File: 1.11.1b/server/web/filemanager.php (View as HTML)

  1: <?php
  2: /* -------------------------------------------------------------
  3: This file is part of FreeNATS
  4: 
  5: FreeNATS is (C) Copyright 2008 PurplePixie Systems
  6: 
  7: FreeNATS is free software: you can redistribute it and/or modify
  8: it under the terms of the GNU General Public License as published by
  9: the Free Software Foundation, either version 3 of the License, or
 10: (at your option) any later version.
 11: 
 12: FreeNATS is distributed in the hope that it will be useful,
 13: but WITHOUT ANY WARRANTY; without even the implied warranty of
 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 15: GNU General Public License for more details.
 16: 
 17: You should have received a copy of the GNU General Public License
 18: along with FreeNATS.  If not, see www.gnu.org/licenses
 19: 
 20: For more information see www.purplepixie.org/freenats
 21: -------------------------------------------------------------- */
 22: $msg="";
 23: ob_start();
 24: if (isset($_REQUEST['dirindex'])) $dirindex=$_REQUEST['dirindex'];
 25: else $dirindex=0;
 26: 
 27: if (isset($_REQUEST['filename'])) $filename=$_REQUEST['filename'];
 28: else $filename="";
 29: 
 30: if ($filename!="")
 31: 	{
 32: 	if ($filename[0]=="/") $filename=substr($filename,1);
 33: 	if (strpos($filename,"..")!==false) $filename="";
 34: 	}
 35: 
 36: require("include.php");
 37: $NATS->Start();
 38: if (!$NATS_Session->Check($NATS->DB))
 39: 	{
 40: 	header("Location: ./?login_msg=Invalid+Or+Expired+Session");
 41: 	exit();
 42: 	}
 43: if ($NATS_Session->userlevel<9) UL_Error("Filemanager Interface");
 44: 
 45: $dirs=array();
 46: $dircount=0;
 47: function add_dir($name,$path)
 48: {
 49: global $dirs,$dircount;
 50: $dirs[$dircount]['name']=$name;
 51: $dirs[$dircount]['path']=$path;
 52: $dircount++;
 53: return ($dircount-1);
 54: }
 55: 
 56: add_dir("Site Tests",$BaseDir."site/tests/");
 57: add_dir("Site Events",$BaseDir."site/events/");
 58: 
 59: // Actions Here
 60: if (isset($_REQUEST['action']))
 61: 	{
 62: 	switch ($_REQUEST['action'])
 63: 		{
 64: 		case "save":
 65: 		$fp=@fopen($dirs[$dirindex]['path'].$filename,"w");
 66: 		if ($fp<=0)
 67: 			{
 68: 			$msg="Failed to Open File to Save";
 69: 			}
 70: 		else
 71: 			{
 72: 			$size=strlen($_REQUEST['content']);
 73: 			fputs($fp,$_REQUEST['content'],$size);
 74: 			fclose($fp);
 75: 			$msg="File Saved";
 76: 			}
 77: 		break;
 78: 		
 79: 		case "delete":
 80: 		$fn=$dirs[$dirindex]['path'].$filename;
 81: 		if (!isset($_REQUEST['confirmed']))
 82: 			{
 83: 			$cl="filemanager.php?dirindex=".$dirindex."&filename=".$filename."&action=delete&confirmed=1";
 84: 			$loc="confirm.php?action=Delete+file+".$filename."&back=".urlencode($cl);
 85: 			header("Location: ".$loc);
 86: 			exit();
 87: 			}
 88: 		$res=@unlink($fn);
 89: 		if ($res) $msg="Deleted File ".$filename;
 90: 		else $msg="Failed to Delete ".$fn;
 91: 		break;
 92: 		
 93: 		case "download":
 94: 		
 95: 		$fn=$dirs[$dirindex]['path'].$filename;
 96: 		if (file_exists($fn))
 97: 			{
 98: 			header("Content-type: application/octet-stream");
 99: 			header("Content-Length: ".filesize($fn));
100: 			header("Content-Disposition: attachment; filename=".$filename);
101: 			header("Content-Transfer-Encoding: binary");
102: 			$fp=@fopen($fn,"rb");
103: 			if ($fp)
104: 				{
105: 				fpassthru($fp);
106: 				fclose($fp);
107: 				}
108: 			exit();
109: 			}
110: 		$msg="File Download Failed";
111: 		break;
112: 		
113: 		case "upload":
114: 		$uploadfn = $dirs[$dirindex]['path'] . basename($_FILES['uploadfile']['name']);
115: 
116: 		if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $uploadfn)) 
117: 			{
118: 			$msg="File Uploaded Ok";
119: 			}
120: 		else $msg="File Upload Failed";
