/[docman2]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.18 - (hide annotations)
Sun Jul 28 16:24:54 2002 UTC (21 years, 8 months ago) by dpavlin
Branch: MAIN
Changes since 1.17: +42 -18 lines
implementation for one-level trustee

1 dpavlin 1.1 <?php
2    
3     /*
4     * Document Manager ][
5     *
6     * Dobrica Pavlinusic <dpavlin@rot13.org>
7     *
8     * License: GPL2
9     *
10     * Document Manager 1.x was based on
11     * Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com
12     * PHP version Copyright 2000 by Stefan@Wiesendanger.org
13     *
14     * For more info, please see web pages at
15     * http://www.rot13.org/~dpavlin/docman.html
16     *
17     */
18    
19    
20     //////////////////////////////////////////////////////////////////
21     // CONFIGURATION OPTIONS
22    
23 dpavlin 1.18 error_reporting(E_ALL) ; // how verbose ?
24 dpavlin 1.1
25     // from where to include auth_*.php modules?
26     $gblIncDir = "/data/docman2";
27    
28 dpavlin 1.5 // force download on view (so it won't open in associated application)
29     $gblForceDownload = 0;
30 dpavlin 1.1
31     // date format
32     $gblDateFmt="Y-m-d";
33     // $gblDateFmt="D, F d, Y";
34    
35     // time format
36     $gblTimeFmt="H:i:s";
37     // $gblTimeFmt="g:i:sA";
38    
39     // Number of backup files to keep
40     $gblNumBackups=3;
41    
42     // show red star if newer than ... days
43     $gblModDays=1;
44    
45     // choose GifIcon below unless you have the M$
46     // WingDings font installed on your system
47    
48     $gblIcon="GifIcon"; // MockIcon or GifIcon
49    
50     // the directory below should be /icons/ or /icons/small/
51     // on Apache; a set of icons is included in the distribution
52    
53     $gblIconLocation="/icons/";
54    
55     // files you want to be able to edit in text mode
56     // and view with (primitive) syntax highlighting
57    
58     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
59     ".cfm",".php3",".php",".phtml",
60     ".shtml",".css" ) ;
61    
62     // files that will display as images on the detail page
63     // (useless if your browser doesn't support them)
64    
65     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
66     ".bmp",".xbm") ;
67    
68     // which files to hide (separated by ,)
69     $gblHide = "";
70    
71     // Where are users? (by default in .htusers file)
72     $gblUsers = "file";
73    
74     //////////////////////////////////////////////////////////////////
75    
76     $gblTitle = "Document Manager";
77     $gblVersion = "2.0-pre1";
78    
79     $secHash = "";
80    
81     // location of html files
82     $html = $gblIncDir."/html";
83    
84     LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]);
85    
86     // for security and configuration
87 dpavlin 1.18 $realm=$HTTP_SERVER_VARS["HTTP_HOST"];
88 dpavlin 1.1
89     $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]);
90 dpavlin 1.3 if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set <tt>\$fsDocumentRoot</tt> in <tt>\$</tt>",1);
91 dpavlin 1.1
92     // globals for later
93 dpavlin 1.4 $gblLogin = $HTTP_SERVER_VARS[PHP_AUTH_USER];
94     $gblPasswd = $HTTP_SERVER_VARS[PHP_AUTH_PW];
95 dpavlin 1.1
96     //////////////////////////////////////////////////////////////////
97    
98     function LoadLanguage($lang) {
99    
100     global $gblIncDir,$html;
101    
102     if (file_exists($gblIncDir."/lang/$lang.php")) {
103     include($gblIncDir."/lang/$lang.php");
104     $html .= "-$lang";
105     } else {
106     include($gblIncDir."/lang/default.php");
107     }
108     }
109    
110     function StartHTML($title,$text="") {
111    
112 dpavlin 1.4 global $html,$fsDocumentRoot,$HTTP_SERVER_VARS;
113 dpavlin 1.1
114     $title = $gblTitle." ".$title ;
115 dpavlin 1.4 $host = $HTTP_SERVER_VARS["HTTP_HOST"] ;
116     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
117 dpavlin 1.1
118     if (file_exists("$fsDocumentRoot/docman.css")) {
119     $css=dirname($self)."/docman.css";
120     } else {
121 dpavlin 1.11 $css=$self."?STYLE=get";
122 dpavlin 1.1 }
123    
124     include("$html/head.html");
125     }
126    
127     //////////////////////////////////////////////////////////////////
128    
129     function EndHTML() {
130    
131     global $gblDateFmt, $gblTimeFmt, $gblUserName, $PHP_SELF,
132     $secHash, $gblVersion, $html,
133     $gblLogin,$gblPasswd;
134    
135     $url = $PHP_SELF."?relogin=";
136     if (isset($secHash) && $secHash != "") {
137     $url .= $secHash;
138     } else {
139     $url .= md5($gblLogin.$gblPasswd);
140     }
141 dpavlin 1.18 if ( ( (isset($gblLogin) && $gblLogin != "") ||
142     (!isset($gblLogin) || $gblLogin == "")
143     ) && ($gblPasswd == "" || !isset($gblPasswd))) {
144 dpavlin 1.1 $url_title="login";
145     $url .= "&force_login=1";
146     } else {
147     $url_title="relogin";
148     }
149     include("$html/footer.html");
150 dpavlin 1.13
151     global $debug;
152     if ($debug) print $debug;
153 dpavlin 1.1 } // end function EndHTML
154    
155     //////////////////////////////////////////////////////////////////
156    
157     function DetailPage($fsRoot,$relDir,$fn) {
158    
159 dpavlin 1.4 global $gblEditable, $gblImages, $webRoot, $html, $HTTP_SERVER_VARS ;
160     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
161 dpavlin 1.1
162     $relPath = $relDir . "/" . $fn ;
163     $fsPath = $fsRoot . $relPath ;
164     $fsDir = $fsRoot . $relDir ;
165    
166     $exists = file_exists($fsPath) ;
167     $ext = strtolower(strrchr($relPath,".")) ;
168 dpavlin 1.13 $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) &&
169     check_perm($relPath,trperm_w);
170     $writable = is_writeable($fsPath) && check_perm($relPath,trperm_w) ;
171     $writable_dir = is_writeable($fsDir) && check_perm($relDir,trperm_w) ;
172 dpavlin 1.1 $file_lock = CheckLock($fsPath);
173    
174     if (!$editable && !$exists)
175 dpavlin 1.13 Error("Creation denied","Can't create <tt>$relPath</tt>") ;
176     if (!$exists && !$writable_dir )
177     Error("Creation denied","Can't write in directory <tt>$relDir</tt> while creating <tt>$relPath</tt>for which user has permissions.",1);
178 dpavlin 1.1
179     $text = _("Use this page to view, modify or ") ;
180     if (is_dir($fsPath)) {
181     $text .=_("delete a directory on this ") ;
182     } else {
183     $text .= _("delete a single document on this ") ;
184     };
185     $text .= _("web site.") ;
186     $title = "("._("Detail Page").")" ;
187     StartHTML($title, $text) ;
188    
189     echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
190     if ($exists) { // get file info
191     $fsize = filesize($fsPath) ;
192     $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
193     $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
194     $fuid=fileowner($fsPath);
195     $fgid=filegroup($fsPath);
196     $userinfo = posix_getpwuid($fuid);
197     $grpinfo = posix_getgrgid($fgid);
198    
199     include("$html/DetailPage-file.html");
200     }
201    
202     if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) {
203     $fh = fopen($fsPath,"a+") ;
204     rewind($fh) ;
205     $fstr = fread($fh,filesize($fsPath)) ;
206     fclose($fh) ;
207     $fstr = htmlentities( $fstr ) ;
208     ?>
209    
210 dpavlin 1.13 <FORM ACTION="<?= $self ?>" METHOD="POST">
211 dpavlin 1.1 <SPAN TITLE="Click [SAVE] to store updated contents.">
212     <B>DOCUMENT CONTENTS</B>
213     </SPAN><BR>
214     <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
215     echo($fstr) ; ?></TEXTAREA>
216     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
217     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
218     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
219     <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
220     VALUE="<?= $relPath ; ?>">
221     <br>
222     <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
223     <INPUT TYPE="SUBMIT" VALUE="SAVE">
224     </FORM>
225    
226     <?php
227     }
228     if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
229     $info = getimagesize($fsPath) ;
230     $tstr = "<IMG SRC=\"$webRoot".urlpath($relPath)."\" BORDER=0 " ;
231     $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
232     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
233     // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
234     echo $tstr ;
235     }
236    
237     ?>
238    
239     <FORM ACTION="<?= $self ; ?>" METHOD="POST">
240     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
241     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
242     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
243    
244     <?php
245    
246     if ($file_lock) {
247     ?>
248     <hr>
249     <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
250     <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
251     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
252     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
253     <?
254     } // file_lock
255    
256     if (substr($fn,0,4) == ".del") {
257     $action="UNDELETE";
258     $desc="undelete previously deleted file";
259     } else {
260     $action="DELETE";
261     $desc="delete";
262     }
263    
264     if ($exists && $writable) {
265     ?>
266    
267     <HR>
268     <a name="undelete">
269     <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
270     <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
271     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
272     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
273    
274     <HR>
275     <a name="rename">
276     <SPAN TITLE="Check OK and click [RENAME] to rename.">
277     <B>OK TO RENAME "<?= $fn ; ?>" TO
278     <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
279     ? </B></SPAN>
280     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
281     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
282    
283     <?php
284     } // exists && writable
285     ?>
286     <HR>
287     <a name="note">
288     <B>NOTE FOR "<?= $fn ; ?>":
289     <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
290     </B></SPAN>
291     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
292    
293     </FORM>
294    
295     <?php
296    
297     $name=basename("$fsDir/$fn");
298     $logname=dirname("$fsDir/$fn")."/.log/$name";
299     $bakdir=dirname("$fsDir/$fn")."/.bak";
300     if (file_exists($logname)) {
301     $log=fopen($logname,"r");
302     $cl1=" class=LST"; $cl2="";
303     $logarr = array();
304     while($line = fgetcsv($log,512,"\t")) {
305     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
306     array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
307     }
308     fclose($log);
309     if (is_dir("$fsDir/$fn")) {
310     $whatis="DIRECTORY";
311     } else {
312     $whatis="FILE";
313     }
314     print "<hr><br><b>CHANGES TO THIS $whatis</b><br><table border=0 width=100%>\n";
315     $bakcount = 0; // start from 0, skip fist backup (it's current)
316     while ($e = array_shift($logarr)) {
317     if (strstr($e[4],"upload")) {
318     if (file_exists("$bakdir/$bakcount/$name")) {
319     $e[4]="<a href=\"$webRoot".urlpath(dirname($relPath)."/.bak/$bakcount/$name")."\">$e[4]</a>";
320     }
321     $bakcount++;
322     }
323     print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
324     }
325     print "</table>";
326     }
327    
328     EndHTML() ;
329    
330     } // end function DetailPage
331    
332     //////////////////////////////////////////////////////////////////
333    
334     function DisplayCode($fsRoot,$relDir,$fn) {
335    
336     $path = $fsRoot . $relDir . "/" . $fn ;
337    
338     if (!file_exists($path)) Error("File not found",$path) ;
339    
340     StartHTML("(".$relDir."/".$fn.")","");
341    
342     $tstr = join("",file($path)) ;
343     $tstr = htmlentities($tstr) ;
344    
345     // Tabs
346     $tstr = str_replace(chr(9)," ",$tstr) ;
347    
348     // ASP tags & XML/PHP tags
349     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
350     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
351     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
352     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
353    
354     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
355     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
356     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
357     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
358    
359     // C style comment
360     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
361     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
362    
363     // HTML comments
364     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
365     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
366    
367     echo "<PRE>" ;
368    
369     $tstr = split("\n",$tstr) ;
370     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
371     // add line numbers
372     echo "<BR><EM>" ;
373     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
374     $line = $tstr[$i] ;
375     // C++ style comments
376     $pos = strpos($line,"//") ;
377     // exceptions: two slashes aren't a script comment
378     if (strstr($line,"//") &&
379     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
380     ! (substr($line,$pos,8) == "//--&gt;") &&
381     ! (substr($line,$pos,9) == "// --&gt;")) {
382     $beg = substr($line,0,strpos($line,"//")) ;
383     $end = strstr($line,"//") ;
384     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
385     }
386     // shell & asp style comments
387     $first = substr(ltrim($line),0,1) ;
388     if ($first == "#" || $first == "'") {
389     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
390     }
391     print($line) ;
392     } // next i
393    
394     echo "</PRE>" ;
395    
396     EndHTML() ;
397    
398     } // end function DisplayCode
399    
400     //////////////////////////////////////////////////////////////////
401    
402     function MockIcon($txt) {
403     $tstr = "<SPAN CLASS=MCK>" ;
404    
405     switch (strtolower($txt)) {
406     case ".bmp" :
407     case ".gif" :
408     case ".jpg" :
409     case ".jpeg":
410     case ".tif" :
411     case ".tiff":
412     $d = 176 ;
413     break ;
414     case ".doc" :
415     $d = 50 ;
416     break ;
417     case ".exe" :
418     case ".bat" :
419     $d = 255 ;
420     break ;
421     case ".bas" :
422     case ".c" :
423     case ".cc" :
424     case ".src" :
425     $d = 255 ;
426     break ;
427     case "file" :
428     $d = 51 ;
429     break ;
430     case "fldr" :
431     $d = 48 ;
432     break ;
433     case ".htm" :
434     case ".html":
435     case ".asa" :
436     case ".asp" :
437     case ".cfm" :
438     case ".php3":
439     case ".php" :
440     case ".phtml" :
441     case ".shtml" :
442     $d = 182 ;
443     break ;
444     case ".pdf" :
445     $d = 38 ;
446     break;
447     case ".txt" :
448     case ".ini" :
449     $d = 52 ;
450     break ;
451     case ".xls" :
452     $d = 252 ;
453     break ;
454     case ".zip" :
455     case ".arc" :
456     case ".sit" :
457     case ".tar" :
458     case ".gz" :
459     case ".tgz" :
460     case ".Z" :
461     $d = 59 ;
462     break ;
463     case "view" :
464     $d = 52 ;
465     break ;
466     case "up" :
467     $d = 199 ;
468     break ;
469     case "blank" :
470     return "&nbsp;&nbsp;</SPAN>" ;
471     break ;
472     default :
473     $d = 51 ;
474     }
475    
476     return $tstr . chr($d) . "</SPAN>" ;
477     } // end function MockIcon
478    
479     //////////////////////////////////////////////////////////////////
480    
481     function GifIcon($txt) {
482     global $gblIconLocation ;
483    
484     switch (strtolower($txt)) {
485     case ".bmp" :
486     case ".gif" :
487     case ".jpg" :
488     case ".jpeg":
489     case ".tif" :
490     case ".tiff":
491     $d = "image2.gif" ;
492     break ;
493     case ".doc" :
494     $d = "layout.gif" ;
495     break ;
496     case ".exe" :
497     case ".bat" :
498     $d = "screw2.gif" ;
499     break ;
500     case ".bas" :
501     case ".c" :
502     case ".cc" :
503     case ".src" :
504     $d = "c.gif" ;
505     break ;
506     case "file" :
507     $d = "generic.gif" ;
508     break ;
509     case "fldr" :
510     $d = "dir.gif" ;
511     break ;
512     case ".phps" :
513     $d = "phps.gif" ;
514     break ;
515     case ".php3" :
516     $d = "php3.gif" ;
517     break ;
518     case ".htm" :
519     case ".html":
520     case ".asa" :
521     case ".asp" :
522     case ".cfm" :
523     case ".php3":
524     case ".php" :
525     case ".phtml" :
526     case ".shtml" :
527     $d = "world1.gif" ;
528     break ;
529     case ".pdf" :
530     $d = "pdf.gif" ;
531     break;
532     case ".txt" :
533     case ".ini" :
534     $d = "text.gif" ;
535     break ;
536     case ".xls" :
537     $d = "box2.gif" ;
538     break ;
539     case ".zip" :
540     case ".arc" :
541     case ".sit" :
542     case ".tar" :
543     case ".gz" :
544     case ".tgz" :
545     case ".Z" :
546     $d = "compressed.gif" ;
547     break ;
548     case "view" :
549     $d = "index.gif" ;
550     break ;
551     case "up" :
552     $d = "back.gif" ;
553     break ;
554     case "blank" :
555     $d = "blank.gif" ;
556     break ;
557     case "checkout":
558     $d = "box2.gif";
559     break;
560     case "checkin":
561     $d = "hand.up.gif";
562     break;
563     case "locked":
564     $d = "screw2.gif";
565     break;
566     case "note":
567     $d = "quill.gif";
568     break;
569     default :
570     $d = "generic.gif" ;
571     }
572    
573     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
574     } // end function GifIcon
575    
576     //////////////////////////////////////////////////////////////////
577    
578     function Navigate($fsRoot,$relDir) {
579    
580     global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide,
581 dpavlin 1.10 $gblIgnoreUnknownFileType, $gblRepositoryDir,
582 dpavlin 1.12 $fsRealmDir, $realm, $realm_sep,
583 dpavlin 1.4 $HTTP_GET_VARS, $html, $realm_config;
584 dpavlin 1.13
585 dpavlin 1.4 $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
586 dpavlin 1.1
587 dpavlin 1.18 $relDir = chopsl($relDir)."/";
588     $fsDir = $fsRoot.$relDir; // current directory
589 dpavlin 1.1
590 dpavlin 1.18 if (!is_dir($fsDir)) Error("Dir not found","Directory <tt>$relDir<tt> not found on filesystem at <tt>$fsDir</tt>",1) ;
591    
592     global $debug;
593     $debug .= "[$gblLogin|$relDir] before >";
594    
595     if (! check_perm($relDir,(trperm_b | trperm_r)))
596     Error("Access denied","User <tt>$gblLogin</tt> tried to access <tt>$relDir</tt> without valid trustee.",1);
597     $debug .= "< afeter";
598 dpavlin 1.1
599     $hide_items=",$gblHide,";
600    
601     // read directory contents
602     if ( !($dir = @opendir($fsDir)) )
603 dpavlin 1.4 Error("Read Access denied",$relDir,1) ;
604 dpavlin 1.1 while ($item = readdir($dir)) {
605     if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
606 dpavlin 1.4 if (is_dir($fsDir.$item) || is_link ($fsDir.$item)) {
607     if (check_perm($relDir.$item,trperm_b)) {
608     $dirList[$item] = $item ;
609     $dirNote[$item] = ReadNote($fsDir.$item);
610     }
611     } else if (is_file($fsDir.$item)) {
612     if (check_perm($relDir.$item,trperm_r)) {
613     $fileList[$item] = $item ;
614     $fileDate[$item] = filemtime($fsDir.$item) ;
615     $fileSize[$item] = filesize($fsDir.$item) ;
616     $fileNote[$item] = ReadNote($fsDir.$item);
617     }
618 dpavlin 1.1 } else {
619 dpavlin 1.4 if (! $gblIgnoreUnknownFileType) Error("File Type Error", "Item <tt>".$fsDir.$item."</tt> is not file, directory or link. If you want to ignore errors like this, set <tt>\$gblIgnoreUnknownFileType = 1</tt> in <tt>$realm_config</tt>.",1);
620 dpavlin 1.1 }
621     }
622     closedir($dir) ;
623    
624     // scan deleted files
625 dpavlin 1.4 if ( $HTTP_GET_VARS["show_deleted"] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
626 dpavlin 1.1 while ($item = readdir($dir)) {
627     if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") || !check_perm($relDir.$item,trperm_w) ) continue ;
628     $fileList[$item] = ".del/$item" ;
629     $fileDate[$item] = filemtime($fsDir.".del/$path") ;
630     $fileSize[$item] = filesize($fsDir.".del/$path") ;
631     $fileNote[$item] = ReadNote($fsDir.".del/$item");
632     }
633     closedir($dir) ;
634     }
635    
636     $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
637    
638     // start navigation page
639     $text = "Use this page to add, delete";
640 dpavlin 1.4 if (! isset($HTTP_GET_VARS[show_deleted])) {
641 dpavlin 1.1 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
642     }
643     $text .= " or revise files on this web site." ;
644     $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
645     StartHTML("(Navigate)",$text) ;
646    
647     echo "<TABLE BORDER=0 CELLPADDING=2
648     CELLSPACING=3 WIDTH=\"100%\">" ;
649    
650 dpavlin 1.13 // updir (parent) bar
651 dpavlin 1.1 if (chopsl($fsDir) != chopsl($fsRoot)) {
652     $parent = dirname($relDir) ;
653     if ($parent == "") $parent = "/" ;
654    
655     include("$html/Navigate-parent.html");
656     }
657    
658     function plural($name,$count) {
659     $out="$count $name";
660     if ($count > 1) {
661     $out.="s";
662     }
663     return $out;
664     }
665    
666     $dsort = $HTTP_GET_VARS[dsort];
667     if (! isset($dsort)) $dsort = "name"; // default directory sort
668    
669     $dsort_arr = array(
670     "name" => array ("rname", "note"),
671     "rname" => array ("name", "note"),
672     "note" => array ("name", "rnote"),
673     "rnote" => array ("name", "note")
674     );
675    
676     $fsort = $HTTP_GET_VARS[fsort];
677     if (! isset($fsort)) $fsort = "name"; // default directory sort
678    
679     $fsort_arr = array(
680     "name" => array ("rname", "note", "date", "size"),
681     "rname" => array ("name", "note", "date", "size"),
682     "note" => array ("name", "rnote", "date", "size"),
683     "rnote" => array ("name", "note", "date", "size"),
684     "date" => array ("name", "note", "rdate", "size"),
685     "rdate" => array ("name", "note", "date", "size"),
686     "size" => array ("name", "note", "date", "rsize"),
687     "rsize" => array ("name", "note", "date", "size")
688     );
689    
690     $D="D=".urlencode($relDir);
691    
692     function self_args($arr = array()) {
693     $arg = implode("&",$arr);
694     if ($arg) {
695     return $self."?".$arg;
696     } else {
697     return $self;
698     }
699     }
700     // output subdirs
701     if (sizeof($dirList) > 0) {
702     switch ($dsort) {
703     case "note":
704     $items = $dirNote;
705     asort($items);
706     break;
707     case "rnote":
708     $items = $dirNote;
709     arsort($items);
710     break;
711     case "rname":
712     $items = $dirList;
713     krsort($items);
714     break;
715     default:
716     $items = $dirList;
717     ksort($items);
718     break;
719     }
720     $durl = self_args(array($D,"dsort=".$dsort_arr[$dsort][0]));
721     $nurl = self_args(array($D,"dsort=".$dsort_arr[$dsort][1]));
722    
723     include("$html/Navigate-dirHeader.html");
724    
725     while (list($key,$dir) = each($items)) {
726    
727     $dir = $dirList[$key];
728    
729 dpavlin 1.2 $info_url=self_args(array("A"=>"A=E", "F"=>"F=".urlencode($dir), "D"=>$D));
730 dpavlin 1.13 $dir_url=$self."?D=".urlencode(chopsl($relDir)."/".$dir);
731 dpavlin 1.1 include("$html/Navigate-dirEntry.html");
732    
733     } // iterate over dirs
734     } // end if no dirs
735    
736     $durl = self_args(array($D,"fsort=".$fsort_arr[$fsort][0]));
737     $nurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][1]));
738     $uurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][2]));
739     $surl = self_args(array($D,"fsort=".$fsort_arr[$fsort][3]));
740    
741     include("$html/Navigate-fileHeader.html");
742    
743     if (sizeof($fileList) > 0) {
744     switch ($fsort) {
745     case "note":
746     $items = $fileNote;
747     asort($items);
748     break;
749     case "rnote":
750     $items = $fileNote;
751     arsort($items);
752     break;
753     case "date":
754     $items = $fileDate;
755     asort($items);
756     break;
757     case "rdate":
758     $items = $fileDate;
759     arsort($items);
760     break;
761     case "size":
762     $items = $fileSize;
763     asort($items);
764     break;
765     case "rsize":
766     $items = $fileSize;
767     arsort($items);
768     break;
769     case "rname":
770     $items = $fileList;
771     krsort($items);
772     break;
773     default:
774     $items = $fileList;
775     ksort($items);
776     break;
777     }
778    
779     while (list($key,$file) = each($items)) {
780     $file = $fileList[$key];
781     $path = $fsDir."/".$file ;
782     $mod = $fileDate[$key];
783     $sz = $fileSize[$key];
784    
785     if ($sz >= 10240) {
786     $sz = (int)(($sz+1023)/1024) . " k" ;
787     } else {
788     $sz .= " " ;
789     } // end size
790    
791     $a = $b = "" ;
792    
793     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
794    
795     if ( ($mod + $gblModDays*86400) > time() ) {
796     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
797     $a .= " than $gblModDays days\"> * </SPAN>" ;
798     }
799    
800     $file_lock=CheckLock($path);
801    
802 dpavlin 1.4 $file_url_html="<A HREF=\"$self?A=V&D=".urlencode($relDir)."&F=".urlencode($file);
803 dpavlin 1.1 $file_url_html.="\" TITLE=\"View file\">" ;
804    
805     if (substr($file,0,5) != ".del/") {
806     $file_url_html .= $file . "</A>" . $a ;
807     } else {
808     $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
809     }
810    
811     $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
812    
813     $ext = strtolower(strrchr($file,".")) ;
814    
815     if ($file_lock) {
816     if ($file_lock == $GLOBALS[gblUserName]) {
817 dpavlin 1.4 $b.="<A HREF=\"$self?A=Ci&D=".urlencode($relDir)."&F=".urlencode($file);
818 dpavlin 1.1 $b.="\" TITLE=\"Checkin (update) file on server\">" ;
819     $file_url_html=$b;
820     $b.=$gblIcon("checkin")."</A>" ;
821     $b.= $gblIcon("blank");
822     $file_url_html.="$file</a> $a";
823     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
824     } else {
825     $b = $gblIcon("locked");
826     $b.= $gblIcon("blank");
827     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
828     $file_url_html = "$file $a";
829     }
830     } else {
831 dpavlin 1.4 $b.="<A HREF=\"$self?A=Co&D=".urlencode($relDir)."&F=".urlencode($file);
832 dpavlin 1.1 $b.="\" TITLE=\"Checkout file for edit\">" ;
833 dpavlin 1.4 $b.=$gblIcon("checkout")."</A>";
834 dpavlin 1.1
835     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
836 dpavlin 1.4 $b.="<A HREF=\"$self?A=C&D=".urlencode($relDir)."&F=".urlencode($file);
837 dpavlin 1.1 $b.="\" TITLE=\"List contents\">" ;
838     $b.=$gblIcon("view")."</A>" ;
839     } else {
840     $b.= $gblIcon("blank");
841     }
842     }
843    
844     $mod = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod);
845    
846     include("$html/Navigate-fileEntry.html");
847    
848     } // iterate over files
849     } else { // end if no files
850     ?>
851     <TR><TD></TD><TD COLSPAN=5 CLASS=LST>
852     No files in this directory
853     </TD></TR>
854     <?
