From d768b1406613d13a3659fa1b0cabfa3034fbf288 Mon Sep 17 00:00:00 2001 From: Florin-Ciprian Bodin Date: Mon, 13 Nov 2023 08:53:47 +0200 Subject: [PATCH] Update config.php for request class --- config.php | 172 +++++++++++++++++++++++------------------------------ 1 file changed, 75 insertions(+), 97 deletions(-) diff --git a/config.php b/config.php index f8d9845..aa4f90a 100644 --- a/config.php +++ b/config.php @@ -1,14 +1,13 @@ , FlorinCB - * @version 2.4.5-pl7 (January 01, 2019 / 30, Octomber, 2013) + * @version 2.2.7 (January 13, 2019 / November 13, 2023) * - * @copyright Copyright (C) 2002-2006 Justin Hagstrom + * @copyright Copyright (C) 2002-2008 Justin Hagstrom * @license http://www.gnu.org/licenses/gpl.html GNU General Public License (GPL) * * @link http://autoindex.sourceforge.net @@ -46,109 +45,99 @@ $numbers = array('days_new', 'thumbnail_height', 'bandwidth_limit', 'md5_show', if (count($_POST) >= count($strings) + count($numbers)) { + $directories = array('base_dir', 'icon_path', 'flag_path', 'assets_path', 'template'); $output = "is_post($setting)) { die(simple_display('Required setting ' . htmlentities($setting) . ' not set.')); } - if ($_POST[$setting] == '') + if ($request->is_post($setting)) { $output .= "$setting\tfalse\n"; continue; } - $_POST[$setting] = str_replace('\\', '/', $_POST[$setting]); - if (in_array($setting, $directories) && !preg_match('#/$#', $_POST[$setting])) - //make sure there is a slash at the end of directories + $request_post_setting = str_replace('\\', '/', $request->post($setting, TYPE_NO_TAGS)); //make sure there is a slash at the end of directories + if (in_array($setting, $directories) && !preg_match('#/$#', $request_post_setting)) { - $_POST[$setting] .= '/'; + $request_post_setting .= '/'; } - $output .= "$setting\t{$_POST[$setting]}\n"; + $output .= "$setting\t{$request_post_setting}\n"; } foreach ($checkboxes as $setting) { - $output .= "$setting\t" . (isset($_POST[$setting]) ? 'true' : 'false') - . "\n"; + $output .= "$setting\t" . ($request->is_post($setting) ? 'true' : 'false') . "\n"; } foreach ($numbers as $setting) { - if (!isset($_POST[$setting])) + if (!$request->is_post($setting)) { - die(simple_display('Required setting ' - . htmlentities($setting) . ' not set.')); + die(simple_display('Required setting ' . htmlentities($setting) . ' not set.')); } - if ($_POST[$setting] == '') + if ($request->is_post($setting)) { $output .= "$setting\t0\n"; continue; } - if ($_POST[$setting] < 0) + $request_post_setting = str_replace('\\', '/', $request->post($setting, TYPE_NO_TAGS)); + if ($request_post_setting < 0) { - die(simple_display('The setting ' - . htmlentities($setting) . ' should not be a negitive number.')); + die(simple_display('The setting ' . htmlentities($setting) . ' should not be a negitive number.')); } - $_POST[$setting] = (string)((float)$_POST[$setting]); - $output .= "$setting\t{$_POST[$setting]}\n"; + $request_post_setting = (string)((float)$request_post_setting); + $output .= "$setting\t{$request_post_setting}\n"; } $output .= "\n*/\n\n?>"; - if (!isset($_POST['force_download'])) + if (!$request->is_post('force_download')) { - if (preg_match('#^(/|[a-z]\:)#i', $_POST['base_dir'])) + if (preg_match('#^(/|[a-z]\:)#i', $request->post('base_dir', TYPE_NO_TAGS))) { - die(simple_display('It seems you are using an absolute path for the Base Directory.' - . '
This means you must check the "Pipe downloaded files though the PHP script" box.')); + die(simple_display('It seems you are using an absolute path for the Base Directory.' . '
This means you must check the "Pipe downloaded files though the PHP script" box.')); } - if ((int)$_POST['bandwidth_limit'] !== 0) + if ((int)$request->post('bandwidth_limit', TYPE_INT) !== 0) { die(simple_display('For the Bandwidth Limit feature to work, the "force download" feature needs to be on.' . '
This means you must check the "Pipe downloaded files though the PHP script" box.')); } } - if (isset($_POST['must_login_to_download']) && !isset($_POST['use_login_system'])) + if ($request->is_post('must_login_to_download') && !$request->is_post('use_login_system')) { - die(simple_display('To enable must_login_to_download, the ' - . 'use_login_system option must also be turned on.')); + die(simple_display('To enable must_login_to_download, the ' . 'use_login_system option must also be turned on.')); } foreach (array('base_dir', 'template') as $valid) { - if (!@is_dir($_POST[$valid])) + if (!@is_dir($request->post($valid, TYPE_NO_TAGS))) { //die(simple_display(htmlentities($valid) . ' setting is not a valid directory.')); } } - - if (@is_file(CONFIG_STORED)) - //if the file already exists, back it up + if (@is_file(CONFIG_STORED)) //if the file already exists, back it up { $temp_name = CONFIG_STORED . '.bak'; - for ($i = 1; @file_exists($temp_name); $i++) + for ($i = 1; file_exists($temp_name); $i++) { $temp_name = CONFIG_STORED . '.bak' . (string)$i; } @copy(CONFIG_STORED, $temp_name); - } - + } $h = @fopen(CONFIG_STORED, 'wb'); - if ($h === false) - //the file could not be written to, so now it must be downloaded through the browser + if ($h === false) //the file could not be written to, so now it must be downloaded through the browser { header('Content-Type: text/plain; name="' . CONFIG_STORED . '"'); header('Content-Disposition: attachment; filename="' . CONFIG_STORED . '"'); die($output); } - else - //the file was opened successfully, so write to it + else //the file was opened successfully, so write to it { fwrite($h, $output); - fclose($h); - + fclose($h); //begin display of "configuration complete" page - echo ''; + echo ''; ?> - @@ -193,19 +182,19 @@ if (count($_POST) >= count($strings) + count($numbers))

Write successful!
AutoIndex configuration is finished.

-

Continue.

+

Continue.

- + + './', 'assets_path' => 'assets/', - 'icon_path' => 'index_icons/winxp/', + 'icon_path' => 'index_icons/winvista/', 'flag_path' => 'flags/language/', 'language' => 'en', 'template' => './templates/default/', @@ -222,28 +211,24 @@ $settings = array( 'anti_leech' => 'false', 'must_login_to_download' => 'false', 'archive' => 'false', - 'days_new' => '0', - 'entries_per_page' => '0', - 'thumbnail_height' => '0', + 'days_new' => '2', + 'entries_per_page' => '300', + 'thumbnail_height' => '100', 'bandwidth_limit' => '0', 'md5_show' => '0', 'parse_htaccess' => 'true' ); - global $config; -if (isset($config)) -//if we're reconfiguring the script, use the current settings +if (isset($config)) //if we're reconfiguring the script, use the current settings { foreach ($settings as $key => $data) { - $settings[$key] = $config -> __get($key); + $settings[$key] = $config->__get($key); } } - //begin display of main configuration page: -echo ''; +echo ''; ?> - @@ -294,8 +279,7 @@ echo ''; -
- +

AutoIndex PHP Script
Configuration @@ -303,9 +287,7 @@ echo '';

The default options are currently selected, so just press the configure button at the bottom to use them.

-
-

Base Directory: @@ -314,8 +296,8 @@ Base Directory:
Icon Path: @@ -324,8 +306,8 @@ Icon Path:
Flag Path: @@ -334,8 +316,8 @@ Flag Path:
/> Show Directory Size @@ -344,8 +326,8 @@ Flag Path: NOTE: If you are trying to index many files (meaning a few thousand), you will notice a speed improvement with this turned off.

-
- + +

/> Enable Searching @@ -354,21 +336,21 @@ Flag Path:
Template Directory:

This is the path where the *.tpl template files are located (relative to this index.php file).

-
- + +

- /> Enable Login System + /> Enable Login System
/> Users must login to view/download -
User List: +
User List:

User List contains the path to the text file where the usernames and encrypted passwords are stored.
Make sure the file is chmod'ed so PHP can read and write to it. @@ -472,33 +454,34 @@ Image Thumbnail Height: The contents of the list are editable when you login as an admin.

-
- + +

/> Allow folder archive downloading

If this box is checked, users will be able to download the folder's contents as a tar archive file.

-
- + +

/> Parse .htaccess files

If this box is checked, .htaccess files will be parsed and used by AutoIndex.

-
- + +

- +
+ +

MD5 calculation max size: MB

Setting this to 0 will disable this feature, and setting it to any other number will set the maximum size of a file to allow users to find the md5sum of (in megabytes).
(10 is a good setting to start with.)

-
- +

Default Language: not available in AutoIndex. In that case, the language selected here is used.

-
- -

- + + +

+

@@ -533,17 +516,12 @@ Default Language: