Subversion Repositories svnkaklik

Compare Revisions

Regard whitespace Rev 5 → Rev 6

/web/mujweb/AutoIndex/index.php
0,0 → 1,2634
<?php
 
/***************************************************************************
AutoIndex PHP Script, by Justin Hagstrom
-------------------
 
filename : index.php
version : 1.5.2
date : January 04, 2005
 
copyright : Copyright (C) 2002-2005 Justin Hagstrom
license : GNU General Public License (GPL)
 
website & forum : http://autoindex.sourceforge.net
e-mail : JustinHagstrom [at] yahoo [dot] com
 
 
AutoIndex PHP Script is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
 
AutoIndex PHP Script is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
 
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 
***************************************************************************/
 
//some basic compatibility for PHP 4.0.x
if (!isset($_GET)) { $_GET = &$HTTP_GET_VARS; }
if (!isset($_POST)) { $_POST = &$HTTP_POST_VARS; }
if (!isset($_SESSION)) { $_SESSION = &$HTTP_SESSION_VARS; }
if (!isset($_SERVER)) { $_SERVER = &$HTTP_SERVER_VARS; }
if (!isset($_COOKIE)) { $_COOKIE = &$HTTP_COOKIE_VARS; }
if (!isset($_FILES)) { $_FILES = &$HTTP_POST_FILES; }
 
/* OPTIONAL SETTINGS */
$stored_config = 'AutoIndex.conf.php';
$config_generator = 'config.php';
 
$date_format = 'Y-M-d'; //see http://php.net/date
 
/* END OPTIONAL SETTINGS */
 
 
function get_microtime()
{
list($usec, $sec) = explode(' ', microtime());
return ((float)$usec + (float)$sec);
}
$start_time = get_microtime();
 
session_name('AutoIndex');
session_start();
 
if (@get_magic_quotes_gpc())
//remove any slashes added by the "magic quotes" setting
{
$_GET = array_map('stripslashes', $_GET);
$_POST = array_map('stripslashes', $_POST);
}
@set_magic_quotes_runtime(0);
 
if (ini_get('zlib.output_compression') == '1')
//compensate for compressed output set in php.ini
{
header('Content-Encoding: gzip');
}
 
define('VERSION', '1.5.2');
 
//now we need to include either the stored settings, or the config generator
if (@is_file($stored_config))
{
if (!@include($stored_config))
{
die("<p>Error including file <em>$stored_config</em></p>");
}
}
else if (@is_file($config_generator))
{
define('CONFIG', true);
if (!@include($config_generator))
{
die("<p>Error including file <em>$config_generator</em></p>");
}
die();
}
else
{
die("<p>Error: Neither <em>$config_generator</em> nor <em>$stored_config</em> could be found.</p>");
}
 
$this_file = (($index == '') ? $_SERVER['PHP_SELF'] : $index);
$this_file .= ((strpos($this_file, '?') !== false) ? '&' : '?');
$referrer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'N/A');
 
//make sure all the variables are set correctly from the stored settings
$config_vars = array('base_dir', 'icon_path', 'stylesheet', 'use_login_system',
'allow_uploads', 'must_login_to_download', 'user_list', 'allow_file_overwrites',
'log_file', 'dont_log_these_ips', 'download_count', 'links_file', 'lang',
'sub_folder_access', 'index', 'hidden_files', 'show_only_these_files',
'force_download', 'bandwidth_limit', 'anti_leech', 'enable_searching',
'show_dir_size', 'folder_expansion', 'show_folder_count', 'banned_list',
'md5_show', 'header', 'footer', 'header_per_folder', 'footer_per_folder',
'description_file', 'thumbnail_height', 'path_to_language_files', 'days_new',
'select_language', 'show_type_column', 'show_size_column', 'show_date_column');
foreach ($config_vars as $this_var)
{
if (!isset($$this_var))
{
die("<p>Error: AutoIndex is not configured properly.
<br />The variable <strong>$this_var</strong> is not set.</p>
<p>Delete <em>$stored_config</em> and then run <em>$config_generator</em>.</p>");
}
}
 
//find the language the script should be displayed in
if ($select_language && isset($_GET['lang'])
&& preg_match('/^[a-z]{2}(_[a-z]{2})?$/i', $_GET['lang'])
&& @is_file($path_to_language_files.$_GET['lang'].'.php'))
{
$_SESSION['lang'] = $_GET['lang'];
}
else if (!isset($_SESSION['lang']))
{
$_SESSION['lang'] = $lang;
}
@include($path_to_language_files.$_SESSION['lang'].'.php');
 
if (!isset($words))
{
die('<p>Error: You need to include a language.php file that has the variable $words.
<br />Check the $lang and $path_to_language_files variables.</p>');
}
 
$global_user_list = ($use_login_system ? @file($user_list) : array());
if ($global_user_list === false)
{
die("<p>Could not open file <strong>$user_list</strong></p>");
}
 
function translate_uri($uri)
//rawurlencodes $uri, but not any slashes
{
$uri = rawurlencode(str_replace('\\', '/', $uri));
return str_replace(rawurlencode('/'), '/', $uri);
}
 
function get_basename($fn)
//returns everything after the slash, or the original string if there is no slash
{
return basename(str_replace('\\', '/', $fn));
}
 
function match_in_array($string, &$array)
//returns true if $string matches anything in the array
{
$string = get_basename($string);
static $replace = array(
'\*' => '[^\/]*',
'\+' => '[^\/]+',
'\?' => '[^\/]?');
foreach ($array as $m)
{
if (preg_match('/^'.strtr(preg_quote(get_basename($m), '/'), $replace).'$/i', $string))
{
return true;
}
}
return false;
}
 
function check_login($user, $pass)
{
global $global_user_list;
foreach ($global_user_list as $look)
{
if ((strcasecmp(substr(rtrim($look), 33), $user) === 0)
&& (strcasecmp(substr(rtrim($look), 0, 32), $pass) === 0))
{
return true;
}
}
return false;
}
 
function logged_in()
{
return (isset($_SESSION['user'], $_SESSION['pass']) &&
check_login($_SESSION['user'], $_SESSION['pass']));
}
 
function is_user_admin($user)
{
global $global_user_list;
foreach ($global_user_list as $look)
{
if (strcasecmp($user, substr(rtrim($look), 33)) === 0)
{
return (substr($look, 32, 1) === '1');
}
}
return false;
}
 
function is_admin()
{
return is_user_admin($_SESSION['user']);
}
 
function is_hidden($fn, $is_file = true)
//looks at $hidden_files and $show_only_these_files to see if $fn is hidden
{
if ($fn == '')
{
return true;
}
global $use_login_system;
if ($use_login_system && logged_in() && is_admin())
//allow admins to view hidden files
{
return false;
}
global $hidden_files, $show_only_these_files;
if ($is_file && count($show_only_these_files))
{
return (!match_in_array($fn, $show_only_these_files));
}
if (!count($hidden_files))
{
return false;
}
return match_in_array($fn, $hidden_files);
}
 
function eval_dir($d)
//check $d for "bad" things, and deal with ".."
{
$d = str_replace('\\', '/', $d);
if ($d == '' || $d == '/')
{
return '';
}
$dirs = explode('/', $d);
for ($i=0; $i<count($dirs); $i++)
{
if ($dirs[$i] == '.' || is_hidden($dirs[$i], false))
{
array_splice($dirs, $i, 1);
$i--;
}
else if (preg_match('/^\.\./', $dirs[$i])) //if it starts with two dots
{
array_splice($dirs, $i-1, 2);
$i = -1;
}
}
$new_dir = implode('/', $dirs);
if ($new_dir == '' || $new_dir == '/')
{
return '';
}
if ($d{0} == '/' && $new_dir{0} != '/')
{
$new_dir = '/'.$new_dir;
}
if (preg_match('#/$#', $d) && !preg_match('#/$#', $new_dir))
{
$new_dir .= '/';
}
else if (is_hidden(get_basename($d)))
{
return '';
}
return $new_dir;
}
 
//get the user defined variables that are in the URL
$subdir = (isset($_GET['dir']) ? eval_dir(rawurldecode($_GET['dir'])) : '');
$file_dl = (isset($_GET['file']) ? rawurldecode($_GET['file']) : '');
$search = (isset($_GET['search']) ? $_GET['search'] : '');
$search_mode = (isset($_GET['searchMode']) ? $_GET['searchMode'] : '');
while (preg_match('#\\\\|/$#', $file_dl))
{
$file_dl = substr($file_dl, 0, -1);
}
$file_dl = eval_dir($file_dl);
 
if (!@is_dir($base_dir))
{
die('<p>Error: <em>'.htmlentities($base_dir)
.'</em> is not a valid directory.<br />Check the $base_dir variable.</p>');
}
 
if (!$sub_folder_access || $subdir == '/')
{
$subdir = '';
}
else if (preg_match('#[^/\\\\]$#', $subdir))
{
$subdir .= '/'; //add a slash to the end if there isn't one
}
 
$dir = $base_dir.$subdir;
 
//this will be displayed before any HTML output
$html_heading = '';
 
if ($index == '')
{
$html_heading .= '<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$_SESSION['lang'].'">
<head>';
}
if ($stylesheet != '')
{
$html_heading .= "\n<link rel=\"stylesheet\" href=\"$stylesheet\" type=\"text/css\" title=\"AutoIndex Default\" />\n";
}
if ($index == '')
{
$html_heading .= "\n<title>".$words['index of'].' '.htmlentities($dir)
."</title>\n\n</head><body class='autoindex_body'>\n\n";
}
 
function show_header()
{
global $header, $header_per_folder, $dir;
if ($header != '')
{
if ($header_per_folder)
{
$header = $dir.$header;
}
if (@is_readable($header))
{
include($header);
}
}
}
 
function show_footer()
{
global $footer, $footer_per_folder, $dir;
if ($footer != '')
{
if ($footer_per_folder)
{
$footer = $dir.$footer;
}
if (@is_readable($footer))
{
include($footer);
}
}
}
 
function show_login_box()
{
global $this_file, $subdir, $icon_path;
$sd = translate_uri($subdir);
echo '<p /><table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td"><img src="', $icon_path,
'/login.png" width="12" height="14" alt="Login" /> Login:',
"\n<form method='post' action='{$this_file}dir=$sd'>
<table><tr class=\"paragraph\"><td>Username:</td>
<td><input type='text' name='user' />
</td></tr><tr class=\"paragraph\"><td>Password:</td>
<td><input type='password' name='pass' /></td></tr></table>
<p><input class='button' type='submit' value='Login' /></p>
</form></td></tr></table>";
}
 
