index.php

CMS系统 提供学习研究修改最好了 比流行的一些CMS简单 但是更容易理解 是帮助你学习PHPCMS系统的好东东哦

{
	global $dirleft, $default;
?>
	<form action='<?php echo htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES); ?>?page=ftp' method='POST'>
	<fieldset>
		<legend><?php echo STR_CREATEDIRLEGEND; ?></legend>
		<font class="mono"><?php echo $default['STARTDIR_LEFT']; ?>/</font>
		<input type='text' name='dirname' value='<?php echo str_replace($default['STARTDIR_LEFT'].'/','',$dirleft.'/'); ?>'>
		<input type='hidden' name='todo' value='createdir'>
		<input type='submit' name='Submit' value='<?php echo STR_CREATEDIRBUTTON; ?>'>
		<?php echo getparams(); ?>
	</fieldset>
	</form>
<?php
}

function create_directory()
{
	global $default;

	/**
	* don't allow in parent directories!
	*/
	if(strpos($_POST['dirname'],'..') === false)
	{
		mkdir_p($default['STARTDIR_LEFT'] . '/' . $_POST['dirname'], 0700);
		//copy_r($_POST['originame'],$default['STARTDIR_LEFT'].'/'.$_POST['copy_to']); display();
        linpha_log('filemanager','notice',
            'User '.$_SESSION['user_name'].": created new directory (".$_POST['dirname'].")");
	}
	else
	{
		die(pageheader() . STR_ACCESS_DENIED . pagefooter());
        linpha_log('filemanager','warning',
            'User '.$_SESSION['user_name'].": tried to create directory (".$_POST['dirname'].") failed");
	}
	
}

// ----------------------------------------------------------------------------

function upload()
{
	global $message, $dirleft;

	for ($i = 0; $i < $GLOBALS['default']['UPLOAD_NUMBER_OF_FILE_CONTROLS']; $i++ )
	{
		if ( isset( $_FILES[ 'file' . $i ] ) && !empty( $_FILES[ 'file' . $i]['name'] ) )	// need empty check because it file$i exists in PHP 4.1
		{
			$thisfile = $_FILES[ 'file' . $i ];
			$failed   = 0;

			if (isset($thisfile['error']) && $thisfile['error'] != 0 )	// ['error']  was added in PHP 4.2.0
			{
				switch ( $thisfile['error'] )
				{
				case 1: 
                    $message .= '<LI>'. sprintf(STR_FILE_UPLOAD_ERROR_FILE_EXCEEDS_INI_SIZE, $thisfile['name'], ini_get('upload_max_filesize') ); 
                    linpha_log('filemanager','error',
                        'User '.$_SESSION['user_name'].": upload failed for(".$thisfile['name'].") message: (".STR_FILE_UPLOAD_ERROR_FILE_EXCEEDS_INI_SIZE.")");
                    break;				
                case 2:
                    $message .= '<LI>'. sprintf(STR_FILE_UPLOAD_ERROR_FILE_EXCEEDS_FORM_SIZE, $thisfile['name'] );
                    linpha_log('filemanager','error',
                        'User '.$_SESSION['user_name'].": upload failed for(".$thisfile['name'].") message: (".STR_FILE_UPLOAD_ERROR_FILE_EXCEEDS_FORM_SIZE.")");
                    break;				
                case 3:
                    $message .= '<LI>'. sprintf(STR_FILE_UPLOAD_ERROR_FILE_PARTIAL, $thisfile['name'] );
                    linpha_log('filemanager','error',
                        'User '.$_SESSION['user_name'].": upload failed for(".$thisfile['name'].") message: (".STR_FILE_UPLOAD_ERROR_FILE_PARTIAL.")");
                    break;
				}
			}
			else
			{

				if ( !move_uploaded_file( $thisfile['tmp_name'], $_POST['targetdir'] . '/' . $thisfile['name'])	)
				{
					$failed = 1;
                   
				}
                
				if ( $_POST[ 'app' . $i ] != '-' )	// extracting selected
				{
					include_once(TOP_DIR.'/include/archiver.class.php');	// this part must be before chdir()!
					$apps = new Archive_Applications();
					$command = $apps->apps[$_POST['app'.$i]]['command_extract'];
					$apps->searchApp($_POST['app'.$i]);

					$executable = $apps->found_apps[$_POST['app'.$i]].$apps->apps[$_POST['app'.$i]]['executable_extract'];

					$command = str_replace('{executable}',$executable,$command);
					$command = str_replace('{archive_name}',escape_string($thisfile['name']),$command);
					
					$oldpwd = getcwd();
					if ( !chdir( $_POST['targetdir'] ) ) {
						$failed = 2;
					}
					else
					{
						$output = array(); $return_value = '';	// do not this inside exec() !!!!!!!!!! it will overwrite the returned content !!
						exec( $command, $output, $return_value );
						chdir( $oldpwd );
                        
						
						echo  '<LI>' .
							$command . '<BR>' . NL .
							'<TEXTAREA  cols=80 ROWS=4>' .
							implode( NL, $output ) .
							'</TEXTAREA><BR>';
						
						unset($output);

						if ( isset( $_POST[ 'drop' . $i ] ) && ( $_POST[ 'drop' . $i ] == 'on' ) )
						{
							if (!unlink( $_POST['targetdir'] . '/' . $thisfile['name'] )) {
								$failed = 3;
							}
						}
					}
				}

				switch ($failed)
				{
                    case 0:
                        linpha_log('filemanager','notice',
                            'User '.$_SESSION['user_name'].": uploaded file (".$thisfile['tmp_name']." ".$_POST['targetdir'].'/'.$thisfile['name'].")");
                    
