Código PHP:
if (isset($_GET['download']))
downloadfile($_GET['download']);
function downloadfile($file){
global $config, $lang;
$file = $config['storage_path'].'/'.basename($file);
if (!is_file($file)) { return; }
header("Content-Type: application/octet-stream");
header("Content-Size: ".filesize($file));
header("Content-Disposition: attachment; filename=\"".basename($file)."\"");
header("Content-Length: ".filesize($file));
header("Content-transfer-encoding: binary");
@readfile($file);
if ($config['log_download']) logadm($lang['DOWNLOAD'].' '.$file);
exit;
}
function authorize($silent=false){
global $config, $lang, $auth;
//authentication
if (!$auth){
if ((empty($_SERVER['PHP_AUTH_USER']) or empty($_SERVER['PHP_AUTH_PW'])) and isset($_REQUEST['BAD_HOSTING']) and preg_match('/Basic\s+(.*)$/i', $_REQUEST['BAD_HOSTING'], $matc))
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode($matc[1]));
if ((isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) &&
($_SERVER['PHP_AUTH_USER'] == $config['admin_username'] && $_SERVER['PHP_AUTH_PW']==$config['admin_password'])) {
$auth = true; // user is authenticated
} else {
if (!$silent) {
header( 'WWW-Authenticate: Basic realm="w2box admin"' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Your are not allowed to access this function!';
exit;
}
}
}
}
function extname($file) {
$file = explode(".",basename($file));
return $file[count($file)-1];
}
function getfilesize($size) {
//if ($size < 2) return "$size byte";
$units = array(' B', ' KiB', ' MiB', ' GiB', ' TiB');
for ($i = 0; $size > 1024; $i++) { $size /= 1024; }
return round($size, 2).$units[$i];
}
function return_bytes($val) {
$val = trim($val);
if (empty($val)) return pow(1024,3);
$last = strtolower($val{(strlen($val)-1)});
switch($last) {
// The 'G' modifier is available since PHP 5.1.0
case 'g':
$val *= 1024;
case 'm':
$val *= 1024;
case 'k':
$val *= 1024;
}
return $val;
}
function rooturl(){
$dir = dirname($_SERVER['PHP_SELF']);
if (strlen($dir) > 1) $dir.="/";
return "http://".$_SERVER['HTTP_HOST'].$dir;
}
function logadm($str) {
global $config, $lang;
if (!$config['log']) return;
$file_handle = fopen($config['log_filename'],"a+");
fwrite($file_handle, date("Y-m-d\TH:i:s").' '.sprintf("%15s",$_SERVER["REMOTE_ADDR"]).' '. $str."\n");
fclose($file_handle);
}
function ls($dir) {
global $config, $lang, $auth, $demo;
if ($demo){
// demo code -- deleteme file
$file = "data/deleteme.txt";
if (!$file_handle = fopen($file,"a")) { echo "Cannot open file"; }
if (!fwrite($file_handle, "Delete me or I'll become fat!!!\n")) { echo "Cannot write to file"; }
fclose($file_handle);
}
$files = Array();
if ($handle = opendir($dir)) {
while (false !== ($file = readdir($handle))) {
if (substr($file,0,1) != "." && $file != "index.html") {
$size=filesize($dir."/".$file);
$date=filemtime($dir."/".$file);
$ext=strtolower(extname($file));
if (is_dir($dir."/".$file)) $ext="directory";
if ($config['delete_after'] && ($date < mktime(0, 0, 0, date("m"), date("d")-$config['delete_after'], date("Y")))){
if (is_dir($dir."/".$file))
@rmdir($dir."/".$file);
else
@unlink($dir."/".$file);
}
if(file_exists($dir."/".$file))
$files[] = Array('file'=>$file,'date'=>$date, 'size'=>$size, 'ext'=>$ext);
}
}
closedir($handle);
}
if (is_array($files) && !empty($files)) {
foreach ($files as $key => $row) {
$fn[$key] = strtolower($row['file']);
}
array_multisort($fn, SORT_ASC, SORT_STRING, $files);
}
return $files;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-type" content="text/html; charset=iso-8859-1" />
<title><?php echo $config['w2box_title']; ?> | powered by w2box</title>
<link rel="stylesheet" type="text/css" href="<?php echo rooturl(); ?>w2box.css" />
<script type="text/javascript">
<!--//<![CDATA[
var ROOT_URL = '<?php echo rooturl(); ?>';
var ALLOWED_TYPES = '.<?php echo join(".",$config['allowed_ext']); ?>.';
var MAX_FILESIZE = <?php echo $max_filesize; ?>;
var UPLOAD_SCRIPT = '<?php echo $config['upload_cgiscript']; ?>';
//]]>-->
</script>
<script type="text/javascript" src="<?php echo rooturl(); ?>pt.ajax.js"></script>
<script type="text/javascript" src="<?php echo rooturl(); ?>sorttable.js"></script>
<script type="text/javascript" src="<?php echo rooturl(); ?>w2box.js"></script>
</head>
<body onload="filetypeCheck();">
<div id="page" class="mainbox">
<div id="header">
<h1><a href="."><?php echo $config['w2box_title']; ?></a></h1>
</div>
<div id="content">
<?php
if ($config['show_warning']) echo '<div id="warningmsg"><p>'.$lang['warning_msg'].'</p></div>'."\n";
if (isset($errormsg)) echo '<div id="errormsg"><p>'.$errormsg.'</p></div>'."\n";
if ($config['enable_folder_maxdepth'] && (!($config['hide_makedir']) || $auth)) { ?>
<div id="makedirform" class="formdiv">
<form method="post" action="">
<p><label for="dir"><?php echo $lang['dir'] ?> :</label><input type="text" id="dir" name="dir" size="50" /><input id="make" type="submit" value="<?php echo $lang['make'] ?>" class="button" /></p>
</form>
</div>
<?php
}
if (!($config['hide_upload']) || $auth) { ?>
<div id="uploadform" class="formdiv">
<?php $sid = md5(uniqid(rand())); //unique file id ?>
<form method="post" enctype="multipart/form-data" action="index.php">
<p><label for="file"><?php echo $lang['file'] ?> :</label><input type="file" id="file" name="file" size="50" onchange="renameSync();" /><input id="upload" type="submit" value="<?php echo $lang['upload'] ?>" class="button" <?php if ($config['upload_progressbar']) echo 'onclick="beginUpload(\''.$sid.'\');return false;" '; ?>/></p>
<p><label for="filename"><?php echo $lang['renameto'] ?> :</label><input type="text" id="filename" name="filename" onkeyup="filetypeCheck();" size="50" /></p>
<p class="small"><span id="allowed"><?php echo $lang['filetypesallowed'] ?> : <?php echo join(",",$config['allowed_ext']); ?></span>
<br /><?php echo $lang['filesizelimit'] ?> : <?php echo getfilesize($max_filesize); ?>
<?php if ($config['delete_after']) echo '<br />'.str_replace("{D}",$config['delete_after'],$lang['filedeleteafter']); ?>
</p>
</form>
<?php if ($config['upload_progressbar']){ ?>
<div id="upload_pb" style="display: none;">
<p>Uploading <span id="upload_filename"></span> ...</p>
<div id="upload_border"><div id="upload_progress"></div></div>
</div>
<iframe name="upload_iframe" style="border:0;width:0px;height:0px;visibility:hidden;"></iframe>
<?php } ?>
</div>
<?php } ?>
<?php
if (sizeof($dir)>0) {
echo '<div id="dirpath"><p>';
$path = rooturl();
echo '<a href="'.$path.'">w2box</a>';
foreach ($dir as $k => $v) {
$path .= "$v/";
if (sizeof($dir) == $k+1)
echo ' » '.$v.' ';
else
echo ' » <a href="'.$path.'">'.$v.'</a> ';
}
echo '<a href="..">(go up)</a></p></div>';
}
?>
<div id="filelisting">
<img src="images/arrow-up.gif" alt="" style="display:none;" /><img src="images/arrow-down.gif" alt="" style="display:none;" />
<table id="t1" class="sortable">
<tr>
<th id="th1" class="lefted"><?php echo $lang['filename']; ?></th>
<th id="th2"><?php echo $lang['date']; ?></th>
<th id="th3"><?php echo $lang['size']; ?></th>
<th id="th4"><?php echo $lang['type']; ?></th>
<?php if (!$config['hide_delete'] || $auth) echo '<th id="th5" class="unsortable">'.$lang['delete'].'</th>'; ?>
</tr>
<?php
$files = ls($config['storage_path']);
if (empty($files)){
echo ' <tr><td class="lefted">'.$lang['nofiles'].'</td></tr>';
} else {
foreach ($files as $file) {
echo ' <tr class="off" onmouseover="if (this.className!=\'delete\') {this.className=\'on\'};" onmouseout="if (this.className!=\'delete\') {this.className=\'off\'};">';
echo '<td class="lefted">';
echo '<img src="'.rooturl().'images/icons/'.$file['ext'].'.gif" alt="" /> ';
if ($config['disable_directlink'])
echo $file['file'];
else {
$dlink = $file['file'];
if ($config['utf8encode_directlink'])
$dlink = utf8_encode($file['file']);
if ($file['ext']!="directory")
$url = rooturl().$config['storage_path'].'/'.rawurlencode($dlink);
else
$url = rawurlencode($dlink)."/";
echo '<a href="'.$url.'">';
$maxlen=29;
if ($maxlen>0 && strlen($file['file'])>$maxlen)
echo substr($file['file'],0,$maxlen-3)."...";
else
echo $file['file'];
echo '</a>';
}
echo ' ';
if ($file['ext']!="directory") echo '<a href="?download='.urlencode($file['file']).'"><img src="'.rooturl().'images/download_arrow.gif" alt="('.$lang['download'].')" title="'.$lang['download_link'].'" /></a></td>';
echo '<td>'.date ($lang['date_format'], $file['date']).'</td>';
echo '<td>';
if ($file['ext']!="directory") echo getfilesize($file['size']);
echo '</td>';
echo '<td>';
if ($file['ext']!="directory") echo '<img src="'.rooturl().'images/icons/'.$file['ext'].'.gif" alt="" /> <span>'.$file['ext'].'</span>';
echo '</td>';
if (!$config['hide_delete'] || $auth) {
echo '<td>';
//if ($file['ext']!="directory") {
echo '<a onclick="';
if ($config['confirm_delete'])
echo 'if(confirm(\''.$lang['delete_confirm_msg'].'\')) ';
echo 'deletefile(this.parentNode.parentNode); return false;" ';
echo 'href=""><img src="'.rooturl().'images/delete.gif" alt="'.$lang['delete'].'" title="'.$lang['delete_link'].'" /></a>';
//}
echo '</td>';
}
echo '</tr>'."\n";
}
}
?>
</table>
</div>
</div>
</div>
</body>
</html>