defining page layout. Can be px, pt, em, or %. Assumes px otherwise. $WIDE_VIEW_WIDTH = '97%'; //Width to set Edit page if [Wide View] is clicked. Can be px, pt, em, or %. Assumes px otherwise. $WORD_WRAP = "on"; //"on" or (anything else) =="off". Word-wrap state on page load of edit page. Once on page, word-wrap can toggle on/off. $TAB_SIZE = 8; //Some browsers recognize a css tab-size. Some don't. If your's doesn't, LEAVE AT 8. (IE/Edge, as of mid-2016) $MAX_EDIT_SIZE = 200000; // Edit gets flaky with large files in some browsers. Trial and error your's. $MAX_VIEW_SIZE = 1000000; // If file > $MAX_EDIT_SIZE, don't even view in OneFileCMS. // The default max view size is completely arbitrary. Basically, it was 2am, and seemed like a good idea at the time. $MAX_IMG_W = 810; //Max width (in px) to display images. (main width is 810) $MAX_IMG_H = 1000; //Max height (in px). I don't know, it just looks reasonable. $UPLOAD_FIELDS = 10; //Number of upload fields on Upload File(s) page. Max value is ini_get('max_file_uploads'). $FAVICON = "favicon.ico"; //Path is relative to root of website. $EXCLUDED_FILES = ""; //csv list of filenames to exclude from directory listings- CaSe sEnsiTive! $EDIT_FILES = "svg,asp,cfg,conf,csv,css,dtd,htm,html,xhtml,htaccess,ini,js,log,markdown,md,php,pl,txt,text"; //Editable file types. $SHOW_FILES = "*"; // Shown types; only files of the given types should show up in the file-listing // Use $SHOW_FILES exactly like $EDIT_FILES: a list of extensions separated by commas. // If $SHOW_FILES is set to null - by intention or by error - only folders will be shown. // If $SHOW_FILES is set to the *-wildcard (the default), all files will show up. // If $SHOW_FILES is set to "html,htm" for example, only file with the extension "html" or "htm" will get listed. $SHOW_IMGS = "jpg,gif,png,bmp,ico"; //image types to display on edit page. //File types (extensions). _ftypes & _fclass must have the same number of values. bin is default. $FILE_TYPES = "bin,z,gz,7z,zip,jpg,gif,png,bmp,ico,svg,asp,cfg,conf,csv,css,dtd,htm,html,xhtml,htaccess,ini,js,log,markdown,md,php,pl,txt,text"; //Cooresponding file classes to _ftypes - used to determine icons for directory listing. $FILE_CLASSES = "bin,z,z ,z ,z ,img,img,img,img,img,svg,txt,txt,cfg ,txt,css,txt,htm,htm ,htm ,txt ,txt,txt,txt,txt ,txt,php,php,txt,txt"; $EX = '( ! ) '; //EXclaimation point "icon" Used in $MESSAGE's $PAGEUPDOWN = 10; //Number of rows to jump using Page Up/Page Down keys on directory listing. $SESSION_NAME = 'OFCMS'; //Name of session cookie. Change if using multiple copies of OneFileCMS concurrently. //Restrict access to a particular folder. Leave empty for access to entire website. // "some/path/" is relative to root of website (with no leading slash). //$ACCESS_ROOT = 'some/path/'; //URL of optional external style sheet. Used as an href in //If file is not found, or is incomplete, built-in defaults will be used. //$CSS_FILE = 'OneFileCMS.css'; //Notes for $LANGUAGE_FILE, $WYSIWYG_PLUGIN, and $CONFIG_FILE: // // Filename paths can be: // 1) Absolute to the filesystem: "/some/path/from/system/root/somefile.php" or // 2) Relative to root of website: "some/path/from/web/root/somefile.php" //Name of optional external language file. If file is not found, the built-in defaults will be used. //$LANGUAGE_FILE = "OneFileCMS.LANG.EN.php"; //Init file for optional external wysiwyg editor. //Sample init files are availble in the "extras\" folder of the OneFileCMS repo, but the actual editors are not. //$WYSIWYG_PLUGIN = 'plugins/plugin-tinymce_init.php'; //$WYSIWYG_PLUGIN = 'plugins/plugin-ckeditor_init.php'; //Name of optional external config file. Any settings it contains will supersede those above. //See the sample file in the OneFileCMS github repo for format example. //$CONFIG_FILE = 'OneFileCMS.config.SAMPLE.php'; //end CONFIGURABLE OPTIoNS ***************************************************** function System_Setup() {//***************************************************** global $_, $MAX_IDLE_TIME, $LOGIN_ATTEMPTS, $LOGIN_DELAYED, $MAIN_WIDTH, $WIDE_VIEW_WIDTH, $MAX_EDIT_SIZE, $MAX_VIEW_SIZE, $EXCLUDED_FILES, $EDIT_FILES, $SHOW_FILES, $SHOW_IMGS, $FILE_TYPES, $FILE_CLASSES, $SHOWALLFILES, $ETYPES, $STYPES, $ITYPES, $FTYPES, $FCLASSES, $EXCLUDED_LIST, $LANGUAGE_FILE, $ACCESS_ROOT, $ACCESS_ROOT_len, $WYSIWYG_PLUGIN, $WYSIWYG_VALID, $WYSIWYG_PLUGIN_OS, $INVALID_CHARS, $WHSPC_SLASH, $VALID_PAGES, $LOGIN_LOG_url, $LOGIN_LOG_file, $ONESCRIPT, $ONESCRIPT_file, $ONESCRIPT_backup, $ONESCRIPT_file_backup, $CONFIG_backup, $CONFIG_FILE, $CONFIG_FILE_backup, $VALID_CONFIG_FILE, $DOC_ROOT, $DOC_ROOT_OS, $WEB_ROOT, $WEBSITE, $PRE_ITERATIONS, $EX, $MESSAGE, $ENC_OS, $DELAY_Expired_Reload, $DELAY_Sort_and_Show_msgs, $DELAY_Start_Countdown, $DELAY_final_messages, $MIN_DIR_ITEMS; //Requires PHP 5.1 or newer, due to changes in explode() (and maybe others). define('PHP_VERSION_ID_REQUIRED',50100); //Ex: 5.1.23 is 50123 define('PHP_VERSION_REQUIRED' ,'5.1 + '); //Used in exit() message. //The predefined constant PHP_VERSION_ID has only been available since 5.2.7. //So, if needed, convert PHP_VERSION (a string) to PHP_VERSION_ID (an integer). //Ex: 5.1.23 converts to 50123. if (!defined('PHP_VERSION_ID')) { $phpversion = explode('.', PHP_VERSION); define('PHP_VERSION_ID', ($phpversion[0] * 10000 + $phpversion[1] * 100 + $phpversion[2])); } if( PHP_VERSION_ID < PHP_VERSION_ID_REQUIRED ) { exit( 'PHP '.PHP_VERSION.'
