$str .= "</tr>"; } } if ($even == 1) { $str .= "</tr>"; } $str .= "\n</table></td></tr>"; } $str .= "<tr><td colspan='3' class='bh_folderpane_classtitle'>" . $bhlang['title:folder_files'] . "</td></tr>\n"; if (is_array($this->content1)) { $even = 0; foreach ($this->content1 as $file) { if ($even == 0) { $str .= "<tr>"; } $file['filepath'] = bh_fpclean($file['filepath']); unset($fileobj); $fileobj = new bhfile($file['filepath']); # Get system's description of file on *nix systems. if (bh_os() == "nix") { $cmdstr = "file -b " . escapeshellarg($fileobj->absfilepath); $systemdesc2 = `{$cmdstr}`; $systemdescarray = explode(",", $systemdesc2); $systemdesc = $systemdescarray[0]; $systemdesc[0] = strtoupper($systemdesc[0]); } else { $systemdesc = strtoupper(bh_get_extension($file['filepath'])) . " file"; } # Get any possible description from metadata if (!empty($fileobj->fileinfo['description'])) { $systemdesc = $fileobj->fileinfo['description'];
* * Module * $Id: download.inc.php,v 1.5 2005/07/26 21:55:09 andrewgodwin Exp $ * */ #name Download #author Andrew Godwin #description Sends the file to the client. #iscore 1 # Note: no layouts here, of course. Unless we get an error. # Test for include status if (IN_BH != 1) { header("Location: ../index.php"); die; } $filepath = bh_fpclean($_GET['filepath']); $filename = bh_get_filename($filepath); if (bh_file_exists($filepath) == true) { $fileobj = new bhfile($filepath); #if ($fileobj->fileinfo['size'] == 0) { # bh_log($bhlang['error:file_not_exist'], "BH_NOPAGE"); # require "modules/error.inc.php"; #} else { # Log bandwidth usage. New feature, for those who like Absolute Control(tm). This comment shamelessly copied from upload.inc.php. bh_bandwidth($bhsession['username'], "down", $fileobj->fileinfo['filesize']); header("Content-type: " . $fileobj->mimetype()); # If there's a Secret Message from the view image script not to include download headers, don't. if ($_GET['nodownheaders'] == 1) { header("Content-Disposition: filename=" . $filename); } else { header("Content-Disposition: attachment; filename=" . $filename);
exit; } else { # All fine, continue $badcharacters = array("'", '"', "\\"); $newfilepath = bh_fpclean($infolder . "/" . str_replace($badcharacters, "", $fileinfo['name'])); $tmppath = $fileinfo['tempname']; bh_move_uploaded_file($tmppath, $newfilepath); # Make it add info into the db. $newfileobj = new bhfile($newfilepath); unset($newfileobj); bh_log(str_replace("#FILE#", $fileinfo['name'], $bhlang['notice:file_#FILE#_upload_success']), "BH_NOTICE"); bh_log(str_replace("#USER#", $bhsession['username'], str_replace("#FILE#", $newfilepath, $bhlang['log:#USER#_uploaded_#FILE#'])), "BH_FILE_UPLOAD"); } } else { # Error??? $newfilepath = bh_fpclean($infolder . "/" . $fileinfo['name']); bh_add_logvars(array("file" => $fileinfo['name'], "user" => $bhsession['username'], "username" => $bhsession['username'])); bh_add_error($bhlang['notice:file_#FILE#_upload_failure']); bh_add_log($bhlang['log:#USER#_failed_upload_#FILE#'], "BH_FILE_UPLOAD"); } } } # Show directory where they went $_GET['filepath'] = $infolder; require "modules/viewdir.inc.php"; } else { # Sorry, no access. bh_log($bhlang['error:no_write_permission'], "BH_ACCESS_DENIED"); require "modules/error.inc.php"; } } else {
function fileinfo($filepath) { $return = array(); $filepath = bh_fpclean($filepath); $fileobj = new bhfile($filepath); $filename = bh_get_filename($filepath); $return['path'] = utf8_encode($filepath); $return['props'][] = $this->mkprop("getdisplayname", $filepath); $return['props'][] = $this->mkprop("displayname", $filepath); $return['props'][] = $this->mkprop("creationdate", $fileobj->fileinfo['createdate']); if (!empty($fileobj->fileinfo['moddate'])) { $return['props'][] = $this->mkprop("getlastmodified", $fileobj->fileinfo['moddate']); } else { $return['props'][] = $this->mkprop("getlastmodified", $fileobj->fileinfo['createdate']); } $return['props'][] = $this->mkprop("getcontentlength", $fileobj->fileinfo['filesize']); if ($fileobj->is_dir() == 1) { $return['props'][] = $this->mkprop('getcontenttype', "directory"); #$return['props'][] = $this->mkprop('contenttype', "directory"); $return['props'][] = $this->mkprop('resourcetype', 'collection'); } else { $return['props'][] = $this->mkprop('getcontenttype', $fileobj->mimetype()); #$return['props'][] = $this->mkprop('contenttype', $fileobj->mimetype()); $return['props'][] = $this->mkprop('resourcetype', ''); } return $return; }
header("Location: ../index.php"); die; } if ($bhcurrent['userobj']->type == "guest") { # Open layout object $layoutobj = new bhlayout("generic"); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:main']; $layoutobj->content1 = $bhtexts['main_loggedout']; $layoutobj->display(); } else { # Send the file listing to the layout, along with directory name # Open layout object $layoutobj = new bhlayout("filelist"); # Grab the directory we're looking in $filepath = bh_fpclean($bhcurrent['userobj']->homedir); # Open the file object for the directory if (empty($filepath)) { $filepath = "/"; } $directoryobj = new bhfile($filepath); if ($directoryobj->is_dir() == FALSE) { bh_error($bhlang['error:not_a_dir'], "BH_INVALID_PATH"); } $modulestouse = bh_listmodulesdirectory($filepath); # Get listing mode for this directory $view = bh_view($bhcurrent['userobj']->username, $filepath); # Grab a listing of the files $files = $directoryobj->loadfile(); # Send the file listing to the layout, along with directory name $layoutobj->title = $bhlang['title:viewing_directory'] . " " . $filepath;
function copyto($newfilepath, $aclonly = 0) { global $bhconfig; # Clean up filepath $newfilepath = bh_fpclean($newfilepath); if ($aclonly == 0) { if ($this->is_dir()) { } else { copy($this->absfilepath, $bhconfig['fileroot'] . $newfilepath); chmod($bhconfig['fileroot'] . $newfilepath, 0777); } } # If directory, do the ACL stuff for all files. if ($this->is_dir()) { $this->loadfile(); if ($aclonly == 0) { @mkdir($bhconfig['fileroot'] . $newfilepath, 0777); } foreach ($this->filecontents as $file2copy) { #echo "(".$file2copy['filepath']." --to-- ".bh_fpclean($newfilepath."/".bh_get_filename($file2copy['filename'])).") "; $file2copyobj = new bhfile($file2copy['filepath']); $file2copyobj->copyto(bh_fpclean($newfilepath . "/" . bh_get_filename($file2copy['filename']))); unset($filetocopyobj); } } # Insert ACL/metadata/filecode entries of old self $acl_u_rows = select_bhdb("aclusers", array("filepath" => $this->filepath), ""); foreach ($acl_u_rows as $acl_u_row) { $acl_u_row['filepath'] = $newfilepath; insert_bhdb("aclusers", $acl_u_row); } $acl_g_rows = select_bhdb("aclgroups", array("filepath" => $this->filepath), ""); foreach ($acl_g_rows as $acl_g_row) { $acl_g_row['filepath'] = $newfilepath; insert_bhdb("aclgroups", $acl_g_row); } $acl_p_rows = select_bhdb("aclpublic", array("filepath" => $this->filepath), ""); foreach ($acl_p_rows as $acl_p_row) { $acl_p_row['filepath'] = $newfilepath; insert_bhdb("aclpublic", $acl_p_row); } $md_rows = select_bhdb("metadata", array("filepath" => $this->filepath), ""); foreach ($md_rows as $md_row) { $md_row['filepath'] = $newfilepath; insert_bhdb("metadata", $md_row); } # Done. }
#name File Link Module #author Andrew Godwin #description Does the one-time time-expiring links. This only generates them, serving them is done by a separate PHP process (filelink.php) # Test for include status if (IN_BH != 1) { header("Location: ../index.php"); die; } $filepath = $_GET['filepath']; if (empty($filepath)) { $filepath = $_POST['filepath']; } if (empty($filepath)) { bh_die("error:no_filepath"); } $filepath = bh_fpclean($filepath); # See if we have details passed to us in the POST if (!empty($_POST['filemail'])) { # Check to see if we email or not if ($_POST['filemail']['linkonly'] == "on") { # Check expiry date $expiresin = $_POST['filemail']['expires']; if (is_numeric($expiresin) && $expiresin > 0) { if ($expiresin > $bhconfig['maxexpires']) { bh_log($bhlang['error:expires_too_much'], "BH_ERROR"); } else { if ($_POST['filemail']['notify'] == "on") { $notify = 1; } else { $notify = 0; }
} if (empty($infolder)) { $infolder = $_POST['infolder']; } if (empty($infolder)) { $infolder = $_SESSION['lastdir']; } if (empty($infolder)) { $infolder = $bhcurrent['userobj']->homedir; } if (!empty($_POST['foldername'])) { # Check they have permission to write in the folder if (bh_checkrights(bh_fpclean($infolder), $bhsession['username']) >= 2) { bh_mkdir(bh_fpclean($infolder . "/" . $_POST['foldername'])); $fileobj = new bhfile(bh_fpclean($infolder . "/" . $_POST['foldername'])); unset($fileobj); bh_log($bhlang['notice:folder_created'], "BH_NOTICE"); bh_log(str_replace("#USER#", $bhsession['username'], str_replace("#FOLDER#", bh_fpclean($infolder . "/" . $_POST['foldername']), $bhlang['log:#USER#_created_#FOLDER#'])), "BH_FOLDER_CREATED"); $_GET['filepath'] = bh_fpclean($infolder . "/" . $_POST['foldername']); require "modules/viewdir.inc.php"; } else { bh_log($bhlang['error:access_denied'], "BH_ERROR"); bh_log(str_replace("#USER#", $bhsession['username'], str_replace("#PAGE#", $_SERVER['REQUEST_URI'], $bhlang['log:#USER#_denied_#PAGE#'])), "BH_ACCESS_DENIED"); require "modules/error.inc.php"; } } else { # Open layout object $layoutobj = new bhlayout("addfolderform"); $layoutobj->filepath = $infolder; $layoutobj->display(); }
# FileLink/FileMail functions # File array $file = file($_GET['file']) or die("I'm sorry. That isn't a valid file."); # Loooop through foreach ($file as $num => $line) { if (substr($line, 0, 1) == "#" || substr($line, 0, 1) == ";" || trim($line) == "") { } else { $linearray = explode(",", $line); if (empty($linearray[0])) { die("No username provided! Line " . ($num + 1)); } elseif (empty($linearray[1])) { die("No password provided! Line " . ($num + 1)); } elseif (empty($linearray[2])) { die("No email provided! Line " . ($num + 1)); } else { $userrows = select_bhdb("users", array("username" => $linearray[0]), ""); if (empty($userrows)) { if (empty($linearray[4])) { $linearray[4] = "normal"; } bh_adduser($linearray[0], $linearray[1], bh_fpclean("/" . $linearray[0]), $linearray[4]); insert_bhdb("userinfo", array("username" => $linearray[0], "itemname" => "fullname", "itemcontent" => empty($linearray[3]))); insert_bhdb("userinfo", array("username" => $linearray[0], "itemname" => "email", "itemcontent" => empty($linearray[2]))); echo "User " . $linearray[0] . " added! <br>\n\r"; } else { echo "User " . $linearray[0] . " exists, not added. <br>\n\r"; } } } } echo $num + 1 . " lines processed. Finished.";
<?php /* * ByteHoard 2.1 * Copyright (c) Andrew Godwin & contributors 2004 * * Module * $Id: returntofolder.inc.php,v 1.1 2005/07/26 21:55:09 andrewgodwin Exp $ * */ #name Return To Folder #author Andrew Godwin #description Goes to the folder that the passed file is in. #iscore 1 # Test for include status if (IN_BH != 1) { header("Location: ../index.php"); die; } # Get the directory $filepath = bh_fpclean(bh_get_parent($_GET['filepath'])); $_GET['filepath'] = $filepath; # Include the viewdir module require "modules/viewdir.inc.php";
$filename = bh_get_filename($filepath); if (empty($infolder)) { $infolder = $_GET['infolder']; } if (empty($infolder)) { $infolder = $_POST['infolder']; } if (empty($infolder)) { $infolder = $bhsession['lastdir']; } if (empty($infolder)) { $infolder = $bhcurrent['userobj']->homedir; } if (bh_file_exists($filepath) == true) { if ($_POST['newname']) { $destfilepath = bh_fpclean($infolder . "/" . $_POST['newname']); if (bh_checkrights($infolder, $bhsession['username']) >= 2) { $fileobj = new bhfile($filepath); $fileobj->copyto($destfilepath); bh_log($bhlang['notice:file_copied'], "BH_NOTICE"); bh_log(str_replace("#DEST#", $newfilepath, str_replace("#FILE#", $filepath, str_replace("#USER#", $bhsession['username'], $bhlang['log:#USER#_copied_#FILE#_to_#DEST#']))), "BH_FILE_COPIED"); $_GET['filepath'] = $infolder; require "modules/viewdir.inc.php"; } else { die("You are not allowed to upload files there."); } } else { $layoutobj = new bhlayout("copyform"); $layoutobj->infolder = $infolder; $layoutobj->subtitle1 = str_replace("#FILE#", $filename, $bhlang['title:copying_#FILE#']); $layoutobj->title = str_replace("#FILE#", $filename, $bhlang['title:copying_#FILE#']);
function copyto($newfilepath) { global $bhconfig; # Clean up filepath $newfilepath = bh_fpclean($newfilepath); copy($this->absfilepath, $bhconfig['fileroot'] . $newfilepath); # Insert ACL/metadata/filecode entries of old self $acl_u_rows = select_bhdb("aclusers", array("filepath" => $this->filepath), ""); foreach ($acl_u_rows as $acl_u_row) { $acl_u_row['filepath'] = $newfilepath; insert_bhdb("aclusers", $acl_u_row); } $acl_g_rows = select_bhdb("aclgroups", array("filepath" => $this->filepath), ""); foreach ($acl_g_rows as $acl_g_row) { $acl_g_row['filepath'] = $newfilepath; insert_bhdb("aclgroups", $acl_g_row); } $acl_p_rows = select_bhdb("aclpublic", array("filepath" => $this->filepath), ""); foreach ($acl_p_rows as $acl_p_row) { $acl_p_row['filepath'] = $newfilepath; insert_bhdb("aclpublic", $acl_p_row); } $md_rows = select_bhdb("metadata", array("filepath" => $this->filepath), ""); foreach ($md_rows as $md_row) { $md_row['filepath'] = $newfilepath; insert_bhdb("metadata", $md_row); } # Done. }