| [ Index ] |
|
Code source de CMS made simple 1.0.5 |
1 <?php 2 #CMS - CMS Made Simple 3 #(c)2004 by Ted Kulp (wishy@users.sf.net) 4 #This project's homepage is: http://cmsmadesimple.sf.net 5 # 6 #This program is free software; you can redistribute it and/or modify 7 #it under the terms of the GNU General Public License as published by 8 #the Free Software Foundation; either version 2 of the License, or 9 #(at your option) any later version. 10 # 11 #This program is distributed in the hope that it will be useful, 12 #but WITHOUT ANY WARRANTY; without even the implied warranty of 13 #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 #GNU General Public License for more details. 15 #You should have received a copy of the GNU General Public License 16 #along with this program; if not, write to the Free Software 17 #Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 18 # 19 #$Id: files.php 3202 2006-07-29 08:26:22Z silmarillion $ 20 21 $CMS_ADMIN_PAGE=1; 22 23 // in filetypes.inc.php filetypes are defined 24 require_once(dirname(dirname(__FILE__))."/lib/filemanager/filetypes.inc.php"); 25 require_once(dirname(dirname(__FILE__))."/lib/file.functions.php"); 26 require_once ("../include.php"); 27 28 check_login(); 29 30 function deldir($dir) 31 { 32 $handle = opendir($dir); 33 while (false!==($FolderOrFile = readdir($handle))) 34 { 35 if($FolderOrFile != "." && $FolderOrFile != "..") 36 { 37 if(@is_dir("$dir/$FolderOrFile")) 38 { 39 deldir("$dir/$FolderOrFile"); 40 } // recursive 41 else 42 { 43 unlink("$dir/$FolderOrFile"); 44 } 45 } 46 } 47 closedir($handle); 48 if(rmdir($dir)) 49 { 50 $success = true; 51 } 52 return $success; 53 } 54 55 56 $errors = ""; 57 58 $dir = $config["uploads_path"]; 59 $url = $config["uploads_url"]; 60 61 $reldir = ""; 62 if (isset($_POST['reldir'])) $reldir = $_POST['reldir']; 63 else if (isset($_GET['reldir'])) $reldir = $_GET['reldir']; 64 65 # Check for path errors. It's a bit of a hack. 66 $reldir = urldecode($reldir); 67 $reldir = str_replace("..", "", $reldir); 68 $reldir = str_replace("\\", "/", $reldir); 69 $reldir = str_replace("//", "/", $reldir); 70 $reldir = ereg_replace("/^", "", $reldir); 71 72 if ($reldir != "") 73 { 74 $CMS_ADMIN_SUBTITLE = $reldir; 75 } 76 77 if (strpos($reldir, '..') === false && strpos($reldir, '\\') === false) 78 { 79 $dir .= $reldir; 80 } 81 82 $userid = get_userid(); 83 $access = check_permission($userid, 'Modify Files'); 84 85 $username = $gCms->variables["username"]; 86 87 #Did we upload a file? 88 if (isset($_FILES) && isset($_FILES['uploadfile']) && isset($_FILES['uploadfile']['name']) && $_FILES['uploadfile']['name'] != "") 89 { 90 if ($access) 91 { 92 if (!@move_uploaded_file($_FILES['uploadfile']['tmp_name'], $dir."/".$_FILES['uploadfile']['name'])) 93 { 94 $errors .= "<li>".lang('filenotuploaded')."</li>"; 95 } 96 else 97 { 98 chmod($dir."/".$_FILES['uploadfile']['name'], octdec('0'.$config['default_upload_permission'])); 99 audit(-1, $_FILES['uploadfile']['name'], 'Uploaded File'); 100 } 101 } 102 else 103 { 104 $errors .= "<li>".lang('needpermissionto', array('Modify Files'))."</li>"; 105 } 106 } 107 108 #Did we create a new dir? 109 if (isset($_POST['newdirsubmit'])) 110 { 111 if ($access) 112 { 113 #Make sure it isn't an empty dir name 114 if ($_POST['newdir'] == "") 115 { 116 $errors .= "<li>".lang('filecreatedirnoname')."</li>"; 117 } 118 else if (ereg('\.\.',$_POST['newdir'])) 119 { 120 $errors .= "<li>".lang('filecreatedirnodoubledot')."</li>"; 121 } 122 else if (ereg('/', $_POST['newdir']) || strpos($_POST['newdir'], '\\') !== false) 123 { 124 $errors .= "<li>".lang('filecreatedirnoslash')."</li>"; 125 } 126 else if (file_exists($dir."/".$_POST['newdir'])) 127 { 128 $errors .= "<li>".lang('directoryexists')."</li>"; 129 } 130 else 131 { 132 mkdir($dir."