0,0 → 1,2634 |
<?php |
|
/*************************************************************************** |
AutoIndex PHP Script, by Justin Hagstrom |
------------------- |
|
filename : index.php |
version : 1.5.2 |
date : January 04, 2005 |
|
copyright : Copyright (C) 2002-2005 Justin Hagstrom |
license : GNU General Public License (GPL) |
|
website & forum : http://autoindex.sourceforge.net |
e-mail : JustinHagstrom [at] yahoo [dot] com |
|
|
AutoIndex PHP Script is free software; you can redistribute it and/or modify |
it under the terms of the GNU General Public License as published by |
the Free Software Foundation; either version 2 of the License, or |
(at your option) any later version. |
|
AutoIndex PHP Script is distributed in the hope that it will be useful, |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
GNU General Public License for more details. |
|
You should have received a copy of the GNU General Public License |
along with this program; if not, write to the Free Software |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
|
***************************************************************************/ |
|
//some basic compatibility for PHP 4.0.x |
if (!isset($_GET)) { $_GET = &$HTTP_GET_VARS; } |
if (!isset($_POST)) { $_POST = &$HTTP_POST_VARS; } |
if (!isset($_SESSION)) { $_SESSION = &$HTTP_SESSION_VARS; } |
if (!isset($_SERVER)) { $_SERVER = &$HTTP_SERVER_VARS; } |
if (!isset($_COOKIE)) { $_COOKIE = &$HTTP_COOKIE_VARS; } |
if (!isset($_FILES)) { $_FILES = &$HTTP_POST_FILES; } |
|
/* OPTIONAL SETTINGS */ |
|
$stored_config = 'AutoIndex.conf.php'; |
$config_generator = 'config.php'; |
|
$date_format = 'Y-M-d'; //see http://php.net/date |
|
/* END OPTIONAL SETTINGS */ |
|
|
function get_microtime() |
{ |
list($usec, $sec) = explode(' ', microtime()); |
return ((float)$usec + (float)$sec); |
} |
$start_time = get_microtime(); |
|
session_name('AutoIndex'); |
session_start(); |
|
if (@get_magic_quotes_gpc()) |
//remove any slashes added by the "magic quotes" setting |
{ |
$_GET = array_map('stripslashes', $_GET); |
$_POST = array_map('stripslashes', $_POST); |
} |
@set_magic_quotes_runtime(0); |
|
if (ini_get('zlib.output_compression') == '1') |
//compensate for compressed output set in php.ini |
{ |
header('Content-Encoding: gzip'); |
} |
|
define('VERSION', '1.5.2'); |
|
//now we need to include either the stored settings, or the config generator |
if (@is_file($stored_config)) |
{ |
if (!@include($stored_config)) |
{ |
die("<p>Error including file <em>$stored_config</em></p>"); |
} |
} |
else if (@is_file($config_generator)) |
{ |
define('CONFIG', true); |
if (!@include($config_generator)) |
{ |
die("<p>Error including file <em>$config_generator</em></p>"); |
} |
die(); |
} |
else |
{ |
die("<p>Error: Neither <em>$config_generator</em> nor <em>$stored_config</em> could be found.</p>"); |
} |
|
$this_file = (($index == '') ? $_SERVER['PHP_SELF'] : $index); |
$this_file .= ((strpos($this_file, '?') !== false) ? '&' : '?'); |
$referrer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'N/A'); |
|
//make sure all the variables are set correctly from the stored settings |
$config_vars = array('base_dir', 'icon_path', 'stylesheet', 'use_login_system', |
'allow_uploads', 'must_login_to_download', 'user_list', 'allow_file_overwrites', |
'log_file', 'dont_log_these_ips', 'download_count', 'links_file', 'lang', |
'sub_folder_access', 'index', 'hidden_files', 'show_only_these_files', |
'force_download', 'bandwidth_limit', 'anti_leech', 'enable_searching', |
'show_dir_size', 'folder_expansion', 'show_folder_count', 'banned_list', |
'md5_show', 'header', 'footer', 'header_per_folder', 'footer_per_folder', |
'description_file', 'thumbnail_height', 'path_to_language_files', 'days_new', |
'select_language', 'show_type_column', 'show_size_column', 'show_date_column'); |
foreach ($config_vars as $this_var) |
{ |
if (!isset($$this_var)) |
{ |
die("<p>Error: AutoIndex is not configured properly. |
<br />The variable <strong>$this_var</strong> is not set.</p> |
<p>Delete <em>$stored_config</em> and then run <em>$config_generator</em>.</p>"); |
} |
} |
|
//find the language the script should be displayed in |
if ($select_language && isset($_GET['lang']) |
&& preg_match('/^[a-z]{2}(_[a-z]{2})?$/i', $_GET['lang']) |
&& @is_file($path_to_language_files.$_GET['lang'].'.php')) |
{ |
$_SESSION['lang'] = $_GET['lang']; |
} |
else if (!isset($_SESSION['lang'])) |
{ |
$_SESSION['lang'] = $lang; |
} |
@include($path_to_language_files.$_SESSION['lang'].'.php'); |
|
if (!isset($words)) |
{ |
die('<p>Error: You need to include a language.php file that has the variable $words. |
<br />Check the $lang and $path_to_language_files variables.</p>'); |
} |
|
$global_user_list = ($use_login_system ? @file($user_list) : array()); |
if ($global_user_list === false) |
{ |
die("<p>Could not open file <strong>$user_list</strong></p>"); |
} |
|
function translate_uri($uri) |
//rawurlencodes $uri, but not any slashes |
{ |
$uri = rawurlencode(str_replace('\\', '/', $uri)); |
return str_replace(rawurlencode('/'), '/', $uri); |
} |
|
function get_basename($fn) |
//returns everything after the slash, or the original string if there is no slash |
{ |
return basename(str_replace('\\', '/', $fn)); |
} |
|
function match_in_array($string, &$array) |
//returns true if $string matches anything in the array |
{ |
$string = get_basename($string); |
static $replace = array( |
'\*' => '[^\/]*', |
'\+' => '[^\/]+', |
'\?' => '[^\/]?'); |
foreach ($array as $m) |
{ |
if (preg_match('/^'.strtr(preg_quote(get_basename($m), '/'), $replace).'$/i', $string)) |
{ |
return true; |
} |
} |
return false; |
} |
|
function check_login($user, $pass) |
{ |
global $global_user_list; |
foreach ($global_user_list as $look) |
{ |
if ((strcasecmp(substr(rtrim($look), 33), $user) === 0) |
&& (strcasecmp(substr(rtrim($look), 0, 32), $pass) === 0)) |
{ |
return true; |
} |
} |
return false; |
} |
|
function logged_in() |
{ |
return (isset($_SESSION['user'], $_SESSION['pass']) && |
check_login($_SESSION['user'], $_SESSION['pass'])); |
} |
|
function is_user_admin($user) |
{ |
global $global_user_list; |
foreach ($global_user_list as $look) |
{ |
if (strcasecmp($user, substr(rtrim($look), 33)) === 0) |
{ |
return (substr($look, 32, 1) === '1'); |
} |
} |
return false; |
} |
|
function is_admin() |
{ |
return is_user_admin($_SESSION['user']); |
} |
|
function is_hidden($fn, $is_file = true) |
//looks at $hidden_files and $show_only_these_files to see if $fn is hidden |
{ |
if ($fn == '') |
{ |
return true; |
} |
global $use_login_system; |
if ($use_login_system && logged_in() && is_admin()) |
//allow admins to view hidden files |
{ |
return false; |
} |
global $hidden_files, $show_only_these_files; |
if ($is_file && count($show_only_these_files)) |
{ |
return (!match_in_array($fn, $show_only_these_files)); |
} |
if (!count($hidden_files)) |
{ |
return false; |
} |
return match_in_array($fn, $hidden_files); |
} |
|
function eval_dir($d) |
//check $d for "bad" things, and deal with ".." |
{ |
$d = str_replace('\\', '/', $d); |
if ($d == '' || $d == '/') |
{ |
return ''; |
} |
$dirs = explode('/', $d); |
for ($i=0; $i<count($dirs); $i++) |
{ |
if ($dirs[$i] == '.' || is_hidden($dirs[$i], false)) |
{ |
array_splice($dirs, $i, 1); |
$i--; |
} |
else if (preg_match('/^\.\./', $dirs[$i])) //if it starts with two dots |
{ |
array_splice($dirs, $i-1, 2); |
$i = -1; |
} |
} |
$new_dir = implode('/', $dirs); |
if ($new_dir == '' || $new_dir == '/') |
{ |
return ''; |
} |
if ($d{0} == '/' && $new_dir{0} != '/') |
{ |
$new_dir = '/'.$new_dir; |
} |
if (preg_match('#/$#', $d) && !preg_match('#/$#', $new_dir)) |
{ |
$new_dir .= '/'; |
} |
else if (is_hidden(get_basename($d))) |
{ |
return ''; |
} |
return $new_dir; |
} |
|
//get the user defined variables that are in the URL |
$subdir = (isset($_GET['dir']) ? eval_dir(rawurldecode($_GET['dir'])) : ''); |
$file_dl = (isset($_GET['file']) ? rawurldecode($_GET['file']) : ''); |
$search = (isset($_GET['search']) ? $_GET['search'] : ''); |
$search_mode = (isset($_GET['searchMode']) ? $_GET['searchMode'] : ''); |
while (preg_match('#\\\\|/$#', $file_dl)) |
{ |
$file_dl = substr($file_dl, 0, -1); |
} |
$file_dl = eval_dir($file_dl); |
|
if (!@is_dir($base_dir)) |
{ |
die('<p>Error: <em>'.htmlentities($base_dir) |
.'</em> is not a valid directory.<br />Check the $base_dir variable.</p>'); |
} |
|
if (!$sub_folder_access || $subdir == '/') |
{ |
$subdir = ''; |
} |
else if (preg_match('#[^/\\\\]$#', $subdir)) |
{ |
$subdir .= '/'; //add a slash to the end if there isn't one |
} |
|
$dir = $base_dir.$subdir; |
|
//this will be displayed before any HTML output |
$html_heading = ''; |
|
if ($index == '') |
{ |
$html_heading .= '<?xml version="1.0" encoding="UTF-8"?> |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> |
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$_SESSION['lang'].'"> |
<head>'; |
} |
if ($stylesheet != '') |
{ |
$html_heading .= "\n<link rel=\"stylesheet\" href=\"$stylesheet\" type=\"text/css\" title=\"AutoIndex Default\" />\n"; |
} |
if ($index == '') |
{ |
$html_heading .= "\n<title>".$words['index of'].' '.htmlentities($dir) |
."</title>\n\n</head><body class='autoindex_body'>\n\n"; |
} |
|
function show_header() |
{ |
global $header, $header_per_folder, $dir; |
if ($header != '') |
{ |
if ($header_per_folder) |
{ |
$header = $dir.$header; |
} |
if (@is_readable($header)) |
{ |
include($header); |
} |
} |
} |
|
function show_footer() |
{ |
global $footer, $footer_per_folder, $dir; |
if ($footer != '') |
{ |
if ($footer_per_folder) |
{ |
$footer = $dir.$footer; |
} |
if (@is_readable($footer)) |
{ |
include($footer); |
} |
} |
} |
|
function show_login_box() |
{ |
global $this_file, $subdir, $icon_path; |
$sd = translate_uri($subdir); |
echo '<p /><table border="0" cellpadding="8" cellspacing="0"> |
<tr class="paragraph"><td class="default_td"><img src="', $icon_path, |
'/login.png" width="12" height="14" alt="Login" /> Login:', |
"\n<form method='post' action='{$this_file}dir=$sd'> |
<table><tr class=\"paragraph\"><td>Username:</td> |
<td><input type='text' name='user' /> |
</td></tr><tr class=\"paragraph\"><td>Password:</td> |
<td><input type='password' name='pass' /></td></tr></table> |
<p><input class='button' type='submit' value='Login' /></p> |
</form></td></tr></table>"; |
} |
|
function show_search_box() |
{ |
global $index, $search, $words, $search_mode, $this_file, $subdir, $icon_path; |
echo '<p /><table border="0" cellpadding="8" cellspacing="0"> |
<tr class="paragraph"><td class="default_td"><img src="', $icon_path, |
'/search.png" width="16" height="16" alt="', $words['search'], '" /> ', |
$words['search'], ":<br /><form method='get' action='$this_file'> |
<p><input type='text' name='search' value='$search' />\n"; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo "\n<input type='hidden' name='dir' value='", translate_uri($subdir), |
"' /><br /><select name='searchMode'>\n"; |
$search_modes = array($words['files'] => 'f', $words['folders'] => 'd', $words['both'] => 'fd'); |
foreach ($search_modes as $key => $element) |
{ |
$sel = (($search_mode == $element) ? ' selected="selected"' : ''); |
echo "\t<option$sel value='$element'>$key</option>\n"; |
} |
echo "</select><input type='submit' value='", $words['search'], |
'\' class="button" /></p></form></td></tr></table>'; |
} |
|
function is_username($user) |
{ |
global $html_heading, $global_user_list; |
foreach ($global_user_list as $look) |
{ |
if (strcasecmp($user, substr(rtrim($look), 33)) === 0) |
{ |
return true; |
} |
} |
return false; |
} |
|
function num_admins() |
//returns the number of accounts with admin rights |
{ |
global $html_heading, $global_user_list; |
$num = 0; |
foreach ($global_user_list as $look) |
{ |
if (substr($look, 32, 1) === '1') |
{ |
$num++; |
} |
} |
return $num; |
} |
|
function get_filesize($size) |
//give a size in bytes, and this will return the appropriate measurement format |
{ |
$size = max(0, $size); |
static $u = array(' B', 'KB', 'MB', 'GB'); |
for ($i=0; $size >= 1024 && $i < 4; $i++) |
{ |
$size /= 1024; |
} |
return number_format($size, 1).' '.$u[$i]; |
} |
|
function ext($fn) |
//return the lowercase file extension of $fn, not including the leading dot |
{ |
$fn = get_basename($fn); |
return (strpos($fn, '.') ? strtolower(substr(strrchr($fn, '.'), 1)) : ''); |
} |
|
function get_all_files($path) |
//returns an array of every file in $path, including folders (except ./ and ../) |
{ |
$list = array(); |
if (($hndl = @opendir($path)) === false) |
{ |
return $list; |
} |
while (($file=readdir($hndl)) !== false) |
{ |
if ($file != '.' && $file != '..') |
{ |
$list[] = $file; |
} |
} |
closedir($hndl); |
return $list; |
} |
|
function get_file_list($path) |
//returns a sorted array of filenames. Filters out "bad" files |
{ |
global $sub_folder_access, $links_file; |
$f = $d = array(); |
foreach (get_all_files($path) as $name) |
{ |
if ($sub_folder_access && @is_dir($path.$name) && !is_hidden($name, false)) |
{ |
$d[] = $name; |
} |
else if (@is_file($path.$name) && !is_hidden($name, true)) |
{ |
$f[] = $name; |
} |
} |
if ($links_file != '' && ($links = @file($path.$links_file))) |
{ |
foreach ($links as $name) |
{ |
$p = strpos($name, '|'); |
$f[] = (($p === false) ? rtrim($name).'|' : substr(rtrim($name), 0, $p).'|'); |
} |
} |
natcasesort($d); |
natcasesort($f); |
return array_merge($d, $f); |
} |
|
function dir_size($dir) |
//returns the total size of a directory (recursive) in bytes |
{ |
$totalsize = 0; |
foreach (get_file_list($dir) as $name) |
{ |
$totalsize += (@is_dir($dir.$name) ? dir_size("$dir$name/") : (int)@filesize($dir.$name)); |
} |
return $totalsize; |
} |
|
function match_filename($filename, $string) |
{ |
if (preg_match_all('/(?<=")[^"]+(?=")|[^ "]+/', $string, $matches)) |
{ |
foreach ($matches[0] as $w) |
{ |
if (preg_match('#[^/\.]+#', $w) && stristr($filename, $w)) |
{ |
return true; |
} |
} |
} |
return false; |
} |
|
function search_dir($sdir, $string) |
//returns files/folders (recursive) in $sdir that contain $string |
{ |
global $search_mode; |
//search_mode: d=folders, f=files, fd=both |
|
$found = array(); |
$list = get_file_list($sdir); |
$d = count($list); |
for ($i=0; $i<$d; $i++) |
{ |
$full_name = $sdir.$list[$i]; |
if (stristr($search_mode, 'f') && (@is_file($full_name) || preg_match('/\|$/', $list[$i])) && match_filename($list[$i], $string)) |
{ |
$found[] = $full_name; |
} |
else if (@is_dir($full_name)) |
{ |
if (stristr($search_mode, 'd') && match_filename($list[$i], $string)) |
{ |
$found[] = $full_name; |
} |
$found = array_merge($found, search_dir($full_name.'/', $string)); |
} |
} |
return $found; |
} |
|
function add_num_to_array($num, &$array) |
{ |
isset($array[$num]) ? $array[$num]++ : $array[$num] = 1; |
} |
|
function mkdir_recursive($path) |
{ |
if (@is_dir($path)) |
{ |
return true; |
} |
if (!mkdir_recursive(dirname($path))) |
{ |
return false; |
} |
return @mkdir($path, 0755); |
} |
|
function rmdir_recursive($path) |
{ |
if (!preg_match('#/$#', $path)) |
{ |
$path .= '/'; |
} |
foreach (get_all_files($path) as $file) |
{ |
if ($file == '' || $file == '.' || $file == '..') |
{ |
continue; |
} |
if (@is_dir("$path$file/")) |
{ |
rmdir_recursive("$path$file/"); |
} |
else |
{ |
@unlink($path . $file); |
} |
} |
return @rmdir($path); |
} |
|
function num_files($dir) |
//returns the number of files in $dir (recursive) |
{ |
$count = 0; |
if (!preg_match('#/$#', $dir)) |
{ |
$dir .= '/'; |
} |
$list = get_file_list($dir); |
$d = count($list); |
for ($i=0; $i<$d; $i++) |
{ |
$count += (@is_dir($dir.$list[$i]) ? num_files($dir.$list[$i]) : 1); |
} |
return $count; |
} |
|
function redirect($site) |
{ |
header("Location: $site"); |
die('<p>Redirection header could not be sent.<br />' |
."Continue here: <a href=\"$site\">$site</a></p>"); |
} |
|
function find_mime_type($ext) |
{ |
static $mime_types = array( |
'application/andrew-inset' => array('ez'), |
'application/mac-binhex40' => array('hqx'), |
'application/mac-compactpro' => array('cpt'), |
'application/mathml+xml' => array('mathml'), |
'application/msword' => array('doc'), |
'application/octet-stream' => array('bin', 'dms', 'lha', |
'lzh', 'exe', 'class', 'so', 'dll', 'dmg'), |
'application/oda' => array('oda'), |
'application/ogg' => array('ogg'), |
'application/pdf' => array('pdf'), |
'application/postscript' => array('ai', 'eps', 'ps'), |
'application/rdf+xml' => array('rdf'), |
'application/smil' => array('smi', 'smil'), |
'application/srgs' => array('gram'), |
'application/srgs+xml' => array('grxml'), |
'application/vnd.mif' => array('mif'), |
'application/vnd.mozilla.xul+xml' => array('xul'), |
'application/vnd.ms-excel' => array('xls'), |
'application/vnd.ms-powerpoint' => array('ppt'), |
'application/vnd.wap.wbxml' => array('wbxml'), |
'application/vnd.wap.wmlc' => array('wmlc'), |
'application/vnd.wap.wmlscriptc' => array('wmlsc'), |
'application/voicexml+xml' => array('vxml'), |
'application/x-bcpio' => array('bcpio'), |
'application/x-cdlink' => array('vcd'), |
'application/x-chess-pgn' => array('pgn'), |
'application/x-cpio' => array('cpio'), |
'application/x-csh' => array('csh'), |
'application/x-director' => array('dcr', 'dir', 'dxr'), |
'application/x-dvi' => array('dvi'), |
'application/x-futuresplash' => array('spl'), |
'application/x-gtar' => array('gtar'), |
'application/x-hdf' => array('hdf'), |
'application/x-javascript' => array('js'), |
'application/x-koan' => array('skp', 'skd', 'skt', 'skm'), |
'application/x-latex' => array('latex'), |
'application/x-netcdf' => array('nc', 'cdf'), |
'application/x-sh' => array('sh'), |
'application/x-shar' => array('shar'), |
'application/x-shockwave-flash' => array('swf'), |
'application/x-stuffit' => array('sit'), |
'application/x-sv4cpio' => array('sv4cpio'), |
'application/x-sv4crc' => array('sv4crc'), |
'application/x-tar' => array('tar'), |
'application/x-tcl' => array('tcl'), |
'application/x-tex' => array('tex'), |
'application/x-texinfo' => array('texinfo', 'texi'), |
'application/x-troff' => array('t', 'tr', 'roff'), |
'application/x-troff-man' => array('man'), |
'application/x-troff-me' => array('me'), |
'application/x-troff-ms' => array('ms'), |
'application/x-ustar' => array('ustar'), |
'application/x-wais-source' => array('src'), |
'application/xhtml+xml' => array('xhtml', 'xht'), |
'application/xslt+xml' => array('xslt'), |
'application/xml' => array('xml', 'xsl'), |
'application/xml-dtd' => array('dtd'), |
'application/zip' => array('zip'), |
'audio/basic' => array('au', 'snd'), |
'audio/midi' => array('mid', 'midi', 'kar'), |
'audio/mpeg' => array('mpga', 'mp2', 'mp3'), |
'audio/x-aiff' => array('aif', 'aiff', 'aifc'), |
'audio/x-mpegurl' => array('m3u'), |
'audio/x-pn-realaudio' => array('ram', 'ra'), |
'application/vnd.rn-realmedia' => array('rm'), |
'audio/x-wav' => array('wav'), |
'chemical/x-pdb' => array('pdb'), |
'chemical/x-xyz' => array('xyz'), |
'image/bmp' => array('bmp'), |
'image/cgm' => array('cgm'), |
'image/gif' => array('gif'), |
'image/ief' => array('ief'), |
'image/jpeg' => array('jpeg', 'jpg', 'jpe'), |
'image/png' => array('png'), |
'image/svg+xml' => array('svg'), |
'image/tiff' => array('tiff', 'tif'), |
'image/vnd.djvu' => array('djvu', 'djv'), |
'image/vnd.wap.wbmp' => array('wbmp'), |
'image/x-cmu-raster' => array('ras'), |
