if ($d != "/") $css = $d; + $css .= "/docman.css"; + } else { + $css=$self."?STYLE=get"; + } + include("$html/head.html"); +} + +////////////////////////////////////////////////////////////////// + +function EndHTML() { + + global $gblDateFmt, $gblTimeFmt, $gblUserName, $PHP_SELF, + $secHash, $gblVersion, $html, + $gblLogin,$gblPasswd; + + $url = $PHP_SELF."?relogin="; + if (isset($secHash) && $secHash != "") { + $url .= $secHash; + } else { + $url .= md5($gblLogin.$gblPasswd); + } + if ( ( (isset($gblLogin) && $gblLogin != "") || + (!isset($gblLogin) || $gblLogin == "") + ) && ($gblPasswd == "" || !isset($gblPasswd))) { + $url_title="login"; + $url .= "&force_login=1"; + } else { + $url_title="relogin"; + } + include("$html/footer.html"); + +# global $debug; +# if ($debug) print $debug; +} // end function EndHTML + +////////////////////////////////////////////////////////////////// + +function DetailPage($fsRoot,$relDir,$fn) { + + global $gblEditable, $gblImages, + $gblDateFmt, $gblTimeFmt, + $gblPermNote, + $webRoot, $html, + $HTTP_SERVER_VARS ; + $self = $HTTP_SERVER_VARS["PHP_SELF"] ; + + $relPath = $relDir . "/" . $fn ; + $fsPath = $fsRoot . $relPath ; + $fsDir = $fsRoot . $relDir ; + + $exists = file_exists($fsPath) ; + $ext = strtolower(strrchr($relPath,".")) ; + $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) && + check_perm($relPath,trperm_w); + $writable = is_writeable($fsPath) && check_perm($relPath,trperm_w) ; + $writable_dir = is_writeable($fsDir) && check_perm($relDir,trperm_w) ; + $file_lock = CheckLock($fsPath); + + if (!$editable && !$exists) + Error("Creation denied","Can't create $relPath") ; + if (!$exists && !$writable_dir ) + Error("Creation denied","Can't write in directory $relDir while creating $relPathfor which user has permissions.",1); + + $text = _("Use this page to view, modify or ") ; + if (is_dir($fsPath)) { + $text .=_("delete a directory on this ") ; + } else { + $text .= _("delete a single document on this ") ; + }; + $text .= _("web site.") ; + $title = "("._("Detail Page").")" ; + StartHTML($title, $text) ; + + print "".$relDir.$fn."
"; + + if ($exists) { // get file info + $fsize = filesize($fsPath) ; + $fmodified = date("$gblDateFmt $gblTimeFmt", filemtime($fsPath)) ; + $faccessed = date("$gblDateFmt $gblTimeFmt", fileatime($fsPath)) ; + $fuid=fileowner($fsPath); + $fgid=filegroup($fsPath); + $userinfo = posix_getpwuid($fuid); + $grpinfo = posix_getgrgid($fgid); + + include("$html/DetailPage-file.html"); + } + + if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) { + $fh = fopen($fsPath,"a+") ; + rewind($fh) ; + $fstr = fread($fh,filesize($fsPath)) ; + fclose($fh) ; + $fstr = htmlentities( $fstr ) ; + + include("$html/DetailPage-edit.html"); + } + if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) { + $info = getimagesize($fsPath) ; + $tstr = "" . $tstr ; + echo $tstr ; + } + + + print '"; + + $name=basename("$fsDir/$fn"); + $logname=dirname("$fsDir/$fn")."/.log/$name"; + $bakdir=dirname("$fsDir/$fn")."/.bak"; + if (file_exists($logname)) { + $log=fopen($logname,"r"); + $cl1=" class=LST"; $cl2=""; + $logarr = array(); + while($line = fgetcsv($log,512,"\t")) { + $cl=$cl1; $cl1=$cl2; $cl2=$cl; + array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3])); + } + fclose($log); + if (is_dir("$fsDir/$fn")) { + $whatis="DIRECTORY"; + } else { + $whatis="FILE"; + } + print "
CHANGES TO THIS $whatis
" ;
+
+ $tstr = split("\n",$tstr) ;
+ for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
+ // add line numbers
+ echo "
" ;
+ echo substr(("000" . ($i+1)), -4) . ": " ;
+ $line = $tstr[$i] ;
+ // C++ style comments
+ $pos = strpos($line,"//") ;
+ // exceptions: two slashes aren't a script comment
