Subversion Repositories svnkaklik

Rev

Blame | Last modification | View Log | Download

<?php

/*************************************************************
*  TorrentFlux - PHP Torrent Manager
*  www.torrentflux.com
**************************************************************/
/*
    This file is part of TorrentFlux.

    TorrentFlux is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

    TorrentFlux is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with TorrentFlux; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

include_once("config.php");
include_once("functions.php");

checkUserPath();

// Setup some defaults if they are not set.
$del = getRequestVar('del');
$down = getRequestVar('down');
$tar = getRequestVar('tar');
$dir = stripslashes(urldecode(getRequestVar('dir')));

// Are we to delete something?
if ($del != "")
{
    $current = "";
    // The following lines of code were suggested by Jody Steele jmlsteele@stfu.ca
    // this is so only the owner of the file(s) or admin can delete
    if(IsAdmin($cfg["user"]) || preg_match("/^" . $cfg["user"] . "/",$del))
    {
        // Yes, then delete it

        // we need to strip slashes twice in some circumstances
        // Ex.  If we are trying to delete test/tester's file/test.txt
        //    $del will be "test/tester\\\'s file/test.txt"
        //    one strip will give us "test/tester\'s file/test.txt
        //    the second strip will give us the correct
        //        "test/tester's file/test.txt"

        $del = stripslashes(stripslashes($del));

        if (!ereg("(\.\.\/)", $del))
        {
            avddelete($cfg["path"].$del);

            $arTemp = explode("/", $del);
            if (count($arTemp) > 1)
            {
                array_pop($arTemp);
                $current = implode("/", $arTemp);
            }
            AuditAction($cfg["constants"]["fm_delete"], $del);
        }
        else
        {
            AuditAction($cfg["constants"]["error"], "ILLEGAL DELETE: ".$cfg['user']." tried to delete ".$del);
        }
    }
    else
    {
        AuditAction($cfg["constants"]["error"], "ILLEGAL DELETE: ".$cfg['user']." tried to delete ".$del);
    }

    header("Location: dir.php?dir=".urlencode($current));
}

// Are we to download something?
if ($down != "" && $cfg["enable_file_download"])
{
    $current = "";
    // Yes, then download it

    // we need to strip slashes twice in some circumstances
    // Ex.  If we are trying to download test/tester's file/test.txt
    // $down will be "test/tester\\\'s file/test.txt"
    // one strip will give us "test/tester\'s file/test.txt
    // the second strip will give us the correct
    //  "test/tester's file/test.txt"

    $down = stripslashes(stripslashes($down));

    if (!ereg("(\.\.\/)", $down))
    {
        $path = $cfg["path"].$down;

        $p = explode(".", $path);
        $pc = count($p);

        $f = explode("/", $path);
        $file = array_pop($f);
        $arTemp = explode("/", $down);
        if (count($arTemp) > 1)
        {
            array_pop($arTemp);
            $current = implode("/", $arTemp);
        }

        if (file_exists($path))
        {
            header("Content-type: application/octet-stream\n");
            header("Content-disposition: attachment; filename=\"".$file."\"\n");
            header("Content-transfer-encoding: binary\n");
            header("Content-length: " . file_size($path) . "\n");

            // write the session to close so you can continue to browse on the site.
            session_write_close("TorrentFlux");

            //$fp = fopen($path, "r");
            $fp = popen("cat \"$path\"", "r");
            fpassthru($fp);
            pclose($fp);

            AuditAction($cfg["constants"]["fm_download"], $down);
            exit();
        }
        else
        {
            AuditAction($cfg["constants"]["error"], "File Not found for download: ".$cfg['user']." tried to download ".$down);
        }
    }
    else
    {
        AuditAction($cfg["constants"]["error"], "ILLEGAL DOWNLOAD: ".$cfg['user']." tried to download ".$down);
    }
    header("Location: dir.php?dir=".urlencode($current));
}