/".$_POST['newdir'], 0777); 133 audit(-1, $_POST['newdir'], 'Created Directory'); 134 } 135 } 136 else 137 { 138 $errors .= "<li>".lang('needpermissionto', array('Modify Files'))."</li>"; 139 } 140 } 141 142 if (isset($_GET['action']) && $_GET['action'] == "deletefile") 143 { 144 if ($access) 145 { 146 if (is_file($dir . "/" . $_GET['file'])) 147 { 148 if (!(unlink($dir . "/" . $_GET['file']))) 149 { 150 $errors .= "<li>".lang('errordeletingfile')."</li>"; 151 } 152 else 153 { 154 audit(-1, $reldir . "/" . $_GET['file'], 'Deleted File'); 155 } 156 } 157 else 158 { 159 $errors .= "<li>".lang('norealfile')."</li>"; 160 } 161 } 162 else 163 { 164 $errors .= "<li>".lang('needpermissionto', array('Modify Files'))."</li>"; 165 } 166 } 167 else if (isset($_GET['action']) && $_GET['action'] == "deletedir") 168 { 169 if ($access) 170 { 171 if (@is_dir($dir . "/" . $_GET['file'])) 172 { 173 if (!(deldir($dir . "/" . $_GET['file']))) 174 { 175 $errors .= "<li>".lang('errordeletingdirectory')."</li>"; 176 } 177 else 178 { 179 audit(-1, $reldir . "/" . $_GET['file'], 'Deleted Directory'); 180 } 181 } 182 else 183 { 184 $errors .= "<li>".lang('norealdirectory')."</li>"; 185 } 186 } 187 else 188 { 189 $errors .= "<li>".lang('needpermissionto', array('Modify Files'))."</li>"; 190 } 191 } 192 193 include_once ("header.php"); 194 195 $row = "row1"; 196 197 $dirtext = ""; 198 $filetext = ""; 199 $file = ""; 200 201 if ($errors != "") 202 { 203 echo "<div class=\"pageerrorcontainer\"><ul class=\"error\">".$errors."</ul></div>"; 204 } 205 206 echo '<div class="pagecontainer">'; 207 echo $themeObject->ShowHeader('filemanagement'); 208 echo '<p class="pagesubtitle">'.lang('currentdirectory').': '.($reldir==""?"/":$reldir)."</p>"; 209 echo '<table cellspacing="0" class="pagetable">'."\n"; 210 echo '<thead>'; 211 echo "<tr>\n"; 212 echo '<th class="pagew30"> </th>'; 213 echo '<th>'.lang('filename').'</th>'; 214 echo '<th class="pagew10">'.lang('filesize').'</th>'; 215 echo '<th class="pageicon"> </th>'; 216 echo '</tr>'; 217 echo '</thead>'; 218 echo '<tbody>'; 219 220 if ($reldir != '') 221 { 222 $newdir = dirname($reldir.'/'.$file); 223 if ($newdir == "/" || $newdir == '\\') 224 { 225 $newdir = ''; 226 } 227 else 228 { 229 $newdir = '?reldir='.urlencode($newdir); 230 } 231 $dirtext .= "<tr class=\"$row\" onmouseover=\"this.className='".$row.'hover'."';\" onmouseout=\"this.className='".$row."';\">"; 232 $dirtext .= "<td>"; 233 $dirtext .= $themeObject->DisplayImage('icons/filetypes/upfolder.gif', lang('directoryabove')); 234 $dirtext .= "</td>"; 235 $dirtext .= '<td><a href="files.php'.$newdir.'">..</a></td>'; 236 $dirtext .= "<td> </td>"; 237 if ($access) 238 $dirtext .= "<td> </td>"; 239 $dirtext .= "</tr>"; 240 $row = "row2"; 241 } 242 243 #First do dirs 244 $dirs = array(); 245 $handle = opendir($dir); 246 while (false!==($file = readdir($handle))) $dirs[]=$file; 247 closedir($handle); 248 sort($dirs); 249 foreach ($dirs as $file) 250 { 251 if (strpos($file, ".") === false || strpos($file, ".") != 0) 252 { 253 if (@is_dir("$dir/$file")) 254 { 255 $tmp=urlencode($reldir."/".$file); 256 $dirtext .= "<tr class=\"$row\" onmouseover=\"this.className='".$row.'hover'."';\" onmouseout=\"this.className='".$row."';\">"; 257 $dirtext .= "<td>"; 258 $dirtext .= $themeObject->DisplayImage('icons/filetypes/folder.gif', lang('directoryabove')); 259 $dirtext .= "</td>"; 260 $dirtext .= '<td><a href="files.php?reldir='.$tmp.'">'.$file.'</a></td>'; 261 $dirtext .= "<td> </td>"; 262 if ($access) 263 { 264 $dirtext .= "<td class=\"pagepos\"><a href=\"files.php?action=deletedir&reldir=".$reldir."&file=".$file."\" onclick=\"return confirm('".lang('confirmdeletedir')."');\">"; 265 $dirtext .= $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'),'','','systemicon'); 266 $dirtext .= "</a></td>"; 267 } 268 $dirtext .= "</tr>"; 269 ($row=="row1"?$row="row2":$row="row1"); 270 } 271 } 272 } 273 echo $dirtext; 274 275 #Now do files 276 $ls = dir($dir); 277 $files = array(); 278 while (($file = $ls->read()) != "") 279 { 280 $files[] = $file; 281 } 282 sort($files); 283 foreach ($files as $file) 284 { 285 if (display_file($file)==true){ 286 if (strpos($file, ".") === false || strpos($file, ".") != 0) 287 { 288 if (is_file("$dir/$file")) 289 { 290 $extension = get_file_extention($file); 291 // set template vars 292 $template_vars['file'] = $file; 293 $template_vars['dir_file'] = $reldir."/".$file; 294 $template_vars['url_dir_file'] = $url.$reldir."/".$file; 295 296 // parse little template 297 $file_links = parse_template($filetype[$extension]['link']['view'], $template_vars,0); 298 // $file_links = $filetype[$extension]['link']['view']; 299 300 $image_icon = $themeObject->DisplayImage("icons/filetypes/".$filetype[$extension]['img'].".gif", $filetype[$extension]['desc']); 301 //$image_icon = "<img src=\"../images/cms/icons/filetypes/".$filetype[$extension]['img'].".gif\" alt=\"".$filetype[$extension]['desc']."\" title=\"".$filetype[$extension]['desc']."\" border=\"0\" />"; 302 303 $filetext .= "<tr class=\"$row\" onmouseover=\"this.className='".$row.'hover'."';\" onmouseout=\"this.className='".$row."';\">"; 304 $filetext .= "<td>{$image_icon}</td>"; 305 $filetext .= '<td><a href="'.$file_links.'" rel="external">'.$file.'</a></td>'; 306 $filesize = filesize("$dir/$file"); 307 if ($filesize >(1024*1024)) {$sizestr = number_format($filesize/(1024*1024))." MB";} else { 308 if ($filesize >(1024)) {$sizestr = number_format($filesize/1024)." KB";} else { 309 $sizestr = number_format($filesize)." B"; 310 } 311 } 312 $filetext .= "<td>".$sizestr."</td>"; 313 if ($access) 314 { 315 $filetext .= "<td><a href=\"files.php?action=deletefile&reldir=".$reldir."&file=".$file."\" onclick=\"return confirm('".lang('deleteconfirm')."');\">"; 316 $filetext .= $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'),'','','systemicon'); 317 $filetext .= "</a></td>"; 318 } 319 $filetext .= "</tr>"; 320 ($row=="row1"?$row="row2":$row="row1"); 321 } 322 } 323 } 324 } 325 echo $filetext; 326 327 if ($filetext == "" && $dirtext == "") 328 { 329 echo "<tr class=\"row1\"><td colspan=\"4\" align=\"center\">".lang('nofiles')."</td></tr>"; 330 } 331 332 echo '</tbody>'; 333 echo "</table>"; 334 335 if ($access) 336 { 337 338 ?> 339 340 <form enctype="multipart/form-data" action="files.php" method="post"> 341 <div class="pageoverflow"> 342 <p class="pagetext"><?php echo lang('uploadfile')?>:</p> 343 <p class="pageinput"> 344 <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $config["max_upload_size"]?>" /> 345 <input type="hidden" name="reldir" value="<?php echo $reldir?>" /> 346 <input name="uploadfile" type="file" /> <input class="pagebutton" onmouseover="this.className='pagebuttonhover'" onmouseout="this.className='pagebutton'" type="submit" value="<?php echo lang('send')?>" /> 347 </p> 348 </div> 349 <div class="pageoverflow"> 350 <p class="pagetext"><?php echo lang('createnewfolder')?>:</p> 351 <p class="pageinput"><input type="text" name="newdir" /> <input class="pagebutton" onmouseover="this.className='pagebuttonhover'" onmouseout="this.className='pagebutton'" type="submit" name="newdirsubmit" value="<?php echo lang('create')?>" /></p> 352 </div> 353 </form> 354 355 </div> 356 357 <?php 358 } 359 echo '<p class="pageback"><a class="pageback" href="'.$themeObject->BackUrl().'">« '.lang('back').'</a></p>'; 360 include_once ("footer.php"); 361 362 # vim:ts=4 sw=4 noet 363 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Tue Apr 3 18:50:37 2007 | par Balluche grâce à PHPXref 0.7 |