* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * /* ------------------------------------------------------------------------- */ /* Select your language: * 'en' - English * 'de' - German * 'cz' - Czech * 'it' - Italian * 'fr' - French * 'nl' - Dutch * 'se' - Swedish * 'pt-br' - Brasilian Portuguese */ $language = 'en'; /* This directory is shown when you start webadmin.php. * For example: './' would be the current directory. */ $homedir = './'; /* This sets the root directory of the treeview. * Set it to '/' to see the whole filesystem. */ $treeroot = '../'; /* When you create a directory, its permission is set to this octal value. * For example: 0705 would be 'drwx---r-x'. */ $dirpermission = 0705; /* Uncomment the following line to enable this feature (remove #): * When you create a file, its permission is set to this octal value. * For example: 0644 would be 'drwxr--r--'. */ # $newfilepermission = 0666; /* Uncomment the following line to enable this feature (remove #): * When you upload a file, its permission is set to this octal value. * For example: 0644 would be 'drwxr--r--'. */ # $uploadedfilepermission = 0666; /* The size of the file edit textarea */ $editrows = 20; $editcols = 70; /* ------------------------------------------------------------------------- */ $self = htmlentities(basename($_SERVER['PHP_SELF'])); $homedir = relpathtoabspath($homedir, getcwd()); $treeroot = relpathtoabspath($treeroot, getcwd()); $words = getwords($language); /* If PHP added any slashes, strip them */ if (ini_get('magic_quotes_gpc')) { array_walk($_GET, 'strip'); array_walk($_POST, 'strip'); array_walk($_REQUEST, 'strip'); } /* Return Images */ if (isset($_GET['imageid'])) { header('Content-Type: image/gif'); echo(getimage($_GET['imageid'])); exit; } /* Initialize session */ ini_set('session.use_cookies', FALSE); ini_set('session.use_trans_sid', FALSE); session_name('id'); session_start(); /* Initialize dirlisting output */ $error = $notice = ''; $updatetreeview = FALSE; /* Handle treeview requests */ if (isset($_REQUEST['action'])) { switch ($_REQUEST['action']) { case 'treeon': $_SESSION['tree'] = array(); $_SESSION['hassubdirs'][$treeroot] = tree_hassubdirs($treeroot); tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $treeroot); frameset(); exit; case 'treeoff': $_SESSION['tree'] = NULL; $_SESSION['hassubdirs'] = NULL; dirlisting(); exit; } } /* Set current directory */ if (!isset($_SESSION['dir'])) { $_SESSION['dir'] = $homedir; $updatetreeview = TRUE; } if (!empty($_REQUEST['dir'])) { $newdir = relpathtoabspath($_REQUEST['dir'], $_SESSION['dir']); /* If the requested directory is a file, show the file */ if (@is_file($newdir) && @is_readable($newdir)) { /* if (@is_writable($newdir)) { $_REQUEST['edit'] = $newdir; } else */ if (is_script($newdir)) { $_GET['showh'] = $newdir; } else { $_GET['show'] = $newdir; } } elseif ($_SESSION['dir'] != $newdir) { $_SESSION['dir'] = $newdir; $updatetreeview = TRUE; } } /* Show a file */ if (!empty($_GET['show'])) { $show = relpathtoabspath($_GET['show'], $_SESSION['dir']); if (!show($show)) { $error= buildphrase('"' . htmlentities($show) . '"', $words['cantbeshown']); } else { exit; } } /* Show a file syntax highlighted */ if (!empty($_GET['showh'])) { $showh = relpathtoabspath($_GET['showh'], $_SESSION['dir']); if (!show_highlight($showh)) { $error = buildphrase('"' . htmlentities($showh) . '"', $words['cantbeshown']); } else { exit; } } /* Upload file */ if (isset($_FILES['upload'])) { $file = relpathtoabspath($_FILES['upload']['name'], $_SESSION['dir']); if (@is_writable($_SESSION['dir']) && @move_uploaded_file($_FILES['upload']['tmp_name'], $file) && (!isset($uploadedfilepermission) || chmod($file, $uploadedfilepermission))) { $notice = buildphrase(array('"' . htmlentities(basename($file)) . '"', '"' . htmlentities($_SESSION['dir']) . '"'), $words['uploaded']); } else { $error = buildphrase(array('"' . htmlentities(basename($file)) . '"', '"' . htmlentities($_SESSION['dir']) . '"'), $words['notuploaded']); } } /* Create file */ if (!empty($_GET['create']) && $_GET['type'] == 'file') { $file = relpathtoabspath($_GET['create'], $_SESSION['dir']); if (substr($file, strlen($file) - 1, 1) == '/') $file = substr($file, 0, strlen($file) - 1); if (is_free($file) && touch($file) && ((!isset($newfilepermission)) || chmod($file, $newfilepermission))) { $notice = buildphrase('"' . htmlentities($file) . '"', $words['created']); $_REQUEST['edit'] = $file; } else { $error = buildphrase('"' . htmlentities($file) . '"', $words['notcreated']); } } /* Create directory */ if (!empty($_GET['create']) && $_GET['type'] == 'dir') { $file = relpathtoabspath($_GET['create'], $_SESSION['dir']); if (is_free($file) && @mkdir($file, $dirpermission)) { $notice = buildphrase('"' . htmlentities($file) . '"', $words['created']); $updatetreeview = TRUE; if (!empty($_SESSION['tree'])) { $file = spath(dirname($file)); $_SESSION['hassubdirs'][$file] = TRUE; tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $file); } } else { $error = buildphrase('"' . htmlentities($file) . '"', $words['notcreated']); } } /* Ask symlink target */ if (!empty($_GET['symlinktarget']) && empty($_GET['symlink'])) { $symlinktarget = relpathtoabspath($_GET['symlinktarget'], $_SESSION['dir']); html_header($words['createsymlink']); ?>

 
' . htmlentities($symlink) . '"', '"' . htmlentities($target) . '"'), $words['samefiles']); } else { if (@$_GET['relative'] == 'yes') { $target = abspathtorelpath(dirname($symlink), $target); } else { $target = $_GET['symlinktarget']; } if (is_free($symlink) && @symlink($target, $symlink)) { $notice = buildphrase('"' . htmlentities($symlink) . '"', $words['created']); } else { $error = buildphrase('"' . htmlentities($symlink) . '"', $words['notcreated']); } } } /* Delete file */ if (!empty($_GET['delete'])) { $delete = relpathtoabspath($_GET['delete'], $_SESSION['dir']); if (@$_GET['sure'] == 'TRUE') { if (remove($delete)) { $notice = buildphrase('"' . htmlentities($delete) . '"', $words['deleted']); } else { $error = buildphrase('"' . htmlentities($delete) . '"', $words['notdeleted']); } } else { html_header($words['delete']); ?>

' . htmlentities($delete) . '"', $words['suredelete'])); ?>
">[ ]

' . htmlentities($permission) . '"', '"' . substr(octtostr("0$p"), 1) . '" (' . decoct($p) . ')'), $words['permsset']); } else { $error = buildphrase('"' . htmlentities($permission) . '"', $words['permsnotset']); } } else { html_header($words['permission']); ?>
:
 
: > > >
: > > >
: > > >
 
' . htmlentities($permission) . '"', $words['permsnotset']); } } /* Move file */ if (!empty($_GET['move'])) { $move = relpathtoabspath($_GET['move'], $_SESSION['dir']); if (!empty($_GET['destination'])) { $destination = relpathtoabspath($_GET['destination'], dirname($move)); if (@is_dir($destination)) $destination = spath($destination) . basename($move); if ($move == $destination) { $error = buildphrase(array('"' . htmlentities($move) . '"', '"' . htmlentities($destination) . '"'), $words['samefiles']); } else { if (is_free($destination) && @rename($move, $destination)) { $notice = buildphrase(array('"' . htmlentities($move) . '"', '"' . htmlentities($destination) . '"'), $words['moved']); } else { $error = buildphrase(array('"' . htmlentities($move) . '"', '"' . htmlentities($destination) . '"'), $words['notmoved']); } } } else { html_header($words['move']); ?>
 
' . htmlentities($copy) . '"', '"' . htmlentities($destination) . '"'), $words['samefiles']); } else { if (is_free($destination) && @copy($copy, $destination)) { $notice = buildphrase(array('"' . htmlentities($copy) . '"', '"' . htmlentities($destination) . '"'), $words['copied']); } else { $error = buildphrase(array('"' . htmlentities($copy) . '"', '"' . htmlentities($destination) . '"'), $words['notcopied']); } } } else { html_header($words['copy']); ?>
 