// Are we to download something?
if ($tar != "" && $cfg["enable_file_download"])
{
    $current = "";
    // Yes, then tar and download it

    // we need to strip slashes twice in some circumstances
    // Ex.  If we are trying to download test/tester's file/test.txt
    // $down will be "test/tester\\\'s file/test.txt"
    // one strip will give us "test/tester\'s file/test.txt
    // the second strip will give us the correct
    //  "test/tester's file/test.txt"

    $tar = stripslashes(stripslashes($tar));

    if (!ereg("(\.\.\/)", $tar))
    {
        // This prevents the script from getting killed off when running lengthy tar jobs.
        ini_set("max_execution_time", 3600);
        $tar = $cfg["path"].$tar;

        $arTemp = explode("/", $tar);
        if (count($arTemp) > 1)
        {
            array_pop($arTemp);
            $current = implode("/", $arTemp);
        }

        // Find out if we're really trying to access a file within the
        // proper directory structure. Sadly, this way requires that $cfg["path"]
        // is a REAL path, not a symlinked one. Also check if $cfg["path"] is part
        // of the REAL path.
        if (is_dir($tar))
        {
            $sendname = basename($tar);

            switch ($cfg["package_type"])
            {
                Case "tar":
                    $command = "tar cf - \"".addslashes($sendname)."\"";
                    break;
                Case "zip":
                    $command = "zip -0r - \"".addslashes($sendname)."\"";
                    break;
                default:
                    $cfg["package_type"] = "tar";
                    $command = "tar cf - \"".addslashes($sendname)."\"";
                    break;
            }

            // HTTP/1.0
            header("Pragma: no-cache");
            header("Content-Description: File Transfer");
            header("Content-Type: application/force-download");
            header('Content-Disposition: attachment; filename="'.$sendname.'.'.$cfg["package_type"].'"');

            // write the session to close so you can continue to browse on the site.
            session_write_close("TorrentFlux");

            // Make it a bit easier for tar/zip.
            chdir(dirname($tar));
            passthru($command);

            AuditAction($cfg["constants"]["fm_download"], $sendname.".".$cfg["package_type"]);
            exit();
        }
        else
        {
            AuditAction($cfg["constants"]["error"], "Illegal download: ".$cfg['user']." tried to download ".$tar);
        }
    }
    else
    {
        AuditAction($cfg["constants"]["error"], "ILLEGAL TAR DOWNLOAD: ".$cfg['user']." tried to download ".$tar);
    }
    header("Location: dir.php?dir=".urlencode($current));
}

if ($dir == "")
{
    unset($dir);
}

if (isset($dir))
{
    if (ereg("(\.\.)", $dir))
    {
        unset($dir);
    }
    else
    {
        $dir = $dir."/";
    }
}

DisplayHead(_DIRECTORYLIST);
?>

<script language="JavaScript">
function MakeTorrent(name_file)
{
    window.open (name_file,'_blank','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=no,width=600,height=430')
}

function ConfirmDelete(file)
{
    return confirm("<?php echo _ABOUTTODELETE ?>: " + file)
}
</script>

<?php

displayDriveSpaceBar(getDriveSpace($cfg["path"]));
echo "<br>";

if(!isset($dir)) $dir = "";
ListDirectory($cfg["path"].$dir);

DisplayFoot();


//**************************************************************************
// ListDirectory()
// This method reads files and directories in the specified path and
// displayes them.
function ListDirectory($dirName)
{
    global $dir, $cfg;
    $bgLight = $cfg["bgLight"];
    $bgDark = $cfg["bgDark"];
    $entrys = array();

    $bg = $bgLight;

    $dirName = stripslashes($dirName);

    if (isset($dir))
    {
        //setup default parent directory URL
        $parentURL = "dir.php";

        //get the real parentURL
        if (preg_match("/^(.+)\/.+$/",$dir,$matches) == 1)
        {
            $parentURL="dir.php?dir=" . urlencode($matches[1]);
        }

        echo "<a href=\"" . $parentURL . "\"><img src=\"images/up_dir.gif\" width=16 height=16 title=\""._BACKTOPARRENT."\" border=0>["._BACKTOPARRENT."]</a>";
    }

    echo "<table cellpadding=2 width=740>";
    $handle = opendir($dirName);
    while($entry = readdir($handle))
    {
        $entrys[] = $entry;
    }
    natsort($entrys);

    foreach($entrys as $entry)
    {
        if ($entry != "." && $entry != ".." && substr($entry, 0, 1) != ".")
        {
            if (@is_dir($dirName.$entry))
            {
                echo "<tr bgcolor=\"".$bg."\"><td><a href=\"dir.php?dir=".urlencode($dir.$entry)."\"><img src=\"images/folder2.gif\" width=\"16\" height=\"16\" title=\"".$entry."\" border=\"0\" align=\"absmiddle\">".$entry."</a></td>";
                echo "<td>&nbsp;</td>";
                echo "<td>&nbsp;</td>";
                echo "<td align=\"right\">";
                
                if ($cfg["enable_maketorrent"])
                {
                    echo "<a href=\"JavaScript:MakeTorrent('maketorrent.php?path=".urlencode($dir.$entry)."')\"><img src=\"images/make.gif\" width=16 height=16 title=\"Make Torrent\" border=0></a>";
                }
                
                if ($cfg["enable_file_download"])
                {
                    echo "<a href=\"dir.php?tar=".urlencode($dir.$entry)."\"><img src=\"images/tar_down.gif\" width=16 height=16 title=\"Download as ".$cfg["package_type"]."\" border=0></a>";
                }
                
                // The following lines of code were suggested by Jody Steele jmlsteele@stfu.ca
                // this is so only the owner of the file(s) or admin can delete
                // only give admins and users who "own" this directory
                // the ability to delete sub directories
                if(IsAdmin($cfg["user"]) || preg_match("/^" . $cfg["user"] . "/",$dir))
                {
                    echo "<a href=\"dir.php?del=".urlencode($dir.$entry)."\" onclick=\"return ConfirmDelete('".addslashes($entry)."')\"><img src=\"images/delete_on.gif\" width=16 height=16 title=\""._DELETE."\" border=0></a>";
                }
                else
                {
                    echo "&nbsp;";
                }
                echo "</td></tr>\n";
                if ($bg == $bgLight)
                {
                    $bg = $bgDark;
                }
                else
                {
                    $bg = $bgLight;
                }
            }
            else
            {
                // Do nothing
            }
        }
    }
    closedir($handle);

    $entrys = array();
    $handle = opendir($dirName);
    while($entry = readdir($handle))
    {
        $entrys[] = $entry;
    }
    natsort($entrys);

    foreach($entrys as $entry)
    {
        if ($entry != "." && $entry != "..")
        {
            if (@is_dir($dirName.$entry))
            {
                // Do nothing
            }
            else
            {
                $arStat = @lstat($dirName.$entry);
                $arStat[7] = ( $arStat[7] == 0 )? file_size( $dirName . $entry ) : $arStat[7];
                if (array_key_exists(10,$arStat))
                {
                        $timeStamp = $arStat[10];
                }
                else
                {
                    $timeStamp = "";
                }
                $fileSize = number_format(($arStat[7])/1024);
                // Code added by Remko Jantzen to assign an icon per file-type. But when not
                // available all stays the same.
                $image="images/time.gif";
                $imageOption="images/files/".getExtension($entry).".png";
                if (file_exists("./".$imageOption))
                {
                    $image = $imageOption;
                }

                echo "<tr bgcolor=\"".$bg."\">";
                echo "<td>";

                // Can users download files?
                if ($cfg["enable_file_download"])
                {
                    // Yes, let them download
                    echo "<a href=\"dir.php?down=".urlencode($dir.$entry)."\" >";
                    echo "<img src=\"".$image."\" width=\"16\" height=\"16\" alt=\"".$entry."\" border=\"0\"></a>";
                    echo "<a href=\"dir.php?down=".urlencode($dir.$entry)."\" >".$entry."</a>";
                }
                else
                {
                    // No, just show the name
                    echo "<img src=\"".$image."\" width=\"16\" height=\"16\" alt=\"".$entry."\" border=\"0\">";
                    echo $entry;
                }

                echo "</td>";
                echo "<td align=\"right\">".$fileSize." KB</td>";
                echo "<td>".date("m-d-Y g:i a", $timeStamp)."</td>";
                echo "<td align=\"right\">";

                if( $cfg["enable_view_nfo"] && (( substr( strtolower($entry), -4 ) == ".nfo" ) || ( substr( strtolower($entry), -4 ) == ".txt" ))  )
                {
                    echo "<a href=\"viewnfo.php?path=".urlencode(addslashes($dir.$entry))."\"><img src=\"images/view_nfo.gif\" width=16 height=16 title=\"View '$entry'\" border=0></a>";
                }

                if ($cfg["enable_maketorrent"])
                {
                    echo "<a href=\"JavaScript:MakeTorrent('maketorrent.php?path=".urlencode($dir.$entry)."')\"><img src=\"images/make.gif\" width=16 height=16 title=\"Make Torrent\" border=0></a>";
                }
                
                if ($cfg["enable_file_download"])
                {
                    // Show the download button
                    echo "<a href=\"dir.php?down=".urlencode($dir.$entry)."\" >";
                    echo "<img src=\"images/download_owner.gif\" width=16 height=16 title=\"Download\" border=0>";
                    echo "</a>";
                }

                // The following lines of code were suggested by Jody Steele jmlsteele@stfu.ca
                // this is so only the owner of the file(s) or admin can delete
                // only give admins and users who "own" this directory
                // the ability to delete files
                if(IsAdmin($cfg["user"]) || preg_match("/^" . $cfg["user"] . "/",$dir))
                {
                    echo "<a href=\"dir.php?del=".urlencode($dir.$entry)."\" onclick=\"return ConfirmDelete('".addslashes($entry)."')\"><img src=\"images/delete_on.gif\" width=16 height=16 title=\""._DELETE."\" border=0></a>";
                }
                else
                {
                    echo "&nbsp;";
                }
                echo "</td></tr>\n";

                if ($bg == $bgLight)
                {
                    $bg = $bgDark;
                }
                else
                {
                    $bg = $bgLight;
                }
            }
        }
    }
    closedir($handle);
    echo "</table>";
}

// ***************************************************************************
// ***************************************************************************
// Checks for the location of the users directory
// If it does not exist, then it creates it.
function checkUserPath()
{
    global $cfg;
    // is there a user dir?
    if (!is_dir($cfg["path"].$cfg["user"]))
    {
        //Then create it
        mkdir($cfg["path"].$cfg["user"], 0777);
    }
}


// This function returns the extension of a given file.
// Where the extension is the part after the last dot.
// When no dot is found the noExtensionFile string is
// returned. This should point to a 'unknown-type' image
// time by default. This string is also returned when the
// file starts with an dot.
function getExtension($fileName)
{
    $noExtensionFile="unknown"; // The return when no extension is found

    //Prepare the loop to find an extension
    $length = -1*(strlen($fileName)); // The maximum negative value for $i
    $i=-1; //The counter which counts back to $length

    //Find the last dot in an string
    while (substr($fileName,$i,1) != "." && $i > $length) {$i -= 1; }

    //Get the extension (with dot)
    $ext = substr($fileName,$i);

    //Decide what to return.
    if (substr($ext,0,1)==".") {$ext = substr($ext,((-1 * strlen($ext))+1)); } else {$ext = $noExtensionFile;}

    //Return the extension
    return strtolower($ext);
}

?>