'image/x-icon' => array('ico'), |
'image/x-portable-anymap' => array('pnm'), |
'image/x-portable-bitmap' => array('pbm'), |
'image/x-portable-graymap' => array('pgm'), |
'image/x-portable-pixmap' => array('ppm'), |
'image/x-rgb' => array('rgb'), |
'image/x-xbitmap' => array('xbm'), |
'image/x-xpixmap' => array('xpm'), |
'image/x-xwindowdump' => array('xwd'), |
'model/iges' => array('igs', 'iges'), |
'model/mesh' => array('msh', 'mesh', 'silo'), |
'model/vrml' => array('wrl', 'vrml'), |
'text/calendar' => array('ics', 'ifb'), |
'text/css' => array('css'), |
'text/html' => array('html', 'htm'), |
'text/plain' => array('asc', 'txt'), |
'text/richtext' => array('rtx'), |
'text/rtf' => array('rtf'), |
'text/sgml' => array('sgml', 'sgm'), |
'text/tab-separated-values' => array('tsv'), |
'text/vnd.wap.wml' => array('wml'), |
'text/vnd.wap.wmlscript' => array('wmls'), |
'text/x-setext' => array('etx'), |
'video/mpeg' => array('mpeg', 'mpg', 'mpe'), |
'video/quicktime' => array('qt', 'mov'), |
'video/vnd.mpegurl' => array('mxu', 'm4u'), |
'video/x-msvideo' => array('avi'), |
'video/x-sgi-movie' => array('movie'), |
'x-conference/x-cooltalk' => array('ice') |
); |
foreach ($mime_types as $mime_type => $exts) |
{ |
if (in_array($ext, $exts)) |
{ |
return $mime_type; |
} |
} |
return 'text/plain'; |
} |
|
function icon($ext) |
//find the appropriate icon depending on the extension (returns a link to the image file) |
{ |
global $icon_path; |
if ($icon_path == '') |
{ |
return ''; |
} |
if ($ext == '') |
{ |
$icon = 'generic'; |
} |
else |
{ |
$icon = 'unknown'; |
static $icon_types = array( |
'binary' => array('bat', 'bin', 'com', 'dmg', 'dms', 'exe', 'msi', |
'msp', 'pif', 'pyd', 'scr', 'so'), |
'binhex' => array('hqx'), |
'cd' => array('bwi', 'bws', 'bwt', 'ccd', 'cdi', 'cue', 'img', |
'iso', 'mdf', 'mds', 'nrg', 'nri', 'sub', 'vcd'), |
'comp' => array('cfg', 'conf', 'inf', 'ini', 'log', 'nfo', 'reg'), |
'compressed' => array('7z', 'a', 'ace', 'ain', 'alz', 'amg', 'arc', |
'ari', 'arj', 'bh', 'bz', 'bz2', 'cab', 'deb', 'dz', 'gz', |
'io', 'ish', 'lha', 'lzh', 'lzs', 'lzw', 'lzx', 'msx', 'pak', |
'rar', 'rpm', 'sar', 'sea', 'sit', 'taz', 'tbz', 'tbz2', |
'tgz', 'tz', 'tzb', 'uc2', 'xxe', 'yz', 'z', 'zip', 'zoo'), |
'dll' => array('386', 'db', 'dll', 'ocx', 'sdb', 'vxd'), |
'doc' => array('abw', 'ans', 'chm', 'cwk', 'dif', 'doc', 'dot', |
'mcw', 'msw', 'pdb', 'psw', 'rtf', 'rtx', 'sdw', 'stw', 'sxw', |
'vor', 'wk4', 'wkb', 'wpd', 'wps', 'wpw', 'wri', 'wsd'), |
'image' => array('adc', 'art', 'bmp', 'cgm', 'dib', 'gif', 'ico', |
'ief', 'jfif', 'jif', 'jp2', 'jpc', 'jpe', 'jpeg', 'jpg', 'jpx', |
'mng', 'pcx', 'png', 'psd', 'psp', 'swc', 'sxd', 'tga', |
'tif', 'tiff', 'wmf', 'wpg', 'xcf', 'xif', 'yuv'), |
'java' => array('class', 'jar', 'jav', 'java', 'jtk'), |
'js' => array('ebs', 'js', 'jse', 'vbe', 'vbs', 'wsc', 'wsf', |
'wsh'), |
'key' => array('aex', 'asc', 'gpg', 'key', 'pgp', 'ppk'), |
'mov' => array('amc', 'dv', 'm4v', 'mac', 'mov', 'mp4v', 'mpg4', |
'pct', 'pic', 'pict', 'pnt', 'pntg', 'qpx', 'qt', 'qti', |
'qtif', 'qtl', 'qtp', 'qts', 'qtx'), |
'movie' => array('asf', 'asx', 'avi', 'div', 'divx', 'dvi', 'm1v', |
'm2v', 'mkv', 'movie', 'mp2v', 'mpa', 'mpe', 'mpeg', 'mpg', |
'mps', 'mpv', 'mpv2', 'ogm', 'ram', 'rmvb', 'rnx', 'rp', 'rv', |
'vivo', 'vob', 'wmv', 'xvid'), |
'pdf' => array('edn', 'fdf', 'pdf', 'pdp', 'pdx'), |
'php' => array('inc', 'php', 'php3', 'php4', 'php5', 'phps', |
'phtml'), |
'ppt' => array('emf', 'pot', 'ppa', 'pps', 'ppt', 'sda', 'sdd', |
'shw', 'sti', 'sxi'), |
'ps' => array('ai', 'eps', 'ps'), |
'sound' => array('aac', 'ac3', 'aif', 'aifc', 'aiff', 'ape', 'apl', |
'au', 'ay', 'bonk', 'cda', 'cdda', 'cpc', 'fla', 'flac', |
'gbs', 'gym', 'hes', 'iff', 'it', 'itz', 'kar', 'kss', 'la', |
'lpac', 'lqt', 'm4a', 'm4p', 'mdz', 'mid', 'midi', 'mka', |
'mo3', 'mod', 'mp+', 'mp1', 'mp2', 'mp3', 'mp4', 'mpc', |
'mpga', 'mpm', 'mpp', 'nsf', 'oda', 'ofr', 'ogg', 'pac', 'pce', |
'pcm', 'psf', 'psf2', 'ra', 'rm', 'rmi', 'rmjb', 'rmm', 'sb', |
'shn', 'sid', 'snd', 'spc', 'spx', 'svx', 'tfm', 'tfmx', |
'voc', 'vox', 'vqf', 'wav', 'wave', 'wma', 'wv', 'wvx', 'xa', |
'xm', 'xmz'), |
'tar' => array('gtar', 'tar'), |
'text' => array('c', 'cc', 'cp', 'cpp', 'cxx', 'diff', 'h', 'hpp', |
'hxx', 'm3u', 'md5', 'patch', 'pls', 'py', 'sfv', 'sh', |
'txt'), |
'uu' => array('uu', 'uud', 'uue'), |
'web' => array('asa', 'asp', 'aspx', 'cfm', 'cgi', 'css', 'dhtml', |
'dtd', 'grxml', 'htc', 'htm', 'html', 'htt', 'htx', 'jsp', 'lnk', |
'mathml', 'mht', 'mhtml', 'perl', 'pl', 'plg', 'rss', 'shtm', |
'shtml', 'stm', 'swf', 'tpl', 'wbxml', 'xht', 'xhtml', 'xml', |
'xsl', 'xslt', 'xul'), |
'xls' => array('csv', 'dbf', 'prn', 'pxl', 'sdc', 'slk', 'stc', 'sxc', |
'xla', 'xlb', 'xlc', 'xld', 'xlr', 'xls', 'xlt', 'xlw')); |
foreach ($icon_types as $png_name => $exts) |
{ |
if (in_array($ext, $exts)) |
{ |
$icon = $png_name; |
break; |
} |
} |
} |
return "<img alt=\"[$ext]\" height=\"16\" width=\"16\" src=\"$icon_path/$icon.png\" /> "; |
} |
|
function display_thumbnail($file, $thumbnail_height) |
{ |
global $html_heading; |
if (!@is_file($file)) |
{ |
header('HTTP/1.0 404 Not Found'); |
die("$html_heading<p>File not found: <em>".htmlentities($file).'</em></p>'); |
} |
switch (ext($file)) |
{ |
case 'gif': |
$src = @imagecreatefromgif($file); |
break; |
case 'jpeg': |
case 'jpg': |
case 'jpe': |
$src = @imagecreatefromjpeg($file); |
break; |
case 'png': |
$src = @imagecreatefrompng($file); |
break; |
default: |
die("$html_heading<p>Unsupported file extension.</p>"); |
} |
if ($src === false) |
{ |
die("$html_heading<p>Unsupported image type.</p>"); |
} |
|
header('Content-Type: image/jpeg'); |
header('Cache-Control: public, max-age=3600, must-revalidate'); |
header('Expires: '.gmdate('D, d M Y H:i:s', time()+3600).' GMT'); |
$src_height = imagesy($src); |
if ($src_height <= $thumbnail_height) |
{ |
imagejpeg($src, '', 95); |
} |
else |
{ |
$src_width = imagesx($src); |
$thumb_width = $thumbnail_height * ($src_width / $src_height); |
$thumb = imagecreatetruecolor($thumb_width, $thumbnail_height); |
imagecopyresampled($thumb, $src, 0, 0, 0, 0, $thumb_width, |
$thumbnail_height, $src_width, $src_height); |
imagejpeg($thumb); |
imagedestroy($thumb); |
} |
imagedestroy($src); |
die(); |
} |
|
function edit_description($fn, &$desc) |
//edits a file's description |
{ |
global $description_file, $html_heading; |
if ($description_file == '') |
{ |
return; |
} |
$wrote = false; |
$l = @file($description_file) or $l = array(); |
$h = @fopen($description_file, 'wb') or die("$html_heading<p>Cannot open description file for writing.</p>"); |
$count_num = count($l); |
for ($i=0; $i<$count_num; $i++) |
{ |
$items = explode('|', rtrim($l[$i]), 2); |
if (count($items) === 2 && $fn == $items[0]) |
{ |
fwrite($h, "$fn|$desc\n"); |
$wrote = true; |
} |
else |
{ |
fwrite($h, $l[$i]); |
} |
} |
if (!$wrote && $desc != '') |
{ |
fwrite($h, "$fn|$desc\n"); |
} |
fclose($h); |
} |
|
function add_to_file($item, $outfile) |
{ |
global $html_heading; |
$counted = false; |
if ($l = @file($outfile)) |
{ |
$count_num = count($l); |
for ($i=0; $i<$count_num; $i++) |
{ |
$thisc = rtrim($l[$i]); |
if ($item == substr($thisc, 0, strpos($thisc, '|'))) |
{ |
$counted = true; |
break; |
} |
} |
} |
if ($counted) |
{ |
$w = @fopen($outfile, 'wb') or die("$html_heading<p>Could not open <em>$outfile</em> file for writing.</p>"); |
for ($i=0; $i<$count_num; $i++) |
{ |
$items = explode('|', rtrim($l[$i]), 2); |
if (count($items) === 2 && $items[0] == $item) |
{ |
$nc = $items[1] + 1; |
fwrite($w, "$item|$nc\n"); |
} |
else |
{ |
fwrite($w, $l[$i]); |
} |
} |
} |
else |
{ |
$w = @fopen($outfile, 'ab') or die("$html_heading<p>Could not open <em>$outfile</em> file for writing.</p>"); |
fwrite($w, "$item|1\n"); |
} |
fclose($w); |
} |
|
function get_stored_info($item, $filename) |
{ |
if ($contents = @file($filename)) |
{ |
$count_num = count($contents); |
for ($i=0; $i<$count_num; $i++) |
{ |
$items = explode('|', rtrim($contents[$i]), 2); |
if (count($items) === 2 && $item == $items[0]) |
{ |
return $items[1]; |
} |
} |
} |
return ''; |
} |
|
function table_heading($title, $sortMode, $tooltip) |
{ |
global $this_file, $subdir; |
echo "\n<th class='default_th'><a class='black_link' title=\"$tooltip\" href=\"", |
$this_file, 'dir=', translate_uri($subdir), '&sort=', |
(($_SESSION['sort'] == 'a' && $_SESSION['sortMode'] == $sortMode) ? 'd' : 'a'), |
'&sortMode=', $sortMode, '">', $title, '</a></th>'; |
} |
|
//find and store the user's IP address and hostname: |
$ip = (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'N/A'); |
if (isset($_SESSION['host'])) |
{ |
$host = $_SESSION['host']; |
} |
else |
{ |
$_SESSION['host'] = $host = @gethostbyaddr($ip); |
} |
|
if ($banned_list != '' && ($b_list = @file($banned_list))) |
//make sure the IP or hostname is not banned |
{ |
for ($i=0; $i<count($b_list); $i++) |
{ |
$b_list[$i] = rtrim($b_list[$i]); |
} |
if (match_in_array($ip, $b_list) || match_in_array($host, $b_list)) |
{ |
echo $html_heading; |
show_header(); |
echo '<p>Sorry, the administrator has blocked your IP address or hostname.</p>'; |
show_footer(); |
die(); |
} |
} |
|
function ok_to_log() |
//returns true if the ip or hostname is not in $dont_log_these_ips |
{ |
global $ip, $host, $dont_log_these_ips; |
return (!(match_in_array($ip, $dont_log_these_ips) || |
($host != 'N/A' && match_in_array($host, $dont_log_these_ips)))); |
} |
|
if ($use_login_system && isset($_POST['user'], $_POST['pass']) |
&& $_POST['user'] != '' && $_POST['pass'] != '') |
//check login |
{ |
if (check_login($_POST['user'], md5($_POST['pass']))) |
{ |
if ($log_file != '' && ok_to_log()) |
{ |
if ($write = @fopen($log_file, 'ab')) |
{ |
fwrite($write, date($date_format)."\t".date('H:i:s') |
."\t$ip\t$host\t$referrer\t$dir\tSuccessful Login (username: " |
.$_POST['user'].")\n"); |
fclose($write); |
} |
} |
$_SESSION['user'] = $_POST['user']; |
$_SESSION['pass'] = md5($_POST['pass']); |
unset($_POST['pass'], $_POST['user']); |
redirect($this_file.'dir='.translate_uri($subdir)); |
} |
else |
{ |
echo '<h3>Invalid Login.</h3>'; |
if ($log_file != '' && ok_to_log()) |
{ |
if ($write = @fopen($log_file, 'ab')) |
{ |
fwrite($write, date($date_format)."\t".date('H:i:s') |
."\t$ip\t$host\t$referrer\t$dir\tInvalid Login (username: " |
.$_POST['user'].")\n"); |
fclose($write); |
} |
} |
sleep(1); //"freeze" the script for a second to prevent brute force attacks |
} |
} |
|
if ($use_login_system && $must_login_to_download && !logged_in()) |
//must login to download |
{ |
echo $html_heading; |
show_header(); |
echo '<p>You must login to download and view files.</p>'; |
show_login_box(); |
show_footer(); |
die(); |
} |
|
if ($md5_show && isset($_GET['md5'])) |
{ |
$file = $dir.eval_dir(rawurldecode($_GET['md5'])); |
if (!@is_file($file)) |
{ |
header('HTTP/1.0 404 Not Found'); |
die($html_heading.'<p>Error: file does not exist.</p>'); |
} |
$size = (int)@filesize($file); |
if ($size <= 0 || $size/1048576 > $md5_show) |
{ |
die($html_heading.'<p><strong>Error</strong>: empty file, or file too big to find the md5sum of (according to the $md5_show variable).</p>'); |
} |
die(md5_file($file)); |
} |
|
if ($thumbnail_height > 0 && isset($_GET['thumbnail']) && $_GET['thumbnail'] != '') |
{ |
$file = $dir.eval_dir(rawurldecode($_GET['thumbnail'])); |
display_thumbnail($file, $thumbnail_height); |
} |
|
if (isset($_GET['sort'])) |
{ |
$_SESSION['sort'] = $_GET['sort']; |
} |
else if (!isset($_SESSION['sort'])) |
{ |
//'a' is ascending, 'd' is descending |
$_SESSION['sort'] = 'a'; |
} |
|
if (isset($_GET['sortMode'])) |
{ |
$_SESSION['sortMode'] = $_GET['sortMode']; |
} |
else if (!isset($_SESSION['sortMode'])) |
{ |
/* |
* 'f' is filename |
* 't' is filetype |
* 'h' is downloads (hits) |
* 's' is size |
* 'm' is date (modified) |
* 'd' is description |
*/ |
$_SESSION['sortMode'] = 'f'; |
} |
|
//size of the "chunks" that are read at a time from the file (when $force_download is on) |
$speed = ($bandwidth_limit ? $bandwidth_limit : 8); |
|
if ($folder_expansion) |
{ |
if (!isset($_SESSION['expanded'])) |
{ |
$_SESSION['expanded'] = array(); |
} |
if (isset($_GET['expand']) && $_GET['expand'] != '') |
{ |
$temp = $dir.eval_dir(rawurldecode($_GET['expand'])); |
if (@is_dir($temp) && !in_array($temp, $_SESSION['expanded'])) |
{ |
$_SESSION['expanded'][] = $temp; |
} |
} |
if (isset($_GET['collapse']) && $_GET['collapse'] != '') |
{ |
$temp = $dir.eval_dir(rawurldecode($_GET['collapse'])); |
if (in_array($temp, $_SESSION['expanded'])) |
{ |
array_splice($_SESSION['expanded'], array_search($temp, $_SESSION['expanded']), 1); |
} |
} |
} |
|
if ($allow_uploads && (!$use_login_system || logged_in())) |
//upload a file |
{ |
if ($count_files = count($_FILES)) |
{ |
echo $html_heading; |
show_header(); |
$uploaded_files = $errors = ''; |
for ($i=0; $i<$count_files; $i++) |
{ |
$filename = get_basename($_FILES[$i]['name']); |
if ($filename == '') |
{ |
continue; |
} |
if (is_hidden($filename)) |
{ |
$errors .= "<li>$filename [filename is listed as a hidden file]</li>"; |
continue; |
} |
$filepath = $base_dir.eval_dir(rawurldecode($_POST['dir'])); |
$fullpathname = realpath($filepath).'/'.$filename; |
if (!$allow_file_overwrites && @file_exists($fullpathname)) |
{ |
$errors .= "<li>$filename [file already exists]</li>"; |
} |
else if (@move_uploaded_file($_FILES[$i]['tmp_name'], $fullpathname)) |
{ |
@chmod($fullpathname, 0644); |
$uploaded_files .= "<li>$filename</li>"; |
if ($log_file != '' && ok_to_log() && ($write = @fopen($log_file, 'ab'))) |
{ |
fwrite($write, date($date_format)."\t".date('H:i:s') |
. "\t$ip\t$host\t$referrer\t$dir\tFile uploaded: $filepath$filename\n"); |
fclose($write); |
} |
} |
else |
{ |
$errors .= "<li>$filename</li>"; |
} |
} |
if ($errors == '') |
{ |
$errors = '<br />[None]'; |
} |
if ($uploaded_files == '') |
{ |
$uploaded_files = '<br />[None]'; |
} |
echo "<p><strong>Uploaded files</strong>: $uploaded_files</p><p><strong>Failed files</strong>: $errors</p>", |
'<p><a class="default_a" href="', $this_file, 'dir=', |
$_POST['dir'], '">Continue.</a></p>'; |
show_footer(); |
die(); |
} |
else if (isset($_POST['numUpload'])) |
{ |
echo $html_heading; |
show_header(); |
echo "<table border='0' cellpadding='8' cellspacing='0'><tr class='paragraph'><td class='default_td'> |
<form enctype='multipart/form-data' action='$this_file' method='post'> |
<input type='hidden' name='dir' value='", $_POST['dir'], "' />\n"; |
$num = (int)$_POST['numUpload']; |
for ($i=0; $i<$num; $i++) |
{ |
$n = $i + 1; |
echo "\t\t{$words['file']} $n : <input name='$i' type='file' /><br />\n"; |
} |
echo '<p><input class="button" type="submit" value="Upload Files" /> |
</p></form></td></tr></table>'; |
show_footer(); |
die(); |
} |
} |
|
if ($use_login_system && logged_in() && is_admin()) |
{ |
$con = '<p><a class="default_a" href="'.$this_file.'dir=' |
.translate_uri($subdir).'">Continue.</a></p>'; |
|
if (isset($_GET['getcreate'])) |
{ |
echo $html_heading; |
show_header(); |
echo "<table border='0' cellpadding='8' cellspacing='0'><tr class='paragraph'><td class='default_td'> |
Enter the name of the folder you would like to create: |
<form method='get' action='$this_file'> |
<input type='hidden' name='dir' value='", translate_uri($subdir), "' />"; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<p><input type="text" name="create" /></p> |
<p><input class="button" type="submit" value="Create" /></p> |
</form></td></tr></table>'; |
show_footer(); |
die(); |
} |
else if (isset($_GET['create']) && $_GET['create'] != '') |
{ |
$p = $dir.eval_dir($_GET['create']); |
$msg = (@file_exists($p) ? 'Folder already exists: ' : (mkdir_recursive($p) ? 'Folder successfully created: ' : 'Could not create folder: ')); |
echo $html_heading; |
show_header(); |
echo $msg, htmlentities($p), $con; |
show_footer(); |
die(); |
} |
else if ($description_file != '' && isset($_GET['descFile']) && $_GET['descFile'] != '') |
{ |
if (isset($_GET['desc'])) |
{ |
$desc = trim(rawurldecode($_GET['desc'])); |
$descFile = trim(rawurldecode($_GET['descFile'])); |
edit_description($dir.$descFile, $desc); |
} |
else |
{ |
$filen = rawurldecode($_GET['descFile']); |
echo $html_heading; |
show_header(); |
echo "<table border='0' cellpadding='8' cellspacing='0'> |
<tr class='paragraph'><td class='default_td'> |
Enter the new description for the file <em>$filen</em>: |
<form method='get' action='$this_file'> |
<input type='hidden' name='dir' value='", translate_uri($subdir), "' /> |
<input type='hidden' name='descFile' value='", translate_uri($filen), '\' />'; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<p><input type="text" name="desc" size="50" value="', |
get_stored_info($dir.$filen, $description_file), '" /></p> |
<p><input class="button" type="submit" value="Change" /></p> |
</form></td></tr></table>'; |
show_footer(); |
die(); |
} |
} |
else if (isset($_GET['edit_links'])) |
{ |
echo $html_heading; |
show_header(); |
echo '<table border="0" cellpadding="8" cellspacing="0"> |
<tr class="paragraph"><td class="default_td">'; |
if ($links_file == '') |
{ |
echo '<p>The link system is not in use.<br />To turn it on, set the $links_file variable.</p>'; |
} |
else if (isset($_GET['link'], $_GET['name']) && $_GET['link'] != '') |
{ |
if ($handle = @fopen($dir.$links_file, 'ab')) |
{ |
fwrite($handle, $_GET['link'].'|'.$_GET['name']."\n"); |
fclose($handle); |
echo '<p>Link added.</p>'; |
} |
else |
{ |
echo '<p>Could not open links_file for writing.</p>'; |
} |
} |
else if (isset($_GET['remove'])) |
{ |
if (($list = @file($dir.$links_file)) && ($handle = @fopen($dir.$links_file, 'wb'))) |
{ |
for ($i=0; $i<count($list); $i++) |
{ |
if (rtrim($list[$i]) != rtrim($_GET['remove'])) |
{ |
fwrite($handle, $list[$i]); |
} |
} |
fclose($handle); |
echo '<p>Link removed.</p>'; |
} |
else |
{ |
echo '<p>Could not open links_file.</p>'; |
} |
} |
else |
{ |
echo '<h3>Add a new link:</h3><div class"small">for the directory <em>', htmlentities($dir), |
"</em></div><form method='get' action='$this_file'>", |
'<input type="hidden" name="dir" value="', translate_uri($subdir), |
'" /><p>URL: <input type="text" name="link" size="40" value="http://" /> |
<br />Name: <input type="text" name="name" size="35" /> |
<br /><span class="small">(Leave "name" blank for the URL itself to be shown.)</span></p>'; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<input type="hidden" name="edit_links" value="true" /> |
<p><input class="button" type="submit" value="Add" /></p></form></td></tr></table></p>', |
'<p><table border="0" cellpadding="8" cellspacing="0"><tr class="paragraph"><td class="default_td">', |
'<h3>Remove a link:</h3>', "<form method='get' action='$this_file'>"; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<input type="hidden" name="dir" value="', translate_uri($subdir), '" />', |
'<input type="hidden" name="edit_links" value="true" />'; |
$list = @file($dir.$links_file) or $list = array(); |
echo '<select name="remove">'; |
for ($i=0; $i<count($list); $i++) |
{ |
echo '<option>'.$list[$i].'</option>'; |
} |
echo '</select><p><input class="button" type="submit" value="Delete" /></form></p>'; |
} |
echo '</p></td></tr></table>', $con; |
show_footer(); |
die(); |
} |
else if (isset($_GET['copyFile'], $_GET['protocol'])) |
{ |
echo $html_heading; |
show_header(); |
if ($_GET['copyFile'] == '') |
{ |
echo '<p>Please go back and enter a file to copy.</p>', $con; |
show_footer(); |
die(); |
} |
$remote = $_GET['protocol'].$_GET['copyFile']; |
$local = $dir.get_basename($remote); |
if (!$allow_file_overwrites && @file_exists($local)) |
{ |
echo "File already exists: <em>$local</em>$con"; |
show_footer(); |
die(); |
} |
$r = @fopen($remote, 'rb') or die("<p>Cannot open remote file for reading: <em>$remote</em></p>$con"); |
$l = @fopen($local, 'wb') or die("<p>Cannot open local file for writing: <em>$local</em></p>$con"); |
while (true) |
{ |
$temp = fread($r, 8192); |
if ($temp === '') |
{ |
break; |
} |
fwrite($l, $temp); |
} |
fclose($l); |
fclose($r); |
echo "<p>Remote file <em>$remote</em> successfully copied to <em>$local</em></p>$con"; |
show_footer(); |
die(); |
} |
else if (isset($_GET['copyURL'])) |
{ |
echo $html_heading; |
show_header(); |
echo "<table border='0' cellpadding='8' cellspacing='0'> |
<tr class='paragraph'><td class='default_td'> |
Enter the name of the remote file you would like to copy: |
<form method='get' action='$this_file'> |
<input type='hidden' name='dir' value='", translate_uri($subdir), "' />"; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<p><input type="radio" name="protocol" value="http://" checked="checked" />http:// |
<br /><input type="radio" name="protocol" value="ftp://" />ftp:// |
<input type="text" name="copyFile" /></p> |
<p><input class="button" type="submit" value="Copy" /></p> |
</form></td></tr></table>'; |
show_footer(); |
die(); |
} |
else if (isset($_GET['rename']) && $_GET['rename'] != '') |
{ |
echo $html_heading; |
show_header(); |
echo '<table border="0" cellpadding="8" cellspacing="0"> |
<tr class="paragraph"><td class="default_td">'; |
$p = $dir.eval_dir(rawurldecode($_GET['rename'])); |
if (isset($_GET['newName']) && $_GET['newName'] != '') |
{ |
$new_name = $dir.eval_dir(rawurldecode($_GET['newName'])); |
if ($p == $new_name) |
{ |
$msg = 'The filename is unchanged for '; |
} |
else if (@rename($p, $new_name)) |
{ |
$msg = 'Rename successful for '; |
if ($download_count != '') |
{ |
$l = @file($download_count) or $l = array(); |
if ($h = @fopen($download_count, 'wb')) |
{ |
for ($i=0; $i<count($l); $i++) |
{ |
$regex = '/^'.preg_quote($p, '/').'/'; |
fwrite($h, preg_replace($regex, $new_name, $l[$i])); |
} |
fclose($h); |
} |
} |
if ($description_file != '') |
{ |
$l = @file($description_file) or $l = array(); |
if ($h = @fopen($description_file, 'wb')) |
{ |
for ($i=0; $i<count($l); $i++) |
{ |
$regex = '/^'.preg_quote($p, '/').'/'; |
fwrite($h, preg_replace($regex, $new_name, $l[$i])); |
} |
fclose($h); |
} |
} |
} |
else |
{ |
$msg = 'Rename failed for '; |
} |
echo $msg, htmlentities($p), $con, '</td></tr></table>'; |
show_footer(); |
die(); |
} |
echo '<p>Renaming <em>', htmlentities($p), "</em></p><p>New Filename: |
<br /><span class='small'>(you can also move the file by specifying a path)</span> |
</p><form method='get' action='$this_file'> |
<input type='hidden' name='dir' value='", translate_uri($subdir), "' /> |
<input type='hidden' name='rename' value='", translate_uri($_GET['rename']), '\' />'; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<input type="text" name="newName" size="40" value="', $_GET['rename'], '" /> |
<p><input class="button" type="submit" value="Rename" /></p></form></td></tr></table>'; |
show_footer(); |
die(); |
} |
else if (isset($_GET['delete']) && $_GET['delete'] != '') |
{ |
echo $html_heading; |
show_header(); |
echo '<table border="0" cellpadding="8" cellspacing="0"> |
<tr class="paragraph"><td class="default_td">'; |
$_GET['delete'] = rawurldecode($_GET['delete']); |
$p = $dir.eval_dir($_GET['delete']); |
if (isset($_GET['sure'])) //delete the file |
{ |
if (@is_dir($p)) |
{ |
$msg = (rmdir_recursive($p) ? 'Folder successfully deleted: ' |
: 'Could not delete folder: '); |
} |
else if (@is_file($p)) |
{ |
$msg = (@unlink($p) ? 'File successfully deleted: ' |
: 'Could not delete file: '); |
} |
else |
{ |
$msg = 'File or folder does not exist: '; |
} |
} |
else //ask user for confirmation |
{ |
$msg = 'Are you sure you want to delete <em>'; |
$con = '</em><p><a class="default_a" href="'.$this_file.'dir=' |
.translate_uri($subdir).'&delete='.translate_uri($_GET['delete']) |
.'&sure=true">Yes, delete it.</a></p><p><a class="default_a" href="' |
.$this_file.'dir='.translate_uri($subdir).'">No, go back.</a></p>'; |
} |
echo $msg, htmlentities($p), $con, '</td></tr></table>'; |
show_footer(); |
die(); |
} |
else if (isset($_GET['config'])) |
{ |
if (@is_file($config_generator)) |
{ |
define('CONFIG', true); |
if (!@include($config_generator)) |
{ |
die("$html_heading<p>Error including file <em>$config_generator</em></p>"); |
} |
die(); |
} |
else |
{ |
die("$html_heading<p>File <em>$config_generator</em> not found.</p>"); |
} |
} |
else if (isset($_GET['edit_ban'])) |
{ |
echo $html_heading; |
show_header(); |
echo '<table border="0" cellpadding="8" cellspacing="0"> |
<tr class="paragraph"><td class="default_td">'; |
if ($banned_list == '') |
{ |
echo '<p>The banning system is not in use.<br />To turn it on, set the $banned_list variable.</p>'; |
} |
else if (isset($_GET['add_ban'])) |
{ |
if ($handle = @fopen($banned_list, 'ab')) |
{ |
fwrite($handle, $_GET['add_ban']."\n"); |
fclose($handle); |
echo '<p>Ban added.</p>'; |
} |
else |
{ |
echo '<p>Could not open ban_list file for writing.</p>'; |
} |
} |
else if (isset($_GET['del_ban'])) |
{ |
$del_ban = rtrim($_GET['del_ban']); |
if (($list = @file($banned_list)) && ($handle = @fopen($banned_list, 'wb'))) |
{ |
for ($i=0; $i<count($list); $i++) |
{ |
if (rtrim($list[$i]) != $del_ban) |
{ |
fwrite($handle, $list[$i]); |
} |
} |
fclose($handle); |
echo '<p>Ban removed.</p>'; |
} |
else |
{ |
echo '<p>Could not open ban_list file.</p>'; |
} |
} |
else |
{ |
echo '<h3>Add a new ban:</h3>', |
"<form method='get' action='$this_file'>", |
'IP address or hostname: <input type="text" name="add_ban" size="35" /> |
<br /><span class="small">You can use wildcards if you want (*, ?, +)</span></p>'; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<input type="hidden" name="edit_ban" value="true" /> |
<p><input class="button" type="submit" value="Add" /></p></form></td></tr></table></p>', |
'<table border="0" cellpadding="8" cellspacing="0"><tr class="paragraph"><td class="default_td">', |
'<h3>Remove a ban:</h3>'."<form method='get' action='$this_file'>"; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<input type="hidden" name="edit_ban" value="true" />'; |
$list = @file($banned_list) or $list = array(); |
echo '<select name="del_ban">'; |
for ($i=0; $i<count($list); $i++) |
{ |
echo '<option>'.$list[$i].'</option>'; |
} |
echo '</select><p><input class="button" type="submit" value="Remove" /></form>'; |
} |
echo '</p></td></tr></table>', $con; |
show_footer(); |
die(); |
} |
} |
|
function get_change_color($num) |
{ |
if ($num > 0) |
{ |
return '<span style="color: #00FF00;">+'; |
} |
if ($num < 0) |
{ |
return '<span style="color: #FF0000;">'; |
} |
return '<span style="color: #000000;">'; |
} |
|
if ($use_login_system && isset($_GET['log'])) |
//logfile viewer |
{ |
echo $html_heading; |
show_header(); |
if (!logged_in() || !is_admin()) |
{ |
echo '<p>You must be logged in as an admin to access this page.</p>'; |
} |
else if ($log_file == '') |
{ |
echo '<p>The logging system is not in use. |
<br />To turn it on, set the $log_file variable.</p>'; |
} |
else if (isset($_GET['view'])) |
{ |
$log = @file($log_file) or die("Cannot open log file: <em>$log_file</em>"); |
$count_log = count($log); |
$max_to_display = (int)$_GET['view']; |
$num = (($max_to_display == 0) ? $count_log : min($max_to_display, $count_log)); |
echo "<p>Last $num log entries (of $count_log".')</p><table width="100%"><tr> |
<th class="default_th"> </th><th class="default_th">Date</th> |
<th class="default_th">Time</th><th class="default_th">IP</th> |
<th class="default_th">Hostname</th><th class="default_th">Referrer</th> |
<th class="default_th">File/Folder Viewed</th><th class="default_th">Other</th></tr>'; |
for ($i=0; $i<$num; $i++) |
{ |
$entries = explode("\t", rtrim($log[$count_log-$i-1])); |
$num_entries = count($entries); |
if ($num_entries > 5) |
{ |
echo "\n<tr class=", (($i % 2) ? '"dark_row">' : '"light_row">'), |
'<td class="default_td"><strong>', ($i + 1), '</strong></td>'; |
for ($j=0; $j<$num_entries; $j++) |
{ |
echo '<td class="default_td">', (($j == 4 && $entries[4] != 'N/A') ? |
'<a class="default_a" href="'.$entries[$j].'">'.htmlentities($entries[$j]).'</a>' : |
htmlentities($entries[$j])).'</td>'; |
} |
if ($num_entries === 6) |
{ |
echo '<td class="default_td"> </td>'; |
} |
echo '</tr>'; |
} |
} |
echo '</table>'; |
} |
else if (isset($_GET['stats'])) |
{ |
if (!@include($path_to_language_files.'country_codes.php')) |
{ |
die("<p>File not found: <em>{$path_to_language_files}country_codes.php</em></p>"); |
} |
$extensions = $dates = $unique_hits = $countries = array(); |
$total_hits = 0; |
$h = @fopen($log_file, 'rb') or die("<p>Cannot open log file: <em>$log_file</em></p>"); |
while (!feof($h)) |
{ |
$entries = explode("\t", rtrim(fgets($h, 1024))); |
if (count($entries) > 5) |
{ |
//find the number of unique visits |
if ($entries[5] == $base_dir) |
{ |
$total_hits++; |
if (!in_array($entries[3], $unique_hits)) |
{ |
$unique_hits[] = htmlentities($entries[3]); |
} |
|
//find country codes by hostnames |
$cc = ext($entries[3]); |
if (preg_match('/^[a-z]+$/i', $cc)) |
{ |
add_num_to_array($cc, $countries); |
} |
|
//find the dates of the visits |
add_num_to_array($entries[0], $dates); |
} |
|
//find file extensions |
