/** If no user is logged in, show the login option */ function show_login() { if (login_ok()) { return; } echo '<small> - <a href="' . make_link("login", NULL) . '">' . $GLOBALS['messages']['btnlogin'] . "</a></small>"; }
function list_dir($dir) { $dir_up = dirname($dir); if ($dir_up == ".") { $dir_up = ""; } if (!get_show_item($dir_up, basename($dir))) { show_error($dir . " : " . $GLOBALS["error_msg"]["accessdir"]); } // make file & dir tables, & get total filesize & number of items make_tables($dir, $dir_list, $file_list, $tot_file_size, $num_items); $s_dir = $dir; if (strlen($s_dir) > 50) { $s_dir = "..." . substr($s_dir, -47); } show_header("<a href='javascript:history.go(-1);'><font color=#0a0a0a>Go Back to Problem List</font></a><br>" . $GLOBALS["messages"]["actdir"] . ": /" . get_rel_item("", $s_dir)); // Javascript functions: include "./.include/javascript.php"; // Sorting of items $_img = " <IMG width=\"10\" height=\"10\" border=\"0\" align=\"ABSMIDDLE\" src=\"_img/"; if ($GLOBALS["srt"] == "yes") { $_srt = "no"; $_img .= "_arrowup.gif\" ALT=\"^\">"; } else { $_srt = "yes"; $_img .= "_arrowdown.gif\" ALT=\"v\">"; } // Toolbar echo "<BR><TABLE width=\"95%\"><TR><TD><TABLE><TR>\n"; // PARENT DIR echo "<TD><A HREF=\"" . make_link("list", $dir_up, NULL) . "\">"; echo "<IMG border=\"0\" width=\"16\" height=\"16\" align=\"ABSMIDDLE\" src=\"_img/_up.gif\" "; echo "ALT=\"" . $GLOBALS["messages"]["uplink"] . "\" TITLE=\"" . $GLOBALS["messages"]["uplink"] . "\"></A></TD>\n"; // HOME DIR echo "<TD><A HREF=\"" . make_link("list", NULL, NULL) . "\">"; echo "<IMG border=\"0\" width=\"16\" height=\"16\" align=\"ABSMIDDLE\" src=\"_img/_home.gif\" "; echo "ALT=\"" . $GLOBALS["messages"]["homelink"] . "\" TITLE=\"" . $GLOBALS["messages"]["homelink"] . "\"></A></TD>\n"; // RELOAD echo "<TD><A HREF=\"javascript:location.reload();\"><IMG border=\"0\" width=\"16\" height=\"16\" "; echo "align=\"ABSMIDDLE\" src=\"_img/_refresh.gif\" ALT=\"" . $GLOBALS["messages"]["reloadlink"]; echo "\" TITLE=\"" . $GLOBALS["messages"]["reloadlink"] . "\"></A></TD>\n"; // SEARCH echo "<TD><A HREF=\"" . make_link("search", $dir, NULL) . "\">"; echo "<IMG border=\"0\" width=\"16\" height=\"16\" align=\"ABSMIDDLE\" src=\"_img/_search.gif\" "; echo "ALT=\"" . $GLOBALS["messages"]["searchlink"] . "\" TITLE=\"" . $GLOBALS["messages"]["searchlink"]; echo "\"></A></TD>\n"; echo "<TD>::</TD>"; // print the edit buttons _print_edit_buttons($dir); // ADMIN & LOGOUT if (login_ok()) { echo "<TD>::</TD>"; // ADMIN _print_link("admin", permissions_grant(NULL, NULL, "admin") || permissions_grant(NULL, NULL, "password"), $dir, NULL); // LOGOUT _print_link("logout", true, $dir, NULL); } echo "</TR></TABLE></TD>\n"; // Create File / Dir if (permissions_grant($dir, NULL, "create")) { echo "<TD align=\"right\"><TABLE><FORM action=\"" . make_link("mkitem", $dir, NULL) . "\" method=\"post\">\n<TR><TD>"; echo "<SELECT name=\"mktype\"><option value=\"file\">" . $GLOBALS["mimes"]["file"] . "</option>"; echo "<option value=\"dir\">" . $GLOBALS["mimes"]["dir"] . "</option></SELECT>\n"; echo "<INPUT name=\"mkname\" type=\"text\" size=\"15\">"; echo "<INPUT type=\"submit\" value=\"" . $GLOBALS["messages"]["btncreate"]; echo "\"></TD></TR></FORM></TABLE></TD>\n"; } echo "</TR></TABLE>\n"; // End Toolbar // Begin Table + Form for checkboxes echo "<TABLE WIDTH=\"95%\"><FORM name=\"selform\" method=\"POST\" action=\"" . make_link("post", $dir, NULL) . "\">\n"; echo "<INPUT type=\"hidden\" name=\"do_action\"><INPUT type=\"hidden\" name=\"first\" value=\"y\">\n"; // Table Header echo "<TR><TD colspan=\"7\"><HR></TD></TR><TR><TD WIDTH=\"2%\" class=\"header\">\n"; echo "<INPUT TYPE=\"checkbox\" name=\"toggleAllC\" onclick=\"javascript:ToggleAll(this);\"></TD>\n"; echo "<TD WIDTH=\"44%\" class=\"header\"><B>\n"; if ($GLOBALS["order"] == "name") { $new_srt = $_srt; } else { $new_srt = "yes"; } echo "<A href=\"" . make_link("list", $dir, NULL, "name", $new_srt) . "\">" . $GLOBALS["messages"]["nameheader"]; if ($GLOBALS["order"] == "name") { echo $_img; } echo "</A></B></TD>\n<TD WIDTH=\"10%\" class=\"header\"><B>"; if ($GLOBALS["order"] == "size") { $new_srt = $_srt; } else { $new_srt = "yes"; } echo "<A href=\"" . make_link("list", $dir, NULL, "size", $new_srt) . "\">" . $GLOBALS["messages"]["sizeheader"]; if ($GLOBALS["order"] == "size") { echo $_img; } echo "</A></B></TD>\n<TD WIDTH=\"16%\" class=\"header\"><B>"; if ($GLOBALS["order"] == "type") { $new_srt = $_srt; } else { $new_srt = "yes"; } echo "<A href=\"" . make_link("list", $dir, NULL, "type", $new_srt) . "\">" . $GLOBALS["messages"]["typeheader"]; if ($GLOBALS["order"] == "type") { echo $_img; } echo "</A></B></TD>\n<TD WIDTH=\"14%\" class=\"header\"><B>"; if ($GLOBALS["order"] == "mod") { $new_srt = $_srt; } else { $new_srt = "yes"; } echo "<A href=\"" . make_link("list", $dir, NULL, "mod", $new_srt) . "\">" . $GLOBALS["messages"]["modifheader"]; if ($GLOBALS["order"] == "mod") { echo $_img; } echo "</A></B></TD><TD WIDTH=\"8%\" class=\"header\"><B>" . $GLOBALS["messages"]["permheader"] . "</B>\n"; echo "</TD><TD WIDTH=\"6%\" class=\"header\"><B>" . $GLOBALS["messages"]["actionheader"] . "</B></TD></TR>\n"; echo "<TR><TD colspan=\"7\"><HR></TD></TR>\n"; // make & print Table using lists print_table($dir, make_list($dir_list, $file_list)); // print number of items & total filesize echo "<TR><TD colspan=\"7\"><HR></TD></TR><TR>\n<TD class=\"header\"></TD>"; echo "<TD class=\"header\">" . $num_items . " " . $GLOBALS["messages"]["miscitems"] . " ("; if (function_exists("disk_free_space")) { $free = parse_file_size(disk_free_space(get_abs_dir($dir))); } elseif (function_exists("diskfreespace")) { $free = parse_file_size(diskfreespace(get_abs_dir($dir))); } else { $free = "?"; } // echo "Total: ".parse_file_size(disk_total_space(get_abs_dir($dir))).", "; echo $GLOBALS["messages"]["miscfree"] . ": " . $free . ")</TD>\n"; echo "<TD class=\"header\">" . parse_file_size($tot_file_size) . "</TD>\n"; for ($i = 0; $i < 4; ++$i) { echo "<TD class=\"header\"></TD>"; } echo "</TR>\n<TR><TD colspan=\"7\"><HR></TD></TR></FORM></TABLE>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- // Uncheck all items (to avoid problems with new items) var ml = document.selform; var len = ml.elements.length; for(var i=0; i<len; ++i) { var e = ml.elements[i]; if(e.name == "selitems[]" && e.checked == true) { e.checked=false; } } // --> </script><?php }
function logInMember() { $redir = 'index.php'; if ($_POST['signIn'] != '') { if ($_POST['username'] != '' && $_POST['password'] != '') { $username = makeSafe(strtolower($_POST['username'])); $password = md5($_POST['password']); if (sqlValue("select count(1) from membership_users where lcase(memberID)='{$username}' and passMD5='{$password}' and isApproved=1 and isBanned=0") == 1) { $_SESSION['memberID'] = $username; $_SESSION['memberGroupID'] = sqlValue("select groupID from membership_users where lcase(memberID)='{$username}'"); if ($_POST['rememberMe'] == 1) { @setcookie('FWLDBA_rememberMe', md5($username . $password), time() + 86400 * 30); } else { @setcookie('FWLDBA_rememberMe', '', time() - 86400 * 30); } // hook: login_ok if (function_exists('login_ok')) { $args = array(); if (!($redir = login_ok(getMemberInfo(), $args))) { $redir = 'index.php'; } } redirect($redir); exit; } } // hook: login_failed if (function_exists('login_failed')) { $args = array(); login_failed(array('username' => $_POST['username'], 'password' => $_POST['password'], 'IP' => $_SERVER['REMOTE_ADDR']), $args); } if (!headers_sent()) { header('HTTP/1.0 403 Forbidden'); } redirect("index.php?loginFailed=1"); exit; } elseif ((!$_SESSION['memberID'] || $_SESSION['memberID'] == $adminConfig['anonymousMember']) && $_COOKIE['FWLDBA_rememberMe'] != '') { $chk = makeSafe($_COOKIE['FWLDBA_rememberMe']); if ($username = sqlValue("select memberID from membership_users where convert(md5(concat(memberID, passMD5)), char)='{$chk}' and isBanned=0")) { $_SESSION['memberID'] = $username; $_SESSION['memberGroupID'] = sqlValue("select groupID from membership_users where lcase(memberID)='{$username}'"); } } }
function list_dir($dir) { $dir_up = dirname($dir); if ($dir_up == ".") { $dir_up = ""; } if (!get_show_item($dir_up, basename($dir))) { show_error($dir . " : " . $GLOBALS["error_msg"]["accessdir"]); } // make file & dir tables, & get total filesize & number of items make_tables($dir, $dir_list, $file_list, $tot_file_size, $num_items); $s_dir = $dir; if (strlen($s_dir) > 50) { $s_dir = "..." . substr($s_dir, -47); } show_header($GLOBALS["messages"]["actdir"] . ": /" . get_rel_item("", $s_dir)); // Javascript functions: include MPATH_MIWOFTP_QX . "/_include/javascript.php"; // Sorting of items $_img = " <IMG width=\"10\" height=\"10\" border=\"0\" align=\"ABSMIDDLE\" src=\"_img/"; if ($GLOBALS["srt"] == "yes") { $_srt = "no"; $_img .= "_arrowup.gif\" ALT=\"^\">"; } else { $_srt = "yes"; $_img .= "_arrowdown.gif\" ALT=\"v\">"; } // Toolbar echo "<BR><TABLE width=\"95%\"><TR><TD><TABLE><TR>\n"; // PARENT DIR /* echo "<TD><A HREF=\"".make_link("list",$dir_up,NULL)."\">"; echo "<IMG border=\"0\" width=\"16\" height=\"16\" align=\"ABSMIDDLE\" src=\"".$GLOBALS["baricons"]["up"]."\" "; echo "ALT=\"".$GLOBALS["messages"]["uplink"]."\" TITLE=\"".$GLOBALS["messages"]["uplink"]."\"></A></TD>\n"; */ // HOME DIR echo "<TD><A HREF=\"" . make_link("list", NULL, NULL) . "\" title='Koreňová zložka'>"; //echo "<IMG border=\"0\" width=\"16\" height=\"16\" align=\"ABSMIDDLE\" src=\"".$GLOBALS["baricons"]["home"]."\" "; //echo "ALT=\"".$GLOBALS["messages"]["homelink"]."\" TITLE=\"".$GLOBALS["messages"]["homelink"]."\"></A></TD>\n"; echo "<span class='dashicons dashicons-admin-home' style='text-decoration:none;font-size:30px;padding:10px'></span></A></TD>\n"; // RELOAD /* echo "<TD><A HREF=\"javascript:location.reload();\"><IMG border=\"0\" width=\"16\" height=\"16\" "; echo "align=\"ABSMIDDLE\" src=\"".$GLOBALS["baricons"]["reload"]."\" ALT=\"".$GLOBALS["messages"]["reloadlink"]; echo "\" TITLE=\"".$GLOBALS["messages"]["reloadlink"]."\"></A></TD>\n"; */ // SEARCH /* echo "<TD><A HREF=\"".make_link("search",$dir,NULL)."\">"; echo "<IMG border=\"0\" width=\"16\" height=\"16\" align=\"ABSMIDDLE\" src=\"".$GLOBALS["baricons"]["search"]."\" "; echo "ALT=\"".$GLOBALS["messages"]["searchlink"]."\" TITLE=\"".$GLOBALS["messages"]["searchlink"]; echo "\"></A></TD>\n"; */ //echo "<TD>::</TD>"; // print the edit buttons _print_edit_buttons($dir); // ADMIN & LOGOUT if (login_ok()) { echo "<TD>::</TD>"; // ADMIN _print_link("admin", permissions_grant(NULL, NULL, "admin") || permissions_grant(NULL, NULL, "password"), $dir, NULL); // LOGOUT _print_link("logout", true, $dir, NULL); } //echo "<TD>::</TD>"; //Languages foreach ($GLOBALS["langs"] as $langs) { echo "<TD><A HREF=\"" . make_link("list", $dir, NULL, NULL, NULL, $langs[0]) . "\">"; if (!file_exists($langs[1])) { echo " {$langs['0']} "; } else { echo "<IMG border=\"0\" width=\"16\" height=\"11\" "; echo "align=\"ABSMIDDLE\" src=\"" . $langs[1] . "\" ALT=\"" . $langs[0]; echo "\" TITLE=\"" . $langs[2] . "\"/></A></TD>\n"; } //list($slang,$img,$ext,$type) = $mime; /*if(@eregi($ext,$item)) { $mime_type = $desc; $image = $img; if($query=="img"){ return $image;} else if($query=="ext"){ return $type;} else return $mime_type; */ } // echo "</TR></TABLE></TD>\n"; // Create File / Dir /* if (permissions_grant($dir, NULL, "create")) { echo "<TD align=\"right\"><TABLE><FORM action=\"".make_link("mkitem",$dir,NULL)."\" method=\"post\">\n<TR><TD>"; echo "<IMG border=\"0\" width=\"16\" height=\"16\" align=\"ABSMIDDLE\" src=\"".$GLOBALS["baricons"]["add"]."\" />"; echo "<SELECT name=\"mktype\">"; echo "<option value=\"file\">".$GLOBALS["mimes"]["file"]."</option>"; echo "<option value=\"dir\">".$GLOBALS["mimes"]["dir"]."</option></SELECT>\n"; echo "<INPUT name=\"mkname\" type=\"text\" size=\"15\">"; echo "<INPUT type=\"submit\" value=\"".$GLOBALS["messages"]["btncreate"]; echo "\"></TD></TR></FORM></TABLE></TD>\n"; } */ echo "</TR></TABLE>\n"; // End Toolbar // Begin Table + Form for checkboxes echo "<TABLE WIDTH=\"95%\"><FORM name=\"selform\" method=\"POST\" action=\"" . make_link("post", $dir, NULL) . "\">\n"; echo "<INPUT type=\"hidden\" name=\"do_action\"><INPUT type=\"hidden\" name=\"first\" value=\"y\">\n"; // Table Header echo "<TR><TD colspan=\"7\"><HR></TD></TR><TR><TD WIDTH=\"2%\" class=\"header\">\n"; echo "<INPUT TYPE=\"checkbox\" name=\"toggleAllC\" onclick=\"javascript:ToggleAll(this);\"></TD>\n"; echo "<TD WIDTH=\"44%\" class=\"header\"><B>\n"; if ($GLOBALS["order"] == "name") { $new_srt = $_srt; } else { $new_srt = "yes"; } echo "<A href=\"" . make_link("list", $dir, NULL, "name", $new_srt) . "\">" . $GLOBALS["messages"]["nameheader"]; if ($GLOBALS["order"] == "name") { echo $_img; } echo "</A></B></TD>\n<TD WIDTH=\"10%\" class=\"header\"><B>"; if ($GLOBALS["order"] == "size") { $new_srt = $_srt; } else { $new_srt = "yes"; } echo "<A href=\"" . make_link("list", $dir, NULL, "size", $new_srt) . "\">" . $GLOBALS["messages"]["sizeheader"]; if ($GLOBALS["order"] == "size") { echo $_img; } echo "</A></B></TD>\n<TD WIDTH=\"16%\" class=\"header\"><B>"; if ($GLOBALS["order"] == "type") { $new_srt = $_srt; } else { $new_srt = "yes"; } echo "<A href=\"" . make_link("list", $dir, NULL, "type", $new_srt) . "\">" . $GLOBALS["messages"]["typeheader"]; if ($GLOBALS["order"] == "type") { echo $_img; } echo "</A></B></TD>\n<TD WIDTH=\"14%\" class=\"header\"><B>"; if ($GLOBALS["order"] == "mod") { $new_srt = $_srt; } else { $new_srt = "yes"; } echo "<A href=\"" . make_link("list", $dir, NULL, "mod", $new_srt) . "\">" . $GLOBALS["messages"]["modifheader"]; if ($GLOBALS["order"] == "mod") { echo $_img; } //echo "</A></B></TD><TD WIDTH=\"8%\" class=\"header\"><B>".$GLOBALS["messages"]["permheader"]."</B>\n"; //echo "</TD><TD WIDTH=\"6%\" class=\"header\"><B>".$GLOBALS["messages"]["actionheader"]."</B></TD></TR>\n"; echo "</A></B></TD><TD WIDTH=\"6%\" class=\"header\"><B>" . $GLOBALS["messages"]["actionheader"] . "</B></TD></TR>\n"; echo "<TR><TD colspan=\"7\"><HR></TD></TR>\n"; // make & print Table using lists print_table($dir, make_list($dir_list, $file_list)); // print number of items & total filesize echo "<TR><TD colspan=\"7\"><HR></TD></TR><TR>\n<TD class=\"header\"></TD>"; echo "<TD class=\"header\">" . $num_items . " " . $GLOBALS["messages"]["miscitems"] . " ("; // JA // //$free=parse_file_size(diskfreespace(get_abs_dir($dir))); if (function_exists("disk_free_space")) { $free = parse_file_size(disk_free_space($GLOBALS["home_dir"])); // $free=parse_file_size(disk_free_space(home_dir)); // $free=parse_file_size(disk_free_space(get_abs_dir($dir))); } elseif (function_exists("diskfreespace")) { $free = parse_file_size(diskfreespace($GLOBALS["home_dir"])); // $free=parse_file_size(diskfreespace(home_dir)); // $free=parse_file_size(diskfreespace(get_abs_dir($dir))); } else { $free = "?"; } // JA // echo $GLOBALS["messages"]["miscfree"] . ": " . $free . ")</TD>\n"; echo "<TD class=\"header\">" . parse_file_size($tot_file_size) . "</TD>\n"; echo "<TD class=\"header\" colspan=4></TD>"; echo "</TR>\n<TR><TD colspan=\"7\"><HR></TD></TR></FORM></TABLE>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- // Uncheck all items (to avoid problems with new items) var ml = document.selform; var len = ml.elements.length; for(var i=0; i<len; ++i) { var e = ml.elements[i]; if(e.name == "selitems[]" && e.checked == true) { e.checked=false; } } // --> </script><?php }
function show_admin($dir) { $admin = permissions_grant(NULL, NULL, "admin"); if (!login_ok()) { show_error($GLOBALS["error_msg"]["miscnofunc"]); } if (!$admin && !permissions_grant(NULL, NULL, "password")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (isset($GLOBALS['__GET']["action2"])) { $action2 = $GLOBALS['__GET']["action2"]; } elseif (isset($GLOBALS['__POST']["action2"])) { $action2 = $GLOBALS['__POST']["action2"]; } else { $action2 = ""; } switch ($action2) { case "chpwd": changepwd($dir); break; case "adduser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } adduser($dir); break; case "edituser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } edituser($dir); break; case "rmuser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } removeuser($dir); break; default: admin($admin, $dir); } }
<?php $login = strtoupper(trim(strip_tags($_SERVER["PHP_AUTH_USER"]))); $password = $_SERVER["PHP_AUTH_PW"]; if (!login_ok($login, $password)) { header("HTTP/1.0 401 Unauthorized"); header("WWW-Authenticate: Basic realm=\"Мой сайт\""); include "access-deny.php"; exit; } // Функция проверки пользователя function login_ok($login, $password) { // ROOT: 888 // Pupkin: Vasya // Морковкин: MeGaPa$$w0rd $users = array("ROOT" => "0a113ef6b61820daa5611c870ed8d5ee", "PUPKIN" => "96932f68a34ac08a6c92ed8db20d2ee3", "MORKOVKIN" => "bfb5a5275a34cf74cdfebdea0cf9c421"); if (array_key_exists($login, $users)) { if ($users[$login] == md5($password)) { return true; } } return false; }