willysec_id

Lite File Manager

Oct 11th, 2023 (edited)
132
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 77.42 KB | Cybersecurity | 0 0
  1. <?php
  2. /* PHP File manager ver 1.4 */
  3.  
  4. // Configuration — do not change manually!
  5. $authorization = '{"authorize":"0","login":"admin","password":"phpfm","cookie_name":"fm_user","days_authorization":"30","script":"<script type=\"text\/javascript\" src=\"https:\/\/www.cdolivet.com\/editarea\/editarea\/edit_area\/edit_area_full.js\"><\/script>\r\n<script language=\"Javascript\" type=\"text\/javascript\">\r\neditAreaLoader.init({\r\nid: \"newcontent\"\r\n,display: \"later\"\r\n,start_highlight: true\r\n,allow_resize: \"both\"\r\n,allow_toggle: true\r\n,word_wrap: true\r\n,language: \"ru\"\r\n,syntax: \"php\"\t\r\n,toolbar: \"search, go_to_line, |, undo, redo, |, select_font, |, syntax_selection, |, change_smooth_selection, highlight, reset_highlight, |, help\"\r\n,syntax_selection_allow: \"css,html,js,php,python,xml,c,cpp,sql,basic,pas\"\r\n});\r\n<\/script>"}';
  6. $php_templates = '{"Settings":"global $fm_config;\r\nvar_export($fm_config);","Backup SQL tables":"echo fm_backup_tables();"}';
  7. $sql_templates = '{"All bases":"SHOW DATABASES;","All tables":"SHOW TABLES;"}';
  8. $translation = '{"id":"en","Add":"Add","Are you sure you want to delete this directory (recursively)?":"Are you sure you want to delete this directory (recursively)?","Are you sure you want to delete this file?":"Are you sure you want to delete this file?","Archiving":"Archiving","Authorization":"Authorization","Back":"Back","Cancel":"Cancel","Chinese":"Chinese","Compress":"Compress","Console":"Console","Cookie":"Cookie","Created":"Created","Date":"Date","Days":"Days","Decompress":"Decompress","Delete":"Delete","Deleted":"Deleted","Download":"Download","done":"done","Edit":"Edit","Enter":"Enter","English":"English","Error occurred":"Error occurred","File manager":"File manager","File selected":"File selected","File updated":"File updated","Filename":"Filename","Files uploaded":"Files uploaded","French":"French","Generation time":"Generation time","German":"German","Home":"Home","Quit":"Quit","Language":"Language","Login":"Login","Manage":"Manage","Make directory":"Make directory","Name":"Name","New":"New","New file":"New file","no files":"no files","Password":"Password","pictures":"pictures","Recursively":"Recursively","Rename":"Rename","Reset":"Reset","Reset settings":"Reset settings","Restore file time after editing":"Restore file time after editing","Result":"Result","Rights":"Rights","Russian":"Russian","Save":"Save","Select":"Select","Select the file":"Select the file","Settings":"Settings","Show":"Show","Show size of the folder":"Show size of the folder","Size":"Size","Spanish":"Spanish","Submit":"Submit","Task":"Task","templates":"templates","Ukrainian":"Ukrainian","Upload":"Upload","Value":"Value","Hello":"Hello"}';
  9. // end configuration
  10.  
  11. // Preparations
  12. $starttime = explode(' ', microtime());
  13. $starttime = $starttime[1] + $starttime[0];
  14. $langs = array('en','ru','de','fr','uk');
  15. $path = empty($_REQUEST['path']) ? $path = realpath('.') : realpath($_REQUEST['path']);
  16. $path = str_replace('\\', '/', $path) . '/';
  17. $main_path=str_replace('\\', '/',realpath('./'));
  18. $phar_maybe = (version_compare(phpversion(),"5.3.0","<"))?true:false;
  19. $msg = ''; // service string
  20. $default_language = 'ru';
  21. $detect_lang = true;
  22. $fm_version = 1.4;
  23.  
  24. //Authorization
  25. $auth = json_decode($authorization,true);
  26. $auth['authorize'] = isset($auth['authorize']) ? $auth['authorize'] : 0;
  27. $auth['days_authorization'] = (isset($auth['days_authorization'])&&is_numeric($auth['days_authorization'])) ? (int)$auth['days_authorization'] : 30;
  28. $auth['login'] = isset($auth['login']) ? $auth['login'] : 'admin';  
  29. $auth['password'] = isset($auth['password']) ? $auth['password'] : 'phpfm';  
  30. $auth['cookie_name'] = isset($auth['cookie_name']) ? $auth['cookie_name'] : 'fm_user';
  31. $auth['script'] = isset($auth['script']) ? $auth['script'] : '';
  32.  
  33. // Little default config
  34. $fm_default_config = array (
  35.     'make_directory' => true,
  36.     'new_file' => true,
  37.     'upload_file' => true,
  38.     'show_dir_size' => false, //if true, show directory size → maybe slow
  39.     'show_img' => true,
  40.     'show_php_ver' => true,
  41.     'show_php_ini' => false, // show path to current php.ini
  42.     'show_gt' => true, // show generation time
  43.     'enable_php_console' => true,
  44.     'enable_sql_console' => true,
  45.     'sql_server' => 'localhost',
  46.     'sql_username' => 'root',
  47.     'sql_password' => '',
  48.     'sql_db' => 'test_base',
  49.     'enable_proxy' => true,
  50.     'show_phpinfo' => true,
  51.     'show_xls' => true,
  52.     'fm_settings' => true,
  53.     'restore_time' => true,
  54.     'fm_restore_time' => false,
  55. );
  56.  
  57. if (empty($_COOKIE['fm_config'])) $fm_config = $fm_default_config;
  58. else $fm_config = unserialize($_COOKIE['fm_config']);
  59.  
  60. // Change language
  61. if (isset($_POST['fm_lang'])) {
  62.     setcookie('fm_lang', $_POST['fm_lang'], time() + (86400 * $auth['days_authorization']));
  63.     $_COOKIE['fm_lang'] = $_POST['fm_lang'];
  64. }
  65. $language = $default_language;
  66.  
  67. // Detect browser language
  68. if($detect_lang && !empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) && empty($_COOKIE['fm_lang'])){
  69.     $lang_priority = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
  70.     if (!empty($lang_priority)){
  71.         foreach ($lang_priority as $lang_arr){
  72.             $lng = explode(';', $lang_arr);
  73.             $lng = $lng[0];
  74.             if(in_array($lng,$langs)){
  75.                 $language = $lng;
  76.                 break;
  77.             }
  78.         }
  79.     }
  80. }
  81.  
  82. // Cookie language is primary for ever
  83. $language = (empty($_COOKIE['fm_lang'])) ? $language : $_COOKIE['fm_lang'];
  84.  
  85. // Localization
  86. $lang = json_decode($translation,true);
  87. if ($lang['id']!=$language) {
  88.     $get_lang = file_get_contents('https://raw.githubusercontent.com/Den1xxx/Filemanager/master/languages/' . $language . '.json');
  89.     if (!empty($get_lang)) {
  90.         //remove unnecessary characters
  91.         $translation_string = str_replace("'",'&#39;',json_encode(json_decode($get_lang),JSON_UNESCAPED_UNICODE));
  92.         $fgc = file_get_contents(__FILE__);
  93.         $search = preg_match('#translation[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches);
  94.         if (!empty($matches[1])) {
  95.             $filemtime = filemtime(__FILE__);
  96.             $replace = str_replace('{"'.$matches[1].'"}',$translation_string,$fgc);
  97.             if (file_put_contents(__FILE__, $replace)) {
  98.                 $msg .= __('File updated');
  99.             }   else $msg .= __('Error occurred');
  100.             if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime);
  101.         }  
  102.         $lang = json_decode($translation_string,true);
  103.     }
  104. }
  105.  
  106. /* Functions */
  107.  
  108. //translation
  109. function __($text){
  110.     global $lang;
  111.     if (isset($lang[$text])) return $lang[$text];
  112.     else return $text;
  113. };
  114.  
  115. //delete files and dirs recursively
  116. function fm_del_files($file, $recursive = false) {
  117.     if($recursive && @is_dir($file)) {
  118.         $els = fm_scan_dir($file, '', '', true);
  119.         foreach ($els as $el) {
  120.             if($el != '.' && $el != '..'){
  121.                 fm_del_files($file . '/' . $el, true);
  122.             }
  123.         }
  124.     }
  125.     if(@is_dir($file)) {
  126.         return rmdir($file);
  127.     } else {
  128.         return @unlink($file);
  129.     }
  130. }
  131.  
  132. //file perms
  133. function fm_rights_string($file, $if = false){
  134.     $perms = fileperms($file);
  135.     $info = '';
  136.     if(!$if){
  137.         if (($perms & 0xC000) == 0xC000) {
  138.             //Socket
  139.             $info = 's';
  140.         } elseif (($perms & 0xA000) == 0xA000) {
  141.             //Symbolic Link
  142.             $info = 'l';
  143.         } elseif (($perms & 0x8000) == 0x8000) {
  144.             //Regular
  145.             $info = '-';
  146.         } elseif (($perms & 0x6000) == 0x6000) {
  147.             //Block special
  148.             $info = 'b';
  149.         } elseif (($perms & 0x4000) == 0x4000) {
  150.             //Directory
  151.             $info = 'd';
  152.         } elseif (($perms & 0x2000) == 0x2000) {
  153.             //Character special
  154.             $info = 'c';
  155.         } elseif (($perms & 0x1000) == 0x1000) {
  156.             //FIFO pipe
  157.             $info = 'p';
  158.         } else {
  159.             //Unknown
  160.             $info = 'u';
  161.         }
  162.     }
  163.  
  164.     //Owner
  165.     $info .= (($perms & 0x0100) ? 'r' : '-');
  166.     $info .= (($perms & 0x0080) ? 'w' : '-');
  167.     $info .= (($perms & 0x0040) ?
  168.     (($perms & 0x0800) ? 's' : 'x' ) :
  169.     (($perms & 0x0800) ? 'S' : '-'));
  170.  
  171.     //Group
  172.     $info .= (($perms & 0x0020) ? 'r' : '-');
  173.     $info .= (($perms & 0x0010) ? 'w' : '-');
  174.     $info .= (($perms & 0x0008) ?
  175.     (($perms & 0x0400) ? 's' : 'x' ) :
  176.     (($perms & 0x0400) ? 'S' : '-'));
  177.  
  178.     //World
  179.     $info .= (($perms & 0x0004) ? 'r' : '-');
  180.     $info .= (($perms & 0x0002) ? 'w' : '-');
  181.     $info .= (($perms & 0x0001) ?
  182.     (($perms & 0x0200) ? 't' : 'x' ) :
  183.     (($perms & 0x0200) ? 'T' : '-'));
  184.  
  185.     return $info;
  186. }
  187.  
  188. function fm_convert_rights($mode) {
  189.     $mode = str_pad($mode,9,'-');
  190.     $trans = array('-'=>'0','r'=>'4','w'=>'2','x'=>'1');
  191.     $mode = strtr($mode,$trans);
  192.     $newmode = '0';
  193.     $owner = (int) $mode[0] + (int) $mode[1] + (int) $mode[2];
  194.     $group = (int) $mode[3] + (int) $mode[4] + (int) $mode[5];
  195.     $world = (int) $mode[6] + (int) $mode[7] + (int) $mode[8];
  196.     $newmode .= $owner . $group . $world;
  197.     return intval($newmode, 8);
  198. }
  199.  
  200. function fm_chmod($file, $val, $rec = false) {
  201.     $res = @chmod(realpath($file), $val);
  202.     if(@is_dir($file) && $rec){
  203.         $els = fm_scan_dir($file);
  204.         foreach ($els as $el) {
  205.             $res = $res && fm_chmod($file . '/' . $el, $val, true);
  206.         }
  207.     }
  208.     return $res;
  209. }
  210.  
  211. //load files
  212. function fm_download($file_name) {
  213.     if (!empty($file_name)) {
  214.         if (file_exists($file_name)) {
  215.             header("Content-Disposition: attachment; filename=" . basename($file_name));  
  216.             header("Content-Type: application/force-download");
  217.             header("Content-Type: application/octet-stream");
  218.             header("Content-Type: application/download");
  219.             header("Content-Description: File Transfer");            
  220.             header("Content-Length: " . filesize($file_name));     
  221.             flush(); // this doesn't really matter.
  222.             $fp = fopen($file_name, "r");
  223.             while (!feof($fp)) {
  224.                 echo fread($fp, 65536);
  225.                 flush(); // this is essential for large downloads
  226.             }
  227.             fclose($fp);
  228.             die();
  229.         } else {
  230.             header('HTTP/1.0 404 Not Found', true, 404);
  231.             header('Status: 404 Not Found');
  232.             die();
  233.         }
  234.     }
  235. }
  236.  
