Location: PHPKode > projects > PWhere > pwhere-0.4/pwhere.php
<?php

/*
 Copyright 2008-2009 - Domenico Ferrari <hide@address.com>

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.

 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.

*/

error_reporting(E_ALL);

include("pwhere-conf.php");
include("lang/$LANG.php");

$PWhereBase=dirname($_SERVER["SCRIPT_FILENAME"]); // base directory of the program

$RowsPerPage="100";

$DrivePropWin="cscript ".$PWhereBase."\\getlabel.vbs //nologo "; // Windows get disk label
$DriveListWin="cscript ".$PWhereBase."\\getdrives.vbs //nologo "; // Windows get drives list

/*
* SQL functions for MySQL db type
*/
if($dbtype=="MYSQL") {
function db_connect() {
	global $dbhost, $dbuser, $dbpass, $dbname;
	$c=mysql_connect($dbhost, $dbuser, $dbpass);
	mysql_select_db($dbname, $c);
	return $c;
}
function db_query($q,$c) { return mysql_query($q,$c); }
function db_escape_string($s,$c) { return mysql_real_escape_string($s,$c); }
function db_fetch_array($r) { return mysql_fetch_array($r); }
function db_num_rows($r) { return mysql_num_rows($r); }
function db_error($c) { return mysql_error($c); }
function db_close($c) { return mysql_close($c); }
function db_begin_tran($c) { return mysql_query("BEGIN",$c); }
function db_commit_tran($c) { return mysql_query("COMMIT",$c); }
function db_rollback_tran($c) { return mysql_query("ROLLBACK",$c); }
} elseif($dbtype=="SQLITE") {
/*
* SQL functions for Sqlite db type
*/
function db_connect() {
	global $dbfile;
	return sqlite_open($dbfile);
}
function db_query($q,$c) { return sqlite_query($q,$c); }
function db_escape_string($s,$c) { return sqlite_escape_string($s,$c); }
function db_fetch_array($r) { return sqlite_fetch_array($r); }
function db_num_rows($r) { return sqlite_num_rows($r); }
function db_error($c) { return sqlite_error_string(sqlite_last_error($c)); }
function db_close($c) { return sqlite_close($c); }
function db_begin_tran($c) { return true; }
function db_commit_tran($c) { return true; }
function db_rollback_tran($c) { return true; }
} else {
	die(_ERR_NODBTYPE);
}

function myescape($s)
{
	global $conn;

	if(!get_magic_quotes_gpc()) {
		return db_escape_string($s,$conn);
	}
	
	return $s;
}

/*
* Evaluate the permissions of $path
*/
function getFullPermissions($path)
{
	$perms = fileperms($path);

	if (($perms & 0xC000) == 0xC000) {
		// Socket
		$info = 's';
	} elseif (($perms & 0xA000) == 0xA000) {
		// Symbolic Link
		$info = 'l';
	} elseif (($perms & 0x8000) == 0x8000) {
		// Regular
		$info = '-';
	} elseif (($perms & 0x6000) == 0x6000) {
		// Block special
		$info = 'b';
	} elseif (($perms & 0x4000) == 0x4000) {
		// Directory
		$info = 'd';
	} elseif (($perms & 0x2000) == 0x2000) {
		// Character special
		$info = 'c';
	} elseif (($perms & 0x1000) == 0x1000) {
		// FIFO pipe
		$info = 'p';
	} else {
		// Unknown
		$info = 'u';
	}

	// Owner
	$info .= (($perms & 0x0100) ? 'r' : '-');
	$info .= (($perms & 0x0080) ? 'w' : '-');
	$info .= (($perms & 0x0040) ?
		(($perms & 0x0800) ? 's' : 'x' ) :
		(($perms & 0x0800) ? 'S' : '-'));

	// Group
	$info .= (($perms & 0x0020) ? 'r' : '-');
	$info .= (($perms & 0x0010) ? 'w' : '-');
	$info .= (($perms & 0x0008) ?
		(($perms & 0x0400) ? 's' : 'x' ) :
		(($perms & 0x0400) ? 'S' : '-'));

	// World
	$info .= (($perms & 0x0004) ? 'r' : '-');
	$info .= (($perms & 0x0002) ? 'w' : '-');
	$info .= (($perms & 0x0001) ?
		(($perms & 0x0200) ? 't' : 'x' ) :
		(($perms & 0x0200) ? 'T' : '-'));

	return $info;
} // getFullPermissions

/*
* Print navigation bar
*
* $catid - category id
* $diskid - current disk id, NULL if we are on the disks list
*/
function doNavigation($catid, $diskid=NULL)
{
	global $conn;

	$rs=db_query("SELECT * FROM categories WHERE num=".$catid,$conn);
	$row=db_fetch_array($rs);
	echo _STR_CATEGORY." <B><A HREF=\"?fnc=disks&catid=$catid\">".$row["name"]."</A></B>";

	if(isset($diskid)) {
		$diskid=$_GET["diskid"];
		$rs=db_query("SELECT name, volume FROM disks WHERE iddisk=$diskid", $conn);
		$row=db_fetch_array($rs);
		$diskname=$row["name"];
		echo " "._STR_DISK." <B><A HREF=\"?fnc=list&diskid=$diskid\">$diskname</A></B> - "._STR_LABEL." <B>".$row["volume"]."</B>";
	}

	return;
}

/*
* Recurse into folders and get file and directory attributes
*/
function scanFolder($folder,$startfolder,$disk,$catid)
{
	global $conn;

	$ok=true;

	$handle = opendir($folder);
	if($handle===FALSE) {// errore: non e' una directory
		echo _ERR_NODIR." $folder<br>";
		return false;
	}

	while ($ok && false !== ($file = readdir($handle))) {
		$filename="$folder/$file";
		$location=substr($folder,strlen($startfolder))."/";
		$fs=stat($filename);
		
		$perm=getFullPermissions($filename);
		$owner=$fs["uid"];
		$group=$fs["gid"];
		$inode=$fs["ino"];
		$filesize=sprintf("%u", $fs["size"]); // sprintf per funzionare anche su file > 4GB
		$cdate=$fs["ctime"];
		$adate=$fs["atime"];
		$mdate=$fs["mtime"];
		
		$sqlfile=db_escape_string($file,$conn);
		$sqldisk=db_escape_string($disk,$conn);
		$sqllocation=db_escape_string($location,$conn);

		$cmdfile="INSERT INTO files(name, disk, location, rights, owner, `group`, inode, size,".
			" creation_date, access_date, modification_date, category, description) VALUES(".
			"'$sqlfile', '$sqldisk', '$sqllocation', '$perm', '$owner', '$group', $inode, $filesize,".
			" FROM_UNIXTIME($cdate), FROM_UNIXTIME($adate), FROM_UNIXTIME($mdate), $catid, '')";
		$res=db_query($cmdfile, $conn);
		if(!$res) {
			echo $cmdfile."<br>";
			echo db_error($conn)."<br><br>";
			$ok=false;
		}
		// echo $cmdfile."<br>";
		if($ok && is_dir($folder."/".$file) && $file!="." && $file!="..")
			$ok=scanFolder($folder."/".$file, $startfolder, $disk, $catid); // scende nelle sottodirectory
	}

	closedir($handle);

	return $ok;
}

/*
* Start a scan on a given $path and insert data for category $catid
*/
function scanPath($path,$catid)
{
	global $DrivePropWin;
	global $conn;

	$output=array();
	$driveprop=exec($DrivePropWin." ".$path,$output); // try for Windows
	if(sizeof($output)==0) { // if no output assume Linux OS
		$output=array();
		$dfdata=exec("df -T -B 1 $path",$output);
		// the first line is for description
		$ar=split(" +",$output[1]);
		$devname=$ar[0]; // first, the device
		// if the device name is very long, the df output is on three lines
		if(sizeof($output)>2) {
			$ar=split(" +",$output[2]);
		} else {
			$ar=split(" +",$output[1]);
		}
		$output=array();
		$cmdlabel="dd if=$devname bs=1 skip=32808 count=32";
		$label=exec("$cmdlabel 2>/dev/null",$output, $ret);
		$label=trim($label);
		if(empty($label)) { // can't read label, probably no read permission on device
			// attempting to use volname command
			$cmdlabel="volname $devname";
			$label=exec("$cmdlabel 2>/dev/null",$output);
			$label=trim($label);
		}
		if(empty($label)) { // can't read label, probably no read permission on device
			// attempting to use volname command with sudo
			$cmdlabel="sudo -n volname $devname";
			$label=exec("$cmdlabel 2>/dev/null",$output);
			$label=trim($label);
		}
		if(empty($label)) // no chance, set it to "nothing"
			$label="-- "._STR_NOLABEL." --";
		$serial = 0; // how can I get it in Linux? maybe is possible with the udev filesystem?
		$freespace = $ar[4];
		$totalspace = $ar[2];
		$usedspace = $ar[3];
		$device = $devname;
		$drvtype = $ar[1];
		$mountpoint = db_escape_string($ar[6],$conn);
	} else {
		// Windows OS
		$di=explode(",",$driveprop);
		$label = $di[0];
		$serial = $di[1];
		$freespace = $di[2];
		$totalspace = $di[3];
		$usedspace = $di[4];
		$device = $di[5];
		$drvtype = $di[6];
		$mountpoint = str_replace("\\", "/", $di[7]); // change path in unix form
		$mountpoint = db_escape_string($mountpoint,$conn);
	}
	
	// name = label
	// fsname = device (e.g. /dev/cdrom
	// path = mount point
	// fstype = iso9660, ecc.
	// volume = label (read only)

	// start gathering data and insert into database	
	$ok=true;
	set_time_limit(0);
	db_begin_tran($conn);

	$sqllabel=db_escape_string($label,$conn);
	$cmddisk="INSERT INTO disks(name,num,fsname,path,fstype,volume,full,free,date,serial,category)".
		" VALUES('$sqllabel',0,'$device','$mountpoint','$drvtype','$sqllabel','$usedspace','$freespace',NOW(),".
		"'$serial',$catid)";
	if(!db_query($cmddisk, $conn))
		$ok=false;
	// echo $cmddisk."<br>"; $res=TRUE;

	// start recursive scan
	if($ok)
		$ok=scanFolder($path, $path, $label, $catid);

	if($ok) {
		db_commit_tran($conn);
		echo _STR_END_LOADING;
	} else {
		echo _ERR_DISK_LOADING."<br>";
		echo $cmddisk."<br>";
		echo db_error($conn);
		db_rollback_tran($conn);
	}

	return;
}

/*
* Print the menu bar
*/
function createMenu()
{
	echo "<div style=\"font-size: 0.8em\">";
	echo "<a href=\"?fnc=categories\">"._STR_CATEGORIES."</a>";
	echo "&nbsp;&nbsp;&nbsp;";
	//echo "<a href=\"?fnc=disks\">Dischi</a>";
	echo "&nbsp;&nbsp;&nbsp;";
	echo "<a href=\"?fnc=search\">"._STR_SEARCH."</a>";
	echo "</div><br>";

	return;
}

/*
*
* Show the categories or process actions related to category
*
*/
function showCategories()
{
	global $conn;

	// Delete category
	if(isset($_GET["act"]) && $_GET["act"]=="elimina") {
		$rs=db_query("DELETE FROM categories WHERE num=".$_GET["catid"], $conn);
		echo _STR_CATEGORY_DELETED."<BR>";

		return;
	} elseif(isset($_GET["act"]) && $_GET["act"]=="newcat") {
		// Create a new category
		$rs=db_query("INSERT INTO categories(name) VALUES('-- "._STR_CATEGORY_NONAME." --')", $conn);
		echo _STR_CATEGORY_INSERTED."<BR>";

		return;
	} elseif(isset($_GET["act"]) && $_GET["act"]=="modifica") {
		// Change category
		$catid=$_GET["catid"];
		$rs=db_query("SELECT * FROM categories WHERE num=$catid", $conn);
		$row=db_fetch_array($rs);
		$catname=$row["name"];
		$catdescr=$row["description"];

		// Show form to change category data
		if(!isset($_POST["newname"])) {
			echo "<FORM METHOD=\"POST\" ACTION=\"?fnc=categories&act=modifica&catid=$catid\">";
			echo "<INPUT TYPE=\"TEXT\" NAME=\"newname\" VALUE=\"$catname\"><BR><BR>";
			echo "<INPUT TYPE=\"TEXT\" NAME=\"newdescr\" VALUE=\"$catdescr\"><BR><BR>";
			echo "<INPUT TYPE=\"SUBMIT\" NAME=\"donewname\" VALUE=\""._STR_MODIFY."\"><BR>";
			echo "</FORM>";
		} else {
			// Check for a category name
			if(empty($_POST["newname"])) {
			        echo "<FORM METHOD=\"POST\" ACTION=\"?fnc=categories&act=modifica&catid=$catid\">";
				echo _STR_INSERTNAME."<BR>";
				echo "<INPUT TYPE=\"SUBMIT\" VALUE=\""._STR_BACK."\"><BR>";
			        echo "</FORM>";
			} else {
				// Change category data
				$cmdupd="UPDATE categories SET name='".$_POST["newname"]."',".
					" description='".$_POST["newdescr"]."' WHERE num=$catid";
				db_query($cmdupd, $conn) or die(db_error($conn));
				echo _STR_CATEGORY_CHANGED;
			}
		}

		return;
	}

	echo "<A HREF=\"?fnc=categories&act=newcat\">"._STR_CATEGORY_NEW."</A><BR><BR>";

	// List categories
	$rs=db_query("SELECT * FROM categories ORDER BY name", $conn);
	$row=db_fetch_array($rs);
	echo "<TABLE>\n";
	if($row)
	{
		echo "<TR style=\"background: #DDDDDD; font-weight: bold\">\n";
		echo "<TD>"._STR_CAT_CODE."</TD>\n";
		echo "<TD>"._STR_CAT_NAME."</TD>\n";
		//echo "<TD>Codice <A OnClick=\"order(1,1)\">+</A> <A OnClick=\"order(1,-1)\">-</A></TD>\n";
		echo "<TD>"._STR_CAT_DESCRIPTION."</TD>\n";
		echo "<TD>&nbsp;</TD>\n"; // Modifica
		echo "<TD>&nbsp;</TD>\n"; // Elimina
		echo "</TR>\n";

		$i=0;
		while($row)
		{
			$tdclass=(($i & 1) ? "even": "odd"); 

			echo "<TR>";
			echo "<TD class=\"$tdclass\">".$row["num"]."</TD>\n";
			echo "<TD class=\"$tdclass\"><A HREF=\"?fnc=disks&catid=".
				$row["num"]."\">".$row["name"]."</A></TD>\n";
			echo "<TD class=\"$tdclass\">".$row["description"]."</TD>\n";
			echo "<TD class=\"$tdclass\"><A HREF=\"?fnc=categories&act=modifica&catid=".
				$row["num"]."\">"._STR_MODIFY."</A></TD>\n";
			// controlla  se la categoria e' vuota
			$rsfull=db_query("SELECT * FROM disks WHERE category=".$row["num"], $conn);
			$rowfull=db_fetch_array($rsfull);
			if($rowfull===FALSE) {
				echo "<TD class=\"$tdclass\"><A HREF=\"?fnc=categories&act=elimina&catid=".
					$row["num"]."\">"._STR_DELETE."</A></TD>\n";
			} else {
				echo "<TD class=\"$tdclass\">"._STR_DELETE."</TD>\n";
			}
			echo "</TR>\n";

			$row=db_fetch_array($rs);
			$i++;
		}

	} else {  // no rows
		echo "<TR><TD><br><I>"._STR_NO_RESULTS."</I></TD></TR>";
	}

	echo "</TABLE>\n";

	return;
}

/*
* Show the disks of category
*/
function showDisks()
{
	global $DriveListWin;
	global $conn;

	$catid=$_GET["catid"];
	doNavigation($catid);
	echo "<BR><BR>";

	if(isset($_GET["act"]) && $_GET["act"]=="elimina") {
		// delete disk from the database
		$rs=db_query("SELECT * FROM disks WHERE iddisk=".$_GET["diskid"], $conn);
		$row=db_fetch_array($rs);
		$diskname=$row["name"];
		$deldisk="DELETE FROM disks WHERE iddisk=".$_GET["diskid"];
		$delfiles="DELETE FROM files WHERE disk='".$diskname."' AND category=$catid";

		db_query($deldisk, $conn) or die(db_error($conn));
		db_query($delfiles, $conn) or die(db_error($conn));
		echo _STR_DISK_DELETED;

		return;
	} elseif(isset($_GET["act"]) && $_GET["act"]=="modifica") {
		// get actual information
		$diskid=$_GET["diskid"];
		$rs=db_query("SELECT * FROM disks WHERE iddisk=$diskid", $conn);
		$row=db_fetch_array($rs);
		$diskname=$row["name"];
		$disknum=$row["num"];

		if(!isset($_POST["newname"])) {
			// ask for a new name
			echo "<FORM METHOD=\"POST\" ACTION=\"?fnc=disks&act=modifica&catid=$catid&diskid=$diskid\">";
			echo "<INPUT TYPE=\"TEXT\" NAME=\"newname\" VALUE=\"$diskname\"><BR><BR>";
			echo "<INPUT TYPE=\"TEXT\" NAME=\"newnum\" VALUE=\"$disknum\"><BR><BR>";
			echo "<INPUT TYPE=\"SUBMIT\" NAME=\"donewname\" VALUE=\""._STR_MODIFY."\"><BR>";
			echo "</FORM>";
		} else {
			if(empty($_POST["newname"])) {
			        echo "<FORM METHOD=\"POST\" ACTION=\"?fnc=disks&act=modifica&catid=$catid&diskid=$diskid\">";
				echo _INSERT_NAME."<BR>";
				echo "<INPUT TYPE=\"SUBMIT\" VALUE=\""._STR_BACK."\"><BR>";
			        echo "</FORM>";
			} else {
				$disknum=$_POST["newnum"];
				if(!is_numeric($disknum)) $disknum=0;
				$cmdupd="UPDATE disks SET name='".$_POST["newname"]."',".
					" num=$disknum WHERE iddisk=$diskid";
				$cmdupdfiles="UPDATE files SET disk='".$_POST["newname"]."' WHERE disk='$diskname' AND category=$catid";
				db_query($cmdupd, $conn) or die($cmdupd."<br>".db_error($conn));
				db_query($cmdupdfiles, $conn) or die($cmdupdfiles."<br>".db_error($conn));
				echo _STR_DISK_CHANGED;
			}
				
		}

		return;
	}

	$dirname="";
	if(isset($_POST["dirname"]))
		$dirname=$_POST["dirname"];

	if(isset($_POST["searchdir"])) {
		$errore="";
		$drivename=$_POST["drivename"];
		if(!empty($dirname)) {
			$startdir=$dirname;
		} else {
			if(!empty($drivename)) {
				$drvlist=exec($DriveListWin,$output);
				if(sizeof($output)==0) // sono in Linux
					$startdir=$drivename;
				else
					$startdir=$drivename.":/";
			} else {
				$errore=_ERR_SELECT_LOAD;
			}
		}

		if(empty($errore)) {
			scanPath($startdir,$_GET["catid"]);
		} else {
			echo "<B>".$errore."</B><BR>";
			//echo "<INPUT TYPE=\"BUTTON\" ONCLICK=\"history.back()\" VALUE=\"Indietro\">";
		}

		return;
	}
	
	// form for add disk to the current category		
	echo "<FORM METHOD=\"POST\" ACTION=\"?fnc=disks&catid=".$_GET["catid"]."\">";
	echo _STR_ADD_DISK.": ";
	// command to get drives on Windows
	$drvlist=exec($DriveListWin,$output);
	if(sizeof($output)==0) { // if not Windows, try Linux
		$mountpoint=array();
		exec("/bin/df -T",$output);
		for($i=1; $i<sizeof($output); $i++) {
			$ar=split(" +",$output[$i]);
			if(isset($ar[6])) {
				if($ar[0]!="none")
					$mountpoint[]=substr($output[$i],56);
			}
		}
		$drvlist=implode(",", $mountpoint);
        }
	$drives=explode(",",$drvlist);
	// print drives list
	echo "<SELECT NAME=\"drivename\">\n";
	echo "<OPTION VALUE=\"\">-- "._STR_SELECT_DRIVE." --</OPTION>";
	for($i=0; $i<count($drives); $i++)
		echo "<OPTION VALUE=\"".$drives[$i]."\">".$drives[$i]."</OPTION>";
	echo "</SELECT>\n";
	echo " "._STR_INSERT_PATH.": <INPUT TYPE=\"TEXT\" NAME=\"dirname\" VALUE=\"$dirname\">";
	echo "<INPUT TYPE=\"submit\" NAME=\"searchdir\" VALUE=\""._STR_PROCESS."\">";
	echo "</FORM>";
	// end of form

	// print disks list
	$rs=db_query("SELECT * FROM disks WHERE category=".$_GET["catid"]." ORDER BY name LIMIT 100", $conn);
	$row=db_fetch_array($rs);
	echo "<TABLE>\n";
	if($row)
	{
		echo "<TR style=\"background: #DDDDDD; font-weight: bold\">\n";
		echo "<TD>"._STR_DISK_NAME."</TD>\n";
		//echo "<TD>Codice <A OnClick=\"order(1,1)\">+</A> <A OnClick=\"order(1,-1)\">-</A></TD>\n";
		echo "<TD>##</TD>\n";
		echo "<TD>"._STR_DATE."</TD>\n";
		echo "<TD>"._STR_LABEL."</TD>\n";
		echo "<TD>"._STR_DISK_USAGE."</TD>\n";
		echo "<TD>"._STR_DISK_FREE."</TD>\n";
		echo "<TD>"._STR_DISK_DESCRIPTION."</TD>\n";
		echo "<TD>&nbsp;</TD>\n"; // Modify
		echo "<TD>&nbsp;</TD>\n"; // Delete
		echo "</TR>\n";

		// output the row with the disk information
		$i=0;
		while($row)
		{
			$tdclass=(($i & 1) ? "even": "odd"); 

			echo "<TR>";
			echo "<TD class=\"$tdclass\"><A HREF=\"?fnc=list&diskid=".
				$row["iddisk"]."\">".$row["name"]."</A></TD>\n";
			echo "<TD class=\"$tdclass\">".$row["num"]."</TD>\n";
			echo "<TD class=\"$tdclass\">".$row["date"]."</TD>\n";
			echo "<TD class=\"$tdclass\">".$row["volume"]."</TD>\n";
			echo "<TD class=\"$tdclass\">".$row["full"]."</TD>\n";
			echo "<TD class=\"$tdclass\">".$row["free"]."</TD>\n";
			echo "<TD class=\"$tdclass\">".$row["description"]."</TD>\n";
			echo "<TD class=\"$tdclass\"><A HREF=\"?fnc=disks&act=modifica&catid=$catid&diskid=".
				$row["iddisk"]."\">"._STR_MODIFY."</A></TD>\n";
			echo "<TD class=\"$tdclass\"><A HREF=\"?fnc=disks&act=elimina&catid=$catid&diskid=".
				$row["iddisk"]."\" OnClick=\"return confirm('".
				_STR_DISK_CONFIRM_DELETE."?');\">"._STR_DELETE."</A></TD>\n";
			echo "</TR>\n";

			$row=db_fetch_array($rs);
			$i++;
		}

	} else {  // no rows
		echo "<TR><TD><br><I>"._STR_NO_RESULTS."</I></TD></TR>";
	}

	echo "</TABLE>\n";

	return;
}

/*
* Output the file list for the selected path
*/
function showFiles()
{
	global $conn, $RowsPerPage;

	$diskid=$_GET["diskid"];
	$rs=db_query("SELECT disks.name AS name, disks.volume AS volume, categories.name AS catname,".
		" categories.num AS catid".
		" FROM disks,categories WHERE disks.category=categories.num".
		" AND iddisk=".$diskid, $conn);
	$row=db_fetch_array($rs);
	$diskname=$row["name"];

	doNavigation($row["catid"], $_GET["diskid"]);
	echo "<BR><BR>";

	$curpath="/";
	if(isset($_GET["curpath"]))
		$curpath=$_GET["curpath"];

	// split the path and make the link for inspecting directoris
	$arpath=explode("/", $curpath);
	if(isset($arpath)) {	
		// echo "<INPUT TYPE=\"BUTTON\" OnClick=\"history.back()\" VALUE=\"<\">&nbsp;";
		echo _STR_PATH." <A HREF=\"?fnc=list&diskid=$diskid&curpath=/\">/&nbsp;</A>&nbsp;";
		$strpath="/";
		// don't read the first and last because they're always empty /dir1/dir2/
		for($i=1; $i<count($arpath)-1; $i++) {
			$strpath.=$arpath[$i]."/";
			echo "<A HREF=\"?fnc=list&diskid=$diskid&curpath=$strpath\">".
				$arpath[$i]."/&nbsp;</A>&nbsp;";
		}
	}

	$sqlwhere="disk='".$diskname."' AND category=".$row["catid"].
		" AND location='".$curpath."' AND (name<>'.' AND name<>'..')";

	// print navigation page bar
	$curpage=1;
	if(isset($_GET["page"]))
		$curpage=$_GET["page"];
	$limit=(($curpage-1)*$RowsPerPage).",".$RowsPerPage;
	$rs=db_query("SELECT COUNT(*) AS totalrows FROM files WHERE $sqlwhere", $conn);
	$row=db_fetch_array($rs);

	$geturi="?fnc=list&diskid=$diskid&curpath=$curpath";

	echo "<br>\n";
	echo "<div style=\"font-size: 0.8em\">";
	if($curpage>1)
		echo "&nbsp;<A HREF=\"$geturi&page=".($curpage-1)."\">&lt; </A>&nbsp;\n";
	$totalrows=$row["totalrows"];
	$totalpages=ceil($totalrows/$RowsPerPage);
	for($i=1; $i<=$totalpages; $i++) {
		$bold="";
		if($i==$curpage)
			$bold="font-weight: bold;";
		echo "<A HREF=\"$geturi&page=$i\" style=\"$bold\">$i </A>&nbsp;\n";
	}
	if($curpage<$totalpages)
		echo "&nbsp;<A HREF=\"$geturi&page=".($curpage+1)."\">&gt; </A>&nbsp;\n";
	echo "</div>\n";
	// end of navigation page bar

	$rs=db_query("SELECT * FROM files WHERE $sqlwhere ORDER BY location, name LIMIT $limit", $conn);
	$row=db_fetch_array($rs);
	echo "<TABLE>\n";
	if($row)
	{
		echo "<TR style=\"background: #DDDDDD; font-weight: bold\">\n";
		echo "<TD>"._STR_FILE_NAME."</TD>\n";
		//echo "<TD>Codice <A OnClick=\"order(1,1)\">+</A> <A OnClick=\"order(1,-1)\">-</A></TD>\n";
		//echo "<TD>Percorso</TD>\n";
		echo "<TD>"._STR_FILE_SIZE."</TD>\n";
		echo "</TR>\n";

		$i=0;
		while($row)
		{
			$tdclass=(($i & 1) ? "even": "odd"); 

			echo "<TR>";
			if($row["rights"][0]=='d')
				echo "<TD class=\"$tdclass\"><A HREF=\"?fnc=list&diskid=$diskid&curpath=$curpath".
					$row["name"]."/\">".$row["name"]."</A></TD>\n";
			else
				echo "<TD class=\"$tdclass\">".$row["name"]."</TD>\n";
			// echo "<TD>".$row["location"]."</TD>\n";
			echo "<TD class=\"$tdclass\">".$row["size"]."</TD>\n";
			echo "</TR>\n";

			$i++;
			$row=db_fetch_array($rs);
		}

	} else {  // no rows
		echo "<TR><TD><br><I>"._STR_NO_RESULTS."</I></TD></TR>";
	}

	echo "</TABLE>\n";

	return;
}

function searchDb()
{
	global $conn, $RowsPerPage;

	$nomefile="";
	if(isset($_POST["nomefile"]))
		$nomefile=$_POST["nomefile"];
	elseif(isset($_GET["nomefile"]))
		$nomefile=$_GET["nomefile"];
	echo "<FORM METHOD=\"POST\" ACTION=\"?fnc=search\">";
	echo "<INPUT TYPE=\"TEXT\" NAME=\"nomefile\" VALUE=\"$nomefile\">";
	echo "<INPUT TYPE=\"submit\" NAME=\"search\" VALUE=\""._STR_SEARCH."\">";
	echo "</FORM>";

	if(isset($_POST["search"]) || isset($_GET["search"])) {
		$filename=str_replace("*", "%", $nomefile);
		$sqlwhere="files.category=categories.num AND files.disk=disks.name".
			" AND files.name LIKE '%$filename%'";

		// Print navigation page bar
		$curpage=1;
		if(isset($_GET["page"]))
			$curpage=$_GET["page"];
		$limit=(($curpage-1)*$RowsPerPage).",".$RowsPerPage;
		$rs=db_query("SELECT COUNT(*) AS totalrows FROM files, categories, disks WHERE $sqlwhere", $conn);
		$row=db_fetch_array($rs);

		$geturi="?fnc=search&search=1&nomefile=$nomefile";

		echo "<br>\n";
		echo "<div style=\"font-size: 0.8em\">";
		if($curpage>1)
			echo "&nbsp;<A HREF=\"$geturi&page=".($curpage-1)."\">&lt; </A>&nbsp;\n";
		$totalrows=$row["totalrows"];
		$totalpages=ceil($totalrows/$RowsPerPage);
		for($i=1; $i<=$totalpages; $i++) {
			$bold="";
			if($i==$curpage)
				$bold="font-weight: bold;";
			echo "<A HREF=\"$geturi&page=$i\" style=\"$bold\">$i </A>&nbsp;\n";
		}
		if($curpage<$totalpages)
			echo "&nbsp;<A HREF=\"$geturi&page=".($curpage+1)."\">&gt; </A>&nbsp;\n";
		echo "</div>\n";
		// end of navigation page bar

