/home/wpollock1/public_html/AUnixNet/LDAP/lister.php.bak

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
            "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<meta name="description" content="PHP File Lister">
<meta name="author" content="Wayne Pollock">
<link rel="Shortcut Icon" type="image/x-icon" href="../../images/PHP.ico">
<link rel="stylesheet" href="../../Styles.css" type="text/css">
<script type="text/JavaScript" src="../../Common.js"> </script>

<title> PHP File Lister </title>

<style type="text/css">
<!--
@media screen {
b  { color: yellow; }
}
 -->
</style>

</head>
<body>
<div>
<?php
   // Script to list files, preserving white space,
   // with optional line numbers.
   //  Arguments:  file=path_to_file (NOT a URI, to prevent foreign
   //                        documents)
   //              linenums=true_or_false (default=false if omitted)
   //              nodir=true_or_false (default=false if omitted)
   //
   // Written 2/2009 by Wayne Pollock, Tampa Florida USA.  All Rights Reserved.
   // 11/2013 Updated the normalize function to allow filenames with
   //         hyphens and underscores.

   // Parse args: filename (string) and linenums (true or false):
   if ( isset($_REQUEST['file']) )     $orig_file = $_REQUEST['file'];
   if ( isset($_REQUEST['linenums']) ) $linenums = $_REQUEST['linenums'];
   if ( isset($_REQUEST['nodir']) )    $nodir = $_REQUEST['nodir'];
   if ( isset($_REQUEST['dl']) )       $dl = $_REQUEST['dl'];

   if ( ! isset( $orig_file ) or strlen($orig_file) === 0 ) {
      echo "<h2>No filename provided!</h2>\n"
        . "<p><em>You need to pass</em> "
        . "<q><code>file=<em>name</em></code></q> in the query string.\n"
        . "You can also add the <q><code>linenums</code></q> parameter "
        . "to  display line numbers, the <q><code>nodir</code></q> "
        . "parameter to truncate the heading to only show the filename, "
        . "and the <q><code>dl</code></q> parameter to add a download link "
        . "(useful when showing line numbers).</p>\n";
      echo '</div></body></html>';
      exit;
   }

   $file = normalize ( $orig_file );

   if ( $file === false or is_dir($file) ) {
     header('HTTP/1.0 404 Not Found');
      echo "<h1>404 Not Found</h1>\n";
      echo "<p>The page that you have requested could not be found.</p>\n";
      echo "</div>\n</body></html>\n";
      exit();
   }

   // Sanitize filenames for security: only allow access to files below the
   // DOCROOT:
   function getdocroot () {
      $localpath=getenv("SCRIPT_NAME");
      $absolutepath= getenv("SCRIPT_FILENAME");
      // Although Some OSes are case-sensitive, some are not, so
      // get the position in a case-insensitive way, then use the
      // case returned from getenv("SCRIPT_FILENAME"):

      $docroot=substr( $absolutepath,0,
         strpos( strtolower($absolutepath), strtolower($localpath) ) );
      // Replace Windows back-slashes (forward ones work even on Windows):
      $docroot = str_replace( "\\","/",$docroot );
      return $docroot;
   }

   // Dis-allow weird characters in the filename argument, for security.
   // On this site, all names are simple ASCII:
   function normalize ( $pathname ) {
    $pathname = htmlentities($pathname, ENT_QUOTES, 'UTF-8');
    $pathname = preg_replace('~&([a-z]{1,2})' .
      '(acute|cedil|circ|grave|lig|orn|ring|slash|th|tilde|uml);~i',
      '$1', $pathname);
    $pathname = html_entity_decode($pathname, ENT_QUOTES, 'UTF-8');
    $pathname = preg_replace(array('~[^0-9a-z./_-]~i', '~[ ]+~'), ' ', $pathname);
    $pathname = trim($pathname, ' -');

    // Check for illegal pathnames or pathnames outside of DOCROOT:
    if ( realpath( $pathname ) ) {
      $pathname = realpath( $pathname );
      // Replace Windows back-slashes (forward ones work even on Windows):
      $pathname = str_replace( "\\","/",$pathname );
      // Finally, make sure the normalized absolute path is under DOCROOT:
      $pos = strpos($pathname, getdocroot() );
      if ( $pos !== false and $pos === 0 ) {
         // In a more secure environment, should whitelist permitted files,
         // or at least permitted extensions.  This code allows any file
         // below the docroot to be returned.
         return $pathname;
      }
    }
    return false;  // Illegal pathname used
   }

   if ( ! isset($dl) or $dl == "false" )
      $dl = false;
   else
      $dl = true;

   if ( ! isset($linenums) or $linenums == "false" )
      $linenums = false;
   else
      $linenums = true;

   // "nodir" means to only display the filename in the heading,
   // and not the pathname.
   if ( ! isset($nodir) or $nodir == "false" )
      $nodir = false;
   else
      $nodir = true;

   // Output HTML document body (the file's contents):
   if ( $nodir )
      echo "<h1> " . basename($file) . " </h1>\n";
   else
      echo "<h1> $file </h1>\n";

   if ( $dl )
      echo "<p class=\"Right\"><a href=\"$orig_file\">Download "
      . basename($file) . "</a></p>\n";

   echo "<pre>\n";

//   echo htmlentities( file_get_contents($file) );
   $contents = file( $file, FILE_IGNORE_NEW_LINES );
   $linenumwidth = strlen( count($contents) );
   $format = "<b>%" . $linenumwidth . "d: </b>";

   foreach ($contents as $line_num => $line) {
      if ( $linenums )
         printf( $format, ($line_num + 1) );
      echo htmlentities( rtrim($line) ) . "\n";
   }

   // Output HTML epilog:
   echo "</pre>\n";
?>
</div>

<div>
<?php
echo '
<script type="text/JavaScript">
// <![CDATA[
   document.title = "' . basename($file) . '";
   addFooter( "Question: ' . basename($file) . '" );
// ]]>
</script>
<noscript>
    <p> This page was last updated by Wayne Pollock. </p>
</noscript>
'
?>
</div></body></html>