  237. //show folder size
  238. function fm_dir_size($f,$format=true) {
  239.     if($format)  {
  240.         $size=fm_dir_size($f,false);
  241.         if($size<=1024) return $size.' bytes';
  242.         elseif($size<=1024*1024) return round($size/(1024),2).'&nbsp;Kb';
  243.         elseif($size<=1024*1024*1024) return round($size/(1024*1024),2).'&nbsp;Mb';
  244.         elseif($size<=1024*1024*1024*1024) return round($size/(1024*1024*1024),2).'&nbsp;Gb';
  245.         elseif($size<=1024*1024*1024*1024*1024) return round($size/(1024*1024*1024*1024),2).'&nbsp;Tb'; //:)))
  246.         else return round($size/(1024*1024*1024*1024*1024),2).'&nbsp;Pb'; // ;-)
  247.     } else {
  248.         if(is_file($f)) return filesize($f);
  249.         $size=0;
  250.         $dh=opendir($f);
  251.         while(($file=readdir($dh))!==false) {
  252.             if($file=='.' || $file=='..') continue;
  253.             if(is_file($f.'/'.$file)) $size+=filesize($f.'/'.$file);
  254.             else $size+=fm_dir_size($f.'/'.$file,false);
  255.         }
  256.         closedir($dh);
  257.         return $size+filesize($f);
  258.     }
  259. }
  260.  
  261. //scan directory
  262. function fm_scan_dir($directory, $exp = '', $type = 'all', $do_not_filter = false) {
  263.     $dir = $ndir = array();
  264.     if(!empty($exp)){
  265.         $exp = '/^' . str_replace('*', '(.*)', str_replace('.', '\\.', $exp)) . '$/';
  266.     }
  267.     if(!empty($type) && $type !== 'all'){
  268.         $func = 'is_' . $type;
  269.     }
  270.     if(@is_dir($directory)){
  271.         $fh = opendir($directory);
  272.         while (false !== ($filename = readdir($fh))) {
  273.             if(substr($filename, 0, 1) != '.' || $do_not_filter) {
  274.                 if((empty($type) || $type == 'all' || $func($directory . '/' . $filename)) && (empty($exp) || preg_match($exp, $filename))){
  275.                     $dir[] = $filename;
  276.                 }
  277.             }
  278.         }
  279.         closedir($fh);
  280.         natsort($dir);
  281.     }
  282.     return $dir;
  283. }
  284.  
  285. function fm_link($get,$link,$name,$title='') {
  286.     if (empty($title)) $title=$name.' '.basename($link);
  287.     return '&nbsp;&nbsp;<a href="?'.$get.'='.base64_encode($link).'" title="'.$title.'">'.$name.'</a>';
  288. }
  289.  
  290. function fm_arr_to_option($arr,$n,$sel=''){
  291.     foreach($arr as $v){
  292.         $b=$v[$n];
  293.         $res.='<option value="'.$b.'" '.($sel && $sel==$b?'selected':'').'>'.$b.'</option>';
  294.     }
  295.     return $res;
  296. }
  297.  
  298. function fm_lang_form ($current='en'){
  299. return '
  300. <form name="change_lang" method="post" action="">
  301.     <select name="fm_lang" title="'.__('Language').'" onchange="document.forms[\'change_lang\'].submit()" >
  302.         <option value="en" '.($current=='en'?'selected="selected" ':'').'>'.__('English').'</option>
  303.         <option value="de" '.($current=='de'?'selected="selected" ':'').'>'.__('German').'</option>
  304.         <option value="ru" '.($current=='ru'?'selected="selected" ':'').'>'.__('Russian').'</option>
  305.         <option value="fr" '.($current=='fr'?'selected="selected" ':'').'>'.__('French').'</option>
  306.         <option value="uk" '.($current=='uk'?'selected="selected" ':'').'>'.__('Ukrainian').'</option>
  307.     </select>
  308. </form>
  309. ';
  310. }
  311.    
  312. function fm_root($dirname){
  313.     return ($dirname=='.' OR $dirname=='..');
  314. }
  315.  
  316. function fm_php($string){
  317.     $display_errors=ini_get('display_errors');
  318.     ini_set('display_errors', '1');
  319.     ob_start();
  320.     eval(trim($string));
  321.     $text = ob_get_contents();
  322.     ob_end_clean();
  323.     ini_set('display_errors', $display_errors);
  324.     return $text;
  325. }
  326.  
  327. //SHOW DATABASES
  328. function fm_sql_connect(){
  329.     global $fm_config;
  330.     return new mysqli($fm_config['sql_server'], $fm_config['sql_username'], $fm_config['sql_password'], $fm_config['sql_db']);
  331. }
  332.  
  333. function fm_sql($query){
  334.     global $fm_config;
  335.     $query=trim($query);
  336.     ob_start();
  337.     $connection = fm_sql_connect();
  338.     if ($connection->connect_error) {
  339.         ob_end_clean();
  340.         return $connection->connect_error;
  341.     }
  342.     $connection->set_charset('utf8');
  343.     $queried = mysqli_query($connection,$query);
  344.     if ($queried===false) {
  345.         ob_end_clean();
  346.         return mysqli_error($connection);
  347.     } else {
  348.         if(!empty($queried)){
  349.             while($row = mysqli_fetch_assoc($queried)) {
  350.                 $query_result[]=  $row;
  351.             }
  352.         }
  353.         $vdump=empty($query_result)?'':var_export($query_result,true); 
  354.         ob_end_clean();
  355.         $connection->close();
  356.         return '<pre>'.stripslashes($vdump).'</pre>';
  357.     }
  358. }
  359.  
  360. function fm_backup_tables($tables = '*', $full_backup = true) {
  361.     global $path;
  362.     $mysqldb = fm_sql_connect();
  363.     $delimiter = "; \n  \n";
  364.     if($tables == '*')  {
  365.         $tables = array();
  366.         $result = $mysqldb->query('SHOW TABLES');
  367.         while($row = mysqli_fetch_row($result)) {
  368.             $tables[] = $row[0];
  369.         }
  370.     } else {
  371.         $tables = is_array($tables) ? $tables : explode(',',$tables);
  372.     }
  373.    
  374.     $return='';
  375.     foreach($tables as $table)  {
  376.         $result = $mysqldb->query('SELECT * FROM '.$table);
  377.         $num_fields = mysqli_num_fields($result);
  378.         $return.= 'DROP TABLE IF EXISTS `'.$table.'`'.$delimiter;
  379.         $row2 = mysqli_fetch_row($mysqldb->query('SHOW CREATE TABLE '.$table));
  380.         $return.=$row2[1].$delimiter;
  381.         if ($full_backup) {
  382.         for ($i = 0; $i < $num_fields; $i++)  {
  383.             while($row = mysqli_fetch_row($result)) {
  384.                 $return.= 'INSERT INTO `'.$table.'` VALUES(';
  385.                 for($j=0; $j<$num_fields; $j++) {
  386.                     $row[$j] = addslashes($row[$j]);
  387.                     $row[$j] = str_replace("\n","\\n",$row[$j]);
  388.                     if (isset($row[$j])) { $return.= '"'.$row[$j].'"' ; } else { $return.= '""'; }
  389.                     if ($j<($num_fields-1)) { $return.= ','; }
  390.                 }
  391.                 $return.= ')'.$delimiter;
  392.             }
  393.           }
  394.         } else {
  395.         $return = preg_replace("#AUTO_INCREMENT=[\d]+ #is", '', $return);
  396.         }
  397.         $return.="\n\n\n";
  398.     }
  399.  
  400.     //save file
  401.     $file=gmdate("Y-m-d_H-i-s",time()).'.sql';
  402.     $handle = fopen($file,'w+');
  403.     fwrite($handle,$return);
  404.     fclose($handle);
  405.     $alert = 'onClick="if(confirm(\''. __('File selected').': \n'. $file. '. \n'.__('Are you sure you want to delete this file?') . '\')) document.location.href = \'?delete=' . $file . '&path=' . $path  . '\'"';
  406.     return $file.': '.fm_link('download',$path.$file,__('Download'),__('Download').' '.$file).' <a href="#" title="' . __('Delete') . ' '. $file . '" ' . $alert . '>' . __('Delete') . '</a>';
  407. }
  408.  
  409. function fm_restore_tables($sqlFileToExecute) {
  410.     $mysqldb = fm_sql_connect();
  411.     $delimiter = "; \n  \n";
  412.     // Load and explode the sql file
  413.     $f = fopen($sqlFileToExecute,"r+");
  414.     $sqlFile = fread($f,filesize($sqlFileToExecute));
  415.     $sqlArray = explode($delimiter,$sqlFile);
  416.    
  417.     //Process the sql file by statements
  418.     foreach ($sqlArray as $stmt) {
  419.         if (strlen($stmt)>3){
  420.             $result = $mysqldb->query($stmt);
  421.                 if (!$result){
  422.                     $sqlErrorCode = mysqli_errno($mysqldb->connection);
  423.                     $sqlErrorText = mysqli_error($mysqldb->connection);
  424.                     $sqlStmt      = $stmt;
  425.                     break;
  426.                  }
  427.               }
  428.            }
  429. if (empty($sqlErrorCode)) return __('Success').' — '.$sqlFileToExecute;
  430. else return $sqlErrorText.'<br/>'.$stmt;
  431. }
  432.  
  433. function fm_img_link($filename){
  434.     return './'.basename(__FILE__).'?img='.base64_encode($filename);
  435. }
  436.  
  437. function fm_home_style(){
  438.     return '
  439. input, input.fm_input {
  440.     text-indent: 2px;
  441. }
  442.  
  443. input, textarea, select, input.fm_input {
  444.     color: black;
  445.     font: normal 8pt Verdana, Arial, Helvetica, sans-serif;
  446.     border-color: black;
  447.     background-color: #FCFCFC none !important;
  448.     border-radius: 0;
  449.     padding: 2px;
  450. }
  451.  
  452. input.fm_input {
  453.     background: #FCFCFC none !important;
  454.     cursor: pointer;
  455. }
  456.  
  457. .home {
  458.     background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAAgRQTFRF/f396Ojo////tT02zr+fw66Rtj432TEp3MXE2DAr3TYp1y4mtDw2/7BM/7BOqVpc/8l31jcqq6enwcHB2Tgi5jgqVpbFvra2nBAV/Pz82S0jnx0W3TUkqSgi4eHh4Tsre4wosz026uPjzGYd6Us3ynAydUBA5Kl3fm5eqZaW7ODgi2Vg+Pj4uY+EwLm5bY9U//7jfLtC+tOK3jcm/71u2jYo1UYh5aJl/seC3jEm12kmJrIA1jMm/9aU4Lh0e01BlIaE///dhMdC7IA//fTZ2c3MW6nN30wf95Vd4JdXoXVos8nE4efN/+63IJgSnYhl7F4csXt89GQUwL+/jl1c41Aq+fb2gmtI1rKa2C4kJaIA3jYrlTw5tj423jYn3cXE1zQoxMHBp1lZ3Dgmqiks/+mcjLK83jYkymMV3TYk//HM+u7Whmtr0odTpaOjfWJfrHpg/8Bs/7tW/7Ve+4U52DMm3MLBn4qLgNVM6MzB3lEflIuL/+jA///20LOzjXx8/7lbWpJG2C8k3TosJKMA1ywjopOR1zYp5Dspiay+yKNhqKSk8NW6/fjns7Oz2tnZuz887b+W3aRY/+ms4rCE3Tot7V85bKxjuEA3w45Vh5uhq6am4cFxgZZW/9qIuwgKy0sW+ujT4TQntz423C8i3zUj/+Kw/a5d6UMxuL6wzDEr////cqJQfAAAAKx0Uk5T////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////AAWVFbEAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAAA2UlEQVQoU2NYjQYYsAiE8U9YzDYjVpGZRxMiECitMrVZvoMrTlQ2ESRQJ2FVwinYbmqTULoohnE1g1aKGS/fNMtk40yZ9KVLQhgYkuY7NxQvXyHVFNnKzR69qpxBPMez0ETAQyTUvSogaIFaPcNqV/M5dha2Rl2Timb6Z+QBDY1XN/Sbu8xFLG3eLDfl2UABjilO1o012Z3ek1lZVIWAAmUTK6L0s3pX+jj6puZ2AwWUvBRaphswMdUujCiwDwa5VEdPI7ynUlc7v1qYURLquf42hz45CBPDtwACrm+RDcxJYAAAAABJRU5ErkJggg==");
  459.     background-repeat: no-repeat;
  460. }';
  461. }
  462.  
