--- index.php.orig	2009-09-27 14:58:56.000000000 +0200
+++ index.php	2010-05-11 15:34:57.000000000 +0200
@@ -90,6 +90,11 @@
 $_CONFIG['max_space'] = 25600;
 
 //
+// Activate disk space usage? Default: 1
+// 
+$_CONFIG['status_enable'] = 0;
+
+//
 // Kui sügavalt alamkataloogidest suurust näitav script faile otsib? Vaikimisi: 3
 //
 // How deep in subfilders will the script search for files? Default: 3
@@ -126,19 +131,48 @@
 //
 // Filenames that will be hidden from the list.
 //
-$_CONFIG['hidden_files'] = array(".ftpquota", "index.php", "index.php~", ".htaccess", ".htpasswd");
+$_CONFIG['hidden_files'] = array(".ftpquota", ".htaccess", ".htpasswd");
+
+// 
+// Send e-mail on new file uploads. The e-mail contains the path, name
+// and download URL for the new file. Default: off
+// 
+$_CONFIG['notify_enable'] = 0;
+
+// 
+// From: and Reply-To: address for the mail notification.
+// Default: webmaster@example.com
+// 
+$_CONFIG['notify_sender'] = 'webmaster@example.com';
+
+//
+// E-Mail addresses that will be notified on file upload.
+// Default: nobody@example.com
+//
+$_CONFIG['notify_addresses'] = array("nobody@example.com");
 
 //
 // Parool failide uploadimiseks. Parooli märkimisega aktiviseerub ka uploadi võimalus.
 // NB! Failide upload ei tööta zone.ee tasuta serveris ja hot.ee serveris!
 // NB! Faile saab uploadida ainult kaustadesse, millele on eelnevalt antud vastavad õigused (chmod 777)
 //
-// Password for uploading files. You need to set the password to activate uploading.
-// To upload into a directory it has to have proper rights.
+// Password for all write operations, e.g. uploading and deleting files.
 //
 $_CONFIG['upload_password'] = "";
 
 //
+// You need to enable this to activate uploading. Default: 0
+// To upload into a directory it has to have proper rights.
+//
+$_CONFIG['upload_enable'] = 1;
+
+//
+// You need to enable this to activate deleting. Default: 0
+// To delete a file or directory it has to have proper rights.
+//
+$_CONFIG['delete_enable'] = 0;
+
+//
 // Asukoht serveris. Tavaliselt ei ole vaja siia midagi panna kuna script leiab ise õige asukoha. 
 // Mõnes serveris tuleb piirangute tõttu see aadress ise teistsuguseks määrata.
 // See fail peaks asuma serveris aadressil [AADRESS]/index.php
@@ -146,7 +180,14 @@
 //
 // Location in the server. Usually this does not have to be set manually.
 //
-$_CONFIG['basedir'] = "";
+$_CONFIG['basedir'] = "/home";
+
+
+//
+// Enable configuration changes from environment variables? Default: 1
+// Set EEXPLORER_ and add the name of the config option to overwrite values.
+//
+$_CONFIG['enable_dynamic_config'] = 1;
 
