By LordHawk on Jan 16, 2009This code allows you to display your MAIN site directory, it will also open the pages in the directory allowing you to edit and save your changes. This code is simply something i FIXED for a friend who wrote it. His version wasnt working properly. Lets just say i wrote 1/2 this code for him. Either way its stills his code so Thanks LiLRisp for allowing me to post my edited copy of your non working code.
<?php
$_SETTINGS['DIR'] = ".";
$_SETTINGS['BAK_DIR'] = $_SETTINGS['DIR']."/bak";
$_SETTINGS['USE_PHP_AUTH'] = "";
$_SETTINGS['FILE_LIST'] = array("php","html","htm","inc");
//use ereg_replace, else str_replace
$_SETTINGS['EREG_REPLACE'] = true;
if ($_SETTINGS['USE_PHP_AUTH']){
if ( ( !isset( $_SERVER['PHP_AUTH_USER'] )) || (!isset($_SERVER['PHP_AUTH_PW']))
|| ( $_SERVER['PHP_AUTH_USER'] != 'Admin' ) || ( $_SERVER['PHP_AUTH_PW'] != 'edit' ) ) {
header( 'WWW-Authenticate: Basic realm="Editor"' );
header( 'HTTP/1.0 401 Unauthorized' );
echo "<HTML><BODY BGCOLOR=000066 LINK=ffcc00 VLINK=ffcc00 ALINK=ffcc00>
<DIV ALIGN=center>
<FONT FACE=arial,verdana SIZE=3 COLOR=ffffff>
<B>You must have a username and password to enter this page
<BR><BR>Back to <A HREF='$_SERVER[HTTP_REFERER]'>$_SERVER[HTTP_REFERER]</A>";
exit;
}
}
if($_GET['edit_file_name'])
$edit_file_name = ereg_replace("\../", "", $_GET['edit_file_name']);
if(ereg ("/",$edit_file_name))
$edit_file_name = array_pop(explode("/",$edit_file_name));
$find = $_POST['find'];
if ($_POST['post_cols']) {
$edit_file_name = ereg_replace("\../", "", $_POST['edit_file_name']);
$save_editor_file = ereg_replace("\../", "", $_POST['save_editor_file']);
$gotoline = $_POST['gotoline'];
$posted_cols = $_POST['posted_cols'];
$edit_file_name_as = ereg_replace("\../", "", $_POST['edit_file_name_as']);
$loadcontent = $_POST['loadcontent'];
if ($gotoline != "") {
$gotoline = $_POST['gotoline'];
$this_line = "#line$gotoline";
} else $this_line = "#line0";
//if ($_SETTINGS['USE_AUTO_REFRESH'])
//print "<html><head><META http-equiv=\"refresh\" content=\"0;URL={$_SERVER['PHP_SELF']}?edit_file_name=$edit_file_name$this_line\"></head><body><form method=post action=\"{$_SERVER['PHP_SELF']}?edit_file_name=$edit_file_name$this_line\"><input type=\"hidden\" name=\"edit_file_name\" value=\"$edit_file_name\"><input type=\"hidden\" name=\"gotoline\" value=\"$gotoline\"><input type=\"hidden\" name=\"posted_cols\" value=\"$posted_cols\"></form></body></html>";
//$msg = "<center> <B><A href=\"{$_SERVER['PHP_SELF']}?edit_file_name=$edit_file_name_as$this_line\">Go To Line</A></B><BR></center>";
} else {
$posted_cols = 120;
}
if ($gotoline != "") {
global $this_line;
$gotoline = $_POST['gotoline'];
$this_line = "#line$gotoline";
}
if ($_POST['delete_file']) {
$edit_file_name = ereg_replace("\../", "", $_POST['edit_file_name']);
if (is_file("{$_SETTINGS['DIR']}/$edit_file_name")) {
@unlink("{$_SETTINGS['DIR']}/$edit_file_name");
} elseif(is_file("{$_SETTINGS['BAK_DIR']}/$edit_file_name")) {
@unlink("{$_SETTINGS['BAK_DIR']}/$edit_file_name");
}
if ($_SETTINGS['USE_AUTO_REFRESH'])
print "<html><head><META http-equiv=\"refresh\" content=\"0;URL={$_SERVER['PHP_SELF']}\"></head><body></body></html>";
//$msg = "<center><B><A href=\"{$_SERVER['PHP_SELF']}\">REFRESH</A></B><BR></center>";
}
if ($_POST['save_editor_file']) {
$edit_file_name = ereg_replace("\../", "", $_POST['edit_file_name']);
$save_editor_file = ereg_replace("\../", "", $_POST['save_editor_file']);
$new_backup = $_POST['new_backup'];
$gotoline = $_POST['gotoline'];
$posted_cols = $_POST['posted_cols'];
$savecontent = $_POST['savecontent'];
//$tabs = "\t\t\t";
//$savecontent = ereg_replace("$tabs", "", $savecontent);
$delete_file = $_POST['delete_file'];
$edit_file_name_as = ereg_replace("\../", "", $_POST['edit_file_name_as']);
$loadcontent = $_POST['loadcontent'];
if ($_POST['new_backup']) {
if(!is_dir("{$_SETTINGS['BAK_DIR']}/"))
mkdir($_SETTINGS['BAK_DIR']);
if (is_dir("{$_SETTINGS['BAK_DIR']}") && is_file("{$_SETTINGS['BAK_DIR']}/$edit_file_name"))
@unlink("{$_SETTINGS['BAK_DIR']}/$edit_file_name");
$tedit_file_name = ereg_replace("\.php", "", $edit_file_name);
$newbacedit_file_name = ereg_replace("\.bac", "", $tedit_file_name);
$newbac = $newbacedit_file_name. ".bac";
$newbac = $edit_file_name. ".bac";
copy("{$_SETTINGS['DIR']}/$edit_file_name", "{$_SETTINGS['BAK_DIR']}/$newbac");
}
//if ($edit_file_name_as) $edit_file_name_as = $edit_file_name;
$fp = @fopen("{$_SETTINGS['DIR']}/$edit_file_name_as", "w");
if ($fp) {
$savecontent = stripslashes($savecontent);
if($_POST['replace']){
if($_SETTINGS['EREG_REPLACE'])
$savecontent = ereg_replace($_POST['replace'], $_POST['replace_with'], $savecontent);
else
$savecontent = str_replace($_POST['replace'], $_POST['replace_with'], $savecontent);
}
fwrite($fp, $savecontent);
fclose($fp);
if ($gotoline != "") {
$gotoline = $_POST['gotoline'];
$this_line = "#line$gotoline";
} else $this_line = "#line0";
if ($_SETTINGS['USE_AUTO_REFRESH'])
print "<html><head><META http-equiv=\"refresh\" content=\"0;URL=$_SERVER[PHP_SELF]?edit_file_name=$edit_file_name_as$this_line\"></head><body><form method=post action=\"$_SERVER[PHP_SELF]?edit_file_name=$edit_file_name$this_line\"><input type=\"hidden\" name=\"edit_file_name\" value=\"$edit_file_name\"><input type=\"hidden\" name=\"gotoline\" value=\"$gotoline\"><input type=\"hidden\" name=\"posted_cols\" value=\"$posted_cols\"></form></body></html>";
//$msg = "<center><B><A href=\"$_SERVER[PHP_SELF]?edit_file_name=$edit_file_name_as\">REFRESH</A></B> <B><A href=\"$_SERVER[PHP_SELF]?edit_file_name=$edit_file_name_as$this_line\">Go To Line</A></B><BR></center>";
} else {
$msg = "<BR><font color=red><b>WRITE_PERMISSIONS?</B></font><p>";
}
}
if ($_POST['import_file_name_file']) {
if (!$_POST['import_file_name'])
$msg = "Need url and file name";
$import_file = $_POST['import_file_name'];
copy ($import_file, "{$_SETTINGS['DIR']}/imported");
//if ($_SETTINGS['USE_AUTO_REFRESH'])
//print "<html><head><META http-equiv=\"refresh\" content=\"0;URL={$_SERVER['PHP_SELF']}?edit_file_name=imported\"></head><body></body></html>";
//$msg = "<center><B><A href=\"{$_SERVER['PHP_SELF']}?edit_file_name=imported\">REFRESH</A></B><BR></center>";
}
$file = "$edit_file_name";
if (is_file("{$_SETTINGS['DIR']}/$edit_file_name"))
$loadcontent = "{$_SETTINGS['DIR']}/$edit_file_name";
elseif (is_file("{$_SETTINGS['BAK_DIR']}/$edit_file_name"))
$loadcontent = "{$_SETTINGS['BAK_DIR']}/$edit_file_name";
if($_SETTINGS['FILE_LIST'] && $loadcontent){
$file2 = array_pop(explode(".",$edit_file_name));
if(!in_array($file2,$_SETTINGS['FILE_LIST']) && $file2 != 'bac')
$loadcontent = "";
}
if (is_file($loadcontent)) {
$fp = @fopen("$loadcontent", "r");
$loadcontent = @fread($fp, filesize("$loadcontent"));
$lines = explode("\n", $loadcontent);
$count = count($lines);
$loadcontent = htmlspecialchars($loadcontent);
@fclose($fp);
for ($a = 1; $a < $count+1; $a++) {
$a_line = $a-1;
if (@eregi("$find", "$lines[$a_line]")){
$this_line = "#line$a_line";
$linenmbr .= "<a name=\"line$a\"><font font-size: 12px color=black>Found<a href=\"$_SERVER[PHP_SELF]?edit_file_name=$edit_file_name#line0\">$a</a></font></a>\n";
} else
$linenmbr .= "<a name=\"line$a\"><font font-size: 12px color=black><a href=\"$_SERVER[PHP_SELF]?edit_file_name=$edit_file_name#line0\">$a</a></font></a>\n";
}
} else {
// print "<html><head><META http-equiv=\"refresh\" content=\"0;URL={$_SERVER['PHP_SELF']}\"></head><body></body></html>";
}
$find = stripslashes(htmlspecialchars($_POST['find']));
$replace = stripslashes(htmlspecialchars($_POST['replace']));
$replace_with = stripslashes(htmlspecialchars($_POST['replace_with']));
if($_SETTINGS['EREG_REPLACE'])
$name_function = "ereg_replace";
else
$name_function = "str_replace";
?>
<!DOCTYPE HTML PRIVATE "-//W3C//DTD HTML 4.01 Transitional//EN" >
<html>
<head>
<title>Edit source of <?php echo $edit_file_name ?></title>
</head>
<body><a name="line0"></a>
<BR>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<? echo "$msg"; print "<form method=post action=\"$_SERVER[PHP_SELF]?edit_file_name=$edit_file_name$this_line\">\n";
?><input type="submit" name="save_editor_file" value="Save"> <?=$name_function?>(<input type=text name='replace' value='<?=$replace?>'>,<input type=text name='replace_with' value='<?=$replace_with?>'>,eachline) Find:<input type=text name='find' value="<?=$find;?>">
<?
if (is_dir($_SETTINGS['DIR'])) {
$dir = opendir("{$_SETTINGS['DIR']}");
echo "<table width=\"100%\" valign=\"top\" border=\"0\" cellspacing=\"1\" cellpadding=\"1\">
<tr>
<td valign=\"top\">File list of {$_SETTINGS['DIR']}/";
echo "<select name=\"edit_file_name\">
<option value=\"$file\">$file</option>
<option value=\"\"></option>";
while ($file = readdir ($dir)) {
if($_SETTINGS['FILE_LIST']){
$file2 = array_pop(explode(".",$file));
if(!in_array($file2,$_SETTINGS['FILE_LIST']))
continue;
}
if ($file != "." && $file != ".." && !is_dir($file) && !eregi("\.bac", $file)){
print '<option value="'.$file.'">'.$file. '</option>';
}
// echo " <a href=\"$_SERVER[PHP_SELF]?edit_file_name=$file\">$file</a></td> \n";
}
echo '</select> ';
closedir($dir);
} else echo "{$_SETTINGS['DIR']} not found";
?>
<input type="submit" name=post_cols value="Open"> New Backup:<input type="checkbox" name="new_backup">
line: <input type="text" name="gotoline" value="<?=$gotoline;?>" size="5"> Colums<input name="posted_cols" size="4" value="<?=$posted_cols;?>">
Save As: <input type="text" name="edit_file_name_as" value="<?=$edit_file_name?>" size="25">
<?php
echo "</td>
</tr>
</table>";
?>
<table style="text-align: left; padding: 4px; overflow: auto; border: 3px groove; font-size: 12px cols="<?=$posted_cols;?>" rows="50" wrap="OFF"">
<tr>
<td width="7%" align="right" valign="top"><pre style="text-align: right; padding: 1px; overflow: auto; border: 0px groove; font-size: 12px" cols="4" rows="<?=$count+3;?>" wrap="OFF"><?=$linenmbr?></pre></td>
<td width="80%" align="left" valign="top"><textarea style="text-align: left; padding: 0px; overflow: auto; border: 0px groove; font-size: 12px" name="savecontent" cols="<?=$posted_cols;?>" rows="<?=$count;?>" wrap="OFF"><?=$loadcontent?></textarea></td>
</tr>
</table>
<br>
<br>
<input type="submit" name="save_editor_file" value="Save"><input type="submit" name="delete_file" value="Delete">
</center>
<!--<BR><BR>Import File Name:<input type="text" name="import_file_name" value="<?=$import_file_name?>" size="55">
<input type="submit" name="import_file_name_file" value="Import">-->
</form>
</td>
</tr>
</table>
<?php
print "<BR>BACKUPS<BR><BR>";
if (is_dir($_SETTINGS['BAK_DIR'])) {
$dir = opendir($_SETTINGS['BAK_DIR']);
while ($file = readdir ($dir)) {
if ($file != "." && $file != ".." && eregi("\.bac", $file))
echo " <a href=\"$_SERVER[PHP_SELF]?edit_file_name=$file\">$file</a></td> ";
}
closedir($dir);
}
else if(!mkdir($_SETTINGS['BAK_DIR']))
echo $_SETTINGS['BAK_DIR']." does not exist and was unable to create it";
?>
</body>