Jeg får disse 2 fejl:
Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /customers/quasi-famoso.dk/quasi-famoso.dk/httpd.www/cms-side/admin.php:2) in /customers/quasi-famoso.dk/quasi-famoso.dk/httpd.www/cms-side/listfiles.php on line 4
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /customers/quasi-famoso.dk/quasi-famoso.dk/httpd.www/cms-side/admin.php:2) in /customers/quasi-famoso.dk/quasi-famoso.dk/httpd.www/cms-side/listfiles.php on line 4
listfiles.php:
<?php ob_start(); ?>
<?php
include('user.php');
if(!isset($_SESSION['user'])){
$user = new user();
$_SESSION['user'] = $user;
}else{
$user = &$_SESSION['user'];
}
if(isset($_POST['pass'])){
if(md5($_POST['pass']) == $user->prefs['adminPass']){
$user->setPrefs(true);
}
}
if($user->prefs['isAdmin']){
if(isset($_GET['folder'])){
$folder = $_GET['folder'];
}else{
$folder = "../";
}
echo "<html><head><title>Administration</title><head><body>";
echo "<form method='post' name='delForm'><input type='hidden' name='delFile'><input type='hidden' name='show'></form>";
echo "<script language='javascript'>
function confirmDel(filename){
if(confirm('Er du sikker på du vil slette '+filename+'?')){
document.forms['delForm'].delFile.value= filename;
document.forms['delForm'].submit();
}
}
function showFile(filename){
file = encodeURI(filename);
window.open('show.php?show='+file);
}
</script>";
if(isset($_POST['UPLOAD_URL'])){
$uploaddir = $_POST['UPLOAD_URL'];
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "<script language='javascript'>alert(\\"File is valid, and was successfully uploaded.\\")</script>";
} else {
print "<script language='javascript'>alert(\\"Possible file upload attack! File was not uploaded.\\")</script>";
}
}
if(isset($_POST['delFile'])){
$del = $_POST['delFile'];
if(is_dir($folder.$del)){
if(!rmdir($folder.$del)){
echo "<script language='javascript'>alert(\\"Could not delete $del. \\\\n Make sure folder is empty.\\");</script>";
}
}else{
if(!unlink($folder.$del)){
echo "<script language='javascript'>alert(\\"Could not delete $del\\");</script>";
}
}
}
if(isset($_POST['dir'])){
mkdir($folder.$_POST['dir']);
}
if(isset($_POST['fileName'])){
$newFile = $_POST['fileName'];
$fh = fopen($folder.$newFile, "w");
if(fwrite($fh, "")===false){
echo "<script language='javascript'>
alert('$newFile could not be created');
</script>";
}
fclose($fh);
}
if($folder != "../"){
$parent = substr($folder, 0, (strrpos(substr($folder, 0, (strlen($folder)-1)), "/")+1));
echo "<button onclick='location.replace(\\"listFiles.php?folder=$parent\\")'>Tidligere mappe</button><br><hr>";
}
$list = make_file_tree($folder);
$dirlist = $list['dirs'];
$filelist = $list['files'];
echo "Mapper:<br>";
echo "<table width = '400'>";
for($i=0;$i<count($dirlist); $i++){
echo "<tr><td><a href='listFiles.php?folder=$folder$dirlist[$i]/'>$dirlist[$i]</a></td>";
echo "<td width='25'><button onclick='confirmDel(\\"".$dirlist[$i]."\\")'>Slet</button></td></tr>";
}
echo "</table><hr>";
echo "";
while ($typelist = current($filelist)) {
$key = key($filelist);
echo "<b>Filer af typen: $key</b><br>";
echo "<table width = '400'>";
for($j=0; $j<count($typelist);$j++){
echo "<tr><td width='90%'>".$typelist[$j]."</td>";
if($key == "php"|| $key == "html" || $key == "css" || $key == "htm" || $key == "txt"){
echo "<td width='25'><button onclick='showFile(\\"".$folder.$typelist[$j]."\\")'>Rediger</button></td>";
}
echo "<td width='25'><button onclick='window.open(\\"".$folder.$typelist[$j]."\\")'>Vis</button></td>";
echo "<td width='25'><button onclick='confirmDel(\\"".$typelist[$j]."\\")'>Slet</button></td></tr>";
}
echo "</table><hr>";
next($filelist);
}
echo "</body></html>";
}else{
echo "<form method='post'>Admin kodeord:<input type='password' name='pass'><submit value='login'></form>";
}
echo "Lavet af Martin Laugesen 2007";
/*testestetstets*/
function make_file_tree($path){ //where $path is your source dir.
$handle=opendir($path);
while($a=readdir($handle)){
if(!preg_match('/^\\./',$a)){
$full_path="$path$a";
if(is_dir($full_path)){
$dirs[]="$a";
}else if(is_file($full_path) && $a != "temp.txt"){
$ext = substr($a, (strrpos($a, ".")+1));
$files[$ext][]="$a";
}
}
}
closedir($handle);
$list['dirs'] = $dirs;
$list['files'] = $files;
return $list;
}
?>admin.php:
<title>Nyheder</title>
<?php include("indhold/style.txt"); ?>
<table border="0" bodercolor="#FFFFFF" cellspacing="15" cellpadding="0" align="center">
<tr valign="top">
<td width="150">
<!-- MENU TABELLEN !-->
<?php include("indhold/navigation.txt"); ?>
<!-- MENU TABELLEN SLUT !--></td>
<td>
<!-- INDHOLD TABELLEN !-->
<table border="1" bordercolor="#FFFFFF" cellspacing="0" cellpadding="0">
<tr align="center">
<td width="600" height="30" bgcolor="#000033"><font face="verdana" color="#FFFFFF" size="2">Nyheder</font></td>
</tr>
<?php
include("listfiles.php"); ?>
</table>
<!-- INDHOLD TABELLEN SLUT !--></td>
<td width="150">
<!-- STATISTIK TABELLEN !-->
<table border="1" bordercolor="#FFFFFF" cellspacing="0" cellpadding="0">
<tr align="center">
<td width="150" height="30" bgcolor="#000033"><font face="verdana" color="#FFFFFF" size="2">Statistik</font></td>
</tr>
<tr valign="top">
<td width="150" height="100" bgcolor="#AAAAAA" id="indhold">Kommer snart</td>
</tr></table>
<!-- STATISTIK TABELLEN SLUT !-->
</td>
</tr>
</table>
<table border="0" cellspacing="15" cellpadding="0" align="center" id="indhold">
<tr>
<td bgcolor="#888888" width="940"><center><font color="#555555">ALLE RETTIGHEDER FORBEHOLDES AF MARTIN LAUGESEN 2007</font></center></td>
</tr>
</table>