 
 /***************************************************************************/
@@ -185,16 +226,30 @@
 	"total_used_space" => "Benutzter Speicher",
 	"free_space" => "Freier Speicher",
 	"password" => "Passwort",
-	"upload" => "Upload",
-	"failed_upload" => "Upload ist fehlgeschlagen!",
+	"upload" => "Hochladen",
+	"delete" => "Löschen",
+	"failed_upload" => "Hochladen ist fehlgeschlagen!",
+	"failed_upload_size" => "Datei ist zu groß!",
 	"failed_move" => "Verschieben der Datei ist fehlgeschlagen!",
 	"wrong_password" => "Falsches Passwort",
 	"make_directory" => "Neuer Ordner",
+	"notify_subject" => "Neue Datei wurde hochgeladen",
+	"notify_text" => "Die folgende Datei wurde soeben hochgeladen:",
+	"notify_file" => "Datei:",
+	"notify_no_url" => "Datei nicht abrufbar (außerhalb vom DocumentRoot)",
+	"notify_path" => "Pfad:",
+	"notify_server" => "Server:",
+	"notify_url" => "URL:",
 	"new_dir_failed" => "Erstellen des Ordners fehlgeschlagen",
+	"del_dir_failed" => "Löschen des Ordners fehlgeschlagen",
+	"write_dir_denied" => "Der Ordner ist nicht schreibbar.",
+	"dir_exists" => "Den Ordner gibt es bereits.",
+	"write_file_denied" => "Die Datei ist nicht schreibbar.",
+	"del_file_failed" => "Löschen der Datei fehlgeschlagen",
 	"chmod_dir_failed" => "Veränderung der Zugriffsrechte des Ordners fehlgeschlagen",
-	"unable_to_read_dir" => "Unable to read directory",
+	"unable_to_read_dir" => "Verzeichnis kann nicht gelesen werden",
 	"location" => "Location",
-	"root" => "Root"
+	"root" => "Start"
 );
 
 // Greek
@@ -226,11 +281,25 @@
 	"free_space" => "Free space",
 	"password" => "Password",
 	"upload" => "Upload",
+	"delete" => "Delete",
 	"failed_upload" => "Failed to upload the file!",
+	"failed_upload_size" => "File size exceeds limits!",
 	"failed_move" => "Failed to move the file into the right directory!",
 	"wrong_password" => "Wrong password",
 	"make_directory" => "New dir",
+	"notify_subject" => "New file upload",
+	"notify_text" => "The following new file was uploaded:",
+	"notify_file" => "File:",
+	"notify_no_url" => "file not accessible (outside of DocumentRoot)",
+	"notify_path" => "Path:",
+	"notify_server" => "Server:",
+	"notify_url" => "URL:",
 	"new_dir_failed" => "Failed to create directory",
+	"del_dir_failed" => "Failed to delete directory",
+	"write_dir_denied" => "Directory is not writable.",
+	"dir_exists" => "Directory already exists.",
+	"write_file_denied" => "File is not writable.",
+	"del_file_failed" => "Failed to delete file",
 	"chmod_dir_failed" => "Failed to change directory rights",
 	"unable_to_read_dir" => "Unable to read directory",
 	"location" => "Location",
@@ -554,10 +623,17 @@
 
 #upload div.password {
 	float:left;
+	margin-top: 4px;
 }
 
 #upload div.upload {
 	float:right;
+	margin-top: 2px;
+}
+
+#upload div.delete {
+	float:left;
+	margin-top: 4px;
 }
 
 #info {
@@ -567,6 +643,7 @@
 	width:680px;
 	position: relative;
 	margin: 0 auto;
+	margin-top: 4px;
 	text-align:center;
 }
 