855     }
856    
857     if ($emptyDir && $relDir != "") {
858     ?>
859    
860     <FORM METHOD="POST" ACTION="<?= $self ?>">
861     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
862     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
863     OK TO DELETE THIS EMPTY FOLDER?
864     <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
865     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
866     </TD></TR>
867     </FORM>
868    
869     <?php
870     } // end if emptyDir
871     ?>
872    
873     <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
874    
875     <?
876 dpavlin 1.10
877 dpavlin 1.12 if (file_exists("$fsRealmDir/$realm".$realm_sep."info.inc")) {
878     print "<TR><TD></TD><TD COLSPAN=5>";
879     include("$fsRealmDir/$realm".$realm_sep."info.inc");
880     print "</TD></TR><TR><TD></TD><TD COLSPAN=5><HR></TD></TR>";
881     } elseif (file_exists("$gblRepositoryDir/.info.inc")) {
882 dpavlin 1.1 print "<TR><TD></TD><TD COLSPAN=5>";
883 dpavlin 1.10 include("$gblRepositoryDir/.info.inc");
884     print "</TD></TR><TR><TD></TD><TD COLSPAN=5><HR></TD></TR>";
885 dpavlin 1.1 }
886 dpavlin 1.10
887 dpavlin 1.12
888 dpavlin 1.1 ?>
889    
890     <FORM METHOD="POST" ACTION="<?= $self ?>">
891     <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
892     <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
893     <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
894     <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
895     <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
896     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
897     <INPUT TYPE="SUBMIT" VALUE="CREATE" NAME="CREATE">
898     </NOBR>
899     <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE</NOBR>
900     </TD></TR>
901     </FORM>
902     </TABLE>
903    
904     <?php
905     EndHTML() ;
906     } // end function Navigate
907    
908     //////////////////////////////////////////////////////////////////
909    
910     function UploadPage($fsRoot, $relDir, $filename="") {
911    
912 dpavlin 1.4 global $html, $HTTP_SERVER_VARS;
913    
914     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
915     include("$html/UploadPage.html");
916 dpavlin 1.1
917     } // end function UploadPage
918    
919     //////////////////////////////////////////////////////////////////
920    
921 dpavlin 1.3 // Error with sysadmin flag are reported to error_log or hidden from
922     // users
923    
924 dpavlin 1.12 function Error($title,$text="",$sysadmin=0,$no_404=0) {
925 dpavlin 1.3 global $gblSeparateAdminMessages,
926     $gblMailAdminMessages,$realm,
927     $HTTP_SERVER_VARS;
928 dpavlin 1.12 if (! headers_sent() && ! $no_404) header("HTTP/1.0 404 Not Found");
929 dpavlin 1.3 if ($sysadmin) {
930     if ($gblSeparateAdminMessages) {
931     $user="Your administrator ";
932     if ($gblMailAdminMessages) {
933     mail($HTTP_SERVER_VARS["SERVER_ADMIN"], "docman $realm error message: $title", strip_tags($text));
934     $user.="<tt>".$HTTP_SERVER_VARS["SERVER_ADMIN"]."</tt> ";
935     }
936     $user.="has been notified about error" ;
937     StartHTML("($title)",$user);
938     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
939     EndHTML();
940     error_log("docman $realm: ".strip_tags($text));
941     } else {
942     StartHTML("ADMIN: ".$title,$text) ;
943     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
944     EndHTML();
945     }
946     } else {
947     StartHTML("(".$title.")",$text) ;
948     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
949     EndHTML() ;
950     }
951 dpavlin 1.1 exit ;
952     } // end function Error
953    
954 dpavlin 1.2 function LogIt($target,$msg, $changelog=0) {
955 dpavlin 1.1
956     $dir=dirname($target);
957     if (! file_exists($dir."/.log")) {
958 dpavlin 1.3 if (! @mkdir($dir."/.log",0700)) Error("docman installation problem","can't create log directory <tt>$dir/.log</tt>",1);
959 dpavlin 1.1 }
960     $file=basename($target);
961    
962     $log=fopen("$dir/.log/$file","a+");
963     fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
964     "\t$GLOBALS[gblUserName]\t$msg\n");
965     fclose($log);
966    
967 dpavlin 1.2 if (! $changelog) return;
968    
969     global $gblFsRoot;
970     $log=fopen("$gblFsRoot/.changelog","a+");
971     if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
972     $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
973     $msg=str_replace("\t"," ",$msg);
974     fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
975     fclose($log);
976    
977     // FIX: implement e-mail notification based on $changelog
978     // permission
979 dpavlin 1.1 }
980    
981    
982     //////////////////////////////////////////////////////////////////
983    
984     function WriteNote($target,$msg) {
985    
986     $target=stripSlashes($target);
987     $dir=dirname($target);
988     if (! file_exists($dir."/.note")) {
989     mkdir($dir."/.note",0700);
990     }
991     $file=basename($target);
992    
993     $note=fopen("$dir/.note/$file","w");
994     fputs($note,"$msg\n");
995     fclose($note);
996    
997 dpavlin 1.2 LogIt($target,"added note $msg");
998 dpavlin 1.1
999     }
1000    
1001     function ReadNote($target) {
1002    
1003     $target=stripSlashes($target);
1004     $dir=dirname($target);
1005     $file=basename($target);
1006     $msg="";
1007     if (file_exists($dir."/.note/$file")) {
1008     $note=fopen("$dir/.note/$file","r");
1009     $msg=fgets($note,4096);
1010     fclose($note);
1011     }
1012     return HtmlSpecialChars(StripSlashes($msg));
1013    
1014     }
1015    
1016     //////////////////////////////////////////////////////////////////
1017    
1018     function MoveTo($source,$folder) {
1019    
1020     $source=stripSlashes($source);
1021     $file=basename($source);
1022     if (! file_exists($folder)) {
1023     mkdir($folder,0700);
1024     }
1025     if (file_exists($source)) {
1026     rename($source,"$folder/$file");
1027     }
1028     }
1029    
1030     //////////////////////////////////////////////////////////////////
1031    
1032     function Lock($target) {
1033    
1034     $target=stripSlashes($target);
1035     $dir=dirname($target);
1036     if (! file_exists($dir."/.lock")) {
1037     mkdir($dir."/.lock",0700);
1038     }
1039     $file=basename($target);
1040    
1041     if (file_exists("$dir/.lock/$file")) {
1042 dpavlin 1.2 LogIt($target,"attempt to locked allready locked file!");
1043 dpavlin 1.1 } else {
1044     $lock=fopen("$dir/.lock/$file","w");
1045     fputs($lock,"$GLOBALS[gblUserName]\n");
1046     fclose($lock);
1047    
1048 dpavlin 1.2 LogIt($target,"file locked");
1049 dpavlin 1.1 }
1050    
1051     }
1052    
1053     function CheckLock($target) {
1054    
1055     $target=stripSlashes($target);
1056     $dir=dirname($target);
1057     $file=basename($target);
1058     $msg=0;
1059     if (file_exists($dir."/.lock/$file")) {
1060     $lock=fopen("$dir/.lock/$file","r");
1061     $msg=fgets($lock,4096);
1062     fclose($lock);
1063     }
1064     return chop($msg);
1065    
1066     }
1067    
1068     function Unlock($target) {
1069    
1070     $target=stripSlashes($target);
1071     $dir=dirname($target);
1072     $file=basename($target);
1073     if (file_exists($dir."/.lock/$file")) {
