/[docman2]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.2 - (show annotations)
Thu Jul 25 21:16:08 2002 UTC (21 years, 9 months ago) by dpavlin
Branch: MAIN
Changes since 1.1: +38 -38 lines 
fixed directory navigation (sorting broke it), removed ChangeLog function
and replace it with parametar to LogIt (which is also permission for
notify), better logging of actions (directory creation was missing,
creation of file wrote wrong ChangeLog)
1 <?php
2
3 /*
4 * Document Manager ][
5 *
6 * Dobrica Pavlinusic <dpavlin@rot13.org>
7 *
8 * License: GPL2
9 *
10 * Document Manager 1.x was based on
11 * Copyright 1999 by John Martin d/b/a www.ANYPORTAL.com
12 * PHP version Copyright 2000 by Stefan@Wiesendanger.org
13 *
14 * For more info, please see web pages at
15 * http://www.rot13.org/~dpavlin/docman.html
16 *
17 */
18
19
20 //////////////////////////////////////////////////////////////////
21 // CONFIGURATION OPTIONS
22
23 // error_reporting(4) ; // how verbose ?
24
25 // from where to include auth_*.php modules?
26 $gblIncDir = "/data/docman2";
27
28 // force download (so it won't open in associated application)
29 $gblForceDownload = 1;
30
31 // date format
32 $gblDateFmt="Y-m-d";
33 // $gblDateFmt="D, F d, Y";
34
35 // time format
36 $gblTimeFmt="H:i:s";
37 // $gblTimeFmt="g:i:sA";
38
39 // Number of backup files to keep
40 $gblNumBackups=3;
41
42 // show red star if newer than ... days
43 $gblModDays=1;
44
45 // choose GifIcon below unless you have the M$
46 // WingDings font installed on your system
47
48 $gblIcon="GifIcon"; // MockIcon or GifIcon
49
50 // the directory below should be /icons/ or /icons/small/
51 // on Apache; a set of icons is included in the distribution
52
53 $gblIconLocation="/icons/";
54
55 // files you want to be able to edit in text mode
56 // and view with (primitive) syntax highlighting
57
58 $gblEditable = array( ".txt",".asa",".asp",".htm",".html",
59 ".cfm",".php3",".php",".phtml",
60 ".shtml",".css" ) ;
61
62 // files that will display as images on the detail page
63 // (useless if your browser doesn't support them)
64
65 $gblImages = array( ".jpg",".jpeg",".gif",".png",".ico",
66 ".bmp",".xbm") ;
67
68 // which files to hide (separated by ,)
69 $gblHide = "";
70
71 // Where are users? (by default in .htusers file)
72 $gblUsers = "file";
73
74 //////////////////////////////////////////////////////////////////
75
76 $gblTitle = "Document Manager";
77 $gblVersion = "2.0-pre1";
78
79 $secHash = "";
80
81 // location of html files
82 $html = $gblIncDir."/html";
83
84 LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]);
85
86 // for security and configuration
87 $realm="$HTTP_HOST"; // FIX
88
89 $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]);
90 if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set <tt>\$fsDocumentRoot</tt> in <tt>\$</tt>");
91
92 // globals for later
93 $gblLogin = $PHP_AUTH_USER;
94 $gblPasswd = $PHP_AUTH_PW;
95
96 //////////////////////////////////////////////////////////////////
97
98 function LoadLanguage($lang) {
99
100 global $gblIncDir,$html;
101
102 if (file_exists($gblIncDir."/lang/$lang.php")) {
103 include($gblIncDir."/lang/$lang.php");
104 $html .= "-$lang";
105 } else {
106 include($gblIncDir."/lang/default.php");
107 }
108 }
109
110 function StartHTML($title,$text="") {
111
112 global $html,$fsDocumentRoot;
113
114 $title = $gblTitle." ".$title ;
115 $host = $GLOBALS["HTTP_HOST"] ;
116 $self = $GLOBALS["PHP_SELF"] ;
117
118 if (file_exists("$fsDocumentRoot/docman.css")) {
119 $css=dirname($self)."/docman.css";
120 } else {
121 $css=$self."?STYLE=get&css=$css";
122 }
123
124 include("$html/head.html");
125 }
126
127 //////////////////////////////////////////////////////////////////
128
129 function EndHTML() {
130
131 global $gblDateFmt, $gblTimeFmt, $gblUserName, $PHP_SELF,
132 $secHash, $gblVersion, $html,
133 $gblLogin,$gblPasswd;
134
135 $url = $PHP_SELF."?relogin=";
136 if (isset($secHash) && $secHash != "") {
137 $url .= $secHash;
138 } else {
139 $url .= md5($gblLogin.$gblPasswd);
140 }
141 if (isset($gblLogin) && $gblLogin != "" && ($gblPasswd == "" || !isset($gblPasswd))) {
142 $url_title="login";
143 $url .= "&force_login=1";
144 } else {
145 $url_title="relogin";
146 }
147 include("$html/footer.html");
148 //phpinfo();
149 } // end function EndHTML
150
151 //////////////////////////////////////////////////////////////////
152
153 function DetailPage($fsRoot,$relDir,$fn) {
154
155 global $gblEditable, $gblImages, $webRoot, $html ;
156 $self = $GLOBALS["PHP_SELF"] ;
157
158 $relPath = $relDir . "/" . $fn ;
159 $fsPath = $fsRoot . $relPath ;
160 $fsDir = $fsRoot . $relDir ;
161
162 $exists = file_exists($fsPath) ;
163 $ext = strtolower(strrchr($relPath,".")) ;
164 $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ;
165 $writable = is_writeable($fsPath) ;
166 $file_lock = CheckLock($fsPath);
167
168 if (!$editable && !$exists)
169 Error(_("Creation unsupported for type"),$relPath) ;
170 if (!exists && !is_writeable($fsDir) )
171 Error(_("Creation denied"),$relDir) ;
172
173 $text = _("Use this page to view, modify or ") ;
174 if (is_dir($fsPath)) {
175 $text .=_("delete a directory on this ") ;
176 } else {
177 $text .= _("delete a single document on this ") ;
178 };
179 $text .= _("web site.") ;
180 $title = "("._("Detail Page").")" ;
181 StartHTML($title, $text) ;
182
183 echo "<H3>" . $relDir . "/" . $fn . "</H3>" ;
184 if ($exists) { // get file info
185 $fsize = filesize($fsPath) ;
186 $fmodified = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", filemtime($fsPath)) ;
187 $faccessed = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]", fileatime($fsPath)) ;
188 $fuid=fileowner($fsPath);
189 $fgid=filegroup($fsPath);
190 $userinfo = posix_getpwuid($fuid);
191 $grpinfo = posix_getgrgid($fgid);
192
193 include("$html/DetailPage-file.html");
194 }
195
196 if ( !is_dir($fsPath) && $editable && ($writable || !$exists) && !$file_lock ) {
197 $fh = fopen($fsPath,"a+") ;
198 rewind($fh) ;
199 $fstr = fread($fh,filesize($fsPath)) ;
200 fclose($fh) ;
201 $fstr = htmlentities( $fstr ) ;
202 ?>
203
204 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
205 <SPAN TITLE="Click [SAVE] to store updated contents.">
206 <B>DOCUMENT CONTENTS</B>
207 </SPAN><BR>
208 <TEXTAREA NAME="FILEDATA" ROWS=18 COLS=70 WRAP="OFF"><?php
209 echo($fstr) ; ?></TEXTAREA>
210 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
211 <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
212 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="SAVE">
213 <INPUT TYPE="HIDDEN" SIZE=48 MAXLENGTH=255 NAME="RELPATH"
214 VALUE="<?= $relPath ; ?>">
215 <br>
216 <INPUT TYPE="RESET" VALUE="UNDO ALL CHANGES">
217 <INPUT TYPE="SUBMIT" VALUE="SAVE">
218 </FORM>
219
220 <?php
221 }
222 if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {
223 $info = getimagesize($fsPath) ;
224 $tstr = "<IMG SRC=\"$webRoot".urlpath($relPath)."\" BORDER=0 " ;
225 $tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
226 $tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
227 // echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
228 echo $tstr ;
229 }
230
231 ?>
232
233 <FORM ACTION="<?= $self ; ?>" METHOD="POST">
234 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ; ?>">
235 <INPUT TYPE="HIDDEN" NAME="FN" VALUE="<?= $fn ; ?>">
236 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"><BR>
237
238 <?php
239
240 if ($file_lock) {
241 ?>
242 <hr>
243 <SPAN TITLE="Check OK and click UNLOCK to remove lock on file.">
244 <B>OK TO FORCE LOCK REMOVAL ON "<?= $fn ; ?>" HELD BY <?= $file_lock ?>? </B></SPAN>
245 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
246 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="UNLOCK">
247 <?
