update_history(); //set root directory $basedir = "../uploads"; if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1) { $subf = $_GET['path']; $path = $basedir . $subf; } else { $subf = '/'; $path = $basedir; } $squashweb->set_root($basedir); if (@$_GET['f'] || @$_GET['d'] || @$_GET['show_all']==true || @$_GET['tools']=='hide' || @$_GET['tools']=='unhide' || @$_GET['tools']=='delete') { $getdeepfiles=true; $populate=false; } else { $getdeepfiles=false; $populate=true; } //update folder rights if form is posted if (@$_POST['edited_user'] > 0 && @$_POST['formtype'] == 'folderrights') $squashweb->update_rights($_POST['edited_user'], $_POST['m'], $_SESSION['creds']['user_level']); //set folder rights if (@$_GET['f']) { $squashweb->give_rights(2); } else { $squashweb->give_rights($_SESSION['creds']['user_id']); } if (@$_GET['f']) { $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($_GET['f'])."'"; $f_r = mysql_query($f_q); $f_o = mysql_fetch_object($f_r); //log downloads @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($_GET['f'])."','".mysql_escape_string($f_o->file)."','download','".mysql_escape_string($_SESSION['creds']['user_id'])."','".mysql_escape_string($_SESSION['creds']['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())"); $_hpath_arr=explode("/", $f_o->file); $file=array_pop($_hpath_arr); //Remove filename $path=implode("/", $_hpath_arr); $squashweb->read_single_file($path, $file); #$squashweb->read_directory($path, false, true, false, false); } else { //parse folders for readable files $squashweb->read_directory($path, true, true, $getdeepfiles, $populate); } //check if a file is requested if (@$_GET['f']) { //get the config of requested file $request = $squashweb->get_config($_GET['f']); //show requested file #header('Cache-control: private'); header('Content-Disposition: attachment; filename="'.$request[2].'"'); header("Content-Type: ".$request['mime']); if ($request[3]) header('Content-Length: '.$request[3]); #@ob_flush(); @flush(); $squashweb->print_files($request['path'], $request[2]); } elseif (@$_GET['tools']=="hide" && @$_GET['h']) { if ($_SESSION['creds']['user_level'] > 99) { $request = $squashweb->get_config($_GET['h']); $handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x'); fwrite($handle, 'hidden by '.$_SESSION['creds']['user_name']); fclose($handle); $path=substr($request['path'], strlen($basedir)); header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ; } } elseif (@$_GET['tools']=="unhide" && isset($_GET['h'])) { if ($_SESSION['creds']['user_level'] > 99) { $request = $squashweb->get_config($_GET['h']); @unlink($request['path'].'/'.$request[2].'.hidden'); $path=substr($request['path'], strlen($basedir)); header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ; } } elseif (@$_GET['tools']=="delete" && isset($_GET['h'])) { if ($_SESSION['creds']['user_level'] > 99) { if ($_GET['h'] == "multiple") { $h_post = $_POST['h']; foreach ($h_post as $h_key => $h) { $request = $squashweb->get_config($h); $squashweb->delete_file($h, $_SESSION['creds']); } } else { $h = $_GET['h']; $request = $squashweb->get_config($h); $squashweb->delete_file($h, $_SESSION['creds']); } $path=substr($request['path'], strlen($basedir)); header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path); } } elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) { require_once(SQUASHER_SMARTY); $smarty = new Smarty; $smarty->assign('user_level', $_SESSION['creds']['user_level']); $smarty->assign('user_name', $_SESSION['creds']['user_name']); $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level'])); $smarty->assign('edited_user', @$_GET['user']); $tree = $squashweb->show_rights_tree($path, 0, @$_GET['user']); $smarty->assign('style', $tree['style']); $smarty->assign('layout', $tree['layout']); $smarty->assign('debug', @$_GET['debug']); $smarty->assign('folderrights', $squashweb->folderrights()); $smarty->assign('userrights', $squashweb->userrights()); $smarty->display('admin.tpl'); } elseif (@$_GET['tools']=='users' && $_SESSION['creds']['user_level'] > 100) { $type = @$_POST['type']; if ($type=="update") $squashweb->update_users($_POST['u']); if ($type=="disable") $squashweb->disable_users($_POST['u']); if ($type=="delete") $squashweb->remove_users($_POST['u']); if ($type=="new") $squashweb->insert_users($_POST['u'], $_SESSION['creds']['user_level']); require_once(SQUASHER_SMARTY); $smarty = new Smarty; $smarty->assign('user_level', $_SESSION['creds']['user_level']); $smarty->assign('user_name', $_SESSION['creds']['user_name']); $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level'])); if ($_SESSION['creds']['user_level'] > 199) { $smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) ); } else { $smarty->assign('user_levels', array(55 => 'user' ) ); } $smarty->assign('debug', @$_GET['debug']); $smarty->display('udmin.tpl'); } elseif (@$_GET['tools']=='logs' && $_SESSION['creds']['user_level'] > 100) { $logtype=@$_GET['logtype']; if (!$logtype) $logtype = 'all'; require_once(SQUASHER_SMARTY); $smarty = new Smarty; $smarty->assign('user_level', $_SESSION['creds']['user_level']); $smarty->assign('user_name', $_SESSION['creds']['user_name']); $smarty->assign('logtype', $logtype); $smarty->assign('logs', $squashweb->get_logs($logtype)); $smarty->assign('debug', @$_GET['debug']); $smarty->display('logs.tpl'); } else { //show overview require_once(SQUASHER_SMARTY); $smarty = new Smarty; /*** * $config:: array * [0] -> versioncode * [1] -> date&time * [2] -> filename * [3] -> filesize * [4] -> chunksize * [5] -> chunkcount * [6] -> CRC32 checksum ***/ $configs_num = $squashweb->get_configs(); $configs_sorted = named_records_sort($configs_num, 'lastchange', true); $configs = array(); $paths = array(); foreach ($configs_sorted as $key => $value) { $configs[$key]['squashed'] = $value['squashed']; $configs[$key]['version'] = $value[0]; //$configs[$key]['date'] = $value[1]; //removed because user local creation date is irrelevant $configs[$key]['name'] = $value[2]; $configs[$key]['size'] = $value[3]; $configs[$key]['chunk_size'] = $value[4]; $configs[$key]['chunks'] = $value[5]; $configs[$key]['crc'] = $value[6]; $paths[substr($value['path'], strlen($basedir))]=array_pop(explode('/',$value['path'])); (strpos($value['mime'],'ideo')) ? $embedable=true : $embedable=false; (@array_sum($value['stats']) == $value[5]) ? $finished=true : $finished=false; $configs[$key]['embedable'] = $embedable; $configs[$key]['finished'] = $finished; $configs[$key]['mime'] = $value['mime']; $configs[$key]['status'] = $value['status']; $configs[$key]['hidden'] = $value['hidden']; $configs[$key]['chunks_finished'] = @array_sum($value['stats']); if ($finished) { $configs[$key]['chunks_partial'] = $configs[$key]['chunks_finished']; } else { $continue = true; foreach($value['stats'] as $sk => $sv) { if ($continue) { $configs[$key]['chunks_partial'] = $configs[$key]['chunks_partial']+$sv; if ($sv != '1.00') $continue=false; } } } $configs[$key]['date'] = date('d.m.y - H:i:s - T', $value['added']); $configs[$key]['lastchange'] = date('d.m.y - H:i:s - T', $value['lastchange']); } //set base folders $basepath['/'] = ' top '; $bpath = ''; foreach (explode('/', $subf) as $key => $value) { if ($value != '') { $bpath .= '/'.$value; $basepath[$bpath] = $value; } } $smarty->assign('debug', @$_GET['debug']); $smarty->assign('user_level', $_SESSION['creds']['user_level']); $smarty->assign('user_name', $_SESSION['creds']['user_name']); $smarty->assign('folderrights', $squashweb->folderrights()); $smarty->assign('squashed', $configs); $smarty->assign('paths', $paths); $smarty->assign('base', $basepath); $smarty->assign('currentfolder', $subf); $subs = $squashweb->subfolders(); if ($subs) asort($subs); $smarty->assign('subfolders', $subs); //if(@$_GET[debug]) print_r($configs); $smarty->display('index.tpl'); //Display normal template } // vim: syntax=php ts=4 sw=4 sts=4 sr noet ?>