commit 6e040fa949c96145be442a2e11193aefba3a785e Author: pirateIB Date: Tue Jun 24 05:26:00 2025 +0000 Add index.php diff --git a/index.php b/index.php new file mode 100644 index 0000000..357f154 --- /dev/null +++ b/index.php @@ -0,0 +1,2560 @@ + 'Password', 'Username2' => 'Password2', ...) +// Generate secure password hash - https://tinyfilemanager.github.io/docs/pwd.html +$auth_users = array( + //'admin' => '', + //'user' => '' +); + +// Readonly users +// e.g. array('users', 'guest', ...) +$readonly_users = array( + 'user', 'admin' +); + +// Global readonly, including when auth is not being used +$global_readonly = true; + +// user specific directories +// array('Username' => 'Directory path', 'Username2' => 'Directory path', ...) +$directories_users = array(); + +// Enable highlight.js (https://highlightjs.org/) on view's page +$use_highlightjs = true; + +// highlight.js style +// for dark theme use 'ir-black' +$highlightjs_style = 'ir-black'; + +// Enable ace.js (https://ace.c9.io/) on view's page +$edit_files = false; + +// Default timezone for date() and time() +// Doc - http://php.net/manual/en/timezones.php +$default_timezone = 'Etc/UTC'; // UTC + +// Root path for file manager +// use absolute path of directory i.e: '/var/www/folder' or $_SERVER['DOCUMENT_ROOT'].'/folder' +$root_path = '.'; + +// Root url for links in file manager.Relative to $http_host. Variants: '', 'path/to/subfolder' +// Will not working if $root_path will be outside of server document root +$root_url = ''; + +// Server hostname. Can set manually if wrong +// $_SERVER['HTTP_HOST'].'/' +$http_host = $_SERVER['HTTP_HOST']; //'lime.seedhost.eu'; + +// input encoding for iconv +$iconv_input_encoding = 'UTF-8'; + +// date() format for file modification date +// Doc - https://www.php.net/manual/en/function.date.php +$datetime_format = 'd/m/Y H:i T'; + +// Path display mode when viewing file information +// 'full' => show full path +// 'relative' => show path relative to root_path +// 'host' => show path on the host +$path_display_mode = 'relative'; + +// Allowed file extensions for create and rename files +// e.g. 'txt,html,css,js' +$allowed_file_extensions = ''; + +// Allowed file extensions for upload files +// e.g. 'gif,png,jpg,html,txt' +$allowed_upload_extensions = ''; + +// Favicon path. This can be either a full url to an .PNG image, or a path based on the document root. +// full path, e.g http://example.com/favicon.png +// local path, e.g images/icons/favicon.png +$favicon_path = 'logo.png'; + +// Files and folders to excluded from listing +// e.g. array('myfile.html', 'personal-folder', '*.php', ...) +$exclude_items = array('*.php', 'logo.png', 'sitemap.xml', 'robots.txt', 'download.html'); + +// Online office Docs Viewer +// Available rules are 'google', 'microsoft' or false +// Google => View documents using Google Docs Viewer +// Microsoft => View documents using Microsoft Web Apps Viewer +// false => disable online doc viewer +$online_viewer = 'false'; + +// Sticky Nav bar +// true => enable sticky header +// false => disable sticky header +$sticky_navbar = true; + +// Maximum file upload size +// Increase the following values in php.ini to work properly +// memory_limit, upload_max_filesize, post_max_size +$max_upload_size_bytes = 5000000000; // size 5,000,000,000 bytes (~5GB) + +// chunk size used for upload +// eg. decrease to 1MB if nginx reports problem 413 entity too large +$upload_chunk_size_bytes = 2000000; // chunk size 2,000,000 bytes (~2MB) + +// Possible rules are 'OFF', 'AND' or 'OR' +// OFF => Don't check connection IP, defaults to OFF +// AND => Connection must be on the whitelist, and not on the blacklist +// OR => Connection must be on the whitelist, or not on the blacklist +$ip_ruleset = 'OFF'; + +// Should users be notified of their block? +$ip_silent = true; + +// IP-addresses, both ipv4 and ipv6 +$ip_whitelist = array( + '127.0.0.1', // local ipv4 + '::1' // local ipv6 +); + +// IP-addresses, both ipv4 and ipv6 +$ip_blacklist = array( + '0.0.0.0', // non-routable meta ipv4 + '::' // non-routable meta ipv6 +); + +// if User has the external config file, try to use it to override the default config above [config.php] +// sample config - https://tinyfilemanager.github.io/config-sample.txt +$config_file = __DIR__.'/config.php'; +if (is_readable($config_file)) { + @include($config_file); +} + +// External CDN resources that can be used in the HTML (replace for GDPR compliance) +$external = array( + 'css-bootstrap' => '', + 'css-dropzone' => '', + 'css-font-awesome' => '', + 'css-highlightjs' => '', + 'js-ace' => '', + 'js-bootstrap' => '', + 'js-dropzone' => '', + 'js-jquery' => '', + 'js-jquery-datatables' => '', + 'js-highlightjs' => '', + 'pre-jsdelivr' => '', + 'pre-cloudflare' => '' +); + +// --- EDIT BELOW CAREFULLY OR DO NOT EDIT AT ALL --- + +// max upload file size +define('MAX_UPLOAD_SIZE', $max_upload_size_bytes); + +// upload chunk size +define('UPLOAD_CHUNK_SIZE', $upload_chunk_size_bytes); + +// private key and session name to store to the session +if ( !defined( 