--- docman.php	2002/07/29 10:29:04	1.26
+++ docman.php	2002/07/29 12:34:18	1.29
@@ -230,7 +230,7 @@
 	}
 	if ( !$file_lock && $ext!="" && strstr(join(' ',$gblImages),$ext) ) {  
 		$info  = getimagesize($fsPath) ;
-		$tstr = "<IMG SRC=\"$webRoot".urlpath($relPath)."\" BORDER=0 " ;
+		$tstr = "<IMG SRC=\"$self?A=V&D=".urlpath(dirname($relPath))."&F=".urlpath(basename($relPath))."\" BORDER=0 " ;
 		$tstr .= $info[3] . " ALT=\"" . $fn . " - " ;
 		$tstr .= (int)(($fsize+1023)/1024) . "Kb\">" ;
 //		echo htmlentities($tstr) . "<BR><BR>" . $tstr ;
@@ -481,18 +481,10 @@
 
 //////////////////////////////////////////////////////////////////
 
-function GifIcon($txt) {
-	global $gblIconLocation ;
+function GifIcon($txt = "") {
+	global $gblIconLocation, $gblImages ;
 
 	switch (strtolower($txt)) {
-	case ".bmp" :
-	case ".gif" :
-	case ".jpg" :
-	case ".jpeg":
-	case ".tif" :
-	case ".tiff": 
-		$d = "image2.gif" ;
-		break ;
 	case ".doc" :
 		$d = "layout.gif" ;
 		break ;
@@ -570,9 +562,14 @@
 		$d = "quill.gif";
 		break;
 	default :
-		$d = "generic.gif" ;
+		if (in_array(strtolower($txt),$gblImages)) {
+			$d = "image2.gif" ;
+		} else {
+			$d = "generic.gif" ;
+		}
 	}
 
+
 	return "<IMG SRC=\"$gblIconLocation" . $d . "\" BORDER=0>" ;
 } // end function GifIcon
 
@@ -1500,6 +1497,8 @@
 function check_perm($path,$trperm) {
 	global $gblLogin,$HAVE_TRUSTEE;
 
+	$path = str_replace("//","/",$path);
+
 	global $debug;
 $debug.="<br>check_perm: on <tt>$path</tt> for perm ".display_trustee($trperm)."<br>\n";
 
@@ -1554,6 +1553,15 @@
 	if (strstr($file,"/")) Error("Security violation","No slashes <tt>/</tt> allowed in file name <tt>$file</tt>",1);
 }
 
+// bla/blo/../foo will return bla/foo
+function remove_parent($path) {
+	while (preg_match(",/[^/]+/\.\./,",$path)) {
+		$path = preg_replace(",/[^/]+/\.\./,","",$path);
+	}
+	if (substr($path,0,1) != "/") $path = "/".$path;
+	return $path;
+}
+
 //////////////////////////////////////////////////////////////////
 
 // functions to move HTTP server variables to global namespace
@@ -1758,6 +1766,9 @@
 			$target = "$fsDir/$FILENAME";
 		}
 
+		if (! check_perm("$relDir/".basename($target), trperm_w))
+			Error("Access denied","User <tt>$gblLogin</tt> tried to upload <tt>$relDir/".basename($target)."</tt> without valid trustee.",1);
+
 		// backup old files first
 		$dir=dirname($target);
 		if (! file_exists($dir."/.bak")) {
@@ -1786,10 +1797,14 @@
 	case "SAVE" :
 		$path = $gblFsRoot . $RELPATH ;
 		$path=stripSlashes($path);
+
+		if (! check_perm("$RELPATH", trperm_w))
+			Error("Access denied","User <tt>$gblLogin</tt> tried to save <tt>$RELPATH</tt> without valid trustee.",1);
+
 		$writable = is_writeable($path) ;
 		$legaldir = is_writeable(dirname($path)) ;
 		$exists   = (file_exists($path)) ? 1 : 0 ; 
-// check for legal extension here as well
+		// FIX: more verbose error message
 	 	if (!($writable || (!$exists && $legaldir))) 
 			Error("Write denied",$RELPATH) ;
 		$fh = fopen($path, "w") ;
@@ -1807,9 +1822,13 @@
 		if ($T == "D") $type = "directory";
 		else $type ="file";
 		if ($FN == "") Error("Can't create $type","You must enter name of $type to create it.");
-		if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
-		$path = $fsDir . "/" . $FN ;  // file or dir to create
-		$relPath = $relDir . "/" . $FN ;
+		if (!is_writeable($fsDir)) Error("Write denied","User <tt>$gblLogin</tt> has trustee to write in <tt>$relDir</tt> but permissions on <tt>$fsDir</tt> are wrong!", 1) ;
+		$path = "$fsDir/$FN";		// file or dir to create
+		$relPath = "$relDir/$FN";
+
+		if (file_exists($path))
+			Error("Can't create $type","Object <tt>$relPath</tt> allready exists");
+
 		switch ( $T ) {
 		case "D" :  // create a directory
 			if ( ! @mkdir($path,$gblDirPerms) ) 
@@ -1823,14 +1842,14 @@
 // better keep it here altogether
 // chmod perms to $gblFilePerms
 			if ( file_exists($path) && !is_writeable($path) ) 
-				Error("File not writable", $relPath) ;
+				Error("File not writable", "User <tt>$gblLogin</tt> has trustee to write in <tt>$relPath</tt> but permissions on <tt>$path</tt> are wrong!", 1) ;
 			$fh = fopen($path, "w+") ;
 			if ($fh) {
 				fputs($fh,"\n");
 				fclose($fh) ;
 				LogIt($path,"file created",trperm_r | trperm_w);
 			} else {
-				Error("Creation of file $relPath failed -- $path");
+				Error("Creation of file $relPath failed", "User <tt>$gblLogin</tt> has trustee to write in <tt>$relPath</tt> but creation of <tt>$path</tt> failed!", 1) ;
 			}
 			$tstr = $HTTP_SERVER_VARS["PHP_SELF"]."?A=E&D=".urlencode($relDir)."&F=".urlencode($FN) ;
 			header("Location: " . $tstr) ;
@@ -1843,36 +1862,34 @@
 
 		if ( isset($FN) && $FN != "") {
 			$path=$fsDir."/".$FN;
-
 			$what = "file";
-			if (is_dir($path)) {
-				$what = "dir";
-			}
+		} elseif (isset($DIR)) {
+			$path=$gblFsRoot."/".$DIR;
+			$what = "directory";
+		} else  {
+			Error("Can't delete object","Can't find filename <tt>\$FN</tt> or dirname in <tt>\$DIR</tt>",1);
+		}
 
-			if (! check_perm($relDir."/".$FN, trperm_w))
-				Error("Access denied","User <tt>$gblLogin</tt> tried to erase $what <tt>$relDir/$FN</tt> without valid trustee.",1);
+		if (! check_perm("$relDir/$FN", trperm_w))
+			Error("Access denied","User <tt>$gblLogin</tt> tried to erase $what <tt>$relDir/$FN</tt> without valid trustee.",1);
 
-			$tstr  = "Attempt to delete non-existing object or " ;
-			$tstr .= "insufficient privileges: " ;
+		$tstr  = "Attempt to delete non-existing object or insufficient privileges: " ;
 
-			$dir=dirname($path);
-			$file=basename($path);
-			if (! file_exists("$dir/.del")) {
-				mkdir("$dir/.del",0700);
-			}
+		$dir=dirname($path);
+		$file=basename($path);
 
-//			if ( ! @unlink($path) ) { 
-			if ( ! @rename($path,"$dir/.del/$file") ) { 
-				LogIt($path,"$what delete failed");
-				Error("Can't delete $what",$tstr.$relDir."/".$FN) ; 
-			} else {
-				LogIt($path,"$what deleted",trperm_w);
-				MoveTo("$dir/.log/$file","$dir/.del/.log/");
-				MoveTo("$dir/.note/$file","$dir/.del/.note/");
-				MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
-			}
+		if (! file_exists("$dir/.del")) {
+			mkdir("$dir/.del",0700);
+		}
+
+		if ( ! @rename($path,"$dir/.del/$file") ) { 
+			LogIt($path,"$what delete failed");
+			Error("Can't delete $what",$tstr."<tt>".$relDir."/".$FN."</tt>") ; 
 		} else {
-			Error("Rmdir failed", $tstr . $fsDir) ; 
+			LogIt($path,"$what deleted",trperm_w);
+			MoveTo("$dir/.log/$file","$dir/.del/.log/");
+			MoveTo("$dir/.note/$file","$dir/.del/.note/");
+			MoveTo("$dir/.lock/$file","$dir/.del/.lock/");
 		}
 		break ;
 
@@ -1882,6 +1899,9 @@
 		if (substr($FN,0,4) != ".del") break ;
 		$file=substr($FN,4,strlen($FN)-4);
 
+		if (! check_perm("$relDir/$file", trperm_w))
+			Error("Access denied","User <tt>$gblLogin</tt> tried to undelete <tt>$relDir/$file</tt> without valid trustee.",1);
+
 		LogIt("$fsDir/.del/$file","undeleted",trperm_w);
 		MoveTo("$fsDir/.del/$file","$fsDir/");
 		MoveTo("$fsDir/.del/.log/$file","$fsDir/.log/");
@@ -1893,7 +1913,14 @@
 	case "RENAME" :  
 		if ( $CONFIRM != "on" ) break ;
 
-		$NEWNAME=stripSlashes($HTTP_POST_VARS["NEWNAME"]);
+		if (HTTP_POST_VAR("NEWNAME")) {
+			$dest = remove_parent($relDir.$NEWNAME);
+			if (! check_perm($relDir.$FN, trperm_w) ||
+			    ! check_perm($dest, trperm_w) )
+				Error("Access denied","User <tt>$gblLogin</tt> tried to rename <tt>$relDir$FN</tt> to <tt>$dest</tt> without valid trustee.",1);
+		} else {
+			Error("Rename error","Can't find new name in var <tt>\$NEWNAME</tt>",1);
+		}
 		LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r);
 		safe_rename($fsDir,$FN,$NEWNAME);
 		break ;