                        break;
					case 1: 
                        $message .= '<LI>' . sprintf( STR_FILE_UPLOAD_ERROR, $thisfile[ 'name' ], $_POST['targetdir'] ); 
                        linpha_log('filemanager','error',
                            'User '.$_SESSION['user_name'].": upload failed for(".$thisfile['name'].") message: (".STR_FILE_UPLOAD_ERROR.")");
                        break;
					case 2:
                        $message .= '<LI>' . sprintf( STR_FILE_UPLOAD_CHDIR_ERROR, $_POST['targetdir'], $thisfile[ 'name' ] );
					    linpha_log('filemanager','error',
                            'User '.$_SESSION['user_name'].": upload chdir failed for(".$thisfile['name'].") message: (".STR_FILE_UPLOAD_CHDIR_ERROR.")");
                        break;
                    case 3:
                        $message .= '<LI>' . sprintf( STR_FILE_UPLOAD_UNLINK_ERROR, $_POST['targetdir'], $thisfile[ 'name' ] ); break;
                        linpha_log('filemanager','error',
                            'User '.$_SESSION['user_name'].": upload unlink for(".$thisfile['name'].") message: (".STR_FILE_UPLOAD_UNLINK_ERROR.")");
                        break;
				}
			}
		}
	}
}

// ----------------------------------------------------------------------------
function uploadform($targetdir) {
global $default, $dirleft, $sortpass, $str_files_to_upload, $str_extract_with, $str_add_more_apps, $str_note_upload;

  $nav  =
    '<A HREF="'.htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES).'?'.
      'lt='.urlencode($dirleft).AMP.
      'page=ftp'.AMP.
      $sortpass . '">'.STR_BACK.'</A> ';
  if (!ini_get('file_uploads')) {

    echo
      pageheader().
      '<PRE>'.
      $nav .
      '</PRE>'.
      STR_FILE_UPLOAD_DISABLED.
      pagefooter();
    return;

  }
  else {

    $files      = '';
    $appselect  = '<OPTION VALUE="-">'. STR_FILE_UPLOAD_NOTHING;
    
	include_once(TOP_DIR.'/include/archiver.class.php');
	$apps = new Archive_Applications();
	$apps->searchApps();
	
	foreach($apps->found_apps AS $key=>$value)
	{
		$value = $key.' (.'.$apps->apps[$key]['file_ext'].')';
		$appselect .= '<option value="'.$key.'">'.$value.'</option>';
	}

    for ($i = 0; $i < $GLOBALS['default']['UPLOAD_NUMBER_OF_FILE_CONTROLS']; $i++ ) {

		($i % 2 ) ? $colorclass=" class=alternate " : $colorclass =' '; // row colors

	  $files .=
		'<TR ' .$colorclass.'>'.'<TD class=uploaderbrbb>&nbsp;<b>'.
		STR_FILE_UPLOAD_FILE . ' '.($i+1).': '.'<INPUT TYPE=FILE NAME="file'.$i.'"></b></TD>'.

		'<td class=uploaderbb>&nbsp;<SELECT NAME="app'.$i.'" ID="appselect'.$i.'">' .$appselect .'</SELECT>';
        if($i == 0)
        {
            $files .= ' <b>'.$str_add_more_apps.'</b>';

            ob_start();
            putHelpButton('archive_apps');
            $files .= ob_get_contents();
            ob_end_clean(); 
        }
        $files .= '</td></tr>' .
		'<tr ' .$colorclass.'>'.
		'<td class=uploaderbbs colspan=2><INPUT TYPE=CHECKBOX ID="dropcbx' . $i . '" NAME="drop'.$i.'">'.
         '<LABEL FOR="dropcbx'.$i.'">'. STR_FILE_UPLOAD_DROPFILE . '</LABEL></td></tr>' .
         '</TD></TR>';
	unset($colorclass);
	}
    echo
      pageheader().
      '<PRE>'.
      $nav.
      '</PRE>'.
      '<FORM METHOD=POST ENCTYPE="multipart/form-data" ACTION="'.htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES).'?page=ftp">'.NL.
      '<INPUT TYPE=HIDDEN NAME="todo" VALUE="upload">'.NL.
      '<INPUT TYPE=HIDDEN NAME="page" VALUE="ftp">'.NL.
	  '<INPUT TYPE=HIDDEN NAME="targetdir" VALUE="'.htmlspecialchars($targetdir, ENT_QUOTES).'">'.NL.
      getparams() .
      '<B>'.STR_FILE_UPLOAD_TARGET.': '.htmlspecialchars($targetdir).'</B><BR>'.NL.
      '<BR>'.
      STR_FILE_UPLOAD_DESC.'<BR>'.NL.
      STR_FILE_UPLOAD_MAXFILESIZE.': '.ini_get('upload_max_filesize').'<BR><BR>'.NL.
      $str_note_upload.NL.
      '<br /><br /><TABLE class=blackborder CELLPADDING=0 cellspacing=0 width=100%%>'.NL.
      '<tr class="alternate"><td class="uploaderbbs">'.$str_files_to_upload.':</td><td class="uploaderbbs">'.$str_extract_with.':</td></tr>'.NL.
      $files.
      '</TABLE>'.
      '<BR>'.
      '<INPUT TYPE=SUBMIT VALUE="'.STR_FILE_UPLOAD.'">'.
      '</FORM>'.
      pagefooter();
  }
}