		$rs=db_query("SELECT files.*, categories.name AS catname, categories.num AS catid,".
			" disks.iddisk AS iddisk FROM files, categories, disks".
			" WHERE $sqlwhere ORDER BY files.category, files.disk LIMIT $limit", $conn);
		$row=db_fetch_array($rs);
		echo "<TABLE>\n";
		if($row)
		{
			$rows_printed=TRUE;
			echo "<TR style=\"background: #DDDDDD; font-weight: bold\">\n";
			echo "<TD>"._STR_FILE_NAME."</TD>\n";
			//echo "<TD>Codice <A OnClick=\"order(1,1)\">+</A> <A OnClick=\"order(1,-1)\">-</A></TD>\n";
			echo "<TD>"._STR_FILE_PATH."</TD>\n";
			echo "<TD>"._STR_FILE_SIZE."</TD>\n";
			echo "<TD>"._STR_DISK."</TD>\n";
			echo "<TD>"._STR_CATEGORY."</TD>\n";
			echo "</TR>\n";

			$idlist="0";

			$i=0;
			while($row)
			{
				$tdclass=(($i & 1) ? "even": "odd"); 

				$diskid=$row["iddisk"];
				// split the path and make the links
				$arpath=explode("/", $row["location"]);
				$strpath="/";
				$location="";
				for($i=1; $i<count($arpath)-1; $i++) {
					// don't use the first and last because they're always empty /dir1/dir2/
					$strpath.=$arpath[$i]."/";
					$location.="<A HREF=\"?fnc=list&diskid=$diskid&curpath=$strpath\">".$arpath[$i]."/&nbsp;</A>&nbsp;";
				}

				echo "<TD>".$row["name"]."</TD>\n";
				echo "<TD>".$location."</TD>\n";
				echo "<TD>".$row["size"]."</TD>\n";
				echo "<TD><A HREF=\"?fnc=list&diskid=$diskid\">".$row["disk"]."</A></TD>\n";
				echo "<TD><A HREF=\"?fnc=disks&catid=".$row["catid"]."\">".
					$row["catname"]."</A></TD>\n";
				echo "</TR>\n";

				$row=db_fetch_array($rs);
				$i++;
			}

		} else {  // no rows
			echo "<TR><TD COLSPAN=\"9\"><br><I>"._STR_NO_RESULTS."</I></TD></TR>";
		}

		echo "</TABLE>\n";
	}

	return;
}

function doHeader()
{
	global $home;

//	$css=(isset($_GET["css"]) ? $_GET["css"]: "");
	
	echo "<HTML>\n";
	echo "<HEAD>\n";
	echo "<TITLE>PWhere - "._STR_PWHERE_TITLE."</TITLE>\n";
//	echo "<SCRIPT TYPE=\"text/javascript\" SRC=\"$home?fnc=200&nohtml=1\"></SCRIPT>";
//	echo "<LINK REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"$home?fnc=100&nohtml=1&css=$css\"/>";
	echo "<style type=\"text/css\">\n";
        echo "td {\n";
        echo "  padding-right: 4px;\n";
        echo "  padding-left: 4px;\n";
        echo "}\n";
        echo "td.even {\n";
	echo "	background-color: #ccccde;\n";
	echo "}\n";
        echo "a {\n";
	echo "	color: blue;\n";
	echo "}\n";
        echo "a:visited {\n";
	echo "	color: blue;\n";
	echo "}\n";
	echo "</style>\n";
	echo "</HEAD>\n";
	echo "<BODY>\n";
}

function doFooter()
{
	echo "</BODY></HTML>\n";
	return;
}

$home=$_SERVER["PHP_SELF"];

if(!isset($_GET["fnc"])) {
	// parto subito dalla prima funzione
	header("Location: $home?fnc=categories");
	exit();
}

$fnc=$_GET["fnc"];

$conn=db_connect();

if(!isset($_GET["nohtml"]))
	doHeader();

$prgdir=dirname($_SERVER["SCRIPT_NAME"]);
createMenu();
switch($_GET["fnc"]) {
	case "categories":
		showCategories();
		break;
	case "disks":
		showDisks();
		break;
	case "list":
		showFiles();
		break;
	case "search":
		searchDb();
		break;
	default:
		echo _ERR_FUNC;
		break;
}

if(!isset($_GET["nohtml"]))
	doFooter();

db_close($conn);

?>

Return current item: PWhere