· 6 years ago · Nov 26, 2019, 08:30 PM
1<?php
2//Default Configuration
3$CONFIG = '{"lang":"en","error_reporting":false,"show_hidden":false,"hide_Cols":false,"calc_folder":false}';
4
5/**
6 * H3K | Tiny File Manager V2.3.8
7 * CCP Programmers | ccpprogrammers@gmail.com
8 * https://tinyfilemanager.github.io
9 */
10
11//TFM version
12define('VERSION', '2.3.8');
13
14//Application Title
15define('APP_TITLE', 'Tiny File Manager');
16
17// Auth with login/password (set true/false to enable/disable it)
18// Is independent from IP white- and blacklisting
19$use_auth = true;
20
21// Users: array('Username' => 'Password', 'Username2' => 'Password2', ...)
22// Generate secure password hash - https://tinyfilemanager.github.io/docs/pwd.html
23$auth_users = array(
24 'admin' => '$2y$10$/K.hjNr84lLNDt8fTXjoI.DBp6PpeyoJ.mGwrrLuCZfAwfSAGqhOW', //admin@123
25 'user' => '$2y$10$Fg6Dz8oH9fPoZ2jJan5tZuv6Z4Kp7avtQ9bDfrdRntXtPeiMAZyGO' //12345
26);
27
28// Readonly users (username array)
29$readonly_users = array(
30 'user'
31);
32
33// Possible rules are 'OFF', 'AND' or 'OR'
34// OFF => Don't check connection IP, defaults to OFF
35// AND => Connection must be on the whitelist, and not on the blacklist
36// OR => Connection must be on the whitelist, or not on the blacklist
37$ip_ruleset = 'OFF';
38
39// Should users be notified of their block?
40$ip_silent = true;
41
42// IP-addresses, both ipv4 and ipv6
43$ip_whitelist = array(
44 '127.0.0.1', // local ipv4
45 '::1' // local ipv6
46);
47
48// IP-addresses, both ipv4 and ipv6
49$ip_blacklist = array(
50 '0.0.0.0', // non-routable meta ipv4
51 '::' // non-routable meta ipv6
52);
53
54// user specific directories
55// array('Username' => 'Directory path', 'Username2' => 'Directory path', ...)
56$directories_users = array();
57
58// Enable highlight.js (https://highlightjs.org/) on view's page
59$use_highlightjs = true;
60
61// highlight.js style
62$highlightjs_style = 'vs';
63
64// Enable ace.js (https://ace.c9.io/) on view's page
65$edit_files = true;
66
67// Default timezone for date() and time() - http://php.net/manual/en/timezones.php
68$default_timezone = 'Etc/UTC'; // UTC
69
70// Root path for file manager
71// use absolute path of directory i.e: '/var/www/folder' or $_SERVER['DOCUMENT_ROOT'].'/folder'
72$root_path = $_SERVER['DOCUMENT_ROOT'];
73
74// Root url for links in file manager.Relative to $http_host. Variants: '', 'path/to/subfolder'
75// Will not working if $root_path will be outside of server document root
76$root_url = '';
77
78// Server hostname. Can set manually if wrong
79$http_host = $_SERVER['HTTP_HOST'];
80
81// input encoding for iconv
82$iconv_input_encoding = 'UTF-8';
83
84// date() format for file modification date
85$datetime_format = 'd.m.y H:i';
86
87// allowed file extensions for upload and rename
88// e.g. 'gif,png,jpg'
89$allowed_extensions = '';
90
91// Favicon path. This can be either a full url to an .PNG image, or a path based on the document root.
92// full path, e.g http://example.com/favicon.png
93// local path, e.g images/icons/favicon.png
94$favicon_path = '?img=favicon';
95
96// Array of files and folders excluded from listing
97// e.r array('myfile.html', 'personal-folder')
98$GLOBALS['exclude_items'] = array();
99
100// Online office Docs Viewer
101// Availabe rules are 'google', 'microsoft' or false
102// google => View documents using Google Docs Viewer
103// microsoft => View documents using Microsoft Web Apps Viewer
104// false => disable online dov viewer
105$GLOBALS['online_viewer'] = 'google';
106
107// Sticky Nav bar
108// true => enable sticky header
109// false => disable sticky header
110$sticky_navbar = true;
111
112// max upload file size
113define('MAX_UPLOAD_SIZE', '2048');
114
115//--- EDIT BELOW CAREFULLY OR DO NOT EDIT AT ALL
116
117// private key and session name to store to the session
118if ( !defined( 'FM_SESSION_ID')) {
119 define('FM_SESSION_ID', 'filemanager');
120}
121
122// Configuration
123$cfg = new FM_Config();
124
125// Default language
126$lang = isset($cfg->data['lang']) ? $cfg->data['lang'] : 'en';
127
128// Show or hide files and folders that starts with a dot
129$show_hidden_files = isset($cfg->data['show_hidden']) ? $cfg->data['show_hidden'] : true;
130
131// PHP error reporting - false = Turns off Errors, true = Turns on Errors
132$report_errors = isset($cfg->data['error_reporting']) ? $cfg->data['error_reporting'] : true;
133
134// Hide Permissions and Owner cols in file-listing
135$hide_Cols = isset($cfg->data['hide_Cols']) ? $cfg->data['hide_Cols'] : true;
136
137// Show Dirsize: true or speedup output: false
138$calc_folder = isset($cfg->data['calc_folder']) ? $cfg->data['calc_folder'] : true;
139
140//available languages
141$lang_list = array(
142 'en' => 'English'
143);
144
145if ($report_errors == true) {
146 @ini_set('error_reporting', E_ALL);
147 @ini_set('display_errors', 1);
148} else {
149 @ini_set('error_reporting', E_ALL);
150 @ini_set('display_errors', 0);
151}
152
153// if fm included
154if (defined('FM_EMBED')) {
155 $use_auth = false;
156 $sticky_navbar = false;
157} else {
158 @set_time_limit(600);
159
160 date_default_timezone_set($default_timezone);
161
162 ini_set('default_charset', 'UTF-8');
163 if (version_compare(PHP_VERSION, '5.6.0', '<') && function_exists('mb_internal_encoding')) {
164 mb_internal_encoding('UTF-8');
165 }
166 if (function_exists('mb_regex_encoding')) {
167 mb_regex_encoding('UTF-8');
168 }
169
170 session_cache_limiter('');
171 session_name(FM_SESSION_ID );
172 @session_start();
173}
174
175if (empty($auth_users)) {
176 $use_auth = false;
177}
178
179$is_https = isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1)
180 || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
181
182// update $root_url based on user specific directories
183if (isset($_SESSION[FM_SESSION_ID]['logged']) && !empty($directories_users[$_SESSION[FM_SESSION_ID]['logged']])) {
184 $wd = fm_clean_path(dirname($_SERVER['PHP_SELF']));
185 $root_url = $root_url.$wd.DIRECTORY_SEPARATOR.$directories_users[$_SESSION[FM_SESSION_ID]['logged']];
186}
187// clean $root_url
188$root_url = fm_clean_path($root_url);
189
190// abs path for site
191defined('FM_ROOT_URL') || define('FM_ROOT_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . (!empty($root_url) ? '/' . $root_url : ''));
192defined('FM_SELF_URL') || define('FM_SELF_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . $_SERVER['PHP_SELF']);
193
194// logout
195if (isset($_GET['logout'])) {
196 unset($_SESSION[FM_SESSION_ID]['logged']);
197 fm_redirect(FM_SELF_URL);
198}
199
200// Show image here
201if (isset($_GET['img'])) {
202 fm_show_image($_GET['img']);
203}
204
205// Validate connection IP
206if($ip_ruleset != 'OFF'){
207 $clientIp = $_SERVER['REMOTE_ADDR'];
208
209 $proceed = false;
210
211 $whitelisted = in_array($clientIp, $ip_whitelist);
212 $blacklisted = in_array($clientIp, $ip_blacklist);
213
214 if($ip_ruleset == 'AND'){
215 if($whitelisted == true && $blacklisted == false){
216 $proceed = true;
217 }
218 } else
219 if($ip_ruleset == 'OR'){
220 if($whitelisted == true || $blacklisted == false){
221 $proceed = true;
222 }
223 }
224
225 if($proceed == false){
226 trigger_error('User connection denied from: ' . $clientIp, E_USER_WARNING);
227
228 if($ip_silent == false){
229 fm_set_msg('Access denied. IP restriction applicable', 'error');
230 fm_show_header_login();
231 fm_show_message();
232 }
233
234 exit();
235 }
236}
237
238// Auth
239if ($use_auth) {
240 if (isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']])) {
241 // Logged
242 } elseif (isset($_POST['fm_usr'], $_POST['fm_pwd'])) {
243 // Logging In
244 sleep(1);
245 if(function_exists('password_verify')) {
246 if (isset($auth_users[$_POST['fm_usr']]) && isset($_POST['fm_pwd']) && password_verify($_POST['fm_pwd'], $auth_users[$_POST['fm_usr']])) {
247 $_SESSION[FM_SESSION_ID]['logged'] = $_POST['fm_usr'];
248 fm_set_msg('You are logged in');
249 fm_redirect(FM_SELF_URL . '?p=');
250 } else {
251 unset($_SESSION[FM_SESSION_ID]['logged']);
252 fm_set_msg('Login failed. Invalid username or password', 'error');
253 fm_redirect(FM_SELF_URL);
254 }
255 } else {
256 fm_set_msg('password_hash not supported, Upgrade PHP version', 'error');;
257 }
258 } else {
259 // Form
260 unset($_SESSION[FM_SESSION_ID]['logged']);
261 fm_show_header_login();
262 fm_show_message();
263 ?>
264 <section class="h-100">
265 <div class="container h-100">
266 <div class="row justify-content-md-center h-100">
267 <div class="card-wrapper">
268 <div class="brand">
269 <svg version="1.0" xmlns="http://www.w3.org/2000/svg" M1008 width="100%" height="121px" viewBox="0 0 238.000000 140.000000" aria-label="H3K Tiny File Manager">
270 <g transform="translate(0.000000,140.000000) scale(0.100000,-0.100000)" fill="#000000" stroke="none">
271 <path d="M160 700 l0 -600 110 0 110 0 0 260 0 260 70 0 70 0 0 -260 0 -260 110 0 110 0 0 600 0 600 -110 0 -110 0 0 -260 0 -260 -70 0 -70 0 0 260 0 260 -110 0 -110 0 0 -600z"/>
272 <path fill="#003500" d="M1008 1227 l-108 -72 0 -117 0 -118 110 0 110 0 0 110 0 110 70 0 70 0 0 -180 0 -180 -125 0 c-69 0 -125 -3 -125 -6 0 -3 23 -39 52 -80 l52 -74 73 0 73 0 0 -185 0 -185 -70 0 -70 0 0 115 0 115 -110 0 -110 0 0 -190 0 -190 181 0 181 0 109 73 108 72 1 181 0 181 -69 48 -68 49 68 50 69 49 0 249 0 248 -182 -1 -183 0 -107 -72z"/>
273 <path d="M1640 700 l0 -600 110 0 110 0 0 208 0 208 35 34 35 34 35 -34 35 -34 0 -208 0 -208 110 0 110 0 0 212 0 213 -87 87 -88 88 88 88 87 87 0 213 0 212 -110 0 -110 0 0 -208 0 -208 -70 -69 -70 -69 0 277 0 277 -110 0 -110 0 0 -600z"/></g>
274 </svg>
275 </div>
276 <div class="text-center">
277 <h1 class="card-title"><?php echo APP_TITLE; ?></h1>
278 </div>
279 <div class="card fat">
280 <div class="card-body">
281 <form class="form-signin" action="" method="post" autocomplete="off">
282 <div class="form-group">
283 <label for="fm_usr"><?php echo lng('Username'); ?></label>
284 <input type="text" class="form-control" id="fm_usr" name="fm_usr" required autofocus>
285 </div>
286
287 <div class="form-group">
288 <label for="fm_pwd"><?php echo lng('Password'); ?></label>
289 <input type="password" class="form-control" id="fm_pwd" name="fm_pwd" required>
290 </div>
291
292 <div class="form-group">
293 <div class="custom-checkbox custom-control">
294 <input type="checkbox" name="remember" id="remember" class="custom-control-input">
295 <label for="remember" class="custom-control-label"><?php echo lng('RememberMe'); ?></label>
296 </div>
297 </div>
298
299 <div class="form-group">
300 <button type="submit" class="btn btn-success btn-block" role="button">
301 <?php echo lng('Login'); ?>
302 </button>
303 </div>
304 </form>
305 </div>
306 </div>
307 <div class="footer text-center">
308 —— ©
309 <a href="https://tinyfilemanager.github.io/" target="_blank" class="text-muted" data-version="<?php echo VERSION; ?>">CCP Programmers</a> ——
310 </div>
311 </div>
312 </div>
313 </div>
314 </section>
315
316 <?php
317 fm_show_footer_login();
318 exit;
319 }
320}
321
322// update root path
323if ($use_auth && isset($_SESSION[FM_SESSION_ID]['logged'])) {
324 $root_path = isset($directories_users[$_SESSION[FM_SESSION_ID]['logged']]) ? $directories_users[$_SESSION[FM_SESSION_ID]['logged']] : $root_path;
325}
326
327// clean and check $root_path
328$root_path = rtrim($root_path, '\\/');
329$root_path = str_replace('\\', '/', $root_path);
330if (!@is_dir($root_path)) {
331 echo "<h1>Root path \"{$root_path}\" not found!</h1>";
332 exit;
333}
334
335defined('FM_SHOW_HIDDEN') || define('FM_SHOW_HIDDEN', $show_hidden_files);
336defined('FM_ROOT_PATH') || define('FM_ROOT_PATH', $root_path);
337defined('FM_LANG') || define('FM_LANG', $lang);
338defined('FM_EXTENSION') || define('FM_EXTENSION', $allowed_extensions);
339define('FM_READONLY', $use_auth && !empty($readonly_users) && isset($_SESSION[FM_SESSION_ID]['logged']) && in_array($_SESSION[FM_SESSION_ID]['logged'], $readonly_users));
340define('FM_IS_WIN', DIRECTORY_SEPARATOR == '\\');
341
342// always use ?p=
343if (!isset($_GET['p']) && empty($_FILES)) {
344 fm_redirect(FM_SELF_URL . '?p=');
345}
346
347// get path
348$p = isset($_GET['p']) ? $_GET['p'] : (isset($_POST['p']) ? $_POST['p'] : '');
349
350// clean path
351$p = fm_clean_path($p);
352
353// for ajax request - save
354$input = file_get_contents('php://input');
355$_POST = (strpos($input, 'ajax') != FALSE && strpos($input, 'save') != FALSE) ? json_decode($input, true) : $_POST;
356
357// instead globals vars
358define('FM_PATH', $p);
359define('FM_USE_AUTH', $use_auth);
360define('FM_EDIT_FILE', $edit_files);
361defined('FM_ICONV_INPUT_ENC') || define('FM_ICONV_INPUT_ENC', $iconv_input_encoding);
362defined('FM_USE_HIGHLIGHTJS') || define('FM_USE_HIGHLIGHTJS', $use_highlightjs);
363defined('FM_HIGHLIGHTJS_STYLE') || define('FM_HIGHLIGHTJS_STYLE', $highlightjs_style);
364defined('FM_DATETIME_FORMAT') || define('FM_DATETIME_FORMAT', $datetime_format);
365
366unset($p, $use_auth, $iconv_input_encoding, $use_highlightjs, $highlightjs_style);
367
368/*************************** ACTIONS ***************************/
369
370// AJAX Request
371if (isset($_POST['ajax']) && !FM_READONLY) {
372
373 // save
374 if (isset($_POST['type']) && $_POST['type'] == "save") {
375 // get current path
376 $path = FM_ROOT_PATH;
377 if (FM_PATH != '') {
378 $path .= '/' . FM_PATH;
379 }
380 // check path
381 if (!is_dir($path)) {
382 fm_redirect(FM_SELF_URL . '?p=');
383 }
384 $file = $_GET['edit'];
385 $file = fm_clean_path($file);
386 $file = str_replace('/', '', $file);
387 if ($file == '' || !is_file($path . '/' . $file)) {
388 fm_set_msg('File not found', 'error');
389 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
390 }
391 header('X-XSS-Protection:0');
392 $file_path = $path . '/' . $file;
393
394 $writedata = $_POST['content'];
395 $fd = fopen($file_path, "w");
396 @fwrite($fd, $writedata);
397 fclose($fd);
398 fm_set_msg('successful save!', 'alert');
399 die(true);
400 }
401
402 // backup files
403 if (isset($_POST['type']) && $_POST['type'] == "backup") {
404 $file = $_POST['file'];
405 $path = $_POST['path'];
406 $date = date("dMy-His");
407 $newFile = $file . '-' . $date . '.bak';
408 copy($path . '/' . $file, $path . '/' . $newFile) or die("Unable to backup");
409 echo "Backup $newFile Created";
410 }
411
412 // Save Config
413 if (isset($_POST['type']) && $_POST['type'] == "settings") {
414 global $cfg, $lang, $report_errors, $show_hidden_files, $lang_list, $hide_Cols, $calc_folder;
415 $newLng = $_POST['js-language'];
416 fm_get_translations([]);
417 if (!array_key_exists($newLng, $lang_list)) {
418 $newLng = 'en';
419 }
420
421 $erp = isset($_POST['js-error-report']) && $_POST['js-error-report'] == "true" ? true : false;
422 $shf = isset($_POST['js-show-hidden']) && $_POST['js-show-hidden'] == "true" ? true : false;
423 $hco = isset($_POST['js-hide-cols']) && $_POST['js-hide-cols'] == "true" ? true : false;
424 $caf = isset($_POST['js-calc-folder']) && $_POST['js-calc-folder'] == "true" ? true : false;
425
426 if ($cfg->data['lang'] != $newLng) {
427 $cfg->data['lang'] = $newLng;
428 $lang = $newLng;
429 }
430 if ($cfg->data['error_reporting'] != $erp) {
431 $cfg->data['error_reporting'] = $erp;
432 $report_errors = $erp;
433 }
434 if ($cfg->data['show_hidden'] != $shf) {
435 $cfg->data['show_hidden'] = $shf;
436 $show_hidden_files = $shf;
437 }
438 if ($cfg->data['show_hidden'] != $shf) {
439 $cfg->data['show_hidden'] = $shf;
440 $show_hidden_files = $shf;
441 }
442 if ($cfg->data['hide_Cols'] != $hco) {
443 $cfg->data['hide_Cols'] = $hco;
444 $hide_Cols = $hco;
445 }
446 if ($cfg->data['calc_folder'] != $caf) {
447 $cfg->data['calc_folder'] = $caf;
448 $calc_folder = $caf;
449 }
450 $cfg->save();
451 echo true;
452 }
453
454 // new password hash
455 if (isset($_POST['type']) && $_POST['type'] == "pwdhash") {
456 $res = isset($_POST['inputPassword2']) && !empty($_POST['inputPassword2']) ? password_hash($_POST['inputPassword2'], PASSWORD_DEFAULT) : '';
457 echo $res;
458 }
459
460 //upload using url
461 if(isset($_POST['type']) && $_POST['type'] == "upload" && !empty($_REQUEST["uploadurl"])) {
462 $path = FM_ROOT_PATH;
463 if (FM_PATH != '') {
464 $path .= '/' . FM_PATH;
465 }
466
467 $url = !empty($_REQUEST["uploadurl"]) && preg_match("|^http(s)?://.+$|", stripslashes($_REQUEST["uploadurl"])) ? stripslashes($_REQUEST["uploadurl"]) : null;
468 $use_curl = false;
469 $temp_file = tempnam(sys_get_temp_dir(), "upload-");
470 $fileinfo = new stdClass();
471 $fileinfo->name = trim(basename($url), ".\x00..\x20");
472
473 function event_callback ($message) {
474 global $callback;
475 echo json_encode($message);
476 }
477
478 function get_file_path () {
479 global $path, $fileinfo, $temp_file;
480 return $path."/".basename($fileinfo->name);
481 }
482
483 $err = false;
484 if (!$url) {
485 $success = false;
486 } else if ($use_curl) {
487 @$fp = fopen($temp_file, "w");
488 @$ch = curl_init($url);
489 curl_setopt($ch, CURLOPT_NOPROGRESS, false );
490 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
491 curl_setopt($ch, CURLOPT_FILE, $fp);
492 @$success = curl_exec($ch);
493 $curl_info = curl_getinfo($ch);
494 if (!$success) {
495 $err = array("message" => curl_error($ch));
496 }
497 @curl_close($ch);
498 fclose($fp);
499 $fileinfo->size = $curl_info["size_download"];
500 $fileinfo->type = $curl_info["content_type"];
501 } else {
502 $ctx = stream_context_create();
503 @$success = copy($url, $temp_file, $ctx);
504 if (!$success) {
505 $err = error_get_last();
506 }
507 }
508
509 if ($success) {
510 $success = rename($temp_file, get_file_path());
511 }
512
513 if ($success) {
514 event_callback(array("done" => $fileinfo));
515 } else {
516 unlink($temp_file);
517 if (!$err) {
518 $err = array("message" => "Invalid url parameter");
519 }
520 event_callback(array("fail" => $err));
521 }
522 }
523
524 exit();
525}
526
527// Delete file / folder
528if (isset($_GET['del']) && !FM_READONLY) {
529 $del = str_replace( '/', '', fm_clean_path( $_GET['del'] ) );
530 if ($del != '' && $del != '..' && $del != '.') {
531 $path = FM_ROOT_PATH;
532 if (FM_PATH != '') {
533 $path .= '/' . FM_PATH;
534 }
535 $is_dir = is_dir($path . '/' . $del);
536 if (fm_rdelete($path . '/' . $del)) {
537 $msg = $is_dir ? 'Folder <b>%s</b> deleted' : 'File <b>%s</b> deleted';
538 fm_set_msg(sprintf($msg, fm_enc($del)));
539 } else {
540 $msg = $is_dir ? 'Folder <b>%s</b> not deleted' : 'File <b>%s</b> not deleted';
541 fm_set_msg(sprintf($msg, fm_enc($del)), 'error');
542 }
543 } else {
544 fm_set_msg('Wrong file or folder name', 'error');
545 }
546 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
547}
548
549// Create folder
550if (isset($_GET['new']) && isset($_GET['type']) && !FM_READONLY) {
551 $type = $_GET['type'];
552 $new = str_replace( '/', '', fm_clean_path( strip_tags( $_GET['new'] ) ) );
553 if ($new != '' && $new != '..' && $new != '.') {
554 $path = FM_ROOT_PATH;
555 if (FM_PATH != '') {
556 $path .= '/' . FM_PATH;
557 }
558 if ($_GET['type'] == "file") {
559 if (!file_exists($path . '/' . $new)) {
560 @fopen($path . '/' . $new, 'w') or die('Cannot open file: ' . $new);
561 fm_set_msg(sprintf('File <b>%s</b> created', fm_enc($new)));
562 } else {
563 fm_set_msg(sprintf('File <b>%s</b> already exists', fm_enc($new)), 'alert');
564 }
565 } else {
566 if (fm_mkdir($path . '/' . $new, false) === true) {
567 fm_set_msg(sprintf('Folder <b>%s</b> created', $new));
568 } elseif (fm_mkdir($path . '/' . $new, false) === $path . '/' . $new) {
569 fm_set_msg(sprintf('Folder <b>%s</b> already exists', fm_enc($new)), 'alert');
570 } else {
571 fm_set_msg(sprintf('Folder <b>%s</b> not created', fm_enc($new)), 'error');
572 }
573 }
574 } else {
575 fm_set_msg('Wrong folder name', 'error');
576 }
577 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
578}
579
580// Copy folder / file
581if (isset($_GET['copy'], $_GET['finish']) && !FM_READONLY) {
582 // from
583 $copy = $_GET['copy'];
584 $copy = fm_clean_path($copy);
585 // empty path
586 if ($copy == '') {
587 fm_set_msg('Source path not defined', 'error');
588 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
589 }
590 // abs path from
591 $from = FM_ROOT_PATH . '/' . $copy;
592 // abs path to
593 $dest = FM_ROOT_PATH;
594 if (FM_PATH != '') {
595 $dest .= '/' . FM_PATH;
596 }
597 $dest .= '/' . basename($from);
598 // move?
599 $move = isset($_GET['move']);
600 // copy/move
601 if ($from != $dest) {
602 $msg_from = trim(FM_PATH . '/' . basename($from), '/');
603 if ($move) {
604 $rename = fm_rename($from, $dest);
605 if ($rename) {
606 fm_set_msg(sprintf('Moved from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($msg_from)));
607 } elseif ($rename === null) {
608 fm_set_msg('File or folder with this path already exists', 'alert');
609 } else {
610 fm_set_msg(sprintf('Error while moving from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($msg_from)), 'error');
611 }
612 } else {
613 if (fm_rcopy($from, $dest)) {
614 fm_set_msg(sprintf('Copied from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($msg_from)));
615 } else {
616 fm_set_msg(sprintf('Error while copying from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($msg_from)), 'error');
617 }
618 }
619 } else {
620 fm_set_msg('Paths must be not equal', 'alert');
621 }
622 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
623}
624
625// Mass copy files/ folders
626if (isset($_POST['file'], $_POST['copy_to'], $_POST['finish']) && !FM_READONLY) {
627 // from
628 $path = FM_ROOT_PATH;
629 if (FM_PATH != '') {
630 $path .= '/' . FM_PATH;
631 }
632 // to
633 $copy_to_path = FM_ROOT_PATH;
634 $copy_to = fm_clean_path($_POST['copy_to']);
635 if ($copy_to != '') {
636 $copy_to_path .= '/' . $copy_to;
637 }
638 if ($path == $copy_to_path) {
639 fm_set_msg('Paths must be not equal', 'alert');
640 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
641 }
642 if (!is_dir($copy_to_path)) {
643 if (!fm_mkdir($copy_to_path, true)) {
644 fm_set_msg('Unable to create destination folder', 'error');
645 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
646 }
647 }
648 // move?
649 $move = isset($_POST['move']);
650 // copy/move
651 $errors = 0;
652 $files = $_POST['file'];
653 if (is_array($files) && count($files)) {
654 foreach ($files as $f) {
655 if ($f != '') {
656 // abs path from
657 $from = $path . '/' . $f;
658 // abs path to
659 $dest = $copy_to_path . '/' . $f;
660 // do
661 if ($move) {
662 $rename = fm_rename($from, $dest);
663 if ($rename === false) {
664 $errors++;
665 }
666 } else {
667 if (!fm_rcopy($from, $dest)) {
668 $errors++;
669 }
670 }
671 }
672 }
673 if ($errors == 0) {
674 $msg = $move ? 'Selected files and folders moved' : 'Selected files and folders copied';
675 fm_set_msg($msg);
676 } else {
677 $msg = $move ? 'Error while moving items' : 'Error while copying items';
678 fm_set_msg($msg, 'error');
679 }
680 } else {
681 fm_set_msg('Nothing selected', 'alert');
682 }
683 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
684}
685
686// Rename
687if (isset($_GET['ren'], $_GET['to']) && !FM_READONLY) {
688 // old name
689 $old = $_GET['ren'];
690 $old = fm_clean_path($old);
691 $old = str_replace('/', '', $old);
692 // new name
693 $new = $_GET['to'];
694 $new = fm_clean_path(strip_tags($new));
695 $new = str_replace('/', '', $new);
696 // path
697 $path = FM_ROOT_PATH;
698 if (FM_PATH != '') {
699 $path .= '/' . FM_PATH;
700 }
701 // rename
702 if ($old != '' && $new != '') {
703 if (fm_rename($path . '/' . $old, $path . '/' . $new)) {
704 fm_set_msg(sprintf('Renamed from <b>%s</b> to <b>%s</b>', fm_enc($old), fm_enc($new)));
705 } else {
706 fm_set_msg(sprintf('Error while renaming from <b>%s</b> to <b>%s</b>', fm_enc($old), fm_enc($new)), 'error');
707 }
708 } else {
709 fm_set_msg('Names not set', 'error');
710 }
711 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
712}
713
714// Download
715if (isset($_GET['dl'])) {
716 $dl = $_GET['dl'];
717 $dl = fm_clean_path($dl);
718 $dl = str_replace('/', '', $dl);
719 $path = FM_ROOT_PATH;
720 if (FM_PATH != '') {
721 $path .= '/' . FM_PATH;
722 }
723 if ($dl != '' && is_file($path . '/' . $dl)) {
724 header('Content-Description: File Transfer');
725 header('Content-Type: application/octet-stream');
726 header('Content-Disposition: attachment; filename="' . basename($path . '/' . $dl) . '"');
727 header('Content-Transfer-Encoding: binary');
728 header('Connection: Keep-Alive');
729 header('Expires: 0');
730 header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
731 header('Pragma: public');
732 header('Content-Length: ' . filesize($path . '/' . $dl));
733 ob_end_clean();
734 readfile($path . '/' . $dl);
735 exit;
736 } else {
737 fm_set_msg('File not found', 'error');
738 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
739 }
740}
741
742// Upload
743if (!empty($_FILES) && !FM_READONLY) {
744 $override_file_name = false;
745 $f = $_FILES;
746 $path = FM_ROOT_PATH;
747 $ds = DIRECTORY_SEPARATOR;
748 if (FM_PATH != '') {
749 $path .= '/' . FM_PATH;
750 }
751
752 $errors = 0;
753 $uploads = 0;
754 $allowed = (FM_EXTENSION) ? explode(',', FM_EXTENSION) : false;
755
756 $filename = $f['file']['name'];
757 $tmp_name = $f['file']['tmp_name'];
758 $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
759 $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true;
760
761 $targetPath = $path . $ds;
762 $fullPath = $path . '/' . $_REQUEST['fullpath'];
763 $folder = substr($fullPath, 0, strrpos($fullPath, "/"));
764
765 if(file_exists ($fullPath) && !$override_file_name) {
766 $ext_1 = $ext ? '.'.$ext : '';
767 $fullPath = str_replace($ext_1, '', $fullPath) .'_'. date('ymdHis'). $ext_1;
768 }
769
770 if (!is_dir($folder)) {
771 $old = umask(0);
772 mkdir($folder, 0777, true);
773 umask($old);
774 }
775
776 if (empty($f['file']['error']) && !empty($tmp_name) && $tmp_name != 'none' && $isFileAllowed) {
777 if (move_uploaded_file($tmp_name, $fullPath)) {
778 die('Successfully uploaded');
779 } else {
780 die(sprintf('Error while uploading files. Uploaded files: %s', $uploads));
781 }
782 }
783 exit();
784}
785
786// Mass deleting
787if (isset($_POST['group'], $_POST['delete']) && !FM_READONLY) {
788 $path = FM_ROOT_PATH;
789 if (FM_PATH != '') {
790 $path .= '/' . FM_PATH;
791 }
792
793 $errors = 0;
794 $files = $_POST['file'];
795 if (is_array($files) && count($files)) {
796 foreach ($files as $f) {
797 if ($f != '') {
798 $new_path = $path . '/' . $f;
799 if (!fm_rdelete($new_path)) {
800 $errors++;
801 }
802 }
803 }
804 if ($errors == 0) {
805 fm_set_msg('Selected files and folder deleted');
806 } else {
807 fm_set_msg('Error while deleting items', 'error');
808 }
809 } else {
810 fm_set_msg('Nothing selected', 'alert');
811 }
812
813 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
814}
815
816// Pack files
817if (isset($_POST['group']) && (isset($_POST['zip']) || isset($_POST['tar'])) && !FM_READONLY) {
818 $path = FM_ROOT_PATH;
819 $ext = 'zip';
820 if (FM_PATH != '') {
821 $path .= '/' . FM_PATH;
822 }
823
824 //set pack type
825 $ext = isset($_POST['tar']) ? 'tar' : 'zip';
826
827
828 if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) {
829 fm_set_msg('Operations with archives are not available', 'error');
830 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
831 }
832
833 $files = $_POST['file'];
834 if (!empty($files)) {
835 chdir($path);
836
837 if (count($files) == 1) {
838 $one_file = reset($files);
839 $one_file = basename($one_file);
840 $zipname = $one_file . '_' . date('ymd_His') . '.'.$ext;
841 } else {
842 $zipname = 'archive_' . date('ymd_His') . '.'.$ext;
843 }
844
845 if($ext == 'zip') {
846 $zipper = new FM_Zipper();
847 $res = $zipper->create($zipname, $files);
848 } elseif ($ext == 'tar') {
849 $tar = new FM_Zipper_Tar();
850 $res = $tar->create($zipname, $files);
851 }
852
853 if ($res) {
854 fm_set_msg(sprintf('Archive <b>%s</b> created', fm_enc($zipname)));
855 } else {
856 fm_set_msg('Archive not created', 'error');
857 }
858 } else {
859 fm_set_msg('Nothing selected', 'alert');
860 }
861
862 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
863}
864
865// Unpack
866if (isset($_GET['unzip']) && !FM_READONLY) {
867 $unzip = $_GET['unzip'];
868 $unzip = fm_clean_path($unzip);
869 $unzip = str_replace('/', '', $unzip);
870 $isValid = false;
871
872 $path = FM_ROOT_PATH;
873 if (FM_PATH != '') {
874 $path .= '/' . FM_PATH;
875 }
876
877 if ($unzip != '' && is_file($path . '/' . $unzip)) {
878 $zip_path = $path . '/' . $unzip;
879 $ext = pathinfo($zip_path, PATHINFO_EXTENSION);
880 $isValid = true;
881 } else {
882 fm_set_msg('File not found', 'error');
883 }
884
885
886 if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) {
887 fm_set_msg('Operations with archives are not available', 'error');
888 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
889 }
890
891 if ($isValid) {
892 //to folder
893 $tofolder = '';
894 if (isset($_GET['tofolder'])) {
895 $tofolder = pathinfo($zip_path, PATHINFO_FILENAME);
896 if (fm_mkdir($path . '/' . $tofolder, true)) {
897 $path .= '/' . $tofolder;
898 }
899 }
900
901 if($ext == "zip") {
902 $zipper = new FM_Zipper();
903 $res = $zipper->unzip($zip_path, $path);
904 } elseif ($ext == "tar") {
905 $gzipper = new PharData($zip_path);
906 $res = $gzipper->extractTo($path);
907 }
908
909 if ($res) {
910 fm_set_msg('Archive unpacked');
911 } else {
912 fm_set_msg('Archive not unpacked', 'error');
913 }
914
915 } else {
916 fm_set_msg('File not found', 'error');
917 }
918 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
919}
920
921// Change Perms (not for Windows)
922if (isset($_POST['chmod']) && !FM_READONLY && !FM_IS_WIN) {
923 $path = FM_ROOT_PATH;
924 if (FM_PATH != '') {
925 $path .= '/' . FM_PATH;
926 }
927
928 $file = $_POST['chmod'];
929 $file = fm_clean_path($file);
930 $file = str_replace('/', '', $file);
931 if ($file == '' || (!is_file($path . '/' . $file) && !is_dir($path . '/' . $file))) {
932 fm_set_msg('File not found', 'error');
933 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
934 }
935
936 $mode = 0;
937 if (!empty($_POST['ur'])) {
938 $mode |= 0400;
939 }
940 if (!empty($_POST['uw'])) {
941 $mode |= 0200;
942 }
943 if (!empty($_POST['ux'])) {
944 $mode |= 0100;
945 }
946 if (!empty($_POST['gr'])) {
947 $mode |= 0040;
948 }
949 if (!empty($_POST['gw'])) {
950 $mode |= 0020;
951 }
952 if (!empty($_POST['gx'])) {
953 $mode |= 0010;
954 }
955 if (!empty($_POST['or'])) {
956 $mode |= 0004;
957 }
958 if (!empty($_POST['ow'])) {
959 $mode |= 0002;
960 }
961 if (!empty($_POST['ox'])) {
962 $mode |= 0001;
963 }
964
965 if (@chmod($path . '/' . $file, $mode)) {
966 fm_set_msg('Permissions changed');
967 } else {
968 fm_set_msg('Permissions not changed', 'error');
969 }
970
971 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
972}
973
974/*************************** /ACTIONS ***************************/
975
976// get current path
977$path = FM_ROOT_PATH;
978if (FM_PATH != '') {
979 $path .= '/' . FM_PATH;
980}
981
982// check path
983if (!is_dir($path)) {
984 fm_redirect(FM_SELF_URL . '?p=');
985}
986
987// get parent folder
988$parent = fm_get_parent_path(FM_PATH);
989
990$objects = is_readable($path) ? scandir($path) : array();
991$folders = array();
992$files = array();
993$current_path = array_slice(explode("/",$path), -1)[0];
994if (is_array($objects) && !in_array($current_path, $GLOBALS['exclude_items'])) {
995 foreach ($objects as $file) {
996 if ($file == '.' || $file == '..' && in_array($file, $GLOBALS['exclude_items'])) {
997 continue;
998 }
999 if (!FM_SHOW_HIDDEN && substr($file, 0, 1) === '.') {
1000 continue;
1001 }
1002 $new_path = $path . '/' . $file;
1003 if (@is_file($new_path) && !in_array($file, $GLOBALS['exclude_items'])) {
1004 $files[] = $file;
1005 } elseif (@is_dir($new_path) && $file != '.' && $file != '..' && !in_array($file, $GLOBALS['exclude_items'])) {
1006 $folders[] = $file;
1007 }
1008 }
1009}
1010
1011if (!empty($files)) {
1012 natcasesort($files);
1013}
1014if (!empty($folders)) {
1015 natcasesort($folders);
1016}
1017
1018// upload form
1019if (isset($_GET['upload']) && !FM_READONLY) {
1020 fm_show_header(); // HEADER
1021 fm_show_nav_path(FM_PATH); // current path
1022 ?>
1023
1024 <link href="https://cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.css" rel="stylesheet">
1025 <div class="path">
1026
1027 <div class="card mb-2 fm-upload-wrapper">
1028 <div class="card-header">
1029 <ul class="nav nav-tabs card-header-tabs">
1030 <li class="nav-item">
1031 <a class="nav-link active" href="#fileUploader" data-target="#fileUploader"><i class="fa fa-arrow-circle-o-up"></i> <?php echo lng('UploadingFiles') ?></a>
1032 </li>
1033 <li class="nav-item">
1034 <a class="nav-link" href="#urlUploader" class="js-url-upload" data-target="#urlUploader"><i class="fa fa-link"></i> Upload from URL</a>
1035 </li>
1036 </ul>
1037 </div>
1038 <div class="card-body">
1039 <p class="card-text">
1040 <a href="?p=<?php echo FM_PATH ?>" class="float-right"><i class="fa fa-chevron-circle-left go-back"></i> <?php echo lng('Back')?></a>
1041 <?php echo lng('DestinationFolder') ?>: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . FM_PATH)) ?>
1042 </p>
1043
1044 <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) . '?p=' . fm_enc(FM_PATH) ?>" class="dropzone card-tabs-container" id="fileUploader" enctype="multipart/form-data">
1045 <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
1046 <input type="hidden" name="fullpath" id="fullpath" value="<?php echo fm_enc(FM_PATH) ?>">
1047 <div class="fallback">
1048 <input name="file" type="file" multiple/>
1049 </div>
1050 </form>
1051
1052 <div class="upload-url-wrapper card-tabs-container hidden" id="urlUploader">
1053 <form id="js-form-url-upload" class="form-inline" onsubmit="return upload_from_url(this);" method="POST" action="">
1054 <input type="hidden" name="type" value="upload" aria-label="hidden" aria-hidden="true">
1055 <input type="url" placeholder="URL" name="uploadurl" required class="form-control" style="width: 80%">
1056 <button type="submit" class="btn btn-primary ml-3"><?php echo lng('Upload') ?></button>
1057 <div class="lds-facebook"><div></div><div></div><div></div></div>
1058 </form>
1059 <div id="js-url-upload__list" class="col-9 mt-3"></div>
1060 </div>
1061 </div>
1062 </div>
1063 </div>
1064 <script src="https://cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.js"></script>
1065 <script>
1066 Dropzone.options.fileUploader = {
1067 timeout: 120000,
1068 maxFilesize: <?php echo MAX_UPLOAD_SIZE; ?>,
1069 init: function () {
1070 this.on("sending", function (file, xhr, formData) {
1071 let _path = (file.fullPath) ? file.fullPath : file.name;
1072 document.getElementById("fullpath").value = _path;
1073 xhr.ontimeout = (function() {
1074 alert('Error: Server Timeout');
1075 });
1076 }).on("success", function (res) {
1077 console.log('Upload Status >> ', res.status);
1078 }).on("error", function(file, response) {
1079 alert(response);
1080 });
1081 }
1082 }
1083 </script>
1084 <?php
1085 fm_show_footer();
1086 exit;
1087}
1088
1089// copy form POST
1090if (isset($_POST['copy']) && !FM_READONLY) {
1091 $copy_files = $_POST['file'];
1092 if (!is_array($copy_files) || empty($copy_files)) {
1093 fm_set_msg('Nothing selected', 'alert');
1094 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1095 }
1096
1097 fm_show_header(); // HEADER
1098 fm_show_nav_path(FM_PATH); // current path
1099 ?>
1100 <div class="path">
1101 <div class="card">
1102 <div class="card-header">
1103 <h6><?php echo lng('Copying') ?></h6>
1104 </div>
1105 <div class="card-body">
1106 <form action="" method="post">
1107 <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
1108 <input type="hidden" name="finish" value="1">
1109 <?php
1110 foreach ($copy_files as $cf) {
1111 echo '<input type="hidden" name="file[]" value="' . fm_enc($cf) . '">' . PHP_EOL;
1112 }
1113 ?>
1114 <p class="break-word"><?php echo lng('Files') ?>: <b><?php echo implode('</b>, <b>', $copy_files) ?></b></p>
1115 <p class="break-word"><?php echo lng('SourceFolder') ?>: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . FM_PATH)) ?><br>
1116 <label for="inp_copy_to"><?php echo lng('DestinationFolder') ?>:</label>
1117 <?php echo FM_ROOT_PATH ?>/<input type="text" name="copy_to" id="inp_copy_to" value="<?php echo fm_enc(FM_PATH) ?>">
1118 </p>
1119 <p class="custom-checkbox custom-control"><input type="checkbox" name="move" value="1" id="js-move-files" class="custom-control-input"><label for="js-move-files" class="custom-control-label" style="vertical-align: sub"> <?php echo lng('Move') ?></label></p>
1120 <p>