' . htmlentities($edit) . '"', $words['saved']); } else { $error = buildphrase('"' . htmlentities($edit) . '"', $words['notsaved']); } } /* Edit file */ if (isset($_REQUEST['edit']) && !isset($_POST['save'])) { $file = relpathtoabspath($_REQUEST['edit'], $_SESSION['dir']); if (@is_dir($file)) { /* If the requested file is a directory, show the directory */ $_SESSION['dir'] = $file; $updatetreeview = TRUE; } else { if ($f = @fopen($file, 'r')) { html_header($words['edit']); ?>
 
   
' . htmlentities($file) . '" ', $words['notopened']); } } } /* Show directory listing (and treeview) */ if (!empty($_SESSION['tree'])) { if (isset($_REQUEST['frame']) && $_REQUEST['frame'] == 'treeview') { treeview(); } else { if (isset($_GET['noupdate'])) $updatetreeview = FALSE; dirlisting(TRUE); } } else { dirlisting(); } /* ------------------------------------------------------------------------- */ function strip (&$str) { $str = stripslashes($str); } function relpathtoabspath ($file, $dir) { $dir = spath($dir); if (substr($file, 0, 1) != '/') $file = $dir . $file; if (!@is_link($file) && ($r = realpath($file)) != FALSE) $file = $r; if (@is_dir($file) && !@is_link($file)) $file = spath($file); return $file; } function abspathtorelpath ($pos, $target) { $pos = spath($pos); $path = ''; while ($pos != $target) { if ($pos == substr($target, 0, strlen($pos))) { $path .= substr($target, strlen($pos)); break; } else { $path .= '../'; $pos = strrev(strstr(strrev(substr($pos, 0, strlen($pos) - 1)), '/')); } } return $path; } function is_script ($file) { return ereg('.php[3-4]?$', $file); } function spath ($path) { if (substr($path, strlen($path) - 1, 1) != '/') $path .= '/'; return $path; } function textfieldsize ($str) { $size = strlen($str) + 5; if ($size < 30) $size = 30; return $size; } function is_free ($file) { global $words; if (@file_exists($file) && empty($_GET['overwrite'])) { html_header($words['alreadyexists']); ?>

' . htmlentities($file) . '"', $words['overwrite'])); ?>
">[ ]

Treeview >
<?php echo($self); ?> " name="treeview"> " name="webadmin"> $numcols) $numcols = $col; if (isset($tree[$path])) { for ($i = 0; $i < sizeof($tree[$path]); $i++) { $numcols = tree_calculatenumcols($tree, $path . $tree[$path][$i], $col + 1); } } return $numcols; } function tree_showtree ($tree, $hassubdirs, $path, $col, $numcols) { global $self, $treeroot; static $islast = array(0 => TRUE); echo(" \n"); for ($i = 0; $i < $col; $i++) { if ($islast[$i]) $iid = 0; else $iid = 3; echo(" \n"); } if ($hassubdirs[$path]) { if (!empty($tree[$path])) { $action = 'minus'; $iid = 8; } else { $action = 'plus'; $iid = 7; } if ($col == 0) $iid -= 3; else if ($islast[$col]) $iid += 3; echo(" '); echo(""); echo("\n"); } else { if ($islast[$col]) $iid = 9; else $iid = 6; echo(" \n"); } if (@is_readable($path)) { $a1 = "'; $a2 = ''; } else { $a1 = $a2 = ''; } if ($_SESSION['dir'] == $path) $iid = 2; else $iid = 1; echo(" $a1$a2\n"); $cspan = $numcols - $col + 1; if ($cspan > 1) $colspan = " colspan=\"$cspan\""; else $colspan = ''; if ($col == $numcols) $width = ' width="100%"'; else $width = ''; echo("  "); if ($path == $treeroot) $label = $path; else $label = basename($path); echo($a1 . htmlentities($label) . $a2); echo("\n"); echo(" \n"); if (!empty($tree[$path])) { for ($i = 0; $i < sizeof($tree[$path]); $i++) { if (($i + 1) == sizeof($tree[$path])) $islast[$col + 1] = TRUE; else $islast[$col + 1] = FALSE; tree_showtree($tree, $hassubdirs, $path . $tree[$path][$i], $col + 1, $numcols); } } return; } function tree_plus (&$tree, &$hassubdirs, $p) { if ($path = spath(realpath($p))) { $tree[$path] = tree_getsubdirs($path); for ($i = 0; $i < sizeof($tree[$path]); $i++) { $subdir = $path . $tree[$path][$i]; if (empty($hassubdirs[$subdir])) $hassubdirs[$subdir] = tree_hassubdirs($subdir); } } return; } function tree_minus (&$tree, &$hassubdirs, $p) { $dirchanged = FALSE; if ($path = spath(realpath($p))) { if (!empty($tree[$path])) { for ($i = 0; $i < sizeof($tree[$path]); $i++) { $subdir = $path . $tree[$path][$i] . '/'; if (isset($hassubdirs[$subdir])) $hassubdirs[$subdir] = NULL; } $tree[$path] = NULL; if (substr($_SESSION['dir'], 0, strlen($path)) == $path) { $_SESSION['dir'] = $path; $dirchanged = TRUE; } } } return $dirchanged; } function tree_getsubdirs ($path) { $subdirs = array(); if ($p = @opendir($path)) { for ($i = 0; ($filename = readdir($p)) !== FALSE;) { if (tree_isrealdir($path . $filename)) $subdirs[$i++] = $filename . '/'; } } sort($subdirs); return $subdirs; } function show ($file) { global $words; if (@is_readable($file) && @is_file($file)) { header('Content-Disposition: filename=' . basename($file)); header('Content-Type: ' . getmimetype($file)); if (@readfile($file) !== FALSE) return TRUE; } return FALSE; } function show_highlight ($file) { global $words; if (@is_readable($file) && @is_file($file)) { header('Content-Disposition: filename=' . basename($file)); echo("\n"); echo(buildphrase(array('"' . htmlentities(basename($file)) . '"'), $words['sourceof'])); echo("\n\n\n\n\n\n\n
\n\n"); $size = sizeof(file($file)); for ($i = 1; $i <= $size; $i++) printf("%05d
\n", $i); echo("
\n
\n"); $shown = @highlight_file($file); echo("\n"); echo("
\n"); echo("\n"); echo(""); if ($shown) return TRUE; } return FALSE; } function getmimetype ($file) { /* $mime = 'application/octet-stream'; */ $mime = 'text/plain'; $ext = substr($file, strrpos($file, '.') + 1); if (@is_readable('/etc/mime.types')) { $f = fopen('/etc/mime.types', 'r'); while (!feof($f)) { $line = fgets($f, 4096); $found = FALSE; $mim = strtok($line," \n\t"); $ex = strtok(" \n\t"); while ($ex && !$found) { if (strtolower($ex) == strtolower($ext)) { $found = TRUE; $mime = $mim; break; } $ex = strtok(" \n\t"); } if ($found) break; } fclose($f); } return $mime; } function dirlisting ($inaframe = FALSE) { global $self, $homedir, $words; global $error, $notice; $p = '&' . SID; html_header($_SESSION['dir']); ?>
" . $words['dir']); ?>:   
   
   
' . htmlentities($_SESSION['dir']) . '"', $words['readingerror'])); } if ($inaframe) { pnotice("' . $words['treeoff'] . ''); } else { pnotice("' . $words['treeon'] . ''); } html_footer(FALSE); return; } function dirtoarray ($dir) { if ($dirstream = @opendir($dir)) { for ($n = 0; ($filename = readdir($dirstream)) !== FALSE; $n++) { $stat = @lstat($dir . $filename); $files[$n]['filename'] = $filename; $files[$n]['fullfilename'] = $fullfilename = relpathtoabspath($filename, $dir); $files[$n]['is_file'] = @is_file($fullfilename); $files[$n]['is_dir'] = @is_dir($fullfilename); $files[$n]['is_link'] = $islink = @is_link($dir . $filename); if ($islink) { $files[$n]['readlink'] = @readlink($dir . $filename); $files[$n]['linkinfo'] = linkinfo($dir . $filename); } $files[$n]['is_readable'] = @is_readable($fullfilename); $files[$n]['is_writable'] = @is_writable($fullfilename); $files[$n]['is_executable'] = @is_executable($fullfilename); $files[$n]['permission'] = $islink ? 'lrwxrwxrwx' : octtostr(@fileperms($dir . $filename)); if (substr($files[$n]['permission'], 0, 1) != '-') { $files[$n]['size'] = -1; } else { $files[$n]['size'] = @$stat['size']; $GLOBALS['showsize'] = TRUE; } $files[$n]['owner'] = $owner = @$stat['uid']; $files[$n]['group'] = $group = @$stat['gid']; $files[$n]['ownername'] = @reset(posix_getpwuid($owner)); $files[$n]['groupname'] = @reset(posix_getgrgid($group)); } closedir($dirstream); return $files; } else { return FALSE; } } function outputdirlisting ($dir, $files, $inaframe, $sort, $reverse) { global $self, $words; $uid = posix_getuid(); ?>

\n"); echo(" \n"); echo(" \n"); if ($GLOBALS['showsize']) echo(" \n"); echo(" \n"); echo(" \n"); echo(" \n"); echo(" \n"); echo(" \n"); $p = '&' . SID; if ($GLOBALS['showsize']) $cspan = ' colspan="2"'; else $cspan = ''; foreach ($files as $file) { echo(" \n"); if ($file['is_link']) { echo(" \n"); echo(" "); if ($file['is_dir']) echo('[ '); echo($file['filename']); if ($file['is_dir']) echo(' ]'); echo(' -> '); if ($file['is_dir']) { echo('[ '); if ($file['is_readable']) echo(""); echo(htmlentities($file['readlink'])); if ($file['is_readable']) echo(''); echo(' ]'); } else { if (dirname($file['readlink']) != '.') { if ($file['is_readable']) echo(""); echo(htmlentities(dirname($file['readlink'])) . '/'); if ($file['is_readable']) echo(''); } if (strlen(basename($file['readlink'])) != 0) { if ($file['is_file'] && $file['is_readable']) echo(""); echo(htmlentities(basename($file['readlink']))); if ($file['is_file'] && $file['is_readable']) echo(''); } if ($file['is_file'] && is_script($file['readlink'])) echo(" *"); } echo("\n"); } elseif ($file['is_dir']) { echo(" \n"); echo(" [ "); if ($file['is_readable']) echo(""); echo(htmlentities($file['filename'])); if ($file['is_readable']) echo(''); echo(" ]\n"); } else { echo(" \n"); echo(' '); if ($file['is_readable'] && $file['is_file']) echo(""); echo(htmlentities($file['filename'])); if ($file['is_readable'] && $file['is_file']) echo(''); if ($file['is_file'] && is_script($file['filename'])) echo(" *"); echo("\n"); if ($GLOBALS['showsize'] && $file['is_file']) { echo(" \n"); } } echo(' \n"); $owner = ($file['ownername'] == NULL) ? $file['owner'] : $file['ownername']; $group = ($file['groupname'] == NULL) ? $file['group'] : $file['groupname']; echo(' \n"); echo(' \n"); $f = "{$words['createsymlink']} | ";; if ($file['filename'] != '.' && $file['filename'] != '..') { if ($file['is_readable'] && $file['is_file']) { $f .= "{$words['copy']} | "; } if ($uid == $file['owner']) { $f .= "{$words['move']} | "; $f .= "{$words['delete']} | "; } if ($file['is_writable'] && $file['is_file']) { $f .= "{$words['edit']} | "; } } if ($file['is_dir'] && @is_file($file['fullfilename'] . '.htaccess') && @is_writable($file['fullfilename'] . '.htaccess')) { $f .= "{$words['configure']} | "; } if (!empty($f)) $f = substr($f, 0, strlen($f) - 3); else $f = ' '; echo(" \n"); echo(" \n"); } ?>
{$words['filename']}{$words['size']}{$words['permission']}{$words['owner']}{$words['group']}{$words['functions']}
"); if ($file['is_file']) echo("{$file['size']} B"); echo("'); if ($uid == $file['owner'] && !$file['is_link']) echo(""); echo($file['permission']); if ($uid == $file['owner'] && !$file['is_link']) echo(''); echo("' . $owner . "' . $group . "$f

$g)) $l++; while (($r > $left) && ($field[$r][$column] < $g)) $r--; } else { while (($l < $right) && ($field[$l][$column] < $g)) $l++; while (($r > $left) && ($field[$r][$column] > $g)) $r--; } if ($l < $r) { $tmp = $field[$r]; $field[$r] = $field[$l]; $field[$l] = $tmp; $r--; $l++; } else { $l++; } } if ($r > $left) $field = sortfield($field, $column, $reverse, $left, $r); if ($r + 1 < $right) $field = sortfield($field, $column, $reverse, $r + 1, $right); return $field; } function buildphrase ($repl, $str) { if (!is_array($repl)) $repl = array($repl); $newstr = ''; $prevz = ' '; for ($i = 0; $i < strlen($str); $i++) { $z = substr($str, $i, 1); if (((int) $z) > 0 && ((int) $z) <= count($repl) && $prevz == ' ') $newstr .= $repl[((int) $z) - 1]; else $newstr .= $z; $prevz = $z; } return $newstr; } function html_header ($action) { global $self; global $error, $notice, $updatetreeview; ?> <?php echo("$self - $action"); ?> >