Location: PHPKode > projects > Ptk-forensics > ptk/lib/get_folder_content.php
<?
/*
PTK  - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
include("check_session_image.php");
include("lib_commands.php");
include("lib_std.php");
include("loggerClass.php");

if (isset($_SESSION['file_bro_token']) && strcmp($_SESSION['file_bro_token'],$_GET['tk']) == 0){

$token = sanitize(RemoveXSS($_GET['tk']),PARANOID);

$offset = sanitize($_GET['arg1'],INT);
$inode = sanitize($_GET['arg2'],PARANOID);
$partition_id = sanitize($_GET['arg3'],INT);
$tz = preg_replace("/[^a-zA-Z0-9\/\_\-\+\|]/", "", $_GET['arg5']);

if(isset($_GET['arg4'])){
	$filter_value = preg_replace("/[^a-zA-Z0-9\|\,\-\:\ ]/", "", $_GET['arg4']);
	$desc = $filter_value;
	$_SESSION['filter_value'] = $filter_value;
	if(preg_match("/.+\,.*,\,\,/", $filter_value)){
		$filter_value='';
		$desc='';
	}else{
		if(preg_match("/\,/", $filter_value)) $desc = "advanced";
	}
}else{
	if(isset($_SESSION['filter_value'])){
		$filter_value = $_SESSION['filter_value'];
		$desc = $filter_value;
		if(preg_match("/\,/", $filter_value)) $desc = "advanced";
	}else{
		$filter_value = '';
		$desc = $filter_value;
	}
}
if($filter_value==''){ 
	unset($_SESSION['filter_value']);
	$color = "#FFFFFF";
}else{
	$color = "#FFCCCC";
}

if ($_SESSION['listall']=='true'){
	$listall="-r";
}else{
	$listall="";
}
$output = get_folder_content($_SESSION['image_path'], $offset, $inode,$tz,$listall);
$lines = explode("\n", $output);
?>
<p style="font-size:8pt; margin-bottom:-10px; margin-left:20px">
	<!-- <img src="../img/select_all.png" style="vertical-align: middle">&nbsp;If selected: <u style="cursor:pointer" onclick="goto_multiple_bookmarks(0, '<?=$partition_id?>')">bookmark all</u> --><!-- |  <u style="cursor:pointer">export all</u>-->
	<input type="text" name="filter_value" id="filter_value" value="<?=$desc?>" style="font-size:8pt; margin-bottom: 2px;margin-left:-10px;width:148px; height: 20px; background-color:<?=$color?>">
	<?if($filter_value==''){?>
		<img title="Enable filter" id="filter_image" src="../img/filter.png" style="cursor:pointer; vertical-align: middle" onclick="goFilter(<?=$offset?>,'<?=$inode?>',<?=$partition_id?>, document.getElementById('filter_value').value,'<?=$tz?>','<?=$token?>')">
	<?}else{?>
		<img title="Remove filter" "id="filter_image" src="../img/filter_down.png" style="cursor:pointer; vertical-align: middle" onclick="goFilter(<?=$offset?>,'<?=$inode?>',<?=$partition_id?>,'','<?=$tz?>','<?=$token?>')">
	<?}?>
	<img title="Advanced filter" onclick="displayMessage('modal_filter.php?tk=<?=$token?>&arg1=<?=$offset?>&arg2=<?=$inode?>&arg3=<?=$partition_id?>&arg4=<?=$tz?>', '430', '435');return false;" src="../img/advanced_filter.png" style="vertical-align: middle; cursor:pointer">
	<?if($listall==""){?>
		<img onclick="listAllDescendant('true',<?=$offset?>,'<?=$inode?>',<?=$partition_id?>,'<?=$filter_value?>','<?=$tz?>','<?=$token?>');return false;" title="Recursive" src="../img/recursive.png" style="cursor:pointer; vertical-align: middle"/>
	<?}else{?>
		<img onclick="listAllDescendant('false',<?=$offset?>,'<?=$inode?>',<?=$partition_id?>,'<?=$filter_value?>','<?=$tz?>','<?=$token?>');return false;" title="Recursive" src="../img/recursive_down.png" style="cursor:pointer; vertical-align: middle"/>
	<?}?>
</p>

<table class="file">
	<th><input type='checkbox' id='bookmark_all' onclick="check_uncheck_all()"></th>
	<th><img title="bookmark selected files" id='starall' style="cursor:pointer" onclick="goto_multiple_bookmarks(0, '<?=$partition_id?>')" src='../img/star.png'/></th>
	<th>Name</th>
	<th>Modified</th>
	<th>Accessed</th>
	<th>Changed</th>
	<th>Birth</th>
	<th>Size</th>
	<th>UID</th>
	<th>GID</th>
	<th>Meta</th>
	<th>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</th>
	<?	
	$folder_token = md5(uniqid(rand(), TRUE));
	$_SESSION['folder_token'] = $folder_token;
	$i = 0;
	$filtered_files=0;
	$bookmarked_files=0;
	foreach($lines as $line){
		preg_match("/(\S{3})\s(\*?)\s?(\S+):\s([^\t]*)\t(\S{10}\s\S{8}\s\(\S+\))\s(\S{10}\s\S{8}\s\(\S+\))\s(\S{10}\s\S{8}\s\(\S+\))\s(\S{10}\s\S{8}\s\(\S+\))\s(\d*)\s(\d*)\s(\d*)/", $line, $line);

		$name = $line[4];		

		$nm =  $name;
	
		$name = preg_replace("/^\//", "", $name);
		$name = preg_replace("/\'/", "", $name);
		
		$URLName = urlencode($name);
		$bn = urlencode($name);
		$nm = urlencode($nm);
				
		if ($line[2]=='*'){
			$del = "yes";
		}else{
			$del = "no";
		}
		$inode = $line[3];
		$permissions = $line[1];
		$uid = $line[10];
		$gid = $line[11];
		$size = $line[9];
		$accessed = $line[6]; $acc = $line[6];
		$modified = $line[5]; $wri = $line[5];
		$changed  = $line[7]; $cha = $line[7];
		$birth    = $line[8]; $bir = $line[8];
		$is_bookmark = check_bookmark($_SESSION['user'], $_SESSION['case_id'], $partition_id, $inode, 0, '');
		if($name!=''){
			if($filter_value!=''){
				$write_it = 0;
				if($desc == "advanced"){
					$filter_arr = explode(",", $filter_value);
					$field = $filter_arr[0];
					$operator = $filter_arr[1];
					$type = $filter_arr[2];
					$time1 = $filter_arr[3];
					$time2 = $filter_arr[4];
					switch($field){
						case "modified":
							if($time2==''){
								if($operator=="equal"){
									if(strstr($modified,$time1)) $write_it=1;
								}elseif($operator=="greater"){
									if(strtotime($modified) > strtotime($time1)) $write_it=1;
								}elseif($operator=="lower"){
									if(strtotime($modified) < strtotime($time1)) $write_it=1;
								}
							}else{
								if((strtotime($modified) > strtotime($time1))and(strtotime($modified) < strtotime($time2))) $write_it=1;	
							}
							break;
						case "accessed":
							if($time2==''){
								if($operator=="equal"){
									if(strstr($accessed,$time1)) $write_it=1;
								}elseif($operator=="greater"){
									if(strtotime($accessed) > strtotime($time1)) $write_it=1;
								}elseif($operator=="lower"){
									if(strtotime($accessed) < strtotime($time1)) $write_it=1;
								}
							}else{
								if((strtotime($accessed) > strtotime($time1))and(strtotime($accessed) < strtotime($time2))) $write_it=1;	
							}
							break;
						case "changed":
							if($time2==''){
								if($operator=="equal"){
									if(strstr($changed,$time1)) $write_it=1;
								}elseif($operator=="greater"){
									if(strtotime($changed) > strtotime($time1)) $write_it=1;
								}elseif($operator=="lower"){
									if(strtotime($changed) < strtotime($time1)) $write_it=1;
								}
							}else{
								if((strtotime($changed) > strtotime($time1))and(strtotime($changed) < strtotime($time2))) $write_it=1;	
							}
							break;
						case "birth":
							if($time2==''){
								if($operator=="equal"){
									if(strstr($birth,$time1)) $write_it=1;
								}elseif($operator=="greater"){
									if(strtotime($birth) > strtotime($time1)) $write_it=1;
								}elseif($operator=="lower"){
									if(strtotime($birth) < strtotime($time1)) $write_it=1;
								}
							}else{
								if((strtotime($birth) > strtotime($time1))and(strtotime($birth) < strtotime($time2))) $write_it=1;	
							}
							break;
						case "filetype":				
							$filetype = get_file_type($_SESSION['image_path'], $offset, $inode);						
							if(preg_match("/$type/", $filetype)) $write_it=1;
							break;
					}
				}else{
					if(stristr($name,$filter_value)){
						$write_it = 1;
					}
				}
				if($write_it!=0){
					$filtered_files +=1;
					if($del=='yes'){
						echo "<tr style='color: #FF0000' onmouseover='showPanel($i)' onmouseout='hidePanel($i)'>";
					}else{
						echo "<tr onmouseover='showPanel($i)' onmouseout='hidePanel($i)'>";
					}
					echo "<td style='text-align: center'><input type='checkbox' name='bookmark_it' value='$inode|$bn'></td>";				
					if($is_bookmark==0){
						echo "<td style='text-align: center'><img id='star$inode' src='../img/star_empty.png' style='cursor:pointer' onclick=\"displayMessage('modal_bookmark.php?arg1=0&arg2=$inode&arg3=$partition_id&arg4=$bn', '340', '250');return false\"></td>";
					}else{
						echo "<td style='text-align: center'><img id='star$inode' src='../img/star.png' style='cursor:pointer' onclick=\"delete_bookmark('0', '$inode', '$partition_id', '$bn');\"></td>";				
						$bookmarked_files +=1;
					}
					#echo "<td>$permissions</td>";
					echo "<td ><u style='cursor:pointer' onclick=\"createNewTab('tab_view','$URLName','','file_content.php?tk=$folder_token&arg1=$offset&arg2=$inode&arg3=$URLName&arg4=$partition_id',false); ajax_request('get_command_output.php?id=2&arg1=".$_SESSION['image_path']."&arg2=$offset&arg3=$inode', 'file_type_$inode'); return false;\">$name</u></td>";
					echo "<td>$modified</td>";							
					echo "<td>$accessed</td>";
					echo "<td>$changed</td>";
					echo "<td>$birth</td>";
					echo "<td>$size</td>";
					echo "<td>$uid</td>";
					echo "<td>$gid</td>";
					echo "<td>$inode</td>";
					echo "<td style='text-align: center'>";
					echo "<div id='panel$i' style='display:none'>";
					echo "<img style='cursor:pointer' src='../img/file_info.png' title='Show file details' onclick=\"displayMessage('modal_file_info.php?tk=$folder_token&arg1=$inode&arg2=$permissions&arg3=$wri&arg4=$acc&arg5=$cha&arg6=$bir&arg7=$size&arg8=$uid&arg9=$gid&arg10=$nm', '600', '400');return false\">";
					echo "<img style='cursor:pointer' src='../img/view_file.png' title='Show file content' onclick=\"createNewTab('tab_view','$URLName','','file_content.php?tk=$folder_token&arg1=$offset&arg2=$inode&arg3=$URLName&arg4=$partition_id',false); return false;\">";
					echo "<img style='cursor:pointer' src='../img/export.png' title='Export' onclick=\"window.location = 'export_file.php?arg1=$offset&arg2=$inode&arg3=$URLName';\">&nbsp;";
					echo "</div>";
					echo "</td>";
					echo "</tr>";								
				}
			}else{			
				if($del=='yes'){
					echo "<tr style='color: #FF0000' onmouseover='showPanel($i)' onmouseout='hidePanel($i)'>";
				}else{
					echo "<tr onmouseover='showPanel($i)' onmouseout='hidePanel($i)'>";
				}
				echo "<td style='text-align: center'><input type='checkbox' name='bookmark_it' value='$inode|$bn'></td>";				
				if($is_bookmark==0){
					echo "<td style='text-align: center'><img id='star$inode' src='../img/star_empty.png' style='cursor:pointer' onclick=\"displayMessage('modal_bookmark.php?arg1=0&arg2=$inode&arg3=$partition_id&arg4=$bn', '340', '250');return false\"></td>";
				}else{
					echo "<td style='text-align: center'><img id='star$inode' src='../img/star.png' style='cursor:pointer' onclick=\"delete_bookmark('0', '$inode', '$partition_id', '$bn');\"></td>";				
					$bookmarked_files+=1;
				}
				#echo "<td>$permissions</td>";
				echo "<td ><u style='cursor:pointer' onclick=\"createNewTab('tab_view','$URLName','','file_content.php?tk=$folder_token&arg1=$offset&arg2=$inode&arg3=$URLName&arg4=$partition_id',false); ajax_request('get_command_output.php?id=2&arg1=".$_SESSION['image_path']."&arg2=$offset&arg3=$inode', 'file_type_$inode'); return false;\">$name</u></td>";
				echo "<td>$modified</td>";
				echo "<td>$accessed</td>";
				echo "<td>$changed</td>";
				echo "<td>$birth</td>";
				echo "<td>$size</td>";
				echo "<td>$uid</td>";
				echo "<td>$gid</td>";
				echo "<td>$inode</td>";
				echo "<td style='text-align: center'>";
				echo "<div id='panel$i' style='display:none'>";
				echo "<img style='cursor:pointer' src='../img/file_info.png' title='Show file details' onclick=\"displayMessage('modal_file_info.php?tk=$folder_token&arg1=$inode&arg2=$permissions&arg3=$wri&arg4=$acc&arg5=$cha&arg6=$bir&arg7=$size&arg8=$uid&arg9=$gid&arg10=$nm', '600', '400');return false\">";
				echo "<img style='cursor:pointer' src='../img/view_file.png' title='Show file content' onclick=\"createNewTab('tab_view','$URLName','','file_content.php?tk=$folder_token&arg1=$offset&arg2=$inode&arg3=$URLName&arg4=$partition_id',false); return false;\">";
				echo "<img style='cursor:pointer' src='../img/export.png' title='Export' onclick=\"window.location = 'export_file.php?arg1=$offset&arg2=$inode&arg3=$URLName';\">&nbsp;";
				echo "</div>";
				echo "</td>";
				echo "</tr>";
			}
		}
		$i = $i+1;
	}
	?>
</table>
<p class="folder_info">
	<?="Total listed files:".($i-1)." | Total filtered files:".$filtered_files." | Total bookmarked files:".$bookmarked_files?>
</p>
<?}else{
	new AuditLog('Unauthorized access to get_folder_content');
        header("location: goto_home.php");
}
Return current item: Ptk-forensics