Auto-generated menu?

[Barbaneez]

...

Edited December 15, 2008 by Barbaneez

[Colotomy Headwind]

I'd imagine it'd be prone to exploitation. For example, if you had a directory that you didn't wish to make public, it might display it if the script was incorrectly coded. Downloading pre-made scripts isn't that great of an idea if it's to be used to maintain YOUR website, since customization is just as tedious as writing it yourself.

[Johnno]

I'd imagine it'd be prone to exploitation. For example, if you had a directory that you didn't wish to make public, it might display it if the script was incorrectly coded. Downloading pre-made scripts isn't that great of an idea if it's to be used to maintain YOUR website, since customization is just as tedious as writing it yourself.

It would be possible to make a black-list of directories that the program can't touch. I wouldn't use a script from Hotscripts for something like this, either.

 

This could serve as a basis for the script:

 

<?php$dir = '/home/user/public_html/'; // set directory$dh = opendir($dir);while (false !== ($filename = readdir($dh))) {	// put directory contents into an array$files[] = $filename;}foreach ($files as $k => $v) {$disp_str = ($v == '.' || $v == '..' || $v == 'index.php') ? NULL : $v . '<br />'; // if the folder/file isn't on the blacklist, display itecho $disp_str;}?>

 

(that script won't do what you want just yet, but it can be built on)

 

The blacklist could do with a lot of improvement. Possibly it could go in the first loop.

[segosa]

You should initialise variables like $files before using them because if register_globals is on other users can polute your variable space through GET requests.

 

 

$files = array();

 

 

I think that would work.

[Svip]

Wouldn't it smart to add a blacklist array, Johnno?

 

 

$blacklist = array('.','..','index.php',...);

 

 

And then search in it;

 

 

$disp_str = (!@array_search($v,$blacklist)) ? NULL : $v . '<br />';

 

 

And wouldn't it be smarter to user <li> </li> instead of <br />?

 

 

$disp_str = (!@array_search($v,$blacklist)) ? NULL : '<li>'.$v.'</li>';

 

 

Then of course add <ul></ul> to it at the begining and the end. Though I don't like things to be echoed through the script, rather echo it all at the end.

[Jevon]

And don't forget to stop people going above $dir and browsing other areas. A simple check of "../" in the paths may help, but using other escape codes people could get around such a simple check. Good luck

[fred]

 

Wouldn't it smart to add a blacklist array, Johnno?

 

 

$blacklist = array('.','..','index.php',...);

 

 

And then search in it;

 

 

$disp_str = (!@array_search($v,$blacklist)) ? NULL : $v . '<br />';

 

 

If there is a matching value in the array, the function array_search() returns the corresponding key. Otherwise it returns false.

 

In your blacklist array, the first item is going to be given the key 0. Using your conditional that's still going to be shown because ! treats the 0 and false as being the same. And so it's not gonna work.

 

Easiest would be just to use in_array() instead but if you must use array_search(), you'll need to use something like === false.

[Svip]

True, fred, but you get the idea.

[Johnno]

Well, my code sample wasn't exactly meant to be a script or anything special. It was just a basic outline of what could stand as a building block.

The blacklist array was what I was talking about in the final line of my last post .

 

Now that i've got time, i'll try to write a complete script for it.

[Waste]

That would be awesome.

I'd definatly be interested in something like this for my clan's site.

It'd make offering up downloads of our custom maps/mods much easier than adding each one manually.