'.hsc($_['OFCMS_requires']).' '.PHP_VERSION_REQUIRED ); } mb_detect_order("UTF-8, ASCII, Windows-1252, ISO-8859-1"); //Get server's File System encoding. Windows NTFS uses ISO-8859-1 / Windows-1252. //Needed when working with non-ascii filenames. if (php_uname("s") == 'Windows NT') {$ENC_OS = 'Windows-1252';} else {$ENC_OS = 'UTF-8';} $DOC_ROOT = $_SERVER['DOCUMENT_ROOT'].'/'; //root folder of website. $DOC_ROOT_OS = Convert_encoding($DOC_ROOT); //Allow OneFileCMS.php to be started from any dir on the site. //This also effects the path in an include("path/somefile.php") chdir($DOC_ROOT); $INVALID_CHARS = '< > ? * : " | / \\'; //Illegal characters for file & folder names. Space deliminated. $WHSPC_SLASH = "\x00..\x20/"; //Whitespace & forward slash. For trimming file & folder name inputs. $WEB_ROOT = basename($DOC_ROOT).'/'; //Used only for screen output - Non-url use. $WEBSITE = $_SERVER['HTTP_HOST'].'/'; $ONESCRIPT = URLencode_path($_SERVER['SCRIPT_NAME']); //Used for URL's in HTML attributes $ONESCRIPT_file = $_SERVER['SCRIPT_FILENAME']; //Non-url file system use. $ONESCRIPT_backup = $ONESCRIPT.'-BACKUP.txt'; //used for p/w & u/n updates. $ONESCRIPT_file_backup = $ONESCRIPT_file.'-BACKUP.txt'; //used for p/w & u/n updates. $LOGIN_ATTEMPTS = $ONESCRIPT_file.'.invalid_login_attempts';//Non-url file system use. $LOGIN_LOG_url = $ONESCRIPT.'-LOGIN.log'; $LOGIN_LOG_file = $ONESCRIPT_file.'-LOGIN.log'; //If specified & found, include $CONFIG_FILE. $VALID_CONFIG_FILE = 0; if (isset($CONFIG_FILE)) { $CONFIG_FILE_OS = Convert_encoding($CONFIG_FILE); if (is_file($CONFIG_FILE_OS)) { $VALID_CONFIG_FILE = 1; include($CONFIG_FILE_OS); $CONFIG_backup = URLencode_path($CONFIG_FILE).'-BACKUP.txt'; //used for p/w & u/n updates. $CONFIG_FILE_backup = $CONFIG_FILE.'-BACKUP.txt'; //used for p/w & u/n updates. } else { $MESSAGE .= $EX.'$CONFIG_FILE '.hsc($_['Not_found']).': '.$CONFIG_FILE.'
'; $CONFIG_FILE = $CONFIG_FILE_OS = ''; } } //If specified, check for & load $LANGUAGE_FILE if (isset($LANGUAGE_FILE)) { $LANGUAGE_FILE_OS = Convert_encoding($LANGUAGE_FILE); if (is_file($LANGUAGE_FILE_OS)) {include($LANGUAGE_FILE_OS);} } //If specified, validate $WYSIWYG_PLUGIN. Actual include() is at end of OneFileCMS. $WYSIWYG_VALID = 0; //Default to invalid. if (isset($WYSIWYG_PLUGIN)) { $WYSIWYG_PLUGIN_OS = Convert_encoding($WYSIWYG_PLUGIN); //Also used for include() if (is_file($WYSIWYG_PLUGIN_OS)) { $WYSIWYG_VALID = 1; } } //If specified, clean up & validate $ACCESS_ROOT if (!isset($ACCESS_ROOT)) { $ACCESS_ROOT = ''; } //At least make sure it's set. $ACCESS_ROOT_OS = Convert_encoding($ACCESS_ROOT); if (!is_dir($DOC_ROOT_OS.$ACCESS_ROOT_OS) || (Check_path($ACCESS_ROOT,1) === false) ) { $MESSAGE .= __LINE__.$EX.'$ACCESS_ROOT '.hsc($_['Invalid_path']).': '.$ACCESS_ROOT.'
'; $ACCESS_ROOT = $ACCESS_ROOT_OS = ''; } if ($ACCESS_ROOT != '') { $ACCESS_ROOT = trim($ACCESS_ROOT, ' /').'/'; //make sure only a single trailing '/' $ACCESS_ROOT_OS = Convert_encoding($ACCESS_ROOT); } $ACCESS_ROOT_enc = mb_detect_encoding($ACCESS_ROOT); $ACCESS_ROOT_len = mb_strlen($ACCESS_ROOT, $ACCESS_ROOT_enc); $MAIN_WIDTH = validate_units($MAIN_WIDTH); $WIDE_VIEW_WIDTH = validate_units($WIDE_VIEW_WIDTH); ini_set('session.gc_maxlifetime', $MAX_IDLE_TIME + 100); //in case the default is less. $VALID_PAGES = array("login","logout","admin","hash","changepw","changeun","index","edit","upload","uploaded","newfile","renamefile","copyfile","deletefile","deletefolder","newfolder","renamefolder","copyfolder","mcdaction", "phpinfo", "raw_view"); //Make arrays out of a few config variables for actual use later. //First, remove spaces and make lowercase (for *types). $SHOWALLFILES = $STYPES = false; if ($SHOW_FILES == '*') { $SHOWALLFILES = true; } else { $STYPES = explode(',', mb_strtolower(str_replace(' ', '', $SHOW_FILES))); }//shown file types $ETYPES = explode(',', mb_strtolower(str_replace(' ', '', $EDIT_FILES))); //editable file types $ITYPES = explode(',', mb_strtolower(str_replace(' ', '', $SHOW_IMGS))); //images types to display $FTYPES = explode(',', mb_strtolower(str_replace(' ', '', $FILE_TYPES))); //file types with icons $FCLASSES = explode(',', mb_strtolower(str_replace(' ', '', $FILE_CLASSES))); //for file types with icons $EXCLUDED_LIST = explode(',', str_replace(' ', '', $EXCLUDED_FILES)); //A few variables for values that were otherwise hardcoded in js. //$DELAY_... values are in milliseconds. //The values were determined thru quick experimentation, and may be tweaked if desired, except as noted. $DELAY_Sort_and_Show_msgs = 20; //Needed so "Working..." message shows during directory sorts. Mostly for Firefox. $DELAY_Start_Countdown = 25; //Needs to be > than $Sort_and_Show_msgs. Used in Timeout_Timer(). $DELAY_final_messages = 25; //Needs to be > than $Sort_and_Show_msgs. Delays final Display_Messages(). $DELAY_Expired_Reload = 10000; //Delay from Session Expired to page load of login screen. Ten seconds, but can be less/more. $MIN_DIR_ITEMS = 25; //Minimum number of directory items before "Working..." message is needed/displayed. //Used in hashit() and js_hash_scripts(). IE<9 is WAY slow, so keep it low. //For 200 iterations: (time on IE8) > (37 x time on FF). And the difference grows with the iterations. //If you change this, or any other aspect of either hashit() or js_hash_scripts(), do so while logged in. //Then, manually update your password as instructed on the Admin/Generate Hash page. $PRE_ITERATIONS = 1000; }//end System_Setup() //******************************************************* function Default_Language() { // *********************************************** global $_; // OneFileCMS Language Settings v3.5.19 $_['LANGUAGE'] = 'English'; $_['LANG'] = 'EN'; // If no translation or value is desired for a particular setting, do not delete // the actual setting variable, just set it to an empty string. // For example: $_['some_unused_setting'] = ''; // // Remember to slash-escape any single quotes that may be within the text: \' // The back-slash itself may or may not also need to be escaped: \\ // // If present as a trailing comment, "## NT ##" means 'Needs Translation'. // // These first few settings control a few font and layout settings. // In some instances, some langauges may use significantly longer words or phrases than others. // So, a smaller font or less spacing may be desirable in those places to preserve page layout. $_['front_links_font_size'] = '1.0em'; //Buttons on Index page. $_['front_links_margin_L'] = '1.0em'; $_['MCD_margin_R'] = '1.0em'; //[Move] [Copy] [Delete] buttons $_['button_font_size'] = '0.9em'; //Buttons on Edit page. $_['button_margin_L'] = '0.7em'; $_['button_padding'] = '4px 4px 4px 4px'; //T R B L $_['image_info_font_size'] = '1em'; //show_img_msg_01 & _02 $_['image_info_pos'] = ''; //If 1 or true, moves the info down a line for more space. $_['select_all_label_size'] = '.84em'; //Font size of $_['Select_All'] $_['select_all_label_width'] = '72px'; //Width of space for $_['Select_All'] $_['HTML'] = 'HTML'; $_['WYSIWYG'] = 'WYSIWYG'; $_['Admin'] = 'Admin'; $_['bytes'] = 'bytes'; $_['Cancel'] = 'Cancel'; $_['cancelled'] = 'cancelled'; //## NT ## as of 3.5.07 $_['Close'] = 'Close'; $_['Copy'] = 'Copy'; $_['Copied'] = 'Copied'; $_['Create'] = 'Create'; $_['Date'] = 'Date'; $_['Delete'] = 'Delete'; $_['DELETE'] = 'DELETE'; $_['Deleted'] = 'Deleted'; $_['Edit'] = 'Edit'; $_['Enter'] = 'Enter'; $_['Error'] = 'Error'; $_['errors'] = 'errors'; $_['ext'] = '.ext'; //## NT ## filename[.ext]ension $_['File'] = 'File'; $_['files'] = 'files'; $_['Folder'] = 'Folder'; $_['folders'] = 'folders'; $_['From'] = 'From'; $_['Hash'] = 'Hash'; $_['Move'] = 'Move'; $_['Moved'] = 'Moved'; $_['Name'] = 'Name'; $_['on'] = 'on'; $_['off'] = 'off'; //## NT ## as of 3.5.19 $_['Password'] = 'Password'; $_['Rename'] = 'Rename'; $_['reset'] = 'Reset'; $_['save_1'] = 'Save'; $_['save_2'] = 'SAVE CHANGES'; $_['Size'] = 'Size'; $_['Source'] = 'Source'; $_['successful'] = 'successful'; $_['To'] = 'To'; $_['Upload'] = 'Upload'; $_['Username'] = 'Username'; $_['View'] = 'View'; $_['Working'] = 'Working - please wait...'; $_['Log_In'] = 'Log In'; $_['Log_Out'] = 'Log Out'; $_['Admin_Options'] = 'Administration Options'; $_['Are_you_sure'] = 'Are you sure?'; $_['View_Raw'] = 'View Raw'; //## NT ### as of 3.5.07 $_['Open_View'] = 'Open/View in browser window'; $_['Edit_View'] = 'Edit / View'; $_['Wide_View'] = 'Wide View'; $_['Normal_View'] = 'Normal View'; $_['Word_Wrap'] = 'Word Wrap'; //## NT ## as of 3.5.19 $_['Upload_File'] = 'Upload File'; $_['New_File'] = 'New File'; $_['Ren_Move'] = 'Rename / Move'; $_['Ren_Moved'] = 'Renamed / Moved'; $_['folders_first'] = 'folders first'; //## NT ## $_['folders_first_info'] = 'Sort folders first, but don\'t change primary sort.'; //## NT ## $_['New_Folder'] = 'New Folder'; $_['Ren_Folder'] = 'Rename / Move Folder'; $_['Submit'] = 'Submit Request'; $_['Move_Files'] = 'Move File(s)'; $_['Copy_Files'] = 'Copy File(s)'; $_['Del_Files'] = 'Delete File(s)'; $_['Selected_Files'] = 'Selected Folders and Files'; $_['Select_All'] = 'Select All'; $_['Clear_All'] = 'Clear All'; $_['New_Location'] = 'New Location'; $_['No_files'] = 'No files selected.'; $_['Not_found'] = 'Not found'; $_['Invalid_path'] = 'Invalid path'; $_['verify_msg_01'] = 'Session expired.'; $_['verify_msg_02'] = 'INVALID POST'; $_['get_get_msg_01'] = 'File does not exist:'; $_['get_get_msg_02'] = 'Invalid page request:'; $_['check_path_msg_02'] = '"dot" or "dot dot" path segments are not permitted.'; $_['check_path_msg_03'] = 'Path or filename contains an invalid character:'; $_['ord_msg_01'] = 'A file with that name already exists in the target directory.'; $_['ord_msg_02'] = 'Saving as'; $_['rCopy_msg_01'] = 'A folder can not be copied into one of its own sub-folders.'; $_['show_img_msg_01'] = 'Image shown at ~'; $_['show_img_msg_02'] = '% of full size (W x H ='; $_['hash_txt_01'] = 'The hashes generated by this page may be used to manually update $HASHWORD in OneFileCMS, or in an external config file. In either case, make sure you remember the password used to generate the hash!'; $_['hash_txt_06'] = 'Type your desired password in the input field above and hit Enter.'; $_['hash_txt_07'] = 'The hash will be displayed in a yellow message box above that.'; $_['hash_txt_08'] = 'Copy and paste the new hash to the $HASHWORD variable in the config section.'; $_['hash_txt_09'] = 'Make sure to copy ALL of, and ONLY, the hash (no leading or trailing spaces etc).'; $_['hash_txt_10'] = 'A double-click should select it...'; $_['hash_txt_12'] = 'When ready, logout and login.'; $_['pass_to_hash'] = 'Password to hash:'; $_['Generate_Hash'] = 'Generate Hash'; $_['login_txt_01'] = 'Username:'; $_['login_txt_02'] = 'Password:'; $_['login_msg_01a'] = 'There have been'; $_['login_msg_01b'] = 'invalid login attempts.'; $_['login_msg_02a'] = 'Please wait'; $_['login_msg_02b'] = 'seconds to try again.'; $_['login_msg_03'] = 'INVALID LOGIN ATTEMPT #'; $_['edit_note_00'] = 'NOTES:'; $_['edit_note_01a'] = 'Remember- '; $_['edit_note_01b'] = 'is'; $_['edit_note_02'] = 'So save changes before the clock runs out, or the changes will be lost!'; $_['edit_note_03'] = 'With some browsers, such as Chrome, if you click the browser [Back] then browser [Forward], the file state may not be accurate. To correct, click the browser\'s [Reload].'; $_['edit_h2_1'] = 'Viewing:'; $_['edit_h2_2'] = 'Editing:'; $_['edit_txt_00'] = 'Edit disabled.'; //## NT ## as of 3.5.07 $_['edit_txt_01'] = 'Non-text or unkown file type. Edit disabled.'; $_['edit_txt_02'] = 'File possibly contains an invalid character. Edit and view disabled.'; $_['edit_txt_03'] = 'htmlspecialchars() returned an empty string from what may be an otherwise valid file.'; $_['edit_txt_04'] = 'This behavior can be inconsistant from version to version of php.'; $_['too_large_to_edit_01'] = 'Edit disabled. Filesize >'; $_['too_large_to_edit_02'] = 'Some browsers (ie: IE) bog down or become unstable while editing a large file in an HTML \n"; echo "\n"; echo "
".hsc($_['Word_Wrap']).":"; echo ""; echo ""; echo "
\n"; } }//end if/elseif... if ( $text_editable && $too_large_to_view ) //This condition must come first. { echo '

'.$too_large_to_view_message.'

'; } elseif ($IS_OFCMS || $too_large_to_edit) { echo '
'.$FILECONTENTS.'
'."\n"; } }//end if non-image Edit_Page_buttons($text_editable, $too_large_to_edit); echo ''; Edit_Page_scripts(); if ( !$IS_OFCMS && $text_editable && !$too_large_to_edit && !$bad_chars ) {Edit_Page_Notes();} }//end Edit_Page_form() //****************************************************** function Edit_Page_Notes() {//************************************************** global $_, $MAX_IDLE_TIME; $SEC = $MAX_IDLE_TIME; $HRS = floor($SEC/3600); $SEC = fmod($SEC,3600); $MIN = floor($SEC/60); if ($MIN < 10) { $MIN = "0".$MIN; }; $SEC = fmod($SEC,60); if ($SEC < 10) { $SEC = "0".$SEC; }; $HRS_MIN_SEC = $HRS.':'.$MIN.':'.$SEC; ?>
1)
2)
$MAX_EDIT_SIZE); $too_large_to_view = (filesize($filename_OS) > $MAX_VIEW_SIZE); //Don't load $WYSIWYG_PLUGIN if not needed if (!$text_editable || $too_large_to_edit) {$WYSIWYG_VALID = 0;} //Get file contents if (($text_editable && !$too_large_to_view) || $IS_OFCMS) { $raw_contents = file_get_contents($filename_OS); $file_ENC = mb_detect_encoding($raw_contents); //ASCII, UTF-8, ISO-8859-1, etc... if ($file_ENC != 'UTF-8') { $raw_contents = mb_convert_encoding($raw_contents, 'UTF-8', $file_ENC); } }else{ $file_ENC = ""; $raw_contents = ""; } if (PHP_VERSION_ID < 50400) { $FILECONTENTS = hsc($raw_contents); } else { $FILECONTENTS = htmlspecialchars($raw_contents,ENT_SUBSTITUTE | ENT_QUOTES, 'UTF-8'); } if ($too_large_to_view || !$text_editable) { $header2 = "";} elseif ($text_editable && !$too_large_to_edit && !$IS_OFCMS) { $header2 = hsc($_['edit_h2_2']); } else { $header2 = hsc($_['edit_h2_1']); } echo '

'.$header2.' '; echo ''; echo hsc(basename($filename)).''; echo '

'."\n"; Edit_Page_form($ext, $text_editable, $too_large_to_edit, $too_large_to_view, $file_ENC); if ( in_array( $ext, $ITYPES) ) { show_image(); } //If image, show below the [Rename/Move] [Copy] [Delete] buttons echo '
'; //If viewing OneFileCMS itself, show Edit Disabled message. if ($IS_OFCMS && $page == "edit") { $MESSAGE .= ''; $MESSAGE .= ''; $MESSAGE .= ''.$EX.hsc($_['edit_caution_02']).'   '.$_['edit_txt_00'].'
'; } }//end Edit_Page() //*********************************************************** function Edit_response() {//***If on Edit page, and [Save] clicked ************* global $_, $EX, $MESSAGE, $filename, $filename_OS; $contents = $_POST['contents']; $contents = str_replace("\r\n", "\n", $contents); //Normalize EOL $contents = str_replace("\r" , "\n", $contents); //Normalize EOL $bytes = file_put_contents($filename_OS, $contents); if ($bytes !== false) { $MESSAGE .= ''.hsc($_['edit_msg_01']).' '.number_format($bytes).' '.hsc($_['edit_msg_02']).'
'; }else{ $MESSAGE .= $EX.''.hsc($_['edit_msg_03']).'
'; } }//end Edit_response() //******************************************************* function Upload_Page() {//****************************************************** global $_, $ONESCRIPT, $ipath, $param1, $INPUT_NUONCE, $UPLOAD_FIELDS, $MAIN_WIDTH; $max_file_uploads = ini_get('max_file_uploads'); if ($max_file_uploads < 1) { $max_file_uploads = $UPLOAD_FIELDS; } if ($max_file_uploads < $UPLOAD_FIELDS) { $UPLOAD_FIELDS = $max_file_uploads; } //$main_width is used below to determine size (width) of in FF. $main_width = $MAIN_WIDTH * 1; //set in config section. Default is 810px. $main_units = mb_substr($MAIN_WIDTH, -2); //should be px, pt, or em. //convert to px. 16px = 12pt = 1em if ( $main_units == "em") { $main_width = $main_width * 16 ; } elseif ( $main_units == "pt") { $main_width = $main_width * (16 / 12); } echo '

'.hsc($_['Upload_File']).'

