[fix] cosmetic changes
This commit is contained in:
@ -44,7 +44,7 @@ function fl($str) { return str_replace("<","<",str_replace("\"",""",$str
* @param struing $type
* @return mixed
function variable_get($name, $default = null, $createit_comment = null, $type=null) {
function variable_get($name, $default = null, $createit_comment = null, $type = null) {
global $variables;
return $variables->variable_get($name, $default, $createit_comment, $type);
@ -66,16 +66,16 @@ function variable_get($name, $default = null, $createit_comment = null, $type=nu
function checkhostallow($domain,$dns) {
global $L_NS1,$L_NS2,$db,$dom;
$sizefound = 0;
$found = "";
$db->query("SELECT tld,mode FROM tld;");
while ($db->next_record()) {
list($key,$val) = $db->Record;
if (substr($domain,-1-strlen($key))==".".$key) {
if ($sizefound<strlen($key)) {
$sizefound = strlen($key);
$found = $key;
$fmode = $val;
@ -88,10 +88,10 @@ function checkhostallow($domain,$dns) {
return -2;
if ($fmode>2) // OK, in the case 3 4 5
return $found;
$n1=false; $n2=false;
for ($i=0;$i<count($dns);$i++) {
if (strtolower($dns[$i])==strtolower($L_NS1)) $n1=true;
if (strtolower($dns[$i])==strtolower($L_NS2)) $n2=true;
$n1 = false; $n2 = false;
for ($i = 0;$i<count($dns);$i++) {
if (strtolower($dns[$i])==strtolower($L_NS1)) $n1 = true;
if (strtolower($dns[$i])==strtolower($L_NS2)) $n2 = true;
if ($fmode==1 && $n1) // OK
return $found;
@ -109,16 +109,16 @@ function checkhostallow($domain,$dns) {
function checkhostallow_nodns($domain) {
global $db;
$sizefound = 0;
$found = "";
$db->query("SELECT tld,mode FROM tld;");
while ($db->next_record()) {
list($key,$val) = $db->Record;
if (substr($domain,-1-strlen($key))==".".$key) {
if ($sizefound<strlen($key)) {
$sizefound = strlen($key);
$found = $key;
$fmode = $val;
@ -149,12 +149,12 @@ function get_remote_ip() {
function checkurl($url) {
// TODO : add a path/file check
if (substr($url,0,7)!="http://" && substr($url,0,8)!="https://" && substr($url,0,6)!="ftp://") return false;
if (substr($url,0,7)=="http://" ) $fq=substr($url,7);
if (substr($url,0,8)=="https://") $fq=substr($url,8);
if (substr($url,0,6)=="ftp://" ) $fq=substr($url,6);
if (!is_array($f)) $f=array($f);
if (substr($url,0,7)=="http://" ) $fq = substr($url,7);
if (substr($url,0,8)=="https://") $fq = substr($url,8);
if (substr($url,0,6)=="ftp://" ) $fq = substr($url,6);
$f = explode("/",$fq);
if (!is_array($f)) $f = array($f);
$t = checkfqdn($f[0]);
if ($t) return false;
return true;
@ -235,8 +235,8 @@ function checkfqdn($fqdn) {
// 4. Le fqdn ne fait qu'un seul membre (il n'est donc pas fq...)
if (strlen($fqdn)>255)
return 1;
$members=explode(".", $fqdn);
if (count($members)>1) $ret=0; else $ret=4;
$members = explode(".", $fqdn);
if (count($members)>1) $ret = 0; else $ret = 4;
while (list ($key, $val) = each ($members)) {
if (strlen($val)>63)
@ -262,10 +262,10 @@ function checkfqdn($fqdn) {
function checkuserpath($path) {
global $mem;
$user = $mem->user["login"];
$usar = substr($user,0,1);
if (substr($path,0,1)!="/")
$path = "/".$path;
$rpath = realpath(ALTERNC_HTML."/$usar/$user$path");
if (!$rpath) { // if file or directory does not exist
@ -310,7 +310,7 @@ function cbox($test, $echo = TRUE) {
if ($test) {
$return = " checked=\"checked\"";
} else {
$return = '';
if( $echo ){
echo $return;
@ -331,7 +331,7 @@ function selected($bool, $echo = TRUE) {
if ($bool) {
$return = " selected=\"selected\"";
} else {
$return = '';
if( $echo ){
echo $return;
@ -347,7 +347,7 @@ function selected($bool, $echo = TRUE) {
* @param integer $affiche
* @return string
function ecif($test,$tr,$fa="",$affiche=1) {
function ecif($test,$tr,$fa = "",$affiche = 1) {
if ($test){
$retour = $tr;
@ -375,7 +375,7 @@ function __($str) {
* @param string $fa
* @return string
function ife($test,$tr,$fa="") {
function ife($test,$tr,$fa = "") {
if ($test){
return $tr;
@ -388,33 +388,33 @@ function ife($test,$tr,$fa="") {
* @param integer $html
* @return string
function format_size($size,$html=0) {
function format_size($size,$html = 0) {
// Retourne une taille formatt<74>e en Octets, Kilo-octets, M<>ga-octets ou Giga-Octets, avec 2 d<>cimales.
