forked from DirectoryLister/DirectoryLister
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.php
171 lines (141 loc) · 4.93 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
<?php
// Include the DirectoryLister class
require_once('resources/DirectoryLister.php');
// Initialize the DirectoryLister object
$lister = new DirectoryLister();
// Restrict access to current directory
ini_set('open_basedir', getcwd());
// Appearantly using readfile(); can cause problems. Large files, which exceeds PHP's memory_limit, are most likely to fail.
// Chunking the readfile solves this problem.
// Credits to Rob Funk - http://www.php.net/manual/en/function.readfile.php#48683
function readfile_chunked ($fname)
{
$chunksize = 1*(1024*1024); // how many bytes per chunk
$buffer = '';
$handle = fopen($fname, 'rb');
if ($handle === false) {
return false;
}
while (!feof($handle)) {
$buffer = fread($handle, $chunksize);
print $buffer;
}
return fclose($handle);
}
function getFileExt($fname)
{
return explode('.', $fname)[1];
}
// Return file hash
if (isset($_GET['hash']))
{
// Get file hash array and JSON encode it
$hashes = $lister->getFileHash($_GET['hash']);
$data = json_encode($hashes);
// Return the data
die($data);
}
if (isset($_GET['zip']))
{
$dirArray = $lister->zipDirectory($_GET['zip']);
}
else if(isset($_GET['file']))
{
$path = __DIR__;
// Get name of file to be downloaded
$fname = $_GET['file'];
//Check for various invalid files, and loop holes like ../ and ./
if($fname == '.' || $fname == './' || !file_exists($fname) || empty($fname) || preg_match('/\..\/|\.\/\.|resources/',$fname))
{
echo "Invalid File or File Not Specified";
exit(0);
}
else
{
// Init temporary array to handle data
$downloads = array();
// Now it should exist regardless
if (file_exists($path."/resources/log") !== false)
{
$file = $path."/resources/log";
$downloads = array();
// Get file contents into array
$log_content = unserialize(file_get_contents($file));
if ($log_content != null && $log_content != "" && $log_content != " " && count($log_content) != 0)
{
$downloads = $log_content;
}
// Check if the key or filename already is in the array else append it
if (array_key_exists($fname, $downloads))
{
$downloads[$fname] += 1;
}
else
{
$downloads[$fname] = 1;
}
file_put_contents($file, serialize($downloads));
}
// Initiate force file download
// fix for IE catching or PHP bug issue
@header("Pragma: public");
@header("Expires: 0"); // set expiration time
@header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
// browser must download file from server instead of cache
// force download dialog
@header("Content-Type: application/force-download");
@header("Content-Type: application/octet-stream");
@header("Content-Type: application/download");
// use the Content-Disposition header to supply a recommended filename and
// force the browser to display the save dialog.
@header("Content-Disposition: attachment; filename=\"".basename($fname)."\";" );
/*
The Content-transfer-encoding header should be binary, since the file will be read
directly from the disk and the raw bytes passed to the downloading computer.
The Content-length header is useful to set for downloads. The browser will be able to
show a progress meter as a file downloads. The content-lenght can be determines by
filesize function returns the size of a file.
*/
@header("Content-Transfer-Encoding: binary");
@header("Content-Length: ".filesize($fname));
@readfile_chunked($fname);
}
}
else
{
// Initialize the directory array
if (isset($_GET['dir'])) {
if(isset($_GET['by'])){
if(isset($_GET['order'])){
$dirArray = $lister->listDirectory($_GET['dir'],$_GET['by'],$_GET['order']);
} else {
$dirArray = $lister->listDirectory($_GET['dir'],$_GET['by'],'asc');
}
} else {
$dirArray = $lister->listDirectory($_GET['dir'],'name', 'asc');
}
} else {
if(isset($_GET['by'])){
if(isset($_GET['order'])){
$dirArray = $lister->listDirectory('.',$_GET['by'],$_GET['order']);
} else {
$dirArray = $lister->listDirectory('.',$_GET['by'],'asc');
}
} else {
$dirArray = $lister->listDirectory('.','name', 'asc');
}
}
// Define theme path
if (!defined('THEMEPATH')) {
define('THEMEPATH', $lister->getThemePath());
}
// Set path to theme index
$themeIndex = $lister->getThemePath(true) . '/index.php';
// Initialize the theme
if (file_exists($themeIndex)) {
include($themeIndex);
} else {
die('ERROR: Failed to initialize theme');
}
}
?>