Файл: ftp/edit.php
Строк: 290
<?php
error_reporting(0);
$k=trim($_GET['k']); include("key.php");
$d=rawurldecode(trim($_GET['d'])); $n=rawurldecode(trim($_GET['n']));
if ($d==NULL) {$d="";} elseif ($d=="/") {$d="";} if ($n==NULL) {$n="";}
$p=trim($_GET['p']); if ($p==NULL) {$p=trim($_POST['p']);} $ed=trim($_GET['ed']);
$kdr=trim($_GET['kdr']); $ikdr=trim($_GET['ikdr']);
$rf=strtolower(preg_replace("~.*.([^.]*)~m","\1",$n));
$rd=rawurlencode($d); $rn=rawurlencode($n);
$d=str_replace(".|htaccess",".htaccess",$d);
$n=str_replace(".|htaccess",".htaccess",$n);
include("utf.php"); include("esc.php"); include("koi.php"); $v=500;
require_once '../api_core/apicms_system.php';
require_once '../api_core/head.php';
function highlight_code($code)
{
// если до этого $code обрабатывали функцией
// htmlspecaialchars, здесь нужно дописать код, который отменяет ее действие
$code = stripslashes($code);
if(!strpos($code,"<?") && substr($code,0,2)!="<?") {
$code="<?php".trim($code)."";
}
$code = trim($code);
$codew = highlight_string($code,true);
return substr($codew, 79);
}
echo'<div class="headmenu" style="padding: 8px; color:#fff;" >
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<td><img src="icons/cldir.png" width="16" height="16" alt=">"/>
<astyle="color:#fff;" href="ftp.php?k='.$k.'&d='.$rd.'">'.$d.'/</a>'.$n.'
</td>
<td align = "right">
<a class="headbut" href = "/ftp/">На главную</a>
<a class="headbut" href = "javascript:history.back(1)">Назад</a></td>
</div></div></table></div>';
echo '<div class="subhead"><a href="edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&p='.$p.'&kdr='.$kdr.'&svs=1&ln='.$v.'"><img src="../design/menu/sx.png">Сохранить изменения</a></div>';
if ($ed==1) {@unlink("data/$k.edbk"); @unlink("data/$k.edbkp"); @unlink("data/$k.ed");
if (($ftp=ftp_connect($sr))&&(ftp_login($ftp,$lg,$ps))) {
ftp_pasv($ftp,true); $sz=ftp_size($ftp,"$d/$n");
if (($sz==-1)||($sz>122880)) {
header("Location: $dftp/ftp.php?k=$k&d=$rd"); exit;
}
ftp_get($ftp,"data/$k.ed","$d/$n",FTP_BINARY);
$fl=@file("data/$k.ed");
if ($fl<>NULL) {
$f=fopen("data/$k.ed","w");
for ($i=0;$i<count($fl);$i++) {
if ($i==0) {
if (substr($fl[$i],0,3)==chr(239).chr(187).chr(191)) {$fl[$i]=substr($fl[$i],3);}
}
if ($kdr==5) {fwrite($f,trim($fl[$i])."rn");}
else {
if ($ikdr==1) {fwrite($f,trim(k2u($fl[$i]))."rn");}
else {fwrite($f,trim(w2u(e2w(u2w($fl[$i]))))."rn");}
}
}
fclose($f);
}
ftp_close($ftp);
} else {
echo '<div class="box_1">
Нет соединения с сервером</div>
<div class="title_page"><a href="index.php">Главная</a></div>';
include "includes/footer.php";
exit;
}
}
$sv=trim($_GET['sv']); $svs=trim($_GET['svs']); $undo=trim($_GET['undo']);
if (($v==NULL)||($v<1)||($v>50)) {$v=7;}
function rept($kl) {
if (($kl[1]<>NULL)&&($kl[1]!=="0")&&($kl[1]<=50)) {return str_repeat("rn",$kl[1]);}
else {return $kl[0];}
}
function lcopy($nmr) {global $k;
$fl=@file("data/$k.ed");
$cnt=count($fl);
if (($nmr[1]>=1)&&($nmr[1]<=$cnt)) {return trim($fl[$nmr[1]-1]);}
else {return $nmr[0];}
}
function chars($ch) {
global $kdr;
if (($ch[1]>=0)&&($ch[1]<=255)) {
if ($kdr==5) {return chr($ch[1]);}
else {return w2u(chr($ch[1]));}
} else {return $ch[0];}
}
function repl($txt) {
$txt=str_replace("#_html_header#","header("Content-type: text/html; charset=utf-8");",$txt);
return $txt;
}
if ($undo<>NULL) {
@copy("data/$k.edbk","data/$k.ed");
$p=trim(@file_get_contents("data/$k.edbkp"));
@unlink("data/$k.edbk"); @unlink("data/$k.edbkp");
} else {
if ($sv<>NULL) {
@copy("data/$k.ed","data/$k.edbk");
$f=@fopen("data/$k.edbkp","w"); @fwrite($f,$p); @fclose($f);
$e1=trim(stripslashes($_POST['e1']));
$e1=str_replace(chr(226).chr(128).chr(168),"rn",$e1);
$e1=str_replace(chr(226).chr(128).chr(169),"rn",$e1);
if ($e1<>NULL) {
if ($fl=@file("data/$k.ed")) {$cnt=count($fl);
$begin=$sv*$v-$v; if ($begin>$cnt) {$begin=0;}
$end=$begin+$v; if ($end>$cnt) {$end=$cnt;} $ar=NULL; $str="";
for ($i=$begin;$i<$end;$i++) {
if ($i==$begin) {$fl[$i]=repl($e1."rn");} else {$fl[$i]='';}
}
for ($i=0;$i<count($fl);$i++) {if ($fl[$i]<>NULL) {$str.=$fl[$i];}}
if (strpos($str,"#_del_free#")!==false) {
$str=preg_replace("~[s]*#_del_free#[s]*~","rn",$str);
}
if ((strpos($str,"#_del_begin#")!==false)&&(strpos($str,"#_del_end#")!==false)) {
$str=preg_replace("~#_del_begin#[sS]*#_del_end#~","",$str);
}
if (strpos($str,"#_del_free_all#")!==false) {
$str=str_replace("#_del_free_all#","",$str);
$str=str_replace("nr","",$str);
$str=preg_replace("~^rn~","",$str,1);
}
$f=@fopen("data/$k.ed","w"); @fwrite($f,$str); @fclose($f);
} else {$str=$e1;
if (strpos($str,"#_del_free#")!==false) {
$str=preg_replace("~[s]*#_del_free#[s]*~","rn",$str);
}
if ((strpos($str,"#_del_begin#")!==false)&&(strpos($str,"#_del_end#")!==false)) {
$str=preg_replace("~#_del_begin#[sS]*#_del_end#~","",$str);
}
if (strpos($str,"#_del_free_all#")!==false) {
$str=str_replace("#_del_free_all#","",$str);
$str=str_replace("nr","",$str);
}
$f=@fopen("data/$k.ed","w"); @fwrite($f,repl(trim($str))); @fclose($f); $str=NULL;
}
}
}
if ($svs<>NULL) {
if ($kdr==1) {copy("data/$k.ed","data/$k.eds");}
else {
$fl=@file("data/$k.ed"); @$f=fopen("data/$k.eds","w");
if ($fl<>NULL) {
for ($i=0;$i<count($fl);$i++) {
if ($kdr==2) {@fwrite($f,trim(u2w($fl[$i]))."rn");}
elseif ($kdr==3) {@fwrite($f,trim(w2e(u2w($fl[$i])))."rn");}
elseif ($kdr==4) {@fwrite($f,trim(u2k($fl[$i]))."rn");}
else {@fwrite($f,trim($fl[$i])."rn");}
}
}
@fclose($f);
}
if (($ftp=ftp_connect($sr))&&(ftp_login($ftp,$lg,$ps))) {
@ftp_pasv($ftp,true);
@ftp_put($ftp,str_replace('$$','$',"$d/$n"),"data/$k.eds",FTP_BINARY);
@ftp_close($ftp);
} else {
echo '<div class="box_1">
Нет соединения с сервером</div>
<div class="title_page"><a href="index.php">Главная</a></div>';
include "includes/footer.php";
exit;
}
@unlink("data/$k.eds");
}
} $bl=""; $nav="";
if ($fl=@file("data/$k.ed")) {$cnt=count($fl); $allp=ceil($cnt/$v);
if (($p==NULL)||($p==0)) {$p=1;} elseif ($p>$allp) {$p=$allp;} elseif ($p<1) {$p=1;}
$begin=$p*$v-$v; if ($begin>$cnt) {$begin=0;}
$end=$begin+$v; if ($end>$cnt) {$end=$cnt;} $ar=NULL; $vl=$end-$begin;
function chrpl($str) {
for ($j=0;$j<32;$j++) {
if (($j<>10)&&($j<>13)) {$str=str_replace(chr($j),"#_$j#",$str);}
}
return $str;
}
for ($i=$begin;$i<$end;$i++) {$ar[]=htmlspecialchars(chrpl($fl[$i]),ENT_QUOTES);}
if ($p>1) {$vp=$p-1;
$bl.="<a href="edit.php?k=$k&d=$rd&n=$rn&p=$vp&kdr=$kdr&ln=$v"><<<</a>rn";}
if ($allp>$p) {$vp=$p+1;
$bl.="<a href="edit.php?k=$k&d=$rd&n=$rn&p=$vp&kdr=$kdr&ln=$v">>>>></a>rn";}
if ($bl<>NULL) {