121: 
122: 		break;
123: 		
124: 		}
125: 	}
126: 
127: Screen_Header("File Manager",1,1,"","main","admin");
128: if ($msg!="") echo "<b>".$msg."</b><br><br>";
129: 
130: echo "<br><b class=\"subtitle\"><a href=admin.php>System Settings</a> &gt; File Manager</b><br><br>";
131: 
132: echo "<form action=filemanager.php method=post>";
133: echo "<b>Change Directory: <select name=dirindex>";
134: for($a=0;$a<$dircount;$a++)
135:  {
136:  echo "<option value=".$a.">".$dirs[$a]['name']." (".$dirs[$a]['path'].")</option>";
137:  }
138: echo "</select> <input type=submit value=Go> </form>";
139: echo "<br><br>";
140: 
141: echo "<b class=\"subtitle\">".$dirs[$dirindex]['name']." Directory: ".$dirs[$dirindex]['path']."</b><br><br>";
142: 
143: if ($handle=opendir($dirs[$dirindex]['path']))
144: 	{
145: 	echo "<table class=\"nicetable\">";
146:     while (false !== ($file = readdir($handle)))
147:     	{
148: 	    if ( ($file!=".l") && ($file!=".l.") )
149: 	    	{
150: 	        echo "<tr><td>";
151: 	        if (is_dir($dirs[$dirindex]['path'].$file))
152: 	        	{
153: 	        	echo $file;
154: 	        	$isfile=false;
155:         		}
156: 	        else
157: 	        	{
158: 		        $isfile=true;
159: 		        echo "<a href=filemanager.php?action=download&dirindex=".$dirindex."&filename=".$file.">";
160: 	        	echo $file;
161: 	        	echo "</a>";
162:         		}
163:         	echo "</td>";
164:         	
165:         	echo "<td>";
166:         	if ($isfile)
167:         		{
168: 	        	echo "<a href=filemanager.php?action=edit&dirindex=".$dirindex."&filename=".$file.">";
169: 	        	echo "<img src=images/options/reply.png border=0></a> ";
170: 	        	echo "<a href=filemanager.php?action=delete&dirindex=".$dirindex."&filename=".$file.">";
171: 	        	echo "<img src=images/options/action_delete.png border=0></a>";
172:         		}
173:         	else echo "&nbsp;";
174:         	echo "</td>";
175:         	
176:         	echo "<td>";
177:         	if ($isfile)
178:         		{
179: 	        	echo filesize($dirs[$dirindex]['path'].$file)." bytes";
180:         		}
181:         	else echo "&nbsp;";
182:         	echo "</td>";
183: 	        	
184: 	        
185: 	        echo "</tr>";
186:         	}
187:     	}
188: 
189: 	echo "</table>";
190:     closedir($handle);
191: 	}
192: 
193: echo "<form enctype=\"multipart/form-data\" method=\"POST\" action=\"filemanager.php\">";
194: echo "<input type=hidden name=action value=upload>";
195: echo "<input type=hidden name=dirindex value=".$dirindex.">";
196: echo "<b>Upload File: </b><input type=file name=uploadfile> <input type=submit value=Upload> </form><br><br>";
197: 	
198: echo "<form action=filemanager.php method=post>";
199: echo "<input type=hidden name=dirindex value=".$dirindex.">";
200: echo "<b>Create File Named: </b><input type=text name=filename size=30> <input type=submit value=Create>";
201: echo "<input type=hidden name=action value=edit></form>";
202: 	
203: echo "<br><br>";
204: 
205: if ( isset($_REQUEST['action']) && ($_REQUEST['action']=="edit") )
206: 	{
207: 	$text=@file_get_contents($dirs[$dirindex]['path'].$filename);
208: 	echo "<form action=filemanager.php method=post>";
209: 	echo "<input type=hidden name=action value=save>";
210: 	echo "<input type=hidden name=dirindex value=".$dirindex.">";
211: 	echo "<input type=hidden name=filename value=".$filename.">";
212: 	echo "<b class=\"subtitle\">Editing ".$dirs[$dirindex]['path'].$filename."</b><br><br>";
213: 	echo "<textarea name=content cols=80 rows=30>";
214: 	echo htmlspecialchars($text);
215: 	echo "</textarea><br>";
216: 	echo "<input type=submit value=\"Save File Content\"> <a href=filemanager.php?dirindex=".$dirindex.">Abandon Changes</a>";
217: 	echo "</form><br><br>";
218: 	}
219: 	
220: Screen_Footer();
221: ?>
222: