25 |
// from where to include auth_*.php modules? |
// from where to include auth_*.php modules? |
26 |
$gblIncDir = "/data/docman2"; |
$gblIncDir = "/data/docman2"; |
27 |
|
|
28 |
// force download (so it won't open in associated application) |
// force download on view (so it won't open in associated application) |
29 |
$gblForceDownload = 1; |
$gblForceDownload = 0; |
30 |
|
|
31 |
// date format |
// date format |
32 |
$gblDateFmt="Y-m-d"; |
$gblDateFmt="Y-m-d"; |
145 |
$url_title="relogin"; |
$url_title="relogin"; |
146 |
} |
} |
147 |
include("$html/footer.html"); |
include("$html/footer.html"); |
|
//phpinfo(); |
|
148 |
} // end function EndHTML |
} // end function EndHTML |
149 |
|
|
150 |
////////////////////////////////////////////////////////////////// |
////////////////////////////////////////////////////////////////// |
1076 |
function try_rename($from,$to) { |
function try_rename($from,$to) { |
1077 |
# print "$from -> $to\n"; |
# print "$from -> $to\n"; |
1078 |
if (file_exists($from) && is_writeable(dirname($to))) { |
if (file_exists($from) && is_writeable(dirname($to))) { |
1079 |
rename($from,$to); |
return rename($from,$to); |
1080 |
|
} else { |
1081 |
|
return 0; |
1082 |
} |
} |
1083 |
} |
} |
1084 |
|
|
1085 |
function try_dir($todir) { |
function try_dir($todir) { |
1086 |
if (! file_exists($todir)) { |
if (! file_exists($todir)) { |
1087 |
mkdir($todir,0700); |
@mkdir($todir,0700); |
1088 |
} |
} |
1089 |
} |
} |
1090 |
|
|
1094 |
|
|
1095 |
# print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n"; |
# print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n"; |
1096 |
|
|
1097 |
try_rename("$fromdir/$fromfile","$todir/$tofile"); |
if (! try_rename("$fromdir/$fromfile","$todir/$tofile")) Error("Rename error","Can't rename file <tt>$fromfile</tt> to <tt>$tofile</tt>",1); |
1098 |
try_dir("$todir/.log"); |
try_dir("$todir/.log"); |
1099 |
try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile"); |
try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile"); |
1100 |
try_dir("$todir/.note"); |
try_dir("$todir/.note"); |
1549 |
isset($relogin) && $secHash == $relogin) { |
isset($relogin) && $secHash == $relogin) { |
1550 |
header("WWW-authenticate: basic realm=\"$realm\"") ; |
header("WWW-authenticate: basic realm=\"$realm\"") ; |
1551 |
header("HTTP/1.0 401 Unauthorized") ; |
header("HTTP/1.0 401 Unauthorized") ; |
|
phpinfo(); |
|
1552 |
Error("401 Unauthorized","No trespassing !"); |
Error("401 Unauthorized","No trespassing !"); |
1553 |
} |
} |
1554 |
|
|
1595 |
$DIR=stripSlashes($HTTP_POST_VARS["DIR"]); |
$DIR=stripSlashes($HTTP_POST_VARS["DIR"]); |
1596 |
$RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]); |
$RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]); |
1597 |
$T=stripSlashes($HTTP_POST_VARS["T"]); |
$T=stripSlashes($HTTP_POST_VARS["T"]); |
1598 |
|
$CONFIRM=stripSlashes($HTTP_POST_VARS["CONFIRM"]); |
1599 |
|
|
1600 |
// get |
// get |
1601 |
$A=stripSlashes($HTTP_GET_VARS["A"]); |
$A=stripSlashes($HTTP_GET_VARS["A"]); |
1608 |
switch ($HTTP_POST_VARS["POSTACTION"]) { |
