. * */ /** * Class for fileserver access * */ class OC_FILES { /** * show a web GUI filebrowser * * @param basedir $basedir * @param dir $dir */ public static function showbrowser($basedir,$dir){ global $CONFIG_DATEFORMAT; $directory=$basedir.'/'.$dir; // exit if try to access files outside our directory if(strstr($dir,'..')<>false) exit(); $directory=realpath($directory); $dirs=explode('/',$dir); // breadcrumb if(count($dirs)>1) { echo(''); echo(''); $currentdir=''; foreach($dirs as $d) { $currentdir.='/'.$d.''; if($d<>'') echo(''); } echo('

home

'.$d.'

'); } // files and directories echo(''); if (is_dir($directory)) { if ($dh = opendir($directory)) { $filesfound=false; while (($file = readdir($dh)) !== false) { if($file<>'.' and $file<>'..'){ $filesfound=true; $stat=stat($directory.'/'.$file); $filetype=filetype($directory .'/'. $file); echo(''); OC_UTIL::showicon($filetype); if($filetype=='dir') echo(''); if($filetype<>'dir') echo(''); if($filetype<>'dir') echo(''); else echo(''); echo(''); echo(''); } } closedir($dh); } } echo('

'.$file.'

'.$file.'

'.$stat['size'].' byte

'.date($CONFIG_DATEFORMAT,$stat['mtime']).'

'); if(!$filesfound) echo('
no files here'); echo(''); } /** * return the cntent of a file * * @param dir $dir * @param file $file */ public static function get($dir,$file){ if(isset($_SESSION['username']) and $_SESSION['username']<>'') { global $CONFIG_DATADIRECTORY; $filename=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$file; // exit if try to access files outside our directory if(strstr($filename,'..')<>false) exit(); OC_LOG::event($_SESSION['username'],3,$dir.'/'.$file); header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='.basename($file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($filename)); readfile($filename); } exit; } } ?>