*
* Last Modified: 15th July 2003
*
*/
error_reporting(0);
if (!(include("./modules/header.lib.php")))
{
die("There was an error loading the header module
");
}
// Get the dynamic data blocks from the template
$blocks = get_blocks(array("msg", "up", "columns", "folders", "files", "total_size"), $script_dir . "/settings/templates/index.tpl");
// Get the $op variable
$op = param("op", "GET");
if (empty($op))
{
$op = param("op", "POST");
}
// Get the $dir variable
$dir = param("dir", "GET");
if (empty($dir))
{
$dir = param("dir", "POST");
}
if (eregi("win", PHP_OS) == TRUE)
{
// Check for / in the URL even though the system is Windows (i.e. the user is using Opera)
$dir = str_replace("/", "\\", $dir);
}
$dir = cleanpath($dir);
// If $op has a value the user is performing a task
if (isset($op))
{
switch ($op)
{
case "upload":
// Set some values
$new = cleanpath(param("remote", "POST"));
$old = param("local", "FILES");
// Get the full path
$full = $dir != "" ? $params["root"] . $dir . $slash . $new : $params["root"] . $new;
if (ereg("[\\\/:*?\"<>|]", $new) == TRUE)
{
$msg = $javascript["invalid"] . " \\\/:*?\"<>|";
}
else if ($params["upload"] != 1)
{
// The user doesn't have permission to upload a file
$msg = $operate["no_per_upload"];
}
else if ($old["error"] > 0)
{
if ($old["error"] == 1 || $old["error"] == 2)
{
// The file is too large
$msg = $upload["too_large"];
}
else if ($old["error"] == 3)
{
// The file wasn't completed
$msg = $upload["part_upload"];
}
else if ($old["error"] == 4 || $old["error"] == 5)
{
// No file was selected
$msg = $javascript["no_upload"];
}
else
{
// File can not be copied, show message
$msg = $operate["err_upload"];
}
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
}
else if ($new == "")
{
// The user didn't enter a new file name
$msg = $javascript["no_name"];
}
else if (file_exists($full) && $params["overwrite"] != 1)
{
// The file exists but the user doesn't have overwrite permissions
$msg = $operate["no_per_over"];
}
else if ($old["size"] + dirsize($params["root"]) > $params["space"])
{
// The user doesn't have enough space to upload
$msg = $operate["no_space"];
}
else if (move_uploaded_file($old["tmp_name"], $full) == FALSE)
{
// File can not be copied, show message
$msg = $operate["err_upload"];
}
else
{
chmod ($full, octdec((int) $new_chmod));
// File has been uploaded
$msg = $operate["uploaded"];
}
break;
case "multi_upload":
// Get the files
$files = param("userfile", "FILES");
$total = 0;
if ($params["upload"] != 1)
{
// The user doesn't have permission to upload a file
$msg = $operate["no_per_upload"];
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
}
else
{
$msg = $uploads["results"];
for ($i=0; $i<$upload_limit; $i++)
{
// Get the full path
$full = $dir != "" ? $params["root"] . $dir . $slash . $files["name"][$i] : $params["root"] . $files["name"][$i];
if (file_exists($full) && $params["overwrite"] != 1)
{
// The file exists but the user doesn't have overwrite permissions
$msg .= "" . $files["name"][$i] . "" . " - " . $uploads["exists"] . "
";
}
else if ($files["size"][$i] + dirsize($params["root"]) > $params["space"])
{
// The user doesn't have enough space to upload
$msg .= "" . $files["name"][$i] . "" . " - " . $uploads["no_space"] . "
";
}
else if ($files["name"][$i] != "")
{
$total++;
if (move_uploaded_file($files["tmp_name"][$i], $full) == FALSE)
{
if ($files["error"][$i] == 1 || $files["error"][$i] == 2)
{
// The file is too large
$msg .= "" . $files["name"][$i] . "" . " - " . $upload["too_large"] . "
";
}
else if ($files["error"][$i] == 3)
{
// The file wasn't completed
$msg .= "" . $files["name"][$i] . "" . " - " . $upload["part_upload"] . "
";
}
else
{
// File can not be copied, show message
$msg .= "" . $files["name"][$i] . "" . " - " . $operate["err_upload"] . "
";
}
}
else
{
chmod ($full, octdec((int) $new_chmod));
// The file was uploaded
$msg .= "" . $files["name"][$i] . "" . " - " . $operate["uploaded"] . "
";
}
}
}
if ($total == 0)
{
// The user did not upload any files
$msg = $uploads["no_file"];
}
}
break;
case "chmod":
// Set some values
$file = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("f", "GET")) : $params["root"] . cleanpath(param("f", "GET")); // Get the full path
$chmod = param("chmod", "GET");
settype($chmod, "integer");
if ($params["CHMOD"] != 1)
{
// The user doesn't have permission to chmod the file
$msg = $operate["no_per_chmod"];
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
}
else if (file_exists($file) == FALSE)
{
// The file doesn't exist
$msg = $operate["not_exist"];
}
else if (eregi("^\.", basename($file)) == TRUE && $hide_dot == TRUE || eregi("\.fileman$", basename($file)) == TRUE && $edit_lock == 1)
{
// The user is trying to chmod a hidden file
$msg = $operate["dot_hide"];
}
else if (chmod($file, octdec($chmod)) == FALSE)
{
// There was an unknown error
$msg = $operate["err_chmod"];
}
else
{
// CHMOD worked
$msg = $operate["chmoded"];
}
break;
case "htedit":
$htpass = param($cookie_temp, "COOKIE");
$htuser = param("htuser", "GET");
$full = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("f", "GET")) : $params["root"] . cleanpath(param("f", "GET")); // Get the full path
if ($params["htpasswd"] != 1)
{
// The user doesn't have permission to password protect a directory
$msg = $operate["no_per_htpass"];
}
else if ($htuser == "")
{
$msg = $javascript["ht_user"];
}
else if (eregi("^\.", basename($full)) == TRUE && $hide_dot == TRUE || eregi("\.fileman$", basename($file)) == TRUE && $edit_lock == 1)
{
// The user is trying to lock a hidden folder
$msg = $operate["dot_hide"];
}
else if (is_file($full) == TRUE)
{
// The user is trying to lock a file?
$msg = $operate["not_dir"];
}
else
{
// Edit the users password
$users = file($full . $slash . ".htpasswd");
$new_users = "";
foreach ($users as $line)
{
$exploded = explode(":", $line);
if ($exploded[0] != $htuser)
{
$new_users .= trim($line) . "\r\n";
}
else
{
// Update the .htpasswd file
if (eregi("win", PHP_OS) == TRUE)
{
// Windows uses Plaintext passwords
$new_users .= trim($exploded[0]) . ":" . $htpass . "\r\n";
}
else
{
$new_users .= trim($exploded[0]) . ":" . crypt($htpass, CRYPT_STD_DES) . "\r\n";
}
}
}
if(($fp = fopen($full . $slash . ".htpasswd", "w")) == FALSE)
{
$msg = $operate["save_err"];
}
else
{
$new_users = clean_crlf($new_users);
// Edit the .htpasswd file
fwrite($fp, $new_users);
fclose($fp);
$msg = $operate["ht_edit"];
}
}
setcookie($cookie_temp); // Delete the cookie
break;
case "htdel":
$htuser = param("htuser", "GET");
$full = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("f", "GET")) : $params["root"] . cleanpath(param("f", "GET")); // Get the full path
if ($params["htpasswd"] != 1)
{
// The user doesn't have permission to password protect a directory
$msg = $operate["no_per_htpass"];
}
else if ($htuser == "")
{
$msg = $javascript["ht_user"];
}
else if (eregi("^\.", basename($full)) == TRUE && $hide_dot == TRUE || eregi("\.fileman$", basename($file)) == TRUE && $edit_lock == 1)
{
// The user is trying to lock a hidden folder
$msg = $operate["dot_hide"];
}
else if (is_file($full) == TRUE)
{
// The user is trying to lock a file?
