BossBey File Manager
PHP:
7.3.31-1~deb10u1
OS:
Linux
User:
www-data
Root
/
home
/
www
/
inorg
/
coord_old
📤 Upload
📝 New File
📁 New Folder
Close
Editing: file_manager.php
<?php include_once("auth_incl.php"); include_once("db_connect_incl.php"); include_once("settings_incl.php"); //******************* UNAUTHORIZED ******************* if ($rez==0) { echo ("<br><br><strong> :(</strong>"); } //***************** END UNAUTHORIZED ***************** $num=0; //---list of folder's ids for copy function folder_id_list($folder_id) { global $num; $num++; global ${'id'.$num}; ${'id'.$num}=$folder_id; $result=mysql_query("select id from doc_folders where parent=$folder_id;"); $n=mysql_numrows($result); if ($n>0) { for ($i=0;$i<$n;$i++) { $sub_id=mysql_result($result,$i,id); folder_id_list($sub_id); } } } //---Replacing links in site pages when file is moved function replace_links($from_folder,$to_folder,$filename) { $sql_query="select id from sections;"; $result=mysql_query($sql_query); $n=mysql_numrows($result); for ($j=0; $j<$n; $j++) { $section=mysql_result($result,$j,id); $f=file("index${'section'}_incl.php"); //echo ("<br>index${'section'}_incl.php"); for ($i=0; $i < sizeof($f); $i++) { $text=$text.$f[$i]; } $pattern="$from_folder/$filename"; $replacement="$to_folder/$filename"; if (strpos($text,$pattern)!==false) { echo("BINGO"); $text=str_replace($pattern,$replacemant,$text); $h = fopen("index${'section'}_incl.php", "w+"); fwrite($h,$text); } $text=""; } $sql_query="select id from subsections;"; $result=mysql_query($sql_query); $n=mysql_numrows($result); for ($j=0; $j<$n; $j++) { $subsection=mysql_result($result,$j,id); $f=file("indexsub${'subsection'}_incl.php"); //echo("<br>indexsub${'subsection'}_incl.php"); for ($i=0; $i < sizeof($f); $i++) { $text=$text.$f[$i]; } $pattern="$from_folder/$filename"; $replacement="$to_folder/$filename"; if (strpos($text,$pattern)!==false) { //echo("BINGO $from_folder/$filename $to_folder/$filename"); $text=str_replace($pattern,$replacement,$text); $h = fopen("indexsub${'subsection'}_incl.php", "w+"); fwrite($h,$text); } $text=""; } } if ($rez>0) { $edit_folder=$_POST['edit_folder']; $edit_document=$_POST['edit_document']; if ($edit_folder==1) { $folder_id=$_POST['folder_id']; if ($folder_id=='new') { $folder_name=$_POST['folder_name']; $parent=$_POST['parent']; $sql_query="insert into doc_folders values (null, '$folder_name', $parent);"; mysql_query($sql_query); $sql_query="select id from doc_folders order by id desc limit 1;"; $result=mysql_query($sql_query); $folder_id=mysql_result($result,0,id); mkdir("documents/$folder_id"); $folder_id=$parent; } else { if (isset($_POST['cancel'])) { $sql_query="select parent from doc_folders where id=$folder_id;"; $folder_id=mysql_result(mysql_query($sql_query),0,parent); } elseif (isset($_POST['copy'])) { $to_folder_id=$_POST['to_folder_id']; folder_id_list($folder_id); for ($i=1;$i<=$num;$i++) { $folder_id=${'id'.$i}; $result=mysql_query("select * from doc_folders where id=$folder_id;"); $parent=mysql_result($result,0,parent); $folder_name=mysql_result($result,0,name); $p=0; for ($j=1;$j<$i;$j++) { if(${'id'.$j}==$parent) {$new_parent=${'new_id'.$j}; $p=1;}; } if ($p==0) {$new_parent=$to_folder_id;}; mysql_query("insert into doc_folders values (null, '$folder_name', $new_parent);"); $id=mysql_result(mysql_query("select id from doc_folders order by id desc limit 1;"),0,id); ${'new_id'.$i}=$id; mkdir("documents/$id"); $sql_query="select * from documents where folder=$folder_id;"; $result=mysql_query($sql_query); $n=mysql_numrows($result); for($j=0;$j<$n;$j++) { $filename=mysql_result($result,$j,filename); $comment=mysql_result($result,$j,comment); copy("documents/$folder_id/$filename","documents/$id/$filename"); mysql_query("insert into documents values (null, '$filename', $id, '$comment');"); } } $folder_id=$to_folder_id; } elseif (isset($_POST['move'])) { $to_folder_id=$_POST['to_folder_id']; mysql_query("update doc_folders set parent='$to_folder_id' where id=$folder_id;"); $sql_query="select parent from doc_folders where id=$folder_id;"; $folder_id=mysql_result(mysql_query($sql_query),0,parent); } elseif (isset($_POST['rename'])) { $folder_name=$_POST['folder_name']; mysql_query("update doc_folders set name='$folder_name' where id=$folder_id;"); $sql_query="select parent from doc_folders where id=$folder_id;"; $folder_id=mysql_result(mysql_query($sql_query),0,parent); } elseif (isset($_POST['delete'])) { $sql_query="select parent from doc_folders where id=$folder_id;"; $parent=mysql_result(mysql_query($sql_query),0,parent); folder_id_list($folder_id); for ($i=1;$i<=$num;$i++) { $folder=${'id'.$i}; $sql_query="select * from documents where folder=$folder;"; $result=mysql_query($sql_query); $n=mysql_numrows($result); for($j=0;$j<$n;$j++) { $filename=mysql_result($result,$j,filename); $id=mysql_result($result,$j,id); unlink("documents/$folder/$filename"); mysql_query("delete from documents where id=$id;"); } rmdir("documents/$folder"); mysql_query("delete from doc_folders where id=$folder;"); } $folder_id=$parent; } } } elseif ($edit_document==1) { $document_id=$_POST['document_id']; if ($document_id=='new') { $document=$_FILES['document']; if ($document['name']!="") { $filename=$document['name']; $comment=$_POST['comment']; $folder_id=$_POST['folder_id']; if ($folder_id!=0) {$folder="documents/".$folder_id."/";} else {$folder="documents/";} if (!file_exists($folder.$document['name'])) { copy ($document['tmp_name'], $folder.$document['name']); $sql_query="insert into documents values (null, '$filename', $folder_id, '$comment');"; mysql_query($sql_query); } else { $folder_id=$folder_id."&fileexist=1"; } } } else { if (isset($_POST['cancel'])) { $sql_query="select folder from documents where id=$document_id;"; $folder_id=mysql_result(mysql_query($sql_query),0,folder); } elseif (isset($_POST['copy'])) { $to_folder_id=$_POST['to_folder_id']; $sql_query="select * from documents where id=$document_id;"; $result=mysql_query($sql_query); $from_folder_id=mysql_result($result,0,folder); $filename=mysql_result($result,0,filename); $comment=mysql_result($result,0,comment); if ($from_folder_id!=0) {$from_folder="documents/".$from_folder_id;} else {$from_folder="documents";} if ($to_folder_id!=0) {$to_folder="documents/".$to_folder_id;} else {$to_folder="documents";} if (!file_exists("$to_folder/$filename")) { copy ("$from_folder/$filename","$to_folder/$filename"); mysql_query("insert into documents values (null, '$filename', $to_folder_id, '$comment');"); $folder_id=$to_folder_id; } else { $folder_id=$from_folder_id."&fileexist=1"; } } elseif (isset($_POST['move'])) { $to_folder_id=$_POST['to_folder_id']; $sql_query="select * from documents where id=$document_id;"; $result=mysql_query($sql_query); $from_folder_id=mysql_result($result,0,folder); $filename=mysql_result($result,0,filename); if ($from_folder_id!=0) {$from_folder="documents/".$from_folder_id;} else {$from_folder="documents";} if ($to_folder_id!=0) {$to_folder="documents/".$to_folder_id;} else {$to_folder="documents";} copy ("$from_folder/$filename","$to_folder/$filename"); unlink ("$from_folder/$filename"); mysql_query("update documents set folder='$to_folder_id' where id=$document_id;"); replace_links($from_folder,$to_folder,$filename); $folder_id=$to_folder_id; } elseif (isset($_POST['rename'])) { $document_comment=$_POST['document_comment']; mysql_query("update documents set comment='$document_comment' where id=$document_id;"); $sql_query="select folder from documents where id=$document_id;"; $folder_id=mysql_result(mysql_query($sql_query),0,folder); } elseif (isset($_POST['delete'])) { $sql_query="select * from documents where id=$document_id;"; $result=mysql_query($sql_query); $from_folder_id=mysql_result($result,0,folder); $filename=mysql_result($result,0,filename); if ($from_folder_id!=0) {$from_folder="documents/".$from_folder_id;} else {$from_folder="documents";} unlink ("$from_folder/$filename"); mysql_query("delete from documents where id=$document_id;"); $folder_id=$from_folder_id; } } } $action="edit_documents&folder_id=$folder_id"; } Header("Location:http://$domain/index.php?section=admin&action=$action$add"); ?>
Save
Cancel