This is the code, it's an image upload with a login script, but offres no new user registeration, and that's what I'd like it to do.
<?php
$filefarm = new FileFarm();
class FileFarm {
var $title;
var $allow_edit;
var $show_hidden;
var $allowed_types;
var $size_limit;
var $new_days;
var $image_types;
var $date_format;
var $file_perms;
var $umask;
var $dir_perms;
var $base_dir;
var $web_dir;
var $rel_dir;
var $rel_path;
var $self;
function FileFarm() {
$this->version = "20030521";
/*== REQUIRED SETTING ==========================
==========
=======*/
// username=>password array for authentication
// Set to FALSE (or comment out) to disable security altogether.
// $this->login_auth = array("user-name" => "SomePassword");
$this->login_auth = array("dcatkin" => "hellfire");
/*== QDIG-SPECIFIC SETTINGS ==========================
==========
=*/
// customize this script for a use on a Car gallery
$this->qdig_gallery_mode = TRUE;
// careate a .txt caption file automatically on image upload?
$qdig_autocreate_caption_f
ile = TRUE;
// delete the .txt caption file automatically on image delete?
$qdig_autodelete_caption_f
ile = TRUE;
/*== OPTIONAL SETTINGS ==========================
==========
======*/
// Some custom settings...
// full path to base directory (no ending slash)
//$this->base_dir = "/home/dcatkin/www/cars/up
loads";
//$this->base_dir = "";
// relative web path to base directory (no ending slash)
//$this->web_dir = "/cars/uploads";
//$this->web_dir = "";
// title of your file farm
$this->title = "Car Sales";
// files you want to be able to edit in text mode
// and view with (primitive) syntax highlighting
// $this->allow_edit = array(".txt",".htm",".html
",".cfm","
.php3",".p
hp",".phtm
l",".shtml
",".css","
.xml",".pl
");
$this->allow_edit = array(".txt");
// whether or not to show hidden files (dot filenames)
$this->show_hidden = TRUE;
// display directory summaries
$this->show_summary = TRUE;
// convert path names to breadcrumbs?
$this->breadcrumbs = TRUE;
// mimetypes that you want to allow for uploading
// Set to FALSE (or comment out) to disable file type validation.
// $this->allowed_types = array("text/plain","text/h
tml","appl
ication/x-
zip-compre
ssed");
$this->allowed_types = array("image/jpeg","image/
pjpeg","im
age/gif","
image/x-pn
g","image/
png","imag
e/x-png","
image/bmp"
);
// list of files/directories to specifically exclude from listing
$this->excluded = array(".htaccess","robots.
txt","favi
con.ico");
// maximum file size allowed for uploading (in bytes)
$this->size_limit = "5000000";
// number of days a file is considered NEW
$this->new_days = 7;
// files that will display as images on the detail page
$this->image_types = array(".jpg",".jpeg",".gif
",".png","
.ico",".bm
p",".xbm")
;
// how we format dates
$this->date_format = "m/d/y h:i:s A";
// umask setting for default newly-created file and directory permissions.
// TODO uploaded files are executable, but touch() works as expected
// Examples: umask(002) // `drwxrwxr-x' and `-rw-rw-r--' (world readable)
// umask(007) // `drwxrwx---' and `-rw-rw----' (not world readable)
$this->umask = 002;
// default permissions for uploaded files (int)
$this->file_perms = 0664;
// default permissions for created directories (int)
$this->dir_perms = 0775;
/*== SKIN / THEME DEFINITION ==========================
==========
====*/
$this->siteWidth = "100%";
$this->bodyBgColor = "0000CC";
$this->bodyTextColor = "0000FF";
$this->bodyLinkColor = "cc3333";
$this->bodyVlinkColor = "990000";
$this->bodyAlinkColor = "000000";
$this->bodyMarginSize = "3";
$this->headDiv = "";
$this->menubarColor = "000000";
$this->siteNameColor = "ffffff";
$this->menubarDiv = "";
$this->bodyFgColor = "ffffff";
$this->formStyle = "";
$this->bodyFgDiv = "000000,1";
$this->bodyFgToRowDiv = "000000,1";
$this->rowColor1 = "eeeeee";
$this->rowColor2 = "f0f0f0";
$this->rowLinkColor = "cc3333";
$this->rowTextColor = "000000";
$this->newFileColor = "ff0000";
$this->rowDiv = "000000,1";
$this->rowToBodyFgDiv = "000000,1";
$this->footDiv = "000000,1";
/*== NO NEED TO EDIT PAST THIS POINT ==========================
======*/
umask($this->umask);
// Set variables according to version of PHP attempt to
// deal with `register_globals Off'
if (! isset($_POST)) {
global $HTTP_POST_VARS;
$post_vars=$HTTP_POST_VARS
;
}
else {
$post_vars=$_POST;
}
if (! isset($_GET)) {
global $HTTP_GET_VARS;
$get_vars=$HTTP_GET_VARS;
}
else {
$get_vars=$_GET;
}
if (! isset($_FILES)) {
global $HTTP_POST_FILES;
$post_files=$HTTP_POST_FIL
ES;
}
else {
$post_files=$_FILES;
}
if (! isset($_SERVER)) {
global $HTTP_SERVER_VARS;
$server_php_self=$HTTP_SER
VER_VARS["
PHP_SELF"]
;
$auth_user=$HTTP_SERVER_VA
RS['PHP_AU
TH_USER'];
$auth_pw=$HTTP_SERVER_VARS
["PHP_AUTH
_PW"];
$user_agent=$HTTP_SERVER_V
ARS["HTTP_
USER_AGENT
"];
$script_filename=$HTTP_SER
VER_VARS["
SCRIPT_FIL
ENAME"];
$script_name=$HTTP_SERVER_
VARS["SCRI
PT_NAME"];
}
else {
$server_php_self=$_SERVER[
"PHP_SELF"
];
$auth_user=$_SERVER['PHP_A
UTH_USER']
;
$auth_pw=$_SERVER['PHP_AUT
H_PW'];
$user_agent=$_SERVER["HTTP
_USER_AGEN
T"];
$script_filename=$_SERVER[
"SCRIPT_FI
LENAME"];
$script_name=$_SERVER["SCR
IPT_NAME"]
;
}
$this->self = $server_php_self;
$this->file = stripslashes($get_vars["F"
]);
// Set base_dir and web_dir to current dir if none was provided
if (!isset($this->base_dir)) {
$this->base_dir = dirname($script_filename);
}
if (!isset($this->web_dir)) {
$this->web_dir = dirname($script_name);
}
// check for authentication first thing if enabled
if ($this->login_auth) {
if (!empty($auth_user)
&& !empty($auth_pw))
{
if ($this->login_auth[$auth_u
ser] != $auth_pw) {
$this->authenticate();
}
} else {
$this->authenticate();
}
}
// check for skin.txt and load if it exists
$this->load_skin();
// determine working directory
if ($post_vars["DIR"]) {
$this->rel_dir = $post_vars["DIR"];
} elseif ($get_vars["D"]) {
$this->rel_dir = rawurldecode($get_vars["D"
]);
} else {
$this->rel_dir = "";
}
if ($this->rel_dir=="/") {
$this->rel_dir = "";
}
$this->rel_path = $this->base_dir . $this->rel_dir;
if (@strstr($this->rel_dir,".
.")) {
$this->Error("No up-folders allowed"); // Important
} elseif (!is_dir($this->rel_path))
{
$this->Error("Folder not found",$this->rel_dir);
}
switch ($post_vars['POSTACTION'])
{
case "UPLOAD" :
if (!is_writable($this->rel_p
ath)) {
$this->Error("Could not write to folder",$this->rel_path);
}
$file = stripslashes($post_files['
FN']['name
']);
$type = $post_files['FN']['type'];
$size = $post_files['FN']['size'];
$temp = $post_files['FN']['tmp_nam
e'];
if (is_uploaded_file($temp)) {
if ($size <= $this->size_limit) {
if ($this->allowed_types==FAL
SE
|| in_array($type,$this->allo
wed_types)
)
{
$target = $this->rel_path . "/" . $file;
if (move_uploaded_file($temp,
$target)) {
chmod($target,$this->file_
perms);
// success
// Qdig feature -- Add a text file for caption
if (! file_exists($target.".txt"
)
&& $this->qdig_gallery_mode == TRUE
&& $qdig_autocreate_caption_f
ile == TRUE)
{
touch($target.".txt");
}
} else {
$this->Error("Could not move uploaded file",$target);
}
} else {
$this->Error("File type not allowed",$type);
}
} else {
$this->Error("Max file size exceeded","$size exceeds $this->size_limit");
}
}
clearstatcache() ;
break;
case "SAVE" :
if (@strstr($post_vars["RELPA
TH"],"..")
) {
$this->Error("No up-folders allowed"); // Important
}
$path = stripslashes($this->base_d
ir . $post_vars["RELPATH"]);
$writable = is_writable($path);
$legaldir = is_writable(dirname($path)
);
$exists = (file_exists($path)) ? 1 : 0;
// possibly check for legal extension here as well
if (!($writable
|| (!$exists
&& $legaldir)))
{
$this->Error("Could not write to file",$path);
}
$fh = fopen($path,"w");
fwrite($fh,stripslashes($p
ost_vars["
FILEDATA"]
));
fclose($fh);
clearstatcache();
break ;
case "CREATE" :
if (!is_writable($this->rel_p
ath)) {
$this->Error("Could not write to folder",$this->rel_path);
}
$file = stripslashes($post_vars["F
N"]);
$path = $this->rel_path . "/" . $file;
// check for invalid (excluded) file/dir names
if ($file
&& strstr(join(" ",$this->excluded),$file))
{
$this->Error("Could not write file",$file . " is a reserved name");
}
switch ($post_vars["T"]) {
case "D" : // create a directory
if (!@mkdir($path,$this->dir_
perms) || empty($file)) {
$this->Error("Could not create folder or folder already exists",$path);
}
break ;
case "F" : // create a new file
if (file_exists($path) || !is_writable(dirname($path
))) {
$this->Error("Could not write to file or file already exists", $path) ;
}
$tstr = $this->self . "?op=details&D=" . $this->rel_dir . "&F=" . $file;
header("Location: " . $tstr);
exit;
break;
}
break;
case "DELETE" :
if ($post_vars["CONFIRM"] != "on") break;
$tstr = "Attempt to delete non-existing object or ";
$tstr .= "insufficient privileges: ";
$file = stripslashes($post_vars["F
N"]);
$caption_file = $this->rel_path . "/" . $file . ".txt";
if (!empty($file)) { // delete file
$path = $this->rel_path . "/" . $file;
$caption_path = $this->rel_path . "/" . $caption_file;
if (!@unlink($path)) {
$this->Error("Could not remove file", $tstr . $path);
exit;
}
if (file_exists($caption_file
)
&& $this->qdig_gallery_mode == TRUE
&& $qdig_autodelete_caption_f
ile == TRUE
&& !@unlink($caption_file))
{
$this->Error("Could not remove file", $tstr . $caption_file);
exit;
}
} else { // delete directory
if (!@rmdir($this->rel_path))
{
$this->Error("Could not remove folder", $tstr . $this->rel_path);
} else {
$this->rel_path = dirname($this->rel_path); // move up
$this->rel_dir = dirname($this->rel_dir);
}
}
break;
default:
// user hit "CANCEL" or undefined action
break;
}
// redirect to directory view if posted
if (!empty($post_vars['POSTAC
TION'])) {
$tstr = $this->self . "?&D=" . urlencode($this->rel_dir);
header("location:" . $tstr);
exit;
}
// determine operation if passed
switch ($get_vars["op"]) {
case "details":
$this->DetailPage();
exit;
case "view":
$this->DisplayCode();
exit;
case "download":
$this->Download();
exit;
}
// default: display directory $rel_path
$this->Navigate() ;
}
/**
* Output the document header
*/
function head($title,$text="") {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="Content-Langua
ge" content="en"/>
<meta http-equiv="Content-Style-
Type" content="text/css"/>
<meta http-equiv="expires" content="0" />
<meta http-equiv="Pragma" content="no-cache" />
<meta name="description" content="Remote Administration Page"/>