@@ -750,6 +827,100 @@
 	return ($a->modTime - $b->modTime);
 }
 
+function is_empty_dir($dir)
+{
+	if (($files = @scandir($dir)) && count($files) <= 2)
+	{
+		return true;
+	}
+	return false;
+}
+
+// Delete a file or recursively delete a directory
+// @param string $str Path to file or directory
+function recursive_delete($str)
+{
+	if(is_file($str))
+	{
+		return @unlink($str);
+	}
+	elseif(is_dir($str))
+	{
+		$scan = glob(rtrim($str,'/').'/*');
+		foreach($scan as $index=>$path)
+		{
+			recursive_delete($path);
+		}
+		return @rmdir($str);
+	}
+}
+
+// Send e-mail with the path and download-URL for an uploaded file.
+function send_mail($path,$file)
+{
+	global $_CONFIG;
+	global $_LANG;
+
+	// send a separate mail for every receipient for privacy reasons
+	foreach($_CONFIG['notify_addresses'] as $receipient)
+	{
+		$to = $receipient;
+		$subject = $_LANG['notify_subject'];
+
+		$protocol = explode("/", $_SERVER['SERVER_PROTOCOL']);
+		$protocol = strtolower($protocol[0]);
+
+		// check if file was uploaded within DOCUMENT_ROOT
+		$docroot = '/' . preg_quote($_SERVER['DOCUMENT_ROOT'],'/') . '/';
+		$path = str_replace('/./','/',$path);
+		if ( preg_match("$docroot","$path") )
+                {
+			// file is accessible, compose URL
+			$docroot = str_replace($_SERVER['DOCUMENT_ROOT'], "", $path);
+			$docroot = rawurlencode($docroot);
+			$docroot = str_replace('%2F','/',$docroot);
+			$url = $protocol . "://" . $_SERVER['SERVER_NAME'] . $docroot . rawurlencode($file);
+                } else {
+			// file not accessible
+			$url = $_LANG['notify_no_url'];
+		}
+
+		$message = $_LANG["notify_text"] . "\r\n" . 
+			"\r\n" .
+			$_LANG["notify_file"] . ' ' . $file . "\r\n" .
+			$_LANG["notify_path"] . ' ' . $path . "\r\n" .
+			$_LANG["notify_server"] . ' ' . $_SERVER['SERVER_NAME'] . "\r\n" .
+			"\r\n" .
+			$_LANG["notify_url"] . ' ' . $url . "\r\n" .
+			"\r\n" .
+			"\r\n" .
+			"Encode Explorer" . "\r\n" .
+			"\r\n";
+
+		$headers = 'From: ' . $_CONFIG['notify_sender'] . "\r\n" .
+			'Reply-To: ' . $_CONFIG['notify_sender'] . "\r\n" .
+			'Content-type: text/plain; charset=' . $_CONFIG['charset'] . "\r\n" .
+			'MIME-Version: 1.0' . "\r\n" .
+			'X-Mailer: Encode Explorer';
+
+		mail($to, $subject, $message, $headers);
+	}
+
+}
+
+function check_post_size()
+{
+	$POST_MAX_SIZE = ini_get('post_max_size');
+	$mul = substr($POST_MAX_SIZE, -1);
+	$mul = ($mul == 'M' ? 1048576 : ($mul == 'K' ? 1024 : ($mul == 'G' ? 1073741824 : 1)));
+
+	if ($_SERVER['CONTENT_LENGTH'] > $mul*(int)$POST_MAX_SIZE && $POST_MAX_SIZE)
+	{
+		return false;
+	}
+	return true;
+}
+
 //
 // The class that displays images (icons)
 //
@@ -779,14 +950,22 @@
 //
 class FileManager
 {
-	function checkPassword($inputPassword)
+	function checkPassword($inputPassword,$alwaysFail = '0')
 	{
 		global $_CONFIG;
 		global $_ERROR;
 		global $_LANG;
 
