mirror of
https://github.com/misterunknown/ifm.git
synced 2025-08-11 10:34:00 +02:00
added root_dir option, fixed some things around that topic
This commit is contained in:
Marco Dickert
82
ifm.php
82
ifm.php
@@ -34,14 +34,40 @@ class IFMConfig {
|
|||||||
const showfilesize = 1; // show filesize?
|
const showfilesize = 1; // show filesize?
|
||||||
const showowner = 1; // show file owner?
|
const showowner = 1; // show file owner?
|
||||||
const showgroup = 1; // show file group?
|
const showgroup = 1; // show file group?
|
||||||
const showpath = 0; // show real path of directory (not only root)?
|
|
||||||
const showpermissions = 2; // show permissions 0 -> not; 1 -> octal, 2 -> human readable
|
const showpermissions = 2; // show permissions 0 -> not; 1 -> octal, 2 -> human readable
|
||||||
const showhtdocs = 1; // show .htaccess and .htpasswd
|
const showhtdocs = 1; // show .htaccess and .htpasswd
|
||||||
const showhiddenfiles = 1; // show files beginning with a dot (e.g. ".bashrc")
|
const showhiddenfiles = 1; // show files beginning with a dot (e.g. ".bashrc")
|
||||||
|
const showpath = 0; // show absolute path
|
||||||
|
|
||||||
// general config
|
/*
|
||||||
|
authentication
|
||||||
|
|
||||||
|
This provides a super simple authentication functionality. At the moment only one user can be
|
||||||
|
configured. The credential information can be either set inline or read from a file. The
|
||||||
|
password has to be a hash generated by PHPs password_hash function. The default credentials are
|
||||||
|
admin:admin.
|
||||||
|
|
||||||
|
If you specify a file it should only contain one line, with the credentials in the following
|
||||||
|
format:
|
||||||
|
<username>:<passwordhash>
|
||||||
|
|
||||||
|
examples:
|
||||||
|
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
|
||||||
|
const auth_source = 'file;/path/to/file';
|
||||||
|
*/
|
||||||
const auth = 0;
|
const auth = 0;
|
||||||
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
|
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
|
||||||
|
|
||||||
|
/*
|
||||||
|
root_dir - set a custom root directory instead of the script location
|
||||||
|
|
||||||
|
This option is highly experimental and should only be set if you definitely know what you do.
|
||||||
|
Settings this option may cause black holes or other unwanted things. Use with special care.
|
||||||
|
|
||||||
|
default setting:
|
||||||
|
const root_dir = "";
|
||||||
|
*/
|
||||||
|
const root_dir = "";
|
||||||
const defaulttimezone = "Europe/Berlin"; // set default timezone
|
const defaulttimezone = "Europe/Berlin"; // set default timezone
|
||||||
|
|
||||||
// development tools
|
// development tools
|
||||||
@@ -350,7 +376,7 @@ div.footer div.panel-body { padding: 5px !important; }
|
|||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<span class="input-group-addon" id="currentDirLabel">Content of <span id="docroot">';
|
<span class="input-group-addon" id="currentDirLabel">Content of <span id="docroot">';
|
||||||
if( IFMConfig::showpath == 1 ) print $this->getScriptRoot().'/'; else print '/';
|
print ( IFMConfig::showpath == 1 ) ? realpath( IFMConfig::root_dir ) : "/";
|
||||||
print '</span></span><input class="form-control" id="currentDir" aria-describedby="currentDirLabel" type="text">
|
print '</span></span><input class="form-control" id="currentDir" aria-describedby="currentDirLabel" type="text">
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
@@ -1287,9 +1313,9 @@ ifm.init();
|
|||||||
private function handleRequest() {
|
private function handleRequest() {
|
||||||
if($_REQUEST["api"] == "getRealpath") {
|
if($_REQUEST["api"] == "getRealpath") {
|
||||||
if( isset( $_REQUEST["dir"] ) && $_REQUEST["dir"] != "" )
|
if( isset( $_REQUEST["dir"] ) && $_REQUEST["dir"] != "" )
