Location: PHPKode > projects > SchoolAlumni Portal > smumdadotcom_ascyb_alumni/DocMan.php
<?php

/* DocMan 1.0
*  Version 1.0
*  Copyright (c) 2001 Bob Butler  -  http://www.bodyscripts.com
*  DocMan 1.0 is based and adapted from QTOFileManager 1.0, by Quentin O'Sullivan
*  Created for phpwebsite
*  A litle adaptation to eNdonesia 8.x by Endonesia.com
*/

// BEGIN SCRIPT

// Files needed to use eNdonesia themes and track session
if(!isset($mainfile)) { include("mainfile.php"); }
include("open_session.php");
include("header.php");
include("config.php");

$index = 0; //set to one to display right side boxes

########################## FUNCTIONS ########################################

function dirsize($dir)
// calculate the size of files in $dir
{
        $dh = opendir($dir);
        $size = 0;
        while (($file = readdir($dh)) !== false)
        {
                if ($file != "." and $file != "..")
                {
                        $path = $dir."/".$file;
                        if (is_dir($path))
                        {
                                $size += dirsize("$path/");
                        }
                        elseif (is_file($path))
                        {
                                $size += filesize($path);
                        }
}
        }
        closedir($dh);
        return $size;
}

//Create the Admin Login Function

function login()
{
  /**
   * Generates the page header
   */
        #include ("header.php");

    $box_title = "Administrative Login";
        $box_stuff = "<form action=\"admin.php\" method=\"post\">
        AdminID&nbsp;&nbsp;&nbsp;&nbsp;
        <input type=\"text\" name=\"current_admin\" size=\"20\" maxlength=\"20\" /><br />
        Password&nbsp;&nbsp;
        <input type=\"password\" name=\"pwd\" size=\"20\" maxlength=\"18\" />
        <input type=\"hidden\" name=\"op\" value=\"login\" /><br />
        <input type=\"submit\" value=\"Login\" /></form>
        ";

        themesidebox($box_title, $box_stuff);
  /**
   * Generates the page footer
   */
        include ("footer.php");
}

// End of Admin Function

// Check to see if the Admin is current in session

if ($admintest == $security_hash)

// If yes... let's create the Upload form
{

// End of Admin Protection

################################# END OF FUNCTIONS ####################################


// Add the Admin Link back to the Admin menu

echo "<div style=\"text-align : center\"><a href=\"admin.php\">Back to Admin Menu</a></div><br>";

//Make Folder Form Themebox

$box_title = "DocMan";

######################### USER DEFINED VARIABLES #######################################

/*

AUTHENTICATION
DocMan is set up so only the Admin user can see the Manager.

MAX FILE SIZE
The program sets a limit for the maximum allowed file size. The default is 1MB. You can change this by setting the $MaxFileSize configuration variable in the program.

MAX HDD SPACE
The program sets a limit for the maximum total size of all files in the directory. The default is 100MB. You can change this by setting the $HDDSpace configuration variable in the program.

HIDDEN FILES
The program allows for hidden files. You can designate a file as a hidden file by adding the file name to the $HiddenFiles array in the program. e.g. $HiddenFiles = array("file1.ext","file2.jpg","file3.jpg");

EDITING FILES
The program by default allows you to edit files with the extensions .htm .html .txt If you want to edit files with other extensions you need to change the $EditExtensions configuration variable in the top of the program. Just add or remove extensions from the $EditExtensions array. You can also turn file editing off altogether by setting $EditOn = 0

ADD AND REMOVE DIRECTORIES (FOLDERS)
The program allows you to add and delete directories. This functionality can be turned off by setting $MakeDirOn = 0 in the configuration variables at the top of the program

SECURITY
The authentication system is not bullet proof, it could be broken into if someone was determined enough. Do not use this program in directories that contain important files such as credit card numbers.

*/

// set these configuration variables
$MaxFileSize = "1000000"; // max file size in bytes that you will ALLOW
$HDDSpace = "100000000"; // max total size of all files in directory
$HiddenFiles = array(".htaccess","fileicon.gif","foldericon.gif","arrowicon.gif"); // add any file names to this array which should remain invisible
$EditOn = 1; // make this = 0 if you dont want the to use the edit document function at all
$EditExtensions = array("htm","html","txt"); // add the extensions of file types that you would like to be able to edit... NOTE Word.doc does not work (yet :)
$MakeDirOn = 1; // make this = 0 if you dont want to be able to make directories

/********************************************************************/



$ThisFileName = basename(__FILE__); // get the file name
$path = str_replace($ThisFileName,"",__FILE__);   // get the directory path

#if($login)
#{
#        if(!($u == $user && $password == $pass))
#        {
#                $msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>The login details were incorrect</font><br><br>";
#                $loginfailed = 1;
#        }
#}

if($back)
{
        $pathext = substr($pathext, 0, -1);
        $slashpos = strrpos($pathext, "/");
        if($slashpos == 0)
        {
                $pathext = "";
        }
        else
        {
                $pathext = substr($pathext, 0, ($slashpos+1));
        }
}


if(($user == $u || $user == "") && $edit) // if an edit link was clicked
{
        $fp = fopen($path.$pathext.$edit, "r");
        $oldcontent = fread($fp, filesize($path.$pathext.$edit));
        fclose($fp);

$filemanager = <<<content
        <center>
        <table border="0" cellspacing="0" cellpadding="20" bgcolor="#eeeeee" width=100%>
        <tr>
        <td>
        <font face="Verdana, Arial, Hevetica" size="4" color="#333333"><b>Edit File</b></font><br>
        <form name="form1" method="post" action="$PHP_SELF">
          <center>
            <textarea name="newcontent" cols="60" rows="15">$oldcontent</textarea>
            <br>
          <br>
            <input type="submit" name="save" value="Save">
            <input type="submit" name="cancel" value="Cancel or Back">
                        <input type="hidden" name="u" value="$u">
                        <input type="hidden" name="savefile" value="$edit">
                        <input type="hidden" name="pathext" value="$pathext">
          </center>
        </form>
        </td>
        </tr>
        </table>
        </center>
content;

}
elseif(($user == $u || $user == "") && !$loginfailed)
{

        if($save) // if the save button was pressed on the edit screen
        {
                $newcontent = stripslashes($newcontent);
                $fp = fopen($path.$pathext.$savefile, "w");
                fwrite($fp, $newcontent);
                fclose($fp);
        }

        $HDDTotal = dirsize($path); // get the total size of all files in the directory including any sub directorys

        if ($upload) // if the upload button was pressed
        {
                if($HTTP_POST_FILES['uploadedfile']['name']) // if a file was actually uploaded
                {
                        $HTTP_POST_FILES['uploadedfile']['name'] = str_replace("%","",$HTTP_POST_FILES['uploadedfile']['name']);  // remove any % signs from the file name
                        // if the file size is within allowed limits
                        if($HTTP_POST_FILES['uploadedfile']['size'] > 0 && $HTTP_POST_FILES['uploadedfile']['size'] < $MaxFileSize)
                        {
                                // if adding the file will not exceed the maximum allowed total
                                if(($HDDTotal + $HTTP_POST_FILES['uploadedfile']['size']) < $HDDSpace)
                                {
                                        // put the file in the directory
                                        move_uploaded_file($HTTP_POST_FILES['uploadedfile']['tmp_name'], $path.$pathext.$HTTP_POST_FILES['uploadedfile']['name']);
                                        chmod($path.$pathext.$HTTP_POST_FILES['uploadedfile']['name'], 0777);
                                }
                                else
                                {
                                         $msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>There is not enough free space and the file could<br>not be uploaded.</font><br>";
                                }
                        }
                        else
                        {
                                $MaxKB = $MaxFileSize/1000; // show the max file size in Kb
                                $msg =  "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>The file was greater than the maximum allowed<br>file size of $MaxKB Kb and could not be uploaded.</font><br>";
                        }
                }
                else
                {
                        $msg =  "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>Please press the browse button and select a file<br>to upload before you press the upload button.</font><br>";
                }
        }
        elseif($delete) // if the delete button was pressed
        {
                // delete the file or directory
                if(is_dir($path.$pathext.$delete))
                {
                        $result = @rmdir($path.$pathext.$delete);
                        if($result == 0)
                        {
                                $msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>The folder could not be deleted. The folder must be<br>empty before you can delete it. You also may<br>not be authorised to delete this folder.</font><br>";
                        }
                }
                else
                {
                        unlink($path.$pathext.$delete);
                }
        }
        elseif($mkdir && $MakeDirOn)
        {
                umask(000);
                $result = @mkdir($path.$pathext.$dirname, 0777);
 # Old line     $result = @mkdir($path.$pathext.$dirname, 0700);
                if($result == 0)
                {
                        $msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>The folder could not be created. Make sure the name you<br>entered is a valid folder name or have the permissions set correctly.</font><br>";
                }
        }

        $HDDTotal = dirsize($path); // get the total size of all files in the directory including any sub directorys
        $freespace = ($HDDSpace - $HDDTotal)/1000; // work out how much free space is left
        $HDDTotal = (int) ($HDDTotal/1000); // convert to Kb instead of bytes and type cast it as an int
        $freespace = (int) $freespace; // type cast as an int
        $HDDSpace = (int) ($HDDSpace/1000); // convert to Kb instead of bytes and type cast it as an int
        $MaxFileSizeKb = (int) ($MaxFileSize/1000); // convert to Kb instead of bytes and type cast it as an int

        // if $MakeDirOn has been set to on show some html for making directories
        if($MakeDirOn)
        {
                $mkdirhtml = "<input type=\"text\" name=\"dirname\" size=\"15\"><input type=\"submit\" name=\"mkdir\" value=\"Make Directory\">";
        // ########### NEW ###############
        // This adds permissions to the dir
                #$mkdirperm = "<select size=\"1\" name=\"dirperm\"> <option value=\"0777\" selected>777</option> <option value=\"0755\">755</option> <option value=\"0655\">655</option> </select>";
        }

        // build the html that makes up the file manager
        // the $filemanager variable holds the first part of the html
        // including the form tags and the top 2 heading rows of the table which
        // dont display files
        $filemanager = <<<content
        <center>
        <table border='0' cellspacing='0' cellpadding='20' bgcolor='#eeeeee' width=100%>
        <tr>
        <td>
        <img src="mod/docman/dmlogo125.gif" align="right" border="0">
        <font face="Verdana, Arial, Hevetica" size="4" color="#333333"><b>Document Manager</b></font><br>
        $msg
        <font face="Verdana, Arial, Hevetica" size="2"><b>Total Space:</b> $HDDSpace Kb     <b>Max File Size:</b> $MaxFileSizeKb Kb</font><br>
        <font face="Verdana, Arial, Hevetica" size="2"><b>Free Space:</b> $freespace Kb     <b>Used Space:</b> $HDDTotal Kb</font><br>
        <form name="form1" method="post" action="$PHP_SELF" enctype="multipart/form-data">
        <input type="hidden" name="MAX_FILE_SIZE" value="$MaxFileSize">
          $mkdirhtml <br><input type="file" name="uploadedfile">
          <input type="submit" name="upload" value="Upload">
          <input type="hidden" name="u" value="$u">
        <input type="hidden" name="pathext" value="$pathext">

        </form>
        <table width="100%" border="0" cellspacing="0" cellpadding="0" align="center">
        <tr>
        <td height="20" bgcolor="#333333"></td>
        <td bgcolor="#333333" height="20"><font face="Verdana, Arial, Helvetica" size="2" color="#FFFFFF"><b>&nbsp;FILENAME&nbsp;</b></font></td>
        <td height="20" bgcolor="#333333"><font color="#FFFFFF" size="2" face="Verdana, Arial, Helvetica"><b>&nbsp;SIZE (bytes)&nbsp;</b></font></td>
        <td height="20" bgcolor="#333333"></td>
        <td height="20" bgcolor="#333333"></td>
        </tr>
        <tr>
        <td height="2" bgcolor="#999999"></td>
        <td height="2" bgcolor="#999999"></td>
        <td height="2" bgcolor="#999999"></td>
        <td height="2" bgcolor="#999999"></td>
        <td height="2" bgcolor="#999999"></td>
        </tr>
content;

// if the current directory is a sub directory show a back link to get back to the previous directory
if($pathext)
{
        $filemanager  .= <<<content
                                        <tr>
                                        <td bgcolor="#ffffff">&nbsp;<img src="mod/docman/arrowicon.gif">&nbsp;</td>
                                        <td>&nbsp;<a href="$PHP_SELF?u=$u&back=1&pathext=$pathext"><font face="Verdana, Arial, Helvetica" size="2" color="#666666">&laquo;BACK</font></a>&nbsp;</td>
                                        <td bgcolor="#ffffff"></td>
                                        <td></td>
                                        <td bgcolor="#ffffff"></td>
                                        </tr>
                                        <tr>
                                        <td height="1" bgcolor="#000000"></td>
                                        <td height="1" bgcolor="#000000"></td>
                                        <td height="1" bgcolor="#000000"></td>
                                        <td height="1" bgcolor="#000000"></td>
                                        <td height="1" bgcolor="#000000"></td>
                                        </tr>
content;
}

        // build the table rows which contain the file information
        $newpath = substr($path.$pathext, 0, -1);   // remove the forward or backwards slash from the path
        $dir = @opendir($newpath); // open the directory
        while($file = readdir($dir)) // loop once for each name in the directory
        {
                // if the name is not a directory and the name is not the name of this program file
                if($file != "." && $file != ".." && $file != "$ThisFileName")
                {
                        $match = 0;
                        foreach($HiddenFiles as $name) // for each value in the hidden files array
                        {
                                if($file == $name) // check the name is not the same as the hidden file name
                                {
                                        $match = 1;         // set a flag if this name is supposed to be hidden
                                }
                        }
                        if(!$match) // if there were no matches the file should not be hidden
                        {
                                        $filedata = stat($path.$pathext.$file); // get some info about the file

