prevents debug users from exploring system's directory structure
* ex: $root = $_SERVER['DOCUMENT_ROOT'];
*/
$root = '/';
if( !$root ) exit("ERROR: Root filesystem directory not set in jqueryFileTree.php");
$postDir = $root.(isset($_POST['dir']) ? $_POST['dir'] : '' );
if (substr($postDir, -1) != '/') {
$postDir .= '/';
}
$postDir = preg_replace("#[\/]+#", "/", $postDir);
$filters = (array)(isset($_POST['filter']) ? $_POST['filter'] : '');
$match = (isset($_POST['match']) ? $_POST['match'] : '.*');
// set checkbox if multiSelect set to true
$checkbox = ( isset($_POST['multiSelect']) && $_POST['multiSelect'] == 'true' ) ? "" : null;
$returnDir = $postDir;
echo "";
// Parent dirs
if ($_POST['show_parent'] == "true" ) {
echo "- {$checkbox}..
";
}
if( file_exists($postDir) ) {
$files = scandir($postDir);
natcasesort($files);
if( count($files) > 2 ) { // The 2 accounts for . and ..
foreach( $files as $file ) {
if( file_exists($postDir . $file) && $file != '.' && $file != '..' ) {
if( is_dir($postDir . $file) ) {
$htmlRel = htmlspecialchars($returnDir . $file, ENT_QUOTES);
$htmlName = htmlspecialchars((strlen($file) > 33) ? substr($file,0,33).'...' : $file);
echo "- {$checkbox}" . $htmlName . "
";
}
}
}
// All files
foreach( $files as $file ) {
if( file_exists($postDir . $file) && $file != '.' && $file != '..' ) {
if( !is_dir($postDir . $file) ) {
$htmlRel = htmlspecialchars($returnDir . $file, ENT_QUOTES);
$htmlName = htmlspecialchars($file);
$ext = strtolower(preg_replace('/^.*\./', '', $file));
foreach ($filters as $filter) {
if (empty($filter) | $ext==$filter) {
if (empty($match) || preg_match('/'.$match.'/', $file)) {
echo "- {$checkbox}" . $htmlName . "
";
}
}
}
}
}
}
}
}
echo "
";
?>