X-Git-Url: https://git.nirgal.com/?p=squasher.git;a=blobdiff_plain;f=squasher.class.php;h=6648595d37e0e4ff4859f71ab05b69373a8c6e1d;hp=c831fea68e140a77a0ea754419e7a3cc75803854;hb=beab39bd5b14a6607f64e382cea4936d9750cf90;hpb=0734b6f963e78531463fd66c7b9890fac36821d5 diff --git a/squasher.class.php b/squasher.class.php index c831fea..6648595 100644 --- a/squasher.class.php +++ b/squasher.class.php @@ -46,13 +46,12 @@ function validate_user($username, $password, $salt) { class squashweb { var $basepath; -var $configs; -var $stats; -var $files; -var $subfolders; +var $configs = array(); +var $files = array(); +var $subfolders = array(); var $folderrights; var $userrights; -var $history; +var $history = array(); function set_root($root) { $this->basepath = $root; @@ -89,20 +88,6 @@ function update_history() { } } -function got_rights_checkbox($needle) { - $result = $this->got_rights_array($needle,'',0,'userrights'); - switch($result) { - case 0: - $return = ''; - break; - case 1: - case 2: - $return = 'checked'; - break; - } - return $return; -} - function get_users($user_level) { $q = "SELECT * FROM users WHERE user_level < '".$user_level."' order by user_name asc"; $r = mysql_query($q); @@ -146,6 +131,7 @@ function get_logs($type='all') { $order=" order by log.log_id desc "; $r = mysql_query($q.$today.$order); + $return = array(); while($a = mysql_fetch_array($r)) { $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{".$a['ip']."}' group by users.user_name"; $ru = mysql_query($qu); @@ -185,34 +171,45 @@ function get_logs($type='all') { return $return; } -function insert_users($submitted, $admin_level) { - $q = "INSERT INTO users (user_name,user_pass,user_level) values ('".$submitted['u']['user_name']."','".md5($submitted['u']['user_pass'])."','".$submitted['u']['user_level']."')"; +function insert_users($u, $admin_level) { + $q = "INSERT INTO users (user_name,user_pass,user_level) VALUES ('".$u['user_name']."','".md5($u['user_pass'])."','".$u['user_level']."')"; $r = mysql_query($q); } -function update_users($submitted) { - $q = "UPDATE users SET user_name = '".$submitted['u']['user_name']."', user_pass = '".md5($submitted['u']['user_pass'])."', user_level = '".$submitted['u']['user_level']."' WHERE user_id = '".$submitted['u']['user_id']."'"; - $r = mysql_query($q); +function update_users($u) { + if (@$u['user_name']) { + $q = "UPDATE users SET user_name = '".$u['user_name']."' WHERE user_id = '".$u['user_id']."'"; + $r = mysql_query($q); + } + if (@$u['user_pass']) { + $q = "UPDATE users SET user_pass = '".md5($u['user_pass'])."' WHERE user_id = '".$u['user_id']."'"; + $r = mysql_query($q); + } + if (@$u['user_level']) { + $q = "UPDATE users SET user_level = '".$u['user_level']."' WHERE user_id = '".$u['user_id']."'"; + $r = mysql_query($q); + } } -function disable_users($submitted) { - $q = "UPDATE users SET user_name = '".$submitted['u']['user_name']."', user_pass = '', user_level = '".$submitted['u']['user_level']."' WHERE user_id = '".$submitted['u']['user_id']."'"; +function disable_users($u) { + $q = "UPDATE users SET user_name = '".$u['user_name']."', user_pass = '', user_level = '".$u['user_level']."' WHERE user_id = '".$u['user_id']."'"; $r = mysql_query($q); } -function remove_users($submitted) { - $q = "DELETE FROM users WHERE user_id = '".$submitted['u']['user_id']."'"; +function remove_users($u) { + $q = "DELETE FROM users WHERE user_id = '".$u['user_id']."'"; $r = mysql_query($q); } -function give_rights($user_id, $type='folderrights') { +function get_rights($user_id) { + $result = array(); $q = "SELECT folder_path, access FROM user_rights WHERE user_id = '".$user_id."'"; $r = mysql_query($q); while ($o = mysql_fetch_object($r)) { //clean vars - $arr_string = '$this->'.$type; + $arr_string = '$result'; //get foldernames from path if ($o->folder_path != '/') { @@ -228,43 +225,32 @@ function give_rights($user_id, $type='folderrights') { } $arr_string .= "['__access__']"; - //choose access icon - // access = # --deny-all - // access = * --allow-dir-only - // access = @ --allow-inc-subs -/* switch($o->access) { - case 0 : - $icon = '#'; - break; - case 1 : - $icon = '*'; - break; - case 2 : - $icon = '@'; - break; - }*/ - //echo $arr_string." = '".$icon."'\n"; - //echo $arr_string." = '".$o->access."';"; eval($arr_string." = '".