0) && is_dir($_REQUEST[STR_SUBDIR]) && (strpos($_REQUEST[STR_SUBDIR], UPPER_DIR) === FALSE) && (substr($_REQUEST[STR_SUBDIR], 0, 1) != DS)) { define ('SUB_DIR', $_REQUEST[STR_SUBDIR]); } else { define ('SUB_DIR', CUR_DIR); } if (SUB_DIR != CUR_DIR) { define ('HREF_BEG', ' 0) && (THIS_SCRIPT != ADMIN_FILE) && (ADMIN_PW != '') && (ADMIN_PW != 'admin') && !@file_exists(ADMIN_FILE)) { @copy(THIS_SCRIPT, ADMIN_FILE); } } elseif (isset($_GET['act']) && ($_GET['act'] == 'login')) { Header('WWW-Authenticate: Basic realm="cool people"'); Header('HTTP/1.0 401 Unauthorized'); $msg = 'login failed :-('; } if (isset($_FILES['newValue']) && $isAdmin) { $pathAndFile = SUB_DIR.DS.$_FILES['newValue']['name']; if (strlen($_FILES['newValue']['name']) > 0) { if (@move_uploaded_file($_FILES['newValue']['tmp_name'], $pathAndFile)) { $msg = ''.$_FILES['newValue']['name'].' uploaded :-)'; } else { $msg = 'upload of '.$_FILES['newValue']['name'].' failed :-('; } } else { $msg = 'first choose a file for upload'; } reLocate('upload'); } elseif (isset($_GET['download']) && ($isAdmin || (SUB_DIR == DOWNLOAD_FOLDER))) { $pathAndFile = SUB_DIR.DS.$_GET['download']; if (@file_exists($pathAndFile)) { clearstatcache(); header('Content-Type: application/force-download'); header('Content-Transfer-Encoding: binary'); header('Content-Length: '.filesize($pathAndFile)); header('Content-Disposition: attachment; filename="'.$_GET['download'].'"'); @readfile($pathAndFile); @flush(); exit; } } elseif (isset($_GET['zip']) && ($isAdmin)) { $pathAndFile = SUB_DIR.DS.$_GET['zip']; if (@file_exists($pathAndFile)) { if(@is_dir($pathAndFile)) { $zipFile = $_GET['zip'].'.'.ZIP_EXTENSION; if(SUB_DIR != CUR_DIR) { $currentWorkDir = getcwd(); @chdir(SUB_DIR); } $result = (@exec('zip -r '.$zipFile.' '.$_GET['zip'], $zipResult) !== FALSE); if(SUB_DIR != CUR_DIR) { @chdir($currentWorkDir); } if ($result) { if (@file_exists(SUB_DIR.DS.$zipFile)) { $msg = 'folder '.$_GET['zip'].' zipped to '.$zipFile.''; } else { $msg = 'zip of folder '.$_GET['zip'].' failed :-('; } } else { $msg = 'execution of the zip program failed :-('; } } } reLocate(''); } elseif (isset($_GET['unzip']) && ($isAdmin)) { $pathAndFile = SUB_DIR.DS.$_GET['unzip']; if (@file_exists($pathAndFile)) { if(@is_file($pathAndFile) || @is_link($pathAndFile)) { if (@exec('unzip -d '.SUB_DIR.' '.$pathAndFile, $unzipResult) !== FALSE) { $msg = 'unzip of '.$_GET['unzip'].' succeeded :-)'; } else { $msg = 'unzip of '.$_GET['unzip'].' failed :-('; } } } reLocate(''); } elseif (isset($_POST['newFolder']) && $isAdmin) { $pathAndFile = SUB_DIR.DS.$_POST['newValue']; if(strlen ($_POST['newValue']) > 0) { if (!@file_exists($pathAndFile)) { if(@mkdir($pathAndFile)) { $msg = 'new folder '.$_POST['newValue'].' created :-)'; } else { $msg = 'creation of '.$_POST['newValue'].' failed :-('; } } else { $msg = 'folder '.$_POST['newValue'].' already exists :-('; } } else { $msg = 'ok, nothing changed ;-)'; } reLocate('mkdir'); } elseif (isset($_POST['saveFile']) && $isAdmin) { if(strlen ($_POST['saveFile']) > 0) { $content = $_POST['newValue']; if (get_magic_quotes_gpc() ==1) { $content = stripslashes($content); } $pathAndFile = SUB_DIR.DS.$_POST['saveFile']; if (@file_put_contents ($pathAndFile, $content) !