<?PHP
$rootpath=$_SERVER['DOCUMENT_ROOT'] . "/";
include_once($rootpath . "common.php");
if (is_array($_GET) && (isset($_GET['action'])))
doGet($_GET);
elseif (is_array($_POST) && (isset($_POST['action'])))
doPost($_POST);
else
exit;
function doGet($request)
{
global $rootpath, $webappcfg, $rb, $db;
if ($request['action']=="EDIR")
{
if (isset($request['dirname']) && ($request['dirname']!=""))
{
$dirarray = explode("/", $request['dirname']);
$response['dirarray'] = $dirarray;
$response['ownerid'] = $request['ownerid'];
include($rootpath . "/webdrive/index.php");
}
}
elseif ($request['action']=="browsedir")
{
// Input Variable
// $request['ownerid'], $request['dir'], $request['keypass']
//
// Browse Directory only, like clicking "My Computer" -> "C:", and show all the directory out
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/privilege/include.php");
//include_once($webappcfg['APPPATH'] . "/group/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
if (!isset($request['ownerid']))
$request['ownerid'] = ANONYMOUS;
if (!isset($request['dir']))
{
$request['dir'] = "~";
}
else
{
// General Checking on the dir, see if it is NORMAL or not
if (!TextCheck::checkDirectoryName($request['dir'])) // Function not written
{
// include the Error Template Page !! or throw Error Message
}
}
if (!isset($request['keypass']))
{
$request['keypass'] = "";
}
if (!isset($request['vartype']))
$request['vartype'] = FILENAME;
// Check the client has login or not
$bsg = new BSGBrowseDir();
$response['dirobj'] = $bsg->browseDir($request['dir'], $request['ownerid'], $request['keypass'], $request['vartype']);
$response['filedirdb'] = $bsg->getFiledirdb();
// Output After getting directory
// include the template page
//echo("<PRE>");
//print_r($response['dirobj']);
if (is_array($response['dirobj']))
{
header('Content-type: text/xml;charset=UTF-8');
echo('<?xml version="1.0" encoding="UTF-8"?>'."\n");
include($rootpath."/xmlfeed/dirfilelist.php");
}
else
print_r($response['dirobj']);
}
elseif ($request['action']=="listdir")
{
// Input Variable
// $request['dir'], $request['ownerid']
//
// Browse Directory only, like clicking "My Computer" -> "C:", and show all the directory out
include_once($webappcfg['APPPATH'] . "/group/include.php");
include_once($webappcfg['APPPATH'] . "/dir/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
if (!isset($request['dir']))
{
$request['dir'] = "~";
}
else
{
// General Checking on the dir, see if it is NORMAL or not
if (!TextCheck::checkDirectoryName($request['dir'])) // Function not written
{
// include the Error Template Page !! or throw Error Message
return;
}
}
// Check the client has login or not
$bsg = new BSGListDir();
$dirobj = $bsg->listDir($request['dir'], $request['ownerid']);
// Output After getting directory
}
elseif ($request['action']=="download")
{
// Input variable
// $request['filename'], $request['ownerid'], $request['keypass']
//
// Browse Directory only, like clicking "My Computer" -> "C:", and show all the directory out
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
if (!isset($request['filename']))
{
// include Error Template for file not found
return;
}
else
{
// General Checking on the dir, see if it is NORMAL or not
if (!TextCheck::checkFileName($request['filename'])) // Function not written
{
// include the Error Template Page !! or throw Error Message
return;
}
}
if (!isset($request['ownerid']))
$request['ownerid']=-1;
if (!isset($request['keypass']))
$request['keypass']="";
if (!isset($request['vartype']))
$request['vartype'] = FILENAME;
// Check the client has login or not
$bsg = new BSGDownload();
$dirobj = $bsg->downloadfile($request['filename'], $request['ownerid'], $request['keypass'], $request['vartype']);
//print_r($dirobj);
// Output After getting directory
// Return the filename, type, size and the BINARY data
if ((isset($dirobj['filedirdb'])) && (isset($dirobj['filecontent'])))
{
$fileobj = $dirobj['filedirdb']->getobj();
header("Cache-Control: must-revalidate");
header('Content-type: '.$fileobj->getcontenttype());
header("Content-Length: ".$dirobj['filesize']);
header('Content-disposition: attachment; filename="'.$fileobj->getfilename().'"');
header("Accept-Ranges: ".$dirobj['filesize']);
echo($dirobj['filecontent']);
}
else
{
// 404 Not Found
//header("HTTP/1.0 404 Not Found");
print_r($dirobj);
return;
}
}
elseif ($request['action']=="upload")
{
// Input variable
// $request['dir'], $request['ownerid'], $request['newkeypass'], $_FILES
//
set_time_limit(0);
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
global $_FILES;
if ((!isset($_FILES)) || (count($_FILES)==0))
{
// include error page, file not found
echo("NOUPFILE");
return;
}
if (!isset($request['ownerid']))
{
// include the Error Template
// ANONYMOUS cannot upload files
echo("NOOWNERID");
return;
}
if (!isset($request['dir']))
{
$request['dir'] = "~";
}
else
{
// General Checking on the dir, see if it is NORMAL or not
if (!TextCheck::checkDirectoryName($request['dir'])) // Function not written
{
// include the Error Template Page !! or throw Error Message
echo("TEXTCHECKDIR");
return;
}
}
if (!isset($request['newkeypass']))
{
$request['newkeypass'] = "";
}
if (!isset($request['vartype']))
$request['vartype'] = FILENAME;
$bsu = new BSGUpload();
$result = $bsu->uploadfile($request['dir'], $request['ownerid'], $request['newkeypass'], $_FILES, $request['vartype']);
if ($result == true)
{
if (!isset($request['engine']))
{
include($rootpath."webdrive/uploadsucc.php");
}
elseif ($request['engine']=="machine")
{
echo("SUCCESS");
}
}
}
elseif ($request['action']=="uploadform")
{
if (NSession::getuid()>0)
{
if (!isset($request['ownerid']) || ($request['ownerid']<1))
{
return;
}
elseif (!is_numeric($request['ownerid']))
{
return;
}
if (!isset($request['dir']) || ($request['dir']==""))
{
return;
}
$response['ownerid'] = $request['ownerid'];
$response['dir'] = $request['dir'];
include($rootpath."webdrive/uploadform.php");
}
}
elseif ($request['action']=="createdir")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
if (!isset($request['dirname']))
$request['dirname'] = "~";
else
{
// General Checking on the dir, see if it is NORMAL or not
if (!TextCheck::checkDirectoryName($request['dirname'])) // Function not written
{
// include the Error Template Page !! or throw Error Message
echo("TEXTCHECKDIR");
return;
}
}
if (!isset($request['ownerid']))
$request['ownerid'] = NSession::getuid();
if (!isset($request['createname']))
return;
if (!isset($request['keypass']))
$request['keypass'] = "";
$bsc = new BSGNewDirectory();
$result = $bsc->newDirectory($request['dirname'], $request['ownerid'], $request['createname'], $request['keypass']);
echo $result;
}
elseif ($request['action']=="getattr")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
//
// Input variable:
// $request['filename'], $request['ownerid'], $request['type']
//
if (isset($requset['ownerid']))
{
if (($request['ownerid']!=-1) && (NSession::getuid()!=$request['ownerid']))
{
echo("ACCESSDENIED");
return;
}
if (!isset($request['dirfilename']))
$request['dirfilename'] = "~";
$bsc = new BSGetAttrList();
$response['attrlist'] = $bsc->getAttrListbyName();
}
elseif (isset($request['dirfile_id']))
{
$bsc = new BSGetAttrList();
if ($request['type']==SFILE)
{
$response['userattrlist'] = $bsc->getUserFileAttrListbyId($request['dirfile_id'], NSession::getuid());
$response['groupattrlist'] = $bsc->getGroupFileAttrListbyId($request['dirfile_id'] , NSession::getuid());
}
}
if (isset($response['userattrlist']))
{
//echo("<PRE>");
//print_r($response['userattrlist'][SFILE]);
header('Content-type: text/xml;charset=UTF-8');
echo('<?xml version="1.0" encoding="UTF-8"?>'."\n");
include($rootpath . "xmlfeed/fileauthlist.php");
}
}
elseif ($request['action']=="sharepublic")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
if (isset($requset['ownerid']))
{
if (($request['ownerid']!=-1) && (NSession::getuid()!=$request['ownerid']))
{
echo("ACCESSDENIED");
return;
}
}
if (!isset($request['dirfile_id']))
{
return;
}
$bssp = new BSSharePublic();
if (isset($request['policy']) && ($request['policy']=="ban"))
{
if ($bssp->banPublic($request['ownerid'], $request['dirfile_id']))
{
echo SUCCESS;
}
else
echo FAIL;
}
else
{
if ($bssp->sharePublic($request['ownerid'], $request['dirfile_id']))
{
echo SUCCESS;
}
else
echo FAIL;
}
}
elseif ($request['action'] == "xmldirfileprop")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
include_once($webappcfg['APPPATH'] . "/user/include.php");
if (!isset($request['ownerid']))
return;
if ($request['ownerid'] == NSession::getuid())
{
// DO what here?
// return filesize / dir totalsize
if ($request['type']==SFILE)
{
$bsgdfs = new BSGetDirFileSize();
$response['filesize'] = $bsgdfs->getFileSize($request['dirfile_id']);
$response['dirfile_id'] = $request['dirfile_id'];
// get a list of READ access right of user
$bsgdfra = new BSGetDirFileReadAccess();
$response['useraccess'] = $bsgdfra->getAuthList($request['dirfile_id'], $request['ownerid'], $request['type']);
// get a list of READ access right of group
// get the owner's access right
$bsgal = new BSGetAttrList();
$response['owneraccess'] = $bsgal->getOwner($request['dirfile_id'], $request['ownerid']);
// get public access right
$bssp = new BSSharePublic();
$response['publicshare'] = $bssp->getPublicAuth($request['ownerid'], $request['dirfile_id']);
}
/*elseif ($request['type']==DIRECTORY)
{
}*/
header('Content-type: text/xml;charset=UTF-8');
echo('<?xml version="1.0" encoding="UTF-8"?>'."\n");
include($rootpath . "xmlfeed/fileprop.php");
}
else
{
}
}
elseif ($request['action']=="savefileprop")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/user/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
include_once($webappcfg['APPPATH'] . "/accessright/include.php");
//
// Input Variable: dirfile_id, ownerwriteaccess, publicreadaccess, useraccess, useraccessdel
//
$bssavefileprop = new BSSaveFileProp();
if ($bssavefileprop->savefileprop($request['dirfile_id'], NSession::getuid(), $request['ownerwriteaccess'], $request['publicreadaccess'], $request['useraccess'], $request['useraccessdel']))
{
echo("SUCCESS");
}
else
echo("FAIL");
}
elseif ($request['action']=="savedirprop")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/user/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
include_once($webappcfg['APPPATH'] . "/accessright/include.php");
include_once($webappcfg['APPPATH'] . "/dir/include.php");
$response = array();
$bssavedirprop = new BSSaveDirProp();
$response = $bssavedirprop->savedirprop($request, $response);
//print_r($response);
if ($response['result'] == true)
echo('SUCCESS');
else
echo('FAIL');
}
elseif ($request['action']=="renamefile")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
include_once($webappcfg['APPPATH'] . "/rename/include.php");
$request['user_id'] = NSession::getuid();
$response= array();
$bsrename = new BSRenameFile();
$response = $bsrename->renamefile($request, $response);
if ($response['result'] == true)
echo("SUCCESS");
else
echo("FAIL");
}
elseif ($request['action']=="renamedir")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
include_once($webappcfg['APPPATH'] . "/rename/include.php");
$request['user_id'] = NSession::getuid();
$response= array();
$bsrename = new BSRenameDir();
$response = $bsrename->renamedir($request, $response);
if ($response['result'] == true)
echo("SUCCESS");
else
echo("FAIL");
}
elseif ($request['action']=="delfile")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
include_once($webappcfg['APPPATH'] . "/rename/include.php");
$request['filestorage'] = $webappcfg['filestorage'];
$request['user_id'] = NSession::getuid();
$response= array();
$bs = new BSDelFile();
$response = $bs->delfile($request, $response);
if ($response['result'] == true)
echo("SUCCESS");
else
echo("FAIL");
}
elseif ($request['action']=="deldir")
{
include_once($webappcfg['APPPATH'] . "/file/include.php");
include_once($webappcfg['APPPATH'] . "/dir/include.php");
include_once($webappcfg['APPPATH'] . "/general/include.php");
include_once($webappcfg['APPPATH'] . "/rename/include.php");
$request['filestorage'] = $webappcfg['filestorage'];
$request['user_id'] = NSession::getuid();
$response= array();
$response['result'] =false;
$bs = new BSDelDir();
$response = $bs->deldir($request, $response);
if ($response['result'] == true)
echo("SUCCESS");
else
echo("FAIL");
}
$db->sql_close();
}
function doPost($request)
{
doGet($request);
}
/*
Function to check login
if (!NSession::check_login())
{
//echo("NOLOGIN");
// Bring to login page;
header("Location: http://".$webappcfg['httphost']."/");
return;
}
*/
?>