store_access_stat($f, $id);
if (!empty($f)) {
# password mode
if (strlen($id) > 23 && !isset($_POST['password'])) {
$message = '<div class="lock"><img src="img/locked_big.png"/>
<form action="index.php?f=' . $id . '" method="post">
<label>' . e('This share is protected, please type the correct password:'******'</label><br/>
<input type="password" name="password" class="button red"/>
<input type="submit" value="Ok" class="button"/>
</form>
</div>
';
} else {
if (!isset($_POST['password']) || isset($_POST['password']) && blur_password($_POST['password']) == $id) {
if (isset($_GET['thumbs'])) {
$f = get_thumbs_name($f);
} else {
$f = $_SESSION['upload_path'] . $f;
}
# normal mode or access granted
if ($f && is_file($f)) {
# file request => return file according to $behaviour var (see core.php)
$type = _mime_content_type($f);
$ext = strtolower(pathinfo($f, PATHINFO_EXTENSION));
if (is_in($ext, 'FILES_TO_ECHO') !== false) {
echo '<pre>' . htmlspecialchars(file_get_contents($f)) . '</pre>';
} else {
if (is_in($ext, 'FILES_TO_RETURN') !== false) {
header('Content-type: ' . $type . '; charset=utf-8');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . filesize($f));
<?php
// demande d'une image (miniature, grandre miniature ou redimensionnée)
if (isset($_GET['image']) && !empty($_GET['f'])) {
switch ($_GET['image']) {
case 'thumbs':
$f = get_thumbs_name(id2file($_GET['f']));
$img_error = 'ERROR: Thumbnail not found';
break;
case 'gthumbs':
$f = get_thumbs_name_gallery(id2file($_GET['f']));
$img_error = 'ERROR: Thumbnail not found';
break;
case 'web':
$f = get_thumbs_name_web(id2file($_GET['f']));
$img_error = 'ERROR: Image not found';
break;
default:
$f = '';
$img_error = 'Unknow error';
break;
}
if (!file_exists($f)) {
exit($img_error);
}
$type = _mime_content_type($f);
header('Content-type: ' . $type . '; charset=utf-8');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . filesize($f));
readfile($f);
exit;
$destination = '';
}
if (check_path($file) && check_path($destination)) {
if (is_file($_SESSION['upload_path'] . $file) || is_dir($_SESSION['upload_path'] . $file)) {
$file = stripslashes($file);
$destination = addslash_if_needed($destination) . basename($file);
# if file/folder exists in destination folder, change name
if (is_file($_SESSION['upload_path'] . $destination) || is_dir($_SESSION['upload_path'] . $destination)) {
$destination = addslash_if_needed($destination) . rename_item(basename($file));
}
# move file
rename($_SESSION['upload_path'] . $file, $_SESSION['upload_path'] . $destination);
if (!is_dir(dirname('thumbs/' . $destination))) {
mkdir(dirname('thumbs/' . $destination), 0744, true);
}
rename(get_thumbs_name($file), get_thumbs_name($destination));
# change path in id
$id = file2id($file);
$ids = unstore();
$ids[$id] = $destination;
store();
}
}
header('location:admin.php');
exit;
}
# Lock folder with password
if (!empty($_POST['password']) && !empty($_POST['id'])) {
$id = $_POST['id'];
$file = id2file($id);
$password = blur_password($_POST['password']);
if (check_path($file) && check_path($destination)) {
if (is_file($file_with_path)) {
$file = $file_with_path;
}
$file = $file_with_path;
$file = stripslashes($file);
$destination_temp = addslash_if_needed($destination) . _basename($file);
# if file/folder exists in destination folder, change name
if (is_file($destination_temp) || is_dir($destination_temp)) {
$destination_temp = addslash_if_needed($destination) . rename_item(_basename($file), $destination);
}
$destination = $destination_temp;
if (!is_dir(dirname('thumbs/' . $destination))) {
mkdir(dirname('thumbs/' . $destination), 0744, true);
}
@rename(get_thumbs_name($file_with_path), get_thumbs_name($destination));
if (is_file($file_with_path)) {
# change path in id
$id = file2id($file_with_path);
$ids = unstore();
$ids[$id] = $destination;
store($ids);
rename($file_with_path, $destination);
$tree = rename_branch($destination, $file_with_path, $id, $_SESSION['login'], $tree);
} elseif (is_dir($file_with_path)) {
# change path in id and all files/folders in the moved folder
$id = file2id($file_with_path);
$ids = unstore();
$ids[$id] = $destination;
$destination = $destination . '/';
$file = $file . '/';
function delete_file_or_folder($id = null, $ids = null, $tree = array())
{
global $ids, $tree;
if (empty($ids)) {
$ids = unstore();
}
if (empty($id)) {
return false;
}
if (empty($tree)) {
tree(null, $_SESSION['login'], false, false, $tree);
}
$f = id2file($id);
if (is_file($f)) {
# delete file & thumb
unlink($f);
$thumbfilename = get_thumbs_name($f);
if (is_file($thumbfilename)) {
unlink($thumbfilename);
}
unset($ids[$id]);
store($ids);
return remove_branch($f, $id);
} else {
if (is_dir($f)) {
$fthumbs = explode('/', $f);
unset($fthumbs[0]);
$fthumbs = implode('/', $fthumbs);
# delete dir
rrmdir($f);
rrmdir('thumbs/' . $fthumbs);
# remove all vanished sub files & folders from id file
foreach ($ids as $id => $path) {
if (strpos($path, $f . '/') !== false) {
unset($ids[$id]);
}
}
store($ids);
return remove_branch($f, $id);
}
}
return $tree;
}