+		// check if the result of the evaluation should always be FALSE
+		if($alwaysFail == 1)
+		{
+			$_ERROR = $_LANG["wrong_password"];
+			return false;
+		}
+
 		if(strlen($_CONFIG['upload_password']) > 0 && $inputPassword == $_CONFIG['upload_password'])
 		{
+			$_ERROR = $_LANG["success"];
 			return true;
 		}
 		else
@@ -806,10 +985,71 @@
 			$forbidden = array(".", "/", "\\");
 			for($i = 0; $i < count($forbidden); $i++)
 				$dirname = str_replace($forbidden[$i], "", $dirname);
-			if(!mkdir($location->getDir(true, false, 0).$dirname, 0777))
-				$_ERROR = $_LANG["new_dir_failed"];
-			else if(!chmod($location->getDir(true, false, 0).$dirname, 0777))
-				$error = $_LANG["chmod_dir_failed"];
+			// check if directory already exists
+			if (file_exists($location->getFullPath().$dirname))
+			{
+				$_ERROR = $_LANG["dir_exists"];
+			} else {
+				// check if directory is writable
+				if(!is_writable($location->getFullPath()))
+				{
+					$_ERROR = $_LANG["write_dir_denied"];
+				} else {
+					if(!mkdir($location->getFullPath().$dirname, 0777))
+						$_ERROR = $_LANG["new_dir_failed"];
+					else if(!chmod($location->getFullPath().$dirname, 0777))
+						$error = $_LANG["chmod_dir_failed"];
+				}
+			}
+		}
+	}
+
+	function deleteOnServer($location, $deletelist)
+	{
+		global $_ERROR;
+		global $_LANG;
+
+		if(count($deletelist) > 0)
+		{
+			foreach ($deletelist as $deleteitem)
+			{
+				$deleteitem = urldecode($deleteitem);
+				$deleteitem = htmlspecialchars_decode($deleteitem);
+
+				// check if it is a file
+				if (is_file($deleteitem))
+				{
+					// check if file is writable
+					if(!is_writable($location->getFullPath()))
+					{
+						$_ERROR = $_LANG["write_file_denied"];
+					} else {
+						if(!unlink($deleteitem))
+							$_ERROR = $_LANG["del_file_failed"];
+					}
+				}
+				// it is a directory
+				else
+				{
+					// check if file is writable
+					if(!is_writable($location->getFullPath()))
+					{
+						$_ERROR = $_LANG["write_dir_denied"];
+					} else {
+						// check if directory is empty
+						if(!is_empty_dir($deleteitem))
+						{
+							// recursively delete directory
+							if(!recursive_delete($deleteitem))
+								$_ERROR = $_LANG["del_dir_failed"];
+						}
+						else {
+							if(!rmdir($deleteitem))
+								$_ERROR = $_LANG["del_dir_failed"];
+						}
+					}
+				}
+			}
 		}
 	}
 
@@ -819,6 +1059,13 @@
 		global $_ERROR;
 		global $_LANG;
 
+		if(!check_post_size())
+		{
+			$_ERROR = $_LANG["failed_upload_size"];
+		}
+		else
+		{
+
 		$name = basename($userfile['name']);
 		if(get_magic_quotes_gpc())
 			$name = stripslashes($name);
@@ -826,16 +1073,29 @@
 		$upload_dir = $location->getFullPath();
 		$upload_file = $upload_dir . $name;
 
-		if(!is_uploaded_file($userfile['tmp_name']))
+		// check if directory is writable
+		if(!is_writable($location->getFullPath()))
 		{
-			$_ERROR = $_LANG["failed_upload"];
-		}
-		else if(!@move_uploaded_file($userfile['tmp_name'], $upload_file))
+			$_ERROR = $_LANG["write_dir_denied"];
+		} else
 		{
-			$_ERROR = $_LANG["failed_move"];
+			if(!is_uploaded_file($userfile['tmp_name']))
+			{
+				$_ERROR = $_LANG["failed_upload"];
+			}
+			else if(!@move_uploaded_file($userfile['tmp_name'], $upload_file))
+			{
+				$_ERROR = $_LANG["failed_move"];
+			}
+			else
+				chmod($upload_file, 0755);
+				// check if mail notification is enabled
+				if ($_CONFIG['notify_enable'] == 1)
+				{
+					send_mail($location->getFullPath(), $name);
+				}
+			}
 		}
-		else
-			chmod($upload_file, 0755);
 	}
 
