· 6 years ago · Nov 29, 2019, 03:02 AM
1<?php
2//Default Configuration
3$CONFIG = '{"lang":"en","error_reporting":false,"show_hidden":true,"hide_Cols":false,"calc_folder":false}';
4
5/**
6 * H3K | Tiny File Manager V2.3.8
7 * CCP Programmers | ccpprogrammers@gmail.com
8 * https://tinyfilemanager.github.io
9 */
10
11//TFM version
12define('VERSION', '2.3.8');
13
14//Application Title
15define('APP_TITLE', 'Dirac Sea Manager');
16
17// Auth with login/password (set true/false to enable/disable it)
18// Is independent from IP white- and blacklisting
19$use_auth = true;
20
21// Users: array('Username' => 'Password', 'Username2' => 'Password2', ...)
22// Generate secure password hash - https://tinyfilemanager.github.io/docs/pwd.html
23$auth_users = array(
24 'admin' => '$2y$10$/K.hjNr84lLNDt8fTXjoI.DBp6PpeyoJ.mGwrrLuCZfAwfSAGqhOW', //admin@123
25 'user' => '$2y$10$Fg6Dz8oH9fPoZ2jJan5tZuv6Z4Kp7avtQ9bDfrdRntXtPeiMAZyGO' //12345
26);
27
28// Readonly users (username array)
29$readonly_users = array(
30 'user'
31);
32
33// Possible rules are 'OFF', 'AND' or 'OR'
34// OFF => Don't check connection IP, defaults to OFF
35// AND => Connection must be on the whitelist, and not on the blacklist
36// OR => Connection must be on the whitelist, or not on the blacklist
37$ip_ruleset = 'OFF';
38
39// Should users be notified of their block?
40$ip_silent = true;
41
42// IP-addresses, both ipv4 and ipv6
43$ip_whitelist = array(
44 '127.0.0.1', // local ipv4
45 '::1' // local ipv6
46);
47
48// IP-addresses, both ipv4 and ipv6
49$ip_blacklist = array(
50 '0.0.0.0', // non-routable meta ipv4
51 '::' // non-routable meta ipv6
52);
53
54// user specific directories
55// array('Username' => 'Directory path', 'Username2' => 'Directory path', ...)
56$directories_users = array();
57
58// Enable highlight.js (https://highlightjs.org/) on view's page
59$use_highlightjs = true;
60
61// highlight.js style
62$highlightjs_style = 'vs';
63
64// Enable ace.js (https://ace.c9.io/) on view's page
65$edit_files = true;
66
67// Default timezone for date() and time() - http://php.net/manual/en/timezones.php
68$default_timezone = 'Etc/UTC'; // UTC
69
70// Root path for file manager
71// use absolute path of directory i.e: '/var/www/folder' or $_SERVER['DOCUMENT_ROOT'].'/folder'
72$root_path = $_SERVER['DOCUMENT_ROOT'].'/files';
73
74// Root url for links in file manager.Relative to $http_host. Variants: '', 'path/to/subfolder'
75// Will not working if $root_path will be outside of server document root
76$root_url = '/files/';
77
78// Server hostname. Can set manually if wrong
79$http_host = $_SERVER['HTTP_HOST'];
80
81// input encoding for iconv
82$iconv_input_encoding = 'UTF-8';
83
84// date() format for file modification date
85$datetime_format = 'd.m.y H:i';
86
87// allowed file extensions for upload and rename
88// e.g. 'gif,png,jpg'
89$allowed_extensions = '';
90
91// Favicon path. This can be either a full url to an .PNG image, or a path based on the document root.
92// full path, e.g http://example.com/favicon.png
93// local path, e.g images/icons/favicon.png
94$favicon_path = '/diracsea/favicon.png';
95
96// Array of files and folders excluded from listing
97// e.r array('myfile.html', 'personal-folder')
98$GLOBALS['exclude_items'] = array();
99
100// Online office Docs Viewer
101// Availabe rules are 'google', 'microsoft' or false
102// google => View documents using Google Docs Viewer
103// microsoft => View documents using Microsoft Web Apps Viewer
104// false => disable online dov viewer
105$GLOBALS['online_viewer'] = 'google';
106
107// Sticky Nav bar
108// true => enable sticky header
109// false => disable sticky header
110$sticky_navbar = true;
111
112// max upload file size
113define('MAX_UPLOAD_SIZE', '2048');
114
115//--- EDIT BELOW CAREFULLY OR DO NOT EDIT AT ALL
116
117// private key and session name to store to the session
118if ( !defined( 'FM_SESSION_ID')) {
119 define('FM_SESSION_ID', 'filemanager');
120}
121
122// Configuration
123$cfg = new FM_Config();
124
125// Default language
126$lang = isset($cfg->data['lang']) ? $cfg->data['lang'] : 'en';
127
128// Show or hide files and folders that starts with a dot
129$show_hidden_files = isset($cfg->data['show_hidden']) ? $cfg->data['show_hidden'] : false;
130
131// PHP error reporting - false = Turns off Errors, true = Turns on Errors
132$report_errors = isset($cfg->data['error_reporting']) ? $cfg->data['error_reporting'] : false;
133
134// Hide Permissions and Owner cols in file-listing
135$hide_Cols = isset($cfg->data['hide_Cols']) ? $cfg->data['hide_Cols'] : true;
136
137// Show Dirsize: true or speedup output: false
138$calc_folder = isset($cfg->data['calc_folder']) ? $cfg->data['calc_folder'] : true;
139
140//available languages
141$lang_list = array(
142 'en' => 'English'
143);
144
145if ($report_errors == true) {
146 @ini_set('error_reporting', E_ALL);
147 @ini_set('display_errors', 1);
148} else {
149 @ini_set('error_reporting', E_ALL);
150 @ini_set('display_errors', 0);
151}
152
153// if fm included
154if (defined('FM_EMBED')) {
155 $use_auth = false;
156 $sticky_navbar = false;
157} else {
158 @set_time_limit(600);
159
160 date_default_timezone_set($default_timezone);
161
162 ini_set('default_charset', 'UTF-8');
163 if (version_compare(PHP_VERSION, '5.6.0', '<') && function_exists('mb_internal_encoding')) {
164 mb_internal_encoding('UTF-8');
165 }
166 if (function_exists('mb_regex_encoding')) {
167 mb_regex_encoding('UTF-8');
168 }
169
170 session_cache_limiter('');
171 session_name(FM_SESSION_ID );
172 @session_start();
173}
174
175if (empty($auth_users)) {
176 $use_auth = false;
177}
178
179$is_https = isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1)
180 || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
181
182// update $root_url based on user specific directories
183if (isset($_SESSION[FM_SESSION_ID]['logged']) && !empty($directories_users[$_SESSION[FM_SESSION_ID]['logged']])) {
184 $wd = fm_clean_path(dirname($_SERVER['PHP_SELF']));
185 $root_url = $root_url.$wd.DIRECTORY_SEPARATOR.$directories_users[$_SESSION[FM_SESSION_ID]['logged']];
186}
187// clean $root_url
188$root_url = fm_clean_path($root_url);
189
190// abs path for site
191defined('FM_ROOT_URL') || define('FM_ROOT_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . (!empty($root_url) ? '/' . $root_url : ''));
192defined('FM_SELF_URL') || define('FM_SELF_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . $_SERVER['PHP_SELF']);
193
194// logout
195if (isset($_GET['logout'])) {
196 unset($_SESSION[FM_SESSION_ID]['logged']);
197 fm_redirect(FM_SELF_URL);
198}
199
200// Show image here
201if (isset($_GET['img'])) {
202 fm_show_image($_GET['img']);
203}
204
205// Validate connection IP
206if($ip_ruleset != 'OFF'){
207 $clientIp = $_SERVER['REMOTE_ADDR'];
208
209 $proceed = false;
210
211 $whitelisted = in_array($clientIp, $ip_whitelist);
212 $blacklisted = in_array($clientIp, $ip_blacklist);
213
214 if($ip_ruleset == 'AND'){
215 if($whitelisted == true && $blacklisted == false){
216 $proceed = true;
217 }
218 } else
219 if($ip_ruleset == 'OR'){
220 if($whitelisted == true || $blacklisted == false){
221 $proceed = true;
222 }
223 }
224
225 if($proceed == false){
226 trigger_error('User connection denied from: ' . $clientIp, E_USER_WARNING);
227
228 if($ip_silent == false){
229 fm_set_msg('Access denied. IP restriction applicable', 'error');
230 fm_show_header_login();
231 fm_show_message();
232 }
233
234 exit();
235 }
236}
237
238// Auth
239if ($use_auth) {
240 if (isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']])) {
241 // Logged
242 } elseif (isset($_POST['fm_usr'], $_POST['fm_pwd'])) {
243 // Logging In
244 sleep(1);
245 if(function_exists('password_verify')) {
246 if (isset($auth_users[$_POST['fm_usr']]) && isset($_POST['fm_pwd']) && password_verify($_POST['fm_pwd'], $auth_users[$_POST['fm_usr']])) {
247 $_SESSION[FM_SESSION_ID]['logged'] = $_POST['fm_usr'];
248 fm_set_msg('You are logged in');
249 fm_redirect(FM_SELF_URL . '?p=');
250 } else {
251 unset($_SESSION[FM_SESSION_ID]['logged']);
252 fm_set_msg('Login failed. Invalid username or password', 'error');
253 fm_redirect(FM_SELF_URL);
254 }
255 } else {
256 fm_set_msg('password_hash not supported, Upgrade PHP version', 'error');;
257 }
258 } else {
259 // Form
260 unset($_SESSION[FM_SESSION_ID]['logged']);
261 fm_show_header_login();
262 fm_show_message();
263 ?>
264 <section class="h-100">
265 <div class="container h-100">
266 <div class="row justify-content-md-center h-100">
267 <div class="card-wrapper">
268 <div class="brand">
269 <svg version="1.0" xmlns="http://www.w3.org/2000/svg" M1008 width="100%" height="121px" viewBox="0 0 238.000000 140.000000" aria-label="H3K Tiny File Manager">
270 <g transform="translate(0.000000,140.000000) scale(0.100000,-0.100000)" fill="#000000" stroke="none">
271 <path d="M160 700 l0 -600 110 0 110 0 0 260 0 260 70 0 70 0 0 -260 0 -260 110 0 110 0 0 600 0 600 -110 0 -110 0 0 -260 0 -260 -70 0 -70 0 0 260 0 260 -110 0 -110 0 0 -600z"/>
272 <path fill="#003500" d="M1008 1227 l-108 -72 0 -117 0 -118 110 0 110 0 0 110 0 110 70 0 70 0 0 -180 0 -180 -125 0 c-69 0 -125 -3 -125 -6 0 -3 23 -39 52 -80 l52 -74 73 0 73 0 0 -185 0 -185 -70 0 -70 0 0 115 0 115 -110 0 -110 0 0 -190 0 -190 181 0 181 0 109 73 108 72 1 181 0 181 -69 48 -68 49 68 50 69 49 0 249 0 248 -182 -1 -183 0 -107 -72z"/>
273 <path d="M1640 700 l0 -600 110 0 110 0 0 208 0 208 35 34 35 34 35 -34 35 -34 0 -208 0 -208 110 0 110 0 0 212 0 213 -87 87 -88 88 88 88 87 87 0 213 0 212 -110 0 -110 0 0 -208 0 -208 -70 -69 -70 -69 0 277 0 277 -110 0 -110 0 0 -600z"/></g>
274 </svg>
275 </div>
276 <div class="text-center">
277 <h1 class="card-title"><?php echo APP_TITLE; ?></h1>
278 </div>
279 <div class="card fat">
280 <div class="card-body">
281 <form class="form-signin" action="" method="post" autocomplete="off">
282 <div class="form-group">
283 <label for="fm_usr"><?php echo lng('Username'); ?></label>
284 <input type="text" class="form-control" id="fm_usr" name="fm_usr" required autofocus>
285 </div>
286
287 <div class="form-group">
288 <label for="fm_pwd"><?php echo lng('Password'); ?></label>
289 <input type="password" class="form-control" id="fm_pwd" name="fm_pwd" required>
290 </div>
291
292 <div class="form-group">
293 <div class="custom-checkbox custom-control">
294 <input type="checkbox" name="remember" id="remember" class="custom-control-input">
295 <label for="remember" class="custom-control-label"><?php echo lng('RememberMe'); ?></label>
296 </div>
297 </div>
298
299 <div class="form-group">
300 <button type="submit" class="btn btn-success btn-block" role="button">
301 <?php echo lng('Login'); ?>
302 </button>
303 </div>
304 </form>
305 </div>
306 </div>
307 <div class="footer text-center">
308 —— ©
309 <a href="https://tinyfilemanager.github.io/" target="_blank" class="text-muted" data-version="<?php echo VERSION; ?>">CCP Programmers</a> ——
310 </div>
311 </div>
312 </div>
313 </div>
314 </section>
315
316 <?php
317 fm_show_footer_login();
318 exit;
319 }
320}
321
322// update root path
323if ($use_auth && isset($_SESSION[FM_SESSION_ID]['logged'])) {
324 $root_path = isset($directories_users[$_SESSION[FM_SESSION_ID]['logged']]) ? $directories_users[$_SESSION[FM_SESSION_ID]['logged']] : $root_path;
325}
326
327// clean and check $root_path
328$root_path = rtrim($root_path, '\\/');
329$root_path = str_replace('\\', '/', $root_path);
330if (!@is_dir($root_path)) {
331 echo "<h1>Root path \"{$root_path}\" not found!</h1>";
332 exit;
333}
334
335defined('FM_SHOW_HIDDEN') || define('FM_SHOW_HIDDEN', $show_hidden_files);
336defined('FM_ROOT_PATH') || define('FM_ROOT_PATH', $root_path);
337defined('FM_LANG') || define('FM_LANG', $lang);
338defined('FM_EXTENSION') || define('FM_EXTENSION', $allowed_extensions);
339define('FM_READONLY', $use_auth && !empty($readonly_users) && isset($_SESSION[FM_SESSION_ID]['logged']) && in_array($_SESSION[FM_SESSION_ID]['logged'], $readonly_users));
340define('FM_IS_WIN', DIRECTORY_SEPARATOR == '\\');
341
342// always use ?p=
343if (!isset($_GET['p']) && empty($_FILES)) {
344 fm_redirect(FM_SELF_URL . '?p=');
345}
346
347// get path
348$p = isset($_GET['p']) ? $_GET['p'] : (isset($_POST['p']) ? $_POST['p'] : '');
349
350// clean path
351$p = fm_clean_path($p);
352
353// for ajax request - save
354$input = file_get_contents('php://input');
355$_POST = (strpos($input, 'ajax') != FALSE && strpos($input, 'save') != FALSE) ? json_decode($input, true) : $_POST;
356
357// instead globals vars
358define('FM_PATH', $p);
359define('FM_USE_AUTH', $use_auth);
360define('FM_EDIT_FILE', $edit_files);
361defined('FM_ICONV_INPUT_ENC') || define('FM_ICONV_INPUT_ENC', $iconv_input_encoding);
362defined('FM_USE_HIGHLIGHTJS') || define('FM_USE_HIGHLIGHTJS', $use_highlightjs);
363defined('FM_HIGHLIGHTJS_STYLE') || define('FM_HIGHLIGHTJS_STYLE', $highlightjs_style);
364defined('FM_DATETIME_FORMAT') || define('FM_DATETIME_FORMAT', $datetime_format);
365
366unset($p, $use_auth, $iconv_input_encoding, $use_highlightjs, $highlightjs_style);
367
368/*************************** ACTIONS ***************************/
369
370// AJAX Request
371if (isset($_POST['ajax']) && !FM_READONLY) {
372
373 // save
374 if (isset($_POST['type']) && $_POST['type'] == "save") {
375 // get current path
376 $path = FM_ROOT_PATH;
377 if (FM_PATH != '') {
378 $path .= '/' . FM_PATH;
379 }
380 // check path
381 if (!is_dir($path)) {
382 fm_redirect(FM_SELF_URL . '?p=');
383 }
384 $file = $_GET['edit'];
385 $file = fm_clean_path($file);
386 $file = str_replace('/', '', $file);
387 if ($file == '' || !is_file($path . '/' . $file)) {
388 fm_set_msg('File not found', 'error');
389 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
390 }
391 header('X-XSS-Protection:0');
392 $file_path = $path . '/' . $file;
393
394 $writedata = $_POST['content'];
395 $fd = fopen($file_path, "w");
396 @fwrite($fd, $writedata);
397 fclose($fd);
398 fm_set_msg('successful save!', 'alert');
399 die(true);
400 }
401
402 // backup files
403 if (isset($_POST['type']) && $_POST['type'] == "backup") {
404 $file = $_POST['file'];
405 $path = $_POST['path'];
406 $date = date("dMy-His");
407 $newFile = $file . '-' . $date . '.bak';
408 copy($path . '/' . $file, $path . '/' . $newFile) or die("Unable to backup");
409 echo "Backup $newFile Created";
410 }
411
412 // Save Config
413 if (isset($_POST['type']) && $_POST['type'] == "settings") {
414 global $cfg, $lang, $report_errors, $show_hidden_files, $lang_list, $hide_Cols, $calc_folder;
415 $newLng = $_POST['js-language'];
416 fm_get_translations([]);
417 if (!array_key_exists($newLng, $lang_list)) {
418 $newLng = 'en';
419 }
420
421 $erp = isset($_POST['js-error-report']) && $_POST['js-error-report'] == "true" ? true : false;
422 $shf = isset($_POST['js-show-hidden']) && $_POST['js-show-hidden'] == "true" ? true : false;
423 $hco = isset($_POST['js-hide-cols']) && $_POST['js-hide-cols'] == "true" ? true : false;
424 $caf = isset($_POST['js-calc-folder']) && $_POST['js-calc-folder'] == "true" ? true : false;
425
426 if ($cfg->data['lang'] != $newLng) {
427 $cfg->data['lang'] = $newLng;
428 $lang = $newLng;
429 }
430 if ($cfg->data['error_reporting'] != $erp) {
431 $cfg->data['error_reporting'] = $erp;
432 $report_errors = $erp;
433 }
434 if ($cfg->data['show_hidden'] != $shf) {
435 $cfg->data['show_hidden'] = $shf;
436 $show_hidden_files = $shf;
437 }
438 if ($cfg->data['show_hidden'] != $shf) {
439 $cfg->data['show_hidden'] = $shf;
440 $show_hidden_files = $shf;
441 }
442 if ($cfg->data['hide_Cols'] != $hco) {
443 $cfg->data['hide_Cols'] = $hco;
444 $hide_Cols = $hco;
445 }
446 if ($cfg->data['calc_folder'] != $caf) {
447 $cfg->data['calc_folder'] = $caf;
448 $calc_folder = $caf;
449 }
450 $cfg->save();
451 echo true;
452 }
453
454 // new password hash
455 if (isset($_POST['type']) && $_POST['type'] == "pwdhash") {
456 $res = isset($_POST['inputPassword2']) && !empty($_POST['inputPassword2']) ? password_hash($_POST['inputPassword2'], PASSWORD_DEFAULT) : '';
457 echo $res;
458 }
459
460 //upload using url
461 if(isset($_POST['type']) && $_POST['type'] == "upload" && !empty($_REQUEST["uploadurl"])) {
462 $path = FM_ROOT_PATH;
463 if (FM_PATH != '') {
464 $path .= '/' . FM_PATH;
465 }
466
467 $url = !empty($_REQUEST["uploadurl"]) && preg_match("|^http(s)?://.+$|", stripslashes($_REQUEST["uploadurl"])) ? stripslashes($_REQUEST["uploadurl"]) : null;
468 $use_curl = false;
469 $temp_file = tempnam(sys_get_temp_dir(), "upload-");
470 $fileinfo = new stdClass();
471 $fileinfo->name = trim(basename($url), ".\x00..\x20");
472
473 function event_callback ($message) {
474 global $callback;
475 echo json_encode($message);
476 }
477
478 function get_file_path () {
479 global $path, $fileinfo, $temp_file;
480 return $path."/".basename($fileinfo->name);
481 }
482
483 $err = false;
484 if (!$url) {
485 $success = false;
486 } else if ($use_curl) {
487 @$fp = fopen($temp_file, "w");
488 @$ch = curl_init($url);
489 curl_setopt($ch, CURLOPT_NOPROGRESS, false );
490 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
491 curl_setopt($ch, CURLOPT_FILE, $fp);
492 @$success = curl_exec($ch);
493 $curl_info = curl_getinfo($ch);
494 if (!$success) {
495 $err = array("message" => curl_error($ch));
496 }
497 @curl_close($ch);
498 fclose($fp);
499 $fileinfo->size = $curl_info["size_download"];
500 $fileinfo->type = $curl_info["content_type"];
501 } else {
502 $ctx = stream_context_create();
503 @$success = copy($url, $temp_file, $ctx);
504 if (!$success) {
505 $err = error_get_last();
506 }
507 }
508
509 if ($success) {
510 $success = rename($temp_file, get_file_path());
511 }
512
513 if ($success) {
514 event_callback(array("done" => $fileinfo));
515 } else {
516 unlink($temp_file);
517 if (!$err) {
518 $err = array("message" => "Invalid url parameter");
519 }
520 event_callback(array("fail" => $err));
521 }
522 }
523
524 exit();
525}
526
527// Delete file / folder
528if (isset($_GET['del']) && !FM_READONLY) {
529 $del = str_replace( '/', '', fm_clean_path( $_GET['del'] ) );
530 if ($del != '' && $del != '..' && $del != '.') {
531 $path = FM_ROOT_PATH;
532 if (FM_PATH != '') {
533 $path .= '/' . FM_PATH;
534 }
535 $is_dir = is_dir($path . '/' . $del);
536 if (fm_rdelete($path . '/' . $del)) {
537 $msg = $is_dir ? 'Folder <b>%s</b> deleted' : 'File <b>%s</b> deleted';
538 fm_set_msg(sprintf($msg, fm_enc($del)));
539 } else {
540 $msg = $is_dir ? 'Folder <b>%s</b> not deleted' : 'File <b>%s</b> not deleted';
541 fm_set_msg(sprintf($msg, fm_enc($del)), 'error');
542 }
543 } else {
544 fm_set_msg('Wrong file or folder name', 'error');
545 }
546 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
547}
548
549// Create folder
550if (isset($_GET['new']) && isset($_GET['type']) && !FM_READONLY) {
551 $type = $_GET['type'];
552 $new = str_replace( '/', '', fm_clean_path( strip_tags( $_GET['new'] ) ) );
553 if ($new != '' && $new != '..' && $new != '.') {
554 $path = FM_ROOT_PATH;
555 if (FM_PATH != '') {
556 $path .= '/' . FM_PATH;
557 }
558 if ($_GET['type'] == "file") {
559 if (!file_exists($path . '/' . $new)) {
560 @fopen($path . '/' . $new, 'w') or die('Cannot open file: ' . $new);
561 fm_set_msg(sprintf('File <b>%s</b> created', fm_enc($new)));
562 } else {
563 fm_set_msg(sprintf('File <b>%s</b> already exists', fm_enc($new)), 'alert');
564 }
565 } else {
566 if (fm_mkdir($path . '/' . $new, false) === true) {
567 fm_set_msg(sprintf('Folder <b>%s</b> created', $new));
568 } elseif (fm_mkdir($path . '/' . $new, false) === $path . '/' . $new) {
569 fm_set_msg(sprintf('Folder <b>%s</b> already exists', fm_enc($new)), 'alert');
570 } else {
571 fm_set_msg(sprintf('Folder <b>%s</b> not created', fm_enc($new)), 'error');
572 }
573 }
574 } else {
575 fm_set_msg('Wrong folder name', 'error');
576 }
577 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
578}
579
580// Copy folder / file
581if (isset($_GET['copy'], $_GET['finish']) && !FM_READONLY) {
582 // from
583 $copy = $_GET['copy'];
584 $copy = fm_clean_path($copy);
585 // empty path
586 if ($copy == '') {
587 fm_set_msg('Source path not defined', 'error');
588 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
589 }
590 // abs path from
591 $from = FM_ROOT_PATH . '/' . $copy;
592 // abs path to
593 $dest = FM_ROOT_PATH;
594 if (FM_PATH != '') {
595 $dest .= '/' . FM_PATH;
596 }
597 $dest .= '/' . basename($from);
598 // move?
599 $move = isset($_GET['move']);
600 // copy/move
601 if ($from != $dest) {
602 $msg_from = trim(FM_PATH . '/' . basename($from), '/');
603 if ($move) {
604 $rename = fm_rename($from, $dest);
605 if ($rename) {
606 fm_set_msg(sprintf('Moved from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($msg_from)));
607 } elseif ($rename === null) {
608 fm_set_msg('File or folder with this path already exists', 'alert');
609 } else {
610 fm_set_msg(sprintf('Error while moving from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($msg_from)), 'error');
611 }
612 } else {
613 if (fm_rcopy($from, $dest)) {
614 fm_set_msg(sprintf('Copied from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($msg_from)));
615 } else {
616 fm_set_msg(sprintf('Error while copying from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($msg_from)), 'error');
617 }
618 }
619 } else {
620 fm_set_msg('Paths must be not equal', 'alert');
621 }
622 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
623}
624
625// Mass copy files/ folders
626if (isset($_POST['file'], $_POST['copy_to'], $_POST['finish']) && !FM_READONLY) {
627 // from
628 $path = FM_ROOT_PATH;
629 if (FM_PATH != '') {
630 $path .= '/' . FM_PATH;
631 }
632 // to
633 $copy_to_path = FM_ROOT_PATH;
634 $copy_to = fm_clean_path($_POST['copy_to']);
635 if ($copy_to != '') {
636 $copy_to_path .= '/' . $copy_to;
637 }
638 if ($path == $copy_to_path) {
639 fm_set_msg('Paths must be not equal', 'alert');
640 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
641 }
642 if (!is_dir($copy_to_path)) {
643 if (!fm_mkdir($copy_to_path, true)) {
644 fm_set_msg('Unable to create destination folder', 'error');
645 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
646 }
647 }
648 // move?
649 $move = isset($_POST['move']);
650 // copy/move
651 $errors = 0;
652 $files = $_POST['file'];
653 if (is_array($files) && count($files)) {
654 foreach ($files as $f) {
655 if ($f != '') {
656 // abs path from
657 $from = $path . '/' . $f;
658 // abs path to
659 $dest = $copy_to_path . '/' . $f;
660 // do
661 if ($move) {
662 $rename = fm_rename($from, $dest);
663 if ($rename === false) {
664 $errors++;
665 }
666 } else {
667 if (!fm_rcopy($from, $dest)) {
668 $errors++;
669 }
670 }
671 }
672 }
673 if ($errors == 0) {
674 $msg = $move ? 'Selected files and folders moved' : 'Selected files and folders copied';
675 fm_set_msg($msg);
676 } else {
677 $msg = $move ? 'Error while moving items' : 'Error while copying items';
678 fm_set_msg($msg, 'error');
679 }
680 } else {
681 fm_set_msg('Nothing selected', 'alert');
682 }
683 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
684}
685
686// Rename
687if (isset($_GET['ren'], $_GET['to']) && !FM_READONLY) {
688 // old name
689 $old = $_GET['ren'];
690 $old = fm_clean_path($old);
691 $old = str_replace('/', '', $old);
692 // new name
693 $new = $_GET['to'];
694 $new = fm_clean_path(strip_tags($new));
695 $new = str_replace('/', '', $new);
696 // path
697 $path = FM_ROOT_PATH;
698 if (FM_PATH != '') {
699 $path .= '/' . FM_PATH;
700 }
701 // rename
702 if ($old != '' && $new != '') {
703 if (fm_rename($path . '/' . $old, $path . '/' . $new)) {
704 fm_set_msg(sprintf('Renamed from <b>%s</b> to <b>%s</b>', fm_enc($old), fm_enc($new)));
705 } else {
706 fm_set_msg(sprintf('Error while renaming from <b>%s</b> to <b>%s</b>', fm_enc($old), fm_enc($new)), 'error');
707 }
708 } else {
709 fm_set_msg('Names not set', 'error');
710 }
711 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
712}
713
714// Download
715if (isset($_GET['dl'])) {
716 $dl = $_GET['dl'];
717 $dl = fm_clean_path($dl);
718 $dl = str_replace('/', '', $dl);
719 $path = FM_ROOT_PATH;
720 if (FM_PATH != '') {
721 $path .= '/' . FM_PATH;
722 }
723 if ($dl != '' && is_file($path . '/' . $dl)) {
724 header('Content-Description: File Transfer');
725 header('Content-Type: application/octet-stream');
726 header('Content-Disposition: attachment; filename="' . basename($path . '/' . $dl) . '"');
727 header('Content-Transfer-Encoding: binary');
728 header('Connection: Keep-Alive');
729 header('Expires: 0');
730 header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
731 header('Pragma: public');
732 header('Content-Length: ' . filesize($path . '/' . $dl));
733 ob_end_clean();
734 readfile($path . '/' . $dl);
735 exit;
736 } else {
737 fm_set_msg('File not found', 'error');
738 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
739 }
740}
741
742// Upload
743if (!empty($_FILES) && !FM_READONLY) {
744 $override_file_name = false;
745 $f = $_FILES;
746 $path = FM_ROOT_PATH;
747 $ds = DIRECTORY_SEPARATOR;
748 if (FM_PATH != '') {
749 $path .= '/' . FM_PATH;
750 }
751
752 $errors = 0;
753 $uploads = 0;
754 $allowed = (FM_EXTENSION) ? explode(',', FM_EXTENSION) : false;
755
756 $filename = $f['file']['name'];
757 $tmp_name = $f['file']['tmp_name'];
758 $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
759 $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true;
760
761 $targetPath = $path . $ds;
762 $fullPath = $path . '/' . $_REQUEST['fullpath'];
763 $folder = substr($fullPath, 0, strrpos($fullPath, "/"));
764
765 if(file_exists ($fullPath) && !$override_file_name) {
766 $ext_1 = $ext ? '.'.$ext : '';
767 $fullPath = str_replace($ext_1, '', $fullPath) .'_'. date('ymdHis'). $ext_1;
768 }
769
770 if (!is_dir($folder)) {
771 $old = umask(0);
772 mkdir($folder, 0777, true);
773 umask($old);
774 }
775
776 if (empty($f['file']['error']) && !empty($tmp_name) && $tmp_name != 'none' && $isFileAllowed) {
777 if (move_uploaded_file($tmp_name, $fullPath)) {
778 die('Successfully uploaded');
779 } else {
780 die(sprintf('Error while uploading files. Uploaded files: %s', $uploads));
781 }
782 }
783 exit();
784}
785
786// Mass deleting
787if (isset($_POST['group'], $_POST['delete']) && !FM_READONLY) {
788 $path = FM_ROOT_PATH;
789 if (FM_PATH != '') {
790 $path .= '/' . FM_PATH;
791 }
792
793 $errors = 0;
794 $files = $_POST['file'];
795 if (is_array($files) && count($files)) {
796 foreach ($files as $f) {
797 if ($f != '') {
798 $new_path = $path . '/' . $f;
799 if (!fm_rdelete($new_path)) {
800 $errors++;
801 }
802 }
803 }
804 if ($errors == 0) {
805 fm_set_msg('Selected files and folder deleted');
806 } else {
807 fm_set_msg('Error while deleting items', 'error');
808 }
809 } else {
810 fm_set_msg('Nothing selected', 'alert');
811 }
812
813 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
814}
815
816// Pack files
817if (isset($_POST['group']) && (isset($_POST['zip']) || isset($_POST['tar'])) && !FM_READONLY) {
818 $path = FM_ROOT_PATH;
819 $ext = 'zip';
820 if (FM_PATH != '') {
821 $path .= '/' . FM_PATH;
822 }
823
824 //set pack type
825 $ext = isset($_POST['tar']) ? 'tar' : 'zip';
826
827
828 if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) {
829 fm_set_msg('Operations with archives are not available', 'error');
830 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
831 }
832
833 $files = $_POST['file'];
834 if (!empty($files)) {
835 chdir($path);
836
837 if (count($files) == 1) {
838 $one_file = reset($files);
839 $one_file = basename($one_file);
840 $zipname = $one_file . '_' . date('ymd_His') . '.'.$ext;
841 } else {
842 $zipname = 'archive_' . date('ymd_His') . '.'.$ext;
843 }
844
845 if($ext == 'zip') {
846 $zipper = new FM_Zipper();
847 $res = $zipper->create($zipname, $files);
848 } elseif ($ext == 'tar') {
849 $tar = new FM_Zipper_Tar();
850 $res = $tar->create($zipname, $files);
851 }
852
853 if ($res) {
854 fm_set_msg(sprintf('Archive <b>%s</b> created', fm_enc($zipname)));
855 } else {
856 fm_set_msg('Archive not created', 'error');
857 }
858 } else {
859 fm_set_msg('Nothing selected', 'alert');
860 }
861
862 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
863}
864
865// Unpack
866if (isset($_GET['unzip']) && !FM_READONLY) {
867 $unzip = $_GET['unzip'];
868 $unzip = fm_clean_path($unzip);
869 $unzip = str_replace('/', '', $unzip);
870 $isValid = false;
871
872 $path = FM_ROOT_PATH;
873 if (FM_PATH != '') {
874 $path .= '/' . FM_PATH;
875 }
876
877 if ($unzip != '' && is_file($path . '/' . $unzip)) {
878 $zip_path = $path . '/' . $unzip;
879 $ext = pathinfo($zip_path, PATHINFO_EXTENSION);
880 $isValid = true;
881 } else {
882 fm_set_msg('File not found', 'error');
883 }
884
885
886 if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) {
887 fm_set_msg('Operations with archives are not available', 'error');
888 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
889 }
890
891 if ($isValid) {
892 //to folder
893 $tofolder = '';
894 if (isset($_GET['tofolder'])) {
895 $tofolder = pathinfo($zip_path, PATHINFO_FILENAME);
896 if (fm_mkdir($path . '/' . $tofolder, true)) {
897 $path .= '/' . $tofolder;
898 }
899 }
900
901 if($ext == "zip") {
902 $zipper = new FM_Zipper();
903 $res = $zipper->unzip($zip_path, $path);
904 } elseif ($ext == "tar") {
905 $gzipper = new PharData($zip_path);
906 $res = $gzipper->extractTo($path);
907 }
908
909 if ($res) {
910 fm_set_msg('Archive unpacked');
911 } else {
912 fm_set_msg('Archive not unpacked', 'error');
913 }
914
915 } else {
916 fm_set_msg('File not found', 'error');
917 }
918 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
919}
920
921// Change Perms (not for Windows)
922if (isset($_POST['chmod']) && !FM_READONLY && !FM_IS_WIN) {
923 $path = FM_ROOT_PATH;
924 if (FM_PATH != '') {
925 $path .= '/' . FM_PATH;
926 }
927
928 $file = $_POST['chmod'];
929 $file = fm_clean_path($file);
930 $file = str_replace('/', '', $file);
931 if ($file == '' || (!is_file($path . '/' . $file) && !is_dir($path . '/' . $file))) {
932 fm_set_msg('File not found', 'error');
933 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
934 }
935
936 $mode = 0;
937 if (!empty($_POST['ur'])) {
938 $mode |= 0400;
939 }
940 if (!empty($_POST['uw'])) {
941 $mode |= 0200;
942 }
943 if (!empty($_POST['ux'])) {
944 $mode |= 0100;
945 }
946 if (!empty($_POST['gr'])) {
947 $mode |= 0040;
948 }
949 if (!empty($_POST['gw'])) {
950 $mode |= 0020;
951 }
952 if (!empty($_POST['gx'])) {
953 $mode |= 0010;
954 }
955 if (!empty($_POST['or'])) {
956 $mode |= 0004;
957 }
958 if (!empty($_POST['ow'])) {
959 $mode |= 0002;
960 }
961 if (!empty($_POST['ox'])) {
962 $mode |= 0001;
963 }
964
965 if (@chmod($path . '/' . $file, $mode)) {
966 fm_set_msg('Permissions changed');
967 } else {
968 fm_set_msg('Permissions not changed', 'error');
969 }
970
971 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
972}
973
974/*************************** /ACTIONS ***************************/
975
976// get current path
977$path = FM_ROOT_PATH;
978if (FM_PATH != '') {
979 $path .= '/' . FM_PATH;
980}
981
982// check path
983if (!is_dir($path)) {
984 fm_redirect(FM_SELF_URL . '?p=');
985}
986
987// get parent folder
988$parent = fm_get_parent_path(FM_PATH);
989
990$objects = is_readable($path) ? scandir($path) : array();
991$folders = array();
992$files = array();
993if (is_array($objects)) {
994 foreach ($objects as $file) {
995 if ($file == '.' || $file == '..' && in_array($file, $GLOBALS['exclude_items'])) {
996 continue;
997 }
998 if (!FM_SHOW_HIDDEN && substr($file, 0, 1) === '.') {
999 continue;
1000 }
1001 $new_path = $path . '/' . $file;
1002 if (@is_file($new_path) && !in_array($file, $GLOBALS['exclude_items'])) {
1003 $files[] = $file;
1004 } elseif (@is_dir($new_path) && $file != '.' && $file != '..' && !in_array($file, $GLOBALS['exclude_items'])) {
1005 $folders[] = $file;
1006 }
1007 }
1008}
1009
1010if (!empty($files)) {
1011 natcasesort($files);
1012}
1013if (!empty($folders)) {
1014 natcasesort($folders);
1015}
1016
1017// upload form
1018if (isset($_GET['upload']) && !FM_READONLY) {
1019 fm_show_header(); // HEADER
1020 fm_show_nav_path(FM_PATH); // current path
1021 ?>
1022
1023 <link href="https://cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.css" rel="stylesheet">
1024 <div class="path">
1025
1026 <div class="card mb-2 fm-upload-wrapper">
1027 <div class="card-header">
1028 <ul class="nav nav-tabs card-header-tabs">
1029 <li class="nav-item">
1030 <a class="nav-link active" href="#fileUploader" data-target="#fileUploader"><i class="fa fa-arrow-circle-o-up"></i> <?php echo lng('UploadingFiles') ?></a>
1031 </li>
1032 <li class="nav-item">
1033 <a class="nav-link" href="#urlUploader" class="js-url-upload" data-target="#urlUploader"><i class="fa fa-link"></i> Upload from URL</a>
1034 </li>
1035 </ul>
1036 </div>
1037 <div class="card-body">
1038 <p class="card-text">
1039 <a href="?p=<?php echo FM_PATH ?>" class="float-right"><i class="fa fa-chevron-circle-left go-back"></i> <?php echo lng('Back')?></a>
1040 <?php echo lng('DestinationFolder') ?>: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . FM_PATH)) ?>
1041 </p>
1042
1043 <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) . '?p=' . fm_enc(FM_PATH) ?>" class="dropzone card-tabs-container" id="fileUploader" enctype="multipart/form-data">
1044 <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
1045 <input type="hidden" name="fullpath" id="fullpath" value="<?php echo fm_enc(FM_PATH) ?>">
1046 <div class="fallback">
1047 <input name="file" type="file" multiple/>
1048 </div>
1049 </form>
1050
1051 <div class="upload-url-wrapper card-tabs-container hidden" id="urlUploader">
1052 <form id="js-form-url-upload" class="form-inline" onsubmit="return upload_from_url(this);" method="POST" action="">
1053 <input type="hidden" name="type" value="upload" aria-label="hidden" aria-hidden="true">
1054 <input type="url" placeholder="URL" name="uploadurl" required class="form-control" style="width: 80%">
1055 <button type="submit" class="btn btn-primary ml-3"><?php echo lng('Upload') ?></button>
1056 <div class="lds-facebook"><div></div><div></div><div></div></div>
1057 </form>
1058 <div id="js-url-upload__list" class="col-9 mt-3"></div>
1059 </div>
1060 </div>
1061 </div>
1062 </div>
1063 <script src="https://cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.js"></script>
1064 <script>
1065 Dropzone.options.fileUploader = {
1066 timeout: 120000,
1067 maxFilesize: <?php echo MAX_UPLOAD_SIZE; ?>,
1068 init: function () {
1069 this.on("sending", function (file, xhr, formData) {
1070 let _path = (file.fullPath) ? file.fullPath : file.name;
1071 document.getElementById("fullpath").value = _path;
1072 xhr.ontimeout = (function() {
1073 alert('Error: Server Timeout');
1074 });
1075 }).on("success", function (res) {
1076 console.log('Upload Status >> ', res.status);
1077 }).on("error", function(file, response) {
1078 alert(response);
1079 });
1080 }
1081 }
1082 </script>
1083 <?php
1084 fm_show_footer();
1085 exit;
1086}
1087
1088// copy form POST
1089if (isset($_POST['copy']) && !FM_READONLY) {
1090 $copy_files = $_POST['file'];
1091 if (!is_array($copy_files) || empty($copy_files)) {
1092 fm_set_msg('Nothing selected', 'alert');
1093 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1094 }
1095
1096 fm_show_header(); // HEADER
1097 fm_show_nav_path(FM_PATH); // current path
1098 ?>
1099 <div class="path">
1100 <div class="card">
1101 <div class="card-header">
1102 <h6><?php echo lng('Copying') ?></h6>
1103 </div>
1104 <div class="card-body">
1105 <form action="" method="post">
1106 <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
1107 <input type="hidden" name="finish" value="1">
1108 <?php
1109 foreach ($copy_files as $cf) {
1110 echo '<input type="hidden" name="file[]" value="' . fm_enc($cf) . '">' . PHP_EOL;
1111 }
1112 ?>
1113 <p class="break-word"><?php echo lng('Files') ?>: <b><?php echo implode('</b>, <b>', $copy_files) ?></b></p>
1114 <p class="break-word"><?php echo lng('SourceFolder') ?>: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . FM_PATH)) ?><br>
1115 <label for="inp_copy_to"><?php echo lng('DestinationFolder') ?>:</label>
1116 <?php echo FM_ROOT_PATH ?>/<input type="text" name="copy_to" id="inp_copy_to" value="<?php echo fm_enc(FM_PATH) ?>">
1117 </p>
1118 <p class="custom-checkbox custom-control"><input type="checkbox" name="move" value="1" id="js-move-files" class="custom-control-input"><label for="js-move-files" class="custom-control-label" style="vertical-align: sub"> <?php echo lng('Move') ?></label></p>
1119 <p>
1120 <button type="submit" class="btn btn-success"><i class="fa fa-check-circle"></i> <?php echo lng('Copy') ?></button>
