1076 |
function try_rename($from,$to) { |
function try_rename($from,$to) { |
1077 |
# print "$from -> $to\n"; |
# print "$from -> $to\n"; |
1078 |
if (file_exists($from) && is_writeable(dirname($to))) { |
if (file_exists($from) && is_writeable(dirname($to))) { |
1079 |
rename($from,$to); |
return rename($from,$to); |
1080 |
|
} else { |
1081 |
|
return 0; |
1082 |
} |
} |
1083 |
} |
} |
1084 |
|
|
1085 |
function try_dir($todir) { |
function try_dir($todir) { |
1086 |
if (! file_exists($todir)) { |
if (! file_exists($todir)) { |
1087 |
mkdir($todir,0700); |
@mkdir($todir,0700); |
1088 |
} |
} |
1089 |
} |
} |
1090 |
|
|
1094 |
|
|
1095 |
# print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n"; |
# print "<pre>$fromdir / $fromfile -> $todir / $tofile\n\n"; |
1096 |
|
|
1097 |
try_rename("$fromdir/$fromfile","$todir/$tofile"); |
if (! try_rename("$fromdir/$fromfile","$todir/$tofile")) Error("Rename error","Can't rename file <tt>$fromfile</tt> to <tt>$tofile</tt>",1); |
1098 |
try_dir("$todir/.log"); |
try_dir("$todir/.log"); |
1099 |
try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile"); |
try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile"); |
1100 |
try_dir("$todir/.note"); |
try_dir("$todir/.note"); |
1608 |
switch ($HTTP_POST_VARS["POSTACTION"]) { |
switch ($HTTP_POST_VARS["POSTACTION"]) { |
1609 |
case "UPLOAD" : |
case "UPLOAD" : |
1610 |
$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); |
$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]); |
1611 |
|
$FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]); |
1612 |
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; |
if (!is_writeable($fsDir)) Error("Write denied",$relDir) ; |
1613 |
if (strstr($FN_name,"/")) |
|
|
Error("Non-conforming filename") ; |
|
|
// TODO : should rather check for escapeshellcmds |
|
|
// but maybe RFC 18xx asserts safe filenames .... |
|
1614 |
$source = $FN_name ; |
$source = $FN_name ; |
1615 |
if (! file_exists($source)) { |
if (! file_exists($source)) { |
1616 |
Error("You must select file with browse to upload it!"); |
Error("You must select file with browse to upload it!"); |
1617 |
} |
} |
1618 |
|
|
1619 |
$FILENAME = $HTTP_POST_VARS["FILENAME"]; |
$FILENAME = $HTTP_POST_VARS["FILENAME"]; |
1620 |
|
if (strstr($FILENAME,"/")) |
1621 |
|
Error("Upload error","Non-conforming filename. Filename <tt>$FILENAME</tt> has slashes (<tt>/</tt>) in it.") ; |
1622 |
if (! isset($FILENAME)) { // from update file |
if (! isset($FILENAME)) { // from update file |
1623 |
$target = "$fsDir/$FN_name" ; |
$target = "$fsDir/".basename($FN); |
1624 |
} else { |
} else { |
1625 |
$target = "$fsDir/$FILENAME"; |
$target = "$fsDir/$FILENAME"; |
1626 |
} |
} |
1753 |
case "RENAME" : |
case "RENAME" : |
1754 |
if ( $CONFIRM != "on" ) break ; |
if ( $CONFIRM != "on" ) break ; |
1755 |
|
|
1756 |
|
$NEWNAME=stripSlashes($HTTP_POST_VARS["NEWNAME"]); |
1757 |
LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r); |
LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r); |
1758 |
safe_rename($fsDir,$FN,$NEWNAME); |
safe_rename($fsDir,$FN,$NEWNAME); |
1759 |
break ; |
break ; |
1760 |
|
|
1761 |
case "NOTE" : |
case "NOTE" : |
1762 |
|
$NOTE=stripSlashes($HTTP_POST_VARS["NOTE"]); |
1763 |
WriteNote("$fsDir/$FN","$NOTE"); |
WriteNote("$fsDir/$FN","$NOTE"); |
1764 |
break ; |
break ; |
1765 |
|
|