a problem with directory class

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

a problem with directory class

Post by mudkicker »

Code: Select all

<?php
class Dizin {
	
	var $dizin;
	var $dosya;
	
	function Dizin($dizin) {
		//error_reporting(0);
		$this->dizin = $dizin;
	}
	
	function DizinGoster() {
		$handle = opendir($this->dizin);
		while ($file = readdir($handle)) {
			if(is_dir($file)) {
				print $file." [+]<br>";
			}
			else {
				print $file." <br>";
				$this->BilgiGoster($file);
			}
		}
	}
	
	function BilgiGoster($dosya) {
		print "<blockquote><div style="font-size:9px;font-face=Verdana;">";
		print "Son De&#287;i&#351;tirilme: ".filemtime($dosya)."<br>";
		print "Dosya Boyutu: ".filesize($dosya)."<br>";
		print "</div></blockquote>";
	}
			
		
	
}
?>
Hi, That is the code i wrote but there's something wrong with it and I couldn't find a way to correct that.

When I want to test it

Code: Select all

<?php
<?
$dizin = new Dizin(".");
$dizin->DizinGoster();
?>
With "." it works great. But if I want to use another directory to explore, it gives me errors and didn't make the things correctly.

Can you help me what I'm doing wrong?

Thanks for replies. :roll:
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

By the way don't worry about the special characters in print's. My code is Turkish written (variable names for example...) :P
kettle_drum
DevNet Resident
Posts: 1150
Joined: Sun Jul 20, 2003 9:25 pm
Location: West Yorkshire, England

Post by kettle_drum »

Do you have permission to read that directory? Can you please show us what error messages you are getting so we can help you further. Thanks :)
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

this is the code i test

Code: Select all

<?php
$dizin = new Dizin("/web/att");
$dizin->DizinGoster();
?>
And this is the whole page with errors i got:

Code: Select all

. &#1111;+]
.. &#1111;+]
css

Warning: filemtime(): Stat failed for css (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for css (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

db.php

Warning: filemtime(): Stat failed for db.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for db.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

directions.php

Warning: filemtime(): Stat failed for directions.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for directions.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

email.php

Warning: filemtime(): Stat failed for email.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for email.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

gallery.php

Warning: filemtime(): Stat failed for gallery.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for gallery.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

index.php
Son De&#287;i&#351;tirilme: 30.03.2004
Dosya Boyutu: 0.043 kB

interface

Warning: filemtime(): Stat failed for interface (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for interface (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

links.php

Warning: filemtime(): Stat failed for links.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for links.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

managersroom

Warning: filemtime(): Stat failed for managersroom (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for managersroom (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

newspics

Warning: filemtime(): Stat failed for newspics (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for newspics (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

search.php

Warning: filemtime(): Stat failed for search.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for search.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

squad.php

Warning: filemtime(): Stat failed for squad.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for squad.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB

training.php

Warning: filemtime(): Stat failed for training.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son De&#287;i&#351;tirilme: 01.01.1970

Warning: filesize(): Stat failed for training.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

It gives an error "no such file or directory"

i can't understand that it reads the name of this direectory / file but gives an error like this. ...
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

'readdir' returns the filename without the path. That's why you're getting that errors. Here is a patch for your 'Goster' func:

Code: Select all

//.......skipped
   function BilgiGoster($dosya) { 
      print '<blockquote><div style="font-size:9px;font-face=Verdana;">'; 
      print 'Son De&#287;i&#351;tirilme: ' . filemtime($this->dizin . '/' . $dosya) . '<br>'; 
      print 'Dosya Boyutu: ' . filesize($this->dizin . '/' . $dosya) . '<br>'; 
      print '</div></blockquote>'; 
   }
//.......skipped
It should work as long as $dizin does not contain trailing slash (therefor you need to use './somedir', not './somedir/' )
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

thanks weirdan it works now but now i have another problem.

it doesn't see the directories correctly.

