settings include,

Inclusion of settings.php moved to start to be like other PHP files
docRoot replaces $_SERVER equivalent
$path now gone in favour of specifying the file path chunks we need
Simplification in a few areas that previously used $path
Other areas of code also simplified for clarity
All file refs (links, ids etc) now relaitive to doc root. This means
less code and doesn't expose full server paths which is a good security
tweak.

files.php

@@ -1,8 +1,9 @@
+<?php include("lib/settings.php");?>
 <!DOCTYPE html>
 
 <html onMouseDown="top.ICEcoder.mouseDown=true" onMouseUp="top.ICEcoder.mouseDown=false" onMouseMove="if(top.ICEcoder) {top.ICEcoder.getMouseXY(event,'files');top.ICEcoder.canResizeFilesW()}" onContextMenu="top.ICEcoder.rightClickedFile=top.ICEcoder.thisFileFolderLink; return top.ICEcoder.showMenu()" onClick="top.ICEcoder.selectFileFolder()">
 <head>
-<title>ICEcoder File Manager</title>
+<title>ICEcoder file manager</title>
 <link rel="stylesheet" type="text/css" href="lib/files.css">
 <script src="lib/coder.js" type="text/javascript"></script>
 </head>
@@ -11,10 +12,9 @@
 <div class="refresh" onClick="top.ICEcoder.refreshFileManager()"><img src="images/refresh.png"></div>
 
 <?php
-include("lib/settings.php");
-$ICEcoder["restrictedFiles"]  = $_SESSION['restrictedFiles'];
-$ICEcoder["bannedFiles"]  = $_SESSION['bannedFiles'];
-$serverType = strrpos($_SERVER['DOCUMENT_ROOT'],":") ? "Windows" : "Linux";
+$ICEcoder["restrictedFiles"] = $_SESSION['restrictedFiles'];
+$ICEcoder["bannedFiles"] = $_SESSION['bannedFiles'];
+$serverType = strrpos($docRoot,":") ? "Windows" : "Linux";
 
 // Function to sort given values alphabetically
 function alphasort($a, $b) {
@@ -35,21 +35,20 @@ class SortingIterator implements IteratorAggregate {
 }
 
 // Get a full list of dirs & files and begin sorting using above class & function
-$path = $ICEcoder["root"];
-$objectList = new SortingIterator(new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::SELF_FIRST), 'alphasort');
+$objectList = new SortingIterator(new RecursiveIteratorIterator(new RecursiveDirectoryIterator($docRoot.$iceRoot), RecursiveIteratorIterator::SELF_FIRST), 'alphasort');
 
 // With that done, create arrays for out final ordered list and a temp container of files
 $finalArray = $tempArray =  array();
 
 // To start, push folders from object into finalArray, files into tempArray
 foreach ($objectList as $objectRef) {
-	$fileFolderName = substr($objectRef->getPathname(), strlen($path));
+	$fileFolderName = substr($objectRef->getPathname(), strlen($docRoot.$iceRoot));
 	$canAdd = true;
 	for ($i=0;$i<count($ICEcoder["bannedFiles"]);$i++) {
 		if(strpos($fileFolderName,$ICEcoder["bannedFiles"][$i])!==false) {$canAdd = false;}
 	}
 	if ($objectRef->getFilename()!="." && $objectRef->getFilename()!=".." && $fileFolderName[strlen($fileFolderName)-1]!="/" && $canAdd) {
-		$fileFolderName!="/" && is_dir($path.$fileFolderName) ? array_push($finalArray,$fileFolderName) : array_push($tempArray,$fileFolderName);
+		$fileFolderName!="/" && is_dir($docRoot.$iceRoot.$fileFolderName) ? array_push($finalArray,$fileFolderName) : array_push($tempArray,$fileFolderName);
 	}
 }
 
@@ -78,15 +77,15 @@ for ($i=0;$i<count($tempArray);$i++) {
 // Finally, we have our ordered list, so display in a UL
 $fileAtts = "";
 if ($serverType=="Linux") {
-	$chmodInfo = substr(sprintf('%o', fileperms($path)), -3);
+	$chmodInfo = substr(sprintf('%o', fileperms($docRoot.$iceRoot)), -3);
 	$fileAtts = '<span style="color: #888; font-size: 8px" id="|_perms">'.$chmodInfo.'</span>';
 }
 echo "<ul class=\"fileManager\">\n";
 echo "<li class=\"pft-directory\">";
-echo "<a href=\"#\" title=\"/\" onMouseOver=\"top.ICEcoder.overFileFolder('folder','$path/')\" onMouseOut=\"top.ICEcoder.overFileFolder('folder','')\" style=\"position: relative; left:-22px\">";
+echo "<a href=\"#\" title=\"/\" onMouseOver=\"top.ICEcoder.overFileFolder('folder','/')\" onMouseOut=\"top.ICEcoder.overFileFolder('folder','')\" style=\"position: relative; left:-22px\">";
 echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ";
 echo "<span id=\"|\">/ ";
-echo $path == $_SERVER['DOCUMENT_ROOT'] ? "[ROOT]" : str_replace($_SERVER['DOCUMENT_ROOT']."/","",$path);
+echo $iceRoot == "" ? "[ROOT]" : trim($iceRoot,"/");
 echo "</span> ";
 echo $fileAtts;
 echo "</a>";
@@ -97,12 +96,12 @@ $fileBytes=0;
 $dirCount=0;
 for ($i=0;$i<count($finalArray);$i++) {
 	$fileFolderName = str_replace("\\","/",$finalArray[$i]);
-	$type = is_dir($path.$fileFolderName) ? "folder" : "file";
+	$type = is_dir($docRoot.$iceRoot.$fileFolderName) ? "folder" : "file";
 	$type=="folder" ? $dirCount++ : $fileCount++;
-	if (!is_dir($path.$fileFolderName)) {
-		$fileBytes+=filesize($path.$fileFolderName);
+	if ($type=="file") {
+		$fileBytes+=filesize($docRoot.$iceRoot.$fileFolderName);
 		// Get extension (prefix 'ext-' to prevent invalid classes from extensions that begin with numbers)
-		$ext = "ext-".pathinfo($path.$fileFolderName, PATHINFO_EXTENSION);
+		$ext = "ext-".pathinfo($docRoot.$iceRoot.$fileFolderName, PATHINFO_EXTENSION);
 	}
 	$thisDepth = count(explode("/",$fileFolderName));
 	$lastDepth = count(explode("/",$lastPath));
@@ -119,12 +118,12 @@ for ($i=0;$i<count($finalArray);$i++) {
 		}
 	}
 	if ($serverType=="Linux") {
-		$chmodInfo = substr(sprintf('%o', fileperms($path.$fileFolderName)), -3);
-		$fileAtts = '<span style="color: #888; font-size: 8px" id="'.str_replace("/","|",$fileFolderName).'_perms">'.$chmodInfo.'</span>';
+		$chmodInfo = substr(sprintf('%o', fileperms($docRoot.$iceRoot.$fileFolderName)), -3);
+		$fileAtts = '<span style="color: #888; font-size: 8px" id="'.str_replace($docRoot,"",str_replace("/","|",$fileFolderName)).'_perms">'.$chmodInfo.'</span>';
 	}
 	$type == "folder" ? $class = 'pft-directory' : $class = 'pft-file '.strtolower($ext);
 	if ($_SESSION['userLevel'] == 10 || ($_SESSION['userLevel'] < 10 && !$restrictedFile)) {
-		echo "<li class=\"".$class."\"><a href=\"#\" title=\"$fileFolderName\" onMouseOver=\"top.ICEcoder.overFileFolder('$type','$path$fileFolderName')\" onMouseOut=\"top.ICEcoder.overFileFolder('$type','')\" style=\"position: relative; left:-22px\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span id=\"".str_replace("/","|",$fileFolderName)."\">".basename($fileFolderName)."</span> ".$fileAtts."</a>\n";
+		echo "<li class=\"".$class."\"><a href=\"#\" title=\"$fileFolderName\" onMouseOver=\"top.ICEcoder.overFileFolder('$type','".str_replace($docRoot,"",str_replace("/","|",$fileFolderName))."')\" onMouseOut=\"top.ICEcoder.overFileFolder('$type','')\" style=\"position: relative; left:-22px\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span id=\"".str_replace($docRoot,"",str_replace("/","|",$fileFolderName))."\">".basename($fileFolderName)."</span> ".$fileAtts."</a>\n";
 	} else {
 		if ($type == "file") {$fileAtts = "<img src=\"images/padlock.png\" style=\"cursor: pointer\" onClick=\"top.ICEcoder.message('Sorry, you need higher admin level rights to view.')\">";}
 		echo "<li class=\"".$class."\" style=\"cursor: default\"><span style=\"position: relative; left:-22px; color: #888\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [HIDDEN] ".$fileAtts."</span>\n";
@@ -136,14 +135,14 @@ echo "</ul>\n</ul>\n";
 
 	echo "<script>\n";
 	$varOutput = "top.ICEcoder.dirCount=";
-	$dirCount ? $varOutput .= $dirCount.";\n" : $varOutput .= "0;\n";
-	$varOutput .= "top.ICEcoder.fileCount=";
-	$fileCount ? $varOutput .= $fileCount.";\n" : $varOutput .= "0;\n";
-	$varOutput .= "top.ICEcoder.fileBytes=";
-	$fileBytes ? $varOutput .= $fileBytes.";\n" : $varOutput .= "0;\n";
+	$varOutput .= $dirCount ? $dirCount : "0";
+	$varOutput .= ";\ntop.ICEcoder.fileCount=";
+	$varOutput .= $fileCount ? $fileCount : "0";
+	$varOutput .= ";\ntop.ICEcoder.fileBytes=";
+	$varOutput .= $fileBytes ? $fileBytes : "0";
 	// Output the JS vars
 	echo $varOutput;
-	echo "</script>\n";
+	echo ";\n</script>\n";
 ?>
 
 <iframe name="fileControl" style="display: none"></iframe>