DotPurple: Client Up/download Site

' . "\n"); exit(); } /* Get all info for specified user */ $sql = "select * from users where uid='".$username."'"; $result = mysql_query($sql) or die(mysql_error()); $num_rows = mysql_num_rows($result); /* count the number of rows returned */ if ($num_rows == 0) { bad_login(''); } $row = mysql_fetch_assoc($result); /* or you can use: mysql_fetch_array($result, MYSQL_ASSOC) */ $pwd = $row['pwd']; /* Get info from the pwd field */ $pwd = strtolower($pwd); /* convert to lowercase */ /* Validate password */ if ($pwd != $password) { bad_login($username); } /* Get the priv and upload_dir info */ $priv = $row['priv']; $upload_dir = $row['upload_dir']; echo('

' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); //admin priv login if ($priv == 'admin') { echo('' . "\n"); /* set the page name in a hidden box's name, instead of the button's name */ } //other login else { echo('' . "\n"); /* set the page name in a hidden box's name, instead of the button's name */ } /* default message to display while page loads (the page might take a while) */ echo('

'); echo('Please wait while the page is generated..... ' . "\n"); echo('' . "\n"); /* This button is only required if javascript is not working */ /* submit form with javascript */ ?> ' . "\n"); } else /* ********************* ***** admin_start *** ********************* */ if (isset($_GET['admin_start']) || isset($_POST['admin_start'])) { /* Check for either POST or GET */ echo('' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('

' . "\n"); } else /* ******************** ***** admin_menu *** ******************** */ if (isset($_GET['admin_menu'])) { $username = $_GET['username']; $priv = $_GET['priv']; echo('

'); echo(''); echo('.: DotPurple - Administrator Menu :.
' . "\n"); echo('Logged-in User: ' . $username . '' . "\n"); echo(''); echo('

' . "\n"); /* pass the username and priv in hidden boxes if you have the priv, you don't need to get it from the DB again */ echo('' . "\n"); echo('' . "\n"); //echo('
' . "\n"); echo('
' . "\n"); echo('
' . "\n"); echo('
' . "\n"); echo('
' . "\n"); echo('
' . "\n"); echo('
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('
'); } else /* ******************* ***** usr_files *** ******************* */ if (isset($_GET['usr_files'])) { $username = $_GET['username']; $priv = $_GET['priv']; $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); /* Get all the user IDs */ $sql = "select uid from users"; $result = mysql_query($sql) or die(mysql_error()); $num_users = mysql_num_rows($result)-1; //exclude "sa" user echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); if ($num_users > 0) { echo('
'); echo(''); echo('Select user:
' . "\n"); echo(''); echo('
' . "\n"); echo('' . "\n"); } else { echo('No users found
' . "\n"); } echo('' . "\n"); echo('' . "\n"); } else /* ******************** ***** usr_files2 *** ******************** */ if (isset($_GET['usr_files2'])) { $username = $_GET['username']; $priv = $_GET['priv']; $select_user = $_GET['select_user']; $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); $sql = "select upload_dir from users where uid='$select_user'"; $result = mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_row($result); $upload_dir = $row[0]; echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); ?>' . "\n"); } else /* ******************** ***** uploadfile *** ******************** */ //testing if (isset($_GET['uploadfile'])) { $username = $_GET['username']; $priv = $_GET['priv']; $select_user = $_GET['select_user']; $upload_dir = $_GET['upload_dir']; $top_dir = $_GET['top_dir']; /* this is to keep track of a normal user's directory (i.e. path setup in the DB) */ if ($top_dir == '') $top_dir = $upload_dir; $selected_dir = $base_dir . '/' . $upload_dir; if ($selected_dir == $base_dir . '/') $selected_dir = $base_dir; echo(''); echo(''); echo('
'); echo(''); echo('
'); echo('Current directory: ' . ($upload_dir == ''? '[Root]':$upload_dir) . '
' . "\n"); /* You need to open the directory before you can use it */ $root = @opendir($selected_dir); if (!$root) { /* directory does not exist */ if (!force_directories($selected_dir)) { /* create directory */ echo('
'); echo('Unable to create directory
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); echo('' . "\n"); exit(); } //end if (!force_directories($base_dir)) /* try again */ $root = @opendir($selected_dir); if (!$root) { /* something else is wrong */ echo('
'); echo('Unable to open or create directory
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); //echo('
' . "\n"); echo('' . "\n"); echo('
' . "\n"); exit(); } //end if (!$root) } //end if (!$root) $dirlist = array(); $filelist = array(); /* Exclude file list */ $exFiles = array(".php", ".js", ".html", ".htm"); /* Build directory and file lists */ while ($file = readdir($root)) { if ((is_dir($file) || !stristr($file, "."))) { if ($file == '.') continue; $dirlist[] = $file; } //end if((is_dir($file) || !stristr($file, "."))) else { /* Check Exclusions */ for ($i=0; $i< count($exFiles); $i++) { $found = false; $ext = strtolower($exFiles[$i]); $len = strlen($ext); if (substr(strtolower($file), -$len) == $ext) { $found = true; break; } } //end for ($i=0; $i< count($exFiles); $i++) if ($found) continue; if ($file == '.') continue; if ($file == '..') continue; $filelist[] = $file; } //end else if ((is_dir($file) || !stristr($file, "."))) } //end while ($file = readdir($root)) /* Close the directory and sort the lists */ closedir($root); sort($dirlist); sort($filelist); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); /* Display the directories */ if (count($dirlist) > 0) { echo('' . "\n"); echo(''); echo('
'); echo('
'); echo('Other Folder(s):' . "\n"); for ($i = 0; $i < count($dirlist); $i++) { if ($dirlist[$i] == '..') { if ($upload_dir == '') { /* don't go lower than base upload directory (regardless of user) */ continue; } if (($priv == 'user') && ($upload_dir == $top_dir)) { /* normal users should not go lower than their own folder */ if (count($dirlist) == 1) echo('
' . "\n"); continue; } $lastdir = substr(strrchr($upload_dir, "/"), 1); /* Get the last directory in path */ $usedir = $lastdir; /* set the initial value */ /* Get the second last directory in path */ $len = strlen($lastdir); if ($len > 0) { $firstdirs = substr($upload_dir, 0, -($len + 1)); $usedir = $firstdirs; } $click = "javascript:refresh_upload_dir('reloaddir', 'uploadfile', '$dirlist[$i]', '$usedir');"; echo('' . "\n"); /* this link will go "up one folder" */ } //end if ($dirlist[$i] == '..') else { if ($upload_dir == '') $usedir = $dirlist[$i]; /* don't add an additional "/" to the directory string */ else $usedir = $upload_dir . '/' . $dirlist[$i]; $click = "javascript:refresh_upload_dir('reloaddir', 'uploadfile', '$dirlist[$i]', '$usedir');"; //echo('
'); //Dir Table echo('
No sub directories found
[ Back ]
'); echo(''); echo('' . "\n"); /* Add link to delete the directory */ $click = "javascript:delDir('reloaddir', 'del_dir', '$dirlist[$i]', '$usedir')"; //echo(''); echo(''); echo('
' . $dirlist[$i] . '
'); } //end else if ($dirlist[$i] == '..') } //end for ($i = 0; $i < count($dirlist); $i++) //echo('

' . "\n"); } //end if (count($dirlist) > 0) else { echo(''); echo('
'); echo('
'); echo('No folder or directory found' . "\n"); } /* Display the files */ if (count($filelist) > 0) { echo(''); echo('
'); echo('
'); echo('Files in current folder: ' . ($upload_dir == ''? '[Root]':$upload_dir) . '
' . "\n"); echo('' . "\n"); for ($i = 0; $i < count($filelist); $i++) { $lnk = $selected_dir . '/' . $filelist[$i] . '?' . time(); /* include the time to ensure a unique filename (to "disable" caching of files) */ echo('
' . "\n"); /* Add link to delete the file */ $click = "javascript:delFile('reloaddir', 'del_file', 'delete_A_file', '$upload_dir', '$filelist[$i]');"; echo('' . "\n"); echo('' . "\n"); } //end for ($i = 0; $i < count($filelist); $i++) echo('
' . $filelist[$i] . ' ' . "\n"); echo('' . "\n"); echo('
' . "\n"); } //end if (count($filelist) > 0) else { echo('
' . "\n"); echo('No Files in current directory
' . "\n"); } //end else if (count($filelist) > 0) /* Create new folder */ echo('' . "\n"); $java = "javascript:EnableCreateDir('new_user_folder');"; echo('
'); //echo('' . "\n"); //echo('Create new folder:
' . "\n"); //echo('' . "\n"); /* for the id to update the elements via javascript */ echo('' . "\n"); /* the contents to be updated */ //echo('

