Check the $base_dir variable.'); } if (!$sub_folder_access || $subdir == '/') { $subdir = ''; } else if (preg_match('#[^/\\\\]$#', $subdir)) { $subdir .= '/'; //add a slash to the end if there isn't one } $dir = $base_dir.$subdir; //this will be displayed before any HTML output $html_heading = ''; if ($index == '') { $html_heading .= ' '; } if ($stylesheet != '') { $html_heading .= "\n\n"; } if ($index == '') { $html_heading .= "\n
 Login:',
"\n |
![', $words['search'], '](', $icon_path,
'/search.png){kind=small} ',
$words['search'], ": |
Redirection header could not be sent.
'
."Continue here: $site
![\"[$ext]\"](\"$icon_path/$icon.png\")
";
}
function display_thumbnail($file, $thumbnail_height)
{
global $html_heading;
if (!@is_file($file))
{
header('HTTP/1.0 404 Not Found');
die("$html_headingFile not found: ".htmlentities($file).'
'); } switch (ext($file)) { case 'gif': $src = @imagecreatefromgif($file); break; case 'jpeg': case 'jpg': case 'jpe': $src = @imagecreatefromjpeg($file); break; case 'png': $src = @imagecreatefrompng($file); break; default: die("$html_headingUnsupported file extension.
"); } if ($src === false) { die("$html_headingUnsupported image type.
"); } header('Content-Type: image/jpeg'); header('Cache-Control: public, max-age=3600, must-revalidate'); header('Expires: '.gmdate('D, d M Y H:i:s', time()+3600).' GMT'); $src_height = imagesy($src); if ($src_height <= $thumbnail_height) { imagejpeg($src, '', 95); } else { $src_width = imagesx($src); $thumb_width = $thumbnail_height * ($src_width / $src_height); $thumb = imagecreatetruecolor($thumb_width, $thumbnail_height); imagecopyresampled($thumb, $src, 0, 0, 0, 0, $thumb_width, $thumbnail_height, $src_width, $src_height); imagejpeg($thumb); imagedestroy($thumb); } imagedestroy($src); die(); } function edit_description($fn, &$desc) //edits a file's description { global $description_file, $html_heading; if ($description_file == '') { return; } $wrote = false; $l = @file($description_file) or $l = array(); $h = @fopen($description_file, 'wb') or die("$html_headingCannot open description file for writing.
"); $count_num = count($l); for ($i=0; $i<$count_num; $i++) { $items = explode('|', rtrim($l[$i]), 2); if (count($items) === 2 && $fn == $items[0]) { fwrite($h, "$fn|$desc\n"); $wrote = true; } else { fwrite($h, $l[$i]); } } if (!$wrote && $desc != '') { fwrite($h, "$fn|$desc\n"); } fclose($h); } function add_to_file($item, $outfile) { global $html_heading; $counted = false; if ($l = @file($outfile)) { $count_num = count($l); for ($i=0; $i<$count_num; $i++) { $thisc = rtrim($l[$i]); if ($item == substr($thisc, 0, strpos($thisc, '|'))) { $counted = true; break; } } } if ($counted) { $w = @fopen($outfile, 'wb') or die("$html_headingCould not open $outfile file for writing.
"); for ($i=0; $i<$count_num; $i++) { $items = explode('|', rtrim($l[$i]), 2); if (count($items) === 2 && $items[0] == $item) { $nc = $items[1] + 1; fwrite($w, "$item|$nc\n"); } else { fwrite($w, $l[$i]); } } } else { $w = @fopen($outfile, 'ab') or die("$html_headingCould not open $outfile file for writing.
"); fwrite($w, "$item|1\n"); } fclose($w); } function get_stored_info($item, $filename) { if ($contents = @file($filename)) { $count_num = count($contents); for ($i=0; $i<$count_num; $i++) { $items = explode('|', rtrim($contents[$i]), 2); if (count($items) === 2 && $item == $items[0]) { return $items[1]; } } } return ''; } function table_heading($title, $sortMode, $tooltip) { global $this_file, $subdir; echo "\nInvalid Login.
