From 4630971e5cf69131fc19d094e5ec634578500377 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Wed, 11 Mar 2020 14:05:21 +0800
Subject: [PATCH 01/28] cache 30m, refresh token 7d

---
 function/common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/function/common.php b/function/common.php
index 35b7672..813eb83 100644
--- a/function/common.php
+++ b/function/common.php
@@ -91,7 +91,7 @@ function getcache($str)
     return $cache->fetch($str);
 }
 
-function savecache($key, $value, $exp = 3300)
+function savecache($key, $value, $exp = 1800)
 {
     $cache = null;
     $cache = new \Doctrine\Common\Cache\FilesystemCache(sys_get_temp_dir(), __DIR__.'/Onedrive/'.$_SERVER['disktag']);
@@ -566,7 +566,7 @@ function main($path)
         error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT));
         $_SERVER['access_token'] = $ret['access_token'];
         savecache('access_token', $_SERVER['access_token'], $ret['expires_in'] - 300);
-        if (time()>getConfig('token_expires')) setConfig([ 'refresh_token' => $ret['refresh_token'], 'token_expires' => time()+30*24*60*60 ]);
+        if (time()>getConfig('token_expires')) setConfig([ 'refresh_token' => $ret['refresh_token'], 'token_expires' => time()+7*24*60*60 ]);
     }
 
     $_SERVER['retry'] = 0;

From a39089355aa17d1464407355adb60470395361b6 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Wed, 11 Mar 2020 14:16:01 +0800
Subject: [PATCH 02/28] Update common.php

---
 function/common.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/function/common.php b/function/common.php
index 813eb83..393f994 100644
--- a/function/common.php
+++ b/function/common.php
@@ -624,8 +624,10 @@ function main($path)
                 if (strtolower(splitlast($filename,'.')[1])==strtolower($_GET['random'])) $tmp[$filename] = $files['children'][$filename]['@microsoft.graph.downloadUrl'];
             }
             $tmp = array_values($tmp);
-            if (count($tmp)>0) return output('', 302, [ 'Location' => $tmp[rand(0,count($tmp)-1)] ]);
-            else return output('',404);
+            if (count($tmp)>0) {
+		if (isset($_GET['url'])) return output($tmp[rand(0,count($tmp)-1)], 200);
+		return output('', 302, [ 'Location' => $tmp[rand(0,count($tmp)-1)] ]);
+            } else return output('',404);
         } else return output('',401);
     }
     if (isset($files['file']) && !$_GET['preview']) {

From f0e25b9ef5174bfeafcbde51cc80280bfbec9301 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Wed, 11 Mar 2020 18:42:47 +0800
Subject: [PATCH 03/28] Update conststr.php

---
 conststr.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conststr.php b/conststr.php
index 2be8e31..550bc65 100644
--- a/conststr.php
+++ b/conststr.php
@@ -13,7 +13,7 @@ $constStr = [
         'zh-cn' => '中文',
         'ja' => '日本語',
         'ko-kr' => '한국어',
-        'fa' => 'Persian',
+        'fa' => 'فارسی',
     ],
     'Week' => [
         'en-us' => [

From 43b8d4f59bb862bdaf9d030bd358441020e5a021 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Wed, 11 Mar 2020 21:10:51 +0800
Subject: [PATCH 04/28] Update .htaccess

---
 .htaccess | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/.htaccess b/.htaccess
index 7444332..45b9c2a 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,2 +1,13 @@
+# apache
 RewriteEngine On
 RewriteRule ^(.*) index.php?/$1 [L]
+
+#-----------------------------------
+# nginx
+# rewrite ^(.*) index.php?/$1 last;
+
+# caddy (not sure)
+# rewrite {
+#     to /index.php?/$1
+# }
+#-----------------------------------

From 47b4db12fbea80049a2e35aa9771b70c58e5d724 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Wed, 11 Mar 2020 21:40:01 +0800
Subject: [PATCH 05/28] hide time and size in mobile

---
 theme/classic.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/theme/classic.php b/theme/classic.php
index ba0753d..cf70706 100644
--- a/theme/classic.php
+++ b/theme/classic.php
@@ -51,6 +51,7 @@
             .list-wrapper{width:95%; margin-bottom:24px;}
             .list-table {padding:8px}
             .list-table td, .list-table th{white-space:nowrap;overflow:auto;max-width:80px}
+            .size, .updated_at{display:none}
         }
     </style>
 </head>

From c809291686d627e94f4e0b094fe832408ff84f68 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Wed, 11 Mar 2020 21:58:26 +0800
Subject: [PATCH 06/28] Update version

---
 version | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/version b/version
index 6a2d5b4..47d021d 100644
--- a/version
+++ b/version
@@ -1,7 +1,14 @@
+20200311-2150.14
+Add a switch, can download a known file or not, while the folder is encrypted.
+Hide time and size in mobile.
+Now, you can get a random 'jpg' from a folder when you type '?random=jpg' after the folder.
+增加一个开关，在目录加密后能否下载其中的某个文件。
+在手机上浏览时，隐藏修改时间跟大小。
+加入一个功能，现在可以在某个目录后面加上'?random=jpg'来得到本目录里面的一张随机jpg。
+
 20200229-1300.13
 In SCF, some config can input Special symbols now, like ?&= 。
 在SCF中，某些配置可以输入特殊符号了，像background可以用?&=之类的了。
-
 20200225-1310.12
 Can update by one click any time. fix bugs: special tag, reupload.
 可以不管版本直接一键更新（覆盖）了。修复可以使用特殊onedrive标签的bug，修复断网续传的问题。

From a3c15960ecd932ed16a3fa1519f74e5f51e196bb Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Thu, 12 Mar 2020 14:20:59 +0800
Subject: [PATCH 07/28] Update readme.md

---
 readme.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/readme.md b/readme.md
index 689958b..28e1350 100644
--- a/readme.md
+++ b/readme.md
@@ -26,7 +26,7 @@ Official: https://cloud.tencent.com/product/scf
 
 ~~How to Install:  https://service-pgxgvop2-1258064400.ap-hongkong.apigateway.myqcloud.com/test/abcdef/%E6%97%A0%E6%9C%8D%E5%8A%A1%E5%99%A8%E5%87%BD%E6%95%B0SCF%E6%90%AD%E5%BB%BAOneDrive.mp4?preview~~  
 
-先在环境变量添加Region，ap-hongkong或ap-guangzhou之类，再安装。  
+先手动在环境变量添加Region，ap-hongkong或ap-guangzhou之类，具体看 https://cloud.tencent.com/document/api/583/17238 最底下，然后再安装。  
 添加网盘时，SCF反应不过来，会添加失败，请不要删除，再添加一次相同的就可以了。  
 
 DEMO:  https://service-pgxgvop2-1258064400.ap-hongkong.apigateway.myqcloud.com/test/abcdef/  

From 4e28e64867c85a1e8b88ed05330b42e8e55c9371 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 10:53:19 +0800
Subject: [PATCH 08/28] Update common.php

---
 function/common.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/function/common.php b/function/common.php
index 393f994..555a847 100644
--- a/function/common.php
+++ b/function/common.php
@@ -364,7 +364,8 @@ function message($message, $title = 'Message', $statusCode = 200)
 
         </p>
     </body>
-</html>', $statusCode);
+</html>
+', $statusCode);
 }
 
 function needUpdate()

From 8bb735ef61b8b07154e5efa51eeb1d4852eb0b9c Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 11:03:16 +0800
Subject: [PATCH 09/28] Update .htaccess

---
 .htaccess | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.htaccess b/.htaccess
index 45b9c2a..f75587a 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,13 +1,15 @@
 # apache
+# LoadModule rewrite_module modules/mod_rewrite.so
+# AllowOverride All
 RewriteEngine On
 RewriteRule ^(.*) index.php?/$1 [L]
 
 #-----------------------------------
 # nginx
 # rewrite ^(.*) index.php?/$1 last;
-
+#
 # caddy (not sure)
 # rewrite {
-#     to /index.php?/$1
+#     to index.php?/$1
 # }
 #-----------------------------------

From 51a485b01e21664b1ffef67585d7b1c89715a873 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 11:32:39 +0800
Subject: [PATCH 10/28] Update readme.md

---
 readme.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/readme.md b/readme.md
index 28e1350..ca4f48a 100644
--- a/readme.md
+++ b/readme.md
@@ -13,7 +13,7 @@ How to Install:
     1.Start web service on your server (httpd or other), make sure you can visit it.  
     启动web服务器，确保你能访问到。  
     2.Make the rewrite works, the rule is in .htaccess file, make sure any query redirect to index.php.  
-    开启伪静态(重写)功能，规则在.htaccess文件中，ngnix自行转换，我们的目的是不管访问什么都让index.php来处理。  
+    开启伪静态(重写)功能，规则在.htaccess文件中，ngnix从里面复制，我们的目的是不管访问什么都让index.php来处理。  
     3.Upload code.  
     上传好代码。  
     4.Change the file config.php can be read&write (666 is suggested).  
@@ -41,7 +41,7 @@ The XXX_path in setting is the path in Onedrive, not in url, program will find t
 LOGO ICON: put your 'favicon.ico' in the path you showed, make sure xxxxx.com/favicon.ico can be visited.   
 网站图标：将favicon.ico文件放在你要展示的目录中，确保 xxxxx.com/favicon.ico 可以访问到。  
 Program will show content of 'readme.md' & 'head.md'.  
-可以在文件列表下面显示readme.md文件的内容。  
+可以在文件列表显示head.md跟readme.md文件的内容。  
 guest up path, is a folder that the guest can upload files, but can not be list (exclude admin).  
 游客上传目录（也叫图床目录），是指定一个目录，让游客可以上传文件，不限格式，不限大小。这个目录里面的内容不列清单（除非管理登录）。  
 If there is 'index.html' file, program will only show the content of 'index.html', not list the files.  

From d832c33206bc1a62949f9f40ba5fd7fcc88abced Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 20:35:28 +0800
Subject: [PATCH 11/28] Update index.php

---
 index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/index.php b/index.php
index c53a035..ff1cac9 100644
--- a/index.php
+++ b/index.php
@@ -4,9 +4,9 @@ include 'conststr.php';
 include 'function/common.php';
 
 //echo '<pre>'. json_encode($_SERVER, JSON_PRETTY_PRINT).'</pre>';
-if ($_SERVER['USER']==='qcloud') {
+if (isset($_SERVER['USER'])&&$_SERVER['USER']==='qcloud') {
     include 'function/scf.php';
-} elseif ($_SERVER['HEROKU_APP_DIR']==='/app') {
+} elseif (isset($_SERVER['HEROKU_APP_DIR'])&&$_SERVER['HEROKU_APP_DIR']==='/app') {
     include 'function/heroku.php';
     $path = getpath();
     //echo 'path:'. $path;

From d69cfbf49480b6786e617dc7d5a0e8c53e22b653 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 20:37:27 +0800
Subject: [PATCH 12/28] Update classic.php

---
 theme/classic.php | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/theme/classic.php b/theme/classic.php
index cf70706..896b0e1 100644
--- a/theme/classic.php
+++ b/theme/classic.php
@@ -70,7 +70,7 @@
             <li><a onclick="showdiv(event,'encrypt','');"><ion-icon name="lock"></ion-icon><?php echo getconstStr('encrypt'); ?></a></li>
             <li><a href="?RefreshCache"><ion-icon name="refresh"></ion-icon><?php echo getconstStr('RefreshCache'); ?></a></li>
 <?php   } ?>
-            <li><a href="<?php echo $_GET['preview']?'?preview&':'?';?>setup"><ion-icon name="settings"></ion-icon><?php echo getconstStr('Setup'); ?></a></li>
+            <li><a href="<?php echo isset($_GET['preview'])?'?preview&':'?';?>setup"><ion-icon name="settings"></ion-icon><?php echo getconstStr('Setup'); ?></a></li>
             <li><a onclick="logout()"><ion-icon name="log-out"></ion-icon><?php echo getconstStr('Logout'); ?></a></li>
         </ul></li>
 <?php
@@ -86,7 +86,7 @@
         </select>
     </div>
 <?php
-    if ($_SERVER['needUpdate']) { ?>
+    if (isset($_SERVER['needUpdate'])&&$_SERVER['needUpdate']) { ?>
     <div style='position:absolute;'><font color='red'><?php echo getconstStr('NeedUpdate'); ?></font></div>
 <?php } ?>
     <h1 class="title">
@@ -133,6 +133,10 @@
             </div>
             <div class="list-body-container">
 <?php
+    $head = false;
+    $readme = false;
+    $pdfurl = false;
+    $DPvideo = false;
     if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { ?>
                 <div id="upload_div" style="margin:10px">
                 <center>
@@ -155,8 +159,6 @@
                     </div>
                     <div style="margin: 24px">
 <?php               $ext = strtolower(substr($path, strrpos($path, '.') + 1));
-                    $DPvideo = '';
-                    $pdfurl = '';
                     if (in_array($ext, $exts['img'])) {
                         echo '                        <img src="' . $files['@microsoft.graph.downloadUrl'] . '" alt="' . substr($path, strrpos($path, '/')) . '" onload="if(this.offsetWidth>document.getElementById(\'url\').offsetWidth) this.style.width=\'100%\';" />
 ';
@@ -202,12 +204,12 @@
                     </div>
                 </div>
 <?php           } elseif (isset($files['folder'])) {
-                    $filenum = $_POST['filenum'];
-                    if (!$filenum and $files['folder']['page']) $filenum = ($files['folder']['page']-1)*200;
-                    $readme = false; ?>
+                    if (isset($_POST['filenum'])) $filenum = $_POST['filenum'];
+                    if (!isset($filenum) and isset($files['folder']['page'])) $filenum = ($files['folder']['page']-1)*200;
+                    else $filenum = 0; ?>
                 <table class="list-table" id="list-table">
                     <tr id="tr0">
-                        <th class="file"><a onclick="sortby('a');"><?php echo getconstStr('File'); ?></a><?php if ($_SERVER['USER']!='qcloud') { ?>&nbsp;&nbsp;&nbsp;<button onclick="showthumbnails(this);"><?php echo getconstStr('ShowThumbnails'); ?></button><?php } ?><button onclick="CopyAllDownloadUrl();"><?php echo getconstStr('CopyAllDownloadUrl'); ?></button></th>
+                        <th class="file"><a onclick="sortby('a');"><?php echo getconstStr('File'); ?></a><?php if (!(isset($_SERVER['USER'])&&$_SERVER['USER']=='qcloud')) { ?>&nbsp;&nbsp;&nbsp;<button onclick="showthumbnails(this);"><?php echo getconstStr('ShowThumbnails'); ?></button><?php } ?><button onclick="CopyAllDownloadUrl();"><?php echo getconstStr('CopyAllDownloadUrl'); ?></button></th>
                         <th class="updated_at" width="25%"><a onclick="sortby('time');"><?php echo getconstStr('EditTime'); ?></a></th>
                         <th class="size" width="15%"><a onclick="sortby('size');"><?php echo getconstStr('Size'); ?></a></th>
                     </tr>
@@ -406,7 +408,7 @@
     <div id="mask" class="mask" style="display:none;"></div>
 <?php
     if ($_SERVER['admin']) {
-        if (!$_GET['preview']) { ?>
+        if (!isset($_GET['preview'])) { ?>
     <div style="word-break: break-all;word-wrap: break-word;">
         <div id="rename_div" class="operatediv" style="display:none">
             <div>
@@ -515,7 +517,7 @@
         <div style="margin:50px">
             <a onclick="operatediv_close('login')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
 	        <center>
-	            <form action="<?php echo $_GET['preview']?'?preview&':'?';?>admin" method="post">
+	            <form action="<?php echo isset($_GET['preview'])?'?preview&':'?';?>admin" method="post">
 		        <input id="login_input" name="password1" type="password" placeholder="<?php echo getconstStr('InputPassword'); ?>">
 		        <input type="submit" value="<?php echo getconstStr('Login'); ?>">
 	            </form>
@@ -572,7 +574,7 @@
         $readme.innerHTML = marked(document.getElementById('readme-md').innerText);
     }
 <?php
-    if ($_GET['preview']) { //is preview mode. 在预览时处理 ?>
+    if (isset($_GET['preview'])) { //is preview mode. 在预览时处理 ?>
     var $url = document.getElementById('url');
     if ($url) {
         $url.innerHTML = location.protocol + '//' + location.host + $url.innerHTML;
@@ -821,7 +823,7 @@
         location.href=location.protocol + "//" + location.host + "<?php echo path_format($_SERVER['base_path'] . '/' . $path );?>" ;
     }
 <?php }
-    if ($files['folder']['childCount']>200) { // more than 200. 有下一页 ?>
+    if (isset($files['folder']['childCount'])&&$files['folder']['childCount']>200) { // more than 200. 有下一页 ?>
     function nextpage(num) {
         document.getElementById('pagenum').value=num;
         document.getElementById('nextpageform').submit();
@@ -1062,7 +1064,7 @@
         document.cookie = "admin=; path=/";
         location.href = location.href;
     }
-<?php   if (!$_GET['preview']) {?>
+<?php   if (!isset($_GET['preview'])) {?>
     function showdiv(event,action,num) {
         var $operatediv=document.getElementsByName('operatediv');
         for ($i=0;$i<$operatediv.length;$i++) {

From 5d0fe1e551cd9edea88697d63ccec54cbadb66a1 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 20:48:40 +0800
Subject: [PATCH 13/28] Update common.php

---
 function/common.php | 47 +++++++++++++++++++++++----------------------
 1 file changed, 24 insertions(+), 23 deletions(-)

diff --git a/function/common.php b/function/common.php
index 555a847..4cc8460 100644
--- a/function/common.php
+++ b/function/common.php
@@ -518,8 +518,8 @@ function main($path)
     } else {
         $adminloginpage = getConfig('adminloginpage');
     }
-    if ($_GET[$adminloginpage]) {
-        if ($_GET['preview']) {
+    if (isset($_GET[$adminloginpage])) {
+        if (isset($_GET['preview'])) {
             $url = $_SERVER['PHP_SELF'] . '?preview';
         } else {
             $url = path_format($_SERVER['PHP_SELF'] . '/');
@@ -533,13 +533,13 @@ function main($path)
         }
     }
     if (getConfig('admin')!='')
-        if ( $_COOKIE['admin']==md5(getConfig('admin')) || $_POST['password1']==getConfig('admin') ) {
+        if ( (isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin'))) || (isset($_POST['password1'])&&$_POST['password1']==getConfig('admin')) ) {
             $_SERVER['admin']=1;
             $_SERVER['needUpdate'] = needUpdate();
         } else {
             $_SERVER['admin']=0;
         }
-    if ($_GET['setup'])
+    if (isset($_GET['setup']))
         if ($_SERVER['admin']) {
             // setup Environments. 设置，对环境变量操作
             return EnvOpt($_SERVER['needUpdate']);
@@ -550,7 +550,7 @@ function main($path)
     
     if (getConfig('admin')=='') return install();
     config_oauth();
-    if ($_SERVER['admin']) if ($_GET['AddDisk']||$_GET['authorization_code']) return get_refresh_token();
+    if ($_SERVER['admin']) if (isset($_GET['AddDisk'])||isset($_GET['authorization_code'])) return get_refresh_token();
     $refresh_token = getConfig('refresh_token');
     //if (!$refresh_token) return get_refresh_token();
     if (!$refresh_token) {
@@ -608,7 +608,7 @@ function main($path)
         if ($_SERVER['ajax']) return output(getconstStr('RefreshtoLogin'),401);
     }
     $_SERVER['ishidden'] = passhidden($path);
-    if ($_GET['thumbnails']) {
+    if (isset($_GET['thumbnails'])) {
         if ($_SERVER['ishidden']<4) {
             if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) {
                 return get_thumbnails_url($path);
@@ -631,7 +631,7 @@ function main($path)
             } else return output('',404);
         } else return output('',401);
     }
-    if (isset($files['file']) && !$_GET['preview']) {
+    if (isset($files['file']) && !isset($_GET['preview'])) {
         // is file && not preview mode
         if ( $_SERVER['ishidden']<4 || (!!getConfig('downloadencrypt')&&$files['name']!=getConfig('passfile')) ) return output('', 302, [ 'Location' => $files['@microsoft.graph.downloadUrl'] ]);
     }
@@ -702,7 +702,7 @@ function adminoperate($path)
     $path1 = path_format($_SERVER['list_path'] . path_format($path));
     if (substr($path1,-1)=='/') $path1=substr($path1,0,-1);
     $tmparr['statusCode'] = 0;
-    if ($_GET['rename_newname']!=$_GET['rename_oldname'] && $_GET['rename_newname']!='') {
+    if (isset($_GET['rename_newname'])&&$_GET['rename_newname']!=$_GET['rename_oldname'] && $_GET['rename_newname']!='') {
         // rename 重命名
         $oldname = spurlencode($_GET['rename_oldname']);
         $oldname = path_format($path1 . '/' . $oldname);
@@ -712,7 +712,7 @@ function adminoperate($path)
         //savecache('path_' . $path1, json_decode('{}',true), 1);
         return output($result['body'], $result['stat']);
     }
-    if ($_GET['delete_name']!='') {
+    if (isset($_GET['delete_name'])) {
         // delete 删除
         $filename = spurlencode($_GET['delete_name']);
         $filename = path_format($path1 . '/' . $filename);
@@ -721,7 +721,7 @@ function adminoperate($path)
         //savecache('path_' . $path1, json_decode('{}',true), 1);
         return output($result['body'], $result['stat']);
     }
-    if ($_GET['operate_action']==getconstStr('encrypt')) {
+    if (isset($_GET['operate_action'])&&$_GET['operate_action']==getconstStr('encrypt')) {
         // encrypt 加密
         if (getConfig('passfile')=='') return message(getconstStr('SetpassfileBfEncrypt'),'',403);
         if ($_GET['encrypt_folder']=='/') $_GET['encrypt_folder']=='';
@@ -733,7 +733,7 @@ function adminoperate($path)
         savecache('path_' . $path1 . '/?password', '', 1);
         return output($result['body'], $result['stat']);
     }
-    if ($_GET['move_folder']!='') {
+    if (isset($_GET['move_folder'])) {
         // move 移动
         $moveable = 1;
         if ($path == '/' && $_GET['move_folder'] == '/../') $moveable=0;
@@ -753,7 +753,7 @@ function adminoperate($path)
             return output('{"error":"'.getconstStr('CannotMove').'"}', 403);
         }
     }
-    if ($_GET['copy_name']!='') {
+    if (isset($_GET['copy_name'])) {
         // copy 复制
         $filename = spurlencode($_GET['copy_name']);
         $filename = path_format($path1 . '/' . $filename);
@@ -789,7 +789,7 @@ function adminoperate($path)
             //savecache('path_' . $path2, json_decode('{}',true), 1);
         return output($result['body'].json_encode($result['Location']), $result['stat']);
     }
-    if ($_POST['editfile']!='') {
+    if (isset($_POST['editfile'])) {
         // edit 编辑
         $data = $_POST['editfile'];
         /*TXT一般不会超过4M，不用二段上传
@@ -802,7 +802,7 @@ function adminoperate($path)
         $resultarry = json_decode($result,true);
         if (isset($resultarry['error'])) return message($resultarry['error']['message']. '<hr><a href="javascript:history.back(-1)">'.getconstStr('Back').'</a>','Error',403);
     }
-    if ($_GET['create_name']!='') {
+    if (isset($_GET['create_name'])) {
         // create 新建
         if ($_GET['create_type']=='file') {
             $filename = spurlencode($_GET['create_name']);
@@ -816,7 +816,7 @@ function adminoperate($path)
         //savecache('path_' . $path1, json_decode('{}',true), 1);
         return output($result['body'], $result['stat']);
     }
-    if ($_GET['RefreshCache']) {
+    if (isset($_GET['RefreshCache'])) {
         $path1 = path_format($_SERVER['list_path'] . path_format($path));
         savecache('path_' . $path1 . '/?password', '', 1);
         return message('<meta http-equiv="refresh" content="2;URL=./">', getconstStr('RefreshCache'), 302);
@@ -1111,7 +1111,7 @@ function render_list($path = '', $files = '')
     Github ： https://github.com/qkqpttgf/OneManager-php
 -->' . ob_get_clean();
     if (isset($htmlpage['statusCode'])) return $htmlpage;
-    if ($_SERVER['Set-Cookie']!='') return output($html, $statusCode, [ 'Set-Cookie' => $_SERVER['Set-Cookie'], 'Content-Type' => 'text/html' ]);
+    if (isset($_SERVER['Set-Cookie'])) return output($html, $statusCode, [ 'Set-Cookie' => $_SERVER['Set-Cookie'], 'Content-Type' => 'text/html' ]);
     return output($html,$statusCode);
 }
 
@@ -1119,9 +1119,10 @@ function get_refresh_token()
 {
     global $constStr;
     global $CommonEnv;
+    $envs = '';
     foreach ($CommonEnv as $env) $envs .= '\'' . $env . '\', ';
     $url = path_format($_SERVER['PHP_SELF'] . '/');
-    if ($_GET['authorization_code'] && isset($_GET['code'])) {
+    if (isset($_GET['authorization_code']) && isset($_GET['code'])) {
         $_SERVER['disktag'] = $_COOKIE['disktag'];
         config_oauth();
         $tmp = curl_request($_SERVER['oauth_url'] . 'token', 'client_id=' . $_SERVER['client_id'] .'&client_secret=' . $_SERVER['client_secret'] . '&grant_type=authorization_code&requested_token_use=on_behalf_of&redirect_uri=' . $_SERVER['redirect_uri'] .'&code=' . $_GET['code']);
@@ -1151,7 +1152,7 @@ function get_refresh_token()
         return message('<pre>' . json_encode(json_decode($tmp['body']), JSON_PRETTY_PRINT) . '</pre>', $tmp['stat']);
         //return message('<pre>' . json_encode($ret, JSON_PRETTY_PRINT) . '</pre>', 500);
     }
-    if ($_GET['install1']) {
+    if (isset($_GET['install1'])) {
         $_SERVER['disk_oprating'] = $_COOKIE['disktag'];
         $_SERVER['disktag'] = $_COOKIE['disktag'];
         config_oauth();
@@ -1170,7 +1171,7 @@ function get_refresh_token()
             return message('something error, try after a few seconds.', 'retry', 201);
         }
     }
-    if ($_GET['install0']) {
+    if (isset($_GET['install0'])) {
         if ($_POST['disktag_add']!='' && ($_POST['Onedrive_ver']=='MS' || $_POST['Onedrive_ver']=='CN' || $_POST['Onedrive_ver']=='MSC')) {
             if (in_array($_COOKIE['disktag'], $CommonEnv)) {
                 return message('Do not input ' . $envs . '<br><button onclick="location.href = location.href;">'.getconstStr('Refresh').'</button><script>document.cookie=\'disktag=; path=/\';</script>', 'Error', 201);
@@ -1249,7 +1250,7 @@ function EnvOpt($needUpdate = 0)
     asort($ShowedCommonEnv);
     asort($ShowedInnerEnv);
     $html = '<title>OneManager '.getconstStr('Setup').'</title>';
-    if ($_POST['updateProgram']==getconstStr('updateProgram')) {
+    if (isset($_POST['updateProgram'])&&$_POST['updateProgram']==getconstStr('updateProgram')) {
         $response = OnekeyUpate();
         if (api_error($response)) {
             $html = api_error_msg($response);
@@ -1262,7 +1263,7 @@ function EnvOpt($needUpdate = 0)
         }
         return message($html, $title);
     }
-    if ($_POST['submit1']) {
+    if (isset($_POST['submit1'])) {
         $_SERVER['disk_oprating'] = '';
         foreach ($_POST as $k => $v) {
             if (in_array($k, $ShowedCommonEnv)||in_array($k, $ShowedInnerEnv)||$k=='disktag_del' || $k=='disktag_add') {
@@ -1292,7 +1293,7 @@ function EnvOpt($needUpdate = 0)
         }
         return message($html, $title);
     }
-    if ($_GET['preview']) {
+    if (isset($_GET['preview'])) {
         $preurl = $_SERVER['PHP_SELF'] . '?preview';
     } else {
         $preurl = path_format($_SERVER['PHP_SELF'] . '/');
@@ -1300,7 +1301,7 @@ function EnvOpt($needUpdate = 0)
     $html .= '
 <a href="'.$preurl.'">'.getconstStr('Back').'</a>&nbsp;&nbsp;&nbsp;<a href="'.$_SERVER['base_path'].'">'.getconstStr('Back').getconstStr('Home').'</a><br>
 <a href="https://github.com/qkqpttgf/OneManager-php">Github</a><br>';
-    if (!($_SERVER['USER']==='qcloud'||$_SERVER['HEROKU_APP_DIR']==='/app')) {
+    if (!((isset($_SERVER['USER'])&&$_SERVER['USER']==='qcloud')||(isset($_SERVER['HEROKU_APP_DIR'])&&$_SERVER['HEROKU_APP_DIR']==='/app'))) {
         $html .= '
 In VPS can not update by a click!<br>';
     } else {

From f7188ff82a30ae1b22e7a98d7142b6540f5184c7 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 20:50:05 +0800
Subject: [PATCH 14/28] Update normal.php

---
 function/normal.php | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/function/normal.php b/function/normal.php
index e6a4d95..e6bf1e8 100644
--- a/function/normal.php
+++ b/function/normal.php
@@ -41,17 +41,21 @@ function getConfig($str, $disktag = '')
     global $InnerEnv;
     global $Base64Env;
     //include 'config.php';
-    if ($disktag=='') $disktag = $_SERVER['disktag'];
     $s = file_get_contents('config.php');
     $configs = substr($s, 18, -2);
     if ($configs!='') {
         $envs = json_decode($configs, true);
         if (in_array($str, $InnerEnv)) {
-            if (in_array($str, $Base64Env)) return equal_replace($envs[$disktag][$str],1);
-            else return $envs[$disktag][$str];
+            if ($disktag=='') $disktag = $_SERVER['disktag'];
+            if (isset($envs[$disktag][$str])) {
+                if (in_array($str, $Base64Env)) return equal_replace($envs[$disktag][$str],1);
+                else return $envs[$disktag][$str];
+            }
         } else {
-            if (in_array($str, $Base64Env)) return equal_replace($envs[$str],1);
-            else return $envs[$str];
+            if (isset($envs[$str])) {
+                if (in_array($str, $Base64Env)) return equal_replace($envs[$str],1);
+                else return $envs[$str];
+            }
         }
     }
     return '';

From 6390047e3e8badab95cef80607764853b0ebe2b1 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 20:59:22 +0800
Subject: [PATCH 15/28] Update common.php

---
 function/common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/function/common.php b/function/common.php
index 4cc8460..56d76bb 100644
--- a/function/common.php
+++ b/function/common.php
@@ -86,14 +86,14 @@ $ShowedInnerEnv = [
 
 function getcache($str)
 {
-    $cache = null;
+    //$cache = null;
     $cache = new \Doctrine\Common\Cache\FilesystemCache(sys_get_temp_dir(), __DIR__.'/Onedrive/'.$_SERVER['disktag']);
     return $cache->fetch($str);
 }
 
 function savecache($key, $value, $exp = 1800)
 {
-    $cache = null;
+    //$cache = null;
     $cache = new \Doctrine\Common\Cache\FilesystemCache(sys_get_temp_dir(), __DIR__.'/Onedrive/'.$_SERVER['disktag']);
     $cache->save($key, $value, $exp);
 }

From 1a786206c0a18f99165fd68391ef55d41e16e58e Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 21:26:48 +0800
Subject: [PATCH 16/28] Update heroku.php

---
 function/heroku.php | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/function/heroku.php b/function/heroku.php
index 32f3b1e..6c4e2dc 100644
--- a/function/heroku.php
+++ b/function/heroku.php
@@ -41,13 +41,18 @@ function getConfig($str, $disktag = '')
 {
     global $InnerEnv;
     global $Base64Env;
-    if ($disktag=='') $disktag = $_SERVER['disktag'];
     if (in_array($str, $InnerEnv)) {
-        if (in_array($str, $Base64Env)) return equal_replace(json_decode(getenv($disktag), true)[$str],1);
-        else return json_decode(getenv($disktag), true)[$str];
+        if ($disktag=='') $disktag = $_SERVER['disktag'];
+        $env = json_decode(getenv($disktag), true);
+        if (isset($env[$str])) {
+            if (in_array($str, $Base64Env)) return equal_replace($env[$str],1);
+            else return $env[$str];
+	}
+    } else {
+	if (in_array($str, $Base64Env)) return equal_replace(getenv($str),1);
+        else return getenv($str);
     }
-    if (in_array($str, $Base64Env)) return equal_replace(getenv($str),1);
-    else return getenv($str);
+    return '';
 }
 
 function setConfig($arr, $disktag = '')

From c2572bfb194ac08765b30dbe3cf7b471668befa8 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 21:28:07 +0800
Subject: [PATCH 17/28] Update common.php

---
 function/common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/function/common.php b/function/common.php
index 56d76bb..5d6ac28 100644
--- a/function/common.php
+++ b/function/common.php
@@ -489,8 +489,8 @@ function main($path)
     global $constStr;
 //echo 'main.enterpath:'.$path.'
 //';
-    $constStr['language'] = $_COOKIE['language'];
-    if ($constStr['language']=='') $constStr['language'] = getConfig('language');
+    if (isset($_COOKIE['language'])) $constStr['language'] = $_COOKIE['language'];
+    if (!isset($constStr['language'])) $constStr['language'] = getConfig('language');
     if ($constStr['language']=='') $constStr['language'] = 'en-us';
     $_SERVER['language'] = $constStr['language'];
     $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);

From cc01d20d05806403160375b5fefd2bf0aa1530fa Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 21:32:43 +0800
Subject: [PATCH 18/28] Update scf.php

---
 function/scf.php | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/function/scf.php b/function/scf.php
index a4e40ae..fb98be5 100644
--- a/function/scf.php
+++ b/function/scf.php
@@ -58,13 +58,18 @@ function getConfig($str, $disktag = '')
 {
     global $InnerEnv;
     global $Base64Env;
-    if ($disktag=='') $disktag = $_SERVER['disktag'];
     if (in_array($str, $InnerEnv)) {
-        if (in_array($str, $Base64Env)) return equal_replace(json_decode(getenv($disktag), true)[$str],1);
-        else return json_decode(getenv($disktag), true)[$str];
+        if ($disktag=='') $disktag = $_SERVER['disktag'];
+        $env = json_decode(getenv($disktag), true);
+        if (isset($env[$str])) {
+            if (in_array($str, $Base64Env)) return equal_replace($env[$str],1);
+            else return $env[$str];
+        }
+    } else {
+        if (in_array($str, $Base64Env)) return equal_replace(getenv($str),1);
+        else return getenv($str);
     }
-    if (in_array($str, $Base64Env)) return equal_replace(getenv($str),1);
-    else return getenv($str);
+    return '';
 }
 
 function setConfig($arr, $disktag = '')

From 517cb90621dfb75e3015977692944992e8e22df5 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 21:45:41 +0800
Subject: [PATCH 19/28] Update common.php

---
 function/common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/function/common.php b/function/common.php
index 5d6ac28..9bca61c 100644
--- a/function/common.php
+++ b/function/common.php
@@ -490,7 +490,7 @@ function main($path)
 //echo 'main.enterpath:'.$path.'
 //';
     if (isset($_COOKIE['language'])) $constStr['language'] = $_COOKIE['language'];
-    if (!isset($constStr['language'])) $constStr['language'] = getConfig('language');
+    if (!$constStr['language']) $constStr['language'] = getConfig('language');
     if ($constStr['language']=='') $constStr['language'] = 'en-us';
     $_SERVER['language'] = $constStr['language'];
     $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);

From 5b5df9d5ee88b2081ef25511cb734c9bca6423e2 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 13 Mar 2020 23:04:17 +0800
Subject: [PATCH 20/28] Add files via upload

---
 theme/onemoe.php | 1206 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 1206 insertions(+)
 create mode 100644 theme/onemoe.php

diff --git a/theme/onemoe.php b/theme/onemoe.php
new file mode 100644
index 0000000..a76d5c0
--- /dev/null
+++ b/theme/onemoe.php
@@ -0,0 +1,1206 @@
+
+<!DOCTYPE html>
+<html lang="<?php echo $constStr['language']; ?>">
+<head>
+    <title><?php echo $pretitle;?> - <?php echo $_SERVER['sitename'];?></title>
+    <meta charset=utf-8>
+    <meta http-equiv=X-UA-Compatible content="IE=edge">
+    <meta name=viewport content="width=device-width,initial-scale=1">
+    <meta name="keywords" content="<?php echo $n_path;?>,<?php if ($p_path!='') echo $p_path.','; echo $_SERVER['sitename'];?>,OneManager,auth_by_逸笙">
+    <link rel="icon" href="<?php echo $_SERVER['base_disk_path'];?>favicon.ico" type="image/x-icon" />
+    <link rel="shortcut icon" href="<?php echo $_SERVER['base_disk_path'];?>favicon.ico" type="image/x-icon" />
+    <style type="text/css">
+        :root{font-size:10px;font-family:Helvetica Neue,Helvetica,Arial,Microsoft Yahei,Hiragino Sans GB,Heiti SC,WenQuanYi Micro Hei,sans-serif}body{background-color:#8ec5fc;background-image:linear-gradient(62deg,#8ec5fc 0,#e0c3fc 100%);min-height:100vh;margin:auto;padding:0 .5rem;max-width:960px;display:flex;flex-direction:column;justify-content:center}body div[style="color: rgba(247,247,249,0);"]{margin-top:4rem;flex:1 0;display:flex;align-items:flex-end}body a.login,body li.operate{font-size:1.2rem;color:#399;position:relative;list-style:none;width:5rem}body a.login ion-icon,body li.operate ion-icon{vertical-align:middle}body a.login:hover ul,body li.operate:hover ul{display:flex}body a.login ul,body li.operate ul{width:2rem;list-style-type:none;display:none;position:absolute;margin-top:0;top:0}body a.login ul li,body li.operate ul li{display:flex;padding:.2rem;z-index:99;border-radius:2px;background-color:#ffefd5;border:dashed 1px #9acd32}body a.login ul li:hover,body li.operate ul li:hover{background-color:#fff}body a.login ul li a,body li.operate ul li a{margin-left:.8rem;width:1.7rem;color:#399;text-decoration:none}body a.login ul li a:hover,body li.operate ul li a:hover{cursor:pointer}body div[style="padding:1px"]{height:4rem}body div.operatediv{position:fixed;background-color:#ddd;border:solid 2px #8a2be2;box-shadow:0 0 10px #399;border-radius:2px;z-index:999}body div.operatediv div{color:#399;font-size:1.5rem;display:flex;flex-direction:column;padding:1rem}body div.operatediv div a.operatediv_close,body div.operatediv div input[type=submit]{align-self:flex-end;width:auto;padding:1px 5px;margin:5px 0;border:solid 2px #399;border-radius:2px;text-align:center;font-size:1.5rem;color:#399}body div.operatediv div a.operatediv_close:hover,body div.operatediv div input[type=submit]:hover{background-color:#399;cursor:pointer;color:#fff}body div.operatediv div label{color:#333;font-size:1.8rem;float:left}body div.operatediv div input,body div.operatediv div select{font-size:1.6rem}body div.mask{display:none}body div[style="position:absolute;"]{top:2rem;background-color:#ff0;border-radius:2px;padding:5px}body h1.title{margin:auto;font-size:3.5rem}body h1.title a{font-family:Cursive;text-decoration:none;color:#3290e7;text-shadow:2px 2px 5px rgba(50,144,231,.5);transition:.2s}body h1.title a:hover{text-shadow:none;font-size:3.8rem}body select.changelanguage{display:none}body div.onemoe-more-disk{margin:auto;margin-top:1rem}body div.onemoe-more-disk div.more-disk{display:flex;flex-wrap:wrap;justify-content:center}body div.onemoe-more-disk div.more-disk a{text-decoration:none;border:solid 2px #399;border-radius:5px;font-weight:700;font-size:1.2rem;padding:5px;margin:3px .5rem;color:#399;transition:.4s;box-sizing:border-box}body div.onemoe-more-disk div.more-disk a:hover,body div.onemoe-more-disk div.more-disk a[now]{color:#fff;background-color:#399;box-shadow:0 0 5px #399}body div.list-wrapper#head-div div.list-header-container{margin-top:1rem}body div.list-wrapper#head-div div.list-header-container div.readme p{font-size:large;padding:0 2rem}body div.list-wrapper#list-div{border-radius:5px;border:solid 5px rgba(137,43,226,.2);margin-top:1rem;font-size:1.5rem}body div.list-wrapper#list-div div.list-header-container{border-radius:2px;border-bottom:dashed 1px rgba(59,66,107,.3);display:flex;align-items:center;background-color:#e0c3fc98}body div.list-wrapper#list-div div.list-header-container a.back-link{margin-left:2rem}body div.list-wrapper#list-div div.list-header-container a.back-link ion-icon{color:#399;width:2rem;height:2rem}body div.list-wrapper#list-div div.list-header-container a.back-link ion-icon:hover{color:#f90}body div.list-wrapper#list-div div.list-header-container h3.table-header{font-size:1.5rem;margin:1rem;color:#399;font-style:italic}body div.list-wrapper#list-div div.list-header-container h3.table-header a{color:#399;text-decoration:none}body div.list-wrapper#list-div div.list-header-container h3.table-header a:hover{color:#f90}body div.list-wrapper#list-div div.list-body-container table.list-table{margin:auto;min-width:100%}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr{color:#333;background-color:#fff;margin:1rem;border:solid 1px #399;border-radius:5px;display:grid;grid-template-columns:6fr 2fr 1fr}@media screen and (max-width:768px){body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr{grid-template-columns:6fr 2fr}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td:nth-last-of-type(2),body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th:nth-last-of-type(2){display:none}}@media screen and (orientation:portrait){body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr{grid-template-columns:1fr}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td:last-of-type,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th:last-of-type{display:none}}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr:first-of-type{border:none;background:rgba(0,0,0,0);margin:0 1.5rem}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr:first-of-type button{display:none;color:#399;font-size:1.2rem;margin-left:1rem;padding:.3rem .8rem;border:solid 2px #399;border-radius:1.2rem;background:rgba(221,221,221,.25)}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr:first-of-type button:hover{box-shadow:0 0 5px #399;cursor:pointer;color:#f5f5f5;border:solid 2px #399;background-color:rgba(137,43,226,.1)}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr:nth-of-type(2){margin-top:0}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr:not(:first-of-type){transition:.2s;border:solid 1px #399}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr:not(:first-of-type):hover{background-color:rgba(137,43,226,.1);transform:translateY(-2px);box-shadow:0 5px 10px rgba(73,90,47,.4)}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th{padding:1rem;align-items:center;display:flex;white-space:nowrap;overflow:hidden}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td:first-of-type a,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th:first-of-type a{color:#333;margin-left:.5rem}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td:first-of-type a:not([onclick]):hover,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th:first-of-type a:not([onclick]):hover{color:#399;text-decoration:underline}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td:first-of-type>ion-icon,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th:first-of-type>ion-icon{color:#333}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td:nth-of-type(2),body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th:nth-of-type(2){justify-content:flex-end;text-align:right}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td:last-of-type,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th:last-of-type{justify-content:flex-end;text-align:right}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td li,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th li{list-style:none}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td a,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th a{text-decoration:none;overflow:hidden;text-overflow:ellipsis}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td li.operate,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th li.operate{display:flex;align-items:center}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td li.operate ul,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th li.operate ul{top:-.5rem;left:1rem}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td li.operate ul li,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th li.operate ul li{padding:.5rem;font-size:1.3rem}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td li.operate ul li a,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th li.operate ul li a{width:auto;padding-right:.8rem}body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr td li.operate ul li:hover a,body div.list-wrapper#list-div div.list-body-container table.list-table tbody tr th li.operate ul li:hover a{color:#399;text-decoration:none}body div.list-wrapper#list-div div.list-body-container div#upload_div center{margin-top:1rem;display:flex;justify-content:space-evenly;align-items:center}body div.list-wrapper#list-div div.list-body-container div#upload_div center input{font-size:1.2rem;vertical-align:middle;padding:.5rem;min-width:5rem;border:solid 2px #696969;border-radius:4px;background-color:#dcdcdc}body div.list-wrapper#list-div div.list-body-container div#upload_div center input:hover{color:#399;box-shadow:0 0 10px #6495ed;cursor:pointer}body div.list-wrapper#list-div:hover{box-shadow:0 0 10px rgba(137,43,226,.25)}body div.onemoe-readme{width:100%;margin:4rem auto 0;border-radius:3px;border:solid 5px rgba(137,43,226,.2);box-sizing:border-box}body div.onemoe-readme div.markdown-body{padding:1rem}body div.onemoe-readme:hover{box-shadow:0 0 10px rgba(137,43,226,.25)}body div[style="margin: 12px 4px 4px; text-align: center"] div a{font-size:1.8rem;color:#399;text-decoration:none}body div[style="margin: 12px 4px 4px; text-align: center"] div a:hover{text-decoration:underline;color:#f90}
+    </style>
+</head>
+
+<body>
+    <div style="padding:1px">
+<?php
+    if (getConfig('admin')!='') if (!$_SERVER['admin']) {
+        if (getConfig('adminloginpage')=='') { ?>
+        <a class="login" onclick="login();"><ion-icon name="log-in"></ion-icon><?php echo getconstStr('Login'); ?></a>
+<?php   }
+    } else { ?>
+        <li class="operate"><ion-icon name="construct"></ion-icon><?php echo getconstStr('Operate'); ?><ul>
+<?php   if (isset($files['folder'])) { ?>
+            <li><a onclick="showdiv(event,'create','');"><ion-icon name="add-circle"></ion-icon><?php echo getconstStr('Create'); ?></a></li>
+            <li><a onclick="showdiv(event,'encrypt','');"><ion-icon name="lock"></ion-icon><?php echo getconstStr('encrypt'); ?></a></li>
+            <li><a href="?RefreshCache"><ion-icon name="refresh"></ion-icon><?php echo getconstStr('RefreshCache'); ?></a></li>
+<?php   } ?>
+            <li><a href="<?php echo $_GET['preview']?'?preview&':'?';?>setup"><ion-icon name="settings"></ion-icon><?php echo getconstStr('Setup'); ?></a></li>
+            <li><a onclick="logout()"><ion-icon name="log-out"></ion-icon><?php echo getconstStr('Logout'); ?></a></li>
+        </ul></li>
+<?php
+    } ?>
+        &nbsp;
+        <select class="changelanguage" name="language" onchange="changelanguage(this.options[this.options.selectedIndex].value)">
+            <option value="">Language</option>
+<?php
+    foreach ($constStr['languages'] as $key1 => $value1) { ?>
+            <option value="<?php echo $key1; ?>" <?php echo $key1==$constStr['language']?'selected="selected"':'' ?>><?php echo $value1; ?></option>
+<?php
+    } ?>
+        </select>
+    </div>
+<?php
+    if ($_SERVER['needUpdate']) { ?>
+    <div style='position:absolute;'><font color='red'><?php echo getconstStr('NeedUpdate'); ?></font></div>
+<?php } ?>
+    <h1 class="title">
+        <a href="<?php echo $_SERVER['base_path']; ?>"><?php echo $_SERVER['sitename']; ?></a>
+    </h1>
+<?php $disktags = explode("|",getConfig('disktag'));
+    if (count($disktags)>1) { ?>
+    <div class="list-wrapper onemoe-more-disk">
+        <div class="list-container">
+            <div class="list-header-container">
+                <div class="more-disk">
+<?php foreach ($disktags as $disk) {
+        $diskname = getConfig('diskname', $disk);
+        if ($diskname=='') $diskname = $disk;
+        echo '                    <a href="'.path_format($_SERVER['base_path'].'/'.$disk).'"'.($_SERVER['disktag']==$disk?' now':'').'>'.$diskname.'</a>
+';
+    } ?>
+                </div>
+            </div>
+        </div>
+    </div>
+<?php }
+    if ($files) { ?>
+    <div class="list-wrapper" id="list-div">
+        <div class="list-container">
+            <div class="list-header-container">
+<?php
+    if ($path !== '/') {
+        $current_url = $_SERVER['PHP_SELF'];
+        while (substr($current_url, -1) === '/') {
+            $current_url = substr($current_url, 0, -1);
+        }
+        if (strpos($current_url, '/') !== FALSE) {
+            $parent_url = substr($current_url, 0, strrpos($current_url, '/'));
+        } else {
+            $parent_url = $current_url;
+        }
+?>
+                <a href="<?php echo $parent_url.'/'; ?>" class="back-link">
+                    <ion-icon name="arrow-back"></ion-icon>
+                </a>
+<?php } ?>
+                <h3 class="table-header"><?php echo str_replace('%23', '#', str_replace('&','&amp;', $path)); ?></h3>
+            </div>
+            <div class="list-body-container">
+<?php
+    if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { ?>
+                <div id="upload_div" style="margin:10px">
+                <center>
+                    <input id="upload_file" type="file" name="upload_filename">
+                    <input id="upload_submit" onclick="preup();" value="<?php echo getconstStr('Upload'); ?>" type="button">
+                <center>
+                </div>
+<?php } else {
+        if ($_SERVER['ishidden']<4) {
+            if (isset($files['error'])) {
+                    echo '<div style="margin:8px;">' . $files['error']['message'] . '</div>';
+                    $statusCode=404;
+            } else {
+                if (isset($files['file'])) {
+?>
+                <div style="margin: 12px 4px 4px; text-align: center">
+                    <div style="margin: 24px">
+                        <textarea id="url" title="url" rows="1" style="width: 100%; margin-top: 2px;" readonly><?php echo str_replace('%2523', '%23', str_replace('%26amp%3B','&amp;',spurlencode(path_format($_SERVER['base_disk_path'] . '/' . $path), '/'))); ?></textarea>
+                        <a href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path);//$files['@microsoft.graph.downloadUrl'] ?>"><ion-icon name="download" style="line-height: 16px;vertical-align: middle;"></ion-icon>&nbsp;<?php echo getconstStr('Download'); ?></a>
+                    </div>
+                    <div style="margin: 24px">
+<?php               $ext = strtolower(substr($path, strrpos($path, '.') + 1));
+                    $DPvideo = '';
+                    $pdfurl = '';
+                    if (in_array($ext, $exts['img'])) {
+                        echo '                        <img src="' . $files['@microsoft.graph.downloadUrl'] . '" alt="' . substr($path, strrpos($path, '/')) . '" onload="if(this.offsetWidth>document.getElementById(\'url\').offsetWidth) this.style.width=\'100%\';" />
+';
+                    } elseif (in_array($ext, $exts['video'])) {
+                    //echo '<video src="' . $files['@microsoft.graph.downloadUrl'] . '" controls="controls" style="width: 100%"></video>';
+                        $DPvideo=$files['@microsoft.graph.downloadUrl'];
+                        echo '                        <div id="video-a0"></div>
+';
+                    } elseif (in_array($ext, $exts['music'])) {
+                        echo '                        <audio src="' . $files['@microsoft.graph.downloadUrl'] . '" controls="controls" style="width: 100%"></audio>
+';
+                    } elseif (in_array($ext, ['pdf'])) {
+                        /*echo '
+                        <embed src="' . $files['@microsoft.graph.downloadUrl'] . '" type="application/pdf" width="100%" height=800px">
+';*/
+                        $pdfurl = $files['@microsoft.graph.downloadUrl'];
+                        echo '                        <div id="pdf-d"></div>
+';
+                    } elseif (in_array($ext, $exts['office'])) {
+                        echo '                        <iframe id="office-a" src="https://view.officeapps.live.com/op/view.aspx?src=' . urlencode($files['@microsoft.graph.downloadUrl']) . '" style="width: 100%;height: 800px" frameborder="0"></iframe>
+';
+                    } elseif (in_array($ext, $exts['txt'])) {
+                        $txtstr = htmlspecialchars(curl_request($files['@microsoft.graph.downloadUrl'])['body']);
+?>
+                        <div id="txt">
+<?php                   if ($_SERVER['admin']) { ?>
+                        <form id="txt-form" action="" method="POST">
+                            <a onclick="document.getElementById('txt-a').readOnly='';document.getElementById('txt-save').style.display='';document.getElementById('txt-editbutton').style.display='none';document.getElementById('txt-cancelbutton').style.display='';" id="txt-editbutton"><ion-icon name="create"></ion-icon><?php echo getconstStr('ClicktoEdit'); ?></a>
+                            <a onclick="document.getElementById('txt-a').readOnly='readonly';document.getElementById('txt-save').style.display='none';document.getElementById('txt-editbutton').style.display='';document.getElementById('txt-cancelbutton').style.display='none';" id="txt-cancelbutton" style="display:none"><ion-icon name="close"></ion-icon><?php echo getconstStr('CancelEdit'); ?></a>&nbsp;&nbsp;&nbsp;
+                            <a id="txt-save" style="display:none"><ion-icon name="save"></ion-icon><?php echo getconstStr('Save'); ?></a>
+<?php                   } ?>
+                            <textarea id="txt-a" name="editfile" readonly style="width: 100%; margin-top: 2px;" <?php if ($_SERVER['admin']) echo 'onchange="document.getElementById(\'txt-save\').onclick=function(){document.getElementById(\'txt-form\').submit();}"';?> ><?php echo $txtstr;?></textarea>
+<?php                   if ($_SERVER['admin']) echo '</form>'; ?>
+                        </div>
+<?php               } /*elseif (in_array($ext, ['md'])) {
+                        echo '                        <div class="markdown-body" id="readme">
+                            <textarea id="readme-md" style="display:none;">' . curl_request($files['@microsoft.graph.downloadUrl'])['body'] . '</textarea>
+                        </div>
+';
+                    }*/ else {
+                        echo '<span>'.getconstStr('FileNotSupport').'</span>';
+                    } ?>
+                    </div>
+                </div>
+<?php           } elseif (isset($files['folder'])) {
+                    $filenum = $_POST['filenum'];
+                    if (!$filenum and $files['folder']['page']) $filenum = ($files['folder']['page']-1)*200;
+                    $readme = false; ?>
+                <table class="list-table" id="list-table">
+                    <tr id="tr0">
+                        <th class="file"><a onclick="sortby('a');"><?php echo getconstStr('File'); ?></a><?php if ($_SERVER['USER']!='qcloud') { ?>&nbsp;&nbsp;&nbsp;<button onclick="showthumbnails(this);"><?php echo getconstStr('ShowThumbnails'); ?></button><?php } ?><button onclick="CopyAllDownloadUrl();"><?php echo getconstStr('CopyAllDownloadUrl'); ?></button></th>
+                        <th class="updated_at"><a onclick="sortby('time');"><?php echo getconstStr('EditTime'); ?></a></th>
+                        <th class="size"><a onclick="sortby('size');"><?php echo getconstStr('Size'); ?></a></th>
+                    </tr>
+                    <!-- Dirs -->
+<?php               //echo json_encode($files['children'], JSON_PRETTY_PRINT);
+                    foreach ($files['children'] as $file) {
+                        // Folders
+                        if (isset($file['folder'])) { 
+                            $filenum++; ?>
+                    <tr data-to id="tr<?php echo $filenum;?>">
+                        <td class="file">
+<?php                       if ($_SERVER['admin']) { ?>
+                            <li class="operate"><ion-icon name="construct"></ion-icon><a><?php echo getconstStr('Operate'); ?></a>
+                            <ul>
+                                <li><a onclick="showdiv(event,'encrypt',<?php echo $filenum;?>);"><ion-icon name="lock"></ion-icon><?php echo getconstStr('encrypt'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'rename',<?php echo $filenum;?>);"><ion-icon name="create"></ion-icon><?php echo getconstStr('Rename'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'move',<?php echo $filenum;?>);"><ion-icon name="move"></ion-icon><?php echo getconstStr('Move'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'copy',<?php echo $filenum;?>);"><ion-icon name="copy"></ion-icon><?php echo getconstStr('Copy'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'delete',<?php echo $filenum;?>);"><ion-icon name="trash"></ion-icon><?php echo getconstStr('Delete'); ?></a></li>
+                            </ul>
+                            </li>
+<?php                       } ?>
+                            <ion-icon name="folder"></ion-icon>
+                            <a id="file_a<?php echo $filenum;?>" name="filelist" href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path . '/' . encode_str_replace($file['name']) . '/'); ?>"><?php echo str_replace('&','&amp;', $file['name']);?></a>
+                        </td>
+                        <td class="updated_at" id="folder_time<?php echo $filenum;?>"><?php echo time_format($file['lastModifiedDateTime']); ?></td>
+                        <td class="size" id="folder_size<?php echo $filenum;?>"><?php echo size_format($file['size']); ?></td>
+                    </tr>
+<?php                   }
+                    }
+                    // if ($filenum) echo '<tr data-to></tr>';
+                    foreach ($files['children'] as $file) {
+                        // Files
+                        if (isset($file['file'])) {
+                            if ($_SERVER['admin'] or (substr($file['name'],0,1) !== '.' and $file['name'] !== getConfig('passfile') ) ) {
+                                if (strtolower($file['name']) === 'head.md') $head = $file;
+                                if (strtolower($file['name']) === 'readme.md') $readme = $file;
+                                if (strtolower($file['name']) === 'index.html' && !$_SERVER['admin']) {
+                                    $html = curl_request(fetch_files(spurlencode(path_format($path . '/' .$file['name']),'/'))['@microsoft.graph.downloadUrl'])['body'];
+                                    return output($html,200);
+                                }
+                                $filenum++; ?>
+                    <tr data-to id="tr<?php echo $filenum;?>">
+                        <td class="file">
+<?php                           if ($_SERVER['admin']) { ?>
+                            <li class="operate"><ion-icon name="construct"></ion-icon><a><?php echo getconstStr('Operate'); ?></a>
+                            <ul>
+                                <li><a onclick="showdiv(event, 'rename',<?php echo $filenum;?>);"><ion-icon name="create"></ion-icon><?php echo getconstStr('Rename'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'move',<?php echo $filenum;?>);"><ion-icon name="move"></ion-icon><?php echo getconstStr('Move'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'copy',<?php echo $filenum;?>);"><ion-icon name="copy"></ion-icon><?php echo getconstStr('Copy'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'delete',<?php echo $filenum;?>);"><ion-icon name="trash"></ion-icon><?php echo getconstStr('Delete'); ?></a></li>
+                            </ul>
+                            </li>
+<?php                           }
+                                $ext = strtolower(substr($file['name'], strrpos($file['name'], '.') + 1));
+                                if (in_array($ext, $exts['music'])) { ?>
+                            <ion-icon name="musical-notes"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['video'])) { ?>
+                            <ion-icon name="logo-youtube"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['img'])) { ?>
+                            <ion-icon name="image"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['office'])) { ?>
+                            <ion-icon name="paper"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['txt'])) { ?>
+                            <ion-icon name="clipboard"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['zip'])) { ?>
+                            <ion-icon name="filing"></ion-icon>
+<?php                           } elseif ($ext=='iso') { ?>
+                            <ion-icon name="disc"></ion-icon>
+<?php                           } elseif ($ext=='apk') { ?>
+                            <ion-icon name="logo-android"></ion-icon>
+<?php                           } elseif ($ext=='exe') { ?>
+                            <ion-icon name="logo-windows"></ion-icon>
+<?php                           } else { ?>
+                            <ion-icon name="document"></ion-icon>
+<?php                           } ?>
+                            <a id="file_a<?php echo $filenum;?>" name="filelist" href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path . '/' . encode_str_replace($file['name'])); ?>?preview" target=_blank><?php echo str_replace('&','&amp;', $file['name']); ?></a>
+                            <a class="download" href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path . '/' . str_replace('&','&amp;', $file['name']));?>"><ion-icon name="download"></ion-icon></a>
+                        </td>
+                        <td class="updated_at" id="file_time<?php echo $filenum;?>"><?php echo time_format($file['lastModifiedDateTime']); ?></td>
+                        <td class="size" id="file_size<?php echo $filenum;?>"><?php echo size_format($file['size']); ?></td>
+                    </tr>
+<?php                       }
+                        }
+                    } ?>
+                </table>
+<?php               if ($files['folder']['childCount']>200) {
+                        $pagenum = $files['folder']['page'];
+                        $maxpage = ceil($files['folder']['childCount']/200);
+                        $prepagenext = '
+                <form action="" method="POST" id="nextpageform">
+                    <input type="hidden" id="pagenum" name="pagenum" value="'. $pagenum .'">
+                    <table width=100% border=0>
+                        <tr>
+                            <td width=60px align=center>';
+                        if ($pagenum!=1) {
+                            $prepagenum = $pagenum-1;
+                            $prepagenext .= '
+                                <a onclick="nextpage('.$prepagenum.');">'.getconstStr('PrePage').'</a>';
+                        }
+                        $prepagenext .= '
+                            </td>
+                            <td class="updated_at">';
+                        for ($page=1;$page<=$maxpage;$page++) {
+                            if ($page == $pagenum) {
+                                $prepagenext .= '
+                                <font color=red>' . $page . '</font> ';
+                            } else {
+                                $prepagenext .= '
+                                <a onclick="nextpage('.$page.');">' . $page . '</a> ';
+                            }
+                        }
+                        $prepagenext = substr($prepagenext,0,-1);
+                        $prepagenext .= '
+                            </td>
+                            <td width=60px align=center>';
+                        if ($pagenum!=$maxpage) {
+                            $nextpagenum = $pagenum+1;
+                            $prepagenext .= '
+                                <a onclick="nextpage('.$nextpagenum.');">'.getconstStr('NextPage').'</a>';
+                        }
+                        $prepagenext .= '
+                            </td>
+                        </tr>
+                    </table>
+                </form>';
+                        echo $prepagenext;
+                    }
+                    if ($_SERVER['admin']) { ?>
+                <div id="upload_div" style="margin:0 0 16px 0">
+                <center>
+                    <input id="upload_file" type="file" name="upload_filename" multiple="multiple">
+                    <input id="upload_submit" onclick="preup();" value="<?php echo getconstStr('Upload'); ?>" type="button">
+                </center>
+                </div>
+<?php               }
+                } else {
+                    $statusCode=500;
+                    echo 'Unknown path or file.';
+                    echo json_encode($files, JSON_PRETTY_PRINT);
+                }
+                if ($head) {
+                    echo '
+            </div>
+        </div>
+    </div>
+    <div class="list-wrapper" id="head-div">
+        <div class="list-container">
+            <div class="list-header-container">
+                <div class="readme">
+                    <!--<svg class="octicon octicon-book" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path fill-rule="evenodd" d="M3 5h4v1H3V5zm0 3h4V7H3v1zm0 2h4V9H3v1zm11-5h-4v1h4V5zm0 2h-4v1h4V7zm0 2h-4v1h4V9zm2-6v9c0 .55-.45 1-1 1H9.5l-1 1-1-1H2c-.55 0-1-.45-1-1V3c0-.55.45-1 1-1h5.5l1 1 1-1H15c.55 0 1 .45 1 1zm-8 .5L7.5 3H2v9h6V3.5zm7-.5H9.5l-.5.5V12h6V3z"></path></svg>
+                    <span style="line-height: 16px;vertical-align: top;">'.$head['name'].'</span>-->
+                    <div class="markdown-body" id="head">
+                        <textarea id="head-md" style="display:none;">' . curl_request(fetch_files(spurlencode(path_format($path . '/' .$head['name']),'/'))['@microsoft.graph.downloadUrl'])['body'] . '
+                        </textarea>
+                    </div>
+                </div>
+';
+                }
+                if ($readme) {
+                    echo '
+            </div>
+        </div>
+    </div>
+    <div class="list-wrapper onemoe-readme">
+        <div class="list-container">
+            <div class="list-header-container">
+                <div class="readme">
+                    <!--<svg class="octicon octicon-book" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path fill-rule="evenodd" d="M3 5h4v1H3V5zm0 3h4V7H3v1zm0 2h4V9H3v1zm11-5h-4v1h4V5zm0 2h-4v1h4V7zm0 2h-4v1h4V9zm2-6v9c0 .55-.45 1-1 1H9.5l-1 1-1-1H2c-.55 0-1-.45-1-1V3c0-.55.45-1 1-1h5.5l1 1 1-1H15c.55 0 1 .45 1 1zm-8 .5L7.5 3H2v9h6V3.5zm7-.5H9.5l-.5.5V12h6V3z"></path></svg>
+                    <span style="line-height: 16px;vertical-align: top;">'.$readme['name'].'</span>-->
+                    <div class="markdown-body" id="readme">
+                        <textarea id="readme-md" style="display:none;">' . curl_request(fetch_files(spurlencode(path_format($path . '/' .$readme['name']),'/'))['@microsoft.graph.downloadUrl'])['body'] . '
+                        </textarea>
+                    </div>
+                </div>
+';
+                }
+            }
+        } else {
+            echo '
+                <div style="padding:20px">
+	            <center>
+	                <form action="" method="post">
+		            <input name="password1" type="password" placeholder="'.getconstStr('InputPassword').'">
+		            <input type="submit" value="'.getconstStr('Submit').'">
+	                </form>
+                </center>
+                </div>';
+            $statusCode = 401;
+        }
+    } ?>
+            </div>
+        </div>
+    </div>
+<?php } ?>
+    <div id="mask" class="mask" style="display:none;"></div>
+<?php
+    if ($_SERVER['admin']) {
+        if (!$_GET['preview']) { ?>
+    <div style="word-break: break-all;word-wrap: break-word;">
+        <div id="rename_div" class="operatediv" style="display:none">
+            <div>
+                <label id="rename_label"></label><br><br><a onclick="operatediv_close('rename')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="rename_form" onsubmit="return submit_operate('rename');">
+                <input id="rename_sid" name="rename_sid" type="hidden" value="">
+                <input id="rename_hidden" name="rename_oldname" type="hidden" value="">
+                <input id="rename_input" name="rename_newname" type="text" value="">
+                <input name="operate_action" type="submit" value="<?php echo getconstStr('Rename'); ?>">
+                </form>
+            </div>
+        </div>
+        <div id="delete_div" class="operatediv" style="display:none">
+            <div>
+                <br><a onclick="operatediv_close('delete')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <label id="delete_label"></label>
+                <form id="delete_form" onsubmit="return submit_operate('delete');">
+                <label id="delete_input"><?php echo getconstStr('Delete'); ?>?</label>
+                <input id="delete_sid" name="delete_sid" type="hidden" value="">
+                <input id="delete_hidden" name="delete_name" type="hidden" value="">
+                <input name="operate_action" type="submit" value="<?php echo getconstStr('Submit'); ?>">
+                </form>
+            </div>
+        </div>
+        <div id="encrypt_div" class="operatediv" style="display:none">
+            <div>
+                <label id="encrypt_label"></label><br><br><a onclick="operatediv_close('encrypt')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="encrypt_form" onsubmit="return submit_operate('encrypt');">
+                <input id="encrypt_sid" name="encrypt_sid" type="hidden" value="">
+                <input id="encrypt_hidden" name="encrypt_folder" type="hidden" value="">
+                <input id="encrypt_input" name="encrypt_newpass" type="text" value="" placeholder="<?php echo getconstStr('InputPasswordUWant'); ?>">
+                <?php if (getConfig('passfile')!='') {?><input name="operate_action" type="submit" value="<?php echo getconstStr('encrypt'); ?>"><?php } else { ?><br><label><?php echo getconstStr('SetpassfileBfEncrypt'); ?></label><?php } ?>
+                </form>
+            </div>
+        </div>
+        <div id="copy_div" class="operatediv" style="display:none">
+            <div>
+                <label id="copy_label"></label><br><br><a onclick="operatediv_close('copy')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="copy_form" onsubmit="return submit_operate('copy');">
+                <input id="copy_sid" name="copy_sid" type="hidden" value="">
+                <input id="copy_hidden" name="copy_name" type="hidden" value="">
+                <input id="copy_input" name="copy_input" type="hidden" value="">
+                <input name="operate_action" type="submit" value="<?php echo getconstStr('Copy'); ?>">
+                </form>
+            </div>
+        </div>
+        <div id="move_div" class="operatediv" style="display:none">
+            <div>
+                <label id="move_label"></label><br><br><a onclick="operatediv_close('move')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="move_form" onsubmit="return submit_operate('move');">
+                <input id="move_sid" name="move_sid" type="hidden" value="">
+                <input id="move_hidden" name="move_name" type="hidden" value="">
+                <select id="move_input" name="move_folder">
+<?php   if ($path != '/') { ?>
+                    <option value="/../"><?php echo getconstStr('ParentDir'); ?></option>
+<?php   }
+        if (isset($files['children'])) foreach ($files['children'] as $file) {
+            if (isset($file['folder'])) { ?>
+                    <option value="<?php echo str_replace('&','&amp;', $file['name']);?>"><?php echo str_replace('&','&amp;', $file['name']);?></option>
+<?php       }
+        } ?>
+                </select>
+                <input name="operate_action" type="submit" value="<?php echo getconstStr('Move'); ?>">
+                </form>
+            </div>
+        </div>
+        <div id="create_div" class="operatediv" style="display:none">
+            <div>
+                <a onclick="operatediv_close('create')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="create_form" onsubmit="return submit_operate('create');">
+                    <input id="create_sid" name="create_sid" type="hidden" value="">