248 } // file_lock
249
250 if (substr($fn,0,4) == ".del") {
251 $action="UNDELETE";
252 $desc="undelete previously deleted file";
253 } else {
254 $action="DELETE";
255 $desc="delete";
256 }
257
258 if ($exists && $writable) {
259 ?>
260
261 <HR>
262 <a name="undelete">
263 <SPAN TITLE="Check OK and click [<?= $action ?>] to <?= $desc ?>.">
264 <B>OK TO <?= $action ?> "<?= $fn ; ?>"? </B></SPAN>
265 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
266 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="<?= $action ?>">
267
268 <HR>
269 <a name="rename">
270 <SPAN TITLE="Check OK and click [RENAME] to rename.">
271 <B>OK TO RENAME "<?= $fn ; ?>" TO
272 <INPUT TYPE="TEXT" SIZE=24 MAXLENGTH=255 NAME="NEWNAME" VALUE="<?= $fn ?>">
273 ? </B></SPAN>
274 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
275 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="RENAME">
276
277 <?php
278 } // exists && writable
279 ?>
280 <HR>
281 <a name="note">
282 <B>NOTE FOR "<?= $fn ; ?>":
283 <INPUT TYPE="TEXT" SIZE=50 MAXLENGTH=255 NAME="NOTE" VALUE="<?= ReadNote($fsPath) ?>">
284 </B></SPAN>
285 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="NOTE">
286
287 </FORM>
288
289 <?php
290
291 $name=basename("$fsDir/$fn");
292 $logname=dirname("$fsDir/$fn")."/.log/$name";
293 $bakdir=dirname("$fsDir/$fn")."/.bak";
294 if (file_exists($logname)) {
295 $log=fopen($logname,"r");
296 $cl1=" class=LST"; $cl2="";
297 $logarr = array();
298 while($line = fgetcsv($log,512,"\t")) {
299 $cl=$cl1; $cl1=$cl2; $cl2=$cl;
300 array_unshift($logarr,array($cl,$line[0],$line[1],$line[2],$line[3]));
301 }
302 fclose($log);
303 if (is_dir("$fsDir/$fn")) {
304 $whatis="DIRECTORY";
305 } else {
306 $whatis="FILE";
307 }
308 print "<hr><br><b>CHANGES TO THIS $whatis</b><br><table border=0 width=100%>\n";
309 $bakcount = 0; // start from 0, skip fist backup (it's current)
310 while ($e = array_shift($logarr)) {
311 if (strstr($e[4],"upload")) {
312 if (file_exists("$bakdir/$bakcount/$name")) {
313 $e[4]="<a href=\"$webRoot".urlpath(dirname($relPath)."/.bak/$bakcount/$name")."\">$e[4]</a>";
314 }
315 $bakcount++;
316 }
317 print "<tr><td$e[0]>$e[1]</td><td$e[0]>$e[2]</td><td$e[0]>$e[3]</td><td$e[0]>$e[4]</td></tr>\n";
318 }
319 print "</table>";
320 }
321
322 EndHTML() ;
323
324 } // end function DetailPage
325
326 //////////////////////////////////////////////////////////////////
327
328 function DisplayCode($fsRoot,$relDir,$fn) {
329
330 $path = $fsRoot . $relDir . "/" . $fn ;
331
332 if (!file_exists($path)) Error("File not found",$path) ;
333
334 StartHTML("(".$relDir."/".$fn.")","");
335
336 $tstr = join("",file($path)) ;
337 $tstr = htmlentities($tstr) ;
338
339 // Tabs
340 $tstr = str_replace(chr(9)," ",$tstr) ;
341
342 // ASP tags & XML/PHP tags
343 $aspbeg = "<SPAN CLASS=XML>&lt;%</SPAN><SPAN CLASS=BLK>" ;
344 $aspend = "</SPAN><SPAN CLASS=XML>%&gt;</SPAN>" ;
345 $tstr = str_replace("&lt;%",$aspbeg,$tstr) ;
346 $tstr = str_replace("%&gt;",$aspend,$tstr) ;
347
348 $xmlbeg = "<SPAN CLASS=XML>&lt;?</SPAN><SPAN CLASS=BLK>" ;
349 $xmlend = "</SPAN><SPAN CLASS=XML>?&gt;</SPAN>" ;
350 $tstr = str_replace("&lt;?",$xmlbeg,$tstr) ;
351 $tstr = str_replace("?&gt;",$xmlend,$tstr) ;
352
353 // C style comment
354 $tstr = str_replace("/*","<SPAN CLASS=REM>/*",$tstr) ;
355 $tstr = str_replace("*/","*/</SPAN>",$tstr) ;
356
357 // HTML comments
358 $tstr = str_replace("&lt;!--","<I CLASS=RED>&lt;!--",$tstr) ;
359 $tstr = str_replace("--&gt;","--&gt;</I>",$tstr) ;
360
361 echo "<PRE>" ;
362
363 $tstr = split("\n",$tstr) ;
364 for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
365 // add line numbers
366 echo "<BR><EM>" ;
367 echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
368 $line = $tstr[$i] ;
369 // C++ style comments
370 $pos = strpos($line,"//") ;
371 // exceptions: two slashes aren't a script comment
372 if (strstr($line,"//") &&
373 ! ($pos>0 && substr($line,$pos-1,1)==":") &&
374 ! (substr($line,$pos,8) == "//--&gt;") &&
375 ! (substr($line,$pos,9) == "// --&gt;")) {
376 $beg = substr($line,0,strpos($line,"//")) ;
377 $end = strstr($line,"//") ;
378 $line = $beg."<SPAN CLASS=REM>".$end."</SPAN>";
379 }
380 // shell & asp style comments
381 $first = substr(ltrim($line),0,1) ;
382 if ($first == "#" || $first == "'") {
383 $line = "<SPAN CLASS=REM>".$line."</SPAN>";
384 }
385 print($line) ;
386 } // next i
387
388 echo "</PRE>" ;
389
390 EndHTML() ;
391
392 } // end function DisplayCode
393
394 //////////////////////////////////////////////////////////////////
395
396 function MockIcon($txt) {
397 $tstr = "<SPAN CLASS=MCK>" ;
398
399 switch (strtolower($txt)) {
400 case ".bmp" :
401 case ".gif" :
402 case ".jpg" :
403 case ".jpeg":
404 case ".tif" :
405 case ".tiff":
406 $d = 176 ;
407 break ;
408 case ".doc" :
409 $d = 50 ;
410 break ;
411 case ".exe" :
412 case ".bat" :
413 $d = 255 ;
414 break ;
415 case ".bas" :
416 case ".c" :
417 case ".cc" :
418 case ".src" :
419 $d = 255 ;
420 break ;
421 case "file" :
422 $d = 51 ;
423 break ;
424 case "fldr" :
425 $d = 48 ;
426 break ;
427 case ".htm" :
428 case ".html":
429 case ".asa" :
430 case ".asp" :
431 case ".cfm" :
432 case ".php3":
433 case ".php" :
434 case ".phtml" :
435 case ".shtml" :
436 $d = 182 ;
437 break ;
438 case ".pdf" :
439 $d = 38 ;
440 break;
441 case ".txt" :
442 case ".ini" :
443 $d = 52 ;
444 break ;
445 case ".xls" :
446 $d = 252 ;
447 break ;
448 case ".zip" :
449 case ".arc" :
450 case ".sit" :
451 case ".tar" :
452 case ".gz" :
453 case ".tgz" :
454 case ".Z" :
455 $d = 59 ;
456 break ;
457 case "view" :
458 $d = 52 ;
459 break ;
460 case "up" :
461 $d = 199 ;
462 break ;
463 case "blank" :
464 return "&nbsp;&nbsp;</SPAN>" ;
465 break ;
466 default :
467 $d = 51 ;
468 }
469
470 return $tstr . chr($d) . "</SPAN>" ;
471 } // end function MockIcon
472
473 //////////////////////////////////////////////////////////////////
474
475 function GifIcon($txt) {
476 global $gblIconLocation ;
477
478 switch (strtolower($txt)) {
479 case ".bmp" :
480 case ".gif" :
481 case ".jpg" :
482 case ".jpeg":
483 case ".tif" :
484 case ".tiff":
485 $d = "image2.gif" ;
486 break ;
487 case ".doc" :
488 $d = "layout.gif" ;
489 break ;
490 case ".exe" :
491 case ".bat" :
492 $d = "screw2.gif" ;
493 break ;
494 case ".bas" :
495 case ".c" :
496 case ".cc" :
497 case ".src" :
498 $d = "c.gif" ;
499 break ;
500 case "file" :
501 $d = "generic.gif" ;
502 break ;
