Nie działa.
Oto kod mojego php gdzie chce miec preloader
[code]<?php
/***************************************************************************
AutoIndex php Script, by Justin Hagstrom
-------------------
filename : index.php
version : 1.5.4
date : August 11, 2005
copyright : Copyright (C) 2002-2005 Justin Hagstrom
license : GNU General Public License (GPL)
website & forum : http://autoindex.sourceforge.net
e-mail : JustinHagstrom [at] yahoo [dot] com
AutoIndex php Script is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
AutoIndex php Script is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
***************************************************************************/
//some basic compatibility for php 4.0.x
if (!isset($_GET)) { $_GET = &$HTTP_GET_VARS; }
if (!isset($_POST)) { $_POST = &$HTTP_POST_VARS; }
if (!isset($_SESSION)) { $_SESSION = &$HTTP_SESSION_VARS; }
if (!isset($_SERVER)) { $_SERVER = &$HTTP_SERVER_VARS; }
if (!isset($_COOKIE)) { $_COOKIE = &$HTTP_COOKIE_VARS; }
if (!isset($_FILES)) { $_FILES = &$HTTP_POST_FILES; }
/* OPTIONAL SETTINGS */
$stored_config = 'AutoIndex.conf.php';
$config_generator = 'config.php';
$date_format = 'Y-M-d'; //see http://php.net/date
/* END OPTIONAL SETTINGS */
function get_microtime()
{
list($usec, $sec) = explode(' ', microtime());
return ((float)$usec + (float)$sec);
}
$start_time = get_microtime();
session_name('AutoIndex');
session_start();
if (@get_magic_quotes_gpc())
//remove any slashes added by the "magic quotes" setting
{
$_GET = array_map('stripslashes', $_GET);
$_POST = array_map('stripslashes', $_POST);
}
@set_magic_quotes_runtime(0);
if (ini_get('zlib.output_compression') == '1')
//compensate for compressed output set in php.ini
{
header('Content-Encoding: gzip');
}
define('VERSION', '1.5.4');
//now we need to include either the stored settings, or the config generator
if (@is_file($stored_config))
{
if (!@include($stored_config))
{
die("<p>Error including file <em>$stored_config</em></p>");
}
}
else if (@is_file($config_generator))
{
define('CONFIG', true);
if (!@include($config_generator))
{
die("<p>Error including file <em>$config_generator</em></p>");
}
die();
}
else
{
die("<p>Error: Neither <em>$config_generator</em> nor <em>$stored_config</em> could be found.</p>");
}
$this_file = (($index == '') ? $_SERVER['PHP_SELF'] : $index);
$this_file .= ((strpos($this_file, '?') !== false) ? '&' : '?');
$referrer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'N/A');
//make sure all the variables are set correctly from the stored settings
$config_vars = array('base_dir', 'icon_path', 'stylesheet', 'use_login_system',
'allow_uploads', 'must_login_to_download', 'user_list', 'allow_file_overwrites',
'log_file', 'dont_log_these_ips', 'download_count', 'links_file', 'lang',
'sub_folder_access', 'index', 'hidden_files', 'show_only_these_files',
'force_download', 'bandwidth_limit', 'anti_leech', 'enable_searching',
'show_dir_size', 'folder_expansion', 'show_folder_count', 'banned_list',
'md5_show', 'header', 'footer', 'header_per_folder', 'footer_per_folder',
'description_file', 'thumbnail_height', 'path_to_language_files', 'days_new',
'select_language', 'show_type_column', 'show_size_column', 'show_date_column');
foreach ($config_vars as $this_var)
{
if (!isset($$this_var))
{
die("<p>Error: AutoIndex is not configured properly.
<br />The variable <strong>$this_var</strong> is not set.</p>
<p>Delete <em>$stored_config</em> and then run <em>$config_generator</em>.</p>");
}
}
//find the language the script should be displayed in
if ($select_language && isset($_GET['lang'])
&& preg_match('/^[a-z]{2}(_[a-z]{2})?$/i', $_GET['lang'])
&& @is_file($path_to_language_files.$_GET['lang'].'.php'))
{
$_SESSION['lang'] = $_GET['lang'];
}
else if (!isset($_SESSION['lang']))
{
$_SESSION['lang'] = $lang;
}
@include($path_to_language_files.$_SESSION['lang'].'.php');
if (!isset($words))
{
die('<p>Error: You need to include a language.php file that has the variable $words.