|
||||||
$this->getRealpath( $_REQUEST["dir"] );
|
echo json_encode( array( "realpath" => $this->getValidDir( $_REQUEST["dir"] ) ) );
|
||||||
else
|
else
|
||||||
echo json_encode(array("realpath"=>""));
|
echo json_encode( array( "realpath" => "" ) );
|
||||||
}
|
}
|
||||||
elseif( $_REQUEST["api"] == "getFiles" ) {
|
elseif( $_REQUEST["api"] == "getFiles" ) {
|
||||||
if( isset( $_REQUEST["dir"] ) && $this->isPathValid( $_REQUEST["dir"] ) )
|
if( isset( $_REQUEST["dir"] ) && $this->isPathValid( $_REQUEST["dir"] ) )
|
||||||
@@ -1321,6 +1347,11 @@ ifm.init();
|
|||||||
|
|
||||||
public function run() {
|
public function run() {
|
||||||
if ( $this->checkAuth() ) {
|
if ( $this->checkAuth() ) {
|
||||||
|
// go to our root_dir
|
||||||
|
if( ! is_dir( realpath( IFMConfig::root_dir ) ) || ! is_readable( realpath( IFMConfig::root_dir ) ) )
|
||||||
|
die( "Cannot access root_dir.");
|
||||||
|
else
|
||||||
|
chdir( IFMConfig::root_dir );
|
||||||
if ( ! isset($_REQUEST['api']) ) {
|
if ( ! isset($_REQUEST['api']) ) {
|
||||||
$this->getApplication();
|
$this->getApplication();
|
||||||
} else {
|
} else {
|
||||||
@@ -1831,14 +1862,6 @@ ifm.init();
|
|||||||
</html>';
|
</html>';
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getValidDir($dir) {
|
|
||||||
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
|
||||||
return "";
|
|
||||||
} else {
|
|
||||||
return $dir;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private function filePermsDecode( $perms ) {
|
private function filePermsDecode( $perms ) {
|
||||||
$oct = str_split( strrev( decoct( $perms ) ), 1 );
|
$oct = str_split( strrev( decoct( $perms ) ), 1 );
|
||||||
$masks = array( '---', '--x', '-w-', '-wx', 'r--', 'r-x', 'rw-', 'rwx' );
|
$masks = array( '---', '--x', '-w-', '-wx', 'r--', 'r-x', 'rw-', 'rwx' );
|
||||||
@@ -1851,12 +1874,32 @@ ifm.init();
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function isPathValid($p) {
|
private function getValidDir( $dir ) {
|
||||||
if( $p == "" ) {
|
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
||||||
|
return "";
|
||||||
|
} else {
|
||||||
|
$rpDir = realpath( $dir );
|
||||||
|
$rpConfig = realpath( IFMConfig::root_dir );
|
||||||
|
if( $rpConfig == "/" )
|
||||||
|
return $rpDir;
|
||||||
|
elseif( $rpDir == $rpConfig )
|
||||||
|
return "";
|
||||||
|
else
|
||||||
|
return substr( $rpDir, strlen( $rpConfig ) + 1 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private function isPathValid( $dir ) {
|
||||||
|
$rpDir = realpath( $dir );
|
||||||
|
$rpConfig = realpath( IFMConfig::root_dir );
|
||||||
|
if( ! is_string( $rpDir ) || ! is_string( $rpConfig ) ) // can happen if open_basedir is in effect
|
||||||
|
return false;
|
||||||
|
elseif( $rpDir == $rpConfig )
|
||||||
return true;
|
return true;
|
||||||
} elseif( str_replace( "\\", "/", $this->getScriptRoot() ) == str_replace( "\\", "/", substr( realpath( dirname( $p ) ), 0, strlen( $this->getScriptRoot() ) ) ) ) {
|
elseif( 0 === strpos( $rpDir, $rpConfig ) ) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
else
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1885,13 +1928,6 @@ ifm.init();
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getRealpath($dir) {
|
|
||||||
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
|
||||||
echo json_encode( array( "realpath" => "" ) );
|
|
||||||
} else {
|
|
||||||
echo json_encode( array( "realpath" => $dir ) );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
private function rec_rmdir( $path ) {
|
private function rec_rmdir( $path ) {
|
||||||
if( !is_dir( $path ) ) {
|
if( !is_dir( $path ) ) {
|
||||||
return -1;
|
return -1;
|
||||||
|
|||||||
@@ -34,14 +34,40 @@ class IFMConfig {
|
|||||||
const showfilesize = 1; // show filesize?
|
const showfilesize = 1; // show filesize?
|
||||||
const showowner = 1; // show file owner?
|
const showowner = 1; // show file owner?
|
||||||
const showgroup = 1; // show file group?
|
const showgroup = 1; // show file group?
|
||||||
const showpath = 0; // show real path of directory (not only root)?
|
|
||||||
const showpermissions = 2; // show permissions 0 -> not; 1 -> octal, 2 -> human readable
|
const showpermissions = 2; // show permissions 0 -> not; 1 -> octal, 2 -> human readable
|
||||||
const showhtdocs = 1; // show .htaccess and .htpasswd
|
const showhtdocs = 1; // show .htaccess and .htpasswd
|
||||||
const showhiddenfiles = 1; // show files beginning with a dot (e.g. ".bashrc")
|
const showhiddenfiles = 1; // show files beginning with a dot (e.g. ".bashrc")
|
||||||
|
const showpath = 0; // show absolute path
|
||||||
|
|
||||||
// general config
|
/*
|
||||||
|
authentication
|
||||||
|
|
||||||
|
This provides a super simple authentication functionality. At the moment only one user can be
|
||||||
|
configured. The credential information can be either set inline or read from a file. The
|
||||||
|
password has to be a hash generated by PHPs password_hash function. The default credentials are
|
||||||
|
admin:admin.
|
||||||
|
|
||||||
|
If you specify a file it should only contain one line, with the credentials in the following
|
||||||
|
format:
|
||||||
|
<username>:<passwordhash>
|
||||||
|
|
||||||
|
examples:
|
||||||
|
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
|
||||||
|
const auth_source = 'file;/path/to/file';
|
||||||
|
*/
|
||||||
const auth = 0;
|
const auth = 0;
|
||||||
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
|
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
|
||||||
|
|
||||||
|
/*
|
||||||
|
root_dir - set a custom root directory instead of the script location
|
||||||
|
|
||||||
|
This option is highly experimental and should only be set if you definitely know what you do.
|
||||||
|
Settings this option may cause black holes or other unwanted things. Use with special care.
|
||||||
|
|
||||||
|
default setting:
|
||||||
|
const root_dir = "";
|
||||||
|
*/
|
||||||
|
const root_dir = "";
|
||||||
const defaulttimezone = "Europe/Berlin"; // set default timezone
|
const defaulttimezone = "Europe/Berlin"; // set default timezone
|
||||||
|
|
||||||
// development tools
|
// development tools
|
||||||
|
|||||||
52
src/main.php
52
src/main.php
@@ -54,7 +54,7 @@ class IFM {
|
|||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<span class="input-group-addon" id="currentDirLabel">Content of <span id="docroot">';
|
<span class="input-group-addon" id="currentDirLabel">Content of <span id="docroot">';
|
||||||
if( IFMConfig::showpath == 1 ) print $this->getScriptRoot().'/'; else print '/';
|
print ( IFMConfig::showpath == 1 ) ? realpath( IFMConfig::root_dir ) : "/";
|
||||||
print '</span></span><input class="form-control" id="currentDir" aria-describedby="currentDirLabel" type="text">
|
print '</span></span><input class="form-control" id="currentDir" aria-describedby="currentDirLabel" type="text">
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
@@ -126,9 +126,9 @@ class IFM {
|
|||||||
private function handleRequest() {
|
private function handleRequest() {
|
||||||
if($_REQUEST["api"] == "getRealpath") {
|
if($_REQUEST["api"] == "getRealpath") {
|
||||||
if( isset( $_REQUEST["dir"] ) && $_REQUEST["dir"] != "" )
|
if( isset( $_REQUEST["dir"] ) && $_REQUEST["dir"] != "" )
|
||||||
$this->getRealpath( $_REQUEST["dir"] );
|
echo json_encode( array( "realpath" => $this->getValidDir( $_REQUEST["dir"] ) ) );
|
||||||
else
|
else
|
||||||
echo json_encode(array("realpath"=>""));
|
echo json_encode( array( "realpath" => "" ) );
|
||||||
}
|
}
|
||||||
elseif( $_REQUEST["api"] == "getFiles" ) {
|
elseif( $_REQUEST["api"] == "getFiles" ) {
|
||||||
if( isset( $_REQUEST["dir"] ) && $this->isPathValid( $_REQUEST["dir"] ) )
|
if( isset( $_REQUEST["dir"] ) && $this->isPathValid( $_REQUEST["dir"] ) )
|
||||||
@@ -160,6 +160,11 @@ class IFM {
|
|||||||
|
|
||||||
public function run() {
|
public function run() {
|
||||||
if ( $this->checkAuth() ) {
|
if ( $this->checkAuth() ) {
|
||||||
|
// go to our root_dir
|
||||||
|
if( ! is_dir( realpath( IFMConfig::root_dir ) ) || ! is_readable( realpath( IFMConfig::root_dir ) ) )
|
||||||
|
die( "Cannot access root_dir.");
|
||||||
|
else
|
||||||
|
chdir( IFMConfig::root_dir );
|
||||||
if ( ! isset($_REQUEST['api']) ) {
|
if ( ! isset($_REQUEST['api']) ) {
|
||||||
$this->getApplication();
|
$this->getApplication();
|
||||||
} else {
|
} else {
|
||||||
@@ -670,14 +675,6 @@ class IFM {
|
|||||||
</html>';
|
</html>';
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getValidDir($dir) {
|
|
||||||
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
|
||||||
return "";
|
|
||||||
} else {
|
|
||||||
return $dir;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private function filePermsDecode( $perms ) {
|
private function filePermsDecode( $perms ) {
|
||||||
$oct = str_split( strrev( decoct( $perms ) ), 1 );
|
$oct = str_split( strrev( decoct( $perms ) ), 1 );
|
||||||
$masks = array( '---', '--x', '-w-', '-wx', 'r--', 'r-x', 'rw-', 'rwx' );
|
$masks = array( '---', '--x', '-w-', '-wx', 'r--', 'r-x', 'rw-', 'rwx' );
|
||||||
@@ -690,12 +687,32 @@ class IFM {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function isPathValid($p) {
|
private function getValidDir( $dir ) {
|
||||||
if( $p == "" ) {
|
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
||||||
|
return "";
|
||||||
|
} else {
|
||||||
|
$rpDir = realpath( $dir );
|
||||||
|
$rpConfig = realpath( IFMConfig::root_dir );
|
||||||
|
if( $rpConfig == "/" )
|
||||||
|
return $rpDir;
|
||||||
|
elseif( $rpDir == $rpConfig )
|
||||||
|
return "";
|
||||||
|
else
|
||||||
|
return substr( $rpDir, strlen( $rpConfig ) + 1 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private function isPathValid( $dir ) {
|
||||||
|
$rpDir = realpath( $dir );
|
||||||
|
$rpConfig = realpath( IFMConfig::root_dir );
|
||||||
|
if( ! is_string( $rpDir ) || ! is_string( $rpConfig ) ) // can happen if open_basedir is in effect
|
||||||
|
return false;
|
||||||
|
elseif( $rpDir == $rpConfig )
|
||||||
return true;
|
return true;
|
||||||
} elseif( str_replace( "\\", "/", $this->getScriptRoot() ) == str_replace( "\\", "/", substr( realpath( dirname( $p ) ), 0, strlen( $this->getScriptRoot() ) ) ) ) {
|
elseif( 0 === strpos( $rpDir, $rpConfig ) ) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
else
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -724,13 +741,6 @@ class IFM {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getRealpath($dir) {
|
|
||||||
if( ! $this->isPathValid( $dir ) || ! is_dir( $dir ) ) {
|
|
||||||
echo json_encode( array( "realpath" => "" ) );
|
|
||||||
} else {
|
|
||||||
echo json_encode( array( "realpath" => $dir ) );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
private function rec_rmdir( $path ) {
|
private function rec_rmdir( $path ) {
|
||||||
if( !is_dir( $path ) ) {
|
if( !is_dir( $path ) ) {
|
||||||
return -1;
|
return -1;
|
||||||
|
|||||||
Reference in New Issue
Block a user