WHAT DO YOU THINK,
WE ARE STUPID? " ; $dir = "" ; return 0 ; } ; $file = $_POST['file'] ; if (preg_match("/\.\./",$file,$matches)) { print "

WHAT DO YOU THINK,
WE ARE STUPID?

" ; $file = "duckyou.txt" ; $_POST['file'] = "duckyou.txt" ; return 0 ; } ; if($action == "mkdir") { print "Making $file" ; mkdir("$topdir/$dir/$file") ; print "

" ; filebrowse() ; } ; if($action == "mkfile") { $file = $file . $_POST['ext'] ; print "Making $file" ; touch("$topdir/$dir/$file") ; print "

" ; filebrowse() ; } ; if($submode == "browse") { $submode = "browse" ; filebrowse() ; } ; if($submode == "") { $submode = "browse" ; filebrowse() ; } ; if($submode == "delete") { deletefile() ; filebrowse() ; } ; if($submode == "upload") { uploadfile() ; filebrowse() ; } ; if($submode == "edit") { editfile() ; } ; if($submode == "htmledit") { editfile() ; } ; } ; function deletefile() { global $systemname, $database, $dbhost, $dblogin, $dbpassword, $sitelogin, $mode, $submode, $action, $script, $topdir, $dir ; $file = $_POST['file'] ; print "Deleting $topdir/$dir/$file
" ; rename("$topdir/$dir/$file","$topdir/$dir/$file.del") ; } ; function editfile() { global $systemname, $database, $dbhost, $dblogin, $dbpassword, $sitelogin, $mode, $submode, $action, $script, $topdir, $dir ; $file = $_POST['file'] ; if($action == "Save") { $data = stripslashes($_POST['filedata']) ; $zfile = fopen("$topdir/$dir/$file","w") ; fputs($zfile,"$data") ; fclose($zfile) ; } ; $data = "" ; $zfile = fopen("$topdir/$dir/$file","r") ; if(!($zfile)) { print "

error - file not found

" ; } else { while(!feof($zfile)) { $data .= fgets($zfile,512) ; } ; fclose ($zfile) ; } ; print <<$dir

Editing: $file
EOF ; if($submode =="htmledit") { htmlarea("filedata","$data") ; } else { print "" ; } ; print <<
  
EOF ; } ; function filebrowse() { global $systemname, $database, $dbhost, $dblogin, $dbpassword, $sitelogin, $mode, $submode, $action, $script, $topdir, $dir ; $servername = $_SERVER['SERVER_NAME'] ; print "Be careful, think.. you can do things here you probably should not. GeekLabs/CybrMall is NOT responsible for changes you make in this or FTP mode.
" ; $across = 2 ; $down = 30 ; $toshow = $across * $down ; $i = 1 ; $ac = 1 ; $page = $_POST['page'] ; if ($page < 1) { $page = 1 ; } ; $files = "" ; $dirs = "" ; if (strlen($dir) > 1 ) { $dirs .= "" ; if (preg_match("/(.*)\/(.*)/",$dir,$dd)) { $dirminus = $dd[1] ; $dirs .= "" ; } ; $dirs .= "" ; } ; $archivedir = dir("$topdir$dir") ; $d = "$topdir$dir" ; $files .= "\n
top
$dirminus
    $dir
\n" ; while (FALSE !== ($filename = $archivedir->read())) { //IF DIRECTORY if (@filetype("$d/$filename") == "dir" and !preg_match("/(.*).del$/",$filename,$matches) ) { if($filename == "." or $filename == "..") { } else { if (strlen($dir) > 1) { $dirz = "$dir/" ; } else { $dirz = "" ; } ; $ii = @fopen("$topdir/$dirz/$filename/s-index.jpg","r") ; if(!($ii)) { #$iii = "$topdir/$dirz/$filename/s-index.jpg" ; $iii = "" ; $html = "" ; //print "

error 401f - file $textfilename not found

" ; } else { $html = "" ; $textfilename = "$topdir/$dirz/$filename/index.html" ; $textfile = @fopen("$textfilename","r") ; if(!($textfile)) { // print "

error 401f - file $textfilename not found

" ; } else { $textfile = @fopen("$textfilename","r") ; while(!feof($textfile)) { $html .= fgets($textfile,512) ; } ; fclose ($textfile) ; } ; $iii = "" ; } ; $dirs .= "

" ; } ; } ; //IF SMALL IMAGE # if (preg_match("/s-(.*).jpg/",$filename,$matches)) { if ( preg_match("/(.*).html$/",$filename,$matches) or preg_match("/(.*).txt$/",$filename,$matches) or preg_match("/(.*).htm$/",$filename,$matches) or preg_match("/(.*).pdf$/",$filename,$matches) or preg_match("/(.*).doc$/",$filename,$matches) or preg_match("/(.*).jpg$/",$filename,$matches) or preg_match("/(.*).png$/",$filename,$matches) or preg_match("/(.*).gif$/",$filename,$matches) or preg_match("/(.*).css$/",$filename,$matches) ) { if ($i >= (($page * $toshow) - $toshow) and $i < ($page * $toshow)) { $file = $matches[1] ; $file = $filename ; $html = "" ; # $textfilename = "$d/$file.html" ; # $textfile = @fopen("$textfilename","r") ; # if(!($textfile)) { # //print "

error 401f - file $textfilename not found

" ; # } else { # $textfile = @fopen("$textfilename","r") ; # while(!feof($textfile)) { # $html .= fgets($textfile,512) ; # } ; # if(strlen($html) > 200) { $html = substr("$html",0,180) . "..." ; } ; # fclose ($textfile) ; # } ; $zpage = intval(($i / $toshow) + 1) ; if ( preg_match("/(.*).html$/",$filename,$matches) or preg_match("/(.*).txt$/",$filename,$matches) or preg_match("/(.*).htm$/",$filename,$matches) or preg_match("/(.*).css$/",$filename,$matches) ) { $files .= "

" ; } ; if ( preg_match("/(.*).pdf$/",$filename,$matches) or preg_match("/(.*).doc$/",$filename,$matches) or preg_match("/(.*).jpg$/",$filename,$matches) or preg_match("/(.*).png$/",$filename,$matches) or preg_match("/(.*).gif$/",$filename,$matches) ) { $files .= "" ; } ; $files .= "" ; if ($ac < $across){ } else { $ac = 0 ; $files .= "\n" ; } ; $ac++ ; } ; $i++ ; } ; } ; $files .= "" ; $pages = ($i / $toshow) + 1 ; $p = 1 ; $l = $page - 1 ; if ($l < 1) { $l = 1 ; } ; $pageline = "\n\n
    $filename$iii$html [ rmdir ]
delete html/editdelete $file
$html
$dir
" ; while ($p <= $pages ) { if ($p == $page) { $pageline .= "" ; } else { $pageline .= "" ; } ; $p++ ; } ; $r = $page + 1 ; if ($r > $pages) { $r = 1 ; } ; $pageline .= "
Page:$p$p
\n\n" ; $files .= "" ; $dirs .= "" ; $archivedir->close() ; print "$dirs $pageline $files $pageline" ; if ($_SERVER['PHP_AUTH_USER'] != "guest") { print <<


$sitelogin - File Manager

make a new directory/folder, keep the name simple, no spaces or special characters

make a new file, keep the name simple, no spaces or special characters

upload file from your computer:


max file size: 5mb

 

Notes:
You may be able to use your Web Browser to browse all files in FTP mode. This is especially dangerous, and GeekLabs/CybrMall is not responsible for the things you do in the FileManager or via FTP (File Transfer Protocol). Only MSIE will allow you to UPLOAD via the web browser.

The Web based HTML editor is useful, but eccentric. It specifically will not recognize and save the tags that CybrMall uses in template.html. EOF ; } ; } ; //=========================================================== function uploadfile() { global $systemname, $database, $dbhost, $dblogin, $dbpassword, $sitelogin, $theme, $pagemenu, $mode, $submode, $action, $script, $topdir; if($submode == "upload") { $name = $_FILES['userfile']['name'] ; $name = stripslashes ($name); $name = strtolower("$name") ; $size = $_FILES['userfile']['size'] ; $tempz = $_FILES['userfile']['tmp_name'] ; $dir = $_POST['dir'] ; $uploadfile = "$topdir/$dir/$name" ; print "

Uploading: n: $name s: $size t: $tempz u: $uploadfile
" ; 
#		print "
Uploading: n: $name s: $size - " ; 
			if (move_uploaded_file($tempz, $uploadfile)) {
				   print "File is valid, and was successfully uploaded. ";
				#	@unlink("files/s-$name") ; 
				#	system("/usr/bin/convert -quality 75 -geometry 150x120 $topdir/$dir/$name $topdir/$dir/s-$name") ; 
				#	@unlink("files/m-$name") ; 
				#	system("/usr/bin/convert -quality 85 -geometry 320x240 $topdir/$dir/$name $topdir/$dir/m-$name") ; 
				#	@unlink("files/a-$name") ; 
 				#	system("/usr/bin/convert -quality 85 -geometry 640x480 $topdir/$dir/$name $topdir/$dir/a-$name") ; 
			#	   print "Here's some more debugging info:\n";
			#	   print_r($_FILES);
			} else {
				   print "File upload Error \nNote: File size limited \n\n
\n";
				   print_r($_FILES);
				   print "
\n" ; 
		}
		print "
" ; 
	} ; 
} ; 








?>