Moved php files in webroot/
authorJean-Michel Vourgère <jvourger@greenpeace.org>
Mon, 27 Feb 2017 15:53:04 +0000 (15:53 +0000)
committerJean-Michel Vourgère <jvourger@greenpeace.org>
Thu, 9 Mar 2017 18:06:30 +0000 (18:06 +0000)
Templates have to reason to be web readable
This will leave room for a README file, apache config exemple, ...

23 files changed:
.gitignore
config.php.example [deleted file]
css/squasher.css [deleted file]
img/gp1.gif [deleted file]
img/gplogobottomright.gif [deleted file]
img/squash.gif [deleted file]
img/tree-folder.gif [deleted file]
img/tree-line.gif [deleted file]
index.php [deleted file]
js/md5.js [deleted file]
squasher.class.php [deleted file]
squasher.php [deleted file]
webroot/config.php.example [new file with mode: 0644]
webroot/css/squasher.css [new file with mode: 0644]
webroot/img/gp1.gif [new file with mode: 0644]
webroot/img/gplogobottomright.gif [new file with mode: 0644]
webroot/img/squash.gif [new file with mode: 0644]
webroot/img/tree-folder.gif [new file with mode: 0644]
webroot/img/tree-line.gif [new file with mode: 0644]
webroot/index.php [new file with mode: 0644]
webroot/js/md5.js [new file with mode: 0644]
webroot/squasher.class.php [new file with mode: 0644]
webroot/squasher.php [new file with mode: 0644]

index a756e4a5cf871190e402b722c1fc20607b9dcf26..ce42eb5f9161b6dc1db6e35a5f8c9c213ed11aef 100644 (file)
@@ -1,9 +1,10 @@
-/config.php
-/geoip.php
-/glob.php
-/include/
-/mail_test.php
-/md5.php
-/smarty/
-/stats/
+/cache/
 /templates_c/
+/webroot/config.php
+/webroot/geoip.php
+/webroot/glob.php
+/webroot/include/
+/webroot/mail_test.php
+/webroot/md5.php
+/webroot/smarty/
+/webroot/stats/
diff --git a/config.php.example b/config.php.example
deleted file mode 100644 (file)
index 17c0186..0000000
+++ /dev/null
@@ -1,31 +0,0 @@
-<?php
-
-DEFINE('SQUASHER_DB_HOST', '127.0.0.1'); // Ip address of the mysql server
-DEFINE('SQUASHER_DB_USER', 'squasher'); // Username for the database
-DEFINE('SQUASHER_DB_PASSWORD', 'squasher'); // Password for the database
-DEFINE('SQUASHER_DB_DATABASE', 'squasher'); // Mysql database name
-
-// Location of the smarty library
-// Use 'smarty/Smarty.class.php' for relative directory 'smarty/'
-// Use 'smarty3/Smarty.class.php' if you installed package smarty3
-DEFINE('SQUASHER_SMARTY_SOURCE', 'smarty3/Smarty.class.php');
-
-// Location of the smarty templates
-DEFINE('SQUASHER_SMARTY_TEMPLATES', './templates');
-
-// Location of the smarty compiled templates
-DEFINE('SQUASHER_SMARTY_TEMPLATES_C', './templates_c');
-
-// Location of the smarty cache
-DEFINE('SQUASHER_SMARTY_CACHE', './cache');
-
-
-// start session
-session_start();
-
-//connect to db
-$link_db = mysql_connect(SQUASHER_DB_HOST, SQUASHER_DB_USER, SQUASHER_DB_PASSWORD);
-mysql_select_db(SQUASHER_DB_DATABASE, $link_db);
-
-// vim: syntax=php ts=4 sw=4 sts=4 sr noet
-?>
diff --git a/css/squasher.css b/css/squasher.css
deleted file mode 100644 (file)
index 52a7ebe..0000000
+++ /dev/null
@@ -1,315 +0,0 @@
-body {
-       background-color:#E2EBD8;
-       font-family:Arial Narrow;
-       font-size:16px;
-}
-
-.wrappercontainer {
-       width: 1000px;
-       margin: 10px auto;
-       border:5px solid;
-       border-color:#FFFFFF;
-       color:#003300;
-       background: #FFFFFF;
-}
-
-/* top banner */
-.banner {
-       background-color:#66CC00;
-       width:100%;
-       height:45px;
-       background:#66CC00 url(../img/squash.gif) no-repeat 30px 50%;
-}
-
-/* Top right list of links, inside banner */
-.control {
-       float:right;
-       text-align:right;
-       margin: 2px;
-}
-
-/* A menucontainer can hold several menu lines */
-.menucontainer {
-       margin-top:10px;
-       margin-bottom:10px;
-}
-
-.menu {
-       clear:left;
-}
-
-/* menus div contains:
- - div.menuhead
- - a
- - a.selected */
-.menu .menuhead, .menu a {
-       float:left;
-       margin:1px;
-       padding:3px 8px;
-       border:1px solid;
-}
-
-.menu .menuhead {
-       background-color:#66CC00;
-       color:#003300;
-       border-color:#66CC00;
-}
-
-.menu a {
-       background-color:#C7F09E;
-       color:#003300;
-       border-color:#E2EBD8;
-       text-decoration:none;
-}
-
-.menu a:hover, .menu a.selected {
-       background-color:#339900;
-       color:#FFFFFF;
-       border-color:#E2EBD8;
-}
-
-.menu a.tool {
-       background:inherit;
-       border:inherit;
-       text-decoration:underline;
-       color:inherit;
-       margin-left: 40px;
-       font-size: 12px;
-       padding-top: 5px;
-       padding-bottom: 1px;
-}
-.menu a.tool:hover {
-       color:#FF6600;
-}
-
-/* main content container */
-.content {
-       clear:left;
-       margin-top:10px;
-       float:left;
-       padding-right:5px;
-       width:600px;
-}
-
-/* misc */
-.bottomimage {
-       background: #FFFFFF url(../img/gp1.gif) no-repeat 95% 95%;
-       clear:both;
-       float:right;
-       width:300px;
-       height:146px;
-}
-
-.footer {
-       clear:both;
-       margin-top:10px;
-       background-color:#66CC00;
-       text-align:center;
-       background:#66CC00 url(../img/gplogobottomright.gif) no-repeat 100%;
-}
-
-.clear {
-       clear:both;
-}
-
-a {
-       color:#003300;
-}
-
-a:hover {
-       color:#FF6600;
-}
-
-/* These are used by logs : */
-table.log {
-       border-spacing:0;
-       spacing:0;
-       padding:0;
-       width:1000px;
-       background-color:#C7F09E;
-}
-
-tr.logentry_header {
-       background-color:#339900;
-       color:#FFFFFF;
-       border:1px solid;
-       border-color:#C7F09E;
-       text-align:center;
-}
-
-tr.logentry_download, tr.logentry_delete, tr.logentry_login, tr.logentry_empty {
-       background-color:#C7F09E;
-       color:#003300;
-       margin:1px;
-       border:1px solid;
-       border-color:#C7F09E;
-}
-
-tr.logentry_empty {
-       text-align:center;
-}
-
-tr.logentry_download:hover, tr.logentry_delete:hover, tr.logentry_login:hover {
-       background-color:#339900;
-       color:#FFFFFF;
-}
-
-/* there are used on index, for each file block : */
-.item, .status1, .status2, .status3 {
-       position:relative;
-       color:#003300;
-       width:600px;
-       border:2px solid;
-       border-color:#FFFFFF;
-       font-size:12px;
-}
-
-.item {
-       background-color:#E2EBD8;
-}
-.status1 {
-       background-color:#FFCCCC;
-}
-.status2 {
-       background-color:#FFFFCC;
-}
-.status3 {
-       background-color:#CCFFCC;
-}
-
-/* name of the file: */
-.name {
-       float:left;
-       left:1px;
-       top:1px;
-       padding-left:1px;
-       z-index:50;
-}
-
-/* size of the file */
-.size {
-       float:right;
-       padding-left:2px;
-       padding-right:3px;
-}
-
-/* date the file was added */
-.added {
-       float:left;
-       padding-left:2px;
-       padding-right:3px;
-}
-
-/* date the file was lasy updated */
-.updated {
-       float:left;
-       padding-left:2px;
-       padding-right:3px;
-}
-
-/* file status (Completed, ...) */
-.status {
-       float:right;
-       top:1px;
-       padding-right:2px;
-       text-align:right;
-       z-index:10;
-}
-
-/* download (partial) link */
-.stream {
-       float:right;
-       padding-left:1px;
-       padding-right:2px;
-}
-
-/* download link */
-.download {
-       float:right;
-       padding-left:1px;
-       padding-right:2px;
-}
-
-/* index mass delete */
-.massdelete {
-       /*position:absolute;*/
-       /*bottom:0;*/
-       float:right;
-       width:300px;
-       /*height:146px;*/
-}
-
-.deletebox {
-       /*visibility: hidden;*/
-}
-
-/* index mass delete wrapper for right column */
-.filler {
-       position:relative;
-       float:right;
-       width:300px;
-       #height:500px;
-}
-
-
-/* users: user list/form wrapper */
-.white_border {
-       clear:both;
-       float:left;
-       border-top:0px solid #FFFFFF;
-       border-bottom:0px solid #FFFFFF;
-}
-
-/* access tool */
-.check_all, .check_allow, .check_deny {
-       float:right;
-       height:20px;
-}
-
-.sample_all, .sample_allow, .sample_deny {
-       float:left;
-       height:20px;
-}
-
-.check_all, .sample_all {
-       background-color:#AAEEAA;
-}
-
-.check_allow, .sample_allow {
-       background-color:#EEEEAA;
-}
-
-.check_deny, .sample_deny {
-       background-color:#EEAAAA;
-}
-
-/* login page */
-
-.login {
-       width:480px;
-       float:none;
-       display:inline-block;
-       border:1px solid #003300;
-       background-color:#C7F09E;
-       margin:100px;
-       padding:10px;
-       text-align:center;
-}
-
-.login input {
-       width:100%;
-       color:#003300;
-       margin: 10px 10px;
-}
-
-.login button {
-       border:1px solid #003300;
-       margin: 10px;
-       padding:3px 8px;
-       background:#66CC00;
-}
-
-.login button:hover {
-       background-color:#339900;
-       color:#ffffff;
-}
diff --git a/img/gp1.gif b/img/gp1.gif
deleted file mode 100644 (file)
index f4982da..0000000
Binary files a/img/gp1.gif and /dev/null differ
diff --git a/img/gplogobottomright.gif b/img/gplogobottomright.gif
deleted file mode 100644 (file)
index 29ec0ef..0000000
Binary files a/img/gplogobottomright.gif and /dev/null differ
diff --git a/img/squash.gif b/img/squash.gif
deleted file mode 100644 (file)
index 6744ceb..0000000
Binary files a/img/squash.gif and /dev/null differ
diff --git a/img/tree-folder.gif b/img/tree-folder.gif
deleted file mode 100644 (file)
index 4ed9c2a..0000000
Binary files a/img/tree-folder.gif and /dev/null differ
diff --git a/img/tree-line.gif b/img/tree-line.gif
deleted file mode 100644 (file)
index b59b20d..0000000
Binary files a/img/tree-line.gif and /dev/null differ
diff --git a/index.php b/index.php
deleted file mode 100644 (file)
index 372fcd7..0000000
--- a/index.php
+++ /dev/null
@@ -1,33 +0,0 @@
-<?php
-
-require_once("config.php");
-
-require_once("squasher.class.php");
-
-$salt = md5($_SERVER['REMOTE_ADDR']."|".$_SERVER['HTTP_USER_AGENT']);
-
-if (@$_GET['tools']=="logout"){
-       session_destroy();
-       $_SESSION['creds']['validated'] = false;
-       header( 'Location: '.$_SERVER['PHP_SELF'] ) ;
-}
-
-if (!@$_SESSION['creds']['validated']){
-       validate_user(@$_POST['user'], @$_POST['pass'], $salt);
-}
-
-if ($_SESSION['creds']['validated'] || @$_GET['f']) {
-//if ($_SESSION['creds']['validated']){
-       //load squasher
-       include("squasher.php");
-} else {
-       //show login
-
-       $smarty = get_smarty();
-
-       $smarty->assign('salt', $salt);
-       $smarty->assign('debug', @$_GET['debug']);
-       $smarty->display('login.tpl');
-}
-// vim: syntax=php ts=4 sw=4 sts=4 sr noet
-?>
diff --git a/js/md5.js b/js/md5.js
deleted file mode 100644 (file)
index 46d2aab..0000000
--- a/js/md5.js
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
- * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
- * Digest Algorithm, as defined in RFC 1321.
- * Version 2.1 Copyright (C) Paul Johnston 1999 - 2002.
- * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
- * Distributed under the BSD License
- * See http://pajhome.org.uk/crypt/md5 for more info.
- */
-
-/*
- * Configurable variables. You may need to tweak these to be compatible with
- * the server-side, but the defaults work in most cases.
- */
-var hexcase = 0;  /* hex output format. 0 - lowercase; 1 - uppercase        */
-var b64pad  = ""; /* base-64 pad character. "=" for strict RFC compliance   */
-var chrsz   = 8;  /* bits per input character. 8 - ASCII; 16 - Unicode      */
-
-/*
- * These are the functions you'll usually want to call
- * They take string arguments and return either hex or base-64 encoded strings
- */
-function hex_md5(s){ return binl2hex(core_md5(str2binl(s), s.length * chrsz));}
-function b64_md5(s){ return binl2b64(core_md5(str2binl(s), s.length * chrsz));}
-function str_md5(s){ return binl2str(core_md5(str2binl(s), s.length * chrsz));}
-function hex_hmac_md5(key, data) { return binl2hex(core_hmac_md5(key, data)); }
-function b64_hmac_md5(key, data) { return binl2b64(core_hmac_md5(key, data)); }
-function str_hmac_md5(key, data) { return binl2str(core_hmac_md5(key, data)); }
-
-/*
- * Perform a simple self-test to see if the VM is working
- */
-function md5_vm_test()
-{
-  return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72";
-}
-
-/*
- * Calculate the MD5 of an array of little-endian words, and a bit length
- */
-function core_md5(x, len)
-{
-  /* append padding */
-  x[len >> 5] |= 0x80 << ((len) % 32);
-  x[(((len + 64) >>> 9) << 4) + 14] = len;
-
-  var a =  1732584193;
-  var b = -271733879;
-  var c = -1732584194;
-  var d =  271733878;
-
-  for(var i = 0; i < x.length; i += 16)
-  {
-    var olda = a;
-    var oldb = b;
-    var oldc = c;
-    var oldd = d;
-
-    a = md5_ff(a, b, c, d, x[i+ 0], 7 , -680876936);
-    d = md5_ff(d, a, b, c, x[i+ 1], 12, -389564586);
-    c = md5_ff(c, d, a, b, x[i+ 2], 17,  606105819);
-    b = md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330);
-    a = md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897);
-    d = md5_ff(d, a, b, c, x[i+ 5], 12,  1200080426);
-    c = md5_ff(c, d, a, b, x[i+ 6], 17, -1473231341);
-    b = md5_ff(b, c, d, a, x[i+ 7], 22, -45705983);
-    a = md5_ff(a, b, c, d, x[i+ 8], 7 ,  1770035416);
-    d = md5_ff(d, a, b, c, x[i+ 9], 12, -1958414417);
-    c = md5_ff(c, d, a, b, x[i+10], 17, -42063);
-    b = md5_ff(b, c, d, a, x[i+11], 22, -1990404162);
-    a = md5_ff(a, b, c, d, x[i+12], 7 ,  1804603682);
-    d = md5_ff(d, a, b, c, x[i+13], 12, -40341101);
-    c = md5_ff(c, d, a, b, x[i+14], 17, -1502002290);
-    b = md5_ff(b, c, d, a, x[i+15], 22,  1236535329);
-
-    a = md5_gg(a, b, c, d, x[i+ 1], 5 , -165796510);
-    d = md5_gg(d, a, b, c, x[i+ 6], 9 , -1069501632);
-    c = md5_gg(c, d, a, b, x[i+11], 14,  643717713);
-    b = md5_gg(b, c, d, a, x[i+ 0], 20, -373897302);
-    a = md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691);
-    d = md5_gg(d, a, b, c, x[i+10], 9 ,  38016083);
-    c = md5_gg(c, d, a, b, x[i+15], 14, -660478335);
-    b = md5_gg(b, c, d, a, x[i+ 4], 20, -405537848);
-    a = md5_gg(a, b, c, d, x[i+ 9], 5 ,  568446438);
-    d = md5_gg(d, a, b, c, x[i+14], 9 , -1019803690);
-    c = md5_gg(c, d, a, b, x[i+ 3], 14, -187363961);
-    b = md5_gg(b, c, d, a, x[i+ 8], 20,  1163531501);
-    a = md5_gg(a, b, c, d, x[i+13], 5 , -1444681467);
-    d = md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784);
-    c = md5_gg(c, d, a, b, x[i+ 7], 14,  1735328473);
-    b = md5_gg(b, c, d, a, x[i+12], 20, -1926607734);
-
-    a = md5_hh(a, b, c, d, x[i+ 5], 4 , -378558);
-    d = md5_hh(d, a, b, c, x[i+ 8], 11, -2022574463);
-    c = md5_hh(c, d, a, b, x[i+11], 16,  1839030562);
-    b = md5_hh(b, c, d, a, x[i+14], 23, -35309556);
-    a = md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060);
-    d = md5_hh(d, a, b, c, x[i+ 4], 11,  1272893353);
-    c = md5_hh(c, d, a, b, x[i+ 7], 16, -155497632);
-    b = md5_hh(b, c, d, a, x[i+10], 23, -1094730640);
-    a = md5_hh(a, b, c, d, x[i+13], 4 ,  681279174);
-    d = md5_hh(d, a, b, c, x[i+ 0], 11, -358537222);
-    c = md5_hh(c, d, a, b, x[i+ 3], 16, -722521979);
-    b = md5_hh(b, c, d, a, x[i+ 6], 23,  76029189);
-    a = md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487);
-    d = md5_hh(d, a, b, c, x[i+12], 11, -421815835);
-    c = md5_hh(c, d, a, b, x[i+15], 16,  530742520);
-    b = md5_hh(b, c, d, a, x[i+ 2], 23, -995338651);
-
-    a = md5_ii(a, b, c, d, x[i+ 0], 6 , -198630844);
-    d = md5_ii(d, a, b, c, x[i+ 7], 10,  1126891415);
-    c = md5_ii(c, d, a, b, x[i+14], 15, -1416354905);
-    b = md5_ii(b, c, d, a, x[i+ 5], 21, -57434055);
-    a = md5_ii(a, b, c, d, x[i+12], 6 ,  1700485571);
-    d = md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606);
-    c = md5_ii(c, d, a, b, x[i+10], 15, -1051523);
-    b = md5_ii(b, c, d, a, x[i+ 1], 21, -2054922799);
-    a = md5_ii(a, b, c, d, x[i+ 8], 6 ,  1873313359);
-    d = md5_ii(d, a, b, c, x[i+15], 10, -30611744);
-    c = md5_ii(c, d, a, b, x[i+ 6], 15, -1560198380);
-    b = md5_ii(b, c, d, a, x[i+13], 21,  1309151649);
-    a = md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070);
-    d = md5_ii(d, a, b, c, x[i+11], 10, -1120210379);
-    c = md5_ii(c, d, a, b, x[i+ 2], 15,  718787259);
-    b = md5_ii(b, c, d, a, x[i+ 9], 21, -343485551);
-
-    a = safe_add(a, olda);
-    b = safe_add(b, oldb);
-    c = safe_add(c, oldc);
-    d = safe_add(d, oldd);
-  }
-  return Array(a, b, c, d);
-
-}
-
-/*
- * These functions implement the four basic operations the algorithm uses.
- */
-function md5_cmn(q, a, b, x, s, t)
-{
-  return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s),b);
-}
-function md5_ff(a, b, c, d, x, s, t)
-{
-  return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t);
-}
-function md5_gg(a, b, c, d, x, s, t)
-{
-  return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t);
-}
-function md5_hh(a, b, c, d, x, s, t)
-{
-  return md5_cmn(b ^ c ^ d, a, b, x, s, t);
-}
-function md5_ii(a, b, c, d, x, s, t)
-{
-  return md5_cmn(c ^ (b | (~d)), a, b, x, s, t);
-}
-
-/*
- * Calculate the HMAC-MD5, of a key and some data
- */
-function core_hmac_md5(key, data)
-{
-  var bkey = str2binl(key);
-  if(bkey.length > 16) bkey = core_md5(bkey, key.length * chrsz);
-
-  var ipad = Array(16), opad = Array(16);
-  for(var i = 0; i < 16; i++)
-  {
-    ipad[i] = bkey[i] ^ 0x36363636;
-    opad[i] = bkey[i] ^ 0x5C5C5C5C;
-  }
-
-  var hash = core_md5(ipad.concat(str2binl(data)), 512 + data.length * chrsz);
-  return core_md5(opad.concat(hash), 512 + 128);
-}
-
-/*
- * Add integers, wrapping at 2^32. This uses 16-bit operations internally
- * to work around bugs in some JS interpreters.
- */
-function safe_add(x, y)
-{
-  var lsw = (x & 0xFFFF) + (y & 0xFFFF);
-  var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
-  return (msw << 16) | (lsw & 0xFFFF);
-}
-
-/*
- * Bitwise rotate a 32-bit number to the left.
- */
-function bit_rol(num, cnt)
-{
-  return (num << cnt) | (num >>> (32 - cnt));
-}
-
-/*
- * Convert a string to an array of little-endian words
- * If chrsz is ASCII, characters >255 have their hi-byte silently ignored.
- */
-function str2binl(str)
-{
-  var bin = Array();
-  var mask = (1 << chrsz) - 1;
-  for(var i = 0; i < str.length * chrsz; i += chrsz)
-    bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (i%32);
-  return bin;
-}
-
-/*
- * Convert an array of little-endian words to a string
- */
-function binl2str(bin)
-{
-  var str = "";
-  var mask = (1 << chrsz) - 1;
-  for(var i = 0; i < bin.length * 32; i += chrsz)
-    str += String.fromCharCode((bin[i>>5] >>> (i % 32)) & mask);
-  return str;
-}
-
-/*
- * Convert an array of little-endian words to a hex string.
- */
-function binl2hex(binarray)
-{
-  var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
-  var str = "";
-  for(var i = 0; i < binarray.length * 4; i++)
-  {
-    str += hex_tab.charAt((binarray[i>>2] >> ((i%4)*8+4)) & 0xF) +
-           hex_tab.charAt((binarray[i>>2] >> ((i%4)*8  )) & 0xF);
-  }
-  return str;
-}
-
-/*
- * Convert an array of little-endian words to a base-64 string
- */
-function binl2b64(binarray)
-{
-  var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-  var str = "";
-  for(var i = 0; i < binarray.length * 4; i += 3)
-  {
-    var triplet = (((binarray[i   >> 2] >> 8 * ( i   %4)) & 0xFF) << 16)
-                | (((binarray[i+1 >> 2] >> 8 * ((i+1)%4)) & 0xFF) << 8 )
-                |  ((binarray[i+2 >> 2] >> 8 * ((i+2)%4)) & 0xFF);
-    for(var j = 0; j < 4; j++)
-    {
-      if(i * 8 + j * 6 > binarray.length * 32) str += b64pad;
-      else str += tab.charAt((triplet >> 6*(3-j)) & 0x3F);
-    }
-  }
-  return str;
-}
diff --git a/squasher.class.php b/squasher.class.php
deleted file mode 100644 (file)
index 42af06c..0000000
+++ /dev/null
@@ -1,1065 +0,0 @@
-<?php
-require_once("config.php");
-
-function zfill($n, $a) {
-       return str_repeat("0", max(0,$a-strlen($n))) . $n;
-}
-
-function named_records_sort($named_recs, $order_by, $reverse=false, $flags=0) {
-       $named_hash = array();
-       foreach ($named_recs as $key => $fields)
-               $named_hash[$key] = $fields[$order_by];
-
-       if ($reverse)
-               arsort($named_hash,$flags=0) ;
-       else
-               asort($named_hash, $flags=0);
-
-       $sorted_records = array();
-       foreach($named_hash as $key => $val)$sorted_records[$key] = $named_recs[$key];
-
-       return $sorted_records;
-}
-
-function validate_user($username, $password, $salt) {
-       $creds['validated'] = false;
-       $query="SELECT * FROM users WHERE user_name = '".mysql_escape_string($username)."'";
-       $q_result = mysql_query($query);
-       while ($fetched_object = mysql_fetch_object($q_result)) {
-               if (md5($fetched_object->user_pass.$salt) == $password) {
-                       //validated
-                       $creds['user_id'] = $fetched_object->user_id;
-                       $creds['user_name'] = $fetched_object->user_name;
-                       $creds['user_level'] = $fetched_object->user_level;
-                       $creds['validated'] = true;
-                       $log_hash=str_repeat("0",32); // File ID is always empty on login
-                       $q="INSERT INTO log (hash,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($log_hash)."','login',".$creds['user_id'].",'".mysql_escape_string($creds['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())";
-                       mysql_query($q);
-               }
-       }
-       $_SESSION['creds'] = $creds;
-       return $creds['validated'];
-}
-
-
-function get_smarty() {
-       require_once(SQUASHER_SMARTY_SOURCE); // See config.php
-
-       $smarty = new Smarty;
-       $smarty->setTemplateDir(SQUASHER_SMARTY_TEMPLATES)
-              ->setCompileDir(SQUASHER_SMARTY_TEMPLATES_C)
-              ->setCacheDir(SQUASHER_SMARTY_CACHE);
-
-       return $smarty;
-}
-
-
-class squashweb {
-
-var $basepath;
-var $configs = array();
-var $files = array();
-var $subfolders = array();
-var $folderrights;
-var $userrights;
-var $history = array();
-
-function set_root($root) {
-       $this->basepath = $root;
-}
-
-function get_configs() {
-       return $this->configs;
-}
-
-function subfolders() {
-       return $this->subfolders;
-}
-
-function get_config($h) {
-
-       return $this->configs[$h];
-}
-
-function folderrights() {
-       return $this->folderrights;
-}
-
-function userrights() {
-       return $this->userrights;
-}
-
-function update_history() {
-       $q="SELECT md5_hash,file,completed,checked FROM file_hash";
-       $r=mysql_query($q);
-       while($o=mysql_fetch_object($r)) {
-               $this->history[$o->md5_hash]['file']=$o->file;
-               $this->history[$o->md5_hash]['completed']=$o->completed;
-               $this->history[$o->md5_hash]['checked']=$o->checked;
-       }
-}
-
-function get_users($user_level) {
-       $q = "SELECT * FROM users WHERE user_level < ".$user_level." ORDER BY user_name ASC";
-       $r = mysql_query($q);
-
-       while ($o = mysql_fetch_object($r)) {
-               $return[$o->user_id]['id']              = $o->user_id;
-               $return[$o->user_id]['name']    = $o->user_name;
-               $return[$o->user_id]['level']   = $o->user_level;
-               $return[$o->user_id]['enabled'] = ($o->user_pass == '') ? false : true ;
-       }
-
-       return $return;
-}
-
-function get_logs($type='all') {
-       $q="SELECT log.* FROM log WHERE log.user_id != '1' and ip != '87.233.211.2' ";
-       if ($_SESSION['creds']['user_id'] == 1)
-               $q="SELECT log.* FROM log WHERE log.user_id != 'x' ";
-       switch($type) {
-       case "delete":
-               $q.= " AND log.action = 'delete'";
-               break;
-       case "download":
-               $q.= " AND log.action = 'download'";
-               break;
-       case "login":
-               $q.= " AND log.action = 'login'";
-               break;
-       case "debug":
-               $q.= " AND log.action = 'debug'";
-               break;
-       default:
-               $q.= "";
-               break;
-       }
-
-       $today     =" AND date > date(date_add(now(), interval -0 day)) ";
-       $yesterday =" AND date < date(date_add(now(), interval -0 day)) AND date > date(date_add(now(), interval -1 day)) ";
-       $lastweek  =" AND date < date(date_add(now(), interval -1 day)) AND date > date(date_add(now(), interval -6 day)) ";
-       $older     =" AND date < date(date_add(now(), interval -7 day)) AND date > date(date_add(now(), interval -30 day)) ";
-
-       $order=" ORDER BY log.log_id desc ";
-       $r = mysql_query($q.$today.$order);
-       $return = array();
-       while($a = mysql_fetch_array($r)) {
-               $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
-               $ru = mysql_query($qu);
-               $a['users_from_ip'] = " | ";
-               while($au = mysql_fetch_array($ru))
-                       $a['users_from_ip'] .= $au['user_name']." | ";
-               $return['today'][$a['log_id']] = $a;
-       }
-       $r = mysql_query($q.$yesterday.$order);
-       while($a = mysql_fetch_array($r)) {
-               $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
-               $ru = mysql_query($qu);
-               $a['users_from_ip'] = " | ";
-               while($au = mysql_fetch_array($ru))
-                       $a['users_from_ip'] .= $au['user_name']." | ";
-               $return['yesterday'][$a['log_id']] = $a;
-       }
-       $r = mysql_query($q.$lastweek.$order);
-       while($a = mysql_fetch_array($r)) {
-               $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
-               $ru = mysql_query($qu);
-               $a['users_from_ip'] = " | ";
-               while($au = mysql_fetch_array($ru))
-                       $a['users_from_ip'] .= $au['user_name']." | ";
-               $return['lastweek'][$a['log_id']] = $a;
-       }
-       $r = mysql_query($q.$older.$order);
-       while($a = mysql_fetch_array($r)) {
-               $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
-               $ru = mysql_query($qu);
-               $a['users_from_ip'] = " | ";
-               while($au = mysql_fetch_array($ru))
-                       $a['users_from_ip'] .= $au['user_name']." | ";
-               $return['older'][$a['log_id']] = $a;
-       }
-
-       return $return;
-}
-
-function insert_users($u, $admin_level) {
-       $user_name = $u['user_name'];
-       $user_pass = $u['user_pass'];
-       $user_level = (int)$u['user_level'];
-
-       $q = "INSERT INTO users (user_name,user_pass,user_level) VALUES ('".mysql_escape_string($user_name)."', '".mysql_escape_string(md5($user_pass))."', ".$user_level.")";
-       $r = mysql_query($q);
-}
-
-function update_users($u) {
-       $user_id = (int)$u['user_id'];
-       $user_name = @$u['user_name'];
-       $user_pass = @$u['user_pass'];
-       $user_level = (int)@$u['user_level'];
-       if ($user_name) {
-               $q = "UPDATE users SET user_name = '".mysql_escape_string($user_name)."' WHERE user_id = ".$user_id;
-               $r = mysql_query($q);
-       }
-       if ($user_pass) {
-               $q = "UPDATE users SET user_pass = '".mysql_escape_string(md5($user_pass))."' WHERE user_id = ".$user_id;
-               $r = mysql_query($q);
-       }
-       if ($user_level) {
-               $q = "UPDATE users SET user_level = ".$user_level." WHERE user_id = ".$user_id;
-               $r = mysql_query($q);
-       }
-}
-
-function disable_users($u) {
-       $user_id = (int)$u['user_id'];
-       $user_name = @$u['user_name'];
-       $user_level = (int)@$u['user_level'];
-       if ($user_name) {
-               $q = "UPDATE users SET user_name = '".mysql_escape_string($user_name)."' WHERE user_id = ".$user_id;
-               $r = mysql_query($q);
-       }
-       $q = "UPDATE users SET user_pass = '' WHERE user_id = ".$user_id;
-       $r = mysql_query($q);
-       if ($user_level) {
-               $q = "UPDATE users SET user_level = ".$user_level." WHERE user_id = ".$user_id;
-               $r = mysql_query($q);
-       }
-       $r = mysql_query($q);
-}
-
-function remove_users($u) {
-       $user_id = (int)$u['user_id'];
-       $q = "DELETE FROM users WHERE user_id = ".$user_id;
-       $r = mysql_query($q);
-}
-
-function get_rights($user_id) {
-       $result = array();
-
-       $q = "SELECT folder_path, access FROM user_rights WHERE user_id = ".(int)$user_id;
-       $r = mysql_query($q);
-       while ($o = mysql_fetch_object($r)) {
-
-               //clean vars
-               $arr_string = '$result';
-
-               //get foldernames from path
-               if ($o->folder_path != '/') {
-                       $path = $o->folder_path;
-                       if ($path{0}=='/')
-                               $path=substr($path,1);
-                       $folder_arr = explode('/',$path);
-
-                       //create folder structure array
-                       foreach ($folder_arr AS $key => $value) {
-                               $value_escaped = str_replace("'", "\\'", $value);
-                               $arr_string .= "['".$value_escaped."']";
-                       }
-               }
-               $arr_string .= "['__access__']";
-
-               eval($arr_string." = '".$o->access."';");
-       }
-       return $result;
-}
-
-function give_rights($user_id, $type='folderrights') {
-       if ($type=='folderrights')
-               $this->folderrights = $this->get_rights($user_id);
-       else // $type=='userrights'
-               $this->userrights = $this->get_rights($user_id);
-}
-
-function update_rights($edited_user, $m, $admin_level) {
-       $q = "SELECT count(*) result FROM users WHERE user_id = ".(int)$edited_user." AND user_level < ".(int)$admin_level;
-       $r = mysql_query($q);
-       $o = mysql_fetch_object($r);
-
-       if ($o->result) {
-               foreach ($m AS $path => $access) {
-                       $p_q = "SELECT count(*) result FROM user_rights WHERE user_id = ".(int)$edited_user." AND folder_path = '".mysql_escape_string($path)."'";
-                       $p_r = mysql_query($p_q);
-                       $p_o = mysql_fetch_object($p_r);
-                       if ($p_o->result == 1)
-                               mysql_query("UPDATE user_rights SET access = ".(int)$access." WHERE folder_path = '".mysql_escape_string($path)."' AND user_id = ".(int)$edited_user);
-                       if ($p_o->result == 0)
-                               mysql_query("INSERT INTO user_rights (user_id,folder_path,access) values (".(int)$edited_user.",'".mysql_escape_string($path)."',".(int)$access.") ");
-               }
-       }
-}
-
-
-function show_rights_tree($path, $depth=0, $userid=0) {
-
-       if ($userid==0)
-               return false;
-       if ($depth==0)
-               $this->give_rights($userid, 'userrights');
-
-       // access = 0 --deny-all
-       // access = 1 --allow-dir-only
-       // access = 2 --allow-inc-subs
-
-       $layout = '';
-       $style = '';
-
-       for ($i=0; $i<$depth; $i++)
-               $layout .= " ";
-       if ($dir = opendir($path)) {
-               $layout .= "<div style='clear:both;' >\n";
-               $f = 0;
-               while (false !== ($file = readdir($dir))) {
-                       $files_array[] = $file;
-               }
-               asort($files_array);
-               foreach ($files_array as $f_index => $file) {
-                       if (($file{0} !== ".") && ($file !== ".."))
-                       {
-                               $filename = $path."/".$file;
-                               if (!is_file($filename) && $this->got_rights_array($filename) > 0) {
-                                       $f++;
-                                       if (substr($filename,0,strlen($this->basepath))==$this->basepath)
-                                               $name = substr($filename,strlen($this->basepath));
-                                       $check = $this->got_rights_array_admin($filename, $this->userrights);
-                                       $check_all = '';
-                                       $check_allow = '';
-                                       $check_deny = '';
-                                       switch($check) {
-                                               case 2:
-                                                       $check_all = 'checked';
-                                                       break;
-                                               case 1:
-                                                       $check_allow = 'checked';
-                                                       break;
-                                               case 0:
-                                               default:
-                                                       $check_deny = 'checked';
-                                                       break;
-                                       }
-
-                                       if ($f==1)
-                                               $style[$depth] = ".depth".$depth."{float:right;width:".(600-($depth*10))."px;border-left:2px solid #FFFFFF;border-top:1px solid #FFFFFF;background:#".dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).";}";
-                                       if ($f==1)
-                                               $layout .= "<div class='depth".$depth."'>";
-                                       $layout .= "<div class='white_border' >".htmlspecialchars($file)."</div>\n";
-                                       $name_escaped = htmlspecialchars($name);
-                                       $layout .= '<div class="check_deny"><input name="m['.$name_escaped.']" value=0 type=radio '.$check_deny."></div>\n";
-                                       $layout .= '<div class="check_allow"><input name="m['.$name_escaped.']" value=1 type=radio '.$check_allow."></div>\n";
-                                       $layout .= '<div class="check_all"><input name="m['.$name_escaped.']" value=2 type=radio '.$check_all."></div>\n";
-                                       $sub_return = $this->show_rights_tree($filename,$depth+1,$userid);
-                                       if (is_array($style) && is_array($sub_return['style']))
-                                               $style = $style + $sub_return['style'];
-                                       $layout .= $sub_return['layout'];
-                               }
-                       }
-               }
-               if ($f!=0)
-                       $layout .= "</div>";
-               $layout .= "</div>\n";
-       }
-
-       $return['style'] = $style;
-       $return['layout'] = $layout;
-
-       return $return;
-}
-
-function got_rights_array($needle, $haystack='', $c=0) {
-       // used by:
-       // - read_single_file
-       // - read_directory
-       // - show_rights_tree
-
-       if (!is_array($haystack))
-               $haystack = $this->folderrights;
-       if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
-               $needle=substr($needle,strlen($this->basepath));
-
-       // check root rights
-       if ($needle{0} == '/' && @$haystack['__access__'] == 2 )
-               return 2;
-
-       // remove leading /
-       if ($needle{0}=='/')
-               $needle = substr($needle, 1);
-
-       $needle_arr = explode('/', $needle);
-       $n = count($needle_arr);
-       $d = $c + 1;
-
-       foreach ($haystack as $k => $v) {
-               if ($needle_arr[$c] == $k) {
-                       if (!is_array(@$v['__access__'])) {
-                               if ($v['__access__'] == 2             ) return 2;
-                               if ($v['__access__'] == 1 && $d == $n ) return 1;
-                               if ($v['__access__'] == 0 && $d == $n ) return 0;
-                       } else {
-                               $return = $this->got_rights_array($needle, $v, $d);
-                       }
-               }
-       }
-       return $return;
-}
-
-function got_rights_array_admin($needle, $haystack='', $c=0) {
-       // used by:
-       // - show_rights_tree
-
-       if (!is_array($haystack))
-               $haystack = $this->folderrights;
-       if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
-               $needle = substr($needle, strlen($this->basepath));
-
-       // check root rights
-       if ($needle{0} == '/' && @$haystack['__access__'] == 2 )
-               return 2;
-
-       // remove leading /
-       if ($needle{0} == '/')
-               $needle = substr($needle, 1);
-
-       $needle_arr = explode('/', $needle);
-       $n = count($needle_arr);
-       $d = $c + 1;
-       $return = 0;
-
-       if ($c < $n) {
-               if (@$haystack['__access__'] == 2)
-                       return $haystack['__access__'];
-               if (is_array($haystack[$needle_arr[$c]]))
-                       $return = $this->got_rights_array_admin($needle, $haystack[$needle_arr[$c]], $d);
-       } else {
-               if (@$haystack['__access__'] > 0)
-                       $return = $haystack['__access__'];
-       }
-
-       return $return;
-}
-
-function got_rights_array_recursive($needle, $haystack='', $c=0) {
-       // used by:
-       // - read_directory, for subfolders
-
-       if (!is_array($haystack))
-               $haystack = $this->folderrights;
-       if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
-               $needle=substr($needle, strlen($this->basepath));
-
-       // check root rights
-       if($needle{0}=='/' && @$haystack['__access__'] == 2 )
-               return 2;
-
-       // check folder rights
-       if($needle{0}=='/')
-               $needle=substr($needle,1);
-
-       $needle_arr = explode('/', $needle);
-       $n = count($needle_arr);
-       $d = $c + 1;
-       $return = 0;
-
-       foreach($haystack as $k => $v) {
-               if ($c < sizeof($needle_arr) && $needle_arr[$c] == $k) {
-                       if ($c < $n) {
-                               if ($v['__access__'] == 2)
-                                       $return = $return + $v['__access__'];
-                               $return = $return + $this->got_rights_array_recursive($needle, $v, $d);
-                       } else {
-                               $return = $return + $this->in_array_recursive($v);
-                       }
-               } elseif ($c == $n) {
-                       $return = $return + $v['__access__'];
-                       if($k != '__access__')$return = $return + $this->in_array_recursive($v);
-               }
-       }
-
-       return $return;
-}
-
-function in_array_recursive($haystack) {
-       $return = 0;
-       if (is_array($haystack)) {
-               foreach ($haystack as $key1 => $value1) {
-                       if (is_array($value1)) {
-                               $return = $return + $this->in_array_recursive($value1);
-                       }
-                       elseif ($value1 > 0) {
-                               return $value1;
-                       }
-               }
-       }
-       return $return;
-}
-
-function read_single_file($path, $file) {
-       $filename = $path."/".$file;
-       $i = 0;
-       if ($this->got_rights_array($path) > 0) {
-               if (is_file($filename.'.Completed'))
-                       $file.='.Completed';
-               if (is_file($filename.'.InProgress'))
-                       $file.='.InProgress';
-               if (is_file($filename.'.Starting'))
-                       $file.='.Starting';
-               if (is_file($filename.'.Processed'))
-                       $file.='.Processed';
-               $filename = $path . "/" . $file;
-               $handle = @fopen($filename, "rb");
-               if (strpos($file,'.Completed'))
-                       $ext='.Completed';
-               if (strpos($file,'.InProgress'))
-                       $ext='.InProgress';
-               if (strpos($file,'.Starting'))
-                       $ext='.Starting';
-               if (strpos($file,'.Processed'))
-                       $ext='.Processed';
-               $sub_pos = strpos($file, $ext);
-               $base_name = substr($file, 0, $sub_pos);
-               $filecontent = @fread($handle, @filesize($filename));
-               $config[$i] = explode("\r\n", $filecontent);
-               /***
-               *       $config:: array
-               *       [0]     ->      versioncode
-               *       [1]     ->      date&time
-               *       [2]     ->      filename
-               *       [3]     ->      filesize
-               *       [4]     ->      chunksize
-               *       [5]     ->      chunkcount
-               *       [6]     ->      CRC32 checksum
-               ***/
-               if (@filesize($filename) > 0) {
-                       $h = md5($path."/".$config[$i][2]);
-                       $this->configs[$h] = $config[$i];
-                       $this->configs[$h]['squashed'] = true;
-                       $this->configs[$h]['path'] = $path;
-                       $this->configs[$h]['status'] = substr($ext, 1);
-                       $this->configs[$h]['mime'] = $this->set_mime($this->configs[$h][2]);
-                       $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
-                       //to prevent dates of 1-1-1970 we set te dates of the config file
-                       $this->configs[$h]['added'] = filectime($filename);
-                       $this->configs[$h]['lastchange'] = filemtime($filename);
-                       fclose($handle);
-                       $this->populate_stats($path, $h);
-                       //insert hash in db
-                       #$this->update_hash($h,$path."/".$config[$i][2]);
-                       //check stats
-                       $this->check_stats($h);
-               }
-       }
-}
-
-
-function read_directory($path, $getsubs=false, $getfirstfiles=true, $getdeepfiles=true, $populate=true) {
-
-       if ($dir = @opendir($path)) {
-               $i = 0;
-               $last = 1;
-               while (false !== ($file = readdir($dir))) {
-                       if (($file{0} !== ".") && substr($file,0,1) !== "SQ") {
-                               $filename = $path."/".$file;
-                               if (!is_file($filename) && strpos($filename, './uploads/recieving')===false) {
-                                       if ($getsubs) {
-                                               if ($this->got_rights_array_recursive($filename) > 0) {
-                                                       $key = substr($path, strlen($this->basepath)) . '/' . $file;
-                                                       $this->subfolders[$key] = $file;
-                                               }
-                                       }
-                                       if ($getdeepfiles)
-                                               $this->read_directory($filename, false, $getdeepfiles, $getdeepfiles, $populate);
-                               } elseif (strpos($filename,'./uploads/ftp')) { //ftp files
-                                       if ($this->got_rights_array($path) > 0 && !strpos($filename, '.hidden') ) {
-                                               $h = md5($filename);
-                                               $name_only = substr($filename, strlen($path)+1);
-                                               $file_structure = explode('.', $name_only);
-                                               $ext = array_pop($file_structure);
-                                               $base_name = array_pop($file_structure);
-                                               $this->configs[$h]['path'] = $path;
-                                               $this->configs[$h][0] = 'manual ftp';
-                                               $this->configs[$h][2] = $name_only;
-                                               $this->configs[$h][3] = filesize($filename);
-                                               $this->configs[$h]['added'] = filectime($filename);
-                                               $this->configs[$h]['lastchange'] = filemtime($filename);
-                                               $this->configs[$h]['status'] = 'unknown';
-                                               $this->configs[$h]['squashed'] = false;
-                                               $this->configs[$h]['mime'] = $this->set_mime($name_only);
-                                               $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
-                                       }
-                               } elseif ($getfirstfiles) {
-                                       //squashed files
-                                       if ($this->got_rights_array($path) > 0) {
-                                               if (strpos($filename, '.Completed') || strpos($filename, '.InProgress') || strpos($filename, '.Starting') || strpos($filename, '.Processed')) {
-                                                       $i++;
-                                                       $handle = @fopen($filename, "rb");
-                                                       if (strpos($file,'.Completed'))
-                                                               $ext='.Completed';
-                                                       if (strpos($file,'.InProgress'))
-                                                               $ext='.InProgress';
-                                                       if (strpos($file,'.Starting'))
-                                                               $ext='.Starting';
-                                                       if (strpos($file,'.Processed'))
-                                                               $ext='.Processed';
-                                                       $sub_pos = strpos($file, $ext);
-                                                       $base_name = substr($file, 0, $sub_pos);
-                                                       $filecontent = @fread($handle, @filesize($filename));
-                                                       $config[$i] = explode("\r\n", $filecontent);
-
-                                                       /***
-                                                       *       $config:: array
-                                                       *       [0]     ->      versioncode
-                                                       *       [1]     ->      date&time
-                                                       *       [2]     ->      filename
-                                                       *       [3]     ->      filesize
-                                                       *       [4]     ->      chunksize
-                                                       *       [5]     ->      chunkcount
-                                                       *       [6]     ->      CRC32 checksum
-                                                       ***/
-
-                                                       if (@filesize($filename) > 0) {
-                                                               $h = md5($path."/".$config[$i][2]);
-                                                               $this->configs[$h] = $config[$i];
-                                                               $this->configs[$h]['squashed'] = true;
-                                                               $this->configs[$h]['path'] = $path;
-                                                               $this->configs[$h]['status'] = substr($ext, 1);
-                                                               $this->configs[$h]['mime'] = $this->set_mime($this->configs[$h][2]);
-                                                               $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
-                                                               //to prevent dates of 1-1-1970 we set te dates of the config file
-                                                               $this->configs[$h]['added'] = filectime($filename);
-                                                               $this->configs[$h]['lastchange'] = filemtime($filename);
-                                                               fclose($handle);
-                                                               $this->populate_stats($path, $h);
-                                                               //insert hash in db
-                                                               $this->update_hash($h, $path."/".$config[$i][2]);
-                                                               //check stats
-                                                               $this->check_stats($h);
-                                                       }
-                                               }
-                                       }
-                               }
-                       }
-               }
-       }
-}
-
-function check_stats($h) {
-       $config = $this->get_config($h);
-       $count = @array_sum($config['stats']);
-       if ($config['status']=='Completed' && $count != $config[5]) {
-               $filepath=$config['path'].'/'.$config[2];
-               if ($this->history[$h]['completed']=="1") {
-                       //don't display broken file, remove it instead
-                       unlink($config['path'].'/'.$config[2].'.Completed');
-                       unset($this->configs[$h]);
-
-                       if (!$count)
-                               $count = 0;
-                       $m_subject = "Squasher Debug: File Removed";
-                       $m_body = "Upload removed: \n File: ".$config['path']."/".$config[2]." \n Status: ".$config['status']." \n Chunks: ".$count." out of ".$config[5];
-                       mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
-                       $qlog = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','debug',-1,'squasher-web','cleanup',NOW())";
-                       mysql_query($qlog);
-               } else {
-                       //do move
-                       rename($config['path'].'/'.$config[2].'.Completed', $config['path'].'/'.$config[2].'.InProgress');
-                       $this->configs[$h]['status'] = 'InProgress';
-
-                       //mail n4m
-                       if (!$count)
-                               $count = 0;
-                       $m_subject = "Squasher Debug: Upload Error";
-                       $m_body = "Upload error: \n File: ".$config['path']."/".$config[2]." \n Status: ".$config['status']." \n Chunks: ".$count." out of ".$config[5];
-                       mail('support@netformatie.nl', $m_subject, $m_body, "From: squasher@netformatie.nl");
-                       mail('jan@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
-                       mail('joop@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
-                       mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
-
-                       //do sms
-                       //wget -o/dev/null "http://www.mollie.nl/xml/sms/?username=netformatie&password=SMSdolsi&originator=Netformatie&recipients=${ENGINEER}&message=${CALLERID}";
-
-                       //mail RO
-                       $ship = explode('/',$config['path']);
-                       if ($ship[2] == 'myas' || $ship[2] == 'myez' || $ship[2] == 'myrw')
-                               mail('ro1@'.$ship[2].'.greenpeace.org','Squasher: '.$config[2].' resume request','The squasher server has detected an upload error. Please resume the squasher transmission for '.$config[2].' to correct this problem.',"From: support@netformatie.nl\nX-Priority: 1");
-
-                       $qlog = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','debug',-1,'squasher-web','retry',NOW())";
-                       mysql_query($qlog);
-
-               }
-       } elseif ($config['status']=='Completed' && $count == $config[5]) {
-               if ($this->history[$h]['completed']==0)
-                       mysql_query("UPDATE file_hash SET completed = 1 WHERE md5_hash = '".mysql_escape_string($h)."'");
-       }
-}
-
-function update_hash($hash, $path) {
-       $check_hash_query = "select * from file_hash where md5_hash = '".$hash."'";
-       $check_hash_result = mysql_query($check_hash_query);
-       if(mysql_num_rows($check_hash_result) == 0) {
-               $insert_hash_query = "INSERT INTO file_hash (md5_hash,file) values ('".mysql_escape_string($hash)."','".mysql_escape_string($path)."')";
-               mysql_query($insert_hash_query);
-       }
-}
-
-function path_to_arraystring($path, $arrayname) {
-       $path_values = explode('/', $path);
-       $return = $arrayname;
-       foreach ($path_values AS $key => $value) {
-               if ($value != '.' && $value != '')
-                       $return.= "['".$value."']";
-       }
-       return $return;
-}
-
-function populate_stats($path, $h) {
-       /***
-       *       $config:: array
-       *       [0]     ->      versioncode
-       *       [1]     ->      date&time
-       *       [2]     ->      filename
-       *       [3]     ->      filesize
-       *       [4]     ->      chunksize
-       *       [5]     ->      chunkcount
-       *       [6]     ->      CRC32 checksum
-       ***/
-       $config = $this->configs[$h];
-
-       $q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($h)."'";
-       $r = mysql_query($q);
-       $o = mysql_fetch_object($r);
-       $validated_chunks = $o->validated_chunks;
-
-       if ($this->history[$h]['completed']=="1") {
-               $file_part = $path."/SQ".zfill(1,6)."-".$config[2];
-               if (!is_file($file_part))
-                       $file_part = $path."/SQ".zfill(1,3)."-".$config[2];
-               if (is_file($file_part)) {
-                       $this->configs[$h]['added'] = filectime($file_part);
-                       $file_part = $path."/SQ".zfill($config[5],6)."-".$config[2];
-                       if (!is_file($file_part))
-                               $file_part = $path."/SQ".zfill($config[5],3)."-".$config[2];
-                       if (is_file($file_part))
-                               $this->configs[$h]['lastchange'] = filemtime($file_part);
-                       for ($i=1; $i<=$config[5]; $i++)
-                               $this->configs[$h]['stats'][$i] = "1.00";
-               } else {
-                       //failsafe voor verwijderde bestanden
-                       mysql_query("UPDATE file_hash SET completed = 0 WHERE md5_hash = '".mysql_escape_string($h)."'");
-               }
-       } else {
-               $keep_validating = true;
-               for ($i=1; $i<=$config[5]; $i++) {
-                       if ($validated_chunks > $i) {
-                               $this->configs[$h]['stats'][$i]="1.00";
-                       } else {
-                               $file_part = $path."/SQ".zfill($i,6)."-".$config[2];
-                               if (!is_file($file_part))
-                                       $file_part = $path."/SQ".zfill($i,3)."-".$config[2];
-                               if (is_file($file_part)) {
-                                       $handle = fopen($file_part, "rb");
-                                       $size_this = filesize($file_part);
-                                       $added = filectime($file_part);
-                                       $last_changed = filemtime($file_part);
-                                       if ($this->configs[$h]['added'] > $added || !is_numeric($this->configs[$h]['added']))
-                                               $this->configs[$h]['added'] = $added;
-                                       if ($this->configs[$h]['lastchange'] < $last_changed)
-                                               $this->configs[$h]['lastchange'] = $last_changed;
-                                       if ($i != $config[5]) {
-                                               $this->configs[$h]['stats'][$i] = number_format((1/$config[4])*$size_this, 2, '.', '');
-                                       //number_format((100/$config[4])*$size_this, 2, '.', '')."%";
-                                       }else{
-                                               $this->configs[$h]['stats'][$i] = number_format((1/($config[3]-($config[4]*($config[5]-1))))*$size_this, 2, '.', '');
-                                               //number_format((100/($config[3]-($config[4]*($config[5]-1))))*$size_this, 2, '.', '')."%";
-                                       }
-                                       fclose($handle);
-                                       if ($config[4] == $size_this && $keep_validating) {
-                                               $validated_chunks = $i;
-                                       } else {
-                                               $keep_validating = false;
-                                       }
-                               } else {
-                                       $this->configs[$h]['stats'][$i] = "0.00";
-                                       //$this->configs[$h]['stats'][$i]="0.00%";
-
-                               }
-                       }
-               }
-               mysql_query("UPDATE file_hash SET validated_chunks = '".mysql_escape_string($validated_chunks)."' WHERE md5_hash = '".mysql_escape_string($h)."'");
-       }
-}
-
-function read_config($path, $filename) {
-       if (is_file($path."/".$filename.".InProgress")) {
-               $config_handle = fopen($path."/".$filename.".InProgress", "r");
-               $conf_path=$path."/".$filename.".InProgress";
-       } elseif (is_file($path."/".$filename.".Completed" )) {
-               $config_handle = fopen($path."/".$filename.".Completed", "r");
-               $conf_path=$path."/".$filename.".Completed";
-       } elseif (is_file($path."/".$filename.".Starting" )) {
-               $config_handle = fopen($path."/".$filename.".Starting", "r");
-               $conf_path=$path."/".$filename.".Starting";
-       } elseif (is_file($path."/".$filename.".Processed" )) {
-               $config_handle = fopen($path."/".$filename.".Processed", "r");
-               $conf_path=$path."/".$filename.".Processed";
-       } else {
-               return "Not Found";
-       }
-       $config_content = fread($config_handle, filesize($conf_path));
-       fclose($config_handle);
-       $config = explode("\n", $config_content);
-
-       return $config;
-//             print_r($config);
-/*             $file_count = $config[5];
-               $last=1;
-    for ($i=1; $i<=$file_count; $i++)
-    {
-       $file_part = $path."/SQ".zfill($i,6)."-".$filename;
-       if (is_file($file_part))
-       {
-
-        $handle = fopen($file_part, "rb");
-        $size_this = filesize($file_part);
-                               //$stats[$i]=round((100/$config[4])*$size_this)."%";
-                               if ((($size_this==$config[4] && ($last+1)==$i) )|| $i == $config[5]) {
-                                       $merged_file.=fread($handle, filesize($file_part));
-                                       $last = $i;
-                               }
-        fclose($handle);
-       }
-     }
-     return $merged_file;
-     */
-}
-
-function print_files($path, $filename, $tovar=false) {
-       if (strpos($path, './uploads/ftp')) {
-               $filestring = $path.'/'.$filename;
-               if (is_file($filestring)) {
-                       $handle = fopen($filestring, "rb");
-                       while (!feof($handle))
-                       {
-                               print(fread($handle, 1024));
-                               ob_flush();
-                               flush();
-                       }
-               }
-       } else {
-               if (is_file($path."/".$filename.".InProgress")) {
-                       $config_handle = fopen($path."/".$filename.".InProgress", "r");
-                       $conf_path=$path."/".$filename.".InProgress";
-               } elseif (is_file($path."/".$filename.".Completed" )) {
-                       $config_handle = fopen($path."/".$filename.".Completed", "r");
-                       $conf_path=$path."/".$filename.".Completed";
-               } elseif (is_file($path."/".$filename.".Starting" )) {
-                       $config_handle = fopen($path."/".$filename.".Starting", "r");
-                       $conf_path=$path."/".$filename.".Starting";
-               } elseif (is_file($path."/".$filename.".Processed" )) {
-                       $config_handle = fopen($path."/".$filename.".Processed", "r");
-                       $conf_path=$path."/".$filename.".Processed";
-               } else{
-                       return "Not Found";
-               }
-               $config_content = fread($config_handle, filesize($conf_path));
-               fclose($config_handle);
-               $config = explode("\n",$config_content);
-//             print_r($config);
-               $file_count = $config[5];
-               $last = 0;
-               $last_part_size = ( $config[3] - ( ( $config[5] -1 ) * $config[4] ) );
-               for ($i=0;$i<=$file_count;$i++)
-               {
-                       $file_part = $path."/SQ".zfill($i,6)."-".$filename;
-                       if (!is_file($file_part))
-                               $file_part = $path."/SQ".zfill($i,3)."-".$filename;
-                       if (is_file($file_part))
-                       {
-                               $handle = fopen($file_part, "rb");
-                               $size_this = filesize($file_part);
-                               if ( ( ( $size_this==$config[4] ) && ( ($last+1)==$i ) ) || ( ( $i == $config[5] ) && ( $size_this==$last_part_size ) && ( ($last+1)==$i ) ) ) {
-                                       if ($tovar) {
-                                               $merged_file.=fread($handle, $size_this);
-                                               $last = $i;
-                                       } else {
-                                               while (!feof($handle))
-                                               {
-                                                       print(fread($handle, 4096));
-                                               #       @ob_flush();
-                                               #       @flush();
-                                               }
-                                               $last = $i;
-                                       }
-                               }
-                               fclose($handle);
-                       }
-               }
-               if ($tovar)
-                       return $merged_file;
-       }
-}
-
-function check_md5($h) {
-       $return = false;
-       $config = $this->configs[$h];
-       $var = $this->print_files($config['path'], $config[2], true);
-       $hash = md5($var);
-       if ($hash==$config[6])
-               $return=true;
-
-       return $return;
-}
-
-function file_crc($file_string) {
-       //$file_string = file_get_contents($file);
-
-       $crc = crc32($file_string);
-       return sprintf("%u\n", $crc);
-}
-
-function file_crc_debug($file) {
-       $file_string = file_get_contents($file);
-
-       $crc = crc32($file_string);
-       return sprintf("%u\n", $crc);
-}
-
-function delete_file($h, $s) {
-       $request = $this->get_config($h);
-       $filepath=$request['path'].'/'.$request[2];
-       if (strpos($request['path'], './uploads/ftp')) {
-               #remove file
-               if (is_file($filepath))
-                       @unlink($filepath);
-               if (is_file($filepath.'.hidden'))
-                       @unlink($filepath.'.hidden');
-       } else {
-               #remove fileparts
-               for ($i=0;$i<=$request[5];$i++) {
-                       $part_six   = $request['path']."/SQ".zfill($i,6)."-".$request[2];
-                       $part_three = $request['path']."/SQ".zfill($i,3)."-".$request[2];
-                       if (is_file($part_six))
-                               @unlink($part_six);
-                       if (is_file($part_three))
-                               @unlink($part_six);
-               }
-               #remove config file
-               if (is_file($request['path'].'/'.$request[2].'.hidden'))        @unlink($request['path'].'/'.$request[2].'.hidden');
-               if (is_file($request['path'].'/'.$request[2].'.Completed'))     @unlink($request['path'].'/'.$request[2].'.Completed');
-               if (is_file($request['path'].'/'.$request[2].'.InProgress'))@unlink($request['path'].'/'.$request[2].'.InProgress');
-               if (is_file($request['path'].'/'.$request[2].'.Processed'))     @unlink($request['path'].'/'.$request[2].'.Processed');
-               if (is_file($request['path'].'/'.$request[2].'.Starting'))      @unlink($request['path'].'/'.$request[2].'.Starting');
-       }
-
-       #Update DB
-       $q = "DELETE FROM file_hash WHERE file_hash = '".mysql_escape_string($h)."'";
-       mysql_query($q);
-       $q = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','delete',".(int)$s['user_id'].",'".mysql_escape_string($s['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())";
-       mysql_query($q);
-
-       #Send debug mail
-       $m_name = $s['user_name'];
-       $m_subject = "Squasher Debug: File Deleted by {$m_name}";
-       $m_body = "File Deleted: \n Requested by: {$m_name} \n File: {$filepath}";
-       mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
-}
-
-function show_files() {
-
-       $path = "./uploads/";
-
-       if ($dir = opendir($path)) {
-               $i = 1;
-               $last = 1;
-               $files = array();
-               $files_merged = array();
-               while (false !== ($file = readdir($dir)))
-               {
-                       if (($file !== ".") && ($file !== ".."))