 	//
@@ -843,12 +1103,52 @@
 	// 
 	function run($location)
 	{
-		if(isset($_POST['password']) && $this->checkPassword($_POST['password']))
+		global $_CONFIG;
+		global $_ERROR;
+		global $_LANG;
+
+		// check if the file size exceeds PHP limits
+		if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && $_SERVER['CONTENT_LENGTH'] > 0)
 		{
-			if(isset($_POST['userdir']) && strlen($_POST['userdir']) > 0)
-				$this->newFolder($location, $_POST['userdir']);
-			if(isset($_FILES['userfile']['name']) && strlen($_FILES['userfile']['name']) > 0)
-				$this->uploadFile($location, $_FILES['userfile']);
+			$_ERROR = $_LANG["failed_upload_size"];
+		}
+		else
+		{
+
+			// This takes care of the following:
+			// - check if upload is enabled
+			// - check if delete is enabled
+			// - check if a password is needed
+			// - validate passwords
+			// - check for empty passwords
+			// - show error on empty or wrong passwords
+			if ( (strlen($_CONFIG['upload_password']) == 0) || 
+				( 
+					(strlen($_CONFIG['upload_password']) > 0) && 
+					(
+						((isset($_POST['password'])) && $this->checkPassword($_POST['password'])) || 
+				  	  	( 
+							(
+							(empty($_POST['password'])) && 
+							((count($_POST['directorylist']) > 0) || (count($_POST['filelist']) > 0) || (strlen($_POST['userdir']) > 0))
+							) && 
+				 			$this->checkPassword($_POST['password'],1)
+						)
+					)
+				)
+			   )
+			{
+				// new folder
+				if($_CONFIG['upload_enable'] == 1 && isset($_POST['userdir']) && strlen($_POST['userdir']) > 0)
+					$this->newFolder($location, $_POST['userdir']);
+				// delete
+				if($_CONFIG['delete_enable'] == 1 && (isset($_POST['directorylist']) && count($_POST['directorylist']) > 0) || (isset($_POST['filelist']) && count($_POST['filelist']) > 0))
+					$this->deleteOnServer($location, $_POST['directorylist']);
+					$this->deleteOnServer($location, $_POST['filelist']);
+				// upload
+				if($_CONFIG['upload_enable'] == 1 && isset($_FILES['userfile']['name']) && strlen($_FILES['userfile']['name']) > 0)
+					$this->uploadFile($location, $_FILES['userfile']);
+			}
 		}
 	}
 }
@@ -880,6 +1180,11 @@
 		return urlencode($this->name);
 	}
 
+	function getNameDecoded()
+	{
+		return htmlspecialchars_decode($this->name);
+	}
+
 	//
 	// Debugging output
 	// 
@@ -909,9 +1214,9 @@
 		$this->name = htmlspecialchars($name);
 		$this->location = $location;
 		
-		$this->extension = $this->findExtension($this->location->getDir(true, false, 0).$this->getName());
-		$this->size = $this->findSize($this->location->getDir(true, false, 0).$this->getName());
-		$this->modTime = filemtime($this->location->getDir(true, false, 0).$this->getName());
+		$this->extension = $this->findExtension($this->location->getFullPath().$this->getName());
+		$this->size = $this->findSize($this->location->getFullPath().$this->getNameDecoded());
+		$this->modTime = filemtime($this->location->getFullPath().$this->getNameDecoded());
 	}
 
 	function getName()
@@ -924,6 +1229,11 @@
 		return urlencode($this->name);
 	}
 
+	function getNameDecoded()
+	{
+		return htmlspecialchars_decode($this->name);
+	}
+
 	function getSize()
 	{
 		return $this->size;
@@ -944,7 +1254,7 @@
 	// 
 	function findSize($file)
 	{
-		$sizeInBytes = filesize($file);
+		$sizeInBytes = filesize("$file");
 
 		// If filesize() fails (with larger files), try to get the size from unix command line.
 		if (!$sizeInBytes) {
@@ -1006,13 +1316,14 @@
 			$dir .= "./";
 		for($i = 0; $i < ((count($this->path) >= $up && $up > 0)?count($this->path)-$up:count($this->path)); $i++)
 		{
-			$dir .= ($encoded?rawurlencode($this->path[$i]):$this->path[$i])."/";
+			$dir .= ($encoded?rawurlencode($this->path[$i]):htmlspecialchars_decode($this->path[$i]))."/";
 		}
 		return $dir;
 	}
 
 	function getFullPath()
 	{
+		global $_CONFIG;
 		return ($_CONFIG['basedir']?$_CONFIG['basedir']:dirname($_SERVER['SCRIPT_FILENAME']))."/".$this->getDir(true, false, 0);
 	}
 
