Page 1 of 1

Sub Category issue with scandir function

Posted: Fri Mar 13, 2015 5:03 am
by denebx3
Hi guys,

I have a strange issue with scandir function in PHP. I have downloaded an open source PHP script and modify it a little bit. On the root directory everything is working just fine with my functions and variables. However, on every subcategory most of the variables that I am returning are not function at all. You can find attached two screenshots in order to get a better understanding.

Script attached too.

http://postimg.org/image/gjlrmamg3/

http://postimg.org/image/vrclhzinr/

Thank you in advance for your help!

Code: Select all

<?php
    session_start();
    ini_set('display_errors', 'on');
    error_reporting(E_ERROR | E_PARSE);
    date_default_timezone_set("Europe/Nicosia");
	
    include("config2.php");
    $title = "Software-Applications";
	$ignore_file_list = array( ".htaccess", "_gsdata_" );
	$ignore_ext_list = array("php", "css", "png");
	$sort_by = "name_asc"; // options: name_asc, name_desc, date_asc, date_desc
	$icon_url = "https://dl.dropbox.com/u/6771946/icons/icons.png";
    
?>
<!DOCTYPE HTML>
<head>
	<title><?php echo $title; ?></title>
	<link href="styles2.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php
$sub = $_GET['dir']."/"; 
$full_path = "data_dir".$sub;

echo "Full path: ".$full_path."<br>";
echo "Sub dir: ".$sub; ?>

<?php

if (EMPTY($_GET['dir'])) { 
    
    $_SESSION['dir']; 
    $dir = $dir."/".$_SESSION['dir'];
}
else {
    
   
} ?>
<h1><?php echo $title ?></h1> <div class="wrap">
<?php
// GET THE BLOCKS STARTED, FALSE TO INDICATE MAIN FOLDER
$items = scandir($full_path);
    
	foreach($items as $item) {
	   
       if( $item == ".." OR $item == ".") continue;
       // IGNORE FILE
		if(in_array($item, $ignore_file_list)) { continue; }
        $file_ext = pathinfo($item, PATHINFO_EXTENSION);
		// IGNORE EXT
		if(in_array($file_ext, $ignore_ext_list)) { continue; }
        
        if(!$file_ext AND is_dir($item)) { $file_ext = "dir"; }

    //print_r($item);
	if (is_dir($item) == TRUE) {$folder="index2.php?dir=/";} else $folder="";
?>
    <div class="block">
	<a href="<?php echo "$folder$item";?>" class="<?php echo $file_ext;?>">
	<div class="img <?php echo $file_ext;?>">&nbsp;</div>
	<div class="name">
	<div class="file"><?php echo basename($item)?> </div>
	<div class="date">Size:<?php echo format_size($item)."<br/> Last modified: ".date("D. F jS, Y - h:ma", filemtime($item)) ?> </div>
	</div>
	</a>
	</div>
    
<?php 	} ?> 

</div>
</body>
</html>

Re: Sub Category issue with scandir function

Posted: Fri Mar 13, 2015 5:23 am
by requinix
$folder, which you use to browse into the subdirectories, does not include path information. Neither does $item. That means no matter what you do you'll only get "/$item".

Modify $folder to include the current directory. For example, include $sub in there.

On a separate note, is this script going to run on the internet for anyone to use? Because it's insecure and would allow anyone to view any directory on your server.

Re: Sub Category issue with scandir function

Posted: Fri Mar 13, 2015 5:34 am
by denebx3
Hi requinix,

The path information is included in the $file variable. If the path was not included the listing of the items would not be loaded.
See the attached photo to understand.

Also the script is secure with .htaccess Authentication and a login script.

Re: Sub Category issue with scandir function

Posted: Fri Mar 13, 2015 12:20 pm
by requinix
denebx3 wrote:The path information is included in the $file variable.
No such variable.
denebx3 wrote:If the path was not included the listing of the items would not be loaded.
And as your first screenshots showed, it wasn't loading properly. Look at the URL for one of those pages: dir will have the wrong value. And that's determined by $folder and $item, neither of which include directory information.
denebx3 wrote:Also the script is secure with .htaccess Authentication and a login script.
Do you trust the people who have access to not fiddle with the URL to look up other directories? That's all they have to do: change the dir=/ to, for example, "dir=/../../etc", and they'll get to see files and folders in whatever directory on your server they want.