-                       {
-                               $filename = $path.$file;
-                               $handle = fopen($filename, "rb");
-                               $size_this = filesize($filename);
-                               if ($i==1)
-                                       $size_first = $size_this;
-                               $filecontent = fread($handle, filesize($filename));
-                               $files[$i++] = $filename;
-                               $files_merged[$file_base][]=$filename;
-                               fclose($handle);
-                       }
-               }
-       }
-       echo "<pre>";
-       print_r($files);
-       print_r($files_merged);
-       echo "</pre>";
-}
-
-function set_mime($filename) {
-       $ext_arr = explode('.', $filename);
-       $ext = strtolower(array_pop($ext_arr));
-       switch($ext) {
-               case 'avi':
-                       $mime = 'video/avi';
-                       break;
-               case 'mpeg':
-               case 'mpg':
-                       $mime = 'video/mpeg';                                   //MPEG Video
-                       break;
-               case 'exe':
-               case 'bat':
-               case 'doc':
-               case 'xls':
-                       $mime = 'application/octet-stream';
-                       break;
-               case 'gif':
-                       $mime = 'image/gif';                                    //GIF Image
-                       break;
-               case 'jpg':
-               case 'jpeg':
-                       $mime = 'image/jpeg';                                   //JPEG Image
-                       break;
-               case 'png':
-                       $mime = 'image/png';                                    //PNG Image
-                       break;
-               case 'wav':
-               case 'wave':
-                       $mime = 'audio/wav';                                    //WAV Audio
-                       break;
-               case 'mp3':
-                       $mime = 'audio/mpeg';                                   //MP3 Audio
-                       break;
-               case 'mov':
-                       $mime = 'video/mov';                                    //Quicktime Video
-                       break;
-               case 'wmv':
-                       $mime = 'video/x-ms-wmv';                       //Windows WMV video
-                       break;
-               case 'wma':
-                       $mime = 'audio/x-ms-wma';                       //Windows WMA audio
-                       break;
-               case 'rm':
-                       $mime = 'audio/x-realaudio';    //RealPlayer Audio/Video (.rm)
-                       break;
-               case 'ram':
-                       $mime = 'audio/x-pn-realaudio'; //RealPlayer Audio/Video (.ram)
-                       break;
-               case 'pdf':
-                       $mime = 'application/pdf';              //PDF Document
-                       break;
-               case 'doc':
-                       $mime = 'application/msword';   //MS Word .doc file
-                       break;
-               case 'zip':
-                       $mime = 'application/zip';              //Zip File
-                       break;
-               default:
-                       $mime = 'application/octet-stream';
-                       break;
-       }
-       //$return['mime']=$mime;
-       //$return['ext']=$ext;
-
-       return $mime;
-}
-
-}
-// vim: syntax=php ts=4 sw=4 sts=4 sr noet
-?>
diff --git a/squasher.php b/squasher.php
deleted file mode 100644 (file)
index 7bf49ac..0000000
+++ /dev/null
@@ -1,277 +0,0 @@
-<?php
-if (!$_SESSION['creds']['validated'] && !isset($_GET['f']))
-       exit();
-
-require_once("squasher.class.php");
-
-$squashweb = new squashweb();
-
-$squashweb->update_history();
-
-//set root directory
-$basedir = "../uploads";
-if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1) {
-       $subf = $_GET['path'];
-       $path = $basedir . $subf;
-} else {
-       $subf = '/';
-       $path = $basedir;
-}
-
-$squashweb->set_root($basedir);
-
-if (@$_GET['f'] || @$_GET['tools']=='hide' || @$_GET['tools']=='unhide' || @$_GET['tools']=='delete') {
-       $getdeepfiles=true;
-       $populate=false;
-} else {
-       $getdeepfiles=false;
-       $populate=true;
-}
-
-//update folder rights if form is posted
-if (@$_POST['edited_user'] > 0 && @$_POST['formtype'] == 'folderrights')
-       $squashweb->update_rights($_POST['edited_user'], $_POST['m'], $_SESSION['creds']['user_level']);
-
-//set folder rights
-if (@$_GET['f']) {
-       $squashweb->give_rights(2);
-} else {
-       $squashweb->give_rights($_SESSION['creds']['user_id']);
-}
-
-if (@$_GET['f']) {
-       $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($_GET['f'])."'";
-       $f_r = mysql_query($f_q);
-       $f_o = mysql_fetch_object($f_r);
-
-       //log downloads
-       @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($_GET['f'])."','".mysql_escape_string($f_o->file)."','download','".mysql_escape_string($_SESSION['creds']['user_id'])."','".mysql_escape_string($_SESSION['creds']['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())");
-
-       $_hpath_arr=explode("/", $f_o->file);
-       $file=array_pop($_hpath_arr); //Remove filename
-       $path=implode("/", $_hpath_arr);
-       $squashweb->read_single_file($path, $file);
-       #$squashweb->read_directory($path, false, true, false, false);
-} else {
-       //parse folders for readable files
-       $squashweb->read_directory($path, true, true, $getdeepfiles, $populate);
-}
-
-//check if a file is requested
-if (@$_GET['f']) {
-       //get the config of requested file
-       $request = $squashweb->get_config($_GET['f']);
-
-       //show requested file
-       #header('Cache-control: private');
-       header('Content-Disposition: attachment; filename="'.$request[2].'"');
-       header("Content-Type: ".$request['mime']);
-       if ($request[3])
-               header('Content-Length: '.$request[3]);
-       #@ob_flush();
-       @flush();
-       $squashweb->print_files($request['path'], $request[2]);
-
-} elseif (@$_GET['tools']=="hide" && @$_GET['h']) {
-       if ($_SESSION['creds']['user_level'] > 99) {
-               $request = $squashweb->get_config($_GET['h']);
-               $handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x');
-               fwrite($handle, 'hidden by '.$_SESSION['creds']['user_name']);
-               fclose($handle);
-               $path=substr($request['path'], strlen($basedir));
-               header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
-       }
-} elseif (@$_GET['tools']=="unhide" && isset($_GET['h'])) {
-       if ($_SESSION['creds']['user_level'] > 99) {
-               $request = $squashweb->get_config($_GET['h']);
-               @unlink($request['path'].'/'.$request[2].'.hidden');
-               $path=substr($request['path'], strlen($basedir));
-               header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
-       }
-} elseif (@$_GET['tools']=="delete" && isset($_GET['h'])) {
-       if ($_SESSION['creds']['user_level'] > 99) {
-               if ($_GET['h'] == "multiple") {
-                       $h_post = $_POST['h'];
-                       foreach ($h_post as $h_key => $h) {
-                               $request = $squashweb->get_config($h);
-                               $squashweb->delete_file($h, $_SESSION['creds']);
-                       }
-               } else {
-                       $h = $_GET['h'];
-                       $request = $squashweb->get_config($h);
-                       $squashweb->delete_file($h, $_SESSION['creds']);
-               }
-               $path=substr($request['path'], strlen($basedir));
-               header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
-       }
-
-} elseif (@$_POST['tools']=="mkdir" && isset($_GET['path']) && isset($_POST['newname']) && $_SESSION['creds']['user_level'] > 99) {
-       $path = $_GET['path'];
-       $newname = $_POST['newname'];
-       $subs = explode('/', $path);
-       if (in_array('..', $subs))
-               die(); // Hard fails when trying to play above basedir
-       if ($squashweb->got_rights_array_admin($path) > 0) {
-               umask(002); // don't remove g+w
-               mkdir($basedir.'/'.$path.'/'.$newname);
-       }
-       header( 'Location: ?path='.$path.'/'.$newname) ;
-       
-} elseif (@$_POST['tools']=="rmdir" && isset($_GET['path']) && $_SESSION['creds']['user_level'] > 99) {
-       $path = $_GET['path'];
-       $subs = explode('/', $path);
-       if (in_array('..', $subs))
-               die(); // Hard fails when trying to play above basedir
-       if ($squashweb->got_rights_array_admin($path) > 0) {
-               rmdir($basedir.$path);
-       }
-       array_pop($subs);
-       $path=implode("/", $subs);
-       header( 'Location: ?path='.$path) ;
-       
-} elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) {
-
-       $smarty = get_smarty();
-
-       $smarty->assign('user_level', $_SESSION['creds']['user_level']);
-       $smarty->assign('user_name', $_SESSION['creds']['user_name']);
-       $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
-
-       $smarty->assign('edited_user', @$_GET['user']);
-
-       $tree = $squashweb->show_rights_tree($path, 0, @$_GET['user']);
-
-       $smarty->assign('style', $tree['style']);
-       $smarty->assign('layout', $tree['layout']);
-
-       $smarty->assign('debug', @$_GET['debug']);
-       $smarty->assign('folderrights', $squashweb->folderrights());
-       $smarty->assign('userrights', $squashweb->userrights());
-       $smarty->display('admin.tpl');
-
-} elseif (@$_GET['tools']=='users' && $_SESSION['creds']['user_level'] > 100) {
-       $type = @$_POST['type'];
-       if ($type=="update")
-               $squashweb->update_users($_POST['u']);
-       if ($type=="disable")
-               $squashweb->disable_users($_POST['u']);
-       if ($type=="delete")
-               $squashweb->remove_users($_POST['u']);
-       if ($type=="new")
-               $squashweb->insert_users($_POST['u'], $_SESSION['creds']['user_level']);
-       $smarty = get_smarty();
-
-       $smarty->assign('user_level', $_SESSION['creds']['user_level']);
-       $smarty->assign('user_name', $_SESSION['creds']['user_name']);
-       $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
-
-       if ($_SESSION['creds']['user_level'] > 199) {
-               $smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) );
-       } else {
-               $smarty->assign('user_levels', array(55 => 'user' ) );
-       }
-       $smarty->assign('debug', @$_GET['debug']);
-
-       $smarty->display('udmin.tpl');
-
-} elseif (@$_GET['tools']=='logs' && $_SESSION['creds']['user_level'] > 100) {
-       $logtype=@$_GET['logtype'];
-       if (!$logtype)
-               $logtype = 'all';
-
-       $smarty = get_smarty();
-
-       $smarty->assign('user_level', $_SESSION['creds']['user_level']);
-       $smarty->assign('user_name', $_SESSION['creds']['user_name']);
-       $smarty->assign('logtype', $logtype);
-       $smarty->assign('logs', $squashweb->get_logs($logtype));
-
-       $smarty->assign('debug', @$_GET['debug']);
-       $smarty->display('logs.tpl');
-
-} else {
-       //show overview
-
-       $smarty = get_smarty();
-       /***
-       *       $config:: array
-       *       [0]     ->      versioncode
-       *       [1]     ->      date&time
-       *       [2]     ->      filename
-       *       [3]     ->      filesize
-       *       [4]     ->      chunksize
-       *       [5]     ->      chunkcount
-       *       [6]     ->      CRC32 checksum
-       ***/
-
-       $configs_num = $squashweb->get_configs();
-
-       $configs_sorted = named_records_sort($configs_num, 'lastchange', true);
-
-       $configs = array();
-       $paths = array();
-
-       foreach ($configs_sorted as $key => $value) {
-               $configs[$key]['squashed'] = $value['squashed'];
-               $configs[$key]['version'] = $value[0];
-               //$configs[$key]['date'] = $value[1]; //removed because user local creation date is irrelevant
-               $configs[$key]['name'] = $value[2];
-               $configs[$key]['size'] = $value[3];
-               $configs[$key]['chunk_size'] = $value[4];
-               $configs[$key]['chunks'] = $value[5];
-               $configs[$key]['crc'] = $value[6];
-               $paths[substr($value['path'], strlen($basedir))]=array_pop(explode('/',$value['path']));
-               (strpos($value['mime'],'ideo')) ? $embedable=true : $embedable=false;
-               (@array_sum($value['stats']) == $value[5]) ? $finished=true : $finished=false;
-
-               $configs[$key]['embedable'] = $embedable;
-               $configs[$key]['finished'] = $finished;
-               $configs[$key]['mime'] = $value['mime'];
-               $configs[$key]['status'] = $value['status'];
-               $configs[$key]['hidden'] = $value['hidden'];
-               $configs[$key]['chunks_finished'] = @array_sum($value['stats']);
-               if ($finished) {
-                       $configs[$key]['chunks_partial'] = $configs[$key]['chunks_finished'];
-               } else {
-                       $continue = true;
-                       foreach($value['stats'] as $sk => $sv) {
-                               if ($continue) {
-                                       $configs[$key]['chunks_partial'] = $configs[$key]['chunks_partial']+$sv;
-                                       if ($sv != '1.00') $continue=false;
-                               }
-                       }
-               }
-               $configs[$key]['date'] = date('d.m.y - H:i:s - T', $value['added']);
-               $configs[$key]['lastchange'] = date('d.m.y - H:i:s - T', $value['lastchange']);
-       }
-
-
-       //set base folders
-       $basepath['/'] = 'top';
-       $bpath = '';
-       foreach (explode('/', $subf) as $key => $value) {
-               if ($value != '') {
-                       $bpath .= '/'.$value;
-                       $basepath[$bpath] = $value;
-               }
-       }
-       $smarty->assign('debug', @$_GET['debug']);
-       $smarty->assign('user_level', $_SESSION['creds']['user_level']);
-       $smarty->assign('user_name', $_SESSION['creds']['user_name']);
-       $smarty->assign('folderrights', $squashweb->folderrights());
-
-       $smarty->assign('squashed', $configs);
-       $smarty->assign('paths', $paths);
-       $smarty->assign('base', $basepath);
-       $smarty->assign('currentfolder', $subf);
-       $subs = $squashweb->subfolders();
-       if ($subs)
-               asort($subs);
-       $smarty->assign('subfolders', $subs);
-
-       //if(@$_GET[debug]) print_r($configs);
-       $smarty->display('index.tpl'); //Display normal template