1121 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>" class="btn btn-outline-primary"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></a></b>
1122 </p>
1123 </form>
1124 </div>
1125 </div>
1126 </div>
1127 <?php
1128 fm_show_footer();
1129 exit;
1130}
1131
1132// copy form
1133if (isset($_GET['copy']) && !isset($_GET['finish']) && !FM_READONLY) {
1134 $copy = $_GET['copy'];
1135 $copy = fm_clean_path($copy);
1136 if ($copy == '' || !file_exists(FM_ROOT_PATH . '/' . $copy)) {
1137 fm_set_msg('File not found', 'error');
1138 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1139 }
1140
1141 fm_show_header(); // HEADER
1142 fm_show_nav_path(FM_PATH); // current path
1143 ?>
1144 <div class="path">
1145 <p><b>Copying</b></p>
1146 <p class="break-word">
1147 Source path: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . $copy)) ?><br>
1148 Destination folder: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . FM_PATH)) ?>
1149 </p>
1150 <p>
1151 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode($copy) ?>&finish=1"><i class="fa fa-check-circle"></i> Copy</a></b>
1152 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode($copy) ?>&finish=1&move=1"><i class="fa fa-check-circle"></i> Move</a></b>
1153 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>"><i class="fa fa-times-circle"></i> Cancel</a></b>
1154 </p>
1155 <p><i>Select folder</i></p>
1156 <ul class="folders break-word">
1157 <?php
1158 if ($parent !== false) {
1159 ?>
1160 <li><a href="?p=<?php echo urlencode($parent) ?>&copy=<?php echo urlencode($copy) ?>"><i class="fa fa-chevron-circle-left"></i> ..</a></li>
1161 <?php
1162 }
1163 foreach ($folders as $f) {
1164 ?>
1165 <li>
1166 <a href="?p=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>&copy=<?php echo urlencode($copy) ?>"><i class="fa fa-folder-o"></i> <?php echo fm_convert_win($f) ?></a></li>
1167 <?php
1168 }
1169 ?>
1170 </ul>
1171 </div>
1172 <?php
1173 fm_show_footer();
1174 exit;
1175}
1176
1177if (isset($_GET['settings']) && !FM_READONLY) {
1178 fm_show_header(); // HEADER
1179 fm_show_nav_path(FM_PATH); // current path
1180 global $cfg, $lang, $lang_list;
1181 ?>
1182
1183 <div class="col-md-8 offset-md-2 pt-3">
1184 <div class="card mb-2">
1185 <h6 class="card-header">
1186 <i class="fa fa-cog"></i> <?php echo lng('Settings') ?>
1187 <a href="?p=<?php echo FM_PATH ?>" class="float-right"><i class="fa fa-window-close"></i> <?php echo lng('Cancel')?></a>
1188 </h6>
1189 <div class="card-body">
1190 <form id="js-settings-form" action="" method="post" data-type="ajax" onsubmit="return save_settings(this)">
1191 <input type="hidden" name="type" value="settings" aria-label="hidden" aria-hidden="true">
1192 <div class="form-group row">
1193 <label for="js-language" class="col-sm-3 col-form-label"><?php echo lng('Language') ?></label>
1194 <div class="col-sm-5">
1195 <select class="form-control" id="js-language" name="js-language">
1196 <?php
1197 function getSelected($l) {
1198 global $lang;
1199 return ($lang == $l) ? 'selected' : '';
1200 }
1201 foreach ($lang_list as $k => $v) {
1202 echo "<option value='$k' ".getSelected($k).">$v</option>";
1203 }
1204 ?>
1205 </select>
1206 </div>
1207 </div>
1208 <?php
1209 //get ON/OFF and active class
1210 function getChecked($conf, $val, $txt) {
1211 if($conf== 1 && $val ==1) {
1212 return $txt;
1213 } else if($conf == '' && $val == '') {
1214 return $txt;
1215 } else {
1216 return '';
1217 }
1218 }
1219 ?>
1220 <div class="form-group row">
1221 <label for="js-err-rpt-1" class="col-sm-3 col-form-label"><?php echo lng('ErrorReporting') ?></label>
1222 <div class="col-sm-9">
1223 <div class="btn-group btn-group-toggle" data-toggle="buttons">
1224 <label class="btn btn-secondary <?php echo getChecked($report_errors, 1, 'active') ?>">
1225 <input type="radio" name="js-error-report" id="js-err-rpt-1" autocomplete="off" value="true" <?php echo getChecked($report_errors, 1, 'checked') ?> > ON
1226 </label>
1227 <label class="btn btn-secondary <?php echo getChecked($report_errors, '', 'active') ?>">
1228 <input type="radio" name="js-error-report" id="js-err-rpt-0" autocomplete="off" value="false" <?php echo getChecked($report_errors, '', 'checked') ?> > OFF
1229 </label>
1230 </div>
1231 </div>
1232 </div>
1233
1234 <div class="form-group row">
1235 <label for="js-hdn-1" class="col-sm-3 col-form-label"><?php echo lng('ShowHiddenFiles') ?></label>
1236 <div class="col-sm-9">
1237 <div class="btn-group btn-group-toggle" data-toggle="buttons">
1238 <label class="btn btn-secondary <?php echo getChecked($show_hidden_files, 1, 'active') ?>">
1239 <input type="radio" name="js-show-hidden" id="js-hdn-1" autocomplete="off" value="true" <?php echo getChecked($show_hidden_files, 1, 'checked') ?> > ON
1240 </label>
1241 <label class="btn btn-secondary <?php echo getChecked($show_hidden_files, '', 'active') ?>">
1242 <input type="radio" name="js-show-hidden" id="js-hdn-0" autocomplete="off" value="false" <?php echo getChecked($show_hidden_files, '', 'checked') ?> > OFF
1243 </label>
1244 </div>
1245 </div>
1246 </div>
1247
1248 <div class="form-group row">
1249 <label for="js-hid-1" class="col-sm-3 col-form-label"><?php echo lng('HideColumns') ?></label>
1250 <div class="col-sm-9">
1251 <div class="btn-group btn-group-toggle" data-toggle="buttons">
1252 <label class="btn btn-secondary <?php echo getChecked($hide_Cols, 1, 'active') ?>">
1253 <input type="radio" name="js-hide-cols" id="js-hid-1" autocomplete="off" value="true" <?php echo getChecked($hide_Cols, 1, 'checked') ?> > ON
1254 </label>
1255 <label class="btn btn-secondary <?php echo getChecked($hide_Cols, '', 'active') ?>">
1256 <input type="radio" name="js-hide-cols" id="js-hid-0" autocomplete="off" value="false" <?php echo getChecked($hide_Cols, '', 'checked') ?> > OFF
1257 </label>
1258 </div>
1259 </div>
1260 </div>
1261
1262 <div class="form-group row">
1263 <label for="js-dir-1" class="col-sm-3 col-form-label"><?php echo lng('CalculateFolderSize') ?></label>
1264 <div class="col-sm-9">
1265 <div class="btn-group btn-group-toggle" data-toggle="buttons">
1266 <label class="btn btn-secondary <?php echo getChecked($calc_folder, 1, 'active') ?>">
1267 <input type="radio" name="js-calc-folder" id="js-dir-1" autocomplete="off" value="true" <?php echo getChecked($calc_folder, 1, 'checked') ?> > ON
1268 </label>
1269 <label class="btn btn-secondary <?php echo getChecked($calc_folder, '', 'active') ?>">
1270 <input type="radio" name="js-calc-folder" id="js-dir-0" autocomplete="off" value="false" <?php echo getChecked($calc_folder, '', 'checked') ?> > OFF
1271 </label>
1272 </div>
1273 </div>
1274 </div>
1275
1276 <div class="form-group row">
1277 <div class="col-sm-10">
1278 <button type="submit" class="btn btn-success"> <i class="fa fa-check-circle"></i> <?php echo lng('Save'); ?></button>
1279 </div>
1280 </div>
1281
1282 </form>
1283 </div>
1284 </div>
1285 </div>
1286 <?php
1287 fm_show_footer();
1288 exit;
1289}
1290
1291if (isset($_GET['help'])) {
1292 fm_show_header(); // HEADER
1293 fm_show_nav_path(FM_PATH); // current path
1294 global $cfg, $lang;
1295 ?>
1296
1297 <div class="col-md-8 offset-md-2 pt-3">
1298 <div class="card mb-2">
1299 <h6 class="card-header">
1300 <i class="fa fa-exclamation-circle"></i> <?php echo lng('Help') ?>
1301 <a href="?p=<?php echo FM_PATH ?>" class="float-right"><i class="fa fa-window-close"></i> <?php echo lng('Cancel')?></a>
1302 </h6>
1303 <div class="card-body">
1304 <div class="row">
1305 <div class="col-xs-12 col-sm-6">
1306 <p><h3><a href="https://github.com/prasathmani/tinyfilemanager" target="_blank" class="app-v-title"> Tiny File Manager <?php echo VERSION; ?></a></h3></p>
1307 <p>Author: Prasath Mani</p>
1308 <p>Mail Us: <a href="mailto:ccpprogrammers@gmail.com">ccpprogrammers[at]gmail.com</a> </p>
1309 </div>
1310 <div class="col-xs-12 col-sm-6">
1311 <div class="card">
1312 <ul class="list-group list-group-flush">
1313 <li class="list-group-item"><a href="https://tinyfilemanager.github.io/docs/" target="_blank"><i class="fa fa-question-circle"></i> <?php echo lng('Help Documents') ?> </a> </li>
1314 <li class="list-group-item"><a href="https://github.com/prasathmani/tinyfilemanager/issues" target="_blank"><i class="fa fa-bug"></i> <?php echo lng('Report Issue') ?></a></li>
1315 <li class="list-group-item"><a href="javascript:latest_release_info('<?php echo VERSION; ?>');"><i class="fa fa-link"> </i> <?php echo lng('Check Latest Version') ?></a></li>
1316 <?php if(!FM_READONLY) { ?>
1317 <li class="list-group-item"><a href="javascript:show_new_pwd();"><i class="fa fa-lock"></i> <?php echo lng('Generate new password hash') ?></a></li>
1318 <?php } ?>
1319 </ul>
1320 </div>
1321 </div>
1322 </div>
1323 <div class="row js-new-pwd hidden mt-2">
1324 <div class="col-12">
1325 <form class="form-inline" onsubmit="return new_password_hash(this)" method="POST" action="">
1326 <input type="hidden" name="type" value="pwdhash" aria-label="hidden" aria-hidden="true">
1327 <div class="form-group mb-2">
1328 <label for="staticEmail2"><?php echo lng('Generate new password hash') ?></label>
1329 </div>
1330 <div class="form-group mx-sm-3 mb-2">
1331 <label for="inputPassword2" class="sr-only"><?php echo lng('Password') ?></label>
1332 <input type="text" class="form-control btn-sm" id="inputPassword2" name="inputPassword2" placeholder="Password" required>
1333 </div>
1334 <button type="submit" class="btn btn-success btn-sm mb-2"><?php echo lng('Generate') ?></button>
1335 </form>
1336 <textarea class="form-control" rows="2" readonly id="js-pwd-result"></textarea>
1337 </div>
1338 </div>
1339 </div>
1340 </div>
1341 </div>
1342 <?php
1343 fm_show_footer();
1344 exit;
1345}
1346
1347// file viewer
1348if (isset($_GET['view'])) {
1349 $file = $_GET['view'];
1350 $quickView = (isset($_GET['quickView']) && $_GET['quickView'] == 1) ? true : false;
1351 $file = fm_clean_path($file, false);
1352 $file = str_replace('/', '', $file);
1353 if ($file == '' || !is_file($path . '/' . $file) || in_array($file, $GLOBALS['exclude_items'])) {
1354 fm_set_msg('File not found', 'error');
1355 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1356 }
1357
1358 if(!$quickView) {
1359 fm_show_header(); // HEADER
1360 fm_show_nav_path(FM_PATH); // current path
1361 }
1362
1363 $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file);
1364 $file_path = $path . '/' . $file;
1365
1366 $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION));
1367 $mime_type = fm_get_mime_type($file_path);
1368 $filesize = fm_get_filesize(filesize($file_path));
1369
1370 $is_zip = false;
1371 $is_gzip = false;
1372 $is_image = false;
1373 $is_audio = false;
1374 $is_video = false;
1375 $is_text = false;
1376 $is_onlineViewer = false;
1377
1378 $view_title = 'File';
1379 $filenames = false; // for zip
1380 $content = ''; // for text
1381 $online_viewer = strtolower($GLOBALS['online_viewer']);
1382
1383 if($online_viewer && $online_viewer !== 'false' && in_array($ext, fm_get_onlineViewer_exts())){
1384 $is_onlineViewer = true;
1385 }
1386 elseif ($ext == 'zip' || $ext == 'tar') {
1387 $is_zip = true;
1388 $view_title = 'Archive';
1389 $filenames = fm_get_zif_info($file_path, $ext);
1390 } elseif (in_array($ext, fm_get_image_exts())) {
1391 $is_image = true;
1392 $view_title = 'Image';
1393 } elseif (in_array($ext, fm_get_audio_exts())) {
1394 $is_audio = true;
1395 $view_title = 'Audio';
1396 } elseif (in_array($ext, fm_get_video_exts())) {
1397 $is_video = true;
1398 $view_title = 'Video';
1399 } elseif (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) {
1400 $is_text = true;
1401 $content = file_get_contents($file_path);
1402 }
1403
1404 ?>
1405 <div class="row">
1406 <div class="col-12">
1407 <?php if(!$quickView) { ?>
1408 <p class="break-word"><b><?php echo $view_title ?> "<?php echo fm_enc(fm_convert_win($file)) ?>"</b></p>
1409 <p class="break-word">
1410 Full path: <?php echo fm_enc(fm_convert_win($file_path)) ?><br>
1411 File
1412 size: <?php echo fm_get_filesize($filesize) ?><?php if ($filesize >= 1000): ?> (<?php echo sprintf('%s bytes', $filesize) ?>)<?php endif; ?>
1413 <br>
1414 MIME-type: <?php echo $mime_type ?><br>
1415 <?php
1416 // ZIP info
1417 if (($is_zip || $is_gzip) && $filenames !== false) {
1418 $total_files = 0;
1419 $total_comp = 0;
1420 $total_uncomp = 0;
1421 foreach ($filenames as $fn) {
1422 if (!$fn['folder']) {
1423 $total_files++;
1424 }
1425 $total_comp += $fn['compressed_size'];
1426 $total_uncomp += $fn['filesize'];
1427 }
1428 ?>
1429 Files in archive: <?php echo $total_files ?><br>
1430 Total size: <?php echo fm_get_filesize($total_uncomp) ?><br>
1431 Size in archive: <?php echo fm_get_filesize($total_comp) ?><br>
1432 Compression: <?php echo round(($total_comp / $total_uncomp) * 100) ?>%<br>
1433 <?php
1434 }
1435 // Image info
1436 if ($is_image) {
1437 $image_size = getimagesize($file_path);
1438 echo 'Image sizes: ' . (isset($image_size[0]) ? $image_size[0] : '0') . ' x ' . (isset($image_size[1]) ? $image_size[1] : '0') . '<br>';
1439 }
1440 // Text info
1441 if ($is_text) {
1442 $is_utf8 = fm_is_utf8($content);
1443 if (function_exists('iconv')) {
1444 if (!$is_utf8) {
1445 $content = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $content);
1446 }
1447 }
1448 echo 'Charset: ' . ($is_utf8 ? 'utf-8' : '8 bit') . '<br>';
1449 }
1450 ?>
1451 </p>
1452 <p>
1453 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&dl=<?php echo urlencode($file) ?>"><i class="fa fa-cloud-download"></i> <?php echo lng('Download') ?></a></b>
1454 <b><a href="<?php echo fm_enc($file_url) ?>" target="_blank"><i class="fa fa-external-link-square"></i> <?php echo lng('Open') ?></a></b>
1455
1456 <?php
1457 // ZIP actions
1458 if (!FM_READONLY && ($is_zip || $is_gzip) && $filenames !== false) {
1459 $zip_name = pathinfo($file_path, PATHINFO_FILENAME);
1460 ?>
1461 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&unzip=<?php echo urlencode($file) ?>"><i class="fa fa-check-circle"></i> <?php echo lng('UnZip') ?></a></b>
1462 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&unzip=<?php echo urlencode($file) ?>&tofolder=1" title="UnZip to <?php echo fm_enc($zip_name) ?>"><i class="fa fa-check-circle"></i>
1463 <?php echo lng('UnZipToFolder') ?></a></b>
1464 <?php
1465 }
1466 if ($is_text && !FM_READONLY) {
1467 ?>
1468 <b><a href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>" class="edit-file"><i class="fa fa-pencil-square"></i> <?php echo lng('Edit') ?>
1469 </a></b>
1470 <b><a href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>&env=ace"
1471 class="edit-file"><i class="fa fa-pencil-square-o"></i> <?php echo lng('AdvancedEditor') ?>
1472 </a></b>
1473 <?php } ?>
1474 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>"><i class="fa fa-chevron-circle-left go-back"></i> <?php echo lng('Back') ?></a></b>
1475 </p>
1476 <?php
1477 }
1478 if($is_onlineViewer) {
1479 if($online_viewer == 'google') {
1480 echo '<iframe src="https://docs.google.com/viewer?embedded=true&hl=en&url=' . fm_enc($file_url) . '" frameborder="no" style="width:100%;min-height:460px"></iframe>';
1481 } else if($online_viewer == 'microsoft') {
1482 echo '<iframe src="https://view.officeapps.live.com/op/embed.aspx?src=' . fm_enc($file_url) . '" frameborder="no" style="width:100%;min-height:460px"></iframe>';
1483 }
1484 } elseif ($is_zip) {
1485 // ZIP content
1486 if ($filenames !== false) {
1487 echo '<code class="maxheight">';
1488 foreach ($filenames as $fn) {
1489 if ($fn['folder']) {
1490 echo '<b>' . fm_enc($fn['name']) . '</b><br>';
1491 } else {
1492 echo $fn['name'] . ' (' . fm_get_filesize($fn['filesize']) . ')<br>';
1493 }
1494 }
1495 echo '</code>';
1496 } else {
1497 echo '<p>Error while fetching archive info</p>';
1498 }
1499 } elseif ($is_image) {
1500 // Image content
1501 if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg'))) {
1502 echo '<p><img src="' . fm_enc($file_url) . '" alt="" class="preview-img"></p>';
1503 }
1504 } elseif ($is_audio) {
1505 // Audio content
1506 echo '<p><audio src="' . fm_enc($file_url) . '" controls preload="metadata"></audio></p>';
1507 } elseif ($is_video) {
1508 // Video content
1509 echo '<div class="preview-video"><video src="' . fm_enc($file_url) . '" width="640" height="360" controls preload="metadata"></video></div>';
1510 } elseif ($is_text) {
1511 if (FM_USE_HIGHLIGHTJS) {
1512 // highlight
1513 $hljs_classes = array(
1514 'shtml' => 'xml',
1515 'htaccess' => 'apache',
1516 'phtml' => 'php',
1517 'lock' => 'json',
1518 'svg' => 'xml',
1519 );
1520 $hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext;
1521 if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) {
1522 $hljs_class = 'nohighlight';
1523 }
1524 $content = '<pre class="with-hljs"><code class="' . $hljs_class . '">' . fm_enc($content) . '</code></pre>';
1525 } elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) {
1526 // php highlight
1527 $content = highlight_string($content, true);
1528 } else {
1529 $content = '<pre>' . fm_enc($content) . '</pre>';
1530 }
1531 echo $content;
1532 }
1533 ?>
1534 </div>
1535 </div>
1536 <?php
1537 if(!$quickView) {
1538 fm_show_footer();
1539 }
1540 exit;
1541}
1542
1543// file editor
1544if (isset($_GET['edit'])) {
1545 $file = $_GET['edit'];
1546 $file = fm_clean_path($file, false);
1547 $file = str_replace('/', '', $file);
1548 if ($file == '' || !is_file($path . '/' . $file)) {
1549 fm_set_msg('File not found', 'error');
1550 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1551 }
1552 header('X-XSS-Protection:0');
1553 fm_show_header(); // HEADER
1554 fm_show_nav_path(FM_PATH); // current path
1555
1556 $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file);
1557 $file_path = $path . '/' . $file;
1558
1559 // normal editer
1560 $isNormalEditor = true;
1561 if (isset($_GET['env'])) {
1562 if ($_GET['env'] == "ace") {
1563 $isNormalEditor = false;
1564 }
1565 }
1566
1567 // Save File
1568 if (isset($_POST['savedata'])) {
1569 $writedata = $_POST['savedata'];
1570 $fd = fopen($file_path, "w");
1571 @fwrite($fd, $writedata);
1572 fclose($fd);
1573 fm_set_msg('File Saved Successfully');
1574 }
1575
1576 $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION));
1577 $mime_type = fm_get_mime_type($file_path);
1578 $filesize = filesize($file_path);
1579 $is_text = false;
1580 $content = ''; // for text
1581
1582 if (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) {
1583 $is_text = true;
1584 $content = file_get_contents($file_path);
1585 }
1586
1587 ?>
1588 <div class="path">
1589 <div class="row">
1590 <div class="col-xs-12 col-sm-5 col-lg-6 pt-1">
1591 <div class="btn-toolbar" role="toolbar">
1592 <?php if (!$isNormalEditor) { ?>
1593 <div class="btn-group js-ace-toolbar">
1594 <button data-cmd="none" data-option="fullscreen" class="btn btn-sm btn-outline-secondary" id="js-ace-fullscreen" title="Fullscreen"><i class="fa fa-expand" title="Fullscreen"></i></button>
1595 <button data-cmd="find" class="btn btn-sm btn-outline-secondary" id="js-ace-search" title="Search"><i class="fa fa-search" title="Search"></i></button>
1596 <button data-cmd="undo" class="btn btn-sm btn-outline-secondary" id="js-ace-undo" title="Undo"><i class="fa fa-undo" title="Undo"></i></button>
1597 <button data-cmd="redo" class="btn btn-sm btn-outline-secondary" id="js-ace-redo" title="Redo"><i class="fa fa-repeat" title="Redo"></i></button>
1598 <button data-cmd="none" data-option="wrap" class="btn btn-sm btn-outline-secondary" id="js-ace-wordWrap" title="Word Wrap"><i class="fa fa-text-width" title="Word Wrap"></i></button>
1599 <button data-cmd="none" data-option="help" class="btn btn-sm btn-outline-secondary" id="js-ace-goLine" title="Help"><i class="fa fa-question" title="Help"></i></button>
1600 <select id="js-ace-mode" data-type="mode" title="Select Document Type" class="btn-outline-secondary border-left-0 d-none d-md-block"><option>-- Select Mode --</option></select>
1601 <select id="js-ace-theme" data-type="theme" title="Select Theme" class="btn-outline-secondary border-left-0 d-none d-lg-block"><option>-- Select Theme --</option></select>
1602 </div>
1603 <?php } ?>
1604 </div>
1605 </div>
1606 <div class="edit-file-actions col-xs-12 col-sm-7 col-lg-6 text-right pt-1">
1607 <a title="Back" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&view=<?php echo urlencode($file) ?>"><i class="fa fa-reply-all"></i> <?php echo lng('Back') ?></a>
1608 <a title="Backup" class="btn btn-sm btn-outline-primary" href="javascript:backup('<?php echo urlencode($path) ?>','<?php echo urlencode($file) ?>')"><i class="fa fa-database"></i> <?php echo lng('BackUp') ?></a>
1609 <?php if ($is_text) { ?>
1610 <?php if ($isNormalEditor) { ?>
1611 <a title="Advanced" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>&env=ace"><i class="fa fa-pencil-square-o"></i> <?php echo lng('AdvancedEditor') ?></a>
1612 <button type="button" class="btn btn-sm btn-outline-primary name="Save" data-url="<?php echo fm_enc($file_url) ?>" onclick="edit_save(this,'nrl')"><i class="fa fa-floppy-o"></i> Save
1613 </button>
1614 <?php } else { ?>
1615 <a title="Plain Editor" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>"><i class="fa fa-text-height"></i> <?php echo lng('NormalEditor') ?></a>
1616 <button type="button" class="btn btn-sm btn-outline-primary" name="Save" data-url="<?php echo fm_enc($file_url) ?>" onclick="edit_save(this,'ace')"><i class="fa fa-floppy-o"></i> <?php echo lng('Save') ?>
1617 </button>
1618 <?php } ?>
1619 <?php } ?>
1620 </div>
1621 </div>
1622 <?php
1623 if ($is_text && $isNormalEditor) {
1624 echo '<textarea class="mt-2" id="normal-editor" rows="33" cols="120" style="width: 99.5%;">' . htmlspecialchars($content) . '</textarea>';
1625 } elseif ($is_text) {
1626 echo '<div id="editor" contenteditable="true">' . htmlspecialchars($content) . '</div>';
1627 } else {
1628 fm_set_msg('FILE EXTENSION HAS NOT SUPPORTED', 'error');
1629 }
1630 ?>
1631 </div>
1632 <?php
1633 fm_show_footer();
1634 exit;
1635}
1636
1637// chmod (not for Windows)
1638if (isset($_GET['chmod']) && !FM_READONLY && !FM_IS_WIN) {
1639 $file = $_GET['chmod'];
1640 $file = fm_clean_path($file);
1641 $file = str_replace('/', '', $file);
1642 if ($file == '' || (!is_file($path . '/' . $file) && !is_dir($path . '/' . $file))) {
1643 fm_set_msg('File not found', 'error');
1644 fm_redirect(FM_SELF_URL . '?p=' . urlencode(FM_PATH));
1645 }
1646
1647 fm_show_header(); // HEADER
1648 fm_show_nav_path(FM_PATH); // current path
1649
1650 $file_url = FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file;
1651 $file_path = $path . '/' . $file;
1652
1653 $mode = fileperms($path . '/' . $file);
1654
1655 ?>
1656 <div class="path">
1657 <div class="card mb-2">
1658 <h6 class="card-header">
1659 <?php echo lng('ChangePermissions') ?>
1660 </h6>
1661 <div class="card-body">
1662 <p class="card-text">
1663 Full path: <?php echo $file_path ?><br>
1664 </p>
1665 <form action="" method="post">
1666 <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
1667 <input type="hidden" name="chmod" value="<?php echo fm_enc($file) ?>">
1668
1669 <table class="table compact-table">
1670 <tr>
1671 <td></td>
1672 <td><b><?php echo lng('Owner') ?></b></td>
1673 <td><b><?php echo lng('Group') ?></b></td>
1674 <td><b><?php echo lng('Other') ?></b></td>
1675 </tr>
1676 <tr>
1677 <td style="text-align: right"><b><?php echo lng('Read') ?></b></td>
1678 <td><label><input type="checkbox" name="ur" value="1"<?php echo ($mode & 00400) ? ' checked' : '' ?>></label></td>
1679 <td><label><input type="checkbox" name="gr" value="1"<?php echo ($mode & 00040) ? ' checked' : '' ?>></label></td>
1680 <td><label><input type="checkbox" name="or" value="1"<?php echo ($mode & 00004) ? ' checked' : '' ?>></label></td>
1681 </tr>
1682 <tr>
1683 <td style="text-align: right"><b><?php echo lng('Write') ?></b></td>
1684 <td><label><input type="checkbox" name="uw" value="1"<?php echo ($mode & 00200) ? ' checked' : '' ?>></label></td>
1685 <td><label><input type="checkbox" name="gw" value="1"<?php echo ($mode & 00020) ? ' checked' : '' ?>></label></td>
1686 <td><label><input type="checkbox" name="ow" value="1"<?php echo ($mode & 00002) ? ' checked' : '' ?>></label></td>
1687 </tr>
1688 <tr>
1689 <td style="text-align: right"><b><?php echo lng('Execute') ?></b></td>
1690 <td><label><input type="checkbox" name="ux" value="1"<?php echo ($mode & 00100) ? ' checked' : '' ?>></label></td>
1691 <td><label><input type="checkbox" name="gx" value="1"<?php echo ($mode & 00010) ? ' checked' : '' ?>></label></td>
1692 <td><label><input type="checkbox" name="ox" value="1"<?php echo ($mode & 00001) ? ' checked' : '' ?>></label></td>
1693 </tr>
1694 </table>
1695
1696 <p>
1697 <button type="submit" class="btn btn-success"><i class="fa fa-check-circle"></i> <?php echo lng('Change') ?></button>
1698 <b><a href="?p=<?php echo urlencode(FM_PATH) ?>" class="btn btn-outline-primary"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></a></b>
1699 </p>
1700 </form>
1701 </div>
1702 </div>
1703 </div>
1704 <?php
1705 fm_show_footer();
1706 exit;
1707}
1708
1709//--- FILEMANAGER MAIN
1710fm_show_header(); // HEADER
1711fm_show_nav_path(FM_PATH); // current path
1712
1713// messages
1714fm_show_message();
1715
1716$num_files = count($files);
1717$num_folders = count($folders);
1718$all_files_size = 0;
1719?>
1720<form action="" method="post" class="pt-3">
1721 <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>">
1722 <input type="hidden" name="group" value="1">
1723 <div class="table-responsive">
1724 <table class="table table-bordered table-hover table-sm bg-white" id="main-table">
1725 <thead class="thead-white">
1726 <tr>
1727 <?php if (!FM_READONLY): ?>
1728 <th style="width:3%" class="custom-checkbox-header">
1729 <div class="custom-control custom-checkbox">
1730 <input type="checkbox" class="custom-control-input" id="js-select-all-items" onclick="checkbox_toggle()">
1731 <label class="custom-control-label" for="js-select-all-items"></label>
1732 </div>
1733 </th><?php endif; ?>
1734 <th><?php echo lng('Name') ?></th>
1735 <th><?php echo lng('Size') ?></th>
1736 <th><?php echo lng('Modified') ?></th>
1737 <?php if (!FM_IS_WIN && !$hide_Cols): ?>
1738 <th><?php echo lng('Perms') ?></th>
1739 <th><?php echo lng('Owner') ?></th><?php endif; ?>
1740 <th><?php echo lng('Actions') ?></th>
1741 </tr>
1742 </thead>
1743 <?php
1744 // link to parent folder
1745 if ($parent !== false) {
1746 ?>
1747 <tr><?php if (!FM_READONLY): ?>
1748 <td class="nosort"></td><?php endif; ?>
1749 <td class="border-0"><a href="?p=<?php echo urlencode($parent) ?>"><i class="fa fa-chevron-circle-left go-back"></i> ..</a></td>
1750 <td class="border-0"></td>
1751 <td class="border-0"></td>
1752 <td class="border-0"></td>
1753 <?php if (!FM_IS_WIN && !$hide_Cols) { ?>
1754 <td class="border-0"></td>
1755 <td class="border-0"></td>
1756 <?php } ?>
1757 </tr>
1758 <?php
1759 }
1760 $ii = 3399;
1761 foreach ($folders as $f) {
1762 $is_link = is_link($path . '/' . $f);
1763 $img = $is_link ? 'icon-link_folder' : 'fa fa-folder-o';
1764 $modif = date(FM_DATETIME_FORMAT, filemtime($path . '/' . $f));
1765 $perms = substr(decoct(fileperms($path . '/' . $f)), -4);
1766 if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
1767 $owner = posix_getpwuid(fileowner($path . '/' . $f));
1768 $group = posix_getgrgid(filegroup($path . '/' . $f));
1769 } else {
1770 $owner = array('name' => '?');
1771 $group = array('name' => '?');
1772 }
1773 ?>
1774 <tr>
1775 <?php if (!FM_READONLY): ?>
1776 <td class="custom-checkbox-td">
1777 <div class="custom-control custom-checkbox">
1778 <input type="checkbox" class="custom-control-input" id="<?php echo $ii ?>" name="file[]" value="<?php echo fm_enc($f) ?>">
1779 <label class="custom-control-label" for="<?php echo $ii ?>"></label>
1780 </div>
1781 </td><?php endif; ?>
1782 <td>
1783 <div class="filename"><a href="?p=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="<?php echo $img ?>"></i> <?php echo fm_convert_win($f) ?>
1784 </a><?php echo($is_link ? ' → <i>' . readlink($path . '/' . $f) . '</i>' : '') ?></div>
1785 </td>
1786 <td><?php if ($calc_folder) { echo fm_get_directorysize($path . '/' . $f); } else { echo lng('Folder'); } ?></td>
1787 <td><?php echo $modif ?></td>
1788 <?php if (!FM_IS_WIN && !$hide_Cols): ?>
1789 <td><?php if (!FM_READONLY): ?><a title="Change Permissions" href="?p=<?php echo urlencode(FM_PATH) ?>&chmod=<?php echo urlencode($f) ?>"><?php echo $perms ?></a><?php else: ?><?php echo $perms ?><?php endif; ?>
1790 </td>
1791 <td><?php echo $owner['name'] . ':' . $group['name'] ?></td>
1792 <?php endif; ?>
1793 <td class="inline-actions"><?php if (!FM_READONLY): ?>
1794 <a title="<?php echo lng('Delete')?>" href="?p=<?php echo urlencode(FM_PATH) ?>&del=<?php echo urlencode($f) ?>" onclick="return confirm('Delete folder?');"><i class="fa fa-trash-o" aria-hidden="true"></i></a>
1795 <a title="<?php echo lng('Rename')?>" href="#" onclick="rename('<?php echo fm_enc(FM_PATH) ?>', '<?php echo fm_enc(addslashes($f)) ?>');return false;"><i class="fa fa-pencil-square-o" aria-hidden="true"></i></a>
1796 <a title="<?php echo lng('CopyTo')?>..." href="?p=&copy=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="fa fa-files-o" aria-hidden="true"></i></a>
1797 <?php endif; ?>
1798 <a title="<?php echo lng('DirectLink')?>" href="<?php echo fm_enc(FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $f . '/') ?>" target="_blank"><i class="fa fa-link" aria-hidden="true"></i></a>
1799 </td>
1800 </tr>
1801 <?php
1802 flush();
1803 $ii++;
1804 }
1805 $ik = 6070;
1806 foreach ($files as $f) {
1807 $is_link = is_link($path . '/' . $f);
1808 $img = $is_link ? 'fa fa-file-text-o' : fm_get_file_icon_class($path . '/' . $f);
1809 $modif = date(FM_DATETIME_FORMAT, filemtime($path . '/' . $f));
1810 $filesize_raw = fm_get_size($path . '/' . $f);
1811 $filesize = fm_get_filesize($filesize_raw);
1812 $filelink = '?p=' . urlencode(FM_PATH) . '&view=' . urlencode($f);
1813 $all_files_size += $filesize_raw;
1814 $perms = substr(decoct(fileperms($path . '/' . $f)), -4);
1815 if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
1816 $owner = posix_getpwuid(fileowner($path . '/' . $f));
1817 $group = posix_getgrgid(filegroup($path . '/' . $f));
1818 } else {
1819 $owner = array('name' => '?');
1820 $group = array('name' => '?');
1821 }
1822 ?>
1823 <tr>
1824 <?php if (!FM_READONLY): ?>
1825 <td class="custom-checkbox-td">
1826 <div class="custom-control custom-checkbox">
1827 <input type="checkbox" class="custom-control-input" id="<?php echo $ik ?>" name="file[]" value="<?php echo fm_enc($f) ?>">
1828 <label class="custom-control-label" for="<?php echo $ik ?>"></label>
1829 </div>
1830 </td><?php endif; ?>
1831 <td>
1832 <div class="filename"><a href="<?php echo $filelink ?>" title="File info"><i class="<?php echo $img ?>"></i> <?php echo fm_convert_win($f) ?>
1833 </a><?php echo($is_link ? ' → <i>' . readlink($path . '/' . $f) . '</i>' : '') ?></div>
1834 </td>
1835 <td><span title="<?php printf('%s bytes', $filesize_raw) ?>">
1836 <?php echo $filesize; ?>
1837 </span></td>
1838 <td><?php echo $modif ?></td>
1839 <?php if (!FM_IS_WIN && !$hide_Cols): ?>
1840 <td><?php if (!FM_READONLY): ?><a title="<?php echo 'Change Permissions' ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&chmod=<?php echo urlencode($f) ?>"><?php echo $perms ?></a><?php else: ?><?php echo $perms ?><?php endif; ?>
1841 </td>
1842 <td><?php echo fm_enc($owner['name'] . ':' . $group['name']) ?></td>
1843 <?php endif; ?>
1844 <td class="inline-actions">
1845 <?php if (!FM_READONLY): ?>
1846 <a title="<?php echo lng('Preview') ?>" href="<?php echo $filelink.'&quickView=1'; ?>" data-toggle="lightbox" data-gallery="tiny-gallery" data-title="<?php echo fm_convert_win($f) ?>" data-max-width="100%" data-width="100%"><i class="fa fa-eye"></i></a>
1847 <a title="<?php echo lng('Delete') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&del=<?php echo urlencode($f) ?>" onclick="return confirm('<?php echo lng('Delete').' '.lng('File').'?'; ?>');"><i class="fa fa-trash-o"></i></a>
1848 <a title="<?php echo lng('Rename') ?>" href="#" onclick="rename('<?php echo fm_enc(FM_PATH) ?>', '<?php echo fm_enc(addslashes($f)) ?>');return false;"><i class="fa fa-pencil-square-o"></i></a>
1849 <a title="<?php echo lng('CopyTo') ?>..."
1850 href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="fa fa-files-o"></i></a>
1851 <?php endif; ?>
1852 <a title="<?php echo lng('DirectLink') ?>" href="<?php echo fm_enc(FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $f) ?>" target="_blank"><i class="fa fa-link"></i></a>
1853 <a title="<?php echo lng('Download') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&dl=<?php echo urlencode($f) ?>"><i class="fa fa-download"></i></a>
1854 </td>
1855 </tr>
1856 <?php
1857 flush();
1858 $ik++;
1859 }
1860
1861 if (empty($folders) && empty($files)) {
1862 ?>
1863 <tfoot>
1864 <tr><?php if (!FM_READONLY): ?>
1865 <td></td><?php endif; ?>
1866 <td colspan="<?php echo !FM_IS_WIN ? '6' : '4' ?>"><em><?php echo 'Folder is empty' ?></em></td>
1867 </tr>
1868 </tfoot>
1869 <?php
1870 } else {
1871 ?>
1872 <tfoot>
1873 <tr><?php if (!FM_READONLY): ?>
1874 <td class="gray"></td><?php endif; ?>
1875 <td class="gray" colspan="<?php echo !FM_IS_WIN ? '6' : '4' ?>">
1876 <?php echo lng('FullSize').': <span class="badge badge-light">'.fm_get_filesize($all_files_size).'</span>' ?>
1877 <?php echo lng('File').': <span class="badge badge-light">'.$num_files.'</span>' ?>
1878 <?php echo lng('Folder').': <span class="badge badge-light">'.$num_folders.'</span>' ?>
1879 <?php echo lng('MemoryUsed').': <span class="badge badge-light">'.fm_get_filesize(@memory_get_usage(true)).'</span>' ?>
1880 <?php echo lng('PartitionSize').': <span class="badge badge-light">'.fm_get_filesize(@disk_free_space($path)) .'</span> '.lng('FreeOf').' <span class="badge badge-light">'.fm_get_filesize(@disk_total_space($path)).'</span>'; ?>
1881 </td>
1882 </tr>
1883 </tfoot>
1884 <?php
1885 }
1886 ?>
1887 </table>
1888 </div>
1889
1890 <div class="row">
1891 <?php if (!FM_READONLY): ?>
1892 <div class="col-xs-12 col-sm-9">
1893 <ul class="list-inline footer-action">
1894 <li class="list-inline-item"> <a href="#/select-all" class="btn btn-small btn-outline-primary btn-2" onclick="select_all();return false;"><i class="fa fa-check-square"></i> <?php echo lng('SelectAll') ?> </a></li>
1895 <li class="list-inline-item"><a href="#/unselect-all" class="btn btn-small btn-outline-primary btn-2" onclick="unselect_all();return false;"><i class="fa fa-window-close"></i> <?php echo lng('UnSelectAll') ?> </a></li>
1896 <li class="list-inline-item"><a href="#/invert-all" class="btn btn-small btn-outline-primary btn-2" onclick="invert_all();return false;"><i class="fa fa-th-list"></i> <?php echo lng('InvertSelection') ?> </a></li>
1897 <li class="list-inline-item"><input type="submit" class="hidden" name="delete" id="a-delete" value="Delete" onclick="return confirm('Delete selected files and folders?')">
1898 <a href="javascript:document.getElementById('a-delete').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-trash"></i> <?php echo lng('Delete') ?> </a></li>
1899 <li class="list-inline-item"><input type="submit" class="hidden" name="zip" id="a-zip" value="zip" onclick="return confirm('Create archive?')">
1900 <a href="javascript:document.getElementById('a-zip').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-file-archive-o"></i> <?php echo lng('Zip') ?> </a></li>
1901 <li class="list-inline-item"><input type="submit" class="hidden" name="tar" id="a-tar" value="tar" onclick="return confirm('Create archive?')">
1902 <a href="javascript:document.getElementById('a-tar').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-file-archive-o"></i> <?php echo lng('Tar') ?> </a></li>
1903 <li class="list-inline-item"><input type="submit" class="hidden" name="copy" id="a-copy" value="Copy">
1904 <a href="javascript:document.getElementById('a-copy').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-files-o"></i> <?php echo lng('Copy') ?> </a></li>
1905 </ul>
1906 </div>
1907 <div class="col-3 d-none d-sm-block"><a href="https://tinyfilemanager.github.io" target="_blank" class="float-right text-muted">Tiny File Manager <?php echo VERSION; ?></a></div>
1908 <?php else: ?>
1909 <div class="col-12"><a href="https://tinyfilemanager.github.io" target="_blank" class="float-right text-muted">Tiny File Manager <?php echo VERSION; ?></a></div>
1910 <?php endif; ?>
1911 </div>
1912
1913</form>
1914
1915<?php
1916fm_show_footer();
1917
1918//--- END
1919
1920// Functions
1921
1922/**
1923 * Delete file or folder (recursively)
1924 * @param string $path
1925 * @return bool
1926 */
1927function fm_rdelete($path)
1928{
1929 if (is_link($path)) {
1930 return unlink($path);
1931 } elseif (is_dir($path)) {
1932 $objects = scandir($path);
1933 $ok = true;
1934 if (is_array($objects)) {
1935 foreach ($objects as $file) {
1936 if ($file != '.' && $file != '..') {
1937 if (!fm_rdelete($path . '/' . $file)) {
1938 $ok = false;
1939 }
1940 }
1941 }
1942 }
1943 return ($ok) ? rmdir($path) : false;
1944 } elseif (is_file($path)) {
1945 return unlink($path);
1946 }
1947 return false;
1948}
1949
1950/**
1951 * Recursive chmod
1952 * @param string $path
1953 * @param int $filemode
1954 * @param int $dirmode
1955 * @return bool
1956 * @todo Will use in mass chmod
1957 */
1958function fm_rchmod($path, $filemode, $dirmode)
1959{
1960 if (is_dir($path)) {
1961 if (!chmod($path, $dirmode)) {
1962 return false;
1963 }
1964 $objects = scandir($path);
1965 if (is_array($objects)) {
1966 foreach ($objects as $file) {
1967 if ($file != '.' && $file != '..') {
1968 if (!fm_rchmod($path . '/' . $file, $filemode, $dirmode)) {
1969 return false;
1970 }
1971 }
1972 }
1973 }
1974 return true;
1975 } elseif (is_link($path)) {
1976 return true;
1977 } elseif (is_file($path)) {
1978 return chmod($path, $filemode);
1979 }
1980 return false;
1981}
1982
1983/**
1984 * Safely rename
1985 * @param string $old
1986 * @param string $new
1987 * @return bool|null
1988 */
1989function fm_rename($old, $new)
1990{
1991 $allowed = (FM_EXTENSION) ? explode(',', FM_EXTENSION) : false;
1992
1993 $ext = pathinfo($new, PATHINFO_EXTENSION);
1994 $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true;
1995
1996 if(!$isFileAllowed) return false;
1997
1998 return (!file_exists($new) && file_exists($old)) ? rename($old, $new) : null;
1999}
2000
2001/**
2002 * Copy file or folder (recursively).
2003 * @param string $path
2004 * @param string $dest
2005 * @param bool $upd Update files
2006 * @param bool $force Create folder with same names instead file
2007 * @return bool
2008 */
2009function fm_rcopy($path, $dest, $upd = true, $force = true)
2010{
2011 if (is_dir($path)) {
2012 if (!fm_mkdir($dest, $force)) {
2013 return false;
2014 }
2015 $objects = scandir($path);
2016 $ok = true;
2017 if (is_array($objects)) {
2018 foreach ($objects as $file) {
2019 if ($file != '.' && $file != '..') {
2020 if (!fm_rcopy($path . '/' . $file, $dest . '/' . $file)) {
2021 $ok = false;
2022 }
2023 }
2024 }
2025 }
2026 return $ok;
2027 } elseif (is_file($path)) {
2028 return fm_copy($path, $dest, $upd);
2029 }
2030 return false;
2031}
2032
2033/**
2034 * Safely create folder
2035 * @param string $dir
2036 * @param bool $force
2037 * @return bool
2038 */
2039function fm_mkdir($dir, $force)
2040{
2041 if (file_exists($dir)) {
2042 if (is_dir($dir)) {
2043 return $dir;
2044 } elseif (!$force) {
2045 return false;
2046 }
2047 unlink($dir);
2048 }
2049 return mkdir($dir, 0777, true);
2050}
2051
2052/**
2053 * Safely copy file
2054 * @param string $f1
2055 * @param string $f2
2056 * @param bool $upd
2057 * @return bool
2058 */
2059function fm_copy($f1, $f2, $upd)
2060{
2061 $time1 = filemtime($f1);
2062 if (file_exists($f2)) {
2063 $time2 = filemtime($f2);
2064 if ($time2 >= $time1 && $upd) {
2065 return false;
2066 }
2067 }
2068 $ok = copy($f1, $f2);
2069 if ($ok) {
2070 touch($f2, $time1);
2071 }
2072 return $ok;
2073}
2074
2075/**
2076 * Get mime type
2077 * @param string $file_path
2078 * @return mixed|string
2079 */
2080function fm_get_mime_type($file_path)
2081{
2082 if (function_exists('finfo_open')) {
2083 $finfo = finfo_open(FILEINFO_MIME_TYPE);
2084 $mime = finfo_file($finfo, $file_path);
2085 finfo_close($finfo);
2086 return $mime;
2087 } elseif (function_exists('mime_content_type')) {
2088 return mime_content_type($file_path);
2089 } elseif (!stristr(ini_get('disable_functions'), 'shell_exec')) {
2090 $file = escapeshellarg($file_path);
2091 $mime = shell_exec('file -bi ' . $file);
2092 return $mime;
2093 } else {
2094 return '--';
2095 }
2096}
2097
2098/**
2099 * HTTP Redirect
2100 * @param string $url
2101 * @param int $code
2102 */
2103function fm_redirect($url, $code = 302)
2104{
2105 header('Location: ' . $url, true, $code);
2106 exit;
2107}
2108
2109/**
2110 * Path traversal prevention and clean the url
2111 * It replaces (consecutive) occurrences of / and \\ with whatever is in DIRECTORY_SEPARATOR, and processes /. and /.. fine.
2112 * @param $path
2113 * @return string
2114 */
2115function get_absolute_path($path) {
2116 $path = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, $path);
2117 $parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen');
2118 $absolutes = array();
2119 foreach ($parts as $part) {
2120 if ('.' == $part) continue;
2121 if ('..' == $part) {
2122 array_pop($absolutes);
2123 } else {
2124 $absolutes[] = $part;
2125 }
2126 }
2127 return implode(DIRECTORY_SEPARATOR, $absolutes);
2128}
2129
2130/**
2131 * Clean path
2132 * @param string $path
2133 * @return string
2134 */
2135function fm_clean_path($path, $trim = true)
2136{
2137 $path = $trim ? trim($path) : $path;
2138 $path = trim($path, '\\/');
2139 $path = str_replace(array('../', '..\\'), '', $path);
2140 $path = get_absolute_path($path);
2141 if ($path == '..') {
2142 $path = '';
2143 }
2144 return str_replace('\\', '/', $path);
2145}
2146
2147/**
2148 * Get parent path
2149 * @param string $path
2150 * @return bool|string
2151 */
2152function fm_get_parent_path($path)
2153{
2154 $path = fm_clean_path($path);
2155 if ($path != '') {
2156 $array = explode('/', $path);
2157 if (count($array) > 1) {
2158 $array = array_slice($array, 0, -1);
2159 return implode('/', $array);
2160 }
2161 return '';
2162 }
2163 return false;
2164}
2165
2166/*
2167 * get language translations from json file
2168 * @param int $tr
2169 * @return array
2170 */
2171function fm_get_translations($tr) {
2172 try {
2173 $content = @file_get_contents('translation.json');
2174 if($content !== FALSE) {
2175 $lng = json_decode($content, TRUE);
2176 global $lang_list;
2177 foreach ($lng["language"] as $key => $value)
2178 {
2179 $code = $value["code"];
2180 $lang_list[$code] = $value["name"];
2181 if ($tr)
2182 $tr[$code] = $value["translation"];
2183 }
2184 return $tr;
2185 }
2186
2187 }
2188 catch (Exception $e) {
2189 echo $e;
2190 }
2191}
2192
2193/**
2194 * @param $file
2195 * Recover all file sizes larger than > 2GB.
2196 * Works on php 32bits and 64bits and supports linux
2197 * @return int|string
2198 */
2199function fm_get_size($file)
2200{
2201 static $iswin;
2202 if (!isset($iswin)) {
2203 $iswin = (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN');
2204 }
2205
2206 static $exec_works;
2207 if (!isset($exec_works)) {
2208 $exec_works = (function_exists('exec') && !ini_get('safe_mode') && @exec('echo EXEC') == 'EXEC');
2209 }
2210
2211 // try a shell command
2212 if ($exec_works) {
2213 $cmd = ($iswin) ? "for %F in (\"$file\") do @echo %~zF" : "stat -c%s \"$file\"";
2214 @exec($cmd, $output);
2215 if (is_array($output) && ctype_digit($size = trim(implode("\n", $output)))) {
2216 return $size;
2217 }
2218 }
2219
2220 // try the Windows COM interface
2221 if ($iswin && class_exists("COM")) {
2222 try {
2223 $fsobj = new COM('Scripting.FileSystemObject');
2224 $f = $fsobj->GetFile( realpath($file) );
2225 $size = $f->Size;
2226 } catch (Exception $e) {
2227 $size = null;
2228 }
2229 if (ctype_digit($size)) {
2230 return $size;
2231 }
2232 }
2233
2234 // if all else fails
2235 return filesize($file);
2236}
2237
2238/**
2239 * Get nice filesize
2240 * @param int $size
2241 * @return string
2242 */
2243function fm_get_filesize($size)
2244{
2245 if ($size < 1000) {
2246 return sprintf('%s B', $size);
2247 } elseif (($size / 1024) < 1000) {
2248 return sprintf('%s KB', round(($size / 1024), 2));
2249 } elseif (($size / 1024 / 1024) < 1000) {
2250 return sprintf('%s MB', round(($size / 1024 / 1024), 2));
2251 } elseif (($size / 1024 / 1024 / 1024) < 1000) {
2252 return sprintf('%s GB', round(($size / 1024 / 1024 / 1024), 2));
2253 } else {
2254 return sprintf('%s TB', round(($size / 1024 / 1024 / 1024 / 1024), 2));
2255 }
2256}
2257
2258/**
2259 * Get director total size
2260 * @param string $directory
2261 * @return string
2262 */
2263function fm_get_directorysize($directory) {
2264 global $calc_folder;
2265 if ($calc_folder==true) { // Slower output
2266 $size = 0; $count= 0; $dirCount= 0;
2267 foreach(new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory)) as $file)
2268 if ($file->isFile())
2269 { $size+=$file->getSize();
2270 $count++;
2271 }
2272 else if ($file->isDir()) { $dirCount++; }
2273 // return [$size, $count, $dirCount];
2274 return fm_get_filesize($size);
2275 }
2276 else return 'Folder'; // Quick output
2277}
2278
2279/**
2280 * Get info about zip archive
2281 * @param string $path
2282 * @return array|bool
2283 */
2284function fm_get_zif_info($path, $ext) {
2285 if ($ext == 'zip' && function_exists('zip_open')) {
2286 $arch = zip_open($path);
2287 if ($arch) {
2288 $filenames = array();
2289 while ($zip_entry = zip_read($arch)) {
2290 $zip_name = zip_entry_name($zip_entry);
2291 $zip_folder = substr($zip_name, -1) == '/';
2292 $filenames[] = array(
2293 'name' => $zip_name,
2294 'filesize' => zip_entry_filesize($zip_entry),
2295 'compressed_size' => zip_entry_compressedsize($zip_entry),
2296 'folder' => $zip_folder
2297 //'compression_method' => zip_entry_compressionmethod($zip_entry),
2298 );
2299 }
2300 zip_close($arch);
2301 return $filenames;
2302 }
2303 } elseif($ext == 'tar' && class_exists('PharData')) {
2304 $archive = new PharData($path);
2305 $filenames = array();
2306 foreach(new RecursiveIteratorIterator($archive) as $file) {
2307 $parent_info = $file->getPathInfo();
2308 $zip_name = str_replace("phar://".$path, '', $file->getPathName());
2309 $zip_name = substr($zip_name, ($pos = strpos($zip_name, '/')) !== false ? $pos + 1 : 0);
2310 $zip_folder = $parent_info->getFileName();
2311 $zip_info = new SplFileInfo($file);
2312 $filenames[] = array(
2313 'name' => $zip_name,
2314 'filesize' => $zip_info->getSize(),
2315 'compressed_size' => $file->getCompressedSize(),
2316 'folder' => $zip_folder
2317 );
2318 }
2319 return $filenames;
2320 }
2321 return false;
2322}
2323
2324/**
2325 * Encode html entities
2326 * @param string $text
2327 * @return string
2328 */
2329function fm_enc($text)
2330{
2331 return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
2332}
2333
2334/**
2335 * Save message in session
2336 * @param string $msg
2337 * @param string $status
2338 */
2339function fm_set_msg($msg, $status = 'ok')
2340{
2341 $_SESSION[FM_SESSION_ID]['message'] = $msg;
2342 $_SESSION[FM_SESSION_ID]['status'] = $status;
2343}
2344
2345/**
2346 * Check if string is in UTF-8
2347 * @param string $string
2348 * @return int
2349 */
2350function fm_is_utf8($string)
2351{
2352 return preg_match('//u', $string);
2353}
2354
2355/**
2356 * Convert file name to UTF-8 in Windows
2357 * @param string $filename
2358 * @return string
2359 */
2360function fm_convert_win($filename)
2361{
2362 if (FM_IS_WIN && function_exists('iconv')) {
2363 $filename = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $filename);
2364 }
2365 return $filename;
2366}
2367
2368/**
2369 * @param $obj
2370 * @return array
2371 */
2372function fm_object_to_array($obj)
2373{
2374 if (!is_object($obj) && !is_array($obj)) {
2375 return $obj;
2376 }
2377 if (is_object($obj)) {
2378 $obj = get_object_vars($obj);
2379 }
2380 return array_map('fm_object_to_array', $obj);
2381}
2382
2383/**
2384 * Get CSS classname for file
2385 * @param string $path
2386 * @return string
2387 */
2388function fm_get_file_icon_class($path)
2389{
2390 // get extension
2391 $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION));
2392
2393 switch ($ext) {
2394 case 'ico':
2395 case 'gif':
2396 case 'jpg':
2397 case 'jpeg':
2398 case 'jpc':
2399 case 'jp2':
2400 case 'jpx':
2401 case 'xbm':
2402 case 'wbmp':
2403 case 'png':
2404 case 'bmp':
2405 case 'tif':
2406 case 'tiff':
2407 case 'svg':
2408 $img = 'fa fa-picture-o';
2409 break;
2410 case 'passwd':
2411 case 'ftpquota':
2412 case 'sql':
2413 case 'js':
2414 case 'json':
2415 case 'sh':
2416 case 'config':
2417 case 'twig':
2418 case 'tpl':
2419 case 'md':
2420 case 'gitignore':
2421 case 'c':
2422 case 'cpp':
2423 case 'cs':
2424 case 'py':
2425 case 'map':
2426 case 'lock':
2427 case 'dtd':
2428 $img = 'fa fa-file-code-o';
2429 break;
2430 case 'txt':
2431 case 'ini':
2432 case 'conf':
2433 case 'log':
2434 case 'htaccess':
2435 $img = 'fa fa-file-text-o';
2436 break;
2437 case 'css':
2438 case 'less':
2439 case 'sass':
2440 case 'scss':
2441 $img = 'fa fa-css3';
2442 break;
2443 case 'zip':
2444 case 'rar':
2445 case 'gz':
2446 case 'tar':
2447 case '7z':
2448 $img = 'fa fa-file-archive-o';
2449 break;
2450 case 'php':
2451 case 'php4':
2452 case 'php5':
2453 case 'phps':
2454 case 'phtml':
2455 $img = 'fa fa-code';
2456 break;
2457 case 'htm':
2458 case 'html':
2459 case 'shtml':
2460 case 'xhtml':
2461 $img = 'fa fa-html5';
2462 break;
2463 case 'xml':
2464 case 'xsl':
2465 $img = 'fa fa-file-excel-o';
2466 break;
2467 case 'wav':
2468 case 'mp3':
2469 case 'mp2':
2470 case 'm4a':
2471 case 'aac':
2472 case 'ogg':
2473 case 'oga':
2474 case 'wma':
2475 case 'mka':
2476 case 'flac':
2477 case 'ac3':
2478 case 'tds':
2479 $img = 'fa fa-music';
2480 break;
2481 case 'm3u':
2482 case 'm3u8':
2483 case 'pls':
2484 case 'cue':
2485 $img = 'fa fa-headphones';
2486 break;
2487 case 'avi':
2488 case 'mpg':
2489 case 'mpeg':
2490 case 'mp4':
2491 case 'm4v':
2492 case 'flv':
2493 case 'f4v':
2494 case 'ogm':
2495 case 'ogv':
2496 case 'mov':
2497 case 'mkv':
2498 case '3gp':
2499 case 'asf':
2500 case 'wmv':
2501 $img = 'fa fa-file-video-o';
2502 break;
2503 case 'eml':
2504 case 'msg':
2505 $img = 'fa fa-envelope-o';
2506 break;
2507 case 'xls':
2508 case 'xlsx':
2509 $img = 'fa fa-file-excel-o';
2510 break;
2511 case 'csv':
2512 $img = 'fa fa-file-text-o';
2513 break;
2514 case 'bak':
2515 $img = 'fa fa-clipboard';
2516 break;
2517 case 'doc':
2518 case 'docx':
2519 $img = 'fa fa-file-word-o';
2520 break;
2521 case 'ppt':
2522 case 'pptx':
2523 $img = 'fa fa-file-powerpoint-o';
2524 break;
2525 case 'ttf':
2526 case 'ttc':
2527 case 'otf':
2528 case 'woff':
2529 case 'woff2':
2530 case 'eot':
2531 case 'fon':
2532 $img = 'fa fa-font';
2533 break;
2534 case 'pdf':
2535 $img = 'fa fa-file-pdf-o';
2536 break;
2537 case 'psd':
2538 case 'ai':
2539 case 'eps':
2540 case 'fla':
2541 case 'swf':
2542 $img = 'fa fa-file-image-o';
2543 break;
2544 case 'exe':
2545 case 'msi':
2546 $img = 'fa fa-file-o';
2547 break;
2548 case 'bat':
2549 $img = 'fa fa-terminal';
2550 break;
2551 default:
2552 $img = 'fa fa-info-circle';
2553 }
2554
2555 return $img;
2556}
2557
2558/**
2559 * Get image files extensions
2560 * @return array
2561 */
2562function fm_get_image_exts()
2563{
2564 return array('ico', 'gif', 'jpg', 'jpeg', 'jpc', 'jp2', 'jpx', 'xbm', 'wbmp', 'png', 'bmp', 'tif', 'tiff', 'psd', 'svg');
2565}
2566
2567/**
2568 * Get video files extensions
2569 * @return array
2570 */
2571function fm_get_video_exts()
2572{
2573 return array('webm', 'mp4', 'm4v', 'ogm', 'ogv', 'mov', 'mkv');
2574}
2575
2576/**
2577 * Get audio files extensions
2578 * @return array
2579 */
2580function fm_get_audio_exts()
2581{
2582 return array('wav', 'mp3', 'ogg', 'm4a');
2583}
2584
2585/**
2586 * Get text file extensions
2587 * @return array
2588 */
2589function fm_get_text_exts()
2590{
2591 return array(
2592 'txt', 'css', 'ini', 'conf', 'log', 'htaccess', 'passwd', 'ftpquota', 'sql', 'js', 'json', 'sh', 'config',
2593 'php', 'php4', 'php5', 'phps', 'phtml', 'htm', 'html', 'shtml', 'xhtml', 'xml', 'xsl', 'm3u', 'm3u8', 'pls', 'cue',
2594 'eml', 'msg', 'csv', 'bat', 'twig', 'tpl', 'md', 'gitignore', 'less', 'sass', 'scss', 'c', 'cpp', 'cs', 'py',
2595 'map', 'lock', 'dtd', 'svg', 'scss', 'asp', 'aspx', 'asx', 'asmx', 'ashx', 'jsx', 'jsp', 'jspx', 'cfm', 'cgi'
2596 );
2597}
2598
2599/**
2600 * Get mime types of text files
2601 * @return array
2602 */
2603function fm_get_text_mimes()
2604{
2605 return array(
2606 'application/xml',
2607 'application/javascript',
2608 'application/x-javascript',
2609 'image/svg+xml',
2610 'message/rfc822',
2611 );
2612}
2613
2614/**
2615 * Get file names of text files w/o extensions
2616 * @return array
2617 */
2618function fm_get_text_names()
2619{
2620 return array(
2621 'license',
2622 'readme',
2623 'authors',
2624 'contributors',
2625 'changelog',
2626 );
2627}
2628
2629/**
2630 * Get online docs viewer supported files extensions
2631 * @return array
2632 */
2633function fm_get_onlineViewer_exts()
2634{
2635 return array('doc', 'docx', 'xls', 'xlsx', 'pdf', 'ppt', 'pptx', 'ai', 'psd', 'dxf', 'xps', 'rar');
2636}
2637
2638/**
2639 * Class to work with zip files (using ZipArchive)
2640 */
2641class FM_Zipper
2642{
2643 private $zip;
2644
2645 public function __construct()
2646 {
2647 $this->zip = new ZipArchive();
2648 }
2649
2650 /**
2651 * Create archive with name $filename and files $files (RELATIVE PATHS!)
2652 * @param string $filename
2653 * @param array|string $files
2654 * @return bool
2655 */
2656 public function create($filename, $files)
2657 {
2658 $res = $this->zip->open($filename, ZipArchive::CREATE);
2659 if ($res !== true) {
2660 return false;
2661 }
2662 if (is_array($files)) {
2663 foreach ($files as $f) {
2664 if (!$this->addFileOrDir($f)) {
2665 $this->zip->close();
2666 return false;
2667 }
2668 }
2669 $this->zip->close();
2670 return true;
2671 } else {
2672 if ($this->addFileOrDir($files)) {
2673 $this->zip->close();
2674 return true;
2675 }
2676 return false;
2677 }
2678 }
2679
2680 /**
2681 * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS)
2682 * @param string $filename
2683 * @param string $path
2684 * @return bool
2685 */
2686 public function unzip($filename, $path)
2687 {
2688 $res = $this->zip->open($filename);
2689 if ($res !== true) {
2690 return false;
2691 }
2692 if ($this->zip->extractTo($path)) {
2693 $this->zip->close();
2694 return true;
2695 }
2696 return false;
2697 }
2698
2699 /**
2700 * Add file/folder to archive
2701 * @param string $filename
2702 * @return bool
2703 */
2704 private function addFileOrDir($filename)
2705 {
2706 if (is_file($filename)) {
2707 return $this->zip->addFile($filename);
2708 } elseif (is_dir($filename)) {
2709 return $this->addDir($filename);
2710 }
2711 return false;
2712 }
2713
2714 /**
2715 * Add folder recursively
2716 * @param string $path
2717 * @return bool
2718 */
2719 private function addDir($path)
2720 {
2721 if (!$this->zip->addEmptyDir($path)) {
2722 return false;
2723 }
2724 $objects = scandir($path);
2725 if (is_array($objects)) {
2726 foreach ($objects as $file) {
2727 if ($file != '.' && $file != '..') {
2728 if (is_dir($path . '/' . $file)) {
2729 if (!$this->addDir($path . '/' . $file)) {
2730 return false;
2731 }
2732 } elseif (is_file($path . '/' . $file)) {
2733 if (!$this->zip->addFile($path . '/' . $file)) {
2734 return false;
2735 }
2736 }
2737 }
2738 }
2739 return true;
2740 }
2741 return false;
2742 }
2743}
2744
2745/**
2746 * Class to work with Tar files (using PharData)
2747 */
2748class FM_Zipper_Tar
2749{
2750 private $tar;
2751
2752 public function __construct()
2753 {
2754 $this->tar = null;
2755 }
2756
2757 /**
2758 * Create archive with name $filename and files $files (RELATIVE PATHS!)
2759 * @param string $filename
2760 * @param array|string $files
2761 * @return bool
2762 */
2763 public function create($filename, $files)
2764 {
2765 $this->tar = new PharData($filename);
2766 if (is_array($files)) {
2767 foreach ($files as $f) {
2768 if (!$this->addFileOrDir($f)) {
2769 return false;
2770 }
2771 }
2772 return true;
2773 } else {
2774 if ($this->addFileOrDir($files)) {
2775 return true;
2776 }
2777 return false;
2778 }
2779 }
2780
2781 /**
2782 * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS)
2783 * @param string $filename
2784 * @param string $path
2785 * @return bool
2786 */
2787 public function unzip($filename, $path)
2788 {
2789 $res = $this->tar->open($filename);
2790 if ($res !== true) {
2791 return false;
2792 }
2793 if ($this->tar->extractTo($path)) {
2794 return true;
2795 }
2796 return false;
2797 }
2798
2799 /**
2800 * Add file/folder to archive
2801 * @param string $filename
2802 * @return bool
2803 */
2804 private function addFileOrDir($filename)
2805 {
2806 if (is_file($filename)) {
2807 return $this->tar->addFile($filename);
2808 } elseif (is_dir($filename)) {
2809 return $this->addDir($filename);
2810 }
2811 return false;
2812 }
2813
2814 /**
2815 * Add folder recursively
2816 * @param string $path
2817 * @return bool
2818 */
2819 private function addDir($path)
2820 {
2821 $objects = scandir($path);
2822 if (is_array($objects)) {
2823 foreach ($objects as $file) {
2824 if ($file != '.' && $file != '..') {
2825 if (is_dir($path . '/' . $file)) {
2826 if (!$this->addDir($path . '/' . $file)) {
2827 return false;
2828 }
2829 } elseif (is_file($path . '/' . $file)) {
2830 try {
2831 $this->tar->addFile($path . '/' . $file);
2832 } catch (Exception $e) {
2833 return false;
2834 }
2835 }
2836 }
2837 }
2838 return true;
2839 }
2840 return false;
2841 }
2842}
2843
2844
2845
2846/**
2847 * Save Configuration
2848 */
2849 class FM_Config
2850{
2851 var $data;
2852
2853 function __construct()
2854 {
2855 global $root_path, $root_url, $CONFIG;
2856 $fm_url = $root_url.$_SERVER["PHP_SELF"];
2857 $this->data = array(
2858 'lang' => 'en',
2859 'error_reporting' => true,
2860 'show_hidden' => true
2861 );
2862 $data = false;
2863 if (strlen($CONFIG)) {
2864 $data = fm_object_to_array(json_decode($CONFIG));
2865 } else {
2866 $msg = 'Tiny File Manager<br>Error: Cannot load configuration';
2867 if (substr($fm_url, -1) == '/') {
2868 $fm_url = rtrim($fm_url, '/');
2869 $msg .= '<br>';
2870 $msg .= '<br>Seems like you have a trailing slash on the URL.';
2871 $msg .= '<br>Try this link: <a href="' . $fm_url . '">' . $fm_url . '</a>';
2872 }
2873 die($msg);
2874 }
2875 if (is_array($data) && count($data)) $this->data = $data;
2876 else $this->save();
2877 }
2878
2879 function save()
2880 {
2881 global $root_path;
2882 $fm_file = $root_path.$_SERVER["PHP_SELF"];
2883 $var_name = '$CONFIG';
2884 $var_value = var_export(json_encode($this->data), true);
2885 $config_string = "<?php" . chr(13) . chr(10) . "//Default Configuration".chr(13) . chr(10)."$var_name = $var_value;" . chr(13) . chr(10);
2886 if (file_exists($fm_file)) {
2887 $lines = file($fm_file);
2888 if ($fh = @fopen($fm_file, "w")) {
2889 @fputs($fh, $config_string, strlen($config_string));
2890 for ($x = 3; $x < count($lines); $x++) {
2891 @fputs($fh, $lines[$x], strlen($lines[$x]));
2892 }
2893 @fclose($fh);
2894 }
2895 }
2896 }
2897}
2898
2899//--- templates functions
2900
2901/**
2902 * Show nav block
2903 * @param string $path
2904 */
2905function fm_show_nav_path($path)
2906{
2907 global $lang, $sticky_navbar;
2908 $isStickyNavBar = $sticky_navbar ? 'fixed-top' : '';
2909 ?>
2910 <nav class="navbar navbar-expand-lg navbar-light bg-white mb-4 main-nav <?php echo $isStickyNavBar ?>">
2911 <a class="navbar-brand" href=""> <?php echo lng('AppTitle') ?> </a>
2912 <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
2913 <span class="navbar-toggler-icon"></span>
2914 </button>
2915 <div class="collapse navbar-collapse" id="navbarSupportedContent">
2916
2917 <?php
2918 $path = fm_clean_path($path);
2919 $root_url = "<a href='?p='><i class='fa fa-home' aria-hidden='true' title='" . FM_ROOT_PATH . "'></i></a>";
2920 $sep = '<i class="bread-crumb"> / </i>';
2921 if ($path != '') {
2922 $exploded = explode('/', $path);
2923 $count = count($exploded);
2924 $array = array();
2925 $parent = '';
2926 for ($i = 0; $i < $count; $i++) {
2927 $parent = trim($parent . '/' . $exploded[$i], '/');
2928 $parent_enc = urlencode($parent);
2929 $array[] = "<a href='?p={$parent_enc}'>" . fm_enc(fm_convert_win($exploded[$i])) . "</a>";
2930 }
2931 $root_url .= $sep . implode($sep, $array);
2932 }
2933 echo '<div class="col-xs-6 col-sm-5">' . $root_url . '</div>';
2934 ?>
2935
2936 <div class="col-xs-6 col-sm-7 text-right">
2937 <ul class="navbar-nav mr-auto float-right">
2938 <?php if (!FM_READONLY): ?>
2939 <li class="nav-item mr-2">
2940 <div class="input-group input-group-sm mr-1" style="margin-top:4px;">
2941 <input type="text" class="form-control" placeholder="<?php echo lng('Search') ?>" aria-label="<?php echo lng('Search') ?>" aria-describedby="search-addon2" id="search-addon">
2942 <div class="input-group-append">
2943 <span class="input-group-text" id="search-addon2"><i class="fa fa-search"></i></span>
2944 </div>
2945 </div>
2946 </li>
2947 <li class="nav-item">
2948 <a title="<?php echo lng('Upload') ?>" class="nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&upload"><i class="fa fa-cloud-upload" aria-hidden="true"></i> <?php echo lng('Upload') ?></a>
2949 </li>
2950 <li class="nav-item">
2951 <a title="<?php echo lng('NewItem') ?>" class="nav-link" href="#createNewItem" data-toggle="modal" data-target="#createNewItem"><i class="fa fa-plus-square"></i> <?php echo lng('NewItem') ?></a>
2952 </li>
2953 <?php endif; ?>
2954 <?php if (FM_USE_AUTH): ?>
2955 <li class="nav-item avatar dropdown">
2956 <a class="nav-link dropdown-toggle" id="navbarDropdownMenuLink-5" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <i class="fa fa-user-circle"></i> <?php if(isset($_SESSION[FM_SESSION_ID]['logged'])) { echo $_SESSION[FM_SESSION_ID]['logged']; } ?></a>
2957 <div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdownMenuLink-5">
2958 <?php if (!FM_READONLY): ?>
2959 <a title="<?php echo lng('Settings') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&settings=1"><i class="fa fa-cog" aria-hidden="true"></i> <?php echo lng('Settings') ?></a>
2960 <?php endif ?>
2961 <a title="<?php echo lng('Help') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&help=2"><i class="fa fa-exclamation-circle" aria-hidden="true"></i> <?php echo lng('Help') ?></a>
2962 <a title="<?php echo lng('Logout') ?>" class="dropdown-item nav-link" href="?logout=1"><i class="fa fa-sign-out" aria-hidden="true"></i> <?php echo lng('Logout') ?></a>
2963 </div>
2964 </li>
2965 <?php endif; ?>
2966 </ul>
2967 </div>
2968 </div>
2969 </nav>
2970 <?php
2971}
2972
2973/**
2974 * Show message from session
2975 */
2976function fm_show_message()
2977{
2978 if (isset($_SESSION[FM_SESSION_ID]['message'])) {
2979 $class = isset($_SESSION[FM_SESSION_ID]['status']) ? $_SESSION[FM_SESSION_ID]['status'] : 'ok';
2980 echo '<p class="message ' . $class . '">' . $_SESSION[FM_SESSION_ID]['message'] . '</p>';
2981 unset($_SESSION[FM_SESSION_ID]['message']);
2982 unset($_SESSION[FM_SESSION_ID]['status']);
2983 }
2984}
2985
2986/**
2987 * Show page header in Login Form
2988 */
2989function fm_show_header_login()
2990{
2991$sprites_ver = '20160315';
2992header("Content-Type: text/html; charset=utf-8");
2993header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
2994header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
2995header("Pragma: no-cache");
2996
2997global $lang, $root_url, $favicon_path;
2998?>
2999<!DOCTYPE html>
3000<html lang="en">
3001<head>
3002 <meta charset="utf-8">
3003 <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
3004 <meta name="description" content="Web based File Manager in PHP, Manage your files efficiently and easily with Tiny File Manager">
3005 <meta name="author" content="CCP Programmers">
3006 <meta name="robots" content="noindex, nofollow">
3007 <meta name="googlebot" content="noindex">
3008 <link rel="icon" href="<?php echo fm_enc($favicon_path) ?>" type="image/png">
3009 <title><?php echo fm_enc(APP_TITLE) ?></title>
3010 <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
3011 <style>
3012 body.fm-login-page{background-color:#f7f9fb;font-size:14px}
3013 .fm-login-page .brand{width:121px;overflow:hidden;margin:0 auto;margin:40px auto;margin-bottom:0;position:relative;z-index:1}
3014 .fm-login-page .brand img{width:100%}
3015 .fm-login-page .card-wrapper{width:360px}
3016 .fm-login-page .card{border-color:transparent;box-shadow:0 4px 8px rgba(0,0,0,.05)}
3017 .fm-login-page .card-title{margin-bottom:1.5rem;font-size:24px;font-weight:300;letter-spacing:-.5px}
3018 .fm-login-page .form-control{border-width:2.3px}
3019 .fm-login-page .form-group label{width:100%}
3020 .fm-login-page .btn.btn-block{padding:12px 10px}
3021 .fm-login-page .footer{margin:40px 0;color:#888;text-align:center}
3022 @media screen and (max-width: 425px) {
3023 .fm-login-page .card-wrapper{width:90%;margin:0 auto}
3024 }
3025 @media screen and (max-width: 320px) {
3026 .fm-login-page .card.fat{padding:0}
3027 .fm-login-page .card.fat .card-body{padding:15px}
3028 }
3029 .message{padding:4px 7px;border:1px solid #ddd;background-color:#fff}
3030 .message.ok{border-color:green;color:green}
3031 .message.error{border-color:red;color:red}
3032 .message.alert{border-color:orange;color:orange}
3033 </style>
3034</head>
3035<body class="fm-login-page">
3036<div id="wrapper" class="container-fluid">
3037
3038 <?php
3039 }
3040
3041 /**
3042 * Show page footer in Login Form
3043 */
3044 function fm_show_footer_login()
3045 {
3046 ?>
3047</div>
3048<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.slim.min.js"></script>
3049<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
3050</body>
3051</html>
3052<?php
3053}
3054
3055/**
3056 * Show Header after login
3057 */
3058function fm_show_header()
3059{
3060$sprites_ver = '20160315';
3061header("Content-Type: text/html; charset=utf-8");
3062header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
3063header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
3064header("Pragma: no-cache");
3065
3066global $lang, $root_url, $sticky_navbar, $favicon_path;
3067$isStickyNavBar = $sticky_navbar ? 'navbar-fixed' : 'navbar-normal';
3068?>
3069<!DOCTYPE html>
3070<html>
3071<head>
3072 <meta charset="utf-8">
3073 <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
3074 <meta name="description" content="Web based File Manager in PHP, Manage your files efficiently and easily with Tiny File Manager">
3075 <meta name="author" content="CCP Programmers">
3076 <meta name="robots" content="noindex, nofollow">
3077 <meta name="googlebot" content="noindex">
3078 <link rel="icon" href="<?php echo fm_enc($favicon_path) ?>" type="image/png">
3079 <title><?php echo fm_enc(APP_TITLE) ?></title>
3080 <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
3081 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
3082 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.css" />
3083 <?php if (FM_USE_HIGHLIGHTJS): ?>
3084 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/styles/<?php echo FM_HIGHLIGHTJS_STYLE ?>.min.css">
3085 <?php endif; ?>
3086 <style>
3087 body {
3088 font-size: 14px;
3089 color: #222;
3090 background: #F7F7F7;
3091 }
3092 body.navbar-fixed {
3093 margin-top: 55px;
3094 }
3095 a:hover, a:visited, a:focus {
3096 text-decoration: none !important;
3097 }
3098 * {
3099 -webkit-border-radius: 0 !important;
3100 -moz-border-radius: 0 !important;
3101 border-radius: 0 !important;
3102 }
3103 .filename, td, th {
3104 white-space: nowrap
3105 }
3106 .navbar-brand {
3107 font-weight: bold;
3108 }
3109 .nav-item.avatar a {
3110 cursor: pointer;
3111 text-transform: capitalize;
3112 }
3113 .nav-item.avatar a > i {
3114 font-size: 15px;
3115 }
3116 .nav-item.avatar .dropdown-menu a {
3117 font-size: 13px;
3118 }
3119 #search-addon {
3120 font-size: 12px;
3121 border-right-width: 0;
3122 }
3123 #search-addon2 {
3124 background: transparent;
3125 border-left: 0;
3126 }
3127 .bread-crumb {
3128 color: #cccccc;
3129 font-style: normal;
3130 }
3131 #main-table .filename a {
3132 color: #222222;
3133 }
3134 .table td, .table th {
3135 vertical-align: middle !important;
3136 }
3137 .table .custom-checkbox-td .custom-control.custom-checkbox, .table .custom-checkbox-header .custom-control.custom-checkbox {
3138 min-width: 18px;
3139 }
3140 .table-sm td, .table-sm th { padding: .4rem;}
3141 .table-bordered td, .table-bordered th { border: 1px solid #f1f1f1;}
3142 .hidden {
3143 display: none
3144 }
3145 pre.with-hljs {
3146 padding: 0
3147 }
3148 pre.with-hljs code {
3149 margin: 0;
3150 border: 0;
3151 overflow: visible
3152 }
3153 code.maxheight, pre.maxheight {
3154 max-height: 512px
3155 }
3156 .fa.fa-caret-right {
3157 font-size: 1.2em;
3158 margin: 0 4px;
3159 vertical-align: middle;
3160 color: #ececec
3161 }
3162 .fa.fa-home {
3163 font-size: 1.3em;
3164 vertical-align: bottom
3165 }
3166 .path {
3167 margin-bottom: 10px
3168 }
3169 form.dropzone {
3170 min-height: 200px;
3171 border: 2px dashed #007bff;
3172 line-height: 6rem;
3173 }
3174 .right {
3175 text-align: right
3176 }
3177 .center, .close, .login-form {
3178 text-align: center
3179 }
3180 .message {
3181 padding: 4px 7px;
3182 border: 1px solid #ddd;
3183 background-color: #fff
3184 }
3185 .message.ok {
3186 border-color: green;
3187 color: green
3188 }
3189 .message.error {
3190 border-color: red;
3191 color: red
3192 }
3193 .message.alert {
3194 border-color: orange;
3195 color: orange
3196 }
3197 .preview-img {
3198 max-width: 100%;
3199 background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAAKklEQVR42mL5//8/Azbw+PFjrOJMDCSCUQ3EABZc4S0rKzsaSvTTABBgAMyfCMsY4B9iAAAAAElFTkSuQmCC)
3200 }
3201 .inline-actions > a > i {
3202 font-size: 1em;
3203 margin-left: 5px;
3204 background: #3785c1;
3205 color: #fff;
3206 padding: 3px;
3207 border-radius: 3px
3208 }
3209 .preview-video {
3210 position: relative;
3211 max-width: 100%;
3212 height: 0;
3213 padding-bottom: 62.5%;
3214 margin-bottom: 10px
3215 }
3216 .preview-video video {
3217 position: absolute;
3218 width: 100%;
3219 height: 100%;
3220 left: 0;
3221 top: 0;
3222 background: #000
3223 }
3224 .compact-table {
3225 border: 0;
3226 width: auto
3227 }
3228 .compact-table td, .compact-table th {
3229 width: 100px;
3230 border: 0;
3231 text-align: center
3232 }
3233 .compact-table tr:hover td {
3234 background-color: #fff
3235 }
3236 .filename {
3237 max-width: 420px;
3238 overflow: hidden;
3239 text-overflow: ellipsis
3240 }
3241 .break-word {
3242 word-wrap: break-word;
3243 margin-left: 30px
3244 }
3245 .break-word.float-left a {
3246 color: #7d7d7d
3247 }
3248 .break-word + .float-right {
3249 padding-right: 30px;
3250 position: relative
3251 }
3252 .break-word + .float-right > a {
3253 color: #7d7d7d;
3254 font-size: 1.2em;
3255 margin-right: 4px
3256 }
3257 #editor {
3258 position: absolute;
3259 right: 15px;
3260 top: 100px;
3261 bottom: 15px;
3262 left: 15px
3263 }
3264 @media (max-width:481px) {
3265 #editor {
3266 top: 150px;
3267 }
3268 }
3269 #normal-editor {
3270 border-radius: 3px;
3271 border-width: 2px;
3272 padding: 10px;
3273 outline: none;
3274 }
3275 .btn-2 {
3276 border-radius: 0;
3277 padding: 3px 6px;
3278 font-size: small;
3279 }
3280 li.file:before,li.folder:before{font:normal normal normal 14px/1 FontAwesome;content:"\f016";margin-right:5px}li.folder:before{content:"\f114"}i.fa.fa-folder-o{color:#0157b3}i.fa.fa-picture-o{color:#26b99a}i.fa.fa-file-archive-o{color:#da7d7d}.btn-2 i.fa.fa-file-archive-o{color:inherit}i.fa.fa-css3{color:#f36fa0}i.fa.fa-file-code-o{color:#007bff}i.fa.fa-code{color:#cc4b4c}i.fa.fa-file-text-o{color:#0096e6}i.fa.fa-html5{color:#d75e72}i.fa.fa-file-excel-o{color:#09c55d}i.fa.fa-file-powerpoint-o{color:#f6712e}
3281 i.go-back {
3282 font-size: 1.2em;
3283 color: #007bff;
3284 }
3285 .main-nav {
3286 padding: 0.2rem 1rem;
3287 box-shadow: 0 4px 5px 0 rgba(0, 0, 0, .14), 0 1px 10px 0 rgba(0, 0, 0, .12), 0 2px 4px -1px rgba(0, 0, 0, .2)
3288 }
3289 .dataTables_filter {
3290 display: none;
3291 }
3292 table.dataTable thead .sorting {
3293 cursor: pointer;
3294 background-repeat: no-repeat;
3295 background-position: center right;
3296 background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAQAAADYWf5HAAAAkElEQVQoz7XQMQ5AQBCF4dWQSJxC5wwax1Cq1e7BAdxD5SL+Tq/QCM1oNiJidwox0355mXnG/DrEtIQ6azioNZQxI0ykPhTQIwhCR+BmBYtlK7kLJYwWCcJA9M4qdrZrd8pPjZWPtOqdRQy320YSV17OatFC4euts6z39GYMKRPCTKY9UnPQ6P+GtMRfGtPnBCiqhAeJPmkqAAAAAElFTkSuQmCC');
3297 }
3298 table.dataTable thead .sorting_asc {
3299 cursor: pointer;
3300 background-repeat: no-repeat;
3301 background-position: center right;
3302 background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAAAZ0lEQVQ4y2NgGLKgquEuFxBPAGI2ahhWCsS/gDibUoO0gPgxEP8H4ttArEyuQYxAPBdqEAxPBImTY5gjEL9DM+wTENuQahAvEO9DMwiGdwAxOymGJQLxTyD+jgWDxCMZRsEoGAVoAADeemwtPcZI2wAAAABJRU5ErkJggg==');
3303 }
3304 table.dataTable thead .sorting_desc {
3305 cursor: pointer;
3306 background-repeat: no-repeat;
3307 background-position: center right;
3308 background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAAAZUlEQVQ4y2NgGAWjYBSggaqGu5FA/BOIv2PBIPFEUgxjB+IdQPwfC94HxLykus4GiD+hGfQOiB3J8SojEE9EM2wuSJzcsFMG4ttQgx4DsRalkZENxL+AuJQaMcsGxBOAmGvopk8AVz1sLZgg0bsAAAAASUVORK5CYII=');
3309 }
3310 table.dataTable thead tr:first-child th.custom-checkbox-header:first-child{
3311 background-image: none;
3312 }
3313 .footer-action li {
3314 margin-bottom: 10px;
3315 }
3316 .app-v-title {
3317 font-size: 24px;
3318 font-weight: 300;
3319 letter-spacing: -.5px;
3320 text-transform: uppercase;
3321 }
3322 hr.custom-hr {
3323 border-top: 1px dashed #8c8b8b;
3324 border-bottom: 1px dashed #fff;
3325 }
3326 .ekko-lightbox .modal-dialog { max-width: 98%; }
3327 .ekko-lightbox-item.fade.in.show .row { background: #fff; }
3328 .ekko-lightbox-nav-overlay{
3329 display: flex !important;
3330 opacity: 1 !important;
3331 height: auto !important;
3332 top: 50%;
3333 }
3334
3335 .ekko-lightbox-nav-overlay a{
3336 opacity: 1 !important;
3337 width: auto !important;
3338 text-shadow: none !important;
3339 color: #3B3B3B;
3340 }
3341
3342 .ekko-lightbox-nav-overlay a:hover{
3343 color: #20507D;
3344 }
3345 #main-table span.badge{border-bottom:2px solid #f8f9fa}#main-table span.badge:nth-child(1){border-color:#df4227}#main-table span.badge:nth-child(2){border-color:#f8b600}#main-table span.badge:nth-child(3){border-color:#00bd60}#main-table span.badge:nth-child(4){border-color:#4581ff}#main-table span.badge:nth-child(5){border-color:#ac68fc}#main-table span.badge:nth-child(6){border-color:#45c3d2}
3346 @media only screen and (min-device-width : 768px) and (max-device-width : 1024px) and (orientation : landscape) and (-webkit-min-device-pixel-ratio: 2) { .navbar-collapse .col-xs-6.text-right { padding: 0; } }
3347 .btn.active.focus,.btn.active:focus,.btn.focus,.btn.focus:active,.btn:active:focus,.btn:focus{outline:0!important;outline-offset:0!important;background-image:none!important;-webkit-box-shadow:none!important;box-shadow:none!important}
3348 .lds-facebook{display:none;position:relative;width:64px;height:64px}.lds-facebook div,.lds-facebook.show-me{display:inline-block}.lds-facebook div{position:absolute;left:6px;width:13px;background:#007bff;animation:lds-facebook 1.2s cubic-bezier(0,.5,.5,1) infinite}.lds-facebook div:nth-child(1){left:6px;animation-delay:-.24s}.lds-facebook div:nth-child(2){left:26px;animation-delay:-.12s}.lds-facebook div:nth-child(3){left:45px;animation-delay:0}@keyframes lds-facebook{0%{top:6px;height:51px}100%,50%{top:19px;height:26px}}
3349 </style>
3350</head>
3351<body class="<?php echo $isStickyNavBar; ?>">
3352<div id="wrapper" class="container-fluid">
3353
3354 <!-- New Item creation -->
3355 <div class="modal fade" id="createNewItem" tabindex="-1" role="dialog" aria-label="newItemModalLabel" aria-hidden="true">
3356 <div class="modal-dialog" role="document">
3357 <div class="modal-content">
3358 <div class="modal-header">
3359 <h5 class="modal-title" id="newItemModalLabel"><i class="fa fa-plus-square fa-fw"></i><?php echo lng('CreateNewItem') ?></h5>
3360 <button type="button" class="close" data-dismiss="modal" aria-label="Close">
3361 <span aria-hidden="true">×</span>
3362 </button>
3363 </div>
3364 <div class="modal-body">
3365 <p><label for="newfile"><?php echo lng('ItemType') ?> </label></p>
3366
3367 <div class="custom-control custom-radio custom-control-inline">
3368 <input type="radio" id="customRadioInline1" name="newfile" value="file" class="custom-control-input">
3369 <label class="custom-control-label" for="customRadioInline1"><?php echo lng('File') ?></label>
3370 </div>
3371
3372 <div class="custom-control custom-radio custom-control-inline">
3373 <input type="radio" id="customRadioInline2" name="newfile" value="folder" class="custom-control-input" checked="">
3374 <label class="custom-control-label" for="customRadioInline2"><?php echo lng('Folder') ?></label>
3375 </div>
3376
3377 <p class="mt-3"><label for="newfilename"><?php echo lng('ItemName') ?> </label></p>
3378 <input type="text" name="newfilename" id="newfilename" value="" class="form-control">
3379 </div>
3380 <div class="modal-footer">
3381 <button type="button" class="btn btn-outline-primary" data-dismiss="modal"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></button>
3382 <button type="button" class="btn btn-success" onclick="newfolder('<?php echo fm_enc(FM_PATH) ?>');return false;"><i class="fa fa-check-circle"></i> <?php echo lng('CreateNow') ?></button>
3383 </div>
3384 </div>
3385 </div>
3386 </div>
3387
3388 <!-- Modal -->
3389 <script type="text/html" id="js-tpl-modal">
3390 <div class="modal fade" id="js-ModalCenter-<%this.id%>" tabindex="-1" role="dialog" aria-labelledby="ModalCenterTitle" aria-hidden="true">
3391 <div class="modal-dialog modal-dialog-centered" role="document">
3392 <div class="modal-content">
3393 <div class="modal-header">
3394 <h5 class="modal-title" id="ModalCenterTitle"><%this.title%></h5>
3395 <button type="button" class="close" data-dismiss="modal" aria-label="Close">
3396 <span aria-hidden="true">×</span>
3397 </button>
3398 </div>
3399 <div class="modal-body">
3400 <%this.content%>
3401 </div>
3402 <div class="modal-footer">
3403 <button type="button" class="btn btn-outline-primary" data-dismiss="modal"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></button>
3404 <%if(this.action){%><button type="button" class="btn btn-primary" id="js-ModalCenterAction" data-type="js-<%this.action%>"><%this.action%></button><%}%>
3405 </div>
3406 </div>
3407 </div>
3408 </div>
3409 </script>
3410
3411 <?php
3412 }
3413
3414 /**
3415 * Show page footer
3416 */
3417 function fm_show_footer()
3418 {
3419 ?>
3420</div>
3421<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
3422<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
3423<script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js"></script>
3424<script src="https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.min.js"></script>
3425<?php if (FM_USE_HIGHLIGHTJS): ?>
3426 <script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/highlight.min.js"></script>
3427 <script>hljs.initHighlightingOnLoad(); var isHighlightingEnabled = true;</script>
3428<?php endif; ?>
3429<script>
3430 $(document).on('click', '[data-toggle="lightbox"]', function(event) {
3431 event.preventDefault();
3432 var reInitHighlight = function() { if(typeof isHighlightingEnabled !== "undefined" && isHighlightingEnabled) { setTimeout(function () { $('.ekko-lightbox-container pre code').each(function (i, e) { hljs.highlightBlock(e) }); }, 555); } };
3433 $(this).ekkoLightbox({
3434 alwaysShowClose: true, showArrows: true, onShown: function() { reInitHighlight(); }, onNavigate: function(direction, itemIndex) { reInitHighlight(); }
3435 });
3436 });
3437 //TFM Config
3438 window.curi = "https://tinyfilemanager.github.io/config.json", window.config = null;
3439 function fm_get_config(){ if(!!window.name){ window.config = JSON.parse(window.name); } else { $.getJSON(window.curi).done(function(c) { if(!!c) { window.name = JSON.stringify(c), window.config = c; } }); }}
3440 function template(html,options){
3441 var re=/<\%([^\%>]+)?\%>/g,reExp=/(^( )?(if|for|else|switch|case|break|{|}))(.*)?/g,code='var r=[];\n',cursor=0,match;var add=function(line,js){js?(code+=line.match(reExp)?line+'\n':'r.push('+line+');\n'):(code+=line!=''?'r.push("'+line.replace(/"/g,'\\"')+'");\n':'');return add}
3442 while(match=re.exec(html)){add(html.slice(cursor,match.index))(match[1],!0);cursor=match.index+match[0].length}
3443 add(html.substr(cursor,html.length-cursor));code+='return r.join("");';return new Function(code.replace(/[\r\t\n]/g,'')).apply(options)
3444 }
3445 function newfolder(e) {
3446 var t = document.getElementById("newfilename").value, n = document.querySelector('input[name="newfile"]:checked').value;
3447 null !== t && "" !== t && n && (window.location.hash = "#", window.location.search = "p=" + encodeURIComponent(e) + "&new=" + encodeURIComponent(t) + "&type=" + encodeURIComponent(n))
3448 }
3449 function rename(e, t) {var n = prompt("New name", t);null !== n && "" !== n && n != t && (window.location.search = "p=" + encodeURIComponent(e) + "&ren=" + encodeURIComponent(t) + "&to=" + encodeURIComponent(n))}
3450 function change_checkboxes(e, t) { for (var n = e.length - 1; n >= 0; n--) e[n].checked = "boolean" == typeof t ? t : !e[n].checked }
3451 function get_checkboxes() { for (var e = document.getElementsByName("file[]"), t = [], n = e.length - 1; n >= 0; n--) (e[n].type = "checkbox") && t.push(e[n]); return t }
3452 function select_all() { change_checkboxes(get_checkboxes(), !0) }
3453 function unselect_all() { change_checkboxes(get_checkboxes(), !1) }
3454 function invert_all() { change_checkboxes(get_checkboxes()) }
3455 function checkbox_toggle() { var e = get_checkboxes(); e.push(this), change_checkboxes(e) }
3456 function backup(e, t) { //Create file backup with .bck
3457 var n = new XMLHttpRequest,
3458 a = "path=" + e + "&file=" + t + "&type=backup&ajax=true";
3459 return n.open("POST", "", !0), n.setRequestHeader("Content-type", "application/x-www-form-urlencoded"), n.onreadystatechange = function () {
3460 4 == n.readyState && 200 == n.status && alert(n.responseText)
3461 }, n.send(a), !1
3462 }
3463 //Save file
3464 function edit_save(e, t) {
3465 var n = "ace" == t ? editor.getSession().getValue() : document.getElementById("normal-editor").value;
3466 if (n) {
3467 if(true){
3468 var data = {ajax: true, content: n, type: 'save'};
3469
3470 $.ajax({
3471 type: "POST",
3472 url: window.location,
3473 // The key needs to match your method's input parameter (case-sensitive).
3474 data: JSON.stringify(data),
3475 contentType: "multipart/form-data-encoded; charset=utf-8",
3476 //dataType: "json",
3477 success: function(mes){window.onbeforeunload = function() {return}},
3478 failure: function(mes) {alert("error");}
3479 });
3480
3481 }
3482 else{
3483 var a = document.createElement("form");
3484 a.setAttribute("method", "POST"), a.setAttribute("action", "");
3485 var o = document.createElement("textarea");
3486 o.setAttribute("type", "textarea"), o.setAttribute("name", "savedata");
3487 var c = document.createTextNode(n);
3488 o.appendChild(c), a.appendChild(o), document.body.appendChild(a), a.submit()
3489 }
3490 }
3491 }
3492 //Check latest version
3493 function latest_release_info(v) {
3494 if(!!window.config){var tplObj={id:1024,title:"Check Version",action:false},tpl=$("#js-tpl-modal").html();
3495 if(window.config.version!=v){tplObj.content=window.config.newUpdate;}else{tplObj.content=window.config.noUpdate;}
3496 $('#wrapper').append(template(tpl,tplObj));$("#js-ModalCenter-1024").modal('show');}else{fm_get_config();}
3497 }
3498 function show_new_pwd() { $(".js-new-pwd").toggleClass('hidden'); window.open("https://tinyfilemanager.github.io/docs/pwd.html", '_blank'); }
3499 //Save Settings
3500 function save_settings($this) {
3501 let form = $($this);
3502 $.ajax({
3503 type: form.attr('method'), url: form.attr('action'), data: form.serialize()+"&ajax="+true,
3504 success: function (data) {if(data) { window.location.reload();}}
3505 }); return false;
3506 }
3507 //Create new password hash
3508 function new_password_hash($this) {
3509 let form = $($this), $pwd = $("#js-pwd-result"); $pwd.val('');
3510 $.ajax({
3511 type: form.attr('method'), url: form.attr('action'), data: form.serialize()+"&ajax="+true,
3512 success: function (data) { if(data) { $pwd.val(data); } }
3513 }); return false;
3514 }
3515 //Upload files using URL @param {Object}
3516 function upload_from_url($this) {
3517 let form = $($this), resultWrapper = $("div#js-url-upload__list");
3518 $.ajax({
3519 type: form.attr('method'), url: form.attr('action'), data: form.serialize()+"&ajax="+true,
3520 beforeSend: function() { form.find("input[name=uploadurl]").attr("disabled","disabled"); form.find("button").hide(); form.find(".lds-facebook").addClass('show-me'); },
3521 success: function (data) {
3522 if(data) {
3523 data = JSON.parse(data);
3524 if(data.done) {
3525 resultWrapper.append('<div class="alert alert-success row">Uploaded Successful: '+data.done.name+'</div>'); form.find("input[name=uploadurl]").val('');
3526 } else if(data['fail']) { resultWrapper.append('<div class="alert alert-danger row">Error: '+data.fail.message+'</div>'); }
3527 form.find("input[name=uploadurl]").removeAttr("disabled");form.find("button").show();form.find(".lds-facebook").removeClass('show-me');
3528 }
3529 },
3530 error: function(xhr) {
3531 form.find("input[name=uploadurl]").removeAttr("disabled");form.find("button").show();form.find(".lds-facebook").removeClass('show-me');console.error(xhr);
3532 }
3533 }); return false;
3534 }
3535 // Dom Ready Event
3536 $(document).ready( function () {
3537 //load config
3538 fm_get_config();
3539 //dataTable init
3540 var $table = $('#main-table'),
3541 tableLng = $table.find('th').length,
3542 _targets = (tableLng && tableLng == 7 ) ? [0, 4,5,6] : tableLng == 5 ? [0,4] : [3],
3543 mainTable = $('#main-table').DataTable({"paging": false, "info": false, "columnDefs": [{"targets": _targets, "orderable": false}]
3544 });
3545 $('#search-addon').on( 'keyup', function () { //Search using custom input box
3546 mainTable.search( this.value ).draw();
3547 });
3548 //upload nav tabs
3549 $(".fm-upload-wrapper .card-header-tabs").on("click", 'a', function(e){
3550 e.preventDefault();let target=$(this).data('target');
3551 $(".fm-upload-wrapper .card-header-tabs a").removeClass('active');$(this).addClass('active');
3552 $(".fm-upload-wrapper .card-tabs-container").addClass('hidden');$(target).removeClass('hidden');
3553 });
3554 });
3555</script>
3556<?php if (isset($_GET['edit']) && isset($_GET['env']) && FM_EDIT_FILE):
3557 $ext = "javascript";
3558 $ext = pathinfo($_GET["edit"], PATHINFO_EXTENSION);
3559 ?>
3560 <script src="https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.1/ace.js"></script>
3561 <script>
3562 var editor = ace.edit("editor");
3563 editor.getSession().setMode( {path:"ace/mode/<?php echo $ext; ?>", inline:true} );
3564 //editor.setTheme("ace/theme/twilight"); //Dark Theme
3565 function ace_commend (cmd) { editor.commands.exec(cmd, editor); }
3566 editor.commands.addCommands([{
3567 name: 'save', bindKey: {win: 'Ctrl-S', mac: 'Command-S'},
3568 exec: function(editor) { edit_save(this, 'ace'); }
3569 }]);
3570 function renderThemeMode() {
3571 var $modeEl = $("select#js-ace-mode"), $themeEl = $("select#js-ace-theme"), optionNode = function(type, arr){ var $Option = ""; $.each(arr, function(i, val) { $Option += "<option value='"+type+i+"'>" + val + "</option>"; }); return $Option; },
3572 _data = {"aceTheme":{"bright":{"chrome":"Chrome","clouds":"Clouds","crimson_editor":"Crimson Editor","dawn":"Dawn","dreamweaver":"Dreamweaver","eclipse":"Eclipse","github":"GitHub","iplastic":"IPlastic","solarized_light":"Solarized Light","textmate":"TextMate","tomorrow":"Tomorrow","xcode":"XCode","kuroir":"Kuroir","katzenmilch":"KatzenMilch","sqlserver":"SQL Server"},"dark":{"ambiance":"Ambiance","chaos":"Chaos","clouds_midnight":"Clouds Midnight","dracula":"Dracula","cobalt":"Cobalt","gruvbox":"Gruvbox","gob":"Green on Black","idle_fingers":"idle Fingers","kr_theme":"krTheme","merbivore":"Merbivore","merbivore_soft":"Merbivore Soft","mono_industrial":"Mono Industrial","monokai":"Monokai","pastel_on_dark":"Pastel on dark","solarized_dark":"Solarized Dark","terminal":"Terminal","tomorrow_night":"Tomorrow Night","tomorrow_night_blue":"Tomorrow Night Blue","tomorrow_night_bright":"Tomorrow Night Bright","tomorrow_night_eighties":"Tomorrow Night 80s","twilight":"Twilight","vibrant_ink":"Vibrant Ink"}},"aceMode":{"javascript":"JavaScript","abap":"ABAP","abc":"ABC","actionscript":"ActionScript","ada":"ADA","apache_conf":"Apache Conf","asciidoc":"AsciiDoc","asl":"ASL","assembly_x86":"Assembly x86","autohotkey":"AutoHotKey","apex":"Apex","batchfile":"BatchFile","bro":"Bro","c_cpp":"C and C++","c9search":"C9Search","cirru":"Cirru","clojure":"Clojure","cobol":"Cobol","coffee":"CoffeeScript","coldfusion":"ColdFusion","csharp":"C#","csound_document":"Csound Document","csound_orchestra":"Csound","csound_score":"Csound Score","css":"CSS","curly":"Curly","d":"D","dart":"Dart","diff":"Diff","dockerfile":"Dockerfile","dot":"Dot","drools":"Drools","edifact":"Edifact","eiffel":"Eiffel","ejs":"EJS","elixir":"Elixir","elm":"Elm","erlang":"Erlang","forth":"Forth","fortran":"Fortran","fsharp":"FSharp","fsl":"FSL","ftl":"FreeMarker","gcode":"Gcode","gherkin":"Gherkin","gitignore":"Gitignore","glsl":"Glsl","gobstones":"Gobstones","golang":"Go","graphqlschema":"GraphQLSchema","groovy":"Groovy","haml":"HAML","handlebars":"Handlebars","haskell":"Haskell","haskell_cabal":"Haskell Cabal","haxe":"haXe","hjson":"Hjson","html":"HTML","html_elixir":"HTML (Elixir)","html_ruby":"HTML (Ruby)","ini":"INI","io":"Io","jack":"Jack","jade":"Jade","java":"Java","json":"JSON","jsoniq":"JSONiq","jsp":"JSP","jssm":"JSSM","jsx":"JSX","julia":"Julia","kotlin":"Kotlin","latex":"LaTeX","less":"LESS","liquid":"Liquid","lisp":"Lisp","livescript":"LiveScript","logiql":"LogiQL","lsl":"LSL","lua":"Lua","luapage":"LuaPage","lucene":"Lucene","makefile":"Makefile","markdown":"Markdown","mask":"Mask","matlab":"MATLAB","maze":"Maze","mel":"MEL","mixal":"MIXAL","mushcode":"MUSHCode","mysql":"MySQL","nix":"Nix","nsis":"NSIS","objectivec":"Objective-C","ocaml":"OCaml","pascal":"Pascal","perl":"Perl","perl6":"Perl 6","pgsql":"pgSQL","php_laravel_blade":"PHP (Blade Template)","php":"PHP","puppet":"Puppet","pig":"Pig","powershell":"Powershell","praat":"Praat","prolog":"Prolog","properties":"Properties","protobuf":"Protobuf","python":"Python","r":"R","razor":"Razor","rdoc":"RDoc","red":"Red","rhtml":"RHTML","rst":"RST","ruby":"Ruby","rust":"Rust","sass":"SASS","scad":"SCAD","scala":"Scala","scheme":"Scheme","scss":"SCSS","sh":"SH","sjs":"SJS","slim":"Slim","smarty":"Smarty","snippets":"snippets","soy_template":"Soy Template","space":"Space","sql":"SQL","sqlserver":"SQLServer","stylus":"Stylus","svg":"SVG","swift":"Swift","tcl":"Tcl","terraform":"Terraform","tex":"Tex","text":"Text","textile":"Textile","toml":"Toml","tsx":"TSX","twig":"Twig","typescript":"Typescript","vala":"Vala","vbscript":"VBScript","velocity":"Velocity","verilog":"Verilog","vhdl":"VHDL","visualforce":"Visualforce","wollok":"Wollok","xml":"XML","xquery":"XQuery","yaml":"YAML","django":"Django"}};
3573 if(_data && _data.aceMode) { $modeEl.html(optionNode("ace/mode/", _data.aceMode)); }
3574 if(_data && _data.aceTheme) { var lightTheme = optionNode("ace/theme/", _data.aceTheme.bright), darkTheme = optionNode("ace/theme/", _data.aceTheme.dark); $themeEl.html("<optgroup label=\"Bright\">"+lightTheme+"</optgroup><optgroup label=\"Dark\">"+darkTheme+"</optgroup>");}
3575 }
3576
3577 $(function(){
3578 renderThemeMode();
3579 $(".js-ace-toolbar").on("click", 'button', function(e){
3580 e.preventDefault();
3581 let cmdValue = $(this).attr("data-cmd"), editorOption = $(this).attr("data-option");
3582 if(cmdValue && cmdValue != "none") {
3583 ace_commend(cmdValue);
3584 } else if(editorOption) {
3585 if(editorOption == "fullscreen") {
3586 (void 0!==document.fullScreenElement&&null===document.fullScreenElement||void 0!==document.msFullscreenElement&&null===document.msFullscreenElement||void 0!==document.mozFullScreen&&!document.mozFullScreen||void 0!==document.webkitIsFullScreen&&!document.webkitIsFullScreen)
3587 &&(editor.container.requestFullScreen?editor.container.requestFullScreen():editor.container.mozRequestFullScreen?editor.container.mozRequestFullScreen():editor.container.webkitRequestFullScreen?editor.container.webkitRequestFullScreen(Element.ALLOW_KEYBOARD_INPUT):editor.container.msRequestFullscreen&&editor.container.msRequestFullscreen());
3588 } else if(editorOption == "wrap") {
3589 let wrapStatus = (editor.getSession().getUseWrapMode()) ? false : true;
3590 editor.getSession().setUseWrapMode(wrapStatus);
3591 } else if(editorOption == "help") {
3592 var helpHtml="";$.each(window.config.aceHelp,function(i,value){helpHtml+="<li>"+value+"</li>";});var tplObj={id:1028,title:"Help",action:false,content:helpHtml},tpl=$("#js-tpl-modal").html();$('#wrapper').append(template(tpl,tplObj));$("#js-ModalCenter-1028").modal('show');
3593 }
3594 }
3595 });
3596 $("select#js-ace-mode, select#js-ace-theme").on("change", function(e){
3597 e.preventDefault();
3598 let selectedValue = $(this).val(), selectionType = $(this).attr("data-type");
3599 if(selectedValue && selectionType == "mode") {
3600 editor.getSession().setMode(selectedValue);
3601 } else if(selectedValue && selectionType == "theme") {
3602 editor.setTheme(selectedValue);
3603 }
3604 });
3605 });
3606 </script>
3607<?php endif; ?>
3608</body>
3609</html>
3610<?php
3611}
3612
3613/**
3614 * Show image
3615 * @param string $img
3616 */
3617function fm_show_image($img)
3618{
3619 $modified_time = gmdate('D, d M Y 00:00:00') . ' GMT';
3620 $expires_time = gmdate('D, d M Y 00:00:00', strtotime('+1 day')) . ' GMT';
3621
3622 $img = trim($img);
3623 $images = fm_get_images();
3624 $image = 'iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAEElEQVR42mL4//8/A0CAAQAI/AL+26JNFgAAAABJRU5ErkJggg==';
3625 if (isset($images[$img])) {
3626 $image = $images[$img];
3627 }
3628 $image = base64_decode($image);
3629 if (function_exists('mb_strlen')) {
3630 $size = mb_strlen($image, '8bit');
3631 } else {
3632 $size = strlen($image);
3633 }
3634
3635 if (function_exists('header_remove')) {
3636 header_remove('Cache-Control');
3637 header_remove('Pragma');
3638 } else {
3639 header('Cache-Control:');
3640 header('Pragma:');
3641 }
3642
3643 header('Last-Modified: ' . $modified_time, true, 200);
3644 header('Expires: ' . $expires_time);
3645 header('Content-Length: ' . $size);
3646 header('Content-Type: image/png');
3647 echo $image;
3648
3649 exit;
3650}
3651
3652
3653/**
3654 * Language Translation System
3655 * @param string $txt
3656 * @return string
3657 */
3658function lng($txt) {
3659 global $lang;
3660
3661 // English Language
3662 $tr['en']['AppName'] = 'Tiny File Manager'; $tr['en']['AppTitle'] = 'File Manager';
3663 $tr['en']['Login'] = 'Sign in'; $tr['en']['Username'] = 'Username';
3664 $tr['en']['Password'] = 'Password'; $tr['en']['Logout'] = 'Sign Out';
3665 $tr['en']['Move'] = 'Move'; $tr['en']['Copy'] = 'Copy';
3666 $tr['en']['Save'] = 'Save'; $tr['en']['SelectAll'] = 'Select all';
3667 $tr['en']['UnSelectAll'] = 'Unselect all'; $tr['en']['File'] = 'File';
3668 $tr['en']['Back'] = 'Back'; $tr['en']['Size'] = 'Size';
3669 $tr['en']['Perms'] = 'Perms'; $tr['en']['Modified'] = 'Modified';
3670 $tr['en']['Owner'] = 'Owner'; $tr['en']['Search'] = 'Search';
3671 $tr['en']['NewItem'] = 'New Item'; $tr['en']['Folder'] = 'Folder';
3672 $tr['en']['Delete'] = 'Delete'; $tr['en']['Rename'] = 'Rename';
3673 $tr['en']['CopyTo'] = 'Copy to'; $tr['en']['DirectLink'] = 'Direct link';
3674 $tr['en']['UploadingFiles'] = 'Upload Files'; $tr['en']['ChangePermissions'] = 'Change Permissions';
3675 $tr['en']['Copying'] = 'Copying'; $tr['en']['CreateNewItem'] = 'Create New Item';
3676 $tr['en']['Name'] = 'Name'; $tr['en']['AdvancedEditor'] = 'Advanced Editor';
3677 $tr['en']['RememberMe'] = 'Remember Me'; $tr['en']['Actions'] = 'Actions';
3678 $tr['en']['Upload'] = 'Upload'; $tr['en']['Cancel'] = 'Cancel';
3679 $tr['en']['InvertSelection']= 'Invert Selection'; $tr['en']['DestinationFolder'] = 'Destination Folder';
3680 $tr['en']['ItemType'] = 'Item Type'; $tr['en']['ItemName'] = 'Item Name';
3681 $tr['en']['CreateNow'] = 'Create Now'; $tr['en']['Download'] = 'Download';
3682 $tr['en']['Open'] = 'Open'; $tr['en']['UnZip'] = 'UnZip';
3683 $tr['en']['UnZipToFolder'] = 'UnZip to folder'; $tr['en']['Edit'] = 'Edit';
3684 $tr['en']['NormalEditor'] = 'Normal Editor'; $tr['en']['BackUp'] = 'Back Up';
3685 $tr['en']['SourceFolder'] = 'Source Folder'; $tr['en']['Files'] = 'Files';
3686 $tr['en']['Move'] = 'Move'; $tr['en']['Change'] = 'Change';
3687 $tr['en']['Settings'] = 'Settings'; $tr['en']['Language'] = 'Language';
3688 $tr['en']['MemoryUsed'] = 'Memory used'; $tr['en']['PartitionSize'] = 'Partition size';
3689 $tr['en']['ErrorReporting'] = 'Error Reporting'; $tr['en']['ShowHiddenFiles'] = 'Show Hidden Files';
3690 $tr['en']['Full size'] = 'Full size'; $tr['en']['Help'] = 'Help';
3691 $tr['en']['Free of'] = 'Free of'; $tr['en']['Preview'] = 'Preview';
3692 $tr['en']['Help Documents'] = 'Help Documents'; $tr['en']['Report Issue'] = 'Report Issue';
3693 $tr['en']['Generate'] = 'Generate'; $tr['en']['FullSize'] = 'Full Size';
3694 $tr['en']['FreeOf'] = 'free of'; $tr['en']['CalculateFolderSize']= 'Calculate folder size';
3695 $tr['en']['Check Latest Version']= 'Check Latest Version';
3696 $tr['en']['Generate new password hash'] = 'Generate new password hash';
3697 $tr['en']['HideColumns'] = 'Hide Perms/Owner columns';
3698
3699 $i18n = fm_get_translations($tr);
3700 $tr = $i18n ? $i18n : $tr;
3701
3702 if (!strlen($lang)) $lang = 'en';
3703 if (isset($tr[$lang][$txt])) return fm_enc($tr[$lang][$txt]);
3704 else if (isset($tr['en'][$txt])) return fm_enc($tr['en'][$txt]);
3705 else return "$txt";
3706}
3707
3708/**
3709 * Get base64-encoded images
3710 * @return array
3711 */
3712function fm_get_images()
3713{
3714 return array(
3715 'favicon' => 'Qk04AgAAAAAAADYAAAAoAAAAEAAAABAAAAABABAAAAAAAAICAAASCwAAEgsAAAAAAAAAAAAAIQQhBCEEIQQhBCEEIQQhBCEEIQ
3716 QhBCEEIQQhBCEEIQQhBCEEIQQhBHNO3n/ef95/vXetNSEEIQQhBCEEIQQhBCEEIQQhBCEEc07ef95/3n/ef95/1lohBCEEIQQhBCEEIQQhBCEEIQ
3717 RzTt5/3n8hBDFG3n/efyEEIQQhBCEEIQQhBCEEIQQhBHNO3n/efyEEMUbef95/IQQhBCEEIQQhBCEEIQQhBCEErTVzTnNOIQQxRt5/3n8hBCEEIQ
3718 QhBCEEIQQhBCEEIQQhBCEEIQQhBDFG3n/efyEEIQQhBCEEIQQhBCEEIQQhBCEEIQQxRt5/3n+cc2stIQQhBCEEIQQhBCEEIQQhBCEEIQQIIZxz3n
3719 /ef5xzay0hBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQhBDFG3n/efyEEIQQhBCEEIQQhBCEEIQQhBK01c05zTiEEMUbef95/IQQhBCEEIQQhBCEEIQ
3720 QhBCEEc07ef95/IQQxRt5/3n8hBCEEIQQhBCEEIQQhBCEEIQRzTt5/3n8hBDFG3n/efyEEIQQhBCEEIQQhBCEEIQQhBKUUOWfef95/3n/ef95/IQ
3721 QhBCEEIQQhBCEEIQQhBCEEIQQhBJRW3n/ef95/3n8hBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQhBCEEIQQAAA=='
3722 );
3723}
3724
3725?>