-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.php
72 lines (68 loc) · 2.75 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php
require_once( 'config.php' );
session_start();
$user = null;
$error = '';
$db = new PDO('sqlite:possiDL.db');
if ( !$db || $db == null ) die( "error opening database" );
if ( isset( $_SESSION['token'] ) && isset( $_SESSION[ 'userid' ] ) ) {
$stmt = $db->query( "SELECT * FROM users WHERE id = '" . $_SESSION['userid'] . "'" );
if ( $stmt != null ) {
$user = $stmt->fetch(PDO::FETCH_OBJ);
if ( $_SESSION['token'] != sha1( $user->username . SECRET ) )
$user = null;
}
}
if ( isset( $_GET[ 'permission'] ) ) {
$error = "an admin needs to whitelist your account before you can download files";
}
$path = '';
if ( isset( $_GET['dir'] ) && !preg_match( '/\.\./', $_GET['dir']) ) {
$path = $_GET[ 'dir' ];
if ( !is_dir( FILE_DIR . $path ) or $path == '.' )
$path = '';
}
?>
<!DOCTYPE html>
<html>
<head>
<title>possiDL</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<a href="https://github.com/lethemfindus/possiDL"><img style="position: absolute; top: 0; left: 0; border: 0;" src="https://s3.amazonaws.com/github/ribbons/forkme_left_white_ffffff.png" alt="Fork me on GitHub"></a>
<header>
<h1 id="title">possiDL</h1>
<p>
A simple file directory server in PHP.
</p>
</header>
<article>
<?php
if ( $error ) echo '<div class="error">' . $error . '</div>';
$dir = opendir( FILE_DIR . $path . '/' );
while ( $file = readdir( $dir ) ) {
$ffile = $path . '/' . $file;
if ( preg_match( '/^\.($|[^.])/', $file ) )
continue;
if ( $file == '..' ) { if ( $path == '' || $path == '/' ) continue; ?>
<div class="file"><a href="index.php?dir=<?php echo dirname( $path . '/' ); ?>">../</a><span class="right">(one level up)</span></div>
<?php } else if ( !is_dir( FILE_DIR . $ffile ) ) { ?>
<div class="file"><?php echo $file ?> <span class="right"><span class="downloads">▽<?php echo "142" ?></span> | <a href="download.php?file=<?php echo $ffile ?>">view</a> | <a href="download.php?force&file=<?php echo $ffile ?>">download</a></span></div>
<?php } else { ?>
<div class="file"><a href="index.php?dir=<?php echo $ffile ?>"><?php echo $file ?>/</a></div>
<?php }
}
?>
</article>
<footer>
<span id="left">
<?php if ( $user ) { ?><a href="login.php?logout">logout <?php echo $user->username ?></a>
<?php } else { ?><a href="login.php">log in</a><?php } ?>
</span>
possiDL by <a href="http://lethemfind.us/community/user/4085-1nsignia/">S0lll0s aka 1nsignia</a><br/>
Visit our friendly community at <a href="http://lethemfind.us">lethemfind.us</a>
</footer>
</body>
</html>