sort directory / file listing

i have a script which displays a list of directories, and if u click on the link, it shows the files inside of it. However, it does not display them alphabetically as shown in windows, etc.

here is my code:
[code]
function showIt($path) {
$dir = opendir($path);
$x=0;
while ($file = readdir($dir))
{
//if(strchr($file,".")==".gif") //check that it's really a gif image
if($x > 1) {
$fullPath = $path . $file;
if(is_dir($fullPath)) {
print("$file

");
print(" " . showIt($fullPath) . "
");
}
else {
$pieces = explode(".", $file);

$pathToFile = $path ."/". $file;
if(is_dir($pathToFile)) {
print "     image  ";
print "$file
";
}
else {
print "     image  ";
print "$file
";
}

}
}
$x++;
}
closedir($dir);
}
[/code]

any ideas how i can get it sorted?? no database available..and i am trying not to use a text file,etc..i want it to be dynamic.

thanks,
Craig
[size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]

Comments

  • Hi,

    I think your best bet is to read all the filenames into an array, then sort that array and then loop through that.

    Jonathan

    ###
    for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");

  • : Hi,
    :
    : I think your best bet is to read all the filenames into an array, then sort that array and then loop through that.

    [red]
    yes, thats the only way. use sort or asort (for associative arrays). and again, php.net might come in handy, there are some more sort functions.
    [/red]
    : Jonathan
    :
    : ###
    : for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    : (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    : /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");
    :
    :

    [size=5][italic][blue]Dar[RED]Q[/RED][/blue][/italic][/size]
    NEW url--> http://mark.space.servehttp.com

  • means i will have to rewrite my code, since i dont use arrays..i just print the directories as i find them.

    damn!
    [size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]

  • : means i will have to rewrite my code, since i dont use arrays..i just print the directories as i find them.

    [red]
    come on, its not so hard. instead of printing them directly, put them into an array. then sort and loop through the array. looks to me its just a matter of 5 additional lines of code.

    you can do it
    [/red]
    :
    : damn!
    : [size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]
    :
    :

    [size=5][italic][blue]Dar[RED]Q[/RED][/blue][/italic][/size]
    NEW url--> http://mark.space.servehttp.com

  • : : means i will have to rewrite my code, since i dont use arrays..i just print the directories as i find them.
    :
    : [red]
    : come on, its not so hard. instead of printing them directly, put them into an array. then sort and loop through the array. looks to me its just a matter of 5 additional lines of code.
    :
    : you can do it
    : [/red]
    : :
    : : damn!
    : : [size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]
    : :
    : :
    :
    : [size=5][italic][blue]Dar[RED]Q[/RED][/blue][/italic][/size]
    : NEW url--> http://mark.space.servehttp.com
    :
    :

    ok, ok it's done! Thanks for the inspiration to just do it. I have the script all coded out and i have little icons (to show a folder, file, etc)...not to bad! Anyways, I will post a link to the script once I make it secure. I can't just post the script on my site or someone could see all my directories if they wanted! haha...

    peace



    [size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]

  • : : : means i will have to rewrite my code, since i dont use arrays..i just print the directories as i find them.
    : :
    : : [red]
    : : come on, its not so hard. instead of printing them directly, put them into an array. then sort and loop through the array. looks to me its just a matter of 5 additional lines of code.
    : :
    : : you can do it
    : : [/red]
    : : :
    : : : damn!
    : : : [size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]
    : : :
    : : :
    : :
    : : [size=5][italic][blue]Dar[RED]Q[/RED][/blue][/italic][/size]
    : : NEW url--> http://mark.space.servehttp.com
    : :
    : :
    :
    : ok, ok it's done! Thanks for the inspiration to just do it. I have the script all coded out and i have little icons (to show a folder, file, etc)...not to bad! Anyways, I will post a link to the script once I make it secure. I can't just post the script on my site or someone could see all my directories if they wanted! haha...
    :
    : peace
    Am I allowed to do "security testing" on it? :-D

    Jonathan

    ###
    for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");

  • [red]
    I'd trust Jonathan.
    [/red]
    : Am I allowed to do "security testing" on it? :-D
    :
    : Jonathan
    :
    : ###
    : for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    : (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    : /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");
    :
    :

