diff options
-rw-r--r-- | dialogs.c | 42 | ||||
-rw-r--r-- | dir.c | 144 | ||||
-rw-r--r-- | fileio.c | 24 | ||||
-rw-r--r-- | wfm.c | 230 | ||||
-rw-r--r-- | wfm.h | 45 |
5 files changed, 247 insertions, 238 deletions
@@ -73,7 +73,7 @@ void multiprompt_ui(char *m_action) { if(strcmp(m_action, "move")==0) { fprintf(cgiOut, "<P>Source: %s<P>Destination: <SELECT NAME=\"destination\">\n", virt_dirname); fprintf(cgiOut, "<OPTION VALUE=\"/\">/ - Root Directory</OPTION>\n"); - if(largeset) { + if(cfg.largeset) { level=re_dir_up(virt_dirname); re_dir_ui(virt_dirname, level); } @@ -89,14 +89,14 @@ void multiprompt_ui(char *m_action) { " <P><CENTER>\n" " <INPUT TYPE=\"HIDDEN\" NAME=\"action\" VALUE=\"%s\">\n" " <INPUT TYPE=\"HIDDEN\" NAME=\"directory\" VALUE=\"%s\">\n" - " <INPUT TYPE=\"HIDDEN\" NAME=\"token\" VALUE=\"%s\">\n" + " <INPUT TYPE=\"HIDDEN\" NAME=\"rt.token\" VALUE=\"%s\">\n" " <INPUT TYPE=\"SUBMIT\" VALUE=\" OK \" NAME=\"OK\">\n" " <INPUT TYPE=\"SUBMIT\" VALUE=\" Cancel \" NAME=\"noop\">\n" " </CENTER><BR>\n" " </TD></TR>\n" "</TABLE></FORM>\n\n" "</TD></TR></TABLE>\n" - "</BODY>\n</HTML>\n", m_action, virt_dirname, token); + "</BODY>\n</HTML>\n", m_action, virt_dirname, rt.token); cgiStringArrayFree(responses); @@ -129,7 +129,7 @@ void singleprompt_ui(char *m_action) { " <TR><TD COLSPAN=2 BGCOLOR=\"#004080\"><FONT COLOR=\"#FFFFFF\"> %s</FONT></TD></TR>\n" " <TR><TD WIDTH=30> </TD><TD>\n" " <BR>\n", - (js) ? "ONLOAD=\"document.wfm.inp1.focus();\"" : "", cgiScriptName, M_action); + (rt.js) ? "ONLOAD=\"document.wfm.inp1.focus();\"" : "", cgiScriptName, M_action); if(strcmp(m_action, "move")==0) @@ -156,14 +156,14 @@ void singleprompt_ui(char *m_action) { " <P><CENTER>\n" " <INPUT TYPE=\"HIDDEN\" NAME=\"action\" VALUE=\"%s\">\n" " <INPUT TYPE=\"HIDDEN\" NAME=\"directory\" VALUE=\"%s\">\n" - " <INPUT TYPE=\"HIDDEN\" NAME=\"token\" VALUE=\"%s\">\n" + " <INPUT TYPE=\"HIDDEN\" NAME=\"rt.token\" VALUE=\"%s\">\n" " <INPUT TYPE=\"SUBMIT\" VALUE=\" OK \" NAME=\"OK\">\n" " <INPUT TYPE=\"SUBMIT\" VALUE=\" Cancel \" NAME=\"noop\">\n" " </CENTER><BR>\n" " </TD></TR>\n" "</TABLE></FORM>\n\n" "</TD></TR></TABLE>\n" - "</BODY>\n</HTML>\n", m_action, virt_dirname, token); + "</BODY>\n</HTML>\n", m_action, virt_dirname, rt.token); } @@ -210,12 +210,12 @@ void error(char *msg, ...) { "<FORM ACTION=\"%s\" METHOD=\"POST\" ENCTYPE=\"multipart/form-data\">\n" "<INPUT TYPE=\"SUBMIT\" VALUE=\" OK \" NAME=\"noop\">\n" "<INPUT TYPE=\"HIDDEN\" NAME=\"directory\" VALUE=\"%s\">\n" - "<INPUT TYPE=\"HIDDEN\" NAME=\"token\" VALUE=\"%s\">\n" + "<INPUT TYPE=\"HIDDEN\" NAME=\"rt.token\" VALUE=\"%s\">\n" "</FORM>\n</TD></TR>\n" "<TR><TD COLSPAN=3 BGCOLOR=\"#EEEEEE\"> </TD></TR>\n" "</TABLE>\n" "</TD></TR></TABLE>\n</BODY></HTML>\n", - buff, cgiScriptName, virt_dirname, token); + buff, cgiScriptName, virt_dirname, rt.token); } else { cgiHeaderContentType("text/plain"); @@ -282,19 +282,19 @@ void about(void) { "<FORM ACTION=\"%s\" METHOD=\"POST\" ENCTYPE=\"multipart/form-data\">\n" "<INPUT TYPE=\"SUBMIT\" VALUE=\" OK \" NAME=\"noop\">\n" "<INPUT TYPE=\"HIDDEN\" NAME=\"directory\" VALUE=\"%s\">\n" - "<INPUT TYPE=\"HIDDEN\" NAME=\"token\" VALUE=\"%s\">\n" + "<INPUT TYPE=\"HIDDEN\" NAME=\"rt.token\" VALUE=\"%s\">\n" "</FORM>\n</TD></TR>\n" "<TR><TD COLSPAN=3 BGCOLOR=\"#EEEEEE\"> </TD></TR>\n" "</TABLE>\n" "</TD></TR></TABLE>\n</BODY></HTML>\n", - ICONSURL, TAGLINE, VERSION, __DATE__, __TIME__, __VERSION__, cgiServerSoftware, cgiUserAgent, NAME_MAX, js, + rt.iconsurl, cfg.tagline, VERSION, __DATE__, __TIME__, __VERSION__, cgiServerSoftware, cgiUserAgent, NAME_MAX, rt.js, #ifdef WFMGIT "Git" #else "None" #endif , (repo_check()) ? "No Repo Present" : "Repo OK", - cgiScriptName, virt_dirname, token); + cgiScriptName, virt_dirname, rt.token); } @@ -306,14 +306,14 @@ void login_ui(void) { cgiHeaderContentType("text/html"); html_title("Login"); - if(js>=2) fputs( + if(rt.js>=2) fputs( "<SCRIPT LANGUAGE=\"JavaScript\" TYPE=\"text/javascript\">\n<!--\n" "var hexcase=0;function hex_md5(a){return rstr2hex(rstr_md5(str2rstr_utf8(a)))}function hex_hmac_md5(a,b){return rstr2hex(rstr_hmac_md5(str2rstr_utf8(a),str2rstr_utf8(b)))}function md5_vm_test(){return hex_md5(\"abc\").toLowerCase()==\"900150983cd24fb0d6963f7d28e17f72\"}function rstr_md5(a){return binl2rstr(binl_md5(rstr2binl(a),a.length*8))}function rstr_hmac_md5(c,f){var e=rstr2binl(c);if(e.length>16){e=binl_md5(e,c.length*8)}var a=Array(16),d=Array(16);for(var b=0;b<16;b++){a[b]=e[b]^909522486;d[b]=e[b]^1549556828}var g=binl_md5(a.concat(rstr2binl(f)),512+f.length*8);return binl2rstr(binl_md5(d.concat(g),512+128))}function rstr2hex(c){try{hexcase}catch(g){hexcase=0}var f=hexcase?\"0123456789ABCDEF\":\"0123456789abcdef\";var b=\"\";var a;for(var d=0;d<c.length;d++){a=c.charCodeAt(d);b+=f.charAt((a>>>4)&15)+f.charAt(a&15)}return b}function str2rstr_utf8(c){var b=\"\";var d=-1;var a,e;while(++d<c.length){a=c.charCodeAt(d);e=d+1<c.length?c.charCodeAt(d+1):0;if(55296<=a&&a<=56319&&56320<=e&&e<=57343){a=65536+((a&1023)<<10)+(e&1023);d++}if(a<=127){b+=String.fromCharCode(a)}else{if(a<=2047){b+=String.fromCharCode(192|((a>>>6)&31),128|(a&63))}else{if(a<=65535){b+=String.fromCharCode(224|((a>>>12)&15),128|((a>>>6)&63),128|(a&63))}else{if(a<=2097151){b+=String.fromCharCode(240|((a>>>18)&7),128|((a>>>12)&63),128|((a>>>6)&63),128|(a&63))}}}}}return b}function rstr2binl(b){var a=Array(b.length>>2);for(var c=0;c<a.length;c++){a[c]=0}for(var c=0;c<b.length*8;c+=8){a[c>>5]|=(b.charCodeAt(c/8)&255)<<(c%32)}return a}function binl2rstr(b){var a=\"\";for(var c=0;c<b.length*32;c+=8){a+=String.fromCharCode((b[c>>5]>>>(c%32))&255)}return a}function binl_md5(p,k){p[k>>5]|=128<<((k)%32);p[(((k+64)>>>9)<<4)+14]=k;var o=1732584193;var n=-271733879;var m=-1732584194;var l=271733878;for(var g=0;g<p.length;g+=16){var j=o;var h=n;var f=m;var e=l;o=md5_ff(o,n,m,l,p[g+0],7,-680876936);l=md5_ff(l,o,n,m,p[g+1],12,-389564586);m=md5_ff(m,l,o,n,p[g+2],17,606105819);n=md5_ff(n,m,l,o,p[g+3],22,-1044525330);o=md5_ff(o,n,m,l,p[g+4],7,-176418897);l=md5_ff(l,o,n,m,p[g+5],12,1200080426);m=md5_ff(m,l,o,n,p[g+6],17,-1473231341);n=md5_ff(n,m,l,o,p[g+7],22,-45705983);o=md5_ff(o,n,m,l,p[g+8],7,1770035416);l=md5_ff(l,o,n,m,p[g+9],12,-1958414417);m=md5_ff(m,l,o,n,p[g+10],17,-42063);n=md5_ff(n,m,l,o,p[g+11],22,-1990404162);o=md5_ff(o,n,m,l,p[g+12],7,1804603682);l=md5_ff(l,o,n,m,p[g+13],12,-40341101);m=md5_ff(m,l,o,n,p[g+14],17,-1502002290);n=md5_ff(n,m,l,o,p[g+15],22,1236535329);o=md5_gg(o,n,m,l,p[g+1],5,-165796510);l=md5_gg(l,o,n,m,p[g+6],9,-1069501632);m=md5_gg(m,l,o,n,p[g+11],14,643717713);n=md5_gg(n,m,l,o,p[g+0],20,-373897302);o=md5_gg(o,n,m,l,p[g+5],5,-701558691);l=md5_gg(l,o,n,m,p[g+10],9,38016083);m=md5_gg(m,l,o,n,p[g+15],14,-660478335);n=md5_gg(n,m,l,o,p[g+4],20,-405537848);o=md5_gg(o,n,m,l,p[g+9],5,568446438);l=md5_gg(l,o,n,m,p[g+14],9,-1019803690);m=md5_gg(m,l,o,n,p[g+3],14,-187363961);n=md5_gg(n,m,l,o,p[g+8],20,1163531501);o=md5_gg(o,n,m,l,p[g+13],5,-1444681467);l=md5_gg(l,o,n,m,p[g+2],9,-51403784);m=md5_gg(m,l,o,n,p[g+7],14,1735328473);n=md5_gg(n,m,l,o,p[g+12],20,-1926607734);o=md5_hh(o,n,m,l,p[g+5],4,-378558);l=md5_hh(l,o,n,m,p[g+8],11,-2022574463);m=md5_hh(m,l,o,n,p[g+11],16,1839030562);n=md5_hh(n,m,l,o,p[g+14],23,-35309556);o=md5_hh(o,n,m,l,p[g+1],4,-1530992060);l=md5_hh(l,o,n,m,p[g+4],11,1272893353);m=md5_hh(m,l,o,n,p[g+7],16,-155497632);n=md5_hh(n,m,l,o,p[g+10],23,-1094730640);o=md5_hh(o,n,m,l,p[g+13],4,681279174);l=md5_hh(l,o,n,m,p[g+0],11,-358537222);m=md5_hh(m,l,o,n,p[g+3],16,-722521979);n=md5_hh(n,m,l,o,p[g+6],23,76029189);o=md5_hh(o,n,m,l,p[g+9],4,-640364487);l=md5_hh(l,o,n,m,p[g+12],11,-421815835);m=md5_hh(m,l,o,n,p[g+15],16,530742520);n=md5_hh(n,m,l,o,p[g+2],23,-995338651);o=md5_ii(o,n,m,l,p[g+0],6,-198630844);l=md5_ii(l,o,n,m,p[g+7],10,1126891415);m=md5_ii(m,l,o,n,p[g+14],15,-1416354905);n=md5_ii(n,m,l,o,p[g+5],21,-57434055);o=md5_ii(o,n,m,l,p[g+12],6,1700485571);l=md5_ii(l,o,n,m,p[g+3],10,-1894986606);m=md5_ii(m,l,o,n,p[g+10],15,-1051523);n=md5_ii(n,m,l,o,p[g+1],21,-2054922799);o=md5_ii(o,n,m,l,p[g+8],6,1873313359);l=md5_ii(l,o,n,m,p[g+15],10,-30611744);m=md5_ii(m,l,o,n,p[g+6],15,-1560198380);n=md5_ii(n,m,l,o,p[g+13],21,1309151649);o=md5_ii(o,n,m,l,p[g+4],6,-145523070);l=md5_ii(l,o,n,m,p[g+11],10,-1120210379);m=md5_ii(m,l,o,n,p[g+2],15,718787259);n=md5_ii(n,m,l,o,p[g+9],21,-343485551);o=safe_add(o,j);n=safe_add(n,h);m=safe_add(m,f);l=safe_add(l,e)}return Array(o,n,m,l)}function md5_cmn(h,e,d,c,g,f){return safe_add(bit_rol(safe_add(safe_add(e,h),safe_add(c,f)),g),d)}function md5_ff(g,f,k,j,e,i,h){return md5_cmn((f&k)|((~f)&j),g,f,e,i,h)}function md5_gg(g,f,k,j,e,i,h){return md5_cmn((f&j)|(k&(~j)),g,f,e,i,h)}function md5_hh(g,f,k,j,e,i,h){return md5_cmn(f^k^j,g,f,e,i,h)}function md5_ii(g,f,k,j,e,i,h){return md5_cmn(k^(f|(~j)),g,f,e,i,h)}function safe_add(a,d){var c=(a&65535)+(d&65535);var b=(a>>16)+(d>>16)+(c>>16);return(b<<16)|(c&65535)}function bit_rol(a,b){return(a<<b)|(a>>>(32-b))};" "\n//-->\n</SCRIPT>\n", cgiOut); fputs("</HEAD>\n", cgiOut); - if(js>=2) + if(rt.js>=2) fputs("<BODY ONLOAD=\"document.wfm.username.focus(); document.wfm.login.value='MD5 Login';\" BGCOLOR=\"#FFFFFF\">\n", cgiOut); else fputs("<BODY BGCOLOR=\"#FFFFFF\">\n", cgiOut); @@ -337,8 +337,8 @@ void login_ui(void) { " <INPUT TYPE=\"SUBMIT\" VALUE=\" %s Login \" NAME=\"login\" ", cgiScriptName, virt_dirname, (getenv("HTTPS")) ? "SSL" : "Plaintext"); - if(js>=2) fprintf(cgiOut, - "onClick=\"self.location='%s?directory=%s&login=client&token=' + hex_md5('%s:' + hex_md5(document.wfm.username.value + ':' + document.wfm.password.value)); return false;\"", + if(rt.js>=2) fprintf(cgiOut, + "onClick=\"self.location='%s?directory=%s&login=client&rt.token=' + hex_md5('%s:' + hex_md5(document.wfm.username.value + ':' + document.wfm.password.value)); return false;\"", cgiScriptName, virt_dirname_urlencoded, cgiRemoteAddr); fputs( @@ -398,7 +398,7 @@ void edit_ui(void) { cgiHeaderContentType("text/html"); html_title("Editor"); - if (js) fprintf(cgiOut, + if (rt.js) fprintf(cgiOut, "<SCRIPT LANGUAGE=\"JavaScript\" TYPE=\"text/javascript\">\n" "<!--\n" "function chwrap() { \n" @@ -442,15 +442,15 @@ void edit_ui(void) { "File Editor: %s\n" "</TD>\n" "<TD BGCOLOR=\"#CCCCCC\" ALIGN=\"RIGHT\">", - cgiScriptName, (strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 6", 31)==0) ? "80" : "100", ICONSURL, virt_filename); + cgiScriptName, (strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 6", 31)==0) ? "80" : "100", rt.iconsurl, virt_filename); #ifndef WFMGIT - if(js) fprintf(cgiOut, "<INPUT TYPE=\"button\" ID=\"bakbtn\" onClick=\"chbak()\" VALUE=\"Backup\" STYLE=\"border:none; %s \"> \n", bkcolor); + if(rt.js) fprintf(cgiOut, "<INPUT TYPE=\"button\" ID=\"bakbtn\" onClick=\"chbak()\" VALUE=\"Backup\" STYLE=\"border:none; %s \"> \n", bkcolor); #else fprintf(cgiOut, "%s\n", (repo_check()) ? "No GIT Repo Present" : "GIT Backed "); #endif - if(js) fprintf(cgiOut, "<INPUT TYPE=\"button\" ID=\"wrapbtn\" onClick=\"chwrap()\" VALUE=\"Wrap\" STYLE=\"border:none; background-color:#404040; color:#FFFFFF;\">\n"); + if(rt.js) fprintf(cgiOut, "<INPUT TYPE=\"button\" ID=\"wrapbtn\" onClick=\"chwrap()\" VALUE=\"Wrap\" STYLE=\"border:none; background-color:#404040; color:#FFFFFF;\">\n"); fprintf(cgiOut, "</TD>\n" @@ -475,10 +475,10 @@ void edit_ui(void) { "<INPUT TYPE=\"hidden\" NAME=\"action\" VALUE=\"edit_save\">\n" "<INPUT TYPE=\"hidden\" NAME=\"filename\" VALUE=\"%s\">\n" "<INPUT TYPE=\"hidden\" NAME=\"directory\" VALUE=\"%s\">\n" - "<INPUT TYPE=\"hidden\" NAME=\"token\" VALUE=\"%s\">\n" + "<INPUT TYPE=\"hidden\" NAME=\"rt.token\" VALUE=\"%s\">\n" "<INPUT TYPE=\"hidden\" NAME=\"backup\" VALUE=\"%s\">\n" "</FORM></BODY></HTML>\n", - virt_filename, virt_dirname, token, backup); + virt_filename, virt_dirname, rt.token, backup); free(buff); @@ -23,20 +23,20 @@ char tHL_COLOR[]="FFD700"; static const char *access_string[]={ "none", "readonly", "readwrite" }; void dir_icoinita(void) { - snprintf(DIRIMG, sizeof(DIRIMG), "<IMG SRC=\"%sdir.gif\" ALT=\"Dir\" ALIGN=\"MIDDLE\" BORDER=\"0\">", ICONSURL); - snprintf(LNKIMG, sizeof(LNKIMG), "<IMG SRC=\"%slnk.gif\" ALT=\"Symlink\" ALIGN=\"MIDDLE\" BORDER=\"0\">", ICONSURL); - snprintf(AUPIMG, sizeof(AUPIMG), "<IMG SRC=\"%saup.gif\" ALT=\"Up\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"7\" HEIGHT=\"4\">", ICONSURL); - snprintf(ADNIMG, sizeof(ADNIMG), "<IMG SRC=\"%sadn.gif\" ALT=\"Down\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"7\" HEIGHT=\"4\">", ICONSURL); - snprintf(GENIMG, sizeof(GENIMG), "<IMG SRC=\"%sgen.gif\" ALT=\"Unknown\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(NEWIMG, sizeof(NEWIMG), "<IMG