== FALSE) { $msg = ''.$_POST['saveFile'].' saved :-)'; } else { $msg = ''.$_POST['saveFile'].' not saved :-('; } } else { $msg = 'ok, nothing changed ;-)'; } reLocate(''); } elseif (isset($_POST['renameFrom']) && $isAdmin) { $pathAndFileFrom = SUB_DIR.DS.$_POST['renameFrom']; $pathAndFileTo = SUB_DIR.DS.$_POST['newValue']; if(strcmp ($_POST['renameFrom'], $_POST['newValue']) != 0) { if (!@file_exists($pathAndFileTo)) { if(@rename($pathAndFileFrom, $pathAndFileTo)) { $msg = 'ok, '.$_POST['renameFrom'].' renamed to '.$_POST['newValue'].' :-)'; } else { $msg = 'rename of '.$_POST['renameFrom'].' to '.$_POST['newValue'].' failed :-('; } } else { $msg = ''.$_POST['newValue'].' already exists :-('; } } else { $msg = 'ok, nothing changed ;-)'; } reLocate(''); } elseif (isset($_POST['deleteFile']) && $isAdmin) { $pathAndFile = SUB_DIR.DS.$_POST['deleteFile']; if (@file_exists ($pathAndFile)) { if (@is_file($pathAndFile) || is_link($pathAndFile)) { if (@unlink($pathAndFile)) { $msg = 'file '.$_POST['deleteFile'].' deleted :-)'; } else { $msg = 'delete of file '.$_POST['deleteFile'].' failed :-('; } } elseif (@is_dir($pathAndFile)) { if (rec_rmdir($pathAndFile)) { $msg = 'folder '.$_POST['deleteFile'].' removed :-)'; } else { $msg = 'remove of folder '.$_POST['deleteFile'].' failed :-('; } } } else { $msg = ''.$_POST['deleteFile'].' not found :-('; } reLocate(''); } $imageCount = 0; $files = array(); if ($dh = @opendir(SUB_DIR)) { while (($file = @readdir($dh)) !== FALSE) { if (($file != CUR_DIR) && ($file != UPPER_DIR) && ($isAdmin || (SUB_DIR == DOWNLOAD_FOLDER) || !in_Array($file, $excludedFiles))) { if (@is_file(SUB_DIR.DS.$file) || @is_link(SUB_DIR.DS.$file)) { if (in_array(extension($file), $imagesExtensions)) { array_push($files, $file); $imageCount++; } elseif (($isAdmin) || (count($alsoShowExtensions) == 0) || in_array(extension($file), $alsoShowExtensions) || (SUB_DIR == DOWNLOAD_FOLDER)) { array_push($files, $file); } } elseif (is_dir(SUB_DIR.DS.$file)) { array_push($files, $file); } } } @closedir($dh); sort($files); } page_header(); if (isset($_GET['rename']) && $isAdmin) { page_renameForm(); } elseif (isset($_GET['delete']) && $isAdmin) { page_deleteForm(); } elseif (isset($_GET['act']) && ($_GET['act'] == 'mkdir') && $isAdmin) { page_mkdirForm(); } elseif (isset($_REQUEST['act']) && ($_REQUEST['act'] == 'upload') && $isAdmin) { page_uploadForm(); } if (isset($_GET['edit']) && $isAdmin) { page_editForm(); } elseif (isset($_GET['showImage'])) { page_showImage(); } else { page_msg(); echo '
'; echo '
'; page_breadCrumb(); echo ''; page_actionHead(); echo '
'; echo '
'; page_fileList(); echo '
'; } page_footer(); function page_header() { $h = ''.CR; $h .= ''.CR; $h .= ' cms.php presented by thomas_e(at)imgcms.de :-) '.CR; $h .= ''.CR; // $h .= ''.CR; $h .= ''.CR; $h .= ''.CR; $h .= ''.CR; $h .= ''.CR; $h .= ''.CR; $h .= ''.CR; $h .= ''.CR; $h .= ''.CR; echo $h; } function page_footer() { $f = '
'; $f .= ''.CR; // add your footer here :-) $f .= '
'.CR; $f .= ''; $f .= ''.CR; echo $f; } function page_msg() { global $msg; if (strlen($msg) == 0) { $msg = 'this is '.THIS_SCRIPT.' version '.VERSION_NR.' running on '.$_SERVER['HTTP_HOST'].CR; } echo '
 '.$msg.' 
'.CR; } function page_deleteForm() { $pathAndFile = SUB_DIR.DS.$_GET['delete']; $d = '
'.CR; $d .= ''.CR; $d .= ''.CR; if (is_file($pathAndFile) || is_link($pathAndFile)) { $d .= 'realy delete file '.$_GET['delete'].' ?'; } else { $d .= 'realy remove folder '.$_GET['delete'].' and all of its content ?'; } $d .= ' '.CR; $d .= ' '.CR; $d .= ''.CR; $d .= '
'.CR; $d .= ''.CR; echo $d; } function page_renameForm() { $r = '
'.CR; $r .= ''.CR; $r .= ''.CR; $r .= 'rename >>  '.CR; $r .= ' '.CR; $r .= ''.CR; $r .= '
'.CR; echo $r; } function page_mkdirForm() { $m = '
'.CR; $m .= ''.CR; $m .= ''.CR; $m .= 'new folder >> '.CR; $m .= ''.CR; $m .= ' '.CR; $m .= ''.CR; $m .= '
'.CR; echo $m; } function page_uploadForm() { $u = '
'.CR; $u .= ''.CR; $u .= ''.CR; $u .= 'select file for upload >>  '.CR; $u .= ''.CR; $u .= ' '.CR; $u .= ''; $u .= '
'.CR; $u .= ''.CR; echo $u; } function page_editForm() { global $useEAExtensions; define ('TAB', chr(9)); define ('LF', chr(10)); $transContent = array (TAB => ' ', CR.LF => LF); $pathAndFile = SUB_DIR.DS.$_GET['edit']; $content = strtr (@file_get_contents($pathAndFile), $transContent); $rows = explode(LF, $content); $cols = 80; foreach ($rows as $row) { $i = strlen($row); if ($i > $cols) { $cols = $i; } } $useEA = (@file_exists(EA_FOLDER.DS.EA_FILE) && in_array(extension($_GET['edit']), $useEAExtensions)); $m = '
'.CR; $m .= ''.CR; $m .= ''.CR; $m .= ' '.CR; $m .= ' '.CR; if ($useEA) { $m .= ' '.CR; } $m .= '   file: '.$_GET['edit'].''; // $m .= ' rows: '.count($rows).''; // $m .= ' cols: '.$cols.''.CR; $m .= '

'; $m .= ''.CR; $m .= '
'.CR; if ($useEA) { $m .= ''.CR; $m .= ''.CR; } echo $m; } function page_showImage() { $pathAndFile = SUB_DIR.DS.$_GET['showImage']; $s = '

'; $s .= ''; $s .= '
'; echo $s; } function page_breadCrumb() { $n = ''; $n .= 'root'.CR; if (SUB_DIR != CUR_DIR) { $subdirArray = explode (DS, SUB_DIR); $path = ''; $i = 0; while ($i < count($subdirArray)-1) { if (strlen($path) > 0) { $path .= DS; } $path .= $subdirArray[$i]; $n .= ' / '.$subdirArray[$i].''.CR; $i++; } $n .= ' / '.$subdirArray[$i]; // das aktuelle verzeichnis ohne link } $n .= '  '.CR; echo $n; } function page_actionHead() { global $imageCount, $isAdmin; $a = '  '; if (($imageCount > 0) && @file_exists(IMG_FILE)) { $a .= 'slide'.CR; $a .= ' | '; } if (!$isAdmin) { $a .= HREF_BEG.'act=login" title="for the cool people only ;-)" onClick="blur();">login'.CR; } else { $a .= HREF_BEG.'act=mkdir" title="create a new folder" onClick="blur();">mkdir'.CR; $a .= ' | '; $a .= HREF_BEG.'act=upload" title="upload files" onClick="blur();">upload'.CR; } echo $a; } function page_fileList() { global $isAdmin, $files, $imagesExtensions, $editableExtensions; if (count ($files) > 0) { $r = ''.CR; $r .= ''; $r .= ''; $r .= ''; if ($isAdmin) { $r .= ''; } $r .= ''.CR; foreach ($files as $file) { $fileExtension = extension($file); $r .= ''; if(SUB_DIR == CUR_DIR) { $pathAndFile = $file; } else { $pathAndFile = SUB_DIR.DS.$file; } if (@is_file($pathAndFile) || @is_link($pathAndFile)) { if ((SUB_DIR == DOWNLOAD_FOLDER) || ($fileExtension == ZIP_EXTENSION)) { $r .= ''.CR; } elseif (in_array($fileExtension, $imagesExtensions)) { if (@file_exists(IMG_FILE)) { $r .= ''.CR; } else { $r .= ''.CR; } } else { $r .= ''.CR; } $r .= ''.CR; } elseif (is_dir($pathAndFile)) { $r .= ''.CR; $r .= ''.CR; } $r .= ''.CR; if ($isAdmin) { $r .= ''; } $r .= ''.CR; } $r .= '
namesizedateaction
'.HREF_BEG.'download='.$file.'" title="download '.$file.'" onClick="blur();">'.$file.''.$file.''.HREF_BEG.'showImage='.$file.'" title="show Image '.$file.'" onClick="blur();">'.$file.''.$file.''.size2str(@filesize($pathAndFile)).''.$file.'[dir]'.date ('Y-m-d', @filemtime($pathAndFile)).''; $r .= ''.HREF_BEG.'delete='.$file.'" title="delete '.$file.'" onClick="blur();">del'.CR; $r .= ' | '; $r .= ''.HREF_BEG.'rename='.$file.'" title="rename '.$file.'" onClick="blur();">ren'.CR; if (@is_file($pathAndFile) || @is_link($pathAndFile)) { if ($fileExtension != ZIP_EXTENSION) { $r .= ' | '; $r .= ''.HREF_BEG.'download='.$file.'" title="download '.$file.'" onClick="blur();">dnl'.CR; } if (in_array($fileExtension, $editableExtensions)) { $r .= ' | '; $r .= HREF_BEG.'edit='.$file.'" title="edit '.$file.'" onClick="blur();">edt'.CR; } elseif ($fileExtension == ZIP_EXTENSION) { $r .= ' | '; $r .= HREF_BEG.'unzip='.$file.'" title="unzip '.$file.'" onClick="blur();">unz'.CR; } } elseif (@is_dir($pathAndFile)) { $r .= ' | '; $r .= HREF_BEG.'zip='.$file.'" title="zip '.$file.'" onClick="blur();">zip'.CR; } $r .= '
'.CR; echo $r; } } function size2str($size){ $i=0; $iec = array("", "k", "m", "g", "t", "p", "e", "z", "y"); while (($size/1024)>1) { $size=$size/1024; $i++; } return rtrim(substr(number_format(round($size, 2), 2, '.', ''), 0, 4), '.').' '.$iec[$i].'b'; } function extension($fileName) { return strtolower(substr(($t=strrchr($fileName,'.'))!==FALSE?$t:'',1)); } function reLocate($action) { global $msg; $l = 'Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']; if (SUB_DIR != CUR_DIR) { $l .= '?'.STR_SUBDIR.'='.SUB_DIR; $sep = '&'; } else { $sep = '?'; } if (strlen($action) > 0) { $l .= $sep.'act='.$action; $sep = '&'; } if (strlen($msg) > 0) { $l .= $sep.'msg='.rawurlencode($msg); } header($l); exit; } function rec_rmdir ($path) { if ($ok = ($dh = @opendir ($path))) { while ($ok && (($file = @readdir($dh)) !== false)) { if ($file != CUR_DIR && $file != UPPER_DIR) { $pathAndFile = $path.DS.$file; if (@is_file ($pathAndFile) || @is_link ($pathAndFile)) { $ok = $ok && @unlink ($pathAndFile); } elseif (@is_dir ($pathAndFile)) { $ok = $ok && rec_rmdir ($pathAndFile); } } } @closedir ($path); } return $ok && @rmdir ($path); } ?>