function download_item($dir, $item) { // Security Fix: $item = basename($item); if (!permissions_grant($dir, $item, "read")) { show_error($GLOBALS["error_msg"]["accessfunc"] . $GLOBALS["permissions"]); } if (!get_is_file($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["fileexist"]); } if (!get_show_item($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["accessfile"]); } $abs_item = get_abs_item($dir, $item); $browser = id_browser(); header('Content-Type: ' . ($browser == 'IE' || $browser == 'OPERA' ? 'application/octetstream' : 'application/octet-stream')); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . filesize($abs_item)); if ($browser == 'IE') { header('Content-Disposition: attachment; filename="' . $item . '"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); } else { header('Content-Disposition: attachment; filename="' . $item . '"'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); } @readfile($abs_item); exit; }
function make_item($dir) { if (!permissions_grant($dir, NULL, "create")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } $mkname = $GLOBALS['__POST']["mkname"]; $mktype = $GLOBALS['__POST']["mktype"]; $mkname = basename(stripslashes($mkname)); if ($mkname == "") { show_error($GLOBALS["error_msg"]["miscnoname"]); } $new = get_abs_item($dir, $mkname); if (@file_exists($new)) { show_error($mkname . ": " . $GLOBALS["error_msg"]["itemdoesexist"]); } if ($mktype != "file") { $ok = @mkdir($new, 0777); $err = $GLOBALS["error_msg"]["createdir"]; } else { $ok = @touch($new); $err = $GLOBALS["error_msg"]["createfile"]; } if ($ok === false) { show_error($err); } header("Location: " . make_link("list", $dir, NULL)); }
function permissions_grant_all($dir, $file, $actions) { foreach ($actions as $action) { if (!permissions_grant($dir, $file, $action)) { return false; } } return true; }
function archive_items($dir) { // archive is only allowed if user may change files if (!permissions_grant($dir, NULL, "change")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (!$GLOBALS["zip"] && !$GLOBALS["tar"] && !$GLOBALS["tgz"]) { show_error($GLOBALS["error_msg"]["miscnofunc"]); } if (isset($GLOBALS['__POST']["name"])) { $name = basename(stripslashes($GLOBALS['__POST']["name"])); if ($name == "") { show_error($GLOBALS["error_msg"]["miscnoname"]); } switch ($GLOBALS['__POST']["type"]) { case "zip": zip_items($dir, $name); break; case "tar": tar_items($dir, $name); break; default: tgz_items($dir, $name); } header("Location: " . make_link("list", $dir, NULL)); } show_header($GLOBALS["messages"]["actarchive"]); echo "<BR><FORM name=\"archform\" method=\"post\" action=\"" . make_link("arch", $dir, NULL) . "\">\n"; $cnt = count($GLOBALS['__POST']["selitems"]); for ($i = 0; $i < $cnt; ++$i) { echo "<INPUT type=\"hidden\" name=\"selitems[]\" value=\"" . stripslashes($GLOBALS['__POST']["selitems"][$i]) . "\">\n"; } echo "<TABLE width=\"300\"><TR><TD>" . $GLOBALS["messages"]["nameheader"] . ":</TD><TD align=\"right\">"; echo "<INPUT type=\"text\" name=\"name\" size=\"25\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["typeheader"] . ":</TD><TD align=\"right\"><SELECT name=\"type\">\n"; if ($GLOBALS["zip"]) { echo "<OPTION value=\"zip\">Zip</OPTION>\n"; } if ($GLOBALS["tar"]) { echo "<OPTION value=\"tar\">Tar</OPTION>\n"; } if ($GLOBALS["tgz"]) { echo "<OPTION value=\"tgz\">TGz</OPTION>\n"; } echo "</SELECT></TD></TR>"; echo "<TR><TD></TD><TD align=\"right\"><INPUT type=\"submit\" value=\"" . $GLOBALS["messages"]["btncreate"] . "\">\n"; echo "<input type=\"button\" value=\"" . $GLOBALS["messages"]["btncancel"]; echo "\" onClick=\"javascript:location='" . make_link("list", $dir, NULL) . "';\">\n</TD></TR></FORM></TABLE><BR>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- if(document.archform) document.archform.name.focus(); // --> </script><?php }
function _is_download_allowed($dir, $items) { foreach ($items as $file) { if (!permissions_grant($dir, $file, "read")) { return false; } if (!get_show_item($dir, $file)) { return false; } if (!file_exists(get_abs_item($dir, $file))) { return false; } } return true; }
function download_item($dir, $item) { // Security Fix: $item = basename($item); if (!permissions_grant($dir, $item, "read")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (!get_is_file($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["fileexist"]); } if (!get_show_item($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["accessfile"]); } $abs_item = get_abs_item($dir, $item); _download($abs_item, $item); }
