0
@@ -1,364 +1 @@
0
-<?php
0
-#CMS - CMS Made Simple
0
-#(c)2004-2008 by Ted Kulp (ted@cmsmadesimple.org)
0
-#This project's homepage is: http://cmsmadesimple.sf.net
0
-#
0
-#This program is free software; you can redistribute it and/or modify
0
-#it under the terms of the GNU General Public License as published by
0
-#the Free Software Foundation; either version 2 of the License, or
0
-#(at your option) any later version.
0
-#
0
-#This program is distributed in the hope that it will be useful,
0
-#but WITHOUT ANY WARRANTY; without even the implied warranty of
0
-#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0
-#GNU General Public License for more details.
0
-#You should have received a copy of the GNU General Public License
0
-#along with this program; if not, write to the Free Software
0
-#Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
0
-#
0
-#$Id$
0
-
0
-$CMS_ADMIN_PAGE=1;
0
-
0
-// in filetypes.inc.php filetypes are defined
0
-require_once(dirname(dirname(__FILE__))."/lib/filemanager/filetypes.inc.php");
0
-require_once(dirname(dirname(__FILE__))."/lib/file.functions.php");
0
-require_once("../include.php");
0
-
0
-check_login();
0
-
0
-function deldir($dir)
0
-{
0
-	$handle = opendir($dir);
0
-	while (false!==($FolderOrFile = readdir($handle)))
0
-	{
0
-		if($FolderOrFile != "." && $FolderOrFile != "..")
0
-		{
0
-			if(@is_dir("$dir/$FolderOrFile"))
0
-			{
0
-				deldir("$dir/$FolderOrFile");
0
-			}  // recursive
0
-			else
0
-			{
0
-				unlink("$dir/$FolderOrFile");
0
-			}
0
-		}
0
-	}
0
-	closedir($handle);
0
-	if(rmdir($dir))
0
-	{
0
-		$success = true;
0
-	}
0
-	return $success;
0
-}
0
-
0
-
0
-$errors = "";
0
-
0
-$dir = $config["uploads_path"];
0
-$url = $config["uploads_url"];
0
-
0
-$reldir = "";
0
-if (isset($_POST['reldir'])) $reldir = $_POST['reldir'];
0
-else if (isset($_GET['reldir'])) $reldir = $_GET['reldir'];
0
-
0
-# Check for path errors. It's a bit of a hack.
0
-$reldir = urldecode($reldir);
0
-$reldir = str_replace("..", "", $reldir);
0
-$reldir = str_replace("\\", "/", $reldir);
0
-$reldir = str_replace("//", "/", $reldir);
0
-$reldir = ereg_replace("/^", "", $reldir);
0
-
0
-if ($reldir != "")
0
-    {
0
-    $CMS_ADMIN_SUBTITLE = $reldir;
0
-    }
0
-
0
-if (strpos($reldir, '..') === false && strpos($reldir, '\\') === false)
0
-{
0
-	$dir .= $reldir;
0
-}
0
-
0
-$userid = get_userid();
0
-$access = check_permission($userid, 'Modify Files');
0
-
0
-$username = $gCms->variables["username"];
0
-
0
-#Did we upload a file?
0
-if (isset($_FILES) && isset($_FILES['uploadfile']) && isset($_FILES['uploadfile']['name']) && $_FILES['uploadfile']['name'] != "")
0
-{
0
-	if ($access)
0
-	{
0
-		if (!@move_uploaded_file($_FILES['uploadfile']['tmp_name'], $dir."/".$_FILES['uploadfile']['name']))
0
-		{
0
-			$errors .= "<li>".lang('filenotuploaded')."</li>";
0
-		}
0
-		else
0
-		{
0
-			chmod($dir."/".$_FILES['uploadfile']['name'], octdec('0'.$config['default_upload_permission']));
0
-			audit(-1, $_FILES['uploadfile']['name'], 'Uploaded File');
0
-		}
0
-	}
0
-	else
0
-	{
0
-		$errors .= "<li>".lang('needpermissionto', array('Modify Files'))."</li>";
0
-	}
0
-}
0
-
0
-#Did we create a new dir?