  463. function fm_config_checkbox_row($name,$value) {
  464.     global $fm_config;
  465.     return '<tr><td class="row1"><input id="fm_config_'.$value.'" name="fm_config['.$value.']" value="1" '.(empty($fm_config[$value])?'':'checked="true"').' type="checkbox"></td><td class="row2 whole"><label for="fm_config_'.$value.'">'.$name.'</td></tr>';
  466. }
  467.  
  468. function fm_protocol() {
  469.     if (isset($_SERVER['HTTP_SCHEME'])) return $_SERVER['HTTP_SCHEME'].'://';
  470.     if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') return 'https://';
  471.     if (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) return 'https://';
  472.     if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') return 'https://';
  473.     return 'http://';
  474. }
  475.  
  476. function fm_site_url() {
  477.     return fm_protocol().$_SERVER['HTTP_HOST'];
  478. }
  479.  
  480. function fm_url($full=false) {
  481.     $host=$full?fm_site_url():'.';
  482.     return $host.'/'.basename(__FILE__);
  483. }
  484.  
  485. function fm_home($full=false){
  486.     return '&nbsp;<a href="'.fm_url($full).'" title="'.__('Home').'"><span class="home">&nbsp;&nbsp;&nbsp;&nbsp;</span></a>';
  487. }
  488.  
  489. function fm_run_input($lng) {
  490.     global $fm_config;
  491.     $return = !empty($fm_config['enable_'.$lng.'_console']) ?
  492.     '
  493.                 <form  method="post" action="'.fm_url().'" style="display:inline">
  494.                 <input type="submit" name="'.$lng.'run" value="'.strtoupper($lng).' '.__('Console').'">
  495.                 </form>
  496. ' : '';
  497.     return $return;
  498. }
  499.  
  500. function fm_url_proxy($matches) {
  501.     $link = str_replace('&amp;','&',$matches[2]);
  502.     $url = isset($_GET['url'])?$_GET['url']:'';
  503.     $parse_url = parse_url($url);
  504.     $host = $parse_url['scheme'].'://'.$parse_url['host'].'/';
  505.     if (substr($link,0,2)=='//') {
  506.         $link = substr_replace($link,fm_protocol(),0,2);
  507.     } elseif (substr($link,0,1)=='/') {
  508.         $link = substr_replace($link,$host,0,1);   
  509.     } elseif (substr($link,0,2)=='./') {
  510.         $link = substr_replace($link,$host,0,2);   
  511.     } elseif (substr($link,0,4)=='http') {
  512.         //alles machen wunderschon
  513.     } else {
  514.         $link = $host.$link;
  515.     }
  516.     if ($matches[1]=='href' && !strripos($link, 'css')) {
  517.         $base = fm_site_url().'/'.basename(__FILE__);
  518.         $baseq = $base.'?proxy=true&url=';
  519.         $link = $baseq.urlencode($link);
  520.     } elseif (strripos($link, 'css')){
  521.         //как-то тоже подменять надо
  522.     }
  523.     return $matches[1].'="'.$link.'"';
  524. }
  525.  
  526. function fm_tpl_form($lng_tpl) {
  527.     global ${$lng_tpl.'_templates'};
  528.     $tpl_arr = json_decode(${$lng_tpl.'_templates'},true);
  529.     $str = '';
  530.     foreach ($tpl_arr as $ktpl=>$vtpl) {
  531.         $str .= '<tr><td class="row1"><input name="'.$lng_tpl.'_name[]" value="'.$ktpl.'"></td><td class="row2 whole"><textarea name="'.$lng_tpl.'_value[]"  cols="55" rows="5" class="textarea_input">'.$vtpl.'</textarea> <input name="del_'.rand().'" type="button" onClick="this.parentNode.parentNode.remove();" value="'.__('Delete').'"/></td></tr>';
  532.     }
  533. return '
  534. <table>
  535. <tr><th colspan="2">'.strtoupper($lng_tpl).' '.__('templates').' '.fm_run_input($lng_tpl).'</th></tr>
  536. <form method="post" action="">
  537. <input type="hidden" value="'.$lng_tpl.'" name="tpl_edited">
  538. <tr><td class="row1">'.__('Name').'</td><td class="row2 whole">'.__('Value').'</td></tr>
  539. '.$str.'
  540. <tr><td colspan="2" class="row3"><input name="res" type="button" onClick="document.location.href = \''.fm_url().'?fm_settings=true\';" value="'.__('Reset').'"/> <input type="submit" value="'.__('Save').'" ></td></tr>
  541. </form>
  542. <form method="post" action="">
  543. <input type="hidden" value="'.$lng_tpl.'" name="tpl_edited">
  544. <tr><td class="row1"><input name="'.$lng_tpl.'_new_name" value="" placeholder="'.__('New').' '.__('Name').'"></td><td class="row2 whole"><textarea name="'.$lng_tpl.'_new_value"  cols="55" rows="5" class="textarea_input" placeholder="'.__('New').' '.__('Value').'"></textarea></td></tr>
  545. <tr><td colspan="2" class="row3"><input type="submit" value="'.__('Add').'" ></td></tr>
  546. </form>
  547. </table>
  548. ';
  549. }
  550.  
  551. /* End Functions */
  552.  
  553. // authorization
  554. if ($auth['authorize']) {
  555.     if (isset($_POST['login']) && isset($_POST['password'])){
  556.         if (($_POST['login']==$auth['login']) && ($_POST['password']==$auth['password'])) {
  557.             setcookie($auth['cookie_name'], $auth['login'].'|'.md5($auth['password']), time() + (86400 * $auth['days_authorization']));
  558.             $_COOKIE[$auth['cookie_name']]=$auth['login'].'|'.md5($auth['password']);
  559.         }
  560.     }
  561.     if (!isset($_COOKIE[$auth['cookie_name']]) OR ($_COOKIE[$auth['cookie_name']]!=$auth['login'].'|'.md5($auth['password']))) {
  562.         echo '
  563. <!doctype html>
  564. <html>
  565. <head>
  566. <meta charset="utf-8" />
  567. <meta name="viewport" content="width=device-width, initial-scale=1" />
  568. <title>'.__('File manager').'</title>
  569. </head>
  570. <body>
  571. <form action="" method="post">
  572. '.__('Login').' <input name="login" type="text">&nbsp;&nbsp;&nbsp;
  573. '.__('Password').' <input name="password" type="password">&nbsp;&nbsp;&nbsp;
  574. <input type="submit" value="'.__('Enter').'" class="fm_input">
  575. </form>
  576. '.fm_lang_form($language).'
  577. </body>
  578. </html>
  579. ';  
  580. die();
  581.     }
  582.     if (isset($_POST['quit'])) {
  583.         unset($_COOKIE[$auth['cookie_name']]);
  584.         setcookie($auth['cookie_name'], '', time() - (86400 * $auth['days_authorization']));
  585.         header('Location: '.fm_site_url().$_SERVER['REQUEST_URI']);
  586.     }
  587. }
  588.  
  589. // Change config
  590. if (isset($_GET['fm_settings'])) {
  591.     if (isset($_GET['fm_config_delete'])) {
  592.         unset($_COOKIE['fm_config']);
  593.         setcookie('fm_config', '', time() - (86400 * $auth['days_authorization']));
  594.         header('Location: '.fm_url().'?fm_settings=true');
  595.         exit(0);
  596.     }   elseif (isset($_POST['fm_config'])) {
  597.         $fm_config = $_POST['fm_config'];
  598.         setcookie('fm_config', serialize($fm_config), time() + (86400 * $auth['days_authorization']));
  599.         $_COOKIE['fm_config'] = serialize($fm_config);
  600.         $msg = __('Settings').' '.__('done');
  601.     }   elseif (isset($_POST['fm_login'])) {
  602.         if (empty($_POST['fm_login']['authorize'])) $_POST['fm_login'] = array('authorize' => '0') + $_POST['fm_login'];
  603.         $fm_login = json_encode($_POST['fm_login']);
  604.         $fgc = file_get_contents(__FILE__);
  605.         $search = preg_match('#authorization[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches);
  606.         if (!empty($matches[1])) {
  607.             $filemtime = filemtime(__FILE__);
  608.             $replace = str_replace('{"'.$matches[1].'"}',$fm_login,$fgc);
  609.             if (file_put_contents(__FILE__, $replace)) {
  610.                 $msg .= __('File updated');
  611.                 if ($_POST['fm_login']['login'] != $auth['login']) $msg .= ' '.__('Login').': '.$_POST['fm_login']['login'];
  612.                 if ($_POST['fm_login']['password'] != $auth['password']) $msg .= ' '.__('Password').': '.$_POST['fm_login']['password'];
  613.                 $auth = $_POST['fm_login'];
  614.             }
  615.             else $msg .= __('Error occurred');
  616.             if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime);
  617.         }
  618.     } elseif (isset($_POST['tpl_edited'])) {
  619.         $lng_tpl = $_POST['tpl_edited'];
  620.         if (!empty($_POST[$lng_tpl.'_name'])) {
  621.             $fm_php = json_encode(array_combine($_POST[$lng_tpl.'_name'],$_POST[$lng_tpl.'_value']),JSON_HEX_APOS);
  622.         } elseif (!empty($_POST[$lng_tpl.'_new_name'])) {
  623.             $fm_php = json_encode(json_decode(${$lng_tpl.'_templates'},true)+array($_POST[$lng_tpl.'_new_name']=>$_POST[$lng_tpl.'_new_value']),JSON_HEX_APOS);
  624.         }
  625.         if (!empty($fm_php)) {
  626.             $fgc = file_get_contents(__FILE__);
  627.             $search = preg_match('#'.$lng_tpl.'_templates[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches);
  628.             if (!empty($matches[1])) {
  629.                 $filemtime = filemtime(__FILE__);
  630.                 $replace = str_replace('{"'.$matches[1].'"}',$fm_php,$fgc);
  631.                 if (file_put_contents(__FILE__, $replace)) {
  632.                     ${$lng_tpl.'_templates'} = $fm_php;
  633.                     $msg .= __('File updated');
  634.                 } else $msg .= __('Error occurred');
  635.                 if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime);
  636.             }  
  637.         } else $msg .= __('Error occurred');
  638.     }
  639. }
  640.  
  641. // Just show image
  642. if (isset($_GET['img'])) {
  643.     $file=base64_decode($_GET['img']);
  644.     if ($info=getimagesize($file)){
  645.         switch  ($info[2]){ //1=GIF, 2=JPG, 3=PNG, 4=SWF, 5=PSD, 6=BMP
  646.             case 1: $ext='gif'; break;
  647.             case 2: $ext='jpeg'; break;
  648.             case 3: $ext='png'; break;
  649.             case 6: $ext='bmp'; break;
  650.             default: die();
  651.         }
  652.         header("Content-type: image/$ext");
  653.         echo file_get_contents($file);
  654.         die();
  655.     }
  656. }
  657.  
  658. // Just download file
  659. if (isset($_GET['download'])) {
  660.     $file=base64_decode($_GET['download']);
  661.     fm_download($file);
  662. }
  663.  
  664. // Just show info
  665. if (isset($_GET['phpinfo'])) {
  666.     phpinfo();
  667.     die();
  668. }
  669.  
  670. // Mini proxy, many bugs!
  671. if (isset($_GET['proxy']) && (!empty($fm_config['enable_proxy']))) {
  672.     $url = isset($_GET['url'])?urldecode($_GET['url']):'';
  673.     $proxy_form = '
  674. <div style="position:relative;z-index:100500;background: linear-gradient(to bottom, #e4f5fc 0%,#bfe8f9 50%,#9fd8ef 51%,#2ab0ed 100%);">
  675.     <form action="" method="GET">
  676.     <input type="hidden" name="proxy" value="true">
  677.     '.fm_home().' <a href="'.$url.'" target="_blank">Url</a>: <input type="text" name="url" value="'.$url.'" size="55">
  678.     <input type="submit" value="'.__('Show').'" class="fm_input">
  679.     </form>
  680. </div>
  681. ';
  682.     if ($url) {
  683.         $ch = curl_init($url);
  684.         curl_setopt($ch, CURLOPT_USERAGENT, 'Den1xxx test proxy');
  685.         curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  686.         curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
  687.         curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);
  688.         curl_setopt($ch, CURLOPT_HEADER, 0);
  689.         curl_setopt($ch, CURLOPT_REFERER, $url);
  690.         curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
  691.         $result = curl_exec($ch);
  692.         curl_close($ch);
  693.         //$result = preg_replace('#(src)=["\'][http://]?([^:]*)["\']#Ui', '\\1="'.$url.'/\\2"', $result);
  694.         $result = preg_replace_callback('#(href|src)=["\'][http://]?([^:]*)["\']#Ui', 'fm_url_proxy', $result);
  695.         $result = preg_replace('%(<body.*?>)%i', '$1'.'<style>'.fm_home_style().'</style>'.$proxy_form, $result);
  696.         echo $result;
  697.         die();
  698.     }
  699. }
  700. ?>
  701. <!doctype html>
  702. <html>
  703. <head>    
  704.     <meta charset="utf-8" />
  705.     <meta name="viewport" content="width=device-width, initial-scale=1" />
  706.     <title><?=__('File manager')?></title>
  707. <style>
  708. body {
  709.     background-color:   white;
  710.     font-family:        Verdana, Arial, Helvetica, sans-serif;
  711.     font-size:          8pt;
  712.     margin:             0px;
  713. }
  714.  