503 case "fldr" :
504 $d = "dir.gif" ;
505 break ;
506 case ".phps" :
507 $d = "phps.gif" ;
508 break ;
509 case ".php3" :
510 $d = "php3.gif" ;
511 break ;
512 case ".htm" :
513 case ".html":
514 case ".asa" :
515 case ".asp" :
516 case ".cfm" :
517 case ".php3":
518 case ".php" :
519 case ".phtml" :
520 case ".shtml" :
521 $d = "world1.gif" ;
522 break ;
523 case ".pdf" :
524 $d = "pdf.gif" ;
525 break;
526 case ".txt" :
527 case ".ini" :
528 $d = "text.gif" ;
529 break ;
530 case ".xls" :
531 $d = "box2.gif" ;
532 break ;
533 case ".zip" :
534 case ".arc" :
535 case ".sit" :
536 case ".tar" :
537 case ".gz" :
538 case ".tgz" :
539 case ".Z" :
540 $d = "compressed.gif" ;
541 break ;
542 case "view" :
543 $d = "index.gif" ;
544 break ;
545 case "up" :
546 $d = "back.gif" ;
547 break ;
548 case "blank" :
549 $d = "blank.gif" ;
550 break ;
551 case "checkout":
552 $d = "box2.gif";
553 break;
554 case "checkin":
555 $d = "hand.up.gif";
556 break;
557 case "locked":
558 $d = "screw2.gif";
559 break;
560 case "note":
561 $d = "quill.gif";
562 break;
563 default :
564 $d = "generic.gif" ;
565 }
566
567 return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
568 } // end function GifIcon
569
570 //////////////////////////////////////////////////////////////////
571
572 function Navigate($fsRoot,$relDir) {
573
574 global $gblEditable, $gblIcon, $gblModDays, $webRoot, $gblHide,
575 $HTTP_GET_VARS, $html;
576
577 $self = $GLOBALS["PHP_SELF"] ;
578
579 if ($relDir == "") $relDir = "/";
580
581 $fsDir = $fsRoot.$relDir."/"; // current directory
582
583 if (!is_dir($fsDir)) Error("Dir not found",$relDir) ;
584
585 $hide_items=",$gblHide,";
586
587 #display_all_trustee();
588 print "-- $fsDir --";
589
590 // read directory contents
591 if ( !($dir = @opendir($fsDir)) )
592 Error("Read Access denied",$relDir) ;
593 while ($item = readdir($dir)) {
594 print "$item, ";
595 if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") ) continue ;
596 if ((is_dir($fsDir.$item) || is_link ($fsDir.$item)) && check_perm($relDir.$item,trperm_b)) {
597 $dirList[$item] = $item ;
598 $dirNote[$item] = ReadNote($fsDir.$item);
599 } else if ( is_file($fsDir.$item) && check_perm($relDir.$item,trperm_r) ) {
600 $fileList[$item] = $item ;
601 $fileDate[$item] = filemtime($fsDir.$item) ;
602 $fileSize[$item] = filesize($fsDir.$item) ;
603 $fileNote[$item] = ReadNote($fsDir.$item);
604 } else {
605 // unknown file type
606 // $text = "Could not determine file type of " ;
607 // Error("File Error", $text.$relDir."/".$item) ;
608 // exit ;
609 }
610 }
611 closedir($dir) ;
612
613 // scan deleted files
614 if ( $GLOBALS[show_deleted] == 1 && ($dir = @opendir("$fsDir/.del")) ) {
615 while ($item = readdir($dir)) {
616 if ( substr($item,0,1) == "." || strstr($hide_items,",$item,") || !check_perm($relDir.$item,trperm_w) ) continue ;
617 $fileList[$item] = ".del/$item" ;
618 $fileDate[$item] = filemtime($fsDir.".del/$path") ;
619 $fileSize[$item] = filesize($fsDir.".del/$path") ;
620 $fileNote[$item] = ReadNote($fsDir.".del/$item");
621 }
622 closedir($dir) ;
623 }
624
625 $emptyDir = ! (sizeof($dirList) || sizeof($fileList)) ;
626
627 // start navigation page
628 $text = "Use this page to add, delete";
629 if (! isset($show_deleted)) {
630 $text .= ", <a href=$self?D=".urlencode($relDir)."&show_deleted=1>undelete</a>";
631 }
632 $text .= " or revise files on this web site." ;
633 $text .= "<br>Examine list of files <a href=\"$self?A=Ch1\">changed in last day</a> or <a href=\"$self?A=Ch\">all changes</a>.";
634 StartHTML("(Navigate)",$text) ;
635
636 echo "<TABLE BORDER=0 CELLPADDING=2
637 CELLSPACING=3 WIDTH=\"100%\">" ;
638
639 // updir bar
640 if (chopsl($fsDir) != chopsl($fsRoot)) {
641 $parent = dirname($relDir) ;
642 if ($parent == "") $parent = "/" ;
643
644 include("$html/Navigate-parent.html");
645 }
646
647 function plural($name,$count) {
648 $out="$count $name";
649 if ($count > 1) {
650 $out.="s";
651 }
652 return $out;
653 }
654
655 $dsort = $HTTP_GET_VARS[dsort];
656 if (! isset($dsort)) $dsort = "name"; // default directory sort
657
658 $dsort_arr = array(
659 "name" => array ("rname", "note"),
660 "rname" => array ("name", "note"),
661 "note" => array ("name", "rnote"),
662 "rnote" => array ("name", "note")
663 );
664
665 $fsort = $HTTP_GET_VARS[fsort];
666 if (! isset($fsort)) $fsort = "name"; // default directory sort
667
668 $fsort_arr = array(
669 "name" => array ("rname", "note", "date", "size"),
670 "rname" => array ("name", "note", "date", "size"),
671 "note" => array ("name", "rnote", "date", "size"),
672 "rnote" => array ("name", "note", "date", "size"),
673 "date" => array ("name", "note", "rdate", "size"),
674 "rdate" => array ("name", "note", "date", "size"),
675 "size" => array ("name", "note", "date", "rsize"),
676 "rsize" => array ("name", "note", "date", "size")
677 );
678
679 $D="D=".urlencode($relDir);
680
681 function self_args($arr = array()) {
682 $arg = implode("&",$arr);
683 if ($arg) {
684 return $self."?".$arg;
685 } else {
686 return $self;
687 }
688 }
689 // output subdirs
690 if (sizeof($dirList) > 0) {
691 switch ($dsort) {
692 case "note":
693 $items = $dirNote;
694 asort($items);
695 break;
696 case "rnote":
697 $items = $dirNote;
698 arsort($items);
699 break;
700 case "rname":
701 $items = $dirList;
702 krsort($items);
703 break;
704 default:
705 $items = $dirList;
706 ksort($items);
707 break;
708 }
709 $durl = self_args(array($D,"dsort=".$dsort_arr[$dsort][0]));
710 $nurl = self_args(array($D,"dsort=".$dsort_arr[$dsort][1]));
711
712 include("$html/Navigate-dirHeader.html");
713
714 while (list($key,$dir) = each($items)) {
715
716 $dir = $dirList[$key];
717
718 $info_url=self_args(array("A"=>"A=E", "F"=>"F=".urlencode($dir), "D"=>$D));
719 $dir_url=$self."?D=".urlencode($relDir."/".$dir);
720 include("$html/Navigate-dirEntry.html");
721
722 } // iterate over dirs
723 } // end if no dirs
724
725 $durl = self_args(array($D,"fsort=".$fsort_arr[$fsort][0]));
726 $nurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][1]));
727 $uurl = self_args(array($D,"fsort=".$fsort_arr[$fsort][2]));
728 $surl = self_args(array($D,"fsort=".$fsort_arr[$fsort][3]));
729
730 include("$html/Navigate-fileHeader.html");
731
732 if (sizeof($fileList) > 0) {
733 switch ($fsort) {
734 case "note":
735 $items = $fileNote;
736 asort($items);
737 break;
738 case "rnote":
739 $items = $fileNote;
740 arsort($items);
741 break;
742 case "date":
743 $items = $fileDate;
744 asort($items);
745 break;
746 case "rdate":
747 $items = $fileDate;
748 arsort($items);
749 break;
750 case "size":
751 $items = $fileSize;
752 asort($items);
753 break;
754 case "rsize":
755 $items = $fileSize;
756 arsort($items);
757 break;
758 case "rname":
759 $items = $fileList;
760 krsort($items);
761 break;
762 default:
763 $items = $fileList;
764 ksort($items);
765 break;
766 }
767
768 while (list($key,$file) = each($items)) {
769 $file = $fileList[$key];
770 $path = $fsDir."/".$file ;
771 $mod = $fileDate[$key];
772 $sz = $fileSize[$key];
773
774 if ($sz >= 10240) {
775 $sz = (int)(($sz+1023)/1024) . " k" ;
776 } else {
777 $sz .= " " ;
778 } // end size
779
780 $a = $b = "" ;
781
782 $info_url=$self."?A=E&F=".urlencode($file)."&D=".urlencode($relDir);
783
784 if ( ($mod + $gblModDays*86400) > time() ) {
785 $a = "<SPAN CLASS=RED TITLE=\"Newer" ;
786 $a .= " than $gblModDays days\"> * </SPAN>" ;
787 }
788
789 $file_lock=CheckLock($path);
790
791 $file_url_html="<A HREF=\"$self?A=V&F=".urlencode($file);
792 $file_url_html.="&D=".urlencode($relDir);
793 $file_url_html.="\" TITLE=\"View file\">" ;
794
795 if (substr($file,0,5) != ".del/") {
796 $file_url_html .= $file . "</A>" . $a ;
797 } else {
798 $file_url_html .= substr($file,5,strlen($file)-5) . "</a> <SPAN CLASS=RED TITLE=\"deleted\"> <a href=\"$info_url#undelete\">deleted</a> </span>";
799 }
800
801 $note_html="<a href=\"$info_url#note\">".$gblIcon("note")."</a>".ReadNote($path);
802
803 $ext = strtolower(strrchr($file,".")) ;
804
805 if ($file_lock) {
806 if ($file_lock == $GLOBALS[gblUserName]) {
807 $b.="<A HREF=\"$self?A=Ci&F=".urlencode($file);
808 $b.="&D=".urlencode($relDir);
809 $b.="\" TITLE=\"Checkin (update) file on server\">" ;
810 $file_url_html=$b;
811 $b.=$gblIcon("checkin")."</A>" ;
812 $b.= $gblIcon("blank");
813 $file_url_html.="$file</a> $a";
814 $note_html = $gblIcon("blank")."<b>Please check-in (update) this file</b>";
815 } else {
816 $b = $gblIcon("locked");
817 $b.= $gblIcon("blank");
818 $note_html = $gblIcon("blank")."<b>File locked by $file_lock</b>";
819 $file_url_html = "$file $a";
820 }
821 } else {
822 $b.="<A HREF=\"$self?A=Co&F=".urlencode($file);
823 $b.="&D=".urlencode($relDir);
824 $b.="\" TITLE=\"Checkout file for edit\">" ;
825 $b.=$gblIcon("checkout")."</A>" ;
826
827 if ( $ext=="" || strstr(join(" ",$gblEditable),$ext) ) {
828 $b.="<A HREF=\"$self?A=C&F=".urlencode($file);
829 $b.="&D=".urlencode($relDir);
830 $b.="\" TITLE=\"List contents\">" ;
831 $b.=$gblIcon("view")."</A>" ;
832 } else {
833 $b.= $gblIcon("blank");
834 }
835 }
836
837 $mod = date("$GLOBALS[gblDateFmt] $GLOBALS[gblTimeFmt]",$mod);
838
839 include("$html/Navigate-fileEntry.html");
840
841 } // iterate over files
842 } else { // end if no files
843 ?>
844 <TR><TD></TD><TD COLSPAN=5 CLASS=LST>
845 No files in this directory
846 </TD></TR>
847 <?
848 }
849
850 if ($emptyDir && $relDir != "") {
851 ?>
852
853 <FORM METHOD="POST" ACTION="<?= $self ?>">
854 <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>
855 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
856 OK TO DELETE THIS EMPTY FOLDER?
857 <INPUT TYPE="CHECKBOX" NAME="CONFIRM">
858 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="DELETE">
859 </TD></TR>
860 </FORM>
861
862 <?php
863 } // end if emptyDir
864 ?>
865
866 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>
867
868 <?
869 if (file_exists(".info.inc")) {
870 print "<TR><TD></TD><TD COLSPAN=5>";
871 include(".info.inc");
872 print "</TD></TR>
873 <TR><TD></TD><TD COLSPAN=5><HR></TD></TR>";
874 }
875 ?>
876
877 <FORM METHOD="POST" ACTION="<?= $self ?>">
878 <TR><TD></TD><TD COLSPAN=5 CLASS=BAR>CREATE NEW
879 <INPUT TYPE="RADIO" NAME="T" VALUE="D" CHECKED>DIRECTORY -OR-
880 <INPUT TYPE="RADIO" NAME="T" VALUE="F">FILE : &nbsp;&nbsp;
881 <NOBR>NAME <INPUT TYPE="TEXT" NAME="FN" SIZE=14>
882 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="CREATE">
883 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
884 <INPUT TYPE="SUBMIT" VALUE="CREATE" NAME="CREATE">
885 </NOBR>
886 <NOBR>OR <A HREF="<?= $self ?>?A=U&D=<?= urlencode($relDir) ?>">UPLOAD</A> A FILE</NOBR>
887 </TD></TR>
888 </FORM>
889 </TABLE>
890
891 <?php
892 EndHTML() ;
893 } // end function Navigate
894
895 //////////////////////////////////////////////////////////////////
896
897 function UploadPage($fsRoot, $relDir, $filename="") {
898
899 $self = $GLOBALS["PHP_SELF"] ;
900 if ($relDir == "") $relDir = "/" ;
901 ?>
902
903 <P><TABLE BORDER=0 CELLPADDING=5><TR><TD WIDTH=5></TD><TD CLASS=BAR>
904 <FORM ENCTYPE="multipart/form-data" METHOD="POST"
905 ACTION="<?= $self ?>">
906 DESTINATION DIRECTORY:<B><?= " " . $relDir ?></B>
907 <? if (isset($filename) && $filename!="") { ?>
908 <br>DESTINATION FILE:<B><?= " " . $filename ?></B>
909 <INPUT TYPE="HIDDEN" NAME="FILENAME" VALUE="<?= $filename ?>">
910 <? } ?>
911 <P>PATHNAME OF LOCAL FILE<BR>
912 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>">
913 <INPUT TYPE="HIDDEN" NAME="POSTACTION" VALUE="UPLOAD">
914 <INPUT SIZE=30 TYPE="FILE" NAME="FN"></P>
915 <P><INPUT TYPE="SUBMIT" VALUE="UPLOAD"></P>
916 <P>If the <B>[BROWSE...]</B> button is not displayed,<BR>
917 you must upgrade to an RFC1867-compliant browser.</P>
918 <P>Your browser:<BR><?= $GLOBALS["HTTP_USER_AGENT"] ?></P>
919 </FORM>
920 </TD></TR>
921 <TR><TD></TD><TD>
922 <FORM METHOD="POST" ACTION="<?= $self ?>">
923 <INPUT TYPE="HIDDEN" NAME="DIR" VALUE="<?= $relDir ?>"><BR>
924 <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL">
925 </FORM>
926 </TD></TR></TABLE></P>
927
928 <?php
929 } // end function UploadPage
930
931 //////////////////////////////////////////////////////////////////
932
933 function Error($title,$text="") {
934 StartHTML("(".$title.")",$text) ;
935 echo "<P ALIGN=center>Hit your Browser's Back Button.</P>" ;
936 EndHTML() ;
937 exit ;
938 } // end function Error
939
940 //////////////////////////////////////////////////////////////////
941
942 function LogIt($target,$msg, $changelog=0) {
943
944 $dir=dirname($target);
945 if (! file_exists($dir."/.log")) {
946 if (! @mkdir($dir."/.log",0700)) Error("docman installation problem","can't create log directory <tt>$dir/.log</tt>");
947 }
948 $file=basename($target);
949
950 $log=fopen("$dir/.log/$file","a+");
951 fputs($log,date("$GLOBALS[gblDateFmt]\t$GLOBALS[gblTimeFmt]").
952 "\t$GLOBALS[gblUserName]\t$msg\n");
953 fclose($log);
954
955 if (! $changelog) return;
956
957 global $gblFsRoot;
958 $log=fopen("$gblFsRoot/.changelog","a+");
959 if (substr($target,0,strlen($gblFsRoot)) == $gblFsRoot)
960 $target=substr($target,strlen($gblFsRoot),strlen($target)-strlen($gblFsRoot));
961 $msg=str_replace("\t"," ",$msg);
962 fputs($log,time()."\t$target\t$GLOBALS[gblUserName]\t$msg\n");
963 fclose($log);
964
965 // FIX: implement e-mail notification based on $changelog
966 // permission
967 }
968
969
970 //////////////////////////////////////////////////////////////////
971
972 function WriteNote($target,$msg) {
973
974 $target=stripSlashes($target);
975 $dir=dirname($target);
976 if (! file_exists($dir."/.note")) {
977 mkdir($dir."/.note",0700);
978 }
979 $file=basename($target);
980
981 $note=fopen("$dir/.note/$file","w");
982 fputs($note,"$msg\n");
983 fclose($note);
984
985 LogIt($target,"added note $msg");
986
987 }
988
989 function ReadNote($target) {
990
991 $target=stripSlashes($target);
992 $dir=dirname($target);
993 $file=basename($target);
994 $msg="";
995 if (file_exists($dir."/.note/$file")) {
996 $note=fopen("$dir/.note/$file","r");
997 $msg=fgets($note,4096);
998 fclose($note);
999 }
1000 return HtmlSpecialChars(StripSlashes($msg));
1001
1002 }
1003
1004 //////////////////////////////////////////////////////////////////
1005
1006 function MoveTo($source,$folder) {
1007
1008 $source=stripSlashes($source);
1009 $file=basename($source);
1010 if (! file_exists($folder)) {
1011 mkdir($folder,0700);
1012 }
1013 if (file_exists($source)) {
1014 rename($source,"$folder/$file");
1015 }
1016 }
1017
1018 //////////////////////////////////////////////////////////////////
1019
1020 function Lock($target) {
1021
1022 $target=stripSlashes($target);
1023 $dir=dirname($target);
1024 if (! file_exists($dir."/.lock")) {
1025 mkdir($dir."/.lock",0700);
1026 }
1027 $file=basename($target);
1028
1029 if (file_exists("$dir/.lock/$file")) {
1030 LogIt($target,"attempt to locked allready locked file!");
1031 } else {
1032 $lock=fopen("$dir/.lock/$file","w");
1033 fputs($lock,"$GLOBALS[gblUserName]\n");
1034 fclose($lock);
1035
1036 LogIt($target,"file locked");
1037 }
1038
1039 }
1040
1041 function CheckLock($target) {
1042
1043 $target=stripSlashes($target);
1044 $dir=dirname($target);
1045 $file=basename($target);
1046 $msg=0;
1047 if (file_exists($dir."/.lock/$file")) {
1048 $lock=fopen("$dir/.lock/$file","r");
1049 $msg=fgets($lock,4096);
1050 fclose($lock);
1051 }
1052 return chop($msg);
1053
1054 }
1055
1056 function Unlock($target) {
1057
1058 $target=stripSlashes($target);
1059 $dir=dirname($target);
1060 $file=basename($target);
1061 if (file_exists($dir."/.lock/$file")) {
1062 unlink("$dir/.lock/$file");
1063 LogIt($target,"file unlocked");
1064 } else {
1065 LogIt($target,"attempt to unlocked non-locked file!");
1066 }
1067
1068 }
1069
1070 //////////////////////////////////////////////////////////////////
1071
1072 function urlpath($url) {
1073 $url=urlencode(StripSlashes("$url"));
1074 $url=str_replace("%2F","/",$url);
1075 $url=str_replace("+","%20",$url);
1076 return($url);
1077 }
1078
1079 //////////////////////////////////////////////////////////////////
1080
1081 function safe_rename($fromdir,$fromfile,$tofile) {
1082 function try_rename($from,$to) {
1083 # print "$from -> $to\n";
1084 if (file_exists($from) && is_writeable(dirname($to))) {
1085 rename($from,$to);
1086 }
1087 }
1088
1089 function try_dir($todir) {
1090 if (! file_exists($todir)) {
1091 mkdir($todir,0700);
1092 }
1093 }
1094
1095 $to="$fromdir/$tofile";
1096 $todir=dirname($to);
1097 $tofile=basename($to);
1098
1099 # print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n";
1100
1101 try_rename("$fromdir/$fromfile","$todir/$tofile");
1102 try_dir("$todir/.log");
1103 try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
1104 try_dir("$todir/.note");
1105 try_rename("$fromdir/.note/$fromfile","$todir/.note/$tofile");
1106 try_dir("$todir/.lock");
1107 try_rename("$fromdir/.lock/$fromfile","$todir/.lock/$tofile");
1108 try_dir("$todir/.bak");
1109 for($i=0;$i<=$GLOBALS[gblNumBackups];$i++) {
1110 try_rename("$fromdir/.bak/$i/$fromfile","$todir/.bak/$i/$tofile");
1111 }
1112 }
1113
1114
1115 //////////////////////////////////////////////////////////////////
1116
1117 // recursivly delete directory
1118
1119 function rrmdir($dir) {
1120 $handle=opendir($dir);
1121 while ($file = readdir($handle)) {
1122 if ($file != "." && $file != "..") {
1123 if (is_dir("$dir/$file"))
1124 rrmdir("$dir/$file");
1125 else
1126 if (! @unlink("$dir/$file")) return(0);
1127 }
1128 }
1129 closedir($handle);
1130 return @rmdir($dir);
1131 }
1132
1133 //////////////////////////////////////////////////////////////////
1134
1135 function DisplayChangeLog($day) {
1136
1137 global $gblFsRoot;
1138 if (!file_exists("$gblFsRoot/.changelog")) return;
1139 $log=fopen("$gblFsRoot/.changelog","r");
1140 $logarr = array();
1141 while($line = fgetcsv($log,512,"\t")) {
1142 while (sizeof($line) > 4) {
1143 $tmp = array_pop($line);
1144 $line.=" $tmp";
1145 }
1146 if ($day!=1 || ($day==1 && (time()-$line[0] < 24*60*60))) {
1147 array_unshift($logarr,array($line[0],$line[1],$line[2],$line[3]));
1148 }
1149 }
1150 fclose($log);
1151 $cl1=" class=LST"; $cl2="";
1152 print "<table border=0 width=100%>\n";
1153 while ($e = array_shift($logarr)) {
1154 $cl=$cl1; $cl1=$cl2; $cl2=$cl;
1155 $date = date("$GLOBALS[gblDateFmt]", $e[0]);
1156 $time = date("$GLOBALS[gblTimeFmt]", $e[0]);
1157 $dir = dirname($e[1]);
1158 $file = basename($e[1]);
1159 print "<tr><td$cl>$date</td><td$cl>$time</td><td$cl><a href=\"$GLOBALS[PHP_SELF]?D=".urlencode($dir)."\">$dir</a>/$file</td><td$cl>$e[2]</td><td$cl>$e[3]</td></tr>\n";
1160 }
1161 print "</table>";
1162 print "<p>".GifIcon(up)." Back to <a href=$GLOBALS[PHP_SELF]>front page</a>.</p>";
1163 }
1164
1165 //////////////////////////////////////////////////////////////////
1166
1167 function Download($path) {
1168 global $HTTP_USER_AGENT;
1169 $file=basename($path);
1170 $size = filesize($path);
1171 //header("Content-Type: application/octet-stream");
1172 header("Content-Type: application/force-download");
1173 header("Content-Length: $size");
1174 // IE5.5 just downloads index.php if we don't do this
1175 if(preg_match("/MSIE 5.5/", $HTTP_USER_AGENT)) {
1176 header("Content-Disposition: filename=$file");
1177 } else {
1178 header("Content-Disposition: attachment; filename=$file");
1179 }
1180 header("Content-Transfer-Encoding: binary");
1181 $fh = fopen($path, "r");
1182 fpassthru($fh);
1183 }
1184
1185
1186 //////////////////////////////////////////////////////////////////
1187
1188 function chopsl($path) {
1189 if (substr($path,strlen($path)-1,1) == "/") $path=substr($path,0,strlen($path)-1);
1190 $path=str_replace("//","/",$path);
1191 return $path;
1192 }
1193
1194 //////////////////////////////////////////////////////////////////
1195 /*
1196 Document manager ACL implementation
1197
1198 Written by Dobrica Pavlinusic <dpavlin@rot13.org>
1199
1200 Based on ideas from Linux trustees code
1201 by Vyacheslav Zavadsky <zavadsky@braysystems.com>
1202 */
1203
1204 define(trmask_not,1 << 0);
1205 define(trmask_clear,1 << 1);
1206 define(trmask_deny,1 << 2);
1207 define(trmask_one_level,1 << 3);
1208 define(trmask_group,1 << 4);
1209
1210 define(trperm_r,1 << 5);
1211 define(trperm_w,1 << 6);
1212 define(trperm_b,1 << 7);
1213 define(trperm_n,1 << 8);
1214
1215 $trustee_a2n = array(
1216 '!' => trmask_not,
1217 'C' => trmask_clear,
1218 'D' => trmask_deny,
1219 'O' => trmask_one_level,
1220 '+' => trmask_group,
1221 'R' => trperm_r,
1222 'W' => trperm_w,
1223 'B' => trperm_b,
1224 'N' => trperm_n,
1225 );
1226
1227 // debugging function
1228 function display_trustee($t) {
1229 global $trustee_a2n;
1230 $out="";
1231 foreach ($trustee_a2n as $c=>$v) {
1232 if ($t & $v) $out.=$c;
1233 }
1234 return $out;
1235 }
1236 function display_all_trustee() {
1237 global $trustees;
1238 print "trustee dump:<br>\n";
1239 foreach ($trustees as $path => $tr) {
1240 print "<br><tt>$path</tt>\n";
1241 foreach ($tr as $user=>$perm) {
1242 print "$user == $perm (".display_trustee($perm).")<br>\n";
1243 }
1244 }
1245 }
1246
1247 function init_trustee() {
1248
1249 global $trustee_conf,$trustee_php,$trustee_a2n,$groups,$trustees;
1250
1251 // do we need to re-create compiled trustees?
1252 if (! file_exists($trustee_conf)) {
1253 # $error="$trustee_conf doesn't exits";
1254 return 0; # don't use trustees
1255 } elseif (file_exists($trustee_conf) && !is_readable($trustee_conf)) {
1256 $error="<tt>$trustee_conf</tt> exits, but is not readable";
1257 } elseif (!is_writable(dirname($trustee_php))) {
1258 $error="<tt>".dirname($trustee_php)."</tt> must be writable by web server user";
1259 } elseif (file_exists($trustee_php) && !is_writable($trustee_php)) {
1260 $error="trustees cache file <tt>$trustee_php</tt> exists, but is not writable by web server";
1261 } elseif (1 || filemtime($trustee_conf) >= filemtime($trustee_php)) {
1262 $fp_php=@fopen($trustee_php,"w");
1263 fputs($fp_php,"<?php // don't edit by hand!\n");
1264
1265 $fp_conf=fopen($trustee_conf,"r");
1266
1267 $groups_arr = array();
1268 $perm_arr = array();
1269
1270 $error=0;
1271
1272 $tr_arr = array();
1273
1274 while (! feof($fp_conf)) {
1275 $l = trim(fgets($fp_conf,4096));
1276 if (substr($l,0,1) == "+") { // no comment
1277 $arr=explode(":",$l);
1278 $groups_arr[$arr[0]] = $arr[1] ;
1279 } elseif (substr($l,0,1) != "#") {
1280 $arr=explode(":",$l);
1281 $path=array_shift($arr);
1282 if ($path == "") continue;
1283 $sep2="";
1284 while ($user=array_shift($arr)) {
1285 $perm=0;
1286 if (substr($user,0,1) == "+") {
1287 $perm|=trmask_group;
1288 $user=substr($user,1,strlen($user)-1);
1289 }
1290 $perm_ascii=array_shift($arr);
1291 for ($i=0;$i<strlen($perm_ascii);$i++) {
1292 $ch=strtoupper($perm_ascii[$i]);
1293 if (isset($trustee_a2n[$ch])) {
1294 $perm|=$trustee_a2n[$ch];
1295 } else {
1296 $error.="trustee error in line '$l' [Unknown modifier '$ch']<br>\n";
1297 }
1298 }
1299 $tr_arr[$path][$user] |= $perm;
1300 }
1301 }
1302 }
1303
1304 fclose($fp_conf);
1305
1306 // save trustees
1307 $tr_out='$trustees = array (';
1308 $sep1="";
1309 while (list ($path, $tr) = each ($tr_arr)) {
1310 $tr_out.="$sep1\n\t'$path'=>array(";
1311 $sep2="";
1312 while (list($user,$perm)=each($tr)) {
1313 $tr_out.="$sep2\n\t\t'$user'=>$perm";
1314 $sep2=",";
1315 }
1316 $tr_out.="\n\t)";
1317 $sep1=",";
1318 }
1319 $tr_out.="\n);";
1320
1321 // save groups
1322 $gr_out='$groups = array (';
1323 $sep="";
1324 while (list ($group, $members) = each ($groups_arr)) {
1325 $gr_out.="$sep\n\t'";
1326 $gr_out.=substr($group,1,strlen($group)-1);
1327 $gr_out.="'=>array('".join("','",explode(",",$members))."')";
1328 $sep=",";
1329 }
1330 $gr_out.="\n);\n";
1331
1332 fputs($fp_php,$gr_out);
1333 fputs($fp_php,$tr_out);
1334 fputs($fp_php,"?>\n");
1335 fclose($fp_php);
1336 }
1337
1338 if ($error) {
1339 Error("Trustee error",$error);
1340 } else {
1341 include("$trustee_php");
1342 }
1343
1344 return 1;
1345
1346 }//init_trustee
1347
1348 function in_group($user,$group) {
1349 return in_array($groups[$group],$user);
1350 }
1351
1352 // helper function
1353 function unroll_perm($u,$t,$user,$perm) {
1354 // check user
1355 if ($t & trmask_not && ($u==$user)) continue;
1356 if (!($t & trmask_not) && ($u!=$user)) continue;
1357
1358 if ($t & trmask_deny) {
1359 if ($t & trmask_clear) {
1360 $perm[deny] &= ~$t;
1361 } else {
1362 $perm[deny] |= $t;
1363 }
1364 } elseif ($t & trmask_clear) {
1365 $perm[allow] &= ~$t;
1366 } else {
1367 $perm[allow] |= $t;
1368 }
1369 return $perm;
1370 }// end of helper function
1371
1372 function check_trustee($user,$path) {
1373 global $trustees;
1374 $perm[allow] = 0;
1375 $perm[deny] = 0;
1376 $path_arr=explode("/",$path);
1377 $path = "/";
1378 while (count($path_arr)) {
1379 if (substr($path,strlen($path)-1,1) != "/") $path.="/";
1380 $path.=array_shift($path_arr);
1381 $tr = $trustees[$path];
1382
1383 if (isset($tr)) {
1384 // first apply trustee for all
1385 if (isset($tr['*'])) {
1386 $perm = unroll_perm($user,$tr['*'],$user, $perm);
1387 unset($tr['*']);
1388 }
1389 // then apply group policies
1390 foreach ($tr as $u=>$t) {
1391 if ($t & trmask_group && in_group($user,$u)) {
1392 // resolv user
1393 $t = $t & ~trmask_group;
1394 $u = $user;
1395 $perm = unroll_perm($u,$t,$user, $perm);
1396 unset($tr[$u]);
1397 }
1398 }
1399 // then apply use policy
1400 if (isset($tr[$user])) {
1401 $perm = unroll_perm($user,$tr[$user],$user, $perm);
1402 unset($tr[$user]);
1403 }
1404
1405 }
1406
1407 }
1408 #print "<br>user: $user path: $path perm: ";
1409 #print "d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).")<Br>\n";
1410 return $perm;
1411 }
1412
1413 // handy functions
1414
1415 function check_perm($path,$trperm) {
1416 global $gblLogin,$HAVE_TRUSTEE;
1417 print "<br>check_perm: <tt>$path</tt> test perm ".display_trustee($perm)."<br>\n";
1418 $return = ! $HAVE_TRUSTEE;
1419 if ($HAVE_TRUSTEE) {
1420 $perm = check_trustee($gblLogin,$path);
1421 print " d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).") perm: $trperm";
1422 if ($perm[deny] & $trperm) $return=0;
1423 elseif ($perm[allow] & $trperm) $return=1;
1424 }
1425 print " return: $return<br>\n";
1426 return($return);
1427 }
1428
1429
1430 //////////////////////////////////////////////////////////////////
1431 // MAIN PROGRAM
1432
1433 $gblFilePerms = 0640 ; // default for new files
1434 $gblDirPerms = 0750 ; // default for new dirs
1435
1436 if (isset($STYLE) && $STYLE == "get") {
1437 include("$html/docman.css");
1438 exit;
1439 }
1440
1441 // location of master docman configuration file
1442 $docman_conf = "/etc/docman.conf";
1443 if (! file_exists($docman_conf)) {
1444 $error = "Can't find master configuration file $docman_conf. See docman2/doc/upgrade.html#docman_conf for more informations";
1445
1446 error_log("docman: $error");
1447 Error("docman not installed completly",$error);
1448 }
1449 include($docman_conf);
1450
1451 if (! isset($fsRealmDir)) {
1452 $fsRealmDir = "$gblIncDir/realm";
1453 }
1454 $realm_config = "$fsRealmDir/$realm.conf";
1455
1456 // read user-defined configuration
1457 if (file_exists($realm_config)) {
1458 include($realm_config);
1459 } else {
1460 Error("Configuration error","Can't find configuration file at <tt>$realm_config</tt> !");
1461 }
1462
1463 if (! isset($gblRepositoryDir)) Error("Configuration error","<tt>\$gblRepositoryDir</tt> is not setuped in realm configuration file <tt>$realm_config</tt>");
1464
1465 // where do we get users from?
1466 if (file_exists("$gblIncDir/htusers/$gblUsers.php")) {
1467 include("$gblIncDir/htusers/$gblUsers.php");
1468 } else {
1469 Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/htusers/$gblUsers.php</tt> ! Please fix <tt>$realm_config</tt>");
1470 }
1471
1472 // if no password, or empty password logout
1473 if (
1474 isset($gblLogin) && (
1475 !isset($relogin) || (
1476 isset($relogin) && $relogin != md5($gblLogin.$gblPasswd)
1477 )
1478 ) && (
1479 $gblPasswd == "" || !isset($gblPasswd)
1480 ) && !isset($force_login) && $gblLogin != "anonymous"
1481 ) {
1482 StartHTML("Logout completed","Your login credentials has been erased") ;
1483 EndHTML() ;
1484 exit ;
1485 }
1486
1487 // trustee (ACL) file configuration
1488 $trustee_conf="$gblIncDir/realm/$realm.trustee";
1489 // compiled version of trustee file
1490 $trustee_php="$gblRepositoryDir/.trustee.php";
1491 // get ACL informations
1492 $HAVE_TRUSTEE = init_trustee();
1493
1494 if (strtolower($gblLogin) == "anonymous" || !isset($gblPasswd)) {
1495 $perm = check_trustee($gblLogin,$path);
1496 // browsing must be explicitly allowed for root directory
1497 // of repository for anonymous user to work!
1498 if ($perm[allow] & trperm_b) {
1499 $secHash = md5($gblLogin.$gblPasswd);
1500 $gblUserName = "Anonymous user";
1501 }
1502 }
1503
1504 // authentication failure
1505 if ( md5($gblLogin.$gblPasswd) != $secHash ||
1506 isset($relogin) && $secHash == $relogin) {
1507 header("WWW-authenticate: basic realm=\"$realm\"") ;
1508 header("HTTP/1.0 401 Unauthorized") ;
1509 Error("401 Unauthorized","No trespassing !");
1510 exit ;
1511 }
1512
1513 // get current directory relative to $gblFsRoot
1514 $relDir = $DIR ; // from POST
1515 if ($relDir == "") { // not defined in POST ?
1516 $relDir = urldecode($D) ; // then use GET
1517 }
1518
1519 $relDir=stripSlashes($relDir);
1520
1521 if ($relDir == "/") $relDir = "" ;
1522 // default : website root = ""
1523
1524 if (strstr($relDir,"..")) Error("No updirs allowed");
1525
1526 // full paths contain "fs" or "Fs". Paths realitve to root of
1527 // website contain "rel" or "Rel". The script won't let you
1528 // edit anything above directory equal to http://server.com
1529 // i.e. below $gblFsRoot.
1530
1531 $relScriptDir = dirname($SCRIPT_NAME) ;
1532 // i.e. /docman
1533
1534 // start on server root
1535 $gblFsRoot = $gblRepositoryDir;
1536 // i.e. /home/httpd/html
1537
1538 $fsDir = $gblFsRoot . $relDir ; // current directory
1539 if ( !is_dir($fsDir) ) Error("Dir not found",$relDir) ;
1540
1541 if (isset($GLOBALS["HTTPS"]) && $GLOBALS["HTTPS"] == "on") {
1542 $webRoot = "https://";
1543 } else {
1544 $webRoot = "http://";
1545 }
1546 $webRoot .= $GLOBALS["HTTP_HOST"] . $relScriptDir;
1547
1548 $FN=stripSlashes($FN);
1549
1550 switch ($POSTACTION) {
1551 case "UPLOAD" :
1552 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1553 if (strstr($FN_name,"/"))
1554 Error("Non-conforming filename") ;
1555 // TODO : should rather check for escapeshellcmds
1556 // but maybe RFC 18xx asserts safe filenames ....
1557 $source = $FN ;
1558 if (! file_exists($source)) {
1559 Error("You must select file with browse to upload it!");
1560 }
1561 if (! isset($FILENAME)) { // from update file
1562 $target = "$fsDir/$FN_name" ;
1563 } else {
1564 $target = "$fsDir/$FILENAME";
1565 }
1566
1567 // backup old files first
1568 $dir=dirname($target);
1569 if (! file_exists($dir."/.bak")) {
1570 mkdir($dir."/.bak",0700);
1571 }
1572 if (! file_exists($dir."/.bak/$GLOBALS[gblNumBackups]")) {
1573 mkdir($dir."/.bak/$GLOBALS[gblNumBackups]",0700);
1574 }
1575 $file=basename($target);
1576 for($i=$GLOBALS[gblNumBackups]-1;$i>0;$i--) {
1577 MoveTo("$dir/.bak/$i/$file","$dir/.bak/".($i+1)."/");
1578 }
1579 MoveTo($target,$dir."/.bak/1/");
1580
1581 copy($source,$target) ;
1582 chmod($target,$gblFilePerms) ;
1583 clearstatcache() ;
1584 if (isset($FILENAME)) {
1585 LogIt($target,"check-in",trperm_r | trperm_w);
1586 Unlock($target);
1587 } else {
1588 LogIt($target,"uploaded",trperm_r | trperm_w);
1589 }
1590 break ;
1591
1592 case "SAVE" :
1593 $path = $gblFsRoot . $RELPATH ;
1594 $path=stripSlashes($path);
1595 $writable = is_writeable($path) ;
1596 $legaldir = is_writeable(dirname($path)) ;
1597 $exists = (file_exists($path)) ? 1 : 0 ;
1598 // check for legal extension here as well
1599 if (!($writable || (!$exists && $legaldir)))
1600 Error("Write denied",$RELPATH) ;
1601 $fh = fopen($path, "w") ;
1602 $FILEDATA=stripSlashes($FILEDATA);
1603 fwrite($fh,$FILEDATA) ;
1604 fclose($fh) ;
1605 clearstatcache() ;
1606 LogIt($path,"saved changes",trperm_r);
1607 break ;
1608
1609 case "CREATE" :
1610 // we know $fsDir exists
1611 if ($FN == "") break; // no filename!
1612 if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
1613 $path = $fsDir . "/" . $FN ; // file or dir to create
1614 $relPath = $relDir . "/" . $FN ;
1615 switch ( $T ) {
1616 case "D" : // create a directory
1617 if ( ! @mkdir($path,$gblDirPerms) )
1618 Error("Mkdir failed",$relPath) ; // eg. if it exists
1619 else
1620 LogIt($path."/","dir created",trperm_w);
1621 clearstatcache() ;
1622 break ;
1623 case "F" : // create a new file
1624 // this functionality is doubled in DetailView().
1625 // better keep it here altogether
1626 // chmod perms to $gblFilePerms
1627 if ( file_exists($path) && !is_writeable($path) )
1628 Error("File not writable", $relPath) ;
1629 $fh = fopen($path, "w+") ;
1630 if ($fh) {
1631 fputs($fh,"\n");
1632 fclose($fh) ;
1633 LogIt($path,"file created",trperm_r | trperm_w);
1634 } else {
1635 Error("Creation of file $relPath failed -- $path");
1636 }
1637 $tstr = "$PHP_SELF?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
1638 header("Location: " . $tstr) ;
1639 exit ;
1640 }
1641 break ;
1642
1643 case "DELETE" :
1644 if ( $CONFIRM != "on" ) break ;
1645
1646 $tstr = "Attempt to delete non-existing object or " ;
1647 $tstr .= "insufficient privileges: " ;
1648
1649 if ( $FN != "") { // delete file
1650 $path = $fsDir . "/" . $FN ;
1651
1652 $dir=dirname($path);
1653 $file=basename($path);
1654 if (! file_exists("$dir/.del")) {
1655 mkdir("$dir/.del",0700);
1656 }
1657
1658 // if ( ! @unlink($path) ) {
1659 if ( ! rename($path,"$dir/.del/$file") ) {
1660 Error("File delete failed", $tstr . $path) ;
1661 LogIt($path,"file delete failed");
1662 exit ;
1663 } else {
1664 LogIt($path,"file deleted",trperm_w);
1665 MoveTo("$dir/.log/$file","$dir/.del/.log/");
1666 MoveTo("$dir/.note/$file","$dir/.del/.note/");
1667 MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
1668 }
1669 } else { // delete directory
1670 if ( ! @rrmdir($fsDir) ) {
1671 Error("Rmdir failed", $tstr . $fsDir) ;
1672 } else {
1673 LogIt($path,"dir deleted",trperm_w);
1674 $relDir = dirname($relDir) ; // move up
1675 }
1676 }
1677 break ;
1678
1679 case "UNDELETE" :
1680 if ( $CONFIRM != "on" ) break ;
1681
1682 if (substr($FN,0,4) != ".del") break ;
1683 $file=substr($FN,4,strlen($FN)-4);
1684
1685 LogIt("$fsDir/.del/$file","undeleted",trperm_w);
1686 MoveTo("$fsDir/.del/$file","$fsDir/");
1687 MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
1688 MoveTo("$fsDir/.del/.note/$file","$fsDir/.note/");
1689 MoveTo("$fsDir/.del/.lock/$file","$fsDir/.lock/");
1690
1691 break ;
1692
1693 case "RENAME" :
1694 if ( $CONFIRM != "on" ) break ;
1695
1696 LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r);
1697 safe_rename($fsDir,$FN,$NEWNAME);
1698 break ;
1699
1700 case "NOTE" :
1701 WriteNote("$fsDir/$FN","$NOTE");
1702 break ;
1703
1704 case "UNLOCK" :
1705 if ( $CONFIRM != "on" ) break ;
1706 Unlock("$fsDir/$FN");
1707 break ;
1708
1709 default :
1710 // user hit "CANCEL" or undefined action
1711 }
1712
1713 // common to all POSTs : redirect to directory view ($relDir)
1714 if ( $POSTACTION != "" ) {
1715 $tstr = $PHP_SELF . "?D=" . urlencode($relDir) ;
1716 header("Location: " . $tstr) ;
1717 exit ;
1718 }
1719
1720 // check for mode.. navigate, code display, upload, or detail?
1721 // $A=U : upload to path given in $D
1722 // $A=E : display detail of file $D/$F and edit
1723 // $A=C : display code in file $D/$F
1724 // $A=Co : checkout file $D/$F
1725 // $A=Ci : checkin file $D/$F
1726 // $A=V : view file (do nothing except log)
1727 // $A=I : include file .$F.php from $gblFsRoot
1728 // default : display directory $D
1729
1730 switch ($A) {
1731 case "U" :
1732 // upload to $relDir
1733 if (!is_writeable($gblFsRoot . $relDir))
1734 Error("Write access denied",$relDir) ;
1735 $text = "Use this page to upload a single " ;
1736 $text .= "file to <B>$HTTP_HOST</B>." ;
1737 StartHTML("(Upload Page)", $text) ;
1738 UploadPage($gblFsRoot, $relDir) ;
1739 EndHTML() ;
1740 exit ;
1741 case "E" :
1742 $F=stripSlashes($F);
1743 // detail of $relDir/$F
1744 if (is_file("$gblFsRoot/$relDir/$F") || is_dir("$gblFsRoot/$relDir/$F")) DetailPage($gblFsRoot, $relDir, $F) ;
1745 exit ;
1746 case "C" :
1747 $F=stripSlashes($F);
1748 // listing of $relDir/$F
1749 DisplayCode($gblFsRoot, $relDir, $F) ;
1750 exit ;
1751 case "Co" :
1752 // checkout
1753 Lock("$gblFsRoot/$relDir/$F");
1754 Download("$gblFsRoot/$relDir/$F");
1755 exit;
1756 case "Ci" :
1757 $F=stripSlashes($F);
1758 // upload && update to $relDir
1759 if (!is_writeable($gblFsRoot . $relDir))
1760 Error("Write access denied",$relDir) ;
1761 $text = "Use this page to update a single " ;
1762 $text .= "file to <B>$HTTP_HOST</B>." ;
1763 StartHTML("(Update file Page)", $text) ;
1764 UploadPage($gblFsRoot, $relDir, $F) ;
1765 EndHTML() ;
1766 exit ;
1767 case "V" :
1768 // view
1769 LogIt("$gblFsRoot/$relDir/$F","viewed");
1770 if ($gblForceDownload) {
1771 Download("$gblFsRoot/$relDir/$F");
1772 } else {
1773 header("Content-Disposition: attachment; filename=$F" );
1774 Header("Location: $webRoot".urlpath("$relDir/$F"));
1775 }
1776 exit;
1777 case "Ch" :
1778 StartHTML("(File changes)","All changes chronologicaly...");
1779 DisplayChangeLog(0); // all
1780 EndHTML() ;
1781 exit;
1782 case "Ch1" :
1783 StartHTML("(File changes)","Changes to files in last day...");
1784 DisplayChangeLog(1);
1785 EndHTML() ;
1786 exit;
1787 case "I" :
1788 $F=stripSlashes($F);
1789 $inc_file="${gblFsRoot}/.${F}.php";
1790 if (!isset($F) || $F == "" || !file_exists($inc_file)) Error("Fatal error $inc_file"); // can't find file to include
1791 if (!is_readable($inc_file))
1792 Error("Read access to include file denied",".${F}.php");
1793 $text = "Your include file should define \$text variable which holds this text and \$title variable which is page title";
1794 $title = "You should define \$title variable with page title";
1795 include($inc_file);
1796 StartHTML($title, $text) ;
1797 print "<p>".GifIcon(up)." Back to <a href=$GLOBALS[PHP_SELF]>front page</a>.</p>";
1798 EndHTML() ;
1799 exit ;
1800 }
1801
1802 // default: display directory $relDir
1803 Navigate($gblFsRoot,$relDir) ;
1804 exit ;
1805
1806 Error("Whooah!","By cartesian logic, this never happens") ;
1807 ?>
  ViewVC Help
Powered by ViewVC 1.1.26