<?php include '../util.inc'; define('DIR', "/home/bennet/phpwrite/repository"); define('MAXSIZE', 1000); define('MAXNUM', 25); // Return a string which is a correct link back to ourselves, with the // operation set to $func, and optional value for selector, which // generates sel=value, if it sent. It also takes an optional string // which is appended to the URL as path info. function gen_link($func, $content, $sel='', $path = '') { $me = $_SERVER['SCRIPT_NAME']; if($sel) $sel = "&sel=$sel"; if($path) $path = "/$path"; return "<a href=\"$me$path?oper=$func$sel\">$content</a>"; } // Error message, if any. $message = ''; // Operation from the query. $oper = $_REQUEST['oper']; $sel = $_REQUEST['sel']; $path = $_SERVER['PATH_INFO']; // Process a get here. If it succeeds, we'll not run the rest of the // script. if($oper == 'dld' && $path) { $sel = preg_replace('|^/+|', '', $path); if(!preg_match('/^[a-zA-Z0-9_\\.-]+$/', $sel)) $message = "Illegal delete request for $sel."; else if(!($fp = @fopen(DIR."/$sel", "r"))) $message = "Cannot read $sel."; else { header ("Content-type: application/octet-stream"); fpassthru($fp); exit; } } // Process a delete now. That will make the directory listing accurate. if($oper == 'del' && $sel) { if(!preg_match('/^[a-zA-Z0-9_\\.-]+$/', $sel)) $message = "Illegal delete request for $sel."; else if(!@unlink(DIR."/$sel")) $error = "File system delete $sel failed."; } // Open the directory. if (!($dp = @opendir(DIR))) { head('File Listing Error'); echo "<body>Directory ".DIR." will not open.</body><html>"; exit; } // Get the names and sort them. The !== prevents php from thinking the // items are equal if you use another name which counts a false (such as // zero or the empty string.) 0 !== false is true, but 0 != false is false. $names = array(); while (($file = readdir($dp)) !== false) { if($file == '.' || $file == '..') continue; $names[] = $file; } closedir($dp); if(count($names) >= MAXNUM) $message = "The remote directory is full"; if(count($names) == 0) $message = "The remote directory is empty"; start('Remote File Facility'); // Try to read the sent file. // echo "$oper $userfile $userfile_name"; if($oper == 'Send' && $_FILES['sentfile']) { // This is convenient. $fn = $_FILES['sentfile']['name']; // Get the local name. $newname = $_REQUEST['newname']; if(!$newname) $newname = preg_replace('/^.*[\\/\\\\]/', '', $fn); if($_FILES['sentfile']['error'] != UPLOAD_ERR_OK) switch($_FILES['sentfile']['error']) { case UPLOAD_ERR_INI_SIZE: $message = "File $fn exceeds system max size."; break; case UPLOAD_ERR_FORM_SIZE: $message = "File $fn is too large."; break; case UPLOAD_ERR_PARTIAL: $message = "$fn upload was not completed."; break; case UPLOAD_ERR_NO_FILE: $message = "No file uploaded."; break; case UPLOAD_ERR_NO_TMP_DIR: case UPLOAD_ERR_CANT_WRITE: $message = "Unable to create temp copy of $fn" . ' (server error)'; break; default: $message = "Upload failed."; } else if(count($names) >= MAXNUM) $message = "The file repository is full."; else if($_FILES['sentfile']['size'] > MAXSIZE) $message = "File $fn is too large."; else if(!preg_match('/^[a-zA-Z0-9_\\.-]+$/', $newname)) // Allowing only alnums and a few others. $message = "File name $newname is not allowed."; else if(array_search($newname, $names)) $message = "File $newname already exists."; else { // Trim the file name, then move the file. if(!@move_uploaded_file($_FILES['sentfile']['tmp_name'], DIR."/$newname")) $message = "File system copy failed."; // Not in the directory listing. Fix. $names[] = $newname; if(count(names) == 1) $message = ''; } } // Error msg, if any. if($message) echo '<font color="red"><i>', "$message</i></font><p>"; // File upload entry. Omit if the directory is full if(count($names) < MAXNUM) { // File upload form. Much copied from PHP doc. $maxsize = MAXSIZE; echo <<<ENDUP <b>Upload</b><p> <form enctype="multipart/form-data" action="$SCRIPT_NAME" method="post"> <input type="hidden" name="MAX_FILE_SIZE" value="$maxsize"> <table> <tr><td align="left">Send:</td> <td><input name="sentfile" type="file" size="50"></td></tr> <tr><td align="left">Rename:</td> <td><input type="text" name="newname" size="40"></td></tr> </table> <input type="submit" name="oper" value="Send"> </form> ENDUP; } echo '<b>File List</b><p>'; echo "<table>\n"; echo '<tr><td align="left">', gen_link('ref', '[Refresh]'), '</td></tr>'; sort ($names); reset ($names); foreach($names as $fn) { echo "<tr>"; echo '<td align="left">', gen_link('del', '[Delete]', $fn), '</td>'; echo '<td align="left">', gen_link('dld', '[Get]', '', $fn), '</td><td width=2></td>'; echo '<td align="left">', $fn, '</td>'; echo '<tr>'; } echo "</table>\n"; ?>