    [size=5][italic][blue]Dar[RED]Q[/RED][/blue][/italic][/size]
    NEW url--> http://mark.space.servehttp.com

  • [b][red]This message was edited by codecraig at 2004-1-14 4:26:42[/red][/b][hr]
    here's the code, you can try it yourself

    images can downloaded from:
    www.codecraig.com/images/text.gif
    www.codecraig.com/images/textfolder.gif
    www.codecraig.com/images/folder.gif

    [code]
    <?php

    /**
    * Author: Craig Wickesser <[email protected]>
    * Date: Jan. 10, 2004
    *
    * Prerequisites:
    * 1. PHP 4.3+
    * 2. directory named images with the following images:
    * text.gif
    * folder.gif
    * textfolder.gif
    * 3. The supplied path must be a directory that is a in the same
    * directory as this script.
    * Example:
    * /www/testDir
    * /www/showDirsAndFiles.php
    * path = testDir/
    *
    * Your final directory structure should be:
    * /your_path/showDirsAndFiles.php
    * /your_path/images/
    * /your_path/images/text.gif
    * /your_path/images/folder.gif
    * /your_path/images/textfolder.gif
    *
    * OPTIONS:
    * Turn off details: In the showIt() method change the
    * $showDetails variable to false
    **/

    if((isset($_GET[path]))&&($_GET[path] != "")) {
    // Get the path and display folders and files
    $path = $_GET[path];
    // to stop people from looking at to much :) (not the best method, but good 4 now)
    if(($path == ".")||($path == "..")||($path == "./")||($path == "/..")||($path == "./..")||($path == "../")||($path == "../../")||($path == "../..")||($path == "/")||($path == ""))
    showError();
    else {
    $error = false;
    $pathPieces = explode("/", $_SERVER['SCRIPT_NAME']);
    $images = "/" . $pathPieces[1] . "/" . $images;
    if(count(explode("/", $path)) == 1)
    $path = $path . "/";
    showIt($path);
    }
    }
    else {
    // No path was given. Display error message and form to get path.
    showError();
    }

    /**
    * Displays folders and files given a path.
    * @param $path
    **/
    function showIt($path) {
    // initialize variables
    $directories = array();
    $files = array();
    $dirPath = array();
    $filePath = array();
    $count = -1;
    $fileAndDirCounter = 0;
    $showDetails = true;

    // open directory handle
    if(is_dir($path))
    {
    if($dir = opendir($path))
    {
    $pathPieces = explode("/", $path);

    // Print heading
    // If path is just /
    if($pathPieces[1] == "")
    {
    print "image  ";
    print("$pathPieces[0]
    ");
    }
    else
    {
    foreach($pathPieces as $v)
    {
    $count++;
    }
    $count--;
    print "image  ";
    print("$pathPieces[$count]
    ");
    }

    // spin through files/directories in $dir
    while ($file = readdir($dir))
    {
    // first two files/directories are always . and .. so don't count them
    if($fileAndDirCounter > 1)
    {
    // this should be /someFile.txt
    // OR /
    $fullPath = $path . $file;

    if(is_dir($fullPath))
    {
    // Keep track of the directories and their paths
    $dirPath[$fileAndDirCounter] = $fullPath . "/";
    $directories[$fileAndDirCounter] = $file;
    }
    else
    {
    // Keep track of the files and their paths
    $filePath[$fileAndDirCounter] = $fullPath;
    $files[$fileAndDirCounter] = $file;
    } // end else
    } // end if
    $fileAndDirCounter++;
    } // end while loop

    // Close handle to directory
    closedir($dir);

    // 1. Sort the array of directories
    // 2. Print the directories with folder icons
    print "";
    if(count($directories) != 0) {
    natcasesort($directories);
    reset($directories);
    $counter = count($directories) + 2;
    $tempCounter = 2;
    $newArray = array_merge($dirPath,$directories);
    $half = count($newArray) / 2;
    $y = 0;
    for($x=0; $x < $half ;$x++) {
    $t = $half + $y;
    print "";
    print "";
    print "";
    $y++;
    }
    }
    print "
    ";
    print "     image  ";
    print "$newArray[$t]";
    print "
    ";