$nav="<br><input name="p" type="text" value="$p" size="3"><input type="submit" value="« »"><br>rn";}
} else {$p=1; $allp=1; $ar[]=""; $vl=1;}
/*
echo '<div class="box_2">
Путь: <b><a href="ftp.php?k='.$k.'&d='.$rd.'">'.$d.'/</a><a href="file.php?k='.$k.'&d='.$rd.'&n='.$rn.'">'.$n.'</a></b><br/>
</div><div class="box_1">
'.$soft.'- - -<br>
<form name="go" action="'.$dftp.'/edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&ln='.$v.'" method="post">
Строк: '.$vl.'/'.$cnt.'<br>
Страница: '.$p.'/'.$allp.'<br>
'.$bl.''.$nav.'- - -</form>
<form name="editor" action="'.$dftp.'/edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&p='.$p.'&kdr='.$kdr.'&sv='.$p.'&svs=1&ln='.$v.'" method="post">
<textarea name="e1" rows="'.($v+1).'" cols="200">';
for ($i=1;$i<=$vl;$i++) {echo $ar[$i-1];}
echo '</textarea><br>';
echo '<input type="submit" value="Сохранить"></form>';
for ($i=1;$i<=$vl;$i++) {
$s++;
echo '<div class="subhead"><b>'.$s.'.</b> '.$ar[$i-1].' <a href="edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&ln='.$v.'&to_add_str=10&add='.$ar[$i-1].'"><img src = "icons/add_str.png" height = "13" width = "13"></a><a><img src = "icons/delete_str.png" height = "13" width = "13"></a></div>';
}
echo'<div class="subhead">'.$bl.'</div>';
////////////////////
if (isset($_GET['to_add_str'])) {
$input = 'Изменить';
echo '<div class="subhead"><form action = "'.$dftp.'/edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&ln='.$v.'" method = "POST">';
echo'<textarea name="e1" rows="'.($v+1).'" cols="200">';
for ($i=1;$i<=$vl;$i++) {echo $ar[$i-1];}
echo '</textarea><br>';
//echo '<center><textarea name="e1" rows="'.($v+1).'" cols="200"><textarea name = "editor">'.htmlspecialchars($_GET['add']).'</textarea>';
echo '<br />';
echo '<input type = "submit" value = "'.$input.'"></center><br /></div>';
}
echo
if (isset($_GET['k'])) {
$post_str = trim($_POST['str_txt'])."n";
$file_path = htmlspecialchars($_GET['n']);
$id_str = intval($_GET['id']);
$path = file('data/'.$_GET['n']);
if (isset($_GET['add'])) {
$path[$id_str] .= $post_str;
} else if (isset($_GET['edit'])) {
$path[$id_str] = $post_str;
} else if (isset($_GET['delete_str'])) {
unset($path[$id_str]);
}
$files = fopen(ROOT.$file_path, "w");
foreach($path as $key => $value) {
fwrite($files, $value);
}
fclose($files);
}
*/
//////////////////
$path = 'data/'.trim($_GET['k']).'.ed';
$min_str = 0; //с какой строки начинать
$max_str = 40; //максимальное количество строк на странице
$max_str_page = 40;
if (isset($_GET['page']) && is_numeric($_GET['page'])) {
$min_str = ($_GET['page']*$max_str);
$max_str = ($_GET['page']*$max_str)+$max_str;
}
$files = file($path);
if (count($files) == 0) {
echo '<div class="subhead"><center><a href="edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&id='.$i.'&path='.$path.'&page='.intval($_GET['page']).'&add_str#to_add_str">Добавить строку</a></center></div>';
$files = array(" ");
}
for($i=$min_str; $i<=$max_str; $i++) {
if (!empty($files[$i])) {
$color = NULL;
$string = 0;
if (isset($_GET['id']) && isset($_GET['add'])) {
$string = 1;
}
if (isset($_GET['id']) && $_GET['id']+$string == $i && isset($_GET['to_str'])) {
echo '<a name = "to_str"></a>';
$color = '<span style = "color: red;">';
}
echo '<div class="subhead"><font color = "red">'.$i.')</font> <a href="edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&id='.$i.'&path='.htmlspecialchars($path).'&page='.intval($_GET['page']).'&edit_str#to_edit_str">';
echo $color.highlight_code($files[$i]).'</span></a> ';
echo '<a href="edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&id='.$i.'&path='.$path.'&page='.intval($_GET['page']).'&add_str#to_add_str"><img src = "icons/add_str.png" height = "13" width = "13"></a> <a href="edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&id='.$i.'&path='.$path.'&page='.intval($_GET['page']).'&'.rand(0, 9999999).'&delete_str&to_str#to_str"><img src = "icons/delete_str.png" height = "13" width = "13"></a><br />';
echo'</div>';
if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] == $i && isset($_GET['edit_str']) || isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] == $i && isset($_GET['add_str']) || isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] == 0 && isset($_GET['add_strs'])) {
if (isset($_GET['add_str'])) {
$get = 'add';
$input = 'Добавить';
$files[$i] = NULL;
} else if (isset($_GET['edit_str'])) {
$get = 'edit';
$input = 'Изменить';
}
echo '<a name = "to_edit_str"></a>';
if (isset($_GET['id']) && $_GET['id'] == $i && isset($_GET['add_str'])) {
echo '<a name = "to_add_str"></a>'
;
}
echo '<div class="subhead"><form action = "edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&path='.htmlspecialchars($path).'&page='.intval($_GET['page']).'&id='.$i.'&'.$get.'&to_str#to_str" method = "POST">';
echo '<center><textarea name = "str_txt">'.trim($files[$i]).'</textarea><br />';
echo '<br />';
echo '<input type = "submit" value = "'.$input.'"></center><br /></div>';
}
}
}
if (isset($_GET['n']) && isset($_GET['id']) && isset($_GET['edit']) || isset($_GET['path']) && isset($_GET['id']) && isset($_GET['add']) || isset($_GET['path']) && isset($_GET['id']) && isset($_GET['delete_str'])) {
$post_str = trim($_POST['str_txt'])."n";
$file_path = htmlspecialchars($_GET['path']);
$id_str = intval($_GET['id']);
$str = file($_GET['path']);
if (isset($_GET['add'])) {
$str[$id_str] .= $post_str;
} else if (isset($_GET['edit'])) {
$str[$id_str] = $post_str;
} else if (isset($_GET['delete_str'])) {
unset($str[$id_str]);
}
$files = fopen($file_path, "w");
foreach($str as $key => $value) {
fwrite($files, $value);
}
fclose($files);
echo'
<script type="text/javascript">
document.location.href="'.$_SERVER['HTTP_REFERER'].'";
</script>';
}
if (count($files)>$max_str_page) {
echo'<div class="subhead">';
for($i=0; $i<=(count($files)/$max_str_page); $i++) {
if (isset($_GET['page']) && is_numeric($_GET['page']) && $_GET['page'] == $i)
echo '<a href = "edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&id='.$i.'&path='.htmlspecialchars($path).'&page='.$i.'"><span style = "color: red;">'.($i+1).'</a></span></b> ';
else
echo '<a href = "edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&kdr='.$kdr.'&id='.$i.'&path='.htmlspecialchars($path).'&page='.$i.'">'.($i+1).'</a> ';
}
echo '</div></center>';
}
///////////////////////
echo '<div class="subhead"><a href="edit.php?k='.$k.'&d='.$rd.'&n='.$rn.'&p='.$p.'&kdr='.$kdr.'&svs=1&ln='.$v.'"><img src="../design/menu/sx.png">Сохранить изменения</a></div>';
apicms_foot();
?>