  715. a:link, a:active, a:visited { color: #006699; text-decoration: none; }
  716. a:hover { color: #DD6900; text-decoration: underline; }
  717. a.th:link { color: #FFA34F; text-decoration: none; }
  718. a.th:active { color: #FFA34F; text-decoration: none; }
  719. a.th:visited { color: #FFA34F; text-decoration: none; }
  720. a.th:hover {  color: #FFA34F; text-decoration: underline; }
  721.  
  722. table.bg {
  723.     background-color: #ACBBC6
  724. }
  725.  
  726. th, td {
  727.     font:   normal 8pt Verdana, Arial, Helvetica, sans-serif;
  728.     padding: 3px;
  729. }
  730.  
  731. th  {
  732.     height:             25px;
  733.     background-color:   #006699;
  734.     color:              #FFA34F;
  735.     font-weight:        bold;
  736.     font-size:          11px;
  737. }
  738.  
  739. .row1 {
  740.     background-color:   #EFEFEF;
  741. }
  742.  
  743. .row2 {
  744.     background-color:   #DEE3E7;
  745. }
  746.  
  747. .row3 {
  748.     background-color:   #D1D7DC;
  749.     padding: 5px;
  750. }
  751.  
  752. tr.row1:hover {
  753.     background-color:   #F3FCFC;
  754. }
  755.  
  756. tr.row2:hover {
  757.     background-color:   #F0F6F6;
  758. }
  759.  
  760. .whole {
  761.     width: 100%;
  762. }
  763.  
  764. .all tbody td:first-child{width:100%;}
  765.  
  766. textarea {
  767.     font: 9pt 'Courier New', courier;
  768.     line-height: 125%;
  769.     padding: 5px;
  770. }
  771.  
  772. .textarea_input {
  773.     height: 1em;
  774. }
  775.  
  776. .textarea_input:focus {
  777.     height: auto;
  778. }
  779.  
  780. input[type=submit]{
  781.     background: #FCFCFC none !important;
  782.     cursor: pointer;
  783. }
  784.  
  785. .folder {
  786.     background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAGYktHRAD/AP8A/6C9p5MAAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfcCAwGMhleGAKOAAAByElEQVQ4y8WTT2sUQRDFf9XTM+PGIBHdEEQR8eAfggaPHvTuyU+i+A38AF48efJbKB5zE0IMAVcCiRhQE8gmm111s9mZ3Zl+Hmay5qAY8GBDdTWPeo9HVRf872O9xVv3/JnrCygIU406K/qbrbP3Vxb/qjD8+OSNtC+VX6RiUyrWpXJD2aenfyR3Xs9N3h5rFIw6EAYQxsAIKMFx+cfSg0dmFk+qJaQyGu0tvwT2KwEZhANQWZGVg3LS83eupM2F5yiDkE9wDPZ762vQfVUJhIKQ7TDaW8TiacCO2lNnd6xjlYvpm49f5FuNZ+XBxpon5BTfWqSzN4AELAFLq+wSbILFdXgguoibUj7+vu0RKG9jeYHk6uIEXIosQZZiNWYuQSQQTWFuYEV3acXTfwdxitKrQAwumYiYO3JzCkVTyDWwsg+DVZR9YNTL3nqNDnHxNBq2f1mc2I1AgnAIRRfGbVQOamenyQ7ay74sI3z+FWWH9aiOrlCFBOaqqLoIyijw+YWHW9u+CKbGsIc0/s2X0bFpHMNUEuKZVQC/2x0mM00P8idfAAetz2ETwG5fa87PnosuhYBOyo8cttMJW+83dlv/tIl3F+b4CYyp2Txw2VUwAAAAAElFTkSuQmCC");
  787. }
  788.  
  789. .file {
  790.     background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAGYktHRAD/AP8A/6C9p5MAAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfcCAwGMTg5XEETAAAB8klEQVQ4y3WSMW/TQBiGn++7sx3XddMAIm0nkCohRQiJDSExdAl/ATEwIPEzkFiYYGRlyMyGxMLExFhByy9ACAaa0gYnDol9x9DYiVs46dPnk/w+9973ngDJ/v7++yAICj+fI0HA/5ZzDu89zjmOjo6yfr//wAJBr9e7G4YhxWSCRFH902qVZdnYx3F8DIQWIMsy1pIEXxSoMfVJ50FeDKUrcGcwAVCANE1ptVqoKqqKMab+rvZhvMbn1y/wg6dItIaIAGABTk5OSJIE9R4AEUFVcc7VPf92wPbtlHz3CRt+jqpSO2i328RxXNtehYgIprXO+ONzrl3+gtEAEW0ChsMhWZY17l5DjOX00xuu7oz5ET3kUmejBteATqdDHMewEK9CPDA/fMVs6xab23tnIv2Hg/F43Jy494gNGH54SffGBqfrj0laS3HDQZqmhGGIW8RWxffn+Dv251t+te/R3enhEUSWVQNGoxF5nuNXxKKGrwfvCHbv4K88wmiJ6nKwjRijKMIYQzmfI4voRIQi3uZ39z5bm50zaHXq4v41YDqdgghSlohzAMymOddv7mGMUJZlI9ZqwE0Hqoi1F15hJVrtCxe+AkgYhgTWIsZgoggRwVp7YWCryxijFWAyGAyeIVKocyLW1o+o6ucL8Hmez4DxX+8dALG7MeVUAAAAAElFTkSuQmCC");
  791. }
  792. <?=fm_home_style()?>
  793. .img {
  794.     background-image:
  795. url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAAdFQTFRF7e3t/f39pJ+f+cJajV8q6enpkGIm/sFO/+2O393c5ubm/sxbd29yimdneFg65OTk2zoY6uHi1zAS1crJsHs2nygo3Nrb2LBXrYtm2p5A/+hXpoRqpKOkwri46+vr0MG36Ysz6ujpmI6AnzUywL+/mXVSmIBN8bwwj1VByLGza1ZJ0NDQjYSB/9NjwZ6CwUAsxk0brZyWw7pmGZ4A6LtdkHdf/+N8yow27b5W87RNLZL/2biP7wAA//GJl5eX4NfYsaaLgp6h1b+t/+6R68Fe89ycimZd/uQv3r9NupCB99V25a1cVJbbnHhO/8xS+MBa8fDwi2Ji48qi/+qOdVIzs34x//GOXIzYp5SP/sxgqpiIcp+/siQpcmpstayszSANuKKT9PT04uLiwIky8LdE+sVWvqam8e/vL5IZ+rlH8cNg08Ccz7ad8vLy9LtU1qyUuZ4+r512+8s/wUpL3d3dx7W1fGNa/89Z2cfH+s5n6Ojob1Yts7Kz19fXwIg4p1dN+Pj4zLR0+8pd7strhKAs/9hj/9BV1KtftLS1np2dYlJSZFVV5LRWhEFB5rhZ/9Jq0HtT//CSkIqJ6K5D+LNNblVVvjM047ZMz7e31xEG////tKgu6wAAAJt0Uk5T/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////wCVVpKYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAANZJREFUKFNjmKWiPQsZMMximsqPKpAb2MsAZNjLOwkzggVmJYnyps/QE59eKCEtBhaYFRfjZuThH27lY6kqBxYorS/OMC5wiHZkl2QCCVTkN+trtFj4ZSpMmawDFBD0lCoynzZBl1nIJj55ElBA09pdvc9buT1SYKYBWw1QIC0oNYsjrFHJpSkvRYsBKCCbM9HLN9tWrbqnjUUGZG1AhGuIXZRzpQl3aGwD2B2cZZ2zEoL7W+u6qyAunZXIOMvQrFykqwTiFzBQNOXj4QKzoAKzajtYIQwAlvtpl3V5c8MAAAAASUVORK5CYII=");
  796. }
  797. @media screen and (max-width:720px){
  798.   table{display:block;}
  799.     #fm_table td{display:inline;float:left;}
  800.     #fm_table tbody td:first-child{width:100%;padding:0;}
  801.     #fm_table tbody tr:nth-child(2n+1){background-color:#EFEFEF;}
  802.     #fm_table tbody tr:nth-child(2n){background-color:#DEE3E7;}
  803.     #fm_table tr{display:block;float:left;clear:left;width:100%;}
  804.     #header_table .row2, #header_table .row3 {display:inline;float:left;width:100%;padding:0;}
  805.     #header_table table td {display:inline;float:left;}
  806. }
  807. </style>
  808. </head>
  809. <body>
  810. <?php
  811. $url_inc = '?fm=true';
  812. if (isset($_POST['sqlrun'])&&!empty($fm_config['enable_sql_console'])){
  813.     $res = empty($_POST['sql']) ? '' : $_POST['sql'];
  814.     $res_lng = 'sql';
  815. } elseif (isset($_POST['phprun'])&&!empty($fm_config['enable_php_console'])){
  816.     $res = empty($_POST['php']) ? '' : $_POST['php'];
  817.     $res_lng = 'php';
  818. }
  819. if (isset($_GET['fm_settings'])) {
  820.     echo '
  821. <table class="whole">
  822. <form method="post" action="">
  823. <tr><th colspan="2">'.__('File manager').' - '.__('Settings').'</th></tr>
  824. '.(empty($msg)?'':'<tr><td class="row2" colspan="2">'.$msg.'</td></tr>').'
  825. '.fm_config_checkbox_row(__('Show size of the folder'),'show_dir_size').'
  826. '.fm_config_checkbox_row(__('Show').' '.__('pictures'),'show_img').'
  827. '.fm_config_checkbox_row(__('Show').' '.__('Make directory'),'make_directory').'
  828. '.fm_config_checkbox_row(__('Show').' '.__('New file'),'new_file').'
  829. '.fm_config_checkbox_row(__('Show').' '.__('Upload'),'upload_file').'
  830. '.fm_config_checkbox_row(__('Show').' PHP version','show_php_ver').'
  831. '.fm_config_checkbox_row(__('Show').' PHP ini','show_php_ini').'
  832. '.fm_config_checkbox_row(__('Show').' '.__('Generation time'),'show_gt').'
  833. '.fm_config_checkbox_row(__('Show').' xls','show_xls').'
  834. '.fm_config_checkbox_row(__('Show').' PHP '.__('Console'),'enable_php_console').'
  835. '.fm_config_checkbox_row(__('Show').' SQL '.__('Console'),'enable_sql_console').'
  836. <tr><td class="row1"><input name="fm_config[sql_server]" value="'.$fm_config['sql_server'].'" type="text"></td><td class="row2 whole">SQL server</td></tr>
  837. <tr><td class="row1"><input name="fm_config[sql_username]" value="'.$fm_config['sql_username'].'" type="text"></td><td class="row2 whole">SQL user</td></tr>
  838. <tr><td class="row1"><input name="fm_config[sql_password]" value="'.$fm_config['sql_password'].'" type="text"></td><td class="row2 whole">SQL password</td></tr>
  839. <tr><td class="row1"><input name="fm_config[sql_db]" value="'.$fm_config['sql_db'].'" type="text"></td><td class="row2 whole">SQL DB</td></tr>
  840. '.fm_config_checkbox_row(__('Show').' Proxy','enable_proxy').'
  841. '.fm_config_checkbox_row(__('Show').' phpinfo()','show_phpinfo').'
  842. '.fm_config_checkbox_row(__('Show').' '.__('Settings'),'fm_settings').'
  843. '.fm_config_checkbox_row(__('Restore file time after editing'),'restore_time').'
  844. '.fm_config_checkbox_row(__('File manager').': '.__('Restore file time after editing'),'fm_restore_time').'
  845. <tr><td class="row3"><a href="'.fm_url().'?fm_settings=true&fm_config_delete=true">'.__('Reset settings').'</a></td><td class="row3"><input type="submit" value="'.__('Save').'" name="fm_config[fm_set_submit]"></td></tr>
  846. </form>
  847. </table>
  848. <table>
  849. <form method="post" action="">
  850. <tr><th colspan="2">'.__('Settings').' - '.__('Authorization').'</th></tr>
  851. <tr><td class="row1"><input name="fm_login[authorize]" value="1" '.($auth['authorize']?'checked':'').' type="checkbox" id="auth"></td><td class="row2 whole"><label for="auth">'.__('Authorization').'</label></td></tr>
  852. <tr><td class="row1"><input name="fm_login[login]" value="'.$auth['login'].'" type="text"></td><td class="row2 whole">'.__('Login').'</td></tr>
  853. <tr><td class="row1"><input name="fm_login[password]" value="'.$auth['password'].'" type="text"></td><td class="row2 whole">'.__('Password').'</td></tr>
  854. <tr><td class="row1"><input name="fm_login[cookie_name]" value="'.$auth['cookie_name'].'" type="text"></td><td class="row2 whole">'.__('Cookie').'</td></tr>
  855. <tr><td class="row1"><input name="fm_login[days_authorization]" value="'.$auth['days_authorization'].'" type="text"></td><td class="row2 whole">'.__('Days').'</td></tr>
  856. <tr><td class="row1"><textarea name="fm_login[script]" cols="35" rows="7" class="textarea_input" id="auth_script">'.$auth['script'].'</textarea></td><td class="row2 whole">'.__('Script').'</td></tr>
  857. <tr><td colspan="2" class="row3"><input type="submit" value="'.__('Save').'" ></td></tr>
  858. </form>
  859. </table>';
  860. echo fm_tpl_form('php'),fm_tpl_form('sql');
  861. } elseif (isset($proxy_form)) {
  862.     die($proxy_form);
  863. } elseif (isset($res_lng)) {   
  864. ?>
  865. <table class="whole">
  866. <tr>
  867.     <th><?=__('File manager').' - '.$path?></th>
  868. </tr>
  869. <tr>
  870.     <td class="row2"><table><tr><td><h2><?=strtoupper($res_lng)?> <?=__('Console')?><?php
  871.     if($res_lng=='sql') echo ' - Database: '.$fm_config['sql_db'].'</h2></td><td>'.fm_run_input('php');
  872.     else echo '</h2></td><td>'.fm_run_input('sql');
  873.     ?></td></tr></table></td>
  874. </tr>
  875. <tr>
  876.     <td class="row1">
  877.         <a href="<?=$url_inc.'&path=' . $path;?>"><?=__('Back')?></a>
  878.         <form action="" method="POST" name="console">
  879.         <textarea name="<?=$res_lng?>" cols="80" rows="10" style="width: 90%"><?=$res?></textarea><br/>
  880.         <input type="reset" value="<?=__('Reset')?>">
  881.         <input type="submit" value="<?=__('Submit')?>" name="<?=$res_lng?>run">
  882. <?php
  883. $str_tmpl = $res_lng.'_templates';
  884. $tmpl = !empty($$str_tmpl) ? json_decode($$str_tmpl,true) : '';
  885. if (!empty($tmpl)){
  886.     $active = isset($_POST[$res_lng.'_tpl']) ? $_POST[$res_lng.'_tpl'] : '';
  887.     $select = '<select name="'.$res_lng.'_tpl" title="'.__('Template').'" onchange="if (this.value!=-1) document.forms[\'console\'].elements[\''.$res_lng.'\'].value = this.options[selectedIndex].value; else document.forms[\'console\'].elements[\''.$res_lng.'\'].value =\'\';" >'."\n";
  888.     $select .= '<option value="-1">' . __('Select') . "</option>\n";
  889.     foreach ($tmpl as $key=>$value){
  890.         $select.='<option value="'.$value.'" '.((!empty($value)&&($value==$active))?'selected':'').' >'.__($key)."</option>\n";
  891.     }
  892.     $select .= "</select>\n";
  893.     echo $select;
  894. }
  895. ?>
  896.         </form>
  897.     </td>
  898. </tr>
  899. </table>
  900. <?php
  901.     if (!empty($res)) {
  902.         $fun='fm_'.$res_lng;
  903.         echo '<h3>'.strtoupper($res_lng).' '.__('Result').'</h3><pre>'.$fun($res).'</pre>';
  904.     }
  905. } elseif (!empty($_REQUEST['edit'])){
  906.     if(!empty($_REQUEST['save'])) {
  907.         $fn = $path . $_REQUEST['edit'];
  908.         $filemtime = filemtime($fn);
  909.         if (file_put_contents($fn, $_REQUEST['newcontent'])) $msg .= __('File updated');
  910.         else $msg .= __('Error occurred');
  911.         if ($_GET['edit']==basename(__FILE__)) {
  912.             touch(__FILE__,1415116371);
  913.         } else {
  914.             if (!empty($fm_config['restore_time'])) touch($fn,$filemtime);
  915.         }
  916.     }
  917.     $oldcontent = @file_get_contents($path . $_REQUEST['edit']);
  918.     $editlink = $url_inc . '&edit=' . $_REQUEST['edit'] . '&path=' . $path;
  919.     $backlink = $url_inc . '&path=' . $path;
  920. ?>
  921. <table border='0' cellspacing='0' cellpadding='1' width="100%">
  922. <tr>
  923.     <th><?=__('File manager').' - '.__('Edit').' - '.$path.$_REQUEST['edit']?></th>
  924. </tr>
  925. <tr>
  926.     <td class="row1">
  927.         <?=$msg?>
  928.     </td>
  929. </tr>
  930. <tr>
  931.     <td class="row1">
  932.         <?=fm_home()?> <a href="<?=$backlink?>"><?=__('Back')?></a>
  933.     </td>
  934. </tr>
  935. <tr>
  936.     <td class="row1" align="center">
  937.         <form name="form1" method="post" action="<?=$editlink?>">
  938.             <textarea name="newcontent" id="newcontent" cols="45" rows="15" style="width:99%" spellcheck="false"><?=htmlspecialchars($oldcontent)?></textarea>
  939.             <input type="submit" name="save" value="<?=__('Submit')?>">
  940.             <input type="submit" name="cancel" value="<?=__('Cancel')?>">
  941.         </form>
  942.     </td>
  943. </tr>
  944. </table>
  945. <?php
  946. echo $auth['script'];
  947. } elseif(!empty($_REQUEST['rights'])){
  948.     if(!empty($_REQUEST['save'])) {
  949.         if(fm_chmod($path . $_REQUEST['rights'], fm_convert_rights($_REQUEST['rights_val']), @$_REQUEST['recursively']))
  950.         $msg .= (__('File updated'));
  951.         else $msg .= (__('Error occurred'));
  952.     }
  953.     clearstatcache();
  954.     $oldrights = fm_rights_string($path . $_REQUEST['rights'], true);
  955.     $link = $url_inc . '&rights=' . $_REQUEST['rights'] . '&path=' . $path;
  956.     $backlink = $url_inc . '&path=' . $path;
  957. ?>
  958. <table class="whole">
  959. <tr>
  960.     <th><?=__('File manager').' - '.$path?></th>
  961. </tr>
  962. <tr>
  963.     <td class="row1">
  964.         <?=$msg?>
  965.     </td>
  966. </tr>
  967. <tr>
  968.     <td class="row1">
  969.         <a href="<?=$backlink?>"><?=__('Back')?></a>
  970.     </td>
  971. </tr>
  972. <tr>
  973.     <td class="row1" align="center">
  974.         <form name="form1" method="post" action="<?=$link?>">
  975.            <?=__('Rights').' - '.$_REQUEST['rights']?> <input type="text" name="rights_val" value="<?=$oldrights?>">
  976.         <?php if (is_dir($path.$_REQUEST['rights'])) { ?>
  977.             <input type="checkbox" name="recursively" value="1"> <?=__('Recursively')?><br/>
  978.         <?php } ?>
  979.             <input type="submit" name="save" value="<?=__('Submit')?>">
  980.         </form>
  981.     </td>
  982. </tr>
  983. </table>
  984. <?php
  985. } elseif (!empty($_REQUEST['rename'])&&$_REQUEST['rename']<>'.') {
  986.     if(!empty($_REQUEST['save'])) {
  987.         rename($path . $_REQUEST['rename'], $path . $_REQUEST['newname']);
  988.         $msg .= (__('File updated'));
  989.         $_REQUEST['rename'] = $_REQUEST['newname'];
  990.     }
  991.     clearstatcache();
  992.     $link = $url_inc . '&rename=' . $_REQUEST['rename'] . '&path=' . $path;
  993.     $backlink = $url_inc . '&path=' . $path;
  994.  
  995. ?>
  996. <table class="whole">
  997. <tr>
  998.     <th><?=__('File manager').' - '.$path?></th>
  999. </tr>
  1000. <tr>
  1001.     <td class="row1">
  1002.         <?=$msg?>
  1003.     </td>
  1004. </tr>
  1005. <tr>
  1006.     <td class="row1">
  1007.         <a href="<?=$backlink?>"><?=__('Back')?></a>
  1008.     </td>
  1009. </tr>
  1010. <tr>
  1011.     <td class="row1" align="center">
  1012.         <form name="form1" method="post" action="<?=$link?>">
  1013.             <?=__('Rename')?>: <input type="text" name="newname" value="<?=$_REQUEST['rename']?>"><br/>
  1014.             <input type="submit" name="save" value="<?=__('Submit')?>">
  1015.         </form>
  1016.     </td>
  1017. </tr>
  1018. </table>
  1019. <?php
  1020. } else {
  1021. //Let's rock!
  1022.     $msg = '';
  1023.     if(!empty($_FILES['upload'])&&!empty($fm_config['upload_file'])) {
  1024.         if(!empty($_FILES['upload']['name'])){
  1025.             $_FILES['upload']['name'] = str_replace('%', '', $_FILES['upload']['name']);
  1026.             if(!move_uploaded_file($_FILES['upload']['tmp_name'], $path . $_FILES['upload']['name'])){
  1027.                 $msg .= __('Error occurred');
  1028.             } else {
  1029.                 $msg .= __('Files uploaded').': '.$_FILES['upload']['name'];
  1030.             }
  1031.         }
  1032.     } elseif(!empty($_REQUEST['delete'])&&$_REQUEST['delete']<>'.') {
  1033.         if(!fm_del_files(($path . $_REQUEST['delete']), true)) {
  1034.             $msg .= __('Error occurred');
  1035.         } else {
  1036.             $msg .= __('Deleted').' '.$_REQUEST['delete'];
  1037.         }
  1038.     } elseif(!empty($_REQUEST['mkdir'])&&!empty($fm_config['make_directory'])) {
  1039.         if(!@mkdir($path . $_REQUEST['dirname'],0777)) {
  1040.             $msg .= __('Error occurred');
  1041.         } else {
  1042.             $msg .= __('Created').' '.$_REQUEST['dirname'];
  1043.         }
  1044.     } elseif(!empty($_REQUEST['mkfile'])&&!empty($fm_config['new_file'])) {
  1045.         if(!$fp=@fopen($path . $_REQUEST['filename'],"w")) {
  1046.             $msg .= __('Error occurred');
  1047.         } else {
  1048.             fclose($fp);
  1049.             $msg .= __('Created').' '.$_REQUEST['filename'];
  1050.         }
  1051.     } elseif (isset($_GET['zip'])) {
  1052.         $source = base64_decode($_GET['zip']);
  1053.         $destination = basename($source).'.zip';
  1054.         set_time_limit(0);
  1055.         $phar = new PharData($destination);
  1056.         $phar->buildFromDirectory($source);
  1057.         if (is_file($destination))
  1058.         $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done').
  1059.         '.&nbsp;'.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination)
  1060.         .'&nbsp;<a href="'.$url_inc.'&delete='.$destination.'&path=' . $path.'" title="'.__('Delete').' '. $destination.'" >'.__('Delete') . '</a>';
  1061.         else $msg .= __('Error occurred').': '.__('no files');
  1062.     } elseif (isset($_GET['gz'])) {
  1063.         $source = base64_decode($_GET['gz']);
  1064.         $archive = $source.'.tar';
  1065.         $destination = basename($source).'.tar';
  1066.         if (is_file($archive)) unlink($archive);
  1067.         if (is_file($archive.'.gz')) unlink($archive.'.gz');
  1068.         clearstatcache();
  1069.         set_time_limit(0);
  1070.         //die();
  1071.         $phar = new PharData($destination);
  1072.         $phar->buildFromDirectory($source);
  1073.         $phar->compress(Phar::GZ,'.tar.gz');
  1074.         unset($phar);
  1075.         if (is_file($archive)) {
  1076.             if (is_file($archive.'.gz')) {
  1077.                 unlink($archive);
  1078.                 $destination .= '.gz';
  1079.             }
  1080.  
