/[docman]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.1 - (hide annotations)
Fri May 12 12:01:08 2000 UTC (23 years, 10 months ago) by dpavlin
Branch: MAIN
Branch point for: DbP
Initial revision

1 dpavlin 1.1 <?php
2    
3     /* Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com */
4     /* All Rights Reserved. */
5     /* */
6     /* This software is freeware and is not in the public domain. */
7     /* You are hereby granted the right to freely distribute this */
8     /* software as long as this copyright notice remains in place. */
9     /* */
10     /* Comments or suggestions? email: andmore@alief.com */
11     /* */
12     /* This is the PHP port: AnyPortal(php)-0.1 */
13     /* ======================================== */
14     /* */
15     /* PHP version 2000 by Stefan@Wiesendanger.org */
16     /* No Rights Reserved. What for, anyhow ? */
17     /* */
18     /* Date Remarks */
19     /* --------- ----------------------------------------------- */
20     /* 25 MAY 99 original ASP version */
21     /* 17 SEP 99 change upload from SA-FILEUP to aspSmartUpload */
22     /* 10 APR 00 simplified PHP3 version */
23     /* 18 APR 00 most of PHP3 port working. Slight modifications */
24     /* 22 APR 00 modified syntax highlighting, no absolute paths */
25     /* revealed, PHP builtin authentication, global */
26     /* style sheet as callback, use apache default */
27     /* icons as an alternative to the wingdings font. */
28     /* 25 APR 00 catch some exceptions (not foolproof yet) */
29     /* 26 APR 00 catch some more exceptions, implicit copy */
30     /* function by saving somewhere else in the detail */
31     /* view, MD5 hashed password. */
32     /* 27 APR 00 Fixed authentication bug */
33     /* 12 MAY 00 Fixed trouble with exec() with newer versions of */
34     /* PHP3. Fixed bug which would send you to a non- */
35     /* existent address after file modifications. */
36    
37     //////////////////////////////////////////////////////////////////
38    
39     // TODO : Don't let the file be modified itself. Create a hash of
40     // it (kinda hard since it's self-referential ;-). Make better use
41     // of session management. Escapeshellcmd for all user input.
42    
43     //////////////////////////////////////////////////////////////////
44    
45     // GLOBAL PARAMETERS
46     // =================
47     // Make modifications here to suit siteman to your needs
48    
49     // error_reporting(4) ; // how verbose ?
50    
51     // username/password should not be system
52     // usernames/passwords !!
53    
54     // your (hashed) username/password here
55     $gblPw = "hash_of_your_username_and_password" ;
56    
57     $gblAuth = false ; // use builtin authentication
58     $gblHash = "md5" ; // hash function to use
59    
60     // choose GifIcon below unless you have the M$
61     // WingDings font installed on your system
62    
63     $gblIcon = "GifIcon" ; // MockIcon or GifIcon
64    
65     // the directory below should be /icons/ or /icons/small/
66     // on Apache; a set of icons is included in the distribution
67    
68     $gblIconLocation = "icons/" ;
69    
70     // files you want to be able to edit in text mode
71     // and view with (primitive) syntax highlighting
72    
73     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
74     ".cfm",".php3",".php",".phtml",
75     ".shtml",".css" ) ;
76    
77     // files that will display as images on the detail page
78     // (useless if your browser doesn't support them)
79    
80     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
81     ".bmp",".xbm") ;
82    
83     //////////////////////////////////////////////////////////////////
84    
85     function StartHTML($title,$text="") {
86    
87     $title = "Site Manager " . $title ;
88     $host = $GLOBALS["HTTP_HOST"] ;
89     $self = $GLOBALS["PHP_SELF"] ;
90     ?>
91    
92     <HTML>
93     <HEAD>
94     <TITLE><?php echo $host . " " . $title ?></TITLE>
95     <META NAME="description" CONTENT="PHP port of AnyPortal Site Manager">
96     <META NAME="keywords" CONTENT="site manager, web site maintenance">
97     <META NAME="robots" CONTENT="noindex">
98     <META HTTP-EQUIV="expires" CONTENT="0">
99     <LINK REL="stylesheet" TYPE="text/css"
100     HREF="<?php echo $self ?>?STYLE=get">
101     </HEAD>
102     <BODY BGCOLOR="#FFFFFF">
103     <H3 ALIGN="RIGHT"><?php echo $host ?></H3>
104     <TABLE BORDER=0 WIDTH="100%"><TR>
105     <TD CLASS=INV><?php echo $title ?></TD></TR></TABLE>
106     <P><?php echo $text ?></P>
107    
108     <?php
109     } // end function StartHTML
110    
111     //////////////////////////////////////////////////////////////////
112    
113     function EndHTML() {
114     ?>
115    
116     <HR>
117     <P CLASS=FTR>
118     <B><?php echo date("D, F d, Y") ?> -
119     <?php echo date("g:i:sA") ?></B><BR>ANYPORTAL(php) Site Manager
120     - &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>
121     - &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>
122     </P>
123     <BR><BR><BR></BODY></HTML>
124    
125     <?php
126     } // end function EndHTML
127    
128     //////////////////////////////////////////////////////////////////
129    
130     function CSS() {
131     ?>
132    
133     BODY,TD,P,H1,H2,H3 { font-family:Helvetica,Arial,sans-serif; }
134     .BLK { color:black; }
135     .RED { color:red; }
136     .TOP { color:red; font-size:70%; } /* table headings */
137     .INV { color:white; background-color:navy;
138     font-weight:bold; font-size:120%; } /* title */
139     .FTR { } /* footer */
140     .LST { background-color:#E0E0E0; } /* table cells */
141     .BAR { background-color:#E0E0E0; } /* action bar */
142     PRE { color:blue; font-family:Lucida Console,Courier New,
143     Courier,sans-serif; } /* source code */
144     EM { color:green; font-style:normal; } /* line numbers */
145     .REM { color:silver; }
146     .XML { color:navy; background-color:yellow; }
147     .MCK { color:red; font-family:WingDings; } /* Mock Icons */
148     A:HOVER { color:red; }
149    
150     <?php
151     } // end function CSS
152    
153     //////////////////////////////////////////////////////////////////
154    
155     function DetailPage($fsRoot,$relDir,$fn) {
156    
157     global $gblEditable, $gblImages ;
158     $self = $GLOBALS["PHP_SELF"] ;
159    
160     $relPath = $relDir . "/" . $fn ;
161     $fsPath = $fsRoot . $relPath ;
162     $fsDir = $fsRoot . $relDir ;
163    
164     $exists = file_exists($fsPath) ;
165     $ext = strtolower(strrchr($relPath,".")) ;
166     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
167     $writable = Writeable($fsPath) ;
168    
169     if (!$editable && !$exists)
170     Error("Creation unsupported for type",$relPath) ;
171     if (!exists && !Writeable($fsDir) )
172     Error("Creation denied",$relDir) ;
173    
174     $text = "Use this page to view, modify or " ;
175     $text .= "delete a single document on this " ;
176     $text .= "web site." ;
177     $title = "(Detail Page)" ;
178     StartHTML($title, $text) ;
179    
180     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
181     if ($exists) { // get file info
182     $fsize = filesize($fsPath) ;
183     $fmodified = date("d/M/y G:i:s", filemtime($fsPath)) ;
184     $faccessed = date("d/M/y G:i:s", fileatime($fsPath)) ;
185     echo "<PRE> file size: " . $fsize . " Bytes<BR>" ;
186     echo "last modified: <B>" . $fmodified . "</B><BR>" ;
187     echo "last accessed: <B>" . $faccessed . "</B><BR>" ;
188     echo " owner: <B>" . fileowner($fsPath) . "</B><BR>" ;
189     echo " group: <B>" . filegroup($fsPath) . "</B><BR>" ;
190     echo " permissions: <B>" ;
191     echo printf( "%o", fileperms($fsPath) ) . "</B>" ;
192     echo "</PRE>" ;
193     }
194    
195     if ( $editable && ($writable || !$exists) ) {
196     $fh = fopen($fsPath,"a+") ;
197     rewind($fh) ;
198     $fstr = fread($fh,filesize($fsPath)) ;
199     fclose($fh) ;
200     $fstr = htmlentities( $fstr ) ;
201     ?>
202    
203     <FORM ACTION="<?php echo $self ; ?>" METHOD="POST">
204     <SPAN TITLE="Click [SAVE] to store updated contents.">
205     <B>DOCUMENT CONTENTS</B>
206     </SPAN><BR>
207     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
208     echo($fstr) ; ?></TEXTAREA>
209     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ; ?>">
210     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?php echo $fn ; ?>">
211     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
212     <INPUT TYPE="TEXT" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
213     VALUE="<?php echo $relPath ; ?>">
214     <INPUT TYPE="RESET" VALUE="RESET">
215     <INPUT TYPE="SUBMIT" VALUE="SAVE">
216     </FORM>
217    
218     <?php
219     }
220     else if ( strstr( join(" ",$gblImages), $ext ) ) {
221     $info = getimagesize($fsPath) ;
222     $tstr = "<IMG SRC=\"". $relPath . "\" BORDER=0 " ;
223     $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
224     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
225     echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
226     }
227     ?>
228    
229     <FORM ACTION="<?php echo $self ; ?>" METHOD="POST">
230     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ; ?>">
231     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?php echo $fn ; ?>">
232     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
233    
234     <?php
235     if ($exists && $writable) {
236     ?>
237    
238     <HR><SPAN TITLE="Check OK and click [DELETE] to delete.">
239     <B>OK TO DELETE "<?php echo $fn ; ?>"? </B></SPAN>
240     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
241     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
242    
243     <?php
244     }
245     echo "</FORM>" ;
246     EndHTML() ;
247    
248     } // end function DetailPage
249    
250     //////////////////////////////////////////////////////////////////
251    
252     function DisplayCode($fsRoot,$relDir,$fn) {
253    
254     $path = $fsRoot . $relDir . "/" . $fn ;
255    
256     if (!file_exists($path)) Error("File not found",$path) ;
257    
258     StartHTML("(".$relDir."/".$fn.")","");
259    
260     $tstr = join("",file($path)) ;
261     $tstr = htmlentities($tstr) ;
262    
263     // Tabs
264     $tstr = str_replace(chr(9)," ",$tstr) ;
265    
266     // ASP tags & XML/PHP tags
267     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
268     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
269     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
270     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
271    
272     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
273     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
274     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
275     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
276    
277     // C style comment
278     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
279     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
280    
281     // HTML comments
282     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
283     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
284    
285     echo "<PRE>" ;
286    
287     $tstr = split("\n",$tstr) ;
288     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
289     // add line numbers
290     echo "<BR><EM>" ;
291     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
292     $line = $tstr[$i] ;
293     // C++ style comments
294     $pos = strpos($line,"//") ;
295     // exceptions: two slashes aren't a script comment
296     if (strstr($line,"//") &&
297     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
298     ! (substr($line,$pos,8) == "//--&gt;") &&
299     ! (substr($line,$pos,9) == "// --&gt;")) {
300     $beg = substr($line,0,strpos($line,"//")) ;
301     $end = strstr($line,"//") ;
302     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
303     }
304     // shell & asp style comments
305     $first = substr(ltrim($line),0,1) ;
306     if ($first == "#" || $first == "'") {
307     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
308     }
309     print($line) ;
310     } // next i
311    
312     echo "</PRE>" ;
313    
314     EndHTML() ;
315    
316     } // end function DisplayCode
317    
318     //////////////////////////////////////////////////////////////////
319    
320     function MockIcon($txt) {
321     $tstr = "<SPAN CLASS=MCK>" ;
322    
323     switch (strtolower($txt)) {
324     case ".bmp" :
325     case ".gif" :
326     case ".jpg" :
327     case ".jpeg":
328     case ".tif" :
329     case ".tiff":
330     $d = 176 ;
331     break ;
332     case ".doc" :
333     $d = 50 ;
334     break ;
335     case ".exe" :
336     case ".bat" :
337     $d = 255 ;
338     break ;
339     case ".bas" :
340     case ".c" :
341     case ".cc" :
342     case ".src" :
343     $d = 255 ;
344     break ;
345     case "file" :
346     $d = 51 ;
347     break ;
348     case "fldr" :
349     $d = 48 ;
350     break ;
351     case ".htm" :
352     case ".html":
353     case ".asa" :
354     case ".asp" :
355     case ".cfm" :
356     case ".php3":
357     case ".php" :
358     case ".phtml" :
359     case ".shtml" :
360     $d = 182 ;
361     break ;
362     case ".pdf" :
363     $d = 38 ;
364     break;
365     case ".txt" :
366     case ".ini" :
367     $d = 52 ;
368     break ;
369     case ".xls" :
370     $d = 252 ;
371     break ;
372     case ".zip" :
373     case ".arc" :
374     case ".sit" :
375     case ".tar" :
376     case ".gz" :
377     case ".tgz" :
378     case ".Z" :
379     $d = 59 ;
380     break ;
381     case "view" :
382     $d = 52 ;
383     break ;
384     case "up" :
385     $d = 199 ;
386     break ;
387     case "blank" :
388     return "&nbsp;&nbsp;</SPAN>" ;
389     break ;
390     default :
391     $d = 51 ;
392     }
393    
394     return $tstr . chr($d) . "</SPAN>" ;
395     } // end function MockIcon
396    
397     //////////////////////////////////////////////////////////////////
398    
399     function GifIcon($txt) {
400     global $gblIconLocation ;
401    
402     switch (strtolower($txt)) {
403     case ".bmp" :
404     case ".gif" :
405     case ".jpg" :
406     case ".jpeg":
407     case ".tif" :
408     case ".tiff":
409     $d = "image2.gif" ;
410     break ;
411     case ".doc" :
412     $d = "layout.gif" ;
413     break ;
414     case ".exe" :
415     case ".bat" :
416     $d = "screw2.gif" ;
417     break ;
418     case ".bas" :
419     case ".c" :
420     case ".cc" :
421     case ".src" :
422     $d = "c.gif" ;
423     break ;
424     case "file" :
425     $d = "generic.gif" ;
426     break ;
427     case "fldr" :
428     $d = "dir.gif" ;
429     break ;
430     case ".phps" :
431     $d = "phps.gif" ;
432     break ;
433     case ".php3" :
434     $d = "php3.gif" ;
435     break ;
436     case ".htm" :
437     case ".html":
438     case ".asa" :
439     case ".asp" :
440     case ".cfm" :
441     case ".php3":
442     case ".php" :
443     case ".phtml" :
444     case ".shtml" :
445     $d = "world1.gif" ;
446     break ;
447     case ".pdf" :
448     $d = "pdf.gif" ;
449     break;
450     case ".txt" :
451     case ".ini" :
452     $d = "text.gif" ;
453     break ;
454     case ".xls" :
455     $d = "box2.gif" ;
456     break ;
457     case ".zip" :
458     case ".arc" :
459     case ".sit" :
460     case ".tar" :
461     case ".gz" :
462     case ".tgz" :
463     case ".Z" :
464     $d = "compressed.gif" ;
465     break ;
466     case "view" :
467     $d = "index.gif" ;
468     break ;
469     case "up" :
470     $d = "back.gif" ;
471     break ;
472     case "blank" :
473     $d = "blank.gif" ;
474     break ;
475     default :
476     $d = "generic.gif" ;
477     }
478    
