Added the start of a file manager

apps/filemanager/conf/config.php

@@ -0,0 +1,8 @@
+; <?php /*
+
+[Admin]
+
+handler = filemanager/index
+name = Files
+
+; */ ?>

apps/filemanager/handlers/embed.php

@@ -0,0 +1,72 @@
+<?php
+
+$page->template = false;
+header ('Content-Type: application/json');
+
+$error = false;
+
+switch ($_GET['action']) {
+	case 'auth':
+		if ($_GET['auth'] != 'jwysiwyg') {
+			$error = 'Authorization failed.';
+			break;
+		}
+		$out = array (
+			'move' => array ('enabled' => false),
+			'rename' => array ('enabled' => false),
+			'remove' => array ('enabled' => false),
+			'mkdir' => array ('enabled' => false),
+			'upload' => array ('enabled' => false)
+		);
+		break;
+	case 'list':
+		$ok = 0;
+		if ($_GET['dir'] == '/files') {
+			$ok = 3;
+		} else {
+			if (strpos ($_GET['dir'], '..') === false) {
+				$ok++;
+			}
+			if (strpos ($_GET['dir'], '/files/') === 0) {
+				$ok++;
+			}
+			if (@is_dir (getcwd () . $_GET['dir'])) {
+				$ok++;
+			}
+		}
+		if ($ok < 3) {
+			$error = 'Invalid directory.';
+			break;
+		}
+		$out = array (
+			'directories' => array (),
+			'files' => array ()
+		);
+		$d = dir (getcwd () . $_GET['dir']);
+		while (false !== ($entry = $d->read ())) {
+			if ($entry == '.' || $entry == '..') {
+				continue;
+			} elseif (@is_dir ($_GET['dir'] . '/' . $entry)) {
+				$out['directories'][] = $_GET['dir'] . '/' . $entry;
+			} else {
+				$out['files'][] = $_GET['dir'] . '/' . $entry;
+			}
+		}
+		$d->close ();
+		break;
+}
+
+if ($error) {
+	echo json_encode (array (
+		'success' => false,
+		'error' => $error,
+		'errno' => 1
+	));
+} else {
+	echo json_encode (array (
+		'success' => true,
+		'data' => $out
+	));
+}
+
+?>

apps/filemanager/handlers/index.php

@@ -1,72 +1,55 @@
 <?php
 
-$page->template = false;
-header ('Content-Type: application/json');
+$page->layout = 'admin';
 
-$error = false;
-
-switch ($_GET['action']) {
-	case 'auth':
-		if ($_GET['auth'] != 'jwysiwyg') {
-			$error = 'Authorization failed.';
-			break;
-		}
-		$out = array (
-			'move' => array ('enabled' => false),
-			'rename' => array ('enabled' => false),
-			'remove' => array ('enabled' => false),
-			'mkdir' => array ('enabled' => false),
-			'upload' => array ('enabled' => false)
-		);
-		break;
-	case 'list':
-		$ok = 0;
-		if ($_GET['dir'] == '/files') {
-			$ok = 3;
-		} else {
-			if (strpos ($_GET['dir'], '..') === false) {
-				$ok++;
-			}
-			if (strpos ($_GET['dir'], '/files/') === 0) {
-				$ok++;
-			}
-			if (@is_dir (getcwd () . $_GET['dir'])) {
-				$ok++;
-			}
-		}
-		if ($ok < 3) {
-			$error = 'Invalid directory.';
-			break;
-		}
-		$out = array (
-			'directories' => array (),
-			'files' => array ()
-		);
-		$d = dir (getcwd () . $_GET['dir']);
-		while (false !== ($entry = $d->read ())) {
-			if ($entry == '.' || $entry == '..') {
-				continue;
-			} elseif (@is_dir ($_GET['dir'] . '/' . $entry)) {
-				$out['directories'][] = $_GET['dir'] . '/' . $entry;
-			} else {
-				$out['files'][] = $_GET['dir'] . '/' . $entry;
-			}
-		}
-		$d->close ();
-		break;
+if (! User::require_admin ()) {
+	header ('Location: /admin');
+	exit;
 }
 
-if ($error) {
-	echo json_encode (array (
-		'success' => false,
-		'error' => $error,
-		'errno' => 1
-	));
+$o = new StdClass;
+
+if (isset ($_GET['path'])) {
+	$o->path = trim ($_GET['path'], '/');
+	$o->slashpath = '/' . $o->path;
+	$o->fullpath = getcwd () . '/files/' . $o->path;
+	$tmp = explode ('/', $o->path);
+	$o->parts = array ();
+	foreach ($tmp as $part) {
+		$joined = join ('/', $o->parts);
+		$o->parts[$part] = $joined . '/' . $part;
+	}
+	if (strpos ($o->path, '..') !== false || ! @is_dir ($o->fullpath)) {
+		$page->title = 'Invalid Path';
+		echo '<p><a href="/filemanager">Back</a></p>';
+		return;
+	}
+	$page->window_title = 'Files/' . $o->path;
 } else {
-	echo json_encode (array (
-		'success' => true,
-		'data' => $out
-	));
+	$o->path = '';
+	$o->slashpath = '/';
+	$o->fullpath = getcwd () . '/files';
+	$o->parts = array ();
+	$page->window_title = 'Files';
+}
+
+$d = dir ($o->fullpath);
+$o->files = array ();
+$o->dirs = array ();
+while (false != ($entry = $d->read ())) {
+	if (preg_match ('/^\./', $entry)) {
+		continue;
+	} elseif (@is_dir ($o->fullpath . '/' . $entry)) {
+		$o->dirs[$entry] = filemtime ($o->fullpath . '/' . $entry);
+	} else {
+		$o->files[$entry] = filemtime ($o->fullpath . '/' . $entry);
+	}
 }
+$d->close ();
+
+asort ($o->dirs);
+asort ($o->files);
+
+echo $tpl->render ('filemanager/index', $o);
 
 ?>

apps/filemanager/views/index.html

@@ -0,0 +1,51 @@
+<h2>
+{% if path == '' %}
+	Files
+{% else %}
+	<a href="/filemanager">Files</a>
+	{% foreach parts %}
+		{% if loop_value == $data->slashpath %}
+			/ {{ loop_index }}
+		{% else %}
+			/ <a href="filemanager?path={{ loop_value }}">{{ loop_index }}</a>
+		{% end %}
+	{% end %}
+{% end %}
+</h2>
+
+<p>
+<form action="/filemanager/upload" method="post" enctype="multipart/form-data">
+<input type="hidden" name="path" value="{{ path }}" />
+<a href="#" onclick="var name = prompt ('New folder name:', ''); window.location = '/filemanager/newfolder?path={{ path }}&name=' + name; return false">New folder</a> |
+New file: <input type="file" /><input type="submit" value="Upload" onclick="this.value = 'Uploading...'; this.disabled = true; this.form.submit ()" />
+</form>
+</p>
+
+<p>
+<table width="50%">
+	<tr>
+		<th>{" Name "}</th>
+		<th>{" Last modified "}</th>
+		<th>&nbsp;</th>
+	</tr>
+{% foreach dirs %}
+	<tr>
+		<td><img src="/css/admin/folder.png" alt="{{ loop_index }}" style="padding-right: 5px; margin-top: -2px" /> <a href="/filemanager?path={{ path }}/{{ loop_index }}">{{ loop_index }}</a></td>
+		<td>{{ loop_value|date ('F j, Y - g:ia', %s) }}</td>
+		<td>
+			<a href="#" onclick="var new_name = prompt ('Rename file:', '{{ loop_index }}'); window.location = '/filemanager/rename?file={{ path }}/{{ loop_index }}&new_name=' + new_name; return false">Rename</a>
+		</td>
+	</tr>
+{% end %}
+{% foreach files %}
+	<tr>
+		<td><img src="/css/admin/file.png" alt="{{ loop_index }}" style="padding-right: 5px; margin-top: -2px" /> <a href="/files/{{ path }}/{{ loop_index }}" target="_blank">{{ loop_index }}</a></td>
+		<td>{{ loop_value|date ('F j, Y - g:ia', %s) }}</td>
+		<td>
+			<a href="#" onclick="var new_name = prompt ('Rename file:', '{{ loop_index }}'); window.location = '/filemanager/rename?file={{ path }}/{{ loop_index }}&new_name=' + new_name; return false">Rename</a> |
+			<a href="/filemanager/delete?file={{ path }}/{{ loop_index }}" onclick="return confirm ('Are you sure you want to delete this file?')">Delete</a>
+		</td>
+	</tr>
+{% end %}
+</table>
+</p>

css/admin.css

@@ -15,10 +15,15 @@ h1, h2 {
 	color: #111;
 }
 
+table tr:hover {
+	background: #eee;
+}
+
 table tr th {
 	padding: 5px 7px 5px 7px;
 	border-bottom: 1px solid #666;
 	font-weight: bold;
+	background: #f5f5f5;
 }
 
 table tr th a {
@@ -39,6 +44,10 @@ table tr td {
 	background: #e5f2ff;
 }
 
+.different:hover {
+	background: #def;
+}
+
 #extra-options {
 	display: none;
 }

files/.htaccess

@@ -0,0 +1 @@
+Options -Indexes