<meta name="robots" content="noindex" />
<meta name="MSSmartTagsPreventPa
rsing" content="true" />
<?php
// Avoid log spam in case the icon isn't present
if (is_file("qdig-admin.ico")
&& is_readable("qdig-admin.ic
o")) {
?>
<link rel="icon" href="qdig-admin.ico" type="image/x-icon">
<link rel="shortcut icon" href="qdig-admin.ico" type="image/x-icon">
<?php
}
?>
<title><?php echo $title?></title>
<style type="text/css"> <!--
body,td,p,h1,h2,h3,h4,form
{ font-family:Helvetica,Aria
l,sans-ser
if; color: #<?php echo $this->bodyTextColor?>; font-size 12pt }
textarea,pre,tt { color:<?php echo $this->rowTextColor?>; font-family:monospace,Luci
da Console,Courier New,Courier,fixed; font-size: 10pt }
body { background-color: #<?php echo $this->bodyBgColor?>; margin: <?php echo $this->bodyMarginSize?>}
em { color:<?php echo $this->newFileColor?>; font-style:normal; }
a:link { color: #<?php echo $this->rowLinkColor?>; }
a:visited { color: #<?php echo $this->bodyVlinkColor?>; }
a:active a:hover { color: #<?php echo $this->bodyAlinkColor?>; }
.black { color:black; }
.NEW { color:<?php echo $this->newFileColor?>; }
.top { color:<?php echo $this->bodyTextColor?>; font-size:10pt; font-weight: bold;}
.INV { color:<?php echo $this->siteNameColor?>; background-color:<?php echo $this->menubarColor?>; font-size:14pt; font-weight: bold;}
.ROW1 { background-color:#<?php echo $this->rowColor1?>; color:<?php echo $this->rowTextColor?>;}
.ROW2 { background-color:#<?php echo $this->rowColor2?>; color:<?php echo $this->rowTextColor?>;}
.BAR { background-color:#<?php echo $this->bodyFgColor?>; }
.bottom { color:<?php echo $this->bodyTextColor?>; font-size:11px; text-decoration: none;}
.REM { color:silver; }
.XML { color:navy; background-color:yellow; } -->
</style>
</head>
<body>
<?php echo $this->colorbars($this->he
adDiv)?>
<table summary="Qdig Maintenence Title" border=0 cellspacing=0 cellpadding=2 width="<?php echo $this->siteWidth?>">
<tr>
<td class="INV"><?php echo $this->icon("opendir",$tit
le)?> <?php echo $title?> </td>
</tr>
</table>
<?php echo $this->colorbars($this->me
nubarDiv)?
>
<table summary="Qdig Maintenence Body" border=0 cellspacing=0 cellpadding=2 width="<?php echo $this->siteWidth?>">
<tr>
<td bgcolor="<?php echo $this->bodyFgColor?>">
<div><?php echo $text?></div>
<?php
}
/**
* Output the document footer
*/
function foot() {
print "</td></tr></table>\n";
$this->colorbars($this->fo
otDiv);
print " <!-- Footer -->\n <div class=\"bottom\" align=\"right\">\n";
print " <a href=\"
http://home.cis-dept.com/support/scripts/qdig/index.php?view=Admin&ver=" . $this->version . "\"\n";
print " title=\"Qdig Maintenence Home\">Qdig Maintenence</a>\n";
print " </div>\n";
print "</body>\n</html>\n";
}
/**
* Produce a View/Modify page.
*/
function DetailPage() {
$path = $this->rel_path . "/" . $this->file;
$relpath = $this->rel_dir . "/" . $this->file;
$gallery_mode = $this->qdig_gallery_mode;
$exists = file_exists($path);
$ext = strtolower(strrchr($path,"
.")) ;
$editable = ($ext=="" || strstr(join(" ",$this->allow_edit),$ext)
) ;
$writable = is_writable($path) ;
if (!$editable
&& !$exists)
{
$this->Error("Creation unsupported for file type",$path) ;
}
if (!$exists
&& !$writeable)
{
$this->Error("Creation denied",$path) ;
}
if ($gallery_mode == TRUE) {
$text = "Use this page to view/delete an image or modify/delete " ;
$text .= "a comment in <a href=\"$this->web_dir\">yo
ur Qdig gallery</a><br /><br />" ;
}
else {
$text = "Use this page to view/delete a file or modify " ;
$text .= "a document.<br /><br />" ;
}
$this->head("View/Edit", $text) ;
?>
<table summary="View/Modify Page Header" cellpadding=2 cellspacing=1 border=0 width="100%">
<tr>
<td><?php echo $this->colorbars($this->bo
dyFgToRowD
iv);?> </td>
</tr>
<tr>
<td class="ROW2">
<table summary="Cancel Button and Filename">
<tr>
<td>
<!-- Cancel View / Edit -->
<form action="<?php echo $this->self;?>" method="POST">
<input type="SUBMIT" name="POSTACTION" value="Cancel">
</form>
</td>
<td valign="top">
<?php echo "<big><strong> File: " . $this->rel_dir . "/" . $this->file . "</strong></big>";?>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><?php echo $this->colorbars($this->ro
wToBodyFgD
iv);?> </td>
</tr>
</table>
<?php
/**
* Edit the document or, if file is an image, display it.
*/
// begin Edit Document
if ($editable
&& ($writable
|| !$exists))
{
$fh = fopen($path,"a+");
rewind($fh);
$fstr = fread($fh,filesize($path))
;
fclose($fh);
$fstr = htmlspecialchars($fstr);
?>
<table summary="Document Contents" cellpadding=2 cellspacing=1 border=0 width="100%">
<tr>
<td>
<form action="<?php echo $this->self;?>" method="POST">
<strong>EDIT DOCUMENT</strong>
<br />
<textarea name="FILEDATA" rows=15 cols=78 wrap=OFF><?php echo $fstr;?></textarea>
<input type="HIDDEN" name="DIR" value="<?php echo $this->rel_dir;?>">
<input type="HIDDEN" name="FN" value="<?php echo $this->file;?>">
<input type="HIDDEN" name="POSTACTION" value="SAVE">
<br />
Save As:
<input type="TEXT" size=48 maxlength=255 name="RELPATH" value="<?php echo $relpath;?>">
<input type="RESET" value="Reset">
<input type="SUBMIT" value="Save">
</form>
</td>
</tr>
</table>
<?php
// End Edit Document
// begin Display Image
} elseif (strstr(join(" ",$this->image_types),$ext
)) {
$info = getimagesize($this->base_d
ir . $relpath) ;
$dim = $info[0] ." x ". $info[1];
$tstr = "<img src=\"". $this->web_dir . $relpath . "\" border=0 " ;
$tstr .= $info[3] . " alt=\"" . $this->file . " (" . $dim . ")\">" ;
echo $tstr;
} // end Display Image
?>
<?php
/**
* Show a `Delete File' table if applicable.
*/
if ($exists
&& $writable)
{
?>
<table summary="Delete File" cellpadding=2 cellspacing=1 border=0 width="100%">
<tr>
<td><?php echo $this->colorbars($this->bo
dyFgToRowD
iv);?> </td>
</tr>
<tr>
<td class="ROW2">
<form action="<?php echo $this->self;?>" method="POST">
<input type="HIDDEN" name="DIR" value="<?php echo $this->rel_dir;?>">
<input type="HIDDEN" name="FN" value="<?php echo $this->file;?>">
<strong>Delete "<?php echo $this->file;?>"?</strong>
<input type="CHECKBOX" name="CONFIRM">
<input type="SUBMIT" name="POSTACTION" value="DELETE">
</form>
</td>
</tr>
<tr>
<td><?php echo $this->colorbars($this->ro
wToBodyFgD
iv);?> </td>
</tr>
</table>
<?php
} // end Delete File table
/**
*Show the File Details.
*/
if ($exists) { // get file info
?>
<table summary="File Details" cellpadding=2 cellspacing=1 border=0 width="100%">
<tr>
<td><?php echo $this->colorbars($this->bo
dyFgToRowD
iv);?> </td>
</tr>
<tr>
<td class="ROW2">
<?php
$fsize = filesize($path);
$fmodified = date($this->date_format, filemtime($path));
$faccessed = date($this->date_format, fileatime($path));
$owner = posix_getpwuid(fileowner($
path));
$group = posix_getgrgid(filegroup($
path));
echo "<pre><strong>File details:</strong>\n";
echo "<small> file size: <strong>" . $this->fixsize($fsize) . " (" . $fsize . " bytes)</strong>\n";
echo "last modified: <strong>" . $fmodified . "</strong>\n";
echo "last accessed: <strong>" . $faccessed . "</strong>\n";
echo " owner: <strong>" . $owner["name"] . " (" . $owner["gecos"] . ")" . "</strong>\n";
echo " group: <strong>" . $group["name"] . "</strong>\n";
echo " permissions: <strong>" . $this->display_perms($path
) . "</strong>" ;
echo "</small></pre>\n" ;
clearstatcache();
?>
</td>
</tr>
<tr>
<td><?php echo $this->colorbars($this->ro
wToBodyFgD
iv);?> </td>
</tr>
</table>
<?php
} // end File Details
$this->foot();
}
/**
* Display the source of a document.