1074     unlink("$dir/.lock/$file");
1075 dpavlin 1.2 LogIt($target,"file unlocked");
1076 dpavlin 1.1 } else {
1077 dpavlin 1.2 LogIt($target,"attempt to unlocked non-locked file!");
1078 dpavlin 1.1 }
1079    
1080     }
1081    
1082     //////////////////////////////////////////////////////////////////
1083    
1084     function urlpath($url) {
1085     $url=urlencode(StripSlashes("$url"));
1086     $url=str_replace("%2F","/",$url);
1087     $url=str_replace("+","%20",$url);
1088     return($url);
1089     }
1090    
1091     //////////////////////////////////////////////////////////////////
1092    
1093     function safe_rename($fromdir,$fromfile,$tofile) {
1094     function try_rename($from,$to) {
1095     # print "$from -> $to\n";
1096     if (file_exists($from) && is_writeable(dirname($to))) {
1097 dpavlin 1.8 return rename($from,$to);
1098     } else {
1099     return 0;
1100 dpavlin 1.1 }
1101     }
1102    
1103     function try_dir($todir) {
1104     if (! file_exists($todir)) {
1105 dpavlin 1.8 @mkdir($todir,0700);
1106 dpavlin 1.1 }
1107     }
1108    
1109     $to="$fromdir/$tofile";
1110     $todir=dirname($to);
1111     $tofile=basename($to);
1112    
1113     # print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n";
1114    
1115 dpavlin 1.8 if (! try_rename("$fromdir/$fromfile","$todir/$tofile")) Error("Rename error","Can't rename file <tt>$fromfile</tt> to <tt>$tofile</tt>",1);
1116 dpavlin 1.1 try_dir("$todir/.log");
1117     try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
1118     try_dir("$todir/.note");
1119     try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
1120     try_dir("$todir/.lock");
1121     try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
1122     try_dir("$todir/.bak");
1123     for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
1124     try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
1125     }
1126     }
1127    
1128    
1129     //////////////////////////////////////////////////////////////////
1130    
1131     // recursivly delete directory
1132    
1133     function rrmdir($dir) {
1134     $handle=opendir($dir);
1135     while ($file = readdir($handle)) {
1136     if ($file != "." && $file != "..") {
1137     if (is_dir("$dir/$file"))
1138     rrmdir("$dir/$file");
1139     else
1140     if (! @unlink("$dir/$file")) return(0);
1141     }
1142     }
1143     closedir($handle);
1144     return @rmdir($dir);
1145     }
1146    
1147     //////////////////////////////////////////////////////////////////
1148    
1149     function DisplayChangeLog($day) {
1150    
1151 dpavlin 1.4 global $gblFsRoot,$HTTP_SERVER_VARS;
1152    
1153 dpavlin 1.1 if (!file_exists("$gblFsRoot/.changelog")) return;
1154     $log=fopen("$gblFsRoot/.changelog","r");
1155     $logarr = array();
1156     while($line = fgetcsv($log,512,"\t")) {
1157     while (sizeof($line) > 4) {
1158     $tmp = array_pop($line);
1159     $line.=" $tmp";
1160     }
1161     if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) {
1162     array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1163     }
1164     }
1165     fclose($log);
1166     $cl1=" class=LST"; $cl2="";
1167     print "<table border=0 width=100%>\n";
1168     while ($e = array_shift($logarr)) {
1169     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1170     $date = date("$GLOBALS[gblDateFmt]", $e[0]);
1171     $time = date("$GLOBALS[gblTimeFmt]", $e[0]);
1172     $dir = dirname($e[1]);
1173     $file = basename($e[1]);
1174 dpavlin 1.4 print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$HTTP_SERVER_VARS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1175 dpavlin 1.1 }
1176     print "</table>";
1177 dpavlin 1.4 print "<p>".GifIcon(up)." Back to <a href=$HTTP_SERVER_VARS[PHP_SELF]>front page</a>.</p>";
1178 dpavlin 1.1 }
1179    
1180     //////////////////////////////////////////////////////////////////
1181    
1182 dpavlin 1.4 function Download($path,$force=0) {
1183     global $HTTP_SERVER_VARS,$mime_type;
1184    
1185     // default transfer-encoding
1186     $encoding = "binary";
1187    
1188     // known transfer encodings
1189     $encoding_ext = array(
1190     "gz" => "x-gzip",
1191     "Z" => "x-compress",
1192     );
1193    
1194     $file = basename($path);
1195 dpavlin 1.1 $size = filesize($path);
1196 dpavlin 1.4
1197     $ext_arr = explode(".",$file);
1198     $ext = array_pop($ext_arr);
1199     if ($encoding_ext[$ext]) {
1200     $encoding = $encoding_ext[$ext];
1201     $ext = array_pop($ext_arr);
1202     }
1203    
1204     if ($force || !isset($mime_type[$ext])) {
1205     header("Content-Type: application/force-download");
1206     } else {
1207     header("Content-Type: $mime_type[$ext]");
1208     }
1209    
1210 dpavlin 1.1 // IE5.5 just downloads index.php if we don't do this
1211 dpavlin 1.4 if(preg_match("/MSIE 5.5/", $HTTP_SERVER_VARS[HTTP_USER_AGENT])) {
1212 dpavlin 1.1 header("Content-Disposition: filename=$file");
1213     } else {
1214     header("Content-Disposition: attachment; filename=$file");
1215     }
1216 dpavlin 1.4
1217     header("Content-Transfer-Encoding: $encoding");
1218 dpavlin 1.1 $fh = fopen($path, "r");
1219     fpassthru($fh);
1220     }
1221    
1222    
1223     //////////////////////////////////////////////////////////////////
1224    
1225     function chopsl($path) {
1226 dpavlin 1.13 $path=str_replace("//","/",$path);
1227 dpavlin 1.1 if (substr($path,strlen($path)-1,1) == "/") $path=substr($path,0,strlen($path)-1);
1228     return $path;
1229     }
1230    
1231     //////////////////////////////////////////////////////////////////
1232     /*
1233     Document manager ACL implementation
1234    
1235     Written by Dobrica Pavlinusic <dpavlin@rot13.org>
1236    
1237     Based on ideas from Linux trustees code
1238     by Vyacheslav Zavadsky <zavadsky@braysystems.com>
1239     */
1240    
1241     define(trmask_not,1 << 0);
1242     define(trmask_clear,1 << 1);
1243     define(trmask_deny,1 << 2);
1244     define(trmask_one_level,1 << 3);
1245     define(trmask_group,1 << 4);
1246    
1247     define(trperm_r,1 << 5);
1248     define(trperm_w,1 << 6);
1249     define(trperm_b,1 << 7);
1250     define(trperm_n,1 << 8);
1251    
1252     $trustee_a2n = array(
1253     '!' => trmask_not,
1254     'C' => trmask_clear,
1255     'D' => trmask_deny,
1256     'O' => trmask_one_level,
1257     '+' => trmask_group,
1258     'R' => trperm_r,
1259     'W' => trperm_w,
1260     'B' => trperm_b,
1261     'N' => trperm_n,
1262     );
1263    
1264     // debugging function
1265     function display_trustee($t) {
1266     global $trustee_a2n;
1267     $out="";
1268     foreach ($trustee_a2n as $c=>$v) {
1269     if ($t & $v) $out.=$c;
1270     }
1271     return $out;
1272     }
1273     function display_all_trustee() {
1274     global $trustees;
1275     print "trustee dump:<br>\n";
1276     foreach ($trustees as $path => $tr) {
1277     print "<br><tt>$path</tt>\n";
1278     foreach ($tr as $user=>$perm) {
1279     print "$user == $perm (".display_trustee($perm).")<br>\n";
1280     }
1281     }
1282     }
1283    
1284     function init_trustee() {
1285    
1286     global $trustee_conf,$trustee_php,$trustee_a2n,$groups,$trustees;
1287    
1288     // do we need to re-create compiled trustees?