<br />Check the $lang and $path_to_language_files variables.</p>');
}
$global_user_list = ($use_login_system ? @file($user_list) : array());
if ($global_user_list === false)
{
die("<p>Could not open file <strong>$user_list</strong></p>");
}
function translate_uri($uri)
//rawurlencodes $uri, but not any slashes
{
$uri = rawurlencode(str_replace('\\', '/', $uri));
return str_replace(rawurlencode('/'), '/', $uri);
}
function get_basename($fn)
//returns everything after the slash, or the original string if there is no slash
{
return basename(str_replace('\\', '/', $fn));
}
function match_in_array($string, &$array)
//returns true if $string matches anything in the array
{
$string = get_basename($string);
static $replace = array(
'\*' => '[^\/]*',
'\+' => '[^\/]+',
'\?' => '[^\/]?');
foreach ($array as $m)
{
if (preg_match('/^'.strtr(preg_quote(get_basename($m), '/'), $replace).'$/i', $string))
{
return true;
}
}
return false;
}
function check_login($user, $pass)
{
global $global_user_list;
foreach ($global_user_list as $look)
{
if ((strcasecmp(substr(rtrim($look), 33), $user) === 0)
&& (strcasecmp(substr(rtrim($look), 0, 32), $pass) === 0))
{
return true;
}
}
return false;
}
function logged_in()
{
return (isset($_SESSION['user'], $_SESSION['pass']) &&
check_login($_SESSION['user'], $_SESSION['pass']));
}
function is_user_admin($user)
{
global $global_user_list;
foreach ($global_user_list as $look)
{
if (strcasecmp($user, substr(rtrim($look), 33)) === 0)
{
return (substr($look, 32, 1) === '1');
}
}
return false;
}
function is_admin()
{
return is_user_admin($_SESSION['user']);
}
function is_hidden($fn, $is_file = true)
//looks at $hidden_files and $show_only_these_files to see if $fn is hidden
{
if ($fn == '')
{
return true;
}
global $use_login_system;
if ($use_login_system && logged_in() && is_admin())
//allow admins to view hidden files
{
return false;
}
global $hidden_files, $show_only_these_files;
if ($is_file && count($show_only_these_files))
{
return (!match_in_array($fn, $show_only_these_files));
}
if (!count($hidden_files))
{
return false;
}
return match_in_array($fn, $hidden_files);
}
function eval_dir($d)
//check $d for "bad" things, and deal with ".."
{
$d = str_replace('\\', '/', $d);
if ($d == '' || $d == '/')
{
return '';
}
$dirs = explode('/', $d);
for ($i=0; $i<count($dirs); $i++)
{
if ($dirs[$i] == '.' || is_hidden($dirs[$i], false))
{
array_splice($dirs, $i, 1);
$i--;
}
else if (preg_match('/^\.\./', $dirs[$i])) //if it starts with two dots
{
array_splice($dirs, $i-1, 2);
$i = -1;
}
}
$new_dir = implode('/', $dirs);
if ($new_dir == '' || $new_dir == '/')
{
return '';
}
if ($d{0} == '/' && $new_dir{0} != '/')
{
$new_dir = '/'.$new_dir;
}
if (preg_match('#/$#', $d) && !preg_match('#/$#', $new_dir))
{
$new_dir .= '/';
}
else if (is_hidden(get_basename($d)))
{
return '';
}
return $new_dir;
}
//get the user defined variables that are in the URL
$subdir = (isset($_GET['dir']) ? eval_dir(rawurldecode($_GET['dir'])) : '');
$file_dl = (isset($_GET['file']) ? rawurldecode($_GET['file']) : '');
$search = (isset($_GET['search']) ? $_GET['search'] : '');
$search_mode = (isset($_GET['searchMode']) ? $_GET['searchMode'] : '');
while (preg_match('#\\\\|/$#', $file_dl))
{
$file_dl = substr($file_dl, 0, -1);
}
$file_dl = eval_dir($file_dl);
if (!@is_dir($base_dir))
{
die('<p>Error: <em>'.htmlentities($base_dir)
.'</em> is not a valid directory.<br />Check the $base_dir variable.</p>');
}
if (!$sub_folder_access || $subdir == '/')
{
$subdir = '';
}
else if (preg_match('#[^/\\\\]$#', $subdir))
{
$subdir .= '/'; //add a slash to the end if there isn't one
}
$dir = $base_dir.$subdir;
//this will be displayed before any HTML output
$html_heading = '';
if ($index == '')
{
$html_heading .= '<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$_SESSION['lang'].'">
<head>';
}
if ($stylesheet != '')
{
$html_heading .= "\n<link rel=\"stylesheet\" href=\"$stylesheet\" type=\"text/css\" title=\"AutoIndex Default\" />\n";
}
if ($index == '')
{
$html_heading .= "\n<title>".$words['index of'].' '.htmlentities($dir)
."</title>\n\n</head><body class='autoindex_body'>\n\n";
}
function show_header()
{
global $header, $header_per_folder, $dir;
if ($header != '')
{
if ($header_per_folder)
{
$header = $dir.$header;
}
if (@is_readable($header))
{
include($header);
}
}
}
function show_footer()
{
global $footer, $footer_per_folder, $dir;
if ($footer != '')
{
if ($footer_per_folder)
{
$footer = $dir.$footer;
}
if (@is_readable($footer))
{
include($footer);
}
}
}
function show_login_box()
{
global $this_file, $subdir, $icon_path;
$sd = translate_uri($subdir);
echo '<p /><table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td"><img src="', $icon_path,
'/login.png" width="12" height="14" alt="Login" /> Login:',
"\n<form method='post' action='{$this_file}dir=$sd'>
<table><tr class=\"paragraph\"><td>Username:</td>
