3 # Outputs HTML for a frame-based file chooser
5 BEGIN { push(@INC, ".."); };
8 @icon_map = ( "c", "text.gif",
19 $trust_unknown_referers = 1;
21 if (&get_product_name() eq 'usermin') {
22 &switch_to_remote_user();
24 %access = &get_module_acl();
26 # Work out root directory
27 local @uinfo = getpwnam($remote_user);
28 if (!$access{'root'}) {
29 $rootdir = $uinfo[7] ? $uinfo[7] : "/";
32 $rootdir = $access{'root'};
33 $rootdir =~ s/^\~/$uinfo[7]/;
36 # Switch to correct Unix user
37 if (&supports_users()) {
38 if (&get_product_name() eq 'usermin') {
39 # Always run as Usermin login
40 &switch_to_remote_user();
44 $fileunix = $access{'fileunix'} || $remote_user;
45 @uinfo = getpwnam($fileunix);
47 &switch_to_unix_user(\@uinfo);
52 &ReadParse(undef, undef, 1);
53 if ($gconfig{'os_type'} eq 'windows') {
54 # On Windows, chroot should be empty if not use, and default path
56 if ($in{'chroot'} eq "/") {
59 if ($rootdir eq "/") {
64 # Only use last filename by default
65 $in{'file'} =~ s/\s+$//;
66 if ($in{'file'} =~ /\n(.*)$/) {
70 if ($in{'file'} =~ /^(([a-z]:)?.*\/)([^\/]*)$/i && $in{'file'} !~ /\.\./) {
71 # File entered is valid
76 # Fall back to default
78 $dir .= '/' if ($dir !~ /\/$/);
81 $add = int($in{'add'});
83 if (!(-d $in{'chroot'}.$dir)) {
84 # Entered directory does not exist
88 if (!&allowed_dir($dir)) {
89 # Directory is outside allowed root
94 # Work out the top allowed dir
95 $topdir = $rootdir eq "/" || $rootdir eq "c:" ? $rootdir :
96 $access{'otherdirs'} ? "/" : $rootdir;
97 $uchroot = &urlize($in{'chroot'});
98 $utype = &urlize($in{'type'});
99 $ufile = &urlize($in{'file'});
101 if ($in{'frame'} == 0) {
104 if ($in{'type'} == 0) {
105 print "<title>$text{'chooser_title1'}</title>\n";
107 elsif ($in{'type'} == 1) {
108 print "<title>$text{'chooser_title2'}</title>\n";
110 print "<frameset rows='*,50'>\n";
111 print "<frame marginwidth=5 marginheight=5 name=topframe ",
112 "src=\"chooser.cgi?frame=1&file=".$ufile.
113 "&chroot=".$uchroot."&type=".$utype."&add=$add\">\n";
114 print "<frame marginwidth=0 marginheight=0 name=bottomframe ",
115 "src=\"chooser.cgi?frame=2&file=".$ufile.
116 "&chroot=".$uchroot."&type=".$utype."&add=$add\" scrolling=no>\n";
117 print "</frameset>\n";
119 elsif ($in{'frame'} == 1) {
120 # List of files in this directory
124 function fileclick(f, d)
126 curr = top.frames[1].document.forms[0].elements[1].value;
128 // Double-click! Enter directory or select file
130 // Enter this directory
131 location = "chooser.cgi?frame=1&add=$add&chroot=$uchroot&type=$utype&file="+f+"/";
134 // Select this file and close the window
136 top.opener.ifield.value = f;
139 if (top.opener.ifield.value != "") {
140 top.opener.ifield.value += "\\n";
142 top.opener.ifield.value += f;
148 top.frames[1].document.forms[0].elements[1].value = f;
152 function parentdir(p)
154 top.frames[1].document.forms[0].elements[1].value = p;
155 location = "chooser.cgi?frame=1&chroot=$uchroot&type=$utype&file="+p;
160 print "<b>",&text('chooser_dir', &html_escape($dir)),"</b>\n";
161 opendir(DIR, $in{'chroot'}.$dir) ||
162 &popup_error(&text('chooser_eopen', "$!"));
163 print &ui_columns_start(undef, 100);
164 foreach $f (sort { $a cmp $b } readdir(DIR)) {
165 $path = "$in{'chroot'}$dir$f";
166 if ($f eq ".") { next; }
167 if ($f eq ".." && ($dir eq "/" || $dir eq $topdir.'/')) { next; }
168 if ($f =~ /^\./ && $f ne ".." && $access{'nodot'}) { next; }
169 if (!(-d $path) && $in{'type'} == 1) { next; }
172 $isdir = 0; undef($icon);
173 if (-d $path) { $icon = "dir.gif"; $isdir = 1; }
174 elsif ($path =~ /\.([^\.\/]+)$/) { $icon = $icon_map{$1}; }
175 if (!$icon) { $icon = "unknown.gif"; }
178 $dir =~ /^(.*\/)[^\/]+\/$/;
179 $link = "<a href=\"\" onClick='parentdir(\""."e_escape($1)."\"); return false'>";
182 $link = "<a href=\"\" onClick='fileclick(\""."e_escape("$dir$f")."\", $isdir); return false'>";
185 push(@cols, "$link<img border=0 src=$gconfig{'webprefix'}/images/$icon></a>");
186 push(@cols, "$link".&html_escape($f)."</a>");
187 push(@cols, &nice_size($st[7]));
188 @tm = localtime($st[9]);
189 push(@cols, sprintf "<tt>%.2d/%s/%.4d</tt>",
190 $tm[3], $text{'smonth_'.($tm[4]+1)}, $tm[5]+1900);
191 push(@cols, sprintf "<tt>%.2d:%.2d</tt>", $tm[2], $tm[1]);
192 print &ui_columns_row(\@cols);
195 print &ui_columns_end();
198 elsif ($in{'frame'} == 2) {
199 # Current file and OK/cancel buttons
203 function filechosen()
206 top.opener.ifield.value = document.forms[0].path.value;
209 if (top.opener.ifield.value != "") {
210 top.opener.ifield.value += "\\n";
212 top.opener.ifield.value += document.forms[0].path.value;
218 print &ui_form_start(undef, undef, undef,
219 "onSubmit='filechosen(); return false'");
220 print &ui_table_start(undef, "width=100%", 2);
221 print &ui_table_row(undef,
222 &ui_submit($text{'chooser_ok'})." ".
223 &ui_textbox("path", $dir.$file, 45, 0, undef,
224 "style='width:90%'"), 2);
225 print &ui_table_end();
226 print &ui_form_end();
231 # Returns 1 if some directory should be listable
235 return 1 if ($rootdir eq "" || $rootdir eq "/" || $rootdir eq "c:");
236 foreach my $allowed ($rootdir, split(/\t+/, $access{'otherdirs'})) {
237 return 1 if (&is_under_directory($allowed, $dir));