'; echo '

'; echo hsc($_['upload_txt_03']).' '.ini_get('upload_max_filesize').' '.hsc($_['upload_txt_01']).'
'; echo hsc($_['upload_txt_04']).' '.ini_get('post_max_size') .' '.hsc($_['upload_txt_02']).'
'; echo '

'; echo $INPUT_NUONCE; echo '
'; echo '
'; //So
'; for ($x = 0; $x < $UPLOAD_FIELDS; $x++) { //size attibute is for FF (and is not em, px, pt, or %). //width attribute is for IE & Chrome, and can be set via css (in style_sheet()). //In FF, width of is 121px. If size=2, width = 128, etc. The base value is 114px. echo '
'."\n"; } echo '

'; Cancel_Submit_Buttons($_['Upload']); echo '

'; }//end Upload_Page() //********************************************************* function Upload_response() {//************************************************** global $_, $ipath, $ipath_OS, $page, $EX, $MESSAGE, $UPLOAD_FIELDS; $page = "index"; //return to index. $filecount = 0; foreach ($_FILES['upload_file']['name'] as $N => $name) { if ($name == "") { continue; } //ignore empty upload fields $filecount++; $filename_up = $ipath.$_FILES['upload_file']['name'][$N]; //just filename, no path. $filename_OS = Convert_encoding($filename_up); $savefile_msg = ''; $MAXUP1 = ini_get('upload_max_filesize'); //$MAXUP2 = ''; //number_format($_POST['MAX_FILE_SIZE']).' '.hsc($_['bytes']); $ERROR = $_FILES['upload_file']['error'][$N]; if ( $ERROR == 1 ){ $ERRMSG = hsc($_['upload_err_01']).' upload_max_filesize = '.$MAXUP1;} elseif (($ERROR > 1) && ($ERROR < 9)) { $ERRMSG = hsc($_['upload_err_0'.$ERROR]); } else { $ERRMSG = ''; } if ( ($ipath === false) || (($ipath != "") && !is_dir($ipath_OS))) { $MESSAGE .= $EX.''.hsc($_['upload_msg_02']).'
'; $MESSAGE .= ''.hsc($ipath).'
'; $MESSAGE .= hsc($_['upload_msg_03']).'
'; }else{ $MESSAGE .= ''.hsc($_['upload_msg_04']).' '.hsc(basename($filename_up)).'
'; if ( isset($_POST['ifexists']) && ($_POST['ifexists'] == 'overwrite') ) { if (is_file($filename_OS)) { $savefile_msg .= hsc($_['upload_msg_07']) ; } }else{ //rename to "file.etc.001" etc... $filename_up = add_serial_num($filename_up, $savefile_msg); } $filename_OS = Convert_encoding($filename_up); if(move_uploaded_file($_FILES['upload_file']['tmp_name'][$N], $filename_OS)) { $MESSAGE .= ''.hsc($_['upload_msg_05']).' '.$savefile_msg.'
'; } else{ $MESSAGE .= ''.$EX.hsc($_['upload_msg_06']).' '.$ERRMSG.'
'; } } }//end foreach $_FILES if ($filecount == 0) { $page = "upload"; } //If nothing selected, just reload Upload page. }//end Upload_response() //***************************************************** function New_Page($title, $new_f_or_f) {//********************************************** global $_, $FORM_COMMON, $INVALID_CHARS; echo '

'.hsc($title).'

'; echo $FORM_COMMON; echo '

'.hsc($_['new_file_txt_01'].' '.$_['new_file_txt_02']); echo ' '.hsc($INVALID_CHARS).'

'; echo '

'; Cancel_Submit_Buttons($_['Create']); echo ''; }//end New_Page() //************************************************************ function New_response($post, $isfile) {//*************************************** global $_, $ipath, $ipath_OS, $filename, $filename_OS, $page, $param1, $param2, $param3, $MESSAGE, $EX, $INVALID_CHARS, $WHSPC_SLASH; $page = "index"; //Return to index if folder, or on error. $new_name = trim($_POST[$post], $WHSPC_SLASH); //Trim whitespace & slashes. $filename = $ipath.$new_name; $filename_OS = Convert_encoding($filename); if ($isfile) { $f_or_f = "file"; } else { $f_or_f = "folder"; } $msg_new = ''.hsc($new_name).'
'; if (has_invalid_char($new_name)){ $MESSAGE .= $EX.''.hsc($_['new_file_msg_01']).' '.$msg_new; $MESSAGE .= ''.hsc($_['new_file_msg_02']).' '.hsc($INVALID_CHARS).''; }elseif ($new_name == ""){ //No new name given. $page = "new".$f_or_f; $param3 = '&p=index'; //For [Cancel] button }elseif (file_exists($filename_OS)) { //Does file or folder already exist ? $MESSAGE .= $EX.''.hsc($_['new_file_msg_04']).' '.$msg_new; }elseif ($isfile && touch($filename_OS) ) { //Create File $MESSAGE .= ''.hsc($_['new_file_msg_05']).' '.$msg_new; //New File success. $page = "edit"; //Return to edit page. $param2 = '&f='.rawurlencode(basename($filename)); //for Edit_Page() buttons $param3 = '&p=edit'; //for Edit_Page() buttons }elseif (!$isfile && mkdir($filename_OS,0755)) { //Create Folder $MESSAGE .= ''.hsc($_['new_file_msg_07']).' '.$msg_new; //New folder success $ipath = $filename; //return to new folder $ipath_OS = Convert_encoding($filename); $param1 = '?i='.URLencode_path($ipath); }else{ $MESSAGE .= $EX.''.hsc($_['new_file_msg_01']).':
'.$msg_new; //'Error - new file not created:' } }//end New_response() //******************************************************** function Set_Input_width() {//************************************************** global $_, $WEB_ROOT, $MAIN_WIDTH, $ACCESS_ROOT; // (width of ) = $MAIN_WIDTH - (Width of

'.hsc($action.' '.$title).'

'; echo $FORM_COMMON; echo ''; echo ''; echo ''; echo '
'; echo ''; echo ''.hsc($WEB_ROOT.$ACCESS_ROOT).''; echo '
'; echo '('.hsc($_['CRM_txt_02']).')

'; Cancel_Submit_Buttons($action); echo ''; }//end CRM_Page() //************************************************************ function CRM_response($action, $msg1, $show_message = 3) {//******************** //$action = 'rCopy' or 'rename'. Returns 0 if successful, 1 on error. //$show_message: 0 = none; 1 = errors only; 2 = successes only; 3 = all messages (default). global $_, $ONESCRIPT, $ipath, $ipath_OS, $filename, $page, $param1, $param2, $param3, $MESSAGE, $EX, $INVALID_CHARS, $WHSPC_SLASH; $old_full_name = trim($_POST['old_full_name'], $WHSPC_SLASH); //Trim whitespace & slashes. $new_name_only = trim($_POST['new_name'], $WHSPC_SLASH); $new_location = trim($_POST['new_location'], $WHSPC_SLASH); if ($new_location != "") { $new_location .= '/'; } $new_full_name = $new_location.$new_name_only; $filename = $old_full_name; //default if error. //for function calls that access the server file system, such as rCopy, rename, file_exists, etc... $old_full_name_OS = Convert_encoding($old_full_name); $new_full_name_OS = Convert_encoding($new_full_name); $new_location_OS = Convert_encoding($new_location); $isfile = 0; if (is_file($old_full_name_OS)) { $isfile = 1;} //File or folder? //Common message lines $com_msg = '

'.hsc($_['From']).'
'.hsc($_['To']).'
'; $com_msg .= ': '.hsc($old_full_name).'
'; $com_msg .= ': '.hsc($new_full_name).'
'; $bad_name = ""; //bad file or folder name (can be either old_ or new_) $err_msg = ''; //Error message. $scs_msg = ''; //Success message. $error_code = 0; //1 = success (no error), 0 = an error. Used for return value. //Check old name for invalid chars (like .. ) (Unlikely to be false outside a malicious attempt) if ( Check_path($old_full_name,$show_message) === false ) { $bad_name = $old_full_name; }elseif ( !file_exists($old_full_name_OS) ) { $err_msg .= $EX.''.hsc($msg1.' '.hsc($_['CRM_msg_02'])).'
'; $bad_name = $old_full_name; //Ignore if new name is blank. }elseif ( mb_strlen($new_name_only) == 0 ) { $page = 'copyfile'; $param3 = '&p=copyfile'; return 0; //Check new name for invalid chars, including slashes. }elseif ( has_invalid_char($new_name_only) ) { $err_msg .= $EX.''.hsc($_['new_file_msg_02']).' '.hsc($INVALID_CHARS).'
'; $bad_name = $new_name_only; //Check new location for invalid chars etc. }elseif ( Check_path($new_location,$show_message) === false ) { $bad_name = $new_location; //$new_location must already exist as a directory }elseif ( ($new_location != "") && !is_dir($new_location_OS) ) { $err_msg .= $EX.''.hsc($msg1.' '.hsc($_['CRM_msg_01'])).'
'; $bad_name = $new_location; //Don't overwrite existing files. }elseif ( file_exists($new_full_name_OS) ) { $bad_name = $new_full_name; $err_msg .= $EX.''.hsc($msg1.' '.hsc($_['CRM_msg_03'])).'
'; }else{ //attempt $action $error_code = $action($old_full_name_OS, $new_full_name_OS); if ( $error_code > 0 ) { $scs_msg .= ''.hsc($msg1.' '.hsc($_['successful'])).'
'.$com_msg; if ($isfile) { $filename = $new_full_name; } $ipath = $new_location; $ipath_OS = $new_location_OS; }else{ $err_msg .= $EX.''.hsc($_['CRM_msg_05'].' '.$msg1).'
'.$com_msg; } }// if (($bad_name !='' ) && ($error_code == 0)) { $err_msg .= ''.hsc($bad_name).'
'; } if (($show_message & 1) && ($error_code == 0)) { $MESSAGE .= $err_msg; } //Show error message. if ( $show_message & 2) { $MESSAGE .= $scs_msg; } //Show success message. //Prior page should be either index or edit $page = $_SESSION['recent_pages'][1]; $param1 = '?i='.URLencode_path($ipath); if ($isfile & $page == "edit") {$param2 = '&f='.rawurlencode(basename($filename));} return $error_code; // }//end CRM_response() //******************************************************** function Delete_response($target, $show_message=3) {//************************** global $_, $ipath, $ipath_OS, $param1, $filename, $param2, $page, $MESSAGE, $EX; if ($target == "") { return 0; } //Prevent accidental delete of entire website. $target = Check_path($target,$show_message); //Make sure $target is within $WEB_ROOT $target = trim($target,'/'); $page = "index"; //Return to index //If came from admin page, return there. if ( $_SESSION['admin_page'] ) { $page = 'admin'; } $err_msg = ''; //On error, set this message. $scs_msg = ''; //On success, set this message. $error_code = rDel($target); if ($error_code > 0) { // 0 = error, > 0 is number of successes $scs_msg .= ''.hsc($_['Deleted']).': '; $scs_msg .= ''.hsc(basename($target)).'
'; $ipath = dir_name($target); //Return to parent dir. $ipath_OS = Convert_encoding($ipath); $param1 = '?i='.URLencode_path($ipath); $filename = ""; $param2 = ""; }else { //Error $err_msg .= $EX.''.hsc($_['delete_msg_03']).' '.hsc($target).'
'; $page = $_SESSION['recent_pages'][1]; if ($page == "edit") { $filename = $target; $param2 = '&f='.basename($filename); } } if ($show_message & 1) { $MESSAGE .= $err_msg; } //Show error message. if ($show_message & 2) { $MESSAGE .= $scs_msg; } //Show success message. return $error_code; }//end Delete_response() //***************************************************** function MCD_Page($action, $page_title, $classes = '') {//********************** //$action = mcd_mov or mcd_cpy or mcd_del global $_, $WEB_ROOT, $ONESCRIPT, $ipath, $ipath_OS, $param1, $filename, $page, $ICONS, $ACCESS_ROOT, $ACCESS_PATH, $INPUT_NUONCE, $MESSAGE; //Prep for a single file or folder if( $page == "deletefile" || $page == "deletefolder" ){ $_POST['mcdaction'] = 'delete'; //set mcdaction != copy or move (see below). if ($page == "deletefile") { $_POST['files'][1] = basename($filename); } //If $page == deletefolder, $_POST['files'][1] is set in Verify_Page_Conditions() } Set_Input_width(); echo '

'.hsc($page_title).'

'; echo '
'.$INPUT_NUONCE; echo ''."\n"; if ( ($_POST['mcdaction'] == 'copy') || ($_POST['mcdaction'] == 'move') ) { echo ''; echo ''.hsc($WEB_ROOT.$ACCESS_ROOT).''; echo ''; echo '

('.hsc($_['CRM_txt_02']).')

'; } echo '

'.hsc($_['Are_you_sure']).'

'; Cancel_Submit_Buttons($page_title); //List selected folders & files $full_list = Sort_Seperate($ipath, $_POST['files']); echo ''; echo ''."\n"; foreach ($full_list as $file) { $file_OS = Convert_encoding($file); if (is_dir($ipath_OS.$file_OS)) { echo ''; } else { echo ''; } echo ''."\n"; } echo '
'.hsc($_['Selected_Files']).':
'.$ICONS['folder'].' '.hsc($file).' /
' .hsc($file).'
'; echo '
'; }//end MCD_Page() //************************************************************ function MCD_response($action, $msg1, $success_msg = '') {//******************** global $_, $ipath, $ipath_OS, $EX, $MESSAGE, $WHSPC_SLASH; $files = $_POST['files']; //List of files to delete (path not included) $errors = 0; //number of failed moves, copies, or deletes $successful = 0; $new_location = ""; if (isset($_POST['new_location'])) { $new_location = $_POST['new_location']; $new_location_OS = Convert_encoding($_POST['new_location']); } $show_message = 1; //1= show error msg only. if ( ($new_location != "") && !is_dir($new_location_OS)) { $MESSAGE .= $EX.''.hsc($msg1.' '.$_['CRM_msg_01']).'
'; $MESSAGE .= ''.hsc($_POST['new_location']).'
'; return; }elseif ($action == 'rDel') { foreach ($files as $file){ if ($file == "") {continue;} //a blank file name would cause $ipath to be deleted. $error_code = Delete_response($ipath.$file, $show_message); $successful += $error_code; if ($error_code == 0) {$errors++;} } }else { //move or rCopy $mcd_ipath = $ipath; //CRM_response() changes $ipath to $new_location foreach ($files as $file){ $_POST['old_full_name'] = $mcd_ipath.$file; $_POST['new_name'] = $file; //$_POST['new_location'] should already be set by the client ( via MCD_Page() ). $error_code = CRM_response($action, $msg1, $show_message); $successful += $error_code; if ($error_code == 0) {$errors++;} } } if ($errors) {$MESSAGE .= $EX.' '.$errors.' '.hsc($_['errors']).'.
';} $MESSAGE .= ''.$successful.' '.hsc($success_msg).'
'; if ($action != 'rDel') { if ($successful > 0) { //"From:" & "To:" lines if any successes. $MESSAGE .= '
'.hsc($_['From']).'
'.hsc($_['To']).'
'; $MESSAGE .= ': '.hsc($mcd_ipath).'
'; $MESSAGE .= ': '.hsc($ipath).'
'; } } }//end MCD_response() //******************************************************** function Page_Title() {//***Page_Title()************************* global $_, $page; if (!$_SESSION['valid']) { return $_['Log_In']; } elseif ($page == "admin") { return $_['Admin_Options']; } elseif ($page == "hash") { return $_['Generate_Hash']; } elseif ($page == "changepw") { return $_['pw_change']; } elseif ($page == "changeun") { return $_['un_change']; } elseif ($page == "edit") { return $_['Edit_View']; } elseif ($page == "upload") { return $_['Upload_File']; } elseif ($page == "newfile") { return $_['New_File']; } elseif ($page == "copyfile" ) { return $_['Copy_Files']; } elseif ($page == "copyfolder" ) { return $_['Copy_Files']; } elseif ($page == "renamefile") { return $_['Ren_Move'].' '.$_['File'];} elseif ($page == "deletefile") { return $_['Del_Files']; } elseif ($page == "deletefolder") { return $_['Del_Files']; } elseif ($page == "newfolder") { return $_['New_Folder']; } elseif ($page == "renamefolder") { return $_['Ren_Folder']; } elseif ($page == "mcdaction" && ($_POST['mcdaction'] == "copy") ) { return $_['Copy_Files'];} elseif ($page == "mcdaction" && ($_POST['mcdaction'] == "move") ) { return $_['Move_Files'];} elseif ($page == "mcdaction" && ($_POST['mcdaction'] == "delete") ) { return $_['Del_Files']; } else { return $_SERVER['SERVER_NAME']; } }//end Page_Title() //********************************************************** function Load_Selected_Page() {//*********************************************** global $_, $ONESCRIPT, $ipath, $filename, $page; if (!$_SESSION['valid']) { Login_Page(); } elseif ($page == "admin") { Admin_Page(); } elseif ($page == "hash") { Hash_Page(); } elseif ($page == "changepw") { Change_PWUN_Page('pw', 'password', $_['pw_change'], $_['pw_new'], $_['pw_confirm']);} elseif ($page == "changeun") { Change_PWUN_Page('un', 'text', $_['un_change'], $_['un_new'], $_['un_confirm']);} elseif ($page == "edit") { Edit_Page(); } elseif ($page == "upload") { Upload_Page();} elseif ($page == "newfile") { New_Page($_['New_File'] , "new_file"); } elseif ($page == "newfolder") { New_Page($_['New_Folder'], "new_folder");} elseif ($page == "copyfile") { CRM_Page($_['Copy'], $_['File'] , 'copy_file' , $filename);} elseif ($page == "copyfolder") { CRM_Page($_['Copy'], $_['Folder'], 'copy_file' , $ipath);} elseif ($page == "renamefile") { CRM_Page($_['Ren_Move'], $_['File'] , 'rename_file', $filename);} elseif ($page == "renamefolder") { CRM_Page($_['Ren_Move'], $_['Folder'], 'rename_file', $ipath);} elseif ($page == "deletefile") { MCD_Page('mcd_del', $_['Del_Files'],'verify_del'); } elseif ($page == "deletefolder") { MCD_Page('mcd_del', $_['Del_Files'],'verify_del'); } elseif ($page == "mcdaction") { if ($_POST['mcdaction'] == 'move') { MCD_Page('mcd_mov', $_['Move_Files']); } if ($_POST['mcdaction'] == 'copy') { MCD_Page('mcd_cpy', $_['Copy_Files']); } if ($_POST['mcdaction'] == 'delete'){ MCD_Page('mcd_del', $_['Del_Files'], 'verify_del'); } } else { Index_Page(); } //default if valid session. }//end Load_Selected_Page() //************************************************** function Respond_to_POST() {//************************************************** global $_, $VALID_POST, $ipath, $page, $EX, $ACCESS_ROOT, $MESSAGE; if (!$VALID_POST) { return; } //First, validate any $_POST'ed paths against $ACCESS_ROOT. if (isset($_POST["old_full_name"]) && !Valid_Path($_POST["old_full_name"], false)) { //unlikely, but just in case $MESSAGE .= $EX.''.hsc($_['Invalid_path']).': '.hsc($_POST["old_full_name"]).''; $VALID_POST = 0; return; } if (isset($_POST["new_location"])) { $_POST["new_location"] = $ACCESS_ROOT.$_POST["new_location"]; if (!Valid_Path($_POST["new_location"], false)) { $MESSAGE .= $EX.''.hsc($_['Invalid_path']).': '.hsc($_POST["new_location"]).''; $VALID_POST = 0; return; } } if (isset($_POST['mcd_mov'] )) { MCD_response('rename', $_['Ren_Move'], $_['mcd_msg_01']); } //move == rename elseif (isset($_POST['mcd_cpy'] )) { MCD_response('rCopy' , $_['Copy'] , $_['mcd_msg_02']); } elseif (isset($_POST['mcd_del'] )) { MCD_response('rDel' , $_['Delete'] , $_['mcd_msg_03']); } elseif (isset($_POST['whattohash'] )) { Hash_response(); } elseif (isset($_POST['pw'] )) { Change_PWUN_response('pw', $_['change_pw_02']);} elseif (isset($_POST['un'] )) { Change_PWUN_response('un', $_['change_un_02']);} elseif (isset($_POST['filename'] )) { Edit_response(); } elseif (isset($_POST['new_file'] )) { New_response('new_file' , 1);} //1=file elseif (isset($_POST['new_folder'] )) { New_response('new_folder', 0);} //0=folder elseif (isset($_POST['rename_file'] )) { CRM_response('rename', $_['Ren_Move']);} elseif (isset($_POST['copy_file'] )) { CRM_response('rCopy' , $_['Copy'] );} elseif (isset($_FILES['upload_file']['name'])) { Upload_response(); } //If Changed p/w, u/n, or other Admin Page action, make sure to not return to a folder outside of $ACCESS_ROOT. Valid_Path($ipath, true); }//end Respond_to_POST() //***************************************************** function init_ICONS_js() {//**************************************************** global $ICONS; //Currently, only icons for dir listing are needed in js ?> '; } Language_and_config_adjusted_styles(); }//end Load_style_sheet() //**************************************************** //****************************************************************************** //Main logic to determine page action //****************************************************************************** Default_Language(); System_Setup(); Session_Startup(); if (!isset($_SESSION['admin_page'])) { $_SESSION['admin_page'] = false; $_SESSION['admin_ipath'] = ''; } if ($_SESSION['valid']) { undo_magic_quotes(); Init_ICONS(); Get_GET(); if ($page == "phpinfo") { phpinfo(); die; } Valid_Path($ipath, true); Validate_params(); Init_Macros(); //Needs to be after Get_Get()/Validate_params()/Valid_Path() //$ACCESS_ROOT.$ACCESS_PATH == $ipath $ipath_len = mb_strlen($ipath); $ACCESS_PATH = ''; if (($ACCESS_ROOT_len < $ipath_len)) { $ACCESS_PATH = trim(mb_substr($ipath, $ACCESS_ROOT_len), ' /').'/'; } Respond_to_POST(); Verify_Page_Conditions(); //Must come after Respond_to_POST() Update_Recent_Pages(); //Don't show current/path/ header on some pages. $Show_Path = true; $pages_dont_show_path = array("login","admin","hash","changepw","changeun"); if ( in_array($page, $pages_dont_show_path) ){ $Show_Path = false; } // }//end if $_SESSION[valid] //end logic to determine page action ******************************************* //****************************************************************************** //Output page contents //****************************************************************************** $early_output = ob_get_clean(); // Should be blank unless trouble-shooting. ob_start(); header('Content-type: text/html; charset=UTF-8'); ?> '.hsc($MAIN_TITLE.' - '.Page_Title()).''."\n"; Load_style_sheet(); common_scripts(); echo ''; Error_reporting_status_and_early_output(0,0); //0,0 will only show early output. if ($_SESSION['valid']) { echo '
'; } else { echo '
'; } Page_Header(); if ($_SESSION['valid'] && $Show_Path) { Current_Path_Header(); } $TABINDEX_XBOX = $TABINDEX++; //Messages, and the [X] box, not displayed until later. echo '
'; Load_Selected_Page(); //footer... if ($_SESSION['valid']) { //Countdown timer echo '
'; echo ''; echo ''.hsc($_['time_out_txt']).'  '; //Adjust tabindex to account for [m][c][d][x] and file names in directory list. //(Directory list created via js, so $TAB_INDEX is also passed to, and handled by, js at that point.) if (isset($DIRECTORY_COUNT)) {$TAB_INDEX = "tabindex=".($TABINDEX + ($DIRECTORY_COUNT * 5));} else {$TAB_INDEX = ""; } //Admin link if ( ($_SESSION['admin_page'] === false) ) { echo ''.hsc($_['Admin']).''; } }//end footer echo '
'; //end main/login_page echo "\n"; if ( ($page == "edit") && $WYSIWYG_VALID && $EDIT_WYSIWYG ) { include($WYSIWYG_PLUGIN_OS); } //Display any $MESSAGE's echo ''; //start any timers... if ($_SESSION['valid']) { echo Timeout_Timer($MAX_IDLE_TIME, 'timer0', 'LOGOUT'); } if ($page == 'edit') { echo Timeout_Timer($MAX_IDLE_TIME, 'timer1', 'LOGOUT'); } if ($LOGIN_DELAYED > 0) { echo Timeout_Timer($LOGIN_DELAYED, 'timer0', ''); } //##### END OF FILE ############################################################ //##### Header (UTF-8) for [View Raw] incorrect or not getting sent?? //##### If file has non-ascii characters, browers display in ISO-8859-1/Windows-1252, //##### Except IE, which asks to download the file... //##### When browsers manually set to UTF-8, files display fine.