  1081.             $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done').
  1082.             '.&nbsp;'.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination)
  1083.             .'&nbsp;<a href="'.$url_inc.'&delete='.$destination.'&path=' . $path.'" title="'.__('Delete').' '.$destination.'" >'.__('Delete').'</a>';
  1084.         } else $msg .= __('Error occurred').': '.__('no files');
  1085.     } elseif (isset($_GET['decompress'])) {
  1086.         // $source = base64_decode($_GET['decompress']);
  1087.         // $destination = basename($source);
  1088.         // $ext = end(explode(".", $destination));
  1089.         // if ($ext=='zip' OR $ext=='gz') {
  1090.             // $phar = new PharData($source);
  1091.             // $phar->decompress();
  1092.             // $base_file = str_replace('.'.$ext,'',$destination);
  1093.             // $ext = end(explode(".", $base_file));
  1094.             // if ($ext=='tar'){
  1095.                 // $phar = new PharData($base_file);
  1096.                 // $phar->extractTo(dir($source));
  1097.             // }
  1098.         // }
  1099.         // $msg .= __('Task').' "'.__('Decompress').' '.$source.'" '.__('done');
  1100.     } elseif (isset($_GET['gzfile'])) {
  1101.         $source = base64_decode($_GET['gzfile']);
  1102.         $archive = $source.'.tar';
  1103.         $destination = basename($source).'.tar';
  1104.         if (is_file($archive)) unlink($archive);
  1105.         if (is_file($archive.'.gz')) unlink($archive.'.gz');
  1106.         set_time_limit(0);
  1107.         //echo $destination;
  1108.         $ext_arr = explode('.',basename($source));
  1109.         if (isset($ext_arr[1])) {
  1110.             unset($ext_arr[0]);
  1111.             $ext=implode('.',$ext_arr);
  1112.         }
  1113.         $phar = new PharData($destination);
  1114.         $phar->addFile($source);
  1115.         $phar->compress(Phar::GZ,$ext.'.tar.gz');
  1116.         unset($phar);
  1117.         if (is_file($archive)) {
  1118.             if (is_file($archive.'.gz')) {
  1119.                 unlink($archive);
  1120.                 $destination .= '.gz';
  1121.             }
  1122.             $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done').
  1123.             '.&nbsp;'.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination)
  1124.             .'&nbsp;<a href="'.$url_inc.'&delete='.$destination.'&path=' . $path.'" title="'.__('Delete').' '.$destination.'" >'.__('Delete').'</a>';
  1125.         } else $msg .= __('Error occurred').': '.__('no files');
  1126.     }
  1127. ?>
  1128. <table class="whole" id="header_table" >
  1129. <tr>
  1130.     <th colspan="2"><?=__('File manager')?><?=(!empty($path)?' - '.$path:'')?></th>
  1131. </tr>
  1132. <?php if(!empty($msg)){ ?>
  1133. <tr>
  1134.     <td colspan="2" class="row2"><?=$msg?></td>
  1135. </tr>
  1136. <?php } ?>
  1137. <tr>
  1138.     <td class="row2">
  1139.         <table>
  1140.             <tr>
  1141.             <td>
  1142.                 <?=fm_home()?>
  1143.             </td>
  1144.             <td>
  1145.             <?php if(!empty($fm_config['make_directory'])) { ?>
  1146.                 <form method="post" action="<?=$url_inc?>">
  1147.                 <input type="hidden" name="path" value="<?=$path?>" />
  1148.                 <input type="text" name="dirname" size="15">
  1149.                 <input type="submit" name="mkdir" value="<?=__('Make directory')?>">
  1150.                 </form>
  1151.             <?php } ?>
  1152.             </td>
  1153.             <td>
  1154.             <?php if(!empty($fm_config['new_file'])) { ?>
  1155.                 <form method="post" action="<?=$url_inc?>">
  1156.                 <input type="hidden" name="path" value="<?=$path?>" />
  1157.                 <input type="text" name="filename" size="15">
  1158.                 <input type="submit" name="mkfile" value="<?=__('New file')?>">
  1159.                 </form>
  1160.             <?php } ?>
  1161.             </td>
  1162.             <td>
  1163.             <?=fm_run_input('php')?>
  1164.             </td>
  1165.             <td>
  1166.             <?=fm_run_input('sql')?>
  1167.             </td>
  1168.             </tr>
  1169.         </table>
  1170.     </td>
  1171.     <td class="row3">
  1172.         <table>
  1173.         <tr>
  1174.         <td>
  1175.         <?php if (!empty($fm_config['upload_file'])) { ?>
  1176.             <form name="form1" method="post" action="<?=$url_inc?>" enctype="multipart/form-data">
  1177.             <input type="hidden" name="path" value="<?=$path?>" />
  1178.             <input type="file" name="upload" id="upload_hidden" style="position: absolute; display: block; overflow: hidden; width: 0; height: 0; border: 0; padding: 0;" onchange="document.getElementById('upload_visible').value = this.value;" />
  1179.             <input type="text" readonly="1" id="upload_visible" placeholder="<?=__('Select the file')?>" style="cursor: pointer;" onclick="document.getElementById('upload_hidden').click();" />
  1180.             <input type="submit" name="test" value="<?=__('Upload')?>" />
  1181.             </form>
  1182.         <?php } ?>
  1183.         </td>
  1184.         <td>
  1185.         <?php if ($auth['authorize']) { ?>
  1186.             <form action="" method="post">&nbsp;&nbsp;&nbsp;
  1187.             <input name="quit" type="hidden" value="1">
  1188.             <?=__('Hello')?>, <?=$auth['login']?>
  1189.             <input type="submit" value="<?=__('Quit')?>">
  1190.             </form>
  1191.         <?php } ?>
  1192.         </td>
  1193.         <td>
  1194.         <?=fm_lang_form($language)?>
  1195.         </td>
  1196.         <tr>
  1197.         </table>
  1198.     </td>
  1199. </tr>
  1200. </table>
  1201. <table class="all" border='0' cellspacing='1' cellpadding='1' id="fm_table" width="100%">
  1202. <thead>
  1203. <tr>
  1204.     <th style="white-space:nowrap"> <?=__('Filename')?> </th>
  1205.     <th style="white-space:nowrap"> <?=__('Size')?> </th>
  1206.     <th style="white-space:nowrap"> <?=__('Date')?> </th>
  1207.     <th style="white-space:nowrap"> <?=__('Rights')?> </th>
  1208.     <th colspan="4" style="white-space:nowrap"> <?=__('Manage')?> </th>
  1209. </tr>
  1210. </thead>
  1211. <tbody>
  1212. <?php
  1213. $elements = fm_scan_dir($path, '', 'all', true);
  1214. $dirs = array();
  1215. $files = array();
  1216. foreach ($elements as $file){
  1217.     if(@is_dir($path . $file)){
  1218.         $dirs[] = $file;
  1219.     } else {
  1220.         $files[] = $file;
  1221.     }
  1222. }
  1223. natsort($dirs); natsort($files);
  1224. $elements = array_merge($dirs, $files);
  1225.  
  1226. foreach ($elements as $file){
  1227.     $filename = $path . $file;
  1228.     $filedata = @stat($filename);
  1229.     if(@is_dir($filename)){
  1230.         $filedata[7] = '';
  1231.         if (!empty($fm_config['show_dir_size'])&&!fm_root($file)) $filedata[7] = fm_dir_size($filename);
  1232.         $link = '<a href="'.$url_inc.'&path='.$path.$file.'" title="'.__('Show').' '.$file.'"><span class="folder">&nbsp;&nbsp;&nbsp;&nbsp;</span> '.$file.'</a>';
  1233.         $loadlink= (fm_root($file)||$phar_maybe) ? '' : fm_link('zip',$filename,__('Compress').'&nbsp;zip',__('Archiving').' '. $file);
  1234.         $arlink  = (fm_root($file)||$phar_maybe) ? '' : fm_link('gz',$filename,__('Compress').'&nbsp;.tar.gz',__('Archiving').' '.$file);
  1235.         $style = 'row2';
  1236.          if (!fm_root($file)) $alert = 'onClick="if(confirm(\'' . __('Are you sure you want to delete this directory (recursively)?').'\n /'. $file. '\')) document.location.href = \'' . $url_inc . '&delete=' . $file . '&path=' . $path  . '\'"'; else $alert = '';
  1237.     } else {
  1238.         $link =
  1239.             $fm_config['show_img']&&@getimagesize($filename)
  1240.             ? '<a target="_blank" onclick="var lefto = screen.availWidth/2-320;window.open(\''
  1241.             . fm_img_link($filename)
  1242.             .'\',\'popup\',\'width=640,height=480,left=\' + lefto + \',scrollbars=yes,toolbar=no,location=no,directories=no,status=no\');return false;" href="'.fm_img_link($filename).'"><span class="img">&nbsp;&nbsp;&nbsp;&nbsp;</span> '.$file.'</a>'
  1243.             : '<a href="' . $url_inc . '&edit=' . $file . '&path=' . $path. '" title="' . __('Edit') . '"><span class="file">&nbsp;&nbsp;&nbsp;&nbsp;</span> '.$file.'</a>';
  1244.         $e_arr = explode(".", $file);
  1245.         $ext = end($e_arr);
  1246.         $loadlink =  fm_link('download',$filename,__('Download'),__('Download').' '. $file);
  1247.         $arlink = in_array($ext,array('zip','gz','tar'))
  1248.         ? ''
  1249.         : ((fm_root($file)||$phar_maybe) ? '' : fm_link('gzfile',$filename,__('Compress').'&nbsp;.tar.gz',__('Archiving').' '. $file));
  1250.         $style = 'row1';
  1251.         $alert = 'onClick="if(confirm(\''. __('File selected').': \n'. $file. '. \n'.__('Are you sure you want to delete this file?') . '\')) document.location.href = \'' . $url_inc . '&delete=' . $file . '&path=' . $path  . '\'"';
  1252.     }
  1253.     $deletelink = fm_root($file) ? '' : '<a href="#" title="' . __('Delete') . ' '. $file . '" ' . $alert . '>' . __('Delete') . '</a>';
  1254.     $renamelink = fm_root($file) ? '' : '<a href="' . $url_inc . '&rename=' . $file . '&path=' . $path . '" title="' . __('Rename') .' '. $file . '">' . __('Rename') . '</a>';
  1255.     $rightstext = ($file=='.' || $file=='..') ? '' : '<a href="' . $url_inc . '&rights=' . $file . '&path=' . $path . '" title="' . __('Rights') .' '. $file . '">' . @fm_rights_string($filename) . '</a>';
  1256. ?>
  1257. <tr class="<?=$style?>">
  1258.     <td><?=$link?></td>
  1259.     <td><?=$filedata[7]?></td>
  1260.     <td style="white-space:nowrap"><?=gmdate("Y-m-d H:i:s",$filedata[9])?></td>
  1261.     <td><?=$rightstext?></td>
  1262.     <td><?=$deletelink?></td>
  1263.     <td><?=$renamelink?></td>
  1264.     <td><?=$loadlink?></td>
  1265.     <td><?=$arlink?></td>
  1266. </tr>
  1267. <?php
  1268.     }
  1269. }
  1270. ?>
  1271. </tbody>
  1272. </table>
  1273. <div class="row3"><?php
  1274.     $mtime = explode(' ', microtime());
  1275.     $totaltime = $mtime[0] + $mtime[1] - $starttime;
  1276.     echo fm_home().' | ver. '.$fm_version.' | <a href="https://github.com/Den1xxx/Filemanager">Github</a>  | <a href="'.fm_site_url().'">.</a>';
  1277.     if (!empty($fm_config['show_php_ver'])) echo ' | PHP '.phpversion();
  1278.     if (!empty($fm_config['show_php_ini'])) echo ' | '.php_ini_loaded_file();
  1279.     if (!empty($fm_config['show_gt'])) echo ' | '.__('Generation time').': '.round($totaltime,2);
  1280.     if (!empty($fm_config['enable_proxy'])) echo ' | <a href="?proxy=true">proxy</a>';
  1281.     if (!empty($fm_config['show_phpinfo'])) echo ' | <a href="?phpinfo=true">phpinfo</a>';
  1282.     if (!empty($fm_config['show_xls'])&&!empty($link)) echo ' | <a href="javascript: void(0)" onclick="var obj = new table2Excel(); obj.CreateExcelSheet(\'fm_table\',\'export\');" title="'.__('Download').' xls">xls</a>';
  1283.     if (!empty($fm_config['fm_settings'])) echo ' | <a href="?fm_settings=true">'.__('Settings').'</a>';
  1284.     ?>
  1285. </div>
  1286. <script type="text/javascript">
  1287. function download_xls(filename, text) {
  1288.     var element = document.createElement('a');
  1289.     element.setAttribute('href', 'data:application/vnd.ms-excel;base64,' + text);
  1290.     element.setAttribute('download', filename);
  1291.     element.style.display = 'none';
  1292.     document.body.appendChild(element);
  1293.     element.click();
  1294.     document.body.removeChild(element);
  1295. }
  1296.  
