<?php $str .= "\n\n<br>\n<table class='toolbar' cellspacing='0' cellpadding='0' width='100%' align='center'>\n\t<tr height='10'>\n\t\t<td width='10'><img src='" . $this->skinpath . "images/sidebar/tl.png'></td>\n\t\t<td background='" . $this->skinpath . "images/sidebar/tc.png'></td>\n\t\t<td width='10'><img src='" . $this->skinpath . "images/sidebar/tr.png'></td>\n\t</tr>\n\t<tr height='30'>\n\t\t<td width='10'><img src='" . $this->skinpath . "images/sidebar/lc.png' width='10' height='30'></td>\n\t\t<td background='" . $this->skinpath . "images/sidebar/titlebg.png' align='center' valign='middle'>\n\t\t\t<table cellpadding='0' cellspacing='0' width='100%'><tr><td width='32' align='center'>\n\t\t\t\t<img src='" . $this->geticon($this->filepath, "16") . "' border='0'>\n\t\t\t</td><td align='center'>\n\t\t\t\t<b>" . $this->subtitle1 . "</b>\n\t\t\t</td></tr></table>\n\t\t</td>\n\t\t<td width='10'><img src='" . $this->skinpath . "images/sidebar/rc.png' width='10' height='30'></td>\n\t</tr>\n\t<tr>\n\t\t<td width='10' background='" . $this->skinpath . "images/sidebar/lc.png'> </td>\n\t\t<td valign='middle' align='center'><br>\n\t\t\t<table width='100%' align='center' cellspacing='6' cellpadding='3'>\n\t\t"; if (is_array($this->content1)) { foreach ($this->content1 as $file) { $file['filepath'] = bh_fpclean($file['filepath']); unset($fileobj); $fileobj = new bhfile($file['filepath']); # Get system's description of file on *nix systems. if (bh_os() == "nix") { $cmdstr = "file -b " . escapeshellarg($fileobj->absfilepath); $systemdesc2 = `{$cmdstr}`; $systemdescarray = explode(",", $systemdesc2); $systemdesc = $systemdescarray[0]; $systemdesc[0] = strtoupper($systemdesc[0]); } else { $systemdesc = strtoupper(bh_get_extension($file['filepath'])) . " file"; } # Get any possible description from metadata if (!empty($fileobj->fileinfo['description'])) { $systemdesc = $fileobj->fileinfo['description']; } elseif (!empty($fileobj->fileinfo['desc'])) { $systemdesc = $fileobj->fileinfo['desc']; } # Stop JS/HTML insertion $systemdesc = strip_tags($systemdesc); if (empty($bhconfig['defaultfilemodule'])) { $defaultfilemodule = "viewfile"; } else { $defaultfilemodule = $bhconfig['defaultfilemodule']; }
$layoutobj = new bhlayout("generic"); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:main']; $layoutobj->content1 = $bhtexts['main_loggedout']; $layoutobj->display(); } else { # Send the file listing to the layout, along with directory name # Open layout object $layoutobj = new bhlayout("filelist"); # Grab the directory we're looking in $filepath = bh_fpclean($bhcurrent['userobj']->homedir); # Open the file object for the directory if (empty($filepath)) { $filepath = "/"; } $directoryobj = new bhfile($filepath); if ($directoryobj->is_dir() == FALSE) { bh_error($bhlang['error:not_a_dir'], "BH_INVALID_PATH"); } $modulestouse = bh_listmodulesdirectory($filepath); # Get listing mode for this directory $view = bh_view($bhcurrent['userobj']->username, $filepath); # Grab a listing of the files $files = $directoryobj->loadfile(); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:viewing_directory'] . " " . $filepath; $layoutobj->subtitle1 = $filepath; $layoutobj->content1 = $files; $layoutobj->content2 = $modulestouse; $layoutobj->filepath = $filepath; $layoutobj->view = $view;
$filepath = bh_fpclean($_GET['filepath']); $filename = bh_get_filename($filepath); if (bh_file_exists($filepath) == true) { if ($_POST['iscontent']) { $fileobj = new bhfile($filepath); $sizediff = strlen($_POST['file_content']) - $fileobj->fileinfo['filesize']; if ($bhcurrent['userobj']->spaceremaining() < $sizediff) { bh_add_logvars(array("quota" => $bhcurrent['userobj']->quota)); bh_add_error($bhlang['error:quota_exceeded']); require "modules/error.inc.php"; } else { $fileobj->filecontents = $_POST['file_content']; $fileobj->savefile(); bh_log($bhlang['notice:file_saved'], "BH_NOTICE"); bh_log(str_replace("#FILE#", $filepath, str_replace("#USER#", $bhsession['username'], $bhlang['log:#USER#_modified_#FILE#'])), "BH_FILE_MODIFIED"); require "modules/viewfile.inc.php"; } } else { $fileobj = new bhfile($filepath); $fileobj->loadfile(); $layoutobj = new bhlayout("editform"); $layoutobj->content1 = $fileobj->filecontents; $layoutobj->filepath = $filepath; $layoutobj->subtitle1 = str_replace("#FILE#", $filename, $bhlang['title:editing_#FILE#']); $layoutobj->title = str_replace("#FILE#", $filename, $bhlang['title:editing_#FILE#']); $layoutobj->display(); } } else { bh_log($bhlang['error:file_not_exist'], "BH_NOPAGE"); require "modules/error.inc.php"; }
*/ #name Delete #author Andrew Godwin #description Deletes a file. #iscore 1 # Note: no layouts here, of course. Unless we get an error. # Test for include status if (IN_BH != 1) { header("Location: ../index.php"); die; } $filepath = bh_fpclean($_GET['filepath']); $filename = bh_get_filename($filepath); if (bh_file_exists($filepath) == true) { if ($_POST['dodelete'] == 1) { $delfileobj = new bhfile($filepath); $delfileobj->smartdeletefile(); unset($delfileobj); bh_log($bhlang['notice:file_deleted'], "BH_FILE_DELETED"); $_GET['filepath'] = bh_get_parent($filepath); require "modules/viewdir.inc.php"; } else { $layoutobj = new bhlayout('deleteform'); $layoutobj->filepath = $filepath; $layoutobj->title = $bhlang['title:deleting_'] . bh_get_filename($filepath); $layoutobj->display(); } } else { bh_log($bhlang['error:file_not_exist'], "BH_NOPAGE"); require "modules/error.inc.php"; }
function geticon($filepath, $size = 48) { # Open file object and see if it is a folder $fileobj = new bhfile($filepath); if ($fileobj->is_dir() == TRUE) { if (file_exists($this->skinpath . "images/filetypes/" . $size . "x" . $size . "/folder.png")) { return $this->skinpath . "images/filetypes/" . $size . "x" . $size . "/folder.png"; } else { return $this->skinpath . "images/filetypes/48x48/folder.png"; } } # Get extension of file $filepatharray = explode(".", $filepath); $extension = $filepatharray[count($filepatharray) - 1]; # Find icon name switch ($extension) { case "png": case "jpg": case "jpeg": case "gif": case "mng": case "tif": case "tiff": case "bmp": case "xpm": $icon = "image.png"; break; case "svg": case "psd": case "xcf": case "ps": $icon = "vectorgfx.png"; break; case "htm": case "html": case "tpl": $icon = "html.png"; break; case "doc": case "oot": case "ott": case "sxw": case "rtf": $icon = "document.png"; break; case "xls": case "oos": case "ots": case "sxc": $icon = "spreadsheet.png"; break; case "mov": case "wmv": case "mpg": case "mpeg": case "ogv": $icon = "video.png"; break; case "ogg": case "mp3": case "wma": case "wav": case "flac": $icon = "sound.png"; break; case "chm": $icon = "help.png"; break; case "exe": case "dll": $icon = "winexe.png"; break; case "py": $icon = "source_python.png"; break; case "php": case "php3": case "php4": case "php5": case "phpx": case "phtml": $icon = "source_php.png"; break; case "zip": case "bz2": case "gz": case "tgz": case "tbz2": case "rar": case "7z": case "cab": case "sit": case "sitx": $icon = "compressed.png"; break; case "eml": $icon = "email.png"; break; case "txt": $icon = "txt.png"; break; case "mid": case "midi": $icon = "midi.png"; break; case "iso": case "cue": $icon = "cdimage.png"; break; case "bin": $icon = "binary.png"; break; case "pdf": $icon = "pdf.png"; break; case "deb": $icon = "deb.png"; break; case "rpm": $icon = "rpm.png"; break; case "log": $icon = "log.png"; break; default: $icon = "generic.png"; break; } if (file_exists($this->skinpath . "images/filetypes/" . $size . "x" . $size . "/" . $icon) == true) { return $this->skinpath . "images/filetypes/" . $size . "x" . $size . "/" . $icon; } else { if (file_exists($this->skinpath . "images/filetypes/" . $size . "x" . $size . "/generic.png")) { return $this->skinpath . "images/filetypes/" . $size . "x" . $size . "/generic.png"; } else { return $this->skinpath . "images/filetypes/48x48/" . $icon; } } }
function fileinfo($filepath) { $return = array(); $filepath = bh_fpclean($filepath); $fileobj = new bhfile($filepath); $filename = bh_get_filename($filepath); $return['path'] = utf8_encode($filepath); $return['props'][] = $this->mkprop("getdisplayname", $filepath); $return['props'][] = $this->mkprop("displayname", $filepath); $return['props'][] = $this->mkprop("creationdate", $fileobj->fileinfo['createdate']); if (!empty($fileobj->fileinfo['moddate'])) { $return['props'][] = $this->mkprop("getlastmodified", $fileobj->fileinfo['moddate']); } else { $return['props'][] = $this->mkprop("getlastmodified", $fileobj->fileinfo['createdate']); } $return['props'][] = $this->mkprop("getcontentlength", $fileobj->fileinfo['filesize']); if ($fileobj->is_dir() == 1) { $return['props'][] = $this->mkprop('getcontenttype', "directory"); #$return['props'][] = $this->mkprop('contenttype', "directory"); $return['props'][] = $this->mkprop('resourcetype', 'collection'); } else { $return['props'][] = $this->mkprop('getcontenttype', $fileobj->mimetype()); #$return['props'][] = $this->mkprop('contenttype', $fileobj->mimetype()); $return['props'][] = $this->mkprop('resourcetype', ''); } return $return; }
function set_grouprights($group, $status, $recursion = 1) { if ($this->is_dir() && $recursion == 1) { $this->loadfile(); foreach ($this->filecontents as $file2set) { $file2setobj = new bhfile($file2set['filepath']); $file2setobj->set_grouprights($group, $status); } } if ($status >= 0) { $grouprows = select_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath), ""); if (!empty($grouprows)) { update_bhdb("aclgroups", array("status" => $status), array("group" => $group, "filepath" => $this->filepath)); } else { insert_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath, "status" => $status)); } } else { delete_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath)); } }
#description Deletes a user, #iscore 1 $deleteusername = $_GET['username']; if ($_POST['dodelete'] == 1) { # Delete the user delete_bhdb("users", array("username" => $deleteusername)); # Say so bh_log($bhlang['notice:user_deleted'], "BH_NOTICE"); # Show user list require "modules/users.inc.php"; } elseif ($_POST['dodelete'] == 2) { # Delete the user delete_bhdb("users", array("username" => $deleteusername)); # Get their files $userfiles = bh_user_files($deleteusername); # Delete zem. foreach ($userfiles as $userfile) { $userfileobj = new bhfile($userfile); $userfileobj->deletefile(); unset($userfileobj); } # Say so bh_log($bhlang['notice:user_and_files_deleted'], "BH_NOTICE"); # Show user list require "modules/users.inc.php"; } else { $layout = new bhadminlayout("deleteuserform"); $layout->content1 = $deleteusername; $layout->title = $bhlang['title:delete_user']; $layout->display(); }
#description Shows actions that can be done for a file #iscore 1 # Test for include status if (IN_BH != 1) { header("Location: ../index.php"); die; } if (bh_file_exists($filepath) == true) { # Open layout object $layoutobj = new bhlayout("filepane"); # Grab the file we're looking at $filepath = bh_fpclean($_GET['filepath']); if (empty($filepath)) { bh_log($bhlang['error:no_file_specified'], "BH_INVALID_PATH"); } $fileobj = new bhfile($filepath); if ($fileobj->is_dir() == TRUE) { bh_error($bhlang['error:not_a_file'], "BH_INVALID_PATH"); } # Get the modules it's allowed $modulestouse = bh_listmodulesfile($filepath); # Send the stuff to the layout. # Note: # content1 - the list of modules it is allowed # subtitle1 - the filename # subtitle2 - the description $layoutobj->title = $bhlang['title:viewing_file'] . " " . $filepath; $layoutobj->subtitle1 = $filepath; $layoutobj->content1 = $modulestouse; $layoutobj->filepath = $filepath; $layoutobj->display();