function upload_items($dir) { _debug("fun_up_ajaxupload.upload_items({$dir})"); if (!permissions_grant($dir, NULL, "create")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { _debug("linking to list({$dir})"); header("Location: " . make_link("list", $dir, NULL)); return; } global $no_access; $additional_header_information = file_get_contents("_lib/ajaxupload/upload.html"); $additional_header_information = preg_replace("/@destination_folder@/", $dir, $additional_header_information); $additional_header_information = preg_replace("/@filter_pattern@/", "/{$no_access}/", $additional_header_information); show_header($GLOBALS["messages"]["actupload"], $additional_header_information); ?> <br> <div id="example1" class="example"> <div class="wrapper"> <div id="button1" class="button">Upload</div> </div> <ol class="status"></ol> <p>Uploaded files:</p> <ol class="files"></ol> </div> <table> <tr> <td> <input type="button" onClick="window.location = '<?php echo make_link("list", $dir, NULL); ?> ';" value="<?php echo $GLOBALS["error_msg"]["back"]; ?> "> </td> </tr> </table> </form> <br> <?php return; }
function del_items($dir) { // check if user is allowed to delete files if (!permissions_grant($dir, NULL, "delete")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } $cnt = count($GLOBALS['__POST']["selitems"]); $err = false; // delete files & check for errors for ($i = 0; $i < $cnt; ++$i) { $items[$i] = $GLOBALS['__POST']["selitems"][$i]; $abs = get_abs_item($dir, $items[$i]); if (!@file_exists(get_abs_item($dir, $items[$i]))) { $error[$i] = $GLOBALS["error_msg"]["itemexist"]; $err = true; continue; } if (!get_show_item($dir, $items[$i])) { $error[$i] = $GLOBALS["error_msg"]["accessitem"]; $err = true; continue; } // Delete $ok = remove(get_abs_item($dir, $items[$i])); if ($ok === false) { $error[$i] = $GLOBALS["error_msg"]["delitem"]; $err = true; continue; } $error[$i] = NULL; } if ($err) { // there were errors $err_msg = ""; for ($i = 0; $i < $cnt; ++$i) { if ($error[$i] == NULL) { continue; } $err_msg .= $items[$i] . " : " . $error[$i] . "<BR>\n"; } show_error($err_msg); } header("Location: " . make_link("list", $dir, NULL)); }
function qx_grant($link) { global $dir; switch ($link) { case "javascript:Move();": return permissions_grant($dir, NULL, "change"); case "javascript:Copy();": return permissions_grant_all($dir, NULL, array("create", "read")); case "javascript:Delete();": return permissions_grant($dir, NULL, "delete"); case "javascript:Archive();": return true; case "javascript:location.reload();": return true; } if (preg_match("/\\?action=upload/", $link)) { return permissions_grant($dir, NULL, "create") && get_cfg_var("file_uploads"); } if (preg_match("/\\?action=list/", $link)) { return true; } return false; }
function edit_file($dir, $item) { if (!permissions_grant($dir, $item, "change")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (!get_is_file($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["fileexist"]); } if (!get_show_item($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["accessfile"]); } $fname = get_abs_item($dir, $item); if (isset($GLOBALS['__POST']["dosave"]) && $GLOBALS['__POST']["dosave"] == "yes") { // Save / Save As $item = basename(stripslashes($GLOBALS['__POST']["fname"])); $fname2 = get_abs_item($dir, $item); if (!isset($item) || $item == "") { show_error($GLOBALS["error_msg"]["miscnoname"]); } if ($fname != $fname2 && @file_exists($fname2)) { show_error($item . ": " . $GLOBALS["error_msg"]["itemdoesexist"]); } savefile($fname2); $fname = $fname2; } // open file $fp = @fopen($fname, "r"); if ($fp === false) { show_error($item . ": " . $GLOBALS["error_msg"]["openfile"]); } // header $s_item = get_rel_item($dir, $item); if (strlen($s_item) > 50) { $s_item = "..." . substr($s_item, -47); } show_header($GLOBALS["messages"]["actedit"] . ": /" . $s_item); // Wordwrap (works only in IE) ?> <script language="JavaScript1.2" type="text/javascript"> <!-- function chwrap() { if(document.editfrm.wrap.checked) { document.editfrm.code.wrap="soft"; } else { document.editfrm.code.wrap="off"; } } // --> </script> <script language="Javascript" type="text/javascript"> // initialisation editAreaLoader.init({ id: "txtedit" // id of the textarea to transform ,start_highlight: true // if start with highlight ,allow_resize: "both" //,min_width = 400 //,min_height = 100 //,allow_resize: "y" ,allow_toggle: true ,word_wrap: true ,language: "<?php echo $GLOBALS["language"]; ?> " ,syntax: "<?php echo get_mime_type($dir, $item, "ext"); ?> " }); </script> <?php // Form echo "<BR><FORM name=\"editfrm\" method=\"post\" action=\"" . make_link("edit", $dir, $item) . "\">\n"; echo "<input type=\"hidden\" name=\"dosave\" value=\"yes\">\n"; echo "<TEXTAREA NAME=\"code\" ID=\"txtedit\" rows=\"25\" cols=\"120\" wrap=\"off\">"; // Show File In TextArea $buffer = ""; while (!feof($fp)) { $buffer .= fgets($fp, 4096); } @fclose($fp); //echo htmlspecialchars($buffer); echo $buffer; echo "</TEXTAREA><BR>\n<TABLE><TR><TD>Wordwrap: (IE only)</TD><TD><INPUT type=\"checkbox\" name=\"wrap\" "; echo "onClick=\"javascript:chwrap();\" value=\"1\"></TD></TR></TABLE><BR>\n"; echo "<TABLE><TR><TD><INPUT type=\"text\" name=\"fname\" value=\"" . $item . "\"></TD>"; echo "<TD><input type=\"submit\" value=\"" . $GLOBALS["messages"]["btnsave"]; echo "\"></TD>\n<TD><input type=\"reset\" value=\"" . $GLOBALS["messages"]["btnreset"] . "\"></TD>\n<TD>"; echo "<input type=\"button\" value=\"" . $GLOBALS["messages"]["btnclose"] . "\" onClick=\"javascript:location='"; echo make_link("list", $dir, NULL) . "';\"></TD></TR></FORM></TABLE><BR>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- if(document.editfrm) document.editfrm.code.focus(); // --> </script><?php }
function show_admin($dir) { $admin = permissions_grant(NULL, NULL, "admin"); if (!login_is_user_logged_in()) { show_error($GLOBALS["error_msg"]["miscnofunc"]); } if (!$admin && !permissions_grant(NULL, NULL, "password")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (isset($GLOBALS['__GET']["action2"])) { $action2 = $GLOBALS['__GET']["action2"]; } elseif (isset($GLOBALS['__POST']["action2"])) { $action2 = $GLOBALS['__POST']["action2"]; } else { $action2 = ""; } switch ($action2) { case "chpwd": changepwd($dir); break; case "adduser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } adduser($dir); break; case "edituser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } edituser($dir); break; case "rmuser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } removeuser($dir); break; default: admin($admin, $dir); } }
function _print_edit_buttons($dir) { // for the copy button the user must have create and read rights _print_link("copy", permissions_grant_all($dir, NULL, array("create", "read")), $dir, NULL); _print_link("move", permissions_grant($dir, NULL, "change"), $dir, NULL); _print_link("delete", permissions_grant($dir, NULL, "delete"), $dir, NULL); _print_link("upload", permissions_grant($dir, NULL, "create") && get_cfg_var("file_uploads"), $dir, NULL); _print_link("archive", permissions_grant_all($dir, NULL, array("create", "read")) && ($GLOBALS["zip"] || $GLOBALS["tar"] || $GLOBALS["tgz"]), $dir, NULL); }
function chmod_item($dir, $item) { if (!permissions_grant($dir, NULL, "change")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (!file_exists(get_abs_item($dir, $item))) { show_error($item . ": " . $GLOBALS["error_msg"]["fileexist"]); } if (!get_show_item($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["accessfile"]); } // Execute if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { $bin = ''; for ($i = 0; $i < 3; $i++) { for ($j = 0; $j < 3; $j++) { $tmp = "r_" . $i . $j; if (isset($GLOBALS['__POST'][$tmp]) && $GLOBALS['__POST'][$tmp] == "1") { $bin .= '1'; } else { $bin .= '0'; } } } if (!@chmod(get_abs_item($dir, $item), bindec($bin))) { show_error($item . ": " . $GLOBALS["error_msg"]["permchange"]); } header("Location: " . make_link("link", $dir, NULL)); return; } $mode = parse_file_perms(get_file_perms($dir, $item)); if ($mode === false) { show_error($item . ": " . $GLOBALS["error_msg"]["permread"]); } $pos = "rwx"; $s_item = get_rel_item($dir, $item); if (strlen($s_item) > 50) { $s_item = "..." . substr($s_item, -47); } show_header($GLOBALS["messages"]["actperms"] . ": /" . $s_item); // Form echo "<BR><TABLE width=\"175\"><FORM method=\"post\" action=\""; echo make_link("chmod", $dir, $item) . "\">\n"; echo "<INPUT type=\"hidden\" name=\"confirm\" value=\"true\">\n"; // print table with current perms & checkboxes to change for ($i = 0; $i < 3; ++$i) { echo "<TR><TD>" . $GLOBALS["messages"]["miscchmod"][$i] . "</TD>"; for ($j = 0; $j < 3; ++$j) { echo "<TD>" . $pos[$j] . " <INPUT type=\"checkbox\""; if ($mode[3 * $i + $j] != "-") { echo " checked"; } echo " name=\"r_" . $i . $j . "\" value=\"1\"></TD>"; } echo "</TR>\n"; } // Submit / Cancel echo "</TABLE>\n<BR><TABLE>\n<TR><TD>\n<INPUT type=\"submit\" value=\"" . $GLOBALS["messages"]["btnchange"]; echo "\"></TD>\n<TD><input type=\"button\" value=\"" . $GLOBALS["messages"]["btncancel"]; echo "\" onClick=\"javascript:location='" . make_link("list", $dir, NULL) . "';\">\n</TD></TR></FORM></TABLE><BR>\n"; }
function upload_items($dir) { if (!permissions_grant($dir, NULL, "create")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } // Execute if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { $cnt = count($GLOBALS['__FILES']['userfile']['name']); $err = false; $err_avaliable = isset($GLOBALS['__FILES']['userfile']['error']); // upload files & check for errors for ($i = 0; $i < $cnt; $i++) { $errors[$i] = NULL; $tmp = $GLOBALS['__FILES']['userfile']['tmp_name'][$i]; $items[$i] = stripslashes($GLOBALS['__FILES']['userfile']['name'][$i]); if ($err_avaliable) { $up_err = $GLOBALS['__FILES']['userfile']['error'][$i]; } else { $up_err = file_exists($tmp) ? 0 : 4; } $abs = get_abs_item($dir, $items[$i]); if ($items[$i] == "" || $up_err == 4) { continue; } if ($up_err == 1 || $up_err == 2) { $errors[$i] = $GLOBALS["error_msg"]["miscfilesize"]; $err = true; continue; } if ($up_err == 3) { $errors[$i] = $GLOBALS["error_msg"]["miscfilepart"]; $err = true; continue; } if (!@is_uploaded_file($tmp)) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } if (@file_exists($abs)) { $errors[$i] = $GLOBALS["error_msg"]["itemdoesexist"]; $err = true; continue; } // Upload if (function_exists("move_uploaded_file")) { $ok = @move_uploaded_file($tmp, $abs); } else { $ok = @copy($tmp, $abs); @nlink($tmp); // try to delete... } if ($ok === false) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } } if ($err) { // there were errors $err_msg = ""; for ($i = 0; $i < $cnt; $i++) { if ($errors[$i] == NULL) { continue; } $err_msg .