if ("-" == $size) {
return $size;
$size = (float)$size;
if ($size<1024) {
$r = $size;
if ($size!=1) {
$r.=" "._("Bytes");
} else {
$r.=" "._("Byte");
} else {
$size = $size/1024;
if ($size<1024) {
$r=round($size,2)." "._("Kb");
$r = round($size,2)." "._("Kb");
} else {
$size = $size/1024;
if ($size<1024) {
$r=round($size,2)." "._("Mb");
$r = round($size,2)." "._("Mb");
} else {
$size = $size/1024;
if ($size<1024) {
$r=round($size,2)." "._("Gb");
$r = round($size,2)." "._("Gb");
} else {
$r=round($size/1024,2)." "._("Tb");
$r = round($size/1024,2)." "._("Tb");
@ -448,17 +448,17 @@ function linkhelp($hid) {
* @return string
function format_date($format,$date) {
$d = substr($date,8,2);
$m = substr($date,5,2);
$y = substr($date,0,4);
$h = substr($date,11,2);
$i = substr($date,14,2);
if ($h>12) {
$hh = $h-12;
$am = "pm";
} else {
$hh = $h;
$am = "am";
return sprintf($format,$d,$m,$y,$h,$i,$hh,$am);
@ -482,13 +482,13 @@ function ssla($str) {
* @return string Retourne le mot de passe crypt<EFBFBD>
* @access private
function _md5cr($pass,$salt="") {
function _md5cr($pass,$salt = "") {
if (!$salt) {
for ($i=0;$i<12;$i++) {
$chars = "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ($i = 0;$i<12;$i++) {
$salt = "$1$".$salt;
return crypt($pass,$salt);
@ -536,7 +536,7 @@ function pretty_months($months) {
* @return string Code html pour le drop-down
* @access private
function duration_list($name, $selected=0) {
function duration_list($name, $selected = 0) {
$res = "<select name=\"$name\" id=\"$name\" class=\"inl\">";
foreach(array(0, 1, 2, 3, 4, 6, 12, 24) as $dur) {
@ -568,10 +568,10 @@ function duration_list($name, $selected=0) {
* @param string $cur
* @param boolean $onedim
function eoption($values,$cur,$onedim=false) {
function eoption($values,$cur,$onedim = false) {
if (is_array($values)) {
foreach ($values as $k=>$v) {
if ( $onedim ) $k=$v;
if ( $onedim ) $k = $v;
echo "<option value=\"$k\"";
if ($k==$cur) echo " selected=\"selected\"";
echo ">".$v."</option>";
@ -697,15 +697,15 @@ function list_properties_order($a, $b) {
* @param boolean $echo
* @return string
function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
function pager($offset,$count,$total,$url,$before = "",$after = "",$echo = TRUE) {
$return = "";
if ($offset<=0) $offset="0";
if ($count<=1) $count="1";
if ($total<=0) $total="0";
if ($total<$offset) $offset=max(0,$total-$count);
$offset = intval($offset);
$count = intval($count);
$total = intval($total);
if ($offset<=0) $offset = "0";
if ($count<=1) $count = "1";
if ($total<=0) $total = "0";
if ($total<$offset) $offset = max(0,$total-$count);
if ($total<=$count) { // When there is less element than 1 complete page, just don't do anything :-D
return true;
@ -722,17 +722,17 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
if ($total>(2*$count)) { // On n'affiche le pager central (0 1 2 ...) s'il y a au moins 2 pages.
$return .= " - ";
if (($total<($count*10)) && ($total>$count)) { // moins de 10 pages :
for($i=0;$i<$total/$count;$i++) {
for($i = 0;$i<$total/$count;$i++) {
$o = $i*$count;
if ($offset==$o) {
$return .= $i." ";
} else {
$return .= "<a href=\"".str_replace("%%offset%%",$o,$url)."\">$i</a> ";
$return .= "<a href = \"".str_replace("%%offset%%",$o,$url)."\">$i</a> ";
} else { // Plus de 10 pages, on affiche 0 1 2 , 2 avant et 2 apr<70>s la page courante, et les 3 dernieres
for($i=0;$i<=2;$i++) {
for($i = 0;$i<=2;$i++) {
$o = $i*$count;
if ($offset==$o) {
$return .= $i." ";
} else {
@ -741,11 +741,11 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
if ($offset>=$count && $offset<($total-2*$count)) { // On est entre les milieux ...
// On affiche 2 avant jusque 2 apr<70>s l'offset courant mais sans d<>border sur les indices affich<63>s autour
$start = max(3,intval($offset/$count)-2);
$end = min(intval($offset/$count)+3,intval($total/$count)-3);
if ($start!=3) $return .= " ... ";
for($i=$start;$i<$end;$i++) {
for($i = $start;$i<$end;$i++) {
$o = $i*$count;
if ($offset==$o) {
$return .= $i." ";
} else {
@ -756,8 +756,8 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
} else {
$return .= " ... ";
for($i=intval($total/$count)-3;$i<$total/$count;$i++) {
for($i = intval($total/$count)-3;$i<$total/$count;$i++) {
$o = $i*$count;
if ($offset==$o) {
$return .= $i." ";
} else {
@ -769,7 +769,7 @@ function pager($offset,$count,$total,$url,$before="",$after="",$echo = TRUE) {
// Shall-we show the next page link ?
if ($offset+$count<$total) {
$o = $offset+$count;
$return .= "<a href=\"".str_replace("%%offset%%",$o,$url)."\" alt=\"(Ctl/Alt-s)\" title=\"(Alt-s)\" accesskey=\"s\">"._("Next Page")."</a> ";
} else {
$return .= _("Next Page")." ";
@ -808,8 +808,8 @@ function create_pass($length = 8){
* @param string $fields_to_fill2
* @return int
function display_div_generate_password($pass_size=DEFAULT_PASS_SIZE, $fields_to_fill1="", $fields_to_fill2="") {
function display_div_generate_password($pass_size = DEFAULT_PASS_SIZE, $fields_to_fill1 = "", $fields_to_fill2 = "") {
$id = rand(1,1000);
echo "<div id='z$id' style='display:none;'><a href=\"javascript:generate_password_html('$id',$pass_size,'$fields_to_fill1','$fields_to_fill2');\">";
__("Clic here to generate a password");
echo "</a></div>";
@ -825,9 +825,9 @@ function display_div_generate_password($pass_size=DEFAULT_PASS_SIZE, $fields_to_
* @param int $width
* @param int $height
function display_browser($dir="", $caller="main.dir", $width=350, $height=450) {
function display_browser($dir = "", $caller = "main.dir", $width = 350, $height = 450) {
// Browser id
$bid = "b".rand(1,1000);
echo "<script type=\"text/javascript\">
$(function() {
@ -863,27 +863,6 @@ function display_browser($dir="", $caller="main.dir", $width=350, $height=450) {
* Insere un $wrap_string tous les $max caracteres dans $message
* @param string $message
* @param int $max
* @param string $wrap_string
* @return string
function auto_wrap($message="",$max=10,$wrap_string="<wbr/>") {
$cpt = 0;
$mot = split(" ",$message);
while (isset($mot[$cpt]) && ($mot[$cpt] != "")){
if(@strlen($mot[$cpt]) > $max){
$nvmot = chunk_split ($mot[$cpt], $max, $wrap_string );
$message = str_replace($mot[$cpt], $nvmot, $message);
return $message;
* Converts HSV to RGB values
* -----------------------------------------------------
@ -959,9 +938,9 @@ function hexa($hex)
* @param int $p
* @return string
function PercentToColor($p=0) {
if ($p>100) $p=100;
if ($p<0) $p=0;
function PercentToColor($p = 0) {
if ($p>100) $p = 100;
if ($p<0) $p = 0;
// Pour aller de vert a rouge en passant par jaune et orange
$h = 1+((100-$p)*130/100);
@ -46,34 +46,34 @@ class m_bro {
/** internal cache
var $mime_desc=array();
var $mime_desc = array();
/** internal cache
var $mime_icon=array();
var $mime_icon = array();
/** internal cache
var $mime_type=array();
var $mime_type = array();
/** Internal cache for viewurl
var $cacheurl=array();
var $cacheurl = array();
/** Font choice in the editor */
var $l_editor_font=array("Arial, Helvetica, Sans-serif","Times, Bookman, Serif","Courier New, Courier, Fixed");
var $l_editor_font = array("Arial, Helvetica, Sans-serif","Times, Bookman, Serif","Courier New, Courier, Fixed");
/** font size in the editor */
var $l_editor_size=array("18px","14px","12px","10px","8px","0.8em","0.9em","1em","1.1em","1.2em");
var $l_editor_size = array("18px","14px","12px","10px","8px","0.8em","0.9em","1em","1.1em","1.2em");
* Constructor
function m_bro() {
$this->l_mode=array( 0=>_("1 column, detailed"), 1=>_("2 columns, short"), 2=>_("3 columns, short") );
$this->l_tgz=array( 0=>_("tgz (Linux)"), 1=>_("tar.bz2 (Linux)"), 2=>_("zip (Windows/Dos)"), 3=>_("tar.Z (Unix)") );
$this->l_icons=array( 0=>_("No"), 1=>_("Yes") );
$this->l_createfile=array( 0=>_("Go back to the file manager"), 1=>_("Edit the newly created file") );
$this->l_mode = array( 0=>_("1 column, detailed"), 1=>_("2 columns, short"), 2=>_("3 columns, short") );
$this->l_tgz = array( 0=>_("tgz (Linux)"), 1=>_("tar.bz2 (Linux)"), 2=>_("zip (Windows/Dos)"), 3=>_("tar.Z (Unix)") );
$this->l_icons = array( 0=>_("No"), 1=>_("Yes") );
$this->l_createfile = array( 0=>_("Go back to the file manager"), 1=>_("Edit the newly created file") );
@ -81,7 +81,7 @@ class m_bro {
* @return array
function hook_menu() {
$obj = array(
$obj = array(
'title' => _("File browser"),
'ico' => 'images/folder.png',
'link' => 'bro_main.php',
@ -96,32 +96,32 @@ class m_bro {
* Verifie un dossier relatif au dossier de l'utilisateur courant
* @param string $dir
* @param string $dir
* @global m_mem $mem
* @param string $dir Dossier absolu que l'on souhaite vérifier
* @param boolean $strip
* @return false|string Retourne le nom du dossier vrifi, relatif au
* dossier de l'utilisateur courant, ventuellement corrig.
* @param integer $strip
* @return false|string Retourne le nom du dossier vérifié, relatif au
* dossier de l'utilisateur courant, éventuellement corrigé.
* ou FALSE si le dossier n'est pas dans le dossier de l'utilisateur.
function convertabsolute($dir,$strip=true) {
function convertabsolute($dir,$strip = 1) {
global $mem;
$root = $this->get_user_root($mem->user["login"]);
// Sauvegarde du chemin de base.
$root_alternc = $root ;
$root_alternc = $root ;
// Passage du root en chemin rel (diffrent avec un lien)
$root=realpath($root) ;
$root = realpath($root) ;
// separer le chemin entre le repertoire et le fichier
$file = basename($dir);
$dir = dirname($dir);
$file = basename($dir);
$dir = dirname($dir);
$dir = realpath($root."/".$dir);
// verifier que le repertoire est dans le home de l'usager
if (substr($dir,0,strlen($root))!=$root) {
if (substr($dir,0,strlen($root)) != $root) {
return false;
// recomposer le chemin
$dir = $dir . '/' . $file;
$dir = $dir . '/' . $file;
# Si on tente de mettre un '..' alors erreur
if ( preg_match("/\/\.\.\//", $dir) || preg_match("/\/\.\.$/", $dir) ) {
@ -129,14 +129,14 @@ class m_bro {
if ($strip) {
$dir = substr($dir,strlen($root));
} else {
// si on ne strip pas, il faut enlever le chemin rel
// et mettre la racine d'alternc pour viter les
// problmes de lien depuis /var /alternc !
$dir=$root_alternc . substr($dir,strlen($root));
$dir = $root_alternc . substr($dir,strlen($root));
if (substr($dir,-1)=="/") {
if (substr($dir,-1) == "/") {
return substr($dir,0,strlen($dir)-1);
} else
return $dir;
@ -171,10 +171,10 @@ class m_bro {
function get_userid_root($uid) {
global $admin;
$old_enabled = $admin->enabled;
$admin->enabled = true;
$member = $admin->get($uid);
$admin->enabled = $old_enabled;
$old_enabled = $admin->enabled;
$admin->enabled = true;
$member = $admin->get($uid);
$admin->enabled = $old_enabled;
return $this->get_user_root($member['login']);
@ -185,10 +185,10 @@ class m_bro {
* Ce tableau contient tous les paramtres des fichiers du dossier courant
* sous la forme d'un tableau index de tableaux associatifs comme suit :
* $a["name"]=nom du fichier / dossier
* $a["size"]=Taille totale du fichier / dossier + sous-dossier
* $a["date"]=Date de dernire modification
* $a["type"]=Type du fichier (1 pour fichier, 0 pour dossier)
* $a["name"] = nom du fichier / dossier
* $a["size"] = Taille totale du fichier / dossier + sous-dossier
* $a["date"] = Date de dernire modification
* $a["type"] = Type du fichier (1 pour fichier, 0 pour dossier)
* @global m_mysql $db
* @global int $cuid
@ -197,19 +197,19 @@ class m_bro {
* @param boolean $showdirsize
* @return array Le tableau contenant les fichiers de $dir, et
function filelist($dir="", $showdirsize = false) {
function filelist($dir = "", $showdirsize = false) {
global $db,$cuid,$err;
$db->query("UPDATE browser SET lastdir='$dir' WHERE uid='$cuid';");
$db->query("UPDATE browser SET lastdir = '$dir' WHERE uid = '$cuid';");
$absolute = $this->convertabsolute($dir,0);
if (!$absolute || !file_exists($absolute)) {
$err->raise('bro',_("This directory do not exist"));
return false;
$c = array();
if ($dir = @opendir($absolute)) {
while (($file = readdir($dir)) !== false) {
if ($file!="." && $file!="..") {
$c[]=array("name"=>$file, "size"=>$this->fsize($absolute."/".$file, $showdirsize), "date"=>filemtime($absolute."/".$file), "type"=> (!is_dir($absolute."/".$file)) );
$c[] = array("name"=>$file, "size"=>$this->fsize($absolute."/".$file, $showdirsize), "date"=>filemtime($absolute."/".$file), "type"=> (!is_dir($absolute."/".$file)) );
@ -231,10 +231,10 @@ class m_bro {
function GetPrefs() {
global $db,$cuid;
$db->query("SELECT * FROM browser WHERE uid='$cuid';");
if ($db->num_rows()==0) {
$db->query("SELECT * FROM browser WHERE uid = '$cuid';");
if ($db->num_rows() == 0) {
$db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size) VALUES (70, 21, 0, 0, 0, 0, 0, '$cuid','Arial, Helvetica, Sans-serif','12px');");
$db->query("SELECT * FROM browser WHERE uid='$cuid';");
$db->query("SELECT * FROM browser WHERE uid = '$cuid';");
return $db->Record;
@ -260,15 +260,19 @@ class m_bro {
function SetPrefs($editsizex, $editsizey, $listmode, $showicons, $downfmt, $createfile, $showtype, $editor_font, $editor_size, $golastdir) {
global $db,$cuid;
$editsizex=intval($editsizex); $editsizey=intval($editsizey);
$listmode=intval($listmode); $showicons=intval($showicons);
$showtype=intval($showtype); $downfmt=intval($downfmt);
$createfile=intval($createfile); $golastdir=intval($golastdir);
$db->query("SELECT * FROM browser WHERE uid='".intval($cuid)."';");
if ($db->num_rows()==0) {
$editsizex = intval($editsizex);
$editsizey = intval($editsizey);
$listmode = intval($listmode);
$showicons = intval($showicons);
$showtype = intval($showtype);
$downfmt = intval($downfmt);
$createfile = intval($createfile);
$golastdir = intval($golastdir);
$db->query("SELECT * FROM browser WHERE uid = '".intval($cuid)."';");
if ($db->num_rows() == 0) {
$db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size, golastdir) VALUES (70, 21, 0, 0, 0, 0, 0, '".intval($cuid)."','Arial, Helvetica, Sans-serif','12px',1);");
$db->query("UPDATE browser SET editsizex='$editsizex', editsizey='$editsizey', listmode='$listmode', showicons='$showicons', downfmt='$downfmt', createfile='$createfile', showtype='$showtype', editor_font='$editor_font', editor_size='$editor_size', golastdir='$golastdir' WHERE uid='".intval($cuid)."';");
$db->query("UPDATE browser SET editsizex = '$editsizex', editsizey = '$editsizey', listmode = '$listmode', showicons = '$showicons', downfmt = '$downfmt', createfile = '$createfile', showtype = '$showtype', editor_font = '$editor_font', editor_size = '$editor_size', golastdir = '$golastdir' WHERE uid = '".intval($cuid)."';");
return true;
@ -286,11 +290,11 @@ class m_bro {
if (!strpos($file,".") && substr($file,0,1)!=".") {
return "file.png";
$t = explode(".",$file);
if (!is_array($t))
$ext = $t;
$ext = $t[count($t)-1];
// Now seek the extension
if (!isset($bro_icon[$ext]) || ! $bro_icon[$ext]) {
return "file.png";
@ -314,11 +318,11 @@ class m_bro {
if (!strpos($file,".") && substr($file,0,1)!=".") {
return "File";
$t = explode(".",$file);
if (!is_array($t))
$ext = $t;
$ext = $t[count($t)-1];
// Now seek the extension
if (empty($bro_type[$ext])) {
return "File";
@ -358,11 +362,11 @@ class m_bro {
* @return integer The total size in bytes.
function dirsize($dir) {
$totalsize = 0;
$totalsize = 0;
if ($handle = opendir($dir)) {
while (false !== ($file = readdir($handle))) {
$nextpath = $dir . '/' . $file;
$nextpath = $dir . '/' . $file;
if ($file != '.' && $file != '..' && !is_link($nextpath)) {
if (is_dir($nextpath)) {
@ -390,15 +394,15 @@ class m_bro {
function CreateDir($dir,$file) {
global $db,$cuid,$err;
$file = ssla($file);
$absolute = $this->convertabsolute($dir."/".$file,0);
#echo "$absolute";
if ($absolute && (!file_exists($absolute))) {
if (!mkdir($absolute,00777,true)) {
$err->raise("bro",_("Cannot create the requested directory. Please check the permissions"));
return false;
$db->query("UPDATE browser SET crff=1 WHERE uid='$cuid';");
$db->query("UPDATE browser SET crff = 1 WHERE uid = '$cuid';");
return true;
} else {
$err->raise("bro",_("File or folder name is incorrect"));
@ -419,8 +423,8 @@ class m_bro {
function CreateFile($dir,$file) {
global $db,$err,$cuid;
$file = ssla($file);
$absolute = $this->convertabsolute($dir."/".$file,0);
if (!$absolute || file_exists($absolute)) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
@ -431,7 +435,7 @@ class m_bro {
return false;
$db->query("UPDATE browser SET crff=0 WHERE uid='$cuid';");
$db->query("UPDATE browser SET crff = 0 WHERE uid = '$cuid';");
return true;
@ -447,14 +451,14 @@ class m_bro {
function DeleteFile($file_list,$R) {
global $err, $mem;
$root = realpath(getuserpath());
$absolute = $this->convertabsolute($R,0);
if (!$absolute && strpos($root,$absolute) === 0 && strlen($absolute) > (strlen($root)+1) ) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
for ($i=0;$i<count($file_list);$i++) {
for ($i = 0;$i<count($file_list);$i++) {
$file_list[$i] = ssla($file_list[$i]);
if (!strpos($file_list[$i],"/") && file_exists($absolute."/".$file_list[$i])) { // Character / forbidden in a FILE name
@ -474,20 +478,20 @@ class m_bro {
function RenameFile($R,$old,$new) {
global $err;
$absolute = $this->convertabsolute($R,0);
if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
for ($i=0;$i<count($old);$i++) {
$old[$i]=ssla($old[$i]); // strip slashes if needed
$alea = ".".time().rand(1000,9999);
for ($i = 0;$i<count($old);$i++) {
$old[$i] = ssla($old[$i]); // strip slashes if needed
$new[$i] = ssla($new[$i]);
if (!strpos($old[$i],"/") && !strpos($new[$i],"/")) { // caractre / interdit dans old ET dans new...
for ($i=0;$i<count($old);$i++) {
for ($i = 0;$i<count($old);$i++) {
if (!strpos($old[$i],"/") && !strpos($new[$i],"/")) { // caractre / interdit dans old ET dans new...
@ -508,27 +512,27 @@ class m_bro {
function MoveFile($d,$old,$new) {
global $err;
$old = $this->convertabsolute($old,0);
if (!$old) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
if ($new[0] != '/') {
$new = $old . '/' . $new;
$new = $old . '/' . $new;
$new = $this->convertabsolute($new,false);
$new = $this->convertabsolute($new,0);
if (!$new) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
if ($old==$new) {
if ($old == $new) {
$err->raise("bro",_("You cannot move or copy a file to the same folder"));
return false;
for ($i=0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed
for ($i = 0;$i<count($d);$i++) {
$d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/") && file_exists($old."/".$d[$i]) && !file_exists($new."/".$d[$i])) {
if (!rename($old."/".$d[$i],$new."/".$d[$i]))
$err->raise("bro", "error renaming $old/$d[$i] -> $new/$d[$i]");
@ -546,22 +550,22 @@ class m_bro {
* @param boolean $verbose Shall we 'echo' what we did ?
* @return boolean TRUE Si les fichiers ont t renomms, FALSE si une erreur s'est produite.
function ChangePermissions($R,$d,$perm,$verbose=false) {
function ChangePermissions($R,$d,$perm,$verbose = false) {
global $err;
$absolute = $this->convertabsolute($R,0);
if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
for ($i=0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed
for ($i = 0;$i<count($d);$i++) {
$d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/")) { // caractre / interdit dans le nom du fichier
$m = fileperms($absolute."/". $d[$i]);
$m = fileperms($absolute."/". $d[$i]);
// pour l'instant on se limite a "write" pour owner, puisque c'est le seul
// cas interessant compte tenu de la conf de Apache pour AlternC..
if ($perm[$i]['w']) {
$m = $m | 0220; // ug+w
$m = $m | 0220; // ug+w
} else {
$m = $m ^ 0222; // ugo-w
@ -591,7 +595,7 @@ class m_bro {
function UploadFile($R) {
global $_FILES,$err,$cuid,$action;
$absolute = $this->convertabsolute($R,0);
if (!$absolute) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
@ -613,7 +617,7 @@ class m_bro {
$err->log("bro","uploadfile","Problem when uploading a file");
switch ( $_FILES['userfile']['error'] ) {
$erstr=_("The uploaded file exceeds the max file size allowed");
$erstr = _("The uploaded file exceeds the max file size allowed");
@ -622,7 +626,7 @@ class m_bro {
$erstr=_("Undefined error ").$_FILES['userfile']['error'];
$erstr = _("Undefined error ").$_FILES['userfile']['error'];
$err->raise("bro",_("Error during the upload of the file: ").$erstr);
@ -645,22 +649,22 @@ class m_bro {
* same directory as the archive by default
* @return integer|null != 0 on error
function ExtractFile($file, $dest=null) {
function ExtractFile($file, $dest = null) {
global $err,$cuid,$mem,$action;
$file = $this->convertabsolute($file,false);
$file = $this->convertabsolute($file,0);
if (is_null($dest)) {
$dest = dirname($file);
$dest = dirname($file);
} else {
$dest = $this->convertabsolute($dest,false);
$dest = $this->convertabsolute($dest,0);
if (!$file || !$dest) {
$err->raise("bro",_("File or folder name is incorrect"));
return 1;
$file = escapeshellarg($file);
$dest_to_fix = $dest;
$dest = escapeshellarg($dest);
$file = escapeshellarg($file);
$dest_to_fix = $dest;
$dest = escapeshellarg($dest);
#$dest_to_fix = str_replace(getuserpath(),'',$dest);
// TODO new version of tar supports `tar xf ...` so there is no
// need to specify the compression format
@ -669,11 +673,11 @@ class m_bro {
exec("tar -xjf $file -C $dest", $void, $ret);
if ($ret) {
$cmd = "unzip -o $file -d $dest";
$cmd = "unzip -o $file -d $dest";
exec($cmd, $void, $ret);
if ($ret) {
$cmd = "gunzip $file";
$cmd = "gunzip $file";
exec($cmd, $void, $ret);
if ($ret) {
@ -696,22 +700,22 @@ class m_bro {
function CopyFile($d,$old,$new) {
global $err;
$old = $this->convertabsolute($old,0);
if (!$old) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
$new = $this->convertabsolute($new,0);
if (!$new) {
$err->raise("bro",_("File or folder name is incorrect"));
return false;
if ($old==$new) {
if ($old == $new) {
$err->raise("bro",_("You cannot move or copy a file to the same folder"));
return false;
for ($i=0;$i<count($d);$i++) {
$d[$i]=ssla($d[$i]); // strip slashes if needed
for ($i = 0;$i<count($d);$i++) {
$d[$i] = ssla($d[$i]); // strip slashes if needed
if (!strpos($d[$i],"/") && file_exists($old."/".$d[$i]) && !file_exists($new."/".$d[$i])) {
@ -734,8 +738,8 @@ class m_bro {
function CopyOneFile($src, $dest) {
global $err;
$src = escapeshellarg($src);
$dest = escapeshellarg($dest);
$src = escapeshellarg($src);
$dest = escapeshellarg($dest);
exec("cp -Rpf $src $dest", $void, $ret);
if ($ret) {
$err->raise("bro","Errors happened while copying the source to destination. cp return value: %d", $ret);
@ -749,26 +753,26 @@ class m_bro {
* Affiche le chemin et les liens de la racine au dossier $path
* Affiche autant de liens HTML (anchor) que le chemin $path contient de
* niveaux de dossier. Chaque lien est associ la page web $action
* laquelle on ajoute le paramtre R=+Le nom du dossier courant.
* laquelle on ajoute le paramtre R = +Le nom du dossier courant.
* @param string $path Dossier vers lequel on trace le chemin
* @param string $action Page web de destination des liens
* @param boolean $justparent
* @return string Le code HTML ainsi obtenu.
function PathList($path,$action, $justparent=false) {
if (!is_array($a)) $a=array($a);
function PathList($path,$action, $justparent = false) {
$path = $this->convertabsolute($path,1);
$a = explode("/",$path);
if (!is_array($a)) $a = array($a);
$c = '';
$R = '';
if ($justparent) {
return "<a href=\"$action?R=".urlencode($a[count($a)-2].'/')."\">↑</a>";
return "<a href = \"$action?R = ".urlencode($a[count($a)-2].'/')."\">↑</a>";
for($i=0;$i<count($a);$i++) {
for($i = 0;$i<count($a);$i++) {
if ($a[$i]) {
$c.="<a href=\"$action?R=".urlencode($R)."\">".$a[$i]."</a> / ";
$R .= $a[$i]."/";
$c .= "<a href = \"$action?R = ".urlencode($R)."\">".$a[$i]."</a> / ";
return $c;
@ -789,11 +793,11 @@ class m_bro {
function content($R,$file) {
global $err;
$absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) {
$absolute .= "/".$file;
if (file_exists($absolute)) {
$std = str_replace("<","<",str_replace("&","&",file_get_contents($absolute)));
return $std;
} else {
$err->raise("bro",_("Cannot read the requested file. Please check the permissions"));
@ -825,32 +829,32 @@ class m_bro {
function viewurl($dir,$name) {
global $db,$cuid;
// Is it in cache ?
if (substr($dir,0,1)=="/") $dir=substr($dir,1);
if (substr($dir,-1)=="/") $dir=substr($dir,0,-1);
$dir=str_replace("%2F", "/", urlencode($dir));
if (substr($dir,0,1) == "/") $dir = substr($dir,1);
if (substr($dir,-1) == "/") $dir = substr($dir,0,-1);
$dir = str_replace("%2F", "/", urlencode($dir));
$name = urlencode($name);
if (!@$this->cacheurl["d".$dir]) {
// On parcours $dir en remontant les /
$end=""; $beg=$dir; $tofind=true;
$end = ""; $beg = $dir; $tofind = true;
while ($tofind) {
$db->query("SELECT sub,domaine FROM sub_domaines WHERE compte='$cuid'
AND type=0 AND (valeur='/$beg/' or valeur='/$beg');");
$db->query("SELECT sub,domaine FROM sub_domaines WHERE compte = '$cuid'
AND type = 0 AND (valeur = '/$beg/' or valeur = '/$beg');");
if ($db->num_rows()) {
$tofind = false;
$this->cacheurl["d".$dir] = "http://".$db->f("sub").ife($db->f("sub"),".").$db->f("domaine").$end;
if (!$beg && $tofind) {
$tofind = false;
$this->cacheurl["d".$dir] = "-";
// We did not find it ;(
if (($tt=strrpos($beg,"/"))!==false) {
$end=substr($beg,$tt).$end; // = /topdir$end so $end starts AND ends with /
if (($tt = strrpos($beg,"/"))!==false) {
$end = substr($beg,$tt).$end; // = /topdir$end so $end starts AND ends with /
$beg = substr($beg,0,$tt);
} else {
$end = "/".$beg.$end;
$beg = "/";
@ -871,16 +875,16 @@ class m_bro {
function can_edit($dir,$name) {
global $mem,$err;
$absolute = "$dir/$name";
$absolute = $this->convertabsolute($absolute,0);
if (!$absolute) {
$err->raise('bro',_("File not in authorized directory"));
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo,$absolute);
if ( substr($mime,0,5)=="text/" || $mime == "application/x-empty" || $mime == "inode/x-empty") {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo,$absolute);
if ( substr($mime,0,5) == "text/" || $mime == "application/x-empty" || $mime == "inode/x-empty") {
return true;
return false;
@ -896,7 +900,7 @@ class m_bro {
function is_extractable($dir,$name) {
if ($parts = explode(".", $name)) {
$ext = array_pop($parts);
$ext = array_pop($parts);
switch ($ext) {
case "gz":
case "bz":
@ -927,9 +931,9 @@ class m_bro {
function is_sqlfile($dir,$name) {
if ($parts = explode(".", $name)) {
$ext = array_pop($parts);
$ext2 = array_pop($parts) . '.'.$ext;
if ( $ext=='sql' or $ext2=='sql.gz') return true;
$ext = array_pop($parts);
$ext2 = array_pop($parts) . '.'.$ext;
if ( $ext == 'sql' or $ext2 == 'sql.gz') return true;
return false;
@ -943,7 +947,7 @@ class m_bro {
function download_link($dir,$file){
global $err;
header("Content-Disposition: attachment; filename=$file");
header("Content-Disposition: attachment; filename = $file");
header("Content-Type: application/force-download");
header("Content-Transfer-Encoding: binary");
@ -960,9 +964,9 @@ class m_bro {
function content_send($R,$file) {
global $err;
$absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) {
$absolute .= "/".$file;
if (file_exists($absolute)) {
@ -987,9 +991,9 @@ class m_bro {
function save($file,$R,$texte) {
global $err;
$absolute = $this->convertabsolute($R,0);
if (!strpos($file,"/")) {
$absolute .= "/".$file;
if (file_exists($absolute)) {
if (! file_put_contents($absolute, $texte ) ) {
$err->raise("bro",_("Cannot edit the requested file. Please check the permissions"));
@ -1010,12 +1014,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
function DownloadZ($dir="") {
function DownloadZ($dir = "") {
global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".Z");
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".Z");
header("Content-Type: application/x-Z");
header("Content-Transfer-Encoding: binary");
$d = escapeshellarg(".".$this->convertabsolute($dir,1));
passthru("/bin/tar -cZ -C ".getuserpath()."/".$mem->user["login"]."/ $d");
@ -1028,12 +1032,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
function DownloadTGZ($dir="") {
function DownloadTGZ($dir = "") {
global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".tgz");
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tgz");
header("Content-Type: application/x-tgz");
header("Content-Transfer-Encoding: binary");
$d = escapeshellarg(".".$this->convertabsolute($dir,1));
passthru("/bin/tar -cz -C ".getuserpath()."/ $d");
@ -1046,12 +1050,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
function DownloadTBZ($dir="") {
function DownloadTBZ($dir = "") {
global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".tar.bz2");
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".tar.bz2");
header("Content-Type: application/x-bzip2");
header("Content-Transfer-Encoding: binary");
$d = escapeshellarg(".".$this->convertabsolute($dir,1));
passthru("/bin/tar -cj -C ".getuserpath()."/ $d");
@ -1065,12 +1069,12 @@ class m_bro {
* @param string $dir Dossier à dumper, relatif la racine du compte du membre.
* @return void NE RETOURNE RIEN, et il faut Quitter le script immdiatement aprs
function DownloadZIP($dir="") {
function DownloadZIP($dir = "") {
global $mem;
header("Content-Disposition: attachment; filename=".$mem->user["login"].".zip");
header("Content-Disposition: attachment; filename = ".$mem->user["login"].".zip");
header("Content-Type: application/x-zip");
header("Content-Transfer-Encoding: binary");
$d = escapeshellarg($this->convertabsolute($dir,false));
passthru("/usr/bin/zip -r - $d");
@ -1102,7 +1106,7 @@ class m_bro {
if (is_dir($file)) {
$handle = opendir($file);
$handle = opendir($file);
while($filename = readdir($handle)) {
if ($filename != "." && $filename != "..") {
@ -1127,18 +1131,18 @@ class m_bro {
function alternc_export_conf() {
global $db,$err;
$str="<table border=\"1\"><caption> Browser </caption>\n";
$str.=" <browser>\n";
$str = "<table border = \"1\"><caption> Browser </caption>\n";
$str .= " <browser>\n";
$pref = $this->GetPrefs();
$i = 1;
foreach ($pref as $k=>$v) {
if (($i % 2)==0){
$str.=" <$k>$v</$k>\n";
if (($i % 2) == 0){
$str .= " <$k>$v</$k>\n";
$str.=" </browser>\n";
$str .= " </browser>\n";
return $str;
@ -1155,12 +1159,12 @@ class m_bro {
function alternc_export_data($dir){
global $mem,$err;
$dir .= "html/";
$err->raise("bro",_("Cannot create the requested directory. Please check the permissions"));
$timestamp = date("H:i:s");
// relacher le lock global sinon ce download va geler alternc pour
// tout le monde
@ -40,21 +40,26 @@
class m_hta {
* Constructor
* Constructor
function m_webaccess() {
* Password kind used in this class (hook for admin class)
* @return array
function alternc_password_policy() {
return array("hta"=>"Protected folders passwords");
* @return array
function hook_menu() {
$obj = array(
'title' => _("Protected folders"),
@ -67,16 +72,21 @@ class m_hta {
* Create a protected folder (.htaccess et .htpasswd)
* @param string $dir Folder to protect (relative to user root)
* @return boolean TRUE if the folder has been protected, or FALSE if an error occurred
* @param string $dir Folder to protect (relative to user root)
* @return boolean TRUE if the folder has been protected, or FALSE if an error occurred
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir
* @return boolean
function CreateDir($dir) {
global $mem,$bro,$err;
$absolute = $bro->convertabsolute($dir,0);
if (!$absolute) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
@ -95,7 +105,7 @@ class m_hta {
return false;
$param="AuthUserFile \"$absolute/.htpasswd\"\nAuthName \""._("Restricted area")."\"\nAuthType Basic\nrequire valid-user\n";
$param = "AuthUserFile \"$absolute/.htpasswd\"\nAuthName \""._("Restricted area")."\"\nAuthType Basic\nrequire valid-user\n";
fwrite($file, $param);
@ -110,43 +120,46 @@ class m_hta {
* Returns the list of all user folder currently protected by a .htpasswd file
* @return array Array containing user folder list
* @global m_err $err
* @global m_mem $mem
* @return array Array containing user folder list
function ListDir(){
$sortie = array();
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
exec("find $absolute -name .htpasswd|sort",$sortie);
$err->raise("hta",_("No protected folder"));
return false;
$pattern = "/^".preg_quote(ALTERNC_HTML,"/")."\/.\/[^\/]*\/(.*)\/\.htpasswd/";
$r = array();
for($i = 0;$i<count($sortie);$i++){
$tmpm = isset($matches[1])?'/'.$matches[1]:'';
$r[$i] = $tmpm."/";
return $r;
* Tells if a folder is protected.
* @param string $dir Folder to check
* @return boolean if the folder is protected, or FALSE if it is not
* @global m_mem $mem
* @global m_err $err
* @param string $dir Folder to check
* @return boolean If the folder is protected, or FALSE if it is not
function is_protected($dir){
global $mem,$err;
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
if (file_exists("$absolute/.htpasswd")){
return true;
} else {
@ -155,34 +168,36 @@ class m_hta {
* Returns the list of login for a protected folder.
* @param string $dir The folder to lookup (relative to user root)
* @return array An array containing the list of logins from the .htpasswd file, or FALSE
* @global m_mem $mem
* @global m_err $err
* @param string $dir The folder to lookup (relative to user root)
* @return array An array containing the list of logins from the .htpasswd file, or FALSE
function get_hta_detail($dir) {
global $mem,$err;
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
if (file_exists("$absolute/.htaccess")) {
/* if (!_reading_htaccess($absolute)) {
return false;
*/ }
$file = @fopen("$absolute/.htpasswd","r");
$i = 0;
$res = array();
if (!$file) {
return false;
// TODO: Tester la validit<EFBFBD> du .htpasswd
// TODO: Tester la validité du .htpasswd
while (!feof($file)) {
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]!=$s) {
$res[$i] = $t[0];
$i = $i+1;
@ -190,38 +205,82 @@ class m_hta {
* Unprotect a folder
* @param string $dir Folder to unprotect, relative to user root
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir Folder to unprotect, relative to user root
* @param boolean $skip For testing purpose mainly, skips the full user path search
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
function DelDir($dir) {
function DelDir($dir,$skip = 0) {
global $mem,$bro,$err;
$dir = $bro->convertabsolute($dir,$skip);
if (!$dir) {
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
return false;
if (!@unlink("$dir/.htaccess")) {
$err->raise("hta",printf(_("I cannot delete the file '%s/.htaccess'"),$dir));
return false;
$htaccess_file = "$dir/.htaccess";
if( !is_readable($htaccess_file)){
$err->raise("hta",printf(_("I cannot read the file '%s'"),$htaccess_file));
if (!@unlink("$dir/.htpasswd")) {
$err->raise("hta",printf(_("I cannot delete the file '%s/.htpasswd'"),$dir));
return false;
$fileLines = file($htaccess_file);
$patternList = array(
"AuthType Basic.*$",
"require valid-user.*$"
$count_lines = 0;
foreach($fileLines as $key => $line){
foreach ($patternList as $pattern) {
if(preg_match("/".$pattern."/", $line)){
// If no changes
if( ! $count_lines ){
$err->raise("hta",printf(_("Unexpected: No changes made to '%s'"),$htaccess_file));
// If file is empty, remove it
if( !count($fileLines)){
if( ! unlink( $htaccess_file)){
$err->raise("hta",printf(_("I could not delete the file '%s'"),$htaccess_file));
file_put_contents($htaccess_file, implode("\n",$fileLines));
$htpasswd_file = "$dir/.htpasswd";
$perms = substr(sprintf('%o', fileperms($dir)), -4);
if( ! is_writable($htpasswd_file)){
$err->raise("hta",printf(_("I cannot read the file '%s'"),$htpasswd_file));
else if ( ! unlink($htpasswd_file)) {
$err->raise("hta",printf(_("I cannot delete the file '%s/.htpasswd'"),$dir));
return false;
return true;
* Add a user to a protected folder
* @param string $password The password to add (cleartext)
* @param string $dir The folder we add it to (relative to user root).
* @return boolean TRUE if the user has been added, or FALSE if an error occurred
* @global m_err $err
* @global m_bro $bro
* @global m_admin $admin
* @param string $user
* @param string $password
* @param string $dir
* @param string $password The password to add (cleartext)
* @param string $dir The folder we add it to (relative to user root).
* @return boolean TRUE if the user has been added, or FALSE if an error occurred
function add_user($user,$password,$dir) {
global $err, $bro, $admin;
@ -234,7 +293,7 @@ class m_hta {
$err->raise('hta',_("Please enter a password"));
return false;
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
return false;
@ -255,8 +314,8 @@ class m_hta {
while (!feof($file)) {
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]==$user) {
$err->raise("hta",_("The user '%s' already exist for this folder"),$user);
return false;
@ -276,17 +335,21 @@ class m_hta {
* Delete a user from a protected folder.
* @param array $lst An array with login to delete.
* @param string $dir The folder, relative to user root, where we want to delete users.
* @return boolean TRUE if users has been deleted, or FALSE if an error occurred.
* @global m_bro $bro
* @global m_err $err
* @param array $lst An array with login to delete.
* @param string $dir The folder, relative to user root, where we want to delete users.
* @return boolean TRUE if users has been deleted, or FALSE if an error occurred.
function del_user($lst,$dir) {
global $bro,$err;
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
@ -301,8 +364,8 @@ class m_hta {
while (!feof($file)) {
$s = fgets($file,1024);
$t = explode(":",$s);
if (!in_array($t[0],$lst) && ($t[0]!="\n")) {
fwrite($newf, "$s");
@ -316,18 +379,27 @@ class m_hta {
* Change the password of a user in a protected folder
* @param string $user The users whose password should be changed
* @param string $newpass The new password of this user
* @param string $dir The folder, relative to user root, in which we will change a password
* @return boolean TRUE if the password has been changed, or FALSE if an error occurred
* Change the password of a user in a protected folder
* @global m_bro $bro
* @global m_err $err
* @global m_admin $admin
* @param string $user
* @param string $newpass
* @param string $dir
* @return boolean
function change_pass($user,$newpass,$dir) {
global $bro,$err,$admin;
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
@ -348,8 +420,8 @@ class m_hta {
return false;
while (!feof($file)) {
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]!=$user) {
fwrite($newf, "$s");
@ -363,38 +435,39 @@ class m_hta {
* Check that a .htaccess file is valid (for authentication)
* @param string $absolute Folder we want to check (relative to user root)
* @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else
* @access private
* @global m_err $err
* @param type $absolute
* @param string $absolute Folder we want to check (relative to user root)
* @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else
function _reading_htaccess($absolute) {
private function _reading_htaccess($absolute) {
global $err;
$file = fopen("$absolute/.htaccess","r+");
$lignes = array(1,1,1);
$errr = 0;
if (!$file) {
return false;
while (!feof($file) && !$errr) {
$s = fgets($file,1024);
if (substr($s,0,12)!="RewriteCond " && substr($s,0,14)!="ErrorDocument " && substr($s,0,12)!="RewriteRule " && substr($s,0,14)!="RewriteEngine " && trim($s)!="") {
$errr = 1;
if (strtolower(trim($s))==strtolower("authuserfile $absolute/.htpasswd")) {
$lignes[0] = 0;
$errr = 0;
} // authuserfile
if (strtolower(trim($s))=="require valid-user") {
$lignes[1] = 0;
$errr = 0;
} //require
if (strtolower(trim($s))=="authtype basic") {
$lignes[2] = 0;
$errr = 0;
} //authtype
} // Reading config file
Reference in New Issue