PDA

View Full Version : PHP Dir Listing script



The Error Guy
09-11-2010, 05:40 PM
Currently using (or trying rather) to get evoluted's Directory listing script running, so far no success, comes up with a couple of PHP errors. using the install "out of the box" extract and copy to server (server is using WAMP).

not sure what is going on with it, I think it might be something to do with the server side maybe as a previously working script on another server produces similar effect. you can download to test here
http://www.evoluted.net/community/code/directorylisting.php

Other than that, no real idea, it seems to be reading part of the config vars but they are all properly closed with comment strings (dunno what they are actually called, the /* and */ part)


<?
/*
Directory Listing Script - Version 2
====================================
Script Author: Ash Young <ash@evoluted.net>. www.evoluted.net
Layout: Manny <manny@tenka.co.uk>. www.tenka.co.uk

REQUIREMENTS
============
This script requires PHP and GD2 if you wish to use the
thumbnail functionality.

INSTRUCTIONS
============
1) Unzip all files
2) Edit this file, making sure everything is setup as required.
3) Upload to server
4) ??????
5) Profit!

CONFIGURATION
=============
Edit the variables in this section to make the script work as
you require.

Start Directory - To list the files contained within the current
directory enter '.', otherwise enter the path to the directory
you wish to list. The path must be relative to the current
directory.
*/
$startdir = '.';

/*
Show Thumbnails? - Set to true if you wish to use the
scripts auto-thumbnail generation capabilities.
This requires that GD2 is installed.
*/
$showthumbnails = true;

/*
Show Directories - Do you want to make subdirectories available?
If not set this to false
*/
$showdirs = true;

/*
Force downloads - Do you want to force people to download the files
rather than viewing them in their browser?
*/
$forcedownloads = false;

/*
Hide Files - If you wish to hide certain files or directories
then enter their details here. The values entered are matched
against the file/directory names. If any part of the name
matches what is entered below then it is now shown.
*/
$hide = array(
'dlf',
'index.php',
'Thumbs',
'.htaccess',
'.htpasswd'
);

/*
Show index files - if an index file is found in a directory
to you want to display that rather than the listing output
from this script?
*/
$displayindex = false;

/*
Allow uploads? - If enabled users will be able to upload
files to any viewable directory. You should really only enable
this if the area this script is in is already password protected.
*/
$allowuploads = false;

/*
Overwrite files - If a user uploads a file with the same
name as an existing file do you want the existing file
to be overwritten?
*/
$overwrite = false;

/*
Index files - The follow array contains all the index files
that will be used if $displayindex (above) is set to true.
Feel free to add, delete or alter these
*/

$indexfiles = array (
'index.html',
'index.htm',
'default.htm',
'default.html'
);

/*
File Icons - If you want to add your own special file icons use
this section below. Each entry relates to the extension of the
given file, in the form <extension> => <filename>.
These files must be located within the dlf directory.
*/
$filetypes = array (
'png' => 'jpg.gif',
'jpeg' => 'jpg.gif',
'bmp' => 'jpg.gif',
'jpg' => 'jpg.gif',
'gif' => 'gif.gif',
'zip' => 'archive.png',
'rar' => 'archive.png',
'exe' => 'exe.gif',
'setup' => 'setup.gif',
'txt' => 'text.png',
'htm' => 'html.gif',
'html' => 'html.gif',
'fla' => 'fla.gif',
'swf' => 'swf.gif',
'xls' => 'xls.gif',
'doc' => 'doc.gif',
'sig' => 'sig.gif',
'fh10' => 'fh10.gif',
'pdf' => 'pdf.gif',
'psd' => 'psd.gif',
'rm' => 'real.gif',
'mpg' => 'video.gif',
'mpeg' => 'video.gif',
'mov' => 'video2.gif',
'avi' => 'video.gif',
'eps' => 'eps.gif',
'gz' => 'archive.png',
'asc' => 'sig.gif',
);

/*
That's it! You are now ready to upload this script to the server.

Only edit what is below this line if you are sure that you know what you
are doing!
*/
error_reporting(0);
if(!function_exists('imagecreatetruecolor')) $showthumbnails = false;
$leadon = $startdir;
if($leadon=='.') $leadon = '';
if((substr($leadon, -1, 1)!='/') && $leadon!='') $leadon = $leadon . '/';
$startdir = $leadon;

if($_GET['dir']) {
//check this is okay.

if(substr($_GET['dir'], -1, 1)!='/') {
$_GET['dir'] = $_GET['dir'] . '/';
}

$dirok = true;
$dirnames = split('/', $_GET['dir']);
for($di=0; $di<sizeof($dirnames); $di++) {

if($di<(sizeof($dirnames)-2)) {
$dotdotdir = $dotdotdir . $dirnames[$di] . '/';
}

if($dirnames[$di] == '..') {
$dirok = false;
}
}

if(substr($_GET['dir'], 0, 1)=='/') {
$dirok = false;
}

if($dirok) {
$leadon = $leadon . $_GET['dir'];
}
}

if($_GET['download'] && $forcedownloads) {
$file = str_replace('/', '', $_GET['download']);
$file = str_replace('..', '', $file);

if(file_exists($leadon . $file)) {
header("Content-type: application/x-download");
header("Content-Length: ".filesize($leadon . $file));
header('Content-Disposition: attachment; filename="'.$file.'"');
readfile($leadon . $file);
die();
}
}

if($allowuploads && $_FILES['file']) {
$upload = true;
if(!$overwrite) {
if(file_exists($leadon.$_FILES['file']['name'])) {
$upload = false;
}
}

if($upload) {
move_uploaded_file($_FILES['file']['tmp_name'], $leadon . $_FILES['file']['name']);
}
}

$opendir = $leadon;
if(!$leadon) $opendir = '.';
if(!file_exists($opendir)) {
$opendir = '.';
$leadon = $startdir;
}

clearstatcache();
if ($handle = opendir($opendir)) {
while (false !== ($file = readdir($handle))) {
//first see if this file is required in the listing
if ($file == "." || $file == "..") continue;
$discard = false;
for($hi=0;$hi<sizeof($hide);$hi++) {
if(strpos($file, $hide[$hi])!==false) {
$discard = true;
}
}

if($discard) continue;
if (@filetype($leadon.$file) == "dir") {
if(!$showdirs) continue;

$n++;
if($_GET['sort']=="date") {
$key = @filemtime($leadon.$file) . ".$n";
}
else {
$key = $n;
}
$dirs[$key] = $file . "/";
}
else {
$n++;
if($_GET['sort']=="date") {
$key = @filemtime($leadon.$file) . ".$n";
}
elseif($_GET['sort']=="size") {
$key = @filesize($leadon.$file) . ".$n";
}
else {
$key = $n;
}
$files[$key] = $file;

if($displayindex) {
if(in_array(strtolower($file), $indexfiles)) {
header("Location: $file");
die();
}
}
}
}
closedir($handle);
}

//sort our files
if($_GET['sort']=="date") {
@ksort($dirs, SORT_NUMERIC);
@ksort($files, SORT_NUMERIC);
}
elseif($_GET['sort']=="size") {
@natcasesort($dirs);
@ksort($files, SORT_NUMERIC);
}
else {
@natcasesort($dirs);
@natcasesort($files);
}

//order correctly
if($_GET['order']=="desc" && $_GET['sort']!="size") {$dirs = @array_reverse($dirs);}
if($_GET['order']=="desc") {$files = @array_reverse($files);}
$dirs = @array_values($dirs); $files = @array_values($files);


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Directory Listing of <?=dirname($_SERVER['PHP_SELF']).'/'.$leadon;?></title>
<link rel="stylesheet" type="text/css" href="dlf/styles.css" />
<?
if($showthumbnails) {
?>
<script language="javascript" type="text/javascript">
<!--
function o(n, i) {
document.images['thumb'+n].src = 'dlf/i.php?f='+i;

}

function f(n) {
document.images['thumb'+n].src = 'dlf/trans.gif';
}
//-->
</script>
<?
}
?>
</head>
<body>
<div id="container">
<h1>Directory Listing of <?=dirname($_SERVER['PHP_SELF']).'/'.$leadon;?></h1>
<div id="breadcrumbs"> <a href="<?=$_SERVER['PHP_SELF'];?>">home</a>
<?
$breadcrumbs = split('/', $leadon);
if(($bsize = sizeof($breadcrumbs))>0) {
$sofar = '';
for($bi=0;$bi<($bsize-1);$bi++) {
$sofar = $sofar . $breadcrumbs[$bi] . '/';
echo ' &gt; <a href="'.$_SERVER['PHP_SELF'].'?dir='.urlencode($sofar).'">'.$breadcrumbs[$bi].'</a>';
}
}

$baseurl = $_SERVER['PHP_SELF'] . '?dir='.$_GET['dir'] . '&amp;';
$fileurl = 'sort=name&amp;order=asc';
$sizeurl = 'sort=size&amp;order=asc';
$dateurl = 'sort=date&amp;order=asc';

switch ($_GET['sort']) {
case 'name':
if($_GET['order']=='asc') $fileurl = 'sort=name&amp;order=desc';
break;
case 'size':
if($_GET['order']=='asc') $sizeurl = 'sort=size&amp;order=desc';
break;

case 'date':
if($_GET['order']=='asc') $dateurl = 'sort=date&amp;order=desc';
break;
default:
$fileurl = 'sort=name&amp;order=desc';
break;
}
?>
</div>
<div id="listingcontainer">
<div id="listingheader">
<div id="headerfile"><a href="<?=$baseurl . $fileurl;?>">File</a></div>
<div id="headersize"><a href="<?=$baseurl . $sizeurl;?>">Size</a></div>
<div id="headermodified"><a href="<?=$baseurl . $dateurl;?>">Last Modified</a></div>
</div>
<div id="listing">
<?
$class = 'b';
if($dirok) {
?>
<div><a href="<?=$_SERVER['PHP_SELF'].'?dir='.urlencode($dotdotdir);?>" class="<?=$class;?>"><img src="dlf/dirup.png" alt="Folder" /><strong>..</strong> <em>-</em> <?=date ("M d Y h:i:s A", filemtime($dotdotdir));?></a></div>
<?
if($class=='b') $class='w';
else $class = 'b';
}
$arsize = sizeof($dirs);
for($i=0;$i<$arsize;$i++) {
?>
<div><a href="<?=$_SERVER['PHP_SELF'].'?dir='.urlencode($leadon.$dirs[$i]);?>" class="<?=$class;?>"><img src="dlf/folder.png" alt="<?=$dirs[$i];?>" /><strong><?=$dirs[$i];?></strong> <em>-</em> <?=date ("M d Y h:i:s A", filemtime($leadon.$dirs[$i]));?></a></div>
<?
if($class=='b') $class='w';
else $class = 'b';
}

$arsize = sizeof($files);
for($i=0;$i<$arsize;$i++) {
$icon = 'unknown.png';
$ext = strtolower(substr($files[$i], strrpos($files[$i], '.')+1));
$supportedimages = array('gif', 'png', 'jpeg', 'jpg');
$thumb = '';

if($showthumbnails && in_array($ext, $supportedimages)) {
$thumb = '<span><img src="dlf/trans.gif" alt="'.$files[$i].'" name="thumb'.$i.'" /></span>';
$thumb2 = ' onmouseover="o('.$i.', \''.urlencode($leadon . $files[$i]).'\');" onmouseout="f('.$i.');"';

}

if($filetypes[$ext]) {
$icon = $filetypes[$ext];
}

$filename = $files[$i];
if(strlen($filename)>43) {
$filename = substr($files[$i], 0, 40) . '...';
}

$fileurl = $leadon . $files[$i];
if($forcedownloads) {
$fileurl = $_SESSION['PHP_SELF'] . '?dir=' . urlencode($leadon) . '&download=' . urlencode($files[$i]);
}

?>
<div><a href="<?=$fileurl;?>" class="<?=$class;?>"<?=$thumb2;?>><img src="dlf/<?=$icon;?>" alt="<?=$files[$i];?>" /><strong><?=$filename;?></strong> <em><?=round(filesize($leadon.$files[$i])/1024);?>KB</em> <?=date ("M d Y h:i:s A", filemtime($leadon.$files[$i]));?><?=$thumb;?></a></div>
<?
if($class=='b') $class='w';
else $class = 'b';
}
?></div>
<?
if($allowuploads) {
$phpallowuploads = (bool) ini_get('file_uploads');
$phpmaxsize = ini_get('upload_max_filesize');
$phpmaxsize = trim($phpmaxsize);
$last = strtolower($phpmaxsize{strlen($phpmaxsize)-1});
switch($last) {
case 'g':
$phpmaxsize *= 1024;
case 'm':
$phpmaxsize *= 1024;
}

?>
<div id="upload">
<div id="uploadtitle"><strong>File Upload</strong> (Max Filesize: <?=$phpmaxsize;?>KB)</div>
<div id="uploadcontent">
<?
if($phpallowuploads) {
?>
<form method="post" action="<?=$_SERVER['PHP_SELF'];?>?dir=<?=urlencode($leadon);?>" enctype="multipart/form-data">
<input type="file" name="file" /> <input type="submit" value="Upload" />
</form>
<?
}
else {
?>
File uploads are disabled in your php.ini file. Please enable them.
<?
}
?>
</div>

</div>
<?
}
?>
</div>
</div>
<div id="copy">Directory Listing Script &copy;2008 Evoluted, <a href="http://www.evoluted.net/">Web Design Sheffield</a>.</div>
</body>
</html>


Cheers for any suggestions :cool:

SoniKalien
09-11-2010, 07:07 PM
What are the php errors exactly?

The Error Guy
11-11-2010, 07:26 PM
sorry, I forgot to attach the image. they aren't actually errors, more likely an error in the script or the way the script is handled.

Erayd
11-11-2010, 07:46 PM
Change the '<?' at the start of the script to '<?php'. If that doesn't fix the issue, then PHP is not enabled on your webserver (or at least not for where you've put the script) - you will need to contact the admin to get this turned on.

The Error Guy
11-11-2010, 08:08 PM
changed to <?php, no fix. php is enabled and i've tried different directories too. I guess i'll contact myself as admin :p. just keep screwing with it untill it works guess

The Error Guy
11-11-2010, 08:18 PM
interesting, one of my sites is hosted with 000webhost, they have the same script (slightly modified for their use) on the server. it works fine (http://longsword.co.cc/default.php) so I uploaded my script and it works, slightly worse than on WAMP actually (http://longsword.co.cc/indexer.php?dir=&sort=name&order=desc)

Copied 000's code to my server and it runs fine, i'll have a run through and check for differences, should fix it. at this stage, no idea what is going wrong yet though.

Erayd
11-11-2010, 09:30 PM
...no idea what is going wrong yet though.Like I said earlier, PHP is not enabled (if it was enabled, then you wouldn't be seeing that garbage your earlier screenshot shows). If it's enabled for other content on your server, but not this file, then your server is misconfigured...

If you view the page source in the browser, what do you see?

SoniKalien
11-11-2010, 09:56 PM
It looks like whatevers doing it is interpreting the first comment close to the first comment open... check your character encoding - long shot I know but it helped for me in the past :p

The Error Guy
12-11-2010, 10:17 AM
Like I said earlier, PHP is not enabled (if it was enabled, then you wouldn't be seeing that garbage your earlier screenshot shows). If it's enabled for other content on your server, but not this file, then your server is misconfigured...

If you view the page source in the browser, what do you see?

PHP is enabled, I have run other PHP scripts on my LAN, also doesn't explain why 000's copy works on my server and on theirs, mine works nowhere, both are PHP, the problem is with my copy of the script. (i think)

The Error Guy
12-11-2010, 10:18 AM
character encoding, as in ANSI UTF?

SoniKalien
12-11-2010, 12:57 PM
yea, probably it should be ANSI and not Unicode

The Error Guy
12-11-2010, 01:42 PM
Didn't fix. Ill try to cope with the one from 00o (since it works) only problem is, it's all in french :p. I know enough french to get by, but the thicker code will need a dictionary

ryz
12-12-2010, 12:23 PM
i have exactly the same issue, only with XAMPP. PHP is enabled.

I've found another site running the dir listing script..

http://www.primevil.fr/index.php

perhaps this one is in english :P

anyhow, how can i copy this script? like you've done with the one from 00o?

/edit: I've contacted the author of the evoluted php dirlist script (namely ash) via twitter, hope he helps us! :)

The Error Guy
12-12-2010, 12:32 PM
You can try contacting the developers from evoluted http://www.evoluted.net/community/code/directorylisting.php

The output on mine was english, the code was in french, primevil being a french site (well a french domain, I assume its french) I doubt you'll be get an english copy from there

If you want I can download 000's copy and put it in a .zip or .rar archive for you, either that or contact primevil and ask for a copy of the script

PS, welcome to PF1

ryz
12-12-2010, 12:50 PM
okay, i see.

would be nice if you could pass me 000's copy, for testing purposes. archive type doesn't matter.

anyway, i've substituted some more "<?" with "<?php" in my local copy and well.. it actually looks like the demo from http://evoluted.net/stuff/ now. but sadly, the script wont list any files. maybe i can fix that too.

thanks for the welcome!

The Error Guy
12-12-2010, 06:40 PM
Sorry Ryz, I can't log onto their website atm, apparently someone is having a go at them with a DDoS :x

I'd suggest signing up for a free account, they are pretty darned good hosts and you can experiment with the code. Just looking at my copy via FTP, it seems that the version on 000 has been updated, there are heaps of references to the 000 site, a quick view on WAMP brings up the previous errors :(

I don't have a copy of the test script locally anymore. I abandoned the project and don't have copies or backups.

Sorry

veldthui
12-12-2010, 10:32 PM
You need to replace ALL the <? with <?PHP.

Also you will probably find that ? is used in many places for outputing text. These are both shortcuts which are turned off in most bits. You need to replace the ? with the correct output command. It has been a while so I cannot remember what it is at the moment. Print maybe?