= $items[$i] . " : " . $errors[$i] . "<BR>\n"; } show_error($err_msg); } header("Location: " . make_link("list", $dir, NULL)); return; } show_header($GLOBALS["messages"]["actupload"]); // List echo "<BR><FORM enctype=\"multipart/form-data\" action=\"" . make_link("upload", $dir, NULL); echo "\" method=\"post\">\n<INPUT type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\""; echo get_max_file_size() . "\"><INPUT type=\"hidden\" name=\"confirm\" value=\"true\"><TABLE>\n"; $filecount = 10; for ($ii = 0; $ii < $filecount; $ii++) { echo "<TR><TD nowrap align=\"center\">"; echo "<INPUT name=\"userfile[]\" type=\"file\" size=\"40\"></TD></TR>\n"; } echo "</TABLE>\n<BR><TABLE><TR><TD><INPUT type=\"submit\" value=\"" . $GLOBALS["messages"]["btnupload"]; echo "\"></TD>\n<TD><input type=\"button\" value=\"" . $GLOBALS["messages"]["btncancel"]; echo "\" onClick=\"javascript:location='" . make_link("list", $dir, NULL) . "';\">\n</TD></TR></FORM></TABLE><BR>\n"; return; }
function upload_items($dir) { if (!permissions_grant($dir, NULL, "create")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } // Execute if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { $cnt = count($GLOBALS['__FILES']['userfile']['name']); $err = false; $err_avaliable = isset($GLOBALS['__FILES']['userfile']['error']); // upload files & check for errors for ($i = 0; $i < $cnt; $i++) { $errors[$i] = NULL; $tmp = $GLOBALS['__FILES']['userfile']['tmp_name'][$i]; $items[$i] = stripslashes($GLOBALS['__FILES']['userfile']['name'][$i]); if ($err_avaliable) { $up_err = $GLOBALS['__FILES']['userfile']['error'][$i]; } else { $up_err = file_exists($tmp) ? 0 : 4; } $abs = get_abs_item($dir, $items[$i]); if ($items[$i] == "" || $up_err == 4) { continue; } if ($up_err == 1 || $up_err == 2) { $errors[$i] = $GLOBALS["error_msg"]["miscfilesize"]; $err = true; continue; } if ($up_err == 3) { $errors[$i] = $GLOBALS["error_msg"]["miscfilepart"]; $err = true; continue; } if (!@is_uploaded_file($tmp)) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } if (@file_exists($abs)) { $errors[$i] = $GLOBALS["error_msg"]["itemdoesexist"]; $err = true; continue; } // Upload if (function_exists("move_uploaded_file")) { $ok = @move_uploaded_file($tmp, $abs); } else { $ok = @copy($tmp, $abs); @nlink($tmp); // try to delete... } if ($ok === false) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } } if ($err) { // there were errors $err_msg = ""; for ($i = 0; $i < $cnt; $i++) { if ($errors[$i] == NULL) { continue; } $err_msg .= $items[$i] . " : " . $errors[$i] . "<BR>\n"; } show_error($err_msg); } miwoftp_redirect(make_link("list", $dir, NULL)); return; } show_header($GLOBALS["messages"]["actupload"]); ?> <script type="text/javascript"> $(document).ready(function() { $('#file_upload').uploadify({ 'uploader' : '/apps/uploadify/uploadify.swf', 'script' : '/apps/uploadify/uploadify.php', 'cancelImg' : '/apps/uploadify/cancel.png', 'folder' : '<?php echo $GLOBALS["home_dir"] . $GLOBALS["dir"]; ?> ', 'auto' : true, 'multi' : true, 'removeCompleted' : true, 'auto' : false }); }); </script> <?php // List echo "<BR><FORM enctype=\"multipart/form-data\" action=\"" . make_link("upload", $dir, NULL); echo "\" method=\"post\">\n<INPUT type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\""; echo get_max_file_size() . "\"><INPUT type=\"hidden\" name=\"confirm\" value=\"true\"><TABLE>\n"; for ($i = 0; $i < 0; $i++) { echo "<TR><TD nowrap align=\"center\">"; echo "<INPUT name=\"userfile[]\" id=\"file_upload\" type=\"file\" size=\"40\"></TD></TR>\n"; } echo "<input id=\"file_upload\" name=\"file_upload\" type=\"file\" />\n"; echo "</TABLE>\n<BR><TABLE><TR><TD><INPUT type=\"button\" onClick=\"javascript:\$('#file_upload').uploadifyUpload()\" value=\"" . $GLOBALS["messages"]["btnupload"]; echo "\"></TD>\n<TD><INPUT type=\"button\" onClick=\"javascript:\$('#file_upload').uploadifyClearQueue()\" value=\"Limpiar\""; echo "\"></TD>\n<TD><INPUT type=\"submit\" value=\"Listo\""; echo "\"></TD></TR></FORM></TABLE><BR>\n"; // echo "\"></TD>\n<TD><input type=\"button\" value=\"".$GLOBALS["messages"]["btncancel"]; // echo "\" onClick=\"javascript:location='".make_link("list",$dir,NULL)."';\">\n</TD></TR></FORM></TABLE><BR>\n"; return; }
function edit_file($dir, $item) { if (!permissions_grant($dir, $item, "change")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (!get_is_file($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["fileexist"]); } if (!get_show_item($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["accessfile"]); } $fname = get_abs_item($dir, $item); if (isset($GLOBALS['__POST']["dosave"]) && $GLOBALS['__POST']["dosave"] == "yes") { // Save / Save As $item = basename(stripslashes($GLOBALS['__POST']["fname"])); $fname2 = get_abs_item($dir, $item); if (!isset($item) || $item == "") { show_error($GLOBALS["error_msg"]["miscnoname"]); } if ($fname != $fname2 && @file_exists($fname2)) { show_error($item . ": " . $GLOBALS["error_msg"]["itemdoesexist"]); } savefile($fname2); $fname = $fname2; } // open file $fp = @fopen($fname, "r"); if ($fp === false) { show_error($item . ": " . $GLOBALS["error_msg"]["openfile"]); } // header $s_item = get_rel_item($dir, $item); if (strlen($s_item) > 50) { $s_item = "..." . substr($s_item, -47); } show_header($GLOBALS["messages"]["actedit"] . ": /" . $s_item); // Wordwrap (works only in IE) ?> <script language="JavaScript1.2" type="text/javascript"> <!-- function chwrap() { if(document.editfrm.wrap.checked) { document.editfrm.code.wrap="soft"; } else { document.editfrm.code.wrap="off"; } } // --> </script><?php // Form echo "<BR><FORM name=\"editfrm\" method=\"post\" action=\"" . make_link("edit", $dir, $item) . "\">\n"; echo "<input type=\"hidden\" name=\"dosave\" value=\"yes\">\n"; echo "<TEXTAREA NAME=\"code\" rows=\"25\" cols=\"120\" wrap=\"off\">"; // Show File In TextArea $buffer = ""; while (!feof($fp)) { $buffer .= fgets($fp, 4096); } @fclose($fp); echo htmlentities($buffer, ENT_QUOTES, "UTF-8"); echo "</TEXTAREA><BR>\n<TABLE><TR><TD>Wordwrap: (IE only)</TD><TD><INPUT type=\"checkbox\" name=\"wrap\" "; echo "onClick=\"javascript:chwrap();\" value=\"1\"></TD></TR></TABLE><BR>\n"; echo "<TABLE><TR><TD><INPUT type=\"text\" name=\"fname\" value=\"" . $item . "\"></TD>"; echo "<TD><input type=\"submit\" value=\"" . $GLOBALS["messages"]["btnsave"]; echo "\"></TD>\n<TD><input type=\"reset\" value=\"" . $GLOBALS["messages"]["btnreset"] . "\"></TD>\n<TD>"; echo "<input type=\"button\" value=\"" . $GLOBALS["messages"]["btnclose"] . "\" onClick=\"javascript:location='"; echo make_link("list", $dir, NULL) . "';\"></TD></TR></FORM></TABLE><BR>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- if(document.editfrm) document.editfrm.code.focus(); // --> </script><?php }
function upload_items($dir) { _debug("fun_up_uploadify.upload_items({$dir})"); if (!permissions_grant($dir, NULL, "create")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { _debug("linking to list({$dir})"); header("Location: " . make_link("list", $dir, NULL)); return; } show_header($GLOBALS["messages"]["actupload"]); ?> <link rel="stylesheet" type="text/css" href="_lib/uploadify/uploadify.css" /> <script type="text/javascript" src="http://code.jquery.com/jquery-1.7.2.min.js"></script> <script type="text/javascript" src="_lib/uploadify/jquery.uploadify.min.js"></script> <script type="text/javascript"> $(function() { $('#file_upload').uploadify({ 'debug' : false, 'swf' : '_lib/uploadify/uploadify.swf', 'uploader' : '_lib/uploadify/uploader.php', 'auto' : false, 'multi' : true, 'removeCompleted' : true, 'buttonText' : '<?php echo $GLOBALS['messages']['select_file']; ?> ', 'formData' : { 'folder' : './<?php echo $dir; ?> ' }, 'onUploadSuccess' : function(file, data, response) { if (data != "1") alert('Error: ' + data); } }); }); </script> <br><form enctype="multipart/form-data" action="<?php make_link("upload", $dir, NULL); ?> " method="post"> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo get_max_file_size(); ?> "> <input type="hidden" name="confirm" value="true"> <input type="file" name="file_upload" id="file_upload" /> <table> <tr> <td> <input type="button" onClick="javascript:$('#file_upload').uploadify('upload', '*')" value="<?php echo $GLOBALS["messages"]["btnupload"]; ?> " > </td> <td> <input type="button" onClick="javascript:$('#file_upload').uploadify('cancel', '*')" value="<?php echo $GLOBALS["messages"]["btnreset"]; ?> " > </td> <td> <input type="submit" value="<?php echo $GLOBALS["error_msg"]["back"]; ?> "> </td> </tr> </table> <p><?php echo $GLOBALS['messages']['note_upload_error']; ?> </p> </form> <br> <?php return; }
function upload_items($dir) { if (!permissions_grant($dir, NULL, "create")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } // Execute if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { $cnt = count($GLOBALS['__FILES']['userfile']['name']); $err = false; $err_avaliable = isset($GLOBALS['__FILES']['userfile']['error']); // upload files & check for errors for ($i = 0; $i < $cnt; $i++) { $errors[$i] = NULL; $tmp = $GLOBALS['__FILES']['userfile']['tmp_name'][$i]; $items[$i] = stripslashes($GLOBALS['__FILES']['userfile']['name'][$i]); if ($err_avaliable) { $up_err = $GLOBALS['__FILES']['userfile']['error'][$i]; } else { $up_err = file_exists($tmp) ? 0 : 4; } $abs = get_abs_item($dir, $items[$i]); if ($items[$i] == "" || $up_err == 4) { continue; } if ($up_err == 1 || $up_err == 2) { $errors[$i] = $GLOBALS["error_msg"]["miscfilesize"]; $err = true; continue; } if ($up_err == 3) { $errors[$i] = $GLOBALS["error_msg"]["miscfilepart"]; $err = true; continue; } if (!is_uploaded_file($tmp)) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } if (file_exists($abs) && empty($_REQUEST['overwrite_files'])) { $errors[$i] = $GLOBALS["error_msg"]["itemdoesexist"]; $err = true; continue; } // Upload if (function_exists("move_uploaded_file")) { $ok = @move_uploaded_file($tmp, $abs); } else { $ok = @copy($tmp, $abs); @nlink($tmp); // try to delete... } if ($ok === false) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } } if ($err) { // there were errors $err_msg = ""; for ($i = 0; $i < $cnt; $i++) { if ($errors[$i] == NULL) { continue; } $err_msg .