25 |
// from where to include auth_*.php modules? |
// from where to include auth_*.php modules? |
26 |
$gblIncDir = "/data/docman2"; |
$gblIncDir = "/data/docman2"; |
27 |
|
|
28 |
// force download (so it won't open in associated application) |
// force download on view (so it won't open in associated application) |
29 |
$gblForceDownload = 1; |
$gblForceDownload = 0; |
30 |
|
|
31 |
// date format |
// date format |
32 |
$gblDateFmt="Y-m-d"; |
$gblDateFmt="Y-m-d"; |
118 |
if (file_exists("$fsDocumentRoot/docman.css")) { |
if (file_exists("$fsDocumentRoot/docman.css")) { |
119 |
$css=dirname($self)."/docman.css"; |
$css=dirname($self)."/docman.css"; |
120 |
} else { |
} else { |
121 |
$css=$self."?STYLE=get&css=$css"; |
$css=$self."?STYLE=get"; |
122 |
} |
} |
123 |
|
|
124 |
include("$html/head.html"); |
include("$html/head.html"); |
145 |
$url_title="relogin"; |
$url_title="relogin"; |
146 |
} |
} |
147 |
include("$html/footer.html"); |
include("$html/footer.html"); |
|
//phpinfo(); |
|
148 |
} // end function EndHTML |
} // end function EndHTML |
149 |
|
|
150 |
////////////////////////////////////////////////////////////////// |
////////////////////////////////////////////////////////////////// |
571 |
function Navigate($fsRoot,$relDir) { |
function Navigate($fsRoot,$relDir) { |
572 |
|
|
573 |
global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide, |
global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide, |
574 |
$gblIgnoreUnknownFileType, |
$gblIgnoreUnknownFileType, $gblRepositoryDir, |
575 |
$HTTP_GET_VARS, $html, $realm_config; |
$HTTP_GET_VARS, $html, $realm_config; |
576 |
|
|
577 |
$self = $HTTP_SERVER_VARS["PHP_SELF"] ; |
$self = $HTTP_SERVER_VARS["PHP_SELF"] ; |
859 |
<TR><TD></TD><TD COLSPAN=5><HR></TD></TR> |
<TR><TD></TD><TD COLSPAN=5><HR></TD></TR> |
860 |
|
|
861 |
<? |
<? |
862 |
if (file_exists(".info.inc")) { |
|
863 |
|
if (file_exists("$gblRepositoryDir/.info.inc")) { |
864 |
print "<TR><TD></TD><TD COLSPAN=5>"; |
print "<TR><TD></TD><TD COLSPAN=5>"; |
865 |
include(".info.inc"); |
include("$gblRepositoryDir/.info.inc"); |
866 |
print "</TD></TR> |
print "</TD></TR><TR><TD></TD><TD COLSPAN=5><HR></TD></TR>"; |
|
<TR><TD></TD><TD COLSPAN=5><HR></TD></TR>"; |
|
867 |
} |
} |
868 |
|
|
869 |
?> |
?> |
870 |
|
|
871 |
<FORM METHOD="POST" ACTION="<?= $self ?>"> |
<FORM METHOD="POST" ACTION="<?= $self ?>"> |
1077 |
function try_rename($from,$to) { |
function try_rename($from,$to) { |
1078 |
# print "$from -> $to\n"; |
# print "$from -> $to\n"; |
1079 |
if (file_exists($from) && is_writeable(dirname($to))) { |
if (file_exists($from) && is_writeable(dirname($to))) { |
1080 |
rename($from,$to); |
return rename($from,$to); |
1081 |
|
} else { |
1082 |
|
return 0; |
1083 |
} |
} |
1084 |
} |
} |
1085 |
|
|
1086 |
function try_dir($todir) { |
function try_dir($todir) { |
1087 |
if (! file_exists($todir)) { |
if (! file_exists($todir)) { |
1088 |
mkdir($todir,0700); |
@mkdir($todir,0700); |
1089 |
} |
} |
1090 |
} |
} |
1091 |
|
|
1095 |
|
|
1096 |
# print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n"; |
# print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n"; |
1097 |
|
|
1098 |
try_rename("$fromdir/$fromfile","$todir/$tofile"); |
if (! try_rename("$fromdir/$fromfile","$todir/$tofile")) Error("Rename error","Can't rename file <tt>$fromfile</tt> to <tt>$tofile</tt>",1); |
1099 |
try_dir("$todir/.log"); |
try_dir("$todir/.log"); |
1100 |
try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile"); |
try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile"); |
1101 |
try_dir("$todir/.note"); |
try_dir("$todir/.note"); |
1475 |
$gblFilePerms = 0640 ; // default for new files |
$gblFilePerms = 0640 ; // default for new files |
1476 |
$gblDirPerms = 0750 ; // default for new dirs |
$gblDirPerms = 0750 ; // default for new dirs |
1477 |
|
|
1478 |
|
$STYLE = $HTTP_GET_VARS[STYLE]; |
1479 |
if (isset($STYLE) && $STYLE == "get") { |
if (isset($STYLE) && $STYLE == "get") { |
1480 |
include("$html/docman.css"); |
include("$html/docman.css"); |
1481 |
exit; |
exit; |
1551 |