SRC=\"%sarr.gif\" ALT=\"New\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(ZIPIMG, sizeof(ZIPIMG), "<IMG SRC=\"%szip.gif\" ALT=\"Archive\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(IMGIMG, sizeof(IMGIMG), "<IMG SRC=\"%simg.gif\" ALT=\"Image\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(OFFIMG, sizeof(OFFIMG), "<IMG SRC=\"%soff.gif\" ALT=\"Office File\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(PDFIMG, sizeof(PDFIMG), "<IMG SRC=\"%spdf.gif\" ALT=\"PDF\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(TXTIMG, sizeof(TXTIMG), "<IMG SRC=\"%stxt.gif\" ALT=\"Text\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(EXEIMG, sizeof(EXEIMG), "<IMG SRC=\"%sexe.gif\" ALT=\"Exec\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(MEDIMG, sizeof(MEDIMG), "<IMG SRC=\"%smed.gif\" ALT=\"Multimedia\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); - snprintf(ISOIMG, sizeof(ISOIMG), "<IMG SRC=\"%siso.gif\" ALT=\"Disk Image\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", ICONSURL); + snprintf(DIRIMG, sizeof(DIRIMG), "<IMG SRC=\"%sdir.gif\" ALT=\"Dir\" ALIGN=\"MIDDLE\" BORDER=\"0\">", rt.iconsurl); + snprintf(LNKIMG, sizeof(LNKIMG), "<IMG SRC=\"%slnk.gif\" ALT=\"Symlink\" ALIGN=\"MIDDLE\" BORDER=\"0\">", rt.iconsurl); + snprintf(AUPIMG, sizeof(AUPIMG), "<IMG SRC=\"%saup.gif\" ALT=\"Up\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"7\" HEIGHT=\"4\">", rt.iconsurl); + snprintf(ADNIMG, sizeof(ADNIMG), "<IMG SRC=\"%sadn.gif\" ALT=\"Down\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"7\" HEIGHT=\"4\">", rt.iconsurl); + snprintf(GENIMG, sizeof(GENIMG), "<IMG SRC=\"%sgen.gif\" ALT=\"Unknown\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(NEWIMG, sizeof(NEWIMG), "<IMG SRC=\"%sarr.gif\" ALT=\"New\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(ZIPIMG, sizeof(ZIPIMG), "<IMG SRC=\"%szip.gif\" ALT=\"Archive\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(IMGIMG, sizeof(IMGIMG), "<IMG SRC=\"%simg.gif\" ALT=\"Image\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(OFFIMG, sizeof(OFFIMG), "<IMG SRC=\"%soff.gif\" ALT=\"Office File\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(PDFIMG, sizeof(PDFIMG), "<IMG SRC=\"%spdf.gif\" ALT=\"PDF\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(TXTIMG, sizeof(TXTIMG), "<IMG SRC=\"%stxt.gif\" ALT=\"Text\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(EXEIMG, sizeof(EXEIMG), "<IMG SRC=\"%sexe.gif\" ALT=\"Exec\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(MEDIMG, sizeof(MEDIMG), "<IMG SRC=\"%smed.gif\" ALT=\"Multimedia\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); + snprintf(ISOIMG, sizeof(ISOIMG), "<IMG SRC=\"%siso.gif\" ALT=\"Disk Image\" ALIGN=\"MIDDLE\" BORDER=\"0\" WIDTH=\"16\" HEIGHT=\"16\">", rt.iconsurl); if( regcomp(®_zip, "\\.(zip|rar|tar|gz|tgz|z|arj|bz|tbz|7z|xz)$", REG_EXTENDED | REG_ICASE)!=0 || @@ -103,9 +103,9 @@ void dirlist(void) { "<HTML LANG=\"en\">\n" "<HEAD>\n" "<TITLE>%s : %c%s</TITLE>\n", - copyright, TAGLINE, (strlen(virt_dirname)>0) ? ' ' : '/', virt_dirname); + COPYRIGHT, cfg.tagline, (strlen(virt_dirname)>0) ? ' ' : '/', virt_dirname); - if(js) fprintf(cgiOut, + if(rt.js) fprintf(cgiOut, "<SCRIPT LANGUAGE=\"JavaScript\" TYPE=\"text/javascript\">\n" "<!-- \n" "function checkUncheckAll(checkAllState, cbGroup) {\n" @@ -119,7 +119,7 @@ void dirlist(void) { " }\n" "}\n"); - if(js>=2) fprintf(cgiOut, + if(rt.js>=2) fprintf(cgiOut, "function xmlhttpPost(strURL) {\n" " var xmlHttpReq = false;\n" " var self = this;\n" @@ -148,7 +148,7 @@ void dirlist(void) { "}\n", cgiScriptName, upload_id); - if(js) fprintf(cgiOut, + if(rt.js) fprintf(cgiOut, "//-->\n" "</SCRIPT>\n"); @@ -177,7 +177,7 @@ void dirlist(void) { "</HEAD>\n" "<BODY BGCOLOR=\"#FFFFFF\">\n" "<FORM ACTION=\"%s\" METHOD=\"POST\" ENCTYPE=\"multipart/form-data\" %s>\n", - FONT_SIZE, FONT_SIZE, ICONSURL, FAVICON, cgiScriptName, (js>=2) ? "onsubmit=\"start()\"" : ""); + FONT_SIZE, FONT_SIZE, rt.iconsurl, cfg.favicon, cgiScriptName, (rt.js>=2) ? "onsubmit=\"start()\"" : ""); @@ -193,21 +193,21 @@ void dirlist(void) { " <IMG SRC=\"%s%s\" ALIGN=\"MIDDLE\" ALT=\"WFM\">\n" "%s : %c%s \n" "<TD NOWRAP BGCOLOR=\"#F1F1F1\" VALIGN=\"MIDDLE\" ALIGN=\"RIGHT\" STYLE=\"color:#000000; font-weight:bold; white-space:nowrap\">\n", - ICONSURL, FAVICON, TAGLINE, (strlen(virt_dirname)>0) ? ' ' : '/', virt_dirname + rt.iconsurl, cfg.favicon, cfg.tagline, (strlen(virt_dirname)>0) ? ' ' : '/', virt_dirname ); // lock / unlock - if(!access_as_user && users_defined) + if(!rt.access_as_user && cfg.users_defined) fprintf(cgiOut, "<A HREF=\"%s?action=login&directory=%s\">" " <IMG SRC=\"%s%s.gif\" ALIGN=\"MIDDLE\" BORDER=\"0\" ALT=\"Access\"></A> %s\n", - cgiScriptName, virt_dirname_urlencoded, ICONSURL, access_string[access_level], access_string[access_level]); + cgiScriptName, virt_dirname_urlencoded, rt.iconsurl, access_string[rt.access_level], access_string[rt.access_level]); else fprintf(cgiOut, "<A HREF=\"%s?directory=%s\"><IMG SRC=\"%s%s.gif\" BORDER=\"0\" ALIGN=\"MIDDLE\" ALT=\"Access\">" "</A> %s <IMG SRC=\"%suser.gif\" ALIGN=\"MIDDLE\" ALT=\"User\"> %s \n", - cgiScriptName, virt_dirname_urlencoded, ICONSURL, access_string[access_level], access_string[access_level], ICONSURL, loggedinuser); + cgiScriptName, virt_dirname_urlencoded, rt.iconsurl, access_string[rt.access_level], access_string[rt.access_level], rt.iconsurl, rt.loggedinuser); // about / version fprintf(cgiOut, @@ -216,7 +216,7 @@ void dirlist(void) { "</TD>\n"\ "</TR>\n"\ "</TABLE>\n", - ICONSURL, cgiRemoteAddr, cgiScriptName, virt_dirname_urlencoded, token, ICONSURL, VERSION); + rt.iconsurl, cgiRemoteAddr, cgiScriptName, virt_dirname_urlencoded, rt.token, rt.iconsurl, VERSION); @@ -233,7 +233,7 @@ void dirlist(void) { "<IMG SRC=\"%sdir_up.gif\" BORDER=0 ALIGN=\"MIDDLE\" WIDTH=\"16\" HEIGHT=\"16\" ALT=\"Dir Up\"> Up" "</A>\n" "</TD>\n", - cgiScriptName, sortby, virt_parent_urlencoded, token, ICONSURL); + cgiScriptName, sortby, virt_parent_urlencoded, rt.token, rt.iconsurl); fprintf(cgiOut, "<!-- HOME -->\n" @@ -242,7 +242,7 @@ void dirlist(void) { "<IMG SRC=\"%shome.gif\" BORDER=0 ALIGN=\"MIDDLE\" WIDTH=\"16\" HEIGHT=\"16\" ALT=\"Home\"> Home" "</A>\n" "</TD>\n", - cgiScriptName, sortby, token, ICONSURL); + cgiScriptName, sortby, rt.token, rt.iconsurl); fprintf(cgiOut, "<!-- RELOAD -->\n" @@ -251,7 +251,7 @@ void dirlist(void) { "<IMG SRC=\"%sreload.gif\" BORDER=0 ALIGN=\"MIDDLE\" ALT=\"Reload\"> Refresh" "</A>\n" "</TD>\n", - cgiScriptName, sortby, virt_dirname_urlencoded, token, ICONSURL); + cgiScriptName, sortby, virt_dirname_urlencoded, rt.token, rt.iconsurl); fprintf(cgiOut, "<!-- MULTI DELETE -->\n"\ @@ -259,7 +259,7 @@ void dirlist(void) { "<INPUT TYPE=\"IMAGE\" SRC=\"%sdelete.gif\" STYLE=\"border: none; padding: 0px; vertical-align:middle;\" ALT=\"Delete\" ALIGN=\"MIDDLE\" NAME=\"multi_delete_prompt\" VALUE=\"Delete\">\n" "<INPUT TYPE=\"SUBMIT\" CLASS=\"hovout\" NAME=\"multi_delete_prompt\" VALUE=\"Delete\" %s>\n" "</TD>\n", - ICONSURL, (js) ? "onMouseOver=\"this.className='hovin';\" onMouseOut=\"this.className='hovout';\"" : ""); + rt.iconsurl, (rt.js) ? "onMouseOver=\"this.className='hovin';\" onMouseOut=\"this.className='hovout';\"" : ""); fprintf(cgiOut, "<!-- MULTI MOVE -->\n" @@ -267,7 +267,7 @@ void dirlist(void) { "<INPUT TYPE=\"IMAGE\" SRC=\"%smove.gif\" STYLE=\"border: none; padding: 0px; vertical-align:middle; \" ALT=\"Move\" ALIGN=\"MIDDLE\" NAME=\"multi_move_prompt\" VALUE=\"Move\">\n" "<INPUT TYPE=\"SUBMIT\" CLASS=\"hovout\" NAME=\"multi_move_prompt\" VALUE=\"Move\" %s>\n" "</TD>\n", - ICONSURL, (js) ? "onMouseOver=\"this.className='hovin';\" onMouseOut=\"this.className='hovout';\"" : ""); + rt.iconsurl, (rt.js) ? "onMouseOver=\"this.className='hovin';\" onMouseOut=\"this.className='hovout';\"" : ""); fprintf(cgiOut, "<!-- NEWDIR -->\n" @@ -276,7 +276,7 @@ void dirlist(void) { "<IMG SRC=\"%smkdir.gif\" BORDER=0 ALIGN=\"MIDDLE\" ALT=\"New Folder\"> New Folder\n" "</A>\n" "</TD>\n", - cgiScriptName, virt_dirname_urlencoded, token, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, rt.token, rt.iconsurl); fprintf(cgiOut, @@ -286,7 +286,7 @@ void dirlist(void) { "<IMG SRC=\"%smkfile.gif\" BORDER=0 ALIGN=\"MIDDLE\" ALT=\"New File\"> New File" "</A>\n" "</TD>\n", - cgiScriptName, virt_dirname_urlencoded, token, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, rt.token, rt.iconsurl); @@ -301,39 +301,39 @@ void dirlist(void) { "</TD>\n" "</TR>\n" "</TABLE>\n", - virt_dirname, token, upload_id, (access_level==PERM_RW) ? " " : "DISABLED"); + virt_dirname, rt.token, upload_id, (rt.access_level==PERM_RW) ? " " : "DISABLED"); // // SORT BY // if(strcmp(sortby, "size")==0) { - snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=rsize\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A> %s", cgiScriptName, virt_dirname_urlencoded, token, ADNIMG); - snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=rsize\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A> %s", cgiScriptName, virt_dirname_urlencoded, rt.token, ADNIMG); + snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); } else if(strcmp(sortby, "rsize")==0) { - snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A> %s", cgiScriptName, virt_dirname_urlencoded, token, AUPIMG); - snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A> %s", cgiScriptName, virt_dirname_urlencoded, rt.token, AUPIMG); + snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); } else if(strcmp(sortby, "date")==0) { - snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=rdate\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A> %s", cgiScriptName, virt_dirname_urlencoded, token, ADNIMG); + snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=rdate\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A> %s", cgiScriptName, virt_dirname_urlencoded, rt.token, ADNIMG); } else if(strcmp(sortby, "rdate")==0) { - snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A> %s", cgiScriptName, virt_dirname_urlencoded, token, AUPIMG); + snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A> %s", cgiScriptName, virt_dirname_urlencoded, rt.token, AUPIMG); } else if(strcmp(sortby, "name")==0) { - snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=rname\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A> %s", cgiScriptName, virt_dirname_urlencoded, token, ADNIMG); - snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=rname\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A> %s", cgiScriptName, virt_dirname_urlencoded, rt.token, ADNIMG); + snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); } else if(strcmp(sortby, "rname")==0) { - snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A> %s", cgiScriptName, virt_dirname_urlencoded, token, AUPIMG); - snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A> %s", cgiScriptName, virt_dirname_urlencoded, rt.token, AUPIMG); + snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); } else { - snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=name\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Filename</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=size\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Size</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " <A HREF=\"%s?directory=%s&token=%s&sortby=date\" STYLE=\"text-decoration: none; color:#FFFFFF;\">Modified</A>", cgiScriptName, virt_dirname_urlencoded, rt.token); } @@ -346,7 +346,7 @@ void dirlist(void) { "<TD NOWRAP ALIGN=\"left\" WIDTH=\"50%%\" BGCOLOR=\"#A0A0A0\">\n" "<FONT COLOR=\"#FFFFFF\">\n"); - if(js) fprintf(cgiOut, + if(rt.js) fprintf(cgiOut, "<INPUT TYPE=\"CHECKBOX\" NAME=\"CHECKALL\" STYLE=\"padding: 0px; border: none;\" ONCLICK=\"checkUncheckAll(this, multiselect_filename);\">\n"); fprintf(cgiOut, @@ -410,7 +410,7 @@ void dirlist(void) { } else { icon=DIRIMG; - if(js) { + if(rt.js) { linecolor=tNORMAL_COLOR; } else { @@ -429,7 +429,7 @@ void dirlist(void) { fprintf(cgiOut, "<TR BGCOLOR=\"#%s\" ", linecolor); - if(js) + if(rt.js) fprintf(cgiOut, "onMouseOver=\"this.bgColor='#%s';\" onMouseOut=\"this.bgColor='#%s';\"", tHL_COLOR, linecolor); @@ -444,7 +444,7 @@ void dirlist(void) { "<TD NOWRAP ALIGN=\"RIGHT\"><SPAN TITLE=\"Created:%s\n Modified:%s\n Accessed:%s\n\">%s %s</FONT></SPAN></TD>\n"\ "<TD NOWRAP > </TD>"\ "<TD NOWRAP ALIGN=\"LEFT\">", - cgiScriptName, sortby, (strcmp(virt_dirname, "/")==0) ? "" : virt_dirname_urlencoded, name_urlencoded, token, icon, name, + cgiScriptName, sortby, (strcmp(virt_dirname, "/")==0) ? "" : virt_dirname_urlencoded, name_urlencoded, rt.token, icon, name, buprintf(size, TRUE), rtime, mtime, atime, stime, mtime); // rename @@ -452,14 +452,14 @@ void dirlist(void) { "<A HREF=\"%s?action=rename_prompt&directory=%s&filename=%s&token=%s\" TITLE=\"Rename '%s'\">\n"\ "<IMG SRC=\"%srename.gif\" BORDER=0 WIDTH=16 HEIGHT=16 ALT=\"Rename File\">\n"\ "</A>\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); // move fprintf(cgiOut, "\n"\ "<A HREF=\"%s?action=move_prompt&directory=%s&filename=%s&token=%s\" TITLE=\"Move '%s'\">\n"\ "<IMG SRC=\"%smove.gif\" BORDER=0 WIDTH=16 HEIGHT=16 ALT=\"Move File\">\n"\ "</A>\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); // delete fprintf(cgiOut, "\n"\ @@ -468,7 +468,7 @@ void dirlist(void) { "</A>\n"\ "</TD>\n"\ "</TR>\n\n\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); totalsize+=size; n++; @@ -510,14 +510,14 @@ void dirlist(void) { else if(regexec(®_iso, name, 0, 0, 0)==0) { icon=ISOIMG; editable=0; } else { icon=GENIMG; editable=0; } - if(edit_any_file) { editable=1; } + if(cfg.edit_any_file) { editable=1; } if(strcmp(highlight, name)==0) { icon=NEWIMG; linecolor=tHIGH_COLOR; } else { - if(js) { + if(rt.js) { linecolor=tNORMAL_COLOR; } else { @@ -535,14 +535,14 @@ void dirlist(void) { fprintf(cgiOut, "<TR BGCOLOR=\"#%s\" ", linecolor); - if(js) + if(rt.js) fprintf(cgiOut, "onMouseOver=\"this.bgColor='#%s';\" onMouseOut=\"this.bgColor='#%s';\"", tHL_COLOR, linecolor); fprintf(cgiOut, ">\n<TD NOWRAP ALIGN=\"LEFT\"><INPUT TYPE=\"CHECKBOX\" NAME=\"multiselect_filename\" STYLE=\"border: none;\" VALUE=\"%s\">" "<A HREF=\"%s?action=%s&directory=%s&filename=%s&token=%s\" TITLE=\"Open '%s'\">%s %s</A></TD>\n", - name, cgiScriptName, (edit_by_default && editable) ? "edit" : "sendfile", virt_dirname_urlencoded, name_urlencoded, token, name, icon, name); + name, cgiScriptName, (cfg.edit_by_default && editable) ? "edit" : "sendfile", virt_dirname_urlencoded, name_urlencoded, rt.token, name, icon, name); // size / date @@ -562,7 +562,7 @@ void dirlist(void) { "<A HREF=\"%s?action=rename_prompt&directory=%s&filename=%s&token=%s\" TITLE=\"Rename '%s'\">\n" "<IMG SRC=\"%srename.gif\" BORDER=0 WIDTH=16 HEIGHT=16 ALT=\"Rename File\">\n" "</A>\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); // move fprintf(cgiOut, @@ -570,7 +570,7 @@ void dirlist(void) { "<A HREF=\"%s?action=move_prompt&directory=%s&filename=%s&token=%s\" TITLE=\"Move '%s'\">" "<IMG SRC=\"%smove.gif\" BORDER=0 WIDTH=16 HEIGHT=16 ALT=\"Move '%s'\">\n" "</A>\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL, name); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl, name); // delete fprintf(cgiOut, @@ -579,22 +579,22 @@ void dirlist(void) { "TITLE=\"Remove '%s'\"> \n" "<IMG SRC=\"%sdelete.gif\" BORDER=0 WIDTH=16 HEIGHT=16 ALT=\"Delete File\">\n" "</A>\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); // view - if(strlen(HOMEURL)>4) + if(strlen(cfg.homeurl)>4) fprintf(cgiOut, "\n" "<A HREF=\"%s%s%s/%s\" TITLE=\"Preview '%s' In Browser\">\n" "<IMG SRC=\"%sext.gif\" BORDER=0 WIDTH=16 HEIGHT=16 ALT=\"Preview '%s' In Browser\" >\n" "</A>\n", - HOMEURL, (virt_dirname[0]!='/') ? "/" : "", (strcmp(virt_dirname, "/")==0) ? "" : virt_dirname, name, name, ICONSURL, name); + cfg.homeurl, (virt_dirname[0]!='/') ? "/" : "", (strcmp(virt_dirname, "/")==0) ? "" : virt_dirname, name, name, rt.iconsurl, name); // edit for text files.. if(editable) { - if(edit_by_default) + if(cfg.edit_by_default) fprintf(cgiOut, "\n" "<A HREF=\"%s?action=sendfile&directory=%s&filename=%s&token=%s\" TITLE=\"Download '%s'\">\n" @@ -602,7 +602,7 @@ void dirlist(void) { "</A>\n" "</TD>\n" "</TR>\n\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); else fprintf(cgiOut, "\n" @@ -611,7 +611,7 @@ void dirlist(void) { "</A>\n" "</TD>\n" "</TR>\n\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); } else { fprintf(cgiOut, @@ -116,7 +116,7 @@ void receivefile(void) { wfm_commit(CHANGE, NULL); - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, rt.token); } @@ -138,7 +138,7 @@ void mkfile(void) { wfm_commit(CHANGE, NULL); - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, rt.token); } @@ -153,7 +153,7 @@ void newdir(void) { if(mkdir(phys_filename, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH )!=0) error("Unable to create directory.<BR>%s", strerror(errno)); - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, rt.token); } @@ -245,7 +245,7 @@ void edit_save(void) { wfm_commit(CHANGE, NULL); - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, rt.token); } // @@ -333,7 +333,7 @@ void delete(void) { } } - redirect("%s?directory=%s&token=%s", cgiScriptName, virt_dirname_urlencoded, token); + redirect("%s?directory=%s&rt.token=%s", cgiScriptName, virt_dirname_urlencoded, rt.token); } // @@ -379,7 +379,7 @@ void move(void) { } } - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, url_encode(virt_destination), virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, url_encode(virt_destination), virt_dirname_urlencoded, rt.token); } @@ -436,18 +436,18 @@ void re_dir_ui(char *vdir, int level) { int n; int nentr, e; - snprintf(re_phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", HOMEDIR, vdir); + snprintf(re_phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", cfg.homedir, vdir); if(strlen(re_phys_dirname)<2 || strlen(re_phys_dirname)>(PHYS_DIRNAME_SIZE-2)) error("Invalid directory name."); if(regexec(&dotdot, re_phys_dirname, 0, 0, 0)==0) error("Invalid directory name."); - if(strlen(re_phys_dirname) < strlen(HOMEDIR)) error("Invalid directory name."); + if(strlen(re_phys_dirname) < strlen(cfg.homedir)) error("Invalid directory name."); nentr=scandir(re_phys_dirname, &direntry, 0, alphasort); for(e=0; e<nentr; e++) { - snprintf(phy_child, PHYS_DIRNAME_SIZE, "%s/%s/%s", HOMEDIR, vdir, direntry[e]->d_name); + snprintf(phy_child, PHYS_DIRNAME_SIZE, "%s/%s/%s", cfg.homedir, vdir, direntry[e]->d_name); if((direntry[e]->d_name[0]!='.') && (lstat(phy_child, &fileinfo)==0) && S_ISDIR(fileinfo.st_mode)) { @@ -458,10 +458,10 @@ void re_dir_ui(char *vdir, int level) { for (n=0; n<(level-1); n++) fprintf(cgiOut, " "); - fprintf(cgiOut, "%s %s</OPTION>\n", (js) ? "├" : "-", direntry[e]->d_name); + fprintf(cgiOut, "%s %s</OPTION>\n", (rt.js) ? "├" : "-", direntry[e]->d_name); // recurse - if(!largeset) + if(!cfg.largeset) re_dir_ui(child,level+1); } free(direntry[e]); @@ -561,7 +561,7 @@ int asscandir(const char *dir, ASDIR **namelist, int (*compar)(const void *, con memset(&names[entries], 0, sizeof(ASDIR)); strcpy(names[entries].name, entry->d_name); names[entries].type=fileinfo.st_mode; - if(S_ISDIR(fileinfo.st_mode) && recursive_du) + if(S_ISDIR(fileinfo.st_mode) && cfg.recursive_du) names[entries].size=du(filename); else names[entries].size=fileinfo.st_size; @@ -9,7 +9,7 @@ void html_title(char *msg) { HTML_HEADER "<LINK REL=\"icon\" TYPE=\"image/gif\" HREF=\"%s%s\">\n" "<TITLE>%s : %s</TITLE>\n", - ICONSURL, FAVICON, TAGLINE, msg); // (strlen(virt_dirname)>0) ? ' ' : '/', TAGLINE, virt_dirname + rt.iconsurl, cfg.favicon, cfg.tagline, msg); // (strlen(virt_dirname)>0) ? ' ' : '/', TAGLINE, virt_dirname } @@ -104,14 +104,15 @@ char *md5hash(char *str, ...) { // // WFM Login Procedure -// Called from WFM main procedure if no sufficient access permission available +// Called from WFM main procedure if no sufficient access permission available and no +// JavaScript is available in the browser. Normally client side genrates the auth token. // void login(void) { char username[64]={0}; char password[64]={0}; - cgiFormStringNoNewlines("username", username, sizeof(username)); // only used if JavaScript is - cgiFormStringNoNewlines("password", password, sizeof(password)); // not available in the browser + cgiFormStringNoNewlines("username", username, sizeof(username)); + cgiFormStringNoNewlines("password", password, sizeof(password)); if(strlen(username) && strlen(password)) redirect("%s?directory=%s&login=server&token=%s", cgiScriptName, virt_dirname_urlencoded, md5hash("%s:%s", cgiRemoteAddr, md5hash("%s:%s", username, password))); // generate MD5 as if it was the client @@ -134,37 +135,37 @@ void access_check(char *access_string) { if(ipaddr[0]=='*' || strcmp(cgiRemoteAddr, ipaddr)==0) { if(strcmp(type, "ro")==0) - access_level=PERM_RO; + rt.access_level=PERM_RO; else if(strcmp(type, "rw")==0) - access_level=PERM_RW; + rt.access_level=PERM_RW; } } else if(sscanf(access_string, "access-md5pw=%2[^':']:%30[^':']:%63s", type, user, pass)==3) { - users_defined=1; + cfg.users_defined=1; // perform user auth by comparing user supplied token with system generated token - if(strcmp(md5hash("%s:%s", cgiRemoteAddr, pass), token)==0) { + if(strcmp(md5hash("%s:%s", cgiRemoteAddr, pass), rt.token)==0) { if(strcmp(type, "ro")==0) - access_level=PERM_RO; + rt.access_level=PERM_RO; else if(strcmp(type, "rw")==0) - access_level=PERM_RW; + rt.access_level=PERM_RW; - access_as_user=1; - strncpy(loggedinuser, user, sizeof(loggedinuser)); + rt.access_as_user=1; + strncpy(rt.loggedinuser, user, sizeof(rt.loggedinuser)); } } else if(sscanf(access_string, "access-htauth=%2[^':']:%30s", type, user)==2) { - users_defined=1; + cfg.users_defined=1; if(user[0]=='*' || (getenv("REMOTE_USER") && strcmp(user, getenv("REMOTE_USER"))==0)) { if(strcmp(type, "ro")==0) - access_level=PERM_RO; + rt.access_level=PERM_RO; else if(strcmp(type, "rw")==0) - access_level=PERM_RW; + rt.access_level=PERM_RW; - access_as_user=1; - strncpy(loggedinuser, getenv("REMOTE_USER"), sizeof(loggedinuser)); + rt.access_as_user=1; + strncpy(rt.loggedinuser, getenv("REMOTE_USER"), sizeof(rt.loggedinuser)); } } } @@ -173,6 +174,7 @@ void access_check(char *access_string) { // // Check filename // Should be called by every function that uses filename +// Function can be passed implicit filename or use the global variable // void checkfilename(char *inp_filename) { char temp_dirname[PHYS_FILENAME_SIZE]={0}; @@ -205,13 +207,14 @@ void checkfilename(char *inp_filename) { strncpy(virt_filename, bname, VIRT_FILENAME_SIZE); snprintf(phys_filename, PHYS_FILENAME_SIZE, "%s/%s", phys_dirname, virt_filename); + // Do checks if(!strlen(phys_filename) || strlen(phys_filename)>(PHYS_FILENAME_SIZE-2)) error("Invalid phys_filename lenght [%d]", strlen(phys_filename)); if(!strlen(virt_filename) || strlen(virt_filename)>(VIRT_FILENAME_SIZE-2)) error("Invalid virt_filename lenght [%d]", strlen(virt_filename)); if(regexec(&dotdot, phys_filename, 0, 0, 0)==0) error("Double dots in pfilename"); if(regexec(&dotdot, virt_filename, 0, 0, 0)==0) error("Double dots in vfilename"); strncpy(temp_dirname, phys_filename, PHYS_FILENAME_SIZE); - if(strlen(dirname(temp_dirname)) < strlen(HOMEDIR)) error("Invalid directory name."); + if(strlen(dirname(temp_dirname)) < strlen(cfg.homedir)) error("Invalid directory name."); virt_filename_urlencoded=url_encode(virt_filename); } @@ -227,7 +230,7 @@ void checkdestination(void) { strip(virt_destination, VIRT_DESTINATION_SIZE, VALIDCHRS_DIR); cgiFormInteger("absdst", &absolute_destination, 0); // move operation relies on absolute paths if(absolute_destination) - snprintf(phys_destination, PHYS_DESTINATION_SIZE, "%s/%s", HOMEDIR, virt_destination); + snprintf(phys_destination, PHYS_DESTINATION_SIZE, "%s/%s", cfg.homedir, virt_destination); else snprintf(phys_destination, PHYS_DESTINATION_SIZE, "%s/%s", phys_dirname, virt_destination); @@ -246,13 +249,13 @@ void checkdirectory(void) { cgiFormStringNoNewlines("directory", virt_dirname, VIRT_DIRNAME_SIZE); strip(virt_dirname, VIRT_DIRNAME_SIZE, VALIDCHRS_DIR); - snprintf(phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", HOMEDIR, virt_dirname); + snprintf(phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", cfg.homedir, virt_dirname); if(strlen(phys_dirname)<2 || strlen(phys_dirname)>(PHYS_DIRNAME_SIZE-2)) error("Invalid directory name."); if(regexec(&dotdot, phys_dirname, 0, 0, 0)==0) error("Invalid directory name."); - if(strlen(phys_dirname) < strlen(HOMEDIR)) error("Invalid directory name."); + if(strlen(phys_dirname) < strlen(cfg.homedir)) error("Invalid directory name."); if(!strlen(virt_dirname)) strcpy(virt_dirname, "/"); @@ -342,7 +345,7 @@ int strsplit(char *src, char ***dst, char *sep) { char *c; int n = 0; - while (c = strpbrk(src, sep)) { + while ((c = strpbrk(src, sep))) { while (c == src) { src++; c = strpbrk(src, sep); @@ -361,7 +364,7 @@ int strsplit(char *src, char ***dst, char *sep) { src = src_org; n = 0; - while (c = strpbrk(src, sep)) { + while ((c = strpbrk(src, sep))) { while (c == src) { src++; c = strpbrk(src, sep); @@ -435,6 +438,7 @@ void dbgprintf(char *msg, ...) { fprintf(f, "DEBUG: %s\n", buff); + fflush(f); fclose(f); } @@ -455,12 +459,12 @@ void redirect(char *location, ...) { cgiHeaderLocation(buff); } + // -// CGI entry +// Load and process config file +// Invoke Access Check // -int cgiMain(void) { - char action[32]={0}; - char ea[8]={0}; +void cfgload(void) { FILE *cfgfile; char cfgname[128]={0}; char cfgline[256]={0}; @@ -474,118 +478,118 @@ int cgiMain(void) { char c_largeset[]="large-file-set=true"; char c_access[]="access"; - // early action - simple actions before cfg is read or access check performed (no security!) - cgiFormStringNoNewlines("ea", ea, sizeof(ea)); - if(strcmp(ea, "icon")==0) icon(); - if(strcmp(ea, "upstat")==0) upload_status(); - - // normal initialization - tstart(); - - if(regcomp(&dotdot, "\\.\\.", REG_EXTENDED | REG_ICASE)!=0) - error("Regex compilation problem.<BR>%s", strerror(errno)); - - fprintf(cgiOut, "Cache-Control: max-age=0, private\r\nExpires: -1\r\n"); - - memset(virt_dirname, 0, VIRT_DIRNAME_SIZE); - memset(phys_dirname, 0, PHYS_DIRNAME_SIZE); - memset(virt_filename, 0, VIRT_FILENAME_SIZE); - memset(phys_filename, 0, PHYS_FILENAME_SIZE); - memset(virt_destination, 0, VIRT_DESTINATION_SIZE); - memset(phys_destination, 0, PHYS_DESTINATION_SIZE); - memset(final_destination, 0, PHYS_DESTINATION_SIZE); - memset(virt_parent, 0, VIRT_DIRNAME_SIZE); + memset(&cfg, 0, sizeof(cfg)); + memset(&rt, 0, sizeof(rt)); - snprintf(ICONSURL, sizeof(ICONSURL), "%s?ea=icon&name=", cgiScriptName); - + cgiFormStringNoNewlines("token", rt.token, sizeof(rt.token)); + snprintf(rt.iconsurl, sizeof(rt.iconsurl), "%s?ea=icon&name=", cgiScriptName); - // config file defaults - access_level=PERM_NO; // no access by default - access_as_user=0; - users_defined=0; - edit_by_default=0; // for .txt files - edit_any_file=0; - recursive_du=0; - largeset=0; - - memset(HOMEDIR, 0, sizeof(HOMEDIR)); - memset(HOMEURL, 0, sizeof(HOMEURL)); - memset(TAGLINE, 0, sizeof(TAGLINE)); - memset(FAVICON, 0, sizeof(FAVICON)); - - // process config file - cgiFormStringNoNewlines("token", token, sizeof(token)); snprintf(cfgname, sizeof(cfgname), "%s.cfg", basename(cgiScriptName)); cfgfile=fopen(cfgname, "r"); if(!cfgfile) error("Unable to open configuration file %s.<BR>%s", cfgname, strerror(errno)); - + while(fgets(cfgline, sizeof(cfgline), cfgfile)) { if((*cfgline==';')||(*cfgline=='/')||(*cfgline=='#')||(*cfgline=='\n')) continue; - else if(strncmp(cfgline, c_homedir, strlen(c_homedir))==0) strncpy(HOMEDIR, cfgline+strlen(c_homedir), sizeof(HOMEDIR)); - else if(strncmp(cfgline, c_homeurl, strlen(c_homeurl))==0) strncpy(HOMEURL, cfgline+strlen(c_homeurl), sizeof(HOMEURL)); - else if(strncmp(cfgline, c_tagline, strlen(c_tagline))==0) strncpy(TAGLINE, cfgline+strlen(c_tagline), sizeof(TAGLINE)); - else if(strncmp(cfgline, c_favicon, strlen(c_favicon))==0) strncpy(FAVICON, cfgline+strlen(c_favicon), sizeof(FAVICON)); - else if(strncmp(cfgline, c_editdef, strlen(c_editdef))==0) edit_by_default=1; - else if(strncmp(cfgline, c_editany, strlen(c_editany))==0) edit_any_file=1; - else if(strncmp(cfgline, c_largeset, strlen(c_largeset))==0) largeset=1; - else if(strncmp(cfgline, c_du, strlen(c_du))==0) recursive_du=1; + else if(strncmp(cfgline, c_homedir, strlen(c_homedir))==0) strncpy(cfg.homedir, cfgline+strlen(c_homedir), sizeof(cfg.homedir)); + else if(strncmp(cfgline, c_homeurl, strlen(c_homeurl))==0) strncpy(cfg.homeurl, cfgline+strlen(c_homeurl), sizeof(cfg.homeurl)); + else if(strncmp(cfgline, c_tagline, strlen(c_tagline))==0) strncpy(cfg.tagline, cfgline+strlen(c_tagline), sizeof(cfg.tagline)); + else if(strncmp(cfgline, c_favicon, strlen(c_favicon))==0) strncpy(cfg.favicon, cfgline+strlen(c_favicon), sizeof(cfg.favicon)); + else if(strncmp(cfgline, c_editdef, strlen(c_editdef))==0) cfg.edit_by_default=1; + else if(strncmp(cfgline, c_editany, strlen(c_editany))==0) cfg.edit_any_file=1; + else if(strncmp(cfgline, c_largeset, strlen(c_largeset))==0) cfg.largeset=1; + else if(strncmp(cfgline, c_du, strlen(c_du))==0) cfg.recursive_du=1; else if(strncmp(cfgline, c_access, strlen(c_access))==0) access_check(cfgline); } fclose(cfgfile); // remove newlines - if(strlen(HOMEDIR)>2) HOMEDIR[strlen(HOMEDIR)-1]='\0'; - if(strlen(HOMEURL)>2) HOMEURL[strlen(HOMEURL)-1]='\0'; - if(strlen(TAGLINE)>2) TAGLINE[strlen(TAGLINE)-1]='\0'; - if(strlen(FAVICON)>2) FAVICON[strlen(FAVICON)-1]='\0'; + if(strlen(cfg.homedir)>2) cfg.homedir[strlen(cfg.homedir)-1]='\0'; + if(strlen(cfg.homeurl)>2) cfg.homeurl[strlen(cfg.homeurl)-1]='\0'; + if(strlen(cfg.tagline)>2) cfg.tagline[strlen(cfg.tagline)-1]='\0'; + if(strlen(cfg.favicon)>2) cfg.favicon[strlen(cfg.favicon)-1]='\0'; // do checks - if(strlen(HOMEDIR) < 4 || *HOMEDIR!='/') + if(strlen(cfg.homedir) < 4) error("Home directory not defined."); - if(!strlen(TAGLINE)) - strcpy(TAGLINE, "Web File Manager"); + if(cfg.homedir[0]!='/') + error("Home directory must be absolute path."); - if(!strlen(FAVICON)) - strcpy(FAVICON, "wfmicon.gif"); + if(!strlen(cfg.tagline)) + strcpy(cfg.tagline, "Web File Manager"); + + if(!strlen(cfg.favicon)) + strcpy(cfg.favicon, "wfmicon.gif"); - snprintf(VALIDCHRS_DIR, sizeof(VALIDCHRS_DIR), "%s/", VALIDCHRS); checkdirectory(); + // JavaScript check - if(strncmp(cgiUserAgent, "Mozilla/5", 9)==0) js=2; - else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 6", 31)==0) js=2; - else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 7", 31)==0) js=2; - else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 8", 31)==0) js=2; - else if(strncmp(cgiUserAgent, "Mozilla/4", 9)==0) js=1; - else js=0; + if(strncmp(cgiUserAgent, "Mozilla/5", 9)==0) rt.js=2; + else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 6", 31)==0) rt.js=2; + else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 7", 31)==0) rt.js=2; + else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 8", 31)==0) rt.js=2; + else if(strncmp(cgiUserAgent, "Mozilla/4", 9)==0) rt.js=1; + else rt.js=0; + +} + +// +// WFM Entry +// +int cgiMain(void) { + char action[32]={0}; + char ea[8]={0}; + + // early action - simple actions before cfg is read or access check performed (no authentication!) + cgiFormStringNoNewlines("ea", ea, sizeof(ea)); + if(strcmp(ea, "icon")==0) icon(); + if(strcmp(ea, "upstat")==0) upload_status(); + + // normal initialization + tstart(); + + fprintf(cgiOut, "Cache-Control: max-age=0, private\r\nExpires: -1\r\n"); + + memset(virt_dirname, 0, VIRT_DIRNAME_SIZE); + memset(phys_dirname, 0, PHYS_DIRNAME_SIZE); + memset(virt_filename, 0, VIRT_FILENAME_SIZE); + memset(phys_filename, 