*/
function DisplayCode() {
$path = $this->rel_path . "/" . $this->file;
if (!file_exists($path)) {
$this->Error("File not found",$path) ;
}
$this->head("Viewing file: " . $this->rel_dir."/".$this->
file,"");
// show_source($path);
$tstr = join("",file($path)) ;
$tstr = htmlspecialchars($tstr) ;
// Tabs
$tstr = str_replace(chr(9)," ",$tstr) ;
// ASP tags & XML/PHP tags
$aspbeg = "<span class=\"XML\"><%</span>
<span class=\"black\">" ;
$aspend = "</span><span class=\"XML\">%></span>
" ;
$tstr = str_replace("<%",$aspbe
g,$tstr) ;
$tstr = str_replace("%>",$aspen
d,$tstr) ;
$xmlbeg = "<span class=\"XML\"><?</span>
<span class=\"black\">" ;
$xmlend = "</span><span class=\"XML\">?></span>
" ;
$tstr = str_replace("<?",$xmlbe
g,$tstr) ;
$tstr = str_replace("?>",$xmlen
d,$tstr) ;
// C style comment
$tstr = str_replace("/*","<span class=\"REM\">/*",$tstr) ;
$tstr = str_replace("*/","*/</span
>",$tstr) ;
// HTML comments
$tstr = str_replace("<!--","<i class=\"RED\"><!--",$ts
tr) ;
$tstr = str_replace("-->","--&g
t;</i>",$t
str) ;
$this->colorbars($this->bo
dyFgToRowD
iv);
?>
<table cellspacing=1 cellpadding=0 border=0 width="100%">
<tr>
<td class="ROW2">
<br />
<?php
echo " <pre>\n" ;
$tstr = split("\n",$tstr) ;
for ($i = 0 ; $i < sizeof($tstr) ; ++$i) {
// add line numbers
echo "<br /><EM>" ;
echo substr(("000" . ($i+1)), -4) . ":</EM> " ;
$line = $tstr[$i] ;
// C++ style comments
$pos = strpos($line,"//") ;
// exceptions: two slashes aren't a script comment
if (strstr($line,"//")
&& ! ($pos>0 && substr($line,$pos-1,1)==":
")
&& ! (substr($line,$pos,8) == "//-->")
&& ! (substr($line,$pos,9) == "// -->"))
{
$beg = substr($line,0,strpos($lin
e,"//")) ;
$end = strstr($line,"//") ;
$line = $beg."<span class=\"REM\">".$end."</sp
an>";
}
// shell & asp style comments
$first = substr(ltrim($line),0,1) ;
if ($first == "#"
|| $first == "'")
{
$line = "<span class=\"REM\">".$line."</s
pan>";
}
print($line) ;
} // next i
echo " </pre>\n";
echo " </td></tr>\n </table>\n";
echo " </tr></table>\n";
$this->colorbars($this->ro
wToBodyFgD
iv);
?>
<form method="POST" action="<?php echo $this->self?>">
<input type="HIDDEN" name="DIR" value="<?php echo $this->rel_dir?>"><br />
<input type="SUBMIT" name="POSTACTION" value="Cancel">
</form>
<?php
$this->foot() ;
} // end function DisplayCode()
/*
* Download a file.
*/
function Download() {
$path = $this->base_dir . $this->rel_dir . "/" . $this->file;
//SetCookie("Download",yep
, time()+36000000, "/", "
www.domain.com", 0);
$size = filesize($path);
//header("Content-Type: application/octet-stream")
;
header("Content-Type: application/force-download
");
header("Content-Length: $size");
// IE5.5 just downloads index.php if we don't do this TODO: What about IE6?
if(preg_match("/MSIE 5.5/", $user_agent)) {
header("Content-Dispositio
n: filename=$this->file");
} else {
header("Content-Dispositio
n: attachment; filename=$this->file");
}
header("Content-Transfer-E
ncoding: binary");
$fh = fopen($path, "r");
fpassthru($fh);
}
/*
* Display an <img> link to an appropriate icon based ont $txt.
*/
function icon($txt,$alt="") {
switch (strtolower($txt)) {
case ".bmp" : case ".gif" : case ".png" :
case ".jpg" : case ".jpeg": case ".tif" :
case ".tiff":
$d = "image2.gif" ;
break ;
case ".doc" :
$d = "layout.gif" ;
break ;
case ".exe" : case ".com" : case ".bin" : case ".bat" :
$d = "binary.gif" ;
break ;
case ".hqx" :
$d = "binhex.gif" ;
break ;
case ".bas" : case ".c" : case ".cc" :
case ".src" :
$d = "c.gif" ;
break ;
case "file" :
$d = "generic.gif" ;
break ;
case "dir" :
$d = "dir.gif" ;
break ;
case "opendir" :
$d = "folder.open.gif" ;
break ;
case ".phps" : case ".php3" : case ".htm" : case ".html":
case ".asa" : case ".asp" : case ".cfm" : case ".php3":
case ".php" : case ".phtml" : case ".shtml" :
$d = "world1.gif";
break;
case ".pl" : case ".py" :
$d = "p.gif";
break;
case ".wrl" : case ".vrml": case ".vrm" : case ".iv" :
$d = "world2.gif";
break;
case ".ps" : case ".ai" : case ".eps" :
$d = "a.gif";
break;
case ".pdf" :
$d = "pdf.gif" ;
break;
case ".txt" : case ".ini" :
$d = "text.gif" ;
break;
case ".xls" :
$d = "box2.gif" ;
break ;
case ".dvi" :
$d = "dvi.gif";
break;
case ".mpg" : case ".mpeg":
$d = "movie.gif";
break;
case ".aiff": case ".wav" : case ".it" : case ".mp3" :
$d = "sound2.gif";
break;
case ".conf": case ".cfg": case ".scr": case ".sh":
case ".shar": case ".csh": case ".ksh": case ".tcl":
$d = "script.gif";
break;
case ".tar" : case ".zip" : case ".arc" : case ".sit" :
case ".gz" : case ".tgz" : case ".Z" :
$d = "compressed.gif" ;
break ;
case "view" :
$d = "index.gif" ;
break ;
case "box" :
$d = "box1.gif";
break;
case "up" :
$d = "back.gif" ;
break ;
case "blank" :
$d = "blank.gif" ;
break ;
default :
$d = "unknown.gif" ;
}
return "<img src=\"/icons/" . $d . "\" alt=\"" . $alt . "\" border=0>" ;
} // end function icon()
function Navigate() {
if (!is_dir($this->rel_path))
{
$this->Error("Folder not found",$this->rel_path);
}
if (!($dir = @opendir($this->rel_path))
) {
$this->Error("Could not read folder",$this->rel_path) ;
}
$dirList = array();
$hiddenFiles = array();
$fileList = array();
// read directory contents
while ($item = readdir($dir)) {
if ($item == ".." || $item == "." ) continue;
if (strstr(join(" ",$this->excluded),$item))
continue; // excluded
if (is_dir($this->rel_path . "/" . $item)) {
// directory
$dirList[] = $item;
} elseif (is_file($this->rel_path . "/" . $item)) {
// file
if (!$this->show_hidden
&& substr($item,0,1)==".")
{
// hidden file, do nothing
$hiddenFiles[] = $item;
} elseif ($this->qdig_gallery_mode == TRUE
&& ! eregi("\.jpg$|\.jpeg$|\.jp
e$|\.png$|
\.gif$|\.b
mp$|\.jpg.
txt$|\.jpe
g.txt$|\.j
pe.txt$|\.
png.txt$|\
.gif.txt$|
\.bmp.txt$
",$item))
{
// hide all but image files for Qdig
$hiddenFiles[] = $item;
} else {
$fileList[] = $item;
}
} else {
// unknown
// $this->Error("Unknown file type", $text . $this->rel_path . "/" . $item) ;
}
}
closedir($dir) ;
$emptyDir = !(sizeof($dirList) || sizeof($fileList) || sizeof($hiddenFiles));
// start navigation page
if ($this->qdig_gallery_mode == TRUE) {
$text = "Use this page to add or delete images and edit or" ;
$text .= " delete captions in <a href=\".\">your Qdig gallery</a>.<br /> <br />";
}
else {
$text = "Use this page to view, add, delete or modify files.<br /> <br />" ;
}
$this->head($this->title,$
text) ;
echo "<table border=0 cellpadding=1 cellspacing=1 width=\"" . $this->siteWidth . "\">" ;
// path location bar
if ($this->base_dir != $this->rel_path) {
$parent = dirname($this->rel_dir);
?>
<tr>
<td colspan=5><?php echo $this->colorbars($this->bo
dyFgToRowD
iv);?> </td>
</tr>
<tr>
<td align=center class="ROW1"><?php echo $this->icon("opendir",$thi
s->rel_dir
)?> </td>
<td nowrap colspan=4 width="100%" class="ROW1">
<?php
if ($this->breadcrumbs) {
echo $this->path2bc($this->rel_
dir);
} else {
echo "<a href=\"" . $this->self . "?&D=" . urlencode($parent) . "\">" . $this->rel_dir . "</a>";
}
?>
</td>
</tr>
<tr>
<td colspan=5><?php echo $this->colorbars($this->ro
wToBodyFgD
iv);?> </td>
</tr>
<?php
} // end parent bar
$BG = array("ROW1","ROW2");
// output subdirs list
if (sizeof($dirList)>0) {
sort($dirList);
?>
<tr>
<td colspan=5 class="top">FOLDERS</td>
</tr>
<tr>
<td colspan=5><?php echo $this->colorbars($this->bo
dyFgToRowD
iv);?> </td>
</tr>
<?php
// iterate over dirs
$i=0;
while (list($key,$dir) = each($dirList)) {
$i++;
$bgs = $BG[$i % 2]; // even or odd
$tstr = "<a href=\"" . $this->self . "?&D=" ;
$tstr .= urlencode($this->rel_dir . "/" . $dir);
$tstr .= "\">" . $dir . "/</a>" ;
?>
<tr>
<td class="<?php echo $bgs?>" align=center>
<a href="<?php echo $this->self?>?&D=<?php
echo urlencode($this->rel_dir . "/" . $dir)?>"><?php echo $this->icon("dir",$dir . "/")?></a>
</td>
<td nowrap width="100%" colspan=4 class="<?php echo $bgs?>">
<a href="<?php echo $this->self?>?&D=<?php
echo urlencode($this->rel_dir . "/" . $dir)?>"><?php echo $dir?>/</a>
</td>
</tr>
<tr>
<td colspan=5><?php echo $this->colorbars($this->bo
dyFgDiv)?>
</td>
</tr>
<?php
} // end iterate over dirs
} // end output subdirs list
?>
<tr><td colspan=5><?php echo $this->colorbars($this->bo
dyFgToRowD
iv);?> </td></tr>
<tr>
<td colspan="5">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<tr class="BAR">
<?php
if ($this->qdig_gallery_mode != TRUE) {
?>
<form method="POST" action="<?php echo $this->self?>">
<td> New</td>
<td nowrap>
<input type="RADIO" name="T" value="D" checked> FOLDER<br />
<input type="RADIO" name="T" value="F"> FILE
</td>
<td nowrap>
Name <input type="TEXT" name="FN" size=12>
<input type="HIDDEN" name="POSTACTION" value="CREATE">
<input type="HIDDEN" name="DIR" value="<?php echo $this->rel_dir?>">
<input type="SUBMIT" value="CREATE">
</td>
</form>
<?php } ?>
<form enctype="multipart/form-da
ta" method="POST" action="<?php echo $this->self?>">
<td>
<?php
if ($this->qdig_gallery_mode == TRUE) {
?>
<strong>Upload Image File: </strong>
<?php }
else {
?>
<strong>Upload File: </strong>
<?php } ?>
<input type="HIDDEN" name="MAX_FILE_SIZE" value="<?php echo $this->size_limit?>">
<input type="HIDDEN" name="DIR" value="<?php echo $this->rel_dir?>">
<input type="HIDDEN" name="POSTACTION" value="UPLOAD">
<input size=30 type="FILE" name="FN">
