--- docman.php 2002/07/27 19:25:58 1.5
+++ docman.php 2002/07/29 13:53:56 1.31
@@ -20,7 +20,7 @@
//////////////////////////////////////////////////////////////////
// CONFIGURATION OPTIONS
-// error_reporting(4) ; // how verbose ?
+ error_reporting(E_ALL) ; // how verbose ?
// from where to include auth_*.php modules?
$gblIncDir = "/data/docman2";
@@ -84,14 +84,14 @@
LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]);
// for security and configuration
- $realm=$HTTP_SERVER_VARS[HTTP_HOST];
+ $realm=$HTTP_SERVER_VARS["HTTP_HOST"];
- $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]);
+ $fsDocumentRoot = dirname($HTTP_SERVER_VARS["SCRIPT_FILENAME"]);
if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set \$fsDocumentRoot in \$",1);
// globals for later
- $gblLogin = $HTTP_SERVER_VARS[PHP_AUTH_USER];
- $gblPasswd = $HTTP_SERVER_VARS[PHP_AUTH_PW];
+ $gblLogin = HTTP_SERVER_VAR("PHP_AUTH_USER");
+ $gblPasswd = HTTP_SERVER_VAR("PHP_AUTH_PW");
//////////////////////////////////////////////////////////////////
@@ -109,16 +109,15 @@
function StartHTML($title,$text="") {
- global $html,$fsDocumentRoot,$HTTP_SERVER_VARS;
+ global $html,$fsDocumentRoot,$gblTitle,$HTTP_SERVER_VARS;
- $title = $gblTitle." ".$title ;
$host = $HTTP_SERVER_VARS["HTTP_HOST"] ;
$self = $HTTP_SERVER_VARS["PHP_SELF"] ;
if (file_exists("$fsDocumentRoot/docman.css")) {
$css=dirname($self)."/docman.css";
} else {
- $css=$self."?STYLE=get&css=$css";
+ $css=$self."?STYLE=get";
}
include("$html/head.html");
@@ -138,20 +137,29 @@
} else {
$url .= md5($gblLogin.$gblPasswd);
}
- if (isset($gblLogin) && $gblLogin != "" && ($gblPasswd == "" || !isset($gblPasswd))) {
+ if ( ( (isset($gblLogin) && $gblLogin != "") ||
+ (!isset($gblLogin) || $gblLogin == "")
+ ) && ($gblPasswd == "" || !isset($gblPasswd))) {
$url_title="login";
$url .= "&force_login=1";
} else {
$url_title="relogin";
}
include("$html/footer.html");
+
+ global $debug;
+ if ($debug) print $debug;
} // end function EndHTML
//////////////////////////////////////////////////////////////////
function DetailPage($fsRoot,$relDir,$fn) {
- global $gblEditable, $gblImages, $webRoot, $html, $HTTP_SERVER_VARS ;
+ global $gblEditable, $gblImages,
+ $gblDateFmt, $gblTimeFmt,
+ $gblPermNote,
+ $webRoot, $html,
+ $HTTP_SERVER_VARS ;
$self = $HTTP_SERVER_VARS["PHP_SELF"] ;
$relPath = $relDir . "/" . $fn ;
@@ -160,14 +168,16 @@
$exists = file_exists($fsPath) ;
$ext = strtolower(strrchr($relPath,".")) ;
- $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
- $writable = is_writeable($fsPath) ;
+ $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) &&
+ check_perm($relPath,trperm_w);
+ $writable = is_writeable($fsPath) && check_perm($relPath,trperm_w) ;
+ $writable_dir = is_writeable($fsDir) && check_perm($relDir,trperm_w) ;
$file_lock = CheckLock($fsPath);
if (!$editable && !$exists)
- Error("Creation unsupported for type",$relPath) ;
- if (!exists && !is_writeable($fsDir) )
- Error("Creation denied",$relDir) ;
+ Error("Creation denied","Can't create $relPath") ;
+ if (!$exists && !$writable_dir )
+ Error("Creation denied","Can't write in directory $relDir while creating $relPathfor which user has permissions.",1);
$text = _("Use this page to view, modify or ") ;
if (is_dir($fsPath)) {
@@ -179,11 +189,12 @@
$title = "("._("Detail Page").")" ;
StartHTML($title, $text) ;
- echo "
" . $relDir . "/" . $fn . "
" ;
+ print "".$relDir.$fn."
";
+
if ($exists) { // get file info
$fsize = filesize($fsPath) ;
- $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
- $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
+ $fmodified = date("$gblDateFmt $gblTimeFmt", filemtime($fsPath)) ;
+ $faccessed = date("$gblDateFmt $gblTimeFmt", fileatime($fsPath)) ;
$fuid=fileowner($fsPath);
$fgid=filegroup($fsPath);
$userinfo = posix_getpwuid($fuid);
@@ -198,52 +209,27 @@
$fstr = fread($fh,filesize($fsPath)) ;
fclose($fh) ;
$fstr = htmlentities( $fstr ) ;
-?>
-
-
-" ;
// echo htmlentities($tstr) . "
" . $tstr ;
echo $tstr ;
}
-?>
-
-
+ } elseif (check_perm($relDir.$fn,$gblPermNote)) {
+ include("$html/DetailPage-note.html");
+ }
-";
$name=basename("$fsDir/$fn");
$logname=dirname("$fsDir/$fn")."/.log/$name";
@@ -471,18 +434,10 @@
//////////////////////////////////////////////////////////////////
-function GifIcon($txt) {
- global $gblIconLocation ;
+function GifIcon($txt = "") {
+ global $gblIconLocation, $gblImages ;
switch (strtolower($txt)) {
- case ".bmp" :
- case ".gif" :
- case ".jpg" :
- case ".jpeg":
- case ".tif" :
- case ".tiff":
- $d = "image2.gif" ;
- break ;
case ".doc" :
$d = "layout.gif" ;
break ;
@@ -560,9 +515,14 @@
$d = "quill.gif";
break;
default :
- $d = "generic.gif" ;
+ if (in_array(strtolower($txt),$gblImages)) {
+ $d = "image2.gif" ;
+ } else {
+ $d = "generic.gif" ;
+ }
}
+
return "" ;
} // end function GifIcon
@@ -571,19 +531,31 @@
function Navigate($fsRoot,$relDir) {
global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide,
- $gblIgnoreUnknownFileType,
- $HTTP_GET_VARS, $html, $realm_config;
-
+ $gblIgnoreUnknownFileType, $gblRepositoryDir,
+ $gblLogin, $gblUserName, $gblDateFmt, $gblTimeFmt,
+ $fsRealmDir, $realm, $realm_sep,
+ $html, $realm_config,
+ $HTTP_GET_VARS, $HTTP_SERVER_VARS;
+
$self = $HTTP_SERVER_VARS["PHP_SELF"] ;
- if ($relDir == "") $relDir = "/";
+ $relDir = chopsl($relDir)."/";
+ $fsDir = $fsRoot.$relDir; // current directory
+
+ if (!is_dir($fsDir)) Error("Dir not found","Directory $relDir not found on filesystem at $fsDir",1) ;
- $fsDir = $fsRoot.$relDir."/"; // current directory
+ global $debug;
+ $debug .= "[$gblLogin|$relDir] before >";
- if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
+ if (! check_perm($relDir,trperm_b))
+ Error("Access denied","User $gblLogin tried to access $relDir without valid trustee.",1);
+ $debug .= "< afeter";
$hide_items=",$gblHide,";
+ $dirList = array();
+ $fileList = array();
+
// read directory contents
if ( !($dir = @opendir($fsDir)) )
Error("Read Access denied",$relDir,1) ;
@@ -608,13 +580,18 @@
closedir($dir) ;
// scan deleted files
- if ( $HTTP_GET_VARS["show_deleted"] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
+ if ( HTTP_GET_VAR("show_deleted") == 1 && ($dir = @opendir("$fsDir/.del")) ) {
while ($item = readdir($dir)) {
if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") || !check_perm($relDir.$item,trperm_w) ) continue ;
- $fileList[$item] = ".del/$item" ;
- $fileDate[$item] = filemtime($fsDir.".del/$path") ;
- $fileSize[$item] = filesize($fsDir.".del/$path") ;