'FM_SESSION_ID')) { + define('FM_SESSION_ID', 'filemanager'); +} + +// Configuration +$cfg = new FM_Config(); + +// Default language +$lang = isset($cfg->data['lang']) ? $cfg->data['lang'] : 'en'; + +// Show or hide files and folders that starts with a dot +$show_hidden_files = isset($cfg->data['show_hidden']) ? $cfg->data['show_hidden'] : true; + +// PHP error reporting - false = Turns off Errors, true = Turns on Errors +$report_errors = isset($cfg->data['error_reporting']) ? $cfg->data['error_reporting'] : true; + +// Hide Permissions and Owner cols in file-listing +$hide_Cols = isset($cfg->data['hide_Cols']) ? $cfg->data['hide_Cols'] : true; + +// Theme +$theme = isset($cfg->data['theme']) ? $cfg->data['theme'] : 'ir-black'; + +define('FM_THEME', $theme); + +//available languages +$lang_list = array( + 'en' => 'English' +); + +if ($report_errors == true) { + @ini_set('error_reporting', E_ALL); + @ini_set('display_errors', 1); +} else { + @ini_set('error_reporting', E_ALL); + @ini_set('display_errors', 0); +} + +// if fm included +if (defined('FM_EMBED')) { + $use_auth = false; + $sticky_navbar = false; +} else { + @set_time_limit(600); + + date_default_timezone_set($default_timezone); + + ini_set('default_charset', 'UTF-8'); + if (version_compare(PHP_VERSION, '5.6.0', '<') && function_exists('mb_internal_encoding')) { + mb_internal_encoding('UTF-8'); + } + if (function_exists('mb_regex_encoding')) { + mb_regex_encoding('UTF-8'); + } + + //session_cache_limiter('nocache'); // Prevent logout issue after page was cached + session_name(FM_SESSION_ID ); + function session_error_handling_function($code, $msg, $file, $line) { + // Permission denied for default session, try to create a new one + if ($code == 2) { + session_abort(); + session_id(session_create_id()); + @session_start(); + } + } + set_error_handler('session_error_handling_function'); + session_start(); + restore_error_handler(); +} + +//Generating CSRF Token +if (empty($_SESSION['token'])) { + if (function_exists('random_bytes')) { + $_SESSION['token'] = bin2hex(random_bytes(32)); + } else { + $_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32)); + } +} + +if (empty($auth_users)) { + $use_auth = false; +} + +//$is_https = isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) +// || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'; +$is_https = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'; + +// update $root_url based on user specific directories +if (isset($_SESSION[FM_SESSION_ID]['logged']) && !empty($directories_users[$_SESSION[FM_SESSION_ID]['logged']])) { + $wd = fm_clean_path(dirname($_SERVER['PHP_SELF'])); + $root_url = $root_url.$wd.DIRECTORY_SEPARATOR.$directories_users[$_SESSION[FM_SESSION_ID]['logged']]; +} +// clean $root_url +$root_url = fm_clean_path($root_url); + +// abs path for site +//defined('FM_ROOT_URL') || define('FM_ROOT_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . (!empty($root_url) ? '/' . $root_url : '')); +//defined('FM_SELF_URL') || define('FM_SELF_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . $_SERVER['PHP_SELF']); +defined('FM_ROOT_URL') || define('FM_ROOT_URL', 'https' . '://' . $http_host . (!empty($root_url) ? '/' . $root_url : '')); +defined('FM_SELF_URL') || define('FM_SELF_URL', 'https' . '://' . $http_host . $_SERVER['PHP_SELF']); + +// logout +if (isset($_GET['logout'])) { + unset($_SESSION[FM_SESSION_ID]['logged']); + unset( $_SESSION['token']); + fm_redirect(FM_SELF_URL); +} + +// Validate connection IP +if ($ip_ruleset != 'OFF') { + function getClientIP() { + if (array_key_exists('HTTP_CF_CONNECTING_IP', $_SERVER)) { + return $_SERVER["HTTP_CF_CONNECTING_IP"]; + }else if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { + return $_SERVER["HTTP_X_FORWARDED_FOR"]; + }else if (array_key_exists('REMOTE_ADDR', $_SERVER)) { + return $_SERVER['REMOTE_ADDR']; + }else if (array_key_exists('HTTP_CLIENT_IP', $_SERVER)) { + return $_SERVER['HTTP_CLIENT_IP']; + } + return ''; + } + + $clientIp = getClientIP(); + $proceed = false; + $whitelisted = in_array($clientIp, $ip_whitelist); + $blacklisted = in_array($clientIp, $ip_blacklist); + + if($ip_ruleset == 'AND'){ + if($whitelisted == true && $blacklisted == false){ + $proceed = true; + } + } else + if($ip_ruleset == 'OR'){ + if($whitelisted == true || $blacklisted == false){ + $proceed = true; + } + } + + if($proceed == false){ + trigger_error('User connection denied from: ' . $clientIp, E_USER_WARNING); + + if($ip_silent == false){ + fm_set_msg(lng('Access denied. IP restriction applicable'), 'error'); + fm_show_header_login(); + fm_show_message(); + } + exit(); + } +} + + +// update root path +if ($use_auth && isset($_SESSION[FM_SESSION_ID]['logged'])) { + $root_path = isset($directories_users[$_SESSION[FM_SESSION_ID]['logged']]) ? $directories_users[$_SESSION[FM_SESSION_ID]['logged']] : $root_path; +} + +// clean and check $root_path +$root_path = rtrim($root_path, '\\/'); +$root_path = str_replace('\\', '/', $root_path); +if (!@is_dir($root_path)) { + echo "

".lng('Root path')." \"{$root_path}\" ".lng('not found!')."

"; + exit; +} + +defined('FM_SHOW_HIDDEN') || define('FM_SHOW_HIDDEN', $show_hidden_files); +defined('FM_ROOT_PATH') || define('FM_ROOT_PATH', $root_path); +defined('FM_LANG') || define('FM_LANG', $lang); +defined('FM_FILE_EXTENSION') || define('FM_FILE_EXTENSION', $allowed_file_extensions); +defined('FM_UPLOAD_EXTENSION') || define('FM_UPLOAD_EXTENSION', $allowed_upload_extensions); +defined('FM_EXCLUDE_ITEMS') || define('FM_EXCLUDE_ITEMS', (version_compare(PHP_VERSION, '7.0.0', '<') ? serialize($exclude_items) : $exclude_items)); +defined('FM_DOC_VIEWER') || define('FM_DOC_VIEWER', $online_viewer); +define('FM_READONLY', $global_readonly || ($use_auth && !empty($readonly_users) && isset($_SESSION[FM_SESSION_ID]['logged']) && in_array($_SESSION[FM_SESSION_ID]['logged'], $readonly_users))); +define('FM_IS_WIN', DIRECTORY_SEPARATOR == '\\'); + +// always use ?p= +if (!isset($_GET['p']) && empty($_FILES)) { + //fm_redirect('/'); +} + +// get path +$p = isset($_GET['p']) ? $_GET['p'] : (isset($_POST['p']) ? $_POST['p'] : ''); + +// clean path +$p = fm_clean_path($p); + +// for ajax request - save +$input = file_get_contents('php://input'); +$_POST = (strpos($input, 'ajax') != FALSE && strpos($input, 'save') != FALSE) ? json_decode($input, true) : $_POST; + +// instead globals vars +define('FM_PATH', $p); +define('FM_USE_AUTH', $use_auth); +define('FM_EDIT_FILE', $edit_files); +defined('FM_ICONV_INPUT_ENC') || define('FM_ICONV_INPUT_ENC', $iconv_input_encoding); +defined('FM_USE_HIGHLIGHTJS') || define('FM_USE_HIGHLIGHTJS', $use_highlightjs); +defined('FM_HIGHLIGHTJS_STYLE') || define('FM_HIGHLIGHTJS_STYLE', $highlightjs_style); +defined('FM_DATETIME_FORMAT') || define('FM_DATETIME_FORMAT', $datetime_format); + +unset($p, $use_auth, $iconv_input_encoding, $use_highlightjs, $highlightjs_style); + +/*************************** ACTIONS ***************************/ + + +// Download +if (isset($_GET['dl'], $_POST['token'])) { + if(!verifyToken($_POST['token'])) { + fm_set_msg("Invalid Token.", 'error'); + } + + $dl = urldecode($_GET['dl']); + $dl = fm_clean_path($dl); + $dl = str_replace('/', '', $dl); + $path = FM_ROOT_PATH; + if (FM_PATH != '') { + $path .= '/' . FM_PATH; + } + if ($dl != '' && is_file($path . '/' . $dl)) { + fm_download_file($path . '/' . $dl, $dl, 1024); + exit; + } else { + fm_set_msg(lng('File not found'), 'error'); + $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); + } +} + +/*************************** ACTIONS ***************************/ + +// get current path +$path = FM_ROOT_PATH; +if (FM_PATH != '') { + $path .= '/' . FM_PATH; +} + +// check path +if (!is_dir($path)) { + fm_redirect(FM_SELF_URL . '?p='); +} + +// get parent folder +$parent = fm_get_parent_path(FM_PATH); + +$objects = is_readable($path) ? scandir($path) : array(); +$folders = array(); +$files = array(); +$current_path = array_slice(explode("/",$path), -1)[0]; +if (is_array($objects) && fm_is_exclude_items($current_path)) { + foreach ($objects as $file) { + if ($file == '.' || $file == '..') { + continue; + } + if (!FM_SHOW_HIDDEN && substr($file, 0, 1) === '.') { + continue; + } + $new_path = $path . '/' . $file; + if (@is_file($new_path) && fm_is_exclude_items($file)) { + $files[] = $file; + } elseif (@is_dir($new_path) && $file != '.' && $file != '..' && fm_is_exclude_items($file)) { + $folders[] = $file; + } + } +} + +if (!empty($files)) { + natcasesort($files); +} +if (!empty($folders)) { + natcasesort($folders); +} + +// file viewer +if (isset($_GET['view'])) { + $file = $_GET['view']; + $file = fm_clean_path($file, false); + $file = str_replace('/', '', $file); + if ($file == '' || !is_file($path . '/' . $file) || !fm_is_exclude_items($file)) { + fm_set_msg(lng('File not found'), 'error'); + $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); + } + + fm_show_header(); // HEADER + fm_show_nav_path(FM_PATH); // current path + + $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file); + $file_path = $path . '/' . $file; + + $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION)); + $mime_type = fm_get_mime_type($file_path); + $filesize_raw = fm_get_size($file_path); + $filesize = fm_get_filesize($filesize_raw); + + $is_zip = false; + $is_gzip = false; + $is_image = false; + $is_audio = false; + $is_video = false; + $is_text = false; + $is_onlineViewer = false; + + $view_title = 'File'; + $filenames = false; // for zip + $content = ''; // for text + $online_viewer = strtolower(FM_DOC_VIEWER); + + if($online_viewer && $online_viewer !== 'false' && in_array($ext, fm_get_onlineViewer_exts())){ + $is_onlineViewer = true; + } + elseif ($ext == 'zip' || $ext == 'tar') { + $is_zip = true; + $view_title = 'Archive'; + $filenames = fm_get_zif_info($file_path, $ext); + } elseif (in_array($ext, fm_get_image_exts())) { + $is_image = true; + $view_title = 'Image'; + } elseif (in_array($ext, fm_get_audio_exts())) { + $is_audio = true; + $view_title = 'Audio'; + } elseif (in_array($ext, fm_get_video_exts())) { + $is_video = true; + $view_title = 'Video'; + } elseif (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) { + $is_text = true; + $content = file_get_contents($file_path); + } + + ?> +
+
+

""

+

+ + :
+ File size:
+ MIME-type:
+ + :
+ :
+ :
+ : %
+ '.lng('Image size').': ' . (isset($image_size[0]) ? $image_size[0] : '0') . ' x ' . (isset($image_size[1]) ? $image_size[1] : '0') . '
'; + } + // Text info + if ($is_text) { + $is_utf8 = fm_is_utf8($content); + if (function_exists('iconv')) { + if (!$is_utf8) { + $content = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $content); + } + } + echo ''.lng('Charset').': ' . ($is_utf8 ? 'utf-8' : '8 bit') . '
'; + } + ?> +

+
+
+ +   +
+ + +
+ + + +
  +
+ + + + +
  + + +   + +   + + +
+ '; + } else if($online_viewer == 'microsoft') { + echo ''; + } + } elseif ($is_zip) { + // ZIP content + if ($filenames !== false) { + echo ''; + foreach ($filenames as $fn) { + if ($fn['folder']) { + echo '' . fm_enc($fn['name']) . '
'; + } else { + echo $fn['name'] . ' (' . fm_get_filesize($fn['filesize']) . ')
'; + } + } + echo ''; + } else { + echo '

'.lng('Error while fetching archive info').'

'; + } + } elseif ($is_image) { + // Image content + if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg', 'webp', 'avif'))) { + echo '

'; + } + } elseif ($is_audio) { + // Audio content + echo '

'; + } elseif ($is_video) { + // Video content + echo '
'; + } elseif ($is_text) { + if (FM_USE_HIGHLIGHTJS) { + // highlight + $hljs_classes = array( + 'shtml' => 'xml', + 'htaccess' => 'apache', + 'phtml' => 'php', + 'lock' => 'json', + 'svg' => 'xml', + ); + $hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext; + if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) { + $hljs_class = 'nohighlight'; + } + $content = '
' . fm_enc($content) . '
'; + } elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) { + // php highlight + $content = highlight_string($content, true); + } else { + $content = '
' . fm_enc($content) . '
'; + } + echo $content; + } + ?> +
+
+ +
+
+ + Want to download this repo? Check here for instructions.
+
+ + Join our new Discord and Telegram. Old announcements are here.
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + '?'); + } + if ($group === false) { + $group = array('name' => '?'); + } + } else { + $owner = array('name' => '?'); + $group = array('name' => '?'); + } + ?> + + + + + + + + + + + + + '?'); + } + if ($group === false) { + $group = array('name' => '?'); + } + } else { + $owner = array('name' => '?'); + $group = array('name' => '?'); + } + ?> + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+ + +
+
..
+
+ + +
+ 		> +
+ ' . readlink($path . '/' . $f) . '' : '') ?>
+ 		"> + + + + + + + + +
+
+ + +
+ 		> +
+ + + + + + + + + ' . readlink($path . '/' . $f) . '' : '') ?> +
+ 		"> + + + + + + + + + + +
+ '.fm_get_filesize($all_files_size).'' ?> + '.$num_files.'' ?> + '.$num_folders.'' ?> +
+
+ +
+
Tiny File Manager
+
+
+ +"; + return; + } + + echo "$external[$key]"; +} + +/** + * Verify CSRF TOKEN and remove after certified + * @param string $token + * @return bool + */ +function verifyToken($token) +{ + if (hash_equals($_SESSION['token'], $token)) { + return true; + } + return false; +} + +/** + * Get mime type + * @param string $file_path + * @return mixed|string + */ +function fm_get_mime_type($file_path) +{ + if (function_exists('finfo_open')) { + $finfo = finfo_open(FILEINFO_MIME_TYPE); + $mime = finfo_file($finfo, $file_path); + finfo_close($finfo); + return $mime; + } elseif (function_exists('mime_content_type')) { + return mime_content_type($file_path); + } elseif (!stristr(ini_get('disable_functions'), 'shell_exec')) { + $file = escapeshellarg($file_path); + $mime = shell_exec('file -bi ' . $file); + return $mime; + } else { + return '--'; + } +} + +/** + * HTTP Redirect + * @param string $url + * @param int $code + */ +function fm_redirect($url, $code = 302) +{ + header('Location: ' . $url, true, $code); + exit; +} + +/** + * Path traversal prevention and clean the url + * It replaces (consecutive) occurrences of / and \\ with whatever is in DIRECTORY_SEPARATOR, and processes /. and /.. fine. + * @param $path + * @return string + */ +function get_absolute_path($path) { + $path = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, $path); + $parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen'); + $absolutes = array(); + foreach ($parts as $part) { + if ('.' == $part) continue; + if ('..' == $part) { + array_pop($absolutes); + } else { + $absolutes[] = $part; + } + } + return implode(DIRECTORY_SEPARATOR, $absolutes); +} + +/** + * Clean path + * @param string $path + * @return string + */ +function fm_clean_path($path, $trim = true) +{ + $path = $trim ? trim($path) : $path; + $path = trim($path, '\\/'); + $path = str_replace(array('../', '..\\'), '', $path); + $path = get_absolute_path($path); + if ($path == '..') { + $path = ''; + } + return str_replace('\\', '/', $path); +} + +/** + * Get parent path + * @param string $path + * @return bool|string + */ +function fm_get_parent_path($path) +{ + $path = fm_clean_path($path); + if ($path != '') { + $array = explode('/', $path); + if (count($array) > 1) { + $array = array_slice($array, 0, -1); + return implode('/', $array); + } + return ''; + } + return false; +} + +function fm_get_display_path($file_path) +{ + global $path_display_mode, $root_path, $root_url; + switch ($path_display_mode) { + case 'relative': + return array( + 'label' => 'Path', + 'path' => fm_enc(fm_convert_win(str_replace($root_path, '', $file_path))) + ); + case 'host': + $relative_path = str_replace($root_path, '', $file_path); + return array( + 'label' => 'Host Path', + 'path' => fm_enc(fm_convert_win('/' . $root_url . '/' . ltrim(str_replace('\\', '/', $relative_path), '/'))) + ); + case 'full': + default: + return array( + 'label' => 'Full Path', + 'path' => fm_enc(fm_convert_win($file_path)) + ); + } +} + +/** + * Check file is in exclude list + * @param string $file + * @return bool + */ +function fm_is_exclude_items($file) { + $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); + if (isset($exclude_items) and sizeof($exclude_items)) { + unset($exclude_items); + } + + $exclude_items = FM_EXCLUDE_ITEMS; + if (version_compare(PHP_VERSION, '7.0.0', '<')) { + $exclude_items = unserialize($exclude_items); + } + if (!in_array($file, $exclude_items) && !in_array("*.