else if (($ext = ext($entries[5])) && preg_match('/^[\w-]+$/', $ext)) |
{ |
add_num_to_array($ext, $extensions); |
} |
} |
} |
fclose($h); |
$num_days = count($dates); |
$avg = round($total_hits/$num_days); |
|
echo '<table width="40%"><tr><th class="default_th"> </th> |
<th class="default_th">Total</th><th class="default_th">Daily</th></tr>', |
"<tr class='light_row'><td class='default_td'>Hits</td> |
<td class='default_td'>$total_hits</td><td class='default_td'>$avg", |
'</td></tr><tr class="light_row"><td class="default_td">Unique Hits</td> |
<td class="default_td">'.count($unique_hits).'</td><td class="default_td">', |
round(count($unique_hits)/$num_days), |
'</td></tr></table><p>Percent Unique: ', |
number_format(count($unique_hits)/$total_hits*100, 1), '</p>'; |
|
arsort($extensions); |
arsort($countries); |
|
$date_nums = array_values($dates); |
echo '<p /><table width="75%" border="0"><tr><th class="default_th">Date</th> |
<th class="default_th">Hits That Day</th><th class="default_th">Change From Previous Day</th> |
<th class="default_th">Difference From Average ('.$avg.')</th></tr>'; |
$i = 0; |
foreach ($dates as $day => $num) |
{ |
$diff = $num - $avg; |
$change = (($i > 0) ? ($num - $date_nums[$i-1]) : 0); |
$change_color = get_change_color($change); |
$diff_color = get_change_color($diff); |
|
$class = (($i++ % 2) ? 'dark_row' : 'light_row'); |
echo "<tr class='$class'><td class='default_td'>$day</td> |
<td class='default_td'>$num</td> |
<td class='default_td'>$change_color$change</span></td> |
<td class='default_td'>$diff_color$diff</span></td></tr>"; |
} |
|
echo '</table><p /><table width="75%" border="0"> |
<tr><th class="default_th">Downloads based on file extensions</th> |
<th class="default_th">Total</th><th class="default_th">Daily</th></tr>'; |
$i = 0; |
foreach ($extensions as $ext => $num) |
{ |
$class = (($i++ % 2) ? 'dark_row' : 'light_row'); |
echo "<tr class='$class'><td class='default_td'>$ext</td> |
<td class='default_td'>$num</td><td class='default_td'>", |
number_format($num/$num_days, 1), '</td></tr>'; |
} |
|
echo '</table><p /><table width="75%" border="0"><tr> |
<th class="default_th">Hostname ISP extension</th> |
<th class="default_th">Total</th><th class="default_th">Daily</th></tr>'; |
$i = 0; |
foreach ($countries as $c => $num) |
{ |
$c_code = (isset($country_codes[strtolower($c)]) ? ' <span class="small">('.$country_codes[strtolower($c)].')</span>' : ''); |
$class = (($i++ % 2) ? 'dark_row' : 'light_row'); |
echo "<tr class='$class'><td class='default_td'>$c{$c_code}</td><td class='default_td'>$num</td><td class='default_td'>", |
number_format($num / $num_days, 1), "</td></tr>\n"; |
} |
echo '</table>'; |
} |
else |
{ |
echo '<table border="0" cellpadding="8" cellspacing="0"> |
<tr class="paragraph"><td class="default_td">' |
."<form method='get' action='$this_file'> |
<input type='hidden' name='log' value='true' />"; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '<p>List the latest <input type="text" size="2" name="view" /> enties in the log file (0 to view all).<input class="button" type="submit" value="Go" /></p></form> |
<p>or <a class="default_a" href="', $this_file, 'log=true&stats=true">view statistics</a>.</p></td></tr></table>'; |
} |
echo '<p><a class="default_a" href="', $this_file, '">Continue.</a></p>'; |
show_footer(); |
die(); |
} |
|
if ($use_login_system && (isset($_POST['admin']) || isset($_GET['admin']))) |
//user admin section |
{ |
echo $html_heading; |
show_header(); |
if (!logged_in() || !is_admin()) |
{ |
echo '<p>You must be logged in as an admin to access this page.</p>'; |
} |
else if (isset($_POST['username'], $_POST['password1'], $_POST['password2'], $_POST['admin'])) |
{ |
$pwd_reg_exp = '^[A-Za-z0-9_-]+$'; |
if (strlen($_POST['password1']) < 6) |
{ |
echo '<p>Password must be at least 6 characters long.</p>'; |
} |
else if (!ereg($pwd_reg_exp, $_POST['username'])) |
{ |
echo 'The username must only contain alpha-numeric characters, underscores, or dashes.', |
'<br /><span class="small">It must match the regular expression: <strong>', |
htmlentities($pwd_reg_exp), '</strong></span>'; |
} |
else if ($_POST['password1'] != $_POST['password2']) |
{ |
echo '<p>Passwords do not match.</p>'; |
} |
else if (is_username($_POST['username'])) |
{ |
echo '<p>That username already exists.</p>'; |
} |
else |
{ |
$handle = @fopen($user_list, 'ab') or die("<p>Could not open file <em>$user_list</em> for writing.</p>"); |
fwrite($handle, md5($_POST['password1']).$_POST['admin'].$_POST['username']."\n"); |
fclose($handle); |
echo '<p>User added. <a class="default_a" href="', $this_file, '">Continue.</a></p>'; |
} |
} |
else if (isset($_POST['deluser'], $_POST['doit'])) |
{ |
if ($_POST['doit']) |
{ |
if (is_user_admin($_POST['deluser']) && num_admins() < 2) |
{ |
echo '<p>You cannot remove this user because it is the only admin. |
<br />Create another user with admin rights, then delete this user.</p> |
<p><a class="default_a" href="', $this_file, '">Continue.</a></p>'; |
} |
else |
{ |
$handle = @fopen($user_list, 'wb') or die("<p>Could not open file <strong>$user_list</strong> for writing.</p>"); |
foreach ($global_user_list as $look) |
{ |
if (strcasecmp($_POST['deluser'], substr(rtrim($look), 33)) !== 0) |
{ |
fwrite($handle, $look); |
} |
} |
fclose($handle); |
echo '<p>User <strong>'.$_POST['deluser'].'</strong> has been removed. <a class="default_a" href="' |
.$this_file.'">Continue.</a></p>'; |
} |
} |
else |
{ |
echo '<table border="0" cellpadding="8" cellspacing="0"><tr class="paragraph"><td class="default_td">', |
'Are you sure you want to remove <strong>', $_POST['deluser'], "</strong>?<p><form method='post' action='$this_file'>", |
'<input type="hidden" name="doit" value="1" /><input type="hidden" name="admin" value="true" /><input type="hidden" name="deluser" value="', |
$_POST['deluser'], '" /><input class="button" type="submit" value="Yes, do it." />', |
'</form></td></tr></table>'; |
} |
} |
else |
{ |
echo " |
<table border='0' cellpadding='8' cellspacing='0'> |
<tr class='paragraph'><td class='default_td'> |
<h3>Add a user:</h3> |
<form method='post' action='$this_file'> |
<p><input type='hidden' name='admin' value='true' /> |
Username: <input type='text' name='username' /> |
<br />Password: <input type='password' name='password1' /> |
<br />Password: <input type='password' name='password2' /> |
<br />Is Admin?: <select name='admin'> |
<option selected='selected' value='0'>No</option> |
<option value='1'>Yes</option></select></p> |
<p><input class='button' type='submit' value='Add User' /></p> |
</form></td></tr></table> |
|
<p /><table border='0' cellpadding='8' cellspacing='0'> |
<tr class='paragraph'><td class='default_td'> |
<h3>Delete a user:</h3> |
<form method='post' action='$this_file'> |
<p><input type='hidden' name='admin' value='true' /> |
Select user to delete: <select name='deluser'>"; |
foreach ($global_user_list as $look) |
{ |
echo '<option>', substr($look, 33), '</option>'; |
} |
echo '</select><input type="hidden" name="doit" value="0" /></p> |
<p><input class="button" type="submit" value="Delete" /></p></form> |
</td></tr></table>'; |
} |
show_footer(); |
die(); |
} |
else if ($use_login_system && isset($_GET['logout'])) |
//logout |
{ |
session_unset(); |
session_destroy(); |
redirect($this_file); |
} |
else if ($use_login_system && (isset($_POST['passwd']) || isset($_GET['passwd']))) |
//change password |
{ |
echo $html_heading; |
show_header(); |
if (!logged_in()) |
{ |
echo '<p>You must login to access this page.</p>'; |
} |
else if (isset($_POST['oldpass'], $_POST['newpass1'], $_POST['newpass2'])) |
{ |
if (strlen($_POST['newpass1']) < 6) |
{ |
echo '<p>New password too short (must be at least 6 characters).</p>'; |
} |
else if ($_POST['newpass1'] != $_POST['newpass2']) |
{ |
echo '<p>New passwords do not match.</p>'; |
} |
else if (check_login($_SESSION['user'], md5($_POST['oldpass']))) |
{ |
$handle = @fopen($user_list, 'wb') or die("<p>Could not open file <strong>$user_list</strong> for writing.</p>"); |
foreach ($global_user_list as $look) |
{ |
fwrite($handle, ((strcasecmp($_SESSION['user'] , substr(rtrim($look), 33)) === 0) ? |
md5($_POST['newpass1']).substr($look, 32) : $look)); |
} |
fclose($handle); |
echo '<p>Password for <strong>'.$_SESSION['user'].'</strong> has been changed.<p>You must now <a class="default_a" href="' |
.$this_file.'">logout</a>.</p>'; |
} |
else |
{ |
echo '<p>Incorrect old password.</p>'; |
} |
} |
else |
{ |
echo "<table border='0' cellpadding='8' cellspacing='0'> |
<tr class='paragraph'><td class='default_td'> |
<form method='post' action='$this_file'> |
<input type='hidden' name='passwd' value='true' /> |
Old Password: <input type='password' name='oldpass' /> |
<br />New Password: <input type='password' name='newpass1' /> |
<br />New Password: <input type='password' name='newpass2' /> |
<p><input class='button' type='submit' value='Change Password' /> |
</form></td></tr></table>"; |
} |
show_footer(); |
die(); |
} |
|
$total_bytes = 0; |
|
if ($links_file != '' && isset($_GET['link'])) |
//redirect to a link |
{ |
if (ok_to_log()) |
{ |
if ($log_file != '') |
{ |
if ($write = @fopen($log_file, 'ab')) |
{ |
fwrite($write, date($date_format)."\t".date('H:i:s') |
."\t$ip\t$host\t$referrer\t" |
.$_GET['link']."\tLink file\n"); |
fclose($write); |
} |
} |
if ($download_count != '') |
{ |
add_to_file($_GET['link'], $download_count); |
} |
} |
redirect($_GET['link']); |
} |
|
if ($file_dl != '') |
//if the user specified a file to download, download it now |
{ |
if (!@is_file($dir.$file_dl)) |
{ |
header('HTTP/1.0 404 Not Found'); |
echo $html_heading; |
show_header(); |
echo '<h3>Error 404: file not found</h3>', |
htmlentities($dir . $file_dl), ' was not found on this server.'; |
show_footer(); |
die(); |
} |
|
if ($anti_leech && !isset($_SESSION['ref']) && ($referrer == 'N/A' || !stristr($referrer, $_SERVER['SERVER_NAME']))) |
{ |
if ($log_file != '' && ok_to_log()) |
{ |
if ($write = @fopen($log_file, 'ab')) |
{ |
fwrite($write, date($date_format)."\t".date('H:i:s') |
."\t$ip\t$host\t$referrer\t$dir$file_dl\tLeech Attempt\n"); |
fclose($write); |
} |
} |
$ref = (($referrer == 'N/A') ? 'typing it in the address bar...' : $referrer); |
echo $html_heading; |
show_header(); |
echo '<h3>This PHP Script has an Anti-Leech feature turned on.<p>Make sure you are accessing this file directly from <a class="default_a" href="http://', |
$_SERVER['SERVER_NAME'], '">', htmlentities($_SERVER['SERVER_NAME']), '</a></h3>', |
'It seems you are trying to get it from <strong>', "$ref</strong><p>Your IP address has been logged.<br />$ip ($host)"; |
$index_link = 'http://'.$_SERVER['SERVER_NAME'].$this_file.'dir='.translate_uri($subdir); |
echo '<p>Here is a link to the directory index the file is in:<br /><a class="default_a" href="', |
$index_link, '">', htmlentities($index_link), '</a></p>'; |
show_footer(); |
die(); |
} |
|
if (ok_to_log()) |
{ |
if ($download_count != '') |
{ |
add_to_file($dir.$file_dl, $download_count); |
} |
if ($log_file != '') |
{ |
if ($write = @fopen($log_file, 'ab')) |
{ |
fwrite($write, date($date_format)."\t".date('H:i:s') |
."\t$ip\t$host\t$referrer\t$dir$file_dl\n"); |
fclose($write); |
} |
} |
} |
|
if ($force_download) //use php to read the file, and tell the browser to download it |
{ |
if (!($fn = @fopen($dir.$file_dl, 'rb'))) |
{ |
die($html_heading.'<h3>Error 401: permission denied</h3> you cannot access <em>' |
.htmlentities($file_dl).'</em> on this server.'); |
} |
$outname = get_basename($file_dl); |
$size = @filesize($dir.$file_dl); |
if ($size !== false) |
{ |
header('Content-Length: '.$size); |
} |
header('Content-Type: '.find_mime_type(ext($outname)).'; name="'.$outname.'"'); |
header('Content-Disposition: attachment; filename="'.$outname.'"'); |
@set_time_limit(0); |
while (true) |
{ |
$temp = @fread($fn, (int)($speed * 1024)); |
if ($temp === '') |
{ |
break; |
} |
echo $temp; |
flush(); |
if ($bandwidth_limit) |
{ |
sleep(1); |
} |
} |
fclose($fn); |
die(); |
} |
redirect(translate_uri($dir.$file_dl)); |
} |
|
if ($log_file != '' && ok_to_log()) |
//write to the logfile |
{ |
if ($write = @fopen($log_file, 'ab')) |
{ |
$log_str = date($date_format)."\t".date('H:i:s') |
."\t$ip\t$host\t$referrer\t$dir"; |
if ($search != '') |
{ |
$log_str .= "\tSearch: $search"; |
} |
fwrite($write, $log_str."\n"); |
fclose($write); |
} |
else |
{ |
echo '<p>Error: Could not write to logfile.</p>'; |
} |
} |
|
if ($anti_leech && !isset($_SESSION['ref'])) |
{ |
$_SESSION['ref'] = 1; |
} |
|
echo $html_heading; |
show_header(); |
|
if (!@is_dir($dir)) |
//make sure the subfolder exists |
{ |
echo '<p><strong>Error: The folder <em>'.htmlentities($dir) |
.'</em> does not exist.</strong></p>'; |
$dir = $base_dir; |
$subdir = ''; |
} |
|
if ($enable_searching && $search != '') |
//show the results of a search |
{ |
echo '<table border="0" cellpadding="8" cellspacing="0"> |
<tr class="paragraph"><td class="default_td"><p><strong>', |
$words['search results'], '</strong> :<br /><span class="small">for <em>', |
htmlentities($dir), '</em> and its subdirectories</span></p><p>'; |
$results = search_dir($dir, $search); |
natcasesort($results); |
if ($_SESSION['sort'] == 'd' && $_SESSION['sortMode'] == 'f') |
{ |
$results = array_reverse($results); |
} |
for ($i=0; $i<count($results); $i++) |
{ |
$file = substr($results[$i], strlen($base_dir)); |
echo '<a class="default_a" href="'.$this_file; |
if (is_dir($base_dir.$file)) |
{ |
echo 'dir='.translate_uri($file).'/">'; |
if ($icon_path != '') |
{ |
echo '<img height="16" width="16" alt="[dir]" src="', $icon_path, '/dir.png" /> '; |
} |
echo htmlentities($file)."/</a><br />\n"; |
} |
else if (preg_match('/\|$/', $file)) |
{ |
$file = substr($file, 0, -1); |
$display = get_stored_info($file, $dir.$links_file); |
if ($display == '') |
{ |
$display = $file; |
} |
echo 'dir=', translate_uri($subdir), '&link=', |
translate_uri($file), '" title="Link to: ', $file, '">', |
icon(ext($display)), htmlentities($display), '</a><br />'; |
} |
else |
{ |
echo 'dir=', translate_uri(dirname($file)).'/&file=', |
translate_uri(get_basename($file)), '">', |
icon(ext($file)), htmlentities($file), "</a><br />\n"; |
} |
} |
if (!count($results)) |
{ |
echo '</p><p><strong>[ ', $words['no results'], ' ]</strong></p>'; |
} |
echo '</p><p>', $words['end of results'], ' (', count($results), ' ', |
$words['found'], ')</p></td></tr></table>'; |
show_search_box(); |
echo '<p><a class="default_a" href="', $this_file, 'dir=', |
translate_uri($subdir), '">Go back.</a></p>'; |
show_footer(); |
die(); |
} |
|
//path navigation at the top |
echo '<div>', $words['index of'], ' <a class="default_a" href="', $this_file, |
'dir=">', htmlentities(substr(str_replace('/', ' / ', $base_dir), 0, -2)), |
'</a>/ '; |
$exploded = explode('/', $subdir); |
$c = count($exploded) - 1; |
for ($i=0; $i<$c; $i++) |
{ |
echo '<a class="default_a" href="', $this_file, 'dir='; |
for ($j=0; $j<=$i; $j++) |
{ |
echo translate_uri($exploded[$j]), '/'; |
} |
echo '">', htmlentities($exploded[$i]), '</a> / '; |
} |
|
//begin the table |
echo "</div>\n\n", '<table width="100%" border="0" cellpadding="0" cellspacing="2"><tr>'; |
table_heading($words['file'], 'f', 'Sort by Filename'); |
if ($show_type_column) |
{ |
table_heading('Type', 't', 'Sort by Type'); |
} |
if ($download_count != '') |
{ |
table_heading('Downloads', 'h', 'Sort by Hits'); |
} |
if ($show_size_column) |
{ |
table_heading($words['size'], 's', 'Sort by Size'); |
} |
if ($show_date_column) |
{ |
table_heading($words['modified'], 'm', 'Sort by Date'); |
} |
if ($description_file != '') |
{ |
table_heading('Description', 'd', 'Sort by Description'); |
} |
echo '</tr>'; |
|
if ($subdir != '') |
//if they are not in the root folder, have a link to the parent directory |
{ |
echo '<tr class="light_row"><td class="default_td" colspan="6"><a class="default_a" href="', $this_file, 'dir='; |
$subdir = substr($subdir, 0, -1); |
echo translate_uri(substr($subdir, 0, strrpos($subdir,'/'))), '/">'; |
if ($icon_path != '') |
{ |
echo "<img height=\"16\" width=\"16\" src=\"$icon_path/back.png\" alt=\"[dir]\" /> "; |
} |
echo $words['parent directory'], '</a></td></tr>'; |
$subdir .= '/'; |
} |
|
flush(); |
|
$file_array = get_file_list($dir); |
$size_array = $date_a_array = $date_m_array = $desc_array = $hit_array = $type_array = array(); |
|
$c = count($file_array); |
for ($i=0; $i<$c; $i++) |
{ |
$thisf = $dir.$file_array[$i]; |
if (preg_match('/\|$/', $thisf)) //it is a link |
{ |
$thisf = substr($thisf, 0, -1); |
$type_array[] = ($show_type_column ? ext(get_stored_info(substr($file_array[$i], 0, -1), $dir.$links_file)) : ''); |
$hit_array[] = (($download_count != '' && !@is_dir($thisf)) ? (int)(get_stored_info(substr($file_array[$i], 0, -1), $download_count)) : 0); |
$date_m_array[] = 'N/A'; |
$date_a_array[] = 'N/A'; |
$size_array[] = '[Link]'; |
} |
else //it is an actual file or folder |
{ |
$size_array[] = ($show_size_column ? (@is_dir($thisf) ? ($show_dir_size ? dir_size("$thisf/") : 0) : max((int)@filesize($thisf), 0)) : 0); |
$type_array[] = (($show_type_column && !@is_dir($thisf)) ? ext($thisf) : ''); |
$hit_array[] = (($download_count != '' && !@is_dir($thisf)) ? (int)(get_stored_info($thisf, $download_count)) : 0); |
if ($show_date_column) |
{ |
$date_m_array[] = filemtime($thisf); |
$date_a_array[] = fileatime($thisf); |
} |
else |
{ |
$date_m_array[] = 0; |
$date_a_array[] = 0; |
} |
} |
$desc_array[] = (($description_file == '') ? '' : get_stored_info($thisf, $description_file)); |
} |
|
switch (strtolower($_SESSION['sortMode'])) |
{ |
case 's': |
array_multisort($size_array, $file_array, $date_m_array, |
$date_a_array, $hit_array, $desc_array, $type_array); |
break; |
case 'm': |
array_multisort($date_m_array, $file_array, $size_array, |
$date_a_array, $hit_array, $desc_array, $type_array); |
break; |
case 'd': |
array_multisort($desc_array, $file_array, $date_m_array, |
$size_array, $date_a_array, $hit_array, $type_array); |
break; |
case 'h': |
array_multisort($hit_array, $file_array, $date_m_array, |
$size_array, $date_a_array, $desc_array, $type_array); |
break; |
case 't': |
array_multisort($type_array, $file_array, $hit_array, |
$date_m_array, $size_array, $date_a_array, $desc_array); |
} |
|
if (strtolower($_SESSION['sort']) === 'd') |
//if the current sort mode is set to descending, reverse all the arrays |
{ |
$file_array = array_reverse($file_array); |
$size_array = array_reverse($size_array); |
$date_m_array = array_reverse($date_m_array); |
$date_a_array = array_reverse($date_a_array); |
$desc_array = array_reverse($desc_array); |
$hit_array = array_reverse($hit_array); |
$type_array = array_reverse($type_array); |
} |
|
$folder_count = $file_count = $dl_count = 0; |
|
for ($i=0; $i<$c; $i++) |
//display the list of files |
{ |
$value = $file_array[$i]; |
echo "\n<tr class=", (($i % 2 == ($subdir == '')) ? '"dark_row">' : '"light_row">'); |
|
//file column |
echo '<td class="default_td" align="left" valign="top"><a class="default_a" href="', $this_file; |
$npart = $dir . $value; |
if (preg_match('/\|$/', $value)) //it is a link, not an actual file |
{ |
$value = substr($value, 0, -1); |
$npart = substr($npart, 0, -1); |
$display = get_stored_info($value, $dir.$links_file); |
if ($display == '') |
{ |
$display = $value; |
} |
echo 'dir=', translate_uri($subdir), '&link=', |
translate_uri($value), '" title="Link to: ', $value, '">', |
icon(ext($display)), htmlentities($display), '</a>'; |
} |
else //it is a real file or folder |
{ |
if (@is_dir($npart)) |
{ |
$folder_count++; |
if ($icon_path != '') |
{ |
if ($folder_expansion) |
{ |
$listVal = (in_array($npart, $_SESSION['expanded']) ? 'collapse' : 'expand'); |
echo 'dir=', translate_uri($subdir), "&$listVal=", translate_uri($value), |
'"><img height="16" width="16" alt="[dir]" src="', |
$icon_path.'/dir.png" /></a> ', |
'<a class="default_a" href="', $this_file, 'dir=', |
translate_uri($subdir . $value), '/">'; |
} |
else |
{ |
echo 'dir=', translate_uri($subdir . $value), '/">', |
'<img height="16" width="16" alt="[dir]" src="', $icon_path, '/dir.png" /> '; |
} |
} |
else |
{ |
echo 'dir=', translate_uri($subdir . $value), '/">'; |
} |
echo htmlentities($value).'</a>'; |
if ($show_folder_count) |
{ |
$n = num_files($npart); |
$s = (($n == 1) ? $words['file'] : $words['files']); |
echo " [$n $s]"; |
} |
} |
else //is a file |
{ |
$file_count++; |
echo 'dir=', translate_uri($subdir), '&file=', |
translate_uri($value), "\">", |
icon(ext($npart)), htmlentities($value), '</a>'; |
if ($md5_show && $size_array[$i] > 0 && $size_array[$i] / 1048576 <= $md5_show) |
{ |
echo ' [<a class="default_a" href="', $this_file, |
'dir=', translate_uri($subdir), '&md5=', |
translate_uri($value), '"><span class="small">get md5sum</span></a>]'; |
} |
} |
if ($use_login_system && logged_in() && is_admin()) |
{ |
echo ' [<a class="default_a" href="', $this_file, 'dir='.translate_uri($subdir), |
'&delete=', translate_uri($value), '"><span class="small">delete</span></a>, ', |
'<a class="default_a" href="', $this_file, 'dir=', translate_uri($subdir), |
'&rename=', translate_uri($value), '"><span class="small">rename/move</span></a>]'; |
} |
$age = (time() - $date_m_array[$i]) / 86400; |
$age_r = round($age, 1); |
$s = (($age_r == 1) ? '' : 's'); |
if ($days_new && $age <= $days_new) |
{ |
echo (($icon_path == '') ? ' <span class="small" style="color: #FF0000;">[New]</span>' |
: ' <img alt="'."$age_r day$s".' old" height="14" width="28" src="'.$icon_path.'/new.png" />'); |
} |
if ($folder_expansion && @is_dir($npart) && in_array($npart, $_SESSION['expanded'])) |
{ |
$ex_array = get_file_list($npart.'/'); |
if ($_SESSION['sort'] == 'd' && $_SESSION['sortMode'] == 'f') |
{ |
$ex_array = array_reverse($ex_array); |
} |
echo '<ul>'; |
for ($j=0; $j<count($ex_array); $j++) |
{ |
$element = $ex_array[$j]; |
echo '<li><a class="default_a" href="'.$this_file |
.((@is_file("$npart/$element")) ? 'dir='.translate_uri($subdir.$value).'/&file=' |
.translate_uri($element).'">' : 'dir='.translate_uri("$subdir$value/$element/").'">'); |
if (@is_file("$npart/$element")) |
{ |
echo icon(ext($element)); |
} |
else if ($icon_path != '') |
{ |
echo '<img height="16" width="16" alt="[dir]" src="', |
$icon_path, '/dir.png" /> '; |
} |
echo htmlentities($element), "</a></li>\n"; |
} |
echo '</ul>'; |
} |
} |
if ($use_login_system && $description_file != '' && logged_in() && is_admin()) |
//"edit description" link |
{ |
echo ' [<a class="default_a" href="', $this_file, 'dir=', |
translate_uri($subdir), '&descFile=', translate_uri($value), |
'"><span class="small">change description</span></a>]'; |
} |
|
if ($thumbnail_height > 0 && in_array(ext($value), array('png', 'jpg', 'jpeg', 'gif')) && @is_file($npart)) |
//display the thumbnail image |
{ |
echo ' <a href="'.$this_file.'dir=', translate_uri($subdir), '&file=', |
translate_uri($value), '"><img src="', $this_file, |
'dir=', translate_uri($subdir), '&thumbnail=', translate_uri($value), |
'" alt="Thumbnail of ', $value, '" /></a>'; |
} |
|
echo '</td>'; //end filename column |
|
//filetype column |
if ($show_type_column) |
{ |
echo '<td class="default_td" align="left" valign="top">', |
(($type_array[$i] == '') ? ' ' : htmlentities($type_array[$i])), '</td>'; |
} |
|
//hits column |
if ($download_count != '') |
{ |
$dl_count += $hit_array[$i]; |
echo '<td class="default_td" align="right" valign="top">', |
((!@is_dir($npart)) ? $hit_array[$i] : ' '), '</td>'; |
} |
|
//size column |
if ($show_size_column) |
{ |
echo '<td class="default_td" align="right" valign="top">'; |
$ds = $size_array[$i]; |
if ($ds === '[Link]') |
{ |
echo $ds; |
} |
else |
{ |
$total_bytes += $ds; |
$size_h = get_filesize($ds); |
echo (@is_dir($npart) ? |
($show_dir_size ? "<a title=\"$value/\n".number_format($ds, 0, '.', ',')." bytes ($size_h)\">$size_h</a>" : '[dir]') |
: "<a title=\"$value\n".number_format($ds, 0, '.', ',')." bytes ($size_h)\">$size_h</a>"); |
} |
echo '</td>'; |
} |
|
//date column |
if ($show_date_column) |
{ |
echo '<td class="default_td" align="right" valign="top">'; |
if ($date_a_array[$i] == 'N/A') |
{ |
echo 'N/A'; |
} |
else |
{ |
$a = date($date_format.' h:i:s A', $date_a_array[$i]); |
$m = date($date_format.' h:i:s A', $date_m_array[$i]); |
echo "<a title=\"$value\nLast Modified: $m\nLast Accessed: $a\">", |
date($date_format, $date_m_array[$i]), '</a>'; |
} |
echo '</td>'; |
} |
|
//description column |
if ($description_file != '') |
{ |
echo '<td class="default_td" align="left" valign="top">', |
(($desc_array[$i] != '') ? $desc_array[$i] : ' '), '</td>'; |
} |
|
echo "</tr>\n"; |
} |
|
//footer of the table |
echo '<tr><th class="default_th"><span class="small">', "\n$file_count ", |
$words[(($file_count == 1) ? 'file' : 'files')], |
" - $folder_count ", $words['folders'], '</span></th>'; |
if ($show_type_column) |
{ |
echo "<th class='default_th'> </th>"; |
} |
if ($download_count != '') |
{ |
echo "<th class='default_th'><span class='small'>Total: $dl_count</span></th>"; |
} |
if ($show_size_column) |
{ |
echo '<th class="default_th"><span class="small">', $words['total size'], ': <a title="' ,$words['total size'], ":\n", |
number_format($total_bytes, 0, '.', ','), ' bytes (', get_filesize($total_bytes), ')">', |
get_filesize($total_bytes), "</a></span></th>\n"; |
} |
if ($show_date_column) |
{ |
echo '<th class="default_th"> </th>'; |
} |
if ($description_file != '') |
{ |
echo '<th class="default_th"> </th>'; |
} |
echo '</tr></table><div class="small" style="text-align: right;">Powered by <a class="default_a" href="http://autoindex.sourceforge.net/">AutoIndex PHP Script</a></div>'; |
/* |
* We request that you do not remove the link to the AutoIndex website. |
* This not only gives respect to the large amount of time given freely by the |
* developer, but also helps build interest, traffic, and use of AutoIndex. |
*/ |
|
echo "\n", '<table width="100%" border="0" cellpadding="0" cellspacing="2"> |
<tr valign="top"><td>'; |
if ($enable_searching) |
{ |
show_search_box(); |
} |
|
if ($use_login_system) |
{ |
if (!logged_in()) |
{ |
echo '</td><td>'; |
show_login_box(); |
} |
else //show user options |
{ |
echo '<br /><table border="0" cellpadding="8" cellspacing="0"><tr class="paragraph"><td class="default_td">'; |
if (is_admin()) |
{ |
echo '<p><a class="default_a" href="'.$this_file.'config=true">Reconfigure script</a></p>', |
'<p><a class="default_a" href="'.$this_file.'admin=true">User account management</a>', |
'<br /><a class="default_a" href="'.$this_file.'log=true">Log file viewer / statistics</a>', |
'<br /><a class="default_a" href="'.$this_file.'edit_links=true&dir='.translate_uri($subdir).'">Links file editor</a>', |
'<br /><a class="default_a" href="'.$this_file.'edit_ban=true">Edit ban list</a></p>', |
'<p><a class="default_a" href="'.$this_file.'getcreate=true&dir='.translate_uri($subdir).'">Create a folder (in current directory)</a>', |
'<br /><a class="default_a" href="'.$this_file.'copyURL=true&dir='.translate_uri($subdir).'">Copy a remote file (to current directory)</a></p>'; |
} |
echo '<p><a class="default_a" href="', $this_file, |
'passwd=true">Change password</a><br /><a class="default_a" href="', $this_file, |
'logout=true">Log out [ ', $_SESSION['user'], ' ]</a></p></td></tr></table>'; |
} |
} |
echo '</td></tr></table>'; |
|
if ($allow_uploads && (!$use_login_system || logged_in())) |
{ |
echo "<form method='post' action='$this_file'> |
<input type='hidden' name='dir' value='$subdir' /> |
Upload <select size='1' name='numUpload'>"; |
for ($i=1; $i<=10; $i++) |
{ |
echo "\t<option>$i</option>\n"; |
} |
echo '</select> file(s) to this folder <input type="submit" value="Go" /></form>'; |
} |
|
if ($select_language) |
{ |
echo '<p style="text-align: left;">Select Language:</p>', |
"<form method='get' action='$this_file'><div><select name='lang'>"; |
$l = get_all_files($path_to_language_files); |
sort($l); |
for ($i=0; $i<count($l); $i++) |
{ |
if (@is_file($path_to_language_files.$l[$i]) && |
preg_match('/^[a-z]{2}(_[a-z]{2})?\.php$/i', $l[$i])) |
{ |
$f = substr(get_basename($l[$i]), 0, -4); |
$sel = (($f == $_SESSION['lang']) ? ' selected="selected"' : ''); |
echo "\t<option$sel>$f</option>\n"; |
} |
} |
echo '</select><input type="submit" value="Change" />'; |
if ($index != '' && strpos($index, '?') !== false) |
{ |
$id_temp = explode('=', $index, 2); |
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1); |
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />"; |
} |
echo '</div></form>'; |
} |
|
show_footer(); |
|
//find time it took for the page to generate, in milliseconds |
$page_time = round((get_microtime() - $start_time) * 1000, 1); |
|
echo ' |
<!-- |
|
Powered by AutoIndex PHP Script (version '.VERSION.') |
Copyright (C) 2002-2005 Justin Hagstrom |
http://autoindex.sourceforge.net |
|
Page generated in ', $page_time, ' milliseconds. |
|
--> |
'; //We request that you retain the above copyright notice. |
|
if ($index == '') |
{ |
echo '</body></html>'; |
} |
|
?> |