$msg = $operate["not_dir"];
}
else
{
// Remove the user
$users = file($full . $slash . ".htpasswd");
$new_users = "";
foreach ($users as $line)
{
$exploded = explode(":", $line);
if ($exploded[0] != $htuser)
{
$new_users .= trim($line) . "\r\n";
}
}
if (trim($new_users) == "")
{
// The last user has been deleted so remove the files
if(unlink($full . $slash . ".htpasswd") == FALSE || unlink($full . $slash . ".htaccess") == FALSE)
{
$msg = $operate["open_err"];
}
else
{
$msg = $operate["ht_deleted"];
}
}
else
{
if(($fp = fopen($full . $slash . ".htpasswd", "w")) == FALSE)
{
$msg = $operate["save_err"];
}
else
{
$new_users = clean_crlf($new_users);
// Edit the .htpasswd file
fwrite($fp, $new_users);
fclose($fp);
$msg = $operate["ht_deleted"];
}
}
}
break;
case "htpass":
$htpass = param($cookie_temp, "COOKIE");
$htuser = param("htuser", "GET");
$full = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("f", "GET")) : $params["root"] . cleanpath(param("f", "GET")); // Get the full path
if ($params["htpasswd"] != 1)
{
// The user doesn't have permission to password protect a directory
$msg = $operate["no_per_htpass"];
}
else if ($htpass == "")
{
// The user didn't enter a password
$msg = $javascript["ht_pass"];
}
else if ($htuser == "")
{
$msg = $javascript["ht_user"];
}
else if (eregi("^\.", basename($full)) == TRUE && $hide_dot == TRUE || eregi("\.fileman$", basename($file)) == TRUE && $edit_lock == 1)
{
// The user is trying to lock a hidden folder
$msg = $operate["dot_hide"];
}
else if (is_file($full) == TRUE)
{
// The user is trying to lock a file?
$msg = $operate["not_dir"];
}
else
{
if (file_exists($full . $slash . ".htaccess") == TRUE && file_exists($full . $slash . ".htpasswd") == FALSE)
{
$msg = $operate["no_touch"];
}
else if (file_exists($full . $slash . ".htaccess") == TRUE && file_exists($full . $slash . ".htpasswd") == TRUE)
{
// Create the .htpasswd file
if (eregi("win", PHP_OS) == TRUE)
{
// Windows uses Plaintext passwords
$htpasswd = $htuser . ":" . $htpass . "\r\n";
}
else
{
$htpasswd = $htuser . ":" . crypt($htpass, CRYPT_STD_DES) . "\r\n";
}
if(($fp = fopen($full . $slash . ".htpasswd", "a")) == FALSE)
{
$msg = $operate["open_err"];
}
else
{
$htpasswd = clean_crlf($htpasswd);
// Append the .htpasswd file
fwrite($fp, $htpasswd);
fclose($fp);
$msg = $operate["ht_done"];
}
}
else
{
$realpath = $full . $slash . ".htpasswd";
$realpath = str_replace("//", "/", $realpath);
// Construct the .htaccess file
$htaccess = "AuthType Basic\r\n";
$htaccess .= "AuthName \"Protected Area\"\r\n";
$htaccess .= "AuthUserFile \"" . $realpath . "\"\r\n";
$htaccess .= "require valid-user";
// Create the .htpasswd file
if (eregi("win", PHP_OS) == TRUE)
{
// Windows uses Plaintext passwords
$htpasswd = $htuser . ":" . $htpass . "\r\n";
}
else
{
$htpasswd = $htuser . ":" . crypt($htpass, CRYPT_STD_DES) . "\r\n";
}
if(($fp_access = fopen($full . $slash . ".htaccess", "w")) == FALSE || ($fp_pass = fopen($full . $slash . ".htpasswd", "w")) == FALSE)
{
$msg = $operate["open_err"];
}
else
{
$htaccess = clean_crlf($htaccess);
$htpasswd = clean_crlf($htpasswd);
// Write the .htaccess file
fwrite($fp_access, $htaccess);
fclose($fp_access);
// Write the .htpasswd file
fwrite($fp_pass, $htpasswd);
fclose($fp_pass);
$msg = $operate["ht_done"];
}
}
setcookie($cookie_temp); // Delete the cookie
}
break;
case "rename":
// Set some values
$old = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("f", "GET")) : $params["root"] . cleanpath(param("f", "GET")); // Get the full path
$new = cleanpath(param("new", "GET"));
if (ereg("[\\\/:*?\"<>|]", $new) == TRUE)