$ext", $exclude_items)) { + return true; + } + return false; +} + +/** + * get language translations from json file + * @param int $tr + * @return array + */ +function fm_get_translations($tr) { + try { + $content = @file_get_contents('translation.json'); + if($content !== FALSE) { + $lng = json_decode($content, TRUE); + global $lang_list; + foreach ($lng["language"] as $key => $value) + { + $code = $value["code"]; + $lang_list[$code] = $value["name"]; + if ($tr) + $tr[$code] = $value["translation"]; + } + return $tr; + } + + } + catch (Exception $e) { + echo $e; + } +} + +/** + * @param string $file + * Recover all file sizes larger than > 2GB. + * Works on php 32bits and 64bits and supports linux + * @return int|string + */ +function fm_get_size($file) +{ + static $iswin; + static $isdarwin; + if (!isset($iswin)) { + $iswin = (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN'); + } + if (!isset($isdarwin)) { + $isdarwin = (strtoupper(substr(PHP_OS, 0)) == "DARWIN"); + } + + static $exec_works; + if (!isset($exec_works)) { + $exec_works = (function_exists('exec') && !ini_get('safe_mode') && @exec('echo EXEC') == 'EXEC'); + } + + // try a shell command + if ($exec_works) { + $arg = escapeshellarg($file); + $cmd = ($iswin) ? "for %F in (\"$file\") do @echo %~zF" : ($isdarwin ? "stat -f%z $arg" : "stat -c%s $arg"); + @exec($cmd, $output); + if (is_array($output) && ctype_digit($size = trim(implode("\n", $output)))) { + return $size; + } + } + + // try the Windows COM interface + if ($iswin && class_exists("COM")) { + try { + $fsobj = new COM('Scripting.FileSystemObject'); + $f = $fsobj->GetFile( realpath($file) ); + $size = $f->Size; + } catch (Exception $e) { + $size = null; + } + if (ctype_digit($size)) { + return $size; + } + } + + // if all else fails + return filesize($file); +} + +/** + * Get nice filesize + * @param int $size + * @return string + */ +function fm_get_filesize($size) +{ + $size = (float) $size; + $units = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'); + $power = ($size > 0) ? floor(log($size, 1024)) : 0; + $power = ($power > (count($units) - 1)) ? (count($units) - 1) : $power; + return sprintf('%s %s', round($size / pow(1024, $power), 2), $units[$power]); +} + +/** + * Get total size of directory tree. + * + * @param string $directory Relative or absolute directory name. + * @return int Total number of bytes. + */ +function fm_get_directorysize($directory) { + $bytes = 0; + $directory = realpath($directory); + if ($directory !== false && $directory != '' && file_exists($directory)){ + foreach(new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory, FilesystemIterator::SKIP_DOTS)) as $file){ + $bytes += $file->getSize(); + } + } + return $bytes; +} + +/** + * Get info about zip archive + * @param string $path + * @return array|bool + */ +function fm_get_zif_info($path, $ext) { + if ($ext == 'zip' && function_exists('zip_open')) { + $arch = @zip_open($path); + if ($arch) { + $filenames = array(); + while ($zip_entry = @zip_read($arch)) { + $zip_name = @zip_entry_name($zip_entry); + $zip_folder = substr($zip_name, -1) == '/'; + $filenames[] = array( + 'name' => $zip_name, + 'filesize' => @zip_entry_filesize($zip_entry), + 'compressed_size' => @zip_entry_compressedsize($zip_entry), + 'folder' => $zip_folder + //'compression_method' => zip_entry_compressionmethod($zip_entry), + ); + } + @zip_close($arch); + return $filenames; + } + } elseif($ext == 'tar' && class_exists('PharData')) { + $archive = new PharData($path); + $filenames = array(); + foreach(new RecursiveIteratorIterator($archive) as $file) { + $parent_info = $file->getPathInfo(); + $zip_name = str_replace("phar://".$path, '', $file->getPathName()); + $zip_name = substr($zip_name, ($pos = strpos($zip_name, '/')) !== false ? $pos + 1 : 0); + $zip_folder = $parent_info->getFileName(); + $zip_info = new SplFileInfo($file); + $filenames[] = array( + 'name' => $zip_name, + 'filesize' => $zip_info->getSize(), + 'compressed_size' => $file->getCompressedSize(), + 'folder' => $zip_folder + ); + } + return $filenames; + } + return false; +} + +/** + * Encode html entities + * @param string $text + * @return string + */ +function fm_enc($text) +{ + return htmlspecialchars($text, ENT_QUOTES, 'UTF-8'); +} + +/** + * Prevent XSS attacks + * @param string $text + * @return string + */ +function fm_isvalid_filename($text) { + return (strpbrk($text, '/?%*:|"<>') === FALSE) ? true : false; +} + +/** + * Save message in session + * @param string $msg + * @param string $status + */ +function fm_set_msg($msg, $status = 'ok') +{ + $_SESSION[FM_SESSION_ID]['message'] = $msg; + $_SESSION[FM_SESSION_ID]['status'] = $status; +} + +/** + * Check if string is in UTF-8 + * @param string $string + * @return int + */ +function fm_is_utf8($string) +{ + return preg_match('//u', $string); +} + +/** + * Convert file name to UTF-8 in Windows + * @param string $filename + * @return string + */ +function fm_convert_win($filename) +{ + if (FM_IS_WIN && function_exists('iconv')) { + $filename = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $filename); + } + return $filename; +} + +/** + * @param $obj + * @return array + */ +function fm_object_to_array($obj) +{ + if (!is_object($obj) && !is_array($obj)) { + return $obj; + } + if (is_object($obj)) { + $obj = get_object_vars($obj); + } + return array_map('fm_object_to_array', $obj); +} + +/** + * Get CSS classname for file + * @param string $path + * @return string + */ +function fm_get_file_icon_class($path) +{ + // get extension + $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); + + switch ($ext) { + case 'ico': + case 'gif': + case 'jpg': + case 'jpeg': + case 'jpc': + case 'jp2': + case 'jpx': + case 'xbm': + case 'wbmp': + case 'png': + case 'bmp': + case 'tif': + case 'tiff': + case 'webp': + case 'avif': + case 'svg': + $img = 'fa fa-picture-o'; + break; + case 'passwd': + case 'ftpquota': + case 'sql': + case 'js': + case 'ts': + case 'jsx': + case 'tsx': + case 'hbs': + case 'json': + case 'sh': + case 'config': + case 'twig': + case 'tpl': + case 'md': + case 'gitignore': + case 'c': + case 'cpp': + case 'cs': + case 'py': + case 'rs': + case 'map': + case 'lock': + case 'dtd': + case 'ps1': + $img = 'fa fa-file-code-o'; + break; + case 'txt': + case 'ini': + case 'conf': + case 'log': + case 'htaccess': + case 'yaml': + case 'yml': + case 'toml': + case 'tmp': + case 'top': + case 'bot': + case 'dat': + case 'bak': + case 'htpasswd': + case 'pl': + $img = 'fa fa-file-text-o'; + break; + case 'css': + case 'less': + case 'sass': + case 'scss': + $img = 'fa fa-css3'; + break; + case 'bz2': + case 'tbz2': + case 'tbz': + case 'zip': + case 'rar': + case 'gz': + case 'tgz': + case 'tar': + case '7z': + case 'xz': + case 'txz': + case 'zst': + case 'tzst': + $img = 'fa fa-file-archive-o'; + break; + case 'php': + case 'php4': + case 'php5': + case 'phps': + case 'phtml': + $img = 'fa fa-code'; + break; + case 'htm': + case 'html': + case 'shtml': + case 'xhtml': + $img = 'fa fa-html5'; + break; + case 'xml': + case 'xsl': + $img = 'fa fa-file-excel-o'; + break; + case 'wav': + case 'mp3': + case 'mp2': + case 'm4a': + case 'aac': + case 'ogg': + case 'oga': + case 'wma': + case 'mka': + case 'flac': + case 'ac3': + case 'tds': + $img = 'fa fa-music'; + break; + case 'm3u': + case 'm3u8': + case 'pls': + case 'cue': + case 'xspf': + $img = 'fa fa-headphones'; + break; + case 'avi': + case 'mpg': + case 'mpeg': + case 'mp4': + case 'm4v': + case 'flv': + case 'f4v': + case 'ogm': + case 'ogv': + case 'mov': + case 'mkv': + case '3gp': + case 'asf': + case 'wmv': + case 'webm': + $img = 'fa fa-file-video-o'; + break; + case 'eml': + case 'msg': + $img = 'fa fa-envelope-o'; + break; + case 'xls': + case 'xlsx': + case 'ods': + $img = 'fa fa-file-excel-o'; + break; + case 'csv': + $img = 'fa fa-file-text-o'; + break; + case 'bak': + case 'swp': + $img = 'fa fa-clipboard'; + break; + case 'doc': + case 'docx': + case 'odt': + $img = 'fa fa-file-word-o'; + break; + case 'ppt': + case 'pptx': + $img = 'fa fa-file-powerpoint-o'; + break; + case 'ttf': + case 'ttc': + case 'otf': + case 'woff': + case 'woff2': + case 'eot': + case 'fon': + $img = 'fa fa-font'; + break; + case 'pdf': + $img = 'fa fa-file-pdf-o'; + break; + case 'psd': + case 'ai': + case 'eps': + case 'fla': + case 'swf': + $img = 'fa fa-file-image-o'; + break; + case 'exe': + case 'msi': + $img = 'fa fa-file-o'; + break; + case 'bat': + $img = 'fa fa-terminal'; + break; + default: + $img = 'fa fa-info-circle'; + } + + return $img; +} + +/** + * Get image files extensions + * @return array + */ +function fm_get_image_exts() +{ + return array('ico', 'gif', 'jpg', 'jpeg', 'jpc', 'jp2', 'jpx', 'xbm', 'wbmp', 'png', 'bmp', 'tif', 'tiff', 'psd', 'svg', 'webp', 'avif'); +} + +/** + * Get video files extensions + * @return array + */ +function fm_get_video_exts() +{ + return array('avi', 'webm', 'wmv', 'mp4', 'm4v', 'ogm', 'ogv', 'mov', 'mkv'); +} + +/** + * Get audio files extensions + * @return array + */ +function fm_get_audio_exts() +{ + return array('wav', 'mp3', 'ogg', 'm4a'); +} + +/** + * Get text file extensions + * @return array + */ +function fm_get_text_exts() +{ + return array( + 'txt', 'css', 'ini', 'conf', 'log', 'htaccess', 'passwd', 'ftpquota', 'sql', 'js', 'ts', 'jsx', 'tsx', 'mjs', 'json', 'sh', 'config', + 'php', 'php4', 'php5', 'phps', 'phtml', 'htm', 'html', 'shtml', 'xhtml', 'xml', 'xsl', 'm3u', 'm3u8', 'pls', 'cue', 'bash', 'vue', + 'eml', 'msg', 'csv', 'bat', 'twig', 'tpl', 'md', 'gitignore', 'less', 'sass', 'scss', 'c', 'cpp', 'cs', 'py', 'go', 'zsh', 'swift', + 'map', 'lock', 'dtd', 'svg', 'asp', 'aspx', 'asx', 'asmx', 'ashx', 'jsp', 'jspx', 'cgi', 'dockerfile', 'ruby', 'yml', 'yaml', 'toml', + 'vhost', 'scpt', 'applescript', 'csx', 'cshtml', 'c++', 'coffee', 'cfm', 'rb', 'graphql', 'mustache', 'jinja', 'http', 'handlebars', + 'java', 'es', 'es6', 'markdown', 'wiki', 'tmp', 'top', 'bot', 'dat', 'bak', 'htpasswd', 'pl', 'ps1' + ); +} + +/** + * Get mime types of text files + * @return array + */ +function fm_get_text_mimes() +{ + return array( + 'application/xml', + 'application/javascript', + 'application/x-javascript', + 'image/svg+xml', + 'message/rfc822', + 'application/json', + ); +} + +/** + * Get file names of text files w/o extensions + * @return array + */ +function fm_get_text_names() +{ + return array( + 'license', + 'readme', + 'authors', + 'contributors', + 'changelog', + ); +} + +/** + * Get online docs viewer supported files extensions + * @return array + */ +function fm_get_onlineViewer_exts() +{ + return array('doc', 'docx', 'xls', 'xlsx', 'pdf', 'ppt', 'pptx', 'ai', 'psd', 'dxf', 'xps', 'rar', 'odt', 'ods'); +} + +/** + * It returns the mime type of a file based on its extension. + * @param extension The file extension of the file you want to get the mime type for. + * @return string|string[] The mime type of the file. + */ +function fm_get_file_mimes($extension) +{ + $fileTypes['swf'] = 'application/x-shockwave-flash'; + $fileTypes['pdf'] = 'application/pdf'; + $fileTypes['exe'] = 'application/octet-stream'; + $fileTypes['zip'] = 'application/zip'; + $fileTypes['doc'] = 'application/msword'; + $fileTypes['xls'] = 'application/vnd.ms-excel'; + $fileTypes['ppt'] = 'application/vnd.ms-powerpoint'; + $fileTypes['gif'] = 'image/gif'; + $fileTypes['png'] = 'image/png'; + $fileTypes['jpeg'] = 'image/jpg'; + $fileTypes['jpg'] = 'image/jpg'; + $fileTypes['webp'] = 'image/webp'; + $fileTypes['avif'] = 'image/avif'; + $fileTypes['rar'] = 'application/rar'; + + $fileTypes['ra'] = 'audio/x-pn-realaudio'; + $fileTypes['ram'] = 'audio/x-pn-realaudio'; + $fileTypes['ogg'] = 'audio/x-pn-realaudio'; + + $fileTypes['wav'] = 'video/x-msvideo'; + $fileTypes['wmv'] = 'video/x-msvideo'; + $fileTypes['avi'] = 'video/x-msvideo'; + $fileTypes['asf'] = 'video/x-msvideo'; + $fileTypes['divx'] = 'video/x-msvideo'; + + $fileTypes['mp3'] = 'audio/mpeg'; + $fileTypes['mp4'] = 'audio/mpeg'; + $fileTypes['mpeg'] = 'video/mpeg'; + $fileTypes['mpg'] = 'video/mpeg'; + $fileTypes['mpe'] = 'video/mpeg'; + $fileTypes['mov'] = 'video/quicktime'; + $fileTypes['swf'] = 'video/quicktime'; + $fileTypes['3gp'] = 'video/quicktime'; + $fileTypes['m4a'] = 'video/quicktime'; + $fileTypes['aac'] = 'video/quicktime'; + $fileTypes['m3u'] = 'video/quicktime'; + + $fileTypes['php'] = ['application/x-php']; + $fileTypes['html'] = ['text/html']; + $fileTypes['txt'] = ['text/plain']; + //Unknown mime-types should be 'application/octet-stream' + if(empty($fileTypes[$extension])) { + $fileTypes[$extension] = ['application/octet-stream']; + } + return $fileTypes[$extension]; +} + +/** + * This function scans the files and folder recursively, and return matching files + * @param string $dir + * @param string $filter + * @return array|null + */ + function scan($dir = '', $filter = '') { + $path = FM_ROOT_PATH.'/'.$dir; + if($path) { + $ite = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path)); + $rii = new RegexIterator($ite, "/(" . $filter . ")/i"); + + $files = array(); + foreach ($rii as $file) { + if (!$file->isDir()) { + $fileName = $file->getFilename(); + $location = str_replace(FM_ROOT_PATH, '', $file->getPath()); + $files[] = array( + "name" => $fileName, + "type" => "file", + "path" => $location, + ); + } + } + return $files; + } +} + +/** +* Parameters: downloadFile(File Location, File Name, +* max speed, is streaming +* If streaming - videos will show as videos, images as images +* instead of download prompt +* https://stackoverflow.com/a/13821992/1164642 +*/ +function fm_download_file($fileLocation, $fileName, $chunkSize = 1024) +{ + if (connection_status() != 0) + return (false); + $extension = pathinfo($fileName, PATHINFO_EXTENSION); + + $contentType = fm_get_file_mimes($extension); + + if(is_array($contentType)) { + $contentType = implode(' ', $contentType); + } + + $size = filesize($fileLocation); + + if ($size == 0) { + fm_set_msg(lng('Zero byte file! Aborting download'), 'error'); + $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); + + return (false); + } + + @ini_set('magic_quotes_runtime', 0); + $fp = fopen("$fileLocation", "rb"); + + if ($fp === false) { + fm_set_msg(lng('Cannot open file! Aborting download'), 'error'); + $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); + return (false); + } + + // headers + header('Content-Description: File Transfer'); + //header('Expires: 0'); + //header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); + header('Pragma: public'); + header("Content-Transfer-Encoding: binary"); + header("Content-Type: $contentType"); + + $contentDisposition = 'attachment'; + + if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { + $fileName = preg_replace('/\./', '%2e', $fileName, substr_count($fileName, '.') - 1); + header("Content-Disposition: $contentDisposition;filename=\"$fileName\""); + } else { + header("Content-Disposition: $contentDisposition;filename=\"$fileName\""); + } + + header("Accept-Ranges: bytes"); + $range = 0; + + if (isset($_SERVER['HTTP_RANGE'])) { + list($a, $range) = explode("=", $_SERVER['HTTP_RANGE']); + str_replace($range, "-", $range); + $size2 = $size - 1; + $new_length = $size - $range; + header("HTTP/1.1 206 Partial Content"); + header("Content-Length: $new_length"); + header("Content-Range: bytes $range$size2/$size"); + } else { + $size2 = $size - 1; + header("Content-Range: bytes 0-$size2/$size"); + header("Content-Length: " . $size); + } + $fileLocation = realpath($fileLocation); + while (ob_get_level()) ob_end_clean(); + readfile($fileLocation); + + fclose($fp); + + return ((connection_status() == 0) and !connection_aborted()); +} + +/** + * If the theme is dark, return the text-white and bg-dark classes. + * @return string the value of the variable. + */ +function fm_get_theme() { + $result = ''; + if(FM_THEME == "dark") { + $result = "text-white bg-dark"; + } + return $result; +} + +/** + * Class to work with zip files (using ZipArchive) + */ +class FM_Zipper +{ + private $zip; + + public function __construct() + { + $this->zip = new ZipArchive(); + } + + /** + * Create archive with name $filename and files $files (RELATIVE PATHS!) + * @param string $filename + * @param array|string $files + * @return bool + */ + public function create($filename, $files) + { + $res = $this->zip->open($filename, ZipArchive::CREATE); + if ($res !== true) { + return false; + } + if (is_array($files)) { + foreach ($files as $f) { + $f = fm_clean_path($f); + if (!$this->addFileOrDir($f)) { + $this->zip->close(); + return false; + } + } + $this->zip->close(); + return true; + } else { + if ($this->addFileOrDir($files)) { + $this->zip->close(); + return true; + } + return false; + } + } + + /** + * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS) + * @param string $filename + * @param string $path + * @return bool + */ + public function unzip($filename, $path) + { + $res = $this->zip->open($filename); + if ($res !== true) { + return false; + } + if ($this->zip->extractTo($path)) { + $this->zip->close(); + return true; + } + return false; + } + + /** + * Add file/folder to archive + * @param string $filename + * @return bool + */ + private function addFileOrDir($filename) + { + if (is_file($filename)) { + return $this->zip->addFile($filename); + } elseif (is_dir($filename)) { + return $this->addDir($filename); + } + return false; + } + + /** + * Add folder recursively + * @param string $path + * @return bool + */ + private function addDir($path) + { + if (!$this->zip->addEmptyDir($path)) { + return false; + } + $objects = scandir($path); + if (is_array($objects)) { + foreach ($objects as $file) { + if ($file != '.' && $file != '..') { + if (is_dir($path . '/' . $file)) { + if (!$this->addDir($path . '/' . $file)) { + return false; + } + } elseif (is_file($path . '/' . $file)) { + if (!$this->zip->addFile($path . '/' . $file)) { + return false; + } + } + } + } + return true; + } + return false; + } +} + +/** + * Class to work with Tar files (using PharData) + */ +class FM_Zipper_Tar +{ + private $tar; + + public function __construct() + { + $this->tar = null; + } + + /** + * Create archive with name $filename and files $files (RELATIVE PATHS!) + * @param string $filename + * @param array|string $files + * @return bool + */ + public function create($filename, $files) + { + $this->tar = new PharData($filename); + if (is_array($files)) { + foreach ($files as $f) { + $f = fm_clean_path($f); + if (!$this->addFileOrDir($f)) { + return false; + } + } + return true; + } else { + if ($this->addFileOrDir($files)) { + return true; + } + return false; + } + } + + /** + * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS) + * @param string $filename + * @param string $path + * @return bool + */ + public function unzip($filename, $path) + { + $res = $this->tar->open($filename); + if ($res !== true) { + return false; + } + if ($this->tar->extractTo($path)) { + return true; + } + return false; + } + + /** + * Add file/folder to archive + * @param string $filename + * @return bool + */ + private function addFileOrDir($filename) + { + if (is_file($filename)) { + try { + $this->tar->addFile($filename); + return true; + } catch (Exception $e) { + return false; + } + } elseif (is_dir($filename)) { + return $this->addDir($filename); + } + return false; + } + + /** + * Add folder recursively + * @param string $path + * @return bool + */ + private function addDir($path) + { + $objects = scandir($path); + if (is_array($objects)) { + foreach ($objects as $file) { + if ($file != '.' && $file != '..') { + if (is_dir($path . '/' . $file)) { + if (!$this->addDir($path . '/' . $file)) { + return false; + } + } elseif (is_file($path . '/' . $file)) { + try { + $this->tar->addFile($path . '/' . $file); + } catch (Exception $e) { + return false; + } + } + } + } + return true; + } + return false; + } +} + +/** + * Save Configuration + */ + class FM_Config +{ + var $data; + + function __construct() + { + global $root_path, $root_url, $CONFIG; + $fm_url = $root_url.$_SERVER["PHP_SELF"]; + $this->data = array( + 'lang' => 'en', + 'error_reporting' => true, + 'show_hidden' => true + ); + $data = false; + if (strlen($CONFIG)) { + $data = fm_object_to_array(json_decode($CONFIG)); + } else { + $msg = 'Tiny File Manager
Error: Cannot load configuration'; + if (substr($fm_url, -1) == '/') { + $fm_url = rtrim($fm_url, '/'); + $msg .= '
'; + $msg .= '
Seems like you have a trailing slash on the URL.'; + $msg .= '
Try this link: ' . $fm_url . ''; + } + die($msg); + } + if (is_array($data) && count($data)) $this->data = $data; + else $this->save(); + } + + function save() + { + $fm_file = __FILE__; + $var_name = '$CONFIG'; + $var_value = var_export(json_encode($this->data), true); + $config_string = " + + ' . $_SESSION[FM_SESSION_ID]['message'] . '

'; + unset($_SESSION[FM_SESSION_ID]['message']); + unset($_SESSION[FM_SESSION_ID]['status']); + } +} + +/** + * Show page header in Login Form + */ +function fm_show_header_login() +{ +$sprites_ver = '20160315'; +header("Content-Type: text/html; charset=utf-8"); +//header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); +//header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0"); +//header("Pragma: no-cache"); + +global $lang, $root_url, $favicon_path; +?> + + + + + + + + + + + '; } ?> + +<?php echo $title; ?> + + + + + +"> +
+ + +
+ + + + + + + + + + + + + + + + '; } ?> + +<?php echo $title; ?> + + + + + + + + + + + + + + + "> +
+ + + + + +
+ + + + + + + + +
+ + + + \ No newline at end of file