                                        // find out if the file is one that can be edited
                                        $editlink =         "";
                                        if($EditOn && !is_dir($path.$pathext.$file))  // if the edit function is turned on and the file is not a directory
                                        {
                                                $dotpos = strrpos($file, ".");
                                                foreach($EditExtensions as $editext)
                                                {
                                                        $ext = substr($file, ($dotpos+1));
                                                        if(strcmp($ext, $editext) == 0)
                                                        {
                                                                $editlink =         "&nbsp;<a href='$PHP_SELF?edit=$file&u=$u&pathext=$pathext'><font face='Verdana, Arial, Helvetica' size='2' color='#666666'>edit</font></a>&nbsp;";
                                                        }
                                                }
                                        }

                                        // create some html for a link to delete files
                                        $deletelink = "<a href=\"$PHP_SELF?delete=$file&u=$u&pathext=$pathext\"><font face=\"Verdana, Arial, Helvetica\" size=\"2\" color=\"#666666\">delete</font></a>";

                                        // if it is a directory change the file name to a directory link
                                        if(is_dir($path.$pathext.$file))
                                        {
                                                $filename = "<a href=\"$PHP_SELF?u=$u&pathext=$pathext$file/\"><font color=\"#666666\">$file</font></a>";
                                                $fileicon = "&nbsp;<img src=\"mod/docman/foldericon.gif\">&nbsp;";
                                                if(!$MakeDirOn)
                                                {
                                                        $deletelink = "";
                                                }
                                        }
                                        else
                                        #if($EditExtensions = "doc","xls", "txt");

                                                #$filename = "<a href=\"$PHP_SELF?u=$u&pathext=$pathext$file/\"><font color=\"#666666\">$file</font></a>";
                                                #$fileicon = "&nbsp;<img src=\"mod/docman/fileicon.gif\">&nbsp;";

                                        {
                                                $filename = "<a href=\"$pathext$file\" target=\"_blank\"><font color=\"#666666\">$file</font></a>";
                                                $fileicon = "&nbsp;<img src=\"mod/docman/fileicon.gif\">&nbsp;";
                                                #$filename = $file;
                                                #$fileicon = "&nbsp;<img src=\"mod/docman/fileicon.gif\">&nbsp;";
                                        }

                                        // append 2 table rows to the $content variable, the first row has the file
                                        // informtation, the 2nd row makes a black line 1 pixel high
                                        $content .= <<<content
                                        <tr>
                                        <td bgcolor="#ffffff">$fileicon</td>
                                        <td align=left>&nbsp;<font face="Verdana, Arial, Helvetica" size="2">$filename</font>&nbsp;</td>
                                        <td bgcolor="#ffffff" align=left>&nbsp;<font face="Verdana, Arial, Helvetica" size="2">$filedata[7]</font>&nbsp;</td>
                                        <td align=left>&nbsp;$deletelink&nbsp;</td>
                                        <td bgcolor="#ffffff" align=left>$editlink</td>
                                        </tr>
                                        <tr>
                                        <td height="1" bgcolor="#000000"></td>
                                        <td height="1" bgcolor="#000000"></td>
                                        <td height="1" bgcolor="#000000"></td>
                                        <td height="1" bgcolor="#000000"></td>
                                        <td height="1" bgcolor="#000000"></td>
                                        </tr>
content;
                        }
                }
        }
        closedir($dir); // now that all the rows have been built close the directory
        $content .= "</td></tr></table></table></center>"; // add some closing tags to the $content variable
        $filemanager  .= $content; // append the html to the $filemanager variable

}
else
{
        $filemanager = <<<content
        <center>
        <table border="0" cellspacing="0" cellpadding="20" bgcolor="#eeeeee" width="400">

        <tr>
        <td>
        <img src="mod/docman/dmlogo125.gif" align="right" border="0">
        <font face="Verdana, Arial, Hevetica" size="4" color="#333333"><b>DocMan Manager</b></font><br>
        <form name="form1" method="post" action="$PHP_SELF">
        $msg
        <center>
        <font face="Verdana, Arial, Hevetica" size="2">User Name:</font><input type="text" name="u"><br>
          <font face="Verdana, Arial, Hevetica" size="2">Password:</font><input type="password" name="password"><br>
          <input type="submit" name="login" value="Login">
          </center>
        </form>
        </td>
        </tr>
        </table>
        </center>
content;
}




$box_stuff .=
$filemanager;

themesidebox($box_title, $box_stuff);

include('footer.php');
}
//If not Admin, force user to log in
else
login();
// End of Admin login
?>
Return current item: SchoolAlumni Portal