* */ #name Sharing Configration Page (directory) #author Andrew Godwin #description Allows users to share directories #iscore 1 # Test for include status if (IN_BH != 1) { header("Location: ../index.php"); die; } # Get the filepath/name $filepath = bh_fpclean($_GET['filepath']); $filename = bh_get_filename($filepath); # Open a file object $fileobj = new bhfile($filepath); # See if we need to respond to an action # Add user if (!empty($_POST['adduser'])) { # Add user to file permissions with inital level 0. $fileobj->set_userrights($_POST['adduser'], 0); bh_log($bhlang['notice:permissions_user_added'], "BH_NOTICE"); } # Delete user if (!empty($_POST['deluser'])) { # Delete user from file db $fileobj->set_userrights($_POST['deluser'], -1); bh_log($bhlang['notice:permissions_user_deleted'], "BH_NOTICE"); } # Add group if (!empty($_POST['addgroup'])) {
# Add any new modules bh_purge_old(); # Purge old requests for things # Right. See if there is a file code if (empty($_GET['filecode'])) { bh_die("error:no_filecode"); } $filecode = $_GET['filecode']; if (bh_filelink_destination($filecode) == false) { bh_log(str_replace("#FILELINK", $filecode, $bhlang['log:filelink_denied']), "BH_FILELINK_ACCESSED"); bh_die("error:filecode_invalid"); } # Well, it must be valid. $filepath = bh_filelink_destination($filecode); $filename = bh_get_filename($filepath); $fileobj = new bhfile($filepath); $username = bh_filelink_get($filecode, "username"); $userobj = new bhuser($username); $fullname = $userobj->userinfo['fullname']; $emailfrom = $userobj->userinfo['email']; # If it is a download: if ($_GET['download'] == 1) { $replarray1 = array("#FILELINK#", "#FILEPATH#", "#FILENAME#", "#IP#", "#TIME#", "#EMAIL#", "#EXPIRES#"); $replarray2 = array($filecode, $filepath, $filename, $_SERVER['REMOTE_ADDR'], date("l dS F Y g:i A"), bh_filelink_get($filecode, "email"), date("l dS F Y g:i A", bh_filelink_get($filecode, "expires"))); # Log it bh_log(str_replace($replarray1, $replarray2, $bhlang['log:filelink_accessed']), "BH_FILELINK_ACCESSED"); # Email it ## if (bh_filelink_get_notify($filecode) == 1) { $username = bh_filelink_get($filecode, "username"); $userobj = new bhuser($username); $emailobj = new bhemail($userobj->userinfo['email']);
$infolder = $_GET['infolder']; } if (empty($infolder)) { $infolder = $_POST['infolder']; } if (empty($infolder)) { $infolder = $bhsession['lastdir']; } if (empty($infolder)) { $infolder = $bhcurrent['userobj']->homedir; } if (bh_file_exists($filepath) == true) { if ($_POST['newname']) { $destfilepath = bh_fpclean($infolder . "/" . $_POST['newname']); if (bh_checkrights($infolder, $bhsession['username']) >= 2) { $fileobj = new bhfile($filepath); $fileobj->copyto($destfilepath); bh_log($bhlang['notice:file_copied'], "BH_NOTICE"); bh_log(str_replace("#DEST#", $newfilepath, str_replace("#FILE#", $filepath, str_replace("#USER#", $bhsession['username'], $bhlang['log:#USER#_copied_#FILE#_to_#DEST#']))), "BH_FILE_COPIED"); $_GET['filepath'] = $infolder; require "modules/viewdir.inc.php"; } else { die("You are not allowed to upload files there."); } } else { $layoutobj = new bhlayout("copyform"); $layoutobj->infolder = $infolder; $layoutobj->subtitle1 = str_replace("#FILE#", $filename, $bhlang['title:copying_#FILE#']); $layoutobj->title = str_replace("#FILE#", $filename, $bhlang['title:copying_#FILE#']); $layoutobj->content1 = $filename; $layoutobj->filepath = $filepath;
function deletefile() { if ($this->is_dir()) { $this->loadfile(); foreach ($this->filecontents as $file2delete) { $file2deleteobj = new bhfile($filetodelete); $file2deleteobj->deletefile(); unset($filetodeleteobj); } rmdir($this->absfilepath); } else { unlink($this->absfilepath); } $this->removedb(); }
* */ #name Download #author Andrew Godwin #description Sends the file to the client. #iscore 1 # Note: no layouts here, of course. Unless we get an error. # Test for include status if (IN_BH != 1) { header("Location: ../index.php"); die; } $filepath = bh_fpclean($_GET['filepath']); $filename = bh_get_filename($filepath); if (bh_file_exists($filepath) == true) { $fileobj = new bhfile($filepath); #if ($fileobj->fileinfo['size'] == 0) { # bh_log($bhlang['error:file_not_exist'], "BH_NOPAGE"); # require "modules/error.inc.php"; #} else { # Log bandwidth usage. New feature, for those who like Absolute Control(tm). This comment shamelessly copied from upload.inc.php. bh_bandwidth($bhsession['username'], "down", $fileobj->fileinfo['filesize']); header("Content-type: " . $fileobj->mimetype()); # If there's a Secret Message from the view image script not to include download headers, don't. if ($_GET['nodownheaders'] == 1) { header("Content-Disposition: filename=" . $filename); } else { header("Content-Disposition: attachment; filename=" . $filename); } header("Content-length: " . $fileobj->fileinfo['filesize']); # IE SSL fix
bh_log($bhlang['error:no_emailaddr'], "BH_ERROR"); } } elseif (strpos($email, "@") === FALSE) { bh_log(str_replace("#EMAIL#", $email, $bhlang['error:invalid_email_#EMAIL#']), "BH_ERROR"); } else { if ($_POST['filemail']['notify'] == "on") { $notify = 1; } else { $notify = 0; } $userobj = new bhuser($bhsession['username']); $emailfrom = $userobj->userinfo['email']; $filecode = bh_filelink_add($filepath, $expires, $bhsession['username'], $email, $notify); $emailobj = new bhemail($email); $emailobj->subject = $_POST['filemail']['subject']; $fileobj = new bhfile($filepath); $filesize = bh_humanise_filesize($fileobj->fileinfo['filesize']); $findarr = array("#DATE#", "#LINK#", "#SYSTEMNAME#", "#FILENAME#", "#FILESIZE#", "#MD5#"); $replarr = array(date("l dS F Y g:i A", $expires), bh_filelink_uri($filecode), $bhconfig['sitename'], bh_get_filename($filepath), $filesize, $fileobj->md5()); $emailobj->message = $_POST['filemail']['message'] . "\n\n" . str_replace($findarr, $replarr, $bhlang['email:filemail_footer']); if (!empty($emailfrom)) { $emailobj->from = $emailfrom; } $emailobj->send(); bh_log(str_replace("#EMAIL#", $email, $bhlang['notice:email_sent_to_#EMAIL#']), "BH_NOTICE"); } } } } else { bh_log($bhlang['error:expires_invalid'], "BH_ERROR"); }
} if ($even == 1) { $str .= "</tr>"; } $str .= "\n</table></td></tr>"; } $str .= "<tr><td colspan='3' class='bh_folderpane_classtitle'>" . $bhlang['title:folder_files'] . "</td></tr>\n"; if (is_array($this->content1)) { $even = 0; foreach ($this->content1 as $file) { if ($even == 0) { $str .= "<tr>"; } $file['filepath'] = bh_fpclean($file['filepath']); unset($fileobj); $fileobj = new bhfile($file['filepath']); # Get system's description of file on *nix systems. if (bh_os() == "nix") { $cmdstr = "file -b " . escapeshellarg($fileobj->absfilepath); $systemdesc2 = `{$cmdstr}`; $systemdescarray = explode(",", $systemdesc2); $systemdesc = $systemdescarray[0]; $systemdesc[0] = strtoupper($systemdesc[0]); } else { $systemdesc = strtoupper(bh_get_extension($file['filepath'])) . " file"; } # Get any possible description from metadata if (!empty($fileobj->fileinfo['description'])) { $systemdesc = $fileobj->fileinfo['description']; } elseif (!empty($fileobj->fileinfo['desc'])) { $systemdesc = $fileobj->fileinfo['desc'];
function bh_mimetype($filepath) { global $bhconfig; $fileobj = new bhfile($filepath); if ($fileobj->is_dir()) { return "bytehoard/directory"; } else { # If we can use unix file, then YES! YES! YES! if (bh_os() == "nix") { # Get what file says $cmdstr = "file -bi " . escapeshellarg($bhconfig['fileroot'] . $filepath); $fileoutput = `{$cmdstr}`; # Trim off any charset or language stuff $array1 = explode(",", $fileoutput); $fileoutput = $array1[0]; $array1 = explode(";", $fileoutput); $fileoutput = $array1[0]; $fileoutput = trim($fileoutput); $fileoutput = str_replace("\n", "", $fileoutput); return $fileoutput; } $extension = bh_get_extension($filepath); switch ($extension) { case "txt": return "text/plain"; break; case "html": case "htm": case "txt": return "text/html"; break; case "png": return "image/png"; break; case "jpg": case "jpeg": case "jpe": return "image/jpeg"; break; case "gif": return "image/gif"; break; case "mp3": return "audio/x-mp3"; break; case "ogg": return "audio/x-vorbis"; break; case "wav": return "audio/wav"; break; case "doc": return "application/msword"; break; case "xls": return "application/vnd.ms-excel"; break; case "ppt": case "pps": return "application/vnd.ms-powerpoint"; break; default: return "application/octet-stream"; break; } } }