--- docman.php	2002/07/28 19:52:11	1.23
+++ docman.php	2002/07/29 10:17:53	1.25
@@ -188,7 +188,8 @@
 	$title = "("._("Detail Page").")" ;
 	StartHTML($title, $text) ;
 
-	echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
+	print "<H3>".$relDir.$fn."</H3>";
+
 	if ($exists) {  // get file info
 		$fsize = filesize($fsPath) ; 
 		$fmodified = date("$gblDateFmt $gblTimeFmt", filemtime($fsPath)) ;
@@ -632,10 +633,15 @@
 	if ( HTTP_GET_VAR("show_deleted") == 1 && ($dir = @opendir("$fsDir/.del")) ) {
 		while ($item = readdir($dir)) {
 			if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") || !check_perm($relDir.$item,trperm_w) ) continue ;
-			$fileList[$item] = ".del/$item" ;		
-			$fileDate[$item] = filemtime($fsDir.".del/$path") ;
-			$fileSize[$item] = filesize($fsDir.".del/$path") ;
-			$fileNote[$item] = ReadNote($fsDir.".del/$item");
+			if (is_file($fsDir.".del/$item")) {
+				$fileList[$item] = ".del/$item" ;		
+				$fileDate[$item] = filemtime($fsDir.".del/$item") ;
+				$fileSize[$item] = filesize($fsDir.".del/$item") ;
+				$fileNote[$item] = ReadNote($fsDir.".del/$item");
+			} else {
+				$dirList[$item] = ".del/$item" ;		
+				$dirNote[$item] = ReadNote($fsDir.".del/$item");
+			}
 		}
 		closedir($dir) ; 
 	}
@@ -733,6 +739,13 @@
 			$dir = $dirList[$key];
 
 			$info_url=self_args(array("A"=>"A=E", "F"=>"F=".urlencode($dir), "D"=>$D));
+			if (substr($dir,0,5) == ".del/") {
+				$dir = substr($dir,5,strlen($dir)-5);
+				$deleted = " <a href=\"$info_url#undelete\"><SPAN CLASS=deleted TITLE=\"deleted\">deleted</span></a>";
+			} else {
+				$deleted = "";
+			}
+	
 			$dir_url=$self."?D=".urlencode(chopsl($relDir)."/".$dir);
 			include("$html/Navigate-dirEntry.html");
 
@@ -811,7 +824,7 @@
 		if (substr($file,0,5) != ".del/") {
 			$file_url_html .= $file . "</A>" . $a ;
 		} else {
-			$file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
+			$file_url_html .= substr($file,5,strlen($file)-5) . "</a> <a href=\"$info_url#undelete\"><SPAN CLASS=deleted TITLE=\"deleted\">deleted</span></a>";
 		}
 
 		$note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
@@ -1424,11 +1437,14 @@
 }// end of helper function
 
 function check_trustee($user,$path) {
-	global $trustees;
+	global $trustees,$HAVE_TRUSTEE;
 	$perm['allow'] = 0;
 	$perm['deny'] = 0;
 
-	if (! isset($trustees)) Error("Trustees not found","Can't find in-memory trustee structure \$trustees. Probably bug in code. Contact <tt>dpavlin@rot13.org</tt>",1);
+	// do we use trustees?
+	if (! $HAVE_TRUSTEE) return $perm;
+
+	if (! isset($trustees)) Error("Trustees not found","Can't find in-memory trustee structure <tt>\$trustees</tt>. Probably bug in code. Contact <tt>dpavlin@rot13.org</tt>",1);
 
 global $debug;
 $debug .= "<br>check_trustee $path ... ";
@@ -1533,6 +1549,8 @@
 
 function check_filename($file) {
 	if (strstr($file,"..")) Error("Security violation","No parent dir <tt>..</tt> allowed in file name <tt>$file</tt>",1);
+	// remove deleted directory (for undelete to work)
+	$file = str_replace(".del/","",$file);
 	if (strstr($file,"/")) Error("Security violation","No slashes <tt>/</tt> allowed in file name <tt>$file</tt>",1);
 }
 
@@ -1584,7 +1602,7 @@
 	// location of master docman configuration file
 	$docman_conf = "/etc/docman.conf";
 	if (! file_exists($docman_conf)) {
-		$error = "Can't find master configuration file $docman_conf. See docman2/doc/upgrade.html#docman_conf for more informations";
+		$error = "Can't find master configuration file <tt>$docman_conf</tt>. See <tt>docman2/doc/upgrade.html#docman_conf</tt> for more informations";
 		
 		error_log("docman: $error");
 		Error("docman not installed completly",$error);
@@ -1821,14 +1839,22 @@
 		break ;
 
 	case "DELETE" :  
-		if ( $CONFIRM != "on" ) break ;
+		if ( $CONFIRM != "on" ) break;
 
-		$tstr  = "Attempt to delete non-existing object or " ;
-		$tstr .= "insufficient privileges: " ;
+		if ( isset($FN) && $FN != "") {
+			$path=$fsDir."/".$FN;
+
+			$what = "file";
+			if (is_dir($path)) {
+				$what = "dir";
+			}
+
+			if (! check_perm($relDir."/".$FN, trperm_w))
+				Error("Access denied","User <tt>$gblLogin</tt> tried to erase $what <tt>$relDir/$FN</tt> without valid trustee.",1);
+
+			$tstr  = "Attempt to delete non-existing object or " ;
+			$tstr .= "insufficient privileges: " ;
 
-		if ( $FN != "") {  // delete file
-			$path =  $fsDir . "/" . $FN ;
-		
 			$dir=dirname($path);
 			$file=basename($path);
 			if (! file_exists("$dir/.del")) {
@@ -1836,22 +1862,17 @@
 			}
 
 //			if ( ! @unlink($path) ) { 
-			if ( ! rename($path,"$dir/.del/$file") ) { 
-				LogIt($path,"file delete failed");
-				Error("File delete failed", $tstr . $path) ; 
+			if ( ! @rename($path,"$dir/.del/$file") ) { 
+				LogIt($path,"$what delete failed");
+				Error("Can't delete $what",$tstr.$relDir."/".$FN) ; 
 			} else {
-				LogIt($path,"file deleted",trperm_w);
+				LogIt($path,"$what deleted",trperm_w);
 				MoveTo("$dir/.log/$file","$dir/.del/.log/");
 				MoveTo("$dir/.note/$file","$dir/.del/.note/");
 				MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
 			}
-		} else {  // delete directory
-			if ( ! @rrmdir($fsDir) ) {
-				Error("Rmdir failed", $tstr . $fsDir) ; 
-			} else {
-				LogIt($path,"dir deleted",trperm_w);
-				$relDir = dirname($relDir) ;  // move up
-			}
+		} else {
+			Error("Rmdir failed", $tstr . $fsDir) ; 
 		}
 		break ;
 