isset($relogin) && $secHash == $relogin) { |
isset($relogin) && $secHash == $relogin) { |
1552 |
header("WWW-authenticate: basic realm=\"$realm\"") ; |
header("WWW-authenticate: basic realm=\"$realm\"") ; |
1553 |
header("HTTP/1.0 401 Unauthorized") ; |
header("HTTP/1.0 401 Unauthorized") ; |
|
phpinfo(); |
|
1554 |
Error("401 Unauthorized","No trespassing !"); |
Error("401 Unauthorized","No trespassing !"); |
1555 |
} |
} |
1556 |
|
|
1597 |
$DIR=stripSlashes($HTTP_POST_VARS["DIR"]); |
$DIR=stripSlashes($HTTP_POST_VARS["DIR"]); |
1598 |
$RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]); |
$RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]); |
1599 |
$T=stripSlashes($HTTP_POST_VARS["T"]); |
$T=stripSlashes($HTTP_POST_VARS["T"]); |
1600 |
|
$CONFIRM=stripSlashes($HTTP_POST_VARS["CONFIRM"]); |
1601 |
|
|
1602 |
// get |
// get |
1603 |
$A=stripSlashes($HTTP_GET_VARS["A"]); |
$A=stripSlashes($HTTP_GET_VARS["A"]); |
1610 |
switch ($HTTP_POST_VARS["POSTACTION"]) { |
switch ($HTTP_POST_VARS["POSTACTION"]) { |
1611 |
case "UPLOAD" : |
case "UPLOAD" : |
1612 |
$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); |
$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); |
1613 |
|
$FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]); |
1614 |
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; |
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; |
1615 |
if (strstr($FN_name,"/")) |
|
|
Error("Non-conforming filename") ; |
|
|
// TODO : should rather check for escapeshellcmds |
|
|
// but maybe RFC 18xx asserts safe filenames .... |
|
1616 |
$source = $FN_name ; |
$source = $FN_name ; |
|
print "-- $source -- $FN_name -- $HTTP_POST_FILES[FN] -- "; |
|
|
// phpinfo(); |
|
1617 |
if (! file_exists($source)) { |
if (! file_exists($source)) { |
1618 |
Error("You must select file with browse to upload it!"); |
Error("You must select file with browse to upload it!"); |
1619 |
} |
} |
1620 |
|
|
1621 |
$FILENAME = $HTTP_POST_VARS["FILENAME"]; |
$FILENAME = $HTTP_POST_VARS["FILENAME"]; |
1622 |
|
if (strstr($FILENAME,"/")) |
1623 |
|
Error("Upload error","Non-conforming filename. Filename <tt>$FILENAME</tt> has slashes (<tt>/</tt>) in it.") ; |
1624 |
if (! isset($FILENAME)) { // from update file |
if (! isset($FILENAME)) { // from update file |
1625 |
$target = "$fsDir/$FN_name" ; |
$target = "$fsDir/".basename($FN); |
1626 |
} else { |
} else { |
1627 |
$target = "$fsDir/$FILENAME"; |
$target = "$fsDir/$FILENAME"; |
1628 |
} |
} |
1755 |
case "RENAME" : |
case "RENAME" : |
1756 |
if ( $CONFIRM != "on" ) break ; |
if ( $CONFIRM != "on" ) break ; |
1757 |
|
|
1758 |
|
$NEWNAME=stripSlashes($HTTP_POST_VARS["NEWNAME"]); |
1759 |
LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r); |
LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r); |
1760 |
safe_rename($fsDir,$FN,$NEWNAME); |
safe_rename($fsDir,$FN,$NEWNAME); |
1761 |
break ; |
break ; |
1762 |
|
|
1763 |
case "NOTE" : |
case "NOTE" : |
1764 |
|
$NOTE=stripSlashes($HTTP_POST_VARS["NOTE"]); |
1765 |
WriteNote("$fsDir/$FN","$NOTE"); |
WriteNote("$fsDir/$FN","$NOTE"); |
1766 |
break ; |
break ; |
1767 |
|
|
1814 |
case "Co" : |
case "Co" : |
1815 |
// checkout |
// checkout |
1816 |
Lock("$gblFsRoot/$relDir/$F"); |
Lock("$gblFsRoot/$relDir/$F"); |
1817 |
Download("$gblFsRoot/$relDir/$F"); |
Download("$gblFsRoot/$relDir/$F",1); |
1818 |
exit; |
exit; |
1819 |
case "Ci" : |
case "Ci" : |
1820 |
$F=stripSlashes($F); |
$F=stripSlashes($F); |
1830 |
case "V" : |
case "V" : |
1831 |
// view |
// view |
1832 |
LogIt("$gblFsRoot/$relDir/$F","viewed"); |
LogIt("$gblFsRoot/$relDir/$F","viewed"); |
1833 |
if ($gblForceDownload) { |
Download("$gblFsRoot/$relDir/$F",$gblForceDownload); |
|
Download("$gblFsRoot/$relDir/$F"); |
|
|
} else { |
|
|
header("Content-Disposition: attachment; filename=$F" ); |
|
|
Header("Location: $webRoot".urlpath("$relDir/$F")); |
|
|
} |
|
1834 |
exit; |
exit; |
1835 |
case "Ch" : |
case "Ch" : |
1836 |
StartHTML("(File changes)","All changes chronologicaly..."); |
StartHTML("(File changes)","All changes chronologicaly..."); |