Zubrag.com :: Forum

zubrag.com => Wish List / Suggestions => Topic started by: smithster on October 30, 2007, 07:19:07 PM

Title: File Manager
Post by: smithster on October 30, 2007, 07:19:07 PM
Well it isn't one of your scripts, hence why I'm posting this in here.  I found this at another site but there is no forum and no way of seeking help on it.

Basically, it allows you to use file manager without the need to visit cpanel.  Only it doesn't work too well for me!!  It shows me all the files and folders on a page with the frames set out in the way that cpanel's file manager is set out.  Only it is very messed up and throws out an error also.  I wondered if you might be able to take a look at it.



$qs '?';
$page2get '';

DYNAMIC_IMAGES && isset($_GET['img'])){
$image =  $_GET['img'];

strpos($_GET['img'], '../') !== false){
$url str_replace('files/'''$url);
$image str_replace('../'''$image);

$imgParts explode('.'$image);
$imgType $imgParts[count($imgParts)-1];
header("Content-type: image/$imgType");

cpanel sometimes does redirects after performing actions.
this produces 404 ErrorDocuments
this should catch those.
if(isset($_SERVER['REDIRECT_URL'])) {
$page2get basename($_SERVER['REDIRECT_URL']);
$page2get $_GET['cp'];
  $qs .= str_replace('cp='.$page2get.'&'''$_SERVER['QUERY_STRING']);

just default to this dir in some weird case
if($page2get == 'list.html' && empty($_GET['dir'])){
$qs .= 'dir='.DOC_ROOT;

$pageContent file_get_contents(CP_FILEMAN_URL.$page2get.$qs);

//replace anchor hrefs
$pattern '/href=".*?([a-zA-Z]+\.html)\?/';
$replace 'href="'.$_SERVER['PHP_SELF'].'?cp=$1&';
$pageContent preg_replace($pattern$replace$pageContent);

add "cp" to forms, change POSTs to GETs
if(strpos($pageContent'<form ') !== FALSE){
strpos($pageContent'method=POST') !== FALSE){
$pageContent str_replace('method=POST'''$pageContent);
$pageContent str_replace('</form>''<input type="hidden" name="cp" value="'.$formAction[1].'"></form>'$pageContent);

//replace img srcs
$pageContent preg_replace('/src="(.*?images.*?)"/','src="fileman.php?img=$1"'$pageContent);

HIDE_ME && $page2get == 'list.html' || $page2get == 'fileop.html'){

//if they got in the directory somehow, send em back to go
if($_GET['dir'] == FILEMAN_DIR || $_GET['dir'] == str_replace('public_html''www'FILEMAN_DIR)){
$qs '?cp='.$page2get;
$qs .= '&fileop='.$_GET['fileop'];
$qs .= '&opfile='.$_GET['opfile'];
header('Location: '.$_SERVER['PHP_SELF'].$qs);
$dirpattern '';
$page2get == 'list.html'){
$dirpattern '@^<tr>.*?target=infofr>'.basename(FILEMAN_DIR).'</a>.*?</tr>$@m';
$page2get == 'fileop.html'){
$dirpattern '@^<br><a.*?target=infofr>'.basename(FILEMAN_DIR).'</a>$@m';
$pageContent preg_replace($dirpattern,'',$pageContent);


If I run this, I get this error...
Warning: file_get_contents() [function.file-get-contents]: SSL: fatal protocol error in /home/psmith83/public_html/simplywebhost/cpanelswh/fmgr/fileman.php on line 59

I tried to see if I could use cURL with this but didn't get anywhere with it at all!

Title: Re: File Manager
Post by: zubrag on October 31, 2007, 03:52:29 AM
What if you change

DEFINE('CP_FILEMAN_URL', 'https://'.CP_USERNAME.':'.CP_PASSWORD.'@'.CP_DOMAIN.':2083/frontend/'.CP_THEME.'/files/');


DEFINE('CP_FILEMAN_URL', 'http://'.CP_USERNAME.':'.CP_PASSWORD.'@'.CP_DOMAIN.':2082/frontend/'.CP_THEME.'/files/');

It would not use https, but working via https seems to be causing problems for php on your server. Looks like PHP needs to be specifically compiled to support https.

Title: Re: File Manager
Post by: smithster on October 31, 2007, 12:51:43 PM
Thanks Zubrag, made that change, unfortunately it didn't improve anything.  In fact, nothing showed up at all.  Except the following error...

Warning: file_get_contents(http://...@www.simplywebhost.co.uk:2083/frontend/x/files/list.html?cp=list.htmldir=/home/psmith83/public_html/simplywebhost) [function.file-get-contents]: failed to open stream: HTTP request failed! HTTP/1.1 500 Internal Error in /home/psmith83/public_html/simplywebhost/cpanelswh/fmgr/fileman.php on line 59

Title: Re: File Manager
Post by: zubrag on November 01, 2007, 06:52:14 AM
Looks like file manager can only work via https :(

What is the webserver? Apache or IIS? 

php documentation states

When using SSL, Microsoft IIS will violate the protocol by closing the connection without sending a close_notify indicator. PHP will report this as "SSL: Fatal Protocol Error" when you reach the end of the data. To workaround this, you should lower your error_reporting level not to include warnings. PHP 4.3.7 and higher can detect buggy IIS server software when you open the stream using the https:// wrapper and will suppress the warning for you. If you are using fsockopen() to create an ssl:// socket, you are responsible for detecting and suppressing the warning yourself.

Try adding php following code at the beginning of the script to suppress warnings and notices:
error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING);

Title: Re: File Manager
Post by: smithster on November 02, 2007, 05:16:06 AM
Any possibilitys of you releasing a script that uses cpanel's filemanager Zubrag?  I think this script is just too insecure.  I can't even get it to use another directory as the root directory.  Currently, it just gives you access to absolutely everything!!!  Just no good!!

Title: Re: File Manager
Post by: zubrag on November 02, 2007, 12:25:00 PM
Unfortunately i lost my cpanel account after moving site to another server. Someone on the forum provided me with free access to cPanel to develop/test cPAnel scripts, but i have to find who and if account is still in place. I will not be able to develop more cpanel scripts without having access to cPanel :(   Will check and post update here.