479     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
480     } // end function GifIcon
481    
482     //////////////////////////////////////////////////////////////////
483    
484     function Navigate($fsRoot,$relDir) {
485    
486     global $gblEditable, $gblIcon ;
487    
488     $self = $GLOBALS["PHP_SELF"] ;
489     $webRoot = "http://" . $GLOBALS["SERVER_NAME"] ;
490     $fsDir = $fsRoot . $relDir . "/" ; // current directory
491    
492     if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
493    
494     // read directory contents
495     if ( !($dir = @opendir($fsDir)) )
496     Error("Read Access denied",$relDir) ;
497     while ($item = readdir($dir)) {
498     if ( $item == ".." || $item == "." ) continue ;
499     if ( is_dir($fsDir . $item) ) {
500     $dirList[] = $item ;
501     }
502     else if ( is_file($fsDir . $item) ) {
503     $fileList[] = $item ;
504     }
505     else {
506     // unknown file type
507     // $text = "Could not determine file type of " ;
508     // Error("File Error", $text.$relDir."/".$item) ;
509     // exit ;
510     }
511     }
512     closedir($dir) ;
513     $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
514    
515     // start navigation page
516     $text = "Use this page to add, delete or " ;
517     $text .= "revise files on this web site." ;
518    
519     StartHTML("(Navigate)",$text) ;
520    
521     echo "<TABLE BORDER=0 CELLPADDING=2
522     CELLSPACING=3 WIDTH=\"100%\">" ;
523    
524     // updir bar
525     if ($fsDir != $fsRoot) {
526     $parent = dirname($relDir) ;
527     if ($parent == "") $parent = "/" ;
528     ?>
529    
530     <TR><TD><?php echo $gblIcon("up") ?></TD><TD COLSPAN=4 CLASS=LST>
531     <A HREF="<?php echo $self ?>?D=<?php echo urlencode($parent) ?>">
532     <B><?php echo $parent ?></B></A></TD></TR>
533    
534     <?php
535     }
536    
537     // output subdirs
538     if (sizeof($dirList) > 0) {
539     sort($dirList) ;
540     ?>
541    
542     <TR><TD></TD><TD COLSPAN=4 CLASS=TOP><HR>DIRECTORY NAME</TD></TR>
543    
544     <?php
545     while (list($key,$dir) = each($dirList)) {
546    
547     $tstr = "<A HREF=\"" . $self . "?D=" ;
548     $tstr .= urlencode($relDir."/".$dir) ;
549     $tstr .= "\">" . $dir . "/</A>" ;
550     ?>
551    
552     <TR><TD><?php echo $gblIcon("fldr") ?></TD>
553     <TD COLSPAN=4 CLASS=LST><?php echo $tstr ?></TD></TR>
554    
555     <?php
556     } // iterate over dirs
557     } // end if no dirs
558     ?>
559    
560     <TR><TD></TD><TD COLSPAN=4><HR><B><?php echo $webRoot . $relDir ?>
561     </B></TD></TR>
562     <TR><TD></TD><TD CLASS=TOP>DOCUMENT NAME</TD>
563     <TD><?php echo $gblIcon("blank") ?></TD>
564     <TD CLASS=TOP>LAST UPDATE</TD><TD CLASS=TOP>FILE SIZE</TD></TR>
565    
566     <?php
567     if (sizeof($fileList) > 0) {
568     sort($fileList) ;
569     while (list($key,$file) = each($fileList)) {
570     $path = $fsDir."/".$file ;
571     $mod = filemtime($path) ;
572     $sz = filesize($path) ;
573    
574     if ($sz >= 10240) {
575     $sz = (int)(($sz+1023)/1024) . " k" ;
576     }
577     else {
578     $sz .= " " ;
579     } // end size
580    
581     $a = $b = "" ;
582    
583     if ( ($mod + 30*86400) > time() ) {
584     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
585     $a .= " than 30 days\"> * </SPAN>" ;
586     }
587    
588     $tstr = $webRoot . $relDir . "/" . $file ;
589     $tstr = "<A HREF=\"" . $tstr . "\">" ;
590     $tstr .= $file . "</A>" . $a ;
591    
592     $ext = strtolower(strrchr($file,".")) ;
593     if ( $ext=="" ||
594     strstr(join(" ",$gblEditable),$ext) )
595     {
596     $b = "<A HREF=\"" . $self . "?A=C&F=" ;
597     $b .= urlencode($file) . "&D=" . urlencode($relDir) ;
598     $b .= "\" TITLE=\"List contents\">" ;
599     $b .= $gblIcon("view") . "</A>" ;
600     }
601    
602     ?>
603    
604     <TR><TD>
605     <A HREF="<?php echo $self ?>?A=E&F=<?php echo urlencode($file)
606     ?>&D=<?php echo urlencode($relDir) ?>" TITLE="View/Edit">
607     <?php echo $gblIcon($ext) ?></A></TD>
608     <TD CLASS=LST><?php echo $tstr ?></TD>
609     <TD CLASS=LST ALIGN=center><?php echo $b ?></TD>
610     <TD CLASS=LST><?php echo date("d/M/y G:i:s",$mod) ?></TD>
611     <TD CLASS=LST><?php echo $sz ?>Bytes</TD></TR>
612    
613     <?php
614     } // iterate over files
615     } // end if no files
616    
617     if ($emptyDir) {
618     ?>
619    
620     <FORM METHOD="POST" ACTION="<?php echo $self ?>">
621     <TR><TD></TD><TD COLSPAN=4 CLASS=BAR>
622     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
623     OK TO DELETE THIS EMPTY FOLDER?
624     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
625     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
626     </TD></TR>
627     </FORM>
628    
629     <?php
630     } // end if emptyDir
631     ?>
632    
633     <TR><TD></TD><TD COLSPAN=4><HR></TD></TR>
634    
635     <FORM METHOD="POST" ACTION="<?php echo $self ?>">
636     <TR><TD></TD><TD COLSPAN=4 CLASS=BAR>CREATE NEW
637     <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
638     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
639     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
640     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
641     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
642     <INPUT TYPE="SUBMIT" VALUE="CREATE"></NOBR>
643     <NOBR>OR <A HREF="<?php echo $self
644     ?>?A=U&D=<?php echo urlencode($relDir) ?>">UPLOAD</A> A FILE
645     </NOBR>
646     </TD></TR>
647     </FORM>
648     </TABLE>
649    
650     <?php
651     EndHTML() ;
652     } // end function Navigate
653    
654     //////////////////////////////////////////////////////////////////
655    
656     function UploadPage($fsRoot, $relDir) {
657    
658     $self = $GLOBALS["PHP_SELF"] ;
659     if ($relDir == "") $relDir = "/" ;
660     ?>
661    
662     <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
663     <FORM ENCTYPE="multipart/form-data" METHOD="POST"
664     ACTION="<?php echo $self ?>">
665     DESTINATION DIRECTORY:<B><?php echo " " . $relDir ?></B>
666     <P>PATHNAME OF LOCAL FILE<BR>
667     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>">
668     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
669     <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
670     <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
671     <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
672     you must upgrade to an RFC1867-compliant browser.</P>
673     <P>Your browser:<BR><?php echo $GLOBALS["HTTP_USER_AGENT"] ?></P>
674     </FORM>
675     </TD></TR>
676     <TR><TD></TD><TD>
677     <FORM METHOD="POST" ACTION="<?php echo $self ?>">
678     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?php echo $relDir ?>"><BR>
679     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
680     </FORM>
681     </TD></TR></TABLE></P>
682    
683     <?php
684     } // end function UploadPage
685    
686     //////////////////////////////////////////////////////////////////
687    
688     function Error($title,$text="") {
689     StartHTML("(".$title.")",$text) ;
690     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
691     EndHTML() ;
692     exit ;
693     } // end function Error
694    
695     //////////////////////////////////////////////////////////////////
696    
697     function Writeable($path) {
698     // fix by -mat- filid brandy, brandy@ecrc.de, 07/JUL/99
699    
700     clearstatcache ;
701     $perms = @fileperms($path) ;
702     $owner = @fileowner($path) ;
703     exec("id",$id) ;
704     eregi( "^uid=([0-9]*)",$id[0], $regs) ;
705     $apacheuid = $regs[1] ;
706     $perms = 0777 & $perms ;
707     if ( $apacheuid != $owner ) {
708     return (06 == (06 & $perms)) ? 1 : 0 ;
709     }
710     else {
711     return (0600 == (0600 & $perms)) ? 1 : 0 ;
712     }
713    
714     } // end function Writable
715    
716     //////////////////////////////////////////////////////////////////
717    
718     function CreateHash($user, $pw) {