<td><input type='text' name='user' />
</td></tr><tr class=\"paragraph\"><td>Password:</td>
<td><input type='password' name='pass' /></td></tr></table>
<p><input class='button' type='submit' value='Login' /></p>
</form></td></tr></table>";
}
function show_search_box()
{
global $index, $search, $words, $search_mode, $this_file, $subdir, $icon_path;
echo '<p /><table border="0" cellpadding="8" cellspacing="0">
<tr class="paragraph"><td class="default_td"><img src="', $icon_path,
'/search.png" width="16" height="16" alt="', $words['search'], '" /> ',
$words['search'], ":<br /><form method='get' action='$this_file'>
<p><input type='text' name='search' value='", htmlentities($search), "' />\n";
if ($index != '' && strpos($index, '?') !== false)
{
$id_temp = explode('=', $index, 2);
$id_temp[0] = substr(strstr($id_temp[0], '?'), 1);
echo "<input type='hidden' name='$id_temp[0]' value='$id_temp[1]' />";
}
echo "\n<input type='hidden' name='dir' value='", translate_uri($subdir),
"' /><br /><select name='searchMode'>\n";
$search_modes = array($words['files'] => 'f', $words['folders'] => 'd', $words['both'] => 'fd');
foreach ($search_modes as $key => $element)
{
$sel = (($search_mode == $element) ? ' selected="selected"' : '');
echo "\t<option$sel value='$element'>$key</option>\n";
}
echo "</select><input type='submit' value='", $words['search'],
'\' class="button" /></p></form></td></tr></table>';
}
function is_username($user)
{
global $html_heading, $global_user_list;
foreach ($global_user_list as $look)
{
if (strcasecmp($user, substr(rtrim($look), 33)) === 0)
{
return true;
}
}
return false;
}
function num_admins()
//returns the number of accounts with admin rights
{
global $html_heading, $global_user_list;
$num = 0;
foreach ($global_user_list as $look)
{
if (substr($look, 32, 1) === '1')
{
$num++;
}
}
return $num;
}
function get_filesize($size)
//give a size in bytes, and this will return the appropriate measurement format
{
$size = max(0, $size);
static $u = array(' B', 'KB', 'MB', 'GB');
for ($i=0; $size >= 1024 && $i < 4; $i++)
{
$size /= 1024;
}
return number_format($size, 1).' '.$u[$i];
}
function ext($fn)
//return the lowercase file extension of $fn, not including the leading dot
{
$fn = get_basename($fn);
return (strpos($fn, '.') ? strtolower(substr(strrchr($fn, '.'), 1)) : '');
}
function get_all_files($path)
//returns an array of every file in $path, including folders (except ./ and ../)
{
$list = array();
if (($hndl = @opendir($path)) === false)
{
return $list;
}
while (($file=readdir($hndl)) !== false)
{
if ($file != '.' && $file != '..')
{
$list[] = $file;
}
}
closedir($hndl);
return $list;
}
function get_file_list($path)
//returns a sorted array of filenames. Filters out "bad" files
{
global $sub_folder_access, $links_file;
$f = $d = array();
foreach (get_all_files($path) as $name)
{
if ($sub_folder_access && @is_dir($path.$name) && !is_hidden($name, false))
{
$d[] = $name;
}
else if (@is_file($path.$name) && !is_hidden($name, true))
{
$f[] = $name;
}
}
if ($links_file != '' && ($links = @file($path.$links_file)))
{
foreach ($links as $name)
{
$p = strpos($name, '|');
$f[] = (($p === false) ? rtrim($name).'|' : substr(rtrim($name), 0, $p).'|');
}
}
natcasesort($d);
natcasesort($f);
return array_merge($d, $f);
}
function dir_size($dir)
//returns the total size of a directory (recursive) in bytes
{
$totalsize = 0;
foreach (get_file_list($dir) as $name)
{
$totalsize += (@is_dir($dir.$name) ? dir_size("$dir$name/") : (int)@filesize($dir.$name));
}
return $totalsize;
}
function match_filename($filename, $string)
{
if (preg_match_all('/(?<=")[^"]+(?=")|[^ "]+/', $string, $matches))
{
foreach ($matches[0] as $w)
{
if (preg_match('#[^/\.]+#', $w) && stristr($filename, $w))
{
return true;
}
}
}
return false;
}
function search_dir($sdir, $string)
//returns files/folders (recursive) in $sdir that contain $string
{
global $search_mode;
//search_mode: d=folders, f=files, fd=both
$found = array();
$list = get_file_list($sdir);
$d = count($list);
for ($i=0; $i<$d; $i++)
{
$full_name = $sdir.$list[$i];
if (stristr($search_mode, 'f') && (@is_file($full_name) || preg_match('/\|$/', $list[$i])) && match_filename($list[$i], $string))
{
$found[] = $full_name;
}
else if (@is_dir($full_name))
{
if (stristr($search_mode, 'd') && match_filename($list[$i], $string))
{
$found[] = $full_name;
}
$found = array_merge($found, search_dir($full_name.'/', $string));
}
}
return $found;
}
function add_num_to_array($num, &$array)
{
isset($array[$num]) ? $array[$num]++ : $array[$num] = 1;
}
function mkdir_recursive($path)
{
if (@is_dir($path))
{
return true;
}
if (!mkdir_recursive(dirname($path)))
{
return false;
}
return @mkdir($path, 0755);
}
function rmdir_recursive($path)
{
if (!preg_match('#/$#', $path))
{
$path .= '/';
}
foreach (get_all_files($path) as $file)
{
if ($file == '' || $file == '.' || $file == '..')
