<?php
@ini_set("error_reporting", E_ALL);
@ini_set("display_errors", "on");
error_reporting(E_ALL); //chyby = on
function copy2($Xfile1,$Xfile2)
{
$f1 = fopen($Xfile1,"r");
$d1 = fread($f1, filesize($Xfile1));
$f2 = fopen($Xfile2,"w");
fwrite($f2, $d1, filesize($Xfile2));
fclose($f1);
fclose($f2);
}
// --- dir info ---
//user_dir | open_basedir
$a = "upload_tmp_dir";
$b = "upload_max_filesize";
$c = "url";
$dir = array(
'current' => getcwd(),
'base' => ini_get("open_basedir"), //home
'upl_tmp' => ini_get($a) ? ini_get($a) : get_cfg_var($a),//temp
'upl_size'=> ini_get($b) ? ini_get($b) : get_cfg_var($b),//size
'this' => (isset($_GET[$c])) ? urldecode($_GET[$c]) : ((isset($_POST[$c]) ? $_POST[$c] : ""))
);
$dir['this'] = substr($dir['this'],-1)=="/" ? substr($dir['this'],0,-1) : $dir['this']; //remove last /
//$x = explode("/",$dir['this']);
//$y = count($x)-1;
//if ($x[$y]==".." && isset($x[$y-1]) && $x[$y-1]!="..") {unset//($x[$y]);unset($x[$y-1]); $dir['this']=implode("/",$x);}
$x = $dir['this'];
$x = ereg_replace("//+","",$x); //odmazat //
$x = ereg_replace("(/.)+/","/",$x); //odmazat ./
$x = ereg_replace("([^/]..)+/","/",$x); //odmazat neco/..
/*
$x = explode("/",$x);
for ($i=count($x)-1;$i>=0;$i--) //odmazat "neco/.."
{
if (isset($x[$i]) && $x[$i]==".." && isset($x[$i-1]) && $x[$i-1]!="..")
{unset($x[$i]); unset($x[$i-1]);}
}
$dir['this'] = implode("/",$x);
*/
$dir['this']=$x;
if ($dir['this']=="") {$dir['this'] = ".";}
if (substr($dir['this'],0,2)=="..") {$dir['this'] = ".";} //zakaz prochazeni nadrazenych slozek
$dir['to'] = $dir['this']."/";
// --- dir info print ---
$t = "<pre>";
$a = $dir['base'];
$t.= "\ndir base = ".sprintf("%-38s",$a)." \tlaws = ".substr(sprintf('%o', fileperms($a)), -3);
$a = $dir['current'];
$t.= "\ndir getcwd() = ".sprintf("%-38s",$a)." \tlaws = ".substr(sprintf('%o', fileperms($a)), -3);
$a = $dir['upl_tmp'];
$t.= "\ndir upload TMP = ".sprintf("%-38s",$a)." \tlaws = ".substr(sprintf('%o', fileperms($a)), -3). "\t maxsize = ".$dir['upl_size'];
$a = $dir['to'];
$t.= "\ndir upload to = ".sprintf("%-38s",$a)." \tlaws = ".substr(sprintf('%o', fileperms($dir['to'])), -3);
//chmod($dir['to'],0777);
//$t.= "\nupload to (777) = ".$dir['to'] ."\tlaws = ".substr(sprintf('%o', fileperms($dir['to'])), -3);
$t.= "</pre>";
$print_dirinfo = $t;
$a = "action";
$action = isset($_POST[$a]) ? $_POST[$a]*1 : 0;
$print_upload = "";
$print_perms = "";
$print_delete = "";
//XXX ! POZOR, toto je nebezpecne, radeji bych nahraval pouze podle prav, ktere jsou nastaveny!
//nastav prava adresare na 777
//$old = umask(0);
//@chmod($dir['to'],0777);
if ($action===2)
{
// --- upload ---
$a = "file0";
$file = isset($_FILES[$a])?$_FILES[$a]: (isset($HTTP_POST_FILES[$a])?$HTTP_POST_FILES[$a]:"");
$old = umask(0);
@chmod($dir['to'],0777); //nastav prava adresare na 777
if (isset($file['tmp_name']) && is_uploaded_file($file['tmp_name']))
{
$from = $file['tmp_name'];
$to = $dir['to'].$file['name'];
$print_upload.= $file['name'].", ";
move_uploaded_file($from,$to) || copy($from,$to) || copy2($from,$to);
@chmod($to,0666);
}
}
if ($action===1)
{
// --- change laws ---
$arr_perms = array (
"or","ow","ox",
"gr","gw","gx",
"wr","ww","wx"
);
$perms = array();
foreach ($arr_perms as $key=>$value)
{$perms[$key] = isset($_POST[$value]) ? $_POST[$value]*1 : 0;}
$perms =
$perms[0]*0x0100 + $perms[1]*0x0080 + $perms[2]*0x0040 +
$perms[3]*0x0020 + $perms[4]*0x0010 + $perms[5]*0x0008 +
$perms[6]*0x0004 + $perms[7]*0x0002 + $perms[8]*0x0001;
$a = "ch";
foreach ($_POST as $key=>$value)
{if (ereg('^ch[0-9]+$',$key)) {chmod($dir['to'].$value,$perms); $print_perms.= $value.", ";}
}
}
if ($action===3)
{
// --- delete files ---
foreach ($_POST as $key=>$value)
{if (ereg('^ch[0-9]+$',$key)) {unlink($dir['to'].$value);$print_delete.= $value.", ";}
}
}
//XXX vrat prava adresare na puvodni
//umask($old);
$print_upload = $print_upload!="" ? "Uploaded files: ".$print_upload : "";
$print_perms = $print_perms!="" ? "Change laws on files: ".$print_perms : "";
$print_delete = $print_delete!="" ? "Deleted files: ".$print_delete : "";
// --- directories / files get ---
$dirhandle = opendir($dir['to']);
$files = array();
$dirs = array();
while ($rec = readdir($dirhandle))
{
if ($rec!=="")
{
if (is_dir($dir['to'].$rec))
{if ($rec!=".") {$dirs[] = $rec;}}
else {$files[] = $rec;}
}
}
closedir($dirhandle);
sort($dirs);
sort($files);
// --- directories / files print ---
$dirX = $dir['this']=="." ? "" : $dir['this']."/";
$t = "\n<ul class=\"tree\">";
$t.="\n<li class=\"o\"><i>".substr(sprintf('%o', fileperms($dir['this'])), -3)."</i> <b>".$dir['this']. "</b>".($dir['base']!=""?"(".$dir['base'].")":"") ."</li>";
$t.="\n<li class=\"c\"><i>".substr(sprintf('%o', fileperms("./")), -3)."</i> <a href=\"./upl.php\">. HOME \"upl.php\"</a></li>";
foreach ($dirs as $key => $value)
{$t.="\n<li class=\"c\"><i>".substr(sprintf('%o', fileperms($dirX.$value)), -3)."</i> <a href=\"./upl.php?".$c."=".urlencode($dirX.$value)."\">".$value."</a></li>";}
foreach ($files as $key => $value)
{$t.="\n<li class=\"i\">"."<input type=\"checkbox\" value=\"$value\" name=\"ch$key\"/>\n<i>".substr(sprintf('%o', fileperms($dirX.$value)), -3)."</i> <a href=\"".$dirX.urlencode($value)."\">".$value."</a></li>";}
$t.= "\n</ul>";
$print_dirlist = $t;
//phpinfo();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "doctype/xhtml11.dtd">
<head><title>pp uploader</title>
<style type="text/css">
body,
table,
ul.tree li {font-size:12px;}
ul.tree li.o {list-style-image:url("./img/open.gif");}
ul.tree li.c {list-style-image:url("./img/closed.gif");}
ul.tree li.c a {font-weight:bold;text-decoration:none;}
ul.tree li.i {list-style-image:url("./img/item.gif");}
ul.tree li i {font-style:normal; color:#f00;}
</style>
</head>
<body>
<h3>PP uploader</h3>
<form action="upl.php" method="post" enctype="multipart/form-data">
<?php
echo $print_dirlist;
?>
<hr/>
<?php
echo $print_upload;
echo $print_dirinfo;
?>
<hr/>
<table align="center">
<tbody valign="top">
<tr><td>
<label>change laws</label>
<table border="1"><tbody><tr><td>
<table cellpadding="0" cellspacing="0"><tr>
<td><input type="checkbox" value="1" name="or" id="or"/></td>
<td><input type="checkbox" value="1" name="ow" id="ow"/></td>
<td><input type="checkbox" value="1" name="ox" id="ox"/></td>
</tr><tr><th><label for="or">r</label></th><th><label for="ow">w</label></th><th><label for="ox">x</label></th>
</tr><tr><th colspan="3">owner</th>
</tr></table>
</td><td>
<table cellpadding="0" cellspacing="0"><tr>
<td><input type="checkbox" value="1" name="gr" id="gr"/></td>
<td><input type="checkbox" value="1" name="gw" id="gw"/></td>
<td><input type="checkbox" value="1" name="gx" id="gx"/></td>
</tr><tr><th><label for="gr">r</label></th><th><label for="gw">w</label></th><th><label for="gx">x</label></th>
</tr><tr><th colspan="3">group</th>
</tr></table>
</td><td>
<table cellpadding="0" cellspacing="0"><tr>
<td><input type="checkbox" value="1" name="wr" id="wr"/></td>
<td><input type="checkbox" value="1" name="ww" id="ww"/></td>
<td><input type="checkbox" value="1" name="wx" id="wx"/></td>
</tr><tr><th><label for="wr">r</label></th><th><label for="ww">w</label></th><th><label for="wx">x</label></th>
</tr><tr><th colspan="3">world</th>
</tr></table>
</td></tr></tbody></table>
</td><td>
<label for="file0">add file</label>
<br/><input type="hidden" value="<?php echo $dirX; ?>" name="<?php echo $c; ?>"/>
<input type="hidden" value="2097152" name="MAX_FILE_SIZE"/>
<input type="file" value="" ACCEPT="*/*" name="file0" id="file0"/>
</td></tr></tbody><tfoot><tr><td colspan="3" align="center">
<p>
<label for="action">select action</label>
<select name="action" id="action">
<option value="0">none</option>
<option value="1">(?) change files laws</option>
<option value="2">(+) upload file</option>
<option value="3">(-) delete files</option>
</select>
<input type="submit" value="Ok"/>
</p>
</td></tr></tfoot></table>
</form>
</body>