function show_search_box()
{
global $index, $search, $words, $search_mode, $this_file, $subdir, $icon_path;
echo '<p /><table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td"><img src="', $icon_path,
'/search.png" width="16" height="16" alt="', $words['search'], '" /> ',
$words['search'], ":<br /><form method='get' action='$this_file'>
<p><input type='text' name='search' value='$search' />\n";
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo "\n<input type='hidden' name='dir' value='", translate_uri($subdir),
"' /><br /><select name='searchMode'>\n";
$search_modes = array($words['files'] => 'f', $words['folders'] => 'd', $words['both'] => 'fd');
foreach ($search_modes as $key => $element)
{
$sel = (($search_mode == $element) ? ' selected="selected"' : '');
echo "\t<option$sel value='$element'>$key</option>\n";
}
echo "</select><input type='submit' value='", $words['search'],
'\' class="button" /></p></form></td></tr></table>';
}
 
function is_username($user)
{
global $html_heading, $global_user_list;
foreach ($global_user_list as $look)
{
if (strcasecmp($user, substr(rtrim($look), 33)) === 0)
{
return true;
}
}
return false;
}
 
function num_admins()
//returns the number of accounts with admin rights
{
global $html_heading, $global_user_list;
$num = 0;
foreach ($global_user_list as $look)
{
if (substr($look, 32, 1) === '1')
{
$num++;
}
}
return $num;
}
 
function get_filesize($size)
//give a size in bytes, and this will return the appropriate measurement format
{
$size = max(0, $size);
static $u = array('&nbsp;B', 'KB', 'MB', 'GB');
for ($i=0; $size >= 1024 && $i < 4; $i++)
{
$size /= 1024;
}
return number_format($size, 1).' '.$u[$i];
}
 
function ext($fn)
//return the lowercase file extension of $fn, not including the leading dot
{
$fn = get_basename($fn);
return (strpos($fn, '.') ? strtolower(substr(strrchr($fn, '.'), 1)) : '');
}
 
function get_all_files($path)
//returns an array of every file in $path, including folders (except ./ and ../)
{
$list = array();
if (($hndl = @opendir($path)) === false)
{
return $list;
}
while (($file=readdir($hndl)) !== false)
{
if ($file != '.' && $file != '..')
{
$list[] = $file;
}
}
closedir($hndl);
return $list;
}
 
function get_file_list($path)
//returns a sorted array of filenames. Filters out "bad" files
{
global $sub_folder_access, $links_file;
$f = $d = array();
foreach (get_all_files($path) as $name)
{
if ($sub_folder_access && @is_dir($path.$name) && !is_hidden($name, false))
{
$d[] = $name;
}
else if (@is_file($path.$name) && !is_hidden($name, true))
{
$f[] = $name;
}
}
if ($links_file != '' && ($links = @file($path.$links_file)))
{
foreach ($links as $name)
{
$p = strpos($name, '|');
$f[] = (($p === false) ? rtrim($name).'|' : substr(rtrim($name), 0, $p).'|');
}
}
natcasesort($d);
natcasesort($f);
return array_merge($d, $f);
}
 
function dir_size($dir)
//returns the total size of a directory (recursive) in bytes
{
$totalsize = 0;
foreach (get_file_list($dir) as $name)
{
$totalsize += (@is_dir($dir.$name) ? dir_size("$dir$name/") : (int)@filesize($dir.$name));
}
return $totalsize;
}
 
function match_filename($filename, $string)
{
if (preg_match_all('/(?<=")[^"]+(?=")|[^ "]+/', $string, $matches))
{
foreach ($matches[0] as $w)
{
if (preg_match('#[^/\.]+#', $w) && stristr($filename, $w))
{
return true;
}
}
}
return false;
}
 
function search_dir($sdir, $string)
//returns files/folders (recursive) in $sdir that contain $string
{
global $search_mode;
//search_mode: d=folders, f=files, fd=both
 
$found = array();
$list = get_file_list($sdir);
$d = count($list);
for ($i=0; $i<$d; $i++)
{
$full_name = $sdir.$list[$i];
if (stristr($search_mode, 'f') && (@is_file($full_name) || preg_match('/\|$/', $list[$i])) && match_filename($list[$i], $string))
{
$found[] = $full_name;
}
else if (@is_dir($full_name))
{
if (stristr($search_mode, 'd') && match_filename($list[$i], $string))
{
$found[] = $full_name;
}
$found = array_merge($found, search_dir($full_name.'/', $string));
}
}
return $found;
}
 
function add_num_to_array($num, &$array)
{
isset($array[$num]) ? $array[$num]++ : $array[$num] = 1;
}
 
function mkdir_recursive($path)
{
if (@is_dir($path))
{
return true;
}
if (!mkdir_recursive(dirname($path)))
{
return false;
}
return @mkdir($path, 0755);
}
 
function rmdir_recursive($path)
{
if (!preg_match('#/$#', $path))
{
$path .= '/';
}
foreach (get_all_files($path) as $file)
{
if ($file == '' || $file == '.' || $file == '..')
{
continue;
}
if (@is_dir("$path$file/"))
{
rmdir_recursive("$path$file/");
}
else
{
@unlink($path . $file);
}
}
return @rmdir($path);
}
 
function num_files($dir)
//returns the number of files in $dir (recursive)
{
$count = 0;
if (!preg_match('#/$#', $dir))
{
$dir .= '/';
}
$list = get_file_list($dir);
$d = count($list);
for ($i=0; $i<$d; $i++)
{
$count += (@is_dir($dir.$list[$i]) ? num_files($dir.$list[$i]) : 1);
}
return $count;
}
 
function redirect($site)
{
header("Location: $site");
die('<p>Redirection header could not be sent.<br />'
."Continue here: <a href=\"$site\">$site</a></p>");
}
 
function find_mime_type($ext)
{
static $mime_types = array(
'application/andrew-inset' => array('ez'),
'application/mac-binhex40' => array('hqx'),
'application/mac-compactpro' => array('cpt'),
'application/mathml+xml' => array('mathml'),
'application/msword' => array('doc'),
'application/octet-stream' => array('bin', 'dms', 'lha',
'lzh', 'exe', 'class', 'so', 'dll', 'dmg'),
'application/oda' => array('oda'),
'application/ogg' => array('ogg'),
'application/pdf' => array('pdf'),
'application/postscript' => array('ai', 'eps', 'ps'),
'application/rdf+xml' => array('rdf'),
'application/smil' => array('smi', 'smil'),
'application/srgs' => array('gram'),
'application/srgs+xml' => array('grxml'),
'application/vnd.mif' => array('mif'),
'application/vnd.mozilla.xul+xml' => array('xul'),
'application/vnd.ms-excel' => array('xls'),
'application/vnd.ms-powerpoint' => array('ppt'),
'application/vnd.wap.wbxml' => array('wbxml'),
'application/vnd.wap.wmlc' => array('wmlc'),
'application/vnd.wap.wmlscriptc' => array('wmlsc'),
'application/voicexml+xml' => array('vxml'),
'application/x-bcpio' => array('bcpio'),
'application/x-cdlink' => array('vcd'),
'application/x-chess-pgn' => array('pgn'),
'application/x-cpio' => array('cpio'),
'application/x-csh' => array('csh'),
'application/x-director' => array('dcr', 'dir', 'dxr'),
'application/x-dvi' => array('dvi'),
'application/x-futuresplash' => array('spl'),
'application/x-gtar' => array('gtar'),
'application/x-hdf' => array('hdf'),
'application/x-javascript' => array('js'),
'application/x-koan' => array('skp', 'skd', 'skt', 'skm'),
'application/x-latex' => array('latex'),
'application/x-netcdf' => array('nc', 'cdf'),
'application/x-sh' => array('sh'),
'application/x-shar' => array('shar'),
'application/x-shockwave-flash' => array('swf'),
'application/x-stuffit' => array('sit'),
'application/x-sv4cpio' => array('sv4cpio'),
'application/x-sv4crc' => array('sv4crc'),
'application/x-tar' => array('tar'),
'application/x-tcl' => array('tcl'),
'application/x-tex' => array('tex'),
'application/x-texinfo' => array('texinfo', 'texi'),
'application/x-troff' => array('t', 'tr', 'roff'),
'application/x-troff-man' => array('man'),
'application/x-troff-me' => array('me'),
'application/x-troff-ms' => array('ms'),
'application/x-ustar' => array('ustar'),
'application/x-wais-source' => array('src'),
'application/xhtml+xml' => array('xhtml', 'xht'),
'application/xslt+xml' => array('xslt'),
'application/xml' => array('xml', 'xsl'),
'application/xml-dtd' => array('dtd'),
'application/zip' => array('zip'),
'audio/basic' => array('au', 'snd'),
'audio/midi' => array('mid', 'midi', 'kar'),
'audio/mpeg' => array('mpga', 'mp2', 'mp3'),
'audio/x-aiff' => array('aif', 'aiff', 'aifc'),
'audio/x-mpegurl' => array('m3u'),
'audio/x-pn-realaudio' => array('ram', 'ra'),
'application/vnd.rn-realmedia' => array('rm'),
'audio/x-wav' => array('wav'),
'chemical/x-pdb' => array('pdb'),
'chemical/x-xyz' => array('xyz'),
'image/bmp' => array('bmp'),
'image/cgm' => array('cgm'),
'image/gif' => array('gif'),
'image/ief' => array('ief'),
'image/jpeg' => array('jpeg', 'jpg', 'jpe'),
'image/png' => array('png'),
'image/svg+xml' => array('svg'),
'image/tiff' => array('tiff', 'tif'),
'image/vnd.djvu' => array('djvu', 'djv'),
'image/vnd.wap.wbmp' => array('wbmp'),
'image/x-cmu-raster' => array('ras'),
'image/x-icon' => array('ico'),
'image/x-portable-anymap' => array('pnm'),
'image/x-portable-bitmap' => array('pbm'),
'image/x-portable-graymap' => array('pgm'),
'image/x-portable-pixmap' => array('ppm'),
'image/x-rgb' => array('rgb'),
'image/x-xbitmap' => array('xbm'),
'image/x-xpixmap' => array('xpm'),
'image/x-xwindowdump' => array('xwd'),
'model/iges' => array('igs', 'iges'),
'model/mesh' => array('msh', 'mesh', 'silo'),
'model/vrml' => array('wrl', 'vrml'),
'text/calendar' => array('ics', 'ifb'),
'text/css' => array('css'),
'text/html' => array('html', 'htm'),
'text/plain' => array('asc', 'txt'),
'text/richtext' => array('rtx'),
'text/rtf' => array('rtf'),
'text/sgml' => array('sgml', 'sgm'),
'text/tab-separated-values' => array('tsv'),
'text/vnd.wap.wml' => array('wml'),
'text/vnd.wap.wmlscript' => array('wmls'),
'text/x-setext' => array('etx'),
'video/mpeg' => array('mpeg', 'mpg', 'mpe'),
'video/quicktime' => array('qt', 'mov'),
'video/vnd.mpegurl' => array('mxu', 'm4u'),
'video/x-msvideo' => array('avi'),
'video/x-sgi-movie' => array('movie'),
'x-conference/x-cooltalk' => array('ice')
);
foreach ($mime_types as $mime_type => $exts)
{
if (in_array($ext, $exts))
{
return $mime_type;
}
}
return 'text/plain';
}
 
function icon($ext)
//find the appropriate icon depending on the extension (returns a link to the image file)
{
global $icon_path;
if ($icon_path == '')
{
return '';
}
if ($ext == '')
{
$icon = 'generic';
}
else
{
$icon = 'unknown';
static $icon_types = array(
'binary' => array('bat', 'bin', 'com', 'dmg', 'dms', 'exe', 'msi',
'msp', 'pif', 'pyd', 'scr', 'so'),
'binhex' => array('hqx'),
'cd' => array('bwi', 'bws', 'bwt', 'ccd', 'cdi', 'cue', 'img',
'iso', 'mdf', 'mds', 'nrg', 'nri', 'sub', 'vcd'),
'comp' => array('cfg', 'conf', 'inf', 'ini', 'log', 'nfo', 'reg'),
'compressed' => array('7z', 'a', 'ace', 'ain', 'alz', 'amg', 'arc',
'ari', 'arj', 'bh', 'bz', 'bz2', 'cab', 'deb', 'dz', 'gz',
'io', 'ish', 'lha', 'lzh', 'lzs', 'lzw', 'lzx', 'msx', 'pak',
'rar', 'rpm', 'sar', 'sea', 'sit', 'taz', 'tbz', 'tbz2',
'tgz', 'tz', 'tzb', 'uc2', 'xxe', 'yz', 'z', 'zip', 'zoo'),
'dll' => array('386', 'db', 'dll', 'ocx', 'sdb', 'vxd'),
'doc' => array('abw', 'ans', 'chm', 'cwk', 'dif', 'doc', 'dot',
'mcw', 'msw', 'pdb', 'psw', 'rtf', 'rtx', 'sdw', 'stw', 'sxw',
'vor', 'wk4', 'wkb', 'wpd', 'wps', 'wpw', 'wri', 'wsd'),
'image' => array('adc', 'art', 'bmp', 'cgm', 'dib', 'gif', 'ico',
'ief', 'jfif', 'jif', 'jp2', 'jpc', 'jpe', 'jpeg', 'jpg', 'jpx',
'mng', 'pcx', 'png', 'psd', 'psp', 'swc', 'sxd', 'tga',
'tif', 'tiff', 'wmf', 'wpg', 'xcf', 'xif', 'yuv'),
'java' => array('class', 'jar', 'jav', 'java', 'jtk'),
'js' => array('ebs', 'js', 'jse', 'vbe', 'vbs', 'wsc', 'wsf',
'wsh'),
'key' => array('aex', 'asc', 'gpg', 'key', 'pgp', 'ppk'),
'mov' => array('amc', 'dv', 'm4v', 'mac', 'mov', 'mp4v', 'mpg4',
'pct', 'pic', 'pict', 'pnt', 'pntg', 'qpx', 'qt', 'qti',
'qtif', 'qtl', 'qtp', 'qts', 'qtx'),
'movie' => array('asf', 'asx', 'avi', 'div', 'divx', 'dvi', 'm1v',
'm2v', 'mkv', 'movie', 'mp2v', 'mpa', 'mpe', 'mpeg', 'mpg',
'mps', 'mpv', 'mpv2', 'ogm', 'ram', 'rmvb', 'rnx', 'rp', 'rv',
'vivo', 'vob', 'wmv', 'xvid'),
'pdf' => array('edn', 'fdf', 'pdf', 'pdp', 'pdx'),
'php' => array('inc', 'php', 'php3', 'php4', 'php5', 'phps',
'phtml'),
'ppt' => array('emf', 'pot', 'ppa', 'pps', 'ppt', 'sda', 'sdd',
'shw', 'sti', 'sxi'),
'ps' => array('ai', 'eps', 'ps'),
'sound' => array('aac', 'ac3', 'aif', 'aifc', 'aiff', 'ape', 'apl',
'au', 'ay', 'bonk', 'cda', 'cdda', 'cpc', 'fla', 'flac',
'gbs', 'gym', 'hes', 'iff', 'it', 'itz', 'kar', 'kss', 'la',
'lpac', 'lqt', 'm4a', 'm4p', 'mdz', 'mid', 'midi', 'mka',
'mo3', 'mod', 'mp+', 'mp1', 'mp2', 'mp3', 'mp4', 'mpc',
'mpga', 'mpm', 'mpp', 'nsf', 'oda', 'ofr', 'ogg', 'pac', 'pce',
'pcm', 'psf', 'psf2', 'ra', 'rm', 'rmi', 'rmjb', 'rmm', 'sb',
'shn', 'sid', 'snd', 'spc', 'spx', 'svx', 'tfm', 'tfmx',
'voc', 'vox', 'vqf', 'wav', 'wave', 'wma', 'wv', 'wvx', 'xa',
'xm', 'xmz'),
'tar' => array('gtar', 'tar'),
'text' => array('c', 'cc', 'cp', 'cpp', 'cxx', 'diff', 'h', 'hpp',
'hxx', 'm3u', 'md5', 'patch', 'pls', 'py', 'sfv', 'sh',
'txt'),
'uu' => array('uu', 'uud', 'uue'),
'web' => array('asa', 'asp', 'aspx', 'cfm', 'cgi', 'css', 'dhtml',
'dtd', 'grxml', 'htc', 'htm', 'html', 'htt', 'htx', 'jsp', 'lnk',
'mathml', 'mht', 'mhtml', 'perl', 'pl', 'plg', 'rss', 'shtm',
'shtml', 'stm', 'swf', 'tpl', 'wbxml', 'xht', 'xhtml', 'xml',
'xsl', 'xslt', 'xul'),
'xls' => array('csv', 'dbf', 'prn', 'pxl', 'sdc', 'slk', 'stc', 'sxc',
'xla', 'xlb', 'xlc', 'xld', 'xlr', 'xls', 'xlt', 'xlw'));
foreach ($icon_types as $png_name => $exts)
{
if (in_array($ext, $exts))
{
$icon = $png_name;
break;
}
}
}
return "<img alt=\"[$ext]\" height=\"16\" width=\"16\" src=\"$icon_path/$icon.png\" /> ";
}
 
function display_thumbnail($file, $thumbnail_height)
{
global $html_heading;
if (!@is_file($file))
{
header('HTTP/1.0 404 Not Found');
die("$html_heading<p>File not found: <em>".htmlentities($file).'</em></p>');
}
switch (ext($file))
{
case 'gif':
$src = @imagecreatefromgif($file);
break;
case 'jpeg':
case 'jpg':
case 'jpe':
$src = @imagecreatefromjpeg($file);
break;
case 'png':
$src = @imagecreatefrompng($file);
break;
default:
die("$html_heading<p>Unsupported file extension.</p>");
}
if ($src === false)
{
die("$html_heading<p>Unsupported image type.</p>");
}
header('Content-Type: image/jpeg');
header('Cache-Control: public, max-age=3600, must-revalidate');
header('Expires: '.gmdate('D, d M Y H:i:s', time()+3600).' GMT');
$src_height = imagesy($src);
if ($src_height <= $thumbnail_height)
{
imagejpeg($src, '', 95);
}
else
{
$src_width = imagesx($src);
$thumb_width = $thumbnail_height * ($src_width / $src_height);
$thumb = imagecreatetruecolor($thumb_width, $thumbnail_height);
imagecopyresampled($thumb, $src, 0, 0, 0, 0, $thumb_width,
$thumbnail_height, $src_width, $src_height);
imagejpeg($thumb);
imagedestroy($thumb);
}
imagedestroy($src);
die();
}
 
function edit_description($fn, &$desc)
//edits a file's description
{
global $description_file, $html_heading;
if ($description_file == '')
{
return;
}
$wrote = false;
$l = @file($description_file) or $l = array();
$h = @fopen($description_file, 'wb') or die("$html_heading<p>Cannot open description file for writing.</p>");
$count_num = count($l);
for ($i=0; $i<$count_num; $i++)
{
$items = explode('|', rtrim($l[$i]), 2);
if (count($items) === 2 && $fn == $items[0])
{
fwrite($h, "$fn|$desc\n");
$wrote = true;
}
else
{
fwrite($h, $l[$i]);
}
}
if (!$wrote && $desc != '')
{
fwrite($h, "$fn|$desc\n");
}
fclose($h);
}
 
function add_to_file($item, $outfile)
{
global $html_heading;
$counted = false;
if ($l = @file($outfile))
{
$count_num = count($l);
for ($i=0; $i<$count_num; $i++)
{
$thisc = rtrim($l[$i]);
if ($item == substr($thisc, 0, strpos($thisc, '|')))
{
$counted = true;
break;
}
}
}
if ($counted)
{
$w = @fopen($outfile, 'wb') or die("$html_heading<p>Could not open <em>$outfile</em> file for writing.</p>");
for ($i=0; $i<$count_num; $i++)
{
$items = explode('|', rtrim($l[$i]), 2);
if (count($items) === 2 && $items[0] == $item)
{
$nc = $items[1] + 1;
fwrite($w, "$item|$nc\n");
}
else
{
fwrite($w, $l[$i]);
}
}
}
else
{
$w = @fopen($outfile, 'ab') or die("$html_heading<p>Could not open <em>$outfile</em> file for writing.</p>");
fwrite($w, "$item|1\n");
}
fclose($w);
}
 
function get_stored_info($item, $filename)
{
if ($contents = @file($filename))
{
$count_num = count($contents);
for ($i=0; $i<$count_num; $i++)
{
$items = explode('|', rtrim($contents[$i]), 2);
if (count($items) === 2 && $item == $items[0])
{
return $items[1];
}
}
}
return '';
}
 
function table_heading($title, $sortMode, $tooltip)
{
global $this_file, $subdir;
echo "\n<th class='default_th'><a class='black_link' title=\"$tooltip\" href=\"",
$this_file, 'dir=', translate_uri($subdir), '&amp;sort=',
(($_SESSION['sort'] == 'a' && $_SESSION['sortMode'] == $sortMode) ? 'd' : 'a'),
'&amp;sortMode=', $sortMode, '">', $title, '</a></th>';
}
 
//find and store the user's IP address and hostname:
$ip = (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'N/A');
if (isset($_SESSION['host']))
{
$host = $_SESSION['host'];
}
else
{
$_SESSION['host'] = $host = @gethostbyaddr($ip);
}
 
if ($banned_list != '' && ($b_list = @file($banned_list)))
//make sure the IP or hostname is not banned
{
for ($i=0; $i<count($b_list); $i++)
{
$b_list[$i] = rtrim($b_list[$i]);
}
if (match_in_array($ip, $b_list) || match_in_array($host, $b_list))
{
echo $html_heading;
show_header();
echo '<p>Sorry, the administrator has blocked your IP address or hostname.</p>';
show_footer();
die();
}
}
 
function ok_to_log()
//returns true if the ip or hostname is not in $dont_log_these_ips
{
global $ip, $host, $dont_log_these_ips;
return (!(match_in_array($ip, $dont_log_these_ips) ||
($host != 'N/A' && match_in_array($host, $dont_log_these_ips))));
}
 
if ($use_login_system && isset($_POST['user'], $_POST['pass'])
&& $_POST['user'] != '' && $_POST['pass'] != '')
//check login
{
if (check_login($_POST['user'], md5($_POST['pass'])))
{
if ($log_file != '' && ok_to_log())
{
if ($write = @fopen($log_file, 'ab'))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
."\t$ip\t$host\t$referrer\t$dir\tSuccessful Login (username: "
.$_POST['user'].")\n");
fclose($write);
}
}
$_SESSION['user'] = $_POST['user'];
$_SESSION['pass'] = md5($_POST['pass']);
unset($_POST['pass'], $_POST['user']);
redirect($this_file.'dir='.translate_uri($subdir));
}
else
{
echo '<h3>Invalid Login.</h3>';
if ($log_file != '' && ok_to_log())
{
if ($write = @fopen($log_file, 'ab'))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
."\t$ip\t$host\t$referrer\t$dir\tInvalid Login (username: "
.$_POST['user'].")\n");
fclose($write);
}
}
sleep(1); //"freeze" the script for a second to prevent brute force attacks
}
}
 
if ($use_login_system && $must_login_to_download && !logged_in())
//must login to download
{
echo $html_heading;
show_header();
echo '<p>You must login to download and view files.</p>';
show_login_box();
show_footer();
die();
}
 
if ($md5_show && isset($_GET['md5']))
{
$file = $dir.eval_dir(rawurldecode($_GET['md5']));
if (!@is_file($file))
{
header('HTTP/1.0 404 Not Found');
die($html_heading.'<p>Error: file does not exist.</p>');
}
$size = (int)@filesize($file);
if ($size <= 0 || $size/1048576 > $md5_show)
{
die($html_heading.'<p><strong>Error</strong>: empty file, or file too big to find the md5sum of (according to the $md5_show variable).</p>');
}
die(md5_file($file));
}
 
if ($thumbnail_height > 0 && isset($_GET['thumbnail']) && $_GET['thumbnail'] != '')
{
$file = $dir.eval_dir(rawurldecode($_GET['thumbnail']));
display_thumbnail($file, $thumbnail_height);
}
 
if (isset($_GET['sort']))
{
$_SESSION['sort'] = $_GET['sort'];
}
else if (!isset($_SESSION['sort']))
{
//'a' is ascending, 'd' is descending
$_SESSION['sort'] = 'a';
}
 
if (isset($_GET['sortMode']))
{
$_SESSION['sortMode'] = $_GET['sortMode'];
}
else if (!isset($_SESSION['sortMode']))
{
/*
* 'f' is filename
* 't' is filetype
* 'h' is downloads (hits)
* 's' is size
* 'm' is date (modified)
* 'd' is description
*/
$_SESSION['sortMode'] = 'f';
}
 
//size of the "chunks" that are read at a time from the file (when $force_download is on)
$speed = ($bandwidth_limit ? $bandwidth_limit : 8);
 
if ($folder_expansion)
{
if (!isset($_SESSION['expanded']))
{
$_SESSION['expanded'] = array();
}
if (isset($_GET['expand']) && $_GET['expand'] != '')
{
$temp = $dir.eval_dir(rawurldecode($_GET['expand']));
if (@is_dir($temp) && !in_array($temp, $_SESSION['expanded']))
{
$_SESSION['expanded'][] = $temp;
}
}
if (isset($_GET['collapse']) && $_GET['collapse'] != '')
{
$temp = $dir.eval_dir(rawurldecode($_GET['collapse']));
if (in_array($temp, $_SESSION['expanded']))
{
array_splice($_SESSION['expanded'], array_search($temp, $_SESSION['expanded']), 1);
}
}
}
 
if ($allow_uploads && (!$use_login_system || logged_in()))
//upload a file
{
if ($count_files = count($_FILES))
{
echo $html_heading;
show_header();
$uploaded_files = $errors = '';
for ($i=0; $i<$count_files; $i++)
{
$filename = get_basename($_FILES[$i]['name']);
if ($filename == '')
{
continue;
}
if (is_hidden($filename))
{
$errors .= "<li>$filename [filename is listed as a hidden file]</li>";
continue;
}
$filepath = $base_dir.eval_dir(rawurldecode($_POST['dir']));
$fullpathname = realpath($filepath).'/'.$filename;
if (!$allow_file_overwrites && @file_exists($fullpathname))
{
$errors .= "<li>$filename [file already exists]</li>";
}
else if (@move_uploaded_file($_FILES[$i]['tmp_name'], $fullpathname))
{
@chmod($fullpathname, 0644);
$uploaded_files .= "<li>$filename</li>";
if ($log_file != '' && ok_to_log() && ($write = @fopen($log_file, 'ab')))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
. "\t$ip\t$host\t$referrer\t$dir\tFile uploaded: $filepath$filename\n");
fclose($write);
}
}
else
{
$errors .= "<li>$filename</li>";
}
}
if ($errors == '')
{
$errors = '<br />[None]';
}
if ($uploaded_files == '')
{
$uploaded_files = '<br />[None]';
}
echo "<p><strong>Uploaded files</strong>: $uploaded_files</p><p><strong>Failed files</strong>: $errors</p>",
'<p><a class="default_a" href="', $this_file, 'dir=',
$_POST['dir'], '">Continue.</a></p>';
show_footer();
die();
}
else if (isset($_POST['numUpload']))
{
echo $html_heading;
show_header();
echo "<table border='0' cellpadding='8' cellspacing='0'><tr class='paragraph'><td class='default_td'>
<form enctype='multipart/form-data' action='$this_file' method='post'>
<input type='hidden' name='dir' value='", $_POST['dir'], "' />\n";
$num = (int)$_POST['numUpload'];
for ($i=0; $i<$num; $i++)
{
$n = $i + 1;
echo "\t\t{$words['file']} $n : <input name='$i' type='file' /><br />\n";
}
echo '<p><input class="button" type="submit" value="Upload Files" />
</p></form></td></tr></table>';
show_footer();
die();
}
}
 
if ($use_login_system && logged_in() && is_admin())
{
$con = '<p><a class="default_a" href="'.$this_file.'dir='
.translate_uri($subdir).'">Continue.</a></p>';
 
if (isset($_GET['getcreate']))
{
echo $html_heading;
show_header();
echo "<table border='0' cellpadding='8' cellspacing='0'><tr class='paragraph'><td class='default_td'>
Enter the name of the folder you would like to create:
<form method='get' action='$this_file'>
<input type='hidden' name='dir' value='", translate_uri($subdir), "' />";
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<p><input type="text" name="create" /></p>
<p><input class="button" type="submit" value="Create" /></p>
</form></td></tr></table>';
show_footer();
die();
}
else if (isset($_GET['create']) && $_GET['create'] != '')
{
$p = $dir.eval_dir($_GET['create']);
$msg = (@file_exists($p) ? 'Folder already exists: ' : (mkdir_recursive($p) ? 'Folder successfully created: ' : 'Could not create folder: '));
echo $html_heading;
show_header();
echo $msg, htmlentities($p), $con;
show_footer();
die();
}
else if ($description_file != '' && isset($_GET['descFile']) && $_GET['descFile'] != '')
{
if (isset($_GET['desc']))
{
$desc = trim(rawurldecode($_GET['desc']));
$descFile = trim(rawurldecode($_GET['descFile']));
edit_description($dir.$descFile, $desc);
}
else
{
$filen = rawurldecode($_GET['descFile']);
echo $html_heading;
show_header();
echo "<table border='0' cellpadding='8' cellspacing='0'>
<tr class='paragraph'><td class='default_td'>
Enter the new description for the file <em>$filen</em>:
<form method='get' action='$this_file'>
<input type='hidden' name='dir' value='", translate_uri($subdir), "' />
<input type='hidden' name='descFile' value='", translate_uri($filen), '\' />';
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<p><input type="text" name="desc" size="50" value="',
get_stored_info($dir.$filen, $description_file), '" /></p>
<p><input class="button" type="submit" value="Change" /></p>
</form></td></tr></table>';
show_footer();
die();
}
}
else if (isset($_GET['edit_links']))
{
echo $html_heading;
show_header();
echo '<table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td">';
if ($links_file == '')
{
echo '<p>The link system is not in use.<br />To turn it on, set the $links_file variable.</p>';
}
else if (isset($_GET['link'], $_GET['name']) && $_GET['link'] != '')
{
if ($handle = @fopen($dir.$links_file, 'ab'))
{
fwrite($handle, $_GET['link'].'|'.$_GET['name']."\n");
fclose($handle);
echo '<p>Link added.</p>';
}
else
{
echo '<p>Could not open links_file for writing.</p>';
}
}
else if (isset($_GET['remove']))
{
if (($list = @file($dir.$links_file)) && ($handle = @fopen($dir.$links_file, 'wb')))
{
for ($i=0; $i<count($list); $i++)
{
if (rtrim($list[$i]) != rtrim($_GET['remove']))
{
fwrite($handle, $list[$i]);
}
}
fclose($handle);
echo '<p>Link removed.</p>';
}
else
{
echo '<p>Could not open links_file.</p>';
}
}
else
{
echo '<h3>Add a new link:</h3><div class"small">for the directory <em>', htmlentities($dir),
"</em></div><form method='get' action='$this_file'>",
'<input type="hidden" name="dir" value="', translate_uri($subdir),
'" /><p>URL: <input type="text" name="link" size="40" value="http://" />
<br />Name: <input type="text" name="name" size="35" />
<br /><span class="small">(Leave "name" blank for the URL itself to be shown.)</span></p>';
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<input type="hidden" name="edit_links" value="true" />
<p><input class="button" type="submit" value="Add" /></p></form></td></tr></table></p>',
'<p><table border="0" cellpadding="8" cellspacing="0"><tr class="paragraph"><td class="default_td">',
'<h3>Remove a link:</h3>', "<form method='get' action='$this_file'>";
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<input type="hidden" name="dir" value="', translate_uri($subdir), '" />',
'<input type="hidden" name="edit_links" value="true" />';
$list = @file($dir.$links_file) or $list = array();
echo '<select name="remove">';
for ($i=0; $i<count($list); $i++)
{
echo '<option>'.$list[$i].'</option>';
}
echo '</select><p><input class="button" type="submit" value="Delete" /></form></p>';
}
echo '</p></td></tr></table>', $con;
show_footer();
die();
}
else if (isset($_GET['copyFile'], $_GET['protocol']))
{
echo $html_heading;
show_header();
if ($_GET['copyFile'] == '')
{
echo '<p>Please go back and enter a file to copy.</p>', $con;
show_footer();
die();
}
$remote = $_GET['protocol'].$_GET['copyFile'];
$local = $dir.get_basename($remote);
if (!$allow_file_overwrites && @file_exists($local))
{
echo "File already exists: <em>$local</em>$con";
show_footer();
die();
}
$r = @fopen($remote, 'rb') or die("<p>Cannot open remote file for reading: <em>$remote</em></p>$con");
$l = @fopen($local, 'wb') or die("<p>Cannot open local file for writing: <em>$local</em></p>$con");
while (true)
{
$temp = fread($r, 8192);
if ($temp === '')
{
break;
}
fwrite($l, $temp);
}
fclose($l);
fclose($r);
echo "<p>Remote file <em>$remote</em> successfully copied to <em>$local</em></p>$con";
show_footer();
die();
}
else if (isset($_GET['copyURL']))
{
echo $html_heading;
show_header();
echo "<table border='0' cellpadding='8' cellspacing='0'>
<tr class='paragraph'><td class='default_td'>
Enter the name of the remote file you would like to copy:
<form method='get' action='$this_file'>
<input type='hidden' name='dir' value='", translate_uri($subdir), "' />";
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<p><input type="radio" name="protocol" value="http://" checked="checked" />http://
<br /><input type="radio" name="protocol" value="ftp://" />ftp://
<input type="text" name="copyFile" /></p>
<p><input class="button" type="submit" value="Copy" /></p>
</form></td></tr></table>';
show_footer();
die();
}
else if (isset($_GET['rename']) && $_GET['rename'] != '')
{
echo $html_heading;
show_header();
echo '<table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td">';
$p = $dir.eval_dir(rawurldecode($_GET['rename']));
if (isset($_GET['newName']) && $_GET['newName'] != '')
{
$new_name = $dir.eval_dir(rawurldecode($_GET['newName']));
if ($p == $new_name)
{
$msg = 'The filename is unchanged for ';
}
else if (@rename($p, $new_name))
{
$msg = 'Rename successful for ';
if ($download_count != '')
{
$l = @file($download_count) or $l = array();
if ($h = @fopen($download_count, 'wb'))
{
for ($i=0; $i<count($l); $i++)
{
$regex = '/^'.preg_quote($p, '/').'/';
fwrite($h, preg_replace($regex, $new_name, $l[$i]));
}
fclose($h);
}
}
if ($description_file != '')
{
$l = @file($description_file) or $l = array();
if ($h = @fopen($description_file, 'wb'))
{
for ($i=0; $i<count($l); $i++)
{
$regex = '/^'.preg_quote($p, '/').'/';
fwrite($h, preg_replace($regex, $new_name, $l[$i]));
}
fclose($h);
}
}
}
else
{
$msg = 'Rename failed for ';
}
echo $msg, htmlentities($p), $con, '</td></tr></table>';
show_footer();
die();
}
echo '<p>Renaming <em>', htmlentities($p), "</em></p><p>New Filename:
<br /><span class='small'>(you can also move the file by specifying a path)</span>
</p><form method='get' action='$this_file'>
<input type='hidden' name='dir' value='", translate_uri($subdir), "' />
<input type='hidden' name='rename' value='", translate_uri($_GET['rename']), '\' />';
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<input type="text" name="newName" size="40" value="', $_GET['rename'], '" />
<p><input class="button" type="submit" value="Rename" /></p></form></td></tr></table>';
show_footer();
die();
}
else if (isset($_GET['delete']) && $_GET['delete'] != '')
{
echo $html_heading;
show_header();
echo '<table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td">';
$_GET['delete'] = rawurldecode($_GET['delete']);
$p = $dir.eval_dir($_GET['delete']);
if (isset($_GET['sure'])) //delete the file
{
if (@is_dir($p))
{
$msg = (rmdir_recursive($p) ? 'Folder successfully deleted: '
: 'Could not delete folder: ');
}
else if (@is_file($p))
{
$msg = (@unlink($p) ? 'File successfully deleted: '
: 'Could not delete file: ');
}
else
{
$msg = 'File or folder does not exist: ';
}
}
else //ask user for confirmation
{
$msg = 'Are you sure you want to delete <em>';
$con = '</em><p><a class="default_a" href="'.$this_file.'dir='
.translate_uri($subdir).'&amp;delete='.translate_uri($_GET['delete'])
.'&amp;sure=true">Yes, delete it.</a></p><p><a class="default_a" href="'
.$this_file.'dir='.translate_uri($subdir).'">No, go back.</a></p>';
}
echo $msg, htmlentities($p), $con, '</td></tr></table>';
show_footer();
die();
}
else if (isset($_GET['config']))
{
if (@is_file($config_generator))
{
define('CONFIG', true);
if (!@include($config_generator))
{
die("$html_heading<p>Error including file <em>$config_generator</em></p>");
}
die();
}
else
{
die("$html_heading<p>File <em>$config_generator</em> not found.</p>");
}
}
else if (isset($_GET['edit_ban']))
{
echo $html_heading;
show_header();
echo '<table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td">';
if ($banned_list == '')
{
echo '<p>The banning system is not in use.<br />To turn it on, set the $banned_list variable.</p>';
}
else if (isset($_GET['add_ban']))
{
if ($handle = @fopen($banned_list, 'ab'))
{
fwrite($handle, $_GET['add_ban']."\n");
fclose($handle);
echo '<p>Ban added.</p>';
}
else
{
echo '<p>Could not open ban_list file for writing.</p>';
}
}
else if (isset($_GET['del_ban']))
{
$del_ban = rtrim($_GET['del_ban']);
if (($list = @file($banned_list)) && ($handle = @fopen($banned_list, 'wb')))
{
for ($i=0; $i<count($list); $i++)
{
if (rtrim($list[$i]) != $del_ban)
{
fwrite($handle, $list[$i]);
}
}
fclose($handle);
echo '<p>Ban removed.</p>';
}
else
{
echo '<p>Could not open ban_list file.</p>';
}
}
else
{
echo '<h3>Add a new ban:</h3>',
"<form method='get' action='$this_file'>",
'IP address or hostname: <input type="text" name="add_ban" size="35" />
<br /><span class="small">You can use wildcards if you want (*, ?, +)</span></p>';
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<input type="hidden" name="edit_ban" value="true" />
<p><input class="button" type="submit" value="Add" /></p></form></td></tr></table></p>',
'<table border="0" cellpadding="8" cellspacing="0"><tr class="paragraph"><td class="default_td">',
'<h3>Remove a ban:</h3>'."<form method='get' action='$this_file'>";
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<input type="hidden" name="edit_ban" value="true" />';
$list = @file($banned_list) or $list = array();
echo '<select name="del_ban">';
for ($i=0; $i<count($list); $i++)
{
echo '<option>'.$list[$i].'</option>';
}
echo '</select><p><input class="button" type="submit" value="Remove" /></form>';
}
echo '</p></td></tr></table>', $con;
show_footer();
die();
}
}
 
function get_change_color($num)
{
if ($num > 0)
{
return '<span style="color: #00FF00;">+';
}
if ($num < 0)
{
return '<span style="color: #FF0000;">';
}
return '<span style="color: #000000;">';
}
 
if ($use_login_system && isset($_GET['log']))
//logfile viewer
{
echo $html_heading;
show_header();
if (!logged_in() || !is_admin())
{
echo '<p>You must be logged in as an admin to access this page.</p>';
}
else if ($log_file == '')
{
echo '<p>The logging system is not in use.
<br />To turn it on, set the $log_file variable.</p>';
}
else if (isset($_GET['view']))
{
$log = @file($log_file) or die("Cannot open log file: <em>$log_file</em>");
$count_log = count($log);
$max_to_display = (int)$_GET['view'];
$num = (($max_to_display == 0) ? $count_log : min($max_to_display, $count_log));
echo "<p>Last $num log entries (of $count_log".')</p><table width="100%"><tr>
<th class="default_th">&nbsp;</th><th class="default_th">Date</th>
<th class="default_th">Time</th><th class="default_th">IP</th>
<th class="default_th">Hostname</th><th class="default_th">Referrer</th>
<th class="default_th">File/Folder Viewed</th><th class="default_th">Other</th></tr>';
for ($i=0; $i<$num; $i++)
{
$entries = explode("\t", rtrim($log[$count_log-$i-1]));
$num_entries = count($entries);
if ($num_entries > 5)
{
echo "\n<tr class=", (($i % 2) ? '"dark_row">' : '"light_row">'),
'<td class="default_td"><strong>', ($i + 1), '</strong></td>';
for ($j=0; $j<$num_entries; $j++)
{
echo '<td class="default_td">', (($j == 4 && $entries[4] != 'N/A') ?
'<a class="default_a" href="'.$entries[$j].'">'.htmlentities($entries[$j]).'</a>' :
htmlentities($entries[$j])).'</td>';
}
if ($num_entries === 6)
{
echo '<td class="default_td">&nbsp;</td>';
}
echo '</tr>';
}
}
echo '</table>';
}
else if (isset($_GET['stats']))
{
if (!@include($path_to_language_files.'country_codes.php'))
{
die("<p>File not found: <em>{$path_to_language_files}country_codes.php</em></p>");
}
$extensions = $dates = $unique_hits = $countries = array();
$total_hits = 0;
$h = @fopen($log_file, 'rb') or die("<p>Cannot open log file: <em>$log_file</em></p>");
while (!feof($h))
{
$entries = explode("\t", rtrim(fgets($h, 1024)));
if (count($entries) > 5)
{
//find the number of unique visits
if ($entries[5] == $base_dir)
{
$total_hits++;
if (!in_array($entries[3], $unique_hits))
{
$unique_hits[] = htmlentities($entries[3]);
}
//find country codes by hostnames
$cc = ext($entries[3]);
if (preg_match('/^[a-z]+$/i', $cc))
{
add_num_to_array($cc, $countries);
}
//find the dates of the visits
add_num_to_array($entries[0], $dates);
}
//find file extensions
else if (($ext = ext($entries[5])) && preg_match('/^[\w-]+$/', $ext))
{
add_num_to_array($ext, $extensions);
}
}
}
fclose($h);
$num_days = count($dates);
$avg = round($total_hits/$num_days);
 
echo '<table width="40%"><tr><th class="default_th">&nbsp;</th>
<th class="default_th">Total</th><th class="default_th">Daily</th></tr>',
"<tr class='light_row'><td class='default_td'>Hits</td>
<td class='default_td'>$total_hits</td><td class='default_td'>$avg",
'</td></tr><tr class="light_row"><td class="default_td">Unique Hits</td>
<td class="default_td">'.count($unique_hits).'</td><td class="default_td">',
round(count($unique_hits)/$num_days),
'</td></tr></table><p>Percent Unique: ',
number_format(count($unique_hits)/$total_hits*100, 1), '</p>';
 
arsort($extensions);
arsort($countries);
 
$date_nums = array_values($dates);
echo '<p /><table width="75%" border="0"><tr><th class="default_th">Date</th>
<th class="default_th">Hits That Day</th><th class="default_th">Change From Previous Day</th>
<th class="default_th">Difference From Average ('.$avg.')</th></tr>';
$i = 0;
foreach ($dates as $day => $num)
{
$diff = $num - $avg;
$change = (($i > 0) ? ($num - $date_nums[$i-1]) : 0);
$change_color = get_change_color($change);
$diff_color = get_change_color($diff);
 
$class = (($i++ % 2) ? 'dark_row' : 'light_row');
echo "<tr class='$class'><td class='default_td'>$day</td>
<td class='default_td'>$num</td>
<td class='default_td'>$change_color$change</span></td>
<td class='default_td'>$diff_color$diff</span></td></tr>";
}
echo '</table><p /><table width="75%" border="0">
<tr><th class="default_th">Downloads based on file extensions</th>
<th class="default_th">Total</th><th class="default_th">Daily</th></tr>';
$i = 0;
foreach ($extensions as $ext => $num)
{
$class = (($i++ % 2) ? 'dark_row' : 'light_row');
echo "<tr class='$class'><td class='default_td'>$ext</td>
<td class='default_td'>$num</td><td class='default_td'>",
number_format($num/$num_days, 1), '</td></tr>';
}
echo '</table><p /><table width="75%" border="0"><tr>
<th class="default_th">Hostname ISP extension</th>
<th class="default_th">Total</th><th class="default_th">Daily</th></tr>';
$i = 0;
foreach ($countries as $c => $num)
{
$c_code = (isset($country_codes[strtolower($c)]) ? ' <span class="small">('.$country_codes[strtolower($c)].')</span>' : '');
$class = (($i++ % 2) ? 'dark_row' : 'light_row');
echo "<tr class='$class'><td class='default_td'>$c{$c_code}</td><td class='default_td'>$num</td><td class='default_td'>",
number_format($num / $num_days, 1), "</td></tr>\n";
}
echo '</table>';
}
else
{
echo '<table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td">'
."<form method='get' action='$this_file'>
<input type='hidden' name='log' value='true' />";
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '<p>List the latest <input type="text" size="2" name="view" /> enties in the log file (0 to view all).<input class="button" type="submit" value="Go" /></p></form>
<p>or <a class="default_a" href="', $this_file, 'log=true&amp;stats=true">view statistics</a>.</p></td></tr></table>';
}
echo '<p><a class="default_a" href="', $this_file, '">Continue.</a></p>';
show_footer();
die();
}
 
if ($use_login_system && (isset($_POST['admin']) || isset($_GET['admin'])))
//user admin section
{
echo $html_heading;
show_header();
if (!logged_in() || !is_admin())
{
echo '<p>You must be logged in as an admin to access this page.</p>';
}
else if (isset($_POST['username'], $_POST['password1'], $_POST['password2'], $_POST['admin']))
{
$pwd_reg_exp = '^[A-Za-z0-9_-]+$';
if (strlen($_POST['password1']) < 6)
{
echo '<p>Password must be at least 6 characters long.</p>';
}
else if (!ereg($pwd_reg_exp, $_POST['username']))
{
echo 'The username must only contain alpha-numeric characters, underscores, or dashes.',
'<br /><span class="small">It must match the regular expression: <strong>',
htmlentities($pwd_reg_exp), '</strong></span>';
}
else if ($_POST['password1'] != $_POST['password2'])
{
echo '<p>Passwords do not match.</p>';
}
else if (is_username($_POST['username']))
{
echo '<p>That username already exists.</p>';
}
else
{
$handle = @fopen($user_list, 'ab') or die("<p>Could not open file <em>$user_list</em> for writing.</p>");
fwrite($handle, md5($_POST['password1']).$_POST['admin'].$_POST['username']."\n");
fclose($handle);
echo '<p>User added. <a class="default_a" href="', $this_file, '">Continue.</a></p>';
}
}
else if (isset($_POST['deluser'], $_POST['doit']))
{
if ($_POST['doit'])
{
if (is_user_admin($_POST['deluser']) && num_admins() < 2)
{
echo '<p>You cannot remove this user because it is the only admin.
<br />Create another user with admin rights, then delete this user.</p>
<p><a class="default_a" href="', $this_file, '">Continue.</a></p>';
}
else
{
$handle = @fopen($user_list, 'wb') or die("<p>Could not open file <strong>$user_list</strong> for writing.</p>");
foreach ($global_user_list as $look)
{
if (strcasecmp($_POST['deluser'], substr(rtrim($look), 33)) !== 0)
{
fwrite($handle, $look);
}
}
fclose($handle);
echo '<p>User <strong>'.$_POST['deluser'].'</strong> has been removed. <a class="default_a" href="'
.$this_file.'">Continue.</a></p>';
}
}
else
{
echo '<table border="0" cellpadding="8" cellspacing="0"><tr class="paragraph"><td class="default_td">',
'Are you sure you want to remove <strong>', $_POST['deluser'], "</strong>?<p><form method='post' action='$this_file'>",
'<input type="hidden" name="doit" value="1" /><input type="hidden" name="admin" value="true" /><input type="hidden" name="deluser" value="',
$_POST['deluser'], '" /><input class="button" type="submit" value="Yes, do it." />',
'</form></td></tr></table>';
}
}
else
{
echo "
<table border='0' cellpadding='8' cellspacing='0'>
<tr class='paragraph'><td class='default_td'>
<h3>Add a user:</h3>
<form method='post' action='$this_file'>
<p><input type='hidden' name='admin' value='true' />
Username: <input type='text' name='username' />
<br />Password: <input type='password' name='password1' />
<br />Password: <input type='password' name='password2' />
<br />Is Admin?: <select name='admin'>
<option selected='selected' value='0'>No</option>
<option value='1'>Yes</option></select></p>
<p><input class='button' type='submit' value='Add User' /></p>
</form></td></tr></table>
 
<p /><table border='0' cellpadding='8' cellspacing='0'>
<tr class='paragraph'><td class='default_td'>
<h3>Delete a user:</h3>
<form method='post' action='$this_file'>
<p><input type='hidden' name='admin' value='true' />
Select user to delete: <select name='deluser'>";
foreach ($global_user_list as $look)
{
echo '<option>', substr($look, 33), '</option>';
}
echo '</select><input type="hidden" name="doit" value="0" /></p>
<p><input class="button" type="submit" value="Delete" /></p></form>
</td></tr></table>';
}
show_footer();
die();
}
else if ($use_login_system && isset($_GET['logout']))
//logout
{
session_unset();
session_destroy();
redirect($this_file);
}
else if ($use_login_system && (isset($_POST['passwd']) || isset($_GET['passwd'])))
//change password
{
echo $html_heading;
show_header();
if (!logged_in())
{
echo '<p>You must login to access this page.</p>';
}
else if (isset($_POST['oldpass'], $_POST['newpass1'], $_POST['newpass2']))
{
if (strlen($_POST['newpass1']) < 6)
{
echo '<p>New password too short (must be at least 6 characters).</p>';
}
else if ($_POST['newpass1'] != $_POST['newpass2'])
{
echo '<p>New passwords do not match.</p>';
}
else if (check_login($_SESSION['user'], md5($_POST['oldpass'])))
{
$handle = @fopen($user_list, 'wb') or die("<p>Could not open file <strong>$user_list</strong> for writing.</p>");
foreach ($global_user_list as $look)
{
fwrite($handle, ((strcasecmp($_SESSION['user'] , substr(rtrim($look), 33)) === 0) ?
md5($_POST['newpass1']).substr($look, 32) : $look));
}
fclose($handle);
echo '<p>Password for <strong>'.$_SESSION['user'].'</strong> has been changed.<p>You must now <a class="default_a" href="'
.$this_file.'">logout</a>.</p>';
}
else
{
echo '<p>Incorrect old password.</p>';
}
}
else
{
echo "<table border='0' cellpadding='8' cellspacing='0'>
<tr class='paragraph'><td class='default_td'>
<form method='post' action='$this_file'>
<input type='hidden' name='passwd' value='true' />
Old Password: <input type='password' name='oldpass' />
<br />New Password: <input type='password' name='newpass1' />
<br />New Password: <input type='password' name='newpass2' />
<p><input class='button' type='submit' value='Change Password' />
</form></td></tr></table>";
}
show_footer();
die();
}
 
$total_bytes = 0;
 
if ($links_file != '' && isset($_GET['link']))
//redirect to a link
{
if (ok_to_log())
{
if ($log_file != '')
{
if ($write = @fopen($log_file, 'ab'))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
."\t$ip\t$host\t$referrer\t"
.$_GET['link']."\tLink file\n");
fclose($write);
}
}
if ($download_count != '')
{
add_to_file($_GET['link'], $download_count);
}
}
redirect($_GET['link']);
}
 
if ($file_dl != '')
//if the user specified a file to download, download it now
{
if (!@is_file($dir.$file_dl))
{
header('HTTP/1.0 404 Not Found');
echo $html_heading;
show_header();
echo '<h3>Error 404: file not found</h3>',
htmlentities($dir . $file_dl), ' was not found on this server.';
show_footer();
die();
}
 
if ($anti_leech && !isset($_SESSION['ref']) && ($referrer == 'N/A' || !stristr($referrer, $_SERVER['SERVER_NAME'])))
{
if ($log_file != '' && ok_to_log())
{
if ($write = @fopen($log_file, 'ab'))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
."\t$ip\t$host\t$referrer\t$dir$file_dl\tLeech Attempt\n");
fclose($write);
}
}
$ref = (($referrer == 'N/A') ? 'typing it in the address bar...' : $referrer);
echo $html_heading;
show_header();
echo '<h3>This PHP Script has an Anti-Leech feature turned on.<p>Make sure you are accessing this file directly from <a class="default_a" href="http://',
$_SERVER['SERVER_NAME'], '">', htmlentities($_SERVER['SERVER_NAME']), '</a></h3>',
'It seems you are trying to get it from <strong>', "$ref</strong><p>Your IP address has been logged.<br />$ip ($host)";
$index_link = 'http://'.$_SERVER['SERVER_NAME'].$this_file.'dir='.translate_uri($subdir);
echo '<p>Here is a link to the directory index the file is in:<br /><a class="default_a" href="',
$index_link, '">', htmlentities($index_link), '</a></p>';
show_footer();
die();
}
if (ok_to_log())
{
if ($download_count != '')
{
add_to_file($dir.$file_dl, $download_count);
}
if ($log_file != '')
{
if ($write = @fopen($log_file, 'ab'))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
."\t$ip\t$host\t$referrer\t$dir$file_dl\n");
fclose($write);
}
}
}
 
if ($force_download) //use php to read the file, and tell the browser to download it
{
if (!($fn = @fopen($dir.$file_dl, 'rb')))
{
die($html_heading.'<h3>Error 401: permission denied</h3> you cannot access <em>'
.htmlentities($file_dl).'</em> on this server.');
}
$outname = get_basename($file_dl);
$size = @filesize($dir.$file_dl);
if ($size !== false)
{
header('Content-Length: '.$size);
}
header('Content-Type: '.find_mime_type(ext($outname)).'; name="'.$outname.'"');
header('Content-Disposition: attachment; filename="'.$outname.'"');
@set_time_limit(0);
while (true)
{
$temp = @fread($fn, (int)($speed * 1024));
if ($temp === '')
{
break;
}
echo $temp;
flush();
if ($bandwidth_limit)
{
sleep(1);
}
}
fclose($fn);
die();
}
redirect(translate_uri($dir.$file_dl));
}
 
if ($log_file != '' && ok_to_log())
//write to the logfile
{
if ($write = @fopen($log_file, 'ab'))
{
$log_str = date($date_format)."\t".date('H:i:s')
."\t$ip\t$host\t$referrer\t$dir";
if ($search != '')
{
$log_str .= "\tSearch: $search";
}
fwrite($write, $log_str."\n");
fclose($write);
}
else
{
echo '<p>Error: Could not write to logfile.</p>';
}
}
 
if ($anti_leech && !isset($_SESSION['ref']))
{
$_SESSION['ref'] = 1;
}
 
echo $html_heading;
show_header();
 
if (!@is_dir($dir))
//make sure the subfolder exists
{
echo '<p><strong>Error: The folder <em>'.htmlentities($dir)
.'</em> does not exist.</strong></p>';
$dir = $base_dir;
$subdir = '';
}
 
if ($enable_searching && $search != '')
//show the results of a search
{
echo '<table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td"><p><strong>',
$words['search results'], '</strong> :<br /><span class="small">for <em>',
htmlentities($dir), '</em> and its subdirectories</span></p><p>';
$results = search_dir($dir, $search);
natcasesort($results);
if ($_SESSION['sort'] == 'd' && $_SESSION['sortMode'] == 'f')
{
$results = array_reverse($results);
}
for ($i=0; $i<count($results); $i++)
{
$file = substr($results[$i], strlen($base_dir));
echo '<a class="default_a" href="'.$this_file;
if (is_dir($base_dir.$file))
{
echo 'dir='.translate_uri($file).'/">';
if ($icon_path != '')
{
echo '<img height="16" width="16" alt="[dir]" src="', $icon_path, '/dir.png" /> ';
}
echo htmlentities($file)."/</a><br />\n";
}
else if (preg_match('/\|$/', $file))
{
$file = substr($file, 0, -1);
$display = get_stored_info($file, $dir.$links_file);
if ($display == '')
{
$display = $file;
}
echo 'dir=', translate_uri($subdir), '&amp;link=',
translate_uri($file), '" title="Link to: ', $file, '">',
icon(ext($display)), htmlentities($display), '</a><br />';
}
else
{
echo 'dir=', translate_uri(dirname($file)).'/&amp;file=',
translate_uri(get_basename($file)), '">',
icon(ext($file)), htmlentities($file), "</a><br />\n";
}
}
if (!count($results))
{
echo '</p><p><strong>[ ', $words['no results'], ' ]</strong></p>';
}
echo '</p><p>', $words['end of results'], ' (', count($results), ' ',
$words['found'], ')</p></td></tr></table>';
show_search_box();
echo '<p><a class="default_a" href="', $this_file, 'dir=',
translate_uri($subdir), '">Go back.</a></p>';
show_footer();
die();
}
 
//path navigation at the top
echo '<div>', $words['index of'], ' <a class="default_a" href="', $this_file,
'dir=">', htmlentities(substr(str_replace('/', ' / ', $base_dir), 0, -2)),
'</a>/ ';
$exploded = explode('/', $subdir);
$c = count($exploded) - 1;
for ($i=0; $i<$c; $i++)
{
echo '<a class="default_a" href="', $this_file, 'dir=';
for ($j=0; $j<=$i; $j++)
{
echo translate_uri($exploded[$j]), '/';
}
echo '">', htmlentities($exploded[$i]), '</a> / ';
}
 
//begin the table
echo "</div>\n\n", '<table width="100%" border="0" cellpadding="0" cellspacing="2"><tr>';
table_heading($words['file'], 'f', 'Sort by Filename');
if ($show_type_column)
{
table_heading('Type', 't', 'Sort by Type');
}
if ($download_count != '')
{
table_heading('Downloads', 'h', 'Sort by Hits');
}
if ($show_size_column)
{
table_heading($words['size'], 's', 'Sort by Size');
}
if ($show_date_column)
{
table_heading($words['modified'], 'm', 'Sort by Date');
}
if ($description_file != '')
{
table_heading('Description', 'd', 'Sort by Description');
}
echo '</tr>';
 
if ($subdir != '')
//if they are not in the root folder, have a link to the parent directory
{
echo '<tr class="light_row"><td class="default_td" colspan="6"><a class="default_a" href="', $this_file, 'dir=';
$subdir = substr($subdir, 0, -1);
echo translate_uri(substr($subdir, 0, strrpos($subdir,'/'))), '/">';
if ($icon_path != '')
{
echo "<img height=\"16\" width=\"16\" src=\"$icon_path/back.png\" alt=\"[dir]\" /> ";
}
echo $words['parent directory'], '</a></td></tr>';
$subdir .= '/';
}
 
flush();
 
$file_array = get_file_list($dir);
$size_array = $date_a_array = $date_m_array = $desc_array = $hit_array = $type_array = array();
 
$c = count($file_array);
for ($i=0; $i<$c; $i++)
{
$thisf = $dir.$file_array[$i];
if (preg_match('/\|$/', $thisf)) //it is a link
{
$thisf = substr($thisf, 0, -1);
$type_array[] = ($show_type_column ? ext(get_stored_info(substr($file_array[$i], 0, -1), $dir.$links_file)) : '');
$hit_array[] = (($download_count != '' && !@is_dir($thisf)) ? (int)(get_stored_info(substr($file_array[$i], 0, -1), $download_count)) : 0);
$date_m_array[] = 'N/A';
$date_a_array[] = 'N/A';
$size_array[] = '[Link]';
}
else //it is an actual file or folder
{
$size_array[] = ($show_size_column ? (@is_dir($thisf) ? ($show_dir_size ? dir_size("$thisf/") : 0) : max((int)@filesize($thisf), 0)) : 0);
$type_array[] = (($show_type_column && !@is_dir($thisf)) ? ext($thisf) : '');
$hit_array[] = (($download_count != '' && !@is_dir($thisf)) ? (int)(get_stored_info($thisf, $download_count)) : 0);
if ($show_date_column)
{
$date_m_array[] = filemtime($thisf);
$date_a_array[] = fileatime($thisf);
}
else
{
$date_m_array[] = 0;
$date_a_array[] = 0;
}
}
$desc_array[] = (($description_file == '') ? '' : get_stored_info($thisf, $description_file));
}
 
switch (strtolower($_SESSION['sortMode']))
{
case 's':
array_multisort($size_array, $file_array, $date_m_array,
$date_a_array, $hit_array, $desc_array, $type_array);
break;
case 'm':
array_multisort($date_m_array, $file_array, $size_array,
$date_a_array, $hit_array, $desc_array, $type_array);
break;
case 'd':
array_multisort($desc_array, $file_array, $date_m_array,
$size_array, $date_a_array, $hit_array, $type_array);
break;
case 'h':
array_multisort($hit_array, $file_array, $date_m_array,
$size_array, $date_a_array, $desc_array, $type_array);
break;
case 't':
array_multisort($type_array, $file_array, $hit_array,
$date_m_array, $size_array, $date_a_array, $desc_array);
}
 
if (strtolower($_SESSION['sort']) === 'd')
//if the current sort mode is set to descending, reverse all the arrays
{
$file_array = array_reverse($file_array);
$size_array = array_reverse($size_array);
$date_m_array = array_reverse($date_m_array);
$date_a_array = array_reverse($date_a_array);
$desc_array = array_reverse($desc_array);
$hit_array = array_reverse($hit_array);
$type_array = array_reverse($type_array);
}
 
$folder_count = $file_count = $dl_count = 0;
 
for ($i=0; $i<$c; $i++)
//display the list of files
{
$value = $file_array[$i];
echo "\n<tr class=", (($i % 2 == ($subdir == '')) ? '"dark_row">' : '"light_row">');
 
//file column
echo '<td class="default_td" align="left" valign="top"><a class="default_a" href="', $this_file;
$npart = $dir . $value;
if (preg_match('/\|$/', $value)) //it is a link, not an actual file
{
$value = substr($value, 0, -1);
$npart = substr($npart, 0, -1);
$display = get_stored_info($value, $dir.$links_file);
if ($display == '')
{
$display = $value;
}
echo 'dir=', translate_uri($subdir), '&amp;link=',
translate_uri($value), '" title="Link to: ', $value, '">',
icon(ext($display)), htmlentities($display), '</a>';
}
else //it is a real file or folder
{
if (@is_dir($npart))
{
$folder_count++;
if ($icon_path != '')
{
if ($folder_expansion)
{
$listVal = (in_array($npart, $_SESSION['expanded']) ? 'collapse' : 'expand');
echo 'dir=', translate_uri($subdir), "&amp;$listVal=", translate_uri($value),
'"><img height="16" width="16" alt="[dir]" src="',
$icon_path.'/dir.png" /></a> ',
'<a class="default_a" href="', $this_file, 'dir=',
translate_uri($subdir . $value), '/">';
}
else
{
echo 'dir=', translate_uri($subdir . $value), '/">',
'<img height="16" width="16" alt="[dir]" src="', $icon_path, '/dir.png" /> ';
}
}
else
{
echo 'dir=', translate_uri($subdir . $value), '/">';
}
echo htmlentities($value).'</a>';
if ($show_folder_count)
{
$n = num_files($npart);
$s = (($n == 1) ? $words['file'] : $words['files']);
echo " [$n $s]";
}
}
else //is a file
{
$file_count++;
echo 'dir=', translate_uri($subdir), '&amp;file=',
translate_uri($value), "\">",
icon(ext($npart)), htmlentities($value), '</a>';
if ($md5_show && $size_array[$i] > 0 && $size_array[$i] / 1048576 <= $md5_show)
{
echo ' [<a class="default_a" href="', $this_file,
'dir=', translate_uri($subdir), '&amp;md5=',
translate_uri($value), '"><span class="small">get md5sum</span></a>]';
}
}
if ($use_login_system && logged_in() && is_admin())
{
echo ' [<a class="default_a" href="', $this_file, 'dir='.translate_uri($subdir),
'&amp;delete=', translate_uri($value), '"><span class="small">delete</span></a>, ',
'<a class="default_a" href="', $this_file, 'dir=', translate_uri($subdir),
'&amp;rename=', translate_uri($value), '"><span class="small">rename/move</span></a>]';
}
$age = (time() - $date_m_array[$i]) / 86400;
$age_r = round($age, 1);
$s = (($age_r == 1) ? '' : 's');
if ($days_new && $age <= $days_new)
{
echo (($icon_path == '') ? ' <span class="small" style="color: #FF0000;">[New]</span>'
: ' <img alt="'."$age_r day$s".' old" height="14" width="28" src="'.$icon_path.'/new.png" />');
}
if ($folder_expansion && @is_dir($npart) && in_array($npart, $_SESSION['expanded']))
{
$ex_array = get_file_list($npart.'/');
if ($_SESSION['sort'] == 'd' && $_SESSION['sortMode'] == 'f')
{
$ex_array = array_reverse($ex_array);
}
echo '<ul>';
for ($j=0; $j<count($ex_array); $j++)
{
$element = $ex_array[$j];
echo '<li><a class="default_a" href="'.$this_file
.((@is_file("$npart/$element")) ? 'dir='.translate_uri($subdir.$value).'/&amp;file='
.translate_uri($element).'">' : 'dir='.translate_uri("$subdir$value/$element/").'">');
if (@is_file("$npart/$element"))
{
echo icon(ext($element));
}
else if ($icon_path != '')
{
echo '<img height="16" width="16" alt="[dir]" src="',
$icon_path, '/dir.png" /> ';
}
echo htmlentities($element), "</a></li>\n";
}
echo '</ul>';
}
}
if ($use_login_system && $description_file != '' && logged_in() && is_admin())
//"edit description" link
{
echo ' [<a class="default_a" href="', $this_file, 'dir=',
translate_uri($subdir), '&amp;descFile=', translate_uri($value),
'"><span class="small">change description</span></a>]';
}
if ($thumbnail_height > 0 && in_array(ext($value), array('png', 'jpg', 'jpeg', 'gif')) && @is_file($npart))
//display the thumbnail image
{
echo ' <a href="'.$this_file.'dir=', translate_uri($subdir), '&amp;file=',
translate_uri($value), '"><img src="', $this_file,
'dir=', translate_uri($subdir), '&amp;thumbnail=', translate_uri($value),
'" alt="Thumbnail of ', $value, '" /></a>';
}
echo '</td>'; //end filename column
//filetype column
if ($show_type_column)
{
echo '<td class="default_td" align="left" valign="top">',
(($type_array[$i] == '') ? '&nbsp;' : htmlentities($type_array[$i])), '</td>';
}
 
//hits column
if ($download_count != '')
{
$dl_count += $hit_array[$i];
echo '<td class="default_td" align="right" valign="top">',
((!@is_dir($npart)) ? $hit_array[$i] : '&nbsp;'), '</td>';
}
 
//size column
if ($show_size_column)
{
echo '<td class="default_td" align="right" valign="top">';
$ds = $size_array[$i];
if ($ds === '[Link]')
{
echo $ds;
}
else
{
$total_bytes += $ds;
$size_h = get_filesize($ds);
echo (@is_dir($npart) ?
($show_dir_size ? "<a title=\"$value/\n".number_format($ds, 0, '.', ',')." bytes ($size_h)\">$size_h</a>" : '[dir]')
: "<a title=\"$value\n".number_format($ds, 0, '.', ',')." bytes ($size_h)\">$size_h</a>");
}
echo '</td>';
}
 
//date column
if ($show_date_column)
{
echo '<td class="default_td" align="right" valign="top">';
if ($date_a_array[$i] == 'N/A')
{
echo 'N/A';
}
else
{
$a = date($date_format.' h:i:s A', $date_a_array[$i]);
$m = date($date_format.' h:i:s A', $date_m_array[$i]);
echo "<a title=\"$value\nLast Modified: $m\nLast Accessed: $a\">",
date($date_format, $date_m_array[$i]), '</a>';
}
echo '</td>';
}
//description column
if ($description_file != '')
{
echo '<td class="default_td" align="left" valign="top">',
(($desc_array[$i] != '') ? $desc_array[$i] : '&nbsp;'), '</td>';
}
echo "</tr>\n";
}
 
//footer of the table
echo '<tr><th class="default_th"><span class="small">', "\n$file_count ",
$words[(($file_count == 1) ? 'file' : 'files')],
" - $folder_count ", $words['folders'], '</span></th>';
if ($show_type_column)
{
echo "<th class='default_th'>&nbsp;</th>";
}
if ($download_count != '')
{
echo "<th class='default_th'><span class='small'>Total: $dl_count</span></th>";
}
if ($show_size_column)
{
echo '<th class="default_th"><span class="small">', $words['total size'], ': <a title="' ,$words['total size'], ":\n",
number_format($total_bytes, 0, '.', ','), ' bytes (', get_filesize($total_bytes), ')">',
get_filesize($total_bytes), "</a></span></th>\n";
}
if ($show_date_column)
{
echo '<th class="default_th">&nbsp;</th>';
}
if ($description_file != '')
{
echo '<th class="default_th">&nbsp;</th>';
}
echo '</tr></table><div class="small" style="text-align: right;">Powered by <a class="default_a" href="http://autoindex.sourceforge.net/">AutoIndex PHP Script</a></div>';
/*
* We request that you do not remove the link to the AutoIndex website.
* This not only gives respect to the large amount of time given freely by the
* developer, but also helps build interest, traffic, and use of AutoIndex.
*/
 
echo "\n", '<table width="100%" border="0" cellpadding="0" cellspacing="2">
<tr valign="top"><td>';
if ($enable_searching)
{
show_search_box();
}
 
if ($use_login_system)
{
if (!logged_in())
{
echo '</td><td>';
show_login_box();
}
else //show user options
{
echo '<br /><table border="0" cellpadding="8" cellspacing="0"><tr class="paragraph"><td class="default_td">';
if (is_admin())
{
echo '<p><a class="default_a" href="'.$this_file.'config=true">Reconfigure script</a></p>',
'<p><a class="default_a" href="'.$this_file.'admin=true">User account management</a>',
'<br /><a class="default_a" href="'.$this_file.'log=true">Log file viewer / statistics</a>',
'<br /><a class="default_a" href="'.$this_file.'edit_links=true&amp;dir='.translate_uri($subdir).'">Links file editor</a>',
'<br /><a class="default_a" href="'.$this_file.'edit_ban=true">Edit ban list</a></p>',
'<p><a class="default_a" href="'.$this_file.'getcreate=true&amp;dir='.translate_uri($subdir).'">Create a folder (in current directory)</a>',
'<br /><a class="default_a" href="'.$this_file.'copyURL=true&amp;dir='.translate_uri($subdir).'">Copy a remote file (to current directory)</a></p>';
}
echo '<p><a class="default_a" href="', $this_file,
'passwd=true">Change password</a><br /><a class="default_a" href="', $this_file,
'logout=true">Log out [ ', $_SESSION['user'], ' ]</a></p></td></tr></table>';
}
}
echo '</td></tr></table>';
 
if ($allow_uploads && (!$use_login_system || logged_in()))
{
echo "<form method='post' action='$this_file'>
<input type='hidden' name='dir' value='$subdir' />
Upload <select size='1' name='numUpload'>";
for ($i=1; $i<=10; $i++)
{
echo "\t<option>$i</option>\n";
}
echo '</select> file(s) to this folder <input type="submit" value="Go" /></form>';
}
 
if ($select_language)
{
echo '<p style="text-align: left;">Select Language:</p>',
"<form method='get' action='$this_file'><div><select name='lang'>";
$l = get_all_files($path_to_language_files);
sort($l);
for ($i=0; $i<count($l); $i++)
{
if (@is_file($path_to_language_files.$l[$i]) &&
preg_match('/^[a-z]{2}(_[a-z]{2})?\.php$/i', $l[$i]))
{
$f = substr(get_basename($l[$i]), 0, -4);
$sel = (($f == $_SESSION['lang']) ? ' selected="selected"' : '');
echo "\t<option$sel>$f</option>\n";
}
}
echo '</select><input type="submit" value="Change" />';
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo '</div></form>';
}
 
show_footer();
 
//find time it took for the page to generate, in milliseconds
$page_time = round((get_microtime() - $start_time) * 1000, 1);
 
echo '
<!--
 
Powered by AutoIndex PHP Script (version '.VERSION.')
Copyright (C) 2002-2005 Justin Hagstrom
http://autoindex.sourceforge.net
 
Page generated in ', $page_time, ' milliseconds.
 
-->
'; //We request that you retain the above copyright notice.
 
if ($index == '')
{
echo '</body></html>';
}
 
?>