--- docman.php 2002/07/27 20:56:52 1.11 +++ docman.php 2002/07/28 17:51:20 1.20 @@ -20,7 +20,7 @@ ////////////////////////////////////////////////////////////////// // CONFIGURATION OPTIONS -// error_reporting(4) ; // how verbose ? + error_reporting(E_ALL) ; // how verbose ? // from where to include auth_*.php modules? $gblIncDir = "/data/docman2"; @@ -84,14 +84,14 @@ LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]); // for security and configuration - $realm=$HTTP_SERVER_VARS[HTTP_HOST]; + $realm=$HTTP_SERVER_VARS["HTTP_HOST"]; - $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]); + $fsDocumentRoot = dirname($HTTP_SERVER_VARS["SCRIPT_FILENAME"]); if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set \$fsDocumentRoot in \$",1); // globals for later - $gblLogin = $HTTP_SERVER_VARS[PHP_AUTH_USER]; - $gblPasswd = $HTTP_SERVER_VARS[PHP_AUTH_PW]; + $gblLogin = $HTTP_SERVER_VARS["PHP_AUTH_USER"]; + $gblPasswd = $HTTP_SERVER_VARS["PHP_AUTH_PW"]; ////////////////////////////////////////////////////////////////// @@ -109,9 +109,8 @@ function StartHTML($title,$text="") { - global $html,$fsDocumentRoot,$HTTP_SERVER_VARS; + global $html,$fsDocumentRoot,$gblTitle,$HTTP_SERVER_VARS; - $title = $gblTitle." ".$title ; $host = $HTTP_SERVER_VARS["HTTP_HOST"] ; $self = $HTTP_SERVER_VARS["PHP_SELF"] ; @@ -138,13 +137,18 @@ } else { $url .= md5($gblLogin.$gblPasswd); } - if (isset($gblLogin) && $gblLogin != "" && ($gblPasswd == "" || !isset($gblPasswd))) { + if ( ( (isset($gblLogin) && $gblLogin != "") || + (!isset($gblLogin) || $gblLogin == "") + ) && ($gblPasswd == "" || !isset($gblPasswd))) { $url_title="login"; $url .= "&force_login=1"; } else { $url_title="relogin"; } include("$html/footer.html"); + + global $debug; + if ($debug) print $debug; } // end function EndHTML ////////////////////////////////////////////////////////////////// @@ -160,14 +164,16 @@ $exists = file_exists($fsPath) ; $ext = strtolower(strrchr($relPath,".")) ; - $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) ; - $writable = is_writeable($fsPath) ; + $editable = ( $ext=="" || strstr(join(" ",$gblEditable),$ext)) && + check_perm($relPath,trperm_w); + $writable = is_writeable($fsPath) && check_perm($relPath,trperm_w) ; + $writable_dir = is_writeable($fsDir) && check_perm($relDir,trperm_w) ; $file_lock = CheckLock($fsPath); if (!$editable && !$exists) - Error("Creation unsupported for type",$relPath) ; - if (!exists && !is_writeable($fsDir) ) - Error("Creation denied",$relDir) ; + Error("Creation denied","Can't create $relPath") ; + if (!$exists && !$writable_dir ) + Error("Creation denied","Can't write in directory $relDir while creating $relPathfor which user has permissions.",1); $text = _("Use this page to view, modify or ") ; if (is_dir($fsPath)) { @@ -200,7 +206,7 @@ $fstr = htmlentities( $fstr ) ; ?> -