+                    <input id="create_hidden" type="hidden" value="">
+                    <table>
+                        <tr>
+                            <td></td>
+                            <td><label id="create_label"></label></td>
+                        </tr>
+                        <tr>
+                            <td>　　　</td>
+                            <td>
+                                <label><input id="create_type_folder" name="create_type" type="radio" value="folder" onclick="document.getElementById('create_text_div').style.display='none';"><?php echo getconstStr('Folder'); ?></label>
+                                <label><input id="create_type_file" name="create_type" type="radio" value="file" onclick="document.getElementById('create_text_div').style.display='';" checked><?php echo getconstStr('File'); ?></label>
+                            <td>
+                        </tr>
+                        <tr>
+                            <td><?php echo getconstStr('Name'); ?>：</td>
+                            <td><input id="create_input" name="create_name" type="text" value=""></td>
+                        </tr>
+                        <tr id="create_text_div">
+                            <td><?php echo getconstStr('Content'); ?>：</td>
+                            <td><textarea id="create_text" name="create_text" rows="6" cols="40"></textarea></td>
+                        </tr>
+                        <tr>
+                            <td>　　　</td>
+                            <td><input name="operate_action" type="submit" value="<?php echo getconstStr('Create'); ?>"></td>
+                        </tr>
+                    </table>
+                </form>
+            </div>
+        </div>
+    </div>
+<?php   }
+    } else {
+        if (getConfig('admin')!='') if (getConfig('adminloginpage')=='') { ?>
+    <div id="login_div" class="operatediv" style="display:none">
+        <div style="margin:50px">
+            <a onclick="operatediv_close('login')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+	        <center>
+	            <form action="<?php echo $_GET['preview']?'?preview&':'?';?>admin" method="post">
+		        <input id="login_input" name="password1" type="password" placeholder="<?php echo getconstStr('InputPassword'); ?>">
+		        <input type="submit" value="<?php echo getconstStr('Login'); ?>">
+	            </form>
+            </center>
+        </div>
+	</div>
+<?php   }
+    } ?>
+    <div style="color: rgba(247,247,249,0);"><?php echo date("Y-m-d H:i:s")." ".getconstStr('Week')[date("w")]." ".$_SERVER['REMOTE_ADDR'];?></div>
+</body>
+<?php if ($files) { ?>
+<?php if ($head||$readme) { ?><link rel="stylesheet" href="//unpkg.zhimg.com/github-markdown-css@3.0.1/github-markdown.css">
+<script type="text/javascript" src="//unpkg.zhimg.com/marked@0.6.2/marked.min.js"></script><?php } ?>
+<?php if (isset($files['folder']) && $_SERVER['is_guestup_path'] && !$_SERVER['admin']) { ?><script type="text/javascript" src="//cdn.bootcss.com/spark-md5/3.0.0/spark-md5.min.js"></script><?php } ?>
+<?php if ($pdfurl!='') { ?><script src="//cdn.bootcss.com/pdf.js/2.3.200/pdf.min.js"></script><?php } ?>
+<?php } ?>
+<script type="text/javascript">
+<?php if ($files) { ?>
+    var root = '<?php echo $_SERVER["base_disk_path"]; ?>';
+    function path_format(path) {
+        path = '/' + path + '/';
+        while (path.indexOf('//') !== -1) {
+            path = path.replace('//', '/')
+        }
+        return path
+    }
+    document.querySelectorAll('.table-header').forEach(function (e) {
+        var path = e.innerText;
+        var paths = path.split('/');
+        if (paths <= 2) return;
+        e.innerHTML = '/ ';
+        for (var i = 1; i < paths.length - 1; i++) {
+            var to = path_format(root + paths.slice(0, i + 1).join('/'));
+            e.innerHTML += '<a href="' + to + '">' + paths[i] + '</a> / '
+        }
+        e.innerHTML += paths[paths.length - 1];
+        e.innerHTML = e.innerHTML.replace(/\s\/\s$/, '')
+    });
+    
+    function changelanguage(str)
+    {
+        if (str=='Language') str = '';
+        document.cookie='language='+str+'; path=/';
+        location.href = location.href;
+    }
+    var $head = document.getElementById('head');
+    if ($head) {
+        document.getElementById('head-div').parentNode.insertBefore(document.getElementById('head-div'),document.getElementById('list-div'));
+        $head.innerHTML = marked(document.getElementById('head-md').innerText);
+        
+    }
+    var $readme = document.getElementById('readme');
+    if ($readme) {
+        $readme.innerHTML = marked(document.getElementById('readme-md').innerText);
+    }
+<?php
+    if ($_GET['preview']) { //is preview mode. 在预览时处理 ?>
+    var $url = document.getElementById('url');
+    if ($url) {
+        $url.innerHTML = location.protocol + '//' + location.host + $url.innerHTML;
+        $url.style.height = $url.scrollHeight + 'px';
+    }
+    var $officearea=document.getElementById('office-a');
+    if ($officearea) {
+        $officearea.style.height = window.innerHeight + 'px';
+    }
+    var $textarea=document.getElementById('txt-a');
+    if ($textarea) {
+        $textarea.style.height = $textarea.scrollHeight + 'px';
+    }
+<?php   if (!!$DPvideo) { ?>
+    function loadResources(type, src, callback) {
+        let script = document.createElement(type);
+        let loaded = false;
+        if (typeof callback === 'function') {
+            script.onload = script.onreadystatechange = () => {
+                if (!loaded && (!script.readyState || /loaded|complete/.test(script.readyState))) {
+                    script.onload = script.onreadystatechange = null;
+                    loaded = true;
+                    callback();
+                }
+            }
+        }
+        if (type === 'link') {
+            script.href = src;
+            script.rel = 'stylesheet';
+        } else {
+            script.src = src;
+        }
+        document.getElementsByTagName('head')[0].appendChild(script);
+    }
+    function addVideos(videos) {
+        let host = 'https://s0.pstatp.com/cdn/expire-1-M';
+        let unloadedResourceCount = 4;
+        let callback = (() => {
+            return () => {
+                if (!--unloadedResourceCount) {
+                    createDplayers(videos);
+                }
+            };
+        })(unloadedResourceCount, videos);
+        loadResources(
+            'link',
+            host + '/dplayer/1.25.0/DPlayer.min.css',
+            callback
+        );
+        loadResources(
+            'script',
+            host + '/dplayer/1.25.0/DPlayer.min.js',
+            callback
+        );
+        loadResources(
+            'script',
+            host + '/hls.js/0.12.4/hls.light.min.js',
+            callback
+        );
+        loadResources(
+            'script',
+            host + '/flv.js/1.5.0/flv.min.js',
+            callback
+        );
+    }
+    function createDplayers(videos) {
+        for (i = 0; i < videos.length; i++) {
+            console.log(videos[i]);
+            new DPlayer({
+                container: document.getElementById('video-a' + i),
+                screenshot: true,
+                video: {
+                    url: videos[i]
+                }
+            });
+        }
+    }
+    addVideos(['<?php echo $DPvideo;?>']);
+<?php   }
+        if ($pdfurl!='') { ?>
+    pdfjsLib.GlobalWorkerOptions.workerSrc = '//cdn.bootcss.com/pdf.js/2.3.200/pdf.worker.min.js';
+    var loadingTask = pdfjsLib.getDocument({ url: '<?php echo $pdfurl;?>', });
+    loadingTask.promise.then(function(pdf) {
+        var pagenum =  pdf.numPages;
+        var pdfContainer = document.getElementById('pdf-d');
+        for (var i=1;i<=pagenum;i++) {
+            var canvasNew = document.createElement('canvas');
+            canvasNew.id = 'pdf-c'+i;
+            pdfContainer.appendChild(canvasNew);
+            renderpage(pdf,i);
+        }
+    });
+    function renderpage(pdf,i)
+    {
+        pdf.getPage(i).then(function(page) { 
+            var scale = 1.5;
+            var viewport = page.getViewport({ scale: scale, });
+            var canvas = document.getElementById('pdf-c'+i);
+            var context = canvas.getContext("2d");
+            canvas.height = viewport.height;
+            canvas.width = viewport.width;
+            var renderContext = {
+                canvasContext: context,
+                viewport: viewport,
+            };
+            page.render(renderContext);
+        });
+    }
+<?php   }
+    } else { // view folder. 不预览，即浏览目录时?>
+    function showthumbnails(obj) {
+        var files=document.getElementsByName('filelist');
+        for ($i=0;$i<files.length;$i++) {
+            str=files[$i].innerText;
+            if (str.substr(-1)==' ') str=str.substr(0,str.length-1);
+            if (!str) return;
+            strarry=str.split('.');
+            ext=strarry[strarry.length-1].toLowerCase();
+            images = [<?php foreach ($exts['img'] as $imgext) echo '\''.$imgext.'\', '; ?>];
+            if (images.indexOf(ext)>-1) get_thumbnails_url(str, files[$i]);
+        }
+        obj.disabled='disabled';
+    }
+    function get_thumbnails_url(str, filea) {
+        if (!str) return;
+        var nurl=window.location.href;
+        if (nurl.substr(-1)!="/") nurl+="/";
+        var xhr = new XMLHttpRequest();
+        xhr.open("GET", nurl+str+'?thumbnails', true);
+                //xhr.setRequestHeader('x-requested-with','XMLHttpRequest');
+        xhr.send('');
+        xhr.onload = function(e){
+            if (xhr.status==200) {
+                if (xhr.responseText!='') filea.innerHTML='<img src="'+xhr.responseText+'" alt="'+str+'">';
+            } else console.log(xhr.status+'\n'+xhr.responseText);
+        }
+    }
+    function CopyAllDownloadUrl() {
+        var tmptextarea=document.createElement('textarea');
+        document.body.appendChild(tmptextarea);
+        tmptextarea.setAttribute('style','position:absolute;left:-100px;width:0px;height:0px;');
+        document.querySelectorAll('.download').forEach(function (e) {
+            tmptextarea.innerHTML+=e.href+"\r\n";
+        });
+        tmptextarea.select();
+        tmptextarea.setSelectionRange(0, tmptextarea.value.length);
+        document.execCommand("copy");
+        alert(tmptextarea.innerHTML);
+    }
+    var sort=0;
+    function sortby(string) {
+        if (string=='a') if (sort!=0) {
+            for (i = 1; i <= <?php echo $filenum?$filenum:0;?>; i++) document.getElementById('tr'+i).parentNode.insertBefore(document.getElementById('tr'+i),document.getElementById('tr'+(i-1)).nextSibling);
+            sort=0;
+            return;
+        } else return;
+        sort1=sort;
+        sortby('a');
+        sort=sort1;
+        var a=[];
+        for (i = 1; i <= <?php echo $filenum?$filenum:0;?>; i++) {
+            a[i]=i;
+            if (!!document.getElementById('folder_'+string+i)) {
+                var td1=document.getElementById('folder_'+string+i);
+                for (j = 1; j < i; j++) {
+                    if (!!document.getElementById('folder_'+string+a[j])) {
+                        var c=false;
+                        if (string=='time') if (sort==-1) {
+                            c=(td1.innerText < document.getElementById('folder_'+string+a[j]).innerText);
+                        } else {
+                            c=(td1.innerText > document.getElementById('folder_'+string+a[j]).innerText);
+                        }
+                        if (string=='size') if (sort==2) {
+                            c=(size_reformat(td1.innerText) < size_reformat(document.getElementById('folder_'+string+a[j]).innerText));
+                        } else {
+                            c=(size_reformat(td1.innerText) > size_reformat(document.getElementById('folder_'+string+a[j]).innerText));
+                        }
+                        if (c) {
+                            document.getElementById('tr'+i).parentNode.insertBefore(document.getElementById('tr'+i),document.getElementById('tr'+a[j]));
+                            for (k = i; k > j; k--) {
+                                a[k]=a[k-1];
+                            }
+                            a[j]=i;
+                            break;
+                        }
+                    }
+                }
+            }
+            if (!!document.getElementById('file_'+string+i)) {
+                var td1=document.getElementById('file_'+string+i);
+                for (j = 1; j < i; j++) {
+                    if (!!document.getElementById('file_'+string+a[j])) {
+                        var c=false;
+                        if (string=='time') if (sort==-1) {
+                            c=(td1.innerText < document.getElementById('file_'+string+a[j]).innerText);
+                        } else {
+                            c=(td1.innerText > document.getElementById('file_'+string+a[j]).innerText);
+                        }
+                        if (string=='size') if (sort==2) {
+                            c=(size_reformat(td1.innerText) < size_reformat(document.getElementById('file_'+string+a[j]).innerText));
+                        } else {
+                            c=(size_reformat(td1.innerText) > size_reformat(document.getElementById('file_'+string+a[j]).innerText));
+                        }
+                        if (c) {
+                            document.getElementById('tr'+i).parentNode.insertBefore(document.getElementById('tr'+i),document.getElementById('tr'+a[j]));
+                            for (k = i; k > j; k--) {
+                                a[k]=a[k-1];
+                            }
+                            a[j]=i;
+                            break;
+                        }
+                    }
+                }
+            }
+        }
+        if (string=='time') if (sort==-1) {
+            sort=1;
+        } else {
+            sort=-1;
+        }
+        if (string=='size') if (sort==2) {
+            sort=-2;
+        } else {
+            sort=2;
+        }
+    }
+    function size_reformat(str) {
+        if (str.substr(-1)==' ') str=str.substr(0,str.length-1);
+        if (str.substr(-2)=='GB') num=str.substr(0,str.length-3)*1024*1024*1024;
+        if (str.substr(-2)=='MB') num=str.substr(0,str.length-3)*1024*1024;
+        if (str.substr(-2)=='KB') num=str.substr(0,str.length-3)*1024;
+        if (str.substr(-2)==' B') num=str.substr(0,str.length-2);
+        return num;
+    }
+<?php
+    }
+    if ($_COOKIE['timezone']=='') { // cookie timezone. 无时区写时区 ?>
+    var nowtime= new Date();
+    var timezone = 0-nowtime.getTimezoneOffset()/60;
+    var expd = new Date();
+    expd.setTime(expd.getTime()+(2*60*60*1000));
+    var expires = "expires="+expd.toGMTString();
+    document.cookie="timezone="+timezone+"; path=/; "+expires;
+    if (timezone!='8') {
+        alert('Your timezone is '+timezone+', reload local timezone.');
+        location.href=location.protocol + "//" + location.host + "<?php echo path_format($_SERVER['base_path'] . '/' . $path );?>" ;
+    }
+<?php }
+    if ($files['folder']['childCount']>200) { // more than 200. 有下一页 ?>
+    function nextpage(num) {
+        document.getElementById('pagenum').value=num;
+        document.getElementById('nextpageform').submit();
+    }
+<?php }
+    if (isset($files['folder']) && ($_SERVER['is_guestup_path'] || $_SERVER['admin'])) { // is folder and is admin or guest upload path. 当前是admin登录或图床目录时 ?>
+    function uploadbuttonhide() {
+        document.getElementById('upload_submit').disabled='disabled';
+        document.getElementById('upload_file').disabled='disabled';
+        document.getElementById('upload_submit').style.display='none';
+        document.getElementById('upload_file').style.display='none';
+    }
+    function uploadbuttonshow() {
+        document.getElementById('upload_file').disabled='';
+        document.getElementById('upload_submit').disabled='';
+        document.getElementById('upload_submit').style.display='';
+        document.getElementById('upload_file').style.display='';
+    }
+    function preup() {
+        uploadbuttonhide();
+        var files=document.getElementById('upload_file').files;
+	if (files.length<1) {
+            uploadbuttonshow();
+            return;
+        };
+        var table1=document.createElement('table');
+        document.getElementById('upload_div').appendChild(table1);
+        table1.setAttribute('class','list-table');
+        var timea=new Date().getTime();
+        var i=0;
+        getuplink(i);
+        function getuplink(i) {
+            var file=files[i];
+            var tr1=document.createElement('tr');
+            table1.appendChild(tr1);
+            tr1.setAttribute('data-to',1);
+            var td1=document.createElement('td');
+            tr1.appendChild(td1);
+            td1.setAttribute('style','width:30%');
+            td1.setAttribute('id','upfile_td1_'+timea+'_'+i);
+            td1.innerHTML=file.name+'<br>'+size_format(file.size);
+            var td2=document.createElement('td');
+            tr1.appendChild(td2);
+            td2.setAttribute('id','upfile_td2_'+timea+'_'+i);
+            td2.innerHTML='<?php echo getconstStr('GetUploadLink'); ?> ...';
+            if (file.size>100*1024*1024*1024) {
+                td2.innerHTML='<font color="red"><?php echo getconstStr('UpFileTooLarge'); ?></font>';
+                uploadbuttonshow();
+                return;
+            }
+            var xhr1 = new XMLHttpRequest();
+            xhr1.open("GET", '?action=upbigfile&upbigfilename='+ encodeURIComponent(file.name) +'&filesize='+ file.size +'&lastModified='+ file.lastModified);
+            xhr1.setRequestHeader('x-requested-with','XMLHttpRequest');
+            xhr1.send(null);
+            xhr1.onload = function(e){
+                td2.innerHTML='<font color="red">'+xhr1.responseText+'</font>';
+                if (xhr1.status==200) {
+                    console.log(xhr1.responseText);
+                    var html=JSON.parse(xhr1.responseText);
+                    if (!html['uploadUrl']) {
+                        td2.innerHTML='<font color="red">'+xhr1.responseText+'</font><br>';
+                        uploadbuttonshow();
+                    } else {
+                        td2.innerHTML='<?php echo getconstStr('UploadStart'); ?> ...';
+                        binupfile(file,html['uploadUrl'],timea+'_'+i);
+                    }
+                }
+                if (i<files.length-1) {
+                    i++;
+                    getuplink(i);
+                }
+            }
+        }
+    }
+    function size_format(num) {
+        if (num>1024) {
+            num=num/1024;
+        } else {
+            return num.toFixed(2) + ' B';
+        }
+        if (num>1024) {
+            num=num/1024;
+        } else {
+            return num.toFixed(2) + ' KB';
+        }
+        if (num>1024) {
+            num=num/1024;
+        } else {
+            return num.toFixed(2) + ' MB';
+        }
+        return num.toFixed(2) + ' GB';
+    }
+    function binupfile(file,url,tdnum){
+        var label=document.getElementById('upfile_td2_'+tdnum);
+        var reader = new FileReader();
+        var StartStr='';
+        var MiddleStr='';
+        var StartTime;
+        var EndTime;
+        var newstartsize = 0;
+        if(!!file){
+            var asize=0;
+            var totalsize=file.size;
+            var xhr2 = new XMLHttpRequest();
+            xhr2.open("GET", url);
+                    //xhr2.setRequestHeader('x-requested-with','XMLHttpRequest');
+            xhr2.send(null);
+            xhr2.onload = function(e){
+                if (xhr2.status==200) {
+                    var html = JSON.parse(xhr2.responseText);
+                    var a = html['nextExpectedRanges'][0];
+                    newstartsize = Number( a.slice(0,a.indexOf("-")) );
+                    StartTime = new Date();
+<?php if ($_SERVER['admin']) { ?>
+                    asize = newstartsize;
+<?php } ?>
+                    if (newstartsize==0) {
+                        StartStr='<?php echo getconstStr('UploadStartAt'); ?>:' +StartTime.toLocaleString()+'<br>' ;
+                    } else {
+                        StartStr='<?php echo getconstStr('LastUpload'); ?>'+size_format(newstartsize)+ '<br><?php echo getconstStr('ThisTime').getconstStr('UploadStartAt'); ?>:' +StartTime.toLocaleString()+'<br>' ;
+                    }
+                    var chunksize=5*1024*1024; // chunk size, max 60M. 每小块上传大小，最大60M，微软建议10M
+                    if (totalsize>200*1024*1024) chunksize=10*1024*1024;
+                    function readblob(start) {
+                        var end=start+chunksize;
+                        var blob = file.slice(start,end);
+                        reader.readAsArrayBuffer(blob);
+                    }
+                    readblob(asize);
+<?php if (!$_SERVER['admin']) { ?>
+                    var spark = new SparkMD5.ArrayBuffer();
+<?php } ?>
+                    reader.onload = function(e){
+                        var binary = this.result;
+<?php if (!$_SERVER['admin']) { ?>
+                        spark.append(binary);
+                        if (asize < newstartsize) {
+                            asize += chunksize;
+                            readblob(asize);
+                            return;
+                        }
+<?php } ?>
+                        var xhr = new XMLHttpRequest();
+                        xhr.open("PUT", url, true);
+                        //xhr.setRequestHeader('x-requested-with','XMLHttpRequest');
+                        bsize=asize+e.loaded-1;
+                        xhr.setRequestHeader('Content-Range', 'bytes ' + asize + '-' + bsize +'/'+ totalsize);
+                        xhr.upload.onprogress = function(e){
+                            if (e.lengthComputable) {
+                                var tmptime = new Date();
+                                var tmpspeed = e.loaded*1000/(tmptime.getTime()-C_starttime.getTime());
+                                var remaintime = (totalsize-asize-e.loaded)/tmpspeed;
+                                label.innerHTML=StartStr+'<?php echo getconstStr('Upload'); ?> ' +size_format(asize+e.loaded)+ ' / '+size_format(totalsize) + ' = ' + ((asize+e.loaded)*100/totalsize).toFixed(2) + '% <?php echo getconstStr('AverageSpeed'); ?>:'+size_format((asize+e.loaded-newstartsize)*1000/(tmptime.getTime()-StartTime.getTime()))+'/s<br><?php echo getconstStr('CurrentSpeed'); ?> '+size_format(tmpspeed)+'/s <?php echo getconstStr('Expect'); ?> '+remaintime.toFixed(1)+'s';
+                            }
+                        }
+                        var C_starttime = new Date();
+                        xhr.onload = function(e){
+                            if (xhr.status<500) {
+                            var response=JSON.parse(xhr.responseText);
+                            if (response['size']>0) {
+                                // contain size, upload finish. 有size说明是最终返回，上传结束
+                                var xhr3 = new XMLHttpRequest();
+                                xhr3.open("GET", '?action=del_upload_cache&filename=.'+file.lastModified+ '_' +file.size+ '_' +encodeURIComponent(file.name)+'.tmp');
+                                xhr3.setRequestHeader('x-requested-with','XMLHttpRequest');
+                                xhr3.send(null);
+                                xhr3.onload = function(e){
+                                    console.log(xhr3.responseText+','+xhr3.status);
+                                }
+<?php if (!$_SERVER['admin']) { ?>
+                                var filemd5 = spark.end();
+                                var xhr4 = new XMLHttpRequest();
+                                xhr4.open("GET", '?action=uploaded_rename&filename='+encodeURIComponent(file.name)+'&filemd5='+filemd5);
+                                xhr4.setRequestHeader('x-requested-with','XMLHttpRequest');
+                                xhr4.send(null);
+                                xhr4.onload = function(e){
+                                    console.log(xhr4.responseText+','+xhr4.status);
+                                    var filename;
+                                    if (xhr4.status==200) filename = JSON.parse(xhr4.responseText)['name'];
+                                    if (xhr4.status==409) filename = filemd5 + file.name.substr(file.name.indexOf('.'));
+                                    if (filename=='') {
+                                        alert('<?php echo getconstStr('UploadErrorUpAgain'); ?>');
+                                        uploadbuttonshow();
+                                        return;
+                                    }
+                                    var lasturl = location.href;
+                                    if (lasturl.substr(lasturl.length-1)!='/') lasturl += '/';
+                                    lasturl += filename + '?preview';
+                                    //alert(lasturl);
+                                    window.open(lasturl);
+                                }
+<?php } ?>
+                                EndTime=new Date();
+                                MiddleStr = '<?php echo getconstStr('EndAt'); ?>:'+EndTime.toLocaleString()+'<br>';
+                                if (newstartsize==0) {
+                                    MiddleStr += '<?php echo getconstStr('AverageSpeed'); ?>:'+size_format(totalsize*1000/(EndTime.getTime()-StartTime.getTime()))+'/s<br>';
+                                } else {
+                                    MiddleStr += '<?php echo getconstStr('ThisTime').getconstStr('AverageSpeed'); ?>:'+size_format((totalsize-newstartsize)*1000/(EndTime.getTime()-StartTime.getTime()))+'/s<br>';
+                                }
+                                document.getElementById('upfile_td1_'+tdnum).innerHTML='<font color="green"><?php if (!$_SERVER['admin']) { ?>'+filemd5+'<br><?php } ?>'+document.getElementById('upfile_td1_'+tdnum).innerHTML+'<br><?php echo getconstStr('UploadComplete'); ?></font>';
+                                label.innerHTML=StartStr+MiddleStr;
+                                uploadbuttonshow();
+<?php if ($_SERVER['admin']) { ?>
+                                addelement(response);
+<?php } ?>
+                            } else {
+                                if (!response['nextExpectedRanges']) {
+                                    label.innerHTML='<font color="red">'+xhr.responseText+'</font><br>';
+                                } else {
+                                    var a=response['nextExpectedRanges'][0];
+                                    asize=Number( a.slice(0,a.indexOf("-")) );
+                                    readblob(asize);
+                                }
+                            } } else readblob(asize);
+                        }
+                        xhr.send(binary);
+                    }
+                } else {
+                    if (window.location.pathname.indexOf('%23')>0||file.name.indexOf('%23')>0) {
+                        label.innerHTML='<font color="red"><?php echo getconstStr('UploadFail23'); ?></font>';
+                    } else {
+                        label.innerHTML='<font color="red">'+xhr2.responseText+'</font>';
+                    }
+                    uploadbuttonshow();
+                }
+            }
+        }
+    }
+<?php }
+}
+    if (getConfig('admin')!='') { // close div. 有登录或操作，需要关闭DIV时 ?>
+    function operatediv_close(operate) {
+        document.getElementById(operate+'_div').style.display='none';
+        document.getElementById('mask').style.display='none';
+    }
+<?php }
+    if ($_SERVER['admin']) { // admin login. 管理登录后 ?>
+    function logout() {
+        document.cookie = "admin=; path=/";
+        location.href = location.href;
+    }
+<?php   if (!$_GET['preview']) {?>
+    function showdiv(event,action,num) {
+        var $operatediv=document.getElementsByName('operatediv');
+        for ($i=0;$i<$operatediv.length;$i++) {
+            $operatediv[$i].style.display='none';
+        }
+        document.getElementById('mask').style.display='';
+        //document.getElementById('mask').style.width=document.documentElement.scrollWidth+'px';
+        document.getElementById('mask').style.height=document.documentElement.scrollHeight<window.innerHeight?window.innerHeight:document.documentElement.scrollHeight+'px';
+        if (num=='') {
+            var str='';
+        } else {
+            var str=document.getElementById('file_a'+num).innerText;
+            if (str=='') {
+                str=document.getElementById('file_a'+num).getElementsByTagName("img")[0].alt;
+                if (str=='') {
+                    alert('<?php echo getconstStr('GetFileNameFail'); ?>');
+                    operatediv_close(action);
+                    return;
+                }
+            }
+            if (str.substr(-1)==' ') str=str.substr(0,str.length-1);
+        }
+        document.getElementById(action + '_div').style.display='';
+        document.getElementById(action + '_label').innerText=str;//.replace(/&/,'&amp;');
+        document.getElementById(action + '_sid').value=num;
+        document.getElementById(action + '_hidden').value=str;
+        if (action=='rename') document.getElementById(action + '_input').value=str;
+        var $e = event || window.event;
+        var $scrollX = document.documentElement.scrollLeft || document.body.scrollLeft;
+        var $scrollY = document.documentElement.scrollTop || document.body.scrollTop;
+        var $x = $e.pageX || $e.clientX + $scrollX;
+        var $y = $e.pageY || $e.clientY + $scrollY;
+        if (action=='create') {
+            document.getElementById(action + '_div').style.left=(document.body.clientWidth-document.getElementById(action + '_div').offsetWidth)/2 +'px';
+            document.getElementById(action + '_div').style.top=(window.innerHeight-document.getElementById(action + '_div').offsetHeight)/2+$scrollY +'px';
+        } else {
+            if ($x + document.getElementById(action + '_div').offsetWidth > document.body.clientWidth) {
+                if (document.getElementById(action + '_div').offsetWidth > document.body.clientWidth) {
+                    document.getElementById(action + '_div').offsetWidth=document.body.clientWidth+'px';
+                    document.getElementById(action + '_div').style.left='0px';
+                } else {
+                    document.getElementById(action + '_div').style.left=document.body.clientWidth-document.getElementById(action + '_div').offsetWidth+'px';
+                }
+            } else {
+                document.getElementById(action + '_div').style.left=$x+'px';
+            }
+            document.getElementById(action + '_div').style.top=$y+'px';
+        }
+        document.getElementById(action + '_input').focus();
+    }
+    function submit_operate(str) {
+        var num=document.getElementById(str+'_sid').value;
+        var xhr = new XMLHttpRequest();
+        xhr.open("GET", '?'+serializeForm(str+'_form'));
+        xhr.setRequestHeader('x-requested-with','XMLHttpRequest');
+        xhr.send(null);
+        xhr.onload = function(e){
+            var html;
+            if (xhr.status<300) {
+                console.log(xhr.status+','+xhr.responseText);
+                if (str=='rename') {
+                    html=JSON.parse(xhr.responseText);
+                    var file_a = document.getElementById('file_a'+num);
+                    file_a.innerText=html.name;
+                    file_a.href = (file_a.href.substr(-8)=='?preview')?(html.name.replace(/#/,'%23')+'?preview'):(html.name.replace(/#/,'%23')+'/');
+                }
+                if (str=='move'||str=='delete') document.getElementById('tr'+num).parentNode.removeChild(document.getElementById('tr'+num));
+                if (str=='create') {
+                    html=JSON.parse(xhr.responseText);
+                    addelement(html);
+                }
+            } else alert(xhr.status+'\n'+xhr.responseText);
+            document.getElementById(str+'_div').style.display='none';
+            document.getElementById('mask').style.display='none';
+        }
+        return false;
+    }
+    function addelement(html) {
+        var tr1=document.createElement('tr');
+        tr1.setAttribute('data-to',1);
+        var td1=document.createElement('td');
+        td1.setAttribute('class','file');
+        var a1=document.createElement('a');
+        a1.href='<?php echo $_SERVER['base_disk_path'];?>'+html.name.replace(/#/,'%23');
+        a1.innerText=html.name;
+        a1.target='_blank';
+        var td2=document.createElement('td');
+        td2.setAttribute('class','updated_at');
+        td2.innerText=html.lastModifiedDateTime.replace(/T/,' ').replace(/Z/,'');
+        var td3=document.createElement('td');
+        td3.setAttribute('class','size');
+        td3.innerText=size_format(html.size);
+        if (!!html.folder) {
+            a1.href+='/';
+            document.getElementById('tr0').parentNode.insertBefore(tr1,document.getElementById('tr0').nextSibling);
+        }
+        if (!!html.file) {
+            a1.href+='?preview';
+            a1.name='filelist';
+            document.getElementById('tr0').parentNode.appendChild(tr1);
+        }
+        tr1.appendChild(td1);
+        td1.appendChild(a1);
+        tr1.appendChild(td2);
+        tr1.appendChild(td3);
+    }
+    function getElements(formId) {
+        var form = document.getElementById(formId);
+        var elements = new Array();
+        var tagElements = form.getElementsByTagName('input');
+        for (var j = 0; j < tagElements.length; j++){
+            elements.push(tagElements[j]);
+        }
+        var tagElements = form.getElementsByTagName('select');
+        for (var j = 0; j < tagElements.length; j++){
+            elements.push(tagElements[j]);
+        }
+        var tagElements = form.getElementsByTagName('textarea');
+        for (var j = 0; j < tagElements.length; j++){
+            elements.push(tagElements[j]);
+        }
+        return elements;
+    }
+    function serializeElement(element) {
+        var method = element.tagName.toLowerCase();
+        var parameter;
+        if (method == 'select') {
+            parameter = [element.name, element.value];
+        }
+        switch (element.type.toLowerCase()) {
+            case 'submit':
+            case 'hidden':
+            case 'password':
+            case 'text':
+            case 'date':
+            case 'textarea':
+                parameter = [element.name, element.value];
+                break;
+            case 'checkbox':
+            case 'radio':
+                if (element.checked){
+                    parameter = [element.name, element.value];
+                }
+                break;
+        }
+        if (parameter) {
+            var key = encodeURIComponent(parameter[0]);
+            if (key.length == 0) return;
+            if (parameter[1].constructor != Array) parameter[1] = [parameter[1]];
+            var values = parameter[1];
+            var results = [];
+            for (var i = 0; i < values.length; i++) {
+                results.push(key + '=' + encodeURIComponent(values[i]));
+            }
+            return results.join('&');
+        }
+    }
+    function serializeForm(formId) {
+        var elements = getElements(formId);
+        var queryComponents = new Array();
+        for (var i = 0; i < elements.length; i++) {
+            var queryComponent = serializeElement(elements[i]);
+            if (queryComponent) {
+                queryComponents.push(queryComponent);
+            }
+        }
+        return queryComponents.join('&');
+    }
+<?php   }
+    } else if (getConfig('admin')!='') if (getConfig('adminloginpage')=='') { ?>
+    function login() {
+        document.getElementById('mask').style.display='';
+            //document.getElementById('mask').style.width=document.documentElement.scrollWidth+'px';
+        document.getElementById('mask').style.height=document.documentElement.scrollHeight<window.innerHeight?window.innerHeight:document.documentElement.scrollHeight+'px';
+        document.getElementById('login_div').style.display='';
+        document.getElementById('login_div').style.left=(document.body.clientWidth-document.getElementById('login_div').offsetWidth)/2 +'px';
+        document.getElementById('login_div').style.top=(window.innerHeight-document.getElementById('login_div').offsetHeight)/2+document.body.scrollTop +'px';
+        document.getElementById('login_input').focus();
+    }
+<?php } ?>
+</script>
+<script src="//unpkg.zhimg.com/ionicons@4.4.4/dist/ionicons.js"></script>
+</html>

From 447cc7468ac697a9541d9b1370253c0ae4568078 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Sun, 15 Mar 2020 20:50:29 +0800
Subject: [PATCH 21/28] try to fix random jpg >200

---
 function/common.php | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/function/common.php b/function/common.php
index 9bca61c..cfd4fef 100644
--- a/function/common.php
+++ b/function/common.php
@@ -938,18 +938,15 @@ function fetch_files($path = '/')
             // echo $path . '<br><pre>' . json_encode($files, JSON_PRETTY_PRINT) . '</pre>';
             if (isset($files['folder'])) {
                 if ($files['folder']['childCount']>200) {
-                // files num > 200 , then get nextlink
+                    // files num > 200 , then get nextlink
                     $page = $_POST['pagenum']==''?1:$_POST['pagenum'];
-                    $files=fetch_files_children($files, $path1, $page);
+                    if ($page>1) $files=fetch_files_children($files, $path1, $page);
+                    $files['children'] = children_name($files['children']);
                 } else {
                 // files num < 200 , then cache
-                    if (isset($files['children'])) {
-                        $tmp = [];
-                        foreach ($files['children'] as $file) {
-                            $tmp[$file['name']] = $file;
-                        }
-                        $files['children'] = $tmp;
-                    }
+                    //if (isset($files['children'])) {
+                        $files['children'] = children_name($files['children']);
+                    //}
                     savecache('path_' . $path, $files);
                 }
             }
@@ -965,6 +962,15 @@ function fetch_files($path = '/')
     return $files;
 }
 
+function children_name($children)
+{
+    $tmp = [];
+    foreach ($children as $file) {
+        $tmp[$file['name']] = $file;
+    }
+    return $tmp;
+}
+
 function fetch_files_children($files, $path, $page)
 {
     $path1 = path_format($path);

From 916a2499e3ee1378c824b8ca2d330d5dd7ed4ae0 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Mon, 16 Mar 2020 14:31:24 +0800
Subject: [PATCH 22/28] in multi-disk, robot try to visit like /robot.txt will
 return 404 not 200

---
 function/common.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/function/common.php b/function/common.php
index cfd4fef..16fe26e 100644
--- a/function/common.php
+++ b/function/common.php
@@ -502,6 +502,7 @@ function main($path)
         $_SERVER['disktag'] = $path;
         $pos = strpos($path, '/');
         if ($pos>1) $_SERVER['disktag'] = substr($path, 0, $pos);
+        if (!in_array($_SERVER['disktag'], $disktags)) return message('Please visit from Home Page.', 'Error', 404);
         $path = substr($path, strlen('/'.$_SERVER['disktag']));
         if ($_SERVER['disktag']!='') $_SERVER['base_disk_path'] = path_format($_SERVER['base_disk_path']. '/' . $_SERVER['disktag'] . '/');
     } else $_SERVER['disktag'] = $disktags[0];

From 2ca2c88cf360161eb244fcef0f064efb6b5c1ea6 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Mon, 16 Mar 2020 15:04:48 +0800
Subject: [PATCH 23/28] Update common.php

---
 function/common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/function/common.php b/function/common.php
index 16fe26e..bc42d08 100644
--- a/function/common.php
+++ b/function/common.php
@@ -502,7 +502,7 @@ function main($path)
         $_SERVER['disktag'] = $path;
         $pos = strpos($path, '/');
         if ($pos>1) $_SERVER['disktag'] = substr($path, 0, $pos);
-        if (!in_array($_SERVER['disktag'], $disktags)) return message('Please visit from Home Page.', 'Error', 404);
+        if (!in_array($_SERVER['disktag'], $disktags)) return message('Please visit from <a href="'.$_SERVER['base_path'].'">Home Page</a>.', 'Error', 404);
         $path = substr($path, strlen('/'.$_SERVER['disktag']));
         if ($_SERVER['disktag']!='') $_SERVER['base_disk_path'] = path_format($_SERVER['base_disk_path']. '/' . $_SERVER['disktag'] . '/');
     } else $_SERVER['disktag'] = $disktags[0];

From 7ccf99312bd40fb98237578860e1da7f62e225ea Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Tue, 17 Mar 2020 11:36:49 +0800
Subject: [PATCH 24/28] add hideFunctionalityFile

---
 conststr.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/conststr.php b/conststr.php
index 550bc65..90b5342 100644
--- a/conststr.php
+++ b/conststr.php
@@ -72,6 +72,7 @@ $constStr = [
             'downloadencrypt' => '0 or 1. if 1, the files in encrypt folder can be downloaded without password',
             'background' => 'Set an url as background photo, or put a \'background.jpg\' at showed path.',
             'guestup_path' => 'Set guest upload dir, before set this, the files in this dir will show as normal.',
+            'hideFunctionalityFile' = '0 or 1. if 1, some file will not show in list to guest, like readme.md',
             'passfile' => 'The password of dir will save in this file.',
             'public_path' => 'Show this Onedrive dir when through the long url of API Gateway; public show files less than private.',
             'sitename' => 'sitename',
@@ -86,6 +87,7 @@ $constStr = [
             'downloadencrypt' => '0 或 1。如果 1, 那加密目录内的文件可以不需要密码就能下载。',
             'background' => '设置一个url作为背景，或者在你显示的目录放一个background.jpg文件。',
             'guestup_path' => '设置游客上传路径（图床路径），不设置这个值时该目录内容会正常列文件出来，设置后只有上传界面，不显示其中文件（登录后显示）。',
+            'hideFunctionalityFile' = '0 或 1。如果 1, 某些文件不列表给游客看，但它的功能正常，比如readme.md',
             'passfile' => '自定义密码文件的名字，可以是\'pppppp\'，也可以是\'aaaa.txt\'等等；列目录时不会显示，只有知道密码才能查看或下载此文件。密码是这个文件的内容，可以空格、可以中文；',
             'public_path' => '使用API长链接访问时，显示网盘文件的路径，不设置时默认为根目录；不能是private_path的上级（public看到的不能比private多，要么看到的就不一样）。',
             'sitename' => '网站的名称',

From 4a8bd8aa9044ec54828f40a76bb3a48054b46439 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Tue, 17 Mar 2020 11:38:16 +0800
Subject: [PATCH 25/28] add hideFunctionalityFile

---
 theme/classic.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/theme/classic.php b/theme/classic.php
index 896b0e1..f42c76e 100644
--- a/theme/classic.php
+++ b/theme/classic.php
@@ -244,13 +244,13 @@
                     foreach ($files['children'] as $file) {
                         // Files
                         if (isset($file['file'])) {
-                            if ($_SERVER['admin'] or (substr($file['name'],0,1) !== '.' and $file['name'] !== getConfig('passfile') ) ) {
-                                if (strtolower($file['name']) === 'head.md') $head = $file;
-                                if (strtolower($file['name']) === 'readme.md') $readme = $file;
-                                if (strtolower($file['name']) === 'index.html' && !$_SERVER['admin']) {
-                                    $html = curl_request(fetch_files(spurlencode(path_format($path . '/' .$file['name']),'/'))['@microsoft.graph.downloadUrl'])['body'];
-                                    return output($html,200);
-                                }
+                            if (strtolower($file['name']) === 'head.md') $head = $file;
+                            if (strtolower($file['name']) === 'readme.md') $readme = $file;
+                            if (strtolower($file['name']) === 'index.html' && !$_SERVER['admin']) {
+                                $html = curl_request(fetch_files(spurlencode(path_format($path . '/' .$file['name']),'/'))['@microsoft.graph.downloadUrl'])['body'];
+                                return output($html,200);
+                            }
+                            if ($_SERVER['admin'] or !isHideFile($file['name'])) {
                                 $filenum++; ?>
                     <tr data-to id="tr<?php echo $filenum;?>">
                         <td class="file">

From 6cf4f4187eac75a6bab3cf792ac16eb75926f1ef Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Tue, 17 Mar 2020 11:39:16 +0800
Subject: [PATCH 26/28] add hideFunctionalityFile

---
 function/common.php | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/function/common.php b/function/common.php
index bc42d08..41e9ecf 100644
--- a/function/common.php
+++ b/function/common.php
@@ -12,6 +12,7 @@ $Base64Env = [
     //'disktag',
     //'downloadencrypt',
     //'function_name', // used in heroku.
+    //'hideFunctionalityFile',
     //'language',
     //'passfile',
     'sitename',
@@ -36,6 +37,7 @@ $CommonEnv = [
     'background',
     'disktag',
     'function_name', // used in heroku.
+    'hideFunctionalityFile',
     'language',
     'passfile',
     'sitename',
@@ -52,6 +54,7 @@ $ShowedCommonEnv = [
     'background',
     //'disktag',
     //'function_name', // used in heroku.
+    'hideFunctionalityFile',
     'language',
     'passfile',
     'sitename',
@@ -84,6 +87,20 @@ $ShowedInnerEnv = [
     //'token_expires',
 ];
 
+function isHideFile($name)
+{
+    $FunctionalityFile = [
+        'head.md',
+        'readme.md',
+        'favicon.ico',
+    ];
+
+    if ($name == getConfig('passfile')) return true;
+    if (substr($name,0,1) == '.') return true;
+    if (getConfig('hideFunctionalityFile')) if (in_array(strtolower($name), $FunctionalityFile)) return true;
+    return false;
+}
+
 function getcache($str)
 {
     //$cache = null;

From 0076548c3a3980753ac3125e83cf66740e5bfd6b Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Tue, 17 Mar 2020 11:43:43 +0800
Subject: [PATCH 27/28] add hideFunctionalityFile

---
 conststr.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/conststr.php b/conststr.php
index 90b5342..65a3dea 100644
--- a/conststr.php
+++ b/conststr.php
@@ -72,7 +72,7 @@ $constStr = [
             'downloadencrypt' => '0 or 1. if 1, the files in encrypt folder can be downloaded without password',
             'background' => 'Set an url as background photo, or put a \'background.jpg\' at showed path.',
             'guestup_path' => 'Set guest upload dir, before set this, the files in this dir will show as normal.',
-            'hideFunctionalityFile' = '0 or 1. if 1, some file will not show in list to guest, like readme.md',
+            'hideFunctionalityFile' => '0 or 1. if 1, some file will not show in list to guest, like readme.md',
             'passfile' => 'The password of dir will save in this file.',
             'public_path' => 'Show this Onedrive dir when through the long url of API Gateway; public show files less than private.',
             'sitename' => 'sitename',
@@ -87,7 +87,7 @@ $constStr = [
             'downloadencrypt' => '0 或 1。如果 1, 那加密目录内的文件可以不需要密码就能下载。',
             'background' => '设置一个url作为背景，或者在你显示的目录放一个background.jpg文件。',
             'guestup_path' => '设置游客上传路径（图床路径），不设置这个值时该目录内容会正常列文件出来，设置后只有上传界面，不显示其中文件（登录后显示）。',
-            'hideFunctionalityFile' = '0 或 1。如果 1, 某些文件不列表给游客看，但它的功能正常，比如readme.md',
+            'hideFunctionalityFile' => '0 或 1。如果 1, 某些文件不列表给游客看，但它的功能正常，比如readme.md',
             'passfile' => '自定义密码文件的名字，可以是\'pppppp\'，也可以是\'aaaa.txt\'等等；列目录时不会显示，只有知道密码才能查看或下载此文件。密码是这个文件的内容，可以空格、可以中文；',
             'public_path' => '使用API长链接访问时，显示网盘文件的路径，不设置时默认为根目录；不能是private_path的上级（public看到的不能比private多，要么看到的就不一样）。',
             'sitename' => '网站的名称',

From 634be2876913cdd8b7149d4b5bb6da6fc2a45c78 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Wed, 18 Mar 2020 11:21:00 +0800
Subject: [PATCH 28/28] Add files via upload

---
 theme/ly_white.php | 1319 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 1319 insertions(+)
 create mode 100644 theme/ly_white.php

diff --git a/theme/ly_white.php b/theme/ly_white.php
new file mode 100644
index 0000000..64f4f09
--- /dev/null
+++ b/theme/ly_white.php
@@ -0,0 +1,1319 @@
+
+<!DOCTYPE html>
+<html lang="<?php echo $constStr['language']; ?>">
+<head>
+    <title><?php echo $pretitle;?> - <?php echo $_SERVER['sitename'];?></title>
+    <meta charset=utf-8>
+    <meta http-equiv=X-UA-Compatible content="IE=edge">
+    <meta name=viewport content="width=device-width,initial-scale=1">
+    <meta name="keywords" content="<?php echo $n_path;?>,<?php if ($p_path!='') echo $p_path.','; echo $_SERVER['sitename'];?>,OneManager,auth_by_逸笙">
+    <link rel="icon" href="<?php echo $_SERVER['base_disk_path'];?>favicon.ico" type="image/x-icon" />
+    <link rel="shortcut icon" href="<?php echo $_SERVER['base_disk_path'];?>favicon.ico" type="image/x-icon" />
+<center>
+<iframe width="300" scrolling="no" height="20" frameborder="0" allowtransparency="true" src="//i.tianqi.com/index.php?c=code&id=11&color=%2300B050&bgc=%23&icon=1&site=10"></iframe>
+</center>
+    <style type="text/css">
+        body{font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:1em;color:#000;background-color:#FFF;background-image:url("http://www.qqzzz.net/www/images/bj.png")}
+        a{color:#000;cursor:pointer;text-decoration:none}
+        ion-icon{font-size:15px;vertical-align:bottom}
+        a:hover{color:#FFF;}
+        .changelanguage{position:absolute;right:5px;}
+        .title{text-align:center;margin-top:1rem;letter-spacing:2px;margin-bottom:2rem}
+        .title a{color:#000;text-decoration:none}
+        .list-wrapper{width:80%;margin:0 auto 30px;position:relative;box-shadow:0 0 32px 0 rgb(222, 220, 220);border-radius:15px;}
+        .list-container{position:relative;overflow:hidden;border-radius:15px;}
+        .list-header-container{position:relative}
+        .list-header-container a.back-link{color:#000;display:inline-block;position:absolute;font-size:16px;margin:20px 10px;padding:10px 10px;vertical-align:middle;text-decoration:none}
+         a.back-link:hover,body{color:#05f7d5}
+        .list-container,.list-header-container,.list-wrapper,body{color:#000}
+        .table-header{margin:0;border:0 none;padding:30px 60px;text-align:left;font-weight:400;color:#000;background-color:rgba(128, 128, 128, 0.4);word-break: break-all;word-wrap: break-word;}
+        .list-body-container{position:relative;left:0;overflow-x:hidden;overflow-y:auto;box-sizing:border-box;background:rgba(128, 128, 128, 0.4)}
+        .more-disk{margin:0;border:0 none;padding:30px 30px;text-align:left;font-weight:400;color:#000;background-color:rgba(206, 206, 206, 0.88);white-space:nowrap;overflow:auto;}
+        .more-disk a{margin:0 10px;padding:5px;transition-duration: 0.4s;border-radius: 12px; background-color: rgba(0, 0, 0, 0.1); color: #000; border: 2px solid rgba(128, 128, 128, 0.4); }
+        .more-disk a:hover{ background-color: rgba(128, 128, 128, 0.4); color: #FFF; }
+        .list-table{width:100%;padding:0 20px 20px 20px;border-spacing:0}
+        .list-table tr{height:40px}
+        .list-table tr[data-to]:hover{background:rgb(41, 41, 41,0.4);color:#FFF;}
+        .list-table tr[data-to]:hover a[name~="filelist"]{color:#FFF}
+        .list-table tr:first-child{background:rgba(0,0,0,0)}
+        .list-table td,.list-table th{padding:0 10px;text-align:left}
+        .list-table .size,.list-table .updated_at{text-align:right}
+        .mask{position:absolute;left:0px;top:0px;width:100%;background-color:#FFF;filter:alpha(opacity=50);opacity:0.5;z-index:2;}
+<?php if ($_SERVER['admin']) { ?>
+        .operate{display:inline-table;margin:0;margin-right:5px;list-style:none}
+        .operate ul{position:absolute;display:none;background:rgba(121, 121, 121, 0.7);border:0px #000000 solid;border-radius:5px;margin:-7px 0 0 0;padding:0 7px;color:#205D67;z-index:1;}
+        .operate:hover ul{position:absolute;display:inline-table;}
+        .operate ul li{padding:7px;list-style:none;display:block;}
+        .operate ul li ion-icon{vertical-align:bottom}
+<?php } ?>
+        .operatediv{position:absolute;border:1px #000000;background-color:rgba(0,0,0,0.3);z-index:2;}
+        .operatediv div{margin:16px}
+        .operatediv_close{position:absolute;right:3px;top:3px;}
+        .readme{padding:8px;background-color:rgba(128, 128, 128, 0.4);}
+        .markdown-body{padding:20px;text-align:left}
+        @media only screen and (max-width:480px){
+            .title{margin-bottom:24px}
+            .list-wrapper{width:95%; margin-bottom:24px;}
+            .list-table {padding:8px}
+            .list-table td, .list-table th{white-space:nowrap;overflow:auto;max-width:80px}
+        }
+    </style>
+</head>
+<body>
+    <div style="padding:1px">
+<?php
+    if (getConfig('admin')!='') if (!$_SERVER['admin']) {
+        if (getConfig('adminloginpage')=='') { ?>
+        <a class="login" onclick="login();"><ion-icon name="log-in"></ion-icon><?php echo getconstStr('Login'); ?></a>
+<?php   }
+    } else { ?>
+        <li class="operate"><ion-icon name="construct"></ion-icon><?php echo getconstStr('Operate'); ?><ul>
+<?php   if (isset($files['folder'])) { ?>
+            <li><a onclick="showdiv(event,'create','');"><ion-icon name="add-circle"></ion-icon><?php echo getconstStr('Create'); ?></a></li>
+            <li><a onclick="showdiv(event,'encrypt','');"><ion-icon name="lock"></ion-icon><?php echo getconstStr('encrypt'); ?></a></li>
+            <li><a href="?RefreshCache"><ion-icon name="refresh"></ion-icon><?php echo getconstStr('RefreshCache'); ?></a></li>
+<?php   } ?>
+            <li><a href="<?php echo $_GET['preview']?'?preview&':'?';?>setup"><ion-icon name="settings"></ion-icon><?php echo getconstStr('Setup'); ?></a></li>
+            <li><a onclick="logout()"><ion-icon name="log-out"></ion-icon><?php echo getconstStr('Logout'); ?></a></li>
+        </ul></li>
+<?php
+    } ?>
+        &nbsp;
+        <select class="changelanguage" name="language" onchange="changelanguage(this.options[this.options.selectedIndex].value)">
+            <option value="">Language</option>
+<?php
+    foreach ($constStr['languages'] as $key1 => $value1) { ?>
+            <option value="<?php echo $key1; ?>" <?php echo $key1==$constStr['language']?'selected="selected"':'' ?>><?php echo $value1; ?></option>
+<?php
+    } ?>
+        </select>
+    </div>
+<?php
+    if ($_SERVER['needUpdate']) { ?>
+    <div style='position:absolute;'><font color='red'><?php echo getconstStr('NeedUpdate'); ?></font></div>
+<?php } ?>
+    <h1 class="title">
+        <a href="<?php echo $_SERVER['base_path']; ?>"><?php echo $_SERVER['sitename']; ?></a>
+    </h1>
+<?php $disktags = explode("|",getConfig('disktag'));
+    if (count($disktags)>1) { ?>
+    <div class="list-wrapper">
+        <div class="list-container">
+            <div class="list-header-container">
+                <div class="more-disk">
+<?php foreach ($disktags as $disk) {
+        $diskname = getConfig('diskname', $disk);
+        if ($diskname=='') $diskname = $disk;
+        echo '                    <a href="'.path_format($_SERVER['base_path'].'/'.$disk).'"'.($_SERVER['disktag']==$disk?' now':'').'>'.$diskname.'</a>
+';
+    } ?>
+                </div>
+            </div>
+        </div>
+    </div>
+<?php }
+    if ($files) { ?>
+    <div class="list-wrapper" id="list-div">
+        <div class="list-container">
+            <div class="list-header-container">
+<?php
+    if ($path !== '/') {
+        $current_url = $_SERVER['PHP_SELF'];
+        while (substr($current_url, -1) === '/') {
+            $current_url = substr($current_url, 0, -1);
+        }
+        if (strpos($current_url, '/') !== FALSE) {
+            $parent_url = substr($current_url, 0, strrpos($current_url, '/'));
+        } else {
+            $parent_url = $current_url;
+        }
+?>
+                <a href="<?php echo $parent_url.'/'; ?>" class="back-link">
+                    <ion-icon name="arrow-back"></ion-icon>
+                </a>
+<?php } ?>
+                <h3 class="table-header"><?php echo str_replace('%23', '#', str_replace('&','&amp;', $path)); ?></h3>
+            </div>
+            <div class="list-body-container">
+<?php
+    if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { ?>
+                <div id="upload_div" style="margin:10px">
+                <center>
+                    <input id="upload_file" type="file" name="upload_filename">
+                    <input id="upload_submit" onclick="preup();" value="<?php echo getconstStr('Upload'); ?>" type="button">
+                <center>
+                </div>
+<?php } else {
+        if ($_SERVER['ishidden']<4) {
+            if (isset($files['error'])) {
+                    echo '<div style="margin:8px;">' . $files['error']['message'] . '</div>';
+                    $statusCode=404;
+            } else {
+                if (isset($files['file'])) {
+?>
+                <div style="margin: 12px 4px 4px; text-align: center">
+                    <div style="margin: 24px">
+                        <textarea id="url" title="url" rows="1" style="width: 100%; margin-top: 2px;" readonly><?php echo str_replace('%2523', '%23', str_replace('%26amp%3B','&amp;',spurlencode(path_format($_SERVER['base_disk_path'] . '/' . $path), '/'))); ?></textarea>
+                        <a href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path);//$files['@microsoft.graph.downloadUrl'] ?>"><ion-icon name="download" style="line-height: 16px;vertical-align: middle;"></ion-icon>&nbsp;<?php echo getconstStr('Download'); ?></a>
+                    </div>
+                    <div style="margin: 24px">
+<?php               $ext = strtolower(substr($path, strrpos($path, '.') + 1));
+                    $DPvideo = '';
+                    $pdfurl = '';
+                    if (in_array($ext, $exts['img'])) {
+                        echo '                        <img src="' . $files['@microsoft.graph.downloadUrl'] . '" alt="' . substr($path, strrpos($path, '/')) . '" onload="if(this.offsetWidth>document.getElementById(\'url\').offsetWidth) this.style.width=\'100%\';" />
+';
+                    } elseif (in_array($ext, $exts['video'])) {
+                    //echo '<video src="' . $files['@microsoft.graph.downloadUrl'] . '" controls="controls" style="width: 100%"></video>';
+                        $DPvideo=$files['@microsoft.graph.downloadUrl'];
+                        echo '                        <div id="video-a0"></div>
+';
+                    } elseif (in_array($ext, $exts['music'])) {
+                        echo '                        <audio src="' . $files['@microsoft.graph.downloadUrl'] . '" controls="controls" style="width: 100%"></audio>
+';
+                    } elseif (in_array($ext, ['pdf'])) {
+                        /*echo '
+                        <embed src="' . $files['@microsoft.graph.downloadUrl'] . '" type="application/pdf" width="100%" height=800px">
+';*/
+                        $pdfurl = $files['@microsoft.graph.downloadUrl'];
+                        echo '                        <div id="pdf-d"></div>
+';
+                    } elseif (in_array($ext, $exts['office'])) {
+                        echo '                        <iframe id="office-a" src="https://view.officeapps.live.com/op/view.aspx?src=' . urlencode($files['@microsoft.graph.downloadUrl']) . '" style="width: 100%;height: 800px" frameborder="0"></iframe>
+';
+                    } elseif (in_array($ext, $exts['txt'])) {
+                        $txtstr = htmlspecialchars(curl_request($files['@microsoft.graph.downloadUrl'])['body']);
+?>
+                        <div id="txt">
+<?php                   if ($_SERVER['admin']) { ?>
+                        <form id="txt-form" action="" method="POST">
+                            <a onclick="document.getElementById('txt-a').readOnly='';document.getElementById('txt-save').style.display='';document.getElementById('txt-editbutton').style.display='none';document.getElementById('txt-cancelbutton').style.display='';" id="txt-editbutton"><ion-icon name="create"></ion-icon><?php echo getconstStr('ClicktoEdit'); ?></a>
+                            <a onclick="document.getElementById('txt-a').readOnly='readonly';document.getElementById('txt-save').style.display='none';document.getElementById('txt-editbutton').style.display='';document.getElementById('txt-cancelbutton').style.display='none';" id="txt-cancelbutton" style="display:none"><ion-icon name="close"></ion-icon><?php echo getconstStr('CancelEdit'); ?></a>&nbsp;&nbsp;&nbsp;
+                            <a id="txt-save" style="display:none"><ion-icon name="save"></ion-icon><?php echo getconstStr('Save'); ?></a>
+<?php                   } ?>
+                            <textarea id="txt-a" name="editfile" readonly style="width: 100%; margin-top: 2px;" <?php if ($_SERVER['admin']) echo 'onchange="document.getElementById(\'txt-save\').onclick=function(){document.getElementById(\'txt-form\').submit();}"';?> ><?php echo $txtstr;?></textarea>
+<?php                   if ($_SERVER['admin']) echo '</form>'; ?>
+                        </div>
+<?php               } /*elseif (in_array($ext, ['md'])) {
+                        echo '                        <div class="markdown-body" id="readme">
+                            <textarea id="readme-md" style="display:none;">' . curl_request($files['@microsoft.graph.downloadUrl'])['body'] . '</textarea>
+                        </div>
+';
+                    }*/ else {
+                        echo '<span>'.getconstStr('FileNotSupport').'</span>';
+                    } ?>
+                    </div>
+                </div>
+<?php           } elseif (isset($files['folder'])) {
+                    $filenum = $_POST['filenum'];
+                    if (!$filenum and $files['folder']['page']) $filenum = ($files['folder']['page']-1)*200;
+                    $readme = false; ?>
+                <table class="list-table" id="list-table">
+                    <tr id="tr0">
+                        <th class="file"><a onclick="sortby('a');"><?php echo getconstStr('File'); ?></a><?php if ($_SERVER['USER']!='qcloud') { ?>&nbsp;&nbsp;&nbsp;<button onclick="showthumbnails(this);"><?php echo getconstStr('ShowThumbnails'); ?></button><?php } ?><button onclick="CopyAllDownloadUrl();"><?php echo getconstStr('CopyAllDownloadUrl'); ?></button></th>
+                        <th class="updated_at" width="25%"><a onclick="sortby('time');"><?php echo getconstStr('EditTime'); ?></a></th>
+                        <th class="size" width="15%"><a onclick="sortby('size');"><?php echo getconstStr('Size'); ?></a></th>
+                    </tr>
+                    <!-- Dirs -->
+<?php               //echo json_encode($files['children'], JSON_PRETTY_PRINT);
+                    foreach ($files['children'] as $file) {
+                        // Folders
+                        if (isset($file['folder'])) { 
+                            $filenum++; ?>
+                    <tr data-to id="tr<?php echo $filenum;?>">
+                        <td class="file">
+<?php                       if ($_SERVER['admin']) { ?>
+                            <li class="operate"><ion-icon name="construct"></ion-icon><a><?php echo getconstStr('Operate'); ?></a>
+                            <ul>
+                                <li><a onclick="showdiv(event,'encrypt',<?php echo $filenum;?>);"><ion-icon name="lock"></ion-icon><?php echo getconstStr('encrypt'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'rename',<?php echo $filenum;?>);"><ion-icon name="create"></ion-icon><?php echo getconstStr('Rename'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'move',<?php echo $filenum;?>);"><ion-icon name="move"></ion-icon><?php echo getconstStr('Move'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'copy',<?php echo $filenum;?>);"><ion-icon name="copy"></ion-icon><?php echo getconstStr('Copy'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'delete',<?php echo $filenum;?>);"><ion-icon name="trash"></ion-icon><?php echo getconstStr('Delete'); ?></a></li>
+                            </ul>
+                            </li>
+<?php                       } ?>
+                            <ion-icon name="folder"></ion-icon>
+                            <a id="file_a<?php echo $filenum;?>" name="filelist" href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path . '/' . encode_str_replace($file['name']) . '/'); ?>"><?php echo str_replace('&','&amp;', $file['name']);?></a>
+                        </td>
+                        <td class="updated_at" id="folder_time<?php echo $filenum;?>"><?php echo time_format($file['lastModifiedDateTime']); ?></td>
+                        <td class="size" id="folder_size<?php echo $filenum;?>"><?php echo size_format($file['size']); ?></td>
+                    </tr>
+<?php                   }
+                    }
+                    // if ($filenum) echo '<tr data-to></tr>';
+                    foreach ($files['children'] as $file) {
+                        // Files
+                        if (isset($file['file'])) {
+                            if ($_SERVER['admin'] or (substr($file['name'],0,1) !== '.' and $file['name'] !== getConfig('passfile') ) ) {
+                                if (strtolower($file['name']) === 'head.md') $head = $file;
+                                if (strtolower($file['name']) === 'readme.md') $readme = $file;
+                                if (strtolower($file['name']) === 'index.html' && !$_SERVER['admin']) {
+                                    $html = curl_request(fetch_files(spurlencode(path_format($path . '/' .$file['name']),'/'))['@microsoft.graph.downloadUrl'])['body'];
+                                    return output($html,200);
+                                }
+                                $filenum++; ?>
+                    <tr data-to id="tr<?php echo $filenum;?>">
+                        <td class="file">
+<?php                           if ($_SERVER['admin']) { ?>
+                            <li class="operate"><ion-icon name="construct"></ion-icon><a><?php echo getconstStr('Operate'); ?></a>
+                            <ul>
+                                <li><a onclick="showdiv(event, 'rename',<?php echo $filenum;?>);"><ion-icon name="create"></ion-icon><?php echo getconstStr('Rename'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'move',<?php echo $filenum;?>);"><ion-icon name="move"></ion-icon><?php echo getconstStr('Move'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'copy',<?php echo $filenum;?>);"><ion-icon name="copy"></ion-icon><?php echo getconstStr('Copy'); ?></a></li>
+                                <li><a onclick="showdiv(event, 'delete',<?php echo $filenum;?>);"><ion-icon name="trash"></ion-icon><?php echo getconstStr('Delete'); ?></a></li>
+                            </ul>
+                            </li>
+<?php                           }
+                                $ext = strtolower(substr($file['name'], strrpos($file['name'], '.') + 1));
+                                if (in_array($ext, $exts['music'])) { ?>
+                            <ion-icon name="musical-notes"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['video'])) { ?>
+                            <ion-icon name="logo-youtube"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['img'])) { ?>
+                            <ion-icon name="image"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['office'])) { ?>
+                            <ion-icon name="paper"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['txt'])) { ?>
+                            <ion-icon name="clipboard"></ion-icon>
+<?php                           } elseif (in_array($ext, $exts['zip'])) { ?>
+                            <ion-icon name="filing"></ion-icon>
+<?php                           } elseif ($ext=='iso') { ?>
+                            <ion-icon name="disc"></ion-icon>
+<?php                           } elseif ($ext=='apk') { ?>
+                            <ion-icon name="logo-android"></ion-icon>
+<?php                           } elseif ($ext=='exe') { ?>
+                            <ion-icon name="logo-windows"></ion-icon>
+<?php                           } else { ?>
+                            <ion-icon name="document"></ion-icon>
+<?php                           } ?>
+                            <a id="file_a<?php echo $filenum;?>" name="filelist" href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path . '/' . encode_str_replace($file['name'])); ?>?preview" target=_blank><?php echo str_replace('&','&amp;', $file['name']); ?></a>
+                            <a class="download" href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path . '/' . str_replace('&','&amp;', $file['name']));?>"><ion-icon name="download"></ion-icon></a>
+                        </td>
+                        <td class="updated_at" id="file_time<?php echo $filenum;?>"><?php echo time_format($file['lastModifiedDateTime']); ?></td>
+                        <td class="size" id="file_size<?php echo $filenum;?>"><?php echo size_format($file['size']); ?></td>
+                    </tr>
+<?php                       }
+                        }
+                    } ?>
+                </table>
+<?php               if ($files['folder']['childCount']>200) {
+                        $pagenum = $files['folder']['page'];
+                        $maxpage = ceil($files['folder']['childCount']/200);
+                        $prepagenext = '
+                <form action="" method="POST" id="nextpageform">
+                    <input type="hidden" id="pagenum" name="pagenum" value="'. $pagenum .'">
+                    <table width=100% border=0>
+                        <tr>
+                            <td width=60px align=center>';
+                        if ($pagenum!=1) {
+                            $prepagenum = $pagenum-1;
+                            $prepagenext .= '
+                                <a onclick="nextpage('.$prepagenum.');">'.getconstStr('PrePage').'</a>';
+                        }
+                        $prepagenext .= '
+                            </td>
+                            <td class="updated_at">';
+                        for ($page=1;$page<=$maxpage;$page++) {
+                            if ($page == $pagenum) {
+                                $prepagenext .= '
+                                <font color=red>' . $page . '</font> ';
+                            } else {
+                                $prepagenext .= '
+                                <a onclick="nextpage('.$page.');">' . $page . '</a> ';
+                            }
+                        }
+                        $prepagenext = substr($prepagenext,0,-1);
+                        $prepagenext .= '
+                            </td>
+                            <td width=60px align=center>';
+                        if ($pagenum!=$maxpage) {
+                            $nextpagenum = $pagenum+1;
+                            $prepagenext .= '
+                                <a onclick="nextpage('.$nextpagenum.');">'.getconstStr('NextPage').'</a>';
+                        }
+                        $prepagenext .= '
+                            </td>
+                        </tr>
+                    </table>
+                </form>';
+                        echo $prepagenext;
+                    }
+                    if ($_SERVER['admin']) { ?>
+                <div id="upload_div" style="margin:0 0 16px 0">
+                <center>
+                    <input id="upload_file" type="file" name="upload_filename" multiple="multiple">
+                    <input id="upload_submit" onclick="preup();" value="<?php echo getconstStr('Upload'); ?>" type="button">
+                </center>
+                </div>
+<?php               }
+                } else {
+                    $statusCode=500;
+                    echo 'Unknown path or file.';
+                    echo json_encode($files, JSON_PRETTY_PRINT);
+                }
+                if ($head) {
+                    echo '
+            </div>
+        </div>
+    </div>
+    <div class="list-wrapper" id="head-div">
+        <div class="list-container">
+            <div class="list-header-container">
+                <div class="readme">
+                    <!--<svg class="octicon octicon-book" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path fill-rule="evenodd" d="M3 5h4v1H3V5zm0 3h4V7H3v1zm0 2h4V9H3v1zm11-5h-4v1h4V5zm0 2h-4v1h4V7zm0 2h-4v1h4V9zm2-6v9c0 .55-.45 1-1 1H9.5l-1 1-1-1H2c-.55 0-1-.45-1-1V3c0-.55.45-1 1-1h5.5l1 1 1-1H15c.55 0 1 .45 1 1zm-8 .5L7.5 3H2v9h6V3.5zm7-.5H9.5l-.5.5V12h6V3z"></path></svg>
+                    <span style="line-height: 16px;vertical-align: top;">'.$head['name'].'</span>-->
+                    <div class="markdown-body" id="head">
+                        <textarea id="head-md" style="display:none;">' . curl_request(fetch_files(spurlencode(path_format($path . '/' .$head['name']),'/'))['@microsoft.graph.downloadUrl'])['body'] . '
+                        </textarea>
+                    </div>
+                </div>
+';
+                }
+                if ($readme) {
+                    echo '
+            </div>
+        </div>
+    </div>
+    <div class="list-wrapper">
+        <div class="list-container">
+            <div class="list-header-container">
+                <div class="readme">
+                    <!--<svg class="octicon octicon-book" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path fill-rule="evenodd" d="M3 5h4v1H3V5zm0 3h4V7H3v1zm0 2h4V9H3v1zm11-5h-4v1h4V5zm0 2h-4v1h4V7zm0 2h-4v1h4V9zm2-6v9c0 .55-.45 1-1 1H9.5l-1 1-1-1H2c-.55 0-1-.45-1-1V3c0-.55.45-1 1-1h5.5l1 1 1-1H15c.55 0 1 .45 1 1zm-8 .5L7.5 3H2v9h6V3.5zm7-.5H9.5l-.5.5V12h6V3z"></path></svg>
+                    <span style="line-height: 16px;vertical-align: top;">'.$readme['name'].'</span>-->
+                    <div class="markdown-body" id="readme">
+                        <textarea id="readme-md" style="display:none;">' . curl_request(fetch_files(spurlencode(path_format($path . '/' .$readme['name']),'/'))['@microsoft.graph.downloadUrl'])['body'] . '
+                        </textarea>
+                    </div>
+                </div>
+';
+                }
+            }
+        } else {
+            echo '
+                <div style="padding:20px">
+	            <center>
+	                <form action="" method="post">
+		            <input name="password1" type="password" placeholder="'.getconstStr('InputPassword').'">
+		            <input type="submit" value="'.getconstStr('Submit').'">
+	                </form>
+                </center>
+                </div>';
+            $statusCode = 401;
+        }
+    } ?>
+            </div>
+        </div>
+    </div>
+<?php } ?>
+    <div id="mask" class="mask" style="display:none;"></div>
+<?php
+    if ($_SERVER['admin']) {
+        if (!$_GET['preview']) { ?>
+    <div style="word-break: break-all;word-wrap: break-word;">
+        <div id="rename_div" class="operatediv" style="display:none">
+            <div>
+                <label id="rename_label"></label><br><br><a onclick="operatediv_close('rename')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="rename_form" onsubmit="return submit_operate('rename');">
+                <input id="rename_sid" name="rename_sid" type="hidden" value="">
+                <input id="rename_hidden" name="rename_oldname" type="hidden" value="">
+                <input id="rename_input" name="rename_newname" type="text" value="">
+                <input name="operate_action" type="submit" value="<?php echo getconstStr('Rename'); ?>">
+                </form>
+            </div>
+        </div>
+        <div id="delete_div" class="operatediv" style="display:none">
+            <div>
+                <br><a onclick="operatediv_close('delete')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <label id="delete_label"></label>
+                <form id="delete_form" onsubmit="return submit_operate('delete');">
+                <label id="delete_input"><?php echo getconstStr('Delete'); ?>?</label>
+                <input id="delete_sid" name="delete_sid" type="hidden" value="">
+                <input id="delete_hidden" name="delete_name" type="hidden" value="">
+                <input name="operate_action" type="submit" value="<?php echo getconstStr('Submit'); ?>">
+                </form>
+            </div>
+        </div>
+        <div id="encrypt_div" class="operatediv" style="display:none">
+            <div>
+                <label id="encrypt_label"></label><br><br><a onclick="operatediv_close('encrypt')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="encrypt_form" onsubmit="return submit_operate('encrypt');">
+                <input id="encrypt_sid" name="encrypt_sid" type="hidden" value="">
+                <input id="encrypt_hidden" name="encrypt_folder" type="hidden" value="">
+                <input id="encrypt_input" name="encrypt_newpass" type="text" value="" placeholder="<?php echo getconstStr('InputPasswordUWant'); ?>">
+                <?php if (getConfig('passfile')!='') {?><input name="operate_action" type="submit" value="<?php echo getconstStr('encrypt'); ?>"><?php } else { ?><br><label><?php echo getconstStr('SetpassfileBfEncrypt'); ?></label><?php } ?>
+                </form>
+            </div>
+        </div>
+        <div id="copy_div" class="operatediv" style="display:none">
+            <div>
+                <label id="copy_label"></label><br><br><a onclick="operatediv_close('copy')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="copy_form" onsubmit="return submit_operate('copy');">
+                <input id="copy_sid" name="copy_sid" type="hidden" value="">
+                <input id="copy_hidden" name="copy_name" type="hidden" value="">
+                <input id="copy_input" name="copy_input" type="hidden" value="">
+                <input name="operate_action" type="submit" value="<?php echo getconstStr('Copy'); ?>">
+                </form>
+            </div>
+        </div>
+        <div id="move_div" class="operatediv" style="display:none">
+            <div>
+                <label id="move_label"></label><br><br><a onclick="operatediv_close('move')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="move_form" onsubmit="return submit_operate('move');">
+                <input id="move_sid" name="move_sid" type="hidden" value="">
+                <input id="move_hidden" name="move_name" type="hidden" value="">
+                <select id="move_input" name="move_folder">
+<?php   if ($path != '/') { ?>
+                    <option value="/../"><?php echo getconstStr('ParentDir'); ?></option>
+<?php   }
+        if (isset($files['children'])) foreach ($files['children'] as $file) {
+            if (isset($file['folder'])) { ?>
+                    <option value="<?php echo str_replace('&','&amp;', $file['name']);?>"><?php echo str_replace('&','&amp;', $file['name']);?></option>
+<?php       }
+        } ?>
+                </select>
+                <input name="operate_action" type="submit" value="<?php echo getconstStr('Move'); ?>">
+                </form>
+            </div>
+        </div>
+        <div id="create_div" class="operatediv" style="display:none">
+            <div>
+                <a onclick="operatediv_close('create')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+                <form id="create_form" onsubmit="return submit_operate('create');">
+                    <input id="create_sid" name="create_sid" type="hidden" value="">
+                    <input id="create_hidden" type="hidden" value="">
+                    <table>
+                        <tr>
+                            <td></td>
+                            <td><label id="create_label"></label></td>
+                        </tr>
+                        <tr>
+                            <td>　　　</td>
+                            <td>
+                                <label><input id="create_type_folder" name="create_type" type="radio" value="folder" onclick="document.getElementById('create_text_div').style.display='none';"><?php echo getconstStr('Folder'); ?></label>
+                                <label><input id="create_type_file" name="create_type" type="radio" value="file" onclick="document.getElementById('create_text_div').style.display='';" checked><?php echo getconstStr('File'); ?></label>
+                            <td>
+                        </tr>
+                        <tr>
+                            <td><?php echo getconstStr('Name'); ?>：</td>
+                            <td><input id="create_input" name="create_name" type="text" value=""></td>
+                        </tr>
+                        <tr id="create_text_div">
+                            <td><?php echo getconstStr('Content'); ?>：</td>
+                            <td><textarea id="create_text" name="create_text" rows="6" cols="40"></textarea></td>
+                        </tr>
+                        <tr>
+                            <td>　　　</td>
+                            <td><input name="operate_action" type="submit" value="<?php echo getconstStr('Create'); ?>"></td>
+                        </tr>
+                    </table>
+                </form>
+            </div>
+        </div>
+    </div>
+<?php   }
+    } else {
+        if (getConfig('admin')!='') if (getConfig('adminloginpage')=='') { ?>
+    <div id="login_div" class="operatediv" style="display:none">
+        <div style="margin:50px">
+            <a onclick="operatediv_close('login')" class="operatediv_close"><?php echo getconstStr('Close'); ?></a>
+	        <center>
+	            <form action="<?php echo $_GET['preview']?'?preview&':'?';?>admin" method="post">
+		        <input id="login_input" name="password1" type="password" placeholder="<?php echo getconstStr('InputPassword'); ?>">
+		        <input type="submit" value="<?php echo getconstStr('Login'); ?>">
+	            </form>
+            </center>
+        </div>
+	</div>
+<?php   }
+    } ?>
+<body>
+<script type="text/javascript">
+document.addEventListener('DOMContentLoaded', function () {
+    function audioAutoPlay() {
+        var audio = document.getElementById('audio');
+            audio.play();
+        document.addEventListener("WeixinJSBridgeReady", function () {
+            audio.play();
+        }, false);
+    }
+    audioAutoPlay();
+});
+document.addEventListener('touchstart', function () {
+    function audioAutoPlay() {
+        var audio = document.getElementById('audio');
+            audio.play();
+    }
+    audioAutoPlay();
+});
+</script>
+ </body>
+<center>
+<body>
+    <span id="date1"></span>
+        <script >
+    function $(num1) {
+	return num1<10?"0"+num1:num1;
+}
+function setTime() {
+	var date = new Date();
+	var year = date.getFullYear();
+	var month = date.getMonth()+1;
+	var day = date.getDate();
+	var week = date.getDay();
+	console.log();
+	var hour = date.getHours();
+	var minute = date.getMinutes();
+	var second = date.getSeconds();
+	var time = year+"/"+$(month)+'/'+$(day)+" "+$(hour)+":"+$(minute)+":"+$(second);
+	document.getElementById("date1").innerHTML=time;
+}
+setTime();
+setInterval('setTime()',500);
+</script>
+</body>
+<?php
+$w=date('w'); 
+$week=array( 
+    "0"=>"日）", 
+    "1"=>"一）", 
+    "2"=>"二）", 
+    "3"=>"三）", 
+    "4"=>"四）", 
+    "5"=>"五）", 
+    "6"=>"六）" 
+); 
+echo '（星期'.$week[$w];
+?>
+<?php
+$ip = ($_SERVER["HTTP_VIA"]) ? $_SERVER["HTTP_X_FORWARDED_FOR"] : $_SERVER["REMOTE_ADDR"];
+$ip = ($ip) ? $ip : $_SERVER["REMOTE_ADDR"];
+echo  'IPv4: ' ,$ip, "\n";
+?>
+</center>
+<center>
+<span id="clock"><span>  <!--顶部span的id为clock-->
+<div class="footer_copyright">
+ Copyright © 2020 - <span id="footyear"></span> Bayd. All Rights Reserved.<em>彼岸云端 版权所有</em>                  <!--底部span的id为footyear-->
+</div>
+</center>
+<?php if ($files) { ?>
+<?php if ($head||$readme) { ?><link rel="stylesheet" href="//unpkg.zhimg.com/github-markdown-css@3.0.1/github-markdown.css">
+<script type="text/javascript" src="//unpkg.zhimg.com/marked@0.6.2/marked.min.js"></script><?php } ?>
+<?php if (isset($files['folder']) && $_SERVER['is_guestup_path'] && !$_SERVER['admin']) { ?><script type="text/javascript" src="//cdn.bootcss.com/spark-md5/3.0.0/spark-md5.min.js"></script><?php } ?>
+<?php if ($pdfurl!='') { ?><script src="//cdn.bootcss.com/pdf.js/2.3.200/pdf.min.js"></script><?php } ?>
+<?php } ?>
+<script type="text/javascript">
+<?php if ($files) { ?>
+    var root = '<?php echo $_SERVER["base_disk_path"]; ?>';
+    function path_format(path) {
+        path = '/' + path + '/';
+        while (path.indexOf('//') !== -1) {
+            path = path.replace('//', '/')
+        }
+        return path
+    }
+    document.querySelectorAll('.table-header').forEach(function (e) {
+        var path = e.innerText;
+        var paths = path.split('/');
+        if (paths <= 2) return;
+        e.innerHTML = '/ ';
+        for (var i = 1; i < paths.length - 1; i++) {
+            var to = path_format(root + paths.slice(0, i + 1).join('/'));
+            e.innerHTML += '<a href="' + to + '">' + paths[i] + '</a> / '
+        }
+        e.innerHTML += paths[paths.length - 1];
+        e.innerHTML = e.innerHTML.replace(/\s\/\s$/, '')
+    });
+    
+    function changelanguage(str)
+    {
+        if (str=='Language') str = '';
+        document.cookie='language='+str+'; path=/';
+        location.href = location.href;
+    }
+    var $head = document.getElementById('head');
+    if ($head) {
+        document.getElementById('head-div').parentNode.insertBefore(document.getElementById('head-div'),document.getElementById('list-div'));
+        $head.innerHTML = marked(document.getElementById('head-md').innerText);
+        
+    }
+    var $readme = document.getElementById('readme');
+    if ($readme) {
+        $readme.innerHTML = marked(document.getElementById('readme-md').innerText);
+    }
+<?php
+    if ($_GET['preview']) { //is preview mode. 在预览时处理 ?>
+    var $url = document.getElementById('url');
+    if ($url) {
+        $url.innerHTML = location.protocol + '//' + location.host + $url.innerHTML;
+        $url.style.height = $url.scrollHeight + 'px';
+    }
+    var $officearea=document.getElementById('office-a');
+    if ($officearea) {
+        $officearea.style.height = window.innerHeight + 'px';
+    }
+    var $textarea=document.getElementById('txt-a');
+    if ($textarea) {
+        $textarea.style.height = $textarea.scrollHeight + 'px';
+    }
+<?php   if (!!$DPvideo) { ?>
+    function loadResources(type, src, callback) {
+        let script = document.createElement(type);
+        let loaded = false;
+        if (typeof callback === 'function') {
+            script.onload = script.onreadystatechange = () => {
+                if (!loaded && (!script.readyState || /loaded|complete/.test(script.readyState))) {
+                    script.onload = script.onreadystatechange = null;
+                    loaded = true;
+                    callback();
+                }
+            }
+        }
+        if (type === 'link') {
+            script.href = src;
+            script.rel = 'stylesheet';
+        } else {
+            script.src = src;
+        }
+        document.getElementsByTagName('head')[0].appendChild(script);
+    }
+    function addVideos(videos) {
+        let host = 'https://s0.pstatp.com/cdn/expire-1-M';
+        let unloadedResourceCount = 4;
+        let callback = (() => {
+            return () => {
+                if (!--unloadedResourceCount) {
+                    createDplayers(videos);
+                }
+            };
+        })(unloadedResourceCount, videos);
+        loadResources(
+            'link',
+            host + '/dplayer/1.25.0/DPlayer.min.css',
+            callback
+        );
+        loadResources(
+            'script',
+            host + '/dplayer/1.25.0/DPlayer.min.js',
+            callback
+        );
+        loadResources(
+            'script',
+            host + '/hls.js/0.12.4/hls.light.min.js',
+            callback
+        );
+        loadResources(
+            'script',
+            host + '/flv.js/1.5.0/flv.min.js',
+            callback
+        );
+    }
+    function createDplayers(videos) {
+        for (i = 0; i < videos.length; i++) {
+            console.log(videos[i]);
+            new DPlayer({
+                container: document.getElementById('video-a' + i),
+                screenshot: true,
+                video: {
+                    url: videos[i]
+                }
+            });
+        }
+    }
+    addVideos(['<?php echo $DPvideo;?>']);
+<?php   }
+        if ($pdfurl!='') { ?>
+    pdfjsLib.GlobalWorkerOptions.workerSrc = '//cdn.bootcss.com/pdf.js/2.3.200/pdf.worker.min.js';
+    var loadingTask = pdfjsLib.getDocument({ url: '<?php echo $pdfurl;?>', });
+    loadingTask.promise.then(function(pdf) {
+        var pagenum =  pdf.numPages;
+        var pdfContainer = document.getElementById('pdf-d');
+        for (var i=1;i<=pagenum;i++) {
+            var canvasNew = document.createElement('canvas');
+            canvasNew.id = 'pdf-c'+i;
+            pdfContainer.appendChild(canvasNew);
+            renderpage(pdf,i);
+        }
+    });
+    function renderpage(pdf,i)
+    {
+        pdf.getPage(i).then(function(page) { 
+            var scale = 1.5;
+            var viewport = page.getViewport({ scale: scale, });
+            var canvas = document.getElementById('pdf-c'+i);
+            var context = canvas.getContext("2d");
+            canvas.height = viewport.height;
+            canvas.width = viewport.width;
+            var renderContext = {
+                canvasContext: context,
+                viewport: viewport,
+            };
+            page.render(renderContext);
+        });
+    }
+<?php   }
+    } else { // view folder. 不预览，即浏览目录时?>
+    function showthumbnails(obj) {
+        var files=document.getElementsByName('filelist');
+        for ($i=0;$i<files.length;$i++) {
+            str=files[$i].innerText;
+            if (str.substr(-1)==' ') str=str.substr(0,str.length-1);
+            if (!str) return;
+            strarry=str.split('.');
+            ext=strarry[strarry.length-1].toLowerCase();
+            images = [<?php foreach ($exts['img'] as $imgext) echo '\''.$imgext.'\', '; ?>];
+            if (images.indexOf(ext)>-1) get_thumbnails_url(str, files[$i]);
+        }
+        obj.disabled='disabled';
+    }
+    function get_thumbnails_url(str, filea) {
+        if (!str) return;
+        var nurl=window.location.href;
+        if (nurl.substr(-1)!="/") nurl+="/";
+        var xhr = new XMLHttpRequest();
+        xhr.open("GET", nurl+str+'?thumbnails', true);
+                //xhr.setRequestHeader('x-requested-with','XMLHttpRequest');
+        xhr.send('');
+        xhr.onload = function(e){
+            if (xhr.status==200) {
+                if (xhr.responseText!='') filea.innerHTML='<img src="'+xhr.responseText+'" alt="'+str+'">';
+            } else console.log(xhr.status+'\n'+xhr.responseText);
+        }
+    }
+    function CopyAllDownloadUrl() {
+        var tmptextarea=document.createElement('textarea');
+        document.body.appendChild(tmptextarea);
+        tmptextarea.setAttribute('style','position:absolute;left:-100px;width:0px;height:0px;');
+        document.querySelectorAll('.download').forEach(function (e) {
+            tmptextarea.innerHTML+=e.href+"\r\n";
+        });
+        tmptextarea.select();
+        tmptextarea.setSelectionRange(0, tmptextarea.value.length);
+        document.execCommand("copy");
+        alert(tmptextarea.innerHTML);
+    }
+    var sort=0;
+    function sortby(string) {
+        if (string=='a') if (sort!=0) {
+            for (i = 1; i <= <?php echo $filenum?$filenum:0;?>; i++) document.getElementById('tr'+i).parentNode.insertBefore(document.getElementById('tr'+i),document.getElementById('tr'+(i-1)).nextSibling);
+            sort=0;
+            return;
+        } else return;
+        sort1=sort;
+        sortby('a');
+        sort=sort1;
+        var a=[];
+        for (i = 1; i <= <?php echo $filenum?$filenum:0;?>; i++) {
+            a[i]=i;
+            if (!!document.getElementById('folder_'+string+i)) {
+                var td1=document.getElementById('folder_'+string+i);
+                for (j = 1; j < i; j++) {
+                    if (!!document.getElementById('folder_'+string+a[j])) {
+                        var c=false;
+                        if (string=='time') if (sort==-1) {
+                            c=(td1.innerText < document.getElementById('folder_'+string+a[j]).innerText);
+                        } else {
+                            c=(td1.innerText > document.getElementById('folder_'+string+a[j]).innerText);
+                        }
+                        if (string=='size') if (sort==2) {
+                            c=(size_reformat(td1.innerText) < size_reformat(document.getElementById('folder_'+string+a[j]).innerText));
+                        } else {
+                            c=(size_reformat(td1.innerText) > size_reformat(document.getElementById('folder_'+string+a[j]).innerText));
+                        }
+                        if (c) {
+                            document.getElementById('tr'+i).parentNode.insertBefore(document.getElementById('tr'+i),document.getElementById('tr'+a[j]));
+                            for (k = i; k > j; k--) {
+                                a[k]=a[k-1];
+                            }
+                            a[j]=i;
+                            break;
+                        }
+                    }
+                }
+            }
+            if (!!document.getElementById('file_'+string+i)) {
+                var td1=document.getElementById('file_'+string+i);
+                for (j = 1; j < i; j++) {
+                    if (!!document.getElementById('file_'+string+a[j])) {
+                        var c=false;
+                        if (string=='time') if (sort==-1) {
+                            c=(td1.innerText < document.getElementById('file_'+string+a[j]).innerText);
+                        } else {
+                            c=(td1.innerText > document.getElementById('file_'+string+a[j]).innerText);
+                        }
+                        if (string=='size') if (sort==2) {
+                            c=(size_reformat(td1.innerText) < size_reformat(document.getElementById('file_'+string+a[j]).innerText));
+                        } else {
+                            c=(size_reformat(td1.innerText) > size_reformat(document.getElementById('file_'+string+a[j]).innerText));
+                        }
+                        if (c) {
+                            document.getElementById('tr'+i).parentNode.insertBefore(document.getElementById('tr'+i),document.getElementById('tr'+a[j]));
+                            for (k = i; k > j; k--) {
+                                a[k]=a[k-1];
+                            }
+                            a[j]=i;
+                            break;
+                        }
+                    }
+                }
+            }
+        }
+        if (string=='time') if (sort==-1) {
+            sort=1;
+        } else {
+            sort=-1;
+        }
+        if (string=='size') if (sort==2) {
+            sort=-2;
+        } else {
+            sort=2;
+        }
+    }
+    function size_reformat(str) {
+        if (str.substr(-1)==' ') str=str.substr(0,str.length-1);
+        if (str.substr(-2)=='GB') num=str.substr(0,str.length-3)*1024*1024*1024;
+        if (str.substr(-2)=='MB') num=str.substr(0,str.length-3)*1024*1024;
+        if (str.substr(-2)=='KB') num=str.substr(0,str.length-3)*1024;
+        if (str.substr(-2)==' B') num=str.substr(0,str.length-2);
+        return num;
+    }
+<?php
+    }
+    if ($_COOKIE['timezone']=='') { // cookie timezone. 无时区写时区 ?>
+    var nowtime= new Date();
+    var timezone = 0-nowtime.getTimezoneOffset()/60;
+    var expd = new Date();
+    expd.setTime(expd.getTime()+(2*60*60*1000));
+    var expires = "expires="+expd.toGMTString();
+    document.cookie="timezone="+timezone+"; path=/; "+expires;
+    if (timezone!='8') {
+        alert('Your timezone is '+timezone+', reload local timezone.');
+        location.href=location.protocol + "//" + location.host + "<?php echo path_format($_SERVER['base_path'] . '/' . $path );?>" ;
+    }
+<?php }
+    if ($files['folder']['childCount']>200) { // more than 200. 有下一页 ?>
+    function nextpage(num) {
+        document.getElementById('pagenum').value=num;
+        document.getElementById('nextpageform').submit();
+    }
+<?php }
+    if (isset($files['folder']) && ($_SERVER['is_guestup_path'] || $_SERVER['admin'])) { // is folder and is admin or guest upload path. 当前是admin登录或图床目录时 ?>
+    function uploadbuttonhide() {
+        document.getElementById('upload_submit').disabled='disabled';
+        document.getElementById('upload_file').disabled='disabled';
+        document.getElementById('upload_submit').style.display='none';
+        document.getElementById('upload_file').style.display='none';
+    }
+    function uploadbuttonshow() {
+        document.getElementById('upload_file').disabled='';
+        document.getElementById('upload_submit').disabled='';
+        document.getElementById('upload_submit').style.display='';
+        document.getElementById('upload_file').style.display='';
+    }
+    function preup() {
+        uploadbuttonhide();
+        var files=document.getElementById('upload_file').files;
+	if (files.length<1) {
+            uploadbuttonshow();
+            return;
+        };
+        var table1=document.createElement('table');
+        document.getElementById('upload_div').appendChild(table1);
+        table1.setAttribute('class','list-table');
+        var timea=new Date().getTime();
+        var i=0;
+        getuplink(i);
+        function getuplink(i) {
+            var file=files[i];
+            var tr1=document.createElement('tr');
+            table1.appendChild(tr1);
+            tr1.setAttribute('data-to',1);
+            var td1=document.createElement('td');
+            tr1.appendChild(td1);
+            td1.setAttribute('style','width:30%');
+            td1.setAttribute('id','upfile_td1_'+timea+'_'+i);
+            td1.innerHTML=file.name+'<br>'+size_format(file.size);
+            var td2=document.createElement('td');
+            tr1.appendChild(td2);
+            td2.setAttribute('id','upfile_td2_'+timea+'_'+i);
+            td2.innerHTML='<?php echo getconstStr('GetUploadLink'); ?> ...';
+            if (file.size>100*1024*1024*1024) {
+                td2.innerHTML='<font color="red"><?php echo getconstStr('UpFileTooLarge'); ?></font>';
+                uploadbuttonshow();
+                return;
+            }
+            var xhr1 = new XMLHttpRequest();
+            xhr1.open("GET", '?action=upbigfile&upbigfilename='+ encodeURIComponent(file.name) +'&filesize='+ file.size +'&lastModified='+ file.lastModified);
+            xhr1.setRequestHeader('x-requested-with','XMLHttpRequest');
+            xhr1.send(null);
+            xhr1.onload = function(e){
+                td2.innerHTML='<font color="red">'+xhr1.responseText+'</font>';
+                if (xhr1.status==200) {
+                    console.log(xhr1.responseText);
+                    var html=JSON.parse(xhr1.responseText);
+                    if (!html['uploadUrl']) {
+                        td2.innerHTML='<font color="red">'+xhr1.responseText+'</font><br>';
+                        uploadbuttonshow();
+                    } else {
+                        td2.innerHTML='<?php echo getconstStr('UploadStart'); ?> ...';
+                        binupfile(file,html['uploadUrl'],timea+'_'+i);
+                    }
+                }
+                if (i<files.length-1) {
+                    i++;
+                    getuplink(i);
+                }
+            }
+        }
+    }
+    function size_format(num) {
+        if (num>1024) {
+            num=num/1024;
+        } else {
+            return num.toFixed(2) + ' B';
+        }
+        if (num>1024) {
+            num=num/1024;
+        } else {
+            return num.toFixed(2) + ' KB';
+        }
+        if (num>1024) {
+            num=num/1024;
+        } else {
+            return num.toFixed(2) + ' MB';
+        }
+        return num.toFixed(2) + ' GB';
+    }
+    function binupfile(file,url,tdnum){
+        var label=document.getElementById('upfile_td2_'+tdnum);
+        var reader = new FileReader();
+        var StartStr='';
+        var MiddleStr='';
+        var StartTime;
+        var EndTime;
+        var newstartsize = 0;
+        if(!!file){
+            var asize=0;
+            var totalsize=file.size;
+            var xhr2 = new XMLHttpRequest();
+            xhr2.open("GET", url);
+                    //xhr2.setRequestHeader('x-requested-with','XMLHttpRequest');
+            xhr2.send(null);
+            xhr2.onload = function(e){
+                if (xhr2.status==200) {
+                    var html = JSON.parse(xhr2.responseText);
+                    var a = html['nextExpectedRanges'][0];
+                    newstartsize = Number( a.slice(0,a.indexOf("-")) );
+                    StartTime = new Date();
+<?php if ($_SERVER['admin']) { ?>
+                    asize = newstartsize;
+<?php } ?>
+                    if (newstartsize==0) {
+                        StartStr='<?php echo getconstStr('UploadStartAt'); ?>:' +StartTime.toLocaleString()+'<br>' ;
+                    } else {
+                        StartStr='<?php echo getconstStr('LastUpload'); ?>'+size_format(newstartsize)+ '<br><?php echo getconstStr('ThisTime').getconstStr('UploadStartAt'); ?>:' +StartTime.toLocaleString()+'<br>' ;
+                    }
+                    var chunksize=5*1024*1024; // chunk size, max 60M. 每小块上传大小，最大60M，微软建议10M
+                    if (totalsize>200*1024*1024) chunksize=10*1024*1024;
+                    function readblob(start) {
+                        var end=start+chunksize;
+                        var blob = file.slice(start,end);
+                        reader.readAsArrayBuffer(blob);
+                    }
+                    readblob(asize);
+<?php if (!$_SERVER['admin']) { ?>
+                    var spark = new SparkMD5.ArrayBuffer();
+<?php } ?>
+                    reader.onload = function(e){
+                        var binary = this.result;
+<?php if (!$_SERVER['admin']) { ?>
+                        spark.append(binary);
+                        if (asize < newstartsize) {
+                            asize += chunksize;
+                            readblob(asize);
+                            return;
+                        }
+<?php } ?>
+                        var xhr = new XMLHttpRequest();
+                        xhr.open("PUT", url, true);
+                        //xhr.setRequestHeader('x-requested-with','XMLHttpRequest');
+                        bsize=asize+e.loaded-1;
+                        xhr.setRequestHeader('Content-Range', 'bytes ' + asize + '-' + bsize +'/'+ totalsize);
+                        xhr.upload.onprogress = function(e){
+                            if (e.lengthComputable) {
+                                var tmptime = new Date();
+                                var tmpspeed = e.loaded*1000/(tmptime.getTime()-C_starttime.getTime());
+                                var remaintime = (totalsize-asize-e.loaded)/tmpspeed;
+                                label.innerHTML=StartStr+'<?php echo getconstStr('Upload'); ?> ' +size_format(asize+e.loaded)+ ' / '+size_format(totalsize) + ' = ' + ((asize+e.loaded)*100/totalsize).toFixed(2) + '% <?php echo getconstStr('AverageSpeed'); ?>:'+size_format((asize+e.loaded-newstartsize)*1000/(tmptime.getTime()-StartTime.getTime()))+'/s<br><?php echo getconstStr('CurrentSpeed'); ?> '+size_format(tmpspeed)+'/s <?php echo getconstStr('Expect'); ?> '+remaintime.toFixed(1)+'s';
+                            }
+                        }
+                        var C_starttime = new Date();
+                        xhr.onload = function(e){
+                            if (xhr.status<500) {
+                            var response=JSON.parse(xhr.responseText);
+                            if (response['size']>0) {
+                                // contain size, upload finish. 有size说明是最终返回，上传结束
+                                var xhr3 = new XMLHttpRequest();
+                                xhr3.open("GET", '?action=del_upload_cache&filename=.'+file.lastModified+ '_' +file.size+ '_' +encodeURIComponent(file.name)+'.tmp');
+                                xhr3.setRequestHeader('x-requested-with','XMLHttpRequest');
+                                xhr3.send(null);
+                                xhr3.onload = function(e){
+                                    console.log(xhr3.responseText+','+xhr3.status);
+                                }
+<?php if (!$_SERVER['admin']) { ?>
+                                var filemd5 = spark.end();
+                                var xhr4 = new XMLHttpRequest();
+                                xhr4.open("GET", '?action=uploaded_rename&filename='+encodeURIComponent(file.name)+'&filemd5='+filemd5);
+                                xhr4.setRequestHeader('x-requested-with','XMLHttpRequest');
+                                xhr4.send(null);
+                                xhr4.onload = function(e){
+                                    console.log(xhr4.responseText+','+xhr4.status);
+                                    var filename;
+                                    if (xhr4.status==200) filename = JSON.parse(xhr4.responseText)['name'];
+                                    if (xhr4.status==409) filename = filemd5 + file.name.substr(file.name.indexOf('.'));
+                                    if (filename=='') {
+                                        alert('<?php echo getconstStr('UploadErrorUpAgain'); ?>');
+                                        uploadbuttonshow();
+                                        return;
+                                    }
+                                    var lasturl = location.href;
+                                    if (lasturl.substr(lasturl.length-1)!='/') lasturl += '/';
+                                    lasturl += filename + '?preview';
+                                    //alert(lasturl);
+                                    window.open(lasturl);
+                                }
+<?php } ?>
+                                EndTime=new Date();
+                                MiddleStr = '<?php echo getconstStr('EndAt'); ?>:'+EndTime.toLocaleString()+'<br>';
+                                if (newstartsize==0) {
+                                    MiddleStr += '<?php echo getconstStr('AverageSpeed'); ?>:'+size_format(totalsize*1000/(EndTime.getTime()-StartTime.getTime()))+'/s<br>';
+                                } else {
+                                    MiddleStr += '<?php echo getconstStr('ThisTime').getconstStr('AverageSpeed'); ?>:'+size_format((totalsize-newstartsize)*1000/(EndTime.getTime()-StartTime.getTime()))+'/s<br>';
+                                }
+                                document.getElementById('upfile_td1_'+tdnum).innerHTML='<font color="green"><?php if (!$_SERVER['admin']) { ?>'+filemd5+'<br><?php } ?>'+document.getElementById('upfile_td1_'+tdnum).innerHTML+'<br><?php echo getconstStr('UploadComplete'); ?></font>';
+                                label.innerHTML=StartStr+MiddleStr;
+                                uploadbuttonshow();
+<?php if ($_SERVER['admin']) { ?>
+                                addelement(response);
+<?php } ?>
+                            } else {
+                                if (!response['nextExpectedRanges']) {
+                                    label.innerHTML='<font color="red">'+xhr.responseText+'</font><br>';
+                                } else {
+                                    var a=response['nextExpectedRanges'][0];
+                                    asize=Number( a.slice(0,a.indexOf("-")) );
+                                    readblob(asize);
+                                }
+                            } } else readblob(asize);
+                        }
+                        xhr.send(binary);
+                    }
+                } else {
+                    if (window.location.pathname.indexOf('%23')>0||file.name.indexOf('%23')>0) {
+                        label.innerHTML='<font color="red"><?php echo getconstStr('UploadFail23'); ?></font>';
+                    } else {
+                        label.innerHTML='<font color="red">'+xhr2.responseText+'</font>';
+                    }
+                    uploadbuttonshow();
+                }
+            }
+        }
+    }
+<?php }
+}
+    if (getConfig('admin')!='') { // close div. 有登录或操作，需要关闭DIV时 ?>
+    function operatediv_close(operate) {
+        document.getElementById(operate+'_div').style.display='none';
+        document.getElementById('mask').style.display='none';
+    }
+<?php }
+    if ($_SERVER['admin']) { // admin login. 管理登录后 ?>
+    function logout() {
+        document.cookie = "admin=; path=/";
+        location.href = location.href;
+    }
+<?php   if (!$_GET['preview']) {?>
+    function showdiv(event,action,num) {
+        var $operatediv=document.getElementsByName('operatediv');
+        for ($i=0;$i<$operatediv.length;$i++) {
+            $operatediv[$i].style.display='none';
+        }
+        document.getElementById('mask').style.display='';
+        //document.getElementById('mask').style.width=document.documentElement.scrollWidth+'px';
+        document.getElementById('mask').style.height=document.documentElement.scrollHeight<window.innerHeight?window.innerHeight:document.documentElement.scrollHeight+'px';
+        if (num=='') {
+            var str='';
+        } else {
+            var str=document.getElementById('file_a'+num).innerText;
+            if (str=='') {
+                str=document.getElementById('file_a'+num).getElementsByTagName("img")[0].alt;
+                if (str=='') {
+                    alert('<?php echo getconstStr('GetFileNameFail'); ?>');
+                    operatediv_close(action);
+                    return;
+                }
+            }
+            if (str.substr(-1)==' ') str=str.substr(0,str.length-1);
+        }
+        document.getElementById(action + '_div').style.display='';
+        document.getElementById(action + '_label').innerText=str;//.replace(/&/,'&amp;');
+        document.getElementById(action + '_sid').value=num;
+        document.getElementById(action + '_hidden').value=str;
+        if (action=='rename') document.getElementById(action + '_input').value=str;
+        var $e = event || window.event;
+        var $scrollX = document.documentElement.scrollLeft || document.body.scrollLeft;
+        var $scrollY = document.documentElement.scrollTop || document.body.scrollTop;
+        var $x = $e.pageX || $e.clientX + $scrollX;
+        var $y = $e.pageY || $e.clientY + $scrollY;
+        if (action=='create') {
+            document.getElementById(action + '_div').style.left=(document.body.clientWidth-document.getElementById(action + '_div').offsetWidth)/2 +'px';
+            document.getElementById(action + '_div').style.top=(window.innerHeight-document.getElementById(action + '_div').offsetHeight)/2+$scrollY +'px';
+        } else {
+            if ($x + document.getElementById(action + '_div').offsetWidth > document.body.clientWidth) {
+                if (document.getElementById(action + '_div').offsetWidth > document.body.clientWidth) {
+                    document.getElementById(action + '_div').offsetWidth=document.body.clientWidth+'px';
+                    document.getElementById(action + '_div').style.left='0px';
+                } else {
+                    document.getElementById(action + '_div').style.left=document.body.clientWidth-document.getElementById(action + '_div').offsetWidth+'px';
+                }
+            } else {
+                document.getElementById(action + '_div').style.left=$x+'px';
+            }
+            document.getElementById(action + '_div').style.top=$y+'px';
+        }
+        document.getElementById(action + '_input').focus();
+    }
+    function submit_operate(str) {
+        var num=document.getElementById(str+'_sid').value;
+        var xhr = new XMLHttpRequest();
+        xhr.open("GET", '?'+serializeForm(str+'_form'));
+        xhr.setRequestHeader('x-requested-with','XMLHttpRequest');
+        xhr.send(null);
+        xhr.onload = function(e){
+            var html;
+            if (xhr.status<300) {
+                console.log(xhr.status+','+xhr.responseText);
+                if (str=='rename') {
+                    html=JSON.parse(xhr.responseText);
+                    var file_a = document.getElementById('file_a'+num);
+                    file_a.innerText=html.name;
+                    file_a.href = (file_a.href.substr(-8)=='?preview')?(html.name.replace(/#/,'%23')+'?preview'):(html.name.replace(/#/,'%23')+'/');
+                }
+                if (str=='move'||str=='delete') document.getElementById('tr'+num).parentNode.removeChild(document.getElementById('tr'+num));
+                if (str=='create') {
+                    html=JSON.parse(xhr.responseText);
+                    addelement(html);
+                }
+            } else alert(xhr.status+'\n'+xhr.responseText);
+            document.getElementById(str+'_div').style.display='none';
+            document.getElementById('mask').style.display='none';
+        }
+        return false;
+    }
+    function addelement(html) {
+        var tr1=document.createElement('tr');
+        tr1.setAttribute('data-to',1);
+        var td1=document.createElement('td');
+        td1.setAttribute('class','file');
+        var a1=document.createElement('a');
+        a1.href='<?php echo $_SERVER['base_disk_path'];?>'+html.name.replace(/#/,'%23');
+        a1.innerText=html.name;
+        a1.target='_blank';
+        var td2=document.createElement('td');
+        td2.setAttribute('class','updated_at');
+        td2.innerText=html.lastModifiedDateTime.replace(/T/,' ').replace(/Z/,'');
+        var td3=document.createElement('td');
+        td3.setAttribute('class','size');
+        td3.innerText=size_format(html.size);
+        if (!!html.folder) {
+            a1.href+='/';
+            document.getElementById('tr0').parentNode.insertBefore(tr1,document.getElementById('tr0').nextSibling);
+        }
+        if (!!html.file) {
+            a1.href+='?preview';
+            a1.name='filelist';
+            document.getElementById('tr0').parentNode.appendChild(tr1);
+        }
+        tr1.appendChild(td1);
+        td1.appendChild(a1);
+        tr1.appendChild(td2);
+        tr1.appendChild(td3);
+    }
+    function getElements(formId) {
+        var form = document.getElementById(formId);
+        var elements = new Array();
+        var tagElements = form.getElementsByTagName('input');
+        for (var j = 0; j < tagElements.length; j++){
+            elements.push(tagElements[j]);
+        }
+        var tagElements = form.getElementsByTagName('select');
+        for (var j = 0; j < tagElements.length; j++){
+            elements.push(tagElements[j]);
+        }
+        var tagElements = form.getElementsByTagName('textarea');
+        for (var j = 0; j < tagElements.length; j++){
+            elements.push(tagElements[j]);
+        }
+        return elements;
+    }
+    function serializeElement(element) {
+        var method = element.tagName.toLowerCase();
+        var parameter;
+        if (method == 'select') {
+            parameter = [element.name, element.value];
+        }
+        switch (element.type.toLowerCase()) {
+            case 'submit':
+            case 'hidden':
+            case 'password':
+            case 'text':
+            case 'date':
+            case 'textarea':
+                parameter = [element.name, element.value];
+                break;
+            case 'checkbox':
+            case 'radio':
+                if (element.checked){
+                    parameter = [element.name, element.value];
+                }
+                break;
+        }
+        if (parameter) {
+            var key = encodeURIComponent(parameter[0]);
+            if (key.length == 0) return;
+            if (parameter[1].constructor != Array) parameter[1] = [parameter[1]];
+            var values = parameter[1];
+            var results = [];
+            for (var i = 0; i < values.length; i++) {
+                results.push(key + '=' + encodeURIComponent(values[i]));
+            }
+            return results.join('&');
+        }
+    }
+    function serializeForm(formId) {
+        var elements = getElements(formId);
+        var queryComponents = new Array();
+        for (var i = 0; i < elements.length; i++) {
+            var queryComponent = serializeElement(elements[i]);
+            if (queryComponent) {
+                queryComponents.push(queryComponent);
+            }
+        }
+        return queryComponents.join('&');
+    }
+<?php   }
+    } else if (getConfig('admin')!='') if (getConfig('adminloginpage')=='') { ?>
+    function login() {
+        document.getElementById('mask').style.display='';
+            //document.getElementById('mask').style.width=document.documentElement.scrollWidth+'px';
+        document.getElementById('mask').style.height=document.documentElement.scrollHeight<window.innerHeight?window.innerHeight:document.documentElement.scrollHeight+'px';
+        document.getElementById('login_div').style.display='';
+        document.getElementById('login_div').style.left=(document.body.clientWidth-document.getElementById('login_div').offsetWidth)/2 +'px';
+        document.getElementById('login_div').style.top=(window.innerHeight-document.getElementById('login_div').offsetHeight)/2+document.body.scrollTop +'px';
+        document.getElementById('login_input').focus();
+    }
+<?php } ?>
+</script>
+<script src="//unpkg.zhimg.com/ionicons@4.4.4/dist/ionicons.js"></script>
+</html>