@@ -1059,6 +1370,8 @@
 	// 
 	function init()
 	{
+		global $_CONFIG;
+
 		$this->sort_by = "";
 		$this->sort_as = "";
 		if(isset($_GET["sort_by"]) && isset($_GET["sort_as"]))
@@ -1076,7 +1389,10 @@
 			$this->sort_as = "desc";
 		}
 
-		$this->calculateSpace();
+		if ($_CONFIG['status_enable'] == 1)
+		{
+			$this->calculateSpace();
+		}
 	}
 
 	//
@@ -1098,7 +1414,7 @@
 			{
 				if($object != "." && $object != "..") 
 				{
-					if(is_dir($this->location->getDir(true, false, 0)."/".$object))
+					if(is_dir($this->location->getFullPath(true, false, 0)."/".$object))
 					{
 						if(!in_array($object, $_CONFIG['hidden_dirs']))
 							$this->dirs[] = new Dir($object, $this->location);
@@ -1281,6 +1597,15 @@
 }
 ?>
 
+<?php
+if($_CONFIG['delete_enable'] == 1 || $_CONFIG['upload_enable'] == 1)
+{
+?>
+<form enctype="multipart/form-data" action="" method="post">
+<?php
+}
+?>
+
 <!-- START: List table -->
 <table class="table" border="0" cellpadding="3" cellspacing="0">
 <tr class="breadcrumbs">
@@ -1299,11 +1624,13 @@
 </tr>
 <tr class="row one">
 	<td class="icon">&nbsp;</td>
+	<td class="icon">&nbsp;</td>
 	<td class="name"><?php print $this->makeArrow("name");?></td>
 	<td class="size"><?php print $this->makeArrow("size"); ?></td>
 	<td class="changed"><?php print $this->makeArrow("mod"); ?></td>
 </tr>
 <tr class="row two">
+	<td class="icon">&nbsp;</td>
 	<td class="icon"><img alt="dir" src="?img=directory" /></td>
 	<td colspan="3" class="long"><a href="?dir=<?php print $this->location->getDir(false, true, 1); ?>">..</a></td>
 </tr>
@@ -1323,6 +1650,7 @@
 		$row_style = ($row ? "one" : "two");
 ?>
 <tr class="row <?php print $row_style; ?>">
+	<td class="icon"><?php if($_CONFIG['delete_enable'] == 1) { ?><input type="checkbox" name="directorylist[]" value="<?php print $this->location->getFullPath().$dir->getNameEncoded(); ?>"><?php } ?></td>
 	<td class="icon"><img alt="dir" src="?img=directory" /></td>
 	<td colspan="3" class="long"><?php print "<a href=\"?dir=".$this->location->getDir(false, true, 0).$dir->getNameEncoded()."\">".$dir->getName()."</a>"; ?></td>
 </tr>
@@ -1341,6 +1669,7 @@
 		$row_style = ($row ? "one" : "two");
 ?>
 <tr class="row <?php echo $row_style; ?>">
+	<td class="icon"><?php if($_CONFIG['delete_enable'] == 1) { ?><input type="checkbox" name="filelist[]" value="<?php print $this->location->getFullPath().$file->getNameEncoded(); ?>"><?php } ?></td>
 	<td class="icon"><img alt="<?php print $file->getExtension(); ?>" src="<?php print $this->makeIcon($file->getExtension()); ?>" /></td>
 	<td class="name">
 <?php
@@ -1369,38 +1698,83 @@
 
