/[docman2]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.45 - (hide annotations)
Sat Apr 10 18:43:38 2004 UTC (19 years, 11 months ago) by dpavlin
Branch: MAIN
Changes since 1.44: +1 -1 lines
fix for editing files where backslashes got inserted into content as
reported by Christian Müller

1 dpavlin 1.37 <?php
2    
3     /*
4     * Document Manager ][
5     *
6     * Dobrica Pavlinusic <dpavlin@rot13.org>
7     *
8     * License: GPL2
9     *
10     * Document Manager 1.x was based on
11     * Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com
12     * PHP version Copyright 2000 by Stefan@Wiesendanger.org
13     *
14     * For more info, please see web pages at
15     * http://www.rot13.org/~dpavlin/docman.html
16     *
17     */
18    
19    
20     //////////////////////////////////////////////////////////////////
21     // CONFIGURATION OPTIONS
22    
23     error_reporting(E_ALL) ; // how verbose ?
24    
25 dpavlin 1.40 // try to do some guessing about configuration
26     $script = $HTTP_SERVER_VARS["SCRIPT_FILENAME"];
27     if (is_link($script)) $script=readlink($script);
28     $gblIncDir = dirname($script);
29     $html = $gblIncDir."/html";
30    
31     // location of master docman configuration file
32     $docman_conf = "/etc/docman.conf";
33     if (! file_exists($docman_conf)) {
34     $error = "Can't find master configuration file <tt>$docman_conf</tt>. See <tt>docman2/doc/upgrade.html#docman_conf</tt> for more informations";
35    
36     error_log("docman: $error");
37     Error("docman not installed completly",$error);
38     }
39     include($docman_conf);
40    
41     if (! isset($gblIncDir)) {
42     $error = "Can't findi <tt>\$gblIncDir</tt> in master configuration file <tt>$docman_conf</tt>. This variable should point to docman installation directory";
43    
44     error_log("docman: $error");
45     Error("docman not installed completly",$error);
46     }
47    
48     // location of html files
49     $html = $gblIncDir."/html";
50 dpavlin 1.37
51     // force download on view (so it won't open in associated application)
52     $gblForceDownload = 0;
53    
54     // date format
55     $gblDateFmt="Y-m-d";
56     // $gblDateFmt="D, F d, Y";
57    
58     // time format
59     $gblTimeFmt="H:i:s";
60     // $gblTimeFmt="g:i:sA";
61    
62     // Number of backup files to keep
63     $gblNumBackups=3;
64    
65     // show red star if newer than ... days
66     $gblModDays=1;
67    
68     // choose GifIcon below unless you have the M$
69     // WingDings font installed on your system
70    
71     $gblIcon="GifIcon"; // MockIcon or GifIcon
72    
73     // the directory below should be /icons/ or /icons/small/
74     // on Apache; a set of icons is included in the distribution
75    
76     $gblIconLocation="/icons/";
77    
78     // files you want to be able to edit in text mode
79     // and view with (primitive) syntax highlighting
80    
81     $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
82     ".cfm",".php3",".php",".phtml",
83     ".shtml",".css" ) ;
84    
85     // files that will display as images on the detail page
86     // (useless if your browser doesn't support them)
87    
88     $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
89     ".bmp",".xbm") ;
90    
91     // which files to hide (separated by ,)
92     $gblHide = "";
93    
94     // Where are users? (by default in .htusers file)
95     $gblUsers = "file";
96    
97     //////////////////////////////////////////////////////////////////
98    
99     $gblTitle = "Document Manager";
100 dpavlin 1.39 $gblVersion = "2.0-pre4";
101 dpavlin 1.37
102     $secHash = "";
103    
104     // load language
105     if (isset($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"])) {
106     LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]);
107     }
108    
109     // does gettext locale function exits?
110     if (! function_exists("_")) {
111     function _($str) { return $str; }
112     }
113    
114     // for security and configuration
115     $realm=$HTTP_SERVER_VARS["HTTP_HOST"];
116    
117     // globals for later
118     $gblLogin = HTTP_SERVER_VAR("PHP_AUTH_USER");
119     $gblPasswd = HTTP_SERVER_VAR("PHP_AUTH_PW");
120    
121     //////////////////////////////////////////////////////////////////
122    
123     function LoadLanguage($lang) {
124    
125     global $gblIncDir,$html;
126    
127     if (file_exists($gblIncDir."/lang/$lang.php")) {
128     include($gblIncDir."/lang/$lang.php");
129     $html .= "-$lang";
130 dpavlin 1.41 } elseif (file_exists($gblIncDir."/lang/default.php")) {
131 dpavlin 1.37 include($gblIncDir."/lang/default.php");
132     }
133     }
134    
135     function StartHTML($title,$text="") {
136    
137 dpavlin 1.40 global $html,$gblIncDir,$gblTitle,$HTTP_SERVER_VARS;
138 dpavlin 1.37
139     $host = $HTTP_SERVER_VARS["HTTP_HOST"] ;
140     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
141    
142 dpavlin 1.40 if (file_exists("$gblIncDir/docman.css")) {
143 dpavlin 1.39 $css = "";
144     $d = dirname($self);
145     if ($d != "/") $css = $d;
146     $css .= "/docman.css";
147 dpavlin 1.37 } else {
148     $css=$self."?STYLE=get";
149     }
150     include("$html/head.html");
151     }
152    
153     //////////////////////////////////////////////////////////////////
154    
155     function EndHTML() {
156    
157     global $gblDateFmt, $gblTimeFmt, $gblUserName, $PHP_SELF,
158     $secHash, $gblVersion, $html,
159     $gblLogin,$gblPasswd;
160    
161     $url = $PHP_SELF."?relogin=";
162     if (isset($secHash) && $secHash != "") {
163     $url .= $secHash;
164     } else {
165     $url .= md5($gblLogin.$gblPasswd);
166     }
167     if ( ( (isset($gblLogin) && $gblLogin != "") ||
168     (!isset($gblLogin) || $gblLogin == "")
169     ) && ($gblPasswd == "" || !isset($gblPasswd))) {
170     $url_title="login";
171     $url .= "&force_login=1";
172     } else {
173     $url_title="relogin";
174     }
175     include("$html/footer.html");
176    
177     # global $debug;
178     # if ($debug) print $debug;
179     } // end function EndHTML
180    
181     //////////////////////////////////////////////////////////////////
182    
183     function DetailPage($fsRoot,$relDir,$fn) {
184    
185     global $gblEditable, $gblImages,
186     $gblDateFmt, $gblTimeFmt,
187     $gblPermNote,
188     $webRoot, $html,
189     $HTTP_SERVER_VARS ;
190     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
191    
192     $relPath = $relDir . "/" . $fn ;
193     $fsPath = $fsRoot . $relPath ;
194     $fsDir = $fsRoot . $relDir ;
195    
196     $exists = file_exists($fsPath) ;
197     $ext = strtolower(strrchr($relPath,".")) ;
198     $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) &&
199     check_perm($relPath,trperm_w);
200     $writable = is_writeable($fsPath) && check_perm($relPath,trperm_w) ;
201     $writable_dir = is_writeable($fsDir) && check_perm($relDir,trperm_w) ;
202     $file_lock = CheckLock($fsPath);
203    
204     if (!$editable && !$exists)
205     Error("Creation denied","Can't create <tt>$relPath</tt>") ;
206     if (!$exists && !$writable_dir )
207     Error("Creation denied","Can't write in directory <tt>$relDir</tt> while creating <tt>$relPath</tt>for which user has permissions.",1);
208    
209     $text = _("Use this page to view, modify or ") ;
210     if (is_dir($fsPath)) {
211     $text .=_("delete a directory on this ") ;
212     } else {
213     $text .= _("delete a single document on this ") ;
214     };
215     $text .= _("web site.") ;
216     $title = "("._("Detail Page").")" ;
217     StartHTML($title, $text) ;
218    
219     print "<H3>".$relDir.$fn."</H3>";
220    
221     if ($exists) { // get file info
222     $fsize = filesize($fsPath) ;
223     $fmodified = date("$gblDateFmt $gblTimeFmt", filemtime($fsPath)) ;
224     $faccessed = date("$gblDateFmt $gblTimeFmt", fileatime($fsPath)) ;
225     $fuid=fileowner($fsPath);
226     $fgid=filegroup($fsPath);
227     $userinfo = posix_getpwuid($fuid);
228     $grpinfo = posix_getgrgid($fgid);
229    
230     include("$html/DetailPage-file.html");
231     }
232    
233     if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) {
234     $fh = fopen($fsPath,"a+") ;
235     rewind($fh) ;
236     $fstr = fread($fh,filesize($fsPath)) ;
237     fclose($fh) ;
238     $fstr = htmlentities( $fstr ) ;
239    
240     include("$html/DetailPage-edit.html");
241     }
242     if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
243     $info = getimagesize($fsPath) ;
244     $tstr = "<IMG SRC=\"$self?A=V&D=".urlpath(dirname($relPath))."&F=".urlpath(basename($relPath))."\" BORDER=0 " ;
245     $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
246     $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
247     // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
248     echo $tstr ;
249     }
250    
251    
252     print '<FORM ACTION="'.$self.'" METHOD="POST">
253     <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="'.$relDir.'">
254     <INPUT TYPE="HIDDEN" NAME="FN" VALUE="'.$fn.'">
255     <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
256     ';
257    
258     if ($file_lock && check_perm($relDir.$fn,trperm_w)) {
259     include("$html/DetailPage-unlock.html");
260     } // file_lock
261    
262     if (substr($fn,0,4) == ".del") {
263     $action="UNDELETE";
264     $desc="undelete previously deleted file";
265     } else {
266     $action="DELETE";
267     $desc="delete";
268     }
269    
270     if ($exists && $writable) {
271     include("$html/DetailPage-undelete.html");
272     include("$html/DetailPage-rename.html");
273    
274     }
275    
276     if (check_perm($relDir.$fn,$gblPermNote)) {
277     include("$html/DetailPage-note.html");
278     }
279    
280     print "</FORM>";
281    
282     $name=basename("$fsDir/$fn");
283     $logname=dirname("$fsDir/$fn")."/.log/$name";
284     $bakdir=dirname("$fsDir/$fn")."/.bak";
285     if (file_exists($logname)) {
286     $log=fopen($logname,"r");
287     $cl1=" class=LST"; $cl2="";
288     $logarr = array();
289     while($line = fgetcsv($log,512,"\t")) {
290     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
291     array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
292     }
293     fclose($log);
294     if (is_dir("$fsDir/$fn")) {
295     $whatis="DIRECTORY";
296     } else {
297     $whatis="FILE";
298     }
299     print "<hr><br><b>CHANGES TO THIS $whatis</b><br><table border=0 width=100%>\n";
300     $bakcount = 0; // start from 0, skip fist backup (it's current)
301     while ($e = array_shift($logarr)) {
302 dpavlin 1.43 if (stristr($e[4],"upload") || stristr($e[4],"check-in")) {
303     print "-- $e[4] -- $bakdir/$bakcount/$name --<br>\n";
304 dpavlin 1.37 if (file_exists("$bakdir/$bakcount/$name")) {
305 dpavlin 1.42 $e[4]="<a href=\"$self?A=V&D=".urlencode($relDir).urlencode(".bak/$bakcount/")."&F=".$name."\">$e[4]</a>";
306 dpavlin 1.37 }
307     $bakcount++;
308     }
309     print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
310     }
311     print "</table>";
312     }
313    
314     EndHTML() ;
315    
316     } // end function DetailPage
317    
318     //////////////////////////////////////////////////////////////////
319    
320     function DisplayCode($fsRoot,$relDir,$fn) {
321    
322     $path = $fsRoot . $relDir . "/" . $fn ;
323    
324     if (!file_exists($path)) Error("File not found",$path) ;
325    
326     StartHTML("(".$relDir."/".$fn.")","");
327    
328     $tstr = join("",file($path)) ;
329     $tstr = htmlentities($tstr) ;
330    
331     // Tabs
332     $tstr = str_replace(chr(9)," ",$tstr) ;
333    
334     // ASP tags & XML/PHP tags
335     $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
336     $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
337     $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
338     $tstr = str_replace("%&gt;",$aspend,$tstr) ;
339    
340     $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
341     $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
342     $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
343     $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
344    
345     // C style comment
346     $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
347     $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
348    
349     // HTML comments
350     $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
351     $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
352    
353     echo "<PRE>" ;
354    
355     $tstr = split("\n",$tstr) ;
356     for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
357     // add line numbers
358     echo "<BR><EM>" ;
359     echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
360     $line = $tstr[$i] ;
361     // C++ style comments
362     $pos = strpos($line,"//") ;
363     // exceptions: two slashes aren't a script comment
364     if (strstr($line,"//") &&
365     ! ($pos>0 && substr($line,$pos-1,1)==":") &&
366     ! (substr($line,$pos,8) == "//--&gt;") &&
367     ! (substr($line,$pos,9) == "// --&gt;")) {
368     $beg = substr($line,0,strpos($line,"//")) ;
369     $end = strstr($line,"//") ;
370     $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
371     }
372     // shell & asp style comments
373     $first = substr(ltrim($line),0,1) ;
374     if ($first == "#" || $first == "'") {
375     $line = "<SPAN CLASS=REM>".$line."</SPAN>";
376     }
377     print($line) ;
378     } // next i
379    
380     echo "</PRE>" ;
381    
382     EndHTML() ;
383    
384     } // end function DisplayCode
385    
386     //////////////////////////////////////////////////////////////////
387    
388     function MockIcon($txt) {
389     $tstr = "<SPAN CLASS=MCK>" ;
390    
391     switch (strtolower($txt)) {
392     case ".bmp" :
393     case ".gif" :
394     case ".jpg" :
395     case ".jpeg":
396     case ".tif" :
397     case ".tiff":
398     $d = 176 ;
399     break ;
400     case ".doc" :
401     $d = 50 ;
402     break ;
403     case ".exe" :
404     case ".bat" :
405     $d = 255 ;
406     break ;
407     case ".bas" :
408     case ".c" :
409     case ".cc" :
410     case ".src" :
411     $d = 255 ;
412     break ;
413     case "file" :
414     $d = 51 ;
415     break ;
416     case "fldr" :
417     $d = 48 ;
418     break ;
419     case ".htm" :
420     case ".html":
421     case ".asa" :
422     case ".asp" :
423     case ".cfm" :
424     case ".php3":
425     case ".php" :
426     case ".phtml" :
427     case ".shtml" :
428     $d = 182 ;
429     break ;
430     case ".pdf" :
431     $d = 38 ;
432     break;
433     case ".txt" :
434     case ".ini" :
435     $d = 52 ;
436     break ;
437     case ".xls" :
438     $d = 252 ;
439     break ;
440     case ".zip" :
441     case ".arc" :
442     case ".sit" :
443     case ".tar" :
444     case ".gz" :
445     case ".tgz" :
446     case ".Z" :
447     $d = 59 ;
448     break ;
449     case "view" :
450     $d = 52 ;
451     break ;
452     case "up" :
453     $d = 199 ;
454     break ;
455     case "blank" :
456     return "&nbsp;&nbsp;</SPAN>" ;
457     break ;
458     default :
459     $d = 51 ;
460     }
461    
462     return $tstr . chr($d) . "</SPAN>" ;
463     } // end function MockIcon
464    
465     //////////////////////////////////////////////////////////////////
466    
467     function GifIcon($txt = "") {
468     global $gblIconLocation, $gblImages ;
469    
470     switch (strtolower($txt)) {
471     case ".doc" :
472     $d = "layout.gif" ;
473     break ;
474     case ".exe" :
475     case ".bat" :
476     $d = "screw2.gif" ;
477     break ;
478     case ".bas" :
479     case ".c" :
480     case ".cc" :
481     case ".src" :
482     $d = "c.gif" ;
483     break ;
484     case "file" :
485     $d = "generic.gif" ;
486     break ;
487     case "fldr" :
488     $d = "dir.gif" ;
489     break ;
490     case ".phps" :
491     $d = "phps.gif" ;
492     break ;
493     case ".php3" :
494     $d = "php3.gif" ;
495     break ;
496     case ".htm" :
497     case ".html":
498     case ".asa" :
499     case ".asp" :
500     case ".cfm" :
501     case ".php3":
502     case ".php" :
503     case ".phtml" :
504     case ".shtml" :
505     $d = "world1.gif" ;
506     break ;
507     case ".pdf" :
508     $d = "pdf.gif" ;
509     break;
510     case ".txt" :
511     case ".ini" :
512     $d = "text.gif" ;
513     break ;
514     case ".xls" :
515     $d = "box2.gif" ;
516     break ;
517     case ".zip" :
518     case ".arc" :
519     case ".sit" :
520     case ".tar" :
521     case ".gz" :
522     case ".tgz" :
523     case ".Z" :
524     $d = "compressed.gif" ;
525     break ;
526     case "view" :
527     $d = "index.gif" ;
528     break ;
529     case "up" :
530     $d = "back.gif" ;
531     break ;
532     case "blank" :
533     $d = "blank.gif" ;
534     break ;
535     case "checkout":
536     $d = "box2.gif";
537     break;
538     case "checkin":
539     $d = "hand.up.gif";
540     break;
541     case "locked":
542     $d = "screw2.gif";
543     break;
544     case "note":
545     $d = "quill.gif";
546     break;
547     default :
548     if (in_array(strtolower($txt),$gblImages)) {
549     $d = "image2.gif" ;
550     } else {
551     $d = "generic.gif" ;
552     }
553     }
554    
555    
556     return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
557     } // end function GifIcon
558    
559     //////////////////////////////////////////////////////////////////
560    
561     function Navigate($fsRoot,$relDir) {
562    
563     global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide,
564     $gblIgnoreUnknownFileType, $gblRepositoryDir,
565     $gblLogin, $gblUserName, $gblDateFmt, $gblTimeFmt,
566     $gblPermNote,
567     $fsRealmDir, $realm, $realm_sep,
568     $html, $realm_config,
569     $HTTP_GET_VARS, $HTTP_SERVER_VARS;
570    
571     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
572    
573     $relDir = chopsl($relDir)."/";
574     $fsDir = $fsRoot.$relDir; // current directory
575    
576     if (!is_dir($fsDir)) Error("Dir not found","Directory <tt>$relDir<tt> not found on filesystem at <tt>$fsDir</tt>",1) ;
577    
578     global $debug;
579     $debug .= "[$gblLogin|$relDir] before >";
580    
581     if (! check_perm($relDir,trperm_b))
582     Error("Access denied","User <tt>$gblLogin</tt> tried to access <tt>$relDir</tt> without valid trustee.",1);
583     $debug .= "< afeter";
584    
585     $hide_items=",$gblHide,";
586    
587     $dirList = array();
588     $fileList = array();
589    
590     // read directory contents
591     if ( !($dir = @opendir($fsDir)) )
592     Error("Read Access denied",$relDir,1) ;
593     while ($item = readdir($dir)) {
594     if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
595     if (is_dir($fsDir.$item) || is_link ($fsDir.$item)) {
596     if (check_perm($relDir.$item,trperm_b)) {
597     $dirList[$item] = $item ;
598     $dirNote[$item] = ReadNote($fsDir.$item);
599     }
600     } else if (is_file($fsDir.$item)) {
601     if (check_perm($relDir.$item,trperm_r)) {
602     $fileList[$item] = $item ;
603     $fileDate[$item] = filemtime($fsDir.$item) ;
604     $fileSize[$item] = filesize($fsDir.$item) ;
605     $fileNote[$item] = ReadNote($fsDir.$item);
606     }
607     } else {
608     if (! $gblIgnoreUnknownFileType) Error("File Type Error", "Item <tt>".$fsDir.$item."</tt> is not file, directory or link. If you want to ignore errors like this, set <tt>\$gblIgnoreUnknownFileType = 1</tt> in <tt>$realm_config</tt>.",1);
609     }
610     }
611     closedir($dir) ;
612    
613     // scan deleted files
614     if ( HTTP_GET_VAR("show_deleted") == 1 && ($dir = @opendir("$fsDir/.del")) ) {
615     while ($item = readdir($dir)) {
616     if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") || !check_perm($relDir.$item,trperm_w) ) continue ;
617     if (is_file($fsDir.".del/$item")) {
618     $fileList[$item] = ".del/$item" ;
619     $fileDate[$item] = filemtime($fsDir.".del/$item") ;
620     $fileSize[$item] = filesize($fsDir.".del/$item") ;
621     $fileNote[$item] = ReadNote($fsDir.".del/$item");
622     } else {
623     $dirList[$item] = ".del/$item" ;
624     $dirNote[$item] = ReadNote($fsDir.".del/$item");
625     }
626     }
627     closedir($dir) ;
628     }
629    
630     $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
631    
632     // start navigation page
633     $text = "Use this page to add, delete";
634     if (! isset($HTTP_GET_VARS["show_deleted"])) {
635     $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
636     }
637     $text .= " or revise files on this web site." ;
638     $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
639     StartHTML("(Navigate)",$text) ;
640    
641     print "<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=3 WIDTH=\"100%\">" ;
642    
643     // updir (parent) bar
644     if (chopsl($fsDir) != chopsl($fsRoot)) {
645     $parent = dirname($relDir) ;
646     if ($parent == "") $parent = "/" ;
647    
648     include("$html/Navigate-parent.html");
649     }
650    
651     function plural($name,$count) {
652     $out="$count $name";
653     if ($count > 1) {
654     $out.="s";
655     }
656     return $out;
657     }
658    
659     $dsort = HTTP_GET_VAR("dsort");
660     if (! isset($dsort)) $dsort = "name"; // default directory sort
661    
662     $dsort_arr = array(
663     "name" => array ("rname", "note"),
664     "rname" => array ("name", "note"),
665     "note" => array ("name", "rnote"),
666     "rnote" => array ("name", "note")
667     );
668    
669     $fsort = HTTP_GET_VAR("fsort");
670     if (! isset($fsort)) $fsort = "name"; // default directory sort
671    
672     $fsort_arr = array(
673     "name" => array ("rname", "note", "date", "size"),
674     "rname" => array ("name", "note", "date", "size"),
675     "note" => array ("name", "rnote", "date", "size"),
676     "rnote" => array ("name", "note", "date", "size"),
677     "date" => array ("name", "note", "rdate", "size"),
678     "rdate" => array ("name", "note", "date", "size"),
679     "size" => array ("name", "note", "date", "rsize"),
680     "rsize" => array ("name", "note", "date", "size")
681     );
682    
683     $D="D=".urlencode($relDir);
684    
685     function self_args($arr = array()) {
686     global $self;
687     $arg = implode("&",$arr);
688     if ($arg) {
689     return $self."?".$arg;
690     } else {
691     return $self;
692     }
693     }
694     // output subdirs
695     if (sizeof($dirList) > 0) {
696     switch ($dsort) {
697     case "note":
698     $items = $dirNote;
699     asort($items);
700     break;
701     case "rnote":
702     $items = $dirNote;
703     arsort($items);
704     break;
705     case "rname":
706     $items = $dirList;
707     krsort($items);
708     break;
709     default:
710     $items = $dirList;
711     ksort($items);
712     break;
713     }
714     $durl = self_args(array($D,"dsort=".$dsort_arr[$dsort][0]));
715     $nurl = self_args(array($D,"dsort=".$dsort_arr[$dsort][1]));
716    
717     include("$html/Navigate-dirHeader.html");
718    
719     while (list($key,$dir) = each($items)) {
720    
721     $dir = $dirList[$key];
722    
723     $info_url=self_args(array("A"=>"A=E", "F"=>"F=".urlencode($dir), "D"=>$D));
724     if (substr($dir,0,5) == ".del/") {
725     $dir = substr($dir,5,strlen($dir)-5);
726     $deleted = " <a href=\"$info_url#undelete\"><SPAN CLASS=deleted TITLE=\"deleted\">deleted</span></a>";
727     } else {
728     $deleted = "";
729     }
730    
731     $dir_url=$self."?D=".urlencode(chopsl($relDir)."/".$dir);
732     if (check_perm($relDir.$dir,$gblPermNote)) {
733     $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".$dirNote[$key];
734     } else {
735     $note_html=$dirNote[$key];
736     }
737    
738     $dir_html = isBlank($dir,"directory");
739    
740     include("$html/Navigate-dirEntry.html");
741    
742     } // iterate over dirs
743     } // end if no dirs
744    
745     $durl = self_args(array($D,"fsort=".$fsort_arr[$fsort][0]));
746     $nurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][1]));
747     $uurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][2]));
748     $surl = self_args(array($D,"fsort=".$fsort_arr[$fsort][3]));
749    
750     $html_uri = $webRoot;
751    
752     if (substr($relDir,0,1) == "/") {
753     $html_uri .= substr($relDir,1,strlen($relDir)-1);
754     } else {
755     $html_uri .= $relDir;
756     }
757    
758     include("$html/Navigate-fileHeader.html");
759    
760     if (sizeof($fileList) > 0) {
761     switch ($fsort) {
762     case "note":
763     $items = $fileNote;
764     asort($items);
765     break;
766     case "rnote":
767     $items = $fileNote;
768     arsort($items);
769     break;
770     case "date":
771     $items = $fileDate;
772     asort($items);
773     break;
774     case "rdate":
775     $items = $fileDate;
776     arsort($items);
777     break;
778     case "size":
779     $items = $fileSize;
780     asort($items);
781     break;
782     case "rsize":
783     $items = $fileSize;
784     arsort($items);
785     break;
786     case "rname":
787     $items = $fileList;
788     krsort($items);
789     break;
790     default:
791     $items = $fileList;
792     ksort($items);
793     break;
794     }
795    
796     while (list($key,$file) = each($items)) {
797     $file = $fileList[$key];
798     $path = $fsDir."/".$file ;
799     $mod = $fileDate[$key];
800     $sz = $fileSize[$key];
801    
802     if ($sz >= 10240) {
803     $sz = (int)(($sz+1023)/1024) . " k" ;
804     } else {
805     $sz .= " " ;
806     } // end size
807    
808     $a = $b = "" ;
809    
810     $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
811    
812     if ( ($mod + $gblModDays*86400) > time() ) {
813     $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
814     $a .= " than $gblModDays days\"> * </SPAN>" ;
815     }
816    
817     $file_lock=CheckLock($path);
818    
819     $file_url_html="<A HREF=\"$self?A=V&D=".urlencode($relDir)."&F=".urlencode($file);
820     $file_url_html.="\" TITLE=\"View file\">" ;
821    
822     if (substr($file,0,5) != ".del/") {
823     $file_url_html .= isBlank($file) . "</A>" . $a ;
824     } else {
825     $file_url_html .= isBlank(substr($file,5,strlen($file)-5)) . "</a> <a href=\"$info_url#undelete\"><SPAN CLASS=deleted TITLE=\"deleted\">deleted</span></a>";
826     }
827    
828     if (check_perm($relDir.$file,$gblPermNote)) {
829     $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".$fileNote[$key];
830     } else {
831     $note_html=$fileNote[$key];
832     }
833    
834     $ext = strtolower(strrchr($file,".")) ;
835    
836     if ($file_lock) {
837     if ($file_lock == $gblUserName) {
838     $b.="<A HREF=\"$self?A=Ci&D=".urlencode($relDir)."&F=".urlencode($file);
839     $b.="\" TITLE=\"Checkin (update) file on server\">" ;
840     $file_url_html=$b;
841     $b.=$gblIcon("checkin")."</A>" ;
842     $b.= $gblIcon("blank");
843     $file_url_html.="$file</a> $a";
844     $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
845     } else {
846     $b = $gblIcon("locked");
847     $b.= $gblIcon("blank");
848     $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
849     $file_url_html = "$file $a";
850     }
851     } else {
852     if (check_perm($relDir.$file,trperm_w)) {
853     $b.="<A HREF=\"$self?A=Co&D=".urlencode($relDir)."&F=".urlencode($file);
854 dpavlin 1.44 $b.="\" TITLE=\"Checkout file for edit\" onClick=\"window.setTimeout('window.location.reload()',3000); return true;\">" ;
855 dpavlin 1.37 $b.=$gblIcon("checkout")."</A>";
856     }
857    
858     if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
859     $b.="<A HREF=\"$self?A=C&D=".urlencode($relDir)."&F=".urlencode($file);
860     $b.="\" TITLE=\"List contents\">" ;
861     $b.=$gblIcon("view")."</A>" ;
862     } else {
863     $b.= $gblIcon("blank");
864     }
865     }
866    
867     $mod = date("$gblDateFmt $gblTimeFmt",$mod);
868    
869     include("$html/Navigate-fileEntry.html");
870    
871     } // iterate over files
872     } else { // end if no files
873     include("$html/Navigate-noFiles.html");
874     }
875    
876     if ($emptyDir && $relDir != "") {
877     include("$html/Navigate-emptyDir.html");
878     } // end if emptyDir
879    
880     include("$html/Navigate-hr.html");
881    
882     if (file_exists("$fsRealmDir/$realm".$realm_sep."info.inc")) {
883     print "<TR><TD></TD><TD COLSPAN=5>";
884     include("$fsRealmDir/$realm".$realm_sep."info.inc");
885     print "</TD></TR>";
886     include("$html/Navigate-hr.html");
887     } elseif (file_exists("$gblRepositoryDir/.info.inc")) {
888     print "<TR><TD></TD><TD COLSPAN=5>";
889     include("$gblRepositoryDir/.info.inc");
890     print "</TD></TR>";
891     include("$html/Navigate-hr.html");
892     }
893    
894     include("$html/Navigate-createNew.html");
895    
896     print "</TABLE>";
897    
898     EndHTML() ;
899     } // end function Navigate
900    
901     //////////////////////////////////////////////////////////////////
902    
903     function UploadPage($fsRoot, $relDir, $filename="") {
904    
905     global $html, $HTTP_SERVER_VARS;
906    
907     $self = $HTTP_SERVER_VARS["PHP_SELF"] ;
908     include("$html/UploadPage.html");
909    
910     } // end function UploadPage
911    
912     //////////////////////////////////////////////////////////////////
913    
914     // Error with sysadmin flag are reported to error_log or hidden from
915     // users
916    
917     function Error($title,$text="",$sysadmin=0,$no_404=0) {
918     global $gblSeparateAdminMessages,
919     $gblMailAdminMessages,$realm,
920     $HTTP_SERVER_VARS;
921     if (! headers_sent() && ! $no_404) header("HTTP/1.0 404 Not Found");
922     if ($sysadmin) {
923     if ($gblSeparateAdminMessages) {
924     $user="Your administrator ";
925     if ($gblMailAdminMessages) {
926     mail($HTTP_SERVER_VARS["SERVER_ADMIN"], "docman $realm error message: $title", strip_tags($text));
927     $user.="<tt>".$HTTP_SERVER_VARS["SERVER_ADMIN"]."</tt> ";
928     }
929     $user.="has been notified about error" ;
930     StartHTML("($title)",$user);
931     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
932     EndHTML();
933     error_log("docman $realm: ".strip_tags($text));
934     } else {
935     StartHTML("ADMIN: ".$title,$text) ;
936     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
937     EndHTML();
938     }
939     } else {
940     StartHTML("(".$title.")",$text) ;
941     echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
942     EndHTML() ;
943     }
944     exit ;
945     } // end function Error
946    
947     function LogIt($target,$msg, $changelog=0) {
948    
949     global $gblDateFmt, $gblTimeFmt, $gblUserName, $gblFsRoot;
950    
951     $dir=dirname($target);
952     if (! file_exists($dir."/.log")) {
953     if (! @mkdir($dir."/.log",0700)) Error("docman installation problem","can't create log directory <tt>$dir/.log</tt>",1);
954     }
955     $file=basename($target);
956    
957     $log=fopen("$dir/.log/$file","a+");
958     fputs($log,date("$gblDateFmt\t$gblTimeFmt").
959     "\t$gblUserName\t$msg\n");
960     fclose($log);
961    
962     if (! $changelog) return;
963    
964     $log=fopen("$gblFsRoot/.changelog","a+");
965     if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
966     $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
967     $msg=str_replace("\t"," ",$msg);
968     fputs($log,time()."\t$target\t$gblUserName\t$msg\n");
969     fclose($log);
970    
971     // FIX: implement e-mail notification based on $changelog
972     // permission
973     }
974    
975    
976     //////////////////////////////////////////////////////////////////
977    
978     function WriteNote($target,$msg) {
979    
980     $target=stripSlashes($target);
981     $dir=dirname($target);
982     if (! file_exists($dir."/.note")) {
983     mkdir($dir."/.note",0700);
984     }
985     $file=basename($target);
986    
987     $note=fopen("$dir/.note/$file","w");
988     if (! $note) {
989     Error("Error writing note","Can't open note file <tt>$dir/.note/$file</tt> for writing",1);
990     }
991     fputs($note,"$msg\n");
992     fclose($note);
993    
994     LogIt($target,"added note $msg");
995    
996     }
997    
998     function ReadNote($target) {
999    
1000     $target=stripSlashes($target);
1001     $dir=dirname($target);
1002     $file=basename($target);
1003     $msg="";
1004     if (file_exists($dir."/.note/$file")) {
1005     $note=fopen("$dir/.note/$file","r");
1006     $msg=fgets($note,4096);
1007     fclose($note);
1008     }
1009     return HtmlSpecialChars(StripSlashes($msg));
1010    
1011     }
1012    
1013     //////////////////////////////////////////////////////////////////
1014    
1015     function MoveTo($source,$folder) {
1016    
1017     $source=stripSlashes($source);
1018     $file=basename($source);
1019     if (! file_exists($folder)) {
1020     mkdir($folder,0700);
1021     }
1022     if (file_exists($source)) {
1023     rename($source,"$folder/$file");
1024     }
1025     }
1026    
1027     //////////////////////////////////////////////////////////////////
1028    
1029     function Lock($target) {
1030    
1031     global $gblUserName;
1032    
1033     $target=stripSlashes($target);
1034     $dir=dirname($target);
1035     if (! file_exists($dir."/.lock")) {
1036     mkdir($dir."/.lock",0700);
1037     }
1038     $file=basename($target);
1039    
1040     if (file_exists("$dir/.lock/$file")) {
1041     LogIt($target,"attempt to locked allready locked file!");
1042     } else {
1043     $lock=fopen("$dir/.lock/$file","w");
1044     fputs($lock,"$gblUserName\n");
1045     fclose($lock);
1046    
1047     LogIt($target,"file locked");
1048     }
1049    
1050     }
1051    
1052     function CheckLock($target) {
1053    
1054     $target=stripSlashes($target);
1055     $dir=dirname($target);
1056     $file=basename($target);
1057     $msg=0;
1058     if (file_exists($dir."/.lock/$file")) {
1059     $lock=fopen("$dir/.lock/$file","r");
1060     $msg=fgets($lock,4096);
1061     fclose($lock);
1062     }
1063     return chop($msg);
1064    
1065     }
1066    
1067     function Unlock($target) {
1068    
1069     $target=stripSlashes($target);
1070     $dir=dirname($target);
1071     $file=basename($target);
1072     if (file_exists($dir."/.lock/$file")) {
1073     unlink("$dir/.lock/$file");
1074     LogIt($target,"file unlocked");
1075     } else {
1076     LogIt($target,"attempt to unlocked non-locked file!");
1077     }
1078    
1079     }
1080    
1081     //////////////////////////////////////////////////////////////////
1082    
1083     function urlpath($url) {
1084     $url=urlencode(StripSlashes("$url"));
1085     $url=str_replace("%2F","/",$url);
1086     $url=str_replace("+","%20",$url);
1087     return($url);
1088     }
1089    
1090     //////////////////////////////////////////////////////////////////
1091    
1092     function safe_rename($fromdir,$fromfile,$tofile) {
1093    
1094     global $gblNumBackups;
1095    
1096     function try_rename($from,$to) {
1097     # print "$from -> $to\n";
1098     if (file_exists($from) && is_writeable(dirname($to))) {
1099     return rename($from,$to);
1100     } else {
1101     return 0;
1102     }
1103     }
1104    
1105     function try_dir($todir) {
1106     if (! file_exists($todir)) {
1107     @mkdir($todir,0700);
1108     }
1109     }
1110    
1111     $to="$fromdir/$tofile";
1112     $todir=dirname($to);
1113     $tofile=basename($to);
1114    
1115     # print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n";
1116    
1117     if (! try_rename("$fromdir/$fromfile","$todir/$tofile")) Error("Rename error","Can't rename file <tt>$fromfile</tt> to <tt>$tofile</tt>",1);
1118     try_dir("$todir/.log");
1119     try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
1120     try_dir("$todir/.note");
1121     try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
1122     try_dir("$todir/.lock");
1123     try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
1124     try_dir("$todir/.bak");
1125     for($i=0;$i<=$gblNumBackups;$i++) {
1126     try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
1127     }
1128     }
1129    
1130    
1131     //////////////////////////////////////////////////////////////////
1132    
1133     // recursivly delete directory
1134    
1135     function rrmdir($dir) {
1136     $handle=opendir($dir);
1137     while ($file = readdir($handle)) {
1138     if ($file != "." && $file != "..") {
1139     if (is_dir("$dir/$file"))
1140     rrmdir("$dir/$file");
1141     else
1142     if (! @unlink("$dir/$file")) return(0);
1143     }
1144     }
1145     closedir($handle);
1146     return @rmdir($dir);
1147     }
1148    
1149     //////////////////////////////////////////////////////////////////
1150    
1151     function DisplayChangeLog($day) {
1152    
1153     global $gblFsRoot, $gblDateFmt, $gblTimeFmt,
1154     $HTTP_SERVER_VARS;
1155    
1156     $self = $HTTP_SERVER_VARS["PHP_SELF"];
1157    
1158     if (!file_exists("$gblFsRoot/.changelog")) return;
1159     $log=fopen("$gblFsRoot/.changelog","r");
1160     $logarr = array();
1161     while($line = fgetcsv($log,512,"\t")) {
1162     while (sizeof($line) > 4) {
1163     $tmp = array_pop($line);
1164     $line.=" $tmp";
1165     }
1166     if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) {
1167     array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1168     }
1169     }
1170     fclose($log);
1171     $cl1=" class=LST"; $cl2="";
1172     print "<table border=0 width=100%>\n";
1173     while ($e = array_shift($logarr)) {
1174     $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1175     $date = date($gblDateFmt, $e[0]);
1176     $time = date($gblTimeFmt, $e[0]);
1177     $dir = dirname($e[1]);
1178     $file = basename($e[1]);
1179     print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$HTTP_SERVER_VARS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1180     }
1181     print "</table>";
1182     print "<p>".GifIcon("up")." Back to <a href=\"$self\">front page</a>.</p>";
1183     }
1184    
1185     //////////////////////////////////////////////////////////////////
1186    
1187     function Download($path,$force=0) {
1188     global $HTTP_SERVER_VARS,$mime_type;
1189    
1190     // default transfer-encoding
1191     $encoding = "binary";
1192    
1193     // known transfer encodings
1194     $encoding_ext = array(
1195     "gz" => "x-gzip",
1196     "Z" => "x-compress",
1197     );
1198    
1199     $file = basename($path);
1200     $size = filesize($path);
1201    
1202     $ext_arr = explode(".",$file);
1203     $ext = array_pop($ext_arr);
1204     if (isset($encoding_ext[$ext])) {
1205     $encoding = $encoding_ext[$ext];
1206     $ext = array_pop($ext_arr);
1207     }
1208    
1209     if ($force || !isset($mime_type[$ext])) {
1210     header("Content-Type: application/force-download");
1211     } else {
1212     header("Content-Type: $mime_type[$ext]");
1213     }
1214    
1215     // IE5.5 just downloads index.php if we don't do this
1216     if(preg_match("/MSIE 5.5/", $HTTP_SERVER_VARS["HTTP_USER_AGENT"])) {
1217     header("Content-Disposition: filename=$file");
1218     } else {
1219     header("Content-Disposition: attachment; filename=$file");
1220     }
1221    
1222     header("Content-Transfer-Encoding: $encoding");
1223     $fh = fopen($path, "r");
1224     fpassthru($fh);
1225     }
1226    
1227    
1228     //////////////////////////////////////////////////////////////////
1229    
1230     function chopsl($path) {
1231     $path=str_replace("//","/",$path);
1232     if (substr($path,strlen($path)-1,1) == "/") $path=substr($path,0,strlen($path)-1);
1233     return $path;
1234     }
1235    
1236     //////////////////////////////////////////////////////////////////
1237     /*
1238     Document manager ACL implementation
1239    
1240     Written by Dobrica Pavlinusic <dpavlin@rot13.org>
1241    
1242     Based on ideas from Linux trustees code
1243     by Vyacheslav Zavadsky <zavadsky@braysystems.com>
1244     */
1245    
1246     define('trmask_not',1 << 0);
1247     define('trmask_clear',1 << 1);
1248     define('trmask_deny',1 << 2);
1249     define('trmask_one_level',1 << 3);
1250     define('trmask_group',1 << 4);
1251    
1252     define('trperm_r',1 << 5);
1253     define('trperm_w',1 << 6);
1254     define('trperm_b',1 << 7);
1255     define('trperm_n',1 << 8);
1256    
1257     $trustee_a2n = array(
1258     '!' => trmask_not,
1259     'C' => trmask_clear,
1260     'D' => trmask_deny,
1261     'O' => trmask_one_level,
1262     '+' => trmask_group,
1263     'R' => trperm_r,
1264     'W' => trperm_w,
1265     'B' => trperm_b,
1266     'N' => trperm_n,
1267     );
1268    
1269     // debugging function
1270     function display_trustee($t) {
1271     global $trustee_a2n;
1272     $out="";
1273     foreach ($trustee_a2n as $c=>$v) {
1274     if ($t & $v) $out.=$c;
1275     }
1276     return $out;
1277     }
1278     function display_all_trustee() {
1279     global $trustees;
1280     print "trustee dump:<br>\n";
1281     foreach ($trustees as $path => $tr) {
1282     print "<br><tt>$path</tt>\n";
1283     foreach ($tr as $user=>$perm) {
1284     print "$user == $perm (".display_trustee($perm).")<br>\n";
1285     }
1286     }
1287     }
1288    
1289     function init_trustee() {
1290    
1291     global $trustee_conf,$trustee_php,$trustee_a2n,$groups,$trustees;
1292    
1293     // do we need to re-create compiled trustees?
1294     if (! file_exists($trustee_conf)) {
1295     # $error="$trustee_conf doesn't exits";
1296     return 0; # don't use trustees
1297     } elseif (file_exists($trustee_conf) && !is_readable($trustee_conf)) {
1298     $error="<tt>$trustee_conf</tt> exits, but is not readable";
1299     } elseif (!is_writable(dirname($trustee_php))) {
1300     $error="<tt>".dirname($trustee_php)."</tt> must be writable by web server user";
1301     } elseif (file_exists($trustee_php) && !is_writable($trustee_php)) {
1302     $error="trustees cache file <tt>$trustee_php</tt> exists, but is not writable by web server";
1303     } elseif (@filemtime($trustee_conf) >= @filemtime($trustee_php)) {
1304     $fp_php=@fopen($trustee_php,"w");
1305     fputs($fp_php,"<?php // don't edit by hand!\n");
1306    
1307     $fp_conf=fopen($trustee_conf,"r");
1308    
1309     $groups_arr = array();
1310     $perm_arr = array();
1311    
1312     $tr_arr = array();
1313    
1314     while (! feof($fp_conf)) {
1315     $l = trim(fgets($fp_conf,4096));
1316     if (substr($l,0,1) == "+") { // no comment
1317     $arr=explode(":",$l);
1318     $groups_arr[$arr[0]] = str_replace(" ","",$arr[1]) ;
1319     } elseif (substr($l,0,1) != "#") {
1320     $arr=explode(":",$l);
1321     $path=array_shift($arr);
1322     if ($path == "") continue;
1323     $sep2="";
1324     while ($user=array_shift($arr)) {
1325     $perm=0;
1326     if (substr($user,0,1) == "+") {
1327     $perm|=trmask_group;
1328     $user=substr($user,1,strlen($user)-1);
1329     }
1330     $perm_ascii=array_shift($arr);
1331     for ($i=0;$i<strlen($perm_ascii);$i++) {
1332     $ch=strtoupper($perm_ascii[$i]);
1333     if (isset($trustee_a2n[$ch])) {
1334     $perm|=$trustee_a2n[$ch];
1335     } else {
1336     $error.="trustee error in line '$l' [Unknown modifier '$ch']<br>\n";
1337     }
1338     }
1339     if (isset($tr_arr[$path][$user])) {
1340     $tr_arr[$path][$user] |= $perm;
1341     } else {
1342     $tr_arr[$path][$user] = $perm;
1343     }
1344     }
1345     }
1346     }
1347    
1348     fclose($fp_conf);
1349    
1350     // save trustees
1351     $tr_out='$trustees = array (';
1352     $sep1="";
1353     while (list ($path, $tr) = each ($tr_arr)) {
1354     $tr_out.="$sep1\n\t'$path'=>array(";
1355     $sep2="";
1356     while (list($user,$perm)=each($tr)) {
1357     $tr_out.="$sep2\n\t\t'$user'=>$perm";
1358     $sep2=",";
1359     }
1360     $tr_out.="\n\t)";
1361     $sep1=",";
1362     }
1363     $tr_out.="\n);";
1364    
1365     // save groups
1366     $gr_out='$groups = array (';
1367     $sep="";
1368     while (list ($group, $members) = each ($groups_arr)) {
1369     $gr_out.="$sep\n\t'";
1370     $gr_out.=substr($group,1,strlen($group)-1);
1371     $gr_out.="'=>array('".join("','",explode(",",$members))."')";
1372     $sep=",";
1373     }
1374     $gr_out.="\n);\n";
1375    
1376     fputs($fp_php,$gr_out);
1377     fputs($fp_php,$tr_out);
1378     fputs($fp_php,"?>\n");
1379     fclose($fp_php);
1380     }
1381    
1382     if (isset($error)) {
1383     Error("Trustee error",$error,1);
1384     } else {
1385     include_once("$trustee_php");
1386     }
1387    
1388     return 1;
1389    
1390     }//init_trustee
1391    
1392     function in_group($user,$group) {
1393     global $groups;
1394     return in_array($user,$groups[$group]);
1395     }
1396    
1397     // helper function
1398     function unroll_perm($u,$t,$perm,$one_level) {
1399    
1400     if ($t & trmask_one_level && !$one_level) return $perm;
1401    
1402     if ($t & trmask_deny) {
1403     if ($t & trmask_clear) {
1404     $perm['deny'] &= ~$t;
1405     } else {
1406     $perm['deny'] |= $t;
1407     }
1408     } elseif ($t & trmask_clear) {
1409     $perm['allow'] &= ~$t;
1410     } else {
1411     $perm['allow'] |= $t;
1412     }
1413     return $perm;
1414     }// end of helper function
1415    
1416     function check_trustee($user,$path) {
1417     global $trustees,$HAVE_TRUSTEE;
1418     $perm['allow'] = 0;
1419     $perm['deny'] = 0;
1420    
1421     // do we use trustees?
1422     if (! $HAVE_TRUSTEE) return $perm;
1423    
1424     if (! isset($trustees)) Error("Trustees not found","Can't find in-memory trustee structure <tt>\$trustees</tt>. Probably bug in code. Contact <tt>dpavlin@rot13.org</tt>",1);
1425    
1426     global $debug;
1427     $debug .= "<br>check_trustee $path ... ";
1428    
1429     $path_arr=explode("/",$path);
1430     $tmppath="";
1431     while (count($path_arr)) {
1432     $p = array_shift($path_arr);
1433     $debug.= "[$p] ";
1434     # add trailing slash
1435     if (substr($tmppath,strlen($tmppath)-1,1) != "/") {
1436     $tmppath.="/";
1437     }
1438     # append currnet dir to tmppath
1439     if (isset($p)) {
1440     $tmppath.=$p;
1441     }
1442     $debug.= ">> $tmppath ";
1443    
1444     if (! isset($trustees[$tmppath])) continue;
1445     $tr = $trustees[$tmppath];
1446    
1447     $one_level = (!count($path_arr));
1448     $debug.=" O($one_level) ";
1449    
1450     if (isset($tr)) {
1451     // first apply trustee for all
1452     if (isset($tr['*']) && $user!="anonymous") {
1453     $perm = unroll_perm($user,$tr['*'],$perm, $one_level);
1454     unset($tr['*']);
1455     }
1456     // then apply not and group policies
1457     foreach ($tr as $g=>$t) {
1458     if ($t & trmask_not && $g != $user) {
1459     $t = $t & ~trmask_not;
1460     $perm = unroll_perm($user,$t,$perm, $one_level);
1461     unset($tr[$g]);
1462    
1463     } elseif ($t & trmask_group && in_group($user,$g)) {
1464     // resolv user
1465     $t = $t & ~trmask_group;
1466     $perm = unroll_perm($user,$t,$perm, $one_level);
1467     unset($tr[$g]);
1468     }
1469     }
1470     // then apply user policy
1471     if (isset($tr[$user])) {
1472     $perm = unroll_perm($user,$tr[$user],$perm,$one_level);
1473     unset($tr[$user]);
1474     }
1475     }
1476     $debug.="d(".display_trustee($perm['deny']).") a(".display_trustee($perm['allow']).") ";
1477    
1478     }
1479     $debug.="<br>check_trustee: user: $user path: $path==$tmppath perm: ";
1480     $debug.="d: ".$perm['deny']." (".display_trustee($perm['deny']).") a: ".$perm['allow']." (".display_trustee($perm['allow']).")<Br>\n";
1481     return $perm;
1482     }
1483    
1484     // handy functions
1485    
1486     function check_perm($path,$trperm) {
1487     global $gblLogin,$HAVE_TRUSTEE;
1488    
1489     $path = str_replace("//","/",$path);
1490    
1491     global $debug;
1492     $debug.="<br>check_perm: on <tt>$path</tt> for perm ".display_trustee($trperm)."<br>\n";
1493    
1494     $return = ! $HAVE_TRUSTEE;
1495     if ($HAVE_TRUSTEE) {
1496     $perm = check_trustee($gblLogin,$path);
1497     $debug.=" d: ".$perm['deny']." (".display_trustee($perm['deny']).") a: ".$perm['allow']." (".display_trustee($perm['allow']).") perm to have: $trperm (".display_trustee($trperm).")";
1498     if ($perm['deny'] & $trperm) $return=0;
1499     elseif (($perm['allow'] & $trperm) == $trperm) $return=1;
1500     }
1501     $debug.=" return: $return<br>\n";
1502     return($return);
1503     }
1504    
1505     //////////////////////////////////////////////////////////////////
1506    
1507     function readMime() {
1508     global $mime_type, $gblMimeTypes;
1509    
1510     if (! isset($gblMimeTypes)) {
1511     $gblMimeTypes = "/etc/mime.types";
1512     }
1513    
1514     $mime = @fopen($gblMimeTypes,"r");
1515    
1516     if (! $mime) Error("Can't read MIME types","<tt>$gblMimeTypes</tt> file not found. You can setup other <tt>mime.types</tt> file using <tt>\$gblMimeTypes</tt> in <tt>$realm_config</tt>");
1517    
1518     while($line = fgets($mime,80)) {
1519     if (substr($line,0,1) == "#") continue; // skip comment
1520     $arr = preg_split("/[\s\t]+/",$line);
1521     $type = array_shift($arr);
1522     while ($ext = array_shift($arr)) {
1523     $mime_type[$ext] = $type;
1524     }
1525     }
1526    
1527     fclose($mime);
1528     }
1529    
1530     //////////////////////////////////////////////////////////////////
1531    
1532     // check for invalid characters in filename and dirname (.. and /)
1533    
1534     function check_dirname($file) {
1535     if (strstr($file,"..")) Error("Security violation","No parent dir <tt>..</tt> allowed in directory name <tt>$file</tt>",1);
1536     }
1537    
1538     function check_filename($file) {
1539     if (strstr($file,"..")) Error("Security violation","No parent dir <tt>..</tt> allowed in file name <tt>$file</tt>",1);
1540     // remove deleted directory (for undelete to work)
1541     $file = str_replace(".del/","",$file);
1542     if (strstr($file,"/")) Error("Security violation","No slashes <tt>/</tt> allowed in file name <tt>$file</tt>",1);
1543     }
1544    
1545     // bla/blo/../foo will return bla/foo
1546     function remove_parent($path) {
1547     while (preg_match(",/[^/]+/\.\./,",$path)) {
1548     $path = preg_replace(",/[^/]+/\.\./,","",$path);
1549     }
1550     if (substr($path,0,1) != "/") $path = "/".$path;
1551     return $path;
1552     }
1553    
1554     //////////////////////////////////////////////////////////////////
1555    
1556     // functions to move HTTP server variables to global namespace
1557     // [replacement for register_globals in php.ini]
1558    
1559     function HTTP_GET_VAR($var) {
1560     global $HTTP_GET_VARS, ${$var};
1561     if (isset($HTTP_GET_VARS[$var])) {
1562     $$var = stripSlashes($HTTP_GET_VARS[$var]);
1563     return $$var;
1564     }
1565     }
1566    
1567     function HTTP_POST_VAR($var) {
1568     global $HTTP_POST_VARS, ${$var};
1569     if (isset($HTTP_POST_VARS[$var])) {
1570     $$var = $HTTP_POST_VARS[$var];
1571     return $$var;
1572     }
1573     }
1574    
1575     function HTTP_SERVER_VAR($var) {
1576     global $HTTP_SERVER_VARS, ${$var};
1577     if (isset($HTTP_SERVER_VARS[$var])) {
1578     $$var = $HTTP_SERVER_VARS[$var];
1579     return $$var;
1580     }
1581     }
1582    
1583     //////////////////////////////////////////////////////////////////
1584    
1585     function Warn($text) {
1586     }
1587    
1588     //////////////////////////////////////////////////////////////////
1589    
1590     function isBlank($file,$what = "filename") {
1591     if (trim($file) == "") return "<i>whitespace $what</i>";
1592     if ($file == "") return "<i>no $what</i>";
1593     return $file;
1594     }
1595    
1596     //////////////////////////////////////////////////////////////////
1597     // MAIN PROGRAM
1598    
1599     $gblFilePerms = 0640 ; // default for new files
1600     $gblDirPerms = 0750 ; // default for new dirs
1601    
1602     if (isset($HTTP_GET_VARS["STYLE"]) && $HTTP_GET_VARS["STYLE"] == "get") {
1603 dpavlin 1.43 if (! headers_sent()) {
1604     Header("Content-type: text/css");
1605     }
1606 dpavlin 1.37 include("$html/docman.css");
1607     exit;
1608     }
1609 dpavlin 1.39
1610     // set fsRealmDir
1611 dpavlin 1.37 if (! isset($fsRealmDir)) {
1612     $fsRealmDir = "$gblIncDir/realm";
1613     }
1614    
1615     // try to add dir to script name to realm var
1616     if (is_dir("$fsRealmDir/$realm/".dirname($HTTP_SERVER_VARS["SCRIPT_NAME"]))) {
1617     $realm .= dirname($HTTP_SERVER_VARS["SCRIPT_NAME"]);
1618     $realm_sep = "/";
1619     } else {
1620     $realm_sep = ".";
1621     }
1622    
1623     $realm_config = $fsRealmDir."/".$realm.$realm_sep."conf";
1624    
1625     // read user-defined configuration
1626     if (file_exists($realm_config)) {
1627     include($realm_config);
1628     } else {
1629     Error("Configuration error","Can't find configuration file at <tt>$realm_config</tt> !");
1630     }
1631    
1632     if (! isset($gblRepositoryDir)) Error("Configuration error","<tt>\$gblRepositoryDir</tt> is not setuped in realm configuration file <tt>$realm_config</tt>");
1633    
1634     // where do we get users from?
1635     if (file_exists("$gblIncDir/htusers/$gblUsers.php")) {
1636     include("$gblIncDir/htusers/$gblUsers.php");
1637     } else {
1638     Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/htusers/$gblUsers.php</tt> ! Please fix <tt>$realm_config</tt>");
1639     }
1640    
1641     // take additional login vars
1642     HTTP_GET_VAR("relogin");
1643     HTTP_GET_VAR("force_login");
1644    
1645     // if no password, or empty password logout
1646     if (
1647     isset($gblLogin) && (
1648     !isset($relogin) || (
1649     isset($relogin) && $relogin != md5($gblLogin.$gblPasswd)
1650     )
1651     ) && (
1652     $gblPasswd == "" || !isset($gblPasswd)
1653     ) && !isset($force_login) && $gblLogin != "anonymous"
1654     ) {
1655     StartHTML("Logout completed","Your login credentials has been erased") ;
1656     EndHTML() ;
1657     exit ;
1658     }
1659    
1660     if (!is_dir($gblRepositoryDir)) Error("Repository dir not found","Can't find repository directory <tt>$gblRepositoryDir</tt>. Please fix that in <tt>$realm_config</tt> variable <tt>\$gblRepositoryDir</tt>.",1);
1661    
1662     // trustee (ACL) file configuration
1663     $trustee_conf="$fsRealmDir/$realm".$realm_sep."trustee";
1664     // compiled version of trustee file
1665     $trustee_php="$gblRepositoryDir/.trustee.php";
1666     // get ACL informations
1667     $HAVE_TRUSTEE = init_trustee();
1668    
1669     if (strtolower($gblLogin) == "anonymous" || !isset($gblLogin)) {
1670     $perm = check_trustee("anonymous","/");
1671     // browsing must be explicitly allowed for root directory
1672     // of repository for anonymous user to work!
1673     if ($perm['allow'] & trperm_b) {
1674     $gblLogin = $gblPasswd = "anonymous";
1675     $secHash = md5($gblLogin.$gblPasswd);
1676     $gblUserName = "Anonymous user";
1677     }
1678     }
1679    
1680     // authentication failure
1681     if ( md5($gblLogin.$gblPasswd) != $secHash ||
1682     isset($relogin) && $secHash == $relogin) {
1683     header("WWW-authenticate: basic realm=\"$realm\"") ;
1684     header("HTTP/1.0 401 Unauthorized") ;
1685     Error("401 Unauthorized","No trespassing !",0,1);
1686     }
1687    
1688    
1689     // read mime.types
1690     readMime();
1691    
1692     if (! isset($gblPermNote)) {
1693     $gblPermNote = trperm_r;
1694     }
1695    
1696     HTTP_POST_VAR("FN");
1697    
1698     if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST") {
1699     // take variables from server
1700     if (HTTP_POST_VAR("FN"))
1701     check_filename($FN);
1702     if (HTTP_POST_VAR("DIR")) {
1703     check_dirname($DIR);
1704     $relDir = $DIR;
1705     } else {
1706     trigger_error("Can't get DIR",E_USER_WARNING);
1707     $relDir = "/";
1708     }
1709     if (HTTP_POST_VAR("RELPATH")) check_dirname($RELPATH);
1710     HTTP_POST_VAR("T");
1711     HTTP_POST_VAR("CONFIRM");
1712     } else {
1713     // get
1714     HTTP_GET_VAR("A");
1715     if (HTTP_GET_VAR("D")) {
1716     check_dirname($D);
1717     $D=urldecode($D);
1718     $relDir = $D;
1719     } else {
1720     //trigger_error("Can't get D",E_USER_WARNING);
1721     $relDir = "/";
1722     }
1723     if (HTTP_GET_VAR("F")) check_filename($F);
1724     }
1725    
1726     $relScriptDir = dirname($HTTP_SERVER_VARS["SCRIPT_NAME"]) ;
1727     // i.e. /docman
1728    
1729     // start on server root
1730     $gblFsRoot = $gblRepositoryDir;
1731     // i.e. /home/httpd/repository
1732    
1733     $fsDir = $gblFsRoot . $relDir ; // current directory
1734     if ( !is_dir($fsDir) ) Error("Dir not found","Can't find <tt>$relDir</tt> which points to <tt>$fsDir</tt>",1) ;
1735    
1736     if ($relDir == "") $relDir="/";
1737    
1738     if (isset($HTTP_SERVER_VARS["HTTPS"]) && $HTTP_SERVER_VARS["HTTPS"] == "on") {
1739     $webRoot = "https://";
1740     } else {
1741     $webRoot = "http://";
1742     }
1743     $webRoot .= $HTTP_SERVER_VARS["HTTP_HOST"] . $relScriptDir;
1744    
1745     if (HTTP_POST_VAR("POSTACTION")) switch ($POSTACTION) {
1746     case "UPLOAD" :
1747     $FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]);
1748     $FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]);
1749     if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1750    
1751     $source = $FN_name ;
1752     if (! file_exists($source)) {
1753     Error("You must select file with browse to upload it!","If file is too big, you might need to modify php configuration options <tt>post_max_size</tt> and <tt>upload_max_filesize</tt>",1);
1754     }
1755    
1756     if (HTTP_POST_VAR("FILENAME")) check_filename($FILENAME);
1757    
1758     if (! isset($FILENAME)) { // from update file
1759     $target = "$fsDir/".basename($FN);
1760     } else {
1761     $target = "$fsDir/$FILENAME";
1762     }
1763    
1764     if (! check_perm("$relDir/".basename($target), trperm_w))
1765     Error("Access denied","User <tt>$gblLogin</tt> tried to upload <tt>$relDir/".basename($target)."</tt> without valid trustee.",1);
1766    
1767     // backup old files first
1768     $dir=dirname($target);
1769     if (! file_exists($dir."/.bak")) {
1770     mkdir($dir."/.bak",0700);
1771     }
1772     if (! file_exists($dir."/.bak/$gblNumBackups")) {
1773     mkdir($dir."/.bak/$gblNumBackups",0700);
1774     }
1775     $file=basename($target);
1776     for($i=$gblNumBackups-1;$i>0;$i--) {
1777     MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1778     }
1779     MoveTo($target,$dir."/.bak/1/");
1780    
1781     copy($source,$target) ;
1782     chmod($target,$gblFilePerms) ;
1783     clearstatcache() ;
1784     if (isset($FILENAME)) {
1785     LogIt($target,"check-in",trperm_r | trperm_w);
1786     Unlock($target);
1787     } else {
1788     LogIt($target,"uploaded",trperm_r | trperm_w);
1789     }
1790     break ;
1791    
1792     case "SAVE" :
1793     $path = $gblFsRoot . $RELPATH ;
1794     $path=stripSlashes($path);
1795    
1796     if (! check_perm("$RELPATH", trperm_w))
1797     Error("Access denied","User <tt>$gblLogin</tt> tried to save <tt>$RELPATH</tt> without valid trustee.",1);
1798    
1799     $writable = is_writeable($path) ;
1800     $legaldir = is_writeable(dirname($path)) ;
1801     $exists = (file_exists($path)) ? 1 : 0 ;
1802     // FIX: more verbose error message
1803     if (!($writable || (!$exists && $legaldir)))
1804     Error("Write denied",$RELPATH) ;
1805     $fh = fopen($path, "w") ;
1806     HTTP_POST_VAR("FILEDATA");
1807 dpavlin 1.45 fwrite($fh,stripSlashes($FILEDATA)) ;
1808 dpavlin 1.37 fclose($fh) ;
1809     clearstatcache() ;
1810     LogIt($path,"saved changes",trperm_r);
1811     break ;
1812    
1813     case "CREATE" :
1814     // we know $fsDir exists
1815     if (! check_perm($relDir, trperm_w))
1816     Error("Write access denied","You don't have permission to write in <tt>$relDir</tt>");
1817     if ($T == "D") $type = "directory";
1818     else $type ="file";
1819     if ($FN == "") Error("Can't create $type","You must enter name of $type to create it.");
1820     if (!is_writeable($fsDir)) Error("Write denied","User <tt>$gblLogin</tt> has trustee to write in <tt>$relDir</tt> but permissions on <tt>$fsDir</tt> are wrong!", 1) ;
1821     $path = "$fsDir/$FN"; // file or dir to create
1822     $relPath = "$relDir/$FN";
1823    
1824     if (file_exists($path))
1825     Error("Can't create $type","Object <tt>$relPath</tt> allready exists");
1826    
1827     switch ( $T ) {
1828     case "D" : // create a directory
1829     if ( ! @mkdir($path,$gblDirPerms) )
1830     Error("Mkdir failed",$relPath) ; // eg. if it exists
1831     else
1832     LogIt($path."/","dir created",trperm_w);
1833     clearstatcache() ;
1834     break ;
1835     case "F" : // create a new file
1836     // this functionality is doubled in DetailView().
1837     // better keep it here altogether
1838     // chmod perms to $gblFilePerms
1839     if ( file_exists($path) && !is_writeable($path) )
1840     Error("File not writable", "User <tt>$gblLogin</tt> has trustee to write in <tt>$relPath</tt> but permissions on <tt>$path</tt> are wrong!", 1) ;
1841     $fh = fopen($path, "w+") ;
1842     if ($fh) {
1843     fputs($fh,"\n");
1844     fclose($fh) ;
1845     LogIt($path,"file created",trperm_r | trperm_w);
1846     } else {
1847     Error("Creation of file $relPath failed", "User <tt>$gblLogin</tt> has trustee to write in <tt>$relPath</tt> but creation of <tt>$path</tt> failed!", 1) ;
1848     }
1849     $tstr = $HTTP_SERVER_VARS["PHP_SELF"]."?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1850     header("Location: " . $tstr) ;
1851     exit ;
1852     }
1853     break ;
1854    
1855     case "DELETE" :
1856     if ( $CONFIRM != "on" ) break;
1857    
1858     if ( isset($FN) && $FN != "") {
1859     $path=$fsDir."/".$FN;
1860     $what = "file";
1861     } elseif (isset($DIR)) {
1862     $path=$gblFsRoot."/".$DIR;
1863     $what = "directory";
1864     } else {
1865     Error("Can't delete object","Can't find filename <tt>\$FN</tt> or dirname in <tt>\$DIR</tt>",1);
1866     }
1867    
1868     if (! check_perm("$relDir/$FN", trperm_w))
1869     Error("Access denied","User <tt>$gblLogin</tt> tried to erase $what <tt>$relDir/$FN</tt> without valid trustee.",1);
1870    
1871     $tstr = "Attempt to delete non-existing object or insufficient privileges: " ;
1872    
1873     $dir=dirname($path);
1874     $file=basename($path);
1875    
1876     if (! file_exists("$dir/.del")) {
1877     mkdir("$dir/.del",0700);
1878     }
1879    
1880     if ( ! @rename($path,"$dir/.del/$file") ) {
1881     LogIt($path,"$what delete failed");
1882     Error("Can't delete $what",$tstr."<tt>".$relDir."/".$FN."</tt>") ;
1883     } else {
1884     LogIt($path,"$what deleted",trperm_w);
1885     MoveTo("$dir/.log/$file","$dir/.del/.log/");
1886     MoveTo("$dir/.note/$file","$dir/.del/.note/");
1887     MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1888     }
1889     break ;
1890    
1891     case "UNDELETE" :
1892     if ( $CONFIRM != "on" ) break ;
1893    
1894     if (substr($FN,0,4) != ".del") break ;
1895     $file=substr($FN,4,strlen($FN)-4);
1896    
1897     if (! check_perm("$relDir/$file", trperm_w))
1898     Error("Access denied","User <tt>$gblLogin</tt> tried to undelete <tt>$relDir/$file</tt> without valid trustee.",1);
1899    
1900     LogIt("$fsDir/.del/$file","undeleted",trperm_w);
1901     MoveTo("$fsDir/.del/$file","$fsDir/");
1902     MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1903     MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1904     MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1905    
1906     break ;
1907    
1908     case "RENAME" :
1909     if ( $CONFIRM != "on" ) break ;
1910    
1911     if (HTTP_POST_VAR("NEWNAME")) {
1912     $dest = remove_parent($relDir.$NEWNAME);
1913     if (! check_perm($relDir.$FN, trperm_w) ||
1914     ! check_perm($dest, trperm_w) )
1915     Error("Access denied","User <tt>$gblLogin</tt> tried to rename <tt>$relDir$FN</tt> to <tt>$dest</tt> without valid trustee.",1);
1916     } else {
1917     Error("Rename error","Can't find new name in var <tt>\$NEWNAME</tt>",1);
1918     }
1919     LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r);
1920     safe_rename($fsDir,$FN,$NEWNAME);
1921     break ;
1922    
1923     case "NOTE" :
1924     if (! HTTP_POST_VAR("NOTE"))
1925     Error("Can't add note to object","Can't find var <tt>\$NOTE</tt>",1);
1926     if (! check_perm("$relDir/$FN", trperm_w))
1927     Error("Access denied","User <tt>$gblLogin</tt> tried to add note to <tt>$relDir/$FN</tt> without valid trustee.",1);
1928    
1929     WriteNote("$fsDir/$FN",$NOTE);
1930     break ;
1931    
1932     case "UNLOCK" :
1933     if ( $CONFIRM != "on" ) break ;
1934     if (! check_perm("$relDir/$FN", trperm_w))
1935     Error("Access denied","User <tt>$gblLogin</tt> tried to unlock <tt>$relDir/$FN</tt> without valid trustee.",1);
1936     Unlock("$fsDir/$FN");
1937     break ;
1938    
1939     default :
1940     // user hit "CANCEL" or undefined action
1941     }
1942    
1943     // common to all POSTs : redirect to directory view ($relDir)
1944     if (isset($POSTACTION)) {
1945     $tstr = $HTTP_SERVER_VARS["PHP_SELF"]."?D=".urlencode($relDir);
1946     header("Location: ".$tstr) ;
1947     exit ;
1948     }
1949    
1950     // check for mode.. navigate, code display, upload, or detail?
1951     // $A=U : upload to path given in $D
1952     // $A=E : display detail of file $D/$F and edit
1953     // $A=C : display code in file $D/$F
1954     // $A=Co : checkout file $D/$F
1955     // $A=Ci : checkin file $D/$F
1956     // $A=V : view file (do nothing except log)
1957     // $A=I : include file .$F.php from [$gblIncDir|realm]/include_php
1958     // default : display directory $D
1959    
1960     if (isset($A)) switch ($A) {
1961     case "U" :
1962     // upload to $relDir
1963     if (! check_perm($relDir, trperm_w))
1964     Error("Write access denied","You don't have permission to write in <tt>$relDir</tt>");
1965     if (!is_writeable($gblFsRoot . $relDir))
1966     Error("Write access denied","User <tt>$gblLogin</tt> has permission on <tt>$relDir</tt>, but directory is not writable",1);
1967     $text = "Use this page to upload a single " ;
1968     $text .= "file to <B>$realm</B>." ;
1969     StartHTML("(Upload Page)", $text) ;
1970     UploadPage($gblFsRoot, $relDir) ;
1971     EndHTML() ;
1972     exit ;
1973     case "E" :
1974     // detail of $relDir/$F
1975     if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1976     exit ;
1977     case "C" :
1978     $F=stripSlashes($F);
1979     // listing of $relDir/$F
1980     DisplayCode($gblFsRoot, $relDir, $F) ;
1981     exit ;
1982     case "Co" :
1983     // checkout
1984     Lock("$gblFsRoot/$relDir/$F");
1985     Download("$gblFsRoot/$relDir/$F",1);
1986     exit;
1987     case "Ci" :
1988     $F=stripSlashes($F);
1989     // upload && update to $relDir
1990     if (!is_writeable($gblFsRoot . $relDir))
1991     Error("Write access denied",$relDir) ;
1992     $text = "Use this page to update a single " ;
1993     $text .= "file to <B>$realm</B>." ;
1994     StartHTML("(Update file Page)", $text) ;
1995     UploadPage($gblFsRoot, $relDir, $F) ;
1996     EndHTML() ;
1997     exit ;
1998     case "V" :
1999     // view
2000     LogIt("$gblFsRoot/$relDir/$F","viewed");
2001     Download("$gblFsRoot/$relDir/$F",$gblForceDownload);
2002     exit;
2003     case "Ch" :
2004     StartHTML("(File changes)","All changes chronologicaly...");
2005     DisplayChangeLog(0); // all
2006     EndHTML() ;
2007     exit;
2008     case "Ch1" :
2009     StartHTML("(File changes)","Changes to files in last day...");
2010     DisplayChangeLog(1);
2011     EndHTML() ;
2012     exit;
2013     case "I" :
2014     if (! isset($F) || $F == "")
2015     Error("Can't find file to include","Your request didn't specify file to include which should be in variable <tt>F</tt> like <tt>$HTTP_SERVER_VARS[REQUEST_URI]<b>&F=include_php_file</b></tt>",1);
2016     $inc_file="$fsRealmDir/$realm".$realm_sep.$F.".php";
2017     if (! file_exists($inc_file)) {
2018     Error("Can't find file to include","Can't find include file <tt>$F.php</tt> in <tt>$fsRealmDir/$realm/</tt>. Meybe you should copy <tt>$gblIncDir/include_php/$F.php</tt> to <tt>$inc_file<tt> ?",1);
2019     }
2020     if (!is_readable($inc_file))
2021     Error("Read access to include file denied","Can't read PHP include file <tt>$inc_file</tt>. Fix permissions on it.",1);
2022     $text = "Your include file should define \$text variable which holds this text and \$title variable which is page title";
2023     $title = "You should define \$title variable with page title";
2024     include($inc_file);
2025     StartHTML($title, $text) ;
2026     print "<p>".GifIcon(up)." Back to <a href=$HTTP_SERVER_VARS[PHP_SELF]>front page</a>.</p>";
2027     EndHTML() ;
2028     exit ;
2029     }
2030    
2031     // default: display directory $relDir
2032     Navigate($gblFsRoot,$relDir) ;
2033     exit ;
2034    
2035     Error("Whooah!","By cartesian logic, this never happens",1) ;
2036     ?>
2037    

  ViewVC Help
Powered by ViewVC 1.1.26