+ if (strstr($line,"//") &&
+ ! ($pos>0 && substr($line,$pos-1,1)==":") &&
+ ! (substr($line,$pos,8) == "//-->") &&
+ ! (substr($line,$pos,9) == "// -->")) {
+ $beg = substr($line,0,strpos($line,"//")) ;
+ $end = strstr($line,"//") ;
+ $line = $beg."".$end."";
+ }
+ // shell & asp style comments
+ $first = substr(ltrim($line),0,1) ;
+ if ($first == "#" || $first == "'") {
+ $line = "".$line."";
+ }
+ print($line) ;
+ } // next i
+
+ echo "" ;
+
+ EndHTML() ;
+
+} // end function DisplayCode
+
+//////////////////////////////////////////////////////////////////
+
+function MockIcon($txt) {
+ $tstr = "" ;
+
+ switch (strtolower($txt)) {
+ case ".bmp" :
+ case ".gif" :
+ case ".jpg" :
+ case ".jpeg":
+ case ".tif" :
+ case ".tiff":
+ $d = 176 ;
+ break ;
+ case ".doc" :
+ $d = 50 ;
+ break ;
+ case ".exe" :
+ case ".bat" :
+ $d = 255 ;
+ break ;
+ case ".bas" :
+ case ".c" :
+ case ".cc" :
+ case ".src" :
+ $d = 255 ;
+ break ;
+ case "file" :
+ $d = 51 ;
+ break ;
+ case "fldr" :
+ $d = 48 ;
+ break ;
+ case ".htm" :
+ case ".html":
+ case ".asa" :
+ case ".asp" :
+ case ".cfm" :
+ case ".php3":
+ case ".php" :
+ case ".phtml" :
+ case ".shtml" :
+ $d = 182 ;
+ break ;
+ case ".pdf" :
+ $d = 38 ;
+ break;
+ case ".txt" :
+ case ".ini" :
+ $d = 52 ;
+ break ;
+ case ".xls" :
+ $d = 252 ;
+ break ;
+ case ".zip" :
+ case ".arc" :
+ case ".sit" :
+ case ".tar" :
+ case ".gz" :
+ case ".tgz" :
+ case ".Z" :
+ $d = 59 ;
+ break ;
+ case "view" :
+ $d = 52 ;
+ break ;
+ case "up" :
+ $d = 199 ;
+ break ;
+ case "blank" :
+ return " " ;
+ break ;
+ default :
+ $d = 51 ;
+ }
+
+ return $tstr . chr($d) . "" ;
+} // end function MockIcon
+
+//////////////////////////////////////////////////////////////////
+
+function GifIcon($txt = "") {
+ global $gblIconLocation, $gblImages ;
+
+ switch (strtolower($txt)) {
+ case ".doc" :
+ $d = "layout.gif" ;
+ break ;
+ case ".exe" :
+ case ".bat" :
+ $d = "screw2.gif" ;
+ break ;
+ case ".bas" :
+ case ".c" :
+ case ".cc" :
+ case ".src" :
+ $d = "c.gif" ;
+ break ;
+ case "file" :
+ $d = "generic.gif" ;
+ break ;
+ case "fldr" :
+ $d = "dir.gif" ;
+ break ;
+ case ".phps" :
+ $d = "phps.gif" ;
+ break ;
+ case ".php3" :
+ $d = "php3.gif" ;
+ break ;
+ case ".htm" :
+ case ".html":
+ case ".asa" :
+ case ".asp" :
+ case ".cfm" :
+ case ".php3":
+ case ".php" :
+ case ".phtml" :
+ case ".shtml" :
+ $d = "world1.gif" ;
+ break ;
+ case ".pdf" :
+ $d = "pdf.gif" ;
+ break;
+ case ".txt" :
+ case ".ini" :
+ $d = "text.gif" ;
+ break ;
+ case ".xls" :
+ $d = "box2.gif" ;
+ break ;
+ case ".zip" :
+ case ".arc" :
+ case ".sit" :
+ case ".tar" :
+ case ".gz" :
+ case ".tgz" :
+ case ".Z" :
+ $d = "compressed.gif" ;
+ break ;
+ case "view" :
+ $d = "index.gif" ;
+ break ;
+ case "up" :
+ $d = "back.gif" ;
+ break ;
+ case "blank" :
+ $d = "blank.gif" ;
+ break ;
+ case "checkout":
+ $d = "box2.gif";
+ break;
+ case "checkin":
+ $d = "hand.up.gif";
+ break;
+ case "locked":
+ $d = "screw2.gif";
+ break;
+ case "note":
+ $d = "quill.gif";
+ break;
+ default :
+ if (in_array(strtolower($txt),$gblImages)) {
+ $d = "image2.gif" ;
+ } else {
+ $d = "generic.gif" ;
+ }
+ }
+
+
+ return "Examine list of files changed in last day or all changes."; + StartHTML("(Navigate)",$text) ; + + print "
| "; + include("$fsRealmDir/$realm".$realm_sep."info.inc"); + print " | |||||
| "; + include("$gblRepositoryDir/.info.inc"); + print " | |||||
Hit your Browser's Back Button.
" ; + EndHTML(); + error_log("docman $realm: ".strip_tags($text)); + } else { + StartHTML("ADMIN: ".$title,$text) ; + echo "Hit your Browser's Back Button.
" ; + EndHTML(); + } + } else { + StartHTML("(".$title.")",$text) ; + echo "Hit your Browser's Back Button.
" ; + EndHTML() ; + } + exit ; +} // end function Error + +function LogIt($target,$msg, $changelog=0) { + + global $gblDateFmt, $gblTimeFmt, $gblUserName, $gblFsRoot; + + $dir=dirname($target); + if (! file_exists($dir."/.log")) { + if (! @mkdir($dir."/.log",0700)) Error("docman installation problem","can't create log directory $dir/.log",1); + } + $file=basename($target); + + $log=fopen("$dir/.log/$file","a+"); + fputs($log,date("$gblDateFmt\t$gblTimeFmt"). + "\t$gblUserName\t$msg\n"); + fclose($log); + + if (! $changelog) return; + + $log=fopen("$gblFsRoot/.changelog","a+"); + if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot) + $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot)); + $msg=str_replace("\t"," ",$msg); + fputs($log,time()."\t$target\t$gblUserName\t$msg\n"); + fclose($log); + + // FIX: implement e-mail notification based on $changelog + // permission +} + + +////////////////////////////////////////////////////////////////// + +function WriteNote($target,$msg) { + + $target=stripSlashes($target); + $dir=dirname($target); + if (! file_exists($dir."/.note")) { + mkdir($dir."/.note",0700); + } + $file=basename($target); + + $note=fopen("$dir/.note/$file","w"); + if (! $note) { + Error("Error writing note","Can't open note file $dir/.note/$file for writing",1); + } + fputs($note,"$msg\n"); + fclose($note); + + LogIt($target,"added note $msg"); + +} + +function ReadNote($target) { + + $target=stripSlashes($target); + $dir=dirname($target); + $file=basename($target); + $msg=""; + if (file_exists($dir."/.note/$file")) { + $note=fopen("$dir/.note/$file","r"); + $msg=fgets($note,4096); + fclose($note); + } + return HtmlSpecialChars(StripSlashes($msg)); + +} + +////////////////////////////////////////////////////////////////// + +function MoveTo($source,$folder) { + + $source=stripSlashes($source); + $file=basename($source); + if (! file_exists($folder)) { + mkdir($folder,0700); + } + if (file_exists($source)) { + rename($source,"$folder/$file"); + } +} + +////////////////////////////////////////////////////////////////// + +function Lock($target) { + + global $gblUserName; + + $target=stripSlashes($target); + $dir=dirname($target); + if (! file_exists($dir."/.lock")) { + mkdir($dir."/.lock",0700); + } + $file=basename($target); + + if (file_exists("$dir/.lock/$file")) { + LogIt($target,"attempt to locked allready locked file!"); + } else { + $lock=fopen("$dir/.lock/$file","w"); + fputs($lock,"$gblUserName\n"); + fclose($lock); + + LogIt($target,"file locked"); + } + +} + +function CheckLock($target) { + + $target=stripSlashes($target); + $dir=dirname($target); + $file=basename($target); + $msg=0; + if (file_exists($dir."/.lock/$file")) { + $lock=fopen("$dir/.lock/$file","r"); + $msg=fgets($lock,4096); + fclose($lock); + } + return chop($msg); + +} + +function Unlock($target) { + + $target=stripSlashes($target); + $dir=dirname($target); + $file=basename($target); + if (file_exists($dir."/.lock/$file")) { + unlink("$dir/.lock/$file"); + LogIt($target,"file unlocked"); + } else { + LogIt($target,"attempt to unlocked non-locked file!"); + } + +} + +////////////////////////////////////////////////////////////////// + +function urlpath($url) { + $url=urlencode(StripSlashes("$url")); + $url=str_replace("%2F","/",$url); + $url=str_replace("+","%20",$url); + return($url); +} + +////////////////////////////////////////////////////////////////// + +function safe_rename($fromdir,$fromfile,$tofile) { + + global $gblNumBackups; + + function try_rename($from,$to) { +# print "$from -> $to\n"; + if (file_exists($from) && is_writeable(dirname($to))) { + return rename($from,$to); + } else { + return 0; + } + } + + function try_dir($todir) { + if (! file_exists($todir)) { + @mkdir($todir,0700); + } + } + + $to="$fromdir/$tofile"; + $todir=dirname($to); + $tofile=basename($to); + +# print "$fromdir / $fromfile -> $todir / $tofile\n\n";
+
+ if (! try_rename("$fromdir/$fromfile","$todir/$tofile")) Error("Rename error","Can't rename file $fromfile to $tofile",1);
+ try_dir("$todir/.log");
+ try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
+ try_dir("$todir/.note");
+ try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
+ try_dir("$todir/.lock");
+ try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
+ try_dir("$todir/.bak");
+ for($i=0;$i<=$gblNumBackups;$i++) {
+ try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
+ }
+}
+
+
+//////////////////////////////////////////////////////////////////
+
+// recursivly delete directory
+
+function rrmdir($dir) {
+ $handle=opendir($dir);
+ while ($file = readdir($handle)) {
+ if ($file != "." && $file != "..") {
+ if (is_dir("$dir/$file"))
+ rrmdir("$dir/$file");
+ else
+ if (! @unlink("$dir/$file")) return(0);
+ }
+ }
+ closedir($handle);
+ return @rmdir($dir);
+}
+
+//////////////////////////////////////////////////////////////////
+
+function DisplayChangeLog($day) {
+
+ global $gblFsRoot, $gblDateFmt, $gblTimeFmt,
+ $HTTP_SERVER_VARS;
+
+ $self = $HTTP_SERVER_VARS["PHP_SELF"];
+
+ if (!file_exists("$gblFsRoot/.changelog")) return;
+ $log=fopen("$gblFsRoot/.changelog","r");
+ $logarr = array();
+ while($line = fgetcsv($log,512,"\t")) {
+ while (sizeof($line) > 4) {
+ $tmp = array_pop($line);
+ $line.=" $tmp";
+ }
+ if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) {
+ array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
+ }
+ }
+ fclose($log);
+ $cl1=" class=LST"; $cl2="";
+ print "".GifIcon("up")." Back to front page.
