Jump to content

please i need help am trying to display documents from different folders in different pages in a particular directory


tosan45

Recommended Posts

This are the codes i have worked on am trying to create an E-library

 

<div id="container">
    <h1>Philosophy & Psychology</h1>

    <table class="sortable">
        <thead>
        <tr>
            <th>Filename</th>
            <th>Type</th>
            <th>Size</th>
            <th>Date Modified</th>
        </tr>
        </thead>
        <tbody><?php

    // Adds pretty filesizes
    function pretty_filesize($file) {
        $size=filesize($file);
        if($size<1024){$size=$size." Bytes";}
        elseif(($size<1048576)&&($size>1023)){$size=round($size/1024, 1)." KB";}
        elseif(($size<1073741824)&&($size>1048575)){$size=round($size/1048576, 1)." MB";}
        else{$size=round($size/1073741824, 1)." GB";}
        return $size;
    }

     // Checks to see if veiwing hidden files is enabled
    if($_SERVER['QUERY_STRING']=="hidden")
    {$hide="";
     $ahref="./";
     $atext="Hide";}
    else
    {$hide=".";
     $ahref="./?hidden";
     $atext="Show";}

     // Opens directory
     $myDirectory=opendir(".");
   

   // set forbidden files
            $forbiddenExts = array("php", "ico", "html");

    // Gets each entry
    while($entryName=readdir($myDirectory)) {
    if (is_file($entryName)) {
      $exts = explode(".", $entryName);
      if(!in_array($exts[1],$forbiddenExts)) {
       $dirArray[]=$entryName;
    }
    }
  }

    // Closes directory
    closedir($myDirectory);

    // Counts elements in array
    $indexCount=count($dirArray);

    // Sorts files
    sort($dirArray);

    // Loops through the array of files
    for($index=0; $index < $indexCount; $index++) {

    // Decides if hidden files should be displayed, based on query above.
        if(substr("$dirArray[$index]", 0, 1)!=$hide) {

    // Resets Variables
        $favicon="";
        $class="file";

    // Gets File Names
        $name=$dirArray[$index];
        $namehref=$dirArray[$index];

    // Gets Date Modified
        $modtime=date("M j Y g:i A", filemtime($dirArray[$index]));
        $timekey=date("YmdHis", filemtime($dirArray[$index]));


    // Separates directories, and performs operations on those directories
        if(is_dir($dirArray[$index]))
        {
                $extn="<Directory>";
                $size="<Directory>";
                $sizekey="0";
                $class="dir";

            // Gets favicon.ico, and displays it, only if it exists.
                if(file_exists("$namehref/favicon.ico"))
                    {
                        $favicon=" style='background-image:url($namehref/favicon.ico);'";
                        $extn="<Website>";
                    }

            // Cleans up . and .. directories
                if($name=="."){$name=". (Current Directory)"; $extn="<System Dir>"; $favicon=" style='background-image:url($namehref/.favicon.ico);'";}
                if($name==".."){$name=".. (Parent Directory)"; $extn="<System Dir>";}
        }

    // File-only operations
        else{
            // Gets file extension
            $extn=pathinfo($dirArray[$index], PATHINFO_EXTENSION);

            // Prettifies file type
            switch ($extn){
                case "png": $extn="PNG Image"; break;
                case "jpg": $extn="JPEG Image"; break;
                case "jpeg": $extn="JPEG Image"; break;
                case "svg": $extn="SVG Image"; break;
                case "gif": $extn="GIF Image"; break;
                case "ico": $extn="Windows Icon"; break;

                case "txt": $extn="Text File"; break;
                case "log": $extn="Log File"; break;
                case "htm": $extn="HTML File"; break;
                case "html": $extn="HTML File"; break;
                case "xhtml": $extn="HTML File"; break;
                case "shtml": $extn="HTML File"; break;
                case "php": $extn="PHP Script"; break;
                case "js": $extn="Javascript File"; break;
                case "css": $extn="Stylesheet"; break;

                case "pdf": $extn="PDF Document"; break;
                case "xls": $extn="Spreadsheet"; break;
                case "xlsx": $extn="Spreadsheet"; break;
                case "doc": $extn="Microsoft Word Document"; break;
                case "docx": $extn="Microsoft Word Document"; break;

                case "zip": $extn="ZIP Archive"; break;
                case "htaccess": $extn="Apache Config File"; break;
                case "exe": $extn="Windows Executable"; break;

                default: if($extn!=""){$extn=strtoupper($extn)." File";} else{$extn="Unknown";} break;
            }

            // Gets and cleans up file size
                $size=pretty_filesize($dirArray[$index]);
                $sizekey=filesize($dirArray[$index]);
        }

    // Output
     echo("
        <tr class='$class'>
            <td><a href='./$namehref'$favicon class='name'>$name</a></td>
            <td><a href='./$namehref'>$extn</a></td>
            <td sorttable_customkey='$sizekey'><a href='./$namehref'>$size</a></td>
            <td sorttable_customkey='$timekey'><a href='./$namehref'>$modtime</a></td>
        </tr>");
       }
    }
    ?>

        </tbody>
    </table>

    
</div>

 

Link to comment
Share on other sites

So what is your question?

 

And what on earth are you doing there? Why would you show all files of the internal application directory (minus a few blacklisted extensions) for everybody to see? Do you not understand how risky this is?

 

If you want to serve a collection of files, you put them into a separate directory, not right between your PHP scripts.

Edited by Jacques1
Link to comment
Share on other sites

My point is that you must not store your documents in the same directory which contains your PHP scripts, .htaccess files and other internal data, because those are none of the user's business. You have to create an extra folder (let's call it “documents”) and display the content of that folder:

<?php

const DOCUMENT_DIRECTORY = __DIR__.'/documents';    // __DIR__ is the path of the current directory



// iterate over documents in the document directory
foreach (glob(DOCUMENT_DIRECTORY.'/*') as $document)
{
    var_dump($document);
}

This is a lot safer, because the document directory by definition only contains public files (and hidden files like .htaccess are automatically skipped). This also means you can get rid of the blacklisting stuff.

 

Besides that, I'm not sure what you're asking. Do you want to be able to click on a subdirectory and get its content? This is slightly more difficult. You have to make the webserver rewrite all URLs pointing to directories (but not files) within the document directory so that the requests are instead sent to your script (together with the original URL). Within the script, you verify the received path and then display the content.

 

Which webserver are you using? Apache?

 

A word of advice: Since you're new to PHP and have chosen a fairly critical project, I strongly recommend you don't put this online yet. Run it on your PC, use it for learning, but don't expose it to the Internet.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.