= $items[$i] . " : " . $errors[$i] . "<BR>\n"; } show_error($err_msg); } miwoftp_redirect(make_link("list", $dir, NULL)); return; } //show_header($GLOBALS["messages"]["actupload"]); echo "Nahrať súbor/súbory"; // List echo "<br />"; echo "<form enctype=\"multipart/form-data\" action=\"" . make_link("upload", $dir, NULL) . "\" method=\"post\">"; echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"\" method=\"post\">"; echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"" . get_max_file_size() . "\">"; echo "<input type=\"hidden\" name=\"confirm\" value=\"true\">"; echo "<table>"; $filecount = 10; for ($ii = 0; $ii < $filecount; $ii++) { echo "<tr>"; echo "<td nowrap align=\"center\">"; echo "<input name=\"userfile[]\" type=\"file\" size=\"40\">"; echo "</td>"; echo "</tr>"; } echo "</table>"; echo "<br />"; echo "<table>"; echo "<tr>"; echo "<td colspan=\"2\">"; echo "<input type=\"checkbox\" checked=\"checked\" value=\"1\" name=\"overwrite_files\" id=\"overwrite_files\" /><label for=\"overwrite_files\">Prepísať existujúci súbor/súbory?</label>"; echo "<br />"; echo "<br />"; echo "</td>"; echo "</tr>"; echo "<tr>"; echo "<td>"; echo "<input type=\"submit\" value=\"Nahrať súbor/súbory\" style=\"color:#fff;background:#337ab7;display:inline-block;padding:6px 12px;font-size:16px;text-decoration:none;font-weight:400;line-height:1.4;text-align:center;white-space:nowrap;vertical-align:middle;border:1px solid #2e6da4;border-radius:4px;\">"; echo "</td>"; echo "<td>"; echo "<input type=\"button\" value=\"Zrušiť\" onClick=\"javascript:location='" . make_link("list", $dir, NULL) . "';\" style=\"color:#333;background:#fff;display:inline-block;padding:6px 12px;font-size:16px;text-decoration:none;font-weight:400;line-height:1.4;text-align:center;white-space:nowrap;vertical-align:middle;border:1px solid #ccc;border-radius:4px;\">"; echo "</td>"; echo "</tr>"; echo "</table>"; echo "<input type=\"hidden\" name=\"option\" value=\"com_miwoftp\">"; echo "</form>"; echo "<br />"; return; }
function upload_items($dir) { if (!permissions_grant($dir, NULL, "create")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } // Execute if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { $cnt = count($GLOBALS['__FILES']['userfile']['name']); $err = false; $err_avaliable = isset($GLOBALS['__FILES']['userfile']['error']); // upload files & check for errors for ($i = 0; $i < $cnt; $i++) { $errors[$i] = NULL; $tmp = $GLOBALS['__FILES']['userfile']['tmp_name'][$i]; $items[$i] = $GLOBALS['__FILES']['userfile']['name'][$i]; if ($err_avaliable) { $up_err = $GLOBALS['__FILES']['userfile']['error'][$i]; } else { $up_err = file_exists($tmp) ? 0 : 4; } $abs = get_abs_item($dir, $items[$i]); if ($items[$i] == "" || $up_err == 4) { continue; } if ($up_err == 1 || $up_err == 2) { $errors[$i] = $GLOBALS["error_msg"]["miscfilesize"]; $err = true; continue; } if ($up_err == 3) { $errors[$i] = $GLOBALS["error_msg"]["miscfilepart"]; $err = true; continue; } if (!@is_uploaded_file($tmp)) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } if (@file_exists($abs)) { $errors[$i] = $GLOBALS["error_msg"]["itemdoesexist"]; $err = true; continue; } // Upload if (function_exists("move_uploaded_file")) { $ok = @move_uploaded_file($tmp, $abs); } else { $ok = @copy($tmp, $abs); @nlink($tmp); // try to delete... } if ($ok === false) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } } if ($err) { // there were errors $err_msg = ""; for ($i = 0; $i < $cnt; $i++) { if ($errors[$i] == NULL) { continue; } $err_msg .= $items[$i] . " : " . $errors[$i] . "<BR>\n"; } show_error($err_msg); } header("Location: " . make_link("list", $dir, NULL)); return; } show_header($GLOBALS["messages"]["actupload"]); ?> <script type="text/javascript"> // Convert divs to queue widgets when the DOM is ready $(function() { $("#uploader").pluploadQueue({ // General settings runtimes : 'gears,flash,silverlight,browserplus,html5', url : '<?php echo make_link("upload", $dir, NULL); ?> ', max_file_size : '<?php echo get_max_file_size(); ?> ', chunk_size : '1mb', unique_names : true, // Resize images on clientside if we can resize : {width : 320, height : 240, quality : 90}, // Specify what files to browse for filters : [ {title : "Image files", extensions : "jpg,gif,png"}, {title : "Zip files", extensions : "zip"} ], // Flash settings flash_swf_url : '/apps/plupload/js/plupload.flash.swf', // Silverlight settings silverlight_xap_url : '/apps/plupload/js/plupload.silverlight.xap' }); // Client side form validation $('form').submit(function(e) { var uploader = $('#uploader').pluploadQueue(); // Validate number of uploaded files if (uploader.total.uploaded == 0) { // Files in queue upload them first if (uploader.files.length > 0) { // When all files are uploaded submit form uploader.bind('UploadProgress', function() { if (uploader.total.uploaded == uploader.files.length) $('form').submit(); }); uploader.start(); } else alert('You must at least upload one file.'); e.preventDefault(); } }); }); </script> <?php // List echo "<BR><FORM enctype=\"multipart/form-data\" action=\"" . make_link("upload", $dir, NULL); echo "\" method=\"post\">\n"; echo "<TR><TD nowrap align=\"center\">\n"; echo "<div id=\"uploader\" style=\"height: 330px;\">\n"; echo "\t<p>You browser doesn't have Flash, Silverlight, Gears, BrowserPlus or HTML5 support.</p>\n"; echo "</div>\n"; echo "</TD></TR>\n"; //echo "<input id=\"file_upload\" name=\"file_upload\" type=\"file\" />\n"; echo "</TABLE>\n<BR><TABLE><TR><TD><INPUT type=\"submit\" value=\"Listo\""; echo "\"></TD></TR></FORM></TABLE><BR>\n"; // echo "\"></TD>\n<TD><input type=\"button\" value=\"".$GLOBALS["messages"]["btncancel"]; // echo "\" onClick=\"javascript:location='".make_link("list",$dir,NULL)."';\">\n</TD></TR></FORM></TABLE><BR>\n"; return; }
function _print_edit_buttons($dir) { // for the copy button the user must have create and read rights _print_link("copy", permissions_grant_all($dir, NULL, array("create", "read")), $dir, NULL); _print_link("move", permissions_grant($dir, NULL, "change"), $dir, NULL); _print_link("delete", permissions_grant($dir, NULL, "delete"), $dir, NULL); // NAS4Free info: We disable upload function for security and limited space var/temp // _print_link("upload", permissions_grant($dir, NULL, "create") && get_cfg_var("file_uploads"), $dir, NULL); // _print_link("archive", // permissions_grant_all($dir, NULL, array("create", "read")) // && ($GLOBALS["zip"] || $GLOBALS["tar"] || $GLOBALS["tgz"]), // $dir, NULL); }
function upload_items($dir) { if (!permissions_grant($dir, NULL, "create")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } // Execute if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") { $cnt = count($GLOBALS['__FILES']['userfile']['name']); $err = false; $err_avaliable = isset($GLOBALS['__FILES']['userfile']['error']); // upload files & check for errors for ($i = 0; $i < $cnt; $i++) { $errors[$i] = NULL; $tmp = $GLOBALS['__FILES']['userfile']['tmp_name'][$i]; $items[$i] = stripslashes($GLOBALS['__FILES']['userfile']['name'][$i]); if ($err_avaliable) { $up_err = $GLOBALS['__FILES']['userfile']['error'][$i]; } else { $up_err = file_exists($tmp) ? 0 : 4; } $abs = get_abs_item($dir, $items[$i]); if ($items[$i] == "" || $up_err == 4) { continue; } if ($up_err == 1 || $up_err == 2) { $errors[$i] = $GLOBALS["error_msg"]["miscfilesize"]; $err = true; continue; } if ($up_err == 3) { $errors[$i] = $GLOBALS["error_msg"]["miscfilepart"]; $err = true; continue; } if (!is_uploaded_file($tmp)) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } if (file_exists($abs) && empty($_REQUEST['overwrite_files'])) { $errors[$i] = $GLOBALS["error_msg"]["itemdoesexist"]; $err = true; continue; } // Upload if (function_exists("move_uploaded_file")) { $ok = @move_uploaded_file($tmp, $abs); } else { $ok = @copy($tmp, $abs); @nlink($tmp); // try to delete... } if ($ok === false) { $errors[$i] = $GLOBALS["error_msg"]["uploadfile"]; $err = true; continue; } } if ($err) { // there were errors $err_msg = ""; for ($i = 0; $i < $cnt; $i++) { if ($errors[$i] == NULL) { continue; } $err_msg .= $items[$i] . " : " . $errors[$i] . "<BR>\n"; } show_error($err_msg); } miwoftp_redirect(make_link("list", $dir, NULL)); return; } show_header($GLOBALS["messages"]["actupload"]); // List echo "<br />"; echo "<form enctype=\"multipart/form-data\" action=\"" . make_link("upload", $dir, NULL) . "\" method=\"post\">"; echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"\" method=\"post\">"; echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"" . get_max_file_size() . "\">"; echo "<input type=\"hidden\" name=\"confirm\" value=\"true\">"; echo "<table>"; $filecount = 10; for ($ii = 0; $ii < $filecount; $ii++) { echo "<tr>"; echo "<td nowrap align=\"center\">"; echo "<input name=\"userfile[]\" type=\"file\" size=\"40\">"; echo "</td>"; echo "</tr>"; } echo "</table>"; echo "<br />"; echo "<table>"; echo "<tr>"; echo "<td colspan=\"2\">"; echo "<input type=\"checkbox\" checked=\"checked\" value=\"1\" name=\"overwrite_files\" id=\"overwrite_files\" /><label for=\"overwrite_files\">" . $GLOBALS["messages"]["overwrite_files"] . "</label>"; echo "<br />"; echo "<br />"; echo "</td>"; echo "</tr>"; echo "<tr>"; echo "<td>"; echo "<input type=\"submit\" value=\"" . $GLOBALS["messages"]["btnupload"] . "\">"; echo "</td>"; echo "<td>"; echo "<input type=\"button\" value=\"" . $GLOBALS["messages"]["btncancel"] . "\" onClick=\"javascript:location='" . make_link("list", $dir, NULL) . "';\">"; echo "</td>"; echo "</tr>"; echo "</table>"; echo "<input type=\"hidden\" name=\"option\" value=\"com_miwoftp\">"; echo "</form>"; echo "<br />"; return; }
function copy_move_items($dir) { // copy and move are only allowed if the user may read and change files if ($GLOBALS["action"] == "copy" && !permissions_grant_all($dir, NULL, array("read", "create"))) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if ($GLOBALS["action"] == "move" && !permissions_grant($dir, NULL, "change")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } // Vars $first = $GLOBALS['__POST']["first"]; if ($first == "y") { $new_dir = $dir; } else { $new_dir = $GLOBALS['__POST']["new_dir"]; } if ($new_dir == ".") { $new_dir = ""; } $cnt = count($GLOBALS['__POST']["selitems"]); // Copy or Move? if ($GLOBALS["action"] != "move") { $_img = "_img/__copy.gif"; } else { $_img = "_img/__cut.gif"; } // Get New Location & Names if (!isset($GLOBALS['__POST']["confirm"]) || $GLOBALS['__POST']["confirm"] != "true") { $msg = $GLOBALS["action"] != "move" ? $GLOBALS["messages"]["actcopyitems"] : $GLOBALS["messages"]["actmoveitems"]; show_header($msg); // JavaScript for Form: // Select new target directory / execute action ?> <script language="JavaScript1.2" type="text/javascript"> <!-- function NewDir(newdir) { document.selform.new_dir.value = newdir; document.selform.submit(); } function Execute() { document.selform.confirm.value = "true"; } //--> </script> <?php // "Copy / Move from .. to .." $s_dir = $dir; if (strlen($s_dir) > 40) { $s_dir = "..." . substr($s_dir, -37); } $s_ndir = $new_dir; if (strlen($s_ndir) > 40) { $s_ndir = "..." . substr($s_ndir, -37); } echo "<BR><IMG SRC=\"" . $_img . "\" align=\"ABSMIDDLE\" ALT=\"\"> "; echo htmlspecialchars(sprintf($GLOBALS["action"] != "move" ? $GLOBALS["messages"]["actcopyfrom"] : $GLOBALS["messages"]["actmovefrom"], $s_dir, $s_ndir)); echo "<IMG SRC=\"_img/__paste.gif\" align=\"ABSMIDDLE\" ALT=\"\">\n"; // Form for Target Directory & New Names echo "<BR><BR><FORM name=\"selform\" method=\"post\" action=\""; echo make_link("post", $dir, NULL) . "\"><TABLE>\n"; echo "<INPUT type=\"hidden\" name=\"do_action\" value=\"" . $GLOBALS["action"] . "\">\n"; echo "<INPUT type=\"hidden\" name=\"confirm\" value=\"false\">\n"; echo "<INPUT type=\"hidden\" name=\"first\" value=\"n\">\n"; echo "<INPUT type=\"hidden\" name=\"new_dir\" value=\"" . htmlspecialchars($new_dir) . "\">\n"; // List Directories to select Target dir_print(dir_list($new_dir), $new_dir); echo "</TABLE><BR><TABLE>\n"; // Print Text Inputs to change Names for ($i = 0; $i < $cnt; ++$i) { $selitem = $GLOBALS['__POST']["selitems"][$i]; if (isset($GLOBALS['__POST']["newitems"][$i])) { $newitem = $GLOBALS['__POST']["newitems"][$i]; if ($first == "y") { $newitem = $selitem; } } else { $newitem = $selitem; } $s_item = $selitem; if (strlen($s_item) > 50) { $s_item = substr($s_item, 0, 47) . "..."; } echo "<TR><TD><IMG SRC=\"_img/_info.gif\" align=\"ABSMIDDLE\" ALT=\"\">"; // Old Name echo "<INPUT type=\"hidden\" name=\"selitems[]\" value=\""; echo htmlspecialchars($selitem) . "\"> " . htmlspecialchars($s_item) . " "; // New Name echo "</TD><TD><INPUT type=\"text\" size=\"25\" name=\"newitems[]\" value=\""; echo htmlspecialchars($newitem) . "\"></TD></TR>\n"; } // Submit & Cancel echo "</TABLE><BR><TABLE><TR>\n<TD>"; echo "<INPUT type=\"submit\" value=\""; echo $GLOBALS["action"] != "move" ? $GLOBALS["messages"]["btncopy"] : $GLOBALS["messages"]["btnmove"]; echo "\" onclick=\"javascript:Execute();\"></TD>\n<TD>"; echo "<input type=\"button\" value=\"" . $GLOBALS["messages"]["btncancel"]; echo "\" onClick=\"javascript:location='" . make_link("list", $dir, NULL); echo "';\"></TD>\n</TR></FORM></TABLE><BR>\n"; return; } // DO COPY/MOVE // ALL OK? if (!@file_exists(get_abs_dir($new_dir))) { show_error($new_dir . ": " . $GLOBALS["error_msg"]["targetexist"]); } if (!get_show_item($new_dir, "")) { show_error($new_dir . ": " . $GLOBALS["error_msg"]["accesstarget"]); } if (!down_home(get_abs_dir($new_dir))) { show_error($new_dir . ": " . $GLOBALS["error_msg"]["targetabovehome"]); } // copy / move files $err = false; for ($i = 0; $i < $cnt; ++$i) { $tmp = $GLOBALS['__POST']["selitems"][$i]; $new = basename($GLOBALS['__POST']["newitems"][$i]); $abs_item = get_abs_item($dir, $tmp); $abs_new_item = get_abs_item($new_dir, $new); $items[$i] = $tmp; // Check if ($new == "") { $error[$i] = $GLOBALS["error_msg"]["miscnoname"]; $err = true; continue; } if (!@file_exists($abs_item)) { $error[$i] = $GLOBALS["error_msg"]["itemexist"]; $err = true; continue; } if (!get_show_item($dir, $tmp)) { $error[$i] = $GLOBALS["error_msg"]["accessitem"]; $err = true; continue; } if (@file_exists($abs_new_item)) { $error[$i] = $GLOBALS["error_msg"]["targetdoesexist"]; $err = true; continue; } // Copy / Move if ($GLOBALS["action"] == "copy") { if (@is_link($abs_item) || @is_file($abs_item)) { // check file-exists to avoid error with 0-size files (PHP 4.3.0) $ok = @copy($abs_item, $abs_new_item); //||@file_exists($abs_new_item); } elseif (@is_dir($abs_item)) { $ok = copy_dir($abs_item, $abs_new_item); } } else { $ok = @rename($abs_item, $abs_new_item); } if ($ok === false) { $error[$i] = $GLOBALS["action"] == "copy" ? $GLOBALS["error_msg"]["copyitem"] : $GLOBALS["error_msg"]["moveitem"]; $err = true; continue; } $error[$i] = NULL; } if ($err) { // there were errors $err_msg = ""; for ($i = 0; $i < $cnt; ++$i) { if ($error[$i] == NULL) { continue; } $err_msg .= $items[$i] . " : " . $error[$i] . "<BR>\n"; } show_error($err_msg); } header("Location: " . make_link("list", $dir, NULL)); }