{
$msg = $javascript["invalid"] . " \\\/:*?\"<>|";
}
else if ($params["rename"] != 1)
{
// The user doesn't have permission to rename the file
$msg = $operate["no_per_rename"];
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
}
else if (file_exists($old) == FALSE)
{
// The file doesn't exist
$msg = $operate["not_exist"];
}
else if (file_exists($params["root"] . $dir . $slash . $new) == TRUE && $params["overwrite"] != 1)
{
// The file already exists but the user cannot over write
$msg = $operate["no_per_over"];
}
else if (eregi("^\.", basename(cleanpath(param("old", "GET")))) == TRUE && $hide_dot == TRUE || eregi("\.fileman$", basename($file)) == TRUE && $edit_lock == 1)
{
// The user is trying to overwrite a hidden file
$msg = $operate["dot_hide"];
}
else
{
if (file_exists($params["root"] . $dir . $slash . $new) == TRUE && unlink($params["root"] . $dir . $slash . $new) == FALSE)
{
// There was an error
$msg = $operate["err_rename"];
}
else if (rename($old, $params["root"] . $dir . $slash . $new) == FALSE)
{
// There was an unknown error
$msg = $operate["err_rename"];
}
else
{
// The file was renamed
$msg = $operate["renamed"];
}
}
break;
case "tranf":
// Transfer a file
$old = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("f", "GET")) : $params["root"] . cleanpath(param("f", "GET")); // Get the full path to the old file
$new = cleanpath(param("new", "GET")) != "" ? $params["root"] . cleanpath(param("new", "GET")) . $slash . param("f", "GET") : $params["root"] . cleanpath(param("f", "GET")); // Get the full path to the new file
if (param("move", "GET") != 1)
{
// The user isn't trying to move the file so they are copying it
if ($params["copy"] != 1)
{
// The user doesn't have permission to copy
$msg = $operate["no_per_copy"];
}
else if (file_exists($old) == FALSE)
{
// The source path doesn't exist
$msg = $operate["no_such_source"];
}
else if (file_exists(dirname($new)) == FALSE)
{
// The target path doesn't exist
$msg = $operate["no_such_target"];
}
else if (file_exists($new) == TRUE && $params["overwrite"] != 1)
{
// The new path already exists but the user doesn't have overwrite permissions
$msg = $operate["no_per_over"];
}
else if (is_file($old) == FALSE)
{
// The user is trying to move a folder
$msg = $operate["not_file"];
}
else if ($new == $old)
{
// The new path is the same as the old
break;
}
else if ((file_exists($new) == TRUE && unlink($new) == FALSE) || copy($old, $new) == FALSE)
{
// There was a fatal error
$msg = $operate["err_copy"];
}
else
{
// The file was copied
$msg = $operate["copied"];
}
}
else
{
// The user is trying to move the file
if ($params["move"] != 1)
{
// The user isn't allowed to move files
$msg = $operate["no_per_move"];
}
else if (file_exists($old) == FALSE)
{
// The source path doesn't exist
$msg = $operate["no_such_source"];
}
else if (file_exists(dirname($new)) == FALSE)
{
// The target path doesn't exist
$msg = $operate["no_such_target"];
}
else if (file_exists($new) == TRUE && $params["overwrite"] != 1)
{
// The new path already exists but the user doesn't have overwrite permissions
$msg = $operate["no_per_over"];
}
else if ($new == $old)
{
// The new path is the same as the old
break;
}
else if ((file_exists($new) == TRUE && unlink($new) == FALSE) || rename($old, $new) == FALSE)
{
// There was a fatal error
$msg = $operate["err_move"];
}
else
{
// The file was moved
$msg = $operate["moved"];
}
}
break;
case "trand":
// Transfer a directory
$old = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("f", "GET")) . $slash : $params["root"] . cleanpath(param("f", "GET")) . $slash; // Get the full path to the old folder
$new = cleanpath(param("new", "GET")) != "" ? $params["root"] . cleanpath(param("new", "GET")) . $slash . cleanpath(param("f", "GET")) . $slash : $params["root"] . cleanpath(param("f", "GET")) . $slash; // Get the full path to the new folder
if (param("move", "GET") != 1)
{
// The user isn't trying to move the file so they are copying it
if ($params["copy"] != 1)
{
// The user doesn't have permission to copy
$msg = $operate["no_per_copy"];
}
else if (file_exists($old) == FALSE)
{
// The source path doesn't exist
$msg = $operate["no_such_source"];
}
else if (file_exists(dirname($new)) == FALSE)
{
// The target path doesn't exist
$msg = $operate["no_such_target"];
}
else if (is_file($old) == TRUE)
{
// The user is trying to move a file
$msg = $operate["not_dir"];
}
else if ($new == $old || eregi("^" . addslashes($old), $new) == TRUE)
{
// The new path is the same as the old
break;
}
else if ((file_exists($new) == TRUE && remove_dir($new) == FALSE && rmdir($new) == FALSE) || copy_dir($old, $new) == FALSE)
{
// There was a fatal error
$msg = $operate["err_copy"];
}
else
{
// The file was copied
$msg = $operate["copied"];
}
}
else
{
// The user is trying to move the file
if ($params["move"] != 1)
{
// The user isn't allowed to move files
$msg = $operate["no_per_move"];
}
else if (file_exists($old) == FALSE)
{
// The source path doesn't exist
$msg = $operate["no_such_source"];
}
else if (file_exists(dirname($new)) == FALSE)
{
// The target path doesn't exist
$msg = $operate["no_such_target"];
}
else if ($new == $old || eregi("^" . addslashes($old), $new) == TRUE)
{
// The new path is the same as the old or the user to trying to move the directory into itself
break;
}
else if ((file_exists($new) == TRUE && remove_dir($new) == FALSE && rmdir($new) == FALSE) || rename($old, $new) == FALSE)
{
// There was a fatal error
$msg = $operate["err_move"];
}
else
{
// The file was moved
$msg = $operate["moved"];
}
}
break;
case "del":
// Set come values
$file = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("f", "GET")) : $params["root"] . cleanpath(param("f", "GET")); // Get the full path
chmod($file, 0777);
if ($params["delete"] != 1)
{
// No permission to delete
$msg = $operate["no_per_delete"];
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
}
else if (file_exists($file) == FALSE)
{
// The file doesn't exist
$msg = $operate["not_exist"];
}
else if (is_dir($file) == TRUE)
{
// The file is a directory so why is the user trying to use the file function to delete it?
$msg = $operate["is_dir"];
}
else if (eregi("^\.", basename($file)) == TRUE && $hide_dot == TRUE || eregi("\.fileman$", basename($file)) == TRUE && $edit_lock == 1)
{
// The user is trying to delete a hidden file
$msg = $operate["dot_hide"];
}
else if (unlink($file) == FALSE)
{
// There was an unknown error deleting the file
$msg = $operate["err_delete"];
}
else
{
// The file was deleted
$msg = $operate["deleted"];
}
break;
case "deldir":
// Set some values
$directory = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("rmdir", "GET")) : $params["root"] . cleanpath(param("rmdir", "GET")); // Get the full path
chmod($directory, 0777);
if ($params["delete"] != 1)
{
// No permission to delete
$msg = $operate["no_per_delete"];
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
}
else if (file_exists($directory) == FALSE)
{
// The directory doesn't exist
$msg = $operate["not_exist_dir"];
}
else if (is_dir($directory) == FALSE)
{
// The directory is actually a file, so why is the user trying to use the directory function to delete it?
$msg = $operate["not_dir"];
}
else if (eregi("^\.", basename($directory)) == TRUE && $hide_dot == TRUE)
{
// The user is trying to delete a hidden directory
$msg = $operate["dot_hide"];
}
else if (remove_dir($directory) == FALSE)
{
// The directory could not be emptied
$msg = $operate["err_empty_dir"];
}
else if (rmdir($directory) == FALSE)
{
// The directory could not be deleted
$msg = $operate["err_delete_dir"];
}
else
{
// The directory was deleted
$msg = $operate["deleted_dir"];
}
break;
case "mkdir":
// Set some values
$newdir = $dir != "" ? $params["root"] . $dir . $slash . cleanpath(param("newname", "POST")) : $params["root"] . cleanpath(param("newname", "POST")); // Get the full path
if (ereg("[\\\/:*?\"<>|]", cleanpath(param("newname", "POST"))) == TRUE)
{
$msg = $javascript["invalid"] . " \\\/:*?\"<>|";
}
else if (cleanpath(param("newname", "POST")) == "")
{
// The user didn't enter a name
$msg = $javascript["dir_no_name"];
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
}
else if ($params["newfolder"] != 1)
{
// No permission to create new folders
$msg = $operate["no_per_new_dir"];
}
else if (file_exists($newdir) == TRUE)
{
// The new directory exists already but can't be overwritten
$msg = $operate["dir_exists"];
}
else if (mkdir($newdir, octdec((int) $new_chmod)) == FALSE)
{
// The directory could not be deleted
$msg = $operate["err_mkdir"];
}
else
{
// The directory was deleted
$msg = $operate["mkdir"];
}
break;
case "zip":
// We need to include the compression module
if (!(include($script_dir . "/modules/compression.lib.php")))
{
// The compression module could not be included
include_error("file compression module");
}
// Get some variables
$zipfile = trim(param("zipfile", "POST"));
$zipfolder = trim(param("zipfolder", "POST"));
if (ereg("[\\\/:*?\"<>|]", param("filename", "POST")) == TRUE)
{
$msg = $javascript["invalid_zip"] . " \\\/:*?\"<>|";
}
else if (extension_loaded("zlib") == FALSE)
{
// Check if ZLIB is loaded?
$msg = $operate["no_zlib"];
}
else if ($params["compress"] != 1)
{
// Check that the user can create zip files?
$msg = $operate["no_per_zip"];
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
}
else
{
if (param("filename", "POST") == "")
{
$msg = $javascript["no_name"];
break;
}
else if($zipfile == "" && $zipfolder == "")
{
$msg = $javascript["no_zip"];
break;
}
chdir($params["root"] . $dir);
// Create a blank zip file
$zip = new zipfile();
// Set some variables
$error = FALSE;
$zip->slash = $slash;
$zip->root = $params["root"];
$zip->cur = $dir;
$zipfiles = explode("|", $zipfile);
$zipfolders = explode("|", $zipfolder);
$final_zip = cleanpath(param("filename", "POST")) . ".zip";
// Delete the final item in each array
array_pop($zipfiles);
array_pop($zipfolders);
// Add the files
foreach ($zipfiles as $var)
{
$var = cleanpath($var);
if (file_exists($var) == FALSE)
{
$msg = $operate["not_exist"];
$error = TRUE;
}
else
{
$zip->add_file($var);
}
}
// Add the directories
foreach ($zipfolders as $var)
{
$var = cleanpath($var);
if (file_exists($var . $slash) == FALSE)
{
$msg = $operate["not_exist_dir"];
$error = TRUE;
}
else
{
$zip->add_dir($var . $slash);
}
}
if ($error == FALSE)
{
// There was no errors
// Finish up by compressing the files
if (param("action", "POST") == 2)
{
// Download the file
header("Content-type: application/octet-stream");
header("Content-disposition: attachment; filename=" . $final_zip);
echo $zip->dump_data();
}
else if (param("action", "POST") == 3)
{
// Save the file to disk
if (file_exists($final_zip) && $params["overwrite"] != 1)
{
// The file exists but the user doesn't have overwrite permissions
$msg = $operate["no_per_over"];
}
else if ($zip->create_zip($final_zip) == FALSE)
{
// The zip couldn't be created
$msg = $operate["err_zip"];
}
else if (dirsize($params["root"]) > $params["space"])
{
// The user doesn't have enough space so delete the zip file
chmod($final_zip, 0777);
unlink($final_zip);
$msg = $operate["no_space"];
}
else
{
// The zip was created
$msg = $operate["zipped"];