0, PHYS_FILENAME_SIZE); + memset(virt_destination, 0, VIRT_DESTINATION_SIZE); + memset(phys_destination, 0, PHYS_DESTINATION_SIZE); + memset(final_destination, 0, PHYS_DESTINATION_SIZE); + memset(virt_parent, 0, VIRT_DIRNAME_SIZE); + + cfgload(); + + // main routine - regular actions cgiFormStringNoNewlines("action", action, sizeof(action)); - if(cgiFormSubmitClicked("noop")==cgiFormSuccess && access_level >= PERM_RO) dirlist(); - else if(cgiFormSubmitClicked("multi_delete_prompt")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("delete"); - else if(cgiFormSubmitClicked("multi_delete_prompt.x")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("delete"); - else if(cgiFormSubmitClicked("multi_move_prompt")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("move"); - else if(cgiFormSubmitClicked("multi_move_prompt.x")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("move"); - else if(cgiFormSubmitClicked("upload")==cgiFormSuccess && access_level >= PERM_RW) receivefile(); - else if(strcmp(action, "sendfile")==0 && access_level >= PERM_RO) sendfile(); - else if(strcmp(action, "delete")==0 && access_level >= PERM_RW) delete(); - else if(strcmp(action, "delete_prompt")==0 && access_level >= PERM_RW) multiprompt_ui("delete"); - else if(strcmp(action, "move_prompt")==0 && access_level >= PERM_RW) multiprompt_ui("move"); - else if(strcmp(action, "rename_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("move"); - else if(strcmp(action, "move")==0 && access_level >= PERM_RW) move(); - else if(strcmp(action, "edit")==0 && access_level >= PERM_RO) edit_ui(); - else if(strcmp(action, "edit_save")==0 && access_level >= PERM_RW) edit_save(); - else if(strcmp(action, "mkfile")==0 && access_level >= PERM_RW) mkfile(); - else if(strcmp(action, "mkfile_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("mkfile"); - else if(strcmp(action, "mkdir")==0 && access_level >= PERM_RW) newdir(); - else if(strcmp(action, "mkdir_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("mkdir"); - else if(strcmp(action, "about")==0 && access_level >= PERM_RO) about(); - else if(strcmp(action, "login")==0 ) login(); - else if( access_level >= PERM_RO) dirlist(); + if(cgiFormSubmitClicked("noop")==cgiFormSuccess && rt.access_level >= PERM_RO) dirlist(); + else if(cgiFormSubmitClicked("multi_delete_prompt")==cgiFormSuccess && rt.access_level >= PERM_RO) multiprompt_ui("delete"); + else if(cgiFormSubmitClicked("multi_delete_prompt.x")==cgiFormSuccess && rt.access_level >= PERM_RO) multiprompt_ui("delete"); + else if(cgiFormSubmitClicked("multi_move_prompt")==cgiFormSuccess && rt.access_level >= PERM_RO) multiprompt_ui("move"); + else if(cgiFormSubmitClicked("multi_move_prompt.x")==cgiFormSuccess && rt.access_level >= PERM_RO) multiprompt_ui("move"); + else if(cgiFormSubmitClicked("upload")==cgiFormSuccess && rt.access_level >= PERM_RW) receivefile(); + else if(strcmp(action, "sendfile")==0 && rt.access_level >= PERM_RO) sendfile(); + else if(strcmp(action, "delete")==0 && rt.access_level >= PERM_RW) delete(); + else if(strcmp(action, "delete_prompt")==0 && rt.access_level >= PERM_RW) multiprompt_ui("delete"); + else if(strcmp(action, "move_prompt")==0 && rt.access_level >= PERM_RW) multiprompt_ui("move"); + else if(strcmp(action, "rename_prompt")==0 && rt.access_level >= PERM_RW) singleprompt_ui("move"); + else if(strcmp(action, "move")==0 && rt.access_level >= PERM_RW) move(); + else if(strcmp(action, "edit")==0 && rt.access_level >= PERM_RO) edit_ui(); + else if(strcmp(action, "edit_save")==0 && rt.access_level >= PERM_RW) edit_save(); + else if(strcmp(action, "mkfile")==0 && rt.access_level >= PERM_RW) mkfile(); + else if(strcmp(action, "mkfile_prompt")==0 && rt.access_level >= PERM_RW) singleprompt_ui("mkfile"); + else if(strcmp(action, "mkdir")==0 && rt.access_level >= PERM_RW) newdir(); + else if(strcmp(action, "mkdir_prompt")==0 && rt.access_level >= PERM_RW) singleprompt_ui("mkdir"); + else if(strcmp(action, "about")==0 && rt.access_level >= PERM_RO) about(); + else if(strcmp(action, "login")==0 ) login(); + else if( rt.access_level >= PERM_RO) dirlist(); else - if(users_defined) // if users present but supplied credentials didn't match, or credentials not specified + if(cfg.users_defined) // if users present but supplied credentials didn't match, or credentials not specified redirect("%s?action=login", cgiScriptName); else error("Access Denied."); @@ -1,5 +1,5 @@ -#define VERSION "1.3.3" -#define copyright "<!-- WFM Version " VERSION ", Mountain View, CA, " __DATE__ " [" __TIME__ "] -->\n" \ +#define VERSION "1.4.0" +#define COPYRIGHT "<!-- WFM Version " VERSION ", Mountain View, CA, " __DATE__ " [" __TIME__ "] -->\n" \ "<!-- Copyright (c) 1994-2018 by Antoni Sawicki -->\n" #define FONT_SIZE "13px" @@ -22,7 +22,7 @@ "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n" \ " \"http://www.w3.org/TR/html4/loose.dtd\">\n" \ "<HTML LANG=\"en\">\n" \ - copyright \ + COPYRIGHT \ "<HEAD>\n" \ " <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html;charset=US-ASCII\">\n" \ " <META HTTP-EQUIV=\"Content-Language\" CONTENT=\"en-US\">\n" \ @@ -61,7 +61,7 @@ #include "wfmiconres.h" #define VALIDCHRS "an ()[]{}-_.,!@#$%^&=+;" -char VALIDCHRS_DIR[256]; // above + / +#define VALIDCHRS_DIR "an ()[]{}-_.,!@#$%^&=+;/" #define P1024_1 1024.0f @@ -90,25 +90,29 @@ char final_destination[PHYS_DESTINATION_SIZE]; char virt_parent[VIRT_DIRNAME_SIZE]; char *virt_parent_urlencoded; -char ICONSURL[1024]; -char HOMEDIR[1024]; -char HOMEURL[1024]; -char TAGLINE[1024]; -char FAVICON[1024]; - -char token[256]; -char loggedinuser[64]; regex_t dotdot; -int access_level; -int access_as_user; -int users_defined; -int edit_by_default; -int edit_any_file; -int recursive_du; -int largeset; -int js; +struct config_struct { + int users_defined; + int edit_by_default; + int edit_any_file; + int recursive_du; + int largeset; + char homedir[1024]; + char homeurl[1024]; + char tagline[1024]; + char favicon[1024]; +} cfg; + +struct runtime_struct { + char token[256]; + char iconsurl[1024]; + char loggedinuser[64]; + int access_level; + int access_as_user; + int js; +} rt; double t1, t2; struct timeval mt; @@ -117,6 +121,7 @@ enum { FALSE, TRUE }; enum { PERM_NO, PERM_RO, PERM_RW }; enum { CHANGE, DELETE, MOVE }; + typedef struct asdir_ { char name[NAME_MAX]; mode_t type; |