1121 <button type="submit" class="btn btn-success"><i class="fa fa-check-circle"></i> <?php echo lng('Copy') ?></button>
1122 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>" class="btn btn-outline-primary"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></a></b>
1123 </p>
1124 </form>
1125 </div>
1126 </div>
1127 </div>
1128 <?php
1129 fm_show_footer();
1130 exit;
1131}
1132
1133// copy form
1134if (isset($_GET['copy']) && !isset($_GET['finish']) && !FM_READONLY) {
1135 $copy = $_GET['copy'];
1136 $copy = fm_clean_path($copy);
1137 if ($copy == '' || !file_exists(FM_ROOT_PATH . '/' . $copy)) {
1138 fm_set_msg('File not found', 'error');
1139 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1140 }
1141
1142 fm_show_header(); // HEADER
1143 fm_show_nav_path(FM_PATH); // current path
1144 ?>
1145 <div class="path">
1146 <p><b>Copying</b></p>
1147 <p class="break-word">
1148 Source path: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . $copy)) ?><br>
1149 Destination folder: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . FM_PATH)) ?>
1150 </p>
1151 <p>
1152 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode($copy) ?>&finish=1"><i class="fa fa-check-circle"></i> Copy</a></b>
1153 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode($copy) ?>&finish=1&move=1"><i class="fa fa-check-circle"></i> Move</a></b>
1154 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>"><i class="fa fa-times-circle"></i> Cancel</a></b>
1155 </p>
1156 <p><i>Select folder</i></p>
1157 <ul class="folders break-word">
1158 <?php
1159 if ($parent !== false) {
1160 ?>
1161 <li><a href="?p=<?php echo urlencode($parent) ?>&copy=<?php echo urlencode($copy) ?>"><i class="fa fa-chevron-circle-left"></i> ..</a></li>
1162 <?php
1163 }
1164 foreach ($folders as $f) {
1165 ?>
1166 <li>
1167 <a href="?p=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>&copy=<?php echo urlencode($copy) ?>"><i class="fa fa-folder-o"></i> <?php echo fm_convert_win($f) ?></a></li>
1168 <?php
1169 }
1170 ?>
1171 </ul>
1172 </div>
1173 <?php
1174 fm_show_footer();
1175 exit;
1176}
1177
1178if (isset($_GET['settings']) && !FM_READONLY) {
1179 fm_show_header(); // HEADER
1180 fm_show_nav_path(FM_PATH); // current path
1181 global $cfg, $lang, $lang_list;
1182 ?>
1183
1184 <div class="col-md-8 offset-md-2 pt-3">
1185 <div class="card mb-2">
1186 <h6 class="card-header">
1187 <i class="fa fa-cog"></i> <?php echo lng('Settings') ?>
1188 <a href="?p=<?php echo FM_PATH ?>" class="float-right"><i class="fa fa-window-close"></i> <?php echo lng('Cancel')?></a>
1189 </h6>
1190 <div class="card-body">
1191 <form id="js-settings-form" action="" method="post" data-type="ajax" onsubmit="return save_settings(this)">
1192 <input type="hidden" name="type" value="settings" aria-label="hidden" aria-hidden="true">
1193 <div class="form-group row">
1194 <label for="js-language" class="col-sm-3 col-form-label"><?php echo lng('Language') ?></label>
1195 <div class="col-sm-5">
1196 <select class="form-control" id="js-language" name="js-language">
1197 <?php
1198 function getSelected($l) {
1199 global $lang;
1200 return ($lang == $l) ? 'selected' : '';
1201 }
1202 foreach ($lang_list as $k => $v) {
1203 echo "<option value='$k' ".getSelected($k).">$v</option>";
1204 }
1205 ?>
1206 </select>
1207 </div>
1208 </div>
1209 <?php
1210 //get ON/OFF and active class
1211 function getChecked($conf, $val, $txt) {
1212 if($conf== 1 && $val ==1) {
1213 return $txt;
1214 } else if($conf == '' && $val == '') {
1215 return $txt;
1216 } else {
1217 return '';
1218 }
1219 }
1220 ?>
1221 <div class="form-group row">
1222 <label for="js-err-rpt-1" class="col-sm-3 col-form-label"><?php echo lng('ErrorReporting') ?></label>
1223 <div class="col-sm-9">
1224 <div class="btn-group btn-group-toggle" data-toggle="buttons">
1225 <label class="btn btn-secondary <?php echo getChecked($report_errors, 1, 'active') ?>">
1226 <input type="radio" name="js-error-report" id="js-err-rpt-1" autocomplete="off" value="true" <?php echo getChecked($report_errors, 1, 'checked') ?> > ON
1227 </label>
1228 <label class="btn btn-secondary <?php echo getChecked($report_errors, '', 'active') ?>">
1229 <input type="radio" name="js-error-report" id="js-err-rpt-0" autocomplete="off" value="false" <?php echo getChecked($report_errors, '', 'checked') ?> > OFF
1230 </label>
1231 </div>
1232 </div>
1233 </div>
1234
1235 <div class="form-group row">
1236 <label for="js-hdn-1" class="col-sm-3 col-form-label"><?php echo lng('ShowHiddenFiles') ?></label>
1237 <div class="col-sm-9">
1238 <div class="btn-group btn-group-toggle" data-toggle="buttons">
1239 <label class="btn btn-secondary <?php echo getChecked($show_hidden_files, 1, 'active') ?>">
1240 <input type="radio" name="js-show-hidden" id="js-hdn-1" autocomplete="off" value="true" <?php echo getChecked($show_hidden_files, 1, 'checked') ?> > ON
1241 </label>
1242 <label class="btn btn-secondary <?php echo getChecked($show_hidden_files, '', 'active') ?>">
1243 <input type="radio" name="js-show-hidden" id="js-hdn-0" autocomplete="off" value="false" <?php echo getChecked($show_hidden_files, '', 'checked') ?> > OFF
1244 </label>
1245 </div>
1246 </div>
1247 </div>
1248
1249 <div class="form-group row">
1250 <label for="js-hid-1" class="col-sm-3 col-form-label"><?php echo lng('HideColumns') ?></label>
1251 <div class="col-sm-9">
1252 <div class="btn-group btn-group-toggle" data-toggle="buttons">
1253 <label class="btn btn-secondary <?php echo getChecked($hide_Cols, 1, 'active') ?>">
1254 <input type="radio" name="js-hide-cols" id="js-hid-1" autocomplete="off" value="true" <?php echo getChecked($hide_Cols, 1, 'checked') ?> > ON
1255 </label>
1256 <label class="btn btn-secondary <?php echo getChecked($hide_Cols, '', 'active') ?>">
1257 <input type="radio" name="js-hide-cols" id="js-hid-0" autocomplete="off" value="false" <?php echo getChecked($hide_Cols, '', 'checked') ?> > OFF
1258 </label>
1259 </div>
1260 </div>
1261 </div>
1262
1263 <div class="form-group row">
1264 <label for="js-dir-1" class="col-sm-3 col-form-label"><?php echo lng('CalculateFolderSize') ?></label>
1265 <div class="col-sm-9">
1266 <div class="btn-group btn-group-toggle" data-toggle="buttons">
1267 <label class="btn btn-secondary <?php echo getChecked($calc_folder, 1, 'active') ?>">
1268 <input type="radio" name="js-calc-folder" id="js-dir-1" autocomplete="off" value="true" <?php echo getChecked($calc_folder, 1, 'checked') ?> > ON
1269 </label>
1270 <label class="btn btn-secondary <?php echo getChecked($calc_folder, '', 'active') ?>">
1271 <input type="radio" name="js-calc-folder" id="js-dir-0" autocomplete="off" value="false" <?php echo getChecked($calc_folder, '', 'checked') ?> > OFF
1272 </label>
1273 </div>
1274 </div>
1275 </div>
1276
1277 <div class="form-group row">
1278 <div class="col-sm-10">
1279 <button type="submit" class="btn btn-success"> <i class="fa fa-check-circle"></i> <?php echo lng('Save'); ?></button>
1280 </div>
1281 </div>
1282
1283 </form>
1284 </div>
1285 </div>
1286 </div>
1287 <?php
1288 fm_show_footer();
1289 exit;
1290}
1291
1292if (isset($_GET['help'])) {
1293 fm_show_header(); // HEADER
1294 fm_show_nav_path(FM_PATH); // current path
1295 global $cfg, $lang;
1296 ?>
1297
1298 <div class="col-md-8 offset-md-2 pt-3">
1299 <div class="card mb-2">
1300 <h6 class="card-header">
1301 <i class="fa fa-exclamation-circle"></i> <?php echo lng('Help') ?>
1302 <a href="?p=<?php echo FM_PATH ?>" class="float-right"><i class="fa fa-window-close"></i> <?php echo lng('Cancel')?></a>
1303 </h6>
1304 <div class="card-body">
1305 <div class="row">
1306 <div class="col-xs-12 col-sm-6">
1307 <p><h3><a href="https://github.com/prasathmani/tinyfilemanager" target="_blank" class="app-v-title"> Tiny File Manager <?php echo VERSION; ?></a></h3></p>
1308 <p>Author: Prasath Mani</p>
1309 <p>Mail Us: <a href="mailto:ccpprogrammers@gmail.com">ccpprogrammers[at]gmail.com</a> </p>
1310 </div>
1311 <div class="col-xs-12 col-sm-6">
1312 <div class="card">
1313 <ul class="list-group list-group-flush">
1314 <li class="list-group-item"><a href="https://tinyfilemanager.github.io/docs/" target="_blank"><i class="fa fa-question-circle"></i> <?php echo lng('Help Documents') ?> </a> </li>
1315 <li class="list-group-item"><a href="https://github.com/prasathmani/tinyfilemanager/issues" target="_blank"><i class="fa fa-bug"></i> <?php echo lng('Report Issue') ?></a></li>
1316 <li class="list-group-item"><a href="javascript:latest_release_info('<?php echo VERSION; ?>');"><i class="fa fa-link"> </i> <?php echo lng('Check Latest Version') ?></a></li>
1317 <?php if(!FM_READONLY) { ?>
1318 <li class="list-group-item"><a href="javascript:show_new_pwd();"><i class="fa fa-lock"></i> <?php echo lng('Generate new password hash') ?></a></li>
1319 <?php } ?>
1320 </ul>
1321 </div>
1322 </div>
1323 </div>
1324 <div class="row js-new-pwd hidden mt-2">
1325 <div class="col-12">
1326 <form class="form-inline" onsubmit="return new_password_hash(this)" method="POST" action="">
1327 <input type="hidden" name="type" value="pwdhash" aria-label="hidden" aria-hidden="true">
1328 <div class="form-group mb-2">
1329 <label for="staticEmail2"><?php echo lng('Generate new password hash') ?></label>
1330 </div>
1331 <div class="form-group mx-sm-3 mb-2">
1332 <label for="inputPassword2" class="sr-only"><?php echo lng('Password') ?></label>
1333 <input type="text" class="form-control btn-sm" id="inputPassword2" name="inputPassword2" placeholder="Password" required>
1334 </div>
1335 <button type="submit" class="btn btn-success btn-sm mb-2"><?php echo lng('Generate') ?></button>
1336 </form>
1337 <textarea class="form-control" rows="2" readonly id="js-pwd-result"></textarea>
1338 </div>
1339 </div>
1340 </div>
1341 </div>
1342 </div>
1343 <?php
1344 fm_show_footer();
1345 exit;
1346}
1347
1348// file viewer
1349if (isset($_GET['view'])) {
1350 $file = $_GET['view'];
1351 $quickView = (isset($_GET['quickView']) && $_GET['quickView'] == 1) ? true : false;
1352 $file = fm_clean_path($file, false);
1353 $file = str_replace('/', '', $file);
1354 if ($file == '' || !is_file($path . '/' . $file) || in_array($file, $GLOBALS['exclude_items'])) {
1355 fm_set_msg('File not found', 'error');
1356 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1357 }
1358
1359 if(!$quickView) {
1360 fm_show_header(); // HEADER
1361 fm_show_nav_path(FM_PATH); // current path
1362 }
1363
1364 $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file);
1365 $file_path = $path . '/' . $file;
1366
1367 $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION));
1368 $mime_type = fm_get_mime_type($file_path);
1369 $filesize = fm_get_filesize(filesize($file_path));
1370
1371 $is_zip = false;
1372 $is_gzip = false;
1373 $is_image = false;
1374 $is_audio = false;
1375 $is_video = false;
1376 $is_text = false;
1377 $is_onlineViewer = false;
1378
1379 $view_title = 'File';
1380 $filenames = false; // for zip
1381 $content = ''; // for text
1382 $online_viewer = strtolower($GLOBALS['online_viewer']);
1383
1384 if($online_viewer && $online_viewer !== 'false' && in_array($ext, fm_get_onlineViewer_exts())){
1385 $is_onlineViewer = true;
1386 }
1387 elseif ($ext == 'zip' || $ext == 'tar') {
1388 $is_zip = true;
1389 $view_title = 'Archive';
1390 $filenames = fm_get_zif_info($file_path, $ext);
1391 } elseif (in_array($ext, fm_get_image_exts())) {
1392 $is_image = true;
1393 $view_title = 'Image';
1394 } elseif (in_array($ext, fm_get_audio_exts())) {
1395 $is_audio = true;
1396 $view_title = 'Audio';
1397 } elseif (in_array($ext, fm_get_video_exts())) {
1398 $is_video = true;
1399 $view_title = 'Video';
1400 } elseif (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) {
1401 $is_text = true;
1402 $content = file_get_contents($file_path);
1403 }
1404
1405 ?>
1406 <div class="row">
1407 <div class="col-12">
1408 <?php if(!$quickView) { ?>
1409 <p class="break-word"><b><?php echo $view_title ?> "<?php echo fm_enc(fm_convert_win($file)) ?>"</b></p>
1410 <p class="break-word">
1411 Full path: <?php echo fm_enc(fm_convert_win($file_path)) ?><br>
1412 File
1413 size: <?php echo fm_get_filesize($filesize) ?><?php if ($filesize >= 1000): ?> (<?php echo sprintf('%s bytes', $filesize) ?>)<?php endif; ?>
1414 <br>
1415 MIME-type: <?php echo $mime_type ?><br>
1416 <?php
1417 // ZIP info
1418 if (($is_zip || $is_gzip) && $filenames !== false) {
1419 $total_files = 0;
1420 $total_comp = 0;
1421 $total_uncomp = 0;
1422 foreach ($filenames as $fn) {
1423 if (!$fn['folder']) {
1424 $total_files++;
1425 }
1426 $total_comp += $fn['compressed_size'];
1427 $total_uncomp += $fn['filesize'];
1428 }
1429 ?>
1430 Files in archive: <?php echo $total_files ?><br>
1431 Total size: <?php echo fm_get_filesize($total_uncomp) ?><br>
1432 Size in archive: <?php echo fm_get_filesize($total_comp) ?><br>
1433 Compression: <?php echo round(($total_comp / $total_uncomp) * 100) ?>%<br>
1434 <?php
1435 }
1436 // Image info
1437 if ($is_image) {
1438 $image_size = getimagesize($file_path);
1439 echo 'Image sizes: ' . (isset($image_size[0]) ? $image_size[0] : '0') . ' x ' . (isset($image_size[1]) ? $image_size[1] : '0') . '<br>';
1440 }
1441 // Text info
1442 if ($is_text) {
1443 $is_utf8 = fm_is_utf8($content);
1444 if (function_exists('iconv')) {
1445 if (!$is_utf8) {
1446 $content = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $content);
1447 }
1448 }
1449 echo 'Charset: ' . ($is_utf8 ? 'utf-8' : '8 bit') . '<br>';
1450 }
1451 ?>
1452 </p>
1453 <p>
1454 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&dl=<?php echo urlencode($file) ?>"><i class="fa fa-cloud-download"></i> <?php echo lng('Download') ?></a></b>
1455 <b><a href="<?php echo fm_enc($file_url) ?>" target="_blank"><i class="fa fa-external-link-square"></i> <?php echo lng('Open') ?></a></b>
1456
1457 <?php
1458 // ZIP actions
1459 if (!FM_READONLY && ($is_zip || $is_gzip) && $filenames !== false) {
1460 $zip_name = pathinfo($file_path, PATHINFO_FILENAME);
1461 ?>
1462 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&unzip=<?php echo urlencode($file) ?>"><i class="fa fa-check-circle"></i> <?php echo lng('UnZip') ?></a></b>
1463 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&unzip=<?php echo urlencode($file) ?>&tofolder=1" title="UnZip to <?php echo fm_enc($zip_name) ?>"><i class="fa fa-check-circle"></i>
1464 <?php echo lng('UnZipToFolder') ?></a></b>
1465 <?php
1466 }
1467 if ($is_text && !FM_READONLY) {
1468 ?>
1469 <b><a href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>" class="edit-file"><i class="fa fa-pencil-square"></i> <?php echo lng('Edit') ?>
1470 </a></b>
1471 <b><a href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>&env=ace"
1472 class="edit-file"><i class="fa fa-pencil-square-o"></i> <?php echo lng('AdvancedEditor') ?>
1473 </a></b>
1474 <?php } ?>
1475 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>"><i class="fa fa-chevron-circle-left go-back"></i> <?php echo lng('Back') ?></a></b>
1476 </p>
1477 <?php
1478 }
1479 if($is_onlineViewer) {
1480 if($online_viewer == 'google') {
1481 echo '<iframe src="https://docs.google.com/viewer?embedded=true&hl=en&url=' . fm_enc($file_url) . '" frameborder="no" style="width:100%;min-height:460px"></iframe>';
1482 } else if($online_viewer == 'microsoft') {
1483 echo '<iframe src="https://view.officeapps.live.com/op/embed.aspx?src=' . fm_enc($file_url) . '" frameborder="no" style="width:100%;min-height:460px"></iframe>';
1484 }
1485 } elseif ($is_zip) {
1486 // ZIP content
1487 if ($filenames !== false) {
1488 echo '<code class="maxheight">';
1489 foreach ($filenames as $fn) {
1490 if ($fn['folder']) {
1491 echo '<b>' . fm_enc($fn['name']) . '</b><br>';
1492 } else {
1493 echo $fn['name'] . ' (' . fm_get_filesize($fn['filesize']) . ')<br>';
1494 }
1495 }
1496 echo '</code>';
1497 } else {
1498 echo '<p>Error while fetching archive info</p>';
1499 }
1500 } elseif ($is_image) {
1501 // Image content
1502 if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg'))) {
1503 echo '<p><img src="' . fm_enc($file_url) . '" alt="" class="preview-img"></p>';
1504 }
1505 } elseif ($is_audio) {
1506 // Audio content
1507 echo '<p><audio src="' . fm_enc($file_url) . '" controls preload="metadata"></audio></p>';
1508 } elseif ($is_video) {
1509 // Video content
1510 echo '<div class="preview-video"><video src="' . fm_enc($file_url) . '" width="640" height="360" controls preload="metadata"></video></div>';