719    
720     global $gblHash ; // hash function to use
721    
722     if ($user == "" || $pw == "") {
723     $text = "either no password or no username supplied" ;
724     Error("Create Hash",$text) ;
725     }
726     $title = "(Create Hash)" ;
727     StartHTML($title) ;
728     echo "<P ALIGN=center>" ;
729     echo "<BLOCKQUOTE>Copy the value below and paste it " ;
730     echo "into the<BR>value for \$gblPw in the source of " ;
731     echo "this file<BR><BR><B>" . $gblHash($user.$pw) ;
732     echo "</B><BR><BR>Hash function: " . $gblHash ;
733     echo "</BLOCKQUOTE></P>" ;
734     EndHTML() ;
735     exit ;
736    
737     } // end function CreateHash
738    
739     //////////////////////////////////////////////////////////////////
740    
741     function NoEntry() {
742    
743     $user = $GLOBALS["PHP_AUTH_USER"] ;
744     $pw = $GLOBALS["PHP_AUTH_PW"] ;
745     $self = $GLOBALS["PHP_SELF"] ;
746    
747     $title = "(401 Unauthorized)" ;
748     $text = "No trespassing !" ;
749     StartHTML($title,$text) ;
750     ?>
751    
752     <FORM ACTION="<?php echo $self ?>?HASH=create" METHOD="POST">
753     <INPUT TYPE="HIDDEN" NAME="USER" VALUE="<?php echo $user ?>">
754     <INPUT TYPE="HIDDEN" NAME="PW" VALUE="<?php echo $pw ?>">
755    
756     <BLOCKQUOTE><B>If you are a site administrator:</B><BR><BR>
757     Click below to <B>generate a password hash</B><BR>from
758     the username-password pair you just<BR>entered. Then include the hash in
759     the source<BR>of this file.<BR><BR>
760     <INPUT TYPE="SUBMIT" VALUE="CREATE HASH">
761     </BLOCKQUOTE></FORM>
762    
763     <?php
764     EndHTML() ;
765     exit ;
766     }
767    
768     //////////////////////////////////////////////////////////////////
769    
770     // MAIN PROGRAM
771     // ============
772     // query parameters: capital letters
773     // local functions : begin with capital letters
774     // global constants: begin with gbl
775    
776     $gblFilePerms = "644" ; // default for new files
777     $gblDirPerms = 0755 ; // default for new dirs
778    
779     // phpinfo() ;
780     // exit ;
781    
782     // forks before authentication: style sheet and hash
783     // creation if password not yet set.
784     if ($STYLE == "get") { CSS() ; exit ; }
785     if ($HASH != "") {
786     CreateHash($USER, $PW) ;
787     exit ;
788     }
789    
790     // authentication if $gblAuth == true
791     if ( $gblAuth &&
792     $gblHash($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ) {
793     header("WWW-authenticate: basic realm=\"$SERVER_NAME\"") ;
794     header("HTTP/1.0 401 Unauthorized") ;
795     NoEntry() ;
796     exit ;
797     }
798    
799     // get current directory relative to $gblFsRoot
800     $relDir = $DIR ; // from POST
801     if ($relDir == "") { // not defined in POST ?
802     $relDir = urldecode($D) ; // then use GET
803     }
804    
805     if ($relDir == "/") $relDir = "" ;
806     // default : website root = ""
807    
808     if (strstr($relDir,"..")) Error("No updirs allowed");
809    
810     // full paths contain "fs" or "Fs". Paths realitve to root of
811     // website contain "rel" or "Rel". The script won't let you
812     // edit anything above directory equal to http://server.com
813     // i.e. below $gblFsRoot.
814    
815     $relScriptDir = dirname($SCRIPT_NAME) ;
816     // i.e. /siteman
817    
818     $fsScriptDir = dirname($SCRIPT_FILENAME) ;
819     // i.e. /home/httpd/html/siteman
820    
821     $gblFsRoot = substr($fsScriptDir,0,
822     strlen($fsScriptDir)-strlen($relScriptDir)) ;
823     // i.e. /home/httpd/html
824    
825     $fsDir = $gblFsRoot . $relDir ; // current directory
826     if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
827    
828     switch ($POSTACTION) {
829     case "UPLOAD" :
830     if (!Writeable($fsDir)) Error("Write denied",$relDir) ;
831     if (strstr($FN_name,"/"))
832     Error("Non-conforming filename") ;
833     // TODO : should rather check for escapeshellcmds
834     // but maybe RFC 18xx asserts safe filenames ....
835     $source = $FN ;
836     $target = $fsDir . "/" . $FN_name ;
837     exec("cp $source $target") ;
838     exec("chmod $gblFilePerms $target") ;
839     clearstatcache() ;
840     break ;
841    
842     case "SAVE" :
843     $path = $gblFsRoot . escapeshellcmd($RELPATH) ;
844     $writable = Writeable($path) ;
845     $legaldir = Writeable(dirname($path)) ;
846     $exists = (file_exists($path)) ? 1 : 0 ;
847     // check for legal extension here as well
848     if (!($writable || (!$exists && $legaldir)))
849     Error("Write denied",$RELPATH) ;
850     $fh = fopen($path, "w") ;
851     fwrite($fh,$FILEDATA) ;
852     fclose($fh) ;
853     clearstatcache() ;
854     break ;
855    
856     case "CREATE" :
857     // we know $fsDir exists
858     if (!Writeable($fsDir)) Error("Write denied",$relDir) ;
859     $path = $fsDir . "/" . $FN ; // file or dir to create
860     $relPath = $relDir . "/" . $FN ;
861     switch ( $T ) {
862     case "D" : // create a directory
863     if ( ! @mkdir($path,$gblDirPerms) )
864     Error("Mkdir failed",$relPath) ; // eg. if it exists
865     clearstatcache() ;
866     break ;
867     case "F" : // create a new file
868     // this functionality is doubled in DetailView().
869     // better keep it here altogether
870     // chmod perms to $gblFilePerms
871     if ( file_exists($path) && !Writable($path) )
872     Error("File not writable", $relPath) ;
873     $tstr = $PHP_SELF . "?A=E&D=" . $relDir . "&F=" . $FN ;
874     header("Location: " . $tstr) ;
875     exit ;
876     }
877     break ;
878    
879     case "DELETE" :
880     if ( $CONFIRM != "on" ) break ;
881    
882     $tstr = "Attempt to delete non-existing object or " ;
883     $tstr .= "insufficient privileges: " ;
884    
885     if ( $FN != "") { // delete file
886     $path = $fsDir . "/" . $FN ;
887     if ( ! @unlink($path) ) {
888     Error("File delete failed", $tstr . $path) ;
889     exit ;
890     }
891     }
892     else { // delete directory
893     if ( ! @rmdir($fsDir) ) {
894     Error("Rmdir failed", $tstr . $fsDir) ;
895     }
896     else {
897     $relDir = dirname($relDir) ; // move up
898     }
899     }
900     break ;
901    
902     default :
903     // user hit "CANCEL" or undefined action
904     }
905    
906     // common to all POSTs : redirect to directory view ($relDir)
907     if ( $POSTACTION != "" ) {
908     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
909     header("Location: " . $tstr) ;
910     exit ;
911     }
912    
913     // check for mode.. navigate, code display, upload, or detail?
914     // $A=U : upload to path given in $D
915     // $A=E : display detail of file $D/$F and edit
916     // $A=C : display code in file $D/$F
917     // default : display directory $D
918    
919     switch ($A) {
920     case "U" :
921     // upload to $relDir
922     if (!Writeable($gblFsRoot . $relDir))
923     Error("Write access denied",$relDir) ;
924     $text = "Use this page to upload a single " ;
925     $text .= "file to <B>$SERVER_NAME</B>." ;
926     StartHTML("(Upload Page)", $text) ;
927     UploadPage($gblFsRoot, $relDir) ;
928     EndHTML() ;
929     exit ;
930     case "E" :
931     // detail of $relDir/$F
932     DetailPage($gblFsRoot, $relDir, $F) ;
933     exit ;
934     case "C" :
935     // listing of $relDir/$F
936     DisplayCode($gblFsRoot, $relDir, $F) ;
937     exit ;
938     }
939    
940     // default: display directory $relDir
941     Navigate($gblFsRoot,$relDir) ;
942     exit ;
943    
944     Error("Whooah!","By cartesian logic, this never happens") ;
945     ?>

  ViewVC Help
Powered by ViewVC 1.1.26