$o->access."';"); } + return $result; +} - return $this->folderrights; +function give_rights($user_id, $type='folderrights') { + if ($type=='folderrights') + $this->folderrights = $this->get_rights($user_id); + else // $type=='userrights' + $this->userrights = $this->get_rights($user_id); } -function update_rights($submitted, $admin_level) { - $q = "SELECT count(*) result FROM users WHERE user_id = '".$submitted['edited_user']."' AND user_level < '".$admin_level."'"; +function update_rights($edited_user, $m, $admin_level) { + $q = "SELECT count(*) result FROM users WHERE user_id = '".$edited_user."' AND user_level < '".$admin_level."'"; $r = mysql_query($q); $o = mysql_fetch_object($r); if ($o->result) { - foreach ($submitted['m'] AS $path => $access) { - $p_q = "SELECT count(*) result FROM user_rights WHERE user_id = '".$submitted['edited_user']."' AND folder_path = '".$path."'"; + foreach ($m AS $path => $access) { + $p_q = "SELECT count(*) result FROM user_rights WHERE user_id = '".$edited_user."' AND folder_path = '".$path."'"; $p_r = mysql_query($p_q); $p_o = mysql_fetch_object($p_r); if ($p_o->result == 1) - mysql_query("UPDATE user_rights SET access = ".$access." WHERE folder_path = '".$path."' AND user_id = '".$submitted['edited_user']."'"); + mysql_query("UPDATE user_rights SET access = ".$access." WHERE folder_path = '".$path."' AND user_id = '".$edited_user."'"); if ($p_o->result == 0) - mysql_query("INSERT INTO user_rights (user_id,folder_path,access) values ('".$submitted['edited_user']."','".$path."','".$access."') "); + mysql_query("INSERT INTO user_rights (user_id,folder_path,access) values ('".$edited_user."','".$path."','".$access."') "); } } } @@ -277,22 +263,23 @@ function show_rights_tree($path, $depth=0, $userid=0) { if ($depth==0) $this->give_rights($userid, 'userrights'); - // access = # | 0 --deny-all - // access = * | 1 --allow-dir-only - // access = @ | 2 --allow-inc-subs + // access = 0 --deny-all + // access = 1 --allow-dir-only + // access = 2 --allow-inc-subs - for ($i=0;$depth > $i; $i++) + $layout = ''; + $style = ''; + + for ($i=0; $i<$depth; $i++) $layout .= " "; if ($dir = opendir($path)) { $layout .= "
\n"; - $f=0; + $f = 0; while (false !== ($file = readdir($dir))) { - $files_array[]=$file; + $files_array[] = $file; } asort($files_array); foreach ($files_array as $f_index => $file) { -// while (false !== ($file = readdir($dir))) -// { if (($file{0} !== ".") && ($file !== "..")) { $filename = $path."/".$file; @@ -300,8 +287,7 @@ function show_rights_tree($path, $depth=0, $userid=0) { $f++; if (substr($filename,0,strlen($this->basepath))==$this->basepath) $name = substr($filename,strlen($this->basepath)); - //$check = $this->got_rights_checkbox($filename); - $check = $this->got_rights_array_admin($filename, '', 0, 'userrights'); + $check = $this->got_rights_array_admin($filename, $this->userrights); $check_all = ''; $check_allow = ''; $check_deny = ''; @@ -344,48 +330,35 @@ function show_rights_tree($path, $depth=0, $userid=0) { return $return; } -function got_rights_path($needle, $haystack) { - if (!is_array($haystack)) - $haystack = $this->folderrights; - foreach($haystack as $v) { - if (!is_array($v)) { - if ($needle == $v) - return true; - } else { - if (is_in_array($needle, $v, $case_sensitive) === true) - return true; - } - } - return false; -} +function got_rights_array($needle, $haystack='', $c=0) { + // used by: + // - read_single_file + // - read_directory + // - show_rights_tree -function got_rights_array($needle, $haystack='', $c=0, $type='folderrights') { if (!is_array($haystack)) - eval('$haystack = $this->'.$type.';'); + $haystack = $this->folderrights; if (substr($needle, 0, strlen($this->basepath)) == $this->basepath) $needle=substr($needle,strlen($this->basepath)); - //if ($needle{0}=='.') - // $needle=substr($needle, strlen($this->basepath)); - - //check root rights - if ($needle{0}=='/' && $haystack['__access__'] == 2 ) + // check root rights + if ($needle{0} == '/' && @$haystack['__access__'] == 2 ) return 2; - //check folder tights + // remove leading / if ($needle{0}=='/') - $needle=substr($needle,1); + $needle = substr($needle, 1); - $needle_arr = explode('/',$needle); + $needle_arr = explode('/', $needle); $n = count($needle_arr); - $d = $c+1; + $d = $c + 1; foreach ($haystack as $k => $v) { if ($needle_arr[$c] == $k) { - if (!is_array($v['__access__'])) { - if (($v['__access__'] == '@' || $v['__access__'] == 2) ) return 2; - if (($v['__access__'] == '*' || $v['__access__'] == 1) && $d == $n ) return 1; - if (($v['__access__'] == '#' || $v['__access__'] == 0) && $d == $n ) return 0; + if (!is_array(@$v['__access__'])) { + if ($v['__access__'] == 2 ) return 2; + if ($v['__access__'] == 1 && $d == $n ) return 1; + if ($v['__access__'] == 0 && $d == $n ) return 0; } else { $return = $this->got_rights_array($needle, $v, $d); } @@ -394,67 +367,65 @@ function got_rights_array($needle, $haystack='', $c=0, $type='folderrights') { return $return; } -function got_rights_array_admin($needle, $haystack='', $c=0, $type='folderrights') { +function got_rights_array_admin($needle, $haystack='', $c=0) { + // used by: + // - show_rights_tree if (!is_array($haystack)) - eval('$haystack = $this->'.$type.';'); + $haystack = $this->folderrights; if (substr($needle, 0, strlen($this->basepath)) == $this->basepath) $needle = substr($needle, strlen($this->basepath)); - //if ($needle{0}=='.') - // $needle=substr($needle,strlen($this->basepath)); - - //check root rights - if ($needle{0}=='/' && $haystack['__access__'] == 2 ) + // check root rights + if ($needle{0} == '/' && @$haystack['__access__'] == 2 ) return 2; - //check folder rights - if ($needle{0}=='/') - $needle=substr($needle, 1); + // remove leading / + if ($needle{0} == '/') + $needle = substr($needle, 1); - $needle_arr = explode('/',$needle); + $needle_arr = explode('/', $needle); $n = count($needle_arr); - $d = $c+1; + $d = $c + 1; $return = 0; if ($c < $n) { - if ($haystack['__access__'] == 2) + if (@$haystack['__access__'] == 2) return $haystack['__access__']; if (is_array($haystack[$needle_arr[$c]])) $return = $this->got_rights_array_admin($needle, $haystack[$needle_arr[$c]], $d); } else { - if ($haystack['__access__'] > 0) + if (@$haystack['__access__'] > 0) $return = $haystack['__access__']; } return $return; } -function got_rights_array_recursive($needle, $haystack='', $c=0, $type='folderrights') { +function got_rights_array_recursive($needle, $haystack='', $c=0) { + // used by: + // - read_directory, for subfolders if (!is_array($haystack)) - eval('$haystack = $this->'.$type.';'); + $haystack = $this->folderrights; if (substr($needle, 0, strlen($this->basepath)) == $this->basepath) $needle=substr($needle, strlen($this->basepath)); - //if($needle{0}=='.') - // $needle=substr($needle,strlen($this->basepath)); - - //check root rights - if($needle{0}=='/' && $haystack['__access__'] == 2 ) + // check root rights + if($needle{0}=='/' && @$haystack['__access__'] == 2 ) return 2; - //check folder rights + // check folder rights if($needle{0}=='/') $needle=substr($needle,1); $needle_arr = explode('/', $needle); $n = count($needle_arr); - $d = $c+1; + $d = $c + 1; $return = 0; foreach($haystack as $k => $v) { - if ($needle_arr[$c] == $k) { + if ($c < sizeof($needle_arr) && $needle_arr[$c] == $k) { if ($c < $n) { if ($v['__access__'] == 2) $return = $return + $v['__access__']; @@ -552,14 +523,15 @@ function read_directory($path, $getsubs=false, $getfirstfiles=true, $getdeepfile while (false !== ($file = readdir($dir))) { if (($file{0} !== ".") && substr($file,0,1) !== "SQ") { $filename = $path."/".$file; - if (!is_file($filename) && !strpos($filename, './uploads/recieving')) { + if (!is_file($filename) && strpos($filename, './uploads/recieving')===false) { if ($getsubs) { if ($this->got_rights_array_recursive($filename) > 0) { - $key = substr($path,strlen($this->basepath)) . '/' . $file; + $key = substr($path, strlen($this->basepath)) . '/' . $file; $this->subfolders[$key] = $file; } } - if ($getdeepfiles)$this->read_directory($filename, false, $getdeepfiles, $getdeepfiles, $populate); + if ($getdeepfiles) + $this->read_directory($filename, false, $getdeepfiles, $getdeepfiles, $populate); } elseif (strpos($filename,'./uploads/ftp')) { //ftp files if ($this->got_rights_array($path) > 0 && !strpos($filename, '.hidden') ) { $h = md5($filename); @@ -578,7 +550,8 @@ function read_directory($path, $getsubs=false, $getfirstfiles=true, $getdeepfile $this->configs[$h]['mime'] = $this->set_mime($name_only); $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ; } - } elseif ($getfirstfiles) { //squashed files + } elseif ($getfirstfiles) { + //squashed files if ($this->got_rights_array($path) > 0) { if (strpos($filename, '.Completed') || strpos($filename, '.InProgress') || strpos($filename, '.Starting') || strpos($filename, '.Processed')) { $i++;