  1297. function base64_encode(m) {
  1298.     for (var k = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".split(""), c, d, h, e, a, g = "", b = 0, f, l = 0; l < m.length; ++l) {
  1299.         c = m.charCodeAt(l);
  1300.         if (128 > c) d = 1;
  1301.         else
  1302.             for (d = 2; c >= 2 << 5 * d;) ++d;
  1303.         for (h = 0; h < d; ++h) 1 == d ? e = c : (e = h ? 128 : 192, a = d - 2 - 6 * h, 0 <= a && (e += (6 <= a ? 1 : 0) + (5 <= a ? 2 : 0) + (4 <= a ? 4 : 0) + (3 <= a ? 8 : 0) + (2 <= a ? 16 : 0) + (1 <= a ? 32 : 0), a -= 5), 0 > a && (u = 6 * (d - 1 - h), e += c >> u, c -= c >> u << u)), f = b ? f << 6 - b : 0, b += 2, f += e >> b, g += k[f], f = e % (1 << b), 6 == b && (b = 0, g += k[f])
  1304.     }
  1305.     b && (g += k[f << 6 - b]);
  1306.     return g
  1307. }
  1308.  
  1309.  
  1310. var tableToExcelData = (function() {
  1311.     var uri = 'data:application/vnd.ms-excel;base64,',
  1312.     template = '<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40"><head><!--[if gte mso 9]><xml><x:ExcelWorkbook><x:ExcelWorksheets><x:ExcelWorksheet><x:Name>{worksheet}</x:Name><x:WorksheetOptions><x:DisplayGridlines></x:DisplayGridlines></x:WorksheetOptions></x:ExcelWorksheet></x:ExcelWorksheets></x:ExcelWorkbook></xml><![endif]--><meta http-equiv="content-type" content="text/plain; charset=UTF-8"/></head><body><table>{table}</table></body></html>',
  1313.     format = function(s, c) {
  1314.             return s.replace(/{(\w+)}/g, function(m, p) {
  1315.                 return c[p];
  1316.             })
  1317.         }
  1318.     return function(table, name) {
  1319.         if (!table.nodeType) table = document.getElementById(table)
  1320.         var ctx = {
  1321.             worksheet: name || 'Worksheet',
  1322.             table: table.innerHTML.replace(/<span(.*?)\/span> /g,"").replace(/<a\b[^>]*>(.*?)<\/a>/g,"$1")
  1323.         }
  1324.         t = new Date();
  1325.         filename = 'fm_' + t.toISOString() + '.xls'
  1326.         download_xls(filename, base64_encode(format(template, ctx)))
  1327.     }
  1328. })();
  1329.  
  1330. var table2Excel = function () {
  1331.  
  1332.     var ua = window.navigator.userAgent;
  1333.     var msie = ua.indexOf("MSIE ");
  1334.  
  1335.     this.CreateExcelSheet =
  1336.         function(el, name){
  1337.             if (msie > 0 || !!navigator.userAgent.match(/Trident.*rv\:11\./)) {// If Internet Explorer
  1338.  
  1339.                 var x = document.getElementById(el).rows;
  1340.  
  1341.                 var xls = new ActiveXObject("Excel.Application");
  1342.  
  1343.                 xls.visible = true;
  1344.                 xls.Workbooks.Add
  1345.                 for (i = 0; i < x.length; i++) {
  1346.                     var y = x[i].cells;
  1347.  
  1348.                     for (j = 0; j < y.length; j++) {
  1349.                         xls.Cells(i + 1, j + 1).Value = y[j].innerText;
  1350.                     }
  1351.                 }
  1352.                 xls.Visible = true;
  1353.                 xls.UserControl = true;
  1354.                 return xls;
  1355.             } else {
  1356.                 tableToExcelData(el, name);
  1357.             }
  1358.         }
  1359. }
  1360. </script>
  1361. </body>
  1362. </html>
  1363.  
  1364. <?php
  1365. //Ported from ReloadCMS project http://reloadcms.com
  1366. class archiveTar {
  1367.     var $archive_name = '';
  1368.     var $tmp_file = 0;
  1369.     var $file_pos = 0;
  1370.     var $isGzipped = true;
  1371.     var $errors = array();
  1372.     var $files = array();
  1373.    
  1374.     function __construct(){
  1375.         if (!isset($this->errors)) $this->errors = array();
  1376.     }
  1377.    
  1378.     function createArchive($file_list){
  1379.         $result = false;
  1380.         if (file_exists($this->archive_name) && is_file($this->archive_name))   $newArchive = false;
  1381.         else $newArchive = true;
  1382.         if ($newArchive){
  1383.             if (!$this->openWrite()) return false;
  1384.         } else {
  1385.             if (filesize($this->archive_name) == 0) return $this->openWrite();
  1386.             if ($this->isGzipped) {
  1387.                 $this->closeTmpFile();
  1388.                 if (!rename($this->archive_name, $this->archive_name.'.tmp')){
  1389.                     $this->errors[] = __('Cannot rename').' '.$this->archive_name.__(' to ').$this->archive_name.'.tmp';
  1390.                     return false;
  1391.                 }
  1392.                 $tmpArchive = gzopen($this->archive_name.'.tmp', 'rb');
  1393.                 if (!$tmpArchive){
  1394.                     $this->errors[] = $this->archive_name.'.tmp '.__('is not readable');
  1395.                     rename($this->archive_name.'.tmp', $this->archive_name);
  1396.                     return false;
  1397.                 }
  1398.                 if (!$this->openWrite()){
  1399.                     rename($this->archive_name.'.tmp', $this->archive_name);
  1400.                     return false;
  1401.                 }
  1402.                 $buffer = gzread($tmpArchive, 512);
  1403.                 if (!gzeof($tmpArchive)){
  1404.                     do {
  1405.                         $binaryData = pack('a512', $buffer);
  1406.                         $this->writeBlock($binaryData);
  1407.                         $buffer = gzread($tmpArchive, 512);
  1408.                     }
  1409.                     while (!gzeof($tmpArchive));
  1410.                 }
  1411.                 gzclose($tmpArchive);
  1412.                 unlink($this->archive_name.'.tmp');
  1413.             } else {
  1414.                 $this->tmp_file = fopen($this->archive_name, 'r+b');
  1415.                 if (!$this->tmp_file)   return false;
  1416.             }
  1417.         }
  1418.         if (isset($file_list) && is_array($file_list)) {
  1419.         if (count($file_list)>0)
  1420.             $result = $this->packFileArray($file_list);
  1421.         } else $this->errors[] = __('No file').__(' to ').__('Archive');
  1422.         if (($result)&&(is_resource($this->tmp_file))){
  1423.             $binaryData = pack('a512', '');
  1424.             $this->writeBlock($binaryData);
  1425.         }
  1426.         $this->closeTmpFile();
  1427.         if ($newArchive && !$result){
  1428.         $this->closeTmpFile();
  1429.         unlink($this->archive_name);
  1430.         }
  1431.         return $result;
  1432.     }
  1433.  
  1434.     function restoreArchive($path){
  1435.         $fileName = $this->archive_name;
  1436.         if (!$this->isGzipped){
  1437.             if (file_exists($fileName)){
  1438.                 if ($fp = fopen($fileName, 'rb')){
  1439.                     $data = fread($fp, 2);
  1440.                     fclose($fp);
  1441.                     if ($data == '\37\213'){
  1442.                         $this->isGzipped = true;
  1443.                     }
  1444.                 }
  1445.             }
  1446.             elseif ((substr($fileName, -2) == 'gz') OR (substr($fileName, -3) == 'tgz')) $this->isGzipped = true;
  1447.         }
  1448.         $result = true;
  1449.         if ($this->isGzipped) $this->tmp_file = gzopen($fileName, 'rb');
  1450.         else $this->tmp_file = fopen($fileName, 'rb');
  1451.         if (!$this->tmp_file){
  1452.             $this->errors[] = $fileName.' '.__('is not readable');
  1453.             return false;
  1454.         }
  1455.         $result = $this->unpackFileArray($path);
  1456.             $this->closeTmpFile();
  1457.         return $result;
  1458.     }
  1459.  
  1460.     function showErrors ($message = '') {
  1461.         $Errors = $this->errors;
  1462.         if(count($Errors)>0) {
  1463.         if (!empty($message)) $message = ' ('.$message.')';
  1464.             $message = __('Error occurred').$message.': <br/>';
  1465.             foreach ($Errors as $value)
  1466.                 $message .= $value.'<br/>';
  1467.             return $message;   
  1468.         } else return '';
  1469.        
  1470.     }
  1471.    
  1472.     function packFileArray($file_array){
  1473.         $result = true;
  1474.         if (!$this->tmp_file){
  1475.             $this->errors[] = __('Invalid file descriptor');
  1476.             return false;
  1477.         }
  1478.         if (!is_array($file_array) || count($file_array)<=0)
  1479.           return true;
  1480.         for ($i = 0; $i<count($file_array); $i++){
  1481.             $filename = $file_array[$i];
  1482.             if ($filename == $this->archive_name)
  1483.                 continue;
  1484.             if (strlen($filename)<=0)
  1485.                 continue;
  1486.             if (!file_exists($filename)){
  1487.                 $this->errors[] = __('No file').' '.$filename;
  1488.                 continue;
  1489.             }
  1490.             if (!$this->tmp_file){
  1491.             $this->errors[] = __('Invalid file descriptor');
  1492.             return false;
  1493.             }
  1494.         if (strlen($filename)<=0){
  1495.             $this->errors[] = __('Filename').' '.__('is incorrect');;
  1496.             return false;
  1497.         }
  1498.         $filename = str_replace('\\', '/', $filename);
  1499.         $keep_filename = $this->makeGoodPath($filename);
  1500.         if (is_file($filename)){
  1501.             if (($file = fopen($filename, 'rb')) == 0){
  1502.                 $this->errors[] = __('Mode ').__('is incorrect');
  1503.             }
  1504.                 if(($this->file_pos == 0)){
  1505.                     if(!$this->writeHeader($filename, $keep_filename))
  1506.                         return false;
  1507.                 }
  1508.                 while (($buffer = fread($file, 512)) != ''){
  1509.                     $binaryData = pack('a512', $buffer);
  1510.                     $this->writeBlock($binaryData);
  1511.                 }
  1512.             fclose($file);
  1513.         }   else $this->writeHeader($filename, $keep_filename);
  1514.             if (@is_dir($filename)){
  1515.                 if (!($handle = opendir($filename))){
  1516.                     $this->errors[] = __('Error').': '.__('Directory ').$filename.__('is not readable');
  1517.                     continue;
  1518.                 }
  1519.                 while (false !== ($dir = readdir($handle))){
  1520.                     if ($dir!='.' && $dir!='..'){
  1521.                         $file_array_tmp = array();
  1522.                         if ($filename != '.')
  1523.                             $file_array_tmp[] = $filename.'/'.$dir;
  1524.                         else
  1525.                             $file_array_tmp[] = $dir;
  1526.  
  1527.                         $result = $this->packFileArray($file_array_tmp);
  1528.                     }
  1529.                 }
  1530.                 unset($file_array_tmp);
  1531.                 unset($dir);
  1532.                 unset($handle);
  1533.             }
  1534.         }
  1535.         return $result;
  1536.     }
  1537.  
  1538.     function unpackFileArray($path){
  1539.         $path = str_replace('\\', '/', $path);
  1540.         if ($path == '' || (substr($path, 0, 1) != '/' && substr($path, 0, 3) != '../' && !strpos($path, ':'))) $path = './'.$path;
  1541.         clearstatcache();
  1542.         while (strlen($binaryData = $this->readBlock()) != 0){
  1543.             if (!$this->readHeader($binaryData, $header)) return false;
  1544.             if ($header['filename'] == '') continue;
  1545.             if ($header['typeflag'] == 'L'){            //reading long header
  1546.                 $filename = '';
  1547.                 $decr = floor($header['size']/512);
  1548.                 for ($i = 0; $i < $decr; $i++){
  1549.                     $content = $this->readBlock();
  1550.                     $filename .= $content;
  1551.                 }
  1552.                 if (($laspiece = $header['size'] % 512) != 0){
  1553.                     $content = $this->readBlock();
  1554.                     $filename .= substr($content, 0, $laspiece);
  1555.                 }
  1556.                 $binaryData = $this->readBlock();
  1557.                 if (!$this->readHeader($binaryData, $header)) return false;
  1558.                 else $header['filename'] = $filename;
  1559.                 return true;
  1560.             }
  1561.             if (($path != './') && ($path != '/')){
  1562.                 while (substr($path, -1) == '/') $path = substr($path, 0, strlen($path)-1);
  1563.                 if (substr($header['filename'], 0, 1) == '/') $header['filename'] = $path.$header['filename'];
  1564.                 else $header['filename'] = $path.'/'.$header['filename'];
  1565.             }
  1566.            