- $fileNote[$item] = ReadNote($fsDir.".del/$item");
+ if (is_file($fsDir.".del/$item")) {
+ $fileList[$item] = ".del/$item" ;
+ $fileDate[$item] = filemtime($fsDir.".del/$item") ;
+ $fileSize[$item] = filesize($fsDir.".del/$item") ;
+ $fileNote[$item] = ReadNote($fsDir.".del/$item");
+ } else {
+ $dirList[$item] = ".del/$item" ;
+ $dirNote[$item] = ReadNote($fsDir.".del/$item");
+ }
}
closedir($dir) ;
}
@@ -623,7 +600,7 @@
// start navigation page
$text = "Use this page to add, delete";
- if (! isset($HTTP_GET_VARS[show_deleted])) {
+ if (! isset($HTTP_GET_VARS["show_deleted"])) {
$text .= ", undelete";
}
$text .= " or revise files on this web site." ;
@@ -633,7 +610,7 @@
echo "" ;
- // updir bar
+ // updir (parent) bar
if (chopsl($fsDir) != chopsl($fsRoot)) {
$parent = dirname($relDir) ;
if ($parent == "") $parent = "/" ;
@@ -649,8 +626,7 @@
return $out;
}
- $dsort = $HTTP_GET_VARS[dsort];
- if (! isset($dsort)) $dsort = "name"; // default directory sort
+ if (! HTTP_GET_VAR("dsort")) $dsort = "name"; // default directory sort
$dsort_arr = array(
"name" => array ("rname", "note"),
@@ -659,8 +635,7 @@
"rnote" => array ("name", "note")
);
- $fsort = $HTTP_GET_VARS[fsort];
- if (! isset($fsort)) $fsort = "name"; // default directory sort
+ if (! HTTP_GET_VAR("fsort")) $fsort = "name"; // default directory sort
$fsort_arr = array(
"name" => array ("rname", "note", "date", "size"),
@@ -676,6 +651,7 @@
$D="D=".urlencode($relDir);
function self_args($arr = array()) {
+ global $self;
$arg = implode("&",$arr);
if ($arg) {
return $self."?".$arg;
@@ -713,7 +689,14 @@
$dir = $dirList[$key];
$info_url=self_args(array("A"=>"A=E", "F"=>"F=".urlencode($dir), "D"=>$D));
- $dir_url=$self."?D=".urlencode($relDir."/".$dir);
+ if (substr($dir,0,5) == ".del/") {
+ $dir = substr($dir,5,strlen($dir)-5);
+ $deleted = " deleted";
+ } else {
+ $deleted = "";
+ }
+
+ $dir_url=$self."?D=".urlencode(chopsl($relDir)."/".$dir);
include("$html/Navigate-dirEntry.html");
} // iterate over dirs
@@ -791,7 +774,7 @@
if (substr($file,0,5) != ".del/") {
$file_url_html .= $file . "" . $a ;
} else {
- $file_url_html .= substr($file,5,strlen($file)-5) . " deleted ";
+ $file_url_html .= substr($file,5,strlen($file)-5) . " deleted";
}
$note_html="".$gblIcon("note")."".ReadNote($path);
@@ -799,7 +782,7 @@
$ext = strtolower(strrchr($file,".")) ;
if ($file_lock) {
- if ($file_lock == $GLOBALS[gblUserName]) {
+ if ($file_lock == $gblUserName) {
$b.="" ;
$file_url_html=$b;
@@ -814,9 +797,11 @@
$file_url_html = "$file $a";
}
} else {
- $b.="" ;
- $b.=$gblIcon("checkout")."";
+ if (check_perm($relDir.$file,trperm_w)) {
+ $b.="" ;
+ $b.=$gblIcon("checkout")."";
+ }
if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
$b.=" |
|
-if (file_exists(".info.inc")) {
+
+if (file_exists("$fsRealmDir/$realm".$realm_sep."info.inc")) {
+ print " | ";
+ include("$fsRealmDir/$realm".$realm_sep."info.inc");
+ print " |
|
|
";
+} elseif (file_exists("$gblRepositoryDir/.info.inc")) {
print " | ";
- include(".info.inc");
- print " |
- |
|
";
+ include("$gblRepositoryDir/.info.inc");
+ print " |
|
";
}
+
+
?>