function browse_dir($vars)
{
global $config;
$dir_delim_re = substr(php_uname(), 0, 7) == "Windows" ? '{/|\\\\}' : '{/}';
$dir_delim = substr(php_uname(), 0, 7) == "Windows" ? "\\" : "/";
$dir = $vars['dir'];
##current
$init_dir = $vars['init_dir'];
## 0/1 (set if it open from old config)
if ($dir == '') {
$dir = $config['root_dir'];
}
$dir =& clean_path($dir);
if (!check_security($dir)) {
fatal_error("You are not allowed to view {$dir}", 1);
}
$dirs = preg_split($dir_delim_re, $dir);
$dir_link = $dir_delim;
$p = $dir_delim;
foreach ($dirs as $s) {
if ($s == '') {
continue;
}
$p .= $s . $dir_delim;
if (check_security($p)) {
$dir_link .= "<a href=\"protect.php?action=browse_dir&dir={$p}\"><b>{$s}</b></a>{$dir_delim}";
} else {
$dir_link .= "<b>{$s}</b>{$dir_delim}";
}
}
if ($dh = opendir($dir)) {
} else {
die("Cannot open directory: {$dir}");
}
print <<<CUT
<html><head><title>Select Directory</title>
<style>
body,td,th,input {
font-family: 'Helvetica', sans-serif;
font-size: 0.8em; }
td { background-color: #F0F0F0;}
</style>
<script>
function clicked(rd){
window.opener.browse_dir_clicked(rd.value);
window.close();
}
</script>
<body bgcolor=white>
<center>
<b>Contents of directory {$dir_link}</b>
<table align=center bgcolor=#E0E0E0 cellpadding=3>
<tr>
<th> </th>
<th> </th>
<th>Directory</th>
<th>Mode</th>
<th>Created</th>
</tr>
CUT;
if (check_security($x = "{$dir}..") && is_dir($x) && $dir != $dir_delim) {
print <<<CUT
<tr>
<td> </td>
<td align=center><b>..</b></td>
<td colspan=3><a href="protect.php?action=browse_dir&dir={$dir}..">.. <b>Previous Directory</b></td>
</tr>
<form>
CUT;
}
while ($fn = readdir($dh)) {
$file = "{$dir}{$fn}";
if (!is_dir($file)) {
continue;
}
$file .= "{$dir_delim}";
$stat = stat($file);
if (preg_match('/^\\.|\\.\\.$/', $fn)) {
continue;
}
$mode = format_permissions($stat[3]);
$cdate = format_file_date($stat[10]);
print <<<CUT
<tr>
<td><input type=radio name=dir value="{$file}" onclick='clicked(this)'></td>
<td align=center><b>D</b></td>
<td><a href="protect.php?action=browse_dir&dir={$file}"><b>{$fn}</b></a></td>
<td nowrap>{$mode}</td>
<td nowrap>{$cdate}</td>
</tr>
CUT;
}
closedir($dh);
print <<<CUT
</form>
</table>
</center>
</body></html>
CUT;
}
if (stristr($temp, '_fm_')) {
continue;
}
// If this is a temp file, skip it.
if ($_POST['images_only'] && !preg_match('/\\.(jpeg|jpg|gif|png)$/', $temp)) {
continue;
}
// If it isnt an image, skip it
if (is_dir($directory . "/" . $temp)) {
continue;
}
// If its a directory skip it
$results[$i]['name'] = $temp;
$results[$i]['size'] = filesize($directory . '/' . $temp);
$results[$i]['type'] = filetype($directory . '/' . $temp);
$results[$i]['permissions'] = format_permissions(fileperms($directory . '/' . $temp));
$results[$i]['ctime'] = filectime($directory . '/' . $temp);
$results[$i]['mtime'] = filemtime($directory . '/' . $temp);
$results[$i]['owner'] = fileowner($directory . '/' . $temp);
$results[$i]['group'] = filegroup($directory . '/' . $temp);
$results[$i]['relative_path'] = str_replace(DIRECTORY, '', $directory) . '/' . $temp;
$results[$i]['full_path'] = $directory . '/' . $temp;
$results[$i]['web_path'] = WEB_DIRECTORY . str_replace(DIRECTORY, '', $directory) . '/' . $temp;
$i++;
}
if (is_array($results)) {
$data['count'] = count($results);
$data['data'] = $results;
} else {
$data['count'] = 0;
$data['data'] = '';
