#!/usr/local/bin/perl
######################################
## Web FTP Protocol By DigitalScan  ##
## ©2001+ Digital Networks™         ##
## DigitalScan@webtv.net            ##
######################################
# The top line points to the perl location on your server.
use strict;
use CGI;
$CGI::HEADERS_ONCE=1;
use CGI::Carp qw(fatalsToBrowser);
# You must have CGI.PM module on your server (most servers do.)
use Net::FTP;
####################################################################
# HERE ARE CONFIGURATION VARIABLES      
my $upload_files=6;             
#The number of upload fields
my $temp_dir="temp";            
#Path to temporary directory with uploads/downloads
#I prefer using absolute path but it can be left
#with a relative path just as now.
#It's recommended to make it somewhere outside your
#cgi-bin directory, so please change this default.
my $www_temp_dir="temp";        
#Path from the web to temporary directory
#say you have ftp.cgi at http://www.yoursite.com/cgi-bin/ftp.cgi
#and temporary dir at http://www.yoursite.com/temp
#so you can write "../temp" or full "http://www.yoursite.com/temp"
#Certainly it's connected with $temp_dir variable
####################################################################
my $query=new CGI;
my $ftp;
my $site=$query->param("site");
my $user=$query->param("user");
my $pass=$query->param("pass");
my $dir=$query->param("dir")? $query->param("dir") : "";
my $action=$query->param("action");
print $query->header();
print "<HTML><HEAD><TITLE>Digital Meltdown FTP Protocol</TITLE></HEAD><BODY BGCOLOR=#000020 TEXT=silver><CENTER><IMG SRC=\"http://digibot.hypermart.net/images/DigitalMeltdown.gif\">\n";

unless ($site){
        choose_site();
        exit;
        }

if ($action){
        action($action);
        }

print <<"EOT";
        <FORM NAME=my_form METHOD=POST ENCTYPE="multipart/form-data" >
        <INPUT TYPE=hidden NAME=site VALUE=$site>
        <INPUT TYPE=hidden NAME=user VALUE=$user>
        <INPUT TYPE=hidden NAME=pass VALUE=$pass>
        <INPUT TYPE=hidden NAME=dir VALUE=$dir>
EOT

show_dir();

sub choose_site(){
        print <<"EOT";
        <FORM NAME=my_form METHOD=POST>
        <TABLE BORDER=1>
        <TR><TD>Host address:<TD><INPUT TYPE=text NAME=site>
        <TR><TD>User:<TD><INPUT TYPE=text NAME=user>
        <TR><TD>Password:<TD><INPUT TYPE=password NAME=pass>
        <TR><TD><TD><INPUT TYPE=submit VALUE=Login><INPUT TYPE=reset VALUE=Clear>
        </TABLE>
        </FORM>
        </CENTER></BODY></HTML><noembed>
EOT
        }

sub action(){
        my $action=shift;

        if ($action eq "view"){
                mkdir("$temp_dir", 0777) unless (-e "$temp_dir");
                unlink <$temp_dir/*>;
                my $name=$query->param("name");
                my $new_name;
                login_remote($site, $user, $pass, $dir);
                if ($name=~/\.pl|\.cgi|\.php.|\.shtml|\.css$/){
                        ($new_name=$name)=~s/(.*)(\..*)$/$1/;
                        $new_name.=".txt";
                        }
                else {
                        $new_name=$name;
                        }
                $ftp->get("$name", "$temp_dir/$new_name") or do {error_here("file_not_got", $name); return;};
                print "<script language=Javascript>window.open(\"$www_temp_dir/$new_name\", \"newWin\", \"scrollbars=yes,status=yes,menubar=yes,scrollbars=yes,resizable=yes,width=600,height=400\")</script>";
                }

        if ($action eq "edit"){
                my $sure=$query->param("sure");
                if ($sure eq "yes"){
                        my $name=$query->param("name");
                        my $file_content=$query->param("file_content");
                        open(FILE, ">$temp_dir/$name") or die "Cannot open file: $!";
                        print FILE $file_content;
                        close(FILE) or die "Cannot close file: $!";
                        login_remote($site, $user, $pass, $dir);
                        if ($ftp->put("$temp_dir/$name")){
                                print "<B>$name</B> has been modified.<BR>\n";
                                }
                        else{
                                &error_here("bad_edit");
                                }
                        unlink ("$temp_dir/$name");
                        }
                else {
                        my $name=$query->param("name");
                        return unless $name;
                        mkdir("$temp_dir", 0777) unless (-e "$temp_dir");
                        unlink <$temp_dir/*>;
                        login_remote($site, $user, $pass, $dir);
                        $ftp->get("$name", "$temp_dir/$name") or do {error_here("file_not_got", $name); return;};
                        open(FILE, "$temp_dir/$name") or die "Cannot open file: $!";
                        print <<"EOT";
<FORM name=my_form method=POST>
<INPUT TYPE=hidden NAME=site VALUE=$site>
<INPUT TYPE=hidden NAME=user VALUE=$user>
<INPUT TYPE=hidden NAME=pass VALUE=$pass>
<INPUT TYPE=hidden NAME=dir VALUE=$dir>
<INPUT TYPE=hidden NAME=sure VALUE=yes>
<INPUT TYPE=hidden NAME=name VALUE=$name>
<TABLE WIDTH=600 BORDER=0 CELLPADDING=0 CELLSPACING=0>
<TR><TD COLSPAN=2 ALIGN=center>Edit <B>$name</B></TD></TR>
<TR><TD COLSPAN=2 ALIGN=center>
<TEXTAREA COLS=70 ROWS=30 NAME=file_content>
EOT
                        print while (<FILE>);
                        print <<"EOT";
</TEXTAREA></TD></TR>
<TR><TD WIDTH=50% ALIGN=right><INPUT TYPE=hidden NAME=action VALUE=edit><INPUT TYPE=submit VALUE=Save></TD>
</FORM>
<TD WIDTH=50% ALIGN=left>
<FORM name=my_form method=POST>
<INPUT TYPE=hidden NAME=site VALUE=$site>
<INPUT TYPE=hidden NAME=user VALUE=$user>
<INPUT TYPE=hidden NAME=pass VALUE=$pass>
<INPUT TYPE=hidden NAME=dir VALUE=$dir>
<INPUT TYPE=submit VALUE=Cancel>
</TD></TR>
</TABLE><noembed>
EOT

                        close(FILE) or die "Cannot close file: $!";
                        exit;
                        }
                }

        if ($action eq "new_file"){
                my $sure=$query->param("sure");
                if ($sure eq "yes"){
                        my $name=$query->param("name");
                        my $file_content=$query->param("file_content");
                        open(FILE, ">$temp_dir/$name") or die "Cannot open file: $!";
                        print FILE $file_content;
                        close(FILE) or die "Cannot close file: $!";
                        login_remote($site, $user, $pass, $dir);
                        if ($ftp->put("$temp_dir/$name")){
                                print "<B>$name</B> has been created.<BR>\n";
                                }
                        else{
                                &error_here("bad_edit");
                                }
                        unlink ("$temp_dir/$name");
                        }
                else {
                        my $name = "new_file_name.txt";
                        mkdir("$temp_dir", 0777) unless (-e "$temp_dir");
                        unlink <$temp_dir/*>;
                        login_remote($site, $user, $pass, $dir);
                        print <<"EOT";
<FORM name=my_form method=POST>
<INPUT TYPE=hidden NAME=site VALUE=$site>
<INPUT TYPE=hidden NAME=user VALUE=$user>
<INPUT TYPE=hidden NAME=pass VALUE=$pass>
<INPUT TYPE=hidden NAME=dir VALUE=$dir>
<INPUT TYPE=hidden NAME=sure VALUE=yes>
<TABLE WIDTH=600 BORDER=0 CELLPADDING=0 CELLSPACING=0>
<TR><TD COLSPAN=2 ALIGN=center>Edit <INPUT TYPE=TEXT NAME=name VALUE="$name"></TD></TR>
<TR><TD COLSPAN=2 ALIGN=center>
<TEXTAREA COLS=70 ROWS=30 NAME=file_content>
</TEXTAREA></TD></TR>
<TR><TD WIDTH=50% ALIGN=right><INPUT TYPE=hidden NAME=action VALUE=new_file><INPUT TYPE=submit VALUE=Save></TD>
</FORM>
<TD WIDTH=50% ALIGN=left>
<FORM name=my_form method=POST>
<INPUT TYPE=hidden NAME=site VALUE=$site>
<INPUT TYPE=hidden NAME=user VALUE=$user>
<INPUT TYPE=hidden NAME=pass VALUE=$pass>
<INPUT TYPE=hidden NAME=dir VALUE=$dir>
<INPUT TYPE=submit VALUE=Cancel>
</TD></TR>
</TABLE><noembed>
EOT
                        exit;
                        }