'; if ($log_file != '' && ok_to_log()) { if ($write = @fopen($log_file, 'ab')) { fwrite($write, date($date_format)."\t".date('H:i:s') ."\t$ip\t$host\t$referrer\t$dir\tInvalid Login (username: " .$_POST['user'].")\n"); fclose($write); } } sleep(1); //"freeze" the script for a second to prevent brute force attacks } } if ($use_login_system && $must_login_to_download && !logged_in()) //must login to download { echo $html_heading; show_header(); echo 'You must login to download and view files.
'; show_login_box(); show_footer(); die(); } if ($md5_show && isset($_GET['md5'])) { $file = $dir.eval_dir(rawurldecode($_GET['md5'])); if (!@is_file($file)) { header('HTTP/1.0 404 Not Found'); die($html_heading.'Error: file does not exist.
'); } $size = (int)@filesize($file); if ($size <= 0 || $size/1048576 > $md5_show) { die($html_heading.'Error: empty file, or file too big to find the md5sum of (according to the $md5_show variable).
'); } die(md5_file($file)); } if ($thumbnail_height > 0 && isset($_GET['thumbnail']) && $_GET['thumbnail'] != '') { $file = $dir.eval_dir(rawurldecode($_GET['thumbnail'])); display_thumbnail($file, $thumbnail_height); } if (isset($_GET['sort'])) { $_SESSION['sort'] = $_GET['sort']; } else if (!isset($_SESSION['sort'])) { //'a' is ascending, 'd' is descending $_SESSION['sort'] = 'a'; } if (isset($_GET['sortMode'])) { $_SESSION['sortMode'] = $_GET['sortMode']; } else if (!isset($_SESSION['sortMode'])) { /* * 'f' is filename * 't' is filetype * 'h' is downloads (hits) * 's' is size * 'm' is date (modified) * 'd' is description */ $_SESSION['sortMode'] = 'f'; } //size of the "chunks" that are read at a time from the file (when $force_download is on) $speed = ($bandwidth_limit ? $bandwidth_limit : 8); if ($folder_expansion) { if (!isset($_SESSION['expanded'])) { $_SESSION['expanded'] = array(); } if (isset($_GET['expand']) && $_GET['expand'] != '') { $temp = $dir.eval_dir(rawurldecode($_GET['expand'])); if (@is_dir($temp) && !in_array($temp, $_SESSION['expanded'])) { $_SESSION['expanded'][] = $temp; } } if (isset($_GET['collapse']) && $_GET['collapse'] != '') { $temp = $dir.eval_dir(rawurldecode($_GET['collapse'])); if (in_array($temp, $_SESSION['expanded'])) { array_splice($_SESSION['expanded'], array_search($temp, $_SESSION['expanded']), 1); } } } if ($allow_uploads && (!$use_login_system || logged_in())) //upload a file { if ($count_files = count($_FILES)) { echo $html_heading; show_header(); $uploaded_files = $errors = ''; for ($i=0; $i<$count_files; $i++) { $filename = get_basename($_FILES[$i]['name']); if ($filename == '') { continue; } if (is_hidden($filename)) { $errors .= "[None]'; } if ($uploaded_files == '') { $uploaded_files = '
[None]'; } echo "
Uploaded files: $uploaded_files
Failed files: $errors
", ''; show_footer(); die(); } else if (isset($_POST['numUpload'])) { echo $html_heading; show_header(); echo "| Enter the name of the folder you would like to create: |
| Enter the new description for the file $filen: |
| ';
if ($links_file == '')
{
echo ' The link system is not in use. Link added. '; } else { echo 'Could not open links_file for writing. '; } } else if (isset($_GET['remove'])) { if (($list = @file($dir.$links_file)) && ($handle = @fopen($dir.$links_file, 'wb'))) { for ($i=0; $iCould not open links_file. '; } } else { echo 'Add a new link:for the directory ', htmlentities($dir),
" |
',
'Remove a link:', "'; } echo ' |
Please go back and enter a file to copy.
