function change_folder($dir, $show_root, $enable_folder_browsing, $exclude_directories) { if ($enable_folder_browsing != 'true') { echo 'This action is not enabled!'; exit(0); } $index = parseInputParameter($_GET['index']); if ($index == 0 && $show_root) { // we go up! $dir = substr($_SESSION["TFU_DIR"], 0, strrpos($_SESSION["TFU_DIR"], "/")); } else { // we go deeper if ($show_root) { $index--; } $dirhandle = opendir($dir); $myDirs = array(); while (false !== ($filed = readdir($dirhandle))) { if ($filed != "." && $filed != ".." && !in_array($filed, $exclude_directories)) { if (is_dir($dir . '/' . $filed)) { array_push($myDirs, $filed); } } } usort($myDirs, "mycmp"); $dir = $dir . "/" . $myDirs[$index]; } $_SESSION["TFU_DIR"] = $dir; return $dir; }
define('_VALID_TWG', '42'); if (isset($_GET['TFUSESSID'])) { // this is a workaround if you set php_flag session.use_trans_sid=off + a workaround for some servers that don't handle sessions correctly if you open 2 instances of TFU session_id($_GET['TFUSESSID']); } session_start(); $install_path = ''; // do not change! include 'tfu_helper.php'; restore_temp_session(); // this restores a lost session if your server handles sessions wrong! include 'tfu_config.php'; if (isset($_SESSION['TFU_LOGIN']) && isset($_SESSION['TFU_RN']) && isset($_GET['tfu_rn']) && $_SESSION['TFU_RN'] == parseInputParameter($_GET['tfu_rn'])) { $dir = getCurrentDir(); // if you have more complex filenames you can use the index $action = parseInputParameter($_GET['action']); // The extra functionality for twg is on an exern class to make updating much easier if (file_exists('twg_plugin.php')) { include_once 'twg_plugin.php'; reset_twg_cache($action); } // end plugin if (isset($_GET['index']) && $action != 'dir') { // file functions! if (isset($_GET['copyfolder']) && $_GET['copyfolder'] == "true") { $file = ""; // not needed for this task } else { $file = getFileName($dir); // returns an array if more than one is selected! }
function change_folder($dir, $show_root, $enable_folder_browsing, $exclude_directories, $sort_directores_by_date) { global $hide_hidden_files; if ($enable_folder_browsing != 'true') { echo 'This action is not enabled!'; exit(0); } $index = parseInputParameter($_GET['index']); if ($index == 0 && $show_root) { // we go up! $dir = substr($_SESSION["TFU_DIR"], 0, strrpos($_SESSION["TFU_DIR"], "/")); } else { // we go deeper if ($show_root) { $index--; } $dirhandle = opendir($dir); $myDirs = array(); while (false !== ($filed = readdir($dirhandle))) { if ($filed != "." && $filed != ".." && !in_array($filed, $exclude_directories) && !($hide_hidden_files && strpos($filed, '.') === 0)) { if (is_dir($dir . '/' . $filed)) { if ($sort_directores_by_date) { $fdate = filemtime($dir . '/' . $filed); $filed = $fdate . $filed; } array_push($myDirs, $filed); } } } if ($sort_directores_by_date) { usort($myDirs, "cmp_date_dec"); $i = 0; foreach ($myDirs as $fieldName) { $myDirs[$i++] = substr($fieldName, 10); } } else { usort($myDirs, "cmp_dir_dec"); } $dir = $dir . "/" . $myDirs[$index]; } $_SESSION["TFU_DIR"] = $dir; return $dir; }
/* PLEASE ADD OWN CODE AFTER THIS POINT. Otherwise the session is maybe not started proplery! */ /** * This is some debug information - please uncomment this if I ask for it in a debug session ;). * debug("session id : " . session_id()); * debug("session TFU: " . $_GET['TFUSESSID']); * debug("login: "******"TFU_LOGIN"]); * debug("dir: " . $_SESSION["TFU_DIR"]); */ // we check if a valid authenification was done in tfu_config.php if (isset($_SESSION['TFU_LOGIN']) && isset($_GET['remaining']) && isset($_GET['tfu_rn']) && isset($_SESSION['TFU_RN']) && $_SESSION['TFU_RN'] == parseInputParameter($_GET['tfu_rn'])) { $dir = getCurrentDir(); $size = isset($_GET['size']) ? parseInputParameter($_GET['size']) : 100000; $remaining = parseInputParameter($_GET['remaining']) - 1; if ($remaining < 0) { // not valid! we expect at least 1 return; } if (!isset($_SESSION['TFU_LAST_UPLOADS']) || isset($_GET['firstStart'])) { // we delete the info of the last upload items! unset($_SESSION['TFU_LAST_UPLOADS']); $_SESSION['TFU_LAST_UPLOADS'] = array(); } $_SESSION['TFU_UPLOAD_REMAINING'] = $_GET['remaining']; foreach ($_FILES as $fieldName => $file) { // we check the uploaded files first because we don't know if it's the flash or any other script! check_valid_extension($file['name']); $store = 1; if (is_supported_tfu_image($file['name']) && $size < 100000) {
* if ( isset($_POST["twg_user"]) && isset($_POST["twg_pass"])){ * Afterwards something like: * if ( isset($_POST["twg_user"]) && isset($_POST["twg_pass"]) && isset($_SESSION['<your variable>'])){ * You can of course do more than simply checking if the variable exists. You can e.g. get this variable and * check in your db is it is o.k. It's up to you and your existing system how you solve it! * Only be aware that you have to do something! * ---------------------------- */ /** * Start parameters - don't remove the parameters part - * The paramters are needed even if you implement your own * authentification It makes sure that the flash is the client */ $user = parseInputParameter($_POST['twg_user']); $pass = parseInputParameter($_POST['twg_pass']); $rn = parseInputParameter($_POST['twg_rn']); $rn = substr(session_id(), 0, 5) . $rn . session_id(); include $install_path . "tfu_config.php"; /** * end parameters - now you can implement your own authentification and autorisation */ /** * AUTHENTIFICATION * * This part is interesting if you want to use the login! */ /** * TFU has a very simply user managment included - * add users/folders/paths at .htusers.php. * The password is encrypted - please use the password generator that is included. * Read the "Important" part on top!