"; +} + +////////////////////////////////////////////////////////////////// + +function Download($path,$force=0) { + global $HTTP_SERVER_VARS,$mime_type; + + // default transfer-encoding + $encoding = "binary"; + + // known transfer encodings + $encoding_ext = array( + "gz" => "x-gzip", + "Z" => "x-compress", + ); + + $file = basename($path); + $size = filesize($path); + + $ext_arr = explode(".",$file); + $ext = array_pop($ext_arr); + if (isset($encoding_ext[$ext])) { + $encoding = $encoding_ext[$ext]; + $ext = array_pop($ext_arr); + } + + if ($force || !isset($mime_type[$ext])) { + header("Content-Type: application/force-download"); + } else { + header("Content-Type: $mime_type[$ext]"); + } + + // IE5.5 just downloads index.php if we don't do this + if(preg_match("/MSIE 5.5/", $HTTP_SERVER_VARS["HTTP_USER_AGENT"])) { + header("Content-Disposition: filename=$file"); + } else { + header("Content-Disposition: attachment; filename=$file"); + } + + header("Content-Transfer-Encoding: $encoding"); + $fh = fopen($path, "r"); + fpassthru($fh); +} + + +////////////////////////////////////////////////////////////////// + +function chopsl($path) { + $path=str_replace("//","/",$path); + if (substr($path,strlen($path)-1,1) == "/") $path=substr($path,0,strlen($path)-1); + return $path; +} + +////////////////////////////////////////////////////////////////// +/* + Document manager ACL implementation + + Written by Dobrica Pavlinusic\n"; + foreach ($trustees as $path => $tr) { + print "
$path\n"; + foreach ($tr as $user=>$perm) { + print "$user == $perm (".display_trustee($perm).")
\n"; + } + } +} + +function init_trustee() { + +global $trustee_conf,$trustee_php,$trustee_a2n,$groups,$trustees; + +// do we need to re-create compiled trustees? +if (! file_exists($trustee_conf)) { + # $error="$trustee_conf doesn't exits"; + return 0; # don't use trustees +} elseif (file_exists($trustee_conf) && !is_readable($trustee_conf)) { + $error="$trustee_conf exits, but is not readable"; +} elseif (!is_writable(dirname($trustee_php))) { + $error="".dirname($trustee_php)." must be writable by web server user"; +} elseif (file_exists($trustee_php) && !is_writable($trustee_php)) { + $error="trustees cache file $trustee_php exists, but is not writable by web server"; +} elseif (@filemtime($trustee_conf) >= @filemtime($trustee_php)) { + $fp_php=@fopen($trustee_php,"w"); + fputs($fp_php,"\n"; + } + } + if (isset($tr_arr[$path][$user])) { + $tr_arr[$path][$user] |= $perm; + } else { + $tr_arr[$path][$user] = $perm; + } + } + } + } + + fclose($fp_conf); + + // save trustees + $tr_out='$trustees = array ('; + $sep1=""; + while (list ($path, $tr) = each ($tr_arr)) { + $tr_out.="$sep1\n\t'$path'=>array("; + $sep2=""; + while (list($user,$perm)=each($tr)) { + $tr_out.="$sep2\n\t\t'$user'=>$perm"; + $sep2=","; + } + $tr_out.="\n\t)"; + $sep1=","; + } + $tr_out.="\n);"; + + // save groups + $gr_out='$groups = array ('; + $sep=""; + while (list ($group, $members) = each ($groups_arr)) { + $gr_out.="$sep\n\t'"; + $gr_out.=substr($group,1,strlen($group)-1); + $gr_out.="'=>array('".join("','",explode(",",$members))."')"; + $sep=","; + } + $gr_out.="\n);\n"; + + fputs($fp_php,$gr_out); + fputs($fp_php,$tr_out); + fputs($fp_php,"?>\n"); + fclose($fp_php); +} + +if (isset($error)) { + Error("Trustee error",$error,1); +} else { + include_once("$trustee_php"); +} + +return 1; + +}//init_trustee + +function in_group($user,$group) { + global $groups; + return in_array($user,$groups[$group]); +} + +// helper function +function unroll_perm($u,$t,$perm,$one_level) { + + if ($t & trmask_one_level && !$one_level) return $perm; + + if ($t & trmask_deny) { + if ($t & trmask_clear) { + $perm['deny'] &= ~$t; + } else { + $perm['deny'] |= $t; + } + } elseif ($t & trmask_clear) { + $perm['allow'] &= ~$t; + } else { + $perm['allow'] |= $t; + } + return $perm; +}// end of helper function + +function check_trustee($user,$path) { + global $trustees,$HAVE_TRUSTEE; + $perm['allow'] = 0; + $perm['deny'] = 0; + + // do we use trustees? + if (! $HAVE_TRUSTEE) return $perm; + + if (! isset($trustees)) Error("Trustees not found","Can't find in-memory trustee structure \$trustees. Probably bug in code. Contact dpavlin@rot13.org",1); + +global $debug; +$debug .= "
check_trustee $path ... "; + + $path_arr=explode("/",$path); + $tmppath=""; + while (count($path_arr)) { + $p = array_shift($path_arr); +$debug.= "[$p] "; + # add trailing slash + if (substr($tmppath,strlen($tmppath)-1,1) != "/") { + $tmppath.="/"; + } + # append currnet dir to tmppath + if (isset($p)) { + $tmppath.=$p; + } +$debug.= ">> $tmppath "; + + if (! isset($trustees[$tmppath])) continue; + $tr = $trustees[$tmppath]; + + $one_level = (!count($path_arr)); +$debug.=" O($one_level) "; + + if (isset($tr)) { + // first apply trustee for all + if (isset($tr['*']) && $user!="anonymous") { + $perm = unroll_perm($user,$tr['*'],$perm, $one_level); + unset($tr['*']); + } + // then apply not and group policies + foreach ($tr as $g=>$t) { + if ($t & trmask_not && $g != $user) { + $t = $t & ~trmask_not; + $perm = unroll_perm($user,$t,$perm, $one_level); + unset($tr[$g]); + + } elseif ($t & trmask_group && in_group($user,$g)) { + // resolv user + $t = $t & ~trmask_group; + $perm = unroll_perm($user,$t,$perm, $one_level); + unset($tr[$g]); + } + } + // then apply user policy + if (isset($tr[$user])) { + $perm = unroll_perm($user,$tr[$user],$perm,$one_level); + unset($tr[$user]); + } + } +$debug.="d(".display_trustee($perm['deny']).") a(".display_trustee($perm['allow']).") "; + + } +$debug.="
check_trustee: user: $user path: $path==$tmppath perm: "; +$debug.="d: ".$perm['deny']." (".display_trustee($perm['deny']).") a: ".$perm['allow']." (".display_trustee($perm['allow']).")
\n"; + return $perm; +} + +// handy functions + +function check_perm($path,$trperm) { + global $gblLogin,$HAVE_TRUSTEE; + + $path = str_replace("//","/",$path); + + global $debug; +$debug.="
check_perm: on $path for perm ".display_trustee($trperm)."
\n"; + + $return = ! $HAVE_TRUSTEE; + if ($HAVE_TRUSTEE) { + $perm = check_trustee($gblLogin,$path); +$debug.=" d: ".$perm['deny']." (".display_trustee($perm['deny']).") a: ".$perm['allow']." (".display_trustee($perm['allow']).") perm to have: $trperm (".display_trustee($trperm).")"; + if ($perm['deny'] & $trperm) $return=0; + elseif (($perm['allow'] & $trperm) == $trperm) $return=1; + } +$debug.=" return: $return
\n"; + return($return); +} + +////////////////////////////////////////////////////////////////// + +function readMime() { + global $mime_type, $gblMimeTypes; + + if (! isset($gblMimeTypes)) { + $gblMimeTypes = "/etc/mime.types"; + } + + $mime = @fopen($gblMimeTypes,"r"); + + if (! $mime) Error("Can't read MIME types","$gblMimeTypes file not found. You can setup other mime.types file using \$gblMimeTypes in $realm_config"); + + while($line = fgets($mime,80)) { + if (substr($line,0,1) == "#") continue; // skip comment + $arr = preg_split("/[\s\t]+/",$line); + $type = array_shift($arr); + while ($ext = array_shift($arr)) { + $mime_type[$ext] = $type; + } + } + + fclose($mime); +} + +////////////////////////////////////////////////////////////////// + +// check for invalid characters in filename and dirname (.. and /) + +function check_dirname($file) { + if (strstr($file,"..")) Error("Security violation","No parent dir .. allowed in directory name $file",1); +} + +function check_filename($file) { + if (strstr($file,"..")) Error("Security violation","No parent dir .. allowed in file name $file",1); + // remove deleted directory (for undelete to work) + $file = str_replace(".del/","",$file); + if (strstr($file,"/")) Error("Security violation","No slashes / allowed in file name $file",1); +} + +// bla/blo/../foo will return bla/foo +function remove_parent($path) { + while (preg_match(",/[^/]+/\.\./,",$path)) { + $path = preg_replace(",/[^/]+/\.\./,","",$path); + } + if (substr($path,0,1) != "/") $path = "/".$path; + return $path; +} + +////////////////////////////////////////////////////////////////// + +// functions to move HTTP server variables to global namespace +// [replacement for register_globals in php.ini] + +function HTTP_GET_VAR($var) { + global $HTTP_GET_VARS, ${$var}; + if (isset($HTTP_GET_VARS[$var])) { + $$var = stripSlashes($HTTP_GET_VARS[$var]); + return $$var; + } +} + +function HTTP_POST_VAR($var) { + global $HTTP_POST_VARS, ${$var}; + if (isset($HTTP_POST_VARS[$var])) { + $$var = $HTTP_POST_VARS[$var]; + return $$var; + } +} + +function HTTP_SERVER_VAR($var) { + global $HTTP_SERVER_VARS, ${$var}; + if (isset($HTTP_SERVER_VARS[$var])) { + $$var = $HTTP_SERVER_VARS[$var]; + return $$var; + } +} + +////////////////////////////////////////////////////////////////// + +function Warn($text) { +} + +////////////////////////////////////////////////////////////////// + +function isBlank($file,$what = "filename") { + if (trim($file) == "") return "whitespace $what"; + if ($file == "") return "no $what"; + return $file; +} + +////////////////////////////////////////////////////////////////// +// MAIN PROGRAM + + $gblFilePerms = 0640 ; // default for new files + $gblDirPerms = 0750 ; // default for new dirs + + if (isset($HTTP_GET_VARS["STYLE"]) && $HTTP_GET_VARS["STYLE"] == "get") { + include("$html/docman.css"); + exit; + } + + // location of master docman configuration file + $docman_conf = "/etc/docman.conf"; + if (! file_exists($docman_conf)) { + $error = "Can't find master configuration file $docman_conf. See docman2/doc/upgrade.html#docman_conf for more informations"; + + error_log("docman: $error"); + Error("docman not installed completly",$error); + } + include($docman_conf); + + // location of html files + $html = $gblIncDir."/html"; + + // set fsRealmDir + if (! isset($fsRealmDir)) { + $fsRealmDir = "$gblIncDir/realm"; + } + + // try to add dir to script name to realm var + if (is_dir("$fsRealmDir/$realm/".dirname($HTTP_SERVER_VARS["SCRIPT_NAME"]))) { + $realm .= dirname($HTTP_SERVER_VARS["SCRIPT_NAME"]); + $realm_sep = "/"; + } else { + $realm_sep = "."; + } + + $realm_config = $fsRealmDir."/".$realm.