 </div>
 
+<!-- START: Action area -->
+<div id="upload">
+		<table cellspacing="0" cellpadding="0" border="0" width="100%">
+			<tr>
+				<td>
+<!-- START: Delete area -->
 <?php
-if(strlen($_CONFIG['upload_password']) > 0)
+if($_CONFIG['delete_enable'] == 1)
 {
 ?>
+					<div class="delete">
+						<input type="submit" value="<?php print $_LANG["delete"]; ?>" />
+					</div>
+<?php
+}
+?>
+<!-- END: Delete area -->
 <!-- START: Upload area -->
-<div id="upload">
-	<form enctype="multipart/form-data" action="" method="post">
-		<table cellspacing="0" cellpadding="0" border="0" width="100%">
+<?php
+if($_CONFIG['upload_enable'] == 1)
+{
+?>
+					<div class="upload">
+						<input name="userdir" type="text" class="text" />
+						<input type="submit" value="<?php print $_LANG["make_directory"]; ?>" />
+					</div>
+<?php
+}
+?>
+<!-- END: Upload area -->
+				</td>
+			</tr>
 			<tr>
 				<td>
+<!-- START: Password area -->
+<?php
+if(strlen($_CONFIG['upload_password']) > 0 && ($_CONFIG['upload_enable'] == 1 || $_CONFIG['delete_enable'] == 1))
+{
+?>
 					<div class="password">
 						<?php print $_LANG["password"]; ?>: <input type="password" name="password" class="text" />
 					</div>
+<?php
+}
+?>
+<!-- END: Password area -->
+<!-- START: Upload area -->
+<?php
+if($_CONFIG['upload_enable'] == 1)
+{
+?>
 					<div class="upload">
-						<input name="userdir" type="text" class="text" />
-						<input type="submit" value="<?php print $_LANG["make_directory"]; ?>" />
 						<input name="userfile" type="file" />
 						<input type="submit" value="<?php print $_LANG["upload"]; ?>" />
 					</div>
+<?php
+}
+?>
+<!-- END: Upload area -->
 				</td>
 			</tr>
 		</table>
-	</form>
 </div>
-<!-- END: Upload area -->
-<?php
-}
-?>
+</form>
+<!-- END: Action area -->
 
 <!-- START: Info area -->
 <div id="info">
-<?php print $_LANG["total_used_space"]; ?>: <?php print $this->spaceUsed; ?> MB | <?php print $_LANG["free_space"]; ?>: <?php print $this->spaceLeft; ?> MB | <a href="http://encode-explorer.siineiolekala.net">encode explorer</a>
+<?php
+if($_CONFIG['status_enable'] == 1)
+{
+?>
+<?php print $_LANG["total_used_space"]; ?>: <?php print $this->spaceUsed; ?> MB | <?php print $_LANG["free_space"]; ?>: <?php print $this->spaceLeft; ?> MB | 
+<?php
+}
+?>
+<a href="http://encode-explorer.siineiolekala.net">encode explorer</a>
 </div>
 <!-- END: Info area -->
 <!-- Encode Explorer v5.0 -->
@@ -1419,6 +1793,32 @@
 $imageServer = new ImageServer();
 if(!$imageServer->showImage())
 {
+	// check if dynamic configuration is active
+	if($_CONFIG['enable_dynamic_config'] == 1)
+	{
+		foreach(array_keys($_CONFIG) as $key)
+		{
+			if(strlen($_SERVER['EEXPLORER_' . $key]) > 0)
+			{
+				// overwrite static with dynamic configuration
+				if($key == 'notify_addresses' || $key == 'hidden_files' || $key == 'hidden_dirs')
+				{
+					// clear array, removing old data
+					$_CONFIG[$key] = array();
+
+					foreach(explode(' ',$_SERVER['EEXPLORER_' . $key]) as $data)
+					{
+						array_push($_CONFIG[$key],$data);
+					}
+				}
+				else
+				{
+					$_CONFIG[$key] = $_SERVER['EEXPLORER_' . $key];
+				}
+			}
+		}
+	}
+
 	$_LANG = $_TRANSLATIONS[$_CONFIG['lang']];
 	$location = new Location();
 	$location->init();
@@ -1427,4 +1827,4 @@
 	$encodeExplorer = new Encode_Explorer();
 	$encodeExplorer->run($location);
 }
-?>
\ No newline at end of file
+?>
