| class filebrowser {
/*  File Browser Class by Andy Gajetzki [email protected] 
Security problem - Since PHP is above any access restrictions it will read any directory.
         Eg. /cgi-bin/
If $dir has starting or trailing /, wont work
Any comments/suggestions/flames
$lisdirectory = new filebrowser;
$lisdirectory->fmtdir("$argv[0]", $SERVER_NAME, $DOCUMENT_ROOT, $PHP_SELF);
*/
    function fmtdir($dir,$SERVER_NAME,$DOCUMENT_ROOT,$PHP_SELF) {
        #some vars
        $linesep = "<br>";
        $imagepath = "/icons";  ##Relative to http://localhost/
        $homedir = "/projects/browser"; ##Reolative to http://localhost/
        #strip trailing / in path
        $docroot = (substr($DOCUMENT_ROOT, 0, (strrpos($DOCUMENT_ROOT, "/"))));
        $path = "$docroot$dir";
        $self = basename($PHP_SELF);
        ##Is the passed value a dir? If it is not, catch inf loop
        if (($validdir=is_dir($path)) == true) {
            ## One of those  Home > Blah > Blah > . COuldnt get it to work.
            ##Its a directory, so...
            if ($dir == ""){ }
            ##Build directory tree
            else { }
            print("<table width=\"100%\" cellpadding=\"1\" cellspacing=\"0\" border=\"0\">");
            #sort dir / and fmt contents
            $handle=opendir($path);
            while ($file = readdir($handle))
            $filelist[count($filelist)] = $file;
            sort($filelist);
            closedir($handle);
            clearstatcache ();
            for ($incr = 0; $incr < (sizeof($filelist)); $incr++) {
                $file = $filelist[$incr];
                #stuff for images
                #make sure we determine image with last extension. eg. blah.ixml.php
                #Its very easy to add extra filetype's.
                $fileext=explode(".", $filelist[$incr]);
                if (($fileext[(sizeof($fileext)) - 1]) !== "DONTMATCHTHISPLEASEORELSE") {$image = "plain.gif";}
                if (($fileext[(sizeof($fileext)) - 1]) == "txt") {$image = "txt.gif";}
                if (($fileext[(sizeof($fileext)) - 1]) == "zip") {$image = "zip.gif";}
                if (($fileext[(sizeof($fileext)) - 1]) == "html") {$image = "html.gif";}
                if (($fileext[(sizeof($fileext)) - 1]) == "pdf") {$image = "pdf.gif";  }
                if (($fileext[(sizeof($fileext)) - 1]) == "ps") {$image = "ps.gif";}
                if (($fileext[(sizeof($fileext)) - 1]) == "php") {$image = "php.gif";}
                if (($fileext[(sizeof($fileext)) - 1]) == "gif") {$image = "gif.gif";}
                if (($fileext[(sizeof($fileext)) - 1]) == "jpg") {$image = "jpg.gif";}
                ##All is good, except "." and ".." showing, so away with them...
                ##Also, show directories as links to this class, so there not view with the browser.
                $doutput = "
                <tr><td width=\"1%\" align=\"left\">
                <a href=\"$homedir/$self?$dir$file\"><img hspace=\"5\" width=\"16\" height=\"16\" src=\"$imagepath/folder.gif\" border=\"0\"></a>
                <td width=\"33%\" align=\"left\"><a href=\"$homedir/$self?$dir/$file\">$file</a></td></td>
                <td width=\"20%\" align=\"right\" nowrap><DIR>    </td>
                <td width=\"5%\" align=\"right\"> </td>
                <td width=\"20%\" align=\"right\" nowrap>" . (date('F j, Y, h:i a', (fileatime("$path/$file")))) . "</td>
                <td width=\"29%\" align=\"right\"> </td>
                </tr>";
                $foutput = "
                <tr><td width=\"1%\" align=\"left\">
                <a href=\"$dir/$file\"><img hspace=\"5\" width=\"16\" height=\"16\" src=\"$imagepath/$image\"" . " border=\"0\"></a>
                <td width=\"33%\" align=\"left\"><a href=\"$dir/$file\">$file</a></td></td>
                <td width=\"20%\" align=\"right\" nowrap> " . round((filesize("$path/$file") /1024)) . " kb </td>
                <td width=\"5%\" align=\"right\"> </td>
                <td width=\"20%\" align=\"right\" nowrap>" . (date('F j, Y, h:i a', (fileatime("$path/$file")))) .  " </td>
                <td width=\"29%\" align=\"right\"> </td>
                </tr>";
                $curfile = "$path/$file" ;
                if (($file !== ".") && ($file !== "..") &&  (($isitadir=is_dir($curfile)) == true))
                    print($doutput);
                if (($file !== ".") && ($file !== "..") && (($isitadir=is_file($curfile)) == true))
                    print($foutput);
            }
            print("</table>");
            }
            else { print("Fail: Not a directory");}
            }
}
 |