1289     if (! file_exists($trustee_conf)) {
1290     # $error="$trustee_conf doesn't exits";
1291     return 0; # don't use trustees
1292     } elseif (file_exists($trustee_conf) && !is_readable($trustee_conf)) {
1293     $error="<tt>$trustee_conf</tt> exits, but is not readable";
1294     } elseif (!is_writable(dirname($trustee_php))) {
1295     $error="<tt>".dirname($trustee_php)."</tt> must be writable by web server user";
1296     } elseif (file_exists($trustee_php) && !is_writable($trustee_php)) {
1297     $error="trustees cache file <tt>$trustee_php</tt> exists, but is not writable by web server";
1298     } elseif (1 || filemtime($trustee_conf) >= filemtime($trustee_php)) {
1299     $fp_php=@fopen($trustee_php,"w");
1300     fputs($fp_php,"<?php // don't edit by hand!\n");
1301    
1302     $fp_conf=fopen($trustee_conf,"r");
1303    
1304     $groups_arr = array();
1305     $perm_arr = array();
1306    
1307     $tr_arr = array();
1308    
1309     while (! feof($fp_conf)) {
1310     $l = trim(fgets($fp_conf,4096));
1311     if (substr($l,0,1) == "+") { // no comment
1312     $arr=explode(":",$l);
1313     $groups_arr[$arr[0]] = $arr[1] ;
1314     } elseif (substr($l,0,1) != "#") {
1315     $arr=explode(":",$l);
1316     $path=array_shift($arr);
1317     if ($path == "") continue;
1318     $sep2="";
1319     while ($user=array_shift($arr)) {
1320     $perm=0;
1321     if (substr($user,0,1) == "+") {
1322     $perm|=trmask_group;
1323     $user=substr($user,1,strlen($user)-1);
1324     }
1325     $perm_ascii=array_shift($arr);
1326     for ($i=0;$i<strlen($perm_ascii);$i++) {
1327     $ch=strtoupper($perm_ascii[$i]);
1328     if (isset($trustee_a2n[$ch])) {
1329     $perm|=$trustee_a2n[$ch];
1330     } else {
1331     $error.="trustee error in line '$l' [Unknown modifier '$ch']<br>\n";
1332     }
1333     }
1334     $tr_arr[$path][$user] |= $perm;
1335     }
1336     }
1337     }
1338    
1339     fclose($fp_conf);
1340    
1341     // save trustees
1342     $tr_out='$trustees = array (';
1343     $sep1="";
1344     while (list ($path, $tr) = each ($tr_arr)) {
1345     $tr_out.="$sep1\n\t'$path'=>array(";
1346     $sep2="";
1347     while (list($user,$perm)=each($tr)) {
1348     $tr_out.="$sep2\n\t\t'$user'=>$perm";
1349     $sep2=",";
1350     }
1351     $tr_out.="\n\t)";
1352     $sep1=",";
1353     }
1354     $tr_out.="\n);";
1355    
1356     // save groups
1357     $gr_out='$groups = array (';
1358     $sep="";
1359     while (list ($group, $members) = each ($groups_arr)) {
1360     $gr_out.="$sep\n\t'";
1361     $gr_out.=substr($group,1,strlen($group)-1);
1362     $gr_out.="'=>array('".join("','",explode(",",$members))."')";
1363     $sep=",";
1364     }
1365     $gr_out.="\n);\n";
1366    
1367     fputs($fp_php,$gr_out);
1368     fputs($fp_php,$tr_out);
1369     fputs($fp_php,"?>\n");
1370     fclose($fp_php);
1371     }
1372    
1373     if ($error) {
1374 dpavlin 1.3 Error("Trustee error",$error,1);
1375 dpavlin 1.1 } else {
1376     include("$trustee_php");
1377     }
1378    
1379     return 1;
1380    
1381     }//init_trustee
1382    
1383     function in_group($user,$group) {
1384 dpavlin 1.16 global $groups;
1385     return in_array($user,$groups[$group]);
1386 dpavlin 1.1 }
1387    
1388     // helper function
1389     function unroll_perm($u,$t,$user,$perm) {
1390 dpavlin 1.17
1391     // check user FIX
1392 dpavlin 1.1 if ($t & trmask_not && ($u==$user)) continue;
1393     if (!($t & trmask_not) && ($u!=$user)) continue;
1394    
1395     if ($t & trmask_deny) {
1396     if ($t & trmask_clear) {
1397     $perm[deny] &= ~$t;
1398     } else {
1399     $perm[deny] |= $t;
1400     }
1401     } elseif ($t & trmask_clear) {
1402     $perm[allow] &= ~$t;
1403     } else {
1404     $perm[allow] |= $t;
1405     }
1406     return $perm;
1407     }// end of helper function
1408    
1409     function check_trustee($user,$path) {
1410     global $trustees;
1411     $perm[allow] = 0;
1412     $perm[deny] = 0;
1413 dpavlin 1.18
1414     global $debug;
1415     $debug .= "<br>check_trustee $path ... ";
1416    
1417 dpavlin 1.1 $path_arr=explode("/",$path);
1418 dpavlin 1.18 $tmppath = "/";
1419 dpavlin 1.1 while (count($path_arr)) {
1420 dpavlin 1.18 $tmppath.=array_shift($path_arr);
1421     $debug.= ">> $tmppath ";
1422     if (substr($tmppath,strlen($tmppath)-1,1) != "/") $tmppath.="/";
1423     $tr = $trustees[$tmppath];
1424    
1425     # clear one level flag
1426     $perm[allow] &= ~trperm_one_level;
1427     $perm[deny] &= ~trperm_one_level;
1428    
1429 dpavlin 1.1 if (isset($tr)) {
1430     // first apply trustee for all
1431     if (isset($tr['*'])) {
1432     $perm = unroll_perm($user,$tr['*'],$user, $perm);
1433     unset($tr['*']);
1434     }
1435     // then apply group policies
1436 dpavlin 1.17 foreach ($tr as $g=>$t) {
1437     if ($t & trmask_group && in_group($user,$g)) {
1438 dpavlin 1.1 // resolv user
1439     $t = $t & ~trmask_group;
1440 dpavlin 1.17 $perm = unroll_perm($user,$t,$user, $perm);
1441     unset($tr[$g]);
1442 dpavlin 1.1 }
1443     }
1444 dpavlin 1.17 // then apply user policy
1445 dpavlin 1.1 if (isset($tr[$user])) {
1446     $perm = unroll_perm($user,$tr[$user],$user, $perm);
1447     unset($tr[$user]);
1448     }
1449     }
1450 dpavlin 1.18 $debug.="d:".display_trustee($perm[deny])." a:".display_trustee($perm[allow])." ";
1451 dpavlin 1.1
1452     }
1453 dpavlin 1.18 $debug.="<br>check_trustee: user: $user path: $path==$tmppath perm: ";
1454     $debug.="d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).")<Br>\n";
1455 dpavlin 1.1 return $perm;
1456     }
1457    
1458     // handy functions
1459    
1460     function check_perm($path,$trperm) {
1461     global $gblLogin,$HAVE_TRUSTEE;
1462 dpavlin 1.13
1463     global $debug;
1464     $debug.="<br>check_perm: <tt>$path</tt> test perm ".display_trustee($perm)."<br>\n";
1465 dpavlin 1.16
1466 dpavlin 1.1 $return = ! $HAVE_TRUSTEE;
1467     if ($HAVE_TRUSTEE) {
1468     $perm = check_trustee($gblLogin,$path);
1469 dpavlin 1.18 $debug.=" d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).") perm to have: $trperm (".display_trustee($trperm).")";
1470 dpavlin 1.1 if ($perm[deny] & $trperm) $return=0;
1471 dpavlin 1.18 elseif (($perm[allow] & $trperm) == $trperm) $return=1;
1472 dpavlin 1.1 }
1473 dpavlin 1.13 $debug.=" return: $return<br>\n";
1474 dpavlin 1.1 return($return);
1475     }
1476    
1477 dpavlin 1.4 //////////////////////////////////////////////////////////////////
1478    
1479     function readMime() {
1480     global $mime_type;
1481    
1482     if (! isset($gblMimeTypes)) {
1483     $gblMimeTypes = "/etc/mime.types";
1484     }
1485    
1486     $mime = @fopen($gblMimeTypes,"r");
1487    
1488     if (! $mime) Error("Can't read MIME types","<tt>$gblMimeTypes</tt> file not found. You can setup other <tt>mime.types</tt> file using <tt>\$gblMimeTypes</tt> in <tt>$realm_config</tt>");
1489    
1490     while($line = fgets($mime,80)) {
1491     if (substr($line,0,1) == "#") continue; // skip comment
1492     $arr = preg_split("/[\s\t]+/",$line);
1493     $type = array_shift($arr);
1494     while ($ext = array_shift($arr)) {
1495     $mime_type[$ext] = $type;
1496     }
1497     }
1498    
1499     fclose($mime);
1500     }
1501 dpavlin 1.1
1502     //////////////////////////////////////////////////////////////////
1503 dpavlin 1.13
1504     // check for invalid characters in filename and dirname (.. and /)
1505    
1506     function check_dirname($file) {
1507     if (strstr($file,"..")) Error("Security violation","No parent dir <tt>..</tt> allowed in directory name <tt>$file</tt>",1);
1508     }
1509    
1510     function check_filename($file) {
1511     if (strstr($file,"..")) Error("Security violation","No parent dir <tt>..</tt> allowed in file name <tt>$file</tt>",1);
1512     if (strstr($file,"/")) Error("Security violation","No slashes <tt>/</tt> allowed in file name <tt>$file</tt>",1);
1513     }
1514    
1515     //////////////////////////////////////////////////////////////////
1516 dpavlin 1.1 // MAIN PROGRAM
1517    
1518     $gblFilePerms = 0640 ; // default for new files
1519     $gblDirPerms = 0750 ; // default for new dirs
1520    
1521 dpavlin 1.11 $STYLE = $HTTP_GET_VARS[STYLE];
1522 dpavlin 1.1 if (isset($STYLE) && $STYLE == "get") {
1523     include("$html/docman.css");
1524     exit;
1525     }
1526    
1527     // location of master docman configuration file
1528     $docman_conf = "/etc/docman.conf";
1529     if (! file_exists($docman_conf)) {
1530     $error = "Can't find master configuration file $docman_conf. See docman2/doc/upgrade.html#docman_conf for more informations";
1531    
1532     error_log("docman: $error");
1533     Error("docman not installed completly",$error);
1534     }
1535     include($docman_conf);
1536    
1537     if (! isset($fsRealmDir)) {
1538     $fsRealmDir = "$gblIncDir/realm";
1539     }
1540 dpavlin 1.12
1541     // try to add dir to script name to realm var
1542     if (is_dir("$fsRealmDir/$realm/".dirname($HTTP_SERVER_VARS[SCRIPT_NAME]))) {
1543 dpavlin 1.14 $realm .= dirname($HTTP_SERVER_VARS[SCRIPT_NAME]);
1544 dpavlin 1.12 $realm_sep = "/";
1545     } else {
1546     $realm_sep = ".";
1547     }
1548    
1549     $realm_config = $fsRealmDir."/".$realm.$realm_sep."conf";
1550 dpavlin 1.1
1551     // read user-defined configuration
1552     if (file_exists($realm_config)) {
1553     include($realm_config);
1554     } else {
1555     Error("Configuration error","Can't find configuration file at <tt>$realm_config</tt> !");
1556     }
1557    
1558     if (! isset($gblRepositoryDir)) Error("Configuration error","<tt>\$gblRepositoryDir</tt> is not setuped in realm configuration file <tt>$realm_config</tt>");
1559    
1560     // where do we get users from?
1561     if (file_exists("$gblIncDir/htusers/$gblUsers.php")) {
1562     include("$gblIncDir/htusers/$gblUsers.php");
1563     } else {
1564     Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/htusers/$gblUsers.php</tt> ! Please fix <tt>$realm_config</tt>");
1565     }
1566    
1567 dpavlin 1.18 // take additional login vars
1568     $relogin = $HTTP_GET_VARS[relogin];
1569     $force_login = $HTTP_GET_VARS[force_login];
1570    
1571 dpavlin 1.1 // if no password, or empty password logout
1572     if (
1573     isset($gblLogin) && (
1574     !isset($relogin) || (
1575     isset($relogin) && $relogin != md5($gblLogin.$gblPasswd)
1576     )
1577     ) && (
1578     $gblPasswd == "" || !isset($gblPasswd)
1579     ) && !isset($force_login) && $gblLogin != "anonymous"
1580     ) {
1581     StartHTML("Logout completed","Your login credentials has been erased") ;
1582     EndHTML() ;
1583     exit ;
1584     }
1585    
1586 dpavlin 1.3 if (!is_dir($gblRepositoryDir)) Error("Repository dir not found","Can't find repository directory <tt>$gblRepositoryDir</tt>. Please fix that in <tt>$realm_config</tt> variable <tt>\$gblRepositoryDir</tt>.",1);
1587    
1588 dpavlin 1.1 // trustee (ACL) file configuration
1589 dpavlin 1.12 $trustee_conf="$fsRealmDir/$realm".$realm_sep."trustee";
1590 dpavlin 1.1 // compiled version of trustee file
1591     $trustee_php="$gblRepositoryDir/.trustee.php";
1592     // get ACL informations
1593     $HAVE_TRUSTEE = init_trustee();
1594    
1595 dpavlin 1.18 if (strtolower($gblLogin) == "anonymous" || !isset($gblLogin)) {
1596 dpavlin 1.16 $perm = check_trustee("anonymous",$path);
1597 dpavlin 1.1 // browsing must be explicitly allowed for root directory
1598     // of repository for anonymous user to work!
1599     if ($perm[allow] & trperm_b) {
1600 dpavlin 1.18 $gblLogin = $gblPasswd = "anonymous";
1601 dpavlin 1.1 $secHash = md5($gblLogin.$gblPasswd);
1602     $gblUserName = "Anonymous user";
1603     }
1604     }
1605    
1606     // authentication failure
1607     if ( md5($gblLogin.$gblPasswd) != $secHash ||
1608     isset($relogin) && $secHash == $relogin) {
1609     header("WWW-authenticate: basic realm=\"$realm\"") ;
1610     header("HTTP/1.0 401 Unauthorized") ;
1611 dpavlin 1.12 Error("401 Unauthorized","No trespassing !",0,1);
1612 dpavlin 1.1 }
1613    
1614 dpavlin 1.13
1615 dpavlin 1.4 // read mime.types
1616     readMime();
1617    
1618 dpavlin 1.13 if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST") {
1619     // take variables from server
1620     $FN=stripSlashes($HTTP_POST_VARS["FN"]);
1621     $DIR=stripSlashes($HTTP_POST_VARS["DIR"]);
1622     $RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]);
1623     $T=stripSlashes($HTTP_POST_VARS["T"]);
1624     $CONFIRM=stripSlashes($HTTP_POST_VARS["CONFIRM"]);
1625    
1626     check_filename($FN);
1627     check_dirname($DIR);
1628     check_dirname($RELPATH);
1629 dpavlin 1.1
1630 dpavlin 1.13 $relDir = $DIR;
1631     } else {
1632     // get
1633     $A=stripSlashes($HTTP_GET_VARS["A"]);
1634     $D=stripSlashes(urldecode($HTTP_GET_VARS["D"]));
1635     $F=stripSlashes($HTTP_GET_VARS["F"]);
1636 dpavlin 1.1
1637 dpavlin 1.13 check_filename($F);
1638     check_dirname($D);
1639 dpavlin 1.1
1640 dpavlin 1.13 $relDir = $D;
1641     }
1642 dpavlin 1.1
1643     $relScriptDir = dirname($SCRIPT_NAME) ;
1644     // i.e. /docman
1645    
1646     // start on server root
1647     $gblFsRoot = $gblRepositoryDir;
1648 dpavlin 1.13 // i.e. /home/httpd/repository
1649 dpavlin 1.1
1650     $fsDir = $gblFsRoot . $relDir ; // current directory
1651 dpavlin 1.16 if ( !is_dir($fsDir) ) Error("Dir not found","Can't find <tt>$relDir</tt> which points to <tt>$fsDir</tt>",1) ;
1652 dpavlin 1.18
1653     if ($relDir == "") $relDir="/";
1654 dpavlin 1.1
1655 dpavlin 1.4 if (isset($HTTP_SERVER_VARS["HTTPS"]) && $HTTP_SERVER_VARS["HTTPS"] == "on") {
1656 dpavlin 1.1 $webRoot = "https://";
1657     } else {
1658     $webRoot = "http://";
1659     }
1660 dpavlin 1.4 $webRoot .= $HTTP_SERVER_VARS["HTTP_HOST"] . $relScriptDir;
1661 dpavlin 1.1
1662 dpavlin 1.4 switch ($HTTP_POST_VARS["POSTACTION"]) {
1663 dpavlin 1.1 case "UPLOAD" :
1664 dpavlin 1.4 $FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]);
1665 dpavlin 1.7 $FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]);
1666 dpavlin 1.1 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1667 dpavlin 1.7
1668 dpavlin 1.4 $source = $FN_name ;
1669 dpavlin 1.1 if (! file_exists($source)) {
1670     Error("You must select file with browse to upload it!");
1671     }
1672 dpavlin 1.7
1673 dpavlin 1.4 $FILENAME = $HTTP_POST_VARS["FILENAME"];
1674 dpavlin 1.13 check_filename($FILENAME);
1675    
1676 dpavlin 1.1 if (! isset($FILENAME)) { // from update file
1677 dpavlin 1.9 $target = "$fsDir/".basename($FN);
1678 dpavlin 1.1 } else {
1679     $target = "$fsDir/$FILENAME";
1680     }
1681    
1682     // backup old files first
1683     $dir=dirname($target);
1684     if (! file_exists($dir."/.bak")) {
1685     mkdir($dir."/.bak",0700);
1686     }
1687     if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1688     mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1689     }
1690     $file=basename($target);
1691     for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1692     MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1693     }
1694     MoveTo($target,$dir."/.bak/1/");
1695    
1696     copy($source,$target) ;
1697     chmod($target,$gblFilePerms) ;
1698     clearstatcache() ;
1699     if (isset($FILENAME)) {
1700 dpavlin 1.2 LogIt($target,"check-in",trperm_r | trperm_w);
1701 dpavlin 1.1 Unlock($target);
1702 dpavlin 1.2 } else {
1703     LogIt($target,"uploaded",trperm_r | trperm_w);
1704 dpavlin 1.1 }
1705     break ;
1706    
1707     case "SAVE" :
1708     $path = $gblFsRoot . $RELPATH ;
1709     $path=stripSlashes($path);
1710     $writable = is_writeable($path) ;
1711     $legaldir = is_writeable(dirname($path)) ;
1712     $exists = (file_exists($path)) ? 1 : 0 ;
1713     // check for legal extension here as well
1714     if (!($writable || (!$exists && $legaldir)))
1715     Error("Write denied",$RELPATH) ;
1716     $fh = fopen($path, "w") ;
1717     $FILEDATA=stripSlashes($FILEDATA);
1718     fwrite($fh,$FILEDATA) ;
1719     fclose($fh) ;
1720     clearstatcache() ;
1721 dpavlin 1.2 LogIt($path,"saved changes",trperm_r);
1722 dpavlin 1.1 break ;
1723    
1724     case "CREATE" :
1725     // we know $fsDir exists
1726     if ($FN == "") break; // no filename!
