Viewing File server/web/filemanager.php of 1.09.2b
|
1: <?php 2: /* ------------------------------------------------------------- 3: This file is part of FreeNATS 4: 5: FreeNATS is (C) Copyright 2008 PurplePixie Systems 6: 7: FreeNATS is free software: you can redistribute it and/or modify 8: it under the terms of the GNU General Public License as published by 9: the Free Software Foundation, either version 3 of the License, or 10: (at your option) any later version. 11: 12: FreeNATS is distributed in the hope that it will be useful, 13: but WITHOUT ANY WARRANTY; without even the implied warranty of 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15: GNU General Public License for more details. 16: 17: You should have received a copy of the GNU General Public License 18: along with FreeNATS. If not, see www.gnu.org/licenses 19: 20: For more information see www.purplepixie.org/freenats 21: -------------------------------------------------------------- */ 22: $msg=""; 23: ob_start(); 24: if (isset($_REQUEST['dirindex'])) $dirindex=$_REQUEST['dirindex']; 25: else $dirindex=0; 26: 27: if (isset($_REQUEST['filename'])) $filename=$_REQUEST['filename']; 28: else $filename=""; 29: 30: if ($filename!="") 31: { 32: if ($filename[0]=="/") $filename=substr($filename,1); 33: if (strpos($filename,"..")!==false) $filename=""; 34: } 35: 36: require("include.php"); 37: $NATS->Start(); 38: if (!$NATS_Session->Check($NATS->DB)) 39: { 40: header("Location: ./?login_msg=Invalid+Or+Expired+Session"); 41: exit(); 42: } 43: if ($NATS_Session->userlevel<9) UL_Error("Filemanager Interface"); 44: 45: $dirs=array(); 46: $dircount=0; 47: function add_dir($name,$path) 48: { 49: global $dirs,$dircount; 50: $dirs[$dircount]['name']=$name; 51: $dirs[$dircount]['path']=$path; 52: $dircount++; 53: return ($dircount-1); 54: } 55: 56: add_dir("Site Tests",$BaseDir."site/tests/"); 57: add_dir("Site Events",$BaseDir."site/events/"); 58: 59: // Actions Here 60: if (isset($_REQUEST['action'])) 61: { 62: switch ($_REQUEST['action']) 63: { 64: case "save": 65: $fp=@fopen($dirs[$dirindex]['path'].$filename,"w"); 66: if ($fp<=0) 67: { 68: $msg="Failed to Open File to Save"; 69: } 70: else 71: { 72: $size=strlen($_REQUEST['content']); 73: fputs($fp,$_REQUEST['content'],$size); 74: fclose($fp); 75: $msg="File Saved"; 76: } 77: break; 78: 79: case "delete": 80: $fn=$dirs[$dirindex]['path'].$filename; 81: if (!isset($_REQUEST['confirmed'])) 82: { 83: $cl="filemanager.php?dirindex=".$dirindex."&filename=".$filename."&action=delete&confirmed=1"; 84: $loc="confirm.php?action=Delete+file+".$filename."&back=".urlencode($cl); 85: header("Location: ".$loc); 86: exit(); 87: } 88: $res=@unlink($fn); 89: if ($res) $msg="Deleted File ".$filename; 90: else $msg="Failed to Delete ".$fn; 91: break; 92: 93: case "download": 94: 95: $fn=$dirs[$dirindex]['path'].$filename; 96: if (file_exists($fn)) 97: { 98: header("Content-type: application/octet-stream"); 99: header("Content-Length: ".filesize($fn)); 100: header("Content-Disposition: attachment; filename=".$filename); 101: header("Content-Transfer-Encoding: binary"); 102: $fp=@fopen($fn,"rb"); 103: if ($fp) 104: { 105: fpassthru($fp); 106: fclose($fp); 107: } 108: exit(); 109: } 110: $msg="File Download Failed"; 111: break; 112: 113: case "upload": 114: $uploadfn = $dirs[$dirindex]['path'] . basename($_FILES['uploadfile']['name']); 115: 116: if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $uploadfn)) 117: { 118: $msg="File Uploaded Ok"; 119: } 120: else $msg="File Upload Failed"; 121: 122: break; 123: 124: } 125: } 126: 127: Screen_Header("File Manager",1,1,"","main","admin"); 128: if ($msg!="") echo "<b>".$msg."</b><br><br>"; 129: 130: echo "<br><b class=\"subtitle\"><a href=admin.php>System Settings</a> > File Manager</b><br><br>"; 131: 132: echo "<form action=filemanager.php method=post>"; 133: echo "<b>Change Directory: <select name=dirindex>"; 134: for($a=0;$a<$dircount;$a++) 135: { 136: echo "<option value=".$a.">".$dirs[$a]['name']." (".$dirs[$a]['path'].")</option>"; 137: } 138: echo "</select> <input type=submit value=Go> </form>"; 139: echo "<br><br>"; 140: 141: echo "<b class=\"subtitle\">".$dirs[$dirindex]['name']." Directory: ".$dirs[$dirindex]['path']."</b><br><br>"; 142: 143: if ($handle=opendir($dirs[$dirindex]['path'])) 144: { 145: echo "<table class=\"nicetable\">"; 146: while (false !== ($file = readdir($handle))) 147: { 148: if ( ($file!=".l") && ($file!=".l.") ) 149: { 150: echo "<tr><td>"; 151: if (is_dir($dirs[$dirindex]['path'].$file)) 152: { 153: echo $file; 154: $isfile=false; 155: } 156: else 157: { 158: $isfile=true; 159: echo "<a href=filemanager.php?action=download&dirindex=".$dirindex."&filename=".$file.">"; 160: echo $file; 161: echo "</a>"; 162: } 163: echo "</td>"; 164: 165: echo "<td>"; 166: if ($isfile) 167: { 168: echo "<a href=filemanager.php?action=edit&dirindex=".$dirindex."&filename=".$file.">"; 169: echo "<img src=images/options/reply.png border=0></a> "; 170: echo "<a href=filemanager.php?action=delete&dirindex=".$dirindex."&filename=".$file.">"; 171: echo "<img src=images/options/action_delete.png border=0></a>"; 172: } 173: else echo " "; 174: echo "</td>"; 175: 176: echo "<td>"; 177: if ($isfile) 178: { 179: echo filesize($dirs[$dirindex]['path'].$file)." bytes"; 180: } 181: else echo " "; 182: echo "</td>"; 183: 184: 185: echo "</tr>"; 186: } 187: } 188: 189: echo "</table>"; 190: closedir($handle); 191: } 192: 193: echo "<form enctype=\"multipart/form-data\" method=\"POST\" action=\"filemanager.php\">"; 194: echo "<input type=hidden name=action value=upload>"; 195: echo "<input type=hidden name=dirindex value=".$dirindex.">"; 196: echo "<b>Upload File: </b><input type=file name=uploadfile> <input type=submit value=Upload> </form><br><br>"; 197: 198: echo "<form action=filemanager.php method=post>"; 199: echo "<input type=hidden name=dirindex value=".$dirindex.">"; 200: echo "<b>Create File Named: </b><input type=text name=filename size=30> <input type=submit value=Create>"; 201: echo "<input type=hidden name=action value=edit></form>"; 202: 203: echo "<br><br>"; 204: 205: if ( isset($_REQUEST['action']) && ($_REQUEST['action']=="edit") ) 206: { 207: $text=@file_get_contents($dirs[$dirindex]['path'].$filename); 208: echo "<form action=filemanager.php method=post>"; 209: echo "<input type=hidden name=action value=save>"; 210: echo "<input type=hidden name=dirindex value=".$dirindex.">"; 211: echo "<input type=hidden name=filename value=".$filename.">"; 212: echo "<b class=\"subtitle\">Editing ".$dirs[$dirindex]['path'].$filename."</b><br><br>"; 213: echo "<textarea name=content cols=80 rows=30>"; 214: echo htmlspecialchars($text); 215: echo "</textarea><br>"; 216: echo "<input type=submit value=\"Save File Content\"> <a href=filemanager.php?dirindex=".$dirindex.">Abandon Changes</a>"; 217: echo "</form><br><br>"; 218: } 219: 220: Screen_Footer(); 221: ?> 222: