<?php
require_once('class.phpmyfileeditor.php');
//Base Directory which will be used to scan files/folders to be editable
$config['dir']['base'] = 'test';
$config['access']['user'] = 'admin';//This will be used to create .htpasswd file
$config['access']['pass'] = 'admin';//This will be used to create .htpasswd file
//Get File, Directory to be scanned
$file = filter_input(INPUT_GET,'file',FILTER_SANITIZE_STRING);
$dir = filter_input(INPUT_GET,'dir',FILTER_SANITIZE_STRING);
$remove = filter_input(INPUT_GET,'remove',FILTER_VALIDATE_INT);
$newfile = filter_input(INPUT_POST,'newfile',FILTER_SANITIZE_STRING);
$submitfile = filter_input(INPUT_POST,'submitfile',FILTER_SANITIZE_STRING);
$submitdir = filter_input(INPUT_POST,'submitdir',FILTER_SANITIZE_STRING);
//FileContents is submitted by form which will have contents to update the file
$fileContents = filter_input(INPUT_POST,'filecontents',FILTER_UNSAFE_RAW);
$errMsg = $errClass = '';
//Check for .. in Directory name
//This is to prevent users adding that in directory name and getting list of parent directories above directory listed in config
$listDir = explode('/',str_replace('\\','/',$dir));
$listFile = explode('/',str_replace('\\','/',$file));
if(in_array('..',$listDir) || in_array('..',$listFile)){
exit('.. not allowed in the path');
}
try{
//Start using My PHP File Editor class
$fileEditor = new PhpMyFileEditor($config);
}catch(DirNotFoundException $e){
$errMsg = $e->getMessage();
}
if($newfile != ''){
try{
if($submitfile != ''){
$fileEditor->createNewFile(($dir=='')?$newfile:$dir.'/'.$newfile);
$errMsg = 'File was created!';
}elseif($submitdir != ''){
$fileEditor->createNewDirectory(($dir=='')?$newfile:$dir.'/'.$newfile);
$errMsg = 'Directory was created!';
}
$errClass = 'success';
$file = $dir.'/'.$newfile;//Change $file so this file can be edited right away
//Redirect users while setting new file and directory name set in URL so users can start editing it right away
//Just setting $file to new value won't work because edit form uses INPUT_GET for $file and with new file submission, that is not set in URL
header('Location: '.$fileEditor->getLink($_SERVER['SCRIPT_NAME'],array('file'=>($dir=='')?$newfile:$dir.'/'.$newfile,'dir'=>$dir)));
exit;
}catch(AlreadyExistsException $e){
$errMsg = $e->getMessage();
$errClass = 'error';
}
}
//If File to be edited was set and File contents were submitted via form then update that file
if($fileContents != ''){
try{
$fileEditor->updateFile($file,$fileContents);
$errMsg = 'File was updated!';
$errClass = 'success';
}catch(FileExistsException $e){
$errMsg = $e->getMessage();
$errClass = 'error';
}
}
//Remove directory/file
if($remove == 1){
$toRemove = ($file == '')?$dir:$file;
if($fileEditor->removeDirFile($toRemove)){
$errMsg = 'Removal Sucessful!';
$errClass = 'success';
header('Location: '.$fileEditor->getLink($_SERVER['SCRIPT_NAME'],array('dir'=>(dirname($toRemove) == '.'?'':dirname($toRemove)))));
exit;
}else{
$errMsg = 'Some error occured!';
$errClass = 'error';
}
}
//Get left nav based on directory selected by user
//At first, it will use base directory
$leftNav = (isset($fileEditor) && is_object($fileEditor))?$fileEditor->getLeftNav($dir):'';
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>PHP My File Editor</title>
<style type="text/css">
body{
margin:0;
padding:0;
line-height: 1.5em;
}
b{font-size: 110%;}
em{color: red;}
#maincontainer{
width: 100%; /*Width of main container*/
margin: 0 auto; /*Center container on page*/
}
#topsection{
background: #EAEAEA;
height: 90px; /*Height of top section*/
}
#topsection h1{
margin: 0;
padding-top: 15px;
}
#contentwrapper{
float: left;
width: 78%;
}
#contentcolumn{
margin-left: 0%; /*Set left margin to LeftColumnWidth*/
margin-right: 2%;
}
#leftcolumn{
float: left;
width: 15%; /*Width of left column*/
background: #C8FC98;
}
#footer{
clear: left;
width: 100%;
background: black;
color: #FFF;
text-align: center;
padding: 4px 0;
}
#footer a{
color: #FFFF80;
}
.innertube{
margin: 10px; /*Margins for inner DIV inside each column (to provide padding)*/
margin-top: 0;
}
.info, .success, .warning, .error, .validation {
border: 1px solid;
margin: 10px 0px;
padding:15px 10px 15px 50px;
background-repeat: no-repeat;
background-position: 10px center;
width:50%;
}
.info {
color: #00529B;
background-color: #BDE5F8;
background-image: url('info.png');
}
.success {
color: #4F8A10;
background-color: #DFF2BF;
background-image:url('success.png');
}
.warning {
color: #9F6000;
background-color: #FEEFB3;
background-image: url('warning.png');
}
.error {
color: #D8000C;
background-color: #FFBABA;
background-image: url('error.png');
}
</style>
</head>
<body>
<div id="maincontainer">
<div id="topsection"><div class="innertube"><h1>PHP My File Editor</h1></div></div>
<div id="leftcolumn">
<div class="innertube"><?php echo $leftNav;?>
<form name="newfile" method="post">
<input type="text" name="newfile" value="">
<input type="submit" name="submitfile" value="Create New File"><br>
<input type="submit" name="submitdir" value="Create New Directory">
</form>
</div>
</div>
<div id="contentwrapper">
<div id="contentcolumn">
<div class="innertube">
<?php
if($errMsg != ''){
echo '<div class="info '.$errClass.'">'.$errMsg.'</div>';
}
?>
<?php
if(is_file($config['dir']['base'].'/'.$file)){
?>
<form name="update" method="post">
<input type="hidden" name="file" value="<?php echo $file;?>">
<label for="filecontents">File: <strong><a target="_blank" href="<?php echo $config['dir']['base'].'/'.$file;?>"><?php echo $config['dir']['base'].'/'.$file;?></a></strong></label><br>
<textarea name="filecontents" rows="20" cols="100"><?php echo file_get_contents($config['dir']['base'].'/'.$file);?></textarea><br>
<input type="submit" name="submit" value="Update File">
</form>
<?php
}
?>
</div>
</div>
</div>
<div id="footer"><a href="http://www.rattanpal.com/">Jaswinder Rattanpal</a></div>
</div>
</body>
</html>
|