// ----------------------------------------------------------------------------
function init() {
global
  $default, $sortpass,
  $message, $current, $dirleft;

  // catch forbidden directory access
  if(isset($_REQUEST['f']))
  {
  	if(strpos($_REQUEST['f'], $default['STARTDIR_LEFT']) === false)
  	{
  	    die(pageheader() . STR_ACCESS_DENIED . pagefooter());
  	}
  }		

  // setting commonly used global variables
  $message = '';
  $old_error_handler = set_error_handler("fsguideErrorHandler");

  $current  = _r(getcwd());
  $dirleft  = isset($_REQUEST['lt']) ? $_REQUEST['lt'] :
          (
           strlen($default['STARTDIR_LEFT'])  ?
              _r($default['STARTDIR_LEFT'])  :
              $current
          );
  if (
      !eregi('^('.addslashes(_r(implode('|',$default['DIRACCESS']))).').*$',$dirleft) ||
      eregi('\.\.',$dirleft)
     )
	{
    die(pageheader() . STR_ACCESS_DENIED . pagefooter());
	}
  $sortpasses   = Array();
  $sortpasses[] = 'sortby0=' .(isset($_REQUEST['sortby0'])  ? $_REQUEST['sortby0']  : $default['PANEL_SORTBY']);
  $sortpasses[] = 'sortdir0='.(isset($_REQUEST['sortdir0']) ? $_REQUEST['sortdir0'] : $default['PANEL_SORTDIRECTION']);
  $sortpass     = implode(AMP, $sortpasses); // sorting parameters for GET
}

// ----------------------------------------------------------------------------
function filesystem_action($from, $to, $actionType) {
global $message;
  if (is_dir($from)) {

    $thisdir = opendir($from);

    while ($thisobject = readdir($thisdir))
      if (!ereg('^\.{1,2}$', $thisobject)) {

        if (is_dir("$from/$thisobject")) {
          $fullname = "$to/$thisobject";
          if ($actionType != 2) {
            mkdir($fullname);
            linpha_log('filemanager','notice',
                'User '.$_SESSION['user_name'].": created new dir (".$fullname.")");
          } 

          filesystem_action("$from/$thisobject", $fullname, $actionType);

          if ($actionType) {
            rmdir("$from/$thisobject");
            linpha_log('filemanager','notice',
                'User '.$_SESSION['user_name'].": removed dir (".$from/$thisobject.")");
          } 
        }
        else
          filesystem_action("$from/$thisobject", $to, $actionType);
      }
    closedir($thisdir);
  }
  else {
    $to .= "/" . basename($from);
    switch ($actionType) {
      case 1:  rename($from, $to); break;
      case 2:  unlink($from); break;
      default: $message .= "undefined action"; break;
    }
  }
}

// ----------------------------------------------------------------------------
function execute_action($action) {

global $dirleft, $message;

  $filelist = filelist();

  foreach($filelist as $sideflag=>$sidefiles) {
   	$sourceDir      = $dirleft;
    $destinationDir = $dirleft;

	foreach($sidefiles as $f) {

      switch ($action) {
        case 'delete': $passAction = 2; break;
        default:       $message .= 'Undefined action:' . $action . "<BR>\n";
      }
      
      $source = "$sourceDir/$f";
      $source_is_dir = is_dir($source);
      $destination = $destinationDir;

      if ($source_is_dir && ($passAction<2)) {
        $destination .= "/$f";
        mkdir($destination);
        linpha_log('filemanager','notice',
            'User '.$_SESSION['user_name'].": created new dir (".$destination.")");
      }

		/**
		* security check
		*/
		if($passAction == 2 && $f == 'albums')
		{
			echo 'For security reasons, we disable the delete function if the album to delete is "albums".<br />';
			echo 'You have to delete it with an ftp program or something similiar, sorry.<br />';
		}
		else
		{
	      filesystem_action($source, $destination, $passAction);
	
	      if (($passAction>0) && $source_is_dir) {
	        rmdir($source);
            linpha_log('filemanager','notice',
                'User '.$_SESSION['user_name'].": removed dir (".$source.")");
          }
        }
    }
  }
}

// ----------------------------------------------------------------------------
function determine_filetype($filename) {
global $default;

  // DETERMINE BY EXTENSION ---------------------------------------------------