* @version 1.2.1 (January 06, 2007)
*
* @copyright Copyright (C) 2002-2007 Justin Hagstrom
* @license http://www.gnu.org/licenses/gpl.html GNU General Public License (GPL)
*
* @link http://autoindex.sourceforge.net
*/
/*
AutoIndex PHP Script is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
AutoIndex PHP Script is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/**
* OPTIONAL SETTINGS:
*/
//filenames and paths for configuration related files
define('CONFIG_STORED', 'AutoIndex.conf.php');
define('CONFIG_GENERATOR', 'config.php');
//paths for files that will be included
define('PATH_TO_CLASSES', './classes/');
define('PATH_TO_LANGUAGES', './languages/');
define('LANGUAGE_FILE_EXT', '.txt');
//filenames of template files
define('GLOBAL_HEADER', 'global_header.tpl');
define('GLOBAL_FOOTER', 'global_footer.tpl');
define('TABLE_HEADER', 'table_header.tpl');
define('TABLE_FOOTER', 'table_footer.tpl');
define('EACH_FILE', 'each_file.tpl');
/**
* When ENABLE_CACHE is true, the indexes of directories will be stored in
* files in the folder CACHE_STORAGE_DIR. You will notice a speed improvement
* when viewing folders that contain a few thousand files. However, the contents
* of the indexed folders will not be updated until you delete the cache file.
*/
define('ENABLE_CACHE', false);
/**
* This is the folder cache data will be stored in. PHP needs write permission
* in this directory. You can use an absolute path or a relative path, just
* make sure there is a slash at the end.
*/
define('CACHE_STORAGE_DIR', './cache/');
/**
* Format to display dates in.
* @see date()
*/
define('DATE_FORMAT', 'Y-M-d');
/**
* Sets debug mode. Off (false) by default.
*/
define('DEBUG', false);
/* END OPTIONAL SETTINGS */
/** The time this script began to execute. */
define('START_TIME', microtime(true));
/** Level for disabled/banned accounts. */
define('BANNED', -1);
/** Level for Guest users (users who are not logged in). */
define('GUEST', 0);
/** Level for regular user accounts. */
define('USER', 1);
/** Level for moderator ("super user") accounts. */
define('MODERATOR', 2);
/** Level for Admin users. */
define('ADMIN', 3);
/**
* Minimum user level allowed to upload files.
* Use the ADMIN, MODERATOR, USER, GUEST constants.
* GUEST will allow non-logged-in users to upload.
*/
define('LEVEL_TO_UPLOAD', USER);
/** The version of AutoIndex PHP Script (the whole release, not based on individual files). */
define('VERSION', '2.2.3');
/**
* This must be set to true for other included files to run. Setting it to
* false could be used to temporarily disable the script.
*/
define('IN_AUTOINDEX', true);
if (@get_magic_quotes_gpc())
//remove any slashes added by the "magic quotes" setting
{
$_GET = array_map('stripslashes', $_GET);
$_POST = array_map('stripslashes', $_POST);
}
@set_magic_quotes_runtime(0);
$_GET = array_change_key_case($_GET, CASE_LOWER);
$_POST = array_change_key_case($_POST, CASE_LOWER);
if (@ini_get('zlib.output_compression') == '1')
//compensate for compressed output set in php.ini
{
header('Content-Encoding: gzip');
}
/*
* Uncomment the following code to turn on strict XHTML 1.1 compliance in
* users' browsers. If you do this, make sure any changes you make to the
* template do not break XHTML 1.1 compliance.
*/
/*if (isset($_SERVER['HTTP_ACCEPT']) && preg_match('#application/(xhtml\+xml|\*)#i', $_SERVER['HTTP_ACCEPT']))
{
header('Content-Type: application/xhtml+xml');
}*/
session_name('AutoIndex2');
session_start();
/**
* Formats $text within valid XHTML 1.1 tags and doctype.
*
* @param string $text
* @param string $title
* @return string
*/
function simple_display($text, $title = 'Error on Page')
{
return '
' . $title . '
For an alternate route to Journal of Emerging finance market.There are affordable cars, and then there are cars that offer thrilling performance. Rarely do the two ever converge, but Japanese automake mazada.new impreza 2008 Impreza Photos | Subaru News, Articles, Road Tests, Test Drives, Comparisons, Concepts.manhattan beach toyota Los Angeles Toyota Dealer, is a New & Pre-Owned Toyota dealership, with OEM Toyota parts and professional Toyota service.fashions like you need it: make fashion trends work for you, get fashion on a budget, dress for your body and look great for special occasions.How to treat a fragile man without health insurance man.gadget store buy drinking games, gadgets & boys toys. Shop online for fun gifts, presents, gizmos and games.Review and road test of the Ford mondeo.Discover new cars from hyndai.Find new kia.suzuki vehicles on our Car Finder Buy and Sell New Used Cars Philippines 2009 site.Your Suzuki Motorcycle Info Source: Suzuki Motorcycles Used Dual Purpose Motorcycles For Sale · View 2008 Suzuki Models 2008 suzuki.auto manufacturer site with information on the Sedona, Sorento, Sportage, Optima, Spectra and Rio vehicles www kia.Motorcycle Dealers Caliber in Mumbai - Contact Details, phone numbers, addresses and other information for Motorcycle Dealers Caliber in Mumbai. dealerships caliber.Electronics and gadgets are two words that fit very well together. The electronic gadget.2001 excursion highlights from Consumer Guide Automotive. Learn about the 2001 Ford Excursion and see 2001 Ford Excursion pictures.ford Motor Company maker of cars, trucks, SUVs and other vehicles. View our vehicle showroom, get genuine Ford parts and accessories, find dealers.The soul of Formula M: reloaded. Combining motorsport capabilities with everyday driving. The bmw coupe.Vintage and Classic Car Club of India vintage car.Welcome - Feel Good Natural health stores.Welcome to mazdas global website.Locate the nearest Chevrolet Car chevy dealerof a letter
Daily crossword puzzle web gadget.MOM website containing information pertaining to labour Mom.Autos - Find used bmw 325.Offers new and used jdm.Now in its third generation, themx5.Gadizmo is your news source for the latest gadgets gizmos.The Best Web Monitor for Logging mom.Welcome to the all new and improved car dealers.All rights are reserved by new suzuki.Web gadgets and applications from Smart web gadgets.The Official site for all new 2009 chevy trucks.Thousands of new and used motorcycles.Topics Related to stages of pregnancy.Honda recalls 200000 quads.Information on fitness man s health.In the United States, an antique cars.Jeep classifieds including Jeep parts used jeeps for sale.The Ford 2001 thunderbird.Click on any new bmw.A discussion forum dedicated to all generations of the Honda prelude.Welcome to Airport travel agency.The official bmw.In the mid-1990s the mercurys.Search a large range of new & used bikes.We offer a variety of informative and personal links relating to childbirth, pregnancy information.Find cheap airline travel tickets.Chrysler introduced the Dodge caravan.Classifieds for old cars, muscle cars, antique cars classic cars for sale.The Mazda mx6.The CJ-5 was influenced by new corporate owne cj5.Honda VTX custom chopper parts vtx.Description of the 2002 thunderbird.The 2006 BMW 3-Series will be offered as the 2006 bmw 325i.Find new Nissan cars and 2009 2010 nissan cars.Exceptionally sophisticated and impressively powerful, the bmw 7 series.Even in markets where the car is sold as a hyundai tuscani.Nissan Maxima Enthusiasts Site nissan maxima.Intelligent Spy Electronic gadget storehugh jackman naked
';
}
/**
* This function is automatically called by PHP when an undefined class is
* called.
*
* A file with the classname followed by .php is included to load the class.
* The class should start with an upper-case letter with each new word also in
* upper-case. The filename must match the class name (including case).