Code: Select all

index.php
Son De&#287;i&#351;tirilme: 1076358819
Dosya Boyutu: 13.091 kB

interface
Son De&#287;i&#351;tirilme: 1078964701
Dosya Boyutu: 0 kB

links.php
Son De&#287;i&#351;tirilme: 1076088481
Dosya Boyutu: 11.949 kB

managersroom
Son De&#287;i&#351;tirilme: 1078883168
Dosya Boyutu: 0 kB
as you see, managersroom amd interface are directories and it doesn't see them as a directory.

the last version of my code is so:

Code: Select all

<?php
class Dizin {
	
	var $dizin;
	var $dosya;
	
	function Dizin($dizin) {
		//error_reporting(0);
		$this->dizin = $dizin;
	}
	
	function DizinGoster() {
		$handle = opendir($this->dizin);
		while ($file = readdir($handle)) {
			if(is_dir($file)) {
				print "<span style="font-size:11px;font-family: Verdana, Geneva, Arial, Helvetica, sans-serif;font-weight=bold;color=maroon;">".$file."</span> <font color=green>[+]</font><br>";
			}
			else {
				print "<span style="font-size:11px;font-family: Verdana, Geneva, Arial, Helvetica, sans-serif;font-weight=bold;color=red;">".$file."</span>";
				$this->BilgiGoster($file);
			}
		}
	}
	
	function BilgiGoster($dosya) {
		print '<blockquote><div style="font-size:9px;font-face=Verdana;">';
		print 'Son De&#287;i&#351;tirilme: ' . filemtime($this->dizin . '/' . $dosya) . '<br>';
		print 'Dosya Boyutu: ' . $this->FSize($this->dizin . '/' . $dosya) . '<br>';
		print '</div></blockquote>';
	}
	
	function FSize($f) {
		$fl = filesize($f) / 1000;
		$f1 = number_format($fl,2,'.',' ');
		$fl .= " kB";
		return $fl;
	}
	
}
?>
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

When you use is_dir() you have to use the full path to the file otherwise it won't play.

Mac
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

thanks mac, now it's done.

i replaced it so

Code: Select all

<?php
if(is_dir($this->dizin.'/'.$file)) { // kalsormu de&#287;&#305;lm&#305; check et.
?>
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

Hi, I just wanted to let you see the last version of my class. 8)
I want to put this here, because I want to get some thought and reviews about it. Recommendations, Advantages,Disadvantages of using this, Bugs, etc..

Your replies will be very appreciated. Thank you! :lol:

Code: Select all

<?php

////////// MUDIZIN //////////////
// Copyright Arif Ender        //
// http://www.mudkicker.com    //
// version 1.1                 //
/////////////////////////////////

class Dizin {
	
	var $dizin = '.';
	var $dosya;
	var $handle;
	var $dirs = array(); // set to an array.
	var $fils = array(); // set to an array.
	
	// Constructor
	function Dizin() {
		if(!$_GET['dizin_goster']){
			$dizin_goster = '.';
		} else {
			$dizin_goster = $_GET['dizin_goster'];
		}
		$this->ScriptBasi();
		$this->dizin = $dizin_goster;
		$this->DizinGoster();
		$this->ScriptSonu();
	}
	// Prepend File
	function ScriptBasi() {
		echo "<table width='100%' align='center'>";
		echo "<tr class='fh' align='center'>\n<td>\nMUDIZIN v1.1 Dizin Gösterme Scripti</td>\n</tr>\n";
		echo "<tr><td>";
	}
	// Append File
	function ScriptSonu() {
		echo "</td>\n</tr>\n";
		echo "<tr class='fh' align='center'>\n<td>\n&copy; mudkicker.com</td>\n</tr>\n";
		echo "</table>\n";
	}
	// Show Directory
	function DizinGoster() {
		$this->handle = opendir($this->dizin);
		clearstatcache(); // clearing cache for stats.
		print "<table border=0 width='60%' align='center'>\n";
		print "<tr class='baslik'>\n<td>Dosya / Klasör Ad&#305;</td>\n<td>Son De&#287;i&#351;tirilme</td>\n<td>Boyut</td>\n</tr>\n";
		while ($file = readdir($this->handle)) {
			$path = $this->dizin.'/'.$file;
			// take 'em to file and directory arrays for sorting.
			if($file !== '.') { // '.' isn't necessary... or?
			if(is_dir($path)) {
				$dirs[] = $file;
			}
			else {
				$fils[] = $file;
			}
			}
		}
		
		foreach ($dirs as $dir) {
			if($dir == '..') {
				$dir = 'Üst Dizin'; // Replace with it to show more stylish 
			}
			print "<tr><td colspan='3' class='klasor'><a href='";
			print $this->YeniDizin($dir);
			print "' class='klasor'><img src='folder.gif' border='0'> ".$dir."</a></td>\n</tr>";
		}
		if (count($fils) > 0) {
			foreach ($fils as $fl) {
				print "<tr><td class='dosya'><img src='file.gif' border='0'> ".$fl."</td>\n";
				$this->BilgiGoster($fl);
				print "</tr>\n";
			}
		}
		else {
			print "<tr><td colspan='3' class='dosya' style='color=maroon;font-style=italic;'>Bu klasörde dosya bulunamad&#305;...</td>\n</tr>";
		}
		print "</table>\n";
		closedir($this->handle);
	}
	// Show Stats
	function BilgiGoster($dosya) {
		print '<td class="bilgiler" width="150">';
		print $this->MDate($dosya)."</td>\n";
		print '<td class="bilgiler" width="150">';
		print $this->FSize($this->dizin . '/' . $dosya)."</td>\n";
	}
	// Filesize Format
	function FSize($f) {
		$fl = filesize($f) / 1000;
		$f1 = number_format($fl,2,'.',' ');
		$fl .= " kB";
		return $fl;
	}
	// Modified Date Format
	function MDate($d) {
		return date("d.m.Y",filemtime($this->dizin . '/' . $d));
	}
	// Set New Directory
	function YeniDizin($dosya) {
		if($dosya == "Üst Dizin") {
			$dizinexploded = explode("/",$this->dizin);
			$sonklasor = array_pop($dizinexploded);
			$yenidizin = substr($yenidizin,0,-1);
		} else {
			$yenidizin = $this->dizin."/".$dosya;
		}
		return $_SERVER['PHP_SELF'].'?dizin_goster='.$yenidizin;
	}
}
?>

<html>
<head>
<title>MUDIZIN v1.1</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-9">
<link href="dizin.css" rel="stylesheet" type="text/css">
</head>

<body>
<?
$dizin = new Dizin(); // Klasörü buraya yaz. Sonunda '/' i&#351;areti olmamal&#305;!
?>
</body>
</html>
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

Ok, now the final question =) Do you really want to show your users all the dirs your webservers has access to? =)

Approx a week ago I've seen a similar script in the thread about directory size calculation. Finally the topic starter invited everyone to see that script 'in action' and posted demo login and password. Guess what =) It took me about the 15 minutes to gain the full access to his site.

Such a scripts as directory browsers, online editors etc often create a hole in site security and should be developed with security in mind (or not developed at all).

Make sure that it's impossible to pass the relative path (with .. in it) to your class. Always prepend the path with './' (or some other path prefix) to make it impossible to user to pass the, say, '/home/your/personal/hidden/dir/' in dizin_goster GET variable...
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

well, thank you for your reply.

i am thinking abut this security thing now.
well i can do this to customize users which folders are not authorized to be seen. and if $dizin_goster points these folders -> shows error...

what do you think? or do you have any suggestrions for more security?
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

mudkicker wrote:...which folders are not authorized to be seen...
I'd rather suggest to make the list of folders which user is authorized to see. Or you're putting yourself in danger to forget someday to restrict access to newly created folder.
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

thank you i will try to set this property.
Post Reply