$realm_sep."conf"; + + // read user-defined configuration + if (file_exists($realm_config)) { + include($realm_config); + } else { + Error("Configuration error","Can't find configuration file at $realm_config !"); + } + + if (! isset($gblRepositoryDir)) Error("Configuration error","\$gblRepositoryDir is not setuped in realm configuration file $realm_config"); + + // where do we get users from? + if (file_exists("$gblIncDir/htusers/$gblUsers.php")) { + include("$gblIncDir/htusers/$gblUsers.php"); + } else { + Error("Configuration error","Can't find user handling module at $gblIncDir/htusers/$gblUsers.php ! Please fix $realm_config"); + } + + // take additional login vars + HTTP_GET_VAR("relogin"); + HTTP_GET_VAR("force_login"); + + // if no password, or empty password logout + if ( + isset($gblLogin) && ( + !isset($relogin) || ( + isset($relogin) && $relogin != md5($gblLogin.$gblPasswd) + ) + ) && ( + $gblPasswd == "" || !isset($gblPasswd) + ) && !isset($force_login) && $gblLogin != "anonymous" + ) { + StartHTML("Logout completed","Your login credentials has been erased") ; + EndHTML() ; + exit ; + } + + if (!is_dir($gblRepositoryDir)) Error("Repository dir not found","Can't find repository directory $gblRepositoryDir. Please fix that in $realm_config variable \$gblRepositoryDir.",1); + + // trustee (ACL) file configuration + $trustee_conf="$fsRealmDir/$realm".$realm_sep."trustee"; + // compiled version of trustee file + $trustee_php="$gblRepositoryDir/.trustee.php"; + // get ACL informations + $HAVE_TRUSTEE = init_trustee(); + + if (strtolower($gblLogin) == "anonymous" || !isset($gblLogin)) { + $perm = check_trustee("anonymous","/"); + // browsing must be explicitly allowed for root directory + // of repository for anonymous user to work! + if ($perm['allow'] & trperm_b) { + $gblLogin = $gblPasswd = "anonymous"; + $secHash = md5($gblLogin.$gblPasswd); + $gblUserName = "Anonymous user"; + } + } + + // authentication failure + if ( md5($gblLogin.$gblPasswd) != $secHash || + isset($relogin) && $secHash == $relogin) { + header("WWW-authenticate: basic realm=\"$realm\"") ; + header("HTTP/1.0 401 Unauthorized") ; + Error("401 Unauthorized","No trespassing !",0,1); + } + + + // read mime.types + readMime(); + + if (! isset($gblPermNote)) { + $gblPermNote = trperm_r; + } + + HTTP_POST_VAR("FN"); + + if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST") { + // take variables from server + if (HTTP_POST_VAR("FN")) + check_filename($FN); + if (HTTP_POST_VAR("DIR")) { + check_dirname($DIR); + $relDir = $DIR; + } else { + trigger_error("Can't get DIR",E_USER_WARNING); + $relDir = "/"; + } + if (HTTP_POST_VAR("RELPATH")) check_dirname($RELPATH); + HTTP_POST_VAR("T"); + HTTP_POST_VAR("CONFIRM"); + } else { + // get + HTTP_GET_VAR("A"); + if (HTTP_GET_VAR("D")) { + check_dirname($D); + $D=urldecode($D); + $relDir = $D; + } else { + //trigger_error("Can't get D",E_USER_WARNING); + $relDir = "/"; + } + if (HTTP_GET_VAR("F")) check_filename($F); + } + + $relScriptDir = dirname($HTTP_SERVER_VARS["SCRIPT_NAME"]) ; + // i.e. /docman + + // start on server root + $gblFsRoot = $gblRepositoryDir; + // i.e. /home/httpd/repository + + $fsDir = $gblFsRoot . $relDir ; // current directory + if ( !is_dir($fsDir) ) Error("Dir not found","Can't find $relDir which points to $fsDir",1) ; + + if ($relDir == "") $relDir="/"; + + if (isset($HTTP_SERVER_VARS["HTTPS"]) && $HTTP_SERVER_VARS["HTTPS"] == "on") { + $webRoot = "https://"; + } else { + $webRoot = "http://"; + } + $webRoot .= $HTTP_SERVER_VARS["HTTP_HOST"] . $relScriptDir; + + if (HTTP_POST_VAR("POSTACTION")) switch ($POSTACTION) { + case "UPLOAD" : + $FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); + $FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]); + if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; + + $source = $FN_name ; + if (! file_exists($source)) { + Error("You must select file with browse to upload it!","If file is too big, you might need to modify php configuration options post_max_size and upload_max_filesize",1); + } + + if (HTTP_POST_VAR("FILENAME")) check_filename($FILENAME); + + if (! isset($FILENAME)) { // from update file + $target = "$fsDir/".basename($FN); + } else { + $target = "$fsDir/$FILENAME"; + } + + if (! check_perm("$relDir/".basename($target), trperm_w)) + Error("Access denied","User $gblLogin tried to upload $relDir/".basename($target)." without valid trustee.",1); + + // backup old files first + $dir=dirname($target); + if (! file_exists($dir."/.bak")) { + mkdir($dir."/.bak",0700); + } + if (! file_exists($dir."/.bak/$gblNumBackups")) { + mkdir($dir."/.bak/$gblNumBackups",0700); + } + $file=basename($target); + for($i=$gblNumBackups-1;$i>0;$i--) { + MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/"); + } + MoveTo($target,$dir."/.bak/1/"); + + copy($source,$target) ; + chmod($target,$gblFilePerms) ; + clearstatcache() ; + if (isset($FILENAME)) { + LogIt($target,"check-in",trperm_r | trperm_w); + Unlock($target); + } else { + LogIt($target,"uploaded",trperm_r | trperm_w); + } + break ; + + case "SAVE" : + $path = $gblFsRoot . $RELPATH ; + $path=stripSlashes($path); + + if (! check_perm("$RELPATH", trperm_w)) + Error("Access denied","User $gblLogin tried to save $RELPATH without valid trustee.",1); + + $writable = is_writeable($path) ; + $legaldir = is_writeable(dirname($path)) ; + $exists = (file_exists($path)) ? 1 : 0 ; + // FIX: more verbose error message + if (!($writable || (!$exists && $legaldir))) + Error("Write denied",$RELPATH) ; + $fh = fopen($path, "w") ; + HTTP_POST_VAR("FILEDATA"); + fwrite($fh,$FILEDATA) ; + fclose($fh) ; + clearstatcache() ; + LogIt($path,"saved changes",trperm_r); + break ; + + case "CREATE" : + // we know $fsDir exists + if (! check_perm($relDir, trperm_w)) + Error("Write access denied","You don't have permission to write in $relDir"); + if ($T == "D") $type = "directory"; + else $type ="file"; + if ($FN == "") Error("Can't create $type","You must enter name of $type to create it."); + if (!is_writeable($fsDir)) Error("Write denied","User $gblLogin has trustee to write in $relDir but permissions on $fsDir are wrong!", 1) ; + $path = "$fsDir/$FN"; // file or dir to create + $relPath = "$relDir/$FN"; + + if (file_exists($path)) + Error("Can't create $type","Object $relPath allready exists"); + + switch ( $T ) { + case "D" : // create a directory + if ( ! @mkdir($path,$gblDirPerms) ) + Error("Mkdir failed",$relPath) ; // eg. if it exists + else + LogIt($path."/","dir created",trperm_w); + clearstatcache() ; + break ; + case "F" : // create a new file +// this functionality is doubled in DetailView(). +// better keep it here altogether +// chmod perms to $gblFilePerms + if ( file_exists($path) && !is_writeable($path) ) + Error("File not writable", "User $gblLogin has trustee to write in $relPath but permissions on $path are wrong!", 1) ; + $fh = fopen($path, "w+") ; + if ($fh) { + fputs($fh,"\n"); + fclose($fh) ; + LogIt($path,"file created",trperm_r | trperm_w); + } else { + Error("Creation of file $relPath failed", "User $gblLogin has trustee to write in $relPath but creation of $path failed!", 1) ; + } + $tstr = $HTTP_SERVER_VARS["PHP_SELF"]."?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ; + header("Location: " . $tstr) ; + exit ; + } + break ; + + case "DELETE" : + if ( $CONFIRM != "on" ) break; + + if ( isset($FN) && $FN != "") { + $path=$fsDir."/".$FN; + $what = "file"; + } elseif (isset($DIR)) { + $path=$gblFsRoot."/".$DIR; + $what = "directory"; + } else { + Error("Can't delete object","Can't find filename \$FN or dirname in \$DIR",1); + } + + if (! check_perm("$relDir/$FN", trperm_w)) + Error("Access denied","User $gblLogin tried to erase $what $relDir/$FN without valid trustee.",1); + + $tstr = "Attempt to delete non-existing object or insufficient privileges: " ; + + $dir=dirname($path); + $file=basename($path); + + if (! file_exists("$dir/.del")) { + mkdir("$dir/.del",0700); + } + + if ( ! @rename($path,"$dir/.del/$file") ) { + LogIt($path,"$what delete failed"); + Error("Can't delete $what",$tstr."".$relDir."/".$FN."") ; + } else { + LogIt($path,"$what deleted",trperm_w); + MoveTo("$dir/.log/$file","$dir/.del/.log/"); + MoveTo("$dir/.note/$file","$dir/.del/.note/"); + MoveTo("$dir/.lock/$file","$dir/.del/.lock/"); + } + break ; + + case "UNDELETE" : + if ( $CONFIRM != "on" ) break ; + + if (substr($FN,0,4) != ".del") break ; + $file=substr($FN,4,strlen($FN)-4); + + if (! check_perm("$relDir/$file", trperm_w)) + Error("Access denied","User $gblLogin tried to undelete $relDir/$file without valid trustee.",1); + + LogIt("$fsDir/.del/$file","undeleted",trperm_w); + MoveTo("$fsDir/.del/$file","$fsDir/"); + MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/"); + MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/"); + MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/"); + + break ; + + case "RENAME" : + if ( $CONFIRM != "on" ) break ; + + if (HTTP_POST_VAR("NEWNAME")) { + $dest = remove_parent($relDir.$NEWNAME); + if (! check_perm($relDir.$FN, trperm_w) || + ! check_perm($dest, trperm_w) ) + Error("Access denied","User $gblLogin tried to rename $relDir$FN to $dest without valid trustee.",1); + } else { + Error("Rename error","Can't find new name in var \$NEWNAME",1); + } + LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r); + safe_rename($fsDir,$FN,$NEWNAME); + break ; + + case "NOTE" : + if (! HTTP_POST_VAR("NOTE")) + Error("Can't add note to object","Can't find var \$NOTE",1); + if (! check_perm("$relDir/$FN", trperm_w)) + Error("Access denied","User $gblLogin tried to add note to $relDir/$FN without valid trustee.",1); + + WriteNote("$fsDir/$FN",$NOTE); + break ; + + case "UNLOCK" : + if ( $CONFIRM != "on" ) break ; + if (! check_perm("$relDir/$FN", trperm_w)) + Error("Access denied","User $gblLogin tried to unlock $relDir/$FN without valid trustee.",1); + Unlock("$fsDir/$FN"); + break ; + + default : + // user hit "CANCEL" or undefined action + } + + // common to all POSTs : redirect to directory view ($relDir) + if (isset($POSTACTION)) { + $tstr = $HTTP_SERVER_VARS["PHP_SELF"]."?D=".urlencode($relDir); + header("Location: ".$tstr) ; + exit ; + } + + // check for mode.. navigate, code display, upload, or detail? + // $A=U : upload to path given in $D + // $A=E : display detail of file $D/$F and edit + // $A=C : display code in file $D/$F + // $A=Co : checkout file $D/$F + // $A=Ci : checkin file $D/$F + // $A=V : view file (do nothing except log) + // $A=I : include file .$F.php from [$gblIncDir|realm]/include_php + // default : display directory $D + + if (isset($A)) switch ($A) { + case "U" : + // upload to $relDir + if (! check_perm($relDir, trperm_w)) + Error("Write access denied","You don't have permission to write in $relDir"); + if (!is_writeable($gblFsRoot . $relDir)) + Error("Write access denied","User $gblLogin has permission on $relDir, but directory is not writable",1); + $text = "Use this page to upload a single " ; + $text .= "file to $realm." ; + StartHTML("(Upload Page)", $text) ; + UploadPage($gblFsRoot, $relDir) ; + EndHTML() ; + exit ; + case "E" : + // detail of $relDir/$F + if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ; + exit ; + case "C" : + $F=stripSlashes($F); + // listing of $relDir/$F + DisplayCode($gblFsRoot, $relDir, $F) ; + exit ; + case "Co" : + // checkout + Lock("$gblFsRoot/$relDir/$F"); + Download("$gblFsRoot/$relDir/$F",1); + exit; + case "Ci" : + $F=stripSlashes($F); + // upload && update to $relDir + if (!is_writeable($gblFsRoot . $relDir)) + Error("Write access denied",$relDir) ; + $text = "Use this page to update a single " ; + $text .= "file to $realm." ; + StartHTML("(Update file Page)", $text) ; + UploadPage($gblFsRoot, $relDir, $F) ; + EndHTML() ; + exit ; + case "V" : + // view + LogIt("$gblFsRoot/$relDir/$F","viewed"); + Download("$gblFsRoot/$relDir/$F",$gblForceDownload); + exit; + case "Ch" : + StartHTML("(File changes)","All changes chronologicaly..."); + DisplayChangeLog(0); // all + EndHTML() ; + exit; + case "Ch1" : + StartHTML("(File changes)","Changes to files in last day..."); + DisplayChangeLog(1); + EndHTML() ; + exit; + case "I" : + if (! isset($F) || $F == "") + Error("Can't find file to include","Your request didn't specify file to include which should be in variable F like $HTTP_SERVER_VARS[REQUEST_URI]&F=include_php_file",1); + $inc_file="$fsRealmDir/$realm".$realm_sep.$F.".php"; + if (! file_exists($inc_file)) { + Error("Can't find file to include","Can't find include file $F.php in $fsRealmDir/$realm/. Meybe you should copy $gblIncDir/include_php/$F.php to $inc_file ?",1); + } + if (!is_readable($inc_file)) + Error("Read access to include file denied","Can't read PHP include file $inc_file. Fix permissions on it.",1); + $text = "Your include file should define \$text variable which holds this text and \$title variable which is page title"; + $title = "You should define \$title variable with page title"; + include($inc_file); + StartHTML($title, $text) ; + print "
".GifIcon(up)." Back to front page.
"; + EndHTML() ; + exit ; + } + + // default: display directory $relDir + Navigate($gblFsRoot,$relDir) ; + exit ; + + Error("Whooah!","By cartesian logic, this never happens",1) ; +?> +