*
* @param string $class The name of the undefined class
*/
function __autoload($class)
{
if ($class != 'self')
{
$file = PATH_TO_CLASSES . $class . '.php';
/** Try to load the class file. */
if (!@include_once($file))
{
die(simple_display('Error including file '
. htmlentities($file) . ' - cannot load class.'));
}
}
}
/**
* This is used to report a fatal error that we cannot display with the Display
* class. All Exceptions used in AutoIndex should inherit from this class.
*
* @package AutoIndex
*/
class ExceptionFatal extends Exception {}
try
{
//now we need to include either the stored settings, or the config generator:
if (@is_file(CONFIG_STORED))
{
if (!@is_readable(CONFIG_STORED))
{
throw new ExceptionFatal('Make sure PHP has permission to read the file '
. Url::html_output(CONFIG_STORED) . '');
}
$config = new ConfigData(CONFIG_STORED);
}
else if (@is_file(CONFIG_GENERATOR))
{
/** Include the config generator so a new config file can be created. */
if (!@include_once(CONFIG_GENERATOR))
{
throw new ExceptionFatal('Error including file '
. Url::html_output(CONFIG_GENERATOR) . '');
}
die();
}
else
{
throw new ExceptionFatal('Neither '
. Url::html_output(CONFIG_GENERATOR) . ' nor '
. Url::html_output(CONFIG_STORED) . ' could be found.');
}
//find and store the user's IP address and hostname:
$ip = (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'N/A');
if (isset($_SESSION['host']))
{
$host = $_SESSION['host'];
}
else
{
$_SESSION['host'] = $host = @gethostbyaddr($ip);
}
//Create a language object:
$words = new Language();
//Create a logging object:
$log = new Logging($config -> __get('log_file'));
foreach ($config as $key => $item)
/* Go through each config setting, and set a constant with each setting's
* name to either true or false depending on if the config setting is
* enabled.
*/
{
$key = strtoupper($key);
if (defined($key))
{
throw new ExceptionFatal(Url::html_output($key)
. ' is already defined in ' . basename(Url::html_output($_SERVER['PHP_SELF']))
. ', and should not be in the config file.');
}
define($key, ($item != 'false' && $item != '0'));
}
//make sure all required settings are set in the config file
foreach (array('base_dir', 'icon_path', 'language', 'template',
'log_file', 'description_file', 'user_list', 'download_count',
'hidden_files', 'banned_list', 'show_dir_size', 'use_login_system',
'force_download', 'search_enabled', 'anti_leech', 'entries_per_page',
'must_login_to_download', 'archive', 'days_new', 'thumbnail_height',
'bandwidth_limit', 'md5_show', 'parse_htaccess') as $set)
{
if (!defined(strtoupper($set)))
{
throw new ExceptionFatal('Required setting ' . $set
. ' is not set in ' . Url::html_output(CONFIG_STORED)
. '');
}
}
/* From this point on, we can throw ExceptionDisplay rather than
* Exception since all the configuration is done.
*/
$b_list = $only_these_ips = $banned_ips = array();
if (BANNED_LIST && @is_file($config -> __get('banned_list')))
//make sure the user is not banned
{
$b_list = @file($config -> __get('banned_list'));
if ($b_list === false)
{
throw new ExceptionDisplay('Error reading from banned_list file.');
}
for ($i = 0; $i < count($b_list); $i++)
{
$b_list[$i] = rtrim($b_list[$i], "\r\n");
if (ConfigData::line_is_comment($b_list[$i]))
{
continue;
}
if ($b_list[$i]{0} === ':')
{
$only_these_ips[] = substr($b_list[$i], 1);
}
else
{
$banned_ips[] = $b_list[$i];
}
}
if (count($only_these_ips) > 0)
{
if (!(DirectoryList::match_in_array($ip, $only_these_ips) ||
DirectoryList::match_in_array($host, $only_these_ips)))
{
throw new ExceptionDisplay($words -> __get('the administrator has blocked your ip address or hostname') . '.');
}
}
else if (DirectoryList::match_in_array($ip, $banned_ips) ||
DirectoryList::match_in_array($host, $banned_ips))
{
throw new ExceptionDisplay($words -> __get('the administrator has blocked your ip address or hostname') . '.');
}
}
$show_only_these_files = $hidden_files = array();
if (HIDDEN_FILES && @is_file($config -> __get('hidden_files')))
//store the hidden file list in $hidden_list
{
$hidden_list = @file($config -> __get('hidden_files'));
if ($hidden_list === false)
{
throw new ExceptionDisplay('Error reading from "hidden_files" file.');
}
for ($i = 0; $i < count($hidden_list); $i++)
{
$hidden_list[$i] = rtrim($hidden_list[$i], "\r\n");
if (ConfigData::line_is_comment($hidden_list[$i]))
{
continue;
}
if ($hidden_list[$i]{0} === ':')
{
$show_only_these_files[] = substr($hidden_list[$i], 1);
}
else
{
$hidden_files[] = $hidden_list[$i];
}
}
}
//size of the "chunks" that are read at a time from the file (when $force_download is on)
$speed = (BANDWIDTH_LIMIT ? $config -> __get('bandwidth_limit') : 8);
if (DOWNLOAD_COUNT)
{
if (!@is_file($config -> __get('download_count')))
{
$h = @fopen($config -> __get('download_count'), 'wb');
if ($h === false)
{
throw new ExceptionDisplay('Could not open download count file for writing.'
. ' Make sure PHP has write permission to this file.');
}
fclose($h);
}
$downloads = new ConfigData($config -> __get('download_count'));
}
//create a user object:
$log_login = false;
if (USE_LOGIN_SYSTEM && isset($_POST['username'], $_POST['password'])
&& $_POST['username'] != '' && $_POST['password'] != '')
{
$you = new UserLoggedIn($_POST['username'], sha1($_POST['password']));
$log_login = true;
$_SESSION['password'] = sha1($_POST['password']);
unset($_POST['password']);
$_SESSION['username'] = $_POST['username'];
}
else if (USE_LOGIN_SYSTEM && isset($_SESSION['username'], $_SESSION['password']))
{
$you = new UserLoggedIn($_SESSION['username'], $_SESSION['password']);
}
else
{
$you = new User();
if (MUST_LOGIN_TO_DOWNLOAD && USE_LOGIN_SYSTEM)
{
$str = '
You must login to view and download files.
'
. '
'
. '
'
. $you -> login_box() . '
';
echo new Display($str);
die();
}
}
//set the logged in user's home directory:
$dir = Item::make_sure_slash((($you -> home_dir == '') ? $config -> __get('base_dir') : $you -> home_dir));
$config -> set('base_dir', $dir);
$subdir = '';
if (isset($_GET['dir']))
{
$dir .= Url::clean_input($_GET['dir']);
$dir = Item::make_sure_slash($dir);
if (!@is_dir($dir))
{
header('HTTP/1.0 404 Not Found');
$_GET['dir'] = ''; //so the "continue" link will work
throw new ExceptionDisplay('The directory '
. Url::html_output($dir) . ' does not exist.');
}
$subdir = substr($dir, strlen($config -> __get('base_dir')));
if (isset($_GET['file']) && ($file = $_GET['file']))
{
while (preg_match('#\\\\|/$#', $file))
//remove all slashes from the end of the name
{
$file = substr($file, 0, -1);
}
$file = Url::clean_input($file);
if (!@is_file($dir . $file))
{
header('HTTP/1.0 404 Not Found');
throw new ExceptionDisplay('The file '
. Url::html_output($file) . ' does not exist.');
}
if (ANTI_LEECH && !isset($_SESSION['ref']) && (!isset($_SERVER['HTTP_REFERER'])
|| stripos($_SERVER['HTTP_REFERER'], $_SERVER['SERVER_NAME']) === false))
{
$log -> add_entry('Leech Attempt');
$self = $_SERVER['SERVER_NAME'] . Url::html_output($_SERVER['PHP_SELF'])
. '?dir=' . Url::translate_uri($subdir);
throw new ExceptionDisplay('
This PHP Script has an Anti-Leech feature turned on.