{
continue;
}
if (@is_dir("$path$file/"))
{
rmdir_recursive("$path$file/");
}
else
{
@unlink($path . $file);
}
}
return @rmdir($path);
}
function num_files($dir)
//returns the number of files in $dir (recursive)
{
$count = 0;
if (!preg_match('#/$#', $dir))
{
$dir .= '/';
}
$list = get_file_list($dir);
$d = count($list);
for ($i=0; $i<$d; $i++)
{
$count += (@is_dir($dir.$list[$i]) ? num_files($dir.$list[$i]) : 1);
}
return $count;
}
function redirect($site)
{
header("Location: $site");
die('<p>Redirection header could not be sent.<br />'
."Continue here: <a href=\"$site\">$site</a></p>");
}
function find_mime_type($ext)
{
static $mime_types = array(
'application/andrew-inset' => array('ez'),
'application/mac-binhex40' => array('hqx'),
'application/mac-compactpro' => array('cpt'),
'application/mathml+xml' => array('mathml'),
'application/msword' => array('doc'),
'application/octet-stream' => array('bin', 'dms', 'lha',
'lzh', 'exe', 'class', 'so', 'dll', 'dmg'),
'application/oda' => array('oda'),
'application/ogg' => array('ogg'),
'application/pdf' => array('pdf'),
'application/postscript' => array('ai', 'eps', 'ps'),
'application/rdf+xml' => array('rdf'),
'application/smil' => array('smi', 'smil'),
'application/srgs' => array('gram'),
'application/srgs+xml' => array('grxml'),
'application/vnd.mif' => array('mif'),
'application/vnd.mozilla.xul+xml' => array('xul'),
'application/vnd.ms-excel' => array('xls'),
'application/vnd.ms-powerpoint' => array('ppt'),
'application/vnd.wap.wbxml' => array('wbxml'),
'application/vnd.wap.wmlc' => array('wmlc'),
'application/vnd.wap.wmlscriptc' => array('wmlsc'),
'application/voicexml+xml' => array('vxml'),
'application/x-bcpio' => array('bcpio'),
'application/x-cdlink' => array('vcd'),
'application/x-chess-pgn' => array('pgn'),
'application/x-cpio' => array('cpio'),
'application/x-csh' => array('csh'),
'application/x-director' => array('dcr', 'dir', 'dxr'),
'application/x-dvi' => array('dvi'),
'application/x-futuresplash' => array('spl'),
'application/x-gtar' => array('gtar'),
'application/x-hdf' => array('hdf'),
'application/x-javascript' => array('js'),
'application/x-koan' => array('skp', 'skd', 'skt', 'skm'),
'application/x-latex' => array('latex'),
'application/x-netcdf' => array('nc', 'cdf'),
'application/x-sh' => array('sh'),
'application/x-shar' => array('shar'),
'application/x-shockwave-flash' => array('swf'),
'application/x-stuffit' => array('sit'),
'application/x-sv4cpio' => array('sv4cpio'),
'application/x-sv4crc' => array('sv4crc'),
'application/x-tar' => array('tar'),
'application/x-tcl' => array('tcl'),
'application/x-tex' => array('tex'),
'application/x-texinfo' => array('texinfo', 'texi'),
'application/x-troff' => array('t', 'tr', 'roff'),
'application/x-troff-man' => array('man'),
'application/x-troff-me' => array('me'),
'application/x-troff-ms' => array('ms'),
'application/x-ustar' => array('ustar'),
'application/x-wais-source' => array('src'),
'application/xhtml+xml' => array('xhtml', 'xht'),
'application/xslt+xml' => array('xslt'),
'application/xml' => array('xml', 'xsl'),
'application/xml-dtd' => array('dtd'),
'application/zip' => array('zip'),
'audio/basic' => array('au', 'snd'),
'audio/midi' => array('mid', 'midi', 'kar'),
'audio/mpeg' => array('mpga', 'mp2', 'mp3'),
'audio/x-aiff' => array('aif', 'aiff', 'aifc'),
'audio/x-mpegurl' => array('m3u'),
'audio/x-pn-realaudio' => array('ram', 'ra'),
'application/vnd.rn-realmedia' => array('rm'),
'audio/x-wav' => array('wav'),
'chemical/x-pdb' => array('pdb'),
'chemical/x-xyz' => array('xyz'),
'image/bmp' => array('bmp'),
'image/cgm' => array('cgm'),
'image/gif' => array('gif'),
'image/ief' => array('ief'),
'image/jpeg' => array('jpeg', 'jpg', 'jpe'),
'image/png' => array('png'),
'image/svg+xml' => array('svg'),
'image/tiff' => array('tiff', 'tif'),
'image/vnd.djvu' => array('djvu', 'djv'),
'image/vnd.wap.wbmp' => array('wbmp'),
'image/x-cmu-raster' => array('ras'),
'image/x-icon' => array('ico'),
'image/x-portable-anymap' => array('pnm'),
'image/x-portable-bitmap' => array('pbm'),
'image/x-portable-graymap' => array('pgm'),
'image/x-portable-pixmap' => array('ppm'),
'image/x-rgb' => array('rgb'),
'image/x-xbitmap' => array('xbm'),
'image/x-xpixmap' => array('xpm'),
'image/x-xwindowdump' => array('xwd'),
'model/iges' => array('igs', 'iges'),
'model/mesh' => array('msh', 'mesh', 'silo'),
'model/vrml' => array('wrl', 'vrml'),
'text/calendar' => array('ics', 'ifb'),
'text/css' => array('css'),
'text/html' => array('html', 'htm'),
'text/plain' => array('asc', 'txt'),
'text/richtext' => array('rtx'),
'text/rtf' => array('rtf'),
'text/sgml' => array('sgml', 'sgm'),
'text/tab-separated-values' => array('tsv'),
'text/vnd.wap.wml' => array('wml'),
'text/vnd.wap.wmlscript' => array('wmls'),
'text/x-setext' => array('etx'),
'video/mpeg' => array('mpeg', 'mpg', 'mpe'),
'video/quicktime' => array('qt', 'mov'),
'video/vnd.mpegurl' => array('mxu', 'm4u'),
'video/x-msvideo' => array('avi'),
'video/x-sgi-movie' => array('movie'),
'x-conference/x-cooltalk' => array('ice')
);
foreach ($mime_types as $mime_type => $exts)
{
if (in_array($ext, $exts))
{
return $mime_type;
}
}
return 'text/plain';
}
function icon($ext)
//find the appropriate icon depending on the extension (returns a link to the image file)
{
global $icon_path;
if ($icon_path == '')
{
return '';
}
if ($ext == '')
{
$icon = 'generic';
}
else
{
$icon = 'unknown';
static $icon_types = array(
'binary' => array('bat', 'bin', 'com', 'dmg', 'dms', 'exe', 'msi',
'msp', 'pif', 'pyd', 'scr', 'so'),
'binhex' => array('hqx'),
'cd' => array('bwi', 'bws', 'bwt', 'ccd', 'cdi', 'cue', 'img',
'iso', 'mdf', 'mds', 'nrg', 'nri', 'sub', 'vcd'),
'comp' => array('cfg', 'conf', 'inf', 'ini', 'log', 'nfo', 'reg'),
'compressed' => array('7z', 'a', 'ace', 'ain', 'alz', 'amg', 'arc',
'ari', 'arj', 'bh', 'bz', 'bz2', 'cab', 'deb', 'dz', 'gz',
'io', 'ish', 'lha', 'lzh', 'lzs', 'lzw', 'lzx', 'msx', 'pak',
'rar', 'rpm', 'sar', 'sea', 'sit', 'taz', 'tbz', 'tbz2',
'tgz', 'tz', 'tzb', 'uc2', 'xxe', 'yz', 'z', 'zip', 'zoo'),
'dll' => array('386', 'db', 'dll', 'ocx', 'sdb', 'vxd'),
'doc' => array('abw', 'ans', 'chm', 'cwk', 'dif', 'doc', 'dot',
'mcw', 'msw', 'pdb', 'psw', 'rtf', 'rtx', 'sdw', 'stw', 'sxw',
'vor', 'wk4', 'wkb', 'wpd', 'wps', 'wpw', 'wri', 'wsd'),
'image' => array('adc', 'art', 'bmp', 'cgm', 'dib', 'gif', 'ico',
'ief', 'jfif', 'jif', 'jp2', 'jpc', 'jpe', 'jpeg', 'jpg', 'jpx',
'mng', 'pcx', 'png', 'psd', 'psp', 'swc', 'sxd', 'tga',
'tif', 'tiff', 'wmf', 'wpg', 'xcf', 'xif', 'yuv'),
'java' => array('class', 'jar', 'jav', 'java', 'jtk'),
'js' => array('ebs', 'js', 'jse', 'vbe', 'vbs', 'wsc', 'wsf',
'wsh'),
'key' => array('aex', 'asc', 'gpg', 'key', 'pgp', 'ppk'),
'mov' => array('amc', 'dv', 'm4v', 'mac', 'mov', 'mp4v', 'mpg4',
'pct', 'pic', 'pict', 'pnt', 'pntg', 'qpx', 'qt', 'qti',
'qtif', 'qtl', 'qtp', 'qts', 'qtx'),
'movie' => array('asf', 'asx', 'avi', 'div', 'divx', 'dvi', 'm1v',
'm2v', 'mkv', 'movie', 'mp2v', 'mpa', 'mpe', 'mpeg', 'mpg',
'mps', 'mpv', 'mpv2', 'ogm', 'ram', 'rmvb', 'rnx', 'rp', 'rv',
'vivo', 'vob', 'wmv', 'xvid'),
'pdf' => array('edn', 'fdf', 'pdf', 'pdp', 'pdx'),
'php' => array('inc', 'php', 'php3', 'php4', 'php5', 'phps',
'phtml'),
'ppt' => array('emf', 'pot', 'ppa', 'pps', 'ppt', 'sda', 'sdd',
'shw', 'sti', 'sxi'),
'ps' => array('ai', 'eps', 'ps'),
'sound' => array('aac', 'ac3', 'aif', 'aifc', 'aiff', 'ape', 'apl',
'au', 'ay', 'bonk', 'cda', 'cdda', 'cpc', 'fla', 'flac',
'gbs', 'gym', 'hes', 'iff', 'it', 'itz', 'kar', 'kss', 'la',
'lpac', 'lqt', 'm4a', 'm4p', 'mdz', 'mid', 'midi', 'mka',
'mo3', 'mod', 'mp+', 'mp1', 'mp2', 'mp3', 'mp4', 'mpc',
'mpga', 'mpm', 'mpp', 'nsf', 'oda', 'ofr', 'ogg', 'pac', 'pce',
'pcm', 'psf', 'psf2', 'ra', 'rm', 'rmi', 'rmjb', 'rmm', 'sb',
'shn', 'sid', 'snd', 'spc', 'spx', 'svx', 'tfm', 'tfmx',
'voc', 'vox', 'vqf', 'wav', 'wave', 'wma', 'wv', 'wvx', 'xa',
'xm', 'xmz'),
'tar' => array('gtar', 'tar'),
'text' => array('c', 'cc', 'cp', 'cpp', 'cxx', 'diff', 'h', 'hpp',
'hxx', 'm3u', 'md5', 'patch', 'pls', 'py', 'sfv', 'sh',
'txt'),
'uu' => array('uu', 'uud', 'uue'),
'web' => array('asa', 'asp', 'aspx', 'cfm', 'cgi', 'css', 'dhtml',
'dtd', 'grxml', 'htc', 'htm', 'html', 'htt', 'htx', 'jsp', 'lnk',
'mathml', 'mht', 'mhtml', 'perl', 'pl', 'plg', 'rss', 'shtm',
'shtml', 'stm', 'swf', 'tpl', 'wbxml', 'xht', 'xhtml', 'xml',
'xsl', 'xslt', 'xul'),
'xls' => array('csv', 'dbf', 'prn', 'pxl', 'sdc', 'slk', 'stc', 'sxc',
'xla', 'xlb', 'xlc', 'xld', 'xlr', 'xls', 'xlt', 'xlw'));
foreach ($icon_types as $png_name => $exts)
{
if (in_array($ext, $exts))
{
$icon = $png_name;
break;
}
}
}
return "<img alt=\"[$ext]\" height=\"16\" width=\"16\" src=\"$icon_path/$icon.png\" /> ";
}
function display_thumbnail($file, $thumbnail_height)
{
global $html_heading;
if (!@is_file($file))
{
header('HTTP/1.0 404 Not Found');
die("$html_heading<p>File not found: <em>".htmlentities($file).'</em></p>');
}
switch (ext($file))
{
case 'gif':
$src = @imagecreatefromgif($file);
break;
case 'jpeg':
case 'jpg':
case 'jpe':
$src = @imagecreatefromjpeg($file);
break;
case 'png':
$src = @imagecreatefrompng($file);
break;
default:
die("$html_heading<p>Unsupported file extension.</p>");
}
if ($src === false)
{
die("$html_heading<p>Unsupported image type.</p>");
}
header('Content-Type: image/jpeg');
header('Cache-Control: public, max-age=3600, must-revalidate');
header('Expires: '.gmdate('D, d M Y H:i:s', time()+3600).' GMT');
$src_height = imagesy($src);
if ($src_height <= $thumbnail_height)
{
imagejpeg($src, '', 95);
}
else
{
$src_width = imagesx($src);
$thumb_width = $thumbnail_height * ($src_width / $src_height);
$thumb = imagecreatetruecolor($thumb_width, $thumbnail_height);
imagecopyresampled($thumb, $src, 0, 0, 0, 0, $thumb_width,
$thumbnail_height, $src_width, $src_height);
imagejpeg($thumb);
imagedestroy($thumb);
}
imagedestroy($src);
die();
}
function edit_description($fn, &$desc)
//edits a file's description
{
global $description_file, $html_heading;
if ($description_file == '')
{
return;
}
$wrote = false;
$l = @file($description_file) or $l = array();
$h = @fopen($description_file, 'wb') or die("$html_heading<p>Cannot open description file for writing.</p>");
$count_num = count($l);
for ($i=0; $i<$count_num; $i++)
{
$items = explode('|', rtrim($l[$i]), 2);
if (count($items) === 2 && $fn == $items[0])
{
fwrite($h, "$fn|$desc\n");
$wrote = true;
}
else
{
fwrite($h, $l[$i]);
}
}
if (!$wrote && $desc != '')
{
fwrite($h, "$fn|$desc\n");
}
fclose($h);
}
function add_to_file($item, $outfile)
{
global $html_heading;
$counted = false;
if ($l = @file($outfile))
{
$count_num = count($l);
for ($i=0; $i<$count_num; $i++)
{
$thisc = rtrim($l[$i]);
if ($item == substr($thisc, 0, strpos($thisc, '|')))
{
$counted = true;
break;
}
}
}
if ($counted)
{
$w = @fopen($outfile, 'wb') or die("$html_heading<p>Could not open <em>$outfile</em> file for writing.</p>");
for ($i=0; $i<$count_num; $i++)
{
$items = explode('|', rtrim($l[$i]), 2);
if (count($items) === 2 && $items[0] == $item)
{
$nc = $items[1] + 1;
fwrite($w, "$item|$nc\n");
}
else
{
fwrite($w, $l[$i]);
}
}
}
else
{
$w = @fopen($outfile, 'ab') or die("$html_heading<p>Could not open <em>$outfile</em> file for writing.</p>");
fwrite($w, "$item|1\n");
}
fclose($w);
}
function get_stored_info($item, $filename)
{
if ($contents = @file($filename))
{
$count_num = count($contents);
for ($i=0; $i<$count_num; $i++)
{
$items = explode('|', rtrim($contents[$i]), 2);
if (count($items) === 2 && $item == $items[0])
{
return $items[1];
}
}
}
return '';
}
function table_heading($title, $sortMode, $tooltip)
{
global $this_file, $subdir;
echo "\n<th class='default_th'><a class='black_link' title=\"$tooltip\" href=\"",
$this_file, 'dir=', translate_uri($subdir), '&sort=',
(($_SESSION['sort'] == 'a' && $_SESSION['sortMode'] == $sortMode) ? 'd' : 'a'),
'&sortMode=', $sortMode, '">', $title, '</a></th>';
}
//find and store the user's IP address and hostname:
$ip = (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'N/A');
if (isset($_SESSION['host']))
{
$host = $_SESSION['host'];
}
else
{
$_SESSION['host'] = $host = @gethostbyaddr($ip);
}
if ($banned_list != '' && ($b_list = @file($banned_list)))
//make sure the IP or hostname is not banned
{
for ($i=0; $i<count($b_list); $i++)
{
$b_list[$i] = rtrim($b_list[$i]);
}
if (match_in_array($ip, $b_list) || match_in_array($host, $b_list))
{
echo $html_heading;
show_header();
echo '<p>Sorry, the administrator has blocked your IP address or hostname.</p>';
show_footer();
die();
}
}
function ok_to_log()
//returns true if the ip or hostname is not in $dont_log_these_ips
{
global $ip, $host, $dont_log_these_ips;
return (!(match_in_array($ip, $dont_log_these_ips) ||
($host != 'N/A' && match_in_array($host, $dont_log_these_ips))));
}
if ($use_login_system && isset($_POST['user'], $_POST['pass'])
&& $_POST['user'] != '' && $_POST['pass'] != '')
//check login
{
if (check_login($_POST['user'], md5($_POST['pass'])))
{
if ($log_file != '' && ok_to_log())
{
if ($write = @fopen($log_file, 'ab'))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
."\t$ip\t$host\t$referrer\t$dir\tSuccessful Login (username: "
.$_POST['user'].")\n");
fclose($write);
}
}
$_SESSION['user'] = $_POST['user'];
$_SESSION['pass'] = md5($_POST['pass']);
unset($_POST['pass'], $_POST['user']);
redirect($this_file.'dir='.translate_uri($subdir));
}
else
{
echo '<h3>Invalid Login.</h3>';
if ($log_file != '' && ok_to_log())
{
if ($write = @fopen($log_file, 'ab'))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
."\t$ip\t$host\t$referrer\t$dir\tInvalid Login (username: "
.$_POST['user'].")\n");
fclose($write);
}
}
sleep(1); //"freeze" the script for a second to prevent brute force attacks
}
}
if ($use_login_system && $must_login_to_download && !logged_in())
//must login to download
{
echo $html_heading;
show_header();
echo '<p>You must login to download and view files.</p>';
show_login_box();
show_footer();
die();
}
if ($md5_show && isset($_GET['md5']))
{
$file = $dir.eval_dir(rawurldecode($_GET['md5']));
if (!@is_file($file))
{
header('HTTP/1.0 404 Not Found');
die($html_heading.'<p>Error: file does not exist.</p>');
}
$size = (int)@filesize($file);
if ($size <= 0 || $size/1048576 > $md5_show)
{
die($html_heading.'<p><strong>Error</strong>: empty file, or file too big to find the md5sum of (according to the $md5_show variable).</p>');
}
die(md5_file($file));
}
if ($thumbnail_height > 0 && isset($_GET['thumbnail']) && $_GET['thumbnail'] != '')
{
$file = $dir.eval_dir(rawurldecode($_GET['thumbnail']));
display_thumbnail($file, $thumbnail_height);
}
if (isset($_GET['sort']))
{
$_SESSION['sort'] = $_GET['sort'];
}
else if (!isset($_SESSION['sort']))
{
//'a' is ascending, 'd' is descending
$_SESSION['sort'] = 'a';
}
if (isset($_GET['sortMode']))
{
$_SESSION['sortMode'] = $_GET['sortMode'];
}
else if (!isset($_SESSION['sortMode']))
{
/*
* 'f' is filename
* 't' is filetype
* 'h' is downloads (hits)
* 's' is size
* 'm' is date (modified)
* 'd' is description
*/
$_SESSION['sortMode'] = 'f';
}
//size of the "chunks" that are read at a time from the file (when $force_download is on)
$speed = ($bandwidth_limit ? $bandwidth_limit : 8);
if ($folder_expansion)
{
if (!isset($_SESSION['expanded']))
{
$_SESSION['expanded'] = array();
}
if (isset($_GET['expand']) && $_GET['expand'] != '')
{
$temp = $dir.eval_dir(rawurldecode($_GET['expand']));
if (@is_dir($temp) && !in_array($temp, $_SESSION['expanded']))
{
$_SESSION['expanded'][] = $temp;
}
}
if (isset($_GET['collapse']) && $_GET['collapse'] != '')
{
$temp = $dir.eval_dir(rawurldecode($_GET['collapse']));
if (in_array($temp, $_SESSION['expanded']))
{
array_splice($_SESSION['expanded'], array_search($temp, $_SESSION['expanded']), 1);
}
}
}
if ($allow_uploads && (!$use_login_system || logged_in()))
//upload a file
{
if ($count_files = count($_FILES))
{
echo $html_heading;
show_header();
$uploaded_files = $errors = '';
for ($i=0; $i<$count_files; $i++)
{
$filename = get_basename($_FILES[$i]['name']);
if ($filename == '')
{
continue;
}
if (is_hidden($filename))
{
$errors .= "<li>$filename [filename is listed as a hidden file]</li>";
continue;
}
$filepath = $base_dir.eval_dir(rawurldecode($_POST['dir']));
$fullpathname = realpath($filepath).'/'.$filename;
if (!$allow_file_overwrites && @file_exists($fullpathname))
{
$errors .= "<li>$filename [file already exists]</li>";
}
else if (@move_uploaded_file($_FILES[$i]['tmp_name'], $fullpathname))
{
@chmod($fullpathname, 0644);
$uploaded_files .= "<li>$filename</li>";
if ($log_file != '' && ok_to_log() && ($write = @fopen($log_file, 'ab')))
{
fwrite($write, date($date_format)."\t".date('H:i:s')
. "\t$ip\t$host\t$referrer\t$dir\tFile uploaded: $filepath$filename\n");
fclose($write);
}
}
else
{
$errors .= "<li>$filename</li>";
}
}
if ($errors == '')
{
$errors = '<br />[None]';
}
if ($uploaded_files == '')
{
$uploaded_files = '<br />[None]';
}
echo "<p><strong>Uploaded files</strong>: $uploaded_files</p><p><strong>Failed files</strong>: $errors</p>",
'<p><a class="default_a" href="', $this_file, 'dir=',
$_POST['dir'], '">Continue.</a></p>';
show_footer();
die();
}
else if (isset($_POST['numUpload']))
{
echo $html_heading;
show_header();
echo "<table border='0' cellpadding='8' cellspacing='0'><tr class='paragraph'><td class='default_td'>
<form enctype='multipart/form-data' action='$this_file' method='post'>
<input type='hidden' name='dir' value='", $_POST['dir'], "' />\n";
$num = (int)$_POST['numUpload'];
for ($i=0; $i<$num; $i++)
{
$n = $i + 1;
echo "\t\t{$words['file']} $n : <input name='$i' type='file' /><br />\n";
}
echo '<p><input class="button" type="submit" value="Upload Files" />
</p></form></td></tr></table>';
show_footer();
die();
}
}
if ($use_login_system && logged_in() && is_admin())
{
$con = '<p><a class="default_a" href="'.$this_file.'dir='
.translate_uri($subdir).'">Continue.</a></p>';
if (isset($_GET['getcreate']))
{
echo $html_heading;
show_header();
echo "<table border='0' cellpadding='8' cellspacing='0'><tr class='paragraph'><td class='default_td'>
Enter the name of the folder you would like to create:
<form method='get' action='$this_file'>
<input type='hidden' name='dir' value='", translate_uri($subdir), "' />";
if ($index != '' && strpos($index, '?') &#
!
(a w to wątpię)