Location: PHPKode > scripts > HostBuilder > hostbuilder/manager.php
<?php
/*
	HostBuilder
	Free Edition
	(C) 2007-2008 Data Components Software Development

	Homepage Manager
*/

// Header and initialization
include "functions.php";
include "templates.php";
$commname = getconfig(0);

// Remember, we want to log out in the beginning to let the authenticator know and take action
if ($_POST['funcbtn'] == "Log Out") {
	setcookie("th_username", "");
	setcookie("th_password", "");
} elseif ($_POST['funcbtn'] == "Login") {
  if (!authenticate($_POST['username'], md5($_POST['password']))) {
    $a['message'] = "Incoorect username or password";
    $globalmsg = parse_tpl("message", $a);
  } else {
   	login ($_POST['username'], md5($_POST['password']));
  }
}

// Is the member isn't logged in, go to the login page...
if (!isset($_COOKIE['th_username']) || !isset($_COOKIE['th_password'])) {
	$t['title'] = $commname." - Login";
	$t['page'] = $globalmsg.showheader().showlogin($commname).showfooter();
	echo parse_tpl("html", $t);
} else {
	// Authenticate the member
	if (authenticate($_COOKIE['th_username'], $_COOKIE['th_password'])) {
		// Pre-program executive statements and commands
		if (isset($_POST['funcbtn'])) {
		  switch ($_POST['funcbtn']) {
		    case "Rename Files":
		      $sfile = $_POST['sfile'];
        	foreach ($sfile as $f) {
        	  if ($lf == NULL) {
        	    $lf = $f;
        	  } else {
        	    $lf .= ",".$f;
        	  }
        	}
        	$outpage = showheader().showrenamepanel($lf).showfooter();
		      break;
        case "Delete Files":
          $sfile = $_POST['sfile'];
        	foreach ($sfile as $file) {
        		unlink(getaccountinfo($_COOKIE['th_username'], 5)."/".$file);
        	}
        	$a['message'] = "Files deleted successfully.";
        	$globalmsg = parse_tpl("message", $a);
          break;
        case "Edit File":
          $sfile = $_POST['sfile'];
          if (count($sfile) > 1) {
          	$outpage = showheader().showerror("You must select only one file for editing!").showfooter();
          } else {
          	$outpage = showheader().showeditpanel(getaccountinfo($_COOKIE['th_username'], 5)."/".$sfile[0]).showfooter();
          }
          break;
        case "Edit":
       	  $file = $_POST['file'];
       	  $contents = $_POST['contents'];
       	  $fullfile = getaccountinfo($_COOKIE['th_username'], 5)."/".$file;
       	  $h = fopen($fullfile, "w");
       	  fwrite($h, stripslashes($contents));
       	  fclose($h);
       	  if (getaccountinfo($_COOKIE['th_username'], 11) == "1" || getaccountinfo($_COOKIE['th_username'], 11) == 1) {
       	  	$p = pathinfo($fullfile);
       	  	$fext = strtolower($p['extension']);
       	  	if ($fext == "htm" || $fext == "html" || $fext == "shtml") {
       	  		insertads($fullfile);
       	  	}
       	  }
       	  $a['message'] = "File edited successfully.";
       	  $globalmsg = parse_tpl("message", $a);
          break;
        case "Create New File":
          $outpage = showheader().shownewfilepanel().showfooter();
          break;
        case "Create":
          $file = $_POST['filename'];
          $contents = $_POST['contents'];
          $fullfile = getaccountinfo($_COOKIE['th_username'], 5)."/".$file;
          $bx = getdisabledexts($_COOKIE['th_username']);
          $p = pathinfo($fullfile);
          $fext = strtolower($p['extension']);
          $ok = 1;
          foreach ($bx as $ix) {
            if (strtolower(trim($ix)) == $fext) {
              $ok = 0;
            }
          }
          if ($ok == 1) {
          	$hnd = fopen($fullfile, "w");
          	fwrite($hnd, stripslashes($contents));
          	fclose($hnd);
          	if (intval(getaccountinfo($_COOKIE['th_username'], 11)) == 1) {
          		if ($fext == "htm" || $fext == "html" || $fext == "shtml") {
          			insertads($fullfile);
          		}
          	}
          	$a['message'] = "File created successfully.";
          	$globalmsg = parse_tpl("message", $a);
          } else {
            $a['message'] = "File cannot be named with an illegal file extension.";
          	$globalmsg = parse_tpl("message", $a);
          }
          break;
        case "Upload Files":
          for ($n = 1; $n <= 5; $n++) {
        		if ($_FILES['upfile'.$n]['name'] != NULL) {
        			$sf = $_FILES['upfile'.$n]['size'];
        			$tf = $_FILES['upfile'.$n]['tmp_name'];
        			$bf = $_FILES['upfile'.$n]['name'];
        			$u = $_COOKIE['th_username'];
        			$topath = getaccountinfo($u, 5)."/".$bf;
        			$fs = getmemberspace($u)-getmemberusedspace($u);
        			$bx = getdisabledexts($u);
        			$ok = 1;
        			$p = pathinfo($bf);
        			$fext = strtolower($p['extension']);
        			foreach ($bx as $ix) {
        				if (strtolower(trim($ix)) == $fext) {
        					$ok = 0;
        				}
        			}
        			if ($ok == 1) {
        				if ($fs - $sf >= 0) {
        					// If there's a file size limit...
        					if (intval(getaccountinfo($u, 3))*1024 > 0) {
        						if ($sf <= intval(getaccountinfo($u, 3))*1024) {
        							move_uploaded_file($tf, $topath);
        							if (intval(getaccountinfo($u, 11)) == 1) {
        								if ($fext == "htm" || $fext == "html" || $fext == "shtml") {
        									insertads($topath);
        								}
        							}
        							$a['message'] = "File ".$bf." uploaded successfully.";
        							$globalmsg .= parse_tpl("message", $a)."<br>";
        						} else {
        							$a['message'] = "File ".$bf." exceeds file size limit.";
        							$globalmsg .= parse_tpl("message", $a)."<br>";
        						}
        					} else {
        						move_uploaded_file($tf, $topath);
        						if (intval(getaccountinfo($u, 11)) == 1) {
        							if ($fext == "htm" || $fext == "html" || $fext == "shtml") {
        								insertads($topath);
        							}
        						}
        						$a['message'] = "File ".$bf." uploaded successfully.";
        						$globalmsg .= parse_tpl("message", $a)."<br>";
        					}
        				} else {
        				  $a['message'] = "File ".$bf." exceeds webspace limit.";
        					$globalmsg .= parse_tpl("message", $a)."<br>";
        				}
        			} else {
        			  $a['message'] = "File ".$bf." failed to upload due to an illegal file extension.";
        				$globalmsg .= parse_tpl("message", $a)."<br>";
        			}
        		}
        	}
          break;
        case "Change Password":
         	$f = file(getcwd()."/accounts.db");
         	$h = fopen(getcwd()."/accounts.db", "w");
         	foreach ($f as $inf) {
           	$v = split("::", trim($inf));
           	if ($v[0] == $_COOKIE['th_username']) {
         			if ($_POST['password'] == NULL) {
         			  $a['message'] = "Password cannot be empty!";
         			  $globalmsg = parse_tpl("message", $a);
         			  fwrite($h, $inf);
         			} else {
                $np = $_POST['password'];
                $v[1] = md5($np);
                foreach ($v as $inv) {
                  if ($outf == NULL) {
                    $outf = $inv;
                  } else {
                    $outf .= "::".$inv;
                  }
                }
                fwrite($h, $outf);
                setcookie("th_password", md5($np));
                $a['message'] = "Password changed successfully!";
                $globalmsg = parse_tpl("message", $a);
         			}
         		} else {
         			fwrite($h, $inf);
         		}
         	}
         	fclose($h);
          break;
        case "Rename":
          $total = intval($_POST['total']);
	        for ($n = 0; $n < $total; $n++) {
	        	$bx = getdisabledexts($_COOKIE['th_username']);
	        	$p = pathinfo($_POST['rename'.$n]);
	        	$fext = strtolower($p['extension']);
	        	$ok = 1;
        		foreach ($bx as $ext) {
        		  if (strtolower($ext) == $fext) {
        		    $ok = 0;
        		  }
        		}
        		if ($ok == 1) {
        			rename(getaccountinfo($_COOKIE['th_username'], 5)."/".$_POST['origfile'.$n], getaccountinfo($_COOKIE['th_username'], 5)."/".$_POST['rename'.$n]);
        			if (intval(getaccountinfo($_COOKIE['th_username'], 11)) == 1) {
        				if (($fext == "htm" || $fext4 == "html" || $fext == "shtml") && !adsexist(getaccountinfo($_COOKIE['th_username'], 5)."/".$_POST['rename'.$n])) {
        					insertads(getaccountinfo($_COOKIE['th_username'], 5)."/".$_POST['rename'.$n]);
        				}
         			}
         			$a['message'] = "Files renamed successfully.";
        			$globalmsg = parse_tpl("message", $a);
        		} else {
        		  $a['message'] = "File ".$_POST['rename'.$n]." cannot be renamed to an invalid file extension.";
        			$globalmsg .= parse_tpl("message", $a);
        		}
        	}
          break;
		  }
		}
		if ($outpage == NULL) {
		  $b['manager'] = $globalmsg.showheader().showfiles($_COOKIE['th_username']).showpanel().showfooter();
		  $b['name'] = getaccountinfo($_COOKIE['th_username'], 7);
		  $outpage = parse_tpl("manager", $b);
		}
		$t['title'] = $commname." - Manager";
		$t['page'] = $outpage;
    echo parse_tpl("html", $t);
  }
}
?>
Return current item: HostBuilder