<input type="SUBMIT" value="UPLOAD">
</td>
</form>
</tr>
</table>
</td>
</tr>
<tr><td colspan=5><?php echo $this->colorbars($this->ro
wToBodyFgD
iv);?> </td></tr>
<?php
// output files list
if (sizeof($fileList)>0) {
?>
<tr>
<td class="top" colspan="2" nowrap>FILENAME</td>
<td> </td>
<td class="top">LAST UPDATE</td>
<td class="top" align=right>FILE SIZE</td>
</tr>
<tr>
<td colspan=5><?php echo $this->colorbars($this->bo
dyFgToRowD
iv);?> </td>
</tr>
<?php
// iterate over files
$i = 0;
$tot = 0;
sort($fileList);
$BG = array("ROW1","ROW2");
while (list($key,$file) = each($fileList)) {
$i++;
$bgs = $BG[$i%2];
$path = $this->rel_path . "/" . $file;
$mod = filemtime($path);
$sz = filesize($path);
$tot += $sz; // add size to summary total
$a = $b = "" ;
if (($mod + $this->new_days*86400) > time()) {
$a = " <span class=\"RED\" title=\"Newer than $this->new_days days\">*</span>" ;
}
$tstr = $this->self . "?op=details&D=" . urlencode($this->rel_dir) . "&F=" . rawurlencode($file);
$tstr = "<a href=\"" . $tstr . "\">" . $file . "</a>" . $a;
$ext = strtolower(strrchr($file,"
.")) ;
if ( $ext=="" || strstr(join(" ",$this->allow_edit),$ext)
) {
$b = "<a href=\"" . $this->self . "?op=view&F=" ;
$b .= urlencode($file) . "&D=" . urlencode($this->rel_dir) ;
$b .= "\" title=\"View File\">" ;
$b .= $this->icon("view","View Contents") . "</a>";
}
?>
<tr>
<td class="<?php echo $bgs?>" align="center">
<a href="<?php echo $this->self?>?op=details&a
mp;F=<?php
echo urlencode($file)?>&D=<
?php echo urlencode($this->rel_dir)?
>"
title="View/Edit"><?php echo $this->icon($ext,"File Details")?></a>
</td>
<td class="<?php echo $bgs?>" nowrap><?php echo $tstr?> </td>
<td class="<?php echo $bgs?>" align="center"><?php echo $b?> </td>
<td class="<?php echo $bgs?>" nowrap><?php echo date($this->date_format,$m
od)?> </td>
<td class="<?php echo $bgs?>" nowrap align="right"><?php echo $this->fixsize($sz)?> </td>
</tr>
<?php
if ($i<sizeof($filelist)-1) {
?>
<tr>
<td colspan=5><?php echo $this->colorbars($this->ro
wDiv);?> </td>
</tr>
<?php
}
} // end iterate over files
?>
<tr>
<td colspan=5><?php echo $this->colorbars($this->ro
wToBodyFgD
iv);?> </td>
</tr>
<?php
?>
<tr><td colspan=5><?php echo $this->colorbars($this->bo
dyFgToRowD
iv);?> </td></tr>
<tr>
<td colspan="5">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<tr class="BAR">
<!--
<form method="POST" action="<?php echo $this->self?>">
<td> New</td>
<td nowrap>
<input type="RADIO" name="T" value="D" checked> FOLDER<br />
<input type="RADIO" name="T" value="F"> FILE
</td>
<td nowrap>
Name <input type="TEXT" name="FN" size=12>
<input type="HIDDEN" name="POSTACTION" value="CREATE">
<input type="HIDDEN" name="DIR" value="<?php echo $this->rel_dir?>">
<input type="SUBMIT" value="CREATE">
</td>
</form>
-->
<form enctype="multipart/form-da
ta" method="POST" action="<?php echo $this->self?>">
<td>
<?php
if ($this->qdig_gallery_mode == TRUE) {
?>
<strong>Upload Image File: </strong>
<?php }
else {
?>
<strong>Upload File: </strong>
<?php } ?>
<input type="HIDDEN" name="MAX_FILE_SIZE" value="<?php echo $this->size_limit?>">
<input type="HIDDEN" name="DIR" value="<?php echo $this->rel_dir?>">
<input type="HIDDEN" name="POSTACTION" value="UPLOAD">
<input size=30 type="FILE" name="FN">
<input type="SUBMIT" value="UPLOAD">
</td>
</form>
</tr>
</table>
</td>
</tr>
<tr><td colspan=5><?php echo $this->colorbars($this->ro
wToBodyFgD
iv);?> </td></tr>
<?php
} // end ouput files list
if ($emptyDir
&& dirname($this->rel_path)!=
dirname($t
his->base_
dir))
{
?>
<form method="POST" action="<?php echo $this->self?>">
<tr>
<td colspan=5 class="BAR">
<input type="HIDDEN" name="DIR" value="<?php echo $this->rel_dir?>">
Delete this empty folder?
<input type="CHECKBOX" name="CONFIRM">
<input type="SUBMIT" name="POSTACTION" value="DELETE">
</td>
</tr>
</form>
<?php
} elseif (sizeof($hiddenFiles)>0
&& !$this->show_hidden)
{
// show number of hidden files if any
print " <tr><td class=\"ROW1\" colspan=\"5\">\n Unlisted hidden files: <strong>" . sizeof($hiddenFiles) . "</strong>\n </td></tr>\n";
}
if ($this->show_summary
&& $tot>0)
{
print "<tr><td colspan=\"4\"> </td><
td class=\"top\" align=\"right\">TOTAL ~ " . $this->fixsize($tot) . "</td></tr>\n";
}
?>
<tr>
<td colspan=5><?php echo $this->colorbars($this->bo
dyFgDiv)?>
</td>
</tr>
</table>
<?php
$this->foot() ;
} // end function Navigate()
function Error($title,$text="") {
$this->head("ERROR -- ".$title,"<b>" . $text . "</b>") ;
print "<h3>" . $title . "</h3>\n";
$dir = !is_dir($this->base_dir . $this->rel_dir) ? "/" : $this->rel_dir;
?>
<form method="POST" action="<?php echo $this->self?>">
<input type="HIDDEN" name="DIR" value="<?php echo $dir?>"><br />
<input type="SUBMIT" name="POSTACTION" value="Cancel">
</form>
<?php
$this->foot() ;
exit ;
}
function display_perms($file) {
$mode = fileperms($file);
if(($mode & 0xC000) === 0xC000) // Unix domain socket
$type = 's';
elseif(($mode & 0x4000) === 0x4000) // Directory
$type = 'd';
elseif(($mode & 0xA000) === 0xA000) // Symbolic link
$type = 'l';
elseif(($mode & 0x8000) === 0x8000) // Regular file
$type = '-';
elseif(($mode & 0x6000) === 0x6000) // Block special file
$type = 'b';
elseif(($mode & 0x2000) === 0x2000) // Character special file
$type = 'c';
elseif(($mode & 0x1000) === 0x1000) // Named pipe
$type = 'p';
else // Unknown
$type = '?';
/* Determine Type */
if($mode & 0x1000) $type='p'; /* FIFO pipe */
else if( $mode & 0x2000 ) $type='c'; /* Character special */
else if( $mode & 0x4000 ) $type='d'; /* Directory */
else if( $mode & 0x6000 ) $type='b'; /* Block special */
else if( $mode & 0x8000 ) $type='-'; /* Regular */
else if( $mode & 0xA000 ) $type='l'; /* Symbolic Link */
else if( $mode & 0xC000 ) $type='s'; /* Socket */
else $type='u'; /* UNKNOWN */
/* Determine permissions */
$owner["read"] = ($mode & 00400) ? 'r' : '-';
$owner["write"] = ($mode & 00200) ? 'w' : '-';
$owner["execute"] = ($mode & 00100) ? 'x' : '-';
$group["read"] = ($mode & 00040) ? 'r' : '-';
$group["write"] = ($mode & 00020) ? 'w' : '-';
$group["execute"] = ($mode & 00010) ? 'x' : '-';
$world["read"] = ($mode & 00004) ? 'r' : '-';
$world["write"] = ($mode & 00002) ? 'w' : '-';
$world["execute"] = ($mode & 00001) ? 'x' : '-';
/* Adjust for SUID, SGID and sticky bit */
if( $mode & 0x800 ) $owner["execute"] = ($owner[execute]=='x') ? 's' : 'S';
if( $mode & 0x400 ) $group["execute"] = ($group[execute]=='x') ? 's' : 'S';
if( $mode & 0x200 ) $world["execute"] = ($world[execute]=='x') ? 't' : 'T';
$ret = sprintf("%1s", $type);
$ret .= sprintf("%1s%1s%1s", $owner[read], $owner[write], $owner[execute]);
$ret .= sprintf("%1s%1s%1s", $group[read], $group[write], $group[execute]);
$ret .= sprintf("%1s%1s%1s\n", $world[read], $world[write], $world[execute]);
return $ret;
} // end function display_perms()
function fixsize($size) {
$j = 0;
$ext = array("B","KB","MB","GB","
TB");
while ($size >= pow(1024,$j)) ++$j;
return round($size / pow(1024,$j-1) * 100) / 100 . " " . $ext[$j-1];
}
function path2bc($path) {
$link = "";
$ret = "<a href=\"" . $this->self . "?&D=" . urlencode("/") . "\">//</a> ";
$path = substr($path,1,strlen($pat
h));
$arr = explode("/",$path);
for ($i=0;$i<sizeof($arr);$i++
) {
$current = $arr[$i];
$link .= "/" . $current;
$ret .= "<a href=\"" . $this->self . "?&D=" . urlencode($link) . "\">" . $current . "</a>";
if ($i < sizeof($arr)-1) $ret .= " / ";
}
return $ret;
}
function authenticate() {
header("WWW-Authenticate: Basic realm=\"$this->title\", stale=FALSE");
header("HTTP/1.0 401 Unauthorized");
$this->Error("Authorizatio
n failed","You must login to access $this->title");
exit;
}
function load_skin () {
$skinfile = dirname($script_filename) . "/skin.txt";
if (file_exists($skinfile)) {
$fcontents = file ($skinfile);
for ($i = 0; $i < count($fcontents); $i++) {
$row = $fcontents[$i];
$rowa = explode("\t",$row);
if (count($rowa) == 2) {
$keyval = trim($rowa[0]);
$valval = trim($rowa[1]);
if ($valval == "true") {$valval = true;}
elseif ($valval == "false") {$valval = false;}
}
$this->$keyval = $valval;
}
}
}
function colorbars($str) {
if ($str != "") {
$arr = explode(";",$str);
echo "\n <table summary=\"Color Bar\"cellspacing=0 cellpadding=0 border=0 width=\"100%\">\n";
for ($i = 0; $i < count($arr); $i++) {
$arr2 = explode(",",$arr[$i]);
echo " <tr bgcolor=\"" . $arr2[0] . "\"><td height=\"" . $arr2[1] . "\">";
echo "<spacer type=\"block\" height=\"" . $arr2[1] . "\">";
echo "</td></tr>\n";
}
echo " </table>\n";
}
}
}
/*= END ==========================
==========
==========
==========
=========*
/
// vim: set noexpandtab tabstop=4 shiftwidth=4:
?>