    // 1. Sort the array of files
    // 2. Print the files with text icons
    print "";
    if(count($files) != 0) {
    natcasesort($files);
    reset($files);
    $counter = count($files) + 2;
    $tempCounter = 2;
    $newArray = array_merge($filePath,$files);
    $half = count($newArray) / 2;
    $y = 0;
    for($x=0; $x < $half ;$x++) {
    $t = $half + $y;
    print "";
    print "";
    if($showDetails)
    {
    print "";
    print "";
    }
    print "";
    $y++;
    }
    }
    print "
    ";
    print "     image  ";
    print "$newArray[$t]";
    print "
    ";
    print "";
    print "   ";
    print "Size: " . fsize($newArray[$x]);
    print "
    ";
    print "
    ";
    print "   ";
    print "";
    print "Modified: " . date ("n/j/Y g:i a", filemtime($newArray[$x])) . "";
    print "
    ";
    print "
    ";
    }
    else
    {
    print "Error";
    print "   ";
    print "Could not open directory handle to $path";
    print "";
    $error = true;
    }
    }
    else
    {
    print "Error";
    print "   ";
    print "You entered an invalid directory: $path";
    print "";
    $error = true;
    }
    }

    if(!$error) {
    print "";
    print "Go Back";
    }

    // This function gets the file size and displays label
    function fsize($file) {
    $a = array("B", "KB", "MB", "GB", "TB", "PB");

    $pos = 0;
    $size = filesize($file);
    while ($size >= 1024) {
    $size /= 1024;
    $pos++;
    }

    return round($size,2)." ".$a[$pos];
    }

    function showError() {
    // No path was given. Display error message and form to get path.
    print "Error";
    print "   ";
    print "No path was given. Please provide a path in the following format: <directory_name>/";
    print "";
    print "   ";
    print "Example: test/";
    print "";
    print "";
    print "Path: ";
    print "";
    print " ";
    print "";
    print "";
    $error = true;
    }
    ?>
    [/code]
    [size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]



  • [b][red]This message was edited by Moderator at 2004-1-14 4:38:19[/red][/b][hr]
    the code looks decent. nicely indented. though i'd use a little bit more empty lines. ah well, the readablility of your code is allright anyway ;)

    [size=5][italic][blue]Dar[RED]Q[/RED][/blue][/italic][/size]
    NEW url--> http://mark.space.servehttp.com



  • : [b][red]This message was edited by Moderator at 2004-1-14 4:38:19[/red][/b][hr]
    : the code looks decent. nicely indented. though i'd use a little bit more empty lines. ah well, the readablility of your code is allright anyway ;)
    :
    : [size=5][italic][blue]Dar[RED]Q[/RED][/blue][/italic][/size]
    : NEW url--> http://mark.space.servehttp.com
    :
    :
    :
    :

    yes, perhaps some more blank lines. However, the indentation should be good...i did it in dreamweaver so i could have some syntax highlighting, and help with the indenting!

    peace,


    [size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]

  • I've had a VERY evil physics exam today, I'm going for dinner now and I'm probably out a bit tonight. I have exploited your code, it does have a security hole and I'll explain later. You can without too much difficulty get at directories below the ones you want to offer people. I'll try and give pointers on how to tighten it up too.

    Jonathan

    ###
    for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");

  • I installed it on my own personal site, http://www.jwcs.net/~jonathan/. It contains a folder called amamp, which I could look at fine. I then did:-

    http://www.jwcs.net/~jonathan/test.php?path=amamp/../../../

    And in no time, was heading way back down the directory tree below the script. I couldn't go much further than that because my server has PHP configured to start doing its own limiting, but I got to the root of the site and could have looked around things I probably should not.

    My question to you would be, should the user *ever* be able to use a ..? I'd suggest not. So just use strpos to see if $path contains a .. and if it does show an error. Also check that the first character of $path isn't a /. That way, you have blocked the two obvious ways of wandering a little further down the directory tree than may be liked. :-)

    Have fun,

    Jonathan

    ###
    for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");

  • yes your right. i noticed that also, and the version that is running on my site disables those abilities (../, /, ./, /.., etc)...i did that after posting it on here. however, I did it the long way of checking:

    if(($path == ".")||($path == "../"))

    etc..

    strpos should be much easier and better.

    Thanks,

    [size=5][italic][blue]Code[/blue][black]:[/black][red]Craig[/red][/italic][/size]

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories