\n". "\n". " .. ".get_lang("level_up")."\n". "\n". "\n"; } function path_check() { if (isset($_GET['path']) and !isset( $_POST['save_to_blacklist'] )) { $path = $_GET['path']; // Validate the path for dangerous characters and traversal attempts if(!validate_path($path)) { print_failure(get_lang("unallowed_char") . " : " . htmlspecialchars($path)); $_SESSION['fm_cwd'] = NULL; return FALSE; } else { $_SESSION['fm_cwd'] = @$_SESSION['fm_cwd'] . "/" . $path; } } // To go back a dir, we just use dirname to strip the last directory or file off the path if (isset($_GET['back']) and !isset( $_POST['save_to_blacklist'] )) { $_SESSION['fm_cwd'] = str_replace( "\\", "", dirname( $_SESSION['fm_cwd'] ) ); } return TRUE; } function exec_ogp_module() { global $db, $view; $blacklist = array ('/install.php', '/modules/gamemanager/rsync_sites_local.list'); $current_blacklist = array(); $blacklisted_files = $db->resultQuery('SELECT file_path FROM `OGP_DB_PREFIXupdate_blacklist`;'); if($blacklisted_files !== FALSE) { $current_blacklist = array(); foreach($blacklisted_files as $blacklisted_file) { $current_blacklist[] = $blacklisted_file['file_path']; } } if( isset( $_POST['save_to_blacklist'] ) ) { foreach($_POST['blacklist'] as $file) { $file = $db->real_escape_string($file); $db->query("INSERT INTO `OGP_DB_PREFIXupdate_blacklist` SET file_path='$file';"); } foreach($_POST['folder_files'] as $file) { if(in_array($file,$current_blacklist)) { $blacklisted = isset( $_POST['blacklist'] ) ? $_POST['blacklist'] : array(); if(!in_array($file,$blacklisted)) { $file = $db->real_escape_string($file); $db->query("DELETE FROM `OGP_DB_PREFIXupdate_blacklist` WHERE file_path='$file';"); } } } $blacklisted_files = $db->resultQuery('SELECT file_path FROM `OGP_DB_PREFIXupdate_blacklist`;'); if($blacklisted_files !== FALSE) { $current_blacklist = array(); foreach($blacklisted_files as $blacklisted_file) { $current_blacklist[] = $blacklisted_file['file_path']; } } } $current_blacklist = array_merge($current_blacklist,$blacklist); path_check(); echo "

"; echo get_lang('blacklist_files'); echo "

"; $baseDir = str_replace( "modules" . DIRECTORY_SEPARATOR . $_GET['m'],"",dirname(__FILE__) ); $path = clean_path($baseDir."/".@$_SESSION['fm_cwd']); if (!file_exists($path)) { while(!file_exists($path)) { $path = dirname($path); $_SESSION['fm_cwd'] = dirname($_SESSION['fm_cwd']); if($path == clean_path($baseDir)) { print_failure(get_lang_f("dir_not_found",$path)); break; } } } echo "\n". "". "

". get_lang_f('currently_viewing',$path)."

"; $dirlist = scandir($path); if (!is_array($dirlist)) { if($dirlist === -1) { if ( $path != $baseDir . "/" ) $view->refresh('?m='.$_GET['m'].'&p=blacklist',0); else print_failure('The path is too long or there is a file with a very long name inside of your game server\'s home folder.'); } else { if (file_exists($path)) { if(strpos($path, '/') !== FALSE) { $ePath = explode('/', $path); $filename = end($ePath); } else if(strpos($path, '\\') !== FALSE) { $ePath = explode('\\', $path); $filename = end($ePath); } $_SESSION['fm_cwd'] = str_replace( "\\", "", dirname( $_SESSION['fm_cwd'] ) ); $view->refresh('?m='.$_GET['m'].'&p=blacklist'.'&path='.$filename,0); } else { print_failure(get_lang("failed_list")); } } return; } if ( empty($dirlist) ) { print_lang('empty_directory'); } else { echo "

". "\n" .show_back(). "\n". "\n". "\n". "\n"; $directorys = array(); $files = array(); $x = 0; $basedir_path = rtrim($_SERVER['DOCUMENT_ROOT'].dirname($_SERVER['SCRIPT_NAME']),DIRECTORY_SEPARATOR); $preg_basedir_path = preg_quote($basedir_path,"/"); foreach( $dirlist as $item ) { # dirlist FM returns an array. Each element has 5 fields separated by the | character if($item == "." or $item == "..") continue; $filename = $item; $filepath = clean_path( $path . "/" . $filename ); // Directory if(is_dir($filepath)) { $directorys[$x]['filename'] = $filename; } // File else { $files[$x]['filename'] = $filename; $files[$x]['filepath'] = preg_replace("/^".$preg_basedir_path."/","",$filepath); } $x++; } foreach($directorys as $directory) { echo "\n". "". "\n"; } $i = 0; $unchecked = array(); foreach($files as $file) { $checked = in_array($file['filepath'],$current_blacklist) ? "checked='checked'" : ""; echo "\n". "". "\n". "\n"; $i++; } echo "

\n". "\n". "	\n". get_lang('filename'). "\n
". "	". " $\"Directory\"$ ". "". $directory['filename'] . "
". "\n". "\n". "	"; echo " $\"Text$ ". $file['filename'] . "

\n". "\n". "

\n"; } echo create_back_button($_GET['m']); } ?>