', $con; show_footer(); die(); } $remote = $_GET['protocol'].$_GET['copyFile']; $local = $dir.get_basename($remote); if (!$allow_file_overwrites && @file_exists($local)) { echo "File already exists: $local$con"; show_footer(); die(); } $r = @fopen($remote, 'rb') or die("Cannot open remote file for reading: $remote
$con"); $l = @fopen($local, 'wb') or die("Cannot open local file for writing: $local
$con"); while (true) { $temp = fread($r, 8192); if ($temp === '') { break; } fwrite($l, $temp); } fclose($l); fclose($r); echo "Remote file $remote successfully copied to $local
$con"; show_footer(); die(); } else if (isset($_GET['copyURL'])) { echo $html_heading; show_header(); echo "| Enter the name of the remote file you would like to copy: |
| ';
$p = $dir.eval_dir(rawurldecode($_GET['rename']));
if (isset($_GET['newName']) && $_GET['newName'] != '')
{
$new_name = $dir.eval_dir(rawurldecode($_GET['newName']));
if ($p == $new_name)
{
$msg = 'The filename is unchanged for ';
}
else if (@rename($p, $new_name))
{
$msg = 'Rename successful for ';
if ($download_count != '')
{
$l = @file($download_count) or $l = array();
if ($h = @fopen($download_count, 'wb'))
{
for ($i=0; $i |
Renaming ', htmlentities($p), "
New Filename:
(you can also move the file by specifying a path)
| '; $_GET['delete'] = rawurldecode($_GET['delete']); $p = $dir.eval_dir($_GET['delete']); if (isset($_GET['sure'])) //delete the file { if (@is_dir($p)) { $msg = (rmdir_recursive($p) ? 'Folder successfully deleted: ' : 'Could not delete folder: '); } else if (@is_file($p)) { $msg = (@unlink($p) ? 'File successfully deleted: ' : 'Could not delete file: '); } else { $msg = 'File or folder does not exist: '; } } else //ask user for confirmation { $msg = 'Are you sure you want to delete '; $con = ''; } echo $msg, htmlentities($p), $con, ' |
Error including file $config_generator
"); } die(); } else { die("$html_headingFile $config_generator not found.
"); } } else if (isset($_GET['edit_ban'])) { echo $html_heading; show_header(); echo '| ';
if ($banned_list == '')
{
echo ' The banning system is not in use. Ban added. '; } else { echo 'Could not open ban_list file for writing. '; } } else if (isset($_GET['del_ban'])) { $del_ban = rtrim($_GET['del_ban']); if (($list = @file($banned_list)) && ($handle = @fopen($banned_list, 'wb'))) { for ($i=0; $iCould not open ban_list file. '; } } else { echo 'Add a new ban:', " |
',
'Remove a ban:'."'; } echo ' |
You must be logged in as an admin to access this page.
'; } else if ($log_file == '') { echo 'The logging system is not in use.
To turn it on, set the $log_file variable.
Last $num log entries (of $count_log".')
| Date | Time | IP | Hostname | Referrer | File/Folder Viewed | Other | |
|---|---|---|---|---|---|---|---|
| ', ($i + 1), ' | '; for ($j=0; $j<$num_entries; $j++) { echo '', (($j == 4 && $entries[4] != 'N/A') ? ''.htmlentities($entries[$j]).'' : htmlentities($entries[$j])).' | '; } if ($num_entries === 6) { echo ''; } echo ' |
File not found: {$path_to_language_files}country_codes.php
"); } $extensions = $dates = $unique_hits = $countries = array(); $total_hits = 0; $h = @fopen($log_file, 'rb') or die("Cannot open log file: $log_file
"); while (!feof($h)) { $entries = explode("\t", rtrim(fgets($h, 1024))); if (count($entries) > 5) { //find the number of unique visits if ($entries[5] == $base_dir) { $total_hits++; if (!in_array($entries[3], $unique_hits)) { $unique_hits[] = htmlentities($entries[3]); } //find country codes by hostnames $cc = ext($entries[3]); if (preg_match('/^[a-z]+$/i', $cc)) { add_num_to_array($cc, $countries); } //find the dates of the visits add_num_to_array($entries[0], $dates); } //find file extensions else if (($ext = ext($entries[5])) && preg_match('/^[\w-]+$/', $ext)) { add_num_to_array($ext, $extensions); } } } fclose($h); $num_days = count($dates); $avg = round($total_hits/$num_days); echo '| Total | Daily | |
|---|---|---|
| Hits | $total_hits | $avg", ' |
| Unique Hits | '.count($unique_hits).' | ', round(count($unique_hits)/$num_days), ' |
Percent Unique: ', number_format(count($unique_hits)/$total_hits*100, 1), '
'; arsort($extensions); arsort($countries); $date_nums = array_values($dates); echo '| Date | Hits That Day | Change From Previous Day | Difference From Average ('.$avg.') |
|---|---|---|---|
| $day | $num | $change_color$change | $diff_color$diff |
| Downloads based on file extensions | Total | Daily |
|---|---|---|
| $ext | $num | ", number_format($num/$num_days, 1), ' |
| Hostname ISP extension | Total | Daily |
|---|---|---|
| $c{$c_code} | $num | ", number_format($num / $num_days, 1), " |
| '
."
or view statistics. |
You must be logged in as an admin to access this page.
'; } else if (isset($_POST['username'], $_POST['password1'], $_POST['password2'], $_POST['admin'])) { $pwd_reg_exp = '^[A-Za-z0-9_-]+$'; if (strlen($_POST['password1']) < 6) { echo 'Password must be at least 6 characters long.
'; } else if (!ereg($pwd_reg_exp, $_POST['username'])) { echo 'The username must only contain alpha-numeric characters, underscores, or dashes.', 'It must match the regular expression: ', htmlentities($pwd_reg_exp), ''; } else if ($_POST['password1'] != $_POST['password2']) { echo '
Passwords do not match.
'; } else if (is_username($_POST['username'])) { echo 'That username already exists.
'; } else { $handle = @fopen($user_list, 'ab') or die("Could not open file $user_list for writing.
"); fwrite($handle, md5($_POST['password1']).$_POST['admin'].$_POST['username']."\n"); fclose($handle); echo 'User added. Continue.
'; } } else if (isset($_POST['deluser'], $_POST['doit'])) { if ($_POST['doit']) { if (is_user_admin($_POST['deluser']) && num_admins() < 2) { echo 'You cannot remove this user because it is the only admin.
Create another user with admin rights, then delete this user.
Could not open file $user_list for writing.
"); foreach ($global_user_list as $look) { if (strcasecmp($_POST['deluser'], substr(rtrim($look), 33)) !== 0) { fwrite($handle, $look); } } fclose($handle); echo 'User '.$_POST['deluser'].' has been removed. Continue.
'; } } else { echo '| ', 'Are you sure you want to remove ', $_POST['deluser'], "? |
Add a user: |
Delete a user: |
You must login to access this page.
'; } else if (isset($_POST['oldpass'], $_POST['newpass1'], $_POST['newpass2'])) { if (strlen($_POST['newpass1']) < 6) { echo 'New password too short (must be at least 6 characters).
'; } else if ($_POST['newpass1'] != $_POST['newpass2']) { echo 'New passwords do not match.
'; } else if (check_login($_SESSION['user'], md5($_POST['oldpass']))) { $handle = @fopen($user_list, 'wb') or die("Could not open file $user_list for writing.
"); foreach ($global_user_list as $look) { fwrite($handle, ((strcasecmp($_SESSION['user'] , substr(rtrim($look), 33)) === 0) ? md5($_POST['newpass1']).substr($look, 32) : $look)); } fclose($handle); echo 'Password for '.$_SESSION['user'].' has been changed.
You must now logout.
'; } else { echo 'Incorrect old password.
