View of xos/website/viewfile.php

XOS | Parent Directory | View | Download 
<?php
/* Copyright (C) 2008  Emmanuel Varoquaux
 
   This file is part of XOS.
 
   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.
 
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
 
   You should have received a copy of the GNU General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>. */
?>
<?php
function highlight($str, $lang)
{
  require_once "Text/Highlighter.php";
  require_once "Text/Highlighter/Renderer/Html.php";
 
  $highlighter =& Text_Highlighter::factory($lang);
  $highlighter->setRenderer(new Text_Highlighter_Renderer_Html);
  echo $highlighter->highlight($str);
  return TRUE;
}
 
$filename = @$_GET["file"];
if (empty($filename)) {
  die();
}
$path = explode("/", $filename);
$canonpath = array();
$redirect = FALSE;
foreach ($path as $comp) {
  if ($comp == "" || $comp == ".")
    continue;
  elseif ($comp == "..")
    array_pop($canonpath);
  else
    array_push($canonpath, $comp);
}
$canonfilename = implode("/", $canonpath);
if ($canonfilename != $filename) {
  $query_string = "";
  foreach($_GET as $param => $value) {
    if ($param == "file")
      continue;
    if (!empty($query_string))
      $query_string .= "&";
    $query_string .= "$param=$value";
  }
  if (!empty($query_string))
    $query_string .= "&";
  $query_string .= "file=$canonfilename";
  header("Location: http://{$_SERVER["HTTP_HOST"]}{$_SERVER["PHP_SELF"]}?$query_string");
  exit;
}
array_pop($canonpath);
$parentfilename = implode("/", $canonpath);
 
if (!file_exists("src/$filename")) {
  die();
}
if (($type = @filetype("src/$filename")) === FALSE) {
  exit;
}
if ($type == "dir") {
  $title = "Index of $filename";
  $dirents = array();
  if (($dir_handle = @opendir("src/$filename")) !== FALSE) {
    while (($entname = @readdir($dir_handle)) !== FALSE) {
      if ($entname == "." || $entname == "..")
        continue;
      $dirents[] = array("type" => @filetype("src/$filename/$entname"), "name" => $entname, "size" => !@is_dir("src/$filename/$entname") ? @filesize("src/$filename/$entname") : "-");
    }
    @closedir($dir_handle);
    $direntdir = array();
    $direntname = array();
    $direntsize = array();
    foreach ($dirents as $key => $dirent) {
      $direntdir[$key] = $dirent["type"] == "dir" ? 1 : 0;
      $direntname[$key] = $dirent["name"];
      $direntsize[$key] = $dirent["size"];
    }
    $sortkey = @$_GET["sortby"];
    unset($sortdir);
    if (@$_GET["sortdir"] == "asc")
      $sortdir = SORT_ASC;
    elseif (@$_GET["sortdir"] == "desc")
      $sortdir = SORT_DESC;
    if ($sortkey == "name") {
      if (!isset($sortdir))
        $sortdir = SORT_ASC;
      array_multisort($direntname, $sortdir, $dirents);
    }
    elseif ($sortkey == "size") {
      if (!isset($sortdir))
        $sortdir = SORT_DESC;
      array_multisort($direntsize, $sortdir, $direntname, SORT_ASC, $dirents);
    }
    else {
      $sortkey = "type";
      if (!isset($sortdir))
        $sortdir = SORT_DESC;
      array_multisort($direntdir, $sortdir, $direntname, SORT_ASC, $dirents);
    }
  }
}
else {
  if (preg_match("/\.c$/", $filename))
    $mime_type = "text/x-csrc";
  elseif (preg_match("/\.h$/", $filename))
    $mime_type = "text/x-chdr";
  elseif (preg_match("/\.css/", $filename))
    $mime_type = "text/css";
  elseif (preg_match("/\.html$/", $filename))
    $mime_type = "text/html";
  elseif (preg_match("/\.js$/", $filename))
    $mime_type = "application/javascript";
  elseif (preg_match("/\.php$/", $filename))
    $mime_type = "application/x-httpd-php";
  elseif (preg_match("/\.sh$/", $filename))
    $mime_type = "text/x-sh";
  elseif (preg_match("/\.xml$/", $filename))
    $mime_type = "application/xml";
  elseif (preg_match("/\.xsl$/", $filename))
    $mime_type = "application/xml";
  elseif (preg_match("/\.gif$/", $filename))
    $mime_type = "image/gif";
  elseif (preg_match("/\.jpg$/", $filename))
    $mime_type = "image/jpeg";
  elseif (preg_match("/\.png$/", $filename))
    $mime_type = "image/png";
  elseif (preg_match("/\.tgz/", $filename))
    $mime_type = "application/x-tar";
  else
    $mime_type = "text/plain";
  switch (@$_GET["action"]) {
  case "view":
    header("Content-Type: text/plain");
    header("Content-Disposition: inline; filename=" . basename($filename));
    @readfile("src/$filename");
    exit;
  case "download":
    header("Content-Type: $mime_type");
    header("Content-Disposition: attachment; filename=" . basename($filename));
    @readfile("src/$filename");
    exit;
  }
  $title = "View of $filename";
  $data = @file_get_contents("src/$filename");
  if (preg_match("/\.[ch]$/", $filename))
    $lang = "cpp";
  elseif (preg_match("/\.css/", $filename))
    $lang = "css";
  elseif (preg_match("/\.html$/", $filename))
    $lang = "html";
  elseif (preg_match("/\.js$/", $filename))
    $lang = "javascript";
  elseif (preg_match("/\.php$/", $filename))
    $lang = "php";
  elseif (preg_match("/\.sh$/", $filename))
    $lang = "sh";
  elseif (preg_match("/\.xml$/", $filename))
    $lang = "xml";
  elseif (preg_match("/\.xsl$/", $filename))
    $lang = "xml";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<link rel="stylesheet" href="css/viewfile.css" type="text/css" media="screen">
<?php
if (isset($lang)) {
  echo "<link rel=\"stylesheet\" href=\"css/hilight.css\" type=\"text/css\" media=\"screen\">\n";
}
?>
<title><?=$title?></title>
</head>
<body>
<div id="title">
<h1><?=$title?></h1>
</div>
<hr>
<div id="actions">
<?php
echo "<a href=\".\">XOS</a>";
if (!empty($parentfilename)) {
  echo " | <a href=\"{$_SERVER["PHP_SELF"]}?file=$parentfilename\">Parent Directory</a>";
}
if ($type != "dir") {
  echo " | <a href=\"{$_SERVER["PHP_SELF"]}?file=$filename&amp;action=view\">View</a> | <a href=\"{$_SERVER["PHP_SELF"]}?file=$filename&amp;action=download\">Download</a>";
}
echo "\n";
?>
</div>
<hr>
<div id="contents">
<?php
if ($type == "dir") {
  $query_string = "";
  foreach($_GET as $param => $value) {
    if ($param == "sortby" || $param == "sortdir")
      continue;
    if (!empty($query_string))
      $query_string .= "&";
    $query_string .= "$param=$value";
  }
  echo "<table class=\"filelist\">\n";
  echo "<tr>\n";
  $dirstr = $sortdir == SORT_ASC ? "desc" : "asc";
  if ($sortkey == "type") {
    echo "<th class=\"file-type\"><a href=\"{$_SERVER["PHP_SELF"]}?" . htmlspecialchars($query_string) . "&amp;sortby=type&amp;sortdir=$dirstr\">Type</a></th>\n";
  }
  else {
    echo "<th class=\"file-type\"><a href=\"{$_SERVER["PHP_SELF"]}?" . htmlspecialchars($query_string) . "&amp;sortby=type\">Type</a></th>\n";
  }
  if ($sortkey == "name") {
    echo "<th class=\"file-name\"><a href=\"{$_SERVER["PHP_SELF"]}?" . htmlspecialchars($query_string) . "&amp;sortby=name&amp;sortdir=$dirstr\">Name</a></th>\n";
  }
  else
    echo "<th class=\"file-name\"><a href=\"{$_SERVER["PHP_SELF"]}?" . htmlspecialchars($query_string) . "&amp;sortby=name\">Name</a></th>\n";
  if ($sortkey == "size") {
    echo "<th class=\"file-size\"><a href=\"{$_SERVER["PHP_SELF"]}?" . htmlspecialchars($query_string) . "&amp;sortby=size&amp;sortdir=$dirstr\">Size</a></th>\n";
  }
  else {
    echo "<th class=\"file-size\"><a href=\"{$_SERVER["PHP_SELF"]}?" . htmlspecialchars($query_string) . "&amp;sortby=size\">Size</a></th>\n";
  }
  echo "</tr>\n";
  if (!empty($parentfilename)) {
    echo "<tr>\n";
    echo "<td class=\"file-type\">dir</td>\n";
    echo "<td class=\"file-name\"><a href=\"{$_SERVER["PHP_SELF"]}?file=$parentfilename\">..</a></td>\n";
    echo "<td align=\"right\" class=\"file-size\">-</td>\n";
    echo "</tr>\n";
  }
  foreach ($dirents as $dirent) {
    echo "<tr>\n";
    echo "<td class=\"file-type\">{$dirent["type"]}</td>\n";
    echo "<td class=\"file-name\"><a href=\"{$_SERVER["PHP_SELF"]}?file=$filename/{$dirent["name"]}\">{$dirent["name"]}";
    if ($dirent["type"] == "dir") {
      echo "/";
    }
    echo "</a></td>\n";
    echo "<td align=\"right\" class=\"file-size\">{$dirent["size"]}</td>\n";
    echo "</tr>\n";
  }
  echo "</table>\n";
}
else {
  if (strtok($mime_type, "/") == "image")
    echo "<img src=\"{$_SERVER["PHP_SELF"]}?file=$filename&amp;action=download\" alt=\"$filename\">";
  elseif (isset($lang))
    highlight($data, $lang);
  else {
    echo "<pre>\n";
    echo htmlentities($data) . "\n";
    echo "</pre>\n";
  }
}
?>
</div>
<hr>
<div id="footer">
This product includes PHP software, freely available from <a href="http://www.php.net/software/">http://www.php.net/software/</a>.
</div>
</body>
</html>