-/config.php
-/geoip.php
-/glob.php
-/include/
-/mail_test.php
-/md5.php
-/smarty/
-/stats/
+/cache/
/templates_c/
+/webroot/config.php
+/webroot/geoip.php
+/webroot/glob.php
+/webroot/include/
+/webroot/mail_test.php
+/webroot/md5.php
+/webroot/smarty/
+/webroot/stats/
+++ /dev/null
-<?php
-
-DEFINE('SQUASHER_DB_HOST', '127.0.0.1'); // Ip address of the mysql server
-DEFINE('SQUASHER_DB_USER', 'squasher'); // Username for the database
-DEFINE('SQUASHER_DB_PASSWORD', 'squasher'); // Password for the database
-DEFINE('SQUASHER_DB_DATABASE', 'squasher'); // Mysql database name
-
-// Location of the smarty library
-// Use 'smarty/Smarty.class.php' for relative directory 'smarty/'
-// Use 'smarty3/Smarty.class.php' if you installed package smarty3
-DEFINE('SQUASHER_SMARTY_SOURCE', 'smarty3/Smarty.class.php');
-
-// Location of the smarty templates
-DEFINE('SQUASHER_SMARTY_TEMPLATES', './templates');
-
-// Location of the smarty compiled templates
-DEFINE('SQUASHER_SMARTY_TEMPLATES_C', './templates_c');
-
-// Location of the smarty cache
-DEFINE('SQUASHER_SMARTY_CACHE', './cache');
-
-
-// start session
-session_start();
-
-//connect to db
-$link_db = mysql_connect(SQUASHER_DB_HOST, SQUASHER_DB_USER, SQUASHER_DB_PASSWORD);
-mysql_select_db(SQUASHER_DB_DATABASE, $link_db);
-
-// vim: syntax=php ts=4 sw=4 sts=4 sr noet
-?>
+++ /dev/null
-body {
- background-color:#E2EBD8;
- font-family:Arial Narrow;
- font-size:16px;
-}
-
-.wrappercontainer {
- width: 1000px;
- margin: 10px auto;
- border:5px solid;
- border-color:#FFFFFF;
- color:#003300;
- background: #FFFFFF;
-}
-
-/* top banner */
-.banner {
- background-color:#66CC00;
- width:100%;
- height:45px;
- background:#66CC00 url(../img/squash.gif) no-repeat 30px 50%;
-}
-
-/* Top right list of links, inside banner */
-.control {
- float:right;
- text-align:right;
- margin: 2px;
-}
-
-/* A menucontainer can hold several menu lines */
-.menucontainer {
- margin-top:10px;
- margin-bottom:10px;
-}
-
-.menu {
- clear:left;
-}
-
-/* menus div contains:
- - div.menuhead
- - a
- - a.selected */
-.menu .menuhead, .menu a {
- float:left;
- margin:1px;
- padding:3px 8px;
- border:1px solid;
-}
-
-.menu .menuhead {
- background-color:#66CC00;
- color:#003300;
- border-color:#66CC00;
-}
-
-.menu a {
- background-color:#C7F09E;
- color:#003300;
- border-color:#E2EBD8;
- text-decoration:none;
-}
-
-.menu a:hover, .menu a.selected {
- background-color:#339900;
- color:#FFFFFF;
- border-color:#E2EBD8;
-}
-
-.menu a.tool {
- background:inherit;
- border:inherit;
- text-decoration:underline;
- color:inherit;
- margin-left: 40px;
- font-size: 12px;
- padding-top: 5px;
- padding-bottom: 1px;
-}
-.menu a.tool:hover {
- color:#FF6600;
-}
-
-/* main content container */
-.content {
- clear:left;
- margin-top:10px;
- float:left;
- padding-right:5px;
- width:600px;
-}
-
-/* misc */
-.bottomimage {
- background: #FFFFFF url(../img/gp1.gif) no-repeat 95% 95%;
- clear:both;
- float:right;
- width:300px;
- height:146px;
-}
-
-.footer {
- clear:both;
- margin-top:10px;
- background-color:#66CC00;
- text-align:center;
- background:#66CC00 url(../img/gplogobottomright.gif) no-repeat 100%;
-}
-
-.clear {
- clear:both;
-}
-
-a {
- color:#003300;
-}
-
-a:hover {
- color:#FF6600;
-}
-
-/* These are used by logs : */
-table.log {
- border-spacing:0;
- spacing:0;
- padding:0;
- width:1000px;
- background-color:#C7F09E;
-}
-
-tr.logentry_header {
- background-color:#339900;
- color:#FFFFFF;
- border:1px solid;
- border-color:#C7F09E;
- text-align:center;
-}
-
-tr.logentry_download, tr.logentry_delete, tr.logentry_login, tr.logentry_empty {
- background-color:#C7F09E;
- color:#003300;
- margin:1px;
- border:1px solid;
- border-color:#C7F09E;
-}
-
-tr.logentry_empty {
- text-align:center;
-}
-
-tr.logentry_download:hover, tr.logentry_delete:hover, tr.logentry_login:hover {
- background-color:#339900;
- color:#FFFFFF;
-}
-
-/* there are used on index, for each file block : */
-.item, .status1, .status2, .status3 {
- position:relative;
- color:#003300;
- width:600px;
- border:2px solid;
- border-color:#FFFFFF;
- font-size:12px;
-}
-
-.item {
- background-color:#E2EBD8;
-}
-.status1 {
- background-color:#FFCCCC;
-}
-.status2 {
- background-color:#FFFFCC;
-}
-.status3 {
- background-color:#CCFFCC;
-}
-
-/* name of the file: */
-.name {
- float:left;
- left:1px;
- top:1px;
- padding-left:1px;
- z-index:50;
-}
-
-/* size of the file */
-.size {
- float:right;
- padding-left:2px;
- padding-right:3px;
-}
-
-/* date the file was added */
-.added {
- float:left;
- padding-left:2px;
- padding-right:3px;
-}
-
-/* date the file was lasy updated */
-.updated {
- float:left;
- padding-left:2px;
- padding-right:3px;
-}
-
-/* file status (Completed, ...) */
-.status {
- float:right;
- top:1px;
- padding-right:2px;
- text-align:right;
- z-index:10;
-}
-
-/* download (partial) link */
-.stream {
- float:right;
- padding-left:1px;
- padding-right:2px;
-}
-
-/* download link */
-.download {
- float:right;
- padding-left:1px;
- padding-right:2px;
-}
-
-/* index mass delete */
-.massdelete {
- /*position:absolute;*/
- /*bottom:0;*/
- float:right;
- width:300px;
- /*height:146px;*/
-}
-
-.deletebox {
- /*visibility: hidden;*/
-}
-
-/* index mass delete wrapper for right column */
-.filler {
- position:relative;
- float:right;
- width:300px;
- #height:500px;
-}
-
-
-/* users: user list/form wrapper */
-.white_border {
- clear:both;
- float:left;
- border-top:0px solid #FFFFFF;
- border-bottom:0px solid #FFFFFF;
-}
-
-/* access tool */
-.check_all, .check_allow, .check_deny {
- float:right;
- height:20px;
-}
-
-.sample_all, .sample_allow, .sample_deny {
- float:left;
- height:20px;
-}
-
-.check_all, .sample_all {
- background-color:#AAEEAA;
-}
-
-.check_allow, .sample_allow {
- background-color:#EEEEAA;
-}
-
-.check_deny, .sample_deny {
- background-color:#EEAAAA;
-}
-
-/* login page */
-
-.login {
- width:480px;
- float:none;
- display:inline-block;
- border:1px solid #003300;
- background-color:#C7F09E;
- margin:100px;
- padding:10px;
- text-align:center;
-}
-
-.login input {
- width:100%;
- color:#003300;
- margin: 10px 10px;
-}
-
-.login button {
- border:1px solid #003300;
- margin: 10px;
- padding:3px 8px;
- background:#66CC00;
-}
-
-.login button:hover {
- background-color:#339900;
- color:#ffffff;
-}
+++ /dev/null
-<?php
-
-require_once("config.php");
-
-require_once("squasher.class.php");
-
-$salt = md5($_SERVER['REMOTE_ADDR']."|".$_SERVER['HTTP_USER_AGENT']);
-
-if (@$_GET['tools']=="logout"){
- session_destroy();
- $_SESSION['creds']['validated'] = false;
- header( 'Location: '.$_SERVER['PHP_SELF'] ) ;
-}
-
-if (!@$_SESSION['creds']['validated']){
- validate_user(@$_POST['user'], @$_POST['pass'], $salt);
-}
-
-if ($_SESSION['creds']['validated'] || @$_GET['f']) {
-//if ($_SESSION['creds']['validated']){
- //load squasher
- include("squasher.php");
-} else {
- //show login
-
- $smarty = get_smarty();
-
- $smarty->assign('salt', $salt);
- $smarty->assign('debug', @$_GET['debug']);
- $smarty->display('login.tpl');
-}
-// vim: syntax=php ts=4 sw=4 sts=4 sr noet
-?>
+++ /dev/null
-/*
- * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
- * Digest Algorithm, as defined in RFC 1321.
- * Version 2.1 Copyright (C) Paul Johnston 1999 - 2002.
- * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
- * Distributed under the BSD License
- * See http://pajhome.org.uk/crypt/md5 for more info.
- */
-
-/*
- * Configurable variables. You may need to tweak these to be compatible with
- * the server-side, but the defaults work in most cases.
- */
-var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
-var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */
-var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */
-
-/*
- * These are the functions you'll usually want to call
- * They take string arguments and return either hex or base-64 encoded strings
- */
-function hex_md5(s){ return binl2hex(core_md5(str2binl(s), s.length * chrsz));}
-function b64_md5(s){ return binl2b64(core_md5(str2binl(s), s.length * chrsz));}
-function str_md5(s){ return binl2str(core_md5(str2binl(s), s.length * chrsz));}
-function hex_hmac_md5(key, data) { return binl2hex(core_hmac_md5(key, data)); }
-function b64_hmac_md5(key, data) { return binl2b64(core_hmac_md5(key, data)); }
-function str_hmac_md5(key, data) { return binl2str(core_hmac_md5(key, data)); }
-
-/*
- * Perform a simple self-test to see if the VM is working
- */
-function md5_vm_test()
-{
- return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72";
-}
-
-/*
- * Calculate the MD5 of an array of little-endian words, and a bit length
- */
-function core_md5(x, len)
-{
- /* append padding */
- x[len >> 5] |= 0x80 << ((len) % 32);
- x[(((len + 64) >>> 9) << 4) + 14] = len;
-
- var a = 1732584193;
- var b = -271733879;
- var c = -1732584194;
- var d = 271733878;
-
- for(var i = 0; i < x.length; i += 16)
- {
- var olda = a;
- var oldb = b;
- var oldc = c;
- var oldd = d;
-
- a = md5_ff(a, b, c, d, x[i+ 0], 7 , -680876936);
- d = md5_ff(d, a, b, c, x[i+ 1], 12, -389564586);
- c = md5_ff(c, d, a, b, x[i+ 2], 17, 606105819);
- b = md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330);
- a = md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897);
- d = md5_ff(d, a, b, c, x[i+ 5], 12, 1200080426);
- c = md5_ff(c, d, a, b, x[i+ 6], 17, -1473231341);
- b = md5_ff(b, c, d, a, x[i+ 7], 22, -45705983);
- a = md5_ff(a, b, c, d, x[i+ 8], 7 , 1770035416);
- d = md5_ff(d, a, b, c, x[i+ 9], 12, -1958414417);
- c = md5_ff(c, d, a, b, x[i+10], 17, -42063);
- b = md5_ff(b, c, d, a, x[i+11], 22, -1990404162);
- a = md5_ff(a, b, c, d, x[i+12], 7 , 1804603682);
- d = md5_ff(d, a, b, c, x[i+13], 12, -40341101);
- c = md5_ff(c, d, a, b, x[i+14], 17, -1502002290);
- b = md5_ff(b, c, d, a, x[i+15], 22, 1236535329);
-
- a = md5_gg(a, b, c, d, x[i+ 1], 5 , -165796510);
- d = md5_gg(d, a, b, c, x[i+ 6], 9 , -1069501632);
- c = md5_gg(c, d, a, b, x[i+11], 14, 643717713);
- b = md5_gg(b, c, d, a, x[i+ 0], 20, -373897302);
- a = md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691);
- d = md5_gg(d, a, b, c, x[i+10], 9 , 38016083);
- c = md5_gg(c, d, a, b, x[i+15], 14, -660478335);
- b = md5_gg(b, c, d, a, x[i+ 4], 20, -405537848);
- a = md5_gg(a, b, c, d, x[i+ 9], 5 , 568446438);
- d = md5_gg(d, a, b, c, x[i+14], 9 , -1019803690);
- c = md5_gg(c, d, a, b, x[i+ 3], 14, -187363961);
- b = md5_gg(b, c, d, a, x[i+ 8], 20, 1163531501);
- a = md5_gg(a, b, c, d, x[i+13], 5 , -1444681467);
- d = md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784);
- c = md5_gg(c, d, a, b, x[i+ 7], 14, 1735328473);
- b = md5_gg(b, c, d, a, x[i+12], 20, -1926607734);
-
- a = md5_hh(a, b, c, d, x[i+ 5], 4 , -378558);
- d = md5_hh(d, a, b, c, x[i+ 8], 11, -2022574463);
- c = md5_hh(c, d, a, b, x[i+11], 16, 1839030562);
- b = md5_hh(b, c, d, a, x[i+14], 23, -35309556);
- a = md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060);
- d = md5_hh(d, a, b, c, x[i+ 4], 11, 1272893353);
- c = md5_hh(c, d, a, b, x[i+ 7], 16, -155497632);
- b = md5_hh(b, c, d, a, x[i+10], 23, -1094730640);
- a = md5_hh(a, b, c, d, x[i+13], 4 , 681279174);
- d = md5_hh(d, a, b, c, x[i+ 0], 11, -358537222);
- c = md5_hh(c, d, a, b, x[i+ 3], 16, -722521979);
- b = md5_hh(b, c, d, a, x[i+ 6], 23, 76029189);
- a = md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487);
- d = md5_hh(d, a, b, c, x[i+12], 11, -421815835);
- c = md5_hh(c, d, a, b, x[i+15], 16, 530742520);
- b = md5_hh(b, c, d, a, x[i+ 2], 23, -995338651);
-
- a = md5_ii(a, b, c, d, x[i+ 0], 6 , -198630844);
- d = md5_ii(d, a, b, c, x[i+ 7], 10, 1126891415);
- c = md5_ii(c, d, a, b, x[i+14], 15, -1416354905);
- b = md5_ii(b, c, d, a, x[i+ 5], 21, -57434055);
- a = md5_ii(a, b, c, d, x[i+12], 6 , 1700485571);
- d = md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606);
- c = md5_ii(c, d, a, b, x[i+10], 15, -1051523);
- b = md5_ii(b, c, d, a, x[i+ 1], 21, -2054922799);
- a = md5_ii(a, b, c, d, x[i+ 8], 6 , 1873313359);
- d = md5_ii(d, a, b, c, x[i+15], 10, -30611744);
- c = md5_ii(c, d, a, b, x[i+ 6], 15, -1560198380);
- b = md5_ii(b, c, d, a, x[i+13], 21, 1309151649);
- a = md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070);
- d = md5_ii(d, a, b, c, x[i+11], 10, -1120210379);
- c = md5_ii(c, d, a, b, x[i+ 2], 15, 718787259);
- b = md5_ii(b, c, d, a, x[i+ 9], 21, -343485551);
-
- a = safe_add(a, olda);
- b = safe_add(b, oldb);
- c = safe_add(c, oldc);
- d = safe_add(d, oldd);
- }
- return Array(a, b, c, d);
-
-}
-
-/*
- * These functions implement the four basic operations the algorithm uses.
- */
-function md5_cmn(q, a, b, x, s, t)
-{
- return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s),b);
-}
-function md5_ff(a, b, c, d, x, s, t)
-{
- return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t);
-}
-function md5_gg(a, b, c, d, x, s, t)
-{
- return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t);
-}
-function md5_hh(a, b, c, d, x, s, t)
-{
- return md5_cmn(b ^ c ^ d, a, b, x, s, t);
-}
-function md5_ii(a, b, c, d, x, s, t)
-{
- return md5_cmn(c ^ (b | (~d)), a, b, x, s, t);
-}
-
-/*
- * Calculate the HMAC-MD5, of a key and some data
- */
-function core_hmac_md5(key, data)
-{
- var bkey = str2binl(key);
- if(bkey.length > 16) bkey = core_md5(bkey, key.length * chrsz);
-
- var ipad = Array(16), opad = Array(16);
- for(var i = 0; i < 16; i++)
- {
- ipad[i] = bkey[i] ^ 0x36363636;
- opad[i] = bkey[i] ^ 0x5C5C5C5C;
- }
-
- var hash = core_md5(ipad.concat(str2binl(data)), 512 + data.length * chrsz);
- return core_md5(opad.concat(hash), 512 + 128);
-}
-
-/*
- * Add integers, wrapping at 2^32. This uses 16-bit operations internally
- * to work around bugs in some JS interpreters.
- */
-function safe_add(x, y)
-{
- var lsw = (x & 0xFFFF) + (y & 0xFFFF);
- var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
- return (msw << 16) | (lsw & 0xFFFF);
-}
-
-/*
- * Bitwise rotate a 32-bit number to the left.
- */
-function bit_rol(num, cnt)
-{
- return (num << cnt) | (num >>> (32 - cnt));
-}
-
-/*
- * Convert a string to an array of little-endian words
- * If chrsz is ASCII, characters >255 have their hi-byte silently ignored.
- */
-function str2binl(str)
-{
- var bin = Array();
- var mask = (1 << chrsz) - 1;
- for(var i = 0; i < str.length * chrsz; i += chrsz)
- bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (i%32);
- return bin;
-}
-
-/*
- * Convert an array of little-endian words to a string
- */
-function binl2str(bin)
-{
- var str = "";
- var mask = (1 << chrsz) - 1;
- for(var i = 0; i < bin.length * 32; i += chrsz)
- str += String.fromCharCode((bin[i>>5] >>> (i % 32)) & mask);
- return str;
-}
-
-/*
- * Convert an array of little-endian words to a hex string.
- */
-function binl2hex(binarray)
-{
- var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
- var str = "";
- for(var i = 0; i < binarray.length * 4; i++)
- {
- str += hex_tab.charAt((binarray[i>>2] >> ((i%4)*8+4)) & 0xF) +
- hex_tab.charAt((binarray[i>>2] >> ((i%4)*8 )) & 0xF);
- }
- return str;
-}
-
-/*
- * Convert an array of little-endian words to a base-64 string
- */
-function binl2b64(binarray)
-{
- var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
- var str = "";
- for(var i = 0; i < binarray.length * 4; i += 3)
- {
- var triplet = (((binarray[i >> 2] >> 8 * ( i %4)) & 0xFF) << 16)
- | (((binarray[i+1 >> 2] >> 8 * ((i+1)%4)) & 0xFF) << 8 )
- | ((binarray[i+2 >> 2] >> 8 * ((i+2)%4)) & 0xFF);
- for(var j = 0; j < 4; j++)
- {
- if(i * 8 + j * 6 > binarray.length * 32) str += b64pad;
- else str += tab.charAt((triplet >> 6*(3-j)) & 0x3F);
- }
- }
- return str;
-}
+++ /dev/null
-<?php
-require_once("config.php");
-
-function zfill($n, $a) {
- return str_repeat("0", max(0,$a-strlen($n))) . $n;
-}
-
-function named_records_sort($named_recs, $order_by, $reverse=false, $flags=0) {
- $named_hash = array();
- foreach ($named_recs as $key => $fields)
- $named_hash[$key] = $fields[$order_by];
-
- if ($reverse)
- arsort($named_hash,$flags=0) ;
- else
- asort($named_hash, $flags=0);
-
- $sorted_records = array();
- foreach($named_hash as $key => $val)$sorted_records[$key] = $named_recs[$key];
-
- return $sorted_records;
-}
-
-function validate_user($username, $password, $salt) {
- $creds['validated'] = false;
- $query="SELECT * FROM users WHERE user_name = '".mysql_escape_string($username)."'";
- $q_result = mysql_query($query);
- while ($fetched_object = mysql_fetch_object($q_result)) {
- if (md5($fetched_object->user_pass.$salt) == $password) {
- //validated
- $creds['user_id'] = $fetched_object->user_id;
- $creds['user_name'] = $fetched_object->user_name;
- $creds['user_level'] = $fetched_object->user_level;
- $creds['validated'] = true;
- $log_hash=str_repeat("0",32); // File ID is always empty on login
- $q="INSERT INTO log (hash,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($log_hash)."','login',".$creds['user_id'].",'".mysql_escape_string($creds['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())";
- mysql_query($q);
- }
- }
- $_SESSION['creds'] = $creds;
- return $creds['validated'];
-}
-
-
-function get_smarty() {
- require_once(SQUASHER_SMARTY_SOURCE); // See config.php
-
- $smarty = new Smarty;
- $smarty->setTemplateDir(SQUASHER_SMARTY_TEMPLATES)
- ->setCompileDir(SQUASHER_SMARTY_TEMPLATES_C)
- ->setCacheDir(SQUASHER_SMARTY_CACHE);
-
- return $smarty;
-}
-
-
-class squashweb {
-
-var $basepath;
-var $configs = array();
-var $files = array();
-var $subfolders = array();
-var $folderrights;
-var $userrights;
-var $history = array();
-
-function set_root($root) {
- $this->basepath = $root;
-}
-
-function get_configs() {
- return $this->configs;
-}
-
-function subfolders() {
- return $this->subfolders;
-}
-
-function get_config($h) {
-
- return $this->configs[$h];
-}
-
-function folderrights() {
- return $this->folderrights;
-}
-
-function userrights() {
- return $this->userrights;
-}
-
-function update_history() {
- $q="SELECT md5_hash,file,completed,checked FROM file_hash";
- $r=mysql_query($q);
- while($o=mysql_fetch_object($r)) {
- $this->history[$o->md5_hash]['file']=$o->file;
- $this->history[$o->md5_hash]['completed']=$o->completed;
- $this->history[$o->md5_hash]['checked']=$o->checked;
- }
-}
-
-function get_users($user_level) {
- $q = "SELECT * FROM users WHERE user_level < ".$user_level." ORDER BY user_name ASC";
- $r = mysql_query($q);
-
- while ($o = mysql_fetch_object($r)) {
- $return[$o->user_id]['id'] = $o->user_id;
- $return[$o->user_id]['name'] = $o->user_name;
- $return[$o->user_id]['level'] = $o->user_level;
- $return[$o->user_id]['enabled'] = ($o->user_pass == '') ? false : true ;
- }
-
- return $return;
-}
-
-function get_logs($type='all') {
- $q="SELECT log.* FROM log WHERE log.user_id != '1' and ip != '87.233.211.2' ";
- if ($_SESSION['creds']['user_id'] == 1)
- $q="SELECT log.* FROM log WHERE log.user_id != 'x' ";
- switch($type) {
- case "delete":
- $q.= " AND log.action = 'delete'";
- break;
- case "download":
- $q.= " AND log.action = 'download'";
- break;
- case "login":
- $q.= " AND log.action = 'login'";
- break;
- case "debug":
- $q.= " AND log.action = 'debug'";
- break;
- default:
- $q.= "";
- break;
- }
-
- $today =" AND date > date(date_add(now(), interval -0 day)) ";
- $yesterday =" AND date < date(date_add(now(), interval -0 day)) AND date > date(date_add(now(), interval -1 day)) ";
- $lastweek =" AND date < date(date_add(now(), interval -1 day)) AND date > date(date_add(now(), interval -6 day)) ";
- $older =" AND date < date(date_add(now(), interval -7 day)) AND date > date(date_add(now(), interval -30 day)) ";
-
- $order=" ORDER BY log.log_id desc ";
- $r = mysql_query($q.$today.$order);
- $return = array();
- while($a = mysql_fetch_array($r)) {
- $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
- $ru = mysql_query($qu);
- $a['users_from_ip'] = " | ";
- while($au = mysql_fetch_array($ru))
- $a['users_from_ip'] .= $au['user_name']." | ";
- $return['today'][$a['log_id']] = $a;
- }
- $r = mysql_query($q.$yesterday.$order);
- while($a = mysql_fetch_array($r)) {
- $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
- $ru = mysql_query($qu);
- $a['users_from_ip'] = " | ";
- while($au = mysql_fetch_array($ru))
- $a['users_from_ip'] .= $au['user_name']." | ";
- $return['yesterday'][$a['log_id']] = $a;
- }
- $r = mysql_query($q.$lastweek.$order);
- while($a = mysql_fetch_array($r)) {
- $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
- $ru = mysql_query($qu);
- $a['users_from_ip'] = " | ";
- while($au = mysql_fetch_array($ru))
- $a['users_from_ip'] .= $au['user_name']." | ";
- $return['lastweek'][$a['log_id']] = $a;
- }
- $r = mysql_query($q.$older.$order);
- while($a = mysql_fetch_array($r)) {
- $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
- $ru = mysql_query($qu);
- $a['users_from_ip'] = " | ";
- while($au = mysql_fetch_array($ru))
- $a['users_from_ip'] .= $au['user_name']." | ";
- $return['older'][$a['log_id']] = $a;
- }
-
- return $return;
-}
-
-function insert_users($u, $admin_level) {
- $user_name = $u['user_name'];
- $user_pass = $u['user_pass'];
- $user_level = (int)$u['user_level'];
-
- $q = "INSERT INTO users (user_name,user_pass,user_level) VALUES ('".mysql_escape_string($user_name)."', '".mysql_escape_string(md5($user_pass))."', ".$user_level.")";
- $r = mysql_query($q);
-}
-
-function update_users($u) {
- $user_id = (int)$u['user_id'];
- $user_name = @$u['user_name'];
- $user_pass = @$u['user_pass'];
- $user_level = (int)@$u['user_level'];
- if ($user_name) {
- $q = "UPDATE users SET user_name = '".mysql_escape_string($user_name)."' WHERE user_id = ".$user_id;
- $r = mysql_query($q);
- }
- if ($user_pass) {
- $q = "UPDATE users SET user_pass = '".mysql_escape_string(md5($user_pass))."' WHERE user_id = ".$user_id;
- $r = mysql_query($q);
- }
- if ($user_level) {
- $q = "UPDATE users SET user_level = ".$user_level." WHERE user_id = ".$user_id;
- $r = mysql_query($q);
- }
-}
-
-function disable_users($u) {
- $user_id = (int)$u['user_id'];
- $user_name = @$u['user_name'];
- $user_level = (int)@$u['user_level'];
- if ($user_name) {
- $q = "UPDATE users SET user_name = '".mysql_escape_string($user_name)."' WHERE user_id = ".$user_id;
- $r = mysql_query($q);
- }
- $q = "UPDATE users SET user_pass = '' WHERE user_id = ".$user_id;
- $r = mysql_query($q);
- if ($user_level) {
- $q = "UPDATE users SET user_level = ".$user_level." WHERE user_id = ".$user_id;
- $r = mysql_query($q);
- }
- $r = mysql_query($q);
-}
-
-function remove_users($u) {
- $user_id = (int)$u['user_id'];
- $q = "DELETE FROM users WHERE user_id = ".$user_id;
- $r = mysql_query($q);
-}
-
-function get_rights($user_id) {
- $result = array();
-
- $q = "SELECT folder_path, access FROM user_rights WHERE user_id = ".(int)$user_id;
- $r = mysql_query($q);
- while ($o = mysql_fetch_object($r)) {
-
- //clean vars
- $arr_string = '$result';
-
- //get foldernames from path
- if ($o->folder_path != '/') {
- $path = $o->folder_path;
- if ($path{0}=='/')
- $path=substr($path,1);
- $folder_arr = explode('/',$path);
-
- //create folder structure array
- foreach ($folder_arr AS $key => $value) {
- $value_escaped = str_replace("'", "\\'", $value);
- $arr_string .= "['".$value_escaped."']";
- }
- }
- $arr_string .= "['__access__']";
-
- eval($arr_string." = '".$o->access."';");
- }
- return $result;
-}
-
-function give_rights($user_id, $type='folderrights') {
- if ($type=='folderrights')
- $this->folderrights = $this->get_rights($user_id);
- else // $type=='userrights'
- $this->userrights = $this->get_rights($user_id);
-}
-
-function update_rights($edited_user, $m, $admin_level) {
- $q = "SELECT count(*) result FROM users WHERE user_id = ".(int)$edited_user." AND user_level < ".(int)$admin_level;
- $r = mysql_query($q);
- $o = mysql_fetch_object($r);
-
- if ($o->result) {
- foreach ($m AS $path => $access) {
- $p_q = "SELECT count(*) result FROM user_rights WHERE user_id = ".(int)$edited_user." AND folder_path = '".mysql_escape_string($path)."'";
- $p_r = mysql_query($p_q);
- $p_o = mysql_fetch_object($p_r);
- if ($p_o->result == 1)
- mysql_query("UPDATE user_rights SET access = ".(int)$access." WHERE folder_path = '".mysql_escape_string($path)."' AND user_id = ".(int)$edited_user);
- if ($p_o->result == 0)
- mysql_query("INSERT INTO user_rights (user_id,folder_path,access) values (".(int)$edited_user.",'".mysql_escape_string($path)."',".(int)$access.") ");
- }
- }
-}
-
-
-function show_rights_tree($path, $depth=0, $userid=0) {
-
- if ($userid==0)
- return false;
- if ($depth==0)
- $this->give_rights($userid, 'userrights');
-
- // access = 0 --deny-all
- // access = 1 --allow-dir-only
- // access = 2 --allow-inc-subs
-
- $layout = '';
- $style = '';
-
- for ($i=0; $i<$depth; $i++)
- $layout .= " ";
- if ($dir = opendir($path)) {
- $layout .= "<div style='clear:both;' >\n";
- $f = 0;
- while (false !== ($file = readdir($dir))) {
- $files_array[] = $file;
- }
- asort($files_array);
- foreach ($files_array as $f_index => $file) {
- if (($file{0} !== ".") && ($file !== ".."))
- {
- $filename = $path."/".$file;
- if (!is_file($filename) && $this->got_rights_array($filename) > 0) {
- $f++;
- if (substr($filename,0,strlen($this->basepath))==$this->basepath)
- $name = substr($filename,strlen($this->basepath));
- $check = $this->got_rights_array_admin($filename, $this->userrights);
- $check_all = '';
- $check_allow = '';
- $check_deny = '';
- switch($check) {
- case 2:
- $check_all = 'checked';
- break;
- case 1:
- $check_allow = 'checked';
- break;
- case 0:
- default:
- $check_deny = 'checked';
- break;
- }
-
- if ($f==1)
- $style[$depth] = ".depth".$depth."{float:right;width:".(600-($depth*10))."px;border-left:2px solid #FFFFFF;border-top:1px solid #FFFFFF;background:#".dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).";}";
- if ($f==1)
- $layout .= "<div class='depth".$depth."'>";
- $layout .= "<div class='white_border' >".htmlspecialchars($file)."</div>\n";
- $name_escaped = htmlspecialchars($name);
- $layout .= '<div class="check_deny"><input name="m['.$name_escaped.']" value=0 type=radio '.$check_deny."></div>\n";
- $layout .= '<div class="check_allow"><input name="m['.$name_escaped.']" value=1 type=radio '.$check_allow."></div>\n";
- $layout .= '<div class="check_all"><input name="m['.$name_escaped.']" value=2 type=radio '.$check_all."></div>\n";
- $sub_return = $this->show_rights_tree($filename,$depth+1,$userid);
- if (is_array($style) && is_array($sub_return['style']))
- $style = $style + $sub_return['style'];
- $layout .= $sub_return['layout'];
- }
- }
- }
- if ($f!=0)
- $layout .= "</div>";
- $layout .= "</div>\n";
- }
-
- $return['style'] = $style;
- $return['layout'] = $layout;
-
- return $return;
-}
-
-function got_rights_array($needle, $haystack='', $c=0) {
- // used by:
- // - read_single_file
- // - read_directory
- // - show_rights_tree
-
- if (!is_array($haystack))
- $haystack = $this->folderrights;
- if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
- $needle=substr($needle,strlen($this->basepath));
-
- // check root rights
- if ($needle{0} == '/' && @$haystack['__access__'] == 2 )
- return 2;
-
- // remove leading /
- if ($needle{0}=='/')
- $needle = substr($needle, 1);
-
- $needle_arr = explode('/', $needle);
- $n = count($needle_arr);
- $d = $c + 1;
-
- foreach ($haystack as $k => $v) {
- if ($needle_arr[$c] == $k) {
- if (!is_array(@$v['__access__'])) {
- if ($v['__access__'] == 2 ) return 2;
- if ($v['__access__'] == 1 && $d == $n ) return 1;
- if ($v['__access__'] == 0 && $d == $n ) return 0;
- } else {
- $return = $this->got_rights_array($needle, $v, $d);
- }
- }
- }
- return $return;
-}
-
-function got_rights_array_admin($needle, $haystack='', $c=0) {
- // used by:
- // - show_rights_tree
-
- if (!is_array($haystack))
- $haystack = $this->folderrights;
- if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
- $needle = substr($needle, strlen($this->basepath));
-
- // check root rights
- if ($needle{0} == '/' && @$haystack['__access__'] == 2 )
- return 2;
-
- // remove leading /
- if ($needle{0} == '/')
- $needle = substr($needle, 1);
-
- $needle_arr = explode('/', $needle);
- $n = count($needle_arr);
- $d = $c + 1;
- $return = 0;
-
- if ($c < $n) {
- if (@$haystack['__access__'] == 2)
- return $haystack['__access__'];
- if (is_array($haystack[$needle_arr[$c]]))
- $return = $this->got_rights_array_admin($needle, $haystack[$needle_arr[$c]], $d);
- } else {
- if (@$haystack['__access__'] > 0)
- $return = $haystack['__access__'];
- }
-
- return $return;
-}
-
-function got_rights_array_recursive($needle, $haystack='', $c=0) {
- // used by:
- // - read_directory, for subfolders
-
- if (!is_array($haystack))
- $haystack = $this->folderrights;
- if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
- $needle=substr($needle, strlen($this->basepath));
-
- // check root rights
- if($needle{0}=='/' && @$haystack['__access__'] == 2 )
- return 2;
-
- // check folder rights
- if($needle{0}=='/')
- $needle=substr($needle,1);
-
- $needle_arr = explode('/', $needle);
- $n = count($needle_arr);
- $d = $c + 1;
- $return = 0;
-
- foreach($haystack as $k => $v) {
- if ($c < sizeof($needle_arr) && $needle_arr[$c] == $k) {
- if ($c < $n) {
- if ($v['__access__'] == 2)
- $return = $return + $v['__access__'];
- $return = $return + $this->got_rights_array_recursive($needle, $v, $d);
- } else {
- $return = $return + $this->in_array_recursive($v);
- }
- } elseif ($c == $n) {
- $return = $return + $v['__access__'];
- if($k != '__access__')$return = $return + $this->in_array_recursive($v);
- }
- }
-
- return $return;
-}
-
-function in_array_recursive($haystack) {
- $return = 0;
- if (is_array($haystack)) {
- foreach ($haystack as $key1 => $value1) {
- if (is_array($value1)) {
- $return = $return + $this->in_array_recursive($value1);
- }
- elseif ($value1 > 0) {
- return $value1;
- }
- }
- }
- return $return;
-}
-
-function read_single_file($path, $file) {
- $filename = $path."/".$file;
- $i = 0;
- if ($this->got_rights_array($path) > 0) {
- if (is_file($filename.'.Completed'))
- $file.='.Completed';
- if (is_file($filename.'.InProgress'))
- $file.='.InProgress';
- if (is_file($filename.'.Starting'))
- $file.='.Starting';
- if (is_file($filename.'.Processed'))
- $file.='.Processed';
- $filename = $path . "/" . $file;
- $handle = @fopen($filename, "rb");
- if (strpos($file,'.Completed'))
- $ext='.Completed';
- if (strpos($file,'.InProgress'))
- $ext='.InProgress';
- if (strpos($file,'.Starting'))
- $ext='.Starting';
- if (strpos($file,'.Processed'))
- $ext='.Processed';
- $sub_pos = strpos($file, $ext);
- $base_name = substr($file, 0, $sub_pos);
- $filecontent = @fread($handle, @filesize($filename));
- $config[$i] = explode("\r\n", $filecontent);
- /***
- * $config:: array
- * [0] -> versioncode
- * [1] -> date&time
- * [2] -> filename
- * [3] -> filesize
- * [4] -> chunksize
- * [5] -> chunkcount
- * [6] -> CRC32 checksum
- ***/
- if (@filesize($filename) > 0) {
- $h = md5($path."/".$config[$i][2]);
- $this->configs[$h] = $config[$i];
- $this->configs[$h]['squashed'] = true;
- $this->configs[$h]['path'] = $path;
- $this->configs[$h]['status'] = substr($ext, 1);
- $this->configs[$h]['mime'] = $this->set_mime($this->configs[$h][2]);
- $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
- //to prevent dates of 1-1-1970 we set te dates of the config file
- $this->configs[$h]['added'] = filectime($filename);
- $this->configs[$h]['lastchange'] = filemtime($filename);
- fclose($handle);
- $this->populate_stats($path, $h);
- //insert hash in db
- #$this->update_hash($h,$path."/".$config[$i][2]);
- //check stats
- $this->check_stats($h);
- }
- }
-}
-
-
-function read_directory($path, $getsubs=false, $getfirstfiles=true, $getdeepfiles=true, $populate=true) {
-
- if ($dir = @opendir($path)) {
- $i = 0;
- $last = 1;
- while (false !== ($file = readdir($dir))) {
- if (($file{0} !== ".") && substr($file,0,1) !== "SQ") {
- $filename = $path."/".$file;
- if (!is_file($filename) && strpos($filename, './uploads/recieving')===false) {
- if ($getsubs) {
- if ($this->got_rights_array_recursive($filename) > 0) {
- $key = substr($path, strlen($this->basepath)) . '/' . $file;
- $this->subfolders[$key] = $file;
- }
- }
- if ($getdeepfiles)
- $this->read_directory($filename, false, $getdeepfiles, $getdeepfiles, $populate);
- } elseif (strpos($filename,'./uploads/ftp')) { //ftp files
- if ($this->got_rights_array($path) > 0 && !strpos($filename, '.hidden') ) {
- $h = md5($filename);
- $name_only = substr($filename, strlen($path)+1);
- $file_structure = explode('.', $name_only);
- $ext = array_pop($file_structure);
- $base_name = array_pop($file_structure);
- $this->configs[$h]['path'] = $path;
- $this->configs[$h][0] = 'manual ftp';
- $this->configs[$h][2] = $name_only;
- $this->configs[$h][3] = filesize($filename);
- $this->configs[$h]['added'] = filectime($filename);
- $this->configs[$h]['lastchange'] = filemtime($filename);
- $this->configs[$h]['status'] = 'unknown';
- $this->configs[$h]['squashed'] = false;
- $this->configs[$h]['mime'] = $this->set_mime($name_only);
- $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
- }
- } elseif ($getfirstfiles) {
- //squashed files
- if ($this->got_rights_array($path) > 0) {
- if (strpos($filename, '.Completed') || strpos($filename, '.InProgress') || strpos($filename, '.Starting') || strpos($filename, '.Processed')) {
- $i++;
- $handle = @fopen($filename, "rb");
- if (strpos($file,'.Completed'))
- $ext='.Completed';
- if (strpos($file,'.InProgress'))
- $ext='.InProgress';
- if (strpos($file,'.Starting'))
- $ext='.Starting';
- if (strpos($file,'.Processed'))
- $ext='.Processed';
- $sub_pos = strpos($file, $ext);
- $base_name = substr($file, 0, $sub_pos);
- $filecontent = @fread($handle, @filesize($filename));
- $config[$i] = explode("\r\n", $filecontent);
-
- /***
- * $config:: array
- * [0] -> versioncode
- * [1] -> date&time
- * [2] -> filename
- * [3] -> filesize
- * [4] -> chunksize
- * [5] -> chunkcount
- * [6] -> CRC32 checksum
- ***/
-
- if (@filesize($filename) > 0) {
- $h = md5($path."/".$config[$i][2]);
- $this->configs[$h] = $config[$i];
- $this->configs[$h]['squashed'] = true;
- $this->configs[$h]['path'] = $path;
- $this->configs[$h]['status'] = substr($ext, 1);
- $this->configs[$h]['mime'] = $this->set_mime($this->configs[$h][2]);
- $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
- //to prevent dates of 1-1-1970 we set te dates of the config file
- $this->configs[$h]['added'] = filectime($filename);
- $this->configs[$h]['lastchange'] = filemtime($filename);
- fclose($handle);
- $this->populate_stats($path, $h);
- //insert hash in db
- $this->update_hash($h, $path."/".$config[$i][2]);
- //check stats
- $this->check_stats($h);
- }
- }
- }
- }
- }
- }
- }
-}
-
-function check_stats($h) {
- $config = $this->get_config($h);
- $count = @array_sum($config['stats']);
- if ($config['status']=='Completed' && $count != $config[5]) {
- $filepath=$config['path'].'/'.$config[2];
- if ($this->history[$h]['completed']=="1") {
- //don't display broken file, remove it instead
- unlink($config['path'].'/'.$config[2].'.Completed');
- unset($this->configs[$h]);
-
- if (!$count)
- $count = 0;
- $m_subject = "Squasher Debug: File Removed";
- $m_body = "Upload removed: \n File: ".$config['path']."/".$config[2]." \n Status: ".$config['status']." \n Chunks: ".$count." out of ".$config[5];
- mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
- $qlog = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','debug',-1,'squasher-web','cleanup',NOW())";
- mysql_query($qlog);
- } else {
- //do move
- rename($config['path'].'/'.$config[2].'.Completed', $config['path'].'/'.$config[2].'.InProgress');
- $this->configs[$h]['status'] = 'InProgress';
-
- //mail n4m
- if (!$count)
- $count = 0;
- $m_subject = "Squasher Debug: Upload Error";
- $m_body = "Upload error: \n File: ".$config['path']."/".$config[2]." \n Status: ".$config['status']." \n Chunks: ".$count." out of ".$config[5];
- mail('support@netformatie.nl', $m_subject, $m_body, "From: squasher@netformatie.nl");
- mail('jan@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
- mail('joop@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
- mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
-
- //do sms
- //wget -o/dev/null "http://www.mollie.nl/xml/sms/?username=netformatie&password=SMSdolsi&originator=Netformatie&recipients=${ENGINEER}&message=${CALLERID}";
-
- //mail RO
- $ship = explode('/',$config['path']);
- if ($ship[2] == 'myas' || $ship[2] == 'myez' || $ship[2] == 'myrw')
- mail('ro1@'.$ship[2].'.greenpeace.org','Squasher: '.$config[2].' resume request','The squasher server has detected an upload error. Please resume the squasher transmission for '.$config[2].' to correct this problem.',"From: support@netformatie.nl\nX-Priority: 1");
-
- $qlog = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','debug',-1,'squasher-web','retry',NOW())";
- mysql_query($qlog);
-
- }
- } elseif ($config['status']=='Completed' && $count == $config[5]) {
- if ($this->history[$h]['completed']==0)
- mysql_query("UPDATE file_hash SET completed = 1 WHERE md5_hash = '".mysql_escape_string($h)."'");
- }
-}
-
-function update_hash($hash, $path) {
- $check_hash_query = "select * from file_hash where md5_hash = '".$hash."'";
- $check_hash_result = mysql_query($check_hash_query);
- if(mysql_num_rows($check_hash_result) == 0) {
- $insert_hash_query = "INSERT INTO file_hash (md5_hash,file) values ('".mysql_escape_string($hash)."','".mysql_escape_string($path)."')";
- mysql_query($insert_hash_query);
- }
-}
-
-function path_to_arraystring($path, $arrayname) {
- $path_values = explode('/', $path);
- $return = $arrayname;
- foreach ($path_values AS $key => $value) {
- if ($value != '.' && $value != '')
- $return.= "['".$value."']";
- }
- return $return;
-}
-
-function populate_stats($path, $h) {
- /***
- * $config:: array
- * [0] -> versioncode
- * [1] -> date&time
- * [2] -> filename
- * [3] -> filesize
- * [4] -> chunksize
- * [5] -> chunkcount
- * [6] -> CRC32 checksum
- ***/
- $config = $this->configs[$h];
-
- $q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($h)."'";
- $r = mysql_query($q);
- $o = mysql_fetch_object($r);
- $validated_chunks = $o->validated_chunks;
-
- if ($this->history[$h]['completed']=="1") {
- $file_part = $path."/SQ".zfill(1,6)."-".$config[2];
- if (!is_file($file_part))
- $file_part = $path."/SQ".zfill(1,3)."-".$config[2];
- if (is_file($file_part)) {
- $this->configs[$h]['added'] = filectime($file_part);
- $file_part = $path."/SQ".zfill($config[5],6)."-".$config[2];
- if (!is_file($file_part))
- $file_part = $path."/SQ".zfill($config[5],3)."-".$config[2];
- if (is_file($file_part))
- $this->configs[$h]['lastchange'] = filemtime($file_part);
- for ($i=1; $i<=$config[5]; $i++)
- $this->configs[$h]['stats'][$i] = "1.00";
- } else {
- //failsafe voor verwijderde bestanden
- mysql_query("UPDATE file_hash SET completed = 0 WHERE md5_hash = '".mysql_escape_string($h)."'");
- }
- } else {
- $keep_validating = true;
- for ($i=1; $i<=$config[5]; $i++) {
- if ($validated_chunks > $i) {
- $this->configs[$h]['stats'][$i]="1.00";
- } else {
- $file_part = $path."/SQ".zfill($i,6)."-".$config[2];
- if (!is_file($file_part))
- $file_part = $path."/SQ".zfill($i,3)."-".$config[2];
- if (is_file($file_part)) {
- $handle = fopen($file_part, "rb");
- $size_this = filesize($file_part);
- $added = filectime($file_part);
- $last_changed = filemtime($file_part);
- if ($this->configs[$h]['added'] > $added || !is_numeric($this->configs[$h]['added']))
- $this->configs[$h]['added'] = $added;
- if ($this->configs[$h]['lastchange'] < $last_changed)
- $this->configs[$h]['lastchange'] = $last_changed;
- if ($i != $config[5]) {
- $this->configs[$h]['stats'][$i] = number_format((1/$config[4])*$size_this, 2, '.', '');
- //number_format((100/$config[4])*$size_this, 2, '.', '')."%";
- }else{
- $this->configs[$h]['stats'][$i] = number_format((1/($config[3]-($config[4]*($config[5]-1))))*$size_this, 2, '.', '');
- //number_format((100/($config[3]-($config[4]*($config[5]-1))))*$size_this, 2, '.', '')."%";
- }
- fclose($handle);
- if ($config[4] == $size_this && $keep_validating) {
- $validated_chunks = $i;
- } else {
- $keep_validating = false;
- }
- } else {
- $this->configs[$h]['stats'][$i] = "0.00";
- //$this->configs[$h]['stats'][$i]="0.00%";
-
- }
- }
- }
- mysql_query("UPDATE file_hash SET validated_chunks = '".mysql_escape_string($validated_chunks)."' WHERE md5_hash = '".mysql_escape_string($h)."'");
- }
-}
-
-function read_config($path, $filename) {
- if (is_file($path."/".$filename.".InProgress")) {
- $config_handle = fopen($path."/".$filename.".InProgress", "r");
- $conf_path=$path."/".$filename.".InProgress";
- } elseif (is_file($path."/".$filename.".Completed" )) {
- $config_handle = fopen($path."/".$filename.".Completed", "r");
- $conf_path=$path."/".$filename.".Completed";
- } elseif (is_file($path."/".$filename.".Starting" )) {
- $config_handle = fopen($path."/".$filename.".Starting", "r");
- $conf_path=$path."/".$filename.".Starting";
- } elseif (is_file($path."/".$filename.".Processed" )) {
- $config_handle = fopen($path."/".$filename.".Processed", "r");
- $conf_path=$path."/".$filename.".Processed";
- } else {
- return "Not Found";
- }
- $config_content = fread($config_handle, filesize($conf_path));
- fclose($config_handle);
- $config = explode("\n", $config_content);
-
- return $config;
-// print_r($config);
-/* $file_count = $config[5];
- $last=1;
- for ($i=1; $i<=$file_count; $i++)
- {
- $file_part = $path."/SQ".zfill($i,6)."-".$filename;
- if (is_file($file_part))
- {
-
- $handle = fopen($file_part, "rb");
- $size_this = filesize($file_part);
- //$stats[$i]=round((100/$config[4])*$size_this)."%";
- if ((($size_this==$config[4] && ($last+1)==$i) )|| $i == $config[5]) {
- $merged_file.=fread($handle, filesize($file_part));
- $last = $i;
- }
- fclose($handle);
- }
- }
- return $merged_file;
- */
-}
-
-function print_files($path, $filename, $tovar=false) {
- if (strpos($path, './uploads/ftp')) {
- $filestring = $path.'/'.$filename;
- if (is_file($filestring)) {
- $handle = fopen($filestring, "rb");
- while (!feof($handle))
- {
- print(fread($handle, 1024));
- ob_flush();
- flush();
- }
- }
- } else {
- if (is_file($path."/".$filename.".InProgress")) {
- $config_handle = fopen($path."/".$filename.".InProgress", "r");
- $conf_path=$path."/".$filename.".InProgress";
- } elseif (is_file($path."/".$filename.".Completed" )) {
- $config_handle = fopen($path."/".$filename.".Completed", "r");
- $conf_path=$path."/".$filename.".Completed";
- } elseif (is_file($path."/".$filename.".Starting" )) {
- $config_handle = fopen($path."/".$filename.".Starting", "r");
- $conf_path=$path."/".$filename.".Starting";
- } elseif (is_file($path."/".$filename.".Processed" )) {
- $config_handle = fopen($path."/".$filename.".Processed", "r");
- $conf_path=$path."/".$filename.".Processed";
- } else{
- return "Not Found";
- }
- $config_content = fread($config_handle, filesize($conf_path));
- fclose($config_handle);
- $config = explode("\n",$config_content);
-// print_r($config);
- $file_count = $config[5];
- $last = 0;
- $last_part_size = ( $config[3] - ( ( $config[5] -1 ) * $config[4] ) );
- for ($i=0;$i<=$file_count;$i++)
- {
- $file_part = $path."/SQ".zfill($i,6)."-".$filename;
- if (!is_file($file_part))
- $file_part = $path."/SQ".zfill($i,3)."-".$filename;
- if (is_file($file_part))
- {
- $handle = fopen($file_part, "rb");
- $size_this = filesize($file_part);
- if ( ( ( $size_this==$config[4] ) && ( ($last+1)==$i ) ) || ( ( $i == $config[5] ) && ( $size_this==$last_part_size ) && ( ($last+1)==$i ) ) ) {
- if ($tovar) {
- $merged_file.=fread($handle, $size_this);
- $last = $i;
- } else {
- while (!feof($handle))
- {
- print(fread($handle, 4096));
- # @ob_flush();
- # @flush();
- }
- $last = $i;
- }
- }
- fclose($handle);
- }
- }
- if ($tovar)
- return $merged_file;
- }
-}
-
-function check_md5($h) {
- $return = false;
- $config = $this->configs[$h];
- $var = $this->print_files($config['path'], $config[2], true);
- $hash = md5($var);
- if ($hash==$config[6])
- $return=true;
-
- return $return;
-}
-
-function file_crc($file_string) {
- //$file_string = file_get_contents($file);
-
- $crc = crc32($file_string);
- return sprintf("%u\n", $crc);
-}
-
-function file_crc_debug($file) {
- $file_string = file_get_contents($file);
-
- $crc = crc32($file_string);
- return sprintf("%u\n", $crc);
-}
-
-function delete_file($h, $s) {
- $request = $this->get_config($h);
- $filepath=$request['path'].'/'.$request[2];
- if (strpos($request['path'], './uploads/ftp')) {
- #remove file
- if (is_file($filepath))
- @unlink($filepath);
- if (is_file($filepath.'.hidden'))
- @unlink($filepath.'.hidden');
- } else {
- #remove fileparts
- for ($i=0;$i<=$request[5];$i++) {
- $part_six = $request['path']."/SQ".zfill($i,6)."-".$request[2];
- $part_three = $request['path']."/SQ".zfill($i,3)."-".$request[2];
- if (is_file($part_six))
- @unlink($part_six);
- if (is_file($part_three))
- @unlink($part_six);
- }
- #remove config file
- if (is_file($request['path'].'/'.$request[2].'.hidden')) @unlink($request['path'].'/'.$request[2].'.hidden');
- if (is_file($request['path'].'/'.$request[2].'.Completed')) @unlink($request['path'].'/'.$request[2].'.Completed');
- if (is_file($request['path'].'/'.$request[2].'.InProgress'))@unlink($request['path'].'/'.$request[2].'.InProgress');
- if (is_file($request['path'].'/'.$request[2].'.Processed')) @unlink($request['path'].'/'.$request[2].'.Processed');
- if (is_file($request['path'].'/'.$request[2].'.Starting')) @unlink($request['path'].'/'.$request[2].'.Starting');
- }
-
- #Update DB
- $q = "DELETE FROM file_hash WHERE file_hash = '".mysql_escape_string($h)."'";
- mysql_query($q);
- $q = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','delete',".(int)$s['user_id'].",'".mysql_escape_string($s['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())";
- mysql_query($q);
-
- #Send debug mail
- $m_name = $s['user_name'];
- $m_subject = "Squasher Debug: File Deleted by {$m_name}";
- $m_body = "File Deleted: \n Requested by: {$m_name} \n File: {$filepath}";
- mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
-}
-
-function show_files() {
-
- $path = "./uploads/";
-
- if ($dir = opendir($path)) {
- $i = 1;
- $last = 1;
- $files = array();
- $files_merged = array();
- while (false !== ($file = readdir($dir)))
- {
- if (($file !== ".") && ($file !== ".."))
- {
- $filename = $path.$file;
- $handle = fopen($filename, "rb");
- $size_this = filesize($filename);
- if ($i==1)
- $size_first = $size_this;
- $filecontent = fread($handle, filesize($filename));
- $files[$i++] = $filename;
- $files_merged[$file_base][]=$filename;
- fclose($handle);
- }
- }
- }
- echo "<pre>";
- print_r($files);
- print_r($files_merged);
- echo "</pre>";
-}
-
-function set_mime($filename) {
- $ext_arr = explode('.', $filename);
- $ext = strtolower(array_pop($ext_arr));
- switch($ext) {
- case 'avi':
- $mime = 'video/avi';
- break;
- case 'mpeg':
- case 'mpg':
- $mime = 'video/mpeg'; //MPEG Video
- break;
- case 'exe':
- case 'bat':
- case 'doc':
- case 'xls':
- $mime = 'application/octet-stream';
- break;
- case 'gif':
- $mime = 'image/gif'; //GIF Image
- break;
- case 'jpg':
- case 'jpeg':
- $mime = 'image/jpeg'; //JPEG Image
- break;
- case 'png':
- $mime = 'image/png'; //PNG Image
- break;
- case 'wav':
- case 'wave':
- $mime = 'audio/wav'; //WAV Audio
- break;
- case 'mp3':
- $mime = 'audio/mpeg'; //MP3 Audio
- break;
- case 'mov':
- $mime = 'video/mov'; //Quicktime Video
- break;
- case 'wmv':
- $mime = 'video/x-ms-wmv'; //Windows WMV video
- break;
- case 'wma':
- $mime = 'audio/x-ms-wma'; //Windows WMA audio
- break;
- case 'rm':
- $mime = 'audio/x-realaudio'; //RealPlayer Audio/Video (.rm)
- break;
- case 'ram':
- $mime = 'audio/x-pn-realaudio'; //RealPlayer Audio/Video (.ram)
- break;
- case 'pdf':
- $mime = 'application/pdf'; //PDF Document
- break;
- case 'doc':
- $mime = 'application/msword'; //MS Word .doc file
- break;
- case 'zip':
- $mime = 'application/zip'; //Zip File
- break;
- default:
- $mime = 'application/octet-stream';
- break;
- }
- //$return['mime']=$mime;
- //$return['ext']=$ext;
-
- return $mime;
-}
-
-}
-// vim: syntax=php ts=4 sw=4 sts=4 sr noet
-?>
+++ /dev/null
-<?php
-if (!$_SESSION['creds']['validated'] && !isset($_GET['f']))
- exit();
-
-require_once("squasher.class.php");
-
-$squashweb = new squashweb();
-
-$squashweb->update_history();
-
-//set root directory
-$basedir = "../uploads";
-if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1) {
- $subf = $_GET['path'];
- $path = $basedir . $subf;
-} else {
- $subf = '/';
- $path = $basedir;
-}
-
-$squashweb->set_root($basedir);
-
-if (@$_GET['f'] || @$_GET['tools']=='hide' || @$_GET['tools']=='unhide' || @$_GET['tools']=='delete') {
- $getdeepfiles=true;
- $populate=false;
-} else {
- $getdeepfiles=false;
- $populate=true;
-}
-
-//update folder rights if form is posted
-if (@$_POST['edited_user'] > 0 && @$_POST['formtype'] == 'folderrights')
- $squashweb->update_rights($_POST['edited_user'], $_POST['m'], $_SESSION['creds']['user_level']);
-
-//set folder rights
-if (@$_GET['f']) {
- $squashweb->give_rights(2);
-} else {
- $squashweb->give_rights($_SESSION['creds']['user_id']);
-}
-
-if (@$_GET['f']) {
- $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($_GET['f'])."'";
- $f_r = mysql_query($f_q);
- $f_o = mysql_fetch_object($f_r);
-
- //log downloads
- @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($_GET['f'])."','".mysql_escape_string($f_o->file)."','download','".mysql_escape_string($_SESSION['creds']['user_id'])."','".mysql_escape_string($_SESSION['creds']['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())");
-
- $_hpath_arr=explode("/", $f_o->file);
- $file=array_pop($_hpath_arr); //Remove filename
- $path=implode("/", $_hpath_arr);
- $squashweb->read_single_file($path, $file);
- #$squashweb->read_directory($path, false, true, false, false);
-} else {
- //parse folders for readable files
- $squashweb->read_directory($path, true, true, $getdeepfiles, $populate);
-}
-
-//check if a file is requested
-if (@$_GET['f']) {
- //get the config of requested file
- $request = $squashweb->get_config($_GET['f']);
-
- //show requested file
- #header('Cache-control: private');
- header('Content-Disposition: attachment; filename="'.$request[2].'"');
- header("Content-Type: ".$request['mime']);
- if ($request[3])
- header('Content-Length: '.$request[3]);
- #@ob_flush();
- @flush();
- $squashweb->print_files($request['path'], $request[2]);
-
-} elseif (@$_GET['tools']=="hide" && @$_GET['h']) {
- if ($_SESSION['creds']['user_level'] > 99) {
- $request = $squashweb->get_config($_GET['h']);
- $handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x');
- fwrite($handle, 'hidden by '.$_SESSION['creds']['user_name']);
- fclose($handle);
- $path=substr($request['path'], strlen($basedir));
- header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
- }
-} elseif (@$_GET['tools']=="unhide" && isset($_GET['h'])) {
- if ($_SESSION['creds']['user_level'] > 99) {
- $request = $squashweb->get_config($_GET['h']);
- @unlink($request['path'].'/'.$request[2].'.hidden');
- $path=substr($request['path'], strlen($basedir));
- header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
- }
-} elseif (@$_GET['tools']=="delete" && isset($_GET['h'])) {
- if ($_SESSION['creds']['user_level'] > 99) {
- if ($_GET['h'] == "multiple") {
- $h_post = $_POST['h'];
- foreach ($h_post as $h_key => $h) {
- $request = $squashweb->get_config($h);
- $squashweb->delete_file($h, $_SESSION['creds']);
- }
- } else {
- $h = $_GET['h'];
- $request = $squashweb->get_config($h);
- $squashweb->delete_file($h, $_SESSION['creds']);
- }
- $path=substr($request['path'], strlen($basedir));
- header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
- }
-
-} elseif (@$_POST['tools']=="mkdir" && isset($_GET['path']) && isset($_POST['newname']) && $_SESSION['creds']['user_level'] > 99) {
- $path = $_GET['path'];
- $newname = $_POST['newname'];
- $subs = explode('/', $path);
- if (in_array('..', $subs))
- die(); // Hard fails when trying to play above basedir
- if ($squashweb->got_rights_array_admin($path) > 0) {
- umask(002); // don't remove g+w
- mkdir($basedir.'/'.$path.'/'.$newname);
- }
- header( 'Location: ?path='.$path.'/'.$newname) ;
-
-} elseif (@$_POST['tools']=="rmdir" && isset($_GET['path']) && $_SESSION['creds']['user_level'] > 99) {
- $path = $_GET['path'];
- $subs = explode('/', $path);
- if (in_array('..', $subs))
- die(); // Hard fails when trying to play above basedir
- if ($squashweb->got_rights_array_admin($path) > 0) {
- rmdir($basedir.$path);
- }
- array_pop($subs);
- $path=implode("/", $subs);
- header( 'Location: ?path='.$path) ;
-
-} elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) {
-
- $smarty = get_smarty();
-
- $smarty->assign('user_level', $_SESSION['creds']['user_level']);
- $smarty->assign('user_name', $_SESSION['creds']['user_name']);
- $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
-
- $smarty->assign('edited_user', @$_GET['user']);
-
- $tree = $squashweb->show_rights_tree($path, 0, @$_GET['user']);
-
- $smarty->assign('style', $tree['style']);
- $smarty->assign('layout', $tree['layout']);
-
- $smarty->assign('debug', @$_GET['debug']);
- $smarty->assign('folderrights', $squashweb->folderrights());
- $smarty->assign('userrights', $squashweb->userrights());
- $smarty->display('admin.tpl');
-
-} elseif (@$_GET['tools']=='users' && $_SESSION['creds']['user_level'] > 100) {
- $type = @$_POST['type'];
- if ($type=="update")
- $squashweb->update_users($_POST['u']);
- if ($type=="disable")
- $squashweb->disable_users($_POST['u']);
- if ($type=="delete")
- $squashweb->remove_users($_POST['u']);
- if ($type=="new")
- $squashweb->insert_users($_POST['u'], $_SESSION['creds']['user_level']);
- $smarty = get_smarty();
-
- $smarty->assign('user_level', $_SESSION['creds']['user_level']);
- $smarty->assign('user_name', $_SESSION['creds']['user_name']);
- $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
-
- if ($_SESSION['creds']['user_level'] > 199) {
- $smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) );
- } else {
- $smarty->assign('user_levels', array(55 => 'user' ) );
- }
- $smarty->assign('debug', @$_GET['debug']);
-
- $smarty->display('udmin.tpl');
-
-} elseif (@$_GET['tools']=='logs' && $_SESSION['creds']['user_level'] > 100) {
- $logtype=@$_GET['logtype'];
- if (!$logtype)
- $logtype = 'all';
-
- $smarty = get_smarty();
-
- $smarty->assign('user_level', $_SESSION['creds']['user_level']);
- $smarty->assign('user_name', $_SESSION['creds']['user_name']);
- $smarty->assign('logtype', $logtype);
- $smarty->assign('logs', $squashweb->get_logs($logtype));
-
- $smarty->assign('debug', @$_GET['debug']);
- $smarty->display('logs.tpl');
-
-} else {
- //show overview
-
- $smarty = get_smarty();
- /***
- * $config:: array
- * [0] -> versioncode
- * [1] -> date&time
- * [2] -> filename
- * [3] -> filesize
- * [4] -> chunksize
- * [5] -> chunkcount
- * [6] -> CRC32 checksum
- ***/
-
- $configs_num = $squashweb->get_configs();
-
- $configs_sorted = named_records_sort($configs_num, 'lastchange', true);
-
- $configs = array();
- $paths = array();
-
- foreach ($configs_sorted as $key => $value) {
- $configs[$key]['squashed'] = $value['squashed'];
- $configs[$key]['version'] = $value[0];
- //$configs[$key]['date'] = $value[1]; //removed because user local creation date is irrelevant
- $configs[$key]['name'] = $value[2];
- $configs[$key]['size'] = $value[3];
- $configs[$key]['chunk_size'] = $value[4];
- $configs[$key]['chunks'] = $value[5];
- $configs[$key]['crc'] = $value[6];
- $paths[substr($value['path'], strlen($basedir))]=array_pop(explode('/',$value['path']));
- (strpos($value['mime'],'ideo')) ? $embedable=true : $embedable=false;
- (@array_sum($value['stats']) == $value[5]) ? $finished=true : $finished=false;
-
- $configs[$key]['embedable'] = $embedable;
- $configs[$key]['finished'] = $finished;
- $configs[$key]['mime'] = $value['mime'];
- $configs[$key]['status'] = $value['status'];
- $configs[$key]['hidden'] = $value['hidden'];
- $configs[$key]['chunks_finished'] = @array_sum($value['stats']);
- if ($finished) {
- $configs[$key]['chunks_partial'] = $configs[$key]['chunks_finished'];
- } else {
- $continue = true;
- foreach($value['stats'] as $sk => $sv) {
- if ($continue) {
- $configs[$key]['chunks_partial'] = $configs[$key]['chunks_partial']+$sv;
- if ($sv != '1.00') $continue=false;
- }
- }
- }
- $configs[$key]['date'] = date('d.m.y - H:i:s - T', $value['added']);
- $configs[$key]['lastchange'] = date('d.m.y - H:i:s - T', $value['lastchange']);
- }
-
-
- //set base folders
- $basepath['/'] = 'top';
- $bpath = '';
- foreach (explode('/', $subf) as $key => $value) {
- if ($value != '') {
- $bpath .= '/'.$value;
- $basepath[$bpath] = $value;
- }
- }
- $smarty->assign('debug', @$_GET['debug']);
- $smarty->assign('user_level', $_SESSION['creds']['user_level']);
- $smarty->assign('user_name', $_SESSION['creds']['user_name']);
- $smarty->assign('folderrights', $squashweb->folderrights());
-
- $smarty->assign('squashed', $configs);
- $smarty->assign('paths', $paths);
- $smarty->assign('base', $basepath);
- $smarty->assign('currentfolder', $subf);
- $subs = $squashweb->subfolders();
- if ($subs)
- asort($subs);
- $smarty->assign('subfolders', $subs);
-
- //if(@$_GET[debug]) print_r($configs);
- $smarty->display('index.tpl'); //Display normal template
-
-}
-// vim: syntax=php ts=4 sw=4 sts=4 sr noet
-?>
--- /dev/null
+<?php
+
+DEFINE('SQUASHER_DB_HOST', '127.0.0.1'); // Ip address of the mysql server
+DEFINE('SQUASHER_DB_USER', 'squasher'); // Username for the database
+DEFINE('SQUASHER_DB_PASSWORD', 'squasher'); // Password for the database
+DEFINE('SQUASHER_DB_DATABASE', 'squasher'); // Mysql database name
+
+// Location of the smarty library
+// Use 'smarty/Smarty.class.php' for relative directory 'smarty/'
+// Use 'smarty3/Smarty.class.php' if you installed package smarty3
+DEFINE('SQUASHER_SMARTY_SOURCE', 'smarty3/Smarty.class.php');
+
+// Location of the smarty templates
+DEFINE('SQUASHER_SMARTY_TEMPLATES', '../templates');
+
+// Location of the smarty compiled templates
+DEFINE('SQUASHER_SMARTY_TEMPLATES_C', '../templates_c');
+
+// Location of the smarty cache
+DEFINE('SQUASHER_SMARTY_CACHE', '../cache');
+
+
+// start session
+session_start();
+
+//connect to db
+$link_db = mysql_connect(SQUASHER_DB_HOST, SQUASHER_DB_USER, SQUASHER_DB_PASSWORD);
+mysql_select_db(SQUASHER_DB_DATABASE, $link_db);
+
+// vim: syntax=php ts=4 sw=4 sts=4 sr noet
+?>
--- /dev/null
+body {
+ background-color:#E2EBD8;
+ font-family:Arial Narrow;
+ font-size:16px;
+}
+
+.wrappercontainer {
+ width: 1000px;
+ margin: 10px auto;
+ border:5px solid;
+ border-color:#FFFFFF;
+ color:#003300;
+ background: #FFFFFF;
+}
+
+/* top banner */
+.banner {
+ background-color:#66CC00;
+ width:100%;
+ height:45px;
+ background:#66CC00 url(../img/squash.gif) no-repeat 30px 50%;
+}
+
+/* Top right list of links, inside banner */
+.control {
+ float:right;
+ text-align:right;
+ margin: 2px;
+}
+
+/* A menucontainer can hold several menu lines */
+.menucontainer {
+ margin-top:10px;
+ margin-bottom:10px;
+}
+
+.menu {
+ clear:left;
+}
+
+/* menus div contains:
+ - div.menuhead
+ - a
+ - a.selected */
+.menu .menuhead, .menu a {
+ float:left;
+ margin:1px;
+ padding:3px 8px;
+ border:1px solid;
+}
+
+.menu .menuhead {
+ background-color:#66CC00;
+ color:#003300;
+ border-color:#66CC00;
+}
+
+.menu a {
+ background-color:#C7F09E;
+ color:#003300;
+ border-color:#E2EBD8;
+ text-decoration:none;
+}
+
+.menu a:hover, .menu a.selected {
+ background-color:#339900;
+ color:#FFFFFF;
+ border-color:#E2EBD8;
+}
+
+.menu a.tool {
+ background:inherit;
+ border:inherit;
+ text-decoration:underline;
+ color:inherit;
+ margin-left: 40px;
+ font-size: 12px;
+ padding-top: 5px;
+ padding-bottom: 1px;
+}
+.menu a.tool:hover {
+ color:#FF6600;
+}
+
+/* main content container */
+.content {
+ clear:left;
+ margin-top:10px;
+ float:left;
+ padding-right:5px;
+ width:600px;
+}
+
+/* misc */
+.bottomimage {
+ background: #FFFFFF url(../img/gp1.gif) no-repeat 95% 95%;
+ clear:both;
+ float:right;
+ width:300px;
+ height:146px;
+}
+
+.footer {
+ clear:both;
+ margin-top:10px;
+ background-color:#66CC00;
+ text-align:center;
+ background:#66CC00 url(../img/gplogobottomright.gif) no-repeat 100%;
+}
+
+.clear {
+ clear:both;
+}
+
+a {
+ color:#003300;
+}
+
+a:hover {
+ color:#FF6600;
+}
+
+/* These are used by logs : */
+table.log {
+ border-spacing:0;
+ spacing:0;
+ padding:0;
+ width:1000px;
+ background-color:#C7F09E;
+}
+
+tr.logentry_header {
+ background-color:#339900;
+ color:#FFFFFF;
+ border:1px solid;
+ border-color:#C7F09E;
+ text-align:center;
+}
+
+tr.logentry_download, tr.logentry_delete, tr.logentry_login, tr.logentry_empty {
+ background-color:#C7F09E;
+ color:#003300;
+ margin:1px;
+ border:1px solid;
+ border-color:#C7F09E;
+}
+
+tr.logentry_empty {
+ text-align:center;
+}
+
+tr.logentry_download:hover, tr.logentry_delete:hover, tr.logentry_login:hover {
+ background-color:#339900;
+ color:#FFFFFF;
+}
+
+/* there are used on index, for each file block : */
+.item, .status1, .status2, .status3 {
+ position:relative;
+ color:#003300;
+ width:600px;
+ border:2px solid;
+ border-color:#FFFFFF;
+ font-size:12px;
+}
+
+.item {
+ background-color:#E2EBD8;
+}
+.status1 {
+ background-color:#FFCCCC;
+}
+.status2 {
+ background-color:#FFFFCC;
+}
+.status3 {
+ background-color:#CCFFCC;
+}
+
+/* name of the file: */
+.name {
+ float:left;
+ left:1px;
+ top:1px;
+ padding-left:1px;
+ z-index:50;
+}
+
+/* size of the file */
+.size {
+ float:right;
+ padding-left:2px;
+ padding-right:3px;
+}
+
+/* date the file was added */
+.added {
+ float:left;
+ padding-left:2px;
+ padding-right:3px;
+}
+
+/* date the file was lasy updated */
+.updated {
+ float:left;
+ padding-left:2px;
+ padding-right:3px;
+}
+
+/* file status (Completed, ...) */
+.status {
+ float:right;
+ top:1px;
+ padding-right:2px;
+ text-align:right;
+ z-index:10;
+}
+
+/* download (partial) link */
+.stream {
+ float:right;
+ padding-left:1px;
+ padding-right:2px;
+}
+
+/* download link */
+.download {
+ float:right;
+ padding-left:1px;
+ padding-right:2px;
+}
+
+/* index mass delete */
+.massdelete {
+ /*position:absolute;*/
+ /*bottom:0;*/
+ float:right;
+ width:300px;
+ /*height:146px;*/
+}
+
+.deletebox {
+ /*visibility: hidden;*/
+}
+
+/* index mass delete wrapper for right column */
+.filler {
+ position:relative;
+ float:right;
+ width:300px;
+ #height:500px;
+}
+
+
+/* users: user list/form wrapper */
+.white_border {
+ clear:both;
+ float:left;
+ border-top:0px solid #FFFFFF;
+ border-bottom:0px solid #FFFFFF;
+}
+
+/* access tool */
+.check_all, .check_allow, .check_deny {
+ float:right;
+ height:20px;
+}
+
+.sample_all, .sample_allow, .sample_deny {
+ float:left;
+ height:20px;
+}
+
+.check_all, .sample_all {
+ background-color:#AAEEAA;
+}
+
+.check_allow, .sample_allow {
+ background-color:#EEEEAA;
+}
+
+.check_deny, .sample_deny {
+ background-color:#EEAAAA;
+}
+
+/* login page */
+
+.login {
+ width:480px;
+ float:none;
+ display:inline-block;
+ border:1px solid #003300;
+ background-color:#C7F09E;
+ margin:100px;
+ padding:10px;
+ text-align:center;
+}
+
+.login input {
+ width:100%;
+ color:#003300;
+ margin: 10px 10px;
+}
+
+.login button {
+ border:1px solid #003300;
+ margin: 10px;
+ padding:3px 8px;
+ background:#66CC00;
+}
+
+.login button:hover {
+ background-color:#339900;
+ color:#ffffff;
+}
--- /dev/null
+<?php
+
+require_once("config.php");
+
+require_once("squasher.class.php");
+
+$salt = md5($_SERVER['REMOTE_ADDR']."|".$_SERVER['HTTP_USER_AGENT']);
+
+if (@$_GET['tools']=="logout"){
+ session_destroy();
+ $_SESSION['creds']['validated'] = false;
+ header( 'Location: '.$_SERVER['PHP_SELF'] ) ;
+}
+
+if (!@$_SESSION['creds']['validated']){
+ validate_user(@$_POST['user'], @$_POST['pass'], $salt);
+}
+
+if ($_SESSION['creds']['validated'] || @$_GET['f']) {
+//if ($_SESSION['creds']['validated']){
+ //load squasher
+ include("squasher.php");
+} else {
+ //show login
+
+ $smarty = get_smarty();
+
+ $smarty->assign('salt', $salt);
+ $smarty->assign('debug', @$_GET['debug']);
+ $smarty->display('login.tpl');
+}
+// vim: syntax=php ts=4 sw=4 sts=4 sr noet
+?>
--- /dev/null
+/*
+ * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
+ * Digest Algorithm, as defined in RFC 1321.
+ * Version 2.1 Copyright (C) Paul Johnston 1999 - 2002.
+ * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
+ * Distributed under the BSD License
+ * See http://pajhome.org.uk/crypt/md5 for more info.
+ */
+
+/*
+ * Configurable variables. You may need to tweak these to be compatible with
+ * the server-side, but the defaults work in most cases.
+ */
+var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
+var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */
+var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */
+
+/*
+ * These are the functions you'll usually want to call
+ * They take string arguments and return either hex or base-64 encoded strings
+ */
+function hex_md5(s){ return binl2hex(core_md5(str2binl(s), s.length * chrsz));}
+function b64_md5(s){ return binl2b64(core_md5(str2binl(s), s.length * chrsz));}
+function str_md5(s){ return binl2str(core_md5(str2binl(s), s.length * chrsz));}
+function hex_hmac_md5(key, data) { return binl2hex(core_hmac_md5(key, data)); }
+function b64_hmac_md5(key, data) { return binl2b64(core_hmac_md5(key, data)); }
+function str_hmac_md5(key, data) { return binl2str(core_hmac_md5(key, data)); }
+
+/*
+ * Perform a simple self-test to see if the VM is working
+ */
+function md5_vm_test()
+{
+ return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72";
+}
+
+/*
+ * Calculate the MD5 of an array of little-endian words, and a bit length
+ */
+function core_md5(x, len)
+{
+ /* append padding */
+ x[len >> 5] |= 0x80 << ((len) % 32);
+ x[(((len + 64) >>> 9) << 4) + 14] = len;
+
+ var a = 1732584193;
+ var b = -271733879;
+ var c = -1732584194;
+ var d = 271733878;
+
+ for(var i = 0; i < x.length; i += 16)
+ {
+ var olda = a;
+ var oldb = b;
+ var oldc = c;
+ var oldd = d;
+
+ a = md5_ff(a, b, c, d, x[i+ 0], 7 , -680876936);
+ d = md5_ff(d, a, b, c, x[i+ 1], 12, -389564586);
+ c = md5_ff(c, d, a, b, x[i+ 2], 17, 606105819);
+ b = md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330);
+ a = md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897);
+ d = md5_ff(d, a, b, c, x[i+ 5], 12, 1200080426);
+ c = md5_ff(c, d, a, b, x[i+ 6], 17, -1473231341);
+ b = md5_ff(b, c, d, a, x[i+ 7], 22, -45705983);
+ a = md5_ff(a, b, c, d, x[i+ 8], 7 , 1770035416);
+ d = md5_ff(d, a, b, c, x[i+ 9], 12, -1958414417);
+ c = md5_ff(c, d, a, b, x[i+10], 17, -42063);
+ b = md5_ff(b, c, d, a, x[i+11], 22, -1990404162);
+ a = md5_ff(a, b, c, d, x[i+12], 7 , 1804603682);
+ d = md5_ff(d, a, b, c, x[i+13], 12, -40341101);
+ c = md5_ff(c, d, a, b, x[i+14], 17, -1502002290);
+ b = md5_ff(b, c, d, a, x[i+15], 22, 1236535329);
+
+ a = md5_gg(a, b, c, d, x[i+ 1], 5 , -165796510);
+ d = md5_gg(d, a, b, c, x[i+ 6], 9 , -1069501632);
+ c = md5_gg(c, d, a, b, x[i+11], 14, 643717713);
+ b = md5_gg(b, c, d, a, x[i+ 0], 20, -373897302);
+ a = md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691);
+ d = md5_gg(d, a, b, c, x[i+10], 9 , 38016083);
+ c = md5_gg(c, d, a, b, x[i+15], 14, -660478335);
+ b = md5_gg(b, c, d, a, x[i+ 4], 20, -405537848);
+ a = md5_gg(a, b, c, d, x[i+ 9], 5 , 568446438);
+ d = md5_gg(d, a, b, c, x[i+14], 9 , -1019803690);
+ c = md5_gg(c, d, a, b, x[i+ 3], 14, -187363961);
+ b = md5_gg(b, c, d, a, x[i+ 8], 20, 1163531501);
+ a = md5_gg(a, b, c, d, x[i+13], 5 , -1444681467);
+ d = md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784);
+ c = md5_gg(c, d, a, b, x[i+ 7], 14, 1735328473);
+ b = md5_gg(b, c, d, a, x[i+12], 20, -1926607734);
+
+ a = md5_hh(a, b, c, d, x[i+ 5], 4 , -378558);
+ d = md5_hh(d, a, b, c, x[i+ 8], 11, -2022574463);
+ c = md5_hh(c, d, a, b, x[i+11], 16, 1839030562);
+ b = md5_hh(b, c, d, a, x[i+14], 23, -35309556);
+ a = md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060);
+ d = md5_hh(d, a, b, c, x[i+ 4], 11, 1272893353);
+ c = md5_hh(c, d, a, b, x[i+ 7], 16, -155497632);
+ b = md5_hh(b, c, d, a, x[i+10], 23, -1094730640);
+ a = md5_hh(a, b, c, d, x[i+13], 4 , 681279174);
+ d = md5_hh(d, a, b, c, x[i+ 0], 11, -358537222);
+ c = md5_hh(c, d, a, b, x[i+ 3], 16, -722521979);
+ b = md5_hh(b, c, d, a, x[i+ 6], 23, 76029189);
+ a = md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487);
+ d = md5_hh(d, a, b, c, x[i+12], 11, -421815835);
+ c = md5_hh(c, d, a, b, x[i+15], 16, 530742520);
+ b = md5_hh(b, c, d, a, x[i+ 2], 23, -995338651);
+
+ a = md5_ii(a, b, c, d, x[i+ 0], 6 , -198630844);
+ d = md5_ii(d, a, b, c, x[i+ 7], 10, 1126891415);
+ c = md5_ii(c, d, a, b, x[i+14], 15, -1416354905);
+ b = md5_ii(b, c, d, a, x[i+ 5], 21, -57434055);
+ a = md5_ii(a, b, c, d, x[i+12], 6 , 1700485571);
+ d = md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606);
+ c = md5_ii(c, d, a, b, x[i+10], 15, -1051523);
+ b = md5_ii(b, c, d, a, x[i+ 1], 21, -2054922799);
+ a = md5_ii(a, b, c, d, x[i+ 8], 6 , 1873313359);
+ d = md5_ii(d, a, b, c, x[i+15], 10, -30611744);
+ c = md5_ii(c, d, a, b, x[i+ 6], 15, -1560198380);
+ b = md5_ii(b, c, d, a, x[i+13], 21, 1309151649);
+ a = md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070);
+ d = md5_ii(d, a, b, c, x[i+11], 10, -1120210379);
+ c = md5_ii(c, d, a, b, x[i+ 2], 15, 718787259);
+ b = md5_ii(b, c, d, a, x[i+ 9], 21, -343485551);
+
+ a = safe_add(a, olda);
+ b = safe_add(b, oldb);
+ c = safe_add(c, oldc);
+ d = safe_add(d, oldd);
+ }
+ return Array(a, b, c, d);
+
+}
+
+/*
+ * These functions implement the four basic operations the algorithm uses.
+ */
+function md5_cmn(q, a, b, x, s, t)
+{
+ return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s),b);
+}
+function md5_ff(a, b, c, d, x, s, t)
+{
+ return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t);
+}
+function md5_gg(a, b, c, d, x, s, t)
+{
+ return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t);
+}
+function md5_hh(a, b, c, d, x, s, t)
+{
+ return md5_cmn(b ^ c ^ d, a, b, x, s, t);
+}
+function md5_ii(a, b, c, d, x, s, t)
+{
+ return md5_cmn(c ^ (b | (~d)), a, b, x, s, t);
+}
+
+/*
+ * Calculate the HMAC-MD5, of a key and some data
+ */
+function core_hmac_md5(key, data)
+{
+ var bkey = str2binl(key);
+ if(bkey.length > 16) bkey = core_md5(bkey, key.length * chrsz);
+
+ var ipad = Array(16), opad = Array(16);
+ for(var i = 0; i < 16; i++)
+ {
+ ipad[i] = bkey[i] ^ 0x36363636;
+ opad[i] = bkey[i] ^ 0x5C5C5C5C;
+ }
+
+ var hash = core_md5(ipad.concat(str2binl(data)), 512 + data.length * chrsz);
+ return core_md5(opad.concat(hash), 512 + 128);
+}
+
+/*
+ * Add integers, wrapping at 2^32. This uses 16-bit operations internally
+ * to work around bugs in some JS interpreters.
+ */
+function safe_add(x, y)
+{
+ var lsw = (x & 0xFFFF) + (y & 0xFFFF);
+ var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
+ return (msw << 16) | (lsw & 0xFFFF);
+}
+
+/*
+ * Bitwise rotate a 32-bit number to the left.
+ */
+function bit_rol(num, cnt)
+{
+ return (num << cnt) | (num >>> (32 - cnt));
+}
+
+/*
+ * Convert a string to an array of little-endian words
+ * If chrsz is ASCII, characters >255 have their hi-byte silently ignored.
+ */
+function str2binl(str)
+{
+ var bin = Array();
+ var mask = (1 << chrsz) - 1;
+ for(var i = 0; i < str.length * chrsz; i += chrsz)
+ bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (i%32);
+ return bin;
+}
+
+/*
+ * Convert an array of little-endian words to a string
+ */
+function binl2str(bin)
+{
+ var str = "";
+ var mask = (1 << chrsz) - 1;
+ for(var i = 0; i < bin.length * 32; i += chrsz)
+ str += String.fromCharCode((bin[i>>5] >>> (i % 32)) & mask);
+ return str;
+}
+
+/*
+ * Convert an array of little-endian words to a hex string.
+ */
+function binl2hex(binarray)
+{
+ var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
+ var str = "";
+ for(var i = 0; i < binarray.length * 4; i++)
+ {
+ str += hex_tab.charAt((binarray[i>>2] >> ((i%4)*8+4)) & 0xF) +
+ hex_tab.charAt((binarray[i>>2] >> ((i%4)*8 )) & 0xF);
+ }
+ return str;
+}
+
+/*
+ * Convert an array of little-endian words to a base-64 string
+ */
+function binl2b64(binarray)
+{
+ var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+ var str = "";
+ for(var i = 0; i < binarray.length * 4; i += 3)
+ {
+ var triplet = (((binarray[i >> 2] >> 8 * ( i %4)) & 0xFF) << 16)
+ | (((binarray[i+1 >> 2] >> 8 * ((i+1)%4)) & 0xFF) << 8 )
+ | ((binarray[i+2 >> 2] >> 8 * ((i+2)%4)) & 0xFF);
+ for(var j = 0; j < 4; j++)
+ {
+ if(i * 8 + j * 6 > binarray.length * 32) str += b64pad;
+ else str += tab.charAt((triplet >> 6*(3-j)) & 0x3F);
+ }
+ }
+ return str;
+}
--- /dev/null
+<?php
+require_once("config.php");
+
+function zfill($n, $a) {
+ return str_repeat("0", max(0,$a-strlen($n))) . $n;
+}
+
+function named_records_sort($named_recs, $order_by, $reverse=false, $flags=0) {
+ $named_hash = array();
+ foreach ($named_recs as $key => $fields)
+ $named_hash[$key] = $fields[$order_by];
+
+ if ($reverse)
+ arsort($named_hash,$flags=0) ;
+ else
+ asort($named_hash, $flags=0);
+
+ $sorted_records = array();
+ foreach($named_hash as $key => $val)$sorted_records[$key] = $named_recs[$key];
+
+ return $sorted_records;
+}
+
+function validate_user($username, $password, $salt) {
+ $creds['validated'] = false;
+ $query="SELECT * FROM users WHERE user_name = '".mysql_escape_string($username)."'";
+ $q_result = mysql_query($query);
+ while ($fetched_object = mysql_fetch_object($q_result)) {
+ if (md5($fetched_object->user_pass.$salt) == $password) {
+ //validated
+ $creds['user_id'] = $fetched_object->user_id;
+ $creds['user_name'] = $fetched_object->user_name;
+ $creds['user_level'] = $fetched_object->user_level;
+ $creds['validated'] = true;
+ $log_hash=str_repeat("0",32); // File ID is always empty on login
+ $q="INSERT INTO log (hash,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($log_hash)."','login',".$creds['user_id'].",'".mysql_escape_string($creds['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())";
+ mysql_query($q);
+ }
+ }
+ $_SESSION['creds'] = $creds;
+ return $creds['validated'];
+}
+
+
+function get_smarty() {
+ require_once(SQUASHER_SMARTY_SOURCE); // See config.php
+
+ $smarty = new Smarty;
+ $smarty->setTemplateDir(SQUASHER_SMARTY_TEMPLATES)
+ ->setCompileDir(SQUASHER_SMARTY_TEMPLATES_C)
+ ->setCacheDir(SQUASHER_SMARTY_CACHE);
+
+ return $smarty;
+}
+
+
+class squashweb {
+
+var $basepath;
+var $configs = array();
+var $files = array();
+var $subfolders = array();
+var $folderrights;
+var $userrights;
+var $history = array();
+
+function set_root($root) {
+ $this->basepath = $root;
+}
+
+function get_configs() {
+ return $this->configs;
+}
+
+function subfolders() {
+ return $this->subfolders;
+}
+
+function get_config($h) {
+
+ return $this->configs[$h];
+}
+
+function folderrights() {
+ return $this->folderrights;
+}
+
+function userrights() {
+ return $this->userrights;
+}
+
+function update_history() {
+ $q="SELECT md5_hash,file,completed,checked FROM file_hash";
+ $r=mysql_query($q);
+ while($o=mysql_fetch_object($r)) {
+ $this->history[$o->md5_hash]['file']=$o->file;
+ $this->history[$o->md5_hash]['completed']=$o->completed;
+ $this->history[$o->md5_hash]['checked']=$o->checked;
+ }
+}
+
+function get_users($user_level) {
+ $q = "SELECT * FROM users WHERE user_level < ".$user_level." ORDER BY user_name ASC";
+ $r = mysql_query($q);
+
+ while ($o = mysql_fetch_object($r)) {
+ $return[$o->user_id]['id'] = $o->user_id;
+ $return[$o->user_id]['name'] = $o->user_name;
+ $return[$o->user_id]['level'] = $o->user_level;
+ $return[$o->user_id]['enabled'] = ($o->user_pass == '') ? false : true ;
+ }
+
+ return $return;
+}
+
+function get_logs($type='all') {
+ $q="SELECT log.* FROM log WHERE log.user_id != '1' and ip != '87.233.211.2' ";
+ if ($_SESSION['creds']['user_id'] == 1)
+ $q="SELECT log.* FROM log WHERE log.user_id != 'x' ";
+ switch($type) {
+ case "delete":
+ $q.= " AND log.action = 'delete'";
+ break;
+ case "download":
+ $q.= " AND log.action = 'download'";
+ break;
+ case "login":
+ $q.= " AND log.action = 'login'";
+ break;
+ case "debug":
+ $q.= " AND log.action = 'debug'";
+ break;
+ default:
+ $q.= "";
+ break;
+ }
+
+ $today =" AND date > date(date_add(now(), interval -0 day)) ";
+ $yesterday =" AND date < date(date_add(now(), interval -0 day)) AND date > date(date_add(now(), interval -1 day)) ";
+ $lastweek =" AND date < date(date_add(now(), interval -1 day)) AND date > date(date_add(now(), interval -6 day)) ";
+ $older =" AND date < date(date_add(now(), interval -7 day)) AND date > date(date_add(now(), interval -30 day)) ";
+
+ $order=" ORDER BY log.log_id desc ";
+ $r = mysql_query($q.$today.$order);
+ $return = array();
+ while($a = mysql_fetch_array($r)) {
+ $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
+ $ru = mysql_query($qu);
+ $a['users_from_ip'] = " | ";
+ while($au = mysql_fetch_array($ru))
+ $a['users_from_ip'] .= $au['user_name']." | ";
+ $return['today'][$a['log_id']] = $a;
+ }
+ $r = mysql_query($q.$yesterday.$order);
+ while($a = mysql_fetch_array($r)) {
+ $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
+ $ru = mysql_query($qu);
+ $a['users_from_ip'] = " | ";
+ while($au = mysql_fetch_array($ru))
+ $a['users_from_ip'] .= $au['user_name']." | ";
+ $return['yesterday'][$a['log_id']] = $a;
+ }
+ $r = mysql_query($q.$lastweek.$order);
+ while($a = mysql_fetch_array($r)) {
+ $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
+ $ru = mysql_query($qu);
+ $a['users_from_ip'] = " | ";
+ while($au = mysql_fetch_array($ru))
+ $a['users_from_ip'] .= $au['user_name']." | ";
+ $return['lastweek'][$a['log_id']] = $a;
+ }
+ $r = mysql_query($q.$older.$order);
+ while($a = mysql_fetch_array($r)) {
+ $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
+ $ru = mysql_query($qu);
+ $a['users_from_ip'] = " | ";
+ while($au = mysql_fetch_array($ru))
+ $a['users_from_ip'] .= $au['user_name']." | ";
+ $return['older'][$a['log_id']] = $a;
+ }
+
+ return $return;
+}
+
+function insert_users($u, $admin_level) {
+ $user_name = $u['user_name'];
+ $user_pass = $u['user_pass'];
+ $user_level = (int)$u['user_level'];
+
+ $q = "INSERT INTO users (user_name,user_pass,user_level) VALUES ('".mysql_escape_string($user_name)."', '".mysql_escape_string(md5($user_pass))."', ".$user_level.")";
+ $r = mysql_query($q);
+}
+
+function update_users($u) {
+ $user_id = (int)$u['user_id'];
+ $user_name = @$u['user_name'];
+ $user_pass = @$u['user_pass'];
+ $user_level = (int)@$u['user_level'];
+ if ($user_name) {
+ $q = "UPDATE users SET user_name = '".mysql_escape_string($user_name)."' WHERE user_id = ".$user_id;
+ $r = mysql_query($q);
+ }
+ if ($user_pass) {
+ $q = "UPDATE users SET user_pass = '".mysql_escape_string(md5($user_pass))."' WHERE user_id = ".$user_id;
+ $r = mysql_query($q);
+ }
+ if ($user_level) {
+ $q = "UPDATE users SET user_level = ".$user_level." WHERE user_id = ".$user_id;
+ $r = mysql_query($q);
+ }
+}
+
+function disable_users($u) {
+ $user_id = (int)$u['user_id'];
+ $user_name = @$u['user_name'];
+ $user_level = (int)@$u['user_level'];
+ if ($user_name) {
+ $q = "UPDATE users SET user_name = '".mysql_escape_string($user_name)."' WHERE user_id = ".$user_id;
+ $r = mysql_query($q);
+ }
+ $q = "UPDATE users SET user_pass = '' WHERE user_id = ".$user_id;
+ $r = mysql_query($q);
+ if ($user_level) {
+ $q = "UPDATE users SET user_level = ".$user_level." WHERE user_id = ".$user_id;
+ $r = mysql_query($q);
+ }
+ $r = mysql_query($q);
+}
+
+function remove_users($u) {
+ $user_id = (int)$u['user_id'];
+ $q = "DELETE FROM users WHERE user_id = ".$user_id;
+ $r = mysql_query($q);
+}
+
+function get_rights($user_id) {
+ $result = array();
+
+ $q = "SELECT folder_path, access FROM user_rights WHERE user_id = ".(int)$user_id;
+ $r = mysql_query($q);
+ while ($o = mysql_fetch_object($r)) {
+
+ //clean vars
+ $arr_string = '$result';
+
+ //get foldernames from path
+ if ($o->folder_path != '/') {
+ $path = $o->folder_path;
+ if ($path{0}=='/')
+ $path=substr($path,1);
+ $folder_arr = explode('/',$path);
+
+ //create folder structure array
+ foreach ($folder_arr AS $key => $value) {
+ $value_escaped = str_replace("'", "\\'", $value);
+ $arr_string .= "['".$value_escaped."']";
+ }
+ }
+ $arr_string .= "['__access__']";
+
+ eval($arr_string." = '".$o->access."';");
+ }
+ return $result;
+}
+
+function give_rights($user_id, $type='folderrights') {
+ if ($type=='folderrights')
+ $this->folderrights = $this->get_rights($user_id);
+ else // $type=='userrights'
+ $this->userrights = $this->get_rights($user_id);
+}
+
+function update_rights($edited_user, $m, $admin_level) {
+ $q = "SELECT count(*) result FROM users WHERE user_id = ".(int)$edited_user." AND user_level < ".(int)$admin_level;
+ $r = mysql_query($q);
+ $o = mysql_fetch_object($r);
+
+ if ($o->result) {
+ foreach ($m AS $path => $access) {
+ $p_q = "SELECT count(*) result FROM user_rights WHERE user_id = ".(int)$edited_user." AND folder_path = '".mysql_escape_string($path)."'";
+ $p_r = mysql_query($p_q);
+ $p_o = mysql_fetch_object($p_r);
+ if ($p_o->result == 1)
+ mysql_query("UPDATE user_rights SET access = ".(int)$access." WHERE folder_path = '".mysql_escape_string($path)."' AND user_id = ".(int)$edited_user);
+ if ($p_o->result == 0)
+ mysql_query("INSERT INTO user_rights (user_id,folder_path,access) values (".(int)$edited_user.",'".mysql_escape_string($path)."',".(int)$access.") ");
+ }
+ }
+}
+
+
+function show_rights_tree($path, $depth=0, $userid=0) {
+
+ if ($userid==0)
+ return false;
+ if ($depth==0)
+ $this->give_rights($userid, 'userrights');
+
+ // access = 0 --deny-all
+ // access = 1 --allow-dir-only
+ // access = 2 --allow-inc-subs
+
+ $layout = '';
+ $style = '';
+
+ for ($i=0; $i<$depth; $i++)
+ $layout .= " ";
+ if ($dir = opendir($path)) {
+ $layout .= "<div style='clear:both;' >\n";
+ $f = 0;
+ while (false !== ($file = readdir($dir))) {
+ $files_array[] = $file;
+ }
+ asort($files_array);
+ foreach ($files_array as $f_index => $file) {
+ if (($file{0} !== ".") && ($file !== ".."))
+ {
+ $filename = $path."/".$file;
+ if (!is_file($filename) && $this->got_rights_array($filename) > 0) {
+ $f++;
+ if (substr($filename,0,strlen($this->basepath))==$this->basepath)
+ $name = substr($filename,strlen($this->basepath));
+ $check = $this->got_rights_array_admin($filename, $this->userrights);
+ $check_all = '';
+ $check_allow = '';
+ $check_deny = '';
+ switch($check) {
+ case 2:
+ $check_all = 'checked';
+ break;
+ case 1:
+ $check_allow = 'checked';
+ break;
+ case 0:
+ default:
+ $check_deny = 'checked';
+ break;
+ }
+
+ if ($f==1)
+ $style[$depth] = ".depth".$depth."{float:right;width:".(600-($depth*10))."px;border-left:2px solid #FFFFFF;border-top:1px solid #FFFFFF;background:#".dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).";}";
+ if ($f==1)
+ $layout .= "<div class='depth".$depth."'>";
+ $layout .= "<div class='white_border' >".htmlspecialchars($file)."</div>\n";
+ $name_escaped = htmlspecialchars($name);
+ $layout .= '<div class="check_deny"><input name="m['.$name_escaped.']" value=0 type=radio '.$check_deny."></div>\n";
+ $layout .= '<div class="check_allow"><input name="m['.$name_escaped.']" value=1 type=radio '.$check_allow."></div>\n";
+ $layout .= '<div class="check_all"><input name="m['.$name_escaped.']" value=2 type=radio '.$check_all."></div>\n";
+ $sub_return = $this->show_rights_tree($filename,$depth+1,$userid);
+ if (is_array($style) && is_array($sub_return['style']))
+ $style = $style + $sub_return['style'];
+ $layout .= $sub_return['layout'];
+ }
+ }
+ }
+ if ($f!=0)
+ $layout .= "</div>";
+ $layout .= "</div>\n";
+ }
+
+ $return['style'] = $style;
+ $return['layout'] = $layout;
+
+ return $return;
+}
+
+function got_rights_array($needle, $haystack='', $c=0) {
+ // used by:
+ // - read_single_file
+ // - read_directory
+ // - show_rights_tree
+
+ if (!is_array($haystack))
+ $haystack = $this->folderrights;
+ if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
+ $needle=substr($needle,strlen($this->basepath));
+
+ // check root rights
+ if ($needle{0} == '/' && @$haystack['__access__'] == 2 )
+ return 2;
+
+ // remove leading /
+ if ($needle{0}=='/')
+ $needle = substr($needle, 1);
+
+ $needle_arr = explode('/', $needle);
+ $n = count($needle_arr);
+ $d = $c + 1;
+
+ foreach ($haystack as $k => $v) {
+ if ($needle_arr[$c] == $k) {
+ if (!is_array(@$v['__access__'])) {
+ if ($v['__access__'] == 2 ) return 2;
+ if ($v['__access__'] == 1 && $d == $n ) return 1;
+ if ($v['__access__'] == 0 && $d == $n ) return 0;
+ } else {
+ $return = $this->got_rights_array($needle, $v, $d);
+ }
+ }
+ }
+ return $return;
+}
+
+function got_rights_array_admin($needle, $haystack='', $c=0) {
+ // used by:
+ // - show_rights_tree
+
+ if (!is_array($haystack))
+ $haystack = $this->folderrights;
+ if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
+ $needle = substr($needle, strlen($this->basepath));
+
+ // check root rights
+ if ($needle{0} == '/' && @$haystack['__access__'] == 2 )
+ return 2;
+
+ // remove leading /
+ if ($needle{0} == '/')
+ $needle = substr($needle, 1);
+
+ $needle_arr = explode('/', $needle);
+ $n = count($needle_arr);
+ $d = $c + 1;
+ $return = 0;
+
+ if ($c < $n) {
+ if (@$haystack['__access__'] == 2)
+ return $haystack['__access__'];
+ if (is_array($haystack[$needle_arr[$c]]))
+ $return = $this->got_rights_array_admin($needle, $haystack[$needle_arr[$c]], $d);
+ } else {
+ if (@$haystack['__access__'] > 0)
+ $return = $haystack['__access__'];
+ }
+
+ return $return;
+}
+
+function got_rights_array_recursive($needle, $haystack='', $c=0) {
+ // used by:
+ // - read_directory, for subfolders
+
+ if (!is_array($haystack))
+ $haystack = $this->folderrights;
+ if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
+ $needle=substr($needle, strlen($this->basepath));
+
+ // check root rights
+ if($needle{0}=='/' && @$haystack['__access__'] == 2 )
+ return 2;
+
+ // check folder rights
+ if($needle{0}=='/')
+ $needle=substr($needle,1);
+
+ $needle_arr = explode('/', $needle);
+ $n = count($needle_arr);
+ $d = $c + 1;
+ $return = 0;
+
+ foreach($haystack as $k => $v) {
+ if ($c < sizeof($needle_arr) && $needle_arr[$c] == $k) {
+ if ($c < $n) {
+ if ($v['__access__'] == 2)
+ $return = $return + $v['__access__'];
+ $return = $return + $this->got_rights_array_recursive($needle, $v, $d);
+ } else {
+ $return = $return + $this->in_array_recursive($v);
+ }
+ } elseif ($c == $n) {
+ $return = $return + $v['__access__'];
+ if($k != '__access__')$return = $return + $this->in_array_recursive($v);
+ }
+ }
+
+ return $return;
+}
+
+function in_array_recursive($haystack) {
+ $return = 0;
+ if (is_array($haystack)) {
+ foreach ($haystack as $key1 => $value1) {
+ if (is_array($value1)) {
+ $return = $return + $this->in_array_recursive($value1);
+ }
+ elseif ($value1 > 0) {
+ return $value1;
+ }
+ }
+ }
+ return $return;
+}
+
+function read_single_file($path, $file) {
+ $filename = $path."/".$file;
+ $i = 0;
+ if ($this->got_rights_array($path) > 0) {
+ if (is_file($filename.'.Completed'))
+ $file.='.Completed';
+ if (is_file($filename.'.InProgress'))
+ $file.='.InProgress';
+ if (is_file($filename.'.Starting'))
+ $file.='.Starting';
+ if (is_file($filename.'.Processed'))
+ $file.='.Processed';
+ $filename = $path . "/" . $file;
+ $handle = @fopen($filename, "rb");
+ if (strpos($file,'.Completed'))
+ $ext='.Completed';
+ if (strpos($file,'.InProgress'))
+ $ext='.InProgress';
+ if (strpos($file,'.Starting'))
+ $ext='.Starting';
+ if (strpos($file,'.Processed'))
+ $ext='.Processed';
+ $sub_pos = strpos($file, $ext);
+ $base_name = substr($file, 0, $sub_pos);
+ $filecontent = @fread($handle, @filesize($filename));
+ $config[$i] = explode("\r\n", $filecontent);
+ /***
+ * $config:: array
+ * [0] -> versioncode
+ * [1] -> date&time
+ * [2] -> filename
+ * [3] -> filesize
+ * [4] -> chunksize
+ * [5] -> chunkcount
+ * [6] -> CRC32 checksum
+ ***/
+ if (@filesize($filename) > 0) {
+ $h = md5($path."/".$config[$i][2]);
+ $this->configs[$h] = $config[$i];
+ $this->configs[$h]['squashed'] = true;
+ $this->configs[$h]['path'] = $path;
+ $this->configs[$h]['status'] = substr($ext, 1);
+ $this->configs[$h]['mime'] = $this->set_mime($this->configs[$h][2]);
+ $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
+ //to prevent dates of 1-1-1970 we set te dates of the config file
+ $this->configs[$h]['added'] = filectime($filename);
+ $this->configs[$h]['lastchange'] = filemtime($filename);
+ fclose($handle);
+ $this->populate_stats($path, $h);
+ //insert hash in db
+ #$this->update_hash($h,$path."/".$config[$i][2]);
+ //check stats
+ $this->check_stats($h);
+ }
+ }
+}
+
+
+function read_directory($path, $getsubs=false, $getfirstfiles=true, $getdeepfiles=true, $populate=true) {
+
+ if ($dir = @opendir($path)) {
+ $i = 0;
+ $last = 1;
+ while (false !== ($file = readdir($dir))) {
+ if (($file{0} !== ".") && substr($file,0,1) !== "SQ") {
+ $filename = $path."/".$file;
+ if (!is_file($filename) && strpos($filename, './uploads/recieving')===false) {
+ if ($getsubs) {
+ if ($this->got_rights_array_recursive($filename) > 0) {
+ $key = substr($path, strlen($this->basepath)) . '/' . $file;
+ $this->subfolders[$key] = $file;
+ }
+ }
+ if ($getdeepfiles)
+ $this->read_directory($filename, false, $getdeepfiles, $getdeepfiles, $populate);
+ } elseif (strpos($filename,'./uploads/ftp')) { //ftp files
+ if ($this->got_rights_array($path) > 0 && !strpos($filename, '.hidden') ) {
+ $h = md5($filename);
+ $name_only = substr($filename, strlen($path)+1);
+ $file_structure = explode('.', $name_only);
+ $ext = array_pop($file_structure);
+ $base_name = array_pop($file_structure);
+ $this->configs[$h]['path'] = $path;
+ $this->configs[$h][0] = 'manual ftp';
+ $this->configs[$h][2] = $name_only;
+ $this->configs[$h][3] = filesize($filename);
+ $this->configs[$h]['added'] = filectime($filename);
+ $this->configs[$h]['lastchange'] = filemtime($filename);
+ $this->configs[$h]['status'] = 'unknown';
+ $this->configs[$h]['squashed'] = false;
+ $this->configs[$h]['mime'] = $this->set_mime($name_only);
+ $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
+ }
+ } elseif ($getfirstfiles) {
+ //squashed files
+ if ($this->got_rights_array($path) > 0) {
+ if (strpos($filename, '.Completed') || strpos($filename, '.InProgress') || strpos($filename, '.Starting') || strpos($filename, '.Processed')) {
+ $i++;
+ $handle = @fopen($filename, "rb");
+ if (strpos($file,'.Completed'))
+ $ext='.Completed';
+ if (strpos($file,'.InProgress'))
+ $ext='.InProgress';
+ if (strpos($file,'.Starting'))
+ $ext='.Starting';
+ if (strpos($file,'.Processed'))
+ $ext='.Processed';
+ $sub_pos = strpos($file, $ext);
+ $base_name = substr($file, 0, $sub_pos);
+ $filecontent = @fread($handle, @filesize($filename));
+ $config[$i] = explode("\r\n", $filecontent);
+
+ /***
+ * $config:: array
+ * [0] -> versioncode
+ * [1] -> date&time
+ * [2] -> filename
+ * [3] -> filesize
+ * [4] -> chunksize
+ * [5] -> chunkcount
+ * [6] -> CRC32 checksum
+ ***/
+
+ if (@filesize($filename) > 0) {
+ $h = md5($path."/".$config[$i][2]);
+ $this->configs[$h] = $config[$i];
+ $this->configs[$h]['squashed'] = true;
+ $this->configs[$h]['path'] = $path;
+ $this->configs[$h]['status'] = substr($ext, 1);
+ $this->configs[$h]['mime'] = $this->set_mime($this->configs[$h][2]);
+ $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
+ //to prevent dates of 1-1-1970 we set te dates of the config file
+ $this->configs[$h]['added'] = filectime($filename);
+ $this->configs[$h]['lastchange'] = filemtime($filename);
+ fclose($handle);
+ $this->populate_stats($path, $h);
+ //insert hash in db
+ $this->update_hash($h, $path."/".$config[$i][2]);
+ //check stats
+ $this->check_stats($h);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
+
+function check_stats($h) {
+ $config = $this->get_config($h);
+ $count = @array_sum($config['stats']);
+ if ($config['status']=='Completed' && $count != $config[5]) {
+ $filepath=$config['path'].'/'.$config[2];
+ if ($this->history[$h]['completed']=="1") {
+ //don't display broken file, remove it instead
+ unlink($config['path'].'/'.$config[2].'.Completed');
+ unset($this->configs[$h]);
+
+ if (!$count)
+ $count = 0;
+ $m_subject = "Squasher Debug: File Removed";
+ $m_body = "Upload removed: \n File: ".$config['path']."/".$config[2]." \n Status: ".$config['status']." \n Chunks: ".$count." out of ".$config[5];
+ mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+ $qlog = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','debug',-1,'squasher-web','cleanup',NOW())";
+ mysql_query($qlog);
+ } else {
+ //do move
+ rename($config['path'].'/'.$config[2].'.Completed', $config['path'].'/'.$config[2].'.InProgress');
+ $this->configs[$h]['status'] = 'InProgress';
+
+ //mail n4m
+ if (!$count)
+ $count = 0;
+ $m_subject = "Squasher Debug: Upload Error";
+ $m_body = "Upload error: \n File: ".$config['path']."/".$config[2]." \n Status: ".$config['status']." \n Chunks: ".$count." out of ".$config[5];
+ mail('support@netformatie.nl', $m_subject, $m_body, "From: squasher@netformatie.nl");
+ mail('jan@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+ mail('joop@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+ mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+
+ //do sms
+ //wget -o/dev/null "http://www.mollie.nl/xml/sms/?username=netformatie&password=SMSdolsi&originator=Netformatie&recipients=${ENGINEER}&message=${CALLERID}";
+
+ //mail RO
+ $ship = explode('/',$config['path']);
+ if ($ship[2] == 'myas' || $ship[2] == 'myez' || $ship[2] == 'myrw')
+ mail('ro1@'.$ship[2].'.greenpeace.org','Squasher: '.$config[2].' resume request','The squasher server has detected an upload error. Please resume the squasher transmission for '.$config[2].' to correct this problem.',"From: support@netformatie.nl\nX-Priority: 1");
+
+ $qlog = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','debug',-1,'squasher-web','retry',NOW())";
+ mysql_query($qlog);
+
+ }
+ } elseif ($config['status']=='Completed' && $count == $config[5]) {
+ if ($this->history[$h]['completed']==0)
+ mysql_query("UPDATE file_hash SET completed = 1 WHERE md5_hash = '".mysql_escape_string($h)."'");
+ }
+}
+
+function update_hash($hash, $path) {
+ $check_hash_query = "select * from file_hash where md5_hash = '".$hash."'";
+ $check_hash_result = mysql_query($check_hash_query);
+ if(mysql_num_rows($check_hash_result) == 0) {
+ $insert_hash_query = "INSERT INTO file_hash (md5_hash,file) values ('".mysql_escape_string($hash)."','".mysql_escape_string($path)."')";
+ mysql_query($insert_hash_query);
+ }
+}
+
+function path_to_arraystring($path, $arrayname) {
+ $path_values = explode('/', $path);
+ $return = $arrayname;
+ foreach ($path_values AS $key => $value) {
+ if ($value != '.' && $value != '')
+ $return.= "['".$value."']";
+ }
+ return $return;
+}
+
+function populate_stats($path, $h) {
+ /***
+ * $config:: array
+ * [0] -> versioncode
+ * [1] -> date&time
+ * [2] -> filename
+ * [3] -> filesize
+ * [4] -> chunksize
+ * [5] -> chunkcount
+ * [6] -> CRC32 checksum
+ ***/
+ $config = $this->configs[$h];
+
+ $q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($h)."'";
+ $r = mysql_query($q);
+ $o = mysql_fetch_object($r);
+ $validated_chunks = $o->validated_chunks;
+
+ if ($this->history[$h]['completed']=="1") {
+ $file_part = $path."/SQ".zfill(1,6)."-".$config[2];
+ if (!is_file($file_part))
+ $file_part = $path."/SQ".zfill(1,3)."-".$config[2];
+ if (is_file($file_part)) {
+ $this->configs[$h]['added'] = filectime($file_part);
+ $file_part = $path."/SQ".zfill($config[5],6)."-".$config[2];
+ if (!is_file($file_part))
+ $file_part = $path."/SQ".zfill($config[5],3)."-".$config[2];
+ if (is_file($file_part))
+ $this->configs[$h]['lastchange'] = filemtime($file_part);
+ for ($i=1; $i<=$config[5]; $i++)
+ $this->configs[$h]['stats'][$i] = "1.00";
+ } else {
+ //failsafe voor verwijderde bestanden
+ mysql_query("UPDATE file_hash SET completed = 0 WHERE md5_hash = '".mysql_escape_string($h)."'");
+ }
+ } else {
+ $keep_validating = true;
+ for ($i=1; $i<=$config[5]; $i++) {
+ if ($validated_chunks > $i) {
+ $this->configs[$h]['stats'][$i]="1.00";
+ } else {
+ $file_part = $path."/SQ".zfill($i,6)."-".$config[2];
+ if (!is_file($file_part))
+ $file_part = $path."/SQ".zfill($i,3)."-".$config[2];
+ if (is_file($file_part)) {
+ $handle = fopen($file_part, "rb");
+ $size_this = filesize($file_part);
+ $added = filectime($file_part);
+ $last_changed = filemtime($file_part);
+ if ($this->configs[$h]['added'] > $added || !is_numeric($this->configs[$h]['added']))
+ $this->configs[$h]['added'] = $added;
+ if ($this->configs[$h]['lastchange'] < $last_changed)
+ $this->configs[$h]['lastchange'] = $last_changed;
+ if ($i != $config[5]) {
+ $this->configs[$h]['stats'][$i] = number_format((1/$config[4])*$size_this, 2, '.', '');
+ //number_format((100/$config[4])*$size_this, 2, '.', '')."%";
+ }else{
+ $this->configs[$h]['stats'][$i] = number_format((1/($config[3]-($config[4]*($config[5]-1))))*$size_this, 2, '.', '');
+ //number_format((100/($config[3]-($config[4]*($config[5]-1))))*$size_this, 2, '.', '')."%";
+ }
+ fclose($handle);
+ if ($config[4] == $size_this && $keep_validating) {
+ $validated_chunks = $i;
+ } else {
+ $keep_validating = false;
+ }
+ } else {
+ $this->configs[$h]['stats'][$i] = "0.00";
+ //$this->configs[$h]['stats'][$i]="0.00%";
+
+ }
+ }
+ }
+ mysql_query("UPDATE file_hash SET validated_chunks = '".mysql_escape_string($validated_chunks)."' WHERE md5_hash = '".mysql_escape_string($h)."'");
+ }
+}
+
+function read_config($path, $filename) {
+ if (is_file($path."/".$filename.".InProgress")) {
+ $config_handle = fopen($path."/".$filename.".InProgress", "r");
+ $conf_path=$path."/".$filename.".InProgress";
+ } elseif (is_file($path."/".$filename.".Completed" )) {
+ $config_handle = fopen($path."/".$filename.".Completed", "r");
+ $conf_path=$path."/".$filename.".Completed";
+ } elseif (is_file($path."/".$filename.".Starting" )) {
+ $config_handle = fopen($path."/".$filename.".Starting", "r");
+ $conf_path=$path."/".$filename.".Starting";
+ } elseif (is_file($path."/".$filename.".Processed" )) {
+ $config_handle = fopen($path."/".$filename.".Processed", "r");
+ $conf_path=$path."/".$filename.".Processed";
+ } else {
+ return "Not Found";
+ }
+ $config_content = fread($config_handle, filesize($conf_path));
+ fclose($config_handle);
+ $config = explode("\n", $config_content);
+
+ return $config;
+// print_r($config);
+/* $file_count = $config[5];
+ $last=1;
+ for ($i=1; $i<=$file_count; $i++)
+ {
+ $file_part = $path."/SQ".zfill($i,6)."-".$filename;
+ if (is_file($file_part))
+ {
+
+ $handle = fopen($file_part, "rb");
+ $size_this = filesize($file_part);
+ //$stats[$i]=round((100/$config[4])*$size_this)."%";
+ if ((($size_this==$config[4] && ($last+1)==$i) )|| $i == $config[5]) {
+ $merged_file.=fread($handle, filesize($file_part));
+ $last = $i;
+ }
+ fclose($handle);
+ }
+ }
+ return $merged_file;
+ */
+}
+
+function print_files($path, $filename, $tovar=false) {
+ if (strpos($path, './uploads/ftp')) {
+ $filestring = $path.'/'.$filename;
+ if (is_file($filestring)) {
+ $handle = fopen($filestring, "rb");
+ while (!feof($handle))
+ {
+ print(fread($handle, 1024));
+ ob_flush();
+ flush();
+ }
+ }
+ } else {
+ if (is_file($path."/".$filename.".InProgress")) {
+ $config_handle = fopen($path."/".$filename.".InProgress", "r");
+ $conf_path=$path."/".$filename.".InProgress";
+ } elseif (is_file($path."/".$filename.".Completed" )) {
+ $config_handle = fopen($path."/".$filename.".Completed", "r");
+ $conf_path=$path."/".$filename.".Completed";
+ } elseif (is_file($path."/".$filename.".Starting" )) {
+ $config_handle = fopen($path."/".$filename.".Starting", "r");
+ $conf_path=$path."/".$filename.".Starting";
+ } elseif (is_file($path."/".$filename.".Processed" )) {
+ $config_handle = fopen($path."/".$filename.".Processed", "r");
+ $conf_path=$path."/".$filename.".Processed";
+ } else{
+ return "Not Found";
+ }
+ $config_content = fread($config_handle, filesize($conf_path));
+ fclose($config_handle);
+ $config = explode("\n",$config_content);
+// print_r($config);
+ $file_count = $config[5];
+ $last = 0;
+ $last_part_size = ( $config[3] - ( ( $config[5] -1 ) * $config[4] ) );
+ for ($i=0;$i<=$file_count;$i++)
+ {
+ $file_part = $path."/SQ".zfill($i,6)."-".$filename;
+ if (!is_file($file_part))
+ $file_part = $path."/SQ".zfill($i,3)."-".$filename;
+ if (is_file($file_part))
+ {
+ $handle = fopen($file_part, "rb");
+ $size_this = filesize($file_part);
+ if ( ( ( $size_this==$config[4] ) && ( ($last+1)==$i ) ) || ( ( $i == $config[5] ) && ( $size_this==$last_part_size ) && ( ($last+1)==$i ) ) ) {
+ if ($tovar) {
+ $merged_file.=fread($handle, $size_this);
+ $last = $i;
+ } else {
+ while (!feof($handle))
+ {
+ print(fread($handle, 4096));
+ # @ob_flush();
+ # @flush();
+ }
+ $last = $i;
+ }
+ }
+ fclose($handle);
+ }
+ }
+ if ($tovar)
+ return $merged_file;
+ }
+}
+
+function check_md5($h) {
+ $return = false;
+ $config = $this->configs[$h];
+ $var = $this->print_files($config['path'], $config[2], true);
+ $hash = md5($var);
+ if ($hash==$config[6])
+ $return=true;
+
+ return $return;
+}
+
+function file_crc($file_string) {
+ //$file_string = file_get_contents($file);
+
+ $crc = crc32($file_string);
+ return sprintf("%u\n", $crc);
+}
+
+function file_crc_debug($file) {
+ $file_string = file_get_contents($file);
+
+ $crc = crc32($file_string);
+ return sprintf("%u\n", $crc);
+}
+
+function delete_file($h, $s) {
+ $request = $this->get_config($h);
+ $filepath=$request['path'].'/'.$request[2];
+ if (strpos($request['path'], './uploads/ftp')) {
+ #remove file
+ if (is_file($filepath))
+ @unlink($filepath);
+ if (is_file($filepath.'.hidden'))
+ @unlink($filepath.'.hidden');
+ } else {
+ #remove fileparts
+ for ($i=0;$i<=$request[5];$i++) {
+ $part_six = $request['path']."/SQ".zfill($i,6)."-".$request[2];
+ $part_three = $request['path']."/SQ".zfill($i,3)."-".$request[2];
+ if (is_file($part_six))
+ @unlink($part_six);
+ if (is_file($part_three))
+ @unlink($part_six);
+ }
+ #remove config file
+ if (is_file($request['path'].'/'.$request[2].'.hidden')) @unlink($request['path'].'/'.$request[2].'.hidden');
+ if (is_file($request['path'].'/'.$request[2].'.Completed')) @unlink($request['path'].'/'.$request[2].'.Completed');
+ if (is_file($request['path'].'/'.$request[2].'.InProgress'))@unlink($request['path'].'/'.$request[2].'.InProgress');
+ if (is_file($request['path'].'/'.$request[2].'.Processed')) @unlink($request['path'].'/'.$request[2].'.Processed');
+ if (is_file($request['path'].'/'.$request[2].'.Starting')) @unlink($request['path'].'/'.$request[2].'.Starting');
+ }
+
+ #Update DB
+ $q = "DELETE FROM file_hash WHERE file_hash = '".mysql_escape_string($h)."'";
+ mysql_query($q);
+ $q = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','delete',".(int)$s['user_id'].",'".mysql_escape_string($s['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())";
+ mysql_query($q);
+
+ #Send debug mail
+ $m_name = $s['user_name'];
+ $m_subject = "Squasher Debug: File Deleted by {$m_name}";
+ $m_body = "File Deleted: \n Requested by: {$m_name} \n File: {$filepath}";
+ mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+}
+
+function show_files() {
+
+ $path = "./uploads/";
+
+ if ($dir = opendir($path)) {
+ $i = 1;
+ $last = 1;
+ $files = array();
+ $files_merged = array();
+ while (false !== ($file = readdir($dir)))
+ {
+ if (($file !== ".") && ($file !== ".."))
+ {
+ $filename = $path.$file;
+ $handle = fopen($filename, "rb");
+ $size_this = filesize($filename);
+ if ($i==1)
+ $size_first = $size_this;
+ $filecontent = fread($handle, filesize($filename));
+ $files[$i++] = $filename;
+ $files_merged[$file_base][]=$filename;
+ fclose($handle);
+ }
+ }
+ }
+ echo "<pre>";
+ print_r($files);
+ print_r($files_merged);
+ echo "</pre>";
+}
+
+function set_mime($filename) {
+ $ext_arr = explode('.', $filename);
+ $ext = strtolower(array_pop($ext_arr));
+ switch($ext) {
+ case 'avi':
+ $mime = 'video/avi';
+ break;
+ case 'mpeg':
+ case 'mpg':
+ $mime = 'video/mpeg'; //MPEG Video
+ break;
+ case 'exe':
+ case 'bat':
+ case 'doc':
+ case 'xls':
+ $mime = 'application/octet-stream';
+ break;
+ case 'gif':
+ $mime = 'image/gif'; //GIF Image
+ break;
+ case 'jpg':
+ case 'jpeg':
+ $mime = 'image/jpeg'; //JPEG Image
+ break;
+ case 'png':
+ $mime = 'image/png'; //PNG Image
+ break;
+ case 'wav':
+ case 'wave':
+ $mime = 'audio/wav'; //WAV Audio
+ break;
+ case 'mp3':
+ $mime = 'audio/mpeg'; //MP3 Audio
+ break;
+ case 'mov':
+ $mime = 'video/mov'; //Quicktime Video
+ break;
+ case 'wmv':
+ $mime = 'video/x-ms-wmv'; //Windows WMV video
+ break;
+ case 'wma':
+ $mime = 'audio/x-ms-wma'; //Windows WMA audio
+ break;
+ case 'rm':
+ $mime = 'audio/x-realaudio'; //RealPlayer Audio/Video (.rm)
+ break;
+ case 'ram':
+ $mime = 'audio/x-pn-realaudio'; //RealPlayer Audio/Video (.ram)
+ break;
+ case 'pdf':
+ $mime = 'application/pdf'; //PDF Document
+ break;
+ case 'doc':
+ $mime = 'application/msword'; //MS Word .doc file
+ break;
+ case 'zip':
+ $mime = 'application/zip'; //Zip File
+ break;
+ default:
+ $mime = 'application/octet-stream';
+ break;
+ }
+ //$return['mime']=$mime;
+ //$return['ext']=$ext;
+
+ return $mime;
+}
+
+}
+// vim: syntax=php ts=4 sw=4 sts=4 sr noet
+?>
--- /dev/null
+<?php
+if (!$_SESSION['creds']['validated'] && !isset($_GET['f']))
+ exit();
+
+require_once("squasher.class.php");
+
+$squashweb = new squashweb();
+
+$squashweb->update_history();
+
+//set root directory
+$basedir = "../uploads";
+if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1) {
+ $subf = $_GET['path'];
+ $path = $basedir . $subf;
+} else {
+ $subf = '/';
+ $path = $basedir;
+}
+
+$squashweb->set_root($basedir);
+
+if (@$_GET['f'] || @$_GET['tools']=='hide' || @$_GET['tools']=='unhide' || @$_GET['tools']=='delete') {
+ $getdeepfiles=true;
+ $populate=false;
+} else {
+ $getdeepfiles=false;
+ $populate=true;
+}
+
+//update folder rights if form is posted
+if (@$_POST['edited_user'] > 0 && @$_POST['formtype'] == 'folderrights')
+ $squashweb->update_rights($_POST['edited_user'], $_POST['m'], $_SESSION['creds']['user_level']);
+
+//set folder rights
+if (@$_GET['f']) {
+ $squashweb->give_rights(2);
+} else {
+ $squashweb->give_rights($_SESSION['creds']['user_id']);
+}
+
+if (@$_GET['f']) {
+ $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($_GET['f'])."'";
+ $f_r = mysql_query($f_q);
+ $f_o = mysql_fetch_object($f_r);
+
+ //log downloads
+ @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($_GET['f'])."','".mysql_escape_string($f_o->file)."','download','".mysql_escape_string($_SESSION['creds']['user_id'])."','".mysql_escape_string($_SESSION['creds']['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())");
+
+ $_hpath_arr=explode("/", $f_o->file);
+ $file=array_pop($_hpath_arr); //Remove filename
+ $path=implode("/", $_hpath_arr);
+ $squashweb->read_single_file($path, $file);
+ #$squashweb->read_directory($path, false, true, false, false);
+} else {
+ //parse folders for readable files
+ $squashweb->read_directory($path, true, true, $getdeepfiles, $populate);
+}
+
+//check if a file is requested
+if (@$_GET['f']) {
+ //get the config of requested file
+ $request = $squashweb->get_config($_GET['f']);
+
+ //show requested file
+ #header('Cache-control: private');
+ header('Content-Disposition: attachment; filename="'.$request[2].'"');
+ header("Content-Type: ".$request['mime']);
+ if ($request[3])
+ header('Content-Length: '.$request[3]);
+ #@ob_flush();
+ @flush();
+ $squashweb->print_files($request['path'], $request[2]);
+
+} elseif (@$_GET['tools']=="hide" && @$_GET['h']) {
+ if ($_SESSION['creds']['user_level'] > 99) {
+ $request = $squashweb->get_config($_GET['h']);
+ $handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x');
+ fwrite($handle, 'hidden by '.$_SESSION['creds']['user_name']);
+ fclose($handle);
+ $path=substr($request['path'], strlen($basedir));
+ header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
+ }
+} elseif (@$_GET['tools']=="unhide" && isset($_GET['h'])) {
+ if ($_SESSION['creds']['user_level'] > 99) {
+ $request = $squashweb->get_config($_GET['h']);
+ @unlink($request['path'].'/'.$request[2].'.hidden');
+ $path=substr($request['path'], strlen($basedir));
+ header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
+ }
+} elseif (@$_GET['tools']=="delete" && isset($_GET['h'])) {
+ if ($_SESSION['creds']['user_level'] > 99) {
+ if ($_GET['h'] == "multiple") {
+ $h_post = $_POST['h'];
+ foreach ($h_post as $h_key => $h) {
+ $request = $squashweb->get_config($h);
+ $squashweb->delete_file($h, $_SESSION['creds']);
+ }
+ } else {
+ $h = $_GET['h'];
+ $request = $squashweb->get_config($h);
+ $squashweb->delete_file($h, $_SESSION['creds']);
+ }
+ $path=substr($request['path'], strlen($basedir));
+ header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
+ }
+
+} elseif (@$_POST['tools']=="mkdir" && isset($_GET['path']) && isset($_POST['newname']) && $_SESSION['creds']['user_level'] > 99) {
+ $path = $_GET['path'];
+ $newname = $_POST['newname'];
+ $subs = explode('/', $path);
+ if (in_array('..', $subs))
+ die(); // Hard fails when trying to play above basedir
+ if ($squashweb->got_rights_array_admin($path) > 0) {
+ umask(002); // don't remove g+w
+ mkdir($basedir.'/'.$path.'/'.$newname);
+ }
+ header( 'Location: ?path='.$path.'/'.$newname) ;
+
+} elseif (@$_POST['tools']=="rmdir" && isset($_GET['path']) && $_SESSION['creds']['user_level'] > 99) {
+ $path = $_GET['path'];
+ $subs = explode('/', $path);
+ if (in_array('..', $subs))
+ die(); // Hard fails when trying to play above basedir
+ if ($squashweb->got_rights_array_admin($path) > 0) {
+ rmdir($basedir.$path);
+ }
+ array_pop($subs);
+ $path=implode("/", $subs);
+ header( 'Location: ?path='.$path) ;
+
+} elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) {
+
+ $smarty = get_smarty();
+
+ $smarty->assign('user_level', $_SESSION['creds']['user_level']);
+ $smarty->assign('user_name', $_SESSION['creds']['user_name']);
+ $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
+
+ $smarty->assign('edited_user', @$_GET['user']);
+
+ $tree = $squashweb->show_rights_tree($path, 0, @$_GET['user']);
+
+ $smarty->assign('style', $tree['style']);
+ $smarty->assign('layout', $tree['layout']);
+
+ $smarty->assign('debug', @$_GET['debug']);
+ $smarty->assign('folderrights', $squashweb->folderrights());
+ $smarty->assign('userrights', $squashweb->userrights());
+ $smarty->display('admin.tpl');
+
+} elseif (@$_GET['tools']=='users' && $_SESSION['creds']['user_level'] > 100) {
+ $type = @$_POST['type'];
+ if ($type=="update")
+ $squashweb->update_users($_POST['u']);
+ if ($type=="disable")
+ $squashweb->disable_users($_POST['u']);
+ if ($type=="delete")
+ $squashweb->remove_users($_POST['u']);
+ if ($type=="new")
+ $squashweb->insert_users($_POST['u'], $_SESSION['creds']['user_level']);
+ $smarty = get_smarty();
+
+ $smarty->assign('user_level', $_SESSION['creds']['user_level']);
+ $smarty->assign('user_name', $_SESSION['creds']['user_name']);
+ $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
+
+ if ($_SESSION['creds']['user_level'] > 199) {
+ $smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) );
+ } else {
+ $smarty->assign('user_levels', array(55 => 'user' ) );
+ }
+ $smarty->assign('debug', @$_GET['debug']);
+
+ $smarty->display('udmin.tpl');
+
+} elseif (@$_GET['tools']=='logs' && $_SESSION['creds']['user_level'] > 100) {
+ $logtype=@$_GET['logtype'];
+ if (!$logtype)
+ $logtype = 'all';
+
+ $smarty = get_smarty();
+
+ $smarty->assign('user_level', $_SESSION['creds']['user_level']);
+ $smarty->assign('user_name', $_SESSION['creds']['user_name']);
+ $smarty->assign('logtype', $logtype);
+ $smarty->assign('logs', $squashweb->get_logs($logtype));
+
+ $smarty->assign('debug', @$_GET['debug']);
+ $smarty->display('logs.tpl');
+
+} else {
+ //show overview
+
+ $smarty = get_smarty();
+ /***
+ * $config:: array
+ * [0] -> versioncode
+ * [1] -> date&time
+ * [2] -> filename
+ * [3] -> filesize
+ * [4] -> chunksize
+ * [5] -> chunkcount
+ * [6] -> CRC32 checksum
+ ***/
+
+ $configs_num = $squashweb->get_configs();
+
+ $configs_sorted = named_records_sort($configs_num, 'lastchange', true);
+
+ $configs = array();
+ $paths = array();
+
+ foreach ($configs_sorted as $key => $value) {
+ $configs[$key]['squashed'] = $value['squashed'];
+ $configs[$key]['version'] = $value[0];
+ //$configs[$key]['date'] = $value[1]; //removed because user local creation date is irrelevant
+ $configs[$key]['name'] = $value[2];
+ $configs[$key]['size'] = $value[3];
+ $configs[$key]['chunk_size'] = $value[4];
+ $configs[$key]['chunks'] = $value[5];
+ $configs[$key]['crc'] = $value[6];
+ $paths[substr($value['path'], strlen($basedir))]=array_pop(explode('/',$value['path']));
+ (strpos($value['mime'],'ideo')) ? $embedable=true : $embedable=false;
+ (@array_sum($value['stats']) == $value[5]) ? $finished=true : $finished=false;
+
+ $configs[$key]['embedable'] = $embedable;
+ $configs[$key]['finished'] = $finished;
+ $configs[$key]['mime'] = $value['mime'];
+ $configs[$key]['status'] = $value['status'];
+ $configs[$key]['hidden'] = $value['hidden'];
+ $configs[$key]['chunks_finished'] = @array_sum($value['stats']);
+ if ($finished) {
+ $configs[$key]['chunks_partial'] = $configs[$key]['chunks_finished'];
+ } else {
+ $continue = true;
+ foreach($value['stats'] as $sk => $sv) {
+ if ($continue) {
+ $configs[$key]['chunks_partial'] = $configs[$key]['chunks_partial']+$sv;
+ if ($sv != '1.00') $continue=false;
+ }
+ }
+ }
+ $configs[$key]['date'] = date('d.m.y - H:i:s - T', $value['added']);
+ $configs[$key]['lastchange'] = date('d.m.y - H:i:s - T', $value['lastchange']);
+ }
+
+
+ //set base folders
+ $basepath['/'] = 'top';
+ $bpath = '';
+ foreach (explode('/', $subf) as $key => $value) {
+ if ($value != '') {
+ $bpath .= '/'.$value;
+ $basepath[$bpath] = $value;
+ }
+ }
+ $smarty->assign('debug', @$_GET['debug']);
+ $smarty->assign('user_level', $_SESSION['creds']['user_level']);
+ $smarty->assign('user_name', $_SESSION['creds']['user_name']);
+ $smarty->assign('folderrights', $squashweb->folderrights());
+
+ $smarty->assign('squashed', $configs);
+ $smarty->assign('paths', $paths);
+ $smarty->assign('base', $basepath);
+ $smarty->assign('currentfolder', $subf);
+ $subs = $squashweb->subfolders();
+ if ($subs)
+ asort($subs);
+ $smarty->assign('subfolders', $subs);
+
+ //if(@$_GET[debug]) print_r($configs);
+ $smarty->display('index.tpl'); //Display normal template
+
+}
+// vim: syntax=php ts=4 sw=4 sts=4 sr noet
+?>