-
-}
-// vim: syntax=php ts=4 sw=4 sts=4 sr noet
-?>
diff --git a/webroot/config.php.example b/webroot/config.php.example
new file mode 100644 (file)
index 0000000..d167423
--- /dev/null
@@ -0,0 +1,31 @@
+<?php
+
+DEFINE('SQUASHER_DB_HOST', '127.0.0.1'); // Ip address of the mysql server
+DEFINE('SQUASHER_DB_USER', 'squasher'); // Username for the database
+DEFINE('SQUASHER_DB_PASSWORD', 'squasher'); // Password for the database
+DEFINE('SQUASHER_DB_DATABASE', 'squasher'); // Mysql database name
+
+// Location of the smarty library
+// Use 'smarty/Smarty.class.php' for relative directory 'smarty/'
+// Use 'smarty3/Smarty.class.php' if you installed package smarty3
+DEFINE('SQUASHER_SMARTY_SOURCE', 'smarty3/Smarty.class.php');
+
+// Location of the smarty templates
+DEFINE('SQUASHER_SMARTY_TEMPLATES', '../templates');
+
+// Location of the smarty compiled templates
+DEFINE('SQUASHER_SMARTY_TEMPLATES_C', '../templates_c');
+
+// Location of the smarty cache
+DEFINE('SQUASHER_SMARTY_CACHE', '../cache');
+
+
+// start session
+session_start();
+
+//connect to db
+$link_db = mysql_connect(SQUASHER_DB_HOST, SQUASHER_DB_USER, SQUASHER_DB_PASSWORD);
+mysql_select_db(SQUASHER_DB_DATABASE, $link_db);
+
+// vim: syntax=php ts=4 sw=4 sts=4 sr noet
+?>
diff --git a/webroot/css/squasher.css b/webroot/css/squasher.css
new file mode 100644 (file)
index 0000000..52a7ebe
--- /dev/null
@@ -0,0 +1,315 @@
+body {
+       background-color:#E2EBD8;
+       font-family:Arial Narrow;
+       font-size:16px;
+}
+
+.wrappercontainer {
+       width: 1000px;
+       margin: 10px auto;
+       border:5px solid;
+       border-color:#FFFFFF;
+       color:#003300;
+       background: #FFFFFF;
+}
+
+/* top banner */
+.banner {
+       background-color:#66CC00;
+       width:100%;
+       height:45px;
+       background:#66CC00 url(../img/squash.gif) no-repeat 30px 50%;
+}
+
+/* Top right list of links, inside banner */
+.control {
+       float:right;
+       text-align:right;
+       margin: 2px;
+}
+
+/* A menucontainer can hold several menu lines */
+.menucontainer {
+       margin-top:10px;
+       margin-bottom:10px;
+}
+
+.menu {
+       clear:left;
+}
+
+/* menus div contains:
+ - div.menuhead
+ - a
+ - a.selected */
+.menu .menuhead, .menu a {
+       float:left;
+       margin:1px;
+       padding:3px 8px;
+       border:1px solid;
+}
+
+.menu .menuhead {
+       background-color:#66CC00;
+       color:#003300;
+       border-color:#66CC00;
+}
+
+.menu a {
+       background-color:#C7F09E;
+       color:#003300;
+       border-color:#E2EBD8;
+       text-decoration:none;
+}
+
+.menu a:hover, .menu a.selected {
+       background-color:#339900;
+       color:#FFFFFF;
+       border-color:#E2EBD8;
+}
+
+.menu a.tool {
+       background:inherit;
+       border:inherit;
+       text-decoration:underline;
+       color:inherit;
+       margin-left: 40px;
+       font-size: 12px;
+       padding-top: 5px;
+       padding-bottom: 1px;
+}
+.menu a.tool:hover {
+       color:#FF6600;
+}
+
+/* main content container */
+.content {
+       clear:left;
+       margin-top:10px;
+       float:left;
+       padding-right:5px;
+       width:600px;
+}
+
+/* misc */
+.bottomimage {
+       background: #FFFFFF url(../img/gp1.gif) no-repeat 95% 95%;
+       clear:both;
+       float:right;
+       width:300px;
+       height:146px;
+}
+
+.footer {
+       clear:both;
+       margin-top:10px;
+       background-color:#66CC00;
+       text-align:center;
+       background:#66CC00 url(../img/gplogobottomright.gif) no-repeat 100%;
+}
+
+.clear {
+       clear:both;
+}
+
+a {
+       color:#003300;
+}
+
+a:hover {
+       color:#FF6600;
+}
+
+/* These are used by logs : */
+table.log {
+       border-spacing:0;
+       spacing:0;
+       padding:0;
+       width:1000px;
+       background-color:#C7F09E;
+}
+
+tr.logentry_header {
+       background-color:#339900;
+       color:#FFFFFF;
+       border:1px solid;
+       border-color:#C7F09E;
+       text-align:center;
+}
+
+tr.logentry_download, tr.logentry_delete, tr.logentry_login, tr.logentry_empty {
+       background-color:#C7F09E;
+       color:#003300;
+       margin:1px;
+       border:1px solid;
+       border-color:#C7F09E;
+}
+
+tr.logentry_empty {
+       text-align:center;
+}
+
+tr.logentry_download:hover, tr.logentry_delete:hover, tr.logentry_login:hover {
+       background-color:#339900;
+       color:#FFFFFF;
+}
+
+/* there are used on index, for each file block : */
+.item, .status1, .status2, .status3 {
+       position:relative;
+       color:#003300;
+       width:600px;
+       border:2px solid;
+       border-color:#FFFFFF;
+       font-size:12px;
+}
+
+.item {
+       background-color:#E2EBD8;
+}
+.status1 {
+       background-color:#FFCCCC;
+}
+.status2 {
+       background-color:#FFFFCC;
+}
+.status3 {
+       background-color:#CCFFCC;
+}
+
+/* name of the file: */
+.name {
+       float:left;
+       left:1px;
+       top:1px;
+       padding-left:1px;
+       z-index:50;
+}
+
+/* size of the file */
+.size {
+       float:right;
+       padding-left:2px;
+       padding-right:3px;
+}
+
+/* date the file was added */
+.added {
+       float:left;
+       padding-left:2px;
+       padding-right:3px;
+}
+
+/* date the file was lasy updated */
+.updated {
+       float:left;
+       padding-left:2px;
+       padding-right:3px;
+}
+
+/* file status (Completed, ...) */
+.status {
+       float:right;
+       top:1px;
+       padding-right:2px;
+       text-align:right;
+       z-index:10;
+}
+
+/* download (partial) link */
+.stream {
+       float:right;
+       padding-left:1px;
+       padding-right:2px;
+}
+
+/* download link */
+.download {
+       float:right;
+       padding-left:1px;
+       padding-right:2px;
+}
+
+/* index mass delete */
+.massdelete {
+       /*position:absolute;*/
+       /*bottom:0;*/
+       float:right;
+       width:300px;
+       /*height:146px;*/
+}
+
+.deletebox {
+       /*visibility: hidden;*/
+}
+
+/* index mass delete wrapper for right column */
+.filler {
+       position:relative;
+       float:right;
+       width:300px;
+       #height:500px;
+}
+
+
+/* users: user list/form wrapper */
+.white_border {
+       clear:both;
+       float:left;
+       border-top:0px solid #FFFFFF;
+       border-bottom:0px solid #FFFFFF;
+}
+
+/* access tool */
+.check_all, .check_allow, .check_deny {
+       float:right;
+       height:20px;
+}
+
+.sample_all, .sample_allow, .sample_deny {
+       float:left;
+       height:20px;
+}
+
+.check_all, .sample_all {
+       background-color:#AAEEAA;
+}
+
+.check_allow, .sample_allow {
+       background-color:#EEEEAA;
+}
+
+.check_deny, .sample_deny {
+       background-color:#EEAAAA;
+}
+
+/* login page */
+
+.login {
+       width:480px;
+       float:none;
+       display:inline-block;
+       border:1px solid #003300;
+       background-color:#C7F09E;
+       margin:100px;
+       padding:10px;
+       text-align:center;
+}
+
+.login input {
+       width:100%;
+       color:#003300;
+       margin: 10px 10px;
+}
+
+.login button {
+       border:1px solid #003300;
+       margin: 10px;
+       padding:3px 8px;
+       background:#66CC00;
+}
+
+.login button:hover {
+       background-color:#339900;
+       color:#ffffff;
+}
diff --git a/webroot/img/gp1.gif b/webroot/img/gp1.gif
new file mode 100644 (file)
index 0000000..f4982da
Binary files /dev/null and b/webroot/img/gp1.gif differ
diff --git a/webroot/img/gplogobottomright.gif b/webroot/img/gplogobottomright.gif
new file mode 100644 (file)
index 0000000..29ec0ef
Binary files /dev/null and b/webroot/img/gplogobottomright.gif differ
diff --git a/webroot/img/squash.gif b/webroot/img/squash.gif
new file mode 100644 (file)
index 0000000..6744ceb
Binary files /dev/null and b/webroot/img/squash.gif differ
diff --git a/webroot/img/tree-folder.gif b/webroot/img/tree-folder.gif
new file mode 100644 (file)
index 0000000..4ed9c2a
Binary files /dev/null and b/webroot/img/tree-folder.gif differ
diff --git a/webroot/img/tree-line.gif b/webroot/img/tree-line.gif
new file mode 100644 (file)
index 0000000..b59b20d
Binary files /dev/null and b/webroot/img/tree-line.gif differ
diff --git a/webroot/index.php b/webroot/index.php
new file mode 100644 (file)
index 0000000..372fcd7
--- /dev/null
@@ -0,0 +1,33 @@
+<?php
+
+require_once("config.php");
+
+require_once("squasher.class.php");
+
+$salt = md5($_SERVER['REMOTE_ADDR']."|".$_SERVER['HTTP_USER_AGENT']);
+
+if (@$_GET['tools']=="logout"){
+       session_destroy();
+       $_SESSION['creds']['validated'] = false;
+       header( 'Location: '.$_SERVER['PHP_SELF'] ) ;
+}
+
+if (!@$_SESSION['creds']['validated']){
+       validate_user(@$_POST['user'], @$_POST['pass'], $salt);
+}
+
+if ($_SESSION['creds']['validated'] || @$_GET['f']) {
+//if ($_SESSION['creds']['validated']){
+       //load squasher
+       include("squasher.php");
+} else {
+       //show login
+
+       $smarty = get_smarty();
+
+       $smarty->assign('salt', $salt);
+       $smarty->assign('debug', @$_GET['debug']);
+       $smarty->display('login.tpl');
+}
+// vim: syntax=php ts=4 sw=4 sts=4 sr noet
+?>
diff --git a/webroot/js/md5.js b/webroot/js/md5.js
new file mode 100644 (file)
index 0000000..46d2aab
--- /dev/null
@@ -0,0 +1,256 @@
+/*
+ * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
+ * Digest Algorithm, as defined in RFC 1321.
+ * Version 2.1 Copyright (C) Paul Johnston 1999 - 2002.
+ * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
+ * Distributed under the BSD License
+ * See http://pajhome.org.uk/crypt/md5 for more info.
+ */
+
+/*
+ * Configurable variables. You may need to tweak these to be compatible with
+ * the server-side, but the defaults work in most cases.
+ */
+var hexcase = 0;  /* hex output format. 0 - lowercase; 1 - uppercase        */
+var b64pad  = ""; /* base-64 pad character. "=" for strict RFC compliance   */
+var chrsz   = 8;  /* bits per input character. 8 - ASCII; 16 - Unicode      */
+
+/*
+ * These are the functions you'll usually want to call
+ * They take string arguments and return either hex or base-64 encoded strings
+ */
+function hex_md5(s){ return binl2hex(core_md5(str2binl(s), s.length * chrsz));}
+function b64_md5(s){ return binl2b64(core_md5(str2binl(s), s.length * chrsz));}
+function str_md5(s){ return binl2str(core_md5(str2binl(s), s.length * chrsz));}
+function hex_hmac_md5(key, data) { return binl2hex(core_hmac_md5(key, data)); }
+function b64_hmac_md5(key, data) { return binl2b64(core_hmac_md5(key, data)); }
+function str_hmac_md5(key, data) { return binl2str(core_hmac_md5(key, data)); }
+
+/*
+ * Perform a simple self-test to see if the VM is working
+ */
+function md5_vm_test()
+{
+  return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72";
+}
+
+/*
+ * Calculate the MD5 of an array of little-endian words, and a bit length
+ */
+function core_md5(x, len)
+{
+  /* append padding */
+  x[len >> 5] |= 0x80 << ((len) % 32);
+  x[(((len + 64) >>> 9) << 4) + 14] = len;
+
+  var a =  1732584193;
+  var b = -271733879;
+  var c = -1732584194;
+  var d =  271733878;
+
+  for(var i = 0; i < x.length; i += 16)
+  {
+    var olda = a;
+    var oldb = b;
+    var oldc = c;
+    var oldd = d;
+
+    a = md5_ff(a, b, c, d, x[i+ 0], 7 , -680876936);
+    d = md5_ff(d, a, b, c, x[i+ 1], 12, -389564586);
+    c = md5_ff(c, d, a, b, x[i+ 2], 17,  606105819);
+    b = md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330);
+    a = md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897);
+    d = md5_ff(d, a, b, c, x[i+ 5], 12,  1200080426);
+    c = md5_ff(c, d, a, b, x[i+ 6], 17, -1473231341);
+    b = md5_ff(b, c, d, a, x[i+ 7], 22, -45705983);
+    a = md5_ff(a, b, c, d, x[i+ 8], 7 ,  1770035416);
+    d = md5_ff(d, a, b, c, x[i+ 9], 12, -1958414417);
+    c = md5_ff(c, d, a, b, x[i+10], 17, -42063);
+    b = md5_ff(b, c, d, a, x[i+11], 22, -1990404162);
+    a = md5_ff(a, b, c, d, x[i+12], 7 ,  1804603682);
+    d = md5_ff(d, a, b, c, x[i+13], 12, -40341101);
+    c = md5_ff(c, d, a, b, x[i+14], 17, -1502002290);
+    b = md5_ff(b, c, d, a, x[i+15], 22,  1236535329);
+
+    a = md5_gg(a, b, c, d, x[i+ 1], 5 , -165796510);
+    d = md5_gg(d, a, b, c, x[i+ 6], 9 , -1069501632);
+    c = md5_gg(c, d, a, b, x[i+11], 14,  643717713);
+    b = md5_gg(b, c, d, a, x[i+ 0], 20, -373897302);
+    a = md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691);
+    d = md5_gg(d, a, b, c, x[i+10], 9 ,  38016083);
+    c = md5_gg(c, d, a, b, x[i+15], 14, -660478335);
+    b = md5_gg(b, c, d, a, x[i+ 4], 20, -405537848);
+    a = md5_gg(a, b, c, d, x[i+ 9], 5 ,  568446438);
+    d = md5_gg(d, a, b, c, x[i+14], 9 , -1019803690);
+    c = md5_gg(c, d, a, b, x[i+ 3], 14, -187363961);
+    b = md5_gg(b, c, d, a, x[i+ 8], 20,  1163531501);
+    a = md5_gg(a, b, c, d, x[i+13], 5 , -1444681467);
+    d = md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784);
+    c = md5_gg(c, d, a, b, x[i+ 7], 14,  1735328473);
+    b = md5_gg(b, c, d, a, x[i+12], 20, -1926607734);
+
+    a = md5_hh(a, b, c, d, x[i+ 5], 4 , -378558);
+    d = md5_hh(d, a, b, c, x[i+ 8], 11, -2022574463);
+    c = md5_hh(c, d, a, b, x[i+11], 16,  1839030562);
+    b = md5_hh(b, c, d, a, x[i+14], 23, -35309556);
+    a = md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060);
+    d = md5_hh(d, a, b, c, x[i+ 4], 11,  1272893353);
+    c = md5_hh(c, d, a, b, x[i+ 7], 16, -155497632);
+    b = md5_hh(b, c, d, a, x[i+10], 23, -1094730640);
+    a = md5_hh(a, b, c, d, x[i+13], 4 ,  681279174);
+    d = md5_hh(d, a, b, c, x[i+ 0], 11, -358537222);
+    c = md5_hh(c, d, a, b, x[i+ 3], 16, -722521979);
+    b = md5_hh(b, c, d, a, x[i+ 6], 23,  76029189);
+    a = md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487);
+    d = md5_hh(d, a, b, c, x[i+12], 11, -421815835);
+    c = md5_hh(c, d, a, b, x[i+15], 16,  530742520);
+    b = md5_hh(b, c, d, a, x[i+ 2], 23, -995338651);
+
+    a = md5_ii(a, b, c, d, x[i+ 0], 6 , -198630844);
+    d = md5_ii(d, a, b, c, x[i+ 7], 10,  1126891415);
+    c = md5_ii(c, d, a, b, x[i+14], 15, -1416354905);
+    b = md5_ii(b, c, d, a, x[i+ 5], 21, -57434055);
+    a = md5_ii(a, b, c, d, x[i+12], 6 ,  1700485571);
+    d = md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606);
+    c = md5_ii(c, d, a, b, x[i+10], 15, -1051523);
+    b = md5_ii(b, c, d, a, x[i+ 1], 21, -2054922799);
+    a = md5_ii(a, b, c, d, x[i+ 8], 6 ,  1873313359);
+    d = md5_ii(d, a, b, c, x[i+15], 10, -30611744);
+    c = md5_ii(c, d, a, b, x[i+ 6], 15, -1560198380);
+    b = md5_ii(b, c, d, a, x[i+13], 21,  1309151649);
+    a = md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070);
+    d = md5_ii(d, a, b, c, x[i+11], 10, -1120210379);
+    c = md5_ii(c, d, a, b, x[i+ 2], 15,  718787259);
+    b = md5_ii(b, c, d, a, x[i+ 9], 21, -343485551);
+
+    a = safe_add(a, olda);
+    b = safe_add(b, oldb);
+    c = safe_add(c, oldc);
+    d = safe_add(d, oldd);
+  }
+  return Array(a, b, c, d);
+
+}
+
+/*
+ * These functions implement the four basic operations the algorithm uses.
+ */
+function md5_cmn(q, a, b, x, s, t)
+{
+  return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s),b);
+}
+function md5_ff(a, b, c, d, x, s, t)
+{
+  return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t);
+}
+function md5_gg(a, b, c, d, x, s, t)
+{
+  return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t);
+}
+function md5_hh(a, b, c, d, x, s, t)
+{
+  return md5_cmn(b ^ c ^ d, a, b, x, s, t);
+}
+function md5_ii(a, b, c, d, x, s, t)
+{
+  return md5_cmn(c ^ (b | (~d)), a, b, x, s, t);
+}
+
+/*
+ * Calculate the HMAC-MD5, of a key and some data
+ */
+function core_hmac_md5(key, data)
+{
+  var bkey = str2binl(key);
+  if(bkey.length > 16) bkey = core_md5(bkey, key.length * chrsz);
+
+  var ipad = Array(16), opad = Array(16);
+  for(var i = 0; i < 16; i++)
+  {
+    ipad[i] = bkey[i] ^ 0x36363636;
+    opad[i] = bkey[i] ^ 0x5C5C5C5C;
+  }
+
+  var hash = core_md5(ipad.concat(str2binl(data)), 512 + data.length * chrsz);
+  return core_md5(opad.concat(hash), 512 + 128);
+}
+
+/*
+ * Add integers, wrapping at 2^32. This uses 16-bit operations internally
+ * to work around bugs in some JS interpreters.
+ */
+function safe_add(x, y)
+{
+  var lsw = (x & 0xFFFF) + (y & 0xFFFF);
+  var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
+  return (msw << 16) | (lsw & 0xFFFF);
+}
+
+/*
+ * Bitwise rotate a 32-bit number to the left.
+ */
+function bit_rol(num, cnt)
+{
+  return (num << cnt) | (num >>> (32 - cnt));
+}
+
+/*
+ * Convert a string to an array of little-endian words
+ * If chrsz is ASCII, characters >255 have their hi-byte silently ignored.
+ */
+function str2binl(str)
+{
+  var bin = Array();
+  var mask = (1 << chrsz) - 1;
+  for(var i = 0; i < str.length * chrsz; i += chrsz)
+    bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (i%32);
+  return bin;
+}
+
+/*
+ * Convert an array of little-endian words to a string
+ */
+function binl2str(bin)
+{
+  var str = "";
+  var mask = (1 << chrsz) - 1;
+  for(var i = 0; i < bin.length * 32; i += chrsz)
+    str += String.fromCharCode((bin[i>>5] >>> (i % 32)) & mask);
+  return str;
+}
+
+/*
+ * Convert an array of little-endian words to a hex string.
+ */
+function binl2hex(binarray)
+{
+  var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
+  var str = "";
+  for(var i = 0; i < binarray.length * 4; i++)
+  {
+    str += hex_tab.charAt((binarray[i>>2] >> ((i%4)*8+4)) & 0xF) +
+           hex_tab.charAt((binarray[i>>2] >> ((i%4)*8  )) & 0xF);
+  }
+  return str;
+}
+
+/*
+ * Convert an array of little-endian words to a base-64 string
+ */
+function binl2b64(binarray)
+{
+  var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+  var str = "";
+  for(var i = 0; i < binarray.length * 4; i += 3)
+  {
+    var triplet = (((binarray[i   >> 2] >> 8 * ( i   %4)) & 0xFF) << 16)
+                | (((binarray[i+1 >> 2] >> 8 * ((i+1)%4)) & 0xFF) << 8 )
+                |  ((binarray[i+2 >> 2] >> 8 * ((i+2)%4)) & 0xFF);
+    for(var j = 0; j < 4; j++)
+    {
+      if(i * 8 + j * 6 > binarray.length * 32) str += b64pad;
+      else str += tab.charAt((triplet >> 6*(3-j)) & 0x3F);
+    }
+  }
+  return str;
+}
diff --git a/webroot/squasher.class.php b/webroot/squasher.class.php
new file mode 100644 (file)
index 0000000..42af06c
--- /dev/null
@@ -0,0 +1,1065 @@
+<?php
+require_once("config.php");
+
+function zfill($n, $a) {
+       return str_repeat("0", max(0,$a-strlen($n))) . $n;
+}
+
+function named_records_sort($named_recs, $order_by, $reverse=false, $flags=0) {
+       $named_hash = array();
+       foreach ($named_recs as $key => $fields)
+               $named_hash[$key] = $fields[$order_by];
+
+       if ($reverse)
+               arsort($named_hash,$flags=0) ;
+       else
+               asort($named_hash, $flags=0);
+
+       $sorted_records = array();
+       foreach($named_hash as $key => $val)$sorted_records[$key] = $named_recs[$key];
+
+       return $sorted_records;
+}
+
+function validate_user($username, $password, $salt) {
+       $creds['validated'] = false;
+       $query="SELECT * FROM users WHERE user_name = '".mysql_escape_string($username)."'";
+       $q_result = mysql_query($query);
+       while ($fetched_object = mysql_fetch_object($q_result)) {
+               if (md5($fetched_object->user_pass.$salt) == $password) {
+                       //validated
+                       $creds['user_id'] = $fetched_object->user_id;
+                       $creds['user_name'] = $fetched_object->user_name;
+                       $creds['user_level'] = $fetched_object->user_level;
+                       $creds['validated'] = true;
+                       $log_hash=str_repeat("0",32); // File ID is always empty on login
+                       $q="INSERT INTO log (hash,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($log_hash)."','login',".$creds['user_id'].",'".mysql_escape_string($creds['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())";
+                       mysql_query($q);
+               }
+       }
+       $_SESSION['creds'] = $creds;
+       return $creds['validated'];
+}
+
+
+function get_smarty() {
+       require_once(SQUASHER_SMARTY_SOURCE); // See config.php
+
+       $smarty = new Smarty;
+       $smarty->setTemplateDir(SQUASHER_SMARTY_TEMPLATES)
+              ->setCompileDir(SQUASHER_SMARTY_TEMPLATES_C)
+              ->setCacheDir(SQUASHER_SMARTY_CACHE);
+
+       return $smarty;
+}
+
+
+class squashweb {
+
+var $basepath;
+var $configs = array();
+var $files = array();
+var $subfolders = array();
+var $folderrights;
+var $userrights;
+var $history = array();
+
+function set_root($root) {
+       $this->basepath = $root;
+}
+
+function get_configs() {
+       return $this->configs;
+}
+
+function subfolders() {
+       return $this->subfolders;
+}
+
+function get_config($h) {
+
+       return $this->configs[$h];
+}
+
+function folderrights() {
+       return $this->folderrights;
+}
+
+function userrights() {
+       return $this->userrights;
+}
+
+function update_history() {
+       $q="SELECT md5_hash,file,completed,checked FROM file_hash";
+       $r=mysql_query($q);
+       while($o=mysql_fetch_object($r)) {
+               $this->history[$o->md5_hash]['file']=$o->file;
+               $this->history[$o->md5_hash]['completed']=$o->completed;
+               $this->history[$o->md5_hash]['checked']=$o->checked;
+       }
+}
+
+function get_users($user_level) {
+       $q = "SELECT * FROM users WHERE user_level < ".$user_level." ORDER BY user_name ASC";
+       $r = mysql_query($q);
+
+       while ($o = mysql_fetch_object($r)) {
+               $return[$o->user_id]['id']              = $o->user_id;
+               $return[$o->user_id]['name']    = $o->user_name;
+               $return[$o->user_id]['level']   = $o->user_level;
+               $return[$o->user_id]['enabled'] = ($o->user_pass == '') ? false : true ;
+       }
+
+       return $return;
+}
+
+function get_logs($type='all') {
+       $q="SELECT log.* FROM log WHERE log.user_id != '1' and ip != '87.233.211.2' ";
+       if ($_SESSION['creds']['user_id'] == 1)
+               $q="SELECT log.* FROM log WHERE log.user_id != 'x' ";
+       switch($type) {
+       case "delete":
+               $q.= " AND log.action = 'delete'";
+               break;
+       case "download":
+               $q.= " AND log.action = 'download'";
+               break;
+       case "login":
+               $q.= " AND log.action = 'login'";
+               break;
+       case "debug":
+               $q.= " AND log.action = 'debug'";
+               break;
+       default:
+               $q.= "";
+               break;
+       }
+
+       $today     =" AND date > date(date_add(now(), interval -0 day)) ";
+       $yesterday =" AND date < date(date_add(now(), interval -0 day)) AND date > date(date_add(now(), interval -1 day)) ";
+       $lastweek  =" AND date < date(date_add(now(), interval -1 day)) AND date > date(date_add(now(), interval -6 day)) ";
+       $older     =" AND date < date(date_add(now(), interval -7 day)) AND date > date(date_add(now(), interval -30 day)) ";
+
+       $order=" ORDER BY log.log_id desc ";
+       $r = mysql_query($q.$today.$order);
+       $return = array();
+       while($a = mysql_fetch_array($r)) {
+               $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
+               $ru = mysql_query($qu);
+               $a['users_from_ip'] = " | ";
+               while($au = mysql_fetch_array($ru))
+                       $a['users_from_ip'] .= $au['user_name']." | ";
+               $return['today'][$a['log_id']] = $a;
+       }
+       $r = mysql_query($q.$yesterday.$order);
+       while($a = mysql_fetch_array($r)) {
+               $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
+               $ru = mysql_query($qu);
+               $a['users_from_ip'] = " | ";
+               while($au = mysql_fetch_array($ru))
+                       $a['users_from_ip'] .= $au['user_name']." | ";
+               $return['yesterday'][$a['log_id']] = $a;
+       }
+       $r = mysql_query($q.$lastweek.$order);
+       while($a = mysql_fetch_array($r)) {
+               $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
+               $ru = mysql_query($qu);
+               $a['users_from_ip'] = " | ";
+               while($au = mysql_fetch_array($ru))
+                       $a['users_from_ip'] .= $au['user_name']." | ";
+               $return['lastweek'][$a['log_id']] = $a;
+       }
+       $r = mysql_query($q.$older.$order);
+       while($a = mysql_fetch_array($r)) {
+               $qu="SELECT users.user_name FROM users LEFT JOIN log ON users.user_id = log.user_id WHERE log.ip='".mysql_escape_string($a['ip'])."' GROUP BY users.user_name";
+               $ru = mysql_query($qu);
+               $a['users_from_ip'] = " | ";
+               while($au = mysql_fetch_array($ru))
+                       $a['users_from_ip'] .= $au['user_name']." | ";
+               $return['older'][$a['log_id']] = $a;
+       }
+
+       return $return;
+}
+
+function insert_users($u, $admin_level) {
+       $user_name = $u['user_name'];
+       $user_pass = $u['user_pass'];
+       $user_level = (int)$u['user_level'];
+
+       $q = "INSERT INTO users (user_name,user_pass,user_level) VALUES ('".mysql_escape_string($user_name)."', '".mysql_escape_string(md5($user_pass))."', ".$user_level.")";
+       $r = mysql_query($q);
+}
+
+function update_users($u) {
+       $user_id = (int)$u['user_id'];
+       $user_name = @$u['user_name'];
+       $user_pass = @$u['user_pass'];
+       $user_level = (int)@$u['user_level'];
+       if ($user_name) {
+               $q = "UPDATE users SET user_name = '".mysql_escape_string($user_name)."' WHERE user_id = ".$user_id;
+               $r = mysql_query($q);
+       }
+       if ($user_pass) {
+               $q = "UPDATE users SET user_pass = '".mysql_escape_string(md5($user_pass))."' WHERE user_id = ".$user_id;
+               $r = mysql_query($q);
+       }
+       if ($user_level) {
+               $q = "UPDATE users SET user_level = ".$user_level." WHERE user_id = ".$user_id;
+               $r = mysql_query($q);
+       }
+}
+
+function disable_users($u) {
+       $user_id = (int)$u['user_id'];
+       $user_name = @$u['user_name'];
+       $user_level = (int)@$u['user_level'];
+       if ($user_name) {
+               $q = "UPDATE users SET user_name = '".mysql_escape_string($user_name)."' WHERE user_id = ".$user_id;
+               $r = mysql_query($q);
+       }
+       $q = "UPDATE users SET user_pass = '' WHERE user_id = ".$user_id;
+       $r = mysql_query($q);
+       if ($user_level) {
+               $q = "UPDATE users SET user_level = ".$user_level." WHERE user_id = ".$user_id;
+               $r = mysql_query($q);
+       }
+       $r = mysql_query($q);
+}
+
+function remove_users($u) {
+       $user_id = (int)$u['user_id'];
+       $q = "DELETE FROM users WHERE user_id = ".$user_id;
+       $r = mysql_query($q);
+}
+
+function get_rights($user_id) {
+       $result = array();
+
+       $q = "SELECT folder_path, access FROM user_rights WHERE user_id = ".(int)$user_id;
+       $r = mysql_query($q);
+       while ($o = mysql_fetch_object($r)) {
+
+               //clean vars
+               $arr_string = '$result';
+
+               //get foldernames from path
+               if ($o->folder_path != '/') {
+                       $path = $o->folder_path;
+                       if ($path{0}=='/')
+                               $path=substr($path,1);
+                       $folder_arr = explode('/',$path);
+
+                       //create folder structure array
+                       foreach ($folder_arr AS $key => $value) {
+                               $value_escaped = str_replace("'", "\\'", $value);
+                               $arr_string .= "['".$value_escaped."']";
+                       }
+               }
+               $arr_string .= "['__access__']";
+
+               eval($arr_string." = '".$o->access."';");
+       }
+       return $result;
+}
+
+function give_rights($user_id, $type='folderrights') {
+       if ($type=='folderrights')
+               $this->folderrights = $this->get_rights($user_id);
+       else // $type=='userrights'
+               $this->userrights = $this->get_rights($user_id);
+}
+
+function update_rights($edited_user, $m, $admin_level) {
+       $q = "SELECT count(*) result FROM users WHERE user_id = ".(int)$edited_user." AND user_level < ".(int)$admin_level;
+       $r = mysql_query($q);
+       $o = mysql_fetch_object($r);
+
+       if ($o->result) {
+               foreach ($m AS $path => $access) {
+                       $p_q = "SELECT count(*) result FROM user_rights WHERE user_id = ".(int)$edited_user." AND folder_path = '".mysql_escape_string($path)."'";
+                       $p_r = mysql_query($p_q);
+                       $p_o = mysql_fetch_object($p_r);
+                       if ($p_o->result == 1)
+                               mysql_query("UPDATE user_rights SET access = ".(int)$access." WHERE folder_path = '".mysql_escape_string($path)."' AND user_id = ".(int)$edited_user);
+                       if ($p_o->result == 0)
+                               mysql_query("INSERT INTO user_rights (user_id,folder_path,access) values (".(int)$edited_user.",'".mysql_escape_string($path)."',".(int)$access.") ");
+               }
+       }
+}
+
+
+function show_rights_tree($path, $depth=0, $userid=0) {
+
+       if ($userid==0)
+               return false;
+       if ($depth==0)
+               $this->give_rights($userid, 'userrights');
+
+       // access = 0 --deny-all
+       // access = 1 --allow-dir-only
+       // access = 2 --allow-inc-subs
+
+       $layout = '';
+       $style = '';
+
+       for ($i=0; $i<$depth; $i++)
+               $layout .= " ";
+       if ($dir = opendir($path)) {
+               $layout .= "<div style='clear:both;' >\n";
+               $f = 0;
+               while (false !== ($file = readdir($dir))) {
+                       $files_array[] = $file;
+               }
+               asort($files_array);
+               foreach ($files_array as $f_index => $file) {
+                       if (($file{0} !== ".") && ($file !== ".."))
+                       {
+                               $filename = $path."/".$file;
+                               if (!is_file($filename) && $this->got_rights_array($filename) > 0) {
+                                       $f++;
+                                       if (substr($filename,0,strlen($this->basepath))==$this->basepath)
+                                               $name = substr($filename,strlen($this->basepath));
+                                       $check = $this->got_rights_array_admin($filename, $this->userrights);
+                                       $check_all = '';
+                                       $check_allow = '';
+                                       $check_deny = '';
+                                       switch($check) {
+                                               case 2:
+                                                       $check_all = 'checked';
+                                                       break;
+                                               case 1:
+                                                       $check_allow = 'checked';
+                                                       break;
+                                               case 0:
+                                               default:
+                                                       $check_deny = 'checked';
+                                                       break;
+                                       }
+
+                                       if ($f==1)
+                                               $style[$depth] = ".depth".$depth."{float:right;width:".(600-($depth*10))."px;border-left:2px solid #FFFFFF;border-top:1px solid #FFFFFF;background:#".dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).";}";
+                                       if ($f==1)
+                                               $layout .= "<div class='depth".$depth."'>";
+                                       $layout .= "<div class='white_border' >".htmlspecialchars($file)."</div>\n";
+                                       $name_escaped = htmlspecialchars($name);
+                                       $layout .= '<div class="check_deny"><input name="m['.$name_escaped.']" value=0 type=radio '.$check_deny."></div>\n";
+                                       $layout .= '<div class="check_allow"><input name="m['.$name_escaped.']" value=1 type=radio '.$check_allow."></div>\n";
+                                       $layout .= '<div class="check_all"><input name="m['.$name_escaped.']" value=2 type=radio '.$check_all."></div>\n";
+                                       $sub_return = $this->show_rights_tree($filename,$depth+1,$userid);
+                                       if (is_array($style) && is_array($sub_return['style']))
+                                               $style = $style + $sub_return['style'];
+                                       $layout .= $sub_return['layout'];
+                               }
+                       }
+               }
+               if ($f!=0)
+                       $layout .= "</div>";
+               $layout .= "</div>\n";
+       }
+
+       $return['style'] = $style;
+       $return['layout'] = $layout;
+
+       return $return;
+}
+
+function got_rights_array($needle, $haystack='', $c=0) {
+       // used by:
+       // - read_single_file
+       // - read_directory
+       // - show_rights_tree
+
+       if (!is_array($haystack))
+               $haystack = $this->folderrights;
+       if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
+               $needle=substr($needle,strlen($this->basepath));
+
+       // check root rights
+       if ($needle{0} == '/' && @$haystack['__access__'] == 2 )
+               return 2;
+
+       // remove leading /
+       if ($needle{0}=='/')
+               $needle = substr($needle, 1);
+
+       $needle_arr = explode('/', $needle);
+       $n = count($needle_arr);
+       $d = $c + 1;
+
+       foreach ($haystack as $k => $v) {
+               if ($needle_arr[$c] == $k) {
+                       if (!is_array(@$v['__access__'])) {
+                               if ($v['__access__'] == 2             ) return 2;
+                               if ($v['__access__'] == 1 && $d == $n ) return 1;
+                               if ($v['__access__'] == 0 && $d == $n ) return 0;
+                       } else {
+                               $return = $this->got_rights_array($needle, $v, $d);
+                       }
+               }
+       }
+       return $return;
+}
+
+function got_rights_array_admin($needle, $haystack='', $c=0) {
+       // used by:
+       // - show_rights_tree
+
+       if (!is_array($haystack))
+               $haystack = $this->folderrights;
+       if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
+               $needle = substr($needle, strlen($this->basepath));
+
+       // check root rights
+       if ($needle{0} == '/' && @$haystack['__access__'] == 2 )
+               return 2;
+
+       // remove leading /
+       if ($needle{0} == '/')
+               $needle = substr($needle, 1);
+
+       $needle_arr = explode('/', $needle);
+       $n = count($needle_arr);
+       $d = $c + 1;
+       $return = 0;
+
+       if ($c < $n) {
+               if (@$haystack['__access__'] == 2)
+                       return $haystack['__access__'];
+               if (is_array($haystack[$needle_arr[$c]]))
+                       $return = $this->got_rights_array_admin($needle, $haystack[$needle_arr[$c]], $d);
+       } else {
+               if (@$haystack['__access__'] > 0)
+                       $return = $haystack['__access__'];
+       }
+
+       return $return;
+}
+
+function got_rights_array_recursive($needle, $haystack='', $c=0) {
+       // used by:
+       // - read_directory, for subfolders
+
+       if (!is_array($haystack))
+               $haystack = $this->folderrights;
+       if (substr($needle, 0, strlen($this->basepath)) == $this->basepath)
+               $needle=substr($needle, strlen($this->basepath));
+
+       // check root rights
+       if($needle{0}=='/' && @$haystack['__access__'] == 2 )
+               return 2;
+
+       // check folder rights
+       if($needle{0}=='/')
+               $needle=substr($needle,1);
+
+       $needle_arr = explode('/', $needle);
+       $n = count($needle_arr);
+       $d = $c + 1;
+       $return = 0;
+
+       foreach($haystack as $k => $v) {
+               if ($c < sizeof($needle_arr) && $needle_arr[$c] == $k) {
+                       if ($c < $n) {
+                               if ($v['__access__'] == 2)
+                                       $return = $return + $v['__access__'];
+                               $return = $return + $this->got_rights_array_recursive($needle, $v, $d);
+                       } else {
+                               $return = $return + $this->in_array_recursive($v);
+                       }
+               } elseif ($c == $n) {
+                       $return = $return + $v['__access__'];
+                       if($k != '__access__')$return = $return + $this->in_array_recursive($v);
+               }
+       }
+
+       return $return;
+}
+
+function in_array_recursive($haystack) {
+       $return = 0;
+       if (is_array($haystack)) {
+               foreach ($haystack as $key1 => $value1) {
+                       if (is_array($value1)) {
+                               $return = $return + $this->in_array_recursive($value1);
+                       }
+                       elseif ($value1 > 0) {
+                               return $value1;
+                       }
+               }
+       }
+       return $return;
+}
+
+function read_single_file($path, $file) {
+       $filename = $path."/".$file;
+       $i = 0;
+       if ($this->got_rights_array($path) > 0) {
+               if (is_file($filename.'.Completed'))
+                       $file.='.Completed';
+               if (is_file($filename.'.InProgress'))
+                       $file.='.InProgress';
+               if (is_file($filename.'.Starting'))
+                       $file.='.Starting';
+               if (is_file($filename.'.Processed'))
+                       $file.='.Processed';
+               $filename = $path . "/" . $file;
+               $handle = @fopen($filename, "rb");
+               if (strpos($file,'.Completed'))
+                       $ext='.Completed';
+               if (strpos($file,'.InProgress'))
+                       $ext='.InProgress';
+               if (strpos($file,'.Starting'))
+                       $ext='.Starting';
+               if (strpos($file,'.Processed'))
+                       $ext='.Processed';
+               $sub_pos = strpos($file, $ext);
+               $base_name = substr($file, 0, $sub_pos);
+               $filecontent = @fread($handle, @filesize($filename));
+               $config[$i] = explode("\r\n", $filecontent);
+               /***
+               *       $config:: array
+               *       [0]     ->      versioncode
+               *       [1]     ->      date&time
+               *       [2]     ->      filename
+               *       [3]     ->      filesize
+               *       [4]     ->      chunksize
+               *       [5]     ->      chunkcount
+               *       [6]     ->      CRC32 checksum
+               ***/
+               if (@filesize($filename) > 0) {
+                       $h = md5($path."/".$config[$i][2]);
+                       $this->configs[$h] = $config[$i];
+                       $this->configs[$h]['squashed'] = true;
+                       $this->configs[$h]['path'] = $path;
+                       $this->configs[$h]['status'] = substr($ext, 1);
+                       $this->configs[$h]['mime'] = $this->set_mime($this->configs[$h][2]);
+                       $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
+                       //to prevent dates of 1-1-1970 we set te dates of the config file
+                       $this->configs[$h]['added'] = filectime($filename);
+                       $this->configs[$h]['lastchange'] = filemtime($filename);
+                       fclose($handle);
+                       $this->populate_stats($path, $h);
+                       //insert hash in db
+                       #$this->update_hash($h,$path."/".$config[$i][2]);
+                       //check stats
+                       $this->check_stats($h);
+               }
+       }
+}
+
+
+function read_directory($path, $getsubs=false, $getfirstfiles=true, $getdeepfiles=true, $populate=true) {
+
+       if ($dir = @opendir($path)) {
+               $i = 0;
+               $last = 1;
+               while (false !== ($file = readdir($dir))) {
+                       if (($file{0} !== ".") && substr($file,0,1) !== "SQ") {
+                               $filename = $path."/".$file;
+                               if (!is_file($filename) && strpos($filename, './uploads/recieving')===false) {
+                                       if ($getsubs) {
+                                               if ($this->got_rights_array_recursive($filename) > 0) {
+                                                       $key = substr($path, strlen($this->basepath)) . '/' . $file;
+                                                       $this->subfolders[$key] = $file;
+                                               }
+                                       }
+                                       if ($getdeepfiles)
+                                               $this->read_directory($filename, false, $getdeepfiles, $getdeepfiles, $populate);
+                               } elseif (strpos($filename,'./uploads/ftp')) { //ftp files
+                                       if ($this->got_rights_array($path) > 0 && !strpos($filename, '.hidden') ) {
+                                               $h = md5($filename);
+                                               $name_only = substr($filename, strlen($path)+1);
+                                               $file_structure = explode('.', $name_only);
+                                               $ext = array_pop($file_structure);
+                                               $base_name = array_pop($file_structure);
+                                               $this->configs[$h]['path'] = $path;
+                                               $this->configs[$h][0] = 'manual ftp';
+                                               $this->configs[$h][2] = $name_only;
+                                               $this->configs[$h][3] = filesize($filename);
+                                               $this->configs[$h]['added'] = filectime($filename);
+                                               $this->configs[$h]['lastchange'] = filemtime($filename);
+                                               $this->configs[$h]['status'] = 'unknown';
+                                               $this->configs[$h]['squashed'] = false;
+                                               $this->configs[$h]['mime'] = $this->set_mime($name_only);
+                                               $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
+                                       }
+                               } elseif ($getfirstfiles) {
+                                       //squashed files
+                                       if ($this->got_rights_array($path) > 0) {
+                                               if (strpos($filename, '.Completed') || strpos($filename, '.InProgress') || strpos($filename, '.Starting') || strpos($filename, '.Processed')) {
+                                                       $i++;
+                                                       $handle = @fopen($filename, "rb");
+                                                       if (strpos($file,'.Completed'))
+                                                               $ext='.Completed';
+                                                       if (strpos($file,'.InProgress'))
+                                                               $ext='.InProgress';
+                                                       if (strpos($file,'.Starting'))
+                                                               $ext='.Starting';
+                                                       if (strpos($file,'.Processed'))
+                                                               $ext='.Processed';
+                                                       $sub_pos = strpos($file, $ext);
+                                                       $base_name = substr($file, 0, $sub_pos);
+                                                       $filecontent = @fread($handle, @filesize($filename));
+                                                       $config[$i] = explode("\r\n", $filecontent);
+
+                                                       /***
+                                                       *       $config:: array
+                                                       *       [0]     ->      versioncode
+                                                       *       [1]     ->      date&time
+                                                       *       [2]     ->      filename
+                                                       *       [3]     ->      filesize
+                                                       *       [4]     ->      chunksize
+                                                       *       [5]     ->      chunkcount
+                                                       *       [6]     ->      CRC32 checksum
+                                                       ***/
+
+                                                       if (@filesize($filename) > 0) {
+                                                               $h = md5($path."/".$config[$i][2]);
+                                                               $this->configs[$h] = $config[$i];
+                                                               $this->configs[$h]['squashed'] = true;
+                                                               $this->configs[$h]['path'] = $path;
+                                                               $this->configs[$h]['status'] = substr($ext, 1);
+                                                               $this->configs[$h]['mime'] = $this->set_mime($this->configs[$h][2]);
+                                                               $this->configs[$h]['hidden'] = (is_file($path.'/'.$base_name.'.hidden')) ? true : false ;
+                                                               //to prevent dates of 1-1-1970 we set te dates of the config file
+                                                               $this->configs[$h]['added'] = filectime($filename);
+                                                               $this->configs[$h]['lastchange'] = filemtime($filename);
+                                                               fclose($handle);
+                                                               $this->populate_stats($path, $h);
+                                                               //insert hash in db
+                                                               $this->update_hash($h, $path."/".$config[$i][2]);
+                                                               //check stats
+                                                               $this->check_stats($h);
+                                                       }
+                                               }
+                                       }
+                               }
+                       }
+               }
+       }
+}
+
+function check_stats($h) {
+       $config = $this->get_config($h);
+       $count = @array_sum($config['stats']);
+       if ($config['status']=='Completed' && $count != $config[5]) {
+               $filepath=$config['path'].'/'.$config[2];
+               if ($this->history[$h]['completed']=="1") {
+                       //don't display broken file, remove it instead
+                       unlink($config['path'].'/'.$config[2].'.Completed');
+                       unset($this->configs[$h]);
+
+                       if (!$count)
+                               $count = 0;
+                       $m_subject = "Squasher Debug: File Removed";
+                       $m_body = "Upload removed: \n File: ".$config['path']."/".$config[2]." \n Status: ".$config['status']." \n Chunks: ".$count." out of ".$config[5];
+                       mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+                       $qlog = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','debug',-1,'squasher-web','cleanup',NOW())";
+                       mysql_query($qlog);
+               } else {
+                       //do move
+                       rename($config['path'].'/'.$config[2].'.Completed', $config['path'].'/'.$config[2].'.InProgress');
+                       $this->configs[$h]['status'] = 'InProgress';
+
+                       //mail n4m
+                       if (!$count)
+                               $count = 0;
+                       $m_subject = "Squasher Debug: Upload Error";
+                       $m_body = "Upload error: \n File: ".$config['path']."/".$config[2]." \n Status: ".$config['status']." \n Chunks: ".$count." out of ".$config[5];
+                       mail('support@netformatie.nl', $m_subject, $m_body, "From: squasher@netformatie.nl");
+                       mail('jan@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+                       mail('joop@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+                       mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+
+                       //do sms
+                       //wget -o/dev/null "http://www.mollie.nl/xml/sms/?username=netformatie&password=SMSdolsi&originator=Netformatie&recipients=${ENGINEER}&message=${CALLERID}";
+
+                       //mail RO
+                       $ship = explode('/',$config['path']);
+                       if ($ship[2] == 'myas' || $ship[2] == 'myez' || $ship[2] == 'myrw')
+                               mail('ro1@'.$ship[2].'.greenpeace.org','Squasher: '.$config[2].' resume request','The squasher server has detected an upload error. Please resume the squasher transmission for '.$config[2].' to correct this problem.',"From: support@netformatie.nl\nX-Priority: 1");
+
+                       $qlog = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','debug',-1,'squasher-web','retry',NOW())";
+                       mysql_query($qlog);
+
+               }
+       } elseif ($config['status']=='Completed' && $count == $config[5]) {
+               if ($this->history[$h]['completed']==0)
+                       mysql_query("UPDATE file_hash SET completed = 1 WHERE md5_hash = '".mysql_escape_string($h)."'");
+       }
+}
+
+function update_hash($hash, $path) {
+       $check_hash_query = "select * from file_hash where md5_hash = '".$hash."'";
+       $check_hash_result = mysql_query($check_hash_query);
+       if(mysql_num_rows($check_hash_result) == 0) {
+               $insert_hash_query = "INSERT INTO file_hash (md5_hash,file) values ('".mysql_escape_string($hash)."','".mysql_escape_string($path)."')";
+               mysql_query($insert_hash_query);
+       }
+}
+
+function path_to_arraystring($path, $arrayname) {
+       $path_values = explode('/', $path);
+       $return = $arrayname;
+       foreach ($path_values AS $key => $value) {
+               if ($value != '.' && $value != '')
+                       $return.= "['".$value."']";
+       }
+       return $return;
+}
+
+function populate_stats($path, $h) {
+       /***
+       *       $config:: array
+       *       [0]     ->      versioncode
+       *       [1]     ->      date&time
+       *       [2]     ->      filename
+       *       [3]     ->      filesize
+       *       [4]     ->      chunksize
+       *       [5]     ->      chunkcount
+       *       [6]     ->      CRC32 checksum
+       ***/
+       $config = $this->configs[$h];
+
+       $q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($h)."'";
+       $r = mysql_query($q);
+       $o = mysql_fetch_object($r);
+       $validated_chunks = $o->validated_chunks;
+
+       if ($this->history[$h]['completed']=="1") {
+               $file_part = $path."/SQ".zfill(1,6)."-".$config[2];
+               if (!is_file($file_part))
+                       $file_part = $path."/SQ".zfill(1,3)."-".$config[2];
+               if (is_file($file_part)) {
+                       $this->configs[$h]['added'] = filectime($file_part);
+                       $file_part = $path."/SQ".zfill($config[5],6)."-".$config[2];
+                       if (!is_file($file_part))
+                               $file_part = $path."/SQ".zfill($config[5],3)."-".$config[2];
+                       if (is_file($file_part))
+                               $this->configs[$h]['lastchange'] = filemtime($file_part);
+                       for ($i=1; $i<=$config[5]; $i++)
+                               $this->configs[$h]['stats'][$i] = "1.00";
+               } else {
+                       //failsafe voor verwijderde bestanden
+                       mysql_query("UPDATE file_hash SET completed = 0 WHERE md5_hash = '".mysql_escape_string($h)."'");
+               }
+       } else {
+               $keep_validating = true;
+               for ($i=1; $i<=$config[5]; $i++) {
+                       if ($validated_chunks > $i) {
+                               $this->configs[$h]['stats'][$i]="1.00";
+                       } else {
+                               $file_part = $path."/SQ".zfill($i,6)."-".$config[2];
+                               if (!is_file($file_part))
+                                       $file_part = $path."/SQ".zfill($i,3)."-".$config[2];
+                               if (is_file($file_part)) {
+                                       $handle = fopen($file_part, "rb");
+                                       $size_this = filesize($file_part);
+                                       $added = filectime($file_part);
+                                       $last_changed = filemtime($file_part);
+                                       if ($this->configs[$h]['added'] > $added || !is_numeric($this->configs[$h]['added']))
+                                               $this->configs[$h]['added'] = $added;
+                                       if ($this->configs[$h]['lastchange'] < $last_changed)
+                                               $this->configs[$h]['lastchange'] = $last_changed;
+                                       if ($i != $config[5]) {
+                                               $this->configs[$h]['stats'][$i] = number_format((1/$config[4])*$size_this, 2, '.', '');
+                                       //number_format((100/$config[4])*$size_this, 2, '.', '')."%";
+                                       }else{
+                                               $this->configs[$h]['stats'][$i] = number_format((1/($config[3]-($config[4]*($config[5]-1))))*$size_this, 2, '.', '');
+                                               //number_format((100/($config[3]-($config[4]*($config[5]-1))))*$size_this, 2, '.', '')."%";
+                                       }
+                                       fclose($handle);
+                                       if ($config[4] == $size_this && $keep_validating) {
+                                               $validated_chunks = $i;
+                                       } else {
+                                               $keep_validating = false;
+                                       }
+                               } else {
+                                       $this->configs[$h]['stats'][$i] = "0.00";
+                                       //$this->configs[$h]['stats'][$i]="0.00%";
+
+                               }
+                       }
+               }
+               mysql_query("UPDATE file_hash SET validated_chunks = '".mysql_escape_string($validated_chunks)."' WHERE md5_hash = '".mysql_escape_string($h)."'");
+       }
+}
+
+function read_config($path, $filename) {
+       if (is_file($path."/".$filename.".InProgress")) {
+               $config_handle = fopen($path."/".$filename.".InProgress", "r");
+               $conf_path=$path."/".$filename.".InProgress";
+       } elseif (is_file($path."/".$filename.".Completed" )) {
+               $config_handle = fopen($path."/".$filename.".Completed", "r");
+               $conf_path=$path."/".$filename.".Completed";
+       } elseif (is_file($path."/".$filename.".Starting" )) {
+               $config_handle = fopen($path."/".$filename.".Starting", "r");
+               $conf_path=$path."/".$filename.".Starting";
+       } elseif (is_file($path."/".$filename.".Processed" )) {
+               $config_handle = fopen($path."/".$filename.".Processed", "r");
+               $conf_path=$path."/".$filename.".Processed";
+       } else {
+               return "Not Found";
+       }
+       $config_content = fread($config_handle, filesize($conf_path));
+       fclose($config_handle);
+       $config = explode("\n", $config_content);
+
+       return $config;
+//             print_r($config);
+/*             $file_count = $config[5];
+               $last=1;
+    for ($i=1; $i<=$file_count; $i++)
+    {
+       $file_part = $path."/SQ".zfill($i,6)."-".$filename;
+       if (is_file($file_part))
+       {
+
+        $handle = fopen($file_part, "rb");
+        $size_this = filesize($file_part);
+                               //$stats[$i]=round((100/$config[4])*$size_this)."%";
+                               if ((($size_this==$config[4] && ($last+1)==$i) )|| $i == $config[5]) {
+                                       $merged_file.=fread($handle, filesize($file_part));
+                                       $last = $i;
+                               }
+        fclose($handle);
+       }
+     }
+     return $merged_file;
+     */
+}
+
+function print_files($path, $filename, $tovar=false) {
+       if (strpos($path, './uploads/ftp')) {
+               $filestring = $path.'/'.$filename;
+               if (is_file($filestring)) {
+                       $handle = fopen($filestring, "rb");
+                       while (!feof($handle))
+                       {
+                               print(fread($handle, 1024));
+                               ob_flush();
+                               flush();
+                       }
+               }
+       } else {
+               if (is_file($path."/".$filename.".InProgress")) {
+                       $config_handle = fopen($path."/".$filename.".InProgress", "r");
+                       $conf_path=$path."/".$filename.".InProgress";
+               } elseif (is_file($path."/".$filename.".Completed" )) {
+                       $config_handle = fopen($path."/".$filename.".Completed", "r");
+                       $conf_path=$path."/".$filename.".Completed";
+               } elseif (is_file($path."/".$filename.".Starting" )) {
+                       $config_handle = fopen($path."/".$filename.".Starting", "r");
+                       $conf_path=$path."/".$filename.".Starting";
+               } elseif (is_file($path."/".$filename.".Processed" )) {
+                       $config_handle = fopen($path."/".$filename.".Processed", "r");
+                       $conf_path=$path."/".$filename.".Processed";
+               } else{
+                       return "Not Found";
+               }
+               $config_content = fread($config_handle, filesize($conf_path));
+               fclose($config_handle);
+               $config = explode("\n",$config_content);
+//             print_r($config);
+               $file_count = $config[5];
+               $last = 0;
+               $last_part_size = ( $config[3] - ( ( $config[5] -1 ) * $config[4] ) );
+               for ($i=0;$i<=$file_count;$i++)
+               {
+                       $file_part = $path."/SQ".zfill($i,6)."-".$filename;
+                       if (!is_file($file_part))
+                               $file_part = $path."/SQ".zfill($i,3)."-".$filename;
+                       if (is_file($file_part))
+                       {
+                               $handle = fopen($file_part, "rb");
+                               $size_this = filesize($file_part);
+                               if ( ( ( $size_this==$config[4] ) && ( ($last+1)==$i ) ) || ( ( $i == $config[5] ) && ( $size_this==$last_part_size ) && ( ($last+1)==$i ) ) ) {
+                                       if ($tovar) {
+                                               $merged_file.=fread($handle, $size_this);
+                                               $last = $i;
+                                       } else {
+                                               while (!feof($handle))
+                                               {
+                                                       print(fread($handle, 4096));
+                                               #       @ob_flush();
+                                               #       @flush();
+                                               }
+                                               $last = $i;
+                                       }
+                               }
+                               fclose($handle);
+                       }
+               }
+               if ($tovar)
+                       return $merged_file;
+       }
+}
+
+function check_md5($h) {
+       $return = false;
+       $config = $this->configs[$h];
+       $var = $this->print_files($config['path'], $config[2], true);
+       $hash = md5($var);
+       if ($hash==$config[6])
+               $return=true;
+
+       return $return;
+}
+
+function file_crc($file_string) {
+       //$file_string = file_get_contents($file);
+
+       $crc = crc32($file_string);
+       return sprintf("%u\n", $crc);
+}
+
+function file_crc_debug($file) {
+       $file_string = file_get_contents($file);
+
+       $crc = crc32($file_string);
+       return sprintf("%u\n", $crc);
+}
+
+function delete_file($h, $s) {
+       $request = $this->get_config($h);
+       $filepath=$request['path'].'/'.$request[2];
+       if (strpos($request['path'], './uploads/ftp')) {
+               #remove file
+               if (is_file($filepath))
+                       @unlink($filepath);
+               if (is_file($filepath.'.hidden'))
+                       @unlink($filepath.'.hidden');
+       } else {
+               #remove fileparts
+               for ($i=0;$i<=$request[5];$i++) {
+                       $part_six   = $request['path']."/SQ".zfill($i,6)."-".$request[2];
+                       $part_three = $request['path']."/SQ".zfill($i,3)."-".$request[2];
+                       if (is_file($part_six))
+                               @unlink($part_six);
+                       if (is_file($part_three))
+                               @unlink($part_six);
+               }
+               #remove config file
+               if (is_file($request['path'].'/'.$request[2].'.hidden'))        @unlink($request['path'].'/'.$request[2].'.hidden');
+               if (is_file($request['path'].'/'.$request[2].'.Completed'))     @unlink($request['path'].'/'.$request[2].'.Completed');
+               if (is_file($request['path'].'/'.$request[2].'.InProgress'))@unlink($request['path'].'/'.$request[2].'.InProgress');
+               if (is_file($request['path'].'/'.$request[2].'.Processed'))     @unlink($request['path'].'/'.$request[2].'.Processed');
+               if (is_file($request['path'].'/'.$request[2].'.Starting'))      @unlink($request['path'].'/'.$request[2].'.Starting');
+       }
+
+       #Update DB
+       $q = "DELETE FROM file_hash WHERE file_hash = '".mysql_escape_string($h)."'";
+       mysql_query($q);
+       $q = "INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($h)."','".mysql_escape_string($filepath)."','delete',".(int)$s['user_id'].",'".mysql_escape_string($s['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())";
+       mysql_query($q);
+
+       #Send debug mail
+       $m_name = $s['user_name'];
+       $m_subject = "Squasher Debug: File Deleted by {$m_name}";
+       $m_body = "File Deleted: \n Requested by: {$m_name} \n File: {$filepath}";
+       mail('jasper@netformatie.nl', $m_subject, $m_body, "From: support@netformatie.nl");
+}
+
+function show_files() {
+
+       $path = "./uploads/";
+
+       if ($dir = opendir($path)) {
+               $i = 1;
+               $last = 1;
+               $files = array();
+               $files_merged = array();
+               while (false !== ($file = readdir($dir)))
+               {
+                       if (($file !== ".") && ($file !== ".."))
+                       {
+                               $filename = $path.$file;
+                               $handle = fopen($filename, "rb");
+                               $size_this = filesize($filename);
+                               if ($i==1)
+                                       $size_first = $size_this;
+                               $filecontent = fread($handle, filesize($filename));
+                               $files[$i++] = $filename;
+                               $files_merged[$file_base][]=$filename;
+                               fclose($handle);
+                       }
+               }
+       }
+       echo "<pre>";
+       print_r($files);
+       print_r($files_merged);
+       echo "</pre>";
+}
+
+function set_mime($filename) {
+       $ext_arr = explode('.', $filename);
+       $ext = strtolower(array_pop($ext_arr));
+       switch($ext) {
+               case 'avi':
+                       $mime = 'video/avi';
+                       break;
+               case 'mpeg':
+               case 'mpg':
+                       $mime = 'video/mpeg';                                   //MPEG Video
+                       break;
+               case 'exe':
+               case 'bat':
+               case 'doc':
+               case 'xls':
+                       $mime = 'application/octet-stream';
+                       break;
+               case 'gif':
+                       $mime = 'image/gif';                                    //GIF Image
+                       break;
+               case 'jpg':
+               case 'jpeg':
+                       $mime = 'image/jpeg';                                   //JPEG Image
+                       break;
+               case 'png':
+                       $mime = 'image/png';                                    //PNG Image
+                       break;
+               case 'wav':
+               case 'wave':
+                       $mime = 'audio/wav';                                    //WAV Audio
+                       break;
+               case 'mp3':
+                       $mime = 'audio/mpeg';                                   //MP3 Audio
+                       break;
+               case 'mov':
+                       $mime = 'video/mov';                                    //Quicktime Video
+                       break;
+               case 'wmv':
+                       $mime = 'video/x-ms-wmv';                       //Windows WMV video
+                       break;
+               case 'wma':
+                       $mime = 'audio/x-ms-wma';                       //Windows WMA audio
+                       break;
+               case 'rm':
+                       $mime = 'audio/x-realaudio';    //RealPlayer Audio/Video (.rm)
+                       break;
+               case 'ram':
+                       $mime = 'audio/x-pn-realaudio'; //RealPlayer Audio/Video (.ram)
+                       break;
+               case 'pdf':
+                       $mime = 'application/pdf';              //PDF Document
+                       break;
+               case 'doc':
+                       $mime = 'application/msword';   //MS Word .doc file
+                       break;
+               case 'zip':
+                       $mime = 'application/zip';              //Zip File
+                       break;
+               default:
+                       $mime = 'application/octet-stream';
+                       break;
+       }
+       //$return['mime']=$mime;
+       //$return['ext']=$ext;
+
+       return $mime;
+}
+
+}
+// vim: syntax=php ts=4 sw=4 sts=4 sr noet
+?>
diff --git a/webroot/squasher.php b/webroot/squasher.php
new file mode 100644 (file)
index 0000000..7bf49ac
--- /dev/null
@@ -0,0 +1,277 @@
+<?php
+if (!$_SESSION['creds']['validated'] && !isset($_GET['f']))
+       exit();
+
+require_once("squasher.class.php");
+
+$squashweb = new squashweb();
+
+$squashweb->update_history();
+
+//set root directory
+$basedir = "../uploads";
+if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1) {
+       $subf = $_GET['path'];
+       $path = $basedir . $subf;
+} else {
+       $subf = '/';
+       $path = $basedir;
+}
+
+$squashweb->set_root($basedir);
+
+if (@$_GET['f'] || @$_GET['tools']=='hide' || @$_GET['tools']=='unhide' || @$_GET['tools']=='delete') {
+       $getdeepfiles=true;
+       $populate=false;
+} else {
+       $getdeepfiles=false;
+       $populate=true;
+}
+
+//update folder rights if form is posted
+if (@$_POST['edited_user'] > 0 && @$_POST['formtype'] == 'folderrights')
+       $squashweb->update_rights($_POST['edited_user'], $_POST['m'], $_SESSION['creds']['user_level']);
+
+//set folder rights
+if (@$_GET['f']) {
+       $squashweb->give_rights(2);
+} else {
+       $squashweb->give_rights($_SESSION['creds']['user_id']);
+}
+
+if (@$_GET['f']) {
+       $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($_GET['f'])."'";
+       $f_r = mysql_query($f_q);
+       $f_o = mysql_fetch_object($f_r);
+
+       //log downloads
+       @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($_GET['f'])."','".mysql_escape_string($f_o->file)."','download','".mysql_escape_string($_SESSION['creds']['user_id'])."','".mysql_escape_string($_SESSION['creds']['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())");
+
+       $_hpath_arr=explode("/", $f_o->file);
+       $file=array_pop($_hpath_arr); //Remove filename
+       $path=implode("/", $_hpath_arr);
+       $squashweb->read_single_file($path, $file);
+       #$squashweb->read_directory($path, false, true, false, false);
+} else {
+       //parse folders for readable files
+       $squashweb->read_directory($path, true, true, $getdeepfiles, $populate);
+}
+
+//check if a file is requested
+if (@$_GET['f']) {
+       //get the config of requested file
+       $request = $squashweb->get_config($_GET['f']);
+
+       //show requested file
+       #header('Cache-control: private');
+       header('Content-Disposition: attachment; filename="'.$request[2].'"');
+       header("Content-Type: ".$request['mime']);
+       if ($request[3])
+               header('Content-Length: '.$request[3]);
+       #@ob_flush();
+       @flush();
+       $squashweb->print_files($request['path'], $request[2]);
+
+} elseif (@$_GET['tools']=="hide" && @$_GET['h']) {
+       if ($_SESSION['creds']['user_level'] > 99) {
+               $request = $squashweb->get_config($_GET['h']);
+               $handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x');
+               fwrite($handle, 'hidden by '.$_SESSION['creds']['user_name']);
+               fclose($handle);
+               $path=substr($request['path'], strlen($basedir));
+               header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
+       }
+} elseif (@$_GET['tools']=="unhide" && isset($_GET['h'])) {
+       if ($_SESSION['creds']['user_level'] > 99) {
+               $request = $squashweb->get_config($_GET['h']);
+               @unlink($request['path'].'/'.$request[2].'.hidden');
+               $path=substr($request['path'], strlen($basedir));
+               header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
+       }
+} elseif (@$_GET['tools']=="delete" && isset($_GET['h'])) {
+       if ($_SESSION['creds']['user_level'] > 99) {
+               if ($_GET['h'] == "multiple") {
+                       $h_post = $_POST['h'];
+                       foreach ($h_post as $h_key => $h) {
+                               $request = $squashweb->get_config($h);
+                               $squashweb->delete_file($h, $_SESSION['creds']);
+                       }
+               } else {
+                       $h = $_GET['h'];
+                       $request = $squashweb->get_config($h);
+                       $squashweb->delete_file($h, $_SESSION['creds']);
+               }
+               $path=substr($request['path'], strlen($basedir));
+               header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
+       }
+
+} elseif (@$_POST['tools']=="mkdir" && isset($_GET['path']) && isset($_POST['newname']) && $_SESSION['creds']['user_level'] > 99) {
+       $path = $_GET['path'];
+       $newname = $_POST['newname'];
+       $subs = explode('/', $path);
+       if (in_array('..', $subs))
+               die(); // Hard fails when trying to play above basedir
+       if ($squashweb->got_rights_array_admin($path) > 0) {
+               umask(002); // don't remove g+w
+               mkdir($basedir.'/'.$path.'/'.$newname);
+       }
+       header( 'Location: ?path='.$path.'/'.$newname) ;
+       
+} elseif (@$_POST['tools']=="rmdir" && isset($_GET['path']) && $_SESSION['creds']['user_level'] > 99) {
+       $path = $_GET['path'];
+       $subs = explode('/', $path);
+       if (in_array('..', $subs))
+               die(); // Hard fails when trying to play above basedir
+       if ($squashweb->got_rights_array_admin($path) > 0) {
+               rmdir($basedir.$path);
+       }
+       array_pop($subs);
+       $path=implode("/", $subs);
+       header( 'Location: ?path='.$path) ;
+       
+} elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) {
+
+       $smarty = get_smarty();
+
+       $smarty->assign('user_level', $_SESSION['creds']['user_level']);
+       $smarty->assign('user_name', $_SESSION['creds']['user_name']);
+       $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
+
+       $smarty->assign('edited_user', @$_GET['user']);
+
+       $tree = $squashweb->show_rights_tree($path, 0, @$_GET['user']);
+
+       $smarty->assign('style', $tree['style']);
+       $smarty->assign('layout', $tree['layout']);
+
+       $smarty->assign('debug', @$_GET['debug']);
+       $smarty->assign('folderrights', $squashweb->folderrights());
+       $smarty->assign('userrights', $squashweb->userrights());
+       $smarty->display('admin.tpl');
+
+} elseif (@$_GET['tools']=='users' && $_SESSION['creds']['user_level'] > 100) {
+       $type = @$_POST['type'];
+       if ($type=="update")
+               $squashweb->update_users($_POST['u']);
+       if ($type=="disable")
+               $squashweb->disable_users($_POST['u']);
+       if ($type=="delete")
+               $squashweb->remove_users($_POST['u']);
+       if ($type=="new")
+               $squashweb->insert_users($_POST['u'], $_SESSION['creds']['user_level']);
+       $smarty = get_smarty();
+
+       $smarty->assign('user_level', $_SESSION['creds']['user_level']);
+       $smarty->assign('user_name', $_SESSION['creds']['user_name']);
+       $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
+
+       if ($_SESSION['creds']['user_level'] > 199) {
+               $smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) );
+       } else {
+               $smarty->assign('user_levels', array(55 => 'user' ) );
+       }
+       $smarty->assign('debug', @$_GET['debug']);
+
+       $smarty->display('udmin.tpl');
+
+} elseif (@$_GET['tools']=='logs' && $_SESSION['creds']['user_level'] > 100) {
+       $logtype=@$_GET['logtype'];
+       if (!$logtype)
+               $logtype = 'all';
+
+       $smarty = get_smarty();
+
+       $smarty->assign('user_level', $_SESSION['creds']['user_level']);
+       $smarty->assign('user_name', $_SESSION['creds']['user_name']);
+       $smarty->assign('logtype', $logtype);
+       $smarty->assign('logs', $squashweb->get_logs($logtype));
+
+       $smarty->assign('debug', @$_GET['debug']);
+       $smarty->display('logs.tpl');
+
+} else {
+       //show overview
+
+       $smarty = get_smarty();
+       /***
+       *       $config:: array
+       *       [0]     ->      versioncode
+       *       [1]     ->      date&time
+       *       [2]     ->      filename
+       *       [3]     ->      filesize
+       *       [4]     ->      chunksize
+       *       [5]     ->      chunkcount
+       *       [6]     ->      CRC32 checksum
+       ***/
+
+       $configs_num = $squashweb->get_configs();
+
+       $configs_sorted = named_records_sort($configs_num, 'lastchange', true);
+
+       $configs = array();
+       $paths = array();
+
+       foreach ($configs_sorted as $key => $value) {
+               $configs[$key]['squashed'] = $value['squashed'];
+               $configs[$key]['version'] = $value[0];
+               //$configs[$key]['date'] = $value[1]; //removed because user local creation date is irrelevant
+               $configs[$key]['name'] = $value[2];
+               $configs[$key]['size'] = $value[3];
+               $configs[$key]['chunk_size'] = $value[4];
+               $configs[$key]['chunks'] = $value[5];
+               $configs[$key]['crc'] = $value[6];
+               $paths[substr($value['path'], strlen($basedir))]=array_pop(explode('/',$value['path']));
+               (strpos($value['mime'],'ideo')) ? $embedable=true : $embedable=false;
+               (@array_sum($value['stats']) == $value[5]) ? $finished=true : $finished=false;
+
+               $configs[$key]['embedable'] = $embedable;
+               $configs[$key]['finished'] = $finished;
+               $configs[$key]['mime'] = $value['mime'];
+               $configs[$key]['status'] = $value['status'];
+               $configs[$key]['hidden'] = $value['hidden'];
+               $configs[$key]['chunks_finished'] = @array_sum($value['stats']);
+               if ($finished) {
+                       $configs[$key]['chunks_partial'] = $configs[$key]['chunks_finished'];
+               } else {
+                       $continue = true;
+                       foreach($value['stats'] as $sk => $sv) {
+                               if ($continue) {
+                                       $configs[$key]['chunks_partial'] = $configs[$key]['chunks_partial']+$sv;
+                                       if ($sv != '1.00') $continue=false;
+                               }
+                       }
+               }
+               $configs[$key]['date'] = date('d.m.y - H:i:s - T', $value['added']);
+               $configs[$key]['lastchange'] = date('d.m.y - H:i:s - T', $value['lastchange']);
+       }
+
+
+       //set base folders
+       $basepath['/'] = 'top';
+       $bpath = '';
+       foreach (explode('/', $subf) as $key => $value) {
+               if ($value != '') {
+                       $bpath .= '/'.$value;
+                       $basepath[$bpath] = $value;
+               }
+       }
+       $smarty->assign('debug', @$_GET['debug']);
+       $smarty->assign('user_level', $_SESSION['creds']['user_level']);
+       $smarty->assign('user_name', $_SESSION['creds']['user_name']);
+       $smarty->assign('folderrights', $squashweb->folderrights());
+
+       $smarty->assign('squashed', $configs);
+       $smarty->assign('paths', $paths);
+       $smarty->assign('base', $basepath);
+       $smarty->assign('currentfolder', $subf);
+       $subs = $squashweb->subfolders();
+       if ($subs)
+               asort($subs);
+       $smarty->assign('subfolders', $subs);
+
+       //if(@$_GET[debug]) print_r($configs);
+       $smarty->display('index.tpl'); //Display normal template
+
+}
+// vim: syntax=php ts=4 sw=4 sts=4 sr noet
+?>