'); //echo(''); echo('' . "\n"); /* the contents to be updated */ echo('' . "\n"); /* for the id to update the elements via javascript */ echo('' . "\n"); /* Upload files */ // line //echo(''); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
'); echo('Select file to upload:
' . "\n"); echo('

' . "\n"); //new //echo('
'); // echo(''); // echo('
'); // echo(''); // echo(''); // echo('
'); //echo('
'); //echo('' . "\n"); //new echo('' . "\n"); echo('
'); echo('
' . "\n"); // line echo(''); echo('
'); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); //echo('' . "\n"); //new echo('' . "\n"); //echo(''); echo(''); echo(''); echo(''); echo(''); echo('
' . "\n"); echo('
'); } else /* ********************* ***** uploadfile2 *** ********************* */ if (isset($_POST['uploadfile2'])) { $username = $_POST['username']; $priv = $_POST['priv']; $upload_dir = $_POST['upload_dir']; $select_user = $_POST['select_user']; $top_dir = $_POST['top_dir']; echo('
'); echo('
'); echo('
'); echo('Error Report:'); echo('
'); echo(''); echo('
'); /* Check return code */ if ($_FILES['file']['error'] > 0) { switch ($_FILES['file']['error']) { /* case UPLOAD_ERR_OK: echo('Value: 0; There is no error, the file uploaded with success.' . "\n"); break; */ case UPLOAD_ERR_INI_SIZE: echo('
'); echo('Please inform DotPurple of ' . "\n"); echo('Error: 1; The uploaded file exceeds the UPLOAD_MAX_FILESIZE directive.' . "\n"); break; case UPLOAD_ERR_FORM_SIZE: echo('
'); echo('Please inform DotPurple of ' . "\n"); echo('Error: 2; The uploaded file exceeds the MAX_FILE_SIZE directive.' . "\n"); break; case UPLOAD_ERR_PARTIAL: echo('
'); echo('Please inform DotPurple of ' . "\n"); echo('Error: 3; The uploaded file was only partially uploaded.' . "\n"); break; case UPLOAD_ERR_NO_FILE: echo('
'); echo('Please inform DotPurple of ' . "\n"); echo('Error: 4; No file was specified.' . "\n"); break; case UPLOAD_ERR_NO_TMP_DIR: echo('
'); echo('Please inform DotPurple of ' . "\n"); echo('Error: 6; Missing a temporary folder.' . "\n"); break; case UPLOAD_ERR_CANT_WRITE: echo('
'); echo('Please inform DotPurple of ' . "\n"); echo('Error: 7; Failed to write file to disk.' . "\n"); break; case UPLOAD_ERR_EXTENSION: echo('
'); echo('Please inform DotPurple of ' . "\n"); echo('Error: 8; File upload stopped by extension.' . "\n"); break; } //end switch echo('
'); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); //echo('' . "\n"); //new echo(""); echo(''); echo('
' . "\n"); echo('' . "\n"); exit(); } //end if ($_FILES['file']['error'] > 0) $dir = str_replace('/', '//', $upload_dir); if ($dir == '') $uploadfile = $base_dir . '//' . $_FILES["file"]["name"]; else $uploadfile = $base_dir . '//' . $dir . '//' . $_FILES["file"]["name"]; if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) { echo('
'); echo('File was uploaded successfully.
' . "\n"); } else { echo('
'); echo('File was not uploaded
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); //echo('' . "\n"); echo(""); echo(''); echo('
'); echo('
' . "\n"); echo('' . "\n"); exit(); } $dir = str_replace('//', '/', $dir); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); ?>' . "\n"); echo('
'); } else /* ****************** ***** del_file *** ****************** */ if (isset($_GET['del_file'])) { $username = $_GET['username']; $priv = $_GET['priv']; $select_user = $_GET['select_user']; $top_dir = $_GET['top_dir']; $upload_dir = $_GET['upload_dir']; $fname = $_GET['fname']; if ($upload_dir == '') $fullname = $base_dir . '//' . $fname; else $fullname = $base_dir . '//' . $upload_dir . '//' . $fname; $fullname = str_replace('//', '/', $fullname); echo('' . "\n"); echo(''); echo(''); echo('
'); echo(''); echo('
'); echo(''); echo('
'); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
'); echo(''); echo('
'); echo('
'); echo('Delete file "' . $fname . '"?

' . "\n"); //echo(""); //echo(''); echo('' . "\n"); //echo('' . "\n"); //echo(""); //echo(''); echo('' . "\n"); echo('
'); //echo('' . "\n"); echo('
'); echo('' . "\n"); } else /* ******************* ***** del_file2 *** ******************* */ if (isset($_GET['del_file2'])) { $username = $_GET['username']; $priv = $_GET['priv']; $select_user = $_GET['select_user']; $top_dir = $_GET['top_dir']; $upload_dir = $_GET['upload_dir']; $fullname = $_GET['fullname']; echo('
' . "\n"); echo(''); echo(''); echo('
'); echo(''); echo('
'); echo(''); echo('
'); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); if (!@unlink($fullname)) { echo('Unable to remove file
' . "\n"); } else { ?>' . "\n"); echo('' . "\n"); echo('' . "\n"); } else /* ***************** ***** del_dir *** ***************** */ if (isset($_GET['del_dir'])) { $username = $_GET['username']; $priv = $_GET['priv']; $fulldir = $_GET['fulldir']; $select_user = $_GET['select_user']; $top_dir = $_GET['top_dir']; echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
'); echo('Delete: ' . $fulldir . '?
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); } else /* ****************** ***** del_dir2 *** ****************** */ if (isset($_GET['del_dir2'])) { $username = $_GET['username']; $priv = $_GET['priv']; $select_user = $_GET['select_user']; $top_dir = $_GET['top_dir']; $fulldir = $_GET['fulldir']; $lastdir = substr(strrchr($fulldir, "/"), 1); $usedir = $lastdir; $len = strlen($lastdir); if ($len > 0) { $firstdirs = substr($fulldir, 0, -($len + 1)); $usedir = $firstdirs; } $fulldir = $base_dir . '//' . str_replace('/', '//', $fulldir); if (!deltree($fulldir)) echo('Cannot delete directory
' . "\n"); else echo('Directory deleted successfully
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); ?>' . "\n"); } else /* ********************* ***** usr_details *** ********************* */ if (isset($_GET['usr_details'])) { $username = $_GET['username']; $priv = $_GET['priv']; $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); $sql = "select * from users"; $result = mysql_query($sql) or die(mysql_error()); $usr_count = mysql_num_rows($result) -1; $num_fields = mysql_num_fields($result); if ($usr_count > 0) { echo('' . "\n"); echo('' . "\n"); echo('
'); for ($i = 0; $i < $num_fields; $i++) { echo('
' . "\n"); } echo('' . "\n"); while ($row = mysql_fetch_array($result, MYSQL_BOTH)) { if ($row['uid'] == 'sa') continue; /* exclude "sa" user */ echo('' . "\n"); for ($i = 0; $i < $num_fields; $i++) { echo('' . "\n"); } echo('' . "\n"); } echo('
'.mysql_field_name($result, $i) .'
'.$row[$i].'
' . "\n"); } else { //font, size, colour. echo('
'); echo('No user details available
' . "\n"); echo('
'); } echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); } else /* ********************* ***** update_user *** ********************* */ if (isset($_GET['update_user'])) { $username = $_GET['username']; $priv = $_GET['priv']; $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); $sql = "select * from users"; $result = mysql_query($sql) or die(mysql_error()); $num_users = (mysql_num_rows($result) -1); //exclude "sa" user echo('
' . "\n"); echo('
'); echo('' . "\n"); echo('' . "\n"); if ($num_users > 0) { echo('
'); echo(''); echo('Select user to update:
' . "\n"); echo(''); echo('
' . "\n"); } //end if ($num_users > 0) else { echo('No users to update
' . "\n"); } //end else if ($num_users > 0) if ($num_users > 0) { echo('' . "\n"); echo('' . "\n"); } else { echo('' . "\n"); } echo('
'); echo('' . "\n"); } else /* ********************** ***** update_user2 *** ********************** */ if (isset($_GET['update_user2'])) { $username = $_GET['username']; $priv = $_GET['priv']; $usr_to_update = $_GET['usr_to_update']; echo('
'); echo('Update user "'.$usr_to_update.'"
' . "\n"); $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); $sql = "select upload_dir from users where uid='".$usr_to_update."'"; $result = mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result, MYSQL_NUM); $dir = $row[0]; echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); //echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('
' . "\n"); } else /* ******************* ***** user_menu *** ******************* */ if (isset($_GET['user_menu'])) { $username = $_GET['username']; $priv = $_GET['priv']; $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); /* Validate upload directory in DB */ $sql = "select upload_dir from users where uid='".$username."'"; $result = mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result, MYSQL_NUM); $upload_dir = $row[0]; echo(''); echo(''); echo('
'); echo(''); echo(''); echo(''); echo(''); echo('
'); echo(''); echo(''); echo('
'); echo(''); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); if ($upload_dir == '') { echo('
'); echo('Please inform the Web Master that no Upload directory has been configured for you - Contact: DotPurple
' . "\n"); echo('
'); echo('' . "\n"); } else { echo('' . "\n"); echo('' . "\n"); echo('
'); echo('
'); echo('
'); echo('
'); echo('Logged-in User: ' . $username . '' . "\n"); echo('
'); echo('
'); echo('
'); echo('' . "\n"); echo(' '); echo('' . "\n"); //echo(""); //echo(''); } //echo(""); //echo(''); echo('
'); echo('
'); echo('
'); echo('
'); echo('
'); echo('
'); //echo(''); echo('
'); echo('
'); echo('' . "\n"); } else /* ********************* ***** create_user *** ********************* */ if (isset($_GET['create_user'])) { $username = $_GET['username']; $priv = $_GET['priv']; echo('
'); echo(''); echo('.: Create User :.
' . "\n"); echo(''); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('Username
' . "\n"); echo('
' . "\n"); echo('Password
' . "\n"); echo('
' . "\n"); echo('Confirm Password
' . "\n"); echo('
' . "\n"); echo('Privileges
' . "\n"); echo('

' . "\n"); echo('

' . "\n"); echo('
' . "\n"); echo('' . "\n"); } else /* ********************** ***** create_user2 *** ********************** */ if (isset($_GET['create_user2'])) { $username = $_GET['username']; $priv = $_GET['priv']; $new_username = $_GET['new_username']; $new_password = $_GET['new_password']; $new_confirm_password = $_GET['new_confirm_password']; $new_priv = $_GET['new_priv']; /* validation checks here */ if ($new_password != $new_confirm_password) { echo('Password validation failed
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); echo('
' . "\n"); exit(); } $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); $sql = "select * from users where uid='".$new_username."'"; $result = mysql_query($sql) or die(mysql_error()); $num_rows = mysql_num_rows($result); if ($num_rows > 0) { echo('
'); echo('User '.$new_username.' exists
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); echo('
' . "\n"); exit(); } $sql = "insert into users set uid='$new_username', pwd='$new_password', priv='$new_priv'"; $result = mysql_query($sql) or die(mysql_error()); echo('
'); echo('New user created
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); echo('
' . "\n"); } else /* ******************* ***** dir_setup *** ******************* */ if (isset($_GET['dir_setup'])) { $username = $_GET['username']; $priv = $_GET['priv']; $user = $_GET['user']; $dir = $_GET['dir']; if ($dir == '') $dir = $base_dir; echo('current directory: ' . $dir . '
' . "\n"); /* create base_dir if it doesn't exist */ $root = @opendir($dir); if (!$root) { if (!force_directories($dir)) { echo('Unable to open or create directory
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); //echo('
' . "\n"); echo('' . "\n"); echo('
' . "\n"); exit(); } //end if (!force_directories($base_dir)) /* try again */ $root = @opendir($dir); if (!$root) { echo('Unable to open or create directory
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); //echo('
' . "\n"); echo('' . "\n"); echo('
' . "\n"); exit(); } //end if (!$root) } //end if (!$root) /* list all sub directories */ $dirlist = create_dirlist($root); closedir($root); //sort($dirlist, SORT_STRING); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); //line echo(''); if (count($dirlist) == 1 && $dir == $base_dir) { echo('No sub directories found
' . "\n"); } else { echo('' . "\n"); for ($i = 0; $i < count($dirlist); $i++) { $line = $dirlist[$i]; if ($line == '..') { if ($dir == $base_dir) continue; $lastdir = substr(strrchr($dir, "/"), 1); $usedir = $lastdir; $len = strlen($lastdir); if ($len > 0) { $firstdirs = substr($dir, 0, -($len + 1)); $usedir = $firstdirs; } $click = "javascript:refresh_dir('dir_form', 'dir_setup', '$line', '$usedir');"; } else { $click = "javascript:refresh_dir('dir_form', 'dir_setup', '$line', '$dir/$line');"; } echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); } echo('
' . "\n"); echo($line == '..'? '[ Back ]' : $line . "\n"); echo('
' . "\n"); } /* Create new folder */ echo('
' . "\n"); echo('' . "\n"); $java = "javascript:EnableCreateDir('new_folder');"; echo('
'); echo('' . "\n"); echo('Create new folder:
' . "\n"); echo('' . "\n"); /* for the id to update the elements via javascript */ echo('' . "\n"); /* the contents to be updated */ echo('

'); echo(''); echo('' . "\n"); /* the contents to be updated */ echo('' . "\n"); /* for the id to update the elements via javascript */ if ($user != '') { if ($dir != $base_dir) echo('' . "\n"); } /* Delete folder */ if ($dir != $base_dir) echo(''); echo(''); echo('
' . "\n"); } else /* ******************** ***** dir_setup2 *** ******************** */ if (isset($_GET['dir_setup2'])) { $username = $_GET['username']; $priv = $_GET['priv']; $user = $_GET['user']; $curdir = $_GET['curdir']; if ($curdir != '') { $curdir = str_replace('up_download/', '', $curdir); //echo($curdir . '
' . "\n"); } $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); $sql = "update users set upload_dir='$curdir' where uid='$user'"; $result = mysql_query($sql) or die(mysql_error()); echo('
'); echo('User ' . $user . ' updated
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); } else /* ******************************* ***** del_dir_from_dirsetup *** ******************************* */ if (isset($_GET['del_dir_from_dirsetup'])) { $username = $_GET['username']; $priv = $_GET['priv']; $user = $_GET['user']; $curdir = $_GET['curdir']; echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); $lastdir = substr(strrchr($curdir, "/"), 1); echo('Delete directory: ' . $lastdir . '?' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); } else /* ******************************** ***** del_dir_from_dirsetup2 *** ******************************** */ if (isset($_GET['del_dir_from_dirsetup2'])) { $username = $_GET['username']; $priv = $_GET['priv']; $user = $_GET['user']; $dir = $_GET['dir']; echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); $lastdir = substr(strrchr($dir, "/"), 1); echo('Deleting dir: ' . $lastdir . '
' . "\n"); if (!deltree($dir)) { echo('Unable to remove folder ' . $lastdir . '
' . "\n"); $usedir = $dir; } else { $usedir = $lastdir; $len = strlen($lastdir); if ($len > 0) { $firstdirs = substr($dir, 0, -($len + 1)); $usedir = $firstdirs; } echo($lastdir . ' deleted
' . "\n"); } echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); } else /* ******************** ***** new_folder *** ******************** */ if (isset($_GET['new_folder'])) { $username = $_GET['username']; $priv = $_GET['priv']; $user = $_GET['user']; $curdir = $_GET['curdir']; $newfolder = $_GET['newfolder']; echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); if ($newfolder == '') { ?>' . "\n"); if (!file_exists($path)) { if (!force_directories($path)) { echo('unable to create "'.$path.'"' . "\n"); } //end if (!force_directories($path)) } //end if (!file_exists($path)) echo('' . "\n"); echo('' . "\n"); //used for page name echo('' . "\n"); /* no need for the button */ ?>' . "\n"); } else /* ************************* ***** new_user_folder *** ************************* */ if (isset($_GET['new_user_folder'])) { $username = $_GET['username']; $priv = $_GET['priv']; $select_user = $_GET['select_user']; $top_dir = $_GET['top_dir']; $current_upload_dir = $_GET['current_upload_dir']; $newfolder = $_GET['newfolder']; echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); /* set the next page name */ if ($newfolder == '') { ?>' . "\n"); echo('' . "\n"); ?>' . "\n"); } else /* ********************* ***** delete_user *** ********************* */ if (isset($_GET['delete_user'])) { $username = $_GET['username']; $priv = $_GET['priv']; $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); /* Get list of all users */ $sql = "select * from users"; $result = mysql_query($sql); $num_users = mysql_num_rows($result) -1; //exclude "sa" user echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); if ($num_users > 0) { echo('
'); echo(''); echo('Select user to delete:
' . "\n"); echo(''); echo('
' . "\n"); echo('' . "\n"); } //end if ($num_users > 0) else { echo('No users to delete
' . "\n"); } //end else if ($num_users > 0) echo('
' . "\n"); echo('' . "\n"); } else /* ********************** ***** delete_user2 *** ********************** */ if (isset($_GET['delete_user2'])) { $username = $_GET['username']; $priv = $_GET['priv']; $del_user = $_GET['del_user']; /* Confirm delete user */ echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('Delete User '. $del_user . '?
' . "\n"); echo('' . "\n"); echo('
' . "\n"); echo('' . "\n"); } else /* ********************** ***** delete_user3 *** ********************** */ if (isset($_GET['delete_user3'])) { $username = $_GET['username']; $priv = $_GET['priv']; $del_user = $_GET['del_user']; /* Finally delete the user */ $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); mysql_select_db($sqlDB) or die(mysql_error()); $sql = "delete from users where uid='$del_user'"; $result = mysql_query($sql); echo('User '. $del_user . ' deleted
' . "\n"); echo('
' . "\n"); echo('' . "\n"); echo('' . "\n"); echo('
' . "\n"); echo('
' . "\n"); } else /* ******************* ***** setup_dbs *** ******************* */ if (isset($_GET['setup_dbs'])) { echo('Setting up Database:
' . "\n"); $link = mysql_connect("localhost", $mysqluser, $mysqlpass) or die(mysql_error()); /* Drop the database */ echo('Dropping database' . "\n"); $sql = "drop database $sqlDB"; $result = mysql_query($sql); if ($result) echo(' - OK
' . "\n"); else /* Don't exit on error, the DB might not exist yet */ echo(' - Failed: ' . mysql_error() . '
' . "\n"); /* Create the DB */ echo('Creating database' . "\n"); $sql = "create database $sqlDB"; $result = mysql_query($sql) or die(' - Failed: ' . mysql_error()); echo(' - OK
' . "\n"); /* Create Table */ echo('Creating user table' . "\n"); mysql_select_db($sqlDB) or die(mysql_error()); $sql = "create table users (uid varchar(100) NOT NULL, pwd text NOT NULL, priv text NOT NULL, upload_dir text NOT NULL, primary key (uid))"; $result = mysql_query($sql) or die(' - Failed: ' . mysql_error()); echo(' - OK
' . "\n"); /* Add the system administrator user */ echo('Setting up users' . "\n"); $sql = "insert into users set uid='sa', pwd='admin', priv='admin', upload_dir=''"; $result = mysql_query($sql) or die(' - Failed: ' . mysql_error()); echo(' - OK
' . "\n"); /* Create the base directory */ if (!force_directories($base_dir)) { echo('Unable to create Base Directory' . "\n"); exit(); } echo('
' . "\n"); echo('' . "\n"); echo('
' . "\n"); } else /* *************** ***** other *** *************** */ { $username = ''; if (isset($_GET['username'])) { $username = $_GET['username']; } echo('
'); echo(''); echo(''); echo(''); echo(''); echo('
'); echo(''); echo(''); echo('
'); echo(''); echo('
'); echo(''); echo(''); echo(''); echo(''); echo(''); echo('
'); echo(''); echo(''); echo('
'); echo('Please enter logon details:
' . "\n"); echo('
'); echo('USERNAME
' . "\n"); echo('
' . "\n"); echo('PASSWORD
' . "\n"); echo('

' . "\n"); echo('
'); echo(""); echo(''); echo(''); echo('
'); echo(''); echo(''); echo(''); echo('
'); echo('
'); } ?>