25 |
// from where to include auth_*.php modules? |
// from where to include auth_*.php modules? |
26 |
$gblIncDir = "/data/docman2"; |
$gblIncDir = "/data/docman2"; |
27 |
|
|
28 |
// force download (so it won't open in associated application) |
// force download on view (so it won't open in associated application) |
29 |
$gblForceDownload = 1; |
$gblForceDownload = 0; |
30 |
|
|
31 |
// date format |
// date format |
32 |
$gblDateFmt="Y-m-d"; |
$gblDateFmt="Y-m-d"; |
145 |
$url_title="relogin"; |
$url_title="relogin"; |
146 |
} |
} |
147 |
include("$html/footer.html"); |
include("$html/footer.html"); |
|
//phpinfo(); |
|
148 |
} // end function EndHTML |
} // end function EndHTML |
149 |
|
|
150 |
////////////////////////////////////////////////////////////////// |
////////////////////////////////////////////////////////////////// |
1547 |
isset($relogin) && $secHash == $relogin) { |
isset($relogin) && $secHash == $relogin) { |
1548 |
header("WWW-authenticate: basic realm=\"$realm\"") ; |
header("WWW-authenticate: basic realm=\"$realm\"") ; |
1549 |
header("HTTP/1.0 401 Unauthorized") ; |
header("HTTP/1.0 401 Unauthorized") ; |
|
phpinfo(); |
|
1550 |
Error("401 Unauthorized","No trespassing !"); |
Error("401 Unauthorized","No trespassing !"); |
1551 |
} |
} |
1552 |
|
|
1593 |
$DIR=stripSlashes($HTTP_POST_VARS["DIR"]); |
$DIR=stripSlashes($HTTP_POST_VARS["DIR"]); |
1594 |
$RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]); |
$RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]); |
1595 |
$T=stripSlashes($HTTP_POST_VARS["T"]); |
$T=stripSlashes($HTTP_POST_VARS["T"]); |
1596 |
|
$CONFIRM=stripSlashes($HTTP_POST_VARS["CONFIRM"]); |
1597 |
|
|
1598 |
// get |
// get |
1599 |
$A=stripSlashes($HTTP_GET_VARS["A"]); |
$A=stripSlashes($HTTP_GET_VARS["A"]); |
1606 |
switch ($HTTP_POST_VARS["POSTACTION"]) { |
switch ($HTTP_POST_VARS["POSTACTION"]) { |
1607 |
case "UPLOAD" : |
case "UPLOAD" : |
1608 |
$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); |
$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); |
1609 |
|
$FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]); |
1610 |
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; |
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; |
1611 |
if (strstr($FN_name,"/")) |
|
|
Error("Non-conforming filename") ; |
|
|
// TODO : should rather check for escapeshellcmds |
|
|
// but maybe RFC 18xx asserts safe filenames .... |
|
1612 |
$source = $FN_name ; |
$source = $FN_name ; |
|
print "-- $source -- $FN_name -- $HTTP_POST_FILES[FN] -- "; |
|
|
// phpinfo(); |
|
1613 |
if (! file_exists($source)) { |
if (! file_exists($source)) { |
1614 |
Error("You must select file with browse to upload it!"); |
Error("You must select file with browse to upload it!"); |
1615 |
} |
} |
1616 |
|
|
1617 |
$FILENAME = $HTTP_POST_VARS["FILENAME"]; |
$FILENAME = $HTTP_POST_VARS["FILENAME"]; |
1618 |
|
if (strstr($FILENAME,"/")) |
1619 |
|
Error("Upload error","Non-conforming filename. Filename <tt>$FILENAME</tt> has slashes (<tt>/</tt>) in it.") ; |
1620 |
if (! isset($FILENAME)) { // from update file |
if (! isset($FILENAME)) { // from update file |
1621 |
$target = "$fsDir/$FN_name" ; |
$target = "$fsDir/".basename($FN_name); |
1622 |
} else { |
} else { |
1623 |
$target = "$fsDir/$FILENAME"; |
$target = "$fsDir/$FILENAME"; |
1624 |
} |
} |
1808 |
case "Co" : |
case "Co" : |
1809 |
// checkout |
// checkout |
1810 |
Lock("$gblFsRoot/$relDir/$F"); |
Lock("$gblFsRoot/$relDir/$F"); |
1811 |
Download("$gblFsRoot/$relDir/$F"); |
Download("$gblFsRoot/$relDir/$F",1); |
1812 |
exit; |
exit; |
1813 |
case "Ci" : |
case "Ci" : |
1814 |
$F=stripSlashes($F); |
$F=stripSlashes($F); |
1824 |
case "V" : |
case "V" : |
1825 |
// view |
// view |
1826 |
LogIt("$gblFsRoot/$relDir/$F","viewed"); |
LogIt("$gblFsRoot/$relDir/$F","viewed"); |
1827 |
if ($gblForceDownload) { |
Download("$gblFsRoot/$relDir/$F",$gblForceDownload); |
|
Download("$gblFsRoot/$relDir/$F"); |
|
|
} else { |
|
|
header("Content-Disposition: attachment; filename=$F" ); |
|
|
Header("Location: $webRoot".urlpath("$relDir/$F")); |
|
|
} |
|
1828 |
exit; |
exit; |
1829 |
case "Ch" : |
case "Ch" : |
1830 |
StartHTML("(File changes)","All changes chronologicaly..."); |
StartHTML("(File changes)","All changes chronologicaly..."); |