  1567.             if (file_exists($header['filename'])){
  1568.                 if ((@is_dir($header['filename'])) && ($header['typeflag'] == '')){
  1569.                     $this->errors[] =__('File ').$header['filename'].__(' already exists').__(' as folder');
  1570.                     return false;
  1571.                 }
  1572.                 if ((is_file($header['filename'])) && ($header['typeflag'] == '5')){
  1573.                     $this->errors[] =__('Cannot create directory').'. '.__('File ').$header['filename'].__(' already exists');
  1574.                     return false;
  1575.                 }
  1576.                 if (!is_writeable($header['filename'])){
  1577.                     $this->errors[] = __('Cannot write to file').'. '.__('File ').$header['filename'].__(' already exists');
  1578.                     return false;
  1579.                 }
  1580.             } elseif (($this->dirCheck(($header['typeflag'] == '5' ? $header['filename'] : dirname($header['filename'])))) != 1){
  1581.                 $this->errors[] = __('Cannot create directory').' '.__(' for ').$header['filename'];
  1582.                 return false;
  1583.             }
  1584.  
  1585.             if ($header['typeflag'] == '5'){
  1586.                 if (!file_exists($header['filename']))      {
  1587.                     if (!mkdir($header['filename'], 0777))  {
  1588.                        
  1589.                         $this->errors[] = __('Cannot create directory').' '.$header['filename'];
  1590.                         return false;
  1591.                     }
  1592.                 }
  1593.             } else {
  1594.                 if (($destination = fopen($header['filename'], 'wb')) == 0) {
  1595.                     $this->errors[] = __('Cannot write to file').' '.$header['filename'];
  1596.                     return false;
  1597.                 } else {
  1598.                     $decr = floor($header['size']/512);
  1599.                     for ($i = 0; $i < $decr; $i++) {
  1600.                         $content = $this->readBlock();
  1601.                         fwrite($destination, $content, 512);
  1602.                     }
  1603.                     if (($header['size'] % 512) != 0) {
  1604.                         $content = $this->readBlock();
  1605.                         fwrite($destination, $content, ($header['size'] % 512));
  1606.                     }
  1607.                     fclose($destination);
  1608.                     touch($header['filename'], $header['time']);
  1609.                 }
  1610.                 clearstatcache();
  1611.                 if (filesize($header['filename']) != $header['size']) {
  1612.                     $this->errors[] = __('Size of file').' '.$header['filename'].' '.__('is incorrect');
  1613.                     return false;
  1614.                 }
  1615.             }
  1616.             if (($file_dir = dirname($header['filename'])) == $header['filename']) $file_dir = '';
  1617.             if ((substr($header['filename'], 0, 1) == '/') && ($file_dir == '')) $file_dir = '/';
  1618.             $this->dirs[] = $file_dir;
  1619.             $this->files[] = $header['filename'];
  1620.    
  1621.         }
  1622.         return true;
  1623.     }
  1624.  
  1625.     function dirCheck($dir){
  1626.         $parent_dir = dirname($dir);
  1627.  
  1628.         if ((@is_dir($dir)) or ($dir == ''))
  1629.             return true;
  1630.  
  1631.         if (($parent_dir != $dir) and ($parent_dir != '') and (!$this->dirCheck($parent_dir)))
  1632.             return false;
  1633.  
  1634.         if (!mkdir($dir, 0777)){
  1635.             $this->errors[] = __('Cannot create directory').' '.$dir;
  1636.             return false;
  1637.         }
  1638.         return true;
  1639.     }
  1640.  
  1641.     function readHeader($binaryData, &$header){
  1642.         if (strlen($binaryData)==0){
  1643.             $header['filename'] = '';
  1644.             return true;
  1645.         }
  1646.  
  1647.         if (strlen($binaryData) != 512){
  1648.             $header['filename'] = '';
  1649.             $this->__('Invalid block size').': '.strlen($binaryData);
  1650.             return false;
  1651.         }
  1652.  
  1653.         $checksum = 0;
  1654.         for ($i = 0; $i < 148; $i++) $checksum+=ord(substr($binaryData, $i, 1));
  1655.         for ($i = 148; $i < 156; $i++) $checksum += ord(' ');
  1656.         for ($i = 156; $i < 512; $i++) $checksum+=ord(substr($binaryData, $i, 1));
  1657.  
  1658.         $unpack_data = unpack('a100filename/a8mode/a8user_id/a8group_id/a12size/a12time/a8checksum/a1typeflag/a100link/a6magic/a2version/a32uname/a32gname/a8devmajor/a8devminor', $binaryData);
  1659.  
  1660.         $header['checksum'] = OctDec(trim($unpack_data['checksum']));
  1661.         if ($header['checksum'] != $checksum){
  1662.             $header['filename'] = '';
  1663.             if (($checksum == 256) && ($header['checksum'] == 0))   return true;
  1664.             $this->errors[] = __('Error checksum for file ').$unpack_data['filename'];
  1665.             return false;
  1666.         }
  1667.  
  1668.         if (($header['typeflag'] = $unpack_data['typeflag']) == '5')    $header['size'] = 0;
  1669.         $header['filename'] = trim($unpack_data['filename']);
  1670.         $header['mode'] = OctDec(trim($unpack_data['mode']));
  1671.         $header['user_id'] = OctDec(trim($unpack_data['user_id']));
  1672.         $header['group_id'] = OctDec(trim($unpack_data['group_id']));
  1673.         $header['size'] = OctDec(trim($unpack_data['size']));
  1674.         $header['time'] = OctDec(trim($unpack_data['time']));
  1675.         return true;
  1676.     }
  1677.  
  1678.     function writeHeader($filename, $keep_filename){
  1679.         $packF = 'a100a8a8a8a12A12';
  1680.         $packL = 'a1a100a6a2a32a32a8a8a155a12';
  1681.         if (strlen($keep_filename)<=0) $keep_filename = $filename;
  1682.         $filename_ready = $this->makeGoodPath($keep_filename);
  1683.  
  1684.         if (strlen($filename_ready) > 99){                          //write long header
  1685.         $dataFirst = pack($packF, '././LongLink', 0, 0, 0, sprintf('%11s ', DecOct(strlen($filename_ready))), 0);
  1686.         $dataLast = pack($packL, 'L', '', '', '', '', '', '', '', '', '');
  1687.  
  1688.         //  Calculate the checksum
  1689.         $checksum = 0;
  1690.         //  First part of the header
  1691.         for ($i = 0; $i < 148; $i++)
  1692.             $checksum += ord(substr($dataFirst, $i, 1));
  1693.         //  Ignore the checksum value and replace it by ' ' (space)
  1694.         for ($i = 148; $i < 156; $i++)
  1695.             $checksum += ord(' ');
  1696.         //  Last part of the header
  1697.         for ($i = 156, $j=0; $i < 512; $i++, $j++)
  1698.             $checksum += ord(substr($dataLast, $j, 1));
  1699.         //  Write the first 148 bytes of the header in the archive
  1700.         $this->writeBlock($dataFirst, 148);
  1701.         //  Write the calculated checksum
  1702.         $checksum = sprintf('%6s ', DecOct($checksum));
  1703.         $binaryData = pack('a8', $checksum);
  1704.         $this->writeBlock($binaryData, 8);
  1705.         //  Write the last 356 bytes of the header in the archive
  1706.         $this->writeBlock($dataLast, 356);
  1707.  
  1708.         $tmp_filename = $this->makeGoodPath($filename_ready);
  1709.  
  1710.         $i = 0;
  1711.             while (($buffer = substr($tmp_filename, (($i++)*512), 512)) != ''){
  1712.                 $binaryData = pack('a512', $buffer);
  1713.                 $this->writeBlock($binaryData);
  1714.             }
  1715.         return true;
  1716.         }
  1717.         $file_info = stat($filename);
  1718.         if (@is_dir($filename)){
  1719.             $typeflag = '5';
  1720.             $size = sprintf('%11s ', DecOct(0));
  1721.         } else {
  1722.             $typeflag = '';
  1723.             clearstatcache();
  1724.             $size = sprintf('%11s ', DecOct(filesize($filename)));
  1725.         }
  1726.         $dataFirst = pack($packF, $filename_ready, sprintf('%6s ', DecOct(fileperms($filename))), sprintf('%6s ', DecOct($file_info[4])), sprintf('%6s ', DecOct($file_info[5])), $size, sprintf('%11s', DecOct(filemtime($filename))));
  1727.         $dataLast = pack($packL, $typeflag, '', '', '', '', '', '', '', '', '');
  1728.         $checksum = 0;
  1729.         for ($i = 0; $i < 148; $i++) $checksum += ord(substr($dataFirst, $i, 1));
  1730.         for ($i = 148; $i < 156; $i++) $checksum += ord(' ');
  1731.         for ($i = 156, $j = 0; $i < 512; $i++, $j++) $checksum += ord(substr($dataLast, $j, 1));
  1732.         $this->writeBlock($dataFirst, 148);
  1733.         $checksum = sprintf('%6s ', DecOct($checksum));
  1734.         $binaryData = pack('a8', $checksum);
  1735.         $this->writeBlock($binaryData, 8);
  1736.         $this->writeBlock($dataLast, 356);
  1737.         return true;
  1738.     }
  1739.  
  1740.     function openWrite(){
  1741.         if ($this->isGzipped)
  1742.             $this->tmp_file = gzopen($this->archive_name, 'wb9f');
  1743.         else
  1744.             $this->tmp_file = fopen($this->archive_name, 'wb');
  1745.  
  1746.         if (!($this->tmp_file)){
  1747.             $this->errors[] = __('Cannot write to file').' '.$this->archive_name;
  1748.             return false;
  1749.         }
  1750.         return true;
  1751.     }
  1752.  
  1753.     function readBlock(){
  1754.         if (is_resource($this->tmp_file)){
  1755.             if ($this->isGzipped)
  1756.                 $block = gzread($this->tmp_file, 512);
  1757.             else
  1758.                 $block = fread($this->tmp_file, 512);
  1759.         } else  $block = '';
  1760.  
  1761.         return $block;
  1762.     }
  1763.  
  1764.     function writeBlock($data, $length = 0){
  1765.         if (is_resource($this->tmp_file)){
  1766.        
  1767.             if ($length === 0){
  1768.                 if ($this->isGzipped)
  1769.                     gzputs($this->tmp_file, $data);
  1770.                 else
  1771.                     fputs($this->tmp_file, $data);
  1772.             } else {
  1773.                 if ($this->isGzipped)
  1774.                     gzputs($this->tmp_file, $data, $length);
  1775.                 else
  1776.                     fputs($this->tmp_file, $data, $length);
  1777.             }
  1778.         }
  1779.     }
  1780.  
  1781.     function closeTmpFile(){
  1782.         if (is_resource($this->tmp_file)){
  1783.             if ($this->isGzipped)
  1784.                 gzclose($this->tmp_file);
  1785.             else
  1786.                 fclose($this->tmp_file);
  1787.  
  1788.             $this->tmp_file = 0;
  1789.         }
  1790.     }
  1791.  
  1792.     function makeGoodPath($path){
  1793.         if (strlen($path)>0){
  1794.             $path = str_replace('\\', '/', $path);
  1795.             $partPath = explode('/', $path);
  1796.             $els = count($partPath)-1;
  1797.             for ($i = $els; $i>=0; $i--){
  1798.                 if ($partPath[$i] == '.'){
  1799.                     //  Ignore this directory
  1800.                 } elseif ($partPath[$i] == '..'){
  1801.                     $i--;
  1802.                 }
  1803.                 elseif (($partPath[$i] == '') and ($i!=$els) and ($i!=0)){
  1804.                 }   else
  1805.                     $result = $partPath[$i].($i!=$els ? '/'.$result : '');
  1806.             }
  1807.         } else $result = '';
  1808.        
  1809.         return $result;
  1810.     }
  1811. }
  1812. ?>
  1813.     ◦
  1814.  
Add Comment
Please, Sign In to add comment