switch ($HTTP_POST_VARS["POSTACTION"]) { |
1609 |
case "UPLOAD" : |
case "UPLOAD" : |
1610 |
$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); |
$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); |
1611 |
|
$FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]); |
1612 |
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; |
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; |
1613 |
if (strstr($FN_name,"/")) |
|
|
Error("Non-conforming filename") ; |
|
|
// TODO : should rather check for escapeshellcmds |
|
|
// but maybe RFC 18xx asserts safe filenames .... |
|
1614 |
$source = $FN_name ; |
$source = $FN_name ; |
|
print "-- $source -- $FN_name -- $HTTP_POST_FILES[FN] -- "; |
|
|
// phpinfo(); |
|
1615 |
if (! file_exists($source)) { |
if (! file_exists($source)) { |
1616 |
Error("You must select file with browse to upload it!"); |
Error("You must select file with browse to upload it!"); |
1617 |
} |
} |
1618 |
|
|
1619 |
$FILENAME = $HTTP_POST_VARS["FILENAME"]; |
$FILENAME = $HTTP_POST_VARS["FILENAME"]; |
1620 |
|
if (strstr($FILENAME,"/")) |
1621 |
|
Error("Upload error","Non-conforming filename. Filename <tt>$FILENAME</tt> has slashes (<tt>/</tt>) in it.") ; |
1622 |
if (! isset($FILENAME)) { // from update file |
if (! isset($FILENAME)) { // from update file |
1623 |
$target = "$fsDir/$FN_name" ; |
$target = "$fsDir/".basename($FN_name); |
1624 |
} else { |
} else { |
1625 |
$target = "$fsDir/$FILENAME"; |
$target = "$fsDir/$FILENAME"; |
1626 |
} |
} |
1753 |
case "RENAME" : |
case "RENAME" : |
1754 |
if ( $CONFIRM != "on" ) break ; |
if ( $CONFIRM != "on" ) break ; |
1755 |
|
|
1756 |
|
$NEWNAME=stripSlashes($HTTP_POST_VARS["NEWNAME"]); |
1757 |
LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r); |
LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r); |
1758 |
safe_rename($fsDir,$FN,$NEWNAME); |
safe_rename($fsDir,$FN,$NEWNAME); |
1759 |
break ; |
break ; |
1760 |
|
|
1761 |
case "NOTE" : |
case "NOTE" : |
1762 |
|
$NOTE=stripSlashes($HTTP_POST_VARS["NOTE"]); |
1763 |
WriteNote("$fsDir/$FN","$NOTE"); |
WriteNote("$fsDir/$FN","$NOTE"); |
1764 |
break ; |
break ; |
1765 |
|
|
1812 |
case "Co" : |
case "Co" : |
1813 |
// checkout |
// checkout |
1814 |
Lock("$gblFsRoot/$relDir/$F"); |
Lock("$gblFsRoot/$relDir/$F"); |
1815 |
Download("$gblFsRoot/$relDir/$F"); |
Download("$gblFsRoot/$relDir/$F",1); |
1816 |
exit; |
exit; |
1817 |
case "Ci" : |
case "Ci" : |
1818 |
$F=stripSlashes($F); |
$F=stripSlashes($F); |
1828 |
case "V" : |
case "V" : |
1829 |
// view |
// view |
1830 |
LogIt("$gblFsRoot/$relDir/$F","viewed"); |
LogIt("$gblFsRoot/$relDir/$F","viewed"); |
1831 |
if ($gblForceDownload) { |
Download("$gblFsRoot/$relDir/$F",$gblForceDownload); |
|
Download("$gblFsRoot/$relDir/$F"); |
|
|
} else { |
|
|
header("Content-Disposition: attachment; filename=$F" ); |
|
|
Header("Location: $webRoot".urlpath("$relDir/$F")); |
|
|
} |
|
1832 |
exit; |
exit; |
1833 |
case "Ch" : |
case "Ch" : |
1834 |
StartHTML("(File changes)","All changes chronologicaly..."); |
StartHTML("(File changes)","All changes chronologicaly..."); |