$newzip = $params["root_url"] . "/" . $dir . $final_zip;
}
}
else
{
// Save the file to disk
if (file_exists($final_zip) && $params["overwrite"] != 1)
{
// The file exists but the user doesn't have overwrite permissions
$msg = $operate["no_per_over"];
}
else if ($zip->create_zip($final_zip) == FALSE)
{
// The zip couldn't be created
$msg = $operate["err_zip"];
}
else if (dirsize($params["root"]) > $params["space"])
{
// The user doesn't have enough space so delete the zip file
chmod($final_zip, 0777);
unlink($final_zip);
$msg = $operate["no_space"];
}
else
{
// The zip was created
$msg = $operate["zipped"];
}
}
}
}
break;
}
}
// Start browsing the directories
if (empty($dir))
{
// The user didn't enter a directory, so assume root
$dir = $params["root"];
$next_dir = "";
}
else
{
$next_dir = $dir;
if (empty($dir))
{
// The dir is empty after cleaning
$dir = $params["root"];
$next_dir = "";
}
else if (file_exists($params["root"] . $dir . $slash . $hide) == TRUE)
{
// The admin has disabled access to this directory
$msg = $operate["no_per_view"];
$dir = $params["root"];
$next_dir = "";
}
else
{
// The dir exists and isn't hidden so use it
$dir = $params["root"] . $dir . $slash;
}
}
$info = traverse_dir($dir);
// Check to see if the message has been sent in the URL
if(empty($msg) == TRUE)
{
$msg = param("msg", "GET");
$msg = $operate[$msg];
}
// If the total is empty then there are no files
if (empty($info["folders"]) && empty($info["files"]) && $info["msg"] == "")
{
$info["msg"] = $main["no_files"];
}
else if ($msg != "")
{
$info["msg"] = $msg;
}
// Time to parse the blocks
$blocks["folders"] = parse_block("folders");
$blocks["files"] = parse_block("files");
$blocks["up"] = parse_block("up");
$blocks["columns"] = parse_block("columns");
$blocks["msg"] = parse_block("msg");
$blocks["total_size"] = parse_block("total_size");
if (isset($info["fatal"]) && $info["fatal"] == 1)
{
// Finish up by outputting the completed page and then exit
$page = array("javascript" => "", "content" => $blocks["msg"], "title" => $main["title"], "this" => $PHP_SELF, "copyright" => $copyright);
template($page, $script_dir . "/settings/templates/global.tpl");
exit();
}
// Contruct the page
$parsed = dyn_template($blocks, $script_dir . "/settings/templates/index.tpl");
$parsed = parse_dynamic($main, $parsed);
$parsed = parse_dynamic($legend, $parsed);
// Get the UNIX file info and then parse the directory info
$unix = unix($info["current"]);
$dirinfo = array(
"is_read" => is_readable($info["current"]) ? $main["yes"] : $main["no"],
"is_write" => is_writable($info["current"]) ? $main["yes"] : $main["no"],
"is_root" => $info["current"] == $params["root"] ? $main["yes"] : $main["no"],
"fold_own" => $unix["owner"],
"fold_group" => $unix["group"],
"file_count" => (string) count($info["files"]),
"folder_count" => (string) count($info["folders"]),
"notes" => $info["notes"] == "" ? $main["none"] : $info["notes"]
);
$parsed = parse_dynamic($dirinfo, $parsed);
// A quick fix so that we can save the zip file and download it, whilst still updating the file listing
if (isset($newzip))
{
$parsed .= "";
}
// Build the template drop down list
$templates[] = $temp_description[0]; // Add the new item to the top
foreach ($temp_name as $key => $var)
{
$templates[$key] = $temp_description[$key];
}
natcasesort($templates); // Sort the template list into order
$temp_list = dropdown($templates);
// Finish up by outputting the completed page
$page = array("javascript" => template($javascript, $script_dir . "/settings/templates/javascript/index.js"), "content" => $parsed, "title" => str_replace("%i", $info["this_dir"], $main["browse"]), "this" => $PHP_SELF, "next_dir" => preg_replace("/\\\([0-9]+?)/i", "/$1", $next_dir), "nav" => $info["nav"], "this_dir" => $info["this_dir"], "copyright" => $copyright, "edit" => $scripts["edit"], "template_dropdown" => $temp_list, "areas" => area_buttons(), "multi_upload" => $scripts["upload"]);
template($page, $script_dir . "/settings/templates/global.tpl");
?>