Topic: Need Help with an PHP Program

[cvlcc]

Every part of this program works except the part to load files or folders from my computer to the server. I have tried to run it on SME 7.0 and 8.0 Server-Only both servers are working servers. I don't get any errors on the server reports. Dose anyone know how to make this program load from the computer to the server?

<?php
function template(){
?>
<head><style type="text/css">
TD {
FONT-SIZE: 12px; COLOR: #000000; FONT-FAMILY: Verdana
}
A:link        {text-decoration: none; color: #2E26CD;}
A:visited     {text-decoration: none; color: #2E26CD;}
A:hover       {text-decoration: none; color: #990000; font-style: normal; background-color: transparent; text-decoration: underline position: relative; top: 1.5px; left: 1.5px;}
</style>
</head>
<?php
}
extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS);
$password = "1362";  //CHANGE THE LOGIN PASSWORD
//Copyright Scriptsez.net
?>
<?php
$action=$HTTP_GET_VARS['action'];
if ($action == "" ){
?><center><table align=middle><td align=left width=20%>
<tr><td height="27" colspan="2"><FONT SIZE="4" COLOR="#000000">:: Power Editor ::</FONT></td><tr><td>Password Required (Default is: changeme)</td></tr><tr><form method=post action="?action=login"><td>Password:</td><td><input type=password name=pass>&nbsp;<input type=submit value=Submit></td></tr></form></table></center>
<?php
}
if ($action=="download"){
$n=base64_decode($m);   
if ($n==$password){
$filedata = stat("$dir/$p");
$filesize = $filedata[7];
//$ft = getfiletype("$filename");
//header("Content-Type: $ft[1]");
header("Content-Length: $filesize");
header("Content-Disposition: attachment; filename=$p");
readfile("$dir/$p");
exit;
}else{
   echo "Please Login";
}}
if ($action=="login"){
if ($pass==$password){
$l=base64_encode($pass);
header("Location:?action=templates&m=$l");
}else{
echo "<FONT SIZE=2 COLOR=red>Invalid Password</FONT>";
}
}
$max="9999999";   //Maximum filesize in bytes
if ($action=="view"){
$n=base64_decode($m);   
if ($n==$password){
template();
echo"<center><FONT SIZE=2 face=arial>Viewing $p</FONT><table width=94% border=1 bordercolor=#AFC6DB cellspacing=0><tr><td>";
$po=show_source("$dir/$p");
echo "</td></tr></table><table><form method=post action=\"?action=templates&dir=$dir\"><tr><td align=middle><input type=hidden name=m value=$m><input type=submit value=Back></form></td></tr></table></center>";
}else{echo "Please Login";}
}
if ($action=="see"){
$n=base64_decode($m);   
if ($n==$password){
template();
$image_info = getimagesize("$dir/$p");
$image_stat = stat("$dir/$p");
echo"<center><FONT SIZE=2 face=arial>Viewing $p</FONT><table width=$image_info[0] height=$image_info[1] border=1 bordercolor=#AFC6DB cellspacing=0 valign=middle bgcolor=#fffff><tr><td align=middle valign=middle>";
$po="<img src='$dir/$p'>";
echo "$po</td></tr></table><table width=80% align=middle><td align=middle>$image_info[3]</td></tr></table><table><form method=post action=\"?action=templates&dir=$dir\"><tr><td align=middle><input type=hidden name=m value=$m><input type=submit value=Back></form></td></tr></table></center>";
}else{echo "Please Login";}}
if ($action=="changeattrib") {
$n=base64_decode($m);   
if ($n==$password){
template();
echo"<form method=post action=?action=permission><FONT SIZE=2 COLOR=#00000>Change $te Permission</FONT><BR><input type=hidden name=u value='$te'><input type=hidden name=m value='$m'><input type=hidden name=path value='$dir'><input type=radio name=no value=555>Chmod 555<BR><input type=radio name=no value=666>Chmod 666<BR><input type=radio name=no value=777>Chmod 777<BR><input type=submit vlaue=Change></form>";
}else{echo "Please Login";}
}
if ($action=="permission") {
$n=base64_decode($m);
if ($n==$password){
template();
$v=chmod("$path/$te",$no);
echo "$te has been set to CHMOD $v<BR><A HREF=?action=templates&m=$m&dir=$path>Back</A>";
}else{echo "Please Login";}
}
if ($action=="tempedit") {
$n=base64_decode($m);   
if ($n==$password){
template();
$te=$HTTP_GET_VARS['te'];
$dir=$HTTP_GET_VARS['dir'];
$filename = "$dir/$te";
$fd = fopen ($filename, "r");
$stuff = fread ($fd, filesize ($filename));
fclose ($fd);
?>
<td height="399" bgcolor="" width="81%" valign="top">
<center>
<form method="post" action="?action=temp2&dir=<?php echo $dir ?>&te=<?php echo $te ?>">
<table width="100%" border="1" bgcolor="D6D5D4" bordercolor="#778899" cellpadding="0" cellspacing="0">
<tr>
<td><font size="1">File editor editing <?php echo "<b>$dir/$te</b>"; ?></font></td>
</tr>
<tr>
<td width="86%" align=middle>
<textarea name="cont" cols="80" rows="25"><?php echo $stuff ?></textarea>
</td>
</tr>
<tr>
<td width="86%" align=middle><input type=hidden name=m value=<?php echo $m;?>>&nbsp;
<input type="submit" name="Submit" value="Save">&nbsp;<input type="button" name="Cancel" value="Cancel" onclick="javascript: history.back(1)">
</td>
</tr>
<tr>
</tr>
</table></center>
</form>
<?php
}else{
echo "Please Login";
}}
if ($action=="temp2") {
$n=base64_decode($m);   
if ($n==$password){
template();
$cont=stripslashes($cont);
$fil = "$dir/$te";
$fp = fopen($fil, "w");
fputs($fp, $cont);
fclose($fp);
?>
<td height="399" bgcolor="<?php echo $color1 ?>" width="81%" valign="top">
<table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td align=middle><font size="2">File saved<BR><?php echo "<a href='?action=templates&dir=$dir&m=$m'>Go Back</a>"; ?></font></td>
</tr>
</table>
<?php
}else {echo"Please Login";}}

if ($action=="templates") {
$n=base64_decode($m);
if($n==$password){
   template();
?>
<td height="399" bgcolor="<?php echo $color1 ?>" width="81%" valign="top">
<table width="100%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td><font size="1">Files:</font>
</td>
</tr>
<tr valign="top">
</td>
</tr>
<tr>
<td width="86%">
<?php
if ($dir==""){
$dir=".";
}
if ($do=="delete") {
$fd = unlink("$dir/$te");
echo "<center>File has been deleted<BR>";
}
if($do=="doupload") {
$picture = "fileupload"."_name";
$file1 = $$picture;
$file2 = "fileupload";
$file3 = $$file2;
if($file3 != "none"){
$filesizebtyes = filesize($file3);
if(file_exists("$file3")&& $filesizebtyes <= "$max") {
copy ($file3, "$dir/$file1");
echo "File $file1 has been uploaded<BR>";
} elseif($filesizebtyes <= "$max") {
copy ($file3, "$dir/$file1");
echo "File $file1 has been uploaded<BR>";
}else{
echo "Filesize is greater than $max bytes.";
}
}
}
echo"<table align=center BORDER=\"1\" CELLSPACING=\"1\" CELLPADDING=\"0\" align=middle bordercolor=#AFC6DB><td><form endtype=multipart/form-data method=post action=?action=templates&do=doupload&m=$m>Upload: <input type=file name=fileupload><input type=hidden name=dir value=$dir><input type=hidden name=m value=$m><input type=submit value=Upload> </td></table></form>";
echo "<center><TABLE WIDTH=\"85%\" BORDER=\"1\" CELLSPACING=\"1\" CELLPADDING=\"0\" align=middle bordercolor=#AFC6DB><TR><td></td><TD COLSPAN=\"2\" BGCOLOR=\"#ffffff\" width=55%><FONT COLOR=\"#000000\" SIZE=\"-1\" FACE=\"Verdana\">Filename</td><td width=5% align=center>Edit</td><td width=10% align=middle>Filesize</td><td width=10% align=middle>Permission</td><td width=10% align=middle>Download</td><td align=middle>Delete</td></FONT></TR>";

$handle = @opendir($dir);
while (false !== ($file = readdir($handle))) {
   $attrib=fileperms("$dir/$file");
   $filesize=filesize("$dir/$file");
   $file_size_now = round($filesize / 1024 * 100) / 100 . "Kb";
   $n= explode(".",$file);
   if ($n[1] == ""){
   $img="img/dir.gif";
   }elseif($n[1]=="php"){
   $img="img/php.jpg";
   }elseif($n[1]=="zip"){
   $img="img/zip.gif";
   }elseif($n[1]=="gif"){
   $img="img/gif.gif";
   }elseif($n[1]=="html"){
   $img="img/html.gif";
   }elseif($n[1]=="ini"){
   $img="img/ini.gif";
   }elseif($n[1]=="jpg"){
   $img="img/jpg.gif";
   }elseif($n[1]=="txt"){
   $img="img/txt.gif";
   }elseif($n[1]=="exe"){
   $img="img/exe.gif";
   }else{
   $img="img/no.gif";
   }
   if ($n[1] == ""){
   $link="?action=templates&m=$m&dir=$dir/$file";
   $link1="-";
   }elseif ($n[1] == "gif"){
   $link="?action=see&m=$m&p=$file&dir=$dir";
   $link1="-";
   }
   elseif ($n[1] == "jpg"){
   $link="?action=see&m=$m&p=$file&dir=$dir";
   $link1="-";
   }
   elseif ($n[1] == "zip"){
   $link="?action=download&m=$m&p=$file&dir=$dir";
   $link1="-";
   }
   elseif ($n[1] == "exe"){
   $link="?action=download&m=$m&p=$file&dir=$dir";
   $link1="-";
   }
   else{
   $link="?action=view&p=$file&dir=$dir&m=$m";
   $link1="<a href='?action=tempedit&m=$m&te=$file&dir=$dir'>Edit</a>";
   }
   if($dir!="."){
   $uplink="<tr><td></td><td align=middle><a href='?action=templates&m=$m'><img src=img/up.gif border=0>Home</a></td></tr></table></center>";
   }else{
   $uplink="</table>";
   }
if ($file != "." && $file != ".." &&  $file != "editor.php"  ) {
echo "<TR><TD align=middle><IMG SRC=\"$img\"  BORDER=0 ></td><TD COLSPAN=\"2\" BGCOLOR=\"#ffffff\" width=30%>&nbsp;<FONT COLOR=\"#000000\" SIZE=\"-1\" FACE=\"Verdana\"><a href=\"$link\">$file</a></td><td width=10% align=middle>$link1</td><td width=10% align=middle>$file_size_now</td><td width=10% align=middle><a href='?action=changeattrib&m=$m&te=$file&dir=$dir'>$attrib</a></td><td align=middle><a href='?action=download&m=$m&p=$file&dir=$dir'>Download</a></td><td align=middle><a href=\"?action=templates&do=delete&m=$m&te=$file&dir=$dir\" alt=Delete><img src=\"img/del.gif\" border=0></img></a></td></FONT></TR>";
    }
}
echo "</table><table><BR>$uplink";
closedir($handle);
?>
</td>
</tr>
</table>
</form>
<?php
}else{
echo "Please Login Again";
}
}
echo "<BR><CENTER><FONT SIZE=2 face=arial>Powered By <A HREF=http://www.scriptsez.net target='_new'>Power Editor</A></font></CENTER>";
?>

[Stefano]

hi

please check your /var/log/messages log file (via server manager or console) for php errors.

and please, don't post all the code, we don't need it.

thank you
ciao
Stefano

[CharlieBrady]

and please, don't post all the code, we don't need it.

Moreover, much PHP code has security flaws, and yours can now more easily be scrutinised for errors by potential attackers.

[David Harper]

At the very least, please use the code tags.

Code: [Select]

#!/bin/sh

echo "Hello world!"

# end of program


[cactus]

Also have a look at this page: http://wiki.contribs.org/PHP#Display_Error_Messages , this contains information on how to show PHP errors that can be used for debugging.

[cvlcc]

First I want to Thank all of You for Your information.  If you need to send me some information please sent to info@cvlcc.com

Now where do I put this info?
#!/bin/sh

echo "Hello world!"

# end of program

Do I put this on the server at the root?
mkdir -p /etc/e-smith/templates-custom/etc/php.ini
cp /etc/e-smith/templates/etc/php.ini/30ErrorHandling /etc/e-smith/templates-custom/etc/php.ini

cd /etc/e-smith/templates-custom/etc/php.ini
pico 30ErrorHandling

Put this in the PHP.ini file? or some place else?
display_errors          = On

run this on the server 7.0 or 8.0 or both?
expand-template /etc/php.ini

sv t httpd-e-smith

/etc/rc7.d/S86httpd-e-smith restart

To Undo Changes on the server?
expand-template /etc/php.ini
/etc/rc7.d/S86httpd-e-smith restart

[Stefano]

mkdir -p /etc/e-smith/templates-custom/etc/php.ini
cp /etc/e-smith/templates/etc/php.ini/30ErrorHandling /etc/e-smith/templates-custom/etc/php.ini

cd /etc/e-smith/templates-custom/etc/php.ini
pico 30ErrorHandling

Put this in the PHP.ini file? or some place else?
display_errors          = On

run this on the server 7.0 or 8.0 or both?
expand-template /etc/php.ini

sv t httpd-e-smith

/etc/rc7.d/S86httpd-e-smith restart

yes, in this way you change php.ini to show errors

To Undo Changes on the server?

delete the fragment in /etc/e-smith/templates-custom/etc/php.ini then

expand-template /etc/php.ini
/etc/rc7.d/S86httpd-e-smith restart

ciao
Stefano

[cactus]

Now where do I put this info?
#!/bin/sh

echo "Hello world!"

# end of program

I think you need to read up on php/bash as the code above certainly is not PHP but bash code that can be run from the command prompt usually like this:

Code: [Select]

/bin/sh /path/to/file

[cactus]

Do I put this on the server at the root?
mkdir -p /etc/e-smith/templates-custom/etc/php.ini
cp /etc/e-smith/templates/etc/php.ini/30ErrorHandling /etc/e-smith/templates-custom/etc/php.ini

cd /etc/e-smith/templates-custom/etc/php.ini
pico 30ErrorHandling

Put this in the PHP.ini file? or some place else?
display_errors          = On

run this on the server 7.0 or 8.0 or both?
expand-template /etc/php.ini

sv t httpd-e-smith

/etc/rc7.d/S86httpd-e-smith restart

To Undo Changes on the server?
expand-template /etc/php.ini
/etc/rc7.d/S86httpd-e-smith restart

Are the instructions really that unclear? AFAIK all this is stated in the wiki page I provided to you, what is the use of reporting it here?

[cvlcc]

I still can't figure out to Fix this?
/var/log/httpd/access_log
cvlcc.com 66.126.84.171 - - [27/Mar/2009:17:55:00 -0700] "POST /loada/editor.php?action=templates&do=doupload&m=MTM2Mg== HTTP/1.1" 200 2930 "http://cvlcc.com/loada/editor.php?action=templates&do=doupload&m=MTM2Mg==" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7"
/var/log/httpd/error_log
[Fri Mar 27 17:32:33 2009] [warn] RSA server certificate CommonName (CN) `cvlcc.cvlcc.com' does NOT match server name!?
[Fri Mar 27 17:32:33 2009] [notice] Apache configured -- resuming normal operations

Can anyone tell me what is wrong with the program and how to fix it?

[Normando]

Please, calm down, and relax, sit at your favorite chair and try to organize your questions. You have blended all of them. Also please take the time to learn the basics to manage a server. I suspect you have not the minimun knowledge of what are you doing.

If you need to send me some information please sent to info@cvlcc.com

???

[cactus]

I still can't figure out to Fix this?
/var/log/httpd/access_log
cvlcc.com 66.126.84.171 - - [27/Mar/2009:17:55:00 -0700] "POST /loada/editor.php?action=templates&do=doupload&m=MTM2Mg== HTTP/1.1" 200 2930 "http://cvlcc.com/loada/editor.php?action=templates&do=doupload&m=MTM2Mg==" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7"

There is nothing wrong with that, Apache returns a response of 200, which means the request was valid, no error here.

/var/log/httpd/error_log
[Fri Mar 27 17:32:33 2009] [warn] RSA server certificate CommonName (CN) `cvlcc.cvlcc.com' does NOT match server name!?
[Fri Mar 27 17:32:33 2009] [notice] Apache configured -- resuming normal operations

Also nothing wrong here, this is just a message that your certificate does not match the name you are accessing your server on, access your server under it's officially configured hostname instead of one of it's aliases and this should go away. It is only log noise.

I suggest you read up on apache as you clearly have no clue on what you are seeing and how to interpret it.