1511 } elseif ($is_text) {
1512 if (FM_USE_HIGHLIGHTJS) {
1513 // highlight
1514 $hljs_classes = array(
1515 'shtml' => 'xml',
1516 'htaccess' => 'apache',
1517 'phtml' => 'php',
1518 'lock' => 'json',
1519 'svg' => 'xml',
1520 );
1521 $hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext;
1522 if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) {
1523 $hljs_class = 'nohighlight';
1524 }
1525 $content = '<pre class="with-hljs"><code class="' . $hljs_class . '">' . fm_enc($content) . '</code></pre>';
1526 } elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) {
1527 // php highlight
1528 $content = highlight_string($content, true);
1529 } else {
1530 $content = '<pre>' . fm_enc($content) . '</pre>';
1531 }
1532 echo $content;
1533 }
1534 ?>
1535 </div>
1536 </div>
1537 <?php
1538 if(!$quickView) {
1539 fm_show_footer();
1540 }
1541 exit;
1542}
1543
1544// file editor
1545if (isset($_GET['edit'])) {
1546 $file = $_GET['edit'];
1547 $file = fm_clean_path($file, false);
1548 $file = str_replace('/', '', $file);
1549 if ($file == '' || !is_file($path . '/' . $file)) {
1550 fm_set_msg('File not found', 'error');
1551 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1552 }
1553 header('X-XSS-Protection:0');
1554 fm_show_header(); // HEADER
1555 fm_show_nav_path(FM_PATH); // current path
1556
1557 $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file);
1558 $file_path = $path . '/' . $file;
1559
1560 // normal editer
1561 $isNormalEditor = true;
1562 if (isset($_GET['env'])) {
1563 if ($_GET['env'] == "ace") {
1564 $isNormalEditor = false;
1565 }
1566 }
1567
1568 // Save File
1569 if (isset($_POST['savedata'])) {
1570 $writedata = $_POST['savedata'];
1571 $fd = fopen($file_path, "w");
1572 @fwrite($fd, $writedata);
1573 fclose($fd);
1574 fm_set_msg('File Saved Successfully');
1575 }
1576
1577 $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION));
1578 $mime_type = fm_get_mime_type($file_path);
1579 $filesize = filesize($file_path);
1580 $is_text = false;
1581 $content = ''; // for text
1582
1583 if (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) {
1584 $is_text = true;
1585 $content = file_get_contents($file_path);
1586 }
1587
1588 ?>
1589 <div class="path">
1590 <div class="row">
1591 <div class="col-xs-12 col-sm-5 col-lg-6 pt-1">
1592 <div class="btn-toolbar" role="toolbar">
1593 <?php if (!$isNormalEditor) { ?>
1594 <div class="btn-group js-ace-toolbar">
1595 <button data-cmd="none" data-option="fullscreen" class="btn btn-sm btn-outline-secondary" id="js-ace-fullscreen" title="Fullscreen"><i class="fa fa-expand" title="Fullscreen"></i></button>
1596 <button data-cmd="find" class="btn btn-sm btn-outline-secondary" id="js-ace-search" title="Search"><i class="fa fa-search" title="Search"></i></button>
1597 <button data-cmd="undo" class="btn btn-sm btn-outline-secondary" id="js-ace-undo" title="Undo"><i class="fa fa-undo" title="Undo"></i></button>
1598 <button data-cmd="redo" class="btn btn-sm btn-outline-secondary" id="js-ace-redo" title="Redo"><i class="fa fa-repeat" title="Redo"></i></button>
1599 <button data-cmd="none" data-option="wrap" class="btn btn-sm btn-outline-secondary" id="js-ace-wordWrap" title="Word Wrap"><i class="fa fa-text-width" title="Word Wrap"></i></button>
1600 <button data-cmd="none" data-option="help" class="btn btn-sm btn-outline-secondary" id="js-ace-goLine" title="Help"><i class="fa fa-question" title="Help"></i></button>
1601 <select id="js-ace-mode" data-type="mode" title="Select Document Type" class="btn-outline-secondary border-left-0 d-none d-md-block"><option>-- Select Mode --</option></select>
1602 <select id="js-ace-theme" data-type="theme" title="Select Theme" class="btn-outline-secondary border-left-0 d-none d-lg-block"><option>-- Select Theme --</option></select>
1603 <select id="js-ace-fontSize" data-type="fontSize" title="Selct Font Size" class="btn-outline-secondary border-left-0 d-none d-lg-block"><option>-- Select Font Size --</option></select>
1604 </div>
1605 <?php } ?>
1606 </div>
1607 </div>
1608 <div class="edit-file-actions col-xs-12 col-sm-7 col-lg-6 text-right pt-1">
1609 <a title="Back" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&view=<?php echo urlencode($file) ?>"><i class="fa fa-reply-all"></i> <?php echo lng('Back') ?></a>
1610 <a title="Backup" class="btn btn-sm btn-outline-primary" href="javascript:backup('<?php echo urlencode($path) ?>','<?php echo urlencode($file) ?>')"><i class="fa fa-database"></i> <?php echo lng('BackUp') ?></a>
1611 <?php if ($is_text) { ?>
1612 <?php if ($isNormalEditor) { ?>
1613 <a title="Advanced" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>&env=ace"><i class="fa fa-pencil-square-o"></i> <?php echo lng('AdvancedEditor') ?></a>
1614 <button type="button" class="btn btn-sm btn-outline-primary name="Save" data-url="<?php echo fm_enc($file_url) ?>" onclick="edit_save(this,'nrl')"><i class="fa fa-floppy-o"></i> Save
1615 </button>
1616 <?php } else { ?>
1617 <a title="Plain Editor" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>"><i class="fa fa-text-height"></i> <?php echo lng('NormalEditor') ?></a>
1618 <button type="button" class="btn btn-sm btn-outline-primary" name="Save" data-url="<?php echo fm_enc($file_url) ?>" onclick="edit_save(this,'ace')"><i class="fa fa-floppy-o"></i> <?php echo lng('Save') ?>
1619 </button>
1620 <?php } ?>
1621 <?php } ?>
1622 </div>
1623 </div>
1624 <?php
1625 if ($is_text && $isNormalEditor) {
1626 echo '<textarea class="mt-2" id="normal-editor" rows="33" cols="120" style="width: 99.5%;">' . htmlspecialchars($content) . '</textarea>';
1627 } elseif ($is_text) {
1628 echo '<div id="editor" contenteditable="true">' . htmlspecialchars($content) . '</div>';
1629 } else {
1630 fm_set_msg('FILE EXTENSION HAS NOT SUPPORTED', 'error');
1631 }
1632 ?>
1633 </div>
1634 <?php
1635 fm_show_footer();
1636 exit;
1637}
1638
1639// chmod (not for Windows)
1640if (isset($_GET['chmod']) && !FM_READONLY && !FM_IS_WIN) {
1641 $file = $_GET['chmod'];
1642 $file = fm_clean_path($file);
1643 $file = str_replace('/', '', $file);
1644 if ($file == '' || (!is_file($path . '/' . $file) && !is_dir($path . '/' . $file))) {
1645 fm_set_msg('File not found', 'error');
1646 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1647 }
1648
1649 fm_show_header(); // HEADER
1650 fm_show_nav_path(FM_PATH); // current path
1651
1652 $file_url = FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file;
1653 $file_path = $path . '/' . $file;
1654
1655 $mode = fileperms($path . '/' . $file);
1656
1657 ?>
1658 <div class="path">
1659 <div class="card mb-2">
1660 <h6 class="card-header">
1661 <?php echo lng('ChangePermissions') ?>
1662 </h6>
1663 <div class="card-body">
1664 <p class="card-text">
1665 Full path: <?php echo $file_path ?><br>
1666 </p>
1667 <form action="" method="post">
1668 <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
1669 <input type="hidden" name="chmod" value="<?php echo fm_enc($file) ?>">
1670
1671 <table class="table compact-table">
1672 <tr>
1673 <td></td>
1674 <td><b><?php echo lng('Owner') ?></b></td>
1675 <td><b><?php echo lng('Group') ?></b></td>
1676 <td><b><?php echo lng('Other') ?></b></td>
1677 </tr>
1678 <tr>
1679 <td style="text-align: right"><b><?php echo lng('Read') ?></b></td>
1680 <td><label><input type="checkbox" name="ur" value="1"<?php echo ($mode & 00400) ? ' checked' : '' ?>></label></td>
1681 <td><label><input type="checkbox" name="gr" value="1"<?php echo ($mode & 00040) ? ' checked' : '' ?>></label></td>
1682 <td><label><input type="checkbox" name="or" value="1"<?php echo ($mode & 00004) ? ' checked' : '' ?>></label></td>
1683 </tr>
1684 <tr>
1685 <td style="text-align: right"><b><?php echo lng('Write') ?></b></td>
1686 <td><label><input type="checkbox" name="uw" value="1"<?php echo ($mode & 00200) ? ' checked' : '' ?>></label></td>
1687 <td><label><input type="checkbox" name="gw" value="1"<?php echo ($mode & 00020) ? ' checked' : '' ?>></label></td>
1688 <td><label><input type="checkbox" name="ow" value="1"<?php echo ($mode & 00002) ? ' checked' : '' ?>></label></td>
1689 </tr>
1690 <tr>
1691 <td style="text-align: right"><b><?php echo lng('Execute') ?></b></td>
1692 <td><label><input type="checkbox" name="ux" value="1"<?php echo ($mode & 00100) ? ' checked' : '' ?>></label></td>
1693 <td><label><input type="checkbox" name="gx" value="1"<?php echo ($mode & 00010) ? ' checked' : '' ?>></label></td>
1694 <td><label><input type="checkbox" name="ox" value="1"<?php echo ($mode & 00001) ? ' checked' : '' ?>></label></td>
1695 </tr>
1696 </table>
1697
1698 <p>
1699 <button type="submit" class="btn btn-success"><i class="fa fa-check-circle"></i> <?php echo lng('Change') ?></button>
1700 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>" class="btn btn-outline-primary"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></a></b>
1701 </p>
1702 </form>
1703 </div>
1704 </div>
1705 </div>
1706 <?php
1707 fm_show_footer();
1708 exit;
1709}
1710
1711//--- FILEMANAGER MAIN
1712fm_show_header(); // HEADER
1713fm_show_nav_path(FM_PATH); // current path
1714
1715// messages
1716fm_show_message();
1717
1718$num_files = count($files);
1719$num_folders = count($folders);
1720$all_files_size = 0;
1721?>
1722<form action="" method="post" class="pt-3">
1723 <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
1724 <input type="hidden" name="group" value="1">
1725 <div class="table-responsive">
1726 <table class="table table-bordered table-hover table-sm bg-white" id="main-table">
1727 <thead class="thead-white">
1728 <tr>
1729 <?php if (!FM_READONLY): ?>
1730 <th style="width:3%" class="custom-checkbox-header">
1731 <div class="custom-control custom-checkbox">
1732 <input type="checkbox" class="custom-control-input" id="js-select-all-items" onclick="checkbox_toggle()">
1733 <label class="custom-control-label" for="js-select-all-items"></label>
1734 </div>
1735 </th><?php endif; ?>
1736 <th><?php echo lng('Name') ?></th>
1737 <th><?php echo lng('Size') ?></th>
1738 <th><?php echo lng('Modified') ?></th>
1739 <?php if (!FM_IS_WIN && !$hide_Cols): ?>
1740 <th><?php echo lng('Perms') ?></th>
1741 <th><?php echo lng('Owner') ?></th><?php endif; ?>
1742 <th><?php echo lng('Actions') ?></th>
1743 </tr>
1744 </thead>
1745 <?php
1746 // link to parent folder
1747 if ($parent !== false) {
1748 ?>
1749 <tr><?php if (!FM_READONLY): ?>
1750 <td class="nosort"></td><?php endif; ?>
1751 <td class="border-0"><a href="?p=<?php echo urlencode($parent) ?>"><i class="fa fa-chevron-circle-left go-back"></i> ..</a></td>
1752 <td class="border-0"></td>
1753 <td class="border-0"></td>
1754 <td class="border-0"></td>
1755 <?php if (!FM_IS_WIN && !$hide_Cols) { ?>
1756 <td class="border-0"></td>
1757 <td class="border-0"></td>
1758 <?php } ?>
1759 </tr>
1760 <?php
1761 }
1762 $ii = 3399;
1763 foreach ($folders as $f) {
1764 $is_link = is_link($path . '/' . $f);
1765 $img = $is_link ? 'icon-link_folder' : 'fa fa-folder-o';
1766 $modif = date(FM_DATETIME_FORMAT, filemtime($path . '/' . $f));
1767 $perms = substr(decoct(fileperms($path . '/' . $f)), -4);
1768 if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
1769 $owner = posix_getpwuid(fileowner($path . '/' . $f));
1770 $group = posix_getgrgid(filegroup($path . '/' . $f));
1771 } else {
1772 $owner = array('name' => '?');
1773 $group = array('name' => '?');
1774 }
1775 ?>
1776 <tr>
1777 <?php if (!FM_READONLY): ?>
1778 <td class="custom-checkbox-td">
1779 <div class="custom-control custom-checkbox">
1780 <input type="checkbox" class="custom-control-input" id="<?php echo $ii ?>" name="file[]" value="<?php echo fm_enc($f) ?>">
1781 <label class="custom-control-label" for="<?php echo $ii ?>"></label>
1782 </div>
1783 </td><?php endif; ?>
1784 <td>
1785 <div class="filename"><a href="?p=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="<?php echo $img ?>"></i> <?php echo fm_convert_win($f) ?>
1786 </a><?php echo($is_link ? ' → <i>' . readlink($path . '/' . $f) . '</i>' : '') ?></div>
1787 </td>
1788 <td><?php if ($calc_folder) { echo fm_get_directorysize($path . '/' . $f); } else { echo lng('Folder'); } ?></td>
1789 <td><?php echo $modif ?></td>
1790 <?php if (!FM_IS_WIN && !$hide_Cols): ?>
1791 <td><?php if (!FM_READONLY): ?><a title="Change Permissions" href="?p=<?php echo urlencode(FM_PATH) ?>&chmod=<?php echo urlencode($f) ?>"><?php echo $perms ?></a><?php else: ?><?php echo $perms ?><?php endif; ?>
1792 </td>
1793 <td><?php echo $owner['name'] . ':' . $group['name'] ?></td>
1794 <?php endif; ?>
1795 <td class="inline-actions"><?php if (!FM_READONLY): ?>
1796 <a title="<?php echo lng('Delete')?>" href="?p=<?php echo urlencode(FM_PATH) ?>&del=<?php echo urlencode($f) ?>" onclick="return confirm('Delete folder?');"><i class="fa fa-trash-o" aria-hidden="true"></i></a>
1797 <a title="<?php echo lng('Rename')?>" href="#" onclick="rename('<?php echo fm_enc(FM_PATH) ?>', '<?php echo fm_enc(addslashes($f)) ?>');return false;"><i class="fa fa-pencil-square-o" aria-hidden="true"></i></a>
1798 <a title="<?php echo lng('CopyTo')?>..." href="?p=&copy=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="fa fa-files-o" aria-hidden="true"></i></a>
1799 <?php endif; ?>
1800 <a title="<?php echo lng('DirectLink')?>" href="<?php echo fm_enc(FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $f . '/') ?>" target="_blank"><i class="fa fa-link" aria-hidden="true"></i></a>
1801 </td>
1802 </tr>
1803 <?php
1804 flush();
1805 $ii++;
1806 }
1807 $ik = 6070;
1808 foreach ($files as $f) {
1809 $is_link = is_link($path . '/' . $f);
1810 $img = $is_link ? 'fa fa-file-text-o' : fm_get_file_icon_class($path . '/' . $f);
1811 $modif = date(FM_DATETIME_FORMAT, filemtime($path . '/' . $f));
1812 $filesize_raw = fm_get_size($path . '/' . $f);
1813 $filesize = fm_get_filesize($filesize_raw);
1814 $filelink = '?p=' . urlencode(FM_PATH) . '&view=' . urlencode($f);
1815 $all_files_size += $filesize_raw;
1816 $perms = substr(decoct(fileperms($path . '/' . $f)), -4);
1817 if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
1818 $owner = posix_getpwuid(fileowner($path . '/' . $f));
1819 $group = posix_getgrgid(filegroup($path . '/' . $f));
1820 } else {
1821 $owner = array('name' => '?');
1822 $group = array('name' => '?');
1823 }
1824 ?>
1825 <tr>
1826 <?php if (!FM_READONLY): ?>
1827 <td class="custom-checkbox-td">
1828 <div class="custom-control custom-checkbox">
1829 <input type="checkbox" class="custom-control-input" id="<?php echo $ik ?>" name="file[]" value="<?php echo fm_enc($f) ?>">
1830 <label class="custom-control-label" for="<?php echo $ik ?>"></label>
1831 </div>
1832 </td><?php endif; ?>
1833 <td>
1834 <div class="filename"><a href="<?php echo $filelink ?>" title="File info"><i class="<?php echo $img ?>"></i> <?php echo fm_convert_win($f) ?>
1835 </a><?php echo($is_link ? ' → <i>' . readlink($path . '/' . $f) . '</i>' : '') ?></div>
1836 </td>
1837 <td><span title="<?php printf('%s bytes', $filesize_raw) ?>">
1838 <?php echo $filesize; ?>
1839 </span></td>
1840 <td><?php echo $modif ?></td>
1841 <?php if (!FM_IS_WIN && !$hide_Cols): ?>
1842 <td><?php if (!FM_READONLY): ?><a title="<?php echo 'Change Permissions' ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&chmod=<?php echo urlencode($f) ?>"><?php echo $perms ?></a><?php else: ?><?php echo $perms ?><?php endif; ?>
1843 </td>
1844 <td><?php echo fm_enc($owner['name'] . ':' . $group['name']) ?></td>
1845 <?php endif; ?>
1846 <td class="inline-actions">
1847 <?php if (!FM_READONLY): ?>
1848 <a title="<?php echo lng('Preview') ?>" href="<?php echo $filelink.'&quickView=1'; ?>" data-toggle="lightbox" data-gallery="tiny-gallery" data-title="<?php echo fm_convert_win($f) ?>" data-max-width="100%" data-width="100%"><i class="fa fa-eye"></i></a>
1849 <a title="<?php echo lng('Delete') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&del=<?php echo urlencode($f) ?>" onclick="return confirm('<?php echo lng('Delete').' '.lng('File').'?'; ?>');"><i class="fa fa-trash-o"></i></a>
1850 <a title="<?php echo lng('Rename') ?>" href="#" onclick="rename('<?php echo fm_enc(FM_PATH) ?>', '<?php echo fm_enc(addslashes($f)) ?>');return false;"><i class="fa fa-pencil-square-o"></i></a>
1851 <a title="<?php echo lng('CopyTo') ?>..."
1852 href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="fa fa-files-o"></i></a>
1853 <?php endif; ?>
1854 <a title="<?php echo lng('DirectLink') ?>" href="<?php echo fm_enc(FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $f) ?>" target="_blank"><i class="fa fa-link"></i></a>
1855 <a title="<?php echo lng('Download') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&dl=<?php echo urlencode($f) ?>"><i class="fa fa-download"></i></a>
1856 </td>
1857 </tr>
1858 <?php
1859 flush();
1860 $ik++;
1861 }
1862
1863 if (empty($folders) && empty($files)) {
1864 ?>
1865 <tfoot>
1866 <tr><?php if (!FM_READONLY): ?>
1867 <td></td><?php endif; ?>
1868 <td colspan="<?php echo !FM_IS_WIN ? '6' : '4' ?>"><em><?php echo 'Folder is empty' ?></em></td>
1869 </tr>
1870 </tfoot>
1871 <?php
1872 } else {
1873 ?>
1874 <tfoot>
1875 <tr><?php if (!FM_READONLY): ?>
1876 <td class="gray"></td><?php endif; ?>
1877 <td class="gray" colspan="<?php echo !FM_IS_WIN ? '6' : '4' ?>">
1878 <?php echo lng('FullSize').': <span class="badge badge-light">'.fm_get_filesize($all_files_size).'</span>' ?>
1879 <?php echo lng('File').': <span class="badge badge-light">'.$num_files.'</span>' ?>
1880 <?php echo lng('Folder').': <span class="badge badge-light">'.$num_folders.'</span>' ?>
1881 <?php echo lng('MemoryUsed').': <span class="badge badge-light">'.fm_get_filesize(@memory_get_usage(true)).'</span>' ?>
1882 <?php echo lng('PartitionSize').': <span class="badge badge-light">'.fm_get_filesize(@disk_free_space($path)) .'</span> '.lng('FreeOf').' <span class="badge badge-light">'.fm_get_filesize(@disk_total_space($path)).'</span>'; ?>
1883 </td>
1884 </tr>
1885 </tfoot>
1886 <?php
1887 }
1888 ?>
1889 </table>
1890 </div>
1891
1892 <div class="row">
1893 <?php if (!FM_READONLY): ?>
1894 <div class="col-xs-12 col-sm-9">
1895 <ul class="list-inline footer-action">
1896 <li class="list-inline-item"> <a href="#/select-all" class="btn btn-small btn-outline-primary btn-2" onclick="select_all();return false;"><i class="fa fa-check-square"></i> <?php echo lng('SelectAll') ?> </a></li>
1897 <li class="list-inline-item"><a href="#/unselect-all" class="btn btn-small btn-outline-primary btn-2" onclick="unselect_all();return false;"><i class="fa fa-window-close"></i> <?php echo lng('UnSelectAll') ?> </a></li>
1898 <li class="list-inline-item"><a href="#/invert-all" class="btn btn-small btn-outline-primary btn-2" onclick="invert_all();return false;"><i class="fa fa-th-list"></i> <?php echo lng('InvertSelection') ?> </a></li>
1899 <li class="list-inline-item"><input type="submit" class="hidden" name="delete" id="a-delete" value="Delete" onclick="return confirm('Delete selected files and folders?')">
1900 <a href="javascript:document.getElementById('a-delete').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-trash"></i> <?php echo lng('Delete') ?> </a></li>
1901 <li class="list-inline-item"><input type="submit" class="hidden" name="zip" id="a-zip" value="zip" onclick="return confirm('Create archive?')">
1902 <a href="javascript:document.getElementById('a-zip').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-file-archive-o"></i> <?php echo lng('Zip') ?> </a></li>
1903 <li class="list-inline-item"><input type="submit" class="hidden" name="tar" id="a-tar" value="tar" onclick="return confirm('Create archive?')">
1904 <a href="javascript:document.getElementById('a-tar').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-file-archive-o"></i> <?php echo lng('Tar') ?> </a></li>
1905 <li class="list-inline-item"><input type="submit" class="hidden" name="copy" id="a-copy" value="Copy">
1906 <a href="javascript:document.getElementById('a-copy').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-files-o"></i> <?php echo lng('Copy') ?> </a></li>
1907 </ul>
1908 </div>
1909 <div class="col-3 d-none d-sm-block"><a href="https://tinyfilemanager.github.io" target="_blank" class="float-right text-muted">Tiny File Manager <?php echo VERSION; ?></a></div>
1910 <?php else: ?>
1911 <div class="col-12"><a href="https://tinyfilemanager.github.io" target="_blank" class="float-right text-muted">Tiny File Manager <?php echo VERSION; ?></a></div>
1912 <?php endif; ?>
1913 </div>
1914
1915</form>
1916
1917<?php
1918fm_show_footer();
1919
1920//--- END
1921
1922// Functions
1923
1924/**
1925 * Delete file or folder (recursively)
1926 * @param string $path
1927 * @return bool
1928 */
1929function fm_rdelete($path)
1930{
1931 if (is_link($path)) {
1932 return unlink($path);
1933 } elseif (is_dir($path)) {
1934 $objects = scandir($path);
1935 $ok = true;
1936 if (is_array($objects)) {
1937 foreach ($objects as $file) {
1938 if ($file != '.' && $file != '..') {
1939 if (!fm_rdelete($path . '/' . $file)) {
1940 $ok = false;
1941 }
1942 }
1943 }
1944 }
1945 return ($ok) ? rmdir($path) : false;
1946 } elseif (is_file($path)) {
1947 return unlink($path);
1948 }
1949 return false;
1950}
1951
1952/**
1953 * Recursive chmod
1954 * @param string $path
1955 * @param int $filemode
1956 * @param int $dirmode
1957 * @return bool
1958 * @todo Will use in mass chmod
1959 */
1960function fm_rchmod($path, $filemode, $dirmode)
1961{
1962 if (is_dir($path)) {
1963 if (!chmod($path, $dirmode)) {
1964 return false;
1965 }
1966 $objects = scandir($path);
1967 if (is_array($objects)) {
1968 foreach ($objects as $file) {
1969 if ($file != '.' && $file != '..') {
1970 if (!fm_rchmod($path . '/' . $file, $filemode, $dirmode)) {
1971 return false;
1972 }
1973 }
1974 }
1975 }
1976 return true;
1977 } elseif (is_link($path)) {
1978 return true;
1979 } elseif (is_file($path)) {
1980 return chmod($path, $filemode);
1981 }
1982 return false;
1983}
1984
1985/**
1986 * Safely rename
1987 * @param string $old
1988 * @param string $new
1989 * @return bool|null
1990 */
1991function fm_rename($old, $new)
1992{
1993 $allowed = (FM_EXTENSION) ? explode(',', FM_EXTENSION) : false;
1994
1995 $ext = pathinfo($new, PATHINFO_EXTENSION);
1996 $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true;
1997
1998 if(!$isFileAllowed) return false;
1999
2000 return (!file_exists($new) && file_exists($old)) ? rename($old, $new) : null;
2001}
2002
2003/**
2004 * Copy file or folder (recursively).
2005 * @param string $path
2006 * @param string $dest
2007 * @param bool $upd Update files
2008 * @param bool $force Create folder with same names instead file
2009 * @return bool
2010 */
2011function fm_rcopy($path, $dest, $upd = true, $force = true)
2012{
2013 if (is_dir($path)) {
2014 if (!fm_mkdir($dest, $force)) {
2015 return false;
2016 }
2017 $objects = scandir($path);
2018 $ok = true;
2019 if (is_array($objects)) {
2020 foreach ($objects as $file) {
2021 if ($file != '.' && $file != '..') {
2022 if (!fm_rcopy($path . '/' . $file, $dest . '/' . $file)) {
2023 $ok = false;
2024 }
2025 }
2026 }
2027 }
2028 return $ok;
2029 } elseif (is_file($path)) {
2030 return fm_copy($path, $dest, $upd);
2031 }
2032 return false;
2033}
2034
2035/**
2036 * Safely create folder
2037 * @param string $dir
2038 * @param bool $force
2039 * @return bool
2040 */
2041function fm_mkdir($dir, $force)
2042{
2043 if (file_exists($dir)) {
2044 if (is_dir($dir)) {
2045 return $dir;
2046 } elseif (!$force) {
2047 return false;
2048 }
2049 unlink($dir);
2050 }
2051 return mkdir($dir, 0777, true);
2052}
2053
2054/**
2055 * Safely copy file
2056 * @param string $f1
2057 * @param string $f2
2058 * @param bool $upd
2059 * @return bool
2060 */
2061function fm_copy($f1, $f2, $upd)
2062{
2063 $time1 = filemtime($f1);
2064 if (file_exists($f2)) {
2065 $time2 = filemtime($f2);
2066 if ($time2 >= $time1 && $upd) {
2067 return false;
2068 }
2069 }
2070 $ok = copy($f1, $f2);
2071 if ($ok) {
2072 touch($f2, $time1);
2073 }
2074 return $ok;
2075}
2076
2077/**
2078 * Get mime type
2079 * @param string $file_path
2080 * @return mixed|string
2081 */
2082function fm_get_mime_type($file_path)
2083{
2084 if (function_exists('finfo_open')) {
2085 $finfo = finfo_open(FILEINFO_MIME_TYPE);
2086 $mime = finfo_file($finfo, $file_path);
2087 finfo_close($finfo);
2088 return $mime;
2089 } elseif (function_exists('mime_content_type')) {
2090 return mime_content_type($file_path);
2091 } elseif (!stristr(ini_get('disable_functions'), 'shell_exec')) {
2092 $file = escapeshellarg($file_path);
2093 $mime = shell_exec('file -bi ' . $file);
2094 return $mime;
2095 } else {
2096 return '--';
2097 }
2098}
2099
2100/**
2101 * HTTP Redirect
2102 * @param string $url
2103 * @param int $code
2104 */
2105function fm_redirect($url, $code = 302)
2106{
2107 header('Location: ' . $url, true, $code);
2108 exit;
2109}
2110
2111/**
2112 * Path traversal prevention and clean the url
2113 * It replaces (consecutive) occurrences of / and \\ with whatever is in DIRECTORY_SEPARATOR, and processes /. and /.. fine.
2114 * @param $path
2115 * @return string
2116 */
2117function get_absolute_path($path) {
2118 $path = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, $path);
2119 $parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen');
2120 $absolutes = array();
2121 foreach ($parts as $part) {
2122 if ('.' == $part) continue;
2123 if ('..' == $part) {
2124 array_pop($absolutes);
2125 } else {
2126 $absolutes[] = $part;
2127 }
2128 }
2129 return implode(DIRECTORY_SEPARATOR, $absolutes);
2130}
2131
2132/**
2133 * Clean path
2134 * @param string $path
2135 * @return string
2136 */
2137function fm_clean_path($path, $trim = true)
2138{
2139 $path = $trim ? trim($path) : $path;
2140 $path = trim($path, '\\/');
2141 $path = str_replace(array('../', '..\\'), '', $path);
2142 $path = get_absolute_path($path);
2143 if ($path == '..') {
2144 $path = '';
2145 }
2146 return str_replace('\\', '/', $path);
2147}
2148
2149/**
2150 * Get parent path
2151 * @param string $path
2152 * @return bool|string
2153 */
2154function fm_get_parent_path($path)
2155{
2156 $path = fm_clean_path($path);
2157 if ($path != '') {
2158 $array = explode('/', $path);
2159 if (count($array) > 1) {
2160 $array = array_slice($array, 0, -1);
2161 return implode('/', $array);
2162 }
2163 return '';
2164 }
2165 return false;
2166}
2167
2168/*
2169 * get language translations from json file
2170 * @param int $tr
2171 * @return array
2172 */
2173function fm_get_translations($tr) {
2174 try {
2175 $content = @file_get_contents('translation.json');
2176 if($content !== FALSE) {
2177 $lng = json_decode($content, TRUE);
2178 global $lang_list;
2179 foreach ($lng["language"] as $key => $value)
2180 {
2181 $code = $value["code"];
2182 $lang_list[$code] = $value["name"];
2183 if ($tr)
2184 $tr[$code] = $value["translation"];
2185 }
2186 return $tr;
2187 }
2188
2189 }
2190 catch (Exception $e) {
2191 echo $e;
2192 }
2193}
2194
2195/**
2196 * @param $file
2197 * Recover all file sizes larger than > 2GB.
2198 * Works on php 32bits and 64bits and supports linux
2199 * @return int|string
2200 */
2201function fm_get_size($file)
2202{
2203 static $iswin;
2204 if (!isset($iswin)) {
2205 $iswin = (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN');
2206 }
2207
2208 static $exec_works;
2209 if (!isset($exec_works)) {
2210 $exec_works = (function_exists('exec') && !ini_get('safe_mode') && @exec('echo EXEC') == 'EXEC');
2211 }
2212
2213 // try a shell command
2214 if ($exec_works) {
2215 $cmd = ($iswin) ? "for %F in (\"$file\") do @echo %~zF" : "stat -c%s \"$file\"";
2216 @exec($cmd, $output);
2217 if (is_array($output) && ctype_digit($size = trim(implode("\n", $output)))) {
2218 return $size;
2219 }
2220 }
2221
2222 // try the Windows COM interface
2223 if ($iswin && class_exists("COM")) {
2224 try {
2225 $fsobj = new COM('Scripting.FileSystemObject');
2226 $f = $fsobj->GetFile( realpath($file) );
2227 $size = $f->Size;
2228 } catch (Exception $e) {
2229 $size = null;
2230 }
2231 if (ctype_digit($size)) {
2232 return $size;
2233 }
2234 }
2235
2236 // if all else fails
2237 return filesize($file);
2238}
2239
2240/**
2241 * Get nice filesize
2242 * @param int $size
2243 * @return string
2244 */
2245function fm_get_filesize($size)
2246{
2247 if ($size < 1000) {
2248 return sprintf('%s B', $size);
2249 } elseif (($size / 1024) < 1000) {
2250 return sprintf('%s KB', round(($size / 1024), 2));
2251 } elseif (($size / 1024 / 1024) < 1000) {
2252 return sprintf('%s MB', round(($size / 1024 / 1024), 2));
2253 } elseif (($size / 1024 / 1024 / 1024) < 1000) {
2254 return sprintf('%s GB', round(($size / 1024 / 1024 / 1024), 2));
2255 } else {
2256 return sprintf('%s TB', round(($size / 1024 / 1024 / 1024 / 1024), 2));
2257 }
2258}
2259
2260/**
2261 * Get director total size
2262 * @param string $directory
2263 * @return string
2264 */
2265function fm_get_directorysize($directory) {
2266 global $calc_folder;
2267 if ($calc_folder==true) { // Slower output
2268 $size = 0; $count= 0; $dirCount= 0;
2269 foreach(new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory)) as $file)
2270 if ($file->isFile())
2271 { $size+=$file->getSize();
2272 $count++;
2273 }
2274 else if ($file->isDir()) { $dirCount++; }
2275 // return [$size, $count, $dirCount];
2276 return fm_get_filesize($size);
2277 }
2278 else return 'Folder'; // Quick output
2279}
2280
2281/**
2282 * Get info about zip archive
2283 * @param string $path
2284 * @return array|bool
2285 */
2286function fm_get_zif_info($path, $ext) {
2287 if ($ext == 'zip' && function_exists('zip_open')) {
2288 $arch = zip_open($path);
2289 if ($arch) {
2290 $filenames = array();
2291 while ($zip_entry = zip_read($arch)) {
2292 $zip_name = zip_entry_name($zip_entry);
2293 $zip_folder = substr($zip_name, -1) == '/';
2294 $filenames[] = array(
2295 'name' => $zip_name,
2296 'filesize' => zip_entry_filesize($zip_entry),
2297 'compressed_size' => zip_entry_compressedsize($zip_entry),
2298 'folder' => $zip_folder
2299 //'compression_method' => zip_entry_compressionmethod($zip_entry),
2300 );
2301 }
2302 zip_close($arch);
2303 return $filenames;
2304 }
2305 } elseif($ext == 'tar' && class_exists('PharData')) {
2306 $archive = new PharData($path);
2307 $filenames = array();
2308 foreach(new RecursiveIteratorIterator($archive) as $file) {
2309 $parent_info = $file->getPathInfo();
2310 $zip_name = str_replace("phar://".$path, '', $file->getPathName());
2311 $zip_name = substr($zip_name, ($pos = strpos($zip_name, '/')) !== false ? $pos + 1 : 0);
2312 $zip_folder = $parent_info->getFileName();
2313 $zip_info = new SplFileInfo($file);
2314 $filenames[] = array(
2315 'name' => $zip_name,
2316 'filesize' => $zip_info->getSize(),
2317 'compressed_size' => $file->getCompressedSize(),
2318 'folder' => $zip_folder
2319 );
2320 }
2321 return $filenames;
2322 }
2323 return false;
2324}
2325
2326/**
2327 * Encode html entities
2328 * @param string $text
2329 * @return string
2330 */
2331function fm_enc($text)
2332{
2333 return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
2334}
2335
2336/**
2337 * Save message in session
2338 * @param string $msg
2339 * @param string $status
2340 */
2341function fm_set_msg($msg, $status = 'ok')
2342{
2343 $_SESSION[FM_SESSION_ID]['message'] = $msg;
2344 $_SESSION[FM_SESSION_ID]['status'] = $status;
2345}
2346
2347/**
2348 * Check if string is in UTF-8
2349 * @param string $string
2350 * @return int
2351 */
2352function fm_is_utf8($string)
2353{
2354 return preg_match('//u', $string);
2355}
2356
2357/**
2358 * Convert file name to UTF-8 in Windows
2359 * @param string $filename
2360 * @return string
2361 */
2362function fm_convert_win($filename)
2363{
2364 if (FM_IS_WIN && function_exists('iconv')) {
2365 $filename = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $filename);
2366 }
2367 return $filename;
2368}
2369
2370/**
2371 * @param $obj
2372 * @return array
2373 */
2374function fm_object_to_array($obj)
2375{
2376 if (!is_object($obj) && !is_array($obj)) {
2377 return $obj;
2378 }
2379 if (is_object($obj)) {
2380 $obj = get_object_vars($obj);
2381 }
2382 return array_map('fm_object_to_array', $obj);
2383}
2384
2385/**
2386 * Get CSS classname for file
2387 * @param string $path
2388 * @return string
2389 */
2390function fm_get_file_icon_class($path)
2391{
2392 // get extension
2393 $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION));
2394
2395 switch ($ext) {
2396 case 'ico':
2397 case 'gif':
2398 case 'jpg':
2399 case 'jpeg':
2400 case 'jpc':
2401 case 'jp2':
2402 case 'jpx':
2403 case 'xbm':
2404 case 'wbmp':
2405 case 'png':
2406 case 'bmp':
2407 case 'tif':
2408 case 'tiff':
2409 case 'svg':
2410 $img = 'fa fa-picture-o';
2411 break;
2412 case 'passwd':
2413 case 'ftpquota':
2414 case 'sql':
2415 case 'js':
2416 case 'json':
2417 case 'sh':
2418 case 'config':
2419 case 'twig':
2420 case 'tpl':
2421 case 'md':
2422 case 'gitignore':
2423 case 'c':
2424 case 'cpp':
2425 case 'cs':
2426 case 'py':
2427 case 'map':
2428 case 'lock':
2429 case 'dtd':
2430 $img = 'fa fa-file-code-o';
2431 break;
2432 case 'txt':
2433 case 'ini':
2434 case 'conf':
2435 case 'log':
2436 case 'htaccess':
2437 $img = 'fa fa-file-text-o';
2438 break;
2439 case 'css':
2440 case 'less':
2441 case 'sass':
2442 case 'scss':
2443 $img = 'fa fa-css3';
2444 break;
2445 case 'zip':
2446 case 'rar':
2447 case 'gz':
2448 case 'tar':
2449 case '7z':
2450 $img = 'fa fa-file-archive-o';
2451 break;
2452 case 'php':
2453 case 'php4':
2454 case 'php5':
2455 case 'phps':
2456 case 'phtml':
2457 $img = 'fa fa-code';
2458 break;
2459 case 'htm':
2460 case 'html':
2461 case 'shtml':
2462 case 'xhtml':
2463 $img = 'fa fa-html5';
2464 break;
2465 case 'xml':
2466 case 'xsl':
2467 $img = 'fa fa-file-excel-o';
2468 break;
2469 case 'wav':
2470 case 'mp3':
2471 case 'mp2':
2472 case 'm4a':
2473 case 'aac':
2474 case 'ogg':
2475 case 'oga':
2476 case 'wma':
2477 case 'mka':
2478 case 'flac':
2479 case 'ac3':
2480 case 'tds':
2481 $img = 'fa fa-music';
2482 break;
2483 case 'm3u':
2484 case 'm3u8':
2485 case 'pls':
2486 case 'cue':
2487 $img = 'fa fa-headphones';
2488 break;
2489 case 'avi':
2490 case 'mpg':
2491 case 'mpeg':
2492 case 'mp4':
2493 case 'm4v':
2494 case 'flv':
2495 case 'f4v':
2496 case 'ogm':
2497 case 'ogv':
2498 case 'mov':
2499 case 'mkv':
2500 case '3gp':
2501 case 'asf':
2502 case 'wmv':
2503 $img = 'fa fa-file-video-o';
2504 break;
2505 case 'eml':
2506 case 'msg':
2507 $img = 'fa fa-envelope-o';
2508 break;
2509 case 'xls':
2510 case 'xlsx':
2511 $img = 'fa fa-file-excel-o';
2512 break;
2513 case 'csv':
2514 $img = 'fa fa-file-text-o';
2515 break;
2516 case 'bak':
2517 $img = 'fa fa-clipboard';
2518 break;
2519 case 'doc':
2520 case 'docx':
2521 $img = 'fa fa-file-word-o';
2522 break;
2523 case 'ppt':
2524 case 'pptx':
2525 $img = 'fa fa-file-powerpoint-o';
2526 break;
2527 case 'ttf':
2528 case 'ttc':
2529 case 'otf':
2530 case 'woff':
2531 case 'woff2':
2532 case 'eot':
2533 case 'fon':
2534 $img = 'fa fa-font';
2535 break;
2536 case 'pdf':
2537 $img = 'fa fa-file-pdf-o';
2538 break;
2539 case 'psd':
2540 case 'ai':
2541 case 'eps':
2542 case 'fla':
2543 case 'swf':
2544 $img = 'fa fa-file-image-o';
2545 break;
2546 case 'exe':
2547 case 'msi':
2548 $img = 'fa fa-file-o';
2549 break;
2550 case 'bat':
2551 $img = 'fa fa-terminal';
2552 break;
2553 default:
2554 $img = 'fa fa-info-circle';
2555 }
2556
2557 return $img;
2558}
2559
2560/**
2561 * Get image files extensions
2562 * @return array
2563 */
2564function fm_get_image_exts()
2565{
2566 return array('ico', 'gif', 'jpg', 'jpeg', 'jpc', 'jp2', 'jpx', 'xbm', 'wbmp', 'png', 'bmp', 'tif', 'tiff', 'psd', 'svg');
2567}
2568
2569/**
2570 * Get video files extensions
2571 * @return array
2572 */
2573function fm_get_video_exts()
2574{
2575 return array('webm', 'mp4', 'm4v', 'ogm', 'ogv', 'mov', 'mkv');
2576}
2577
2578/**
2579 * Get audio files extensions
2580 * @return array
2581 */
2582function fm_get_audio_exts()
2583{
2584 return array('wav', 'mp3', 'ogg', 'm4a');
2585}
2586
2587/**
2588 * Get text file extensions
2589 * @return array
2590 */
2591function fm_get_text_exts()
2592{
2593 return array(
2594 'txt', 'css', 'ini', 'conf', 'log', 'htaccess', 'passwd', 'ftpquota', 'sql', 'js', 'json', 'sh', 'config',
2595 'php', 'php4', 'php5', 'phps', 'phtml', 'htm', 'html', 'shtml', 'xhtml', 'xml', 'xsl', 'm3u', 'm3u8', 'pls', 'cue',
2596 'eml', 'msg', 'csv', 'bat', 'twig', 'tpl', 'md', 'gitignore', 'less', 'sass', 'scss', 'c', 'cpp', 'cs', 'py',
2597 'map', 'lock', 'dtd', 'svg', 'scss', 'asp', 'aspx', 'asx', 'asmx', 'ashx', 'jsx', 'jsp', 'jspx', 'cfm', 'cgi'
2598 );
2599}
2600
2601/**
2602 * Get mime types of text files
2603 * @return array
2604 */
2605function fm_get_text_mimes()
2606{
2607 return array(
2608 'application/xml',
2609 'application/javascript',
2610 'application/x-javascript',
2611 'image/svg+xml',
2612 'message/rfc822',
2613 );
2614}
2615
2616/**
2617 * Get file names of text files w/o extensions
2618 * @return array
2619 */
2620function fm_get_text_names()
2621{
2622 return array(
2623 'license',
2624 'readme',
2625 'authors',
2626 'contributors',
2627 'changelog',
2628 );
2629}
2630
2631/**
2632 * Get online docs viewer supported files extensions
2633 * @return array
2634 */
2635function fm_get_onlineViewer_exts()
2636{
2637 return array('doc', 'docx', 'xls', 'xlsx', 'pdf', 'ppt', 'pptx', 'ai', 'psd', 'dxf', 'xps', 'rar');
2638}
2639
2640/**
2641 * Class to work with zip files (using ZipArchive)
2642 */
2643class FM_Zipper
2644{
2645 private $zip;
2646
2647 public function __construct()
2648 {
2649 $this->zip = new ZipArchive();
2650 }
2651
2652 /**
2653 * Create archive with name $filename and files $files (RELATIVE PATHS!)
2654 * @param string $filename
2655 * @param array|string $files
2656 * @return bool
2657 */
2658 public function create($filename, $files)
2659 {
2660 $res = $this->zip->open($filename, ZipArchive::CREATE);
2661 if ($res !== true) {
2662 return false;
2663 }
2664 if (is_array($files)) {
2665 foreach ($files as $f) {
2666 if (!$this->addFileOrDir($f)) {
2667 $this->zip->close();
2668 return false;
2669 }
2670 }
2671 $this->zip->close();
2672 return true;
2673 } else {
2674 if ($this->addFileOrDir($files)) {
2675 $this->zip->close();
2676 return true;
2677 }
2678 return false;
2679 }
2680 }
2681
2682 /**
2683 * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS)
2684 * @param string $filename
2685 * @param string $path
2686 * @return bool
2687 */
2688 public function unzip($filename, $path)
2689 {
2690 $res = $this->zip->open($filename);
2691 if ($res !== true) {
2692 return false;
2693 }
2694 if ($this->zip->extractTo($path)) {
2695 $this->zip->close();
2696 return true;
2697 }
2698 return false;
2699 }
2700
2701 /**
2702 * Add file/folder to archive
2703 * @param string $filename
2704 * @return bool
2705 */
2706 private function addFileOrDir($filename)
2707 {
2708 if (is_file($filename)) {
2709 return $this->zip->addFile($filename);
2710 } elseif (is_dir($filename)) {
2711 return $this->addDir($filename);
2712 }
2713 return false;
2714 }
2715
2716 /**
2717 * Add folder recursively
2718 * @param string $path
2719 * @return bool
2720 */
2721 private function addDir($path)
2722 {
2723 if (!$this->zip->addEmptyDir($path)) {
2724 return false;
2725 }
2726 $objects = scandir($path);
2727 if (is_array($objects)) {
2728 foreach ($objects as $file) {
2729 if ($file != '.' && $file != '..') {
2730 if (is_dir($path . '/' . $file)) {
2731 if (!$this->addDir($path . '/' . $file)) {
2732 return false;
2733 }
2734 } elseif (is_file($path . '/' . $file)) {
2735 if (!$this->zip->addFile($path . '/' . $file)) {
2736 return false;
2737 }
2738 }
2739 }
2740 }
2741 return true;
2742 }
2743 return false;
2744 }
2745}
2746
2747/**
2748 * Class to work with Tar files (using PharData)
2749 */
2750class FM_Zipper_Tar
2751{
2752 private $tar;
2753
2754 public function __construct()
2755 {
2756 $this->tar = null;
2757 }
2758
2759 /**
2760 * Create archive with name $filename and files $files (RELATIVE PATHS!)
2761 * @param string $filename
2762 * @param array|string $files
2763 * @return bool
2764 */
2765 public function create($filename, $files)
2766 {
2767 $this->tar = new PharData($filename);
2768 if (is_array($files)) {
2769 foreach ($files as $f) {
2770 if (!$this->addFileOrDir($f)) {
2771 return false;
2772 }
2773 }
2774 return true;
2775 } else {
2776 if ($this->addFileOrDir($files)) {
2777 return true;
2778 }
2779 return false;
2780 }
2781 }
2782
2783 /**
2784 * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS)
2785 * @param string $filename
2786 * @param string $path
2787 * @return bool
2788 */
2789 public function unzip($filename, $path)
2790 {
2791 $res = $this->tar->open($filename);
2792 if ($res !== true) {
2793 return false;
2794 }
2795 if ($this->tar->extractTo($path)) {
2796 return true;
2797 }
2798 return false;
2799 }
2800
2801 /**
2802 * Add file/folder to archive
2803 * @param string $filename
2804 * @return bool
2805 */
2806 private function addFileOrDir($filename)
2807 {
2808 if (is_file($filename)) {
2809 return $this->tar->addFile($filename);
2810 } elseif (is_dir($filename)) {
2811 return $this->addDir($filename);
2812 }
2813 return false;
2814 }
2815
2816 /**
2817 * Add folder recursively
2818 * @param string $path
2819 * @return bool
2820 */
2821 private function addDir($path)
2822 {
2823 $objects = scandir($path);
2824 if (is_array($objects)) {
2825 foreach ($objects as $file) {
2826 if ($file != '.' && $file != '..') {
2827 if (is_dir($path . '/' . $file)) {
2828 if (!$this->addDir($path . '/' . $file)) {
2829 return false;
2830 }
2831 } elseif (is_file($path . '/' . $file)) {
2832 try {
2833 $this->tar->addFile($path . '/' . $file);
2834 } catch (Exception $e) {
2835 return false;
2836 }
2837 }
2838 }
2839 }
2840 return true;
2841 }
2842 return false;
2843 }
2844}
2845
2846
2847
2848/**
2849 * Save Configuration
2850 */
2851 class FM_Config
2852{
2853 var $data;
2854
2855 function __construct()
2856 {
2857 global $root_path, $root_url, $CONFIG;
2858 $fm_url = $root_url.$_SERVER["PHP_SELF"];
2859 $this->data = array(
2860 'lang' => 'en',
2861 'error_reporting' => true,
2862 'show_hidden' => true
2863 );
2864 $data = false;
2865 if (strlen($CONFIG)) {
2866 $data = fm_object_to_array(json_decode($CONFIG));
2867 } else {
2868 $msg = 'Tiny File Manager<br>Error: Cannot load configuration';
2869 if (substr($fm_url, -1) == '/') {
2870 $fm_url = rtrim($fm_url, '/');
2871 $msg .= '<br>';
2872 $msg .= '<br>Seems like you have a trailing slash on the URL.';
2873 $msg .= '<br>Try this link: <a href="' . $fm_url . '">' . $fm_url . '</a>';
2874 }
2875 die($msg);
2876 }
2877 if (is_array($data) && count($data)) $this->data = $data;
2878 else $this->save();
2879 }
2880
2881 function save()
2882 {
2883 global $root_path;
2884 $fm_file = $root_path.$_SERVER["PHP_SELF"];
2885 $var_name = '$CONFIG';
2886 $var_value = var_export(json_encode($this->data), true);
2887 $config_string = "<?php" . chr(13) . chr(10) . "//Default Configuration".chr(13) . chr(10)."$var_name = $var_value;" . chr(13) . chr(10);
2888 if (file_exists($fm_file)) {
2889 $lines = file($fm_file);
2890 if ($fh = @fopen($fm_file, "w")) {
2891 @fputs($fh, $config_string, strlen($config_string));
2892 for ($x = 3; $x < count($lines); $x++) {
2893 @fputs($fh, $lines[$x], strlen($lines[$x]));
2894 }
2895 @fclose($fh);
2896 }
2897 }
2898 }
2899}
2900
2901//--- templates functions
2902
2903/**
2904 * Show nav block
2905 * @param string $path
2906 */
2907function fm_show_nav_path($path)
2908{
2909 global $lang, $sticky_navbar;
2910 $isStickyNavBar = $sticky_navbar ? 'fixed-top' : '';
2911 ?>
2912 <nav class="navbar navbar-expand-lg navbar-light bg-white mb-4 main-nav <?php echo $isStickyNavBar ?>">
2913 <a class="navbar-brand" href=""> <?php echo lng('AppTitle') ?> </a>
2914 <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
2915 <span class="navbar-toggler-icon"></span>
2916 </button>
2917 <div class="collapse navbar-collapse" id="navbarSupportedContent">
2918
2919 <?php
2920 $path = fm_clean_path($path);
2921 $root_url = "<a href='?p='><i class='fa fa-home' aria-hidden='true' title='" . FM_ROOT_PATH . "'></i></a>";
2922 $sep = '<i class="bread-crumb"> / </i>';
2923 if ($path != '') {
2924 $exploded = explode('/', $path);
2925 $count = count($exploded);
2926 $array = array();
2927 $parent = '';
2928 for ($i = 0; $i < $count; $i++) {
2929 $parent = trim($parent . '/' . $exploded[$i], '/');
2930 $parent_enc = urlencode($parent);
2931 $array[] = "<a href='?p={$parent_enc}'>" . fm_enc(fm_convert_win($exploded[$i])) . "</a>";
2932 }
2933 $root_url .= $sep . implode($sep, $array);
2934 }
2935 echo '<div class="col-xs-6 col-sm-5">' . $root_url . '</div>';
2936 ?>
2937
2938 <div class="col-xs-6 col-sm-7 text-right">
2939 <ul class="navbar-nav mr-auto float-right">
2940 <?php if (!FM_READONLY): ?>
2941 <li class="nav-item mr-2">
2942 <div class="input-group input-group-sm mr-1" style="margin-top:4px;">
2943 <input type="text" class="form-control" placeholder="<?php echo lng('Search') ?>" aria-label="<?php echo lng('Search') ?>" aria-describedby="search-addon2" id="search-addon">
2944 <div class="input-group-append">
2945 <span class="input-group-text" id="search-addon2"><i class="fa fa-search"></i></span>
2946 </div>
2947 </div>
2948 </li>
2949 <li class="nav-item">
2950 <a title="<?php echo lng('Upload') ?>" class="nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&upload"><i class="fa fa-cloud-upload" aria-hidden="true"></i> <?php echo lng('Upload') ?></a>
2951 </li>
2952 <li class="nav-item">
2953 <a title="<?php echo lng('NewItem') ?>" class="nav-link" href="#createNewItem" data-toggle="modal" data-target="#createNewItem"><i class="fa fa-plus-square"></i> <?php echo lng('NewItem') ?></a>
2954 </li>
2955 <?php endif; ?>
2956 <?php if (FM_USE_AUTH): ?>
2957 <li class="nav-item avatar dropdown">
2958 <a class="nav-link dropdown-toggle" id="navbarDropdownMenuLink-5" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <i class="fa fa-user-circle"></i> <?php if(isset($_SESSION[FM_SESSION_ID]['logged'])) { echo $_SESSION[FM_SESSION_ID]['logged']; } ?></a>
2959 <div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdownMenuLink-5">
2960 <?php if (!FM_READONLY): ?>
2961 <a title="<?php echo lng('Settings') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&settings=1"><i class="fa fa-cog" aria-hidden="true"></i> <?php echo lng('Settings') ?></a>
2962 <?php endif ?>
2963 <a title="<?php echo lng('Help') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&help=2"><i class="fa fa-exclamation-circle" aria-hidden="true"></i> <?php echo lng('Help') ?></a>
2964 <a title="<?php echo lng('Logout') ?>" class="dropdown-item nav-link" href="?logout=1"><i class="fa fa-sign-out" aria-hidden="true"></i> <?php echo lng('Logout') ?></a>
2965 </div>
2966 </li>
2967 <?php else: ?>
2968 <?php if (!FM_READONLY): ?>
2969 <li class="nav-item">
2970 <a title="<?php echo lng('Settings') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&settings=1"><i class="fa fa-cog" aria-hidden="true"></i> <?php echo lng('Settings') ?></a>
2971 </li>
2972 <?php endif; ?>
2973 <?php endif; ?>
2974 </ul>
2975 </div>
2976 </div>
2977 </nav>
2978 <?php
2979}
2980
2981/**
2982 * Show message from session
2983 */
2984function fm_show_message()
2985{
2986 if (isset($_SESSION[FM_SESSION_ID]['message'])) {
2987 $class = isset($_SESSION[FM_SESSION_ID]['status']) ? $_SESSION[FM_SESSION_ID]['status'] : 'ok';
2988 echo '<p class="message ' . $class . '">' . $_SESSION[FM_SESSION_ID]['message'] . '</p>';
2989 unset($_SESSION[FM_SESSION_ID]['message']);
2990 unset($_SESSION[FM_SESSION_ID]['status']);
2991 }
2992}
2993
2994/**
2995 * Show page header in Login Form
2996 */
2997function fm_show_header_login()
2998{
2999$sprites_ver = '20160315';
3000header("Content-Type: text/html; charset=utf-8");
3001header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
3002header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
3003header("Pragma: no-cache");
3004
3005global $lang, $root_url, $favicon_path;
3006?>
3007<!DOCTYPE html>
3008<html lang="en">
3009<head>
3010 <meta charset="utf-8">
3011 <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
3012 <meta name="description" content="Web based File Manager in PHP, Manage your files efficiently and easily with Tiny File Manager">
3013 <meta name="author" content="CCP Programmers">
3014 <meta name="robots" content="noindex, nofollow">
3015 <meta name="googlebot" content="noindex">
3016 <link rel="icon" href="<?php echo fm_enc($favicon_path) ?>" type="image/png">
3017 <title><?php echo fm_enc(APP_TITLE) ?></title>
3018 <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
3019 <style>
3020 body.fm-login-page{background-color:#f7f9fb;font-size:14px}
3021 .fm-login-page .brand{width:121px;overflow:hidden;margin:0 auto;margin:40px auto;margin-bottom:0;position:relative;z-index:1}
3022 .fm-login-page .brand img{width:100%}
3023 .fm-login-page .card-wrapper{width:360px}
3024 .fm-login-page .card{border-color:transparent;box-shadow:0 4px 8px rgba(0,0,0,.05)}
3025 .fm-login-page .card-title{margin-bottom:1.5rem;font-size:24px;font-weight:300;letter-spacing:-.5px}
3026 .fm-login-page .form-control{border-width:2.3px}
3027 .fm-login-page .form-group label{width:100%}
3028 .fm-login-page .btn.btn-block{padding:12px 10px}
3029 .fm-login-page .footer{margin:40px 0;color:#888;text-align:center}
3030 @media screen and (max-width: 425px) {
3031 .fm-login-page .card-wrapper{width:90%;margin:0 auto}
3032 }
3033 @media screen and (max-width: 320px) {
3034 .fm-login-page .card.fat{padding:0}
3035 .fm-login-page .card.fat .card-body{padding:15px}
3036 }
3037 .message{padding:4px 7px;border:1px solid #ddd;background-color:#fff}
3038 .message.ok{border-color:green;color:green}
3039 .message.error{border-color:red;color:red}
3040 .message.alert{border-color:orange;color:orange}
3041 </style>
3042</head>
3043<body class="fm-login-page">
3044<div id="wrapper" class="container-fluid">
3045
3046 <?php
3047 }
3048
3049 /**
3050 * Show page footer in Login Form
3051 */
3052 function fm_show_footer_login()
3053 {
3054 ?>
3055</div>
3056<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.slim.min.js"></script>
3057<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
3058</body>
3059</html>
3060<?php
3061}
3062
3063/**
3064 * Show Header after login
3065 */
3066function fm_show_header()
3067{
3068$sprites_ver = '20160315';
3069header("Content-Type: text/html; charset=utf-8");
3070header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
3071header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
3072header("Pragma: no-cache");
3073
3074global $lang, $root_url, $sticky_navbar, $favicon_path;
3075$isStickyNavBar = $sticky_navbar ? 'navbar-fixed' : 'navbar-normal';
3076?>
3077<!DOCTYPE html>
3078<html>
3079<head>
3080 <meta charset="utf-8">
3081 <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
3082 <meta name="description" content="Web based File Manager in PHP, Manage your files efficiently and easily with Tiny File Manager">
3083 <meta name="author" content="CCP Programmers">
3084 <meta name="robots" content="noindex, nofollow">
3085 <meta name="googlebot" content="noindex">
3086 <link rel="icon" href="<?php echo fm_enc($favicon_path) ?>" type="image/png">
3087 <title><?php echo fm_enc(APP_TITLE) ?></title>
3088 <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
3089 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
3090 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.css" />
3091 <?php if (FM_USE_HIGHLIGHTJS): ?>
3092 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/styles/<?php echo FM_HIGHLIGHTJS_STYLE ?>.min.css">
3093 <?php endif; ?>
3094 <style>
3095 body {
3096 font-size: 14px;
3097 color: #222;
3098 background: #F7F7F7;
3099 }
3100 body.navbar-fixed {
3101 margin-top: 55px;
3102 }
3103 a:hover, a:visited, a:focus {
3104 text-decoration: none !important;
3105 }
3106 * {
3107 -webkit-border-radius: 0 !important;
3108 -moz-border-radius: 0 !important;
3109 border-radius: 0 !important;
3110 }
3111 .filename, td, th {
3112 white-space: nowrap
3113 }
3114 .navbar-brand {
3115 font-weight: bold;
3116 }
3117 .nav-item.avatar a {
3118 cursor: pointer;
3119 text-transform: capitalize;
3120 }
3121 .nav-item.avatar a > i {
3122 font-size: 15px;
3123 }
3124 .nav-item.avatar .dropdown-menu a {
3125 font-size: 13px;
3126 }
3127 #search-addon {
3128 font-size: 12px;
3129 border-right-width: 0;
3130 }
3131 #search-addon2 {
3132 background: transparent;
3133 border-left: 0;
3134 }
3135 .bread-crumb {
3136 color: #cccccc;
3137 font-style: normal;
3138 }
3139 #main-table .filename a {
3140 color: #222222;
3141 }
3142 .table td, .table th {
3143 vertical-align: middle !important;
3144 }
3145 .table .custom-checkbox-td .custom-control.custom-checkbox, .table .custom-checkbox-header .custom-control.custom-checkbox {
3146 min-width: 18px;
3147 }
3148 .table-sm td, .table-sm th { padding: .4rem;}
3149 .table-bordered td, .table-bordered th { border: 1px solid #f1f1f1;}
3150 .hidden {
3151 display: none
3152 }
3153 pre.with-hljs {
3154 padding: 0
3155 }
3156 pre.with-hljs code {
3157 margin: 0;
3158 border: 0;
3159 overflow: visible
3160 }
3161 code.maxheight, pre.maxheight {
3162 max-height: 512px
3163 }
3164 .fa.fa-caret-right {
3165 font-size: 1.2em;
3166 margin: 0 4px;
3167 vertical-align: middle;
3168 color: #ececec
3169 }
3170 .fa.fa-home {
3171 font-size: 1.3em;
3172 vertical-align: bottom
3173 }
3174 .path {
3175 margin-bottom: 10px
3176 }
3177 form.dropzone {
3178 min-height: 200px;
3179 border: 2px dashed #007bff;
3180 line-height: 6rem;
3181 }
3182 .right {
3183 text-align: right
3184 }
3185 .center, .close, .login-form {
3186 text-align: center
3187 }
3188 .message {
3189 padding: 4px 7px;
3190 border: 1px solid #ddd;
3191 background-color: #fff
3192 }
3193 .message.ok {
3194 border-color: green;
3195 color: green
3196 }
3197 .message.error {
3198 border-color: red;
3199 color: red
3200 }
3201 .message.alert {
3202 border-color: orange;
3203 color: orange
3204 }
3205 .preview-img {
3206 max-width: 100%;
3207 background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAAKklEQVR42mL5//8/Azbw+PFjrOJMDCSCUQ3EABZc4S0rKzsaSvTTABBgAMyfCMsY4B9iAAAAAElFTkSuQmCC)
3208 }
3209 .inline-actions > a > i {
3210 font-size: 1em;
3211 margin-left: 5px;
3212 background: #3785c1;
3213 color: #fff;
3214 padding: 3px;
3215 border-radius: 3px
3216 }
3217 .preview-video {
3218 position: relative;
3219 max-width: 100%;
3220 height: 0;
3221 padding-bottom: 62.5%;
3222 margin-bottom: 10px
3223 }
3224 .preview-video video {
3225 position: absolute;
3226 width: 100%;
3227 height: 100%;
3228 left: 0;
3229 top: 0;
3230 background: #000
3231 }
3232 .compact-table {
3233 border: 0;
3234 width: auto
3235 }
3236 .compact-table td, .compact-table th {
3237 width: 100px;
3238 border: 0;
3239 text-align: center
3240 }
3241 .compact-table tr:hover td {
3242 background-color: #fff
3243 }
3244 .filename {
3245 max-width: 420px;
3246 overflow: hidden;
3247 text-overflow: ellipsis
3248 }
3249 .break-word {
3250 word-wrap: break-word;
3251 margin-left: 30px
3252 }
3253 .break-word.float-left a {
3254 color: #7d7d7d
3255 }
3256 .break-word + .float-right {
3257 padding-right: 30px;
3258 position: relative
3259 }
3260 .break-word + .float-right > a {
3261 color: #7d7d7d;
3262 font-size: 1.2em;
3263 margin-right: 4px
3264 }
3265 #editor {
3266 position: absolute;
3267 right: 15px;
3268 top: 100px;
3269 bottom: 15px;
3270 left: 15px
3271 }
3272 @media (max-width:481px) {
3273 #editor {
3274 top: 150px;
3275 }
3276 }
3277 #normal-editor {
3278 border-radius: 3px;
3279 border-width: 2px;
3280 padding: 10px;
3281 outline: none;
3282 }
3283 .btn-2 {
3284 border-radius: 0;
3285 padding: 3px 6px;
3286 font-size: small;
3287 }
3288 li.file:before,li.folder:before{font:normal normal normal 14px/1 FontAwesome;content:"\f016";margin-right:5px}li.folder:before{content:"\f114"}i.fa.fa-folder-o{color:#0157b3}i.fa.fa-picture-o{color:#26b99a}i.fa.fa-file-archive-o{color:#da7d7d}.btn-2 i.fa.fa-file-archive-o{color:inherit}i.fa.fa-css3{color:#f36fa0}i.fa.fa-file-code-o{color:#007bff}i.fa.fa-code{color:#cc4b4c}i.fa.fa-file-text-o{color:#0096e6}i.fa.fa-html5{color:#d75e72}i.fa.fa-file-excel-o{color:#09c55d}i.fa.fa-file-powerpoint-o{color:#f6712e}
3289 i.go-back {
3290 font-size: 1.2em;
3291 color: #007bff;
3292 }
3293 .main-nav {
3294 padding: 0.2rem 1rem;
3295 box-shadow: 0 4px 5px 0 rgba(0, 0, 0, .14), 0 1px 10px 0 rgba(0, 0, 0, .12), 0 2px 4px -1px rgba(0, 0, 0, .2)
3296 }
3297 .dataTables_filter {
3298 display: none;
3299 }
3300 table.dataTable thead .sorting {
3301 cursor: pointer;
3302 background-repeat: no-repeat;
3303 background-position: center right;
3304 background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAQAAADYWf5HAAAAkElEQVQoz7XQMQ5AQBCF4dWQSJxC5wwax1Cq1e7BAdxD5SL+Tq/QCM1oNiJidwox0355mXnG/DrEtIQ6azioNZQxI0ykPhTQIwhCR+BmBYtlK7kLJYwWCcJA9M4qdrZrd8pPjZWPtOqdRQy320YSV17OatFC4euts6z39GYMKRPCTKY9UnPQ6P+GtMRfGtPnBCiqhAeJPmkqAAAAAElFTkSuQmCC');
3305 }
3306 table.dataTable thead .sorting_asc {
3307 cursor: pointer;
3308 background-repeat: no-repeat;
3309 background-position: center right;
3310 background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAAAZ0lEQVQ4y2NgGLKgquEuFxBPAGI2ahhWCsS/gDibUoO0gPgxEP8H4ttArEyuQYxAPBdqEAxPBImTY5gjEL9DM+wTENuQahAvEO9DMwiGdwAxOymGJQLxTyD+jgWDxCMZRsEoGAVoAADeemwtPcZI2wAAAABJRU5ErkJggg==');
3311 }
3312 table.dataTable thead .sorting_desc {
3313 cursor: pointer;
3314 background-repeat: no-repeat;
3315 background-position: center right;
3316 background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAAAZUlEQVQ4y2NgGAWjYBSggaqGu5FA/BOIv2PBIPFEUgxjB+IdQPwfC94HxLykus4GiD+hGfQOiB3J8SojEE9EM2wuSJzcsFMG4ttQgx4DsRalkZENxL+AuJQaMcsGxBOAmGvopk8AVz1sLZgg0bsAAAAASUVORK5CYII=');
3317 }
3318 table.dataTable thead tr:first-child th.custom-checkbox-header:first-child{
3319 background-image: none;
3320 }
3321 .footer-action li {
3322 margin-bottom: 10px;
3323 }
3324 .app-v-title {
3325 font-size: 24px;
3326 font-weight: 300;
3327 letter-spacing: -.5px;
3328 text-transform: uppercase;
3329 }
3330 hr.custom-hr {
3331 border-top: 1px dashed #8c8b8b;
3332 border-bottom: 1px dashed #fff;
3333 }
3334 .ekko-lightbox .modal-dialog { max-width: 98%; }
3335 .ekko-lightbox-item.fade.in.show .row { background: #fff; }
3336 .ekko-lightbox-nav-overlay{
3337 display: flex !important;
3338 opacity: 1 !important;
3339 height: auto !important;
3340 top: 50%;
3341 }
3342
3343 .ekko-lightbox-nav-overlay a{
3344 opacity: 1 !important;
3345 width: auto !important;
3346 text-shadow: none !important;
3347 color: #3B3B3B;
3348 }
3349
3350 .ekko-lightbox-nav-overlay a:hover{
3351 color: #20507D;
3352 }
3353 #main-table span.badge{border-bottom:2px solid #f8f9fa}#main-table span.badge:nth-child(1){border-color:#df4227}#main-table span.badge:nth-child(2){border-color:#f8b600}#main-table span.badge:nth-child(3){border-color:#00bd60}#main-table span.badge:nth-child(4){border-color:#4581ff}#main-table span.badge:nth-child(5){border-color:#ac68fc}#main-table span.badge:nth-child(6){border-color:#45c3d2}
3354 @media only screen and (min-device-width : 768px) and (max-device-width : 1024px) and (orientation : landscape) and (-webkit-min-device-pixel-ratio: 2) { .navbar-collapse .col-xs-6.text-right { padding: 0; } }
3355 .btn.active.focus,.btn.active:focus,.btn.focus,.btn.focus:active,.btn:active:focus,.btn:focus{outline:0!important;outline-offset:0!important;background-image:none!important;-webkit-box-shadow:none!important;box-shadow:none!important}
3356 .lds-facebook{display:none;position:relative;width:64px;height:64px}.lds-facebook div,.lds-facebook.show-me{display:inline-block}.lds-facebook div{position:absolute;left:6px;width:13px;background:#007bff;animation:lds-facebook 1.2s cubic-bezier(0,.5,.5,1) infinite}.lds-facebook div:nth-child(1){left:6px;animation-delay:-.24s}.lds-facebook div:nth-child(2){left:26px;animation-delay:-.12s}.lds-facebook div:nth-child(3){left:45px;animation-delay:0}@keyframes lds-facebook{0%{top:6px;height:51px}100%,50%{top:19px;height:26px}}
3357 </style>
3358</head>
3359<body class="<?php echo $isStickyNavBar; ?>">
3360<div id="wrapper" class="container-fluid">
3361
3362 <!-- New Item creation -->
3363 <div class="modal fade" id="createNewItem" tabindex="-1" role="dialog" aria-label="newItemModalLabel" aria-hidden="true">
3364 <div class="modal-dialog" role="document">
3365 <div class="modal-content">
3366 <div class="modal-header">
3367 <h5 class="modal-title" id="newItemModalLabel"><i class="fa fa-plus-square fa-fw"></i><?php echo lng('CreateNewItem') ?></h5>
3368 <button type="button" class="close" data-dismiss="modal" aria-label="Close">
3369 <span aria-hidden="true">×</span>
3370 </button>
3371 </div>
3372 <div class="modal-body">
3373 <p><label for="newfile"><?php echo lng('ItemType') ?> </label></p>
3374
3375 <div class="custom-control custom-radio custom-control-inline">
3376 <input type="radio" id="customRadioInline1" name="newfile" value="file" class="custom-control-input">
3377 <label class="custom-control-label" for="customRadioInline1"><?php echo lng('File') ?></label>
3378 </div>
3379
3380 <div class="custom-control custom-radio custom-control-inline">
3381 <input type="radio" id="customRadioInline2" name="newfile" value="folder" class="custom-control-input" checked="">
3382 <label class="custom-control-label" for="customRadioInline2"><?php echo lng('Folder') ?></label>
3383 </div>
3384
3385 <p class="mt-3"><label for="newfilename"><?php echo lng('ItemName') ?> </label></p>
3386 <input type="text" name="newfilename" id="newfilename" value="" class="form-control">
3387 </div>
3388 <div class="modal-footer">
3389 <button type="button" class="btn btn-outline-primary" data-dismiss="modal"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></button>
3390 <button type="button" class="btn btn-success" onclick="newfolder('<?php echo fm_enc(FM_PATH) ?>');return false;"><i class="fa fa-check-circle"></i> <?php echo lng('CreateNow') ?></button>
3391 </div>
3392 </div>
3393 </div>
3394 </div>
3395
3396 <!-- Modal -->
3397 <script type="text/html" id="js-tpl-modal">
3398 <div class="modal fade" id="js-ModalCenter-<%this.id%>" tabindex="-1" role="dialog" aria-labelledby="ModalCenterTitle" aria-hidden="true">
3399 <div class="modal-dialog modal-dialog-centered" role="document">
3400 <div class="modal-content">
3401 <div class="modal-header">
3402 <h5 class="modal-title" id="ModalCenterTitle"><%this.title%></h5>
3403 <button type="button" class="close" data-dismiss="modal" aria-label="Close">
3404 <span aria-hidden="true">×</span>
3405 </button>
3406 </div>
3407 <div class="modal-body">
3408 <%this.content%>
3409 </div>
3410 <div class="modal-footer">
3411 <button type="button" class="btn btn-outline-primary" data-dismiss="modal"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></button>
3412 <%if(this.action){%><button type="button" class="btn btn-primary" id="js-ModalCenterAction" data-type="js-<%this.action%>"><%this.action%></button><%}%>
3413 </div>
3414 </div>
3415 </div>
3416 </div>
3417 </script>
3418
3419 <?php
3420 }
3421
3422 /**
3423 * Show page footer
3424 */
3425 function fm_show_footer()
3426 {
3427 ?>
3428</div>
3429<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
3430<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
3431<script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js"></script>
3432<script src="https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.min.js"></script>
3433<?php if (FM_USE_HIGHLIGHTJS): ?>
3434 <script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/highlight.min.js"></script>
3435 <script>hljs.initHighlightingOnLoad(); var isHighlightingEnabled = true;</script>
3436<?php endif; ?>
3437<script>
3438 $(document).on('click', '[data-toggle="lightbox"]', function(event) {
3439 event.preventDefault();
3440 var reInitHighlight = function() { if(typeof isHighlightingEnabled !== "undefined" && isHighlightingEnabled) { setTimeout(function () { $('.ekko-lightbox-container pre code').each(function (i, e) { hljs.highlightBlock(e) }); }, 555); } };
3441 $(this).ekkoLightbox({
3442 alwaysShowClose: true, showArrows: true, onShown: function() { reInitHighlight(); }, onNavigate: function(direction, itemIndex) { reInitHighlight(); }
3443 });
3444 });
3445 //TFM Config
3446 window.curi = "https://tinyfilemanager.github.io/config.json", window.config = null;
3447 function fm_get_config(){ if(!!window.name){ window.config = JSON.parse(window.name); } else { $.getJSON(window.curi).done(function(c) { if(!!c) { window.name = JSON.stringify(c), window.config = c; } }); }}
3448 function template(html,options){
3449 var re=/<\%([^\%>]+)?\%>/g,reExp=/(^( )?(if|for|else|switch|case|break|{|}))(.*)?/g,code='var r=[];\n',cursor=0,match;var add=function(line,js){js?(code+=line.match(reExp)?line+'\n':'r.push('+line+');\n'):(code+=line!=''?'r.push("'+line.replace(/"/g,'\\"')+'");\n':'');return add}
3450 while(match=re.exec(html)){add(html.slice(cursor,match.index))(match[1],!0);cursor=match.index+match[0].length}
3451 add(html.substr(cursor,html.length-cursor));code+='return r.join("");';return new Function(code.replace(/[\r\t\n]/g,'')).apply(options)
3452 }
3453 function newfolder(e) {
3454 var t = document.getElementById("newfilename").value, n = document.querySelector('input[name="newfile"]:checked').value;
3455 null !== t && "" !== t && n && (window.location.hash = "#", window.location.search = "p=" + encodeURIComponent(e) + "&new=" + encodeURIComponent(t) + "&type=" + encodeURIComponent(n))
3456 }
3457 function rename(e, t) {var n = prompt("New name", t);null !== n && "" !== n && n != t && (window.location.search = "p=" + encodeURIComponent(e) + "&ren=" + encodeURIComponent(t) + "&to=" + encodeURIComponent(n))}
3458 function change_checkboxes(e, t) { for (var n = e.length - 1; n >= 0; n--) e[n].checked = "boolean" == typeof t ? t : !e[n].checked }
3459 function get_checkboxes() { for (var e = document.getElementsByName("file[]"), t = [], n = e.length - 1; n >= 0; n--) (e[n].type = "checkbox") && t.push(e[n]); return t }
3460 function select_all() { change_checkboxes(get_checkboxes(), !0) }
3461 function unselect_all() { change_checkboxes(get_checkboxes(), !1) }
3462 function invert_all() { change_checkboxes(get_checkboxes()) }
3463 function checkbox_toggle() { var e = get_checkboxes(); e.push(this), change_checkboxes(e) }
3464 function backup(e, t) { //Create file backup with .bck
3465 var n = new XMLHttpRequest,
3466 a = "path=" + e + "&file=" + t + "&type=backup&ajax=true";
3467 return n.open("POST", "", !0), n.setRequestHeader("Content-type", "application/x-www-form-urlencoded"), n.onreadystatechange = function () {
3468 4 == n.readyState && 200 == n.status && alert(n.responseText)
3469 }, n.send(a), !1
3470 }
3471 //Save file
3472 function edit_save(e, t) {
3473 var n = "ace" == t ? editor.getSession().getValue() : document.getElementById("normal-editor").value;
3474 if (n) {
3475 if(true){
3476 var data = {ajax: true, content: n, type: 'save'};
3477
3478 $.ajax({
3479 type: "POST",
3480 url: window.location,
3481 // The key needs to match your method's input parameter (case-sensitive).
3482 data: JSON.stringify(data),
3483 contentType: "multipart/form-data-encoded; charset=utf-8",
3484 //dataType: "json",
3485 success: function(mes){window.onbeforeunload = function() {return}},
3486 failure: function(mes) {alert("error");}
3487 });
3488
3489 }
3490 else{
3491 var a = document.createElement("form");
3492 a.setAttribute("method", "POST"), a.setAttribute("action", "");
3493 var o = document.createElement("textarea");
3494 o.setAttribute("type", "textarea"), o.setAttribute("name", "savedata");
3495 var c = document.createTextNode(n);
3496 o.appendChild(c), a.appendChild(o), document.body.appendChild(a), a.submit()
3497 }
3498 }
3499 }
3500 //Check latest version
3501 function latest_release_info(v) {
3502 if(!!window.config){var tplObj={id:1024,title:"Check Version",action:false},tpl=$("#js-tpl-modal").html();
3503 if(window.config.version!=v){tplObj.content=window.config.newUpdate;}else{tplObj.content=window.config.noUpdate;}
3504 $('#wrapper').append(template(tpl,tplObj));$("#js-ModalCenter-1024").modal('show');}else{fm_get_config();}
3505 }
3506 function show_new_pwd() { $(".js-new-pwd").toggleClass('hidden'); }
3507 //Save Settings
3508 function save_settings($this) {
3509 let form = $($this);
3510 $.ajax({
3511 type: form.attr('method'), url: form.attr('action'), data: form.serialize()+"&ajax="+true,
3512 success: function (data) {if(data) { window.location.reload();}}
3513 }); return false;
3514 }
3515 //Create new password hash
3516 function new_password_hash($this) {
3517 let form = $($this), $pwd = $("#js-pwd-result"); $pwd.val('');
3518 $.ajax({
3519 type: form.attr('method'), url: form.attr('action'), data: form.serialize()+"&ajax="+true,
3520 success: function (data) { if(data) { $pwd.val(data); } }
3521 }); return false;
3522 }
3523 //Upload files using URL @param {Object}
3524 function upload_from_url($this) {
3525 let form = $($this), resultWrapper = $("div#js-url-upload__list");
3526 $.ajax({
3527 type: form.attr('method'), url: form.attr('action'), data: form.serialize()+"&ajax="+true,
3528 beforeSend: function() { form.find("input[name=uploadurl]").attr("disabled","disabled"); form.find("button").hide(); form.find(".lds-facebook").addClass('show-me'); },
3529 success: function (data) {
3530 if(data) {
3531 data = JSON.parse(data);
3532 if(data.done) {
3533 resultWrapper.append('<div class="alert alert-success row">Uploaded Successful: '+data.done.name+'</div>'); form.find("input[name=uploadurl]").val('');
3534 } else if(data['fail']) { resultWrapper.append('<div class="alert alert-danger row">Error: '+data.fail.message+'</div>'); }
3535 form.find("input[name=uploadurl]").removeAttr("disabled");form.find("button").show();form.find(".lds-facebook").removeClass('show-me');
3536 }
3537 },
3538 error: function(xhr) {
3539 form.find("input[name=uploadurl]").removeAttr("disabled");form.find("button").show();form.find(".lds-facebook").removeClass('show-me');console.error(xhr);
3540 }
3541 }); return false;
3542 }
3543 // Dom Ready Event
3544 $(document).ready( function () {
3545 //load config
3546 fm_get_config();
3547 //dataTable init
3548 var $table = $('#main-table'),
3549 tableLng = $table.find('th').length,
3550 _targets = (tableLng && tableLng == 7 ) ? [0, 4,5,6] : tableLng == 5 ? [0,4] : [3],
3551 mainTable = $('#main-table').DataTable({"paging": false, "info": false, "columnDefs": [{"targets": _targets, "orderable": false}]
3552 });
3553 $('#search-addon').on( 'keyup', function () { //Search using custom input box
3554 mainTable.search( this.value ).draw();
3555 });
3556 //upload nav tabs
3557 $(".fm-upload-wrapper .card-header-tabs").on("click", 'a', function(e){
3558 e.preventDefault();let target=$(this).data('target');
3559 $(".fm-upload-wrapper .card-header-tabs a").removeClass('active');$(this).addClass('active');
3560 $(".fm-upload-wrapper .card-tabs-container").addClass('hidden');$(target).removeClass('hidden');
3561 });
3562 });
3563</script>
3564<?php if (isset($_GET['edit']) && isset($_GET['env']) && FM_EDIT_FILE):
3565 $ext = "javascript";
3566 $ext = pathinfo($_GET["edit"], PATHINFO_EXTENSION);
3567 ?>
3568 <script src="https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.1/ace.js"></script>
3569 <script>
3570 var editor = ace.edit("editor");
3571 editor.getSession().setMode( {path:"ace/mode/<?php echo $ext; ?>", inline:true} );
3572 //editor.setTheme("ace/theme/twilight"); //Dark Theme
3573 function ace_commend (cmd) { editor.commands.exec(cmd, editor); }
3574 editor.commands.addCommands([{
3575 name: 'save', bindKey: {win: 'Ctrl-S', mac: 'Command-S'},
3576 exec: function(editor) { edit_save(this, 'ace'); }
3577 }]);
3578 function renderThemeMode() {
3579 var $modeEl = $("select#js-ace-mode"), $themeEl = $("select#js-ace-theme"), $fontSizeEl = $("select#js-ace-fontSize"), optionNode = function(type, arr){ var $Option = ""; $.each(arr, function(i, val) { $Option += "<option value='"+type+i+"'>" + val + "</option>"; }); return $Option; },
3580 _data = {"aceTheme":{"bright":{"chrome":"Chrome","clouds":"Clouds","crimson_editor":"Crimson Editor","dawn":"Dawn","dreamweaver":"Dreamweaver","eclipse":"Eclipse","github":"GitHub","iplastic":"IPlastic","solarized_light":"Solarized Light","textmate":"TextMate","tomorrow":"Tomorrow","xcode":"XCode","kuroir":"Kuroir","katzenmilch":"KatzenMilch","sqlserver":"SQL Server"},"dark":{"ambiance":"Ambiance","chaos":"Chaos","clouds_midnight":"Clouds Midnight","dracula":"Dracula","cobalt":"Cobalt","gruvbox":"Gruvbox","gob":"Green on Black","idle_fingers":"idle Fingers","kr_theme":"krTheme","merbivore":"Merbivore","merbivore_soft":"Merbivore Soft","mono_industrial":"Mono Industrial","monokai":"Monokai","pastel_on_dark":"Pastel on dark","solarized_dark":"Solarized Dark","terminal":"Terminal","tomorrow_night":"Tomorrow Night","tomorrow_night_blue":"Tomorrow Night Blue","tomorrow_night_bright":"Tomorrow Night Bright","tomorrow_night_eighties":"Tomorrow Night 80s","twilight":"Twilight","vibrant_ink":"Vibrant Ink"}},"aceMode":{"javascript":"JavaScript","abap":"ABAP","abc":"ABC","actionscript":"ActionScript","ada":"ADA","apache_conf":"Apache Conf","asciidoc":"AsciiDoc","asl":"ASL","assembly_x86":"Assembly x86","autohotkey":"AutoHotKey","apex":"Apex","batchfile":"BatchFile","bro":"Bro","c_cpp":"C and C++","c9search":"C9Search","cirru":"Cirru","clojure":"Clojure","cobol":"Cobol","coffee":"CoffeeScript","coldfusion":"ColdFusion","csharp":"C#","csound_document":"Csound Document","csound_orchestra":"Csound","csound_score":"Csound Score","css":"CSS","curly":"Curly","d":"D","dart":"Dart","diff":"Diff","dockerfile":"Dockerfile","dot":"Dot","drools":"Drools","edifact":"Edifact","eiffel":"Eiffel","ejs":"EJS","elixir":"Elixir","elm":"Elm","erlang":"Erlang","forth":"Forth","fortran":"Fortran","fsharp":"FSharp","fsl":"FSL","ftl":"FreeMarker","gcode":"Gcode","gherkin":"Gherkin","gitignore":"Gitignore","glsl":"Glsl","gobstones":"Gobstones","golang":"Go","graphqlschema":"GraphQLSchema","groovy":"Groovy","haml":"HAML","handlebars":"Handlebars","haskell":"Haskell","haskell_cabal":"Haskell Cabal","haxe":"haXe","hjson":"Hjson","html":"HTML","html_elixir":"HTML (Elixir)","html_ruby":"HTML (Ruby)","ini":"INI","io":"Io","jack":"Jack","jade":"Jade","java":"Java","json":"JSON","jsoniq":"JSONiq","jsp":"JSP","jssm":"JSSM","jsx":"JSX","julia":"Julia","kotlin":"Kotlin","latex":"LaTeX","less":"LESS","liquid":"Liquid","lisp":"Lisp","livescript":"LiveScript","logiql":"LogiQL","lsl":"LSL","lua":"Lua","luapage":"LuaPage","lucene":"Lucene","makefile":"Makefile","markdown":"Markdown","mask":"Mask","matlab":"MATLAB","maze":"Maze","mel":"MEL","mixal":"MIXAL","mushcode":"MUSHCode","mysql":"MySQL","nix":"Nix","nsis":"NSIS","objectivec":"Objective-C","ocaml":"OCaml","pascal":"Pascal","perl":"Perl","perl6":"Perl 6","pgsql":"pgSQL","php_laravel_blade":"PHP (Blade Template)","php":"PHP","puppet":"Puppet","pig":"Pig","powershell":"Powershell","praat":"Praat","prolog":"Prolog","properties":"Properties","protobuf":"Protobuf","python":"Python","r":"R","razor":"Razor","rdoc":"RDoc","red":"Red","rhtml":"RHTML","rst":"RST","ruby":"Ruby","rust":"Rust","sass":"SASS","scad":"SCAD","scala":"Scala","scheme":"Scheme","scss":"SCSS","sh":"SH","sjs":"SJS","slim":"Slim","smarty":"Smarty","snippets":"snippets","soy_template":"Soy Template","space":"Space","sql":"SQL","sqlserver":"SQLServer","stylus":"Stylus","svg":"SVG","swift":"Swift","tcl":"Tcl","terraform":"Terraform","tex":"Tex","text":"Text","textile":"Textile","toml":"Toml","tsx":"TSX","twig":"Twig","typescript":"Typescript","vala":"Vala","vbscript":"VBScript","velocity":"Velocity","verilog":"Verilog","vhdl":"VHDL","visualforce":"Visualforce","wollok":"Wollok","xml":"XML","xquery":"XQuery","yaml":"YAML","django":"Django"},"fontSize":{8:8,10:10,11:11,12:12,13:13,14:14,15:15,16:16,17:17,18:18,20:20,22:22,24:24,26:26,30:30}};
3581 if(_data && _data.aceMode) { $modeEl.html(optionNode("ace/mode/", _data.aceMode)); }
3582 if(_data && _data.aceTheme) { var lightTheme = optionNode("ace/theme/", _data.aceTheme.bright), darkTheme = optionNode("ace/theme/", _data.aceTheme.dark); $themeEl.html("<optgroup label=\"Bright\">"+lightTheme+"</optgroup><optgroup label=\"Dark\">"+darkTheme+"</optgroup>");}
3583 if(_data && _data.fontSize) { $fontSizeEl.html(optionNode("", _data.fontSize)); }
3584 $fontSizeEl.val(12).change(); //set default font size in drop down
3585 }
3586
3587 $(function(){
3588 renderThemeMode();
3589 $(".js-ace-toolbar").on("click", 'button', function(e){
3590 e.preventDefault();
3591 let cmdValue = $(this).attr("data-cmd"), editorOption = $(this).attr("data-option");
3592 if(cmdValue && cmdValue != "none") {
3593 ace_commend(cmdValue);
3594 } else if(editorOption) {
3595 if(editorOption == "fullscreen") {
3596 (void 0!==document.fullScreenElement&&null===document.fullScreenElement||void 0!==document.msFullscreenElement&&null===document.msFullscreenElement||void 0!==document.mozFullScreen&&!document.mozFullScreen||void 0!==document.webkitIsFullScreen&&!document.webkitIsFullScreen)
3597 &&(editor.container.requestFullScreen?editor.container.requestFullScreen():editor.container.mozRequestFullScreen?editor.container.mozRequestFullScreen():editor.container.webkitRequestFullScreen?editor.container.webkitRequestFullScreen(Element.ALLOW_KEYBOARD_INPUT):editor.container.msRequestFullscreen&&editor.container.msRequestFullscreen());
3598 } else if(editorOption == "wrap") {
3599 let wrapStatus = (editor.getSession().getUseWrapMode()) ? false : true;
3600 editor.getSession().setUseWrapMode(wrapStatus);
3601 } else if(editorOption == "help") {
3602 var helpHtml="";$.each(window.config.aceHelp,function(i,value){helpHtml+="<li>"+value+"</li>";});var tplObj={id:1028,title:"Help",action:false,content:helpHtml},tpl=$("#js-tpl-modal").html();$('#wrapper').append(template(tpl,tplObj));$("#js-ModalCenter-1028").modal('show');
3603 }
3604 }
3605 });
3606 $("select#js-ace-mode, select#js-ace-theme, select#js-ace-fontSize").on("change", function(e){
3607 e.preventDefault();
3608 let selectedValue = $(this).val(), selectionType = $(this).attr("data-type");
3609 if(selectedValue && selectionType == "mode") {
3610 editor.getSession().setMode(selectedValue);
3611 } else if(selectedValue && selectionType == "theme") {
3612 editor.setTheme(selectedValue);
3613 }else if(selectedValue && selectionType == "fontSize") {
3614 editor.setFontSize(parseInt(selectedValue));
3615 }
3616 });
3617 });
3618 </script>
3619<?php endif; ?>
3620</body>
3621</html>
3622<?php
3623}
3624
3625/**
3626 * Show image
3627 * @param string $img
3628 */
3629function fm_show_image($img)
3630{
3631 $modified_time = gmdate('D, d M Y 00:00:00') . ' GMT';
3632 $expires_time = gmdate('D, d M Y 00:00:00', strtotime('+1 day')) . ' GMT';
3633
3634 $img = trim($img);
3635 $images = fm_get_images();
3636 $image = 'iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAEElEQVR42mL4//8/A0CAAQAI/AL+26JNFgAAAABJRU5ErkJggg==';
3637 if (isset($images[$img])) {
3638 $image = $images[$img];
3639 }
3640 $image = base64_decode($image);
3641 if (function_exists('mb_strlen')) {
3642 $size = mb_strlen($image, '8bit');
3643 } else {
3644 $size = strlen($image);
3645 }
3646
3647 if (function_exists('header_remove')) {
3648 header_remove('Cache-Control');
3649 header_remove('Pragma');
3650 } else {
3651 header('Cache-Control:');
3652 header('Pragma:');
3653 }
3654
3655 header('Last-Modified: ' . $modified_time, true, 200);
3656 header('Expires: ' . $expires_time);
3657 header('Content-Length: ' . $size);
3658 header('Content-Type: image/png');
3659 echo $image;
3660
3661 exit;
3662}
3663
3664
3665/**
3666 * Language Translation System
3667 * @param string $txt
3668 * @return string
3669 */
3670function lng($txt) {
3671 global $lang;
3672
3673 // English Language
3674 $tr['en']['AppName'] = 'Tiny File Manager'; $tr['en']['AppTitle'] = 'File Manager';
3675 $tr['en']['Login'] = 'Sign in'; $tr['en']['Username'] = 'Username';
3676 $tr['en']['Password'] = 'Password'; $tr['en']['Logout'] = 'Sign Out';
3677 $tr['en']['Move'] = 'Move'; $tr['en']['Copy'] = 'Copy';
3678 $tr['en']['Save'] = 'Save'; $tr['en']['SelectAll'] = 'Select all';
3679 $tr['en']['UnSelectAll'] = 'Unselect all'; $tr['en']['File'] = 'File';
3680 $tr['en']['Back'] = 'Back'; $tr['en']['Size'] = 'Size';
3681 $tr['en']['Perms'] = 'Perms'; $tr['en']['Modified'] = 'Modified';
3682 $tr['en']['Owner'] = 'Owner'; $tr['en']['Search'] = 'Search';
3683 $tr['en']['NewItem'] = 'New Item'; $tr['en']['Folder'] = 'Folder';
3684 $tr['en']['Delete'] = 'Delete'; $tr['en']['Rename'] = 'Rename';
3685 $tr['en']['CopyTo'] = 'Copy to'; $tr['en']['DirectLink'] = 'Direct link';
3686 $tr['en']['UploadingFiles'] = 'Upload Files'; $tr['en']['ChangePermissions'] = 'Change Permissions';
3687 $tr['en']['Copying'] = 'Copying'; $tr['en']['CreateNewItem'] = 'Create New Item';
3688 $tr['en']['Name'] = 'Name'; $tr['en']['AdvancedEditor'] = 'Advanced Editor';
3689 $tr['en']['RememberMe'] = 'Remember Me'; $tr['en']['Actions'] = 'Actions';
3690 $tr['en']['Upload'] = 'Upload'; $tr['en']['Cancel'] = 'Cancel';
3691 $tr['en']['InvertSelection']= 'Invert Selection'; $tr['en']['DestinationFolder'] = 'Destination Folder';
3692 $tr['en']['ItemType'] = 'Item Type'; $tr['en']['ItemName'] = 'Item Name';
3693 $tr['en']['CreateNow'] = 'Create Now'; $tr['en']['Download'] = 'Download';
3694 $tr['en']['Open'] = 'Open'; $tr['en']['UnZip'] = 'UnZip';
3695 $tr['en']['UnZipToFolder'] = 'UnZip to folder'; $tr['en']['Edit'] = 'Edit';
3696 $tr['en']['NormalEditor'] = 'Normal Editor'; $tr['en']['BackUp'] = 'Back Up';
3697 $tr['en']['SourceFolder'] = 'Source Folder'; $tr['en']['Files'] = 'Files';
3698 $tr['en']['Move'] = 'Move'; $tr['en']['Change'] = 'Change';
3699 $tr['en']['Settings'] = 'Settings'; $tr['en']['Language'] = 'Language';
3700 $tr['en']['MemoryUsed'] = 'Memory used'; $tr['en']['PartitionSize'] = 'Partition size';
3701 $tr['en']['ErrorReporting'] = 'Error Reporting'; $tr['en']['ShowHiddenFiles'] = 'Show Hidden Files';
3702 $tr['en']['Full size'] = 'Full size'; $tr['en']['Help'] = 'Help';
3703 $tr['en']['Free of'] = 'Free of'; $tr['en']['Preview'] = 'Preview';
3704 $tr['en']['Help Documents'] = 'Help Documents'; $tr['en']['Report Issue'] = 'Report Issue';
3705 $tr['en']['Generate'] = 'Generate'; $tr['en']['FullSize'] = 'Full Size';
3706 $tr['en']['FreeOf'] = 'free of'; $tr['en']['CalculateFolderSize']= 'Calculate folder size';
3707 $tr['en']['ProcessID'] = 'Process ID';
3708 $tr['en']['HideColumns'] = 'Hide Perms/Owner columns';
3709 $tr['en']['Check Latest Version']= 'Check Latest Version'; $tr['en']['Generate new password hash'] = 'Generate new password hash';
3710
3711 $i18n = fm_get_translations($tr);
3712 $tr = $i18n ? $i18n : $tr;
3713
3714 if (!strlen($lang)) $lang = 'en';
3715 if (isset($tr[$lang][$txt])) return fm_enc($tr[$lang][$txt]);
3716 else if (isset($tr['en'][$txt])) return fm_enc($tr['en'][$txt]);
3717 else return "$txt";
3718}
3719
3720/**
3721 * Get base64-encoded images
3722 * @return array
3723 */
3724function fm_get_images()
3725{
3726 return array(
3727 'favicon' => 'Qk04AgAAAAAAADYAAAAoAAAAEAAAABAAAAABABAAAAAAAAICAAASCwAAEgsAAAAAAAAAAAAAIQQhBCEEIQQhBCEEIQQhBCEEIQ
3728 QhBCEEIQQhBCEEIQQhBCEEIQQhBHNO3n/ef95/vXetNSEEIQQhBCEEIQQhBCEEIQQhBCEEc07ef95/3n/ef95/1lohBCEEIQQhBCEEIQQhBCEEIQ
3729 RzTt5/3n8hBDFG3n/efyEEIQQhBCEEIQQhBCEEIQQhBHNO3n/efyEEMUbef95/IQQhBCEEIQQhBCEEIQQhBCEErTVzTnNOIQQxRt5/3n8hBCEEIQ
3730 QhBCEEIQQhBCEEIQQhBCEEIQQhBDFG3n/efyEEIQQhBCEEIQQhBCEEIQQhBCEEIQQxRt5/3n+cc2stIQQhBCEEIQQhBCEEIQQhBCEEIQQIIZxz3n
3731 /ef5xzay0hBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQhBDFG3n/efyEEIQQhBCEEIQQhBCEEIQQhBK01c05zTiEEMUbef95/IQQhBCEEIQQhBCEEIQ
3732 QhBCEEc07ef95/IQQxRt5/3n8hBCEEIQQhBCEEIQQhBCEEIQRzTt5/3n8hBDFG3n/efyEEIQQhBCEEIQQhBCEEIQQhBKUUOWfef95/3n/ef95/IQ
3733 QhBCEEIQQhBCEEIQQhBCEEIQQhBJRW3n/ef95/3n8hBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQAAA=='
3734 );
3735}
3736
3737?>