0
-if (isset($_POST['newdirsubmit']))
0
-{
0
-	if ($access)
0
-	{
0
-		#Make sure it isn't an empty dir name
0
-		if ($_POST['newdir'] == "")
0
-		{
0
-			$errors .= "<li>".lang('filecreatedirnoname')."</li>";
0
-		}
0
-		else if (ereg('\.\.',$_POST['newdir']))
0
-		{
0
-			$errors .= "<li>".lang('filecreatedirnodoubledot')."</li>";
0
-		}
0
-		else if (ereg('/', $_POST['newdir']) || strpos($_POST['newdir'], '\\') !== false)
0
-		{
0
-			$errors .= "<li>".lang('filecreatedirnoslash')."</li>";
0
-		}
0
-		else if (file_exists($dir."/".$_POST['newdir']))
0
-		{
0
-			$errors .= "<li>".lang('directoryexists')."</li>";
0
-		}
0
-		else
0
-		{
0
-			mkdir($dir."/".$_POST['newdir'], 0777);
0
-			audit(-1, $_POST['newdir'], 'Created Directory');
0
-		}
0
-	}
0
-	else
0
-	{
0
-		$errors .= "<li>".lang('needpermissionto', array('Modify Files'))."</li>";
0
-	}
0
-}
0
-
0
-if (isset($_GET['action']) && $_GET['action'] == "deletefile")
0
-{
0
-	if ($access)
0
-	{
0
-		if (is_file($dir . "/" . $_GET['file']))
0
-		{
0
-			if (!(unlink($dir . "/" . $_GET['file'])))
0
-			{
0
-				$errors .= "<li>".lang('errordeletingfile')."</li>";
0
-			}
0
-			else
0
-			{
0
-				audit(-1, $reldir . "/" . $_GET['file'], 'Deleted File');
0
-			}
0
-		}
0
-		else
0
-		{
0
-			$errors .= "<li>".lang('norealfile')."</li>";
0
-		}
0
-	}
0
-	else
0
-	{
0
-		$errors .= "<li>".lang('needpermissionto', array('Modify Files'))."</li>";
0
-	}
0
-}
0
-else if (isset($_GET['action']) && $_GET['action'] == "deletedir")
0
-{
0
-	if ($access)
0
-	{
0
-		if (@is_dir($dir . "/" . $_GET['file']))
0
-		{
0
-			if (!(deldir($dir . "/" . $_GET['file'])))
0
-			{
0
-				$errors .= "<li>".lang('errordeletingdirectory')."</li>";
0
-			}
0
-			else
0
-			{
0
-				audit(-1, $reldir . "/" . $_GET['file'], 'Deleted Directory');
0
-			}
0
-		}
0
-		else
0
-		{
0
-			$errors .= "<li>".lang('norealdirectory')."</li>";
0
-		}
0
-	}
0
-	else
0
-	{
0
-		$errors .= "<li>".lang('needpermissionto', array('Modify Files'))."</li>";
0
-	}
0
-}
0
-
0
-include_once("header.php");
0
-
0
-$row = "row1";
0
-
0
-$dirtext = "";
0
-$filetext = "";
0
-$file = "";
0
-
0
-if ($errors != "")
0
-{
0
-	echo "<div class=\"pageerrorcontainer\"><ul class=\"error\">".$errors."</ul></div>";
0
-}
0
-
0
-echo '<div class="pagecontainer">';
0
-echo $themeObject->ShowHeader('filemanagement');
0
-echo '<p class="pagesubtitle">'.lang('currentdirectory').': '.($reldir==""?"/":$reldir)."</p>";
0
-echo '<table cellspacing="0" class="pagetable">'."\n";
0
-echo '<thead>';
0
-echo "<tr>\n";
0
-echo '<th class="pagew30">&nbsp;</th>';
0
-echo '<th>'.lang('filename').'</th>';
0
-echo '<th class="pagew10">'.lang('filesize').'</th>';
0
-echo '<th class="pageicon">&nbsp;</th>';
0
-echo '</tr>';
0
-echo '</thead>';
0
-echo '<tbody>';
0
-
0
-if ($reldir != '')
0
-{
0
-	$newdir = dirname($reldir.'/'.$file);
0
-	if ($newdir == "/" || $newdir == '\\')
0
-	{
0
-		$newdir = '';
0
-	}
0
-	else
0
-	{
0
-		$newdir = '?reldir='.urlencode($newdir);
0
-	}
0
-	$dirtext .= "<tr class=\"$row\" onmouseover=\"this.className='".$row.'hover'."';\" onmouseout=\"this.className='".$row."';\">";
0
-	$dirtext .= "<td>";
0
-	$dirtext .= $themeObject->DisplayImage('icons/filetypes/upfolder.gif', lang('directoryabove'));
0
-    $dirtext .= "</td>";
0
-	$dirtext .= '<td><a href="files.php'.$newdir.'">..</a></td>';
0
-	$dirtext .= "<td>&nbsp;</td>";
0
-	if ($access)
0
-		$dirtext .= "<td>&nbsp;</td>";
0
-	$dirtext .= "</tr>";
0
-	$row = "row2";
0
-}
0
-
0
-#First do dirs
0
-$dirs = array();
0
-$handle = opendir($dir);
0
-while (false!==($file = readdir($handle))) $dirs[]=$file;
0
-closedir($handle);
0
-sort($dirs);
0
-foreach ($dirs as $file)
0
-{
0
-	if (strpos($file, ".") === false || strpos($file, ".") != 0)
0
-	{
0
-		if (@is_dir("$dir/$file"))
0
-		{
0
-			$tmp=urlencode($reldir."/".$file);
0
-			$dirtext .= "<tr class=\"$row\" onmouseover=\"this.className='".$row.'hover'."';\" onmouseout=\"this.className='".$row."';\">";
0
-			$dirtext .= "<td>";
0
-            $dirtext .= $themeObject->DisplayImage('icons/filetypes/folder.gif', lang('directoryabove'));
0
-            $dirtext .= "</td>";
0
-			$dirtext .= '<td><a href="files.php?reldir='.$tmp.'">'.$file.'</a></td>';
0
-			$dirtext .= "<td>&nbsp;</td>";
0
-			if ($access)
0
-			{
0
-				$dirtext .= "<td class=\"pagepos\"><a href=\"files.php?action=deletedir&amp;reldir=".$reldir."&amp;file=".$file."\" onclick=\"return confirm('".lang('confirmdeletedir')."');\">";
0
-	            $dirtext .= $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'),'','','systemicon');
0
-            	$dirtext .= "</a></td>";
0
-			}
0
-			$dirtext .= "</tr>";
0
-			($row=="row1"?$row="row2":$row="row1");
0
-		}
0
-	}
0
-}
0
-echo $dirtext;
0
-
0
-#Now do files
0
-$ls = dir($dir);
0
-$files = array();
0
-while (($file = $ls->read()) != "")
0
-{
0
-	$files[] = $file;
0
-}
0
-sort($files);
0
-foreach ($files as $file)
0
-{
0
-	if (display_file($file)==true){
0
-		if (strpos($file, ".") === false || strpos($file, ".") != 0)
0
-		{
0
-			if (is_file("$dir/$file"))
0
-			{
0
-				$extension = get_file_extention($file);
0
-				// set template vars
0
-				$template_vars['file']  			= $file;
0
-				$template_vars['dir_file']				= $reldir."/".$file;
0
-				$template_vars['url_dir_file']				= $url.$reldir."/".$file;
0
-
0
-				// parse little template
0
-				$file_links = parse_template($filetype[$extension]['link']['view'], $template_vars,0);
0
-		//		$file_links = $filetype[$extension]['link']['view'];
0
-
0
-                $image_icon = $themeObject->DisplayImage("icons/filetypes/".$filetype[$extension]['img'].".gif", $filetype[$extension]['desc']);
0
-                //$image_icon = "<img src=\"../images/cms/icons/filetypes/".$filetype[$extension]['img'].".gif\" alt=\"".$filetype[$extension]['desc']."\" title=\"".$filetype[$extension]['desc']."\" border=\"0\" />";
0
-
0
-				$filetext .= "<tr class=\"$row\" onmouseover=\"this.className='".$row.'hover'."';\" onmouseout=\"this.className='".$row."';\">";
0
-				$filetext .= "<td>{$image_icon}</td>";
0
-				$filetext .= '<td><a href="'.$file_links.'" rel="external">'.$file.'</a></td>';
0
-				$filesize =  filesize("$dir/$file");
0
-				if ($filesize >(1024*1024)) {$sizestr = number_format($filesize/(1024*1024))." MB";} else {
0
-					if ($filesize >(1024))  {$sizestr = number_format($filesize/1024)." KB";} else {
0
-						$sizestr = number_format($filesize)." B";
0
-					}
0
-				}
0
-				$filetext .= "<td>".$sizestr."</td>";
0
-				if ($access)
0
-				{
0
-					$filetext .= "<td><a href=\"files.php?action=deletefile&amp;reldir=".$reldir."&amp;file=".$file."\" onclick=\"return confirm('".lang('deleteconfirm', $file)."');\">";
0
-	                $filetext .= $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'),'','','systemicon');
0
-	                $filetext .= "</a></td>";
0
-				}
0
-				$filetext .= "</tr>";
0
-				($row=="row1"?$row="row2":$row="row1");
0
-			}
0
-		}
0
-	}
0
-}
0
-echo $filetext;
0
-
0
-if ($filetext == "" && $dirtext == "")
0
-{
0
-	echo "<tr class=\"row1\"><td colspan=\"4\" align=\"center\">".lang('nofiles')."</td></tr>";
0
-}
0
-
0
-echo '</tbody>';
0
-echo "</table>";
0
-
0
-if ($access)
0
-{
0
-
0
-?>
0
-
0
-<form enctype="multipart/form-data" action="files.php" method="post">
0
-	<div class="pageoverflow">
0
-		<p class="pagetext"><?php echo lang('uploadfile')?>:</p>
0
-		<p class="pageinput">
0
-			<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $config["max_upload_size"]?>" />
0
-			<input type="hidden" name="reldir" value="<?php echo $reldir?>" />
0
-			<input name="uploadfile" type="file" /> <input class="pagebutton" onmouseover="this.className='pagebuttonhover'" onmouseout="this.className='pagebutton'" type="submit" value="<?php echo lang('send')?>" />
0
-		</p>
0
-	</div>
0
-	<div class="pageoverflow">
0
-		<p class="pagetext"><?php echo lang('createnewfolder')?>:</p>
0
-		<p class="pageinput"><input type="text" name="newdir" /> <input class="pagebutton" onmouseover="this.className='pagebuttonhover'" onmouseout="this.className='pagebutton'" type="submit" name="newdirsubmit" value="<?php echo lang('create')?>" /></p>
0
-	</div>
0
-</form>
0
-
0
-</div>
0
-
0
-<?php
0
-}
0
-echo '<p class="pageback"><a class="pageback" href="'.$themeObject->BackUrl().'">&#171; '.lang('back').'</a></p>';
0
-include_once("footer.php");
0
-
0
-# vim:ts=4 sw=4 noet
0
-?>

0
@@ -1,101 +1 @@
0
-<?php
0
-#CMS - CMS Made Simple
0
-#(c)2004-2008 by Ted Kulp (ted@cmsmadesimple.org)
0
-#This project's homepage is: http://cmsmadesimple.sf.net
0
-#
0
-# library written by Thijs Elenbaas (thijs@contemplated.net)
0
-#
0
-#This program is free software; you can redistribute it and/or modify
0
-#it under the terms of the GNU General Public License as published by
0
-#the Free Software Foundation; either version 2 of the License, or
0
-#(at your option) any later version.
0
-#
0
-#This program is distributed in the hope that it will be useful,
0
-#but WITHOUT ANY WARRANTY; without even the implied warranty of
0
-#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0
-#GNU General Public License for more details.
0
-#You should have received a copy of the GNU General Public License
0
-#along with this program; if not, write to the Free Software
0
-#Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
0
-#
0
-#$Id$
0
-
0
-/**
0
- * File related functions. Used within the file manager and possibly
0
- * in filehandling programs 
0
- *
0
- */
0
-
0
-/**
0
- * Finds the file extention to for current filename
0
- * to the admin login.
0
- *
0
- * @since 6.3 ?
0
- */
0
-function get_file_extention($filename) {
0
-		
0
-	global $filetype;	
0
-		
0
-	// get the file extention
0
-	$extension = strtolower(substr(strrchr($filename, "."), 1));
0
-	//extention type if nothing is found:
0
-	$found_ext = "unknown";
0
-	// See if extention is listed
0
-	if (isset($filetype[$extension]['img']) && $filetype[$extension]['img']) {
0
-	    // Yes, listed!
0
-		$found_ext = $extension;
0
-	} else {
0
-	 	// apparently not, so let's browse the aliasses
0
-		foreach ($filetype  as $current_ext=>$current_type) {	  
0
-		   if (isset($current_type['alias']) && $current_type['alias']) {
0
-			   foreach ($current_type['alias'] as $current_alias) {
0
-				   if ($extension == $current_alias) { 
0
-						$found_ext = $current_ext;
0
-						break(2);
0
-				   };
0
-			   }
0
-		   }
0
-		}
0
-	}
0
-	return $found_ext;
0
-}
0
-
0
-function display_file($filename) {
0
-	$do_display = true;	
0
-	
0
-	global $excludefilters;
0
-		
0
-	foreach ($excludefilters as $currentfilter) {
0
-		if (ereg($currentfilter, $filename)) {
0
-			$do_display = false;
0
-			break(1);
0
-		}
0
-	}
0
-	return $do_display;
0
-}
0
-
0
-
0
-function is_removeable($fname)
0
-{
0
-  if( is_dir( $fname ) )
0
-    {
0
-      $folder = opendir($fname);
0
-      while($file = readdir( $folder ))
0
-	if($file != '.' && $file != '..' &&
0
-	   ( !is_writable(  $fname."/".$file  ) ||
0
-	     (  is_dir(  $fname."/".$file  ) && !is_removeable(  $fname."/".$file  )  ) ))
0
-	  {
0
-	    closedir($fname);
0
-	    return false;
0
-	  }
0
-      closedir($fname);
0
-      return true;
0
-    }
0
-  else
0
-    {
0
-      return is_writable( $fname );
0
-    }
0
-}
0
-# vim:ts=4 sw=4 noet
0
-?>