1727     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1728     $path = $fsDir . "/" . $FN ; // file or dir to create
1729     $relPath = $relDir . "/" . $FN ;
1730     switch ( $T ) {
1731     case "D" : // create a directory
1732     if ( ! @mkdir($path,$gblDirPerms) )
1733     Error("Mkdir failed",$relPath) ; // eg. if it exists
1734 dpavlin 1.2 else
1735     LogIt($path."/","dir created",trperm_w);
1736 dpavlin 1.1 clearstatcache() ;
1737     break ;
1738     case "F" : // create a new file
1739     // this functionality is doubled in DetailView().
1740     // better keep it here altogether
1741     // chmod perms to $gblFilePerms
1742     if ( file_exists($path) && !is_writeable($path) )
1743     Error("File not writable", $relPath) ;
1744     $fh = fopen($path, "w+") ;
1745     if ($fh) {
1746     fputs($fh,"\n");
1747     fclose($fh) ;
1748 dpavlin 1.2 LogIt($path,"file created",trperm_r | trperm_w);
1749 dpavlin 1.1 } else {
1750     Error("Creation of file $relPath failed -- $path");
1751     }
1752     $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1753     header("Location: " . $tstr) ;
1754     exit ;
1755     }
1756     break ;
1757    
1758     case "DELETE" :
1759     if ( $CONFIRM != "on" ) break ;
1760    
1761     $tstr = "Attempt to delete non-existing object or " ;
1762     $tstr .= "insufficient privileges: " ;
1763    
1764     if ( $FN != "") { // delete file
1765     $path = $fsDir . "/" . $FN ;
1766    
1767     $dir=dirname($path);
1768     $file=basename($path);
1769     if (! file_exists("$dir/.del")) {
1770     mkdir("$dir/.del",0700);
1771     }
1772    
1773     // if ( ! @unlink($path) ) {
1774     if ( ! rename($path,"$dir/.del/$file") ) {
1775 dpavlin 1.4 LogIt($path,"file delete failed");
1776 dpavlin 1.1 Error("File delete failed", $tstr . $path) ;
1777     } else {
1778 dpavlin 1.2 LogIt($path,"file deleted",trperm_w);
1779 dpavlin 1.1 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1780     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1781     MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1782     }
1783 dpavlin 1.2 } else { // delete directory
1784     if ( ! @rrmdir($fsDir) ) {
1785     Error("Rmdir failed", $tstr . $fsDir) ;
1786     } else {
1787     LogIt($path,"dir deleted",trperm_w);
1788     $relDir = dirname($relDir) ; // move up
1789     }
1790 dpavlin 1.1 }
1791     break ;
1792    
1793     case "UNDELETE" :
1794     if ( $CONFIRM != "on" ) break ;
1795    
1796     if (substr($FN,0,4) != ".del") break ;
1797     $file=substr($FN,4,strlen($FN)-4);
1798    
1799 dpavlin 1.2 LogIt("$fsDir/.del/$file","undeleted",trperm_w);
1800 dpavlin 1.1 MoveTo("$fsDir/.del/$file","$fsDir/");
1801     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1802     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1803     MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1804    
1805     break ;
1806    
1807     case "RENAME" :
1808     if ( $CONFIRM != "on" ) break ;
1809    
1810 dpavlin 1.8 $NEWNAME=stripSlashes($HTTP_POST_VARS["NEWNAME"]);
1811 dpavlin 1.2 LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r);
1812 dpavlin 1.1 safe_rename($fsDir,$FN,$NEWNAME);
1813     break ;
1814    
1815     case "NOTE" :
1816 dpavlin 1.8 $NOTE=stripSlashes($HTTP_POST_VARS["NOTE"]);
1817 dpavlin 1.1 WriteNote("$fsDir/$FN","$NOTE");
1818     break ;
1819    
1820     case "UNLOCK" :
1821     if ( $CONFIRM != "on" ) break ;
1822     Unlock("$fsDir/$FN");
1823     break ;
1824    
1825     default :
1826     // user hit "CANCEL" or undefined action
1827     }
1828    
1829     // common to all POSTs : redirect to directory view ($relDir)
1830     if ( $POSTACTION != "" ) {
1831     $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1832     header("Location: " . $tstr) ;
1833     exit ;
1834     }
1835    
1836     // check for mode.. navigate, code display, upload, or detail?
1837     // $A=U : upload to path given in $D
1838     // $A=E : display detail of file $D/$F and edit
1839     // $A=C : display code in file $D/$F
1840     // $A=Co : checkout file $D/$F
1841     // $A=Ci : checkin file $D/$F
1842     // $A=V : view file (do nothing except log)
1843 dpavlin 1.14 // $A=I : include file .$F.php from [$gblIncDir|realm]/include_php
1844 dpavlin 1.1 // default : display directory $D
1845    
1846     switch ($A) {
1847     case "U" :
1848     // upload to $relDir
1849 dpavlin 1.16 if (! check_perm($relDir, trperm_w))
1850     Error("Write access denied","You don't have permission to write in <tt>$relDir</tt>");
1851 dpavlin 1.1 if (!is_writeable($gblFsRoot . $relDir))
1852 dpavlin 1.16 Error("Write access denied","User <tt>$gblLogin</tt> has permission on <tt>$relDir</tt>, but directory is not writable",1);
1853 dpavlin 1.1 $text = "Use this page to upload a single " ;
1854 dpavlin 1.4 $text .= "file to <B>$realm</B>." ;
1855 dpavlin 1.1 StartHTML("(Upload Page)", $text) ;
1856     UploadPage($gblFsRoot, $relDir) ;
1857     EndHTML() ;
1858     exit ;
1859     case "E" :
1860     // detail of $relDir/$F
1861     if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1862     exit ;
1863     case "C" :
1864     $F=stripSlashes($F);
1865     // listing of $relDir/$F
1866     DisplayCode($gblFsRoot, $relDir, $F) ;
1867     exit ;
1868     case "Co" :
1869     // checkout
1870     Lock("$gblFsRoot/$relDir/$F");
1871 dpavlin 1.5 Download("$gblFsRoot/$relDir/$F",1);
1872 dpavlin 1.1 exit;
1873     case "Ci" :
1874     $F=stripSlashes($F);
1875     // upload && update to $relDir
1876     if (!is_writeable($gblFsRoot . $relDir))
1877     Error("Write access denied",$relDir) ;
1878     $text = "Use this page to update a single " ;
1879 dpavlin 1.4 $text .= "file to <B>$realm</B>." ;
1880 dpavlin 1.1 StartHTML("(Update file Page)", $text) ;
1881     UploadPage($gblFsRoot, $relDir, $F) ;
1882     EndHTML() ;
1883     exit ;
1884     case "V" :
1885     // view
1886     LogIt("$gblFsRoot/$relDir/$F","viewed");
1887 dpavlin 1.5 Download("$gblFsRoot/$relDir/$F",$gblForceDownload);
1888 dpavlin 1.1 exit;
1889     case "Ch" :
1890     StartHTML("(File changes)","All changes chronologicaly...");
1891     DisplayChangeLog(0); // all
1892     EndHTML() ;
1893     exit;
1894     case "Ch1" :
1895     StartHTML("(File changes)","Changes to files in last day...");
1896     DisplayChangeLog(1);
1897     EndHTML() ;
1898     exit;
1899     case "I" :
1900 dpavlin 1.14 if (! isset($F) || $F == "")
1901     Error("Can't find file to include","Your request didn't specify file to include which should be in variable <tt>F</tt> like <tt>$HTTP_SERVER_VARS[REQUEST_URI]<b>&F=include_php_file</b></tt>",1);
1902 dpavlin 1.15 $inc_file="$fsRealmDir/$realm".$realm_sep.$F.".php";
1903     if (! file_exists($inc_file)) {
1904     Error("Can't find file to include","Can't find include file <tt>$F.php</tt> in <tt>$fsRealmDir/$realm/</tt>. Meybe you should copy <tt>$gblIncDir/include_php/$F.php</tt> to <tt>$inc_file<tt> ?",1);
1905 dpavlin 1.14 }
1906 dpavlin 1.1 if (!is_readable($inc_file))
1907 dpavlin 1.15 Error("Read access to include file denied","Can't read PHP include file <tt>$inc_file</tt>. Fix permissions on it.",1);
1908 dpavlin 1.1 $text = "Your include file should define \$text variable which holds this text and \$title variable which is page title";
1909     $title = "You should define \$title variable with page title";
1910     include($inc_file);
1911     StartHTML($title, $text) ;
1912 dpavlin 1.4 print "<p>".GifIcon(up)." Back to <a href=$HTTP_SERVER_VARS[PHP_SELF]>front page</a>.</p>";
1913 dpavlin 1.1 EndHTML() ;
1914     exit ;
1915     }
1916    
1917     // default: display directory $relDir
1918     Navigate($gblFsRoot,$relDir) ;
1919     exit ;
1920    
1921 dpavlin 1.3 Error("Whooah!","By cartesian logic, this never happens",1) ;
1922 dpavlin 1.1 ?>

  ViewVC Help
Powered by ViewVC 1.1.26