if ($HTTP_POST_VARS['remail'] != "") { sendMail($HTTP_POST_VARS['mailAdresses'], "/" . $config['fileDir'] . $HTTP_POST_VARS['name'], $config, $lang); } if ($HTTP_POST_VARS['delete'] == $lang['yes']) { writeOngoing($lang['deleting']); # first we have to be aware that some evil guy trys to delete files # outside of our directory by deleting ".." and "/" in filename $deleteFile = $HTTP_POST_VARS['name']; //$deleteFile=ereg_replace("\/","",$HTTP_POST_VARS['name']); //$deleteFile=(ereg_replace("\.\.","",$deleteFile)); if (@unlink($config['fileDir'] . $deleteFile)) { showNotification("File has been deleted", $config['appName'], $lang['deleteSuccess'], $iconPath); writeSuccess($lang['deleteSuccess']); } else { showNotification("Delete failed", $config['appName'], $lang['deleteError'], $iconPath); writeWarning($lang['deleteError']); } } ?> </div> <?php if ($HTTP_POST_VARS['expandUploadSubmit']) { ?> <div id="uploadForm"> <h2><?php echo $lang['uploadHeading']; ?> </h2> <form method="post" action="index.php" enctype="multipart/form-data"> <ol>
function sendMail($receipient, $fileName, $conf, $lang) { // ************************************************* // function sendMail // Parameters: // $receipient: e-mail adress of receipient // $fileName: name of file to send the link of // $conf: the general configuration of SiFiEx // $lang: to be used language // Return value: TRUE if mail was send, otherwise FALSE // // Sends an e-mail to the named e-mail-adress to notify // someone of a file on the SiFiEx-server // ************************************************* $header = ""; $header .= "From: " . $conf['mailSenderName'] . " <" . $conf['mailSenderEmail'] . ">\r\n"; ini_set("sendmail_from", $conf['mailSenderEmail']); $body = ""; $body .= $lang['mailStart'] . " "; $pathFull = explode("/", $_SERVER['PHP_SELF']); array_pop($pathFull); $pathToScript = implode("/", $pathFull); $body .= detectSSL() . "://" . $_SERVER['HTTP_HOST'] . $pathToScript . $fileName . "\n\n"; if ($conf['mailInfoPassword']) { $body .= $lang['mailPassword'] . "\n\n"; } $body .= "\n\n" . $lang['mailEnd']; if (!mail($receipient, $lang['mailSubject'], $body, $header)) { showNotification("Mail send error", $config['appName'], $lang['mailError'], $iconPath); writeWarning($lang['mailError']); return FALSE; } else { showNotification("Mail has been sent", $config['appName'], $lang['mailSuccess'] . $receipient, $iconPath); writeSuccess($lang['mailSuccess'] . $receipient); return TRUE; } if ($conf['debug']) { echo "<pre>" . $header . "\n\n" . $body . "</pre>\n"; } }
function clearDir($dir) { if (is_dir($dir) && ($dh = opendir($dir)) !== false) { while (($file = readdir($dh)) !== FALSE) { if ($file != '.' && $file != '..') { $s = $dir . '\\' . $file; if (is_dir($s)) { clearDir($s); } else { if (!@unlink($s)) { return FALSE; } } } } closedir($dh); } if (!@rmdir($dir) && @file_exists($dir)) { writeWarning("Failed to remove \"{$dir}\"."); } return TRUE; }