'; } } else { echo "Error 404: file not found
', htmlentities($dir . $file_dl), ' was not found on this server.'; show_footer(); die(); } if ($anti_leech && !isset($_SESSION['ref']) && ($referrer == 'N/A' || !stristr($referrer, $_SERVER['SERVER_NAME']))) { if ($log_file != '' && ok_to_log()) { if ($write = @fopen($log_file, 'ab')) { fwrite($write, date($date_format)."\t".date('H:i:s') ."\t$ip\t$host\t$referrer\t$dir$file_dl\tLeech Attempt\n"); fclose($write); } } $ref = (($referrer == 'N/A') ? 'typing it in the address bar...' : $referrer); echo $html_heading; show_header(); echo 'This PHP Script has an Anti-Leech feature turned on.
Make sure you are accessing this file directly from ', htmlentities($_SERVER['SERVER_NAME']), '', 'It seems you are trying to get it from ', "$ref
Your IP address has been logged.
$ip ($host)";
$index_link = 'http://'.$_SERVER['SERVER_NAME'].$this_file.'dir='.translate_uri($subdir);
echo '
Here is a link to the directory index the file is in:
', htmlentities($index_link), '
Error 401: permission denied
you cannot access ' .htmlentities($file_dl).' on this server.'); } $outname = get_basename($file_dl); $size = @filesize($dir.$file_dl); if ($size !== false) { header('Content-Length: '.$size); } header('Content-Type: '.find_mime_type(ext($outname)).'; name="'.$outname.'"'); header('Content-Disposition: attachment; filename="'.$outname.'"'); @set_time_limit(0); while (true) { $temp = @fread($fn, (int)($speed * 1024)); if ($temp === '') { break; } echo $temp; flush(); if ($bandwidth_limit) { sleep(1); } } fclose($fn); die(); } redirect(translate_uri($dir.$file_dl)); } if ($log_file != '' && ok_to_log()) //write to the logfile { if ($write = @fopen($log_file, 'ab')) { $log_str = date($date_format)."\t".date('H:i:s') ."\t$ip\t$host\t$referrer\t$dir"; if ($search != '') { $log_str .= "\tSearch: $search"; } fwrite($write, $log_str."\n"); fclose($write); } else { echo 'Error: Could not write to logfile.
'; } } if ($anti_leech && !isset($_SESSION['ref'])) { $_SESSION['ref'] = 1; } echo $html_heading; show_header(); if (!@is_dir($dir)) //make sure the subfolder exists { echo 'Error: The folder '.htmlentities($dir) .' does not exist.
'; $dir = $base_dir; $subdir = ''; } if ($enable_searching && $search != '') //show the results of a search { echo '',
$words['search results'], ' : ';
$results = search_dir($dir, $search);
natcasesort($results);
if ($_SESSION['sort'] == 'd' && $_SESSION['sortMode'] == 'f')
{
$results = array_reverse($results);
}
for ($i=0; $i [ ', $words['no results'], ' ] '; } echo '', $words['end of results'], ' (', count($results), ' ', $words['found'], ') |
', $words['index of'], ' ', htmlentities(substr(str_replace('/', ' / ', $base_dir), 0, -2)),
'/ ';
$exploded = explode('/', $subdir);
$c = count($exploded) - 1;
for ($i=0; $i<$c; $i++)
{
echo '', htmlentities($exploded[$i]), ' / ';
}
//begin the table
echo "
\n\n", '';
if ($icon_path != '')
{
echo "![\"[dir]\"](\"$icon_path/back.png\") ";
}
echo $words['parent directory'], ' | |||||
',
icon(ext($display)), htmlentities($display), '';
}
else //it is a real file or folder
{
if (@is_dir($npart))
{
$folder_count++;
if ($icon_path != '')
{
if ($folder_expansion)
{
$listVal = (in_array($npart, $_SESSION['expanded']) ? 'collapse' : 'expand');
echo 'dir=', translate_uri($subdir), "&$listVal=", translate_uri($value),
'">![[dir]](',
$icon_path.'/dir.png){kind=small} ',
'';
}
else
{
echo 'dir=', translate_uri($subdir . $value), '/">',
'![[dir]](', $icon_path, '/dir.png){kind=small} ';
}
}
else
{
echo 'dir=', translate_uri($subdir . $value), '/">';
}
echo htmlentities($value).'';
if ($show_folder_count)
{
$n = num_files($npart);
$s = (($n == 1) ? $words['file'] : $words['files']);
echo " [$n $s]";
}
}
else //is a file
{
$file_count++;
echo 'dir=', translate_uri($subdir), '&file=',
translate_uri($value), "\">",
icon(ext($npart)), htmlentities($value), '';
if ($md5_show && $size_array[$i] > 0 && $size_array[$i] / 1048576 <= $md5_show)
{
echo ' [get md5sum]';
}
}
if ($use_login_system && logged_in() && is_admin())
{
echo ' [delete, ',
'rename/move]';
}
$age = (time() - $date_m_array[$i]) / 86400;
$age_r = round($age, 1);
$s = (($age_r == 1) ? '' : 's');
if ($days_new && $age <= $days_new)
{
echo (($icon_path == '') ? ' [New]'
: '  ');
}
if ($folder_expansion && @is_dir($npart) && in_array($npart, $_SESSION['expanded']))
{
$ex_array = get_file_list($npart.'/');
if ($_SESSION['sort'] == 'd' && $_SESSION['sortMode'] == 'f')
{
$ex_array = array_reverse($ex_array);
}
echo '
![[dir]](',
$icon_path, '/dir.png){kind=small} ';
}
echo htmlentities($element), "\n";
}
echo ' | '; //end filename column
//filetype column
if ($show_type_column)
{
echo '', (($type_array[$i] == '') ? ' ' : htmlentities($type_array[$i])), ' | '; } //hits column if ($download_count != '') { $dl_count += $hit_array[$i]; echo '', ((!@is_dir($npart)) ? $hit_array[$i] : ' '), ' | '; } //size column if ($show_size_column) { echo ''; $ds = $size_array[$i]; if ($ds === '[Link]') { echo $ds; } else { $total_bytes += $ds; $size_h = get_filesize($ds); echo (@is_dir($npart) ? ($show_dir_size ? "$size_h" : '[dir]') : "$size_h"); } echo ' | '; } //date column if ($show_date_column) { echo ''; if ($date_a_array[$i] == 'N/A') { echo 'N/A'; } else { $a = date($date_format.' h:i:s A', $date_a_array[$i]); $m = date($date_format.' h:i:s A', $date_m_array[$i]); echo "", date($date_format, $date_m_array[$i]), ''; } echo ' | '; } //description column if ($description_file != '') { echo '', (($desc_array[$i] != '') ? $desc_array[$i] : ' '), ' | '; } echo "
| ', "\n$file_count ", $words[(($file_count == 1) ? 'file' : 'files')], " - $folder_count ", $words['folders'], ' | '; if ($show_type_column) { echo ""; } if ($download_count != '') { echo " | Total: $dl_count | "; } if ($show_size_column) { echo '', $words['total size'], ': ', get_filesize($total_bytes), " | \n"; } if ($show_date_column) { echo ''; } if ($description_file != '') { echo ' | '; } echo ' |
|---|---|---|---|---|---|
Powered by AutoIndex PHP Script
';
/*
* We request that you do not remove the link to the AutoIndex website.
* This not only gives respect to the large amount of time given freely by the
* developer, but also helps build interest, traffic, and use of AutoIndex.
*/
echo "\n", '| '; if ($enable_searching) { show_search_box(); } if ($use_login_system) { if (!logged_in()) { echo ' | ';
show_login_box();
}
else //show user options
{
echo '
|
Select Language:
', "'; } show_footer(); //find time it took for the page to generate, in milliseconds $page_time = round((get_microtime() - $start_time) * 1000, 1); echo ' '; //We request that you retain the above copyright notice. if ($index == '') { echo ' faith lutheran church quincy ma