From f549f6ddfb5b59df5dfc29077ac25a2499071c4f Mon Sep 17 00:00:00 2001 From: Daniel Winzen Date: Sun, 6 Aug 2017 15:35:47 +0200 Subject: [PATCH] Added web based FileManager --- var/www/html/files.php | 375 +++++++++++++++++++++++++++++++++++++++++ var/www/html/home.php | 5 +- var/www/html/index.php | 2 +- 3 files changed, 379 insertions(+), 3 deletions(-) create mode 100644 var/www/html/files.php diff --git a/var/www/html/files.php b/var/www/html/files.php new file mode 100644 index 0000000..af80bc7 --- /dev/null +++ b/var/www/html/files.php @@ -0,0 +1,375 @@ +PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]); +}catch(PDOException $e){ + die('No Connection to MySQL database!'); +} +session_start(); +$user=check_login(); +if(!empty($_POST['ftp_pass'])){ + $_SESSION['ftp_pass']=$_POST['ftp_pass']; +} +if(empty($_SESSION['ftp_pass'])){ + send_login(); + exit; +} +$ftp=ftp_connect('127.0.0.1') or die ('No Connection to FTP server!'); +if(!ftp_login($ftp, "$user[onion].onion", $_SESSION['ftp_pass'])){ + send_login(); + exit; +} +//prepare reusable data +const SUFFIX=['B', 'KiB', 'MiB', 'GiB']; +const TYPES=[ +'jpg'=>'img', +'psd'=>'img', +'jpeg'=>'img', +'png'=>'img', +'svg'=>'img', +'gif'=>'img', +'bmp'=>'img', +'ico'=>'img', +'m4v'=>'vid', +'webm'=>'vid', +'avi'=>'vid', +'flv'=>'vid', +'mpg'=>'vid', +'mpeg'=>'vid', +'wmv'=>'vid', +'ogm'=>'vid', +'ogv'=>'vid', +'mp4'=>'vid', +'mov'=>'vid', +'3gp'=>'vid', +'m4a'=>'snd', +'mp3'=>'snd', +'flac'=>'snd', +'ogg'=>'snd', +'oga'=>'snd', +'wav'=>'snd', +'wma'=>'snd', +'bin'=>'bin', +'exe'=>'bin', +'tgz'=>'zip', +'gz'=>'zip', +'zip'=>'zip', +'bz'=>'zip', +'bz2'=>'zip', +'xz'=>'zip', +'rar'=>'zip', +'tar'=>'zip', +'7z'=>'zip', +'xlsx'=>'doc', +'xsl'=>'doc', +'xml'=>'doc', +'doc'=>'doc', +'docx'=>'doc', +'html'=>'doc', +'htm'=>'doc', +'shtml'=>'doc', +'pdf'=>'doc', +'mobi'=>'doc', +'epub'=>'doc', +'odt'=>'doc', +'ods'=>'doc', +'odp'=>'doc', +'txt'=>'txt', +'csv'=>'txt', +'md'=>'txt', +'sh'=>'sh', +'js'=>'sh', +'pl'=>'sh', +'py'=>'sh', +'php'=>'sh', +'phtml'=>'sh', +'asp'=>'sh', +]; +if(!isset($_REQUEST['C']) || !in_array($_REQUEST['C'], array('M', 'N', 'S'))){ + $sort='N'; +}else{ + $sort=$_REQUEST['C']; +} +if(!isset($_REQUEST['O']) || !in_array($_REQUEST['O'], array('A', 'D'))){ + $order='A'; +}else{ + $order=$_REQUEST['O']; +} +if(!empty($_REQUEST['path'])){ + $dir='/'.trim(rawurldecode($_REQUEST['path']),'/').'/'; + $dir=str_replace('..', '\.\.', $dir); + $dir=preg_replace('~//+~', '/', $dir); +}else{ + $dir='/'; +} +if(@!ftp_chdir($ftp, $dir)){ + $dir=rtrim($dir, '/'); + if(@ftp_fget($ftp, $tmpfile=tmpfile(), $dir, FTP_BINARY)){ + //output file + header('Content-Type: ' . mime_content_type($tmpfile)); + header('Content-Disposition: filename="'.basename($dir).'"'); + header('Content-Length: ' . fstat($tmpfile)['size']); + header('Cache-Control: no-cache, no-store, must-revalidate, max-age=0, private'); + header('Expires: 0'); + header('Pragma: no-cache'); + rewind($tmpfile); + while (($buffer = fgets($tmpfile, 4096)) !== false) { + echo $buffer; + } + }else{ + send_not_found(); + } + fclose($tmpfile); + exit; +} + +if(!empty($_POST['mkdir']) && !empty($_POST['dirname'])){ + ftp_mkdir($ftp, $_POST['dirname']); +} + +if(!empty($_POST['delete']) && !empty($_POST['files'])){ + foreach($_POST['files'] as $file){ + ftp_recursive_delete($ftp, $file); + } +} + +if(!empty($_POST['rename_2']) && !empty($_POST['files'])){ + foreach($_POST['files'] as $old=>$new){ + ftp_rename($ftp, $old, $new); + } +} + +if(!empty($_POST['rename']) && !empty($_POST['files'])){ + send_rename($dir); + exit; +} + +if(!empty($_POST['unzip']) && !empty($_POST['files'])){ + $zip = new ZipArchive(); + foreach($_POST['files'] as $file){ + if(!preg_match('/\.zip$/', $file)){ + continue; + } + $tmpfile='/tmp/'.uniqid().'.zip'; + ftp_get($ftp, $tmpfile, $file, FTP_BINARY); + $zip->open($tmpfile); + $tmpdir='/tmp/'.uniqid().'/'; + mkdir($tmpdir); + $zip->extractTo($tmpdir); + ftp_recursive_upload($ftp, $tmpdir); + rmdir($tmpdir); + $zip->close(); + } +} + + +if(!empty($_FILES['file'])){ + ftp_put($ftp, $dir.$_FILES['file']['name'], $_FILES['file']['tmp_name'], FTP_BINARY); + unlink($_FILES['file']['tmp_name']); +} + + + +$files=$dirs=[]; +$list=ftp_rawlist($ftp, '.'); +foreach($list as $file){ + preg_match('/^([^\s]*)\s+([^\s]*)\s+([^\s]*)\s+([^\s]*)\s+([^\s]*)\s+([^\s]*)\s+([^\s]*)\s+([^\s]*)\s+(.*)$/', $file, $match); + if($match[0][0]==='d'){ + $dirs[$match[9]]=['name'=>"$match[9]/", 'mtime'=>strtotime("$match[6] $match[7] $match[8]"), 'size'=>'-']; + }else{ + $files[$match[9]]=['name'=>$match[9], 'mtime'=>ftp_mdtm($ftp, $match[9]), 'size'=>$match[5]]; + } +} + +//sort our files +if($sort==='M'){ + $list=array_merge($dirs, $files); + usort($list, function($a, $b) { + if ($a['mtime'] === $b['mtime']) { + return 0; + } + return ($a['mtime'] < $b['mtime']) ? -1 : 1; + }); +}elseif($sort==='S'){ + ksort($dirs, SORT_STRING | SORT_FLAG_CASE); + usort($files, function($a, $b) { + if ($a['size'] === $b['size']) { + return 0; + } + return ($a['size'] < $b['size']) ? -1 : 1; + }); + $list=array_merge($dirs, $files); +}else{ + $list=array_merge($dirs, $files); + ksort($list, SORT_STRING | SORT_FLAG_CASE); +} + +//order correctly +if($order==='D'){ + $list=array_reverse($list); +} + +$dir=htmlspecialchars($dir); +?> + + + + +Daniel's Hosting - FileManager - Index of <?php echo $dir; ?> + + +

Index of

+ +

Upload up to 1GB and up to 100 files at once


+ +
+ +

+ + + +
+ + + + + + + + +"; +} +?> + +
FileLast ModifiedSize
">Parent Directory
'.htmlspecialchars($element['name']).''.date("Y-m-d H:i", $element['mtime'])."$element[size]
+ + +

+
+ +'; + echo '404 Not Found'; + echo ''; + echo ''; + echo ''; + echo '

The requested file '.htmlspecialchars($_REQUEST['path']).' was not found on your account.

'; + echo '

Go back to home directory.

'; + echo ''; +} + +function send_login(){ + echo ''; + echo 'Daniel\'s Hosting - FileManager - Login'; + echo ''; + echo ''; + echo ''; + echo '

Please type in your system account password:

'; + echo '

Go back to dashboard.

'; + echo ''; +} + +function ftp_recursive_upload($ftp, $path){ + $dir = dir($path); + while(($file = $dir->read()) !== false) { + if(is_dir($dir->path.$file)) { + if($file === '.' || $file === '..'){ + continue; + } + if(@!ftp_chdir($ftp, $file)){ + ftp_mkdir($ftp, $file); + ftp_chdir($ftp, $file); + } + ftp_recursive_upload($ftp, $dir->path.$file.'/'); + ftp_chdir($ftp, '..'); + rmdir($dir->path.$file); + }else{ + ftp_put($ftp, $file, $dir->path.$file, FTP_BINARY); + unlink($dir->path.$file); + } + } + $dir->close(); +} + +function ftp_recursive_delete($ftp, $file){ + if(@ftp_chdir($ftp, $file)){ + $list = ftp_nlist($ftp, '.'); + foreach($list as $tmp){ + ftp_recursive_delete($ftp, $tmp); + } + ftp_chdir($ftp, '..'); + ftp_rmdir($ftp, $file); + }else{ + ftp_delete($ftp, $file); + } +} + +function send_rename($dir){ + echo ''; + echo 'Daniel\s Hosting - FileManager - Rename file'; + echo ''; + echo ''; + echo ''; + echo '
'; + echo ''; + echo ''; + foreach($_POST['files'] as $file){ + echo ''; + } + echo '
'.htmlspecialchars($file).'
'; + echo '
'; + echo '

Go back.

'; + echo ''; +} diff --git a/var/www/html/home.php b/var/www/html/home.php index 8f5aa06..541e8db 100644 --- a/var/www/html/home.php +++ b/var/www/html/home.php @@ -13,13 +13,13 @@ echo 'Daniel\'s Hosting - Dashboard'; echo ''; echo ''; echo ''; -echo "

Logged in as $user[username] Logout | Change passwords | Delete account

"; +echo "

Logged in as $user[username] Logout | Change passwords | FileManager | Delete account +

"; $mail=0; if(file_exists("/home/$user[onion].onion/Maildir/new/")){ $mail=count(scandir("/home/$user[onion].onion/Maildir/new/"))-2; } echo "

Enter system account password to check your $user[onion].onion@" . ADDRESS . " mail ($mail new):

"; -echo '

There is no Web-based file management yet, you\'ll need to use an FTP client like FileZilla (Torify FileZilla) for now, to manage files. A web based file manager is planned.

'; echo '

Domain

'; echo ''; echo ''; @@ -46,6 +46,7 @@ foreach(SERVERS as $server=>$tmp){ } echo '
OnionPrivate key
'; echo '

Change system account password

'; +echo '

You can use the FileManager for web based file management.

'; echo '

Logs

'; echo ''; echo ''; diff --git a/var/www/html/index.php b/var/www/html/index.php index 6abe401..b9da39a 100644 --- a/var/www/html/index.php +++ b/var/www/html/index.php @@ -16,7 +16,7 @@ header('Content-Type: text/html; charset=UTF-8');
  • SQLite support
  • 1 MariaDB (MySQL) database
  • PHPMyAdmin and Adminer for web based database administration
    • -
  • No Web-based file management yet, you'll need to use an FTP client like FileZilla (Torify FileZilla) for now, to manage files. A web based file manager is planned.
    • +
  • Web-based file management
  • FTP access
  • SFTP access
  • No disk quota
    • Dateaccess.logerror.log